[thirdparty/openssl.git] / engines / ccgost / gost_crypt.c

/**********************************************************************
 *                          gost_crypt.c                              *
 *             Copyright (c) 2005-2006 Cryptocom LTD                  *
 *         This file is distributed under the same license as OpenSSL *
 *                                                                    *
 *       OpenSSL interface to GOST 28147-89 cipher functions          *
 *          Requires OpenSSL 0.9.9 for compilation                    *
 **********************************************************************/
#include <string.h>
#include "gost89.h"
#include <openssl/err.h>
#include <openssl/rand.h>
#include "e_gost_err.h"
#include "gost_lcl.h"

#if !defined(CCGOST_DEBUG) && !defined(DEBUG)
# ifndef NDEBUG
#  define NDEBUG
# endif
#endif
#include <assert.h>

static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv, int enc);
static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc);
/* Handles block of data in CFB mode */
static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t inl);
/* Handles block of data in CNT mode */
static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t inl);
/* Cleanup function */
static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
/* set/get cipher parameters */
static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
/* Control function */
static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);

EVP_CIPHER cipher_gost = {
    NID_id_Gost28147_89,
    1,                          /* block_size */
    32,                         /* key_size */
    8,                          /* iv_len */
    EVP_CIPH_CFB_MODE | EVP_CIPH_NO_PADDING |
        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
    gost_cipher_init,
    gost_cipher_do_cfb,
    gost_cipher_cleanup,
    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
    gost89_set_asn1_parameters,
    gost89_get_asn1_parameters,
    gost_cipher_ctl,
    NULL,
};

EVP_CIPHER cipher_gost_cpacnt = {
    NID_gost89_cnt,
    1,                          /* block_size */
    32,                         /* key_size */
    8,                          /* iv_len */
    EVP_CIPH_OFB_MODE | EVP_CIPH_NO_PADDING |
        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
    gost_cipher_init_cpa,
    gost_cipher_do_cnt,
    gost_cipher_cleanup,
    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
    gost89_set_asn1_parameters,
    gost89_get_asn1_parameters,
    gost_cipher_ctl,
    NULL,
};

/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
/* Init functions which set specific parameters */
static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
/* process block of data */
static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count);
/* Return computed value */
static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md);
/* Copies context */
static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
static int gost_imit_cleanup(EVP_MD_CTX *ctx);
/* Control function, knows how to set MAC key.*/
static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);

EVP_MD imit_gost_cpa = {
    NID_id_Gost28147_89_MAC,
    NID_undef,
    4,
    0,
    gost_imit_init_cpa,
    gost_imit_update,
    gost_imit_final,
    gost_imit_copy,
    gost_imit_cleanup,
    NULL,
    NULL,
    {0, 0, 0, 0, 0},
    8,
    sizeof(struct ossl_gost_imit_ctx),
    gost_imit_ctrl
};

/*
 * Correspondence between gost parameter OIDs and substitution blocks
 * NID field is filed by register_gost_NID function in engine.c
 * upon engine initialization
 */

struct gost_cipher_info gost_cipher_list[] = {
    /*- NID *//*
     * Subst block
     *//*
     * Key meshing
     */
    /*
     * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
     */
    {NID_id_Gost28147_89_cc, &GostR3411_94_CryptoProParamSet, 0},
    {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA,
     1},
    {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB,
     1},
    {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC,
     1},
    {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD,
     1},
    {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1},
    {NID_undef, NULL, 0}
};

/*
 * get encryption parameters from crypto network settings FIXME For now we
 * use environment var CRYPT_PARAMS as place to store these settings.
 * Actually, it is better to use engine control command, read from
 * configuration file to set them
 */
const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj)
{
    int nid;
    struct gost_cipher_info *param;
    if (!obj) {
        const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
        if (!params || !strlen(params))
            return &gost_cipher_list[1];

        nid = OBJ_txt2nid(params);
        if (nid == NID_undef) {
            GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
                    GOST_R_INVALID_CIPHER_PARAM_OID);
            return NULL;
        }
    } else {
        nid = OBJ_obj2nid(obj);
    }
    for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid;
         param++) ;
    if (!param->sblock) {
        GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
        return NULL;
    }
    return param;
}

/* Sets cipher param from paramset NID. */
static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid)
{
    const struct gost_cipher_info *param;
    param =
        get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid)));
    if (!param)
        return 0;

    c->paramNID = param->nid;
    c->key_meshing = param->key_meshing;
    c->count = 0;
    gost_init(&(c->cctx), param->sblock);
    return 1;
}

