global:
- PREFIX=${HOME}/opt
- PATH=${PREFIX}/bin:${PATH}
- #- OPENSSL_BRANCH=openssl-3.0.0-alpha1
- - OPENSSL_BRANCH=master
+ - OPENSSL_BRANCH=openssl-3.0.0-alpha2
+ #- OPENSSL_BRANCH=master
- RPATH="-Wl,-rpath=${PREFIX}/lib"
matrix:
/* Control function, knows how to set MAC key.*/
static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
-static EVP_MD *_hidden_Gost28147_89_MAC_md = NULL;
-static EVP_MD *_hidden_Gost28147_89_12_MAC_md = NULL;
-
-EVP_MD *imit_gost_cpa(void)
-{
- if (_hidden_Gost28147_89_MAC_md == NULL) {
- EVP_MD *md;
-
- if ((md = EVP_MD_meth_new(NID_id_Gost28147_89_MAC, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 4)
- || !EVP_MD_meth_set_input_blocksize(md, 8)
- || !EVP_MD_meth_set_app_datasize(md,
- sizeof(struct ossl_gost_imit_ctx))
- || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
- || !EVP_MD_meth_set_init(md, gost_imit_init_cpa)
- || !EVP_MD_meth_set_update(md, gost_imit_update)
- || !EVP_MD_meth_set_final(md, gost_imit_final)
- || !EVP_MD_meth_set_copy(md, gost_imit_copy)
- || !EVP_MD_meth_set_cleanup(md, gost_imit_cleanup)
- || !EVP_MD_meth_set_ctrl(md, gost_imit_ctrl)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_Gost28147_89_MAC_md = md;
- }
- return _hidden_Gost28147_89_MAC_md;
-}
-
-void imit_gost_cpa_destroy(void)
-{
- EVP_MD_meth_free(_hidden_Gost28147_89_MAC_md);
- _hidden_Gost28147_89_MAC_md = NULL;
-}
-
-EVP_MD *imit_gost_cp_12(void)
-{
- if (_hidden_Gost28147_89_12_MAC_md == NULL) {
- EVP_MD *md;
-
- if ((md = EVP_MD_meth_new(NID_gost_mac_12, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 4)
- || !EVP_MD_meth_set_input_blocksize(md, 8)
- || !EVP_MD_meth_set_app_datasize(md,
- sizeof(struct ossl_gost_imit_ctx))
- || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
- || !EVP_MD_meth_set_init(md, gost_imit_init_cp_12)
- || !EVP_MD_meth_set_update(md, gost_imit_update)
- || !EVP_MD_meth_set_final(md, gost_imit_final)
- || !EVP_MD_meth_set_copy(md, gost_imit_copy)
- || !EVP_MD_meth_set_cleanup(md, gost_imit_cleanup)
- || !EVP_MD_meth_set_ctrl(md, gost_imit_ctrl)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_Gost28147_89_12_MAC_md = md;
- }
- return _hidden_Gost28147_89_12_MAC_md;
-}
+GOST_digest Gost28147_89_MAC_digest = {
+ .nid = NID_id_Gost28147_89_MAC,
+ .result_size = 4,
+ .input_blocksize = 8,
+ .app_datasize = sizeof(struct ossl_gost_imit_ctx),
+ .flags = EVP_MD_FLAG_XOF,
+ .init = gost_imit_init_cpa,
+ .update = gost_imit_update,
+ .final = gost_imit_final,
+ .copy = gost_imit_copy,
+ .cleanup = gost_imit_cleanup,
+ .ctrl = gost_imit_ctrl,
+};
-void imit_gost_cp_12_destroy(void)
-{
- EVP_MD_meth_free(_hidden_Gost28147_89_12_MAC_md);
- _hidden_Gost28147_89_12_MAC_md = NULL;
-}
+GOST_digest Gost28147_89_mac_12_digest = {
+ .nid = NID_gost_mac_12,
+ .result_size = 4,
+ .input_blocksize = 8,
+ .app_datasize = sizeof(struct ossl_gost_imit_ctx),
+ .flags = EVP_MD_FLAG_XOF,
+ .init = gost_imit_init_cp_12,
+ .update = gost_imit_update,
+ .final = gost_imit_final,
+ .copy = gost_imit_copy,
+ .cleanup = gost_imit_cleanup,
+ .ctrl = gost_imit_ctrl,
+};
/*
* Correspondence between gost parameter OIDs and substitution blocks
* upon engine initialization
*/
-struct gost_cipher_info gost_cipher_list[] = {
+static struct gost_cipher_info gost_cipher_list[] = {
/*- NID *//*
* Subst block
*//*
}
/* Initializes EVP_CIPHER_CTX with default values */
-int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
}
/* Initializes EVP_CIPHER_CTX with default values */
-int gost_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+static int gost_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
}
/* Initializes EVP_CIPHER_CTX with default values */
-int magma_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+static int magma_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
}
/* Initializes EVP_CIPHER_CTX with default values */
-int magma_cipher_init_ctr_acpkm_omac(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+static int magma_cipher_init_ctr_acpkm_omac(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
if (key) {
}
/* GOST encryption in CBC mode */
-int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+static int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
unsigned char b[8];
}
/* MAGMA encryption in CBC mode */
-int magma_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+static int magma_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
unsigned char b[8];
return inl;
}
/* GOST encryption in CFB mode */
-int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
const unsigned char *in_ptr = in;
}
/* Cleaning up of EVP_CIPHER_CTX */
-int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
+static int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
{
struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
EVP_MD_CTX_free(c->omac_ctx);
}
/* Control function for gost cipher */
-int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
switch (type) {
case EVP_CTRL_RAND_KEY:
}
/* Control function for gost cipher */
-int magma_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+static int magma_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
switch (type) {
case EVP_CTRL_RAND_KEY:
}
/* Set cipher parameters from ASN1 structure */
-int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
+static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
int len = 0;
unsigned char *buf = NULL;
}
/* Store parameters into ASN1 structure */
-int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
+static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
int len;
GOST_CIPHER_PARAMS *gcp = NULL;
c->count = c->count % 1024 + 8;
}
-int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
const unsigned char *p = data;
return 1;
}
-int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
+static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
{
struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx);
if (!c->key_set) {
return 1;
}
-int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
+static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
{
switch (type) {
case EVP_MD_CTRL_KEY_LEN:
}
}
-int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) {
memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from),
}
/* Clean up imit ctx */
-int gost_imit_cleanup(EVP_MD_CTX *ctx)
+static int gost_imit_cleanup(EVP_MD_CTX *ctx)
{
memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx));
return 1;
UKM = BN_lebin2bn(ukm, ukm_size, NULL);
p = BN_CTX_get(ctx);
order = BN_CTX_get(ctx);
- cofactor = BN_CTX_get(ctx);
+ cofactor = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
Y = BN_CTX_get(ctx);
EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx);
- EC_GROUP_get_cofactor(EC_KEY_get0_group(priv_key), cofactor, ctx);
+ EC_GROUP_get_cofactor(EC_KEY_get0_group(priv_key), cofactor, ctx);
BN_mod_mul(UKM, UKM, cofactor, order, ctx);
BN_mod_mul(p, key, UKM, order, ctx);
if (!EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx)) {
}
if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key),
pnt, X, Y, ctx)) {
- GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB);
- goto err;
+ GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB);
+ goto err;
}
half_len = BN_num_bytes(order);
}
if (data->shared_ukm_size == 0) {
- if (RAND_bytes(data->shared_ukm, 32) <= 0) {
- GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- data->shared_ukm_size = 32;
