From c719289105537c5df301ccad0e6b7e94b6f7843d Mon Sep 17 00:00:00 2001 From: Nikolay Morozov Date: Mon, 18 May 2020 16:40:43 +0300 Subject: [PATCH] Fix code formating. All tabs replcaded with spaces. One file was 2 tabs fornating. --- gost_ec_keyx.c | 40 +++--- gost_ec_sign.c | 16 +-- gost_eng.c | 16 +-- gost_gost2015.c | 252 +++++++++++++++++++------------------- gost_grasshopper_cipher.c | 174 +++++++++++++------------- gost_grasshopper_core.c | 4 +- gost_pmeth.c | 28 ++--- gosthash2012.c | 40 +++--- test_gost89.c | 2 +- test_keyexpimp.c | 20 +-- 10 files changed, 298 insertions(+), 294 deletions(-) diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 1d13917..ac5b3d2 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -48,11 +48,11 @@ int VKO_compute_key(unsigned char *shared_key, UKM = BN_lebin2bn(ukm, ukm_size, NULL); p = BN_CTX_get(ctx); order = BN_CTX_get(ctx); - cofactor = BN_CTX_get(ctx); + cofactor = BN_CTX_get(ctx); X = BN_CTX_get(ctx); Y = BN_CTX_get(ctx); EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); - EC_GROUP_get_cofactor(EC_KEY_get0_group(priv_key), cofactor, ctx); + EC_GROUP_get_cofactor(EC_KEY_get0_group(priv_key), cofactor, ctx); BN_mod_mul(UKM, UKM, cofactor, order, ctx); BN_mod_mul(p, key, UKM, order, ctx); if (!EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx)) { @@ -61,8 +61,8 @@ int VKO_compute_key(unsigned char *shared_key, } if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key), pnt, X, Y, ctx)) { - GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB); - goto err; + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB); + goto err; } half_len = BN_num_bytes(order); @@ -417,11 +417,11 @@ static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, } if (data->shared_ukm_size == 0) { - if (RAND_bytes(data->shared_ukm, 32) <= 0) { - GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_INTERNAL_ERROR); - goto err; - } - data->shared_ukm_size = 32; + if (RAND_bytes(data->shared_ukm, 32) <= 0) { + GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_INTERNAL_ERROR); + goto err; + } + data->shared_ukm_size = 32; } if (gost_keg(data->shared_ukm, pkey_nid, @@ -471,7 +471,7 @@ static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, err: OPENSSL_cleanse(expkeys, sizeof(expkeys)); if (key_is_ephemeral) - EVP_PKEY_free(sec_key); + EVP_PKEY_free(sec_key); PSKeyTransport_gost_free(pst); OPENSSL_free(exp_buf); @@ -681,16 +681,16 @@ int pkey_gost_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len) { struct gost_pmeth_data *gctx = EVP_PKEY_CTX_get_data(pctx); - switch (gctx->cipher_nid) - { - case NID_id_Gost28147_89: - case NID_undef: /* FIXME */ - return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len); - case NID_kuznyechik_ctr: - case NID_magma_ctr: - return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len); - default: + switch (gctx->cipher_nid) + { + case NID_id_Gost28147_89: + case NID_undef: /* FIXME */ + return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len); + case NID_kuznyechik_ctr: + case NID_magma_ctr: + return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len); + default: GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR); return -1; - } + } } diff --git a/gost_ec_sign.c b/gost_ec_sign.c index df489ae..61d5026 100644 --- a/gost_ec_sign.c +++ b/gost_ec_sign.c @@ -29,14 +29,14 @@ static R3410_ec_params *gost_nid2params(int nid) /* Map tc26-2012 256-bit parameters to cp-2001 parameters */ switch (nid) { - case NID_id_tc26_gost_3410_2012_256_paramSetB: - nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; - break; - case NID_id_tc26_gost_3410_2012_256_paramSetC: - nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; - break; - case NID_id_tc26_gost_3410_2012_256_paramSetD: - nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; + case