1 files changed, 216 insertions, 0 deletions
diff --git a/src/lib/libcrypto/evp/e_gost2814789.c b/src/lib/libcrypto/evp/e_gost2814789.c
new file mode 100644
index 0000000000..678c7af09d
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_gost2814789.c
@@ -0,0 +1,216 @@
+/* $OpenBSD: e_gost2814789.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */
+/*
+ * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ * Copyright (c) 2005-2006 Cryptocom LTD
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+#include <string.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_GOST
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/gost.h>
+#include "evp_locl.h"
+typedef struct {
+        GOST2814789_KEY ks;
+        int param_nid;
+} EVP_GOST2814789_CTX;
+static int gost2814789_ctl(EVP_CIPHER_CTX *ctx,int type,int arg,void *ptr)
+{
+        EVP_GOST2814789_CTX *c = ctx->cipher_data;
+        switch (type) {
+        case EVP_CTRL_PBE_PRF_NID:
+                if (ptr) {
+                        *((int *)ptr) = NID_id_HMACGostR3411_94;
+                        return 1;
+                } else {
+                        return 0;
+                }
+        case EVP_CTRL_INIT:
+                /* Default value to have any s-box set at all */
+                c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
+                return Gost2814789_set_sbox(&c->ks, c->param_nid);
+        case EVP_CTRL_GOST_SET_SBOX:
+                return Gost2814789_set_sbox(&c->ks, arg);
+        default:
+                return -1;
+        }
+}
+static int gost2814789_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+        const unsigned char *iv, int enc)
+{
+        EVP_GOST2814789_CTX *c = ctx->cipher_data;
+        return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8);
+}
+int gost2814789_set_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
+{
+        int len = 0;
+        unsigned char *buf = NULL;
+        unsigned char *p = NULL;
+        EVP_GOST2814789_CTX *c = ctx->cipher_data;
+        GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
+        ASN1_OCTET_STRING *os = NULL;
+        if (!gcp) {
+                GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
+                return 0;
+        }
+        if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
+                GOST_CIPHER_PARAMS_free(gcp);
+                GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
+                return 0;
+        }
+        ASN1_OBJECT_free(gcp->enc_param_set);
+        gcp->enc_param_set = OBJ_nid2obj(c->param_nid);
+        len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
+        p = buf = malloc(len);
+        if (!buf) {
+                GOST_CIPHER_PARAMS_free(gcp);
+                GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
+                return 0;
+        }
+        i2d_GOST_CIPHER_PARAMS(gcp, &p);
+        GOST_CIPHER_PARAMS_free(gcp);
+        os = ASN1_OCTET_STRING_new();
+        if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
+                free(buf);
+                GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
+                return 0;
+        }
+        free(buf);
+        ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
+        return 1;
+}
+int gost2814789_get_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
+{
+        int ret = -1;
+        int len;
+        GOST_CIPHER_PARAMS *gcp = NULL;
+        EVP_GOST2814789_CTX *c = ctx->cipher_data;
+        unsigned char *p;
+        if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
+                return ret;
+        }
+        p = params->value.sequence->data;
+        gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
+                                     params->value.sequence->length);
+        len = gcp->iv->length;
+        if (len != ctx->cipher->iv_len) {
+                GOST_CIPHER_PARAMS_free(gcp);
+                GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
+                        GOST_R_INVALID_IV_LENGTH);
+                return -1;
+        }
+        if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) {
+                GOST_CIPHER_PARAMS_free(gcp);
+                return -1;
+        }
+        c->param_nid = OBJ_obj2nid(gcp->enc_param_set);
+        memcpy(ctx->oiv, gcp->iv->data, len);
+        memcpy(ctx->iv, gcp->iv->data, len);
+        GOST_CIPHER_PARAMS_free(gcp);
+        return 1;
+}
+BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks)
+BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks)
