--- /dev/null
+sudo: required
+dist: trusty
+
+os: linux
+
+language: c
+
+env:
+ global:
+ - PREFIX=${HOME}/opt
+ - LD_LIBRARY_PATH=${PREFIX}/lib
+ - PATH=${PREFIX}/bin:${PATH}
+ - OPENSSL_ENGINES=${TRAVIS_BUILD_DIR}/bin
+
+matrix:
+ include:
+ - env: OPENSSL_BRANCH=master
+ os: linux
+ compiler: gcc
+ - env: OPENSSL_BRANCH=OpenSSL_1_1_0-stable
+ os: linux
+ compiler: gcc
+# - env: OPENSSL_BRANCH=OpenSSL_1_0_2-stable
+# os: linux
+# compiler: gcc
+
+before_script:
+ - git clone -b ${OPENSSL_BRANCH} https://github.com/openssl/openssl.git
+ - cd openssl
+ - ./config shared --prefix=${PREFIX} --openssldir=${PREFIX} && make all install_sw > build.log 2>&1 || (cat build.log && exit 1)
+ - cd ..
+
+script:
+ - cmake -DOPENSSL_ROOT_DIR=${PREFIX} -DOPENSSL_LIBRARIES=${PREFIX}/lib && make
+ - prove -v test/{00-engine.t,01-digest.t,02-mac.t,03-encrypt.t}
include(GNUInstallDirs)
-find_package(OpenSSL 1.1 REQUIRED)
+find_package(OpenSSL 1.0.2 REQUIRED)
include_directories(${OPENSSL_INCLUDE_DIR})
if (CMAKE_C_COMPILER_ID MATCHES "Clang")
* Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting
* NID and parameters
*/
-static int decode_gost_algor_params(EVP_PKEY *pkey, const X509_ALGOR *palg)
+static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg)
{
- const ASN1_OBJECT *palg_obj = NULL;
+ ASN1_OBJECT *palg_obj = NULL;
int ptype = V_ASN1_UNDEF;
int pkey_nid = NID_undef, param_nid = NID_undef;
ASN1_STRING *pval = NULL;
if (!pkey || !palg)
return 0;
- X509_ALGOR_get0(&palg_obj, &ptype, (const void **)&pval, palg);
+ X509_ALGOR_get0(&palg_obj, &ptype, (void **)&pval, palg);
if (ptype != V_ASN1_SEQUENCE) {
GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
GOST_R_BAD_KEY_PARAMETERS_FORMAT);
if (!EC_KEY_set_private_key(ec, priv))
return 0;
if (!EVP_PKEY_missing_parameters(pkey))
- gost_ec_compute_public(ec);
+ return gost_ec_compute_public(ec);
break;
}
default:
return pknum_masked;
}
-static int priv_decode_gost(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf)
+static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
{
const unsigned char *pkey_buf = NULL, *p = NULL;
int priv_len = 0;
BIGNUM *pk_num = NULL;
int ret = 0;
- const X509_ALGOR *palg = NULL;
- const ASN1_OBJECT *palg_obj = NULL;
+ X509_ALGOR *palg = NULL;
+ ASN1_OBJECT *palg_obj = NULL;
ASN1_INTEGER *priv_key = NULL;
int expected_key_len = 32;
}
static int gost_engine_destroy(ENGINE* e) {
- digest_gost_destroy();
- digest_gost2012_256_destroy();
- digest_gost2012_512_destroy();
-
- imit_gost_cpa_destroy();
- imit_gost_cp_12_destroy();
- magma_omac_destroy();
- grasshopper_omac_destroy();
-
- cipher_gost_destroy();
-
- gost_param_free();
-
- pmeth_GostR3410_2001 = NULL;
- pmeth_Gost28147_MAC = NULL;
- pmeth_GostR3410_2012_256 = NULL;
- pmeth_GostR3410_2012_512 = NULL;
- pmeth_Gost28147_MAC_12 = NULL;
- pmeth_magma_mac = NULL;
- pmeth_grasshopper_mac = NULL;
-
- ameth_GostR3410_2001 = NULL;
- ameth_Gost28147_MAC = NULL;
- ameth_GostR3410_2012_256 = NULL;
- ameth_GostR3410_2012_512 = NULL;
- ameth_Gost28147_MAC_12 = NULL;
- ameth_magma_mac = NULL;
- ameth_grasshopper_mac = NULL;
-
- ERR_unload_GOST_strings();
-
- return 1;
+ digest_gost_destroy();
+ digest_gost2012_256_destroy();
+ digest_gost2012_512_destroy();
+
+ imit_gost_cpa_destroy();
+ imit_gost_cp_12_destroy();
+ magma_omac_destroy();
+ grasshopper_omac_destroy();
+
+ cipher_gost_destroy();
