Add support for calculating HMAC using Streebog hash functions.
Signed-off-by: Dmitry Baryshkov dbaryshkov@gmail.com --- Makefile.in | 4 +-- hmac-streebog-meta.c | 56 ++++++++++++++++++++++++++++++ hmac-streebog.c | 73 +++++++++++++++++++++++++++++++++++++++ hmac.h | 33 ++++++++++++++++++ nettle-meta-macs.c | 2 ++ nettle-meta.h | 2 ++ testsuite/hmac-test.c | 17 +++++++++ testsuite/meta-mac-test.c | 2 ++ 8 files changed, 187 insertions(+), 2 deletions(-) create mode 100644 hmac-streebog-meta.c create mode 100644 hmac-streebog.c
diff --git a/Makefile.in b/Makefile.in index c36764dc4c45..64ff10018af0 100644 --- a/Makefile.in +++ b/Makefile.in @@ -107,10 +107,10 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ gost28147.c gosthash94.c gosthash94-meta.c \ hmac.c hmac-gosthash94.c hmac-md5.c hmac-ripemd160.c \ hmac-sha1.c hmac-sha224.c hmac-sha256.c hmac-sha384.c \ - hmac-sha512.c \ + hmac-sha512.c hmac-streebog.c \ hmac-md5-meta.c hmac-ripemd160-meta.c hmac-sha1-meta.c \ hmac-sha224-meta.c hmac-sha256-meta.c hmac-sha384-meta.c \ - hmac-sha512-meta.c \ + hmac-sha512-meta.c hmac-streebog-meta.c \ knuth-lfib.c hkdf.c \ md2.c md2-meta.c md4.c md4-meta.c \ md5.c md5-compress.c md5-compat.c md5-meta.c \ diff --git a/hmac-streebog-meta.c b/hmac-streebog-meta.c new file mode 100644 index 000000000000..d6028307aa5a --- /dev/null +++ b/hmac-streebog-meta.c @@ -0,0 +1,56 @@ +/* hmac-streebog-meta.c + + Copyright (C) 2020 Dmitry Baryshkov + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "nettle-meta.h" + +#include "hmac.h" + +static void +hmac_streebog256_set_key_wrapper (void *ctx, const uint8_t *key) +{ + hmac_streebog256_set_key (ctx, STREEBOG256_DIGEST_SIZE, key); +} + +const struct nettle_mac nettle_hmac_streebog256 += _NETTLE_HMAC(hmac_streebog256, STREEBOG256); + +static void +hmac_streebog512_set_key_wrapper (void *ctx, const uint8_t *key) +{ + hmac_streebog512_set_key (ctx, STREEBOG512_DIGEST_SIZE, key); +} + +const struct nettle_mac nettle_hmac_streebog512 += _NETTLE_HMAC(hmac_streebog512, STREEBOG512); diff --git a/hmac-streebog.c b/hmac-streebog.c new file mode 100644 index 000000000000..3b07b95da936 --- /dev/null +++ b/hmac-streebog.c @@ -0,0 +1,73 @@ +/* hmac-streebog.c + + HMAC-Streebog message authentication code. + + Copyright (C) 2016 Dmitry Eremin-Solenikov + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "hmac.h" + +void +hmac_streebog512_set_key(struct hmac_streebog512_ctx *ctx, + size_t key_length, const uint8_t *key) +{ + HMAC_SET_KEY(ctx, &nettle_streebog512, key_length, key); +} + +void +hmac_streebog512_update(struct hmac_streebog512_ctx *ctx, + size_t length, const uint8_t *data) +{ + streebog512_update(&ctx->state, length, data); +} + +void +hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx, + size_t length, uint8_t *digest) +{ + HMAC_DIGEST(ctx, &nettle_streebog512, length, digest); +} + +void +hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx, + size_t key_length, const uint8_t *key) +{ + HMAC_SET_KEY(ctx, &nettle_streebog256, key_length, key); +} + +void +hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx, + size_t length, uint8_t *digest) +{ + HMAC_DIGEST(ctx, &nettle_streebog256, length, digest); +} diff --git a/hmac.h b/hmac.h index d9ee3400108d..72c8fd5768c4 100644 --- a/hmac.h +++ b/hmac.h @@ -41,6 +41,7 @@ #include "ripemd160.h" #include "sha1.h" #include "sha2.h" +#include "streebog.h"
