OpenSSL: openssl/engines/ Makefile openssl/engines/ccgost/ e

Thread: OpenSSL: openssl/engines/ Makefile openssl/engines/ccgost/ e_gos...

Search this list only Search all lists
OpenSSL: openssl/engines/ Makefile openssl/engines/ccgost/ e_gos...
Germany	2007-05-17 12:44:10
OpenSSL CVS Repository http://cvs.openssl.org/ ____________________________________________________________ ________________ Server: cvs.openssl.org Name: Dr. Stephen Henson Root: /v/openssl/cvs Email: steveopenssl.org Module: openssl Date: 17-May-2007 19:44:10 Branch: HEAD Handle: 2007051718440702 Modified files: openssl/engines Makefile openssl/engines/ccgost e_gost_err.c e_gost_err.h gost_ameth.c gost_crypt.c gost_eng.c gost_lcl.h gost_md.c gost_pmeth.c Log: Initial GOST MAC support. Not fully working yet... Summary: Revision Changes Path 1.18 +1 -0 openssl/engines/Makefile 1.3 +87 -80 openssl/engines/ccgost/e_gost_err.c 1.2 +7 -0 openssl/engines/ccgost/e_gost_err.h 1.4 +80 -0 openssl/engines/ccgost/gost_ameth.c 1.7 +3 -1 openssl/engines/ccgost/gost_crypt.c 1.7 +14 -5 openssl/engines/ccgost/gost_eng.c 1.5 +13 -0 openssl/engines/ccgost/gost_lcl.h 1.2 +3 -0 openssl/engines/ccgost/gost_md.c 1.4 +178 -0 openssl/engines/ccgost/gost_pmeth.c ____________________________________________________________ ________________ patch -p0 <<' .' Index: openssl/engines/Makefile ============================================================ ================ $ cvs diff -u -r1.17 -r1.18 Makefile --- openssl/engines/Makefile 29 Dec 2006 10:42:24 -0000 1.17 +++ openssl/engines/Makefile 17 May 2007 17:44:07 -0000 1.18 -131,6 +131,7 $(PERL) ../util/mkerr.pl -conf e_$$l.ec -nostatic -staticloader -write e_$$l.c; done + (cd ccgost; $(MAKE) PERL=$(PERL) errors) tests: . patch -p0 <<' .' Index: openssl/engines/ccgost/e_gost_err.c ============================================================ ================ $ cvs diff -u -r1.2 -r1.3 e_gost_err.c --- openssl/engines/ccgost/e_gost_err.c 21 Sep 2006 13:04:40 -0000 1.2 +++ openssl/engines/ccgost/e_gost_err.c 17 May 2007 17:44:09 -0000 1.3 -1,6 +1,6 /* e_gost_err.c / / ============================================================ ======== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions -70,95 +70,102 static ERR_STRING_DATA GOST_str_functs[]= { - {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_G OST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_DECRYPT_CRYPTOCOM_KEY), "decrypt_cry ptocom_key"}, - {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_G OST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST200 1_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PA RAMS"}, - {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "get_encrypt ion_params"}, - {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_ COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN "}, - {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VE RIFY"}, - {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "gost89 _get_asn1_parameters"}, - {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "gost89 _set_asn1_parameters"}, - {ERR_FUNC(GOST_F_GOST94_COPY_PARAMETERS), "GOST94_COP Y_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "gost_cipher_ctl&q uot;}, - {ERR_FUNC(GOST_F_GOST_COMPUTE_PUBLIC), "GOST_COMPUTE_ PUBLIC"}, - {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY&quo t;}, - {ERR_FUNC(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001), "MA KE_RFC4490_KEYTRANSPORT_2001"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST 01"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST 94"}, - {ERR_FUNC(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT), &q