+ if (RAND_bytes(data->shared_ukm, 32) <= 0) {
+ GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ data->shared_ukm_size = 32;
}
if (gost_keg(data->shared_ukm, pkey_nid,
err:
OPENSSL_cleanse(expkeys, sizeof(expkeys));
if (key_is_ephemeral)
- EVP_PKEY_free(sec_key);
+ EVP_PKEY_free(sec_key);
PSKeyTransport_gost_free(pst);
OPENSSL_free(exp_buf);
size_t *key_len, const unsigned char *in, size_t in_len)
{
struct gost_pmeth_data *gctx = EVP_PKEY_CTX_get_data(pctx);
- switch (gctx->cipher_nid)
- {
- case NID_id_Gost28147_89:
- case NID_undef: /* FIXME */
- return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len);
- case NID_kuznyechik_ctr:
- case NID_magma_ctr:
- return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len);
- default:
+ switch (gctx->cipher_nid)
+ {
+ case NID_id_Gost28147_89:
+ case NID_undef: /* FIXME */
+ return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len);
+ case NID_kuznyechik_ctr:
+ case NID_magma_ctr:
+ return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len);
+ default:
GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR);
return -1;
- }
+ }
}
/* Map tc26-2012 256-bit parameters to cp-2001 parameters */
switch (nid) {
- case NID_id_tc26_gost_3410_2012_256_paramSetB:
- nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
- break;
- case NID_id_tc26_gost_3410_2012_256_paramSetC:
- nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
- break;
- case NID_id_tc26_gost_3410_2012_256_paramSetD:
- nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
+ case NID_id_tc26_gost_3410_2012_256_paramSetB:
+ nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
+ break;
+ case NID_id_tc26_gost_3410_2012_256_paramSetC:
+ nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
+ break;
+ case NID_id_tc26_gost_3410_2012_256_paramSetD:
+ nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
}
/* Search nid in 2012 paramset */
* ameth_magma_mac = NULL, * ameth_grasshopper_mac = NULL,
* ameth_magma_mac_acpkm = NULL, * ameth_grasshopper_mac_acpkm = NULL;
-static struct gost_digest_minfo {
- int nid;
- EVP_MD *(*digest)(void);
- void (*destroy)(void);
- const char *sn;
- const char *alias;
-} gost_digest_array[] = {
- {
- NID_id_GostR3411_94,
- digest_gost,
- digest_gost_destroy,
- },
- {
- NID_id_Gost28147_89_MAC,
- imit_gost_cpa,
- imit_gost_cpa_destroy,
- },
- {
- NID_id_GostR3411_2012_256,
- digest_gost2012_256,
- digest_gost2012_256_destroy,
- SN_id_GostR3411_2012_256,
- "streebog256",
- },
- {
- NID_id_GostR3411_2012_512,
- digest_gost2012_512,
- digest_gost2012_512_destroy,
- SN_id_GostR3411_2012_512,
- "streebog512",
- },
- {
- NID_gost_mac_12,
- imit_gost_cp_12,
- imit_gost_cp_12_destroy,
- },
- {
- NID_magma_mac,
- magma_omac,
- magma_omac_destroy,
- },
- {
- NID_grasshopper_mac,
- grasshopper_omac,
- grasshopper_omac_destroy,
- },
- {
- NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
- grasshopper_omac_acpkm,
- grasshopper_omac_acpkm_destroy,
- },
- { 0 },
+GOST_digest *gost_digest_array[] = {
+ &GostR3411_94_digest,
+ &Gost28147_89_MAC_digest,
+ &GostR3411_2012_256_digest,
+ &GostR3411_2012_512_digest,
+ &Gost28147_89_mac_12_digest,
+ &magma_mac_digest,
+ &grasshopper_mac_digest,
+ &kuznyechik_ctracpkm_omac_digest,
};
GOST_cipher *gost_cipher_array[] = {
# define OSSL_NELEM(x) (sizeof(x)/sizeof((x)[0]))
#endif
-/* `- 1' because of terminating zero element */
-static int known_digest_nids[OSSL_NELEM(gost_digest_array) - 1];
+static int known_digest_nids[OSSL_NELEM(gost_digest_array)];
static int known_cipher_nids[OSSL_NELEM(gost_cipher_array)];
+/* `- 1' because of terminating zero element */
static int known_meths_nids[OSSL_NELEM(gost_meth_array) - 1];
static int gost_engine_init(ENGINE* e) {
}
static int gost_engine_destroy(ENGINE* e) {
- struct gost_digest_minfo *dinfo = gost_digest_array;
- for (; dinfo->nid; dinfo++) {
- if (dinfo->alias)
- EVP_delete_digest_alias(dinfo->alias);
- dinfo->destroy();
- }
-
int i;
+
+ for (i = 0; i < OSSL_NELEM(gost_digest_array); i++)
+ GOST_deinit_digest(gost_digest_array[i]);
for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++)
- GOST_deinit_cipher(gost_cipher_array[i]);
+ GOST_deinit_cipher(gost_cipher_array[i]);
gost_param_free();
int i;
for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++) {
- if (!EVP_add_cipher(GOST_init_cipher(gost_cipher_array[i])))
+ if (!EVP_add_cipher(GOST_init_cipher(gost_cipher_array[i])))
goto end;
}
- struct gost_digest_minfo *dinfo = gost_digest_array;
- for (; dinfo->nid; dinfo++) {
- if (!EVP_add_digest(dinfo->digest()))
- goto end;
- if (dinfo->alias &&
- !EVP_add_digest_alias(dinfo->sn, dinfo->alias))
+ for (i = 0; i < OSSL_NELEM(gost_digest_array); i++) {
+ if (!EVP_add_digest(GOST_init_digest(gost_digest_array[i])))
goto end;
}
static int gost_digests(ENGINE *e, const EVP_MD **digest,
const int **nids, int nid)
{
- struct gost_digest_minfo *info = gost_digest_array;
+ int i;
if (!digest) {
int *n = known_digest_nids;
*nids = n;
- for (; info->nid; info++)
- *n++ = info->nid;
- return OSSL_NELEM(known_digest_nids);
+ for (i = 0; i < OSSL_NELEM(gost_digest_array); i++)
+ *n++ = gost_digest_array[i]->nid;
+ return i;
}
- for (; info->nid; info++)
- if (nid == info->nid) {
- *digest = info->digest();
+ for (i = 0; i < OSSL_NELEM(gost_digest_array); i++)
+ if (nid == gost_digest_array[i]->nid) {
+ *digest = GOST_init_digest(gost_digest_array[i]);
return 1;
}
*digest = NULL;
for (i = 0; i < OSSL_NELEM(gost_cipher_array); i++)
if (nid == gost_cipher_array[i]->nid) {
- *cipher = GOST_init_cipher(gost_cipher_array[i]);
- return 1;
+ *cipher = GOST_init_cipher(gost_cipher_array[i]);
+ return 1;
}
*cipher = NULL;
return 0;
#include <openssl/rand.h>
int gost2015_final_call(EVP_CIPHER_CTX *ctx, EVP_MD_CTX *omac_ctx, size_t mac_size,
- unsigned char *encrypted_mac,
- int (*do_cipher) (EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- size_t inl))
+ unsigned char *encrypted_mac,
+ int (*do_cipher) (EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl))
{
- unsigned char calculated_mac[KUZNYECHIK_MAC_MAX_SIZE];
- memset(calculated_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
+ unsigned char calculated_mac[KUZNYECHIK_MAC_MAX_SIZE];
+ memset(calculated_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
- if (EVP_CIPHER_CTX_encrypting(ctx)) {
- EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
+ if (EVP_CIPHER_CTX_encrypting(ctx)) {
+ EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
- if (do_cipher(ctx, encrypted_mac, calculated_mac, mac_size) <= 0) {
- return -1;
- }
- } else {
- unsigned char expected_mac[KUZNYECHIK_MAC_MAX_SIZE];
+ if (do_cipher(ctx, encrypted_mac, calculated_mac, mac_size) <= 0) {
+ return -1;
+ }
+ } else {
+ unsigned char expected_mac[KUZNYECHIK_MAC_MAX_SIZE];
- memset(expected_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
- EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
+ memset(expected_mac, 0, KUZNYECHIK_MAC_MAX_SIZE);
+ EVP_DigestSignFinal(omac_ctx, calculated_mac, &mac_size);
- if (do_cipher(ctx, expected_mac, encrypted_mac, mac_size) <= 0) {
- return -1;
- }
+ if (do_cipher(ctx, expected_mac, encrypted_mac, mac_size) <= 0) {
+ return -1;
+ }
- if (CRYPTO_memcmp(expected_mac, calculated_mac, mac_size) != 0)
- return -1;
- }
- return 0;
+ if (CRYPTO_memcmp(expected_mac, calculated_mac, mac_size) != 0)
+ return -1;
+ }
+ return 0;
}
/*
#define MAX_GOST2015_UKM_SIZE 16
