]> wagner.pp.ru Git - openssl-gost/engine.git/log
openssl-gost/engine.git
6 years agoAdd more GOST R 34.10-2012 parameters 86/head
Vitaly Chikunov [Sun, 16 Sep 2018 04:58:08 +0000 (07:58 +0300)]
Add more GOST R 34.10-2012 parameters

NID_id_tc26_gost_3410_2012_256_paramSetA
NID_id_tc26_gost_3410_2012_512_paramSetC

6 years agoAdd basic tests for curves parameters
Vitaly Chikunov [Sun, 16 Sep 2018 04:23:31 +0000 (07:23 +0300)]
Add basic tests for curves parameters

6 years agoMerge pull request #83 from vt-alt/in-places
Dmitry Belyavskiy [Thu, 13 Sep 2018 07:59:03 +0000 (10:59 +0300)]
Merge pull request #83 from vt-alt/in-places

In-place encryption tests and fixes

6 years agoAdd test_context to test context copy 83/head
Vitaly Chikunov [Thu, 13 Sep 2018 03:48:56 +0000 (06:48 +0300)]
Add test_context to test context copy

Currently, for Grasshopper only.

6 years agoFix in-place decryption for CBC mode
Vitaly Chikunov [Thu, 13 Sep 2018 00:26:19 +0000 (03:26 +0300)]
Fix in-place decryption for CBC mode

6 years agoIn-place cipher tests
Vitaly Chikunov [Wed, 12 Sep 2018 22:41:30 +0000 (01:41 +0300)]
In-place cipher tests

6 years agoDefault size of imitovstavka adjusted
Dmitry Belyavskiy [Tue, 11 Sep 2018 12:49:59 +0000 (15:49 +0300)]
Default size of imitovstavka adjusted

6 years agoFixed in-place encryption for CTR and CTR-ACPKM modes
Dmitry Belyavskiy [Tue, 11 Sep 2018 10:11:29 +0000 (13:11 +0300)]
Fixed in-place encryption for CTR and CTR-ACPKM modes

6 years agoFormatting
Dmitry Belyavskiy [Tue, 11 Sep 2018 09:28:40 +0000 (12:28 +0300)]
Formatting

6 years agoFormatting
Dmitry Belyavskiy [Tue, 11 Sep 2018 09:27:19 +0000 (12:27 +0300)]
Formatting

6 years agoRemove unused functions
Dmitry Belyavskiy [Tue, 11 Sep 2018 08:55:47 +0000 (11:55 +0300)]
Remove unused functions

6 years agoWe should get key nid from our private key, not from peer's ephemeral
Dmitry Belyavskiy [Fri, 7 Sep 2018 12:59:06 +0000 (15:59 +0300)]
We should get key nid from our private key, not from peer's ephemeral

6 years agoMissing NID
Dmitry Belyavskiy [Fri, 7 Sep 2018 12:48:20 +0000 (15:48 +0300)]
Missing NID

6 years agoMake Travis more happy
Dmitry Belyavskiy [Thu, 6 Sep 2018 15:36:53 +0000 (18:36 +0300)]
Make Travis more happy

6 years agoTemporary FIXME to make engine kuznyuechik-omac friendly.
Dmitry Belyavskiy [Thu, 6 Sep 2018 15:22:44 +0000 (18:22 +0300)]
Temporary FIXME to make engine kuznyuechik-omac friendly.

6 years agoMkae kuznyechik recognizable by libssl
Dmitry Belyavskiy [Thu, 6 Sep 2018 14:51:57 +0000 (17:51 +0300)]
Mkae kuznyechik recognizable by libssl

6 years agoOne more TODO
Dmitry Belyavskiy [Thu, 6 Sep 2018 13:25:42 +0000 (16:25 +0300)]
One more TODO

6 years agoLet's wrap old and new key enncryption together
Dmitry Belyavskiy [Tue, 4 Sep 2018 14:02:57 +0000 (17:02 +0300)]
Let's wrap old and new key enncryption together

