Let's wrap old and new key enncryption together

author: Dmitry Belyavskiy <beldmit@gmail.com> 2018-09-04 17:02:57 +0300
committer: Dmitry Belyavskiy <beldmit@gmail.com> 2018-09-04 17:02:57 +0300
commit: 06eb03a547f646080830d2cd5572844e19909b97 (patch)
tree: 8f31f70f3200201f835d372235b8d617b9512255
parent: f72fe5c4cfaa5130d0afb5174eb272bac01a912a (diff)
download: gost-engine-06eb03a547f646080830d2cd5572844e19909b97.zip
gost-engine-06eb03a547f646080830d2cd5572844e19909b97.tar.gz
gost-engine-06eb03a547f646080830d2cd5572844e19909b97.tar.bz2
6 files changed, 46 insertions, 12 deletions
diff --git a/e_gost_err.c b/e_gost_err.c
index 0bc0856..c93a434 100644
--- a/e_gost_err.c
+++ b/e_gost_err.c
@@ -53,6 +53,7 @@ static ERR_STRING_DATA GOST_str_functs[] = {
     {ERR_PACK(0, GOST_F_PKEY_GOST2018_DECRYPT, 0), "pkey_gost2018_decrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST2018_ENCRYPT, 0), "pkey_gost2018_encrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_CTRL, 0), "pkey_gost_ctrl"},
+    {ERR_PACK(0, GOST_F_PKEY_GOST_DECRYPT, 0), "pkey_gost_decrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_ECCP_DECRYPT, 0), "pkey_GOST_ECcp_decrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_ECCP_ENCRYPT, 0), "pkey_GOST_ECcp_encrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_EC_CTRL_STR_256, 0),
@@ -60,6 +61,7 @@ static ERR_STRING_DATA GOST_str_functs[] = {
     {ERR_PACK(0, GOST_F_PKEY_GOST_EC_CTRL_STR_512, 0),
      "pkey_gost_ec_ctrl_str_512"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_EC_DERIVE, 0), "pkey_gost_ec_derive"},
+    {ERR_PACK(0, GOST_F_PKEY_GOST_ENCRYPT, 0), "pkey_gost_encrypt"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT, 0),
      "pkey_gost_grasshopper_mac_signctx_init"},
     {ERR_PACK(0, GOST_F_PKEY_GOST_MAC_CTRL, 0), "pkey_gost_mac_ctrl"},
diff --git a/e_gost_err.h b/e_gost_err.h
index 90c3b41..39b3da2 100644
--- a/e_gost_err.h
+++ b/e_gost_err.h
@@ -60,11 +60,13 @@ void ERR_GOST_error(int function, int reason, char *file, int line);
 # define GOST_F_PKEY_GOST2018_DECRYPT                     150
 # define GOST_F_PKEY_GOST2018_ENCRYPT                     151
 # define GOST_F_PKEY_GOST_CTRL                            122
+# define GOST_F_PKEY_GOST_DECRYPT                         153
 # define GOST_F_PKEY_GOST_ECCP_DECRYPT                    123
 # define GOST_F_PKEY_GOST_ECCP_ENCRYPT                    124
 # define GOST_F_PKEY_GOST_EC_CTRL_STR_256                 125
 # define GOST_F_PKEY_GOST_EC_CTRL_STR_512                 126
 # define GOST_F_PKEY_GOST_EC_DERIVE                       127
+# define GOST_F_PKEY_GOST_ENCRYPT                         152
 # define GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT    141
 # define GOST_F_PKEY_GOST_MAC_CTRL                        128
 # define GOST_F_PKEY_GOST_MAC_CTRL_STR                    129
diff --git a/gost.txt b/gost.txt
index 540b755..a0cb8ab 100644
--- a/gost.txt
+++ b/gost.txt
@@ -40,11 +40,13 @@ GOST_F_PKEY_GOST2012_PARAMGEN:121:pkey_gost2012_paramgen
 GOST_F_PKEY_GOST2018_DECRYPT:150:pkey_gost2018_decrypt
 GOST_F_PKEY_GOST2018_ENCRYPT:151:pkey_gost2018_encrypt
 GOST_F_PKEY_GOST_CTRL:122:pkey_gost_ctrl
+GOST_F_PKEY_GOST_DECRYPT:153:pkey_gost_decrypt
 GOST_F_PKEY_GOST_ECCP_DECRYPT:123:pkey_GOST_ECcp_decrypt
 GOST_F_PKEY_GOST_ECCP_ENCRYPT:124:pkey_GOST_ECcp_encrypt
 GOST_F_PKEY_GOST_EC_CTRL_STR_256:125:pkey_gost_ec_ctrl_str_256
 GOST_F_PKEY_GOST_EC_CTRL_STR_512:126:pkey_gost_ec_ctrl_str_512
 GOST_F_PKEY_GOST_EC_DERIVE:127:pkey_gost_ec_derive
+GOST_F_PKEY_GOST_ENCRYPT:152:pkey_gost_encrypt
 GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT:141:\
 	pkey_gost_grasshopper_mac_signctx_init
 GOST_F_PKEY_GOST_MAC_CTRL:128:pkey_gost_mac_ctrl
diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index 1e17f83..409d8e1 100644
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -229,7 +229,7 @@ int pkey_gost_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
  * Implementation of GOST2001/12 key transport, cryptopro variation
  */
 
