void enc_gost(char *set_hash,char *in,char *out,int n_blocks){
gost_ctx *c=(gost_ctx *)malloc(sizeof(gost_ctx));
gost_subst_block *b=NULL;
gost_init(c,b);
gost_key(c,(byte *)set_hash);
gost_enc(c,(byte *)in,(byte *)out,n_blocks);
free(c);}
void dec_gost(char *set_hash,char *in,char **out,int n_blocks){
gost_ctx *c=(gost_ctx *)malloc(sizeof(gost_ctx));
gost_subst_block *b=NULL;
gost_init(c,b);
gost_key(c,(byte *)set_hash);
*out=NULL;
*out=(char *)malloc(n_blocks*8);
gost_dec(c,(byte *)in,(byte *) *out,n_blocks);
}
int keyWrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey, const unsigned char *ukm,
const unsigned char *sessionKey, unsigned char *wrappedKey)
{
unsigned char kek_ukm[32];
keyDiversifyCryptoPro(ctx,keyExchangeKey,ukm,kek_ukm);
gost_key(ctx,kek_ukm);
memcpy(wrappedKey,ukm,8);
gost_enc(ctx,sessionKey,wrappedKey+8,4);
gost_mac_iv(ctx,32,ukm,sessionKey,32,wrappedKey+40);
return 1;
}
static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
c->key_meshing=1;
c->count=0;
if(key) gost_key(&(c->cctx),key);
if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
return 1;
}
/* Initializes EVP_CIPHER_CTX by paramset NID */
static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc, int paramNID,int mode)
{
struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
if (ctx->app_data == NULL)
{
if (!gost_cipher_set_param(c,paramNID)) return 0;
ctx->app_data = ctx->cipher_data;
}
if (key) gost_key(&(c->cctx),key);
if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
return 1;
}
int keyUnwrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey,
const unsigned char *wrappedKey, unsigned char *sessionKey)
{
unsigned char kek_ukm[32],cek_mac[4];
keyDiversifyCryptoPro(ctx,keyExchangeKey,wrappedKey
/* First 8 bytes of wrapped Key is ukm */
,kek_ukm);
gost_key(ctx,kek_ukm);
gost_dec(ctx,wrappedKey+8,sessionKey,4);
gost_mac_iv(ctx,32,wrappedKey,sessionKey,32,cek_mac);
if (memcmp(cek_mac,wrappedKey+40,4))
{
return 0;
}
return 1;
}
static int dstu_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
gost_subst_block sbox;
gost_ctx *gctx = ctx->cipher_data;
unpack_sbox(default_sbox, &sbox);
gost_init(gctx, &sbox);
if (key)
gost_key(gctx, key);
if (iv) {
memcpy(ctx->oiv, iv, DSTU_CIPHER_BLOCK_SIZE);
memcpy(ctx->iv, iv, DSTU_CIPHER_BLOCK_SIZE);
gostcrypt(gctx, ctx->iv, ctx->buf);
ctx->num = 0;
}
return 1;
}
int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int arg, void *ptr)
{
switch (type)
{
case EVP_MD_CTRL_KEY_LEN:
*((unsigned int*)(ptr)) = 32;
return 1;
case EVP_MD_CTRL_SET_KEY:
{
if (arg!=32) {
GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
return 0;
}
gost_key(&(((struct ossl_gost_imit_ctx*)(ctx->md_data))->cctx),ptr) ;
((struct ossl_gost_imit_ctx*)(ctx->md_data))->key_set = 1;
return 1;
}
default:
return 0;
}
}
/* Diversifies key using random UserKey Material
* Implements RFC 4357 p 6.5 key diversification algorithm
*
* inputKey - 32byte key to be diversified
* ukm - 8byte user key material
* outputKey - 32byte buffer to store diversified key
*
*/
void keyDiversifyCryptoPro(gost_ctx *ctx,const unsigned char *inputKey, const unsigned char *ukm, unsigned char *outputKey)
{
u4 k,s1,s2;
int i,j,mask;
unsigned char S[8];
memcpy(outputKey,inputKey,32);
for (i=0;i<8;i++)
{
/* Make array of integers from key */
/* Compute IV S*/
s1=0,s2=0;
for (j=0,mask=1;j<8;j++,mask<<=1)
{
k=((u4)outputKey[4*j])|(outputKey[4*j+1]<<8)|
(outputKey[4*j+2]<<16)|(outputKey[4*j+3]<<24);
if (mask & ukm[i])
{
s1+=k;
}
else
{
s2+=k;
}
}
S[0]=(unsigned char)(s1&0xff);
S[1]=(unsigned char)((s1>>8)&0xff);
S[2]=(unsigned char)((s1>>16)&0xff);
S[3]=(unsigned char)((s1>>24)&0xff);
S[4]=(unsigned char)(s2&0xff);
S[5]=(unsigned char)((s2>>8)&0xff);
S[6]=(unsigned char)((s2>>16)&0xff);
S[7]=(unsigned char)((s2>>24)&0xff);
gost_key(ctx,outputKey);
gost_enc_cfb(ctx,S,outputKey,outputKey,4);
}
}
virtual void do_prepare(const TaskData &) override
{
gost_init(&m_ctx, NULL);
gost_key(&m_ctx, m_key.data());
}