/* Initializes EVP_CIPHER_CTX by paramset NID */
static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx,
                                  const unsigned char *key,
                                  const unsigned char *iv, int enc,
                                  int paramNID, int mode)
{
    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
    if (ctx->app_data == NULL) {
        if (!gost_cipher_set_param(c, paramNID))
            return 0;
        ctx->app_data = ctx->cipher_data;
    }
    if (key)
        gost_key(&(c->cctx), key);
    if (iv)
        memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
    memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
    return 1;
}

static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
{
    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
    gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
    c->key_meshing = 1;
    c->count = 0;
    if (key)
        gost_key(&(c->cctx), key);
    if (iv)
        memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
    memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
    return 1;
}

/* Initializes EVP_CIPHER_CTX with default values */
int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                     const unsigned char *iv, int enc)
{
    return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
                                  EVP_CIPH_CFB_MODE);
}

/*
 * Wrapper around gostcrypt function from gost89.c which perform key meshing
 * when nesseccary
 */
static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf)
{
    struct ossl_gost_cipher_ctx *c = ctx;
    assert(c->count % 8 == 0 && c->count <= 1024);
    if (c->key_meshing && c->count == 1024) {
        cryptopro_key_meshing(&(c->cctx), iv);
    }
    gostcrypt(&(c->cctx), iv, buf);
    c->count = c->count % 1024 + 8;
}

static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf)
{
    struct ossl_gost_cipher_ctx *c = ctx;
    word32 g, go;
    unsigned char buf1[8];
    assert(c->count % 8 == 0 && c->count <= 1024);
    if (c->key_meshing && c->count == 1024) {
        cryptopro_key_meshing(&(c->cctx), iv);
    }
    if (c->count == 0) {
        gostcrypt(&(c->cctx), iv, buf1);
    } else {
        memcpy(buf1, iv, 8);
    }
    g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24);
    g += 0x01010101;
    buf1[0] = (unsigned char)(g & 0xff);
    buf1[1] = (unsigned char)((g >> 8) & 0xff);
    buf1[2] = (unsigned char)((g >> 16) & 0xff);
    buf1[3] = (unsigned char)((g >> 24) & 0xff);
    g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24);
    go = g;
    g += 0x01010104;
    if (go > g)                 /* overflow */
        g++;
    buf1[4] = (unsigned char)(g & 0xff);
    buf1[5] = (unsigned char)((g >> 8) & 0xff);
    buf1[6] = (unsigned char)((g >> 16) & 0xff);
    buf1[7] = (unsigned char)((g >> 24) & 0xff);
    memcpy(iv, buf1, 8);
    gostcrypt(&(c->cctx), buf1, buf);
    c->count = c->count % 1024 + 8;
}

/* GOST encryption in CFB mode */
int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
                       const unsigned char *in, size_t inl)
{
    const unsigned char *in_ptr = in;
    unsigned char *out_ptr = out;
    size_t i = 0;
    size_t j = 0;
/* process partial block if any */
    if (ctx->num) {
        for (j = ctx->num, i = 0; j < 8 && i < inl;
             j++, i++, in_ptr++, out_ptr++) {
            if (!ctx->encrypt)
                ctx->buf[j + 8] = *in_ptr;
            *out_ptr = ctx->buf[j] ^ (*in_ptr);
            if (ctx->encrypt)
                ctx->buf[j + 8] = *out_ptr;
        }
        if (j == 8) {
            memcpy(ctx->iv, ctx->buf + 8, 8);
            ctx->num = 0;
        } else {
            ctx->num = j;
            return 1;
        }
    }

    for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
        /*
         * block cipher current iv
         */
        gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
        /*
         * xor next block of input text with it and output it
         */
        /*
         * output this block
         */
        if (!ctx->encrypt)
            memcpy(ctx->iv, in_ptr, 8);
        for (j = 0; j < 8; j++) {
            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
        }
        /* Encrypt */
        /* Next iv is next block of cipher text */
        if (ctx->encrypt)
            memcpy(ctx->iv, out_ptr, 8);
    }
/* Process rest of buffer */
    if (i < inl) {
        gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
        if (!ctx->encrypt)
            memcpy(ctx->buf + 8, in_ptr, inl - i);
        for (j = 0; i < inl; j++, i++) {
            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
        }
        ctx->num = j;
        if (ctx->encrypt)
            memcpy(ctx->buf + 8, out_ptr, j);
    } else {
        ctx->num = 0;
    }
    return 1;
}

static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
                              const unsigned char *in, size_t inl)
{
    const unsigned char *in_ptr = in;
    unsigned char *out_ptr = out;
    size_t i = 0;
    size_t j;
/* process partial block if any */
    if (ctx->num) {
        for (j = ctx->num, i = 0; j < 8 && i < inl;
             j++, i++, in_ptr++, out_ptr++) {
            *out_ptr = ctx->buf[j] ^ (*in_ptr);
        }
        if (j == 8) {
            ctx->num = 0;
        } else {
            ctx->num = j;
            return 1;
        }
    }

    for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
        /*
         * block cipher current iv
         */
        /* Encrypt */
        gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
        /*
         * xor next block of input text with it and output it
         */
        /*
         * output this block
         */
        for (j = 0; j < 8; j++) {
            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
        }
    }
/* Process rest of buffer */
    if (i < inl) {
        gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
        for (j = 0; i < inl; j++, i++) {
            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
        }
        ctx->num = j;
    } else {
        ctx->num = 0;
    }
    return 1;
}

