-# OPENSSL_DIR is a root directory of openssl sources
-THISDIR?=$(shell perl -MCwd -e 'print getcwd')
-OPENSSL_DIR?=$(THISDIR)/../openssl
-ENGINE_ID?=gost
-TESTSUITE_DIR?=$(THISDIR)/test-suite
-FOR?=$(HOST)
-CC=gcc
-CFLAGS=-fPIC -g -Wall -I$(OPENSSL_DIR)/include
-LDFLAGS=-g -L $(OPENSSL_DIR) -static-libgcc
-ifeq "$(FOR)" "s64"
-CFLAGS+=-m64
-LDFLAGS+=-m64
-endif
-OS:=$(shell uname -s)
-ifeq "$(OS)" "FreeBSD"
-LIBDIR:=$(shell LD_LIBRARY_PATH=$(OPENSSL_DIR) $(OPENSSL_DIR)/apps/openssl version -d|sed -e 's/^[^"]*"//' -e 's/".*$$//')/lib
-LDFLAGS+=-rpath $(LIBDIR)
-endif
-
-
-ifeq "$(FOR)" "w32"
-ENGINE_LIB?=$(ENGINE_ID)$(DLLSUFFIX)
-DLLSUFFIX=.dll
-EXESUFFIX=.exe
-CFLAGS+=-mno-cygwin
-LDFLAGS+=-mno-cygwin
-ifeq "$(OS)" "Linux"
-CC=i586-mingw32msvc-gcc
-endif
-LIBS=-lcrypto.dll
-else
-ENGINE_LIB?=lib$(ENGINE_ID)$(DLLSUFFIX)
-LIBS=-lcrypto
-DLLSUFFIX=.so
-endif
-export DLLSUFFIX
-export EXESUFFIX
-ifneq "$(FOR)" ""
-export FOR
-endif
-CFLAGS+=$(DEBUG_FLAGS)
-export ENGINE_LIB
-ENG_SOURCES=md_gost.c gost_crypt.c gost_asn1.c ameth.c pmeth.c\
- gost_crypt.c gost_sign.c gost2001.c md_gost.c gost_crypt.c\
- engine.c gost94_keyx.c keywrap.c gost2001_keyx.c
-all: $(ENGINE_LIB) openssl.cnf
-buildtests:
-$(ENGINE_LIB): e_gost_err.o engine.o ameth.o pmeth.o params.o md_gost.o gosthash.o gost89.o gost_sign.o gost_crypt.o keywrap.o gost2001.o gost94_keyx.o gost2001_keyx.o gost_asn1.o
- $(CC) $(LDFLAGS) -shared -o $@ $+ $(LIBS) $(LDFLAGS)
-openssl.cnf: openssl.cnf.1 openssl.cnf.2
- cat $+ > $@
-openssl.cnf.1:
- echo "openssl_conf = openssl_def" > $@
-openssl.cnf.2:
- echo "[openssl_def]" > $@
- echo "engines = engine_section" >> $@
- echo "[engine_section]" >> $@
- echo "$(ENGINE_ID) = $(ENGINE_ID)_section" >> $@
- echo "[$(ENGINE_ID)_section]" >> $@
- echo "dynamic_path = $(THISDIR)/$(ENGINE_LIB)" >> $@
- echo "engine_id = $(ENGINE_ID)" >> $@
- echo "default_algorithms = ALL" >> $@
-gosthash1.o: gosthash.c
- $(CC) -c $(CFLAGS) -o $@ -DOPENSSL_BUILD $+
-gostsum: gostsum.o gosthash.o gost89.o
-inttests: gosttest$(EXESUFFIX) etalon wraptest$(EXESUFFIX) etalon.wrap ectest$(EXESUFFIX) etalon.ec
- ./gosttest${EXESUFFIX} > gost_test
- diff -uw gost_test etalon
- ./wraptest$(EXESUFFIX) > wrap_test
- diff -uw wrap_test etalon.wrap
- ./ectest$(EXESUFFIX) > ec_test 2>&1
- diff -uw ec_test etalon.ec
-ectest$(EXESUFFIX): ectest.o gost2001_dbg.o gost_sign_dbg.o params.o e_gost_err.o
- $(CC) -o $@ $(LDFLAGS) $+ -lcrypto
-%_dbg.o: %.c
- $(CC) -c $(CFLAGS) -DDEBUG_SIGN -DDEBUG_KEYS -o $@ $+
-gosttest$(EXESUFFIX): gosttest.o gosthash.o gost89.o
- $(CC) $(LDFLAGS) -o $@ $+
-wraptest$(EXESUFFIX): wraptest.c keywrap.c gost89.c
- $(CC) -DDEBUG_DH $(LDFLAGS) -o $@ $+
-sign_ex: LOADLIBES=-lcrypto
-sign_ex: sign_ex.o
-clean:
- rm -f core gosttest gostsum *.o gost_test openssl.cnf* $(ENGINE_LIB)
- if [ -f t/Makefile ]; then $(MAKE) -C t clean; fi
- if [ -f $(TESTSUITE_DIR)/Makefile ]; then $(MAKE) -C $(TESTSUITE_DIR) clean; fi
-e_gost_err.c e_gost_err.h: $(ENG_SOURCES) gost.ec e_gost_err.proto
- perl $(OPENSSL_DIR)/util/mkerr.pl -conf gost.ec -nostatic -debug -write $(ENG_SOURCES)
+DIR=ccgost
+TOP=../..
+CC=cc
+INCLUDES= -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+CFLAGS= $(INCLUDES) $(CFLAG)
+LIB=$(TOP)/libcrypto.a
-tests: openssl.cnf.2
- OPENSSL_DIR=$(OPENSSL_DIR) $(MAKE) -C $(TESTSUITE_DIR) CONFADD=$(THISDIR)/openssl.cnf.2
+LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
-# depedencies
-#
-#
-gost_sign.o: gost_sign.c sign.h paramset.h tools.h e_gost_err.h
+LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o
-pmeth.o: pmeth.c meth.h pmeth.h sign.h paramset.h e_gost_err.h
+SRC=$(LIBSRC)
-ameth.o: ameth.c tools.h meth.h pmeth.h gost_asn1.h crypt.h e_gost_err.h paramset.h
+LIBNAME=gost
-keywrap.o: keywrap.c gost89.h keywrap.h
+top:
+ (cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all)
-gost2001.o: gost2001.c tools.h sign.h paramset.h e_gost_err.h
+all: lib
-engine.o: engine.c md.h crypt.h meth.h e_gost_err.h
+tags:
+ ctags $(SRC)
-gost89.o: gost89.c gost89.h
+errors:
+ $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -debug -write $(SRC)
+
+lib: $(LIBOBJ)
+ if [ -n "$(SHARED_LIBS)" ]; then \
+ $(MAKE) -f $(TOP)/Makefile.shared -e \
+ LIBNAME=$(LIBNAME) \
+ LIBEXTRAS='$(LIBOBJ)' \
+ LIBDEPS='-L$(TOP) -lcrypto' \
+ link_o.$(SHLIB_TARGET); \
+ else \
+ $(AR) $(LIB) $(LIBOBJ); \
+ fi
+
+install:
+ [ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+ if [ -n "$(SHARED_LIBS)" ]; then \
+ set -e; \
+ echo installing $(LIBNAME); \
+ if [ "$(PLATFORM)" != "Cygwin" ]; then \
+ case "$(CFLAGS)" in \
+ *DSO_BEOS*) sfx="so";; \
+ *DSO_DLFCN*) sfx="so";; \
+ *DSO_DL*) sfx="sl";; \
+ *) sfx="bad";; \
+ esac; \
+ cp lib$(LIBNAME).$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$(LIBNAME).$$sfx.new; \
+ else \
+ sfx="so"; \
+ cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$(LIBNAME).$$sfx.new; \
+ fi; \
+ chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$(LIBNAME).$$sfx.new; \
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$(LIBNAME).$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/lib/engines/lib$(LIBNAME).$$sfx; \
+ fi
+
+links:
-gost_asn1.o: gost_asn1.c gost_asn1.h
+tests:
-gost_crypt.o: gost_crypt.c crypt.h gost89.h e_gost_err.h gost_asn1.h
+depend:
+ @if [ -z "$(THIS)" ]; then \
+ $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+ else \
+ $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+ fi
-gosthash.o: gosthash.c gost89.h gosthash.h
+files:
-md_gost.o: md_gost.c md.h gosthash.h e_gost_err.h
-params.o: params.c paramset.h
-gost94_keyx.o: gost94_keyx.c gost_asn1.h gost89.h gosthash.h crypt.h pmeth.h keywrap.h e_gost_err.h gostkeyx.h
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
-gost2001_keyx.o: gost2001_keyx.c gost89.h gost_asn1.h e_gost_err.h keywrap.h crypt.h sign.h gostkeyx.h pmeth.h gosthash.h tools.h
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h
+gost2001.o: gosthash.h
+gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost2001_keyx.o: ../../include/openssl/obj_mac.h
+gost2001_keyx.o: ../../include/openssl/objects.h
+gost2001_keyx.o: ../../include/openssl/opensslconf.h
+gost2001_keyx.o: ../../include/openssl/opensslv.h
+gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c
+gost2001_keyx.o: gost89.h gost_keywrap.h gost_lcl.h gosthash.h
+gost89.o: gost89.c gost89.h
+gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost94_keyx.o: ../../include/openssl/objects.h
+gost94_keyx.o: ../../include/openssl/opensslconf.h
+gost94_keyx.o: ../../include/openssl/opensslv.h
+gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
+gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ameth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_ameth.o: ../../include/openssl/opensslconf.h
+gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h
+gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_asn1.o: ../../include/openssl/opensslconf.h
+gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h
+gost_asn1.o: gosthash.h
+gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_crypt.o: ../../include/openssl/opensslconf.h
+gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h
+gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ctl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_ctl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_ctl.o: ../../include/openssl/opensslconf.h
+gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h
+gost_ctl.o: gosthash.h
+gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_eng.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_eng.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_eng.o: ../../include/openssl/opensslconf.h
+gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c
+gost_eng.o: gost_lcl.h gosthash.h
+gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h
+gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h
+gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_params.o: ../../include/openssl/opensslconf.h
+gost_params.o: ../../include/openssl/opensslv.h
+gost_params.o: ../../include/openssl/ossl_typ.h
+gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h
+gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_pmeth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_pmeth.o: ../../include/openssl/opensslconf.h
+gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_pmeth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_lcl.h
+gost_pmeth.o: gost_params.h gost_pmeth.c gosthash.h
+gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_sign.o: ../../include/openssl/opensslconf.h
+gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c
+gost_sign.o: gosthash.h
+gosthash.o: gost89.h gosthash.c gosthash.h
+++ /dev/null
-/**********************************************************************
- * gost_crypt.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declarations for GOST 28147-89 encryption algorithm *
- * OpenSSL 0.9.9 libraries required *
- **********************************************************************/
-#ifndef GOST_CRYPT_H
-#define GOST_CRYPT_H
-#include <unistd.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include "gost89.h"
-#ifdef __cplusplus
- extern "C" {
-#endif
-/* Cipher context used for EVP_CIPHER operation */
-struct ossl_gost_cipher_ctx {
- int paramNID;
- off_t count;
- int key_meshing;
- gost_ctx cctx;
-};
-/* Structure to map parameter NID to S-block */
-struct gost_cipher_info {
- int nid;
- gost_subst_block *sblock;
- int key_meshing;
-};
-#ifdef USE_SSL
-/* Context for MAC */
-struct ossl_gost_imit_ctx {
- gost_ctx cctx;
- unsigned char buffer[8];
- unsigned char partial_block[8];
- off_t count;
- int key_meshing;
- int bytes_left;
- int key_set;
-};
-#endif
-/* Table which maps parameter NID to S-blocks */
-extern struct gost_cipher_info gost_cipher_list[];
-/* Find encryption params from ASN1_OBJECT */
-const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
-/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-extern EVP_CIPHER cipher_gost;
-#ifdef USE_SSL
-#define EVP_MD_FLAG_NEEDS_KEY 0x20
-#define EVP_MD_CTRL_GET_TLS_MAC_KEY_LENGTH (EVP_MD_CTRL_ALG_CTRL+1)
-#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+2)
-/* Ciphers and MACs specific for GOST TLS draft */
-extern EVP_CIPHER cipher_gost_vizircfb;
-extern EVP_CIPHER cipher_gost_cpacnt;
-extern EVP_MD imit_gost_vizir;
-extern EVP_MD imit_gost_cpa;
-#endif
-#ifdef __cplusplus
- };
-#endif
-#endif
static ERR_STRING_DATA GOST_str_functs[]=
{
-{ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"},
-{ERR_FUNC(GOST_F_DECRYPT_CRYPTOCOM_KEY), "decrypt_cryptocom_key"},
-{ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"},
-{ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"},
-{ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"},
-{ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "get_encryption_params"},
-{ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"},
-{ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"},
-{ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"},
-{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "gost89_get_asn1_parameters"},
-{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "gost89_set_asn1_parameters"},
-{ERR_FUNC(GOST_F_GOST94_COPY_PARAMETERS), "GOST94_COPY_PARAMETERS"},
-{ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "gost_cipher_ctl"},
-{ERR_FUNC(GOST_F_GOST_COMPUTE_PUBLIC), "GOST_COMPUTE_PUBLIC"},
-{ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
-{ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"},
-{ERR_FUNC(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001), "MAKE_RFC4490_KEYTRANSPORT_2001"},
-{ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
-{ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94"},
-{ERR_FUNC(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT), "PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT"},
-{ERR_FUNC(GOST_F_PKCS7_GOST94_KEY_TRANSPORT_DECRYPT), "PKCS7_GOST94_KEY_TRANSPORT_DECRYPT"},
-{ERR_FUNC(GOST_F_PKEY_GOST01CC_DECRYPT), "pkey_GOST01cc_decrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST01CC_ENCRYPT), "pkey_GOST01cc_encrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "pkey_GOST01cp_encrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_KEYGEN), "PKEY_GOST01_KEYGEN"},
-{ERR_FUNC(GOST_F_PKEY_GOST94CC_DECRYPT), "pkey_GOST94cc_decrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST94CC_ENCRYPT), "pkey_GOST94cc_encrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "pkey_GOST94cp_decrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "pkey_GOST94cp_encrypt"},
-{ERR_FUNC(GOST_F_PKEY_GOST94_KEYGEN), "PKEY_GOST94_KEYGEN"},
-{ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"},
-{ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"},
-{ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTRL94_STR"},
-{ERR_FUNC(GOST_F_PRIV_DECODE_GOST_94), "PRIV_DECODE_GOST_94"},
-{ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
-{ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"},
-{ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
-{ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"},
-{ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"},
-{0,NULL}
+ {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"},
+ {ERR_FUNC(GOST_F_DECRYPT_CRYPTOCOM_KEY), "decrypt_cryptocom_key"},
+ {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"},
+ {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"},
+ {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"},
+ {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "get_encryption_params"},
+ {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"},
+ {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"},
+ {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"},
+ {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "gost89_get_asn1_parameters"},
+ {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "gost89_set_asn1_parameters"},
+ {ERR_FUNC(GOST_F_GOST94_COPY_PARAMETERS), "GOST94_COPY_PARAMETERS"},
+ {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "gost_cipher_ctl"},
+ {ERR_FUNC(GOST_F_GOST_COMPUTE_PUBLIC), "GOST_COMPUTE_PUBLIC"},
+ {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
+ {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"},
+ {ERR_FUNC(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001), "MAKE_RFC4490_KEYTRANSPORT_2001"},
+ {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
+ {ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94"},
+ {ERR_FUNC(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT), "PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT"},
+ {ERR_FUNC(GOST_F_PKCS7_GOST94_KEY_TRANSPORT_DECRYPT), "PKCS7_GOST94_KEY_TRANSPORT_DECRYPT"},
+ {ERR_FUNC(GOST_F_PKEY_GOST01CC_DECRYPT), "pkey_GOST01cc_decrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST01CC_ENCRYPT), "pkey_GOST01cc_encrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "pkey_GOST01cp_encrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST01_KEYGEN), "PKEY_GOST01_KEYGEN"},
+ {ERR_FUNC(GOST_F_PKEY_GOST94CC_DECRYPT), "pkey_GOST94cc_decrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST94CC_ENCRYPT), "pkey_GOST94cc_encrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "pkey_GOST94cp_decrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "pkey_GOST94cp_encrypt"},
+ {ERR_FUNC(GOST_F_PKEY_GOST94_KEYGEN), "PKEY_GOST94_KEYGEN"},
+ {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"},
+ {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"},
+ {ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTRL94_STR"},
+ {ERR_FUNC(GOST_F_PRIV_DECODE_GOST_94), "PRIV_DECODE_GOST_94"},
+ {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
+ {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"},
+ {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
+ {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"},
+ {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"},
+ {0,NULL}
};
static ERR_STRING_DATA GOST_str_reasons[]=
{
-{ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"},
-{ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"},
-{ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"},
-{ERR_REASON(GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT),"ctx not initialized for encrypt"},
-{ERR_REASON(GOST_R_ERROR_COMPUTING_MAC) ,"error computing mac"},
-{ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"},
-{ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),"error packing key transport info"},
-{ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),"error parsing key transport info"},
-{ERR_REASON(GOST_R_ERROR_STORING_ENCRYPTED_KEY),"error storing encrypted key"},
-{ERR_REASON(GOST_R_ERROR_STORING_IV) ,"error storing iv"},
-{ERR_REASON(GOST_R_ERROR_STORING_MAC) ,"error storing mac"},
-{ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompatible algorithms"},
-{ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS),"invalid cipher params"},
-{ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID),"invalid cipher param oid"},
-{ERR_REASON(GOST_R_INVALID_DIGEST_TYPE) ,"invalid digest type"},
-{ERR_REASON(GOST_R_INVALID_ENCRYPTED_KEY_SIZE),"invalid encrypted key size"},
-{ERR_REASON(GOST_R_INVALID_GOST94_PARMSET),"invalid gost94 parmset"},
-{ERR_REASON(GOST_R_INVALID_IV_LENGTH) ,"invalid iv length"},
-{ERR_REASON(GOST_R_INVALID_PARAMSET) ,"invalid paramset"},
-{ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED),"key is not initalized"},
-{ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"},
-{ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"},
-{ERR_REASON(GOST_R_MALLOC_FAILURE) ,"malloc failure"},
-{ERR_REASON(GOST_R_NOT_ENOUGH_SPACE_FOR_KEY),"not enough space for key"},
-{ERR_REASON(GOST_R_NO_MEMORY) ,"no memory"},
-{ERR_REASON(GOST_R_NO_PARAMETERS_SET) ,"no parameters set"},
-{ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"},
-{ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR),"random generator error"},
-{ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"},
-{ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"random number generator failed"},
-{ERR_REASON(GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH),"session key mac does not match"},
-{ERR_REASON(GOST_R_SIGNATURE_MISMATCH) ,"signature mismatch"},
-{ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"signature parts greater than q"},
-{ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),"unsupported cipher ctl command"},
-{ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),"unsupported parameter set"},
-{0,NULL}
+ {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"},
+ {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"},
+ {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"},
+ {ERR_REASON(GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT),"ctx not initialized for encrypt"},
+ {ERR_REASON(GOST_R_ERROR_COMPUTING_MAC) ,"error computing mac"},
+ {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"},
+ {ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),"error packing key transport info"},
+ {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),"error parsing key transport info"},
+ {ERR_REASON(GOST_R_ERROR_STORING_ENCRYPTED_KEY),"error storing encrypted key"},
+ {ERR_REASON(GOST_R_ERROR_STORING_IV) ,"error storing iv"},
+ {ERR_REASON(GOST_R_ERROR_STORING_MAC) ,"error storing mac"},
+ {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompatible algorithms"},
+ {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS),"invalid cipher params"},
+ {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID),"invalid cipher param oid"},
+ {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE) ,"invalid digest type"},
+ {ERR_REASON(GOST_R_INVALID_ENCRYPTED_KEY_SIZE),"invalid encrypted key size"},
+ {ERR_REASON(GOST_R_INVALID_GOST94_PARMSET),"invalid gost94 parmset"},
+ {ERR_REASON(GOST_R_INVALID_IV_LENGTH) ,"invalid iv length"},
+ {ERR_REASON(GOST_R_INVALID_PARAMSET) ,"invalid paramset"},
+ {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED),"key is not initalized"},
+ {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"},
+ {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"},
+ {ERR_REASON(GOST_R_MALLOC_FAILURE) ,"malloc failure"},
+ {ERR_REASON(GOST_R_NOT_ENOUGH_SPACE_FOR_KEY),"not enough space for key"},
+ {ERR_REASON(GOST_R_NO_MEMORY) ,"no memory"},
+ {ERR_REASON(GOST_R_NO_PARAMETERS_SET) ,"no parameters set"},
+ {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"},
+ {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR),"random generator error"},
+ {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"},
+ {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"random number generator failed"},
+ {ERR_REASON(GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH),"session key mac does not match"},
+ {ERR_REASON(GOST_R_SIGNATURE_MISMATCH) ,"signature mismatch"},
+ {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"signature parts greater than q"},
+ {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),"unsupported cipher ctl command"},
+ {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),"unsupported parameter set"},
+ {0,NULL}
};
#endif
#ifdef GOST_LIB_NAME
static ERR_STRING_DATA GOST_lib_name[]=
- {
-{0 ,GOST_LIB_NAME},
-{0,NULL}
+ {
+ {0 ,GOST_LIB_NAME},
+ {0,NULL}
};
#endif
* Implementation of GOST R 34.10-2001 *
* Requires OpenSSL 0.9.9 for compilation *
**********************************************************************/
-#include "tools.h"
-#include "sign.h"
-#include "paramset.h"
+#include "gost_lcl.h"
+#include "gost_params.h"