#ifdef __cplusplus extern "C" { @@ -75,6 +76,11 @@ extern "C" { #define hmac_gosthash94cp_set_key nettle_hmac_gosthash94cp_set_key #define hmac_gosthash94cp_update nettle_hmac_gosthash94cp_update #define hmac_gosthash94cp_digest nettle_hmac_gosthash94cp_digest +#define hmac_streebog256_set_key nettle_hmac_streebog256_set_key +#define hmac_streebog256_digest nettle_hmac_streebog256_digest +#define hmac_streebog512_set_key nettle_hmac_streebog512_set_key +#define hmac_streebog512_update nettle_hmac_streebog512_update +#define hmac_streebog512_digest nettle_hmac_streebog512_digest
void hmac_set_key(void *outer, void *inner, void *state, @@ -240,6 +246,33 @@ hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx, size_t length, uint8_t *digest);
+/* hmac-streebog */ +struct hmac_streebog512_ctx HMAC_CTX(struct streebog512_ctx); + +void +hmac_streebog512_set_key(struct hmac_streebog512_ctx *ctx, + size_t key_length, const uint8_t *key); + +void +hmac_streebog512_update(struct hmac_streebog512_ctx *ctx, + size_t length, const uint8_t *data); + +void +hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx, + size_t length, uint8_t *digest); + +#define hmac_streebog256_ctx hmac_streebog512_ctx + +void +hmac_streebog256_set_key(struct hmac_streebog256_ctx *ctx, + size_t key_length, const uint8_t *key); + +#define hmac_streebog256_update hmac_streebog512_update + +void +hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx, + size_t length, uint8_t *digest); + #ifdef __cplusplus } #endif diff --git a/nettle-meta-macs.c b/nettle-meta-macs.c index a658ee39e230..5e8f871329bb 100644 --- a/nettle-meta-macs.c +++ b/nettle-meta-macs.c @@ -48,6 +48,8 @@ const struct nettle_mac * const _nettle_macs[] = { &nettle_hmac_sha256, &nettle_hmac_sha384, &nettle_hmac_sha512, + &nettle_hmac_streebog256, + &nettle_hmac_streebog512, NULL };
diff --git a/nettle-meta.h b/nettle-meta.h index 7a6af363426b..cbcb1e5d5ffb 100644 --- a/nettle-meta.h +++ b/nettle-meta.h @@ -286,6 +286,8 @@ extern const struct nettle_mac nettle_hmac_sha224; extern const struct nettle_mac nettle_hmac_sha256; extern const struct nettle_mac nettle_hmac_sha384; extern const struct nettle_mac nettle_hmac_sha512; +extern const struct nettle_mac nettle_hmac_streebog256; +extern const struct nettle_mac nettle_hmac_streebog512;
#ifdef __cplusplus } diff --git a/testsuite/hmac-test.c b/testsuite/hmac-test.c index de1b6bfe057c..348f7920add9 100644 --- a/testsuite/hmac-test.c +++ b/testsuite/hmac-test.c @@ -866,4 +866,21 @@ test_main(void) SHEX("0126bdb87800af214341456563780100"), SHEX("bad70b61c41095bc47e1141cfaed4272" "6a5ceebd62ce75dbbb9ad76cda9f72f7")); + + /* RFC 7836 */ + HMAC_TEST(streebog512, + SHEX("000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f"), + SHEX("0126bdb87800af214341456563780100"), + SHEX("a59bab22ecae19c65fbde6e5f4e9f5d8" + "549d31f037f9df9b905500e171923a77" + "3d5f1530f2ed7e964cb2eedc29e9ad2f" + "3afe93b2814f79f5000ffc0366c251e6")); + + HMAC_TEST(streebog256, + SHEX("000102030405060708090a0b0c0d0e0f" + "101112131415161718191a1b1c1d1e1f"), + SHEX("0126bdb87800af214341456563780100"), + SHEX("a1aa5f7de402d7b3d323f2991c8d4534" + "013137010a83754fd0af6d7cd4922ed9")); } diff --git a/testsuite/meta-mac-test.c b/testsuite/meta-mac-test.c index 55339441c99f..adbd43263801 100644 --- a/testsuite/meta-mac-test.c +++ b/testsuite/meta-mac-test.c @@ -12,6 +12,8 @@ const char* macs[] = { "hmac_sha256", "hmac_sha384", "hmac_sha512", + "hmac_streebog256", + "hmac_streebog512", };
void