summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/evp/e_gost2814789.c28
-rw-r--r--src/lib/libcrypto/evp/m_gost2814789.c25
-rw-r--r--src/lib/libcrypto/evp/m_gostr341194.c20
-rw-r--r--src/lib/libcrypto/evp/m_streebog.c32
-rw-r--r--src/lib/libcrypto/gost/gost2814789.c270
-rw-r--r--src/lib/libcrypto/gost/gost89_params.c15
-rw-r--r--src/lib/libcrypto/gost/gost89imit_ameth.c12
-rw-r--r--src/lib/libcrypto/gost/gost89imit_pmeth.c100
-rw-r--r--src/lib/libcrypto/gost/gostr341001_ameth.c92
-rw-r--r--src/lib/libcrypto/gost/gostr341001_key.c69
-rw-r--r--src/lib/libcrypto/gost/gostr341001_params.c20
-rw-r--r--src/lib/libcrypto/gost/gostr341001_pmeth.c69
-rw-r--r--src/lib/libcrypto/gost/gostr341194.c43
-rw-r--r--src/lib/libcrypto/gost/streebog.c85
14 files changed, 507 insertions, 373 deletions
diff --git a/src/lib/libcrypto/evp/e_gost2814789.c b/src/lib/libcrypto/evp/e_gost2814789.c
index 678c7af09d..e1437b18d8 100644
--- a/src/lib/libcrypto/evp/e_gost2814789.c
+++ b/src/lib/libcrypto/evp/e_gost2814789.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_gost2814789.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: e_gost2814789.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -63,13 +63,14 @@ typedef struct {
63 int param_nid; 63 int param_nid;
64} EVP_GOST2814789_CTX; 64} EVP_GOST2814789_CTX;
65 65
66static int gost2814789_ctl(EVP_CIPHER_CTX *ctx,int type,int arg,void *ptr) 66static int
67gost2814789_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
67{ 68{
68 EVP_GOST2814789_CTX *c = ctx->cipher_data; 69 EVP_GOST2814789_CTX *c = ctx->cipher_data;
69 70
70 switch (type) { 71 switch (type) {
71 case EVP_CTRL_PBE_PRF_NID: 72 case EVP_CTRL_PBE_PRF_NID:
72 if (ptr) { 73 if (ptr != NULL) {
73 *((int *)ptr) = NID_id_HMACGostR3411_94; 74 *((int *)ptr) = NID_id_HMACGostR3411_94;
74 return 1; 75 return 1;
75 } else { 76 } else {
@@ -137,7 +138,8 @@ int gost2814789_set_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
137 return 1; 138 return 1;
138} 139}
139 140
140int gost2814789_get_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params) 141int
142gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
141{ 143{
142 int ret = -1; 144 int ret = -1;
143 int len; 145 int len;
@@ -145,20 +147,19 @@ int gost2814789_get_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
145 EVP_GOST2814789_CTX *c = ctx->cipher_data; 147 EVP_GOST2814789_CTX *c = ctx->cipher_data;
146 unsigned char *p; 148 unsigned char *p;
147 149
148 if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { 150 if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
149 return ret; 151 return ret;
150 }
151 152
152 p = params->value.sequence->data; 153 p = params->value.sequence->data;
153 154
154 gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p, 155 gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
155 params->value.sequence->length); 156 params->value.sequence->length);
156 157
157 len = gcp->iv->length; 158 len = gcp->iv->length;
158 if (len != ctx->cipher->iv_len) { 159 if (len != ctx->cipher->iv_len) {
159 GOST_CIPHER_PARAMS_free(gcp); 160 GOST_CIPHER_PARAMS_free(gcp);
160 GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, 161 GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
161 GOST_R_INVALID_IV_LENGTH); 162 GOST_R_INVALID_IV_LENGTH);
162 return -1; 163 return -1;
163 } 164 }
164 165
@@ -179,22 +180,23 @@ int gost2814789_get_asn1_params(EVP_CIPHER_CTX * ctx, ASN1_TYPE * params)
179BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks) 180BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks)
180BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks) 181BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks)
181 182
182static int gost2814789_cnt_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, 183static int
183 const unsigned char *in, size_t inl) 184gost2814789_cnt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
185 const unsigned char *in, size_t inl)
184{ 186{
185 EVP_GOST2814789_CTX *c = ctx->cipher_data; 187 EVP_GOST2814789_CTX *c = ctx->cipher_data;
186 188
187 while (inl >= EVP_MAXCHUNK) { 189 while (inl >= EVP_MAXCHUNK) {
188 Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks, 190 Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks,
189 ctx->iv, ctx->buf, &ctx->num); 191 ctx->iv, ctx->buf, &ctx->num);
190 inl -= EVP_MAXCHUNK; 192 inl -= EVP_MAXCHUNK;
191 in += EVP_MAXCHUNK; 193 in += EVP_MAXCHUNK;
192 out += EVP_MAXCHUNK; 194 out += EVP_MAXCHUNK;
193 } 195 }
194 196
195 if (inl) 197 if (inl)
196 Gost2814789_cnt_encrypt(in, out, inl, &c->ks, 198 Gost2814789_cnt_encrypt(in, out, inl, &c->ks, ctx->iv, ctx->buf,
197 ctx->iv, ctx->buf, &ctx->num); 199 &ctx->num);
198 return 1; 200 return 1;
199} 201}
200 202
diff --git a/src/lib/libcrypto/evp/m_gost2814789.c b/src/lib/libcrypto/evp/m_gost2814789.c
index ff3f489e46..279af872e0 100644
--- a/src/lib/libcrypto/evp/m_gost2814789.c
+++ b/src/lib/libcrypto/evp/m_gost2814789.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: m_gost2814789.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: m_gost2814789.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -56,22 +56,27 @@
56#include <openssl/gost.h> 56#include <openssl/gost.h>
57#include <openssl/objects.h> 57#include <openssl/objects.h>
58 58
59static int init(EVP_MD_CTX *ctx) 59static int
60gost2814789_init(EVP_MD_CTX *ctx)
60{ 61{
61 return GOST2814789IMIT_Init(ctx->md_data, NID_id_Gost28147_89_CryptoPro_A_ParamSet); 62 return GOST2814789IMIT_Init(ctx->md_data,
63 NID_id_Gost28147_89_CryptoPro_A_ParamSet);
62} 64}
63 65
64static int update(EVP_MD_CTX *ctx, const void *data, size_t count) 66static int
67gost2814789_update(EVP_MD_CTX *ctx, const void *data, size_t count)
65{ 68{
66 return GOST2814789IMIT_Update(ctx->md_data, data, count); 69 return GOST2814789IMIT_Update(ctx->md_data, data, count);
67} 70}
68 71
69static int final(EVP_MD_CTX *ctx, unsigned char *md) 72static int
73gost2814789_final(EVP_MD_CTX *ctx, unsigned char *md)
70{ 74{
71 return GOST2814789IMIT_Final(md, ctx->md_data); 75 return GOST2814789IMIT_Final(md, ctx->md_data);
72} 76}
73 77
74static int md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) 78static int
79gost2814789_md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
75{ 80{
76 GOST2814789IMIT_CTX *gctx = ctx->md_data; 81 GOST2814789IMIT_CTX *gctx = ctx->md_data;
77 82
@@ -89,12 +94,12 @@ static const EVP_MD gost2814789imit_md = {
89 .pkey_type = NID_undef, 94 .pkey_type = NID_undef,
90 .md_size = GOST2814789IMIT_LENGTH, 95 .md_size = GOST2814789IMIT_LENGTH,
91 .flags = 0, 96 .flags = 0,
92 .init = init, 97 .init = gost2814789_init,
93 .update = update, 98 .update = gost2814789_update,
94 .final = final, 99 .final = gost2814789_final,
95 .block_size = GOST2814789IMIT_CBLOCK, 100 .block_size = GOST2814789IMIT_CBLOCK,
96 .ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX), 101 .ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX),
