]>
wagner.pp.ru Git - openssl-gost/engine.git/log
Arseniy Ankudinov [Wed, 23 Sep 2020 15:54:58 +0000 (18:54 +0300)]
disable gost key mask on gost94 digest steps due to performance issues
Vitaly Chikunov [Sun, 20 Sep 2020 18:21:22 +0000 (21:21 +0300)]
Compatibility with Solaris 10 (gcc 3.4.3)
Note, you will need to pass `-lsocket -lnsl` to the gcc for
socketpair(3SOCKET) to link `test_tls'.
Dmitry Belyavskiy [Fri, 18 Sep 2020 13:52:47 +0000 (16:52 +0300)]
KDF Tree fix for BIG_ENDIAN
Dmitry Belyavskiy [Fri, 18 Sep 2020 13:28:05 +0000 (16:28 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine
Dmitry Belyavskiy [Fri, 18 Sep 2020 13:27:41 +0000 (16:27 +0300)]
Strict alignment Kuznyechik bugfix
Vitaly Chikunov [Thu, 17 Sep 2020 22:47:27 +0000 (01:47 +0300)]
Provide cmake test if alignment requirement is strict
This is based on AX_CHECK_ALIGNED_ACCESS_REQUIRED from autoconf-archive.
Note, that on some arches unaligned access behavior could be changed at
runtime via prctl(1). Also, unaligned memory access is still slower (and
very slow on some arches) even if it's not strictly required.
Dmitry Belyavskiy [Fri, 18 Sep 2020 08:18:10 +0000 (11:18 +0300)]
Endianess bugfix
Dmitry Belyavskiy [Wed, 2 Sep 2020 15:05:02 +0000 (18:05 +0300)]
Adjust README.md
Dmitry Belyavskiy [Fri, 28 Aug 2020 13:36:34 +0000 (16:36 +0300)]
Tests adjustment
Dmitry Belyavskiy [Sat, 22 Aug 2020 15:49:57 +0000 (18:49 +0300)]
Fix Coverity #305798
Dmitry Belyavskiy [Sat, 22 Aug 2020 15:47:17 +0000 (18:47 +0300)]
Fix coverity #305799
Dmitry Belyavskiy [Sat, 22 Aug 2020 15:42:56 +0000 (18:42 +0300)]
Fix Coverity #305800
Plus some minor style fix
Luis Rivera Zamarripa [Thu, 20 Aug 2020 09:56:31 +0000 (12:56 +0300)]
[ecp] validation with coverity
Dmitry Belyavskiy [Thu, 20 Aug 2020 07:37:44 +0000 (10:37 +0300)]
Update test to match current openssl messages
Dmitry Belyavskiy [Thu, 13 Aug 2020 11:26:12 +0000 (14:26 +0300)]
SSL tests fix
Dmitry Belyavskiy [Tue, 11 Aug 2020 12:36:01 +0000 (15:36 +0300)]
Use alpha6 openssl
Dmitry Belyavskiy [Thu, 6 Aug 2020 15:05:07 +0000 (18:05 +0300)]
Bugfix - arguments order
Dmitry Belyavskiy [Thu, 6 Aug 2020 15:04:27 +0000 (18:04 +0300)]
API renaming
Dmitry Belyavskiy [Thu, 6 Aug 2020 15:03:59 +0000 (18:03 +0300)]
Clang build fix
Billy Brumley [Thu, 23 Jul 2020 16:47:03 +0000 (19:47 +0300)]
Edwards map fix
ECCKiila Changes from
https://gitlab.com/nisec/ecckiila/-/issues/2
https://gitlab.com/nisec/ecckiila/-/commit/
7445ecabef77965743e0ae8d39d7433b07820be6
* X3 -> X1
* eliminate a temp variable
X3 = X1 as pointers is the reason this was still passing unit tests.
But that might not hold in future versions of ECCKiila, so fix it now.
