OLD | NEW |
(Empty) | |
| 1 #ifndef GOST_TOOLS_H |
| 2 #define GOST_TOOLS_H |
| 3 /********************************************************************** |
| 4 * gost_lcl.h * |
| 5 * Copyright (c) 2006 Cryptocom LTD * |
| 6 * This file is distributed under the same license as OpenSSL * |
| 7 * * |
| 8 * Internal declarations used in GOST engine * |
| 9 * OpenSSL 0.9.9 libraries required to compile and use * |
| 10 * this code * |
| 11 **********************************************************************/ |
| 12 #include <openssl/bn.h> |
| 13 #include <openssl/evp.h> |
| 14 #include <openssl/dsa.h> |
| 15 #include <openssl/asn1t.h> |
| 16 #include <openssl/x509.h> |
| 17 #include <openssl/engine.h> |
| 18 #include <openssl/ec.h> |
| 19 #include "gost89.h" |
| 20 #include "gosthash.h" |
| 21 /* Control commands */ |
| 22 #define GOST_PARAM_CRYPT_PARAMS 0 |
| 23 #define GOST_PARAM_MAX 0 |
| 24 #define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS) |
| 25 |
| 26 extern const ENGINE_CMD_DEFN gost_cmds[]; |
| 27 int gost_control_func(ENGINE *e,int cmd, long i, void *p, void (*f)(void
)); |
| 28 const char *get_gost_engine_param(int param); |
| 29 int gost_set_default_param(int param, const char *value); |
| 30 void gost_param_free(void); |
| 31 |
| 32 /* method registration */ |
| 33 |
| 34 int register_ameth_gost (int nid, EVP_PKEY_ASN1_METHOD **ameth, const ch
ar* pemstr, const char* info); |
| 35 int register_pmeth_gost (int id, EVP_PKEY_METHOD **pmeth, int flags); |
| 36 |
| 37 /* Gost-specific pmeth control-function parameters */ |
| 38 /* For GOST R34.10 parameters */ |
| 39 #define param_ctrl_string "paramset" |
| 40 #define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) |
| 41 /* For GOST 28147 MAC */ |
| 42 #define key_ctrl_string "key" |
| 43 #define hexkey_ctrl_string "hexkey" |
| 44 #define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) |
| 45 /* Pmeth internal representation */ |
| 46 struct gost_pmeth_data { |
| 47 int sign_param_nid; /* Should be set whenever parameters are filled
*/ |
| 48 EVP_MD *md; |
| 49 unsigned char *shared_ukm; |
| 50 int peer_key_used; |
| 51 }; |
| 52 |
| 53 struct gost_mac_pmeth_data { |
| 54 int key_set; |
| 55 EVP_MD *md; |
| 56 unsigned char key[32]; |
| 57 } ; |
| 58 /* GOST-specific ASN1 structures */ |
| 59 |
| 60 |
| 61 typedef struct { |
| 62 ASN1_OCTET_STRING *encrypted_key; |
| 63 ASN1_OCTET_STRING *imit; |
| 64 } GOST_KEY_INFO; |
| 65 |
| 66 DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO) |
| 67 |
| 68 typedef struct { |
| 69 ASN1_OBJECT *cipher; |
| 70 X509_PUBKEY *ephem_key; |
| 71 ASN1_OCTET_STRING *eph_iv; |
| 72 } GOST_KEY_AGREEMENT_INFO; |
| 73 |
| 74 DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) |
| 75 |
| 76 typedef struct { |
| 77 GOST_KEY_INFO *key_info; |
| 78 GOST_KEY_AGREEMENT_INFO *key_agreement_info; |
| 79 } GOST_KEY_TRANSPORT; |
| 80 |
| 81 DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) |
| 82 |
| 83 typedef struct { /* FIXME incomplete */ |
| 84 GOST_KEY_TRANSPORT *gkt; |
| 85 } GOST_CLIENT_KEY_EXCHANGE_PARAMS; |
| 86 |
| 87 /* Hacks to shorten symbols to 31 characters or less, or OpenVMS. |
| 88 This mimics what's done in symhacks.h, but since this is a very |
| 89 local header file, I prefered to put this hack directly here. |
| 90 -- Richard Levitte */ |
| 91 #ifdef OPENSSL_SYS_VMS |
| 92 #undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it |
| 93 #define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it |
| 94 #undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new |
| 95 #define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new |
| 96 #undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free |
| 97 #define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free |
| 98 #undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS |
| 99 #define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS |
| 100 #undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS |
| 101 #define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS |
| 102 #endif /* End of hack */ |
| 103 DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) |
| 104 typedef struct { |
| 105 ASN1_OBJECT *key_params; |
| 106 ASN1_OBJECT *hash_params; |
| 107 ASN1_OBJECT *cipher_params; |
| 108 } GOST_KEY_PARAMS; |
| 109 |
| 110 DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS) |
| 111 |
| 112 typedef struct { |
| 113 ASN1_OCTET_STRING *iv; |
| 114 ASN1_OBJECT *enc_param_set; |
| 115 } GOST_CIPHER_PARAMS; |
| 116 |
| 117 DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) |
