1 // GoGOST -- Pure Go GOST cryptographic functions library
2 // Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, version 3 of the License.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // You should have received a copy of the GNU General Public License
14 // along with this program. If not, see <http://www.gnu.org/licenses/>.
16 package gost34112012256
22 type TLSTreeParams [3]uint64
25 TLSGOSTR341112256WithMagmaCTROMAC TLSTreeParams = TLSTreeParams{
26 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xC0, 0x00, 0x00, 0x00, 0x00}),
27 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00}),
28 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xF0, 0x00}),
30 TLSGOSTR341112256WithKuznyechikCTROMAC TLSTreeParams = TLSTreeParams{
31 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00}),
32 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xF8, 0x00, 0x00}),
33 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC0}),
35 TLSGOSTR341112256WithKuznyechikMGML TLSTreeParams = TLSTreeParams{
36 binary.BigEndian.Uint64([]byte{0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}),
37 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xF0, 0x00, 0x00, 0x00, 0x00}),
38 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE0, 0x00}),
40 TLSGOSTR341112256WithMagmaMGML TLSTreeParams = TLSTreeParams{
41 binary.BigEndian.Uint64([]byte{0xFF, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}),
42 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xC0, 0x00, 0x00, 0x00}),
43 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80}),
45 TLSGOSTR341112256WithKuznyechikMGMS TLSTreeParams = TLSTreeParams{
46 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xE0, 0x00, 0x00, 0x00}),
47 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00}),
48 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xF8}),
50 TLSGOSTR341112256WithMagmaMGMS TLSTreeParams = TLSTreeParams{
51 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x00, 0x00, 0x00}),
52 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE0, 0x00}),
53 binary.BigEndian.Uint64([]byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}),
65 func NewTLSTree(params TLSTreeParams, keyRoot []byte) *TLSTree {
66 key := make([]byte, len(keyRoot))
72 key: make([]byte, Size),
76 func (t *TLSTree) DeriveCached(seqNum uint64) ([]byte, bool) {
78 (seqNum&t.params[0]) == ((t.seqNumPrev)&t.params[0]) &&
79 (seqNum&t.params[1]) == ((t.seqNumPrev)&t.params[1]) &&
80 (seqNum&t.params[2]) == ((t.seqNumPrev)&t.params[2]) {
83 binary.BigEndian.PutUint64(t.seq, seqNum&t.params[0])
84 kdf1 := NewKDF(t.keyRoot)
85 kdf2 := NewKDF(kdf1.Derive(t.key[:0], []byte("level1"), t.seq))
86 binary.BigEndian.PutUint64(t.seq, seqNum&t.params[1])
87 kdf3 := NewKDF(kdf2.Derive(t.key[:0], []byte("level2"), t.seq))
88 binary.BigEndian.PutUint64(t.seq, seqNum&t.params[2])
89 kdf3.Derive(t.key[:0], []byte("level3"), t.seq)
94 func (t *TLSTree) Derive(seqNum uint64) []byte {
95 keyDerived := make([]byte, Size)
96 key, _ := t.DeriveCached(seqNum)