Dmitry Belyavskiy [Wed, 22 Jul 2020 09:39:08 +0000 (12:39 +0300)]
Create codeql-analysis.yml
Billy Brumley [Fri, 10 Jul 2020 16:55:32 +0000 (19:55 +0300)]
GOST EC armv7 aarch64 fixes
char defaults to signed on x86/x64, but unsigned on ARM.
Vitaly Chikunov [Thu, 4 Jun 2020 00:37:39 +0000 (03:37 +0300)]
test_derive: Test all modes of EVP_PKEY_derive
Test all VKOs and KEGs to work and produce same keys for both parties.
Vitaly Chikunov [Wed, 3 Jun 2020 02:45:13 +0000 (05:45 +0300)]
Add string option 'vko' for EVP_PKEY_CTRL_SET_VKO
Format: vko:<bit length>
Such as:
vko:256 for VKO_256
vko:512 for VKO_512
vko:0 disable strict VKO mode, switch to other derive methods.
Vitaly Chikunov [Fri, 29 May 2020 18:13:20 +0000 (21:13 +0300)]
test_derive: Add VKO tests from R 50.1.113-2016
Vitaly Chikunov [Tue, 2 Jun 2020 00:29:13 +0000 (03:29 +0300)]
Allow to use raw VKO in EVP_PKEY_derive
Suitable for tests. Use EVP_PKEY_CTRL_SET_VKO ctrl with appropriate
digest nid to enable VKO mode.
Billy Brumley [Fri, 3 Jul 2020 15:27:23 +0000 (18:27 +0300)]
GOST ECC optimizations (#263)
Standalone EC implementations from ECCKiila.
https://gitlab.com/nisec/ecckiila
Dmitry Belyavskiy [Sat, 13 Jun 2020 13:35:56 +0000 (16:35 +0300)]
Avoid some warnings
Dmitry Belyavskiy [Sat, 13 Jun 2020 13:21:08 +0000 (16:21 +0300)]
Clarify that OPENSSL_ROOT_DIR is absolute path
Pauli [Fri, 12 Jun 2020 06:13:40 +0000 (16:13 +1000)]
EVP_MAC: APIs were renamed so they need to be fixed in here too. (#267)
Vitalio [Wed, 10 Jun 2020 07:46:36 +0000 (10:46 +0300)]
gost_ec_keyx: Update header plate with copyrights and description (#266)
Billy Brumley [Mon, 8 Jun 2020 14:36:10 +0000 (17:36 +0300)]
GOST key agreement cofactor fix (#265)
* GOST key agreement cofactor fix
Vitaly Chikunov [Wed, 27 May 2020 14:19:31 +0000 (17:19 +0300)]
benchmark/sign: Fix crash on incorrect options
Bug found by Clang scan-build.
Fixes #258.
Dmitry Belyavskiy [Wed, 27 May 2020 09:56:07 +0000 (12:56 +0300)]
API changes
Dmitry Belyavskiy [Fri, 22 May 2020 16:00:03 +0000 (19:00 +0300)]
Missing copyright plates
Fixes #257
Dmitry Belyavskiy [Thu, 21 May 2020 17:42:18 +0000 (20:42 +0300)]
Reenable RSA TLS test
openssl/openssl#11720 provided the necessary fix.
Vitaly Chikunov [Tue, 19 May 2020 10:31:39 +0000 (13:31 +0300)]
test_sign: Test conversion of private keys to PEM and DER and back
Vitaly Chikunov [Tue, 19 May 2020 10:30:12 +0000 (13:30 +0300)]
test_params: Test conversion of cert to PEM and back
Test for conversion errors.
Vitaly Chikunov [Wed, 20 May 2020 05:20:52 +0000 (08:20 +0300)]
.travis.yml: Make Travis script fail early
Such as, no need to run tests if build failed.
Vitaly Chikunov [Tue, 19 May 2020 17:49:19 +0000 (20:49 +0300)]
test_tls: Force LEGACY-GOST2012-GOST8912-GOST8912 cipher list
Also, allow verbose connect setting VERBOSE=1 env var.
