From: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- Makefile.in | 2 +- pbkdf2-hmac-streebog.c | 67 +++++++++++++++++++++++++++++++++++++++++ pbkdf2.h | 14 +++++++++ testsuite/pbkdf2-test.c | 7 +++++ 4 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 pbkdf2-hmac-streebog.c
diff --git a/Makefile.in b/Makefile.in index c578e2901aa7..bcf97fcd5c8c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -115,7 +115,7 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \ nettle-meta-aeads.c nettle-meta-armors.c \ nettle-meta-ciphers.c nettle-meta-hashes.c \ pbkdf2.c pbkdf2-hmac-gosthash94.c pbkdf2-hmac-sha1.c \ - pbkdf2-hmac-sha256.c \ + pbkdf2-hmac-sha256.c pbkdf2-hmac-streebog.c \ poly1305-aes.c poly1305-internal.c \ realloc.c \ ripemd160.c ripemd160-compress.c ripemd160-meta.c \ diff --git a/pbkdf2-hmac-streebog.c b/pbkdf2-hmac-streebog.c new file mode 100644 index 000000000000..cc286f8940ac --- /dev/null +++ b/pbkdf2-hmac-streebog.c @@ -0,0 +1,67 @@ +/* pbkdf2-hmac-streebog.c + + PKCS #5 PBKDF2 used with HMAC-STREEBOG. + + Copyright (C) 2016 Dmitry Eremin-Solenikov + Copyright (C) 2012 Simon Josefsson + + This file is part of GNU Nettle. + + GNU Nettle is free software: you can redistribute it and/or + modify it under the terms of either: + + * the GNU Lesser General Public License as published by the Free + Software Foundation; either version 3 of the License, or (at your + option) any later version. + + or + + * the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + or both in parallel, as here. + + GNU Nettle is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received copies of the GNU General Public License and + the GNU Lesser General Public License along with this program. If + not, see http://www.gnu.org/licenses/. +*/ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "pbkdf2.h" + +#include "hmac.h" + +void +pbkdf2_hmac_streebog256 (size_t key_length, const uint8_t *key, + unsigned iterations, + size_t salt_length, const uint8_t *salt, + size_t length, uint8_t *dst) +{ + struct hmac_streebog256_ctx streebog256ctx; + + hmac_streebog256_set_key (&streebog256ctx, key_length, key); + PBKDF2 (&streebog256ctx, hmac_streebog256_update, hmac_streebog256_digest, + STREEBOG256_DIGEST_SIZE, iterations, salt_length, salt, length, dst); +} + +void +pbkdf2_hmac_streebog512 (size_t key_length, const uint8_t *key, + unsigned iterations, + size_t salt_length, const uint8_t *salt, + size_t length, uint8_t *dst) +{ + struct hmac_streebog512_ctx streebog512ctx; + + hmac_streebog512_set_key (&streebog512ctx, key_length, key); + PBKDF2 (&streebog512ctx, hmac_streebog512_update, hmac_streebog512_digest, + STREEBOG512_DIGEST_SIZE, iterations, salt_length, salt, length, dst); +} diff --git a/pbkdf2.h b/pbkdf2.h index a36dfdbaa437..67583bce615a 100644 --- a/pbkdf2.h +++ b/pbkdf2.h @@ -46,6 +46,8 @@ extern "C" #define pbkdf2_hmac_sha1 nettle_pbkdf2_hmac_sha1 #define pbkdf2_hmac_sha256 nettle_pbkdf2_hmac_sha256 #define pbkdf2_hmac_gosthash94cp nettle_pbkdf2_hmac_gosthash94cp +#define pbkdf2_hmac_streebog256 nettle_pbkdf2_hmac_streebog256 +#define pbkdf2_hmac_streebog512 nettle_pbkdf2_hmac_streebog512
void pbkdf2 (void *mac_ctx, @@ -85,6 +87,18 @@ pbkdf2_hmac_gosthash94cp (size_t key_length, const uint8_t *key, size_t salt_length, const uint8_t *salt, size_t length, uint8_t *dst);
+void +pbkdf2_hmac_streebog256 (size_t key_length, const uint8_t *key, + unsigned iterations, + size_t salt_length, const uint8_t *salt, + size_t length, uint8_t *dst); + +void +pbkdf2_hmac_streebog512 (size_t key_length, const uint8_t *key, + unsigned iterations, + size_t salt_length, const uint8_t *salt, + size_t length, uint8_t *dst); + #ifdef __cplusplus } #endif diff --git a/testsuite/pbkdf2-test.c b/testsuite/pbkdf2-test.c index 9e024e57b7f5..e76c82dc2b7e 100644 --- a/testsuite/pbkdf2-test.c +++ b/testsuite/pbkdf2-test.c @@ -157,9 +157,16 @@ test_main (void) STREEBOG512_DIGEST_SIZE, 4096, LDATA("sa\0lt"), SHEX("50df062885b69801a3c10248eb0a27ab6e522ffeb20c991c660f001475d73a4e167f782c18e97e92976d9c1d970831ea78ccb879f67068cdac1910740844e830"));
+ PBKDF2_HMAC_TEST (pbkdf2_hmac_streebog512, LDATA("password"), 1, LDATA("salt"), + SHEX("64770af7f748c3b1c9ac831dbcfd85c26111b30a8a657ddc3056b80ca73e040d2854fd36811f6d825cc4ab66ec0a68a490a9e5cf5156b3a2b7eecddbf9a16b47")); + /* Generated */ hmac_streebog256_set_key (&streebog256ctx, LDATA("password")); PBKDF2_TEST (&streebog256ctx, hmac_streebog256_update, hmac_streebog256_digest, STREEBOG256_DIGEST_SIZE, 1, LDATA("salt"), SHEX("d789458d143b9abebc4ef63ca8e576c72b13c7d4289db23fc1e946f84cd605bc")); + + + PBKDF2_HMAC_TEST (pbkdf2_hmac_streebog256, LDATA("password"), 1, LDATA("salt"), + SHEX("d789458d143b9abebc4ef63ca8e576c72b13c7d4289db23fc1e946f84cd605bc")); }