blob: 0749104e26fbe8c7941570efcd950a6a0202833b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# GOST provider
The GOST provider is currently built in parallell with the GOST
engine, and is implemented like a wrapper around the engine code.
## Currently implemented
Symmetric ciphers:
- gost89
- gost89-cnt
- gost89-cnt-12
- gost89-cbc
- kuznyechik-ecb
- kuznyechik-cbc
- kuznyechik-cfb
- kuznyechik-ofb
- kuznyechik-ctr
- magma-cbc
- magma-ctr
- magma-ctr-acpkm
- magma-ctr-acpkm-omac
- kuznyechik-ctr-acpkm
- kuznyechik-ctr-acpkm-omac
Hashes:
- id-tc26-gost3411-12-256 (md_gost12_256)
- id-tc26-gost3411-12-512 (md_gost12_512)
- id-GostR3411-94 (md_gost94)
MACs:
- gost-mac
- gost-mac-12
- magma-mac
- kuznyechik-mac
- kuznyechik-ctr-acpkm-omac
## TODO, not requiring additional OpenSSL support
- Basic support for GOST keys, i.e. implementations of KEYMGMT
(including key generation), DECODER and DECODER.
- Support for these operations using GOST keys:
- ASYM_CIPHER (encryption and decryption using GOST keys)
- SIGNATURE (signing and verifying using GOST keys)
## TODO, which requires additional OpenSSL support
- TLSTREE support. This may require additional changes in libssl.
Needs investigation.
- PKCS7 and CMS support. This requires OpenSSL PKCS7 and CMS code
to change for better interfacing with providers.
## TODO, far future
- Refactor the code into being just a provider. This is to be done
when engines aren't supported any more.
|
