Add tests on AEADParameters

gefeili · gefeili · commit b6111f5fa8c7 · 2025-01-06T15:31:29.000+10:30
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/AEADBaseEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/AEADBaseEngine.java
@@ -41,10 +41,15 @@ public byte[] getMac()
         return mac;
     }
 
+    public void reset()
+    {
+        reset(true);
+    }
+
     public int processByte(byte in, byte[] out, int outOff)
         throws DataLengthException
     {
-        return processBytes(new byte[]{ in }, 0, 1, out, outOff);
+        return processBytes(new byte[]{in}, 0, 1, out, outOff);
     }
 
     protected byte[][] initialize(boolean forEncryption, CipherParameters params)
@@ -98,4 +103,16 @@ else if (params instanceof ParametersWithIV)
             this.getAlgorithmName(), 128, params, Utils.getPurpose(forEncryption)));
         return new byte[][]{k, npub};
     }
+
+    protected void reset(boolean clearMac)
+    {
+        if (clearMac)
+        {
+            mac = null;
+        }
+        if (initialAssociatedText != null)
+        {
+            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
+        }
+    }
 }
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/AsconBaseEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/AsconBaseEngine.java
@@ -423,17 +423,9 @@ public int getOutputSize(int len)
         }
     }
 
-    public void reset()
-    {
-        reset(true);
-    }
 
     protected void reset(boolean clearMac)
     {
-        if (clearMac)
-        {
-            mac = null;
-        }
         Arrays.clear(m_buf);
         m_bufPos = 0;
 
@@ -456,10 +448,7 @@ protected void reset(boolean clearMac)
             throw new IllegalStateException(getAlgorithmName() + " needs to be initialized");
         }
         ascon_aeadinit();
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
+        super.reset(clearMac);
     }
 
     public abstract String getAlgorithmVersion();
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/ElephantEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/ElephantEngine.java
@@ -445,12 +445,6 @@ public int getOutputSize(int len)
         return Math.max(0, len + inputOff - CRYPTO_ABYTES);
     }
 
-    @Override
-    public void reset()
-    {
-        reset(true);
-    }
-
     private int processAADBytes()
     {
         byte[] ad = aadData.toByteArray();
@@ -464,19 +458,16 @@ private int processAADBytes()
         return ad.length;
     }
 
-    private void reset(boolean clearMac)
+    protected void reset(boolean clearMac)
     {
-        if (clearMac)
-        {
-            mac = null;
-        }
         aadData.reset();
         Arrays.fill(tag_buffer, (byte)0);
         Arrays.fill(previous_outputMessage, (byte)0);
         inputOff = 0;
         nb_its = 0;
         adOff = -1;
         messageLen = 0;
+        super.reset(clearMac);
     }
 
     public int getBlockSize()
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/Grain128AEADEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/Grain128AEADEngine.java
@@ -265,22 +265,14 @@ public int processBytes(byte[] input, int inOff, int len, byte[] output, int out
         return len;
     }
 
-    public void reset()
+    protected void reset(boolean clearMac)
     {
-        reset(true);
-    }
-
-    private void reset(boolean clearMac)
-    {
-        if (clearMac)
-        {
-            this.mac = null;
-        }
         this.aadData.reset();
         this.aadFinished = false;
 
         setKey(workingKey, workingIV);
         initGrain();
+        super.reset(clearMac);
     }
 
     private void getKeyStream(byte[] input, int inOff, int len, byte[] ciphertext, int outOff)
@@ -297,19 +289,24 @@ private void getKeyStream(byte[] input, int inOff, int len, byte[] ciphertext, i
                 int input_i_j = (input_i >> j) & 1;
                 cc |= (input_i_j ^ output) << j;
 
-                int mask = -input_i_j;
-                authAcc[0] ^= authSr[0] & mask;
-                authAcc[1] ^= authSr[1] & mask;
-
-                authShift(getOutput());
-                nfsr = shift(nfsr, (getOutputNFSR() ^ lfsr[0]) & 1);
-                lfsr = shift(lfsr, (getOutputLFSR()) & 1);
+                updateInternalState(input_i_j);
             }
             ciphertext[outOff + i] = cc;
         }
 
