(root)/
libxcrypt-4.4.36/
lib/
alg-gost3411-2012-hmac.c
       1  /* Copyright (C) 2018 vt@altlinux.org
       2   * Copyright (C) 2018 Björn Esser <besser82@fedoraproject.org>
       3   *
       4   * Redistribution and use in source and binary forms, with or without
       5   * modification, are permitted.
       6   *
       7   * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
       8   * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
       9   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
      10   * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
      11   * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
      12   * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
      13   * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
      14   * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
      15   * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
      16   * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
      17   * SUCH DAMAGE.
      18   */
      19  
      20  
      21  #include "crypt-port.h"
      22  
      23  #if INCLUDE_gost_yescrypt
      24  
      25  #include "alg-gost3411-2012-hmac.h"
      26  
      27  /* GOST2012_256 */
      28  void
      29  gost_hash256 (const uint8_t *t, size_t n, uint8_t *out32,
      30                GOST34112012Context *ctx)
      31  {
      32    GOST34112012Init (ctx, GOSTR3411_2012_BITS);
      33    GOST34112012Update (ctx, t, n);
      34    GOST34112012Final (ctx, out32);
      35  }
      36  
      37  /* HMAC_GOSTR3411_2012_256 */
      38  void
      39  gost_hmac256 (const uint8_t *k, size_t n, const uint8_t *t, size_t len,
      40                uint8_t *out32, gost_hmac_256_t *gostbuf)
      41  {
      42    size_t i;
      43  
      44    /* R 50.1.113-2016 only allowed N to be in range 256..512 bits */
      45    assert (n >= GOSTR3411_2012_L && n <= GOSTR3411_2012_B);
      46  
      47    for (i = 0; i < sizeof (gostbuf->pad); i++)
      48      gostbuf->kstar[i] = i < n ? k[i] : 0;
      49  
      50    GOST34112012Init (&gostbuf->ctx, GOSTR3411_2012_BITS);
      51  
      52    for (i = 0; i < sizeof (gostbuf->pad); i++)
      53      gostbuf->pad[i] = gostbuf->kstar[i] ^ 0x36; /* ipad */
      54  
      55    GOST34112012Update (&gostbuf->ctx, gostbuf->pad,
      56                        sizeof (gostbuf->pad));
      57    GOST34112012Update (&gostbuf->ctx, t, len);
      58    GOST34112012Final (&gostbuf->ctx, gostbuf->digest);
      59  
      60    /* Clear the context state. */
      61    explicit_bzero (&gostbuf->ctx, sizeof (GOST34112012Context));
      62  
      63    GOST34112012Init (&gostbuf->ctx, GOSTR3411_2012_BITS);
      64  
      65    for (i = 0; i < sizeof (gostbuf->pad); i++)
      66      gostbuf->pad[i] = gostbuf->kstar[i] ^ 0x5c; /* opad */
      67  
      68    GOST34112012Update (&gostbuf->ctx, gostbuf->pad,
      69                        sizeof (gostbuf->pad));
      70    GOST34112012Update (&gostbuf->ctx, gostbuf->digest,
      71                        sizeof (gostbuf->digest));
      72    GOST34112012Final (&gostbuf->ctx, out32);
      73  
      74    /* Clear the context state. */
      75    explicit_bzero (gostbuf, sizeof (gost_hmac_256_t));
      76  }
      77  
      78  #endif /* INCLUDE_gost_yescrypt */