1 /**********************************************************************
3 * Copyright (c) 2005-2006 Cryptocom LTD *
4 * This file is distributed under the same license as OpenSSL *
6 * Implementation of RFC 4490/4491 ASN1 method *
8 * Requires OpenSSL 0.9.9 for compilation *
9 **********************************************************************/
11 #include <openssl/crypto.h>
12 #include <openssl/err.h>
13 #include <openssl/engine.h>
14 #include <openssl/evp.h>
15 #include <openssl/asn1.h>
16 #ifndef OPENSSL_NO_CMS
17 # include <openssl/cms.h>
20 #include "e_gost_err.h"
22 #define PK_WRAP_PARAM "LEGACY_PK_WRAP"
25 * Pack bignum into byte buffer of given size, filling all leading bytes by
28 int store_bignum(const BIGNUM *bn, unsigned char *buf, int len)
30 int bytes = BN_num_bytes(bn);
35 BN_bn2bin(bn, buf + len - bytes);
39 static int pkey_bits_gost(const EVP_PKEY *pk)
44 switch (EVP_PKEY_base_id(pk)) {
45 case NID_id_GostR3410_2001:
46 case NID_id_GostR3410_2012_256:
48 case NID_id_GostR3410_2012_512:
55 static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
57 ASN1_STRING *params = ASN1_STRING_new();
58 GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
59 int pkey_param_nid = NID_undef;
60 void *key_ptr = EVP_PKEY_get0((EVP_PKEY *)key);
63 if (!params || !gkp) {
64 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
67 switch (EVP_PKEY_base_id(key)) {
68 case NID_id_GostR3410_2012_256:
69 pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(key_ptr));
70 switch (pkey_param_nid) {
71 case NID_id_GostR3410_2001_TestParamSet:
72 case NID_id_GostR3410_2001_CryptoPro_A_ParamSet:
73 case NID_id_GostR3410_2001_CryptoPro_B_ParamSet:
74 case NID_id_GostR3410_2001_CryptoPro_C_ParamSet:
75 case NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet:
76 case NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet:
77 gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_2012_256);
80 case NID_id_GostR3410_2012_512:
81 pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(key_ptr));
83 case NID_id_GostR3410_2001:
84 pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(key_ptr));
85 gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
89 if (pkey_param_nid == NID_undef) {
90 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, GOST_R_INVALID_PARAMSET);
94 gkp->key_params = OBJ_nid2obj(pkey_param_nid);
96 * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);
98 params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data);
99 if (params->length <= 0) {
100 GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
103 params->type = V_ASN1_SEQUENCE;
107 GOST_KEY_PARAMS_free(gkp);
108 if (result == 0) { /* if error */
110 ASN1_STRING_free(params);
116 static int gost_decode_nid_params(EVP_PKEY *pkey, int pkey_nid, int param_nid)
118 void *key_ptr = EVP_PKEY_get0(pkey);
121 case NID_id_GostR3410_2012_256:
122 case NID_id_GostR3410_2012_512:
123 case NID_id_GostR3410_2001:
125 key_ptr = EC_KEY_new();
126 if (!EVP_PKEY_assign(pkey, pkey_nid, key_ptr)) {
127 EC_KEY_free(key_ptr);
131 return fill_GOST_EC_params(key_ptr, param_nid);
138 * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting
141 static int decode_gost_algor_params(EVP_PKEY *pkey,
142 const X509_ALGOR *palg)
144 const ASN1_OBJECT *palg_obj = NULL;
145 int ptype = V_ASN1_UNDEF;
146 int pkey_nid = NID_undef, param_nid = NID_undef;
147 ASN1_STRING *pval = NULL;
148 const unsigned char *p;
149 GOST_KEY_PARAMS *gkp = NULL;
153 X509_ALGOR_get0(&palg_obj, &ptype, (const void **)&pval, palg);
154 if (ptype != V_ASN1_SEQUENCE) {
155 GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
156 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
160 pkey_nid = OBJ_obj2nid(palg_obj);
162 gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length);
164 GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
165 GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
168 param_nid = OBJ_obj2nid(gkp->key_params);
169 GOST_KEY_PARAMS_free(gkp);
170 if (!EVP_PKEY_set_type(pkey, pkey_nid)) {
171 GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR);
174 return gost_decode_nid_params(pkey, pkey_nid, param_nid);
177 static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv)
179 switch (EVP_PKEY_base_id(pkey)) {
180 case NID_id_GostR3410_2012_512:
181 case NID_id_GostR3410_2012_256:
182 case NID_id_GostR3410_2001:
184 EC_KEY *ec = EVP_PKEY_get0(pkey);
187 EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec);
189 if (!EC_KEY_set_private_key(ec, priv))
191 if (!EVP_PKEY_missing_parameters(pkey))
192 return gost_ec_compute_public(ec);
201 BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey)
203 switch (EVP_PKEY_base_id(pkey)) {
204 case NID_id_GostR3410_2012_512:
205 case NID_id_GostR3410_2012_256:
206 case NID_id_GostR3410_2001:
208 EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
210 return (BIGNUM *)EC_KEY_get0_private_key(ec);
220 static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
222 int nid = EVP_PKEY_base_id(pkey), md_nid = NID_undef;
223 X509_ALGOR *alg1 = NULL, *alg2 = NULL;
226 case NID_id_GostR3410_2012_512:
227 md_nid = NID_id_GostR3411_2012_512;
229 case NID_id_GostR3410_2012_256:
230 md_nid = NID_id_GostR3411_2012_256;
232 case NID_id_GostR3410_2001:
233 case NID_id_GostR3410_94:
234 md_nid = NID_id_GostR3411_94;
241 case ASN1_PKEY_CTRL_PKCS7_SIGN:
243 PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2, NULL,
245 X509_ALGOR_set0(alg1, OBJ_nid2obj(md_nid), V_ASN1_NULL, 0);
246 X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
249 #ifndef OPENSSL_NO_CMS
250 case ASN1_PKEY_CTRL_CMS_SIGN:
252 CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, NULL, NULL,
254 X509_ALGOR_set0(alg1, OBJ_nid2obj(md_nid), V_ASN1_NULL, 0);
255 X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
259 case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
261 ASN1_STRING *params = encode_gost_algor_params(pkey);
265 PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg1);
266 X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_id(pkey)),
267 V_ASN1_SEQUENCE, params);
270 #ifndef OPENSSL_NO_CMS
271 case ASN1_PKEY_CTRL_CMS_ENVELOPE:
273 ASN1_STRING *params = encode_gost_algor_params(pkey);
277 CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL,
279 X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_id(pkey)),
280 V_ASN1_SEQUENCE, params);
284 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
285 *(int *)arg2 = md_nid;
292 /* --------------------- free functions * ------------------------------*/
293 static void pkey_free_gost_ec(EVP_PKEY *key)
295 EC_KEY_free((EC_KEY *)EVP_PKEY_get0(key));
298 /* ------------------ private key functions -----------------------------*/
300 static BIGNUM *unmask_priv_key(EVP_PKEY *pk,
301 const unsigned char *buf, int len, int num_masks)
303 BIGNUM *pknum_masked = NULL, *q = NULL;
304 const EC_KEY *key_ptr = (pk) ? EVP_PKEY_get0(pk) : NULL;
305 const EC_GROUP *group = (key_ptr) ? EC_KEY_get0_group(key_ptr) : NULL;
307 pknum_masked = hashsum2bn(buf, len);
313 * XXX Remove sign by gost94
315 const unsigned char *p = buf + num_masks * len;
318 if (!q || !group || EC_GROUP_get_order(group, q, NULL) <= 0) {
319 BN_free(pknum_masked);
324 for (; p != buf; p -= len) {
325 BIGNUM *mask = hashsum2bn(p, len);
326 BN_CTX *ctx = BN_CTX_new();
328 BN_mod_mul(pknum_masked, pknum_masked, mask, q, ctx);
341 static int priv_decode_gost(EVP_PKEY *pk,
342 const PKCS8_PRIV_KEY_INFO *p8inf)
344 const unsigned char *pkey_buf = NULL, *p = NULL;
346 BIGNUM *pk_num = NULL;
348 const X509_ALGOR *palg = NULL;
349 const ASN1_OBJECT *palg_obj = NULL;
350 ASN1_INTEGER *priv_key = NULL;
351 int expected_key_len;
353 if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf))
356 if (!decode_gost_algor_params(pk, palg)) {
360 expected_key_len = pkey_bits_gost(pk) > 0 ? pkey_bits_gost(pk) / 8 : 0;
361 if (expected_key_len == 0) {
362 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
366 if (priv_len % expected_key_len == 0) {
367 /* Key is not wrapped but masked */
368 pk_num = unmask_priv_key(pk, pkey_buf, expected_key_len,
369 priv_len / expected_key_len - 1);
370 } else if (V_ASN1_OCTET_STRING == *p) {
371 /* New format - Little endian octet string */
372 ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
373 if (!s || ((s->length != 32) && (s->length != 64))) {
375 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
378 pk_num = hashsum2bn(s->data, s->length);
380 } else if (V_ASN1_INTEGER == *p) {
381 priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
383 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
