X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_omac_acpkm.c;h=612524c98f4406f1fa542a013515e4b8ac3477a7;hb=986905842330e4a54e61334eb508fe3147c43e38;hp=3061e36f8d13f3cb84e5d337ef184a86b6a58d52;hpb=6476d4d4966f6efcfd84c5d1c9c4e90d83aa9f14;p=openssl-gost%2Fengine.git diff --git a/gost_omac_acpkm.c b/gost_omac_acpkm.c index 3061e36..612524c 100644 --- a/gost_omac_acpkm.c +++ b/gost_omac_acpkm.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018 vt@altlinux.org. All Rights Reserved. + * Copyright (C) 2018,2020 Vitaly Chikunov . All Rights Reserved. * Copyright (c) 2010 The OpenSSL Project. All rights reserved. * * Contents licensed under the terms of the OpenSSL license @@ -68,6 +68,7 @@ static CMAC_ACPKM_CTX *CMAC_ACPKM_CTX_new(void) } ctx->actx = EVP_CIPHER_CTX_new(); if (ctx->actx == NULL) { + EVP_CIPHER_CTX_free(ctx->cctx); OPENSSL_free(ctx); return NULL; } @@ -150,13 +151,14 @@ static int CMAC_ACPKM_Init(CMAC_ACPKM_CTX *ctx, const void *key, size_t keylen, /* Non-NULL key means initialisation is complete */ if (key) { unsigned char acpkm_iv[EVP_MAX_BLOCK_LENGTH]; + int block_size, key_len; /* Initialize CTR for ACPKM-Master */ if (!EVP_CIPHER_CTX_cipher(ctx->actx)) return 0; /* block size of ACPKM cipher could be 1, but, * cbc cipher is same with correct block_size */ - const int block_size = EVP_CIPHER_CTX_block_size(ctx->cctx); + block_size = EVP_CIPHER_CTX_block_size(ctx->cctx); /* Wide IV = 1^{n/2} || 0, * where a^r denotes the string that consists of r 'a' bits */ memset(acpkm_iv, 0xff, block_size / 2); @@ -164,7 +166,7 @@ static int CMAC_ACPKM_Init(CMAC_ACPKM_CTX *ctx, const void *key, size_t keylen, if (!EVP_EncryptInit_ex(ctx->actx, NULL, NULL, key, acpkm_iv)) return 0; /* EVP_CIPHER key_len may be different from EVP_CIPHER_CTX key_len */ - int key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx)); + key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx)); /* Generate first key material (K^1 || K^1_1) */ if (!EVP_Cipher(ctx->actx, ctx->km, zero_iv, key_len + block_size)) @@ -254,7 +256,8 @@ static int CMAC_ACPKM_Update(CMAC_ACPKM_CTX *ctx, const void *in, size_t dlen) static int CMAC_ACPKM_Final(CMAC_ACPKM_CTX *ctx, unsigned char *out, size_t *poutlen) { - int i, bl, lb; + int i, bl, lb, key_len; + unsigned char *k1, k2[EVP_MAX_BLOCK_LENGTH]; if (ctx->nlast_block == -1) return 0; bl = EVP_CIPHER_CTX_block_size(ctx->cctx); @@ -265,10 +268,9 @@ static int CMAC_ACPKM_Final(CMAC_ACPKM_CTX *ctx, unsigned char *out, if (!CMAC_ACPKM_Mesh(ctx)) return 0; - int key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx)); + key_len = EVP_CIPHER_key_length(EVP_CIPHER_CTX_cipher(ctx->actx)); /* Keys k1 and k2 */ - unsigned char *k1 = ctx->km + key_len; - unsigned char k2[EVP_MAX_BLOCK_LENGTH]; + k1 = ctx->km + key_len; make_kn(k2, ctx->km + key_len, bl); /* Is last block complete? */ @@ -355,7 +357,7 @@ int omac_acpkm_imit_final(EVP_MD_CTX *ctx, unsigned char *md) return 1; } -int omac_acpkm_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) +static int omac_acpkm_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) { OMAC_ACPKM_CTX *c_to = EVP_MD_CTX_md_data(to); const OMAC_ACPKM_CTX *c_from = EVP_MD_CTX_md_data(from); @@ -381,7 +383,7 @@ int omac_acpkm_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) } /* Clean up imit ctx */ -int omac_acpkm_imit_cleanup(EVP_MD_CTX *ctx) +static int omac_acpkm_imit_cleanup(EVP_MD_CTX *ctx) { OMAC_ACPKM_CTX *c = EVP_MD_CTX_md_data(ctx); @@ -425,6 +427,7 @@ int omac_acpkm_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) if (c->cipher_nid == NID_undef) { switch (EVP_MD_nid(md)) { case NID_grasshopper_mac: + case NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac: c->cipher_nid = NID_grasshopper_cbc; break; } @@ -464,7 +467,7 @@ int omac_acpkm_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) } return 1; } - case EVP_MD_CTRL_MAC_LEN: + case EVP_MD_CTRL_XOF_LEN: /* Supported in OpenSSL */ { OMAC_ACPKM_CTX *c = EVP_MD_CTX_md_data(ctx); switch (c->cipher_nid) { @@ -493,36 +496,16 @@ int omac_acpkm_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) } } -static EVP_MD *_hidden_grasshopper_omac_acpkm_md = NULL; - -EVP_MD *grasshopper_omac_acpkm(void) -{ - if (_hidden_grasshopper_omac_acpkm_md == NULL) { - EVP_MD *md; - - if ((md = - EVP_MD_meth_new(NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac, - NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, MAX_GOST_OMAC_ACPKM_SIZE) - || !EVP_MD_meth_set_input_blocksize(md, GRASSHOPPER_BLOCK_SIZE) - || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_ACPKM_CTX)) - || !EVP_MD_meth_set_flags(md, 0) - || !EVP_MD_meth_set_init(md, grasshopper_omac_acpkm_init) - || !EVP_MD_meth_set_update(md, omac_acpkm_imit_update) - || !EVP_MD_meth_set_final(md, omac_acpkm_imit_final) - || !EVP_MD_meth_set_copy(md, omac_acpkm_imit_copy) - || !EVP_MD_meth_set_cleanup(md, omac_acpkm_imit_cleanup) - || !EVP_MD_meth_set_ctrl(md, omac_acpkm_imit_ctrl)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_grasshopper_omac_acpkm_md = md; - } - return _hidden_grasshopper_omac_acpkm_md; -} - -void grasshopper_omac_acpkm_destroy(void) -{ - EVP_MD_meth_free(_hidden_grasshopper_omac_acpkm_md); - _hidden_grasshopper_omac_acpkm_md = NULL; -} +GOST_digest kuznyechik_ctracpkm_omac_digest = { + .nid = NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac, + .result_size = MAX_GOST_OMAC_ACPKM_SIZE, + .input_blocksize = GRASSHOPPER_BLOCK_SIZE, + .app_datasize = sizeof(OMAC_ACPKM_CTX), + .flags = EVP_MD_FLAG_XOF, + .init = grasshopper_omac_acpkm_init, + .update = omac_acpkm_imit_update, + .final = omac_acpkm_imit_final, + .copy = omac_acpkm_imit_copy, + .cleanup = omac_acpkm_imit_cleanup, + .ctrl = omac_acpkm_imit_ctrl, +};