/* Control commands */
# define GOST_PARAM_CRYPT_PARAMS 0
# define GOST_PARAM_PBE_PARAMS 1
-# define GOST_PARAM_MAX 1
+# define GOST_PARAM_PK_FORMAT 2
+# define GOST_PARAM_MAX 2
# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
# define GOST_CTRL_PBE_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_PBE_PARAMS)
+# define GOST_CTRL_PK_FORMAT (ENGINE_CMD_BASE+GOST_PARAM_PK_FORMAT)
typedef struct R3410_ec {
int nid;
} R3410_ec_params;
extern R3410_ec_params R3410_2001_paramset[],
- *R3410_2012_256_paramset,
- R3410_2012_512_paramset[];
+ *R3410_2012_256_paramset, R3410_2012_512_paramset[];
extern const ENGINE_CMD_DEFN gost_cmds[];
int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
/* For GOST 28147 MAC */
# define key_ctrl_string "key"
# define hexkey_ctrl_string "hexkey"
+# define maclen_ctrl_string "size"
# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
+# define EVP_PKEY_CTRL_MAC_LEN (EVP_PKEY_ALG_CTRL+5)
/* Pmeth internal representation */
struct gost_pmeth_data {
int sign_param_nid; /* Should be set whenever parameters are
};
struct gost_mac_pmeth_data {
- int key_set;
+ short int key_set;
+ short int mac_size;
+ int mac_param_nid;
EVP_MD *md;
unsigned char key[32];
};
+
+struct gost_mac_key {
+ int mac_param_nid;
+ unsigned char key[32];
+ short int mac_size;
+};
/* GOST-specific ASN1 structures */
typedef struct {
DECLARE_ASN1_FUNCTIONS(MASKED_GOST_KEY)
/*============== Message digest and cipher related structures ==========*/
- /*
- * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
- * in the md-data pointers to dynamically allocated memory. I
- * cannot invent better way to avoid memory leaks, because openssl
- * insist on invoking Init on Final-ed digests, and there is no
- * reliable way to find out whether pointer in the passed md_data is
- * valid or not.
- */
+ /*
+ * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
+ * in the md-data pointers to dynamically allocated memory. I
+ * cannot invent better way to avoid memory leaks, because openssl
+ * insist on invoking Init on Final-ed digests, and there is no
+ * reliable way to find out whether pointer in the passed md_data is
+ * valid or not.
+ */
struct ossl_gost_digest_ctx {
gost_hash_ctx dctx;
gost_ctx cctx;
};
/* EVP_MD structure for GOST R 34.11 */
-extern EVP_MD digest_gost;
+EVP_MD *digest_gost(void);
+void digest_gost_destroy(void);
/* EVP MD structure for GOST R 34.11-2012 algorithms */
-extern EVP_MD digest_gost2012_256;
-extern EVP_MD digest_gost2012_512;
+EVP_MD *digest_gost2012_256(void);
+EVP_MD *digest_gost2012_512(void);
+void digest_gost2012_256_destroy(void);
+void digest_gost2012_512_destroy(void);
/* EVP_MD structure for GOST 28147 in MAC mode */
-extern EVP_MD imit_gost_cpa;
-extern EVP_MD imit_gost_cp_12;
+EVP_MD *imit_gost_cpa(void);
+void imit_gost_cpa_destroy(void);
+EVP_MD *imit_gost_cp_12(void);
+void imit_gost_cp_12_destroy(void);
/* Cipher context used for EVP_CIPHER operation */
struct ossl_gost_cipher_ctx {
int paramNID;
int key_meshing;
int bytes_left;
int key_set;
+ int dgst_size;
};
/* Table which maps parameter NID to S-blocks */
extern struct gost_cipher_info gost_cipher_list[];
/* Find encryption params from ASN1_OBJECT */
const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-extern EVP_CIPHER cipher_gost;
-extern EVP_CIPHER cipher_gost_cpacnt;
-extern EVP_CIPHER cipher_gost_cpcnt_12;
+const EVP_CIPHER *cipher_gost();
+const EVP_CIPHER *cipher_gost_cbc();
+const EVP_CIPHER *cipher_gost_cpacnt();
+const EVP_CIPHER *cipher_gost_cpcnt_12();
+void cipher_gost_destroy();
# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
+# define EVP_MD_CTRL_MAC_LEN (EVP_MD_CTRL_ALG_CTRL+5)
/* EVP_PKEY_METHOD key encryption callbacks */
/* From gost_ec_keyx.c */
int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
* Store bignum in byte array of given length, prepending by zeros if
* nesseccary
*/
-int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
-/* Read bignum, which can have few MSB all-zeros from buffer*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
+int store_bignum(const BIGNUM *bn, unsigned char *buf, int len);
/* Pack GOST R 34.10 signature according to CryptoPro rules */
int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
/* from ameth.c */