#include <string.h>
#include <openssl/rand.h>
#include <openssl/ecdsa.h>
* Also fils DSA->q field with copy of EC_GROUP order field to make
* DSA_size function work
*/
-int fill_GOST2001_params(EC_KEY *eckey, int nid) {
+int fill_GOST2001_params(EC_KEY *eckey, int nid)
+ {
R3410_2001_params *params = R3410_2001_paramset;
- EC_GROUP *grp;
+ EC_GROUP *grp=NULL;
BIGNUM *p=NULL,*q=NULL,*a=NULL,*b=NULL,*x=NULL,*y=NULL;
EC_POINT *P=NULL;
BN_CTX *ctx=BN_CTX_new();
y=BN_CTX_get(ctx);
q=BN_CTX_get(ctx);
while (params->nid!=NID_undef && params->nid != nid) params++;
- if (params->nid == NID_undef) {
+ if (params->nid == NID_undef)
+ {
GOSTerr(GOST_F_FILL_GOST2001_PARAMS,GOST_R_UNSUPPORTED_PARAMETER_SET);
goto err;
- }
+ }
BN_hex2bn(&p,params->p);
BN_hex2bn(&a,params->a);
BN_hex2bn(&b,params->b);
BN_hex2bn(&q,params->q);
#ifdef DEBUG_KEYS
fprintf(stderr,"Set params index %d oid %s\nq=",
- (params-R3410_2001_paramset),OBJ_nid2sn(params->nid));
+ (params-R3410_2001_paramset),OBJ_nid2sn(params->nid));
BN_print_fp(stderr,q);
fprintf(stderr,"\n");
#endif
EC_KEY_set_group(eckey,grp);
ok=1;
-err:
+ err:
EC_POINT_free(P);
EC_GROUP_free(grp);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ok;
-
-}
+ }
/*
*
*
*/
-DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey) {
- DSA_SIG *newsig = NULL;
- BIGNUM *md = hashsum2bn(dgst);
- BIGNUM *order = NULL;
- const EC_GROUP *group;
- const BIGNUM *priv_key;
- BIGNUM *r=NULL,*s=NULL,*X=NULL,*tmp=NULL,*tmp2=NULL, *k=NULL,*e=NULL;
- EC_POINT *C=NULL;
- BN_CTX *ctx = BN_CTX_new();
- BN_CTX_start(ctx);
- OPENSSL_assert(dlen==32);
- newsig=DSA_SIG_new();
- if (!newsig)
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey)
+ {
+ DSA_SIG *newsig = NULL;
+ BIGNUM *md = hashsum2bn(dgst);
+ BIGNUM *order = NULL;
+ const EC_GROUP *group;
+ const BIGNUM *priv_key;
+ BIGNUM *r=NULL,*s=NULL,*X=NULL,*tmp=NULL,*tmp2=NULL, *k=NULL,*e=NULL;
+ EC_POINT *C=NULL;
+ BN_CTX *ctx = BN_CTX_new();
+ BN_CTX_start(ctx);
+ OPENSSL_assert(dlen==32);
+ newsig=DSA_SIG_new();
+ if (!newsig)
{
- GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_NO_MEMORY);
- goto err;
+ GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_NO_MEMORY);
+ goto err;
}
- group = EC_KEY_get0_group(eckey);
- order=BN_CTX_get(ctx);
- EC_GROUP_get_order(group,order,ctx);
- priv_key = EC_KEY_get0_private_key(eckey);
- e = BN_CTX_get(ctx);
- BN_mod(e,md,order,ctx);
+ group = EC_KEY_get0_group(eckey);
+ order=BN_CTX_get(ctx);
+ EC_GROUP_get_order(group,order,ctx);
+ priv_key = EC_KEY_get0_private_key(eckey);
+ e = BN_CTX_get(ctx);
+ BN_mod(e,md,order,ctx);
#ifdef DEBUG_SIGN
- fprintf(stderr,"digest as bignum=");
- BN_print_fp(stderr,md);
- fprintf(stderr,"\ndigest mod q=");
- BN_print_fp(stderr,e);
- fprintf(stderr,"\n");
+ fprintf(stderr,"digest as bignum=");
+ BN_print_fp(stderr,md);
+ fprintf(stderr,"\ndigest mod q=");
+ BN_print_fp(stderr,e);
+ fprintf(stderr,"\n");
#endif
- if (BN_is_zero(e))
+ if (BN_is_zero(e))
{
- BN_one(e);
+ BN_one(e);
}
- k =BN_CTX_get(ctx);
- C=EC_POINT_new(group);
- do {
- do {
- if (!BN_rand_range(k,order))
+ k =BN_CTX_get(ctx);
+ C=EC_POINT_new(group);
+ do
+ {
+ do
+ {
+ if (!BN_rand_range(k,order))
{
- GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
- DSA_SIG_free(newsig);
- goto err;
+ GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
+ DSA_SIG_free(newsig);
+ goto err;
}
- if (!EC_POINT_mul(group,C,k,NULL,NULL,ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
- DSA_SIG_free(newsig);
- goto err;
+ if (!EC_POINT_mul(group,C,k,NULL,NULL,ctx))
+ {
+ GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
+ DSA_SIG_free(newsig);
+ goto err;
}
- if (!X) X=BN_CTX_get(ctx);
- if (!EC_POINT_get_affine_coordinates_GFp(group,C,X,NULL,ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
- DSA_SIG_free(newsig);
- goto err;
+ if (!X) X=BN_CTX_get(ctx);
+ if (!EC_POINT_get_affine_coordinates_GFp(group,C,X,NULL,ctx))
+ {
+ GOSTerr(GOST_F_GOST2001_DO_SIGN,ERR_R_EC_LIB);
+ DSA_SIG_free(newsig);
+ goto err;
}
- if (!r) r=BN_CTX_get(ctx);
- BN_nnmod(r,X,order,ctx);
- } while (BN_is_zero(r));
- /* s = (r*priv_key+k*e) mod order */
- if (!tmp) tmp = BN_CTX_get(ctx);
- BN_mod_mul(tmp,priv_key,r,order,ctx);
- if (!tmp2) tmp2 = BN_CTX_get(ctx);
- BN_mod_mul(tmp2,k,e,order,ctx);
- if (!s) s=BN_CTX_get(ctx);
- BN_mod_add(s,tmp,tmp2,order,ctx);
- } while (BN_is_zero(s));
+ if (!r) r=BN_CTX_get(ctx);
+ BN_nnmod(r,X,order,ctx);
+ }
+ while (BN_is_zero(r));
+ /* s = (r*priv_key+k*e) mod order */
+ if (!tmp) tmp = BN_CTX_get(ctx);
+ BN_mod_mul(tmp,priv_key,r,order,ctx);
+ if (!tmp2) tmp2 = BN_CTX_get(ctx);
+ BN_mod_mul(tmp2,k,e,order,ctx);
+ if (!s) s=BN_CTX_get(ctx);
+ BN_mod_add(s,tmp,tmp2,order,ctx);
+ }
+ while (BN_is_zero(s));
- newsig->s=BN_dup(s);
- newsig->r=BN_dup(r);
-err:
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- EC_POINT_free(C);
- BN_free(md);
- return newsig;
-}
+ newsig->s=BN_dup(s);
+ newsig->r=BN_dup(r);
+ err:
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ EC_POINT_free(C);
+ BN_free(md);
+ return newsig;
+ }
/*
* Verifies gost 2001 signature
*
*/
int gost2001_do_verify(const unsigned char *dgst,int dgst_len,
- DSA_SIG *sig, EC_KEY *ec) {
+ DSA_SIG *sig, EC_KEY *ec)
+ {
BN_CTX *ctx=BN_CTX_new();
const EC_GROUP *group = EC_KEY_get0_group(ec);
BIGNUM *order;
pub_key = EC_KEY_get0_public_key(ec);
if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
(BN_cmp(sig->s,order)>=1) || (BN_cmp(sig->r,order)>=1))
- {
- GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
- goto err;
+ {
+ GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+ goto err;
- }
+ }
md = hashsum2bn(dgst);
BN_mod(e,md,order,ctx);
#endif
C = EC_POINT_new(group);
if (!EC_POINT_mul(group,C,z1,pub_key,z2,ctx))
- {
+ {
GOSTerr(GOST_F_GOST2001_DO_VERIFY,ERR_R_EC_LIB);
goto err;
- }
+ }
if (!EC_POINT_get_affine_coordinates_GFp(group,C,X,NULL,ctx))
- {
+ {
GOSTerr(GOST_F_GOST2001_DO_VERIFY,ERR_R_EC_LIB);
goto err;
- }
+ }
BN_mod(R,X,order,ctx);
#ifdef DEBUG_SIGN
fprintf(stderr,"\nX=");
BN_print_fp(stderr,R);
fprintf(stderr,"\n");
#endif
- if (BN_cmp(R,sig->r)!=0) {
+ if (BN_cmp(R,sig->r)!=0)
+ {
GOSTerr(GOST_F_GOST2001_DO_VERIFY,GOST_R_SIGNATURE_MISMATCH);
- } else {
+ }
+ else
+ {
ok = 1;
- }
-err:
+ }
+ err:
EC_POINT_free(C);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_free(md);
return ok;
-}
+ }
/*
* Computes GOST R 34.10-2001 public key
*
*
*/
int gost2001_compute_public(EC_KEY *ec)
-{
+ {
const EC_GROUP *group = EC_KEY_get0_group(ec);
EC_POINT *pub_key=NULL;
const BIGNUM *priv_key=NULL;
BN_CTX *ctx=NULL;
int ok=0;
- if (!group) {
+ if (!group)
+ {
GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,GOST_R_KEY_IS_NOT_INITIALIZED);
return 0;
- }
+ }
ctx=BN_CTX_new();
BN_CTX_start(ctx);
if (!(priv_key=EC_KEY_get0_private_key(ec)))
- {
+ {
GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
goto err;
- }
+ }
pub_key = EC_POINT_new(group);
if (!EC_POINT_mul(group,pub_key,priv_key,NULL,NULL,ctx))
- {
+ {
GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
goto err;
- }
- if (!EC_KEY_set_public_key(ec,pub_key)) {
+ }
+ if (!EC_KEY_set_public_key(ec,pub_key))
+ {
GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,ERR_R_EC_LIB);
goto err;
- }
+ }
ok = 256;
-err:
+ err:
BN_CTX_end(ctx);
EC_POINT_free(pub_key);
BN_CTX_free(ctx);
return ok;
-}
+ }
/*
*
* Generates GOST R 34.10-2001 keypair
*
*
*/
-int gost2001_keygen(EC_KEY *ec) {
+int gost2001_keygen(EC_KEY *ec)
+ {
BIGNUM *order = BN_new(),*d=BN_new();
const EC_GROUP *group = EC_KEY_get0_group(ec);
EC_GROUP_get_order(group,order,NULL);
- do {
- if (!BN_rand_range(d,order))
+ do
{
+ if (!BN_rand_range(d,order))
+ {
GOSTerr(GOST_F_GOST2001_DO_SIGN,GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
BN_free(d);
BN_free(order);
return 0;
- }
- } while (BN_is_zero(d));
+ }
+ }
+ while (BN_is_zero(d));
EC_KEY_set_private_key(ec,d);
BN_free(d);
BN_free(order);
return gost2001_compute_public(ec);
-}
+ }
#include <openssl/objects.h>
#include "gost89.h"
#include "gosthash.h"
-#include "gost_asn1.h"
#include "e_gost_err.h"
-#include "keywrap.h"
-#include "crypt.h"
-#include "sign.h"
-#include "pmeth.h"
-#include "tools.h"
-#include "gostkeyx.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
/* Transform ECDH shared key into little endian as required by Cryptocom
* key exchange */
-static void *make_key_le(const void *in, size_t inlen, void *out, size_t *outlen) {
+static void *make_key_le(const void *in, size_t inlen, void *out, size_t *outlen)
+ {
const char* inbuf= in;
char* outbuf= out;
int i;
- if (*outlen < inlen) {
- return NULL;
- }
- for (i=0;i<inlen;i++) {
+ if (*outlen < inlen)
+ {
+ return NULL;
+ }
+ for (i=0;i<inlen;i++)
+ {
outbuf[inlen-1-i]=inbuf[i];
- }
+ }
*outlen = inlen;
return out;
-}
+ }
/* Create gost 2001 ephemeral key with same parameters as peer key */
-static EC_KEY *make_ec_ephemeral_key(EC_KEY *peer_key,BIGNUM *seckey) {
+static EC_KEY *make_ec_ephemeral_key(EC_KEY *peer_key,BIGNUM *seckey)
+ {
EC_KEY *out = EC_KEY_new();
EC_KEY_copy(out,peer_key);
EC_KEY_set_private_key(out,seckey);
gost2001_compute_public(out);
return out;
-}
+ }
/* Packs GOST elliptic curve key into EVP_PKEY setting same parameters
* as in passed pubkey
*/
static EVP_PKEY *ec_ephemeral_key_to_EVP(EVP_PKEY *pubk,int type,EC_KEY *ephemeral)
-{
+ {
EVP_PKEY *newkey;
newkey = EVP_PKEY_new();
EVP_PKEY_assign(newkey,type,ephemeral);
return newkey;
-}
+ }
/*
* EVP_PKEY_METHOD callback encrypt
int pkey_GOST01cc_encrypt (EVP_PKEY_CTX *pctx,unsigned char *out,
size_t *out_len, const unsigned char *key,size_t key_len)
-{
+ {
EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
GOST_KEY_TRANSPORT *gkt = NULL;
EC_KEY *ephemeral=NULL;
const EC_POINT *pub_key_point=NULL;
unsigned char shared_key[32],encrypted_key[32],hmac[4],
- iv[8]={0,0,0,0,0,0,0,0};
+ iv[8]={0,0,0,0,0,0,0,0};
ephemeral = make_ec_ephemeral_key(EVP_PKEY_get0(pubk), gost_get_priv_key(data->eph_seckey));
if (!ephemeral) goto err;
/* compute shared key */
pub_key_point=EC_KEY_get0_public_key(EVP_PKEY_get0(pubk));
if (!ECDH_compute_key(shared_key,32,pub_key_point,ephemeral,make_key_le))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_ERROR_COMPUTING_SHARED_KEY);
goto err;
- }
+ }
/* encrypt session key */
gost_init(&ctx, &GostR3411_94_CryptoProParamSet);
gost_key(&ctx,shared_key);
encrypt_cryptocom_key(key,key_len,encrypted_key,&ctx);
/* compute hmac of session key */
if (!gost_mac(&ctx,32,key,32,hmac))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_ERROR_COMPUTING_MAC);
return -1;
- }
+ }
gkt = GOST_KEY_TRANSPORT_new();
if (!gkt)
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_NO_MEMORY);
return -1;
- }
+ }
/* Store IV which is always zero in our case */
if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,iv,8))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_ERROR_STORING_IV);
goto err;
- }
+ }
if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,hmac,4))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_ERROR_STORING_MAC);
goto err;
- }
+ }
if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,encrypted_key,32))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_ERROR_STORING_ENCRYPTED_KEY);
goto err;
- }
+ }
- if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey)) {
+ if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey))
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_ENCRYPT,GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
goto err;
- }
+ }
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(NID_id_Gost28147_89_cc);
if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt,&out))>0) ret = 1;
;
-err:
+ err:
if (gkt) GOST_KEY_TRANSPORT_free(gkt);
return ret;
-}
+ }
/*
* EVP_PKEY_METHOD callback decrypt
* Implementation of GOST2001 key transport, cryptocom variation
*/
-int pkey_GOST01cc_decrypt (EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len) {
+int pkey_GOST01cc_decrypt (EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len)
+ {
/* Form DH params from compute shared key */
EVP_PKEY *priv=EVP_PKEY_CTX_get0_pkey(pctx);
GOST_KEY_TRANSPORT *gkt = NULL;
const EC_POINT *pub_key_point;
EVP_PKEY *eph_key;
- if (!key) {
+ if (!key)
+ {
*key_len = 32;
return 1;
- }
+ }
/* Parse passed octet string and find out public key, iv and HMAC*/
gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
- in_len);
- if (!gkt) {
+ in_len);
+ if (!gkt)
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
return 0;
- }
+ }
eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
/* Initialization vector is really ignored here */
OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
i=ECDH_compute_key(shared_key,32,pub_key_point,EVP_PKEY_get0(priv),make_key_le);
EVP_PKEY_free(eph_key);
if (!i)
- {
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_DECRYPT,GOST_R_ERROR_COMPUTING_SHARED_KEY);
GOST_KEY_TRANSPORT_free(gkt);
return 0;
- }
+ }
/* Decrypt session key */
gost_init(&ctx, &GostR3411_94_CryptoProParamSet);
gost_key(&ctx,shared_key);
if (!decrypt_cryptocom_key(key,*key_len,gkt->key_info->encrypted_key->data,
gkt->key_info->encrypted_key->length, &ctx))
- {
+ {
GOST_KEY_TRANSPORT_free(gkt);
return 0;
- }
+ }
GOST_KEY_TRANSPORT_free(gkt);
/* check HMAC of session key*/
- if (!gost_mac(&ctx,32,key,32,hmac_comp)) {
+ if (!gost_mac(&ctx,32,key,32,hmac_comp))
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_DECRYPT,GOST_R_ERROR_COMPUTING_MAC);
return 0;
- }
- /* HMAC of session key is not correct */
- if (memcmp(hmac,hmac_comp,4)!=0) {
+ }
+ /* HMAC of session key is not correct */
+ if (memcmp(hmac,hmac_comp,4)!=0)
+ {
GOSTerr(GOST_F_PKEY_GOST01CC_DECRYPT,GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH);
return 0;
- }
+ }
return 1;
-}
+ }
/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
-static int VKO_compute_key(unsigned char *shared_key,size_t shared_key_size,const EC_POINT *pub_key,EC_KEY *priv_key,const unsigned char *ukm) {
+static int VKO_compute_key(unsigned char *shared_key,size_t shared_key_size,const EC_POINT *pub_key,EC_KEY *priv_key,const unsigned char *ukm)
+ {
unsigned char ukm_be[8],databuf[64],hashbuf[64];
BIGNUM *UKM=NULL,*p=NULL,*order=NULL,*X=NULL,*Y=NULL;
const BIGNUM* key=EC_KEY_get0_private_key(priv_key);
gost_hash_ctx hash_ctx;
BN_CTX *ctx = BN_CTX_new();
- for (i=0;i<8;i++) {
+ for (i=0;i<8;i++)
+ {
ukm_be[7-i]=ukm[i];
- }
+ }
BN_CTX_start(ctx);
UKM=getbnfrombuf(ukm_be,8);
p=BN_CTX_get(ctx);
BN_mod_mul(p,key,UKM,order,ctx);
EC_POINT_mul(EC_KEY_get0_group(priv_key),pnt,NULL,pub_key,p,ctx);
EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key),
- pnt,X,Y,ctx);
+ pnt,X,Y,ctx);
/*Serialize elliptic curve point same way as we do it when saving
* key */
store_bignum(Y,databuf,32);
store_bignum(X,databuf+32,32);
/* And reverse byte order of whole buffer */
- for (i=0;i<64;i++) {
+ for (i=0;i<64;i++)
+ {
hashbuf[63-i]=databuf[i];
- }
+ }
init_gost_hash_ctx(&hash_ctx,&GostR3411_94_CryptoProParamSet);
start_hash(&hash_ctx);
hash_block(&hash_ctx,hashbuf,64);
BN_CTX_free(ctx);
EC_POINT_free(pnt);
return 32;
-}
+ }
/* Generates ephemeral key based on pubk algorithm
* computes shared key using VKO and returns filled up
*/
/* Public, because it would be needed in SSL implementation */
GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk,BIGNUM *eph_key,
- const unsigned char *key,size_t keylen, unsigned char *ukm,
- size_t ukm_len)
-{
+ const unsigned char *key,size_t keylen, unsigned char *ukm,
+ size_t ukm_len)
+ {
const struct gost_cipher_info *param=get_encryption_params(NULL);
EC_KEY *ephemeral = NULL;
EVP_PKEY *newkey=NULL;
/* Do not use vizir cipher parameters with cryptopro */
- if (!getenv("CRYPT_PARAMS") && param == gost_cipher_list) {
+ if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) && param == gost_cipher_list)
+ {
param= gost_cipher_list+1;
- }
+ }
ephemeral = make_ec_ephemeral_key(EVP_PKEY_get0(pubk),eph_key);
VKO_compute_key(shared_key,32,pub_key_point,ephemeral,ukm);
gost_init(&ctx,param->sblock);
keyWrapCryptoPro(&ctx,shared_key,ukm,key,crypted_key);
gkt = GOST_KEY_TRANSPORT_new();
- if (!gkt) {
+ if (!gkt)
+ {
goto memerr;
- }
+ }
if(!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,
- ukm,8)) {
+ ukm,8))
+ {
goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4)) {
+ }
+ if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4))
+ {
goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32)) {
+ }
+ if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32))
+ {
goto memerr;
- }
+ }
newkey = ec_ephemeral_key_to_EVP(pubk,NID_id_GostR3410_2001,ephemeral);
- if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,newkey)) {
+ if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,newkey))
+ {
GOSTerr(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001,GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
goto err;
- }
+ }
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
EVP_PKEY_free(newkey);
return gkt;
-memerr:
- GOSTerr(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001,
- GOST_R_MALLOC_FAILURE);
-err:
- GOST_KEY_TRANSPORT_free(gkt);
- return NULL;
-}
+ memerr:
+ GOSTerr(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001,
+ GOST_R_MALLOC_FAILURE);
+ err:
+ GOST_KEY_TRANSPORT_free(gkt);
+ return NULL;
+ }
/*
* EVP_PKEY_METHOD callback encrypt
*/
int pkey_GOST01cp_encrypt (EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len, const unsigned char *key,size_t key_len)
-{
+ {
GOST_KEY_TRANSPORT *gkt=NULL;
EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
unsigned char ukm[8];
int ret=0;
- if (RAND_bytes(ukm,8)<=0) {
+ if (RAND_bytes(ukm,8)<=0)
+ {
GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
GOST_R_RANDOM_GENERATOR_FAILURE);
return 0;
- }
+ }
- if (!(gkt=make_rfc4490_keytransport_2001(pubk,gost_get_priv_key(data->eph_seckey),key, key_len,ukm,8))) {
+ if (!(gkt=make_rfc4490_keytransport_2001(pubk,gost_get_priv_key(data->eph_seckey),key, key_len,ukm,8)))
+ {
goto err;
- }
+ }
if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt,&out))>0) ret =1;
GOST_KEY_TRANSPORT_free(gkt);
return ret;
-err:
- GOST_KEY_TRANSPORT_free(gkt);
- return -1;
-}
+ err:
+ GOST_KEY_TRANSPORT_free(gkt);
+ return -1;
+ }
/* Public, because it would be needed in SSL implementation */
int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv,GOST_KEY_TRANSPORT *gkt,
- unsigned char *key_buf,int key_buf_len)
-{
+ unsigned char *key_buf,int key_buf_len)
+ {
unsigned char wrappedKey[44];
unsigned char sharedKey[32];
gost_ctx ctx;
OPENSSL_assert(gkt->key_info->imit->length==4);
memcpy(wrappedKey+40,gkt->key_info->imit->data,4);
VKO_compute_key(sharedKey,32,EC_KEY_get0_public_key(EVP_PKEY_get0(eph_key)),
- EVP_PKEY_get0(priv),wrappedKey);
- if (!keyUnwrapCryptoPro(&ctx,sharedKey,wrappedKey,key_buf)) {
+ EVP_PKEY_get0(priv),wrappedKey);
+ if (!keyUnwrapCryptoPro(&ctx,sharedKey,wrappedKey,key_buf))
+ {
GOSTerr(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT,
- GOST_R_ERROR_COMPUTING_SHARED_KEY);
+ GOST_R_ERROR_COMPUTING_SHARED_KEY);
goto err;
- }
+ }
EVP_PKEY_free(eph_key);
return 32;
-err:
+ err:
EVP_PKEY_free(eph_key);
return -1;
-}
+ }
/*
* EVP_PKEY_METHOD callback decrypt
* Implementation of GOST2001 key transport, cryptopo variation
*/
-int pkey_GOST01cp_decrypt (EVP_PKEY_CTX *pctx, unsigned char *key, size_t * key_len, const unsigned char *in, size_t in_len) {
+int pkey_GOST01cp_decrypt (EVP_PKEY_CTX *pctx, unsigned char *key, size_t * key_len, const unsigned char *in, size_t in_len)
+ {
const unsigned char *p = in;
EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
GOST_KEY_TRANSPORT *gkt = NULL;
int ret=0;
- if (!key) {
+ if (!key)
+ {
*key_len = 32;
return 1;
- }
+ }
gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
- in_len);
- if (!gkt) {
+ in_len);
+ if (!gkt)
+ {
GOSTerr(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
return -1;
- }
+ }
ret = decrypt_rfc4490_shared_key_2001(priv,gkt,key,*key_len);
GOST_KEY_TRANSPORT_free(gkt);
return ret;
-}
+ }
/* Substitution blocks from test examples for GOST R 34.11-94*/
gost_subst_block GostR3411_94_TestParamSet = {
- {0X1,0XF,0XD,0X0,0X5,0X7,0XA,0X4,0X9,0X2,0X3,0XE,0X6,0XB,0X8,0XC},
- {0XD,0XB,0X4,0X1,0X3,0XF,0X5,0X9,0X0,0XA,0XE,0X7,0X6,0X8,0X2,0XC},
- {0X4,0XB,0XA,0X0,0X7,0X2,0X1,0XD,0X3,0X6,0X8,0X5,0X9,0XC,0XF,0XE},
- {0X6,0XC,0X7,0X1,0X5,0XF,0XD,0X8,0X4,0XA,0X9,0XE,0X0,0X3,0XB,0X2},
- {0X7,0XD,0XA,0X1,0X0,0X8,0X9,0XF,0XE,0X4,0X6,0XC,0XB,0X2,0X5,0X3},
- {0X5,0X8,0X1,0XD,0XA,0X3,0X4,0X2,0XE,0XF,0XC,0X7,0X6,0X0,0X9,0XB},
- {0XE,0XB,0X4,0XC,0X6,0XD,0XF,0XA,0X2,0X3,0X8,0X1,0X0,0X7,0X5,0X9},
- {0X4,0XA,0X9,0X2,0XD,0X8,0X0,0XE,0X6,0XB,0X1,0XC,0X7,0XF,0X5,0X3}
-};
+ {0X1,0XF,0XD,0X0,0X5,0X7,0XA,0X4,0X9,0X2,0X3,0XE,0X6,0XB,0X8,0XC},
+ {0XD,0XB,0X4,0X1,0X3,0XF,0X5,0X9,0X0,0XA,0XE,0X7,0X6,0X8,0X2,0XC},
+ {0X4,0XB,0XA,0X0,0X7,0X2,0X1,0XD,0X3,0X6,0X8,0X5,0X9,0XC,0XF,0XE},
+ {0X6,0XC,0X7,0X1,0X5,0XF,0XD,0X8,0X4,0XA,0X9,0XE,0X0,0X3,0XB,0X2},
+ {0X7,0XD,0XA,0X1,0X0,0X8,0X9,0XF,0XE,0X4,0X6,0XC,0XB,0X2,0X5,0X3},
+ {0X5,0X8,0X1,0XD,0XA,0X3,0X4,0X2,0XE,0XF,0XC,0X7,0X6,0X0,0X9,0XB},
+ {0XE,0XB,0X4,0XC,0X6,0XD,0XF,0XA,0X2,0X3,0X8,0X1,0X0,0X7,0X5,0X9},
+ {0X4,0XA,0X9,0X2,0XD,0X8,0X0,0XE,0X6,0XB,0X1,0XC,0X7,0XF,0X5,0X3}
+ };
/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */
gost_subst_block GostR3411_94_CryptoProParamSet= {
- {0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC},
- {0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB},
- {0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3},
- {0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5},
- {0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3},
- {0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD},
