Set default value for CTR ACPKM limit

Default limit for Kuznyechik is 4KiB, from TLS 1.2 recommendations. As
a consequence it does not need to be configured via EVP_CTRL_KEY_MESH.
Also, explicitly set ACPKM limit in tests.

diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c
index a3f34d62054f12f333250c47d590aaecf839fb21..07dfd91a88d937da446844c823dd78e87886e505 100644 (file)
--- a/gost_grasshopper_cipher.c
+++ b/gost_grasshopper_cipher.c
@@ -264,8 +264,8 @@ GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX *ctx
     /* NB: setting type makes EVP do_cipher callback useless */
     c->c.type = GRASSHOPPER_CIPHER_CTRACPKM;
     EVP_CIPHER_CTX_set_num(ctx, 0);
-    c->section_size  = 0; /* by default meshing is turned off */
-    c->skip_sections = 0; /* will be set to 1 on EVP_CTRL_KEY_MESH */
+    c->section_size  = 4096;
+    c->skip_sections = 1;
 
     return gost_grasshopper_cipher_init(ctx, key, iv, enc);
 }

diff --git a/test_grasshopper.c b/test_grasshopper.c
index 1b0f91356ff758f0dc783b590cca1cc7a330b08e..db2c3e16e79bc67f8b29aac580df54f38745b260 100644 (file)
--- a/test_grasshopper.c
+++ b/test_grasshopper.c
@@ -130,8 +130,8 @@ struct testcase {
 static struct testcase testcases[] = {
     { "ecb", cipher_gost_grasshopper_ecb, 0, P,  E_ecb,  sizeof(P),  NULL,       0, 0 },
     { "ctr", cipher_gost_grasshopper_ctr, 1, P,  E_ctr,  sizeof(P),  iv_ctr,     sizeof(iv_ctr), 0 },
-    { "ctr-no-acpkm", cipher_gost_grasshopper_ctracpkm, 1, P,       E_ctr,   sizeof(P),       iv_ctr, sizeof(iv_ctr), 0 },
-    { "ctracpkm",     cipher_gost_grasshopper_ctracpkm, 1, P_acpkm, E_acpkm, sizeof(P_acpkm), iv_ctr, sizeof(iv_ctr), 1 },
+    { "ctr-no-acpkm", cipher_gost_grasshopper_ctracpkm, 1, P,   E_ctr,   sizeof(P),       iv_ctr, sizeof(iv_ctr), 0 },
+    { "ctracpkm", cipher_gost_grasshopper_ctracpkm, 1, P_acpkm, E_acpkm, sizeof(P_acpkm), iv_ctr, sizeof(iv_ctr), 256 / 8 },
     { "ofb", cipher_gost_grasshopper_ofb, 1, P,  E_ofb,  sizeof(P),  iv_128bit,  sizeof(iv_128bit), 0 },
     { "cbc", cipher_gost_grasshopper_cbc, 0, P,  E_cbc,  sizeof(P),  iv_128bit,  sizeof(iv_128bit), 0 },
     { "cfb", cipher_gost_grasshopper_cfb, 0, P,  E_cfb,  sizeof(P),  iv_128bit,  sizeof(iv_128bit), 0 },
@@ -167,7 +167,7 @@ static int test_block(const EVP_CIPHER *type, const char *name,
     T(EVP_CIPHER_CTX_set_padding(ctx, 0));
     memset(c, 0, sizeof(c));
     if (acpkm)
-       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL));
+       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL));
     T(EVP_CipherUpdate(ctx, c, &outlen, pt, size));
     T(EVP_CipherFinal_ex(ctx, c + outlen, &tmplen));
     EVP_CIPHER_CTX_cleanup(ctx);
@@ -186,7 +186,7 @@ static int test_block(const EVP_CIPHER *type, const char *name,
     T(EVP_CIPHER_CTX_set_padding(ctx, 0));
     memset(c, 0, sizeof(c));
     if (acpkm)
-       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL));
+       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL));
     for (z = 0; z < blocks; z++) {
        int offset = z * GRASSHOPPER_BLOCK_SIZE;
        int sz = GRASSHOPPER_BLOCK_SIZE;
@@ -209,7 +209,7 @@ static int test_block(const EVP_CIPHER *type, const char *name,
     T(EVP_CIPHER_CTX_set_padding(ctx, 0));
     memset(c, 0, sizeof(c));
     if (acpkm)
-       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL));
+       T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL));
     T(EVP_CipherUpdate(ctx, c, &outlen, exp, size));
     T(EVP_CipherFinal_ex(ctx, c + outlen, &tmplen));
     EVP_CIPHER_CTX_cleanup(ctx);
@@ -245,7 +245,7 @@ static int test_stream(const EVP_CIPHER *type, const char *name,
        EVP_CIPHER_CTX_set_padding(ctx, 0);
        memset(c, 0xff, sizeof(c));
        if (acpkm)
-           T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL));
+           T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL));
        for (i = 0; i < size; i += z) {
            if (i + z > size)
                sz = size - i;