Skip to content

Commit

Permalink
Allow using "null" for "msg" and "ad"
Browse files Browse the repository at this point in the history
  • Loading branch information
jedisct1 committed Mar 14, 2024
1 parent d8e5ebe commit 9999aa9
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 72 deletions.
76 changes: 41 additions & 35 deletions src/main/java/com/github/cfrg/aegis/Aegis128L.java
Original file line number Diff line number Diff line change
Expand Up @@ -83,36 +83,40 @@ public Aegis128L(final byte key[], final byte nonce[], final int tag_length) thr
public AuthenticatedCiphertext encryptDetached(final byte msg[], final byte ad[]) {
var ciphertext = new byte[msg.length];
var i = 0;
for (; i + 32 <= ad.length; i += 32) {
this.absorb(Arrays.copyOfRange(ad, i, i + 32));
}
if (ad.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 32; j++) {
pad[i] = ad[i + j];
if (ad != null) {
for (; i + 32 <= ad.length; i += 32) {
this.absorb(Arrays.copyOfRange(ad, i, i + 32));
}
this.absorb(pad);
}
i = 0;
for (; i + 32 <= msg.length; i += 32) {
var ci = this.enc(Arrays.copyOfRange(msg, i, i + 32));
for (var j = 0; j < 32; j++) {
ciphertext[i + j] = ci[j];
if (ad.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 32; j++) {
pad[i] = ad[i + j];
}
this.absorb(pad);
}
}
if (msg.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < msg.length % 32; j++) {
pad[j] = msg[i + j];
if (msg != null) {
i = 0;
for (; i + 32 <= msg.length; i += 32) {
var ci = this.enc(Arrays.copyOfRange(msg, i, i + 32));
for (var j = 0; j < 32; j++) {
ciphertext[i + j] = ci[j];
}
}
var ci = this.enc(pad);
for (var j = 0; j < msg.length % 32; j++) {
ciphertext[i + j] = ci[j];
if (msg.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < msg.length % 32; j++) {
pad[j] = msg[i + j];
}
var ci = this.enc(pad);
for (var j = 0; j < msg.length % 32; j++) {
ciphertext[i + j] = ci[j];
}
}
}
final var tag = this.finalize(ad.length, msg.length);
final var tag = this.finalize(ad == null ? 0 : ad.length, msg == null ? 0 : msg.length);