     }
 
+    private void updateInternalState(int input_i_j)
+    {
+        int mask = -input_i_j;
+        authAcc[0] ^= authSr[0] & mask;
+        authAcc[1] ^= authSr[1] & mask;
+
+        authShift(getOutput());
+        nfsr = shift(nfsr, (getOutputNFSR() ^ lfsr[0]) & 1);
+        lfsr = shift(lfsr, (getOutputLFSR()) & 1);
+    }
+
     public void processAADByte(byte in)
     {
         if (aadFinished)
@@ -367,13 +364,7 @@ private void doProcessAADBytes(byte[] input, int len)
 
                 int ader_i_j = (ader_i >> j) & 1;
 
-                int mask = -ader_i_j;
-                authAcc[0] ^= authSr[0] & mask;
-                authAcc[1] ^= authSr[1] & mask;
-
-                authShift(getOutput());
-                nfsr = shift(nfsr, (getOutputNFSR() ^ lfsr[0]) & 1);
-                lfsr = shift(lfsr, (getOutputLFSR()) & 1);
+                updateInternalState(ader_i_j);
             }
         }
     }
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/ISAPEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/ISAPEngine.java
@@ -31,6 +31,7 @@ public ISAPEngine(IsapType isapType)
     {
         CRYPTO_KEYBYTES = 16;
         CRYPTO_NPUBBYTES = 16;
+        CRYPTO_ABYTES = 16;
         switch (isapType)
         {
         case ISAP_A_128A:
@@ -905,8 +906,7 @@ public int getOutputSize(int len)
         return Math.max(0, len + message.size() + (forEncryption ? 16 : -16));
     }
 
-    @Override
-    public void reset()
+    protected void reset(boolean clearMac)
     {
         if (!initialised)
         {
@@ -916,6 +916,7 @@ public void reset()
         ISAPAEAD.reset();
         message.reset();
         outputStream.reset();
+        super.reset(clearMac);
     }
 
     public int getBlockSize()
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java
@@ -239,17 +239,14 @@ public void reset()
         reset(true);
     }
 
-    private void reset(boolean clearMac)
+    protected void reset(boolean clearMac)
     {
-        if (clearMac)
-        {
-            mac = null;
-        }
         input_empty = true;
         aadData.reset();
         message.reset();
         System.arraycopy(K, 0, state, 0, K.length);
         System.arraycopy(N, 0, state, K.length, N.length);
+        super.reset(clearMac);
     }
 
     private void PHOTON_Permutation()
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/SparkleEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/SparkleEngine.java
@@ -440,11 +440,6 @@ public int getOutputSize(int len)
         }
     }
 
-    public void reset()
-    {
-        reset(true);
-    }
-
     private void checkAAD()
     {
         switch (m_state)
@@ -624,13 +619,8 @@ private void processFinalAAD()
         sparkle_opt(state, SPARKLE_STEPS_BIG);
     }
 
-    private void reset(boolean clearMac)
+    protected void reset(boolean clearMac)
     {
-        if (clearMac)
-        {
-            mac = null;
-        }
-
         Arrays.clear(m_buf);
         m_bufPos = 0;
         encrypted = false;
@@ -663,10 +653,7 @@ private void reset(boolean clearMac)
 
         sparkle_opt(state, SPARKLE_STEPS_BIG);
 
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
+        super.reset(clearMac);
     }
 
     private static int ELL(int x)
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/XoodyakEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/XoodyakEngine.java
@@ -238,12 +238,8 @@ public void reset()
         reset(true);
     }
 
-    private void reset(boolean clearMac)
+    protected void reset(boolean clearMac)
     {
-        if (clearMac)
-        {
-            mac = null;
-        }
         Arrays.fill(state, (byte)0);
         aadFinished = false;
         encrypted = false;
@@ -260,6 +256,7 @@ private void reset(boolean clearMac)
         System.arraycopy(iv, 0, KID, KLen, IDLen);
         KID[KLen + IDLen] = (byte)IDLen;
         AbsorbAny(KID, 0, KLen + IDLen + 1, Rabsorb, 0x02);
+        super.reset(clearMac);
     }
 
     private void AbsorbAny(byte[] X, int Xoff, int XLen, int r, int Cd)
diff --git a/core/src/main/java/org/bouncycastle/util/test/SimpleTest.java b/core/src/main/java/org/bouncycastle/util/test/SimpleTest.java
@@ -273,7 +273,7 @@ void operation()
             throws Exception;
     }
 
