diff options
36 files changed, 14 insertions, 7129 deletions
@@ -4,6 +4,13 @@ Changes between 1.0.2e and 1.1.0 [xx XXX xxxx] + *) The GOST engine was out of date and therefore it has been removed. An up + to date GOST engine is now being maintained in an external repository. + See: https://wiki.openssl.org/index.php/Binaries. Libssl still retains + support for GOST ciphersuites (these are only activated if a GOST engine + is present). + [Matt Caswell] + *) EGD is no longer supported by default; use enable-egd when configuring. [Ben Kaduk and Rich Salz] @@ -1932,7 +1932,6 @@ while (<IN>) $sdirs = 0 unless /\\$/; s/fips // if (/^DIRS=/ && !$fips); s/engines // if (/^DIRS=/ && $disabled{"engine"}); - s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"}); s/^VERSION=.*/VERSION=$version/; s/^MAJOR=.*/MAJOR=$major/; s/^MINOR=.*/MINOR=$minor/; diff --git a/Makefile.in b/Makefile.in index 8dd7f1a..69e2706 100644 --- a/Makefile.in +++ b/Makefile.in @@ -132,7 +132,6 @@ FIPSCANLIB= BASEADDR= DIRS= crypto ssl engines apps test tools -ENGDIRS= ccgost SHLIBDIRS= crypto ssl INSTALL_SUBS= engines apps tools @@ -212,7 +211,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\ AS='$(CC)' ASFLAG='$(CFLAG) -c' \ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ CROSS_COMPILE='$(CROSS_COMPILE)' \ - PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ + PERL='$(PERL)' \ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ INSTALL_PREFIX='$(INSTALL_PREFIX)' \ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \ diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index 2c2353a..74cde87 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -86,9 +86,6 @@ void ENGINE_load_builtin_engines(void) ENGINE_load_padlock(); # endif # endif -# ifndef OPENSSL_NO_GOST - ENGINE_load_gost(); -# endif # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) ENGINE_load_capi(); # endif diff --git a/engines/Makefile.in b/engines/Makefile.in index b8665ff..aed9ff5 100644 --- a/engines/Makefile.in +++ b/engines/Makefile.in @@ -12,12 +12,6 @@ INCLUDES= -I../include CFLAG=-g MAKEFILE= Makefile AR= ar r -ENGDIRS= ccgost - -RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \ - (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ - $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \ - done; ENGINES_ASM_OBJ= @@ -60,7 +54,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: (cd ..; $(MAKE) DIRS=$(DIR) all) -all: lib subdirs +all: lib lib: $(LIBOBJ) $(TESTLIBOBJ) @if [ -n "$(SHARED_LIBS)" ]; then \ @@ -82,12 +76,8 @@ e_padlock-x86.s: asm/e_padlock-x86.pl e_padlock-x86_64.s: asm/e_padlock-x86_64.pl $(PERL) asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) > $@ -subdirs: - @target=all; $(RECURSIVE_MAKE) - files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @target=files; $(RECURSIVE_MAKE) # XXXXX This currently only works on systems that use .so as suffix # for shared libraries as well as for Cygwin which uses the @@ -118,27 +108,23 @@ install: mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ done; \ fi - @target=install; $(RECURSIVE_MAKE) errors: set -e; for l in $(LIBNAMES); do \ $(PERL) ../util/mkerr.pl -conf e_$$l.ec \ -nostatic -staticloader -write e_$$l.c; \ done - (cd ccgost; $(MAKE) PERL=$(PERL) errors) update: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) ) depend: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) + local_depend: @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC) clean: rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @target=clean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/Makefile.in b/engines/ccgost/Makefile.in deleted file mode 100644 index 77d552f..0000000 --- a/engines/ccgost/Makefile.in +++ /dev/null @@ -1,75 +0,0 @@ -DIR=ccgost -TOP=../.. -CC=cc -INCLUDES= -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r -CFLAGS= $(INCLUDES) $(CFLAG) -LIB=$(TOP)/libcrypto.a - -LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_pmeth.c gost_params.c - -LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_pmeth.o gost_params.o - -SRC=$(LIBSRC) - -LIBNAME=gost - -top: - (cd $(TOP); $(MAKE) DIRS=engines sub_all) - -all: lib - -errors: - $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC) - -lib: $(LIBOBJ) - if [ -n "$(SHARED_LIBS)" ]; then \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ - LIBNAME=$(LIBNAME) \ - LIBEXTRAS='$(LIBOBJ)' \ - LIBDEPS='-L$(TOP) -lcrypto' \ - link_o.$(SHLIB_TARGET); \ - else \ - $(AR) $(LIB) $(LIBOBJ); \ - fi - @touch lib - -install: - [ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - echo installing $(LIBNAME); \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ - cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \ - *DSO_DL*) sfx=".sl";; \ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - -update: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -depend: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi -local_depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll *.dylib - -# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost deleted file mode 100644 index abc5a9b..0000000 --- a/engines/ccgost/README.gost +++ /dev/null @@ -1,300 +0,0 @@ -GOST ENGINE - -This engine provides implementation of Russian cryptography standard. -This is also an example of adding new cryptoalgorithms into OpenSSL -without changing its core. If OpenSSL is compiled with dynamic engine -support, new algorithms can be added even without recompilation of -OpenSSL and applications which use it. - -ALGORITHMS SUPPORTED - -GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms. - Also support key exchange based on public keys. See RFC 4357 for - details of VKO key exchange algorithm. These algorithms use - 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for - 2001 (which is elliptic-curve based). Key exchange algorithms - (VKO R 34.10) are supported on these keys too. - -GOST R 34.11-94 Message digest algorithm. 256-bit hash value - -GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are - defined in the standard, but only CFB and CNT modes are implemented - in the engine. To make statistical analysis more difficult, key - meshing is supported (see RFC 4357). - -GOST 28147-89 MAC mode. Message authentication code. While most MAC - algorithms out there are based on hash functions using HMAC - algorithm, this algoritm is based on symmetric cipher. - It has 256-bit symmetric key and only 32 bits of MAC value - (while HMAC has same key size and value size). - - It is implemented as combination of EVP_PKEY type and EVP_MD type. - -USAGE OF THESE ALGORITHMS - -This engine is designed to allow usage of this algorithms in the -high-level openssl functions, such as PKI, S/MIME and TLS. - -See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI. -TLS support is implemented according IETF -draft-chudov-cryptopro-cptls-03.txt and is compatible with -CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. -GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported -because they use ciphersuite numbers used now by AES ciphersuites. - -To use the engine you have to load it via openssl configuration -file. Applications should read openssl configuration file or provide -their own means to load engines. Also, applications which operate with -private keys, should use generic EVP_PKEY API instead of using RSA or -other algorithm-specific API. - -CONFIGURATION FILE - -Configuration file should include following statement in the global -section, i.e. before first bracketed section header (see config(5) for details) - - openssl_conf = openssl_def - -where openssl_def is name of the section in configuration file which -describes global defaults. - -This section should contain following statement: - - [openssl_def] - engines = engine_section - -which points to the section which describes list of the engines to be -loaded. This section should contain: - - [engine_section] - gost = gost_section - -And section which describes configuration of the engine should contain - - [gost_section] - engine_id = gost - dynamic_path = /usr/lib/ssl/engines/libgost.so - default_algorithms = ALL - CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet - -Where engine_id parameter specifies name of engine (should be "gost"). -dynamic_path is a location of the loadable shared library implementing the -engine. If the engine is compiled statically or is located in the OpenSSL -engines directory, this line can be omitted. -default_algorithms parameter specifies that all algorithms, provided by -engine, should be used. - -The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose -between different parameter sets of symmetric cipher algorithm. RFC 4357 -specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL -doesn't provide user interface to choose one when encrypting. So use engine -configuration parameter instead. - -Value of this parameter can be either short name, defined in OpenSSL -obj_dat.h header file or numeric representation of OID, defined in RFC -4357. - -USAGE WITH COMMAND LINE openssl UTILITY - -1. Generation of private key - - openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem - - Use -algorithm option to specify algorithm. - Use -pkeyopt option to pass paramset to algorithm. The following paramsets - are supported by - gost94: 0,A,B,C,D,XA,XB,XC - gost2001: 0,A,B,C,XA,XB - You can also use numeric representation of OID as to destinate - paramset. - - Paramsets starting with X are intended to use for key exchange keys. - Paramsets without X are for digital signature keys. - - Paramset for both algorithms 0 is the test paramset which should be used - only for test purposes. - -There are no algorithm-specific things with generation of certificate -request once you have a private key. - -2. Generation of certificate request along with private/public keypar - - openssl req -newkey gost2001 -pkeyopt paramset:A - - Syntax of -pkeyopt parameter is identical with genpkey command. - - You can also use oldstyle syntax -newkey gost2001:paramfile, but in - this case you should create parameter file first. - - It can be created with - - openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\ - -out paramfile. - -3. S/MIME operations - -If you want to send encrypted mail using GOST algorithms, don't forget -to specify -gost89 as encryption algorithm for OpenSSL smime command. -While OpenSSL is clever enough to find out that GOST R 34.11-94 digest -must be used for digital signing with GOST private key, it have no way -to derive symmetric encryption algorithm from key exchange keys. - -4. TLS operations - -OpenSSL supports all four ciphersuites defined in the IETF draft. -Once you've loaded GOST key and certificate into your TLS server, -ciphersuites which use GOST 28147-89 encryption are enabled. - -Ciphersuites with NULL encryption should be enabled explicitely if -needed. - -GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 -GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 - -Gost 94 and gost 2001 keys can be used simultaneously in the TLS server. -RSA, DSA and EC keys can be used simultaneously with GOST keys, if -server implementation supports loading more than two private -key/certificate pairs. In this case ciphersuites which use any of loaded -keys would be supported and clients can negotiate ones they wish. - -This allows creation of TLS servers which use GOST ciphersuites for -Russian clients and RSA/DSA ciphersuites for foreign clients. - -5. Calculation of digests and symmetric encryption - OpenSSL provides specific commands (like sha1, aes etc) for calculation - of digests and symmetric encryption. Since such commands cannot be - added dynamically, no such commands are provided for GOST algorithms. - Use generic commands 'dgst' and 'enc'. - - Calculation of GOST R 34.11-94 message digest - - openssl dgst -md_gost94 datafile - - Note that GOST R 34.11-94 specifies that digest value should be - interpreted as little-endian number, but OpenSSL outputs just hex dump - of digest value. - - So, to obtain correct digest value, such as produced by gostsum utility - included in the engine distribution, bytes of output should be - reversed. - - Calculation of HMAC based on GOST R 34.11-94 - - openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile - - (or use hexkey if key contain NUL bytes) - Calculation of GOST 28147 MAC - - openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile - - Note absence of an option that specifies digest algorithm. gost-mac - algorithm supports only one digest (which is actually part of - implementation of this mac) and OpenSSL is clever enough to find out - this. - - Encryption with GOST 28147 CFB mode - openssl enc -gost89 -out encrypted-file -in plain-text-file -k <passphrase> - Encryption with GOST 28147 CNT mode - openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k <passphrase> - - -6. Encrypting private keys and PKCS12 - -To produce PKCS12 files compatible with MagPro CSP, you need to use -GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94 -hash to derive key from password. - -openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\ - -certpbe gost89 -macalg md_gost94 - -7. Testing speed of symmetric ciphers. - -To test performance of GOST symmetric ciphers you should use -evp switch -of the openssl speed command. Engine-provided ciphers couldn't be -accessed by cipher-specific functions, only via generic evp interface - - openssl speed -evp gost89 - openssl speed -evp gost89-cnt - - -PROGRAMMING INTERFACES DETAILS - -Applications never should access engine directly. They only use provided -EVP_PKEY API. But there are some details, which should be taken into -account. - -EVP provides two kinds of API for key exchange: - -1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with - RSA-like public key encryption algorithms - -2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key -computing algorithms. - -Although VKO R 34.10 algorithms, described in the RFC 4357 are -definitely second case, engine provides BOTH API for GOST R 34.10 keys. - -EVP_PKEY_derive just invokes appropriate VKO algorithm and computes -256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key -material (UKM). This UKM should be transmitted to other party, so it is -not generated inside derive function. - -It should be set by EVP_PKEY_CTX_ctrl function using -EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but -before EVP_PKEY_derive. - unsigned char ukm[8]; - RAND_bytes(ukm,8); - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm) - -EVP_PKEY_encrypt encrypts provided session key with VKO shared key and -packs it into GOST key transport structure, described in the RFC 4490. - -It typically uses ephemeral key pair to compute shared key and packs its -public part along with encrypted key. So, for most cases use of -EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with -RSA. - -However, if peerkey field in the EVP_PKEY_CTX structure is set (using -EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private -key and uses same parameters as the public key from which this EVP_PKEY_CTX is -created, EVP_PKEY_encrypt will use this private key to compute shared key and -set ephemeral key in the GOST_key_transport structure to NULL. In this case -pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down. - -If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL -public key field, it tries to use peerkey field from the context to -compute shared key. In this case peerkey field should really contain -peer public key. - -Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well. -It can be used when some specific restriction on UKM are imposed by -higher level protocol. For instance, description of GOST ciphersuites -requires UKM to be derived from shared secret. - -If UKM is not set by this control command, encrypt operation would -generate random UKM. - - -This sources include implementation of GOST 28147-89 and GOST R 34.11-94 -which are completely indepentent from OpenSSL and can be used separately -(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file -gostsum.c) is provided as example of such separate usage. This is -program, simular to md5sum and sha1sum utilities, but calculates GOST R -34.11-94 hash. - -Makefile doesn't include rule for compiling gostsum. -Use command - -$(CC) -o gostsum gostsum.c gost89.c gosthash.c -where $(CC) is name of your C compiler. - -Implementations of GOST R 34.10-xx, including VKO algorithms heavily -depends on OpenSSL BIGNUM and Elliptic Curve libraries. - - diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c deleted file mode 100644 index d05ef61..0000000 --- a/engines/ccgost/e_gost_err.c +++ /dev/null @@ -1,201 +0,0 @@ -/* e_gost_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_gost_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA GOST_str_functs[] = { - {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"}, - {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"}, - {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"}, - {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"}, - {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), - "GOST89_GET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), - "GOST89_SET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"}, - {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"}, - {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"}, - {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"}, - {0, NULL} -}; - -static ERR_STRING_DATA GOST_str_reasons[] = { - {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT), - "bad key parameters format"}, - {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT), - "bad pkey parameters format"}, - {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY), - "cannot pack ephemeral key"}, - {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY), - "error computing shared key"}, - {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO), - "error parsing key transport info"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"}, - {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"}, - {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"}, - {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"}, - {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"}, - {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"}, - {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"}, - {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR), - "no private part of non ephemeral keypair"}, - {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED), - "random number generator failed"}, - {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"}, - {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q), - "signature parts greater than q"}, - {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"}, - {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND), - "unsupported cipher ctl command"}, - {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET), - "unsupported parameter set"}, - {0, NULL} -}; - -#endif - -#ifdef GOST_LIB_NAME -static ERR_STRING_DATA GOST_lib_name[] = { - {0, GOST_LIB_NAME}, - {0, NULL} -}; -#endif - -static int GOST_lib_error_code = 0; -static int GOST_error_init = 1; - -void ERR_load_GOST_strings(void) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - - if (GOST_error_init) { - GOST_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(GOST_lib_error_code, GOST_str_functs); - ERR_load_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0); - ERR_load_strings(0, GOST_lib_name); -#endif - } -} - -void ERR_unload_GOST_strings(void) -{ - if (GOST_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(GOST_lib_error_code, GOST_str_functs); - ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - ERR_unload_strings(0, GOST_lib_name); -#endif - GOST_error_init = 1; - } -} - -void ERR_GOST_error(int function, int reason, char *file, int line) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(GOST_lib_error_code, function, reason, file, line); -} diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h deleted file mode 100644 index b183957..0000000 --- a/engines/ccgost/e_gost_err.h +++ /dev/null @@ -1,157 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -# define HEADER_GOST_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_GOST_strings(void); -void ERR_unload_GOST_strings(void); -void ERR_GOST_error(int function, int reason, char *file, int line); -# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -# define GOST_F_DECODE_GOST_ALGOR_PARAMS 99 -# define GOST_F_ENCODE_GOST_ALGOR_PARAMS 100 -# define GOST_F_FILL_GOST2001_PARAMS 101 -# define GOST_F_FILL_GOST94_PARAMS 102 -# define GOST_F_GET_ENCRYPTION_PARAMS 103 -# define GOST_F_GOST2001_COMPUTE_PUBLIC 104 -# define GOST_F_GOST2001_DO_SIGN 105 -# define GOST_F_GOST2001_DO_VERIFY 106 -# define GOST_F_GOST2001_KEYGEN 107 -# define GOST_F_GOST89_GET_ASN1_PARAMETERS 108 -# define GOST_F_GOST89_SET_ASN1_PARAMETERS 109 -# define GOST_F_GOST94_COMPUTE_PUBLIC 110 -# define GOST_F_GOST_CIPHER_CTL 111 -# define GOST_F_GOST_DO_SIGN 112 -# define GOST_F_GOST_DO_VERIFY 113 -# define GOST_F_GOST_IMIT_CTRL 114 -# define GOST_F_GOST_IMIT_FINAL 140 -# define GOST_F_GOST_IMIT_UPDATE 115 -# define GOST_F_GOST_SIGN_KEYGEN 142 -# define GOST_F_PARAM_COPY_GOST01 116 -# define GOST_F_PARAM_COPY_GOST94 117 -# define GOST_F_PKEY_GOST01CP_DECRYPT 118 -# define GOST_F_PKEY_GOST01CP_ENCRYPT 119 -# define GOST_F_PKEY_GOST01CP_KEYGEN 120 -# define GOST_F_PKEY_GOST01_PARAMGEN 138 -# define GOST_F_PKEY_GOST2001_DERIVE 121 -# define GOST_F_PKEY_GOST94CP_DECRYPT 122 -# define GOST_F_PKEY_GOST94CP_ENCRYPT 123 -# define GOST_F_PKEY_GOST94CP_KEYGEN 124 -# define GOST_F_PKEY_GOST94_PARAMGEN 139 -# define GOST_F_PKEY_GOST_CTRL 125 -# define GOST_F_PKEY_GOST_CTRL01_STR 126 -# define GOST_F_PKEY_GOST_CTRL94_STR 127 -# define GOST_F_PKEY_GOST_MAC_CTRL 128 -# define GOST_F_PKEY_GOST_MAC_CTRL_STR 129 -# define GOST_F_PKEY_GOST_MAC_KEYGEN 130 -# define GOST_F_PRINT_GOST_01 131 -# define GOST_F_PRIV_DECODE_GOST 132 -# define GOST_F_PUB_DECODE_GOST01 133 -# define GOST_F_PUB_DECODE_GOST94 134 -# define GOST_F_PUB_ENCODE_GOST01 135 -# define GOST_F_PUB_ENCODE_GOST94 141 -# define GOST_F_UNPACK_CC_SIGNATURE 136 -# define GOST_F_UNPACK_CP_SIGNATURE 137 - -/* Reason codes. */ -# define GOST_R_BAD_KEY_PARAMETERS_FORMAT 99 -# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 100 -# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 101 -# define GOST_R_CTRL_CALL_FAILED 132 -# define GOST_R_ERROR_COMPUTING_SHARED_KEY 102 -# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 103 -# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 104 -# define GOST_R_INCOMPATIBLE_ALGORITHMS 105 -# define GOST_R_INCOMPATIBLE_PEER_KEY 131 -# define GOST_R_INVALID_CIPHER_PARAMS 106 -# define GOST_R_INVALID_CIPHER_PARAM_OID 107 -# define GOST_R_INVALID_DIGEST_TYPE 108 -# define GOST_R_INVALID_GOST94_PARMSET 109 -# define GOST_R_INVALID_IV_LENGTH 110 -# define GOST_R_INVALID_MAC_KEY_LENGTH 111 -# define GOST_R_INVALID_PARAMSET 112 -# define GOST_R_KEY_IS_NOT_INITALIZED 113 -# define GOST_R_KEY_IS_NOT_INITIALIZED 114 -# define GOST_R_KEY_PARAMETERS_MISSING 115 -# define GOST_R_MAC_KEY_NOT_SET 116 -# define GOST_R_NO_PARAMETERS_SET 119 -# define GOST_R_NO_PEER_KEY 120 -# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 121 -# define GOST_R_PUBLIC_KEY_UNDEFINED 122 -# define GOST_R_RANDOM_GENERATOR_ERROR 123 -# define GOST_R_RANDOM_GENERATOR_FAILURE 124 -# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 125 -# define GOST_R_SIGNATURE_MISMATCH 126 -# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 127 -# define GOST_R_UKM_NOT_SET 128 -# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 129 -# define GOST_R_UNSUPPORTED_PARAMETER_SET 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/ccgost/e_gost_err.proto b/engines/ccgost/e_gost_err.proto deleted file mode 100644 index c57bd1b..0000000 --- a/engines/ccgost/e_gost_err.proto +++ /dev/null @@ -1,61 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -#define HEADER_GOST_ERR_H - -#define GOST_LIB_NAME "GOST engine" -#ifdef __cplusplus - extern "C" { -#endif diff --git a/engines/ccgost/gost.ec b/engines/ccgost/gost.ec deleted file mode 100644 index 6c2c85e..0000000 --- a/engines/ccgost/gost.ec +++ /dev/null @@ -1,5 +0,0 @@ -L GOST e_gost_err.h e_gost_err.c -L NONE asymm.h NONE -L NONE md.h NONE -L NONE crypt.h NONE -L NONE gostkeyx.h NONE diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c deleted file mode 100644 index b47d832..0000000 --- a/engines/ccgost/gost2001.c +++ /dev/null @@ -1,460 +0,0 @@ -/********************************************************************** - * gost2001.