From: arx11 <>
Date: Sun, 24 Mar 2024 10:33:44 +0000 (-0400)
Subject: Added support for magma-ctracpkm-omac.
X-Git-Url: http://www.wagner.pp.ru/gitweb/?a=commitdiff_plain;h=bb27f7693c10da305d547b100e694823cac097f9;p=openssl-gost%2Fengine.git

Added support for magma-ctracpkm-omac.

Magma OMAC is implemented the same way as NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac. And with test vectors.
---

diff --git a/gost_crypt.c b/gost_crypt.c
index 516e598..85b194a 100644
--- a/gost_crypt.c
+++ b/gost_crypt.c
@@ -519,6 +519,7 @@ static int magma_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
        c->key_meshing = 0;
     }
 
+    c->count = 0;
     return 1;
 }
 
@@ -1273,10 +1274,6 @@ static int magma_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
                 return -1;
             }
 
-            if (c->count != 0) {
-                return -1;
-            }
-
             c->key_meshing = arg;
             return 1;
         }
@@ -1650,4 +1647,10 @@ static int gost_imit_cleanup(EVP_MD_CTX *ctx)
     memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx));
     return 1;
 }
+
+/* Called directly by CMAC_ACPKM_Init() */
+const EVP_CIPHER *cipher_gost_magma_ctracpkm()
+{
+    return GOST_init_cipher(&magma_ctr_acpkm_cipher);
+}
 /* vim: set expandtab cinoptions=\:0,l1,t0,g0,(0 sw=4 : */
diff --git a/gost_eng.c b/gost_eng.c
index 7ca5523..4df83e8 100644
--- a/gost_eng.c
+++ b/gost_eng.c
@@ -80,6 +80,7 @@ GOST_digest *gost_digest_array[] = {
     &magma_mac_digest,
     &grasshopper_mac_digest,
     &kuznyechik_ctracpkm_omac_digest,
+    &magma_ctracpkm_omac_digest,
 };
 
 GOST_cipher *gost_cipher_array[] = {
diff --git a/gost_lcl.h b/gost_lcl.h
index ffa8c76..21a5197 100644
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -342,6 +342,8 @@ typedef struct gost_cipher_st GOST_cipher;
 EVP_CIPHER *GOST_init_cipher(GOST_cipher *c);
 void GOST_deinit_cipher(GOST_cipher *c);
 
+const EVP_CIPHER *cipher_gost_magma_ctracpkm();
+
 /* ENGINE implementation data */
 extern GOST_cipher Gost28147_89_cipher;
 extern GOST_cipher Gost28147_89_cbc_cipher;
@@ -398,6 +400,7 @@ extern GOST_digest GostR3411_2012_512_digest;
 extern GOST_digest magma_mac_digest;
 extern GOST_digest grasshopper_mac_digest;
 extern GOST_digest kuznyechik_ctracpkm_omac_digest;
+extern GOST_digest magma_ctracpkm_omac_digest;
 
 /* Provider implementation data */
 extern const OSSL_ALGORITHM GOST_prov_digests[];
diff --git a/gost_omac_acpkm.c b/gost_omac_acpkm.c
index 8a3c841..79cfa22 100644
--- a/gost_omac_acpkm.c
+++ b/gost_omac_acpkm.c
@@ -138,9 +138,16 @@ static int CMAC_ACPKM_Init(CMAC_ACPKM_CTX *ctx, const void *key, size_t keylen,
 
         if (!EVP_EncryptInit_ex(ctx->cctx, cipher, impl, NULL, NULL))
             return 0;
-        if (!EVP_CIPHER_is_a(cipher, SN_grasshopper_cbc))
+        /* EVP_CIPHER_is_a doesn't work, checking by NID */
+        if (EVP_CIPHER_is_a(cipher, SN_magma_cbc)
+            && EVP_CIPHER_nid(cipher) == NID_magma_cbc)
+            acpkm = cipher_gost_magma_ctracpkm();
+        else if (EVP_CIPHER_is_a(cipher, SN_grasshopper_cbc)
+                 && EVP_CIPHER_nid(cipher) == NID_grasshopper_cbc)
+            acpkm = cipher_gost_grasshopper_ctracpkm();
+        else
             return 0;
-        acpkm = cipher_gost_grasshopper_ctracpkm();
+
         if (!EVP_EncryptInit_ex(ctx->actx, acpkm, impl, NULL, NULL))
             return 0;
     }
@@ -319,6 +326,9 @@ static int omac_acpkm_init(EVP_MD_CTX *ctx, const char *cipher_name)
     case NID_grasshopper_cbc:
         c->dgst_size = 16;
         break;
+    case NID_magma_cbc:
+        c->dgst_size = 8;
+        break;
     }
 
