From a8eda4312db1f98cffda38670e2d40d36566785a Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 19 Jan 2016 12:06:33 +0000 Subject: [PATCH] Remove the GOST engine The GOST engine is now out of date and is removed by this commit. An up to date GOST engine is now being maintained in an external repository. See: https://wiki.openssl.org/index.php/Binaries Reviewed-by: Richard Levitte --- CHANGES | 7 + Configure | 1 - Makefile.in | 3 +- crypto/engine/eng_all.c | 3 - engines/Makefile.in | 18 +- engines/ccgost/Makefile.in | 75 -- engines/ccgost/README.gost | 300 ------ engines/ccgost/e_gost_err.c | 201 ---- engines/ccgost/e_gost_err.h | 157 --- engines/ccgost/e_gost_err.proto | 61 -- engines/ccgost/gost.ec | 5 - engines/ccgost/gost2001.c | 460 --------- engines/ccgost/gost2001_keyx.c | 290 ------ engines/ccgost/gost2001_keyx.h | 10 - engines/ccgost/gost89.c | 576 ----------- engines/ccgost/gost89.h | 98 -- engines/ccgost/gost_ameth.c | 696 ------------- engines/ccgost/gost_asn1.c | 56 -- engines/ccgost/gost_crypt.c | 699 -------------- engines/ccgost/gost_ctl.c | 91 -- engines/ccgost/gost_eng.c | 285 ------ engines/ccgost/gost_keywrap.c | 106 -- engines/ccgost/gost_keywrap.h | 56 -- engines/ccgost/gost_lcl.h | 228 ----- engines/ccgost/gost_md.c | 88 -- engines/ccgost/gost_params.c | 80 -- engines/ccgost/gost_pmeth.c | 510 ---------- engines/ccgost/gosthash.c | 268 ------ engines/ccgost/gosthash.h | 52 - engines/ccgost/gostsum.c | 187 ---- include/openssl/engine.h | 3 - test/Makefile.in | 10 +- test/gost2814789test.c | 1447 ---------------------------- test/recipes/90-test_gost2814789.t | 13 - util/libeay.num | 2 +- util/mk1mf.pl | 1 - 36 files changed, 14 insertions(+), 7129 deletions(-) delete mode 100644 engines/ccgost/Makefile.in delete mode 100644 engines/ccgost/README.gost delete mode 100644 engines/ccgost/e_gost_err.c delete mode 100644 engines/ccgost/e_gost_err.h delete mode 100644 engines/ccgost/e_gost_err.proto delete mode 100644 engines/ccgost/gost.ec delete mode 100644 engines/ccgost/gost2001.c delete mode 100644 engines/ccgost/gost2001_keyx.c delete mode 100644 engines/ccgost/gost2001_keyx.h delete mode 100644 engines/ccgost/gost89.c delete mode 100644 engines/ccgost/gost89.h delete mode 100644 engines/ccgost/gost_ameth.c delete mode 100644 engines/ccgost/gost_asn1.c delete mode 100644 engines/ccgost/gost_crypt.c delete mode 100644 engines/ccgost/gost_ctl.c delete mode 100644 engines/ccgost/gost_eng.c delete mode 100644 engines/ccgost/gost_keywrap.c delete mode 100644 engines/ccgost/gost_keywrap.h delete mode 100644 engines/ccgost/gost_lcl.h delete mode 100644 engines/ccgost/gost_md.c delete mode 100644 engines/ccgost/gost_params.c delete mode 100644 engines/ccgost/gost_pmeth.c delete mode 100644 engines/ccgost/gosthash.c delete mode 100644 engines/ccgost/gosthash.h delete mode 100644 engines/ccgost/gostsum.c delete mode 100644 test/gost2814789test.c delete mode 100644 test/recipes/90-test_gost2814789.t diff --git a/CHANGES b/CHANGES index bd2e52ce2c..fb310829aa 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,13 @@ Changes between 1.0.2e and 1.1.0 [xx XXX xxxx] + *) The GOST engine was out of date and therefore it has been removed. An up + to date GOST engine is now being maintained in an external repository. + See: https://wiki.openssl.org/index.php/Binaries. Libssl still retains + support for GOST ciphersuites (these are only activated if a GOST engine + is present). + [Matt Caswell] + *) EGD is no longer supported by default; use enable-egd when configuring. [Ben Kaduk and Rich Salz] diff --git a/Configure b/Configure index 330748b4e4..0efed391b0 100755 --- a/Configure +++ b/Configure @@ -1932,7 +1932,6 @@ while () $sdirs = 0 unless /\\$/; s/fips // if (/^DIRS=/ && !$fips); s/engines // if (/^DIRS=/ && $disabled{"engine"}); - s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"}); s/^VERSION=.*/VERSION=$version/; s/^MAJOR=.*/MAJOR=$major/; s/^MINOR=.*/MINOR=$minor/; diff --git a/Makefile.in b/Makefile.in index 8dd7f1aaff..69e2706e8e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -132,7 +132,6 @@ FIPSCANLIB= BASEADDR= DIRS= crypto ssl engines apps test tools -ENGDIRS= ccgost SHLIBDIRS= crypto ssl INSTALL_SUBS= engines apps tools @@ -212,7 +211,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\ AS='$(CC)' ASFLAG='$(CFLAG) -c' \ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ CROSS_COMPILE='$(CROSS_COMPILE)' \ - PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ + PERL='$(PERL)' \ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ INSTALL_PREFIX='$(INSTALL_PREFIX)' \ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \ diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index 2c2353a3f0..74cde879ae 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -86,9 +86,6 @@ void ENGINE_load_builtin_engines(void) ENGINE_load_padlock(); # endif # endif -# ifndef OPENSSL_NO_GOST - ENGINE_load_gost(); -# endif # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) ENGINE_load_capi(); # endif diff --git a/engines/Makefile.in b/engines/Makefile.in index b8665ff406..aed9ff512e 100644 --- a/engines/Makefile.in +++ b/engines/Makefile.in @@ -12,12 +12,6 @@ INCLUDES= -I../include CFLAG=-g MAKEFILE= Makefile AR= ar r -ENGDIRS= ccgost - -RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \ - (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ - $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \ - done; ENGINES_ASM_OBJ= @@ -60,7 +54,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: (cd ..; $(MAKE) DIRS=$(DIR) all) -all: lib subdirs +all: lib lib: $(LIBOBJ) $(TESTLIBOBJ) @if [ -n "$(SHARED_LIBS)" ]; then \ @@ -82,12 +76,8 @@ e_padlock-x86.s: asm/e_padlock-x86.pl e_padlock-x86_64.s: asm/e_padlock-x86_64.pl $(PERL) asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) > $@ -subdirs: - @target=all; $(RECURSIVE_MAKE) - files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @target=files; $(RECURSIVE_MAKE) # XXXXX This currently only works on systems that use .so as suffix # for shared libraries as well as for Cygwin which uses the @@ -118,27 +108,23 @@ install: mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ done; \ fi - @target=install; $(RECURSIVE_MAKE) errors: set -e; for l in $(LIBNAMES); do \ $(PERL) ../util/mkerr.pl -conf e_$$l.ec \ -nostatic -staticloader -write e_$$l.c; \ done - (cd ccgost; $(MAKE) PERL=$(PERL) errors) update: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) ) depend: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) + local_depend: @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC) clean: rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @target=clean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/Makefile.in b/engines/ccgost/Makefile.in deleted file mode 100644 index 77d552f85f..0000000000 --- a/engines/ccgost/Makefile.in +++ /dev/null @@ -1,75 +0,0 @@ -DIR=ccgost -TOP=../.. -CC=cc -INCLUDES= -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r -CFLAGS= $(INCLUDES) $(CFLAG) -LIB=$(TOP)/libcrypto.a - -LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_pmeth.c gost_params.c - -LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_pmeth.o gost_params.o - -SRC=$(LIBSRC) - -LIBNAME=gost - -top: - (cd $(TOP); $(MAKE) DIRS=engines sub_all) - -all: lib - -errors: - $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC) - -lib: $(LIBOBJ) - if [ -n "$(SHARED_LIBS)" ]; then \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ - LIBNAME=$(LIBNAME) \ - LIBEXTRAS='$(LIBOBJ)' \ - LIBDEPS='-L$(TOP) -lcrypto' \ - link_o.$(SHLIB_TARGET); \ - else \ - $(AR) $(LIB) $(LIBOBJ); \ - fi - @touch lib - -install: - [ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - echo installing $(LIBNAME); \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ - cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \ - *DSO_DL*) sfx=".sl";; \ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - -update: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -depend: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi -local_depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll *.dylib - -# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost deleted file mode 100644 index abc5a9b7ca..0000000000 --- a/engines/ccgost/README.gost +++ /dev/null @@ -1,300 +0,0 @@ -GOST ENGINE - -This engine provides implementation of Russian cryptography standard. -This is also an example of adding new cryptoalgorithms into OpenSSL -without changing its core. If OpenSSL is compiled with dynamic engine -support, new algorithms can be added even without recompilation of -OpenSSL and applications which use it. - -ALGORITHMS SUPPORTED - -GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms. - Also support key exchange based on public keys. See RFC 4357 for - details of VKO key exchange algorithm. These algorithms use - 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for - 2001 (which is elliptic-curve based). Key exchange algorithms - (VKO R 34.10) are supported on these keys too. - -GOST R 34.11-94 Message digest algorithm. 256-bit hash value - -GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are - defined in the standard, but only CFB and CNT modes are implemented - in the engine. To make statistical analysis more difficult, key - meshing is supported (see RFC 4357). - -GOST 28147-89 MAC mode. Message authentication code. While most MAC - algorithms out there are based on hash functions using HMAC - algorithm, this algoritm is based on symmetric cipher. - It has 256-bit symmetric key and only 32 bits of MAC value - (while HMAC has same key size and value size). - - It is implemented as combination of EVP_PKEY type and EVP_MD type. - -USAGE OF THESE ALGORITHMS - -This engine is designed to allow usage of this algorithms in the -high-level openssl functions, such as PKI, S/MIME and TLS. - -See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI. -TLS support is implemented according IETF -draft-chudov-cryptopro-cptls-03.txt and is compatible with -CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. -GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported -because they use ciphersuite numbers used now by AES ciphersuites. - -To use the engine you have to load it via openssl configuration -file. Applications should read openssl configuration file or provide -their own means to load engines. Also, applications which operate with -private keys, should use generic EVP_PKEY API instead of using RSA or -other algorithm-specific API. - -CONFIGURATION FILE - -Configuration file should include following statement in the global -section, i.e. before first bracketed section header (see config(5) for details) - - openssl_conf = openssl_def - -where openssl_def is name of the section in configuration file which -describes global defaults. - -This section should contain following statement: - - [openssl_def] - engines = engine_section - -which points to the section which describes list of the engines to be -loaded. This section should contain: - - [engine_section] - gost = gost_section - -And section which describes configuration of the engine should contain - - [gost_section] - engine_id = gost - dynamic_path = /usr/lib/ssl/engines/libgost.so - default_algorithms = ALL - CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet - -Where engine_id parameter specifies name of engine (should be "gost"). -dynamic_path is a location of the loadable shared library implementing the -engine. If the engine is compiled statically or is located in the OpenSSL -engines directory, this line can be omitted. -default_algorithms parameter specifies that all algorithms, provided by -engine, should be used. - -The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose -between different parameter sets of symmetric cipher algorithm. RFC 4357 -specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL -doesn't provide user interface to choose one when encrypting. So use engine -configuration parameter instead. - -Value of this parameter can be either short name, defined in OpenSSL -obj_dat.h header file or numeric representation of OID, defined in RFC -4357. - -USAGE WITH COMMAND LINE openssl UTILITY - -1. Generation of private key - - openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem - - Use -algorithm option to specify algorithm. - Use -pkeyopt option to pass paramset to algorithm. The following paramsets - are supported by - gost94: 0,A,B,C,D,XA,XB,XC - gost2001: 0,A,B,C,XA,XB - You can also use numeric representation of OID as to destinate - paramset. - - Paramsets starting with X are intended to use for key exchange keys. - Paramsets without X are for digital signature keys. - - Paramset for both algorithms 0 is the test paramset which should be used - only for test purposes. - -There are no algorithm-specific things with generation of certificate -request once you have a private key. - -2. Generation of certificate request along with private/public keypar - - openssl req -newkey gost2001 -pkeyopt paramset:A - - Syntax of -pkeyopt parameter is identical with genpkey command. - - You can also use oldstyle syntax -newkey gost2001:paramfile, but in - this case you should create parameter file first. - - It can be created with - - openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\ - -out paramfile. - -3. S/MIME operations - -If you want to send encrypted mail using GOST algorithms, don't forget -to specify -gost89 as encryption algorithm for OpenSSL smime command. -While OpenSSL is clever enough to find out that GOST R 34.11-94 digest -must be used for digital signing with GOST private key, it have no way -to derive symmetric encryption algorithm from key exchange keys. - -4. TLS operations - -OpenSSL supports all four ciphersuites defined in the IETF draft. -Once you've loaded GOST key and certificate into your TLS server, -ciphersuites which use GOST 28147-89 encryption are enabled. - -Ciphersuites with NULL encryption should be enabled explicitely if -needed. - -GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 -GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 - -Gost 94 and gost 2001 keys can be used simultaneously in the TLS server. -RSA, DSA and EC keys can be used simultaneously with GOST keys, if -server implementation supports loading more than two private -key/certificate pairs. In this case ciphersuites which use any of loaded -keys would be supported and clients can negotiate ones they wish. - -This allows creation of TLS servers which use GOST ciphersuites for -Russian clients and RSA/DSA ciphersuites for foreign clients. - -5. Calculation of digests and symmetric encryption - OpenSSL provides specific commands (like sha1, aes etc) for calculation - of digests and symmetric encryption. Since such commands cannot be - added dynamically, no such commands are provided for GOST algorithms. - Use generic commands 'dgst' and 'enc'. - - Calculation of GOST R 34.11-94 message digest - - openssl dgst -md_gost94 datafile - - Note that GOST R 34.11-94 specifies that digest value should be - interpreted as little-endian number, but OpenSSL outputs just hex dump - of digest value. - - So, to obtain correct digest value, such as produced by gostsum utility - included in the engine distribution, bytes of output should be - reversed. - - Calculation of HMAC based on GOST R 34.11-94 - - openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile - - (or use hexkey if key contain NUL bytes) - Calculation of GOST 28147 MAC - - openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile - - Note absence of an option that specifies digest algorithm. gost-mac - algorithm supports only one digest (which is actually part of - implementation of this mac) and OpenSSL is clever enough to find out - this. - - Encryption with GOST 28147 CFB mode - openssl enc -gost89 -out encrypted-file -in plain-text-file -k - Encryption with GOST 28147 CNT mode - openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k - - -6. Encrypting private keys and PKCS12 - -To produce PKCS12 files compatible with MagPro CSP, you need to use -GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94 -hash to derive key from password. - -openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\ - -certpbe gost89 -macalg md_gost94 - -7. Testing speed of symmetric ciphers. - -To test performance of GOST symmetric ciphers you should use -evp switch -of the openssl speed command. Engine-provided ciphers couldn't be -accessed by cipher-specific functions, only via generic evp interface - - openssl speed -evp gost89 - openssl speed -evp gost89-cnt - - -PROGRAMMING INTERFACES DETAILS - -Applications never should access engine directly. They only use provided -EVP_PKEY API. But there are some details, which should be taken into -account. - -EVP provides two kinds of API for key exchange: - -1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with - RSA-like public key encryption algorithms - -2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key -computing algorithms. - -Although VKO R 34.10 algorithms, described in the RFC 4357 are -definitely second case, engine provides BOTH API for GOST R 34.10 keys. - -EVP_PKEY_derive just invokes appropriate VKO algorithm and computes -256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key -material (UKM). This UKM should be transmitted to other party, so it is -not generated inside derive function. - -It should be set by EVP_PKEY_CTX_ctrl function using -EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but -before EVP_PKEY_derive. - unsigned char ukm[8]; - RAND_bytes(ukm,8); - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm) - -EVP_PKEY_encrypt encrypts provided session key with VKO shared key and -packs it into GOST key transport structure, described in the RFC 4490. - -It typically uses ephemeral key pair to compute shared key and packs its -public part along with encrypted key. So, for most cases use of -EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with -RSA. - -However, if peerkey field in the EVP_PKEY_CTX structure is set (using -EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private -key and uses same parameters as the public key from which this EVP_PKEY_CTX is -created, EVP_PKEY_encrypt will use this private key to compute shared key and -set ephemeral key in the GOST_key_transport structure to NULL. In this case -pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down. - -If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL -public key field, it tries to use peerkey field from the context to -compute shared key. In this case peerkey field should really contain -peer public key. - -Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well. -It can be used when some specific restriction on UKM are imposed by -higher level protocol. For instance, description of GOST ciphersuites -requires UKM to be derived from shared secret. - -If UKM is not set by this control command, encrypt operation would -generate random UKM. - - -This sources include implementation of GOST 28147-89 and GOST R 34.11-94 -which are completely indepentent from OpenSSL and can be used separately -(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file -gostsum.c) is provided as example of such separate usage. This is -program, simular to md5sum and sha1sum utilities, but calculates GOST R -34.11-94 hash. - -Makefile doesn't include rule for compiling gostsum. -Use command - -$(CC) -o gostsum gostsum.c gost89.c gosthash.c -where $(CC) is name of your C compiler. - -Implementations of GOST R 34.10-xx, including VKO algorithms heavily -depends on OpenSSL BIGNUM and Elliptic Curve libraries. - - diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c deleted file mode 100644 index d05ef6143c..0000000000 --- a/engines/ccgost/e_gost_err.c +++ /dev/null @@ -1,201 +0,0 @@ -/* e_gost_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "e_gost_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA GOST_str_functs[] = { - {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"}, - {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"}, - {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"}, - {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"}, - {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), - "GOST89_GET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), - "GOST89_SET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"}, - {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"}, - {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"}, - {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"}, - {0, NULL} -}; - -static ERR_STRING_DATA GOST_str_reasons[] = { - {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT), - "bad key parameters format"}, - {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT), - "bad pkey parameters format"}, - {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY), - "cannot pack ephemeral key"}, - {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY), - "error computing shared key"}, - {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO), - "error parsing key transport info"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"}, - {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"}, - {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"}, - {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"}, - {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"}, - {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"}, - {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"}, - {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR), - "no private part of non ephemeral keypair"}, - {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED), - "random number generator failed"}, - {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"}, - {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q), - "signature parts greater than q"}, - {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"}, - {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND), - "unsupported cipher ctl command"}, - {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET), - "unsupported parameter set"}, - {0, NULL} -}; - -#endif - -#ifdef GOST_LIB_NAME -static ERR_STRING_DATA GOST_lib_name[] = { - {0, GOST_LIB_NAME}, - {0, NULL} -}; -#endif - -static int GOST_lib_error_code = 0; -static int GOST_error_init = 1; - -void ERR_load_GOST_strings(void) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - - if (GOST_error_init) { - GOST_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(GOST_lib_error_code, GOST_str_functs); - ERR_load_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0); - ERR_load_strings(0, GOST_lib_name); -#endif - } -} - -void ERR_unload_GOST_strings(void) -{ - if (GOST_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(GOST_lib_error_code, GOST_str_functs); - ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - ERR_unload_strings(0, GOST_lib_name); -#endif - GOST_error_init = 1; - } -} - -void ERR_GOST_error(int function, int reason, char *file, int line) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(GOST_lib_error_code, function, reason, file, line); -} diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h deleted file mode 100644 index b18395718f..0000000000 --- a/engines/ccgost/e_gost_err.h +++ /dev/null @@ -1,157 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -# define HEADER_GOST_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_GOST_strings(void); -void ERR_unload_GOST_strings(void); -void ERR_GOST_error(int function, int reason, char *file, int line); -# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -# define GOST_F_DECODE_GOST_ALGOR_PARAMS 99 -# define GOST_F_ENCODE_GOST_ALGOR_PARAMS 100 -# define GOST_F_FILL_GOST2001_PARAMS 101 -# define GOST_F_FILL_GOST94_PARAMS 102 -# define GOST_F_GET_ENCRYPTION_PARAMS 103 -# define GOST_F_GOST2001_COMPUTE_PUBLIC 104 -# define GOST_F_GOST2001_DO_SIGN 