nettle/gost: add CMAC-64/Magma/Kuznyechik code

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

7 files changed, 269 insertions, 7 deletions

diff --git a/configure.ac b/configure.ac
index 8f4cc69ad2..45f44c282a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -656,6 +656,13 @@ AC_CHECK_FUNCS(nettle_cmac128_update)
 LIBS=$save_LIBS
 AM_CONDITIONAL(NEED_CMAC, [test "$ac_cv_func_nettle_cmac128_update" != "yes"])
 
+# Check for CMAC-64 support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac64_update)
+LIBS=$save_LIBS
+AM_CONDITIONAL(NEED_CMAC64, [test "$ac_cv_func_nettle_cmac64_update" != "yes"])
+
 # Check if nettle has XTS support
 save_LIBS=$LIBS
 LIBS="$LIBS $NETTLE_LIBS"
@@ -719,6 +726,18 @@ LIBS="$LIBS $NETTLE_LIBS"
 AC_CHECK_FUNCS(nettle_kuznyechik_set_key)
 LIBS=$save_LIBS
 
+# Check for CMAC MAGMA support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac_magma_update)
+LIBS=$save_LIBS
+
+# Check for CMAC KUZNYECHIK support
+save_LIBS=$LIBS
+LIBS="$LIBS $NETTLE_LIBS"
+AC_CHECK_FUNCS(nettle_cmac_kuznyechik_update)
+LIBS=$save_LIBS
+
 # Check sonames of the linked libraries needed for FIPS selftests.
 save_LIBS=$LIBS
 LIBS="$LIBS $GMP_LIBS"
diff --git a/devel/import-from-nettle.sh b/devel/import-from-nettle.sh
index 3867f9e2a7..9e370ad2dd 100755
--- a/devel/import-from-nettle.sh
+++ b/devel/import-from-nettle.sh
@@ -15,6 +15,8 @@ cfb.c
 cfb.h
 cmac.c
 cmac.h
+cmac64.c
+cmac64.h
 cmac-aes128.c
 cmac-aes256.c
 chacha-core-internal.c
@@ -57,6 +59,9 @@ test -d $DST || mkdir $DST
 for f in $IMPORTS; do
   src=$SRC/$f
   dst=$DST/$f
+  if test "$f" = "cmac64.h"; then
+    src=$SRC/cmac.h
+  fi
   if test -f $src; then
     if test -f $dst; then
       echo "Replacing $dst (existing file backed up in $dst~)"
@@ -100,7 +105,7 @@ for f in $IMPORTS; do
       ;;
     esac
     case $dst in
-      */cfb.c | */cmac.c | */xts.c | */siv-cmac.c)
+      */cfb.c | */cmac.c | */cmac64.c | */xts.c | */siv-cmac.c)
 	sed \
 	  -e 's/"nettle-internal\.h"/"nettle-alloca.h"/' \
 	  $dst > $dst-t && mv $dst-t $dst
@@ -116,6 +121,14 @@ for f in $IMPORTS; do
 	;;
     esac
     case $dst in
+      # Special file that can be included in parallel with nettle's cmac.h defininig 128-bit CMAC
+      */cmac64.h)
+	sed \
+	  -e 's/CMAC128/_FOO_CMAC128/g' \
+	  -e 's/cmac128/_foo_cmac128/g' \
+	  -e 's/cmac_aes/_foo_cmac_aes/g' \
+	$dst > $dst-t && mv $dst-t $dst
+	;;
       */siv-cmac*.[ch])
 	sed \
 	  -e '/^#include "cmac\.h"/ { i\
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
index 948fb98b91..ef0c736c09 100644
--- a/lib/nettle/Makefile.am
+++ b/lib/nettle/Makefile.am
@@ -91,7 +91,8 @@ libcrypto_la_SOURCES += gost_keywrap.c
 
 libcrypto_la_SOURCES += \
 	gost/magma.c gost/magma.h \
-	gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h
+	gost/kuznyechik.c gost/kuznyechik.h gost/kuztable.h \
+	gost/cmac.h gost/cmac-magma.c gost/cmac-kuznyechik.c
 endif
 
 if NEED_INT_ECC
@@ -183,6 +184,11 @@ libcrypto_la_SOURCES += \
 	backport/cmac-aes128.c backport/cmac-aes256.c
 endif
 
