mirror of
https://abf.rosa.ru/djam/libressl.git
synced 2025-02-23 16:12:53 +00:00
41 lines
1.5 KiB
Diff
41 lines
1.5 KiB
Diff
From 9500ec100b69ef59889bbd9aadffd986a99f9a9b Mon Sep 17 00:00:00 2001
|
|
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
Date: Thu, 9 Apr 2020 01:32:30 +0300
|
|
Subject: [PATCH 61/87] cms: select proper cipher for GOST KeyAgreeement
|
|
|
|
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
---
|
|
src/lib/libcrypto/cms/cms_kari.c | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c
|
|
index 2c3b50290..0082a7525 100644
|
|
--- a/src/lib/libcrypto/cms/cms_kari.c
|
|
+++ b/src/lib/libcrypto/cms/cms_kari.c
|
|
@@ -414,6 +414,7 @@ cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, const EVP_CIPHER *cipher)
|
|
EVP_CIPHER_CTX *ctx = kari->ctx;
|
|
const EVP_CIPHER *kekcipher;
|
|
int keylen = EVP_CIPHER_key_length(cipher);
|
|
+ int type = EVP_CIPHER_type(cipher);
|
|
|
|
/* If a suitable wrap algorithm is already set nothing to do */
|
|
kekcipher = EVP_CIPHER_CTX_cipher(ctx);
|
|
@@ -437,6 +438,15 @@ cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, const EVP_CIPHER *cipher)
|
|
kekcipher = EVP_des_ede3_wrap();
|
|
else
|
|
#endif
|
|
+#endif
|
|
+#ifndef OPENSSL_NO_GOST
|
|
+ if (type == NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm ||
|
|
+ type == NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac)
|
|
+ kekcipher = EVP_magma_kexp15_wrap();
|
|
+ else if (type == NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm ||
|
|
+ type == NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac)
|
|
+ kekcipher = EVP_kuznyechik_kexp15_wrap();
|
|
+ else
|
|
#endif
|
|
if (keylen <= 16)
|
|
kekcipher = EVP_aes_128_wrap();
|
|
--
|
|
2.17.1
|
|
|