#define KDF_SEED_SIZE 8
int gost2015_get_asn1_params(const ASN1_TYPE *params, size_t ukm_size,
- unsigned char *iv, size_t ukm_offset, unsigned char *kdf_seed)
+ unsigned char *iv, size_t ukm_offset, unsigned char *kdf_seed)
{
- int iv_len = 16;
- GOST2015_CIPHER_PARAMS *gcp = NULL;
+ int iv_len = 16;
+ GOST2015_CIPHER_PARAMS *gcp = NULL;
- unsigned char *p = NULL;
+ unsigned char *p = NULL;
- memset(iv, 0, iv_len);
+ memset(iv, 0, iv_len);
- /* Проверяем тип params */
- if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
- GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
- return 0;
- }
+ /* Проверяем тип params */
+ if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
+ GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
+ return 0;
+ }
- p = params->value.sequence->data;
- /* Извлекаем структуру параметров */
- gcp = d2i_GOST2015_CIPHER_PARAMS(NULL, (const unsigned char **)&p, params->value.sequence->length);
- if (gcp == NULL) {
- GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
- return 0;
- }
+ p = params->value.sequence->data;
+ /* Извлекаем структуру параметров */
+ gcp = d2i_GOST2015_CIPHER_PARAMS(NULL, (const unsigned char **)&p, params->value.sequence->length);
+ if (gcp == NULL) {
+ GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
+ return 0;
+ }
- /* Проверяем длину синхропосылки */
- if (gcp->ukm->length != (int)ukm_size) {
- GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
- GOST2015_CIPHER_PARAMS_free(gcp);
- return 0;
- }
+ /* Проверяем длину синхропосылки */
+ if (gcp->ukm->length != (int)ukm_size) {
+ GOSTerr(GOST_F_GOST2015_GET_ASN1_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
+ GOST2015_CIPHER_PARAMS_free(gcp);
+ return 0;
+ }
- memcpy(iv, gcp->ukm->data, ukm_offset);
- memcpy(kdf_seed, gcp->ukm->data+ukm_offset, KDF_SEED_SIZE);
+ memcpy(iv, gcp->ukm->data, ukm_offset);
+ memcpy(kdf_seed, gcp->ukm->data+ukm_offset, KDF_SEED_SIZE);
- GOST2015_CIPHER_PARAMS_free(gcp);
- return 1;
+ GOST2015_CIPHER_PARAMS_free(gcp);
+ return 1;
}
int gost2015_set_asn1_params(ASN1_TYPE *params,
- const unsigned char *iv, size_t iv_size, const unsigned char *kdf_seed)
+ const unsigned char *iv, size_t iv_size, const unsigned char *kdf_seed)
{
- GOST2015_CIPHER_PARAMS *gcp = GOST2015_CIPHER_PARAMS_new();
- int ret = 0, len = 0;
+ GOST2015_CIPHER_PARAMS *gcp = GOST2015_CIPHER_PARAMS_new();
+ int ret = 0, len = 0;
- ASN1_OCTET_STRING *os = NULL;
- unsigned char ukm_buf[MAX_GOST2015_UKM_SIZE];
- unsigned char *buf = NULL;
+ ASN1_OCTET_STRING *os = NULL;
+ unsigned char ukm_buf[MAX_GOST2015_UKM_SIZE];
+ unsigned char *buf = NULL;
- if (gcp == NULL) {
- GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
- return 0;
- }
+ if (gcp == NULL) {
+ GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
- memcpy(ukm_buf, iv, iv_size);
- memcpy(ukm_buf+iv_size, kdf_seed, KDF_SEED_SIZE);
+ memcpy(ukm_buf, iv, iv_size);
+ memcpy(ukm_buf+iv_size, kdf_seed, KDF_SEED_SIZE);
- if (ASN1_STRING_set(gcp->ukm, ukm_buf, iv_size + KDF_SEED_SIZE) == 0) {
- GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
- goto end;
- }
+ if (ASN1_STRING_set(gcp->ukm, ukm_buf, iv_size + KDF_SEED_SIZE) == 0) {
+ GOSTerr(GOST_F_GOST2015_SET_ASN1_PARAMS, ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
- len = i2d_GOST2015_CIPHER_PARAMS(gcp, &buf);
+ len = i2d_GOST2015_CIPHER_PARAMS(gcp, &buf);
- if (len <= 0
- || (os = ASN1_OCTET_STRING_new()) == NULL
- || ASN1_OCTET_STRING_set(os, buf, len) == 0) {
- goto end;
+ if (len <= 0
+ || (os = ASN1_OCTET_STRING_new()) == NULL
+ || ASN1_OCTET_STRING_set(os, buf, len) == 0) {
+ goto end;
}
- ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
- ret = 1;
+ ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
+ ret = 1;
end:
- OPENSSL_free(buf);
- if (ret <= 0 && os)
- ASN1_OCTET_STRING_free(os);
+ OPENSSL_free(buf);
+ if (ret <= 0 && os)
+ ASN1_OCTET_STRING_free(os);
- GOST2015_CIPHER_PARAMS_free(gcp);
- return ret;
+ GOST2015_CIPHER_PARAMS_free(gcp);
+ return ret;
}
-int gost2015_process_unprotected_attributes(STACK_OF(X509_ATTRIBUTE) *attrs,
- int encryption, size_t mac_len, unsigned char *final_tag)
+int gost2015_process_unprotected_attributes(
+ STACK_OF(X509_ATTRIBUTE) *attrs,
+ int encryption, size_t mac_len, unsigned char *final_tag)
{
- if (encryption == 0) /*Decrypting*/ {
- ASN1_OCTET_STRING *osExpectedMac = X509at_get0_data_by_OBJ(attrs,
- OBJ_txt2obj(OID_GOST_CMS_MAC, 1), -3, V_ASN1_OCTET_STRING);
-
- if (!osExpectedMac || osExpectedMac->length != (int)mac_len)
- return -1;
-
- memcpy(final_tag, osExpectedMac->data, osExpectedMac->length);
- } else {
- if (attrs == NULL)
- return -1;
- return (X509at_add1_attr_by_OBJ(&attrs, OBJ_txt2obj(OID_GOST_CMS_MAC, 1),
- V_ASN1_OCTET_STRING, final_tag, mac_len) == NULL) ? -1 : 1;
- }
- return 1;
+ if (encryption == 0) /*Decrypting*/ {
+ ASN1_OCTET_STRING *osExpectedMac = X509at_get0_data_by_OBJ(attrs,
+ OBJ_txt2obj(OID_GOST_CMS_MAC, 1), -3, V_ASN1_OCTET_STRING);
+
+ if (!osExpectedMac || osExpectedMac->length != (int)mac_len)
+ return -1;
+
+ memcpy(final_tag, osExpectedMac->data, osExpectedMac->length);
+ } else {
+ if (attrs == NULL)
+ return -1;
+ return (X509at_add1_attr_by_OBJ(&attrs,
+ OBJ_txt2obj(OID_GOST_CMS_MAC, 1),
+ V_ASN1_OCTET_STRING, final_tag,
+ mac_len) == NULL) ? -1 : 1;
+ }
+ return 1;
}
int gost2015_acpkm_omac_init(int nid, int enc, const unsigned char *inkey,
EVP_MD_CTX *omac_ctx,
unsigned char *outkey, unsigned char *kdf_seed)
{
- int ret = 0;
- unsigned char keys[64];
- const EVP_MD *md = EVP_get_digestbynid(nid);
- EVP_PKEY *mac_key;
+ int ret = 0;
+ unsigned char keys[64];
+ const EVP_MD *md = EVP_get_digestbynid(nid);
+ EVP_PKEY *mac_key;
- if (md == NULL)
- return 0;
+ if (md == NULL)
+ return 0;
- if (enc) {
- if (RAND_bytes(kdf_seed, 8) != 1)
- return 0;
- }
+ if (enc) {
+ if (RAND_bytes(kdf_seed, 8) != 1)
+ return 0;
+ }
- if (gost_kdftree2012_256(keys, 64, inkey, 32, (const unsigned char *)"kdf tree", 8, kdf_seed, 8, 1) <= 0)
- return 0;
+ if (gost_kdftree2012_256(keys, 64, inkey, 32,
+ (const unsigned char *)"kdf tree", 8, kdf_seed, 8, 1) <= 0)
+ return 0;
- mac_key = EVP_PKEY_new_mac_key(nid, NULL, keys+32, 32);
+ mac_key = EVP_PKEY_new_mac_key(nid, NULL, keys+32, 32);
- if (mac_key == NULL)
- goto end;
+ if (mac_key == NULL)
+ goto end;
- if (EVP_DigestInit_ex(omac_ctx, md, NULL) <= 0 ||
- EVP_DigestSignInit(omac_ctx, NULL, md, NULL, mac_key) <= 0)
- goto end;
+ if (EVP_DigestInit_ex(omac_ctx, md, NULL) <= 0 ||
+ EVP_DigestSignInit(omac_ctx, NULL, md, NULL, mac_key) <= 0)
+ goto end;
- memcpy(outkey, keys, 32);
+ memcpy(outkey, keys, 32);
- ret = 1;
+ ret = 1;
end:
- EVP_PKEY_free(mac_key);
- OPENSSL_cleanse(keys, sizeof(keys));
+ EVP_PKEY_free(mac_key);
+ OPENSSL_cleanse(keys, sizeof(keys));
- return ret;
+ return ret;
}
int init_zero_kdf_seed(unsigned char *kdf_seed)
{
- int is_zero_kdfseed = 1, i;
- for (i = 0; i < 8; i++) {
- if (kdf_seed[i] != 0)
- is_zero_kdfseed = 0;
- }
+ int is_zero_kdfseed = 1, i;
+ for (i = 0; i < 8; i++) {
+ if (kdf_seed[i] != 0)
+ is_zero_kdfseed = 0;
+ }
- return is_zero_kdfseed ? RAND_bytes(kdf_seed, 8) : 1;
+ return is_zero_kdfseed ? RAND_bytes(kdf_seed, 8) : 1;
}
}
/* Set 256 bit key into context */
-GRASSHOPPER_INLINE void
+static GRASSHOPPER_INLINE void
gost_grasshopper_cipher_key(gost_grasshopper_cipher_ctx * c, const uint8_t *k)
{
int i;
}
/* Set master 256-bit key to be used in TLSTREE calculation into context */