+ cipher_gost_grasshopper_destroy();
+
+ gost_param_free();
+
+ pmeth_GostR3410_2001 = NULL;
+ pmeth_Gost28147_MAC = NULL;
+ pmeth_GostR3410_2012_256 = NULL;
+ pmeth_GostR3410_2012_512 = NULL;
+ pmeth_Gost28147_MAC_12 = NULL;
+ pmeth_magma_mac = NULL;
+ pmeth_grasshopper_mac = NULL;
+
+ ameth_GostR3410_2001 = NULL;
+ ameth_Gost28147_MAC = NULL;
+ ameth_GostR3410_2012_256 = NULL;
+ ameth_GostR3410_2012_512 = NULL;
+ ameth_Gost28147_MAC_12 = NULL;
+ ameth_magma_mac = NULL;
+ ameth_grasshopper_mac = NULL;
+
+ ERR_unload_GOST_strings();
+
+ return 1;
}
static int bind_gost(ENGINE* e, const char* id) {
return cipher_gost_grasshopper(EVP_CIPH_CTR_MODE, GRASSHOPPER_CIPHER_CTR);
}
+void cipher_gost_grasshopper_destroy(void)
+{
+ EVP_CIPHER_meth_free(gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_ECB]);
+ gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_ECB] = NULL;
+ EVP_CIPHER_meth_free(gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CBC]);
+ gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CBC] = NULL;
+ EVP_CIPHER_meth_free(gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_OFB]);
+ gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_OFB] = NULL;
+ EVP_CIPHER_meth_free(gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CFB]);
+ gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CFB] = NULL;
+ EVP_CIPHER_meth_free(gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CTR]);
+ gost_grasshopper_ciphers[GRASSHOPPER_CIPHER_CTR] = NULL;
+}
+
#if defined(__cplusplus)
}
#endif
extern const EVP_CIPHER* cipher_gost_grasshopper_cfb();
extern const EVP_CIPHER* cipher_gost_grasshopper_ctr();
+void cipher_gost_grasshopper_destroy(void);
+
#if defined(__cplusplus)
}
#endif
EVP_MD *md;
if ((md = EVP_MD_meth_new(NID_id_GostR3411_94, NID_undef)) == NULL
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
|| !EVP_MD_meth_set_result_size(md, 32)
|| !EVP_MD_meth_set_input_blocksize(md, 32)
|| !EVP_MD_meth_set_app_datasize(md,
if ((md =
EVP_MD_meth_new(NID_id_GostR3411_2012_256, NID_undef)) == NULL
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
|| !EVP_MD_meth_set_result_size(md, 32)
|| !EVP_MD_meth_set_input_blocksize(md, 64)
|| !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx))
if ((md =
EVP_MD_meth_new(NID_id_GostR3411_2012_512, NID_undef)) == NULL
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
|| !EVP_MD_meth_set_result_size(md, 64)
|| !EVP_MD_meth_set_input_blocksize(md, 64)
|| !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx))
--- /dev/null
+#!/usr/bin/perl
+use Test::More tests => 7;
+use Cwd 'abs_path';
+
+# prepare data for
+
+open F,">","testdata.dat";
+print F "12345670" x 128;
+close F;
+
+# Set OPENSSL_ENGINES environment variable to just built engine
+if(!defined $ENV{'OPENSSL_ENGINES'}){
+ $ENV{'OPENSSL_ENGINES'} = abs_path("../.libs");
+}
+
+$key='0123456789abcdef' x 2;
+
+#
+# You can redefine engine to use using ENGINE_NAME environment variable
+#
+$engine=$ENV{'ENGINE_NAME'}||"gost";
+
+# Reopen STDERR to eliminate extra output
+open STDERR, ">>","tests.err";
+
+if (exists $ENV{'OPENSSL_CONF'}) {
+ delete $ENV{'OPENSSL_CONF'}
+}
+#
+# This test needs output of openssl engine -c command.
+# Default one is hardcoded below, but you can place file
+# ${ENGINE_NAME}.info into this directory if you use this test suite
+# to test other engine implementing GOST cryptography.
