From 69e668f3499122e0b1140f3bd927de41ad279b94 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Thu, 25 Jul 2019 18:04:19 +0300 Subject: [PATCH] Simplify keys and IVs arguments passing: use slices instead of arrays This heavily simplifies interaction with that functions. --- VERSION | 2 +- .../gogost/gost28147/cbc_test.go | 9 +- src/cypherpunks.ru/gogost/gost28147/cfb.go | 12 ++- .../gogost/gost28147/cfb_test.go | 25 ++--- src/cypherpunks.ru/gogost/gost28147/cipher.go | 12 ++- .../gogost/gost28147/cipher_test.go | 5 +- src/cypherpunks.ru/gogost/gost28147/ctr.go | 7 +- .../gogost/gost28147/ctr_test.go | 40 ++++---- .../gogost/gost28147/ecb_test.go | 98 +++++++++---------- src/cypherpunks.ru/gogost/gost28147/mac.go | 9 +- .../gogost/gost28147/mac_test.go | 31 +++--- src/cypherpunks.ru/gogost/gost341194/hash.go | 9 +- .../gogost/gost3412128/cipher.go | 5 +- .../gogost/gost3412128/cipher_test.go | 15 ++- .../gogost/gost341264/cipher.go | 12 +-- .../gogost/gost341264/cipher_test.go | 5 +- src/cypherpunks.ru/gogost/mgm/mode_test.go | 6 +- 17 files changed, 144 insertions(+), 158 deletions(-) diff --git a/VERSION b/VERSION index 9f55b2c..5186d07 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0 +4.0 diff --git a/src/cypherpunks.ru/gogost/gost28147/cbc_test.go b/src/cypherpunks.ru/gogost/gost28147/cbc_test.go index 3958677..994d4be 100644 --- a/src/cypherpunks.ru/gogost/gost28147/cbc_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/cbc_test.go @@ -19,18 +19,13 @@ package gost28147 import ( "bytes" "crypto/cipher" - "crypto/rand" "testing" "testing/quick" ) func TestCBCCrypter(t *testing.T) { - var key [KeySize]byte - var iv [BlockSize]byte - rand.Read(key[:]) - rand.Read(iv[:]) - c := NewCipher(key, SboxDefault) - f := func(pt []byte) bool { + f := func(key [KeySize]byte, iv [BlockSize]byte, pt []byte) bool { + c := NewCipher(key[:], SboxDefault) for i := 0; i < BlockSize; i++ { pt = append(pt, pt...) } diff --git a/src/cypherpunks.ru/gogost/gost28147/cfb.go b/src/cypherpunks.ru/gogost/gost28147/cfb.go index c94bdbb..b7b6050 100644 --- a/src/cypherpunks.ru/gogost/gost28147/cfb.go +++ b/src/cypherpunks.ru/gogost/gost28147/cfb.go @@ -21,8 +21,10 @@ type CFBEncrypter struct { iv []byte } -func (c *Cipher) NewCFBEncrypter(iv [BlockSize]byte) *CFBEncrypter { - return &CFBEncrypter{c, iv[:]} +func (c *Cipher) NewCFBEncrypter(iv []byte) *CFBEncrypter { + if len(iv) != BlockSize { + panic("iv length is not equal to blocksize") + } } func (c *CFBEncrypter) XORKeyStream(dst, src []byte) { @@ -48,8 +50,10 @@ type CFBDecrypter struct { iv []byte } -func (c *Cipher) NewCFBDecrypter(iv [BlockSize]byte) *CFBDecrypter { - return &CFBDecrypter{c, iv[:]} +func (c *Cipher) NewCFBDecrypter(iv []byte) *CFBDecrypter { + if len(iv) != BlockSize { + panic("iv length is not equal to blocksize") + } } func (c *CFBDecrypter) XORKeyStream(dst, src []byte) { diff --git a/src/cypherpunks.ru/gogost/gost28147/cfb_test.go b/src/cypherpunks.ru/gogost/gost28147/cfb_test.go index af527fb..fd0e186 100644 --- a/src/cypherpunks.ru/gogost/gost28147/cfb_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/cfb_test.go @@ -19,13 +19,12 @@ package gost28147 import ( "bytes" "crypto/cipher" - "crypto/rand" "testing" "testing/quick" ) func TestCFBCryptomanager(t *testing.T) { - key := [KeySize]byte{ + key := []byte{ 0x75, 0x71, 0x31, 0x34, 0xB6, 0x0F, 0xEC, 0x45, 0xA6, 0x07, 0xBB, 0x83, 0xAA, 0x37, 0x46, 0xAF, 0x4F, 0xF9, 0x9D, 0xA6, 0xD1, 0xB5, 0x3B, 0x5B, @@ -41,7 +40,7 @@ func TestCFBCryptomanager(t *testing.T) { 0xAD, 0x36, 0x16, 0x94, 0x0E, 0x16, 0x42, 0x42, } c := NewCipher(key, sbox) - iv := [8]byte{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08} + iv := []byte{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08} tmp := make([]byte, 16) fe := c.NewCFBEncrypter(iv) fe.XORKeyStream(tmp, pt) @@ -56,19 +55,15 @@ func TestCFBCryptomanager(t *testing.T) { } func TestCFBRandom(t *testing.T) { - var key [KeySize]byte - rand.Read(key[:]) - c := NewCipher(key, SboxDefault) - f := func(ivRaw []byte, pt []byte) bool { - if len(pt) == 0 || len(ivRaw) < 8 { + f := func(key [KeySize]byte, iv [BlockSize]byte, pt []byte) bool { + if len(pt) == 0 { return true } - var iv [8]byte - copy(iv[:], ivRaw[:8]) + c := NewCipher(key[:], SboxDefault) ct := make([]byte, len(pt)) - fe := c.NewCFBEncrypter(iv) + fe := c.NewCFBEncrypter(iv[:]) fe.XORKeyStream(ct, pt) - fd := c.NewCFBDecrypter(iv) + fd := c.NewCFBDecrypter(iv[:]) pt2 := make([]byte, len(ct)) fd.XORKeyStream(pt2, ct) return bytes.Compare(pt2, pt) == 0 @@ -81,7 +76,7 @@ func TestCFBRandom(t *testing.T) { func TestCFBInterface(t *testing.T) { var key [32]byte var iv [8]byte - c := NewCipher(key, SboxDefault) - var _ cipher.Stream = c.NewCFBEncrypter(iv) - var _ cipher.Stream = c.NewCFBDecrypter(iv) + c := NewCipher(key[:], SboxDefault) + var _ cipher.Stream = c.NewCFBEncrypter(iv[:]) + var _ cipher.Stream = c.NewCFBDecrypter(iv[:]) } diff --git a/src/cypherpunks.ru/gogost/gost28147/cipher.go b/src/cypherpunks.ru/gogost/gost28147/cipher.go index 68da82d..d71781b 100644 --- a/src/cypherpunks.ru/gogost/gost28147/cipher.go +++ b/src/cypherpunks.ru/gogost/gost28147/cipher.go @@ -53,15 +53,17 @@ var ( ) type Cipher struct { - key *[KeySize]byte + key [KeySize]byte sbox *Sbox x [8]nv } -func NewCipher(key [KeySize]byte, sbox *Sbox) *Cipher { - c := Cipher{} - c.key = &key - c.sbox = sbox +func NewCipher(key []byte, sbox *Sbox) *Cipher { + if len(key) != KeySize { + panic("invalid key size") + } + c := Cipher{sbox: sbox} + copy(c.key[:], key) c.x = [8]nv{ nv(key[0]) | nv(key[1])<<8 | nv(key[2])<<16 | nv(key[3])<<24, nv(key[4]) | nv(key[5])<<8 | nv(key[6])<<16 | nv(key[7])<<24, diff --git a/src/cypherpunks.ru/gogost/gost28147/cipher_test.go b/src/cypherpunks.ru/gogost/gost28147/cipher_test.go index fcb0456..36f7d50 100644 --- a/src/cypherpunks.ru/gogost/gost28147/cipher_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/cipher_test.go @@ -23,8 +23,7 @@ import ( ) func TestCipherInterface(t *testing.T) { - var key [32]byte - var _ cipher.Block = NewCipher(key, SboxDefault) + var _ cipher.Block = NewCipher(make([]byte, KeySize), SboxDefault) } func BenchmarkCipher(b *testing.B) { @@ -33,7 +32,7 @@ func BenchmarkCipher(b *testing.B) { dst := make([]byte, BlockSize) src := make([]byte, BlockSize) rand.Read(src) - c := NewCipher(key, SboxDefault) + c := NewCipher(key[:], SboxDefault) b.ResetTimer() for i := 0; i < b.N; i++ { c.Encrypt(dst, src) diff --git a/src/cypherpunks.ru/gogost/gost28147/ctr.go b/src/cypherpunks.ru/gogost/gost28147/ctr.go index 1008707..19564f9 100644 --- a/src/cypherpunks.ru/gogost/gost28147/ctr.go +++ b/src/cypherpunks.ru/gogost/gost28147/ctr.go @@ -22,8 +22,11 @@ type CTR struct { n2 nv } -func (c *Cipher) NewCTR(iv [BlockSize]byte) *CTR { - n1, n2 := block2nvs(iv[:]) +func (c *Cipher) NewCTR(iv []byte) *CTR { + if len(iv) != BlockSize { + panic("iv length is not equal to blocksize") + } + n1, n2 := block2nvs(iv) n2, n1 = c.xcrypt(SeqEncrypt, n1, n2) return &CTR{c, n1, n2} } diff --git a/src/cypherpunks.ru/gogost/gost28147/ctr_test.go b/src/cypherpunks.ru/gogost/gost28147/ctr_test.go index 73a96ae..357d15c 100644 --- a/src/cypherpunks.ru/gogost/gost28147/ctr_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/ctr_test.go @@ -26,7 +26,7 @@ import ( func TestCTRGCL3Vector(t *testing.T) { sbox := &SboxIdGost2814789TestParamSet - key := [KeySize]byte{ + key := []byte{ 0x04, 0x75, 0xf6, 0xe0, 0x50, 0x38, 0xfb, 0xfa, 0xd2, 0xc7, 0xc3, 0x90, 0xed, 0xb3, 0xca, 0x3d, 0x15, 0x47, 0x12, 0x42, 0x91, 0xae, 0x1e, 0x8a, @@ -100,7 +100,7 @@ func TestCTRGCL3Vector(t *testing.T) { 0x13, 0xc3, 0xfe, 0x1f, 0x8c, 0x55, 0x63, 0x09, 0x1f, 0xcd, 0xd4, 0x28, 0xca, } - iv := [8]byte{0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01} + iv := []byte{0x02, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01} c := NewCipher(key, sbox) ctr := c.NewCTR(iv) tmp := make([]byte, len(plaintext)) @@ -117,7 +117,7 @@ func TestCTRGCL3Vector(t *testing.T) { func TestCTRGCL2Vector(t *testing.T) { sbox := &SboxIdGost2814789TestParamSet - key := [KeySize]byte{ + key := []byte{ 0xfc, 0x7a, 0xd2, 0x88, 0x6f, 0x45, 0x5b, 0x50, 0xd2, 0x90, 0x08, 0xfa, 0x62, 0x2b, 0x57, 0xd5, 0xc6, 0x5b, 0x3c, 0x63, 0x72, 0x02, 0x02, 0x57, @@ -143,13 +143,13 @@ func TestCTRGCL2Vector(t *testing.T) { } var iv [8]byte c := NewCipher(key, sbox) - ctr := c.NewCTR(iv) + ctr := c.NewCTR(iv[:]) tmp := make([]byte, len(plaintext)) ctr.XORKeyStream(tmp, plaintext) if bytes.Compare(tmp, ciphertext) != 0 { t.Fail() } - ctr = c.NewCTR(iv) + ctr = c.NewCTR(iv[:]) ctr.XORKeyStream(tmp, tmp) if bytes.Compare(tmp, plaintext) != 0 { t.Fail() @@ -157,19 +157,15 @@ func TestCTRGCL2Vector(t *testing.T) { } func TestCTRRandom(t *testing.T) { - var key [KeySize]byte - rand.Read(key[:]) - c := NewCipher(key, SboxDefault) - f := func(ivRaw []byte, pt []byte) bool { - if len(pt) == 0 || len(ivRaw) < 8 { + f := func(key [KeySize]byte, iv [BlockSize]byte, pt []byte) bool { + if len(pt) == 0 { return true } - var iv [8]byte - copy(iv[:], ivRaw[:8]) + c := NewCipher(key[:], SboxDefault) tmp := make([]byte, len(pt)) - ctr := c.NewCTR(iv) - ctr.XORKeyStream(tmp, pt) - ctr = c.NewCTR(iv) + ctr := c.NewCTR(iv[:]) + ctr.XORKeyStream(tmp, pt[:]) + ctr = c.NewCTR(iv[:]) ctr.XORKeyStream(tmp, tmp) return bytes.Compare(tmp, pt) == 0 } @@ -178,17 +174,17 @@ func TestCTRRandom(t *testing.T) { } } func TestCTRInterface(t *testing.T) { - var key [32]byte + var key [KeySize]byte var iv [8]byte - c := NewCipher(key, SboxDefault) - var _ cipher.Stream = c.NewCTR(iv) + c := NewCipher(key[:], SboxDefault) + var _ cipher.Stream = c.NewCTR(iv[:]) } func BenchmarkCTR(b *testing.B) { - var key [KeySize]byte - var iv [BlockSize]byte - rand.Read(key[:]) - rand.Read(iv[:]) + key := make([]byte, KeySize) + iv := make([]byte, BlockSize) + rand.Read(key) + rand.Read(iv) dst := make([]byte, BlockSize) src := make([]byte, BlockSize) rand.Read(src) diff --git a/src/cypherpunks.ru/gogost/gost28147/ecb_test.go b/src/cypherpunks.ru/gogost/gost28147/ecb_test.go index b293a22..76928c9 100644 --- a/src/cypherpunks.ru/gogost/gost28147/ecb_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/ecb_test.go @@ -23,7 +23,7 @@ import ( ) func TestECBGCL3Vectors(t *testing.T) { - key := [KeySize]byte{ + key := []byte{ 0x04, 0x75, 0xf6, 0xe0, 0x50, 0x38, 0xfb, 0xfa, 0xd2, 0xc7, 0xc3, 0x90, 0xed, 0xb3, 0xca, 0x3d, 0x15, 0x47, 0x12, 0x42, 0x91, 0xae, 0x1e, 0x8a, @@ -114,135 +114,129 @@ func TestECBGCL3Vectors(t *testing.T) { // Crypto++ 5.6.2 test vectors func TestECBCryptoPPVectors(t *testing.T) { sbox := &SboxAppliedCryptographyParamSet - var key [KeySize]byte - var pt [BlockSize]byte - var ct [BlockSize]byte tmp := make([]byte, BlockSize) - var c *Cipher - - key = [KeySize]byte{ + key := []byte{ 0xBE, 0x5E, 0xC2, 0x00, 0x6C, 0xFF, 0x9D, 0xCF, 0x52, 0x35, 0x49, 0x59, 0xF1, 0xFF, 0x0C, 0xBF, 0xE9, 0x50, 0x61, 0xB5, 0xA6, 0x48, 0xC1, 0x03, 0x87, 0x06, 0x9C, 0x25, 0x99, 0x7C, 0x06, 0x72, } - pt = [BlockSize]byte{0x0D, 0xF8, 0x28, 0x02, 0xB7, 0x41, 0xA2, 0x92} - ct = [BlockSize]byte{0x07, 0xF9, 0x02, 0x7D, 0xF7, 0xF7, 0xDF, 0x89} - c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + pt := []byte{0x0D, 0xF8, 0x28, 0x02, 0xB7, 0x41, 0xA2, 0x92} + ct := []byte{0x07, 0xF9, 0x02, 0x7D, 0xF7, 0xF7, 0xDF, 0x89} + c := NewCipher(key, sbox) + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0xB3, 0x85, 0x27, 0x2A, 0xC8, 0xD7, 0x2A, 0x5A, 0x8B, 0x34, 0x4B, 0xC8, 0x03, 0x63, 0xAC, 0x4D, 0x09, 0xBF, 0x58, 0xF4, 0x1F, 0x54, 0x06, 0x24, 0xCB, 0xCB, 0x8F, 0xDC, 0xF5, 0x53, 0x07, 0xD7, } - pt = [BlockSize]byte{0x13, 0x54, 0xEE, 0x9C, 0x0A, 0x11, 0xCD, 0x4C} - ct = [BlockSize]byte{0x4F, 0xB5, 0x05, 0x36, 0xF9, 0x60, 0xA7, 0xB1} + pt = []byte{0x13, 0x54, 0xEE, 0x9C, 0x0A, 0x11, 0xCD, 0x4C} + ct = []byte{0x4F, 0xB5, 0x05, 0x36, 0xF9, 0x60, 0xA7, 0xB1} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0xAE, 0xE0, 0x2F, 0x60, 0x9A, 0x35, 0x66, 0x0E, 0x40, 0x97, 0xE5, 0x46, 0xFD, 0x30, 0x26, 0xB0, 0x32, 0xCD, 0x10, 0x7C, 0x7D, 0x45, 0x99, 0x77, 0xAD, 0xF4, 0x89, 0xBE, 0xF2, 0x65, 0x22, 0x62, } - pt = [BlockSize]byte{0x66, 0x93, 0xD4, 0x92, 0xC4, 0xB0, 0xCC, 0x39} - ct = [BlockSize]byte{0x67, 0x00, 0x34, 0xAC, 0x0F, 0xA8, 0x11, 0xB5} + pt = []byte{0x66, 0x93, 0xD4, 0x92, 0xC4, 0xB0, 0xCC, 0x39} + ct = []byte{0x67, 0x00, 0x34, 0xAC, 0x0F, 0xA8, 0x11, 