-    protected Exception testException(String failMessage, String exceptionClass, TestExceptionOperation operation)
+    public Exception testException(String failMessage, String exceptionClass, TestExceptionOperation operation)
     {
         try
         {
@@ -286,7 +286,7 @@ protected Exception testException(String failMessage, String exceptionClass, Tes
             {
                 isTrue(e.getMessage(), e.getMessage().indexOf(failMessage) >= 0);
             }
-            isTrue(e.getClass().getName().indexOf(exceptionClass) >= 0);
+            isTrue(e.getMessage(),e.getClass().getName().indexOf(exceptionClass) >= 0);
             return e;
         }
         return null;
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/AsconTest.java b/core/src/test/java/org/bouncycastle/crypto/test/AsconTest.java
@@ -91,6 +91,11 @@ public void performTest()
         testVectorsXof_AsconXof();
         testVectorsXof_AsconXofA();
 
+        CipherTest.checkAEADParemeter(this, 16,16, 16, 16, new AsconAEAD128());
+        CipherTest.checkAEADParemeter(this, 16,16, 16, 16, new AsconEngine(AsconEngine.AsconParameters.ascon128));
+        CipherTest.checkAEADParemeter(this, 16,16, 16, 16, new AsconEngine(AsconEngine.AsconParameters.ascon128a));
+        CipherTest.checkAEADParemeter(this, 20,16, 16, 16, new AsconEngine(AsconEngine.AsconParameters.ascon80pq));
+
         CipherTest.checkCipher(32, 16, 100, 128, new CipherTest.Instance()
         {
             @Override
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/CipherTest.java b/core/src/test/java/org/bouncycastle/crypto/test/CipherTest.java
@@ -8,12 +8,14 @@
 import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.KeyGenerationParameters;
 import org.bouncycastle.crypto.modes.AEADCipher;
+import org.bouncycastle.crypto.params.AEADParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.test.SimpleTest;
 import org.bouncycastle.util.test.SimpleTestResult;
 import org.bouncycastle.util.test.TestFailedException;
+import org.junit.Assert;
 
 public abstract class CipherTest
     extends SimpleTest
@@ -251,4 +253,45 @@ static void isEqualTo(
             throw new TestFailedException(SimpleTestResult.failed(parent, "no message"));
         }
     }
+
+    static void checkAEADParemeter(SimpleTest test, int keySize, int ivSize, final int macSize, int blockSize, final AEADCipher cipher)
+        throws Exception
+    {
+        final SecureRandom random = new SecureRandom();
+        final byte[] key = new byte[keySize];
+        final byte[] iv = new byte[ivSize];
+        int tmpLength = random.nextInt(blockSize - 1) + 1;
+        final byte[] plaintext = new byte[blockSize * 2 + tmpLength];
+        byte[] aad = new byte[random.nextInt(100)];
+        random.nextBytes(key);
+        random.nextBytes(iv);
+        random.nextBytes(plaintext);
+        //random.nextBytes(aad);
+        cipher.init(true, new ParametersWithIV(new KeyParameter(key), iv));
+        byte[] ciphertext1 = new byte[cipher.getOutputSize(plaintext.length)];
+        cipher.processAADBytes(aad, 0, aad.length);
+        int len = cipher.processBytes(plaintext, 0, plaintext.length, ciphertext1, 0);
+        len += cipher.doFinal(ciphertext1, len);
+        cipher.init(true, new AEADParameters(new KeyParameter(key), macSize * 8, iv, aad));
+        byte[] ciphertext2 = new byte[cipher.getOutputSize(plaintext.length)];
+        len = cipher.processBytes(plaintext, 0, plaintext.length, ciphertext2, 0);
+        len += cipher.doFinal(ciphertext2, len);
+        Assert.assertArrayEquals(ciphertext1, ciphertext2);
+
+        test.testException("Invalid value for MAC size: ", "IllegalArgumentException", new TestExceptionOperation()
+        {
+            @Override
+            public void operation()
+                throws Exception
+            {
+                int macSize2 = random.nextInt();
+                while (macSize2 == macSize * 8)
+                {
+                    macSize2 = random.nextInt();
+                }
+                cipher.init(true, new AEADParameters(new KeyParameter(key), macSize2, iv, null));
+            }
+        });
+
+    }
 }
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/ElephantTest.java b/core/src/test/java/org/bouncycastle/crypto/test/ElephantTest.java
@@ -10,7 +10,6 @@
 import org.bouncycastle.crypto.DataLengthException;
 import org.bouncycastle.crypto.engines.ElephantEngine;
 import org.bouncycastle.crypto.modes.AEADCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.test.TestResourceFinder;
@@ -28,6 +27,9 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADParemeter(this, 16, 12, 8, 20, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
+        CipherTest.checkAEADParemeter(this, 16, 12, 8, 22, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
+        CipherTest.checkAEADParemeter(this, 16, 12, 16, 25, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));
         CipherTest.checkAEADCipherOutputSize(this, 16, 12, 20, 8, new ElephantEngine(ElephantEngine.ElephantParameters.elephant160));
         CipherTest.checkAEADCipherOutputSize(this, 16, 12, 22, 8, new ElephantEngine(ElephantEngine.ElephantParameters.elephant176));
         CipherTest.checkAEADCipherOutputSize(this, 16, 12, 25, 16, new ElephantEngine(ElephantEngine.ElephantParameters.elephant200));
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/Grain128AEADTest.java b/core/src/test/java/org/bouncycastle/crypto/test/Grain128AEADTest.java
@@ -26,6 +26,7 @@ public String getName()
     public void performTest()
         throws Exception
     {
+        CipherTest.checkAEADParemeter(this, 16, 12, 8, 16, new Grain128AEADEngine());
         testVectors();
         testSplitUpdate();
         testExceptions();
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/ISAPTest.java b/core/src/test/java/org/bouncycastle/crypto/test/ISAPTest.java
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/PhotonBeetleTest.java b/core/src/test/java/org/bouncycastle/crypto/test/PhotonBeetleTest.java
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/SparkleTest.java b/core/src/test/java/org/bouncycastle/crypto/test/SparkleTest.java
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/XoodyakTest.java b/core/src/test/java/org/bouncycastle/crypto/test/XoodyakTest.java

