OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________
________________
Server: cvs.openssl.org Name: Dr.
Stephen Henson
Root: /v/openssl/cvs Email: steve openssl.org
Module: openssl Date:
18-May-2007 17:55:56
Branch: HEAD Handle:
2007051816555401
Modified files:
openssl/engines/ccgost Makefile e_gost_err.c
e_gost_err.h gost2001_keyx.c
gost94_keyx.c gost_ameth.c
gost_crypt.c gost_eng.c
gost_lcl.h gost_pmeth.c
Log:
Updated GOST MAC support.
Submitted by: vituscryptocom.ru
Summary:
Revision Changes Path
1.5 +10 -8 openssl/engines/ccgost/Makefile
1.4 +2 -1
openssl/engines/ccgost/e_gost_err.c
1.3 +8 -7
openssl/engines/ccgost/e_gost_err.h
1.4 +7 -3
openssl/engines/ccgost/gost2001_keyx.c
1.3 +7 -3
openssl/engines/ccgost/gost94_keyx.c
1.5 +1 -60
openssl/engines/ccgost/gost_ameth.c
1.8 +25 -12
openssl/engines/ccgost/gost_crypt.c
1.8 +8 -3
openssl/engines/ccgost/gost_eng.c
1.6 +2 -3
openssl/engines/ccgost/gost_lcl.h
1.5 +3 -23
openssl/engines/ccgost/gost_pmeth.c
____________________________________________________________
________________
patch -p0 <<' .'
Index: openssl/engines/ccgost/Makefile
============================================================
================
$ cvs diff -u -r1.4 -r1.5 Makefile
--- openssl/engines/ccgost/Makefile 30 Nov 2006 13:41:46
-0000 1.4
+++ openssl/engines/ccgost/Makefile 18 May 2007 15:55:54
-0000 1.5
-238,19 +238,21
gost_params.o: ../../include/openssl/symhacks.h
gost_params.c gost_params.h
gost_pmeth.o: ../../include/openssl/asn1.h
../../include/openssl/asn1t.h
gost_pmeth.o: ../../include/openssl/bio.h
../../include/openssl/bn.h
-gost_pmeth.o: ../../include/openssl/buffer.h
../../include/openssl/crypto.h
-gost_pmeth.o: ../../include/openssl/dsa.h
../../include/openssl/e_os2.h
-gost_pmeth.o: ../../include/openssl/ec.h
../../include/openssl/ecdh.h
-gost_pmeth.o: ../../include/openssl/ecdsa.h
../../include/openssl/engine.h
-gost_pmeth.o: ../../include/openssl/evp.h
../../include/openssl/lhash.h
-gost_pmeth.o: ../../include/openssl/obj_mac.h
../../include/openssl/objects.h
+gost_pmeth.o: ../../include/openssl/buffer.h
../../include/openssl/conf.h
+gost_pmeth.o: ../../include/openssl/crypto.h
../../include/openssl/dsa.h
+gost_pmeth.o: ../../include/openssl/e_os2.h
../../include/openssl/ec.h
+gost_pmeth.o: ../../include/openssl/ecdh.h
../../include/openssl/ecdsa.h
+gost_pmeth.o: ../../include/openssl/engine.h
../../include/openssl/evp.h
+gost_pmeth.o: ../../include/openssl/lhash.h
../../include/openssl/obj_mac.h
+gost_pmeth.o: ../../include/openssl/objects.h
gost_pmeth.o: ../../include/openssl/opensslconf.h
gost_pmeth.o: ../../include/openssl/opensslv.h
../../include/openssl/ossl_typ.h
gost_pmeth.o: ../../include/openssl/pkcs7.h
../../include/openssl/safestack.h
gost_pmeth.o: ../../include/openssl/sha.h
../../include/openssl/stack.h
gost_pmeth.o: ../../include/openssl/symhacks.h
../../include/openssl/x509.h
-gost_pmeth.o: ../../include/openssl/x509_vfy.h
e_gost_err.h gost89.h gost_lcl.h
-gost_pmeth.o: gost_params.h gost_pmeth.c gosthash.h
+gost_pmeth.o: ../../include/openssl/x509_vfy.h
../../include/openssl/x509v3.h
+gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h
gost_params.h gost_pmeth.c
+gost_pmeth.o: gosthash.h
gost_sign.o: ../../include/openssl/asn1.h
