Djam/libressl
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/libressl.git synced 2025-02-23 16:12:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
libressl/0037-gost-add-support-for-ACPKM-rekeying.patch
Mikhail Novosyolov faac7d3eaa Add gost-new patches sponsored by ROSA Linux 
TODO: add tests
2020-08-05 12:58:06 +03:00

100 lines
3.5 KiB
Diff
Raw Blame History

From c982fe656b75adba6c64552d1657b842555cb887 Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon, 23 Mar 2020 23:58:00 +0300
Subject: [PATCH 37/87] gost: add support for ACPKM rekeying
Add support for ACPKM internal rekeying (RFC 8645).
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
src/lib/libcrypto/evp/evp.h | 2 ++
src/lib/libcrypto/gost/gost89_params.c | 38 ++++++++++++++++++++++++++
src/lib/libcrypto/gost/gost_locl.h | 5 ++++
3 files changed, 45 insertions(+)
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 26e025d09..77b3a4f8e 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -396,6 +396,8 @@ struct evp_cipher_st {
#define EVP_CTRL_GCM_SET_IV_INV 0x18
/* Set the S-BOX NID for GOST ciphers */
#define EVP_CTRL_GOST_SET_SBOX 0x19
+/* Set the key meshing section for GOST ciphers */
+#define EVP_CTRL_GOST_SET_MESHING 0x1a
/* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */
diff --git a/src/lib/libcrypto/gost/gost89_params.c b/src/lib/libcrypto/gost/gost89_params.c
index 7365f7a43..e02265389 100644
--- a/src/lib/libcrypto/gost/gost89_params.c
+++ b/src/lib/libcrypto/gost/gost89_params.c
@@ -50,6 +50,7 @@
*/
#include <stdlib.h>
+#include <string.h>
#include <openssl/opensslconf.h>
@@ -259,4 +260,41 @@ Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key)
Gost2814789_set_key(key, newkey);
}
+
+#define ACPKM_KEY_SIZE 128
+static unsigned char acpkm_mesh_data[ACPKM_KEY_SIZE] =
+{
+ 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+ 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
+ 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
+ 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
+ 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
+ 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+ 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
+ 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
+ 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
+ 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+ 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
+};
+
+
+void
+acpkm_key_mesh(void *ctx,
+ acpkm_block *block, acpkm_set_key *set_key,
+ unsigned int block_size, unsigned int key_size)
+{
+ unsigned int i;
+ unsigned char new_key[ACPKM_KEY_SIZE];
+
+ for (i = 0; i < key_size; i += block_size) {
+ block(&acpkm_mesh_data[i], &new_key[i], ctx);
+ }
+ set_key(ctx, new_key);
+ explicit_bzero(new_key, i);
+}
#endif
diff --git a/src/lib/libcrypto/gost/gost_locl.h b/src/lib/libcrypto/gost/gost_locl.h
index 302a19c5c..f512029e1 100644
--- a/src/lib/libcrypto/gost/gost_locl.h
+++ b/src/lib/libcrypto/gost/gost_locl.h
@@ -97,6 +97,11 @@ extern void Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
extern void Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
const GOST2814789_KEY *key);
extern void Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key);
+typedef void acpkm_block(const unsigned char *in, unsigned char *out, void *ctx);
+typedef void acpkm_set_key(void *ctx, const unsigned char *key);
+extern void acpkm_key_mesh(void *ctx,
+ acpkm_block *block, acpkm_set_key *set_key,
+ unsigned int block_size, unsigned int key_size);
void Magma_set_key_int(MAGMA_KEY *key, const unsigned char *userKey);
--
2.17.1
Reference in a new issue View git blame Copy permalink