From: Dmitry Belyavskiy Date: Tue, 4 Sep 2018 14:02:57 +0000 (+0300) Subject: Let's wrap old and new key enncryption together X-Git-Tag: v3.0.0~356 X-Git-Url: http://www.wagner.pp.ru/gitweb/?a=commitdiff_plain;h=06eb03a547f646080830d2cd5572844e19909b97;p=openssl-gost%2Fengine.git Let's wrap old and new key enncryption together --- diff --git a/e_gost_err.c b/e_gost_err.c index 0bc0856..c93a434 100644 --- a/e_gost_err.c +++ b/e_gost_err.c @@ -53,6 +53,7 @@ static ERR_STRING_DATA GOST_str_functs[] = { {ERR_PACK(0, GOST_F_PKEY_GOST2018_DECRYPT, 0), "pkey_gost2018_decrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST2018_ENCRYPT, 0), "pkey_gost2018_encrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST_CTRL, 0), "pkey_gost_ctrl"}, + {ERR_PACK(0, GOST_F_PKEY_GOST_DECRYPT, 0), "pkey_gost_decrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST_ECCP_DECRYPT, 0), "pkey_GOST_ECcp_decrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST_ECCP_ENCRYPT, 0), "pkey_GOST_ECcp_encrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST_EC_CTRL_STR_256, 0), @@ -60,6 +61,7 @@ static ERR_STRING_DATA GOST_str_functs[] = { {ERR_PACK(0, GOST_F_PKEY_GOST_EC_CTRL_STR_512, 0), "pkey_gost_ec_ctrl_str_512"}, {ERR_PACK(0, GOST_F_PKEY_GOST_EC_DERIVE, 0), "pkey_gost_ec_derive"}, + {ERR_PACK(0, GOST_F_PKEY_GOST_ENCRYPT, 0), "pkey_gost_encrypt"}, {ERR_PACK(0, GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT, 0), "pkey_gost_grasshopper_mac_signctx_init"}, {ERR_PACK(0, GOST_F_PKEY_GOST_MAC_CTRL, 0), "pkey_gost_mac_ctrl"}, diff --git a/e_gost_err.h b/e_gost_err.h index 90c3b41..39b3da2 100644 --- a/e_gost_err.h +++ b/e_gost_err.h @@ -60,11 +60,13 @@ void ERR_GOST_error(int function, int reason, char *file, int line); # define GOST_F_PKEY_GOST2018_DECRYPT 150 # define GOST_F_PKEY_GOST2018_ENCRYPT 151 # define GOST_F_PKEY_GOST_CTRL 122 +# define GOST_F_PKEY_GOST_DECRYPT 153 # define GOST_F_PKEY_GOST_ECCP_DECRYPT 123 # define GOST_F_PKEY_GOST_ECCP_ENCRYPT 124 # define GOST_F_PKEY_GOST_EC_CTRL_STR_256 125 # define GOST_F_PKEY_GOST_EC_CTRL_STR_512 126 # define GOST_F_PKEY_GOST_EC_DERIVE 127 +# define GOST_F_PKEY_GOST_ENCRYPT 152 # define GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT 141 # define GOST_F_PKEY_GOST_MAC_CTRL 128 # define GOST_F_PKEY_GOST_MAC_CTRL_STR 129 diff --git a/gost.txt b/gost.txt index 540b755..a0cb8ab 100644 --- a/gost.txt +++ b/gost.txt @@ -40,11 +40,13 @@ GOST_F_PKEY_GOST2012_PARAMGEN:121:pkey_gost2012_paramgen GOST_F_PKEY_GOST2018_DECRYPT:150:pkey_gost2018_decrypt GOST_F_PKEY_GOST2018_ENCRYPT:151:pkey_gost2018_encrypt GOST_F_PKEY_GOST_CTRL:122:pkey_gost_ctrl +GOST_F_PKEY_GOST_DECRYPT:153:pkey_gost_decrypt GOST_F_PKEY_GOST_ECCP_DECRYPT:123:pkey_GOST_ECcp_decrypt GOST_F_PKEY_GOST_ECCP_ENCRYPT:124:pkey_GOST_ECcp_encrypt GOST_F_PKEY_GOST_EC_CTRL_STR_256:125:pkey_gost_ec_ctrl_str_256 GOST_F_PKEY_GOST_EC_CTRL_STR_512:126:pkey_gost_ec_ctrl_str_512 GOST_F_PKEY_GOST_EC_DERIVE:127:pkey_gost_ec_derive +GOST_F_PKEY_GOST_ENCRYPT:152:pkey_gost_encrypt GOST_F_PKEY_GOST_GRASSHOPPER_MAC_SIGNCTX_INIT:141:\ pkey_gost_grasshopper_mac_signctx_init GOST_F_PKEY_GOST_MAC_CTRL:128:pkey_gost_mac_ctrl diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 1e17f83..409d8e1 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -229,7 +229,7 @@ int pkey_gost_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) * Implementation of GOST2001/12 key transport, cryptopro variation */ -int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, +static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len, const unsigned char *key, size_t key_len) { @@ -346,7 +346,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, * EVP_PKEY_METHOD callback decrypt * Implementation of GOST2018 key transport */ -int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, +static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len, const