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.10-2001 * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include "gost_lcl.h" -#include <string.h> -#include <openssl/rand.h> -#include <openssl/ec.h> -#include <openssl/err.h> -#include "e_gost_err.h" -#ifdef DEBUG_SIGN -extern -void dump_signature(const char *message, const unsigned char *buffer, - size_t len); -void dump_dsa_sig(const char *message, DSA_SIG *sig); -#else - -# define dump_signature(a,b,c) -# define dump_dsa_sig(a,b) -#endif - -/* - * Fills EC_KEY structure hidden in the app_data field of DSA structure - * with parameter information, extracted from parameter array in - * params.c file. - * - * Also fils DSA->q field with copy of EC_GROUP order field to make - * DSA_size function work - */ -int fill_GOST2001_params(EC_KEY *eckey, int nid) -{ - R3410_2001_params *params = R3410_2001_paramset; - EC_GROUP *grp = NULL; - BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; - EC_POINT *P = NULL; - BN_CTX *ctx = BN_CTX_new(); - int ok = 0; - - if (!ctx) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - p = BN_CTX_get(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - if (!p || !a || !b || !x || !y || !q) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - while (params->nid != NID_undef && params->nid != nid) - params++; - if (params->nid == NID_undef) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - GOST_R_UNSUPPORTED_PARAMETER_SET); - goto err; - } - if (!BN_hex2bn(&p, params->p) - || !BN_hex2bn(&a, params->a) - || !BN_hex2bn(&b, params->b)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - ERR_R_INTERNAL_ERROR); - goto err; - } - - grp = EC_GROUP_new_curve_GFp(p, a, b, ctx); - if (!grp) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - P = EC_POINT_new(grp); - if (!P) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_hex2bn(&x, params->x) - || !BN_hex2bn(&y, params->y) - || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx) - || !BN_hex2bn(&q, params->q)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_KEYS - fprintf(stderr, "Set params index %d oid %s\nq=", - (params - R3410_2001_paramset), OBJ_nid2sn(params->nid)); - BN_print_fp(stderr, q); - fprintf(stderr, "\n"); -#endif - - if (!EC_GROUP_set_generator(grp, P, q, NULL)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - EC_GROUP_set_curve_name(grp, params->nid); - if (!EC_KEY_set_group(eckey, grp)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - ok = 1; - err: - EC_POINT_free(P); - EC_GROUP_free(grp); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * Computes gost2001 signature as DSA_SIG structure - * - * - */ -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) -{ - DSA_SIG *newsig = NULL, *ret = NULL; - BIGNUM *md = hashsum2bn(dgst); - BIGNUM *order = NULL; - const EC_GROUP *group; - const BIGNUM *priv_key; - BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = - NULL, *e = NULL; - EC_POINT *C = NULL; - BN_CTX *ctx = BN_CTX_new(); - if (!ctx || !md) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - OPENSSL_assert(dlen == 32); - newsig = DSA_SIG_new(); - if (!newsig) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - group = EC_KEY_get0_group(eckey); - if (!group) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - order = BN_CTX_get(ctx); - if (!order || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - priv_key = EC_KEY_get0_private_key(eckey); - if (!priv_key) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - e = BN_CTX_get(ctx); - if (!e || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum="); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q="); - BN_print_fp(stderr, e); - fprintf(stderr, "\n"); -#endif - if (BN_is_zero(e)) { - BN_one(e); - } - k = BN_CTX_get(ctx); - C = EC_POINT_new(group); - if (!k || !C) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - do { - do { - if (!BN_rand_range(k, order)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - if (!X) - X = BN_CTX_get(ctx); - if (!r) - r = BN_CTX_get(ctx); - if (!X || !r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - - if (!BN_nnmod(r, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(r)); - /* s = (r*priv_key+k*e) mod order */ - if (!tmp) - tmp = BN_CTX_get(ctx); - if (!tmp2) - tmp2 = BN_CTX_get(ctx); - if (!s) - s = BN_CTX_get(ctx); - if (!tmp || !tmp2 || !s) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_mod_mul(tmp, priv_key, r, order, ctx) - || !BN_mod_mul(tmp2, k, e, order, ctx) - || !BN_mod_add(s, tmp, tmp2, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(s)); - - newsig->s = BN_dup(s); - newsig->r = BN_dup(r); - if (!newsig->s || !newsig->r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = newsig; - err: - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(C); - BN_free(md); - if (!ret) - DSA_SIG_free(newsig); - return ret; -} - -/* - * Verifies gost 2001 signature - * - */ -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec) -{ - BN_CTX *ctx = BN_CTX_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - BIGNUM *order; - BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = - NULL; - BIGNUM *X = NULL, *tmp = NULL; - EC_POINT *C = NULL; - const EC_POINT *pub_key = NULL; - int ok = 0; - - if (!ctx || !group) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - e = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - R = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (!order || !e || !z1 || !z2 || !tmp || !X || !R || !v) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, - GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - - } - md = hashsum2bn(dgst); - - if (!md || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum: "); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q: "); - BN_print_fp(stderr, e); -#endif - if (BN_is_zero(e) && !BN_one(e)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - v = BN_mod_inverse(v, e, order, ctx); - if (!v - || !BN_mod_mul(z1, sig->s, v, order, ctx) - || !BN_sub(tmp, order, sig->r) - || !BN_mod_mul(z2, tmp, v, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nInverted digest value: "); - BN_print_fp(stderr, v); - fprintf(stderr, "\nz1: "); - BN_print_fp(stderr, z1); - fprintf(stderr, "\nz2: "); - BN_print_fp(stderr, z2); -#endif - C = EC_POINT_new(group); - if (!C) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!BN_mod(R, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nX="); - BN_print_fp(stderr, X); - fprintf(stderr, "\nX mod q="); - BN_print_fp(stderr, R); - fprintf(stderr, "\n"); -#endif - if (BN_cmp(R, sig->r) != 0) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); - } else { - ok = 1; - } - err: - EC_POINT_free(C); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(md); - return ok; -} - -/* - * Computes GOST R 34.10-2001 public key - * - * - */ -int gost2001_compute_public(EC_KEY *ec) -{ - const EC_GROUP *group = EC_KEY_get0_group(ec); - EC_POINT *pub_key = NULL; - const BIGNUM *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if (!group) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, - GOST_R_KEY_IS_NOT_INITIALIZED); - return 0; - } - ctx = BN_CTX_new(); - if (!ctx) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - if ((priv_key = EC_KEY_get0_private_key(ec)) == NULL) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - - pub_key = EC_POINT_new(group); - if (!pub_key) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - if (!EC_KEY_set_public_key(ec, pub_key)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - ok = 256; - err: - EC_POINT_free(pub_key); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * - * Generates GOST R 34.10-2001 keypair - * - * - */ -int gost2001_keygen(EC_KEY *ec) -{ - BIGNUM *order = BN_new(), *d = BN_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - - if (!group || !EC_GROUP_get_order(group, order, NULL)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - - do { - if (!BN_rand_range(d, order)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - BN_free(d); - BN_free(order); - return 0; - } - } - while (BN_is_zero(d)); - - if (!EC_KEY_set_private_key(ec, d)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - BN_free(d); - BN_free(order); - return gost2001_compute_public(ec); -} diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c deleted file mode 100644 index 1fd0174..0000000 --- a/engines/ccgost/gost2001_keyx.c +++ /dev/null @@ -1,290 +0,0 @@ -/********************************************************************** - * gost_keyx.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * VK0 34.10-2001 key exchange and GOST R 34.10-2001 * - * based PKCS7/SMIME support * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <openssl/evp.h> -#include <openssl/rand.h> -#include <string.h> -#include <openssl/objects.h> -#include "gost89.h" -#include "gosthash.h" -#include "e_gost_err.h" -#include "gost_keywrap.h" -#include "gost_lcl.h" -#include "gost2001_keyx.h" - -/* Implementation of CryptoPro VKO 34.10-2001 algorithm */ -static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, - const EC_POINT *pub_key, EC_KEY *priv_key, - const unsigned char *ukm) -{ - unsigned char ukm_be[8], databuf[64], hashbuf[64]; - BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL; - const BIGNUM *key = EC_KEY_get0_private_key(priv_key); - EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key)); - int i; - gost_hash_ctx hash_ctx; - BN_CTX *ctx = BN_CTX_new(); - - for (i = 0; i < 8; i++) { - ukm_be[7 - i] = ukm[i]; - } - BN_CTX_start(ctx); - UKM = BN_bin2bn(ukm_be, 8, NULL); - p = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); - BN_mod_mul(p, key, UKM, order, ctx); - EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx); - EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); - /* - * Serialize elliptic curve point same way as we do it when saving key - */ - store_bignum(Y, databuf, 32); - store_bignum(X, databuf + 32, 32); - /* And reverse byte order of whole buffer */ - for (i = 0; i < 64; i++) { - hashbuf[63 - i] = databuf[i]; - } - init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet); - start_hash(&hash_ctx); - hash_block(&hash_ctx, hashbuf, 64); - finish_hash(&hash_ctx, shared_key); - done_gost_hash_ctx(&hash_ctx); - BN_free(UKM); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(pnt); - return 32; -} - -/* - * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001 - * algorithm - */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - /* - * Public key of peer in the ctx field peerkey Our private key in the ctx - * pkey ukm is in the algorithm specific context data - */ - EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx); - EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - if (!data->shared_ukm) { - GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET); - return 0; - } - - if (key == NULL) { - *keylen = 32; - return 32; - } - - *keylen = - VKO_compute_key(key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)), - (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm); - return 1; -} - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptocom variation - */ -/* - * Generates ephemeral key based on pubk algorithm computes shared key using - * VKO and returns filled up GOST_KEY_TRANSPORT structure - */ - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ - -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, - size_t *out_len, const unsigned char *key, - size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - const struct gost_cipher_info *param = get_encryption_params(NULL); - unsigned char ukm[8], shared_key[32], crypted_key[44]; - int ret = 0; - int key_is_ephemeral = 1; - gost_ctx cctx; - EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx); - if (data->shared_ukm) { - memcpy(ukm, data->shared_ukm, 8); - } else if (out) { - - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - return 0; - } - } - /* Check for private key in the peer_key of context */ - if (sec_key) { - key_is_ephemeral = 0; - if (!gost_get0_priv_key(sec_key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - key_is_ephemeral = 1; - if (out) { - sec_key = EVP_PKEY_new(); - EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); - EVP_PKEY_copy_parameters(sec_key, pubk); - if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { - goto err; - } - } - } - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list + 1; - } - if (out) { - VKO_compute_key(shared_key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)), - EVP_PKEY_get0(sec_key), ukm); - gost_init(&cctx, param->sblock); - keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (!gkt) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) { - goto err; - } - if (!ASN1_OCTET_STRING_set - (gkt->key_info->encrypted_key, crypted_key + 8, 32)) { - goto err; - } - if (key_is_ephemeral) { - if (!X509_PUBKEY_set - (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid); - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - if (!key_is_ephemeral) { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0) - ret = 1; - GOST_KEY_TRANSPORT_free(gkt); - return ret; - err: - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - -/* - * EVP_PKEY_METHOD callback decrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, - size_t *key_len, const unsigned char *in, - size_t in_len) -{ - const unsigned char *p = in; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); - GOST_KEY_TRANSPORT *gkt = NULL; - int ret = 0; - unsigned char wrappedKey[44]; - unsigned char sharedKey[32]; - gost_ctx ctx; - const struct gost_cipher_info *param = NULL; - EVP_PKEY *eph_key = NULL, *peerkey = NULL; - - if (!key) { - *key_len = 32; - return 1; - } - gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); - if (!gkt) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); - return -1; - } - - /* If key transport structure contains public key, use it */ - eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); - if (eph_key) { - if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_INCOMPATIBLE_PEER_KEY); - goto err; - } - } else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); - if (!peerkey) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_NO_PEER_KEY); - goto err; - } - - param = get_encryption_params(gkt->key_agreement_info->cipher); - if (!param) { - goto err; - } - - gost_init(&ctx, param->sblock); - OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); - memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); - OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); - memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); - OPENSSL_assert(gkt->key_info->imit->length == 4); - memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); - VKO_compute_key(sharedKey, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)), - EVP_PKEY_get0(priv), wrappedKey); - if (!keyUnwrapCryptoPro(&ctx, sharedKey, wrappedKey, key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_COMPUTING_SHARED_KEY); - goto err; - } - - ret = 1; - err: - EVP_PKEY_free(eph_key); - GOST_KEY_TRANSPORT_free(gkt); - return ret; -} diff --git a/engines/ccgost/gost2001_keyx.h b/engines/ccgost/gost2001_keyx.h deleted file mode 100644 index 2d29113..0000000 --- a/engines/ccgost/gost2001_keyx.h +++ /dev/null @@ -1,10 +0,0 @@ -GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk, - BIGNUM *eph_key, - const unsigned char *key, - size_t keylen, - unsigned char *ukm, - size_t ukm_len); - -int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv, - GOST_KEY_TRANSPORT * gkt, - unsigned char *key_buf, int key_buf_len); diff --git a/engines/ccgost/gost89.c b/engines/ccgost/gost89.c deleted file mode 100644 index 4ff4ddd..0000000 --- a/engines/ccgost/gost89.c +++ /dev/null @@ -1,576 +0,0 @@ -/********************************************************************** - * gost89.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -/*- - Substitution blocks from RFC 4357 - - Note: our implementation of gost 28147-89 algorithm - uses S-box matrix rotated 90 degrees counterclockwise, relative to - examples given in RFC. - - -*/ - -/* Substitution blocks from test examples for GOST R 34.11-94*/ -gost_subst_block GostR3411_94_TestParamSet = { - {0X1, 0XF, 0XD, 0X0, 0X5, 0X7, 0XA, 0X4, 0X9, 0X2, 0X3, 0XE, 0X6, 0XB, - 0X8, 0XC} - , - {0XD, 0XB, 0X4, 0X1, 0X3, 0XF, 0X5, 0X9, 0X0, 0XA, 0XE, 0X7, 0X6, 0X8, - 0X2, 0XC} - , - {0X4, 0XB, 0XA, 0X0, 0X7, 0X2, 0X1, 0XD, 0X3, 0X6, 0X8, 0X5, 0X9, 0XC, - 0XF, 0XE} - , - {0X6, 0XC, 0X7, 0X1, 0X5, 0XF, 0XD, 0X8, 0X4, 0XA, 0X9, 0XE, 0X0, 0X3, - 0XB, 0X2} - , - {0X7, 0XD, 0XA, 0X1, 0X0, 0X8, 0X9, 0XF, 0XE, 0X4, 0X6, 0XC, 0XB, 0X2, - 0X5, 0X3} - , - {0X5, 0X8, 0X1, 0XD, 0XA, 0X3, 0X4, 0X2, 0XE, 0XF, 0XC, 0X7, 0X6, 0X0, - 0X9, 0XB} - , - {0XE, 0XB, 0X4, 0XC, 0X6, 0XD, 0XF, 0XA, 0X2, 0X3, 0X8, 0X1, 0X0, 0X7, - 0X5, 0X9} - , - {0X4, 0XA, 0X9, 0X2, 0XD, 0X8, 0X0, 0XE, 0X6, 0XB, 0X1, 0XC, 0X7, 0XF, - 0X5, 0X3} -}; - -/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */ -gost_subst_block GostR3411_94_CryptoProParamSet = { - {0x1, 0x3, 0xA, 0x9, 0x5, 0xB, 0x4, 0xF, 0x8, 0x6, 0x7, 0xE, 0xD, 0x0, - 0x2, 0xC} - , - {0xD, 0xE, 0x4, 0x1, 0x7, 0x0, 0x5, 0xA, 0x3, 0xC, 0x8, 0xF, 0x6, 0x2, - 0x9, 0xB} - , - {0x7, 0x6, 0x2, 0x4, 0xD, 0x9, 0xF, 0x0, 0xA, 0x1, 0x5, 0xB, 0x8, 0xE, - 0xC, 0x3} - , - {0x7, 0x6, 0x4, 0xB, 0x9, 0xC, 0x2, 0xA, 0x1, 0x8, 0x0, 0xE, 0xF, 0xD, - 0x3, 0x5} - , - {0x4, 0xA, 0x7, 0xC, 0x0, 0xF, 0x2, 0x8, 0xE, 0x1, 0x6, 0x5, 0xD, 0xB, - 0x9, 0x3} - , - {0x7, 0xF, 0xC, 0xE, 0x9, 0x4, 0x1, 0x0, 0x3, 0xB, 0x5, 0x2, 0x6, 0xA, - 0x8, 0xD} - , - {0x5, 0xF, 0x4, 0x0, 0x2, 0xD, 0xB, 0x9, 0x1, 0x7, 0x6, 0x3, 0xC, 0xE, - 0xA, 0x8} - , - {0xA, 0x4, 0x5, 0x6, 0x8, 0x1, 0x3, 0x7, 0xD, 0xC, 0xE, 0x0, 0x9, 0x2, - 0xB, 0xF} -}; - -/* Test paramset from GOST 28147 */ -gost_subst_block Gost28147_TestParamSet = { - {0xC, 0x6, 0x5, 0x2, 0xB, 0x0, 0x9, 0xD, 0x3, 0xE, 0x7, 0xA, 0xF, 0x4, - 0x1, 0x8} - , - {0x9, 0xB, 0xC, 0x0, 0x3, 0x6, 0x7, 0x5, 0x4, 0x8, 0xE, 0xF, 0x1, 0xA, - 0x2, 0xD} - , - {0x8, 0xF, 0x6, 0xB, 0x1, 0x9, 0xC, 0x5, 0xD, 0x3, 0x7, 0xA, 0x0, 0xE, - 0x2, 0x4} - , - {0x3, 0xE, 0x5, 0x9, 0x6, 0x8, 0x0, 0xD, 0xA, 0xB, 0x7, 0xC, 0x2, 0x1, - 0xF, 0x4} - , - {0xE, 0x9, 0xB, 0x2, 0x5, 0xF, 0x7, 0x1, 0x0, 0xD, 0xC, 0x6, 0xA, 0x4, - 0x3, 0x8} - , - {0xD, 0x8, 0xE, 0xC, 0x7, 0x3, 0x9, 0xA, 0x1, 0x5, 0x2, 0x4, 0x6, 0xF, - 0x0, 0xB} - , - {0xC, 0x9, 0xF, 0xE, 0x8, 0x1, 0x3, 0xA, 0x2, 0x7, 0x4, 0xD, 0x6, 0x0, - 0xB, 0x5} - , - {0x4, 0x2, 0xF, 0x5, 0x9, 0x1, 0x0, 0x8, 0xE, 0x3, 0xB, 0xC, 0xD, 0x7, - 0xA, 0x6} -}; - -/* 1.2.643.2.2.31.1 */ -gost_subst_block Gost28147_CryptoProParamSetA = { - {0xB, 0xA, 0xF, 0x5, 0x0, 0xC, 0xE, 0x8, 0x6, 0x2, 0x3, 0x9, 0x1, 0x7, - 0xD, 0x4} - , - {0x1, 0xD, 0x2, 0x9, 0x7, 0xA, 0x6, 0x0, 0x8, 0xC, 0x4, 0x5, 0xF, 0x3, - 0xB, 0xE} - , - {0x3, 0xA, 0xD, 0xC, 0x1, 0x2, 0x0, 0xB, 0x7, 0x5, 0x9, 0x4, 0x8, 0xF, - 0xE, 0x6} - , - {0xB, 0x5, 0x1, 0x9, 0x8, 0xD, 0xF, 0x0, 0xE, 0x4, 0x2, 0x3, 0xC, 0x7, - 0xA, 0x6} - , - {0xE, 0x7, 0xA, 0xC, 0xD, 0x1, 0x3, 0x9, 0x0, 0x2, 0xB, 0x4, 0xF, 0x8, - 0x5, 0x6} - , - {0xE, 0x4, 0x6, 0x2, 0xB, 0x3, 0xD, 0x8, 0xC, 0xF, 0x5, 0xA, 0x0, 0x7, - 0x1, 0x9} - , - {0x3, 0x7, 0xE, 0x9, 0x8, 0xA, 0xF, 0x0, 0x5, 0x2, 0x6, 0xC, 0xB, 0x4, - 0xD, 0x1} - , - {0x9, 0x6, 0x3, 0x2, 0x8, 0xB, 0x1, 0x7, 0xA, 0x4, 0xE, 0xF, 0xC, 0x0, - 0xD, 0x5} -}; - -/* 1.2.643.2.2.31.2 */ -gost_subst_block Gost28147_CryptoProParamSetB = { - {0x0, 0x4, 0xB, 0xE, 0x8, 0x3, 0x7, 0x1, 0xA, 0x2, 0x9, 0x6, 0xF, 0xD, - 0x5, 0xC} - , - {0x5, 0x2, 0xA, 0xB, 0x9, 0x1, 0xC, 0x3, 0x7, 0x4, 0xD, 0x0, 0x6, 0xF, - 0x8, 0xE} - , - {0x8, 0x3, 0x2, 0x6, 0x4, 0xD, 0xE, 0xB, 0xC, 0x1, 0x7, 0xF, 0xA, 0x0, - 0x9, 0x5} - , - {0x2, 0x7, 0xC, 0xF, 0x9, 0x5, 0xA, 0xB, 0x1, 0x4, 0x0, 0xD, 0x6, 0x8, - 0xE, 0x3} - , - {0x7, 0x5, 0x0, 0xD, 0xB, 0x6, 0x1, 0x2, 0x3, 0xA, 0xC, 0xF, 0x4, 0xE, - 0x9, 0x8} - , - {0xE, 0xC, 0x0, 0xA, 0x9, 0x2, 0xD, 0xB, 0x7, 0x5, 0x8, 0xF, 0x3, 0x6, - 0x1, 0x4} - , - {0x0, 0x1, 0x2, 0xA, 0x4, 0xD, 0x5, 0xC, 0x9, 0x7, 0x3, 0xF, 0xB, 0x8, - 0x6, 0xE} - , - {0x8, 0x4, 0xB, 0x1, 0x3, 0x5, 0x0, 0x9, 0x2, 0xE, 0xA, 0xC, 0xD, 0x6, - 0x7, 0xF} -}; - -/* 1.2.643.2.2.31.3 */ -gost_subst_block Gost28147_CryptoProParamSetC = { - {0x7, 0x4, 0x0, 0x5, 0xA, 0x2, 0xF, 0xE, 0xC, 0x6, 0x1, 0xB, 0xD, 0x9, - 0x3, 0x8} - , - {0xA, 0x9, 0x6, 0x8, 0xD, 0xE, 0x2, 0x0, 0xF, 0x3, 0x5, 0xB, 0x4, 0x1, - 0xC, 0x7} - , - {0xC, 0x9, 0xB, 0x1, 0x8, 0xE, 0x2, 0x4, 0x7, 0x3, 0x6, 0x5, 0xA, 0x0, - 0xF, 0xD} - , - {0x8, 0xD, 0xB, 0x0, 0x4, 0x5, 0x1, 0x2, 0x9, 0x3, 0xC, 0xE, 0x6, 0xF, - 0xA, 0x7} - , - {0x3, 0x6, 0x0, 0x1, 0x5, 0xD, 0xA, 0x8, 0xB, 0x2, 0x9, 0x7, 0xE, 0xF, - 0xC, 0x4} - , - {0x8, 0x2, 0x5, 0x0, 0x4, 0x9, 0xF, 0xA, 0x3, 0x7, 0xC, 0xD, 0x6, 0xE, - 0x1, 0xB} - , - {0x0, 0x1, 0x7, 0xD, 0xB, 0x4, 0x5, 0x2, 0x8, 0xE, 0xF, 0xC, 0x9, 0xA, - 0x6, 0x3} - , - {0x1, 0xB, 0xC, 0x2, 0x9, 0xD, 0x0, 0xF, 0x4, 0x5, 0x8, 0xE, 0xA, 0x7, - 0x6, 0x3} -}; - -/* 1.2.643.2.2.31.4 */ -gost_subst_block Gost28147_CryptoProParamSetD = { - {0x1, 0xA, 0x6, 0x8, 0xF, 0xB, 0x0, 0x4, 0xC, 0x3, 0x5, 0x9, 0x7, 0xD, - 0x2, 0xE} - , - {0x3, 0x0, 0x6, 0xF, 0x1, 0xE, 0x9, 0x2, 0xD, 0x8, 0xC, 0x4, 0xB, 0xA, - 0x5, 0x7} - , - {0x8, 0x0, 0xF, 0x3, 0x2, 0x5, 0xE, 0xB, 0x1, 0xA, 0x4, 0x7, 0xC, 0x9, - 0xD, 0x6} - , - {0x0, 0xC, 0x8, 0x9, 0xD, 0x2, 0xA, 0xB, 0x7, 0x3, 0x6, 0x5, 0x4, 0xE, - 0xF, 0x1} - , - {0x1, 0x5, 0xE, 0xC, 0xA, 0x7, 0x0, 0xD, 0x6, 0x2, 0xB, 0x4, 0x9, 0x3, - 0xF, 0x8} - , - {0x1, 0xC, 0xB, 0x0, 0xF, 0xE, 0x6, 0x5, 0xA, 0xD, 0x4, 0x8, 0x9, 0x3, - 0x7, 0x2} - , - {0xB, 0x6, 0x3, 0x4, 0xC, 0xF, 0xE, 0x2, 0x7, 0xD, 0x8, 0x0, 0x5, 0xA, - 0x9, 0x1} - , - {0xF, 0xC, 0x2, 0xA, 0x6, 0x4, 0x5, 0x0, 0x7, 0x9, 0xE, 0xD, 0x1, 0xB, - 0x8, 0x3} -}; - -const byte CryptoProKeyMeshingKey[] = { - 0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, - 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, - 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, - 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B -}; - -/* Initialization of gost_ctx subst blocks*/ -static void kboxinit(gost_ctx * c, const gost_subst_block * b) -{ - int i; - - for (i = 0; i < 256; i++) { - c->k87[i] = (word32) (b->k8[i >> 4] << 4 | b->k7[i & 15]) << 24; - c->k65[i] = (b->k6[i >> 4] << 4 | b->k5[i & 15]) << 16; - c->k43[i] = (b->k4[i >> 4] << 4 | b->k3[i & 15]) << 8; - c->k21[i] = b->k2[i >> 4] << 4 | b->k1[i & 15]; - - } -} - -/* Part of GOST 28147 algorithm moved into separate function */ -static word32 f(gost_ctx * c, word32 x) -{ - x = c->k87[x >> 24 & 255] | c->k65[x >> 16 & 255] | - c->k43[x >> 8 & 255] | c->k21[x & 255]; - /* Rotate left 11 bits */ - return x << 11 | x >> (32 - 11); -} - -/* Low-level encryption routine - encrypts one 64 bit block*/ -void gostcrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Low-level decryption routine. Decrypts one 64-bit block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Encrypts several blocks in ECB mode */ -void gost_enc(gost_ctx * c, const byte * clear, byte * cipher, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostcrypt(c, clear, cipher); - clear += 8; - cipher += 8; - } -} - -/* Decrypts several blocks in ECB mode */ -void gost_dec(gost_ctx * c, const byte * cipher, byte * clear, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostdecrypt(c, cipher, clear); - clear += 8; - cipher += 8; - } -} - -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = clear, out = cipher; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - cur_iv[j] = out[j] = in[j] ^ gamma[j]; - } - } -} - -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = cipher, out = clear; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - out[j] = (cur_iv[j] = in[j]) ^ gamma[j]; - } - } -} - -/* Encrypts one block using specified key */ -void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock, - byte * outblock) -{ - gost_key(c, key); - gostcrypt(c, inblock, outblock); -} - -/* Set 256 bit key into context */ -void gost_key(gost_ctx * c, const byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - c->k[i] = - k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] << - 24); - } -} - -/* Retrieve 256-bit key from context */ -void gost_get_key(gost_ctx * c, byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - k[j] = (byte) (c->k[i] & 0xFF); - k[j + 1] = (byte) ((c->k[i] >> 8) & 0xFF); - k[j + 2] = (byte) ((c->k[i] >> 16) & 0xFF); - k[j + 3] = (byte) ((c->k[i] >> 24) & 0xFF); - } -} - -/* Initalize context. Provides default value for subst_block */ -void gost_init(gost_ctx * c, const gost_subst_block * b) -{ - if (!b) { - b = &GostR3411_94_TestParamSet; - } - kboxinit(c, b); -} - -/* Cleans up key from context */ -void gost_destroy(gost_ctx * c) -{ - int i; - for (i = 0; i < 8; i++) - c->k[i] = 0; -} - -/* - * Compute GOST 28147 mac block Parameters gost_ctx *c - context initalized - * with substitution blocks and key buffer - 8-byte mac state buffer block - * 8-byte block to process. - */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block) -{ - register word32 n1, n2; /* As named in the GOST */ - int i; - for (i = 0; i < 8; i++) { - buffer[i] ^= block[i]; - } - n1 = buffer[0] | (buffer[1] << 8) | (buffer[2] << 16) | ((word32) - buffer[3] << 24); - n2 = buffer[4] | (buffer[5] << 8) | (buffer[6] << 16) | ((word32) - buffer[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - buffer[0] = (byte) (n1 & 0xff); - buffer[1] = (byte) ((n1 >> 8) & 0xff); - buffer[2] = (byte) ((n1 >> 16) & 0xff); - buffer[3] = (byte) (n1 >> 24); - buffer[4] = (byte) (n2 & 0xff); - buffer[5] = (byte) ((n2 >> 8) & 0xff); - buffer[6] = (byte) ((n2 >> 16) & 0xff); - buffer[7] = (byte) (n2 >> 24); -} - -/* Get mac with specified number of bits from MAC state buffer */ -void get_mac(byte * buffer, int nbits, byte * out) -{ - int nbytes = nbits >> 3; - int rembits = nbits & 7; - int mask = rembits ? ((1 < rembits) - 1) : 0; - int i; - for (i = 0; i < nbytes; i++) - out[i] = buffer[i]; - if (rembits) - out[i] = buffer[i] & mask; -} - -/* - * Compute mac of specified length (in bits) from data. Context should be - * initialized with key and subst blocks - */ -int gost_mac(gost_ctx * ctx, int mac_len, const unsigned char *data, - unsigned int data_len, unsigned char *mac) -{ - byte buffer[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; - byte buf2[8]; - unsigned int i; - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */ -int gost_mac_iv(gost_ctx * ctx, int mac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *mac) -{ - byte buffer[8]; - byte buf2[8]; - unsigned int i; - memcpy(buffer, iv, 8); - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Implements key meshing algorithm by modifing ctx and IV in place */ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv) -{ - unsigned char newkey[32], newiv[8]; - /* Set static keymeshing key */ - /* "Decrypt" key with keymeshing key */ - gost_dec(ctx, CryptoProKeyMeshingKey, newkey, 4); - /* set new key */ - gost_key(ctx, newkey); - /* Encrypt iv with new key */ - gostcrypt(ctx, iv, newiv); - memcpy(iv, newiv, 8); -} diff --git a/engines/ccgost/gost89.h b/engines/ccgost/gost89.h deleted file mode 100644 index e5b877f..0000000 --- a/engines/ccgost/gost89.h +++ /dev/null @@ -1,98 +0,0 @@ -/********************************************************************** - * gost89.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declarations for GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#ifndef GOST89_H -# define GOST89_H - -/* Typedef for unsigned 32-bit integer */ -# if __LONG_MAX__ > 2147483647L -typedef unsigned int u4; -# else -typedef unsigned long u4; -# endif -/* Typedef for unsigned 8-bit integer */ -typedef unsigned char byte; - -/* Internal representation of GOST substitution blocks */ -typedef struct { - byte k8[16]; - byte k7[16]; - byte k6[16]; - byte k5[16]; - byte k4[16]; - byte k3[16]; - byte k2[16]; - byte k1[16]; -} gost_subst_block; - -/* Cipher context includes key and preprocessed substitution block */ -typedef struct { - u4 k[8]; - /* Constant s-boxes -- set up in gost_init(). */ - u4 k87[256], k65[256], k43[256], k21[256]; -} gost_ctx; -/* - * Note: encrypt and decrypt expect full blocks--padding blocks is caller's - * responsibility. All bulk encryption is done in ECB mode by these calls. - * Other modes may be added easily enough. - */ -/* Encrypt several full blocks in ECB mode */ -void gost_enc(gost_ctx * ctx, const byte * clear, byte * cipher, int blocks); -/* Decrypt several full blocks in ECB mode */ -void gost_dec(gost_ctx * ctx, const byte * cipher, byte * clear, int blocks); -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks); -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks); - -/* Encrypt one block */ -void gostcrypt(gost_ctx * c, const byte * in, byte * out); -/* Decrypt one block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out); -/* Set key into context */ -void gost_key(gost_ctx * ctx, const byte * key); -/* Get key from context */ -void gost_get_key(gost_ctx * ctx, byte * key); -/* Set S-blocks into context */ -void gost_init(gost_ctx * ctx, const gost_subst_block * subst_block); -/* Clean up context */ -void gost_destroy(gost_ctx * ctx); -/* Intermediate function used for calculate hash */ -void gost_enc_with_key(gost_ctx *, byte * key, byte * inblock, - byte * outblock); -/* Compute MAC of given length in bits from data */ -int gost_mac(gost_ctx * ctx, int hmac_len, const unsigned char *data, - unsigned int data_len, unsigned char *hmac); -/* - * Compute MAC of given length in bits from data, using non-zero 8-byte IV - * (non-standard, for use in CryptoPro key transport only - */ -int gost_mac_iv(gost_ctx * ctx, int hmac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *hmac); -/* Perform one step of MAC calculation like gostcrypt */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block); -/* Extracts MAC value from mac state buffer */ -void get_mac(byte * buffer, int nbits, byte * out); -/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv); -/* Parameter sets specified in RFC 4357 */ -extern gost_subst_block GostR3411_94_TestParamSet; -extern gost_subst_block GostR3411_94_CryptoProParamSet; -extern gost_subst_block Gost28147_TestParamSet; -extern gost_subst_block Gost28147_CryptoProParamSetA; -extern gost_subst_block Gost28147_CryptoProParamSetB; -extern gost_subst_block Gost28147_CryptoProParamSetC; -extern gost_subst_block Gost28147_CryptoProParamSetD; -extern const byte CryptoProKeyMeshingKey[]; -typedef unsigned int word32; - -#endif diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c deleted file mode 100644 index 5b1d045..0000000 --- a/engines/ccgost/gost_ameth.c +++ /dev/null @@ -1,696 +0,0 @@ -/********************************************************************** - * gost_ameth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4490/4491 ASN1 method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/engine.h> -#include <openssl/evp.h> -#include <openssl/asn1.h> -#ifndef OPENSSL_NO_CMS -# include <openssl/cms.h> -#endif -#include "gost_lcl.h" -#include "e_gost_err.h" - - -/* Convert little-endian byte array into bignum */ -BIGNUM *hashsum2bn(const unsigned char *dgst) -{ - unsigned char buf[32]; - - BUF_reverse(buf, (unsigned char*)dgst, 32); - return BN_bin2bn(buf, 32, NULL); -} - -/* - * Pack bignum into byte buffer of given size, filling all leading bytes by - * zeros - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len) -{ - int bytes = BN_num_bytes(bn); - - if (bytes > len) - return 0; - memset(buf, 0, len); - BN_bn2bin(bn, buf + len - bytes); - return 1; -} - -static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) -{ - ASN1_STRING *params = ASN1_STRING_new(); - GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); - int pkey_param_nid = NID_undef; - - if (!params || !gkp) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - switch (EVP_PKEY_base_id(key)) { - case NID_id_GostR3410_2001: - pkey_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)key))); - break; - } - gkp->key_params = OBJ_nid2obj(pkey_param_nid); - gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet); - /* - * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); - */ - params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data); - if (params->length <= 0) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - params->type = V_ASN1_SEQUENCE; - err: - GOST_KEY_PARAMS_free(gkp); - return params; -} - -/* - * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting - * NID and parameters - */ -static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg) -{ - ASN1_OBJECT *palg_obj = NULL; - int ptype = V_ASN1_UNDEF; - int pkey_nid = NID_undef, param_nid = NID_undef; - void *_pval; - ASN1_STRING *pval = NULL; - const unsigned char *p; - GOST_KEY_PARAMS *gkp = NULL; - - X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg); - pval = _pval; - if (ptype != V_ASN1_SEQUENCE) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pval->data; - pkey_nid = OBJ_obj2nid(palg_obj); - - gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length); - if (!gkp) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_PKEY_PARAMETERS_FORMAT); - return 0; - } - param_nid = OBJ_obj2nid(gkp->key_params); - GOST_KEY_PARAMS_free(gkp); - if (!EVP_PKEY_set_type(pkey, pkey_nid)) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR); - return 0; - } - switch (pkey_nid) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, pkey_nid, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, param_nid)) - return 0; - } - } - - return 1; -} - -static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec); - } - if (!EC_KEY_set_private_key(ec, priv)) - return 0; - if (!EVP_PKEY_missing_parameters(pkey)) - gost2001_compute_public(ec); - break; - } - } - return 1; -} - -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey); - const BIGNUM *priv; - if (!ec) { - return NULL; - } - if ((priv = EC_KEY_get0_private_key(ec)) == NULL) - return NULL; - return (BIGNUM *)priv; - } - } - return NULL; -} - -static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2, - NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, - NULL, NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#endif - case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: - if (arg1 == 0) { - X509_ALGOR *alg; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), - V_ASN1_SEQUENCE, params); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 0) { - X509_ALGOR *alg = NULL; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, - NULL, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE, - params); - } - return 1; -#endif - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_GostR3411_94; - return 2; - } - - return -2; -} - -/* --------------------- free functions * ------------------------------*/ -static void pkey_free_gost01(EVP_PKEY *key) -{ - EC_KEY_free(key->pkey.ec); -} - -/* ------------------ private key functions -----------------------------*/ -static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf) -{ - const unsigned char *pkey_buf = NULL, *p = NULL; - int priv_len = 0; - BIGNUM *pk_num = NULL; - int ret = 0; - X509_ALGOR *palg = NULL; - ASN1_OBJECT *palg_obj = NULL; - ASN1_INTEGER *priv_key = NULL; - - if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf)) - return 0; - p = pkey_buf; - if (!decode_gost_algor_params(pk, palg)) { - return 0; - } - if (V_ASN1_OCTET_STRING == *p) { - /* New format - Little endian octet string */ - unsigned char rev_buf[32]; - int i; - ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); - if (!s || s->length != 32) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - for (i = 0; i < 32; i++) { - rev_buf[31 - i] = s->data[i]; - } - ASN1_STRING_free(s); - pk_num = BN_bin2bn(rev_buf, 32, NULL); - } else { - priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len); - if (!priv_key) - return 0; - ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); - ASN1_INTEGER_free(priv_key); - if (!ret) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - } - - ret = gost_set_priv_key(pk, pk_num); - BN_free(pk_num); - return ret; -} - -/* ----------------------------------------------------------------------*/ -static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - ASN1_STRING *params = encode_gost_algor_params(pk); - unsigned char *priv_buf = NULL; - int priv_len; - - ASN1_INTEGER *asn1key = NULL; - if (!params) { - return 0; - } - asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk), NULL); - priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf); - ASN1_INTEGER_free(asn1key); - return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, - priv_buf, priv_len); -} - -/* --------- printing keys --------------------------------*/ -static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx, int type) -{ - int param_nid = NID_undef; - if (type == 2) { - BIGNUM *key; - - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Private key: "); - key = gost_get0_priv_key(pkey); - if (!key) - BIO_printf(out, "<undefined)"); - else - BN_print(out, key); - BIO_printf(out, "\n"); - } - if (type >= 1) { - BN_CTX *ctx = BN_CTX_new(); - BIGNUM *X, *Y; - const EC_POINT *pubkey; - const EC_GROUP *group; - - if (!ctx) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_MALLOC_FAILURE); - return 0; - } - BN_CTX_start(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - pubkey = - EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_EC_LIB); - BN_CTX_free(ctx); - return 0; - } - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Public key:\n"); - if (!BIO_indent(out, indent + 3, 128)) - return 0; - BIO_printf(out, "X:"); - BN_print(out, X); - BIO_printf(out, "\n"); - BIO_indent(out, indent + 3, 128); - BIO_printf(out, "Y:"); - BN_print(out, Y); - BIO_printf(out, "\n"); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - - param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - return 1; -} - -static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 0); -} - -static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 1); -} - -static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 2); -} - -/* ---------------------------------------------------------------------*/ -static int param_missing_gost01(const EVP_PKEY *pk) -{ - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - if (!ec) - return 1; - if (!EC_KEY_get0_group(ec)) - return 1; - return 0; -} - - -static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) -{ - EC_KEY *eto = EVP_PKEY_get0(to); - const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from); - if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_INCOMPATIBLE_ALGORITHMS); - return 0; - } - if (!efrom) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_KEY_PARAMETERS_MISSING); - return 0; - } - if (!eto) { - eto = EC_KEY_new(); - if (!eto) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - } - if (!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - if (EC_KEY_get0_private_key(eto)) { - gost2001_compute_public(eto); - } - return 1; -} - -static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (EC_GROUP_get_curve_name - (EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a))) == - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)b)))) { - return 1; - } - return 0; - -} - -/* ---------- Public key functions * --------------------------------------*/ - -static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) -{ - X509_ALGOR *palg = NULL; - const unsigned char *pubkey_buf = NULL; - unsigned char *databuf; - ASN1_OBJECT *palgobj = NULL; - int pub_len, i, j; - EC_POINT *pub_key; - BIGNUM *X, *Y; - ASN1_OCTET_STRING *octet = NULL; - int len; - const EC_GROUP *group; - - if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)) - return 0; - EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL); - if (!decode_gost_algor_params(pk, palg)) - return 0; - group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); - octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); - if (!octet) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - databuf = OPENSSL_malloc(octet->length); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - ASN1_OCTET_STRING_free(octet); - return 0; - } - for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { - databuf[j] = octet->data[i]; - } - len = octet->length / 2; - ASN1_OCTET_STRING_free(octet); - - Y = BN_bin2bn(databuf, len, NULL); - X = BN_bin2bn(databuf + len, len, NULL); - OPENSSL_free(databuf); - pub_key = EC_POINT_new(group); - if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - BN_free(X); - BN_free(Y); - return 0; - } - BN_free(X); - BN_free(Y); - if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - return 0; - } - EC_POINT_free(pub_key); - return 1; - -} - -static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = NULL; - ASN1_OCTET_STRING *octet = NULL; - void *pval = NULL; - unsigned char *buf = NULL, *databuf, *sptr; - int i, j, data_len, ret = 0; - const EC_POINT *pub_key; - BIGNUM *X, *Y, *order; - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - int ptype = V_ASN1_UNDEF; - - algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - if (pk->save_parameters) { - ASN1_STRING *params = encode_gost_algor_params(pk); - pval = params; - ptype = V_ASN1_SEQUENCE; - } - order = BN_new(); - EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL); - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED); - BN_free(order); - return 0; - } - X = BN_new(); - Y = BN_new(); - if (!X || !Y) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - BN_free(X); - BN_free(Y); - BN_free(order); - return 0; - } - if (!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec), - pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR); - BN_free(X); - BN_free(Y); - BN_free(order); - return 0; - } - data_len = 2 * BN_num_bytes(order); - BN_free(order); - databuf = OPENSSL_malloc(data_len); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - BN_free(X); - BN_free(Y); - return 0; - } - memset(databuf, 0, data_len); - - store_bignum(X, databuf + data_len / 2, data_len / 2); - store_bignum(Y, databuf, data_len / 2); - - BN_free(X); - BN_free(Y); - octet = ASN1_OCTET_STRING_new(); - if (octet == NULL) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - OPENSSL_free(databuf); - return 0; - } - ASN1_STRING_set(octet, NULL, data_len); - sptr = ASN1_STRING_data(octet); - for (i = 0, j = data_len - 1; i < data_len; i++, j--) { - sptr[i] = databuf[j]; - } - OPENSSL_free(databuf); - ret = i2d_ASN1_OCTET_STRING(octet, &buf); - ASN1_BIT_STRING_free(octet); - if (ret < 0) - return 0; - return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret); -} - -static int pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a); - const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b); - const EC_POINT *ka, *kb; - int ret = 0; - if (!ea || !eb) - return 0; - ka = EC_KEY_get0_public_key(ea); - kb = EC_KEY_get0_public_key(eb); - if (!ka || !kb) - return 0; - ret = (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL)); - return ret; -} - -static int pkey_size_gost(const EVP_PKEY *pk) -{ - return 64; -} - -static int pkey_bits_gost(const EVP_PKEY *pk) -{ - return 256; -} - -/* ---------------------- ASN1 METHOD for GOST MAC -------------------*/ -static void mackey_free_gost(EVP_PKEY *pk) -{ - OPENSSL_free(pk->pkey.ptr); -} - -static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_Gost28147_89_MAC; - return 2; - } - return -2; -} - -static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) -{ - int nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); -} - -static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, - int derlen) -{ - ASN1_OBJECT *obj = NULL; - int nid; - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { - return 0; - } - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, nid)) - return 0; - return 1; -} - -/* ----------------------------------------------------------------------*/ -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info) -{ - *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info); - if (!*ameth) - return 0; - switch (nid) { - case NID_id_GostR3410_2001: - EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost01); - EVP_PKEY_asn1_set_private(*ameth, - priv_decode_gost, priv_encode_gost, - priv_print_gost01); - - EVP_PKEY_asn1_set_param(*ameth, - gost2001_param_decode, gost2001_param_encode, - param_missing_gost01, param_copy_gost01, - param_cmp_gost01, param_print_gost01); - EVP_PKEY_asn1_set_public(*ameth, - pub_decode_gost01, pub_encode_gost01, - pub_cmp_gost01, pub_print_gost01, - pkey_size_gost, pkey_bits_gost); - - EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost); - EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost); - break; - } - return 1; -} diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c deleted file mode 100644 index 1168633..0000000 --- a/engines/ccgost/gost_asn1.c +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keytrans.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * ASN1 structure definition for GOST key transport * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <stdio.h> -#include <openssl/asn1t.h> -#include <openssl/x509.h> -#include "gost_lcl.h" - -ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = { - ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), - ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = { - ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = { - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), - ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = { - ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), - ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = { - ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */ - ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT) -} - -ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c deleted file mode 100644 index 63009a2..0000000 --- a/engines/ccgost/gost_crypt.c +++ /dev/null @@ -1,699 +0,0 @@ -/********************************************************************** - * gost_crypt.