diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-02 10:01:13 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-02 10:01:13 +0400 |
| commit | 05229802fc899f3dd4266c81b29497da5c201083 (patch) | |
| tree | a4727e35294b2d91160ab7a9d4eb91e66bf59b82 /core/src/main/java/org/bouncycastle/crypto | |
| parent | 73fecb98eace7c09028830add53c05ea57d1c42e (diff) | |
Final work for OCB mode
- Change javadoc to reflect draft has become RFC 7253
- Implement key reuse
- Add randomized tests and key reuse tests
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto')
| -rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java b/core/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java index b942fbfb..86263914 100644 --- a/core/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java +++ b/core/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java @@ -13,9 +13,8 @@ import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.util.Arrays; /** - * An implementation of the "work in progress" Internet-Draft <a - * href="http://tools.ietf.org/html/draft-irtf-cfrg-ocb-07">The OCB Authenticated-Encryption - * Algorithm</a>, licensed per: + * An implementation of <a href="http://tools.ietf.org/html/rfc7253">RFC 7253 on The OCB + * Authenticated-Encryption Algorithm</a>, licensed per: * <p> * <blockquote> <a href="http://www.cs.ucdavis.edu/~rogaway/ocb/license1.pdf">License for * Open-Source Software Implementations of OCB</a> (Jan 9, 2013) — “License 1” <br> @@ -113,6 +112,7 @@ public class OCBBlockCipher public void init(boolean forEncryption, CipherParameters parameters) throws IllegalArgumentException { + boolean oldForEncryption = this.forEncryption; this.forEncryption = forEncryption; this.macBlock = null; @@ -166,19 +166,18 @@ public class OCBBlockCipher * KEY-DEPENDENT INITIALISATION */ - if (keyParameter == null) + if (keyParameter != null) { - // TODO If 'keyParameter' is null we're re-using the last key. + // hashCipher always used in forward mode + hashCipher.init(true, keyParameter); + mainCipher.init(forEncryption, keyParameter); + KtopInput = null; } - else + else if (oldForEncryption != forEncryption) { - KtopInput = null; + throw new IllegalArgumentException("cannot change encrypting state without providing key."); } - // hashCipher always used in forward mode - hashCipher.init(true, keyParameter); - mainCipher.init(forEncryption, keyParameter); - this.L_Asterisk = new byte[16]; hashCipher.processBlock(L_Asterisk, 0, L_Asterisk, 0); @@ -571,7 +570,7 @@ public class OCBBlockCipher while ((x & 1L) == 0L) { ++n; - x >>= 1; + x >>>= 1; } return n; } |