Gost MAC paramset

author Dmitry Belyavskiy <beldmit@gmail.com>

Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)

committer Dmitry Belyavskiy <beldmit@gmail.com>

Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)
author Dmitry Belyavskiy <beldmit@gmail.com>
Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)
committer Dmitry Belyavskiy <beldmit@gmail.com>
Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)
diff --git a/gost_crypt.c b/gost_crypt.c

index 3523b3873fa796d95854d98c6e8f8a19645a0e37..66e769d355a747fc6ea88f6423bdeda80084aa0d 100644 (file)
--- a/gost_crypt.c
+++ b/gost_crypt.c
@@ -766,24 +766,46 @@ int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
          return 1;
      case EVP_MD_CTRL_SET_KEY:
          {
-            if (arg != 32) {
-                GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
-                return 0;
+                                   struct ossl_gost_imit_ctx *gost_imit_ctx = ctx->md_data;
+
+                                   if (ctx->digest->init(ctx) <= 0) {
+                                       GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_MAC_KEY_NOT_SET);
+                                       return 0;
+                                   }
+                                         ctx->flags |= EVP_MD_CTX_FLAG_NO_INIT;
+
+            if (arg == 0) {
+                                                   struct gost_mac_key *key = (struct gost_mac_key*) ptr;
+                                                               if (key->mac_param_nid != NID_undef) {
+                                                                       const struct gost_cipher_info *param = get_encryption_params(OBJ_nid2obj(key->mac_param_nid));
+                                                                       if (param == NULL)
+                                                                       {
+                    GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_PARAMS);
+                    return 0;
+                                                                       }
+                                                                       gost_init(&(gost_imit_ctx->cctx), param->sblock);
+                                                               }
+                                                               gost_key(&(gost_imit_ctx->cctx), key->key);
+                gost_imit_ctx->key_set = 1;
+
+                                                               return 1;
              }
-
-            gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
-                     ptr);
-            ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
+                                               else if (arg == 32)
+                                               {
+            gost_key(&(gost_imit_ctx->cctx), ptr);
+            gost_imit_ctx->key_set = 1;
              return 1;
-
+                                               }
+            GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
+            return 0;
          }
      case EVP_MD_CTRL_MAC_LEN:
          {
+            struct ossl_gost_imit_ctx *c = ctx->md_data;
              if (arg < 1 || arg > 8) {
                  GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
                  return 0;
              }
-            struct ossl_gost_imit_ctx *c = ctx->md_data;
              c->dgst_size=arg;
              return 1;
          }
diff --git a/gost_lcl.h b/gost_lcl.h

index b89c453f4ae94303d47b84cd1c9e9582def06ed5..376e39cc08b856822357816e01dd2387fb935567 100644 (file)
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -72,10 +72,16 @@ struct gost_pmeth_data {
  
  struct gost_mac_pmeth_data {
      short int key_set;
-       short int mac_size;
+       short int mac_size;
+               int mac_param_nid;
      EVP_MD *md;
      unsigned char key[32];
  };
+
+struct gost_mac_key {
+    int mac_param_nid;
+    unsigned char key[32];
+};
  /* GOST-specific ASN1 structures */
  
  typedef struct {
diff --git a/gost_pmeth.c b/gost_pmeth.c

index 896dabb1a1146155ed88500b86db77ce63f636ff..f07c4daadff710c964b091223399b60ebce86377 100644 (file)
--- a/gost_pmeth.c
+++ b/gost_pmeth.c
@@ -466,11 +466,21 @@ static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
  static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
  {
      struct gost_mac_pmeth_data *data = OPENSSL_malloc(sizeof(*data));
+               EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
  
      if (!data)
          return 0;
      memset(data, 0, sizeof(*data));
-       data->mac_size = 4;
+               data->mac_size = 4;
+               data->mac_param_nid = NID_undef;
+
+               if (pkey) {
+                       struct gost_mac_key *key = EVP_PKEY_get0(pkey);
+                       if (key) {
+                               data->mac_param_nid = key->mac_param_nid;
+      } 
+               }
+
      EVP_PKEY_CTX_set_data(ctx, data);
      return 1;
  }
@@ -532,10 +542,24 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
          memcpy(data->key, p2, 32);
          data->key_set = 1;
          return 1;
+    case EVP_PKEY_CTRL_GOST_PARAMSET:
+                 {
+                               struct gost_cipher_info *param = p2;
+                               data->mac_param_nid = param->nid;
+                               struct gost_mac_key *key = NULL;
+        EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+        if (pkey) {
+               key = EVP_PKEY_get0(pkey);
+                                       if (key) {
+                                               key->mac_param_nid = param->nid;
+                                       }
+        } 
+         return 1;
+                       }
      case EVP_PKEY_CTRL_DIGESTINIT:
          {
              EVP_MD_CTX *mctx = p2;
-            void *key;
+            struct gost_mac_key *key;
              if (!data->key_set) {
                  EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
                  if (!pkey) {
@@ -549,8 +573,9 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                              GOST_R_MAC_KEY_NOT_SET);
                      return 0;
                  }
+                return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 0, key);
              } else {
-                key = &(data->key);
+                return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, &(data->key));
              }
              return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
          }
@@ -606,6 +631,23 @@ static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
                 }
                 return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_MAC_LEN,size,NULL);
         }
+       if (strcmp(type, param_ctrl_string) == 0)
+               {
+                       ASN1_OBJECT *obj  = OBJ_txt2obj(value, 0);
+                       const struct gost_cipher_info *param = NULL;
+                       if (obj == NULL) {
+                               GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS);
+                               return 0;
+                       }
+
+                       param = get_encryption_params(obj);
+                       if (param == NULL) {
+                               GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS);
+                               return 0;
+                       }
+
+                       return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, 0, (void *)param);
+               }
      return -2;
  }
  
@@ -613,15 +655,16 @@ static int pkey_gost_mac_keygen_base(EVP_PKEY_CTX *ctx,
                                       EVP_PKEY *pkey, int mac_nid)
  {
      struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-    unsigned char *keydata;
+    struct gost_mac_key *keydata;
      if (!data || !data->key_set) {
          GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
          return 0;
      }
-    keydata = OPENSSL_malloc(32);
+    keydata = OPENSSL_malloc(sizeof(struct gost_mac_key));
      if (keydata == NULL)
          return 0;
-    memcpy(keydata, data->key, 32);
+    memcpy(keydata->key, data->key, 32);
+               keydata->mac_param_nid = data->mac_param_nid;
      EVP_PKEY_assign(pkey, mac_nid, keydata);
      return 1;
  }
author	Dmitry Belyavskiy <beldmit@gmail.com>
	Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)
committer	Dmitry Belyavskiy <beldmit@gmail.com>
	Sat, 2 Jan 2016 19:58:56 +0000 (22:58 +0300)
gost_crypt.c		patch \| blob \| history
gost_lcl.h		patch \| blob \| history
gost_pmeth.c		patch \| blob \| history