From a8eda4312db1f98cffda38670e2d40d36566785a Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 19 Jan 2016 12:06:33 +0000 Subject: Remove the GOST engine The GOST engine is now out of date and is removed by this commit. An up to date GOST engine is now being maintained in an external repository. See: https://wiki.openssl.org/index.php/Binaries Reviewed-by: Richard Levitte --- CHANGES | 7 + Configure | 1 - Makefile.in | 3 +- crypto/engine/eng_all.c | 3 - engines/Makefile.in | 18 +- engines/ccgost/Makefile.in | 75 -- engines/ccgost/README.gost | 300 -------- engines/ccgost/e_gost_err.c | 201 ----- engines/ccgost/e_gost_err.h | 157 ---- engines/ccgost/e_gost_err.proto | 61 -- engines/ccgost/gost.ec | 5 - engines/ccgost/gost2001.c | 460 ------------ engines/ccgost/gost2001_keyx.c | 290 -------- engines/ccgost/gost2001_keyx.h | 10 - engines/ccgost/gost89.c | 576 -------------- engines/ccgost/gost89.h | 98 --- engines/ccgost/gost_ameth.c | 696 ----------------- engines/ccgost/gost_asn1.c | 56 -- engines/ccgost/gost_crypt.c | 699 ----------------- engines/ccgost/gost_ctl.c | 91 --- engines/ccgost/gost_eng.c | 285 ------- engines/ccgost/gost_keywrap.c | 106 --- engines/ccgost/gost_keywrap.h | 56 -- engines/ccgost/gost_lcl.h | 228 ------ engines/ccgost/gost_md.c | 88 --- engines/ccgost/gost_params.c | 80 -- engines/ccgost/gost_pmeth.c | 510 ------------- engines/ccgost/gosthash.c | 268 ------- engines/ccgost/gosthash.h | 52 -- engines/ccgost/gostsum.c | 187 ----- include/openssl/engine.h | 3 - test/Makefile.in | 10 +- test/gost2814789test.c | 1447 ------------------------------------ test/recipes/90-test_gost2814789.t | 13 - util/libeay.num | 2 +- util/mk1mf.pl | 1 - 36 files changed, 14 insertions(+), 7129 deletions(-) delete mode 100644 engines/ccgost/Makefile.in delete mode 100644 engines/ccgost/README.gost delete mode 100644 engines/ccgost/e_gost_err.c delete mode 100644 engines/ccgost/e_gost_err.h delete mode 100644 engines/ccgost/e_gost_err.proto delete mode 100644 engines/ccgost/gost.ec delete mode 100644 engines/ccgost/gost2001.c delete mode 100644 engines/ccgost/gost2001_keyx.c delete mode 100644 engines/ccgost/gost2001_keyx.h delete mode 100644 engines/ccgost/gost89.c delete mode 100644 engines/ccgost/gost89.h delete mode 100644 engines/ccgost/gost_ameth.c delete mode 100644 engines/ccgost/gost_asn1.c delete mode 100644 engines/ccgost/gost_crypt.c delete mode 100644 engines/ccgost/gost_ctl.c delete mode 100644 engines/ccgost/gost_eng.c delete mode 100644 engines/ccgost/gost_keywrap.c delete mode 100644 engines/ccgost/gost_keywrap.h delete mode 100644 engines/ccgost/gost_lcl.h delete mode 100644 engines/ccgost/gost_md.c delete mode 100644 engines/ccgost/gost_params.c delete mode 100644 engines/ccgost/gost_pmeth.c delete mode 100644 engines/ccgost/gosthash.c delete mode 100644 engines/ccgost/gosthash.h delete mode 100644 engines/ccgost/gostsum.c delete mode 100644 test/gost2814789test.c delete mode 100644 test/recipes/90-test_gost2814789.t diff --git a/CHANGES b/CHANGES index bd2e52ce2c..fb310829aa 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,13 @@ Changes between 1.0.2e and 1.1.0 [xx XXX xxxx] + *) The GOST engine was out of date and therefore it has been removed. An up + to date GOST engine is now being maintained in an external repository. + See: https://wiki.openssl.org/index.php/Binaries. Libssl still retains + support for GOST ciphersuites (these are only activated if a GOST engine + is present). + [Matt Caswell] + *) EGD is no longer supported by default; use enable-egd when configuring. [Ben Kaduk and Rich Salz] diff --git a/Configure b/Configure index 330748b4e4..0efed391b0 100755 --- a/Configure +++ b/Configure @@ -1932,7 +1932,6 @@ while () $sdirs = 0 unless /\\$/; s/fips // if (/^DIRS=/ && !$fips); s/engines // if (/^DIRS=/ && $disabled{"engine"}); - s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"}); s/^VERSION=.*/VERSION=$version/; s/^MAJOR=.*/MAJOR=$major/; s/^MINOR=.*/MINOR=$minor/; diff --git a/Makefile.in b/Makefile.in index 8dd7f1aaff..69e2706e8e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -132,7 +132,6 @@ FIPSCANLIB= BASEADDR= DIRS= crypto ssl engines apps test tools -ENGDIRS= ccgost SHLIBDIRS= crypto ssl INSTALL_SUBS= engines apps tools @@ -212,7 +211,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\ AS='$(CC)' ASFLAG='$(CFLAG) -c' \ AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)' \ CROSS_COMPILE='$(CROSS_COMPILE)' \ - PERL='$(PERL)' ENGDIRS='$(ENGDIRS)' \ + PERL='$(PERL)' \ SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' \ INSTALL_PREFIX='$(INSTALL_PREFIX)' \ INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)' \ diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index 2c2353a3f0..74cde879ae 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -86,9 +86,6 @@ void ENGINE_load_builtin_engines(void) ENGINE_load_padlock(); # endif # endif -# ifndef OPENSSL_NO_GOST - ENGINE_load_gost(); -# endif # if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) ENGINE_load_capi(); # endif diff --git a/engines/Makefile.in b/engines/Makefile.in index b8665ff406..aed9ff512e 100644 --- a/engines/Makefile.in +++ b/engines/Makefile.in @@ -12,12 +12,6 @@ INCLUDES= -I../include CFLAG=-g MAKEFILE= Makefile AR= ar r -ENGDIRS= ccgost - -RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \ - (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ - $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \ - done; ENGINES_ASM_OBJ= @@ -60,7 +54,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) top: (cd ..; $(MAKE) DIRS=$(DIR) all) -all: lib subdirs +all: lib lib: $(LIBOBJ) $(TESTLIBOBJ) @if [ -n "$(SHARED_LIBS)" ]; then \ @@ -82,12 +76,8 @@ e_padlock-x86.s: asm/e_padlock-x86.pl e_padlock-x86_64.s: asm/e_padlock-x86_64.pl $(PERL) asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) > $@ -subdirs: - @target=all; $(RECURSIVE_MAKE) - files: $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @target=files; $(RECURSIVE_MAKE) # XXXXX This currently only works on systems that use .so as suffix # for shared libraries as well as for Cygwin which uses the @@ -118,27 +108,23 @@ install: mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ done; \ fi - @target=install; $(RECURSIVE_MAKE) errors: set -e; for l in $(LIBNAMES); do \ $(PERL) ../util/mkerr.pl -conf e_$$l.ec \ -nostatic -staticloader -write e_$$l.c; \ done - (cd ccgost; $(MAKE) PERL=$(PERL) errors) update: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) ) depend: local_depend @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) + local_depend: @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC) clean: rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @target=clean; $(RECURSIVE_MAKE) # DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/Makefile.in b/engines/ccgost/Makefile.in deleted file mode 100644 index 77d552f85f..0000000000 --- a/engines/ccgost/Makefile.in +++ /dev/null @@ -1,75 +0,0 @@ -DIR=ccgost -TOP=../.. -CC=cc -INCLUDES= -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r -CFLAGS= $(INCLUDES) $(CFLAG) -LIB=$(TOP)/libcrypto.a - -LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_pmeth.c gost_params.c - -LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_pmeth.o gost_params.o - -SRC=$(LIBSRC) - -LIBNAME=gost - -top: - (cd $(TOP); $(MAKE) DIRS=engines sub_all) - -all: lib - -errors: - $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC) - -lib: $(LIBOBJ) - if [ -n "$(SHARED_LIBS)" ]; then \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ - LIBNAME=$(LIBNAME) \ - LIBEXTRAS='$(LIBOBJ)' \ - LIBDEPS='-L$(TOP) -lcrypto' \ - link_o.$(SHLIB_TARGET); \ - else \ - $(AR) $(LIB) $(LIBOBJ); \ - fi - @touch lib - -install: - [ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - echo installing $(LIBNAME); \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ - cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \ - *DSO_DL*) sfx=".sl";; \ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - -update: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -depend: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi -local_depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll *.dylib - -# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost deleted file mode 100644 index abc5a9b7ca..0000000000 --- a/engines/ccgost/README.gost +++ /dev/null @@ -1,300 +0,0 @@ -GOST ENGINE - -This engine provides implementation of Russian cryptography standard. -This is also an example of adding new cryptoalgorithms into OpenSSL -without changing its core. If OpenSSL is compiled with dynamic engine -support, new algorithms can be added even without recompilation of -OpenSSL and applications which use it. - -ALGORITHMS SUPPORTED - -GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms. - Also support key exchange based on public keys. See RFC 4357 for - details of VKO key exchange algorithm. These algorithms use - 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for - 2001 (which is elliptic-curve based). Key exchange algorithms - (VKO R 34.10) are supported on these keys too. - -GOST R 34.11-94 Message digest algorithm. 256-bit hash value - -GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are - defined in the standard, but only CFB and CNT modes are implemented - in the engine. To make statistical analysis more difficult, key - meshing is supported (see RFC 4357). - -GOST 28147-89 MAC mode. Message authentication code. While most MAC - algorithms out there are based on hash functions using HMAC - algorithm, this algoritm is based on symmetric cipher. - It has 256-bit symmetric key and only 32 bits of MAC value - (while HMAC has same key size and value size). - - It is implemented as combination of EVP_PKEY type and EVP_MD type. - -USAGE OF THESE ALGORITHMS - -This engine is designed to allow usage of this algorithms in the -high-level openssl functions, such as PKI, S/MIME and TLS. - -See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI. -TLS support is implemented according IETF -draft-chudov-cryptopro-cptls-03.txt and is compatible with -CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. -GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported -because they use ciphersuite numbers used now by AES ciphersuites. - -To use the engine you have to load it via openssl