public void performTest() { for (int i = 0; i < TEST_VECTORS.length; i++) { TestCase testCase = TEST_VECTORS[i]; Mac mac = new GMac(new GCMBlockCipher(new AESFastEngine()), testCase.getTag().length * 8); CipherParameters key = new KeyParameter(testCase.getKey()); mac.init(new ParametersWithIV(key, testCase.getIv())); testSingleByte(mac, testCase); testMultibyte(mac, testCase); } // Invalid mac size testInvalidMacSize(97); testInvalidMacSize(136); testInvalidMacSize(24); }
private void runTest(Case dc) { Mac digest = new SkeinMac(dc.getBlockSize(), dc.getOutputSize()); digest.init(new KeyParameter(dc.getKey())); byte[] message = dc.getMessage(); digest.update(message, 0, message.length); byte[] output = new byte[digest.getMacSize()]; digest.doFinal(output, 0); if (!Arrays.areEqual(output, dc.getDigest())) { fail(digest.getAlgorithmName() + " message " + (dc.getMessage().length * 8) + " mismatch.\n Message " + new String(Hex.encode(dc.getMessage())) + "\n Key " + new String(Hex.encode(dc.getKey())) + "\n Expected " + new String(Hex.encode(dc.getDigest())) + "\n Actual " + new String(Hex.encode(output))); } }
@Override public byte[] getMAC(byte[] data) { byte[] n = new byte[sscBytes.length + data.length]; System.arraycopy(sscBytes, 0, n, 0, sscBytes.length); System.arraycopy(data, 0, n, sscBytes.length, data.length); n = addPadding(n); BlockCipher cipher = new AESFastEngine(); Mac mac = new CMac(cipher, 64); mac.init(keyP); mac.update(n, 0, n.length); byte[] out = new byte[mac.getMacSize()]; mac.doFinal(out, 0); return out; }
private static void testMac(Mac mac, CipherParameters params, int rateFactor) { System.out.println("========================="); long total = testRun(mac, params, false, MEDIUM_MESSAGE, adjust(MEDIUM_MESSAGE_COUNT, rateFactor)); System.out.printf("%s Warmup 1 run time: %,d ms\n", mac.getAlgorithmName(), total / 1000000); total = testRun(mac, params, false, MEDIUM_MESSAGE, adjust(MEDIUM_MESSAGE_COUNT, rateFactor)); System.out.printf("%s Warmup 2 run time: %,d ms\n", mac.getAlgorithmName(), total / 1000000); System.gc(); try { Thread.sleep(1000); } catch (InterruptedException e) { } test("Short", mac, params, false, SHORT_MESSAGE, adjust(SHORT_MESSAGE_COUNT, rateFactor)); // test("Short", mac, params, true, SHORT_MESSAGE, adjust(SHORT_MESSAGE_COUNT, rateFactor)); test("Medium", mac, params, false, MEDIUM_MESSAGE, adjust(MEDIUM_MESSAGE_COUNT, rateFactor)); // test("Medium", mac, params, true, MEDIUM_MESSAGE, adjust(MEDIUM_MESSAGE_COUNT, // rateFactor)); test("Long", mac, params, false, LONG_MESSAGE, adjust(LONG_MESSAGE_COUNT, rateFactor)); // test("Long", mac, params, true, LONG_MESSAGE, adjust(LONG_MESSAGE_COUNT, rateFactor)); }
private static void test(String name, Mac mac, CipherParameters params, boolean initPerMessage, byte[] message, int adjustedCount) { System.out.println("========================="); long total = testRun(mac, params, initPerMessage, message, adjustedCount); long averageRuntime = total / adjustedCount; System.out.printf("%s %-7s%s Total run time: %,d ms\n", mac.getAlgorithmName(), name, initPerMessage ? "*" : " ", total / 1000000); System.out.printf("%s %-7s%s Average run time: %,d ns\n", mac.getAlgorithmName(), name, initPerMessage ? "*" : " ", averageRuntime); final long mbPerSecond = (long)((double)message.length / averageRuntime * 1000000000 / (1024 * 1024)); System.out.printf("%s %-7s%s Average speed: %,d MB/s\n", mac.getAlgorithmName(), name, initPerMessage ? "*" : " ", mbPerSecond); System.out.printf("%s %-7s%s Average speed: %,f c/b\n", mac.getAlgorithmName(), name, initPerMessage ? "*" : " ", CLOCK_SPEED / (double)(mbPerSecond * (1024 * 1024))); }
private static long testRun(Mac mac, CipherParameters params, boolean initPerMessage, byte[] message, int adjustedCount) { byte[] out = new byte[mac.getMacSize()]; if (!initPerMessage) { mac.init(params); } long start = System.nanoTime(); for (int i = 0; i < adjustedCount; i++) { if (initPerMessage) { mac.init(params); } mac.update(message, 0, message.length); mac.doFinal(out, 0); } long total = System.nanoTime() - start; return total; }
public void performTest() { for (int i = 0; i < TEST_VECTORS.length; i++) { TestCase testCase = TEST_VECTORS[i]; Mac mac = new GMac(new GCMBlockCipher(new AESFastEngine()), testCase.getTag().length * 8); CipherParameters key = new KeyParameter(testCase.getKey()); mac.init(new ParametersWithIV(key, testCase.getIv())); testSingleByte(mac, testCase); testMultibyte(mac, testCase); } // Invalid mac size testInvalidMacSize(97); testInvalidMacSize(136); testInvalidMacSize(88); testInvalidMacSize(64); }
