1 /**********************************************************************
3 * Copyright (c) 2005-2006 Cryptocom LTD *
4 * This file is distributed under the same license as OpenSSL *
6 * Implementation of RFC 4490/4491 ASN1 method *
8 * Requires OpenSSL 0.9.9 for compilation *
9 **********************************************************************/
10 #include <openssl/engine.h>
11 #include <openssl/evp.h>
13 #include "gost_params.h"
15 #include "e_gost_err.h"
17 int gost94_nid_by_params(DSA *p)
19 R3410_params *gost_params;
21 for (gost_params = R3410_paramset;gost_params->q!=NULL; gost_params++)
23 BN_dec2bn(&q,gost_params->q);
27 return gost_params->nid;
34 static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
36 ASN1_STRING *params = ASN1_STRING_new();
37 GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
38 int pkey_param_nid = NID_undef;
39 int cipher_param_nid = NID_undef;
42 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
43 ERR_R_MALLOC_FAILURE);
44 ASN1_STRING_free(params);
48 switch (EVP_PKEY_base_id(key))
50 case NID_id_GostR3410_2001_cc:
51 pkey_param_nid = NID_id_GostR3410_2001_ParamSet_cc;
52 cipher_param_nid = NID_id_Gost28147_89_cc;
54 case NID_id_GostR3410_94_cc:
55 pkey_param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
56 cipher_param_nid = NID_id_Gost28147_89_cc;
58 case NID_id_GostR3410_2001:
59 pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
60 cipher_param_nid = get_encryption_params(NULL)->nid;
62 case NID_id_GostR3410_94:
63 pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
64 if (pkey_param_nid == NID_undef)
66 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
67 GOST_R_INVALID_GOST94_PARMSET);
68 ASN1_STRING_free(params);
72 cipher_param_nid = get_encryption_params(NULL)->nid;
75 gkp->key_params = OBJ_nid2obj(pkey_param_nid);
76 gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
77 /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);*/
78 params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data);
79 if (params->length <=0 )
81 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
82 ERR_R_MALLOC_FAILURE);
83 ASN1_STRING_free(params);
87 params ->type = V_ASN1_SEQUENCE;
89 GOST_KEY_PARAMS_free(gkp);
93 /* Parses GOST algorithm parameters from X509_ALGOR and
94 * modifies pkey setting NID and parameters
96 static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg)
98 ASN1_OBJECT *palg_obj =NULL;
99 int ptype = V_ASN1_UNDEF;
100 int pkey_nid = NID_undef,param_nid = NID_undef;
102 ASN1_STRING *pval = NULL;
103 const unsigned char *p;
104 GOST_KEY_PARAMS *gkp = NULL;
106 X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg);
108 if (ptype != V_ASN1_SEQUENCE)
110 GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
111 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
115 pkey_nid = OBJ_obj2nid(palg_obj);
117 gkp = d2i_GOST_KEY_PARAMS(NULL,&p,pval->length);
120 GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
121 GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
123 param_nid = OBJ_obj2nid(gkp->key_params);
124 GOST_KEY_PARAMS_free(gkp);
125 EVP_PKEY_set_type(pkey,pkey_nid);
128 case NID_id_GostR3410_94:
129 case NID_id_GostR3410_94_cc:
131 DSA *dsa= EVP_PKEY_get0(pkey);
135 if (!EVP_PKEY_assign(pkey,pkey_nid,dsa)) return 0;
137 if (!fill_GOST94_params(dsa,param_nid)) return 0;
140 case NID_id_GostR3410_2001:
141 case NID_id_GostR3410_2001_cc:
143 EC_KEY *ec = EVP_PKEY_get0(pkey);
147 if (!EVP_PKEY_assign(pkey,pkey_nid,ec)) return 0;
149 if (!fill_GOST2001_params(ec,param_nid)) return 0;
156 static int gost_set_priv_key(EVP_PKEY *pkey,BIGNUM *priv)
158 switch (EVP_PKEY_base_id(pkey))
160 case NID_id_GostR3410_94:
161 case NID_id_GostR3410_94_cc:
163 DSA *dsa = EVP_PKEY_get0(pkey);
167 EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),dsa);
169 dsa->priv_key = BN_dup(priv);
170 if (!EVP_PKEY_missing_parameters(pkey))
171 gost94_compute_public(dsa);
174 case NID_id_GostR3410_2001:
175 case NID_id_GostR3410_2001_cc:
177 EC_KEY *ec = EVP_PKEY_get0(pkey);
181 EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),ec);
