X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_lcl.h;h=a6b6e1224845a3bb14ac29735d412657817ee487;hb=e55323c4c29e6b2645e7e7357453c34fb9a42440;hp=4e1c4ea26cd16c69a3c5074156354842881350a9;hpb=57d07eb0dc22bee10aebb0bd37cbdf2258413564;p=openssl-gost%2Fengine.git

diff --git a/gost_lcl.h b/gost_lcl.h
index 4e1c4ea..a6b6e12 100644
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -11,7 +11,6 @@
  **********************************************************************/
 # include <openssl/bn.h>
 # include <openssl/evp.h>
-# include <openssl/dsa.h>
 # include <openssl/asn1t.h>
 # include <openssl/x509.h>
 # include <openssl/engine.h>
@@ -21,9 +20,11 @@
 /* Control commands */
 # define GOST_PARAM_CRYPT_PARAMS 0
 # define GOST_PARAM_PBE_PARAMS 1
-# define GOST_PARAM_MAX 1
+# define GOST_PARAM_PK_FORMAT 2
+# define GOST_PARAM_MAX 2
 # define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
 # define GOST_CTRL_PBE_PARAMS   (ENGINE_CMD_BASE+GOST_PARAM_PBE_PARAMS)
+# define GOST_CTRL_PK_FORMAT   (ENGINE_CMD_BASE+GOST_PARAM_PK_FORMAT)
 
 typedef struct R3410_ec {
     int nid;
@@ -33,11 +34,11 @@ typedef struct R3410_ec {
     char *q;
     char *x;
     char *y;
+    char *cofactor;
 } R3410_ec_params;
 
 extern R3410_ec_params R3410_2001_paramset[],
-                      *R3410_2012_256_paramset,
-                       R3410_2012_512_paramset[];
+    *R3410_2012_256_paramset, R3410_2012_512_paramset[];
 
 extern const ENGINE_CMD_DEFN gost_cmds[];
 int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
@@ -58,21 +59,33 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);
 /* For GOST 28147 MAC */
 # define key_ctrl_string "key"
 # define hexkey_ctrl_string "hexkey"
+# define maclen_ctrl_string "size"
 # define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
+# define EVP_PKEY_CTRL_MAC_LEN (EVP_PKEY_ALG_CTRL+5)
 /* Pmeth internal representation */
 struct gost_pmeth_data {
     int sign_param_nid;         /* Should be set whenever parameters are
                                  * filled */
     EVP_MD *md;
     unsigned char *shared_ukm;
+    size_t shared_ukm_size;     /* XXX temporary use shared_ukm and hash for 2018 CKE */
     int peer_key_used;
+    int cipher_nid;             /* KExp15/KImp15 algs */
 };
 
 struct gost_mac_pmeth_data {
-    int key_set;
+    short int key_set;
+    short int mac_size;
+    int mac_param_nid;
     EVP_MD *md;
     unsigned char key[32];
 };
+
+struct gost_mac_key {
+    int mac_param_nid;
+    unsigned char key[32];
+    short int mac_size;
+};
 /* GOST-specific ASN1 structures */
 
 typedef struct {
@@ -101,6 +114,24 @@ typedef struct {                /* FIXME incomplete */
     GOST_KEY_TRANSPORT *gkt;
 } GOST_CLIENT_KEY_EXCHANGE_PARAMS;
 
+/*   PSKeyTransport ::= SEQUENCE {
+       PSEXP OCTET STRING,
+       ephemeralPublicKey SubjectPublicKeyInfo
+   }
+   SubjectPublicKeyInfo ::= SEQUENCE {
+       algorithm AlgorithmIdentifier,
+       subjectPublicKey BITSTRING
+   }
+   AlgorithmIdentifier ::= SEQUENCE {
+       algorithm OBJECT IDENTIFIER,
+       parameters ANY OPTIONAL
+   }*/
+typedef struct PSKeyTransport_st {
+    ASN1_OCTET_STRING *psexp;
+    X509_PUBKEY       *ephem_key;
+} PSKeyTransport_gost;
+
+DECLARE_ASN1_FUNCTIONS(PSKeyTransport_gost)
 /*
  * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
  * what's done in symhacks.h, but since this is a very local header file, I
@@ -142,26 +173,37 @@ typedef struct {
 DECLARE_ASN1_FUNCTIONS(MASKED_GOST_KEY)
 