Original file line number	Diff line number	Diff line change
`@@ -423,17 +423,9 @@ public int getOutputSize(int len)`
`423`	`423`	`}`
`424`	`424`	`}`
`425`	`425`
`426`		`- public void reset()`
`427`		`- {`
`428`		`- reset(true);`
`429`		`- }`
`430`	`426`
`431`	`427`	`protected void reset(boolean clearMac)`
`432`	`428`	`{`
`433`		`- if (clearMac)`
`434`		`- {`
`435`		`- mac = null;`
`436`		`- }`
`437`	`429`	`Arrays.clear(m_buf);`
`438`	`430`	`m_bufPos = 0;`
`439`	`431`
`@@ -456,10 +448,7 @@ protected void reset(boolean clearMac)`
`456`	`448`	`throw new IllegalStateException(getAlgorithmName() + " needs to be initialized");`
`457`	`449`	`}`
`458`	`450`	`ascon_aeadinit();`
`459`		`- if (initialAssociatedText != null)`
`460`		`- {`
`461`		`- processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);`
`462`		`- }`
	`451`	`+ super.reset(clearMac);`
`463`	`452`	`}`
`464`	`453`
`465`	`454`	`public abstract String getAlgorithmVersion();`
Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,7 @@ public ISAPEngine(IsapType isapType)`
`31`	`31`	`{`
`32`	`32`	`CRYPTO_KEYBYTES = 16;`
`33`	`33`	`CRYPTO_NPUBBYTES = 16;`
	`34`	`+ CRYPTO_ABYTES = 16;`
`34`	`35`	`switch (isapType)`
`35`	`36`	`{`
`36`	`37`	`case ISAP_A_128A:`
`@@ -905,8 +906,7 @@ public int getOutputSize(int len)`
`905`	`906`	`return Math.max(0, len + message.size() + (forEncryption ? 16 : -16));`
`906`	`907`	`}`
`907`	`908`
`908`		`- @Override`
`909`		`- public void reset()`
	`909`	`+ protected void reset(boolean clearMac)`
`910`	`910`	`{`
`911`	`911`	`if (!initialised)`
`912`	`912`	`{`
`@@ -916,6 +916,7 @@ public void reset()`
`916`	`916`	`ISAPAEAD.reset();`
`917`	`917`	`message.reset();`
`918`	`918`	`outputStream.reset();`
	`919`	`+ super.reset(clearMac);`
`919`	`920`	`}`
`920`	`921`
`921`	`922`	`public int getBlockSize()`
Original file line number	Diff line number	Diff line change
`@@ -239,17 +239,14 @@ public void reset()`
`239`	`239`	`reset(true);`
`240`	`240`	`}`
`241`	`241`
`242`		`- private void reset(boolean clearMac)`
	`242`	`+ protected void reset(boolean clearMac)`
`243`	`243`	`{`
`244`		`- if (clearMac)`
`245`		`- {`
`246`		`- mac = null;`
`247`		`- }`
`248`	`244`	`input_empty = true;`
`249`	`245`	`aadData.reset();`
`250`	`246`	`message.reset();`
`251`	`247`	`System.arraycopy(K, 0, state, 0, K.length);`
`252`	`248`	`System.arraycopy(N, 0, state, K.length, N.length);`
	`249`	`+ super.reset(clearMac);`
`253`	`250`	`}`
`254`	`251`
`255`	`252`	`private void PHOTON_Permutation()`
Original file line number	Diff line number	Diff line change
`@@ -440,11 +440,6 @@ public int getOutputSize(int len)`
`440`	`440`	`}`
`441`	`441`	`}`
`442`	`442`
`443`		`- public void reset()`