+#
+if ( -f $engine . ".info") {
+ diag("Reading $engine.info");
+ open F, "<", $engine . ".info";
+ read F,$engine_info,1024;
+} else {
+
+$engine_info= <<EOINF;
+(gost) Reference implementation of GOST engine
+ [gost89, gost89-cnt, gost89-cnt-12, gost89-cbc, grasshopper-ecb, grasshopper-cbc, grasshopper-cfb, grasshopper-ofb, grasshopper-ctr, md_gost94, gost-mac, md_gost12_256, md_gost12_512, gost-mac-12, gost2001, gost-mac, gost2012_256, gost2012_512, gost-mac-12]
+EOINF
+}
+
+$ENV{'OPENSSL_CONF'}=abs_path("no_such_file.cfg");
+is(`openssl engine -c $engine`,
+$engine_info,
+"load engine without any config");
+
+is(`openssl dgst -engine $engine -md_gost94 testdata.dat`,
+"md_gost94(testdata.dat)= f7fc6d16a6a5c12ac4f7d320e0fd0d8354908699125e09727a4ef929122b1cae\n",
+"compute digest without config");
+
+
+open F,">","test.cnf";
+print F <<EOCFG;
+openssl_conf = openssl_def
+[openssl_def]
+engines = engines
+[engines]
+${engine}=gost_conf
+[gost_conf]
+default_algorithms = ALL
+
+EOCFG
+close F;
+$ENV{'OPENSSL_CONF'}=abs_path('test.cnf');
+
+is(`openssl engine -c $engine`,
+$engine_info,
+"load engine with config");
+
+is(`openssl dgst -md_gost94 testdata.dat`,
+"md_gost94(testdata.dat)= f7fc6d16a6a5c12ac4f7d320e0fd0d8354908699125e09727a4ef929122b1cae\n",
+"compute digest with config without explicit engine param");
+
+is(`openssl dgst -engine $engine -md_gost94 testdata.dat`,
+"md_gost94(testdata.dat)= f7fc6d16a6a5c12ac4f7d320e0fd0d8354908699125e09727a4ef929122b1cae\n",
+"compute digest with both config and explicit engine param");
+
+like(`openssl ciphers`, qr|GOST2001-GOST89-GOST89|, 'display GOST2001-GOST89-GOST89 cipher');
+
+like(`openssl ciphers`, qr|GOST2012-GOST8912-GOST8912|, 'display GOST2012-GOST8912-GOST8912 cipher');
+
+unlink('testdata.dat');
+unlink('test.cnf');
--- /dev/null
+#!/usr/bin/perl
+use Test::More tests => 16;
+use Cwd 'abs_path';
+
+# Set OPENSSL_ENGINES environment variable to just built engine
+if(!defined $ENV{'OPENSSL_ENGINES'}){
+ $ENV{'OPENSSL_ENGINES'} = abs_path("../.libs");
+}
+# Set engine name from environment to allow testing of different engines
+$engine=$ENV{'ENGINE_NAME'}||"gost";
+# Reopen STDERR to eliminate extra output
+open STDERR, ">>","tests.err";
+
+# prepare data for
+
+open F,">","testm1.dat";
+print F "012345678901234567890123456789012345678901234567890123456789012";
+close F;
+is(`openssl dgst -engine ${engine} -md_gost12_256 testm1.dat`,
+"md_gost12_256(testm1.dat)= 9d151eefd8590b89daa6ba6cb74af9275dd051026bb149a452fd84e5e57b5500\n",
+"GOST R 34.11-2012 256bit example 1 from standard");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 testm1.dat`,
+"md_gost12_512(testm1.dat)= 1b54d01a4af5b9d5cc3d86d68d285462b19abc2475222f35c085122be4ba1ffa00ad30f8767b3a82384c6574f024c311e2a481332b08ef7f41797891c1646f48\n",
+"GOST R 34.11-2012 512bit example 1 from standard");
+
+unlink("testm1.dat");
+
+open F,">","testm2.dat";
+print F pack("H*","d1e520e2e5f2f0e82c20d1f2f0e8e1eee6e820e2edf3f6e82c20e2e5fef2fa20f120eceef0ff20f1f2f0e5ebe0ece820ede020f5f0e0e1f0fbff20efebfaeafb20c8e3eef0e5e2fb");
+close F;
+is(`openssl dgst -engine ${engine} -md_gost12_256 testm2.dat`,
+"md_gost12_256(testm2.dat)= 9dd2fe4e90409e5da87f53976d7405b0c0cac628fc669a741d50063c557e8f50\n",