NID_id_tc26_gost_3410_2012_256_paramSetB: + nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; + break; + case NID_id_tc26_gost_3410_2012_256_paramSetC: + nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; + break; + case NID_id_tc26_gost_3410_2012_256_paramSetD: + nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; } /* Search nid in 2012 paramset */ diff --git a/gost_eng.c b/gost_eng.c index 08fc597..de9e2d5 100644 --- a/gost_eng.c +++ b/gost_eng.c @@ -177,9 +177,9 @@ static int gost_engine_destroy(ENGINE* e) { int i; for (i = 0; i < OSSL_NELEM(gost_digest_array); i++) - GOST_deinit_digest(gost_digest_array[i]); + GOST_deinit_digest(gost_digest_array[i]); for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++) - GOST_deinit_cipher(gost_cipher_array[i]); + GOST_deinit_cipher(gost_cipher_array[i]); gost_param_free(); @@ -262,12 +262,12 @@ static int bind_gost(ENGINE* e, const char* id) { int i; for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++) { - if (!EVP_add_cipher(GOST_init_cipher(gost_cipher_array[i]))) + if (!EVP_add_cipher(GOST_init_cipher(gost_cipher_array[i]))) goto end; } for (i = 0; i < OSSL_NELEM(gost_digest_array); i++) { - if (!EVP_add_digest(GOST_init_digest(gost_digest_array[i]))) + if (!EVP_add_digest(GOST_init_digest(gost_digest_array[i]))) goto end; } @@ -301,8 +301,8 @@ static int gost_digests(ENGINE *e, const EVP_MD **digest, for (i = 0; i < OSSL_NELEM(gost_digest_array); i++) if (nid == gost_digest_array[i]->nid) { - *digest = GOST_init_digest(gost_digest_array[i]); - return 1; + *digest = GOST_init_digest(gost_digest_array[i]); + return 1; } *digest = NULL; return 0; @@ -325,8 +325,8 @@ static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++) if (nid == gost_cipher_array[i]->nid) { - *cipher = GOST_init_cipher(gost_cipher_array[i]); - return 1; + *cipher = GOST_init_cipher(gost_cipher_array[i]); + return 1; } *cipher = NULL; return 0; diff --git a/gost_gost2015.c b/gost_gost2015.c index a473375..de7d04e 100644 --- a/gost_gost2015.c +++ b/gost_gost2015.c @@ -5,35 +5,35 @@ #include int gost2015_final_call(EVP_CIPHER_CTX *ctx, EVP_MD_CTX *omac_ctx, size_t mac_size, - unsigned char *encrypted_mac, - int (*do_cipher) (EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - size_t inl)) + unsigned char *encrypted_mac, + int (*do_cipher) (EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl)) { - unsigned char calculated_mac[KUZNYECHIK_MAC_MAX_SIZE]; - memset(calculated_mac, 0, KUZNYECHIK_MAC_MAX_SIZE); + unsigned char calculated_mac[KUZNYECHIK_MAC_MAX_SIZE]; + memset(calculated_mac, 0, KUZNYECHIK_MAC_MAX_SIZE); - if (EVP_CIPHER_CTX_encrypting(ctx)) { - EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size); + if (EVP_CIPHER_CTX_encrypting(ctx)) { + EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size); - if (do_cipher(ctx, encrypted_mac, calculated_mac, mac_size) <= 0) { - return -1; - } - } else { - unsigned char expected_mac[KUZNYECHIK_MAC_MAX_SIZE]; + if (do_cipher(ctx, encrypted_mac, calculated_mac, mac_size) <= 0) { + return -1; + } + } else { + unsigned char expected_mac[KUZNYECHIK_MAC_MAX_SIZE]; - memset(expected_mac, 0, KUZNYECHIK_MAC_MAX_SIZE); - EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size); + memset(expected_mac, 0, KUZNYECHIK_MAC_MAX_SIZE); + EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size); - if (do_cipher(ctx, expected_mac, encrypted_mac, mac_size) <= 0) { - return -1; - } + if (do_cipher(ctx, expected_mac, encrypted_mac, mac_size) <= 0) { + return -1; + } - if (CRYPTO_memcmp(expected_mac, calculated_mac, mac_size) != 0) - return -1; - } - return 0; + if (CRYPTO_memcmp(expected_mac, calculated_mac, mac_size) != 0) + return -1; + } + return 0; } /* @@ -42,152 +42,156 @@ int gost2015_final_call(EVP_CIPHER_CTX *ctx, EVP_MD_CTX *omac_ctx, size_t mac_si #define MAX_GOST2015_UKM_SIZE 16 #define KDF_SEED_SIZE 8 int gost2015_get_asn1_params(const ASN1_TYPE *params, size_t ukm_size, - unsigned char *iv, size_t ukm_offset, unsigned char *kdf_seed) + unsigned char *iv, size_t ukm_offset, unsigned char *kdf_seed) { - int iv_len = 16; - GOST2015_CIPHER_PARAMS *gcp = NULL; + int iv_len = 16; + GOST2015_CIPHER_PARAMS *gcp = NULL; - unsigned char *p = NULL; + unsigned char *p = NULL; - memset(iv, 0, iv_len); + memset(iv, 0, iv_len); - /* Проверяем тип params */ - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { - GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - return 0; - } + /* Проверяем тип params */ + if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { + GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); + return 0; + } - p = params->value.sequence->data; - /* Извлекаем структуру параметров */ - gcp = d2i_GOST2015_CIPHER_PARAMS(NULL, (const unsigned char **)&p, params->value.sequence->length); - if (gcp == NULL) { - GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - return 0; - } + p = params->value.sequence->data; + /* Извлекаем структуру параметров */ + gcp = d2i_GOST2015_CIPHER_PARAMS(NULL, (const unsigned char **)&p, params->value.sequence->length); + if (gcp == NULL) { + GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); + return 0; + } - /* Проверяем длину синхропосылки */ - if (gcp->ukm->length != (int)ukm_size) { - GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - GOST2015_CIPHER_PARAMS_free(gcp); - return 0; - } + /* Проверяем длину синхропосылки */ + if (gcp->ukm->length != (int)ukm_size) { + GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); + GOST2015_CIPHER_PARAMS_free(gcp); + return 0; + } - memcpy(iv, gcp->ukm->data, ukm_offset); - memcpy(kdf_seed, gcp->ukm->data+ukm_offset, KDF_SEED_SIZE); + memcpy(iv, gcp->ukm->data, ukm_offset); + memcpy(kdf_seed, gcp->ukm->data+ukm_offset, KDF_SEED_SIZE); - GOST2015_CIPHER_PARAMS_free(gcp); - return 1; + GOST2015_CIPHER_PARAMS_free(gcp); + return 1; } int gost2015_set_asn1_params(ASN1_TYPE *params, - const unsigned char *iv, size_t iv_size, const unsigned char *kdf_seed) + const unsigned char *iv, size_t iv_size, const unsigned char *kdf_seed) { - GOST2015_CIPHER_PARAMS *gcp = GOST2015_CIPHER_PARAMS_new(); - int ret = 0, len = 0; + GOST2015_CIPHER_PARAMS *gcp = GOST2015_CIPHER_PARAMS_new(); + int ret = 0, len = 0; - ASN1_OCTET_STRING *os = NULL; - unsigned char ukm_buf[MAX_GOST2015_UKM_SIZE]; - unsigned char *buf = NULL; + ASN1_OCTET_STRING *os = NULL; + unsigned char ukm_buf[MAX_GOST2015_UKM_SIZE]; + unsigned char *buf = NULL; - if (gcp == NULL) { - GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE); - return 0; - } + if (gcp == NULL) { + GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE); + return 0; + } - memcpy(ukm_buf, iv, iv_size); - memcpy(ukm_buf+iv_size, kdf_seed, KDF_SEED_SIZE); + memcpy(ukm_buf, iv, iv_size); + memcpy(ukm_buf+iv_size, kdf_seed, KDF_SEED_SIZE); - if (ASN1_STRING_set(gcp->ukm, ukm_buf, iv_size + KDF_SEED_SIZE) == 0) { - GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE); - goto end; - } + if (ASN1_STRING_set(gcp->ukm, ukm_buf, iv_size + KDF_SEED_SIZE) == 0) { + GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE); + goto end; + } - len = i2d_GOST2015_CIPHER_PARAMS(gcp, &buf); + len = i2d_GOST2015_CIPHER_PARAMS(gcp, &buf); - if (len <= 0 - || (os = ASN1_OCTET_STRING_new()) == NULL - || ASN1_OCTET_STRING_set(os, buf, len) == 0) { - goto end; + if (len <= 0 + || (os = ASN1_OCTET_STRING_new()) == NULL + || ASN1_OCTET_STRING_set(os, buf, len) == 0) { + goto end; } - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - ret = 1; + ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); + ret = 1; end: - OPENSSL_free(buf); - if (ret <= 0 && os) - ASN1_OCTET_STRING_free(os); + OPENSSL_free(buf); + if (ret <= 0 && os) + ASN1_OCTET_STRING_free(os); - GOST2015_CIPHER_PARAMS_free(gcp); - return ret; + GOST2015_CIPHER_PARAMS_free(gcp); + return ret; } -int gost2015_process_unprotected_attributes(STACK_OF(X509_ATTRIBUTE) *attrs, - int encryption, size_t mac_len, unsigned char *final_tag) +int gost2015_process_unprotected_attributes( + STACK_OF(X509_ATTRIBUTE) *attrs, + int encryption, size_t mac_len, unsigned char *final_tag) { - if (encryption == 0) /*Decrypting*/ { - ASN1_OCTET_STRING *osExpectedMac = X509at_get0_data_by_OBJ(attrs, - OBJ_txt2obj(OID_GOST_CMS_MAC, 1), -3, V_ASN1_OCTET_STRING); - - if (!osExpectedMac || osExpectedMac->length != (int)mac_len) - return -1; - - memcpy(final_tag, osExpectedMac->data, osExpectedMac->length); - } else { - if (attrs == NULL) - return -1; - return (X509at_add1_attr_by_OBJ(&attrs, OBJ_txt2obj(OID_GOST_CMS_MAC, 1), - V_ASN1_OCTET_STRING, final_tag, mac_len) == NULL) ? -1 : 1; - } - return 1; + if (encryption == 0) /*Decrypting*/ { + ASN1_OCTET_STRING *osExpectedMac = X509at_get0_data_by_OBJ(attrs, + OBJ_txt2obj(OID_GOST_CMS_MAC, 1), -3, V_ASN1_OCTET_STRING); + + if (!osExpectedMac || osExpectedMac->length != (int)mac_len) + return -1; + + memcpy(final_tag, osExpectedMac->data, osExpectedMac->length); + } else { + if (attrs == NULL) + return -1; + return (X509at_add1_attr_by_OBJ(&attrs, + OBJ_txt2obj(OID_GOST_CMS_MAC, 1), + V_ASN1_OCTET_STRING, final_tag, + mac_len) == NULL) ? -1 : 1; + } + return 1; } int gost2015_acpkm_omac_init(int nid, int enc, const unsigned char *inkey, EVP_MD_CTX *omac_ctx, unsigned char *outkey, unsigned char *kdf_seed) { - int ret = 0; - unsigned char keys[64]; - const EVP_MD *md = EVP_get_digestbynid(nid); - EVP_PKEY *mac_key; + int ret = 0; + unsigned char keys[64]; + const EVP_MD *md = EVP_get_digestbynid(nid); + EVP_PKEY *mac_key; - if (md == NULL) - return 0; + if (md == NULL) + return 0; - if (enc) { - if (RAND_bytes(kdf_seed, 8) != 1) - return 0; - } + if (enc) { + if (RAND_bytes(kdf_seed, 8) != 1) + return 0; + } - if (gost_kdftree2012_256(keys, 64, inkey, 32, (const unsigned char *)"kdf tree", 8, kdf_seed, 8, 1) <= 0) - return 0; + if (gost_kdftree2012_256(keys, 64, inkey, 32, + (const unsigned char *)"kdf tree", 8, kdf_seed, 8, 1) <= 0) + return 0; - mac_key = EVP_PKEY_new_mac_key(nid, NULL, keys+32, 32); + mac_key = EVP_PKEY_new_mac_key(nid, NULL, keys+32, 32); - if (mac_key == NULL) - goto end; + if (mac_key == NULL) + goto end; - if (EVP_DigestInit_ex(omac_ctx, md, NULL) <= 0 || - EVP_DigestSignInit(omac_ctx, NULL, md, NULL, mac_key) <= 0) - goto end; + if (EVP_DigestInit_ex(omac_ctx, md, NULL) <= 0 || + EVP_DigestSignInit(omac_ctx, NULL, md, NULL, mac_key) <= 0) + goto end; - memcpy(outkey, keys, 32); + memcpy(outkey, keys, 32); - ret = 1; + ret = 1; end: - EVP_PKEY_free(mac_key); - OPENSSL_cleanse(keys, sizeof(keys)); + EVP_PKEY_free(mac_key); + OPENSSL_cleanse(keys, sizeof(keys)); - return ret; + return ret; } int init_zero_kdf_seed(unsigned char *kdf_seed) { - int is_zero_kdfseed = 1, i; - for (i = 0; i < 8; i++) { - if (kdf_seed[i] != 0) - is_zero_kdfseed = 0; - } + int is_zero_kdfseed = 1, i; + for (i = 0; i < 8; i++) { + if (kdf_seed[i] != 0) + is_zero_kdfseed = 0; + } - return is_zero_kdfseed ? RAND_bytes(kdf_seed, 8) : 1; + return is_zero_kdfseed ? RAND_bytes(kdf_seed, 8) : 1; } diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index 7b5330b..7734736 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -315,33 +315,33 @@ gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX char *key, const unsigned char *iv, int enc) { - gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); + gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); - /* NB: setting type makes EVP do_cipher callback useless */ - c->c.type = GRASSHOPPER_CIPHER_CTRACPKMOMAC; - EVP_CIPHER_CTX_set_num(ctx, 0); - c->section_size = 4096; + /* NB: setting type makes EVP do_cipher callback useless */ + c->c.type = GRASSHOPPER_CIPHER_CTRACPKMOMAC; + EVP_CIPHER_CTX_set_num(ctx, 0); + c->section_size = 4096; - if (key) { - unsigned char cipher_key[32]; - c->omac_ctx = EVP_MD_CTX_new(); + if (key) { + unsigned char cipher_key[32]; + c->omac_ctx = EVP_MD_CTX_new(); - if (c->omac_ctx == NULL) { - GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_INIT_CTRACPKM_OMAC, ERR_R_MALLOC_FAILURE); - return 0; - } + if (c->omac_ctx == NULL) { + GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_INIT_CTRACPKM_OMAC, ERR_R_MALLOC_FAILURE); + return 0; + } - if (gost2015_acpkm_omac_init(NID_kuznyechik_mac, enc, key, - c->omac_ctx, cipher_key, c->kdf_seed) != 1) { - EVP_MD_CTX_free(c->omac_ctx); - c->omac_ctx = NULL; - return 0; - } + if (gost2015_acpkm_omac_init(NID_kuznyechik_mac, enc, key, + c->omac_ctx, cipher_key, c->kdf_seed) != 1) { + EVP_MD_CTX_free(c->omac_ctx); + c->omac_ctx = NULL; + return 0; + } - return gost_grasshopper_cipher_init(ctx, cipher_key, iv, enc); - } + return gost_grasshopper_cipher_init(ctx, cipher_key, iv, enc); + } - return gost_grasshopper_cipher_init(ctx, key, iv, enc); + return gost_grasshopper_cipher_init(ctx, key, iv, enc); } static int gost_grasshopper_cipher_do_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, @@ -473,7 +473,7 @@ static int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX *ctx, unsigned char *ou ctr128_inc(iv_buffer->b); current_in += GRASSHOPPER_BLOCK_SIZE; current_out += GRASSHOPPER_BLOCK_SIZE; - lasted -= GRASSHOPPER_BLOCK_SIZE; + lasted -= GRASSHOPPER_BLOCK_SIZE; } if (lasted > 0) { @@ -536,7 +536,7 @@ static int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX *ctx, in += GRASSHOPPER_BLOCK_SIZE; out += GRASSHOPPER_BLOCK_SIZE; num += GRASSHOPPER_BLOCK_SIZE; - lasted -= GRASSHOPPER_BLOCK_SIZE; + lasted -= GRASSHOPPER_BLOCK_SIZE; } // last part @@ -560,27 +560,27 @@ static int gost_grasshopper_cipher_do_ctracpkm_omac(EVP_CIPHER_CTX *ctx, const unsigned char *in, size_t inl) { - int result; - gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); - /* As in and out can be the same pointer, process unencrypted here */ - if (EVP_CIPHER_CTX_encrypting(ctx)) - EVP_DigestSignUpdate(c->omac_ctx, in, inl); - - if (in == NULL && inl == 0) { /* Final call */ - return gost2015_final_call(ctx, c->omac_ctx, KUZNYECHIK_MAC_MAX_SIZE, c->tag, gost_grasshopper_cipher_do_ctracpkm); - } - - if (in == NULL) { - GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_DO_CTRACPKM_OMAC, ERR_R_EVP_LIB); - return -1; - } - result = gost_grasshopper_cipher_do_ctracpkm(ctx, out, in, inl); - - /* As in and out can be the same pointer, process decrypted here */ - if (!EVP_CIPHER_CTX_encrypting(ctx)) - EVP_DigestSignUpdate(c->omac_ctx, out, inl); - - return result; + int result; + gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); + /* As in and out can be the same pointer, process unencrypted here */ + if (EVP_CIPHER_CTX_encrypting(ctx)) + EVP_DigestSignUpdate(c->omac_ctx, in, inl); + + if (in == NULL && inl == 0) { /* Final call */ + return gost2015_final_call(ctx, c->omac_ctx, KUZNYECHIK_MAC_MAX_SIZE, c->tag, gost_grasshopper_cipher_do_ctracpkm); + } + + if (in == NULL) { + GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_DO_CTRACPKM_OMAC, ERR_R_EVP_LIB); + return -1; + } + result = gost_grasshopper_cipher_do_ctracpkm(ctx, out, in, inl); + + /* As in and out can be the same pointer, process decrypted here */ + if (!EVP_CIPHER_CTX_encrypting(ctx)) + EVP_DigestSignUpdate(c->omac_ctx, out, inl); + + return result; } /* * Fixed 128-bit IV implementation make shift regiser redundant. @@ -764,39 +764,39 @@ static int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX *ctx) static int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) { - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { - gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { + gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); - /* CMS implies 256kb section_size */ - ctr->section_size = 256*1024; + /* CMS implies 256kb section_size */ + ctr->section_size = 256*1024; - return gost2015_set_asn1_params(params, EVP_CIPHER_CTX_original_iv(ctx), 8, - ctr->kdf_seed); - } - return 0; + return gost2015_set_asn1_params(params, + EVP_CIPHER_CTX_original_iv(ctx), 8, ctr->kdf_seed); + } + return 0; } static GRASSHOPPER_INLINE int gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) { - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { - gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); + if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) { + gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx); - int iv_len = 16; - unsigned char iv[16]; + int iv_len = 16; + unsigned char iv[16]; - if (gost2015_get_asn1_params(params, 16, iv, 8, ctr->kdf_seed) == 0) { - return 0; - } + if (gost2015_get_asn1_params(params, 16, iv, 8, ctr->kdf_seed) == 0) { + return 0; + } - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, iv_len); - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, iv_len); + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, iv_len); + memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, iv_len); - /* CMS implies 256kb section_size */ - ctr->section_size = 256*1024; - return 1; - } - return 0; + /* CMS implies 256kb section_size */ + ctr->section_size = 256*1024; + return 1; + } + return 0; } static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) @@ -814,9 +814,9 @@ static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, v gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); if ((c->c.type != GRASSHOPPER_CIPHER_CTRACPKM && - c->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC) - || (arg == 0) - || (arg % GRASSHOPPER_BLOCK_SIZE)) + c->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC) + || (arg == 0) + || (arg % GRASSHOPPER_BLOCK_SIZE)) return -1; c->section_size = arg; break; @@ -900,7 +900,7 @@ static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, v return 1; } #endif - case EVP_CTRL_PROCESS_UNPROTECTED: + case EVP_CTRL_PROCESS_UNPROTECTED: { STACK_OF(X509_ATTRIBUTE) *x = ptr; gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx); @@ -912,23 +912,23 @@ static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, v } return 1; case EVP_CTRL_COPY: { - EVP_CIPHER_CTX *out = ptr; - - gost_grasshopper_cipher_ctx_ctr *out_cctx = EVP_CIPHER_CTX_get_cipher_data(out); - gost_grasshopper_cipher_ctx_ctr *in_cctx = EVP_CIPHER_CTX_get_cipher_data(ctx); - - if (in_cctx->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC) - return -1; - - if (in_cctx->omac_ctx == out_cctx->omac_ctx) { - out_cctx->omac_ctx = EVP_MD_CTX_new(); - if (out_cctx->omac_ctx == NULL) { - GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, ERR_R_MALLOC_FAILURE); - return -1; - } - } - return EVP_MD_CTX_copy(out_cctx->omac_ctx, in_cctx->omac_ctx); - } + EVP_CIPHER_CTX *out = ptr; + + gost_grasshopper_cipher_ctx_ctr *out_cctx = EVP_CIPHER_CTX_get_cipher_data(out); + gost_grasshopper_cipher_ctx_ctr *in_cctx = EVP_CIPHER_CTX_get_cipher_data(ctx); + + if (in_cctx->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC) + return -1; + + if (in_cctx->omac_ctx == out_cctx->omac_ctx) { + out_cctx->omac_ctx = EVP_MD_CTX_new(); + if (out_cctx->omac_ctx == NULL) { + GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, ERR_R_MALLOC_FAILURE); + return -1; + } + } + return EVP_MD_CTX_copy(out_cctx->omac_ctx, in_cctx->omac_ctx); + } default: GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND); diff --git a/gost_grasshopper_core.c b/gost_grasshopper_core.c index 2b14640..19c6567 100644 --- a/gost_grasshopper_core.c +++ b/gost_grasshopper_core.c @@ -101,7 +101,7 @@ void grasshopper_set_decrypt_key(grasshopper_round_keys_t* subkeys, const grassh void grasshopper_encrypt_block(grasshopper_round_keys_t* subkeys, grasshopper_w128_t* source, grasshopper_w128_t* target, grasshopper_w128_t* buffer) { - int i; + int i; grasshopper_copy128(target, source); for (i = 0; i < 9; i++) { @@ -114,7 +114,7 @@ void grasshopper_encrypt_block(grasshopper_round_keys_t* subkeys, grasshopper_w1 void grasshopper_decrypt_block(grasshopper_round_keys_t* subkeys, grasshopper_w128_t* source, grasshopper_w128_t* target, grasshopper_w128_t* buffer) { - int i; + int i; grasshopper_copy128(target, source); grasshopper_append128multi(buffer, target, grasshopper_l_dec128); diff --git a/gost_pmeth.c b/gost_pmeth.c index f4a830d..af92fbf 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -499,7 +499,7 @@ ECDSA_SIG *unpack_cp_signature(const unsigned char *sigbuf, size_t siglen) } s = BN_bin2bn(sigbuf, siglen / 2, NULL); r = BN_bin2bn(sigbuf + siglen / 2, siglen / 2, NULL); - ECDSA_SIG_set0(sig, r, s); + ECDSA_SIG_set0(sig, r, s); return sig; } @@ -587,12 +587,12 @@ static int pkey_gost_omac_init(EVP_PKEY_CTX *ctx, size_t mac_size) static int pkey_gost_magma_mac_init(EVP_PKEY_CTX *ctx) { - return pkey_gost_omac_init(ctx, 8); + return pkey_gost_omac_init(ctx, 8); } static int pkey_gost_grasshopper_mac_init(EVP_PKEY_CTX *ctx) { - return pkey_gost_omac_init(ctx, 16); + return pkey_gost_omac_init(ctx, 16); } static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx) @@ -741,7 +741,7 @@ static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, } param = get_encryption_params(obj); - ASN1_OBJECT_free(obj); + ASN1_OBJECT_free(obj); if (param == NULL) { GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS); return 0; @@ -831,12 +831,12 @@ static int pkey_gost_omac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2, si static int pkey_gost_magma_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { - return pkey_gost_omac_ctrl(ctx, type, p1, p2, 8); + return pkey_gost_omac_ctrl(ctx, type, p1, p2, 8); } static int pkey_gost_grasshopper_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { - return pkey_gost_omac_ctrl(ctx, type, p1, p2, 16); + return pkey_gost_omac_ctrl(ctx, type, p1, p2, 16); } static int pkey_gost_omac_ctrl_str(EVP_PKEY_CTX *ctx, @@ -881,13 +881,13 @@ static int pkey_gost_omac_ctrl_str(EVP_PKEY_CTX *ctx, static int pkey_gost_magma_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) { - return pkey_gost_omac_ctrl_str(ctx, type, value, 8); + return pkey_gost_omac_ctrl_str(ctx, type, value, 8); } static int pkey_gost_grasshopper_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) { - return pkey_gost_omac_ctrl_str(ctx, type, value, 8); + return pkey_gost_omac_ctrl_str(ctx, type, value, 8); } static int pkey_gost_mac_keygen_base(EVP_PKEY_CTX *ctx, @@ -1036,8 +1036,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) pkey_gost_derive_init, pkey_gost_ec_derive); EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, pkey_gost2001_paramgen); - EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); - EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); break; case NID_id_GostR3410_2012_256: EVP_PKEY_meth_set_ctrl(*pmeth, @@ -1056,8 +1056,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, pkey_gost2012_paramgen); - EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); - EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); break; case NID_id_GostR3410_2012_512: EVP_PKEY_meth_set_ctrl(*pmeth, @@ -1076,8 +1076,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, pkey_gost2012_paramgen); - EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); - EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check); + EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check); break; case