diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2019-10-27 20:27:22 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2019-10-27 20:27:22 +0300 |
commit | 36af4d82eb967367885dfa217f50a6941f5c9c40 (patch) | |
tree | 0642d57d25727f61a1346917820c390936118a6c | |
parent | c7a9d2902a73bd9f65ae0145ae6f3e37537fc73e (diff) | |
parent | 07d33e5b24c0000e5b14d0bee5d53c5be3f69eeb (diff) | |
download | gost-engine-36af4d82eb967367885dfa217f50a6941f5c9c40.zip gost-engine-36af4d82eb967367885dfa217f50a6941f5c9c40.tar.gz gost-engine-36af4d82eb967367885dfa217f50a6941f5c9c40.tar.bz2 |
Merge branch 'master' of https://github.com/gost-engine/engine
-rw-r--r-- | .travis.yml | 6 | ||||
-rw-r--r-- | gost_ameth.c | 22 | ||||
-rw-r--r-- | gost_ec_keyx.c | 6 | ||||
-rw-r--r-- | gost_grasshopper_cipher.c | 1 | ||||
-rw-r--r-- | gost_omac_acpkm.c | 1 | ||||
-rw-r--r-- | gost_params.c | 20 | ||||
-rw-r--r-- | gost_pmeth.c | 1 |
7 files changed, 43 insertions, 14 deletions
diff --git a/.travis.yml b/.travis.yml index d769510..30ad2f3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,10 +30,12 @@ matrix: - env: ASAN=-DASAN=1 os: linux compiler: gcc + - env: RUN_COVERITY=1 COVERITY_SCAN_PROJECT_NAME="gost-engine" COVERITY_SCAN_BRANCH_PATTERN="*" COVERITY_SCAN_NOTIFICATION_EMAIL="beldmit@gmail.com" COVERITY_SCAN_BUILD_COMMAND="make" + os: linux + compiler: gcc - os: osx compiler: clang - before_script: - curl -L https://cpanmin.us | sudo perl - --sudo App::cpanminus - sudo cpanm --notest Test2::V0 > build.log 2>&1 || (cat build.log && exit 1) @@ -48,5 +50,5 @@ script: - mkdir build - cd build - cmake -DOPENSSL_ROOT_DIR=${PREFIX} -DOPENSSL_LIBRARIES=${PREFIX}/lib -DOPENSSL_ENGINES_DIR=${PREFIX}/engines ${ASAN} .. - - make + - if [ ! -z ${COVERITY_SCAN_TOKEN+x} -a "${RUN_COVERITY}" = "1" ]; then curl -s "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || true; else make; fi - make test CTEST_OUTPUT_ON_FAILURE=1 diff --git a/gost_ameth.c b/gost_ameth.c index b73f918..22631c0 100644 --- a/gost_ameth.c +++ b/gost_ameth.c @@ -424,16 +424,12 @@ static int priv_decode_gost(EVP_PKEY *pk, static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) { ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - ASN1_STRING *params = encode_gost_algor_params(pk); + ASN1_STRING *params = NULL; unsigned char *buf = NULL; int key_len = pkey_bits_gost(pk), i = 0; /* unmasked private key */ const char *pk_format = get_gost_engine_param(GOST_PARAM_PK_FORMAT); - if (!params) { - return 0; - } - key_len = (key_len < 0) ? 0 : key_len / 8; if (key_len == 0 || !(buf = OPENSSL_malloc(key_len))) { return 0; @@ -444,6 +440,12 @@ static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) return 0; } + params = encode_gost_algor_params(pk); + if (!params) { + OPENSSL_free(buf); + return 0; + } + /* Convert buf to Little-endian */ for (i = 0; i < key_len / 2; i++) { unsigned char tmp = buf[i]; @@ -455,9 +457,13 @@ static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) ASN1_STRING *octet = NULL; int priv_len = 0; unsigned char *priv_buf = NULL; - - octet = ASN1_STRING_new(); - ASN1_OCTET_STRING_set(octet, buf, key_len); + octet = ASN1_STRING_new(); + if (!octet || !ASN1_OCTET_STRING_set(octet, buf, key_len)) { + ASN1_STRING_free(octet); + ASN1_STRING_free(params); + OPENSSL_free(buf); + return 0; + } priv_len = i2d_ASN1_OCTET_STRING(octet, &priv_buf); ASN1_STRING_free(octet); OPENSSL_free(buf); diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index fa068ae..2053d0d 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -263,6 +263,8 @@ static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, return 0; } } + if (!param) + goto err; /* Check for private key in the peer_key of context */ if (sec_key) { key_is_ephemeral = 0; @@ -284,10 +286,6 @@ static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, } } } - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list; - } if (out) { int dgst_nid = NID_undef; EVP_PKEY_get_default_digest_nid(pubk, &dgst_nid); diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index ba353c2..9df7bbc 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -713,6 +713,7 @@ int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) os = ASN1_OCTET_STRING_new(); if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { + ASN1_OCTET_STRING_free(os); OPENSSL_free(buf); GOSTerr(GOST_F_GOST_GRASSHOPPER_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); diff --git a/gost_omac_acpkm.c b/gost_omac_acpkm.c index 793a6d3..c22524a 100644 --- a/gost_omac_acpkm.c +++ b/gost_omac_acpkm.c @@ -68,6 +68,7 @@ static CMAC_ACPKM_CTX *CMAC_ACPKM_CTX_new(void) } ctx->actx = EVP_CIPHER_CTX_new(); if (ctx->actx == NULL) { + EVP_CIPHER_CTX_free(ctx->cctx); OPENSSL_free(ctx); return NULL; } diff --git a/gost_params.c b/gost_params.c index b73d5a9..b5684b6 100644 --- a/gost_params.c +++ b/gost_params.c @@ -90,6 +90,26 @@ R3410_ec_params R3410_2001_paramset[] = { R3410_ec_params *R3410_2012_256_paramset = R3410_2001_paramset; R3410_ec_params R3410_2012_512_paramset[] = { + {NID_id_tc26_gost_3410_2012_512_paramSetTest, + /* a */ + "7", + /* b */ + "1CFF0806A31116DA29D8CFA54E57EB748BC5F377E49400FDD788B649ECA1AC43" + "61834013B2AD7322480A89CA58E0CF74BC9E540C2ADD6897FAD0A3084F302ADC", + /* p */ + "4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C09B5D2D15D" + "F1D852741AF4704A0458047E80E4546D35B8336FAC224DD81664BBF528BE6373", + /* q */ + "4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C09B5D2D15D" + "A82F2D7ECB1DBAC719905C5EECC423F1D86E25EDBE23C595D644AAF187E6E6DF", + /* x */ + "24D19CC64572EE30F396BF6EBBFD7A6C5213B3B3D7057CC825F91093A68CD762" + "FD60611262CD838DC6B60AA7EEE804E28BC849977FAC33B4B530F1B120248A9A", + /* y */ + "2BB312A43BD2CE6E0D020613C857ACDDCFBF061E91E5F2C3F32447C259F39B2C" + "83AB156D77F1496BF7EB3351E1EE4E43DC1A18B91B24640B6DBB92CB1ADD371E", + "1"} + , {NID_id_tc26_gost_3410_2012_512_paramSetA, /* a */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" diff --git a/gost_pmeth.c b/gost_pmeth.c index 41e53b6..b6f4543 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -351,6 +351,7 @@ static int pkey_gost2012_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) case NID_id_tc26_gost_3410_2012_512_paramSetA: case NID_id_tc26_gost_3410_2012_512_paramSetB: case NID_id_tc26_gost_3410_2012_512_paramSetC: + case NID_id_tc26_gost_3410_2012_512_paramSetTest: result = (EVP_PKEY_assign(pkey, NID_id_GostR3410_2012_512, ec)) ? 1 : 0; break; |