From: Dmitry Belyavskiy Date: Wed, 20 Jun 2018 18:31:03 +0000 (+0300) Subject: Adjust patches (closing #58) X-Git-Url: http://www.wagner.pp.ru/gitweb/?a=commitdiff_plain;h=5d278740dd936d961e745cd37d7a60aa4a7659ac;p=openssl-gost%2Fengine.git Adjust patches (closing #58) --- diff --git a/patches/1.0.2/1.oids.diff b/patches/1.0.2/1.oids.diff new file mode 100644 index 0000000..2fd4e46 --- /dev/null +++ b/patches/1.0.2/1.oids.diff @@ -0,0 +1,769 @@ +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index b7e3cf280e..641cd8e9d2 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,12 +62,12 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 958 +-#define NUM_SN 951 +-#define NUM_LN 951 +-#define NUM_OBJ 890 ++#define NUM_NID 1000 ++#define NUM_SN 993 ++#define NUM_LN 993 ++#define NUM_OBJ 921 + +-static const unsigned char lvalues[6255]={ ++static const unsigned char lvalues[6485]={ + 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ +@@ -952,6 +952,37 @@ static const unsigned char lvalues[6255]={ + 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x01,/* [6221] OBJ_jurisdictionLocalityName */ + 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x02,/* [6232] OBJ_jurisdictionStateOrProvinceName */ + 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x03,/* [6243] OBJ_jurisdictionCountryName */ ++0x2A,0x85,0x03,0x07,0x01, /* [6254] OBJ_id_tc26 */ ++0x2A,0x85,0x03,0x07,0x01,0x01, /* [6259] OBJ_id_tc26_algorithms */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x01, /* [6265] OBJ_id_tc26_sign */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x01, /* [6272] OBJ_id_GostR3410_2012_256 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x02, /* [6280] OBJ_id_GostR3410_2012_512 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x02, /* [6288] OBJ_id_tc26_digest */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x02, /* [6295] OBJ_id_GostR3411_2012_256 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x03, /* [6303] OBJ_id_GostR3411_2012_512 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x03, /* [6311] OBJ_id_tc26_signwithdigest */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x02, /* [6318] OBJ_id_tc26_signwithdigest_gost3410_2012_256 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x03, /* [6326] OBJ_id_tc26_signwithdigest_gost3410_2012_512 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x04, /* [6334] OBJ_id_tc26_mac */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x01, /* [6341] OBJ_id_tc26_hmac_gost_3411_2012_256 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x02, /* [6349] OBJ_id_tc26_hmac_gost_3411_2012_512 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x05, /* [6357] OBJ_id_tc26_cipher */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x06, /* [6364] OBJ_id_tc26_agreement */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x01, /* [6371] OBJ_id_tc26_agreement_gost_3410_2012_256 */ ++0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x02, /* [6379] OBJ_id_tc26_agreement_gost_3410_2012_512 */ ++0x2A,0x85,0x03,0x07,0x01,0x02, /* [6387] OBJ_id_tc26_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x01, /* [6393] OBJ_id_tc26_sign_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02, /* [6400] OBJ_id_tc26_gost_3410_2012_512_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x00,/* [6408] OBJ_id_tc26_gost_3410_2012_512_paramSetTest */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x01,/* [6417] OBJ_id_tc26_gost_3410_2012_512_paramSetA */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x02,/* [6426] OBJ_id_tc26_gost_3410_2012_512_paramSetB */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x02, /* [6435] OBJ_id_tc26_digest_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x05, /* [6442] OBJ_id_tc26_cipher_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x05,0x01, /* [6449] OBJ_id_tc26_gost_28147_constants */ ++0x2A,0x85,0x03,0x07,0x01,0x02,0x05,0x01,0x01,/* [6457] OBJ_id_tc26_gost_28147_param_Z */ ++0x2A,0x85,0x03,0x03,0x81,0x03,0x01,0x01, /* [6466] OBJ_INN */ ++0x2A,0x85,0x03,0x64,0x01, /* [6474] OBJ_OGRN */ ++0x2A,0x85,0x03,0x64,0x03, /* [6479] OBJ_SNILS */ + }; + + static const ASN1_OBJECT nid_objs[NUM_NID]={ +@@ -2514,6 +2545,81 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + NID_jurisdictionStateOrProvinceName,11,&(lvalues[6232]),0}, + {"jurisdictionC","jurisdictionCountryName", + NID_jurisdictionCountryName,11,&(lvalues[6243]),0}, ++{"id-tc26","id-tc26",NID_id_tc26,5,&(lvalues[6254]),0}, ++{"gost89-cnt-12","gost89-cnt-12",NID_gost89_cnt_12,0,NULL,0}, ++{"gost-mac-12","gost-mac-12",NID_gost_mac_12,0,NULL,0}, ++{"id-tc26-algorithms","id-tc26-algorithms",NID_id_tc26_algorithms,6, ++ &(lvalues[6259]),0}, ++{"id-tc26-sign","id-tc26-sign",NID_id_tc26_sign,7,&(lvalues[6265]),0}, ++{"gost2012_256","GOST R 34.10-2012 with 256 bit modulus", ++ NID_id_GostR3410_2012_256,8,&(lvalues[6272]),0}, ++{"gost2012_512","GOST R 34.10-2012 with 512 bit modulus", ++ NID_id_GostR3410_2012_512,8,&(lvalues[6280]),0}, ++{"id-tc26-digest","id-tc26-digest",NID_id_tc26_digest,7, ++ &(lvalues[6288]),0}, ++{"md_gost12_256","GOST R 34.11-2012 with 256 bit hash", ++ NID_id_GostR3411_2012_256,8,&(lvalues[6295]),0}, ++{"md_gost12_512","GOST R 34.11-2012 with 512 bit hash", ++ NID_id_GostR3411_2012_512,8,&(lvalues[6303]),0}, ++{"id-tc26-signwithdigest","id-tc26-signwithdigest", ++ NID_id_tc26_signwithdigest,7,&(lvalues[6311]),0}, ++{"id-tc26-signwithdigest-gost3410-2012-256", ++ "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)", ++ NID_id_tc26_signwithdigest_gost3410_2012_256,8,&(lvalues[6318]),0}, ++{"id-tc26-signwithdigest-gost3410-2012-512", ++ "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)", ++ NID_id_tc26_signwithdigest_gost3410_2012_512,8,&(lvalues[6326]),0}, ++{"id-tc26-mac","id-tc26-mac",NID_id_tc26_mac,7,&(lvalues[6334]),0}, ++{"id-tc26-hmac-gost-3411-2012-256","HMAC GOST 34.11-2012 256 bit", ++ NID_id_tc26_hmac_gost_3411_2012_256,8,&(lvalues[6341]),0}, ++{"id-tc26-hmac-gost-3411-2012-512","HMAC GOST 34.11-2012 512 bit", ++ NID_id_tc26_hmac_gost_3411_2012_512,8,&(lvalues[6349]),0}, ++{"id-tc26-cipher","id-tc26-cipher",NID_id_tc26_cipher,7, ++ &(lvalues[6357]),0}, ++{"id-tc26-agreement","id-tc26-agreement",NID_id_tc26_agreement,7, ++ &(lvalues[6364]),0}, ++{"id-tc26-agreement-gost-3410-2012-256", ++ "id-tc26-agreement-gost-3410-2012-256", ++ NID_id_tc26_agreement_gost_3410_2012_256,8,&(lvalues[6371]),0}, ++{"id-tc26-agreement-gost-3410-2012-512", ++ "id-tc26-agreement-gost-3410-2012-512", ++ NID_id_tc26_agreement_gost_3410_2012_512,8,&(lvalues[6379]),0}, ++{"id-tc26-constants","id-tc26-constants",NID_id_tc26_constants,6, ++ &(lvalues[6387]),0}, ++{"id-tc26-sign-constants","id-tc26-sign-constants", ++ NID_id_tc26_sign_constants,7,&(lvalues[6393]),0}, ++{"id-tc26-gost-3410-2012-512-constants", ++ "id-tc26-gost-3410-2012-512-constants", ++ NID_id_tc26_gost_3410_2012_512_constants,8,&(lvalues[6400]),0}, ++{"id-tc26-gost-3410-2012-512-paramSetTest", ++ "GOST R 34.10-2012 (512 bit) testing parameter set", ++ NID_id_tc26_gost_3410_2012_512_paramSetTest,9,&(lvalues[6408]),0}, ++{"id-tc26-gost-3410-2012-512-paramSetA", ++ "GOST R 34.10-2012 (512 bit) ParamSet A", ++ NID_id_tc26_gost_3410_2012_512_paramSetA,9,&(lvalues[6417]),0}, ++{"id-tc26-gost-3410-2012-512-paramSetB", ++ "GOST R 34.10-2012 (512 bit) ParamSet B", ++ NID_id_tc26_gost_3410_2012_512_paramSetB,9,&(lvalues[6426]),0}, ++{"id-tc26-digest-constants","id-tc26-digest-constants", ++ NID_id_tc26_digest_constants,7,&(lvalues[6435]),0}, ++{"id-tc26-cipher-constants","id-tc26-cipher-constants", ++ NID_id_tc26_cipher_constants,7,&(lvalues[6442]),0}, ++{"id-tc26-gost-28147-constants","id-tc26-gost-28147-constants", ++ NID_id_tc26_gost_28147_constants,8,&(lvalues[6449]),0}, ++{"id-tc26-gost-28147-param-Z","GOST 28147-89 TC26 parameter set", ++ NID_id_tc26_gost_28147_param_Z,9,&(lvalues[6457]),0}, ++{"INN","INN",NID_INN,8,&(lvalues[6466]),0}, ++{"OGRN","OGRN",NID_OGRN,5,&(lvalues[6474]),0}, ++{"SNILS","SNILS",NID_SNILS,5,&(lvalues[6479]),0}, ++{"gost89-cbc","gost89-cbc",NID_gost89_cbc,0,NULL,0}, ++{"gost89-ecb","gost89-ecb",NID_gost89_ecb,0,NULL,0}, ++{"gost89-ctr","gost89-ctr",NID_gost89_ctr,0,NULL,0}, ++{"grasshopper-ecb","grasshopper-ecb",NID_grasshopper_ecb,0,NULL,0}, ++{"grasshopper-ctr","grasshopper-ctr",NID_grasshopper_ctr,0,NULL,0}, ++{"grasshopper-ofb","grasshopper-ofb",NID_grasshopper_ofb,0,NULL,0}, ++{"grasshopper-cbc","grasshopper-cbc",NID_grasshopper_cbc,0,NULL,0}, ++{"grasshopper-cfb","grasshopper-cfb",NID_grasshopper_cfb,0,NULL,0}, ++{"grasshopper-mac","grasshopper-mac",NID_grasshopper_mac,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2614,6 +2720,7 @@ static const unsigned int sn_objs[NUM_SN]={ + 35, /* "IDEA-CFB" */ + 36, /* "IDEA-ECB" */ + 46, /* "IDEA-OFB" */ ++988, /* "INN" */ + 181, /* "ISO" */ + 183, /* "ISO-US" */ + 645, /* "ITU-T" */ +@@ -2635,6 +2742,7 @@ static const unsigned int sn_objs[NUM_SN]={ + 17, /* "O" */ + 178, /* "OCSP" */ + 180, /* "OCSPSigning" */ ++989, /* "OGRN" */ + 379, /* "ORG" */ + 18, /* "OU" */ + 749, /* "Oakley-EC2N-3" */ +@@ -2700,6 +2808,7 @@ static const unsigned int sn_objs[NUM_SN]={ + 188, /* "SMIME" */ + 167, /* "SMIME-CAPS" */ + 100, /* "SN" */ ++990, /* "SNILS" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ + 458, /* "UID" */ +@@ -2858,12 +2967,25 @@ static const unsigned int sn_objs[NUM_SN]={ + 156, /* "friendlyName" */ + 509, /* "generationQualifier" */ + 815, /* "gost-mac" */ ++960, /* "gost-mac-12" */ + 811, /* "gost2001" */ + 851, /* "gost2001cc" */ ++963, /* "gost2012_256" */ ++964, /* "gost2012_512" */ + 813, /* "gost89" */ ++991, /* "gost89-cbc" */ + 814, /* "gost89-cnt" */ ++959, /* "gost89-cnt-12" */ ++993, /* "gost89-ctr" */ ++992, /* "gost89-ecb" */ + 812, /* "gost94" */ + 850, /* "gost94cc" */ ++997, /* "grasshopper-cbc" */ ++998, /* "grasshopper-cfb" */ ++995, /* "grasshopper-ctr" */ ++994, /* "grasshopper-ecb" */ ++999, /* "grasshopper-mac" */ ++996, /* "grasshopper-ofb" */ + 797, /* "hmacWithMD5" */ + 163, /* "hmacWithSHA1" */ + 798, /* "hmacWithSHA224" */ +@@ -3115,6 +3237,30 @@ static const unsigned int sn_objs[NUM_SN]={ + 194, /* "id-smime-spq" */ + 250, /* "id-smime-spq-ets-sqt-unotice" */ + 249, /* "id-smime-spq-ets-sqt-uri" */ ++958, /* "id-tc26" */ ++975, /* "id-tc26-agreement" */ ++976, /* "id-tc26-agreement-gost-3410-2012-256" */ ++977, /* "id-tc26-agreement-gost-3410-2012-512" */ ++961, /* "id-tc26-algorithms" */ ++974, /* "id-tc26-cipher" */ ++985, /* "id-tc26-cipher-constants" */ ++978, /* "id-tc26-constants" */ ++965, /* "id-tc26-digest" */ ++984, /* "id-tc26-digest-constants" */ ++986, /* "id-tc26-gost-28147-constants" */ ++987, /* "id-tc26-gost-28147-param-Z" */ ++980, /* "id-tc26-gost-3410-2012-512-constants" */ ++982, /* "id-tc26-gost-3410-2012-512-paramSetA" */ ++983, /* "id-tc26-gost-3410-2012-512-paramSetB" */ ++981, /* "id-tc26-gost-3410-2012-512-paramSetTest" */ ++972, /* "id-tc26-hmac-gost-3411-2012-256" */ ++973, /* "id-tc26-hmac-gost-3411-2012-512" */ ++971, /* "id-tc26-mac" */ ++962, /* "id-tc26-sign" */ ++979, /* "id-tc26-sign-constants" */ ++968, /* "id-tc26-signwithdigest" */ ++969, /* "id-tc26-signwithdigest-gost3410-2012-256" */ ++970, /* "id-tc26-signwithdigest-gost3410-2012-512" */ + 676, /* "identified-organization" */ + 461, /* "info" */ + 748, /* "inhibitAnyPolicy" */ +@@ -3140,6 +3286,8 @@ static const unsigned int sn_objs[NUM_SN]={ + 460, /* "mail" */ + 493, /* "mailPreferenceOption" */ + 467, /* "manager" */ ++966, /* "md_gost12_256" */ ++967, /* "md_gost12_512" */ + 809, /* "md_gost94" */ + 875, /* "member" */ + 182, /* "member-body" */ +@@ -3497,12 +3645,22 @@ static const unsigned int ln_objs[NUM_LN]={ + 813, /* "GOST 28147-89" */ + 849, /* "GOST 28147-89 Cryptocom ParamSet" */ + 815, /* "GOST 28147-89 MAC" */ ++987, /* "GOST 28147-89 TC26 parameter set" */ + 851, /* "GOST 34.10-2001 Cryptocom" */ + 850, /* "GOST 34.10-94 Cryptocom" */ + 811, /* "GOST R 34.10-2001" */ + 817, /* "GOST R 34.10-2001 DH" */ ++982, /* "GOST R 34.10-2012 (512 bit) ParamSet A" */ ++983, /* "GOST R 34.10-2012 (512 bit) ParamSet B" */ ++981, /* "GOST R 34.10-2012 (512 bit) testing parameter set" */ ++963, /* "GOST R 34.10-2012 with 256 bit modulus" */ ++964, /* "GOST R 34.10-2012 with 512 bit modulus" */ ++969, /* "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)" */ ++970, /* "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)" */ + 812, /* "GOST R 34.10-94" */ + 818, /* "GOST R 34.10-94 DH" */ ++966, /* "GOST R 34.11-2012 with 256 bit hash" */ ++967, /* "GOST R 34.11-2012 with 512 bit hash" */ + 809, /* "GOST R 34.11-94" */ + 816, /* "GOST R 34.11-94 PRF" */ + 807, /* "GOST R 34.11-94 with GOST R 34.10-2001" */ +@@ -3510,12 +3668,15 @@ static const unsigned int ln_objs[NUM_LN]={ + 808, /* "GOST R 34.11-94 with GOST R 34.10-94" */ + 852, /* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */ + 854, /* "GOST R 3410-2001 Parameter Set Cryptocom" */ ++972, /* "HMAC GOST 34.11-2012 256 bit" */ ++973, /* "HMAC GOST 34.11-2012 512 bit" */ + 810, /* "HMAC GOST 34.11-94" */ + 432, /* "Hold Instruction Call Issuer" */ + 430, /* "Hold Instruction Code" */ + 431, /* "Hold Instruction None" */ + 433, /* "Hold Instruction Reject" */ + 634, /* "ICC or token signature" */ ++988, /* "INN" */ + 294, /* "IPSec End System" */ + 295, /* "IPSec Tunnel" */ + 296, /* "IPSec User" */ +@@ -3560,6 +3721,7 @@ static const unsigned int ln_objs[NUM_LN]={ + 366, /* "OCSP Nonce" */ + 371, /* "OCSP Service Locator" */ + 180, /* "OCSP Signing" */ ++989, /* "OGRN" */ + 161, /* "PBES2" */ + 69, /* "PBKDF2" */ + 162, /* "PBMAC1" */ +@@ -3573,6 +3735,7 @@ static const unsigned int ln_objs[NUM_LN]={ + 2, /* "RSA Data Security, Inc. PKCS" */ + 188, /* "S/MIME" */ + 167, /* "S/MIME Capabilities" */ ++990, /* "SNILS" */ + 387, /* "SNMPv2" */ + 512, /* "Secure Electronic Transactions" */ + 386, /* "Security" */ +@@ -3825,7 +3988,18 @@ static const unsigned int ln_objs[NUM_LN]={ + 509, /* "generationQualifier" */ + 601, /* "generic cryptogram" */ + 99, /* "givenName" */ ++960, /* "gost-mac-12" */ ++991, /* "gost89-cbc" */ + 814, /* "gost89-cnt" */ ++959, /* "gost89-cnt-12" */ ++993, /* "gost89-ctr" */ ++992, /* "gost89-ecb" */ ++997, /* "grasshopper-cbc" */ ++998, /* "grasshopper-cfb" */ ++995, /* "grasshopper-ctr" */ ++994, /* "grasshopper-ecb" */ ++999, /* "grasshopper-mac" */ ++996, /* "grasshopper-ofb" */ + 855, /* "hmac" */ + 780, /* "hmac-md5" */ + 781, /* "hmac-sha1" */ +@@ -4053,6 +4227,22 @@ static const unsigned int ln_objs[NUM_LN]={ + 194, /* "id-smime-spq" */ + 250, /* "id-smime-spq-ets-sqt-unotice" */ + 249, /* "id-smime-spq-ets-sqt-uri" */ ++958, /* "id-tc26" */ ++975, /* "id-tc26-agreement" */ ++976, /* "id-tc26-agreement-gost-3410-2012-256" */ ++977, /* "id-tc26-agreement-gost-3410-2012-512" */ ++961, /* "id-tc26-algorithms" */ ++974, /* "id-tc26-cipher" */ ++985, /* "id-tc26-cipher-constants" */ ++978, /* "id-tc26-constants" */ ++965, /* "id-tc26-digest" */ ++984, /* "id-tc26-digest-constants" */ ++986, /* "id-tc26-gost-28147-constants" */ ++980, /* "id-tc26-gost-3410-2012-512-constants" */ ++971, /* "id-tc26-mac" */ ++962, /* "id-tc26-sign" */ ++979, /* "id-tc26-sign-constants" */ ++968, /* "id-tc26-signwithdigest" */ + 34, /* "idea-cbc" */ + 35, /* "idea-cfb" */ + 36, /* "idea-ecb" */ +@@ -4661,6 +4851,9 @@ static const unsigned int obj_objs[NUM_OBJ]={ + 639, /* OBJ_set_brand_JCB 2 23 42 8 35 */ + 805, /* OBJ_cryptopro 1 2 643 2 2 */ + 806, /* OBJ_cryptocom 1 2 643 2 9 */ ++958, /* OBJ_id_tc26 1 2 643 7 1 */ ++989, /* OBJ_OGRN 1 2 643 100 1 */ ++990, /* OBJ_SNILS 1 2 643 100 3 */ + 184, /* OBJ_X9_57 1 2 840 10040 */ + 405, /* OBJ_ansi_X9_62 1 2 840 10045 */ + 389, /* OBJ_Enterprises 1 3 6 1 4 1 */ +@@ -4745,6 +4938,8 @@ static const unsigned int obj_objs[NUM_OBJ]={ + 816, /* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */ + 817, /* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */ + 818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */ ++961, /* OBJ_id_tc26_algorithms 1 2 643 7 1 1 */ ++978, /* OBJ_id_tc26_constants 1 2 643 7 1 2 */ + 1, /* OBJ_rsadsi 1 2 840 113549 */ + 185, /* OBJ_X9cm 1 2 840 10040 4 */ + 127, /* OBJ_id_pkix 1 3 6 1 5 5 7 */ +@@ -4795,6 +4990,15 @@ static const unsigned int obj_objs[NUM_OBJ]={ + 842, /* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */ + 843, /* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */ + 844, /* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */ ++962, /* OBJ_id_tc26_sign 1 2 643 7 1 1 1 */ ++965, /* OBJ_id_tc26_digest 1 2 643 7 1 1 2 */ ++968, /* OBJ_id_tc26_signwithdigest 1 2 643 7 1 1 3 */ ++971, /* OBJ_id_tc26_mac 1 2 643 7 1 1 4 */ ++974, /* OBJ_id_tc26_cipher 1 2 643 7 1 1 5 */ ++975, /* OBJ_id_tc26_agreement 1 2 643 7 1 1 6 */ ++979, /* OBJ_id_tc26_sign_constants 1 2 643 7 1 2 1 */ ++984, /* OBJ_id_tc26_digest_constants 1 2 643 7 1 2 2 */ ++985, /* OBJ_id_tc26_cipher_constants 1 2 643 7 1 2 5 */ + 2, /* OBJ_pkcs 1 2 840 113549 1 */ + 431, /* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ + 432, /* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */ +@@ -4846,6 +5050,19 @@ static const unsigned int obj_objs[NUM_OBJ]={ + 851, /* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */ + 849, /* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */ + 854, /* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */ ++988, /* OBJ_INN 1 2 643 3 131 1 1 */ ++963, /* OBJ_id_GostR3410_2012_256 1 2 643 7 1 1 1 1 */ ++964, /* OBJ_id_GostR3410_2012_512 1 2 643 7 1 1 1 2 */ ++966, /* OBJ_id_GostR3411_2012_256 1 2 643 7 1 1 2 2 */ ++967, /* OBJ_id_GostR3411_2012_512 1 2 643 7 1 1 2 3 */ ++969, /* OBJ_id_tc26_signwithdigest_gost3410_2012_256 1 2 643 7 1 1 3 2 */ ++970, /* OBJ_id_tc26_signwithdigest_gost3410_2012_512 1 2 643 7 1 1 3 3 */ ++972, /* OBJ_id_tc26_hmac_gost_3411_2012_256 1 2 643 7 1 1 4 1 */ ++973, /* OBJ_id_tc26_hmac_gost_3411_2012_512 1 2 643 7 1 1 4 2 */ ++976, /* OBJ_id_tc26_agreement_gost_3410_2012_256 1 2 643 7 1 1 6 1 */ ++977, /* OBJ_id_tc26_agreement_gost_3410_2012_512 1 2 643 7 1 1 6 2 */ ++980, /* OBJ_id_tc26_gost_3410_2012_512_constants 1 2 643 7 1 2 1 2 */ ++986, /* OBJ_id_tc26_gost_28147_constants 1 2 643 7 1 2 5 1 */ + 186, /* OBJ_pkcs1 1 2 840 113549 1 1 */ + 27, /* OBJ_pkcs3 1 2 840 113549 1 3 */ + 187, /* OBJ_pkcs5 1 2 840 113549 1 5 */ +@@ -5013,6 +5230,10 @@ static const unsigned int obj_objs[NUM_OBJ]={ + 439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */ + 440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */ + 441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ ++981, /* OBJ_id_tc26_gost_3410_2012_512_paramSetTest 1 2 643 7 1 2 1 2 0 */ ++982, /* OBJ_id_tc26_gost_3410_2012_512_paramSetA 1 2 643 7 1 2 1 2 1 */ ++983, /* OBJ_id_tc26_gost_3410_2012_512_paramSetB 1 2 643 7 1 2 1 2 2 */ ++987, /* OBJ_id_tc26_gost_28147_param_Z 1 2 643 7 1 2 5 1 1 */ + 108, /* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */ + 112, /* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */ + 782, /* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index 779c309b86..430e14a244 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -3678,6 +3678,10 @@ + #define NID_cryptocom 806 + #define OBJ_cryptocom OBJ_member_body,643L,2L,9L + ++#define SN_id_tc26 "id-tc26" ++#define NID_id_tc26 958 ++#define OBJ_id_tc26 OBJ_member_body,643L,7L,1L ++ + #define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001" + #define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001" + #define NID_id_GostR3411_94_with_GostR3410_2001 807 +@@ -3716,11 +3720,26 @@ + #define SN_gost89_cnt "gost89-cnt" + #define NID_gost89_cnt 814 + ++#define SN_gost89_cnt_12 "gost89-cnt-12" ++#define NID_gost89_cnt_12 959 ++ ++#define SN_gost89_cbc "gost89-cbc" ++#define NID_gost89_cbc 991 ++ ++#define SN_gost89_ecb "gost89-ecb" ++#define