From 554a46d8d1470beacb32c14d6d6c74e9248684b8 Mon Sep 17 00:00:00 2001
From: David Hook <dgh@cryptoworkshop.com>
Date: Wed, 18 Jun 2014 19:12:31 +1000
Subject: fixed CMacWithIV class (sigh...)

---
 .../java/org/bouncycastle/crypto/macs/CMac.java    | 17 +++++++-
 .../org/bouncycastle/crypto/macs/CMacWithIV.java   | 22 -----------
 .../org/bouncycastle/crypto/test/CMacTest.java     | 45 +++++++++++++++++++++-
 3 files changed, 59 insertions(+), 25 deletions(-)

diff --git a/core/src/main/java/org/bouncycastle/crypto/macs/CMac.java b/core/src/main/java/org/bouncycastle/crypto/macs/CMac.java
index e4b2d7f3..3db85e38 100644
--- a/core/src/main/java/org/bouncycastle/crypto/macs/CMac.java
+++ b/core/src/main/java/org/bouncycastle/crypto/macs/CMac.java
@@ -145,8 +145,21 @@ public class CMac implements Mac
         }
         else if (params != null)
         {
-            // CMAC mode does not permit IV to underlying CBC mode
-            throw new IllegalArgumentException("CMac mode only permits key to be set.");
+            if (this instanceof CMacWithIV)
+            {
+                cipher.init(true, params);
+
+                //initializes the L, Lu, Lu2 numbers
+                L = new byte[ZEROES.length];
+                cipher.processBlock(ZEROES, 0, L, 0);
+                Lu = doubleLu(L);
+                Lu2 = doubleLu(Lu);
+            }
+            else
+            {
+                // CMAC mode does not permit IV to underlying CBC mode
+                throw new IllegalArgumentException("CMac mode only permits key to be set.");
+            }
         }
 
         reset();
diff --git a/core/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java b/core/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java
index 8361eea0..19a8521a 100644
--- a/core/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java
+++ b/core/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java
@@ -1,8 +1,6 @@
 package org.bouncycastle.crypto.macs;
 
 import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ParametersWithIV;
 
 /**
  * A non-NIST variant which allows passing of an IV to the underlying CBC cipher.
@@ -11,33 +9,13 @@ import org.bouncycastle.crypto.params.ParametersWithIV;
 public class CMacWithIV
     extends CMac
 {
-    private BlockCipher cipher;
-
     public CMacWithIV(BlockCipher cipher)
     {
         super(cipher);
-        this.cipher = cipher;
     }
 
     public CMacWithIV(BlockCipher cipher, int macSizeInBits)
     {
         super(cipher, macSizeInBits);
-        this.cipher = cipher;
-    }
-
-    public void init(CipherParameters params)
-    {
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV pWithIV = (ParametersWithIV)params;
-
-            super.init(pWithIV.getParameters());
-
-            cipher.init(true, params);
-        }
-        else
-        {
-            super.init(params);
-        }
     }
 }
diff --git a/core/src/test/java/org/bouncycastle/crypto/test/CMacTest.java b/core/src/test/java/org/bouncycastle/crypto/test/CMacTest.java
index d1241e2c..5db0779d 100644
--- a/core/src/test/java/org/bouncycastle/crypto/test/CMacTest.java
+++ b/core/src/test/java/org/bouncycastle/crypto/test/CMacTest.java
@@ -5,6 +5,7 @@ import org.bouncycastle.crypto.Mac;
 import org.bouncycastle.crypto.engines.AESEngine;
 import org.bouncycastle.crypto.engines.AESFastEngine;
 import org.bouncycastle.crypto.macs.CMac;
+import org.bouncycastle.crypto.macs.CMacWithIV;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.util.encoders.Hex;
@@ -250,7 +251,49 @@ public class CMacTest
             fail("Failed - expected " + new String(Hex.encode(output_k256_m64))
                 + " got " + new String(Hex.encode(out)));
         }
-        
+
+        // CMAC with IV
+        // 16 bytes message - 256 bytes key
+        mac = new CMacWithIV(new AESFastEngine());
+
+        mac.init(key);
+
+        mac.update(input16, 0, input16.length);
+
+        out = new byte[16];
+
+        mac.doFinal(out, 0);
+
+        if (!areEqual(out, output_k256_m16))
+        {
+            fail("Failed - expected " + new String(Hex.encode(output_k256_m16))
+                + " got " + new String(Hex.encode(out)));
+        }
+
+                // CMAC with IV
+        // 16 bytes message - 256 bytes key
+        mac = new CMacWithIV(new AESFastEngine());
+
+        mac.init(new ParametersWithIV(key, Hex.decode("000102030405060708090a0b0c0d0e0f")));
+
+        mac.update(input16, 0, input16.length);
+
+        out = new byte[16];
+
+        mac.doFinal(out, 0);
+
+        if (areEqual(out, output_k256_m16))
+        {
+            fail("Failed - expected " + new String(Hex.encode(output_k256_m16))
+                + " got " + new String(Hex.encode(out)));
+        }
+
+        if (!areEqual(out, Hex.decode("9347a60c64061b9ff2a92522ca8e08fc")))
+        {
+            fail("Failed - expected " + "9347a60c64061b9ff2a92522ca8e08fc"
+                + " got " + new String(Hex.encode(out)));
+        }
+
         testExceptions();
     }
 
-- 
cgit v1.2.3