-int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
+static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
                            size_t *out_len, const unsigned char *key,
                            size_t key_len)
 {
@@ -346,7 +346,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
  * EVP_PKEY_METHOD callback decrypt
  * Implementation of GOST2018 key transport
  */
-int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
+static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
                           size_t *out_len, const unsigned char *key,
                           size_t key_len)
 {
@@ -435,11 +435,25 @@ int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     return ret;
 }
 
+int pkey_gost_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
+                      size_t *out_len, const unsigned char *key, size_t key_len)
+{
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+    if (data->shared_ukm == NULL || data->shared_ukm_size == 8)
+        return pkey_GOST_ECcp_encrypt(pctx, out, out_len, key, key_len);
+    else if (data->shared_ukm_size == 32)
+        return pkey_gost2018_encrypt(pctx, out, out_len, key, key_len);
+    else {
+        GOSTerr(GOST_F_PKEY_GOST_ENCRYPT, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+}
+
 /*
  * EVP_PKEY_METHOD callback decrypt
  * Implementation of GOST2001/12 key transport, cryptopro variation
  */
-int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
+static int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
                            size_t *key_len, const unsigned char *in,
                            size_t in_len)
 {
@@ -528,7 +542,7 @@ int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
  * EVP_PKEY_METHOD callback decrypt
  * Implementation of GOST2018 key transport
  */
-int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
+static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
                           size_t *key_len, const unsigned char *in,
                           size_t in_len)
 {
@@ -593,3 +607,17 @@ int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
     PSKeyTransport_gost_free(pst);
     return ret;
 }
+
+int pkey_gost_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
+                      size_t *key_len, const unsigned char *in, size_t in_len)
+{
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+    if (data->shared_ukm == NULL || data->shared_ukm_size == 8)
+        return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len);
+    else if (data->shared_ukm_size == 32)
+        return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len);
+    else {
+        GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+}
diff --git a/gost_lcl.h b/gost_lcl.h
index 9b0fa1c..cc1672c 100644
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -248,11 +248,11 @@ void inc_counter(unsigned char *buffer, size_t buf_len);
 # define EVP_MD_CTRL_MAC_LEN (EVP_MD_CTRL_ALG_CTRL+5)
 /* EVP_PKEY_METHOD key encryption callbacks */
 /* From gost_ec_keyx.c */
-int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+int pkey_gost_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
                            size_t *outlen, const unsigned char *key,
                            size_t key_len);
 
-int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+int pkey_gost_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
                            size_t *outlen, const unsigned char *in,
                            size_t in_len);
 /* derive functions */
diff --git a/gost_pmeth.c b/gost_pmeth.c
index ddbe143..00cda70 100644
--- a/gost_pmeth.c
+++ b/gost_pmeth.c
@@ -954,8 +954,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
 
         EVP_PKEY_meth_set_encrypt(*pmeth,
                                   pkey_gost_encrypt_init,
-                                  pkey_GOST_ECcp_encrypt);
-        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt);
+                                  pkey_gost_encrypt);
+        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt);
         EVP_PKEY_meth_set_derive(*pmeth,
                                  pkey_gost_derive_init, pkey_gost_ec_derive);
         EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
@@ -971,8 +971,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
 
         EVP_PKEY_meth_set_encrypt(*pmeth,
                                   pkey_gost_encrypt_init,
-                                  pkey_GOST_ECcp_encrypt);
-        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt);
+                                  pkey_gost_encrypt);
+        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt);
         EVP_PKEY_meth_set_derive(*pmeth,
                                  pkey_gost_derive_init, pkey_gost_ec_derive);
         EVP_PKEY_meth_set_paramgen(*pmeth,
@@ -989,8 +989,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
 
         EVP_PKEY_meth_set_encrypt(*pmeth,
                                   pkey_gost_encrypt_init,
-                                  pkey_GOST_ECcp_encrypt);
-        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt);
+                                  pkey_gost_encrypt);
+        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt);
         EVP_PKEY_meth_set_derive(*pmeth,
                                  pkey_gost_derive_init, pkey_gost_ec_derive);
         EVP_PKEY_meth_set_paramgen(*pmeth,
author	Dmitry Belyavskiy <beldmit@gmail.com>	2018-09-04 17:02:57 +0300
committer	Dmitry Belyavskiy <beldmit@gmail.com>	2018-09-04 17:02:57 +0300
commit	06eb03a547f646080830d2cd5572844e19909b97 (patch)
tree	8f31f70f3200201f835d372235b8d617b9512255
parent	f72fe5c4cfaa5130d0afb5174eb272bac01a912a (diff)
download	gost-engine-06eb03a547f646080830d2cd5572844e19909b97.zip gost-engine-06eb03a547f646080830d2cd5572844e19909b97.tar.gz gost-engine-06eb03a547f646080830d2cd5572844e19909b97.tar.bz2