 /*============== Message digest  and cipher related structures  ==========*/
-         /*
-          * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
-          * in the md-data pointers to dynamically allocated memory. I
-          * cannot invent better way to avoid memory leaks, because openssl
-          * insist on invoking Init on Final-ed digests, and there is no
-          * reliable way to find out whether pointer in the passed md_data is
-          * valid or not.
-          */
+    /*
+     * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
+     * in the md-data pointers to dynamically allocated memory. I
+     * cannot invent better way to avoid memory leaks, because openssl
+     * insist on invoking Init on Final-ed digests, and there is no
+     * reliable way to find out whether pointer in the passed md_data is
+     * valid or not.
+     */
 struct ossl_gost_digest_ctx {
     gost_hash_ctx dctx;
     gost_ctx cctx;
 };
 /* EVP_MD structure for GOST R 34.11 */
-extern EVP_MD digest_gost;
+EVP_MD *digest_gost(void);
+void digest_gost_destroy(void);
 /* EVP MD structure for GOST R 34.11-2012 algorithms */
-extern EVP_MD digest_gost2012_256;
-extern EVP_MD digest_gost2012_512;
+EVP_MD *digest_gost2012_256(void);
+EVP_MD *digest_gost2012_512(void);
+void digest_gost2012_256_destroy(void);
+void digest_gost2012_512_destroy(void);
 /* EVP_MD structure for GOST 28147 in MAC mode */
-extern EVP_MD imit_gost_cpa;
-extern EVP_MD imit_gost_cp_12;
+EVP_MD *imit_gost_cpa(void);
+void imit_gost_cpa_destroy(void);
+EVP_MD *imit_gost_cp_12(void);
+void imit_gost_cp_12_destroy(void);
+EVP_MD *magma_omac(void);
+void magma_omac_destroy(void);
+EVP_MD *grasshopper_omac(void);
+EVP_MD *grasshopper_omac_acpkm(void);
+void grasshopper_omac_destroy(void);
+void grasshopper_omac_acpkm_destroy(void);
 /* Cipher context used for EVP_CIPHER operation */
 struct ossl_gost_cipher_ctx {
     int paramNID;
@@ -184,17 +226,26 @@ struct ossl_gost_imit_ctx {
     int key_meshing;
     int bytes_left;
     int key_set;
+    int dgst_size;
 };
 /* Table which maps parameter NID to S-blocks */
 extern struct gost_cipher_info gost_cipher_list[];
 /* Find encryption params from ASN1_OBJECT */
 const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
 /* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-extern EVP_CIPHER cipher_gost;
-extern EVP_CIPHER cipher_gost_cpacnt;
-extern EVP_CIPHER cipher_gost_cpcnt_12;
+const EVP_CIPHER *cipher_gost();
+const EVP_CIPHER *cipher_gost_cbc();
+const EVP_CIPHER *cipher_gost_cpacnt();
+const EVP_CIPHER *cipher_gost_cpcnt_12();
+const EVP_CIPHER *cipher_magma_cbc();
+const EVP_CIPHER *cipher_magma_ctr();
+void cipher_gost_destroy();
+
+void inc_counter(unsigned char *buffer, size_t buf_len);
+
 # define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
 # define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
+# define EVP_MD_CTRL_MAC_LEN (EVP_MD_CTRL_ALG_CTRL+5)
 /* EVP_PKEY_METHOD key encryption callbacks */
 /* From gost_ec_keyx.c */
 int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
@@ -206,19 +257,32 @@ int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
                            size_t in_len);
 /* derive functions */
 /* From gost_ec_keyx.c */
-int pkey_gost_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
-                        size_t *keylen);
+int pkey_gost_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
 int fill_GOST_EC_params(EC_KEY *eckey, int nid);
-int gost_sign_keygen(DSA *dsa);
 int gost_ec_keygen(EC_KEY *ec);
 
-DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);
-
-int gost_do_verify(const unsigned char *dgst, int dgst_len,
-                   DSA_SIG *sig, DSA *dsa);
+ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);
 int gost_ec_verify(const unsigned char *dgst, int dgst_len,
-                   DSA_SIG *sig, EC_KEY *ec);
+                   ECDSA_SIG *sig, EC_KEY *ec);
 int gost_ec_compute_public(EC_KEY *ec);
+
+/* KDF TREE */
+int gost_kdftree2012_256(unsigned char *keyout, size_t keyout_len,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *label, size_t label_len,
+                         const unsigned char *seed, size_t seed_len,
+                         const size_t representation);
+/* KExp/KImp */
+int gost_kexp15(const unsigned char *shared_key, const int shared_len,
+                int cipher_nid, const unsigned char *cipher_key,
+                int mac_nid, unsigned char *mac_key,
+                const unsigned char *iv, const size_t ivlen,
+                unsigned char *out, int *out_len);
+int gost_kimp15(const unsigned char *expkey, const size_t expkeylen,
+                int cipher_nid, const unsigned char *cipher_key,
+                int mac_nid, unsigned char *mac_key,
+                const unsigned char *iv, const size_t ivlen,
+                unsigned char *shared_key, size_t shared_len);
 /*============== miscellaneous functions============================= */
 /* from gost_sign.c */
 /* Convert GOST R 34.11 hash sum to bignum according to standard */
@@ -227,11 +291,9 @@ BIGNUM *hashsum2bn(const unsigned char *dgst, int len);
  * Store bignum in byte array of given length, prepending by zeros if
  * nesseccary
  */
-int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
-/* Read bignum, which can have few MSB all-zeros    from buffer*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
+int store_bignum(const BIGNUM *bn, unsigned char *buf, int len);
 /* Pack GOST R 34.10 signature according to CryptoPro rules */
-int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
+int pack_sign_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
 /* from ameth.c */
 /* Get private key as BIGNUM from both 34.10-2001 keys*/
 /* Returns pointer into EVP_PKEY structure */