1 /* gost28147.h 2 3 The GOST 28147-89 (MAGMA) cipher function, described in RFC 5831. 4 5 Copyright (C) 2015 Dmitry Eremin-Solenikov 6 Copyright (C) 2012 Nikos Mavrogiannopoulos, Niels Möller 7 8 This file is part of GNU Nettle. 9 10 GNU Nettle is free software: you can redistribute it and/or 11 modify it under the terms of either: 12 13 * the GNU Lesser General Public License as published by the Free 14 Software Foundation; either version 3 of the License, or (at your 15 option) any later version. 16 17 or 18 19 * the GNU General Public License as published by the Free 20 Software Foundation; either version 2 of the License, or (at your 21 option) any later version. 22 23 or both in parallel, as here. 24 25 GNU Nettle is distributed in the hope that it will be useful, 26 but WITHOUT ANY WARRANTY; without even the implied warranty of 27 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 28 General Public License for more details. 29 30 You should have received copies of the GNU General Public License and 31 the GNU Lesser General Public License along with this program. If 32 not, see https://www.gnu.org/licenses/. 33 */ 34 35 #ifndef GNUTLS_LIB_NETTLE_GOST_GOST28147_H 36 #define GNUTLS_LIB_NETTLE_GOST_GOST28147_H 37 38 #include "config.h" 39 40 #ifndef HAVE_NETTLE_GOST28147_SET_KEY 41 42 #include <nettle/nettle-types.h> 43 44 #ifdef __cplusplus 45 extern "C" { 46 #endif 47 48 /* S-Boxes & parameters */ 49 #define gost28147_param_test_3411 _gnutls_gost28147_param_test_3411 50 #define gost28147_param_CryptoPro_3411 _gnutls_gost28147_param_CryptoPro_3411 51 #define gost28147_param_Test_89 _gnutls_gost28147_param_Test_89 52 #define gost28147_param_CryptoPro_A _gnutls_gost28147_param_CryptoPro_A 53 #define gost28147_param_CryptoPro_B _gnutls_gost28147_param_CryptoPro_B 54 #define gost28147_param_CryptoPro_C _gnutls_gost28147_param_CryptoPro_C 55 #define gost28147_param_CryptoPro_D _gnutls_gost28147_param_CryptoPro_D 56 #define gost28147_param_TC26_Z _gnutls_gost28147_param_TC26_Z 57 58 /* Private */ 59 #define gost28147_encrypt_simple _gnutls_gost28147_encrypt_simple 60 61 /* Public functions */ 62 #define gost28147_set_key _gnutls_gost28147_set_key 63 #define gost28147_set_param _gnutls_gost28147_set_param 64 #define gost28147_encrypt _gnutls_gost28147_encrypt 65 #define gost28147_encrypt_for_cfb _gnutls_gost28147_encrypt_for_cfb 66 #define gost28147_decrypt _gnutls_gost28147_decrypt 67 68 #define gost28147_cnt_init _gnutls_gost28147_cnt_init 69 #define gost28147_cnt_set_iv _gnutls_gost28147_cnt_set_iv 70 #define gost28147_cnt_crypt _gnutls_gost28147_cnt_crypt 71 72 #define gost28147_kdf_cryptopro _gnutls_gost28147_kdf_cryptopro 73 #define gost28147_key_wrap_cryptopro _gnutls_gost28147_key_wrap_cryptopro 74 #define gost28147_key_unwrap_cryptopro _gnutls_gost28147_key_unwrap_cryptopro 75 76 #define gost28147_imit_set_key _gnutls_gost28147_imit_set_key 77 #define gost28147_imit_set_nonce _gnutls_gost28147_imit_set_nonce 78 #define gost28147_imit_set_param _gnutls_gost28147_imit_set_param 79 #define gost28147_imit_update _gnutls_gost28147_imit_update 80 #define gost28147_imit_digest _gnutls_gost28147_imit_digest 81 82 #define GOST28147_KEY_SIZE 32 83 #define GOST28147_BLOCK_SIZE 8 84 85 struct gost28147_ctx 86 { 87 uint32_t key[GOST28147_KEY_SIZE/4]; 88 const uint32_t *sbox; 89 int key_meshing; 90 int key_count; /* Used for key meshing */ 91 }; 92 93 struct gost28147_param 94 { 95 int key_meshing; 96 uint32_t