2 #include "gost_gost2015.h"
3 #include "e_gost_err.h"
6 int gost2015_final_call(EVP_CIPHER_CTX *ctx, EVP_MD_CTX *omac_ctx, size_t mac_size,
7 unsigned char *encrypted_mac,
8 int (*do_cipher) (EVP_CIPHER_CTX *ctx,
10 const unsigned char *in,
13 unsigned char calculated_mac[KUZNYECHIK_MAC_MAX_SIZE];
14 memset(calculated_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
16 if (EVP_CIPHER_CTX_encrypting(ctx)) {
17 EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
19 if (do_cipher(ctx, encrypted_mac, calculated_mac, mac_size) <= 0) {
23 unsigned char expected_mac[KUZNYECHIK_MAC_MAX_SIZE];
25 memset(expected_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
26 EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
28 if (do_cipher(ctx, expected_mac, encrypted_mac, mac_size) <= 0) {
32 if (CRYPTO_memcmp(expected_mac, calculated_mac, mac_size) != 0)
41 #define MAX_GOST2015_UKM_SIZE 16
42 #define KDF_SEED_SIZE 8
43 int gost2015_get_asn1_params(const ASN1_TYPE *params, size_t ukm_size,
44 unsigned char *iv, size_t ukm_offset, unsigned char *kdf_seed)
47 GOST2015_CIPHER_PARAMS *gcp = NULL;
49 unsigned char *p = NULL;
51 memset(iv, 0, iv_len);
53 /* Проверяем тип params */
54 if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
55 GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
59 p = params->value.sequence->data;
60 /* Извлекаем структуру параметров */
61 gcp = d2i_GOST2015_CIPHER_PARAMS(NULL, (const unsigned char **)&p, params->value.sequence->length);
63 GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
67 /* Проверяем длину синхропосылки */
68 if (gcp->ukm->length != (int)ukm_size) {
69 GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
70 GOST2015_CIPHER_PARAMS_free(gcp);
74 memcpy(iv, gcp->ukm->data, ukm_offset);
75 memcpy(kdf_seed, gcp->ukm->data+ukm_offset, KDF_SEED_SIZE);
77 GOST2015_CIPHER_PARAMS_free(gcp);
81 int gost2015_set_asn1_params(ASN1_TYPE *params,
82 const unsigned char *iv, size_t iv_size, const unsigned char *kdf_seed)
84 GOST2015_CIPHER_PARAMS *gcp = GOST2015_CIPHER_PARAMS_new();
87 ASN1_OCTET_STRING *os = NULL;
88 unsigned char ukm_buf[MAX_GOST2015_UKM_SIZE];
89 unsigned char *buf = NULL;
92 GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
96 memcpy(ukm_buf, iv, iv_size);
97 memcpy(ukm_buf+iv_size, kdf_seed, KDF_SEED_SIZE);
99 if (ASN1_STRING_set(gcp->ukm, ukm_buf, iv_size + KDF_SEED_SIZE) == 0) {
100 GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
104 len = i2d_GOST2015_CIPHER_PARAMS(gcp, &buf);
107 || (os = ASN1_OCTET_STRING_new()) == NULL
108 || ASN1_OCTET_STRING_set(os, buf, len) == 0) {
112 ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
118 ASN1_OCTET_STRING_free(os);
120 GOST2015_CIPHER_PARAMS_free(gcp);