Dmitry Belyavskiy [Tue, 19 May 2020 14:55:17 +0000 (17:55 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine
Nikolay Morozov [Tue, 19 May 2020 14:12:27 +0000 (17:12 +0300)]
Fix misleading indentation
Dmitry Belyavskiy [Tue, 19 May 2020 14:36:37 +0000 (17:36 +0300)]
Build fix
Nikolay Morozov [Mon, 18 May 2020 13:40:43 +0000 (16:40 +0300)]
Fix code formating.
All tabs replcaded with spaces. One file was 2 tabs fornating.
Dmitry Belyavskiy [Mon, 18 May 2020 16:17:07 +0000 (19:17 +0300)]
Switch to alpha2
Vitaly Chikunov [Wed, 13 May 2020 02:10:57 +0000 (05:10 +0300)]
Add static to functions that not need to be exported
After registration rework many callbacks not need to be exported. Also,
some functions inconsistently declared static in headers and non-static
in the code. Finally, some functions just not need to be exported.
Vitaly Chikunov [Wed, 13 May 2020 01:41:13 +0000 (04:41 +0300)]
Remove unneeded declarations after registration rework
Vitaly Chikunov [Tue, 12 May 2020 23:24:07 +0000 (02:24 +0300)]
Update Copyright lines after registration rework
- Add year 2020 to old lines.
- Some files did not have original Copyright line - added "Update
at 2020" to show that I'm not original contributor.
- Some files did not have License line - added reference to OpenSSL
license.
Vitaly Chikunov [Tue, 12 May 2020 22:57:27 +0000 (01:57 +0300)]
gost_eng: Simplify digest registration
Now only simple array of `GOST_digest's. No need to care about aliases
anymore.
Vitaly Chikunov [Tue, 12 May 2020 22:55:49 +0000 (01:55 +0300)]
gost_md: Rework alias support in digest registration
Vitaly Chikunov [Tue, 12 May 2020 22:17:10 +0000 (01:17 +0300)]
gost_omac_acpkm: Rework registration of kuznyechik_ctracpkm_omac
Vitaly Chikunov [Tue, 12 May 2020 22:10:51 +0000 (01:10 +0300)]
gost_omac: Rework registration of magma/kuznyechik OMAC digests
Convert to a table method.
Vitaly Chikunov [Tue, 12 May 2020 22:02:13 +0000 (01:02 +0300)]
gost_md2012: Add registration using GostR3411_2012_{256,512}_digest
Vitaly Chikunov [Tue, 12 May 2020 21:53:01 +0000 (00:53 +0300)]
gost_crypt: Add Gost28147_89_MAC_digest, Gost28147_89_mac_12_digest
Covert their registration to table method.
Vitaly Chikunov [Tue, 12 May 2020 21:25:35 +0000 (00:25 +0300)]
gost_md: Rework digest registration, add GostR3411_94_digest
Introduce `GOST_digest' to hold digest registration data, and
`GOST_init_digest'/`GOST_deinit_digest` helpers to handle it.
It's single-level templatized.
Vitaly Chikunov [Tue, 12 May 2020 09:26:01 +0000 (12:26 +0300)]
gost_crypt: Add some sanity checking to GOST_init_cipher
- Stream cipher should have block_size 1, other should not.
- Stream cipher should not have padding.
- If IV is specified Custom IV flag should be set.
Vitaly Chikunov [Tue, 12 May 2020 03:01:41 +0000 (06:01 +0300)]
gost_eng: Rework (simplify) cipher registration
Now we don't need a struct to hold cipher list. And can use simple array
of pointers to `GOST_cipher'.
Vitaly Chikunov [Tue, 12 May 2020 02:40:00 +0000 (05:40 +0300)]
gost_keyexpimp: Rework cipher registration
Vitaly Chikunov [Tue, 12 May 2020 02:26:53 +0000 (05:26 +0300)]
gost_grasshopper_cipher: Remove redundant code
Not needed after cipher registration converted into table way.