configuration -file. Applications should read openssl configuration file or provide -their own means to load engines. Also, applications which operate with -private keys, should use generic EVP_PKEY API instead of using RSA or -other algorithm-specific API. - -CONFIGURATION FILE - -Configuration file should include following statement in the global -section, i.e. before first bracketed section header (see config(5) for details) - - openssl_conf = openssl_def - -where openssl_def is name of the section in configuration file which -describes global defaults. - -This section should contain following statement: - - [openssl_def] - engines = engine_section - -which points to the section which describes list of the engines to be -loaded. This section should contain: - - [engine_section] - gost = gost_section - -And section which describes configuration of the engine should contain - - [gost_section] - engine_id = gost - dynamic_path = /usr/lib/ssl/engines/libgost.so - default_algorithms = ALL - CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet - -Where engine_id parameter specifies name of engine (should be "gost"). -dynamic_path is a location of the loadable shared library implementing the -engine. If the engine is compiled statically or is located in the OpenSSL -engines directory, this line can be omitted. -default_algorithms parameter specifies that all algorithms, provided by -engine, should be used. - -The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose -between different parameter sets of symmetric cipher algorithm. RFC 4357 -specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL -doesn't provide user interface to choose one when encrypting. So use engine -configuration parameter instead. - -Value of this parameter can be either short name, defined in OpenSSL -obj_dat.h header file or numeric representation of OID, defined in RFC -4357. - -USAGE WITH COMMAND LINE openssl UTILITY - -1. Generation of private key - - openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem - - Use -algorithm option to specify algorithm. - Use -pkeyopt option to pass paramset to algorithm. The following paramsets - are supported by - gost94: 0,A,B,C,D,XA,XB,XC - gost2001: 0,A,B,C,XA,XB - You can also use numeric representation of OID as to destinate - paramset. - - Paramsets starting with X are intended to use for key exchange keys. - Paramsets without X are for digital signature keys. - - Paramset for both algorithms 0 is the test paramset which should be used - only for test purposes. - -There are no algorithm-specific things with generation of certificate -request once you have a private key. - -2. Generation of certificate request along with private/public keypar - - openssl req -newkey gost2001 -pkeyopt paramset:A - - Syntax of -pkeyopt parameter is identical with genpkey command. - - You can also use oldstyle syntax -newkey gost2001:paramfile, but in - this case you should create parameter file first. - - It can be created with - - openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\ - -out paramfile. - -3. S/MIME operations - -If you want to send encrypted mail using GOST algorithms, don't forget -to specify -gost89 as encryption algorithm for OpenSSL smime command. -While OpenSSL is clever enough to find out that GOST R 34.11-94 digest -must be used for digital signing with GOST private key, it have no way -to derive symmetric encryption algorithm from key exchange keys. - -4. TLS operations - -OpenSSL supports all four ciphersuites defined in the IETF draft. -Once you've loaded GOST key and certificate into your TLS server, -ciphersuites which use GOST 28147-89 encryption are enabled. - -Ciphersuites with NULL encryption should be enabled explicitely if -needed. - -GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 -GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 - -Gost 94 and gost 2001 keys can be used simultaneously in the TLS server. -RSA, DSA and EC keys can be used simultaneously with GOST keys, if -server implementation supports loading more than two private -key/certificate pairs. In this case ciphersuites which use any of loaded -keys would be supported and clients can negotiate ones they wish. - -This allows creation of TLS servers which use GOST ciphersuites for -Russian clients and RSA/DSA ciphersuites for foreign clients. - -5. Calculation of digests and symmetric encryption - OpenSSL provides specific commands (like sha1, aes etc) for calculation - of digests and symmetric encryption. Since such commands cannot be - added dynamically, no such commands are provided for GOST algorithms. - Use generic commands 'dgst' and 'enc'. - - Calculation of GOST R 34.11-94 message digest - - openssl dgst -md_gost94 datafile - - Note that GOST R 34.11-94 specifies that digest value should be - interpreted as little-endian number, but OpenSSL outputs just hex dump - of digest value. - - So, to obtain correct digest value, such as produced by gostsum utility - included in the engine distribution, bytes of output should be - reversed. - - Calculation of HMAC based on GOST R 34.11-94 - - openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile - - (or use hexkey if key contain NUL bytes) - Calculation of GOST 28147 MAC - - openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile - - Note absence of an option that specifies digest algorithm. gost-mac - algorithm supports only one digest (which is actually part of - implementation of this mac) and OpenSSL is clever enough to find out - this. - - Encryption with GOST 28147 CFB mode - openssl enc -gost89 -out encrypted-file -in plain-text-file -k - Encryption with GOST 28147 CNT mode - openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k - - -6. Encrypting private keys and PKCS12 - -To produce PKCS12 files compatible with MagPro CSP, you need to use -GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94 -hash to derive key from password. - -openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\ - -certpbe gost89 -macalg md_gost94 - -7. Testing speed of symmetric ciphers. - -To test performance of GOST symmetric ciphers you should use -evp switch -of the openssl speed command. Engine-provided ciphers couldn't be -accessed by cipher-specific functions, only via generic evp interface - - openssl speed -evp gost89 - openssl speed -evp gost89-cnt - - -PROGRAMMING INTERFACES DETAILS - -Applications never should access engine directly. They only use provided -EVP_PKEY API. But there are some details, which should be taken into -account. - -EVP provides two kinds of API for key exchange: - -1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with - RSA-like public key encryption algorithms - -2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key -computing algorithms. - -Although VKO R 34.10 algorithms, described in the RFC 4357 are -definitely second case, engine provides BOTH API for GOST R 34.10 keys. - -EVP_PKEY_derive just invokes appropriate VKO algorithm and computes -256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key -material (UKM). This UKM should be transmitted to other party, so it is -not generated inside derive function. - -It should be set by EVP_PKEY_CTX_ctrl function using -EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but -before EVP_PKEY_derive. - unsigned char ukm[8]; - RAND_bytes(ukm,8); - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm) - -EVP_PKEY_encrypt encrypts provided session key with VKO shared key and -packs it into GOST key transport structure, described in the RFC 4490. - -It typically uses ephemeral key pair to compute shared key and packs its -public part along with encrypted key. So, for most cases use of -EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with -RSA. - -However, if peerkey field in the EVP_PKEY_CTX structure is set (using -EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private -key and uses same parameters as the public key from which this EVP_PKEY_CTX is -created, EVP_PKEY_encrypt will use this private key to compute shared key and -set ephemeral key in the GOST_key_transport structure to NULL. In this case -pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down. - -If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL -public key field, it tries to use peerkey field from the context to -compute shared key. In this case peerkey field should really contain -peer public key. - -Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well. -It can be used when some specific restriction on UKM are imposed by -higher level protocol. For instance, description of GOST ciphersuites -requires UKM to be derived from shared secret. - -If UKM is not set by this control command, encrypt operation would -generate random UKM. - - -This sources include implementation of GOST 28147-89 and GOST R 34.11-94 -which are completely indepentent from OpenSSL and can be used separately -(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file -gostsum.c) is provided as example of such separate usage. This is -program, simular to md5sum and sha1sum utilities, but calculates GOST R -34.11-94 hash. - -Makefile doesn't include rule for compiling gostsum. -Use command - -$(CC) -o gostsum gostsum.c gost89.c gosthash.c -where $(CC) is name of your C compiler. - -Implementations of GOST R 34.10-xx, including VKO algorithms heavily -depends on OpenSSL BIGNUM and Elliptic Curve libraries. - - diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c deleted file mode 100644 index d05ef6143c..0000000000 --- a/engines/ccgost/e_gost_err.c +++ /dev/null @@ -1,201 +0,0 @@ -/* e_gost_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include "e_gost_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA GOST_str_functs[] = { - {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"}, - {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"}, - {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"}, - {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"}, - {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), - "GOST89_GET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), - "GOST89_SET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"}, - {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"}, - {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"}, - {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"}, - {0, NULL} -}; - -static