summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/gost
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commit957b11334a7afb14537322f0e4795b2e368b3f59 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/gost
parentdf96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff)
downloadopenbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/gost')
-rw-r--r--src/lib/libcrypto/gost/gost89imit_pmeth.c18
-rw-r--r--src/lib/libcrypto/gost/gost_err.c35
-rw-r--r--src/lib/libcrypto/gost/gostr341001.c33
-rw-r--r--src/lib/libcrypto/gost/gostr341001_ameth.c59
-rw-r--r--src/lib/libcrypto/gost/gostr341001_key.c29
-rw-r--r--src/lib/libcrypto/gost/gostr341001_pmeth.c52
6 files changed, 83 insertions, 143 deletions
diff --git a/src/lib/libcrypto/gost/gost89imit_pmeth.c b/src/lib/libcrypto/gost/gost89imit_pmeth.c
index 00eaf1decc..1959b36163 100644
--- a/src/lib/libcrypto/gost/gost89imit_pmeth.c
+++ b/src/lib/libcrypto/gost/gost89imit_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gost89imit_pmeth.c,v 1.3 2014/11/13 20:29:55 miod Exp $ */ 1/* $OpenBSD: gost89imit_pmeth.c,v 1.4 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -110,13 +110,13 @@ pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
110 unsigned char *keydata; 110 unsigned char *keydata;
111 111
112 if (!data->key_set) { 112 if (!data->key_set) {
113 GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET); 113 GOSTerror(GOST_R_MAC_KEY_NOT_SET);
114 return 0; 114 return 0;
115 } 115 }
116 116
117 keydata = malloc(32); 117 keydata = malloc(32);
118 if (keydata == NULL) { 118 if (keydata == NULL) {
119 GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, ERR_R_MALLOC_FAILURE); 119 GOSTerror(ERR_R_MALLOC_FAILURE);
120 return 0; 120 return 0;
121 } 121 }
122 memcpy(keydata, data->key, 32); 122 memcpy(keydata, data->key, 32);
@@ -133,8 +133,7 @@ pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
133 switch (type) { 133 switch (type) {
134 case EVP_PKEY_CTRL_MD: 134 case EVP_PKEY_CTRL_MD:
135 if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) { 135 if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) {
136 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, 136 GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
137 GOST_R_INVALID_DIGEST_TYPE);
138 return 0; 137 return 0;
139 } 138 }
140 data->md = p2; 139 data->md = p2;
@@ -142,8 +141,7 @@ pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
142 141
143 case EVP_PKEY_CTRL_SET_MAC_KEY: 142 case EVP_PKEY_CTRL_SET_MAC_KEY:
144 if (p1 != 32) { 143 if (p1 != 32) {
145 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, 144 GOSTerror(GOST_R_INVALID_MAC_KEY_LENGTH);
146 GOST_R_INVALID_MAC_KEY_LENGTH);
147 return 0; 145 return 0;
148 } 146 }
149 147
@@ -159,14 +157,12 @@ pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
159 if (!data->key_set) { 157 if (!data->key_set) {
160 EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); 158 EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
161 if (pkey == NULL) { 159 if (pkey == NULL) {
162 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, 160 GOSTerror(GOST_R_MAC_KEY_NOT_SET);
163 GOST_R_MAC_KEY_NOT_SET);
164 return 0; 161 return 0;
165 } 162 }
166 key = EVP_PKEY_get0(pkey); 163 key = EVP_PKEY_get0(pkey);
167 if (key == NULL) { 164 if (key == NULL) {
168 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, 165 GOSTerror(GOST_R_MAC_KEY_NOT_SET);
169 GOST_R_MAC_KEY_NOT_SET);
170 return 0; 166 return 0;
171 } 167 }
172 } else { 168 } else {
diff --git a/src/lib/libcrypto/gost/gost_err.c b/src/lib/libcrypto/gost/gost_err.c
index b4e061f985..3bf60ff063 100644
--- a/src/lib/libcrypto/gost/gost_err.c
+++ b/src/lib/libcrypto/gost/gost_err.c
@@ -68,37 +68,10 @@
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_GOST,func,0) 68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_GOST,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_GOST,0,reason) 69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_GOST,0,reason)
70 70
71static ERR_STRING_DATA GOST_str_functs[]= 71static ERR_STRING_DATA GOST_str_functs[]= {
72 { 72 {ERR_FUNC(0xfff), "CRYPTO_internal"},
73{ERR_FUNC(GOST_F_DECODE_GOST01_ALGOR_PARAMS), "DECODE_GOST01_ALGOR_PARAMS"}, 73 {0, NULL}
74{ERR_FUNC(GOST_F_ENCODE_GOST01_ALGOR_PARAMS), "ENCODE_GOST01_ALGOR_PARAMS"}, 74};
75{ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"},
76{ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"},