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST 28147-89 cipher functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -#include <openssl/err.h> -#include <openssl/rand.h> -#include "e_gost_err.h" -#include "gost_lcl.h" -#include <openssl/evp.h> - -#if !defined(CCGOST_DEBUG) && !defined(DEBUG) -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include <assert.h> - -static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -/* Handles block of data in CFB mode */ -static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Handles block of data in CNT mode */ -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Cleanup function */ -static int gost_cipher_cleanup(EVP_CIPHER_CTX *); -/* set/get cipher parameters */ -static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -/* Control function */ -static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); - -static EVP_CIPHER *_hidden_Gost28147_89_cipher = NULL; -const EVP_CIPHER *cipher_gost(void) -{ - if (_hidden_Gost28147_89_cipher == NULL - && ((_hidden_Gost28147_89_cipher = - EVP_CIPHER_meth_new(NID_id_Gost28147_89, - 1 /* block_size */, - 32 /* key_size */)) == NULL - || !EVP_CIPHER_meth_set_iv_length(_hidden_Gost28147_89_cipher, 8) - || !EVP_CIPHER_meth_set_flags(_hidden_Gost28147_89_cipher, - EVP_CIPH_CFB_MODE | - EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | - EVP_CIPH_RAND_KEY | - EVP_CIPH_ALWAYS_CALL_INIT) - || !EVP_CIPHER_meth_set_init(_hidden_Gost28147_89_cipher, - gost_cipher_init) - || !EVP_CIPHER_meth_set_do_cipher(_hidden_Gost28147_89_cipher, - gost_cipher_do_cfb) - || !EVP_CIPHER_meth_set_cleanup(_hidden_Gost28147_89_cipher, - gost_cipher_cleanup) - || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_Gost28147_89_cipher, - sizeof(struct ossl_gost_cipher_ctx)) - || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cipher, - gost89_set_asn1_parameters) - || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cipher, - gost89_get_asn1_parameters) - || !EVP_CIPHER_meth_set_ctrl(_hidden_Gost28147_89_cipher, - gost_cipher_ctl))) { - EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher); - _hidden_Gost28147_89_cipher = NULL; - } - return _hidden_Gost28147_89_cipher; -} - -static EVP_CIPHER *_hidden_gost89_cnt = NULL; -const EVP_CIPHER *cipher_gost_cpacnt(void) -{ - if (_hidden_gost89_cnt == NULL - && ((_hidden_gost89_cnt = - EVP_CIPHER_meth_new(NID_gost89_cnt, - 1 /* block_size */, - 32 /* key_size */)) == NULL - || !EVP_CIPHER_meth_set_iv_length(_hidden_gost89_cnt, 8) - || !EVP_CIPHER_meth_set_flags(_hidden_gost89_cnt, - EVP_CIPH_OFB_MODE | - EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | - EVP_CIPH_RAND_KEY | - EVP_CIPH_ALWAYS_CALL_INIT) - || !EVP_CIPHER_meth_set_init(_hidden_gost89_cnt, - gost_cipher_init_cpa) - || !EVP_CIPHER_meth_set_do_cipher(_hidden_gost89_cnt, - gost_cipher_do_cnt) - || !EVP_CIPHER_meth_set_cleanup(_hidden_gost89_cnt, - gost_cipher_cleanup) - || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_gost89_cnt, - sizeof(struct ossl_gost_cipher_ctx)) - || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_gost89_cnt, - gost89_set_asn1_parameters) - || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_gost89_cnt, - gost89_get_asn1_parameters) - || !EVP_CIPHER_meth_set_ctrl(_hidden_gost89_cnt, - gost_cipher_ctl))) { - EVP_CIPHER_meth_free(_hidden_gost89_cnt); - _hidden_gost89_cnt = NULL; - } - return _hidden_gost89_cnt; -} - -void cipher_gost_destroy(void) -{ - EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher); - _hidden_Gost28147_89_cipher = NULL; - EVP_CIPHER_meth_free(_hidden_gost89_cnt); - _hidden_gost89_cnt = NULL; -} - -/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */ -/* Init functions which set specific parameters */ -static int gost_imit_init_cpa(EVP_MD_CTX *ctx); -/* process block of data */ -static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count); -/* Return computed value */ -static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md); -/* Copies context */ -static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_imit_cleanup(EVP_MD_CTX *ctx); -/* Control function, knows how to set MAC key.*/ -static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr); - -static EVP_MD *_hidden_Gost28147_89_MAC_md = NULL; -const EVP_MD *imit_gost_cpa(void) -{ - - if (_hidden_Gost28147_89_MAC_md == NULL) { - EVP_MD *md; - - if ((md = EVP_MD_meth_new(NID_id_Gost28147_89_MAC, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 4) - || !EVP_MD_meth_set_input_blocksize(md, 8) - || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_imit_ctx)) - || !EVP_MD_meth_set_flags(md, 0) - || !EVP_MD_meth_set_init(md, gost_imit_init_cpa) - || !EVP_MD_meth_set_update(md, gost_imit_update) - || !EVP_MD_meth_set_final(md, gost_imit_final) - || !EVP_MD_meth_set_copy(md, gost_imit_copy) - || !EVP_MD_meth_set_cleanup(md, gost_imit_cleanup) - || !EVP_MD_meth_set_ctrl(md, gost_imit_ctrl)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_Gost28147_89_MAC_md = md; - } - return _hidden_Gost28147_89_MAC_md; -} -void imit_gost_cpa_destroy(void) -{ - EVP_MD_meth_free(_hidden_Gost28147_89_MAC_md); - _hidden_Gost28147_89_MAC_md = NULL; -} - -/* - * Correspondence between gost parameter OIDs and substitution blocks - * NID field is filed by register_gost_NID function in engine.c - * upon engine initialization - */ - -struct gost_cipher_info gost_cipher_list[] = { - /*- NID *//* - * Subst block - *//* - * Key meshing - */ - /* - * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0}, - */ - {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA, - 1}, - {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB, - 1}, - {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC, - 1}, - {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD, - 1}, - {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1}, - {NID_undef, NULL, 0} -}; - -/* - * get encryption parameters from crypto network settings FIXME For now we - * use environment var CRYPT_PARAMS as place to store these settings. - * Actually, it is better to use engine control command, read from - * configuration file to set them - */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj) -{ - int nid; - struct gost_cipher_info *param; - if (!obj) { - const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS); - if (!params || !strlen(params)) - return &gost_cipher_list[1]; - - nid = OBJ_txt2nid(params); - if (nid == NID_undef) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, - GOST_R_INVALID_CIPHER_PARAM_OID); - return NULL; - } - } else { - nid = OBJ_obj2nid(obj); - } - for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid; - param++) ; - if (!param->sblock) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - return NULL; - } - return param; -} - -/* Sets cipher param from paramset NID. */ -static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid) -{ - const struct gost_cipher_info *param; - param = - get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid))); - if (!param) - return 0; - - c->paramNID = param->nid; - c->key_meshing = param->key_meshing; - c->count = 0; - gost_init(&(c->cctx), param->sblock); - return 1; -} - -/* Initializes EVP_CIPHER_CTX by paramset NID */ -static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, int enc, - int paramNID, int mode) -{ - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - if (EVP_CIPHER_CTX_get_app_data(ctx) == NULL) { - if (!gost_cipher_set_param(c, paramNID)) - return 0; - EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_cipher_data(ctx)); - } - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, - EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - c->key_meshing = 1; - c->count = 0; - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, - EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -/* Initializes EVP_CIPHER_CTX with default values */ -int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - return gost_cipher_init_param(ctx, key, iv, enc, NID_undef, - EVP_CIPH_CFB_MODE); -} - -/* - * Wrapper around gostcrypt function from gost89.c which perform key meshing - * when nesseccary - */ -static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - gostcrypt(&(c->cctx), iv, buf); - c->count = c->count % 1024 + 8; -} - -static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - word32 g, go; - unsigned char buf1[8]; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - if (c->count == 0) { - gostcrypt(&(c->cctx), iv, buf1); - } else { - memcpy(buf1, iv, 8); - } - g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24); - g += 0x01010101; - buf1[0] = (unsigned char)(g & 0xff); - buf1[1] = (unsigned char)((g >> 8) & 0xff); - buf1[2] = (unsigned char)((g >> 16) & 0xff); - buf1[3] = (unsigned char)((g >> 24) & 0xff); - g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24); - go = g; - g += 0x01010104; - if (go > g) /* overflow */ - g++; - buf1[4] = (unsigned char)(g & 0xff); - buf1[5] = (unsigned char)((g >> 8) & 0xff); - buf1[6] = (unsigned char)((g >> 16) & 0xff); - buf1[7] = (unsigned char)((g >> 24) & 0xff); - memcpy(iv, buf1, 8); - gostcrypt(&(c->cctx), buf1, buf); - c->count = c->count % 1024 + 8; -} - -/* GOST encryption in CFB mode */ -int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - size_t i = 0; - size_t j = 0; -/* process partial block if any */ - if (EVP_CIPHER_CTX_num(ctx)) { - for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - if (!EVP_CIPHER_CTX_encrypting(ctx)) - buf[j + 8] = *in_ptr; - *out_ptr = buf[j] ^ (*in_ptr); - if (EVP_CIPHER_CTX_encrypting(ctx)) - buf[j + 8] = *out_ptr; - } - if (j == 8) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), buf + 8, 8); - EVP_CIPHER_CTX_set_num(ctx, 0); - } else { - EVP_CIPHER_CTX_set_num(ctx, j); - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - if (!EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in_ptr, 8); - for (j = 0; j < 8; j++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - /* Encrypt */ - /* Next iv is next block of cipher text */ - if (EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out_ptr, 8); - } -/* Process rest of buffer */ - if (i < inl) { - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - if (!EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(buf + 8, in_ptr, inl - i); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - EVP_CIPHER_CTX_set_num(ctx, j); - if (EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(buf + 8, out_ptr, j); - } else { - EVP_CIPHER_CTX_set_num(ctx, 0); - } - return 1; -} - -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - size_t i = 0; - size_t j; -/* process partial block if any */ - if (EVP_CIPHER_CTX_num(ctx)) { - for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - *out_ptr = buf[j] ^ (*in_ptr); - } - if (j == 8) { - EVP_CIPHER_CTX_set_num(ctx, 0); - } else { - EVP_CIPHER_CTX_set_num(ctx, j); - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - /* Encrypt */ - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - for (j = 0; j < 8; j++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - } -/* Process rest of buffer */ - if (i < inl) { - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - EVP_CIPHER_CTX_set_num(ctx, j); - } else { - EVP_CIPHER_CTX_set_num(ctx, 0); - } - return 1; -} - -/* Cleaning up of EVP_CIPHER_CTX */ -int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx) -{ - gost_destroy(&((struct ossl_gost_cipher_ctx *) - EVP_CIPHER_CTX_cipher_data(ctx))->cctx); - EVP_CIPHER_CTX_set_app_data(ctx, NULL); - return 1; -} - -/* Control function for gost cipher */ -int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_RAND_KEY: - { - if (RAND_bytes((unsigned char *)ptr, - EVP_CIPHER_CTX_key_length(ctx)) <= 0) { - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_RANDOM_GENERATOR_ERROR); - return -1; - } - break; - } - case EVP_CTRL_PBE_PRF_NID: - if (ptr) { - *((int *)ptr) = NID_id_HMACGostR3411_94; - return 1; - } else { - return 0; - } - - default: - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND); - return -1; - } - return 1; -} - -/* Set cipher parameters from ASN1 structure */ -int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int len = 0; - unsigned char *buf = NULL; - unsigned char *p = NULL; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); - ASN1_OCTET_STRING *os = NULL; - if (!gcp) { - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!ASN1_OCTET_STRING_set(gcp->iv, EVP_CIPHER_CTX_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx))) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(gcp->enc_param_set); - gcp->enc_param_set = OBJ_nid2obj(c->paramNID); - - len = i2d_GOST_CIPHER_PARAMS(gcp, NULL); - p = buf = OPENSSL_malloc(len); - if (!buf) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_GOST_CIPHER_PARAMS(gcp, &p); - GOST_CIPHER_PARAMS_free(gcp); - - os = ASN1_OCTET_STRING_new(); - - if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { - OPENSSL_free(buf); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - OPENSSL_free(buf); - - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - return 1; -} - -/* Store parameters into ASN1 structure */ -int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int ret = -1; - int len; - GOST_CIPHER_PARAMS *gcp = NULL; - unsigned char *p; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { - return ret; - } - - p = params->value.sequence->data; - - gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p, - params->value.sequence->length); - - len = gcp->iv->length; - if (len != EVP_CIPHER_CTX_iv_length(ctx)) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH); - return -1; - } - if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) { - GOST_CIPHER_PARAMS_free(gcp); - return -1; - } - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), gcp->iv->data, - EVP_CIPHER_CTX_iv_length(ctx)); - - GOST_CIPHER_PARAMS_free(gcp); - - return 1; -} - -int gost_imit_init_cpa(EVP_MD_CTX *ctx) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - memset(c->buffer, 0, sizeof(c->buffer)); - memset(c->partial_block, 0, sizeof(c->partial_block)); - c->count = 0; - c->bytes_left = 0; - c->key_meshing = 1; - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - return 1; -} - -static void mac_block_mesh(struct ossl_gost_imit_ctx *c, - const unsigned char *data) -{ - unsigned char buffer[8]; - /* - * We are using local buffer for iv because CryptoPro doesn't interpret - * internal state of MAC algorithm as iv during keymeshing (but does - * initialize internal state from iv in key transport - */ - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), buffer); - } - mac_block(&(c->cctx), c->buffer, data); - c->count = c->count % 1024 + 8; -} - -int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - const unsigned char *p = data; - size_t bytes = count, i; - if (!(c->key_set)) { - GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->bytes_left) { - for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) { - c->partial_block[i] = *p; - } - if (i == 8) { - mac_block_mesh(c, c->partial_block); - } else { - c->bytes_left = i; - return 1; - } - } - while (bytes > 8) { - mac_block_mesh(c, p); - p += 8; - bytes -= 8; - } - if (bytes > 0) { - memcpy(c->partial_block, p, bytes); - } - c->bytes_left = bytes; - return 1; -} - -int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - if (!c->key_set) { - GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->count == 0 && c->bytes_left) { - unsigned char buffer[8]; - memset(buffer, 0, 8); - gost_imit_update(ctx, buffer, 8); - } - if (c->bytes_left) { - int i; - for (i = c->bytes_left; i < 8; i++) { - c->partial_block[i] = 0; - } - mac_block_mesh(c, c->partial_block); - } - get_mac(c->buffer, 32, md); - return 1; -} - -int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_MD_CTRL_KEY_LEN: - *((unsigned int *)(ptr)) = 32; - return 1; - case EVP_MD_CTRL_SET_KEY: - { - if (arg != 32) { - GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - gost_key(&(((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->cctx), - ptr); - ((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->key_set = 1; - return 1; - - } - default: - return 0; - } -} - -int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from), - sizeof(struct ossl_gost_imit_ctx)); - return 1; -} - -/* Clean up imit ctx */ -int gost_imit_cleanup(EVP_MD_CTX *ctx) -{ - memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_ctl.c b/engines/ccgost/gost_ctl.c deleted file mode 100644 index 20a07df..0000000 --- a/engines/ccgost/gost_ctl.c +++ /dev/null @@ -1,91 +0,0 @@ -/********************************************************************** - * gost_ctl.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of control commands for GOST engine * - * OpenSSL 0.9.9 libraries required * - **********************************************************************/ -#include <stdlib.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/engine.h> -#include <openssl/buffer.h> -#include "gost_lcl.h" - -static char *gost_params[GOST_PARAM_MAX + 1] = { NULL }; -static const char *gost_envnames[] = { "CRYPT_PARAMS" }; - -const ENGINE_CMD_DEFN gost_cmds[] = { -/*- { GOST_CTRL_RNG, - "RNG", - "Type of random number generator to use", - ENGINE_CMD_FLAG_STRING - }, - { GOST_CTRL_RNG_PARAMS, - "RNG_PARAMS", - "Parameter for random number generator", - ENGINE_CMD_FLAG_STRING - }, -*/ {GOST_CTRL_CRYPT_PARAMS, - "CRYPT_PARAMS", - "OID of default GOST 28147-89 parameters", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -void gost_param_free() -{ - int i; - - for (i = 0; i <= GOST_PARAM_MAX; i++) { - OPENSSL_free(gost_params[i]); - gost_params[i] = NULL; - } - -} - -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int param = cmd - ENGINE_CMD_BASE; - int ret = 0; - if (param < 0 || param > GOST_PARAM_MAX) - return -1; - ret = gost_set_default_param(param, p); - return ret; -} - -const char *get_gost_engine_param(int param) -{ - char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return NULL; - if (gost_params[param] != NULL) { - return gost_params[param]; - } - tmp = getenv(gost_envnames[param]); - if (tmp) { - OPENSSL_free(gost_params[param]); - gost_params[param] = OPENSSL_strdup(tmp); - return gost_params[param]; - } - return NULL; -} - -int gost_set_default_param(int param, const char *value) -{ - const char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return 0; - tmp = getenv(gost_envnames[param]); - /* - * if there is value in the environment, use it, else -passed string * - */ - if (!tmp) - tmp = value; - OPENSSL_free(gost_params[param]); - gost_params[param] = OPENSSL_strdup(tmp); - - return 1; -} diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c deleted file mode 100644 index 38ed25c..0000000 --- a/engines/ccgost/gost_eng.c +++ /dev/null @@ -1,285 +0,0 @@ -/********************************************************************** - * gost_eng.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Main file of GOST engine * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/engine.h> -#include <openssl/obj_mac.h> -#include "e_gost_err.h" -#include "gost_lcl.h" -static const char *engine_gost_id = "gost"; -static const char *engine_gost_name = - "Reference implementation of GOST engine"; - -static int gost_pkey_meth_nids[] = { - NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0 -}; - -/* Symmetric cipher and digest function registrar */ - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); - -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int ind); - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid); - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid); - -static int gost_cipher_nids[] = { NID_id_Gost28147_89, NID_gost89_cnt, 0 }; - -static int gost_digest_nids(const int **nids) -{ - static int digest_nids[3] = { 0, 0, 0 }; - static int pos = 0; - static int init = 0; - - if (!init) { - const EVP_MD *md; - if ((md = digest_gost()) != NULL) - digest_nids[pos++] = EVP_MD_type(md); - if ((md = imit_gost_cpa()) != NULL) - digest_nids[pos++] = EVP_MD_type(md); - digest_nids[pos] = 0; - init = 1; - } - *nids = digest_nids; - return pos; -} - -static EVP_PKEY_METHOD *pmeth_GostR3410_2001 = NULL; -static EVP_PKEY_METHOD *pmeth_Gost28147_MAC = NULL; - -static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_2001 = NULL; -static EVP_PKEY_ASN1_METHOD *ameth_Gost28147_MAC = NULL; - -static int gost_engine_init(ENGINE *e) -{ - return 1; -} - -static int gost_engine_finish(ENGINE *e) -{ - return 1; -} - -static int gost_engine_destroy(ENGINE *e) -{ - digest_gost_destroy(); - cipher_gost_destroy(); - imit_gost_cpa_destroy(); - - gost_param_free(); - - pmeth_GostR3410_2001 = NULL; - pmeth_Gost28147_MAC = NULL; - ameth_GostR3410_2001 = NULL; - ameth_Gost28147_MAC = NULL; - return 1; -} - -static int bind_gost(ENGINE *e, const char *id) -{ - int ret = 0; - if (id && strcmp(id, engine_gost_id)) - return 0; - if (ameth_GostR3410_2001) { - printf("GOST engine already loaded\n"); - goto end; - } - - if (!ENGINE_set_id(e, engine_gost_id)) { - printf("ENGINE_set_id failed\n"); - goto end; - } - if (!ENGINE_set_name(e, engine_gost_name)) { - printf("ENGINE_set_name failed\n"); - goto end; - } - if (!ENGINE_set_digests(e, gost_digests)) { - printf("ENGINE_set_digests failed\n"); - goto end; - } - if (!ENGINE_set_ciphers(e, gost_ciphers)) { - printf("ENGINE_set_ciphers failed\n"); - goto end; - } - if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) { - printf("ENGINE_set_pkey_meths failed\n"); - goto end; - } - if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) { - printf("ENGINE_set_pkey_asn1_meths failed\n"); - goto end; - } - /* Control function and commands */ - if (!ENGINE_set_cmd_defns(e, gost_cmds)) { - fprintf(stderr, "ENGINE_set_cmd_defns failed\n"); - goto end; - } - if (!ENGINE_set_ctrl_function(e, gost_control_func)) { - fprintf(stderr, "ENGINE_set_ctrl_func failed\n"); - goto end; - } - if (!ENGINE_set_destroy_function(e, gost_engine_destroy) - || !ENGINE_set_init_function(e, gost_engine_init) - || !ENGINE_set_finish_function(e, gost_engine_finish)) { - goto end; - } - - if (!register_ameth_gost - (NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", - "GOST R 34.10-2001")) - goto end; - if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC, - "GOST-MAC", "GOST 28147-89 MAC")) - goto end; - - if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) - goto end; - if (!register_pmeth_gost(NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0)) - goto end; - if (!ENGINE_register_ciphers(e) - || !ENGINE_register_digests(e) - || !ENGINE_register_pkey_meths(e) - /* These two actually should go in LIST_ADD command */ - || !EVP_add_cipher(cipher_gost()) - || !EVP_add_cipher(cipher_gost_cpacnt()) - || !EVP_add_digest(digest_gost()) - || !EVP_add_digest(imit_gost_cpa()) - ) { - goto end; - } - - ERR_load_GOST_strings(); - ret = 1; - end: - return ret; -} - -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -IMPLEMENT_DYNAMIC_BIND_FN(bind_gost) - IMPLEMENT_DYNAMIC_CHECK_FN() -#endif /* ndef OPENSSL_NO_DYNAMIC_ENGINE */ -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int nid) -{ - int ok = 1; - if (!digest) { - return gost_digest_nids(nids); - } - /* - * printf("Digest no %d requested\n",nid); - */ - if (nid == NID_id_GostR3411_94) { - *digest = digest_gost(); - } else if (nid == NID_id_Gost28147_89_MAC) { - *digest = imit_gost_cpa(); - } else { - ok = 0; - *digest = NULL; - } - return ok; -} - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) -{ - int ok = 1; - if (!cipher) { - *nids = gost_cipher_nids; - return 2; /* two ciphers are supported */ - } - - if (nid == NID_id_Gost28147_89) { - *cipher = cipher_gost(); - } else if (nid == NID_gost89_cnt) { - *cipher = cipher_gost_cpacnt(); - } else { - ok = 0; - *cipher = NULL; - } - return ok; -} - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid) -{ - if (!pmeth) { - *nids = gost_pkey_meth_nids; - return 2; - } - - switch (nid) { - case NID_id_GostR3410_2001: - *pmeth = pmeth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *pmeth = pmeth_Gost28147_MAC; - return 1; - default:; - } - - *pmeth = NULL; - return 0; -} - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid) -{ - if (!ameth) { - *nids = gost_pkey_meth_nids; - return 2; - } - switch (nid) { - case NID_id_GostR3410_2001: - *ameth = ameth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *ameth = ameth_Gost28147_MAC; - return 1; - - default:; - } - - *ameth = NULL; - return 0; -} - -#ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_gost(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_gost(ret, engine_gost_id)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_gost(void) -{ - ENGINE *toadd; - if (pmeth_GostR3410_2001) - return; - toadd = engine_gost(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -#endif diff --git a/engines/ccgost/gost_keywrap.c b/engines/ccgost/gost_keywrap.c deleted file mode 100644 index 502a83c..0000000 --- a/engines/ccgost/gost_keywrap.c +++ /dev/null @@ -1,106 +0,0 @@ -/********************************************************************** - * keywrap.