ERR_STRING_DATA GOST_str_reasons[] = { - {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT), - "bad key parameters format"}, - {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT), - "bad pkey parameters format"}, - {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY), - "cannot pack ephemeral key"}, - {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY), - "error computing shared key"}, - {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO), - "error parsing key transport info"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"}, - {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"}, - {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"}, - {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"}, - {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"}, - {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"}, - {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"}, - {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR), - "no private part of non ephemeral keypair"}, - {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED), - "random number generator failed"}, - {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"}, - {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q), - "signature parts greater than q"}, - {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"}, - {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND), - "unsupported cipher ctl command"}, - {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET), - "unsupported parameter set"}, - {0, NULL} -}; - -#endif - -#ifdef GOST_LIB_NAME -static ERR_STRING_DATA GOST_lib_name[] = { - {0, GOST_LIB_NAME}, - {0, NULL} -}; -#endif - -static int GOST_lib_error_code = 0; -static int GOST_error_init = 1; - -void ERR_load_GOST_strings(void) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - - if (GOST_error_init) { - GOST_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(GOST_lib_error_code, GOST_str_functs); - ERR_load_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0); - ERR_load_strings(0, GOST_lib_name); -#endif - } -} - -void ERR_unload_GOST_strings(void) -{ - if (GOST_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(GOST_lib_error_code, GOST_str_functs); - ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - ERR_unload_strings(0, GOST_lib_name); -#endif - GOST_error_init = 1; - } -} - -void ERR_GOST_error(int function, int reason, char *file, int line) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(GOST_lib_error_code, function, reason, file, line); -} diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h deleted file mode 100644 index b18395718f..0000000000 --- a/engines/ccgost/e_gost_err.h +++ /dev/null @@ -1,157 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -# define HEADER_GOST_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_GOST_strings(void); -void ERR_unload_GOST_strings(void); -void ERR_GOST_error(int function, int reason, char *file, int line); -# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -# define GOST_F_DECODE_GOST_ALGOR_PARAMS 99 -# define GOST_F_ENCODE_GOST_ALGOR_PARAMS 100 -# define GOST_F_FILL_GOST2001_PARAMS 101 -# define GOST_F_FILL_GOST94_PARAMS 102 -# define GOST_F_GET_ENCRYPTION_PARAMS 103 -# define GOST_F_GOST2001_COMPUTE_PUBLIC 104 -# define GOST_F_GOST2001_DO_SIGN 105 -# define GOST_F_GOST2001_DO_VERIFY 106 -# define GOST_F_GOST2001_KEYGEN 107 -# define GOST_F_GOST89_GET_ASN1_PARAMETERS 108 -# define GOST_F_GOST89_SET_ASN1_PARAMETERS 109 -# define GOST_F_GOST94_COMPUTE_PUBLIC 110 -# define GOST_F_GOST_CIPHER_CTL 111 -# define GOST_F_GOST_DO_SIGN 112 -# define GOST_F_GOST_DO_VERIFY 113 -# define GOST_F_GOST_IMIT_CTRL 114 -# define GOST_F_GOST_IMIT_FINAL 140 -# define GOST_F_GOST_IMIT_UPDATE 115 -# define GOST_F_GOST_SIGN_KEYGEN 142 -# define GOST_F_PARAM_COPY_GOST01 116 -# define GOST_F_PARAM_COPY_GOST94 117 -# define GOST_F_PKEY_GOST01CP_DECRYPT 118 -# define GOST_F_PKEY_GOST01CP_ENCRYPT 119 -# define GOST_F_PKEY_GOST01CP_KEYGEN 120 -# define GOST_F_PKEY_GOST01_PARAMGEN 138 -# define GOST_F_PKEY_GOST2001_DERIVE 121 -# define GOST_F_PKEY_GOST94CP_DECRYPT 122 -# define GOST_F_PKEY_GOST94CP_ENCRYPT 123 -# define GOST_F_PKEY_GOST94CP_KEYGEN 124 -# define GOST_F_PKEY_GOST94_PARAMGEN 139 -# define GOST_F_PKEY_GOST_CTRL 125 -# define GOST_F_PKEY_GOST_CTRL01_STR 126 -# define GOST_F_PKEY_GOST_CTRL94_STR 127 -# define GOST_F_PKEY_GOST_MAC_CTRL 128 -# define GOST_F_PKEY_GOST_MAC_CTRL_STR 129 -# define GOST_F_PKEY_GOST_MAC_KEYGEN 130 -# define GOST_F_PRINT_GOST_01 131 -# define GOST_F_PRIV_DECODE_GOST 132 -# define GOST_F_PUB_DECODE_GOST01 133 -# define GOST_F_PUB_DECODE_GOST94 134 -# define GOST_F_PUB_ENCODE_GOST01 135 -# define GOST_F_PUB_ENCODE_GOST94 141 -# define GOST_F_UNPACK_CC_SIGNATURE 136 -# define GOST_F_UNPACK_CP_SIGNATURE 137 - -/* Reason codes. */ -# define GOST_R_BAD_KEY_PARAMETERS_FORMAT 99 -# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 100 -# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 101 -# define GOST_R_CTRL_CALL_FAILED 132 -# define GOST_R_ERROR_COMPUTING_SHARED_KEY 102 -# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 