-GRASSHOPPER_INLINE void
+static GRASSHOPPER_INLINE void
gost_grasshopper_master_key(gost_grasshopper_cipher_ctx * c, const uint8_t *k)
{
int i;
}
/* Cleans up key from context */
-GRASSHOPPER_INLINE void
+static GRASSHOPPER_INLINE void
gost_grasshopper_cipher_destroy(gost_grasshopper_cipher_ctx * c)
{
int i;
grasshopper_zero128(&ctx->partial_buffer);
}
-int gost_grasshopper_cipher_init(EVP_CIPHER_CTX *ctx,
+static int gost_grasshopper_cipher_init(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
const unsigned char *iv, int enc)
{
return 1;
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ecb(EVP_CIPHER_CTX *ctx, const unsigned char
- *key, const unsigned char
- *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_ecb(EVP_CIPHER_CTX *ctx, const unsigned char
+ *key, const unsigned char
+ *iv, int enc)
{
gost_grasshopper_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
c->type = GRASSHOPPER_CIPHER_ECB;
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char
- *key, const unsigned char
- *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char
+ *key, const unsigned char
+ *iv, int enc)
{
gost_grasshopper_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
c->type = GRASSHOPPER_CIPHER_CBC;
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ofb(EVP_CIPHER_CTX *ctx, const unsigned char
- *key, const unsigned char
- *iv, int enc)
+static GRASSHOPPER_INLINE
+int gost_grasshopper_cipher_init_ofb(EVP_CIPHER_CTX *ctx, const unsigned char
+ *key, const unsigned char
+ *iv, int enc)
{
gost_grasshopper_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
c->type = GRASSHOPPER_CIPHER_OFB;
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_cfb(EVP_CIPHER_CTX *ctx, const unsigned char
- *key, const unsigned char
- *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_cfb(EVP_CIPHER_CTX *ctx, const unsigned char
+ *key, const unsigned char
+ *iv, int enc)
{
gost_grasshopper_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
c->type = GRASSHOPPER_CIPHER_CFB;
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctr(EVP_CIPHER_CTX *ctx, const unsigned char
- *key, const unsigned char
- *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_ctr(EVP_CIPHER_CTX *ctx, const unsigned char
+ *key, const unsigned char
+ *iv, int enc)
{
gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX
- *ctx, const unsigned
- char *key, const unsigned
- char *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX
+ *ctx, const unsigned
+ char *key, const unsigned
+ char *iv, int enc)
{
gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-GRASSHOPPER_INLINE int gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX
- *ctx, const unsigned
- char *key, const unsigned
- char *iv, int enc)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX
+ *ctx, const unsigned
+ char *key, const unsigned
+ char *iv, int enc)
{
- gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
+ gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
- /* NB: setting type makes EVP do_cipher callback useless */
- c->c.type = GRASSHOPPER_CIPHER_CTRACPKMOMAC;
- EVP_CIPHER_CTX_set_num(ctx, 0);
- c->section_size = 4096;
+ /* NB: setting type makes EVP do_cipher callback useless */
+ c->c.type = GRASSHOPPER_CIPHER_CTRACPKMOMAC;
+ EVP_CIPHER_CTX_set_num(ctx, 0);
+ c->section_size = 4096;
- if (key) {
- unsigned char cipher_key[32];
- c->omac_ctx = EVP_MD_CTX_new();
+ if (key) {
+ unsigned char cipher_key[32];
+ c->omac_ctx = EVP_MD_CTX_new();
- if (c->omac_ctx == NULL) {
- GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_INIT_CTRACPKM_OMAC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
+ if (c->omac_ctx == NULL) {
+ GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_INIT_CTRACPKM_OMAC, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
- if (gost2015_acpkm_omac_init(NID_kuznyechik_mac, enc, key,
- c->omac_ctx, cipher_key, c->kdf_seed) != 1) {
- EVP_MD_CTX_free(c->omac_ctx);
- c->omac_ctx = NULL;
- return 0;
- }
+ if (gost2015_acpkm_omac_init(NID_kuznyechik_mac, enc, key,
+ c->omac_ctx, cipher_key, c->kdf_seed) != 1) {
+ EVP_MD_CTX_free(c->omac_ctx);
+ c->omac_ctx = NULL;
+ return 0;
+ }
- return gost_grasshopper_cipher_init(ctx, cipher_key, iv, enc);
- }
+ return gost_grasshopper_cipher_init(ctx, cipher_key, iv, enc);
+ }
- return gost_grasshopper_cipher_init(ctx, key, iv, enc);
+ return gost_grasshopper_cipher_init(ctx, key, iv, enc);
}
-int gost_grasshopper_cipher_do_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
{
gost_grasshopper_cipher_ctx *c =
(gost_grasshopper_cipher_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
return 1;
}
-int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
{
gost_grasshopper_cipher_ctx *c =
(gost_grasshopper_cipher_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
inc_counter(counter, 16);
}
-int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
{
gost_grasshopper_cipher_ctx_ctr *c = (gost_grasshopper_cipher_ctx_ctr *)
EVP_CIPHER_CTX_get_cipher_data(ctx);
ctr128_inc(iv_buffer->b);
current_in += GRASSHOPPER_BLOCK_SIZE;
current_out += GRASSHOPPER_BLOCK_SIZE;
- lasted -= GRASSHOPPER_BLOCK_SIZE;
+ lasted -= GRASSHOPPER_BLOCK_SIZE;
}
if (lasted > 0) {
/* If meshing is not configured via ctrl (setting section_size)
* this function works exactly like plain ctr */
-int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl)
{
gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
in += GRASSHOPPER_BLOCK_SIZE;
out += GRASSHOPPER_BLOCK_SIZE;
num += GRASSHOPPER_BLOCK_SIZE;
- lasted -= GRASSHOPPER_BLOCK_SIZE;
+ lasted -= GRASSHOPPER_BLOCK_SIZE;
}
// last part
return inl;
}
-int gost_grasshopper_cipher_do_ctracpkm_omac(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_ctracpkm_omac(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl)
{
- int result;
- gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
- /* As in and out can be the same pointer, process unencrypted here */
- if (EVP_CIPHER_CTX_encrypting(ctx))
- EVP_DigestSignUpdate(c->omac_ctx, in, inl);
-
- if (in == NULL && inl == 0) { /* Final call */
- return gost2015_final_call(ctx, c->omac_ctx, KUZNYECHIK_MAC_MAX_SIZE, c->tag, gost_grasshopper_cipher_do_ctracpkm);
- }
-
- if (in == NULL) {
- GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_DO_CTRACPKM_OMAC, ERR_R_EVP_LIB);
- return -1;
- }
- result = gost_grasshopper_cipher_do_ctracpkm(ctx, out, in, inl);
-
- /* As in and out can be the same pointer, process decrypted here */
- if (!EVP_CIPHER_CTX_encrypting(ctx))
- EVP_DigestSignUpdate(c->omac_ctx, out, inl);
-
- return result;
+ int result;
+ gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
+ /* As in and out can be the same pointer, process unencrypted here */
+ if (EVP_CIPHER_CTX_encrypting(ctx))
+ EVP_DigestSignUpdate(c->omac_ctx, in, inl);
+
+ if (in == NULL && inl == 0) { /* Final call */
+ return gost2015_final_call(ctx, c->omac_ctx, KUZNYECHIK_MAC_MAX_SIZE, c->tag, gost_grasshopper_cipher_do_ctracpkm);
+ }
+
+ if (in == NULL) {
+ GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_DO_CTRACPKM_OMAC, ERR_R_EVP_LIB);
+ return -1;
+ }
+ result = gost_grasshopper_cipher_do_ctracpkm(ctx, out, in, inl);
+
+ /* As in and out can be the same pointer, process decrypted here */
+ if (!EVP_CIPHER_CTX_encrypting(ctx))
+ EVP_DigestSignUpdate(c->omac_ctx, out, inl);
+
+ return result;
}
/*
* Fixed 128-bit IV implementation make shift regiser redundant.