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -#include "gost_keywrap.h" - -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey, - const unsigned char *ukm, unsigned char *outputKey) -{ - - u4 k, s1, s2; - int i, j, mask; - unsigned char S[8]; - memcpy(outputKey, inputKey, 32); - for (i = 0; i < 8; i++) { - /* Make array of integers from key */ - /* Compute IV S */ - s1 = 0, s2 = 0; - for (j = 0, mask = 1; j < 8; j++, mask <<= 1) { - k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) | - (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24); - if (mask & ukm[i]) { - s1 += k; - } else { - s2 += k; - } - } - S[0] = (unsigned char)(s1 & 0xff); - S[1] = (unsigned char)((s1 >> 8) & 0xff); - S[2] = (unsigned char)((s1 >> 16) & 0xff); - S[3] = (unsigned char)((s1 >> 24) & 0xff); - S[4] = (unsigned char)(s2 & 0xff); - S[5] = (unsigned char)((s2 >> 8) & 0xff); - S[6] = (unsigned char)((s2 >> 16) & 0xff); - S[7] = (unsigned char)((s2 >> 24) & 0xff); - gost_key(ctx, outputKey); - gost_enc_cfb(ctx, S, outputKey, outputKey, 4); - } -} - -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey) -{ - unsigned char kek_ukm[32]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm); - gost_key(ctx, kek_ukm); - memcpy(wrappedKey, ukm, 8); - gost_enc(ctx, sessionKey, wrappedKey + 8, 4); - gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40); - return 1; -} - -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey) -{ - unsigned char kek_ukm[32], cek_mac[4]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey - /* First 8 bytes of wrapped Key is ukm */ - , kek_ukm); - gost_key(ctx, kek_ukm); - gost_dec(ctx, wrappedKey + 8, sessionKey, 4); - gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac); - if (memcmp(cek_mac, wrappedKey + 40, 4)) { - return 0; - } - return 1; -} diff --git a/engines/ccgost/gost_keywrap.h b/engines/ccgost/gost_keywrap.h deleted file mode 100644 index 7def4c9..0000000 --- a/engines/ccgost/gost_keywrap.h +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keywrap.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOST_KEYWRAP_H -# define GOST_KEYWRAP_H -# include <string.h> -# include "gost89.h" -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, - const unsigned char *inputKey, - const unsigned char *ukm, - unsigned char *outputKey); -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey); -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey); -#endif diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h deleted file mode 100644 index 61f657c..0000000 --- a/engines/ccgost/gost_lcl.h +++ /dev/null @@ -1,228 +0,0 @@ -#ifndef GOST_TOOLS_H -# define GOST_TOOLS_H -/********************************************************************** - * gost_lcl.h * - * Copyright (c) 2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Internal declarations used in GOST engine * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -# include <openssl/bn.h> -# include <openssl/evp.h> -# include <openssl/dsa.h> -# include <openssl/asn1t.h> -# include <openssl/x509.h> -# include <openssl/engine.h> -# include <openssl/ec.h> -# include "gost89.h" -# include "gosthash.h" -/* Control commands */ -# define GOST_PARAM_CRYPT_PARAMS 0 -# define GOST_PARAM_MAX 0 -# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS) - -typedef struct R3410_2001 { - int nid; - char *a; - char *b; - char *p; - char *q; - char *x; - char *y; -} R3410_2001_params; - -extern R3410_2001_params R3410_2001_paramset[]; - -extern const ENGINE_CMD_DEFN gost_cmds[]; -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -const char *get_gost_engine_param(int param); -int gost_set_default_param(int param, const char *value); -void gost_param_free(void); - -/* method registration */ - -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info); -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags); - -/* Gost-specific pmeth control-function parameters */ -/* For GOST R34.10 parameters */ -# define param_ctrl_string "paramset" -# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) -/* For GOST 28147 MAC */ -# define key_ctrl_string "key" -# define hexkey_ctrl_string "hexkey" -# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) -/* Pmeth internal representation */ -struct gost_pmeth_data { - int sign_param_nid; /* Should be set whenever parameters are - * filled */ - EVP_MD *md; - unsigned char *shared_ukm; - int peer_key_used; -}; - -struct gost_mac_pmeth_data { - int key_set; - EVP_MD *md; - unsigned char key[32]; -}; -/* GOST-specific ASN1 structures */ - -typedef struct { - ASN1_OCTET_STRING *encrypted_key; - ASN1_OCTET_STRING *imit; -} GOST_KEY_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO) - -typedef struct { - ASN1_OBJECT *cipher; - X509_PUBKEY *ephem_key; - ASN1_OCTET_STRING *eph_iv; -} GOST_KEY_AGREEMENT_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -typedef struct { - GOST_KEY_INFO *key_info; - GOST_KEY_AGREEMENT_INFO *key_agreement_info; -} GOST_KEY_TRANSPORT; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -typedef struct { /* FIXME incomplete */ - GOST_KEY_TRANSPORT *gkt; -} GOST_CLIENT_KEY_EXCHANGE_PARAMS; - -/* - * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics - * what's done in symhacks.h, but since this is a very local header file, I - * prefered to put this hack directly here. -- Richard Levitte - */ -# ifdef OPENSSL_SYS_VMS -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free -# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS -# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS -# endif /* End of hack */ -DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -typedef struct { - ASN1_OBJECT *key_params; - ASN1_OBJECT *hash_params; - ASN1_OBJECT *cipher_params; -} GOST_KEY_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -typedef struct { - ASN1_OCTET_STRING *iv; - ASN1_OBJECT *enc_param_set; -} GOST_CIPHER_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) -/*============== Message digest and cipher related structures ==========*/ - /* - * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing - * in the md-data pointers to dynamically allocated memory. I - * cannot invent better way to avoid memory leaks, because openssl - * insist on invoking Init on Final-ed digests, and there is no - * reliable way to find out whether pointer in the passed md_data is - * valid or not. - */ -struct ossl_gost_digest_ctx { - gost_hash_ctx dctx; - gost_ctx cctx; -}; -/* EVP_MD structure for GOST R 34.11 */ -EVP_MD *digest_gost(void); -void digest_gost_destroy(void); -void cipher_gost_destroy(void); -/* EVP_MD structure for GOST 28147 in MAC mode */ -const EVP_MD *imit_gost_cpa(void); -void imit_gost_cpa_destroy(void); -/* Cipher context used for EVP_CIPHER operation */ -struct ossl_gost_cipher_ctx { - int paramNID; - unsigned int count; - int key_meshing; - gost_ctx cctx; -}; -/* Structure to map parameter NID to S-block */ -struct gost_cipher_info { - int nid; - gost_subst_block *sblock; - int key_meshing; -}; -/* Context for MAC */ -struct ossl_gost_imit_ctx { - gost_ctx cctx; - unsigned char buffer[8]; - unsigned char partial_block[8]; - unsigned int count; - int key_meshing; - int bytes_left; - int key_set; -}; -/* Table which maps parameter NID to S-blocks */ -extern struct gost_cipher_info gost_cipher_list[]; -/* Find encryption params from ASN1_OBJECT */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj); -/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */ -const EVP_CIPHER *cipher_gost(void); -const EVP_CIPHER *cipher_gost_cpacnt(void); -# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) -# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) -/* EVP_PKEY_METHOD key encryption callbacks */ -/* From gost2001_keyx.c */ -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *key, - size_t key_len); - -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *in, - size_t in_len); -/* derive functions */ -/* From gost2001_keyx.c */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen); -/* Internal functions for signature algorithms */ -int fill_GOST2001_params(EC_KEY *eckey, int nid); -int gost_sign_keygen(DSA *dsa); -int gost2001_keygen(EC_KEY *ec); - -DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); - -int gost_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec); -int gost2001_compute_public(EC_KEY *ec); -/*============== miscellaneous functions============================= */ -/* from gost_sign.c */ -/* Convert GOST R 34.11 hash sum to bignum according to standard */ -BIGNUM *hashsum2bn(const unsigned char *dgst); -/* - * Store bignum in byte array of given length, prepending by zeros if - * nesseccary - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len); -/* Pack GOST R 34.10 signature according to CryptoPro rules */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen); -/* Unpack GOST R 34.10 signature according to CryptoPro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen); -/* from ameth.c */ -/* Get private key as BIGNUM from both 34.10-2001 keys*/ -/* Returns pointer into EVP_PKEY structure */ -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey); - -#endif diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c deleted file mode 100644 index 8c12d00..0000000 --- a/engines/ccgost/gost_md.c +++ /dev/null @@ -1,88 +0,0 @@ -/********************************************************************** - * md_gost.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST R 34.11-94 hash functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include "gost_lcl.h" -#include "gosthash.h" -#include "e_gost_err.h" - -/* implementation of GOST 34.11 hash function See gost_md.c*/ -static int gost_digest_init(EVP_MD_CTX *ctx); -static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count); -static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md); -static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_digest_cleanup(EVP_MD_CTX *ctx); - -static EVP_MD *_hidden_GostR3411_94_md = NULL; -EVP_MD *digest_gost(void) -{ - - if (_hidden_GostR3411_94_md == NULL) { - EVP_MD *md; - - if ((md = EVP_MD_meth_new(NID_id_GostR3411_94, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 32) - || !EVP_MD_meth_set_input_blocksize(md, 32) - || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_digest_ctx)) - || !EVP_MD_meth_set_init(md, gost_digest_init) - || !EVP_MD_meth_set_update(md, gost_digest_update) - || !EVP_MD_meth_set_final(md, gost_digest_final) - || !EVP_MD_meth_set_copy(md, gost_digest_copy) - || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_GostR3411_94_md = md; - } - return _hidden_GostR3411_94_md; -} -void digest_gost_destroy(void) -{ - EVP_MD_meth_free(_hidden_GostR3411_94_md); - _hidden_GostR3411_94_md = NULL; -} - -int gost_digest_init(EVP_MD_CTX *ctx) -{ - struct ossl_gost_digest_ctx *c = EVP_MD_CTX_md_data(ctx); - memset(&(c->dctx), 0, sizeof(gost_hash_ctx)); - gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet); - c->dctx.cipher_ctx = &(c->cctx); - return 1; -} - -int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return hash_block((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, count); -} - -int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return finish_hash((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), md); - -} - -int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - struct ossl_gost_digest_ctx *md_ctx = EVP_MD_CTX_md_data(to); - if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) { - memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from), - sizeof(struct ossl_gost_digest_ctx)); - md_ctx->dctx.cipher_ctx = &(md_ctx->cctx); - } - return 1; -} - -int gost_digest_cleanup(EVP_MD_CTX *ctx) -{ - if (EVP_MD_CTX_md_data(ctx)) - memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_digest_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_params.c b/engines/ccgost/gost_params.c deleted file mode 100644 index 2371c9a..0000000 --- a/engines/ccgost/gost_params.c +++ /dev/null @@ -1,80 +0,0 @@ -/********************************************************************** - * params.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357 * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -#include "gost_lcl.h" -#include <openssl/objects.h> -/* Parameters of GOST 34.10 */ - -R3410_2001_params R3410_2001_paramset[] = { - /* 1.2.643.2.2.35.0 */ - {NID_id_GostR3410_2001_TestParamSet, - "7", - "5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E", - "8000000000000000000000000000000000000000000000000000000000000431", - "8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3", - "2", - "08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"} - , - /* - * 1.2.643.2.2.35.1 - */ - {NID_id_GostR3410_2001_CryptoPro_A_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.35.2 - */ - {NID_id_GostR3410_2001_CryptoPro_B_ParamSet, - "8000000000000000000000000000000000000000000000000000000000000C96", - "3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B", - "8000000000000000000000000000000000000000000000000000000000000C99", - "800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F", - "1", - "3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"} - , - /* - * 1.2.643.2.2.35.3 - */ - {NID_id_GostR3410_2001_CryptoPro_C_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - /* - * 1.2.643.2.2.36.0 - */ - {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.36.1 - */ - {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - {0, NULL, NULL, NULL, NULL, NULL, NULL} -}; diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c deleted file mode 100644 index 7381c95..0000000 --- a/engines/ccgost/gost_pmeth.c +++ /dev/null @@ -1,510 +0,0 @@ -/********************************************************************** - * gost_pmeth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4357 (GOST R 34.10) Publick key method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/ec.h> -#include <openssl/err.h> -#include <openssl/x509v3.h> /* For string_to_hex */ -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#include "gost_lcl.h" -#include "e_gost_err.h" -/* -----init, cleanup, copy - uniform for all algs ---------------*/ -/* Allocates new gost_pmeth_data structure and assigns it as data */ -static int pkey_gost_init(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - - data = OPENSSL_zalloc(sizeof(*data)); - if (!data) - return 0; - if (pkey && EVP_PKEY_get0(pkey)) { - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - data->sign_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - break; - default: - return 0; - } - } - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -/* Copies contents of gost_pmeth_data structure */ -static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_pmeth_data *dst_data, *src_data; - if (!pkey_gost_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - if (src_data->shared_ukm) { - dst_data->shared_ukm = NULL; - } - return 1; -} - -/* Frees up gost_pmeth_data structure */ -static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - OPENSSL_free(data->shared_ukm); - OPENSSL_free(data); -} - -/* --------------------- control functions ------------------------------*/ -static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_pmeth_data *pctx = - (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) { - GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - pctx->md = (EVP_MD *)p2; - return 1; - } - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = pctx->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_DIGESTINIT: -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_ENCRYPT: - case EVP_PKEY_CTRL_CMS_DECRYPT: - case EVP_PKEY_CTRL_CMS_SIGN: -#endif - return 1; - - case EVP_PKEY_CTRL_GOST_PARAMSET: - pctx->sign_param_nid = (int)p1; - return 1; - case EVP_PKEY_CTRL_SET_IV: - pctx->shared_ukm = OPENSSL_malloc((int)p1); - if (pctx->shared_ukm == NULL) { - GOSTerr(GOST_F_PKEY_GOST_CTRL, ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(pctx->shared_ukm, p2, (int)p1); - return 1; - case EVP_PKEY_CTRL_PEER_KEY: - if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */ - return 1; - if (p1 == 2) /* TLS: peer key used? */ - return pctx->peer_key_used; - if (p1 == 3) /* TLS: peer key used! */ - return (pctx->peer_key_used = 1); - return -2; - } - return -2; -} - -static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - int param_nid = 0; - - if (strcmp(type, param_ctrl_string) == 0) { - if (!value) { - return 0; - } - if (strlen(value) == 1) { - switch (toupper((unsigned char)value[0])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; - break; - case 'C': - param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; - break; - case '0': - param_nid = NID_id_GostR3410_2001_TestParamSet; - break; - default: - return 0; - } - } else if ((strlen(value) == 2) - && (toupper((unsigned char)value[0]) == 'X')) { - switch (toupper((unsigned char)value[1])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet; - break; - default: - return 0; - } - } else { - R3410_2001_params *p = R3410_2001_paramset; - param_nid = OBJ_txt2nid(value); - if (param_nid == NID_undef) { - return 0; - } - for (; p->nid != NID_undef; p++) { - if (p->nid == param_nid) - break; - } - if (p->nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET); - return 0; - } - } - - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } - return -2; -} - -/* --------------------- key generation --------------------------------*/ - -static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - EC_KEY *ec = NULL; - - if (data->sign_param_nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET); - return 0; - } - if (!ec) - ec = EC_KEY_new(); - if (!fill_GOST2001_params(ec, data->sign_param_nid)) { - EC_KEY_free(ec); - return 0; - } - EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec); - return 1; -} - -/* Generates GOST_R3410 2001 key and assigns it using specified type */ -static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - EC_KEY *ec; - if (!pkey_gost01_paramgen(ctx, pkey)) - return 0; - ec = EVP_PKEY_get0(pkey); - gost2001_keygen(ec); - return 1; -} - -/* ----------- sign callbacks --------------------------------------*/ -/* - * Packs signature according to Cryptopro rules - * and frees up DSA_SIG structure - */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen) -{ - *siglen = 2 * order; - memset(sig, 0, *siglen); - store_bignum(s->s, sig, order); - store_bignum(s->r, sig + order, order); - DSA_SIG_free(s); - return 1; -} - - -static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbs_len) -{ - DSA_SIG *unpacked_sig = NULL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!siglen) - return 0; - if (!sig) { - *siglen = 64; /* better to check size of curve order */ - return 1; - } - unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey)); - if (!unpacked_sig) { - return 0; - } - return pack_sign_cp(unpacked_sig, 32, sig, siglen); -} - -/* ------------------- verify callbacks ---------------------------*/ -/* Unpack signature according to cryptopro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen) -{ - DSA_SIG *s; - - s = DSA_SIG_new(); - if (s == NULL) { - GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, ERR_R_MALLOC_FAILURE); - return NULL; - } - s->s = BN_bin2bn(sig, siglen / 2, NULL); - s->r = BN_bin2bn(sig + siglen / 2, siglen / 2, NULL); - return s; -} - - -static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbs_len) -{ - int ok = 0; - EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - DSA_SIG *s = unpack_cp_signature(sig, siglen); - if (!s) - return 0; -#ifdef DEBUG_SIGN - fprintf(stderr, "R="); - BN_print_fp(stderr, s->r); - fprintf(stderr, "\nS="); - BN_print_fp(stderr, s->s); - fprintf(stderr, "\n"); -#endif - if (pub_key) - ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key)); - DSA_SIG_free(s); - return ok; -} - -/* ------------- encrypt init -------------------------------------*/ -/* Generates ephermeral key */ -static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* --------------- Derive init ------------------------------------*/ -static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/ -static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = OPENSSL_zalloc(sizeof(*data)); - - if (!data) - return 0; - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - OPENSSL_free(data); -} - -static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_mac_pmeth_data *dst_data, *src_data; - if (!pkey_gost_mac_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - return 1; -} - -static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_mac_pmeth_data *data = - (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - data->md = (EVP_MD *)p2; - return 1; - } - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = data->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - return 1; - case EVP_PKEY_CTRL_SET_MAC_KEY: - if (p1 != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - memcpy(data->key, p2, 32); - data->key_set = 1; - return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - { - EVP_MD_CTX *mctx = p2; - void *key; - if (!data->key_set) { - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!pkey) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - key = EVP_PKEY_get0(pkey); - if (!key) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - } else { - key = &(data->key); - } - return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) - (mctx, EVP_MD_CTRL_SET_KEY, 32, key); - } - } - return -2; -} - -static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - if (strcmp(type, key_ctrl_string) == 0) { - if (strlen(value) != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - 32, (char *)value); - } - if (strcmp(type, hexkey_ctrl_string) == 0) { - long keylen; - int ret; - unsigned char *keybuf = string_to_hex(value, &keylen); - if (!keybuf || keylen != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - OPENSSL_free(keybuf); - return 0; - } - ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf); - OPENSSL_free(keybuf); - return ret; - - } - return -2; -} - -static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - unsigned char *keydata; - if (!data->key_set) { - GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - keydata = OPENSSL_malloc(32); - if (keydata == NULL) - return 0; - memcpy(keydata, data->key, 32); - EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata); - return 1; -} - -static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - return 1; -} - -static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, EVP_MD_CTX *mctx) -{ - unsigned int tmpsiglen = *siglen; /* for platforms where - * sizeof(int)!=sizeof(size_t) */ - int ret; - if (!sig) { - *siglen = 4; - return 1; - } - ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen); - *siglen = tmpsiglen; - return ret; -} - -/* ----------------------------------------------------------------*/ -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) -{ - *pmeth = EVP_PKEY_meth_new(id, flags); - if (!*pmeth) - return 0; - - switch (id) { - case NID_id_GostR3410_2001: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str); - EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign); - EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify); - - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen); - - EVP_PKEY_meth_set_encrypt(*pmeth, - pkey_gost_encrypt_init, - pkey_GOST01cp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt); - EVP_PKEY_meth_set_derive(*pmeth, - pkey_gost_derive_init, pkey_gost2001_derive); - EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, - pkey_gost01_paramgen); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, - pkey_gost_mac_ctrl_str); - EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init, - pkey_gost_mac_signctx); - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen); - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup); - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy); - return 1; - default: /* Unsupported method */ - return 0; - } - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup); - - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy); - /* - * FIXME derive etc... - */ - - return 1; -} diff --git a/engines/ccgost/gosthash.c b/engines/ccgost/gosthash.c deleted file mode 100644 index b3d80d4..0000000 --- a/engines/ccgost/gosthash.c +++ /dev/null @@ -1,268 +0,0 @@ -/********************************************************************** - * gosthash.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.11-94 hash function * - * uses on gost89.c and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#include <string.h> - -#include "gost89.h" -#include "gosthash.h" - -/* - * Use OPENSSL_malloc for memory allocation if compiled with - * -DOPENSSL_BUILD, and libc malloc otherwise - */ -#ifndef MYALLOC -# ifdef OPENSSL_BUILD -# include <openssl/crypto.h> -# define MYALLOC(size) OPENSSL_malloc(size) -# define MYFREE(ptr) OPENSSL_free(ptr) -# else -# define MYALLOC(size) malloc(size) -# define MYFREE(ptr) free(ptr) -# endif -#endif -/* - * Following functions are various bit meshing routines used in GOST R - * 34.11-94 algorithms - */ -static void swap_bytes(byte * w, byte * k) -{ - int i, j; - for (i = 0; i < 4; i++) - for (j = 0; j < 8; j++) - k[i + 4 * j] = w[8 * i + j]; - -} - -/* was A_A */ -static void circle_xor8(const byte * w, byte * k) -{ - byte buf[8]; - int i; - memcpy(buf, w, 8); - memmove(k, w + 8, 24); - for (i = 0; i < 8; i++) - k[i + 24] = buf[i] ^ k[i]; -} - -/* was R_R */ -static void transform_3(byte * data) -{ - unsigned short int acc; - acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) | - ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8); - memmove(data, data + 2, 30); - data[30] = acc & 0xff; - data[31] = acc >> 8; -} - -/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/ -static int add_blocks(int n, byte * left, const byte * right) -{ - int i; - int carry = 0; - int sum; - for (i = 0; i < n; i++) { - sum = (int)left[i] + (int)right[i] + carry; - left[i] = sum & 0xff; - carry = sum >> 8; - } - return carry; -} - -/* Xor two sequences of bytes */ -static void xor_blocks(byte * result, const byte * a, const byte * b, - size_t len) -{ - size_t i; - for (i = 0; i < len; i++) - result[i] = a[i] ^ b[i]; -} - -/* - * Calculate H(i+1) = Hash(Hi,Mi) - * Where H and M are 32 bytes long - */ -static int hash_step(gost_ctx * c, byte * H, const byte * M) -{ - byte U[32], W[32], V[32], S[32], Key[32]; - int i; - /* Compute first key */ - xor_blocks(W, H, M, 32); - swap_bytes(W, Key); - /* Encrypt first 8 bytes of H with first key */ - gost_enc_with_key(c, Key, H, S); - /* Compute second key */ - circle_xor8(H, U); - circle_xor8(M, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt second 8 bytes of H with second key */ - gost_enc_with_key(c, Key, H + 8, S + 8); - /* compute third key */ - circle_xor8(U, U); - U[31] = ~U[31]; - U[29] = ~U[29]; - U[28] = ~U[28]; - U[24] = ~U[24]; - U[23] = ~U[23]; - U[20] = ~U[20]; - U[18] = ~U[18]; - U[17] = ~U[17]; - U[14] = ~U[14]; - U[12] = ~U[12]; - U[10] = ~U[10]; - U[8] = ~U[8]; - U[7] = ~U[7]; - U[5] = ~U[5]; - U[3] = ~U[3]; - U[1] = ~U[1]; - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt third 8 bytes of H with third key */ - gost_enc_with_key(c, Key, H + 16, S + 16); - /* Compute fourth key */ - circle_xor8(U, U); - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* Encrypt last 8 bytes with fourth key */ - gost_enc_with_key(c, Key, H + 24, S + 24); - for (i = 0; i < 12; i++) - transform_3(S); - xor_blocks(S, S, M, 32); - transform_3(S); - xor_blocks(S, S, H, 32); - for (i = 0; i < 61; i++) - transform_3(S); - memcpy(H, S, 32); - return 1; -} - -/* - * Initialize gost_hash ctx - cleans up temporary structures and set up - * substitution blocks - */ -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block) -{ - memset(ctx, 0, sizeof(*ctx)); - ctx->cipher_ctx = (gost_ctx *) MYALLOC(sizeof(gost_ctx)); - if (!ctx->cipher_ctx) { - return 0; - } - gost_init(ctx->cipher_ctx, subst_block); - return 1; -} - -/* - * Free cipher CTX if it is dynamically allocated. Do not use - * if cipher ctx is statically allocated as in OpenSSL implementation of - * GOST hash algroritm - * - */ -void done_gost_hash_ctx(gost_hash_ctx * ctx) -{ - /* - * No need to use gost_destroy, because cipher keys are not really secret - * when hashing - */ - MYFREE(ctx->cipher_ctx); -} - -/* - * reset state of hash context to begin hashing new message - */ -int start_hash(gost_hash_ctx * ctx) -{ - if (!ctx->cipher_ctx) - return 0; - memset(&(ctx->H), 0, 32); - memset(&(ctx->S), 0, 32); - ctx->len = 0L; - ctx->left = 0; - return 1; -} - -/* - * Hash block of arbitrary length - * - * - */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length) -{ - if (ctx->left) { - /* - * There are some bytes from previous step - */ - unsigned int add_bytes = 32 - ctx->left; - if (add_bytes > length) { - add_bytes = length; - } - memcpy(&(ctx->remainder[ctx->left]), block, add_bytes); - ctx->left += add_bytes; - if (ctx->left < 32) { - return 1; - } - block += add_bytes; - length -= add_bytes; - hash_step(ctx->cipher_ctx, ctx->H, ctx->remainder); - add_blocks(32, ctx->S, ctx->remainder); - ctx->len += 32; - ctx->left = 0; - } - while (length >= 32) { - hash_step(ctx->cipher_ctx, ctx->H, block); - - add_blocks(32, ctx->S, block); - ctx->len += 32; - block += 32; - length -= 32; - } - if (length) { - memcpy(ctx->remainder, block, ctx->left = length); - } - return 1; -} - -/* - * Compute hash value from current state of ctx - * state of hash ctx becomes invalid and cannot be used for further - * hashing. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval) -{ - byte buf[32]; - byte H[32]; - byte S[32]; - ghosthash_len fin_len = ctx->len; - byte *bptr; - memcpy(H, ctx->H, 32); - memcpy(S, ctx->S, 32); - if (ctx->left) { - memset(buf, 0, 32); - memcpy(buf, ctx->remainder, ctx->left); - hash_step(ctx->cipher_ctx, H, buf); - add_blocks(32, S, buf); - fin_len += ctx->left; - } - memset(buf, 0, 32); - bptr = buf; - fin_len <<= 3; /* Hash length in BITS!! */ - while (fin_len > 0) { - *(bptr++) = (byte) (fin_len & 0xFF); - fin_len >>= 8; - }; - hash_step(ctx->cipher_ctx, H, buf); - hash_step(ctx->cipher_ctx, H, S); - memcpy(hashval, H, 32); - return 1; -} diff --git a/engines/ccgost/gosthash.h b/engines/ccgost/gosthash.h deleted file mode 100644 index 003e668..0000000 --- a/engines/ccgost/gosthash.h +++ /dev/null @@ -1,52 +0,0 @@ -/********************************************************************** - * gosthash.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declaration of GOST R 34.11-94 hash functions * - * uses and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOSTHASH_H -# define GOSTHASH_H -# include "gost89.h" -# include <stdlib.h> - -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -typedef __int64 ghosthash_len; -# elif defined(__arch64__) -typedef long ghosthash_len; -# else -typedef long long ghosthash_len; -# endif - -typedef struct gost_hash_ctx { - ghosthash_len len; - gost_ctx *cipher_ctx; - int left; - byte H[32]; - byte S[32]; - byte remainder[32]; -} gost_hash_ctx; - -/* Initalizes gost hash ctx, including creation of gost cipher ctx */ - -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block); -void done_gost_hash_ctx(gost_hash_ctx * ctx); - -/* - * Cleans up all fields, except cipher ctx preparing ctx for computing of new - * hash value - */ -int start_hash(gost_hash_ctx * ctx); - -/* Hashes block of data */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length); - -/* - * Finalizes computation of hash and fills buffer (which should be at least - * 32 bytes long) with value of computed hash. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval); - -#endif diff --git a/engines/ccgost/gostsum.c b/engines/ccgost/gostsum.c deleted file mode 100644 index 252bd2c..0000000 --- a/engines/ccgost/gostsum.c +++ /dev/null @@ -1,187 +0,0 @@ -/********************************************************************** - * gostsum.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Almost drop-in replacement for md5sum and sha1sum * - * which computes GOST R 34.11-94 hashsum instead * - * * - **********************************************************************/ -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> -#include <limits.h> -#include <fcntl.h> -#include <string.h> -#include "gosthash.h" -#define BUF_SIZE 262144 -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode); -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum); -int get_line(FILE *f, char *hash, char *filename); -void help() -{ - fprintf(stderr, "gostsum [-bvt] [-c [file]]| [files]\n" - "\t-c check message digests (default is generate)\n" - "\t-v verbose, print file names when checking\n" - "\t-b read files in binary mode\n" - "\t-t use test GOST paramset (default is CryptoPro paramset)\n" - "The input for -c should be the list of message digests and file names\n" - "that is printed on stdout by this program when it generates digests.\n"); - exit(3); -} - -#ifndef O_BINARY -# define O_BINARY 0 -#endif - -int main(int argc, char **argv) -{ - int c, i; - int verbose = 0; - int errors = 0; - int open_mode = O_RDONLY; - gost_subst_block *b = &GostR3411_94_CryptoProParamSet; - FILE *check_file = NULL; - gost_hash_ctx ctx; - - while ((c = getopt(argc, argv, "bc::tv")) != -1) { - switch (c) { - case 'v': - verbose = 1; - break; - case 't': - b = &GostR3411_94_TestParamSet; - break; - case 'b': - open_mode |= O_BINARY; - break; - case 'c': - if (optarg) { - check_file = fopen(optarg, "r"); - if (!check_file) { - perror(optarg); - exit(2); - } - } else { - check_file = stdin; - } - break; - default: - fprintf(stderr, "invalid option %c", optopt); - help(); - } - } - init_gost_hash_ctx(&ctx, b); - if (check_file) { - char inhash[65], calcsum[65], filename[PATH_MAX]; - int failcount = 0, count = 0;; - if (check_file == stdin && optind < argc) { - check_file = fopen(argv[optind], "r"); - if (!check_file) { - perror(argv[optind]); - exit(2); - } - } - while (get_line(check_file, inhash, filename)) { - if (!hash_file(&ctx, filename, calcsum, open_mode)) { - exit(2); - } - count++; - if (strncmp(calcsum, inhash, 65) == 0) { - if (verbose) { - fprintf(stderr, "%s\tOK\n", filename); - } - } else { - if (verbose) { - fprintf(stderr, "%s\tFAILED\n", filename); - } else { - fprintf(stderr, - "%s: GOST hash sum check failed for '%s'\n", - argv[0], filename); - } - failcount++; - } - } - if (verbose && failcount) { - fprintf(stderr, - "%s: %d of %d file(f) failed GOST hash sum check\n", - argv[0], failcount, count); - } - exit(failcount ? 1 : 0); - } - if (optind == argc) { - char sum[65]; - if (!hash_stream(&ctx, fileno(stdin), sum)) { - perror("stdin"); - exit(1); - } - printf("%s -\n", sum); - exit(0); - } - for (i = optind; i < argc; i++) { - char sum[65]; - if (!hash_file(&ctx, argv[i], sum, open_mode)) { - errors++; - } else { - printf("%s %s\n", sum, argv[i]); - } - } - exit(errors ? 1 : 0); -} - -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode) -{ - int fd; - if ((fd = open(filename, mode)) < 0) { - perror(filename); - return 0; - } - if (!hash_stream(ctx, fd, sum)) { - perror(filename); - return 0; - } - close(fd); - return 1; -} - -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum) -{ - unsigned char buffer[BUF_SIZE]; - ssize_t bytes; - int i; - start_hash(ctx); - while ((bytes = read(fd, buffer, BUF_SIZE)) > 0) { - hash_block(ctx, buffer, bytes); - } - if (bytes < 0) { - return 0; - } - finish_hash(ctx, buffer); - for (i = 0; i < 32; i++) { - sprintf(sum + 2 * i, "%02x", buffer[31 - i]); - } - return 1; -} - -int get_line(FILE *f, char *hash, char *filename) -{ - int i; - if (fread(hash, 1, 64, f) < 64) - return 0; - hash[64] = 0; - for (i = 0; i < 64; i++) { - if (hash[i] < '0' || (hash[i] > '9' && hash[i] < 'A') - || (hash[i] > 'F' && hash[i] < 'a') || hash[i] > 'f') { - fprintf(stderr, "Not a hash value '%s'\n", hash); - return 0; - } - } - if (fgetc(f) != ' ') { - fprintf(stderr, "Malformed input line\n"); - return 0; - } - i = strlen(fgets(filename, PATH_MAX, f)); - while (filename[--i] == '\n' || filename[i] == '\r') - filename[i] = 0; - return 1; -} diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 300ff26..3e0208f 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -401,9 +401,6 @@ void ENGINE_load_sureware(void); void ENGINE_load_ubsec(void); void ENGINE_load_padlock(void); void ENGINE_load_capi(void); -# ifndef OPENSSL_NO_GOST -void ENGINE_load_gost(void); -# endif void ENGINE_load_dasync(void); # endif void ENGINE_load_cryptodev(void); diff --git a/test/Makefile.in b/test/Makefile.in index dc3b94b..c48bc66 100644 --- a/test/Makefile.in +++ b/test/Makefile.in @@ -55,7 +55,6 @@ RC5TEST= rc5test BFTEST= bftest CASTTEST= casttest DESTEST= destest -GOST2814789TEST=gost2814789test RANDTEST= randtest DHTEST= dhtest DSATEST= dsatest @@ -93,7 +92,7 @@ EXE= $(NPTEST)$(EXE_EXT) $(MEMLEAKTEST)$(EXE_EXT) \ $(DESTEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \ $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ - $(GOST2814789TEST)$(EXE_EXT) $(DANETEST)$(EXE_EXT) \ + $(DANETEST)$(EXE_EXT) \ $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) \ $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ $(EVPTEST)$(EXE_EXT) $(EVPEXTRATEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) \ @@ -116,7 +115,7 @@ OBJ= $(NPTEST).o $(MEMLEAKTEST).o \ $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \ $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(V3NAMETEST).o \ - $(GOST2814789TEST).o $(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \ + $(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \ $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \ $(PACKETTEST).o $(ASYNCTEST).o testutil.o @@ -130,7 +129,7 @@ SRC= $(NPTEST).c $(MEMLEAKTEST).c \ $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(V3NAMETEST).c \ - $(GOST2814789TEST).c $(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \ + $(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \ $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c $(CLIENTHELLOTEST).c \ $(PACKETTEST).c $(ASYNCTEST).c testutil.c @@ -300,9 +299,6 @@ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) @target=$(DESTEST); $(BUILD_CMD) -$(GOST2814789TEST)$(EXE_EXT): $(GOST2814789TEST).o $(DLIBCRYPTO) - @target=$(GOST2814789TEST); $(BUILD_CMD) - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) @target=$(RANDTEST); $(BUILD_CMD) diff --git a/test/gost2814789test.c b/test/gost2814789test.c deleted file mode 100644 index f19c5dd..0000000 --- a/test/gost2814789test.c +++ /dev/null @@ -1,1447 +0,0 @@ -/* vim: set fileencoding=ascii : Charset: ASCII */ -/* test/gostr2814789t.c */ -/* ==================================================================== - * Copyright (c) 2012 Crypto-Pro, Ltd., Serguei E. Leontiev, - * lse@cryptopro.ru - * - * This file is distributed under the same license as OpenSSL - * ==================================================================== - */ -#include <stdio.h> -#include <openssl/e_os2.h> - -#if defined(OPENSSL_NO_ENGINE) || defined(OPENSSL_NO_GOST) -int main(int argc, char *argv[]) -{ - printf("No GOST 28147-89 support\n"); - return 0; -} -#else - -# include <stdlib.h> -# include <string.h> -# include <openssl/conf.h> -# include <openssl/crypto.h> -# include <openssl/engine.h> -# include <openssl/err.h> -# include <openssl/evp.h> -# include <openssl/hmac.h> -# include <openssl/obj_mac.h> -# include "e_os.h" - -# define CCGOST_ID "gost" - -# include "../engines/ccgost/gost89.h" - -# define G89_MAX_TC_LEN (2048) -# define G89_BLOCK_LEN (8) - -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -typedef unsigned __int64 u64; -# define U64(C) C##UI64 -# define FMT64 "%I64u" -# elif defined(__arch64__) -typedef unsigned long u64; -# define U64(C) C##UL -# define FMT64 "%lu" -# else -typedef unsigned long long u64; -# define U64(C) C##ULL -# define FMT64 "%llu" -# endif -# if defined(__MINGW32__) -# undef FMT64 -# define FMT64 "%I64u" -# endif - -typedef enum g89_mode_ { - G89_ECB, - G89_CFB, - G89_CNT, - G89_IMIT -} g89_mode; - -typedef struct g89_tc_ { - u64 ullLen; /* ullLen > G89_MAX_TC_LEN */ - /* Clear text ullLen */ - /* of zero bytes */ - const byte bIn[G89_MAX_TC_LEN]; /* Clear text, when */ - /* ullLen <= G89_MAX_TC_LEN */ - const char *szParamSet; /* S-Box ID */ - const char *szDerive; /* String for derive bRawKey */ - const byte bRawKey[EVP_MAX_KEY_LENGTH]; - g89_mode gMode; /* Mode of encryption or MAC */ - const byte bIV[EVP_MAX_IV_LENGTH]; /* IV for CFB or CNT mode */ - const byte bOut[G89_MAX_TC_LEN]; /* Cipher text for ECB/CFB/CNT */ - /* - * mode, when ullLen <= G89_MAX_TC_LEN; Last 16 byte of cipher text for - * ECB/CFB/CNT, when ullLen > G89_MAX_TC_LEN; 4 byte MAC for imitovstavka - */ -} g89_tc; - -static const g89_tc tcs[] = { - /* - * GOST R 34.11-94 Test cases - */ - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */ - /* Iteration 1, K[1], see Errata for RFC 5831 */ - 8, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0x54, 0x6d, 0x20, 0x33, 0x68, 0x65, 0x6c, 0x32, - 0x69, 0x73, 0x65, 0x20, 0x73, 0x73, 0x6e, 0x62, - 0x20, 0x61, 0x67, 0x79, 0x69, 0x67, 0x74, 0x74, - 0x73, 0x65, 0x68, 0x65, 0x20, 0x2c, 0x3d, 0x73}, - G89_ECB, - {0}, - { - 0x1b, 0x0b, 0xbc, 0x32, 0xce, 0xbc, 0xab, 0x42} - }, - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */ - /* Iteration 1, K[4] */ - 8, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0xec, 0x0a, 0x8b, 0xa1, 0x5e, 0xc0, 0x04, 0xa8, - 0xba, 0xc5, 0x0c, 0xac, 0x0c, 0x62, 0x1d, 0xee, - 0xe1, 0xc7, 0xb8, 0xe7, 0x00, 0x7a, 0xe2, 0xec, - 0xf2, 0x73, 0x1b, 0xff, 0x4e, 0x80, 0xe2, 0xa0}, - G89_ECB, - {0}, - { - 0x2d, 0x56, 0x2a, 0x0d, 0x19, 0x04, 0x86, 0xe7} - }, - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* <http://tools.ietf.org/html/rfc5831#section-7.3.1> */ - /* Iteration 2, K[1] */ - 8, - { - 0x34, 0xc0, 0x15, 0x33, 0xe3, 0x7d, 0x1c, 0x56}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0x34, 0x87, 0x24, 0xa4, 0xc1, 0xa6, 0x76, 0x67, - 0x15, 0x3d, 0xde, 0x59, 0x33, 0x88, 0x42, 0x50, - 0xe3, 0x24, 0x8c, 0x65, 0x7d, 0x41, 0x3b, 0x8c, - 0x1c, 0x9c, 0xa0, 0x9a, 0x56, 0xd9, 0x68, 0xcf}, - G89_ECB, - {0}, - { - 0x86, 0x3e, 0x78, 0xdd, 0x2d, 0x60, 0xd1, 0x3c} - }, - /* - * id-Gost28147-89-CryptoPro-A-ParamSet (1.2.643.2.2.31.1) - * Test cases - */ - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x74, 0x3d, 0x76, 0xf9, 0x1b, 0xee, 0x35, 0x3c, - 0xa2, 0x5c, 0x3b, 0x10, 0xeb, 0x64, 0xcf, 0xf5}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testecb1", - { - 0xbb, 0xf1, 0xed, 0xd3, 0x20, 0xaf, 0x8a, 0x62, - 0x8e, 0x11, 0xc8, 0xa9, 0x51, 0xcc, 0xbe, 0x81, - 0x47, 0x7b, 0x41, 0xa1, 0x6a, 0xf6, 0x7f, 0x05, - 0xe8, 0x51, 0x2f, 0x9e, 0x01, 0xf8, 0xcf, 0x49}, - G89_ECB, - {0}, - { - 0xc3, 0x73, 0x90, 0x95, 0x35, 0x58, 0x08, 0x63, - 0xcb, 0x68, 0x85, 0x96, 0x77, 0xe8, 0xfb, 0xa9} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0xd2, 0xfd, 0xf8, 0x3a, 0xc1, 0xb4, 0x39, 0x23, - 0x2e, 0xaa, 0xcc, 0x98, 0x0a, 0x02, 0xda, 0x33}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcfb1", - { - 0x8d, 0x5a, 0x2c, 0x83, 0xa7, 0xc7, 0x0a, 0x61, - 0xd6, 0x1b, 0x34, 0xb5, 0x1f, 0xdf, 0x42, 0x68, - 0x66, 0x71, 0xa3, 0x5d, 0x87, 0x4c, 0xfd, 0x84, - 0x99, 0x36, 0x63, 0xb6, 0x1e, 0xd6, 0x0d, 0xad}, - G89_CFB, - { - 0x46, 0x60, 0x6f, 0x0d, 0x88, 0x34, 0x23, 0x5a}, - { - 0x88, 0xb7, 0x75, 0x16, 0x74, 0xa5, 0xee, 0x2d, - 0x14, 0xfe, 0x91, 0x67, 0xd0, 0x5c, 0xcc, 0x40} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x90, 0xa2, 0x39, 0x66, 0xae, 0x01, 0xb9, 0xa3, - 0x52, 0x4e, 0xc8, 0xed, 0x6c, 0xdd, 0x88, 0x30}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcnt1", - { - 0x59, 0x9f, 0x84, 0xba, 0xc3, 0xf3, 0xd2, 0xf1, - 0x60, 0xe1, 0xe3, 0xf2, 0x6a, 0x96, 0x1a, 0xf9, - 0x9c, 0x48, 0xb2, 0x4e, 0xbc, 0xbb, 0xbf, 0x7c, - 0xd8, 0xf3, 0xac, 0xcd, 0x96, 0x8d, 0x28, 0x6a}, - G89_CNT, - { - 0x8d, 0xaf, 0xa8, 0xd1, 0x58, 0xed, 0x05, 0x8d}, - { - 0x6e, 0x72, 0x62, 0xcc, 0xe3, 0x59, 0x36, 0x90, - 0x83, 0x3a, 0xfe, 0xa9, 0x1b, 0xc9, 0xbe, 0xce} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0xb5, 0xa1, 0xf0, 0xe3, 0xce, 0x2f, 0x02, 0x1d, - 0x67, 0x61, 0x94, 0x34, 0x5c, 0x41, 0xe3, 0x6e}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit1", - { - 0x9d, 0x05, 0xb7, 0x9e, 0x90, 0xca, 0xd0, 0x0a, - 0x2c, 0xda, 0xd2, 0x2e, 0xf4, 0xe8, 0x6f, 0x5c, - 0xf5, 0xdc, 0x37, 0x68, 0x19, 0x85, 0xb3, 0xbf, - 0xaa, 0x18, 0xc1, 0xc3, 0x05, 0x0a, 0x91, 0xa2}, - G89_IMIT, - {0}, - { - 0xf8, 0x1f, 0x08, 0xa3} - }, - /* - * Other paramsets and key meshing test cases. - */ - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1039, - { - 0x8c, 0x9c, 0x44, 0x35, 0xfb, 0xe9, 0xa5, 0xa3, - 0xa0, 0xae, 0x28, 0x56, 0x91, 0x10, 0x8e, 0x1e, - 0xd2, 0xbb, 0x18, 0x53, 0x81, 0x27, 0x0d, 0xa6, - 0x68, 0x59, 0x36, 0xc5, 0x81, 0x62, 0x9a, 0x8e, - 0x7d, 0x50, 0xf1, 0x6f, 0x97, 0x62, 0x29, 0xec, - 0x80, 0x51, 0xe3, 0x7d, 0x6c, 0xc4, 0x07, 0x95, - 0x28, 0x63, 0xdc, 0xb4, 0xb9, 0x2d, 0xb8, 0x13, - 0xb1, 0x05, 0xb5, 0xf9, 0xeb, 0x75, 0x37, 0x4e, - 0xf7, 0xbf, 0x51, 0xf1, 0x98, 0x86, 0x43, 0xc4, - 0xe4, 0x3d, 0x3e, 0xa7, 0x62, 0xec, 0x41, 0x59, - 0xe0, 0xbd, 0xfb, 0xb6, 0xfd, 0xec, 0xe0, 0x77, - 0x13, 0xd2, 0x59, 0x90, 0xa1, 0xb8, 0x97, 0x6b, - 0x3d, 0x8b, 0x7d, 0xfc, 0x9d, 0xca, 0x82, 0x73, - 0x32, 0x70, 0x0a, 0x74, 0x03, 0xc6, 0x0c, 0x26, - 0x7f, 0x56, 0xf0, 0x9d, 0xb2, 0xeb, 0x71, 0x40, - 0xd7, 0xc3, 0xb1, 0xa7, 0xc5, 0x1e, 0x20, 0x17, - 0xb3, 0x50, 0x1d, 0x8a, 0x6e, 0x19, 0xcb, 0xbe, - 0x20, 0x86, 0x2b, 0xd6, 0x1c, 0xfd, 0xb4, 0xb7, - 0x5d, 0x9a, 0xb3, 0xe3, 0x7d, 0x15, 0x7a, 0x35, - 0x01, 0x9f, 0x5d, 0x65, 