103 -# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 104 -# define GOST_R_INCOMPATIBLE_ALGORITHMS 105 -# define GOST_R_INCOMPATIBLE_PEER_KEY 131 -# define GOST_R_INVALID_CIPHER_PARAMS 106 -# define GOST_R_INVALID_CIPHER_PARAM_OID 107 -# define GOST_R_INVALID_DIGEST_TYPE 108 -# define GOST_R_INVALID_GOST94_PARMSET 109 -# define GOST_R_INVALID_IV_LENGTH 110 -# define GOST_R_INVALID_MAC_KEY_LENGTH 111 -# define GOST_R_INVALID_PARAMSET 112 -# define GOST_R_KEY_IS_NOT_INITALIZED 113 -# define GOST_R_KEY_IS_NOT_INITIALIZED 114 -# define GOST_R_KEY_PARAMETERS_MISSING 115 -# define GOST_R_MAC_KEY_NOT_SET 116 -# define GOST_R_NO_PARAMETERS_SET 119 -# define GOST_R_NO_PEER_KEY 120 -# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 121 -# define GOST_R_PUBLIC_KEY_UNDEFINED 122 -# define GOST_R_RANDOM_GENERATOR_ERROR 123 -# define GOST_R_RANDOM_GENERATOR_FAILURE 124 -# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 125 -# define GOST_R_SIGNATURE_MISMATCH 126 -# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 127 -# define GOST_R_UKM_NOT_SET 128 -# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 129 -# define GOST_R_UNSUPPORTED_PARAMETER_SET 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/ccgost/e_gost_err.proto b/engines/ccgost/e_gost_err.proto deleted file mode 100644 index c57bd1bd8f..0000000000 --- a/engines/ccgost/e_gost_err.proto +++ /dev/null @@ -1,61 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -#define HEADER_GOST_ERR_H - -#define GOST_LIB_NAME "GOST engine" -#ifdef __cplusplus - extern "C" { -#endif diff --git a/engines/ccgost/gost.ec b/engines/ccgost/gost.ec deleted file mode 100644 index 6c2c85e57c..0000000000 --- a/engines/ccgost/gost.ec +++ /dev/null @@ -1,5 +0,0 @@ -L GOST e_gost_err.h e_gost_err.c -L NONE asymm.h NONE -L NONE md.h NONE -L NONE crypt.h NONE -L NONE gostkeyx.h NONE diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c deleted file mode 100644 index b47d832c6d..0000000000 --- a/engines/ccgost/gost2001.c +++ /dev/null @@ -1,460 +0,0 @@ -/********************************************************************** - * gost2001.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.10-2001 * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include "gost_lcl.h" -#include -#include -#include -#include -#include "e_gost_err.h" -#ifdef DEBUG_SIGN -extern -void dump_signature(const char *message, const unsigned char *buffer, - size_t len); -void dump_dsa_sig(const char *message, DSA_SIG *sig); -#else - -# define dump_signature(a,b,c) -# define dump_dsa_sig(a,b) -#endif - -/* - * Fills EC_KEY structure hidden in the app_data field of DSA structure - * with parameter information, extracted from parameter array in - * params.c file. - * - * Also fils DSA->q field with copy of EC_GROUP order field to make - * DSA_size function work - */ -int fill_GOST2001_params(EC_KEY *eckey, int nid) -{ - R3410_2001_params *params = R3410_2001_paramset; - EC_GROUP *grp = NULL; - BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; - EC_POINT *P = NULL; - BN_CTX *ctx = BN_CTX_new(); - int ok = 0; - - if (!ctx) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - p = BN_CTX_get(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - if (!p || !a || !b || !x || !y || !q) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - while (params->nid != NID_undef && params->nid != nid) - params++; - if (params->nid == NID_undef) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - GOST_R_UNSUPPORTED_PARAMETER_SET); - goto err; - } - if (!BN_hex2bn(&p, params->p) - || !BN_hex2bn(&a, params->a) - || !BN_hex2bn(&b, params->b)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - ERR_R_INTERNAL_ERROR); - goto err; - } - - grp = EC_GROUP_new_curve_GFp(p, a, b, ctx); - if (!grp) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - P = EC_POINT_new(grp); - if (!P) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_hex2bn(&x, params->x) - || !BN_hex2bn(&y, params->y) - || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx) - || !BN_hex2bn(&q, params->q)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_KEYS - fprintf(stderr, "Set params index %d oid %s\nq=", - (params - R3410_2001_paramset), OBJ_nid2sn(params->nid)); - BN_print_fp(stderr, q); - fprintf(stderr, "\n"); -#endif - - if (!EC_GROUP_set_generator(grp, P, q, NULL)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - EC_GROUP_set_curve_name(grp, params->nid); - if (!EC_KEY_set_group(eckey, grp)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - ok = 1; - err: - EC_POINT_free(P); - EC_GROUP_free(grp); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * Computes gost2001 signature as DSA_SIG structure - * - * - */ -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) -{ - DSA_SIG *newsig = NULL, *ret = NULL; - BIGNUM *md = hashsum2bn(dgst); - BIGNUM *order = NULL; - const EC_GROUP *group; - const BIGNUM *priv_key; - BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = - NULL, *e = NULL; - EC_POINT *C = NULL; - BN_CTX *ctx = BN_CTX_new(); - if (!ctx || !md) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - OPENSSL_assert(dlen == 32); - newsig = DSA_SIG_new(); - if (!newsig) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - group = EC_KEY_get0_group(eckey); - if (!group) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - order = BN_CTX_get(ctx); - if (!order || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - priv_key = EC_KEY_get0_private_key(eckey); - if (!priv_key) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - e = BN_CTX_get(ctx); - if (!e || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum="); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q="); - BN_print_fp(stderr, e); - fprintf(stderr, "\n"); -#endif - if (BN_is_zero(e)) { - BN_one(e); - } - k = BN_CTX_get(ctx); - C = EC_POINT_new(group); - if (!k || !C) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - do { - do { - if (!BN_rand_range(k, order)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - if (!X) - X = BN_CTX_get(ctx); - if (!r) - r = BN_CTX_get(ctx); - if (!X || !r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - - if (!BN_nnmod(r, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(r)); - /* s = (r*priv_key+k*e) mod order */ - if (!tmp) - tmp = BN_CTX_get(ctx); - if (!tmp2) - tmp2 = BN_CTX_get(ctx); - if (!s) - s = BN_CTX_get(ctx); - if (!tmp || !tmp2 || !s) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_mod_mul(tmp, priv_key, r, order, ctx) - || !BN_mod_mul(tmp2, k, e, order, ctx) - || !BN_mod_add(s, tmp, tmp2, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(s)); - - newsig->s = BN_dup(s); - newsig->r = BN_dup(r); - if (!newsig->s || !newsig->r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = newsig; - err: - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(C); - BN_free(md); - if (!ret) - DSA_SIG_free(newsig); - return ret; -} - -/* - * Verifies gost 2001 signature - * - */ -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec) -{ - BN_CTX *ctx = BN_CTX_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - BIGNUM *order; - BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = - NULL; - BIGNUM *X = NULL, *tmp = NULL; - EC_POINT *C = NULL; - const EC_POINT *pub_key = NULL; - int ok = 0; - - if (!ctx || !group) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - e = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - R = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if (!order || !e || !z1 || !z2 || !tmp || !X || !R || !v) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, - GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - - } - md = hashsum2bn(dgst); - - if (!md || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum: "); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q: "); - BN_print_fp(stderr, e); -#endif - if (BN_is_zero(e) && !BN_one(e)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - v = BN_mod_inverse(v, e, order, ctx); - if (!v - || !BN_mod_mul(z1, sig->s, v, order, ctx) - || !BN_sub(tmp, order, sig->r) - || !BN_mod_mul(z2, tmp, v, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nInverted digest value: "); - BN_print_fp(stderr, v); - fprintf(stderr, "\nz1: "); - BN_print_fp(stderr, z1); - fprintf(stderr, "\nz2: "); - BN_print_fp(stderr, z2); -#endif - C = EC_POINT_new(group); - if (!C) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!BN_mod(R, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nX="); - BN_print_fp(stderr, X); - fprintf(stderr, "\nX mod q="); - BN_print_fp(stderr, R); - fprintf(stderr, "\n"); -#endif - if (BN_cmp(R, sig->r) != 0) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); - } else { - ok = 1; - } - err: - EC_POINT_free(C); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(md); - return ok; -} - -/* - * Computes GOST R 34.10-2001 public key - * - * - */ -int gost2001_compute_public(EC_KEY *ec) -{ - const EC_GROUP *group = EC_KEY_get0_group(ec); - EC_POINT *pub_key = NULL; - const BIGNUM *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if (!group) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, - GOST_R_KEY_IS_NOT_INITIALIZED); - return 0; - } - ctx = BN_CTX_new(); - if (!ctx) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - if ((priv_key = EC_KEY_get0_private_key(ec)) == NULL) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - - pub_key = EC_POINT_new(group); - if (!pub_key) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - if (!EC_KEY_set_public_key(ec, pub_key)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - ok = 256; - err: - EC_POINT_free(pub_key); - if (ctx) - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} - -/* - * - * Generates GOST R 34.10-2001 keypair - * - * - */ -int gost2001_keygen(EC_KEY *ec) -{ - BIGNUM *order = BN_new(), *d = BN_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - - if (!group || !EC_GROUP_get_order(group, order, NULL)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - - do { - if (!BN_rand_range(d, order)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - BN_free(d); - BN_free(order); - return 0; - } - } - while (BN_is_zero(d)); - - if (!EC_KEY_set_private_key(ec, d)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - BN_free(d); - BN_free(order); - return gost2001_compute_public(ec); -} diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c deleted file mode 100644 index 1fd0174436..0000000000 --- a/engines/ccgost/gost2001_keyx.c +++ /dev/null @@ -1,290 +0,0 @@ -/********************************************************************** - * gost_keyx.