diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/crypto-api.c | 17 | ||||
| -rw-r--r-- | lib/includes/gnutls/crypto.h | 1 | ||||
| -rw-r--r-- | lib/libgnutls.map | 1 | ||||
| -rw-r--r-- | lib/nettle/gost/gost-wrap.c | 2 | ||||
| -rw-r--r-- | lib/nettle/gost/gost28147.c | 14 | ||||
| -rw-r--r-- | lib/nettle/gost/gost28147.h | 4 |
6 files changed, 27 insertions, 12 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index d3e8094563..4db6812c29 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -456,6 +456,23 @@ unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm) } /** + * gnutls_hmac_get_key_size: + * @algorithm: the mac algorithm to use + * + * This function will return the size of the key to be used with this + * algorithm. On the algorithms which may accept arbitrary key sizes, + * the returned size is the MAC key size used in the TLS protocol. + * + * Returns: The key size or zero on error. + * + * Since: 3.6.12 + **/ +unsigned gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm) +{ + return _gnutls_mac_get_key_size(mac_to_entry(algorithm)); +} + +/** * gnutls_hmac_fast: * @algorithm: the hash algorithm to use * @key: the key to use diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h index 4d4926c86a..685d9d5d29 100644 --- a/lib/includes/gnutls/crypto.h +++ b/lib/includes/gnutls/crypto.h @@ -123,6 +123,7 @@ int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen); void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest); void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest); unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; +unsigned gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm, const void *key, size_t keylen, const void *text, size_t textlen, void *digest); diff --git a/lib/libgnutls.map b/lib/libgnutls.map index ea84a1470d..e1878bb00c 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1306,6 +1306,7 @@ GNUTLS_3_6_12 global: gnutls_certificate_verification_profile_get_name; gnutls_certificate_verification_profile_get_id; + gnutls_hmac_get_key_size; } GNUTLS_3_6_10; GNUTLS_FIPS140_3_4 { diff --git a/lib/nettle/gost/gost-wrap.c b/lib/nettle/gost/gost-wrap.c index 63e1c321e2..e4a616ed2c 100644 --- a/lib/nettle/gost/gost-wrap.c +++ b/lib/nettle/gost/gost-wrap.c @@ -93,7 +93,6 @@ gost28147_key_wrap_cryptopro(const struct gost28147_param *param, gost28147_set_param(&ctx, param); gost28147_encrypt(&ctx, GOST28147_KEY_SIZE, enc, cek); - gost28147_imit_init(&ictx); gost28147_imit_set_key(&ictx, GOST28147_KEY_SIZE, kd); gost28147_imit_set_param(&ictx, param); gost28147_imit_set_nonce(&ictx, ukm); @@ -121,7 +120,6 @@ gost28147_key_unwrap_cryptopro(const struct gost28147_param *param, gost28147_set_param(&ctx, param); gost28147_decrypt(&ctx, GOST28147_KEY_SIZE, cek, enc); - gost28147_imit_init(&ictx); gost28147_imit_set_key(&ictx, GOST28147_KEY_SIZE, kd); gost28147_imit_set_param(&ictx, param); gost28147_imit_set_nonce(&ictx, ukm); diff --git a/lib/nettle/gost/gost28147.c b/lib/nettle/gost/gost28147.c index da8ec9ef14..d6a278ab09 100644 --- a/lib/nettle/gost/gost28147.c +++ b/lib/nettle/gost/gost28147.c @@ -2470,13 +2470,13 @@ gost28147_cnt_crypt(struct gost28147_cnt_ctx *ctx, } } -void -gost28147_imit_init(struct gost28147_imit_ctx *ctx) +static void +_gost28147_imit_reinit(struct gost28147_imit_ctx *ctx) { - memset(ctx->state, 0, GOST28147_BLOCK_SIZE); + ctx->state[0] = 0; + ctx->state[1] = 0; ctx->index = 0; ctx->count = 0; - gost28147_set_param(&ctx->cctx, &gost28147_param_TC26_Z); /* Default */ } void @@ -2488,7 +2488,9 @@ gost28147_imit_set_key(struct gost28147_imit_ctx *ctx, assert(key); _gost28147_set_key(&ctx->cctx, key); - /* Do not reset param here */ + _gost28147_imit_reinit(ctx); + if (!ctx->cctx.sbox) + gost28147_set_param(&ctx->cctx, &gost28147_param_TC26_Z); } void @@ -2549,6 +2551,6 @@ gost28147_imit_digest(struct gost28147_imit_ctx *ctx, } _nettle_write_le32(length, digest, ctx->state); - gost28147_imit_init(ctx); + _gost28147_imit_reinit(ctx); } #endif diff --git a/lib/nettle/gost/gost28147.h b/lib/nettle/gost/gost28147.h index ae4a385589..14c865e6e6 100644 --- a/lib/nettle/gost/gost28147.h +++ b/lib/nettle/gost/gost28147.h @@ -73,7 +73,6 @@ extern "C" { #define gost28147_key_wrap_cryptopro _gnutls_gost28147_key_wrap_cryptopro #define gost28147_key_unwrap_cryptopro _gnutls_gost28147_key_unwrap_cryptopro -#define gost28147_imit_init _gnutls_gost28147_imit_init #define gost28147_imit_set_key _gnutls_gost28147_imit_set_key #define gost28147_imit_set_nonce _gnutls_gost28147_imit_set_nonce #define gost28147_imit_set_param _gnutls_gost28147_imit_set_param @@ -186,9 +185,6 @@ struct gost28147_imit_ctx }; void -gost28147_imit_init(struct gost28147_imit_ctx *ctx); - -void gost28147_imit_set_key(struct gost28147_imit_ctx *ctx, size_t length, const uint8_t *key); |