../../include/openssl/asn1t.h
gost_sign.o: ../../include/openssl/bio.h
../../include/openssl/bn.h
gost_sign.o: ../../include/openssl/buffer.h
../../include/openssl/crypto.h
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/e_gost_err.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 e_gost_err.c
--- openssl/engines/ccgost/e_gost_err.c 17 May 2007
17:44:09 -0000 1.3
+++ openssl/engines/ccgost/e_gost_err.c 18 May 2007
15:55:54 -0000 1.4
-86,6 +86,8
{ERR_FUNC(GOST_F_GOST_COMPUTE_PUBLIC), "GOST_COMPUTE_PU
BLIC"},
{ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
{ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"
},
+{ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"
;},
+{ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE&
quot;},
{ERR_FUNC(GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001), "MAKE
_RFC4490_KEYTRANSPORT_2001"},
{ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01
"},
{ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94
"},
-122,7 +124,6
{ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad
pkey parameters format"},
{ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot
pack ephemeral key"},
{ERR_REASON(GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT),"ct
x not initialized for encrypt"},
-{ERR_REASON(GOST_R_DECODE_ERROR) ,"decode
error"},
{ERR_REASON(GOST_R_ERROR_COMPUTING_MAC) ,"error
computing mac"},
{ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error
computing shared key"},
{ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),"e
rror packing key transport info"},
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/e_gost_err.h
============================================================
================
$ cvs diff -u -r1.2 -r1.3 e_gost_err.h
--- openssl/engines/ccgost/e_gost_err.h 17 May 2007
17:44:09 -0000 1.2
+++ openssl/engines/ccgost/e_gost_err.h 18 May 2007
15:55:54 -0000 1.3
-83,6 +83,8
#define GOST_F_GOST_COMPUTE_PUBLIC 109
#define GOST_F_GOST_DO_SIGN 110
#define GOST_F_GOST_DO_VERIFY 111
+#define GOST_F_GOST_IMIT_CTRL 138
+#define GOST_F_GOST_IMIT_UPDATE 139
#define GOST_F_MAKE_RFC4490_KEYTRANSPORT_2001 127
#define GOST_F_PARAM_COPY_GOST01 132
#define GOST_F_PARAM_COPY_GOST94 133
-100,11 +102,11
#define GOST_F_PKEY_GOST_CTRL 114
#define GOST_F_PKEY_GOST_CTRL01_STR 115
#define GOST_F_PKEY_GOST_CTRL94_STR 116
-#define GOST_F_PKEY_GOST_MAC_CTRL 138
-#define GOST_F_PKEY_GOST_MAC_CTRL_STR 139
-#define GOST_F_PKEY_GOST_MAC_KEYGEN 140
+#define GOST_F_PKEY_GOST_MAC_CTRL 140
+#define GOST_F_PKEY_GOST_MAC_CTRL_STR 141
+#define GOST_F_PKEY_GOST_MAC_KEYGEN 142
#define GOST_F_PRIV_DECODE_GOST_94 117
-#define GOST_F_PRIV_DECODE_MAC 141
+#define GOST_F_PRIV_DECODE_MAC 143
#define GOST_F_PUB_DECODE_GOST01 136
#define GOST_F_PUB_DECODE_GOST94 134
#define GOST_F_PUB_ENCODE_GOST01 135
-116,7 +118,6
#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 129
#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 114
#define GOST_R_CTX_NOT_INITIALIZED_FOR_ENCRYPT 115
-#define GOST_R_DECODE_ERROR 134
#define GOST_R_ERROR_COMPUTING_MAC 116
#define GOST_R_ERROR_COMPUTING_SHARED_KEY 117
#define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 118
-131,12 +132,12
#define GOST_R_INVALID_ENCRYPTED_KEY_SIZE 123