     return 1;
@@ -329,6 +339,11 @@ static int grasshopper_omac_acpkm_init(EVP_MD_CTX *ctx)
     return omac_acpkm_init(ctx, SN_grasshopper_cbc);
 }
 
+static int magma_omac_acpkm_init(EVP_MD_CTX *ctx)
+{
+    return omac_acpkm_init(ctx, SN_magma_cbc);
+}
+
 static int omac_acpkm_imit_update(EVP_MD_CTX *ctx, const void *data,
                                   size_t count)
 {
@@ -432,6 +447,9 @@ int omac_acpkm_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
                 if (EVP_MD_is_a(md, SN_grasshopper_mac)
                     || EVP_MD_is_a(md, SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac))
                     c->cipher_name = SN_grasshopper_cbc;
+                else if (EVP_MD_is_a(md, SN_magma_mac)
+                    || EVP_MD_is_a(md, SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac))
+                    c->cipher_name = SN_magma_cbc;
             }
             if ((cipher =
                  (EVP_CIPHER *)EVP_get_cipherbyname(c->cipher_name)) == NULL
@@ -527,3 +545,17 @@ GOST_digest kuznyechik_ctracpkm_omac_digest = {
     .cleanup = omac_acpkm_imit_cleanup,
     .ctrl = omac_acpkm_imit_ctrl,
 };
+
+GOST_digest magma_ctracpkm_omac_digest = {
+    .nid = NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac,
+    .result_size = 8,
+    .input_blocksize = 8,
+    .app_datasize = sizeof(OMAC_ACPKM_CTX),
+    .flags = EVP_MD_FLAG_XOF,
+    .init = magma_omac_acpkm_init,
+    .update = omac_acpkm_imit_update,
+    .final = omac_acpkm_imit_final,
+    .copy = omac_acpkm_imit_copy,
+    .cleanup = omac_acpkm_imit_cleanup,
+    .ctrl = omac_acpkm_imit_ctrl,
+};
diff --git a/gost_pmeth.c b/gost_pmeth.c
index 44bfc75..bf7528c 100644
--- a/gost_pmeth.c
+++ b/gost_pmeth.c
@@ -1131,6 +1131,7 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
         EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
         return 1;
     case NID_magma_mac:
+    case NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac:  /* FIXME beldmit */
         EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_magma_mac_ctrl,
                                pkey_gost_magma_mac_ctrl_str);
         EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_magma_mac_signctx_init,
diff --git a/gost_prov_mac.c b/gost_prov_mac.c
index ab04a9c..77dcb7b 100644
--- a/gost_prov_mac.c
+++ b/gost_prov_mac.c
@@ -282,6 +282,8 @@ static int mac_set_ctx_params(void *mctx, const OSSL_PARAM params[])
 #define gost_mac_12_digest              Gost28147_89_mac_12_digest
 #define id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac_digest \
     kuznyechik_ctracpkm_omac_digest
+#define id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac_digest \
+    magma_ctracpkm_omac_digest
 
 typedef void (*fptr_t)(void);
 #define MAKE_FUNCTIONS(name, macsize)                                   \
@@ -331,6 +333,7 @@ MAKE_FUNCTIONS(gost_mac_12, 4);
 MAKE_FUNCTIONS(magma_mac, 8);
 MAKE_FUNCTIONS(grasshopper_mac, 16);
 MAKE_FUNCTIONS(id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac, 16);
+MAKE_FUNCTIONS(id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac, 8);
 