105 -# define GOST_F_GOST2001_DO_VERIFY 106 -# define GOST_F_GOST2001_KEYGEN 107 -# define GOST_F_GOST89_GET_ASN1_PARAMETERS 108 -# define GOST_F_GOST89_SET_ASN1_PARAMETERS 109 -# define GOST_F_GOST94_COMPUTE_PUBLIC 110 -# define GOST_F_GOST_CIPHER_CTL 111 -# define GOST_F_GOST_DO_SIGN 112 -# define GOST_F_GOST_DO_VERIFY 113 -# define GOST_F_GOST_IMIT_CTRL 114 -# define GOST_F_GOST_IMIT_FINAL 140 -# define GOST_F_GOST_IMIT_UPDATE 115 -# define GOST_F_GOST_SIGN_KEYGEN 142 -# define GOST_F_PARAM_COPY_GOST01 116 -# define GOST_F_PARAM_COPY_GOST94 117 -# define GOST_F_PKEY_GOST01CP_DECRYPT 118 -# define GOST_F_PKEY_GOST01CP_ENCRYPT 119 -# define GOST_F_PKEY_GOST01CP_KEYGEN 120 -# define GOST_F_PKEY_GOST01_PARAMGEN 138 -# define GOST_F_PKEY_GOST2001_DERIVE 121 -# define GOST_F_PKEY_GOST94CP_DECRYPT 122 -# define GOST_F_PKEY_GOST94CP_ENCRYPT 123 -# define GOST_F_PKEY_GOST94CP_KEYGEN 124 -# define GOST_F_PKEY_GOST94_PARAMGEN 139 -# define GOST_F_PKEY_GOST_CTRL 125 -# define GOST_F_PKEY_GOST_CTRL01_STR 126 -# define GOST_F_PKEY_GOST_CTRL94_STR 127 -# define GOST_F_PKEY_GOST_MAC_CTRL 128 -# define GOST_F_PKEY_GOST_MAC_CTRL_STR 129 -# define GOST_F_PKEY_GOST_MAC_KEYGEN 130 -# define GOST_F_PRINT_GOST_01 131 -# define GOST_F_PRIV_DECODE_GOST 132 -# define GOST_F_PUB_DECODE_GOST01 133 -# define GOST_F_PUB_DECODE_GOST94 134 -# define GOST_F_PUB_ENCODE_GOST01 135 -# define GOST_F_PUB_ENCODE_GOST94 141 -# define GOST_F_UNPACK_CC_SIGNATURE 136 -# define GOST_F_UNPACK_CP_SIGNATURE 137 - -/* Reason codes. */ -# define GOST_R_BAD_KEY_PARAMETERS_FORMAT 99 -# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 100 -# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 101 -# define GOST_R_CTRL_CALL_FAILED 132 -# define GOST_R_ERROR_COMPUTING_SHARED_KEY 102 -# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 103 -# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 104 -# define GOST_R_INCOMPATIBLE_ALGORITHMS 105 -# define GOST_R_INCOMPATIBLE_PEER_KEY 131 -# define GOST_R_INVALID_CIPHER_PARAMS 106 -# define GOST_R_INVALID_CIPHER_PARAM_OID 107 -# define GOST_R_INVALID_DIGEST_TYPE 108 -# define GOST_R_INVALID_GOST94_PARMSET 109 -# define GOST_R_INVALID_IV_LENGTH 110 -# define GOST_R_INVALID_MAC_KEY_LENGTH 111 -# define GOST_R_INVALID_PARAMSET 112 -# define GOST_R_KEY_IS_NOT_INITALIZED 113 -# define GOST_R_KEY_IS_NOT_INITIALIZED 114 -# define GOST_R_KEY_PARAMETERS_MISSING 115 -# define GOST_R_MAC_KEY_NOT_SET 116 -# define GOST_R_NO_PARAMETERS_SET 119 -# define GOST_R_NO_PEER_KEY 120 -# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 121 -# define GOST_R_PUBLIC_KEY_UNDEFINED 122 -# define GOST_R_RANDOM_GENERATOR_ERROR 123 -# define GOST_R_RANDOM_GENERATOR_FAILURE 124 -# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 125 -# define GOST_R_SIGNATURE_MISMATCH 126 -# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 127 -# define GOST_R_UKM_NOT_SET 128 -# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 129 -# define GOST_R_UNSUPPORTED_PARAMETER_SET 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/ccgost/e_gost_err.proto b/engines/ccgost/e_gost_err.proto deleted file mode 100644 index c57bd1bd8f..0000000000 --- a/engines/ccgost/e_gost_err.proto +++ /dev/null @@ -1,61 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -#define HEADER_GOST_ERR_H - -#define GOST_LIB_NAME "GOST engine" -#ifdef __cplusplus - extern "C" { -#endif diff --git a/engines/ccgost/gost.ec b/engines/ccgost/gost.ec deleted file mode 100644 index 6c2c85e57c..0000000000 --- a/engines/ccgost/gost.ec +++ /dev/null @@ -1,5 +0,0 @@ -L GOST e_gost_err.h e_gost_err.c -L NONE asymm.h NONE -L NONE md.h NONE -L NONE crypt.h NONE -L NONE gostkeyx.h NONE diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c deleted file mode 100644 index b47d832c6d..0000000000 --- a/engines/ccgost/gost2001.c +++ /dev/null @@ -1,460 +0,0 @@ -/********************************************************************** - * gost2001.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.10-2001 * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include "gost_lcl.h" -#include -#include -#include -#include -#include "e_gost_err.h" -#ifdef DEBUG_SIGN -extern -void dump_signature(const char *message, const unsigned char *buffer, - size_t len); -void dump_dsa_sig(const char *message, DSA_SIG *sig); -#else - -# define dump_signature(a,b,c) -# define dump_dsa_sig(a,b) -#endif - -/* - * Fills EC_KEY structure hidden in the app_data field of DSA structure - * with parameter information, extracted from parameter array in - * params.c file. - * - * Also fils DSA->q field with copy of EC_GROUP order field to make - * DSA_size function work - */ -int fill_GOST2001_params(EC_KEY *eckey, int nid) -{ - R3410_2001_params *params = R3410_2001_paramset; - EC_GROUP *grp = NULL; - BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; - EC_POINT *P = NULL; - BN_CTX *ctx = BN_CTX_new(); - int ok = 0; - - if (!ctx) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - p = BN_CTX_get(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - if (!p || !a || !b || !x || !y || !q) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - while (params->nid != NID_undef && params->nid != nid) - params++; - if (params->nid == NID_undef) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - GOST_R_UNSUPPORTED_PARAMETER_SET); - goto err; - } - if (!BN_hex2bn(&p, params->p) - || !BN_hex2bn(&a, params->a) - || !BN_hex2bn(&b, params->b)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - ERR_R_INTERNAL_ERROR); - goto err; - } - - grp = EC_GROUP_new_curve_GFp(p, a, b, ctx); - if (!grp) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - P = EC_POINT_new(grp); - if (!P) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_hex2bn(&x, params->x) - || !BN_hex2bn(&y, params->y) - || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx) - || !BN_hex2bn(&q, params->q)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_KEYS - fprintf(stderr, "Set params index %d oid %s\nq=", - (params - R3410_2001_paramset), OBJ_nid2sn(params->nid)); - BN_print_fp(stderr, q); - fprintf(stderr, "\n"); -#endif - - if (!EC_GROUP_set_generator(grp, P, q, NULL)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - EC_GROUP_set_curve_name(grp, params->nid); - if (!EC_KEY_set_group(eckey, grp)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - ok = 1; - err: - EC_POINT_free(P); - EC_GROUP_free(grp); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * Computes gost2001 signature as DSA_SIG structure - * - * - */ -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) -{ - DSA_SIG *newsig = NULL, *ret = NULL; - BIGNUM *md = hashsum2bn(dgst); - BIGNUM *order = NULL; - const EC_GROUP *group; - const BIGNUM *priv_key; - BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = - NULL, *e = NULL; - EC_POINT *C = NULL; - BN_CTX *ctx = BN_CTX_new(); - if (!ctx || !md) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - OPENSSL_assert(dlen == 32); - newsig = DSA_SIG_new(); - if (!newsig) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - group = EC_KEY_get0_group(eckey); - if (!group) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - order = BN_CTX_get(ctx); - if (!order || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - priv_key = EC_KEY_get0_private_key(eckey); - if (!priv_key) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - e = BN_CTX_get(ctx); - if (!e || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum="); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q="); - BN_print_fp(stderr, e); - fprintf(stderr, "\n"); -#endif - if (BN_is_zero(e)) { - BN_one(e); - } - k = BN_CTX_get(ctx); - C = EC_POINT_new(group); - if (!k || !C) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - do { - do { - if (!BN_rand_range(k, order)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - if (!X) - X = BN_CTX_get(ctx); - if (!r) - r = BN_CTX_get(ctx); - if (!X || !r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - - if (!BN_nnmod(r, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(r)); - /* s = (r*priv_key+k*e) mod order */ - if (!tmp) - tmp = BN_CTX_get(ctx); - if (!tmp2) - tmp2 = BN_CTX_get(ctx); - if (!s) - s = BN_CTX_get(ctx); - if (!tmp || !tmp2 || !s) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_mod_mul(tmp, priv_key, r, order, ctx) - || !BN_mod_mul(tmp2, k, e, order, ctx) - || !BN_mod_add(s, tmp, tmp2, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(s)); - - newsig->s = BN_dup(s); - newsig->r = BN_dup(r); - if (!newsig->s || !newsig->r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = newsig; - err: - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(C); - BN_free(md); - if (!ret) - DSA_SIG_free(newsig); - return ret; -} - -/* - * Verifies gost 2001 signature - * - */ -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec) -{ - BN_CTX *ctx = BN_CTX_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - BIGNUM *order; - BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = - NULL; - BIGNUM *X = NULL, *tmp = NULL; - EC_POINT *C = NULL; - const EC_POINT *pub_key = NULL; - int ok = 0; - - if (!ctx || !group) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - e = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - R = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (!order || !e || !z1 || !z2 || !tmp || !X || !R || !v) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, - GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - - } - md = hashsum2bn(dgst); - - if (!md || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum: "); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q: "); - BN_print_fp(stderr, e); -#endif - if (BN_is_zero(e) && !BN_one(e)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - v = BN_mod_inverse(v, e, order, ctx); - if (!v - || !BN_mod_mul(z1, sig->s, v, order, ctx) - || !BN_sub(tmp, order, sig->r) - || !BN_mod_mul(z2, tmp, v, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nInverted digest value: "); - BN_print_fp(stderr, v); - fprintf(stderr, "\nz1: "); - BN_print_fp(stderr, z1); - fprintf(stderr, "\nz2: "); - BN_print_fp(stderr, z2); -#endif - C = EC_POINT_new(group); - if (!C) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!BN_mod(R, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nX="); - BN_print_fp(stderr, X); - fprintf(stderr, "\nX mod q="); - BN_print_fp(stderr, R); - fprintf(stderr, "\n"); -#endif - if (BN_cmp(R, sig->r) != 0) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); - } else { - ok = 1; - } - err: - EC_POINT_free(C); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(md); - return ok; -} - -/* - * Computes GOST R 34.10-2001 public key - * - * - */ -int gost2001_compute_public(EC_KEY *ec) -{ - const EC_GROUP *group = EC_KEY_get0_group(ec); - EC_POINT *pub_key = NULL; - const BIGNUM *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if (!group) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, - GOST_R_KEY_IS_NOT_INITIALIZED); - return 0; - } - ctx = BN_CTX_new(); - if (!ctx) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - if ((priv_key = EC_KEY_get0_private_key(ec)) == NULL) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - - pub_key = EC_POINT_new(group); - if (!pub_key) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - if (!EC_KEY_set_public_key(ec, pub_key)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - ok = 256; - err: - EC_POINT_free(pub_key); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * - * Generates GOST R 34.10-2001 keypair - * - * - */ -int gost2001_keygen(EC_KEY *ec) -{ - BIGNUM *order = BN_new(), *d = BN_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - - if (!group || !EC_GROUP_get_order(group, order, NULL)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - - do { - if (!BN_rand_range(d, order)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - BN_free(d); - BN_free(order); - return 0; - } - } - while (BN_is_zero(d)); - - if (!EC_KEY_set_private_key(ec, d)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - BN_free(d); - BN_free(order); - return gost2001_compute_public(ec); -} diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c deleted file mode 100644 index 1fd0174436..0000000000 --- a/engines/ccgost/gost2001_keyx.c +++ /dev/null @@ -1,290 +0,0 @@ -/********************************************************************** - * gost_keyx.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * VK0 34.10-2001 key exchange and GOST R 34.10-2001 * - * based PKCS7/SMIME support * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include -#include "gost89.h" -#include "gosthash.h" -#include "e_gost_err.h" -#include "gost_keywrap.h" -#include "gost_lcl.h" -#include "gost2001_keyx.h" - -/* Implementation of CryptoPro VKO 34.10-2001 algorithm */ -static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, - const EC_POINT *pub_key, EC_KEY *priv_key, - const unsigned char *ukm) -{ - unsigned char ukm_be[8], databuf[64], hashbuf[64]; - BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL; - const BIGNUM *key = EC_KEY_get0_private_key(priv_key); - EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key)); - int i; - gost_hash_ctx hash_ctx; - BN_CTX *ctx = BN_CTX_new(); - - for (i = 0; i < 8; i++) { - ukm_be[7 - i] = ukm[i]; - } - BN_CTX_start(ctx); - UKM = BN_bin2bn(ukm_be, 8, NULL); - p = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); - BN_mod_mul(p, key, UKM, order, ctx); - EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx); - EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); - /* - * Serialize elliptic curve point same way as we do it when saving key - */ - store_bignum(Y, databuf, 32); - store_bignum(X, databuf + 32, 32); - /* And reverse byte order of whole buffer */ - for (i = 0; i < 64; i++) { - hashbuf[63 - i] = databuf[i]; - } - init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet); - start_hash(&hash_ctx); - hash_block(&hash_ctx, hashbuf, 64); - finish_hash(&hash_ctx, shared_key); - done_gost_hash_ctx(&hash_ctx); - BN_free(UKM); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(pnt); - return 32; -} - -/* - * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001 - * algorithm - */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - /* - * Public key of peer in the ctx field peerkey Our private key in the ctx - * pkey ukm is in the algorithm specific context data - */ - EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx); - EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - if (!data->shared_ukm) { - GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET); - return 0; - } - - if (key == NULL) { - *keylen = 32; - return 32; - } - - *keylen = - VKO_compute_key(key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)), - (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm); - return 1; -} - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptocom variation - */ -/* - * Generates ephemeral key based on pubk algorithm computes shared key using - * VKO and returns filled up GOST_KEY_TRANSPORT structure - */ - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ - -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, - size_t *out_len, const unsigned char *key, - size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - const struct gost_cipher_info *param = get_encryption_params(NULL); - unsigned char ukm[8], shared_key[32], crypted_key[44]; - int ret = 0; - int key_is_ephemeral = 1; - gost_ctx cctx; - EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx); - if (data->shared_ukm) { - memcpy(ukm, data->shared_ukm, 8); - } else if (out) { - - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - return 0; - } - } - /* Check for private key in the peer_key of context */ - if (sec_key) { - key_is_ephemeral = 0; - if (!gost_get0_priv_key(sec_key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - key_is_ephemeral = 1; - if (out) { - sec_key = EVP_PKEY_new(); - EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); - EVP_PKEY_copy_parameters(sec_key, pubk); - if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { - goto err; - } - } - } - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list + 1; - } - if (out) { - VKO_compute_key(shared_key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)), - EVP_PKEY_get0(sec_key), ukm); - gost_init(&cctx, param->sblock); - keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (!gkt) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) { - goto err; - } - if (!ASN1_OCTET_STRING_set - (gkt->key_info->encrypted_key, crypted_key + 8, 32)) { - goto err; - } - if (key_is_ephemeral) { - if (!X509_PUBKEY_set - (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid); - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - if (!key_is_ephemeral) { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0) - ret = 1; - GOST_KEY_TRANSPORT_free(gkt); - return ret; - err: - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - -/* - * EVP_PKEY_METHOD callback decrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, - size_t *key_len, const unsigned char *in, - size_t in_len) -{ - const unsigned char *p = in; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); - GOST_KEY_TRANSPORT *gkt = NULL; - int ret = 0; - unsigned char wrappedKey[44]; - unsigned char sharedKey[32]; - gost_ctx ctx; - const struct gost_cipher_info *param = NULL; - EVP_PKEY *eph_key = NULL, *peerkey = NULL; - - if (!key) { - *key_len = 32; - return 1; - } - gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); - if (!gkt) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); - return -1; - } - - /* If key transport structure contains public key, use it */ - eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); - if (eph_key) { - if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_INCOMPATIBLE_PEER_KEY); - goto err; - } - } else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); - if (!peerkey) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_NO_PEER_KEY); - goto err; - } - - param = get_encryption_params(gkt->key_agreement_info->cipher); - if (!param) { - goto err; - } - - gost_init(&ctx, param->sblock); - OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); - memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); - OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); - memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); - OPENSSL_assert(gkt->key_info->imit->length == 4); - memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); - VKO_compute_key(sharedKey, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)), - EVP_PKEY_get0(priv), wrappedKey); - if (!keyUnwrapCryptoPro(&ctx, sharedKey, wrappedKey, key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_COMPUTING_SHARED_KEY); - goto err; - } - - ret = 1; - err: - EVP_PKEY_free(eph_key); - GOST_KEY_TRANSPORT_free(gkt); - return ret; -} diff --git a/engines/ccgost/gost2001_keyx.h b/engines/ccgost/gost2001_keyx.h deleted file mode 100644 index 2d29113a3a..0000000000 --- a/engines/ccgost/gost2001_keyx.h +++ /dev/null @@ -1,10 +0,0 @@ -GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk, - BIGNUM *eph_key, - const unsigned char *key, - size_t keylen, - unsigned char *ukm, - size_t ukm_len); - -int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv, - GOST_KEY_TRANSPORT * gkt, - unsigned char *key_buf, int key_buf_len); diff --git a/engines/ccgost/gost89.c b/engines/ccgost/gost89.c deleted file mode 100644 index 4ff4ddd7a5..0000000000 --- a/engines/ccgost/gost89.c +++ /dev/null @@ -1,576 +0,0 @@ -/********************************************************************** - * gost89.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#include -#include "gost89.h" -/*- - Substitution blocks from RFC 4357 - - Note: our implementation of gost 28147-89 algorithm - uses S-box matrix rotated 90 degrees counterclockwise, relative to - examples given in RFC. - - -*/ - -/* Substitution blocks from test examples for GOST R 34.11-94*/ -gost_subst_block GostR3411_94_TestParamSet = { - {0X1, 0XF, 0XD, 0X0, 0X5, 0X7, 0XA, 0X4, 0X9, 0X2, 0X3, 0XE, 0X6, 0XB, - 0X8, 0XC} - , - {0XD, 0XB, 0X4, 0X1, 0X3, 0XF, 0X5, 0X9, 0X0, 0XA, 0XE, 0X7, 0X6, 0X8, - 0X2, 0XC} - , - {0X4, 0XB, 0XA, 0X0, 0X7, 0X2, 0X1, 0XD, 0X3, 0X6, 0X8, 0X5, 0X9, 0XC, - 0XF, 0XE} - , - {0X6, 0XC, 0X7, 0X1, 0X5, 0XF, 0XD, 0X8, 0X4, 0XA, 0X9, 0XE, 0X0, 0X3, - 0XB, 0X2} - , - {0X7, 0XD, 0XA, 0X1, 0X0, 0X8, 0X9, 0XF, 0XE, 0X4, 0X6, 0XC, 0XB, 0X2, - 0X5, 0X3} - , - {0X5, 0X8, 0X1, 0XD, 0XA, 0X3, 0X4, 0X2, 0XE, 0XF, 0XC, 0X7, 0X6, 0X0, - 0X9, 0XB} - , - {0XE, 0XB, 0X4, 0XC, 0X6, 0XD, 0XF, 0XA, 0X2, 0X3, 0X8, 0X1, 0X0, 0X7, - 0X5, 0X9} - , - {0X4, 0XA, 0X9, 0X2, 0XD, 0X8, 0X0, 0XE, 0X6, 0XB, 0X1, 0XC, 0X7, 0XF, - 0X5, 0X3} -}; - -/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */ -gost_subst_block GostR3411_94_CryptoProParamSet = { - {0x1, 0x3, 0xA, 0x9, 0x5, 0xB, 0x4, 0xF, 0x8, 0x6, 0x7, 0xE, 0xD, 0x0, - 0x2, 0xC} - , - {0xD, 0xE, 0x4, 0x1, 0x7, 0x0, 0x5, 0xA, 0x3, 0xC, 0x8, 0xF, 0x6, 0x2, - 0x9, 0xB} - , - {0x7, 0x6, 0x2, 0x4, 0xD, 0x9, 0xF, 0x0, 0xA, 0x1, 0x5, 0xB, 0x8, 0xE, - 0xC, 0x3} - , - {0x7, 0x6, 0x4, 0xB, 0x9, 0xC, 0x2, 0xA, 0x1, 0x8, 0x0, 0xE, 0xF, 0xD, - 0x3, 0x5} - , - {0x4, 0xA, 0x7, 0xC, 0x0, 0xF, 0x2, 0x8, 0xE, 0x1, 0x6, 0x5, 0xD, 0xB, - 0x9, 0x3} - , - {0x7, 0xF, 0xC, 0xE, 0x9, 0x4, 0x1, 0x0, 0x3, 0xB, 0x5, 0x2, 0x6, 0xA, - 0x8, 0xD} - , - {0x5, 0xF, 0x4, 0x0, 0x2, 0xD, 0xB, 0x9, 0x1, 0x7, 0x6, 0x3, 0xC, 0xE, - 0xA, 0x8} - , - {0xA, 0x4, 0x5, 0x6, 0x8, 0x1, 0x3, 0x7, 0xD, 0xC, 0xE, 0x0, 0x9, 0x2, - 0xB, 0xF} -}; - -/* Test paramset from GOST 28147 */ -gost_subst_block Gost28147_TestParamSet = { - {0xC, 0x6, 0x5, 0x2, 0xB, 0x0, 0x9, 0xD, 0x3, 0xE, 0x7, 0xA, 0xF, 0x4, - 0x1, 0x8} - , - {0x9, 0xB, 0xC, 0x0, 0x3, 0x6, 0x7, 0x5, 0x4, 0x8, 0xE, 0xF, 0x1, 0xA, - 0x2, 0xD} - , - {0x8, 0xF, 0x6, 0xB, 0x1, 0x9, 0xC, 0x5, 0xD, 0x3, 0x7, 0xA, 0x0, 0xE, - 0x2, 0x4} - , - {0x3, 0xE, 0x5, 0x9, 0x6, 0x8, 0x0, 0xD, 0xA, 0xB, 0x7, 0xC, 0x2, 0x1, - 0xF, 0x4} - , - {0xE, 0x9, 0xB, 0x2, 0x5, 0xF, 0x7, 0x1, 0x0, 0xD, 0xC, 0x6, 0xA, 0x4, - 0x3, 0x8} - , - {0xD, 0x8, 0xE, 0xC, 0x7, 0x3, 0x9, 0xA, 0x1, 0x5, 0x2, 0x4, 0x6, 0xF, - 0x0, 0xB} - , - {0xC, 0x9, 0xF, 0xE, 0x8, 0x1, 0x3, 0xA, 0x2, 0x7, 0x4, 0xD, 0x6, 0x0, - 0xB, 0x5} - , - {0x4, 0x2, 0xF, 0x5, 0x9, 0x1, 0x0, 0x8, 0xE, 0x3, 0xB, 0xC, 0xD, 0x7, - 0xA, 0x6} -}; - -/* 1.2.643.2.2.31.1 */ -gost_subst_block Gost28147_CryptoProParamSetA = { - {0xB, 0xA, 0xF, 0x5, 0x0, 0xC, 0xE, 0x8, 0x6, 0x2, 0x3, 0x9, 0x1, 0x7, - 0xD, 0x4} - , - {0x1, 0xD, 0x2, 0x9, 0x7, 0xA, 0x6, 0x0, 0x8, 0xC, 0x4, 0x5, 0xF, 0x3, - 0xB, 0xE} - , - {0x3, 0xA, 0xD, 0xC, 0x1, 0x2, 0x0, 0xB, 0x7, 0x5, 0x9, 0x4, 0x8, 0xF, - 0xE, 0x6} - , - {0xB, 0x5, 0x1, 0x9, 0x8, 0xD, 0xF, 0x0, 0xE, 0x4, 0x2, 0x3, 0xC, 0x7, - 0xA, 0x6} - , - {0xE, 0x7, 0xA, 0xC, 0xD, 0x1, 0x3, 0x9, 0x0, 0x2, 0xB, 0x4, 0xF, 0x8, - 0x5, 0x6} - , - {0xE, 0x4, 0x6, 0x2, 0xB, 0x3, 0xD, 0x8, 0xC, 0xF, 0x5, 0xA, 0x0, 0x7, - 0x1, 0x9} - , - {0x3, 0x7, 0xE, 0x9, 0x8, 0xA, 0xF, 0x0, 0x5, 0x2, 0x6, 0xC, 0xB, 0x4, - 0xD, 0x1} - , - {0x9, 0x6, 0x3, 0x2, 0x8, 0xB, 0x1, 0x7, 0xA, 0x4, 0xE, 0xF, 0xC, 0x0, - 0xD, 0x5} -}; - -/* 1.2.643.2.2.31.2 */ -gost_subst_block Gost28147_CryptoProParamSetB = { - {0x0, 0x4, 0xB, 0xE, 0x8, 0x3, 0x7, 0x1, 0xA, 0x2, 0x9, 0x6, 0xF, 0xD, - 0x5, 0xC} - , - {0x5, 0x2, 0xA, 0xB, 0x9, 0x1, 0xC, 0x3, 0x7, 0x4, 0xD, 0x0, 0x6, 0xF, - 0x8, 0xE} - , - {0x8, 0x3, 0x2, 0x6, 0x4, 0xD, 0xE, 0xB, 0xC, 0x1, 0x7, 0xF, 0xA, 0x0, - 0x9, 0x5} - , - {0x2, 0x7, 0xC, 0xF, 0x9, 0x5, 0xA, 0xB, 0x1, 0x4, 0x0, 0xD, 0x6, 0x8, - 0xE, 0x3} - , - {0x7, 0x5, 0x0, 0xD, 0xB, 0x6, 0x1, 0x2, 0x3, 0xA, 0xC, 0xF, 0x4, 0xE, - 0x9, 0x8} - , - {0xE, 0xC, 0x0, 0xA, 0x9, 0x2, 0xD, 0xB, 0x7, 0x5, 0x8, 0xF, 0x3, 0x6, - 0x1, 0x4} - , - {0x0, 0x1, 0x2, 0xA, 0x4, 0xD, 0x5, 0xC, 0x9, 0x7, 0x3, 0xF, 0xB, 0x8, - 0x6, 0xE} - , - {0x8, 0x4, 0xB, 0x1, 0x3, 0x5, 0x0, 0x9, 0x2, 0xE, 0xA, 0xC, 0xD, 0x6, - 0x7, 0xF} -}; - -/* 1.2.643.2.2.31.3 */ -gost_subst_block Gost28147_CryptoProParamSetC = { - {0x7, 0x4, 0x0, 0x5, 0xA, 0x2, 0xF, 0xE, 0xC, 0x6, 0x1, 0xB, 0xD, 0x9, - 0x3, 0x8} - , - {0xA, 0x9, 0x6, 0x8, 0xD, 0xE, 0x2, 0x0, 0xF, 0x3, 0x5, 0xB, 0x4, 0x1, - 0xC, 0x7} - , - {0xC, 0x9, 0xB, 0x1, 0x8, 0xE, 0x2, 0x4, 0x7, 0x3, 0x6, 0x5, 0xA, 0x0, - 0xF, 0xD} - , - {0x8, 0xD, 0xB, 0x0, 0x4, 0x5, 0x1, 0x2, 0x9, 0x3, 0xC, 0xE, 0x6, 0xF, - 0xA, 0x7} - , - {0x3, 0x6, 0x0, 0x1, 0x5, 0xD, 0xA, 0x8, 0xB, 0x2, 0x9, 0x7, 0xE, 0xF, - 0xC, 0x4} - , - {0x8, 0x2, 0x5, 0x0, 0x4, 0x9, 0xF, 0xA, 0x3, 0x7, 0xC, 0xD, 0x6, 0xE, - 0x1, 0xB} - , - {0x0, 0x1, 0x7, 0xD, 0xB, 0x4, 0x5, 0x2, 0x8, 0xE, 0xF, 0xC, 0x9, 0xA, - 0x6, 0x3} - , - {0x1, 0xB, 0xC, 0x2, 0x9, 0xD, 0x0, 0xF, 0x4, 0x5, 0x8, 0xE, 0xA, 0x7, - 0x6, 0x3} -}; - -/* 1.2.643.2.2.31.4 */ -gost_subst_block Gost28147_CryptoProParamSetD = { - {0x1, 0xA, 0x6, 0x8, 0xF, 0xB, 0x0, 0x4, 0xC, 0x3, 0x5, 0x9, 0x7, 0xD, - 0x2, 0xE} - , - {0x3, 0x0, 0x6, 0xF, 0x1, 0xE, 0x9, 0x2, 0xD, 0x8, 0xC, 0x4, 0xB, 0xA, - 0x5, 0x7} - , - {0x8, 0x0, 0xF, 0x3, 0x2, 0x5, 0xE, 0xB, 0x1, 0xA, 0x4, 0x7, 0xC, 0x9, - 0xD, 0x6} - , - {0x0, 0xC, 0x8, 0x9, 0xD, 0x2, 0xA, 0xB, 0x7, 0x3, 0x6, 0x5, 0x4, 0xE, - 0xF, 0x1} - , - {0x1, 0x5, 0xE, 0xC, 0xA, 0x7, 0x0, 0xD, 0x6, 0x2, 0xB, 0x4, 0x9, 0x3, - 0xF, 0x8} - , - {0x1, 0xC, 0xB, 0x0, 0xF, 0xE, 0x6, 0x5, 0xA, 0xD, 0x4, 0x8, 0x9, 0x3, - 0x7, 0x2} - , - {0xB, 0x6, 0x3, 0x4, 0xC, 0xF, 0xE, 0x2, 0x7, 0xD, 0x8, 0x0, 0x5, 0xA, - 0x9, 0x1} - , - {0xF, 0xC, 0x2, 0xA, 0x6, 0x4, 0x5, 0x0, 0x7, 0x9, 0xE, 0xD, 0x1, 0xB, - 0x8, 0x3} -}; - -const byte CryptoProKeyMeshingKey[] = { - 0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, - 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, - 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, - 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B -}; - -/* Initialization of gost_ctx subst blocks*/ -static void kboxinit(gost_ctx * c, const gost_subst_block * b) -{ - int i; - - for (i = 0; i < 256; i++) { - c->k87[i] = (word32) (b->k8[i >> 4] << 4 | b->k7[i & 15]) << 24; - c->k65[i] = (b->k6[i >> 4] << 4 | b->k5[i & 15]) << 16; - c->k43[i] = (b->k4[i >> 4] << 4 | b->k3[i & 15]) << 8; - c->k21[i] = b->k2[i >> 4] << 4 | b->k1[i & 15]; - - } -} - -/* Part of GOST 28147 algorithm moved into separate function */ -static word32 f(gost_ctx * c, word32 x) -{ - x = c->k87[x >> 24 & 255] | c->k65[x >> 16 & 255] | - c->k43[x >> 8 & 255] | c->k21[x & 255]; - /* Rotate left 11 bits */ - return x << 11 | x >> (32 - 11); -} - -/* Low-level encryption routine - encrypts one 64 bit block*/ -void gostcrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Low-level decryption routine. Decrypts one 64-bit block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Encrypts several blocks in ECB mode */ -void gost_enc(gost_ctx * c, const byte * clear, byte * cipher, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostcrypt(c, clear, cipher); - clear += 8; - cipher += 8; - } -} - -/* Decrypts several blocks in ECB mode */ -void gost_dec(gost_ctx * c, const byte * cipher, byte * clear, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostdecrypt(c, cipher, clear); - clear += 8; - cipher += 8; - } -} - -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = clear, out = cipher; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - cur_iv[j] = out[j] = in[j] ^ gamma[j]; - } - } -} - -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = cipher, out = clear; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - out[j] = (cur_iv[j] = in[j]) ^ gamma[j]; - } - } -} - -/* Encrypts one block using specified key */ -void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock, - byte * outblock) -{ - gost_key(c, key); - gostcrypt(c, inblock, outblock); -} - -/* Set 256 bit key into context */ -void gost_key(gost_ctx * c, const byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - c->k[i] = - k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] << - 24); - } -} - -/* Retrieve 256-bit key from context */ -void gost_get_key(gost_ctx * c, byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - k[j] = (byte) (c->k[i] & 0xFF); - k[j + 1] = (byte) ((c->k[i] >> 8) & 0xFF); - k[j + 2] = (byte) ((c->k[i] >> 16) & 0xFF); - k[j + 3] = (byte) ((c->k[i] >> 24) & 0xFF); - } -} - -/* Initalize context. Provides default value for subst_block */ -void gost_init(gost_ctx * c, const gost_subst_block * b) -{ - if (!b) { - b = &GostR3411_94_TestParamSet; - } - kboxinit(c, b); -} - -/* Cleans up key from context */ -void gost_destroy(gost_ctx * c) -{ - int i; - for (i = 0; i < 8; i++) - c->k[i] = 0; -} - -/* - * Compute GOST 28147 mac block Parameters gost_ctx *c - context initalized - * with substitution blocks and key buffer - 8-byte mac state buffer block - * 8-byte block to process. - */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block) -{ - register word32 n1, n2; /* As named in the GOST */ - int i; - for (i = 0; i < 8; i++) { - buffer[i] ^= block[i]; - } - n1 = buffer[0] | (buffer[1] << 8) | (buffer[2] << 16) | ((word32) - buffer[3] << 24); - n2 = buffer[4] | (buffer[5] << 8) | (buffer[6] << 16) | ((word32) - buffer[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - buffer[0] = (byte) (n1 & 0xff); - buffer[1] = (byte) ((n1 >> 8) & 0xff); - buffer[2] = (byte) ((n1 >> 16) & 0xff); - buffer[3] = (byte) (n1 >> 24); - buffer[4] = (byte) (n2 & 0xff); - buffer[5] = (byte) ((n2 >> 8) & 0xff); - buffer[6] = (byte) ((n2 >> 16) & 0xff); - buffer[7] = (byte) (n2 >> 24); -} - -/* Get mac with specified number of bits from MAC state buffer */ -void get_mac(byte * buffer, int nbits, byte * out) -{ - int nbytes = nbits >> 3; - int rembits = nbits & 7; - int mask = rembits ? ((1 < rembits) - 1) : 0; - int i; - for (i = 0; i < nbytes; i++) - out[i] = buffer[i]; - if (rembits) - out[i] = buffer[i] & mask; -} - -/* - * Compute mac of specified length (in bits) from data. Context should be - * initialized with key and subst blocks - */ -int gost_mac(gost_ctx * ctx, int mac_len, const unsigned char *data, - unsigned int data_len, unsigned char *mac) -{ - byte buffer[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; - byte buf2[8]; - unsigned int i; - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */ -int gost_mac_iv(gost_ctx * ctx, int mac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *mac) -{ - byte buffer[8]; - byte buf2[8]; - unsigned int i; - memcpy(buffer, iv, 8); - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Implements key meshing algorithm by modifing ctx and IV in place */ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv) -{ - unsigned char newkey[32], newiv[8]; - /* Set static keymeshing key */ - /* "Decrypt" key with keymeshing key */ - gost_dec(ctx, CryptoProKeyMeshingKey, newkey, 4); - /* set new key */ - gost_key(ctx, newkey); - /* Encrypt iv with new key */ - gostcrypt(ctx, iv, newiv); - memcpy(iv, newiv, 8); -} diff --git a/engines/ccgost/gost89.h b/engines/ccgost/gost89.h deleted file mode 100644 index e5b877f448..0000000000 --- a/engines/ccgost/gost89.h +++ /dev/null @@ -1,98 +0,0 @@ -/********************************************************************** - * gost89.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declarations for GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#ifndef GOST89_H -# define GOST89_H - -/* Typedef for unsigned 32-bit integer */ -# if __LONG_MAX__ > 2147483647L -typedef unsigned int u4; -# else -typedef unsigned long u4; -# endif -/* Typedef for unsigned 8-bit integer */ -typedef unsigned char byte; - -/* Internal representation of GOST substitution blocks */ -typedef struct { - byte k8[16]; - byte k7[16]; - byte k6[16]; - byte k5[16]; - byte k4[16]; - byte k3[16]; - byte k2[16]; - byte k1[16]; -} gost_subst_block; - -/* Cipher context includes key and preprocessed substitution block */ -typedef struct { - u4 k[8]; - /* Constant s-boxes -- set up in gost_init(). */ - u4 k87[256], k65[256], k43[256], k21[256]; -} gost_ctx; -/* - * Note: encrypt and decrypt expect full blocks--padding blocks is caller's - * responsibility. All bulk encryption is done in ECB mode by these calls. - * Other modes may be added easily enough. - */ -/* Encrypt several full blocks in ECB mode */ -void gost_enc(gost_ctx * ctx, const byte * clear, byte * cipher, int blocks); -/* Decrypt several full blocks in ECB mode */ -void gost_dec(gost_ctx * ctx, const byte * cipher, byte * clear, int blocks); -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks); -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks); - -/* Encrypt one block */ -void gostcrypt(gost_ctx * c, const byte * in, byte * out); -/* Decrypt one block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out); -/* Set key into context */ -void gost_key(gost_ctx * ctx, const byte * key); -/* Get key from context */ -void gost_get_key(gost_ctx * ctx, byte * key); -/* Set S-blocks into context */ -void gost_init(gost_ctx * ctx, const gost_subst_block * subst_block); -/* Clean up context */ -void gost_destroy(gost_ctx * ctx); -/* Intermediate function used for calculate hash */ -void gost_enc_with_key(gost_ctx *, byte * key, byte * inblock, - byte * outblock); -/* Compute MAC of given length in bits from data */ -int gost_mac(gost_ctx * ctx, int hmac_len, const unsigned char *data, - unsigned int data_len, unsigned char *hmac); -/* - * Compute MAC of given length in bits from data, using non-zero 8-byte IV - * (non-standard, for use in CryptoPro key transport only - */ -int gost_mac_iv(gost_ctx * ctx, int hmac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *hmac); -/* Perform one step of MAC calculation like gostcrypt */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block); -/* Extracts MAC value from mac state buffer */ -void get_mac(byte * buffer, int nbits, byte * out); -/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv); -/* Parameter sets specified in RFC 4357 */ -extern gost_subst_block GostR3411_94_TestParamSet; -extern gost_subst_block GostR3411_94_CryptoProParamSet; -extern gost_subst_block Gost28147_TestParamSet; -extern gost_subst_block Gost28147_CryptoProParamSetA; -extern gost_subst_block Gost28147_CryptoProParamSetB; -extern gost_subst_block Gost28147_CryptoProParamSetC; -extern gost_subst_block Gost28147_CryptoProParamSetD; -extern const byte CryptoProKeyMeshingKey[]; -typedef unsigned int word32; - -#endif diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c deleted file mode 100644 index 5b1d04584f..0000000000 --- a/engines/ccgost/gost_ameth.c +++ /dev/null @@ -1,696 +0,0 @@ -/********************************************************************** - * gost_ameth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4490/4491 ASN1 method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include -#include -#include -#ifndef OPENSSL_NO_CMS -# include -#endif -#include "gost_lcl.h" -#include "e_gost_err.h" - - -/* Convert little-endian byte array into bignum */ -BIGNUM *hashsum2bn(const unsigned char *dgst) -{ - unsigned char buf[32]; - - BUF_reverse(buf, (unsigned char*)dgst, 32); - return BN_bin2bn(buf, 32, NULL); -} - -/* - * Pack bignum into byte buffer of given size, filling all leading bytes by - * zeros - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len) -{ - int bytes = BN_num_bytes(bn); - - if (bytes > len) - return 0; - memset(buf, 0, len); - BN_bn2bin(bn, buf + len - bytes); - return 1; -} - -static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) -{ - ASN1_STRING *params = ASN1_STRING_new(); - GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); - int pkey_param_nid = NID_undef; - - if (!params || !gkp) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - switch (EVP_PKEY_base_id(key)) { - case NID_id_GostR3410_2001: - pkey_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)key))); - break; - } - gkp->key_params = OBJ_nid2obj(pkey_param_nid); - gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet); - /* - * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); - */ - params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data); - if (params->length <= 0) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - params->type = V_ASN1_SEQUENCE; - err: - GOST_KEY_PARAMS_free(gkp); - return params; -} - -/* - * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting - * NID and parameters - */ -static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg) -{ - ASN1_OBJECT *palg_obj = NULL; - int ptype = V_ASN1_UNDEF; - int pkey_nid = NID_undef, param_nid = NID_undef; - void *_pval; - ASN1_STRING *pval = NULL; - const unsigned char *p; - GOST_KEY_PARAMS *gkp = NULL; - - X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg); - pval = _pval; - if (ptype != V_ASN1_SEQUENCE) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pval->data; - pkey_nid = OBJ_obj2nid(palg_obj); - - gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length); - if (!gkp) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_PKEY_PARAMETERS_FORMAT); - return 0; - } - param_nid = OBJ_obj2nid(gkp->key_params); - GOST_KEY_PARAMS_free(gkp); - if (!EVP_PKEY_set_type(pkey, pkey_nid)) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR); - return 0; - } - switch (pkey_nid) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, pkey_nid, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, param_nid)) - return 0; - } - } - - return 1; -} - -static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec); - } - if (!EC_KEY_set_private_key(ec, priv)) - return 0; - if (!EVP_PKEY_missing_parameters(pkey)) - gost2001_compute_public(ec); - break; - } - } - return 1; -} - -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey); - const BIGNUM *priv; - if (!ec) { - return NULL; - } - if ((priv = EC_KEY_get0_private_key(ec)) == NULL) - return NULL; - return (BIGNUM *)priv; - } - } - return NULL; -} - -static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2, - NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, - NULL, NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#endif - case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: - if (arg1 == 0) { - X509_ALGOR *alg; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), - V_ASN1_SEQUENCE, params); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 0) { - X509_ALGOR *alg = NULL; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, - NULL, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE, - params); - } - return 1; -#endif - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_GostR3411_94; - return 2; - } - - return -2; -} - -/* --------------------- free functions * ------------------------------*/ -static void pkey_free_gost01(EVP_PKEY *key) -{ - EC_KEY_free(key->pkey.ec); -} - -/* ------------------ private key functions -----------------------------*/ -static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf) -{ - const unsigned char *pkey_buf = NULL, *p = NULL; - int priv_len = 0; - BIGNUM *pk_num = NULL; - int ret = 0; - X509_ALGOR *palg = NULL; - ASN1_OBJECT *palg_obj = NULL; - ASN1_INTEGER *priv_key = NULL; - - if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf)) - return 0; - p = pkey_buf; - if (!decode_gost_algor_params(pk, palg)) { - return 0; - } - if (V_ASN1_OCTET_STRING == *p) { - /* New format - Little endian octet string */ - unsigned char rev_buf[32]; - int i; - ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); - if (!s || s->length != 32) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - for (i = 0; i < 32; i++) { - rev_buf[31 - i] = s->data[i]; - } - ASN1_STRING_free(s); - pk_num = BN_bin2bn(rev_buf, 32, NULL); - } else { - priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len); - if (!priv_key) - return 0; - ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); - ASN1_INTEGER_free(priv_key); - if (!ret) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - } - - ret = gost_set_priv_key(pk, pk_num); - BN_free(pk_num); - return ret; -} - -/* ----------------------------------------------------------------------*/ -static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - ASN1_STRING *params = encode_gost_algor_params(pk); - unsigned char *priv_buf = NULL; - int priv_len; - - ASN1_INTEGER *asn1key = NULL; - if (!params) { - return 0; - } - asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk), NULL); - priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf); - ASN1_INTEGER_free(asn1key); - return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, - priv_buf, priv_len); -} - -/* --------- printing keys --------------------------------*/ -static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx, int type) -{ - int param_nid = NID_undef; - if (type == 2) { - BIGNUM *key; - - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Private key: "); - key = gost_get0_priv_key(pkey); - if (!key) - BIO_printf(out, "= 1) { - BN_CTX *ctx = BN_CTX_new(); - BIGNUM *X, *Y; - const EC_POINT *pubkey; - const EC_GROUP *group; - - if (!ctx) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_MALLOC_FAILURE); - return 0; - } - BN_CTX_start(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - pubkey = - EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_EC_LIB); - BN_CTX_free(ctx); - return 0; - } - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Public key:\n"); - if (!BIO_indent(out, indent + 3, 128)) - return 0; - BIO_printf(out, "X:"); - BN_print(out, X); - BIO_printf(out, "\n"); - BIO_indent(out, indent + 3, 128); - BIO_printf(out, "Y:"); - BN_print(out, Y); - BIO_printf(out, "\n"); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - - param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - return 1; -} - -static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 0); -} - -static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 1); -} - -static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 2); -} - -/* ---------------------------------------------------------------------*/ -static int param_missing_gost01(const EVP_PKEY *pk) -{ - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - if (!ec) - return 1; - if (!EC_KEY_get0_group(ec)) - return 1; - return 0; -} - - -static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) -{ - EC_KEY *eto = EVP_PKEY_get0(to); - const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from); - if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_INCOMPATIBLE_ALGORITHMS); - return 0; - } - if (!efrom) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_KEY_PARAMETERS_MISSING); - return 0; - } - if (!eto) { - eto = EC_KEY_new(); - if (!eto) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - } - if (!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - if (EC_KEY_get0_private_key(eto)) { - gost2001_compute_public(eto); - } - return 1; -} - -static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (EC_GROUP_get_curve_name - (EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a))) == - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)b)))) { - return 1; - } - return 0; - -} - -/* ---------- Public key functions * --------------------------------------*/ - -static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) -{ - X509_ALGOR *palg = NULL; - const unsigned char *pubkey_buf = NULL; - unsigned char *databuf; - ASN1_OBJECT *palgobj = NULL; - int pub_len, i, j; - EC_POINT *pub_key; - BIGNUM *X, *Y; - ASN1_OCTET_STRING *octet = NULL; - int len; - const EC_GROUP *group; - - if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)) - return 0; - EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL); - if (!decode_gost_algor_params(pk, palg)) - return 0; - group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); - octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); - if (!octet) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - databuf = OPENSSL_malloc(octet->length); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - ASN1_OCTET_STRING_free(octet); - return 0; - } - for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { - databuf[j] = octet->data[i]; - } - len = octet->length / 2; - ASN1_OCTET_STRING_free(octet); - - Y = BN_bin2bn(databuf, len, NULL); - X = BN_bin2bn(databuf + len, len, NULL); - OPENSSL_free(databuf); - pub_key = EC_POINT_new(group); - if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - BN_free(X); - BN_free(Y); - return 0; - } - BN_free(X); - BN_free(Y); - if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - return 0; - } - EC_POINT_free(pub_key); - return 1; - -} - -static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = NULL; - ASN1_OCTET_STRING *octet = NULL; - void *pval = NULL; - unsigned char *buf = NULL, *databuf, *sptr; - int i, j, data_len, ret = 0; - const EC_POINT *pub_key; - BIGNUM *X, *Y, *order; - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - int ptype = V_ASN1_UNDEF; - - algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - if (pk->save_parameters) { - ASN1_STRING *params = encode_gost_algor_params(pk); - pval = params; - ptype = V_ASN1_SEQUENCE; - } - order = BN_new(); - EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL); - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED); - BN_free(order); - return 0; - } - X = BN_new(); - Y = BN_new(); - if (!X || !Y) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - BN_free(X); - BN_free(Y); - BN_free(order); - return 0; - } - if (!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec), - pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR); - BN_free(X); - BN_free(Y); - BN_free(order); - return 0; - } - data_len = 2 * BN_num_bytes(order); - BN_free(order); - databuf = OPENSSL_malloc(data_len); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - BN_free(X); - BN_free(Y); - return 0; - } - memset(databuf, 0, data_len); - - store_bignum(X, databuf + data_len / 2, data_len / 2); - store_bignum(Y, databuf, data_len / 2); - - BN_free(X); - BN_free(Y); - octet = ASN1_OCTET_STRING_new(); - if (octet == NULL) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - OPENSSL_free(databuf); - return 0; - } - ASN1_STRING_set(octet, NULL, data_len); - sptr = ASN1_STRING_data(octet); - for (i = 0, j = data_len - 1; i < data_len; i++, j--) { - sptr[i] = databuf[j]; - } - OPENSSL_free(databuf); - ret = i2d_ASN1_OCTET_STRING(octet, &buf); - ASN1_BIT_STRING_free(octet); - if (ret < 0) - return 0; - return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret); -} - -static int pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a); - const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b); - const EC_POINT *ka, *kb; - int ret = 0; - if (!ea || !eb) - return 0; - ka = EC_KEY_get0_public_key(ea); - kb = EC_KEY_get0_public_key(eb); - if (!ka || !kb) - return 0; - ret = (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL)); - return ret; -} - -static int pkey_size_gost(const EVP_PKEY *pk) -{ - return 64; -} - -static int pkey_bits_gost(const EVP_PKEY *pk) -{ - return 256; -} - -/* ---------------------- ASN1 METHOD for GOST MAC -------------------*/ -static void mackey_free_gost(EVP_PKEY *pk) -{ - OPENSSL_free(pk->pkey.ptr); -} - -static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_Gost28147_89_MAC; - return 2; - } - return -2; -} - -static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) -{ - int nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); -} - -static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, - int derlen) -{ - ASN1_OBJECT *obj = NULL; - int nid; - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { - return 0; - } - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, nid)) - return 0; - return 1; -} - -/* ----------------------------------------------------------------------*/ -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info) -{ - *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info); - if (!