X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_grasshopper_cipher.c;h=75a0408e24b8e39eb073824369f08bd956f73aa3;hb=a57c7e869e3017303407ba36e3d0798c9474416b;hp=ba353c21850a4791f3a0cd56b7ed4fab76d8bc9d;hpb=5900ae4498b35f8a8ba03cdc66f92c0bbd9bec06;p=openssl-gost%2Fengine.git diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index ba353c2..75a0408 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -7,6 +7,7 @@ #include "gost_grasshopper_defines.h" #include "gost_grasshopper_math.h" #include "gost_grasshopper_core.h" +#include "gost_gost2015.h" #include #include @@ -29,8 +30,6 @@ static EVP_CIPHER *gost_grasshopper_ciphers[6] = { NULL, NULL, NULL, NULL, NULL, NULL, }; -static GRASSHOPPER_INLINE void -gost_grasshopper_cipher_destroy_ofb(gost_grasshopper_cipher_ctx * c); static GRASSHOPPER_INLINE void gost_grasshopper_cipher_destroy_ctr(gost_grasshopper_cipher_ctx * c); @@ -70,9 +69,9 @@ static struct GRASSHOPPER_CIPHER_PARAMS gost_cipher_params[6] = { NID_grasshopper_ofb, gost_grasshopper_cipher_init_ofb, gost_grasshopper_cipher_do_ofb, - gost_grasshopper_cipher_destroy_ofb, + NULL, 1, - sizeof(gost_grasshopper_cipher_ctx_ofb), + sizeof(gost_grasshopper_cipher_ctx), 16, false} , @@ -93,21 +92,18 @@ static struct GRASSHOPPER_CIPHER_PARAMS gost_cipher_params[6] = { gost_grasshopper_cipher_destroy_ctr, 1, sizeof(gost_grasshopper_cipher_ctx_ctr), - /* IV size is set to match full block, to make it responsibility of - * user to assign correct values (IV || 0), and to make naive context - * copy possible (for software such as openssh) */ - 16, + 8, false} , { - NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm, - gost_grasshopper_cipher_init_ctracpkm, - gost_grasshopper_cipher_do_ctracpkm, - gost_grasshopper_cipher_destroy_ctr, - 1, - sizeof(gost_grasshopper_cipher_ctx_ctr), - 16, - false} + NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm, + gost_grasshopper_cipher_init_ctracpkm, + gost_grasshopper_cipher_do_ctracpkm, + gost_grasshopper_cipher_destroy_ctr, + 1, + sizeof(gost_grasshopper_cipher_ctx_ctr), + 8, + false} , }; @@ -180,15 +176,6 @@ gost_grasshopper_cipher_destroy(gost_grasshopper_cipher_ctx * c) grasshopper_zero128(&c->buffer); } -static GRASSHOPPER_INLINE void -gost_grasshopper_cipher_destroy_ofb(gost_grasshopper_cipher_ctx * c) -{ - gost_grasshopper_cipher_ctx_ofb *ctx = - (gost_grasshopper_cipher_ctx_ofb *) c; - - grasshopper_zero128(&ctx->buffer1); -} - static GRASSHOPPER_INLINE void gost_grasshopper_cipher_destroy_ctr(gost_grasshopper_cipher_ctx * c) { @@ -248,12 +235,8 @@ GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ofb(EVP_CIPHER_CTX *ctx, con *key, const unsigned char *iv, int enc) { - gost_grasshopper_cipher_ctx_ofb *c = EVP_CIPHER_CTX_get_cipher_data(ctx); - - c->c.type = GRASSHOPPER_CIPHER_OFB; - - grasshopper_zero128(&c->buffer1); - + gost_grasshopper_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); + c->type = GRASSHOPPER_CIPHER_OFB; return gost_grasshopper_cipher_init(ctx, key, iv, enc); } @@ -346,8 +329,6 @@ int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, bool encrypting = (bool) EVP_CIPHER_CTX_encrypting(ctx); const unsigned char *current_in = in; unsigned char *current_out = out; - grasshopper_w128_t *currentInputBlock; - grasshopper_w128_t *currentOutputBlock; size_t blocks = inl / GRASSHOPPER_BLOCK_SIZE; size_t i; grasshopper_w128_t *currentBlock; @@ -357,8 +338,8 @@ int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, for (i = 0; i < blocks; i++, current_in += GRASSHOPPER_BLOCK_SIZE, current_out += GRASSHOPPER_BLOCK_SIZE) { - currentInputBlock = (grasshopper_w128_t *) current_in; - currentOutputBlock = (grasshopper_w128_t *) current_out; + grasshopper_w128_t *currentInputBlock = (grasshopper_w128_t *) current_in; + grasshopper_w128_t *currentOutputBlock = (grasshopper_w128_t *) current_out; if (encrypting) { grasshopper_append128(currentBlock, currentInputBlock); grasshopper_encrypt_block(&c->encrypt_round_keys, currentBlock, @@ -381,10 +362,10 @@ int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, void inc_counter(unsigned char *counter, size_t counter_bytes) { - unsigned char c; unsigned int n = counter_bytes; do { + unsigned char c; --n; c = counter[n]; ++c; @@ -523,20 +504,21 @@ int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX *ctx, /* * Fixed 128-bit IV implementation make shift regiser redundant. */ -static void gost_grasshopper_cnt_next(gost_grasshopper_cipher_ctx_ofb * ctx, +static void gost_grasshopper_cnt_next(gost_grasshopper_cipher_ctx * ctx, grasshopper_w128_t * iv, grasshopper_w128_t * buf) { - memcpy(&ctx->buffer1, iv, 16); - grasshopper_encrypt_block(&ctx->c.encrypt_round_keys, &ctx->buffer1, - buf, &ctx->c.buffer); + grasshopper_w128_t tmp; + memcpy(&tmp, iv, 16); + grasshopper_encrypt_block(&ctx->encrypt_round_keys, &tmp, + buf, &ctx->buffer); memcpy(iv, buf, 16); } int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { - gost_grasshopper_cipher_ctx_ofb *c = (gost_grasshopper_cipher_ctx_ofb *) + gost_grasshopper_cipher_ctx *c = (gost_grasshopper_cipher_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); const unsigned char *in_ptr = in; unsigned char *out_ptr = out; @@ -706,35 +688,37 @@ int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX *ctx) int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) { - int len = 0; - unsigned char *buf = NULL; - ASN1_OCTET_STRING *os = NULL; - - os = ASN1_OCTET_STRING_new(); + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { + gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); - if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { - OPENSSL_free(buf); - GOSTerr(GOST_F_GOST_GRASSHOPPER_SET_ASN1_PARAMETERS, - ERR_R_MALLOC_FAILURE); - return 0; - } - OPENSSL_free(buf); - - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - return 1; + return gost2015_set_asn1_params(params, EVP_CIPHER_CTX_original_iv(ctx), 8, + ctr->kdf_seed); + } + return 0; } GRASSHOPPER_INLINE int gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) { - int ret = -1; + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { + gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { - return ret; - } + int iv_len = 16; + unsigned char iv[16]; - return 1; + if (gost2015_get_asn1_params(params, 16, iv, 8, ctr->kdf_seed) == 0) { + return 0; + } + + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, iv_len); + memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, iv_len); + + /* CMS implies 256kb mesh_section_size */ + ctr->section_size = 256*1024; + return 1; + } + return 0; } int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, @@ -742,7 +726,7 @@ int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, { switch (type) { case EVP_CTRL_RAND_KEY:{ - if (RAND_bytes + if (RAND_priv_bytes ((unsigned char *)ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, GOST_R_RNG_ERROR); return -1;