 /* The OSSL_ALGORITHM for the provider's operation query function */
 const OSSL_ALGORITHM GOST_prov_macs[] = {
@@ -342,6 +345,9 @@ const OSSL_ALGORITHM GOST_prov_macs[] = {
     { SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac
       ":1.2.643.7.1.1.5.2.2", NULL,
       id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac_functions },
+    { SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac
+      ":1.2.643.7.1.1.5.1.2", NULL,
+      id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac_functions },
     { NULL , NULL, NULL }
 };
 
@@ -351,7 +357,8 @@ void GOST_prov_deinit_mac_digests(void) {
         &Gost28147_89_mac_12_digest,
         &magma_mac_digest,
         &grasshopper_mac_digest,
-        &kuznyechik_ctracpkm_omac_digest
+        &kuznyechik_ctracpkm_omac_digest,
+        &magma_ctracpkm_omac_digest
     };
     size_t i;
 #define elems(l) (sizeof(l) / sizeof(l[0]))
diff --git a/test_context.c b/test_context.c
index d9ef579..5f710ef 100644
--- a/test_context.c
+++ b/test_context.c
@@ -333,6 +333,7 @@ static struct testcase_digest {
     { SN_magma_mac, 1 },
     { SN_grasshopper_mac, 1 },
     { SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac, 1 },
+    { SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac, 1 },
     { 0 },
 };
 int main(int argc, char **argv)
diff --git a/test_digest.c b/test_digest.c
index 68c0e32..d630e72 100644
--- a/test_digest.c
+++ b/test_digest.c
@@ -108,6 +108,30 @@ static const char MAC_omac[] = { 0x33,0x6f,0x4d,0x29,0x60,0x59,0xfb,0xe3 };
  */
 static const char MAC_magma_omac[] = { 0x15,0x4e,0x72,0x10 };
 
+/*
+ * OMAC-ACPKM test vector from R 1323565.1.017-2018 A.3.1
+ */
+static const char P_omac_acpkm01[] = {
+   0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0xFF,0xEE,0xDD,0xCC,
+};
+
+static const char MAC_omac_acpkm01[] = {
+   0xA0,0x54,0x0E,0x37,0x30,0xAC,0xBC,0xF3,
+};
+
+/*
+ * OMAC-ACPKM test vector from R 1323565.1.017-2018 A.3.2
+ */
+static const char P_omac_acpkm02[] = {
+    0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0xFF,0xEE,0xDD,0xCC,0xBB,0xAA,0x99,0x88,
+    0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xEE,0xFF,0x0A,
+    0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,
+};
+
+static const char MAC_omac_acpkm02[] = {
+    0x34,0x00,0x8D,0xAD,0x54,0x96,0xBB,0x8E,
+};
+
 /*
  * OMAC-ACPKM test vector from R 1323565.1.017-2018 A.4.1
  */
@@ -277,6 +301,30 @@ static const struct hash_testvec testvecs[] = {
 	.outsize = 64 / 8,
 	.truncate = sizeof(MAC_magma_omac),
     },
+    {
+	.algname = SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac,
+	.name = "M from R 1323565.1.017-2018 (A.3.1)",
+	.plaintext = P_omac_acpkm01,
+	.psize = sizeof(P_omac_acpkm01),
+	.key = K,
+	.key_size = sizeof(K),
+	.acpkm = 128 / 8,
+	.acpkm_t = 640 / 8,
+	.digest = MAC_omac_acpkm01,
+	.outsize = sizeof(MAC_omac_acpkm01),
+    },
+    {
+	.algname = SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac,
+	.name = "M from R 1323565.1.017-2018 (A.3.2)",
+	.plaintext = P_omac_acpkm02,
+	.psize = sizeof(P_omac_acpkm02),
+	.key = K,
+	.key_size = sizeof(K),
+	.acpkm = 128 / 8,
+	.acpkm_t = 640 / 8,
+	.digest = MAC_omac_acpkm02,
+	.outsize = sizeof(MAC_omac_acpkm02),
+    },
     {
 	.algname = SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
 	.name = "M from R 1323565.1.017-2018 (A.4.1)",