From 07c957df13588802781cb36d1539e22fba7e071e Mon Sep 17 00:00:00 2001 From: Vitaly Chikunov Date: Thu, 26 Jul 2018 12:07:11 +0300 Subject: [PATCH] Set default value for CTR ACPKM limit Default limit for Kuznyechik is 4KiB, from TLS 1.2 recommendations. As a consequence it does not need to be configured via EVP_CTRL_KEY_MESH. Also, explicitly set ACPKM limit in tests. --- gost_grasshopper_cipher.c | 4 ++-- test_grasshopper.c | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index a3f34d6..07dfd91 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -264,8 +264,8 @@ GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX *ctx /* NB: setting type makes EVP do_cipher callback useless */ c->c.type = GRASSHOPPER_CIPHER_CTRACPKM; EVP_CIPHER_CTX_set_num(ctx, 0); - c->section_size = 0; /* by default meshing is turned off */ - c->skip_sections = 0; /* will be set to 1 on EVP_CTRL_KEY_MESH */ + c->section_size = 4096; + c->skip_sections = 1; return gost_grasshopper_cipher_init(ctx, key, iv, enc); } diff --git a/test_grasshopper.c b/test_grasshopper.c index 1b0f913..db2c3e1 100644 --- a/test_grasshopper.c +++ b/test_grasshopper.c @@ -130,8 +130,8 @@ struct testcase { static struct testcase testcases[] = { { "ecb", cipher_gost_grasshopper_ecb, 0, P, E_ecb, sizeof(P), NULL, 0, 0 }, { "ctr", cipher_gost_grasshopper_ctr, 1, P, E_ctr, sizeof(P), iv_ctr, sizeof(iv_ctr), 0 }, - { "ctr-no-acpkm", cipher_gost_grasshopper_ctracpkm, 1, P, E_ctr, sizeof(P), iv_ctr, sizeof(iv_ctr), 0 }, - { "ctracpkm", cipher_gost_grasshopper_ctracpkm, 1, P_acpkm, E_acpkm, sizeof(P_acpkm), iv_ctr, sizeof(iv_ctr), 1 }, + { "ctr-no-acpkm", cipher_gost_grasshopper_ctracpkm, 1, P, E_ctr, sizeof(P), iv_ctr, sizeof(iv_ctr), 0 }, + { "ctracpkm", cipher_gost_grasshopper_ctracpkm, 1, P_acpkm, E_acpkm, sizeof(P_acpkm), iv_ctr, sizeof(iv_ctr), 256 / 8 }, { "ofb", cipher_gost_grasshopper_ofb, 1, P, E_ofb, sizeof(P), iv_128bit, sizeof(iv_128bit), 0 }, { "cbc", cipher_gost_grasshopper_cbc, 0, P, E_cbc, sizeof(P), iv_128bit, sizeof(iv_128bit), 0 }, { "cfb", cipher_gost_grasshopper_cfb, 0, P, E_cfb, sizeof(P), iv_128bit, sizeof(iv_128bit), 0 }, @@ -167,7 +167,7 @@ static int test_block(const EVP_CIPHER *type, const char *name, T(EVP_CIPHER_CTX_set_padding(ctx, 0)); memset(c, 0, sizeof(c)); if (acpkm) - T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL)); + T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL)); T(EVP_CipherUpdate(ctx, c, &outlen, pt, size)); T(EVP_CipherFinal_ex(ctx, c + outlen, &tmplen)); EVP_CIPHER_CTX_cleanup(ctx); @@ -186,7 +186,7 @@ static int test_block(const EVP_CIPHER *type, const char *name, T(EVP_CIPHER_CTX_set_padding(ctx, 0)); memset(c, 0, sizeof(c)); if (acpkm) - T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL)); + T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL)); for (z = 0; z < blocks; z++) { int offset = z * GRASSHOPPER_BLOCK_SIZE; int sz = GRASSHOPPER_BLOCK_SIZE; @@ -209,7 +209,7 @@ static int test_block(const EVP_CIPHER *type, const char *name, T(EVP_CIPHER_CTX_set_padding(ctx, 0)); memset(c, 0, sizeof(c)); if (acpkm) - T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL)); + T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL)); T(EVP_CipherUpdate(ctx, c, &outlen, exp, size)); T(EVP_CipherFinal_ex(ctx, c + outlen, &tmplen)); EVP_CIPHER_CTX_cleanup(ctx); @@ -245,7 +245,7 @@ static int test_stream(const EVP_CIPHER *type, const char *name, EVP_CIPHER_CTX_set_padding(ctx, 0); memset(c, 0xff, sizeof(c)); if (acpkm) - T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, 256 / 8, NULL)); + T(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_KEY_MESH, acpkm, NULL)); for (i = 0; i < size; i += z) { if (i + z > size) sz = size - i; -- 2.39.5