memcpy(iv, buf, 16);
}
-int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
{
gost_grasshopper_cipher_ctx *c = (gost_grasshopper_cipher_ctx *)
EVP_CIPHER_CTX_get_cipher_data(ctx);
return 1;
}
-int gost_grasshopper_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
+static int gost_grasshopper_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
{
gost_grasshopper_cipher_ctx *c =
(gost_grasshopper_cipher_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
return 1;
}
-int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX *ctx)
+static int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX *ctx)
{
gost_grasshopper_cipher_ctx *c =
(gost_grasshopper_cipher_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
return 1;
}
-int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
+static int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
- if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) {
- gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx);
+ if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) {
+ gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx);
- /* CMS implies 256kb section_size */
- ctr->section_size = 256*1024;
+ /* CMS implies 256kb section_size */
+ ctr->section_size = 256*1024;
- return gost2015_set_asn1_params(params, EVP_CIPHER_CTX_original_iv(ctx), 8,
- ctr->kdf_seed);
- }
- return 0;
+ return gost2015_set_asn1_params(params,
+ EVP_CIPHER_CTX_original_iv(ctx), 8, ctr->kdf_seed);
+ }
+ return 0;
}
-GRASSHOPPER_INLINE int gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX
- *ctx, ASN1_TYPE
- *params)
+static GRASSHOPPER_INLINE int
+gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
{
- if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) {
- gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx);
+ if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CTR_MODE) {
+ gost_grasshopper_cipher_ctx_ctr *ctr = EVP_CIPHER_CTX_get_cipher_data(ctx);
- int iv_len = 16;
- unsigned char iv[16];
+ int iv_len = 16;
+ unsigned char iv[16];
- if (gost2015_get_asn1_params(params, 16, iv, 8, ctr->kdf_seed) == 0) {
- return 0;
- }
+ if (gost2015_get_asn1_params(params, 16, iv, 8, ctr->kdf_seed) == 0) {
+ return 0;
+ }
- memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, iv_len);
- memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, iv_len);
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, iv_len);
+ memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, iv_len);
- /* CMS implies 256kb section_size */
- ctr->section_size = 256*1024;
- return 1;
- }
- return 0;
+ /* CMS implies 256kb section_size */
+ ctr->section_size = 256*1024;
+ return 1;
+ }
+ return 0;
}
-int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
switch (type) {
case EVP_CTRL_RAND_KEY:{
gost_grasshopper_cipher_ctx_ctr *c =
EVP_CIPHER_CTX_get_cipher_data(ctx);
if ((c->c.type != GRASSHOPPER_CIPHER_CTRACPKM &&
- c->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC)
- || (arg == 0)
- || (arg % GRASSHOPPER_BLOCK_SIZE))
+ c->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC)
+ || (arg == 0)
+ || (arg % GRASSHOPPER_BLOCK_SIZE))
return -1;
c->section_size = arg;
break;
return 1;
}
#endif
- case EVP_CTRL_PROCESS_UNPROTECTED:
+ case EVP_CTRL_PROCESS_UNPROTECTED:
{
STACK_OF(X509_ATTRIBUTE) *x = ptr;
gost_grasshopper_cipher_ctx_ctr *c = EVP_CIPHER_CTX_get_cipher_data(ctx);
}
return 1;
case EVP_CTRL_COPY: {
- EVP_CIPHER_CTX *out = ptr;
-
- gost_grasshopper_cipher_ctx_ctr *out_cctx = EVP_CIPHER_CTX_get_cipher_data(out);
- gost_grasshopper_cipher_ctx_ctr *in_cctx = EVP_CIPHER_CTX_get_cipher_data(ctx);
-
- if (in_cctx->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC)
- return -1;
-
- if (in_cctx->omac_ctx == out_cctx->omac_ctx) {
- out_cctx->omac_ctx = EVP_MD_CTX_new();
- if (out_cctx->omac_ctx == NULL) {
- GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- }
- return EVP_MD_CTX_copy(out_cctx->omac_ctx, in_cctx->omac_ctx);
- }
+ EVP_CIPHER_CTX *out = ptr;
+
+ gost_grasshopper_cipher_ctx_ctr *out_cctx = EVP_CIPHER_CTX_get_cipher_data(out);
+ gost_grasshopper_cipher_ctx_ctr *in_cctx = EVP_CIPHER_CTX_get_cipher_data(ctx);
+
+ if (in_cctx->c.type != GRASSHOPPER_CIPHER_CTRACPKMOMAC)
+ return -1;
+
+ if (in_cctx->omac_ctx == out_cctx->omac_ctx) {
+ out_cctx->omac_ctx = EVP_MD_CTX_new();
+ if (out_cctx->omac_ctx == NULL) {
+ GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, ERR_R_MALLOC_FAILURE);
+ return -1;
+ }
+ }
+ return EVP_MD_CTX_copy(out_cctx->omac_ctx, in_cctx->omac_ctx);
+ }
default:
GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL,
GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
return 1;
}
+/* Called directly by CMAC_ACPKM_Init() */
const GRASSHOPPER_INLINE EVP_CIPHER *cipher_gost_grasshopper_ctracpkm()
{
return GOST_init_cipher(&grasshopper_ctr_acpkm_cipher);
EVP_MD_CTX *omac_ctx;
} gost_grasshopper_cipher_ctx_ctr;
-typedef int (* grasshopper_init_cipher_func)(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv,
- int enc);
+static void gost_grasshopper_cipher_key(gost_grasshopper_cipher_ctx* c, const uint8_t* k);
-typedef int (* grasshopper_do_cipher_func)(EVP_CIPHER_CTX* ctx, unsigned char* out, const unsigned char* in,
- size_t inl);
+static void gost_grasshopper_cipher_destroy(gost_grasshopper_cipher_ctx* c);
-typedef void (* grasshopper_destroy_cipher_func)(gost_grasshopper_cipher_ctx* c);
+static int gost_grasshopper_cipher_init_ecb(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-void gost_grasshopper_cipher_key(gost_grasshopper_cipher_ctx* c, const uint8_t* k);
+static int gost_grasshopper_cipher_init_cbc(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-void gost_grasshopper_cipher_destroy(gost_grasshopper_cipher_ctx* c);
+static int gost_grasshopper_cipher_init_ofb(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_ecb(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_init_cfb(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_cbc(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_init_ctr(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_ofb(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_cfb(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX* ctx,
+ const unsigned char* key, const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_ctr(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_init(EVP_CIPHER_CTX* ctx, const unsigned char* key,
+ const unsigned char* iv, int enc);
-int gost_grasshopper_cipher_init_ctracpkm(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_do(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_init_ctracpkm_omac(EVP_CIPHER_CTX* ctx, const unsigned char* key, const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_do_ecb(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_init(EVP_CIPHER_CTX* ctx, const unsigned char* key,
- const unsigned char* iv, int enc);
+static int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_ecb(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_do_cfb(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_cbc(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_ofb(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_cfb(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_do_ctracpkm_omac(EVP_CIPHER_CTX* ctx, unsigned char* out,
+ const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_ctr(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_ctracpkm(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
-int gost_grasshopper_cipher_do_ctracpkm_omac(EVP_CIPHER_CTX* ctx, unsigned char* out,
- const unsigned char* in, size_t inl);
+static int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX* ctx);
-int gost_grasshopper_cipher_cleanup(EVP_CIPHER_CTX* ctx);
+static int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX* ctx, ASN1_TYPE* params);
-int gost_grasshopper_set_asn1_parameters(EVP_CIPHER_CTX* ctx, ASN1_TYPE* params);
+static int gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX* ctx, ASN1_TYPE* params);