- {0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8},
- {0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF}
-} ;
+ {0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC},
+ {0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB},
+ {0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3},
+ {0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5},
+ {0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3},
+ {0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD},
+ {0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8},
+ {0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF}
+ } ;
/* Test paramset from GOST 28147 */
gost_subst_block Gost28147_TestParamSet =
-{
+ {
{0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8},
{0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD},
{0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4},
{0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB},
{0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5},
{0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6}
-};
+ };
{0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9},
{0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1},
{0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5}
-};
+ };
/* 1.2.643.2.2.31.2 */
gost_subst_block Gost28147_CryptoProParamSetB=
-{
+ {
{0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC},
{0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE},
{0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5},
{0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4},
{0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE},
{0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF}
-};
+ };
/* 1.2.643.2.2.31.3 */
gost_subst_block Gost28147_CryptoProParamSetC=
-{
+ {
{0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8},
{0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7},
{0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD},
{0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB},
{0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3},
{0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3}
-};
+ };
/* 1.2.643.2.2.31.4 */
gost_subst_block Gost28147_CryptoProParamSetD=
-{
+ {
{0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE},
{0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7},
{0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6},
{0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2},
{0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1},
{0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3}
-};
+ };
const byte CryptoProKeyMeshingKey[]={
0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B
-};
+ };
/* Initialization of gost_ctx subst blocks*/
-void kboxinit(gost_ctx *c, const gost_subst_block *b) {
+void kboxinit(gost_ctx *c, const gost_subst_block *b)
+ {
int i;
- for (i = 0; i < 256; i++) {
+ for (i = 0; i < 256; i++)
+ {
c->k87[i] = (b->k8[i>>4] <<4 | b->k7 [i &15])<<24;
c->k65[i] = (b->k6[i>>4] << 4 | b->k5 [i &15])<<16;
c->k43[i] = (b->k4[i>>4] <<4 | b->k3 [i &15])<<8;
c->k21[i] = b->k2[i>>4] <<4 | b->k1 [i &15];
+ }
}
-}
/* Part of GOST 28147 algorithm moved into separate function */
-static word32
-f(gost_ctx *c,word32 x)
-{ x = c->k87[x>>24 & 255] | c->k65[x>>16 & 255]|
- c->k43[x>> 8 & 255] | c->k21[x & 255];
- /* Rotate left 11 bits */
- return x<<11 | x>>(32-11);
-}
+static word32 f(gost_ctx *c,word32 x)
+ {
+ x = c->k87[x>>24 & 255] | c->k65[x>>16 & 255]|
+ c->k43[x>> 8 & 255] | c->k21[x & 255];
+ /* Rotate left 11 bits */
+ return x<<11 | x>>(32-11);
+ }
/* Low-level encryption routine - encrypts one 64 bit block*/
void gostcrypt(gost_ctx *c, const byte *in, byte *out)
-{
- register word32 n1, n2; /* As named in the GOST */
- n1 = in[0]|(in[1]<<8)|(in[2]<<16)|(in[3]<<24);
- n2 = in[4]|(in[5]<<8)|(in[6]<<16)|(in[7]<<24);
- /* Instead of swapping halves, swap names each round */
+ {
+ register word32 n1, n2; /* As named in the GOST */
+ n1 = in[0]|(in[1]<<8)|(in[2]<<16)|(in[3]<<24);
+ n2 = in[4]|(in[5]<<8)|(in[6]<<16)|(in[7]<<24);
+ /* Instead of swapping halves, swap names each round */
- n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
- n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
- n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
- n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+ n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+ n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+ n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+ n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
- n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
- n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
- n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
- n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+ n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+ n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+ n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+ n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
- n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
- n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
- n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
- n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+ n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+ n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+ n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+ n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
- n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
- n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
- n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
- n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
+ n2 ^= f(c,n1+c->k[7]); n1 ^= f(c,n2+c->k[6]);
+ n2 ^= f(c,n1+c->k[5]); n1 ^= f(c,n2+c->k[4]);
+ n2 ^= f(c,n1+c->k[3]); n1 ^= f(c,n2+c->k[2]);
+ n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
- out[0] = (n2&0xff); out[1] = (n2>>8)&0xff; out[2]=(n2>>16)&0xff; out[3]=n2>>24;
- out[4] = (n1&0xff); out[5] = (n1>>8)&0xff; out[6]=(n1>>16)&0xff; out[7]=n1>>24;
-}
+ out[0] = (n2&0xff); out[1] = (n2>>8)&0xff; out[2]=(n2>>16)&0xff; out[3]=n2>>24;
+ out[4] = (n1&0xff); out[5] = (n1>>8)&0xff; out[6]=(n1>>16)&0xff; out[7]=n1>>24;
+ }
/* Low-level decryption routine. Decrypts one 64-bit block */
void gostdecrypt(gost_ctx *c, const byte *in,byte *out)
-{
+ {
register word32 n1, n2; /* As named in the GOST */
n1 = in[0]|(in[1]<<8)|(in[2]<<16)|(in[3]<<24);
n2 = in[4]|(in[5]<<8)|(in[6]<<16)|(in[7]<<24);
n2 ^= f(c,n1+c->k[1]); n1 ^= f(c,n2+c->k[0]);
out[0] = (n2&0xff); out[1] = (n2>>8)&0xff; out[2]=(n2>>16)&0xff; out[3]=n2>>24;
out[4] = (n1&0xff); out[5] = (n1>>8)&0xff; out[6]=(n1>>16)&0xff; out[7]=n1>>24;
-}
+ }
/* Encrypts several blocks in ECB mode */
void gost_enc(gost_ctx *c,const byte *clear,byte *cipher, int blocks)
-{
+ {
int i;
- for(i=0;i<blocks;i++){
+ for(i=0;i<blocks;i++)
+ {
gostcrypt(c,clear,cipher);
clear+=8;
cipher+=8;
+ }
}
-}
/* Decrypts several blocks in ECB mode */
void gost_dec(gost_ctx *c, const byte *cipher,byte *clear, int blocks)
-{
+ {
int i;
- for(i=0;i<blocks;i++) {
+ for(i=0;i<blocks;i++)
+ {
gostdecrypt(c,cipher,clear);
clear+=8;
cipher+=8;
+ }
}
-}
-
/* Encrypts several full blocks in CFB mode using 8byte IV */
-void gost_enc_cfb(gost_ctx *ctx,const byte *iv,const byte *clear,byte *cipher, int blocks) {
+void gost_enc_cfb(gost_ctx *ctx,const byte *iv,const byte *clear,byte *cipher, int blocks)
+ {
byte cur_iv[8];
byte gamma[8];
int i,j;
const byte *in;
byte *out;
memcpy(cur_iv,iv,8);
- for(i=0,in=clear,out=cipher;i<blocks;i++,in+=8,out+=8) {
+ for(i=0,in=clear,out=cipher;i<blocks;i++,in+=8,out+=8)
+ {
gostcrypt(ctx,cur_iv,gamma);
- for (j=0;j<8;j++) {
+ for (j=0;j<8;j++)
+ {
cur_iv[j]=out[j]=in[j]^gamma[j];
- }
+ }
+ }
}
-
-}
/* Decrypts several full blocks in CFB mode using 8byte IV */
-void gost_dec_cfb(gost_ctx *ctx,const byte *iv,const byte *cipher,byte *clear, int blocks) {
+void gost_dec_cfb(gost_ctx *ctx,const byte *iv,const byte *cipher,byte *clear, int blocks)
+ {
byte cur_iv[8];
byte gamma[8];
int i,j;
const byte *in;
byte *out;
memcpy(cur_iv,iv,8);
- for(i=0,in=cipher,out=clear;i<blocks;i++,in+=8,out+=8) {
+ for(i=0,in=cipher,out=clear;i<blocks;i++,in+=8,out+=8)
+ {
gostcrypt(ctx,cur_iv,gamma);
- for (j=0;j<8;j++) {
+ for (j=0;j<8;j++)
+ {
out[j]=(cur_iv[j]=in[j])^gamma[j];
- }
+ }
+ }
}
-}
/* Encrypts one block using specified key */
void gost_enc_with_key(gost_ctx *c,byte *key,byte *inblock,byte *outblock)
-{
+ {
gost_key(c,key);
gostcrypt(c,inblock,outblock);
+ }
-}
/* Set 256 bit key into context */
void gost_key(gost_ctx *c, const byte *k)
-{
+ {
int i,j;
- for(i=0,j=0;i<8;i++,j+=4) {
+ for(i=0,j=0;i<8;i++,j+=4)
+ {
c->k[i]=k[j]|(k[j+1]<<8)|(k[j+2]<<16)|(k[j+3]<<24);
- }
-}
+ }
+ }
+
/* Retrieve 256-bit key from context */
void gost_get_key(gost_ctx *c, byte *k)
-{
+ {
int i,j;
- for(i=0,j=0;i<8;i++,j+=4) {
+ for(i=0,j=0;i<8;i++,j+=4)
+ {
k[j]=c->k[i]& 0xFF;
k[j+1]=(c->k[i]>>8 )&0xFF;
k[j+2]=(c->k[i]>>16) &0xFF;
k[j+3]=(c->k[i]>>24) &0xFF;
- }
+ }
+ }
-}
/* Initalize context. Provides default value for subst_block */
void gost_init(gost_ctx *c, const gost_subst_block *b)
-{
- if(!b) {
+ {
+ if(!b)
+ {
b=&GostR3411_94_TestParamSet;
- }
+ }
kboxinit(c,b);
-}
+ }
+
/* Cleans up key from context */
void gost_destroy(gost_ctx *c)
-{
+ {
int i; for(i=0;i<8;i++) c->k[i]=0;
-}
+ }
/* Compute GOST 28147 mac block
*
* buffer - 8-byte mac state buffer
* block 8-byte block to process.
* */
-void mac_block(gost_ctx *c,byte *buffer,const byte *block) {
-
- register word32 n1, n2; /* As named in the GOST */
- int i;
- for (i=0; i<8; i++) {
- buffer[i]^=block[i];
- }
- n1 = buffer[0]|(buffer[1]<<8)|(buffer[2]<<16)|(buffer[3]<<24);
- n2 = buffer[4]|(buffer[5]<<8)|(buffer[6]<<16)|(buffer[7]<<24);
- /* Instead of swapping halves, swap names each round */
+void mac_block(gost_ctx *c,byte *buffer,const byte *block)
+ {
+ register word32 n1, n2; /* As named in the GOST */
+ int i;
+ for (i=0; i<8; i++)
+ {
+ buffer[i]^=block[i];
+ }
+ n1 = buffer[0]|(buffer[1]<<8)|(buffer[2]<<16)|(buffer[3]<<24);
+ n2 = buffer[4]|(buffer[5]<<8)|(buffer[6]<<16)|(buffer[7]<<24);
+ /* Instead of swapping halves, swap names each round */
- n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
- n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
- n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
- n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+ n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+ n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+ n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+ n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
- n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
- n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
- n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
- n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
+ n2 ^= f(c,n1+c->k[0]); n1 ^= f(c,n2+c->k[1]);
+ n2 ^= f(c,n1+c->k[2]); n1 ^= f(c,n2+c->k[3]);
+ n2 ^= f(c,n1+c->k[4]); n1 ^= f(c,n2+c->k[5]);
+ n2 ^= f(c,n1+c->k[6]); n1 ^= f(c,n2+c->k[7]);
buffer[0] = (n1&0xff); buffer[1] = (n1>>8)&0xff; buffer[2]=(n1>>16)&0xff; buffer[3]=n1>>24;
buffer[4] = (n2&0xff); buffer[5] = (n2>>8)&0xff; buffer[6]=(n2>>16)&0xff; buffer[7]=n2>>24;
-}
+ }
/* Get mac with specified number of bits from MAC state buffer */
-void get_mac(byte *buffer,int nbits,byte *out) {
+void get_mac(byte *buffer,int nbits,byte *out)
+ {
int nbytes= nbits >> 3;
int rembits = nbits & 7;
int mask =rembits?((1<rembits)-1):0;
int i;
for (i=0;i<nbytes;i++) out[i]=buffer[i];
if (rembits) out[i]=buffer[i]&mask;
-}
+ }
/* Compute mac of specified length (in bits) from data.
* Context should be initialized with key and subst blocks */
int gost_mac(gost_ctx *ctx,int mac_len,const unsigned char *data,
- unsigned int data_len,unsigned char *mac)
-{
+ unsigned int data_len,unsigned char *mac)
+ {
byte buffer[8]={0,0,0,0,0,0,0,0};
byte buf2[8];
int i;
for (i=0;i+8<=data_len;i+=8)
mac_block(ctx,buffer,data+i);
- if (i<data_len) {
+ if (i<data_len)
+ {
memset(buf2,0,8);
memcpy(buf2,data+i,data_len-i);
mac_block(ctx,buffer,buf2);
- }
+ }
get_mac(buffer,mac_len,mac);
return 1;
-}
+ }
+
/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */
int gost_mac_iv(gost_ctx *ctx,int mac_len,const unsigned char *iv,const unsigned char *data,
- unsigned int data_len,unsigned char *mac)
-{
+ unsigned int data_len,unsigned char *mac)
+ {
byte buffer[8];
byte buf2[8];
int i;
memcpy (buffer,iv,8);
for (i=0;i+8<=data_len;i+=8)
mac_block(ctx,buffer,data+i);
- if (i<data_len) {
+ if (i<data_len)
+ {
memset(buf2,0,8);
memcpy(buf2,data+i,data_len-i);
mac_block(ctx,buffer,buf2);
- }
+ }
get_mac(buffer,mac_len,mac);
return 1;
-}
+ }
/* Implements key meshing algorithm by modifing ctx and IV in place */
-void cryptopro_key_meshing(gost_ctx *ctx, unsigned char *iv) {
+void cryptopro_key_meshing(gost_ctx *ctx, unsigned char *iv)
+ {
unsigned char newkey[32],newiv[8];
/* Set static keymeshing key */
/* "Decrypt" key with keymeshing key */
/* Encrypt iv with new key */
gostcrypt(ctx,iv,newiv);
memcpy(iv,newiv,8);
-}
+ }
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "gostkeyx.h"
-#include "gost_asn1.h"
#include "gost89.h"
#include "gosthash.h"
-#include "crypt.h"
#include "e_gost_err.h"
-#include "pmeth.h"
-#include "keywrap.h"
-#include "tools.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
/* Common functions for both 94 and 2001 key exchange schemes */
int decrypt_cryptocom_key(unsigned char *sess_key,int max_key_len,
- const unsigned char *crypted_key,int crypted_key_len, gost_ctx *ctx)
-{
+ const unsigned char *crypted_key,int crypted_key_len, gost_ctx *ctx)
+ {
int i;
int j;
int blocks = crypted_key_len >>3;
unsigned char gamma[8];
- if (max_key_len <crypted_key_len) {
+ if (max_key_len <crypted_key_len)
+ {
GOSTerr(GOST_F_DECRYPT_CRYPTOCOM_KEY,GOST_R_NOT_ENOUGH_SPACE_FOR_KEY);
return 0;
- }
+ }
if ((crypted_key_len & 7) !=0)
- {
+ {
GOSTerr(GOST_F_DECRYPT_CRYPTOCOM_KEY,GOST_R_INVALID_ENCRYPTED_KEY_SIZE);
return 0;
- }
+ }
for (i=blocks-1;i>0;i--)
- {
+ {
gostcrypt(ctx,crypted_key+(i-1)*8,gamma);
for(j=0;j<8;j++)
- {
+ {
sess_key[i*8+j]=gamma[j]^crypted_key[i*8+j];
- }
- }
+ }
+ }
gostcrypt(ctx,sess_key+crypted_key_len-8,gamma);
for(j=0;j<8;j++)
- {
+ {
sess_key[j]=gamma[j]^crypted_key[j];
- }
+ }
return 1;
-}
+ }
int encrypt_cryptocom_key(const unsigned char *sess_key,int key_len,
- unsigned char *crypted_key, gost_ctx *ctx)
-{
+ unsigned char *crypted_key, gost_ctx *ctx)
+ {
int i;
int j;
unsigned char gamma[8];
memcpy(gamma,sess_key+key_len-8,8);
for (i=0;i<key_len;i+=8)
- {
+ {
gostcrypt(ctx,gamma,gamma);
for (j=0;j<8;j++)
gamma[j]=crypted_key[i+j]=sess_key[i+j]^gamma[j];
- }
+ }
return 1;
-}
+ }
/* Implementation of the Diffi-Hellman key agreement scheme based on
* GOST-94 keys */
* algorigthm
*/
static int compute_pair_key_le(unsigned char *pair_key,BIGNUM *pub_key,DH *dh)
-{
+ {
unsigned char be_key[128];
int i,key_size;
key_size=DH_compute_key(be_key,pub_key,dh);
if (!key_size) return 0;
memset(pair_key,0,128);
- for (i=0;i<key_size;i++) {
+ for (i=0;i<key_size;i++)
+ {
pair_key[i]=be_key[key_size-1-i];
- }
+ }
return key_size;
-}
+ }
/*
* Computes 256 bit key exchange key for CryptoCom variation of GOST 94
* algorithm
*/
static int make_gost_shared_key(DH *dh,EVP_PKEY *pubk,unsigned char *shared_key)
-{
+ {
unsigned char dh_key [128];
int i;
/* Compute key */
* 2^509<p<2^512, so DH_size can be exactly 128 or exactly 64 only
*/
- if (DH_size(dh)==128)
- for (i=0;i<64;i++) {
+ if (DH_size(dh)==128)
+ {
+ for (i=0;i<64;i++)
+ {
dh_key[i]^=dh_key[64+i];
- }
- for (i=0;i<32;i++) {
+ }
+ }
+ for (i=0;i<32;i++)
+ {
shared_key[i]=dh_key[i]^dh_key[32+i];
- }
+ }
return 1;
-}
+ }
static DH *make_ephemeral_key(EVP_PKEY *pubk,BIGNUM *ephemeral_key)
-{
+ {
DH *dh = DH_new();
dh->g = BN_dup(pubk->pkey.dsa->g);
dh->p = BN_dup(pubk->pkey.dsa->p);
dh->priv_key = BN_dup(ephemeral_key);
/* Generate ephemeral key pair */
- if (!DH_generate_key(dh)) {
+ if (!DH_generate_key(dh))
+ {
DH_free(dh);
return NULL;
- }
+ }
return dh;
-}
+ }
/*
* Computes 256 bit Key exchange key as specified in RFC 4357
*/
static int make_cp_exchange_key(DH *dh,EVP_PKEY *pubk, unsigned char *shared_key)
-{
+ {
unsigned char dh_key [128];
gost_hash_ctx hash_ctx;
memset(dh_key,0,128);
finish_hash(&hash_ctx,shared_key);
done_gost_hash_ctx(&hash_ctx);
return 1;
-}
+ }
+
/* EVP_PKEY_METHOD callback encrypt for
* GOST R 34.10-94 cryptopro modification
*/
int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len )
-{
+ {
GOST_KEY_TRANSPORT *gkt=NULL;
DH *dh = NULL;
unsigned char shared_key[32], ukm[8],crypted_key[44];
int size=-1;
gost_ctx cctx;
-
- if (!(data->eph_seckey)) {
+ if (!(data->eph_seckey))
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT);
+ GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT);
return -1;
- }
+ }
dh = make_ephemeral_key(pubk,gost_get_priv_key(data->eph_seckey));
gost_init(&cctx,param->sblock);
make_cp_exchange_key(dh,pubk,shared_key);
- if (RAND_bytes(ukm,8)<=0) {
+ if (RAND_bytes(ukm,8)<=0)
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_RANDOM_GENERATOR_FAILURE);
+ GOST_R_RANDOM_GENERATOR_FAILURE);
return -1;
- }
+ }
keyWrapCryptoPro(&cctx,shared_key,ukm,key,crypted_key);
gkt = GOST_KEY_TRANSPORT_new();
- if (!gkt) {
+ if (!gkt)
+ {
goto memerr;
- }
+ }
if(!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,
- ukm,8)) {
+ ukm,8))
+ {
goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4)) {
+ }
+ if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,crypted_key+40,4))
+ {
goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32)) {
+ }
+ if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,crypted_key+8,32))
+ {
goto memerr;
- }
- if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey)) {
+ }
+ if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey))
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
goto err;
- }
+ }
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
*outlen = i2d_GOST_KEY_TRANSPORT(gkt,&out);
- if (!size) {
+ if (!size)
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO);
size=-1;
- }
+ }
GOST_KEY_TRANSPORT_free(gkt);
DH_free(dh);
return 1;
-memerr:
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_MALLOC_FAILURE);
-err:
- GOST_KEY_TRANSPORT_free(gkt);
- DH_free(dh);
- return -1;
-}
+ memerr:
+ GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+ GOST_R_MALLOC_FAILURE);
+ err:
+ GOST_KEY_TRANSPORT_free(gkt);
+ DH_free(dh);
+ return -1;
+ }
+
/* EVP_PKEY_METHOD callback encrypt for
* GOST R 34.10-94 cryptocom modification
*/
int pkey_GOST94cc_encrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * key,size_t key_len)
-{
+ {
EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(ctx);
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
/* create DH structure filling parameters from passed pub_key */
gost_ctx cctx;
EVP_PKEY *newkey=NULL;
unsigned char shared_key[32],encrypted_key[32],hmac[4],
- iv[8]={0,0,0,0,0,0,0,0};
+ iv[8]={0,0,0,0,0,0,0,0};
- if (! data->eph_seckey) {
+ if (! data->eph_seckey)
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT);
+ GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT);
return -1;
- }
+ }
dh = make_ephemeral_key(pubk,gost_get_priv_key(data->eph_seckey));
if (!dh) goto err;
/* compute shared key */
if (!make_gost_shared_key(dh,pubk,shared_key))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_ERROR_COMPUTING_SHARED_KEY);
goto err;
- }
+ }
/* encrypt session key */
gost_init(&cctx, &GostR3411_94_CryptoProParamSet);
gost_key(&cctx,shared_key);
encrypt_cryptocom_key(key,key_len,encrypted_key,&cctx);
/* compute hmac of session key */
if (!gost_mac(&cctx,32,key,32,hmac))
- {
+ {
DH_free(dh);
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_ERROR_COMPUTING_MAC);
return -1;
- }
+ }
gkt = GOST_KEY_TRANSPORT_new();
if (!gkt)
- {
+ {
DH_free(dh);
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_NO_MEMORY);
return -1;
- }
+ }
/* Store IV which is always zero in our case */
if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv,iv,8))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_ERROR_STORING_IV);
goto err;
- }
+ }
if (!ASN1_OCTET_STRING_set(gkt->key_info->imit,hmac,4))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_ERROR_STORING_MAC);
goto err;
- }
+ }
if (!ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key,encrypted_key,32))
- {
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_ERROR_STORING_ENCRYPTED_KEY);
goto err;
- }
- if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey)) {
+ }
+ if (!X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,data->eph_seckey))
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_ENCRYPT,GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
goto err;
- }
+ }
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(NID_id_Gost28147_89_cc);
*outlen = i2d_GOST_KEY_TRANSPORT(gkt,&out);
-err:
+ err:
if (gkt) GOST_KEY_TRANSPORT_free(gkt);
if (dh) DH_free(dh);
if (newkey) EVP_PKEY_free(newkey);
return 1;
-}
+ }
/* EVP_PLEY_METHOD callback decrypt for
* GOST R 34.10-94 cryptopro modification
EVP_PKEY *eph_key=NULL;
EVP_PKEY *priv= EVP_PKEY_CTX_get0_pkey(ctx);
- if (!key) {
+ if (!key)
+ {
*key_len = 32;
return 1;
- }
+ }
dh->g = BN_dup(priv->pkey.dsa->g);
dh->p = BN_dup(priv->pkey.dsa->p);
dh->priv_key = BN_dup(priv->pkey.dsa->priv_key);
gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
- in_len);
- if (!gkt) {
+ in_len);
+ if (!gkt)
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
DH_free(dh);
return 0;
- }
+ }
eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