+"GOST R 34.11-2012 256bit example 2 from standard");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 testm2.dat`,
+"md_gost12_512(testm2.dat)= 1e88e62226bfca6f9994f1f2d51569e0daf8475a3b0fe61a5300eee46d961376035fe83549ada2b8620fcd7c496ce5b33f0cb9dddc2b6460143b03dabac9fb28\n",
+"GOST R 34.11-2012 512bit example 2 from standard");
+
+unlink("testm2.dat");
+
+
+open F,">","testdata.dat";
+binmode F;
+print F "12345670" x 128;
+close F;
+is(`openssl dgst -engine ${engine} -md_gost94 testdata.dat`,
+"md_gost94(testdata.dat)= f7fc6d16a6a5c12ac4f7d320e0fd0d8354908699125e09727a4ef929122b1cae\n",
+"GOST R 34.11-94 1K ascii");
+
+is(`openssl dgst -engine ${engine} -md_gost12_256 testdata.dat`,
+"md_gost12_256(testdata.dat)= 1906512b86a1283c68cec8419e57113efc562a1d0e95d8f4809542900c416fe4\n",
+"GOST R 34.11-2012 256bit 1K ascii");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 testdata.dat`,
+"md_gost12_512(testdata.dat)= 283587e434864d0d4bea97c0fb10e2dd421572fc859304bdf6a94673d652c59049212bad7802b4fcf5eecc1f8fab569d60f2c20dbd789a7fe4efbd79d8137ee7\n",
+"GOST R 34.11-2012 512bit 1K ascii");
+
+unlink("testdata.dat");
+
+open F,">","testdata2.dat";
+binmode F;
+print F "\x00\x01\x02\x15\x84\x67\x45\x31" x 128;
+close F;
+
+is(`openssl dgst -engine ${engine} -md_gost94 testdata2.dat`,
+"md_gost94(testdata2.dat)= 69f529aa82d9344ab0fa550cdf4a70ecfd92a38b5520b1906329763e09105196\n",
+"GOST R 34.11-94 1K binary");
+
+is(`openssl dgst -engine ${engine} -md_gost12_256 testdata2.dat`,
+"md_gost12_256(testdata2.dat)= 2eb1306be3e490f18ff0e2571a077b3831c815c46c7d4fdf9e0e26de4032b3f3\n",
+"GOST R 34.11-2012 256bit 1K binary");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 testdata2.dat`,
+"md_gost12_512(testdata2.dat)= 55656e5bcf795b499031a7833cd7dc18fe10d4a47e15be545c6ab3f304a4fe411c4c39de5b1fc6844880111441e0b92bf1ec2fb7840453fe39a2b70ced461968\n",
+"GOST R 34.11-2012 512bit 1K binary");
+
+unlink("testdata2.dat");
+
+open F, ">","testdata3.dat";
+binmode F;
+print F substr("12345670" x 128,0,539);
+close F;
+
+is(`openssl dgst -engine ${engine} -md_gost94 testdata3.dat`,
+"md_gost94(testdata3.dat)= bd5f1e4b539c7b00f0866afdbc8ed452503a18436061747a343f43efe888aac9\n",
+"GOST R 34.11-94 539 bytes");
+
+is(`openssl dgst -engine ${engine} -md_gost12_256 testdata3.dat`,
+"md_gost12_256(testdata3.dat)= c98a17f9fadff78d08521e4179a7b2e6275f3b1da88339a3cb961a3514e5332e\n",
+"GOST R 34.11-2012 256bit 539 bytes");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 testdata3.dat`,
+"md_gost12_512(testdata3.dat)= d5ad93fbc9ed7abc1cf28d00827a052b40bea74b04c4fd753102c1bcf9f9dad5142887f8a4cceaa0d64a0a8291592413d6adb956b99138a0023e127ff37bdf08\n",
+"GOST R 34.11-2012 512bit 539 bytes");
+
+unlink "testdata3.dat";
+open F , ">","bigdata.dat";
+binmode F;
+print F ("121345678" x 7 . "1234567\n") x 4096,"12345\n";
+close F;
+
+is(`openssl dgst -engine ${engine} -md_gost94 bigdata.dat`,
+"md_gost94(bigdata.dat)= e5d3ac4ea3f67896c51ff919cedb9405ad771e39f0f2eab103624f9a758e506f\n",
+"GOST R 34.11-94 128K");
+
+is(`openssl dgst -engine ${engine} -md_gost12_256 bigdata.dat`,
+"md_gost12_256(bigdata.dat)= 50e935d725d9359e5991b6b7eba8b3539fca03584d26adf4c827c982ffd49367\n",
+"GOST R 34.11-2012 256bit 128K");
+