386 pk_num = ASN1_INTEGER_to_BN(priv_key, NULL);
387 ASN1_INTEGER_free(priv_key);
388 } else if ((V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED) == *p) {
389 MASKED_GOST_KEY *mgk = NULL;
390 mgk = d2i_MASKED_GOST_KEY(NULL, &p, priv_len);
393 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
397 priv_len = mgk->masked_priv_key->length;
398 if (priv_len % expected_key_len) {
399 MASKED_GOST_KEY_free(mgk);
400 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
404 pk_num = unmask_priv_key(pk, mgk->masked_priv_key->data,
406 priv_len / expected_key_len - 1);
407 MASKED_GOST_KEY_free(mgk);
409 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
413 if (pk_num == NULL) {
414 GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
418 ret = gost_set_priv_key(pk, pk_num);
423 /* ----------------------------------------------------------------------*/
424 static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
426 ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
427 ASN1_STRING *params = NULL;
428 unsigned char *buf = NULL;
429 int key_len = pkey_bits_gost(pk), i = 0;
430 /* unmasked private key */
431 const char *pk_format = get_gost_engine_param(GOST_PARAM_PK_FORMAT);
433 key_len = (key_len < 0) ? 0 : key_len / 8;
434 if (key_len == 0 || !(buf = OPENSSL_malloc(key_len))) {
438 if (!store_bignum(gost_get0_priv_key(pk), buf, key_len)) {
443 params = encode_gost_algor_params(pk);
449 /* Convert buf to Little-endian */
450 for (i = 0; i < key_len / 2; i++) {
451 unsigned char tmp = buf[i];
452 buf[i] = buf[key_len - 1 - i];
453 buf[key_len - 1 - i] = tmp;
456 if (pk_format != NULL && strcmp(pk_format, PK_WRAP_PARAM) == 0) {
457 ASN1_STRING *octet = NULL;
459 unsigned char *priv_buf = NULL;
460 octet = ASN1_STRING_new();
461 if (!octet || !ASN1_OCTET_STRING_set(octet, buf, key_len)) {
462 ASN1_STRING_free(octet);
463 ASN1_STRING_free(params);
467 priv_len = i2d_ASN1_OCTET_STRING(octet, &priv_buf);
468 ASN1_STRING_free(octet);
471 return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
475 return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
479 /* --------- printing keys --------------------------------*/
480 static int print_gost_priv(BIO *out, const EVP_PKEY *pkey, int indent)
484 if (!BIO_indent(out, indent, 128))
486 BIO_printf(out, "Private key: ");
487 key = gost_get0_priv_key(pkey);
489 BIO_printf(out, "<undefined>");
492 BIO_printf(out, "\n");
497 static int print_gost_ec_pub(BIO *out, const EVP_PKEY *pkey, int indent)
501 const EC_POINT *pubkey;
502 const EC_GROUP *group;
503 EC_KEY *key = (EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey);
508 GOSTerr(GOST_F_PRINT_GOST_EC_PUB, ERR_R_MALLOC_FAILURE);
515 pubkey = (key) ? EC_KEY_get0_public_key(key) : NULL;
516 group = (key) ? EC_KEY_get0_group(key) : NULL;
517 if (!pubkey || !group)
520 if (!EC_POINT_get_affine_coordinates(group, pubkey, X, Y, ctx)) {
521 GOSTerr(GOST_F_PRINT_GOST_EC_PUB, ERR_R_EC_LIB);
524 if (!BIO_indent(out, indent, 128))
526 BIO_printf(out, "Public key:\n");
527 if (!BIO_indent(out, indent + 3, 128))
529 BIO_printf(out, "X:");
531 BIO_printf(out, "\n");
532 if (!BIO_indent(out, indent + 3, 128))
534 BIO_printf(out, "Y:");
536 BIO_printf(out, "\n");
545 static int print_gost_ec_param(BIO *out, const EVP_PKEY *pkey, int indent)
547 EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
548 const EC_GROUP *group = (ec) ? EC_KEY_get0_group(ec) : NULL;
554 param_nid = EC_GROUP_get_curve_name(group);
555 if (!BIO_indent(out, indent, 128))
557 BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
562 static int print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
563 ASN1_PCTX *pctx, int type)
566 if (print_gost_priv(out, pkey, indent) == 0)
570 if (print_gost_ec_pub(out, pkey, indent) == 0)
574 return print_gost_ec_param(out, pkey, indent);
577 static int param_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
580 return print_gost_ec(out, pkey, indent, pctx, 0);
583 static int pub_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
586 return print_gost_ec(out, pkey, indent, pctx, 1);
589 static int priv_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
592 return print_gost_ec(out, pkey, indent, pctx, 2);
595 /* ---------------------------------------------------------------------*/