-int gost_grasshopper_get_asn1_parameters(EVP_CIPHER_CTX* ctx, ASN1_TYPE* params);
+static int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX* ctx, int type, int arg, void* ptr);
-int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX* ctx, int type, int arg, void* ptr);
-
-EVP_CIPHER* cipher_gost_grasshopper_create(int cipher_type, int block_size);
-
-const int cipher_gost_grasshopper_setup(EVP_CIPHER* cipher, uint8_t mode, int iv_size, bool padding, int extra_flags);
-
-const EVP_CIPHER* cipher_gost_grasshopper(uint8_t mode, uint8_t num);
-
-extern const EVP_CIPHER* cipher_gost_grasshopper_ecb();
-extern const EVP_CIPHER* cipher_gost_grasshopper_cbc();
-extern const EVP_CIPHER* cipher_gost_grasshopper_ofb();
-extern const EVP_CIPHER* cipher_gost_grasshopper_cfb();
-extern const EVP_CIPHER* cipher_gost_grasshopper_ctr();
-extern const EVP_CIPHER* cipher_gost_grasshopper_ctracpkm();
-extern const EVP_CIPHER* cipher_gost_grasshopper_ctracpkm_omac();
-
-void cipher_gost_grasshopper_destroy(void);
+const EVP_CIPHER* cipher_gost_grasshopper_ctracpkm();
#if defined(__cplusplus)
}
void grasshopper_encrypt_block(grasshopper_round_keys_t* subkeys, grasshopper_w128_t* source,
grasshopper_w128_t* target, grasshopper_w128_t* buffer) {
- int i;
+ int i;
grasshopper_copy128(target, source);
for (i = 0; i < 9; i++) {
void grasshopper_decrypt_block(grasshopper_round_keys_t* subkeys, grasshopper_w128_t* source,
grasshopper_w128_t* target, grasshopper_w128_t* buffer) {
- int i;
+ int i;
grasshopper_copy128(target, source);
grasshopper_append128multi(buffer, target, grasshopper_l_dec128);
+/*
+ * Copyright (c) 2019 Dmitry Belyavskiy <beldmit@gmail.com>
+ * Copyright (c) 2020 Vitaly Chikunov <vt@altlinux.org>
+ *
+ * Contents licensed under the terms of the OpenSSL license
+ * See https://www.openssl.org/source/license.html for details
+ */
#ifdef _WIN32
#include <winsock.h>
#else
}
}
-int wrap_ctrl (EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+static int wrap_ctrl (EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
switch(type)
{
/**********************************************************************
* gost_lcl.h *
* Copyright (c) 2006 Cryptocom LTD *
+ * Copyright (c) 2020 Vitaly Chikunov <vt@altlinux.org> *
* This file is distributed under the same license as OpenSSL *
* *
- * Internal declarations used in GOST engine *
+ * Internal declarations used in GOST engine *
* OpenSSL 0.9.9 libraries required to compile and use *
* this code *
**********************************************************************/
gost_hash_ctx dctx;
gost_ctx cctx;
};
-/* EVP_MD structure for GOST R 34.11 */
-EVP_MD *digest_gost(void);
-void digest_gost_destroy(void);
-/* EVP MD structure for GOST R 34.11-2012 algorithms */
-EVP_MD *digest_gost2012_256(void);
-EVP_MD *digest_gost2012_512(void);
-void digest_gost2012_256_destroy(void);
-void digest_gost2012_512_destroy(void);
-/* EVP_MD structure for GOST 28147 in MAC mode */
-EVP_MD *imit_gost_cpa(void);
-void imit_gost_cpa_destroy(void);
-EVP_MD *imit_gost_cp_12(void);
-void imit_gost_cp_12_destroy(void);
-EVP_MD *magma_omac(void);
-void magma_omac_destroy(void);
-EVP_MD *grasshopper_omac(void);
-EVP_MD *grasshopper_omac_acpkm(void);
-void grasshopper_omac_destroy(void);
-void grasshopper_omac_acpkm_destroy(void);
/* Cipher context used for EVP_CIPHER operation */
struct ossl_gost_cipher_ctx {
int paramNID;
int key_set;
int dgst_size;
};
-/* Table which maps parameter NID to S-blocks */
-extern struct gost_cipher_info gost_cipher_list[];
/* Find encryption params from ASN1_OBJECT */
const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
-/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-const EVP_CIPHER *cipher_gost_cpacnt();
-const EVP_CIPHER *cipher_gost_cpcnt_12();
-const EVP_CIPHER *cipher_magma_cbc();
-const EVP_CIPHER *cipher_magma_ctr();
-const EVP_CIPHER *cipher_magma_ctr_acpkm();
-const EVP_CIPHER *cipher_magma_ctr_acpkm_omac();
-const EVP_CIPHER *cipher_magma_wrap();
-const EVP_CIPHER *cipher_kuznyechik_wrap();
-void cipher_gost_destroy();
-void wrap_ciphers_destroy();
void inc_counter(unsigned char *counter, size_t counter_bytes);
extern GOST_cipher magma_kexp15_cipher;
extern GOST_cipher kuznyechik_kexp15_cipher;
+struct gost_digest_st {
+ struct gost_digest_st *template;
+ int nid;
+ const char *alias;
+ EVP_MD *digest;
+ int result_size;
+ int input_blocksize;
+ int app_datasize;
+ int flags;
+ int (*init)(EVP_MD_CTX *ctx);
+ int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+ int (*final)(EVP_MD_CTX *ctx, unsigned char *md);
+ int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
+ int (*cleanup)(EVP_MD_CTX *ctx);
+ int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
+};
+typedef struct gost_digest_st GOST_digest;
+
+EVP_MD *GOST_init_digest(GOST_digest *d);
+void GOST_deinit_digest(GOST_digest *d);
+
+extern GOST_digest GostR3411_94_digest;
+extern GOST_digest Gost28147_89_MAC_digest;
+extern GOST_digest Gost28147_89_mac_12_digest;
+extern GOST_digest GostR3411_2012_256_digest;
+extern GOST_digest GostR3411_2012_512_digest;
+extern GOST_digest magma_mac_digest;
+extern GOST_digest grasshopper_mac_digest;
+extern GOST_digest kuznyechik_ctracpkm_omac_digest;
+
#endif
/* vim: set expandtab cinoptions=\:0,l1,t0,g0,(0 sw=4 : */
/**********************************************************************
* md_gost.c *
* Copyright (c) 2005-2006 Cryptocom LTD *
+ * Copyright (c) 2020 Vitaly Chikunov <vt@altlinux.org> *
* This file is distributed under the same license as OpenSSL *
* *
* OpenSSL interface to GOST R 34.11-94 hash functions *
static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
static int gost_digest_cleanup(EVP_MD_CTX *ctx);
-static EVP_MD *_hidden_GostR3411_94_md = NULL;
+GOST_digest GostR3411_94_digest = {
+ .nid = NID_id_GostR3411_94,
+ .result_size = 32,
+ .input_blocksize = 32,
+ .app_datasize = sizeof(struct ossl_gost_digest_ctx),
+ .init = gost_digest_init,
+ .update = gost_digest_update,
+ .final = gost_digest_final,
+ .copy = gost_digest_copy,
+ .cleanup = gost_digest_cleanup,
+};
-EVP_MD *digest_gost(void)
+/*
+ * Single level template accessor.
+ * Note: that you cannot template 0 value.
+ */
+#define TPL(st,field) ( \
+ ((st)->field) ?: TPL_VAL(st,field) \
+)
+
+#define TPL_VAL(st,field) ( \
+ ((st)->template ? (st)->template->field : 0) \
+)
+
+EVP_MD *GOST_init_digest(GOST_digest *d)
{
- if (_hidden_GostR3411_94_md == NULL) {
- EVP_MD *md;
+ if (d->digest)
+ return d->digest;
- if ((md = EVP_MD_meth_new(NID_id_GostR3411_94, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 32)
- || !EVP_MD_meth_set_input_blocksize(md, 32)
- || !EVP_MD_meth_set_app_datasize(md,
- sizeof(struct
- ossl_gost_digest_ctx))
- || !EVP_MD_meth_set_init(md, gost_digest_init)
- || !EVP_MD_meth_set_update(md, gost_digest_update)
- || !EVP_MD_meth_set_final(md, gost_digest_final)
- || !EVP_MD_meth_set_copy(md, gost_digest_copy)
- || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_GostR3411_94_md = md;
+ EVP_MD *md;
+ if (!(md = EVP_MD_meth_new(d->nid, NID_undef))
+ || !EVP_MD_meth_set_result_size(md, TPL(d, result_size))
+ || !EVP_MD_meth_set_input_blocksize(md, TPL(d, input_blocksize))
+ || !EVP_MD_meth_set_app_datasize(md, TPL(d, app_datasize))
+ || !EVP_MD_meth_set_flags(md, d->flags | TPL_VAL(d, flags))
+ || !EVP_MD_meth_set_init(md, TPL(d, init))
+ || !EVP_MD_meth_set_update(md, TPL(d, update))
+ || !EVP_MD_meth_set_final(md, TPL(d, final))
+ || !EVP_MD_meth_set_copy(md, TPL(d, copy))
+ || !EVP_MD_meth_set_cleanup(md, TPL(d, cleanup))
+ || !EVP_MD_meth_set_ctrl(md, TPL(d, ctrl))) {
+ EVP_MD_meth_free(md);
+ md = NULL;
}
- return _hidden_GostR3411_94_md;
+ if (md && d->alias)
+ EVP_add_digest_alias(EVP_MD_name(md), d->alias);
+ d->digest = md;
+ return md;
}
-void digest_gost_destroy(void)
+void GOST_deinit_digest(GOST_digest *d)
{
- EVP_MD_meth_free(_hidden_GostR3411_94_md);
- _hidden_GostR3411_94_md = NULL;
+ if (d->alias)
