X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_sign.c;h=df489ae157a5132951f71913f5fae8e54cbbc83c;hb=ea281d2516111f018f224409098d5a1d11e967bd;hp=114091c1c96bbbe24c16d02acbea99a4d1044b3d;hpb=2d910eb5a75bdf1fb03b56188d5ed98b1c5d2551;p=openssl-gost%2Fengine.git diff --git a/gost_ec_sign.c b/gost_ec_sign.c index 114091c..df489ae 100644 --- a/gost_ec_sign.c +++ b/gost_ec_sign.c @@ -23,25 +23,22 @@ void dump_dsa_sig(const char *message, ECDSA_SIG *sig); # define dump_dsa_sig(a,b) #endif -/* Convert little-endian byte array into bignum */ -BIGNUM *hashsum2bn(const unsigned char *dgst, int len) -{ - unsigned char buf[64]; - int i; - - if (len > sizeof(buf)) - return NULL; - - for (i = 0; i < len; i++) { - buf[len - i - 1] = dgst[i]; - } - return BN_bin2bn(buf, len, NULL); -} - static R3410_ec_params *gost_nid2params(int nid) { R3410_ec_params *params; + /* Map tc26-2012 256-bit parameters to cp-2001 parameters */ + switch (nid) { + case NID_id_tc26_gost_3410_2012_256_paramSetB: + nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; + break; + case NID_id_tc26_gost_3410_2012_256_paramSetC: + nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; + break; + case NID_id_tc26_gost_3410_2012_256_paramSetD: + nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; + } + /* Search nid in 2012 paramset */ params = R3410_2012_512_paramset; while (params->nid != NID_undef) { @@ -124,7 +121,7 @@ int fill_GOST_EC_params(EC_KEY *eckey, int nid) if (!BN_hex2bn(&x, params->x) || !BN_hex2bn(&y, params->y) - || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx) + || !EC_POINT_set_affine_coordinates(grp, P, x, y, ctx) || !BN_hex2bn(&q, params->q)) { GOSTerr(GOST_F_FILL_GOST_EC_PARAMS, ERR_R_INTERNAL_ERROR); goto end; @@ -134,7 +131,7 @@ int fill_GOST_EC_params(EC_KEY *eckey, int nid) GOSTerr(GOST_F_FILL_GOST_EC_PARAMS, ERR_R_INTERNAL_ERROR); goto end; } - EC_GROUP_set_curve_name(grp, params->nid); + EC_GROUP_set_curve_name(grp, nid); if (!EC_KEY_set_group(eckey, grp)) { GOSTerr(GOST_F_FILL_GOST_EC_PARAMS, ERR_R_INTERNAL_ERROR); goto end; @@ -171,14 +168,14 @@ ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) OPENSSL_assert(dgst != NULL && eckey != NULL); - if (!(ctx = BN_CTX_new())) { + if (!(ctx = BN_CTX_secure_new())) { GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); return NULL; } BN_CTX_start(ctx); OPENSSL_assert(dlen == 32 || dlen == 64); - md = hashsum2bn(dgst, dlen); + md = BN_lebin2bn(dgst, dlen, NULL); newsig = ECDSA_SIG_new(); if (!newsig || !md) { GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); @@ -247,7 +244,7 @@ ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); goto err; } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { + if (!EC_POINT_get_affine_coordinates(group, C, X, NULL, ctx)) { GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_EC_LIB); goto err; } @@ -355,7 +352,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, } OPENSSL_assert(dgst_len == 32 || dgst_len == 64); - md = hashsum2bn(dgst, dgst_len); + md = BN_lebin2bn(dgst, dgst_len, NULL); if (!md || !BN_mod(e, md, order, ctx)) { GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_INTERNAL_ERROR); goto err; @@ -394,7 +391,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_EC_LIB); goto err; } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { + if (!EC_POINT_get_affine_coordinates(group, C, X, NULL, ctx)) { GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_EC_LIB); goto err; } @@ -442,7 +439,7 @@ int gost_ec_compute_public(EC_KEY *ec) return 0; } - ctx = BN_CTX_new(); + ctx = BN_CTX_secure_new(); if (!ctx) { GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); return 0; @@ -496,7 +493,7 @@ int gost_ec_keygen(EC_KEY *ec) } order = BN_new(); - d = BN_new(); + d = BN_secure_new(); if (!order || !d) { GOSTerr(GOST_F_GOST_EC_KEYGEN, ERR_R_MALLOC_FAILURE); goto end;