NID_gost89_ecb 992 ++ ++#define SN_gost89_ctr "gost89-ctr" ++#define NID_gost89_ctr 993 ++ + #define SN_id_Gost28147_89_MAC "gost-mac" + #define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" + #define NID_id_Gost28147_89_MAC 815 + #define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L + ++#define SN_gost_mac_12 "gost-mac-12" ++#define NID_gost_mac_12 960 ++ + #define SN_id_GostR3411_94_prf "prf-gostr3411-94" + #define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" + #define NID_id_GostR3411_94_prf 816 +@@ -3886,6 +3905,159 @@ + #define NID_id_GostR3410_2001_ParamSet_cc 854 + #define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L + ++#define SN_id_tc26_algorithms "id-tc26-algorithms" ++#define NID_id_tc26_algorithms 961 ++#define OBJ_id_tc26_algorithms OBJ_id_tc26,1L ++ ++#define SN_id_tc26_sign "id-tc26-sign" ++#define NID_id_tc26_sign 962 ++#define OBJ_id_tc26_sign OBJ_id_tc26_algorithms,1L ++ ++#define SN_id_GostR3410_2012_256 "gost2012_256" ++#define LN_id_GostR3410_2012_256 "GOST R 34.10-2012 with 256 bit modulus" ++#define NID_id_GostR3410_2012_256 963 ++#define OBJ_id_GostR3410_2012_256 OBJ_id_tc26_sign,1L ++ ++#define SN_id_GostR3410_2012_512 "gost2012_512" ++#define LN_id_GostR3410_2012_512 "GOST R 34.10-2012 with 512 bit modulus" ++#define NID_id_GostR3410_2012_512 964 ++#define OBJ_id_GostR3410_2012_512 OBJ_id_tc26_sign,2L ++ ++#define SN_id_tc26_digest "id-tc26-digest" ++#define NID_id_tc26_digest 965 ++#define OBJ_id_tc26_digest OBJ_id_tc26_algorithms,2L ++ ++#define SN_id_GostR3411_2012_256 "md_gost12_256" ++#define LN_id_GostR3411_2012_256 "GOST R 34.11-2012 with 256 bit hash" ++#define NID_id_GostR3411_2012_256 966 ++#define OBJ_id_GostR3411_2012_256 OBJ_id_tc26_digest,2L ++ ++#define SN_id_GostR3411_2012_512 "md_gost12_512" ++#define LN_id_GostR3411_2012_512 "GOST R 34.11-2012 with 512 bit hash" ++#define NID_id_GostR3411_2012_512 967 ++#define OBJ_id_GostR3411_2012_512 OBJ_id_tc26_digest,3L ++ ++#define SN_id_tc26_signwithdigest "id-tc26-signwithdigest" ++#define NID_id_tc26_signwithdigest 968 ++#define OBJ_id_tc26_signwithdigest OBJ_id_tc26_algorithms,3L ++ ++#define SN_id_tc26_signwithdigest_gost3410_2012_256 "id-tc26-signwithdigest-gost3410-2012-256" ++#define LN_id_tc26_signwithdigest_gost3410_2012_256 "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)" ++#define NID_id_tc26_signwithdigest_gost3410_2012_256 969 ++#define OBJ_id_tc26_signwithdigest_gost3410_2012_256 OBJ_id_tc26_signwithdigest,2L ++ ++#define SN_id_tc26_signwithdigest_gost3410_2012_512 "id-tc26-signwithdigest-gost3410-2012-512" ++#define LN_id_tc26_signwithdigest_gost3410_2012_512 "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)" ++#define NID_id_tc26_signwithdigest_gost3410_2012_512 970 ++#define OBJ_id_tc26_signwithdigest_gost3410_2012_512 OBJ_id_tc26_signwithdigest,3L ++ ++#define SN_id_tc26_mac "id-tc26-mac" ++#define NID_id_tc26_mac 971 ++#define OBJ_id_tc26_mac OBJ_id_tc26_algorithms,4L ++ ++#define SN_id_tc26_hmac_gost_3411_2012_256 "id-tc26-hmac-gost-3411-2012-256" ++#define LN_id_tc26_hmac_gost_3411_2012_256 "HMAC GOST 34.11-2012 256 bit" ++#define NID_id_tc26_hmac_gost_3411_2012_256 972 ++#define OBJ_id_tc26_hmac_gost_3411_2012_256 OBJ_id_tc26_mac,1L ++ ++#define SN_id_tc26_hmac_gost_3411_2012_512 "id-tc26-hmac-gost-3411-2012-512" ++#define LN_id_tc26_hmac_gost_3411_2012_512 "HMAC GOST 34.11-2012 512 bit" ++#define NID_id_tc26_hmac_gost_3411_2012_512 973 ++#define OBJ_id_tc26_hmac_gost_3411_2012_512 OBJ_id_tc26_mac,2L ++ ++#define SN_id_tc26_cipher "id-tc26-cipher" ++#define NID_id_tc26_cipher 974 ++#define OBJ_id_tc26_cipher OBJ_id_tc26_algorithms,5L ++ ++#define SN_id_tc26_agreement "id-tc26-agreement" ++#define NID_id_tc26_agreement 975 ++#define OBJ_id_tc26_agreement OBJ_id_tc26_algorithms,6L ++ ++#define SN_id_tc26_agreement_gost_3410_2012_256 "id-tc26-agreement-gost-3410-2012-256" ++#define NID_id_tc26_agreement_gost_3410_2012_256 976 ++#define OBJ_id_tc26_agreement_gost_3410_2012_256 OBJ_id_tc26_agreement,1L ++ ++#define SN_id_tc26_agreement_gost_3410_2012_512 "id-tc26-agreement-gost-3410-2012-512" ++#define NID_id_tc26_agreement_gost_3410_2012_512 977 ++#define OBJ_id_tc26_agreement_gost_3410_2012_512 OBJ_id_tc26_agreement,2L ++ ++#define SN_id_tc26_constants "id-tc26-constants" ++#define NID_id_tc26_constants 978 ++#define OBJ_id_tc26_constants OBJ_id_tc26,2L ++ ++#define SN_id_tc26_sign_constants "id-tc26-sign-constants" ++#define NID_id_tc26_sign_constants 979 ++#define OBJ_id_tc26_sign_constants OBJ_id_tc26_constants,1L ++ ++#define SN_id_tc26_gost_3410_2012_512_constants "id-tc26-gost-3410-2012-512-constants" ++#define NID_id_tc26_gost_3410_2012_512_constants 980 ++#define OBJ_id_tc26_gost_3410_2012_512_constants OBJ_id_tc26_sign_constants,2L ++ ++#define SN_id_tc26_gost_3410_2012_512_paramSetTest "id-tc26-gost-3410-2012-512-paramSetTest" ++#define LN_id_tc26_gost_3410_2012_512_paramSetTest "GOST R 34.10-2012 (512 bit) testing parameter set" ++#define NID_id_tc26_gost_3410_2012_512_paramSetTest 981 ++#define OBJ_id_tc26_gost_3410_2012_512_paramSetTest OBJ_id_tc26_gost_3410_2012_512_constants,0L ++ ++#define SN_id_tc26_gost_3410_2012_512_paramSetA "id-tc26-gost-3410-2012-512-paramSetA" ++#define LN_id_tc26_gost_3410_2012_512_paramSetA "GOST R 34.10-2012 (512 bit) ParamSet A" ++#define NID_id_tc26_gost_3410_2012_512_paramSetA 982 ++#define OBJ_id_tc26_gost_3410_2012_512_paramSetA OBJ_id_tc26_gost_3410_2012_512_constants,1L ++ ++#define SN_id_tc26_gost_3410_2012_512_paramSetB "id-tc26-gost-3410-2012-512-paramSetB" ++#define LN_id_tc26_gost_3410_2012_512_paramSetB "GOST R 34.10-2012 (512 bit) ParamSet B" ++#define NID_id_tc26_gost_3410_2012_512_paramSetB 983 ++#define OBJ_id_tc26_gost_3410_2012_512_paramSetB OBJ_id_tc26_gost_3410_2012_512_constants,2L ++ ++#define SN_id_tc26_digest_constants "id-tc26-digest-constants" ++#define NID_id_tc26_digest_constants 984 ++#define OBJ_id_tc26_digest_constants OBJ_id_tc26_constants,2L ++ ++#define SN_id_tc26_cipher_constants "id-tc26-cipher-constants" ++#define NID_id_tc26_cipher_constants 985 ++#define OBJ_id_tc26_cipher_constants OBJ_id_tc26_constants,5L ++ ++#define SN_id_tc26_gost_28147_constants "id-tc26-gost-28147-constants" ++#define NID_id_tc26_gost_28147_constants 986 ++#define OBJ_id_tc26_gost_28147_constants OBJ_id_tc26_cipher_constants,1L ++ ++#define SN_id_tc26_gost_28147_param_Z "id-tc26-gost-28147-param-Z" ++#define LN_id_tc26_gost_28147_param_Z "GOST 28147-89 TC26 parameter set" ++#define NID_id_tc26_gost_28147_param_Z 987 ++#define OBJ_id_tc26_gost_28147_param_Z OBJ_id_tc26_gost_28147_constants,1L ++ ++#define SN_INN "INN" ++#define LN_INN "INN" ++#define NID_INN 988 ++#define OBJ_INN OBJ_member_body,643L,3L,131L,1L,1L ++ ++#define SN_OGRN "OGRN" ++#define LN_OGRN "OGRN" ++#define NID_OGRN 989 ++#define OBJ_OGRN OBJ_member_body,643L,100L,1L ++ ++#define SN_SNILS "SNILS" ++#define LN_SNILS "SNILS" ++#define NID_SNILS 990 ++#define OBJ_SNILS OBJ_member_body,643L,100L,3L ++ ++#define SN_grasshopper_ecb "grasshopper-ecb" ++#define NID_grasshopper_ecb 994 ++ ++#define SN_grasshopper_ctr "grasshopper-ctr" ++#define NID_grasshopper_ctr 995 ++ ++#define SN_grasshopper_ofb "grasshopper-ofb" ++#define NID_grasshopper_ofb 996 ++ ++#define SN_grasshopper_cbc "grasshopper-cbc" ++#define NID_grasshopper_cbc 997 ++ ++#define SN_grasshopper_cfb "grasshopper-cfb" ++#define NID_grasshopper_cfb 998 ++ ++#define SN_grasshopper_mac "grasshopper-mac" ++#define NID_grasshopper_mac 999 ++ + #define SN_camellia_128_cbc "CAMELLIA-128-CBC" + #define LN_camellia_128_cbc "camellia-128-cbc" + #define NID_camellia_128_cbc 751 +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 8e5ea83363..e5f2eaeb6e 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -955,3 +955,45 @@ ct_cert_scts 954 + jurisdictionLocalityName 955 + jurisdictionStateOrProvinceName 956 + jurisdictionCountryName 957 ++id_tc26 958 ++gost89_cnt_12 959 ++gost_mac_12 960 ++id_tc26_algorithms 961 ++id_tc26_sign 962 ++id_GostR3410_2012_256 963 ++id_GostR3410_2012_512 964 ++id_tc26_digest 965 ++id_GostR3411_2012_256 966 ++id_GostR3411_2012_512 967 ++id_tc26_signwithdigest 968 ++id_tc26_signwithdigest_gost3410_2012_256 969 ++id_tc26_signwithdigest_gost3410_2012_512 970 ++id_tc26_mac 971 ++id_tc26_hmac_gost_3411_2012_256 972 ++id_tc26_hmac_gost_3411_2012_512 973 ++id_tc26_cipher 974 ++id_tc26_agreement 975 ++id_tc26_agreement_gost_3410_2012_256 976 ++id_tc26_agreement_gost_3410_2012_512 977 ++id_tc26_constants 978 ++id_tc26_sign_constants 979 ++id_tc26_gost_3410_2012_512_constants 980 ++id_tc26_gost_3410_2012_512_paramSetTest 981 ++id_tc26_gost_3410_2012_512_paramSetA 982 ++id_tc26_gost_3410_2012_512_paramSetB 983 ++id_tc26_digest_constants 984 ++id_tc26_cipher_constants 985 ++id_tc26_gost_28147_constants 986 ++id_tc26_gost_28147_param_Z 987 ++INN 988 ++OGRN 989 ++SNILS 990 ++gost89_cbc 991 ++gost89_ecb 992 ++gost89_ctr 993 ++grasshopper_ecb 994 ++grasshopper_ctr 995 ++grasshopper_ofb 996 ++grasshopper_cbc 997 ++grasshopper_cfb 998 ++grasshopper_mac 999 +diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h +index e453e99f83..c07adee4f2 100644 +--- a/crypto/objects/obj_xref.h ++++ b/crypto/objects/obj_xref.h +@@ -56,6 +56,10 @@ static const nid_triple sigoid_srt[] = { + NID_dh_cofactor_kdf}, + {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, + NID_dh_cofactor_kdf}, ++ {NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_GostR3411_2012_256, ++ NID_id_GostR3410_2012_256}, ++ {NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_GostR3411_2012_512, ++ NID_id_GostR3410_2012_512}, + }; + + static const nid_triple *const sigoid_srt_xref[] = { +@@ -96,4 +100,6 @@ static const nid_triple *const sigoid_srt_xref[] = { + &sigoid_srt[26], + &sigoid_srt[27], + &sigoid_srt[28], ++ &sigoid_srt[40], ++ &sigoid_srt[41], + }; +diff --git a/crypto/objects/obj_xref.txt b/crypto/objects/obj_xref.txt +index 19c94226b2..981103b36d 100644 +--- a/crypto/objects/obj_xref.txt ++++ b/crypto/objects/obj_xref.txt +@@ -44,6 +44,8 @@ id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001 + id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94 + id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc + id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc ++id_tc26_signwithdigest_gost3410_2012_256 id_GostR3411_2012_256 id_GostR3410_2012_256 ++id_tc26_signwithdigest_gost3410_2012_512 id_GostR3411_2012_512 id_GostR3410_2012_512 + # ECDH KDFs and their corresponding message digests and schemes + dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf + dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index b57aabb226..31286b176a 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1156,6 +1156,7 @@ iso 0 10118 3 0 55 : whirlpool + + member-body 643 2 2 : cryptopro + member-body 643 2 9 : cryptocom ++member-body 643 7 1 : id-tc26 + + cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 + cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 +@@ -1169,8 +1170,13 @@ cryptopro 20 : gost94 : GOST R 34.10-94 + !Cname id-Gost28147-89 + cryptopro 21 : gost89 : GOST 28147-89 + : gost89-cnt ++ : gost89-cnt-12 ++ : gost89-cbc ++ : gost89-ecb ++ : gost89-ctr + !Cname id-Gost28147-89-MAC + cryptopro 22 : gost-mac : GOST 28147-89 MAC ++ : gost-mac-12 + !Cname id-GostR3411-94-prf + cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF + cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH +@@ -1229,6 +1235,60 @@ cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with + + cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom + ++# TC26 GOST OIDs ++ ++id-tc26 1 : id-tc26-algorithms ++id-tc26-algorithms 1 : id-tc26-sign ++!Cname id-GostR3410-2012-256 ++id-tc26-sign 1 : gost2012_256: GOST R 34.10-2012 with 256 bit modulus ++!Cname id-GostR3410-2012-512 ++id-tc26-sign 2 : gost2012_512: GOST R 34.10-2012 with 512 bit modulus ++ ++id-tc26-algorithms 2 : id-tc26-digest ++!Cname id-GostR3411-2012-256 ++id-tc26-digest 2 : md_gost12_256: GOST R 34.11-2012 with 256 bit hash ++!Cname id-GostR3411-2012-512 ++id-tc26-digest 3 : md_gost12_512: GOST R 34.11-2012 with 512 bit hash ++ ++id-tc26-algorithms 3 : id-tc26-signwithdigest ++id-tc26-signwithdigest 2: id-tc26-signwithdigest-gost3410-2012-256: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit) ++id-tc26-signwithdigest 3: id-tc26-signwithdigest-gost3410-2012-512: GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit) ++ ++id-tc26-algorithms 4 : id-tc26-mac ++id-tc26-mac 1 : id-tc26-hmac-gost-3411-2012-256 : HMAC GOST 34.11-2012 256 bit ++id-tc26-mac 2 : id-tc26-hmac-gost-3411-2012-512 : HMAC GOST 34.11-2012 512 bit ++ ++id-tc26-algorithms 5 : id-tc26-cipher ++ ++id-tc26-algorithms 6 : id-tc26-agreement ++id-tc26-agreement 1 : id-tc26-agreement-gost-3410-2012-256 ++id-tc26-agreement 2 : id-tc26-agreement-gost-3410-2012-512 ++ ++id-tc26 2 : id-tc26-constants ++ ++id-tc26-constants 1 : id-tc26-sign-constants ++id-tc26-sign-constants 2: id-tc26-gost-3410-2012-512-constants ++id-tc26-gost-3410-2012-512-constants 0 : id-tc26-gost-3410-2012-512-paramSetTest: GOST R 34.10-2012 (512 bit) testing parameter set ++id-tc26-gost-3410-2012-512-constants 1 : id-tc26-gost-3410-2012-512-paramSetA: GOST R 34.10-2012 (512 bit) ParamSet A ++id-tc26-gost-3410-2012-512-constants 2 : id-tc26-gost-3410-2012-512-paramSetB: GOST R 34.10-2012 (512 bit) ParamSet B ++ ++id-tc26-constants 2 : id-tc26-digest-constants ++id-tc26-constants 5 : id-tc26-cipher-constants ++id-tc26-cipher-constants 1 : id-tc26-gost-28147-constants ++id-tc26-gost-28147-constants 1 : id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 parameter set ++ ++member-body 643 3 131 1 1 : INN : INN ++member-body 643 100 1 : OGRN : OGRN ++member-body 643 100 3 : SNILS : SNILS ++ ++#GOST R34.13-2015 Grasshopper "Kuznechik" ++ : grasshopper-ecb ++ : grasshopper-ctr ++ : grasshopper-ofb ++ : grasshopper-cbc ++ : grasshopper-cfb ++ : grasshopper-mac ++ + # Definitions for Camellia cipher - CBC MODE + + 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc diff --git a/patches/1.0.2/2.numeric.diff b/patches/1.0.2/2.numeric.diff new file mode 100644 index 0000000..13a4844 --- /dev/null +++ b/patches/1.0.2/2.numeric.diff @@ -0,0 +1,29 @@ +diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c +index 5b8028aaa3..ae84919076 100644 +--- a/crypto/asn1/a_mbstr.c ++++ b/crypto/asn1/a_mbstr.c +@@ -173,6 +173,8 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, + str_type = V_ASN1_PRINTABLESTRING; + else if (mask & B_ASN1_IA5STRING) + str_type = V_ASN1_IA5STRING; ++ else if (mask & B_ASN1_NUMERICSTRING) ++ str_type = V_ASN1_NUMERICSTRING; + else if (mask & B_ASN1_T61STRING) + str_type = V_ASN1_T61STRING; + else if (mask & B_ASN1_BMPSTRING) { +diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c +index 99ffe73787..6c960f025c 100644 +--- a/crypto/asn1/a_strnid.c ++++ b/crypto/asn1/a_strnid.c +@@ -193,7 +193,10 @@ static const ASN1_STRING_TABLE tbl_standard[] = { + {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, + {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, + {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, +- {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} ++ {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, ++ {NID_INN, 1, 12, B_ASN1_NUMERICSTRING, STABLE_NO_MASK}, ++ {NID_OGRN, 1, 13, B_ASN1_NUMERICSTRING, STABLE_NO_MASK}, ++ {NID_SNILS, 1, 11, B_ASN1_NUMERICSTRING, STABLE_NO_MASK} + }; + + static int sk_table_cmp(const ASN1_STRING_TABLE *const *a, diff --git a/patches/1.0.2/3.pkcs12.diff b/patches/1.0.2/3.pkcs12.diff new file mode 100644 index 0000000..f6267ba --- /dev/null +++ b/patches/1.0.2/3.pkcs12.diff @@ -0,0 +1,78 @@ +diff -Nuar openssl-1.0.2d/crypto/evp/evp_pbe.c openssl-work/crypto/evp/evp_pbe.c +--- openssl-1.0.2d/crypto/evp/evp_pbe.c 2015-07-09 15:53:21.000000000 +0400 ++++ openssl-work/crypto/evp/evp_pbe.c 2015-03-26 13:00:21.000000000 +0400 +@@ -121,6 +121,10 @@ + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, + {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, + {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, ++ {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_256, -1, ++ NID_id_GostR3411_2012_256, 0}, ++ {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1, ++ NID_id_GostR3411_2012_512, 0}, + }; + + #ifdef TEST +diff -Nuar openssl-1.0.2d/crypto/pkcs12/p12_mutl.c openssl-work/crypto/pkcs12/p12_mutl.c +--- openssl-1.0.2d/crypto/pkcs12/p12_mutl.c 2015-07-09 15:53:21.000000000 +0400 ++++ openssl-work/crypto/pkcs12/p12_mutl.c 2015-06-17 14:48:18.000000000 +0400 +@@ -65,6 +65,28 @@ + # include + # include + ++# define TK26_MAC_KEY_LEN 32 ++ ++static int PKCS12_gen_gost_mac_key(const char *pass, int passlen, ++ const unsigned char *salt, int saltlen, ++ int iter, const EVP_MD *digest, int keylen, ++ unsigned char *key) ++{ ++ unsigned char out[96]; ++ ++ if (keylen != TK26_MAC_KEY_LEN) { ++ return 0; ++ } ++ ++ if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, ++ digest, 96, out)) { ++ return 0; ++ } ++ memcpy(key, out + 64, TK26_MAC_KEY_LEN); ++ OPENSSL_cleanse(out, 96); ++ return 1; ++} ++ + /* Generate a MAC */ + int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, + unsigned char *mac, unsigned int *maclen) +@@ -73,7 +95,7 @@ + HMAC_CTX hmac; + unsigned char key[EVP_MAX_MD_SIZE], *salt; + int saltlen, iter; +- int md_size; ++ int md_size = 0; + + if (!PKCS7_type_is_data(p12->authsafes)) { + PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA); +@@ -93,8 +115,19 @@ + md_size = EVP_MD_size(md_type); + if (md_size < 0) + return 0; +- if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, +- md_size, key, md_type)) { ++ if ((md_type->type == NID_id_GostR3411_94 ++ || md_type->type == NID_id_GostR3411_2012_256 ++ || md_type->type == NID_id_GostR3411_2012_512) ++ && !getenv("LEGACY_GOST_PKCS12")) { ++ md_size = TK26_MAC_KEY_LEN; ++ if (!PKCS12_gen_gost_mac_key(pass, passlen, salt, saltlen, iter, ++ md_type, md_size, key)) { ++ PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); ++ return 0; ++ } ++ } else ++ if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, ++ md_size, key, md_type)) { + PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); + return 0; + } + diff --git a/patches/1.0.2/4.smimecap.diff b/patches/1.0.2/4.smimecap.diff new file mode 100644 index 0000000..6b75924 --- /dev/null +++ b/patches/1.0.2/4.smimecap.diff @@ -0,0 +1,26 @@ +diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c +index a41aca8e12..f31fd1598c 100644 +--- a/crypto/cms/cms_sd.c ++++ b/crypto/cms/cms_sd.c +@@ -943,6 +943,8 @@ static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg) + int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap) + { + if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1) ++ || !cms_add_digest_smcap(smcap, NID_id_GostR3411_2012_256, -1) ++ || !cms_add_digest_smcap(smcap, NID_id_GostR3411_2012_512, -1) + || !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1) + || !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) + || !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1) +diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c +index dc9b484078..12486ad766 100644 +--- a/crypto/pkcs7/pk7_smime.c ++++ b/crypto/pkcs7/pk7_smime.c +@@ -185,6 +185,8 @@ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, + goto err; + } + if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) ++ || !add_digest_smcap(smcap, NID_id_GostR3411_2012_256, -1) ++ || !add_digest_smcap(smcap, NID_id_GostR3411_2012_512, -1) + || !add_digest_smcap(smcap, NID_id_GostR3411_94, -1) + || !