| 118 /*============== Message digest and cipher related structures ==========*/ |
| 119 /* Structure used as EVP_MD_CTX-md_data. |
| 120 * It allows to avoid storing in the md-data pointers to |
| 121 * dynamically allocated memory. |
| 122 * |
| 123 * I cannot invent better way to avoid memory leaks, because |
| 124 * openssl insist on invoking Init on Final-ed digests, and there |
| 125 * is no reliable way to find out whether pointer in the passed |
| 126 * md_data is valid or not. |
| 127 * */ |
| 128 struct ossl_gost_digest_ctx { |
| 129 gost_hash_ctx dctx; |
| 130 gost_ctx cctx; |
| 131 }; |
| 132 /* EVP_MD structure for GOST R 34.11 */ |
| 133 extern EVP_MD digest_gost; |
| 134 /* EVP_MD structure for GOST 28147 in MAC mode */ |
| 135 extern EVP_MD imit_gost_cpa; |
| 136 /* Cipher context used for EVP_CIPHER operation */ |
| 137 struct ossl_gost_cipher_ctx { |
| 138 int paramNID; |
| 139 off_t count; |
| 140 int key_meshing; |
| 141 gost_ctx cctx; |
| 142 }; |
| 143 /* Structure to map parameter NID to S-block */ |
| 144 struct gost_cipher_info { |
| 145 int nid; |
| 146 gost_subst_block *sblock; |
| 147 int key_meshing; |
| 148 }; |
| 149 /* Context for MAC */ |
| 150 struct ossl_gost_imit_ctx { |
| 151 gost_ctx cctx; |
| 152 unsigned char buffer[8]; |
| 153 unsigned char partial_block[8]; |
| 154 off_t count; |
| 155 int key_meshing; |
| 156 int bytes_left; |
| 157 int key_set; |
| 158 }; |
| 159 /* Table which maps parameter NID to S-blocks */ |
| 160 extern struct gost_cipher_info gost_cipher_list[]; |
| 161 /* Find encryption params from ASN1_OBJECT */ |
| 162 const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj); |
| 163 /* Implementation of GOST 28147-89 cipher in CFB and CNT modes */ |
| 164 extern EVP_CIPHER cipher_gost; |
| 165 extern EVP_CIPHER cipher_gost_cpacnt; |
| 166 #define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) |
| 167 #define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) |
| 168 /* EVP_PKEY_METHOD key encryption callbacks */ |
| 169 /* From gost94_keyx.c */ |
| 170 int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char* key, size_t key_len ); |
| 171 |
| 172 int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char* in, size_t in_len ); |
| 173 /* From gost2001_keyx.c */ |
| 174 int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char* key, size_t key_len ); |
| 175 |
| 176 int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char* in, size_t in_len ); |
| 177 /* derive functions */ |
| 178 /* From gost2001_keyx.c */ |
| 179 int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); |
| 180 /* From gost94_keyx.c */ |
| 181 int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); |
| 182 /* Internal functions for signature algorithms */ |
| 183 int fill_GOST94_params(DSA *dsa,int nid); |
| 184 int fill_GOST2001_params(EC_KEY *eckey, int nid); |
| 185 int gost_sign_keygen(DSA *dsa) ; |
| 186 int gost2001_keygen(EC_KEY *ec) ; |
| 187 |
| 188 DSA_SIG *gost_do_sign(const unsigned char *dgst,int dlen, DSA *dsa) ; |
| 189 DSA_SIG *gost2001_do_sign(const unsigned char *dgst,int dlen, EC_KEY *eckey); |
| 190 |
| 191 int gost_do_verify(const unsigned char *dgst, int dgst_len, |
| 192 DSA_SIG *sig, DSA *dsa) ; |
| 193 int gost2001_do_verify(const unsigned char *dgst,int dgst_len, |
| 194 DSA_SIG *sig, EC_KEY *ec); |
| 195 int gost2001_compute_public(EC_KEY *ec) ; |
| 196 int gost94_compute_public(DSA *dsa) ; |
| 197 /*============== miscellaneous functions============================= */ |
| 198 /* from gost_sign.c */ |
| 199 /* Convert GOST R 34.11 hash sum to bignum according to standard */ |
| 200 BIGNUM *hashsum2bn(const unsigned char *dgst) ; |
| 201 /* Store bignum in byte array of given length, prepending by zeros |
| 202 * if nesseccary */ |
| 203 int store_bignum(BIGNUM *bn, unsigned char *buf,int len); |
| 204 /* Read bignum, which can have few MSB all-zeros from buffer*/ |
| 205 BIGNUM *getbnfrombuf(const unsigned char *buf,size_t len); |
| 206 /* Pack GOST R 34.10 signature according to CryptoPro rules */ |
| 207 int pack_sign_cp(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen); |
| 208 /* Unpack GOST R 34.10 signature according to CryptoPro rules */ |
| 209 DSA_SIG *unpack_cp_signature(const unsigned char *sig,size_t siglen) ; |
| 210 /* from ameth.c */ |
| 211 /* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/ |
| 212 /* Returns pointer into EVP_PKEY structure */ |
| 213 BIGNUM* gost_get0_priv_key(const EVP_PKEY *pkey) ; |
| 214 /* Find NID by GOST 94 parameters */ |
| 215 int gost94_nid_by_params(DSA *p) ; |
| 216 |
| 217 |
| 218 #endif |
OLD | NEW |