*ameth) - return 0; - switch (nid) { - case NID_id_GostR3410_2001: - EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost01); - EVP_PKEY_asn1_set_private(*ameth, - priv_decode_gost, priv_encode_gost, - priv_print_gost01); - - EVP_PKEY_asn1_set_param(*ameth, - gost2001_param_decode, gost2001_param_encode, - param_missing_gost01, param_copy_gost01, - param_cmp_gost01, param_print_gost01); - EVP_PKEY_asn1_set_public(*ameth, - pub_decode_gost01, pub_encode_gost01, - pub_cmp_gost01, pub_print_gost01, - pkey_size_gost, pkey_bits_gost); - - EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost); - EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost); - break; - } - return 1; -} diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c deleted file mode 100644 index 11686339b7..0000000000 --- a/engines/ccgost/gost_asn1.c +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keytrans.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * ASN1 structure definition for GOST key transport * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include "gost_lcl.h" - -ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = { - ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), - ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = { - ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = { - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), - ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = { - ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), - ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = { - ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */ - ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT) -} - -ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c deleted file mode 100644 index 63009a23d1..0000000000 --- a/engines/ccgost/gost_crypt.c +++ /dev/null @@ -1,699 +0,0 @@ -/********************************************************************** - * gost_crypt.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST 28147-89 cipher functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include "gost89.h" -#include -#include -#include "e_gost_err.h" -#include "gost_lcl.h" -#include - -#if !defined(CCGOST_DEBUG) && !defined(DEBUG) -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include - -static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -/* Handles block of data in CFB mode */ -static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Handles block of data in CNT mode */ -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Cleanup function */ -static int gost_cipher_cleanup(EVP_CIPHER_CTX *); -/* set/get cipher parameters */ -static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -/* Control function */ -static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); - -static EVP_CIPHER *_hidden_Gost28147_89_cipher = NULL; -const EVP_CIPHER *cipher_gost(void) -{ - if (_hidden_Gost28147_89_cipher == NULL - && ((_hidden_Gost28147_89_cipher = - EVP_CIPHER_meth_new(NID_id_Gost28147_89, - 1 /* block_size */, - 32 /* key_size */)) == NULL - || !EVP_CIPHER_meth_set_iv_length(_hidden_Gost28147_89_cipher, 8) - || !EVP_CIPHER_meth_set_flags(_hidden_Gost28147_89_cipher, - EVP_CIPH_CFB_MODE | - EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | - EVP_CIPH_RAND_KEY | - EVP_CIPH_ALWAYS_CALL_INIT) - || !EVP_CIPHER_meth_set_init(_hidden_Gost28147_89_cipher, - gost_cipher_init) - || !EVP_CIPHER_meth_set_do_cipher(_hidden_Gost28147_89_cipher, - gost_cipher_do_cfb) - || !EVP_CIPHER_meth_set_cleanup(_hidden_Gost28147_89_cipher, - gost_cipher_cleanup) - || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_Gost28147_89_cipher, - sizeof(struct ossl_gost_cipher_ctx)) - || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_Gost28147_89_cipher, - gost89_set_asn1_parameters) - || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_Gost28147_89_cipher, - gost89_get_asn1_parameters) - || !EVP_CIPHER_meth_set_ctrl(_hidden_Gost28147_89_cipher, - gost_cipher_ctl))) { - EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher); - _hidden_Gost28147_89_cipher = NULL; - } - return _hidden_Gost28147_89_cipher; -} - -static EVP_CIPHER *_hidden_gost89_cnt = NULL; -const EVP_CIPHER *cipher_gost_cpacnt(void) -{ - if (_hidden_gost89_cnt == NULL - && ((_hidden_gost89_cnt = - EVP_CIPHER_meth_new(NID_gost89_cnt, - 1 /* block_size */, - 32 /* key_size */)) == NULL - || !EVP_CIPHER_meth_set_iv_length(_hidden_gost89_cnt, 8) - || !EVP_CIPHER_meth_set_flags(_hidden_gost89_cnt, - EVP_CIPH_OFB_MODE | - EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | - EVP_CIPH_RAND_KEY | - EVP_CIPH_ALWAYS_CALL_INIT) - || !EVP_CIPHER_meth_set_init(_hidden_gost89_cnt, - gost_cipher_init_cpa) - || !EVP_CIPHER_meth_set_do_cipher(_hidden_gost89_cnt, - gost_cipher_do_cnt) - || !EVP_CIPHER_meth_set_cleanup(_hidden_gost89_cnt, - gost_cipher_cleanup) - || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_gost89_cnt, - sizeof(struct ossl_gost_cipher_ctx)) - || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_gost89_cnt, - gost89_set_asn1_parameters) - || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_gost89_cnt, - gost89_get_asn1_parameters) - || !EVP_CIPHER_meth_set_ctrl(_hidden_gost89_cnt, - gost_cipher_ctl))) { - EVP_CIPHER_meth_free(_hidden_gost89_cnt); - _hidden_gost89_cnt = NULL; - } - return _hidden_gost89_cnt; -} - -void cipher_gost_destroy(void) -{ - EVP_CIPHER_meth_free(_hidden_Gost28147_89_cipher); - _hidden_Gost28147_89_cipher = NULL; - EVP_CIPHER_meth_free(_hidden_gost89_cnt); - _hidden_gost89_cnt = NULL; -} - -/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */ -/* Init functions which set specific parameters */ -static int gost_imit_init_cpa(EVP_MD_CTX *ctx); -/* process block of data */ -static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count); -/* Return computed value */ -static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md); -/* Copies context */ -static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_imit_cleanup(EVP_MD_CTX *ctx); -/* Control function, knows how to set MAC key.*/ -static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr); - -static EVP_MD *_hidden_Gost28147_89_MAC_md = NULL; -const EVP_MD *imit_gost_cpa(void) -{ - - if (_hidden_Gost28147_89_MAC_md == NULL) { - EVP_MD *md; - - if ((md = EVP_MD_meth_new(NID_id_Gost28147_89_MAC, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 4) - || !EVP_MD_meth_set_input_blocksize(md, 8) - || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_imit_ctx)) - || !EVP_MD_meth_set_flags(md, 0) - || !EVP_MD_meth_set_init(md, gost_imit_init_cpa) - || !EVP_MD_meth_set_update(md, gost_imit_update) - || !EVP_MD_meth_set_final(md, gost_imit_final) - || !EVP_MD_meth_set_copy(md, gost_imit_copy) - || !EVP_MD_meth_set_cleanup(md, gost_imit_cleanup) - || !EVP_MD_meth_set_ctrl(md, gost_imit_ctrl)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_Gost28147_89_MAC_md = md; - } - return _hidden_Gost28147_89_MAC_md; -} -void imit_gost_cpa_destroy(void) -{ - EVP_MD_meth_free(_hidden_Gost28147_89_MAC_md); - _hidden_Gost28147_89_MAC_md = NULL; -} - -/* - * Correspondence between gost parameter OIDs and substitution blocks - * NID field is filed by register_gost_NID function in engine.c - * upon engine initialization - */ - -struct gost_cipher_info gost_cipher_list[] = { - /*- NID *//* - * Subst block - *//* - * Key meshing - */ - /* - * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0}, - */ - {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA, - 1}, - {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB, - 1}, - {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC, - 1}, - {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD, - 1}, - {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1}, - {NID_undef, NULL, 0} -}; - -/* - * get encryption parameters from crypto network settings FIXME For now we - * use environment var CRYPT_PARAMS as place to store these settings. - * Actually, it is better to use engine control command, read from - * configuration file to set them - */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj) -{ - int nid; - struct gost_cipher_info *param; - if (!obj) { - const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS); - if (!params || !strlen(params)) - return &gost_cipher_list[1]; - - nid = OBJ_txt2nid(params); - if (nid == NID_undef) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, - GOST_R_INVALID_CIPHER_PARAM_OID); - return NULL; - } - } else { - nid = OBJ_obj2nid(obj); - } - for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid; - param++) ; - if (!param->sblock) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - return NULL; - } - return param; -} - -/* Sets cipher param from paramset NID. */ -static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid) -{ - const struct gost_cipher_info *param; - param = - get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid))); - if (!param) - return 0; - - c->paramNID = param->nid; - c->key_meshing = param->key_meshing; - c->count = 0; - gost_init(&(c->cctx), param->sblock); - return 1; -} - -/* Initializes EVP_CIPHER_CTX by paramset NID */ -static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, int enc, - int paramNID, int mode) -{ - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - if (EVP_CIPHER_CTX_get_app_data(ctx) == NULL) { - if (!gost_cipher_set_param(c, paramNID)) - return 0; - EVP_CIPHER_CTX_set_app_data(ctx, EVP_CIPHER_CTX_cipher_data(ctx)); - } - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, - EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - c->key_meshing = 1; - c->count = 0; - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), iv, - EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), - EVP_CIPHER_CTX_original_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -/* Initializes EVP_CIPHER_CTX with default values */ -int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - return gost_cipher_init_param(ctx, key, iv, enc, NID_undef, - EVP_CIPH_CFB_MODE); -} - -/* - * Wrapper around gostcrypt function from gost89.c which perform key meshing - * when nesseccary - */ -static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - gostcrypt(&(c->cctx), iv, buf); - c->count = c->count % 1024 + 8; -} - -static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - word32 g, go; - unsigned char buf1[8]; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - if (c->count == 0) { - gostcrypt(&(c->cctx), iv, buf1); - } else { - memcpy(buf1, iv, 8); - } - g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24); - g += 0x01010101; - buf1[0] = (unsigned char)(g & 0xff); - buf1[1] = (unsigned char)((g >> 8) & 0xff); - buf1[2] = (unsigned char)((g >> 16) & 0xff); - buf1[3] = (unsigned char)((g >> 24) & 0xff); - g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24); - go = g; - g += 0x01010104; - if (go > g) /* overflow */ - g++; - buf1[4] = (unsigned char)(g & 0xff); - buf1[5] = (unsigned char)((g >> 8) & 0xff); - buf1[6] = (unsigned char)((g >> 16) & 0xff); - buf1[7] = (unsigned char)((g >> 24) & 0xff); - memcpy(iv, buf1, 8); - gostcrypt(&(c->cctx), buf1, buf); - c->count = c->count % 1024 + 8; -} - -/* GOST encryption in CFB mode */ -int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - size_t i = 0; - size_t j = 0; -/* process partial block if any */ - if (EVP_CIPHER_CTX_num(ctx)) { - for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - if (!EVP_CIPHER_CTX_encrypting(ctx)) - buf[j + 8] = *in_ptr; - *out_ptr = buf[j] ^ (*in_ptr); - if (EVP_CIPHER_CTX_encrypting(ctx)) - buf[j + 8] = *out_ptr; - } - if (j == 8) { - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), buf + 8, 8); - EVP_CIPHER_CTX_set_num(ctx, 0); - } else { - EVP_CIPHER_CTX_set_num(ctx, j); - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - if (!EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in_ptr, 8); - for (j = 0; j < 8; j++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - /* Encrypt */ - /* Next iv is next block of cipher text */ - if (EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out_ptr, 8); - } -/* Process rest of buffer */ - if (i < inl) { - gost_crypt_mesh(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - if (!EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(buf + 8, in_ptr, inl - i); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - EVP_CIPHER_CTX_set_num(ctx, j); - if (EVP_CIPHER_CTX_encrypting(ctx)) - memcpy(buf + 8, out_ptr, j); - } else { - EVP_CIPHER_CTX_set_num(ctx, 0); - } - return 1; -} - -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx); - size_t i = 0; - size_t j; -/* process partial block if any */ - if (EVP_CIPHER_CTX_num(ctx)) { - for (j = EVP_CIPHER_CTX_num(ctx), i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - *out_ptr = buf[j] ^ (*in_ptr); - } - if (j == 8) { - EVP_CIPHER_CTX_set_num(ctx, 0); - } else { - EVP_CIPHER_CTX_set_num(ctx, j); - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - /* Encrypt */ - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - for (j = 0; j < 8; j++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - } -/* Process rest of buffer */ - if (i < inl) { - gost_cnt_next(EVP_CIPHER_CTX_cipher_data(ctx), - EVP_CIPHER_CTX_iv_noconst(ctx), buf); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = buf[j] ^ in_ptr[j]; - } - EVP_CIPHER_CTX_set_num(ctx, j); - } else { - EVP_CIPHER_CTX_set_num(ctx, 0); - } - return 1; -} - -/* Cleaning up of EVP_CIPHER_CTX */ -int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx) -{ - gost_destroy(&((struct ossl_gost_cipher_ctx *) - EVP_CIPHER_CTX_cipher_data(ctx))->cctx); - EVP_CIPHER_CTX_set_app_data(ctx, NULL); - return 1; -} - -/* Control function for gost cipher */ -int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_RAND_KEY: - { - if (RAND_bytes((unsigned char *)ptr, - EVP_CIPHER_CTX_key_length(ctx)) <= 0) { - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_RANDOM_GENERATOR_ERROR); - return -1; - } - break; - } - case EVP_CTRL_PBE_PRF_NID: - if (ptr) { - *((int *)ptr) = NID_id_HMACGostR3411_94; - return 1; - } else { - return 0; - } - - default: - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND); - return -1; - } - return 1; -} - -/* Set cipher parameters from ASN1 structure */ -int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int len = 0; - unsigned char *buf = NULL; - unsigned char *p = NULL; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); - ASN1_OCTET_STRING *os = NULL; - if (!gcp) { - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!ASN1_OCTET_STRING_set(gcp->iv, EVP_CIPHER_CTX_iv(ctx), - EVP_CIPHER_CTX_iv_length(ctx))) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(gcp->enc_param_set); - gcp->enc_param_set = OBJ_nid2obj(c->paramNID); - - len = i2d_GOST_CIPHER_PARAMS(gcp, NULL); - p = buf = OPENSSL_malloc(len); - if (!buf) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_GOST_CIPHER_PARAMS(gcp, &p); - GOST_CIPHER_PARAMS_free(gcp); - - os = ASN1_OCTET_STRING_new(); - - if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { - OPENSSL_free(buf); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); - return 0; - } - OPENSSL_free(buf); - - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - return 1; -} - -/* Store parameters into ASN1 structure */ -int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int ret = -1; - int len; - GOST_CIPHER_PARAMS *gcp = NULL; - unsigned char *p; - struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_cipher_data(ctx); - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { - return ret; - } - - p = params->value.sequence->data; - - gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p, - params->value.sequence->length); - - len = gcp->iv->length; - if (len != EVP_CIPHER_CTX_iv_length(ctx)) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH); - return -1; - } - if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) { - GOST_CIPHER_PARAMS_free(gcp); - return -1; - } - memcpy((unsigned char *)EVP_CIPHER_CTX_original_iv(ctx), gcp->iv->data, - EVP_CIPHER_CTX_iv_length(ctx)); - - GOST_CIPHER_PARAMS_free(gcp); - - return 1; -} - -int gost_imit_init_cpa(EVP_MD_CTX *ctx) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - memset(c->buffer, 0, sizeof(c->buffer)); - memset(c->partial_block, 0, sizeof(c->partial_block)); - c->count = 0; - c->bytes_left = 0; - c->key_meshing = 1; - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - return 1; -} - -static void mac_block_mesh(struct ossl_gost_imit_ctx *c, - const unsigned char *data) -{ - unsigned char buffer[8]; - /* - * We are using local buffer for iv because CryptoPro doesn't interpret - * internal state of MAC algorithm as iv during keymeshing (but does - * initialize internal state from iv in key transport - */ - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), buffer); - } - mac_block(&(c->cctx), c->buffer, data); - c->count = c->count % 1024 + 8; -} - -int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - const unsigned char *p = data; - size_t bytes = count, i; - if (!(c->key_set)) { - GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->bytes_left) { - for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) { - c->partial_block[i] = *p; - } - if (i == 8) { - mac_block_mesh(c, c->partial_block); - } else { - c->bytes_left = i; - return 1; - } - } - while (bytes > 8) { - mac_block_mesh(c, p); - p += 8; - bytes -= 8; - } - if (bytes > 0) { - memcpy(c->partial_block, p, bytes); - } - c->bytes_left = bytes; - return 1; -} - -int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - struct ossl_gost_imit_ctx *c = EVP_MD_CTX_md_data(ctx); - if (!c->key_set) { - GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->count == 0 && c->bytes_left) { - unsigned char buffer[8]; - memset(buffer, 0, 8); - gost_imit_update(ctx, buffer, 8); - } - if (c->bytes_left) { - int i; - for (i = c->bytes_left; i < 8; i++) { - c->partial_block[i] = 0; - } - mac_block_mesh(c, c->partial_block); - } - get_mac(c->buffer, 32, md); - return 1; -} - -int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_MD_CTRL_KEY_LEN: - *((unsigned int *)(ptr)) = 32; - return 1; - case EVP_MD_CTRL_SET_KEY: - { - if (arg != 32) { - GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - gost_key(&(((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->cctx), - ptr); - ((struct ossl_gost_imit_ctx *)(EVP_MD_CTX_md_data(ctx)))->key_set = 1; - return 1; - - } - default: - return 0; - } -} - -int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from), - sizeof(struct ossl_gost_imit_ctx)); - return 1; -} - -/* Clean up imit ctx */ -int gost_imit_cleanup(EVP_MD_CTX *ctx) -{ - memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_imit_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_ctl.c b/engines/ccgost/gost_ctl.c deleted file mode 100644 index 20a07dfe59..0000000000 --- a/engines/ccgost/gost_ctl.c +++ /dev/null @@ -1,91 +0,0 @@ -/********************************************************************** - * gost_ctl.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of control commands for GOST engine * - * OpenSSL 0.9.9 libraries required * - **********************************************************************/ -#include -#include -#include -#include -#include -#include -#include "gost_lcl.h" - -static char *gost_params[GOST_PARAM_MAX + 1] = { NULL }; -static const char *gost_envnames[] = { "CRYPT_PARAMS" }; - -const ENGINE_CMD_DEFN gost_cmds[] = { -/*- { GOST_CTRL_RNG, - "RNG", - "Type of random number generator to use", - ENGINE_CMD_FLAG_STRING - }, - { GOST_CTRL_RNG_PARAMS, - "RNG_PARAMS", - "Parameter for random number generator", - ENGINE_CMD_FLAG_STRING - }, -*/ {GOST_CTRL_CRYPT_PARAMS, - "CRYPT_PARAMS", - "OID of default GOST 28147-89 parameters", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -void gost_param_free() -{ - int i; - - for (i = 0; i <= GOST_PARAM_MAX; i++) { - OPENSSL_free(gost_params[i]); - gost_params[i] = NULL; - } - -} - -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int param = cmd - ENGINE_CMD_BASE; - int ret = 0; - if (param < 0 || param > GOST_PARAM_MAX) - return -1; - ret = gost_set_default_param(param, p); - return ret; -} - -const char *get_gost_engine_param(int param) -{ - char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return NULL; - if (gost_params[param] != NULL) { - return gost_params[param]; - } - tmp = getenv(gost_envnames[param]); - if (tmp) { - OPENSSL_free(gost_params[param]); - gost_params[param] = OPENSSL_strdup(tmp); - return gost_params[param]; - } - return NULL; -} - -int gost_set_default_param(int param, const char *value) -{ - const char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return 0; - tmp = getenv(gost_envnames[param]); - /* - * if there is value in the environment, use it, else -passed string * - */ - if (!tmp) - tmp = value; - OPENSSL_free(gost_params[param]); - gost_params[param] = OPENSSL_strdup(tmp); - - return 1; -} diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c deleted file mode 100644 index 38ed25ca30..0000000000 --- a/engines/ccgost/gost_eng.c +++ /dev/null @@ -1,285 +0,0 @@ -/********************************************************************** - * gost_eng.