param = get_encryption_params(gkt->key_agreement_info->cipher);
gost_init(&cctx,param->sblock);
OPENSSL_assert(gkt->key_info->imit->length==4);
memcpy(wrappedKey+40,gkt->key_info->imit->data,4);
make_cp_exchange_key(dh,eph_key,sharedKey);
- if (!keyUnwrapCryptoPro(&cctx,sharedKey,wrappedKey,key)) {
+ if (!keyUnwrapCryptoPro(&cctx,sharedKey,wrappedKey,key))
+ {
GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
- GOST_R_ERROR_COMPUTING_SHARED_KEY);
+ GOST_R_ERROR_COMPUTING_SHARED_KEY);
goto err;
- }
+ }
EVP_PKEY_free(eph_key);
GOST_KEY_TRANSPORT_free(gkt);
GOST_KEY_TRANSPORT_free(gkt);
DH_free(dh);
return -1;
-
-}
+ }
+
/* EVP_PKEY_METHOD callback decrypt for
* GOST R 34.10-94 cryptocom modification
*/
int pkey_GOST94cc_decrypt (EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len)
-{
+ {
/* Form DH params from compute shared key */
GOST_KEY_TRANSPORT *gkt = NULL;
const unsigned char *p=in;
EVP_PKEY *eph_key;
EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
- if (!key) {
+ if (!key)
+ {
*key_len = 32;
return 1;
- }
+ }
/* Construct DH structure from the our GOST private key */
dh->g = BN_dup(priv->pkey.dsa->g);
dh->p = BN_dup(priv->pkey.dsa->p);
dh->priv_key = BN_dup(priv->pkey.dsa->priv_key);
/* Parse passed octet string and find out public key, iv and HMAC*/
gkt = d2i_GOST_KEY_TRANSPORT(NULL,(const unsigned char **)&p,
- in_len);
- if (!gkt) {
+ in_len);
+ if (!gkt)
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_DECRYPT,GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
DH_free(dh);
return 0;
- }
+ }
eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
/* Initialization vector is really ignored here */
OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
EVP_PKEY_free(eph_key);
DH_free(dh);
if (!i)
- {
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_DECRYPT,GOST_R_ERROR_COMPUTING_SHARED_KEY);
GOST_KEY_TRANSPORT_free(gkt);
return 0;
- }
+ }
/* Decrypt session key */
gost_init(&ctx, &GostR3411_94_CryptoProParamSet);
gost_key(&ctx,shared_key);
if (!decrypt_cryptocom_key(key,*key_len,gkt->key_info->encrypted_key->data,
gkt->key_info->encrypted_key->length, &ctx))
- {
+ {
GOST_KEY_TRANSPORT_free(gkt);
return 0;
- }
+ }
GOST_KEY_TRANSPORT_free(gkt);
/* check HMAC of session key*/
- if (!gost_mac(&ctx,32,key,32,hmac_comp)) {
+ if (!gost_mac(&ctx,32,key,32,hmac_comp))
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_DECRYPT,GOST_R_ERROR_COMPUTING_MAC);
return 0;
- }
- /* HMAC of session key is not correct */
- if (memcmp(hmac,hmac_comp,4)!=0) {
+ }
+ /* HMAC of session key is not correct */
+ if (memcmp(hmac,hmac_comp,4)!=0)
+ {
GOSTerr(GOST_F_PKEY_GOST94CC_DECRYPT,GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH);
return 0;
- }
+ }
return 1;
-}
+ }
/**********************************************************************
- * ameth.c *
+ * gost_ameth.c *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <string.h>
-#include "meth.h"
-#include "pmeth.h"
-#include "paramset.h"
-#include "gost_asn1.h"
-#include "crypt.h"
-#include "sign.h"
-#include "tools.h"
+#include "gost_params.h"
+#include "gost_lcl.h"
#include "e_gost_err.h"
int gost94_nid_by_params(DSA *p)
-{
+ {
R3410_params *gost_params;
BIGNUM *q=BN_new();
- for (gost_params = R3410_paramset;gost_params->q!=NULL; gost_params++) {
+ for (gost_params = R3410_paramset;gost_params->q!=NULL; gost_params++)
+ {
BN_dec2bn(&q,gost_params->q);
if (!BN_cmp(q,p->q))
- {
+ {
BN_free(q);
return gost_params->nid;
- }
- }
+ }
+ }
BN_free(q);
return NID_undef;
-}
+ }
static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
-{
+ {
ASN1_STRING *params = ASN1_STRING_new();
GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
int pkey_param_nid = NID_undef;
int cipher_param_nid = NID_undef;
- if (!params || !gkp) {
+ if (!params || !gkp)
+ {
GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(params);
params = NULL;
goto err;
- }
- switch (EVP_PKEY_base_id(key)) {
- case NID_id_GostR3410_2001_cc:
- pkey_param_nid = NID_id_GostR3410_2001_ParamSet_cc;
- cipher_param_nid = NID_id_Gost28147_89_cc;
- break;
- case NID_id_GostR3410_94_cc:
- pkey_param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
- cipher_param_nid = NID_id_Gost28147_89_cc;
- break;
- case NID_id_GostR3410_2001:
- pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
- cipher_param_nid = get_encryption_params(NULL)->nid;
- break;
- case NID_id_GostR3410_94:
- pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
- if (pkey_param_nid == NID_undef) {
- GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
- GOST_R_INVALID_GOST94_PARMSET);
- ASN1_STRING_free(params);
- params=NULL;
- goto err;
}
- cipher_param_nid = get_encryption_params(NULL)->nid;
- break;
- }
+ switch (EVP_PKEY_base_id(key))
+ {
+ case NID_id_GostR3410_2001_cc:
+ pkey_param_nid = NID_id_GostR3410_2001_ParamSet_cc;
+ cipher_param_nid = NID_id_Gost28147_89_cc;
+ break;
+ case NID_id_GostR3410_94_cc:
+ pkey_param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
+ cipher_param_nid = NID_id_Gost28147_89_cc;
+ break;
+ case NID_id_GostR3410_2001:
+ pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
+ cipher_param_nid = get_encryption_params(NULL)->nid;
+ break;
+ case NID_id_GostR3410_94:
+ pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
+ if (pkey_param_nid == NID_undef)
+ {
+ GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
+ GOST_R_INVALID_GOST94_PARMSET);
+ ASN1_STRING_free(params);
+ params=NULL;
+ goto err;
+ }
+ cipher_param_nid = get_encryption_params(NULL)->nid;
+ break;
+ }
gkp->key_params = OBJ_nid2obj(pkey_param_nid);
gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
/*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);*/
params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data);
if (params->length <=0 )
- {
+ {
GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(params);
params = NULL;
goto err;
- }
+ }
params ->type = V_ASN1_SEQUENCE;
-err:
+ err:
GOST_KEY_PARAMS_free(gkp);
return params;
-}
+ }
+
/* Parses GOST algorithm parameters from X509_ALGOR and
* modifies pkey setting NID and parameters
*/
static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg)
-{
+ {
ASN1_OBJECT *palg_obj =NULL;
int ptype = V_ASN1_UNDEF;
int pkey_nid = NID_undef,param_nid = NID_undef;
GOST_KEY_PARAMS *gkp = NULL;
X509_ALGOR_get0(&palg_obj, &ptype, (void **) (&pval), palg);
- if (ptype != V_ASN1_SEQUENCE) {
+ if (ptype != V_ASN1_SEQUENCE)
+ {
GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
GOST_R_BAD_KEY_PARAMETERS_FORMAT);
return 0;
- }
+ }
p=pval->data;
pkey_nid = OBJ_obj2nid(palg_obj);
gkp = d2i_GOST_KEY_PARAMS(NULL,&p,pval->length);
- if (!gkp) {
+ if (!gkp)
+ {
GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
- GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
- }
+ GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
+ }
param_nid = OBJ_obj2nid(gkp->key_params);
GOST_KEY_PARAMS_free(gkp);
EVP_PKEY_set_type(pkey,pkey_nid);
- switch (pkey_nid) {
- case NID_id_GostR3410_94:
- case NID_id_GostR3410_94_cc:
- { DSA *dsa= EVP_PKEY_get0(pkey);
- if (!dsa) {
- dsa = DSA_new();
- if (!EVP_PKEY_assign(pkey,pkey_nid,dsa)) return 0;
+ switch (pkey_nid)
+ {
+ case NID_id_GostR3410_94:
+ case NID_id_GostR3410_94_cc:
+ {
+ DSA *dsa= EVP_PKEY_get0(pkey);
+ if (!dsa)
+ {
+ dsa = DSA_new();
+ if (!EVP_PKEY_assign(pkey,pkey_nid,dsa)) return 0;
}
- if (!fill_GOST94_params(dsa,param_nid)) return 0;
- break;
+ if (!fill_GOST94_params(dsa,param_nid)) return 0;
+ break;
}
- case NID_id_GostR3410_2001:
- case NID_id_GostR3410_2001_cc:
- { EC_KEY *ec = EVP_PKEY_get0(pkey);
- if (!ec) {
- ec = EC_KEY_new();
- if (!EVP_PKEY_assign(pkey,pkey_nid,ec)) return 0;
+ case NID_id_GostR3410_2001:
+ case NID_id_GostR3410_2001_cc:
+ {
+ EC_KEY *ec = EVP_PKEY_get0(pkey);
+ if (!ec)
+ {
+ ec = EC_KEY_new();
+ if (!EVP_PKEY_assign(pkey,pkey_nid,ec)) return 0;
}
- if (!fill_GOST2001_params(ec,param_nid)) return 0;
-
- }
-
- }
+ if (!fill_GOST2001_params(ec,param_nid)) return 0;
+ }
+ }
return 1;
-}
+ }
static int gost_set_priv_key(EVP_PKEY *pkey,BIGNUM *priv)
-{
- switch (EVP_PKEY_base_id(pkey)) {
- case NID_id_GostR3410_94:
- case NID_id_GostR3410_94_cc:
- { DSA *dsa = EVP_PKEY_get0(pkey);
- if (!dsa) {
- dsa = DSA_new();
- EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),dsa);
+ {
+ switch (EVP_PKEY_base_id(pkey))
+ {
+ case NID_id_GostR3410_94:
+ case NID_id_GostR3410_94_cc:
+ {
+ DSA *dsa = EVP_PKEY_get0(pkey);
+ if (!dsa)
+ {
+ dsa = DSA_new();
+ EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),dsa);
}
- dsa->priv_key = BN_dup(priv);
- if (!EVP_PKEY_missing_parameters(pkey))
- gost94_compute_public(dsa);
- break;
+ dsa->priv_key = BN_dup(priv);
+ if (!EVP_PKEY_missing_parameters(pkey))
+ gost94_compute_public(dsa);
+ break;
}
- case NID_id_GostR3410_2001:
- case NID_id_GostR3410_2001_cc:
- { EC_KEY *ec = EVP_PKEY_get0(pkey);
- if (!ec) {
- ec = EC_KEY_new();
- EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),ec);
+ case NID_id_GostR3410_2001:
+ case NID_id_GostR3410_2001_cc:
+ {
+ EC_KEY *ec = EVP_PKEY_get0(pkey);
+ if (!ec)
+ {
+ ec = EC_KEY_new();
+ EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),ec);
}
- if (!EC_KEY_set_private_key(ec,priv)) return 0;
- if (!EVP_PKEY_missing_parameters(pkey))
- gost2001_compute_public(ec);
- break;
+ if (!EC_KEY_set_private_key(ec,priv)) return 0;
+ if (!EVP_PKEY_missing_parameters(pkey))
+ gost2001_compute_public(ec);
+ break;
+ }
}
-
- }
return 1;
-}
+ }
BIGNUM* gost_get_priv_key(const EVP_PKEY *pkey)
-{
- switch (EVP_PKEY_base_id(pkey)) {
- case NID_id_GostR3410_94:
- case NID_id_GostR3410_94_cc:
- { DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
- if (!dsa) {
- return NULL;
+ {
+ switch (EVP_PKEY_base_id(pkey))
+ {
+ case NID_id_GostR3410_94:
+ case NID_id_GostR3410_94_cc:
+ {
+ DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
+ if (!dsa)
+ {
+ return NULL;
}
- if (!dsa->priv_key) return NULL;
- return BN_dup(dsa->priv_key);
- break;
+ if (!dsa->priv_key) return NULL;
+ return BN_dup(dsa->priv_key);
+ break;
}
- case NID_id_GostR3410_2001:
- case NID_id_GostR3410_2001_cc:
- { EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
- const BIGNUM* priv;
- if (!ec) {
- return NULL;
+ case NID_id_GostR3410_2001:
+ case NID_id_GostR3410_2001_cc:
+ {
+ EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
+ const BIGNUM* priv;
+ if (!ec)
+ {
+ return NULL;
}
- if (!(priv=EC_KEY_get0_private_key(ec))) return NULL;
- return BN_dup(priv);
- break;
+ if (!(priv=EC_KEY_get0_private_key(ec))) return NULL;
+ return BN_dup(priv);
+ break;
+ }
}
-
- }
return NULL;
-}
+ }
+
static int pkey_ctrl_gost(EVP_PKEY *pkey, int op,
- long arg1, void *arg2)
-{
- switch (op)
+ long arg1, void *arg2)
{
+ switch (op)
+ {
case ASN1_PKEY_CTRL_PKCS7_SIGN:
- if (arg1 == 0) {
+ if (arg1 == 0)
+ {
X509_ALGOR *alg1 = NULL, *alg2 = NULL;
int nid = EVP_PKEY_base_id(pkey);
PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO*)arg2,
- NULL, &alg1, &alg2);
+ NULL, &alg1, &alg2);
X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
- V_ASN1_NULL, 0);
- if (nid == NID_undef) {
+ V_ASN1_NULL, 0);
+ if (nid == NID_undef)
+ {
return (-1);
- }
+ }
X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
- }
+ }
return 1;
case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
if (arg1 == 0)
{
X509_ALGOR *alg;
ASN1_STRING * params = encode_gost_algor_params(pkey);
- if (!params) {
+ if (!params)
+ {
return -1;
- }
+ }
PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO*)arg2, &alg);
X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
- V_ASN1_SEQUENCE, params);
+ V_ASN1_SEQUENCE, params);
}
return 1;
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
- *(int *)arg2 = NID_id_GostR3411_94;
- return 2;
- }
+ *(int *)arg2 = NID_id_GostR3411_94;
+ return 2;
+ }
return -2;
-}
+ }
/*----------------------- free functions * ------------------------------*/
-static void pkey_free_gost94(EVP_PKEY *key) {
- if (key->pkey.dsa) {
+static void pkey_free_gost94(EVP_PKEY *key)
+ {
+ if (key->pkey.dsa)
+ {
DSA_free(key->pkey.dsa);
- }
-}
-static void pkey_free_gost01(EVP_PKEY *key) {
- if (key->pkey.ec) {
- EC_KEY_free(key->pkey.ec);
+ }
}
-}
+
+static void pkey_free_gost01(EVP_PKEY *key)
+ {
+ if (key->pkey.ec)
+ {
+ EC_KEY_free(key->pkey.ec);
+ }
+ }
+
/* ------------------ private key functions -----------------------------*/
static int priv_decode_gost( EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
-{
+ {
const unsigned char *pkey_buf = NULL,*p=NULL;
int priv_len = 0;
BIGNUM *pk_num=NULL;
if (!PKCS8_pkey_get0(&palg_obj,&pkey_buf,&priv_len,&palg,p8inf))
return 0;
p = pkey_buf;
- if (!decode_gost_algor_params(pk,palg)) {
+ if (!decode_gost_algor_params(pk,palg))
+ {
return 0;
- }
- priv_key=d2i_ASN1_INTEGER(NULL,&p,priv_len);
- if (!priv_key) {
- }
-
- if (!(pk_num = ASN1_INTEGER_to_BN(priv_key, NULL))) {
- GOSTerr(GOST_F_PRIV_DECODE_GOST_94,
- EVP_R_DECODE_ERROR);
- }
+ }
+ if (V_ASN1_OCTET_STRING == *p)
+ {
+ /* New format - Little endian octet string */
+ unsigned char rev_buf[32];
+ int i;
+ ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL,&p,priv_len);
+ if (!s||s->length !=32)
+ {
+ GOSTerr(GOST_F_PRIV_DECODE_GOST_94,
+ EVP_R_DECODE_ERROR);
+ return 0;
+ }
+ for (i=0;i<32;i++)
+ {
+ rev_buf[31-i]=s->data[i];
+ }
+ ASN1_STRING_free(s);
+ pk_num = getbnfrombuf(rev_buf,32);
+ }
+ else
+ {
+ priv_key=d2i_ASN1_INTEGER(NULL,&p,priv_len);
+ if (!priv_key || !(pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)))
+ {
+ GOSTerr(GOST_F_PRIV_DECODE_GOST_94,
+ EVP_R_DECODE_ERROR);
+ return 0;
+ }
+ }
ret= gost_set_priv_key(pk,pk_num);
BN_free(pk_num);
return ret;
-}
+ }
+
/* ----------------------------------------------------------------------*/
static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
-{
+ {
ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
ASN1_STRING *params = encode_gost_algor_params(pk);
unsigned char *priv_buf = NULL;
BIGNUM *key;
ASN1_INTEGER *asn1key=NULL;
- if (!params) {
+ if (!params)
+ {
return 0;
- }
+ }
key = gost_get_priv_key(pk);
asn1key = BN_to_ASN1_INTEGER(key,NULL);
BN_free(key);
ASN1_INTEGER_free(asn1key);
return PKCS8_pkey_set0(p8,algobj,0,V_ASN1_SEQUENCE,params,
priv_buf,priv_len);
-}
+ }
static int priv_print_gost (BIO *out,const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
+ ASN1_PCTX *pctx)
+ {
BIGNUM *key;
if (!BIO_indent(out,indent,128)) return 0;
key = gost_get_priv_key(pkey);
BN_print(out,key);
BN_free(key);
return 1;
-}
+ }
+
/* ---------------------------------------------------------------------*/
static int param_missing_gost94(const EVP_PKEY *pk)
-{
+ {
const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
if (!dsa) return 1;
if (!dsa->q) return 1;
return 0;
-}
+ }
+
static int param_missing_gost01(const EVP_PKEY *pk)
-{
+ {
const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
if (!ec) return 1;
if (!EC_KEY_get0_group(ec)) return 1;
return 0;
-}
+ }
static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from)
-{
+ {
const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from);
DSA *dto = EVP_PKEY_get0(to);
if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to))
- {
+ {
GOSTerr(GOST_F_PARAM_COPY_GOST94,
- GOST_R_INCOMPATIBLE_ALGORITHMS);
+ GOST_R_INCOMPATIBLE_ALGORITHMS);
return 0;
- }
+ }
if (!dfrom)
- {
+ {
GOSTerr(GOST_F_PARAM_COPY_GOST94,
- GOST_R_KEY_PARAMETERS_MISSING);
+ GOST_R_KEY_PARAMETERS_MISSING);
return 0;
- }
+ }
if (!dto)
- {
+ {
dto = DSA_new();
EVP_PKEY_assign(to,EVP_PKEY_base_id(from),dto);
- }
+ }
#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x);
COPYBIGNUM(dto,dfrom,p)
- COPYBIGNUM(dto,dfrom,q)
- COPYBIGNUM(dto,dfrom,g)
+ COPYBIGNUM(dto,dfrom,q)
+ COPYBIGNUM(dto,dfrom,g)
- if (dto->priv_key)
- gost94_compute_public(dto);
+ if (dto->priv_key)
+ gost94_compute_public(dto);
return 1;
-}
-static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) {
+ }
+static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
+ {
EC_KEY *eto = EVP_PKEY_get0(to);
const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
- if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
+ if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to))
+ {
GOSTerr(GOST_F_PARAM_COPY_GOST01,
- GOST_R_INCOMPATIBLE_ALGORITHMS);
+ GOST_R_INCOMPATIBLE_ALGORITHMS);
return 0;
- }
- if (!efrom) {
+ }
+ if (!efrom)
+ {
GOSTerr(GOST_F_PARAM_COPY_GOST94,
- GOST_R_KEY_PARAMETERS_MISSING);
+ GOST_R_KEY_PARAMETERS_MISSING);
return 0;
- }
- if (!eto) {
+ }
+ if (!eto)
+ {
eto = EC_KEY_new();
EVP_PKEY_assign(to,EVP_PKEY_base_id(from),eto);
- }
+ }
EC_KEY_set_group(eto,EC_GROUP_dup(EC_KEY_get0_group(efrom)));
- if (EC_KEY_get0_private_key(eto)) {
+ if (EC_KEY_get0_private_key(eto))
+ {
gost2001_compute_public(eto);
- }
+ }
return 1;
-
-
+ }
-}
-static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b) {
+static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
+ {
const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
if (!BN_cmp(da->q,db->q)) return 1;
return 0;
-}
-static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) {
- if (EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a)))==
- EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)b)))) {
- return 1;
}
+
+static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
+ {
+ if (EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a)))==
+ EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)b))))
+ {
+ return 1;
+ }
return 0;
-}
+ }
+
/* ---------- Public key functions * --------------------------------------*/
static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
-{
+ {
X509_ALGOR *palg = NULL;
const unsigned char *pubkey_buf = NULL;
unsigned char *databuf;
ASN1_OCTET_STRING *octet= NULL;
if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
- &palg, pub)) return 0;
+ &palg, pub)) return 0;
EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);
if (!decode_gost_algor_params(pk,palg)) return 0;
octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
if (!octet)
- {
+ {
GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
return 0;
- }
+ }
databuf = OPENSSL_malloc(octet->length);
for (i=0,j=octet->length-1;i<octet->length;i++,j--)
- {
+ {
databuf[j]=octet->data[i];
- }
+ }
dsa = EVP_PKEY_get0(pk);
dsa->pub_key=BN_bin2bn(databuf,octet->length,NULL);
ASN1_OCTET_STRING_free(octet);
OPENSSL_free(databuf);
return 1;
-}
+ }
+
static int pub_encode_gost94(X509_PUBKEY *pub,const EVP_PKEY *pk)
-{
+ {
ASN1_OBJECT *algobj = NULL;
ASN1_OCTET_STRING *octet = NULL;
void *pval = NULL;
unsigned char *buf=NULL,*databuf,*sptr;
int i,j,data_len,ret=0;
- int ptype;
+ int ptype = V_ASN1_UNDEF;
DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
- if (pk->save_parameters) {
+ if (pk->save_parameters)
+ {
ASN1_STRING *params = encode_gost_algor_params(pk);
pval = params;
ptype = V_ASN1_SEQUENCE;
- }
+ }
data_len = BN_num_bytes(dsa->pub_key);
databuf = OPENSSL_malloc(data_len);
BN_bn2bin(dsa->pub_key,databuf);
ASN1_STRING_set(octet,NULL,data_len);
sptr = ASN1_STRING_data(octet);
for (i=0,j=data_len-1; i< data_len;i++,j--)
- {
+ {
sptr[i]=databuf[j];
- }
+ }
OPENSSL_free(databuf);
ret = i2d_ASN1_OCTET_STRING(octet,&buf);
ASN1_BIT_STRING_free(octet);
if (ret <0) return 0;
return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
-}
+ }
+
static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub)
-{
+ {
X509_ALGOR *palg = NULL;
const unsigned char *pubkey_buf = NULL;
unsigned char *databuf;
const EC_GROUP *group;
if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,
- &palg, pub)) return 0;
+ &palg, pub)) return 0;
EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);
if (!decode_gost_algor_params(pk,palg)) return 0;
group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);
if (!octet)
- {
+ {
GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE);
return 0;
- }
+ }
databuf = OPENSSL_malloc(octet->length);
for (i=0,j=octet->length-1;i<octet->length;i++,j--)
- {
+ {
databuf[j]=octet->data[i];
- }
- if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc) {
+ }
+ if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc)
+ {
X= getbnfrombuf(databuf,octet->length/2);
Y= getbnfrombuf(databuf+(octet->length/2),octet->length/2);
- } else {
+ }
+ else
+ {
Y= getbnfrombuf(databuf,octet->length/2);
X= getbnfrombuf(databuf+(octet->length/2),octet->length/2);
- }
+ }
OPENSSL_free(databuf);
pub_key = EC_POINT_new(group);
if (!EC_POINT_set_affine_coordinates_GFp(group
- ,pub_key,X,Y,NULL))
- {
+ ,pub_key,X,Y,NULL))
+ {
GOSTerr(GOST_F_PUB_DECODE_GOST01,
- ERR_R_EC_LIB);
+ ERR_R_EC_LIB);
return 0;
- }
+ }
BN_free(X);
BN_free(Y);
if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk),pub_key))
- {
+ {
GOSTerr(GOST_F_PUB_DECODE_GOST01,
- ERR_R_EC_LIB);
+ ERR_R_EC_LIB);
return 0;
- }
+ }
/*EC_POINT_free(pub_key);*/
return 1;
-}
+ }
+
static int pub_encode_gost01(X509_PUBKEY *pub,const EVP_PKEY *pk)
-{
+ {
ASN1_OBJECT *algobj = NULL;
ASN1_OCTET_STRING *octet = NULL;
void *pval = NULL;
const EC_POINT *pub_key;
BIGNUM *X,*Y,*order;
const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
- int ptype;
+ int ptype = V_ASN1_UNDEF;
algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
- if (pk->save_parameters) {
+ if (pk->save_parameters)
+ {
ASN1_STRING *params = encode_gost_algor_params(pk);
pval = params;
ptype = V_ASN1_SEQUENCE;
- }
+ }
order = BN_new();
EC_GROUP_get_order(EC_KEY_get0_group(ec),order,NULL);
pub_key=EC_KEY_get0_public_key(ec);
- if (!pub_key) {
+ if (!pub_key)
+ {
GOSTerr(GOST_F_PUB_ENCODE_GOST01,
- GOST_R_PUBLIC_KEY_UNDEFINED);
+ GOST_R_PUBLIC_KEY_UNDEFINED);
return 0;
- }
+ }
X=BN_new();
Y=BN_new();
EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