596 static int param_missing_gost_ec(const EVP_PKEY *pk)
598 const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
601 if (!EC_KEY_get0_group(ec))
606 static int param_copy_gost_ec(EVP_PKEY *to, const EVP_PKEY *from)
608 EC_KEY *eto = EVP_PKEY_get0(to);
609 const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
610 if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
611 GOSTerr(GOST_F_PARAM_COPY_GOST_EC, GOST_R_INCOMPATIBLE_ALGORITHMS);
615 GOSTerr(GOST_F_PARAM_COPY_GOST_EC, GOST_R_KEY_PARAMETERS_MISSING);
621 GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_MALLOC_FAILURE);
624 if (!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) {
625 GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_INTERNAL_ERROR);
630 if (!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) {
631 GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_INTERNAL_ERROR);
634 if (EC_KEY_get0_private_key(eto)) {
635 return gost_ec_compute_public(eto);
640 static int param_cmp_gost_ec(const EVP_PKEY *a, const EVP_PKEY *b)
642 const EC_GROUP *group_a, *group_b;
643 EC_KEY *ec_a = EVP_PKEY_get0((EVP_PKEY *)a);
644 EC_KEY *ec_b = EVP_PKEY_get0((EVP_PKEY *)b);
648 group_a = EC_KEY_get0_group(ec_a);
649 group_b = EC_KEY_get0_group(ec_b);
650 if (!group_a || !group_b)
653 if (EC_GROUP_get_curve_name(group_a) == EC_GROUP_get_curve_name(group_b)) {
659 /* ---------- Public key functions * --------------------------------------*/
660 static int pub_decode_gost_ec(EVP_PKEY *pk, X509_PUBKEY *pub)
662 X509_ALGOR *palg = NULL;
663 const unsigned char *pubkey_buf = NULL;
664 unsigned char *databuf;
665 ASN1_OBJECT *palgobj = NULL;
669 ASN1_OCTET_STRING *octet = NULL;
671 const EC_GROUP *group;
673 if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub))
675 EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL);
676 if (!decode_gost_algor_params(pk, palg))
678 group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
679 octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
681 GOSTerr(GOST_F_PUB_DECODE_GOST_EC, ERR_R_MALLOC_FAILURE);
684 databuf = OPENSSL_malloc(octet->length);
685 if (databuf == NULL) {
686 GOSTerr(GOST_F_PUB_DECODE_GOST_EC, ERR_R_MALLOC_FAILURE);
687 ASN1_OCTET_STRING_free(octet);
691 BUF_reverse(databuf, octet->data, octet->length);
692 len = octet->length / 2;
693 ASN1_OCTET_STRING_free(octet);
695 Y = BN_bin2bn(databuf, len, NULL);
696 X = BN_bin2bn(databuf + len, len, NULL);
697 OPENSSL_free(databuf);
698 pub_key = EC_POINT_new(group);
699 if (!EC_POINT_set_affine_coordinates(group, pub_key, X, Y, NULL)) {
700 GOSTerr(GOST_F_PUB_DECODE_GOST_EC, ERR_R_EC_LIB);
701 EC_POINT_free(pub_key);
708 if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) {
709 GOSTerr(GOST_F_PUB_DECODE_GOST_EC, ERR_R_EC_LIB);
710 EC_POINT_free(pub_key);
713 EC_POINT_free(pub_key);
718 static int pub_encode_gost_ec(X509_PUBKEY *pub, const EVP_PKEY *pk)
720 ASN1_OBJECT *algobj = NULL;
721 ASN1_OCTET_STRING *octet = NULL;
723 unsigned char *buf = NULL, *databuf = NULL;
724 int data_len, ret = -1;
725 const EC_POINT *pub_key;
726 BIGNUM *X = NULL, *Y = NULL, *order = NULL;
727 const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
728 int ptype = V_ASN1_SEQUENCE;
731 algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
733 params = encode_gost_algor_params(pk);
738 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_MALLOC_FAILURE);
741 EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL);
742 pub_key = EC_KEY_get0_public_key(ec);
744 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, GOST_R_PUBLIC_KEY_UNDEFINED);
750 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_MALLOC_FAILURE);
753 if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(ec),
754 pub_key, X, Y, NULL)) {
755 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_INTERNAL_ERROR);
758 data_len = 2 * BN_num_bytes(order);
759 databuf = OPENSSL_zalloc(data_len);
760 if (databuf == NULL) {
761 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_MALLOC_FAILURE);
765 store_bignum(X, databuf + data_len / 2, data_len / 2);
766 store_bignum(Y, databuf, data_len / 2);
768 BUF_reverse(databuf, NULL, data_len);
770 octet = ASN1_OCTET_STRING_new();
772 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_MALLOC_FAILURE);
776 if (0 == ASN1_STRING_set(octet, databuf, data_len)) {
