diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2017-08-29 11:10:33 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-10-15 23:28:25 +0300 |
commit | 3dc548c79f846b6d998ed47809a7419fe95565c9 (patch) | |
tree | b401af2afda0ee91b93c2c163f8197f3fad5e9b2 /lib/nettle | |
parent | 5d5613b75dd628e95cd1b65961a3d094c80540c6 (diff) | |
download | gnutls-3dc548c79f846b6d998ed47809a7419fe95565c9.tar.gz |
prf: add Streebog (GOST R 34.11-2012) PRF support
Add support and tests for PRF generated using both Streebog versions.
This is necessary for adding GOST TLS ciphersuites support.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'lib/nettle')
-rw-r--r-- | lib/nettle/prf.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/lib/nettle/prf.c b/lib/nettle/prf.c index 713245b0c4..631ba3b8c0 100644 --- a/lib/nettle/prf.c +++ b/lib/nettle/prf.c @@ -23,6 +23,9 @@ #include <gnutls_int.h> #include "int/tls1-prf.h" #include <nettle/hmac.h> +#if ENABLE_GOST +#include "gost/hmac-gost.h" +#endif /*- * _gnutls_prf_raw: @@ -88,6 +91,42 @@ _gnutls_prf_raw(gnutls_mac_algorithm_t mac, return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); break; } +#if ENABLE_GOST + case GNUTLS_MAC_STREEBOG_256:{ + struct hmac_streebog256_ctx ctx; + hmac_streebog256_set_key(&ctx, master_size, master); + + ret = tls12_prf(&ctx, + (nettle_hash_update_func *) + hmac_streebog256_update, + (nettle_hash_digest_func *) + hmac_streebog256_digest, STREEBOG256_DIGEST_SIZE, + label_size, label, seed_size, + seed, outsize, + (uint8_t*)out); + + if (unlikely(ret != 1)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + break; + } + case GNUTLS_MAC_STREEBOG_512:{ + struct hmac_streebog512_ctx ctx; + hmac_streebog512_set_key(&ctx, master_size, master); + + ret = tls12_prf(&ctx, + (nettle_hash_update_func *) + hmac_streebog512_update, + (nettle_hash_digest_func *) + hmac_streebog512_digest, STREEBOG512_DIGEST_SIZE, + label_size, label, seed_size, + seed, outsize, + (uint8_t*)out); + + if (unlikely(ret != 1)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + break; + } +#endif default: gnutls_assert(); _gnutls_debug_log("unhandled PRF %s\n", |