2 #include <openssl/evp.h>
5 #include "e_gost_err.h"
8 * Function expects that out is a preallocated buffer of length
9 * defined as sum of shared_len and mac length defined by mac_nid
11 int gost_kexp15(const unsigned char *shared_key, const int shared_len,
12 int cipher_nid, const unsigned char *cipher_key, const size_t cipher_key_len,
13 int mac_nid, unsigned char *mac_key, const size_t mac_key_len,
14 const char *iv, const size_t ivlen,
15 unsigned char *out, int *out_len
18 /* out_len = key_len + mac_len */
19 unsigned char iv_full[16], mac_buf[8];
22 EVP_CIPHER_CTX *ciph = NULL;
23 EVP_MD_CTX *mac = NULL;
27 /* we expect IV of half length */
28 memset(iv_full, 0, 16);
29 memcpy(iv_full, iv, ivlen);
31 mac = EVP_MD_CTX_new();
33 GOSTerr(GOST_F_GOST_KEXP15, ERR_R_MALLOC_FAILURE);
37 if(EVP_DigestInit_ex(mac, EVP_get_digestbynid(mac_nid), NULL) <= 0
38 || EVP_MD_CTX_ctrl(mac, EVP_MD_CTRL_SET_KEY, mac_key_len, mac_key) <= 0
39 || EVP_DigestUpdate(mac, shared_key, shared_len) <= 0
40 || EVP_DigestFinal_ex(mac, mac_buf, &mac_len) <= 0) {
41 GOSTerr(GOST_F_GOST_KEXP15, ERR_R_INTERNAL_ERROR);
45 ciph = EVP_CIPHER_CTX_new();
47 GOSTerr(GOST_F_GOST_KEXP15, ERR_R_MALLOC_FAILURE);
51 if (EVP_CipherInit_ex(ciph, EVP_get_cipherbynid(cipher_nid), NULL, NULL, NULL, 1) <= 0
52 || EVP_CipherInit_ex(ciph, NULL, NULL, cipher_key, iv_full, 1) <= 0
53 || EVP_CipherUpdate(ciph, out, out_len, shared_key, shared_len) <= 0
54 || EVP_CipherFinal_ex(ciph, out, out_len) <= 0) {
55 GOSTerr(GOST_F_GOST_KEXP15, ERR_R_INTERNAL_ERROR);
59 memcpy(out + *out_len, mac_buf, mac_len);
66 EVP_CIPHER_CTX_free(ciph);
71 int gost_kimp15(const char *expkey, const size_t expkeylen,
72 int cipher_nid, const char *cipher_key, const size_t cipher_key_len,
73 int mac_nid, const char *mac_key, const size_t mac_key_len,
74 const char *iv, const size_t ivlen,
75 char *shared_key, size_t *shared_len