From aed4f443f97e96ed015a7962606b10e1977edd51 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Sat, 26 Mar 2016 17:05:07 +0300 Subject: [PATCH] Opaquization fixes + sources formatting. --- gost_ameth.c | 12 ++--- gost_crypt.c | 122 ++++++++++++++++++++++++++----------------------- gost_ec_keyx.c | 4 +- gost_ec_sign.c | 23 ++++++---- gost_pmeth.c | 30 ++++++------ 5 files changed, 106 insertions(+), 85 deletions(-) diff --git a/gost_ameth.c b/gost_ameth.c index 8a9cd28..8dc47f1 100644 --- a/gost_ameth.c +++ b/gost_ameth.c @@ -253,7 +253,7 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) return -1; } PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg1); - X509_ALGOR_set0(alg1, OBJ_nid2obj(pkey->type), + X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_id(pkey)), V_ASN1_SEQUENCE, params); } return 1; @@ -266,8 +266,8 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) } CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, NULL, &alg1); - X509_ALGOR_set0(alg1, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE, - params); + X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_id(pkey)), + V_ASN1_SEQUENCE, params); } return 1; #endif @@ -282,7 +282,7 @@ static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) /* --------------------- free functions * ------------------------------*/ static void pkey_free_gost_ec(EVP_PKEY *key) { - EC_KEY_free(key->pkey.ec); + EC_KEY_free(EVP_PKEY_get0_EC_KEY(key)); } /* ------------------ private key functions -----------------------------*/ @@ -704,7 +704,7 @@ static int pub_encode_gost_ec(X509_PUBKEY *pub, const EVP_PKEY *pk) int ptype = V_ASN1_UNDEF; algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - if (pk->save_parameters) { + if (EVP_PKEY_save_parameters((EVP_PKEY *)pk, -1)) { ASN1_STRING *params = encode_gost_algor_params(pk); pval = params; ptype = V_ASN1_SEQUENCE; @@ -804,7 +804,7 @@ static int pkey_size_gost(const EVP_PKEY *pk) /* ---------------------- ASN1 METHOD for GOST MAC -------------------*/ static void mackey_free_gost(EVP_PKEY *pk) { - OPENSSL_free(pk->pkey.ptr); + OPENSSL_free(EVP_PKEY_get0(pk)); } static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) diff --git a/gost_crypt.c b/gost_crypt.c index f55a10c..f9ed2cf 100644 --- a/gost_crypt.c +++ b/gost_crypt.c @@ -51,9 +51,8 @@ const EVP_CIPHER *cipher_gost(void) { if (_hidden_Gost28147_89_cipher == NULL && ((_hidden_Gost28147_89_cipher = - EVP_CIPHER_meth_new(NID_id_Gost28147_89, - 1 /* block_size */, - 32 /* key_size */)) == NULL + EVP_CIPHER_meth_new(NID_id_Gost28147_89, 1 /* block_size */ , + 32 /* key_size */ )) == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_Gost28147_89_cipher, 8) || !EVP_CIPHER_meth_set_flags(_hidden_Gost28147_89_cipher, EVP_CIPH_CFB_MODE | @@ -68,11 +67,14 @@ const EVP_CIPHER *cipher_gost(void) || !EVP_CIPHER_meth_set_cleanup(_hidden_Gost28147_89_cipher, gost_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_Gost28147_89_cipher, - sizeof(struct ossl_gost_cipher_ctx)) - || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cipher, - gost89_set_asn1_parameters) - || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cipher, - gost89_get_asn1_parameters) + sizeof(struct + ossl_gost_cipher_ctx)) + || + !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cipher, + gost89_set_asn1_parameters) + || + !