public void receiveCAVPVectors(String name, Properties config, Properties vectors) { // create Mac based PRF from PRF property, create the KDF final Mac prf = CAVPReader.createPRF(config); final KDFDoublePipelineIterationBytesGenerator gen = new KDFDoublePipelineIterationBytesGenerator(prf); final int count = Integer.parseInt(vectors.getProperty("COUNT")); final int l = Integer.parseInt(vectors.getProperty("L")); final byte[] ki = Hex.decode(vectors.getProperty("KI")); final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData")); final KDFDoublePipelineIterationParameters params = KDFDoublePipelineIterationParameters.createWithoutCounter(ki, fixedInputData); gen.init(params); final byte[] koGenerated = new byte[l / 8]; gen.generateBytes(koGenerated, 0, koGenerated.length); final byte[] koVectors = Hex.decode(vectors.getProperty("KO")); compareKO(name, config, count, koGenerated, koVectors); }
public void receiveCAVPVectors(String name, Properties config, Properties vectors) { // create Mac based PRF from PRF property, create the KDF final Mac prf = CAVPReader.createPRF(config); final KDFFeedbackBytesGenerator gen = new KDFFeedbackBytesGenerator(prf); final int count = Integer.parseInt(vectors.getProperty("COUNT")); final int l = Integer.parseInt(vectors.getProperty("L")); final byte[] ki = Hex.decode(vectors.getProperty("KI")); final byte[] iv = Hex.decode(vectors.getProperty("IV")); final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData")); final KDFFeedbackParameters params = KDFFeedbackParameters.createWithoutCounter(ki, iv, fixedInputData); gen.init(params); final byte[] koGenerated = new byte[l / 8]; gen.generateBytes(koGenerated, 0, koGenerated.length); final byte[] koVectors = Hex.decode(vectors.getProperty("KO")); compareKO(name, config, count, koGenerated, koVectors); }
private void runTest(Case dc) { Mac digest = new SkeinMac(dc.getBlockSize(), dc.getOutputSize()); digest.init(new KeyParameter(dc.getKey())); byte[] message = dc.getMessage(); digest.update(message, 0, message.length); byte[] output = new byte[digest.getMacSize()]; digest.doFinal(output, 0); if (!MessageDigest.isEqual(output, dc.getDigest())) { fail(digest.getAlgorithmName() + " message " + (dc.getMessage().length * 8) + " mismatch.\n Message " + new String(Hex.encode(dc.getMessage())) + "\n Key " + new String(Hex.encode(dc.getKey())) + "\n Expected " + new String(Hex.encode(dc.getDigest())) + "\n Actual " + new String(Hex.encode(output))); } }
/** * AES [FIPS 197] SHALL be used in CMAC-mode [SP 800-38B] with a MAC length of 8 bytes. * * @param data the data to MAC * @param key the key to use * @return the 8 byte MAC of the data */ public static byte[] performCBC8(byte[] data, byte[] key) { // mac size in bits (64 bits = 8 bytes) final Mac cbc8 = new CMac(new AESEngine(), 64); CipherParameters params = new KeyParameter(key); cbc8.init(params); byte[] result = new byte[8]; cbc8.update(data, 0, data.length); cbc8.doFinal(result, 0); return result; }
/** * set up for use with stream mode, where the key derivation function * is used to provide a stream of bytes to xor with the message. * * @param agree the key agreement used as the basis for the encryption * @param kdf the key derivation function used for byte generation * @param mac the message authentication code generator for the message */ public IESEngine( BasicAgreement agree, DerivationFunction kdf, Mac mac) { this.agree = agree; this.kdf = kdf; this.mac = mac; this.macBuf = new byte[mac.getMacSize()]; this.cipher = null; }
/** * set up for use in conjunction with a block cipher to handle the * message. * * @param agree the key agreement used as the basis for the encryption * @param kdf the key derivation function used for byte generation * @param mac the message authentication code generator for the message * @param cipher the cipher to used for encrypting the message */ public IESEngine( BasicAgreement agree, DerivationFunction kdf, Mac mac, BufferedBlockCipher cipher) { this.agree = agree; this.kdf = kdf; this.mac = mac; this.macBuf = new byte[mac.getMacSize()]; this.cipher = cipher; }
public HMacDRBGProvider(Mac hMac, byte[] nonce, byte[] personalizationString, int securityStrength) { this.hMac = hMac; this.nonce = nonce; this.personalizationString = personalizationString; this.securityStrength = securityStrength; }