77{ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"},
78{ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"},
79{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "GOST89_GET_ASN1_PARAMETERS"},
80{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "GOST89_SET_ASN1_PARAMETERS"},
81{ERR_FUNC(GOST_F_GOST_KEY_CHECK_KEY), "GOST_KEY_check_key"},
82{ERR_FUNC(GOST_F_GOST_KEY_NEW), "GOST_KEY_new"},
83{ERR_FUNC(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES), "GOST_KEY_set_public_key_affine_coordinates"},
84{ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
85{ERR_FUNC(GOST_F_PARAM_DECODE_GOST01), "PARAM_DECODE_GOST01"},
86{ERR_FUNC(GOST_F_PKEY_GOST01_CTRL), "PKEY_GOST01_CTRL"},
87{ERR_FUNC(GOST_F_PKEY_GOST01_DECRYPT), "PKEY_GOST01_DECRYPT"},
88{ERR_FUNC(GOST_F_PKEY_GOST01_DERIVE), "PKEY_GOST01_DERIVE"},
89{ERR_FUNC(GOST_F_PKEY_GOST01_ENCRYPT), "PKEY_GOST01_ENCRYPT"},
90{ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"},
91{ERR_FUNC(GOST_F_PKEY_GOST01_SIGN), "PKEY_GOST01_SIGN"},
92{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"},
93{ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"},
94{ERR_FUNC(GOST_F_PRIV_DECODE_GOST01), "PRIV_DECODE_GOST01"},
95{ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
96{ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
97{ERR_FUNC(GOST_F_PUB_PRINT_GOST01), "PUB_PRINT_GOST01"},
98{ERR_FUNC(GOST_F_UNPACK_SIGNATURE_CP), "UNPACK_SIGNATURE_CP"},
99{ERR_FUNC(GOST_F_UNPACK_SIGNATURE_LE), "UNPACK_SIGNATURE_LE"},
100{0,NULL}
101 };
102 75
103static ERR_STRING_DATA GOST_str_reasons[]= 76static ERR_STRING_DATA GOST_str_reasons[]=
104 { 77 {
diff --git a/src/lib/libcrypto/gost/gostr341001.c b/src/lib/libcrypto/gost/gostr341001.c
index 39749394af..ba70d5f1fc 100644
--- a/src/lib/libcrypto/gost/gostr341001.c
+++ b/src/lib/libcrypto/gost/gostr341001.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001.c,v 1.6 2017/01/21 11:00:47 beck Exp $ */ 1/* $OpenBSD: gostr341001.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -109,14 +109,12 @@ gost2001_compute_public(GOST_KEY *ec)
109 int ok = 0; 109 int ok = 0;
110 110
111 if (group == NULL) { 111 if (group == NULL) {
112 GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, 112 GOSTerror(GOST_R_KEY_IS_NOT_INITIALIZED);
113 GOST_R_KEY_IS_NOT_INITIALIZED);
114 return 0; 113 return 0;
115 } 114 }
116 ctx = BN_CTX_new(); 115 ctx = BN_CTX_new();
117 if (ctx == NULL) { 116 if (ctx == NULL) {
118 GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, 117 GOSTerror(ERR_R_MALLOC_FAILURE);
119 ERR_R_MALLOC_FAILURE);
120 return 0; 118 return 0;
121 } 119 }
122 BN_CTX_start(ctx); 120 BN_CTX_start(ctx);
@@ -134,7 +132,7 @@ gost2001_compute_public(GOST_KEY *ec)
134 132
135 if (ok == 0) { 133 if (ok == 0) {
136err: 134err:
137 GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); 135 GOSTerror(ERR_R_EC_LIB);
138 } 136 }
139 EC_POINT_free(pub_key); 137 EC_POINT_free(pub_key);
140 if (ctx != NULL) { 138 if (ctx != NULL) {
@@ -158,13 +156,13 @@ gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
158 int ok = 0; 156 int ok = 0;
159 157
160 if (ctx == NULL) { 158 if (ctx == NULL) {
161 GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); 159 GOSTerror(ERR_R_MALLOC_FAILURE);
162 return NULL; 160 return NULL;
163 } 161 }
164 BN_CTX_start(ctx); 162 BN_CTX_start(ctx);
165 newsig = ECDSA_SIG_new(); 163 newsig = ECDSA_SIG_new();
166 if (newsig == NULL) { 164 if (newsig == NULL) {
167 GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); 165 GOSTerror(ERR_R_MALLOC_FAILURE);
168 goto err; 166 goto err;
169 } 167 }
170 s = newsig->s; 168 s = newsig->s;
@@ -190,8 +188,7 @@ gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
190 do { 188 do {
191 do { 189 do {
192 if (!BN_rand_range(k, order)) { 190 if (!BN_rand_range(k, order)) {
193 GOSTerr(GOST_F_GOST2001_DO_SIGN, 191 GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
194 GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
195 goto err; 192 goto err;
196 } 193 }
197 /* 194 /*
@@ -206,12 +203,12 @@ gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
206 goto err; 203 goto err;
207 204
208 if (EC_POINT_mul(group, C, k, NULL, NULL, ctx) == 0) { 205 if (EC_POINT_mul(group, C, k, NULL, NULL, ctx) == 0) {
209 GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); 206 GOSTerror(ERR_R_EC_LIB);
210 goto err; 207 goto err;
211 } 208 }
212 if (EC_POINT_get_affine_coordinates_GFp(group, C, X, 209 if (EC_POINT_get_affine_coordinates_GFp(group, C, X,
