1 /* gost28147.h
2 
3    The GOST 28147-89 (MAGMA) cipher function, described in RFC 5831.
4 
5    Copyright (C) 2015 Dmitry Eremin-Solenikov
6    Copyright (C) 2012 Nikos Mavrogiannopoulos, Niels Möller
7 
8    This file is part of GNU Nettle.
9 
10    GNU Nettle is free software: you can redistribute it and/or
11    modify it under the terms of either:
12 
13      * the GNU Lesser General Public License as published by the Free
14        Software Foundation; either version 3 of the License, or (at your
15        option) any later version.
16 
17    or
18 
19      * the GNU General Public License as published by the Free
20        Software Foundation; either version 2 of the License, or (at your
21        option) any later version.
22 
23    or both in parallel, as here.
24 
25    GNU Nettle is distributed in the hope that it will be useful,
26    but WITHOUT ANY WARRANTY; without even the implied warranty of
27    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
28    General Public License for more details.
29 
30    You should have received copies of the GNU General Public License and
31    the GNU Lesser General Public License along with this program.  If
32    not, see https://www.gnu.org/licenses/.
33 */
34 
35 #ifndef GNUTLS_LIB_NETTLE_GOST_GOST28147_H
36 #define GNUTLS_LIB_NETTLE_GOST_GOST28147_H
37 
38 #include "config.h"
39 
40 #ifndef HAVE_NETTLE_GOST28147_SET_KEY
41 
42 #include <nettle/nettle-types.h>
43 
44 #ifdef __cplusplus
45 extern "C" {
46 #endif
47 
48 /* S-Boxes & parameters */
49 #define gost28147_param_test_3411 _gnutls_gost28147_param_test_3411
50 #define gost28147_param_CryptoPro_3411 _gnutls_gost28147_param_CryptoPro_3411
51 #define gost28147_param_Test_89 _gnutls_gost28147_param_Test_89
52 #define gost28147_param_CryptoPro_A _gnutls_gost28147_param_CryptoPro_A
53 #define gost28147_param_CryptoPro_B _gnutls_gost28147_param_CryptoPro_B
54 #define gost28147_param_CryptoPro_C _gnutls_gost28147_param_CryptoPro_C
55 #define gost28147_param_CryptoPro_D _gnutls_gost28147_param_CryptoPro_D
56 #define gost28147_param_TC26_Z _gnutls_gost28147_param_TC26_Z
57 
58 /* Private */
59 #define gost28147_encrypt_simple _gnutls_gost28147_encrypt_simple
60 
61 /* Public functions */
62 #define gost28147_set_key _gnutls_gost28147_set_key
63 #define gost28147_set_param _gnutls_gost28147_set_param
64 #define gost28147_encrypt _gnutls_gost28147_encrypt
65 #define gost28147_encrypt_for_cfb _gnutls_gost28147_encrypt_for_cfb
66 #define gost28147_decrypt _gnutls_gost28147_decrypt
67 
68 #define gost28147_cnt_init _gnutls_gost28147_cnt_init
69 #define gost28147_cnt_set_iv _gnutls_gost28147_cnt_set_iv
70 #define gost28147_cnt_crypt _gnutls_gost28147_cnt_crypt
71 
72 #define gost28147_kdf_cryptopro _gnutls_gost28147_kdf_cryptopro
73 #define gost28147_key_wrap_cryptopro _gnutls_gost28147_key_wrap_cryptopro
74 #define gost28147_key_unwrap_cryptopro _gnutls_gost28147_key_unwrap_cryptopro
75 
76 #define gost28147_imit_set_key _gnutls_gost28147_imit_set_key
77 #define gost28147_imit_set_nonce _gnutls_gost28147_imit_set_nonce
78 #define gost28147_imit_set_param _gnutls_gost28147_imit_set_param
79 #define gost28147_imit_update _gnutls_gost28147_imit_update
80 #define gost28147_imit_digest _gnutls_gost28147_imit_digest
81 
82 #define GOST28147_KEY_SIZE 32
83 #define GOST28147_BLOCK_SIZE 8
84 
85 struct gost28147_ctx
86 {
87   uint32_t key[GOST28147_KEY_SIZE/4];
88   const uint32_t *sbox;
89   int key_meshing;
90   int key_count; /* Used for key meshing */
91 };
92 
93 struct gost28147_param
94 {
95   int key_meshing;
96   uint32_t sbox[4*256];
97 };
98 
99 extern const struct gost28147_param gost28147_param_test_3411;
