#include "gost89.h"
#include "gost_keywrap.h"
-/* Diversifies key using random UserKey Material
- * Implements RFC 4357 p 6.5 key diversification algorithm
- *
+/*-
+ * Diversifies key using random UserKey Material
+ * Implements RFC 4357 p 6.5 key diversification algorithm
+ *
* inputKey - 32byte key to be diversified
* ukm - 8byte user key material
- * outputKey - 32byte buffer to store diversified key
+ * outputKey - 32byte buffer to store diversified key
*
*/
-void keyDiversifyCryptoPro(gost_ctx *ctx,const unsigned char *inputKey, const unsigned char *ukm, unsigned char *outputKey)
- {
+void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey,
+ const unsigned char *ukm, unsigned char *outputKey)
+{
- u4 k,s1,s2;
- int i,j,mask;
- unsigned char S[8];
- memcpy(outputKey,inputKey,32);
- for (i=0;i<8;i++)
- {
- /* Make array of integers from key */
- /* Compute IV S*/
- s1=0,s2=0;
- for (j=0,mask=1;j<8;j++,mask<<=1)
- {
- k=((u4)outputKey[4*j])|(outputKey[4*j+1]<<8)|
- (outputKey[4*j+2]<<16)|(outputKey[4*j+3]<<24);
- if (mask & ukm[i])
- {
- s1+=k;
- }
- else
- {
- s2+=k;
- }
- }
- S[0]=(unsigned char)(s1&0xff);
- S[1]=(unsigned char)((s1>>8)&0xff);
- S[2]=(unsigned char)((s1>>16)&0xff);
- S[3]=(unsigned char)((s1>>24)&0xff);
- S[4]=(unsigned char)(s2&0xff);
- S[5]=(unsigned char)((s2>>8)&0xff);
- S[6]=(unsigned char)((s2>>16)&0xff);
- S[7]=(unsigned char)((s2>>24)&0xff);
- gost_key(ctx,outputKey);
- gost_enc_cfb(ctx,S,outputKey,outputKey,4);
- }
- }
-
+ u4 k, s1, s2;
+ int i, j, mask;
+ unsigned char S[8];
+ memcpy(outputKey, inputKey, 32);
+ for (i = 0; i < 8; i++) {
+ /* Make array of integers from key */
+ /* Compute IV S */
+ s1 = 0, s2 = 0;
+ for (j = 0, mask = 1; j < 8; j++, mask <<= 1) {
+ k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) |
+ (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24);
+ if (mask & ukm[i]) {
+ s1 += k;
+ } else {
+ s2 += k;
+ }
+ }
+ S[0] = (unsigned char)(s1 & 0xff);
+ S[1] = (unsigned char)((s1 >> 8) & 0xff);
+ S[2] = (unsigned char)((s1 >> 16) & 0xff);
+ S[3] = (unsigned char)((s1 >> 24) & 0xff);
+ S[4] = (unsigned char)(s2 & 0xff);
+ S[5] = (unsigned char)((s2 >> 8) & 0xff);
+ S[6] = (unsigned char)((s2 >> 16) & 0xff);
+ S[7] = (unsigned char)((s2 >> 24) & 0xff);
+ gost_key(ctx, outputKey);
+ gost_enc_cfb(ctx, S, outputKey, outputKey, 4);
+ }
+}
-/*
+/*-
* Wraps key using RFC 4357 6.3
- * ctx - gost encryption context, initialized with some S-boxes
+ * ctx - gost encryption context, initialized with some S-boxes
* keyExchangeKey (KEK) 32-byte (256-bit) shared key
- * ukm - 8 byte (64 bit) user key material,
+ * ukm - 8 byte (64 bit) user key material,
* sessionKey - 32-byte (256-bit) key to be wrapped
* wrappedKey - 44-byte buffer to store wrapped key
- */
+ */
-int keyWrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey, const unsigned char *ukm,
- const unsigned char *sessionKey, unsigned char *wrappedKey)
- {
- unsigned char kek_ukm[32];
- keyDiversifyCryptoPro(ctx,keyExchangeKey,ukm,kek_ukm);
- gost_key(ctx,kek_ukm);
- memcpy(wrappedKey,ukm,8);
- gost_enc(ctx,sessionKey,wrappedKey+8,4);
- gost_mac_iv(ctx,32,ukm,sessionKey,32,wrappedKey+40);
- return 1;
- }
-/*
+int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
+ const unsigned char *ukm,
+ const unsigned char *sessionKey,
+ unsigned char *wrappedKey)
+{
+ unsigned char kek_ukm[32];
+ keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm);
+ gost_key(ctx, kek_ukm);
+ memcpy(wrappedKey, ukm, 8);
+ gost_enc(ctx, sessionKey, wrappedKey + 8, 4);
+ gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40);
+ return 1;
+}
+
+/*-
* Unwraps key using RFC 4357 6.4
- * ctx - gost encryption context, initialized with some S-boxes
+ * ctx - gost encryption context, initialized with some S-boxes
* keyExchangeKey 32-byte shared key
* wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM,
- * 32 byte encrypted key and 4 byte MAC
- *
+ * 32 byte encrypted key and 4 byte MAC
+ *
* sessionKEy - 32byte buffer to store sessionKey in
* Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
- */
-
-int keyUnwrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey,
- const unsigned char *wrappedKey, unsigned char *sessionKey)
- {
- unsigned char kek_ukm[32],cek_mac[4];
- keyDiversifyCryptoPro(ctx,keyExchangeKey,wrappedKey
- /* First 8 bytes of wrapped Key is ukm */
- ,kek_ukm);
- gost_key(ctx,kek_ukm);
- gost_dec(ctx,wrappedKey+8,sessionKey,4);
- gost_mac_iv(ctx,32,wrappedKey,sessionKey,32,cek_mac);
- if (memcmp(cek_mac,wrappedKey+40,4))
- {
- return 0;
- }
- return 1;
- }
-
+ */
+int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
+ const unsigned char *wrappedKey,
+ unsigned char *sessionKey)
+{
+ unsigned char kek_ukm[32], cek_mac[4];
+ keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey
+ /* First 8 bytes of wrapped Key is ukm */
+ , kek_ukm);
+ gost_key(ctx, kek_ukm);
+ gost_dec(ctx, wrappedKey + 8, sessionKey, 4);
+ gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac);
+ if (memcmp(cek_mac, wrappedKey + 40, 4)) {
+ return 0;
+ }
+ return 1;
+}
projects / openssl.git / blobdiff