#define GOST_R_INVALID_GOST94_PARMSET 127
#define GOST_R_INVALID_IV_LENGTH 102
-#define GOST_R_INVALID_MAC_KEY_LENGTH 135
+#define GOST_R_INVALID_MAC_KEY_LENGTH 134
#define GOST_R_INVALID_PARAMSET 103
#define GOST_R_KEY_IS_NOT_INITALIZED 104
#define GOST_R_KEY_IS_NOT_INITIALIZED 105
#define GOST_R_KEY_PARAMETERS_MISSING 131
-#define GOST_R_MAC_KEY_NOT_SET 136
+#define GOST_R_MAC_KEY_NOT_SET 135
#define GOST_R_MALLOC_FAILURE 124
#define GOST_R_NOT_ENOUGH_SPACE_FOR_KEY 125
#define GOST_R_NO_MEMORY 106
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost2001_keyx.c
============================================================
================
$ cvs diff -u -r1.3 -r1.4 gost2001_keyx.c
--- openssl/engines/ccgost/gost2001_keyx.c 8 Nov 2006
09:45:12 -0000 1.3
+++ openssl/engines/ccgost/gost2001_keyx.c 18 May 2007
15:55:54 -0000 1.4
-69,6 +69,7
struct gost_pmeth_data *data =
EVP_PKEY_CTX_get_data(pctx);
GOST_KEY_TRANSPORT *gkt = NULL;
int ret=0;
+ const struct gost_cipher_info *cipher_info;
gost_ctx ctx;
EC_KEY *ephemeral=NULL;
const EC_POINT *pub_key_point=NULL;
-84,7 +85,8
goto err;
}
/* encrypt session key */
- gost_init(&ctx,
&GostR3411_94_CryptoProParamSet);
+ cipher_info = get_encryption_params(NULL);
+ gost_init(&ctx, cipher_info->sblock);
gost_key(&ctx,shared_key);
encrypt_cryptocom_key(key,key_len,encrypted_key,&ctx);
/* compute hmac of session key */
-122,7 +124,7
goto err;
}
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
- gkt->key_agreement_info->cipher =
OBJ_nid2obj(NID_id_Gost28147_89_cc);
+ gkt->key_agreement_info->cipher =
OBJ_nid2obj(cipher_info->nid);
if ((*out_len =
i2d_GOST_KEY_TRANSPORT(gkt,&out))>0) ret = 1;
;
err:
-143,6 +145,7
unsigned char hmac[4],hmac_comp[4];
unsigned char iv[8];
int i;
+ const struct gost_cipher_info *cipher_info;
gost_ctx ctx;
const EC_POINT *pub_key_point;
EVP_PKEY *eph_key;
-178,7 +181,8
return 0;
}
/* Decrypt session key */
- gost_init(&ctx,
&GostR3411_94_CryptoProParamSet);
+ cipher_info =
get_encryption_params(gkt->key_agreement_info->cipher)
;
+ gost_init(&ctx, cipher_info->sblock);
gost_key(&ctx,shared_key);
if
(!decrypt_cryptocom_key(key,*key_len,gkt->key_info->en
crypted_key->data,
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost94_keyx.c
============================================================
================
$ cvs diff -u -r1.2 -r1.3 gost94_keyx.c
--- openssl/engines/ccgost/gost94_keyx.c 21 Sep 2006
13:04:40 -0000 1.2
+++ openssl/engines/ccgost/gost94_keyx.c 18 May 2007
15:55:54 -0000 1.3
-234,6 +234,7
/* create DH structure filling parameters from passed
pub_key */
DH *dh = NULL;
GOST_KEY_TRANSPORT *gkt = NULL;
+ const struct gost_cipher_info *cipher_info;
gost_ctx cctx;
EVP_PKEY *newkey=NULL;
unsigned char shared_key[32],encrypted_key[32],hmac[4],
-254,7 +255,8
goto err;
}
/* encrypt session key */
- gost_init(&cctx,
&GostR3411_94_CryptoProParamSet);
+ cipher_info = get_encryption_params(NULL);
+ gost_init(&cctx, cipher_info->sblock);
gost_key(&cctx,shared_key);
encrypt_cryptocom_key(key,key_len,encrypted_key,&cctx);
/* compute hmac of session key */
-293,7 +295,7
goto err;
}
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
- gkt->key_agreement_info->cipher =
OBJ_nid2obj(NID_id_Gost28147_89_cc);