+static int gost2814789_cnt_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out,
+                                  const unsigned char *in, size_t inl)
+{
+        EVP_GOST2814789_CTX *c = ctx->cipher_data;
+        while (inl >= EVP_MAXCHUNK) {
+                Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks,
+                                        ctx->iv, ctx->buf, &ctx->num);
+                inl -= EVP_MAXCHUNK;
+                in += EVP_MAXCHUNK;
+                out += EVP_MAXCHUNK;
+        }
+        if (inl)
+                Gost2814789_cnt_encrypt(in, out, inl, &c->ks,
+                                        ctx->iv, ctx->buf, &ctx->num);
+        return 1;
+}
+/* gost89 is CFB-64 */
+#define NID_gost89_cfb64 NID_id_Gost28147_89
+BLOCK_CIPHER_def_ecb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 8, 32,
+                     EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
+                     gost2814789_init_key, NULL, gost2814789_set_asn1_params,
+                     gost2814789_get_asn1_params, gost2814789_ctl)
+BLOCK_CIPHER_def_cfb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 32, 8, 64,
+                     EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
+                     gost2814789_init_key, NULL, gost2814789_set_asn1_params,
+                     gost2814789_get_asn1_params, gost2814789_ctl)
+BLOCK_CIPHER_def1(gost2814789, cnt, cnt, OFB, EVP_GOST2814789_CTX, NID_gost89,
+                  1, 32, 8, EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
+                  gost2814789_init_key, NULL, gost2814789_set_asn1_params,
+                  gost2814789_get_asn1_params, gost2814789_ctl)
+#endif

diff --git a/src/lib/libcrypto/evp/e_gost2814789.c b/src/lib/libcrypto/evp/e_gost2814789.c new file mode 100644 index 0000000000..678c7af09d --- /dev/null +++ b/src/lib/libcrypto/evp/e_gost2814789.c
@@ -0,0 +1,216 @@
	1	/* $OpenBSD: e_gost2814789.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */
	2	/*
	3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
	4	* Copyright (c) 2005-2006 Cryptocom LTD
	5	*
	6	* Redistribution and use in source and binary forms, with or without
	7	* modification, are permitted provided that the following conditions
	8	* are met:
	9	*
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	*
	13	* 2. Redistributions in binary form must reproduce the above copyright
	14	* notice, this list of conditions and the following disclaimer in
	15	* the documentation and/or other materials provided with the
	16	* distribution.
	17	*
	18	* 3. All advertising materials mentioning features or use of this
	19	* software must display the following acknowledgment:
	20	* "This product includes software developed by the OpenSSL Project
	21	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	22	*
	23	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	24	* endorse or promote products derived from this software without
	25	* prior written permission. For written permission, please contact
	26	* openssl-core@openssl.org.
	27	*
	28	* 5. Products derived from this software may not be called "OpenSSL"
	29	* nor may "OpenSSL" appear in their names without prior written
	30	* permission of the OpenSSL Project.
	31	*
	32	* 6. Redistributions of any form whatsoever must retain the following
	33	* acknowledgment:
	34	* "This product includes software developed by the OpenSSL Project
	35	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	36	*
	37	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	38	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	39	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	40	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	41	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	42	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	43	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	44	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	45	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	46	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	47	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	48	* OF THE POSSIBILITY OF SUCH DAMAGE.
	49	* ====================================================================
	50	*/
	51	#include <string.h>
	52
	53	#include <openssl/opensslconf.h>
	54
	55	#ifndef OPENSSL_NO_GOST
	56	#include <openssl/evp.h>
	57	#include <openssl/err.h>
	58	#include <openssl/gost.h>
	59	#include "evp_locl.h"
	60
	61	typedef struct {
	62	GOST2814789_KEY ks;
	63	int param_nid;
	64	} EVP_GOST2814789_CTX;
	65
	66	static int gost2814789_ctl(EVP_CIPHER_CTX ctx,int type,int arg,void ptr)
	67	{