+is(`openssl dgst -engine ${engine} -md_gost12_512 bigdata.dat`,
+"md_gost12_512(bigdata.dat)= 1d93645ebfbb477660f98b7d1598e37fbf3bfc8234ead26e2246e1b979e590ac46138158a692f9a0c9ac2550758b4d0d4c9fb8af5e595a16d3760c6516443f82\n",
+"GOST R 34.11-2012 512bit 128K");
+
+unlink "bigdata.dat";
--- /dev/null
+#!/usr/bin/perl
+use Test::More tests => 19;
+use Cwd 'abs_path';
+
+# prepare data for
+
+open F,">","testdata.dat";
+print F "12345670" x 128;
+close F;
+
+open F,">","testbig.dat";
+print F ("12345670" x 8 . "\n") x 4096;
+close F;
+# Set OPENSSL_ENGINES environment variable to just built engine
+if(!defined $ENV{'OPENSSL_ENGINES'}){
+ $ENV{'OPENSSL_ENGINES'} = abs_path("../.libs");
+}
+
+$key='0123456789abcdef' x 2;
+
+$engine=$ENV{'ENGINE_NAME'}||"gost";
+
+# Reopen STDERR to eliminate extra output
+open STDERR, ">>","tests.err";
+
+is(`openssl dgst -engine ${engine} -mac gost-mac -macopt key:${key} testdata.dat`,
+"GOST-MAC-gost-mac(testdata.dat)= 2ee8d13d\n",
+"GOST MAC - default size");
+
+for ($i=1;$i<=8; $i++) {
+ is(`openssl dgst -engine ${engine} -mac gost-mac -macopt key:${key} -sigopt size:$i testdata.dat`,
+"GOST-MAC-gost-mac(testdata.dat)= ".substr("2ee8d13dff7f037d",0,$i*2)."\n",
+"GOST MAC - size $i bytes");
+}
+
+
+
+is(`openssl dgst -engine ${engine} -mac gost-mac -macopt key:${key} testbig.dat`,
+"GOST-MAC-gost-mac(testbig.dat)= 5efab81f\n",
+"GOST MAC - big data");
+
+is(`openssl dgst -engine ${engine} -mac gost-mac-12 -macopt key:${key} testdata.dat`,
+"GOST-MAC-12-gost-mac-12(testdata.dat)= be4453ec\n",
+"GOST MAC - parameters 2012");
+
+
+for ($i=1;$i<=8; $i++) {
+ is(`openssl dgst -engine ${engine} -mac gost-mac-12 -macopt key:${key} -sigopt size:$i testdata.dat`,
+"GOST-MAC-12-gost-mac-12(testdata.dat)= ".substr("be4453ec1ec327be",0,$i*2)."\n",
+"GOST MAC parameters 2012 - size $i bytes");
+}
+unlink('testdata.dat');
+unlink('testbig.dat');
--- /dev/null
+#!/usr/bin/perl
+use Test::More tests => 48;
+use Cwd 'abs_path';
+
+#
+# If this variable is set, engine would be loaded via configuration
+# file. Otherwise - via command line
+#
+$use_config = 1;
+
+# prepare data for
+
+
+# Set OPENSSL_ENGINES environment variable to just built engine
+if(!defined $ENV{'OPENSSL_ENGINES'}){
+ $ENV{'OPENSSL_ENGINES'} = abs_path("../.libs");
+}
+
+$key='0123456789abcdef' x 2;
+
+#
+# You can redefine engine to use using ENGINE_NAME environment variable
+#
+$engine=$ENV{'ENGINE_NAME'}||"gost";
+
+# Reopen STDERR to eliminate extra output
+open STDERR, ">>","tests.err";
+
+our $count=0;
+
+#
+# parameters -paramset = oid of the parameters
+# -cleartext - data to encrypt
+# -ciphertext - expected ciphertext (hex-encoded)
+# -key - key (hex-encoded)
+# -iv - IV (hex-encoded)
+#
+
+open F,">","test.cnf";
+if (defined($use_config) && $use_config) {
+ $eng_param = "";
+ open F,">","test.cnf";
+ print F <<EOCFG;
+openssl_conf = openssl_def
+[openssl_def]
+engines = engines
+[engines]
+${engine}=gost_conf
+[gost_conf]
+default_algorithms = ALL
+
+EOCFG
+} else {
+ $eng_param = "-engine $engine"
+}
+close F;
+$ENV{'OPENSSL_CONF'}=abs_path('test.cnf');
+
+sub crypt_test {
+ my %p = @_;
+ our $count++;
+ open my $f, ">", "test$count.clear";
+ print $f $p{-cleartext};
+ close $f;
+
+ $ENV{'CRYPT_PARAMS'} = $p{-paramset} if exists $p{-paramset};
