X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_crypt.c;h=2bede853fd617919f4d83bb239b0f9ffe1ae8692;hb=69040682b1d04049668bb63712458f28a5c448d4;hp=eaf173bc7481bde6789e2f4837a71da3c9cb2222;hpb=4072cdf035bc927afc6af01e6c904adb534a8416;p=openssl-gost%2Fengine.git

diff --git a/gost_crypt.c b/gost_crypt.c
index eaf173b..2bede85 100644
--- a/gost_crypt.c
+++ b/gost_crypt.c
@@ -602,7 +602,13 @@ int magma_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         if (!gost_cipher_set_param(c, NID_id_tc26_gost_28147_param_Z))
             return 0;
         EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_get_cipher_data(ctx));
+
+        if (enc) {
+            if (init_zero_kdf_seed(c->kdf_seed) == 0)
+                return -1;
+        }
     }
+
     if (key)
         magma_key(&(c->cctx), key);
     if (iv) {
@@ -628,41 +634,24 @@ int magma_cipher_init_ctr_acpkm_omac(EVP_CIPHER_CTX *ctx, const unsigned char *k
 {
 	if (key) {
     struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
-		unsigned char keys[64];
-		const EVP_MD *md = EVP_get_digestbynid(NID_magma_mac);
-		EVP_PKEY *mac_key;
-
-		if (md == NULL)
-			return 0;
-
-		if (enc) {
-			if (RAND_bytes(c->kdf_seed, 8) != 1)
-				return 0;
-		}
-
-		if (gost_kdftree2012_256(keys, 64, key, 32, (const unsigned char *)"kdf tree", 8, c->kdf_seed, 8, 1) <= 0)
-			return 0;
-
+		unsigned char cipher_key[32];
 		c->omac_ctx = EVP_MD_CTX_new();
-		mac_key = EVP_PKEY_new_mac_key(NID_magma_mac, NULL, keys+32, 32);
 
-		if (mac_key == NULL || c->omac_ctx == NULL) {
-			EVP_PKEY_free(mac_key);
-			OPENSSL_cleanse(keys, sizeof(keys));
-			return 0;
+		if (c->omac_ctx == NULL) {
+		    GOSTerr(GOST_F_MAGMA_CIPHER_INIT_CTR_ACPKM_OMAC, ERR_R_MALLOC_FAILURE);
+				return 0;
 		}
 
-		if (EVP_DigestInit_ex(c->omac_ctx, md, NULL) <= 0 ||
-			EVP_DigestSignInit(c->omac_ctx, NULL, md, NULL, mac_key) <= 0) {
-			EVP_PKEY_free(mac_key);
-			OPENSSL_cleanse(keys, sizeof(keys));
-			return 0;
+		if (gost2015_acpkm_omac_init(NID_magma_mac, enc, key,
+		                 c->omac_ctx, cipher_key, c->kdf_seed) != 1) {
+		    EVP_MD_CTX_free(c->omac_ctx);
+				c->omac_ctx = NULL;
+		    return 0;
 		}
-		EVP_PKEY_free(mac_key);
-		OPENSSL_cleanse(keys + 32, sizeof(keys) - 32);
 
-		return magma_cipher_init(ctx, keys, iv, enc);
+		return magma_cipher_init(ctx, cipher_key, iv, enc);
 	}
+
 	return magma_cipher_init(ctx, key, iv, enc);
 }
 
@@ -785,10 +774,11 @@ int magma_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
                 d[7 - i] = in_ptr[i];
             }
             gostdecrypt(&(c->cctx), d, b);
+            memcpy(d, in_ptr, 8);
             for (i = 0; i < 8; i++) {
                 out_ptr[i] = iv[i] ^ b[7 - i];
             }
-            memcpy(iv, in_ptr, 8);
+            memcpy(iv, d, 8);
             out_ptr += 8;
             in_ptr += 8;
             inl -= 8;
@@ -877,6 +867,9 @@ static int magma_cipher_do_ctr_acpkm_omac(EVP_CIPHER_CTX *ctx, unsigned char *ou
 	if (in == NULL && inl == 0) /* Final call */
 		return gost2015_final_call(ctx, c->omac_ctx, MAGMA_MAC_MAX_SIZE, c->tag, magma_cipher_do_ctr);
 
+  if (in == NULL)
+      return -1;
+
 	/* As in and out can be the same pointer, process unencrypted here */
 	if (EVP_CIPHER_CTX_encrypting(ctx))
 		EVP_DigestSignUpdate(c->omac_ctx, in, inl);