213 NULL, ctx) == 0) { 210 NULL, ctx) == 0) {
214 GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); 211 GOSTerror(ERR_R_EC_LIB);
215 goto err; 212 goto err;
216 } 213 }
217 if (BN_nnmod(r, X, order, ctx) == 0) 214 if (BN_nnmod(r, X, order, ctx) == 0)
@@ -285,8 +282,7 @@ gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec)
285 pub_key = GOST_KEY_get0_public_key(ec); 282 pub_key = GOST_KEY_get0_public_key(ec);
286 if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || 283 if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
287 BN_cmp(sig->s, order) >= 1 || BN_cmp(sig->r, order) >= 1) { 284 BN_cmp(sig->s, order) >= 1 || BN_cmp(sig->r, order) >= 1) {
288 GOSTerr(GOST_F_GOST2001_DO_VERIFY, 285 GOSTerror(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
289 GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
290 goto err; 286 goto err;
291 } 287 }
292 288
@@ -305,17 +301,17 @@ gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec)
305 if ((C = EC_POINT_new(group)) == NULL) 301 if ((C = EC_POINT_new(group)) == NULL)
306 goto err; 302 goto err;
307 if (EC_POINT_mul(group, C, z1, pub_key, z2, ctx) == 0) { 303 if (EC_POINT_mul(group, C, z1, pub_key, z2, ctx) == 0) {
308 GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); 304 GOSTerror(ERR_R_EC_LIB);
309 goto err; 305 goto err;
310 } 306 }
311 if (EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx) == 0) { 307 if (EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx) == 0) {
312 GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); 308 GOSTerror(ERR_R_EC_LIB);
313 goto err; 309 goto err;
314 } 310 }
315 if (BN_mod_ct(R, X, order, ctx) == 0) 311 if (BN_mod_ct(R, X, order, ctx) == 0)
316 goto err; 312 goto err;
317 if (BN_cmp(R, sig->r) != 0) { 313 if (BN_cmp(R, sig->r) != 0) {
318 GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); 314 GOSTerror(GOST_R_SIGNATURE_MISMATCH);
319 } else { 315 } else {
320 ok = 1; 316 ok = 1;
321 } 317 }
@@ -385,8 +381,7 @@ gost2001_keygen(GOST_KEY *ec)
385 381
386 do { 382 do {
387 if (BN_rand_range(d, order) == 0) { 383 if (BN_rand_range(d, order) == 0) {
388 GOSTerr(GOST_F_GOST2001_KEYGEN, 384 GOSTerror(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
389 GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
390 goto err; 385 goto err;
391 } 386 }
392 } while (BN_is_zero(d)); 387 } while (BN_is_zero(d));
diff --git a/src/lib/libcrypto/gost/gostr341001_ameth.c b/src/lib/libcrypto/gost/gostr341001_ameth.c
index bb569ea846..b6958c77d5 100644
--- a/src/lib/libcrypto/gost/gostr341001_ameth.c
+++ b/src/lib/libcrypto/gost/gostr341001_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_ameth.c,v 1.10 2016/10/19 16:49:11 jsing Exp $ */ 1/* $OpenBSD: gostr341001_ameth.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -86,8 +86,7 @@ decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned char **p, int len)
86 86
87 gkp = d2i_GOST_KEY_PARAMS(NULL, p, len); 87 gkp = d2i_GOST_KEY_PARAMS(NULL, p, len);
88 if (gkp == NULL) { 88 if (gkp == NULL) {
89 GOSTerr(GOST_F_DECODE_GOST01_ALGOR_PARAMS, 89 GOSTerror(GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
90 GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
91 return 0; 90 return 0;
92 } 91 }
93 param_nid = OBJ_obj2nid(gkp->key_params); 92 param_nid = OBJ_obj2nid(gkp->key_params);
@@ -125,8 +124,7 @@ encode_gost01_algor_params(const EVP_PKEY *key)
125 int pkey_param_nid = NID_undef; 124 int pkey_param_nid = NID_undef;
126 125
127 if (params == NULL || gkp == NULL) { 126 if (params == NULL || gkp == NULL) {
128 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS, 127 GOSTerror(ERR_R_MALLOC_FAILURE);
129 ERR_R_MALLOC_FAILURE);
130 ASN1_STRING_free(params); 128 ASN1_STRING_free(params);
131 params = NULL; 129 params = NULL;
132 goto err; 130 goto err;
@@ -139,8 +137,7 @@ encode_gost01_algor_params(const EVP_PKEY *key)
139 /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */ 137 /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */
140 params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data); 138 params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
141 if (params->length <= 0) { 139 if (params->length <= 0) {
142 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS, 140 GOSTerror(ERR_R_MALLOC_FAILURE);
143 ERR_R_MALLOC_FAILURE);
144 ASN1_STRING_free(params); 141 ASN1_STRING_free(params);
145 params = NULL; 142 params = NULL;
146 goto err; 143 goto err;