+ my $ctext = `openssl enc ${eng_param} -e -$p{-alg} -K $p{-key} -iv $p{-iv} -in test$count.clear`;
+ is($?,0,"$p{-name} - encrypt successful");
+ is(unpack("H*",$ctext),$p{-ciphertext},"$p{-name} - ciphertext expected");
+ open my $f, ">", "test$count.enc";
+ print $f $ctext;
+ close $f;
+ my $otext = `openssl enc ${eng_param} -d -$p{-alg} -K $p{-key} -iv $p{-iv} -in test$count.enc`;
+ is($?,0,"$p{-name} - decrypt successful");
+ is($otext,$p{-cleartext},"$p{-name} - decrypted correctly");
+ unlink "test$count.enc";
+ unlink "test$count.clear";
+ delete $ENV{'CRYPT_PARAMS'};
+}
+
+$key = '0123456789ABCDEF' x 4;
+$iv = '0000000000000000';
+$clear1 = "The quick brown fox jumps over the lazy dog\n";
+
+crypt_test(-paramset=> "1.2.643.2.2.31.1", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => '07f4102c6185c4a09e676e269bfa4bc9c5df6575916b879bd13a893a2285ee6690107cdeef7a315d2eb54bfa',
+ -alg => 'gost89',
+ -name=> 'CFB short text, paramset A');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.2", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => '11465c1c9708033e784fbb5536f2719c38353cb488b01f195c20d4c027022e8300d98bb66c138afbe878c88b',
+ -alg => 'gost89',
+ -name=> 'CFB short text, paramset B');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.3", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => '2f213b390c9b6ceb18de479686d23f4f03c76644a0aab8894b50b71a3bbb3c027ec4c2d569ba0e6a873bd46e',
+ -alg => 'gost89',
+ -name=> 'CFB short text, paramset C');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.4", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'e835f59a7fdfd84764efe1e987660327f5d0de187afea72f9cd040983a5e5bbeb4fe1aa5ff85d623ebc4d435',
+ -alg => 'gost89',
+ -name=> 'CFB short text, paramset D');
+
+
+crypt_test(-paramset=> "1.2.643.2.2.31.1", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'bcb821452e459f10f92019171e7c3b27b87f24b174306667f67704812c07b70b5e7420f74a9d54feb4897df8',
+ -alg => 'gost89-cnt',
+ -name=> 'CNT short text');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.2", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'bcb821452e459f10f92019171e7c3b27b87f24b174306667f67704812c07b70b5e7420f74a9d54feb4897df8',
+ -alg => 'gost89-cnt',
+ -name=> 'CNT short text, paramset param doesnt affect cnt');
+
+
+crypt_test(-paramset=> "1.2.643.2.2.31.1", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'cf3f5f713b3d10abd0c6f7bafb6aaffe13dfc12ef5c844f84873aeaaf6eb443a9747c9311b86f97ba3cdb5c4',
+ -alg => 'gost89-cnt-12',
+ -name=> 'CNT-12 short text');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.2", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'cf3f5f713b3d10abd0c6f7bafb6aaffe13dfc12ef5c844f84873aeaaf6eb443a9747c9311b86f97ba3cdb5c4',
+ -alg => 'gost89-cnt-12',
+ -name=> 'CNT-12 short text, paramset param doesnt affect cnt');
+
+
+crypt_test(-paramset=> "1.2.643.2.2.31.1", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => '3a3293e75089376572da44966cd1759c29d2f1e5e1c3fa9674909a63026da3dc51a4266bff37fb74a3a07155c9ca8fcf',
+ -alg => 'gost89-cbc',
+ -name=> 'CBC short text, paramset A');
+
+
+crypt_test(-paramset=> "1.2.643.2.2.31.2", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'af2a2167b75852378af176ac9950e3c4bffc94d3d4355191707adbb16d6c8e3f3a07868c4702babef18393edfac60a6d',