	68	EVP_GOST2814789_CTX *c = ctx->cipher_data;
	69
	70	switch (type) {
	71	case EVP_CTRL_PBE_PRF_NID:
	72	if (ptr) {
	73	((int )ptr) = NID_id_HMACGostR3411_94;
	74	return 1;
	75	} else {
	76	return 0;
	77	}
	78	case EVP_CTRL_INIT:
	79	/* Default value to have any s-box set at all */
	80	c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
	81	return Gost2814789_set_sbox(&c->ks, c->param_nid);
	82	case EVP_CTRL_GOST_SET_SBOX:
	83	return Gost2814789_set_sbox(&c->ks, arg);
	84	default:
	85	return -1;
	86	}
	87	}
	88
	89	static int gost2814789_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
	90	const unsigned char *iv, int enc)
	91	{
	92	EVP_GOST2814789_CTX *c = ctx->cipher_data;
	93
	94	return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8);
	95	}
	96
	97	int gost2814789_set_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
	98	{
	99	int len = 0;
	100	unsigned char *buf = NULL;
	101	unsigned char *p = NULL;
	102	EVP_GOST2814789_CTX *c = ctx->cipher_data;
	103	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
	104	ASN1_OCTET_STRING *os = NULL;
	105	if (!gcp) {
	106	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	107	return 0;
	108	}
	109	if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
	110	GOST_CIPHER_PARAMS_free(gcp);
	111	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
	112	return 0;
	113	}
	114	ASN1_OBJECT_free(gcp->enc_param_set);
	115	gcp->enc_param_set = OBJ_nid2obj(c->param_nid);
	116
	117	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
	118	p = buf = malloc(len);
	119	if (!buf) {
	120	GOST_CIPHER_PARAMS_free(gcp);
	121	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE);
	122	return 0;
	123	}
	124	i2d_GOST_CIPHER_PARAMS(gcp, &p);
	125	GOST_CIPHER_PARAMS_free(gcp);
	126
	127	os = ASN1_OCTET_STRING_new();
	128
	129	if (!os \|\| !ASN1_OCTET_STRING_set(os, buf, len)) {
	130	free(buf);
	131	GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
	132	return 0;
	133	}
	134	free(buf);
	135
	136	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
	137	return 1;
	138	}
	139
	140	int gost2814789_get_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
	141	{
	142	int ret = -1;
	143	int len;
	144	GOST_CIPHER_PARAMS *gcp = NULL;
	145	EVP_GOST2814789_CTX *c = ctx->cipher_data;
	146	unsigned char *p;
	147
	148	if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
	149	return ret;
	150	}
	151
	152	p = params->value.sequence->data;
	153
	154	gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
	155	params->value.sequence->length);
	156
	157	len = gcp->iv->length;
	158	if (len != ctx->cipher->iv_len) {
	159	GOST_CIPHER_PARAMS_free(gcp);
	160	GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
	161	GOST_R_INVALID_IV_LENGTH);
	162	return -1;
	163	}
	164
	165	if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) {
	166	GOST_CIPHER_PARAMS_free(gcp);
	167	return -1;
	168	}
	169	c->param_nid = OBJ_obj2nid(gcp->enc_param_set);
	170
	171	memcpy(ctx->oiv, gcp->iv->data, len);
	172	memcpy(ctx->iv, gcp->iv->data, len);
	173
	174	GOST_CIPHER_PARAMS_free(gcp);
	175
	176	return 1;
	177	}
	178
	179	BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks)
	180	BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks)
	181
	182	static int gost2814789_cnt_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out,
	183	const unsigned char *in, size_t inl)
	184	{
	185	EVP_GOST2814789_CTX *c = ctx->cipher_data;
	186
	187	while (inl >= EVP_MAXCHUNK) {
	188	Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks,
	189	ctx->iv, ctx->buf, &ctx->num);
	190	inl -= EVP_MAXCHUNK;
	191	in += EVP_MAXCHUNK;
	192	out += EVP_MAXCHUNK;
	193	}
	194
	195	if (inl)
	196	Gost2814789_cnt_encrypt(in, out, inl, &c->ks,
	197	ctx->iv, ctx->buf, &ctx->num);
	198	return 1;
	199	}
	200
	201	/* gost89 is CFB-64 */
	202	#define NID_gost89_cfb64 NID_id_Gost28147_89
	203
	204	BLOCK_CIPHER_def_ecb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 8, 32,
	205	EVP_CIPH_NO_PADDING \| EVP_CIPH_CTRL_INIT,
	206	gost2814789_init_key, NULL, gost2814789_set_asn1_params,
	207	gost2814789_get_asn1_params, gost2814789_ctl)
	208	BLOCK_CIPHER_def_cfb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 32, 8, 64,
	209	EVP_CIPH_NO_PADDING \| EVP_CIPH_CTRL_INIT,
	210	gost2814789_init_key, NULL, gost2814789_set_asn1_params,
	211	gost2814789_get_asn1_params, gost2814789_ctl)
	212	BLOCK_CIPHER_def1(gost2814789, cnt, cnt, OFB, EVP_GOST2814789_CTX, NID_gost89,
	213	1, 32, 8, EVP_CIPH_NO_PADDING \| EVP_CIPH_CTRL_INIT,
	214	gost2814789_init_key, NULL, gost2814789_set_asn1_params,
	215	gost2814789_get_asn1_params, gost2814789_ctl)
	216	#endif