+ gkt->key_agreement_info->cipher =
OBJ_nid2obj(cipher_info->nid);
*outlen = i2d_GOST_KEY_TRANSPORT(gkt,&out);
err:
if (gkt) GOST_KEY_TRANSPORT_free(gkt);
-374,6 +376,7
unsigned char hmac[4],hmac_comp[4];
unsigned char iv[8];
int i;
+ const struct gost_cipher_info *cipher_info;
gost_ctx ctx;
DH *dh = DH_new();
EVP_PKEY *eph_key;
-415,7 +418,8
return 0;
}
/* Decrypt session key */
- gost_init(&ctx,
&GostR3411_94_CryptoProParamSet);
+ cipher_info =
get_encryption_params(gkt->key_agreement_info->cipher)
;
+ gost_init(&ctx, cipher_info->sblock);
gost_key(&ctx,shared_key);
if
(!decrypt_cryptocom_key(key,*key_len,gkt->key_info->en
crypted_key->data,
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost_ameth.c
============================================================
================
$ cvs diff -u -r1.4 -r1.5 gost_ameth.c
--- openssl/engines/ccgost/gost_ameth.c 17 May 2007
17:44:09 -0000 1.4
+++ openssl/engines/ccgost/gost_ameth.c 18 May 2007
15:55:54 -0000 1.5
-714,69 +714,12
OPENSSL_free(pk->pkey.ptr);
}
}
-static int priv_decode_mac(EVP_PKEY *pk,
PKCS8_PRIV_KEY_INFO *p8inf)
- {
- X509_ALGOR *palg = NULL;
- int priv_len = 0;
- ASN1_OBJECT *palg_obj = NULL;
- ASN1_OCTET_STRING *s=NULL;
- const unsigned char *pkey_buf = NULL, *p = NULL;
- unsigned char *keybuf=NULL;
- if
(!PKCS8_pkey_get0(&palg_obj,&pkey_buf,&priv_len,
&palg,p8inf))
- {
- return 0;
- }
- p = pkey_buf;
- if (V_ASN1_OCTET_STRING != *p)
- {
- GOSTerr(GOST_F_PRIV_DECODE_MAC,
- GOST_R_DECODE_ERROR);
- return 0;
- }
- s = d2i_ASN1_OCTET_STRING(NULL,&p,priv_len);
- if (!s || s->length!=32)
- {
- GOSTerr(GOST_F_PRIV_DECODE_MAC,
- GOST_R_DECODE_ERROR);
- return 0;
- }
- keybuf = OPENSSL_malloc(32);
- memcpy(keybuf,s->data,32);
- EVP_PKEY_assign(pk,EVP_PKEY_base_id(pk),keybuf);
- ASN1_STRING_free(s);
- return 1;
- }
-
-static int priv_encode_mac(PKCS8_PRIV_KEY_INFO *p8, const
EVP_PKEY *pk)
- {
- ASN1_OBJECT *algobj =
OBJ_nid2obj(EVP_PKEY_base_id(pk));
- ASN1_STRING *key = ASN1_STRING_new();
- unsigned char *priv_buf=NULL, *data =
EVP_PKEY_get0((EVP_PKEY *)pk);
- int priv_len;
-
- ASN1_STRING_set(key, data, 32);
- priv_len = i2d_ASN1_OCTET_STRING(key,&priv_buf);
- ASN1_STRING_free(key);
- return
PKCS8_pkey_set0(p8,algobj,0,V_ASN1_NULL,NULL,priv_buf,priv_l
en);
- }
-
-static int priv_print_mac(BIO *out,const EVP_PKEY *pkey,
int indent,
- ASN1_PCTX *pctx)
- {
- unsigned char *data = EVP_PKEY_get0((EVP_PKEY *)pkey);
- int i;
- if (!BIO_indent(out, indent,128)) return 0;
- for (i=0; i<32;i++) {
- BIO_printf(out,"%02x",data[i]);
- }
- return 1;
- }
static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long
arg1, void *arg2)
{
switch (op)
{
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
- *(int *)arg2 = NID_id_Gost28147_89_MAC;
+ *(int *)arg2 = NID_undef;
return 2;
}
return -2;
-825,8 +768,6
break;
case NID_id_Gost28147_89_MAC:
EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
- EVP_PKEY_asn1_set_private(*ameth, priv_decode_mac,
- priv_encode_mac, priv_print_mac);
EVP_PKEY_asn1_set_ctrl(*ameth,mac_ctrl_gost);
break;
}
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost_crypt.c
============================================================
================
$ cvs diff -u -r1.7 -r1.8 gost_crypt.c
--- openssl/engines/ccgost/gost_crypt.c 17 May 2007