uot;PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT"}, - {ERR_FUNC(GOST_F_PKCS7_GOST94_KEY_TRANSPORT_DECRYPT), &quo t;PKCS7_GOST94_KEY_TRANSPORT_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CC_DECRYPT), "pkey_GOST01 cc_decrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CC_ENCRYPT), "pkey_GOST01 cc_encrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "pkey_GOST01 cp_encrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST01_KEYGEN), "PKEY_GOST01_KE YGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CC_DECRYPT), "pkey_GOST94 cc_decrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CC_ENCRYPT), "pkey_GOST94 cc_encrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "pkey_GOST94 cp_decrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "pkey_GOST94 cp_encrypt"}, - {ERR_FUNC(GOST_F_PKEY_GOST94_KEYGEN), "PKEY_GOST94_KE YGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL&quo t;}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CT RL01_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CT RL94_STR"}, - {ERR_FUNC(GOST_F_PRIV_DECODE_GOST_94), "PRIV_DECODE_G OST_94"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST 01"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST 94"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST 01"}, - {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIG NATURE"}, - {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIG NATURE"}, - {0,NULL} +{ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GO ST_ALGOR_PARAMS"}, +{ERR_FUNC(GOST_F_DECRYPT_CRYPTOCOM_KEY), "decrypt_cryp tocom_key"}, +{ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GO ST_ALGOR_PARAMS"}, +{ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001 _PARAMS"}, +{ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PAR AMS"}, +{ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "get_encrypti on_params"}, +{ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_C OMPUTE_PUBLIC"}, +{ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN& quot;}, +{ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VER IFY"}, +{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "gost89_ get_asn1_parameters"}, +{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "gost89_ set_asn1_parameters"}, +{ERR_FUNC(GOST_F_GOST94_COPY_PARAMETERS), "GOST94_COPY _PARAMETERS"}, +{ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "gost_cipher_ctl&qu ot;}, +{ERR_FUNC(GOST_F_GOST_COMPUTE_PUBLIC), "GOST_COMPUTE_P UBLIC"}, +{ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"}, +{ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY" ;}, +{ERR_FUNC(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001), "MAK E_RFC4490_KEYTRANSPORT_2001"}, +{ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST0 1"}, +{ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST9 4"}, +{ERR_FUNC(GOST_F_PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT), &qu ot;PKCS7_GOST94CP_KEY_TRANSPORT_DECRYPT"}, +{ERR_FUNC(GOST_F_PKCS7_GOST94_KEY_TRANSPORT_DECRYPT), " ;PKCS7_GOST94_KEY_TRANSPORT_DECRYPT"}, +{ERR_FUNC(GOST_F_PKEY_GOST01CC_DECRYPT), "pkey_GOST01c c_decrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST01CC_ENCRYPT), "pkey_GOST01c c_encrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "pkey_GOST01c p_encrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST01_KEYGEN), "PKEY_GOST01_KEY GEN"}, +{ERR_FUNC(GOST_F_PKEY_GOST94CC_DECRYPT), "pkey_GOST94c c_decrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST94CC_ENCRYPT), "pkey_GOST94c c_encrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "pkey_GOST94c p_decrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "pkey_GOST94c p_encrypt"}, +{ERR_FUNC(GOST_F_PKEY_GOST94_KEYGEN), "PKEY_GOST94_KEY