2 #include <openssl/cmac.h>
3 #include <openssl/conf.h>
4 #include <openssl/err.h>
5 #include <openssl/evp.h>
7 #include "e_gost_err.h"
10 #define min(a,b) (((a) < (b)) ? (a) : (b))
12 typedef struct omac_ctx {
19 #define MAX_GOST_OMAC_SIZE 16
21 static int omac_init(EVP_MD_CTX *ctx, int cipher_nid)
23 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
24 memset(c, 0, sizeof(OMAC_CTX));
25 c->cipher_nid = cipher_nid;
33 case NID_grasshopper_cbc:
41 static int magma_imit_init(EVP_MD_CTX *ctx)
43 return omac_init(ctx, NID_magma_cbc);
46 static int grasshopper_imit_init(EVP_MD_CTX *ctx)
48 return omac_init(ctx, NID_grasshopper_cbc);
51 static int omac_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
53 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
56 GOSTerr(GOST_F_OMAC_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
60 return CMAC_Update(c->cmac_ctx, data, count);
63 int omac_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
65 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
66 unsigned char mac[MAX_GOST_OMAC_SIZE];
67 size_t mac_size = sizeof(mac);
70 GOSTerr(GOST_F_OMAC_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
74 CMAC_Final(c->cmac_ctx, mac, &mac_size);
76 int md_size = EVP_MD_meth_get_result_size(EVP_MD_CTX_md(ctx));
77 memcpy(md, mac, min(md_size, c->dgst_size));
81 int omac_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
83 OMAC_CTX *c_to = EVP_MD_CTX_md_data(to);
84 const OMAC_CTX *c_from = EVP_MD_CTX_md_data(from);
87 c_to->dgst_size = c_from->dgst_size;
88 c_to->cipher_nid = c_from->cipher_nid;
89 c_to->key_set = c_from->key_set;
95 if (!c_from->cmac_ctx) {
97 CMAC_CTX_free(c_to->cmac_ctx);
98 c_to->cmac_ctx = NULL;
102 if (c_to->cmac_ctx == c_from->cmac_ctx)
104 c_to->cmac_ctx = CMAC_CTX_new();
106 return CMAC_CTX_copy(c_to->cmac_ctx, c_from->cmac_ctx);
109 /* Clean up imit ctx */
110 int omac_imit_cleanup(EVP_MD_CTX *ctx)
112 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
116 CMAC_CTX_free(c->cmac_ctx);
117 memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(OMAC_CTX));
122 static int omac_key(OMAC_CTX *c, const EVP_CIPHER *cipher, const unsigned char *key, size_t key_size)
126 c->cmac_ctx = CMAC_CTX_new();
127 if (c->cmac_ctx == NULL)
129 GOSTerr(GOST_F_OMAC_KEY, ERR_R_MALLOC_FAILURE);
133 ret = CMAC_Init(c->cmac_ctx, key, key_size, cipher, NULL);
141 int omac_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
144 case EVP_MD_CTRL_KEY_LEN:
145 *((unsigned int *)(ptr)) = 32;
147 case EVP_MD_CTRL_SET_KEY:
149 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
150 const EVP_MD *md = EVP_MD_CTX_md(ctx);
151 const EVP_CIPHER *cipher = NULL;
153 if (c->cipher_nid == NID_undef)
155 switch (EVP_MD_nid(md))
158 c->cipher_nid = NID_magma_cbc;
161 case NID_grasshopper_mac:
162 c->cipher_nid = NID_grasshopper_cbc;
166 cipher = EVP_get_cipherbynid(c->cipher_nid);
170 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_CIPHER_NOT_FOUND);
173 if (EVP_MD_meth_get_init(EVP_MD_CTX_md(ctx)) (ctx) <= 0) {
174 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_MAC_KEY_NOT_SET);
177 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NO_INIT);
181 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_BAD_ORDER);
186 struct gost_mac_key *key = (struct gost_mac_key *)ptr;
187 return omac_key(c, cipher, key->key, 32);
189 } else if (arg == 32) {
190 return omac_key(c, cipher, ptr, 32);
192 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
195 case EVP_MD_CTRL_MAC_LEN:
197 OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
198 switch (c->cipher_nid)
201 if (arg < 1 || arg > 8) {
202 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
207 case NID_grasshopper_cbc:
208 if (arg < 1 || arg > 16) {
209 GOSTerr(GOST_F_OMAC_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
225 static EVP_MD *_hidden_magma_mac_md = NULL;
227 EVP_MD *magma_omac(void)
229 if (_hidden_magma_mac_md == NULL) {
232 if ((md = EVP_MD_meth_new(NID_magma_mac, NID_undef)) == NULL
233 || !EVP_MD_meth_set_result_size(md, 4)
234 || !EVP_MD_meth_set_input_blocksize(md, 8)
235 || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_CTX))
236 || !EVP_MD_meth_set_flags(md, 0)
237 || !EVP_MD_meth_set_init(md, magma_imit_init)
238 || !EVP_MD_meth_set_update(md, omac_imit_update)
239 || !EVP_MD_meth_set_final(md, omac_imit_final)
240 || !EVP_MD_meth_set_copy(md, omac_imit_copy)
241 || !EVP_MD_meth_set_cleanup(md, omac_imit_cleanup)
242 || !EVP_MD_meth_set_ctrl(md, omac_imit_ctrl)) {
243 EVP_MD_meth_free(md);
246 _hidden_magma_mac_md = md;
248 return _hidden_magma_mac_md;
251 void magma_omac_destroy(void)
253 EVP_MD_meth_free(_hidden_magma_mac_md);
254 _hidden_magma_mac_md = NULL;
257 static EVP_MD *_hidden_grasshopper_mac_md = NULL;
259 EVP_MD *grasshopper_omac(void)
261 if (_hidden_grasshopper_mac_md == NULL) {
264 if ((md = EVP_MD_meth_new(NID_grasshopper_mac, NID_undef)) == NULL
265 || !EVP_MD_meth_set_result_size(md, 8)
266 || !EVP_MD_meth_set_input_blocksize(md, 8)
267 || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_CTX))
268 || !EVP_MD_meth_set_flags(md, 0)
269 || !EVP_MD_meth_set_init(md, grasshopper_imit_init)
270 || !EVP_MD_meth_set_update(md, omac_imit_update)
271 || !EVP_MD_meth_set_final(md, omac_imit_final)
272 || !EVP_MD_meth_set_copy(md, omac_imit_copy)
273 || !EVP_MD_meth_set_cleanup(md, omac_imit_cleanup)
274 || !EVP_MD_meth_set_ctrl(md, omac_imit_ctrl)) {
275 EVP_MD_meth_free(md);
278 _hidden_grasshopper_mac_md = md;
280 return _hidden_grasshopper_mac_md;
283 void grasshopper_omac_destroy(void)
285 EVP_MD_meth_free(_hidden_grasshopper_mac_md);
286 _hidden_grasshopper_mac_md = NULL;
projects / openssl-gost / engine.git / blob