]>
wagner.pp.ru Git - openssl-gost/engine.git/log
Vitaly Chikunov [Thu, 2 Aug 2018 18:41:02 +0000 (21:41 +0300)]
Allow EVP_MD_CTX_copy_ex OMAC before key is set
Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
Vitaly Chikunov [Thu, 2 Aug 2018 13:59:14 +0000 (16:59 +0300)]
Fix possible overflow of digest result writing
Openssl is already have output result size in EVP_MD.md_size
We should not exceed its value when writing digest output.
This should be fixed more consistently, probably, by removing
dgst_size from OMAC_CTX.
Vitaly Chikunov [Wed, 1 Aug 2018 21:03:06 +0000 (00:03 +0300)]
Fix EVP_MD_CTX_copy_ex for OMAC
Openssl copies a state between valid contexts. But, EVP_MD_CTX_copy_ex
just memcpy-s private data (md_data), which points to OMAC_CTX), which
have pointer to CMAC_CTX. Copying pointer makes CMAC context just the
same on the both sides. As a consequence, we can not do normal copy of a
state between CMAC contexts. As a fix, we just clone it if it's equal
between copy sides.
Reported-by: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
Vitaly Chikunov [Sat, 28 Jul 2018 07:36:29 +0000 (10:36 +0300)]
Optimize out skip_sections and add tests for ACPKM-Master
ACPKM-Master is from R 23565.1.017-2018, it will be required for
ACPKM-OMAC for TLS 1.2.
Vitaly Chikunov [Thu, 26 Jul 2018 09:23:55 +0000 (12:23 +0300)]
Ensure proper cipher type for EVP_CTRL_KEY_MESH
Vitaly Chikunov [Thu, 26 Jul 2018 09:07:11 +0000 (12:07 +0300)]
Set default value for CTR ACPKM limit
Default limit for Kuznyechik is 4KiB, from TLS 1.2 recommendations. As
a consequence it does not need to be configured via EVP_CTRL_KEY_MESH.
Also, explicitly set ACPKM limit in tests.
Vitaly Chikunov [Thu, 26 Jul 2018 04:34:07 +0000 (07:34 +0300)]
Add kuznyechik_ctracpkm
Vitaly Chikunov [Thu, 26 Jul 2018 04:31:42 +0000 (07:31 +0300)]
test_grasshopper: Rework tests to be more flexible
Vitaly Chikunov [Wed, 25 Jul 2018 07:49:38 +0000 (10:49 +0300)]
test_grasshopper: Warn if EVP_MD_meth_set_result_size is performed
Vitaly Chikunov [Wed, 25 Jul 2018 07:39:50 +0000 (10:39 +0300)]
Make grasshopper OMAC result size 8 instead of 4
Two reasons: to match GOST R test vector size, just make it bigger.
Vitaly Chikunov [Wed, 25 Jul 2018 07:29:25 +0000 (10:29 +0300)]
test_grasshopper: Make it compile on 1.1.0
openssl-1.1.0 made ctx opaque and does not allow it on stack anymore.
Vitaly Chikunov [Wed, 25 Jul 2018 06:13:22 +0000 (09:13 +0300)]
Move openssl-1.0.2 shim layer here
Previously, we had shim layer in our openssl branch
Could be squashed with
01d26132d156ba9fff7a8142d5a6899d7b2e6286
Vitaly Chikunov [Wed, 25 Jul 2018 05:51:54 +0000 (08:51 +0300)]
Remove empty gost_grasshopper_mac.* files
Gleb Fotengauer-Malinovskiy [Tue, 24 Jul 2018 16:37:43 +0000 (19:37 +0300)]
test: Make perl tests report success or failure
Co-authored-by: Mikhail Gordeev <obirvalger@altlinux.org>
Vitaly Chikunov [Tue, 24 Jul 2018 02:30:25 +0000 (05:30 +0300)]
Add perl test harness to CMakeLists to run on make test
Gleb Fotengauer-Malinovskiy [Mon, 23 Jul 2018 18:00:00 +0000 (21:00 +0300)]
Fix perl tests and library name
Vitaly Chikunov [Mon, 23 Jul 2018 17:27:14 +0000 (20:27 +0300)]
test_grasshopper: Remove long IV test for CTR mode
Gleb Fotengauer-Malinovskiy [Thu, 19 Jul 2018 17:11:37 +0000 (20:11 +0300)]
Fix grasshopper-ctr reinitialization
Also, document why CTR IV size is now set to 16, so user is noted to set
IV appropriately to full extent (including counter). Basically, it's for
openssh (and alike) to make it copy IV from privilege separated process.
Vitaly Chikunov [Mon, 23 Jul 2018 01:51:05 +0000 (04:51 +0300)]
test_grasshopper: Add chunked test and summarize testing
Encrypt with small chunks to verify that internal state is handled
correctly between calls.
Vitaly Chikunov [Mon, 23 Jul 2018 01:15:25 +0000 (04:15 +0300)]
test_grasshopper: Tests for CBC and CFB
These tests are with generated test vectors from canonical TC26
implementation with truncated IVs.
Vitaly Chikunov [Mon, 23 Jul 2018 00:41:37 +0000 (03:41 +0300)]
test_grasshopper: Test OFB after it's fixed
Vitaly Chikunov [Mon, 23 Jul 2018 00:35:13 +0000 (03:35 +0300)]
grasshopper: Fix OFB implementation.
Previous implementation was not OFB at all, and fail tests.
Note: This implementation is for fixed width 128-bit IV which makes
shift regiser redundant.
Vitaly Chikunov [Sun, 22 Jul 2018 23:25:08 +0000 (02:25 +0300)]
test_grasshopper: ctr test 2 and ofb with truncated iv tests
Full test of OFB to match GOST R 34.13-2015 test vectors is impossible,
due to test IVs are having size (256-bits) over the maximum openssl can
allow (128-bits).
I generated new test vectors from canonical implementation
from `PR_GOSTR_bch_v9.zip` (revision of 2016-10-28) by truncating test
IVs in half.
Vitaly Chikunov [Sun, 22 Jul 2018 09:21:43 +0000 (12:21 +0300)]
test_grasshopper: Stream modes testing
Make sure stream modes can encrypt any block size.
Vitaly Chikunov [Sun, 22 Jul 2018 07:34:03 +0000 (10:34 +0300)]
grasshopper: Fix streaming for CTR mode
Previously CTR did not continue unfinished block on the next cipher
iteration.
Vitaly Chikunov [Sun, 22 Jul 2018 05:59:53 +0000 (08:59 +0300)]
test_grasshopper: Test for OMAC
Vitaly Chikunov [Sun, 22 Jul 2018 00:10:37 +0000 (03:10 +0300)]
Add make test and test_grasshopper
test_grasshopper: test modes to match GOST vectors
Only ECB and CTR modes are tested. OBF, CBC, CFB modes is not testable
under openssl.
Vitaly Chikunov [Fri, 20 Jul 2018 01:52:40 +0000 (04:52 +0300)]
Merge branch 'magma_impl' into openssl_1_0_2_alt
Vitaly Chikunov [Thu, 19 Jul 2018 00:58:06 +0000 (03:58 +0300)]
Produce correct GOST signatures
Offset commit
7f572e958b13041056f377a62d3219633cfb1e8a
Old openssl still needs EVP_MD_FLAG_PKEY_METHOD_SIGNATURE flag to be
set.
Vitaly Chikunov [Sun, 15 Jul 2018 18:17:44 +0000 (21:17 +0300)]
Make it compile with shimmed openssl-1.0.2
Dmitry Belyavskiy [Tue, 17 Jul 2018 09:50:38 +0000 (12:50 +0300)]
Merge pull request #68 from mattcaswell/fix-mem-leak
Fix a mem leak
Matt Caswell [Tue, 17 Jul 2018 09:47:08 +0000 (10:47 +0100)]
Fix a mem leak
Ensure the grasshopper ciphers are destroyed on engine destroy.
Dmitry Belyavskiy [Thu, 12 Jul 2018 19:06:05 +0000 (22:06 +0300)]
Fix #67
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:51:46 +0000 (21:51 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:49:21 +0000 (21:49 +0300)]
Explicitely setting cofactor
Dmitry Belyavskiy [Thu, 12 Jul 2018 18:49:21 +0000 (21:49 +0300)]
Explicitely setting cofactor
Dmitry Belyavskiy [Thu, 28 Jun 2018 15:41:16 +0000 (18:41 +0300)]
Merge pull request #65 from chipitsine/modernize_ci
modernize ci
Ilya Shipitsin [Thu, 28 Jun 2018 08:29:53 +0000 (13:29 +0500)]
move .ci scripts into .travis.yml
Ilya Shipitsin [Wed, 27 Jun 2018 12:38:39 +0000 (17:38 +0500)]
modernize ci:
(*) convert 'openssl ciphers | grep ...' into Test:More syntax
(*) enable some tests on travis-ci (04 is yet broken)
Dmitry Belyavskiy [Tue, 26 Jun 2018 19:40:19 +0000 (22:40 +0300)]
Merge pull request #64 from chipitsine/modernize_ci
modernize ci
Ilya Shipitsin [Tue, 26 Jun 2018 16:59:43 +0000 (21:59 +0500)]
fixed ciphers
Ilya Shipitsin [Tue, 26 Jun 2018 16:48:33 +0000 (21:48 +0500)]
allow OPENSSL_ENGINES to be specified explicitly
Dmitry Belyavskiy [Mon, 25 Jun 2018 20:50:02 +0000 (23:50 +0300)]
Hopefully merge tests from object_db branch
Dmitry Belyavskiy [Mon, 25 Jun 2018 13:59:54 +0000 (16:59 +0300)]
Merge pull request #59 from chipitsine/master
initial travis-ci support
Dmitry Belyavskiy [Sun, 24 Jun 2018 19:29:02 +0000 (22:29 +0300)]
Not needed in this branch
Dmitry Belyavskiy [Thu, 21 Jun 2018 14:07:24 +0000 (17:07 +0300)]
Some more iterations of key meshing.
Dmitry Belyavskiy [Thu, 21 Jun 2018 12:28:31 +0000 (15:28 +0300)]
ACPKM meshing for Magma
Dmitry Belyavskiy [Thu, 21 Jun 2018 09:04:45 +0000 (12:04 +0300)]
Make tags
Dmitry Belyavskiy [Wed, 20 Jun 2018 08:55:27 +0000 (11:55 +0300)]
Make test happy
Dmitry Belyavskiy [Tue, 19 Jun 2018 14:03:50 +0000 (17:03 +0300)]
Magma CTR (no meshing), compile-only version.
Ilya Shipitsin [Sat, 16 Jun 2018 10:13:11 +0000 (15:13 +0500)]
add openssl master branch to test matrix
Ilya Shipitsin [Sat, 16 Jun 2018 08:18:57 +0000 (13:18 +0500)]
initial travis-ci support
Dmitry Belyavskiy [Fri, 15 Jun 2018 10:53:27 +0000 (13:53 +0300)]
Bugfix - copy dgst context
Dmitry Belyavskiy [Fri, 15 Jun 2018 10:52:31 +0000 (13:52 +0300)]
Etalon files for GOST R 34.13-2015 (MAC)
Dmitry Belyavskiy [Fri, 15 Jun 2018 10:30:47 +0000 (13:30 +0300)]
Missing initialization
Dmitry Belyavskiy [Fri, 15 Jun 2018 10:05:58 +0000 (13:05 +0300)]
Cleanup
Dmitry Belyavskiy [Fri, 15 Jun 2018 09:51:43 +0000 (12:51 +0300)]
Missing digest registration
Dmitry Belyavskiy [Fri, 15 Jun 2018 09:39:47 +0000 (12:39 +0300)]
Corrected MAC name
Redundant values removed
Dmitry Belyavskiy [Thu, 14 Jun 2018 16:22:45 +0000 (19:22 +0300)]
Finalizing OMAC
Dmitry Belyavskiy [Thu, 14 Jun 2018 15:14:55 +0000 (18:14 +0300)]
OMACs implementation. Unfinished.
Dmitry Belyavskiy [Thu, 14 Jun 2018 12:12:32 +0000 (15:12 +0300)]
Error codes rebuild
Dmitry Belyavskiy [Sat, 9 Jun 2018 12:01:48 +0000 (15:01 +0300)]
Missing free
Dmitry Belyavskiy [Sat, 9 Jun 2018 11:59:31 +0000 (14:59 +0300)]
This branch requires openssl 1.1.1
Dmitry Belyavskiy [Sat, 9 Jun 2018 11:58:03 +0000 (14:58 +0300)]
Patch commited to upstream, no need to update
Dmitry Belyavskiy [Sat, 9 Jun 2018 11:54:30 +0000 (14:54 +0300)]
Finalized magma-cbc
Dmitry Belyavskiy [Fri, 8 Jun 2018 13:53:39 +0000 (16:53 +0300)]
Start implementing MAGMA algorithm
Dmitry Belyavskiy [Mon, 4 Jun 2018 07:36:53 +0000 (10:36 +0300)]
Merge pull request #56 from lumag/patch-1
Add mailing list information to README.md
Dmitry Eremin-Solenikov [Fri, 1 Jun 2018 14:13:22 +0000 (17:13 +0300)]
Add mailing list information to README.md
Currenty relevant mailing list link is hidden in wiki page with obsure name.
Add the link to ML to README.md file.
Dmitry Belyavskiy [Tue, 22 May 2018 09:43:55 +0000 (12:43 +0300)]
Merge pull request #52 from andyk555/master
Fix: the iv/counter CTR mode should be big-endian
Dmitry Belyavskiy [Thu, 29 Mar 2018 14:12:24 +0000 (17:12 +0300)]
C90-friendly
Dmitry Belyavskiy [Thu, 15 Mar 2018 08:03:36 +0000 (11:03 +0300)]
Bugfix - carry bit overflow
andyk555 [Fri, 16 Feb 2018 19:18:25 +0000 (22:18 +0300)]
Update gost_grasshopper_cipher.h
andyk555 [Fri, 16 Feb 2018 19:16:15 +0000 (22:16 +0300)]
Update gost_grasshopper_cipher.c
Dmitry Belyavskiy [Tue, 30 Jan 2018 20:10:31 +0000 (23:10 +0300)]
Compatibility/License warnings
Dmitry Belyavskiy [Wed, 10 Jan 2018 18:31:38 +0000 (21:31 +0300)]
Merge pull request #48 from DJm00n/master
Add native Visual Studio 2015-2017 build support
Dmitry Ryazantsev [Tue, 9 Jan 2018 14:34:11 +0000 (16:34 +0200)]
Add simple .gitignore file
Dmitry Ryazantsev [Tue, 9 Jan 2018 14:04:55 +0000 (16:04 +0200)]
Fix MSVS2017 build errors.
Also add missing getopt.h header for gostsum and gost12sum tools build in MSVS (borrowed from https://github.com/skandhurkat/Getopt-for-Visual-Studio).
Dmitry Ryazantsev [Tue, 9 Jan 2018 13:56:55 +0000 (15:56 +0200)]
Add native Visual Studio 2015-2017 build support.
Add install via CMake.
Dmitry Belyavskiy [Thu, 23 Nov 2017 19:18:42 +0000 (22:18 +0300)]
Visual Studio HOWTO
Dmitry Belyavskiy [Wed, 18 Oct 2017 14:15:33 +0000 (17:15 +0300)]
Merge pull request #46 from dhyannataraj/master
New INSTALL.md file Second attempt
Nikolay Shaplov [Sat, 16 Sep 2017 19:02:29 +0000 (22:02 +0300)]
New INSTALL.md file instead of old CMake_ReadMe.md; Also moved "CONFIGURATION FILE" section from README.gost into INSTALL.md. That section were reformatted to MarkDown, but it's content were not changed
Dmitry Belyavskiy [Tue, 12 Sep 2017 08:21:32 +0000 (11:21 +0300)]
Merge pull request #43 from dhyannataraj/master
Minor README.gost fix (I have shown my abstract to proofreader to fix grave mistakes).
Nikolay Shaplov [Tue, 12 Sep 2017 08:16:46 +0000 (11:16 +0300)]
Minor README.gost fix (I have shown my abstract to proofreader to fix grave mistakes).
Dmitry Belyavskiy [Sat, 9 Sep 2017 19:07:21 +0000 (22:07 +0300)]
Updated documentation
Dmitry Belyavskiy [Sat, 9 Sep 2017 18:45:28 +0000 (21:45 +0300)]
Merge pull request #42 from dhyannataraj/master
README.gost: Abstract rewritten, outdated text at the end of file is removed
Nikolay Shaplov [Sat, 9 Sep 2017 14:51:23 +0000 (17:51 +0300)]
README.gost: Abstract rewritten, outdated text at the end of file is removed
Dmitry Belyavskiy [Sun, 20 Aug 2017 13:24:02 +0000 (16:24 +0300)]
Examples of calculation of GOST2012 digest values.
Dmitry Belyavskiy [Sun, 20 Aug 2017 13:17:24 +0000 (16:17 +0300)]
gost12sum gives the same hash strings as openssl dgst does
Dmitry Belyavskiy [Mon, 14 Aug 2017 18:02:07 +0000 (21:02 +0300)]
This is a minimal example of the openssl config file
necessary to use the GOST engine.
Dmitry Belyavskiy [Mon, 14 Aug 2017 18:01:12 +0000 (21:01 +0300)]
Added CAVEATS section
Victor Wagner [Tue, 8 Aug 2017 13:02:11 +0000 (16:02 +0300)]
Convert hash values to hex as little-endian numbers in gost12sum.c
Victor Wagner [Wed, 2 Aug 2017 18:15:24 +0000 (21:15 +0300)]
Added manual pages. Fixed help messages
Victor Wagner [Wed, 2 Aug 2017 11:21:50 +0000 (14:21 +0300)]
Specify that project uses only C language, to avoid complaints of CMake if no C++ compiler exist on the system
Dmitry Belyavskiy [Wed, 12 Jul 2017 18:34:34 +0000 (21:34 +0300)]
Merge pull request #39 from boggard/master
Add support of legacy format for GOST private key to make BouncyCastle happy.
boggard [Wed, 12 Jul 2017 18:25:35 +0000 (21:25 +0300)]
Some other renames
boggard [Wed, 12 Jul 2017 18:01:56 +0000 (21:01 +0300)]
Variable has renamed and documentation has changed
boggard [Wed, 12 Jul 2017 13:57:50 +0000 (16:57 +0300)]
Private key format configure by openssl.cnf file
Dmitry Belyavskiy [Tue, 4 Jul 2017 11:18:20 +0000 (14:18 +0300)]
The patch is stale, let's remove it.
Dmitry Belyavskiy [Tue, 4 Jul 2017 11:09:32 +0000 (14:09 +0300)]
Fixed list of the supported algorithms.
Dmitry Belyavskiy [Tue, 4 Jul 2017 10:57:07 +0000 (13:57 +0300)]
Fix