+ EVP_delete_digest_alias(d->alias);
+ EVP_MD_meth_free(d->digest);
+ d->digest = NULL;
}
-int gost_digest_init(EVP_MD_CTX *ctx)
+static int gost_digest_init(EVP_MD_CTX *ctx)
{
struct ossl_gost_digest_ctx *c = EVP_MD_CTX_md_data(ctx);
memset(&(c->dctx), 0, sizeof(gost_hash_ctx));
return 1;
}
-int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return hash_block((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, count);
}
-int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
{
return finish_hash((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), md);
}
-int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
struct ossl_gost_digest_ctx *md_ctx = EVP_MD_CTX_md_data(to);
if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) {
return 1;
}
-int gost_digest_cleanup(EVP_MD_CTX *ctx)
+static int gost_digest_cleanup(EVP_MD_CTX *ctx)
{
if (EVP_MD_CTX_md_data(ctx))
memset(EVP_MD_CTX_md_data(ctx), 0,
sizeof(struct ossl_gost_digest_ctx));
return 1;
}
+/* vim: set expandtab cinoptions=\:0,l1,t0,g0,(0 sw=4 : */
/**********************************************************************
* gost_md2012.c *
* Copyright (c) 2013 Cryptocom LTD. *
+ * Copyright (c) 2020 Vitaly Chikunov <vt@altlinux.org> *
* This file is distributed under the same license as OpenSSL *
* *
* GOST R 34.11-2012 interface to OpenSSL engine. *
#include <openssl/evp.h>
#include "gosthash2012.h"
+#include "gost_lcl.h"
static int gost_digest_init512(EVP_MD_CTX *ctx);
static int gost_digest_init256(EVP_MD_CTX *ctx);
const char micalg_256[] = "gostr3411-2012-256";
const char micalg_512[] = "gostr3411-2012-512";
-static EVP_MD *_hidden_GostR3411_2012_256_md = NULL;
-static EVP_MD *_hidden_GostR3411_2012_512_md = NULL;
-
-EVP_MD *digest_gost2012_256(void)
-{
- if (_hidden_GostR3411_2012_256_md == NULL) {
- EVP_MD *md;
-
- if ((md =
- EVP_MD_meth_new(NID_id_GostR3411_2012_256, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 32)
- || !EVP_MD_meth_set_input_blocksize(md, 64)
- || !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx))
- || !EVP_MD_meth_set_init(md, gost_digest_init256)
- || !EVP_MD_meth_set_update(md, gost_digest_update)
- || !EVP_MD_meth_set_final(md, gost_digest_final)
- || !EVP_MD_meth_set_copy(md, gost_digest_copy)
- || !EVP_MD_meth_set_ctrl(md, gost_digest_ctrl_256)
- || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_GostR3411_2012_256_md = md;
- }
- return _hidden_GostR3411_2012_256_md;
-}
-
-void digest_gost2012_256_destroy(void)
-{
- EVP_MD_meth_free(_hidden_GostR3411_2012_256_md);
- _hidden_GostR3411_2012_256_md = NULL;
-}
-
-EVP_MD *digest_gost2012_512(void)
-{
- if (_hidden_GostR3411_2012_512_md == NULL) {
- EVP_MD *md;
-
- if ((md =
- EVP_MD_meth_new(NID_id_GostR3411_2012_512, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 64)
- || !EVP_MD_meth_set_input_blocksize(md, 64)
- || !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx))
- || !EVP_MD_meth_set_init(md, gost_digest_init512)
- || !EVP_MD_meth_set_update(md, gost_digest_update)
- || !EVP_MD_meth_set_final(md, gost_digest_final)
- || !EVP_MD_meth_set_copy(md, gost_digest_copy)
- || !EVP_MD_meth_set_ctrl(md, gost_digest_ctrl_512)
- || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_GostR3411_2012_512_md = md;
- }
- return _hidden_GostR3411_2012_512_md;
-}
-
-void digest_gost2012_512_destroy(void)
-{
- EVP_MD_meth_free(_hidden_GostR3411_2012_512_md);
- _hidden_GostR3411_2012_512_md = NULL;
-}
+GOST_digest GostR3411_2012_template_digest = {
+ .input_blocksize = 64,
+ .app_datasize = sizeof(gost2012_hash_ctx),
+ .update = gost_digest_update,
+ .final = gost_digest_final,
+ .copy = gost_digest_copy,
+ .cleanup = gost_digest_cleanup,
+};
+
+GOST_digest GostR3411_2012_256_digest = {
+ .nid = NID_id_GostR3411_2012_256,
+ .alias = "streebog256",
+ .template = &GostR3411_2012_template_digest,
+ .result_size = 32,
+ .init = gost_digest_init256,
+ .ctrl = gost_digest_ctrl_256,
+};
+
+GOST_digest GostR3411_2012_512_digest = {
+ .nid = NID_id_GostR3411_2012_512,
+ .alias = "streebog512",
+ .template = &GostR3411_2012_template_digest,
+ .result_size = 64,
+ .init = gost_digest_init512,
+ .ctrl = gost_digest_ctrl_512,
+};
static int gost_digest_init512(EVP_MD_CTX *ctx)
{
+/*
+ * Copyright (c) 2019 Dmitry Belyavskiy <beldmit@gmail.com>
+ * Copyright (c) 2020 Vitaly Chikunov <vt@altlinux.org>
+ *
+ * Contents licensed under the terms of the OpenSSL license
+ * See https://www.openssl.org/source/license.html for details
+ */
#include <string.h>
#include <openssl/cmac.h>
#include <openssl/conf.h>
return CMAC_Update(c->cmac_ctx, data, count);
}
-int omac_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
+static int omac_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
{
OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
unsigned char mac[MAX_GOST_OMAC_SIZE];
return 1;
}
-int omac_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+static int omac_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
OMAC_CTX *c_to = EVP_MD_CTX_md_data(to);
const OMAC_CTX *c_from = EVP_MD_CTX_md_data(from);
}
/* Clean up imit ctx */
-int omac_imit_cleanup(EVP_MD_CTX *ctx)
+static int omac_imit_cleanup(EVP_MD_CTX *ctx)
{
OMAC_CTX *c = EVP_MD_CTX_md_data(ctx);
return 1;
}
+/* Called directly by gost_kexp15() */
int omac_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
{
switch (type) {
}
}
-static EVP_MD *_hidden_magma_mac_md = NULL;
-
-EVP_MD *magma_omac(void)
-{
- if (_hidden_magma_mac_md == NULL) {
- EVP_MD *md;
-
- if ((md = EVP_MD_meth_new(NID_magma_mac, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 8)
- || !EVP_MD_meth_set_input_blocksize(md, 8)
- || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_CTX))
- || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
- || !EVP_MD_meth_set_init(md, magma_imit_init)
- || !EVP_MD_meth_set_update(md, omac_imit_update)
- || !EVP_MD_meth_set_final(md, omac_imit_final)
- || !EVP_MD_meth_set_copy(md, omac_imit_copy)
- || !EVP_MD_meth_set_cleanup(md, omac_imit_cleanup)
- || !EVP_MD_meth_set_ctrl(md, omac_imit_ctrl)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_magma_mac_md = md;
- }
- return _hidden_magma_mac_md;
-}
-
-void magma_omac_destroy(void)
-{
- EVP_MD_meth_free(_hidden_magma_mac_md);
- _hidden_magma_mac_md = NULL;
-}
-
-static EVP_MD *_hidden_grasshopper_mac_md = NULL;
-
-EVP_MD *grasshopper_omac(void)
-{
- if (_hidden_grasshopper_mac_md == NULL) {
- EVP_MD *md;
-
- if ((md = EVP_MD_meth_new(NID_grasshopper_mac, NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, 16)
- || !EVP_MD_meth_set_input_blocksize(md, 8)
- || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_CTX))
- || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
- || !EVP_MD_meth_set_init(md, grasshopper_imit_init)
- || !EVP_MD_meth_set_update(md, omac_imit_update)
- || !EVP_MD_meth_set_final(md, omac_imit_final)
- || !EVP_MD_meth_set_copy(md, omac_imit_copy)
- || !EVP_MD_meth_set_cleanup(md, omac_imit_cleanup)
- || !EVP_MD_meth_set_ctrl(md, omac_imit_ctrl)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_grasshopper_mac_md = md;
- }
- return _hidden_grasshopper_mac_md;
-}
-
-void grasshopper_omac_destroy(void)
-{
- EVP_MD_meth_free(_hidden_grasshopper_mac_md);
- _hidden_grasshopper_mac_md = NULL;
-}
+static GOST_digest omac_template_digest = {
+ .input_blocksize = 8,
+ .app_datasize = sizeof(OMAC_CTX),
+ .flags = EVP_MD_FLAG_XOF,
+ .update = omac_imit_update,
+ .final = omac_imit_final,
+ .copy = omac_imit_copy,
+ .cleanup = omac_imit_cleanup,
+ .ctrl = omac_imit_ctrl,
+};
+
+GOST_digest magma_mac_digest = {
+ .nid = NID_magma_mac,
+ .template = &omac_template_digest,
+ .result_size = 8,
+ .init = magma_imit_init,
+};
+
+GOST_digest grasshopper_mac_digest = {
+ .nid = NID_grasshopper_mac,
+ .template = &omac_template_digest,
+ .result_size = 16,
+ .init = grasshopper_imit_init,
+};
/*
- * Copyright (C) 2018 vt@altlinux.org. All Rights Reserved.
+ * Copyright (C) 2018,2020 Vitaly Chikunov <vt@altlinux.org>. All Rights Reserved.
