diff options
| author | Dmitry Belyavskiy <beldmit@gmail.com> | 2018-09-03 19:02:52 +0300 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2018-09-03 19:02:52 +0300 |
| commit | 2d910eb5a75bdf1fb03b56188d5ed98b1c5d2551 (patch) | |
| tree | 4a8640e255841a7085c06d497954e144b75508e1 | |
| parent | 3b27d50d79a9e7bdf3a98910c951c323ce41d6d5 (diff) | |
| download | gost-engine-2d910eb5a75bdf1fb03b56188d5ed98b1c5d2551.zip gost-engine-2d910eb5a75bdf1fb03b56188d5ed98b1c5d2551.tar.gz gost-engine-2d910eb5a75bdf1fb03b56188d5ed98b1c5d2551.tar.bz2 | |
Remove dependency from DSA
| -rw-r--r-- | gost_ec_sign.c | 18 | ||||
| -rw-r--r-- | gost_lcl.h | 11 | ||||
| -rw-r--r-- | gost_pmeth.c | 22 |
3 files changed, 23 insertions, 28 deletions
diff --git a/gost_ec_sign.c b/gost_ec_sign.c index e1cfbf5..114091c 100644 --- a/gost_ec_sign.c +++ b/gost_ec_sign.c @@ -16,7 +16,7 @@ extern void dump_signature(const char *message, const unsigned char *buffer, size_t len); -void dump_dsa_sig(const char *message, DSA_SIG *sig); +void dump_dsa_sig(const char *message, ECDSA_SIG *sig); #else # define dump_signature(a,b,c) @@ -151,12 +151,12 @@ int fill_GOST_EC_params(EC_KEY *eckey, int nid) } /* - * Computes gost_ec signature as DSA_SIG structure + * Computes gost_ec signature as ECDSA_SIG structure * */ -DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) +ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) { - DSA_SIG *newsig = NULL, *ret = NULL; + ECDSA_SIG *newsig = NULL, *ret = NULL; BIGNUM *md = NULL; BIGNUM *order = NULL; const EC_GROUP *group; @@ -179,7 +179,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) BN_CTX_start(ctx); OPENSSL_assert(dlen == 32 || dlen == 64); md = hashsum2bn(dgst, dlen); - newsig = DSA_SIG_new(); + newsig = ECDSA_SIG_new(); if (!newsig || !md) { GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); goto err; @@ -285,7 +285,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); goto err; } - DSA_SIG_set0(newsig, new_r, new_s); + ECDSA_SIG_set0(newsig, new_r, new_s); ret = newsig; err: @@ -296,7 +296,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) if (md) BN_free(md); if (!ret && newsig) { - DSA_SIG_free(newsig); + ECDSA_SIG_free(newsig); } return ret; } @@ -306,7 +306,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) * */ int gost_ec_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec) + ECDSA_SIG *sig, EC_KEY *ec) { BN_CTX *ctx; const EC_GROUP *group = (ec) ? EC_KEY_get0_group(ec) : NULL; @@ -345,7 +345,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, goto err; } - DSA_SIG_get0(sig, &sig_r, &sig_s); + ECDSA_SIG_get0(sig, &sig_r, &sig_s); if (BN_is_zero(sig_s) || BN_is_zero(sig_r) || (BN_cmp(sig_s, order) >= 1) || (BN_cmp(sig_r, order) >= 1)) { @@ -11,7 +11,6 @@ **********************************************************************/ # include <openssl/bn.h> # include <openssl/evp.h> -# include <openssl/dsa.h> # include <openssl/asn1t.h> # include <openssl/x509.h> # include <openssl/engine.h> @@ -242,15 +241,11 @@ int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, /* From gost_ec_keyx.c */ int pkey_gost_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); int fill_GOST_EC_params(EC_KEY *eckey, int nid); -int gost_sign_keygen(DSA *dsa); int gost_ec_keygen(EC_KEY *ec); -DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); - -int gost_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); +ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); int gost_ec_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec); + ECDSA_SIG *sig, EC_KEY *ec); int gost_ec_compute_public(EC_KEY *ec); /* KDF TREE */ @@ -269,7 +264,7 @@ BIGNUM *hashsum2bn(const unsigned char *dgst, int len); */ int store_bignum(const BIGNUM *bn, unsigned char *buf, int len); /* Pack GOST R 34.10 signature according to CryptoPro rules */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen); +int pack_sign_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen); /* from ameth.c */ /* Get private key as BIGNUM from both 34.10-2001 keys*/ /* Returns pointer into EVP_PKEY structure */ diff --git a/gost_pmeth.c b/gost_pmeth.c index 92c7bca..ddbe143 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -369,17 +369,17 @@ static int pkey_gost2012cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) /* ----------- sign callbacks --------------------------------------*/ /* * Packs signature according to Cryptopro rules - * and frees up DSA_SIG structure + * and frees up ECDSA_SIG structure */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen) +int pack_sign_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen) { const BIGNUM *sig_r = NULL, *sig_s = NULL; - DSA_SIG_get0(s, &sig_r, &sig_s); + ECDSA_SIG_get0(s, &sig_r, &sig_s); *siglen = 2 * order; memset(sig, 0, *siglen); store_bignum(sig_s, sig, order); store_bignum(sig_r, sig + order, order); - DSA_SIG_free(s); + ECDSA_SIG_free(s); return 1; } @@ -387,7 +387,7 @@ static int pkey_gost_ec_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbs_len) { - DSA_SIG *unpacked_sig = NULL; + ECDSA_SIG *unpacked_sig = NULL; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); int order = 0; @@ -421,19 +421,19 @@ static int pkey_gost_ec_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, /* ------------------- verify callbacks ---------------------------*/ /* Unpack signature according to cryptopro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sigbuf, size_t siglen) +ECDSA_SIG *unpack_cp_signature(const unsigned char *sigbuf, size_t siglen) { - DSA_SIG *sig; + ECDSA_SIG *sig; BIGNUM *r = NULL, *s = NULL; - sig = DSA_SIG_new(); + sig = ECDSA_SIG_new(); if (sig == NULL) { GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, ERR_R_MALLOC_FAILURE); return NULL; } s = BN_bin2bn(sigbuf, siglen / 2, NULL); r = BN_bin2bn(sigbuf + siglen / 2, siglen / 2, NULL); - DSA_SIG_set0(sig, r, s); + ECDSA_SIG_set0(sig, r, s); return sig; } @@ -443,7 +443,7 @@ static int pkey_gost_ec_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, { int ok = 0; EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - DSA_SIG *s = (sig) ? unpack_cp_signature(sig, siglen) : NULL; + ECDSA_SIG *s = (sig) ? unpack_cp_signature(sig, siglen) : NULL; if (!s) return 0; #ifdef DEBUG_SIGN @@ -455,7 +455,7 @@ static int pkey_gost_ec_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, #endif if (pub_key) ok = gost_ec_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key)); - DSA_SIG_free(s); + ECDSA_SIG_free(s); return ok; } |