0xB5} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0x32, 0x0E, 0x9D, 0x84, 0x22, 0x16, 0x5D, 0x58, 0x91, 0x1D, 0xFC, 0x7D, 0x8B, 0xBB, 0x1F, 0x81, 0xB0, 0xEC, 0xD9, 0x24, 0x02, 0x3B, 0xF9, 0x4D, 0x9D, 0xF7, 0xDC, 0xF7, 0x80, 0x12, 0x40, 0xE0, } - pt = [BlockSize]byte{0x99, 0xE2, 0xD1, 0x30, 0x80, 0x92, 0x8D, 0x79} - ct = [BlockSize]byte{0x81, 0x18, 0xFF, 0x9D, 0x3B, 0x3C, 0xFE, 0x7D} + pt = []byte{0x99, 0xE2, 0xD1, 0x30, 0x80, 0x92, 0x8D, 0x79} + ct = []byte{0x81, 0x18, 0xFF, 0x9D, 0x3B, 0x3C, 0xFE, 0x7D} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0xC9, 0xF7, 0x03, 0xBB, 0xBF, 0xC6, 0x36, 0x91, 0xBF, 0xA3, 0xB7, 0xB8, 0x7E, 0xA8, 0xFD, 0x5E, 0x8E, 0x8E, 0xF3, 0x84, 0xEF, 0x73, 0x3F, 0x1A, 0x61, 0xAE, 0xF6, 0x8C, 0x8F, 0xFA, 0x26, 0x5F, } - pt = [BlockSize]byte{0xD1, 0xE7, 0x87, 0x74, 0x9C, 0x72, 0x81, 0x4C} - ct = [BlockSize]byte{0xA0, 0x83, 0x82, 0x6A, 0x79, 0x0D, 0x3E, 0x0C} + pt = []byte{0xD1, 0xE7, 0x87, 0x74, 0x9C, 0x72, 0x81, 0x4C} + ct = []byte{0xA0, 0x83, 0x82, 0x6A, 0x79, 0x0D, 0x3E, 0x0C} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0x72, 0x8F, 0xEE, 0x32, 0xF0, 0x4B, 0x4C, 0x65, 0x4A, 0xD7, 0xF6, 0x07, 0xD7, 0x1C, 0x66, 0x0C, 0x2C, 0x26, 0x70, 0xD7, 0xC9, 0x99, 0x71, 0x32, 0x33, 0x14, 0x9A, 0x1C, 0x0C, 0x17, 0xA1, 0xF0, } - pt = [BlockSize]byte{0xD4, 0xC0, 0x53, 0x23, 0xA4, 0xF7, 0xA7, 0xB5} - ct = [BlockSize]byte{0x4D, 0x1F, 0x2E, 0x6B, 0x0D, 0x9D, 0xE2, 0xCE} + pt = []byte{0xD4, 0xC0, 0x53, 0x23, 0xA4, 0xF7, 0xA7, 0xB5} + ct = []byte{0x4D, 0x1F, 0x2E, 0x6B, 0x0D, 0x9D, 0xE2, 0xCE} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0x35, 0xFC, 0x96, 0x40, 0x22, 0x09, 0x50, 0x0F, 0xCF, 0xDE, 0xF5, 0x35, 0x2D, 0x1A, 0xBB, 0x03, 0x8F, 0xE3, 0x3F, 0xC0, 0xD9, 0xD5, 0x85, 0x12, 0xE5, 0x63, 0x70, 0xB2, 0x2B, 0xAA, 0x13, 0x3B, } - pt = [BlockSize]byte{0x87, 0x42, 0xD9, 0xA0, 0x5F, 0x6A, 0x3A, 0xF6} - ct = [BlockSize]byte{0x2F, 0x3B, 0xB8, 0x48, 0x79, 0xD1, 0x1E, 0x52} + pt = []byte{0x87, 0x42, 0xD9, 0xA0, 0x5F, 0x6A, 0x3A, 0xF6} + ct = []byte{0x2F, 0x3B, 0xB8, 0x48, 0x79, 0xD1, 0x1E, 0x52} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } - key = [KeySize]byte{ + key = []byte{ 0xD4, 0x16, 0xF6, 0x30, 0xBE, 0x65, 0xB7, 0xFE, 0x15, 0x06, 0x56, 0x18, 0x33, 0x70, 0xE0, 0x70, 0x18, 0x23, 0x4E, 0xE5, 0xDA, 0x3D, 0x89, 0xC4, 0xCE, 0x91, 0x52, 0xA0, 0x3E, 0x5B, 0xFB, 0x77, } - pt = [BlockSize]byte{0xF8, 0x65, 0x06, 0xDA, 0x04, 0xE4, 0x1C, 0xB8} - ct = [BlockSize]byte{0x96, 0xF0, 0xA5, 0xC7, 0x7A, 0x04, 0xF5, 0xCE} + pt = []byte{0xF8, 0x65, 0x06, 0xDA, 0x04, 0xE4, 0x1C, 0xB8} + ct = []byte{0x96, 0xF0, 0xA5, 0xC7, 0x7A, 0x04, 0xF5, 0xCE} c = NewCipher(key, sbox) - c.Encrypt(tmp, pt[:]) - if bytes.Compare(tmp, ct[:]) != 0 { + c.Encrypt(tmp, pt) + if bytes.Compare(tmp, ct) != 0 { t.Fail() } } // http://cryptomanager.com/tv.html test vectors. func TestECBCryptomanager(t *testing.T) { - sbox := &SboxIdGostR341194TestParamSet - key := [KeySize]byte{ + key := []byte{ 0x75, 0x71, 0x31, 0x34, 0xB6, 0x0F, 0xEC, 0x45, 0xA6, 0x07, 0xBB, 0x83, 0xAA, 0x37, 0x46, 0xAF, 0x4F, 0xF9, 0x9D, 0xA6, 0xD1, 0xB5, 0x3B, 0x5B, 0x1B, 0x40, 0x2A, 0x1B, 0xAA, 