0x89, 0x4b, 0x34, 0xc6, - 0xf4, 0x81, 0x3f, 0x78, 0x30, 0xcf, 0xe9, 0x15, - 0x90, 0x9a, 0xf9, 0xde, 0xba, 0x63, 0xd0, 0x19, - 0x14, 0x66, 0x3c, 0xb9, 0xa4, 0xb2, 0x84, 0x94, - 0x02, 0xcf, 0xce, 0x20, 0xcf, 0x76, 0xe7, 0xc5, - 0x48, 0xf7, 0x69, 0x3a, 0x5d, 0xec, 0xaf, 0x41, - 0xa7, 0x12, 0x64, 0x83, 0xf5, 0x99, 0x1e, 0x9e, - 0xb2, 0xab, 0x86, 0x16, 0x00, 0x23, 0x8e, 0xe6, - 0xd9, 0x80, 0x0b, 0x6d, 0xc5, 0x93, 0xe2, 0x5c, - 0x8c, 0xd8, 0x5e, 0x5a, 0xae, 0x4a, 0x85, 0xfd, - 0x76, 0x01, 0xea, 0x30, 0xf3, 0x78, 0x34, 0x10, - 0x72, 0x51, 0xbc, 0x9f, 0x76, 0xce, 0x1f, 0xd4, - 0x8f, 0x33, 0x50, 0x34, 0xc7, 0x4d, 0x7b, 0xcf, - 0x91, 0x63, 0x7d, 0x82, 0x9e, 0xa1, 0x23, 0x45, - 0xf5, 0x45, 0xac, 0x98, 0x7a, 0x48, 0xff, 0x64, - 0xd5, 0x59, 0x47, 0xde, 0x2b, 0x3f, 0xfa, 0xec, - 0x50, 0xe0, 0x81, 0x60, 0x8b, 0xc3, 0xfc, 0x80, - 0x98, 0x17, 0xc7, 0xa3, 0xc2, 0x57, 0x3d, 0xab, - 0x91, 0x67, 0xf5, 0xc4, 0xab, 0x92, 0xc8, 0xd6, - 0x3b, 0x6b, 0x3f, 0xff, 0x15, 0x6b, 0xcf, 0x53, - 0x65, 0x02, 0xf1, 0x74, 0xca, 0xa9, 0xbe, 0x24, - 0xd2, 0xf0, 0xb7, 0x26, 0xa8, 0xd7, 0x6d, 0xed, - 0x90, 0x36, 0x7b, 0x3e, 0x41, 0xa9, 0x7f, 0xa3, - 0x1b, 0xf4, 0x43, 0xc5, 0x51, 0xbe, 0x28, 0x59, - 0xe9, 0x45, 0x26, 0x49, 0x38, 0x32, 0xf8, 0xf3, - 0x92, 0x6e, 0x30, 0xcc, 0xb0, 0xa0, 0xf9, 0x01, - 0x14, 0xc8, 0xba, 0xd9, 0xf0, 0x2a, 0x29, 0xe2, - 0x52, 0x9a, 0x76, 0x95, 0x3a, 0x16, 0x32, 0xec, - 0xf4, 0x10, 0xec, 0xee, 0x47, 0x00, 0x70, 0x19, - 0xe4, 0x72, 0x35, 0x66, 0x44, 0x53, 0x2d, 0xa2, - 0xf3, 0xaa, 0x7e, 0x8a, 0x33, 0x13, 0xcd, 0xc8, - 0xbf, 0x0e, 0x40, 0x90, 0x00, 0xe4, 0x42, 0xc3, - 0x09, 0x84, 0xe1, 0x66, 0x17, 0xa2, 0xaf, 0x03, - 0xab, 0x6b, 0xa1, 0xec, 0xfb, 0x17, 0x72, 0x81, - 0xfe, 0x9a, 0x9f, 0xf4, 0xb2, 0x33, 0x1f, 0xae, - 0x0c, 0xd1, 0x6a, 0xae, 0x19, 0xb8, 0xaf, 0xec, - 0xe3, 0xea, 0x00, 0xf8, 0xac, 0x87, 0x07, 0x5f, - 0x6d, 0xb0, 0xac, 0x6b, 0x22, 0x48, 0x36, 0xbf, - 0x22, 0x18, 0xb0, 0x03, 0x9f, 0x6c, 0x70, 0x45, - 0x36, 0xf0, 0x6b, 0xc6, 0xc2, 0xa5, 0x72, 0x2c, - 0xd8, 0xe0, 0x27, 0x3d, 0xec, 0x56, 0x07, 0x05, - 0x7d, 0x83, 0xa1, 0x65, 0x7d, 0x41, 0x5b, 0xcd, - 0x77, 0x24, 0xe5, 0xaa, 0x76, 0x47, 0xd0, 0x50, - 0xf6, 0xe7, 0xb5, 0x59, 0x75, 0x31, 0x27, 0xef, - 0xd8, 0xa6, 0x4e, 0x7f, 0xb8, 0x40, 0xb1, 0xdf, - 0x53, 0x14, 0xed, 0xf1, 0x68, 0x5f, 0xfc, 0x3f, - 0x02, 0xdb, 0x05, 0xeb, 0x31, 0xe4, 0x2c, 0x7f, - 0x32, 0xb5, 0x70, 0x8e, 0x75, 0x85, 0xa4, 0x5c, - 0x16, 0x23, 0x37, 0xf2, 0x10, 0x79, 0xcb, 0xdc, - 0xf8, 0x1c, 0x25, 0xc2, 0xa1, 0x3d, 0x9c, 0x33, - 0x6c, 0xed, 0xc3, 0xe7, 0xf3, 0x02, 0x87, 0x82, - 0x4e, 0xfb, 0xac, 0xb3, 0x2d, 0xfc, 0xf8, 0x0d, - 0x1d, 0x4a, 0x39, 0xd4, 0xb3, 0x09, 0xbb, 0xe9, - 0x25, 0xc7, 0xec, 0x6a, 0x87, 0x72, 0x84, 0xed, - 0x12, 0x60, 0x19, 0x64, 0xeb, 0x16, 0x2a, 0x5b, - 0x10, 0x76, 0x27, 0xff, 0x7b, 0xe4, 0xae, 0xe5, - 0xa4, 0x04, 0x02, 0x7f, 0xbb, 0x0a, 0xb5, 0xf4, - 0x05, 0xa5, 0x56, 0x1c, 0x53, 0x31, 0x7a, 0x93, - 0xba, 0x16, 0x15, 0xab, 0x62, 0x60, 0xfc, 0xde, - 0x72, 0x36, 0x6e, 0x28, 0xaf, 0x98, 0x0d, 0xe6, - 0xf4, 0xde, 0x60, 0xa7, 0x7e, 0x06, 0x07, 0x86, - 0xf3, 0x94, 0xb6, 0x6d, 0x0d, 0x93, 0xa6, 0xbc, - 0x60, 0x70, 0x33, 0xac, 0x3f, 0xa1, 0xa8, 0x4a, - 0x20, 0x61, 0xb6, 0xb5, 0x43, 0xa3, 0x15, 0x5a, - 0x00, 0xbe, 0x76, 0x98, 0x57, 0x72, 0xab, 0x7a, - 0x0e, 0x18, 0x93, 0x82, 0x3a, 0x18, 0x78, 0x6e, - 0x71, 0x7b, 0x78, 0x4f, 0x7e, 0x8c, 0xde, 0x7a, - 0x62, 0xb5, 0x0a, 0x7c, 0x45, 0x1d, 0x16, 0xd5, - 0xc3, 0x8c, 0x9b, 0x25, 0xb4, 0x50, 0x90, 0xcd, - 0x96, 0x93, 0xad, 0x0f, 0xd4, 0x43, 0xcb, 0x49, - 0x0f, 0xfc, 0x5a, 0x31, 0xf4, 0x19, 0xb7, 0xd4, - 0xeb, 0x4d, 0x40, 0x58, 0xd0, 0x3b, 0xc8, 0xe0, - 0x4a, 0x54, 0x2f, 0xdb, 0x22, 0xc3, 0x29, 0x7b, - 0x40, 0x90, 0x61, 0x43, 0xd3, 0x7e, 0xe2, 0x30, - 0x2b, 0x48, 0x3c, 0xce, 0x90, 0x93, 0xb1, 0x8b, - 0x31, 0x96, 0x65, 0x6d, 0x57, 0x8b, 0x9d, 0x4d, - 0x53, 0xf0, 0x83, 0x1c, 0xe5, 0xa1, 0x9d, 0x55, - 0xe3, 0xbf, 0x7e, 0xca, 0x1a, 0x74, 0x66, 0x14, - 0xcc, 0x47, 0x43, 0xd9, 0xbb, 0xef, 0x97, 0x7d, - 0xb7, 0x6e, 0xff, 0xf1, 0x22, 0xf8, 0x10, 0x2d, - 0x3f, 0xcd, 0x49, 0x96, 0xd9, 0x09, 0x11, 0xb8, - 0x33, 0xd0, 0x23, 0x9a, 0xfa, 0x16, 0xcb, 0x50, - 0x26, 0x57, 0x24, 0x5c, 0x0e, 0xba, 0xf0, 0x3f, - 0x37, 0x2f, 0xa3, 0xf7, 0x18, 0x57, 0x48, 0x48, - 0x95, 0xcf, 0xef, 0x87, 0x67, 0x2a, 0xe9, 0xb6, - 0x8a, 0x21, 0x36, 0x7f, 0xff, 0x48, 0x6c, 0x46, - 0x35, 0x57, 0xf2, 0xbc, 0x48, 0x67, 0x8f, 0x63, - 0x23, 0x78, 0x11, 0x2b, 0xc2, 0x08, 0xde, 0x51, - 0xe8, 0x8b, 0x92, 0x29, 0xf9, 0x9a, 0x9e, 0xad, - 0xed, 0x0f, 0xeb, 0xa2, 0xd2, 0x40, 0x92, 0xd4, - 0xde, 0x62, 0x95, 0x76, 0xfd, 0x6e, 0x3c, 0xbf, - 0xc0, 0xd7, 0x0d, 0xe5, 0x1b, 0xa4, 0xc7, 0x18, - 0xe1, 0x58, 0xa4, 0x56, 0xef, 0x2e, 0x17, 0x1b, - 0x75, 0xcb, 0xbc, 0xf9, 0x2a, 0x95, 0x71, 0xa7, - 0x1d, 0x7f, 0xe7, 0x73, 0x63, 0x05, 0x6b, 0x19, - 0x4c, 0xf4, 0x22, 0x14, 0xc4, 0x59, 0x88, 0x66, - 0x92, 0x86, 0x61, 0x5c, 0x6a, 0xae, 0xec, 0x58, - 0xff, 0xc9, 0xf2, 0x44, 0xd4, 0xa2, 0xf5, 0x98, - 0xeb, 0x5f, 0x09, 0xbc, 0x8a, 0xbf, 0x3c, 0xb4, - 0x3e, 0xb1, 0x20, 0x05, 0x44, 0x96, 0x79, 0x0a, - 0x40, 0x92, 0x7f, 0x9d, 0xd1, 0xaf, 0xbc, 0x90, - 0x95, 0x0a, 0x81, 0xd4, 0xa7, 0xc6, 0xb8, 0xe0, - 0xe4, 0x39, 0x30, 0x1d, 0x79, 0xc0, 0xe5, 0xfa, - 0xb4, 0xe9, 0x63, 0xb4, 0x09, 0x72, 0x3b, 0x3e, - 0xd9, 0xf6, 0xd9, 0x10, 0x21, 0x18, 0x7e, 0xe5, - 0xad, 0x81, 0xd7, 0xd5, 0x82, 0xd0, 0x8c, 0x3b, - 0x38, 0x95, 0xf8, 0x92, 0x01, 0xa9, 0x92, 0x00, - 0x70, 0xd1, 0xa7, 0x88, 0x77, 0x1f, 0x3a, 0xeb, - 0xb5, 0xe4, 0xf5, 0x9d, 0xc7, 0x37, 0x86, 0xb2, - 0x12, 0x46, 0x34, 0x19, 0x72, 0x8c, 0xf5, 0x8c, - 0xf6, 0x78, 0x98, 0xe0, 0x7c, 0xd3, 0xf4}, - "id-Gost28147-89-CryptoPro-B-ParamSet", - "testcfb2", - { - 0x48, 0x0c, 0x74, 0x1b, 0x02, 0x6b, 0x55, 0xd5, - 0xb6, 0x6d, 0xd7, 0x1d, 0x40, 0x48, 0x05, 0x6b, - 0x6d, 0xeb, 0x3c, 0x29, 0x0f, 0x84, 0x80, 0x23, - 0xee, 0x0d, 0x47, 0x77, 0xe3, 0xfe, 0x61, 0xc9}, - G89_CFB, - { - 0x1f, 0x3f, 0x82, 0x1e, 0x0d, 0xd8, 0x1e, 0x22}, - { - 0x23, 0xc6, 0x7f, 0x20, 0xa1, 0x23, 0x58, 0xbc, - 0x7b, 0x05, 0xdb, 0x21, 0x15, 0xcf, 0x96, 0x41, - 0xc7, 0x88, 0xef, 0x76, 0x5c, 0x49, 0xdb, 0x42, - 0xbf, 0xf3, 0xc0, 0xf5, 0xbd, 0x5d, 0xd9, 0x8e, - 0xaf, 0x3d, 0xf4, 0xe4, 0xda, 0x88, 0xbd, 0xbc, - 0x47, 0x5d, 0x76, 0x07, 0xc9, 0x5f, 0x54, 0x1d, - 0x1d, 0x6a, 0xa1, 0x2e, 0x18, 0xd6, 0x60, 0x84, - 0x02, 0x18, 0x37, 0x92, 0x92, 0x15, 0xab, 0x21, - 0xee, 0x21, 0xcc, 0x71, 0x6e, 0x51, 0xd9, 0x2b, - 0xcc, 0x81, 0x97, 0x3f, 0xeb, 0x45, 0x99, 0xb8, - 0x1b, 0xda, 0xff, 0x90, 0xd3, 0x41, 0x06, 0x9c, - 0x3f, 0xfb, 0xe4, 0xb2, 0xdc, 0xc9, 0x03, 0x0d, - 0xa7, 0xae, 0xd7, 0x7d, 0x02, 0xb8, 0x32, 0xab, - 0xf3, 0x65, 0xa3, 0x65, 0x6c, 0x4e, 0xe4, 0xa2, - 0x5e, 0x9e, 0xee, 0xcd, 0xde, 0x79, 0x36, 0x6b, - 0x1b, 0xe1, 0x3c, 0xdf, 0x10, 0xad, 0x4f, 0x02, - 0xe1, 0x14, 0xaa, 0x09, 0xb4, 0x0b, 0x76, 0xeb, - 0x69, 0x38, 0x20, 0x02, 0xcb, 0x8e, 0xc0, 0xdf, - 0xca, 0x48, 0x74, 0xc3, 0x31, 0xad, 0x42, 0x2c, - 0x51, 0x9b, 0xd0, 0x6a, 0xc1, 0x36, 0xd7, 0x21, - 0xdf, 0xb0, 0x45, 0xba, 0xca, 0x7f, 0x35, 0x20, - 0x28, 0xbb, 0xc1, 0x76, 0xfd, 0x43, 0x5d, 0x23, - 0x7d, 0x31, 0x84, 0x1a, 0x97, 0x4d, 0x83, 0xaa, - 0x7e, 0xf1, 0xc4, 0xe6, 0x83, 0xac, 0x0d, 0xef, - 0xef, 0x3c, 0xa4, 0x7c, 0x48, 0xe4, 0xc8, 0xca, - 0x0d, 0x7d, 0xea, 0x7c, 0x45, 0xd7, 0x73, 0x50, - 0x25, 0x1d, 0x01, 0xc4, 0x02, 0x1a, 0xcd, 0xe0, - 0x38, 0x5b, 0xa8, 0x5a, 0x16, 0x9a, 0x10, 0x59, - 0x74, 0xd7, 0x19, 0xc6, 0xf3, 0xb5, 0x17, 0xf6, - 0x59, 0x8d, 0x62, 0xaf, 0x44, 0xe8, 0xdc, 0xe9, - 0xc1, 0x76, 0xf1, 0xd0, 0xbd, 0x29, 0xd7, 0xec, - 0x1d, 0xac, 0x57, 0xdb, 0x1a, 0x3f, 0xd8, 0xf6, - 0x6e, 0xb6, 0xe6, 0xdf, 0x36, 0xe7, 0x89, 0xce, - 0x56, 0x35, 0x43, 0x1c, 0x7d, 0x57, 0x79, 0x0e, - 0xd8, 0xf4, 0xd7, 0xa7, 0x0d, 0xc6, 0x8f, 0x91, - 0x66, 0x67, 0x82, 0x0f, 0x49, 0xc9, 0xc5, 0x65, - 0x81, 0xa1, 0x39, 0x5a, 0x53, 0x9f, 0x02, 0xa5, - 0xd5, 0x36, 0x22, 0xa8, 0xa8, 0x1c, 0x37, 0x0e, - 0x76, 0x46, 0xdf, 0xbd, 0x6a, 0xdb, 0xfc, 0x1b, - 0xbd, 0x10, 0xb8, 0xb1, 0xbc, 0x72, 0x4c, 0x58, - 0x4a, 0xda, 0x6d, 0x66, 0x00, 0xda, 0x7a, 0x66, - 0xa0, 0xe7, 0x3b, 0x39, 0xa3, 0xf7, 0x05, 0x07, - 0xfa, 0x21, 0x4b, 0xc7, 0x94, 0xc0, 0xd3, 0x7b, - 0x19, 0x02, 0x5d, 0x4a, 0x10, 0xf1, 0xc2, 0x0f, - 0x19, 0x68, 0x27, 0xc7, 0x7d, 0xbf, 0x55, 0x03, - 0x57, 0x7d, 0xaf, 0x77, 0xae, 0x80, 0x2f, 0x7a, - 0xe6, 0x1f, 0x4b, 0xdc, 0x15, 0x18, 0xc0, 0x62, - 0xa1, 0xe8, 0xd9, 0x1c, 0x9e, 0x8c, 0x96, 0x39, - 0xc1, 0xc4, 0x88, 0xf7, 0x0c, 0xe1, 0x04, 0x84, - 0x68, 0x51, 0xce, 0xf1, 0x90, 0xda, 0x7f, 0x76, - 0xc8, 0xc0, 0x88, 0xef, 0x8e, 0x15, 0x25, 0x3e, - 0x7b, 0xe4, 0x79, 0xb5, 0x66, 0x2d, 0x9c, 0xd1, - 0x13, 0xda, 0xd0, 0xd5, 0x46, 0xd5, 0x8d, 0x46, - 0x18, 0x07, 0xee, 0xd8, 0xc9, 0x64, 0xe3, 0xbe, - 0x0e, 0x68, 0x27, 0x09, 0x96, 0x26, 0xf6, 0xe2, - 0x19, 0x61, 0x3f, 0xf4, 0x58, 0x27, 0x0a, 0xeb, - 0xce, 0x7c, 0xb6, 0x68, 0x92, 0xe7, 0x12, 0x3b, - 0x31, 0xd4, 0x48, 0xdf, 0x35, 0x8d, 0xf4, 0x86, - 0x42, 0x2a, 0x15, 0x4b, 0xe8, 0x19, 0x1f, 0x26, - 0x65, 0x9b, 0xa8, 0xda, 0x4b, 0x79, 0x1f, 0x8e, - 0xe6, 0x13, 0x7e, 0x49, 0x8f, 0xc1, 0xce, 0xdc, - 0x5e, 0x64, 0x74, 0xce, 0x02, 0x78, 0xe0, 0xcf, - 0xa0, 0xed, 0x5e, 0x31, 0x74, 0xd1, 0xd0, 0xb4, - 0xee, 0x70, 0x19, 0x14, 0x3c, 0x8f, 0x16, 0xa6, - 0xcf, 0x12, 0x93, 0x15, 0x88, 0xeb, 0x91, 0x65, - 0x76, 0x98, 0xfd, 0xa1, 0x94, 0x30, 0xba, 0x43, - 0x62, 0x65, 0x40, 0x04, 0x77, 0x9e, 0xd6, 0xab, - 0x8b, 0x0d, 0x93, 0x80, 0x50, 0x5f, 0xa2, 0x76, - 0x20, 0xa7, 0xd6, 0x9c, 0x27, 0x15, 0x27, 0xbc, - 0xa5, 0x5a, 0xbf, 0xe9, 0x92, 0x82, 0x05, 0xa8, - 0x41, 0xe9, 0xb5, 0x60, 0xd5, 0xc0, 0xd7, 0x4b, - 0xad, 0x38, 0xb2, 0xe9, 0xd1, 0xe5, 0x51, 0x5f, - 0x24, 0x78, 0x24, 0x9a, 0x23, 0xd2, 0xc2, 0x48, - 0xbd, 0x0e, 0xf1, 0x37, 0x72, 0x91, 0x87, 0xb0, - 0x4e, 0xbd, 0x99, 0x6b, 0x2c, 0x01, 0xb6, 0x79, - 0x69, 0xec, 0x0c, 0xed, 0xe5, 0x3f, 0x50, 0x64, - 0x7c, 0xb9, 0xdd, 0xe1, 0x92, 0x81, 0xb5, 0xd0, - 0xcb, 0x17, 0x83, 0x86, 0x8b, 0xea, 0x4f, 0x93, - 0x08, 0xbc, 0x22, 0x0c, 0xef, 0xe8, 0x0d, 0xf5, - 0x9e, 0x23, 0xe1, 0xf9, 0xb7, 0x6b, 0x45, 0x0b, - 0xcb, 0xa9, 0xb6, 0x4d, 0x28, 0x25, 0xba, 0x3e, - 0x86, 0xf2, 0x75, 0x47, 0x5d, 0x9d, 0x6b, 0xf6, - 0x8a, 0x05, 0x58, 0x73, 0x3d, 0x00, 0xde, 0xfd, - 0x69, 0xb1, 0x61, 0x16, 0xf5, 0x2e, 0xb0, 0x9f, - 0x31, 0x6a, 0x00, 0xb9, 0xef, 0x71, 0x63, 0x47, - 0xa3, 0xca, 0xe0, 0x40, 0xa8, 0x7e, 0x02, 0x04, - 0xfe, 0xe5, 0xce, 0x48, 0x73, 0xe3, 0x94, 0xcf, - 0xe2, 0xff, 0x29, 0x7e, 0xf6, 0x32, 0xbb, 0xb7, - 0x55, 0x12, 0x21, 0x7a, 0x9c, 0x75, 0x04, 0x0c, - 0xb4, 0x7c, 0xb0, 0x3d, 0x40, 0xb3, 0x11, 0x9a, - 0x7a, 0x9a, 0x13, 0xfb, 0x77, 0xa7, 0x51, 0x68, - 0xf7, 0x05, 0x47, 0x3b, 0x0f, 0x52, 0x5c, 0xe6, - 0xc2, 0x99, 0x3a, 0x37, 0x54, 0x5c, 0x4f, 0x2b, - 0xa7, 0x01, 0x08, 0x74, 0xbc, 0x91, 0xe3, 0xe2, - 0xfe, 0x65, 0x94, 0xfd, 0x3d, 0x18, 0xe0, 0xf0, - 0x62, 0xed, 0xc2, 0x10, 0x82, 0x9c, 0x58, 0x7f, - 0xb2, 0xa3, 0x87, 0x8a, 0x74, 0xd9, 0xc1, 0xfb, - 0x84, 0x28, 0x17, 0xc7, 0x2b, 0xcb, 0x53, 0x1f, - 0x4e, 0x8a, 0x82, 0xfc, 0xb4, 0x3f, 0xc1, 0x47, - 0x25, 0xf3, 0x21, 0xdc, 0x4c, 0x2d, 0x08, 0xfa, - 0xe7, 0x0f, 0x03, 0xa9, 0x68, 0xde, 0x6b, 0x41, - 0xa0, 0xf9, 0x41, 0x6c, 0x57, 0x4d, 0x3a, 0x0e, - 0xea, 0x51, 0xca, 0x9f, 0x97, 0x11, 0x7d, 0xf6, - 0x8e, 0x88, 0x63, 0x67, 0xc9, 0x65, 0x13, 0xca, - 0x38, 0xed, 0x35, 0xbe, 0xf4, 0x27, 0xa9, 0xfc, - 0xa9, 0xe6, 0xc3, 0x40, 0x86, 0x08, 0x39, 0x72, - 0x37, 0xee, 0xb2, 0x87, 0x09, 0x96, 0xb7, 0x40, - 0x87, 0x36, 0x92, 0xc1, 0x5d, 0x6a, 0x2c, 0x43, - 0xca, 0x25, 0xc8, 0x35, 0x37, 0x2d, 0xb5, 0xa9, - 0x27, 0x44, 0x50, 0xf2, 0x6d, 0x22, 0x75, 0x41, - 0x77, 0x2a, 0xdb, 0xb1, 0x8c, 0x6d, 0x05, 0xe8, - 0xc9, 0x99, 0xc7, 0x08, 0xf9, 0x14, 0x8f, 0x78, - 0xa9, 0x8f, 0xc2, 0x5a, 0x7a, 0x65, 0xc5, 0xd8, - 0x86, 0xbb, 0x72, 0x69, 0x6b, 0x6b, 0x45, 0x83, - 0x5b, 0xb1, 0xf7, 0xcd, 0x16, 0x73, 0xee, 0xe9, - 0x80, 0x85, 0xfe, 0x8e, 0xe1, 0xae, 0x53, 0x8f, - 0xde, 0xbe, 0x48, 0x8b, 0x59, 0xef, 0xf6, 0x7e, - 0xd8, 0xb5, 0xa8, 0x47, 0xc0, 0x4e, 0x15, 0x58, - 0xca, 0xd3, 0x2f, 0xf8, 0x6c, 0xa6, 0x3d, 0x78, - 0x4d, 0x7a, 0x54, 0xd6, 0x10, 0xe5, 0xcc, 0x05, - 0xe2, 0x29, 0xb5, 0x86, 0x07, 0x39, 0x7d, 0x78, - 0x8e, 0x5a, 0x8f, 0x83, 0x4c, 0xe7, 0x3d, 0x68, - 0x3e, 0xe5, 0x02, 0xe6, 0x64, 0x4f, 0x5e, 0xb4, - 0x49, 0x77, 0xf0, 0xc0, 0xfa, 0x6f, 0xc8, 0xfb, - 0x9f, 0x84, 0x6f, 0x55, 0xfb, 0x30, 0x5e, 0x89, - 0x93, 0xa9, 0xf3, 0xa6, 0xa3, 0xd7, 0x26, 0xbb, - 0xd8, 0xa8, 0xd9, 0x95, 0x1d, 0xfe, 0xfc, 0xd7, - 0xa8, 0x93, 0x66, 0x2f, 0x04, 0x53, 0x06, 0x64, - 0x7f, 0x31, 0x29, 0xae, 0xb7, 0x9f, 0xba, 0xc4, - 0x6d, 0x68, 0xd1, 0x24, 0x32, 0xf4, 0x11} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 4, - { - 0x07, 0x9c, 0x91, 0xbe}, - "id-Gost28147-89-CryptoPro-C-ParamSet", - "testcfb3", - { - 0x77, 0xc3, 0x45, 0x8e, 0xf6, 0x42, 0xe7, 0x04, - 0x8e, 0xfc, 0x08, 0xe4, 0x70, 0x96, 0xd6, 0x05, - 0x93, 0x59, 0x02, 0x6d, 0x6f, 0x97, 0xca, 0xe9, - 0xcf, 0x89, 0x44, 0x4b, 0xde, 0x6c, 0x22, 0x1d}, - G89_CFB, - { - 0x43, 0x7c, 0x3e, 0x8e, 0x2f, 0x2a, 0x00, 0x98}, - { - 0x19, 0x35, 0x81, 0x34} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 9, - { - 0x2f, 0x31, 0xd8, 0x83, 0xb4, 0x20, 0xe8, 0x6e, - 0xda}, - "id-Gost28147-89-CryptoPro-D-ParamSet", - "testcfb4", - { - 0x38, 0x9f, 0xe8, 0x37, 0xff, 0x9c, 0x5d, 0x29, - 0xfc, 0x48, 0x55, 0xa0, 0x87, 0xea, 0xe8, 0x40, - 0x20, 0x87, 0x5b, 0xb2, 0x01, 0x15, 0x55, 0xa7, - 0xe3, 0x2d, 0xcb, 0x3d, 0xd6, 0x59, 0x04, 0x73}, - G89_CFB, - { - 0xc5, 0xa2, 0xd2, 0x1f, 0x2f, 0xdf, 0xb8, 0xeb}, - { - 0x6d, 0xa4, 0xed, 0x40, 0x08, 0x88, 0x71, 0xad, - 0x16} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880 + 8, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mcfb", - { - 0x61, 0x58, 0x44, 0x5a, 0x41, 0xf6, 0xc7, 0x0f, - 0x6b, 0xdb, 0x51, 0x91, 0x6a, 0xf6, 0x81, 0x30, - 0x8c, 0xa7, 0x98, 0xdd, 0x38, 0x35, 0x8a, 0x60, - 0x85, 0xb4, 0xf0, 0xf9, 0x43, 0xa2, 0x7d, 0x9a}, - G89_CFB, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x1c, 0x16, 0xa0, 0xe9, 0x63, 0x94, 0xfe, 0x38, - 0x37, 0xa7, 0x9b, 0x70, 0x25, 0x2e, 0xd6, 0x00} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4294967296) + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gcfb", - { - 0xae, 0x57, 0xa2, 0xdd, 0xa4, 0xef, 0x4f, 0x96, - 0xb8, 0x94, 0xa5, 0xd1, 0x1b, 0xc8, 0x9b, 0x42, - 0xa5, 0x24, 0xcc, 0x89, 0x5c, 0xb8, 0x92, 0x52, - 0xc1, 0x12, 0x6a, 0xb0, 0x9a, 0x26, 0xe8, 0x06}, - G89_CFB, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x2e, 0x62, 0xb0, 0x2e, 0xc7, 0x87, 0x4b, 0x29, - 0x33, 0x16, 0x6b, 0xb4, 0xd6, 0x61, 0x66, 0xd9} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1037, - { - 0x3d, 0x0b, 0x69, 0xf7, 0xa8, 0xe4, 0xfc, 0x99, - 0x22, 0x2e, 0xee, 0xd1, 0x63, 0x12, 0xfe, 0xa8, - 0x9d, 0xcb, 0x6c, 0x4d, 0x48, 0x8c, 0xe8, 0xbd, - 0x8b, 0x60, 0xf1, 0xbf, 0x7b, 0xe3, 0x79, 0xd5, - 0x2b, 0x25, 0x97, 0x13, 0xef, 0x35, 0xda, 0xf4, - 0xbc, 0x77, 0xce, 0xea, 0xe9, 0x3f, 0xa4, 0xb6, - 0x01, 0xd5, 0x73, 0x29, 0x58, 0xda, 0xd7, 0x67, - 0x17, 0xac, 0xe4, 0x75, 0x2f, 0x57, 0x23, 0xac, - 0x96, 0x21, 0xc7, 0x62, 0x2d, 0xf7, 0x32, 0xb5, - 0x44, 0x5f, 0x72, 0xb1, 0x5f, 0xba, 0x1b, 0x1e, - 0xdb, 0x4a, 0x09, 0x8c, 0x92, 0x61, 0xa2, 0xb0, - 0x49, 0x68, 0xe5, 0xb3, 0xa2, 0x8f, 0x13, 0x4b, - 0xf5, 0x4d, 0x84, 0xda, 0xab, 0xa0, 0xb6, 0xd1, - 0x5a, 0x63, 0x19, 0xe8, 0xa2, 0x09, 0xf6, 0x76, - 0x6f, 0x9b, 0x48, 0x0a, 0x15, 0x5d, 0xb7, 0x20, - 0x21, 0x9a, 0x2e, 0xb9, 0x6d, 0xfa, 0x1e, 0xc2, - 0x0e, 0xef, 0x15, 0xab, 0x59, 0x01, 0xfe, 0x43, - 0x90, 0xf2, 0x62, 0xca, 0x4a, 0x9a, 0x48, 0x38, - 0xab, 0x6f, 0x9d, 0x21, 0xb3, 0xad, 0xa7, 0x60, - 0x46, 0xe3, 0xef, 0xd0, 0xe3, 0x1d, 0xc5, 0xe1, - 0xb8, 0xa1, 0xe2, 0x99, 0x20, 0xc5, 0x76, 0xcc, - 0xaa, 0x8a, 0xa9, 0x45, 0x55, 0xa0, 0x78, 0x00, - 0x64, 0xde, 0xcf, 0x5b, 0xdf, 0x26, 0x48, 0xcd, - 0xba, 0x8a, 0xb5, 0xfb, 0xfd, 0x4a, 0xd5, 0xc4, - 0xe0, 0x43, 0xa6, 0x71, 0x90, 0xa4, 0x8b, 0xca, - 0x2e, 0x88, 0x7b, 0xac, 0xb2, 0xdc, 0xf2, 0x01, - 0xcb, 0xda, 0x6e, 0x91, 0x27, 0x28, 0x44, 0x88, - 0x9a, 0xd2, 0x12, 0xf1, 0xa6, 0xf5, 0xb7, 0x61, - 0xce, 0x79, 0x62, 0x52, 0x3c, 0xe6, 0x14, 0x73, - 0xd1, 0x41, 0x92, 0x50, 0xbd, 0xdc, 0x3b, 0xd0, - 0xa7, 0x11, 0x8c, 0x3a, 0xe4, 0x2d, 0xf2, 0x52, - 0xd3, 0x2f, 0x7c, 0x8e, 0x54, 0x90, 0x4e, 0x23, - 0xae, 0xb3, 0xa0, 0xf3, 0x25, 0x7e, 0x66, 0xaa, - 0x0f, 0x6f, 0x81, 0x72, 0x77, 0xbb, 0xd3, 0x47, - 0xe8, 0x05, 0xff, 0xe1, 0x5b, 0xc9, 0x37, 0x50, - 0x33, 0x49, 0x17, 0xaf, 0xab, 0x1d, 0xe1, 0x15, - 0xf2, 0xe5, 0x98, 0x5e, 0x2d, 0x05, 0x1f, 0x0d, - 0x55, 0x97, 0xed, 0xff, 0x5e, 0xe0, 0x0f, 0xc3, - 0x9c, 0xbd, 0x82, 0xc2, 0x06, 0xbe, 0x45, 0x66, - 0xae, 0x33, 0xbe, 0x28, 0x48, 0xe9, 0x2d, 0x1a, - 0xe6, 0x65, 0x8e, 0xdf, 0x76, 0x03, 0x73, 0x4b, - 0xc0, 0x80, 0x71, 0xf9, 0xac, 0xba, 0xa0, 0xb0, - 0x19, 0x1a, 0x0a, 0xd4, 0x35, 0x12, 0x88, 0x76, - 0x05, 0x75, 0x8f, 0x7c, 0xb5, 0xf0, 0x19, 0x75, - 0x6d, 0x05, 0xcb, 0x0d, 0xbc, 0x8d, 0xe9, 0xf0, - 0xd4, 0xdb, 0x3c, 0x3c, 0x29, 0x8e, 0x2c, 0x32, - 0x1d, 0xf7, 0xb6, 0x49, 0xcf, 0xdb, 0x63, 0xee, - 0x3c, 0xfa, 0x33, 0x73, 0x6f, 0xe4, 0x97, 0x4e, - 0x2f, 0xc9, 0x4c, 0x5c, 0x65, 0xfe, 0xea, 0xfb, - 0xc6, 0xdd, 0xc1, 0x1c, 0x47, 0x3f, 0xf4, 0x50, - 0x2f, 0xde, 0x1b, 0x5b, 0x0b, 0x16, 0xca, 0xb6, - 0x46, 0x44, 0xf2, 0xc1, 0x0d, 0xa1, 0x1d, 0xa6, - 0xdb, 0xf0, 0x3d, 0xb1, 0x6c, 0x05, 0x31, 0x85, - 0x8e, 0x74, 0xae, 0xf2, 0x39, 0x26, 0xf7, 0xc1, - 0xe7, 0x4c, 0xdd, 0x9d, 0x40, 0xb8, 0xf3, 0xc5, - 0xc2, 0x16, 0x64, 0x6b, 0xaa, 0xdb, 0x4b, 0x82, - 0x5c, 0xd3, 0x02, 0xd3, 0x8f, 0x26, 0x79, 0x8d, - 0xb0, 0x78, 0x70, 0x19, 0x58, 0x0c, 0xb4, 0x31, - 0x88, 0x44, 0x1c, 0x91, 0x6f, 0xf4, 0x52, 0x39, - 0xa8, 0xf5, 0xc0, 0x1b, 0xfe, 0xf2, 0x0e, 0x4b, - 0xac, 0x0a, 0xc2, 0x7e, 0x9c, 0x9b, 0xeb, 0x5d, - 0x4e, 0x4f, 0x42, 0xd8, 0x71, 0x0a, 0x97, 0x27, - 0x03, 0x14, 0x96, 0xa6, 0x3d, 0x04, 0xea, 0x9f, - 0x14, 0x14, 0x27, 0x4c, 0xd9, 0xa2, 0x89, 0x5f, - 0x65, 0x4a, 0xe1, 0x9d, 0x2c, 0xb8, 0xf8, 0xd4, - 0x8f, 0x2a, 0x57, 0x36, 0xcc, 0x06, 0x9c, 0x2c, - 0xc5, 0x13, 0x16, 0xdf, 0xfc, 0xae, 0x22, 0x16, - 0xa8, 0x2b, 0x71, 0x6f, 0x1d, 0xb3, 0x47, 0x54, - 0x3f, 0x2d, 0x0a, 0x68, 0x9f, 0x2e, 0xf6, 0x90, - 0xd8, 0xa1, 0x21, 0x09, 0xd4, 0x97, 0xb9, 0x7b, - 0x7f, 0x9b, 0x6a, 0xed, 0xd1, 0xf0, 0xe3, 0xb6, - 0x28, 0xc7, 0x62, 0x82, 0x00, 0xc9, 0x38, 0xa1, - 0x82, 0x78, 0xce, 0x87, 0xc8, 0x53, 0xac, 0x4f, - 0x2e, 0x31, 0xb9, 0x50, 0x7f, 0x36, 0x00, 0x4a, - 0x32, 0xe6, 0xd8, 0xbb, 0x59, 0x45, 0x0e, 0x91, - 0x1b, 0x38, 0xa9, 0xbc, 0xb9, 0x5e, 0x6c, 0x6a, - 0x9c, 0x03, 0x01, 0x1c, 0xde, 0xe8, 0x1f, 0x1e, - 0xe3, 0xde, 0x25, 0xa2, 0x56, 0x79, 0xe1, 0xbd, - 0x58, 0xc4, 0x93, 0xe6, 0xd0, 0x8a, 0x4d, 0x08, - 0xab, 0xf7, 0xaa, 0xc3, 0x7d, 0xc1, 0xee, 0x68, - 0x37, 0xbc, 0x78, 0x0b, 0x19, 0x68, 0x2b, 0x2b, - 0x2e, 0x6d, 0xc4, 0x6f, 0xaa, 0x3b, 0xc6, 0x19, - 0xcb, 0xf1, 0x58, 0xb9, 0x60, 0x85, 0x45, 0xae, - 0x52, 0x97, 0xba, 0x24, 0x32, 0x13, 0x72, 0x16, - 0x6e, 0x7b, 0xc1, 0x98, 0xac, 0xb1, 0xed, 0xb4, - 0xcc, 0x6c, 0xcf, 0x45, 0xfc, 0x50, 0x89, 0x80, - 0x8e, 0x7a, 0xa4, 0xd3, 0x64, 0x50, 0x63, 0x37, - 0xc9, 0x6c, 0xf1, 0xc4, 0x3d, 0xfb, 0xde, 0x5a, - 0x5c, 0xa8, 0x21, 0x35, 0xe6, 0x2e, 0x8c, 0x2a, - 0x3c, 0x12, 0x17, 0x79, 0x9a, 0x0d, 0x2e, 0x79, - 0xeb, 0x67, 0x1f, 0x2b, 0xf8, 0x6e, 0xca, 0xc1, - 0xfa, 0x45, 0x18, 0x9e, 0xdf, 0x6a, 0xe6, 0xcb, - 0xe9, 0x5c, 0xc3, 0x09, 0xaf, 0x93, 0x58, 0x13, - 0xbf, 0x90, 0x84, 0x87, 0x75, 0xd6, 0x82, 0x28, - 0x8d, 0xe7, 0x2f, 0xa3, 0xfb, 0x97, 0x74, 0x2a, - 0x73, 0x04, 0x82, 0x06, 0x76, 0x69, 0xb1, 0x0b, - 0x19, 0xfc, 0xae, 0xb3, 0xdd, 0x2a, 0xe5, 0xc1, - 0x05, 0xd8, 0x80, 0x95, 0x22, 0x90, 0x71, 0xfc, - 0xc2, 0x92, 0x42, 0xfd, 0xf1, 0x70, 0xb4, 0x68, - 0x88, 0xa4, 0x9e, 0x0a, 0x24, 0x40, 0x13, 0xc8, - 0xa2, 0x56, 0x4f, 0x39, 0xe6, 0x06, 0xf1, 0xdc, - 0xf5, 0x13, 0x0e, 0xad, 0x9c, 0x8b, 0xaf, 0xe9, - 0xe3, 0x88, 0x72, 0xff, 0xa0, 0x6d, 0xda, 0x08, - 0x70, 0xb9, 0x2e, 0x83, 0xc5, 0xbb, 0x32, 0xa5, - 0x74, 0xc7, 0xfb, 0x7b, 0x76, 0xaf, 0x02, 0xbb, - 0x2b, 0xb8, 0x5e, 0x65, 0x02, 0xfe, 0x0e, 0xa0, - 0x99, 0xce, 0x01, 0x3b, 0x35, 0xe1, 0xb0, 0x22, - 0xe5, 0x94, 0xbd, 0xdd, 0x8e, 0xbb, 0xf6, 0x75, - 0xbf, 0xbf, 0xee, 0x7a, 0xb1, 0x58, 0xb4, 0x81, - 0xb8, 0x39, 0x3e, 0xb6, 0x1e, 0xde, 0xda, 0x1b, - 0xd5, 0xf7, 0xdd, 0x7d, 0x65, 0x9c, 0xaa, 0x56, - 0x93, 0xb8, 0xaf, 0x48, 0x53, 0xc7, 0x22, 0xe4, - 0x1c, 0xdf, 0xe9, 0x79, 0xb4, 0x20, 0x89, 0xcc, - 0x2a, 0x79, 0x2c, 0x09, 0xbe, 0x78, 0xcf, 0xcc, - 0xf2, 0x90, 0xd6, 0x65, 0xc5, 0x29, 0xfc, 0xda, - 0x69, 0xfc, 0xc0, 0xd6, 0x70, 0x99, 0x61, 0x3f, - 0x60, 0x02, 0xd8, 0x12, 0x22, 0xc8, 0x34, 0xc6, - 0x3b, 0xb3, 0xc2, 0x33, 0xa1, 0x5c, 0x8f, 0x4c, - 0xd1, 0x52, 0x72, 0xf2, 0x42, 0x05, 0x8e, 0x18, - 0x1f, 0x16, 0xda, 0xb8, 0x53, 0xa1, 0x5f, 0x01, - 0x32, 0x1b, 0x90, 0xb3, 0x53, 0x9b, 0xd0, 0x85, - 0x61, 0x2d, 0x17, 0xed, 0x0a, 0xa4, 0xa5, 0x27, - 0x09, 0x75, 0x7c, 0xbc, 0x30, 0xf7, 0x5e, 0x59, - 0x9a, 0x07, 0x96, 0x84, 0x28, 0x86, 0x4b, 0xa7, - 0x22, 0x35, 0x28, 0xc7, 0xed, 0x0d, 0xc3, 0xce, - 0x98, 0xcc, 0x2d, 0xec, 0xd4, 0x98, 0x09, 0x8e, - 0x52, 0x5f, 0x2b, 0x9a, 0x13, 0xbe, 0x99, 0x16, - 0x73, 0xd1, 0x1f, 0x81, 0xe5, 0xa2, 0x08, 0x78, - 0xcb, 0x0c, 0x20, 0xd4, 0xa5, 0xea, 0x4b, 0x5b, - 0x95, 0x5a, 0x92, 0x9a, 0x52}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcnt2", - { - 0x1b, 0x5d, 0xdb, 0x77, 0xcf, 0xf9, 0xec, 0x95, - 0x5e, 0xcc, 0x67, 0x9f, 0x5d, 0x28, 0xad, 0x4a, - 0x27, 0xf4, 0x32, 0xc6, 0xb2, 0xcb, 0xb1, 0x45, - 0x6a, 0x88, 0x14, 0x0c, 0x9b, 0x9b, 0x5f, 0x48}, - G89_CNT, - { - 0x71, 0x58, 0x8c, 0xe1, 0x55, 0xf4, 0xf6, 0xb3}, - { - 0x8e, 0xcd, 0x8f, 0xc8, 0xac, 0xe1, 0x15, 0x48, - 0x2d, 0xae, 0x24, 0x8a, 0xc7, 0xfb, 0xba, 0x0f, - 0x1d, 0x8a, 0x95, 0xa2, 0x43, 0xef, 0xcb, 0xdc, - 0x59, 0x57, 0xa7, 0xc7, 0x0e, 0xe3, 0xe2, 0xb9, - 0x0d, 0x86, 0x29, 0x62, 0xcb, 0x83, 0x4d, 0x07, - 0x0c, 0x40, 0xd4, 0x7b, 0x2e, 0xca, 0xba, 0xbf, - 0x4a, 0x60, 0x3b, 0x31, 0x98, 0xc8, 0x88, 0x47, - 0xd9, 0x82, 0xab, 0xfc, 0x8f, 0x48, 0xe2, 0x46, - 0xab, 0xd3, 0xa1, 0xab, 0x8a, 0x05, 0x22, 0x8c, - 0xf4, 0xec, 0x9a, 0x1e, 0x76, 0xab, 0x1a, 0x60, - 0xd9, 0x25, 0x6b, 0xb8, 0x56, 0xe5, 0xb2, 0xea, - 0x10, 0xf3, 0x62, 0x04, 0x32, 0x5e, 0xaa, 0x3b, - 0x7b, 0x57, 0xbc, 0x3b, 0x8b, 0x43, 0x47, 0xf2, - 0xd5, 0x03, 0x7e, 0x51, 0x01, 0xff, 0x77, 0x28, - 0xca, 0x90, 0xa3, 0xfe, 0x7e, 0x2e, 0x70, 0x16, - 0x75, 0x18, 0x44, 0xf0, 0x1b, 0x85, 0x05, 0xea, - 0xe3, 0x21, 0xf7, 0x26, 0x86, 0x76, 0x3c, 0x67, - 0x9d, 0xfc, 0xbc, 0x10, 0x7f, 0x77, 0xe4, 0xed, - 0xd3, 0x12, 0xf8, 0x83, 0x00, 0x1f, 0x4b, 0x92, - 0x95, 0x92, 0x5c, 0xf3, 0x5a, 0xf3, 0xb7, 0xd0, - 0xa9, 0x5f, 0xf2, 0x18, 0xc4, 0x66, 0x62, 0xc1, - 0x84, 0x0e, 0x66, 0xe8, 0x80, 0x7d, 0x1f, 0xf0, - 0xba, 0x01, 0x9b, 0x71, 0xae, 0x93, 0xcc, 0x27, - 0x54, 0x34, 0x9a, 0xbd, 0xca, 0xee, 0x52, 0x09, - 0x92, 0x9d, 0xb0, 0xd5, 0xd9, 0xba, 0x2f, 0xb9, - 0x96, 0xdc, 0xfa, 0xbd, 0xce, 0xea, 0x1a, 0x7b, - 0x9a, 0x1d, 0x13, 0xa7, 0x11, 0xe2, 0x9a, 0x64, - 0xf6, 0xd3, 0xee, 0xc6, 0x33, 0xb7, 0x6e, 0xef, - 0x25, 0x9e, 0x1e, 0x7c, 0xe3, 0x1f, 0x2c, 0x6e, - 0xa9, 0xc0, 0xf8, 0xc1, 0xbf, 0x3b, 0xf8, 0x34, - 0x03, 0x9b, 0xa1, 0x40, 0x5b, 0x0c, 0x3c, 0x09, - 0x66, 0x9d, 0x63, 0xe2, 0xe2, 0x04, 0x8f, 0x06, - 0x84, 0x74, 0x68, 0xb2, 0x5c, 0x3b, 0x4c, 0xad, - 0x0b, 0x3f, 0x03, 0xb3, 0x07, 0x8a, 0x64, 0xa7, - 0x36, 0x56, 0x26, 0x39, 0x66, 0xda, 0xe9, 0x6d, - 0x1b, 0xd5, 0x88, 0xe8, 0x5c, 0xaf, 0x5a, 0x4c, - 0x49, 0xf7, 0xf5, 0xb7, 0x78, 0xf0, 0xde, 0xec, - 0xcd, 0x16, 0x23, 0x9e, 0x8c, 0x13, 0xbe, 0x6b, - 0x6f, 0x9b, 0x07, 0xe5, 0xbb, 0xcc, 0x3a, 0x1b, - 0x6f, 0x43, 0xdf, 0xff, 0x46, 0x2a, 0xae, 0x47, - 0x19, 0x18, 0x9a, 0x25, 0x09, 0xc9, 0x24, 0x40, - 0x0c, 0x4b, 0xa7, 0xda, 0x5e, 0x0d, 0xee, 0xfa, - 0x62, 0x45, 0x8e, 0xcc, 0x2f, 0x23, 0x08, 0x1d, - 0x92, 0xf0, 0xfe, 0x82, 0x0f, 0xd7, 0x11, 0x60, - 0x7e, 0x0b, 0x0b, 0x75, 0xf4, 0xf5, 0x3b, 0xc0, - 0xa4, 0xe8, 0x72, 0xa5, 0xb6, 0xfa, 0x5a, 0xad, - 0x5a, 0x4f, 0x39, 0xb5, 0xa2, 0x12, 0x96, 0x0a, - 0x32, 0x84, 0xb2, 0xa1, 0x06, 0x68, 0x56, 0x57, - 0x97, 0xa3, 0x7b, 0x22, 