183 if (!EC_KEY_set_private_key(ec,priv)) return 0;
184 if (!EVP_PKEY_missing_parameters(pkey))
185 gost2001_compute_public(ec);
191 BIGNUM* gost_get_priv_key(const EVP_PKEY *pkey)
193 switch (EVP_PKEY_base_id(pkey))
195 case NID_id_GostR3410_94:
196 case NID_id_GostR3410_94_cc:
198 DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
203 if (!dsa->priv_key) return NULL;
204 return BN_dup(dsa->priv_key);
207 case NID_id_GostR3410_2001:
208 case NID_id_GostR3410_2001_cc:
210 EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
216 if (!(priv=EC_KEY_get0_private_key(ec))) return NULL;
224 static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
225 long arg1, void *arg2)
229 case ASN1_PKEY_CTRL_PKCS7_SIGN:
232 X509_ALGOR *alg1 = NULL, *alg2 = NULL;
233 int nid = EVP_PKEY_base_id(pkey);
234 PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO*)arg2,
236 X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
238 if (nid == NID_undef)
242 X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
245 case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
249 ASN1_STRING * params = encode_gost_algor_params(pkey);
254 PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO*)arg2, &alg);
255 X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
256 V_ASN1_SEQUENCE, params);
259 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
260 *(int *)arg2 = NID_id_GostR3411_94;
266 /*----------------------- free functions * ------------------------------*/
267 static void pkey_free_gost94(EVP_PKEY *key)
271 DSA_free(key->pkey.dsa);
275 static void pkey_free_gost01(EVP_PKEY *key)
279 EC_KEY_free(key->pkey.ec);
283 /* ------------------ private key functions -----------------------------*/
284 static int priv_decode_gost( EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
286 const unsigned char *pkey_buf = NULL,*p=NULL;
290 X509_ALGOR *palg =NULL;
291 ASN1_OBJECT *palg_obj = NULL;
292 ASN1_INTEGER *priv_key=NULL;
294 if (!PKCS8_pkey_get0(&palg_obj,&pkey_buf,&priv_len,&palg,p8inf))
297 if (!decode_gost_algor_params(pk,palg))
301 if (V_ASN1_OCTET_STRING == *p)
303 /* New format - Little endian octet string */
304 unsigned char rev_buf[32];
306 ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL,&p,priv_len);
307 if (!s||s->length !=32)
309 GOSTerr(GOST_F_PRIV_DECODE_GOST_94,
315 rev_buf[31-i]=s->data[i];
318 pk_num = getbnfrombuf(rev_buf,32);
322 priv_key=d2i_ASN1_INTEGER(NULL,&p,priv_len);
323 if (!priv_key || !(pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)))
325 GOSTerr(GOST_F_PRIV_DECODE_GOST_94,
331 ret= gost_set_priv_key(pk,pk_num);
336 /* ----------------------------------------------------------------------*/
337 static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
339 ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
340 ASN1_STRING *params = encode_gost_algor_params(pk);
341 unsigned char *priv_buf = NULL;
345 ASN1_INTEGER *asn1key=NULL;
350 key = gost_get_priv_key(pk);
351 asn1key = BN_to_ASN1_INTEGER(key,NULL);
353 priv_len = i2d_ASN1_INTEGER(asn1key,&priv_buf);
354 ASN1_INTEGER_free(asn1key);
355 return PKCS8_pkey_set0(p8,algobj,0,V_ASN1_SEQUENCE,params,
359 static int priv_print_gost (BIO *out,const EVP_PKEY *pkey, int indent,
363 if (!BIO_indent(out,indent,128)) return 0;
364 key = gost_get_priv_key(pkey);
371 /* ---------------------------------------------------------------------*/
372 static int param_missing_gost94(const EVP_PKEY *pk)
374 const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
376 if (!dsa->q) return 1;
380 static int param_missing_gost01(const EVP_PKEY *pk)
382 const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
384 if (!EC_KEY_get0_group(ec)) return 1;
388 static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from)
390 const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from);
391 DSA *dto = EVP_PKEY_get0(to);
392 if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to))
394 GOSTerr(GOST_F_PARAM_COPY_GOST94,
395 GOST_R_INCOMPATIBLE_ALGORITHMS);
400 GOSTerr(GOST_F_PARAM_COPY_GOST94,
401 GOST_R_KEY_PARAMETERS_MISSING);
407 EVP_PKEY_assign(to,EVP_PKEY_base_id(from),dto);