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Main file of GOST engine * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include -#include -#include -#include "e_gost_err.h" -#include "gost_lcl.h" -static const char *engine_gost_id = "gost"; -static const char *engine_gost_name = - "Reference implementation of GOST engine"; - -static int gost_pkey_meth_nids[] = { - NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0 -}; - -/* Symmetric cipher and digest function registrar */ - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); - -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int ind); - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid); - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid); - -static int gost_cipher_nids[] = { NID_id_Gost28147_89, NID_gost89_cnt, 0 }; - -static int gost_digest_nids(const int **nids) -{ - static int digest_nids[3] = { 0, 0, 0 }; - static int pos = 0; - static int init = 0; - - if (!init) { - const EVP_MD *md; - if ((md = digest_gost()) != NULL) - digest_nids[pos++] = EVP_MD_type(md); - if ((md = imit_gost_cpa()) != NULL) - digest_nids[pos++] = EVP_MD_type(md); - digest_nids[pos] = 0; - init = 1; - } - *nids = digest_nids; - return pos; -} - -static EVP_PKEY_METHOD *pmeth_GostR3410_2001 = NULL; -static EVP_PKEY_METHOD *pmeth_Gost28147_MAC = NULL; - -static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_2001 = NULL; -static EVP_PKEY_ASN1_METHOD *ameth_Gost28147_MAC = NULL; - -static int gost_engine_init(ENGINE *e) -{ - return 1; -} - -static int gost_engine_finish(ENGINE *e) -{ - return 1; -} - -static int gost_engine_destroy(ENGINE *e) -{ - digest_gost_destroy(); - cipher_gost_destroy(); - imit_gost_cpa_destroy(); - - gost_param_free(); - - pmeth_GostR3410_2001 = NULL; - pmeth_Gost28147_MAC = NULL; - ameth_GostR3410_2001 = NULL; - ameth_Gost28147_MAC = NULL; - return 1; -} - -static int bind_gost(ENGINE *e, const char *id) -{ - int ret = 0; - if (id && strcmp(id, engine_gost_id)) - return 0; - if (ameth_GostR3410_2001) { - printf("GOST engine already loaded\n"); - goto end; - } - - if (!ENGINE_set_id(e, engine_gost_id)) { - printf("ENGINE_set_id failed\n"); - goto end; - } - if (!ENGINE_set_name(e, engine_gost_name)) { - printf("ENGINE_set_name failed\n"); - goto end; - } - if (!ENGINE_set_digests(e, gost_digests)) { - printf("ENGINE_set_digests failed\n"); - goto end; - } - if (!ENGINE_set_ciphers(e, gost_ciphers)) { - printf("ENGINE_set_ciphers failed\n"); - goto end; - } - if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) { - printf("ENGINE_set_pkey_meths failed\n"); - goto end; - } - if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) { - printf("ENGINE_set_pkey_asn1_meths failed\n"); - goto end; - } - /* Control function and commands */ - if (!ENGINE_set_cmd_defns(e, gost_cmds)) { - fprintf(stderr, "ENGINE_set_cmd_defns failed\n"); - goto end; - } - if (!ENGINE_set_ctrl_function(e, gost_control_func)) { - fprintf(stderr, "ENGINE_set_ctrl_func failed\n"); - goto end; - } - if (!ENGINE_set_destroy_function(e, gost_engine_destroy) - || !ENGINE_set_init_function(e, gost_engine_init) - || !ENGINE_set_finish_function(e, gost_engine_finish)) { - goto end; - } - - if (!register_ameth_gost - (NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", - "GOST R 34.10-2001")) - goto end; - if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC, - "GOST-MAC", "GOST 28147-89 MAC")) - goto end; - - if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) - goto end; - if (!register_pmeth_gost(NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0)) - goto end; - if (!ENGINE_register_ciphers(e) - || !ENGINE_register_digests(e) - || !ENGINE_register_pkey_meths(e) - /* These two actually should go in LIST_ADD command */ - || !EVP_add_cipher(cipher_gost()) - || !EVP_add_cipher(cipher_gost_cpacnt()) - || !EVP_add_digest(digest_gost()) - || !EVP_add_digest(imit_gost_cpa()) - ) { - goto end; - } - - ERR_load_GOST_strings(); - ret = 1; - end: - return ret; -} - -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -IMPLEMENT_DYNAMIC_BIND_FN(bind_gost) - IMPLEMENT_DYNAMIC_CHECK_FN() -#endif /* ndef OPENSSL_NO_DYNAMIC_ENGINE */ -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int nid) -{ - int ok = 1; - if (!digest) { - return gost_digest_nids(nids); - } - /* - * printf("Digest no %d requested\n",nid); - */ - if (nid == NID_id_GostR3411_94) { - *digest = digest_gost(); - } else if (nid == NID_id_Gost28147_89_MAC) { - *digest = imit_gost_cpa(); - } else { - ok = 0; - *digest = NULL; - } - return ok; -} - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) -{ - int ok = 1; - if (!cipher) { - *nids = gost_cipher_nids; - return 2; /* two ciphers are supported */ - } - - if (nid == NID_id_Gost28147_89) { - *cipher = cipher_gost(); - } else if (nid == NID_gost89_cnt) { - *cipher = cipher_gost_cpacnt(); - } else { - ok = 0; - *cipher = NULL; - } - return ok; -} - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid) -{ - if (!pmeth) { - *nids = gost_pkey_meth_nids; - return 2; - } - - switch (nid) { - case NID_id_GostR3410_2001: - *pmeth = pmeth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *pmeth = pmeth_Gost28147_MAC; - return 1; - default:; - } - - *pmeth = NULL; - return 0; -} - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid) -{ - if (!ameth) { - *nids = gost_pkey_meth_nids; - return 2; - } - switch (nid) { - case NID_id_GostR3410_2001: - *ameth = ameth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *ameth = ameth_Gost28147_MAC; - return 1; - - default:; - } - - *ameth = NULL; - return 0; -} - -#ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_gost(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_gost(ret, engine_gost_id)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_gost(void) -{ - ENGINE *toadd; - if (pmeth_GostR3410_2001) - return; - toadd = engine_gost(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -#endif diff --git a/engines/ccgost/gost_keywrap.c b/engines/ccgost/gost_keywrap.c deleted file mode 100644 index 502a83c62d..0000000000 --- a/engines/ccgost/gost_keywrap.c +++ /dev/null @@ -1,106 +0,0 @@ -/********************************************************************** - * keywrap.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#include -#include "gost89.h" -#include "gost_keywrap.h" - -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey, - const unsigned char *ukm, unsigned char *outputKey) -{ - - u4 k, s1, s2; - int i, j, mask; - unsigned char S[8]; - memcpy(outputKey, inputKey, 32); - for (i = 0; i < 8; i++) { - /* Make array of integers from key */ - /* Compute IV S */ - s1 = 0, s2 = 0; - for (j = 0, mask = 1; j < 8; j++, mask <<= 1) { - k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) | - (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24); - if (mask & ukm[i]) { - s1 += k; - } else { - s2 += k; - } - } - S[0] = (unsigned char)(s1 & 0xff); - S[1] = (unsigned char)((s1 >> 8) & 0xff); - S[2] = (unsigned char)((s1 >> 16) & 0xff); - S[3] = (unsigned char)((s1 >> 24) & 0xff); - S[4] = (unsigned char)(s2 & 0xff); - S[5] = (unsigned char)((s2 >> 8) & 0xff); - S[6] = (unsigned char)((s2 >> 16) & 0xff); - S[7] = (unsigned char)((s2 >> 24) & 0xff); - gost_key(ctx, outputKey); - gost_enc_cfb(ctx, S, outputKey, outputKey, 4); - } -} - -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey) -{ - unsigned char kek_ukm[32]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm); - gost_key(ctx, kek_ukm); - memcpy(wrappedKey, ukm, 8); - gost_enc(ctx, sessionKey, wrappedKey + 8, 4); - gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40); - return 1; -} - -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey) -{ - unsigned char kek_ukm[32], cek_mac[4]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey - /* First 8 bytes of wrapped Key is ukm */ - , kek_ukm); - gost_key(ctx, kek_ukm); - gost_dec(ctx, wrappedKey + 8, sessionKey, 4); - gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac); - if (memcmp(cek_mac, wrappedKey + 40, 4)) { - return 0; - } - return 1; -} diff --git a/engines/ccgost/gost_keywrap.h b/engines/ccgost/gost_keywrap.h deleted file mode 100644 index 7def4c9fe8..0000000000 --- a/engines/ccgost/gost_keywrap.h +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keywrap.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOST_KEYWRAP_H -# define GOST_KEYWRAP_H -# include -# include "gost89.h" -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, - const unsigned char *inputKey, - const unsigned char *ukm, - unsigned char *outputKey); -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey); -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey); -#endif diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h deleted file mode 100644 index 61f657c833..0000000000 --- a/engines/ccgost/gost_lcl.h +++ /dev/null @@ -1,228 +0,0 @@ -#ifndef GOST_TOOLS_H -# define GOST_TOOLS_H -/********************************************************************** - * gost_lcl.h * - * Copyright (c) 2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Internal declarations used in GOST engine * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -# include -# include -# include -# include -# include -# include -# include -# include "gost89.h" -# include "gosthash.h" -/* Control commands */ -# define GOST_PARAM_CRYPT_PARAMS 0 -# define GOST_PARAM_MAX 0 -# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS) - -typedef struct R3410_2001 { - int nid; - char *a; - char *b; - char *p; - char *q; - char *x; - char *y; -} R3410_2001_params; - -extern R3410_2001_params R3410_2001_paramset[]; - -extern const ENGINE_CMD_DEFN gost_cmds[]; -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -const char *get_gost_engine_param(int param); -int gost_set_default_param(int param, const char *value); -void gost_param_free(void); - -/* method registration */ - -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info); -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags); - -/* Gost-specific pmeth control-function parameters */ -/* For GOST R34.10 parameters */ -# define param_ctrl_string "paramset" -# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) -/* For GOST 28147 MAC */ -# define key_ctrl_string "key" -# define hexkey_ctrl_string "hexkey" -# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) -/* Pmeth internal representation */ -struct gost_pmeth_data { - int sign_param_nid; /* Should be set whenever parameters are - * filled */ - EVP_MD *md; - unsigned char *shared_ukm; - int peer_key_used; -}; - -struct gost_mac_pmeth_data { - int key_set; - EVP_MD *md; - unsigned char key[32]; -}; -/* GOST-specific ASN1 structures */ - -typedef struct { - ASN1_OCTET_STRING *encrypted_key; - ASN1_OCTET_STRING *imit; -} GOST_KEY_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO) - -typedef struct { - ASN1_OBJECT *cipher; - X509_PUBKEY *ephem_key; - ASN1_OCTET_STRING *eph_iv; -} GOST_KEY_AGREEMENT_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -typedef struct { - GOST_KEY_INFO *key_info; - GOST_KEY_AGREEMENT_INFO *key_agreement_info; -} GOST_KEY_TRANSPORT; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -typedef struct { /* FIXME incomplete */ - GOST_KEY_TRANSPORT *gkt; -} GOST_CLIENT_KEY_EXCHANGE_PARAMS; - -/* - * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics - * what's done in symhacks.h, but since this is a very local header file, I - * prefered to put this hack directly here. -- Richard Levitte - */ -# ifdef OPENSSL_SYS_VMS -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free -# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS -# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS -# endif /* End of hack */ -DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -typedef struct { - ASN1_OBJECT *key_params; - ASN1_OBJECT *hash_params; - ASN1_OBJECT *cipher_params; -} GOST_KEY_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -typedef struct { - ASN1_OCTET_STRING *iv; - ASN1_OBJECT *enc_param_set; -} GOST_CIPHER_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) -/*============== Message digest and cipher related structures ==========*/ - /* - * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing - * in the md-data pointers to dynamically allocated memory. I - * cannot invent better way to avoid memory leaks, because openssl - * insist on invoking Init on Final-ed digests, and there is no - * reliable way to find out whether pointer in the passed md_data is - * valid or not. - */ -struct ossl_gost_digest_ctx { - gost_hash_ctx dctx; - gost_ctx cctx; -}; -/* EVP_MD structure for GOST R 34.11 */ -EVP_MD *digest_gost(void); -void digest_gost_destroy(void); -void cipher_gost_destroy(void); -/* EVP_MD structure for GOST 28147 in MAC mode */ -const EVP_MD *imit_gost_cpa(void); -void imit_gost_cpa_destroy(void); -/* Cipher context used for EVP_CIPHER operation */ -struct ossl_gost_cipher_ctx { - int paramNID; - unsigned int count; - int key_meshing; - gost_ctx cctx; -}; -/* Structure to map parameter NID to S-block */ -struct gost_cipher_info { - int nid; - gost_subst_block *sblock; - int key_meshing; -}; -/* Context for MAC */ -struct ossl_gost_imit_ctx { - gost_ctx cctx; - unsigned char buffer[8]; - unsigned char partial_block[8]; - unsigned int count; - int key_meshing; - int bytes_left; - int key_set; -}; -/* Table which maps parameter NID to S-blocks */ -extern struct gost_cipher_info gost_cipher_list[]; -/* Find encryption params from ASN1_OBJECT */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj); -/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */ -const EVP_CIPHER *cipher_gost(void); -const EVP_CIPHER *cipher_gost_cpacnt(void); -# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) -# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) -/* EVP_PKEY_METHOD key encryption callbacks */ -/* From gost2001_keyx.c */ -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *key, - size_t key_len); - -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *in, - size_t in_len); -/* derive functions */ -/* From gost2001_keyx.c */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen); -/* Internal functions for signature algorithms */ -int fill_GOST2001_params(EC_KEY *eckey, int nid); -int gost_sign_keygen(DSA *dsa); -int gost2001_keygen(EC_KEY *ec); - -DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); - -int gost_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec); -int gost2001_compute_public(EC_KEY *ec); -/*============== miscellaneous functions============================= */ -/* from gost_sign.c */ -/* Convert GOST R 34.11 hash sum to bignum according to standard */ -BIGNUM *hashsum2bn(const unsigned char *dgst); -/* - * Store bignum in byte array of given length, prepending by zeros if - * nesseccary - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len); -/* Pack GOST R 34.10 signature according to CryptoPro rules */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen); -/* Unpack GOST R 34.10 signature according to CryptoPro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen); -/* from ameth.c */ -/* Get private key as BIGNUM from both 34.10-2001 keys*/ -/* Returns pointer into EVP_PKEY structure */ -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey); - -#endif diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c deleted file mode 100644 index 8c12d008c5..0000000000 --- a/engines/ccgost/gost_md.c +++ /dev/null @@ -1,88 +0,0 @@ -/********************************************************************** - * md_gost.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST R 34.11-94 hash functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include "gost_lcl.h" -#include "gosthash.h" -#include "e_gost_err.h" - -/* implementation of GOST 34.11 hash function See gost_md.c*/ -static int gost_digest_init(EVP_MD_CTX *ctx); -static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count); -static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md); -static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_digest_cleanup(EVP_MD_CTX *ctx); - -static EVP_MD *_hidden_GostR3411_94_md = NULL; -EVP_MD *digest_gost(void) -{ - - if (_hidden_GostR3411_94_md == NULL) { - EVP_MD *md; - - if ((md = EVP_MD_meth_new(NID_id_GostR3411_94, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 32) - || !EVP_MD_meth_set_input_blocksize(md, 32) - || !EVP_MD_meth_set_app_datasize(md, - sizeof(struct ossl_gost_digest_ctx)) - || !EVP_MD_meth_set_init(md, gost_digest_init) - || !EVP_MD_meth_set_update(md, gost_digest_update) - || !EVP_MD_meth_set_final(md, gost_digest_final) - || !EVP_MD_meth_set_copy(md, gost_digest_copy) - || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_GostR3411_94_md = md; - } - return _hidden_GostR3411_94_md; -} -void digest_gost_destroy(void) -{ - EVP_MD_meth_free(_hidden_GostR3411_94_md); - _hidden_GostR3411_94_md = NULL; -} - -int gost_digest_init(EVP_MD_CTX *ctx) -{ - struct ossl_gost_digest_ctx *c = EVP_MD_CTX_md_data(ctx); - memset(&(c->dctx), 0, sizeof(gost_hash_ctx)); - gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet); - c->dctx.cipher_ctx = &(c->cctx); - return 1; -} - -int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return hash_block((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, count); -} - -int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return finish_hash((gost_hash_ctx *) EVP_MD_CTX_md_data(ctx), md); - -} - -int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - struct ossl_gost_digest_ctx *md_ctx = EVP_MD_CTX_md_data(to); - if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) { - memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from), - sizeof(struct ossl_gost_digest_ctx)); - md_ctx->dctx.cipher_ctx = &(md_ctx->cctx); - } - return 1; -} - -int gost_digest_cleanup(EVP_MD_CTX *ctx) -{ - if (EVP_MD_CTX_md_data(ctx)) - memset(EVP_MD_CTX_md_data(ctx), 0, sizeof(struct ossl_gost_digest_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_params.c b/engines/ccgost/gost_params.c deleted file mode 100644 index 2371c9a59e..0000000000 --- a/engines/ccgost/gost_params.c +++ /dev/null @@ -1,80 +0,0 @@ -/********************************************************************** - * params.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357 * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -#include "gost_lcl.h" -#include -/* Parameters of GOST 34.10 */ - -R3410_2001_params R3410_2001_paramset[] = { - /* 1.2.643.2.2.35.0 */ - {NID_id_GostR3410_2001_TestParamSet, - "7", - "5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E", - "8000000000000000000000000000000000000000000000000000000000000431", - "8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3", - "2", - "08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"} - , - /* - * 1.2.643.2.2.35.1 - */ - {NID_id_GostR3410_2001_CryptoPro_A_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.35.2 - */ - {NID_id_GostR3410_2001_CryptoPro_B_ParamSet, - "8000000000000000000000000000000000000000000000000000000000000C96", - "3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B", - "8000000000000000000000000000000000000000000000000000000000000C99", - "800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F", - "1", - "3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"} - , - /* - * 1.2.643.2.2.35.3 - */ - {NID_id_GostR3410_2001_CryptoPro_C_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - /* - * 1.2.643.2.2.36.0 - */ - {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.36.1 - */ - {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - {0, NULL, NULL, NULL, NULL, NULL, NULL} -}; diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c deleted file mode 100644 index 7381c957fb..0000000000 --- a/engines/ccgost/gost_pmeth.c +++ /dev/null @@ -1,510 +0,0 @@ -/********************************************************************** - * gost_pmeth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4357 (GOST R 34.10) Publick key method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include -#include /* For string_to_hex */ -#include -#include -#include -#include "gost_lcl.h" -#include "e_gost_err.h" -/* -----init, cleanup, copy - uniform for all algs ---------------*/ -/* Allocates new gost_pmeth_data structure and assigns it as data */ -static int pkey_gost_init(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - - data = OPENSSL_zalloc(sizeof(*data)); - if (!data) - return 0; - if (pkey && EVP_PKEY_get0(pkey)) { - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_2001: - data->sign_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - break; - default: - return 0; - } - } - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -/* Copies contents of gost_pmeth_data structure */ -static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_pmeth_data *dst_data, *src_data; - if (!pkey_gost_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - if (src_data->shared_ukm) { - dst_data->shared_ukm = NULL; - } - return 1; -} - -/* Frees up gost_pmeth_data structure */ -static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - OPENSSL_free(data->shared_ukm); - OPENSSL_free(data); -} - -/* --------------------- control functions ------------------------------*/ -static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_pmeth_data *pctx = - (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) { - GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - pctx->md = (EVP_MD *)p2; - return 1; - } - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = pctx->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_DIGESTINIT: -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_ENCRYPT: - case EVP_PKEY_CTRL_CMS_DECRYPT: - case EVP_PKEY_CTRL_CMS_SIGN: -#endif - return 1; - - case EVP_PKEY_CTRL_GOST_PARAMSET: - pctx->sign_param_nid = (int)p1; - return 1; - case EVP_PKEY_CTRL_SET_IV: - pctx->shared_ukm = OPENSSL_malloc((int)p1); - if (pctx->shared_ukm == NULL) { - GOSTerr(GOST_F_PKEY_GOST_CTRL, ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(pctx->shared_ukm, p2, (int)p1); - return 1; - case EVP_PKEY_CTRL_PEER_KEY: - if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */ - return 1; - if (p1 == 2) /* TLS: peer key used? */ - return pctx->peer_key_used; - if (p1 == 3) /* TLS: peer key used! */ - return (pctx->peer_key_used = 1); - return -2; - } - return -2; -} - -static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - int param_nid = 0; - - if (strcmp(type, param_ctrl_string) == 0) { - if (!value) { - return 0; - } - if (strlen(value) == 1) { - switch (toupper((unsigned char)value[0])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; - break; - case 'C': - param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; - break; - case '0': - param_nid = NID_id_GostR3410_2001_TestParamSet; - break; - default: - return 0; - } - } else if ((strlen(value) == 2) - && (toupper((unsigned char)value[0]) == 'X')) { - switch (toupper((unsigned char)value[1])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet; - break; - default: - return 0; - } - } else { - R3410_2001_params *p = R3410_2001_paramset; - param_nid = OBJ_txt2nid(value); - if (param_nid == NID_undef) { - return 0; - } - for (; p->nid != NID_undef; p++) { - if (p->nid == param_nid) - break; - } - if (p->nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET); - return 0; - } - } - - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } - return -2; -} - -/* --------------------- key generation --------------------------------*/ - -static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - EC_KEY *ec = NULL; - - if (data->sign_param_nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET); - return 0; - } - if (!ec) - ec = EC_KEY_new(); - if (!fill_GOST2001_params(ec, data->sign_param_nid)) { - EC_KEY_free(ec); - return 0; - } - EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec); - return 1; -} - -/* Generates GOST_R3410 2001 key and assigns it using specified type */ -static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - EC_KEY *ec; - if (!pkey_gost01_paramgen(ctx, pkey)) - return 0; - ec = EVP_PKEY_get0(pkey); - gost2001_keygen(ec); - return 1; -} - -/* ----------- sign callbacks --------------------------------------*/ -/* - * Packs signature according to Cryptopro rules - * and frees up DSA_SIG structure - */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen) -{ - *siglen = 2 * order; - memset(sig, 0, *siglen); - store_bignum(s->s, sig, order); - store_bignum(s->r, sig + order, order); - DSA_SIG_free(s); - return 1; -} - - -static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbs_len) -{ - DSA_SIG *unpacked_sig = NULL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!siglen) - return 0; - if (!sig) { - *siglen = 64; /* better to check size of curve order */ - return 1; - } - unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey)); - if (!unpacked_sig) { - return 0; - } - return pack_sign_cp(unpacked_sig, 32, sig, siglen); -} - -/* ------------------- verify callbacks ---------------------------*/ -/* Unpack signature according to cryptopro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen) -{ - DSA_SIG *s; - - s = DSA_SIG_new(); - if (s == NULL) { - GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, ERR_R_MALLOC_FAILURE); - return NULL; - } - s->s = BN_bin2bn(sig, siglen / 2, NULL); - s->r = BN_bin2bn(sig + siglen / 2, siglen / 2, NULL); - return s; -} - - -static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbs_len) -{ - int ok = 0; - EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - DSA_SIG *s = unpack_cp_signature(sig, siglen); - if (!s) - return 0; -#ifdef DEBUG_SIGN - fprintf(stderr, "R="); - BN_print_fp(stderr, s->r); - fprintf(stderr, "\nS="); - BN_print_fp(stderr, s->s); - fprintf(stderr, "\n"); -#endif - if (pub_key) - ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key)); - DSA_SIG_free(s); - return ok; -} - -/* ------------- encrypt init -------------------------------------*/ -/* Generates ephermeral key */ -static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* --------------- Derive init ------------------------------------*/ -static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/ -static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = OPENSSL_zalloc(sizeof(*data)); - - if (!data) - return 0; - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - OPENSSL_free(data); -} - -static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_mac_pmeth_data *dst_data, *src_data; - if (!pkey_gost_mac_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - return 1; -} - -static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_mac_pmeth_data *data = - (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - data->md = (EVP_MD *)p2; - return 1; - } - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = data->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - return 1; - case EVP_PKEY_CTRL_SET_MAC_KEY: - if (p1 != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - memcpy(data->key, p2, 32); - data->key_set = 1; - return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - { - EVP_MD_CTX *mctx = p2; - void *key; - if (!data->key_set) { - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!pkey) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - key = EVP_PKEY_get0(pkey); - if (!key) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - } else { - key = &(data->key); - } - return EVP_MD_meth_get_ctrl(EVP_MD_CTX_md(mctx)) - (mctx, EVP_MD_CTRL_SET_KEY, 32, key); - } - } - return -2; -} - -static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - if (strcmp(type, key_ctrl_string) == 0) { - if (strlen(value) != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - 32, (char *)value); - } - if (strcmp(type, hexkey_ctrl_string) == 0) { - long keylen; - int ret; - unsigned char *keybuf = string_to_hex(value, &keylen); - if (!keybuf || keylen != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - OPENSSL_free(keybuf); - return 0; - } - ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf); - OPENSSL_free(keybuf); - return ret; - - } - return -2; -} - -static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - unsigned char *keydata; - if (!data->key_set) { - GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - keydata = OPENSSL_malloc(32); - if (keydata == NULL) - return 0; - memcpy(keydata, data->key, 32); - EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata); - return 1; -} - -static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - return 1; -} - -static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, EVP_MD_CTX *mctx) -{ - unsigned int tmpsiglen = *siglen; /* for platforms where - * sizeof(int)!=sizeof(size_t) */ - int ret; - if (!sig) { - *siglen = 4; - return 1; - } - ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen); - *siglen = tmpsiglen; - return ret; -} - -/* ----------------------------------------------------------------*/ -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) -{ - *pmeth = EVP_PKEY_meth_new(id, flags); - if (!*pmeth) - return 0; - - switch (id) { - case NID_id_GostR3410_2001: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str); - EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign); - EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify); - - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen); - - EVP_PKEY_meth_set_encrypt(*pmeth, - pkey_gost_encrypt_init, - pkey_GOST01cp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt); - EVP_PKEY_meth_set_derive(*pmeth, - pkey_gost_derive_init, pkey_gost2001_derive); - EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, - pkey_gost01_paramgen); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, - pkey_gost_mac_ctrl_str); - EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init, - pkey_gost_mac_signctx); - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen); - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup); - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy); - return 1; - default: /* Unsupported method */ - return 0; - } - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup); - - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy); - /* - * FIXME derive etc... - */ - - return 1; -} diff --git a/engines/ccgost/gosthash.c b/engines/ccgost/gosthash.c deleted file mode 100644 index b3d80d4ac6..0000000000 --- a/engines/ccgost/gosthash.c +++ /dev/null @@ -1,268 +0,0 @@ -/********************************************************************** - * gosthash.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.11-94 hash function * - * uses on gost89.c and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#include - -#include "gost89.h" -#include "gosthash.h" - -/* - * Use OPENSSL_malloc for memory allocation if compiled with - * -DOPENSSL_BUILD, and libc malloc otherwise - */ -#ifndef MYALLOC -# ifdef OPENSSL_BUILD -# include -# define MYALLOC(size) OPENSSL_malloc(size) -# define MYFREE(ptr) OPENSSL_free(ptr) -# else -# define MYALLOC(size) malloc(size) -# define MYFREE(ptr) free(ptr) -# endif -#endif -/* - * Following functions are various bit meshing routines used in GOST R - * 34.11-94 algorithms - */ -static void swap_bytes(byte * w, byte * k) -{ - int i, j; - for (i = 0; i < 4; i++) - for (j = 0; j < 8; j++) - k[i + 4 * j] = w[8 * i + j]; - -} - -/* was A_A */ -static void circle_xor8(const byte * w, byte * k) -{ - byte buf[8]; - int i; - memcpy(buf, w, 8); - memmove(k, w + 8, 24); - for (i = 0; i < 8; i++) - k[i + 24] = buf[i] ^ k[i]; -} - -/* was R_R */ -static void transform_3(byte * data) -{ - unsigned short int acc; - acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) | - ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8); - memmove(data, data + 2, 30); - data[30] = acc & 0xff; - data[31] = acc >> 8; -} - -/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/ -static int add_blocks(int n, byte * left, const byte * right) -{ - int i; - int carry = 0; - int sum; - for (i = 0; i < n; i++) { - sum = (int)left[i] + (int)right[i] + carry; - left[i] = sum & 0xff; - carry = sum >> 8; - } - return carry; -} - -/* Xor two sequences of bytes */ -static void xor_blocks(byte * result, const byte * a, const byte * b, - size_t len) -{ - size_t i; - for (i = 0; i < len; i++) - result[i] = a[i] ^ b[i]; -} - -/* - * Calculate H(i+1) = Hash(Hi,Mi) - * Where H and M are 32 bytes long - */ -static int hash_step(gost_ctx * c, byte * H, const byte * M) -{ - byte U[32], W[32], V[32], S[32], Key[32]; - int i; - /* Compute first key */ - xor_blocks(W, H, M, 32); - swap_bytes(W, Key); - /* Encrypt first 8 bytes of H with first key */ - gost_enc_with_key(c, Key, H, S); - /* Compute second key */ - circle_xor8(H, U); - circle_xor8(M, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt second 8 bytes of H with second key */ - gost_enc_with_key(c, Key, H + 8, S + 8); - /* compute third key */ - circle_xor8(U, U); - U[31] = ~U[31]; - U[29] = ~U[29]; - U[28] = ~U[28]; - U[24] = ~U[24]; - U[23] = ~U[23]; - U[20] = ~U[20]; - U[18] = ~U[18]; - U[17] = ~U[17]; - U[14] = ~U[14]; - U[12] = ~U[12]; - U[10] = ~U[10]; - U[8] = ~U[8]; - U[7] = ~U[7]; - U[5] = ~U[5]; - U[3] = ~U[3]; - U[1] = ~U[1]; - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt third 8 bytes of H with third key */ - gost_enc_with_key(c, Key, H + 16, S + 16); - /* Compute fourth key */ - circle_xor8(U, U); - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* Encrypt last 8 bytes with fourth key */ - gost_enc_with_key(c, Key, H + 24, S + 24); - for (i = 0; i < 12; i++) - transform_3(S); - xor_blocks(S, S, M, 32); - transform_3(S); - xor_blocks(S, S, H, 32); - for (i = 0; i < 61; i++) - transform_3(S); - memcpy(H, S, 32); - return 1; -} - -/* - * Initialize gost_hash ctx - cleans up temporary structures and set up - * substitution blocks - */ -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block) -{ - memset(ctx, 0, sizeof(*ctx)); - ctx->cipher_ctx = (gost_ctx *) MYALLOC(sizeof(gost_ctx)); - if (!ctx->cipher_ctx) { - return 0; - } - gost_init(ctx->cipher_ctx, subst_block); - return 1; -} - -/* - * Free cipher CTX if it is dynamically allocated. Do not use - * if cipher ctx is statically allocated as in OpenSSL implementation of - * GOST hash algroritm - * - */ -void done_gost_hash_ctx(gost_hash_ctx * ctx) -{ - /* - * No need to use gost_destroy, because cipher keys are not really secret - * when hashing - */ - MYFREE(ctx->cipher_ctx); -} - -/* - * reset state of hash context to begin hashing new message - */ -int start_hash(gost_hash_ctx * ctx) -{ - if (!ctx->cipher_ctx) - return 0; - memset(&(ctx->H), 0, 32); - memset(&(ctx->S), 0, 32); - ctx->len = 0L; - ctx->left = 0; - return 1; -} - -/* - * Hash block of arbitrary length - * - * - */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length) -{ - if (ctx->left) { - /* - * There are some bytes from previous step - */ - unsigned int add_bytes = 32 - ctx->left; - if (add_bytes > length) { - add_bytes = length; - } - memcpy(&(ctx->remainder[ctx->left]), block, add_bytes); - ctx->left += add_bytes; - if (ctx->left < 32) { - return 1; - } - block += add_bytes; - length -= add_bytes; - hash_step(ctx->cipher_ctx, ctx->H, ctx->remainder); - add_blocks(32, ctx->S, ctx->remainder); - ctx->len += 32; - ctx->left = 0; - } - while (length >= 32) { - hash_step(ctx->cipher_ctx, ctx->H, block); - - add_blocks(32, ctx->S, block); - ctx->len += 32; - block += 32; - length -= 32; - } - if (length) { - memcpy(ctx->remainder, block, ctx->left = length); - } - return 1; -} - -/* - * Compute hash value from current state of ctx - * state of hash ctx becomes invalid and cannot be used for further - * hashing. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval) -{ - byte buf[32]; - byte H[32]; - byte S[32]; - ghosthash_len fin_len = ctx->len; - byte *bptr; - memcpy(H, ctx->H, 32); - memcpy(S, ctx->S, 32); - if (ctx->left) { - memset(buf, 0, 32); - memcpy(buf, ctx->remainder, ctx->left); - hash_step(ctx->cipher_ctx, H, buf); - add_blocks(32, S, buf); - fin_len += ctx->left; - } - memset(buf, 0, 32); - bptr = buf; - fin_len <<= 3; /* Hash length in BITS!! */ - while (fin_len > 0) { - *(bptr++) = (byte) (fin_len & 0xFF); - fin_len >>= 8; - }; - hash_step(ctx->cipher_ctx, H, buf); - hash_step(ctx->cipher_ctx, H, S); - memcpy(hashval, H, 32); - return 1; -} diff --git a/engines/ccgost/gosthash.h b/engines/ccgost/gosthash.h deleted file mode 100644 index 003e668e0b..0000000000 --- a/engines/ccgost/gosthash.h +++ /dev/null @@ -1,52 +0,0 @@ -/********************************************************************** - * gosthash.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declaration of GOST R 34.11-94 hash functions * - * uses and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOSTHASH_H -# define GOSTHASH_H -# include "gost89.h" -# include - -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -typedef __int64 ghosthash_len; -# elif defined(__arch64__) -typedef long ghosthash_len; -# else -typedef long long ghosthash_len; -# endif - -typedef struct gost_hash_ctx { - ghosthash_len len; - gost_ctx *cipher_ctx; - int left; - byte H[32]; - byte S[32]; - byte remainder[32]; -} gost_hash_ctx; - -/* Initalizes gost hash ctx, including creation of gost cipher ctx */ - -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block); -void done_gost_hash_ctx(gost_hash_ctx * ctx); - -/* - * Cleans up all fields, except cipher ctx preparing ctx for computing of new - * hash value - */ -int start_hash(gost_hash_ctx * ctx); - -/* Hashes block of data */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length); - -/* - * Finalizes computation of hash and fills buffer (which should be at least - * 32 bytes long) with value of computed hash. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval); - -#endif diff --git a/engines/ccgost/gostsum.c b/engines/ccgost/gostsum.c deleted file mode 100644 index 252bd2cfed..0000000000 --- a/engines/ccgost/gostsum.c +++ /dev/null @@ -1,187 +0,0 @@ -/********************************************************************** - * gostsum.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Almost drop-in replacement for md5sum and sha1sum * - * which computes GOST R 34.11-94 hashsum instead * - * * - **********************************************************************/ -#include -#include -#include -#include -#include -#include -#include "gosthash.h" -#define BUF_SIZE 262144 -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode); -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum); -int get_line(FILE *f, char *hash, char *filename); -void help() -{ - fprintf(stderr, "gostsum [-bvt] [-c [file]]| [files]\n" - "\t-c check message digests (default is generate)\n" - "\t-v verbose, print file names when checking\n" - "\t-b read files in binary mode\n" - "\t-t use test GOST paramset (default is CryptoPro paramset)\n" - "The input for -c should be the list of message digests and file names\n" - "that is printed on stdout by this program when it generates digests.\n"); - exit(3); -} - -#ifndef O_BINARY -# define O_BINARY 0 -#endif - -int main(int argc, char **argv) -{ - int c, i; - int verbose = 0; - int errors = 0; - int open_mode = O_RDONLY; - gost_subst_block *b = &GostR3411_94_CryptoProParamSet; - FILE *check_file = NULL; - gost_hash_ctx ctx; - - while ((c = getopt(argc, argv, "bc::tv")) != -1) { - switch (c) { - case 'v': - verbose = 1; - break; - case 't': - b = &GostR3411_94_TestParamSet; - break; - case 'b': - open_mode |= O_BINARY; - break; - case 'c': - if (optarg) { - check_file = fopen(optarg, "r"); - if (!check_file) { - perror(optarg); - exit(2); - } - } else { - check_file = stdin; - } - break; - default: - fprintf(stderr, "invalid option %c", optopt); - help(); - } - } - init_gost_hash_ctx(&ctx, b); - if (check_file) { - char inhash[65], calcsum[65], filename[PATH_MAX]; - int failcount = 0, count = 0;; - if (check_file == stdin && optind < argc) { - check_file = fopen(argv[optind], "r"); - if (!check_file) { - perror(argv[optind]); - exit(2); - } - } - while (get_line(check_file, inhash, filename)) { - if (!hash_file(&ctx, filename, calcsum, open_mode)) { - exit(2); - } - count++; - if (strncmp(calcsum, inhash, 65) == 0) { - if (verbose) { - fprintf(stderr, "%s\tOK\n", filename); - } - } else { - if (verbose) { - fprintf(stderr, "%s\tFAILED\n", filename); - } else { - fprintf(stderr, - "%s: GOST hash sum check failed for '%s'\n", - argv[0], filename); - } - failcount++; - } - } - if (verbose && failcount) { - fprintf(stderr, - "%s: %d of %d file(f) failed GOST hash sum check\n", - argv[0], failcount, count); - } - exit(failcount ? 1 : 0); - } - if (optind == argc) { - char sum[65]; - if (!hash_stream(&ctx, fileno(stdin), sum)) { - perror("stdin"); - exit(1); - } - printf("%s -\n", sum); - exit(0); - } - for (i = optind; i < argc; i++) { - char sum[65]; - if (!hash_file(&ctx, argv[i], sum, open_mode)) { - errors++; - } else { - printf("%s %s\n", sum, argv[i]); - } - } - exit(errors ? 1 : 0); -} - -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode) -{ - int fd; - if ((fd = open(filename, mode)) < 0) { - perror(filename); - return 0; - } - if (!hash_stream(ctx, fd, sum)) { - perror(filename); - return 0; - } - close(fd); - return 1; -} - -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum) -{ - unsigned char buffer[BUF_SIZE]; - ssize_t bytes; - int i; - start_hash(ctx); - while ((bytes = read(fd, buffer, BUF_SIZE)) > 0) { - hash_block(ctx, buffer, bytes); - } - if (bytes < 0) { - return 0; - } - finish_hash(ctx, buffer); - for (i = 0; i < 32; i++) { - sprintf(sum + 2 * i, "%02x", buffer[31 - i]); - } - return 1; -} - -int get_line(FILE *f, char *hash, char *filename) -{ - int i; - if (fread(hash, 1, 64, f) < 64) - return 0; - hash[64] = 0; - for (i = 0; i < 64; i++) { - if (hash[i] < '0' || (hash[i] > '9' && hash[i] < 'A') - || (hash[i] > 'F' && hash[i] < 'a') || hash[i] > 'f') { - fprintf(stderr, "Not a hash value '%s'\n", hash); - return 0; - } - } - if (fgetc(f) != ' ') { - fprintf(stderr, "Malformed input line\n"); - return 0; - } - i = strlen(fgets(filename, PATH_MAX, f)); - while (filename[--i] == '\n' || filename[i] == '\r') - filename[i] = 0; - return 1; -} diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 300ff26b08..3e0208f103 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -401,9 +401,6 @@ void ENGINE_load_sureware(void); void ENGINE_load_ubsec(void); void ENGINE_load_padlock(void); void ENGINE_load_capi(void); -# ifndef OPENSSL_NO_GOST -void ENGINE_load_gost(void); -# endif void ENGINE_load_dasync(void); # endif void ENGINE_load_cryptodev(void); diff --git a/test/Makefile.in b/test/Makefile.in index dc3b94b286..c48bc66de0 100644 --- a/test/Makefile.in +++ b/test/Makefile.in @@ -55,7 +55,6 @@ RC5TEST= rc5test BFTEST= bftest CASTTEST= casttest DESTEST= destest -GOST2814789TEST=gost2814789test RANDTEST= randtest DHTEST= dhtest DSATEST= dsatest @@ -93,7 +92,7 @@ EXE= $(NPTEST)$(EXE_EXT) $(MEMLEAKTEST)$(EXE_EXT) \ $(DESTEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \ $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ - $(GOST2814789TEST)$(EXE_EXT) $(DANETEST)$(EXE_EXT) \ + $(DANETEST)$(EXE_EXT) \ $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) \ $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ $(EVPTEST)$(EXE_EXT) $(EVPEXTRATEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) \ @@ -116,7 +115,7 @@ OBJ= $(NPTEST).o $(MEMLEAKTEST).o \ $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \ $(EVPTEST).o $(EVPEXTRATEST).o $(IGETEST).o $(JPAKETEST).o $(V3NAMETEST).o \ - $(GOST2814789TEST).o $(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \ + $(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \ $(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \ $(PACKETTEST).o $(ASYNCTEST).o testutil.o @@ -130,7 +129,7 @@ SRC= $(NPTEST).c $(MEMLEAKTEST).c \ $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ $(EVPTEST).c $(EVPEXTRATEST).c $(IGETEST).c $(JPAKETEST).c $(V3NAMETEST).c \ - $(GOST2814789TEST).c $(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \ + $(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \ $(CONSTTIMETEST).c $(VERIFYEXTRATEST).c $(CLIENTHELLOTEST).c \ $(PACKETTEST).c $(ASYNCTEST).c testutil.c @@ -300,9 +299,6 @@ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) @target=$(DESTEST); $(BUILD_CMD) -$(GOST2814789TEST)$(EXE_EXT): $(GOST2814789TEST).o $(DLIBCRYPTO) - @target=$(GOST2814789TEST); $(BUILD_CMD) - $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) @target=$(RANDTEST); $(BUILD_CMD) diff --git a/test/gost2814789test.c b/test/gost2814789test.c deleted file mode 100644 index f19c5ddc65..0000000000 --- a/test/gost2814789test.c +++ /dev/null @@ -1,1447 +0,0 @@ -/* vim: set fileencoding=ascii : Charset: ASCII */ -/* test/gostr2814789t.c */ -/* ==================================================================== - * Copyright (c) 2012 Crypto-Pro, Ltd., Serguei E. Leontiev, - * lse@cryptopro.ru - * - * This file is distributed under the same license as OpenSSL - * ==================================================================== - */ -#include -#include - -#if defined(OPENSSL_NO_ENGINE) || defined(OPENSSL_NO_GOST) -int main(int argc, char *argv[]) -{ - printf("No GOST 28147-89 support\n"); - return 0; -} -#else - -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "e_os.h" - -# define CCGOST_ID "gost" - -# include "../engines/ccgost/gost89.h" - -# define G89_MAX_TC_LEN (2048) -# define G89_BLOCK_LEN (8) - -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -typedef unsigned __int64 u64; -# define U64(C) C##UI64 -# define FMT64 "%I64u" -# elif defined(__arch64__) -typedef unsigned long u64; -# define U64(C) C##UL -# define FMT64 "%lu" -# else -typedef unsigned long long u64; -# define U64(C) C##ULL -# define FMT64 "%llu" -# endif -# if defined(__MINGW32__) -# undef FMT64 -# define FMT64 "%I64u" -# endif - -typedef enum g89_mode_ { - G89_ECB, - G89_CFB, - G89_CNT, - G89_IMIT -} g89_mode; - -typedef struct g89_tc_ { - u64 ullLen; /* ullLen > G89_MAX_TC_LEN */ - /* Clear text ullLen */ - /* of zero bytes */ - const byte bIn[G89_MAX_TC_LEN]; /* Clear text, when */ - /* ullLen <= G89_MAX_TC_LEN */ - const char *szParamSet; /* S-Box ID */ - const char *szDerive; /* String for derive bRawKey */ - const byte bRawKey[EVP_MAX_KEY_LENGTH]; - g89_mode gMode; /* Mode of encryption or MAC */ - const byte bIV[EVP_MAX_IV_LENGTH]; /* IV for CFB or CNT mode */ - const byte bOut[G89_MAX_TC_LEN]; /* Cipher text for ECB/CFB/CNT */ - /* - * mode, when ullLen <= G89_MAX_TC_LEN; Last 16 byte of cipher text for - * ECB/CFB/CNT, when ullLen > G89_MAX_TC_LEN; 4 byte MAC for imitovstavka - */ -} g89_tc; - -static const g89_tc tcs[] = { - /* - * GOST R 34.11-94 Test cases - */ - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* */ - /* Iteration 1, K[1], see Errata for RFC 5831 */ - 8, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0x54, 0x6d, 0x20, 0x33, 0x68, 0x65, 0x6c, 0x32, - 0x69, 0x73, 0x65, 0x20, 0x73, 0x73, 0x6e, 0x62, - 0x20, 0x61, 0x67, 0x79, 0x69, 0x67, 0x74, 0x74, - 0x73, 0x65, 0x68, 0x65, 0x20, 0x2c, 0x3d, 0x73}, - G89_ECB, - {0}, - { - 0x1b, 0x0b, 0xbc, 0x32, 0xce, 0xbc, 0xab, 0x42} - }, - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* */ - /* Iteration 1, K[4] */ - 8, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0xec, 0x0a, 0x8b, 0xa1, 0x5e, 0xc0, 0x04, 0xa8, - 0xba, 0xc5, 0x0c, 0xac, 0x0c, 0x62, 0x1d, 0xee, - 0xe1, 0xc7, 0xb8, 0xe7, 0x00, 0x7a, 0xe2, 0xec, - 0xf2, 0x73, 0x1b, 0xff, 0x4e, 0x80, 0xe2, 0xa0}, - G89_ECB, - {0}, - { - 0x2d, 0x56, 0x2a, 0x0d, 0x19, 0x04, 0x86, 0xe7} - }, - { /* see p. A.3.1 [GOSTR341194], p. 7.3.1 - * [ENG-GOSTR341194] */ - /* */ - /* Iteration 2, K[1] */ - 8, - { - 0x34, 0xc0, 0x15, 0x33, 0xe3, 0x7d, 0x1c, 0x56}, - "id-GostR3410-94-TestParamSet", - NULL, - { - 0x34, 0x87, 0x24, 0xa4, 0xc1, 0xa6, 0x76, 0x67, - 0x15, 0x3d, 0xde, 0x59, 0x33, 0x88, 0x42, 0x50, - 0xe3, 0x24, 0x8c, 0x65, 0x7d, 0x41, 0x3b, 0x8c, - 0x1c, 0x9c, 0xa0, 0x9a, 0x56, 0xd9, 0x68, 0xcf}, - G89_ECB, - {0}, - { - 0x86, 0x3e, 0x78, 0xdd, 0x2d, 0x60, 0xd1, 0x3c} - }, - /* - * id-Gost28147-89-CryptoPro-A-ParamSet (1.2.643.2.2.31.1) - * Test cases - */ - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x74, 0x3d, 0x76, 0xf9, 0x1b, 0xee, 0x35, 0x3c, - 0xa2, 0x5c, 0x3b, 0x10, 0xeb, 0x64, 0xcf, 0xf5}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testecb1", - { - 0xbb, 0xf1, 0xed, 0xd3, 0x20, 0xaf, 0x8a, 0x62, - 0x8e, 0x11, 0xc8, 0xa9, 0x51, 0xcc, 0xbe, 0x81, - 0x47, 0x7b, 0x41, 0xa1, 0x6a, 0xf6, 0x7f, 0x05, - 0xe8, 0x51, 0x2f, 0x9e, 0x01, 0xf8, 0xcf, 0x49}, - G89_ECB, - {0}, - { - 0xc3, 0x73, 0x90, 0x95, 0x35, 0x58, 0x08, 0x63, - 0xcb, 0x68, 0x85, 0x96, 0x77, 0xe8, 0xfb, 0xa9} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0xd2, 0xfd, 0xf8, 0x3a, 0xc1, 0xb4, 0x39, 0x23, - 0x2e, 0xaa, 0xcc, 0x98, 0x0a, 0x02, 0xda, 0x33}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcfb1", - { - 0x8d, 0x5a, 0x2c, 0x83, 0xa7, 0xc7, 0x0a, 0x61, - 0xd6, 0x1b, 0x34, 0xb5, 0x1f, 0xdf, 0x42, 0x68, - 0x66, 0x71, 0xa3, 0x5d, 0x87, 0x4c, 0xfd, 0x84, - 0x99, 0x36, 0x63, 0xb6, 0x1e, 0xd6, 0x0d, 0xad}, - G89_CFB, - { - 0x46, 0x60, 0x6f, 0x0d, 0x88, 0x34, 0x23, 0x5a}, - { - 0x88, 0xb7, 0x75, 0x16, 0x74, 0xa5, 0xee, 0x2d, - 0x14, 0xfe, 0x91, 0x67, 0xd0, 0x5c, 0xcc, 0x40} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x90, 0xa2, 0x39, 0x66, 0xae, 0x01, 0xb9, 0xa3, - 0x52, 0x4e, 0xc8, 0xed, 0x6c, 0xdd, 0x88, 0x30}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcnt1", - { - 0x59, 0x9f, 0x84, 0xba, 0xc3, 0xf3, 0xd2, 0xf1, - 0x60, 0xe1, 0xe3, 0xf2, 0x6a, 0x96, 0x1a, 0xf9, - 0x9c, 0x48, 0xb2, 0x4e, 0xbc, 0xbb, 0xbf, 0x7c, - 0xd8, 0xf3, 0xac, 0xcd, 0x96, 0x8d, 0x28, 0x6a}, - G89_CNT, - { - 0x8d, 0xaf, 0xa8, 0xd1, 0x58, 0xed, 0x05, 0x8d}, - { - 0x6e, 0x72, 0x62, 0xcc, 0xe3, 0x59, 0x36, 0x90, - 0x83, 0x3a, 0xfe, 0xa9, 0x1b, 0xc9, 0xbe, 0xce} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0xb5, 0xa1, 0xf0, 0xe3, 0xce, 0x2f, 0x02, 0x1d, - 0x67, 0x61, 0x94, 0x34, 0x5c, 0x41, 0xe3, 0x6e}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit1", - { - 0x9d, 0x05, 0xb7, 0x9e, 0x90, 0xca, 0xd0, 0x0a, - 0x2c, 0xda, 0xd2, 0x2e, 0xf4, 0xe8, 0x6f, 0x5c, - 0xf5, 0xdc, 0x37, 0x68, 0x19, 0x85, 0xb3, 0xbf, - 0xaa, 0x18, 0xc1, 0xc3, 0x05, 0x0a, 0x91, 0xa2}, - G89_IMIT, - {0}, - { - 0xf8, 0x1f, 0x08, 0xa3} - }, - /* - * Other paramsets and key meshing test cases. - */ - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1039, - { - 0x8c, 0x9c, 0x44, 0x35, 0xfb, 0xe9, 0xa5, 0xa3, - 0xa0, 0xae, 0x28, 0x56, 0x91, 0x10, 0x8e, 0x1e, - 0xd2, 0xbb, 0x18, 0x53, 0x81, 0x27, 0x0d, 0xa6, - 0x68, 0x59, 0x36, 0xc5, 0x81, 0x62, 0x9a, 0x8e, - 0x7d, 0x50, 0xf1, 0x6f, 0x97, 0x62, 0x29, 0xec, - 0x80, 0x51, 0xe3, 0x7d, 0x6c, 0xc4, 0x07, 0x95, - 0x28, 0x63, 0xdc, 0xb4, 0xb9, 0x2d, 0xb8, 0x13, - 0xb1, 0x05, 0xb5, 0xf9, 0xeb, 0x75, 0x37, 