]> www.wagner.pp.ru Git - openssl-gost/engine.git/blob - gost_eng.c
projects / openssl-gost / engine.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
gost_crypt: Add magma_ctr_acpkm_omac_cipher
[openssl-gost/engine.git] / gost_eng.c
1 /**********************************************************************
2  *                          gost_eng.c                                *
3  *              Main file of GOST engine                              *
4  *                                                                    *
5  *             Copyright (c) 2005-2006 Cryptocom LTD                  *
6  *             Copyright (c) 2020 Chikunov Vitaly <vt@altlinux.org>   *
7  *                                                                    *
8  *       This file is distributed under the same license as OpenSSL   *
9  *                                                                    *
10  **********************************************************************/
11 #include <string.h>
12 #include <openssl/crypto.h>
13 #include <openssl/err.h>
14 #include <openssl/evp.h>
15 #include <openssl/engine.h>
16 #include <openssl/obj_mac.h>
17 #include "e_gost_err.h"
18 #include "gost_lcl.h"
19
20 #include "gost_grasshopper_cipher.h"
21
22 static const char* engine_gost_id = "gost";
23
24 static const char* engine_gost_name =
25         "Reference implementation of GOST engine";
26
27 /* Symmetric cipher and digest function registrar */
28
29 static int gost_ciphers(ENGINE* e, const EVP_CIPHER** cipher,
30                         const int** nids, int nid);
31
32 static int gost_digests(ENGINE* e, const EVP_MD** digest,
33                         const int** nids, int nid);
34
35 static int gost_pkey_meths(ENGINE* e, EVP_PKEY_METHOD** pmeth,
36                            const int** nids, int nid);
37
38 static int gost_pkey_asn1_meths(ENGINE* e, EVP_PKEY_ASN1_METHOD** ameth,
39                                 const int** nids, int nid);
40
41 static EVP_PKEY_METHOD* pmeth_GostR3410_2001 = NULL,
42         * pmeth_GostR3410_2012_256 = NULL,
43         * pmeth_GostR3410_2012_512 = NULL,
44         * pmeth_Gost28147_MAC = NULL, * pmeth_Gost28147_MAC_12 = NULL,
45         * pmeth_magma_mac = NULL,  * pmeth_grasshopper_mac = NULL,
46         * pmeth_magma_mac_acpkm = NULL,  * pmeth_grasshopper_mac_acpkm = NULL;
47
48 static EVP_PKEY_ASN1_METHOD* ameth_GostR3410_2001 = NULL,
49         * ameth_GostR3410_2012_256 = NULL,
50         * ameth_GostR3410_2012_512 = NULL,
51         * ameth_Gost28147_MAC = NULL, * ameth_Gost28147_MAC_12 = NULL,
52         * ameth_magma_mac = NULL,  * ameth_grasshopper_mac = NULL,
53         * ameth_magma_mac_acpkm = NULL,  * ameth_grasshopper_mac_acpkm = NULL;
54
55 static struct gost_digest_minfo {
56     int nid;
57     EVP_MD *(*digest)(void);
58     void (*destroy)(void);
59     const char *sn;
60     const char *alias;
61 } gost_digest_array[] = {
62     {
63         NID_id_GostR3411_94,
64         digest_gost,
65         digest_gost_destroy,
66     },
67     {
68         NID_id_Gost28147_89_MAC,
69         imit_gost_cpa,
70         imit_gost_cpa_destroy,
71     },
72     {
73         NID_id_GostR3411_2012_256,
74         digest_gost2012_256,
75         digest_gost2012_256_destroy,
76         SN_id_GostR3411_2012_256,
77         "streebog256",
78     },
79     {
80         NID_id_GostR3411_2012_512,
81         digest_gost2012_512,
82         digest_gost2012_512_destroy,
83         SN_id_GostR3411_2012_512,
84         "streebog512",
85     },
86     {
87         NID_gost_mac_12,
88         imit_gost_cp_12,
89         imit_gost_cp_12_destroy,
90     },
91     {
92         NID_magma_mac,
93         magma_omac,
94         magma_omac_destroy,
95     },
96     {
97         NID_grasshopper_mac,
98         grasshopper_omac,
99         grasshopper_omac_destroy,
100     },
101     {
102         NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
103         grasshopper_omac_acpkm,
104         grasshopper_omac_acpkm_destroy,
105     },
106     { 0 },
107 };
108
109 static struct gost_cipher_minfo {
110     int nid;
111     const EVP_CIPHER *(*cipher)(void);
112     GOST_cipher *reg;
113 } gost_cipher_array[] = {
114     {
115         NID_id_Gost28147_89,
116         NULL,
117         &Gost28147_89_cipher,
118     },
119     {
120         NID_gost89_cnt,
121         NULL,
122         &Gost28147_89_cnt_cipher,
123     },
124     {
125         NID_gost89_cnt_12,
126         NULL,
127         &Gost28147_89_cnt_12_cipher,
128     },
129     {
130         NID_gost89_cbc,
131         NULL,
132         &Gost28147_89_cbc_cipher,
133     },
134     {
135         NID_grasshopper_ecb,
136         cipher_gost_grasshopper_ecb,
137     },
138     {
139         NID_grasshopper_cbc,
140         cipher_gost_grasshopper_cbc,
141     },
142     {
143         NID_grasshopper_cfb,
144         cipher_gost_grasshopper_cfb,
145     },
146     {
147         NID_grasshopper_ofb,
148         cipher_gost_grasshopper_ofb,
149     },
150     {
151         NID_grasshopper_ctr,
152         cipher_gost_grasshopper_ctr,
153     },
154     {
155         NID_magma_cbc,
156         cipher_magma_cbc,
157     },
158     {
159         NID_magma_ctr,
160         NULL,
161         &magma_ctr_cipher,
162     },
163     {
164         NID_magma_ctr_acpkm,
165         NULL,
166         &magma_ctr_acpkm_cipher,
167     },
168     {
169         NID_magma_ctr_acpkm_omac,
170         NULL,
171         &magma_ctr_acpkm_omac_cipher,
172     },
173     {
174         NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm,
175         cipher_gost_grasshopper_ctracpkm,
176     },
177     {
178         NID_kuznyechik_ctr_acpkm_omac,
179         cipher_gost_grasshopper_ctracpkm_omac,
180     },
181     {
182         NID_magma_kexp15,
183         cipher_magma_wrap,
184     },
185     {
186         NID_kuznyechik_kexp15,
187         cipher_kuznyechik_wrap,
188     },
189     { 0 },
190 };
191
192 static struct gost_meth_minfo {
193     int nid;
194     EVP_PKEY_METHOD **pmeth;
195     EVP_PKEY_ASN1_METHOD **ameth;
196     const char *pemstr;
197     const char *info;
198 } gost_meth_array[] = {
199     {
200         NID_id_GostR3410_2001,
201         &pmeth_GostR3410_2001,
202         &ameth_GostR3410_2001,
203         "GOST2001",
204         "GOST R 34.10-2001",
205     },
206     {
207         NID_id_Gost28147_89_MAC,
208         &pmeth_Gost28147_MAC,
209         &ameth_Gost28147_MAC,
210         "GOST-MAC",
211         "GOST 28147-89 MAC",
212     },
213     {
214         NID_id_GostR3410_2012_256,
215         &pmeth_GostR3410_2012_256,
216         &ameth_GostR3410_2012_256,
217         "GOST2012_256",
218         "GOST R 34.10-2012 with 256 bit key",
219     },
220     {
221         NID_id_GostR3410_2012_512,
222         &pmeth_GostR3410_2012_512,
223         &ameth_GostR3410_2012_512,
224         "GOST2012_512",
225         "GOST R 34.10-2012 with 512 bit key",
226     },
227     {
228         NID_gost_mac_12,
229         &pmeth_Gost28147_MAC_12,
230         &ameth_Gost28147_MAC_12,
231         "GOST-MAC-12",
232         "GOST 28147-89 MAC with 2012 params",
233     },
234     {
235         NID_magma_mac,
236         &pmeth_magma_mac,
237         &ameth_magma_mac,
238         "MAGMA-MAC",
239         "GOST R 34.13-2015 Magma MAC",
240     },
241     {
242         NID_grasshopper_mac,
243         &pmeth_grasshopper_mac,
244         &ameth_grasshopper_mac,
245         "KUZNYECHIK-MAC",
246         "GOST R 34.13-2015 Grasshopper MAC",
247     },
248     {
249         NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac,
250         &pmeth_magma_mac_acpkm,
251         &ameth_magma_mac_acpkm,
252         "ID-TC26-CIPHER-GOSTR3412-2015-MAGMA-CTRACPKM-OMAC",
253         "GOST R 34.13-2015 Magma MAC ACPKM",
254     },
255     {
256         NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
257         &pmeth_grasshopper_mac_acpkm,
258         &ameth_grasshopper_mac_acpkm,
259         "ID-TC26-CIPHER-GOSTR3412-2015-KUZNYECHIK-CTRACPKM-OMAC",
260         "GOST R 34.13-2015 Grasshopper MAC ACPKM",
261     },
262     { 0 },
263 };
264
265 #ifndef OSSL_NELEM
266 # define OSSL_NELEM(x) (sizeof(x)/sizeof((x)[0]))