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * VK0 34.10-2001 key exchange and GOST R 34.10-2001 * - * based PKCS7/SMIME support * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include -#include -#include -#include -#include "gost89.h" -#include "gosthash.h" -#include "e_gost_err.h" -#include "gost_keywrap.h" -#include "gost_lcl.h" -#include "gost2001_keyx.h" - -/* Implementation of CryptoPro VKO 34.10-2001 algorithm */ -static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, - const EC_POINT *pub_key, EC_KEY *priv_key, - const unsigned char *ukm) -{ - unsigned char ukm_be[8], databuf[64], hashbuf[64]; - BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL; - const BIGNUM *key = EC_KEY_get0_private_key(priv_key); - EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key)); - int i; - gost_hash_ctx hash_ctx; - BN_CTX *ctx = BN_CTX_new(); - - for (i = 0; i < 8; i++) { - ukm_be[7 - i] = ukm[i]; - } - BN_CTX_start(ctx); - UKM = BN_bin2bn(ukm_be, 8, NULL); - p = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); - BN_mod_mul(p, key, UKM, order, ctx); - EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx); - EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); - /* - * Serialize elliptic curve point same way as we do it when saving key - */ - store_bignum(Y, databuf, 32); - store_bignum(X, databuf + 32, 32); - /* And reverse byte order of whole buffer */ - for (i = 0; i < 64; i++) { - hashbuf[63 - i] = databuf[i]; - } - init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet); - start_hash(&hash_ctx); - hash_block(&hash_ctx, hashbuf, 64); - finish_hash(&hash_ctx, shared_key); - done_gost_hash_ctx(&hash_ctx); - BN_free(UKM); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(pnt); - return 32; -} - -/* - * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001 - * algorithm - */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - /* - * Public key of peer in the ctx field peerkey Our private key in the ctx - * pkey ukm is in the algorithm specific context data - */ - EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx); - EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - if (!data->shared_ukm) { - GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET); - return 0; - } - - if (key == NULL) { - *keylen = 32; - return 32; - } - - *keylen = - VKO_compute_key(key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)), - (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm); - return 1; -} - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptocom variation - */ -/* - * Generates ephemeral key based on pubk algorithm computes shared key using - * VKO and returns filled up GOST_KEY_TRANSPORT structure - */ - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ - -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, - size_t *out_len, const unsigned char *key, - size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - const struct gost_cipher_info *param = get_encryption_params(NULL); - unsigned char ukm[8], shared_key[32], crypted_key[44]; - int ret = 0; - int key_is_ephemeral = 1; - gost_ctx cctx; - EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx); - if (data->shared_ukm) { - memcpy(ukm, data->shared_ukm, 8); - } else if (out) { - - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - return 0; - } - } - /* Check for private key in the peer_key of context */ - if (sec_key) { - key_is_ephemeral = 0; - if (!gost_get0_priv_key(sec_key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - key_is_ephemeral = 1; - if (out) { - sec_key = EVP_PKEY_new(); - EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); - EVP_PKEY_copy_parameters(sec_key, pubk); - if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { - goto err; - } - } - } - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list + 1; - } - if (out) { - VKO_compute_key(shared_key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)), - EVP_PKEY_get0(sec_key), ukm); - gost_init(&cctx, param->sblock); - keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (!gkt) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) { - goto err; - } - if (!ASN1_OCTET_STRING_set - (gkt->key_info->encrypted_key, crypted_key + 8, 32)) { - goto err; - } - if (key_is_ephemeral) { - if (!X509_PUBKEY_set - (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid); - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - if (!key_is_ephemeral) { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0) - ret = 1; - GOST_KEY_TRANSPORT_free(gkt); - return ret; - err: - if (key_is_ephemeral) - EVP_PKEY_free(sec_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - -/* - * EVP_PKEY_METHOD callback decrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, - size_t *key_len, const unsigned char *in, - size_t in_len) -{ - const unsigned char *p = in; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); - GOST_KEY_TRANSPORT *gkt = NULL; - int ret = 0; - unsigned char wra