/* Cleaning up of EVP_CIPHER_CTX */
int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
{
    gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx);
    ctx->app_data = NULL;
    return 1;
}

/* Control function for gost cipher */
int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
    switch (type) {
    case EVP_CTRL_RAND_KEY:
        {
            if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) {
                GOSTerr(GOST_F_GOST_CIPHER_CTL,
                        GOST_R_RANDOM_GENERATOR_ERROR);
                return -1;
            }
            break;
        }
    case EVP_CTRL_PBE_PRF_NID:
        if (ptr) {
            *((int *)ptr) = NID_id_HMACGostR3411_94;
            return 1;
        } else {
            return 0;
        }

    default:
        GOSTerr(GOST_F_GOST_CIPHER_CTL,
                GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
        return -1;
    }
    return 1;
}

/* Set cipher parameters from ASN1 structure */
int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
    int len = 0;
    unsigned char *buf = NULL;
    unsigned char *p = NULL;
    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
    GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
    ASN1_OCTET_STRING *os = NULL;
    if (!gcp) {
        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
        GOST_CIPHER_PARAMS_free(gcp);
        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    ASN1_OBJECT_free(gcp->enc_param_set);
    gcp->enc_param_set = OBJ_nid2obj(c->paramNID);

    len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
    p = buf = (unsigned char *)OPENSSL_malloc(len);
    if (!buf) {
        GOST_CIPHER_PARAMS_free(gcp);
        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    i2d_GOST_CIPHER_PARAMS(gcp, &p);
    GOST_CIPHER_PARAMS_free(gcp);

    os = ASN1_OCTET_STRING_new();

    if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
        OPENSSL_free(buf);
        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
        return 0;
    }
    OPENSSL_free(buf);

    ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
    return 1;
}

/* Store parameters into ASN1 structure */
int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
    int ret = -1;
    int len;
    GOST_CIPHER_PARAMS *gcp = NULL;
    unsigned char *p;
    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
    if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
        return ret;
    }

    p = params->value.sequence->data;

    gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
                                 params->value.sequence->length);

    len = gcp->iv->length;
    if (len != ctx->cipher->iv_len) {
        GOST_CIPHER_PARAMS_free(gcp);
        GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH);
        return -1;
    }
    if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) {
        GOST_CIPHER_PARAMS_free(gcp);
        return -1;
    }
    memcpy(ctx->oiv, gcp->iv->data, len);

    GOST_CIPHER_PARAMS_free(gcp);

    return 1;
}

int gost_imit_init_cpa(EVP_MD_CTX *ctx)
{
    struct ossl_gost_imit_ctx *c = ctx->md_data;
    memset(c->buffer, 0, sizeof(c->buffer));
    memset(c->partial_block, 0, sizeof(c->partial_block));
    c->count = 0;
    c->bytes_left = 0;
    c->key_meshing = 1;
    gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
    return 1;
}

static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
                           const unsigned char *data)
{
    unsigned char buffer[8];
    /*
     * We are using local buffer for iv because CryptoPro doesn't interpret
     * internal state of MAC algorithm as iv during keymeshing (but does
     * initialize internal state from iv in key transport
     */
    assert(c->count % 8 == 0 && c->count <= 1024);
    if (c->key_meshing && c->count == 1024) {
        cryptopro_key_meshing(&(c->cctx), buffer);
    }
    mac_block(&(c->cctx), c->buffer, data);
    c->count = c->count % 1024 + 8;
}

int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
    struct ossl_gost_imit_ctx *c = ctx->md_data;
    const unsigned char *p = data;
    size_t bytes = count, i;
    if (!(c->key_set)) {
        GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
        return 0;
    }
    if (c->bytes_left) {
        for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) {
            c->partial_block[i] = *p;
        }
        if (i == 8) {
            mac_block_mesh(c, c->partial_block);
        } else {
            c->bytes_left = i;
            return 1;
        }
    }
    while (bytes > 8) {
        mac_block_mesh(c, p);
        p += 8;
        bytes -= 8;
    }
    if (bytes > 0) {
        memcpy(c->partial_block, p, bytes);
    }
    c->bytes_left = bytes;
    return 1;
}

int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
{
    struct ossl_gost_imit_ctx *c = ctx->md_data;
    if (!c->key_set) {
        GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
        return 0;
    }
    if (c->count == 0 && c->bytes_left) {
        unsigned char buffer[8];
        memset(buffer, 0, 8);
        gost_imit_update(ctx, buffer, 8);
    }
    if (c->bytes_left) {
        int i;
        for (i = c->bytes_left; i < 8; i++) {
            c->partial_block[i] = 0;
        }
        mac_block_mesh(c, c->partial_block);
    }
    get_mac(c->buffer, 32, md);
    return 1;
}

int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
{
    switch (type) {
    case EVP_MD_CTRL_KEY_LEN:
        *((unsigned int *)(ptr)) = 32;
        return 1;
    case EVP_MD_CTRL_SET_KEY:
        {
            if (arg != 32) {
                GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
                return 0;
            }

            gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
                     ptr);
            ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
            return 1;