BN_free(order);
databuf = OPENSSL_malloc(data_len);
memset(databuf,0,data_len);
- if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc) {
+ if (EVP_PKEY_base_id(pk) == NID_id_GostR3410_2001_cc)
+ {
store_bignum(X,databuf,data_len/2);
store_bignum(Y,databuf+data_len/2,data_len/2);
- } else {
+ }
+ else
+ {
store_bignum(X,databuf+data_len/2,data_len/2);
store_bignum(Y,databuf,data_len/2);
- }
+ }
BN_free(X);
BN_free(Y);
octet = ASN1_OCTET_STRING_new();
ASN1_STRING_set(octet,NULL,data_len);
sptr=ASN1_STRING_data(octet);
- for (i=0,j=data_len-1;i<data_len;i++,j--) {
+ for (i=0,j=data_len-1;i<data_len;i++,j--)
+ {
sptr[i]=databuf[j];
- }
+ }
OPENSSL_free(databuf);
ret = i2d_ASN1_OCTET_STRING(octet,&buf);
ASN1_BIT_STRING_free(octet);
if (ret <0) return 0;
return X509_PUBKEY_set0_param(pub,algobj,ptype,pval,buf,ret);
-}
+ }
+
static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
-{
+ {
const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
if (da && db && da->pub_key && db->pub_key
- && !BN_cmp(da->pub_key,db->pub_key)) {
- return 1;
- }
+ && !BN_cmp(da->pub_key,db->pub_key))
+ {
+ return 1;
+ }
return 0;
-}
+ }
+
static int pub_cmp_gost01(const EVP_PKEY *a,const EVP_PKEY *b)
-{
+ {
const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
const EC_POINT *ka,*kb;
if (!ka || !kb) return 0;
ret = (0==EC_POINT_cmp(EC_KEY_get0_group(ea),ka,kb,NULL)) ;
return ret;
-}
+ }
+
static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx)
-{
+ {
const BIGNUM *key;
if (!BIO_indent(out,indent,128)) return 0;
key = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key;
if (!key) return 0;
BN_print(out,key);
return 1;
-}
+ }
+
static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx)
-{
+ {
return 0;
-}
+ }
+
static int pkey_size_gost(const EVP_PKEY *pk)
-{
+ {
return 64;
-}
+ }
+
static int pkey_bits_gost(const EVP_PKEY *pk)
-{
+ {
return 256;
-}
+ }
+
/* ----------------------------------------------------------------------*/
-int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info) {
+int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info)
+ {
*ameth = EVP_PKEY_asn1_new(nid,
- ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
+ ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
if (!*ameth) return 0;
- switch (nid) {
+ switch (nid)
+ {
case NID_id_GostR3410_94_cc:
case NID_id_GostR3410_94:
EVP_PKEY_asn1_set_free (*ameth, pkey_free_gost94);
EVP_PKEY_asn1_set_ctrl (*ameth, pkey_ctrl_gost);
break;
- }
+ }
return 1;
-}
+ }
#include <stdio.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "gost_asn1.h"
+#include "gost_lcl.h"
ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = {
ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO),
+++ /dev/null
-/**********************************************************************
- * gost_keytrans.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * ASN1 structure declaration for GOST key transport *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#ifndef GOST_KEY_TRANS_H
-#define GOST_KEY_TRANS_H
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-
-typedef struct {
- ASN1_OCTET_STRING *encrypted_key;
- ASN1_OCTET_STRING *imit;
-} GOST_KEY_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
-
-typedef struct {
- ASN1_OBJECT *cipher;
- X509_PUBKEY *ephem_key;
- ASN1_OCTET_STRING *eph_iv;
-} GOST_KEY_AGREEMENT_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
-
-typedef struct {
- GOST_KEY_INFO *key_info;
- GOST_KEY_AGREEMENT_INFO *key_agreement_info;
-} GOST_KEY_TRANSPORT;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-
-typedef struct { //FIXME incomplete
- GOST_KEY_TRANSPORT *gkt;
-} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
-typedef struct {
- ASN1_OBJECT *key_params;
- ASN1_OBJECT *hash_params;
- ASN1_OBJECT *cipher_params;
-} GOST_KEY_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
-
-typedef struct {
- ASN1_OCTET_STRING *iv;
- ASN1_OBJECT *enc_param_set;
-} GOST_CIPHER_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
-
-#endif
/**********************************************************************
-* gost_crypt.c *
-* Copyright (c) 2005-2006 Cryptocom LTD *
-* This file is distributed under the same license as OpenSSL *
-* *
-* OpenSSL interface to GOST 28147-89 cipher functions *
-* Requires OpenSSL 0.9.9 for compilation *
-**********************************************************************/
+ * gost_crypt.c *
+ * Copyright (c) 2005-2006 Cryptocom LTD *
+ * This file is distributed under the same license as OpenSSL *
+ * *
+ * OpenSSL interface to GOST 28147-89 cipher functions *
+ * Requires OpenSSL 0.9.9 for compilation *
+ **********************************************************************/
#include <string.h>
-#include "crypt.h"
#include "gost89.h"
#include <openssl/rand.h>
#include "e_gost_err.h"
-#include "gost_asn1.h"
+#include "gost_lcl.h"
static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
+ const unsigned char *iv, int enc);
#ifdef USE_SSL
/* Specialized init functions which set specific parameters */
static int gost_cipher_init_vizir(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
+ const unsigned char *iv, int enc);
static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
+ const unsigned char *iv, int enc);
#endif
/* Handles block of data in CFB mode */
static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, unsigned int inl);
/* Handles block of data in CNT mode */
static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
+ const unsigned char *in, unsigned int inl);
/* Cleanup function */
static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
/* set/get cipher parameters */
EVP_CIPHER cipher_gost =
{
- NID_id_Gost28147_89,
- 1,/*block_size*/
- 32,/*key_size*/
- 8,/*iv_len - ñèÃõðîïîñûëêà */
- EVP_CIPH_CFB_MODE| EVP_CIPH_NO_PADDING |
- EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
- gost_cipher_init,
- gost_cipher_do_cfb,
- gost_cipher_cleanup,
- sizeof(struct ossl_gost_cipher_ctx),/* ctx_size */
- gost89_set_asn1_parameters,
- gost89_get_asn1_parameters,
- gost_cipher_ctl,
- NULL,
+ NID_id_Gost28147_89,
+ 1,/*block_size*/
+ 32,/*key_size*/
+ 8,/*iv_len - ñèÃõðîïîñûëêà */
+ EVP_CIPH_CFB_MODE| EVP_CIPH_NO_PADDING |
+ EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+ gost_cipher_init,
+ gost_cipher_do_cfb,
+ gost_cipher_cleanup,
+ sizeof(struct ossl_gost_cipher_ctx),/* ctx_size */
+ gost89_set_asn1_parameters,
+ gost89_get_asn1_parameters,
+ gost_cipher_ctl,
+ NULL,
};
#ifdef USE_SSL
static EVP_CIPHER cipher_gost_vizircfb =
{
- NID_undef,
- 1,/*block_size*/
- 32,/*key_size*/
- 8,/*iv_len - ñèÃõðîïîñûëêà */
- EVP_CIPH_CFB_MODE| EVP_CIPH_NO_PADDING |
- EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
- gost_cipher_init_vizir,
- gost_cipher_do_cfb,
- gost_cipher_cleanup,
- sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
- gost89_set_asn1_parameters,
- gost89_get_asn1_parameters,
- gost_cipher_ctl,
- NULL,
+ NID_undef,
+ 1,/*block_size*/
+ 32,/*key_size*/
+ 8,/*iv_len - ñèÃõðîïîñûëêà */
+ EVP_CIPH_CFB_MODE| EVP_CIPH_NO_PADDING |
+ EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+ gost_cipher_init_vizir,
+ gost_cipher_do_cfb,
+ gost_cipher_cleanup,
+ sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
+ gost89_set_asn1_parameters,
+ gost89_get_asn1_parameters,
+ gost_cipher_ctl,
+ NULL,
};
static EVP_CIPHER cipher_gost_cpacnt =
{
- NID_undef,
- 1,/*block_size*/
- 32,/*key_size*/
- 8,/*iv_len - ñèÃõðîïîñûëêà */
- EVP_CIPH_OFB_MODE| EVP_CIPH_NO_PADDING |
- EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
- gost_cipher_init_cpa,
- gost_cipher_do_cnt,
- gost_cipher_cleanup,
- sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
- gost89_set_asn1_parameters,
- gost89_get_asn1_parameters,
- gost_cipher_ctl,
- NULL,
+ NID_undef,
+ 1,/*block_size*/
+ 32,/*key_size*/
+ 8,/*iv_len - ñèÃõðîïîñûëêà */
+ EVP_CIPH_OFB_MODE| EVP_CIPH_NO_PADDING |
+ EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+ gost_cipher_init_cpa,
+ gost_cipher_do_cnt,
+ gost_cipher_cleanup,
+ sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
+ gost89_set_asn1_parameters,
+ gost89_get_asn1_parameters,
+ gost_cipher_ctl,
+ NULL,
};
/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
/* Init functions which set specific parameters */
#endif
/*
-* Correspondence between gost parameter OIDs and substitution blocks
-* NID field is filed by register_gost_NID function in engine.c
-* upon engine initialization
-*/
+ * Correspondence between gost parameter OIDs and substitution blocks
+ * NID field is filed by register_gost_NID function in engine.c
+ * upon engine initialization
+ */
-struct gost_cipher_info gost_cipher_list[]={
+struct gost_cipher_info gost_cipher_list[]=
+ {
/* NID */ /* Subst block */ /* Key meshing*/
/*{NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},*/
-{NID_id_Gost28147_89_cc,&GostR3411_94_CryptoProParamSet,0},
-{NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1},
-{NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
-{NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
-{NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
-{NID_undef,NULL,0}
-};
+ {NID_id_Gost28147_89_cc,&GostR3411_94_CryptoProParamSet,0},
+ {NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1},
+ {NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
+ {NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
+ {NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
+ {NID_undef,NULL,0}
+ };
/* get encryption parameters from crypto network settings
-FIXME For now we use environment var CRYPT_PARAMS as place to
-store these settings. Actually, it is better to use engine control command, read from configuration file to set them */
-const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj) {
-int nid;
-struct gost_cipher_info *param;
-if (!obj) {
- const char * params = getenv("CRYPT_PARAMS");
- if (!params || !strlen(params))
- return &gost_cipher_list[0];
-
- nid = OBJ_txt2nid(params);
- if (nid == NID_undef) {
- GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
+ FIXME For now we use environment var CRYPT_PARAMS as place to
+ store these settings. Actually, it is better to use engine control command, read from configuration file to set them */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj)
+ {
+ int nid;
+ struct gost_cipher_info *param;
+ if (!obj)
+ {
+ const char * params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
+ if (!params || !strlen(params))
+ return &gost_cipher_list[0];
+
+ nid = OBJ_txt2nid(params);
+ if (nid == NID_undef)
+ {
+ GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
GOST_R_INVALID_CIPHER_PARAM_OID);
+ return NULL;
+ }
+ }
+ else
+ {
+ nid= OBJ_obj2nid(obj);
+ }
+ for (param=gost_cipher_list;param->sblock!=NULL && param->nid!=nid;
+ param++);
+ if (!param->sblock)
+ {
+ GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,GOST_R_INVALID_CIPHER_PARAMS);
return NULL;
- }
-} else {
- nid= OBJ_obj2nid(obj);
-}
-for (param=gost_cipher_list;param->sblock!=NULL && param->nid!=nid;
- param++);
-if (!param->sblock) {
- GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,GOST_R_INVALID_CIPHER_PARAMS);
- return NULL;
-
-}
-return param;
-
-}
+ }
+ return param;
+ }
+
/* Sets cipher param from paramset NID. */
-int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c,int nid) {
-const struct gost_cipher_info *param;
-param=get_encryption_params((nid==NID_undef?NULL:OBJ_nid2obj(nid)));
-if (!param) return 0;
+int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c,int nid)
+ {
+ const struct gost_cipher_info *param;
+ param=get_encryption_params((nid==NID_undef?NULL:OBJ_nid2obj(nid)));
+ if (!param) return 0;
-c->paramNID = param->nid;
-c->key_meshing=param->key_meshing;
-c->count=0;
-gost_init(&(c->cctx), param->sblock);
-return 1;
-}
+ c->paramNID = param->nid;
+ c->key_meshing=param->key_meshing;
+ c->count=0;
+ gost_init(&(c->cctx), param->sblock);
+ return 1;
+ }
+
/* Initializes EVP_CIPHER_CTX by paramset NID */
static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc, int paramNID,int mode) {
-struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
-if (!gost_cipher_set_param(c,paramNID)) return 0;
-if (key) gost_key(&(c->cctx),key);
-if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
-return 1;
-}
+ const unsigned char *iv, int enc, int paramNID,int mode)
+ {
+ struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+ if (ctx->app_data == NULL)
+ {
+ if (!gost_cipher_set_param(c,paramNID)) return 0;
+ ctx->app_data = ctx->cipher_data;
+ }
+ if (key) gost_key(&(c->cctx),key);
+ if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ return 1;
+ }
/* Initializes EVP_CIPHER_CTX with fixed cryptopro A paramset */
int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc) {
-struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
-gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
-c->key_meshing=1;
-c->count=0;
-gost_key(&(c->cctx),key);
-if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
-return 1;
-}
+ const unsigned char *iv, int enc)
+ {
+ struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+ gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
+ c->key_meshing=1;
+ c->count=0;
+ gost_key(&(c->cctx),key);
+ if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ return 1;
+ }
+
/* Initializes EVP_CIPHER_CTX with fixed vizir paramset */
int gost_cipher_init_vizir(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc) {
-struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
-gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
-c->key_meshing=0;
-c->count=0;
-gost_key(&(c->cctx),key);
-
-if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
-return 1;
-}
+ const unsigned char *iv, int enc)
+ {
+ struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+ gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
+ c->key_meshing=0;
+ c->count=0;
+ gost_key(&(c->cctx),key);
+
+ if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ return 1;
+ }
/* Initializes EVP_CIPHER_CTX with default values */
int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc) {
-return gost_cipher_init_param(ctx,key,iv,enc,NID_undef,EVP_CIPH_CFB_MODE);
-}
+ const unsigned char *iv, int enc)
+ {
+ return gost_cipher_init_param(ctx,key,iv,enc,NID_undef,EVP_CIPH_CFB_MODE);
+ }
/* Wrapper around gostcrypt function from gost89.c which perform
-* key meshing when nesseccary
-*/
-static void gost_crypt_mesh (void *ctx,unsigned char *iv,unsigned char *buf) {
+ * key meshing when nesseccary
+ */
+static void gost_crypt_mesh (void *ctx,unsigned char *iv,unsigned char *buf)
+ {
struct ossl_gost_cipher_ctx *c = ctx;
- if (c->count&&c->key_meshing && c->count%1024==0) {
+ if (c->count&&c->key_meshing && c->count%1024==0)
+ {
cryptopro_key_meshing(&(c->cctx),iv);
- }
+ }
gostcrypt(&(c->cctx),iv,buf);
c->count+=8;
-}
-
-static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf) {
-struct ossl_gost_cipher_ctx *c = ctx;
-word32 g,go;
-unsigned char buf1[8];
-if (c->count && c->key_meshing && c->count %1024 ==0) {
- cryptopro_key_meshing(&(c->cctx),iv);
-}
-if (c->count==0) {
-gostcrypt(&(c->cctx),iv,buf1);
-} else {
- memcpy(buf1,iv,8);
-}
+ }
+
+static void gost_cnt_next (void *ctx, unsigned char *iv, unsigned char *buf)
+ {
+ struct ossl_gost_cipher_ctx *c = ctx;
+ word32 g,go;
+ unsigned char buf1[8];
+ if (c->count && c->key_meshing && c->count %1024 ==0)
+ {
+ cryptopro_key_meshing(&(c->cctx),iv);
+ }
+ if (c->count==0)
+ {
+ gostcrypt(&(c->cctx),iv,buf1);
+ }
+ else
+ {
+ memcpy(buf1,iv,8);
+ }
g = buf1[0]|(buf1[1]<<8)|(buf1[2]<<16)|(buf1[3]<<24);
g += 0x01010101;
buf1[0]=g&0xff; buf1[1]=(g>>8)&0xff; buf1[2]=(g>>16)&0xff; buf1[3]=(g>>24)&0xff;
buf1[4]=g&0xff; buf1[5]=(g>>8)&0xff; buf1[6]=(g>>16)&0xff; buf1[7]=(g>>24)&0xff;
memcpy(iv,buf1,8);
gostcrypt(&(c->cctx),buf1,buf);
-c->count +=8;
-}
+ c->count +=8;
+ }
/* GOST encryption in CFB mode */
int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl) {
-const unsigned char *in_ptr=in;
-unsigned char *out_ptr=out;
-int i=0;
-int j;
-/* process partial block if any */
-if (ctx->num)
-{
- for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++)
+ const unsigned char *in, unsigned int inl)
{
- if (!ctx->encrypt) ctx->buf[j+8]=*in_ptr;
- *out_ptr=ctx->buf[j]^(*in_ptr);
- if (ctx->encrypt) ctx->buf[j+8]=*out_ptr;
- }
- if (j==8) {
- memcpy(ctx->iv,ctx->buf+8,8);
- ctx->num=0;
- } else {
- ctx->num=j;
- return 1;
- }
-}
-
-for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8) {
- /*block cipher current iv */
- gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
- /*xor next block of input text with it and output it*/
- /*output this block */
- if (!ctx->encrypt) memcpy(ctx->iv,in_ptr,8);
- for (j=0;j<8;j++) {
+ const unsigned char *in_ptr=in;
+ unsigned char *out_ptr=out;
+ int i=0;
+ int j=0;
+/* process partial block if any */
+ if (ctx->num)
+ {
+ for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++)
+ {
+ if (!ctx->encrypt) ctx->buf[j+8]=*in_ptr;
+ *out_ptr=ctx->buf[j]^(*in_ptr);
+ if (ctx->encrypt) ctx->buf[j+8]=*out_ptr;
+ }
+ if (j==8)
+ {
+ memcpy(ctx->iv,ctx->buf+8,8);
+ ctx->num=0;
+ }
+ else
+ {
+ ctx->num=j;
+ return 1;
+ }
+ }
+
+ for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8)
+ {
+ /*block cipher current iv */
+ gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
+ /*xor next block of input text with it and output it*/
+ /*output this block */
+ if (!ctx->encrypt) memcpy(ctx->iv,in_ptr,8);
+ for (j=0;j<8;j++)
+ {
out_ptr[j]=ctx->buf[j]^in_ptr[j];
- }
- /* Encrypt */
- /* Next iv is next block of cipher text*/
- if (ctx->encrypt) memcpy(ctx->iv,out_ptr,8);
-}
+ }
+ /* Encrypt */
+ /* Next iv is next block of cipher text*/
+ if (ctx->encrypt) memcpy(ctx->iv,out_ptr,8);
+ }
/* Process rest of buffer */
-if (i<inl) {
- gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
- if (!ctx->encrypt) memcpy(ctx->buf+8,in_ptr,j);
- for (j=0;i<inl;j++,i++) {
+ if (i<inl)
+ {
+ gost_crypt_mesh(ctx->cipher_data,ctx->iv,ctx->buf);
+ if (!ctx->encrypt) memcpy(ctx->buf+8,in_ptr,j);
+ for (j=0;i<inl;j++,i++)
+ {
out_ptr[j]=ctx->buf[j]^in_ptr[j];
- }
- ctx->num = j;
- if (ctx->encrypt) memcpy(ctx->buf+8,out_ptr,j);
-} else {
- ctx->num = 0;
-}
-return 1;
-}
+ }
+ ctx->num = j;
+ if (ctx->encrypt) memcpy(ctx->buf+8,out_ptr,j);
+ }
+ else
+ {
+ ctx->num = 0;
+ }
+ return 1;
+ }
+
int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl) {
-const unsigned char *in_ptr=in;
-unsigned char *out_ptr=out;
-int i=0;
-int j;
-/* process partial block if any */
-if (ctx->num)
-{
- for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++)
+ const unsigned char *in, unsigned int inl)
{
- *out_ptr=ctx->buf[j]^(*in_ptr);
- }
- if (j==8) {
- ctx->num=0;
- } else {
- ctx->num=j;
- return 1;
- }
-}
-
-for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8) {
- /*block cipher current iv */
- /* Encrypt */
- gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
- /*xor next block of input text with it and output it*/
- /*output this block */
- for (j=0;j<8;j++) {
+ const unsigned char *in_ptr=in;
+ unsigned char *out_ptr=out;
+ int i=0;
+ int j;
+/* process partial block if any */
+ if (ctx->num)
+ {
+ for (j=ctx->num,i=0;j<8 && i<inl;j++,i++,in_ptr++,out_ptr++)
+ {
+ *out_ptr=ctx->buf[j]^(*in_ptr);
+ }
+ if (j==8)
+ {
+ ctx->num=0;
+ }
+ else
+ {
+ ctx->num=j;
+ return 1;
+ }
+ }
+
+ for (;i+8<inl;i+=8,in_ptr+=8,out_ptr+=8)
+ {
+ /*block cipher current iv */
+ /* Encrypt */
+ gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
+ /*xor next block of input text with it and output it*/
+ /*output this block */
+ for (j=0;j<8;j++)
+ {
out_ptr[j]=ctx->buf[j]^in_ptr[j];
- }
-}
+ }
+ }
/* Process rest of buffer */
-if (i<inl) {
- gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
- for (j=0;i<inl;j++,i++) {
+ if (i<inl)
+ {
+ gost_cnt_next(ctx->cipher_data,ctx->iv,ctx->buf);
+ for (j=0;i<inl;j++,i++)
+ {
out_ptr[j]=ctx->buf[j]^in_ptr[j];
- }
- ctx->num = j;
-} else {
- ctx->num = 0;
-}
-return 1;
-}
+ }
+ ctx->num = j;
+ }
+ else
+ {
+ ctx->num = 0;
+ }
+ return 1;
+ }
+
/* Cleaning up of EVP_CIPHER_CTX */
int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
-{
-gost_destroy((gost_ctx *)ctx->cipher_data);
-return 1;
+ {
+ gost_destroy((gost_ctx *)ctx->cipher_data);
+ ctx->app_data = NULL;
+ return 1;
+ }
-}
/* Control function for gost cipher */
int gost_cipher_ctl(EVP_CIPHER_CTX *ctx,int type,int arg,void *ptr)
-{
-switch (type)
-{
- case EVP_CTRL_RAND_KEY:
- {
- if (RAND_bytes((unsigned char *)ptr,ctx->key_len)<=0)
- {
- GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_RANDOM_GENERATOR_ERROR);
- return -1;
- }
- break;
+ {
+ switch (type)
+ {
+ case EVP_CTRL_RAND_KEY:
+ {
+ if (RAND_bytes((unsigned char *)ptr,ctx->key_len)<=0)
+ {
+ GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_RANDOM_GENERATOR_ERROR);
+ return -1;
}
- default:
- GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
+ break;
+ }
+ default:
+ GOSTerr(GOST_F_GOST_CIPHER_CTL,GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
return -1;
-}
-return 1;
-}
+ }
+ return 1;
+ }
/* Set cipher parameters from ASN1 structure */
int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params)
-{
-int len=0;
-unsigned char *buf=NULL;
-unsigned char *p=NULL;
-struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
-GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
-ASN1_OCTET_STRING *os = NULL;
-if (!gcp) {
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
-}
-if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
- GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
-}
