static ERR_STRING_DATA GOST_str_functs[] = {
{ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"},
{ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"},
- {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"},
{ERR_FUNC(GOST_F_FILL_GOST_EC_PARAMS), "FILL_GOST_EC_PARAMS"},
{ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"},
{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS),
"GOST89_GET_ASN1_PARAMETERS"},
{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS),
"GOST89_SET_ASN1_PARAMETERS"},
- {ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC), "GOST94_COMPUTE_PUBLIC"},
{ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"},
- {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
- {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"},
{ERR_FUNC(GOST_F_GOST_EC_COMPUTE_PUBLIC), "GOST_EC_COMPUTE_PUBLIC"},
{ERR_FUNC(GOST_F_GOST_EC_KEYGEN), "GOST_EC_KEYGEN"},
{ERR_FUNC(GOST_F_GOST_EC_SIGN), "GOST_EC_SIGN"},
{ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"},
{ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"},
{ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"},
- {ERR_FUNC(GOST_F_GOST_SIGN_KEYGEN), "GOST_SIGN_KEYGEN"},
- {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
{ERR_FUNC(GOST_F_PARAM_COPY_GOST_EC), "PARAM_COPY_GOST_EC"},
{ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"},
{ERR_FUNC(GOST_F_PKEY_GOST12_PARAMGEN), "PKEY_GOST12_PARAMGEN"},
- {ERR_FUNC(GOST_F_PKEY_GOST94_CTRL_STR), "PKEY_GOST94_CTRL_STR"},
- {ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN), "PKEY_GOST94_PARAMGEN"},
{ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"},
{ERR_FUNC(GOST_F_PKEY_GOST_ECCP_DECRYPT), "PKEY_GOST_ECCP_DECRYPT"},
{ERR_FUNC(GOST_F_PKEY_GOST_ECCP_ENCRYPT), "PKEY_GOST_ECCP_ENCRYPT"},
{ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"},
{ERR_FUNC(GOST_F_PRINT_GOST_EC_PUB), "PRINT_GOST_EC_PUB"},
{ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"},
- {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
- {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"},
{ERR_FUNC(GOST_F_PUB_DECODE_GOST_EC), "PUB_DECODE_GOST_EC"},
- {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
- {ERR_FUNC(GOST_F_PUB_ENCODE_GOST94), "PUB_ENCODE_GOST94"},
{ERR_FUNC(GOST_F_PUB_ENCODE_GOST_EC), "PUB_ENCODE_GOST_EC"},
- {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"},
{ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"},
{ERR_FUNC(GOST_F_VKO_COMPUTE_KEY), "VKO_COMPUTE_KEY"},
{0, NULL}
"error computing shared key"},
{ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),
"error parsing key transport info"},
+ {ERR_REASON(GOST_R_ERROR_POINT_MUL), "error point mul"},
{ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"},
{ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"},
{ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"},
{ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"},
{ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"},
{ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"},
+ {ERR_REASON(GOST_R_INVALID_MAC_KEY_SIZE) ,"invalid mac key size"},
+ {ERR_REASON(GOST_R_INVALID_MAC_SIZE) ,"invalid mac size"},
{ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"},
- {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED), "key is not initalized"},
{ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"},
{ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"},
{ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"},
- {ERR_REASON(GOST_R_MALLOC_FAILURE), "malloc failure"},
- {ERR_REASON(GOST_R_NO_MEMORY), "no memory"},
{ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"},
{ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),
"no private part of non ephemeral keypair"},
{ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"},
- {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"},
- {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"},
- {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),
- "random number generator failed"},
+ {ERR_REASON(GOST_R_RNG_ERROR), "rng error"},
{ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"},
{ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),
"signature parts greater than q"},
static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
+ static int gost_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
static int gost_cipher_init_cp_12(EVP_CIPHER_CTX *ctx,
/* Handles block of data in CFB mode */
static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);
+ /* Handles block of data in CBC mode */
+ static int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
/* Handles block of data in CNT mode */
static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);
NULL,
};
+ EVP_CIPHER cipher_gost_cbc =
+ {
+ NID_gost89_cbc,
+ 8,/*block_size*/
+ 32,/*key_size*/
+ 8,/*iv_len */
+ EVP_CIPH_CBC_MODE|
+ EVP_CIPH_CUSTOM_IV| EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+ gost_cipher_init_cbc,
+ gost_cipher_do_cbc,
+ gost_cipher_cleanup,
+ sizeof(struct ossl_gost_cipher_ctx),/* ctx_size */
+ gost89_set_asn1_parameters,
+ gost89_get_asn1_parameters,
+ gost_cipher_ctl,
+ NULL,
+ };
+
EVP_CIPHER cipher_gost_cpacnt = {
NID_gost89_cnt,
1, /* block_size */
EVP_CIPH_CFB_MODE);
}
+ /* Initializes EVP_CIPHER_CTX with default values */
+ int gost_cipher_init_cbc(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+ {
+ return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
+ EVP_CIPH_CBC_MODE);
+ }
+
+
/*
* Wrapper around gostcrypt function from gost89.c which perform key meshing
* when nesseccary
c->count = c->count % 1024 + 8;
}
+ /* GOST encryptoon in CBC mode */
+ int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+ {
+ OPENSSL_assert(inl % 8 ==0);
+ unsigned char b[8];
+ const unsigned char *in_ptr=in;
+ unsigned char *out_ptr=out;
+ int i;
+ struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+ if (ctx->encrypt)
+ {
+ while(inl>0)
+ {
+ for (i=0;i<8;i++)
+ {
+ b[i]=ctx->iv[i]^in_ptr[i];
+ }
+ gostcrypt(&(c->cctx),b,out_ptr);
+ memcpy(ctx->iv,out_ptr,8);
+ out_ptr+=8;
+ in_ptr+=8;
+ inl-=8;
+ }
+ }
+ else
+ {
+ while (inl>0) {
+ gostdecrypt(&(c->cctx),in_ptr,b);
+ for (i=0;i<8;i++)
+ {
+ out_ptr[i]=ctx->iv[i]^b[i];
+ }
+ memcpy(ctx->iv,in_ptr,8);
+ out_ptr+=8;
+ in_ptr+=8;
+ inl-=8;
+ }
+ }
+ return 1;
+ }
/* GOST encryption in CFB mode */
int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
case EVP_CTRL_RAND_KEY:
{
if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) {
- GOSTerr(GOST_F_GOST_CIPHER_CTL,
- GOST_R_RANDOM_GENERATOR_ERROR);
+ GOSTerr(GOST_F_GOST_CIPHER_CTL, GOST_R_RNG_ERROR);
return -1;
}
break;
c->count = 0;
c->bytes_left = 0;
c->key_meshing = 1;
+ c->dgst_size = 4;
gost_init(&(c->cctx), block);
return 1;
}
}
mac_block_mesh(c, c->partial_block);
}
- get_mac(c->buffer, 32, md);
+ get_mac(c->buffer, 8 * c->dgst_size, md);
return 1;
}
case EVP_MD_CTRL_SET_KEY:
{
if (arg != 32) {
- GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
+ GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_SIZE);
return 0;
}
return 1;
}
+ case EVP_MD_CTRL_MAC_LEN:
+ {
+ if (arg < 1 || arg > 8) {
+ GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_SIZE);
+ return 0;
+ }
+ struct ossl_gost_imit_ctx *c = ctx->md_data;
+ c->dgst_size=arg;
+ return 1;
+ }
+
default:
return 0;
}