X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_keyx.c;h=deca4f599896bf79c61cc7fb588fe99a150ba36a;hb=3b31dea89630ecd3f741171ed3e1d4259adabf0e;hp=cc94d677ed37b5bb9aa5acc4284270824bed86db;hpb=89d1db9116738da5ed5de417c63da5e8be214b4d;p=openssl-gost%2Fengine.git

diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index cc94d67..deca4f5 100644
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -18,16 +18,16 @@
 #include "gost_lcl.h"
 
 /* Implementation of CryptoPro VKO 34.10-2001/2012 algorithm */
-static int VKO_compute_key(unsigned char *shared_key,
-                           const EC_POINT *pub_key, const EC_KEY *priv_key,
-                           const unsigned char *ukm, const size_t ukm_size,
-                           const int vko_dgst_nid)
+int VKO_compute_key(unsigned char *shared_key,
+                    const EC_POINT *pub_key, const EC_KEY *priv_key,
+                    const unsigned char *ukm, const size_t ukm_size,
+                    const int vko_dgst_nid)
 {
     unsigned char *databuf = NULL;
     BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL, *cofactor = NULL;
     const BIGNUM *key = EC_KEY_get0_private_key(priv_key);
     EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key));
-    BN_CTX *ctx = BN_CTX_new();
+    BN_CTX *ctx = BN_CTX_secure_new();
     EVP_MD_CTX *mdctx = NULL;
     const EVP_MD *md = NULL;
     int buf_len, half_len;
@@ -45,7 +45,7 @@ static int VKO_compute_key(unsigned char *shared_key,
         goto err;
     }
 
-    UKM = hashsum2bn(ukm, ukm_size);
+    UKM = BN_lebin2bn(ukm, ukm_size, NULL);
     p = BN_CTX_get(ctx);
     order = BN_CTX_get(ctx);
 		cofactor = BN_CTX_get(ctx);
@@ -59,8 +59,11 @@ static int VKO_compute_key(unsigned char *shared_key,
         GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_ERROR_POINT_MUL);
         goto err;
     }
-    EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key),
-                                        pnt, X, Y, ctx);
+    if (!EC_POINT_get_affine_coordinates(EC_KEY_get0_group(priv_key),
+                                        pnt, X, Y, ctx)) {
+	GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_EC_LIB);
+	goto err;
+    }
 
     half_len = BN_num_bytes(order);
     buf_len = 2 * half_len;
@@ -149,7 +152,6 @@ static int gost_keg(const unsigned char *ukm_source, int pkey_nid,
 
             OPENSSL_cleanse(tmpkey, 32);
             return (keylen) ? keylen : 0;
-            break;
         }
     default:
         return 0;
@@ -260,6 +262,8 @@ static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
             return 0;
         }
     }
+    if (!param)
+        goto err;
     /* Check for private key in the peer_key of context */
     if (sec_key) {
         key_is_ephemeral = 0;
@@ -281,10 +285,6 @@ static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
             }
         }
     }
-    if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
-        && param == gost_cipher_list) {
-        param = gost_cipher_list;
-    }
     if (out) {
         int dgst_nid = NID_undef;
         EVP_PKEY_get_default_digest_nid(pubk, &dgst_nid);
@@ -337,9 +337,11 @@ static int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     }
     if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0)
         ret = 1;
+    OPENSSL_cleanse(shared_key, sizeof(shared_key));
     GOST_KEY_TRANSPORT_free(gkt);
     return ret;
  err:
+    OPENSSL_cleanse(shared_key, sizeof(shared_key));
     if (key_is_ephemeral)
         EVP_PKEY_free(sec_key);
     GOST_KEY_TRANSPORT_free(gkt);
@@ -443,6 +445,7 @@ static int pkey_gost2018_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     if ((*out_len = i2d_PSKeyTransport_gost(pst, out ? &out : NULL)) > 0)
         ret = 1;
  err:
+    OPENSSL_cleanse(expkeys, sizeof(expkeys));
     if (key_is_ephemeral)
       EVP_PKEY_free(sec_key);
 
@@ -549,6 +552,7 @@ static int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
 
     ret = 1;
  err:
+    OPENSSL_cleanse(sharedKey, sizeof(sharedKey));
     EVP_PKEY_free(eph_key);
     GOST_KEY_TRANSPORT_free(gkt);
     return ret;
@@ -629,6 +633,7 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
 
     ret = 1;
  err:
+    OPENSSL_cleanse(expkeys, sizeof(expkeys));
     EVP_PKEY_free(eph_key);
     PSKeyTransport_gost_free(pst);
     return ret;
@@ -637,7 +642,8 @@ static int pkey_gost2018_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
 int pkey_gost_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
                       size_t *key_len, const unsigned char *in, size_t in_len)
 {
-    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+    struct gost_pmeth_data *gctx = EVP_PKEY_CTX_get_data(pctx);
+#if 0
     if (data->shared_ukm == NULL || data->shared_ukm_size == 8)
         return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len);
     else if (data->shared_ukm_size == 32)
@@ -646,4 +652,18 @@ int pkey_gost_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
         GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR);
         return -1;
     }
+#else
+	switch (gctx->cipher_nid)
+	{
+		case NID_id_Gost28147_89:
+		case NID_undef: /* FIXME */
+			return pkey_GOST_ECcp_decrypt(pctx, key, key_len, in, in_len);
+		case NID_kuznyechik_ctr:
+		case NID_magma_ctr:
+			return pkey_gost2018_decrypt(pctx, key, key_len, in, in_len);
+		default:
+      GOSTerr(GOST_F_PKEY_GOST_DECRYPT, ERR_R_INTERNAL_ERROR);
+      return -1;
+	}
+#endif
 }