97 .md_ctrl = md_ctrl, 102 .md_ctrl = gost2814789_md_ctrl,
98}; 103};
99 104
100const EVP_MD * 105const EVP_MD *
diff --git a/src/lib/libcrypto/evp/m_gostr341194.c b/src/lib/libcrypto/evp/m_gostr341194.c
index 380d92d508..66d9b4f303 100644
--- a/src/lib/libcrypto/evp/m_gostr341194.c
+++ b/src/lib/libcrypto/evp/m_gostr341194.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: m_gostr341194.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: m_gostr341194.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -58,17 +58,21 @@
58#include <openssl/gost.h> 58#include <openssl/gost.h>
59#include <openssl/objects.h> 59#include <openssl/objects.h>
60 60
61static int init(EVP_MD_CTX *ctx) 61static int
62gostr341194_init(EVP_MD_CTX *ctx)
62{ 63{
63 return GOSTR341194_Init(ctx->md_data, NID_id_GostR3411_94_CryptoProParamSet); 64 return GOSTR341194_Init(ctx->md_data,
65 NID_id_GostR3411_94_CryptoProParamSet);
64} 66}
65 67
66static int update(EVP_MD_CTX *ctx, const void *data, size_t count) 68static int
69gostr341194_update(EVP_MD_CTX *ctx, const void *data, size_t count)
67{ 70{
68 return GOSTR341194_Update(ctx->md_data, data, count); 71 return GOSTR341194_Update(ctx->md_data, data, count);
69} 72}
70 73
71static int final(EVP_MD_CTX *ctx, unsigned char *md) 74static int
75gostr341194_final(EVP_MD_CTX *ctx, unsigned char *md)
72{ 76{
73 return GOSTR341194_Final(md, ctx->md_data); 77 return GOSTR341194_Final(md, ctx->md_data);
74} 78}
@@ -78,9 +82,9 @@ static const EVP_MD gostr341194_md = {
78 .pkey_type = NID_undef, 82 .pkey_type = NID_undef,
79 .md_size = GOSTR341194_LENGTH, 83 .md_size = GOSTR341194_LENGTH,
80 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, 84 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
81 .init = init, 85 .init = gostr341194_init,
82 .update = update, 86 .update = gostr341194_update,
83 .final = final, 87 .final = gostr341194_final,
84 .block_size = GOSTR341194_CBLOCK, 88 .block_size = GOSTR341194_CBLOCK,
85 .ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX), 89 .ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX),
86}; 90};
diff --git a/src/lib/libcrypto/evp/m_streebog.c b/src/lib/libcrypto/evp/m_streebog.c
index cf4b159f43..882c7852bb 100644
--- a/src/lib/libcrypto/evp/m_streebog.c
+++ b/src/lib/libcrypto/evp/m_streebog.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: m_streebog.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: m_streebog.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -57,32 +57,38 @@
57#include <openssl/gost.h> 57#include <openssl/gost.h>
58#include <openssl/objects.h> 58#include <openssl/objects.h>
59 59
60static int init256(EVP_MD_CTX *ctx) 60static int
61streebog_init256(EVP_MD_CTX *ctx)
61{ 62{
62 return STREEBOG256_Init(ctx->md_data); 63 return STREEBOG256_Init(ctx->md_data);
63} 64}
64 65
65static int update256(EVP_MD_CTX *ctx, const void *data, size_t count) 66static int
67streebog_update256(EVP_MD_CTX *ctx, const void *data, size_t count)
66{ 68{
67 return STREEBOG256_Update(ctx->md_data, data, count); 69 return STREEBOG256_Update(ctx->md_data, data, count);
68} 70}
69 71
70static int final256(EVP_MD_CTX *ctx, unsigned char *md) 72static int
73streebog_final256(EVP_MD_CTX *ctx, unsigned char *md)
71{ 74{
72 return STREEBOG256_Final(md, ctx->md_data); 75 return STREEBOG256_Final(md, ctx->md_data);
73} 76}
74 77
75static int init512(EVP_MD_CTX *ctx) 78static int
79streebog_init512(EVP_MD_CTX *ctx)
76{ 80{
77 return STREEBOG512_Init(ctx->md_data); 81 return STREEBOG512_Init(ctx->md_data);
