Russian technical comitee working on standartization of cryptography
algorithms has published the document describing usage of GOST R
34.11-94 hash function with PBKDF2 algorithm
(http://tc26.ru/methods/containers_v1/Addition_to_PKCS5_v1_0.pdf).
Add test vectors from that document and a special function implementing
Nettle interface for PBKDF2 using gosthash94cp.

Signed-off-by: Dmitry Eremin-Solenikov <dbarysh...@gmail.com>
---
 Makefile.in              |  3 ++-
 pbkdf2-hmac-gosthash94.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++
 pbkdf2.h                 |  7 +++++++
 testsuite/pbkdf2-test.c  | 24 +++++++++++++++++++++
 4 files changed, 87 insertions(+), 1 deletion(-)
 create mode 100644 pbkdf2-hmac-gosthash94.c

diff --git a/Makefile.in b/Makefile.in
index 881f4ef4c848..21f7d742670b 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -113,7 +113,8 @@ nettle_SOURCES = aes-decrypt-internal.c aes-decrypt.c \
                 memeql-sec.c memxor.c memxor3.c \
                 nettle-meta-aeads.c nettle-meta-armors.c \
                 nettle-meta-ciphers.c nettle-meta-hashes.c \
-                pbkdf2.c pbkdf2-hmac-sha1.c pbkdf2-hmac-sha256.c \
+                pbkdf2.c pbkdf2-hmac-gosthash94.c pbkdf2-hmac-sha1.c \
+                pbkdf2-hmac-sha256.c \
                 poly1305-aes.c poly1305-internal.c \
                 realloc.c \
                 ripemd160.c ripemd160-compress.c ripemd160-meta.c \
diff --git a/pbkdf2-hmac-gosthash94.c b/pbkdf2-hmac-gosthash94.c
new file mode 100644
index 000000000000..ff34ba1b9713
--- /dev/null
+++ b/pbkdf2-hmac-gosthash94.c
@@ -0,0 +1,54 @@
+/* pbkdf2-hmac-gosthash94.c
+
+   PKCS #5 PBKDF2 used with HMAC-GOSTHASH94CP.
+
+   Copyright (C) 2016 Dmitry Eremin-Solenikov
+   Copyright (C) 2012 Simon Josefsson
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "pbkdf2.h"
+
+#include "hmac.h"
+
+void
+pbkdf2_hmac_gosthash94cp (size_t key_length, const uint8_t *key,
+                 unsigned iterations,
+                 size_t salt_length, const uint8_t *salt,
+                 size_t length, uint8_t *dst)
+{
+  struct hmac_gosthash94cp_ctx gosthash94cpctx;
+
+  hmac_gosthash94cp_set_key (&gosthash94cpctx, key_length, key);
+  PBKDF2 (&gosthash94cpctx, hmac_gosthash94cp_update, hmac_gosthash94cp_digest,
+         GOSTHASH94CP_DIGEST_SIZE, iterations, salt_length, salt, length, dst);
+}
diff --git a/pbkdf2.h b/pbkdf2.h
index 7b1c4c9c1881..a36dfdbaa437 100644
--- a/pbkdf2.h
+++ b/pbkdf2.h
@@ -45,6 +45,7 @@ extern "C"
 #define pbkdf2 nettle_pbkdf2
 #define pbkdf2_hmac_sha1 nettle_pbkdf2_hmac_sha1
 #define pbkdf2_hmac_sha256 nettle_pbkdf2_hmac_sha256
+#define pbkdf2_hmac_gosthash94cp nettle_pbkdf2_hmac_gosthash94cp
 
 void
 pbkdf2 (void *mac_ctx,
@@ -78,6 +79,12 @@ pbkdf2_hmac_sha256 (size_t key_length, const uint8_t *key,
                    size_t salt_length, const uint8_t *salt,
                    size_t length, uint8_t *dst);
 
+void
+pbkdf2_hmac_gosthash94cp (size_t key_length, const uint8_t *key,
+                         unsigned iterations,
+                         size_t salt_length, const uint8_t *salt,
+                         size_t length, uint8_t *dst);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/testsuite/pbkdf2-test.c b/testsuite/pbkdf2-test.c
index bb8da57fbb73..fe68ca6527c8 100644
--- a/testsuite/pbkdf2-test.c
+++ b/testsuite/pbkdf2-test.c
@@ -28,6 +28,7 @@ test_main (void)
   struct hmac_sha1_ctx sha1ctx;
   struct hmac_sha256_ctx sha256ctx;
   struct hmac_sha512_ctx sha512ctx;
+  struct hmac_gosthash94cp_ctx gosthash94cpctx;
 
   /* Test vectors for PBKDF2 from RFC 6070. */
 
@@ -110,4 +111,27 @@ test_main (void)
   PBKDF2_HMAC_TEST(pbkdf2_hmac_sha256, LDATA("passwd"), 1, LDATA("salt"),
                   SHEX("55ac046e56e3089fec1691c22544b605"));
 
+  /* From TC26 document, 
http://tc26.ru/methods/containers_v1/Addition_to_PKCS5_v1_0.pdf */
+
+  hmac_gosthash94cp_set_key (&gosthash94cpctx, LDATA("password"));
+  PBKDF2_TEST (&gosthash94cpctx, hmac_gosthash94cp_update, 
hmac_gosthash94cp_digest,
+              GOSTHASH94CP_DIGEST_SIZE, 1, LDATA("salt"),
+              
SHEX("7314e7c04fb2e662c543674253f68bd0b73445d07f241bed872882da21662d58"));
+
+  PBKDF2_TEST (&gosthash94cpctx, hmac_gosthash94cp_update, 
hmac_gosthash94cp_digest,
+              GOSTHASH94CP_DIGEST_SIZE, 4096, LDATA("salt"),
+              
SHEX("1f1829a94bdff5be10d0aeb36af498e7a97467f3b31116a5a7c1afff9deadafe"));
+
+  hmac_gosthash94cp_set_key (&gosthash94cpctx, 
LDATA("passwordPASSWORDpassword"));
+  PBKDF2_TEST (&gosthash94cpctx, hmac_gosthash94cp_update, 
hmac_gosthash94cp_digest,
+              GOSTHASH94CP_DIGEST_SIZE, 4096, 
LDATA("saltSALTsaltSALTsaltSALTsaltSALTsalt"),
+              
SHEX("788358c69cb2dbe251a7bb17d5f4241f265a792a35becde8d56f326b49c85047b7638acb4764b1fd"));
+
+  hmac_gosthash94cp_set_key (&gosthash94cpctx, LDATA("pass\0word"));
+  PBKDF2_TEST (&gosthash94cpctx, hmac_gosthash94cp_update, 
hmac_gosthash94cp_digest,
+              GOSTHASH94CP_DIGEST_SIZE, 4096, LDATA("sa\0lt"),
+              SHEX("43e06c5590b08c0225242373127edf9c8e9c3291"));
+
+  PBKDF2_HMAC_TEST (pbkdf2_hmac_gosthash94cp, LDATA("password"), 1, 
LDATA("salt"),
+              
SHEX("7314e7c04fb2e662c543674253f68bd0b73445d07f241bed872882da21662d58"));
 }
-- 
2.13.2

_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs

Reply via email to