`444`		`- {`
`445`		`- reset(true);`
`446`		`- }`
`447`		`-`
`448`	`443`	`private void checkAAD()`
`449`	`444`	`{`
`450`	`445`	`switch (m_state)`
`@@ -624,13 +619,8 @@ private void processFinalAAD()`
`624`	`619`	`sparkle_opt(state, SPARKLE_STEPS_BIG);`
`625`	`620`	`}`
`626`	`621`
`627`		`- private void reset(boolean clearMac)`
	`622`	`+ protected void reset(boolean clearMac)`
`628`	`623`	`{`
`629`		`- if (clearMac)`
`630`		`- {`
`631`		`- mac = null;`
`632`		`- }`
`633`		`-`
`634`	`624`	`Arrays.clear(m_buf);`
`635`	`625`	`m_bufPos = 0;`
`636`	`626`	`encrypted = false;`
`@@ -663,10 +653,7 @@ private void reset(boolean clearMac)`
`663`	`653`
`664`	`654`	`sparkle_opt(state, SPARKLE_STEPS_BIG);`
`665`	`655`
`666`		`- if (initialAssociatedText != null)`
`667`		`- {`
`668`		`- processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);`
`669`		`- }`
	`656`	`+ super.reset(clearMac);`
`670`	`657`	`}`
`671`	`658`
`672`	`659`	`private static int ELL(int x)`
Original file line number	Diff line number	Diff line change
`@@ -238,12 +238,8 @@ public void reset()`
`238`	`238`	`reset(true);`
`239`	`239`	`}`
`240`	`240`
`241`		`- private void reset(boolean clearMac)`
	`241`	`+ protected void reset(boolean clearMac)`
`242`	`242`	`{`
`243`		`- if (clearMac)`
`244`		`- {`
`245`		`- mac = null;`
`246`		`- }`
`247`	`243`	`Arrays.fill(state, (byte)0);`
`248`	`244`	`aadFinished = false;`
`249`	`245`	`encrypted = false;`
`@@ -260,6 +256,7 @@ private void reset(boolean clearMac)`
`260`	`256`	`System.arraycopy(iv, 0, KID, KLen, IDLen);`
`261`	`257`	`KID[KLen + IDLen] = (byte)IDLen;`
`262`	`258`	`AbsorbAny(KID, 0, KLen + IDLen + 1, Rabsorb, 0x02);`
	`259`	`+ super.reset(clearMac);`
`263`	`260`	`}`
`264`	`261`
`265`	`262`	`private void AbsorbAny(byte[] X, int Xoff, int XLen, int r, int Cd)`
Original file line number	Diff line number	Diff line change
`@@ -273,7 +273,7 @@ void operation()`
`273`	`273`	`throws Exception;`
`274`	`274`	`}`
`275`	`275`
`276`		`- protected Exception testException(String failMessage, String exceptionClass, TestExceptionOperation operation)`
	`276`	`+ public Exception testException(String failMessage, String exceptionClass, TestExceptionOperation operation)`
`277`	`277`	`{`
`278`	`278`	`try`
`279`	`279`	`{`
`@@ -286,7 +286,7 @@ protected Exception testException(String failMessage, String exceptionClass, Tes`
`286`	`286`	`{`
`287`	`287`	`isTrue(e.getMessage(), e.getMessage().indexOf(failMessage) >= 0);`
`288`	`288`	`}`
`289`		`- isTrue(e.getClass().getName().indexOf(exceptionClass) >= 0);`
	`289`	`+ isTrue(e.getMessage(),e.getClass().getName().indexOf(exceptionClass) >= 0);`
`290`	`290`	`return e;`
`291`	`291`	`}`
`292`	`292`	`return null;`