        }
    default:
        return 0;
    }
}

int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
    memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
    return 1;
}

/* Clean up imit ctx */
int gost_imit_cleanup(EVP_MD_CTX *ctx)
{
    memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
    return 1;
}
Commit	Line	Data
a04549cc	1	/**********************************************************************
926c41bd DSH	2	* gost_crypt.c *
	3	* Copyright (c) 2005-2006 Cryptocom LTD *
	4	* This file is distributed under the same license as OpenSSL *
	5	* *
	6	* OpenSSL interface to GOST 28147-89 cipher functions *
	7	* Requires OpenSSL 0.9.9 for compilation *
	8	**********************************************************************/
a04549cc	9	#include <string.h>
a04549cc	10	#include "gost89.h"
f50ffd10	11	#include <openssl/err.h>
a04549cc DSH	12	#include <openssl/rand.h>
a04549cc DSH	13	#include "e_gost_err.h"
926c41bd	14	#include "gost_lcl.h"
a0dcb8d8 AP	15
	16	#if !defined(CCGOST_DEBUG) && !defined(DEBUG)
	17	# ifndef NDEBUG
	18	# define NDEBUG
	19	# endif
	20	#endif
	21	#include <assert.h>
	22
0f113f3e MC	23	static int gost_cipher_init(EVP_CIPHER_CTX ctx, const unsigned char key,
	24	const unsigned char *iv, int enc);
	25	static int gost_cipher_init_cpa(EVP_CIPHER_CTX ctx, const unsigned char key,
	26	const unsigned char *iv, int enc);
	27	/* Handles block of data in CFB mode */
	28	static int gost_cipher_do_cfb(EVP_CIPHER_CTX ctx, unsigned char out,
	29	const unsigned char *in, size_t inl);
	30	/* Handles block of data in CNT mode */
	31	static int gost_cipher_do_cnt(EVP_CIPHER_CTX ctx, unsigned char out,
	32	const unsigned char *in, size_t inl);
	33	/* Cleanup function */
a04549cc DSH	34	static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
a04549cc DSH	35	/* set/get cipher parameters */
0f113f3e MC	36	static int gost89_set_asn1_parameters(EVP_CIPHER_CTX ctx, ASN1_TYPE params);
0f113f3e MC	37	static int gost89_get_asn1_parameters(EVP_CIPHER_CTX ctx, ASN1_TYPE params);
a04549cc	38	/* Control function */
0f113f3e MC	39	static int gost_cipher_ctl(EVP_CIPHER_CTX ctx, int type, int arg, void ptr);
	40
	41	EVP_CIPHER cipher_gost = {
	42	NID_id_Gost28147_89,
	43	1, /* block_size */
	44	32, /* key_size */
	45	8, /* iv_len */
	46	EVP_CIPH_CFB_MODE \| EVP_CIPH_NO_PADDING \|
	47	EVP_CIPH_CUSTOM_IV \| EVP_CIPH_RAND_KEY \| EVP_CIPH_ALWAYS_CALL_INIT,
	48	gost_cipher_init,
	49	gost_cipher_do_cfb,
	50	gost_cipher_cleanup,
	51	sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
	52	gost89_set_asn1_parameters,
	53	gost89_get_asn1_parameters,
	54	gost_cipher_ctl,
	55	NULL,
	56	};
	57
	58	EVP_CIPHER cipher_gost_cpacnt = {
	59	NID_gost89_cnt,
	60	1, /* block_size */
	61	32, /* key_size */
	62	8, /* iv_len */
	63	EVP_CIPH_OFB_MODE \| EVP_CIPH_NO_PADDING \|
	64	EVP_CIPH_CUSTOM_IV \| EVP_CIPH_RAND_KEY \| EVP_CIPH_ALWAYS_CALL_INIT,
	65	gost_cipher_init_cpa,
	66	gost_cipher_do_cnt,
	67	gost_cipher_cleanup,
	68	sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
	69	gost89_set_asn1_parameters,
	70	gost89_get_asn1_parameters,
	71	gost_cipher_ctl,
	72	NULL,
	73	};
a04549cc	74
a04549cc DSH	75	/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
a04549cc DSH	76	/* Init functions which set specific parameters */
a04549cc DSH	77	static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
	78	/* process block of data */
	79	static int gost_imit_update(EVP_MD_CTX ctx, const void data, size_t count);
	80	/* Return computed value */
0f113f3e	81	static int gost_imit_final(EVP_MD_CTX ctx, unsigned char md);
a04549cc	82	/* Copies context */
0f113f3e	83	static int gost_imit_copy(EVP_MD_CTX to, const EVP_MD_CTX from);
a04549cc DSH	84	static int gost_imit_cleanup(EVP_MD_CTX *ctx);
a04549cc DSH	85	/* Control function, knows how to set MAC key.*/
0f113f3e MC	86	static int gost_imit_ctrl(EVP_MD_CTX ctx, int type, int arg, void ptr);
	87
