tcl_tests: ca.try: Ignore openssl crl exit status for 'corrupted CRL' test

[openssl-gost/engine.git] / gost_pmeth.c

diff --git a/gost_pmeth.c b/gost_pmeth.c
index af92fbf93c3f85d05eddc9786dddbf7c51bf3c83..44bfc75ff9af52c5d6649abf22f15b165fec0ddd 100644 (file)
--- a/gost_pmeth.c
+++ b/gost_pmeth.c
@@ -39,6 +39,7 @@ static int pkey_gost_init(EVP_PKEY_CTX *ctx)
     if (pkey && EVP_PKEY_get0(pkey)) {
         switch (EVP_PKEY_base_id(pkey)) {
         case NID_id_GostR3410_2001:
+        case NID_id_GostR3410_2001DH:
         case NID_id_GostR3410_2012_256:
         case NID_id_GostR3410_2012_512:
             {
@@ -104,6 +105,7 @@ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
             switch (EVP_MD_type((const EVP_MD *)p2)) {
             case NID_id_GostR3411_94:
                 if (pkey_nid == NID_id_GostR3410_2001
+                    || pkey_nid == NID_id_GostR3410_2001DH
                     || pkey_nid == NID_id_GostR3410_94) {
                     pctx->md = (EVP_MD *)p2;
                     return 1;
@@ -148,10 +150,25 @@ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
         pctx->sign_param_nid = (int)p1;
         return 1;
     case EVP_PKEY_CTRL_SET_IV:
-        OPENSSL_assert(p2 != NULL);
+       if (p1 > sizeof(pctx->shared_ukm) || !p2) {
+           GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_UKM_NOT_SET);
+           return 0;
+       }
         memcpy(pctx->shared_ukm, p2, (int)p1);
         pctx->shared_ukm_size = p1;
         return 1;
+    case EVP_PKEY_CTRL_SET_VKO:
+       switch (p1) {
+           case 0: /* switch to KEG */
+           case NID_id_GostR3411_2012_256:
+           case NID_id_GostR3411_2012_512:
+               break;
+           default:
+               GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
+               return 0;
+       }
+        pctx->vko_dgst_nid = p1;
+        return 1;
   case EVP_PKEY_CTRL_CIPHER:
         switch (p1) {
           case NID_magma_ctr_acpkm:
@@ -168,7 +185,6 @@ static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
             pctx->cipher_nid = p1;
             return 1;
         }
-        return 1;
     case EVP_PKEY_CTRL_PEER_KEY:
         if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
             return 1;
@@ -202,6 +218,19 @@ static int pkey_gost_ec_ctrl_str_common(EVP_PKEY_CTX *ctx,
     OPENSSL_free(tmp);
 
     return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_IV, len, ukm_buf);
+  } else if (strcmp(type, vko_ctrl_string) == 0) {
+      int bits = atoi(value);
+      int vko_dgst_nid = 0;
+
+      if (bits == 256)
+         vko_dgst_nid = NID_id_GostR3411_2012_256;
+      else if (bits == 512)
+         vko_dgst_nid = NID_id_GostR3411_2012_512;
+      else if (bits != 0) {
+         GOSTerr(GOST_F_PKEY_GOST_EC_CTRL_STR_COMMON, GOST_R_INVALID_DIGEST_TYPE);
+         return 0;
+      }
+      return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_VKO, vko_dgst_nid, NULL);
   }
   return -2;
 }
@@ -464,6 +493,7 @@ static int pkey_gost_ec_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
 
     switch (EVP_PKEY_base_id(pkey)) {
     case NID_id_GostR3410_2001:
+    case NID_id_GostR3410_2001DH:
     case NID_id_GostR3410_2012_256:
         order = 64;
         break;
@@ -1021,6 +1051,7 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
 
     switch (id) {
     case NID_id_GostR3410_2001:
+    case NID_id_GostR3410_2001DH:
         EVP_PKEY_meth_set_ctrl(*pmeth,
                                pkey_gost_ctrl, pkey_gost_ec_ctrl_str_256);
         EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost_ec_cp_sign);