+if NEED_CMAC64
+libcrypto_la_SOURCES += \
+	backport/cmac64.c backport/cmac.h backport/cmac64.h
+endif
+
 if NEED_XTS
 libcrypto_la_SOURCES += \
 	backport/xts.c backport/xts.h \
diff --git a/lib/nettle/gost/cmac-kuznyechik.c b/lib/nettle/gost/cmac-kuznyechik.c
new file mode 100644
index 0000000000..1a1abe7e87
--- /dev/null
+++ b/lib/nettle/gost/cmac-kuznyechik.c
@@ -0,0 +1,58 @@
+/* cmac-kuznyechik.c - GOST R 34.12-2015 (Kuznyechik) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+
+#ifdef HAVE_NETTLE_CMAC128_UPDATE
+#include <nettle/cmac.h>
+#else
+#include "backport/cmac.h"
+#endif
+
+#include "gost/cmac.h"
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key)
+{
+  CMAC128_SET_KEY(ctx, kuznyechik_set_key, kuznyechik_encrypt, key);
+}
+
+void
+cmac_kuznyechik_update (struct cmac_kuznyechik_ctx *ctx,
+			size_t length, const uint8_t *data)
+{
+  CMAC128_UPDATE (ctx, kuznyechik_encrypt, length, data);
+}
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, uint8_t *digest)
+{
+  CMAC128_DIGEST(ctx, kuznyechik_encrypt, length, digest);
+}
+#endif
diff --git a/lib/nettle/gost/cmac-magma.c b/lib/nettle/gost/cmac-magma.c
new file mode 100644
index 0000000000..f63458f781
--- /dev/null
+++ b/lib/nettle/gost/cmac-magma.c
@@ -0,0 +1,59 @@
+/* cmac-magma.c - GOST R 34.12-2015 (Magma) cipher implementation
+ *
+ * Copyright: 2017 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+
+#ifdef HAVE_NETTLE_CMAC64_UPDATE
+#include <nettle/cmac.h>
+#else
+#include "backport/cmac.h"
+#endif
+
+#include "magma.h"
+#include "cmac.h"
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key)
+{
+  CMAC64_SET_KEY(ctx, magma_set_key, magma_encrypt, key);
+}
+
+void
+cmac_magma_update (struct cmac_magma_ctx *ctx,
+		   size_t length, const uint8_t *data)
+{
+  CMAC64_UPDATE (ctx, magma_encrypt, length, data);
+}
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+		  size_t length, uint8_t *digest)
+{
+  CMAC64_DIGEST(ctx, magma_encrypt, length, digest);
+}
+#endif
diff --git a/lib/nettle/gost/cmac.h b/lib/nettle/gost/cmac.h
new file mode 100644
index 0000000000..48f3b409e5
--- /dev/null
+++ b/lib/nettle/gost/cmac.h
@@ -0,0 +1,103 @@
+/* cmac.h
+
+   CMAC mode, as specified in RFC4493
+
+   Copyright (C) 2017 Red Hat, Inc.
+
+   Contributed by Nikos Mavrogiannopoulos
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#ifndef GOST_CMAC_H_INCLUDED
+#define GOST_CMAC_H_INCLUDED
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#ifndef HAVE_NETTLE_CMAC_MAGMA_UPDATE
+#include "magma.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_magma_set_key _gnutls_cmac_magma_set_key
+#define cmac_magma_update _gnutls_cmac_magma_update
+#define cmac_magma_digest _gnutls_cmac_magma_digest
+
+struct cmac_magma_ctx CMAC64_CTX(struct magma_ctx);
+
+void
+cmac_magma_set_key(struct cmac_magma_ctx *ctx, const uint8_t *key);
+
+void
+cmac_magma_update(struct cmac_magma_ctx *ctx,
+		  size_t length, const uint8_t *data);
+
+void
+cmac_magma_digest(struct cmac_magma_ctx *ctx,
+		  size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HAVE_NETTLE_CMAC_MAGMA_UPDATE */
+
+#ifndef HAVE_NETTLE_CMAC_KUZNYECHIK_UPDATE
+#include "kuznyechik.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define cmac_kuznyechik_set_key _gnutls_cmac_kuznyechik_set_key
+#define cmac_kuznyechik_update _gnutls_cmac_kuznyechik_update
+#define cmac_kuznyechik_digest _gnutls_cmac_kuznyechik_digest
+
+struct cmac_kuznyechik_ctx CMAC128_CTX(struct kuznyechik_ctx);
+
+void
+cmac_kuznyechik_set_key(struct cmac_kuznyechik_ctx *ctx, const uint8_t *key);
+
+void
+cmac_kuznyechik_update(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, const uint8_t *data);
+
+void
+cmac_kuznyechik_digest(struct cmac_kuznyechik_ctx *ctx,
+		       size_t length, uint8_t *digest);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* CMAC_H_INCLUDED */
diff --git a/lib/nettle/mac.c b/lib/nettle/mac.c
index 4e14a9475b..e2ba0cb4d6 100644
--- a/lib/nettle/mac.c
+++ b/lib/nettle/mac.c
@@ -34,6 +34,14 @@
 #include <nettle/umac.h>
 #include <nettle/hkdf.h>
 #include <nettle/pbkdf2.h>
+#ifdef HAVE_NETTLE_CMAC128_UPDATE
+#include <nettle/cmac.h>
+#ifndef HAVE_NETTLE_CMAC64_UPDATE
+#include "cmac64.h"
+#endif /* HAVE_NETTLE_CMAC64_UPDATE */
+#else
+#include "cmac.h"
+#endif /* HAVE_NETTLE_CMAC128_UPDATE */
 #if ENABLE_GOST
 #include "gost/hmac-gost.h"
 #ifndef HAVE_NETTLE_GOSTHASH94CP_UPDATE
@@ -45,12 +53,8 @@
 #ifndef HAVE_NETTLE_GOST28147_SET_KEY
 #include "gost/gost28147.h"
 #endif
+#include "gost/cmac.h"
 #endif
-#ifdef HAVE_NETTLE_CMAC128_UPDATE
-#include <nettle/cmac.h>
-#else
-#include "cmac.h"
-#endif /* HAVE_NETTLE_CMAC128_UPDATE */
 #include <nettle/gcm.h>
 
 typedef void (*update_func) (void *, size_t, const uint8_t *);