17:44:09 -0000 1.7
+++ openssl/engines/ccgost/gost_crypt.c 18 May 2007
15:55:54 -0000 1.8
-88,10 +88,12
gost_cipher_ctl,
NULL,
};
-
+#endif
/* Implementation of GOST 28147-89 in MAC (imitovstavka)
mode */
/* Init functions which set specific parameters */
+#ifdef USE_SSL
static int gost_imit_init_vizir(EVP_MD_CTX *ctx);
+#endif
static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
/* process block of data */
static int gost_imit_update(EVP_MD_CTX *ctx, const void
*data, size_t count);
-103,6 +105,8
/* Control function, knows how to set MAC key.*/
static int gost_imit_ctrl(EVP_MD_CTX *ctx,int type, int
arg, void *ptr);
+#ifdef USE_SSL
+
EVP_MD imit_gost_vizir =
{
NID_undef,
-121,27 +125,26
8,
sizeof(struct ossl_gost_imit_ctx)
};
-
+#endif
EVP_MD imit_gost_cpa =
{
- NID_undef,
+ NID_id_Gost28147_89_MAC,
NID_undef,
4,
- EVP_MD_FLAG_NEEDS_KEY,
+ 0,
gost_imit_init_cpa,
gost_imit_update,
gost_imit_final,
gost_imit_copy,
gost_imit_cleanup,
- gost_imit_ctrl,
NULL,
NULL,
{0,0,0,0,0},
8,
- sizeof(struct ossl_gost_imit_ctx)
+ sizeof(struct ossl_gost_imit_ctx),
+ gost_imit_ctrl
};
-#endif
/*
* Correspondence between gost parameter OIDs and
substitution blocks
* NID field is filed by register_gost_NID function in
engine.c
-233,7 +236,7
gost_init(&(c->cctx),&Gost28147_CryptoProParamSe
tA);
c->key_meshing=1;
c->count=0;
- gost_key(&(c->cctx),key);
+ if(key) gost_key(&(c->cctx),key);
if(iv) memcpy(ctx->oiv, iv,
EVP_CIPHER_CTX_iv_length(ctx));
memcpy(ctx->iv, ctx->oiv,
EVP_CIPHER_CTX_iv_length(ctx));
return 1;
-547,6 +550,7
gost_init(&(c->cctx),&GostR3411_94_CryptoProPara
mSet);
return 1;
}
+#endif
int gost_imit_init_cpa(EVP_MD_CTX *ctx)
{
-559,7 +563,7
return 1;
}
-static void mac_block_mesh(struct ossl_gost_imit_ctx
*c,unsigned char *data)
+static void mac_block_mesh(struct ossl_gost_imit_ctx
*c,const unsigned char *data)
{
char buffer[8];
/* We are using local buffer for iv because CryptoPro
doesn't
-579,7 +583,10
struct ossl_gost_imit_ctx *c = ctx->md_data;
const unsigned char *p = data;
size_t bytes = count,i;
- if (!(c->key_set)) return 0;
+ if (!(c->key_set)) {
+ GOSTerr(GOST_F_GOST_IMIT_UPDATE,
GOST_R_MAC_KEY_NOT_SET);
+ return 0;
+ }
if (c->bytes_left)
{
for
(i=c->bytes_left;i<8&&bytes>0;bytes--,i++,p
++)
-623,6 +630,7
mac_block_mesh(c,c->partial_block);
}
get_mac(c->buffer,32,md);
+ if (!c->key_set) return 0;
return 1;
}
-630,13 +638,19
{
switch (type)
{
- case EVP_MD_CTRL_GET_TLS_MAC_KEY_LENGTH:
+ case EVP_MD_CTRL_KEY_LEN:
*((unsigned int*)(ptr)) = 32;
return 1;
case EVP_MD_CTRL_SET_KEY:
{
+ if (arg!=32) {
+ GOSTerr(GOST_F_GOST_IMIT_CTRL,
GOST_R_INVALID_MAC_KEY_LENGTH);
+ return 0;
+ }
+
gost_key(&(((struct
ossl_gost_imit_ctx*)(ctx->md_data))->cctx),ptr) ;
((struct
ossl_gost_imit_ctx*)(ctx->md_data))->key_set = 1;
+ return 1;
}
default:
-657,4 +671,3
return 1;
}
-#endif
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost_eng.c
============================================================
================
$ cvs diff -u -r1.7 -r1.8 gost_eng.c
--- openssl/engines/ccgost/gost_eng.c 17 May 2007 17:44:09
-0000 1.7
+++ openssl/engines/ccgost/gost_eng.c 18 May 2007 15:55:54
-0000 1.8
-34,7 +34,7
{NID_id_Gost28147_89, NID_gost89_cnt,0};
static int gost_digest_nids[] =