409 #define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x);
410 COPYBIGNUM(dto,dfrom,p)
411 COPYBIGNUM(dto,dfrom,q)
412 COPYBIGNUM(dto,dfrom,g)
415 gost94_compute_public(dto);
418 static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
420 EC_KEY *eto = EVP_PKEY_get0(to);
421 const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
422 if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to))
424 GOSTerr(GOST_F_PARAM_COPY_GOST01,
425 GOST_R_INCOMPATIBLE_ALGORITHMS);
430 GOSTerr(GOST_F_PARAM_COPY_GOST94,
431 GOST_R_KEY_PARAMETERS_MISSING);
437 EVP_PKEY_assign(to,EVP_PKEY_base_id(from),eto);
439 EC_KEY_set_group(eto,EC_GROUP_dup(EC_KEY_get0_group(efrom)));
440 if (EC_KEY_get0_private_key(eto))
442 gost2001_compute_public(eto);
447 static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
449 const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
450 const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
451 if (!BN_cmp(da->q,db->q)) return 1;
455 static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
457 if (EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a)))==
458 EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)b))))
466 /* ---------- Public key functions * --------------------------------------*/
467 static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
469 X509_ALGOR *palg = NULL;
470 const unsigned char *pubkey_buf = NULL;
471 unsigned char *databuf;
472 ASN1_OBJECT *palgobj = NULL;
475 ASN1_OCTET_STRING *octet= NULL;
477 if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
478 &palg, pub)) return 0;
479 EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);
480 if (!decode_gost_algor_params(pk,palg)) return 0;
481 octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
484 GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
487 databuf = OPENSSL_malloc(octet->length);
488 for (i=0,j=octet->length-1;i<octet->length;i++,j--)
490 databuf[j]=octet->data[i];
492 dsa = EVP_PKEY_get0(pk);
493 dsa->pub_key=BN_bin2bn(databuf,octet->length,NULL);
494 ASN1_OCTET_STRING_free(octet);
495 OPENSSL_free(databuf);
500 static int pub_encode_gost94(X509_PUBKEY *pub,const EVP_PKEY *pk)
502 ASN1_OBJECT *algobj = NULL;
503 ASN1_OCTET_STRING *octet = NULL;
505 unsigned char *buf=NULL,*databuf,*sptr;
506 int i,j,data_len,ret=0;
508 int ptype = V_ASN1_UNDEF;
509 DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
510 algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
511 if (pk->save_parameters)
513 ASN1_STRING *params = encode_gost_algor_params(pk);
515 ptype = V_ASN1_SEQUENCE;
517 data_len = BN_num_bytes(dsa->pub_key);
518 databuf = OPENSSL_malloc(data_len);
519 BN_bn2bin(dsa->pub_key,databuf);
520 octet = ASN1_OCTET_STRING_new();
521 ASN1_STRING_set(octet,NULL,data_len);
522 sptr = ASN1_STRING_data(octet);
523 for (i=0,j=data_len-1; i< data_len;i++,j--)
527 OPENSSL_free(databuf);
528 ret = i2d_ASN1_OCTET_STRING(octet,&buf);
529 ASN1_BIT_STRING_free(octet);
530 if (ret <0) return 0;
531 return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
534 static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub)
536 X509_ALGOR *palg = NULL;
537 const unsigned char *pubkey_buf = NULL;
538 unsigned char *databuf;
539 ASN1_OBJECT *palgobj = NULL;
543 ASN1_OCTET_STRING *octet= NULL;
544 const EC_GROUP *group;
546 if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
547 &palg, pub)) return 0;
548 EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);
549 if (!decode_gost_algor_params(pk,palg)) return 0;
550 group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
551 octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
554 GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
557 databuf = OPENSSL_malloc(octet->length);
558 for (i=0,j=octet->length-1;i<octet->length;i++,j--)
560 databuf[j]=octet->data[i];
562 if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc)
564 X= getbnfrombuf(databuf,octet->length/2);
565 Y= getbnfrombuf(databuf+(octet->length/2),octet->length/2);
569 Y= getbnfrombuf(databuf,octet->length/2);
570 X= getbnfrombuf(databuf+(octet->length/2),octet->length/2);