NID_id_Gost28147_89_MAC: EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, diff --git a/gosthash2012.c b/gosthash2012.c index 9548bfb..be1923c 100644 --- a/gosthash2012.c +++ b/gosthash2012.c @@ -69,28 +69,28 @@ static INLINE void add512(union uint512_u * RESTRICT x, # ifdef HAVE_ADDCARRY_U64 for (i = 0; i < 8; i++) - CF = _addcarry_u64(CF, x->QWORD[i] , y->QWORD[i], &(x->QWORD[i])); + CF = _addcarry_u64(CF, x->QWORD[i] , y->QWORD[i], &(x->QWORD[i])); # else for (i = 0; i < 8; i++) { - const unsigned long long left = x->QWORD[i]; - unsigned long long sum; - - sum = left + y->QWORD[i] + CF; - /* - * (sum == left): is noop, because it's possible only - * when `left' is added with `0 + 0' or with `ULLONG_MAX + 1', - * in that case `CF' (carry) retain previous value, which is correct, - * because when `left + 0 + 0' there was no overflow (thus no carry), - * and when `left + ULLONG_MAX + 1' value is wrapped back to - * itself with overflow, thus creating carry. - * - * (sum != left): - * if `sum' is not wrapped (sum > left) there should not be carry, - * if `sum' is wrapped (sum < left) there should be carry. - */ - if (sum != left) - CF = (sum < left); - x->QWORD[i] = sum; + const unsigned long long left = x->QWORD[i]; + unsigned long long sum; + + sum = left + y->QWORD[i] + CF; + /* + * (sum == left): is noop, because it's possible only + * when `left' is added with `0 + 0' or with `ULLONG_MAX + 1', + * in that case `CF' (carry) retain previous value, which is correct, + * because when `left + 0 + 0' there was no overflow (thus no carry), + * and when `left + ULLONG_MAX + 1' value is wrapped back to + * itself with overflow, thus creating carry. + * + * (sum != left): + * if `sum' is not wrapped (sum > left) there should not be carry, + * if `sum' is wrapped (sum < left) there should be carry. + */ + if (sum != left) + CF = (sum < left); + x->QWORD[i] = sum; } # endif /* !__x86_64__ */ #else /* __GOST3411_BIG_ENDIAN__ */ diff --git a/test_gost89.c b/test_gost89.c index cdba842..d7f0c96 100644 --- a/test_gost89.c +++ b/test_gost89.c @@ -58,7 +58,7 @@ int main(void) if (memcmp(meshed_key, buf, 32)) { fprintf(stderr, "Magma meshing failed"); - ret = 1; + ret = 1; } acpkm_magma_key_meshing(&ctx); diff --git a/test_keyexpimp.c b/test_keyexpimp.c index de7b1fa..9a84516 100644 --- a/test_keyexpimp.c +++ b/test_keyexpimp.c @@ -10,8 +10,8 @@ #include "gost_grasshopper_cipher.h" #define T(e) if (!(e)) {\ - ERR_print_errors_fp(stderr);\ - OpenSSLDie(__FILE__, __LINE__, #e);\ + ERR_print_errors_fp(stderr);\ + OpenSSLDie(__FILE__, __LINE__, #e);\ } static void hexdump(FILE *f, const char *title, const unsigned char *s, int l) @@ -118,12 +118,12 @@ int main(void) if (ret <= 0) { ERR_print_errors_fp(stderr); - err = 1; + err = 1; } else { hexdump(stdout, "Magma key export", buf, 40); if (memcmp(buf, magma_export, 40) != 0) { fprintf(stdout, "ERROR! test failed\n"); - err = 2; + err = 2; } } @@ -133,12 +133,12 @@ int main(void) if (ret <= 0) { ERR_print_errors_fp(stderr); - err = 3; + err = 3; } else { hexdump(stdout, "Magma key import", buf, 32); if (memcmp(buf, shared_key, 32) != 0) { fprintf(stdout, "ERROR! test failed\n"); - err = 4; + err = 4; } } @@ -146,24 +146,24 @@ int main(void) kdf_seed, 8, 1); if (ret <= 0) { ERR_print_errors_fp(stderr); - err = 5; + err = 5; } else { hexdump(stdout, "KDF TREE", kdf_result, 64); if (memcmp(kdf_result, kdf_etalon, 64) != 0) { fprintf(stdout, "ERROR! test failed\n"); - err = 6; + err = 6; } } ret = gost_tlstree(NID_grasshopper_cbc, kroot, out, tlsseq); if (ret <= 0) { ERR_print_errors_fp(stderr); - err = 7; + err = 7; } else { hexdump(stdout, "Gost TLSTREE - grasshopper", out, 32); if (memcmp(out, tlstree_gh_etalon, 32) != 0) { fprintf(stdout, "ERROR! test failed\n"); - err = 8; + err = 8; } } -- 2.39.2