libressl/0035-kuznyechik-fix-IV-handling-for-CTR-mode.patch

From f8edb0a765f94a97418247a5e4dd0f289637838b Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri, 17 Apr 2020 23:07:07 +0300
Subject: [PATCH 35/87] kuznyechik: fix IV handling for CTR mode

kuznyechik-ctr uses half length IV per the specification, which is
handled correctly.  However we still have to zero the second half of IV.
Do so in ctr_init_key() callback.

Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
 src/lib/libcrypto/evp/e_kuznyechik.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/lib/libcrypto/evp/e_kuznyechik.c b/src/lib/libcrypto/evp/e_kuznyechik.c
index 7ac5ed7a6..ebb857c62 100644
--- a/src/lib/libcrypto/evp/e_kuznyechik.c
+++ b/src/lib/libcrypto/evp/e_kuznyechik.c
@@ -102,6 +102,19 @@ Kuznyechik_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t le
 			(block128_f)Kuznyechik_encrypt);
 }
 
+static int
+kuznyechik_ctr_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+    const unsigned char *iv, int enc)
+{
+	if (iv)
+		memset(ctx->iv + 8, 0, 8);
+
+	if (!key)
+		return 1;
+
+	return kuznyechik_init_key(ctx, key, iv, enc);
+}
+
 static int
 kuznyechik_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 		size_t len)
@@ -120,8 +133,8 @@ IMPLEMENT_BLOCK_CIPHER(kuznyechik, ks, Kuznyechik, EVP_KUZNYECHIK_CTX,
 		kuznyechik_ctl)
 
 BLOCK_CIPHER_def1(kuznyechik, ctr, ctr, CTR, EVP_KUZNYECHIK_CTX,
-		NID_kuznyechik, 1, 32, 8, 0,
-		kuznyechik_init_key, NULL,
+		NID_kuznyechik, 1, 32, 8, EVP_CIPH_ALWAYS_CALL_INIT,
+		kuznyechik_ctr_init_key, NULL,
 		EVP_CIPHER_set_asn1_iv,
 		EVP_CIPHER_get_asn1_iv,
 		kuznyechik_ctl)
-- 
2.17.1
Add gost-new patches sponsored by ROSA Linux TODO: add tests 2020-08-05 12:55:25 +03:00			`From f8edb0a765f94a97418247a5e4dd0f289637838b Mon Sep 17 00:00:00 2001`
			`From: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`Date: Fri, 17 Apr 2020 23:07:07 +0300`
			`Subject: [PATCH 35/87] kuznyechik: fix IV handling for CTR mode`

			`kuznyechik-ctr uses half length IV per the specification, which is`
			`handled correctly. However we still have to zero the second half of IV.`
			`Do so in ctr_init_key() callback.`

			`Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`---`
			`src/lib/libcrypto/evp/e_kuznyechik.c \| 17 +++++++++++++++--`
			`1 file changed, 15 insertions(+), 2 deletions(-)`

			`diff --git a/src/lib/libcrypto/evp/e_kuznyechik.c b/src/lib/libcrypto/evp/e_kuznyechik.c`
			`index 7ac5ed7a6..ebb857c62 100644`
			`--- a/src/lib/libcrypto/evp/e_kuznyechik.c`
			`+++ b/src/lib/libcrypto/evp/e_kuznyechik.c`
			`@@ -102,6 +102,19 @@ Kuznyechik_ofb128_encrypt(const unsigned char in, unsigned char out, size_t le`
			`(block128_f)Kuznyechik_encrypt);`
			`}`

			`+static int`
			`+kuznyechik_ctr_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,`
			`+ const unsigned char *iv, int enc)`
			`+{`
			`+ if (iv)`
			`+ memset(ctx->iv + 8, 0, 8);`
			`+`
			`+ if (!key)`
			`+ return 1;`
			`+`
			`+ return kuznyechik_init_key(ctx, key, iv, enc);`
			`+}`
			`+`
			`static int`
			`kuznyechik_ctr_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in,`
			`size_t len)`
			`@@ -120,8 +133,8 @@ IMPLEMENT_BLOCK_CIPHER(kuznyechik, ks, Kuznyechik, EVP_KUZNYECHIK_CTX,`
			`kuznyechik_ctl)`

			`BLOCK_CIPHER_def1(kuznyechik, ctr, ctr, CTR, EVP_KUZNYECHIK_CTX,`
			`- NID_kuznyechik, 1, 32, 8, 0,`
			`- kuznyechik_init_key, NULL,`
			`+ NID_kuznyechik, 1, 32, 8, EVP_CIPH_ALWAYS_CALL_INIT,`
			`+ kuznyechik_ctr_init_key, NULL,`
			`EVP_CIPHER_set_asn1_iv,`
			`EVP_CIPHER_get_asn1_iv,`
			`kuznyechik_ctl)`
			`--`
			`2.17.1`