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cipher, + gost89_get_asn1_parameters) || !EVP_CIPHER_meth_set_ctrl(_hidden_Gost28147_89_cipher, gost_cipher_ctl))) { EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher); @@ -80,21 +82,20 @@ const EVP_CIPHER *cipher_gost(void) } return _hidden_Gost28147_89_cipher; } - + static EVP_CIPHER *_hidden_Gost28147_89_cbc = NULL; const EVP_CIPHER *cipher_gost_cbc(void) { if (_hidden_Gost28147_89_cbc == NULL && ((_hidden_Gost28147_89_cbc = - EVP_CIPHER_meth_new(NID_gost89_cbc, - 8 /* block_size */, - 32 /* key_size */)) == NULL + EVP_CIPHER_meth_new(NID_gost89_cbc, 8 /* block_size */ , + 32 /* key_size */ )) == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_Gost28147_89_cbc, 8) || !EVP_CIPHER_meth_set_flags(_hidden_Gost28147_89_cbc, - EVP_CIPH_CBC_MODE | - EVP_CIPH_CUSTOM_IV | - EVP_CIPH_RAND_KEY | - EVP_CIPH_ALWAYS_CALL_INIT) + EVP_CIPH_CBC_MODE | + EVP_CIPH_CUSTOM_IV | + EVP_CIPH_RAND_KEY | + EVP_CIPH_ALWAYS_CALL_INIT) || !EVP_CIPHER_meth_set_init(_hidden_Gost28147_89_cbc, gost_cipher_init_cbc) || !EVP_CIPHER_meth_set_do_cipher(_hidden_Gost28147_89_cbc, @@ -102,7 +103,8 @@ const EVP_CIPHER *cipher_gost_cbc(void) || !EVP_CIPHER_meth_set_cleanup(_hidden_Gost28147_89_cbc, gost_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_Gost28147_89_cbc, - sizeof(struct ossl_gost_cipher_ctx)) + sizeof(struct + ossl_gost_cipher_ctx)) || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cbc, gost89_set_asn1_parameters) || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cbc, @@ -114,14 +116,14 @@ const EVP_CIPHER *cipher_gost_cbc(void) } return _hidden_Gost28147_89_cbc; } + static EVP_CIPHER *_hidden_gost89_cnt = NULL; const EVP_CIPHER *cipher_gost_cpacnt(void) { if (_hidden_gost89_cnt == NULL && ((_hidden_gost89_cnt = - EVP_CIPHER_meth_new(NID_gost89_cnt, - 1 /* block_size */, - 32 /* key_size */)) == NULL + EVP_CIPHER_meth_new(NID_gost89_cnt, 1 /* block_size */ , + 32 /* key_size */ )) == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_gost89_cnt, 8) || !EVP_CIPHER_meth_set_flags(_hidden_gost89_cnt, EVP_CIPH_OFB_MODE | @@ -136,7 +138,8 @@ const EVP_CIPHER *cipher_gost_cpacnt(void) || !EVP_CIPHER_meth_set_cleanup(_hidden_gost89_cnt, gost_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_gost89_cnt, - sizeof(struct ossl_gost_cipher_ctx)) + sizeof(struct + ossl_gost_cipher_ctx)) || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_gost89_cnt, gost89_set_asn1_parameters) || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_gost89_cnt, @@ -154,9 +157,8 @@ const EVP_CIPHER *cipher_gost_cpcnt_12(void) { if (_hidden_gost89_cnt_12 == NULL && ((_hidden_gost89_cnt_12 = - EVP_CIPHER_meth_new(NID_gost89_cnt_12, - 1 /* block_size */, - 32 /* key_size */)) == NULL + EVP_CIPHER_meth_new(NID_gost89_cnt_12, 1 /* block_size */ , + 32 /* key_size */ )) == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_gost89_cnt_12, 8) || !EVP_CIPHER_meth_set_flags(_hidden_gost89_cnt_12, EVP_CIPH_OFB_MODE | @@ -171,7 +173,8 @@ const EVP_CIPHER *cipher_gost_cpcnt_12(void) || !EVP_CIPHER_meth_set_cleanup(_hidden_gost89_cnt_12, gost_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_gost89_cnt_12, - sizeof(struct ossl_gost_cipher_ctx)) + sizeof(struct + ossl_gost_cipher_ctx)) || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_gost89_cnt_12, gost89_set_asn1_parameters) || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_gost89_cnt_12, @@ -196,7 +199,6 @@ void cipher_gost_destroy(void) _hidden_gost89_cnt_12 = NULL; } - /* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */ /* Init functions which set specific parameters */ static int gost_imit_init_cpa(EVP_MD_CTX *ctx); @@ -223,7 +225,8 @@ EVP_MD *imit_gost_cpa(void) || !EVP_MD_meth_set_result_size(md, 4) || !EVP_MD_meth_set_input_blocksize(md, 8) || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_imit_ctx)) + sizeof(struct + ossl_gost_imit_ctx)) || !EVP_MD_meth_set_flags(md, 0) || !EVP_MD_meth_set_init(md, gost_imit_init_cpa) || !EVP_MD_meth_set_update(md, gost_imit_update) @@ -254,7 +257,8 @@ EVP_MD *imit_gost_cp_12(void) || !EVP_MD_meth_set_result_size(md, 4) || !EVP_MD_meth_set_input_blocksize(md, 8) || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_imit_ctx)) + sizeof(struct + ossl_gost_imit_ctx)) || !EVP_MD_meth_set_flags(md, 0) || !EVP_MD_meth_set_init(md, gost_imit_init_cp_12) || !EVP_MD_meth_set_update(md, gost_imit_update) @@ -364,11 +368,11 @@ static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, const