GOST key export, separate function

[openssl-gost/engine.git] / gost_ec_keyx.c

diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index cc6aacb494bed348d09ed59263b0406fca578e92..878698f90ff18555be32e51d4dcf956474429c51 100644 (file)
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -342,9 +342,100 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     return -1;
 }
 
+int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
+                          size_t *out_len, const unsigned char *key,
+                          size_t key_len)
+{
+    PSKeyTransport_gost *pst = NULL;
+    EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+    int pkey_nid = EVP_PKEY_base_id(pubk);
+    unsigned char expkeys[64];
+    EVP_PKEY *sec_key = NULL;
+    int ret = 0;
+    int mac_nid = NID_undef;
+    size_t mac_len = 0;
+    int exp_len = 0;
+    unsigned char *exp_buf = NULL;
+
+    switch (data->cipher_nid) {
+    case NID_magma_ctr:
+        mac_nid = NID_magma_mac;
+        mac_len = 8;
+        break;
+    case NID_grasshopper_ctr:
+        mac_nid = NID_grasshopper_mac;
+        mac_len = 16;
+        break;
+    default:
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, GOST_R_INVALID_CIPHER);
+        return -1;
+        break;
+    }
+    exp_len = key_len + mac_len;
+    exp_buf = OPENSSL_malloc(exp_len);
+    if (!exp_buf) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+
+    if (out) {
+        sec_key = EVP_PKEY_new();
+        if (!EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new())
+            || !EVP_PKEY_copy_parameters(sec_key, pubk)
+            || !gost_ec_keygen(EVP_PKEY_get0(sec_key))) {
+            GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT,
+                    GOST_R_ERROR_COMPUTING_SHARED_KEY);
+            goto err;
+        }
+    }
+    ret =
+        gost_keg(data->shared_ukm, pkey_nid,
+                 EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)),
+                 EVP_PKEY_get0(sec_key), expkeys);
+    if (ret <= 0) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT,
+                GOST_R_ERROR_COMPUTING_EXPORT_KEYS);
+        goto err;
+    }
+
+    ret = gost_kexp15(key, key_len, data->cipher_nid, expkeys + 32,
+                      mac_nid, expkeys + 0, data->shared_ukm + 24, 4, exp_buf,
+                      &exp_len);
+    if (ret <= 0) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+        goto err;
+    }
+
+    pst = PSKeyTransport_gost_new();
+    if (!pst) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!ASN1_OCTET_STRING_set(pst->psexp, exp_buf, exp_len)) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!X509_PUBKEY_set(&pst->ephem_key, out ? sec_key : pubk)) {
+        GOSTerr(GOST_F_PKEY_GOST2018_ENCRYPT, GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+        goto err;
+    }
+
+    EVP_PKEY_free(sec_key);
+
+    if ((*out_len = i2d_PSKeyTransport_gost(pst, out ? &out : NULL)) > 0)
+        ret = 1;
+ err:
+    PSKeyTransport_gost_free(pst);
+    OPENSSL_free(exp_buf);
+    return ret;
+}
+
 /*
  * EVP_PKEY_METHOD callback decrypt
- * Implementation of GOST2001 key transport, cryptopo variation
+ * Implementation of GOST2001 key transport, cryptopro variation
  */
 int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
                            size_t *key_len, const unsigned char *in,