0x03, 0x0D, 0x1B, } - c := NewCipher(key, sbox) + c := NewCipher(key, &SboxIdGostR341194TestParamSet) tmp := make([]byte, BlockSize) c.Encrypt(tmp, []byte{0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88}) if bytes.Compare(tmp, []byte{0x03, 0x25, 0x1E, 0x14, 0xF9, 0xD2, 0x8A, 0xCB}) != 0 { @@ -251,8 +245,8 @@ func TestECBCryptomanager(t *testing.T) { } func TestECBInterface(t *testing.T) { - var key [32]byte - c := NewCipher(key, SboxDefault) + var key [KeySize]byte + c := NewCipher(key[:], SboxDefault) var _ cipher.BlockMode = c.NewECBEncrypter() var _ cipher.BlockMode = c.NewECBDecrypter() } diff --git a/src/cypherpunks.ru/gogost/gost28147/mac.go b/src/cypherpunks.ru/gogost/gost28147/mac.go index 2849f15..05e8a32 100644 --- a/src/cypherpunks.ru/gogost/gost28147/mac.go +++ b/src/cypherpunks.ru/gogost/gost28147/mac.go @@ -41,12 +41,15 @@ type MAC struct { // Size is in bytes and must be between 1 and 8. To be RFC conformant, // iv must be the first block of the authenticated data, second and // following ones are fed to Write function. -func (c *Cipher) NewMAC(size int, iv [BlockSize]byte) (*MAC, error) { +func (c *Cipher) NewMAC(size int, iv []byte) (*MAC, error) { if size == 0 || size > 8 { return nil, errors.New("Invalid tag size") } - m := MAC{c: c, size: size, iv: iv[:]} - n2, n1 := block2nvs(iv[:]) + if len(iv) != BlockSize { + return nil, errors.New("iv length is not equal to blocksize") + } + m := MAC{c: c, size: size, iv: iv} + n2, n1 := block2nvs(iv) m.iv = make([]byte, BlockSize) nvs2block(n1, n2, m.iv) m.prev = make([]byte, BlockSize) diff --git a/src/cypherpunks.ru/gogost/gost28147/mac_test.go b/src/cypherpunks.ru/gogost/gost28147/mac_test.go index 0aea54c..58ed6ec 100644 --- a/src/cypherpunks.ru/gogost/gost28147/mac_test.go +++ b/src/cypherpunks.ru/gogost/gost28147/mac_test.go @@ -25,11 +25,10 @@ import ( ) func TestMACVectors(t *testing.T) { - var key [KeySize]byte - copy(key[:], []byte("This is message\xFF length\x0032 bytes")) + key := []byte("This is message\xFF length\x0032 bytes") c := NewCipher(key, SboxDefault) var iv [8]byte - m, err := c.NewMAC(8, iv) + m, err := c.NewMAC(8, iv[:]) if err != nil { t.Fail() } @@ -65,16 +64,12 @@ func TestMACVectors(t *testing.T) { func TestMACRandom(t *testing.T) { var key [KeySize]byte rand.Read(key[:]) - c := NewCipher(key, SboxDefault) - f := func(ivRaw []byte, data []byte) bool { + c := NewCipher(key[:], SboxDefault) + f := func(iv [BlockSize]byte, data []byte) bool { if len(data) == 0 { return true } - var iv [8]byte - if len(ivRaw) >= 8 { - copy(iv[:], ivRaw[:8]) - } - m, err := c.NewMAC(8, iv) + m, err := c.NewMAC(8, iv[:]) if err != nil { t.Fail() } @@ -99,23 +94,23 @@ func TestMACRandom(t *testing.T) { } func TestMACInterface(t *testing.T) { - var key [32]byte + var key [KeySize]byte var iv [8]byte - c := NewCipher(key, SboxDefault) - m, _ := c.NewMAC(8, iv) + c := NewCipher(key[:], SboxDefault) + m, _ := c.NewMAC(8, iv[:]) var _ hash.Hash = m } func BenchmarkMAC(b *testing.B) { - var key [KeySize]byte - var iv [BlockSize]byte - rand.Read(key[:]) - rand.Read(iv[:]) + key := make([]byte, KeySize) + iv := make([]byte, BlockSize) + rand.Read(key) + rand.Read(iv) b1 := make([]byte, BlockSize) b2 := make([]byte, BlockSize) rand.Read(b1) rand.Read(b2) - c := NewCipher(key, SboxDefault) + c := NewCipher(key[:], SboxDefault) mac, _ := c.NewMAC(BlockSize, iv) b.ResetTimer() for i := 0; i < b.N; i++ { diff --git a/src/cypherpunks.ru/gogost/gost341194/hash.go b/src/cypherpunks.ru/gogost/gost341194/hash.go index 71cbb87..9819422 100644 --- a/src/cypherpunks.ru/gogost/gost341194/hash.go +++ b/src/cypherpunks.ru/gogost/gost341194/hash.go @@ -145,8 +145,7 @@ func (h *Hash) step(hin, m [BlockSize]byte) [BlockSize]byte { blockXor(k, u, v) k = fP(k) blockReverse(k[:], k[:]) - kk := *k - c := gost28147.NewCipher(kk, h.sbox) + c := gost28147.NewCipher(k[:], h.sbox) s := make([]byte, gost28147.BlockSize) c.Encrypt(s, []byte{ hin[31], hin[30], hin[29], hin[28], hin[27], hin[26], hin[25], hin[24], @@ -165,7 +164,7 @@ func (h *Hash) step(hin, m [BlockSize]byte) [BlockSize]byte { blockXor(k, u, v) k = fP(k) blockReverse(k[:], k[:]) - c = gost28147.NewCipher(*k, h.sbox) + c = gost28147.NewCipher(k[:], h.sbox) c.Encrypt(s, []byte{ hin[23], hin[22], hin[21], hin[20], hin[19], hin[18], hin[17], hin[16], }) @@ -183,7 +182,7 @@ func (h *Hash) step(hin, m [BlockSize]byte) [BlockSize]byte { blockXor(k, u, v) k = fP(k) blockReverse(k[:], k[:]) - c = gost28147.NewCipher(*k, h.sbox) + c = gost28147.NewCipher(k[:], h.sbox) c.Encrypt(s, []byte{ hin[15], hin[14], hin[13], hin[12], hin[11], hin[10], hin[9], hin[8], }) @@ -201,7 +200,7 @@ func (h *Hash) step(hin, m [BlockSize]byte) [BlockSize]byte { blockXor(k, u, v) k = fP(k) blockReverse(k[:], k[:]) - c = gost28147.NewCipher(*k, h.sbox) + c = gost28147.NewCipher(k[:], h.sbox) c.Encrypt(s, []byte{ hin[7], hin[6], hin[5], hin[4], hin[3], hin[2], hin[1], hin[0], }) diff --git a/src/cypherpunks.ru/gogost/gost3412128/cipher.go b/src/cypherpunks.ru/gogost/gost3412128/cipher.go index 9281892..e118d31 100644 --- a/src/cypherpunks.ru/gogost/gost3412128/cipher.go +++ b/src/cypherpunks.ru/gogost/gost3412128/cipher.go @@ -132,7 +132,10 @@ func (c *Cipher) BlockSize() int { return BlockSize } -func NewCipher(key [KeySize]byte) *Cipher { +func NewCipher(key []byte) *Cipher { + if len(key) != KeySize { + panic("invalid key size") + } ks := new([10]*[BlockSize]byte) kr0 := new([BlockSize]byte) kr1 := new([BlockSize]byte) diff --git a/src/cypherpunks.ru/gogost/gost3412128/cipher_test.go b/src/cypherpunks.ru/gogost/gost3412128/cipher_test.go index afccfcb..86c6add 100644 --- a/src/cypherpunks.ru/gogost/gost3412128/cipher_test.go +++ b/src/cypherpunks.ru/gogost/gost3412128/cipher_test.go @@ -26,7 +26,7 @@ import ( ) var ( - key [KeySize]byte = [KeySize]byte{ + key []byte = []byte{ 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, @@ -43,15 +43,14 @@ var ( ) func TestCipherInterface(t *testing.T) { - var key [32]byte - var _ cipher.Block = NewCipher(key) + var _ cipher.Block = NewCipher(make([]byte, KeySize)) } func TestRandom(t *testing.T) { data := make([]byte, BlockSize) f := func(key [KeySize]byte, pt [BlockSize]byte) bool { io.ReadFull(rand.Reader, key[:]) - c := NewCipher(key) + c := NewCipher(key[:]) c.Encrypt(data, pt[:]) c.Decrypt(data, data) return bytes.Compare(data, pt[:]) == 0 @@ -62,8 +61,8 @@ func TestRandom(t *testing.T) { } func BenchmarkEncrypt(b *testing.B) { - var key [KeySize]byte - io.ReadFull(rand.Reader, key[:]) + key := make([]byte, KeySize) + io.ReadFull(rand.Reader, key) c := NewCipher(key) blk := make([]byte, BlockSize) b.ResetTimer() @@ -73,8 +72,8 @@ func BenchmarkEncrypt(b *testing.B) { } func BenchmarkDecrypt(b *testing.B) { - var key [KeySize]byte - io.ReadFull(rand.Reader, key[:]) + key := make([]byte, KeySize) + io.ReadFull(rand.Reader, key) c := NewCipher(key) blk := make([]byte, BlockSize) b.ResetTimer() diff --git a/src/cypherpunks.ru/gogost/gost341264/cipher.go b/src/cypherpunks.ru/gogost/gost341264/cipher.go index 68a43b8..813d79d 100644 --- a/src/cypherpunks.ru/gogost/gost341264/cipher.go +++ b/src/cypherpunks.ru/gogost/gost341264/cipher.go @@ -31,8 +31,11 @@ type Cipher struct { blk *[BlockSize]byte } -func NewCipher(key [KeySize]byte) *Cipher { - keyCompatible := new([KeySize]byte) +func NewCipher(key []byte) *Cipher { + if len(key) != KeySize { + panic("invalid key size") + } + keyCompatible := make([]byte, KeySize) for i := 0; i < KeySize/4; i++ { keyCompatible[i*4+0] = key[i*4+3] keyCompatible[i*4+1] = key[i*4+2] @@ -40,10 +43,7 @@ func NewCipher(key [KeySize]byte) *Cipher { keyCompatible[i*4+3] = key[i*4+0] } return &Cipher{ - c: gost28147.NewCipher( - *keyCompatible, - &gost28147.SboxIdtc26gost28147paramZ, - ), + c: gost28147.NewCipher(keyCompatible, &gost28147.SboxIdtc26gost28147paramZ), blk: new([BlockSize]byte), } } diff --git a/src/cypherpunks.ru/gogost/gost341264/cipher_test.go b/src/cypherpunks.ru/gogost/gost341264/cipher_test.go index 592c121..814a4eb 100644 --- a/src/cypherpunks.ru/gogost/gost341264/cipher_test.go +++ b/src/cypherpunks.ru/gogost/gost341264/cipher_test.go @@ -23,12 +23,11 @@ import ( ) func TestCipherInterface(t *testing.T) { - var key [32]byte - var _ cipher.Block = NewCipher(key) + var _ cipher.Block = NewCipher(make([]byte, KeySize)) } func TestVector(t *testing.T) { - key := [KeySize]byte{ + key := []byte{ 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, diff --git a/src/cypherpunks.ru/gogost/mgm/mode_test.go b/src/cypherpunks.ru/gogost/mgm/mode_test.go index 84f0ef1..c4f28da 100644 --- a/src/cypherpunks.ru/gogost/mgm/mode_test.go +++ b/src/cypherpunks.ru/gogost/mgm/mode_test.go @@ -28,7 +28,7 @@ import ( ) func TestVector(t *testing.T) { - key := [gost3412128.KeySize]byte{ + key := []byte{ 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10, @@ -133,7 +133,7 @@ func TestSymmetric(t *testing.T) { sym( gost3412128.KeySize, gost3412128.BlockSize, - gost3412128.NewCipher(*key128), + gost3412128.NewCipher(key128[:]), nonce[:gost3412128.BlockSize], ) @@ -142,7 +142,7 @@ func TestSymmetric(t *testing.T) { sym( gost341264.KeySize, gost341264.BlockSize, - gost341264.NewCipher(*key64), + gost341264.NewCipher(key64[:]), nonce[:gost341264.BlockSize], ) } -- 2.44.0