unsigned char *iv, int enc, int paramNID, int mode) { - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); if (EVP_CIPHER_CTX_get_app_data(ctx) == NULL) { if (!gost_cipher_set_param(c, paramNID)) return 0; - EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_cipher_data(ctx)); + EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_get_cipher_data(ctx)); } if (key) gost_key(&(c->cctx), key); @@ -377,8 +381,7 @@ static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, EVP_CIPHER_CTX_iv_length(ctx)); } memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); + EVP_CIPHER_CTX_original_iv(ctx), EVP_CIPHER_CTX_iv_length(ctx)); return 1; } @@ -387,7 +390,7 @@ static int gost_cipher_init_cnt(EVP_CIPHER_CTX *ctx, const unsigned char *iv, gost_subst_block * block) { - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); gost_init(&(c->cctx), block); c->key_meshing = 1; c->count = 0; @@ -398,8 +401,7 @@ static int gost_cipher_init_cnt(EVP_CIPHER_CTX *ctx, EVP_CIPHER_CTX_iv_length(ctx)); } memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); + EVP_CIPHER_CTX_original_iv(ctx), EVP_CIPHER_CTX_iv_length(ctx)); return 1; } @@ -490,11 +492,11 @@ int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in_ptr = in; unsigned char *out_ptr = out; int i; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx); if (EVP_CIPHER_CTX_encrypting(ctx)) { while (inl > 0) { - + for (i = 0; i < 8; i++) { b[i] = iv[i] ^ in_ptr[i]; } @@ -528,7 +530,7 @@ int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, size_t i = 0; size_t j = 0; unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx); + unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx); /* process partial block if any */ if (EVP_CIPHER_CTX_num(ctx)) { for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; @@ -552,7 +554,7 @@ int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, /* * block cipher current iv */ - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), iv, buf); + gost_crypt_mesh(EVP_CIPHER_CTX_get_cipher_data(ctx), iv, buf); /* * xor next block of input text with it and output it */ @@ -571,7 +573,7 @@ int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, } /* Process rest of buffer */ if (i < inl) { - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), iv, buf); + gost_crypt_mesh(EVP_CIPHER_CTX_get_cipher_data(ctx), iv, buf); if (!EVP_CIPHER_CTX_encrypting(ctx)) memcpy(buf + 8, in_ptr, inl - i); for (j = 0; i < inl; j++, i++) { @@ -594,7 +596,7 @@ static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, size_t i = 0; size_t j; unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx); + unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx); /* process partial block if any */ if (EVP_CIPHER_CTX_num(ctx)) { for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; @@ -614,7 +616,7 @@ static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, * block cipher current iv */ /* Encrypt */ - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), iv, buf); + gost_cnt_next(EVP_CIPHER_CTX_get_cipher_data(ctx), iv, buf); /* * xor next block of input text with it and output it */ @@ -627,7 +629,7 @@ static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, } /* Process rest of buffer */ if (i < inl) { - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), iv, buf); + gost_cnt_next(EVP_CIPHER_CTX_get_cipher_data(ctx), iv, buf); for (j = 0; i < inl; j++, i++) { out_ptr[j] = buf[j] ^ in_ptr[j]; } @@ -641,7 +643,9 @@ static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Cleaning up of EVP_CIPHER_CTX */ int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx) { - gost_destroy(&((struct ossl_gost_cipher_ctx *)EVP_CIPHER_CTX_cipher_data(ctx))->cctx); + gost_destroy(& + ((struct ossl_gost_cipher_ctx *) + EVP_CIPHER_CTX_get_cipher_data(ctx))->cctx); EVP_CIPHER_CTX_set_app_data(ctx, NULL); return 1; } @@ -653,7 +657,8 