0x61, 0x76, 0x5d, 0x30, - 0x1a, 0x31, 0xab, 0x99, 0x06, 0xc5, 0x1a, 0x96, - 0xcf, 0xcf, 0x14, 0xff, 0xb2, 0xc4, 0xcc, 0x2b, - 0xbf, 0x0c, 0x9d, 0x91, 0x8f, 0x79, 0x5b, 0xbc, - 0xa9, 0x6b, 0x91, 0x6a, 0xb4, 0x93, 0x5c, 0x7b, - 0x5d, 0xc2, 0x8a, 0x75, 0xc0, 0xc1, 0x08, 0xfa, - 0x99, 0xf9, 0x4d, 0x5e, 0x0c, 0x06, 0x64, 0x60, - 0xa9, 0x01, 0x4a, 0x34, 0x0f, 0x33, 0x84, 0x95, - 0x69, 0x30, 0xc1, 0x1c, 0x36, 0xf8, 0xfc, 0x30, - 0x23, 0xb2, 0x71, 0xe5, 0x52, 0x4d, 0x12, 0x1a, - 0xc9, 0xbe, 0xee, 0xc9, 0xcb, 0x01, 0x85, 0xf3, - 0xdb, 0x30, 0xf9, 0x41, 0xa9, 0x40, 0xb0, 0x06, - 0x29, 0x77, 0xcd, 0xc5, 0xec, 0x58, 0x02, 0x48, - 0x83, 0x53, 0x44, 0x6a, 0xd2, 0xca, 0x05, 0xd8, - 0x5a, 0x08, 0xeb, 0xa9, 0xf4, 0xe6, 0xc7, 0x9d, - 0xd5, 0x7b, 0x74, 0x0b, 0x31, 0xb7, 0xa5, 0x57, - 0x7c, 0x7a, 0xfd, 0x1a, 0x0e, 0xd7, 0x97, 0x41, - 0xbf, 0xdd, 0xc6, 0x19, 0x6c, 0x77, 0x8c, 0x18, - 0x52, 0x57, 0x83, 0xba, 0x71, 0x25, 0xee, 0x39, - 0xbb, 0xe2, 0x43, 0xa0, 0x14, 0xdc, 0x0e, 0x84, - 0xb4, 0x2b, 0xde, 0x3e, 0xe5, 0x36, 0xb7, 0xa2, - 0x92, 0x98, 0x05, 0xb8, 0x96, 0xe5, 0xd0, 0x8c, - 0x08, 0x93, 0x35, 0xc2, 0x81, 0xe0, 0xfc, 0x59, - 0x71, 0xe2, 0x44, 0x49, 0x5d, 0xda, 0xfb, 0x9c, - 0xaa, 0x70, 0x9f, 0x43, 0xa8, 0xa5, 0xd9, 0x67, - 0xd9, 0x8f, 0xa3, 0x1e, 0xbe, 0x0e, 0xec, 0xdf, - 0x12, 0x2b, 0x6a, 0xe7, 0x1c, 0x12, 0x17, 0xe7, - 0xc4, 0x6d, 0x50, 0xc9, 0x52, 0x7a, 0xd5, 0xe8, - 0x7f, 0xbc, 0x07, 0x15, 0xac, 0xdb, 0x93, 0x66, - 0xb1, 0xf0, 0xa7, 0x7b, 0x2f, 0xe9, 0xec, 0xd0, - 0x47, 0x69, 0x59, 0x87, 0xf1, 0x4c, 0x3e, 0x4b, - 0x9b, 0x11, 0x79, 0x13, 0xe4, 0x96, 0xf6, 0x56, - 0x04, 0x6e, 0x0b, 0x33, 0xfc, 0x40, 0xf6, 0xc7, - 0xc1, 0x43, 0xb1, 0xbf, 0x0e, 0xb3, 0x87, 0xfd, - 0x0b, 0x1c, 0x63, 0x46, 0x3a, 0xd3, 0xa0, 0x17, - 0x59, 0x25, 0x94, 0x6c, 0x9c, 0x3d, 0x0c, 0x81, - 0xce, 0x82, 0x72, 0x42, 0x28, 0xf9, 0x37, 0x6a, - 0x6d, 0xe4, 0x12, 0xf4, 0x21, 0xaa, 0xf7, 0xfe, - 0x27, 0x55, 0x40, 0x1a, 0x14, 0xc3, 0x39, 0x5b, - 0xbf, 0x63, 0xc2, 0x5f, 0x10, 0x1f, 0x14, 0x25, - 0xd0, 0xce, 0xf3, 0x14, 0x48, 0x13, 0xa5, 0x0b, - 0x4d, 0x38, 0xcf, 0x0d, 0x34, 0xc0, 0x0a, 0x11, - 0xb4, 0xb5, 0x72, 0xc8, 0x4b, 0xc2, 0x6f, 0xe7, - 0x9d, 0x93, 0xf7, 0xdf, 0xb8, 0x43, 0x72, 0x7e, - 0xda, 0x3e, 0x20, 0x1f, 0xbc, 0x21, 0x2a, 0xce, - 0x00, 0xfa, 0x96, 0x9f, 0x3d, 0xe5, 0x88, 0x96, - 0xef, 0x29, 0x84, 0xdf, 0x6c, 0x1c, 0x96, 0xd8, - 0x58, 0x47, 0xaa, 0x92, 0xf3, 0x07, 0xe5, 0xfb, - 0xaf, 0xea, 0x95, 0x7e, 0x0b, 0x71, 0xcd, 0x81, - 0x0f, 0xb7, 0x0a, 0x59, 0x8f, 0x31, 0x4d, 0xd1, - 0xc3, 0xf3, 0x2f, 0x70, 0x5c, 0x59, 0x18, 0x97, - 0xaf, 0x77, 0x95, 0x5e, 0xaf, 0x40, 0x06, 0x12, - 0x81, 0x61, 0x86, 0x08, 0x4e, 0xbc, 0x89, 0x46, - 0x07, 0x2e, 0x5b, 0x10, 0xaa, 0x12, 0xf0, 0xa7, - 0x84, 0xe2, 0x9a, 0x08, 0xf1, 0xde, 0x59, 0xe3, - 0x0e, 0x47, 0x4b, 0xff, 0xc3, 0xc9, 0x18, 0xaf, - 0x95, 0x9c, 0x67, 0x2a, 0xde, 0x8a, 0x7a, 0x99, - 0x04, 0xc4, 0xb8, 0x97, 0x4c, 0x04, 0x29, 0x71, - 0x05, 0xda, 0xb3, 0xd6, 0xdb, 0x6c, 0x71, 0xe6, - 0xe8, 0x03, 0xbf, 0x94, 0x7d, 0xde, 0x3d, 0xc8, - 0x44, 0xfa, 0x7d, 0x62, 0xb4, 0x36, 0x03, 0xee, - 0x36, 0x52, 0x64, 0xb4, 0x85, 0x6d, 0xd5, 0x78, - 0xf0, 0x6f, 0x67, 0x2d, 0x0e, 0xe0, 0x2c, 0x88, - 0x9b, 0x55, 0x19, 0x29, 0x40, 0xf6, 0x8c, 0x12, - 0xbb, 0x2c, 0x83, 0x96, 0x40, 0xc0, 0x36, 0xf5, - 0x77, 0xff, 0x70, 0x8c, 0x75, 0x92, 0x0b, 0xad, - 0x05, 0x9b, 0x7e, 0xa2, 0xfc, 0xa9, 0xd1, 0x64, - 0x76, 0x82, 0x13, 0xba, 0x22, 0x5e, 0x33, 0x0e, - 0x26, 0x70, 0xa9, 0xbe, 0x74, 0x28, 0xf5, 0xe2, - 0xc4, 0x96, 0xee, 0x3a, 0xbc, 0x97, 0xa6, 0x2c, - 0x2a, 0xe0, 0x64, 0x8d, 0x35, 0xc6, 0x1a, 0xca, - 0xf4, 0x92, 0xfa, 0xc3, 0xf1, 0x1f, 0x98, 0xe4, - 0x43, 0x88, 0x69, 0x3a, 0x09, 0xbf, 0x63, 0xe5, - 0x96, 0x29, 0x0b, 0x9b, 0x62, 0x23, 0x14, 0x8a, - 0x95, 0xe4, 0x1c, 0x5c, 0x0a, 0xa9, 0xc5, 0xb9, - 0x6f, 0x4f, 0x2b, 0x25, 0x6f, 0x74, 0x1e, 0x18, - 0xd5, 0xfe, 0x27, 0x7d, 0x3f, 0x6e, 0x55, 0x2c, - 0x67, 0xe6, 0xde, 0xb5, 0xcc, 0xc0, 0x2d, 0xff, - 0xc4, 0xe4, 0x06, 0x21, 0xa5, 0xc8, 0xd3, 0xd6, - 0x6c, 0xa1, 0xc3, 0xfb, 0x88, 0x92, 0xb1, 0x1d, - 0x90, 0xe1, 0x35, 0x05, 0x9b, 0x29, 0x6d, 0xba, - 0xf1, 0xf4, 0x1e, 0x23, 0x2e} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880 + 8, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mcnt", - { - 0x07, 0x52, 0x65, 0xe7, 0xca, 0xa3, 0xca, 0x45, - 0xcf, 0x3a, 0x05, 0x1d, 0x38, 0x03, 0x53, 0x0c, - 0x22, 0x31, 0xba, 0x99, 0x4f, 0x9b, 0x6a, 0x1b, - 0x7e, 0x09, 0x9d, 0x4e, 0xb5, 0xc9, 0x84, 0x2e}, - G89_CNT, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x3d, 0x05, 0x07, 0x57, 0xc0, 0x75, 0x89, 0x97, - 0xd6, 0x94, 0x49, 0x11, 0x1d, 0xd0, 0x91, 0xee} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4294967296) + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gcnt", - { - 0x75, 0xa3, 0x3c, 0xae, 0x03, 0x6b, 0x10, 0xdb, - 0xc1, 0x56, 0x50, 0x89, 0x03, 0xd2, 0x9f, 0x91, - 0xee, 0xe8, 0x64, 0x1d, 0x43, 0xf2, 0x4e, 0xf8, - 0xf2, 0x6c, 0xed, 0xda, 0x8f, 0xe4, 0x88, 0xe9}, - G89_CNT, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0xfa, 0x6c, 0x96, 0x78, 0xe2, 0xf8, 0xdd, 0xaa, - 0x67, 0x5a, 0xc9, 0x5d, 0x57, 0xf1, 0xbd, 0x99} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1035, - { - 0xd6, 0xcf, 0x31, 0x96, 0x9c, 0xa1, 0xfb, 0xd6, - 0x8d, 0xa3, 0xdd, 0x01, 0xd9, 0x88, 0xc0, 0x2f, - 0xbc, 0x46, 0xc7, 0x3a, 0xe4, 0x21, 0x86, 0x96, - 0x8d, 0xe2, 0xca, 0xb6, 0x37, 0xa2, 0xe1, 0xa8, - 0x7e, 0xa7, 0x79, 0x2e, 0xa4, 0x56, 0x75, 0x7f, - 0x3e, 0x55, 0x8b, 0x43, 0xae, 0x65, 0xdf, 0xaa, - 0x42, 0xb6, 0x00, 0xa6, 0x61, 0x03, 0x0d, 0xd3, - 0x41, 0x02, 0x27, 0x23, 0x95, 0x79, 0x9b, 0x34, - 0x81, 0xa9, 0x86, 0xb5, 0xa7, 0x90, 0xe2, 0xae, - 0xc4, 0x2f, 0xc3, 0x8e, 0x32, 0x56, 0x13, 0xfa, - 0x4d, 0x4e, 0x9f, 0x15, 0x75, 0x7e, 0x74, 0xdc, - 0x32, 0x2d, 0xee, 0x4d, 0x67, 0x70, 0x9f, 0x62, - 0xb9, 0xc4, 0xdb, 0x24, 0x84, 0xcc, 0x16, 0x7b, - 0xda, 0x22, 0xf7, 0xc5, 0xf3, 0x93, 0x35, 0x73, - 0xc6, 0x03, 0x1c, 0x77, 0xa5, 0xf2, 0x76, 0x56, - 0xb4, 0x95, 0xd4, 0x7e, 0x0d, 0x20, 0xc6, 0x6e, - 0xee, 0x8f, 0x25, 0x48, 0xff, 0x7e, 0x01, 0x3a, - 0xb4, 0x1f, 0xaa, 0x35, 0xc0, 0x33, 0x58, 0x9c, - 0xb5, 0xba, 0x65, 0x4b, 0xd3, 0x51, 0x14, 0xec, - 0x61, 0xce, 0xe4, 0xba, 0x49, 0xba, 0x39, 0x32, - 0xab, 0xce, 0x81, 0x72, 0xce, 0xab, 0xed, 0xd4, - 0xd2, 0x19, 0x87, 0x85, 0x92, 0xfa, 0x64, 0x34, - 0xd8, 0x86, 0xf4, 0x8a, 0x08, 0x3c, 0xde, 0xee, - 0x97, 0x92, 0x92, 0x69, 0xba, 0x9b, 0x5f, 0x7a, - 0x03, 0xc1, 0x5d, 0x43, 0x02, 0x8c, 0xbe, 0xd2, - 0x46, 0x72, 0x81, 0x40, 0x7d, 0x68, 0x98, 0x45, - 0x0b, 0x54, 0x27, 0x1c, 0xaf, 0x80, 0x42, 0xe4, - 0xd5, 0xd4, 0xe4, 0xa2, 0x98, 0x07, 0x8f, 0x03, - 0xf5, 0x2c, 0x8c, 0x88, 0xca, 0x5a, 0xde, 0xe4, - 0x9f, 0xb1, 0x5f, 0x82, 0xff, 0x20, 0x67, 0x52, - 0x85, 0x84, 0x4f, 0xc8, 0xfe, 0xa7, 0x9e, 0xae, - 0x1c, 0xfa, 0xb8, 0x75, 0xd3, 0xf7, 0x9f, 0x0d, - 0xda, 0x2d, 0xe6, 0xcc, 0x86, 0x6b, 0xa4, 0x14, - 0x65, 0xc3, 0xf9, 0x15, 0xbc, 0x87, 0xf5, 0xae, - 0x8c, 0x10, 0xd4, 0xce, 0x5b, 0x9c, 0xe2, 0xdd, - 0x42, 0x03, 0x09, 0x87, 0x47, 0xed, 0x5d, 0xd0, - 0x7a, 0x69, 0x4c, 0xfa, 0x43, 0x7d, 0xbf, 0x07, - 0x85, 0x6a, 0xee, 0x68, 0xe6, 0x7a, 0x57, 0xb2, - 0x20, 0x8d, 0x80, 0xf2, 0x91, 0x6f, 0x5c, 0x07, - 0x8c, 0xe4, 0x6a, 0x49, 0x90, 0x85, 0x8b, 0x77, - 0x29, 0x56, 0x1c, 0x5e, 0xa9, 0x3f, 0xab, 0x8b, - 0x79, 0xa3, 0x6f, 0x6b, 0x34, 0xcb, 0x61, 0xf6, - 0xe6, 0x92, 0xd1, 0x48, 0x9e, 0x11, 0xa2, 0x82, - 0xc0, 0x4e, 0x23, 0xd2, 0x15, 0x0d, 0x8d, 0xff, - 0xfa, 0x17, 0x9d, 0x81, 0xb8, 0xbc, 0xd7, 0x5b, - 0x08, 0x81, 0x20, 0x40, 0xc0, 0x3c, 0x06, 0x8b, - 0x1a, 0x88, 0x0b, 0x4b, 0x7b, 0x31, 0xf5, 0xd4, - 0x4e, 0x09, 0xd1, 0x4d, 0x0d, 0x7f, 0x45, 0xd1, - 0x09, 0x35, 0xba, 0xce, 0x65, 0xdd, 0xf2, 0xb8, - 0xfb, 0x7a, 0xbc, 0xc4, 0x4b, 0xc8, 0x75, 0xda, - 0x6b, 0xce, 0x3d, 0xe8, 0x94, 0xcc, 0x23, 0x6f, - 0xb0, 0x3b, 0x4f, 0x7d, 0x07, 0xb9, 0x0f, 0x62, - 0x92, 0x7e, 0xda, 0x70, 0x50, 0xce, 0xd3, 0x28, - 0x12, 0x11, 0x00, 0xeb, 0x8d, 0x63, 0x70, 0x78, - 0xa8, 0x7b, 0x76, 0xab, 0xc6, 0x40, 0xc0, 0x4e, - 0x80, 0xdd, 0xf0, 0xfe, 0x83, 0x72, 0x56, 0x4c, - 0x09, 0x4c, 0xf1, 0x72, 0x72, 0x86, 0x26, 0x31, - 0xc3, 0xc2, 0xdc, 0x8e, 0xc7, 0xf4, 0x35, 0xec, - 0x17, 0x06, 0x63, 0x47, 0x49, 0x88, 0x47, 0xaf, - 0xb3, 0x38, 0x4f, 0x7e, 0x44, 0x95, 0xb5, 0xbb, - 0x1d, 0xbd, 0x5a, 0x91, 0x5b, 0xd0, 0x1a, 0xdf, - 0x0d, 0x0b, 0x50, 0xd8, 0xe2, 0x0e, 0xc5, 0x00, - 0x2d, 0x5b, 0x29, 0x19, 0xaa, 0x2b, 0x64, 0xc5, - 0x40, 0x31, 0x48, 0x11, 0xbc, 0x04, 0xd1, 0xcf, - 0x6d, 0xf9, 0xa5, 0x2f, 0x4a, 0xc9, 0x82, 0xfa, - 0x59, 0xe1, 0xfc, 0xab, 0x1c, 0x33, 0x26, 0x0a, - 0x5f, 0xef, 0xf2, 0x06, 0xd8, 0xd3, 0x7e, 0x16, - 0x58, 0x16, 0x78, 0x73, 0xae, 0xba, 0xeb, 0xe5, - 0x3d, 0xb2, 0x0a, 0xb3, 0x32, 0x2d, 0x14, 0xa4, - 0xfa, 0x3f, 0x1f, 0x43, 0xf9, 0x7b, 0xa9, 0x43, - 0x98, 0x18, 0x94, 0x07, 0x07, 0xe5, 0x19, 0x34, - 0xa8, 0x16, 0x5f, 0x71, 0x67, 0xaa, 0x29, 0xe5, - 0xfa, 0xf0, 0x83, 0x06, 0x1d, 0x9d, 0xfc, 0xfe, - 0xfe, 0x8c, 0xb5, 0xb2, 0xa9, 0xe7, 0xa0, 0x40, - 0x60, 0xb6, 0x71, 0x9e, 0xab, 0x5b, 0x83, 0xb9, - 0x0c, 0x2b, 0x58, 0x23, 0x80, 0x09, 0x9e, 0x5d, - 0x94, 0x7d, 0x40, 0x76, 0xa9, 0x16, 0x96, 0x9e, - 0x83, 0xe0, 0x0d, 0xec, 0xa0, 0xec, 0x76, 0x2a, - 0xb7, 0xa0, 0xff, 0xb8, 0x50, 0x4c, 0x5b, 0xc6, - 0x8b, 0x0a, 0x65, 0x2e, 0xfe, 0xb4, 0x40, 0x9a, - 0x01, 0xd8, 0xc6, 0xa3, 0xab, 0x99, 0xa2, 0xc5, - 0x0c, 0x08, 0xc4, 0xb7, 0xee, 0x4d, 0x1d, 0xc4, - 0x08, 0x15, 0xd0, 0xdb, 0xaa, 0x63, 0x4f, 0x31, - 0xeb, 0x14, 0x97, 0x43, 0xbd, 0xc1, 0x94, 0x08, - 0xe6, 0xde, 0x43, 0x9f, 0x95, 0x0b, 0x96, 0x7e, - 0x7f, 0x3c, 0x68, 0xba, 0x6f, 0xc4, 0xc9, 0x35, - 0x2b, 0xc4, 0x0e, 0xda, 0x1f, 0x91, 0x68, 0x64, - 0x63, 0x34, 0x73, 0xbe, 0x57, 0x75, 0xb9, 0xed, - 0xf7, 0x2d, 0x3b, 0x05, 0x21, 0x93, 0x28, 0x48, - 0x96, 0x95, 0x97, 0xa0, 0xd2, 0x7d, 0x78, 0xbb, - 0x6a, 0x49, 0x8f, 0x76, 0x55, 0x74, 0x63, 0xb9, - 0xc5, 0x36, 0x12, 0x25, 0xbf, 0x03, 0x82, 0x8f, - 0xf0, 0xf6, 0x80, 0xbb, 0x33, 0xb4, 0xf4, 0x17, - 0x27, 0x1c, 0xf3, 0x4c, 0x10, 0xa3, 0xe4, 0xd1, - 0x55, 0xd9, 0x68, 0x21, 0x4e, 0x5a, 0x83, 0x67, - 0xbf, 0xf8, 0x3c, 0x7d, 0x4e, 0x62, 0xd3, 0x28, - 0xa7, 0x26, 0x6f, 0xe9, 0xee, 0xc2, 0x0b, 0x2d, - 0x03, 0x84, 0xb1, 0xff, 0xd6, 0x68, 0x1f, 0xb6, - 0xf2, 0xe4, 0x0f, 0xda, 0x2d, 0xee, 0x5f, 0x6e, - 0x21, 0xc8, 0xe1, 0xfc, 0xad, 0x6b, 0x0e, 0x04, - 0x7d, 0xaf, 0xc2, 0x3b, 0xa5, 0x68, 0x9b, 0x0c, - 0xf3, 0x56, 0xf3, 0xda, 0x8d, 0xc8, 0x7d, 0x39, - 0xdc, 0xd5, 0x99, 0xc6, 0x01, 0x10, 0xce, 0x42, - 0x1b, 0xac, 0x48, 0xdc, 0x97, 0x78, 0x0a, 0xec, - 0xb3, 0x8f, 0x47, 0x35, 0xa3, 0x6a, 0x64, 0xb2, - 0x8e, 0x63, 0x69, 0x22, 0x66, 0xae, 0x2e, 0xe0, - 0x88, 0xf9, 0x40, 0x3c, 0xc9, 0xa2, 0x57, 0x61, - 0xf6, 0xad, 0xf0, 0xdc, 0x90, 0x56, 0x3f, 0x06, - 0x9b, 0x7d, 0xbd, 0xc2, 0x81, 0x02, 0xab, 0xb8, - 0x15, 0x09, 0x88, 0x4a, 0xff, 0x2f, 0x31, 0xbf, - 0x5e, 0xfa, 0x6a, 0x7e, 0xf6, 0xc5, 0xa7, 0xf7, - 0xd5, 0xab, 0x55, 0xac, 0xae, 0x0d, 0x8c, 0x8d, - 0x7f, 0x4b, 0x25, 0xbb, 0x32, 0xff, 0x11, 0x33, - 0x2e, 0x37, 0x37, 0x69, 0x96, 0x15, 0x17, 0xb1, - 0x17, 0x49, 0xe0, 0x9a, 0x9c, 0xd9, 0x5b, 0x8d, - 0x58, 0xa3, 0x1d, 0x92, 0x87, 0xf8, 0x80, 0xb9, - 0xbd, 0x5a, 0xec, 0x40, 0xe1, 0x00, 0x33, 0x60, - 0xe4, 0x86, 0x16, 0x6d, 0x61, 0x81, 0xf2, 0x28, - 0x6a, 0xa7, 0xce, 0x3f, 0x95, 0xae, 0x43, 0xca, - 0xe1, 0x3f, 0x81, 0x74, 0x7e, 0x1c, 0x47, 0x17, - 0x95, 0xc6, 0x60, 0xda, 0x74, 0x77, 0xd9, 0x9f, - 0xfa, 0x92, 0xb4, 0xbe, 0xe1, 0x23, 0x98, 0x18, - 0x95, 0x63, 0x03, 0x13, 0x4c, 0x1a, 0x2d, 0x41, - 0xcd, 0xe4, 0x84, 0xf7, 0xe6, 0x38, 0xef, 0xff, - 0x95, 0xb2, 0xe8, 0x7c, 0x8f, 0x58, 0xb5, 0xb5, - 0xed, 0x27, 0x7f, 0x3c, 0x18, 0xab, 0xbe, 0x7f, - 0x4f, 0xe2, 0x35, 0x15, 0x71, 0xb7, 0x6f, 0x85, - 0x38, 0x9b, 0x88, 0xf6, 0x9c, 0x8d, 0x43, 0xb5, - 0x58, 0x9e, 0xf2, 0xd1, 0x96, 0xbe, 0xb7, 0xad, - 0x1a, 0xa0, 0x98}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit2", - { - 0x80, 0xd9, 0xa0, 0xdc, 0x21, 0xf9, 0x30, 0x40, - 0x75, 0xfe, 0x49, 0x1b, 0x9e, 0x71, 0x90, 0x91, - 0x78, 0x88, 0x21, 0x60, 0x39, 0xe7, 0xc9, 0x2b, - 0xfb, 0x55, 0x1d, 0xf4, 0xdd, 0x2b, 0x0a, 0x01}, - G89_IMIT, - {0}, - { - 0x90, 0xf2, 0x11, 0x9a} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 10, - { - 0x1d, 0xeb, 0xe6, 0x79, 0x0a, 0x59, 0x00, 0xe6, - 0x8e, 0x5c}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit3", - { - 0xa9, 0xb6, 0x37, 0xcc, 0x6d, 0x9b, 0x2f, 0x25, - 0xb0, 0xdf, 0x47, 0x04, 0x50, 0x68, 0xb0, 0x27, - 0x41, 0x27, 0x58, 0x6a, 0xbd, 0x0a, 0x6e, 0x50, - 0x2f, 0xc6, 0xfc, 0xc0, 0x3e, 0x29, 0x42, 0xa5}, - G89_IMIT, - {0}, - { - 0x31, 0x7c, 0x16, 0xe4} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 6, - { - 0xef, 0x06, 0x8f, 0x14, 0xc9, 0x04}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit4", - { - 0xb0, 0x6c, 0x48, 0x23, 0x0a, 0x6e, 0xf4, 0xec, - 0x27, 0x98, 0x01, 0x23, 0xa7, 0xd8, 0xbf, 0x60, - 0x89, 0xef, 0xad, 0xe8, 0x8f, 0x79, 0x14, 0x8c, - 0x18, 0x5c, 0x9a, 0xda, 0xef, 0x0b, 0xdd, 0xa0}, - G89_IMIT, - {0}, - { - 0xe9, 0x72, 0xae, 0xbf} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x02, 0xf8, 0xec, 0x2b, 0x4d, 0x1f, 0xbc, 0x7c, - 0x6e, 0x47, 0xe3, 0x87, 0x22, 0x75, 0x41, 0xa7}, - "id-Gost28147-89-CryptoPro-B-ParamSet", - "testimit5", - { - 0x33, 0xd3, 0xef, 0x01, 0x19, 0x95, 0x0e, 0x15, - 0xa1, 0x69, 0x75, 0xae, 0x56, 0x27, 0x17, 0x79, - 0x63, 0x47, 0xab, 0x62, 0x9d, 0x4a, 0xf0, 0x34, - 0xd3, 0x1e, 0x69, 0x74, 0xec, 0x31, 0x48, 0xfc}, - G89_IMIT, - {0}, - { - 0xf5, 0x55, 0x1f, 0x28} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 8, - { - 0xf3, 0xb2, 0x29, 0xd2, 0x7a, 0x37, 0x03, 0x12}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit6", - { - 0x42, 0x35, 0x81, 0x91, 0x0b, 0xa9, 0x99, 0xff, - 0xd9, 0x43, 0xf8, 0xc6, 0x19, 0x55, 0x1f, 0x2f, - 0x2d, 0x45, 0x40, 0x20, 0x1e, 0x1d, 0x32, 0x7a, - 0xb1, 0x07, 0x6b, 0x4f, 0x45, 0x90, 0xd9, 0x80}, - G89_IMIT, - {0}, - { - 0x6e, 0x15, 0xfa, 0xe8} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 0, - { - 0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit7", - { - 0x26, 0xcb, 0xb9, 0xf0, 0x0c, 0x62, 0x9f, 0xaa, - 0x4a, 0x1d, 0xb6, 0x30, 0x09, 0x01, 0x56, 0x89, - 0x66, 0xd4, 0xe4, 0x0e, 0xfe, 0xf6, 0x10, 0x6b, - 0x6c, 0xe8, 0x04, 0x3a, 0xe3, 0x61, 0x4b, 0x19}, - G89_IMIT, - {0}, - { - 0x00, 0x00, 0x00, 0x00} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mimit", - { - 0xaa, 0x85, 0x84, 0xcd, 0x65, 0x28, 0xe1, 0xdb, - 0xb8, 0x20, 0x19, 0x43, 0xe0, 0x36, 0x35, 0x10, - 0x19, 0xc3, 0x70, 0x5b, 0x27, 0xc1, 0x9d, 0x84, - 0x75, 0xa3, 0xc6, 0x49, 0x46, 0x8f, 0x7c, 0x4e}, - G89_IMIT, - {0}, - { - 0x2a, 0xe6, 0x23, 0xc6} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 3221225472U + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test3Gimit1", - { - 0xd5, 0xda, 0xfe, 0x06, 0x60, 0xdc, 0xf0, 0xb3, - 0x49, 0x5a, 0x02, 0x59, 0xc8, 0x2e, 0x4a, 0x2b, - 0xcc, 0x9b, 0x98, 0x04, 0xb7, 0xf2, 0x78, 0xb7, - 0xce, 0xa3, 0xf2, 0xdb, 0x9e, 0xa8, 0x49, 0x1d}, - G89_IMIT, - {0}, - { - 0xcc, 0x46, 0x67, 0xe4} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit3", - { - 0x0d, 0xf1, 0xa8, 0x7f, 0x57, 0x03, 0x44, 0xcc, - 0xdb, 0x20, 0xde, 0xed, 0x85, 0x50, 0x38, 0xda, - 0xc9, 0x44, 0xec, 0x2c, 0x0d, 0x66, 0xb7, 0xdc, - 0x17, 0x14, 0x55, 0x95, 0x33, 0x6e, 0x43, 0x3e}, - G89_IMIT, - {0}, - { - 0xb7, 0x21, 0x2e, 0x48} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024 + 4, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit1", - { - 0x0c, 0xf3, 0xe9, 0xb0, 0x28, 0x3b, 0x9f, 0x8b, - 0xe3, 0x82, 0xb9, 0xa2, 0xa6, 0xbd, 0x80, 0xd2, - 0xcd, 0xfa, 0x3f, 0xf7, 0x90, 0xa7, 0x55, 0x06, - 0x9b, 0x7a, 0x58, 0xee, 0xe7, 0xf1, 0x9d, 0xbe}, - G89_IMIT, - {0}, - { - 0xda, 0x15, 0x10, 0x73} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024 + 10, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit2", - { - 0x97, 0x1a, 0x42, 0x22, 0xfa, 0x07, 0xb2, 0xca, - 0xf9, 0xd2, 0x34, 0x5a, 0x92, 0xb1, 0x1f, 0x6b, - 0x53, 0xf8, 0xaf, 0xed, 0x9a, 0x73, 0xc4, 0x38, - 0xd7, 0x7d, 0x25, 0x81, 0x00, 0x0d, 0xd4, 0x29}, - G89_IMIT, - {0}, - { - 0x52, 0xaa, 0x22, 0xb4} - } -}; - -int main(int argc, char *argv[]) -{ - unsigned int t; - u64 ullMaxLen = 6 * 1000 * 1000; - int ignore = 0; - ENGINE *impl = NULL; - EVP_MD_CTX *mctx; - EVP_CIPHER_CTX *ectx; - EVP_PKEY *mac_key; - byte bDerive[EVP_MAX_KEY_LENGTH]; - byte bTest[G89_MAX_TC_LEN]; - byte bTest1[G89_MAX_TC_LEN]; - u64 ullLeft; - static const byte bZB[40 * 1024 * 1024] = { 0 }; - static byte bTS[40 * 1024 * 1024] = { 0 }; - unsigned int mdl = 0; - int enlu = 0; - int enlf = 0; - size_t siglen; - size_t l = 0; - - const EVP_MD *md_gost94 = NULL; - const EVP_CIPHER *cp_g89cfb = NULL; - const EVP_CIPHER *cp_g89cnt = NULL; - const EVP_CIPHER *ctype = NULL; - const EVP_MD *md_g89imit = NULL; - - long lErrLine; - CONF *pConfig = NCONF_new(NULL); - BIO *bpConf; - char sConf[] = - "openssl_conf = openssl_def\n" - "\n" - "[openssl_def]\n" - "engines = engine_section\n" - "\n" - "[engine_section]\n" - "gost = gost_section\n" - "\n" "[gost_section]\n" "default_algorithms = ALL\n" "\n"; - - printf("Testing GOST 28147-89 "); - - if (1 < argc) { - if (1 != sscanf(argv[1], FMT64, &ullMaxLen) || - (2 < argc ? 1 != sscanf(argv[2], "%d", &ignore) : 0)) { - fflush(NULL); - fprintf(stderr, "Usage: %s [maxlen [ignore-error]]\n", argv[0]); - return 1; - } - } - - /* - * ccgost engine test on GostR3411_94_CryptoProParamSet - */ - ERR_load_crypto_strings(); - ENGINE_load_builtin_engines(); - OPENSSL_load_builtin_modules(); - - bpConf = BIO_new_mem_buf(sConf, -1); - if (!NCONF_load_bio(pConfig, bpConf, &lErrLine)) { - fflush(NULL); - fprintf(stderr, "NCONF_load_bio: ErrLine=%ld: %s\n", - lErrLine, ERR_error_string(ERR_get_error(), NULL)); - return 4; - } - BIO_free(bpConf); - - if (!CONF_modules_load(pConfig, NULL, 0)) { - fflush(NULL); - fprintf(stderr, "CONF_modules_load: %s\n", - ERR_error_string(ERR_get_error(), NULL)); - return 5; - } - - /* Test load engine */ - if (NULL == (impl = ENGINE_by_id(CCGOST_ID))) { - fflush(NULL); - fprintf(stderr, "Can't load engine id \"" CCGOST_ID "\"\n"); - if (!ignore) { - return 6; - } - } - if (NULL == (md_gost94 = EVP_get_digestbyname(SN_id_GostR3411_94))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_GostR3411_94 "\" - not found\n"); - if (!ignore) { - return 7; - } - } - if (NULL == (cp_g89cfb = EVP_get_cipherbyname(SN_id_Gost28147_89))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_Gost28147_89 "\" - not found\n"); - if (!ignore) { - return 8; - } - } - if (NULL == (cp_g89cnt = EVP_get_cipherbyname(SN_gost89_cnt))) { - fflush(NULL); - fprintf(stderr, "\"" SN_gost89_cnt "\" - not found\n"); - if (!ignore) { - return 9; - } - } - if (NULL == (md_g89imit = EVP_get_digestbyname(SN_id_Gost28147_89_MAC))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_Gost28147_89_MAC "\" - not found\n"); - if (!ignore) { - return 10; - } - } - - /* Test cases */ - for (t = 0; t < OSSL_NELEM(tcs); t++) { - if (NULL == tcs[t].szDerive) { - continue; - } - memset(bDerive, 0x3c, sizeof(bDerive)); - mdl = sizeof(bDerive); - EVP_Digest(tcs[t].szDerive, strlen(tcs[t].szDerive), - bDerive, &mdl, md_gost94, impl); - if (0 != memcmp(tcs[t].bRawKey, bDerive, mdl)) { - fflush(NULL); - fprintf(stderr, "Engine test t=%d " "derive key error.\n", t); - if (!ignore) { - return 12; - } - } - if (ullMaxLen < tcs[t].ullLen) { - continue; - } - memset(bTest, 0xa5, sizeof(bTest)); - memset(bTest1, 0x5a, sizeof(bTest1)); - if (!ENGINE_ctrl_cmd_string(impl, - "CRYPT_PARAMS", tcs[t].szParamSet, 0)) { - fflush(NULL); - fprintf(stderr, "ENGINE_ctrl_cmd_string: %s\n", - ERR_error_string(ERR_get_error(), NULL)); - return 11; - } - switch (tcs[t].gMode) { - case G89_ECB: - /* OpenSSL/ccgost not implemented GOST 28147-89 ECB */ - continue; - case G89_CFB: - ctype = cp_g89cfb; - goto engine_cipher_check; - case G89_CNT: - if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet", - tcs[t].szParamSet)) { - /* - * ccgost engine can't change S-Box for gost-cnt - */ - continue; - } - ctype = cp_g89cnt; - engine_cipher_check: - ectx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ectx, ctype, impl, bDerive, tcs[t].bIV); - if (G89_MAX_TC_LEN >= tcs[t].ullLen) { - enlu = sizeof(bTest); - EVP_EncryptUpdate(ectx, bTest, &enlu, - tcs[t].bIn, (int)tcs[t].ullLen); - l = (size_t)tcs[t].ullLen; - } else { - for (ullLeft = tcs[t].ullLen; - ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) { - printf("B"); - fflush(NULL); - enlu = sizeof(bTS); - EVP_EncryptUpdate(ectx, bTS, &enlu, bZB, sizeof(bZB)); - } - printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen); - fflush(NULL); - EVP_EncryptUpdate(ectx, bTS, &enlu, bZB, (int)ullLeft); - memcpy(bTest, &bTS[enlu - 16], 16); - enlu = (int)tcs[t].ullLen; - l = 16; - } - enlf = sizeof(bTest1); - EVP_EncryptFinal_ex(ectx, bTest1, &enlf); - EVP_CIPHER_CTX_free(ectx); - break; - case G89_IMIT: - if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet", - tcs[t].szParamSet)) { - /* - * ccgost engine can't change S-Box for gost-mac - */ - continue; - } - mctx = EVP_MD_CTX_new(); - if (mctx == NULL) { - fflush(NULL); - fprintf(stderr, "ENGINE_ctrl_cmd_string: malloc failure\n"); - return 14; - } - mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL, - bDerive, mdl); - EVP_DigestSignInit(mctx, NULL, md_g89imit, impl, mac_key); - if (G89_MAX_TC_LEN >= tcs[t].ullLen) { - EVP_DigestSignUpdate(mctx, tcs[t].bIn, - (unsigned int)tcs[t].ullLen); - } else { - for (ullLeft = tcs[t].ullLen; - ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) { - printf("B"); - fflush(NULL); - EVP_DigestSignUpdate(mctx, bZB, sizeof(bZB)); - } - printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen); - fflush(NULL); - EVP_DigestSignUpdate(mctx, bZB, (unsigned int)ullLeft); - } - siglen = 4; - OPENSSL_assert(EVP_DigestSignFinal(mctx, bTest, &siglen)); - EVP_PKEY_free(mac_key); - EVP_MD_CTX_free(mctx); - enlu = (int)tcs[t].ullLen; - enlf = 0; - l = siglen; - break; - } - if ((int)tcs[t].ullLen != enlu || 0 != enlf || - 0 != memcmp(tcs[t].bOut, bTest, l)) { - fflush(NULL); - fprintf(stderr, "\nEngine test t=%d len=" FMT64 - " failed.\n", t, tcs[t].ullLen); - if (!ignore) { - return 13; - } - } else { - printf("."); - fflush(NULL); - } - } - - printf(" passed\n"); - fflush(NULL); - - NCONF_free(pConfig); - - return EXIT_SUCCESS; -} -#endif diff --git a/test/recipes/90-test_gost2814789.t b/test/recipes/90-test_gost2814789.t deleted file mode 100644 index e97128f..0000000 --- a/test/recipes/90-test_gost2814789.t +++ /dev/null @@ -1,13 +0,0 @@ -#! /usr/bin/perl - -use strict; -use warnings; -use OpenSSL::Test qw/:DEFAULT top_dir/; - -setup("test_gost2814789"); - -$ENV{OPENSSL_ENGINES} = - $ENV{BIN_D} ? top_dir($ENV{BIN_D}) : top_dir("engines", "ccgost"); - -plan tests => 1; -ok(run(test(["gost2814789test"])), 'running gost2814789test'); diff --git a/util/libeay.num b/util/libeay.num index 33c1c4e..0e568e0 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -3790,7 +3790,7 @@ d2i_TS_ACCURACY 4194 1_1_0 EXIST::FUNCTION: DSO_global_lookup 4195 1_1_0 EXIST::FUNCTION: TS_CONF_set_tsa_name 4196 1_1_0 EXIST::FUNCTION: i2d_ASN1_SET_ANY 4197 1_1_0 EXIST::FUNCTION: -ENGINE_load_gost 4198 1_1_0 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE +ENGINE_load_gost 4198 1_1_0 NOEXIST::FUNCTION: WHIRLPOOL_BitUpdate 4199 1_1_0 EXIST::FUNCTION:WHIRLPOOL ASN1_PCTX_get_flags 4200 1_1_0 EXIST::FUNCTION: TS_TST_INFO_get_ext_by_NID 4201 1_1_0 EXIST::FUNCTION: diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 5b79ecd..490df28 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -1033,7 +1033,6 @@ sub var_add return("") if $no_dsa && $dir =~ /\/dsa/; return("") if $no_dh && $dir =~ /\/dh/; return("") if $no_ec && $dir =~ /\/ec/; - return("") if $no_gost && $dir =~ /\/ccgost/; return("") if $no_cms && $dir =~ /\/cms/; return("") if $no_jpake && $dir =~ /\/jpake/; return("") if !$fips && $dir =~ /^fips/; |