return new AuthenticatedCiphertext(ciphertext, tag);
}
Expand Down Expand Up @@ -146,19 +150,21 @@ public byte[] encrypt(final byte msg[], final byte ad[]) {
*/
public byte[] decryptDetached(final AuthenticatedCiphertext ac, final byte ad[])
throws VerificationFailedException {
var msg = new byte[ac.ct.length];
var i = 0;
for (; i + 32 <= ad.length; i += 32) {
this.absorb(Arrays.copyOfRange(ad, i, i + 32));
}
if (ad.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 32; j++) {
pad[i] = ad[i + j];
if (ad != null) {
for (; i + 32 <= ad.length; i += 32) {
this.absorb(Arrays.copyOfRange(ad, i, i + 32));
}
if (ad.length % 32 != 0) {
var pad = new byte[32];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 32; j++) {
pad[i] = ad[i + j];
}
this.absorb(pad);
}
this.absorb(pad);
}
var msg = new byte[ac.ct.length];
i = 0;
for (; i + 32 <= ac.ct.length; i += 32) {
var xi = this.dec(Arrays.copyOfRange(ac.ct, i, i + 32));
Expand All @@ -172,7 +178,7 @@ public byte[] decryptDetached(final AuthenticatedCiphertext ac, final byte ad[])
msg[i + j] = xi[j];
}
}
final var tag = this.finalize(ad.length, msg.length);
final var tag = this.finalize(ad == null ? 0 : ad.length, msg == null ? 0 : msg.length);
var dt = (byte) 0;
for (var j = 0; j < tag.length; j++) {
dt |= tag[j] ^ ac.tag[j];
Expand Down
76 changes: 41 additions & 35 deletions src/main/java/com/github/cfrg/aegis/Aegis256.java
Original file line number Diff line number Diff line change
Expand Up @@ -80,36 +80,40 @@ public Aegis256(final byte key[], final byte nonce[], final int tag_length) thro
public AuthenticatedCiphertext encryptDetached(final byte msg[], final byte ad[]) {
var ciphertext = new byte[msg.length];
var i = 0;
for (; i + 16 <= ad.length; i += 16) {
this.absorb(Arrays.copyOfRange(ad, i, i + 16));
}
if (ad.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 16; j++) {
pad[i] = ad[i + j];
if (ad != null) {
for (; i + 16 <= ad.length; i += 16) {
this.absorb(Arrays.copyOfRange(ad, i, i + 16));
}
this.absorb(pad);
}
i = 0;
for (; i + 16 <= msg.length; i += 16) {
var ci = this.enc(Arrays.copyOfRange(msg, i, i + 16));
for (var j = 0; j < 16; j++) {
ciphertext[i + j] = ci[j];
if (ad.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 16; j++) {
pad[i] = ad[i + j];
}
this.absorb(pad);
}
}
if (msg.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < msg.length % 16; j++) {
pad[j] = msg[i + j];
if (msg != null) {
i = 0;
for (; i + 16 <= msg.length; i += 16) {
var ci = this.enc(Arrays.copyOfRange(msg, i, i + 16));
for (var j = 0; j < 16; j++) {
ciphertext[i + j] = ci[j];
}
}
var ci = this.enc(pad);
for (var j = 0; j < msg.length % 16; j++) {
ciphertext[i + j] = ci[j];
if (msg.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < msg.length % 16; j++) {
pad[j] = msg[i + j];
}
var ci = this.enc(pad);
for (var j = 0; j < msg.length % 16; j++) {
ciphertext[i + j] = ci[j];
}
}
}
final var tag = this.finalize(ad.length, msg.length);
final var tag = this.finalize(ad == null ? 0 : ad.length, msg == null ? 0 : msg.length);

return new AuthenticatedCiphertext(ciphertext, tag);
}
Expand All @@ -128,19 +132,21 @@ public byte[] encrypt(final byte msg[], final byte ad[]) {

public byte[] decryptDetached(final AuthenticatedCiphertext ac, final byte ad[])
throws VerificationFailedException {
var msg = new byte[ac.ct.length];
var i = 0;
for (; i + 16 <= ad.length; i += 16) {
this.absorb(Arrays.copyOfRange(ad, i, i + 16));
}
if (ad.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 16; j++) {
pad[i] = ad[i + j];
if (ad != null) {
for (; i + 16 <= ad.length; i += 16) {
this.absorb(Arrays.copyOfRange(ad, i, i + 16));
}
if (ad.length % 16 != 0) {
var pad = new byte[16];
Arrays.fill(pad, (byte) 0);
for (var j = 0; j < ad.length % 16; j++) {
pad[i] = ad[i + j];
}
this.absorb(pad);
}
this.absorb(pad);
}
var msg = new byte[ac.ct.length];
i = 0;
for (; i + 16 <= ac.ct.length; i += 16) {
var xi = this.dec(Arrays.copyOfRange(ac.ct, i, i + 16));
Expand All @@ -154,7 +160,7 @@ public byte[] decryptDetached(final AuthenticatedCiphertext ac, final byte ad[])
msg[i + j] = xi[j];
}
}
final var tag = this.finalize(ad.length, msg.length);
final var tag = this.finalize(ad == null ? 0 : ad.length, msg == null ? 0 : msg.length);
var dt = (byte) 0;
for (var j = 0; j < tag.length; j++) {
dt |= tag[j] ^ ac.tag[j];
Expand Down
2 changes: 0 additions & 2 deletions src/test/java/TestAegis128L.java
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertArrayEquals;

import java.util.Arrays;

import com.github.cfrg.aegis.Aegis128L;
import com.github.cfrg.aegis.VerificationFailedException;

Expand Down

0 comments on commit 9999aa9

Please sign in to comment.