+++ /dev/null
-// GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, version 3 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-package gost34112012256
-
-import (
- "crypto/subtle"
-)
-
-type ESPTree struct {
- keyRoot []byte
- isPrev [5]byte
- key []byte
-}
-
-func NewESPTree(keyRoot []byte) *ESPTree {
- key := make([]byte, len(keyRoot))
- copy(key, keyRoot)
- t := &ESPTree{
- keyRoot: key,
- key: make([]byte, Size),
- }
- t.isPrev[0] += 1 // invalidate cache
- t.DeriveCached([]byte{0x00, 0x00, 0x00, 0x00, 0x00})
- return t
-}
-
-func (t *ESPTree) DeriveCached(is []byte) ([]byte, bool) {
- if len(is) != 1+2+2 {
- panic("invalid i1+i2+i3 input")
- }
- if subtle.ConstantTimeCompare(t.isPrev[:], is) == 1 {
- return t.key, true
- }
- kdf1 := NewKDF(t.keyRoot)
- kdf2 := NewKDF(kdf1.Derive(t.key[:0], []byte("level1"), append([]byte{0}, is[0])))
- kdf3 := NewKDF(kdf2.Derive(t.key[:0], []byte("level2"), is[1:3]))
- kdf3.Derive(t.key[:0], []byte("level3"), is[3:5])
- copy(t.isPrev[:], is)
- return t.key, false
-}
-
-func (t *ESPTree) Derive(is []byte) []byte {
- keyDerived := make([]byte, Size)
- key, _ := t.DeriveCached(is)
- copy(keyDerived, key)
- return keyDerived
-}