78} 82}
79 83
80static int update512(EVP_MD_CTX *ctx, const void *data, size_t count) 84static int
85streebog_update512(EVP_MD_CTX *ctx, const void *data, size_t count)
81{ 86{
82 return STREEBOG512_Update(ctx->md_data, data, count); 87 return STREEBOG512_Update(ctx->md_data, data, count);
83} 88}
84 89
85static int final512(EVP_MD_CTX *ctx, unsigned char *md) 90static int
91streebog_final512(EVP_MD_CTX *ctx, unsigned char *md)
86{ 92{
87 return STREEBOG512_Final(md, ctx->md_data); 93 return STREEBOG512_Final(md, ctx->md_data);
88} 94}
@@ -92,9 +98,9 @@ static const EVP_MD streebog256_md = {
92 .pkey_type = NID_undef, 98 .pkey_type = NID_undef,
93 .md_size = STREEBOG256_LENGTH, 99 .md_size = STREEBOG256_LENGTH,
94 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, 100 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
95 .init = init256, 101 .init = streebog_init256,
96 .update = update256, 102 .update = streebog_update256,
97 .final = final256, 103 .final = streebog_final256,
98 .block_size = STREEBOG_CBLOCK, 104 .block_size = STREEBOG_CBLOCK,
99 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX), 105 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
100}; 106};
@@ -104,9 +110,9 @@ static const EVP_MD streebog512_md = {
104 .pkey_type = NID_undef, 110 .pkey_type = NID_undef,
105 .md_size = STREEBOG512_LENGTH, 111 .md_size = STREEBOG512_LENGTH,
106 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, 112 .flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
107 .init = init512, 113 .init = streebog_init512,
108 .update = update512, 114 .update = streebog_update512,
109 .final = final512, 115 .final = streebog_final512,
110 .block_size = STREEBOG_CBLOCK, 116 .block_size = STREEBOG_CBLOCK,
111 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX), 117 .ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
112}; 118};
diff --git a/src/lib/libcrypto/gost/gost2814789.c b/src/lib/libcrypto/gost/gost2814789.c
index b80f692f10..1c11ddd93e 100644
--- a/src/lib/libcrypto/gost/gost2814789.c
+++ b/src/lib/libcrypto/gost/gost2814789.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gost2814789.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gost2814789.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -59,16 +59,19 @@
59 59
60#include "gost_locl.h" 60#include "gost_locl.h"
61 61
62static inline unsigned int f(const GOST2814789_KEY *c, unsigned int x) 62static inline unsigned int
63f(const GOST2814789_KEY *c, unsigned int x)
63{ 64{
64 return c->k87[(x>>24) & 255] | c->k65[(x>>16) & 255]| 65 return c->k87[(x>>24) & 255] | c->k65[(x>>16) & 255]|
65 c->k43[(x>> 8) & 255] | c->k21[(x ) & 255]; 66 c->k43[(x>> 8) & 255] | c->k21[(x ) & 255];
66} 67}
67 68
68void Gost2814789_encrypt(const unsigned char *in, unsigned char *out, 69void
69 const GOST2814789_KEY *key) 70Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
71 const GOST2814789_KEY *key)
70{ 72{
71 unsigned int n1, n2; /* As named in the GOST */ 73 unsigned int n1, n2; /* As named in the GOST */
74
72 c2l(in, n1); 75 c2l(in, n1);
73 c2l(in, n2); 76 c2l(in, n2);
74 77
@@ -97,10 +100,12 @@ void Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
97 l2c(n1, out); 100 l2c(n1, out);
98} 101}
99 102
100void Gost2814789_decrypt(const unsigned char *in, unsigned char *out, 103void
101 const GOST2814789_KEY *key) 104Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
105 const GOST2814789_KEY *key)
102{ 106{