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) + || !add_cipher_smcap(smcap, NID_aes_192_cbc, -1) diff --git a/patches/1.0.2/cipher_modes.diff b/patches/1.0.2/cipher_modes.diff deleted file mode 100644 index 2a2ab13..0000000 --- a/patches/1.0.2/cipher_modes.diff +++ /dev/null @@ -1,158 +0,0 @@ -diff -uNr crypto/objects_orig/obj_dat.h crypto/objects/obj_dat.h ---- crypto/objects_orig/obj_dat.h 2015-10-06 20:43:14.000000000 +0300 -+++ crypto/objects/obj_dat.h 2015-10-06 20:45:53.000000000 +0300 -@@ -62,9 +62,9 @@ - * [including the GNU Public Licence.] - */ - --#define NUM_NID 991 --#define NUM_SN 984 --#define NUM_LN 984 -+#define NUM_NID 1000 -+#define NUM_SN 993 -+#define NUM_LN 993 - #define NUM_OBJ 921 - - static const unsigned char lvalues[6485]={ -@@ -2611,6 +2611,15 @@ - {"INN","INN",NID_INN,8,&(lvalues[6466]),0}, - {"OGRN","OGRN",NID_OGRN,5,&(lvalues[6474]),0}, - {"SNILS","SNILS",NID_SNILS,5,&(lvalues[6479]),0}, -+{"gost89-cbc","gost89-cbc",NID_gost89_cbc,0,NULL,0}, -+{"gost89-ecb","gost89-ecb",NID_gost89_ecb,0,NULL,0}, -+{"gost89-ctr","gost89-ctr",NID_gost89_ctr,0,NULL,0}, -+{"grasshopper-ecb","grasshopper-ecb",NID_grasshopper_ecb,0,NULL,0}, -+{"grasshopper-ctr","grasshopper-ctr",NID_grasshopper_ctr,0,NULL,0}, -+{"grasshopper-ofb","grasshopper-ofb",NID_grasshopper_ofb,0,NULL,0}, -+{"grasshopper-cbc","grasshopper-cbc",NID_grasshopper_cbc,0,NULL,0}, -+{"grasshopper-cfb","grasshopper-cfb",NID_grasshopper_cfb,0,NULL,0}, -+{"grasshopper-mac","grasshopper-mac",NID_grasshopper_mac,0,NULL,0}, - }; - - static const unsigned int sn_objs[NUM_SN]={ -@@ -2964,10 +2973,19 @@ - 963, /* "gost2012_256" */ - 964, /* "gost2012_512" */ - 813, /* "gost89" */ -+991, /* "gost89-cbc" */ - 814, /* "gost89-cnt" */ - 959, /* "gost89-cnt-12" */ -+993, /* "gost89-ctr" */ -+992, /* "gost89-ecb" */ - 812, /* "gost94" */ - 850, /* "gost94cc" */ -+997, /* "grasshopper-cbc" */ -+998, /* "grasshopper-cfb" */ -+995, /* "grasshopper-ctr" */ -+994, /* "grasshopper-ecb" */ -+999, /* "grasshopper-mac" */ -+996, /* "grasshopper-ofb" */ - 797, /* "hmacWithMD5" */ - 163, /* "hmacWithSHA1" */ - 798, /* "hmacWithSHA224" */ -@@ -3971,8 +3989,17 @@ - 601, /* "generic cryptogram" */ - 99, /* "givenName" */ - 960, /* "gost-mac-12" */ -+991, /* "gost89-cbc" */ - 814, /* "gost89-cnt" */ - 959, /* "gost89-cnt-12" */ -+993, /* "gost89-ctr" */ -+992, /* "gost89-ecb" */ -+997, /* "grasshopper-cbc" */ -+998, /* "grasshopper-cfb" */ -+995, /* "grasshopper-ctr" */ -+994, /* "grasshopper-ecb" */ -+999, /* "grasshopper-mac" */ -+996, /* "grasshopper-ofb" */ - 855, /* "hmac" */ - 780, /* "hmac-md5" */ - 781, /* "hmac-sha1" */ -diff -uNr crypto/objects_orig/objects.txt crypto/objects/objects.txt ---- crypto/objects_orig/objects.txt 2015-10-06 20:43:14.000000000 +0300 -+++ crypto/objects/objects.txt 2015-10-06 20:45:45.000000000 +0300 -@@ -1171,6 +1171,9 @@ - cryptopro 21 : gost89 : GOST 28147-89 - : gost89-cnt - : gost89-cnt-12 -+ : gost89-cbc -+ : gost89-ecb -+ : gost89-ctr - !Cname id-Gost28147-89-MAC - cryptopro 22 : gost-mac : GOST 28147-89 MAC - : gost-mac-12 -@@ -1278,6 +1281,14 @@ - member-body 643 100 1 : OGRN : OGRN - member-body 643 100 3 : SNILS : SNILS - -+#GOST R34.13-2015 Grasshopper "Kuznechik" -+ : grasshopper-ecb -+ : grasshopper-ctr -+ : grasshopper-ofb -+ : grasshopper-cbc -+ : grasshopper-cfb -+ : grasshopper-mac -+ - # Definitions for Camellia cipher - CBC MODE - - 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc -diff -uNr crypto/objects_orig/obj_mac.h crypto/objects/obj_mac.h ---- crypto/objects_orig/obj_mac.h 2015-10-06 20:43:14.000000000 +0300 -+++ crypto/objects/obj_mac.h 2015-10-06 20:45:52.000000000 +0300 -@@ -3723,6 +3723,15 @@ - #define SN_gost89_cnt_12 "gost89-cnt-12" - #define NID_gost89_cnt_12 959 - -+#define SN_gost89_cbc "gost89-cbc" -+#define NID_gost89_cbc 991 -+ -+#define SN_gost89_ecb "gost89-ecb" -+#define NID_gost89_ecb 992 -+ -+#define SN_gost89_ctr "gost89-ctr" -+#define NID_gost89_ctr 993 -+ - #define SN_id_Gost28147_89_MAC "gost-mac" - #define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" - #define NID_id_Gost28147_89_MAC 815 -@@ -4031,6 +4040,24 @@ - #define NID_SNILS 990 - #define OBJ_SNILS OBJ_member_body,643L,100L,3L - -+#define SN_grasshopper_ecb "grasshopper-ecb" -+#define NID_grasshopper_ecb 994 -+ -+#define SN_grasshopper_ctr "grasshopper-ctr" -+#define NID_grasshopper_ctr 995 -+ -+#define SN_grasshopper_ofb "grasshopper-ofb" -+#define NID_grasshopper_ofb 996 -+ -+#define SN_grasshopper_cbc "grasshopper-cbc" -+#define NID_grasshopper_cbc 997 -+ -+#define SN_grasshopper_cfb "grasshopper-cfb" -+#define NID_grasshopper_cfb 998 -+ -+#define SN_grasshopper_mac "grasshopper-mac" -+#define NID_grasshopper_mac 999 -+ - #define SN_camellia_128_cbc "CAMELLIA-128-CBC" - #define LN_camellia_128_cbc "camellia-128-cbc" - #define NID_camellia_128_cbc 751 -diff -uNr crypto/objects_orig/obj_mac.num crypto/objects/obj_mac.num ---- crypto/objects_orig/obj_mac.num 2015-10-06 20:43:14.000000000 +0300 -+++ crypto/objects/obj_mac.num 2015-10-06 20:45:51.000000000 +0300 -@@ -988,3 +988,12 @@ - INN 988 - OGRN 989 - SNILS 990 -+gost89_cbc 991 -+gost89_ecb 992 -+gost89_ctr 993 -+grasshopper_ecb 994 -+grasshopper_ctr 995 -+grasshopper_ofb 996 -+grasshopper_cbc 997 -+grasshopper_cfb 998 -+grasshopper_mac 999 diff --git a/patches/1.0.2/oids.diff b/patches/1.0.2/oids.diff deleted file mode 100644 index faa66fb..0000000 --- a/patches/1.0.2/oids.diff +++ /dev/null @@ -1,688 +0,0 @@ -diff -Nuar openssl-1.0.2d/crypto/objects/obj_dat.h openssl-work/crypto/objects/obj_dat.h ---- openssl-1.0.2d/crypto/objects/obj_dat.h 2015-07-09 15:58:05.000000000 +0400 -+++ openssl-work/crypto/objects/obj_dat.h 2015-02-25 12:49:45.000000000 +0400 -@@ -62,12 +62,12 @@ - * [including the GNU Public Licence.] - */ - --#define NUM_NID 958 --#define NUM_SN 951 --#define NUM_LN 951 --#define NUM_OBJ 890 -+#define NUM_NID 991 -+#define NUM_SN 984 -+#define NUM_LN 984 -+#define NUM_OBJ 921 - --static const unsigned char lvalues[6255]={ -+static const unsigned char lvalues[6485]={ - 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ - 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ - 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ -@@ -952,6 +952,37 @@ - 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x01,/* [6221] OBJ_jurisdictionLocalityName */ - 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x02,/* [6232] OBJ_jurisdictionStateOrProvinceName */ - 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x03,/* [6243] OBJ_jurisdictionCountryName */ -+0x2A,0x85,0x03,0x07,0x01, /* [6254] OBJ_id_tc26 */ -+0x2A,0x85,0x03,0x07,0x01,0x01, /* [6259] OBJ_id_tc26_algorithms */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x01, /* [6265] OBJ_id_tc26_sign */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x01, /* [6272] OBJ_id_GostR3410_2012_256 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x02, /* [6280] OBJ_id_GostR3410_2012_512 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x02, /* [6288] OBJ_id_tc26_digest */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x02, /* [6295] OBJ_id_GostR3411_2012_256 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x03, /* [6303] OBJ_id_GostR3411_2012_512 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x03, /* [6311] OBJ_id_tc26_signwithdigest */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x02, /* [6318] OBJ_id_tc26_signwithdigest_gost3410_2012_256 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x03, /* [6326] OBJ_id_tc26_signwithdigest_gost3410_2012_512 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x04, /* [6334] OBJ_id_tc26_mac */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x01, /* [6341] OBJ_id_tc26_hmac_gost_3411_2012_256 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x02, /* [6349] OBJ_id_tc26_hmac_gost_3411_2012_512 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x05, /* [6357] OBJ_id_tc26_cipher */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x06, /* [6364] OBJ_id_tc26_agreement */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x01, /* [6371] OBJ_id_tc26_agreement_gost_3410_2012_256 */ -+0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x02, /* [6379] OBJ_id_tc26_agreement_gost_3410_2012_512 */ -+0x2A,0x85,0x03,0x07,0x01,0x02, /* [6387] OBJ_id_tc26_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x01, /* [6393] OBJ_id_tc26_sign_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02, /* [6400] OBJ_id_tc26_gost_3410_2012_512_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x00,/* [6408] OBJ_id_tc26_gost_3410_2012_512_paramSetTest */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x01,/* [6417] OBJ_id_tc26_gost_3410_2012_512_paramSetA */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x02,/* [6426] OBJ_id_tc26_gost_3410_2012_512_paramSetB */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x02, /* [6435] OBJ_id_tc26_digest_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x05, /* [6442] OBJ_id_tc26_cipher_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x05,0x01, /* [6449] OBJ_id_tc26_gost_28147_constants */ -+0x2A,0x85,0x03,0x07,0x01,0x02,0x05,0x01,0x01,/* [6457] OBJ_id_tc26_gost_28147_param_Z */ -+0x2A,0x85,0x03,0x03,0x81,0x03,0x01,0x01, /* [6466] OBJ_INN */ -+0x2A,0x85,0x03,0x64,0x01, /* [6474] OBJ_OGRN */ -+0x2A,0x85,0x03,0x64,0x03, /* [6479] OBJ_SNILS */ - }; - - static const ASN1_OBJECT nid_objs[NUM_NID]={ -@@ -2514,6 +2545,72 @@ - NID_jurisdictionStateOrProvinceName,11,&(lvalues[6232]),0}, - {"jurisdictionC","jurisdictionCountryName", - NID_jurisdictionCountryName,11,&(lvalues[6243]),0}, -+{"id-tc26","id-tc26",NID_id_tc26,5,&(lvalues[6254]),0}, -+{"gost89-cnt-12","gost89-cnt-12",NID_gost89_cnt_12,0,NULL,0}, -+{"gost-mac-12","gost-mac-12",NID_gost_mac_12,0,NULL,0}, -+{"id-tc26-algorithms","id-tc26-algorithms",NID_id_tc26_algorithms,6, -+ &(lvalues[6259]),0}, -+{"id-tc26-sign","id-tc26-sign",NID_id_tc26_sign,7,&(lvalues[6265]),0}, -+{"gost2012_256","GOST R 34.10-2012 with 256 bit modulus", -+ NID_id_GostR3410_2012_256,8,&(lvalues[6272]),0}, -+{"gost2012_512","GOST R 34.10-2012 with 512 bit modulus", -+ NID_id_GostR3410_2012_512,8,&(lvalues[6280]),0}, -+{"id-tc26-digest","id-tc26-digest",NID_id_tc26_digest,7, -+ &(lvalues[6288]),0}, -+{"md_gost12_256","GOST R 34.11-2012 with 256 bit hash", -+ NID_id_GostR3411_2012_256,8,&(lvalues[6295]),0}, -+{"md_gost12_512","GOST R 34.11-2012 with 512 bit hash", -+ NID_id_GostR3411_2012_512,8,&(lvalues[6303]),0}, -+{"id-tc26-signwithdigest","id-tc26-signwithdigest", -+ NID_id_tc26_signwithdigest,7,&(lvalues[6311]),0}, -+{"id-tc26-signwithdigest-gost3410-2012-256", -+ "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)", -+ NID_id_tc26_signwithdigest_gost3410_2012_256,8,&(lvalues[6318]),0}, -+{"id-tc26-signwithdigest-gost3410-2012-512", -+ "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)", -+ NID_id_tc26_signwithdigest_gost3410_2012_512,8,&(lvalues[6326]),0}, -+{"id-tc26-mac","id-tc26-mac",NID_id_tc26_mac,7,&(lvalues[6334]),0}, -+{"id-tc26-hmac-gost-3411-2012-256","HMAC GOST 34.11-2012 256 bit", -+ NID_id_tc26_hmac_gost_3411_2012_256,8,&(lvalues[6341]),0}, -+{"id-tc26-hmac-gost-3411-2012-512","HMAC GOST 34.11-2012 512 bit", -+ NID_id_tc26_hmac_gost_3411_2012_512,8,&(lvalues[6349]),0}, -+{"id-tc26-cipher","id-tc26-cipher",NID_id_tc26_cipher,7, -+ &(lvalues[6357]),0}, -+{"id-tc26-agreement","id-tc26-agreement",NID_id_tc26_agreement,7, -+ &(lvalues[6364]),0}, -+{"id-tc26-agreement-gost-3410-2012-256", -+ "id-tc26-agreement-gost-3410-2012-256", -+ NID_id_tc26_agreement_gost_3410_2012_256,8,&(lvalues[6371]),0}, -+{"id-tc26-agreement-gost-3410-2012-512", -+ "id-tc26-agreement-gost-3410-2012-512", -+ NID_id_tc26_agreement_gost_3410_2012_512,8,&(lvalues[6379]),0}, -+{"id-tc26-constants","id-tc26-constants",NID_id_tc26_constants,6, -+ &(lvalues[6387]),0}, -+{"id-tc26-sign-constants","id-tc26-sign-constants", -+ NID_id_tc26_sign_constants,7,&(lvalues[6393]),0}, -+{"id-tc26-gost-3410-2012-512-constants", -+ "id-tc26-gost-3410-2012-512-constants", -+ NID_id_tc26_gost_3410_2012_512_constants,8,&(lvalues[6400]),0}, -+{"id-tc26-gost-3410-2012-512-paramSetTest", -+ "GOST R 34.10-2012 (512 bit) testing parameter set", -+ NID_id_tc26_gost_3410_2012_512_paramSetTest,9,&(lvalues[6408]),0}, -+{"id-tc26-gost-3410-2012-512-paramSetA", -+ "GOST R 34.10-2012 (512 bit) ParamSet A", -+ NID_id_tc26_gost_3410_2012_512_paramSetA,9,&(lvalues[6417]),0}, -+{"id-tc26-gost-3410-2012-512-paramSetB", -+ "GOST R 34.10-2012 (512 bit) ParamSet B", -+ NID_id_tc26_gost_3410_2012_512_paramSetB,9,&(lvalues[6426]),0}, -+{"id-tc26-digest-constants","id-tc26-digest-constants", -+ NID_id_tc26_digest_constants,7,&(lvalues[6435]),0}, -+{"id-tc26-cipher-constants","id-tc26-cipher-constants", -+ NID_id_tc26_cipher_constants,7,&(lvalues[6442]),0}, -+{"id-tc26-gost-28147-constants","id-tc26-gost-28147-constants", -+ NID_id_tc26_gost_28147_constants,8,&(lvalues[6449]),0}, -+{"id-tc26-gost-28147-param-Z","GOST 28147-89 TC26 parameter set", -+ NID_id_tc26_gost_28147_param_Z,9,&(lvalues[6457]),0}, -+{"INN","INN",NID_INN,8,&(lvalues[6466]),0}, -+{"OGRN","OGRN",NID_OGRN,5,&(lvalues[6474]),0}, -+{"SNILS","SNILS",NID_SNILS,5,&(lvalues[6479]),0}, - }; - - static const unsigned int sn_objs[NUM_SN]={ -@@ -2614,6 +2711,7 @@ - 35, /* "IDEA-CFB" */ - 36, /* "IDEA-ECB" */ - 46, /* "IDEA-OFB" */ -+988, /* "INN" */ - 181, /* "ISO" */ - 183, /* "ISO-US" */ - 645, /* "ITU-T" */ -@@ -2635,6 +2733,7 @@ - 17, /* "O" */ - 178, /* "OCSP" */ - 180, /* "OCSPSigning" */ -+989, /* "OGRN" */ - 379, /* "ORG" */ - 18, /* "OU" */ - 749, /* "Oakley-EC2N-3" */ -@@ -2700,6 +2799,7 @@ - 188, /* "SMIME" */ - 167, /* "SMIME-CAPS" */ - 100, /* "SN" */ -+990, /* "SNILS" */ - 16, /* "ST" */ - 143, /* "SXNetID" */ - 458, /* "UID" */ -@@ -2858,10 +2958,14 @@ - 156, /* "friendlyName" */ - 509, /* "generationQualifier" */ - 815, /* "gost-mac" */ -+960, /* "gost-mac-12" */ - 811, /* "gost2001" */ - 851, /* "gost2001cc" */ -+963, /* "gost2012_256" */ -+964, /* "gost2012_512" */ - 813, /* "gost89" */ - 814, /* "gost89-cnt" */ -+959, /* "gost89-cnt-12" */ - 812, /* "gost94" */ - 850, /* "gost94cc" */ - 797, /* "hmacWithMD5" */ -@@ -3115,6 +3219,30 @@ - 194, /* "id-smime-spq" */ - 250, /* "id-smime-spq-ets-sqt-unotice" */ - 249, /* "id-smime-spq-ets-sqt-uri" */ -+958, /* "id-tc26" */ -+975, /* "id-tc26-agreement" */ -+976, /* "id-tc26-agreement-gost-3410-2012-256" */ -+977, /* "id-tc26-agreement-gost-3410-2012-512" */ -+961, /* "id-tc26-algorithms" */ -+974, /* "id-tc26-cipher" */ -+985, /* "id-tc26-cipher-constants" */ -+978, /* "id-tc26-constants" */ -+965, /* "id-tc26-digest" */ -+984, /* "id-tc26-digest-constants" */ -+986, /* "id-tc26-gost-28147-constants" */ -+987, /* "id-tc26-gost-28147-param-Z" */ -+980, /* "id-tc26-gost-3410-2012-512-constants" */ -+982, /* "id-tc26-gost-3410-2012-512-paramSetA" */ -+983, /* "id-tc26-gost-3410-2012-512-paramSetB" */ -+981, /* "id-tc26-gost-3410-2012-512-paramSetTest" */ -+972, /* "id-tc26-hmac-gost-3411-2012-256" */ -+973, /* "id-tc26-hmac-gost-3411-2012-512" */ -+971, /* "id-tc26-mac" */ -+962, /* "id-tc26-sign" */ -+979, /* "id-tc26-sign-constants" */ -+968, /* "id-tc26-signwithdigest" */ -+969, /* "id-tc26-signwithdigest-gost3410-2012-256" */ -+970, /* "id-tc26-signwithdigest-gost3410-2012-512" */ - 676, /* "identified-organization" */ - 461, /* "info" */ - 748, /* "inhibitAnyPolicy" */ -@@ -3140,6 +3268,8 @@ - 460, /* "mail" */ - 493, /* "mailPreferenceOption" */ - 467, /* "manager" */ -+966, /* "md_gost12_256" */ -+967, /* "md_gost12_512" */ - 809, /* "md_gost94" */ - 875, /* "member" */ - 182, /* "member-body" */ -@@ -3497,12 +3627,22 @@ - 813, /* "GOST 28147-89" */ - 849, /* "GOST 28147-89 Cryptocom ParamSet" */ - 815, /* "GOST 28147-89 MAC" */ -+987, /* "GOST 28147-89 TC26 parameter set" */ - 851, /* "GOST 34.10-2001 Cryptocom" */ - 850, /* "GOST 34.10-94 Cryptocom" */ - 811, /* "GOST R 34.10-2001" */ - 817, /* "GOST R 34.10-2001 DH" */ -+982, /* "GOST R 34.10-2012 (512 bit) ParamSet A" */ -+983, /* "GOST R 34.10-2012 (512 bit) ParamSet B" */ -+981, /* "GOST R 34.10-2012 (512 bit) testing parameter set" */ -+963, /* "GOST R 34.10-2012 with 256 bit modulus" */ -+964, /* "GOST R 34.10-2012 with 512 bit modulus" */ -+969, /* "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)" */ -+970, /* "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)" */ - 812, /* "GOST R 34.10-94" */ - 818, /* "GOST R 34.10-94 DH" */ -+966, /* "GOST R 34.11-2012 with 256 bit hash" */ -+967, /* "GOST R 34.11-2012 with 512 bit hash" */ - 809, /* "GOST R 34.11-94" */ - 816, /* "GOST R 34.11-94 PRF" */ - 807, /* "GOST R 34.11-94 with GOST R 34.10-2001" */ -@@ -3510,12 +3650,15 @@ - 808, /* "GOST R 34.11-94 with GOST R 34.10-94" */ - 852, /* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */ - 854, /* "GOST R 3410-2001 Parameter Set Cryptocom" */ -+972, /* "HMAC GOST 34.11-2012 256 bit" */ -+973, /* "HMAC GOST 34.11-2012 512 bit" */ - 810, /* "HMAC GOST 34.11-94" */ - 432, /* "Hold Instruction Call Issuer" */ - 430, /* "Hold Instruction Code" */ - 431, /* "Hold Instruction None" */ - 433, /* "Hold Instruction Reject" */ - 634, /* "ICC or token signature" */ -+988, /* "INN" */ - 294, /* "IPSec End System" */ - 295, /* "IPSec Tunnel" */ - 296, /* "IPSec User" */ -@@ -3560,6 +3703,7 @@ - 366, /* "OCSP Nonce" */ - 371, /* "OCSP Service Locator" */ - 180, /* "OCSP Signing" */ -+989, /* "OGRN" */ - 161, /* "PBES2" */ - 69, /* "PBKDF2" */ - 162, /* "PBMAC1" */ -@@ -3573,6 +3717,7 @@ - 2, /* "RSA Data Security, Inc. PKCS" */ - 188, /* "S/MIME" */ - 167, /* "S/MIME Capabilities" */ -+990, /* "SNILS" */ - 387, /* "SNMPv2" */ - 512, /* "Secure Electronic Transactions" */ - 386, /* "Security" */ -@@ -3825,7 +3970,9 @@ - 509, /* "generationQualifier" */ - 601, /* "generic cryptogram" */ - 99, /* "givenName" */ -+960, /* "gost-mac-12" */ - 814, /* "gost89-cnt" */ -+959, /* "gost89-cnt-12" */ - 855, /* "hmac" */ - 780, /* "hmac-md5" */ - 781, /* "hmac-sha1" */ -@@ -4053,6 +4200,22 @@ - 194, /* "id-smime-spq" */ - 250, /* "id-smime-spq-ets-sqt-unotice" */ - 249, /* "id-smime-spq-ets-sqt-uri" */ -+958, /* "id-tc26" */ -+975, /* "id-tc26-agreement" */ -+976, /* "id-tc26-agreement-gost-3410-2012-256" */ -+977, /* "id-tc26-agreement-gost-3410-2012-512" */ -+961, /* "id-tc26-algorithms" */ -+974, /* "id-tc26-cipher" */ -+985, /* "id-tc26-cipher-constants" */ -+978, /* "id-tc26-constants" */ -+965, /* "id-tc26-digest" */ -+984, /* "id-tc26-digest-constants" */ -+986, /* "id-tc26-gost-28147-constants" */ -+980, /* "id-tc26-gost-3410-2012-512-constants" */ -+971, /* "id-tc26-mac" */ -+962, /* "id-tc26-sign" */ -+979, /* "id-tc26-sign-constants" */ -+968, /* "id-tc26-signwithdigest" */ - 34, /* "idea-cbc" */ - 35, /* "idea-cfb" */ - 36, /* "idea-ecb" */ -@@ -4661,6 +4824,9 @@ - 639, /* OBJ_set_brand_JCB 2 23 42 8 35 */ - 805, /* OBJ_cryptopro 1 2 643 2 2 */ - 806, /* OBJ_cryptocom 1 2 643 2 9 */ -+958, /* OBJ_id_tc26 1 2 643 7 1 */ -+989, /* OBJ_OGRN 1 2 643 100 1 */ -+990, /* OBJ_SNILS 1 2 643 100 3 */ - 184, /* OBJ_X9_57 1 2 840 10040 */ - 405, /* OBJ_ansi_X9_62 1 2 840 10045 */ - 389, /* OBJ_Enterprises 1 3 6 1 4 1 */ -@@ -4745,6 +4911,8 @@ - 816, /* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */ - 817, /* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */ - 818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */ -+961, /* OBJ_id_tc26_algorithms 1 2 643 7 1 1 */ -+978, /* OBJ_id_tc26_constants 1 2 643 7 1 2 */ - 1, /* OBJ_rsadsi 1 2 840 113549 */ - 185, /* OBJ_X9cm 1 2 840 10040 4 */ - 127, /* OBJ_id_pkix 1 3 6 1 5 5 7 */ -@@ -4795,6 +4963,15 @@ - 842, /* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */ - 843, /* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */ - 844, /* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */ -+962, /* OBJ_id_tc26_sign 1 2 643 7 1 1 1 */ -+965, /* OBJ_id_tc26_digest 1 2 643 7 1 1 2 */ -+968, /* OBJ_id_tc26_signwithdigest 1 2 643 7 1 1 3 */ -+971, /* OBJ_id_tc26_mac 1 2 643 7 1 1 4 */ -+974, /* OBJ_id_tc26_cipher 1 2 643 7 1 1 5 */ -+975, /* OBJ_id_tc26_agreement 1 2 643 7 1 1 6 */ -+979, /* OBJ_id_tc26_sign_constants 1 2 643 7 1 2 1 */ -+984, /* OBJ_id_tc26_digest_constants 1 2 643 7 1 2 2 */ -+985, /* OBJ_id_tc26_cipher_constants 1 2 643 7 1 2 5 */ - 2, /* OBJ_pkcs 1 2 840 113549 1 */ - 431, /* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ - 432, /* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */ -@@ -4846,6 +5023,19 @@ - 851, /* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */ - 849, /* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */ - 854, /* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */ -+988, /* OBJ_INN 1 2 643 3 131 1 1 */ -+963, /* OBJ_id_GostR3410_2012_256 1 2 643 7 1 1 1 1 */ -+964, /* OBJ_id_GostR3410_2012_512 1 2 643 7 1 1 1 2 */ -+966, /* OBJ_id_GostR3411_2012_256 1 2 643 7 1 1 2 2 */ -+967, /* OBJ_id_GostR3411_2012_512 1 2 643 7 1 1 2 3 */ -+969, /* OBJ_id_tc26_signwithdigest_gost3410_2012_256 1 2 643 7 1 1 3 2 */ -+970, /* OBJ_id_tc26_signwithdigest_gost3410_2012_512 1 2 643 7 1 1 3 3 */ -+972, /* OBJ_id_tc26_hmac_gost_3411_2012_256 1 2 643 7 1 1 4 1 */ -+973, /* OBJ_id_tc26_hmac_gost_3411_2012_512 1 2 643 7 1 1 4 2 */ -+976, /* OBJ_id_tc26_agreement_gost_3410_2012_256 1 2 643 7 1 1 6 1 */ -+977, /* OBJ_id_tc26_agreement_gost_3410_2012_512 1 2 643 7 1 1 6 2 */ -+980, /* OBJ_id_tc26_gost_3410_2012_512_constants 1 2 643 7 1 2 1 2 */ -+986, /* OBJ_id_tc26_gost_28147_constants 1 2 643 7 1 2 5 1 */ - 186, /* OBJ_pkcs1 1 2 840 113549 1 1 */ - 27, /* OBJ_pkcs3 1 2 840 113549 1 3 */ - 187, /* OBJ_pkcs5 1 2 840 113549 1 5 */ -@@ -5013,6 +5203,10 @@ - 439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */ - 440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */ - 441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ -+981, /* OBJ_id_tc26_gost_3410_2012_512_paramSetTest 1 2 643 7 1 2 1 2 0 */ -+982, /* OBJ_id_tc26_gost_3410_2012_512_paramSetA 1 2 643 7 1 2 1 2 1 */ -+983, /* OBJ_id_tc26_gost_3410_2012_512_paramSetB 1 2 643 7 1 2 1 2 2 */ -+987, /* OBJ_id_tc26_gost_28147_param_Z 1 2 643 7 1 2 5 1 1 */ - 108, /* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */ - 112, /* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */ - 782, /* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */ -diff -Nuar openssl-1.0.2d/crypto/objects/objects.txt openssl-work/crypto/objects/objects.txt ---- openssl-1.0.2d/crypto/objects/objects.txt 2015-07-09 15:57:15.000000000 +0400 -+++ openssl-work/crypto/objects/objects.txt 2015-02-25 12:45:41.000000000 +0400 -@@ -1156,6 +1156,7 @@ - - member-body 643 2 2 : cryptopro - member-body 643 2 9 : cryptocom -+member-body 643 7 1 : id-tc26 - - cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 - cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 -@@ -1169,8 +1170,10 @@ - !Cname id-Gost28147-89 - cryptopro 21 : gost89 : GOST 28147-89 - : gost89-cnt -+ : gost89-cnt-12 - !Cname id-Gost28147-89-MAC - cryptopro 22 : gost-mac : GOST 28147-89 MAC -+ : gost-mac-12 - !Cname id-GostR3411-94-prf - cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF - cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH -@@ -1229,6 +1232,52 @@ - - cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom - -+# TC26 GOST OIDs -+ -+id-tc26 1 : id-tc26-algorithms -+id-tc26-algorithms 1 : id-tc26-sign -+!Cname id-GostR3410-2012-256 -+id-tc26-sign 1 : gost2012_256: GOST R 34.10-2012 with 256 bit modulus -+!Cname id-GostR3410-2012-512 -+id-tc26-sign 2 : gost2012_512: GOST R 34.10-2012 with 512 bit modulus -+ -+id-tc26-algorithms 2 : id-tc26-digest -+!Cname id-GostR3411-2012-256 -+id-tc26-digest 2 : md_gost12_256: GOST R 34.11-2012 with 256 bit hash -+!Cname id-GostR3411-2012-512 -+id-tc26-digest 3 : md_gost12_512: GOST R 34.11-2012 with 512 bit hash -+ -+id-tc26-algorithms 3 : id-tc26-signwithdigest -+id-tc26-signwithdigest 2: id-tc26-signwithdigest-gost3410-2012-256: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit) -+id-tc26-signwithdigest 3: id-tc26-signwithdigest-gost3410-2012-512: GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit) -+ -+id-tc26-algorithms 4 : id-tc26-mac -+id-tc26-mac 1 : id-tc26-hmac-gost-3411-2012-256 : HMAC GOST 34.11-2012 256 bit -+id-tc26-mac 2 : id-tc26-hmac-gost-3411-2012-512 : HMAC GOST 34.11-2012 512 bit -+ -+id-tc26-algorithms 5 : id-tc26-cipher -+ -+id-tc26-algorithms 6 : id-tc26-agreement -+id-tc26-agreement 1 : id-tc26-agreement-gost-3410-2012-256 -+id-tc26-agreement 2 : id-tc26-agreement-gost-3410-2012-512 -+ -+id-tc26 2 : id-tc26-constants -+ -+id-tc26-constants 1 : id-tc26-sign-constants -+id-tc26-sign-constants 2: id-tc26-gost-3410-2012-512-constants -+id-tc26-gost-3410-2012-512-constants 0 : id-tc26-gost-3410-2012-512-paramSetTest: GOST R 34.10-2012 (512 bit) testing parameter set -+id-tc26-gost-3410-2012-512-constants 1 : id-tc26-gost-3410-2012-512-paramSetA: GOST R 34.10-2012 (512 bit) ParamSet A -+id-tc26-gost-3410-2012-512-constants 2 : id-tc26-gost-3410-2012-512-paramSetB: GOST R 34.10-2012 (512 bit) ParamSet B -+ -+id-tc26-constants 2 : id-tc26-digest-constants -+id-tc26-constants 5 : id-tc26-cipher-constants -+id-tc26-cipher-constants 1 : id-tc26-gost-28147-constants -+id-tc26-gost-28147-constants 1 : id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 parameter set -+ -+member-body 643 3 131 1 1 : INN : INN -+member-body 643 100 1 : OGRN : OGRN -+member-body 643 100 3 : SNILS : SNILS -+ - # Definitions for Camellia cipher - CBC MODE - - 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc -diff -Nuar openssl-1.0.2d/crypto/objects/obj_mac.h openssl-work/crypto/objects/obj_mac.h ---- openssl-1.0.2d/crypto/objects/obj_mac.h 2015-07-09 15:58:04.000000000 +0400 -+++ openssl-work/crypto/objects/obj_mac.h 2015-03-26 13:00:22.000000000 +0400 -@@ -3678,6 +3678,10 @@ - #define NID_cryptocom 806 - #define OBJ_cryptocom OBJ_member_body,643L,2L,9L - -+#define SN_id_tc26 "id-tc26" -+#define NID_id_tc26 958 -+#define OBJ_id_tc26 OBJ_member_body,643L,7L,1L -+ - #define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001" - #define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001" - #define NID_id_GostR3411_94_with_GostR3410_2001 807 -@@ -3716,11 +3720,17 @@ - #define SN_gost89_cnt "gost89-cnt" - #define NID_gost89_cnt 814 - -+#define SN_gost89_cnt_12 "gost89-cnt-12" -+#define NID_gost89_cnt_12 959 -+ - #define SN_id_Gost28147_89_MAC "gost-mac" - #define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" - #define NID_id_Gost28147_89_MAC 815 - #define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L - -+#define SN_gost_mac_12 "gost-mac-12" -+#define NID_gost_mac_12 960 -+ - #define SN_id_GostR3411_94_prf "prf-gostr3411-94" - #define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" - #define NID_id_GostR3411_94_prf 816 -@@ -3886,6 +3896,141 @@ - #define NID_id_GostR3410_2001_ParamSet_cc 854 - #define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L - -+#define SN_id_tc26_algorithms "id-tc26-algorithms" -+#define NID_id_tc26_algorithms 961 -+#define OBJ_id_tc26_algorithms OBJ_id_tc26,1L -+ -+#define SN_id_tc26_sign "id-tc26-sign" -+#define NID_id_tc26_sign 962 -+#define OBJ_id_tc26_sign OBJ_id_tc26_algorithms,1L -+ -+#define SN_id_GostR3410_2012_256 "gost2012_256" -+#define LN_id_GostR3410_2012_256 "GOST R 34.10-2012 with 256 bit modulus" -+#define NID_id_GostR3410_2012_256 963 -+#define OBJ_id_GostR3410_2012_256 OBJ_id_tc26_sign,1L -+ -+#define SN_id_GostR3410_2012_512 "gost2012_512" -+#define LN_id_GostR3410_2012_512 "GOST R 34.10-2012 with 512 bit modulus" -+#define NID_id_GostR3410_2012_512 964 -+#define OBJ_id_GostR3410_2012_512 OBJ_id_tc26_sign,2L -+ -+#define SN_id_tc26_digest "id-tc26-digest" -+#define NID_id_tc26_digest 965 -+#define OBJ_id_tc26_digest OBJ_id_tc26_algorithms,2L -+ -+#define SN_id_GostR3411_2012_256 "md_gost12_256" -+#define LN_id_GostR3411_2012_256 "GOST R 34.11-2012 with 256 bit hash" -+#define NID_id_GostR3411_2012_256 966 -+#define OBJ_id_GostR3411_2012_256 OBJ_id_tc26_digest,2L -+ -+#define SN_id_GostR3411_2012_512 "md_gost12_512" -+#define LN_id_GostR3411_2012_512 "GOST R 34.11-2012 with 512 bit hash" -+#define NID_id_GostR3411_2012_512 967 -+#define OBJ_id_GostR3411_2012_512 OBJ_id_tc26_digest,3L -+ -+#define SN_id_tc26_signwithdigest "id-tc26-signwithdigest" -+#define NID_id_tc26_signwithdigest 968 -+#define OBJ_id_tc26_signwithdigest OBJ_id_tc26_algorithms,3L -+ -+#define SN_id_tc26_signwithdigest_gost3410_2012_256 "id-tc26-signwithdigest-gost3410-2012-256" -+#define LN_id_tc26_signwithdigest_gost3410_2012_256 "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)" -+#define NID_id_tc26_signwithdigest_gost3410_2012_256 969 -+#define OBJ_id_tc26_signwithdigest_gost3410_2012_256 OBJ_id_tc26_signwithdigest,2L -+ -+#define SN_id_tc26_signwithdigest_gost3410_2012_512 "id-tc26-signwithdigest-gost3410-2012-512" -+#define LN_id_tc26_signwithdigest_gost3410_2012_512 "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)" -+#define NID_id_tc26_signwithdigest_gost3410_2012_512 970 -+#define OBJ_id_tc26_signwithdigest_gost3410_2012_512 OBJ_id_tc26_signwithdigest,3L -+ -+#define SN_id_tc26_mac "id-tc26-mac" -+#define NID_id_tc26_mac 971 -+#define OBJ_id_tc26_mac OBJ_id_tc26_algorithms,4L -+ -+#define SN_id_tc26_hmac_gost_3411_2012_256 "id-tc26-hmac-gost-3411-2012-256" -+#define LN_id_tc26_hmac_gost_3411_2012_256 "HMAC GOST 34.11-2012 256 bit" -+#define NID_id_tc26_hmac_gost_3411_2012_256 972 -+#define OBJ_id_tc26_hmac_gost_3411_2012_256 OBJ_id_tc26_mac,1L -+ -+#define SN_id_tc26_hmac_gost_3411_2012_512 "id-tc26-hmac-gost-3411-2012-512" -+#define LN_id_tc26_hmac_gost_3411_2012_512 "HMAC GOST 34.11-2012 512 bit" -+#define NID_id_tc26_hmac_gost_3411_2012_512 973 -+#define OBJ_id_tc26_hmac_gost_3411_2012_512 OBJ_id_tc26_mac,2L -+ -+#define SN_id_tc26_cipher "id-tc26-cipher" -+#define NID_id_tc26_cipher 974 -+#define OBJ_id_tc26_cipher OBJ_id_tc26_algorithms,5L -+ -+#define SN_id_tc26_agreement "id-tc26-agreement" -+#define NID_id_tc26_agreement 975 -+#define OBJ_id_tc26_agreement OBJ_id_tc26_algorithms,6L -+ -+#define SN_id_tc26_agreement_gost_3410_2012_256 "id-tc26-agreement-gost-3410-2012-256" -+#define NID_id_tc26_agreement_gost_3410_2012_256 976 -+#define OBJ_id_tc26_agreement_gost_3410_2012_256 OBJ_id_tc26_agreement,1L -+ -+#define SN_id_tc26_agreement_gost_3410_2012_512 "id-tc26-agreement-gost-3410-2012-512" -+#define NID_id_tc26_agreement_gost_3410_2012_512 977 -+#define OBJ_id_tc26_agreement_gost_3410_2012_512 OBJ_id_tc26_agreement,2L -+ -+#define SN_id_tc26_constants "id-tc26-constants" -+#define NID_id_tc26_constants 978 -+#define OBJ_id_tc26_constants OBJ_id_tc26,2L -+ -+#define SN_id_tc26_sign_constants "id-tc26-sign-constants" -+#define NID_id_tc26_sign_constants 979 -+#define OBJ_id_tc26_sign_constants OBJ_id_tc26_constants,1L -+ -+#define SN_id_tc26_gost_3410_2012_512_constants "id-tc26-gost-3410-2012-512-constants" -+#define NID_id_tc26_gost_3410_2012_512_constants 980 -+#define OBJ_id_tc26_gost_3410_2012_512_constants OBJ_id_tc26_sign_constants,2L -+ -+#define SN_id_tc26_gost_3410_2012_512_paramSetTest "id-tc26-gost-3410-2012-512-paramSetTest" -+#define LN_id_tc26_gost_3410_2012_512_paramSetTest "GOST R 34.10-2012 (512 bit) testing parameter set" -+#define NID_id_tc26_gost_3410_2012_512_paramSetTest 981 -+#define OBJ_id_tc26_gost_3410_2012_512_paramSetTest OBJ_id_tc26_gost_3410_2012_512_constants,0L -+ -+#define SN_id_tc26_gost_3410_2012_512_paramSetA "id-tc26-gost-3410-2012-512-paramSetA" -+#define LN_id_tc26_gost_3410_2012_512_paramSetA "GOST R 34.10-2012 (512 bit) ParamSet A" -+#define NID_id_tc26_gost_3410_2012_512_paramSetA 982 -+#define OBJ_id_tc26_gost_3410_2012_512_paramSetA OBJ_id_tc26_gost_3410_2012_512_constants,1L -+ -+#define SN_id_tc26_gost_3410_2012_512_paramSetB "id-tc26-gost-3410-2012-512-paramSetB" -+#define LN_id_tc26_gost_3410_2012_512_paramSetB "GOST R 34.10-2012 (512 bit) ParamSet B" -+#define NID_id_tc26_gost_3410_2012_512_paramSetB 983 -+#define OBJ_id_tc26_gost_3410_2012_512_paramSetB OBJ_id_tc26_gost_3410_2012_512_constants,2L -+ -+#define SN_id_tc26_digest_constants "id-tc26-digest-constants" -+#define NID_id_tc26_digest_constants 984 -+#define OBJ_id_tc26_digest_constants OBJ_id_tc26_constants,2L -+ -+#define SN_id_tc26_cipher_constants "id-tc26-cipher-constants" -+#define NID_id_tc26_cipher_constants 985 -+#define OBJ_id_tc26_cipher_constants OBJ_id_tc26_constants,5L -+ -+#define SN_id_tc26_gost_28147_constants "id-tc26-gost-28147-constants" -+#define NID_id_tc26_gost_28147_constants 986 -+#define OBJ_id_tc26_gost_28147_constants OBJ_id_tc26_cipher_constants,1L -+ -+#define SN_id_tc26_gost_28147_param_Z "id-tc26-gost-28147-param-Z" -+#define LN_id_tc26_gost_28147_param_Z "GOST 28147-89 TC26 parameter set" -+#define NID_id_tc26_gost_28147_param_Z 987 -+#define OBJ_id_tc26_gost_28147_param_Z OBJ_id_tc26_gost_28147_constants,1L -+ -+#define SN_INN "INN" -+#define LN_INN "INN" -+#define NID_INN 988 -+#define OBJ_INN OBJ_member_body,643L,3L,131L,1L,1L -+ -+#define SN_OGRN "OGRN" -+#define LN_OGRN "OGRN" -+#define NID_OGRN 989 -+#define OBJ_OGRN OBJ_member_body,643L,100L,1L -+ -+#define SN_SNILS "SNILS" -+#define LN_SNILS "SNILS" -+#define NID_SNILS 990 -+#define OBJ_SNILS OBJ_member_body,643L,100L,3L -+ - #define SN_camellia_128_cbc "CAMELLIA-128-CBC" - #define LN_camellia_128_cbc "camellia-128-cbc" - #define NID_camellia_128_cbc 751 -diff -Nuar openssl-1.0.2d/crypto/objects/obj_mac.num openssl-work/crypto/objects/obj_mac.num ---- openssl-1.0.2d/crypto/objects/obj_mac.num 2015-07-09 15:58:03.000000000 +0400 -+++ openssl-work/crypto/objects/obj_mac.num 2015-02-25 12:49:43.000000000 +0400 -@@ -955,3 +955,36 @@ - jurisdictionLocalityName 955 - jurisdictionStateOrProvinceName 956 - jurisdictionCountryName 957 -+id_tc26 958 -+gost89_cnt_12 959 -+gost_mac_12 960 -+id_tc26_algorithms 961 -+id_tc26_sign 962 -+id_GostR3410_2012_256 963 -+id_GostR3410_2012_512 964 -+id_tc26_digest 965 -+id_GostR3411_2012_256 966 -+id_GostR3411_2012_512 967 -+id_tc26_signwithdigest 968 -+id_tc26_signwithdigest_gost3410_2012_256 969 -+id_tc26_signwithdigest_gost3410_2012_512 970 -+id_tc26_mac 971 -+id_tc26_hmac_gost_3411_2012_256 972 -+id_tc26_hmac_gost_3411_2012_512 973 -+id_tc26_cipher 974 -+id_tc26_agreement 975 -+id_tc26_agreement_gost_3410_2012_256 976 -+id_tc26_agreement_gost_3410_2012_512 977 -+id_tc26_constants 978 -+id_tc26_sign_constants 979 -+id_tc26_gost_3410_2012_512_constants 980 -+id_tc26_gost_3410_2012_512_paramSetTest 981 -+id_tc26_gost_3410_2012_512_paramSetA 982 -+id_tc26_gost_3410_2012_512_paramSetB 983 -+id_tc26_digest_constants 984 -+id_tc26_cipher_constants 985 -+id_tc26_gost_28147_constants 986 -+id_tc26_gost_28147_param_Z 987 -+INN 988 -+OGRN 989 -+SNILS 990 -diff -Nuar openssl-1.0.2d/crypto/objects/obj_xref.h openssl-work/crypto/objects/obj_xref.h ---- openssl-1.0.2d/crypto/objects/obj_xref.h 2015-07-09 16:02:55.000000000 +0400 -+++ openssl-work/crypto/objects/obj_xref.h 2015-03-26 13:00:21.000000000 +0400 -@@ -56,6 +56,10 @@ - NID_dh_cofactor_kdf}, - {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, - NID_dh_cofactor_kdf}, -+ {NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_GostR3411_2012_256, -+ NID_id_GostR3410_2012_256}, -+ {NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_GostR3411_2012_512, -+ NID_id_GostR3410_2012_512}, - }; - - static const nid_triple *const sigoid_srt_xref[] = { -@@ -96,4 +100,6 @@ - &sigoid_srt[26], - &sigoid_srt[27], - &sigoid_srt[28], -+ &sigoid_srt[40], -+ &sigoid_srt[41], - }; -diff -Nuar openssl-1.0.2d/crypto/objects/obj_xref.txt openssl-work/crypto/objects/obj_xref.txt ---- openssl-1.0.2d/crypto/objects/obj_xref.txt 2015-07-09 15:57:15.000000000 +0400 -+++ openssl-work/crypto/objects/obj_xref.txt 2015-02-24 15:22:17.000000000 +0400 -@@ -44,6 +44,8 @@ - id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94 - id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc - id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc -+id_tc26_signwithdigest_gost3410_2012_256 id_GostR3411_2012_256 id_GostR3410_2012_256 -+id_tc26_signwithdigest_gost3410_2012_512 id_GostR3411_2012_512 id_GostR3410_2012_512 - # ECDH KDFs and their corresponding message digests and schemes - dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf - dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf - diff --git a/patches/1.0.2/pkcs12.diff b/patches/1.0.2/pkcs12.diff deleted file mode 100644 index f6267ba..0000000 --- a/patches/1.0.2/pkcs12.diff +++ /dev/null @@ -1,78 +0,0 @@ -diff -Nuar openssl-1.0.2d/crypto/evp/evp_pbe.c openssl-work/crypto/evp/evp_pbe.c ---- openssl-1.0.2d/crypto/evp/evp_pbe.c 2015-07-09 15:53:21.000000000 +0400 -+++ openssl-work/crypto/evp/evp_pbe.c 2015-03-26 13:00:21.000000000 +0400 -@@ -121,6 +121,10 @@ - {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0}, - {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0}, - {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0}, -+ {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_256, -1, -+ NID_id_GostR3411_2012_256, 0}, -+ {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1, -+ NID_id_GostR3411_2012_512, 0}, - }; - - #ifdef TEST -diff -Nuar openssl-1.0.2d/crypto/pkcs12/p12_mutl.c openssl-work/crypto/pkcs12/p12_mutl.c ---- openssl-1.0.2d/crypto/pkcs12/p12_mutl.c 2015-07-09 15:53:21.000000000 +0400 -+++ openssl-work/crypto/pkcs12/p12_mutl.c 2015-06-17 14:48:18.000000000 +0400 -@@ -65,6 +65,28 @@ - # include - # include - -+# define TK26_MAC_KEY_LEN 32 -+ -+static int PKCS12_gen_gost_mac_key(const char *pass, int passlen, -+ const unsigned char *salt, int saltlen, -+ int iter, const EVP_MD *digest, int keylen, -+ unsigned char *key) -+{ -+ unsigned char out[96]; -+ -+ if (keylen != TK26_MAC_KEY_LEN) { -+ return 0; -+ } -+ -+ if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, -+ digest, 96, out)) { -+ return 0; -+ } -+ memcpy(key, out + 64, TK26_MAC_KEY_LEN); -+ OPENSSL_cleanse(out, 96); -+ return 1; -+} -+ - /* Generate a MAC */ - int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen) -@@ -73,7 +95,7 @@ - HMAC_CTX hmac; - unsigned char key[EVP_MAX_MD_SIZE], *salt; - int saltlen, iter; -- int md_size; -+ int md_size = 0; - - if (!PKCS7_type_is_data(p12->authsafes)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA); -@@ -93,8 +115,19 @@ - md_size = EVP_MD_size(md_type); - if (md_size < 0) - return 0; -- if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, -- md_size, key, md_type)) { -+ if ((md_type->type == NID_id_GostR3411_94 -+ || md_type->type == NID_id_GostR3411_2012_256 -+ || md_type->type == NID_id_GostR3411_2012_512) -+ && !getenv("LEGACY_GOST_PKCS12")) { -+ md_size = TK26_MAC_KEY_LEN; -+ if (!PKCS12_gen_gost_mac_key(pass, passlen, salt, saltlen, iter, -+ md_type, md_size, key)) { -+ PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); -+ return 0; -+ } -+ } else -+ if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, -+ md_size, key, md_type)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR); - return 0; - } - diff --git a/patches/1.1.0/gost_ctrl.diff b/patches/1.1.0/gost_ctrl.diff deleted file mode 100644 index 997280f..0000000 --- a/patches/1.1.0/gost_ctrl.diff +++ /dev/null @@ -1,19 +0,0 @@ -diff --git a/include/openssl/evp.h b/include/openssl/evp.h -index f92f109..8b03407 100644 ---- a/include/openssl/evp.h -+++ b/include/openssl/evp.h -@@ -427,6 +427,14 @@ struct evp_cipher_st { - # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b - # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c - -+/* -+ * Russian GOST has some parameters defining its usage: -+ * S-blocks, key meshing, padding modes -+ */ -+#define EVP_CTRL_GOST_PARAMS 0x1d -+#define EVP_CTRL_GOST_KEY_MESHING 0x1e -+#define EVP_CTRL_GOST_PADDING 0x1f -+ - /* RFC 5246 defines additional data to be 13 bytes in length */ - # define EVP_AEAD_TLS1_AAD_LEN 13 -