100 extern const struct gost28147_param gost28147_param_CryptoPro_3411;
101 extern const struct gost28147_param gost28147_param_Test_89;
102 extern const struct gost28147_param gost28147_param_CryptoPro_A;
103 extern const struct gost28147_param gost28147_param_CryptoPro_B;
104 extern const struct gost28147_param gost28147_param_CryptoPro_C;
105 extern const struct gost28147_param gost28147_param_CryptoPro_D;
106 extern const struct gost28147_param gost28147_param_TC26_Z;
107 
108 /* Internal interface for use by GOST R 34.11-94 */
109 void gost28147_encrypt_simple (const uint32_t *key, const uint32_t *sbox,
110                                const uint32_t *in, uint32_t *out);
111 
112 void
113 gost28147_set_key(struct gost28147_ctx *ctx, const uint8_t *key);
114 
115 void
116 gost28147_set_param(struct gost28147_ctx *ctx,
117 		    const struct gost28147_param *param);
118 
119 void
120 gost28147_encrypt(const struct gost28147_ctx *ctx,
121 		  size_t length, uint8_t *dst,
122 		  const uint8_t *src);
123 void
124 gost28147_decrypt(const struct gost28147_ctx *ctx,
125 		  size_t length, uint8_t *dst,
126 		  const uint8_t *src);
127 void
128 gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx,
129 			  size_t length, uint8_t *dst,
130 			  const uint8_t *src);
131 
132 struct gost28147_cnt_ctx {
133   struct gost28147_ctx ctx;
134   size_t bytes;
135   uint32_t iv[2];
136   uint8_t buffer[GOST28147_BLOCK_SIZE];
137 };
138 
139 void
140 gost28147_cnt_init(struct gost28147_cnt_ctx *ctx,
141 		   const uint8_t *key,
142 		   const struct gost28147_param *param);
143 
144 void
145 gost28147_cnt_set_iv(struct gost28147_cnt_ctx *ctx,
146 		     const uint8_t *iv);
147 
148 void
149 gost28147_cnt_crypt(struct gost28147_cnt_ctx *ctx,
150 		    size_t length, uint8_t *dst,
151 		    const uint8_t *src);
152 
153 void
154 gost28147_kdf_cryptopro(const struct gost28147_param *param,
155 		       const uint8_t *in,
156 		       const uint8_t *ukm,
157 		       uint8_t *out);
158 void
159 gost28147_key_wrap_cryptopro(const struct gost28147_param *param,
160 			     const uint8_t *kek,
161 			     const uint8_t *ukm, size_t ukm_size,
162 			     const uint8_t *cek,
163 			     uint8_t *enc,
164 			     uint8_t *imit);
165 
166 int
167 gost28147_key_unwrap_cryptopro(const struct gost28147_param *param,
168 			       const uint8_t *kek,
169 			       const uint8_t *ukm, size_t ukm_size,
170 			       const uint8_t *enc,
171 			       const uint8_t *imit,
172 			       uint8_t *cek);
173 
174 #define GOST28147_IMIT_DIGEST_SIZE 4
175 #define GOST28147_IMIT_BLOCK_SIZE GOST28147_BLOCK_SIZE
176 #define GOST28147_IMIT_KEY_SIZE GOST28147_KEY_SIZE
177 
178 struct gost28147_imit_ctx
179 {
180   struct gost28147_ctx cctx;
181   uint64_t count;		/* Block count */
182   uint8_t block[GOST28147_IMIT_BLOCK_SIZE]; /* Block buffer */
183   unsigned index;               /* Into buffer */
184   uint32_t state[GOST28147_IMIT_BLOCK_SIZE/4];
185 };
186 
187 void
188 gost28147_imit_set_key(struct gost28147_imit_ctx *ctx,
189 		       size_t length,
190 		       const uint8_t *key);
191 
192 void
193 gost28147_imit_set_nonce(struct gost28147_imit_ctx *ctx,
194 		         const uint8_t *nonce);
195 
196 void
197 gost28147_imit_set_param(struct gost28147_imit_ctx *ctx,
198 			 const struct gost28147_param *param);
199 
200 void
201 gost28147_imit_update(struct gost28147_imit_ctx *ctx,
202 		      size_t length,
203 		      const uint8_t *data);
204 
205 void
206 gost28147_imit_digest(struct gost28147_imit_ctx *ctx,
207 		      size_t length,
208 		      uint8_t *digest);
209 
210 #ifdef __cplusplus
211 }
212 #endif
213 
214 #endif
215 
216 #endif /* GNUTLS_LIB_NETTLE_GOST_GOST28147_H */
217