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) #if 0 case EVP_CTRL_INIT: { - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = + EVP_CIPHER_CTX_get_cipher_data(ctx); if (c == NULL) { return -1; } @@ -662,7 +667,8 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) #endif case EVP_CTRL_RAND_KEY: { - if (RAND_bytes((unsigned char *)ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { + if (RAND_bytes + ((unsigned char *)ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { GOSTerr(GOST_F_GOST_CIPHER_CTL, GOST_R_RNG_ERROR); return -1; } @@ -689,7 +695,8 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) case EVP_CTRL_SET_SBOX: if (ptr) { - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = + EVP_CIPHER_CTX_get_cipher_data(ctx); int nid; int cur_meshing; int ret; @@ -712,11 +719,12 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) c->key_meshing = cur_meshing; return ret; } else { - return 0; + return 0; } case EVP_CTRL_KEY_MESH: { - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = + EVP_CIPHER_CTX_get_cipher_data(ctx); if (c == NULL) { return -1; @@ -743,14 +751,15 @@ int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) int len = 0; unsigned char *buf = NULL; unsigned char *p = NULL; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); ASN1_OCTET_STRING *os = NULL; if (!gcp) { GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); return 0; } - if (!ASN1_OCTET_STRING_set(gcp->iv, EVP_CIPHER_CTX_iv(ctx), EVP_CIPHER_CTX_iv_length(ctx))) { + if (!ASN1_OCTET_STRING_set + (gcp->iv, EVP_CIPHER_CTX_iv(ctx), EVP_CIPHER_CTX_iv_length(ctx))) { GOST_CIPHER_PARAMS_free(gcp); GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); return 0; @@ -788,7 +797,7 @@ int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) int len; GOST_CIPHER_PARAMS *gcp = NULL; unsigned char *p; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); + struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx); int nid; if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { @@ -819,9 +828,9 @@ int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) GOST_CIPHER_PARAMS_free(gcp); return -1; } - /*XXX missing non-const accessor*/ + /*XXX missing non-const accessor */ memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), gcp->iv->data, - EVP_CIPHER_CTX_iv_length(ctx)); + EVP_CIPHER_CTX_iv_length(ctx)); GOST_CIPHER_PARAMS_free(gcp); @@ -931,9 +940,10 @@ int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) return 1; case EVP_MD_CTRL_SET_KEY: { - struct ossl_gost_imit_ctx *gost_imit_ctx = EVP_MD_CTX_md_data(ctx); + struct ossl_gost_imit_ctx *gost_imit_ctx = + EVP_MD_CTX_md_data(ctx); - if (EVP_MD_meth_get_init(EVP_MD_CTX_md(ctx))(ctx) <= 0) { + if (EVP_MD_meth_get_init(EVP_MD_CTX_md(ctx)) (ctx) <= 0) { GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_MAC_KEY_NOT_SET); return 0; } diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 457b308..8c2af2a 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -79,8 +79,8 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, } mdctx = EVP_MD_CTX_new(); if (!mdctx) { - GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); - goto err; + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); + goto err; } EVP_MD_CTX_init(mdctx); EVP_DigestInit_ex(mdctx, md, NULL); diff --git a/gost_ec_sign.c b/gost_ec_sign.c index c3e1e01..2c04ed7 100644 --- a/gost_ec_sign.c +++ b/gost_ec_sign.c @@ -160,6 +160,9 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) const BIGNUM *priv_key; BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = NULL, *e = NULL; + + BIGNUM *new_r = NULL, *new_s = NULL; + EC_POINT *C = NULL; BN_CTX *ctx; @@ -273,9 +276,10 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) } while (BN_is_zero(s)); - newsig->s = BN_dup(s); - newsig->r = BN_dup(r); - if (!newsig->s || !newsig->r) { + DSA_SIG_get0(&new_r, &new_s, newsig); + new_s = BN_dup(s); + new_r = BN_dup(r); + if (!new_s || !new_r) { GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); goto err; } @@ -306,6 +310,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, BIGNUM *order; BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = NULL; + BIGNUM *sig_s = NULL, *sig_r = NULL; BIGNUM *X = NULL, *tmp = NULL; EC_POINT *C = NULL; const EC_POINT *pub_key = NULL; @@ -338,8 +343,10 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, goto err; } - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) { + DSA_SIG_get0(&sig_r, &sig_s, sig); + + if (BN_is_zero(sig_s) || BN_is_zero(sig_r) || + (BN_cmp(sig_s, order) >= 1) || (BN_cmp(sig_r, order) >= 1)) { GOSTerr(GOST_F_GOST_EC_VERIFY, GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); goto err; @@ -362,8 +369,8 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, goto err; } v = BN_mod_inverse(v, e, order, ctx); - if (!v || !BN_mod_mul(z1, sig->s, v, order, ctx) - || !BN_sub(tmp, order, sig->r) + if (!v || !BN_mod_mul(z1, sig_s, v, order, ctx) + || !BN_sub(tmp, order, sig_r) || !BN_mod_mul(z2, tmp, v, order, ctx)) { GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_INTERNAL_ERROR); goto err; @@ -400,7 +407,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, BN_print_fp(stderr, R); fprintf(stderr, "\n"); #endif - if (BN_cmp(R, sig->r) != 0) { + if (BN_cmp(R, sig_r) != 0) { GOSTerr(GOST_F_GOST_EC_VERIFY, GOST_R_SIGNATURE_MISMATCH); } else { ok = 1; diff --git a/gost_pmeth.c b/gost_pmeth.c index 6b38e60..d84c7ef 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -369,10 +369,12 @@ static int pkey_gost2012cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) */ int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen) { + BIGNUM *sig_r = NULL, *sig_s = NULL; + DSA_SIG_get0(&sig_r, &sig_s, s); *siglen = 2 * order; memset(sig, 0, *siglen); - store_bignum(s->s, sig, order); - store_bignum(s->r, sig + order, order); + store_bignum(sig_s, sig, order); + store_bignum(sig_r, sig + order, order); DSA_SIG_free(s); return 1; } @@ -418,14 +420,16 @@ static int pkey_gost_ec_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen) { DSA_SIG *s; + BIGNUM *sig_r = NULL, *sig_s = NULL; s = DSA_SIG_new(); if (s == NULL) { GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, ERR_R_MALLOC_FAILURE); return NULL; } - s->s = BN_bin2bn(sig, siglen / 2, NULL); - s->r = BN_bin2bn(sig + siglen / 2, siglen / 2, NULL); + DSA_SIG_get0(&sig_r, &sig_s, s); + sig_s = BN_bin2bn(sig, siglen / 2, NULL); + sig_r = BN_bin2bn(sig + siglen / 2, siglen / 2, NULL); return s; } @@ -480,7 +484,7 @@ static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx) struct gost_mac_key *key = EVP_PKEY_get0(pkey); if (key) { data->mac_param_nid = key->mac_param_nid; - data->mac_size = key->mac_size; + data->mac_size = key->mac_size; } } @@ -568,11 +572,11 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) GOST_R_MAC_KEY_NOT_SET); return 0; } - return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) - (mctx, EVP_MD_CTRL_SET_KEY, 0, key); + return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) + (mctx, EVP_MD_CTRL_SET_KEY, 0, key); } else { - return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) - (mctx, EVP_MD_CTRL_SET_KEY, 32, &(data->key)); + return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) + (mctx, EVP_MD_CTRL_SET_KEY, 32, &(data->key)); } } case EVP_PKEY_CTRL_MAC_LEN: @@ -659,7 +663,7 @@ static int pkey_gost_mac_keygen_base(EVP_PKEY_CTX *ctx, return 0; memcpy(keydata->key, data->key, 32); keydata->mac_param_nid = data->mac_param_nid; - keydata->mac_size = data->mac_size; + keydata->mac_size = data->mac_size; EVP_PKEY_assign(pkey, mac_nid, keydata); return 1; } @@ -678,9 +682,9 @@ static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - if (data == NULL) { - pkey_gost_mac_init(ctx); - } + if (data == NULL) { + pkey_gost_mac_init(ctx); + } data = EVP_PKEY_CTX_get_data(ctx); if (!data) { -- 2.39.2