PKCS#8 support for alternative PRFs.

[openssl.git] / engines / ccgost / gost_ameth.c
diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c

index 1236d5e7637416acf4cc6d54ebb26eac38054861..2cde1fcfd9dfe492f6486911d98dc0eeee9975da 100644 (file)
--- a/engines/ccgost/gost_ameth.c
+++ b/engines/ccgost/gost_ameth.c
@@ -7,10 +7,15 @@
   *       for OpenSSL                                                  *
   *          Requires OpenSSL 0.9.9 for compilation                    *
   **********************************************************************/
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
  #include <openssl/engine.h>
  #include <openssl/evp.h>
  #include <openssl/asn1.h>
-#include <string.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
  #include "gost_params.h"
  #include "gost_lcl.h"
  #include "e_gost_err.h"
@@ -37,7 +42,7 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
         ASN1_STRING *params = ASN1_STRING_new();
         GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
         int pkey_param_nid = NID_undef;
-       int cipher_param_nid = NID_undef;
+
         if (!params || !gkp) 
                 {
                 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
@@ -50,7 +55,6 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
                 {
                 case NID_id_GostR3410_2001:
                         pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
-                       cipher_param_nid = get_encryption_params(NULL)->nid;
                         break;
                 case NID_id_GostR3410_94:
                         pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
@@ -62,7 +66,6 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
                                 params=NULL;
                                 goto err;
                                 }       
-                       cipher_param_nid = get_encryption_params(NULL)->nid;
                         break;
                 }       
         gkp->key_params = OBJ_nid2obj(pkey_param_nid);
@@ -230,6 +233,24 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
                                 X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
                                 }
                         return 1;
+#ifndef OPENSSL_NO_CMS
+               case ASN1_PKEY_CTRL_CMS_SIGN:
+                       if (arg1 == 0) 
+                               {
+                               X509_ALGOR *alg1 = NULL, *alg2 = NULL;
+                               int nid = EVP_PKEY_base_id(pkey);
+                               CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, 
+                                       NULL, NULL, &alg1, &alg2);
+                               X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
+                                       V_ASN1_NULL, 0);
+                               if (nid == NID_undef) 
+                                       {
+                                       return (-1);
+                                       }
+                               X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
+                               }
+                       return 1;
+#endif
                 case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
                         if (arg1 == 0)
                                 {
@@ -244,6 +265,22 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
                                         V_ASN1_SEQUENCE, params);
                                 }
                         return 1;
+#ifndef OPENSSL_NO_CMS
+               case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+                       if (arg1 == 0)
+                               {
+                               X509_ALGOR *alg;
+                               ASN1_STRING * params = encode_gost_algor_params(pkey);
+                               if (!params) 
+                                       {
+                                       return -1;
+                                       }
+                               CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, NULL, &alg);
+                               X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
+                                       V_ASN1_SEQUENCE, params);
+                               }
+                       return 1;
+#endif
                 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
                         *(int *)arg2 = NID_id_GostR3411_94;
                         return 2;
@@ -413,20 +450,21 @@ static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent,
                         BN_print(out,key);
                 BIO_printf(out,"\n");
                 }
-       if (type >=1) 
+       if (type >= 1) 
                 {
                 BN_CTX *ctx = BN_CTX_new();
                 BIGNUM *X,*Y;
                 const EC_POINT *pubkey;
                 const EC_GROUP *group;
-               BN_CTX_start(ctx);
-               X= BN_CTX_get(ctx);
-               Y=BN_CTX_get(ctx);
+
                 if (!ctx) 
                         {
                         GOSTerr(GOST_F_PRINT_GOST_01,ERR_R_MALLOC_FAILURE);
                         return 0;
                         }
+               BN_CTX_start(ctx);
+               X = BN_CTX_get(ctx);
+               Y = BN_CTX_get(ctx);
                 pubkey = EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
                 group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
                 if (!EC_POINT_get_affine_coordinates_GFp(group,pubkey,X,Y,ctx)) 
@@ -798,11 +836,64 @@ static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
         switch (op)
                 {
                 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-                       *(int *)arg2 = NID_undef;
+                       *(int *)arg2 = NID_id_Gost28147_89_MAC;
                         return 2;
                 }
         return -2;
  }      
+
+static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 
+{
+   int nid=gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
+   return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder);
+}
+static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 
+{
+   int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)pkey)));
+   return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder);
+}
+
+static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
+{
+       ASN1_OBJECT *obj=NULL;
+       DSA *dsa = EVP_PKEY_get0(pkey);
+       int nid;
+       if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) {
+               return 0;
+       }
+       nid = OBJ_obj2nid(obj);
+       ASN1_OBJECT_free(obj);
+       if (!dsa) 
+               {
+               dsa=DSA_new();
+               if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_94,dsa)) return 0;
+               }
+       if (!fill_GOST94_params(dsa,nid)) return 0;
+       return 1;
+}      
+
+static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) {
+       ASN1_OBJECT *obj=NULL;
+       int nid;
+       EC_KEY *ec = EVP_PKEY_get0(pkey);
+       if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) {
+               return 0;
+       }
+       nid = OBJ_obj2nid(obj);
+       ASN1_OBJECT_free(obj);
+       if (!ec) 
+               {
+               ec = EC_KEY_new();
+               if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_2001,ec)) return 0;
+               }       
+       if (!fill_GOST2001_params(ec, nid)) return 0;
+       return 1;
+}      
+
+
+
+
+
  /* ----------------------------------------------------------------------*/
  int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info) 
         {
@@ -817,7 +908,8 @@ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pems
                                 priv_decode_gost, priv_encode_gost, 
                                 priv_print_gost94);
  
-                       EVP_PKEY_asn1_set_param (*ameth, 0, 0,
+                       EVP_PKEY_asn1_set_param (*ameth, 
+                               gost94_param_decode, gost94_param_encode,
                                 param_missing_gost94, param_copy_gost94, 
                                 param_cmp_gost94,param_print_gost94 );
                         EVP_PKEY_asn1_set_public (*ameth,
@@ -833,7 +925,8 @@ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pems
                                 priv_decode_gost, priv_encode_gost, 
                                 priv_print_gost01);
  
-                       EVP_PKEY_asn1_set_param (*ameth, 0, 0,
+                       EVP_PKEY_asn1_set_param (*ameth, 
+                               gost2001_param_decode, gost2001_param_encode,
                                 param_missing_gost01, param_copy_gost01, 
                                 param_cmp_gost01, param_print_gost01);
                         EVP_PKEY_asn1_set_public (*ameth,