267 #endif
268
269 /* `- 1' because of terminating zero element */
270 static int known_digest_nids[OSSL_NELEM(gost_digest_array) - 1];
271 static int known_cipher_nids[OSSL_NELEM(gost_cipher_array) - 1];
272 static int known_meths_nids[OSSL_NELEM(gost_meth_array) - 1];
273
274 static int gost_engine_init(ENGINE* e) {
275     return 1;
276 }
277
278 static int gost_engine_finish(ENGINE* e) {
279     return 1;
280 }
281
282 static int gost_engine_destroy(ENGINE* e) {
283     struct gost_digest_minfo *dinfo = gost_digest_array;
284     for (; dinfo->nid; dinfo++) {
285         if (dinfo->alias)
286             EVP_delete_digest_alias(dinfo->alias);
287         dinfo->destroy();
288     }
289
290     struct gost_cipher_minfo *cinfo = gost_cipher_array;
291     for (; cinfo->nid; cinfo++) {
292         if (cinfo->reg)
293             GOST_deinit_cipher(cinfo->reg);
294         else
295             EVP_CIPHER_meth_free((EVP_CIPHER *)cinfo->cipher());
296     }
297
298     //cipher_gost_grasshopper_destroy();
299     //wrap_ciphers_destroy();
300
301     gost_param_free();
302
303     struct gost_meth_minfo *minfo = gost_meth_array;
304     for (; minfo->nid; minfo++) {
305         *minfo->pmeth = NULL;
306         *minfo->ameth = NULL;
307     }
308
309     ERR_unload_GOST_strings();
310
311     return 1;
312 }
313
314 static int bind_gost(ENGINE* e, const char* id) {
315     int ret = 0;
316     if (id != NULL && strcmp(id, engine_gost_id) != 0)
317         return 0;
318     if (ameth_GostR3410_2001) {
319         printf("GOST engine already loaded\n");
320         goto end;
321     }
322     if (!ENGINE_set_id(e, engine_gost_id)) {
323         printf("ENGINE_set_id failed\n");
324         goto end;
325     }
326     if (!ENGINE_set_name(e, engine_gost_name)) {
327         printf("ENGINE_set_name failed\n");
328         goto end;
329     }
330     if (!ENGINE_set_digests(e, gost_digests)) {
331         printf("ENGINE_set_digests failed\n");
332         goto end;
333     }
334     if (!ENGINE_set_ciphers(e, gost_ciphers)) {
335         printf("ENGINE_set_ciphers failed\n");
336         goto end;
337     }
338     if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) {
339         printf("ENGINE_set_pkey_meths failed\n");
340         goto end;
341     }
342     if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) {
343         printf("ENGINE_set_pkey_asn1_meths failed\n");
344         goto end;
345     }
346     /* Control function and commands */
347     if (!ENGINE_set_cmd_defns(e, gost_cmds)) {
348         fprintf(stderr, "ENGINE_set_cmd_defns failed\n");
349         goto end;
350     }
351     if (!ENGINE_set_ctrl_function(e, gost_control_func)) {
352         fprintf(stderr, "ENGINE_set_ctrl_func failed\n");
353         goto end;
354     }
355     if (!ENGINE_set_destroy_function(e, gost_engine_destroy)
356         || !ENGINE_set_init_function(e, gost_engine_init)
357         || !ENGINE_set_finish_function(e, gost_engine_finish)) {
358         goto end;
359     }
360
361     struct gost_meth_minfo *minfo = gost_meth_array;
362     for (; minfo->nid; minfo++) {
363
364         /* This skip looks temporary. */
365         if (minfo->nid == NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac)
366             continue;
367
368         if (!register_ameth_gost(minfo->nid, minfo->ameth, minfo->pemstr,
369                 minfo->info))
370             goto end;
371         if (!register_pmeth_gost(minfo->nid, minfo->pmeth, 0))
372             goto end;
373     }
374
375     if (!ENGINE_register_ciphers(e)
376         || !ENGINE_register_digests(e)
377         || !ENGINE_register_pkey_meths(e))
378         goto end;
379
380     struct gost_cipher_minfo *cinfo = gost_cipher_array;
381     for (; cinfo->nid; cinfo++) {
382         const EVP_CIPHER *cipher;
383
384         if (cinfo->reg)
385             cipher = GOST_init_cipher(cinfo->reg);
386         else
387             cipher = cinfo->cipher();
388         if (!EVP_add_cipher(cipher))
389             goto end;
390     }
391
392     struct gost_digest_minfo *dinfo = gost_digest_array;