@@ -206,8 +203,7 @@ pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
206 (void)EVP_PKEY_assign_GOST(pk, NULL); 203 (void)EVP_PKEY_assign_GOST(pk, NULL);
207 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg); 204 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
208 if (ptype != V_ASN1_SEQUENCE) { 205 if (ptype != V_ASN1_SEQUENCE) {
209 GOSTerr(GOST_F_PUB_DECODE_GOST01, 206 GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
210 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
211 return 0; 207 return 0;
212 } 208 }
213 p = pval->data; 209 p = pval->data;
@@ -216,7 +212,7 @@ pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
216 212
217 octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); 213 octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
218 if (octet == NULL) { 214 if (octet == NULL) {
219 GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); 215 GOSTerror(ERR_R_MALLOC_FAILURE);
220 return 0; 216 return 0;
221 } 217 }
222 len = octet->length / 2; 218 len = octet->length / 2;
@@ -228,7 +224,7 @@ pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
228 224
229 ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y); 225 ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y);
230 if (ret == 0) 226 if (ret == 0)
231 GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); 227 GOSTerror(ERR_R_EC_LIB);
232 228
233 BN_free(X); 229 BN_free(X);
234 BN_free(Y); 230 BN_free(Y);
@@ -263,19 +259,19 @@ pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
263 259
264 pub_key = GOST_KEY_get0_public_key(ec); 260 pub_key = GOST_KEY_get0_public_key(ec);
265 if (pub_key == NULL) { 261 if (pub_key == NULL) {
266 GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED); 262 GOSTerror(GOST_R_PUBLIC_KEY_UNDEFINED);
267 goto err; 263 goto err;
268 } 264 }
269 265
270 octet = ASN1_OCTET_STRING_new(); 266 octet = ASN1_OCTET_STRING_new();
271 if (octet == NULL) { 267 if (octet == NULL) {
272 GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); 268 GOSTerror(ERR_R_MALLOC_FAILURE);
273 goto err; 269 goto err;
274 } 270 }
275 271
276 ret = ASN1_STRING_set(octet, NULL, 2 * key_size); 272 ret = ASN1_STRING_set(octet, NULL, 2 * key_size);
277 if (ret == 0) { 273 if (ret == 0) {
278 GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR); 274 GOSTerror(ERR_R_INTERNAL_ERROR);
279 goto err; 275 goto err;
280 } 276 }
281 277
@@ -284,13 +280,13 @@ pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
284 X = BN_new(); 280 X = BN_new();
285 Y = BN_new(); 281 Y = BN_new();
286 if (X == NULL || Y == NULL) { 282 if (X == NULL || Y == NULL) {
287 GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); 283 GOSTerror(ERR_R_MALLOC_FAILURE);
288 goto err; 284 goto err;
289 } 285 }
290 286
291 if (EC_POINT_get_affine_coordinates_GFp(GOST_KEY_get0_group(ec), 287 if (EC_POINT_get_affine_coordinates_GFp(GOST_KEY_get0_group(ec),
292 pub_key, X, Y, NULL) == 0) { 288 pub_key, X, Y, NULL) == 0) {
293 GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_EC_LIB); 289 GOSTerror(ERR_R_EC_LIB);
294 goto err; 290 goto err;
295 } 291 }
296 292
@@ -340,7 +336,7 @@ pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
340 const EC_GROUP *group; 336 const EC_GROUP *group;
341 337
342 if (ctx == NULL) { 338 if (ctx == NULL) {
343 GOSTerr(GOST_F_PUB_PRINT_GOST01, ERR_R_MALLOC_FAILURE); 339 GOSTerror(ERR_R_MALLOC_FAILURE);
344 return 0; 340 return 0;
345 } 341 }
346 BN_CTX_start(ctx); 342 BN_CTX_start(ctx);
@@ -352,7 +348,7 @@ pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
352 group = GOST_KEY_get0_group(pkey->pkey.gost); 348 group = GOST_KEY_get0_group(pkey->pkey.gost);
353 if (EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, 349 if (EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y,
354 ctx) == 0) { 350 ctx) == 0) {
355 GOSTerr(GOST_F_PUB_PRINT_GOST01, ERR_R_EC_LIB); 351 GOSTerror(ERR_R_EC_LIB);
356 goto err; 352 goto err;
357 } 353 }
358 if (BIO_indent(out, indent, 128) == 0) 354 if (BIO_indent(out, indent, 128) == 0)
@@ -416,8 +412,7 @@ priv_decode_gost01(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
416 (void)EVP_PKEY_assign_GOST(pk, NULL); 412 (void)EVP_PKEY_assign_GOST(pk, NULL);
417 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg); 413 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
418 if (ptype != V_ASN1_SEQUENCE) { 414 if (ptype != V_ASN1_SEQUENCE) {
419 GOSTerr(GOST_F_PUB_DECODE_GOST01, 415 GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT);