0x4e, - 0xf7, 0xbf, 0x51, 0xf1, 0x98, 0x86, 0x43, 0xc4, - 0xe4, 0x3d, 0x3e, 0xa7, 0x62, 0xec, 0x41, 0x59, - 0xe0, 0xbd, 0xfb, 0xb6, 0xfd, 0xec, 0xe0, 0x77, - 0x13, 0xd2, 0x59, 0x90, 0xa1, 0xb8, 0x97, 0x6b, - 0x3d, 0x8b, 0x7d, 0xfc, 0x9d, 0xca, 0x82, 0x73, - 0x32, 0x70, 0x0a, 0x74, 0x03, 0xc6, 0x0c, 0x26, - 0x7f, 0x56, 0xf0, 0x9d, 0xb2, 0xeb, 0x71, 0x40, - 0xd7, 0xc3, 0xb1, 0xa7, 0xc5, 0x1e, 0x20, 0x17, - 0xb3, 0x50, 0x1d, 0x8a, 0x6e, 0x19, 0xcb, 0xbe, - 0x20, 0x86, 0x2b, 0xd6, 0x1c, 0xfd, 0xb4, 0xb7, - 0x5d, 0x9a, 0xb3, 0xe3, 0x7d, 0x15, 0x7a, 0x35, - 0x01, 0x9f, 0x5d, 0x65, 0x89, 0x4b, 0x34, 0xc6, - 0xf4, 0x81, 0x3f, 0x78, 0x30, 0xcf, 0xe9, 0x15, - 0x90, 0x9a, 0xf9, 0xde, 0xba, 0x63, 0xd0, 0x19, - 0x14, 0x66, 0x3c, 0xb9, 0xa4, 0xb2, 0x84, 0x94, - 0x02, 0xcf, 0xce, 0x20, 0xcf, 0x76, 0xe7, 0xc5, - 0x48, 0xf7, 0x69, 0x3a, 0x5d, 0xec, 0xaf, 0x41, - 0xa7, 0x12, 0x64, 0x83, 0xf5, 0x99, 0x1e, 0x9e, - 0xb2, 0xab, 0x86, 0x16, 0x00, 0x23, 0x8e, 0xe6, - 0xd9, 0x80, 0x0b, 0x6d, 0xc5, 0x93, 0xe2, 0x5c, - 0x8c, 0xd8, 0x5e, 0x5a, 0xae, 0x4a, 0x85, 0xfd, - 0x76, 0x01, 0xea, 0x30, 0xf3, 0x78, 0x34, 0x10, - 0x72, 0x51, 0xbc, 0x9f, 0x76, 0xce, 0x1f, 0xd4, - 0x8f, 0x33, 0x50, 0x34, 0xc7, 0x4d, 0x7b, 0xcf, - 0x91, 0x63, 0x7d, 0x82, 0x9e, 0xa1, 0x23, 0x45, - 0xf5, 0x45, 0xac, 0x98, 0x7a, 0x48, 0xff, 0x64, - 0xd5, 0x59, 0x47, 0xde, 0x2b, 0x3f, 0xfa, 0xec, - 0x50, 0xe0, 0x81, 0x60, 0x8b, 0xc3, 0xfc, 0x80, - 0x98, 0x17, 0xc7, 0xa3, 0xc2, 0x57, 0x3d, 0xab, - 0x91, 0x67, 0xf5, 0xc4, 0xab, 0x92, 0xc8, 0xd6, - 0x3b, 0x6b, 0x3f, 0xff, 0x15, 0x6b, 0xcf, 0x53, - 0x65, 0x02, 0xf1, 0x74, 0xca, 0xa9, 0xbe, 0x24, - 0xd2, 0xf0, 0xb7, 0x26, 0xa8, 0xd7, 0x6d, 0xed, - 0x90, 0x36, 0x7b, 0x3e, 0x41, 0xa9, 0x7f, 0xa3, - 0x1b, 0xf4, 0x43, 0xc5, 0x51, 0xbe, 0x28, 0x59, - 0xe9, 0x45, 0x26, 0x49, 0x38, 0x32, 0xf8, 0xf3, - 0x92, 0x6e, 0x30, 0xcc, 0xb0, 0xa0, 0xf9, 0x01, - 0x14, 0xc8, 0xba, 0xd9, 0xf0, 0x2a, 0x29, 0xe2, - 0x52, 0x9a, 0x76, 0x95, 0x3a, 0x16, 0x32, 0xec, - 0xf4, 0x10, 0xec, 0xee, 0x47, 0x00, 0x70, 0x19, - 0xe4, 0x72, 0x35, 0x66, 0x44, 0x53, 0x2d, 0xa2, - 0xf3, 0xaa, 0x7e, 0x8a, 0x33, 0x13, 0xcd, 0xc8, - 0xbf, 0x0e, 0x40, 0x90, 0x00, 0xe4, 0x42, 0xc3, - 0x09, 0x84, 0xe1, 0x66, 0x17, 0xa2, 0xaf, 0x03, - 0xab, 0x6b, 0xa1, 0xec, 0xfb, 0x17, 0x72, 0x81, - 0xfe, 0x9a, 0x9f, 0xf4, 0xb2, 0x33, 0x1f, 0xae, - 0x0c, 0xd1, 0x6a, 0xae, 0x19, 0xb8, 0xaf, 0xec, - 0xe3, 0xea, 0x00, 0xf8, 0xac, 0x87, 0x07, 0x5f, - 0x6d, 0xb0, 0xac, 0x6b, 0x22, 0x48, 0x36, 0xbf, - 0x22, 0x18, 0xb0, 0x03, 0x9f, 0x6c, 0x70, 0x45, - 0x36, 0xf0, 0x6b, 0xc6, 0xc2, 0xa5, 0x72, 0x2c, - 0xd8, 0xe0, 0x27, 0x3d, 0xec, 0x56, 0x07, 0x05, - 0x7d, 0x83, 0xa1, 0x65, 0x7d, 0x41, 0x5b, 0xcd, - 0x77, 0x24, 0xe5, 0xaa, 0x76, 0x47, 0xd0, 0x50, - 0xf6, 0xe7, 0xb5, 0x59, 0x75, 0x31, 0x27, 0xef, - 0xd8, 0xa6, 0x4e, 0x7f, 0xb8, 0x40, 0xb1, 0xdf, - 0x53, 0x14, 0xed, 0xf1, 0x68, 0x5f, 0xfc, 0x3f, - 0x02, 0xdb, 0x05, 0xeb, 0x31, 0xe4, 0x2c, 0x7f, - 0x32, 0xb5, 0x70, 0x8e, 0x75, 0x85, 0xa4, 0x5c, - 0x16, 0x23, 0x37, 0xf2, 0x10, 0x79, 0xcb, 0xdc, - 0xf8, 0x1c, 0x25, 0xc2, 0xa1, 0x3d, 0x9c, 0x33, - 0x6c, 0xed, 0xc3, 0xe7, 0xf3, 0x02, 0x87, 0x82, - 0x4e, 0xfb, 0xac, 0xb3, 0x2d, 0xfc, 0xf8, 0x0d, - 0x1d, 0x4a, 0x39, 0xd4, 0xb3, 0x09, 0xbb, 0xe9, - 0x25, 0xc7, 0xec, 0x6a, 0x87, 0x72, 0x84, 0xed, - 0x12, 0x60, 0x19, 0x64, 0xeb, 0x16, 0x2a, 0x5b, - 0x10, 0x76, 0x27, 0xff, 0x7b, 0xe4, 0xae, 0xe5, - 0xa4, 0x04, 0x02, 0x7f, 0xbb, 0x0a, 0xb5, 0xf4, - 0x05, 0xa5, 0x56, 0x1c, 0x53, 0x31, 0x7a, 0x93, - 0xba, 0x16, 0x15, 0xab, 0x62, 0x60, 0xfc, 0xde, - 0x72, 0x36, 0x6e, 0x28, 0xaf, 0x98, 0x0d, 0xe6, - 0xf4, 0xde, 0x60, 0xa7, 0x7e, 0x06, 0x07, 0x86, - 0xf3, 0x94, 0xb6, 0x6d, 0x0d, 0x93, 0xa6, 0xbc, - 0x60, 0x70, 0x33, 0xac, 0x3f, 0xa1, 0xa8, 0x4a, - 0x20, 0x61, 0xb6, 0xb5, 0x43, 0xa3, 0x15, 0x5a, - 0x00, 0xbe, 0x76, 0x98, 0x57, 0x72, 0xab, 0x7a, - 0x0e, 0x18, 0x93, 0x82, 0x3a, 0x18, 0x78, 0x6e, - 0x71, 0x7b, 0x78, 0x4f, 0x7e, 0x8c, 0xde, 0x7a, - 0x62, 0xb5, 0x0a, 0x7c, 0x45, 0x1d, 0x16, 0xd5, - 0xc3, 0x8c, 0x9b, 0x25, 0xb4, 0x50, 0x90, 0xcd, - 0x96, 0x93, 0xad, 0x0f, 0xd4, 0x43, 0xcb, 0x49, - 0x0f, 0xfc, 0x5a, 0x31, 0xf4, 0x19, 0xb7, 0xd4, - 0xeb, 0x4d, 0x40, 0x58, 0xd0, 0x3b, 0xc8, 0xe0, - 0x4a, 0x54, 0x2f, 0xdb, 0x22, 0xc3, 0x29, 0x7b, - 0x40, 0x90, 0x61, 0x43, 0xd3, 0x7e, 0xe2, 0x30, - 0x2b, 0x48, 0x3c, 0xce, 0x90, 0x93, 0xb1, 0x8b, - 0x31, 0x96, 0x65, 0x6d, 0x57, 0x8b, 0x9d, 0x4d, - 0x53, 0xf0, 0x83, 0x1c, 0xe5, 0xa1, 0x9d, 0x55, - 0xe3, 0xbf, 0x7e, 0xca, 0x1a, 0x74, 0x66, 0x14, - 0xcc, 0x47, 0x43, 0xd9, 0xbb, 0xef, 0x97, 0x7d, - 0xb7, 0x6e, 0xff, 0xf1, 0x22, 0xf8, 0x10, 0x2d, - 0x3f, 0xcd, 0x49, 0x96, 0xd9, 0x09, 0x11, 0xb8, - 0x33, 0xd0, 0x23, 0x9a, 0xfa, 0x16, 0xcb, 0x50, - 0x26, 0x57, 0x24, 0x5c, 0x0e, 0xba, 0xf0, 0x3f, - 0x37, 0x2f, 0xa3, 0xf7, 0x18, 0x57, 0x48, 0x48, - 0x95, 0xcf, 0xef, 0x87, 0x67, 0x2a, 0xe9, 0xb6, - 0x8a, 0x21, 0x36, 0x7f, 0xff, 0x48, 0x6c, 0x46, - 0x35, 0x57, 0xf2, 0xbc, 0x48, 0x67, 0x8f, 0x63, - 0x23, 0x78, 0x11, 0x2b, 0xc2, 0x08, 0xde, 0x51, - 0xe8, 0x8b, 0x92, 0x29, 0xf9, 0x9a, 0x9e, 0xad, - 0xed, 0x0f, 0xeb, 0xa2, 0xd2, 0x40, 0x92, 0xd4, - 0xde, 0x62, 0x95, 0x76, 0xfd, 0x6e, 0x3c, 0xbf, - 0xc0, 0xd7, 0x0d, 0xe5, 0x1b, 0xa4, 0xc7, 0x18, - 0xe1, 0x58, 0xa4, 0x56, 0xef, 0x2e, 0x17, 0x1b, - 0x75, 0xcb, 0xbc, 0xf9, 0x2a, 0x95, 0x71, 0xa7, - 0x1d, 0x7f, 0xe7, 0x73, 0x63, 0x05, 0x6b, 0x19, - 0x4c, 0xf4, 0x22, 0x14, 0xc4, 0x59, 0x88, 0x66, - 0x92, 0x86, 0x61, 0x5c, 0x6a, 0xae, 0xec, 0x58, - 0xff, 0xc9, 0xf2, 0x44, 0xd4, 0xa2, 0xf5, 0x98, - 0xeb, 0x5f, 0x09, 0xbc, 0x8a, 0xbf, 0x3c, 0xb4, - 0x3e, 0xb1, 0x20, 0x05, 0x44, 0x96, 0x79, 0x0a, - 0x40, 0x92, 0x7f, 0x9d, 0xd1, 0xaf, 0xbc, 0x90, - 0x95, 0x0a, 0x81, 0xd4, 0xa7, 0xc6, 0xb8, 0xe0, - 0xe4, 0x39, 0x30, 0x1d, 0x79, 0xc0, 0xe5, 0xfa, - 0xb4, 0xe9, 0x63, 0xb4, 0x09, 0x72, 0x3b, 0x3e, - 0xd9, 0xf6, 0xd9, 0x10, 0x21, 0x18, 0x7e, 0xe5, - 0xad, 0x81, 0xd7, 0xd5, 0x82, 0xd0, 0x8c, 0x3b, - 0x38, 0x95, 0xf8, 0x92, 0x01, 0xa9, 0x92, 0x00, - 0x70, 0xd1, 0xa7, 0x88, 0x77, 0x1f, 0x3a, 0xeb, - 0xb5, 0xe4, 0xf5, 0x9d, 0xc7, 0x37, 0x86, 0xb2, - 0x12, 0x46, 0x34, 0x19, 0x72, 0x8c, 0xf5, 0x8c, - 0xf6, 0x78, 0x98, 0xe0, 0x7c, 0xd3, 0xf4}, - "id-Gost28147-89-CryptoPro-B-ParamSet", - "testcfb2", - { - 0x48, 0x0c, 0x74, 0x1b, 0x02, 0x6b, 0x55, 0xd5, - 0xb6, 0x6d, 0xd7, 0x1d, 0x40, 0x48, 0x05, 0x6b, - 0x6d, 0xeb, 0x3c, 0x29, 0x0f, 0x84, 0x80, 0x23, - 0xee, 0x0d, 0x47, 0x77, 0xe3, 0xfe, 0x61, 0xc9}, - G89_CFB, - { - 0x1f, 0x3f, 0x82, 0x1e, 0x0d, 0xd8, 0x1e, 0x22}, - { - 0x23, 0xc6, 0x7f, 0x20, 0xa1, 0x23, 0x58, 0xbc, - 0x7b, 0x05, 0xdb, 0x21, 0x15, 0xcf, 0x96, 0x41, - 0xc7, 0x88, 0xef, 0x76, 0x5c, 0x49, 0xdb, 0x42, - 0xbf, 0xf3, 0xc0, 0xf5, 0xbd, 0x5d, 0xd9, 0x8e, - 0xaf, 0x3d, 0xf4, 0xe4, 0xda, 0x88, 0xbd, 0xbc, - 0x47, 0x5d, 0x76, 0x07, 0xc9, 0x5f, 0x54, 0x1d, - 0x1d, 0x6a, 0xa1, 0x2e, 0x18, 0xd6, 0x60, 0x84, - 0x02, 0x18, 0x37, 0x92, 0x92, 0x15, 0xab, 0x21, - 0xee, 0x21, 0xcc, 0x71, 0x6e, 0x51, 0xd9, 0x2b, - 0xcc, 0x81, 0x97, 0x3f, 0xeb, 0x45, 0x99, 0xb8, - 0x1b, 0xda, 0xff, 0x90, 0xd3, 0x41, 0x06, 0x9c, - 0x3f, 0xfb, 0xe4, 0xb2, 0xdc, 0xc9, 0x03, 0x0d, - 0xa7, 0xae, 0xd7, 0x7d, 0x02, 0xb8, 0x32, 0xab, - 0xf3, 0x65, 0xa3, 0x65, 0x6c, 0x4e, 0xe4, 0xa2, - 0x5e, 0x9e, 0xee, 0xcd, 0xde, 0x79, 0x36, 0x6b, - 0x1b, 0xe1, 0x3c, 0xdf, 0x10, 0xad, 0x4f, 0x02, - 0xe1, 0x14, 0xaa, 0x09, 0xb4, 0x0b, 0x76, 0xeb, - 0x69, 0x38, 0x20, 0x02, 0xcb, 0x8e, 0xc0, 0xdf, - 0xca, 0x48, 0x74, 0xc3, 0x31, 0xad, 0x42, 0x2c, - 0x51, 0x9b, 0xd0, 0x6a, 0xc1, 0x36, 0xd7, 0x21, - 0xdf, 0xb0, 0x45, 0xba, 0xca, 0x7f, 0x35, 0x20, - 0x28, 0xbb, 0xc1, 0x76, 0xfd, 0x43, 0x5d, 0x23, - 0x7d, 0x31, 0x84, 0x1a, 0x97, 0x4d, 0x83, 0xaa, - 0x7e, 0xf1, 0xc4, 0xe6, 0x83, 0xac, 0x0d, 0xef, - 0xef, 0x3c, 0xa4, 0x7c, 0x48, 0xe4, 0xc8, 0xca, - 0x0d, 0x7d, 0xea, 0x7c, 0x45, 0xd7, 0x73, 0x50, - 0x25, 0x1d, 0x01, 0xc4, 0x02, 0x1a, 0xcd, 0xe0, - 0x38, 0x5b, 0xa8, 0x5a, 0x16, 0x9a, 0x10, 0x59, - 0x74, 0xd7, 0x19, 0xc6, 0xf3, 0xb5, 0x17, 0xf6, - 0x59, 0x8d, 0x62, 0xaf, 0x44, 0xe8, 0xdc, 0xe9, - 0xc1, 0x76, 0xf1, 0xd0, 0xbd, 0x29, 0xd7, 0xec, - 0x1d, 0xac, 0x57, 0xdb, 0x1a, 0x3f, 0xd8, 0xf6, - 0x6e, 0xb6, 0xe6, 0xdf, 0x36, 0xe7, 0x89, 0xce, - 0x56, 0x35, 0x43, 0x1c, 0x7d, 0x57, 0x79, 0x0e, - 0xd8, 0xf4, 0xd7, 0xa7, 0x0d, 0xc6, 0x8f, 0x91, - 0x66, 0x67, 0x82, 0x0f, 0x49, 0xc9, 0xc5, 0x65, - 0x81, 0xa1, 0x39, 0x5a, 0x53, 0x9f, 0x02, 0xa5, - 0xd5, 0x36, 0x22, 0xa8, 0xa8, 0x1c, 0x37, 0x0e, - 0x76, 0x46, 0xdf, 0xbd, 0x6a, 0xdb, 0xfc, 0x1b, - 0xbd, 0x10, 0xb8, 0xb1, 0xbc, 0x72, 0x4c, 0x58, - 0x4a, 0xda, 0x6d, 0x66, 0x00, 0xda, 0x7a, 0x66, - 0xa0, 0xe7, 0x3b, 0x39, 0xa3, 0xf7, 0x05, 0x07, - 0xfa, 0x21, 0x4b, 0xc7, 0x94, 0xc0, 0xd3, 0x7b, - 0x19, 0x02, 0x5d, 0x4a, 0x10, 0xf1, 0xc2, 0x0f, - 0x19, 0x68, 0x27, 0xc7, 0x7d, 0xbf, 0x55, 0x03, - 0x57, 0x7d, 0xaf, 0x77, 0xae, 0x80, 0x2f, 0x7a, - 0xe6, 0x1f, 0x4b, 0xdc, 0x15, 0x18, 0xc0, 0x62, - 0xa1, 0xe8, 0xd9, 0x1c, 0x9e, 0x8c, 0x96, 0x39, - 0xc1, 0xc4, 0x88, 0xf7, 0x0c, 0xe1, 0x04, 0x84, - 0x68, 0x51, 0xce, 0xf1, 0x90, 0xda, 0x7f, 0x76, - 0xc8, 0xc0, 0x88, 0xef, 0x8e, 0x15, 0x25, 0x3e, - 0x7b, 0xe4, 0x79, 0xb5, 0x66, 0x2d, 0x9c, 0xd1, - 0x13, 0xda, 0xd0, 0xd5, 0x46, 0xd5, 0x8d, 0x46, - 0x18, 0x07, 0xee, 0xd8, 0xc9, 0x64, 0xe3, 0xbe, - 0x0e, 0x68, 0x27, 0x09, 0x96, 0x26, 0xf6, 0xe2, - 0x19, 0x61, 0x3f, 0xf4, 0x58, 0x27, 0x0a, 0xeb, - 0xce, 0x7c, 0xb6, 0x68, 0x92, 0xe7, 0x12, 0x3b, - 0x31, 0xd4, 0x48, 0xdf, 0x35, 0x8d, 0xf4, 0x86, - 0x42, 0x2a, 0x15, 0x4b, 0xe8, 0x19, 0x1f, 0x26, - 0x65, 0x9b, 0xa8, 0xda, 0x4b, 0x79, 0x1f, 0x8e, - 0xe6, 0x13, 0x7e, 0x49, 0x8f, 0xc1, 0xce, 0xdc, - 0x5e, 0x64, 0x74, 0xce, 0x02, 0x78, 0xe0, 0xcf, - 0xa0, 0xed, 0x5e, 0x31, 0x74, 0xd1, 0xd0, 0xb4, - 0xee, 0x70, 0x19, 0x14, 0x3c, 0x8f, 0x16, 0xa6, - 0xcf, 0x12, 0x93, 0x15, 0x88, 0xeb, 0x91, 0x65, - 0x76, 0x98, 0xfd, 0xa1, 0x94, 0x30, 0xba, 0x43, - 0x62, 0x65, 0x40, 0x04, 0x77, 0x9e, 0xd6, 0xab, - 0x8b, 0x0d, 0x93, 0x80, 0x50, 0x5f, 0xa2, 0x76, - 0x20, 0xa7, 0xd6, 0x9c, 0x27, 0x15, 0x27, 0xbc, - 0xa5, 0x5a, 0xbf, 0xe9, 0x92, 0x82, 0x05, 0xa8, - 0x41, 0xe9, 0xb5, 0x60, 0xd5, 0xc0, 0xd7, 0x4b, - 0xad, 0x38, 0xb2, 0xe9, 0xd1, 0xe5, 0x51, 0x5f, - 0x24, 0x78, 0x24, 0x9a, 0x23, 0xd2, 0xc2, 0x48, - 0xbd, 0x0e, 0xf1, 0x37, 0x72, 0x91, 0x87, 0xb0, - 0x4e, 0xbd, 0x99, 0x6b, 0x2c, 0x01, 0xb6, 0x79, - 0x69, 0xec, 0x0c, 0xed, 0xe5, 0x3f, 0x50, 0x64, - 0x7c, 0xb9, 0xdd, 0xe1, 0x92, 0x81, 0xb5, 0xd0, - 0xcb, 0x17, 0x83, 0x86, 0x8b, 0xea, 0x4f, 0x93, - 0x08, 0xbc, 0x22, 0x0c, 0xef, 0xe8, 0x0d, 0xf5, - 0x9e, 0x23, 0xe1, 0xf9, 0xb7, 0x6b, 0x45, 0x0b, - 0xcb, 0xa9, 0xb6, 0x4d, 0x28, 0x25, 0xba, 0x3e, - 0x86, 0xf2, 0x75, 0x47, 0x5d, 0x9d, 0x6b, 0xf6, - 0x8a, 0x05, 0x58, 0x73, 0x3d, 0x00, 0xde, 0xfd, - 0x69, 0xb1, 0x61, 0x16, 0xf5, 0x2e, 0xb0, 0x9f, - 0x31, 0x6a, 0x00, 0xb9, 0xef, 0x71, 0x63, 0x47, - 0xa3, 0xca, 0xe0, 0x40, 0xa8, 0x7e, 0x02, 0x04, - 0xfe, 0xe5, 0xce, 0x48, 0x73, 0xe3, 0x94, 0xcf, - 0xe2, 0xff, 0x29, 0x7e, 0xf6, 0x32, 0xbb, 0xb7, - 0x55, 0x12, 0x21, 0x7a, 0x9c, 0x75, 0x04, 0x0c, - 0xb4, 0x7c, 0xb0, 0x3d, 0x40, 0xb3, 0x11, 0x9a, - 0x7a, 0x9a, 0x13, 0xfb, 0x77, 0xa7, 0x51, 0x68, - 0xf7, 0x05, 0x47, 0x3b, 0x0f, 0x52, 0x5c, 0xe6, - 0xc2, 0x99, 0x3a, 0x37, 0x54, 0x5c, 0x4f, 0x2b, - 0xa7, 0x01, 0x08, 0x74, 0xbc, 0x91, 0xe3, 0xe2, - 0xfe, 0x65, 0x94, 0xfd, 0x3d, 0x18, 0xe0, 0xf0, - 0x62, 0xed, 0xc2, 0x10, 0x82, 0x9c, 0x58, 0x7f, - 0xb2, 0xa3, 0x87, 0x8a, 0x74, 0xd9, 0xc1, 0xfb, - 0x84, 0x28, 0x17, 0xc7, 0x2b, 0xcb, 0x53, 0x1f, - 0x4e, 0x8a, 0x82, 0xfc, 0xb4, 0x3f, 0xc1, 0x47, - 0x25, 0xf3, 0x21, 0xdc, 0x4c, 0x2d, 0x08, 0xfa, - 0xe7, 0x0f, 0x03, 0xa9, 0x68, 0xde, 0x6b, 0x41, - 0xa0, 0xf9, 0x41, 0x6c, 0x57, 0x4d, 0x3a, 0x0e, - 0xea, 0x51, 0xca, 0x9f, 0x97, 0x11, 0x7d, 0xf6, - 0x8e, 0x88, 0x63, 0x67, 0xc9, 0x65, 0x13, 0xca, - 0x38, 0xed, 0x35, 0xbe, 0xf4, 0x27, 0xa9, 0xfc, - 0xa9, 0xe6, 0xc3, 0x40, 0x86, 0x08, 0x39, 0x72, - 0x37, 0xee, 0xb2, 0x87, 0x09, 0x96, 0xb7, 0x40, - 0x87, 0x36, 0x92, 0xc1, 0x5d, 0x6a, 0x2c, 0x43, - 0xca, 0x25, 0xc8, 0x35, 0x37, 0x2d, 0xb5, 0xa9, - 0x27, 0x44, 0x50, 0xf2, 0x6d, 0x22, 0x75, 0x41, - 0x77, 0x2a, 0xdb, 0xb1, 0x8c, 0x6d, 0x05, 0xe8, - 0xc9, 0x99, 0xc7, 0x08, 0xf9, 0x14, 0x8f, 0x78, - 0xa9, 0x8f, 0xc2, 0x5a, 0x7a, 0x65, 0xc5, 0xd8, - 0x86, 0xbb, 0x72, 0x69, 0x6b, 0x6b, 0x45, 0x83, - 0x5b, 0xb1, 0xf7, 0xcd, 0x16, 0x73, 0xee, 0xe9, - 0x80, 0x85, 0xfe, 0x8e, 0xe1, 0xae, 0x53, 0x8f, - 0xde, 0xbe, 0x48, 0x8b, 0x59, 0xef, 0xf6, 0x7e, - 0xd8, 0xb5, 0xa8, 0x47, 0xc0, 0x4e, 0x15, 0x58, - 0xca, 0xd3, 0x2f, 0xf8, 0x6c, 0xa6, 0x3d, 0x78, - 0x4d, 0x7a, 0x54, 0xd6, 0x10, 0xe5, 0xcc, 0x05, - 0xe2, 0x29, 0xb5, 0x86, 0x07, 0x39, 0x7d, 0x78, - 0x8e, 0x5a, 0x8f, 0x83, 0x4c, 0xe7, 0x3d, 0x68, - 0x3e, 0xe5, 0x02, 0xe6, 0x64, 0x4f, 0x5e, 0xb4, - 0x49, 0x77, 0xf0, 0xc0, 0xfa, 0x6f, 0xc8, 0xfb, - 0x9f, 0x84, 0x6f, 0x55, 0xfb, 0x30, 0x5e, 0x89, - 0x93, 0xa9, 0xf3, 0xa6, 0xa3, 0xd7, 0x26, 0xbb, - 0xd8, 0xa8, 0xd9, 0x95, 0x1d, 0xfe, 0xfc, 0xd7, - 0xa8, 0x93, 0x66, 0x2f, 0x04, 0x53, 0x06, 0x64, - 0x7f, 0x31, 0x29, 0xae, 0xb7, 0x9f, 0xba, 0xc4, - 0x6d, 0x68, 0xd1, 0x24, 0x32, 0xf4, 0x11} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 4, - { - 0x07, 0x9c, 0x91, 0xbe}, - "id-Gost28147-89-CryptoPro-C-ParamSet", - "testcfb3", - { - 0x77, 0xc3, 0x45, 0x8e, 0xf6, 0x42, 0xe7, 0x04, - 0x8e, 0xfc, 0x08, 0xe4, 0x70, 0x96, 0xd6, 0x05, - 0x93, 0x59, 0x02, 0x6d, 0x6f, 0x97, 0xca, 0xe9, - 0xcf, 0x89, 0x44, 0x4b, 0xde, 0x6c, 0x22, 0x1d}, - G89_CFB, - { - 0x43, 0x7c, 0x3e, 0x8e, 0x2f, 0x2a, 0x00, 0x98}, - { - 0x19, 0x35, 0x81, 0x34} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 9, - { - 0x2f, 0x31, 0xd8, 0x83, 0xb4, 0x20, 0xe8, 0x6e, - 0xda}, - "id-Gost28147-89-CryptoPro-D-ParamSet", - "testcfb4", - { - 0x38, 0x9f, 0xe8, 0x37, 0xff, 0x9c, 0x5d, 0x29, - 0xfc, 0x48, 0x55, 0xa0, 0x87, 0xea, 0xe8, 0x40, - 0x20, 0x87, 0x5b, 0xb2, 0x01, 0x15, 0x55, 0xa7, - 0xe3, 0x2d, 0xcb, 0x3d, 0xd6, 0x59, 0x04, 0x73}, - G89_CFB, - { - 0xc5, 0xa2, 0xd2, 0x1f, 0x2f, 0xdf, 0xb8, 0xeb}, - { - 0x6d, 0xa4, 0xed, 0x40, 0x08, 0x88, 0x71, 0xad, - 0x16} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880 + 8, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mcfb", - { - 0x61, 0x58, 0x44, 0x5a, 0x41, 0xf6, 0xc7, 0x0f, - 0x6b, 0xdb, 0x51, 0x91, 0x6a, 0xf6, 0x81, 0x30, - 0x8c, 0xa7, 0x98, 0xdd, 0x38, 0x35, 0x8a, 0x60, - 0x85, 0xb4, 0xf0, 0xf9, 0x43, 0xa2, 0x7d, 0x9a}, - G89_CFB, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x1c, 0x16, 0xa0, 0xe9, 0x63, 0x94, 0xfe, 0x38, - 0x37, 0xa7, 0x9b, 0x70, 0x25, 0x2e, 0xd6, 0x00} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4294967296) + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gcfb", - { - 0xae, 0x57, 0xa2, 0xdd, 0xa4, 0xef, 0x4f, 0x96, - 0xb8, 0x94, 0xa5, 0xd1, 0x1b, 0xc8, 0x9b, 0x42, - 0xa5, 0x24, 0xcc, 0x89, 0x5c, 0xb8, 0x92, 0x52, - 0xc1, 0x12, 0x6a, 0xb0, 0x9a, 0x26, 0xe8, 0x06}, - G89_CFB, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x2e, 0x62, 0xb0, 0x2e, 0xc7, 0x87, 0x4b, 0x29, - 0x33, 0x16, 0x6b, 0xb4, 0xd6, 0x61, 0x66, 0xd9} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1037, - { - 0x3d, 0x0b, 0x69, 0xf7, 0xa8, 0xe4, 0xfc, 0x99, - 0x22, 0x2e, 0xee, 0xd1, 0x63, 0x12, 0xfe, 0xa8, - 0x9d, 0xcb, 0x6c, 0x4d, 0x48, 0x8c, 0xe8, 0xbd, - 0x8b, 0x60, 0xf1, 0xbf, 0x7b, 0xe3, 0x79, 0xd5, - 0x2b, 0x25, 0x97, 0x13, 0xef, 0x35, 0xda, 0xf4, - 0xbc, 0x77, 0xce, 0xea, 0xe9, 0x3f, 0xa4, 0xb6, - 0x01, 0xd5, 0x73, 0x29, 0x58, 0xda, 0xd7, 0x67, - 0x17, 0xac, 0xe4, 0x75, 0x2f, 0x57, 0x23, 0xac, - 0x96, 0x21, 0xc7, 0x62, 0x2d, 0xf7, 0x32, 0xb5, - 0x44, 0x5f, 0x72, 0xb1, 0x5f, 0xba, 0x1b, 0x1e, - 0xdb, 0x4a, 0x09, 0x8c, 0x92, 0x61, 0xa2, 0xb0, - 0x49, 0x68, 0xe5, 0xb3, 0xa2, 0x8f, 0x13, 0x4b, - 0xf5, 0x4d, 0x84, 0xda, 0xab, 0xa0, 0xb6, 0xd1, - 0x5a, 0x63, 0x19, 0xe8, 0xa2, 0x09, 0xf6, 0x76, - 0x6f, 0x9b, 0x48, 0x0a, 0x15, 0x5d, 0xb7, 0x20, - 0x21, 0x9a, 0x2e, 0xb9, 0x6d, 0xfa, 0x1e, 0xc2, - 0x0e, 0xef, 0x15, 0xab, 0x59, 0x01, 0xfe, 0x43, - 0x90, 0xf2, 0x62, 0xca, 0x4a, 0x9a, 0x48, 0x38, - 0xab, 0x6f, 0x9d, 0x21, 0xb3, 0xad, 0xa7, 0x60, - 0x46, 0xe3, 0xef, 0xd0, 0xe3, 0x1d, 0xc5, 0xe1, - 0xb8, 0xa1, 0xe2, 0x99, 0x20, 0xc5, 0x76, 0xcc, - 0xaa, 0x8a, 0xa9, 0x45, 0x55, 0xa0, 0x78, 0x00, - 0x64, 0xde, 0xcf, 0x5b, 0xdf, 0x26, 0x48, 0xcd, - 0xba, 0x8a, 0xb5, 0xfb, 0xfd, 0x4a, 0xd5, 0xc4, - 0xe0, 0x43, 0xa6, 0x71, 0x90, 0xa4, 0x8b, 0xca, - 0x2e, 0x88, 0x7b, 0xac, 0xb2, 0xdc, 0xf2, 0x01, - 0xcb, 0xda, 0x6e, 0x91, 0x27, 0x28, 0x44, 0x88, - 0x9a, 0xd2, 0x12, 0xf1, 0xa6, 0xf5, 0xb7, 0x61, - 0xce, 0x79, 0x62, 0x52, 0x3c, 0xe6, 0x14, 0x73, - 0xd1, 0x41, 0x92, 0x50, 0xbd, 0xdc, 0x3b, 0xd0, - 0xa7, 0x11, 0x8c, 0x3a, 0xe4, 0x2d, 0xf2, 0x52, - 0xd3, 0x2f, 0x7c, 0x8e, 0x54, 0x90, 0x4e, 0x23, - 0xae, 0xb3, 0xa0, 0xf3, 0x25, 0x7e, 0x66, 0xaa, - 0x0f, 0x6f, 0x81, 0x72, 0x77, 0xbb, 0xd3, 0x47, - 0xe8, 0x05, 0xff, 0xe1, 0x5b, 0xc9, 0x37, 0x50, - 0x33, 0x49, 0x17, 0xaf, 0xab, 0x1d, 0xe1, 0x15, - 0xf2, 0xe5, 0x98, 0x5e, 0x2d, 0x05, 0x1f, 0x0d, - 0x55, 0x97, 0xed, 0xff, 0x5e, 0xe0, 0x0f, 0xc3, - 0x9c, 0xbd, 0x82, 0xc2, 0x06, 0xbe, 0x45, 0x66, - 0xae, 0x33, 0xbe, 0x28, 0x48, 0xe9, 0x2d, 0x1a, - 0xe6, 0x65, 0x8e, 0xdf, 0x76, 0x03, 0x73, 0x4b, - 0xc0, 0x80, 0x71, 0xf9, 0xac, 0xba, 0xa0, 0xb0, - 0x19, 0x1a, 0x0a, 0xd4, 0x35, 0x12, 0x88, 0x76, - 0x05, 0x75, 0x8f, 0x7c, 0xb5, 0xf0, 0x19, 0x75, - 0x6d, 0x05, 0xcb, 0x0d, 0xbc, 0x8d, 0xe9, 0xf0, - 0xd4, 0xdb, 0x3c, 0x3c, 0x29, 0x8e, 0x2c, 0x32, - 0x1d, 0xf7, 0xb6, 0x49, 0xcf, 0xdb, 0x63, 0xee, - 0x3c, 0xfa, 0x33, 0x73, 0x6f, 0xe4, 0x97, 0x4e, - 0x2f, 0xc9, 0x4c, 0x5c, 0x65, 0xfe, 0xea, 0xfb, - 0xc6, 0xdd, 0xc1, 0x1c, 0x47, 0x3f, 0xf4, 0x50, - 0x2f, 0xde, 0x1b, 0x5b, 0x0b, 0x16, 0xca, 0xb6, - 0x46, 0x44, 0xf2, 0xc1, 0x0d, 0xa1, 0x1d, 0xa6, - 0xdb, 0xf0, 0x3d, 0xb1, 0x6c, 0x05, 0x31, 0x85, - 0x8e, 0x74, 0xae, 0xf2, 0x39, 0x26, 0xf7, 0xc1, - 0xe7, 0x4c, 0xdd, 0x9d, 0x40, 0xb8, 0xf3, 0xc5, - 0xc2, 0x16, 0x64, 0x6b, 0xaa, 0xdb, 0x4b, 0x82, - 0x5c, 0xd3, 0x02, 0xd3, 0x8f, 0x26, 0x79, 0x8d, - 0xb0, 0x78, 0x70, 0x19, 0x58, 0x0c, 0xb4, 0x31, - 0x88, 0x44, 0x1c, 0x91, 0x6f, 0xf4, 0x52, 0x39, - 0xa8, 0xf5, 0xc0, 0x1b, 0xfe, 0xf2, 0x0e, 0x4b, - 0xac, 0x0a, 0xc2, 0x7e, 0x9c, 0x9b, 0xeb, 0x5d, - 0x4e, 0x4f, 0x42, 0xd8, 0x71, 0x0a, 0x97, 0x27, - 0x03, 0x14, 0x96, 0xa6, 0x3d, 0x04, 0xea, 0x9f, - 0x14, 0x14, 0x27, 0x4c, 0xd9, 0xa2, 0x89, 0x5f, - 0x65, 0x4a, 0xe1, 0x9d, 0x2c, 0xb8, 0xf8, 0xd4, - 0x8f, 0x2a, 0x57, 0x36, 0xcc, 0x06, 0x9c, 0x2c, - 0xc5, 0x13, 0x16, 0xdf, 0xfc, 0xae, 0x22, 0x16, - 0xa8, 0x2b, 0x71, 0x6f, 0x1d, 0xb3, 0x47, 0x54, - 0x3f, 0x2d, 0x0a, 0x68, 0x9f, 0x2e, 0xf6, 0x90, - 0xd8, 0xa1, 0x21, 0x09, 0xd4, 0x97, 0xb9, 0x7b, - 0x7f, 0x9b, 0x6a, 0xed, 0xd1, 0xf0, 0xe3, 0xb6, - 0x28, 0xc7, 0x62, 0x82, 0x00, 0xc9, 0x38, 0xa1, - 0x82, 0x78, 0xce, 0x87, 0xc8, 0x53, 0xac, 0x4f, - 0x2e, 0x31, 0xb9, 0x50, 0x7f, 0x36, 0x00, 0x4a, - 0x32, 0xe6, 0xd8, 0xbb, 0x59, 0x45, 0x0e, 0x91, - 0x1b, 0x38, 0xa9, 0xbc, 0xb9, 0x5e, 0x6c, 0x6a, - 0x9c, 0x03, 0x01, 0x1c, 0xde, 0xe8, 0x1f, 0x1e, - 0xe3, 0xde, 0x25, 0xa2, 0x56, 0x79, 0xe1, 0xbd, - 0x58, 0xc4, 0x93, 0xe6, 0xd0, 0x8a, 0x4d, 0x08, - 0xab, 0xf7, 0xaa, 0xc3, 0x7d, 0xc1, 0xee, 0x68, - 0x37, 0xbc, 0x78, 0x0b, 0x19, 0x68, 0x2b, 0x2b, - 0x2e, 0x6d, 0xc4, 0x6f, 0xaa, 0x3b, 0xc6, 0x19, - 0xcb, 0xf1, 0x58, 0xb9, 0x60, 0x85, 0x45, 0xae, - 0x52, 0x97, 0xba, 0x24, 0x32, 0x13, 0x72, 0x16, - 0x6e, 0x7b, 0xc1, 0x98, 0xac, 0xb1, 0xed, 0xb4, - 0xcc, 0x6c, 0xcf, 0x45, 0xfc, 0x50, 0x89, 0x80, - 0x8e, 0x7a, 0xa4, 0xd3, 0x64, 0x50, 0x63, 0x37, - 0xc9, 0x6c, 0xf1, 0xc4, 0x3d, 0xfb, 0xde, 0x5a, - 0x5c, 0xa8, 0x21, 0x35, 0xe6, 0x2e, 0x8c, 0x2a, - 0x3c, 0x12, 0x17, 0x79, 0x9a, 0x0d, 0x2e, 0x79, - 0xeb, 0x67, 0x1f, 0x2b, 0xf8, 0x6e, 0xca, 0xc1, - 0xfa, 0x45, 0x18, 0x9e, 0xdf, 0x6a, 0xe6, 0xcb, - 0xe9, 0x5c, 0xc3, 0x09, 0xaf, 0x93, 0x58, 0x13, - 0xbf, 0x90, 0x84, 0x87, 0x75, 0xd6, 0x82, 0x28, - 0x8d, 0xe7, 0x2f, 0xa3, 0xfb, 0x97, 0x74, 0x2a, - 0x73, 0x04, 0x82, 0x06, 0x76, 0x69, 0xb1, 0x0b, - 0x19, 0xfc, 0xae, 0xb3, 0xdd, 0x2a, 0xe5, 0xc1, - 0x05, 0xd8, 0x80, 0x95, 0x22, 0x90, 0x71, 0xfc, - 0xc2, 0x92, 0x42, 0xfd, 0xf1, 0x70, 0xb4, 0x68, - 0x88, 0xa4, 0x9e, 0x0a, 0x24, 0x40, 0x13, 0xc8, - 0xa2, 0x56, 0x4f, 0x39, 0xe6, 0x06, 0xf1, 0xdc, - 0xf5, 0x13, 0x0e, 0xad, 0x9c, 0x8b, 0xaf, 0xe9, - 0xe3, 0x88, 0x72, 0xff, 0xa0, 0x6d, 0xda, 0x08, - 0x70, 0xb9, 0x2e, 0x83, 0xc5, 0xbb, 0x32, 0xa5, - 0x74, 0xc7, 0xfb, 0x7b, 0x76, 0xaf, 0x02, 0xbb, - 0x2b, 0xb8, 0x5e, 0x65, 0x02, 0xfe, 0x0e, 0xa0, - 0x99, 0xce, 0x01, 0x3b, 0x35, 0xe1, 0xb0, 0x22, - 0xe5, 0x94, 0xbd, 0xdd, 0x8e, 0xbb, 0xf6, 0x75, - 0xbf, 0xbf, 0xee, 0x7a, 0xb1, 0x58, 0xb4, 0x81, - 0xb8, 0x39, 0x3e, 0xb6, 0x1e, 0xde, 0xda, 0x1b, - 0xd5, 0xf7, 0xdd, 0x7d, 0x65, 0x9c, 0xaa, 0x56, - 0x93, 0xb8, 0xaf, 0x48, 0x53, 0xc7, 0x22, 0xe4, - 0x1c, 0xdf, 0xe9, 0x79, 0xb4, 0x20, 0x89, 0xcc, - 0x2a, 0x79, 0x2c, 0x09, 0xbe, 0x78, 0xcf, 0xcc, - 0xf2, 0x90, 0xd6, 0x65, 0xc5, 0x29, 0xfc, 0xda, - 0x69, 0xfc, 0xc0, 0xd6, 0x70, 0x99, 0x61, 0x3f, - 0x60, 0x02, 0xd8, 0x12, 0x22, 0xc8, 0x34, 0xc6, - 0x3b, 0xb3, 0xc2, 0x33, 0xa1, 0x5c, 0x8f, 0x4c, - 0xd1, 0x52, 0x72, 0xf2, 0x42, 0x05, 0x8e, 0x18, - 0x1f, 0x16, 0xda, 0xb8, 0x53, 0xa1, 0x5f, 0x01, - 0x32, 0x1b, 0x90, 0xb3, 0x53, 0x9b, 0xd0, 0x85, - 0x61, 0x2d, 0x17, 0xed, 0x0a, 0xa4, 0xa5, 0x27, - 0x09, 0x75, 0x7c, 0xbc, 0x30, 0xf7, 0x5e, 0x59, - 0x9a, 0x07, 0x96, 0x84, 0x28, 0x86, 0x4b, 0xa7, - 0x22, 0x35, 0x28, 0xc7, 0xed, 0x0d, 0xc3, 0xce, - 0x98, 0xcc, 0x2d, 0xec, 0xd4, 0x98, 0x09, 0x8e, - 0x52, 0x5f, 0x2b, 0x9a, 0x13, 0xbe, 0x99, 0x16, - 0x73, 0xd1, 0x1f, 0x81, 0xe5, 0xa2, 0x08, 0x78, - 0xcb, 0x0c, 0x20, 0xd4, 0xa5, 0xea, 0x4b, 0x5b, - 0x95, 0x5a, 0x92, 0x9a, 0x52}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testcnt2", - { - 0x1b, 0x5d, 0xdb, 0x77, 0xcf, 0xf9, 0xec, 0x95, - 0x5e, 0xcc, 0x67, 0x9f, 0x5d, 0x28, 0xad, 0x4a, - 0x27, 0xf4, 0x32, 0xc6, 0xb2, 0xcb, 0xb1, 0x45, - 0x6a, 0x88, 0x14, 0x0c, 0x9b, 0x9b, 0x5f, 0x48}, - G89_CNT, - { - 0x71, 0x58, 0x8c, 0xe1, 0x55, 0xf4, 0xf6, 0xb3}, - { - 0x8e, 0xcd, 0x8f, 0xc8, 0xac, 0xe1, 0x15, 0x48, - 0x2d, 0xae, 0x24, 0x8a, 0xc7, 0xfb, 0xba, 0x0f, - 0x1d, 0x8a, 0x95, 0xa2, 0x43, 0xef, 0xcb, 0xdc, - 0x59, 0x57, 0xa7, 0xc7, 0x0e, 0xe3, 0xe2, 0xb9, - 0x0d, 0x86, 0x29, 0x62, 0xcb, 0x83, 0x4d, 0x07, - 0x0c, 0x40, 0xd4, 0x7b, 0x2e, 0xca, 0xba, 0xbf, - 0x4a, 0x60, 0x3b, 0x31, 0x98, 0xc8, 0x88, 0x47, - 0xd9, 0x82, 0xab, 0xfc, 0x8f, 0x48, 0xe2, 0x46, - 0xab, 0xd3, 0xa1, 0xab, 0x8a, 0x05, 0x22, 0x8c, - 0xf4, 0xec, 0x9a, 0x1e, 0x76, 0xab, 0x1a, 0x60, - 0xd9, 0x25, 0x6b, 0xb8, 0x56, 0xe5, 0xb2, 0xea, - 0x10, 0xf3, 0x62, 0x04, 0x32, 0x5e, 0xaa, 0x3b, - 0x7b, 0x57, 0xbc, 0x3b, 0x8b, 0x43, 0x47, 0xf2, - 0xd5, 0x03, 0x7e, 0x51, 0x01, 0xff, 0x77, 0x28, - 0xca, 0x90, 0xa3, 0xfe, 0x7e, 0x2e, 0x70, 0x16, - 0x75, 0x18, 0x44, 0xf0, 0x1b, 0x85, 0x05, 0xea, - 0xe3, 0x21, 0xf7, 0x26, 0x86, 0x76, 0x3c, 0x67, - 0x9d, 0xfc, 0xbc, 0x10, 0x7f, 0x77, 0xe4, 0xed, - 0xd3, 0x12, 0xf8, 0x83, 0x00, 0x1f, 0x4b, 0x92, - 0x95, 0x92, 0x5c, 0xf3, 0x5a, 0xf3, 0xb7, 0xd0, - 0xa9, 0x5f, 0xf2, 0x18, 0xc4, 0x66, 0x62, 0xc1, - 0x84, 0x0e, 0x66, 0xe8, 0x80, 0x7d, 0x1f, 0xf0, - 0xba, 0x01, 0x9b, 0x71, 0xae, 0x93, 0xcc, 0x27, - 0x54, 0x34, 0x9a, 0xbd, 0xca, 0xee, 0x52, 0x09, - 0x92, 0x9d, 0xb0, 0xd5, 0xd9, 0xba, 0x2f, 0xb9, - 0x96, 0xdc, 0xfa, 0xbd, 0xce, 0xea, 0x1a, 0x7b, - 0x9a, 0x1d, 0x13, 0xa7, 0x11, 0xe2, 0x9a, 0x64, - 0xf6, 0xd3, 0xee, 0xc6, 0x33, 0xb7, 0x6e, 0xef, - 0x25, 0x9e, 0x1e, 0x7c, 0xe3, 0x1f, 0x2c, 0x6e, - 0xa9, 0xc0, 0xf8, 0xc1, 0xbf, 0x3b, 0xf8, 0x34, - 0x03, 0x9b, 0xa1, 0x40, 0x5b, 0x0c, 0x3c, 0x09, - 0x66, 0x9d, 0x63, 0xe2, 0xe2, 0x04, 0x8f, 0x06, - 0x84, 0x74, 0x68, 0xb2, 0x5c, 0x3b, 0x4c, 0xad, - 0x0b, 0x3f, 0x03, 0xb3, 0x07, 0x8a, 0x64, 0xa7, - 0x36, 0x56, 0x26, 0x39, 0x66, 0xda, 0xe9, 0x6d, - 0x1b, 0xd5, 0x88, 0xe8, 0x5c, 0xaf, 0x5a, 0x4c, - 0x49, 0xf7, 0xf5, 0xb7, 0x78, 0xf0, 0xde, 0xec, - 0xcd, 0x16, 0x23, 0x9e, 0x8c, 0x13, 0xbe, 0x6b, - 0x6f, 0x9b, 0x07, 0xe5, 0xbb, 0xcc, 0x3a, 0x1b, - 0x6f, 0x43, 0xdf, 0xff, 0x46, 0x2a, 0xae, 0x47, - 0x19, 0x18, 0x9a, 0x25, 0x09, 0xc9, 0x24, 0x40, - 0x0c, 0x4b, 0xa7, 0xda, 0x5e, 0x0d, 0xee, 0xfa, - 0x62, 0x45, 0x8e, 0xcc, 0x2f, 0x23, 0x08, 0x1d, - 0x92, 0xf0, 0xfe, 0x82, 0x0f, 0xd7, 0x11, 0x60, - 0x7e, 