Vitaly Chikunov [Tue, 12 May 2020 01:58:03 +0000 (04:58 +0300)]
gost_grasshopper_cipher: Rework cipher registration
This only adds registering via tables, but not removing obsolete code.
Vitaly Chikunov [Tue, 12 May 2020 00:55:39 +0000 (03:55 +0300)]
gost_crypt: Allow templates in GOST_cipher
Avoid duplication of struct values with help of 1-level templates.
Vitaly Chikunov [Mon, 11 May 2020 23:34:54 +0000 (02:34 +0300)]
gost_crypt: Add magma_cbc_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:32:00 +0000 (02:32 +0300)]
gost_crypt: Add magma_ctr_acpkm_omac_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:27:45 +0000 (02:27 +0300)]
gost_crypt: Add magma_ctr_acpkm_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:23:34 +0000 (02:23 +0300)]
gost_crypt: Add magma_ctr_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:19:45 +0000 (02:19 +0300)]
gost_crypt: Add Gost28147_89_cnt_12_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:16:25 +0000 (02:16 +0300)]
gost_crypt: Add Gost28147_89_cnt_cipher
Vitaly Chikunov [Mon, 11 May 2020 23:10:07 +0000 (02:10 +0300)]
gost_crypt: Add Gost28147_89_cbc_cipher
Vitaly Chikunov [Mon, 11 May 2020 22:28:04 +0000 (01:28 +0300)]
gost_crypt: Rework cipher registration, add Gost28147_89_cipher
Dmitry Belyavskiy [Mon, 11 May 2020 13:55:47 +0000 (16:55 +0300)]
Allow skipping perl tests
Dmitry Belyavskiy [Sun, 10 May 2020 15:22:10 +0000 (18:22 +0300)]
Finally normally passing MAC tests
Dmitry Belyavskiy [Sun, 10 May 2020 15:00:03 +0000 (18:00 +0300)]
Restore kuznyechik-mac test
Dmitry Belyavskiy [Sun, 10 May 2020 14:44:03 +0000 (17:44 +0300)]
Reenable some hmac tests
Dmitry Belyavskiy [Sun, 10 May 2020 14:37:49 +0000 (17:37 +0300)]
Update the HMAC calculation example
Fix #244
Dmitry Belyavskiy [Sun, 10 May 2020 14:15:45 +0000 (17:15 +0300)]
Merge branch 'master' of https://github.com/gost-engine/engine
Dmitry Belyavskiy [Sun, 10 May 2020 14:15:00 +0000 (17:15 +0300)]
Coverity issue #300971
Vitaly Chikunov [Sat, 9 May 2020 22:26:35 +0000 (01:26 +0300)]
test_ciphers: Enable Magma CBC test
Since it's fixed in previous commit.
Vitaly Chikunov [Sat, 9 May 2020 22:20:40 +0000 (01:20 +0300)]
gost_crypt: Fix Magma CBC in-place decryption
Simplest fix not concerned with performance, still should not impact it
too much.
Vitaly Chikunov [Sat, 9 May 2020 21:54:25 +0000 (00:54 +0300)]
test_digest: Add another carry test vector, also test GOST94
This vector triggers so much bugs in different implementations.
Vitaly Chikunov [Sat, 9 May 2020 21:29:57 +0000 (00:29 +0300)]
test_digest: Reduce arguments to tests, make concise logging
- Less arguments - less scary function calls.
- Better screen output: all tests now shown.
- Some typo corrections.
Vitaly Chikunov [Sat, 9 May 2020 21:13:11 +0000 (00:13 +0300)]
test_digest: Test CMAC using EVP_MAC (provider) API
Use chance of having CMAC test vector to test CMAC provider.