420 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
421 return 0; 416 return 0;
422 } 417 }
423 p = pval->data; 418 p = pval->data;
@@ -432,7 +427,7 @@ priv_decode_gost01(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
432 d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); 427 d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
433 428
434 if (s == NULL || s->length != 32) { 429 if (s == NULL || s->length != 32) {
435 GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR); 430 GOSTerror(EVP_R_DECODE_ERROR);
436 ASN1_STRING_free(s); 431 ASN1_STRING_free(s);
437 return 0; 432 return 0;
438 } 433 }
@@ -448,7 +443,7 @@ priv_decode_gost01(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
448 ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); 443 ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL);
449 ASN1_INTEGER_free(priv_key); 444 ASN1_INTEGER_free(priv_key);
450 if (ret == 0) { 445 if (ret == 0) {
451 GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR); 446 GOSTerror(EVP_R_DECODE_ERROR);
452 return 0; 447 return 0;
453 } 448 }
454 } 449 }
@@ -533,7 +528,7 @@ param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
533 528
534 /* Compatibility */ 529 /* Compatibility */
535 if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { 530 if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
536 GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE); 531 GOSTerror(ERR_R_MALLOC_FAILURE);
537 return 0; 532 return 0;
538 } 533 }
539 nid = OBJ_obj2nid(obj); 534 nid = OBJ_obj2nid(obj);
@@ -541,20 +536,19 @@ param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
541 536
542 ec = GOST_KEY_new(); 537 ec = GOST_KEY_new();
543 if (ec == NULL) { 538 if (ec == NULL) {
544 GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE); 539 GOSTerror(ERR_R_MALLOC_FAILURE);
545 return 0; 540 return 0;
546 } 541 }
547 group = EC_GROUP_new_by_curve_name(nid); 542 group = EC_GROUP_new_by_curve_name(nid);
548 if (group == NULL) { 543 if (group == NULL) {
549 GOSTerr(GOST_F_PARAM_DECODE_GOST01, 544 GOSTerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
550 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
551 GOST_KEY_free(ec); 545 GOST_KEY_free(ec);
552 return 0; 546 return 0;
553 } 547 }
554 548
555 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); 549 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
556 if (GOST_KEY_set_group(ec, group) == 0) { 550 if (GOST_KEY_set_group(ec, group) == 0) {
557 GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_EC_LIB); 551 GOSTerror(ERR_R_EC_LIB);
558 EC_GROUP_free(group); 552 EC_GROUP_free(group);
559 GOST_KEY_free(ec); 553 GOST_KEY_free(ec);
560 return 0; 554 return 0;
@@ -562,7 +556,7 @@ param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
562 EC_GROUP_free(group); 556 EC_GROUP_free(group);
563 if (GOST_KEY_set_digest(ec, 557 if (GOST_KEY_set_digest(ec,
564 NID_id_GostR3411_94_CryptoProParamSet) == 0) { 558 NID_id_GostR3411_94_CryptoProParamSet) == 0) {
565 GOSTerr(GOST_F_PARAM_DECODE_GOST01, GOST_R_INVALID_DIGEST_TYPE); 559 GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
566 GOST_KEY_free(ec); 560 GOST_KEY_free(ec);
567 return 0; 561 return 0;
568 } 562 }
@@ -594,20 +588,17 @@ param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
594 int ret = 1; 588 int ret = 1;
595 589
596 if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { 590 if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
597 GOSTerr(GOST_F_PARAM_COPY_GOST01, 591 GOSTerror(GOST_R_INCOMPATIBLE_ALGORITHMS);
598 GOST_R_INCOMPATIBLE_ALGORITHMS);
599 return 0; 592 return 0;
600 } 593 }
601 if (efrom == NULL) { 594 if (efrom == NULL) {
602 GOSTerr(GOST_F_PARAM_COPY_GOST01, 595 GOSTerror(GOST_R_KEY_PARAMETERS_MISSING);
603 GOST_R_KEY_PARAMETERS_MISSING);
604 return 0; 596 return 0;
605 } 597 }
606 if (eto == NULL) { 598 if (eto == NULL) {
607 eto = GOST_KEY_new(); 599 eto = GOST_KEY_new();
608 if (eto == NULL) { 600 if (eto == NULL) {
609 GOSTerr(GOST_F_PARAM_COPY_GOST01, 601 GOSTerror(ERR_R_MALLOC_FAILURE);
610 ERR_R_MALLOC_FAILURE);
611 return 0; 602 return 0;
612 } 603 }
613 if (EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto) == 0) { 604 if (EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto) == 0) {
diff --git a/src/lib/libcrypto/gost/gostr341001_key.c b/src/lib/libcrypto/gost/gostr341001_key.c
index 894a189e3b..0a42a15378 100644
--- a/src/lib/libcrypto/gost/gostr341001_key.c
