Inside
Org.BouncyCastle.Crypto.Modes.GcmBlockCipher
I see:
private byte[] GetNextCounterBlock()
{
for (int i = 15; i >= 12; --i)
{
if (++_counter[i] != 0) break;
}
var tmp = new byte[BlockSize];
// TODO Sure would be nice if ciphers could operate on int[]
_cipher.ProcessBlock(_counter, 0, tmp, 0);
return tmp;
}
Questions:
1. Why do we only increment the top 4 bytes and not the entire block (...
;i>=0;...)? The early break maintains the performance of doing minimum work
as needed. Granted this hard coded limit is very very high at 2^(32+128)
bytes (32 for 4 bytes and 128 for the block size) but the hard coding just
stood out.
2. Why do we increment the top bytes and not the bottom bytes? I presume
increment should operate on the LSBs. Unless the byte order is flipped ...
Thanks
Sid
