diff options
| author | Vitaly Chikunov <vt@altlinux.org> | 2018-07-23 03:35:13 +0300 |
|---|---|---|
| committer | Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org> | 2018-08-20 15:24:20 +0300 |
| commit | 6fc723c572a2df36cad8c523a66702c39f7aea5c (patch) | |
| tree | 0b454db123003602b9f3876a0e5d0fcf254ac42f | |
| parent | fb4e4e11e21242b10d4c24ffcfa406ed335191fa (diff) | |
| download | gost-engine-6fc723c572a2df36cad8c523a66702c39f7aea5c.zip gost-engine-6fc723c572a2df36cad8c523a66702c39f7aea5c.tar.gz gost-engine-6fc723c572a2df36cad8c523a66702c39f7aea5c.tar.bz2 | |
grasshopper: Fix OFB implementation.
Previous implementation was not OFB at all, and fail tests.
Note: This implementation is for fixed width 128-bit IV which makes
shift regiser redundant.
(cherry picked from commit 1e15537d7583cdd5a4b003b5efb92f0b6e1fdcc6)
| -rw-r--r-- | gost_grasshopper_cipher.c | 45 | ||||
| -rw-r--r-- | gost_grasshopper_cipher.h | 2 |
2 files changed, 4 insertions, 43 deletions
diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index 2cdf57e..8ee8481 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -344,51 +344,14 @@ int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX* ctx, unsigned char* out, return 1; } +/* + * Fixed 128-bit IV implementation make shift regiser redundant. + */ static void gost_grasshopper_cnt_next(gost_grasshopper_cipher_ctx_ofb* ctx, grasshopper_w128_t* iv, grasshopper_w128_t* buf) { memcpy(&ctx->buffer1, iv, 16); - ctx->g = ctx->buffer1.b[0] | (ctx->buffer1.b[1] << 8) | (ctx->buffer1.b[2] << 16) | - ((uint32_t) ctx->buffer1.b[3] << 24); - ctx->g += 0x01010101; - ctx->buffer1.b[0] = (unsigned char) (ctx->g & 0xff); - ctx->buffer1.b[1] = (unsigned char) ((ctx->g >> 8) & 0xff); - ctx->buffer1.b[2] = (unsigned char) ((ctx->g >> 16) & 0xff); - ctx->buffer1.b[3] = (unsigned char) ((ctx->g >> 24) & 0xff); - ctx->g = ctx->buffer1.b[4] | (ctx->buffer1.b[5] << 8) | (ctx->buffer1.b[6] << 16) | - ((uint32_t) ctx->buffer1.b[7] << 24); - ctx->go = ctx->g; - ctx->g += 0x01010104; - if (ctx->go > ctx->g) { /* overflow */ - ctx->g++; - } - ctx->buffer1.b[4] = (unsigned char) (ctx->g & 0xff); - ctx->buffer1.b[5] = (unsigned char) ((ctx->g >> 8) & 0xff); - ctx->buffer1.b[6] = (unsigned char) ((ctx->g >> 16) & 0xff); - ctx->buffer1.b[7] = (unsigned char) ((ctx->g >> 24) & 0xff); - ctx->g = ctx->buffer1.b[8] | (ctx->buffer1.b[9] << 8) | (ctx->buffer1.b[10] << 16) | - ((uint32_t) ctx->buffer1.b[11] << 24); - ctx->go = ctx->g; - ctx->g += 0x01010107; - if (ctx->go > ctx->g) { /* overflow */ - ctx->g++; - } - ctx->buffer1.b[8] = (unsigned char) (ctx->g & 0xff); - ctx->buffer1.b[9] = (unsigned char) ((ctx->g >> 8) & 0xff); - ctx->buffer1.b[10] = (unsigned char) ((ctx->g >> 16) & 0xff); - ctx->buffer1.b[11] = (unsigned char) ((ctx->g >> 24) & 0xff); - ctx->g = ctx->buffer1.b[12] | (ctx->buffer1.b[13] << 8) | (ctx->buffer1.b[14] << 16) | - ((uint32_t) ctx->buffer1.b[15] << 24); - ctx->go = ctx->g; - ctx->g += 0x01010110; - if (ctx->go > ctx->g) { /* overflow */ - ctx->g++; - } - ctx->buffer1.b[12] = (unsigned char) (ctx->g & 0xff); - ctx->buffer1.b[13] = (unsigned char) ((ctx->g >> 8) & 0xff); - ctx->buffer1.b[14] = (unsigned char) ((ctx->g >> 16) & 0xff); - ctx->buffer1.b[15] = (unsigned char) ((ctx->g >> 24) & 0xff); - memcpy(iv, &ctx->buffer1, 16); grasshopper_encrypt_block(&ctx->c.encrypt_round_keys, &ctx->buffer1, buf, &ctx->c.buffer); + memcpy(iv, buf, 16); } int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX* ctx, unsigned char* out, diff --git a/gost_grasshopper_cipher.h b/gost_grasshopper_cipher.h index 7f775a2..34bf8cc 100644 --- a/gost_grasshopper_cipher.h +++ b/gost_grasshopper_cipher.h @@ -27,8 +27,6 @@ typedef struct { typedef struct { gost_grasshopper_cipher_ctx c; grasshopper_w128_t buffer1; - uint32_t g; - uint32_t go; } gost_grasshopper_cipher_ctx_ofb; typedef struct { |