103 unsigned int n1, n2; /* As named in the GOST */ 107 unsigned int n1, n2; /* As named in the GOST */
108
104 c2l(in, n1); 109 c2l(in, n1);
105 c2l(in, n2); 110 c2l(in, n2);
106 111
@@ -129,9 +134,9 @@ void Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
129 l2c(n1, out); 134 l2c(n1, out);
130} 135}
131 136
132static void Gost2814789_mac(const unsigned char *in, 137static void
133 unsigned char *mac, 138Gost2814789_mac(const unsigned char *in, unsigned char *mac,
134 GOST2814789_KEY *key) 139 GOST2814789_KEY *key)
135{ 140{
136 unsigned int n1, n2; /* As named in the GOST */ 141 unsigned int n1, n2; /* As named in the GOST */
137 unsigned char *p; 142 unsigned char *p;
@@ -160,9 +165,9 @@ static void Gost2814789_mac(const unsigned char *in,
160 l2c(n2, p); 165 l2c(n2, p);
161} 166}
162 167
163 168void
164void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out, 169Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
165 GOST2814789_KEY *key, const int enc) 170 GOST2814789_KEY *key, const int enc)
166{ 171{
167 if (key->key_meshing && key->count == 1024) { 172 if (key->key_meshing && key->count == 1024) {
168 Gost2814789_cryptopro_key_mesh(key); 173 Gost2814789_cryptopro_key_mesh(key);
@@ -175,7 +180,8 @@ void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
175 Gost2814789_decrypt(in, out, key); 180 Gost2814789_decrypt(in, out, key);
176} 181}
177 182
178static inline void Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *key) 183static inline void
184Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *key)
179{ 185{
180 if (key->key_meshing && key->count == 1024) { 186 if (key->key_meshing && key->count == 1024) {
181 Gost2814789_cryptopro_key_mesh(key); 187 Gost2814789_cryptopro_key_mesh(key);
@@ -186,9 +192,9 @@ static inline void Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *
186 key->count += 8; 192 key->count += 8;
187} 193}
188 194
189static inline void Gost2814789_mac_mesh(const unsigned char *data, 195static inline void
190 unsigned char *mac, 196Gost2814789_mac_mesh(const unsigned char *data, unsigned char *mac,
191 GOST2814789_KEY *key) 197 GOST2814789_KEY *key)
192{ 198{
193 if (key->key_meshing && key->count == 1024) { 199 if (key->key_meshing && key->count == 1024) {
194 Gost2814789_cryptopro_key_mesh(key); 200 Gost2814789_cryptopro_key_mesh(key);
@@ -198,115 +204,125 @@ static inline void Gost2814789_mac_mesh(const unsigned char *data,
198 key->count += 8; 204 key->count += 8;
199} 205}
200 206
201void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out, 207void
202 size_t len, GOST2814789_KEY *key, 208Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out,
203 unsigned char *ivec, int *num, const int enc) 209 size_t len, GOST2814789_KEY *key, unsigned char *ivec, int *num,
210 const int enc)
204{ 211{
205 unsigned int n; 212 unsigned int n;
206 size_t l = 0; 213 size_t l = 0;
207 214
208 OPENSSL_assert(in && out && key && ivec && num); 215 OPENSSL_assert(in && out && key && ivec && num);
209 216
210 n = *num; 217 n = *num;
211 218
212 if (enc) { 219 if (enc) {
213#if !defined(OPENSSL_SMALL_FOOTPRINT) 220#if !defined(OPENSSL_SMALL_FOOTPRINT)
214 if (8%sizeof(size_t) == 0) do { /* always true actually */ 221 if (8 % sizeof(size_t) == 0) do { /* always true actually */
215 while (n && len) { 222 while (n && len) {
216 *(out++) = ivec[n] ^= *(in++); 223 *(out++) = ivec[n] ^= *(in++);
217 --len; 224 --len;
218 n = (n+1) % 8; 225 n = (n + 1) % 8;
219 } 226 }