Vitaly Chikunov [Sat, 9 May 2020 20:02:25 +0000 (23:02 +0300)]
test_digest: Test old and new APIs
Both HMAC (deprecated) and EVP_MAC (since 3.0).
Also, remove redundant test iteration in do_digest().
Vitaly Chikunov [Sat, 9 May 2020 19:47:24 +0000 (22:47 +0300)]
test: List untested digests and ciphers
It's good to know what needs to be done.
Dmitry Belyavskiy [Sun, 10 May 2020 12:14:48 +0000 (15:14 +0300)]
GOST CMS encryption implementation.
Dmitry Belyavskiy [Sat, 9 May 2020 17:20:22 +0000 (20:20 +0300)]
Error regeneration
Dmitry Belyavskiy [Sat, 9 May 2020 16:37:46 +0000 (19:37 +0300)]
Useful wrap script
Dmitry Belyavskiy [Sat, 9 May 2020 16:36:12 +0000 (19:36 +0300)]
Enabling TC26 CMS tests
Dmitry Belyavskiy [Sat, 9 May 2020 16:00:33 +0000 (19:00 +0300)]
Update INSTALL.md according to actual standards
Dmitry Belyavskiy [Sat, 9 May 2020 14:24:09 +0000 (17:24 +0300)]
Improve diagnostics
Dmitry Belyavskiy [Sat, 9 May 2020 10:47:48 +0000 (13:47 +0300)]
magma-ctr-acpkm + magma-ctr-acpkm-omac
Dmitry Belyavskiy [Sat, 9 May 2020 10:18:32 +0000 (13:18 +0300)]
Refactoring unprotected attributes processing
Vitaly Chikunov [Sat, 9 May 2020 04:46:17 +0000 (07:46 +0300)]
test_digest: Do HMAC using EVP_MAC API
They say `HMAC' API is deprecated since 3.0, thus `EVP_MAC' API should
be used.
https://www.openssl.org/docs/manmaster/man3/HMAC_CTX_free.html
Vitaly Chikunov [Sat, 9 May 2020 03:57:12 +0000 (06:57 +0300)]
test_ciphers: Add Magma CTR (and CBC) test(s)
- CTR vector is from standard.
- CBC vector is generated by PR_GOSTR_bch_v9. CBC test fail in-place
decryption, so it's disabled by `#if 0'.
Vitaly Chikunov [Sat, 9 May 2020 03:15:32 +0000 (06:15 +0300)]
gost_crypt: Fix IV length for Magma CTR mode
It's 4, half of block size.
Vitaly Chikunov [Sat, 9 May 2020 00:07:13 +0000 (03:07 +0300)]
test_digest: Add Magma OMAC1 test
From GOST R 34.13-2015 (А.2.6).
Vitaly Chikunov [Fri, 8 May 2020 23:49:47 +0000 (02:49 +0300)]
test_digest: Add HMAC tests for Streebog
From RFC 7836 (B) and R 50.1.113-2016 (A).
Vitaly Chikunov [Fri, 8 May 2020 21:51:48 +0000 (00:51 +0300)]
test_digest: Add more test vectors for Streebog
Dumps from `etalon/' dir.
Vitaly Chikunov [Fri, 8 May 2020 20:33:50 +0000 (23:33 +0300)]
test_digest: Move MAC tests from test_cipher to test_digest
Here is better place, because they all digests.
Vitaly Chikunov [Fri, 8 May 2020 18:53:30 +0000 (21:53 +0300)]
test_ciphers: Rework cipher test
- Use EVP API instead of direct calls to gost-engine;
- Remove MAC tests (they should go into test_digest);
- Expand `testcases' array to be more readable;
- Add some asserts of IV and block sizes.
- Remove noisy hex dumps if there is no errors;
- Note: no new cipers are added.
Vitaly Chikunov [Fri, 8 May 2020 17:24:31 +0000 (20:24 +0300)]
test_ciphers: Rename test_grasshopper to test_ciphers
Better name to add more ciphers to test. Also, move it up in the tests
just after digests.