0x0b, 0x0b, 0x75, 0xf4, 0xf5, 0x3b, 0xc0, - 0xa4, 0xe8, 0x72, 0xa5, 0xb6, 0xfa, 0x5a, 0xad, - 0x5a, 0x4f, 0x39, 0xb5, 0xa2, 0x12, 0x96, 0x0a, - 0x32, 0x84, 0xb2, 0xa1, 0x06, 0x68, 0x56, 0x57, - 0x97, 0xa3, 0x7b, 0x22, 0x61, 0x76, 0x5d, 0x30, - 0x1a, 0x31, 0xab, 0x99, 0x06, 0xc5, 0x1a, 0x96, - 0xcf, 0xcf, 0x14, 0xff, 0xb2, 0xc4, 0xcc, 0x2b, - 0xbf, 0x0c, 0x9d, 0x91, 0x8f, 0x79, 0x5b, 0xbc, - 0xa9, 0x6b, 0x91, 0x6a, 0xb4, 0x93, 0x5c, 0x7b, - 0x5d, 0xc2, 0x8a, 0x75, 0xc0, 0xc1, 0x08, 0xfa, - 0x99, 0xf9, 0x4d, 0x5e, 0x0c, 0x06, 0x64, 0x60, - 0xa9, 0x01, 0x4a, 0x34, 0x0f, 0x33, 0x84, 0x95, - 0x69, 0x30, 0xc1, 0x1c, 0x36, 0xf8, 0xfc, 0x30, - 0x23, 0xb2, 0x71, 0xe5, 0x52, 0x4d, 0x12, 0x1a, - 0xc9, 0xbe, 0xee, 0xc9, 0xcb, 0x01, 0x85, 0xf3, - 0xdb, 0x30, 0xf9, 0x41, 0xa9, 0x40, 0xb0, 0x06, - 0x29, 0x77, 0xcd, 0xc5, 0xec, 0x58, 0x02, 0x48, - 0x83, 0x53, 0x44, 0x6a, 0xd2, 0xca, 0x05, 0xd8, - 0x5a, 0x08, 0xeb, 0xa9, 0xf4, 0xe6, 0xc7, 0x9d, - 0xd5, 0x7b, 0x74, 0x0b, 0x31, 0xb7, 0xa5, 0x57, - 0x7c, 0x7a, 0xfd, 0x1a, 0x0e, 0xd7, 0x97, 0x41, - 0xbf, 0xdd, 0xc6, 0x19, 0x6c, 0x77, 0x8c, 0x18, - 0x52, 0x57, 0x83, 0xba, 0x71, 0x25, 0xee, 0x39, - 0xbb, 0xe2, 0x43, 0xa0, 0x14, 0xdc, 0x0e, 0x84, - 0xb4, 0x2b, 0xde, 0x3e, 0xe5, 0x36, 0xb7, 0xa2, - 0x92, 0x98, 0x05, 0xb8, 0x96, 0xe5, 0xd0, 0x8c, - 0x08, 0x93, 0x35, 0xc2, 0x81, 0xe0, 0xfc, 0x59, - 0x71, 0xe2, 0x44, 0x49, 0x5d, 0xda, 0xfb, 0x9c, - 0xaa, 0x70, 0x9f, 0x43, 0xa8, 0xa5, 0xd9, 0x67, - 0xd9, 0x8f, 0xa3, 0x1e, 0xbe, 0x0e, 0xec, 0xdf, - 0x12, 0x2b, 0x6a, 0xe7, 0x1c, 0x12, 0x17, 0xe7, - 0xc4, 0x6d, 0x50, 0xc9, 0x52, 0x7a, 0xd5, 0xe8, - 0x7f, 0xbc, 0x07, 0x15, 0xac, 0xdb, 0x93, 0x66, - 0xb1, 0xf0, 0xa7, 0x7b, 0x2f, 0xe9, 0xec, 0xd0, - 0x47, 0x69, 0x59, 0x87, 0xf1, 0x4c, 0x3e, 0x4b, - 0x9b, 0x11, 0x79, 0x13, 0xe4, 0x96, 0xf6, 0x56, - 0x04, 0x6e, 0x0b, 0x33, 0xfc, 0x40, 0xf6, 0xc7, - 0xc1, 0x43, 0xb1, 0xbf, 0x0e, 0xb3, 0x87, 0xfd, - 0x0b, 0x1c, 0x63, 0x46, 0x3a, 0xd3, 0xa0, 0x17, - 0x59, 0x25, 0x94, 0x6c, 0x9c, 0x3d, 0x0c, 0x81, - 0xce, 0x82, 0x72, 0x42, 0x28, 0xf9, 0x37, 0x6a, - 0x6d, 0xe4, 0x12, 0xf4, 0x21, 0xaa, 0xf7, 0xfe, - 0x27, 0x55, 0x40, 0x1a, 0x14, 0xc3, 0x39, 0x5b, - 0xbf, 0x63, 0xc2, 0x5f, 0x10, 0x1f, 0x14, 0x25, - 0xd0, 0xce, 0xf3, 0x14, 0x48, 0x13, 0xa5, 0x0b, - 0x4d, 0x38, 0xcf, 0x0d, 0x34, 0xc0, 0x0a, 0x11, - 0xb4, 0xb5, 0x72, 0xc8, 0x4b, 0xc2, 0x6f, 0xe7, - 0x9d, 0x93, 0xf7, 0xdf, 0xb8, 0x43, 0x72, 0x7e, - 0xda, 0x3e, 0x20, 0x1f, 0xbc, 0x21, 0x2a, 0xce, - 0x00, 0xfa, 0x96, 0x9f, 0x3d, 0xe5, 0x88, 0x96, - 0xef, 0x29, 0x84, 0xdf, 0x6c, 0x1c, 0x96, 0xd8, - 0x58, 0x47, 0xaa, 0x92, 0xf3, 0x07, 0xe5, 0xfb, - 0xaf, 0xea, 0x95, 0x7e, 0x0b, 0x71, 0xcd, 0x81, - 0x0f, 0xb7, 0x0a, 0x59, 0x8f, 0x31, 0x4d, 0xd1, - 0xc3, 0xf3, 0x2f, 0x70, 0x5c, 0x59, 0x18, 0x97, - 0xaf, 0x77, 0x95, 0x5e, 0xaf, 0x40, 0x06, 0x12, - 0x81, 0x61, 0x86, 0x08, 0x4e, 0xbc, 0x89, 0x46, - 0x07, 0x2e, 0x5b, 0x10, 0xaa, 0x12, 0xf0, 0xa7, - 0x84, 0xe2, 0x9a, 0x08, 0xf1, 0xde, 0x59, 0xe3, - 0x0e, 0x47, 0x4b, 0xff, 0xc3, 0xc9, 0x18, 0xaf, - 0x95, 0x9c, 0x67, 0x2a, 0xde, 0x8a, 0x7a, 0x99, - 0x04, 0xc4, 0xb8, 0x97, 0x4c, 0x04, 0x29, 0x71, - 0x05, 0xda, 0xb3, 0xd6, 0xdb, 0x6c, 0x71, 0xe6, - 0xe8, 0x03, 0xbf, 0x94, 0x7d, 0xde, 0x3d, 0xc8, - 0x44, 0xfa, 0x7d, 0x62, 0xb4, 0x36, 0x03, 0xee, - 0x36, 0x52, 0x64, 0xb4, 0x85, 0x6d, 0xd5, 0x78, - 0xf0, 0x6f, 0x67, 0x2d, 0x0e, 0xe0, 0x2c, 0x88, - 0x9b, 0x55, 0x19, 0x29, 0x40, 0xf6, 0x8c, 0x12, - 0xbb, 0x2c, 0x83, 0x96, 0x40, 0xc0, 0x36, 0xf5, - 0x77, 0xff, 0x70, 0x8c, 0x75, 0x92, 0x0b, 0xad, - 0x05, 0x9b, 0x7e, 0xa2, 0xfc, 0xa9, 0xd1, 0x64, - 0x76, 0x82, 0x13, 0xba, 0x22, 0x5e, 0x33, 0x0e, - 0x26, 0x70, 0xa9, 0xbe, 0x74, 0x28, 0xf5, 0xe2, - 0xc4, 0x96, 0xee, 0x3a, 0xbc, 0x97, 0xa6, 0x2c, - 0x2a, 0xe0, 0x64, 0x8d, 0x35, 0xc6, 0x1a, 0xca, - 0xf4, 0x92, 0xfa, 0xc3, 0xf1, 0x1f, 0x98, 0xe4, - 0x43, 0x88, 0x69, 0x3a, 0x09, 0xbf, 0x63, 0xe5, - 0x96, 0x29, 0x0b, 0x9b, 0x62, 0x23, 0x14, 0x8a, - 0x95, 0xe4, 0x1c, 0x5c, 0x0a, 0xa9, 0xc5, 0xb9, - 0x6f, 0x4f, 0x2b, 0x25, 0x6f, 0x74, 0x1e, 0x18, - 0xd5, 0xfe, 0x27, 0x7d, 0x3f, 0x6e, 0x55, 0x2c, - 0x67, 0xe6, 0xde, 0xb5, 0xcc, 0xc0, 0x2d, 0xff, - 0xc4, 0xe4, 0x06, 0x21, 0xa5, 0xc8, 0xd3, 0xd6, - 0x6c, 0xa1, 0xc3, 0xfb, 0x88, 0x92, 0xb1, 0x1d, - 0x90, 0xe1, 0x35, 0x05, 0x9b, 0x29, 0x6d, 0xba, - 0xf1, 0xf4, 0x1e, 0x23, 0x2e} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880 + 8, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mcnt", - { - 0x07, 0x52, 0x65, 0xe7, 0xca, 0xa3, 0xca, 0x45, - 0xcf, 0x3a, 0x05, 0x1d, 0x38, 0x03, 0x53, 0x0c, - 0x22, 0x31, 0xba, 0x99, 0x4f, 0x9b, 0x6a, 0x1b, - 0x7e, 0x09, 0x9d, 0x4e, 0xb5, 0xc9, 0x84, 0x2e}, - G89_CNT, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0x3d, 0x05, 0x07, 0x57, 0xc0, 0x75, 0x89, 0x97, - 0xd6, 0x94, 0x49, 0x11, 0x1d, 0xd0, 0x91, 0xee} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4294967296) + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gcnt", - { - 0x75, 0xa3, 0x3c, 0xae, 0x03, 0x6b, 0x10, 0xdb, - 0xc1, 0x56, 0x50, 0x89, 0x03, 0xd2, 0x9f, 0x91, - 0xee, 0xe8, 0x64, 0x1d, 0x43, 0xf2, 0x4e, 0xf8, - 0xf2, 0x6c, 0xed, 0xda, 0x8f, 0xe4, 0x88, 0xe9}, - G89_CNT, - { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - { - 0xfa, 0x6c, 0x96, 0x78, 0xe2, 0xf8, 0xdd, 0xaa, - 0x67, 0x5a, 0xc9, 0x5d, 0x57, 0xf1, 0xbd, 0x99} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 1035, - { - 0xd6, 0xcf, 0x31, 0x96, 0x9c, 0xa1, 0xfb, 0xd6, - 0x8d, 0xa3, 0xdd, 0x01, 0xd9, 0x88, 0xc0, 0x2f, - 0xbc, 0x46, 0xc7, 0x3a, 0xe4, 0x21, 0x86, 0x96, - 0x8d, 0xe2, 0xca, 0xb6, 0x37, 0xa2, 0xe1, 0xa8, - 0x7e, 0xa7, 0x79, 0x2e, 0xa4, 0x56, 0x75, 0x7f, - 0x3e, 0x55, 0x8b, 0x43, 0xae, 0x65, 0xdf, 0xaa, - 0x42, 0xb6, 0x00, 0xa6, 0x61, 0x03, 0x0d, 0xd3, - 0x41, 0x02, 0x27, 0x23, 0x95, 0x79, 0x9b, 0x34, - 0x81, 0xa9, 0x86, 0xb5, 0xa7, 0x90, 0xe2, 0xae, - 0xc4, 0x2f, 0xc3, 0x8e, 0x32, 0x56, 0x13, 0xfa, - 0x4d, 0x4e, 0x9f, 0x15, 0x75, 0x7e, 0x74, 0xdc, - 0x32, 0x2d, 0xee, 0x4d, 0x67, 0x70, 0x9f, 0x62, - 0xb9, 0xc4, 0xdb, 0x24, 0x84, 0xcc, 0x16, 0x7b, - 0xda, 0x22, 0xf7, 0xc5, 0xf3, 0x93, 0x35, 0x73, - 0xc6, 0x03, 0x1c, 0x77, 0xa5, 0xf2, 0x76, 0x56, - 0xb4, 0x95, 0xd4, 0x7e, 0x0d, 0x20, 0xc6, 0x6e, - 0xee, 0x8f, 0x25, 0x48, 0xff, 0x7e, 0x01, 0x3a, - 0xb4, 0x1f, 0xaa, 0x35, 0xc0, 0x33, 0x58, 0x9c, - 0xb5, 0xba, 0x65, 0x4b, 0xd3, 0x51, 0x14, 0xec, - 0x61, 0xce, 0xe4, 0xba, 0x49, 0xba, 0x39, 0x32, - 0xab, 0xce, 0x81, 0x72, 0xce, 0xab, 0xed, 0xd4, - 0xd2, 0x19, 0x87, 0x85, 0x92, 0xfa, 0x64, 0x34, - 0xd8, 0x86, 0xf4, 0x8a, 0x08, 0x3c, 0xde, 0xee, - 0x97, 0x92, 0x92, 0x69, 0xba, 0x9b, 0x5f, 0x7a, - 0x03, 0xc1, 0x5d, 0x43, 0x02, 0x8c, 0xbe, 0xd2, - 0x46, 0x72, 0x81, 0x40, 0x7d, 0x68, 0x98, 0x45, - 0x0b, 0x54, 0x27, 0x1c, 0xaf, 0x80, 0x42, 0xe4, - 0xd5, 0xd4, 0xe4, 0xa2, 0x98, 0x07, 0x8f, 0x03, - 0xf5, 0x2c, 0x8c, 0x88, 0xca, 0x5a, 0xde, 0xe4, - 0x9f, 0xb1, 0x5f, 0x82, 0xff, 0x20, 0x67, 0x52, - 0x85, 0x84, 0x4f, 0xc8, 0xfe, 0xa7, 0x9e, 0xae, - 0x1c, 0xfa, 0xb8, 0x75, 0xd3, 0xf7, 0x9f, 0x0d, - 0xda, 0x2d, 0xe6, 0xcc, 0x86, 0x6b, 0xa4, 0x14, - 0x65, 0xc3, 0xf9, 0x15, 0xbc, 0x87, 0xf5, 0xae, - 0x8c, 0x10, 0xd4, 0xce, 0x5b, 0x9c, 0xe2, 0xdd, - 0x42, 0x03, 0x09, 0x87, 0x47, 0xed, 0x5d, 0xd0, - 0x7a, 0x69, 0x4c, 0xfa, 0x43, 0x7d, 0xbf, 0x07, - 0x85, 0x6a, 0xee, 0x68, 0xe6, 0x7a, 0x57, 0xb2, - 0x20, 0x8d, 0x80, 0xf2, 0x91, 0x6f, 0x5c, 0x07, - 0x8c, 0xe4, 0x6a, 0x49, 0x90, 0x85, 0x8b, 0x77, - 0x29, 0x56, 0x1c, 0x5e, 0xa9, 0x3f, 0xab, 0x8b, - 0x79, 0xa3, 0x6f, 0x6b, 0x34, 0xcb, 0x61, 0xf6, - 0xe6, 0x92, 0xd1, 0x48, 0x9e, 0x11, 0xa2, 0x82, - 0xc0, 0x4e, 0x23, 0xd2, 0x15, 0x0d, 0x8d, 0xff, - 0xfa, 0x17, 0x9d, 0x81, 0xb8, 0xbc, 0xd7, 0x5b, - 0x08, 0x81, 0x20, 0x40, 0xc0, 0x3c, 0x06, 0x8b, - 0x1a, 0x88, 0x0b, 0x4b, 0x7b, 0x31, 0xf5, 0xd4, - 0x4e, 0x09, 0xd1, 0x4d, 0x0d, 0x7f, 0x45, 0xd1, - 0x09, 0x35, 0xba, 0xce, 0x65, 0xdd, 0xf2, 0xb8, - 0xfb, 0x7a, 0xbc, 0xc4, 0x4b, 0xc8, 0x75, 0xda, - 0x6b, 0xce, 0x3d, 0xe8, 0x94, 0xcc, 0x23, 0x6f, - 0xb0, 0x3b, 0x4f, 0x7d, 0x07, 0xb9, 0x0f, 0x62, - 0x92, 0x7e, 0xda, 0x70, 0x50, 0xce, 0xd3, 0x28, - 0x12, 0x11, 0x00, 0xeb, 0x8d, 0x63, 0x70, 0x78, - 0xa8, 0x7b, 0x76, 0xab, 0xc6, 0x40, 0xc0, 0x4e, - 0x80, 0xdd, 0xf0, 0xfe, 0x83, 0x72, 0x56, 0x4c, - 0x09, 0x4c, 0xf1, 0x72, 0x72, 0x86, 0x26, 0x31, - 0xc3, 0xc2, 0xdc, 0x8e, 0xc7, 0xf4, 0x35, 0xec, - 0x17, 0x06, 0x63, 0x47, 0x49, 0x88, 0x47, 0xaf, - 0xb3, 0x38, 0x4f, 0x7e, 0x44, 0x95, 0xb5, 0xbb, - 0x1d, 0xbd, 0x5a, 0x91, 0x5b, 0xd0, 0x1a, 0xdf, - 0x0d, 0x0b, 0x50, 0xd8, 0xe2, 0x0e, 0xc5, 0x00, - 0x2d, 0x5b, 0x29, 0x19, 0xaa, 0x2b, 0x64, 0xc5, - 0x40, 0x31, 0x48, 0x11, 0xbc, 0x04, 0xd1, 0xcf, - 0x6d, 0xf9, 0xa5, 0x2f, 0x4a, 0xc9, 0x82, 0xfa, - 0x59, 0xe1, 0xfc, 0xab, 0x1c, 0x33, 0x26, 0x0a, - 0x5f, 0xef, 0xf2, 0x06, 0xd8, 0xd3, 0x7e, 0x16, - 0x58, 0x16, 0x78, 0x73, 0xae, 0xba, 0xeb, 0xe5, - 0x3d, 0xb2, 0x0a, 0xb3, 0x32, 0x2d, 0x14, 0xa4, - 0xfa, 0x3f, 0x1f, 0x43, 0xf9, 0x7b, 0xa9, 0x43, - 0x98, 0x18, 0x94, 0x07, 0x07, 0xe5, 0x19, 0x34, - 0xa8, 0x16, 0x5f, 0x71, 0x67, 0xaa, 0x29, 0xe5, - 0xfa, 0xf0, 0x83, 0x06, 0x1d, 0x9d, 0xfc, 0xfe, - 0xfe, 0x8c, 0xb5, 0xb2, 0xa9, 0xe7, 0xa0, 0x40, - 0x60, 0xb6, 0x71, 0x9e, 0xab, 0x5b, 0x83, 0xb9, - 0x0c, 0x2b, 0x58, 0x23, 0x80, 0x09, 0x9e, 0x5d, - 0x94, 0x7d, 0x40, 0x76, 0xa9, 0x16, 0x96, 0x9e, - 0x83, 0xe0, 0x0d, 0xec, 0xa0, 0xec, 0x76, 0x2a, - 0xb7, 0xa0, 0xff, 0xb8, 0x50, 0x4c, 0x5b, 0xc6, - 0x8b, 0x0a, 0x65, 0x2e, 0xfe, 0xb4, 0x40, 0x9a, - 0x01, 0xd8, 0xc6, 0xa3, 0xab, 0x99, 0xa2, 0xc5, - 0x0c, 0x08, 0xc4, 0xb7, 0xee, 0x4d, 0x1d, 0xc4, - 0x08, 0x15, 0xd0, 0xdb, 0xaa, 0x63, 0x4f, 0x31, - 0xeb, 0x14, 0x97, 0x43, 0xbd, 0xc1, 0x94, 0x08, - 0xe6, 0xde, 0x43, 0x9f, 0x95, 0x0b, 0x96, 0x7e, - 0x7f, 0x3c, 0x68, 0xba, 0x6f, 0xc4, 0xc9, 0x35, - 0x2b, 0xc4, 0x0e, 0xda, 0x1f, 0x91, 0x68, 0x64, - 0x63, 0x34, 0x73, 0xbe, 0x57, 0x75, 0xb9, 0xed, - 0xf7, 0x2d, 0x3b, 0x05, 0x21, 0x93, 0x28, 0x48, - 0x96, 0x95, 0x97, 0xa0, 0xd2, 0x7d, 0x78, 0xbb, - 0x6a, 0x49, 0x8f, 0x76, 0x55, 0x74, 0x63, 0xb9, - 0xc5, 0x36, 0x12, 0x25, 0xbf, 0x03, 0x82, 0x8f, - 0xf0, 0xf6, 0x80, 0xbb, 0x33, 0xb4, 0xf4, 0x17, - 0x27, 0x1c, 0xf3, 0x4c, 0x10, 0xa3, 0xe4, 0xd1, - 0x55, 0xd9, 0x68, 0x21, 0x4e, 0x5a, 0x83, 0x67, - 0xbf, 0xf8, 0x3c, 0x7d, 0x4e, 0x62, 0xd3, 0x28, - 0xa7, 0x26, 0x6f, 0xe9, 0xee, 0xc2, 0x0b, 0x2d, - 0x03, 0x84, 0xb1, 0xff, 0xd6, 0x68, 0x1f, 0xb6, - 0xf2, 0xe4, 0x0f, 0xda, 0x2d, 0xee, 0x5f, 0x6e, - 0x21, 0xc8, 0xe1, 0xfc, 0xad, 0x6b, 0x0e, 0x04, - 0x7d, 0xaf, 0xc2, 0x3b, 0xa5, 0x68, 0x9b, 0x0c, - 0xf3, 0x56, 0xf3, 0xda, 0x8d, 0xc8, 0x7d, 0x39, - 0xdc, 0xd5, 0x99, 0xc6, 0x01, 0x10, 0xce, 0x42, - 0x1b, 0xac, 0x48, 0xdc, 0x97, 0x78, 0x0a, 0xec, - 0xb3, 0x8f, 0x47, 0x35, 0xa3, 0x6a, 0x64, 0xb2, - 0x8e, 0x63, 0x69, 0x22, 0x66, 0xae, 0x2e, 0xe0, - 0x88, 0xf9, 0x40, 0x3c, 0xc9, 0xa2, 0x57, 0x61, - 0xf6, 0xad, 0xf0, 0xdc, 0x90, 0x56, 0x3f, 0x06, - 0x9b, 0x7d, 0xbd, 0xc2, 0x81, 0x02, 0xab, 0xb8, - 0x15, 0x09, 0x88, 0x4a, 0xff, 0x2f, 0x31, 0xbf, - 0x5e, 0xfa, 0x6a, 0x7e, 0xf6, 0xc5, 0xa7, 0xf7, - 0xd5, 0xab, 0x55, 0xac, 0xae, 0x0d, 0x8c, 0x8d, - 0x7f, 0x4b, 0x25, 0xbb, 0x32, 0xff, 0x11, 0x33, - 0x2e, 0x37, 0x37, 0x69, 0x96, 0x15, 0x17, 0xb1, - 0x17, 0x49, 0xe0, 0x9a, 0x9c, 0xd9, 0x5b, 0x8d, - 0x58, 0xa3, 0x1d, 0x92, 0x87, 0xf8, 0x80, 0xb9, - 0xbd, 0x5a, 0xec, 0x40, 0xe1, 0x00, 0x33, 0x60, - 0xe4, 0x86, 0x16, 0x6d, 0x61, 0x81, 0xf2, 0x28, - 0x6a, 0xa7, 0xce, 0x3f, 0x95, 0xae, 0x43, 0xca, - 0xe1, 0x3f, 0x81, 0x74, 0x7e, 0x1c, 0x47, 0x17, - 0x95, 0xc6, 0x60, 0xda, 0x74, 0x77, 0xd9, 0x9f, - 0xfa, 0x92, 0xb4, 0xbe, 0xe1, 0x23, 0x98, 0x18, - 0x95, 0x63, 0x03, 0x13, 0x4c, 0x1a, 0x2d, 0x41, - 0xcd, 0xe4, 0x84, 0xf7, 0xe6, 0x38, 0xef, 0xff, - 0x95, 0xb2, 0xe8, 0x7c, 0x8f, 0x58, 0xb5, 0xb5, - 0xed, 0x27, 0x7f, 0x3c, 0x18, 0xab, 0xbe, 0x7f, - 0x4f, 0xe2, 0x35, 0x15, 0x71, 0xb7, 0x6f, 0x85, - 0x38, 0x9b, 0x88, 0xf6, 0x9c, 0x8d, 0x43, 0xb5, - 0x58, 0x9e, 0xf2, 0xd1, 0x96, 0xbe, 0xb7, 0xad, - 0x1a, 0xa0, 0x98}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit2", - { - 0x80, 0xd9, 0xa0, 0xdc, 0x21, 0xf9, 0x30, 0x40, - 0x75, 0xfe, 0x49, 0x1b, 0x9e, 0x71, 0x90, 0x91, - 0x78, 0x88, 0x21, 0x60, 0x39, 0xe7, 0xc9, 0x2b, - 0xfb, 0x55, 0x1d, 0xf4, 0xdd, 0x2b, 0x0a, 0x01}, - G89_IMIT, - {0}, - { - 0x90, 0xf2, 0x11, 0x9a} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 10, - { - 0x1d, 0xeb, 0xe6, 0x79, 0x0a, 0x59, 0x00, 0xe6, - 0x8e, 0x5c}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit3", - { - 0xa9, 0xb6, 0x37, 0xcc, 0x6d, 0x9b, 0x2f, 0x25, - 0xb0, 0xdf, 0x47, 0x04, 0x50, 0x68, 0xb0, 0x27, - 0x41, 0x27, 0x58, 0x6a, 0xbd, 0x0a, 0x6e, 0x50, - 0x2f, 0xc6, 0xfc, 0xc0, 0x3e, 0x29, 0x42, 0xa5}, - G89_IMIT, - {0}, - { - 0x31, 0x7c, 0x16, 0xe4} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 6, - { - 0xef, 0x06, 0x8f, 0x14, 0xc9, 0x04}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit4", - { - 0xb0, 0x6c, 0x48, 0x23, 0x0a, 0x6e, 0xf4, 0xec, - 0x27, 0x98, 0x01, 0x23, 0xa7, 0xd8, 0xbf, 0x60, - 0x89, 0xef, 0xad, 0xe8, 0x8f, 0x79, 0x14, 0x8c, - 0x18, 0x5c, 0x9a, 0xda, 0xef, 0x0b, 0xdd, 0xa0}, - G89_IMIT, - {0}, - { - 0xe9, 0x72, 0xae, 0xbf} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 16, - { - 0x02, 0xf8, 0xec, 0x2b, 0x4d, 0x1f, 0xbc, 0x7c, - 0x6e, 0x47, 0xe3, 0x87, 0x22, 0x75, 0x41, 0xa7}, - "id-Gost28147-89-CryptoPro-B-ParamSet", - "testimit5", - { - 0x33, 0xd3, 0xef, 0x01, 0x19, 0x95, 0x0e, 0x15, - 0xa1, 0x69, 0x75, 0xae, 0x56, 0x27, 0x17, 0x79, - 0x63, 0x47, 0xab, 0x62, 0x9d, 0x4a, 0xf0, 0x34, - 0xd3, 0x1e, 0x69, 0x74, 0xec, 0x31, 0x48, 0xfc}, - G89_IMIT, - {0}, - { - 0xf5, 0x55, 0x1f, 0x28} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 8, - { - 0xf3, 0xb2, 0x29, 0xd2, 0x7a, 0x37, 0x03, 0x12}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit6", - { - 0x42, 0x35, 0x81, 0x91, 0x0b, 0xa9, 0x99, 0xff, - 0xd9, 0x43, 0xf8, 0xc6, 0x19, 0x55, 0x1f, 0x2f, - 0x2d, 0x45, 0x40, 0x20, 0x1e, 0x1d, 0x32, 0x7a, - 0xb1, 0x07, 0x6b, 0x4f, 0x45, 0x90, 0xd9, 0x80}, - G89_IMIT, - {0}, - { - 0x6e, 0x15, 0xfa, 0xe8} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 0, - { - 0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "testimit7", - { - 0x26, 0xcb, 0xb9, 0xf0, 0x0c, 0x62, 0x9f, 0xaa, - 0x4a, 0x1d, 0xb6, 0x30, 0x09, 0x01, 0x56, 0x89, - 0x66, 0xd4, 0xe4, 0x0e, 0xfe, 0xf6, 0x10, 0x6b, - 0x6c, 0xe8, 0x04, 0x3a, 0xe3, 0x61, 0x4b, 0x19}, - G89_IMIT, - {0}, - { - 0x00, 0x00, 0x00, 0x00} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 5242880, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test5Mimit", - { - 0xaa, 0x85, 0x84, 0xcd, 0x65, 0x28, 0xe1, 0xdb, - 0xb8, 0x20, 0x19, 0x43, 0xe0, 0x36, 0x35, 0x10, - 0x19, 0xc3, 0x70, 0x5b, 0x27, 0xc1, 0x9d, 0x84, - 0x75, 0xa3, 0xc6, 0x49, 0x46, 0x8f, 0x7c, 0x4e}, - G89_IMIT, - {0}, - { - 0x2a, 0xe6, 0x23, 0xc6} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - 3221225472U + 16, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test3Gimit1", - { - 0xd5, 0xda, 0xfe, 0x06, 0x60, 0xdc, 0xf0, 0xb3, - 0x49, 0x5a, 0x02, 0x59, 0xc8, 0x2e, 0x4a, 0x2b, - 0xcc, 0x9b, 0x98, 0x04, 0xb7, 0xf2, 0x78, 0xb7, - 0xce, 0xa3, 0xf2, 0xdb, 0x9e, 0xa8, 0x49, 0x1d}, - G89_IMIT, - {0}, - { - 0xcc, 0x46, 0x67, 0xe4} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit3", - { - 0x0d, 0xf1, 0xa8, 0x7f, 0x57, 0x03, 0x44, 0xcc, - 0xdb, 0x20, 0xde, 0xed, 0x85, 0x50, 0x38, 0xda, - 0xc9, 0x44, 0xec, 0x2c, 0x0d, 0x66, 0xb7, 0xdc, - 0x17, 0x14, 0x55, 0x95, 0x33, 0x6e, 0x43, 0x3e}, - G89_IMIT, - {0}, - { - 0xb7, 0x21, 0x2e, 0x48} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024 + 4, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit1", - { - 0x0c, 0xf3, 0xe9, 0xb0, 0x28, 0x3b, 0x9f, 0x8b, - 0xe3, 0x82, 0xb9, 0xa2, 0xa6, 0xbd, 0x80, 0xd2, - 0xcd, 0xfa, 0x3f, 0xf7, 0x90, 0xa7, 0x55, 0x06, - 0x9b, 0x7a, 0x58, 0xee, 0xe7, 0xf1, 0x9d, 0xbe}, - G89_IMIT, - {0}, - { - 0xda, 0x15, 0x10, 0x73} - }, - { /* Calculated by libcapi10, CryptoPro CSP - * 3.6R2, Mac OSX */ - U64(4) * 1024 * 1024 * 1024 + 10, - {0}, - "id-Gost28147-89-CryptoPro-A-ParamSet", - "test4Gimit2", - { - 0x97, 0x1a, 0x42, 0x22, 0xfa, 0x07, 0xb2, 0xca, - 0xf9, 0xd2, 0x34, 0x5a, 0x92, 0xb1, 0x1f, 0x6b, - 0x53, 0xf8, 0xaf, 0xed, 0x9a, 0x73, 0xc4, 0x38, - 0xd7, 0x7d, 0x25, 0x81, 0x00, 0x0d, 0xd4, 0x29}, - G89_IMIT, - {0}, - { - 0x52, 0xaa, 0x22, 0xb4} - } -}; - -int main(int argc, char *argv[]) -{ - unsigned int t; - u64 ullMaxLen = 6 * 1000 * 1000; - int ignore = 0; - ENGINE *impl = NULL; - EVP_MD_CTX *mctx; - EVP_CIPHER_CTX *ectx; - EVP_PKEY *mac_key; - byte bDerive[EVP_MAX_KEY_LENGTH]; - byte bTest[G89_MAX_TC_LEN]; - byte bTest1[G89_MAX_TC_LEN]; - u64 ullLeft; - static const byte bZB[40 * 1024 * 1024] = { 0 }; - static byte bTS[40 * 1024 * 1024] = { 0 }; - unsigned int mdl = 0; - int enlu = 0; - int enlf = 0; - size_t siglen; - size_t l = 0; - - const EVP_MD *md_gost94 = NULL; - const EVP_CIPHER *cp_g89cfb = NULL; - const EVP_CIPHER *cp_g89cnt = NULL; - const EVP_CIPHER *ctype = NULL; - const EVP_MD *md_g89imit = NULL; - - long lErrLine; - CONF *pConfig = NCONF_new(NULL); - BIO *bpConf; - char sConf[] = - "openssl_conf = openssl_def\n" - "\n" - "[openssl_def]\n" - "engines = engine_section\n" - "\n" - "[engine_section]\n" - "gost = gost_section\n" - "\n" "[gost_section]\n" "default_algorithms = ALL\n" "\n"; - - printf("Testing GOST 28147-89 "); - - if (1 < argc) { - if (1 != sscanf(argv[1], FMT64, &ullMaxLen) || - (2 < argc ? 1 != sscanf(argv[2], "%d", &ignore) : 0)) { - fflush(NULL); - fprintf(stderr, "Usage: %s [maxlen [ignore-error]]\n", argv[0]); - return 1; - } - } - - /* - * ccgost engine test on GostR3411_94_CryptoProParamSet - */ - ERR_load_crypto_strings(); - ENGINE_load_builtin_engines(); - OPENSSL_load_builtin_modules(); - - bpConf = BIO_new_mem_buf(sConf, -1); - if (!NCONF_load_bio(pConfig, bpConf, &lErrLine)) { - fflush(NULL); - fprintf(stderr, "NCONF_load_bio: ErrLine=%ld: %s\n", - lErrLine, ERR_error_string(ERR_get_error(), NULL)); - return 4; - } - BIO_free(bpConf); - - if (!CONF_modules_load(pConfig, NULL, 0)) { - fflush(NULL); - fprintf(stderr, "CONF_modules_load: %s\n", - ERR_error_string(ERR_get_error(), NULL)); - return 5; - } - - /* Test load engine */ - if (NULL == (impl = ENGINE_by_id(CCGOST_ID))) { - fflush(NULL); - fprintf(stderr, "Can't load engine id \"" CCGOST_ID "\"\n"); - if (!ignore) { - return 6; - } - } - if (NULL == (md_gost94 = EVP_get_digestbyname(SN_id_GostR3411_94))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_GostR3411_94 "\" - not found\n"); - if (!ignore) { - return 7; - } - } - if (NULL == (cp_g89cfb = EVP_get_cipherbyname(SN_id_Gost28147_89))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_Gost28147_89 "\" - not found\n"); - if (!ignore) { - return 8; - } - } - if (NULL == (cp_g89cnt = EVP_get_cipherbyname(SN_gost89_cnt))) { - fflush(NULL); - fprintf(stderr, "\"" SN_gost89_cnt "\" - not found\n"); - if (!ignore) { - return 9; - } - } - if (NULL == (md_g89imit = EVP_get_digestbyname(SN_id_Gost28147_89_MAC))) { - fflush(NULL); - fprintf(stderr, "\"" SN_id_Gost28147_89_MAC "\" - not found\n"); - if (!ignore) { - return 10; - } - } - - /* Test cases */ - for (t = 0; t < OSSL_NELEM(tcs); t++) { - if (NULL == tcs[t].szDerive) { - continue; - } - memset(bDerive, 0x3c, sizeof(bDerive)); - mdl = sizeof(bDerive); - EVP_Digest(tcs[t].szDerive, strlen(tcs[t].szDerive), - bDerive, &mdl, md_gost94, impl); - if (0 != memcmp(tcs[t].bRawKey, bDerive, mdl)) { - fflush(NULL); - fprintf(stderr, "Engine test t=%d " "derive key error.\n", t); - if (!ignore) { - return 12; - } - } - if (ullMaxLen < tcs[t].ullLen) { - continue; - } - memset(bTest, 0xa5, sizeof(bTest)); - memset(bTest1, 0x5a, sizeof(bTest1)); - if (!ENGINE_ctrl_cmd_string(impl, - "CRYPT_PARAMS", tcs[t].szParamSet, 0)) { - fflush(NULL); - fprintf(stderr, "ENGINE_ctrl_cmd_string: %s\n", - ERR_error_string(ERR_get_error(), NULL)); - return 11; - } - switch (tcs[t].gMode) { - case G89_ECB: - /* OpenSSL/ccgost not implemented GOST 28147-89 ECB */ - continue; - case G89_CFB: - ctype = cp_g89cfb; - goto engine_cipher_check; - case G89_CNT: - if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet", - tcs[t].szParamSet)) { - /* - * ccgost engine can't change S-Box for gost-cnt - */ - continue; - } - ctype = cp_g89cnt; - engine_cipher_check: - ectx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ectx, ctype, impl, bDerive, tcs[t].bIV); - if (G89_MAX_TC_LEN >= tcs[t].ullLen) { - enlu = sizeof(bTest); - EVP_EncryptUpdate(ectx, bTest, &enlu, - tcs[t].bIn, (int)tcs[t].ullLen); - l = (size_t)tcs[t].ullLen; - } else { - for (ullLeft = tcs[t].ullLen; - ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) { - printf("B"); - fflush(NULL); - enlu = sizeof(bTS); - EVP_EncryptUpdate(ectx, bTS, &enlu, bZB, sizeof(bZB)); - } - printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen); - fflush(NULL); - EVP_EncryptUpdate(ectx, bTS, &enlu, bZB, (int)ullLeft); - memcpy(bTest, &bTS[enlu - 16], 16); - enlu = (int)tcs[t].ullLen; - l = 16; - } - enlf = sizeof(bTest1); - EVP_EncryptFinal_ex(ectx, bTest1, &enlf); - EVP_CIPHER_CTX_free(ectx); - break; - case G89_IMIT: - if (0 != strcmp("id-Gost28147-89-CryptoPro-A-ParamSet", - tcs[t].szParamSet)) { - /* - * ccgost engine can't change S-Box for gost-mac - */ - continue; - } - mctx = EVP_MD_CTX_new(); - if (mctx == NULL) { - fflush(NULL); - fprintf(stderr, "ENGINE_ctrl_cmd_string: malloc failure\n"); - return 14; - } - mac_key = EVP_PKEY_new_mac_key(NID_id_Gost28147_89_MAC, NULL, - bDerive, mdl); - EVP_DigestSignInit(mctx, NULL, md_g89imit, impl, mac_key); - if (G89_MAX_TC_LEN >= tcs[t].ullLen) { - EVP_DigestSignUpdate(mctx, tcs[t].bIn, - (unsigned int)tcs[t].ullLen); - } else { - for (ullLeft = tcs[t].ullLen; - ullLeft >= sizeof(bZB); ullLeft -= sizeof(bZB)) { - printf("B"); - fflush(NULL); - EVP_DigestSignUpdate(mctx, bZB, sizeof(bZB)); - } - printf("b" FMT64 "/" FMT64, ullLeft, tcs[t].ullLen); - fflush(NULL); - EVP_DigestSignUpdate(mctx, bZB, (unsigned int)ullLeft); - } - siglen = 4; - OPENSSL_assert(EVP_DigestSignFinal(mctx, bTest, &siglen)); - EVP_PKEY_free(mac_key); - EVP_MD_CTX_free(mctx); - enlu = (int)tcs[t].ullLen; - enlf = 0; - l = siglen; - break; - } - if ((int)tcs[t].ullLen != enlu || 0 != enlf || - 0 != memcmp(tcs[t].bOut, bTest, l)) { - fflush(NULL); - fprintf(stderr, "\nEngine test t=%d len=" FMT64 - " failed.\n", t, tcs[t].ullLen); - if (!ignore) { - return 13; - } - } else { - printf("."); - fflush(NULL); - } - } - - printf(" passed\n"); - fflush(NULL); - - NCONF_free(pConfig); - - return EXIT_SUCCESS; -} -#endif diff --git a/test/recipes/90-test_gost2814789.t b/test/recipes/90-test_gost2814789.t deleted file mode 100644 index e97128ff7e..0000000000 --- a/test/recipes/90-test_gost2814789.t +++ /dev/null @@ -1,13 +0,0 @@ -#! /usr/bin/perl - -use strict; -use warnings; -use OpenSSL::Test qw/:DEFAULT top_dir/; - -setup("test_gost2814789"); - -$ENV{OPENSSL_ENGINES} = - $ENV{BIN_D} ? top_dir($ENV{BIN_D}) : top_dir("engines", "ccgost"); - -plan tests => 1; -ok(run(test(["gost2814789test"])), 'running gost2814789test'); diff --git a/util/libeay.num b/util/libeay.num index 33c1c4e91e..0e568e0beb 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -3790,7 +3790,7 @@ d2i_TS_ACCURACY 4194 1_1_0 EXIST::FUNCTION: DSO_global_lookup 4195 1_1_0 EXIST::FUNCTION: TS_CONF_set_tsa_name 4196 1_1_0 EXIST::FUNCTION: i2d_ASN1_SET_ANY 4197 1_1_0 EXIST::FUNCTION: -ENGINE_load_gost 4198 1_1_0 EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE +ENGINE_load_gost 4198 1_1_0 NOEXIST::FUNCTION: WHIRLPOOL_BitUpdate 4199 1_1_0 EXIST::FUNCTION:WHIRLPOOL ASN1_PCTX_get_flags 4200 1_1_0 EXIST::FUNCTION: TS_TST_INFO_get_ext_by_NID 4201 1_1_0 EXIST::FUNCTION: diff --git a/util/mk1mf.pl b/util/mk1mf.pl index 5b79ecd770..490df2891d 100755 --- a/util/mk1mf.pl +++ b/util/mk1mf.pl @@ -1033,7 +1033,6 @@ sub var_add return("") if $no_dsa && $dir =~ /\/dsa/; return("") if $no_dh && $dir =~ /\/dh/; return("") if $no_ec && $dir =~ /\/ec/; - return("") if $no_gost && $dir =~ /\/ccgost/; return("") if $no_cms && $dir =~ /\/cms/; return("") if $no_jpake && $dir =~ /\/jpake/; return("") if !$fips && $dir =~ /^fips/; -- 2.25.1