/** * Construct a SP800-90A Hash DRBG. * <p> * Minimum entropy requirement is the security strength requested. * </p> * @param hMac Hash MAC to base the DRBG on. * @param securityStrength security strength required (in bits) * @param entropySource source of entropy to use for seeding/reseeding. * @param personalizationString personalization string to distinguish this DRBG (may be null). * @param nonce nonce to further distinguish this DRBG (may be null). */ public HMacSP800DRBG(Mac hMac, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce) { if (securityStrength > Utils.getMaxSecurityStrength(hMac)) { throw new IllegalArgumentException("Requested security strength is not supported by the derivation function"); } if (entropySource.entropySize() < securityStrength) { throw new IllegalArgumentException("Not enough entropy for security strength required"); } _entropySource = entropySource; _hMac = hMac; byte[] entropy = entropySource.getEntropy(); byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString); _K = new byte[hMac.getMacSize()]; _V = new byte[_K.length]; Arrays.fill(_V, (byte)1); hmac_DRBG_Update(seedMaterial); _reseedCounter = 1; }
public MacInputStream( InputStream stream, Mac mac) { super(stream); this.mac = mac; }
protected BaseMac( Mac macEngine, int pbeType, int pbeHash, int keySize) { this.macEngine = macEngine; this.pbeType = pbeType; this.pbeHash = pbeHash; this.keySize = keySize; }
protected byte[] calculateRecordMAC(KeyParameter macKey, byte[] additionalData, byte[] buf, int off, int len) { Mac mac = new Poly1305(); mac.init(macKey); updateRecordMAC(mac, additionalData, 0, additionalData.length); updateRecordMAC(mac, buf, off, len); byte[] output = new byte[mac.getMacSize()]; mac.doFinal(output, 0); return output; }
protected void updateRecordMAC(Mac mac, byte[] buf, int off, int len) { mac.update(buf, off, len); byte[] longLen = Pack.longToLittleEndian(len & 0xFFFFFFFFL); mac.update(longLen, 0, longLen.length); }
/** * Construct a SP800-90A Hash DRBG. * <p> * Minimum entropy requirement is the security strength requested. * </p> * @param hMac Hash MAC to base the DRBG on. * @param securityStrength security strength required (in bits) * @param entropySource source of entropy to use for seeding/reseeding. * @param personalizationString personalization string to distinguish this DRBG (may be null). * @param nonce nonce to further distinguish this DRBG (may be null). */ public HMacSP800DRBG(Mac hMac, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce) { if (securityStrength > Utils.getMaxSecurityStrength(hMac)) { throw new IllegalArgumentException("Requested security strength is not supported by the derivation function"); } if (entropySource.entropySize() < securityStrength) { throw new IllegalArgumentException("Not enough entropy for security strength required"); } _securityStrength = securityStrength; _entropySource = entropySource; _hMac = hMac; byte[] entropy = getEntropy(); byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString); _K = new byte[hMac.getMacSize()]; _V = new byte[_K.length]; Arrays.fill(_V, (byte)1); hmac_DRBG_Update(seedMaterial); _reseedCounter = 1; }
public KDFDoublePipelineIterationBytesGenerator(Mac prf) { this.prf = prf; this.h = prf.getMacSize(); this.a = new byte[h]; this.k = new byte[h]; }
private void testSingleByte(Mac mac, TestCase testCase) { final byte[] ad = testCase.getAd(); for (int i = 0; i < ad.length; i++) { mac.update(ad[i]); } checkMac(mac, testCase); }
private void checkMac(Mac mac, TestCase testCase) { final byte[] generatedMac = new byte[mac.getMacSize()]; mac.doFinal(generatedMac, 0); if (!areEqual(testCase.getTag(), generatedMac)) { fail("Failed " + testCase.getName() + " - expected " + new String(Hex.encode(testCase.getTag())) + " got " + new String(Hex.encode(generatedMac))); } }
@Override protected Mac getMac(String mode) { if (!currentMode.equals(mode) || mac == null) { BlockCipher engine = BlockCiphers.getBlockCipherEngine(mode); mac = new CMacWithIV(engine); currentMode = mode; } return mac; }
@Override protected Mac getMac(String mode) { if (!currentMode.equals(mode) || mac == null) { Digest dig = Digesters.getDigester(mode); mac = new org.bouncycastle.crypto.macs.HMac(dig); currentMode = mode; } return mac; }
@Override protected Mac getMac(String mode) { if (!currentMode.equals(mode) || mac == null) { BlockCipher engine = BlockCiphers.getBlockCipherEngine(mode); mac = new org.bouncycastle.crypto.macs.GMac(new GCMBlockCipher(engine)); currentMode = mode; } return mac; }