-ASN1_OBJECT_free(gcp->enc_param_set);
-gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
-
-len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
-p = buf = (unsigned char*)OPENSSL_malloc(len);
-if (!buf) {
+ {
+ int len=0;
+ unsigned char *buf=NULL;
+ unsigned char *p=NULL;
+ struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+ GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
+ ASN1_OCTET_STRING *os = NULL;
+ if (!gcp)
+ {
+ GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+ return 0;
+ }
+ if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len))
+ {
+ GOST_CIPHER_PARAMS_free(gcp);
+ GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+ return 0;
+ }
+ ASN1_OBJECT_free(gcp->enc_param_set);
+ gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
+
+ len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
+ p = buf = (unsigned char*)OPENSSL_malloc(len);
+ if (!buf)
+ {
+ GOST_CIPHER_PARAMS_free(gcp);
+ GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+ return 0;
+ }
+ i2d_GOST_CIPHER_PARAMS(gcp, &p);
GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
-}
-i2d_GOST_CIPHER_PARAMS(gcp, &p);
-GOST_CIPHER_PARAMS_free(gcp);
-os = ASN1_OCTET_STRING_new();
+ os = ASN1_OCTET_STRING_new();
-if(!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
+ if(!os || !ASN1_OCTET_STRING_set(os, buf, len))
+ {
+ OPENSSL_free(buf);
+ GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+ return 0;
+ }
OPENSSL_free(buf);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
-}
-OPENSSL_free(buf);
-
-ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
-return 1;
-}
+
+ ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
+ return 1;
+ }
+
/* Store parameters into ASN1 structure */
int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params)
-{
-int ret = -1;
-int len;
-GOST_CIPHER_PARAMS *gcp = NULL;
-unsigned char *p = params->value.sequence->data;
-struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
-if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
- return ret;
-}
-
-gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
+ {
+ int ret = -1;
+ int len;
+ GOST_CIPHER_PARAMS *gcp = NULL;
+ unsigned char *p = params->value.sequence->data;
+ struct ossl_gost_cipher_ctx *c=ctx->cipher_data;
+ if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
+ {
+ return ret;
+ }
+
+ gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
params->value.sequence->length);
-len = gcp->iv->length;
-if (len != ctx->cipher->iv_len) {
- GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
+ len = gcp->iv->length;
+ if (len != ctx->cipher->iv_len)
+ {
+ GOST_CIPHER_PARAMS_free(gcp);
+ GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
GOST_R_INVALID_IV_LENGTH);
- return -1;
-}
-if (!gost_cipher_set_param(c,OBJ_obj2nid(gcp->enc_param_set))) {
- GOST_CIPHER_PARAMS_free(gcp);
- return -1;
-}
-memcpy(ctx->oiv, gcp->iv->data, len);
+ return -1;
+ }
+ if (!gost_cipher_set_param(c,OBJ_obj2nid(gcp->enc_param_set)))
+ {
+ GOST_CIPHER_PARAMS_free(gcp);
+ return -1;
+ }
+ memcpy(ctx->oiv, gcp->iv->data, len);
-GOST_CIPHER_PARAMS_free(gcp);
+ GOST_CIPHER_PARAMS_free(gcp);
-return 1;
-
-}
+ return 1;
+ }
#ifdef USE_SSL
-int gost_imit_init_vizir(EVP_MD_CTX *ctx) {
-struct ossl_gost_imit_ctx *c = ctx->md_data;
-memset(c,0,sizeof(struct ossl_gost_imit_ctx));
-gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
-return 1;
-}
-int gost_imit_init_cpa(EVP_MD_CTX *ctx) {
-struct ossl_gost_imit_ctx *c = ctx->md_data;
-memset(c,0,sizeof(struct ossl_gost_imit_ctx));
-c->key_meshing=1;
-gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
-return 1;
-}
+int gost_imit_init_vizir(EVP_MD_CTX *ctx)
+ {
+ struct ossl_gost_imit_ctx *c = ctx->md_data;
+ memset(c,0,sizeof(struct ossl_gost_imit_ctx));
+ gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
+ return 1;
+ }
+
+int gost_imit_init_cpa(EVP_MD_CTX *ctx)
+ {
+ struct ossl_gost_imit_ctx *c = ctx->md_data;
+ memset(c,0,sizeof(struct ossl_gost_imit_ctx));
+ c->key_meshing=1;
+ gost_init(&(c->cctx),&Gost28147_CryptoProParamSetA);
+ return 1;
+ }
static void mac_block_mesh(struct ossl_gost_imit_ctx *c,unsigned char *data)
-{
+ {
char buffer[8];
/* We are using local buffer for iv because CryptoPro doesn't
* interpret internal state of MAC algorithm as iv during keymeshing
* (but does initialize internal state from iv in key transport
*/
- if (c->key_meshing&& c->count && c->count %1024 ==0) {
+ if (c->key_meshing&& c->count && c->count %1024 ==0)
+ {
cryptopro_key_meshing(&(c->cctx),buffer);
- }
+ }
mac_block(&(c->cctx),c->buffer,data);
c->count +=8;
-}
+ }
-int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+ {
struct ossl_gost_imit_ctx *c = ctx->md_data;
const unsigned char *p = data;
size_t bytes = count,i;
if (!(c->key_set)) return 0;
- if (c->bytes_left) {
- for (i=c->bytes_left;i<8&&bytes>0;bytes--,i++,p++) {
+ if (c->bytes_left)
+ {
+ for (i=c->bytes_left;i<8&&bytes>0;bytes--,i++,p++)
+ {
c->partial_block[i]=*p;
- }
- if (i==8) {
+ }
+ if (i==8)
+ {
mac_block_mesh(c,c->partial_block);
- } else {
+ }
+ else
+ {
c->bytes_left = i;
return 1;
- }
- }
- while (bytes>8) {
+ }
+ }
+ while (bytes>8)
+ {
mac_block_mesh(c,p);
p+=8;
bytes-=8;
- }
- if (bytes>0) {
+ }
+ if (bytes>0)
+ {
memcpy(c->partial_block,p,bytes);
c->bytes_left=bytes;
- }
+ }
return 1;
-}
+ }
-int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md) {
+int gost_imit_final(EVP_MD_CTX *ctx,unsigned char *md)
+ {
struct ossl_gost_imit_ctx *c = ctx->md_data;
- if (c->bytes_left) {
+ if (c->bytes_left)
+ {
int i;
- for (i=c->bytes_left;i<8;i++) {
+ for (i=c->bytes_left;i<8;i++)
+ {
c->partial_block[i]=0;
- }
+ }
mac_block_mesh(c,c->partial_block);
- }
+ }
get_mac(c->buffer,32,md);
return 1;
-}
-int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int arg, void *ptr) {
- switch (type) {
- case EVP_MD_CTRL_GET_TLS_MAC_KEY_LENGTH:
- *((unsigned int*)(ptr)) = 32;
- return 1;
- case EVP_MD_CTRL_SET_KEY:
- {
- gost_key(&(((struct ossl_gost_imit_ctx*)(ctx->md_data))->cctx),ptr) ;
- ((struct ossl_gost_imit_ctx*)(ctx->md_data))->key_set = 1;
+ }
+
+int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int arg, void *ptr)
+ {
+ switch (type)
+ {
+ case EVP_MD_CTRL_GET_TLS_MAC_KEY_LENGTH:
+ *((unsigned int*)(ptr)) = 32;
+ return 1;
+ case EVP_MD_CTRL_SET_KEY:
+ {
+ gost_key(&(((struct ossl_gost_imit_ctx*)(ctx->md_data))->cctx),ptr) ;
+ ((struct ossl_gost_imit_ctx*)(ctx->md_data))->key_set = 1;
}
- default:
- return 0;
- }
-}
-int gost_imit_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from) {
+ default:
+ return 0;
+ }
+ }
+
+int gost_imit_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
+ {
memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_imit_ctx));
return 1;
-}
+ }
+
/* Clean up imit ctx */
-int gost_imit_cleanup(EVP_MD_CTX *ctx) {
+int gost_imit_cleanup(EVP_MD_CTX *ctx)
+ {
memset(ctx->md_data,0,sizeof(struct ossl_gost_imit_ctx));
return 1;
-
-}
+ }
+
#endif
--- /dev/null
+/**********************************************************************
+ * gost_ctl.c *
+ * Copyright (c) 2005-2006 Cryptocom LTD *
+ * This file is distributed under the same license as OpenSSL *
+ * *
+ * Implementation of control commands for GOST engine *
+ * OpenSSL 0.9.9 libraries required *
+ **********************************************************************/
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/engine.h>
+#include "gost_lcl.h"
+
+static char *gost_params[GOST_PARAM_MAX+1]={NULL};
+static const char *gost_envnames[]={"CRYPT_PARAMS"};
+const ENGINE_CMD_DEFN gost_cmds[]=
+ {
+/* { GOST_CTRL_RNG,
+ "RNG",
+ "Type of random number generator to use",
+ ENGINE_CMD_FLAG_STRING
+ },
+ { GOST_CTRL_RNG_PARAMS,
+ "RNG_PARAMS",
+ "Parameter for random number generator",
+ ENGINE_CMD_FLAG_STRING
+ },
+*/ { GOST_CTRL_CRYPT_PARAMS,
+ "CRYPT_PARAMS",
+ "OID of default GOST 28147-89 parameters",
+ ENGINE_CMD_FLAG_STRING
+ },
+{0,NULL,NULL,0}
+ };
+
+
+int gost_control_func(ENGINE *e,int cmd,long i, void *p, void (*f)(void))
+ {
+ int param = cmd-ENGINE_CMD_BASE;
+ int ret=0;
+ if (param <0 || param >GOST_PARAM_MAX) return -1;
+ ret=gost_set_default_param(param,p);
+ return ret;
+ }
+
+const char *get_gost_engine_param(int param)
+ {
+ char *tmp;
+ if (param <0 || param >GOST_PARAM_MAX) return NULL;
+ if (gost_params[param]!=NULL)
+ {
+ return gost_params[param];
+ }
+ tmp = getenv(gost_envnames[param]);
+ if (tmp)
+ {
+ gost_params[param] = strdup(tmp);
+ return gost_params[param];
+ }
+ return NULL;
+ }
+
+int gost_set_default_param(int param, const char *value)
+ {
+ const char *tmp;
+ if (param <0 || param >GOST_PARAM_MAX) return 0;
+ tmp = getenv(gost_envnames[param]);
+ /* if there is value in the environment, use it, else -passed string * */
+ if (!tmp) tmp=value;
+ if (gost_params[param]) free(gost_params[param]);
+ gost_params[param] = strdup(tmp);
+
+ return 1;
+ }
/**********************************************************************
- * engine.c *
+ * gost_eng.c *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
#include <openssl/engine.h>
#include <openssl/obj_mac.h>
#include "e_gost_err.h"
-#include "md.h"
-#include "crypt.h"
-#include "meth.h"
-
+#include "gost_lcl.h"
static const char *engine_gost_id = "gost";
static const char *engine_gost_name = "Reference implementation of GOST engine";
/* Symmetric cipher and digest function registrar */
static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
+ const int **nids, int nid);
static int gost_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int ind);
+ const int **nids, int ind);
static int gost_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth,
- const int **nids, int nid);
+ const int **nids, int nid);
static int gost_pkey_asn1_meths (ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
- const int **nids, int nid);
+ const int **nids, int nid);
static int gost_cipher_nids[] =
{NID_id_Gost28147_89, 0};
static int gost_pkey_meth_nids[] =
{NID_id_GostR3410_94_cc, NID_id_GostR3410_94, NID_id_GostR3410_2001_cc,
- NID_id_GostR3410_2001, 0};
+ NID_id_GostR3410_2001, 0};
static EVP_PKEY_METHOD *pmeth_GostR3410_94_cc = NULL, *pmeth_GostR3410_94 = NULL,
*pmeth_GostR3410_2001_cc = NULL, *pmeth_GostR3410_2001 = NULL;
*ameth_GostR3410_2001_cc = NULL, *ameth_GostR3410_2001 = NULL;
-static int gost_engine_init(ENGINE *e) {
+static int gost_engine_init(ENGINE *e)
+ {
return 1;
-}
-static int gost_engine_finish(ENGINE *e) {
+ }
+
+static int gost_engine_finish(ENGINE *e)
+ {
return 1;
-}
+ }
-static int gost_engine_destroy(ENGINE *e) {
+static int gost_engine_destroy(ENGINE *e)
+ {
return 1;
-}
+ }
-static int bind_gost (ENGINE *e,const char *id) {
+static int bind_gost (ENGINE *e,const char *id)
+ {
int ret = 0;
if (id && strcmp(id, engine_gost_id)) return 0;
- if (!ENGINE_set_id(e, engine_gost_id)) {
+ if (!ENGINE_set_id(e, engine_gost_id))
+ {
printf("ENGINE_set_id failed\n");
goto end;
- }
- if (!ENGINE_set_name(e, engine_gost_name)) {
+ }
+ if (!ENGINE_set_name(e, engine_gost_name))
+ {
printf("ENGINE_set_name failed\n");
goto end;
- }
- if (!ENGINE_set_digests(e, gost_digests)) {
+ }
+ if (!ENGINE_set_digests(e, gost_digests))
+ {
printf("ENGINE_set_digests failed\n");
goto end;
- }
- if (! ENGINE_set_ciphers(e, gost_ciphers)) {
+ }
+ if (! ENGINE_set_ciphers(e, gost_ciphers))
+ {
printf("ENGINE_set_ciphers failed\n");
goto end;
- }
- if (! ENGINE_set_pkey_meths(e, gost_pkey_meths)) {
+ }
+ if (! ENGINE_set_pkey_meths(e, gost_pkey_meths))
+ {
printf("ENGINE_set_pkey_meths failed\n");
goto end;
- }
- if (! ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) {
+ }
+ if (! ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths))
+ {
printf("ENGINE_set_pkey_asn1_meths failed\n");
goto end;
- }
+ }
+ /* Control function and commands */
+ if (!ENGINE_set_cmd_defns(e,gost_cmds))
+ {
+ fprintf(stderr,"ENGINE_set_cmd_defns failed\n");
+ goto end;
+ }
+ if (!ENGINE_set_ctrl_function(e,gost_control_func))
+ {
+ fprintf(stderr,"ENGINE_set_ctrl_func failed\n");
+ goto end;
+ }
if ( ! ENGINE_set_destroy_function(e, gost_engine_destroy)
|| ! ENGINE_set_init_function(e,gost_engine_init)
- || ! ENGINE_set_finish_function(e,gost_engine_finish)) goto end;
-
-
+ || ! ENGINE_set_finish_function(e,gost_engine_finish))
+ {
+ goto end;
+ }
if (!register_ameth_gost(NID_id_GostR3410_94_cc, &ameth_GostR3410_94_cc, "GOST94CC", "GOST R 34.10-94, Cryptocom LTD implementation")) goto end;
if (!register_ameth_gost(NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94", "GOST R 34.10-94")) goto end;
/* These two actually should go in LIST_ADD command */
|| ! EVP_add_cipher(&cipher_gost)
|| ! EVP_add_digest(&digest_gost)
- ) goto end;
+ )
+ {
+ goto end;
+ }
ERR_load_GOST_strings();
ret = 1;
-end:
+ end:
return ret;
-}
+ }
#ifdef _WIN32
extern __declspec( dllexport )
IMPLEMENT_DYNAMIC_CHECK_FN();
//#else
-static ENGINE *engine_gost(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_gost(ret, engine_gost_id))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_gost(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_gost();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
//#endif /* OPENSSL_NO_DYNAMIC_ENGINE */
static int gost_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid)
-{
+ const int **nids, int nid)
+ {
int ok =1 ;
- if (!digest) {
+ if (!digest)
+ {
*nids = gost_digest_nids;
return 1;
- }
- //printf("Digest no %d requested\n",nid);
- if(nid == NID_id_GostR3411_94) {
- *digest = &digest_gost;
- } else {
- ok =0;
- *digest = NULL;
+ }
+ //printf("Digest no %d requested\n",nid);
+ if(nid == NID_id_GostR3411_94)
+ {
+ *digest = &digest_gost;
+ }
+ else
+ {
+ ok =0;
+ *digest = NULL;
}
return ok;
-}
+ }
static int gost_ciphers (ENGINE *e,const EVP_CIPHER **cipher,
- const int **nids, int nid) {
+ const int **nids, int nid)
+ {
int ok = 1;
- if (!cipher) {
+ if (!cipher)
+ {
*nids = gost_cipher_nids;
return 1; /* Only one cipher supported */
- }
+ }
- if(nid == NID_id_Gost28147_89) {
- *cipher = &cipher_gost;
- } else {
+ if(nid == NID_id_Gost28147_89)
+ {
+ *cipher = &cipher_gost;
+ }
+ else
+ {
ok = 0;
*cipher = NULL;
- }
+ }
return ok;
-}
+ }
static int gost_pkey_meths (ENGINE *e, EVP_PKEY_METHOD **pmeth,
- const int **nids, int nid)
-{
- if (!pmeth) {
+ const int **nids, int nid)
+ {
+ if (!pmeth)
+ {
*nids = gost_pkey_meth_nids;
return 4;
- }
+ }
- switch (nid) {
- case NID_id_GostR3410_94_cc: *pmeth = pmeth_GostR3410_94_cc; return 1;
- case NID_id_GostR3410_94: *pmeth = pmeth_GostR3410_94; return 1;
- case NID_id_GostR3410_2001_cc: *pmeth = pmeth_GostR3410_2001_cc; return 1;
- case NID_id_GostR3410_2001: *pmeth = pmeth_GostR3410_2001; return 1;
- default:;
- }
+ switch (nid)
+ {
+ case NID_id_GostR3410_94_cc: *pmeth = pmeth_GostR3410_94_cc; return 1;
+ case NID_id_GostR3410_94: *pmeth = pmeth_GostR3410_94; return 1;
+ case NID_id_GostR3410_2001_cc: *pmeth = pmeth_GostR3410_2001_cc; return 1;
+ case NID_id_GostR3410_2001: *pmeth = pmeth_GostR3410_2001; return 1;
+ default:;
+ }
*pmeth = NULL;
return 0;
-}
+ }
static int gost_pkey_asn1_meths (ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
- const int **nids, int nid)
-{
- if (!ameth) {
+ const int **nids, int nid)
+ {
+ if (!ameth)
+ {
*nids = gost_pkey_meth_nids;
return 4;
- }
- switch (nid) {
- case NID_id_GostR3410_94_cc: *ameth = ameth_GostR3410_94_cc; return 1;
- case NID_id_GostR3410_94: *ameth = ameth_GostR3410_94; return 1;
- case NID_id_GostR3410_2001_cc: *ameth = ameth_GostR3410_2001_cc; return 1;
- case NID_id_GostR3410_2001: *ameth = ameth_GostR3410_2001; return 1;
- default:;
- }
+ }
+ switch (nid)
+ {
+ case NID_id_GostR3410_94_cc: *ameth = ameth_GostR3410_94_cc; return 1;
+ case NID_id_GostR3410_94: *ameth = ameth_GostR3410_94; return 1;
+ case NID_id_GostR3410_2001_cc: *ameth = ameth_GostR3410_2001_cc; return 1;
+ case NID_id_GostR3410_2001: *ameth = ameth_GostR3410_2001; return 1;
+ default:;
+ }
*ameth = NULL;
return 0;
-}
+ }
+
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_gost(void)
+ {
+ ENGINE *ret = ENGINE_new();
+ if (!ret)
+ return NULL;
+ if (!bind_gost(ret,engine_gost_id))
+ {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+ }
+
+void ENGINE_load_gost(void)
+ {
+ ENGINE *toadd =engine_gost();
+ if (!toadd) return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+ }
+#endif
+
**********************************************************************/
#include <string.h>
#include "gost89.h"
-#include "keywrap.h"
+#include "gost_keywrap.h"
/* Diversifies key using random UserKey Material
* Implements RFC 4357 p 6.5 key diversification algorithm
*
*/
void keyDiversifyCryptoPro(gost_ctx *ctx,const unsigned char *inputKey, const unsigned char *ukm, unsigned char *outputKey)
-{
+ {
u4 k,s1,s2;
int i,j,mask;
unsigned char S[8];
memcpy(outputKey,inputKey,32);
- for (i=0;i<8;i++) {
+ for (i=0;i<8;i++)
+ {
/* Make array of integers from key */
/* Compute IV S*/
s1=0,s2=0;
- for (j=0,mask=1;j<8;j++,mask<<=1) {
+ for (j=0,mask=1;j<8;j++,mask<<=1)
+ {
k=((u4)outputKey[4*j])|(outputKey[4*j+1]<<8)|
(outputKey[4*j+2]<<16)|(outputKey[4*j+3]<<24);
- if (mask & ukm[i]) {
+ if (mask & ukm[i])
+ {
s1+=k;
- } else {
+ }
+ else
+ {
s2+=k;
+ }
}
- }
S[0]=s1&0xff; S[1]=(s1>>8)&0xff; S[2]=(s1>>16)&0xff; S[3]=(s1>>24)&0xff;
S[4]=s2&0xff; S[5]=(s2>>8)&0xff; S[6]=(s2>>16)&0xff; S[7]=(s2>>24)&0xff;
gost_key(ctx,outputKey);
gost_enc_cfb(ctx,S,outputKey,outputKey,4);
- }
-}
+ }
+ }
/*
int keyWrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey, const unsigned char *ukm,
const unsigned char *sessionKey, unsigned char *wrappedKey)
-{
+ {
unsigned char kek_ukm[32];
keyDiversifyCryptoPro(ctx,keyExchangeKey,ukm,kek_ukm);
gost_key(ctx,kek_ukm);
gost_enc(ctx,sessionKey,wrappedKey+8,4);
gost_mac_iv(ctx,32,ukm,sessionKey,32,wrappedKey+40);
return 1;
-}
+ }
/*
* Unwraps key using RFC 4357 6.4
* ctx - gost encryption context, initialized with some S-boxes
*/
int keyUnwrapCryptoPro(gost_ctx *ctx,const unsigned char *keyExchangeKey,
- const unsigned char *wrappedKey, unsigned char *sessionKey)
-{
+ const unsigned char *wrappedKey, unsigned char *sessionKey)
+ {
unsigned char kek_ukm[32],cek_mac[4];
keyDiversifyCryptoPro(ctx,keyExchangeKey,wrappedKey
- /* First 8 bytes of wrapped Key is ukm */
- ,kek_ukm);
+ /* First 8 bytes of wrapped Key is ukm */
+ ,kek_ukm);
gost_key(ctx,kek_ukm);
gost_dec(ctx,wrappedKey+8,sessionKey,4);
gost_mac_iv(ctx,32,wrappedKey,sessionKey,32,cek_mac);
- if (memcmp(cek_mac,wrappedKey+40,4)) {
- return 0;
- }
+ if (memcmp(cek_mac,wrappedKey+40,4))
+ {
+ return 0;
+ }
return 1;
-}
+ }
/**********************************************************************
- * keywrap.c *
+ * gost_keywrap.h *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
--- /dev/null
+#ifndef GOST_TOOLS_H
+#define GOST_TOOLS_H
+/**********************************************************************
+ * gost_lcl.h *
+ * Copyright (c) 2006 Cryptocom LTD *
+ * This file is distributed under the same license as OpenSSL *
+ * *
+ * Internal declarations used in GOST engine *
+ * OpenSSL 0.9.9 libraries required to compile and use *
+ * this code *
+ **********************************************************************/
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/dsa.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/engine.h>
+#include <openssl/ec.h>
+#include <unistd.h>
+#include "gost89.h"
+#include "gosthash.h"
+/* Control commands */
+#define GOST_PARAM_CRYPT_PARAMS 0
+#define GOST_PARAM_MAX 0
+#define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
+
+ extern const ENGINE_CMD_DEFN gost_cmds[];
+ int gost_control_func(ENGINE *e,int cmd, long i, void *p, void (*f)(void));
+ const char *get_gost_engine_param(int param);
+ int gost_set_default_param(int param, const char *value);
+
+/* method registration */
+
+ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info);
+ int register_pmeth_gost (int id, EVP_PKEY_METHOD **pmeth, int flags);
+
+/* Gost-specific pmeth control-function parameters */
+#define param_ctrl_string "paramset"
+#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
+/* Pmeth internal representation */
+ struct gost_pmeth_data {
+ int sign_param_nid; /* Should be set whenever parameters are filled */
+ EVP_PKEY *eph_seckey;
+ EVP_MD *md;
+ };
+/* GOST-specific ASN1 structures */
+
+
+typedef struct {
+ ASN1_OCTET_STRING *encrypted_key;
+ ASN1_OCTET_STRING *imit;
+} GOST_KEY_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
+
+typedef struct {
+ ASN1_OBJECT *cipher;
+ X509_PUBKEY *ephem_key;
+ ASN1_OCTET_STRING *eph_iv;
+} GOST_KEY_AGREEMENT_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
+
+typedef struct {
+ GOST_KEY_INFO *key_info;
+ GOST_KEY_AGREEMENT_INFO *key_agreement_info;
+} GOST_KEY_TRANSPORT;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
+
+typedef struct { //FIXME incomplete
+ GOST_KEY_TRANSPORT *gkt;
+} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+typedef struct {
+ ASN1_OBJECT *key_params;
+ ASN1_OBJECT *hash_params;
+ ASN1_OBJECT *cipher_params;
+} GOST_KEY_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+
+typedef struct {
+ ASN1_OCTET_STRING *iv;
+ ASN1_OBJECT *enc_param_set;
+} GOST_CIPHER_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+/*============== Message digest and cipher related structures ==========*/
+ /* Structure used as EVP_MD_CTX-md_data.
+ * It allows to avoid storing in the md-data pointers to
+ * dynamically allocated memory.
+ *
+ * I cannot invent better way to avoid memory leaks, because
+ * openssl insist on invoking Init on Final-ed digests, and there
+ * is no reliable way to find out whether pointer in the passed
+ * md_data is valid or not.