	88	EVP_MD imit_gost_cpa = {
	89	NID_id_Gost28147_89_MAC,
	90	NID_undef,
	91	4,
	92	0,
	93	gost_imit_init_cpa,
	94	gost_imit_update,
	95	gost_imit_final,
	96	gost_imit_copy,
	97	gost_imit_cleanup,
	98	NULL,
	99	NULL,
	100	{0, 0, 0, 0, 0},
	101	8,
	102	sizeof(struct ossl_gost_imit_ctx),
	103	gost_imit_ctrl
	104	};
	105
	106	/*
926c41bd DSH	107	* Correspondence between gost parameter OIDs and substitution blocks
	108	* NID field is filed by register_gost_NID function in engine.c
	109	* upon engine initialization
	110	*/
a04549cc	111
0f113f3e MC	112	struct gost_cipher_info gost_cipher_list[] = {
	113	/- NID //*
	114	* Subst block
	115	//
	116	* Key meshing
	117	*/
	118	/*
	119	* {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
	120	*/
	121	{NID_id_Gost28147_89_cc, &GostR3411_94_CryptoProParamSet, 0},
	122	{NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA,
	123	1},
	124	{NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB,
	125	1},
	126	{NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC,
	127	1},
	128	{NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD,
	129	1},
	130	{NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1},
	131	{NID_undef, NULL, 0}
	132	};
	133
	134	/*
	135	* get encryption parameters from crypto network settings FIXME For now we
	136	* use environment var CRYPT_PARAMS as place to store these settings.
	137	* Actually, it is better to use engine control command, read from
	138	* configuration file to set them
	139	*/
926c41bd	140	const struct gost_cipher_info get_encryption_params(ASN1_OBJECT obj)
0f113f3e MC	141	{
	142	int nid;
	143	struct gost_cipher_info *param;
	144	if (!obj) {
	145	const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
	146	if (!params \|\| !strlen(params))
	147	return &gost_cipher_list[1];
	148
	149	nid = OBJ_txt2nid(params);
	150	if (nid == NID_undef) {
	151	GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
	152	GOST_R_INVALID_CIPHER_PARAM_OID);
	153	return NULL;
	154	}
	155	} else {
	156	nid = OBJ_obj2nid(obj);
	157	}
	158	for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid;
	159	param++) ;
	160	if (!param->sblock) {
	161	GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
	162	return NULL;
	163	}
	164	return param;
	165	}
926c41bd	166
a04549cc	167	/* Sets cipher param from paramset NID. */
0f113f3e MC	168	static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid)
	169	{
	170	const struct gost_cipher_info *param;
	171	param =
	172	get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid)));
	173	if (!param)
	174	return 0;
	175
	176	c->paramNID = param->nid;
	177	c->key_meshing = param->key_meshing;
	178	c->count = 0;
	179	gost_init(&(c->cctx), param->sblock);
	180	return 1;
	181	}
926c41bd	182
a04549cc	183	/* Initializes EVP_CIPHER_CTX by paramset NID */
0f113f3e MC	184	static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx,
	185	const unsigned char *key,
	186	const unsigned char *iv, int enc,
	187	int paramNID, int mode)
	188	{
	189	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
	190	if (ctx->app_data == NULL) {
	191	if (!gost_cipher_set_param(c, paramNID))
	192	return 0;
	193	ctx->app_data = ctx->cipher_data;
	194	}
	195	if (key)
	196	gost_key(&(c->cctx), key);
	197	if (iv)
	198	memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
	199	memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
	200	return 1;
	201	}
a04549cc	202
84948b39	203	static int gost_cipher_init_cpa(EVP_CIPHER_CTX ctx, const unsigned char key,
0f113f3e MC	204	const unsigned char *iv, int enc)
	205	{
	206	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
	207	gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
	208	c->key_meshing = 1;
	209	c->count = 0;
	210	if (key)
	211	gost_key(&(c->cctx), key);
	212	if (iv)
	213	memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
	214	memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
	215	return 1;
	216	}
