From 1c8b7f9a2a51ba2a6d668c2cd4e4672ed6731166 Mon Sep 17 00:00:00 2001 From: Vitaly Chikunov Date: Wed, 3 Jun 2020 05:45:13 +0300 Subject: [PATCH] Add string option 'vko' for EVP_PKEY_CTRL_SET_VKO Format: vko: Such as: vko:256 for VKO_256 vko:512 for VKO_512 vko:0 disable strict VKO mode, switch to other derive methods. --- gost_lcl.h | 1 + gost_pmeth.c | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/gost_lcl.h b/gost_lcl.h index 50446a3..8471ed0 100644 --- a/gost_lcl.h +++ b/gost_lcl.h @@ -57,6 +57,7 @@ int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags); /* For GOST R34.10 parameters */ # define param_ctrl_string "paramset" # define ukm_ctrl_string "ukmhex" +# define vko_ctrl_string "vko" # define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) /* For GOST 28147 MAC */ # define key_ctrl_string "key" diff --git a/gost_pmeth.c b/gost_pmeth.c index bceb50e..9c1d602 100644 --- a/gost_pmeth.c +++ b/gost_pmeth.c @@ -217,6 +217,19 @@ static int pkey_gost_ec_ctrl_str_common(EVP_PKEY_CTX *ctx, OPENSSL_free(tmp); return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_IV, len, ukm_buf); + } else if (strcmp(type, vko_ctrl_string) == 0) { + int bits = atoi(value); + int vko_dgst_nid = 0; + + if (bits == 256) + vko_dgst_nid = NID_id_GostR3411_2012_256; + else if (bits == 512) + vko_dgst_nid = NID_id_GostR3411_2012_512; + else if (bits != 0) { + GOSTerr(GOST_F_PKEY_GOST_EC_CTRL_STR_COMMON, GOST_R_INVALID_DIGEST_TYPE); + return 0; + } + return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_SET_VKO, vko_dgst_nid, NULL); } return -2; } -- 2.39.2