+ * */
+struct ossl_gost_digest_ctx {
+ gost_hash_ctx dctx;
+ gost_ctx cctx;
+};
+/* EVP_MD structure for GOST R 34.11 */
+extern EVP_MD digest_gost;
+
+/* Cipher context used for EVP_CIPHER operation */
+struct ossl_gost_cipher_ctx {
+ int paramNID;
+ off_t count;
+ int key_meshing;
+ gost_ctx cctx;
+};
+/* Structure to map parameter NID to S-block */
+struct gost_cipher_info {
+ int nid;
+ gost_subst_block *sblock;
+ int key_meshing;
+};
+#ifdef USE_SSL
+/* Context for MAC */
+struct ossl_gost_imit_ctx {
+ gost_ctx cctx;
+ unsigned char buffer[8];
+ unsigned char partial_block[8];
+ off_t count;
+ int key_meshing;
+ int bytes_left;
+ int key_set;
+};
+#endif
+/* Table which maps parameter NID to S-blocks */
+extern struct gost_cipher_info gost_cipher_list[];
+/* Find encryption params from ASN1_OBJECT */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
+/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
+extern EVP_CIPHER cipher_gost;
+#ifdef USE_SSL
+#define EVP_MD_FLAG_NEEDS_KEY 0x20
+#define EVP_MD_CTRL_GET_TLS_MAC_KEY_LENGTH (EVP_MD_CTRL_ALG_CTRL+1)
+#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+2)
+/* Ciphers and MACs specific for GOST TLS draft */
+extern EVP_CIPHER cipher_gost_vizircfb;
+extern EVP_CIPHER cipher_gost_cpacnt;
+extern EVP_MD imit_gost_vizir;
+extern EVP_MD imit_gost_cpa;
+#endif
+/* EVP_PKEY_METHOD key encryption callbacks */
+/* From gost94_keyx.c */
+int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
+int pkey_GOST94cc_encrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * key,size_t key_len);
+
+int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
+int pkey_GOST94cc_decrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * in,size_t in_len);
+/* From gost2001_keyx.c */
+int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
+int pkey_GOST01cc_encrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * key,size_t key_len);
+
+int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
+int pkey_GOST01cc_decrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * in,size_t in_len);
+
+/* Internal functions to make error processing happy */
+int decrypt_cryptocom_key(unsigned char *sess_key,int max_key_len,
+ const unsigned char *crypted_key,int crypted_key_len, gost_ctx *ctx);
+int encrypt_cryptocom_key(const unsigned char *sess_key,int key_len,
+ unsigned char *crypted_key, gost_ctx *ctx);
+/* Internal functions for signature algorithms */
+int fill_GOST94_params(DSA *dsa,int nid);
+int fill_GOST2001_params(EC_KEY *eckey, int nid);
+int gost_sign_keygen(DSA *dsa) ;
+int gost2001_keygen(EC_KEY *ec) ;
+
+DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa) ;
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey);
+
+int gost_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa) ;
+int gost2001_do_verify(const unsigned char *dgst,int dgst_len,
+ DSA_SIG *sig, EC_KEY *ec);
+int gost2001_compute_public(EC_KEY *ec) ;
+int gost94_compute_public(DSA *dsa) ;
+/*============== miscellaneous functions============================= */
+/* from gost_sign.c */
+/* Convert GOST R 34.11 hash sum to bignum according to standard */
+BIGNUM *hashsum2bn(const unsigned char *dgst) ;
+/* Store bignum in byte array of given length, prepending by zeros
+ * if nesseccary */
+int store_bignum(BIGNUM *bn, unsigned char *buf,int len);
+/* Read bignum, which can have few MSB all-zeros from buffer*/
+BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len);
+/* Pack GOST R 34.10 signature according to CryptoCom rules */
+int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen);
+/* Pack GOST R 34.10 signature according to CryptoPro rules */
+int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen);
+/* Unpack GOST R 34.10 signature according to CryptoCom rules */
+DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen) ;
+/* Unpack GOST R 34.10 signature according to CryptoPro rules */
+DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen) ;
+/* from ameth.c */
+/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/
+BIGNUM* gost_get_priv_key(const EVP_PKEY *pkey) ;
+/* Find NID by GOST 94 parameters */
+int gost94_nid_by_params(DSA *p) ;
+
+
+#endif
* Requires OpenSSL 0.9.9 for compilation *
**********************************************************************/
#include <string.h>
-#include "md.h"
+#include "gost_lcl.h"
#include "gosthash.h"
#include "e_gost_err.h"
static int gost_digest_cleanup(EVP_MD_CTX *ctx);
EVP_MD digest_gost=
-{
- NID_id_GostR3411_94,
- NID_undef,
- 32,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
- gost_digest_init,
- gost_digest_update,
- gost_digest_final,
- gost_digest_copy,
- gost_digest_cleanup,
- NULL,
- NULL,
- {NID_undef,NID_undef,0,0,0},
- 32,
- sizeof(struct ossl_gost_digest_ctx ),
- NULL
-};
+ {
+ NID_id_GostR3411_94,
+ NID_undef,
+ 32,
+ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+ gost_digest_init,
+ gost_digest_update,
+ gost_digest_final,
+ gost_digest_copy,
+ gost_digest_cleanup,
+ NULL,
+ NULL,
+ {NID_undef,NID_undef,0,0,0},
+ 32,
+ sizeof(struct ossl_gost_digest_ctx ),
+ NULL
+ };
int gost_digest_init(EVP_MD_CTX *ctx)
-{
+ {
struct ossl_gost_digest_ctx *c = ctx->md_data;
memset(&(c->dctx),0,sizeof(gost_hash_ctx));
gost_init(&(c->cctx),&GostR3411_94_CryptoProParamSet);
c->dctx.cipher_ctx= &(c->cctx);
return 1;
-}
+ }
int gost_digest_update(EVP_MD_CTX *ctx,const void *data,size_t count)
-{
+ {
return hash_block((gost_hash_ctx *)ctx->md_data,data,count);
-}
+ }
int gost_digest_final(EVP_MD_CTX *ctx,unsigned char *md)
-{
+ {
return finish_hash((gost_hash_ctx *)ctx->md_data,md);
-}
+ }
int gost_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
-{
- memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_digest_ctx));
- return 1;
-}
+ {
+ memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_digest_ctx));
+ return 1;
+ }
-int gost_digest_cleanup(EVP_MD_CTX *ctx) {
+int gost_digest_cleanup(EVP_MD_CTX *ctx)
+ {
memset(ctx->md_data,0,sizeof(struct ossl_gost_digest_ctx));
return 1;
-}
+ }
* OpenSSL 0.9.9 libraries required to compile and use *
* this code *
**********************************************************************/
-#include "paramset.h"
+#include "gost_params.h"
#include <openssl/objects.h>
/* Parameters of GOST 34.10 */
/**********************************************************************
- * paramset.h *
+ * gost_params.h *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
/**********************************************************************
- * pmeth.c *
+ * gost_pmeth.c *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
-#include "meth.h"
-#include "pmeth.h"
-#include "sign.h"
-#include "gostkeyx.h"
-#include "paramset.h"
-#include "tools.h"
+#include "gost_params.h"
+#include "gost_lcl.h"
#include "e_gost_err.h"
/*-------init, cleanup, copy - uniform for all algs ---------------*/
/* Allocates new gost_pmeth_data structure and assigns it as data */
-static int pkey_gost_init(EVP_PKEY_CTX *ctx) {
+static int pkey_gost_init(EVP_PKEY_CTX *ctx)
+ {
struct gost_pmeth_data *data;
data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
if (!data) return 0;
memset(data,0,sizeof(struct gost_pmeth_data));
EVP_PKEY_CTX_set_data(ctx,data);
return 1;
-}
+ }
+
/* Copies contents of gost_pmeth_data structure */
static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
+ {
struct gost_pmeth_data *dst_data,*src_data;
- if (!pkey_gost_init(dst)) {
+ if (!pkey_gost_init(dst))
+ {
return 0;
- }
+ }
src_data = EVP_PKEY_CTX_get_data(src);
dst_data = EVP_PKEY_CTX_get_data(dst);
*dst_data = *src_data;
- if (src_data -> eph_seckey) {
+ if (src_data -> eph_seckey)
+ {
dst_data ->eph_seckey = NULL;
- }
+ }
return 1;
-}
+ }
+
/* Frees up gost_pmeth_data structure */
-static void pkey_gost_cleanup (EVP_PKEY_CTX *ctx) {
+static void pkey_gost_cleanup (EVP_PKEY_CTX *ctx)
+ {
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
if (data->eph_seckey) EVP_PKEY_free(data->eph_seckey);
OPENSSL_free(data);
-}
+ }
+
/* --------------------- control functions ------------------------------*/
static int pkey_gost_ctrl (EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
+ {
struct gost_pmeth_data *pctx = (struct gost_pmeth_data*)EVP_PKEY_CTX_get_data(ctx);
switch (type)
- {
+ {
case EVP_PKEY_CTRL_MD:
+ {
+ if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94)
{
- if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) {
- GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
- return 0;
- }
- pctx->md = (EVP_MD *)p2;
- return 1;
+ GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
+ return 0;
}
- break;
+ pctx->md = (EVP_MD *)p2;
+ return 1;
+ }
+ break;
case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT:
case EVP_PKEY_CTRL_PKCS7_SIGN:
- return 1;
+ return 1;
case EVP_PKEY_CTRL_GOST_PARAMSET:
pctx->sign_param_nid = (int)p1;
- pctx->crypt_param_nid= (int)p2;
return 1;
- }
+ }
return -2;
-}
+ }
-static int pkey_gost_ctrl94cc_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
- if(!strcmp(type, param_ctrl_string)) {
+static int pkey_gost_ctrl94cc_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+ {
+ if(!strcmp(type, param_ctrl_string))
+ {
return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- NID_id_GostR3410_94_CryptoPro_A_ParamSet,
- (void *)NID_id_Gost28147_89_cc);
- }
+ NID_id_GostR3410_94_CryptoPro_A_ParamSet,
+ NULL);
+ }
return -2;
-}
+ }
-static int pkey_gost_ctrl01cc_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
- if(!strcmp(type, param_ctrl_string)) {
+static int pkey_gost_ctrl01cc_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+ {
+ if(!strcmp(type, param_ctrl_string))
+ {
return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- NID_id_GostR3410_2001_ParamSet_cc,
- (void *)
- NID_id_Gost28147_89_cc);
- }
+ NID_id_GostR3410_2001_ParamSet_cc,NULL);
+ }
return -2;
-}
-static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
+ }
+
+static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+ {
int param_nid=0;
- if(!strcmp(type, param_ctrl_string)) {
- if (!value) {
+ if(!strcmp(type, param_ctrl_string))
+ {
+ if (!value)
+ {
return 0;
- }
- if (strlen(value) == 1) {
- switch(toupper(value[0])) {
+ }
+ if (strlen(value) == 1)
+ {
+ switch(toupper(value[0]))
+ {
case 'A':
param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
break;
default:
return 0;
break;
+ }
}
- } else if ((strlen(value) == 2) && (toupper(value[0]) == 'X')) {
- switch (toupper(value[1])) {
+ else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+ {
+ switch (toupper(value[1]))
+ {
case 'A':
param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
break;
default:
return 0;
break;
+ }
}
- } else {
+ else
+ {
R3410_params *p = R3410_paramset;
param_nid = OBJ_txt2nid(value);
- if (param_nid == NID_undef) {
+ if (param_nid == NID_undef)
+ {
return 0;
- }
- for (;p->nid != NID_undef;p++) {
+ }
+ for (;p->nid != NID_undef;p++)
+ {
if (p->nid == param_nid) break;
- }
- if (p->nid == NID_undef) {
+ }
+ if (p->nid == NID_undef)
+ {
GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR,
- GOST_R_INVALID_PARAMSET);
+ GOST_R_INVALID_PARAMSET);
return 0;
+ }
}
- }
- return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- param_nid, (void *)NID_id_Gost28147_89_CryptoPro_A_ParamSet);
- }
+ return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+ param_nid, NULL);
+ }
return -2;
-}
+ }
-static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
+static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
+ const char *type, const char *value)
+ {
int param_nid=0;
- if(!strcmp(type, param_ctrl_string)) {
- if (!value) {
+ if(!strcmp(type, param_ctrl_string))
+ {
+ if (!value)
+ {
return 0;
- }
- if (strlen(value) == 1) {
- switch(toupper(value[0])) {
+ }
+ if (strlen(value) == 1)
+ {
+ switch(toupper(value[0]))
+ {
case 'A':
param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
break;
default:
return 0;
break;
+ }
}
- } else if ((strlen(value) == 2) && (toupper(value[0]) == 'X')) {
- switch (toupper(value[1])) {
+ else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+ {
+ switch (toupper(value[1]))
+ {
case 'A':
param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
break;
default:
return 0;
break;
+ }
}
- } else {
+ else
+ {
R3410_2001_params *p = R3410_2001_paramset;
param_nid = OBJ_txt2nid(value);
- if (param_nid == NID_undef) {
+ if (param_nid == NID_undef)
+ {
return 0;
- }
- for (;p->nid != NID_undef;p++) {
+ }
+ for (;p->nid != NID_undef;p++)
+ {
if (p->nid == param_nid) break;
- }
- if (p->nid == NID_undef) {
+ }
+ if (p->nid == NID_undef)
+ {
GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR,
- GOST_R_INVALID_PARAMSET);
+ GOST_R_INVALID_PARAMSET);
return 0;
+ }
}
- }
- return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- param_nid, (void *)NID_id_Gost28147_89_CryptoPro_A_ParamSet);
- }
+ return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+ param_nid, NULL);
+ }
return -2;
-}
+ }
+
/* --------------------- key generation --------------------------------*/
/* Generates GOST 94 key and assigns it setting specified type */
static int pkey_gost94_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey,int type)
-{
+ {
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
DSA *dsa=NULL;
- if (data->sign_param_nid == NID_undef) {
- if (type== NID_id_GostR3410_94_cc) {
+ if (data->sign_param_nid == NID_undef)
+ {
+ if (type== NID_id_GostR3410_94_cc)
+ {
data->sign_param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
- } else {
+ }
+ else
+ {
GOSTerr(GOST_F_PKEY_GOST94_KEYGEN,
- GOST_R_NO_PARAMETERS_SET);
+ GOST_R_NO_PARAMETERS_SET);
return 0;
- }
- }
+ }
+ }
dsa = DSA_new();
- if (!fill_GOST94_params(dsa,data->sign_param_nid)) {
+ if (!fill_GOST94_params(dsa,data->sign_param_nid))
+ {
DSA_free(dsa);
return 0;
- }
+ }
gost_sign_keygen(dsa);
EVP_PKEY_assign(pkey,type,dsa);
return 1;
-}
+ }
+
/* Generates Gost_R3410_94_cc key */
-static int pkey_gost94cc_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
+static int pkey_gost94cc_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+ {
return pkey_gost94_keygen(ctx,pkey,NID_id_GostR3410_94_cc);
-}
+ }
/* Generates Gost_R3410_94_cp key */
-static int pkey_gost94cp_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
+static int pkey_gost94cp_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+ {
return pkey_gost94_keygen(ctx,pkey,NID_id_GostR3410_94);
-}
+ }
+
/* Generates GOST_R3410 2001 key and assigns it using specified type */
static int pkey_gost01_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey,int type)
-{
+ {
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
EC_KEY *ec=NULL;
- if (data->sign_param_nid == NID_undef) {
- if (type == NID_id_GostR3410_2001_cc) {
+ if (data->sign_param_nid == NID_undef)
+ {
+ if (type == NID_id_GostR3410_2001_cc)
+ {
data->sign_param_nid = NID_id_GostR3410_2001_ParamSet_cc;
- } else {
+ }
+ else {
GOSTerr(GOST_F_PKEY_GOST01_KEYGEN,
- GOST_R_NO_PARAMETERS_SET);
+ GOST_R_NO_PARAMETERS_SET);
return 0;
+ }
}
- }
ec = EC_KEY_new();
- if (!fill_GOST2001_params(ec,data->sign_param_nid)) {
+ if (!fill_GOST2001_params(ec,data->sign_param_nid))
+ {
EC_KEY_free(ec);
return 0;
- }
+ }
gost2001_keygen(ec);
EVP_PKEY_assign(pkey,type,ec);
return 1;
-}
+ }
+
/* Generates GOST R3410 2001_cc key */
-static int pkey_gost01cc_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
+static int pkey_gost01cc_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+ {
return pkey_gost01_keygen(ctx,pkey,NID_id_GostR3410_2001_cc);
-}
+ }
/* Generates GOST R3410 2001_cp key */
-static int pkey_gost01cp_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
+static int pkey_gost01cp_keygen (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+ {
return pkey_gost01_keygen(ctx,pkey,NID_id_GostR3410_2001);
-}
+ }
+
/* ----------- sign callbacks --------------------------------------*/
static int pkey_gost94_cc_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbs_len)
-{
+ {
DSA_SIG *unpacked_sig=NULL;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (!siglen) return 0;
- if (!sig)
- {
+ if (!sig)
+ {
*siglen= 64; /* better to check size of pkey->pkey.dsa-q */
return 1;
- }
+ }
unpacked_sig = gost_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
+ if (!unpacked_sig)
+ {
return 0;
+ }
+ return pack_sign_cc(unpacked_sig,32,sig,siglen);
}
- return pack_sign_cc(unpacked_sig,32,sig,siglen);
-
-
-}
static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbs_len)
-{
+ {
DSA_SIG *unpacked_sig=NULL;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (!siglen) return 0;
- if (!sig)
- {
+ if (!sig)
+ {
*siglen= 64; /* better to check size of pkey->pkey.dsa-q */
return 1;
- }
+ }
unpacked_sig = gost_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
+ if (!unpacked_sig)
+ {
return 0;
- }
+ }
return pack_sign_cp(unpacked_sig,32,sig,siglen);
-
-
-}
+ }
+
static int pkey_gost01_cc_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbs_len)
-{
+ {
DSA_SIG *unpacked_sig=NULL;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (!siglen) return 0;
- if (!sig)
- {
+ if (!sig)
+ {
*siglen= 64; /* better to check size of curve order*/
return 1;
- }
+ }
unpacked_sig = gost2001_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
+ if (!unpacked_sig)
+ {
return 0;
- }
+ }
return pack_sign_cc(unpacked_sig,32,sig,siglen);
-}
+ }
+
static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbs_len)
-{
+ {
DSA_SIG *unpacked_sig=NULL;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (!siglen) return 0;
- if (!sig)
- {
+ if (!sig)
+ {
*siglen= 64; /* better to check size of curve order*/
return 1;
- }
+ }
unpacked_sig = gost2001_do_sign(tbs,tbs_len,EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
+ if (!unpacked_sig)
+ {
return 0;
- }
+ }
return pack_sign_cp(unpacked_sig,32,sig,siglen);
-}
+ }
+
/* ------------------- verify callbacks ---------------------------*/
static int pkey_gost94_cc_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbs_len)
-{
+ {
int ok = 0;
EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
DSA_SIG *s=unpack_cc_signature(sig,siglen);
if (pub_key) ok = gost_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
DSA_SIG_free(s);
return ok;
-}
+ }
static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbs_len)
-{
+ {
int ok = 0;
EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
DSA_SIG *s=unpack_cp_signature(sig,siglen);
if (pub_key) ok = gost_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
DSA_SIG_free(s);
return ok;
-}
+ }
+
static int pkey_gost01_cc_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbs_len)
-{
+ {
int ok = 0;
EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
DSA_SIG *s=unpack_cc_signature(sig,siglen);
if (pub_key) ok = gost2001_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
DSA_SIG_free(s);
return ok;
-}
+ }
static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs, size_t tbs_len)
-{
+ {
int ok = 0;
EVP_PKEY* pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
DSA_SIG *s=unpack_cp_signature(sig,siglen);
if (pub_key) ok = gost2001_do_verify(tbs,tbs_len,s,EVP_PKEY_get0(pub_key));
DSA_SIG_free(s);
return ok;
-}
+ }
+
/* ------------- encrypt init -------------------------------------*/
/* Generates ephermeral key */
-static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
-{
+static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
+ {
struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
EVP_PKEY *eph_key = EVP_PKEY_new();
EVP_PKEY *old_key =EVP_PKEY_CTX_get0_pkey(ctx);
if (data->eph_seckey) EVP_PKEY_free(data->eph_seckey);
EVP_PKEY_assign(eph_key,EVP_PKEY_base_id(old_key),NULL);
if (!EVP_PKEY_copy_parameters(eph_key,old_key)) return 0;
- switch (EVP_PKEY_base_id(old_key)) {
- case NID_id_GostR3410_2001:
- case NID_id_GostR3410_2001_cc:
- gost2001_keygen(EVP_PKEY_get0(eph_key));
- break;
- case NID_id_GostR3410_94:
- case NID_id_GostR3410_94_cc:
- gost_sign_keygen(EVP_PKEY_get0(eph_key));
- break;
+ switch (EVP_PKEY_base_id(old_key))
+ {
+ case NID_id_GostR3410_2001:
+ case NID_id_GostR3410_2001_cc:
+ gost2001_keygen(EVP_PKEY_get0(eph_key));
+ break;
+ case NID_id_GostR3410_94:
+ case NID_id_GostR3410_94_cc:
+ gost_sign_keygen(EVP_PKEY_get0(eph_key));
+ break;
- }
+ }
data->eph_seckey=eph_key;
return 1;
-}
+ }
+
/* ----------------------------------------------------------------*/
-int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth,int flags) {
+int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth,int flags)
+ {
*pmeth = EVP_PKEY_meth_new(id, flags);
if (!*pmeth) return 0;
- switch (id) {
+ switch (id)
+ {
case NID_id_GostR3410_94_cc:
- EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_ctrl, pkey_gost_ctrl94cc_str);
+ EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_ctrl, pkey_gost_ctrl94cc_str);
EVP_PKEY_meth_set_keygen(*pmeth,NULL,pkey_gost94cc_keygen);
EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cc_sign);
EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cc_verify);
- EVP_PKEY_meth_set_encrypt(*pmeth,
+ EVP_PKEY_meth_set_encrypt(*pmeth,
pkey_gost_encrypt_init, pkey_GOST94cc_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cc_decrypt);
+ EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cc_decrypt);
break;
case NID_id_GostR3410_94:
EVP_PKEY_meth_set_ctrl(*pmeth,pkey_gost_ctrl, pkey_gost_ctrl94_str);
EVP_PKEY_meth_set_keygen(*pmeth,NULL,pkey_gost94cp_keygen);
EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
- EVP_PKEY_meth_set_encrypt(*pmeth,
+ EVP_PKEY_meth_set_encrypt(*pmeth,
pkey_gost_encrypt_init, pkey_GOST94cp_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
+ EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
break;
EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cc_keygen);
- EVP_PKEY_meth_set_encrypt(*pmeth,
+ EVP_PKEY_meth_set_encrypt(*pmeth,
pkey_gost_encrypt_init, pkey_GOST01cc_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cc_decrypt);
+ EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cc_decrypt);
break;
/* There is intentionally no break here */
case NID_id_GostR3410_2001:
EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);
- EVP_PKEY_meth_set_encrypt(*pmeth,
+ EVP_PKEY_meth_set_encrypt(*pmeth,
pkey_gost_encrypt_init, pkey_GOST01cp_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
+ EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
break;
default: //Unsupported method
return 0;
- }
+ }
EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);
//FIXME derive etc...