a04549cc DSH	217
	218	/* Initializes EVP_CIPHER_CTX with default values */
	219	int gost_cipher_init(EVP_CIPHER_CTX ctx, const unsigned char key,
0f113f3e MC	220	const unsigned char *iv, int enc)
	221	{
	222	return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
	223	EVP_CIPH_CFB_MODE);
	224	}
	225
	226	/*
	227	* Wrapper around gostcrypt function from gost89.c which perform key meshing
	228	* when nesseccary
926c41bd	229	*/
0f113f3e MC	230	static void gost_crypt_mesh(void ctx, unsigned char iv, unsigned char *buf)
	231	{
	232	struct ossl_gost_cipher_ctx *c = ctx;
	233	assert(c->count % 8 == 0 && c->count <= 1024);
	234	if (c->key_meshing && c->count == 1024) {
	235	cryptopro_key_meshing(&(c->cctx), iv);
	236	}
	237	gostcrypt(&(c->cctx), iv, buf);
	238	c->count = c->count % 1024 + 8;
	239	}
	240
	241	static void gost_cnt_next(void ctx, unsigned char iv, unsigned char *buf)
	242	{
	243	struct ossl_gost_cipher_ctx *c = ctx;
	244	word32 g, go;
	245	unsigned char buf1[8];
	246	assert(c->count % 8 == 0 && c->count <= 1024);
	247	if (c->key_meshing && c->count == 1024) {
	248	cryptopro_key_meshing(&(c->cctx), iv);
	249	}
	250	if (c->count == 0) {
	251	gostcrypt(&(c->cctx), iv, buf1);
	252	} else {
	253	memcpy(buf1, iv, 8);
	254	}
	255	g = buf1[0] \| (buf1[1] << 8) \| (buf1[2] << 16) \| ((word32) buf1[3] << 24);
	256	g += 0x01010101;
	257	buf1[0] = (unsigned char)(g & 0xff);
	258	buf1[1] = (unsigned char)((g >> 8) & 0xff);
	259	buf1[2] = (unsigned char)((g >> 16) & 0xff);
	260	buf1[3] = (unsigned char)((g >> 24) & 0xff);
	261	g = buf1[4] \| (buf1[5] << 8) \| (buf1[6] << 16) \| ((word32) buf1[7] << 24);
	262	go = g;
	263	g += 0x01010104;
	264	if (go > g) /* overflow */
	265	g++;
	266	buf1[4] = (unsigned char)(g & 0xff);
	267	buf1[5] = (unsigned char)((g >> 8) & 0xff);
	268	buf1[6] = (unsigned char)((g >> 16) & 0xff);
	269	buf1[7] = (unsigned char)((g >> 24) & 0xff);
	270	memcpy(iv, buf1, 8);
	271	gostcrypt(&(c->cctx), buf1, buf);
	272	c->count = c->count % 1024 + 8;
	273	}
a04549cc DSH	274
a04549cc DSH	275	/* GOST encryption in CFB mode */
0f113f3e MC	276	int gost_cipher_do_cfb(EVP_CIPHER_CTX ctx, unsigned char out,
	277	const unsigned char *in, size_t inl)
	278	{
	279	const unsigned char *in_ptr = in;
	280	unsigned char *out_ptr = out;
	281	size_t i = 0;
	282	size_t j = 0;
926c41bd	283	/* process partial block if any */
0f113f3e MC	284	if (ctx->num) {
	285	for (j = ctx->num, i = 0; j < 8 && i < inl;
	286	j++, i++, in_ptr++, out_ptr++) {
	287	if (!ctx->encrypt)
	288	ctx->buf[j + 8] = *in_ptr;
	289	out_ptr = ctx->buf[j] ^ (in_ptr);
	290	if (ctx->encrypt)
	291	ctx->buf[j + 8] = *out_ptr;
	292	}
	293	if (j == 8) {
	294	memcpy(ctx->iv, ctx->buf + 8, 8);
	295	ctx->num = 0;
	296	} else {
	297	ctx->num = j;
	298	return 1;
	299	}
	300	}
	301
	302	for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
	303	/*
	304	* block cipher current iv
	305	*/
	306	gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
	307	/*
	308	* xor next block of input text with it and output it
	309	*/
	310	/*
	311	* output this block
	312	*/
	313	if (!ctx->encrypt)
	314	memcpy(ctx->iv, in_ptr, 8);
	315	for (j = 0; j < 8; j++) {
	316	out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
	317	}
	318	/* Encrypt */
	319	/* Next iv is next block of cipher text */
	320	if (ctx->encrypt)
	321	memcpy(ctx->iv, out_ptr, 8);
	322	}
a04549cc	323	/* Process rest of buffer */
0f113f3e MC	324	if (i < inl) {
	325	gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
	326	if (!ctx->encrypt)
	327	memcpy(ctx->buf + 8, in_ptr, inl - i);
	328	for (j = 0; i < inl; j++, i++) {
	329	out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
	330	}
	331	ctx->num = j;
	332	if (ctx->encrypt)
	333	memcpy(ctx->buf + 8, out_ptr, j);
	334	} else {
	335	ctx->num = 0;
	336	}
	337	return 1;
	338	}
926c41bd	339
84948b39	340	static int gost_cipher_do_cnt(EVP_CIPHER_CTX ctx, unsigned char out,
