X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_grasshopper_cipher.c;h=2c2ea88119b411dd2d08775a6d035ba01eeae0e2;hb=9cf021b8f3cc7b0f49ecd2f165bd1864903c90d0;hp=aee1c64f2e08cd79f8d04701e30f47d17749c0e7;hpb=fd5447e7fca18868178b225de76b49bf3dce90c6;p=openssl-gost%2Fengine.git

diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c
index aee1c64..2c2ea88 100644
--- a/gost_grasshopper_cipher.c
+++ b/gost_grasshopper_cipher.c
@@ -215,6 +215,11 @@ int gost_grasshopper_cipher_init(EVP_CIPHER_CTX *ctx,
 
     if (EVP_CIPHER_CTX_get_app_data(ctx) == NULL) {
         EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_get_cipher_data(ctx));
+        if (enc && c->type == GRASSHOPPER_CIPHER_CTRACPKM) {
+            gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx);
+            if (init_zero_kdf_seed(ctr->kdf_seed) == 0)
+                return -1;
+        }
     }
 
     if (key != NULL) {
@@ -313,38 +318,24 @@ GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX
 	c->section_size = 4096;
 
 	if (key) {
-		unsigned char keys[64];
-		const EVP_MD *md = EVP_get_digestbynid(NID_kuznyechik_mac);
-		EVP_PKEY *mac_key;
-
-		if (md == NULL)
-			return 0;
-
-		if (enc) {
-			if (RAND_bytes(c->kdf_seed, 8) != 1)
-				return 0;
-		}
-
-		if (gost_kdftree2012_256(keys, 64, key, 32, (const unsigned char *)"kdf tree", 8, c->kdf_seed, 8, 1) <= 0)
-			return 0;
-
+		unsigned char cipher_key[32];
 		c->omac_ctx = EVP_MD_CTX_new();
-		mac_key = EVP_PKEY_new_mac_key(NID_kuznyechik_mac, NULL, keys+32, 32);
 
-		if (mac_key == NULL || c->omac_ctx == NULL) {
-			EVP_PKEY_free(mac_key);
-			return 0;
+		if (c->omac_ctx == NULL) {
+		    GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_INIT_CTRACPKM_OMAC, ERR_R_MALLOC_FAILURE);
+				return 0;
 		}
 
-		if (EVP_DigestInit_ex(c->omac_ctx, md, NULL) <= 0 ||
-				EVP_DigestSignInit(c->omac_ctx, NULL, md, NULL, mac_key) <= 0) {
-			EVP_PKEY_free(mac_key);
-			return 0;
+		if (gost2015_acpkm_omac_init(NID_kuznyechik_mac, enc, key,
+		                 c->omac_ctx, cipher_key, c->kdf_seed) != 1) {
+		    EVP_MD_CTX_free(c->omac_ctx);
+				c->omac_ctx = NULL;
+		    return 0;
 		}
-		EVP_PKEY_free(mac_key);
 
-		return gost_grasshopper_cipher_init(ctx, keys, iv, enc);
+		return gost_grasshopper_cipher_init(ctx, cipher_key, iv, enc);
 	}
+
 	return gost_grasshopper_cipher_init(ctx, key, iv, enc);
 }