777 GOSTerr(GOST_F_PUB_ENCODE_GOST_EC, ERR_R_MALLOC_FAILURE);
781 ret = i2d_ASN1_OCTET_STRING(octet, &buf);
783 ASN1_BIT_STRING_free(octet);
791 OPENSSL_free(databuf);
795 return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
798 static int pub_cmp_gost_ec(const EVP_PKEY *a, const EVP_PKEY *b)
800 const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
801 const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
802 const EC_POINT *ka, *kb;
805 ka = EC_KEY_get0_public_key(ea);
806 kb = EC_KEY_get0_public_key(eb);
809 return (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL));
812 static int pkey_size_gost(const EVP_PKEY *pk)
817 switch (EVP_PKEY_base_id(pk)) {
818 case NID_id_GostR3410_94:
819 case NID_id_GostR3410_2001:
820 case NID_id_GostR3410_2012_256:
822 case NID_id_GostR3410_2012_512:
829 /* ---------------------- ASN1 METHOD for GOST MAC -------------------*/
830 static void mackey_free_gost(EVP_PKEY *pk)
832 OPENSSL_free(EVP_PKEY_get0(pk));
835 static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
838 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
840 *(int *)arg2 = NID_id_Gost28147_89_MAC;
847 static int mac_ctrl_gost_12(EVP_PKEY *pkey, int op, long arg1, void *arg2)
850 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
852 *(int *)arg2 = NID_gost_mac_12;
859 static int mac_ctrl_magma(EVP_PKEY *pkey, int op, long arg1, void *arg2)
862 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
864 *(int *)arg2 = NID_magma_mac;
871 static int mac_ctrl_grasshopper(EVP_PKEY *pkey, int op, long arg1, void *arg2)
874 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
876 *(int *)arg2 = NID_grasshopper_mac;
883 static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
886 EC_GROUP_get_curve_name(EC_KEY_get0_group
887 (EVP_PKEY_get0((EVP_PKEY *)pkey)));
888 return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
891 static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder,
894 ASN1_OBJECT *obj = NULL;
896 if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
899 nid = OBJ_obj2nid(obj);
900 ASN1_OBJECT_free(obj);
902 return gost_decode_nid_params(pkey, NID_id_GostR3410_2001, nid);
905 /* ----------------------------------------------------------------------*/
906 int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
907 const char *pemstr, const char *info)
909 *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
913 case NID_id_GostR3410_2001:
914 EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost_ec);
915 EVP_PKEY_asn1_set_private(*ameth,
916 priv_decode_gost, priv_encode_gost,
919 EVP_PKEY_asn1_set_param(*ameth,
920 gost2001_param_decode, gost2001_param_encode,
921 param_missing_gost_ec, param_copy_gost_ec,
922 param_cmp_gost_ec, param_print_gost_ec);
923 EVP_PKEY_asn1_set_public(*ameth,
924 pub_decode_gost_ec, pub_encode_gost_ec,
925 pub_cmp_gost_ec, pub_print_gost_ec,
926 pkey_size_gost, pkey_bits_gost);
928 EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
929 EVP_PKEY_asn1_set_security_bits(*ameth, pkey_bits_gost);
931 case NID_id_GostR3410_2012_256:
932 case NID_id_GostR3410_2012_512:
933 EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost_ec);
934 EVP_PKEY_asn1_set_private(*ameth,
935 priv_decode_gost, priv_encode_gost,
938 EVP_PKEY_asn1_set_param(*ameth,
940 param_missing_gost_ec, param_copy_gost_ec,
941 param_cmp_gost_ec, NULL);
943 EVP_PKEY_asn1_set_public(*ameth,
944 pub_decode_gost_ec, pub_encode_gost_ec,
945 pub_cmp_gost_ec, pub_print_gost_ec,
946 pkey_size_gost, pkey_bits_gost);
948 EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
949 EVP_PKEY_asn1_set_security_bits(*ameth, pkey_bits_gost);
951 case NID_id_Gost28147_89_MAC:
952 EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
953 EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost);
955 case NID_gost_mac_12:
956 EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
957 EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost_12);
960 EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
961 EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_magma);
963 case NID_grasshopper_mac:
964 EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
965 EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_grasshopper);
projects / openssl-gost / engine.git / blob