220#ifdef __STRICT_ALIGNMENT 227#ifdef __STRICT_ALIGNMENT
221 if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) 228 if (((size_t)in | (size_t)out | (size_t)ivec) %
222 break; 229 sizeof(size_t) != 0)
230 break;
223#endif 231#endif
224 while (len>=8) { 232 while (len >= 8) {
225 Gost2814789_encrypt_mesh(ivec, key); 233 Gost2814789_encrypt_mesh(ivec, key);
226 for (; n<8; n+=sizeof(size_t)) { 234 for (; n < 8; n += sizeof(size_t)) {
227 *(size_t*)(out+n) = 235 *(size_t*)(out + n) =
228 *(size_t*)(ivec+n) ^= *(size_t*)(in+n); 236 *(size_t*)(ivec + n) ^=
237 *(size_t*)(in + n);
238 }
239 len -= 8;
240 out += 8;
241 in += 8;
242 n = 0;
229 } 243 }
230 len -= 8; 244 if (len) {
231 out += 8; 245 Gost2814789_encrypt_mesh(ivec, key);
232 in += 8; 246 while (len--) {
233 n = 0; 247 out[n] = ivec[n] ^= in[n];
234 } 248 ++n;
235 if (len) { 249 }
236 Gost2814789_encrypt_mesh(ivec, key);
237 while (len--) {
238 out[n] = ivec[n] ^= in[n];
239 ++n;
240 } 250 }
241 } 251 *num = n;
242 *num = n; 252 return;
243 return; 253 } while (0);
244 } while (0); 254 /* the rest would be commonly eliminated by x86* compiler */
245 /* the rest would be commonly eliminated by x86* compiler */
246#endif 255#endif
247 while (l<len) { 256 while (l<len) {
248 if (n == 0) { 257 if (n == 0) {
249 Gost2814789_encrypt_mesh(ivec, key); 258 Gost2814789_encrypt_mesh(ivec, key);
259 }
260 out[l] = ivec[n] ^= in[l];
261 ++l;
262 n = (n + 1) % 8;
250 } 263 }
251 out[l] = ivec[n] ^= in[l]; 264 *num = n;
252 ++l; 265 } else {
253 n = (n+1) % 8;
254 }
255 *num = n;
256 } else {
257#if !defined(OPENSSL_SMALL_FOOTPRINT) 266#if !defined(OPENSSL_SMALL_FOOTPRINT)
258 if (8%sizeof(size_t) == 0) do { /* always true actually */ 267 if (8 % sizeof(size_t) == 0) do { /* always true actually */
259 while (n && len) { 268 while (n && len) {
260 unsigned char c; 269 unsigned char c;
261 *(out++) = ivec[n] ^ (c = *(in++)); ivec[n] = c; 270
262 --len; 271 *(out++) = ivec[n] ^ (c = *(in++));
263 n = (n+1) % 8; 272 ivec[n] = c;
264 } 273 --len;
274 n = (n + 1) % 8;
275 }
265#ifdef __STRICT_ALIGNMENT 276#ifdef __STRICT_ALIGNMENT
266 if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) 277 if (((size_t)in | (size_t)out | (size_t)ivec) %
267 break; 278 sizeof(size_t) != 0)
279 break;
268#endif 280#endif
269 while (len>=8) { 281 while (len >= 8) {
270 Gost2814789_encrypt_mesh(ivec, key); 282 Gost2814789_encrypt_mesh(ivec, key);
271 for (; n<8; n+=sizeof(size_t)) { 283 for (; n < 8; n += sizeof(size_t)) {
272 size_t t = *(size_t*)(in+n); 284 size_t t = *(size_t*)(in + n);
273 *(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t; 285 *(size_t*)(out + n) =
274 *(size_t*)(ivec+n) = t; 286 *(size_t*)(ivec + n) ^ t;
275 } 287 *(size_t*)(ivec + n) = t;
276 len -= 8; 288 }
277 out += 8; 289 len -= 8;
278 in += 8; 290 out += 8;
279 n = 0; 291 in += 8;
280 } 292 n = 0;
281 if (len) {
282 Gost2814789_encrypt_mesh(ivec, key);
283 while (len--) {
284 unsigned char c;
285 out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c;
286 ++n;
287 } 293 }
288 } 294 if (len) {
289 *num = n; 295 Gost2814789_encrypt_mesh(ivec, key);
290 return; 296 while (len--) {
291 } while (0); 297 unsigned char c;
292 /* the rest would be commonly eliminated by x86* compiler */ 298
299 out[n] = ivec[n] ^ (c = in[n]);
300 ivec[n] = c;
301 ++n;
302 }
303 }
304 *num = n;
305 return;
306 } while (0);
307 /* the rest would be commonly eliminated by x86* compiler */
293#endif 308#endif
294 while (l<len) { 309 while (l < len) {
