]>
wagner.pp.ru Git - openssl-gost/engine.git/log
Dmitry Belyavskiy [Sat, 9 May 2020 10:18:32 +0000 (13:18 +0300)]
Refactoring unprotected attributes processing
Vitaly Chikunov [Sat, 9 May 2020 04:46:17 +0000 (07:46 +0300)]
test_digest: Do HMAC using EVP_MAC API
They say `HMAC' API is deprecated since 3.0, thus `EVP_MAC' API should
be used.
https://www.openssl.org/docs/manmaster/man3/HMAC_CTX_free.html
Vitaly Chikunov [Sat, 9 May 2020 03:57:12 +0000 (06:57 +0300)]
test_ciphers: Add Magma CTR (and CBC) test(s)
- CTR vector is from standard.
- CBC vector is generated by PR_GOSTR_bch_v9. CBC test fail in-place
decryption, so it's disabled by `#if 0'.
Vitaly Chikunov [Sat, 9 May 2020 03:15:32 +0000 (06:15 +0300)]
gost_crypt: Fix IV length for Magma CTR mode
It's 4, half of block size.
Vitaly Chikunov [Sat, 9 May 2020 00:07:13 +0000 (03:07 +0300)]
test_digest: Add Magma OMAC1 test
From GOST R 34.13-2015 (А.2.6).
Vitaly Chikunov [Fri, 8 May 2020 23:49:47 +0000 (02:49 +0300)]
test_digest: Add HMAC tests for Streebog
From RFC 7836 (B) and R 50.1.113-2016 (A).
Vitaly Chikunov [Fri, 8 May 2020 21:51:48 +0000 (00:51 +0300)]
test_digest: Add more test vectors for Streebog
Dumps from `etalon/' dir.
Vitaly Chikunov [Fri, 8 May 2020 20:33:50 +0000 (23:33 +0300)]
test_digest: Move MAC tests from test_cipher to test_digest
Here is better place, because they all digests.
Vitaly Chikunov [Fri, 8 May 2020 18:53:30 +0000 (21:53 +0300)]
test_ciphers: Rework cipher test
- Use EVP API instead of direct calls to gost-engine;
- Remove MAC tests (they should go into test_digest);
- Expand `testcases' array to be more readable;
- Add some asserts of IV and block sizes.
- Remove noisy hex dumps if there is no errors;
- Note: no new cipers are added.
Vitaly Chikunov [Fri, 8 May 2020 17:24:31 +0000 (20:24 +0300)]
test_ciphers: Rename test_grasshopper to test_ciphers
Better name to add more ciphers to test. Also, move it up in the tests
just after digests.
Vitaly Chikunov [Fri, 8 May 2020 17:08:50 +0000 (20:08 +0300)]
test_context: Test digests too
Test if copying `EVP_MD_CTX' is working good for GOST digests.
Vitaly Chikunov [Fri, 8 May 2020 14:49:15 +0000 (17:49 +0300)]
test_context: Instantiate ciphers using EVP API instead of direct calls
Also, use testcases table and add more ciphers.
Dmitry Belyavskiy [Fri, 8 May 2020 08:51:43 +0000 (11:51 +0300)]
Reverse travis experiments
Dmitry Belyavskiy [Thu, 7 May 2020 20:13:05 +0000 (23:13 +0300)]
Try to use known good commit for tests
Dmitry Belyavskiy [Thu, 7 May 2020 19:50:39 +0000 (22:50 +0300)]
It does not work this way
Dmitry Belyavskiy [Thu, 7 May 2020 19:19:47 +0000 (22:19 +0300)]
Travis tuning - known good commit
Billy Brumley [Thu, 7 May 2020 17:13:42 +0000 (20:13 +0300)]
[test] ECC: KATs for the curves in RFC4357 and RFC7836
* Tests that gost-engine correctly computes the public key from the
private key. (Twice -- Alice and Bob.)
* Tests that gost-engine correctly computes the derived shared key.
(Twice -- Alice and Bob, should be identical.)