+++ b/src/lib/libcrypto/gost/gostr341001_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_key.c,v 1.6 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: gostr341001_key.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -78,7 +78,7 @@ GOST_KEY_new(void)
78 78
79 ret = malloc(sizeof(GOST_KEY)); 79 ret = malloc(sizeof(GOST_KEY));
80 if (ret == NULL) { 80 if (ret == NULL) {
81 GOSTerr(GOST_F_GOST_KEY_NEW, ERR_R_MALLOC_FAILURE); 81 GOSTerror(ERR_R_MALLOC_FAILURE);
82 return (NULL); 82 return (NULL);
83 } 83 }
84 ret->group = NULL; 84 ret->group = NULL;
@@ -118,11 +118,11 @@ GOST_KEY_check_key(const GOST_KEY *key)
118 EC_POINT *point = NULL; 118 EC_POINT *point = NULL;
119 119
120 if (key == NULL || key->group == NULL || key->pub_key == NULL) { 120 if (key == NULL || key->group == NULL || key->pub_key == NULL) {
121 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); 121 GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
122 return 0; 122 return 0;
123 } 123 }
124 if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) { 124 if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) {
125 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY); 125 GOSTerror(EC_R_POINT_AT_INFINITY);
126 goto err; 126 goto err;
127 } 127 }
128 if ((ctx = BN_CTX_new()) == NULL) 128 if ((ctx = BN_CTX_new()) == NULL)
@@ -132,23 +132,23 @@ GOST_KEY_check_key(const GOST_KEY *key)
132 132
133 /* testing whether the pub_key is on the elliptic curve */ 133 /* testing whether the pub_key is on the elliptic curve */
134 if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) == 0) { 134 if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) == 0) {
135 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE); 135 GOSTerror(EC_R_POINT_IS_NOT_ON_CURVE);
136 goto err; 136 goto err;
137 } 137 }
138 /* testing whether pub_key * order is the point at infinity */ 138 /* testing whether pub_key * order is the point at infinity */
139 if ((order = BN_new()) == NULL) 139 if ((order = BN_new()) == NULL)
140 goto err; 140 goto err;
141 if (EC_GROUP_get_order(key->group, order, ctx) == 0) { 141 if (EC_GROUP_get_order(key->group, order, ctx) == 0) {
142 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER); 142 GOSTerror(EC_R_INVALID_GROUP_ORDER);
143 goto err; 143 goto err;
144 } 144 }
145 if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order, 145 if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order,
146 ctx) == 0) { 146 ctx) == 0) {
147 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB); 147 GOSTerror(ERR_R_EC_LIB);
148 goto err; 148 goto err;
149 } 149 }
150 if (EC_POINT_is_at_infinity(key->group, point) == 0) { 150 if (EC_POINT_is_at_infinity(key->group, point) == 0) {
151 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER); 151 GOSTerror(EC_R_WRONG_ORDER);
152 goto err; 152 goto err;
153 } 153 }
154 /* 154 /*
@@ -157,17 +157,16 @@ GOST_KEY_check_key(const GOST_KEY *key)
157 */ 157 */
158 if (key->priv_key != NULL) { 158 if (key->priv_key != NULL) {
159 if (BN_cmp(key->priv_key, order) >= 0) { 159 if (BN_cmp(key->priv_key, order) >= 0) {
160 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER); 160 GOSTerror(EC_R_WRONG_ORDER);
161 goto err; 161 goto err;
162 } 162 }
163 if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL, 163 if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL,
164 ctx) == 0) { 164 ctx) == 0) {
165 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB); 165 GOSTerror(ERR_R_EC_LIB);
166 goto err; 166 goto err;
167 } 167 }
168 if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) { 168 if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) {
169 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, 169 GOSTerror(EC_R_INVALID_PRIVATE_KEY);
170 EC_R_INVALID_PRIVATE_KEY);
171 goto err; 170 goto err;
172 } 171 }
173 } 172 }
@@ -188,8 +187,7 @@ GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y)
188 int ok = 0; 187 int ok = 0;
189 188
190 if (key == NULL || key->group == NULL || x == NULL || y == NULL) { 189 if (key == NULL || key->group == NULL || x == NULL || y == NULL) {
191 GOSTerr(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, 190 GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
192 ERR_R_PASSED_NULL_PARAMETER);
193 return 0; 191 return 0;
194 } 192 }
195 ctx = BN_CTX_new(); 193 ctx = BN_CTX_new();
@@ -215,8 +213,7 @@ GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y)
215 * out of range. 213 * out of range.