0f113f3e MC	341	const unsigned char *in, size_t inl)
	342	{
	343	const unsigned char *in_ptr = in;
	344	unsigned char *out_ptr = out;
	345	size_t i = 0;
	346	size_t j;
926c41bd	347	/* process partial block if any */
0f113f3e MC	348	if (ctx->num) {
	349	for (j = ctx->num, i = 0; j < 8 && i < inl;
	350	j++, i++, in_ptr++, out_ptr++) {
	351	out_ptr = ctx->buf[j] ^ (in_ptr);
	352	}
	353	if (j == 8) {
	354	ctx->num = 0;
	355	} else {
	356	ctx->num = j;
	357	return 1;
	358	}
	359	}
	360
	361	for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
	362	/*
	363	* block cipher current iv
	364	*/
	365	/* Encrypt */
	366	gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
	367	/*
	368	* xor next block of input text with it and output it
	369	*/
	370	/*
	371	* output this block
	372	*/
	373	for (j = 0; j < 8; j++) {
	374	out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
	375	}
	376	}
a04549cc	377	/* Process rest of buffer */
0f113f3e MC	378	if (i < inl) {
	379	gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
	380	for (j = 0; i < inl; j++, i++) {
	381	out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
	382	}
	383	ctx->num = j;
	384	} else {
	385	ctx->num = 0;
	386	}
	387	return 1;
	388	}
926c41bd	389
a04549cc	390	/* Cleaning up of EVP_CIPHER_CTX */
0f113f3e MC	391	int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
	392	{
	393	gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx);
	394	ctx->app_data = NULL;
	395	return 1;
	396	}
a04549cc	397
a04549cc	398	/* Control function for gost cipher */
0f113f3e MC	399	int gost_cipher_ctl(EVP_CIPHER_CTX ctx, int type, int arg, void ptr)
	400	{
	401	switch (type) {
	402	case EVP_CTRL_RAND_KEY:
	403	{
	404	if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) {
	405	GOSTerr(GOST_F_GOST_CIPHER_CTL,
	406	GOST_R_RANDOM_GENERATOR_ERROR);
	407	return -1;
	408	}
	409	break;
	410	}
	411	case EVP_CTRL_PBE_PRF_NID:
	412	if (ptr) {
	413	((int )ptr) = NID_id_HMACGostR3411_94;
	414	return 1;
	415	} else {
	416	return 0;
	417	}
	418
	419	default:
	420	GOSTerr(GOST_F_GOST_CIPHER_CTL,
	421	GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
	422	return -1;
	423	}
	424	return 1;
	425	}
a04549cc DSH	426
a04549cc DSH	427	/* Set cipher parameters from ASN1 structure */
0f113f3e MC	428	int gost89_set_asn1_parameters(EVP_CIPHER_CTX ctx, ASN1_TYPE params)
	429	{
	430	int len = 0;
	431	unsigned char *buf = NULL;
	432	unsigned char *p = NULL;
	433	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
	434	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
	435	ASN1_OCTET_STRING *os = NULL;
	436	if (!gcp) {
	437	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	438	return 0;
	439	}
	440	if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
	441	GOST_CIPHER_PARAMS_free(gcp);
	442	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	443	return 0;
	444	}
	445	ASN1_OBJECT_free(gcp->enc_param_set);
	446	gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
	447
	448	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
	449	p = buf = (unsigned char *)OPENSSL_malloc(len);
	450	if (!buf) {
	451	GOST_CIPHER_PARAMS_free(gcp);
	452	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	453	return 0;
	454	}
	455	i2d_GOST_CIPHER_PARAMS(gcp, &p);
	456	GOST_CIPHER_PARAMS_free(gcp);
	457
	458	os = ASN1_OCTET_STRING_new();
	459
	460	if (!os \|\| !ASN1_OCTET_STRING_set(os, buf, len)) {
	461	OPENSSL_free(buf);
	462	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	463	return 0;
	464	}
	465	OPENSSL_free(buf);
	466
	467	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
	468	return 1;
	469	}
926c41bd	470
a04549cc	471	/* Store parameters into ASN1 structure */
0f113f3e MC	472	int gost89_get_asn1_parameters(EVP_CIPHER_CTX ctx, ASN1_TYPE params)
	473	{
	474	int ret = -1;
	475	int len;
	476	GOST_CIPHER_PARAMS *gcp = NULL;
	477	unsigned char *p;
	478	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