Dmitry Belyavskiy [Wed, 6 May 2020 17:47:27 +0000 (20:47 +0300)]
-debug_decrypt option
Dmitry Belyavskiy [Wed, 6 May 2020 17:45:02 +0000 (20:45 +0300)]
Allow GOST 2001 CMS decryption
Dmitry Belyavskiy [Wed, 6 May 2020 17:22:58 +0000 (20:22 +0300)]
Update rsa cms/smime tests to avoid regression
Dmitry Belyavskiy [Wed, 6 May 2020 16:39:48 +0000 (19:39 +0300)]
Allow IANA ciphersuite
Dmitry Belyavskiy [Wed, 6 May 2020 16:34:05 +0000 (19:34 +0300)]
Fix failing ssl tests
Dmitry Belyavskiy [Wed, 6 May 2020 15:12:10 +0000 (18:12 +0300)]
Fix Coverity #300461
Dmitry Belyavskiy [Mon, 4 May 2020 20:01:48 +0000 (23:01 +0300)]
Fix coverity issue 300458
Dmitry Belyavskiy [Mon, 4 May 2020 19:57:42 +0000 (22:57 +0300)]
Fix coverity issue 300457
Dmitry Belyavskiy [Mon, 4 May 2020 18:20:53 +0000 (21:20 +0300)]
Testing against master to avoid known build bug in alpha1
Dmitry Belyavskiy [Mon, 4 May 2020 17:59:41 +0000 (20:59 +0300)]
Update CA verification test
Dmitry Belyavskiy [Mon, 4 May 2020 17:55:31 +0000 (20:55 +0300)]
CTR encryption update
Dmitry Belyavskiy [Mon, 4 May 2020 17:42:42 +0000 (20:42 +0300)]
Typo in CA verify command
Dmitry Belyavskiy [Mon, 4 May 2020 17:31:33 +0000 (20:31 +0300)]
Fixing ca cert verification
Dmitry Belyavskiy [Mon, 4 May 2020 17:19:08 +0000 (20:19 +0300)]
Temporary commented out weird failure
Dmitry Belyavskiy [Mon, 4 May 2020 17:04:17 +0000 (20:04 +0300)]
Try to make mac test happy
Dmitry Belyavskiy [Mon, 4 May 2020 16:50:23 +0000 (19:50 +0300)]
Temporary commented out the RSA test
Dmitry Belyavskiy [Mon, 4 May 2020 16:42:56 +0000 (19:42 +0300)]
TCL engine test updated
Dmitry Belyavskiy [Mon, 4 May 2020 16:27:24 +0000 (19:27 +0300)]
Make grasshopper_test happy
Dmitry Belyavskiy [Mon, 4 May 2020 13:45:25 +0000 (16:45 +0300)]
Make engine test happier
Dmitry Belyavskiy [Mon, 4 May 2020 13:29:37 +0000 (16:29 +0300)]
Switching Travis to 3.0.0-alpha1, try 2
Dmitry Belyavskiy [Mon, 4 May 2020 13:16:35 +0000 (16:16 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine
Dmitry Belyavskiy [Mon, 4 May 2020 13:15:59 +0000 (16:15 +0300)]
Switching Travis to 3.0.0-alpha1
Vitaly Chikunov [Sun, 3 May 2020 20:12:47 +0000 (23:12 +0300)]
test_tls: Fix test hanging on some OpenSSL errors
Handle abnormal exit of s_client/s_server processes.
Fixes partially #230.
Dmitry Belyavskiy [Mon, 4 May 2020 12:48:39 +0000 (15:48 +0300)]
OpenSSL 3.0 required
Dmitry Belyavskiy [Mon, 4 May 2020 11:14:19 +0000 (14:14 +0300)]
KUZNYECHIK-CTR_ACPKM-OMAC implementation
Dmitry Belyavskiy [Sun, 3 May 2020 17:14:30 +0000 (20:14 +0300)]
Kuznyechik ASN1 parameters parsing
Dmitry Belyavskiy [Sun, 3 May 2020 16:43:55 +0000 (19:43 +0300)]
fixup! Magma/Kuznyechik ASN1 parameters and functions
Dmitry Belyavskiy [Sun, 3 May 2020 16:42:05 +0000 (19:42 +0300)]
Magma/Kuznyechik ASN1 parameters and functions
Dmitry Belyavskiy [Sun, 3 May 2020 13:45:59 +0000 (16:45 +0300)]
UKM must be set
Dmitry Belyavskiy [Sun, 3 May 2020 13:45:26 +0000 (16:45 +0300)]
PSKeyTransport_gost includes UKM
Dmitry Belyavskiy [Sun, 3 May 2020 11:42:34 +0000 (14:42 +0300)]
Updated decrypt selection logic
Dmitry Belyavskiy [Sun, 3 May 2020 11:11:17 +0000 (14:11 +0300)]
Restoring gost89 CMS support in gost engine for OpenSSL 3.0
Dmitry Belyavskiy [Sun, 3 May 2020 11:57:28 +0000 (14:57 +0300)]
No deprecation-related warnings
Dmitry Belyavskiy [Sat, 2 May 2020 15:26:53 +0000 (18:26 +0300)]
GOST wrap ciphers registration
Dmitry Belyavskiy [Sat, 2 May 2020 15:07:15 +0000 (18:07 +0300)]
New Gost CMS support, KARI/KTRI parsing
Vitaly Chikunov [Sat, 2 May 2020 19:53:01 +0000 (22:53 +0300)]
gost_eng: Make it use arrays instead of repeatable code
Dmitry Belyavskiy [Fri, 1 May 2020 21:28:46 +0000 (00:28 +0300)]
Free memory
Dmitry Belyavskiy [Fri, 1 May 2020 09:22:43 +0000 (12:22 +0300)]
Fix code aligning
Dmitry Belyavskiy [Fri, 1 May 2020 09:19:43 +0000 (12:19 +0300)]
Rebuild error files to avoid build failures
Dmitry Belyavskiy [Fri, 1 May 2020 00:18:59 +0000 (03:18 +0300)]
pkeyutl -derive support
Support of pkeyutl -pkeyopt ukmhex:
0102030405060708 syntax
Vitaly Chikunov [Sun, 1 Mar 2020 03:03:40 +0000 (06:03 +0300)]
test_digest: Test all block sizes and alignments
There need to be more tests than 2 constant fixed size blocks.
Final digest values are generated from the first run.
Test description in comments.
Nikolay Morozov [Thu, 27 Feb 2020 11:28:07 +0000 (14:28 +0300)]
cppcheck: Variable is reassigned a value before the old one has been used.
Plus some minor chnages
- function defenition doen't match function declaration
- Consecutive break statement is unnecessary.
- Type missmatch in format string
Nikolay Morozov [Wed, 26 Feb 2020 09:38:27 +0000 (12:38 +0300)]
cppcheck: The scope of the variable can be reduced.
Vitaly Chikunov [Mon, 17 Feb 2020 23:55:35 +0000 (02:55 +0300)]
keyx: Add OPENSSL_cleanse for internal buffers
Only stack buffers are considered.
Vitaly Chikunov [Mon, 17 Feb 2020 23:53:14 +0000 (02:53 +0300)]
Replace RAND_bytes with RAND_priv_bytes
`RAND_priv_bytes' is supposed to be used for private data.
Vitaly Chikunov [Mon, 17 Feb 2020 21:35:10 +0000 (00:35 +0300)]
ec: Use BN_{CTX_,}secure_new memory API for priv keys
OpenSSL suggests to use (and internally itself uses)
`BN_{CTX_,}secure_new' primitives to work with private keys.
These are using `OPENSSL_secure_malloc' et al. calls, which use
special 'secure heap' memory.
Along, optimize out `hashsum2bn' with `BN_lebin2bn'.
Dmitry Belyavskiy [Sat, 22 Feb 2020 13:43:42 +0000 (16:43 +0300)]
No need for special OFB context
Vitaly Chikunov [Mon, 10 Feb 2020 15:48:31 +0000 (18:48 +0300)]
CMakeLists.txt: Skip perl tests if there is no Test2::V0
`Test2::V0' is non standard and rarely present on systems, making `make
test' unnecessarily fail.
Nikolay Morozov [Mon, 17 Feb 2020 14:01:49 +0000 (17:01 +0300)]
cppcheck: function defenition doen't match function declaration
Nikolay Morozov [Fri, 14 Feb 2020 11:28:23 +0000 (14:28 +0300)]
GOST89 key masking
Nikolay Morozov [Wed, 12 Feb 2020 11:21:59 +0000 (14:21 +0300)]
Destroy GOST key data with OPENSSL_cleanse()
Vitaly Chikunov [Mon, 10 Feb 2020 05:43:38 +0000 (08:43 +0300)]
elbrus: Treat __e2k__ as __x86_64__ for Streebog
lcc emulates x86_64 SIMD intrinsics, so SSE2 code will work as is. Even
though in benchmarks it is slightly slower than regular implementation
Vitaly Chikunov [Mon, 10 Feb 2020 05:38:08 +0000 (08:38 +0300)]
elbrus: Workaround `-Werror=assign-where-compare-meant'
This is lcc bug. Curiously, it is not triggered in `test_context.c' and
`test_grasshopper.c'.
"lcc: "/usr/src/gost-engine/test_curves.c", строка 32: ошибка:
вероятное использование "=" вместо "=="
[-Werror=assign-where-compare-meant]
#define TEST_ASSERT(e) {if ((test = (e))) \
^
в раскрытие макроса "TEST_ASSERT" на строке 217
TEST_ASSERT(0);"
Vitaly Chikunov [Mon, 10 Feb 2020 05:27:34 +0000 (08:27 +0300)]
elbrus: Workaround '#pragma message' [-Werror=unknown-pragmas]
"lcc: "/usr/src/gost-engine/gosthash2012_ref.h", строка 15: ошибка:
нераспознанная #pragma [-Werror=unknown-pragmas]
# pragma message "Use regular implementation"
^"
Also, cmake does not detect lcc.
Vitaly Chikunov [Mon, 10 Feb 2020 04:53:56 +0000 (07:53 +0300)]
gosthash2012: Properly ifdef '_mm_empty' call
There is other architectures besides __x86_64__, so EMMS should be
issued on IA-32 only where we are using MMX.
Vitaly Chikunov [Thu, 6 Feb 2020 15:11:00 +0000 (18:11 +0300)]
gosthash2012_const: Remove unused arrays with constants
This probably would reduce size of the library. And remove
some 'not used' warnings (-Wunused-const-variable).
Previously `Ax' is generated dynamically from `A` and `Pi` in
`GOST3411Init', but in 2013 it is moved into `gosthash2012_precalc.h`.
`Tau' is unrolled and eliminated in 2013 too.
Vitaly Chikunov [Thu, 6 Feb 2020 13:53:01 +0000 (16:53 +0300)]
gosthash2012: Issue EMMS on 32-bit SIMD implementation
`_mm_empty' is not needed on x86_64, because we only using SSE2.
But, I didn't notice that EXTRACT32 (32-bit version of EXTRACT) is
using MMX registers and intrinsics, so complete removing of
`_mm_empty' (EMMS) was mistake.
Make it presence conditional only for IA-32.
Fixes: 211489f ("gosthash2012: Improve SIMD implementation")
Vitaly Chikunov [Thu, 6 Feb 2020 10:20:13 +0000 (13:20 +0300)]
gosthash2012: Clean up cmake test for _addcarry_u64
Not last version went into commit
ed0f8fbedf438e0ed1f6da9e829a932881695175
Vitaly Chikunov [Thu, 6 Feb 2020 10:33:38 +0000 (13:33 +0300)]
gosthash2012_sse2: Remove unused code (__EXTRACT64)
It's not only unused, but calling _mm_extract_epi8 which is SSE4.1.
Nikolay Morozov [Tue, 4 Feb 2020 11:54:36 +0000 (14:54 +0300)]
Move NID_id_tc26_gost_3410_2012_256_paramSetA to 256-bit
Vitaly Chikunov [Tue, 4 Feb 2020 02:47:15 +0000 (05:47 +0300)]
gosthash2012_ref: Optimize XLPS for speed
This results in ~20% improvement for reference implementation on my
Xeon E5630.
`openssl speed -evp streebog256' results (before and after):
16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
3815.25k 12874.41k 31497.81k 49823.06k 59932.67k 57021.78k
4361.29k 14933.06k 37091.67k 59001.86k 71360.51k 72488.28k
Vitaly Chikunov [Tue, 4 Feb 2020 02:41:53 +0000 (05:41 +0300)]
gosthash2012: Provide cmake test for _addcarry_u64
Also, simple check if `_addcarry_u64' works correctly.
Ilya Shipitsin [Mon, 3 Feb 2020 06:18:33 +0000 (11:18 +0500)]
travis-ci: adjust osx linker options
Vitaly Chikunov [Sun, 2 Feb 2020 18:23:04 +0000 (21:23 +0300)]
travis-ci: Optimize and rearrange .travis.yml
- Remove redundant 'os: linux', 'compiler: gcc' tags.
- Order jobs: x86_64 builds, analysers, other arches, other OSes.
- Mark openssl-master build as 'allow_failures' for PRs.
- Build all jobs against 'OpenSSL_1_1_1-stable' by default.
- Do not include 'linux/arch' in the job name, because Travis show
them already.
- Split name by ' | ' instead of '/' so it's easier to understand.
Vitaly Chikunov [Sun, 2 Feb 2020 19:04:45 +0000 (22:04 +0300)]
travis-ci: Fix build on 'OpenSSL_1_1_1-stable'
It's turned out that 'OpenSSL_1_1_1-stable' does not have 'build_sw'
make target. But both 'OpenSSL_1_1_1-stable' and 'master' have
'build_libs' and 'build_programs'.
Fixes: cb1b5ff ("travis-ci: Speed-up openssl build")
dmitry dulesov [Fri, 31 Jan 2020 23:59:07 +0000 (02:59 +0300)]
gosthash2012: Improve SIMD implementation
Allow aligned/unaligned access. Use better intrinsics and other
small optimizations.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
Vitaly Chikunov [Fri, 31 Jan 2020 23:57:15 +0000 (02:57 +0300)]
gosthash2012: Enable building with SIMD implementation
Also, add compile time notice message to show which implementation is
selected.
dmitry dulesov [Fri, 31 Jan 2020 17:22:19 +0000 (20:22 +0300)]
gosthash2012: Optimize `add512` on x86_64 using Intel intrinsics
`_addcarry_u64' is using `ADC' and does not require ADX extensions
(`-madx').
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 02:49:50 +0000 (05:49 +0300)]
gosthash2012: Optimize out temporary `buf' from `stage3'
On-stack `buf' is replaced by manipulation directly on `CTX->buffer'.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 02:41:36 +0000 (05:41 +0300)]
gosthash2012: Optimize `gost2012_hash_block' loop
Some simple optimizations.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 02:30:49 +0000 (05:30 +0300)]
gosthash2012: Change some byte (pointers) to union uint512_u
Introduce byte `.B' union type to `union uint512_u'.
Change `CTX.buffer' type from `unsigned char' to `union uint512_u'.
Change `data' argument of `stage2()' to `union uint512_u *'.
Change `g()' arguments to `union uint512_u *' with `RESTRICT'
allowing compiler to optimize more.
No code changes, only type changes here.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 02:21:31 +0000 (05:21 +0300)]
gosthash2012: Remove temporary variable from `stage2'
Now `stage2' will always get aligned data which is prepared in
`gost2012_hash_block' by copying into `CTX->buffer'.
This will allow to change `data' argument of `stage2' from `unsigned
char *' pointer to `union uint512_u *'.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 01:20:58 +0000 (04:20 +0300)]
gosthash2012: Make `add512' to work in-place
This allows to use `RESTRICT' which allows compiler optimize more.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
Vitaly Chikunov [Thu, 30 Jan 2020 01:05:10 +0000 (04:05 +0300)]
gosthash2012: Simpler version of add512
Similar to my commit into adegtyarev/streebog@
432d5de .
dmitry dulesov [Thu, 30 Jan 2020 00:50:54 +0000 (03:50 +0300)]
gosthash2012: Simplify `pad'
`pad' does not need this complicated memory movements using stack
buffer.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
dmitry dulesov [Thu, 30 Jan 2020 00:42:48 +0000 (03:42 +0300)]
gosthash2012: Remove redundant `memset' form `init_gost2012_hash_ctx'
`CTX' is already fully zeroed at the beginning of
`init_gost2012_hash_ctx'.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
Vitaly Chikunov [Thu, 30 Jan 2020 00:41:01 +0000 (03:41 +0300)]
gosthash2012: Remove unreachable code from `pad'
`CTX->bufsize' cannot be 64 ever.
dmitry dulesov [Thu, 30 Jan 2020 00:36:45 +0000 (03:36 +0300)]
gosthash2012: Remove redundant `hash' field from `struct gost2012_hash_ctx'
And save 64 bytes.
Committed-by: Vitaly Chikunov <vt@altlinux.org>
Vitaly Chikunov [Fri, 31 Jan 2020 21:58:19 +0000 (00:58 +0300)]
travis-ci: Add 32-bit build (i386)
Make sure everything is OK on 32-bit platform.
Vitaly Chikunov [Fri, 31 Jan 2020 21:55:44 +0000 (00:55 +0300)]
travis-ci: Speed-up openssl build
Do not build openssl documentation.
Also, split build line into several lines.
Vitaly Chikunov [Fri, 31 Jan 2020 17:47:02 +0000 (20:47 +0300)]
travis-ci: Add (big-endian) s390x build
s390x is big-endian which is different from any other arch we build.
We have endianness dependent code, thus this is useful to test.
Vitaly Chikunov [Fri, 31 Jan 2020 17:41:46 +0000 (20:41 +0300)]
travis-ci: Add clang build for linux/x86_64/openssl-master
Previously Clang is only used for OSX build.
Vitaly Chikunov [Fri, 31 Jan 2020 17:35:33 +0000 (20:35 +0300)]
travis-ci: Always describe openssl branch
Log full commit id that we build OpenSSL against, because `master' is
moving target. That should be useful for old logs to reproduce these
builds.