6 years agoUpdate comment to match reality
Dmitry Belyavskiy [Tue, 4 Sep 2018 13:32:48 +0000 (16:32 +0300)]
Update comment to match reality

6 years agoGOST key transport 2018 - decrypt as separate function
Dmitry Belyavskiy [Tue, 4 Sep 2018 13:10:01 +0000 (16:10 +0300)]
GOST key transport 2018 - decrypt as separate function

6 years agoGOST key export, separate function
Dmitry Belyavskiy [Tue, 4 Sep 2018 11:41:01 +0000 (14:41 +0300)]
GOST key export, separate function

6 years agoASN1 definitions
Dmitry Belyavskiy [Tue, 4 Sep 2018 08:38:32 +0000 (11:38 +0300)]
ASN1 definitions

6 years agoMerge pull request #82 from vt-alt/fix
Dmitry Belyavskiy [Mon, 3 Sep 2018 18:30:40 +0000 (21:30 +0300)]
Merge pull request #82 from vt-alt/fix

Sanity checking in gost_grasshopper_cipher_cleanup

6 years agoAllow double calling of gost_grasshopper_cipher_cleanup() 82/head
Vitaly Chikunov [Sat, 11 Aug 2018 04:57:38 +0000 (07:57 +0300)]
Allow double calling of gost_grasshopper_cipher_cleanup()

6 years agoRemove dependency from DSA
Dmitry Belyavskiy [Mon, 3 Sep 2018 16:02:52 +0000 (19:02 +0300)]
Remove dependency from DSA

6 years agoKDF TREE + test
Dmitry Belyavskiy [Mon, 3 Sep 2018 13:47:01 +0000 (16:47 +0300)]
KDF TREE + test

6 years agoIndent + gost_kdftree2012_256 declaration
Dmitry Belyavskiy [Mon, 3 Sep 2018 12:48:59 +0000 (15:48 +0300)]
Indent + gost_kdftree2012_256 declaration

6 years agoRefactoring of VKO
Dmitry Belyavskiy [Mon, 3 Sep 2018 08:47:50 +0000 (11:47 +0300)]
Refactoring of VKO

6 years agoRemove redundant parameters
Dmitry Belyavskiy [Fri, 31 Aug 2018 12:24:47 +0000 (15:24 +0300)]
Remove redundant parameters

6 years agogost_kimp15 tested
Dmitry Belyavskiy [Fri, 31 Aug 2018 11:45:43 +0000 (14:45 +0300)]
gost_kimp15 tested

6 years agogost_kimp15, untested
Dmitry Belyavskiy [Fri, 31 Aug 2018 10:47:23 +0000 (13:47 +0300)]
gost_kimp15, untested

6 years agoTry to fix Travis build
Dmitry Belyavskiy [Fri, 31 Aug 2018 10:19:05 +0000 (13:19 +0300)]
Try to fix Travis build

6 years agoGOST Kexp + test
Dmitry Belyavskiy [Fri, 31 Aug 2018 10:07:30 +0000 (13:07 +0300)]
GOST Kexp + test

6 years agoSome fixes of OMAC processing
Dmitry Belyavskiy [Fri, 31 Aug 2018 10:02:52 +0000 (13:02 +0300)]
Some fixes of OMAC processing

6 years ago+unit test, untested yet.
Dmitry Belyavskiy [Thu, 30 Aug 2018 16:07:23 +0000 (19:07 +0300)]
+unit test, untested yet.

6 years agoBugfix + some basic test setup
Dmitry Belyavskiy [Thu, 30 Aug 2018 15:50:57 +0000 (18:50 +0300)]
Bugfix + some basic test setup

6 years agoError codes fixed
Dmitry Belyavskiy [Thu, 30 Aug 2018 15:07:01 +0000 (18:07 +0300)]
Error codes fixed

6 years agoKexp/Kimp15 implementation, initial commmit.
Dmitry Belyavskiy [Thu, 30 Aug 2018 13:55:02 +0000 (16:55 +0300)]
Kexp/Kimp15 implementation, initial commmit.

6 years agoDealing with new KeyExchange
Dmitry Belyavskiy [Thu, 30 Aug 2018 09:06:25 +0000 (12:06 +0300)]
Dealing with new KeyExchange

6 years agoIndentation
Dmitry Belyavskiy [Thu, 30 Aug 2018 08:27:23 +0000 (11:27 +0300)]
Indentation

6 years agoMerge pull request #75 from IamUndef/patch-1
Dmitry Belyavskiy [Mon, 20 Aug 2018 12:02:06 +0000 (15:02 +0300)]
Merge pull request #75 from IamUndef/patch-1

Fixed GOST_PK_FORMAT param

6 years agoFixed GOST_PK_FORMAT param 75/head
Sergey Aganin [Mon, 20 Aug 2018 11:47:37 +0000 (14:47 +0300)]
Fixed GOST_PK_FORMAT param

6 years agoComment out branch 1.1.0
Dmitry Belyavskiy [Sat, 18 Aug 2018 17:37:15 +0000 (20:37 +0300)]
Comment out branch 1.1.0

6 years agolibgost => gost
Dmitry Belyavskiy [Fri, 17 Aug 2018 15:02:32 +0000 (18:02 +0300)]
libgost => gost

6 years agoNot in master
Dmitry Belyavskiy [Fri, 17 Aug 2018 14:39:18 +0000 (17:39 +0300)]
Not in master

6 years agoMaster is designed to be 1.1.1-compatible.
Dmitry Belyavskiy [Fri, 17 Aug 2018 14:32:18 +0000 (17:32 +0300)]
Master is designed to be 1.1.1-compatible.

6 years agoAdd NIDs to compile with vanilla OpenSSL_1_1_0-stable 72/head
Vitaly Chikunov [Wed, 8 Aug 2018 18:37:59 +0000 (21:37 +0300)]
Add NIDs to compile with vanilla OpenSSL_1_1_0-stable

6 years agoAdd grasshopper_omac_acpkm (OMAC-ACPKM)
Vitaly Chikunov [Sun, 5 Aug 2018 00:44:46 +0000 (03:44 +0300)]
Add grasshopper_omac_acpkm (OMAC-ACPKM)

6 years agoAllow EVP_MD_CTX_copy_ex OMAC before key is set
Vitaly Chikunov [Thu, 2 Aug 2018 18:41:02 +0000 (21:41 +0300)]
Allow EVP_MD_CTX_copy_ex OMAC before key is set

Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
6 years agoFix possible overflow of digest result writing
Vitaly Chikunov [Thu, 2 Aug 2018 13:59:14 +0000 (16:59 +0300)]
Fix possible overflow of digest result writing

Openssl is already have output result size in EVP_MD.md_size
We should not exceed its value when writing digest output.
This should be fixed more consistently, probably, by removing
dgst_size from OMAC_CTX.

6 years agoFix EVP_MD_CTX_copy_ex for OMAC
Vitaly Chikunov [Wed, 1 Aug 2018 21:03:06 +0000 (00:03 +0300)]
Fix EVP_MD_CTX_copy_ex for OMAC

Openssl copies a state between valid contexts. But, EVP_MD_CTX_copy_ex
just memcpy-s private data (md_data), which points to OMAC_CTX), which
have pointer to CMAC_CTX. Copying pointer makes CMAC context just the
same on the both sides. As a consequence, we can not do normal copy of a
state between CMAC contexts. As a fix, we just clone it if it's equal
between copy sides.

Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
6 years agoOptimize out skip_sections and add tests for ACPKM-Master
Vitaly Chikunov [Sat, 28 Jul 2018 07:36:29 +0000 (10:36 +0300)]
Optimize out skip_sections and add tests for ACPKM-Master

ACPKM-Master is from R 23565.1.017-2018, it will be required for
ACPKM-OMAC for TLS 1.2.

6 years agoEnsure proper cipher type for EVP_CTRL_KEY_MESH
Vitaly Chikunov [Thu, 26 Jul 2018 09:23:55 +0000 (12:23 +0300)]
Ensure proper cipher type for EVP_CTRL_KEY_MESH

6 years agoSet default value for CTR ACPKM limit
Vitaly Chikunov [Thu, 26 Jul 2018 09:07:11 +0000 (12:07 +0300)]
Set default value for CTR ACPKM limit

Default limit for Kuznyechik is 4KiB, from TLS 1.2 recommendations. As
a consequence it does not need to be configured via EVP_CTRL_KEY_MESH.
Also, explicitly set ACPKM limit in tests.

6 years agoAdd kuznyechik_ctracpkm
Vitaly Chikunov [Thu, 26 Jul 2018 04:34:07 +0000 (07:34 +0300)]
Add kuznyechik_ctracpkm

6 years agotest_grasshopper: Rework tests to be more flexible
Vitaly Chikunov [Thu, 26 Jul 2018 04:31:42 +0000 (07:31 +0300)]
test_grasshopper: Rework tests to be more flexible

6 years agotest_grasshopper: Warn if EVP_MD_meth_set_result_size is performed
Vitaly Chikunov [Wed, 25 Jul 2018 07:49:38 +0000 (10:49 +0300)]
test_grasshopper: Warn if EVP_MD_meth_set_result_size is performed

6 years agoMake grasshopper OMAC result size 8 instead of 4
Vitaly Chikunov [Wed, 25 Jul 2018 07:39:50 +0000 (10:39 +0300)]
Make grasshopper OMAC result size 8 instead of 4

Two reasons: to match GOST R test vector size, just make it bigger.

6 years agotest_grasshopper: Make it compile on 1.1.0
Vitaly Chikunov [Wed, 25 Jul 2018 07:29:25 +0000 (10:29 +0300)]
test_grasshopper: Make it compile on 1.1.0

openssl-1.1.0 made ctx opaque and does not allow it on stack anymore.

6 years agoMove openssl-1.0.2 shim layer here
Vitaly Chikunov [Wed, 25 Jul 2018 06:13:22 +0000 (09:13 +0300)]
Move openssl-1.0.2 shim layer here

Previously, we had shim layer in our openssl branch
Could be squashed with 01d26132d156ba9fff7a8142d5a6899d7b2e6286

6 years agoRemove empty gost_grasshopper_mac.* files
Vitaly Chikunov [Wed, 25 Jul 2018 05:51:54 +0000 (08:51 +0300)]
Remove empty gost_grasshopper_mac.* files

6 years agotest: Make perl tests report success or failure
Gleb Fotengauer-Malinovskiy [Tue, 24 Jul 2018 16:37:43 +0000 (19:37 +0300)]
test: Make perl tests report success or failure

Co-authored-by: Mikhail Gordeev <obirvalger@altlinux.org>
6 years agoAdd perl test harness to CMakeLists to run on make test
Vitaly Chikunov [Tue, 24 Jul 2018 02:30:25 +0000 (05:30 +0300)]
Add perl test harness to CMakeLists to run on make test

6 years agoFix perl tests and library name
Gleb Fotengauer-Malinovskiy [Mon, 23 Jul 2018 18:00:00 +0000 (21:00 +0300)]
Fix perl tests and library name

6 years agotest_grasshopper: Remove long IV test for CTR mode
Vitaly Chikunov [Mon, 23 Jul 2018 17:27:14 +0000 (20:27 +0300)]
test_grasshopper: Remove long IV test for CTR mode

6 years agoFix grasshopper-ctr reinitialization
Gleb Fotengauer-Malinovskiy [Thu, 19 Jul 2018 17:11:37 +0000 (20:11 +0300)]
Fix grasshopper-ctr reinitialization

Also, document why CTR IV size is now set to 16, so user is noted to set
IV appropriately to full extent (including counter). Basically, it's for
openssh (and alike) to make it copy IV from privilege separated process.

6 years agotest_grasshopper: Add chunked test and summarize testing
Vitaly Chikunov [Mon, 23 Jul 2018 01:51:05 +0000 (04:51 +0300)]
test_grasshopper: Add chunked test and summarize testing

Encrypt with small chunks to verify that internal state is handled
correctly between calls.

6 years agotest_grasshopper: Tests for CBC and CFB
Vitaly Chikunov [Mon, 23 Jul 2018 01:15:25 +0000 (04:15 +0300)]
test_grasshopper: Tests for CBC and CFB

These tests are with generated test vectors from canonical TC26
implementation with truncated IVs.

6 years agotest_grasshopper: Test OFB after it's fixed
Vitaly Chikunov [Mon, 23 Jul 2018 00:41:37 +0000 (03:41 +0300)]
test_grasshopper: Test OFB after it's fixed

6 years agograsshopper: Fix OFB implementation.
Vitaly Chikunov [Mon, 23 Jul 2018 00:35:13 +0000 (03:35 +0300)]
grasshopper: Fix OFB implementation.

Previous implementation was not OFB at all, and fail tests.

Note: This implementation is for fixed width 128-bit IV which makes
shift regiser redundant.

6 years agotest_grasshopper: ctr test 2 and ofb with truncated iv tests
Vitaly Chikunov [Sun, 22 Jul 2018 23:25:08 +0000 (02:25 +0300)]
test_grasshopper: ctr test 2 and ofb with truncated iv tests

Full test of OFB to match GOST R 34.13-2015 test vectors is impossible,
due to test IVs are having size (256-bits) over the maximum openssl can
allow (128-bits).

I generated new test vectors from canonical implementation
from `PR_GOSTR_bch_v9.zip` (revision of 2016-10-28) by truncating test
IVs in half.

6 years agotest_grasshopper: Stream modes testing
Vitaly Chikunov [Sun, 22 Jul 2018 09:21:43 +0000 (12:21 +0300)]
test_grasshopper: Stream modes testing

Make sure stream modes can encrypt any block size.

6 years agograsshopper: Fix streaming for CTR mode
Vitaly Chikunov [Sun, 22 Jul 2018 07:34:03 +0000 (10:34 +0300)]
grasshopper: Fix streaming for CTR mode

Previously CTR did not continue unfinished block on the next cipher
iteration.

6 years agotest_grasshopper: Test for OMAC
Vitaly Chikunov [Sun, 22 Jul 2018 05:59:53 +0000 (08:59 +0300)]
test_grasshopper: Test for OMAC

6 years agoAdd make test and test_grasshopper
Vitaly Chikunov [Sun, 22 Jul 2018 00:10:37 +0000 (03:10 +0300)]
Add make test and test_grasshopper

test_grasshopper: test modes to match GOST vectors
Only ECB and CTR modes are tested. OBF, CBC, CFB modes is not testable
under openssl.

6 years agoMerge branch 'magma_impl' into openssl_1_0_2_alt
Vitaly Chikunov [Fri, 20 Jul 2018 01:52:40 +0000 (04:52 +0300)]
Merge branch 'magma_impl' into openssl_1_0_2_alt

6 years agoProduce correct GOST signatures
Vitaly Chikunov [Thu, 19 Jul 2018 00:58:06 +0000 (03:58 +0300)]
Produce correct GOST signatures

Offset commit 7f572e958b13041056f377a62d3219633cfb1e8a
Old openssl still needs EVP_MD_FLAG_PKEY_METHOD_SIGNATURE flag to be
set.

6 years agoMake it compile with shimmed openssl-1.0.2
Vitaly Chikunov [Sun, 15 Jul 2018 18:17:44 +0000 (21:17 +0300)]
Make it compile with shimmed openssl-1.0.2

6 years agoMerge pull request #68 from mattcaswell/fix-mem-leak
Dmitry Belyavskiy [Tue, 17 Jul 2018 09:50:38 +0000 (12:50 +0300)]
Merge pull request #68 from mattcaswell/fix-mem-leak

Fix a mem leak

6 years agoFix a mem leak 68/head
Matt Caswell [Tue, 17 Jul 2018 09:47:08 +0000 (10:47 +0100)]
Fix a mem leak

Ensure the grasshopper ciphers are destroyed on engine destroy.

6 years agoFix #67
Dmitry Belyavskiy [Thu, 12 Jul 2018 19:06:05 +0000 (22:06 +0300)]
Fix #67

6 years agoMerge branch 'master' of https://github.com/gost-engine/engine
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:51:46 +0000 (21:51 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine

6 years agoExplicitely setting cofactor
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:49:21 +0000 (21:49 +0300)]
Explicitely setting cofactor

6 years agoExplicitely setting cofactor magma_impl
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:49:21 +0000 (21:49 +0300)]
Explicitely setting cofactor

6 years agoMerge pull request #65 from chipitsine/modernize_ci
Dmitry Belyavskiy [Thu, 28 Jun 2018 15:41:16 +0000 (18:41 +0300)]
Merge pull request #65 from chipitsine/modernize_ci

modernize ci

6 years agomove .ci scripts into .travis.yml 65/head
Ilya Shipitsin [Thu, 28 Jun 2018 08:29:53 +0000 (13:29 +0500)]
move .ci scripts into .travis.yml

6 years agomodernize ci:
Ilya Shipitsin [Wed, 27 Jun 2018 12:38:39 +0000 (17:38 +0500)]
modernize ci:

(*) convert 'openssl ciphers | grep ...' into Test:More syntax
(*) enable some tests on travis-ci (04 is yet broken)

6 years agoMerge pull request #64 from chipitsine/modernize_ci
Dmitry Belyavskiy [Tue, 26 Jun 2018 19:40:19 +0000 (22:40 +0300)]
Merge pull request #64 from chipitsine/modernize_ci

modernize ci

6 years agofixed ciphers 64/head
Ilya Shipitsin [Tue, 26 Jun 2018 16:59:43 +0000 (21:59 +0500)]
fixed ciphers

6 years agoallow OPENSSL_ENGINES to be specified explicitly
Ilya Shipitsin [Tue, 26 Jun 2018 16:48:33 +0000 (21:48 +0500)]
allow OPENSSL_ENGINES to be specified explicitly

6 years agoHopefully merge tests from object_db branch
Dmitry Belyavskiy [Mon, 25 Jun 2018 20:50:02 +0000 (23:50 +0300)]
Hopefully merge tests from object_db branch

6 years agoMerge pull request #59 from chipitsine/master
Dmitry Belyavskiy [Mon, 25 Jun 2018 13:59:54 +0000 (16:59 +0300)]
Merge pull request #59 from chipitsine/master

initial travis-ci support

6 years agoNot needed in this branch
Dmitry Belyavskiy [Sun, 24 Jun 2018 19:29:02 +0000 (22:29 +0300)]
Not needed in this branch

6 years agoSome more iterations of key meshing.
Dmitry Belyavskiy [Thu, 21 Jun 2018 14:07:24 +0000 (17:07 +0300)]
Some more iterations of key meshing.

6 years agoACPKM meshing for Magma
Dmitry Belyavskiy [Thu, 21 Jun 2018 12:28:31 +0000 (15:28 +0300)]
ACPKM meshing for Magma

6 years agoMake tags
Dmitry Belyavskiy [Thu, 21 Jun 2018 09:04:45 +0000 (12:04 +0300)]
Make tags

6 years agoMake test happy
Dmitry Belyavskiy [Wed, 20 Jun 2018 08:55:27 +0000 (11:55 +0300)]
Make test happy

6 years agoMagma CTR (no meshing), compile-only version.
Dmitry Belyavskiy [Tue, 19 Jun 2018 14:03:50 +0000 (17:03 +0300)]
Magma CTR (no meshing), compile-only version.

6 years agoadd openssl master branch to test matrix 59/head
Ilya Shipitsin [Sat, 16 Jun 2018 10:13:11 +0000 (15:13 +0500)]
add openssl master branch to test matrix

6 years agoinitial travis-ci support
Ilya Shipitsin [Sat, 16 Jun 2018 08:18:57 +0000 (13:18 +0500)]
initial travis-ci support