572 OPENSSL_free(databuf);
573 pub_key = EC_POINT_new(group);
574 if (!EC_POINT_set_affine_coordinates_GFp(group
577 GOSTerr(GOST_F_PUB_DECODE_GOST01,
583 if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk),pub_key))
585 GOSTerr(GOST_F_PUB_DECODE_GOST01,
589 /*EC_POINT_free(pub_key);*/
594 static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
596 ASN1_OBJECT *algobj = NULL;
597 ASN1_OCTET_STRING *octet = NULL;
599 unsigned char *buf=NULL,*databuf,*sptr;
600 int i,j,data_len,ret=0;
601 const EC_POINT *pub_key;
603 const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
604 int ptype = V_ASN1_UNDEF;
606 algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
607 if (pk->save_parameters)
609 ASN1_STRING *params = encode_gost_algor_params(pk);
611 ptype = V_ASN1_SEQUENCE;
614 EC_GROUP_get_order(EC_KEY_get0_group(ec),order,NULL);
615 pub_key=EC_KEY_get0_public_key(ec);
618 GOSTerr(GOST_F_PUB_ENCODE_GOST01,
619 GOST_R_PUBLIC_KEY_UNDEFINED);
624 EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
626 data_len = 2*BN_num_bytes(order);
628 databuf = OPENSSL_malloc(data_len);
629 memset(databuf,0,data_len);
630 if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc)
632 store_bignum(X,databuf,data_len/2);
633 store_bignum(Y,databuf+data_len/2,data_len/2);
637 store_bignum(X,databuf+data_len/2,data_len/2);
638 store_bignum(Y,databuf,data_len/2);
642 octet = ASN1_OCTET_STRING_new();
643 ASN1_STRING_set(octet,NULL,data_len);
644 sptr=ASN1_STRING_data(octet);
645 for (i=0,j=data_len-1;i<data_len;i++,j--)
649 OPENSSL_free(databuf);
650 ret = i2d_ASN1_OCTET_STRING(octet,&buf);
651 ASN1_BIT_STRING_free(octet);
652 if (ret <0) return 0;
653 return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
656 static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
658 const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
659 const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
660 if (da && db && da->pub_key && db->pub_key
661 && !BN_cmp(da->pub_key,db->pub_key))
668 static int pub_cmp_gost01(const EVP_PKEY *a,const EVP_PKEY *b)
670 const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
671 const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
672 const EC_POINT *ka,*kb;
674 if (!ea || !eb) return 0;
675 ka = EC_KEY_get0_public_key(ea);
676 kb = EC_KEY_get0_public_key(eb);
677 if (!ka || !kb) return 0;
678 ret = (0==EC_POINT_cmp(EC_KEY_get0_group(ea),ka,kb,NULL)) ;
682 static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
686 if (!BIO_indent(out,indent,128)) return 0;
687 key = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key;
693 static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
699 static int pkey_size_gost(const EVP_PKEY *pk)
704 static int pkey_bits_gost(const EVP_PKEY *pk)
709 /* ----------------------------------------------------------------------*/
710 int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info)
712 *ameth = EVP_PKEY_asn1_new(nid,
713 ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
714 if (!*ameth) return 0;
717 case NID_id_GostR3410_94_cc:
718 case NID_id_GostR3410_94:
719 EVP_PKEY_asn1_set_free (*ameth, pkey_free_gost94);
720 EVP_PKEY_asn1_set_private (*ameth,
721 priv_decode_gost, priv_encode_gost,
724 EVP_PKEY_asn1_set_param (*ameth, 0, 0,
725 param_missing_gost94, param_copy_gost94,
726 param_cmp_gost94,0 );
727 EVP_PKEY_asn1_set_public (*ameth,
728 pub_decode_gost94, pub_encode_gost94,
729 pub_cmp_gost94, pub_print_gost94,
730 pkey_size_gost, pkey_bits_gost);
732 EVP_PKEY_asn1_set_ctrl (*ameth, pkey_ctrl_gost);
734 case NID_id_GostR3410_2001_cc:
735 case NID_id_GostR3410_2001:
736 EVP_PKEY_asn1_set_free (*ameth, pkey_free_gost01);
737 EVP_PKEY_asn1_set_private (*ameth,
738 priv_decode_gost, priv_encode_gost,
741 EVP_PKEY_asn1_set_param (*ameth, 0, 0,
742 param_missing_gost01, param_copy_gost01,
743 param_cmp_gost01, 0);
744 EVP_PKEY_asn1_set_public (*ameth,
745 pub_decode_gost01, pub_encode_gost01,
746 pub_cmp_gost01, pub_print_gost01,
747 pkey_size_gost, pkey_bits_gost);
749 EVP_PKEY_asn1_set_ctrl (*ameth, pkey_ctrl_gost);
projects / openssl.git / blob