From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date: Fri, 21 Sep 2018 19:11:51 +0000 (+0300)
Subject: lib: add Magma/Kuznyechik OMAC support
X-Git-Tag: 3.7.0~19^2~57^2~4
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=a78c95a8e5c201f4b41664c6edb94048b8ac5b4b;p=thirdparty%2Fgnutls.git

lib: add Magma/Kuznyechik OMAC support

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
---

diff --git a/devel/libgnutls-latest-x86_64.abi b/devel/libgnutls-latest-x86_64.abi
index c3f736f3b9..2242bcc785 100644
--- a/devel/libgnutls-latest-x86_64.abi
+++ b/devel/libgnutls-latest-x86_64.abi
@@ -1585,6 +1585,8 @@
       <enumerator name='GNUTLS_MAC_GOST28147_TC26Z_IMIT' value='208'/>
       <enumerator name='GNUTLS_MAC_SHAKE_128' value='209'/>
       <enumerator name='GNUTLS_MAC_SHAKE_256' value='210'/>
+      <enumerator name='GNUTLS_MAC_MAGMA_OMAC' value='211'/>
+      <enumerator name='GNUTLS_MAC_KUZNYECHIK_OMAC' value='212'/>
     </enum-decl>
     <typedef-decl name='gnutls_mac_algorithm_t' type-id='type-id-44' id='type-id-31'/>
     <enum-decl name='__anonymous_enum__' is-anonymous='yes' id='type-id-45'>
diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c
index edd6e10acc..a82270975d 100644
--- a/lib/algorithms/mac.c
+++ b/lib/algorithms/mac.c
@@ -191,6 +191,16 @@ mac_entry_st hash_algorithms[] = {
 	 .oid = HASH_OID_SHAKE_256,
 	 .id = GNUTLS_MAC_SHAKE_256,
 	 .block_size = 136},
+	{.name = "OMAC-MAGMA",
+	 .id = GNUTLS_MAC_MAGMA_OMAC,
+	 .output_size = 8,
+	 .key_size = 32,
+	 .block_size = 8},
+	{.name = "OMAC-KUZNYECHIK",
+	 .id = GNUTLS_MAC_KUZNYECHIK_OMAC,
+	 .output_size = 16,
+	 .key_size = 32,
+	 .block_size = 16},
 	{.name = "MAC-NULL",
 	 .id = GNUTLS_MAC_NULL},
 	{0, 0, 0, 0, 0, 0, 0, 0, 0}
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index fb7f37a4cc..d02854b40a 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -314,6 +314,8 @@ typedef enum {
  * @GNUTLS_MAC_GOST28147_TC26Z_IMIT: The GOST 28147-89 working in IMIT mode with TC26 Z S-box.
  * @GNUTLS_MAC_SHAKE_128: Reserved; unimplemented.
  * @GNUTLS_MAC_SHAKE_256: Reserved; unimplemented.
+ * @GNUTLS_MAC_MAGMA_OMAC: GOST R 34.12-2015 (Magma) in OMAC (CMAC) mode.
+ * @GNUTLS_MAC_KUZNYECHIK_OMAC: GOST R 34.12-2015 (Kuznyechik) in OMAC (CMAC) mode.
  *
  * Enumeration of different Message Authentication Code (MAC)
  * algorithms.
@@ -349,7 +351,9 @@ typedef enum {
 	GNUTLS_MAC_AES_GMAC_256 = 207,
 	GNUTLS_MAC_GOST28147_TC26Z_IMIT = 208,
 	GNUTLS_MAC_SHAKE_128 = 209,
-	GNUTLS_MAC_SHAKE_256 = 210
+	GNUTLS_MAC_SHAKE_256 = 210,
+	GNUTLS_MAC_MAGMA_OMAC = 211,
+	GNUTLS_MAC_KUZNYECHIK_OMAC = 212
 } gnutls_mac_algorithm_t;
 
 /**
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index e2ba0cb4d6..07a218ea48 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -52,6 +52,7 @@
 #endif
 #ifndef HAVE_NETTLE_GOST28147_SET_KEY
 #include "gost/gost28147.h"
+#include "gost/cmac.h"
 #endif
 #include "gost/cmac.h"
 #endif
@@ -123,6 +124,8 @@ struct nettle_mac_ctx {
 		struct hmac_streebog256_ctx streebog256;
 		struct hmac_streebog512_ctx streebog512;
 		struct gost28147_imit_ctx gost28147_imit;
+		struct cmac_magma_ctx magma;
+		struct cmac_kuznyechik_ctx kuznyechik;
 #endif
 		struct umac96_ctx umac96;
 		struct umac128_ctx umac128;
@@ -147,6 +150,18 @@ _wrap_gost28147_imit_set_key_tc26z(void *ctx, size_t len, const uint8_t * key)
 	gost28147_imit_set_param(ctx, &gost28147_param_TC26_Z);
 	gost28147_imit_set_key(ctx, len, key);
 }
+
+static void
+_wrap_cmac_magma_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	cmac_magma_set_key(ctx, key);
+}
+
+static void
+_wrap_cmac_kuznyechik_set_key(void *ctx, size_t len, const uint8_t * key)
+{
+	cmac_kuznyechik_set_key(ctx, key);
+}
 #endif
 
 static void
@@ -342,6 +357,20 @@ static int _mac_ctx_init(gnutls_mac_algorithm_t algo,
 		ctx->ctx_ptr = &ctx->ctx.gost28147_imit;
 		ctx->length = GOST28147_IMIT_DIGEST_SIZE;
 		break;
+	case GNUTLS_MAC_MAGMA_OMAC:
+		ctx->update = (update_func) cmac_magma_update;
+		ctx->digest = (digest_func) cmac_magma_digest;
+		ctx->set_key = _wrap_cmac_magma_set_key;
+		ctx->ctx_ptr = &ctx->ctx.magma;
+		ctx->length = CMAC64_DIGEST_SIZE;
+		break;
+	case GNUTLS_MAC_KUZNYECHIK_OMAC:
+		ctx->update = (update_func) cmac_kuznyechik_update;
+		ctx->digest = (digest_func) cmac_kuznyechik_digest;
+		ctx->set_key = _wrap_cmac_kuznyechik_set_key;
+		ctx->ctx_ptr = &ctx->ctx.kuznyechik;
+		ctx->length = CMAC128_DIGEST_SIZE;
+		break;
 #endif
 	case GNUTLS_MAC_UMAC_96:
 		ctx->update = (update_func) umac96_update;
@@ -457,6 +486,8 @@ static int wrap_nettle_mac_exists(gnutls_mac_algorithm_t algo)
 	case GNUTLS_MAC_STREEBOG_256:
 	case GNUTLS_MAC_STREEBOG_512:
 	case GNUTLS_MAC_GOST28147_TC26Z_IMIT:
+	case GNUTLS_MAC_MAGMA_OMAC:
+	case GNUTLS_MAC_KUZNYECHIK_OMAC:
 #endif
 		return 1;
 	default: