* Contents licensed under the terms of the OpenSSL license
* See https://www.openssl.org/source/license.html for details
*/
-#ifdef _WIN32
-#include <winsock.h>
-#else
-#include <arpa/inet.h>
-#endif
#include <string.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <openssl/buffer.h>
#include "gost_lcl.h"
#include "e_gost_err.h"
int omac_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
+
+static uint32_t _htonl(uint32_t n)
+{
+#ifdef L_ENDIAN
+ return ((((n & 0xFF)) << 24) |
+ (((n & 0xFF00)) << 8) |
+ (((n & 0xFF0000)) >> 8) |
+ (((n & 0xFF000000)) >> 24));
+#else
+ return n;
+#endif
+}
+
/*
* Function expects that out is a preallocated buffer of length
* defined as sum of shared_len and mac length defined by mac_nid
goto err;
}
+ if (shared_len + mac_len > (unsigned int)(*out_len)) {
+ GOSTerr(GOST_F_GOST_KEXP15, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
/* we expect IV of half length */
memset(iv_full, 0, 16);
memcpy(iv_full, iv, ivlen);
goto err;
}
+ if (expkeylen > sizeof(out)) {
+ GOSTerr(GOST_F_GOST_KIMP15, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (ivlen > 16) {
+ GOSTerr(GOST_F_GOST_KIMP15, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
/* we expect IV of half length */
memset(iv_full, 0, 16);
memcpy(iv_full, iv, ivlen);
unsigned char *ptr = keyout;
HMAC_CTX *ctx;
unsigned char *len_ptr = NULL;
- uint32_t len_repr = htonl(keyout_len * 8);
+ uint32_t len_repr = _htonl(keyout_len * 8);
size_t len_repr_len = 4;
ctx = HMAC_CTX_new();
}
for (i = 1; i <= iters; i++) {
- uint32_t iter_net = htonl(i);
+ uint32_t iter_net = _htonl(i);
unsigned char *rep_ptr =
((unsigned char *)&iter_net) + (4 - representation);
}
int gost_tlstree(int cipher_nid, const unsigned char *in, unsigned char *out,
- const unsigned char *tlsseq)
+ const unsigned char *tlsseq, int mode)
{
-#ifndef L_ENDIAN
- uint64_t gh_c1 = 0xFFFFFFFF00000000, gh_c2 = 0xFFFFFFFFFFF80000,
- gh_c3 = 0xFFFFFFFFFFFFFFC0;
- uint64_t mg_c1 = 0xFFFFFFC000000000, mg_c2 = 0xFFFFFFFFFE000000,
- mg_c3 = 0xFFFFFFFFFFFFF000;
-#else
uint64_t gh_c1 = 0x00000000FFFFFFFF, gh_c2 = 0x0000F8FFFFFFFFFF,
gh_c3 = 0xC0FFFFFFFFFFFFFF;
uint64_t mg_c1 = 0x00000000C0FFFFFF, mg_c2 = 0x000000FEFFFFFFFF,
mg_c3 = 0x00F0FFFFFFFFFFFF;
-#endif
uint64_t c1, c2, c3;
uint64_t seed1, seed2, seed3;
uint64_t seq;
c2 = gh_c2;
c3 = gh_c3;
break;
+ case NID_magma_mgm:
+ switch (mode) {
+ case TLSTREE_MODE_S: // TLS_GOSTR341112_256_WITH_MAGMA_MGM_S
+ c1 = 0x000000fcffffffff;
+ c2 = 0x00e0ffffffffffff;
+ c3 = 0xffffffffffffffff;
+ break;
+ case TLSTREE_MODE_L: // TLS_GOSTR341112_256_WITH_MAGMA_MGM_L
+ c1 = 0x000000000000e0ff;
+ c2 = 0x000000c0ffffffff;
+ c3 = 0x80ffffffffffffff;
+ break;
+ default:
+ return 0;
+ }
+ break;
+ case NID_kuznyechik_mgm:
+ switch (mode) {
+ case TLSTREE_MODE_S: // TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S
+ c1 = 0x000000e0ffffffff;
+ c2 = 0x0000ffffffffffff;
+ c3 = 0xf8ffffffffffffff;
+ break;
+ case TLSTREE_MODE_L: // TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L
+ c1 = 0x00000000000000f8;
+ c2 = 0x00000000f0ffffff;
+ c3 = 0x00e0ffffffffffff;
+ break;
+ default:
+ return 0;
+ }
+ break;
default:
return 0;
}
+#ifndef L_ENDIAN
+ BUF_reverse((unsigned char *)&seq, tlsseq, 8);
+#else
memcpy(&seq, tlsseq, 8);
+#endif
seed1 = seq & c1;
seed2 = seq & c2;
seed3 = seq & c3;
projects / openssl-gost / engine.git / blobdiff