X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=engines%2Fccgost%2Fgost_ameth.c;h=2cde1fcfd9dfe492f6486911d98dc0eeee9975da;hp=1236d5e7637416acf4cc6d54ebb26eac38054861;hb=5693a30813a031d3921a016a870420e7eb93ec90;hpb=92e2c81affaeb44e82fe2fdd17b201693cc2e161 diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c index 1236d5e763..2cde1fcfd9 100644 --- a/engines/ccgost/gost_ameth.c +++ b/engines/ccgost/gost_ameth.c @@ -7,10 +7,15 @@ * for OpenSSL * * Requires OpenSSL 0.9.9 for compilation * **********************************************************************/ +#include +#include +#include #include #include #include -#include +#ifndef OPENSSL_NO_CMS +#include +#endif #include "gost_params.h" #include "gost_lcl.h" #include "e_gost_err.h" @@ -37,7 +42,7 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) ASN1_STRING *params = ASN1_STRING_new(); GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); int pkey_param_nid = NID_undef; - int cipher_param_nid = NID_undef; + if (!params || !gkp) { GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, @@ -50,7 +55,6 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) { case NID_id_GostR3410_2001: pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key))); - cipher_param_nid = get_encryption_params(NULL)->nid; break; case NID_id_GostR3410_94: pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key)); @@ -62,7 +66,6 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) params=NULL; goto err; } - cipher_param_nid = get_encryption_params(NULL)->nid; break; } gkp->key_params = OBJ_nid2obj(pkey_param_nid); @@ -230,6 +233,24 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); } return 1; +#ifndef OPENSSL_NO_CMS + case ASN1_PKEY_CTRL_CMS_SIGN: + if (arg1 == 0) + { + X509_ALGOR *alg1 = NULL, *alg2 = NULL; + int nid = EVP_PKEY_base_id(pkey); + CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, + NULL, NULL, &alg1, &alg2); + X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), + V_ASN1_NULL, 0); + if (nid == NID_undef) + { + return (-1); + } + X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); + } + return 1; +#endif case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: if (arg1 == 0) { @@ -244,6 +265,22 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, V_ASN1_SEQUENCE, params); } return 1; +#ifndef OPENSSL_NO_CMS + case ASN1_PKEY_CTRL_CMS_ENVELOPE: + if (arg1 == 0) + { + X509_ALGOR *alg; + ASN1_STRING * params = encode_gost_algor_params(pkey); + if (!params) + { + return -1; + } + CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, NULL, &alg); + X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), + V_ASN1_SEQUENCE, params); + } + return 1; +#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: *(int *)arg2 = NID_id_GostR3411_94; return 2; @@ -413,20 +450,21 @@ static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent, BN_print(out,key); BIO_printf(out,"\n"); } - if (type >=1) + if (type >= 1) { BN_CTX *ctx = BN_CTX_new(); BIGNUM *X,*Y; const EC_POINT *pubkey; const EC_GROUP *group; - BN_CTX_start(ctx); - X= BN_CTX_get(ctx); - Y=BN_CTX_get(ctx); + if (!ctx) { GOSTerr(GOST_F_PRINT_GOST_01,ERR_R_MALLOC_FAILURE); return 0; } + BN_CTX_start(ctx); + X = BN_CTX_get(ctx); + Y = BN_CTX_get(ctx); pubkey = EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); if (!EC_POINT_get_affine_coordinates_GFp(group,pubkey,X,Y,ctx)) @@ -798,11 +836,64 @@ static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) switch (op) { case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_undef; + *(int *)arg2 = NID_id_Gost28147_89_MAC; return 2; } return -2; } + +static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder) +{ + int nid=gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey)); + return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder); +} +static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) +{ + int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)pkey))); + return i2d_ASN1_OBJECT(OBJ_nid2obj(nid),pder); +} + +static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) +{ + ASN1_OBJECT *obj=NULL; + DSA *dsa = EVP_PKEY_get0(pkey); + int nid; + if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) { + return 0; + } + nid = OBJ_obj2nid(obj); + ASN1_OBJECT_free(obj); + if (!dsa) + { + dsa=DSA_new(); + if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_94,dsa)) return 0; + } + if (!fill_GOST94_params(dsa,nid)) return 0; + return 1; +} + +static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) { + ASN1_OBJECT *obj=NULL; + int nid; + EC_KEY *ec = EVP_PKEY_get0(pkey); + if (d2i_ASN1_OBJECT(&obj,pder,derlen)==NULL) { + return 0; + } + nid = OBJ_obj2nid(obj); + ASN1_OBJECT_free(obj); + if (!ec) + { + ec = EC_KEY_new(); + if (!EVP_PKEY_assign(pkey,NID_id_GostR3410_2001,ec)) return 0; + } + if (!fill_GOST2001_params(ec, nid)) return 0; + return 1; +} + + + + + /* ----------------------------------------------------------------------*/ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info) { @@ -817,7 +908,8 @@ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pems priv_decode_gost, priv_encode_gost, priv_print_gost94); - EVP_PKEY_asn1_set_param (*ameth, 0, 0, + EVP_PKEY_asn1_set_param (*ameth, + gost94_param_decode, gost94_param_encode, param_missing_gost94, param_copy_gost94, param_cmp_gost94,param_print_gost94 ); EVP_PKEY_asn1_set_public (*ameth, @@ -833,7 +925,8 @@ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pems priv_decode_gost, priv_encode_gost, priv_print_gost01); - EVP_PKEY_asn1_set_param (*ameth, 0, 0, + EVP_PKEY_asn1_set_param (*ameth, + gost2001_param_decode, gost2001_param_encode, param_missing_gost01, param_copy_gost01, param_cmp_gost01, param_print_gost01); EVP_PKEY_asn1_set_public (*ameth,