GEN"}, +{ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL" ;}, +{ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTR L01_STR"}, +{ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTR L94_STR"}, +{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_C TRL"}, +{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_M AC_CTRL_STR"}, +{ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC _KEYGEN"}, +{ERR_FUNC(GOST_F_PRIV_DECODE_GOST_94), "PRIV_DECODE_GO ST_94"}, +{ERR_FUNC(GOST_F_PRIV_DECODE_MAC), "PRIV_DECODE_MAC&qu ot;}, +{ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST0 1"}, +{ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST9 4"}, +{ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST0 1"}, +{ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGN ATURE"}, +{ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGN ATURE"}, +{0,NULL} }; static ERR_STRING_DATA GOST_str_reasons[]= { - {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"}, - {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"}, - {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"}, - {ERR_REASON(GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT)," ctx not initialized for encrypt"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_MAC) ,"error computing mac"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"}, - {ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO)," ;error packing key transport info"}, - {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO)," ;error parsing key transport info"}, - {ERR_REASON(GOST_R_ERROR_STORING_ENCRYPTED_KEY),"erro r storing encrypted key"}, - {ERR_REASON(GOST_R_ERROR_STORING_IV) ,"error storing iv"}, - {ERR_REASON(GOST_R_ERROR_STORING_MAC) ,"error storing mac"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompat ible algorithms"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS),"invalid cipher params"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID),"invalid cipher param oid"}, - {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, - {ERR_REASON(GOST_R_INVALID_ENCRYPTED_KEY_SIZE),"inval id encrypted key size"}, - {ERR_REASON(GOST_R_INVALID_GOST94_PARMSET),"invalid gost94 parmset"}, - {ERR_REASON(GOST_R_INVALID_IV_LENGTH) ,"invalid iv length"}, - {ERR_REASON(GOST_R_INVALID_PARAMSET) ,"invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED),"key is not initalized"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"}, - {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"}, - {ERR_REASON(GOST_R_MALLOC_FAILURE) ,"malloc failure"}, - {ERR_REASON(GOST_R_NOT_ENOUGH_SPACE_FOR_KEY),"not enough space for key"}, - {ERR_REASON(GOST_R_NO_MEMORY) ,"no memory"}, - {ERR_REASON(GOST_R_NO_PARAMETERS_SET) ,"no parameters set"}, - {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR),"random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"r andom number generator failed"}, - {ERR_REASON(GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH),"s ession key mac does not match"}, - {ERR_REASON(GOST_R_SIGNATURE_MISMATCH) ,"signature mismatch"}, - {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"s ignature parts greater than q"}, - {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),"u nsupported cipher ctl command"}, - {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),"unsupp orted parameter set"}, - {0,NULL} +{ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"}, +{ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"}, +{ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"}, +{ERR_REASON(GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT),"c tx not initialized for encrypt"}, +{ERR_REASON(GOST_R_DECODE_ERROR) ,"decode