	479	if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
	480	return ret;
	481	}
	482
	483	p = params->value.sequence->data;
	484
	485	gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
	486	params->value.sequence->length);
	487
	488	len = gcp->iv->length;
	489	if (len != ctx->cipher->iv_len) {
	490	GOST_CIPHER_PARAMS_free(gcp);
	491	GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH);
	492	return -1;
	493	}
	494	if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) {
	495	GOST_CIPHER_PARAMS_free(gcp);
	496	return -1;
	497	}
	498	memcpy(ctx->oiv, gcp->iv->data, len);
	499
	500	GOST_CIPHER_PARAMS_free(gcp);
	501
	502	return 1;
	503	}
926c41bd DSH	504
926c41bd DSH	505	int gost_imit_init_cpa(EVP_MD_CTX *ctx)
0f113f3e MC	506	{
	507	struct ossl_gost_imit_ctx *c = ctx->md_data;
	508	memset(c->buffer, 0, sizeof(c->buffer));
	509	memset(c->partial_block, 0, sizeof(c->partial_block));
	510	c->count = 0;
	511	c->bytes_left = 0;
	512	c->key_meshing = 1;
	513	gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
	514	return 1;
	515	}
	516
	517	static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
	518	const unsigned char *data)
	519	{
	520	unsigned char buffer[8];
	521	/*
	522	* We are using local buffer for iv because CryptoPro doesn't interpret
	523	* internal state of MAC algorithm as iv during keymeshing (but does
	524	* initialize internal state from iv in key transport
	525	*/
	526	assert(c->count % 8 == 0 && c->count <= 1024);
	527	if (c->key_meshing && c->count == 1024) {
	528	cryptopro_key_meshing(&(c->cctx), buffer);
	529	}
	530	mac_block(&(c->cctx), c->buffer, data);
	531	c->count = c->count % 1024 + 8;
	532	}
a04549cc	533
926c41bd	534	int gost_imit_update(EVP_MD_CTX ctx, const void data, size_t count)
0f113f3e MC	535	{
	536	struct ossl_gost_imit_ctx *c = ctx->md_data;
	537	const unsigned char *p = data;
	538	size_t bytes = count, i;
	539	if (!(c->key_set)) {
	540	GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
	541	return 0;
	542	}
	543	if (c->bytes_left) {
	544	for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) {
	545	c->partial_block[i] = *p;
	546	}
	547	if (i == 8) {
	548	mac_block_mesh(c, c->partial_block);
	549	} else {
	550	c->bytes_left = i;
	551	return 1;
	552	}
	553	}
	554	while (bytes > 8) {
	555	mac_block_mesh(c, p);
	556	p += 8;
	557	bytes -= 8;
	558	}
	559	if (bytes > 0) {
	560	memcpy(c->partial_block, p, bytes);
	561	}
	562	c->bytes_left = bytes;
	563	return 1;
	564	}
	565
	566	int gost_imit_final(EVP_MD_CTX ctx, unsigned char md)
	567	{
	568	struct ossl_gost_imit_ctx *c = ctx->md_data;
	569	if (!c->key_set) {
	570	GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
	571	return 0;
	572	}
	573	if (c->count == 0 && c->bytes_left) {
	574	unsigned char buffer[8];
	575	memset(buffer, 0, 8);
	576	gost_imit_update(ctx, buffer, 8);
	577	}
	578	if (c->bytes_left) {
	579	int i;
	580	for (i = c->bytes_left; i < 8; i++) {
	581	c->partial_block[i] = 0;
	582	}
	583	mac_block_mesh(c, c->partial_block);
	584	}
	585	get_mac(c->buffer, 32, md);
	586	return 1;
	587	}
	588
	589	int gost_imit_ctrl(EVP_MD_CTX ctx, int type, int arg, void ptr)
	590	{
	591	switch (type) {
	592	case EVP_MD_CTRL_KEY_LEN:
	593	((unsigned int )(ptr)) = 32;
	594	return 1;
	595	case EVP_MD_CTRL_SET_KEY:
	596	{
	597	if (arg != 32) {
	598	GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
599	return 0;
600	}
601
602	gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
603	ptr);
604	((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
605	return 1;
606
607	}
608	default:
609	return 0;
610	}
611	}
612
613	int gost_imit_copy(EVP_MD_CTX to, const EVP_MD_CTX from)
614	{
615	memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
616	return 1;
617	}
926c41bd	618
a04549cc	619	/* Clean up imit ctx */
926c41bd	620	int gost_imit_cleanup(EVP_MD_CTX *ctx)
0f113f3e MC	621	{
	622	memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
	623	return 1;
	624	}