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
*
* Contents licensed under the terms of the OpenSSL license
return 1;
}
-int omac_acpkm_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+static int omac_acpkm_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
{
OMAC_ACPKM_CTX *c_to = EVP_MD_CTX_md_data(to);
const OMAC_ACPKM_CTX *c_from = EVP_MD_CTX_md_data(from);
}
/* Clean up imit ctx */
-int omac_acpkm_imit_cleanup(EVP_MD_CTX *ctx)
+static int omac_acpkm_imit_cleanup(EVP_MD_CTX *ctx)
{
OMAC_ACPKM_CTX *c = EVP_MD_CTX_md_data(ctx);
}
}
-static EVP_MD *_hidden_grasshopper_omac_acpkm_md = NULL;
-
-EVP_MD *grasshopper_omac_acpkm(void)
-{
- if (_hidden_grasshopper_omac_acpkm_md == NULL) {
- EVP_MD *md;
-
- if ((md =
- EVP_MD_meth_new(NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
- NID_undef)) == NULL
- || !EVP_MD_meth_set_result_size(md, MAX_GOST_OMAC_ACPKM_SIZE)
- || !EVP_MD_meth_set_input_blocksize(md, GRASSHOPPER_BLOCK_SIZE)
- || !EVP_MD_meth_set_app_datasize(md, sizeof(OMAC_ACPKM_CTX))
- || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_XOF)
- || !EVP_MD_meth_set_init(md, grasshopper_omac_acpkm_init)
- || !EVP_MD_meth_set_update(md, omac_acpkm_imit_update)
- || !EVP_MD_meth_set_final(md, omac_acpkm_imit_final)
- || !EVP_MD_meth_set_copy(md, omac_acpkm_imit_copy)
- || !EVP_MD_meth_set_cleanup(md, omac_acpkm_imit_cleanup)
- || !EVP_MD_meth_set_ctrl(md, omac_acpkm_imit_ctrl)) {
- EVP_MD_meth_free(md);
- md = NULL;
- }
- _hidden_grasshopper_omac_acpkm_md = md;
- }
- return _hidden_grasshopper_omac_acpkm_md;
-}
-
-void grasshopper_omac_acpkm_destroy(void)
-{
- EVP_MD_meth_free(_hidden_grasshopper_omac_acpkm_md);
- _hidden_grasshopper_omac_acpkm_md = NULL;
-}
+GOST_digest kuznyechik_ctracpkm_omac_digest = {
+ .nid = NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac,
+ .result_size = MAX_GOST_OMAC_ACPKM_SIZE,
+ .input_blocksize = GRASSHOPPER_BLOCK_SIZE,
+ .app_datasize = sizeof(OMAC_ACPKM_CTX),
+ .flags = EVP_MD_FLAG_XOF,
+ .init = grasshopper_omac_acpkm_init,
+ .update = omac_acpkm_imit_update,
+ .final = omac_acpkm_imit_final,
+ .copy = omac_acpkm_imit_copy,
+ .cleanup = omac_acpkm_imit_cleanup,
+ .ctrl = omac_acpkm_imit_ctrl,
+};
}
s = BN_bin2bn(sigbuf, siglen / 2, NULL);
r = BN_bin2bn(sigbuf + siglen / 2, siglen / 2, NULL);
- ECDSA_SIG_set0(sig, r, s);
+ ECDSA_SIG_set0(sig, r, s);
return sig;
}
static int pkey_gost_magma_mac_init(EVP_PKEY_CTX *ctx)
{
- return pkey_gost_omac_init(ctx, 8);
+ return pkey_gost_omac_init(ctx, 8);
}
static int pkey_gost_grasshopper_mac_init(EVP_PKEY_CTX *ctx)
{
- return pkey_gost_omac_init(ctx, 16);
+ return pkey_gost_omac_init(ctx, 16);
}
static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
}
param = get_encryption_params(obj);
- ASN1_OBJECT_free(obj);
+ ASN1_OBJECT_free(obj);
if (param == NULL) {
GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS);
return 0;
static int pkey_gost_magma_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
- return pkey_gost_omac_ctrl(ctx, type, p1, p2, 8);
+ return pkey_gost_omac_ctrl(ctx, type, p1, p2, 8);
}
static int pkey_gost_grasshopper_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
- return pkey_gost_omac_ctrl(ctx, type, p1, p2, 16);
+ return pkey_gost_omac_ctrl(ctx, type, p1, p2, 16);
}
static int pkey_gost_omac_ctrl_str(EVP_PKEY_CTX *ctx,
static int pkey_gost_magma_mac_ctrl_str(EVP_PKEY_CTX *ctx,
const char *type, const char *value)
{
- return pkey_gost_omac_ctrl_str(ctx, type, value, 8);
+ return pkey_gost_omac_ctrl_str(ctx, type, value, 8);
}
static int pkey_gost_grasshopper_mac_ctrl_str(EVP_PKEY_CTX *ctx,
const char *type, const char *value)
{
- return pkey_gost_omac_ctrl_str(ctx, type, value, 8);
+ return pkey_gost_omac_ctrl_str(ctx, type, value, 8);
}
static int pkey_gost_mac_keygen_base(EVP_PKEY_CTX *ctx,
pkey_gost_derive_init, pkey_gost_ec_derive);
EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
pkey_gost2001_paramgen);
- EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
- EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
break;
case NID_id_GostR3410_2012_256:
EVP_PKEY_meth_set_ctrl(*pmeth,
EVP_PKEY_meth_set_paramgen(*pmeth,
pkey_gost_paramgen_init,
pkey_gost2012_paramgen);
- EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
- EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
break;
case NID_id_GostR3410_2012_512:
EVP_PKEY_meth_set_ctrl(*pmeth,
EVP_PKEY_meth_set_paramgen(*pmeth,
pkey_gost_paramgen_init,
pkey_gost2012_paramgen);
- EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
- EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_check(*pmeth, pkey_gost_check);
+ EVP_PKEY_meth_set_public_check(*pmeth, pkey_gost_check);
break;
case NID_id_Gost28147_89_MAC:
EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
# ifdef HAVE_ADDCARRY_U64
for (i = 0; i < 8; i++)
- CF = _addcarry_u64(CF, x->QWORD[i] , y->QWORD[i], &(x->QWORD[i]));
+ CF = _addcarry_u64(CF, x->QWORD[i] , y->QWORD[i], &(x->QWORD[i]));
# else
for (i = 0; i < 8; i++) {
- const unsigned long long left = x->QWORD[i];
- unsigned long long sum;
-
- sum = left + y->QWORD[i] + CF;
- /*
- * (sum == left): is noop, because it's possible only
- * when `left' is added with `0 + 0' or with `ULLONG_MAX + 1',
- * in that case `CF' (carry) retain previous value, which is correct,
- * because when `left + 0 + 0' there was no overflow (thus no carry),
- * and when `left + ULLONG_MAX + 1' value is wrapped back to
- * itself with overflow, thus creating carry.
- *
- * (sum != left):
- * if `sum' is not wrapped (sum > left) there should not be carry,
- * if `sum' is wrapped (sum < left) there should be carry.
- */
- if (sum != left)
- CF = (sum < left);
- x->QWORD[i] = sum;
+ const unsigned long long left = x->QWORD[i];
+ unsigned long long sum;
+
+ sum = left + y->QWORD[i] + CF;
+ /*
+ * (sum == left): is noop, because it's possible only
+ * when `left' is added with `0 + 0' or with `ULLONG_MAX + 1',
+ * in that case `CF' (carry) retain previous value, which is correct,
+ * because when `left + 0 + 0' there was no overflow (thus no carry),
+ * and when `left + ULLONG_MAX + 1' value is wrapped back to
+ * itself with overflow, thus creating carry.
+ *
+ * (sum != left):
+ * if `sum' is not wrapped (sum > left) there should not be carry,
+ * if `sum' is wrapped (sum < left) there should be carry.
+ */
+ if (sum != left)
+ CF = (sum < left);
+ x->QWORD[i] = sum;
}
# endif /* !__x86_64__ */
#else /* __GOST3411_BIG_ENDIAN__ */
if (memcmp(meshed_key, buf, 32)) {
fprintf(stderr, "Magma meshing failed");
- ret = 1;
+ ret = 1;
}
acpkm_magma_key_meshing(&ctx);
#include "gost_grasshopper_cipher.h"
#define T(e) if (!(e)) {\
- ERR_print_errors_fp(stderr);\
- OpenSSLDie(__FILE__, __LINE__, #e);\
+ ERR_print_errors_fp(stderr);\
+ OpenSSLDie(__FILE__, __LINE__, #e);\
}
static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
if (ret <= 0) {
ERR_print_errors_fp(stderr);
- err = 1;
+ err = 1;
} else {
hexdump(stdout, "Magma key export", buf, 40);
if (memcmp(buf, magma_export, 40) != 0) {
fprintf(stdout, "ERROR! test failed\n");
- err = 2;
+ err = 2;
}
}
if (ret <= 0) {
ERR_print_errors_fp(stderr);
- err = 3;
+ err = 3;
} else {
hexdump(stdout, "Magma key import", buf, 32);
if (memcmp(buf, shared_key, 32) != 0) {
fprintf(stdout, "ERROR! test failed\n");
- err = 4;
+ err = 4;
}
}
kdf_seed, 8, 1);
if (ret <= 0) {
ERR_print_errors_fp(stderr);
- err = 5;
+ err = 5;
} else {
hexdump(stdout, "KDF TREE", kdf_result, 64);
if (memcmp(kdf_result, kdf_etalon, 64) != 0) {
fprintf(stdout, "ERROR! test failed\n");
- err = 6;
+ err = 6;
}
}
ret = gost_tlstree(NID_grasshopper_cbc, kroot, out, tlsseq);
if (ret <= 0) {
ERR_print_errors_fp(stderr);
- err = 7;
+ err = 7;
} else {
hexdump(stdout, "Gost TLSTREE - grasshopper", out, 32);
if (memcmp(out, tlstree_gh_etalon, 32) != 0) {
fprintf(stdout, "ERROR! test failed\n");
- err = 8;
+ err = 8;
}
}