+ -alg => 'gost89-cbc',
+ -name=> 'CBC short text, paramset B');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.3", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => '987c0fb3d84530467a1973791e0a25e33c5d14591976f8c1573bdb9d056eb7b353f66fef3ffe2e3524583b3997123c8a',
+ -alg => 'gost89-cbc',
+ -name=> 'CBC short text, paramset C');
+
+crypt_test(-paramset=> "1.2.643.2.2.31.4", -key => $key, -iv => $iv,
+ -cleartext => $clear1,
+ -ciphertext => 'e076b09822d4786a2863125d16594d765d8acd0f360e52df42e9d52c8e6c0e6595b5f6bbecb04a22c8ae5f4f87c1523b',
+ -alg => 'gost89-cbc',
+ -name=> 'CBC short text, paramset D');
+
+unlink "test.cnf";
--- /dev/null
+#!/usr/bin/perl
+use Test::More tests => 15;
+use Cwd 'abs_path';
+
+#
+# If this variable is set, engine would be loaded via configuration
+# file. Otherwise - via command line
+#
+$use_config = 1;
+
+# prepare data for
+
+
+# Set OPENSSL_ENGINES environment variable to just built engine
+if(!defined $ENV{'OPENSSL_ENGINES'}){
+ $ENV{'OPENSSL_ENGINES'} = abs_path("../.libs");
+}
+
+$engine=$ENV{'ENGINE_NAME'}||"gost";
+
+# Reopen STDERR to eliminate extra output
+open STDERR, ">>","tests.err";
+
+
+open F,">","test.cnf";
+if (defined($use_config) && $use_config) {
+ $eng_param = "";
+ open F,">","test.cnf";
+ print F <<EOCFG;
+openssl_conf = openssl_def
+[openssl_def]
+engines = engines
+[engines]
+${engine}=gost_conf
+[gost_conf]
+default_algorithms = ALL
+
+EOCFG
+} else {
+ $eng_param = "-engine $engine"
+}
+close F;
+$ENV{'OPENSSL_CONF'}=abs_path('test.cnf');
+
+
+@keys=(['gost2001','A',"-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgIgRhUDJ1WQASIf
+nx+aUM2eagzV9dCt6mQ5wdtenr2ZS/Y=
+-----END PRIVATE KEY-----
+","Private key: 46150327559001221F9F1F9A50CD9E6A0CD5F5D0ADEA6439C1DB5E9EBD994BF6
+","Public key:
+ X:789094AF6386A43AF191210FFED0AEA5D1D9750D8FF8BCD1B584BFAA966850E4
+ Y:25ED63EE42624403D08FC60E5F8130F121ECDC5E297D9E3C7B106C906E0855E9
+Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
+","-----BEGIN PUBLIC KEY-----
+MGMwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEDQwAEQORQaJaqv4S10bz4
+jw112dGlrtD+DyGR8TqkhmOvlJB46VUIbpBsEHs8nn0pXtzsIfEwgV8Oxo/QA0Ri
+Qu5j7SU=
+-----END PUBLIC KEY-----
+"],
+['gost2001','B'=>'-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwICHgEEIgIgImwnCcqcfuXK
+MVYg+UWQhiXYKz1yQ8kDSB7Ly515XH4=
+-----END PRIVATE KEY-----
+','Private key: 226C2709CA9C7EE5CA315620F945908625D82B3D7243C903481ECBCB9D795C7E
+','Public key:
+ X:59C15439385CBE790274D6537D318A35B27413D265FFDC5FBE5354DF8C7AC591
+ Y:11B771AC016AA817542184D05F2C7DDD0F9A5A5C9F840A79B5B7A73658F3048A
+Parameter set: id-GostR3410-2001-CryptoPro-B-ParamSet
+','-----BEGIN PUBLIC KEY-----
+MGMwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwICHgEDQwAEQJHFeozfVFO+X9z/
+ZdITdLI1ijF9U9Z0Anm+XDg5VMFZigTzWDant7V5CoSfXFqaD919LF/QhCFUF6hq
+AaxxtxE=
+-----END PUBLIC KEY-----
+'],
+['gost2001','C'=>'-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwMGByqFAwICHgEEIgIgKKUJVY2xlp24
+mky1F9inWeq3mm0J/uza6HsDvspgSzY=
+-----END PRIVATE KEY-----
+','Private key: 28A509558DB1969DB89A4CB517D8A759EAB79A6D09FEECDAE87B03BECA604B36
+','Public key:
+ X:58154320380CCFD2A101D2B7844516984023CF5A38610C4F98220E017270B2D4