unsigned char *key, size_t key_len) { @@ -435,11 +435,25 @@ int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, return ret; } +int pkey_gost_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, + size_t *out_len, const unsigned char *key, size_t key_len) +{ + struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); + if (data->shared_ukm == NULL || data->shared_ukm_size == 8) + return pkey_GOST_ECcp_encrypt(pctx, out, out_len, key, key_len); + else if (data->shared_ukm_size == 32) + return pkey_gost2018_encrypt(pctx, out, out_len, key, key_len); + else { + GOSTerr(GOST_F_PKEY_GOST_ENCRYPT, ERR_R_INTERNAL_ERROR); + return -1; + } +} + /* * EVP_PKEY_METHOD callback decrypt * Implementation of GOST2001/12 key transport, cryptopro variation */ -int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, +static int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len) { @@ -528,7 +542,7 @@ int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, * EVP_PKEY_METHOD callback decrypt * Implementation of GOST2018 key transport */ -int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, +static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len, const unsigned char *in, size_t in_len) { @@ -593,3 +607,17 @@ int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, PSKeyTransport_gost_free(pst); return ret; } + +int pkey_gost_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, + size_t *key_len, const unsigned char *in, size_t in_len) +{ + struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); + if (data->shared_ukm == NULL || data->shared_ukm_size == 8) + return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len); + else if (data->shared_ukm_size == 32) + return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len); + else { + GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR); + return -1; + } +} diff --git a/gost_lcl.h b/gost_lcl.h index 9b0fa1c..cc1672c 100644 --- a/gost_lcl.h +++ b/gost_lcl.h @@ -248,11 +248,11 @@ void inc_counter(unsigned char *buffer, size_t buf_len); # define EVP_MD_CTRL_MAC_LEN (EVP_MD_CTRL_ALG_CTRL+5) /* EVP_PKEY_METHOD key encryption callbacks */ /* From gost_ec_keyx.c */ -int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, +int pkey_gost_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *key, size_t key_len); -int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, +int pkey_gost_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t in_len); /* derive functions */ diff --git a/gost_pmeth.c b/gost_pmeth.c index ddbe143..00cda70 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -954,8 +954,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) EVP_PKEY_meth_set_encrypt(*pmeth, pkey_gost_encrypt_init, - pkey_GOST_ECcp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt); + pkey_gost_encrypt); + EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt); EVP_PKEY_meth_set_derive(*pmeth, pkey_gost_derive_init, pkey_gost_ec_derive); EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, @@ -971,8 +971,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) EVP_PKEY_meth_set_encrypt(*pmeth, pkey_gost_encrypt_init, - pkey_GOST_ECcp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt); + pkey_gost_encrypt); + EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt); EVP_PKEY_meth_set_derive(*pmeth, pkey_gost_derive_init, pkey_gost_ec_derive); EVP_PKEY_meth_set_paramgen(*pmeth, @@ -989,8 +989,8 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) EVP_PKEY_meth_set_encrypt(*pmeth, pkey_gost_encrypt_init, - pkey_GOST_ECcp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST_ECcp_decrypt); + pkey_gost_encrypt); + EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_gost_decrypt); EVP_PKEY_meth_set_derive(*pmeth, pkey_gost_derive_init, pkey_gost_ec_derive); EVP_PKEY_meth_set_paramgen(*pmeth,