Commit c1441665 authored by Dmitry Eremin-Solenikov's avatar Dmitry Eremin-Solenikov

lib/nettle: fix carry flag in Streebog code

Fix carry flag being calculated incorrectly in Streebog code.
Signed-off-by: Dmitry Eremin-Solenikov's avatarDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
parent 9620d12f
......@@ -14,6 +14,9 @@ See the end for copying conditions.
** libgnutls: the gnutls_srp_set_server_credentials_function can be used
with the 8192 parameters as well (#995).
** libgnutls: Fix calculation of Streebog digests (incorrect carry operation in
512 bit addition)
** API and ABI modifications:
gnutls_prf_early: Added
......
......@@ -1310,6 +1310,22 @@ const struct hash_vectors_st streebog_512_vectors[] = {
"\x03\x5f\xe8\x35\x49\xad\xa2\xb8\x62\x0f\xcd\x7c\x49\x6c\xe5\xb3"
"\x3f\x0c\xb9\xdd\xdc\x2b\x64\x60\x14\x3b\x03\xda\xba\xc9\xfb\x28"),
},
{
STR(plaintext, plaintext_size,
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"),
STR(output, output_size,
"\x90\xa1\x61\xd1\x2a\xd3\x09\x49\x8d\x3f\xe5\xd4\x82\x02\xd8\xa4"
"\xe9\xc4\x06\xd6\xa2\x64\xae\xab\x25\x8a\xc5\xec\xc3\x7a\x79\x62"
"\xaa\xf9\x58\x7a\x5a\xbb\x09\xb6\xbb\x81\xec\x4b\x37\x52\xa3\xff"
"\x5a\x83\x8e\xf1\x75\xbe\x57\x72\x05\x6b\xc5\xfe\x54\xfc\xfc\x7e"),
},
};
/* GOST R 34.11-2012 */
......
......@@ -1200,7 +1200,7 @@ static void
streebog512_compress (struct streebog512_ctx *ctx, const uint8_t *input, size_t count)
{
uint64_t M[8];
uint64_t l;
uint64_t l, cf;
int i;
for (i = 0; i < 8; i++, input += 8)
......@@ -1219,12 +1219,14 @@ streebog512_compress (struct streebog512_ctx *ctx, const uint8_t *input, size_t
}
}
cf = 0;
ctx->sigma[0] += M[0];
for (i = 1; i < 8; i++)
if (ctx->sigma[i-1] < M[i-1])
ctx->sigma[i] += M[i] + 1;
else
ctx->sigma[i] += M[i];
{
if (ctx->sigma[i-1] != M[i-1])
cf = (ctx->sigma[i-1] < M[i-1]);
ctx->sigma[i] += M[i] + cf;
}
}
static void
......
  • At line 1236, the syntax uint64_t Z[8] = {}; is not liked by MSVC (even the latest MSVC-2019).

    Easy to fix with: uint64_t Z[8] = { 0 };

    Edited by Gisle Vanem
  • @gvanem is this the only change required? Since you can test it with MSVC, could you please open a merge request with changes required?

  • @lumag Sorry, I'm a noob when it comes to Git and merge requests.

Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment