}
ctx->actx = EVP_CIPHER_CTX_new();
if (ctx->actx == NULL) {
+ EVP_CIPHER_CTX_free(ctx->cctx);
OPENSSL_free(ctx);
return NULL;
}
/* Non-NULL key means initialisation is complete */
if (key) {
unsigned char acpkm_iv[EVP_MAX_BLOCK_LENGTH];
+ int block_size, key_len;
/* Initialize CTR for ACPKM-Master */
if (!EVP_CIPHER_CTX_cipher(ctx->actx))
return 0;
/* block size of ACPKM cipher could be 1, but,
* cbc cipher is same with correct block_size */
- const int block_size = EVP_CIPHER_CTX_block_size(ctx->cctx);
+ block_size = EVP_CIPHER_CTX_block_size(ctx->cctx);
/* Wide IV = 1^{n/2} || 0,
* where a^r denotes the string that consists of r 'a' bits */
memset(acpkm_iv, 0xff, block_size / 2);
if (!EVP_EncryptInit_ex(ctx->actx, NULL, NULL, key, acpkm_iv))
return 0;
/* EVP_CIPHER key_len may be different from EVP_CIPHER_CTX key_len */
- int key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx));
+ key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx));
/* Generate first key material (K^1 || K^1_1) */
if (!EVP_Cipher(ctx->actx, ctx->km, zero_iv, key_len + block_size))
static int CMAC_ACPKM_Final(CMAC_ACPKM_CTX *ctx, unsigned char *out,
size_t *poutlen)
{
- int i, bl, lb;
+ int i, bl, lb, key_len;
+ unsigned char *k1, k2[EVP_MAX_BLOCK_LENGTH];
if (ctx->nlast_block == -1)
return 0;
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
if (!CMAC_ACPKM_Mesh(ctx))
return 0;
- int key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx));
+ key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx));
/* Keys k1 and k2 */
- unsigned char *k1 = ctx->km + key_len;
- unsigned char k2[EVP_MAX_BLOCK_LENGTH];
+ k1 = ctx->km + key_len;
make_kn(k2, ctx->km + key_len, bl);
/* Is last block complete? */
{
OMAC_ACPKM_CTX *c = EVP_MD_CTX_md_data(ctx);
if (!c->key_set) {
- GOSTerr(GOST_F_OMAC_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
return 0;
}
size_t mac_size = sizeof(mac);
if (!c->key_set) {
- GOSTerr(GOST_F_OMAC_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
return 0;
}
c->cmac_ctx = CMAC_ACPKM_CTX_new();
if (c->cmac_ctx == NULL) {
- GOSTerr(GOST_F_OMAC_KEY, ERR_R_MALLOC_FAILURE);
+ GOSTerr(GOST_F_OMAC_ACPKM_KEY, ERR_R_MALLOC_FAILURE);
return 0;
}
if (c->cipher_nid == NID_undef) {
switch (EVP_MD_nid(md)) {
case NID_grasshopper_mac:
+ case NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac:
c->cipher_nid = NID_grasshopper_cbc;
break;
}
}
cipher = EVP_get_cipherbynid(c->cipher_nid);
if (cipher == NULL) {
- GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_CIPHER_NOT_FOUND);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_CIPHER_NOT_FOUND);
}
if (EVP_MD_meth_get_init(EVP_MD_CTX_md(ctx)) (ctx) <= 0) {
- GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_MAC_KEY_NOT_SET);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_MAC_KEY_NOT_SET);
return 0;
}
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NO_INIT);
if (c->key_set) {
- GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_BAD_ORDER);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_BAD_ORDER);
return 0;
}
if (arg == 0) {
} else if (arg == 32) {
return omac_acpkm_key(c, cipher, ptr, 32);
}
- GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
return 0;
}
case EVP_CTRL_KEY_MESH:
}
return 1;
}
- case EVP_MD_CTRL_MAC_LEN:
+ case EVP_MD_CTRL_XOF_LEN: /* Supported in OpenSSL */
{
OMAC_ACPKM_CTX *c = EVP_MD_CTX_md_data(ctx);
switch (c->cipher_nid) {
case NID_grasshopper_cbc:
if (arg < 1 || arg > 16) {
- GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
+ return 0;
+ }
+ c->dgst_size = arg;
+ break;
+ case NID_magma_cbc:
+ if (arg < 1 || arg > 8) {
+ GOSTerr(GOST_F_OMAC_ACPKM_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
return 0;
}
c->dgst_size = arg;
|| !EVP_MD_meth_set_result_size(md, MAX_GOST_OMAC_ACPKM_SIZE)
|| !EVP_MD_meth_set_input_blocksize(md, GRASSHOPPER_BLOCK_SIZE)
|| !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_ACPKM_CTX))
- || !EVP_MD_meth_set_flags(md, 0)
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
|| !EVP_MD_meth_set_init(md, grasshopper_omac_acpkm_init)
|| !EVP_MD_meth_set_update(md, omac_acpkm_imit_update)
|| !EVP_MD_meth_set_final(md, omac_acpkm_imit_final)