summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/gost/gostr341001_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/gost/gostr341001_key.c')
-rw-r--r--src/lib/libcrypto/gost/gostr341001_key.c334
1 files changed, 0 insertions, 334 deletions
diff --git a/src/lib/libcrypto/gost/gostr341001_key.c b/src/lib/libcrypto/gost/gostr341001_key.c
deleted file mode 100644
index 0170ab44ba..0000000000
--- a/src/lib/libcrypto/gost/gostr341001_key.c
+++ /dev/null
@@ -1,334 +0,0 @@
1/* $OpenBSD: gostr341001_key.c,v 1.14 2023/07/24 17:08:53 tb Exp $ */
2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 */
51
52#include <string.h>
53
54#include <openssl/opensslconf.h>
55
56#ifndef OPENSSL_NO_GOST
57#include <openssl/bn.h>
58#include <openssl/err.h>
59#include <openssl/gost.h>
60#include <openssl/objects.h>
61#include "gost_local.h"
62
63struct gost_key_st {
64 EC_GROUP *group;
65
66 EC_POINT *pub_key;
67 BIGNUM *priv_key;
68
69 int references;
70
71 int digest_nid;
72};
73
74GOST_KEY *
75GOST_KEY_new(void)
76{
77 GOST_KEY *ret;
78
79 ret = malloc(sizeof(GOST_KEY));
80 if (ret == NULL) {
81 GOSTerror(ERR_R_MALLOC_FAILURE);
82 return (NULL);
83 }
84 ret->group = NULL;
85 ret->pub_key = NULL;
86 ret->priv_key = NULL;
87 ret->references = 1;
88 ret->digest_nid = NID_undef;
89 return (ret);
90}
91LCRYPTO_ALIAS(GOST_KEY_new);
92
93void
94GOST_KEY_free(GOST_KEY *r)
95{
96 int i;
97
98 if (r == NULL)
99 return;
100
101 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
102 if (i > 0)
103 return;
104
105 EC_GROUP_free(r->group);
106 EC_POINT_free(r->pub_key);
107 BN_free(r->priv_key);
108
109 freezero(r, sizeof(GOST_KEY));
110}
111LCRYPTO_ALIAS(GOST_KEY_free);
112
113int
114GOST_KEY_check_key(const GOST_KEY *key)
115{
116 int ok = 0;
117 BN_CTX *ctx = NULL;
118 BIGNUM *order = NULL;
119 EC_POINT *point = NULL;
120
121 if (key == NULL || key->group == NULL || key->pub_key == NULL) {
122 GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
123 return 0;
124 }
125 if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) {
126 GOSTerror(EC_R_POINT_AT_INFINITY);
127 goto err;
128 }
129 if ((ctx = BN_CTX_new()) == NULL)
130 goto err;
131 if ((point = EC_POINT_new(key->group)) == NULL)
132 goto err;
133
134 /* testing whether the pub_key is on the elliptic curve */
135 if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) <= 0) {
136 GOSTerror(EC_R_POINT_IS_NOT_ON_CURVE);
137 goto err;
138 }
139 /* testing whether pub_key * order is the point at infinity */
140 if ((order = BN_new()) == NULL)
141 goto err;
142 if (EC_GROUP_get_order(key->group, order, ctx) == 0) {
143 GOSTerror(EC_R_INVALID_GROUP_ORDER);
144 goto err;
145 }
146 if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order,
147 ctx) == 0) {
148 GOSTerror(ERR_R_EC_LIB);
149 goto err;
150 }
151 if (EC_POINT_is_at_infinity(key->group, point) == 0) {
152 GOSTerror(EC_R_WRONG_ORDER);
153 goto err;
154 }
155 /*
156 * in case the priv_key is present : check if generator * priv_key ==
157 * pub_key
158 */
159 if (key->priv_key != NULL) {
160 if (BN_cmp(key->priv_key, order) >= 0) {
161 GOSTerror(EC_R_WRONG_ORDER);
162 goto err;
163 }
164 if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL,
165 ctx) == 0) {
166 GOSTerror(ERR_R_EC_LIB);
167 goto err;
168 }
169 if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) {
170 GOSTerror(EC_R_INVALID_PRIVATE_KEY);
171 goto err;
172 }
173 }
174 ok = 1;
175err:
176 BN_free(order);
177 BN_CTX_free(ctx);
178 EC_POINT_free(point);
179 return (ok);
180}
181LCRYPTO_ALIAS(GOST_KEY_check_key);
182
183int
184GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y)
185{
186 BN_CTX *ctx = NULL;
187 BIGNUM *tx, *ty;
188 EC_POINT *point = NULL;
189 int ok = 0;
190
191 if (key == NULL || key->group == NULL || x == NULL || y == NULL) {
192 GOSTerror(ERR_R_PASSED_NULL_PARAMETER);
193 return 0;
194 }
195 ctx = BN_CTX_new();
196 if (ctx == NULL)
197 goto err;
198
199 BN_CTX_start(ctx);
200
201 point = EC_POINT_new(key->group);
202 if (point == NULL)
203 goto err;
204
205 if ((tx = BN_CTX_get(ctx)) == NULL)
206 goto err;
207 if ((ty = BN_CTX_get(ctx)) == NULL)
208 goto err;
209 if (EC_POINT_set_affine_coordinates(key->group, point, x, y,
210 ctx) == 0)
211 goto err;
212 if (EC_POINT_get_affine_coordinates(key->group, point, tx, ty,
213 ctx) == 0)
214 goto err;
215 /*
216 * Check if retrieved coordinates match originals: if not, values are
217 * out of range.