error"}, +{ERR_REASON(GOST_R_ERROR_COMPUTING_MAC) ,"error computing mac"}, +{ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"}, +{ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO)," error packing key transport info"}, +{ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO)," error parsing key transport info"}, +{ERR_REASON(GOST_R_ERROR_STORING_ENCRYPTED_KEY),"error storing encrypted key"}, +{ERR_REASON(GOST_R_ERROR_STORING_IV) ,"error storing iv"}, +{ERR_REASON(GOST_R_ERROR_STORING_MAC) ,"error storing mac"}, +{ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompati ble algorithms"}, +{ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS),"invalid cipher params"}, +{ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID),"invalid cipher param oid"}, +{ERR_REASON(GOST_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, +{ERR_REASON(GOST_R_INVALID_ENCRYPTED_KEY_SIZE),"invali d encrypted key size"}, +{ERR_REASON(GOST_R_INVALID_GOST94_PARMSET),"invalid gost94 parmset"}, +{ERR_REASON(GOST_R_INVALID_IV_LENGTH) ,"invalid iv length"}, +{ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH),"invalid mac key length"}, +{ERR_REASON(GOST_R_INVALID_PARAMSET) ,"invalid paramset"}, +{ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED),"key is not initalized"}, +{ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"}, +{ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"}, +{ERR_REASON(GOST_R_MAC_KEY_NOT_SET) ,"mac key not set"}, +{ERR_REASON(GOST_R_MALLOC_FAILURE) ,"malloc failure"}, +{ERR_REASON(GOST_R_NOT_ENOUGH_SPACE_FOR_KEY),"not enough space for key"}, +{ERR_REASON(GOST_R_NO_MEMORY) ,"no memory"}, +{ERR_REASON(GOST_R_NO_PARAMETERS_SET) ,"no parameters set"}, +{ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"}, +{ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR),"random generator error"}, +{ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"}, +{ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"ra ndom number generator failed"}, +{ERR_REASON(GOST_R_SESSION_KEY_MAC_DOES_NOT_MATCH),"se ssion key mac does not match"}, +{ERR_REASON(GOST_R_SIGNATURE_MISMATCH) ,"signature mismatch"}, +{ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"si gnature parts greater than q"}, +{ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),"un supported cipher ctl command"}, +{ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),"unsuppo rted parameter set"}, +{0,NULL} }; #endif #ifdef GOST_LIB_NAME static ERR_STRING_DATA GOST_lib_name[]= - { - {0 ,GOST_LIB_NAME}, - {0,NULL} + { +{0 ,GOST_LIB_NAME}, +{0,NULL} }; #endif . patch -p0 <<' .' Index: openssl/engines/ccgost/e_gost_err.h ============================================================ ================ $ cvs diff -u -r1.1 -r1.2 e_gost_err.h --- openssl/engines/ccgost/e_gost_err.h 17 Sep 2006 13:00:17 -0000 1.1 +++ openssl/engines/ccgost/e_gost_err.h 17 May 2007 17:44:09 -0000 1.2 -100,7 +100,11 #define GOST_F_PKEY_GOST_CTRL 114 #define GOST_F_PKEY_GOST_CTRL01_STR 115 #define GOST_F_PKEY_GOST_CTRL94_STR 116 +#define GOST_F_PKEY_GOST_MAC_CTRL 138 +#define GOST_F_PKEY_GOST_MAC_CTRL_STR 139 +#define GOST_F_PKEY_GOST_MAC_KEYGEN 140 #define GOST_F_PRIV_DECODE_GOST_94 117 +#define GOST_F_PRIV_DECODE_MAC 141 #define GOST_F_PUB_DECODE_GOST01 136 #define GOST_F_PUB_DECODE_GOST94 134 #define GOST_F_PUB_ENCODE_GOST01 135 -112,6 +116,7 #define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 129 #define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 114 #define GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT 115 +#define GOST_R_DECODE_ERROR 134 #define GOST_R_ERROR_COMPUTING_MAC 116 #define