393     for (; dinfo->nid; dinfo++) {
394         if (!EVP_add_digest(dinfo->digest()))
395             goto end;
396         if (dinfo->alias &&
397             !EVP_add_digest_alias(dinfo->sn, dinfo->alias))
398             goto end;
399     }
400
401     ENGINE_register_all_complete();
402
403     ERR_load_GOST_strings();
404     ret = 1;
405     end:
406     return ret;
407 }
408
409 #ifndef OPENSSL_NO_DYNAMIC_ENGINE
410 IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
411     IMPLEMENT_DYNAMIC_CHECK_FN()
412 #endif                          /* ndef OPENSSL_NO_DYNAMIC_ENGINE */
413
414 /* ENGINE_DIGESTS_PTR callback installed by ENGINE_set_digests */
415 static int gost_digests(ENGINE *e, const EVP_MD **digest,
416                         const int **nids, int nid)
417 {
418     struct gost_digest_minfo *info = gost_digest_array;
419
420     if (!digest) {
421         int *n = known_digest_nids;
422
423         *nids = n;
424         for (; info->nid; info++)
425             *n++ = info->nid;
426         return OSSL_NELEM(known_digest_nids);
427     }
428
429     for (; info->nid; info++)
430         if (nid == info->nid) {
431             *digest = info->digest();
432             return 1;
433         }
434     *digest = NULL;
435     return 0;
436 }
437
438 /* ENGINE_CIPHERS_PTR callback installed by ENGINE_set_ciphers */
439 static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
440                         const int **nids, int nid)
441 {
442     struct gost_cipher_minfo *info = gost_cipher_array;
443
444     if (!cipher) {
445         int *n = known_cipher_nids;
446
447         *nids = n;
448         for (; info->nid; info++)
449             *n++ = info->nid;
450         return OSSL_NELEM(known_cipher_nids);
451     }
452
453     for (; info->nid; info++)
454         if (nid == info->nid) {
455             if (info->reg)
456                 *cipher = GOST_init_cipher(info->reg);
457             else
458                 *cipher = info->cipher();
459             return 1;
460         }
461     *cipher = NULL;
462     return 0;
463 }
464
465 static int gost_meth_nids(const int **nids)
466 {
467     struct gost_meth_minfo *info = gost_meth_array;
468     int *n = known_meths_nids;
469
470     *nids = n;
471     for (; info->nid; info++)
472         *n++ = info->nid;
473     return OSSL_NELEM(known_meths_nids);
474 }
475
476 /* ENGINE_PKEY_METHS_PTR installed by ENGINE_set_pkey_meths */
477 static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
478                            const int **nids, int nid)
479 {
480     struct gost_meth_minfo *info;
481
482     if (!pmeth)
483         return gost_meth_nids(nids);
484
485     for (info = gost_meth_array; info->nid; info++)
486         if (nid == info->nid) {
487             *pmeth = *info->pmeth;
488             return 1;
489         }
490     *pmeth = NULL;
491     return 0;
492 }
493
494 /* ENGINE_PKEY_ASN1_METHS_PTR installed by ENGINE_set_pkey_asn1_meths */
495 static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
496                                 const int **nids, int nid)
497 {
498     struct gost_meth_minfo *info;
499
500     if (!ameth)
501         return gost_meth_nids(nids);
502
503     for (info = gost_meth_array; info->nid; info++)
504         if (nid == info->nid) {
505             *ameth = *info->ameth;
506             return 1;
507         }
508     *ameth = NULL;
509     return 0;
510 }
511
512 #ifdef OPENSSL_NO_DYNAMIC_ENGINE
513
514 static ENGINE* engine_gost(void) {
515     ENGINE* ret = ENGINE_new();
516     if (!ret)
517         return NULL;
518     if (!bind_gost(ret, engine_gost_id)) {
519         ENGINE_free(ret);
520         return NULL;
521     }
522     return ret;
523 }
524
525 void ENGINE_load_gost(void) {
526     ENGINE* toadd;
527     if (pmeth_GostR3410_2001)
528         return;
529     toadd = engine_gost();
530     if (!toadd)
531         return;
532     ENGINE_add(toadd);
533     ENGINE_free(toadd);
534     ERR_clear_error();
535 }
536
537 #endif
reference implementation of GOST algorithms for openssl