return 1;
-}
+ }
#include <openssl/dsa.h>
#include <openssl/evp.h>
-#include "sign.h"
-#include "paramset.h"
-#include "tools.h"
+#include "gost_params.h"
+#include "gost_lcl.h"
#include "e_gost_err.h"
-#ifdef DEBUG_SIGN
-void dump_signature(const char *message,const unsigned char *buffer,size_t len) {
- size_t i;
- fprintf(stderr,"signature %s Length=%d",message,len);
- for (i=0; i<len; i++) {
- if (i% 16 ==0) fputc('\n',stderr);
- fprintf (stderr," %02x",buffer[i]);
+#ifdef DEBUG_SIGN
+void dump_signature(const char *message,const unsigned char *buffer,size_t len)
+ {
+ size_t i;
+ fprintf(stderr,"signature %s Length=%d",message,len);
+ for (i=0; i<len; i++)
+ {
+ if (i% 16 ==0) fputc('\n',stderr);
+ fprintf (stderr," %02x",buffer[i]);
}
- fprintf(stderr,"\nEnd of signature\n");
-}
+ fprintf(stderr,"\nEnd of signature\n");
+ }
-void dump_dsa_sig(const char *message, DSA_SIG *sig) {
+void dump_dsa_sig(const char *message, DSA_SIG *sig)
+ {
fprintf(stderr,"%s\nR=",message);
BN_print_fp(stderr,sig->r);
fprintf(stderr,"\nS=");
BN_print_fp(stderr,sig->s);
fprintf(stderr,"\n");
-}
+ }
#else
/*
* Computes signature and returns it as DSA_SIG structure
*/
-DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa)
-{
+DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa)
+ {
BIGNUM *k=NULL,*tmp=NULL,*tmp2=NULL;
DSA_SIG *newsig = DSA_SIG_new();
BIGNUM *md = hashsum2bn(dgst);
/* check if H(M) mod q is zero */
BN_CTX *ctx=BN_CTX_new();
BN_CTX_start(ctx);
- if (!newsig)
- {
+ if (!newsig)
+ {
GOSTerr(GOST_F_GOST_DO_SIGN,GOST_R_NO_MEMORY);
goto err;
- }
+ }
tmp=BN_CTX_get(ctx);
k = BN_CTX_get(ctx);
tmp2 = BN_CTX_get(ctx);
BN_mod(tmp,md,dsa->q,ctx);
- if (BN_is_zero(tmp))
- {
+ if (BN_is_zero(tmp))
+ {
BN_one(md);
- }
- do {
- do {
+ }
+ do
+ {
+ do
+ {
/*Generate random number k less than q*/
BN_rand_range(k,dsa->q);
/* generate r = (a^x mod p) mod q */
BN_mod_exp(tmp,dsa->g, k, dsa->p,ctx);
if (!(newsig->r)) newsig->r=BN_new();
BN_mod(newsig->r,tmp,dsa->q,ctx);
- } while (BN_is_zero(newsig->r));
+ }
+ while (BN_is_zero(newsig->r));
/* generate s = (xr + k(Hm)) mod q */
BN_mod_mul(tmp,dsa->priv_key,newsig->r,dsa->q,ctx);
BN_mod_mul(tmp2,k,md,dsa->q,ctx);
if (!newsig->s) newsig->s=BN_new();
BN_mod_add(newsig->s,tmp,tmp2,dsa->q,ctx);
- } while (BN_is_zero(newsig->s));
-err:
+ }
+ while (BN_is_zero(newsig->s));
+ err:
BN_free(md);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return newsig;
-}
+ }
/*
* and frees up DSA_SIG structure
*/
-int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen)
-{
-
+int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
+ {
*siglen = 2*order;
memset(sig,0,*siglen);
store_bignum(s->r, sig,order);
dump_signature("serialized",sig,*siglen);
DSA_SIG_free(s);
return 1;
-}
+ }
/*
* Packs signature according to Cryptopro rules
* and frees up DSA_SIG structure
*/
-int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen)
-{
-
+int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
+ {
*siglen = 2*order;
memset(sig,0,*siglen);
store_bignum(s->s, sig, order);
dump_signature("serialized",sig,*siglen);
DSA_SIG_free(s);
return 1;
-}
-
-
-
+ }
/*
* Verifies signature passed as DSA_SIG structure
*
- */
+ */
int gost_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
-{
+ DSA_SIG *sig, DSA *dsa)
+ {
BIGNUM *md, *tmp=NULL;
BIGNUM *q2=NULL;
BIGNUM *u=NULL,*v=NULL,*z1=NULL,*z2=NULL;
BN_CTX_start(ctx);
if (BN_cmp(sig->s,dsa->q)>=1||
- BN_cmp(sig->r,dsa->q)>=1)
- {
- GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
- return 0;
- }
+ BN_cmp(sig->r,dsa->q)>=1)
+ {
+ GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+ return 0;
+ }
md=hashsum2bn(dgst);
tmp=BN_CTX_get(ctx);
u = BN_CTX_get(ctx);
BN_mod(tmp,md,dsa->q,ctx);
- if (BN_is_zero(tmp)) {
+ if (BN_is_zero(tmp))
+ {
BN_one(md);
- }
+ }
BN_copy(q2,dsa->q);
BN_sub_word(q2,2);
BN_mod_exp(v,md,q2,dsa->q,ctx);
BN_free(md);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
- if (ok!=0) {
+ if (ok!=0)
+ {
GOSTerr(GOST_F_GOST_DO_VERIFY,GOST_R_SIGNATURE_MISMATCH);
- }
+ }
return (ok==0);
-}
+ }
/*
* Computes public keys for GOST R 34.10-94 algorithm
- *
+ *
*/
int gost94_compute_public(DSA *dsa)
-{
+ {
/* Now fill algorithm parameters with correct values */
BN_CTX *ctx = BN_CTX_new();
- if (!dsa->g) {
+ if (!dsa->g)
+ {
GOSTerr(GOST_F_GOST_COMPUTE_PUBLIC,GOST_R_KEY_IS_NOT_INITALIZED);
return 0;
- }
+ }
/* Compute public key y = a^x mod p */
dsa->pub_key=BN_new();
BN_mod_exp(dsa->pub_key, dsa->g,dsa->priv_key,dsa->p,ctx);
BN_CTX_free(ctx);
return 1;
-}
+ }
/*
* Fill GOST 94 params, searching them in R3410_paramset array
* by nid of paramset
- *
- */
-int fill_GOST94_params(DSA *dsa,int nid) {
+ *
+ */
+int fill_GOST94_params(DSA *dsa,int nid)
+ {
R3410_params *params=R3410_paramset;
while (params->nid!=NID_undef && params->nid !=nid) params++;
- if (params->nid == NID_undef)
- {
+ if (params->nid == NID_undef)
+ {
GOSTerr(GOST_F_FILL_GOST94_PARAMS,GOST_R_UNSUPPORTED_PARAMETER_SET);
return 0;
- }
+ }
#define dump_signature(a,b,c)
if (dsa->p) { BN_free(dsa->p); }
dsa->p=NULL;
dsa->g=NULL;
BN_dec2bn(&(dsa->g),params->a);
return 1;
-}
+ }
/*
* Generate GOST R 34.10-94 keypair
- *
*
- */
-int gost_sign_keygen(DSA *dsa)
-{
+ *
+ */
+int gost_sign_keygen(DSA *dsa)
+ {
dsa->priv_key = BN_new();
BN_rand_range(dsa->priv_key,dsa->q);
return gost94_compute_public( dsa);
-}
+ }
+
/* Unpack signature according to cryptocom rules */
-DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen)
-{
+DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen)
+ {
DSA_SIG *s;
s = DSA_SIG_new();
- if (s == NULL) {
+ if (s == NULL)
+ {
GOSTerr(GOST_F_UNPACK_CC_SIGNATURE,GOST_R_NO_MEMORY);
return(NULL);
- }
+ }
s->r = getbnfrombuf(sig, siglen/2);
s->s = getbnfrombuf(sig + siglen/2, siglen/2);
return s;
-}
+ }
+
/* Unpack signature according to cryptopro rules */
-DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen)
-{
+DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen)
+ {
DSA_SIG *s;
s = DSA_SIG_new();
- if (s == NULL) {
+ if (s == NULL)
+ {
GOSTerr(GOST_F_UNPACK_CP_SIGNATURE,GOST_R_NO_MEMORY);
return NULL;
- }
+ }
s->s = getbnfrombuf(sig , siglen/2);
s->r = getbnfrombuf(sig + siglen/2, siglen/2);
return s;
-}
+ }
+
/* Convert little-endian byte array into bignum */
-BIGNUM *hashsum2bn(const unsigned char *dgst)
-{ unsigned char buf[32];
- int i;
- for (i=0;i<32;i++) {
- buf[31-i]=dgst[i];
- }
- return getbnfrombuf(buf,32);
-}
+BIGNUM *hashsum2bn(const unsigned char *dgst)
+ {
+ unsigned char buf[32];
+ int i;
+ for (i=0;i<32;i++)
+ {
+ buf[31-i]=dgst[i];
+ }
+ return getbnfrombuf(buf,32);
+ }
/* Convert byte buffer to bignum, skipping leading zeros*/
-BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len) {
- while (*buf==0&&len>0) {
+BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len)
+ {
+ while (*buf==0&&len>0)
+ {
buf++; len--;
- }
- if (len) {
+ }
+ if (len)
+ {
return BN_bin2bn(buf,len,NULL);
- } else {
+ }
+ else
+ {
BIGNUM *b=BN_new();
BN_zero(b);
return b;
+ }
}
-}
+
/* Pack bignum into byte buffer of given size, filling all leading bytes
* by zeros */
-int store_bignum(BIGNUM *bn, unsigned char *buf,int len) {
+int store_bignum(BIGNUM *bn, unsigned char *buf,int len)
+ {
int bytes = BN_num_bytes(bn);
if (bytes>len) return 0;
memset(buf,0,len);
BN_bn2bin(bn,buf+len-bytes);
return 1;
-}
-
+ }
/* Following functions are various bit meshing routines used in
* GOST R 34.11-94 algorithms */
static void swap_bytes (byte *w, byte *k)
-{
+ {
int i,j;
for (i=0;i<4;i++)
for (j=0;j<8;j++)
k[i+4*j]=w[8*i+j];
-}
+ }
+
/* was A_A */
static void circle_xor8 (const byte *w, byte *k)
-{
+ {
byte buf[8];
int i;
memcpy(buf,w,8);
memcpy(k,w+8,24);
for(i=0;i<8;i++)
k[i+24]=buf[i]^k[i];
-}
+ }
+
/* was R_R */
static void transform_3 (byte *data)
-{
+ {
unsigned short int acc;
acc=(data[0]^data[2]^data[4]^data[6]^data[24]^data[30])|
((data[1]^data[3]^data[5]^data[7]^data[25]^data[31])<<8);
memmove(data,data+2,30);
data[30]=acc&0xff;
data[31]=acc>>8;
-}
+ }
/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
static int add_blocks(int n,byte *left, const byte *right)
-{
- int i;
- int carry=0;
- int sum;
- for (i=0;i<n;i++)
- {
+ {
+ int i;
+ int carry=0;
+ int sum;
+ for (i=0;i<n;i++)
+ {
sum=(int)left[i]+(int)right[i]+carry;
left[i]=sum & 0xff;
carry=sum>>8;
- }
- return carry;
-}
+ }
+ return carry;
+ }
+
/* Xor two sequences of bytes */
-static void xor_blocks (byte *result,const byte *a,const byte *b,size_t len) {
+static void xor_blocks (byte *result,const byte *a,const byte *b,size_t len)
+ {
size_t i;
for (i=0;i<len;i++) result[i]=a[i]^b[i];
-}
+ }
/*
* Calculate H(i+1) = Hash(Hi,Mi)
* Where H and M are 32 bytes long
*/
static int hash_step(gost_ctx *c,byte *H,const byte *M)
-{
+ {
static byte U[32],W[32],V[32],S[32],Key[32];
int i;
/* Compute first key */
transform_3(S);
memcpy(H,S,32);
return 1;
-}
+ }
/* Initialize gost_hash ctx - cleans up temporary structures and
* set up substitution blocks
*/
-int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block) {
+int init_gost_hash_ctx(gost_hash_ctx *ctx, const gost_subst_block *subst_block)
+ {
memset(ctx,0,sizeof(gost_hash_ctx));
ctx->cipher_ctx = (gost_ctx *)MYALLOC(sizeof(gost_ctx));
- if (!ctx->cipher_ctx) {
- return 0;
- }
+ if (!ctx->cipher_ctx)
+ {
+ return 0;
+ }
gost_init(ctx->cipher_ctx,subst_block);
return 1;
-}
+ }
+
/*
* Free cipher CTX if it is dynamically allocated. Do not use
* if cipher ctx is statically allocated as in OpenSSL implementation of
*
*/
void done_gost_hash_ctx(gost_hash_ctx *ctx)
-{
+ {
/* No need to use gost_destroy, because cipher keys are not really
* secret when hashing */
MYFREE(ctx->cipher_ctx);
-}
+ }
+
/*
* reset state of hash context to begin hashing new message
*/
-int start_hash(gost_hash_ctx *ctx) {
+int start_hash(gost_hash_ctx *ctx)
+ {
if (!ctx->cipher_ctx) return 0;
memset(&(ctx->H),0,32);
memset(&(ctx->S),0,32);
ctx->len = 0L;
ctx->left=0;
return 1;
-}
+ }
+
/*
* Hash block of arbitrary length
*
*
*/
-int hash_block(gost_hash_ctx *ctx,const byte *block, size_t length) {
+int hash_block(gost_hash_ctx *ctx,const byte *block, size_t length)
+ {
const byte *curptr=block;
const byte *barrier=block+(length-32);/* Last byte we can safely hash*/
- gost_ctx *save_c = ctx->cipher_ctx;
- if (ctx->left) {
+ if (ctx->left)
+ {
/*There are some bytes from previous step*/
int add_bytes = 32-ctx->left;
- if (add_bytes>length) {
+ if (add_bytes>length)
+ {
add_bytes = length;
- }
+ }
memcpy(&(ctx->remainder[ctx->left]),block,add_bytes);
ctx->left+=add_bytes;
- if (ctx->left<32) {
+ if (ctx->left<32)
+ {
return 1;
- }
- if (ctx->left>32) {
- abort();
- }
+ }
curptr=block+add_bytes;
hash_step(ctx->cipher_ctx,ctx->H,ctx->remainder);
- if (save_c!=ctx->cipher_ctx) {
- abort();
- }
add_blocks(32,ctx->S,ctx->remainder);
- if (save_c!=ctx->cipher_ctx) {
- abort();
- }
ctx->len+=32;
ctx->left=0;
- }
+ }
while (curptr<=barrier)
- {
+ {
hash_step(ctx->cipher_ctx,ctx->H,curptr);
- if (save_c!=ctx->cipher_ctx) {
- abort();
- }
add_blocks(32,ctx->S,curptr);
- if (save_c!=ctx->cipher_ctx) {
- abort();
- }
ctx->len+=32;
curptr+=32;
- }
- if (curptr!=block+length) {
- ctx->left=block+length-curptr;
- if (ctx->left>32) {
- abort();
}
+ if (curptr!=block+length)
+ {
+ ctx->left=block+length-curptr;
memcpy(ctx->remainder,curptr,ctx->left);
- }
+ }
return 1;
-}
+ }
+
/*
* Compute hash value from current state of ctx
* state of hash ctx becomes invalid and cannot be used for further
* hashing.
*/
-int finish_hash(gost_hash_ctx *ctx,byte *hashval) {
+int finish_hash(gost_hash_ctx *ctx,byte *hashval)
+ {
byte buf[32];
byte H[32];
byte S[32];
byte *bptr;
memcpy(H,ctx->H,32);
memcpy(S,ctx->S,32);
- if (ctx->left) {
+ if (ctx->left)
+ {
memset(buf,0,32);
memcpy(buf,ctx->remainder,ctx->left);
hash_step(ctx->cipher_ctx,H,buf);
add_blocks(32,S,buf);
fin_len+=ctx->left;
- }
+ }
memset(buf,0,32);
bptr=buf;
fin_len<<=3; /* Hash length in BITS!!*/
- while(fin_len>0) {
+ while(fin_len>0)
+ {
*(bptr++)=fin_len&0xFF;
fin_len>>=8;
- };
+ };
hash_step(ctx->cipher_ctx,H,buf);
hash_step(ctx->cipher_ctx,H,S);
memcpy(hashval,H,32);
return 1;
-}
+ }
/**********************************************************************
- * gosthash.c *
+ * gosthash.h *
* Copyright (c) 2005-2006 Cryptocom LTD *
* This file is distributed under the same license as OpenSSL *
* *
+++ /dev/null
-#ifndef GOSTKEYX_H
-#define GOSTKEYX_H
-/**********************************************************************
- * gostkeyx.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of the key transport functions for GOST pkey methods *
- * *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <openssl/evp.h>
-#include "gost89.h"
-/* EVP_PKEY_METHOD callbacks */
-/* From gost94_keyx.c */
-int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
-int pkey_GOST94cc_encrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * key,size_t key_len);
-
-int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
-int pkey_GOST94cc_decrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * in,size_t in_len);
-/* From gost2001_keyx.c */
-int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* key, size_t key_len );
-int pkey_GOST01cc_encrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * key,size_t key_len);
-
-int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char* in, size_t in_len );
-int pkey_GOST01cc_decrypt (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char * in,size_t in_len);
-
-/* Internal functions to make error processing happy */
-int decrypt_cryptocom_key(unsigned char *sess_key,int max_key_len,
- const unsigned char *crypted_key,int crypted_key_len, gost_ctx *ctx);
-int encrypt_cryptocom_key(const unsigned char *sess_key,int key_len,
- unsigned char *crypted_key, gost_ctx *ctx);
-/*int compute_pair_key_le(unsigned char *pair_key,BIGNUM *pub_key,DH *dh) ;*/
-/*
- * Computes 256 bit key exchange key for CryptoCom variation of GOST 94
- * algorithm
- *//*
-int make_gost_shared_key(DH *dh,EVP_PKEY *pubk,unsigned char *shared_key) ;
-DH *make_ephemeral_key(EVP_PKEY *pubk,BIGNUM *ephemeral_key);
-int make_cp_exchange_key(DH *dh,EVP_PKEY *pubk, unsigned char *shared_key);
-*/
-#endif
+++ /dev/null
-.\" Hey, Emacs! This is an -*- nroff -*- source file.
-.TH MD5SUM 1 "29th November 1995" "Lankester et al." "Debian GNU/Linux"
-.SH NAME
-gostsum \- generates or checks GOST R34.11-94 message digests
-
-.SH SYNOPSIS
-.B gostsum
-[\-bv] [\-c [file]] | [file...]
-
-.SH DESCRIPTION
-.B gostsum
-generates or checks GOST hash sums. The algorithm to generate the
-is reasonably fast and strong enough for most cases. Exact
-specification of the algorithm is in
-.I GOST R34.11-94.
-
-Normally
-.B gostsum
-generates checksums of all files given to it as a parameter and prints
-the checksums followed by the filenames. If, however,
-.B \-c
-is specified, only one filename parameter is allowed. This file should
-contain checksums and filenames to which these checksums refer to, and
-the files listed in that file are checked against the checksums listed
-there. See option
-.B \-c
-for more information.
-
-.SS OPTIONS
-.TP
-.B \-b
-Use binary mode. In unix environment, only difference between this and
-the normal mode is an asterisk preceding the filename in the output.
-.TP
-.B \-c
-Check md5sum of all files listed in
-.I file
-against the checksum listed in the same file. The actual format of that
-file is the same as output of
-.B md5sum.
-That is, each line in the file describes a file. A line looks like:
-
-.B <hashsum> <filename>
-
-So, for example, if a file was created and its message digest calculated
-like so:
-
-.B echo foo > hash\-test\-file; gost5sum hash\-test\-file
-
-.B gost5sum
-would report:
-
-.B d3b07384d113edec49eaa6238ad5ff00\ md5\-test\-file
-
-.TP
-.B \-v
-Be more verbose. Print filenames when checking (with \-c).
-
-.TP
-.B -t
-Use test parameter set.
-.B gostsum supports two sets of parameters (which are really parameters
-of GOST 28147-89 block cipher) specified in the IETF draft
-.B draft-popov-cryptopro-cpalgs-02.txt
-By default, cryptopro paramset is used. This option enables use of test
-paramset as specified in appendices to the GOST.
-
-.SH BUGS
-
-This manpage is not quite accurate and has formatting inconsistent
-with other manpages.
-
-.B gostsum
-does not accept standard options like
-.BR \-\-help .
-
-.SH AUTHOR
-
* *
* Almost drop-in replacement for md5sum and sha1sum *
* which computes GOST R 34.11-94 hashsum instead *
- * *
- **********************************************************************/
+ * *
+ **********************************************************************/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int hash_file(gost_hash_ctx *ctx,char *filename,char *sum,int mode);
int hash_stream(gost_hash_ctx *ctx,int fd, char *sum);
int get_line(FILE *f,char *hash,char *filename);
-void help()
-{
+void help()
+ {
fprintf(stderr,"gostsum [-bvt] [-c [file]]| [files]\n"
- "\t-c check message digests (default is generate)\n"
- "\t-v verbose, print file names when checking\n"
- "\t-b read files in binary mode\n"
- "\t-t use test GOST paramset (default is CryptoPro paramset)\n"
-"The input for -c should be the list of message digests and file names\n"
-"that is printed on stdout by this program when it generates digests.\n");
-exit(3);
-}
+ "\t-c check message digests (default is generate)\n"
+ "\t-v verbose, print file names when checking\n"
+ "\t-b read files in binary mode\n"
+ "\t-t use test GOST paramset (default is CryptoPro paramset)\n"
+ "The input for -c should be the list of message digests and file names\n"
+ "that is printed on stdout by this program when it generates digests.\n");
+ exit(3);
+ }
#ifndef O_BINARY
#define O_BINARY 0
#endif
-int main(int argc,char **argv)
-{
+int main(int argc,char **argv)
+ {
int c,i;
int verbose=0;
int errors=0;
FILE *check_file = NULL;
gost_hash_ctx ctx;
- while( (c=getopt(argc,argv,"bc::tv"))!=-1)
- {
- switch (c)
+ while( (c=getopt(argc,argv,"bc::tv"))!=-1)
{
- case 'v': verbose=1; break;
- case 't': b= &GostR3411_94_TestParamSet; break;
- case 'b': open_mode |= O_BINARY; break;
- case 'c': if (optarg) {
+ switch (c)
+ {
+ case 'v': verbose=1; break;
+ case 't': b= &GostR3411_94_TestParamSet; break;
+ case 'b': open_mode |= O_BINARY; break;
+ case 'c':
+ if (optarg)
+ {
check_file = fopen(optarg,"r");
- if (!check_file) {
+ if (!check_file)
+ {
perror(optarg);
exit(2);
+ }
}
- } else {
+ else
+ {
check_file= stdin;
- }
- break;
- default:
+ }
+ break;
+ default:
fprintf(stderr,"invalid option %c",optopt);
help();
+ }
}
- }
init_gost_hash_ctx(&ctx,b);
- if (check_file)
- {
+ if (check_file)
+ {
char inhash[65],calcsum[65],filename[PATH_MAX];
int failcount=0,count=0;;
- if (check_file==stdin && optind<argc)
- {
+ if (check_file==stdin && optind<argc)
+ {
check_file=fopen(argv[optind],"r");
- if (!check_file)
- {
+ if (!check_file)
+ {
perror(argv[optind]);
exit(2);
- }
- }
- while (get_line(check_file,inhash,filename))
- {
- if (!hash_file(&ctx,filename,calcsum,open_mode)) {
- exit (2);
+ }
}
- count++;
- if (!strncmp(calcsum,inhash,65))
+ while (get_line(check_file,inhash,filename))
{
- if (verbose) {
+ if (!hash_file(&ctx,filename,calcsum,open_mode))
+ {
+ exit (2);
+ }
+ count++;
+ if (!strncmp(calcsum,inhash,65))
+ {
+ if (verbose)
+ {
fprintf(stderr,"%s\tOK\n",filename);
+ }
}
- } else {
- if (verbose) {
+ else
+ {
+ if (verbose)
+ {
fprintf(stderr,"%s\tFAILED\n",filename);
- } else {
+ }
+ else
+ {
fprintf(stderr,"%s: GOST hash sum check failed for '%s'\n",
- argv[0],filename);
- }
+ argv[0],filename);
+ }
failcount++;
+ }
}
- }
- if (verbose && failcount) {
+ if (verbose && failcount)
+ {
fprintf(stderr,"%s: %d of %d file(f) failed GOST hash sum check\n",
- argv[0],failcount,count);
- }
+ argv[0],failcount,count);
+ }
exit (failcount?1:0);
- }
- if (optind==argc) {
+ }
+ if (optind==argc)
+ {
char sum[65];
- if (!hash_stream(&ctx,fileno(stdin),sum)) {
+ if (!hash_stream(&ctx,fileno(stdin),sum))
+ {
perror("stdin");
exit(1);
- }
+ }
printf("%s -\n",sum);
exit(0);
- }
- for (i=optind;i<argc;i++) {
+ }
+ for (i=optind;i<argc;i++)
+ {
char sum[65];
- if (!hash_file(&ctx,argv[i],sum,open_mode)) {
+ if (!hash_file(&ctx,argv[i],sum,open_mode))
+ {
errors++;
- } else {
+ }
+ else
+ {
printf("%s %s\n",sum,argv[i]);
- }
- }
+ }
+ }
exit(errors?1:0);
-}
+ }
-int hash_file(gost_hash_ctx *ctx,char *filename,char *sum,int mode)
-{
+int hash_file(gost_hash_ctx *ctx,char *filename,char *sum,int mode)
+ {
int fd;
- if ((fd=open(filename,mode))<0) {
+ if ((fd=open(filename,mode))<0)
+ {
perror(filename);
return 0;
- }
- if (!hash_stream(ctx,fd,sum)) {
+ }
+ if (!hash_stream(ctx,fd,sum))
+ {
perror(filename);
return 0;
- }
+ }
close(fd);
return 1;
-}
+ }
-int hash_stream(gost_hash_ctx *ctx,int fd, char *sum)
-{
+int hash_stream(gost_hash_ctx *ctx,int fd, char *sum)
+ {
unsigned char buffer[BUF_SIZE];
ssize_t bytes;
int i;
start_hash(ctx);
- while ((bytes=read(fd,buffer,BUF_SIZE))>0) {
+ while ((bytes=read(fd,buffer,BUF_SIZE))>0)
+ {
hash_block(ctx,buffer,bytes);
- }
- if (bytes<0) {
+ }
+ if (bytes<0)
+ {
return 0;
- }
+ }
finish_hash(ctx,buffer);
- for (i=0;i<32;i++) {
- sprintf(sum+2*i,"%02x",buffer[31-i]);
- }
+ for (i=0;i<32;i++)
+ {
+ sprintf(sum+2*i,"%02x",buffer[31-i]);
+ }
return 1;
-}
+ }
-int get_line(FILE *f,char *hash,char *filename) {
+int get_line(FILE *f,char *hash,char *filename)
+ {
int i;
if (fread(hash,1,64,f)<64) return 0;
hash[64]=0;
- for (i=0;i<64;i++)
- {
+ for (i=0;i<64;i++)
+ {
if (hash[i]<'0' || (hash[i]>'9' && hash[i]<'A') || (hash[i]>'F'
- && hash[i]<'a')||hash[i]>'f')
- {
+ && hash[i]<'a')||hash[i]>'f')
+ {
fprintf(stderr,"Not a hash value '%s'\n",hash);
return 0;
- }
- }
- if (fgetc(f)!=' ') {
+ }
+ }
+ if (fgetc(f)!=' ')
+ {
fprintf(stderr,"Malformed input line\n");
return 0;
- }
+ }
i=strlen(fgets(filename,PATH_MAX,f));
while (filename[--i]=='\n'||filename[i]=='\r') filename[i]=0;
return 1;
-}
+ }
+++ /dev/null
-#ifndef GOST_MD_H
-#define GOST_MD_H
-/**********************************************************************
- * md.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of GOST R 34.11 bindings to OpenSSL *
- * *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <unistd.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include "gost89.h"
-#include "gosthash.h"
-#ifdef __cplusplus
- extern "C" {
-#endif
-
- /* Structure used as EVP_MD_CTX-md_data.
- * It allows to avoid storing in the md-data pointers to
- * dynamically allocated memory.
- *
- * I cannot invent better way to avoid memory leaks, because
- * openssl insist on invoking Init on Final-ed digests, and there
- * is no reliable way to find out whether pointer in the passed
- * md_data is valid or not.
- * */
-struct ossl_gost_digest_ctx {
- gost_hash_ctx dctx;
- gost_ctx cctx;
-};
-
-extern EVP_MD digest_gost;
-
-
-#ifdef __cplusplus
- };
-#endif
-#endif
+++ /dev/null
-#ifndef CCE_METH_H
-#define CCE_METH_H
-/**********************************************************************
- * meth.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of method registration functions *
- * *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-
-#ifdef __cplusplus
-extern "C" {
-#endif
- int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const char* pemstr, const char* info);
- int register_pmeth_gost (int id, EVP_PKEY_METHOD **pmeth, int flags);
-#ifdef __cplusplus
- };
-#endif
-
-#endif
+++ /dev/null
-#ifndef GOST_PMETH_H
-#define GOST_PMETH_H
-/**********************************************************************
- * pmeth.h *
- * Copyright (c) 2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of GOST PKEY context internal data *
- * *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-
-/* Gost-specific control-function parameters */
-#define param_ctrl_string "paramset"
-#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
-
- struct gost_pmeth_data {
- int sign_param_nid; /* Should be set whenever parameters are filled */
- int crypt_param_nid;
- EVP_PKEY *eph_seckey;
- EVP_MD *md;
- };
-
-#endif
+++ /dev/null
-#ifndef GOST_SIGN_H
-#define GOST_SIGN_H
-/**********************************************************************
- * sign.h *
- * Copyright (c) 2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of internal funtions implementing GOST R 34.10 *
- * signature and key generation *
- * OpenSSL 0.9.9 libraries required to compile and use *
- * this code *
- **********************************************************************/
-#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/ec.h>
-int fill_GOST94_params(DSA *dsa,int nid);
-int fill_GOST2001_params(EC_KEY *eckey, int nid);
-int gost_sign_keygen(DSA *dsa) ;
-int gost2001_keygen(EC_KEY *ec) ;
-
-DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa) ;
-DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey);
-
-int gost_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa) ;
-int gost2001_do_verify(const unsigned char *dgst,int dgst_len,
- DSA_SIG *sig, EC_KEY *ec);
-int gost2001_compute_public(EC_KEY *ec) ;
-int gost94_compute_public(DSA *dsa) ;
-#endif
+++ /dev/null
-#ifndef GOST_TOOLS_H
-#define GOST_TOOLS_H
-/**********************************************************************
- * sign.h *
- * Copyright (c) 2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Miscellaneous functions used in GOST engine *
- * OpenSSL 0.9.9 libraries required to compile and use *
- * this code *
- **********************************************************************/
-#include <openssl/evp.h>
-#include <openssl/dsa.h>
-
-/* from gost_sign.c */
-/* Convert GOST R 34.11 hash sum to bignum according to standard */
-BIGNUM *hashsum2bn(const unsigned char *dgst) ;
-/* Store bignum in byte array of given length, prepending by zeros
- * if nesseccary */
-int store_bignum(BIGNUM *bn, unsigned char *buf,int len);
-/* Read bignum, which can have few MSB all-zeros from buffer*/
-BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len);
-/* Pack GOST R 34.10 signature according to CryptoCom rules */
-int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen);
-/* Pack GOST R 34.10 signature according to CryptoPro rules */
-int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, unsigned int *siglen);
-/* Unpack GOST R 34.10 signature according to CryptoCom rules */
-DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen) ;
-/* Unpack GOST R 34.10 signature according to CryptoPro rules */
-DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen) ;
-/* from ameth.c */
-/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/
-BIGNUM* gost_get_priv_key(const EVP_PKEY *pkey) ;
-/* Find NID by GOST 94 parameters */
-int gost94_nid_by_params(DSA *p) ;
-
-
-#endif
projects / openssl.git / commitdiff