GOST_R_ERROR_COMPUTING_SHARED_KEY 117 #define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 118 -126,10 +131,12 #define GOST_R_INVALID_ENCRYPTED_KEY_SIZE 123 #define GOST_R_INVALID_GOST94_PARMSET 127 #define GOST_R_INVALID_IV_LENGTH 102 +#define GOST_R_INVALID_MAC_KEY_LENGTH 135 #define GOST_R_INVALID_PARAMSET 103 #define GOST_R_KEY_IS_NOT_INITALIZED 104 #define GOST_R_KEY_IS_NOT_INITIALIZED 105 #define GOST_R_KEY_PARAMETERS_MISSING 131 +#define GOST_R_MAC_KEY_NOT_SET 136 #define GOST_R_MALLOC_FAILURE 124 #define GOST_R_NOT_ENOUGH_SPACE_FOR_KEY 125 #define GOST_R_NO_MEMORY 106 . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_ameth.c ============================================================ ================ $ cvs diff -u -r1.3 -r1.4 gost_ameth.c --- openssl/engines/ccgost/gost_ameth.c 4 Apr 2007 14:38:59 -0000 1.3 +++ openssl/engines/ccgost/gost_ameth.c 17 May 2007 17:44:09 -0000 1.4 -9,6 +9,7 ********************************************************** *******/ #include <openssl/engine.h> #include <openssl/evp.h> +#include <openssl/asn1.h> #include <string.h> #include "gost_params.h" #include "gost_lcl.h" -706,7 +707,80 { return 256; } +/------------------------ ASN1 METHOD for GOST MAC -------------------/ +static void mackey_free_gost(EVP_PKEY pk) + { + if (pk->pkey.ptr) { + OPENSSL_free(pk->pkey.ptr); + } + } +static int priv_decode_mac(EVP_PKEY pk, PKCS8_PRIV_KEY_INFO p8inf) + { + X509_ALGOR palg = NULL; + int priv_len = 0; + ASN1_OBJECT palg_obj = NULL; + ASN1_OCTET_STRING s=NULL; + const unsigned char pkey_buf = NULL, p = NULL; + unsigned char keybuf=NULL; + if (!PKCS8_pkey_get0(&palg_obj,&pkey_buf,&priv_len, &palg,p8inf)) + { + return 0; + } + p = pkey_buf; + if (V_ASN1_OCTET_STRING != p) + { + GOSTerr(GOST_F_PRIV_DECODE_MAC, + GOST_R_DECODE_ERROR); + return 0; + } + s = d2i_ASN1_OCTET_STRING(NULL,&p,priv_len); + if (!s \|\| s->length!=32) + { + GOSTerr(GOST_F_PRIV_DECODE_MAC, + GOST_R_DECODE_ERROR); + return 0; + } + keybuf = OPENSSL_malloc(32); + memcpy(keybuf,s->data,32); + EVP_PKEY_assign(pk,EVP_PKEY_base_id(pk),keybuf); + ASN1_STRING_free(s); + return 1; + } + +static int priv_encode_mac(PKCS8_PRIV_KEY_INFO p8, const EVP_PKEY pk) + { + ASN1_OBJECT algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); + ASN1_STRING key = ASN1_STRING_new(); + unsigned char priv_buf=NULL, data = EVP_PKEY_get0((EVP_PKEY )pk); + int priv_len; + + ASN1_STRING_set(key, data, 32); + priv_len = i2d_ASN1_OCTET_STRING(key,&priv_buf); + ASN1_STRING_free(key); + return PKCS8_pkey_set0(p8,algobj,0,V_ASN1_NULL,NULL,priv_buf,priv_l en); + } +static int priv_print_mac(BIO out,const EVP_PKEY pkey, int indent, + ASN1_PCTX pctx) + { + unsigned char data = EVP_PKEY_get0((EVP_PKEY )pkey); + int i; + if (!BIO_indent(out, indent,128)) return 0; + for (i=0; i<32;i++) { + BIO_printf(out,"%02x",data[i]); + } + return 1; + } +static int mac_ctrl_gost(EVP_PKEY pkey, int op, long arg1, void arg2) +{ + switch (op) + { + case ASN1_PKEY_CTRL_DEFAULT_MD_NID: + (int )arg2 = NID_id_Gost28147_89_MAC; + return 2; + } + return -2; +} / ------------------------------------------------------------ ----------/ int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD ameth, const char pemstr, const char* info) { -749,6 +823,12 EVP_PKEY_asn1_set_ctrl (ameth, pkey_ctrl_gost); break; + case NID_id_Gost28147_89_MAC: + EVP_PKEY_asn1_set_free(ameth, mackey_free_gost); + EVP_PKEY_asn1_set_private(ameth, priv_decode_mac, + priv_encode_mac, priv_print_mac); + EVP_PKEY_asn1_set_ctrl(ameth,mac_ctrl_gost); + break; } return 1; } . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_crypt.c ============================================================ ================ $ cvs diff -u -r1.6 -r1.7 gost_crypt.c --- openssl/engines/ccgost/gost_crypt.c 23 Mar 2007 17:04:03 -0000 1.6 +++ openssl/engines/ccgost/gost_crypt.c 17 May 2007 17:44:09 -0000 1.7 -551,7 +551,9 int gost_imit_init_cpa(EVP_MD_CTX ctx) { struct ossl_gost_imit_ctx c = ctx->md_data; - memset(c,0,sizeof(struct ossl_gost_imit_ctx)); + memset(c->buffer,0,16); + c->count = 0; + c->bytes_left=0; c->key_meshing=1; gost_init(&(c->cctx),&Gost28147_CryptoProParamSe tA); return 1; . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_eng.c ============================================================ ================ $ cvs diff -u -r1.6 -r1.7 gost_eng.c --- openssl/engines/ccgost/gost_eng.c 23 Mar 2007 17:04:03 -0000 1.6 +++ openssl/engines/ccgost/gost_eng.c 17 May 2007 17:44:09 -0000 1.7 -38,13 +38,15 static int gost_pkey_meth_nids[] = {NID_id_GostR3410_94_cc, NID_id_GostR3410_94, NID_id_GostR3410_2001_cc, - NID_id_GostR3410_2001, 0}; + NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0}; static EVP_PKEY_METHOD pmeth_GostR3410_94_cc = NULL, pmeth_GostR3410_94 = NULL, - pmeth_GostR3410_2001_cc = NULL, pmeth_GostR3410_2001 = NULL; + pmeth_GostR3410_2001_cc = NULL, pmeth_GostR3410_2001 = NULL, + pmeth_Gost28147_MAC = NULL; static EVP_PKEY_ASN1_METHOD ameth_GostR3410_94_cc = NULL, ameth_GostR3410_94 = NULL, - ameth_GostR3410_2001_cc = NULL, ameth_GostR3410_2001 = NULL; + ameth_GostR3410_2001_cc = NULL, ameth_GostR3410_2001 = NULL, + ameth_Gost28147_MAC = NULL; static int gost_engine_init(ENGINE e) -119,11 +121,15 if (!register_ameth_gost(NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94", "GOST R 34.10-94")) goto end; if (!register_ameth_gost(NID_id_GostR3410_2001_cc, &ameth_GostR3410_2001_cc, "GOST2001CC", "GOST R 34.10-2001, Cryptocom LTD implementation")) goto end; if (!register_ameth_gost(NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", "GOST R 34.10-2001")) goto end; + if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC, + "GOST-MAC", "GOST 28147-89 MAC")) goto end; if (!register_pmeth_gost(NID_id_GostR3410_94_cc, &pmeth_GostR3410_94_cc, 0)) goto end; if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0)) goto end; if (!register_pmeth_gost(NID_id_GostR3410_2001_cc, &pmeth_GostR3410_2001_cc, 0)) goto end; if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) goto end; + if (!register_pmeth_gost(NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0)) + goto end; if ( ! ENGINE_register_ciphers(e) \|\| ! ENGINE_register_digests(e) \|\| ! ENGINE_register_pkey_meths(e) -201,7 +207,7 if (!pmeth) { nids = gost_pkey_meth_nids; - return 4; + return 5; } switch (nid) -210,6 +216,7 case NID_id_GostR3410_94: pmeth = pmeth_GostR3410_94; return 1; case NID_id_GostR3410_2001_cc: pmeth = pmeth_GostR3410_2001_cc; return 1; case NID_id_GostR3410_2001: pmeth = pmeth_GostR3410_2001; return 1; + case NID_id_Gost28147_89_MAC: pmeth = pmeth_Gost28147_MAC; return 1; default:; } -223,7 +230,7 if (!ameth) { nids = gost_pkey_meth_nids; - return 4; + return 5; } switch (nid) { -231,6 +238,8 case NID_id_GostR3410_94: ameth = ameth_GostR3410_94; return 1; case NID_id_GostR3410_2001_cc: ameth = ameth_GostR3410_2001_cc; return 1; case NID_id_GostR3410_2001: ameth = ameth_GostR3410_2001; return 1; + case NID_id_Gost28147_89_MAC: ameth = ameth_Gost28147_MAC; return 1; + default:; } . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_lcl.h ============================================================ ================ $ cvs diff -u -r1.4 -r1.5 gost_lcl.h --- openssl/engines/ccgost/gost_lcl.h 23 Mar 2007 17:04:03 -0000 1.4 +++ openssl/engines/ccgost/gost_lcl.h 17 May 2007 17:44:09 -0000 1.5 -35,14 +35,25 int register_pmeth_gost (int id, EVP_PKEY_METHOD pmeth, int flags); / Gost-specific pmeth control-function parameters / +/ For GOST R34.10 parameters / #define param_ctrl_string "paramset" #define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) +/ For GOST 28147 MAC / +#define key_ctrl_string "key" +#define hexkey_ctrl_string "hexkey" +#define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) / Pmeth internal representation / struct gost_pmeth_data { int sign_param_nid; / Should be set whenever parameters are filled / EVP_PKEY eph_seckey; EVP_MD md; }; + + struct gost_mac_pmeth_data { + int key_set; + EVP_MD md; + unsigned char key[32]; + } ; /* GOST-specific ASN1 structures / -146,6 +157,8 extern EVP_MD imit_gost_vizir; extern EVP_MD imit_gost_cpa; #endif +#define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) +#define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) / EVP_PKEY_METHOD key encryption callbacks / / From gost94_keyx.c / int pkey_GOST94cp_encrypt(EVP_PKEY_CTX ctx, unsigned char out, size_t outlen, const unsigned char* key, size_t key_len ); . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_md.c ============================================================ ================ $ cvs diff -u -r1.1 -r1.2 gost_md.c --- openssl/engines/ccgost/gost_md.c 21 Sep 2006 13:04:41 -0000 1.1 +++ openssl/engines/ccgost/gost_md.c 17 May 2007 17:44:09 -0000 1.2 -59,12 +59,15 int gost_digest_copy(EVP_MD_CTX to,const EVP_MD_CTX from) { + if (to->md_data && from->md_data) memcpy(to->md_data,from->md_data,sizeof(struct ossl_gost_digest_ctx)); + return 1; } int gost_digest_cleanup(EVP_MD_CTX ctx) { + if (ctx->md_data) memset(ctx->md_data,0,sizeof(struct ossl_gost_digest_ctx)); return 1; } . patch -p0 <<' .' Index: openssl/engines/ccgost/gost_pmeth.c ============================================================ ================ $ cvs diff -u -r1.3 -r1.4 gost_pmeth.c --- openssl/engines/ccgost/gost_pmeth.c 22 Dec 2006 09:21:29 -0000 1.3 +++ openssl/engines/ccgost/gost_pmeth.c 17 May 2007 17:44:09 -0000 1.4 -10,6 +10,7 #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/ec.h> +#include <openssl/x509v3.h> /For string_to_hex / #include <stdlib.h> #include <string.h> #include <ctype.h> -507,7 +508,176 data->eph_seckey=eph_key; return 1; } +/ -------- PKEY_METHOD for GOST MAC algorithm --------------------/ +static int pkey_gost_mac_init(EVP_PKEY_CTX ctx) + { + struct gost_mac_pmeth_data data; + data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data)); + if (!data) return 0; + memset(data,0,sizeof(struct gost_mac_pmeth_data)); + EVP_PKEY_CTX_set_data(ctx,data); + return 1; + } +static void pkey_gost_mac_cleanup (EVP_PKEY_CTX ctx) + { + struct gost_mac_pmeth_data data = EVP_PKEY_CTX_get_data(ctx); + OPENSSL_free(data); + } +static int pkey_gost_mac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src) + { + struct gost_mac_pmeth_data dst_data,src_data; + if (!pkey_gost_mac_init(dst)) + { + return 0; + } + src_data = EVP_PKEY_CTX_get_data(src); + dst_data = EVP_PKEY_CTX_get_data(dst); + dst_data = src_data; + return 1; + } + +static int pkey_gost_mac_ctrl (EVP_PKEY_CTX ctx, int type, int p1, void p2) + { + struct gost_mac_pmeth_data data = +(struct gost_mac_pmeth_data)EVP_PKEY_CTX_get_data(ctx); + switch (type) + { + case EVP_PKEY_CTRL_MD: + { + if (EVP_MD_type((const EVP_MD )p2) != NID_id_Gost28147_89_MAC) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_DIGEST_TYPE); + return 0; + } + data->md = (EVP_MD )p2; + return 1; + } + break; + + case EVP_PKEY_CTRL_PKCS7_ENCRYPT: + case EVP_PKEY_CTRL_PKCS7_DECRYPT: + case EVP_PKEY_CTRL_PKCS7_SIGN: + return 1; + case EVP_PKEY_CTRL_SET_MAC_KEY: + if (p1 != 32) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, + GOST_R_INVALID_MAC_KEY_LENGTH); + return 0; + } + + memcpy(data->key,p2,32); + data->key_set = 1; + return 1; + case EVP_PKEY_CTRL_DIGESTINIT: + { + EVP_MD_CTX mctx = p2; + void key; + if (!data->key_set) + { + EVP_PKEY pkey = EVP_PKEY_CTX_get0_pkey(ctx); + if (!pkey) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_S ET); + return 0; + } + key = EVP_PKEY_get0(pkey); + if (!key) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_S ET); + return 0; + } + } else { + key = &(data->key); + } + return mctx->digest->md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key) ; + } + } + return -2; + } +static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX ctx, + const char type, const char value) + { + if (!strcmp(type, key_ctrl_string)) + { + if (strlen(value)!=32) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, + GOST_R_INVALID_MAC_KEY_LENGTH); + return 0; + } + return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, + 32,(char )value); + } + if (!strcmp(type, hexkey_ctrl_string)) + { + long keylen; int ret; + unsigned char keybuf=string_to_hex(value,&keylen); + if (keylen != 32) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, + GOST_R_INVALID_MAC_KEY_LENGTH); + return 0; + } + ret= pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, + 32,keybuf); + OPENSSL_free(keybuf); + return ret; + + } + return -2; + } + +static int pkey_gost_mac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey) + { + struct gost_mac_pmeth_data data = EVP_PKEY_CTX_get_data(ctx); + unsigned char keydata; + if (!data->key_set) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN,GOST_R_MAC_KEY_NOT_S ET); + return 0; + } + keydata = OPENSSL_malloc(32); + memcpy(keydata,data->key,32); + EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata); + return 1; + } + +static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX ctx, EVP_MD_CTX mctx) + { + void key; + struct gost_mac_pmeth_data data = EVP_PKEY_CTX_get_data(ctx); + if (!mctx->digest) return 1; + if (!data->key_set) + { + EVP_PKEY pkey = EVP_PKEY_CTX_get0_pkey(ctx); + if (!pkey) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET ); + return 0; + } + key = EVP_PKEY_get0(pkey); + if (!key) + { + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET ); + return 0; + } + } else { + key = &(data->key); + } + return mctx->digest->md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key) ; +} + +static int pkey_gost_mac_signctx(EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen, EVP_MD_CTX mctx) + { + if (!sig) + { + siglen = 4; + return 1; + } + return EVP_DigestFinal_ex(mctx,sig,siglen); + } / ------------------------------------------------------------ ----/ int register_pmeth_gost(int id, EVP_PKEY_METHOD pmeth,int flags) { -559,6 +729,14 pkey_gost_encrypt_init, pkey_GOST01cp_encrypt); EVP_PKEY_meth_set_decrypt(pmeth, NULL, pkey_GOST01cp_decrypt); break; + case NID_id_Gost28147_89_MAC: + EVP_PKEY_meth_set_ctrl(pmeth,pkey_gost_mac_ctrl, pkey_gost_mac_ctrl_str); + EVP_PKEY_meth_set_signctx(pmeth,pkey_gost_mac_signctx_i nit, pkey_gost_mac_signctx); + EVP_PKEY_meth_set_keygen(pmeth,NULL, pkey_gost_mac_keygen); + EVP_PKEY_meth_set_init(pmeth,pkey_gost_mac_init); + EVP_PKEY_meth_set_cleanup(pmeth,pkey_gost_mac_cleanup); + EVP_PKEY_meth_set_copy(pmeth,pkey_gost_mac_copy); + return 1; default: /Unsupported method/ return 0; } . ____________________________________________________________ __________ OpenSSL Project http://www.openssl.org CVS Repository Commit List openssl-cvsopenssl.org Automated List Manager majordomoopenssl.org

[1]

about | contact Other archives ( Real Estate discussion Medical topics )