216 */ 214 */
217 if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) { 215 if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) {
218 GOSTerr(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, 216 GOSTerror(EC_R_COORDINATES_OUT_OF_RANGE);
219 EC_R_COORDINATES_OUT_OF_RANGE);
220 goto err; 217 goto err;
221 } 218 }
222 if (GOST_KEY_set_public_key(key, point) == 0) 219 if (GOST_KEY_set_public_key(key, point) == 0)
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
index 30a066612f..0eb1d873de 100644
--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_pmeth.c,v 1.13 2016/10/19 16:49:11 jsing Exp $ */ 1/* $OpenBSD: gostr341001_pmeth.c,v 1.14 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -73,7 +73,7 @@ unpack_signature_cp(const unsigned char *sig, size_t siglen)
73 73
74 s = ECDSA_SIG_new(); 74 s = ECDSA_SIG_new();
75 if (s == NULL) { 75 if (s == NULL) {
76 GOSTerr(GOST_F_UNPACK_SIGNATURE_CP, ERR_R_MALLOC_FAILURE); 76 GOSTerror(ERR_R_MALLOC_FAILURE);
77 return NULL; 77 return NULL;
78 } 78 }
79 BN_bin2bn(sig, siglen / 2, s->s); 79 BN_bin2bn(sig, siglen / 2, s->s);
@@ -106,7 +106,7 @@ unpack_signature_le(const unsigned char *sig, size_t siglen)
106 106
107 s = ECDSA_SIG_new(); 107 s = ECDSA_SIG_new();
108 if (s == NULL) { 108 if (s == NULL) {
109 GOSTerr(GOST_F_UNPACK_SIGNATURE_LE, ERR_R_MALLOC_FAILURE); 109 GOSTerror(ERR_R_MALLOC_FAILURE);
110 return NULL; 110 return NULL;
111 } 111 }
112 GOST_le2bn(sig, siglen / 2, s->r); 112 GOST_le2bn(sig, siglen / 2, s->r);
@@ -190,7 +190,7 @@ pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
190 190
191 if (data->sign_param_nid == NID_undef || 191 if (data->sign_param_nid == NID_undef ||
192 data->digest_nid == NID_undef) { 192 data->digest_nid == NID_undef) {
193 GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET); 193 GOSTerror(GOST_R_NO_PARAMETERS_SET);
194 return 0; 194 return 0;
195 } 195 }
196 196
@@ -246,11 +246,11 @@ pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
246 *siglen = 2 * size; 246 *siglen = 2 * size;
247 return 1; 247 return 1;
248 } else if (*siglen < 2 * size) { 248 } else if (*siglen < 2 * size) {
249 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL); 249 GOSTerror(EC_R_BUFFER_TOO_SMALL);
250 return 0; 250 return 0;
251 } 251 }
252 if (tbs_len != 32 && tbs_len != 64) { 252 if (tbs_len != 32 && tbs_len != 64) {
253 GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH); 253 GOSTerror(EVP_R_BAD_BLOCK_LENGTH);
254 return 0; 254 return 0;
255 } 255 }
256 md = GOST_le2bn(tbs, tbs_len, NULL); 256 md = GOST_le2bn(tbs, tbs_len, NULL);
@@ -386,8 +386,7 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
386 } 386 }
387 gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); 387 gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
388 if (gkt == NULL) { 388 if (gkt == NULL) {
389 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 389 GOSTerror(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
390 GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
391 return -1; 390 return -1;
392 } 391 }
393 392
@@ -395,50 +394,44 @@ pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
395 eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); 394 eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
396 if (eph_key != NULL) { 395 if (eph_key != NULL) {
397 if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { 396 if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
398 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 397 GOSTerror(GOST_R_INCOMPATIBLE_PEER_KEY);
399 GOST_R_INCOMPATIBLE_PEER_KEY);
400 goto err; 398 goto err;
401 } 399 }
402 } else { 400 } else {
403 /* Set control "public key from client certificate used" */ 401 /* Set control "public key from client certificate used" */
404 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, 402 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
405 NULL) <= 0) { 403 NULL) <= 0) {
406 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 404 GOSTerror(GOST_R_CTRL_CALL_FAILED);
407 GOST_R_CTRL_CALL_FAILED);
408 goto err; 405 goto err;
409 } 406 }
410 } 407 }
411 peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); 408 peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
412 if (peerkey == NULL) { 409 if (peerkey == NULL) {
413 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, GOST_R_NO_PEER_KEY); 410 GOSTerror(GOST_R_NO_PEER_KEY);
414 goto err; 411 goto err;
415 } 412 }
416 413
417 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher); 414 nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
418 415
419 if (gkt->key_agreement_info->eph_iv->length != 8) { 416 if (gkt->key_agreement_info->eph_iv->length != 8) {