- {NID_id_GostR3411_94, 0};
+ {NID_id_GostR3411_94,NID_id_Gost28147_89_MAC, 0};
static int gost_pkey_meth_nids[] =
{NID_id_GostR3410_94_cc, NID_id_GostR3410_94,
NID_id_GostR3410_2001_cc,
-137,6 +137,7
|| ! EVP_add_cipher(&cipher_gost)
|| ! EVP_add_cipher(&cipher_gost_cpacnt)
|| ! EVP_add_digest(&digest_gost)
+ || ! EVP_add_digest(&imit_gost_cpa)
)
{
goto end;
-160,14 +161,18
if (!digest)
{
*nids = gost_digest_nids;
- return 1;
+ return 2;
}
/*printf("Digest no %d requestedn",nid);*/
if(nid == NID_id_GostR3411_94)
{
*digest = &digest_gost;
}
- else
+ else if (nid == NID_id_Gost28147_89_MAC)
+ {
+ *digest = &imit_gost_cpa;
+ }
+ else
{
ok =0;
*digest = NULL;
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost_lcl.h
============================================================
================
$ cvs diff -u -r1.5 -r1.6 gost_lcl.h
--- openssl/engines/ccgost/gost_lcl.h 17 May 2007 17:44:09
-0000 1.5
+++ openssl/engines/ccgost/gost_lcl.h 18 May 2007 15:55:55
-0000 1.6
-114,7 +114,8
};
/* EVP_MD structure for GOST R 34.11 */
extern EVP_MD digest_gost;
-
+/* EVP_MD structure for GOST 28147 in MAC mode */
+extern EVP_MD imit_gost_cpa;
/* Cipher context used for EVP_CIPHER operation */
struct ossl_gost_cipher_ctx {
int paramNID;
-128,7 +129,6
gost_subst_block *sblock;
int key_meshing;
};
-#ifdef USE_SSL
/* Context for MAC */
struct ossl_gost_imit_ctx {
gost_ctx cctx;
-139,7 +139,6
int bytes_left;
int key_set;
};
-#endif
/* Table which maps parameter NID to S-blocks */
extern struct gost_cipher_info gost_cipher_list[];
/* Find encryption params from ASN1_OBJECT */
.
patch -p0 <<' .'
Index: openssl/engines/ccgost/gost_pmeth.c
============================================================
================
$ cvs diff -u -r1.4 -r1.5 gost_pmeth.c
--- openssl/engines/ccgost/gost_pmeth.c 17 May 2007
17:44:09 -0000 1.4
+++ openssl/engines/ccgost/gost_pmeth.c 18 May 2007
15:55:55 -0000 1.5
-545,7 +545,7
{
case EVP_PKEY_CTRL_MD:
{
- if (EVP_MD_type((const EVP_MD *)p2) !=
NID_id_Gost28147_89_MAC)
+ if (p2 != NULL)
{
GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
GOST_R_INVALID_DIGEST_TYPE);
return 0;
-591,7 +591,7
} else {
key = &(data->key);
}
- return
mctx->digest->md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key)
;
+ return
imit_gost_vizir.md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key);
}
}
return -2;
-646,27 +646,7
static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx)
{
- void *key;
- struct gost_mac_pmeth_data *data =
EVP_PKEY_CTX_get_data(ctx);
- if (!mctx->digest) return 1;
- if (!data->key_set)
- {
- EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
- if (!pkey)
- {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET
);
- return 0;
- }
- key = EVP_PKEY_get0(pkey);
- if (!key)
- {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,GOST_R_MAC_KEY_NOT_SET
);
- return 0;
- }
- } else {
- key = &(data->key);
- }
- return
mctx->digest->md_ctrl(mctx,EVP_MD_CTRL_SET_KEY,32,key)
;
+ return 1;
}
static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)
.
____________________________________________________________
__________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List
openssl-cvsopenssl.org
Automated List Manager
majordomoopenssl.org
|