295 unsigned char c; 310 unsigned char c;
296 if (n == 0) { 311
297 Gost2814789_encrypt_mesh(ivec, key); 312 if (n == 0) {
313 Gost2814789_encrypt_mesh(ivec, key);
314 }
315 out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;
316 ++l;
317 n = (n + 1) % 8;
298 } 318 }
299 out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c; 319 *num = n;
300 ++l;
301 n = (n+1) % 8;
302 } 320 }
303 *num=n;
304 }
305} 321}
306 322
307static inline void Gost2814789_cnt_next(unsigned char *ivec, 323static inline void
308 unsigned char *out, 324Gost2814789_cnt_next(unsigned char *ivec, unsigned char *out,
309 GOST2814789_KEY *key) 325 GOST2814789_KEY *key)
310{ 326{
311 unsigned char *p = ivec, *p2 = ivec; 327 unsigned char *p = ivec, *p2 = ivec;
312 unsigned int val, val2; 328 unsigned int val, val2;
@@ -334,34 +350,35 @@ static inline void Gost2814789_cnt_next(unsigned char *ivec,
334 key->count += 8; 350 key->count += 8;
335} 351}
336 352
337void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, 353void
338 size_t len, GOST2814789_KEY *key, 354Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, size_t len,
339 unsigned char *ivec, unsigned char *cnt_buf, int *num) 355 GOST2814789_KEY *key, unsigned char *ivec, unsigned char *cnt_buf, int *num)
340{ 356{
341 unsigned int n; 357 unsigned int n;
342 size_t l=0; 358 size_t l = 0;
343 359
344 OPENSSL_assert(in && out && key && cnt_buf && num); 360 OPENSSL_assert(in && out && key && cnt_buf && num);
345 361
346 n = *num; 362 n = *num;
347 363
348#if !defined(OPENSSL_SMALL_FOOTPRINT) 364#if !defined(OPENSSL_SMALL_FOOTPRINT)
349 if (8%sizeof(size_t) == 0) do { /* always true actually */ 365 if (8 % sizeof(size_t) == 0) do { /* always true actually */
350 while (n && len) { 366 while (n && len) {
351 *(out++) = *(in++) ^ cnt_buf[n]; 367 *(out++) = *(in++) ^ cnt_buf[n];
352 --len; 368 --len;
353 n = (n+1) % 8; 369 n = (n + 1) % 8;
354 } 370 }
355 371
356#ifdef __STRICT_ALIGNMENT 372#ifdef __STRICT_ALIGNMENT
357 if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) 373 if (((size_t)in | (size_t)out | (size_t)ivec) %
374 sizeof(size_t) != 0)
358 break; 375 break;
359#endif 376#endif
360 while (len>=8) { 377 while (len >= 8) {
361 Gost2814789_cnt_next(ivec, cnt_buf, key); 378 Gost2814789_cnt_next(ivec, cnt_buf, key);
362 for (; n<8; n+=sizeof(size_t)) 379 for (; n < 8; n += sizeof(size_t))
363 *(size_t *)(out+n) = 380 *(size_t *)(out + n) = *(size_t *)(in + n) ^
364 *(size_t *)(in+n) ^ *(size_t *)(cnt_buf+n); 381 *(size_t *)(cnt_buf + n);
365 len -= 8; 382 len -= 8;
366 out += 8; 383 out += 8;
367 in += 8; 384 in += 8;
@@ -379,27 +396,31 @@ void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out,
379 } while(0); 396 } while(0);
380 /* the rest would be commonly eliminated by x86* compiler */ 397 /* the rest would be commonly eliminated by x86* compiler */
381#endif 398#endif
382 while (l<len) { 399 while (l < len) {
383 if (n==0) 400 if (n==0)
384 Gost2814789_cnt_next(ivec, cnt_buf, key); 401 Gost2814789_cnt_next(ivec, cnt_buf, key);
385 out[l] = in[l] ^ cnt_buf[n]; 402 out[l] = in[l] ^ cnt_buf[n];
386 ++l; 403 ++l;
387 n = (n+1) % 8; 404 n = (n + 1) % 8;
388 } 405 }
389 406
390 *num=n; 407 *num=n;
391} 408}
392 409
393int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid) 410int
411GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid)
394{ 412{
395 c->Nl = c->Nh = c->num = 0; 413 c->Nl = c->Nh = c->num = 0;
396 memset(c->mac, 0, 8); 414 memset(c->mac, 0, 8);