218 */
219 if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) {
220 GOSTerror(EC_R_COORDINATES_OUT_OF_RANGE);
221 goto err;
222 }
223 if (GOST_KEY_set_public_key(key, point) == 0)
224 goto err;
225
226 if (GOST_KEY_check_key(key) == 0)
227 goto err;
228
229 ok = 1;
230
231err:
232 EC_POINT_free(point);
233 BN_CTX_end(ctx);
234 BN_CTX_free(ctx);
235 return ok;
236
237}
238LCRYPTO_ALIAS(GOST_KEY_set_public_key_affine_coordinates);
239
240const EC_GROUP *
241GOST_KEY_get0_group(const GOST_KEY *key)
242{
243 return key->group;
244}
245LCRYPTO_ALIAS(GOST_KEY_get0_group);
246
247int
248GOST_KEY_set_group(GOST_KEY *key, const EC_GROUP *group)
249{
250 EC_GROUP_free(key->group);
251 key->group = EC_GROUP_dup(group);
252 return (key->group == NULL) ? 0 : 1;
253}
254LCRYPTO_ALIAS(GOST_KEY_set_group);
255
256const BIGNUM *
257GOST_KEY_get0_private_key(const GOST_KEY *key)
258{
259 return key->priv_key;
260}
261LCRYPTO_ALIAS(GOST_KEY_get0_private_key);
262
263int
264GOST_KEY_set_private_key(GOST_KEY *key, const BIGNUM *priv_key)
265{
266 BN_free(key->priv_key);
267 key->priv_key = BN_dup(priv_key);
268 return (key->priv_key == NULL) ? 0 : 1;
269}
270LCRYPTO_ALIAS(GOST_KEY_set_private_key);
271
272const EC_POINT *
273GOST_KEY_get0_public_key(const GOST_KEY *key)
274{
275 return key->pub_key;
276}
277LCRYPTO_ALIAS(GOST_KEY_get0_public_key);
278
279int
280GOST_KEY_set_public_key(GOST_KEY *key, const EC_POINT *pub_key)
281{
282 EC_POINT_free(key->pub_key);
283 key->pub_key = EC_POINT_dup(pub_key, key->group);
284 return (key->pub_key == NULL) ? 0 : 1;
285}
286LCRYPTO_ALIAS(GOST_KEY_set_public_key);
287
288int
289GOST_KEY_get_digest(const GOST_KEY *key)
290{
291 return key->digest_nid;
292}
293LCRYPTO_ALIAS(GOST_KEY_get_digest);
294int
295GOST_KEY_set_digest(GOST_KEY *key, int digest_nid)
296{
297 if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet ||
298 digest_nid == NID_id_tc26_gost3411_2012_256 ||
299 digest_nid == NID_id_tc26_gost3411_2012_512) {
300 key->digest_nid = digest_nid;
301 return 1;
302 }
303
304 return 0;
305}
306LCRYPTO_ALIAS(GOST_KEY_set_digest);
307
308size_t
309GOST_KEY_get_size(const GOST_KEY *r)
310{
311 int i;
312 BIGNUM *order = NULL;
313 const EC_GROUP *group;
314
315 if (r == NULL)
316 return 0;
317 group = GOST_KEY_get0_group(r);
318 if (group == NULL)
319 return 0;
320
321 if ((order = BN_new()) == NULL)
322 return 0;
323
324 if (EC_GROUP_get_order(group, order, NULL) == 0) {
325 BN_free(order);
326 return 0;
327 }
328
329 i = BN_num_bytes(order);
330 BN_free(order);
331 return (i);
332}
333LCRYPTO_ALIAS(GOST_KEY_get_size);
334#endif