Java tutorial
package org.bouncycastle.crypto.modes; import org.bouncycastle.crypto.BlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; import org.bouncycastle.crypto.SkippingStreamCipher; import org.bouncycastle.crypto.StreamBlockCipher; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.util.Arrays; import org.bouncycastle.util.Pack; /** * Implements the Segmented Integer Counter (SIC) mode on top of a simple * block cipher. This mode is also known as CTR mode. */ public class SICBlockCipher extends StreamBlockCipher implements SkippingStreamCipher { private final BlockCipher cipher; private final int blockSize; private byte[] IV; private byte[] counter; private byte[] counterOut; private int byteCount; /** * Basic constructor. * * @param c the block cipher to be used. */ public SICBlockCipher(BlockCipher c) { super(c); this.cipher = c; this.blockSize = cipher.getBlockSize(); this.IV = new byte[blockSize]; this.counter = new byte[blockSize]; this.counterOut = new byte[blockSize]; this.byteCount = 0; } public void init(boolean forEncryption, //ignored by this CTR mode CipherParameters params) throws IllegalArgumentException { if (params instanceof ParametersWithIV) { ParametersWithIV ivParam = (ParametersWithIV) params; this.IV = Arrays.clone(ivParam.getIV()); if (blockSize < IV.length) { throw new IllegalArgumentException( "CTR/SIC mode requires IV no greater than: " + blockSize + " bytes."); } int maxCounterSize = (8 > blockSize / 2) ? blockSize / 2 : 8; if (blockSize - IV.length > maxCounterSize) { throw new IllegalArgumentException( "CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes."); } // if null it's an IV changed only. if (ivParam.getParameters() != null) { cipher.init(true, ivParam.getParameters()); } reset(); } else { throw new IllegalArgumentException("CTR/SIC mode requires ParametersWithIV"); } } public String getAlgorithmName() { return cipher.getAlgorithmName() + "/SIC"; } public int getBlockSize() { return cipher.getBlockSize(); } public int processBlock(byte[] in, int inOff, byte[] out, int outOff) throws DataLengthException, IllegalStateException { processBytes(in, inOff, blockSize, out, outOff); return blockSize; } protected byte calculateByte(byte in) throws DataLengthException, IllegalStateException { if (byteCount == 0) { cipher.processBlock(counter, 0, counterOut, 0); return (byte) (counterOut[byteCount++] ^ in); } byte rv = (byte) (counterOut[byteCount++] ^ in); if (byteCount == counter.length) { byteCount = 0; incrementCounterAt(0); checkCounter(); } return rv; } private void checkCounter() { // if the IV is the same as the blocksize we assume the user knows what they are doing if (IV.length < blockSize) { for (int i = 0; i != IV.length; i++) { if (counter[i] != IV[i]) { throw new IllegalStateException("Counter in CTR/SIC mode out of range."); } } } } private void incrementCounterAt(int pos) { int i = counter.length - pos; while (--i >= 0) { if (++counter[i] != 0) { break; } } } private void incrementCounter(int offSet) { byte old = counter[counter.length - 1]; counter[counter.length - 1] += offSet; if (old != 0 && counter[counter.length - 1] < old) { incrementCounterAt(1); } } private void decrementCounterAt(int pos) { int i = counter.length - pos; while (--i >= 0) { if (--counter[i] != -1) { return; } } } private void adjustCounter(long n) { if (n >= 0) { long numBlocks = (n + byteCount) / blockSize; long rem = numBlocks; if (rem > 255) { for (int i = 5; i >= 1; i--) { long diff = 1L << (8 * i); while (rem >= diff) { incrementCounterAt(i); rem -= diff; } } } incrementCounter((int) rem); byteCount = (int) ((n + byteCount) - (blockSize * numBlocks)); } else { long numBlocks = (-n - byteCount) / blockSize; long rem = numBlocks; if (rem > 255) { for (int i = 5; i >= 1; i--) { long diff = 1L << (8 * i); while (rem > diff) { decrementCounterAt(i); rem -= diff; } } } for (long i = 0; i != rem; i++) { decrementCounterAt(0); } int gap = (int) (byteCount + n + (blockSize * numBlocks)); if (gap >= 0) { byteCount = 0; } else { decrementCounterAt(0); byteCount = blockSize + gap; } } } public void reset() { Arrays.fill(counter, (byte) 0); System.arraycopy(IV, 0, counter, 0, IV.length); cipher.reset(); this.byteCount = 0; } public long skip(long numberOfBytes) { adjustCounter(numberOfBytes); checkCounter(); cipher.processBlock(counter, 0, counterOut, 0); return numberOfBytes; } public long seekTo(long position) { reset(); return skip(position); } public long getPosition() { byte[] res = new byte[counter.length]; System.arraycopy(counter, 0, res, 0, res.length); for (int i = res.length - 1; i >= 1; i--) { int v; if (i < IV.length) { v = (res[i] & 0xff) - (IV[i] & 0xff); } else { v = (res[i] & 0xff); } if (v < 0) { res[i - 1]--; v += 256; } res[i] = (byte) v; } return Pack.bigEndianToLong(res, res.length - 8) * blockSize + byteCount; } }