420 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 417 GOSTerror(GOST_R_INVALID_IV_LENGTH);
421 GOST_R_INVALID_IV_LENGTH);
422 goto err; 418 goto err;
423 } 419 }
424 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); 420 memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
425 if (gkt->key_info->encrypted_key->length != 32) { 421 if (gkt->key_info->encrypted_key->length != 32) {
426 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 422 GOSTerror(EVP_R_BAD_KEY_LENGTH);
427 EVP_R_BAD_KEY_LENGTH);
428 goto err; 423 goto err;
429 } 424 }
430 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); 425 memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
431 if (gkt->key_info->imit->length != 4) { 426 if (gkt->key_info->imit->length != 4) {
432 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 427 GOSTerror(ERR_R_INTERNAL_ERROR);
433 ERR_R_INTERNAL_ERROR);
434 goto err; 428 goto err;
435 } 429 }
436 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); 430 memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
437 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0) 431 if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
438 goto err; 432 goto err;
439 if (gost_key_unwrap_crypto_pro(nid, sharedKey, wrappedKey, key) == 0) { 433 if (gost_key_unwrap_crypto_pro(nid, sharedKey, wrappedKey, key) == 0) {
440 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 434 GOSTerror(GOST_R_ERROR_COMPUTING_SHARED_KEY);
441 GOST_R_ERROR_COMPUTING_SHARED_KEY);
442 goto err; 435 goto err;
443 } 436 }
444 437
@@ -462,7 +455,7 @@ pkey_gost01_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
462 struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); 455 struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
463 456
464 if (data->shared_ukm == NULL) { 457 if (data->shared_ukm == NULL) {
465 GOSTerr(GOST_F_PKEY_GOST01_DERIVE, GOST_R_UKM_NOT_SET); 458 GOSTerror(GOST_R_UKM_NOT_SET);
466 return 0; 459 return 0;
467 } 460 }
468 461
@@ -500,8 +493,7 @@ pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len,
500 if (sec_key) { 493 if (sec_key) {
501 key_is_ephemeral = 0; 494 key_is_ephemeral = 0;
502 if (GOST_KEY_get0_private_key(sec_key->pkey.gost) == 0) { 495 if (GOST_KEY_get0_private_key(sec_key->pkey.gost) == 0) {
503 GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT, 496 GOSTerror(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
504 GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
505 goto err; 497 goto err;
506 } 498 }
507 } else { 499 } else {
@@ -548,8 +540,7 @@ pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len,
548 if (key_is_ephemeral) { 540 if (key_is_ephemeral) {
549 if (X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key, 541 if (X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,
550 out != NULL ? sec_key : pubk) == 0) { 542 out != NULL ? sec_key : pubk) == 0) {
551 GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT, 543 GOSTerror(GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
552 GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
553 goto err; 544 goto err;
554 } 545 }
555 } 546 }
@@ -561,8 +552,7 @@ pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len,
561 /* Set control "public key from client certificate used" */ 552 /* Set control "public key from client certificate used" */
562 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, 553 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
563 NULL) <= 0) { 554 NULL) <= 0) {
564 GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT, 555 GOSTerror(GOST_R_CTRL_CALL_FAILED);
565 GOST_R_CTRL_CALL_FAILED);
566 goto err; 556 goto err;
567 } 557 }
568 } 558 }
@@ -588,8 +578,7 @@ pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
588 case EVP_PKEY_CTRL_MD: 578 case EVP_PKEY_CTRL_MD:
589 if (EVP_MD_type(p2) != 579 if (EVP_MD_type(p2) !=
590 GostR3410_get_md_digest(pctx->digest_nid)) { 580 GostR3410_get_md_digest(pctx->digest_nid)) {
591 GOSTerr(GOST_F_PKEY_GOST01_CTRL, 581 GOSTerror(GOST_R_INVALID_DIGEST_TYPE);
592 GOST_R_INVALID_DIGEST_TYPE);
593 return 0; 582 return 0;
594 } 583 }
595 pctx->md = p2; 584 pctx->md = p2;
@@ -609,8 +598,7 @@ pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
609 char *ukm = malloc(p1); 598 char *ukm = malloc(p1);
610 599
611 if (ukm == NULL) { 600 if (ukm == NULL) {
612 GOSTerr(GOST_F_PKEY_GOST01_CTRL, 601 GOSTerror(ERR_R_MALLOC_FAILURE);
613 ERR_R_MALLOC_FAILURE);
614 return 0; 602 return 0;
615 } 603 }
616 memcpy(ukm, p2, p1); 604 memcpy(ukm, p2, p1);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 14:55:43 +0000