+ Y:14C6977A6E9C0412DF5B53E69CD48DAF2B5805F55F6ACBEB4E01BA7B2BF84FC8
+Parameter set: id-GostR3410-2001-CryptoPro-C-ParamSet
+','-----BEGIN PUBLIC KEY-----
+MGMwHAYGKoUDAgITMBIGByqFAwICIwMGByqFAwICHgEDQwAEQNSycHIBDiKYTwxh
+OFrPI0CYFkWEt9IBodLPDDggQxVYyE/4K3u6AU7ry2pf9QVYK6+N1JzmU1vfEgSc
+bnqXxhQ=
+-----END PUBLIC KEY-----
+'],
+['gost2001','XA'=>,'-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgIgOFuMMveKUx/C
+BOSjl9XCepDCHWHv/1bcjdKexKGJkZw=
+-----END PRIVATE KEY-----
+','Private key: 385B8C32F78A531FC204E4A397D5C27A90C21D61EFFF56DC8DD29EC4A189919C
+','Public key:
+ X:FA969CB29310E897978A1C9245107B46499D5C14A3975BF8E10EF5F613BE4EC6
+ Y:17FCFACCB0F838AE730E8B4021E880937824214DFF5365A61576AC5E72F92E35
+Parameter set: id-GostR3410-2001-CryptoPro-XchA-ParamSet
+','-----BEGIN PUBLIC KEY-----
+MGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQMZOvhP29Q7h+FuX
+oxRcnUlGexBFkhyKl5foEJOynJb6NS75cl6sdhWmZVP/TSEkeJOA6CFAiw5zrjj4
+sMz6/Bc=
+-----END PUBLIC KEY-----
+'],
+['gost2001','XB'=>,'-----BEGIN PRIVATE KEY-----
+MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwICHgEEIgIgE7WWqiYWoKLs
+7ezZ8L8Q9JcT73Jf5NYfFnlnoKRIQGg=
+-----END PRIVATE KEY-----
+','Private key: 13B596AA2616A0A2ECEDECD9F0BF10F49713EF725FE4D61F167967A0A4484068
+','Public key:
+ X:1D33A01774E501EFADD6C7A936728AF644749E98FEF5AE77A25E185955ED2E14
+ Y:FAD2D8101A99EDE8FBDF118B70A9894F4E6DE962B68D27E39B057624A51727
+Parameter set: id-GostR3410-2001-CryptoPro-XchB-ParamSet
+','-----BEGIN PUBLIC KEY-----
+MGMwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwICHgEDQwAEQBQu7VVZGF6id671
+/piedET2inI2qcfWre8B5XQXoDMdJxelJHYFm+MnjbZi6W1OT4mpcIsR3/vo7Zka
+ENjS+gA=
+-----END PUBLIC KEY-----
+']
+);
+for $keyinfo (@keys) {
+ my ($alg,$paramset,$seckey,$sectext,$pubtext,$pubkey) = @$keyinfo;
+ open F,">",'tmp.pem';
+ print F $seckey;
+ close F;
+ #1. Прочитать секретный ключ и напечатать публичный и секретный ключи
+ is(`openssl pkey -noout -text -in tmp.pem`,$sectext . $pubtext,
+ "Print key pair $alg:$paramset");
+ #2. Прочитать секретный ключ и вывести публичный (все алгоритмы)
+ is(`openssl pkey -pubout -in tmp.pem`,$pubkey,
+ "Compute public key $alg:$paramset");
+ open F,">","tmp.pem";
+ print F $pubkey;
+ close F;
+ #3. Прочитать публичный и напечать его в виде текста
+ is(`openssl pkey -pubin -noout -in tmp.pem -text`,$pubtext,
+ "Read and print public key $alg:paramset");
+
+}
+unlink "tmp.pem";
+#4. Сгенерировать ключ два раза (для всех алгоритов и параметров).
+# Проверить что получились числа требуемой длины и они не совпадают
+
+
+#5. Проверить эталонную подпись
+
+#6. Выработать подпись и проверить её
+
+#7. Выработать подпись, поменять в ней один бит и убедиться что она
+# перестала проверяться
+
+# 8. Выработать подпись, поменять 1 бит в подписываемых данных и
+# убедитсья, что подпись перестала быть корректной.
+
+# 9. Выработать shared ключ по vko
+
+# 10. Разобрать стандартый encrypted key
+
+# 11. Сгенерирвоать encrypted key и его разобрать.
+
+unlink "test.cnf";
+
--- /dev/null
+PERL=@PERL@
+
+test:
+ $(PERL) ./run_tests
--- /dev/null
+#!/usr/bin/perl
+use TAP::Harness;
+
+my $harness = TAP::Harness->new();
+$harness->runtests(glob("*.t"));
projects / openssl-gost / engine.git / commitdiff