sbox[4*256]; 97 }; 98 99 extern const struct gost28147_param gost28147_param_test_3411; 100 extern const struct gost28147_param gost28147_param_CryptoPro_3411; 101 extern const struct gost28147_param gost28147_param_Test_89; 102 extern const struct gost28147_param gost28147_param_CryptoPro_A; 103 extern const struct gost28147_param gost28147_param_CryptoPro_B; 104 extern const struct gost28147_param gost28147_param_CryptoPro_C; 105 extern const struct gost28147_param gost28147_param_CryptoPro_D; 106 extern const struct gost28147_param gost28147_param_TC26_Z; 107 108 /* Internal interface for use by GOST R 34.11-94 */ 109 void gost28147_encrypt_simple (const uint32_t *key, const uint32_t *sbox, 110 const uint32_t *in, uint32_t *out); 111 112 void 113 gost28147_set_key(struct gost28147_ctx *ctx, const uint8_t *key); 114 115 void 116 gost28147_set_param(struct gost28147_ctx *ctx, 117 const struct gost28147_param *param); 118 119 void 120 gost28147_encrypt(const struct gost28147_ctx *ctx, 121 size_t length, uint8_t *dst, 122 const uint8_t *src); 123 void 124 gost28147_decrypt(const struct gost28147_ctx *ctx, 125 size_t length, uint8_t *dst, 126 const uint8_t *src); 127 void 128 gost28147_encrypt_for_cfb(struct gost28147_ctx *ctx, 129 size_t length, uint8_t *dst, 130 const uint8_t *src); 131 132 struct gost28147_cnt_ctx { 133 struct gost28147_ctx ctx; 134 size_t bytes; 135 uint32_t iv[2]; 136 uint8_t buffer[GOST28147_BLOCK_SIZE]; 137 }; 138 139 void 140 gost28147_cnt_init(struct gost28147_cnt_ctx *ctx, 141 const uint8_t *key, 142 const struct gost28147_param *param); 143 144 void 145 gost28147_cnt_set_iv(struct gost28147_cnt_ctx *ctx, 146 const uint8_t *iv); 147 148 void 149 gost28147_cnt_crypt(struct gost28147_cnt_ctx *ctx, 150 size_t length, uint8_t *dst, 151 const uint8_t *src); 152 153 void 154 gost28147_kdf_cryptopro(const struct gost28147_param *param, 155 const uint8_t *in, 156 const uint8_t *ukm, 157 uint8_t *out); 158 void 159 gost28147_key_wrap_cryptopro(const struct gost28147_param *param, 160 const uint8_t *kek, 161 const uint8_t *ukm, size_t ukm_size, 162 const uint8_t *cek, 163 uint8_t *enc, 164 uint8_t *imit); 165 166 int 167 gost28147_key_unwrap_cryptopro(const struct gost28147_param *param, 168 const uint8_t *kek, 169 const uint8_t *ukm, size_t ukm_size, 170 const uint8_t *enc, 171 const uint8_t *imit, 172 uint8_t *cek); 173 174 #define GOST28147_IMIT_DIGEST_SIZE 4 175 #define GOST28147_IMIT_BLOCK_SIZE GOST28147_BLOCK_SIZE 176 #define GOST28147_IMIT_KEY_SIZE GOST28147_KEY_SIZE 177 178 struct gost28147_imit_ctx 179 { 180 struct gost28147_ctx cctx; 181 uint64_t count; /* Block count */ 182 uint8_t block[GOST28147_IMIT_BLOCK_SIZE]; /* Block buffer */ 183 unsigned index; /* Into buffer */ 184 uint32_t state[GOST28147_IMIT_BLOCK_SIZE/4]; 185 }; 186 187 void 188 gost28147_imit_set_key(struct gost28147_imit_ctx *ctx, 189 size_t length, 190 const uint8_t *key); 191 192 void 193 gost28147_imit_set_nonce(struct gost28147_imit_ctx *ctx, 194 const uint8_t *nonce); 195 196 void 197 gost28147_imit_set_param(struct gost28147_imit_ctx *ctx, 198 const struct gost28147_param *param); 199 200 void 201 gost28147_imit_update(struct gost28147_imit_ctx *ctx, 202 size_t length, 203 const uint8_t *data); 204 205 void 206 gost28147_imit_digest(struct gost28147_imit_ctx *ctx, 207 size_t length, 208 uint8_t *digest); 209 210 #ifdef __cplusplus 211 } 212 #endif 213 214 #endif 215 216 #endif /* GNUTLS_LIB_NETTLE_GOST_GOST28147_H */ 217