397 return Gost2814789_set_sbox(&c->cipher, nid); 415 return Gost2814789_set_sbox(&c->cipher, nid);
398} 416}
399 417
400static void GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx, const void *p, size_t num) 418static void
419GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx, const void *p,
420 size_t num)
401{ 421{
402 int i; 422 int i;
423
403 for (i = 0; i < num; i++) { 424 for (i = 0; i < num; i++) {
404 Gost2814789_mac_mesh(p, ctx->mac, &ctx->cipher); 425 Gost2814789_mac_mesh(p, ctx->mac, &ctx->cipher);
405 p += 8; 426 p += 8;
@@ -418,7 +439,8 @@ static void GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx, const voi
418 439
419#include "md32_common.h" 440#include "md32_common.h"
420 441
421int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c) 442int
443GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c)
422{ 444{
423 if (c->num) { 445 if (c->num) {
424 memset(c->data + c->num, 0, 8 - c->num); 446 memset(c->data + c->num, 0, 8 - c->num);
@@ -432,9 +454,9 @@ int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c)
432 return 1; 454 return 1;
433} 455}
434 456
435unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n, 457unsigned char *
436 unsigned char *md, int nid, 458GOST2814789IMIT(const unsigned char *d, size_t n, unsigned char *md, int nid,
437 const unsigned char *key, const unsigned char *iv) 459 const unsigned char *key, const unsigned char *iv)
438{ 460{
439 GOST2814789IMIT_CTX c; 461 GOST2814789IMIT_CTX c;
440 static unsigned char m[GOST2814789IMIT_LENGTH]; 462 static unsigned char m[GOST2814789IMIT_LENGTH];
diff --git a/src/lib/libcrypto/gost/gost89_params.c b/src/lib/libcrypto/gost/gost89_params.c
index 2b2607d24b..35d8f62fe9 100644
--- a/src/lib/libcrypto/gost/gost89_params.c
+++ b/src/lib/libcrypto/gost/gost89_params.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gost89_params.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gost89_params.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -179,7 +179,8 @@ static const struct gost89_parameters_info {
179 {NID_undef,NULL,0} 179 {NID_undef,NULL,0}
180}; 180};
181 181
182int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid) 182int
183Gost2814789_set_sbox(GOST2814789_KEY *key, int nid)
183{ 184{
184 int i; 185 int i;
185 const gost_subst_block *b = NULL; 186 const gost_subst_block *b = NULL;
@@ -194,7 +195,7 @@ int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid)
194 break; 195 break;
195 } 196 }
196 197
197 if (!b) 198 if (b == NULL)
198 return 0; 199 return 0;
199 200
200 for (i = 0; i < 256; i++) { 201 for (i = 0; i < 256; i++) {
@@ -211,8 +212,9 @@ int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid)
211 return 1; 212 return 1;
212} 213}
213 214
214int Gost2814789_set_key(GOST2814789_KEY *key, 215int
215 const unsigned char *userKey, const int bits) 216Gost2814789_set_key(GOST2814789_KEY *key, const unsigned char *userKey,
217 const int bits)
216{ 218{
217 int i; 219 int i;
218 220
@@ -227,7 +229,8 @@ int Gost2814789_set_key(GOST2814789_KEY *key,
227 return 1; 229 return 1;
228} 230}
229 231
230void Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key) 232void
233Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key)
231{ 234{
232 unsigned char newkey[32]; 235 unsigned char newkey[32];
233 236
diff --git a/src/lib/libcrypto/gost/gost89imit_ameth.c b/src/lib/libcrypto/gost/gost89imit_ameth.c
index 879c2b0ca0..a2631d97f8 100644
--- a/src/lib/libcrypto/gost/gost89imit_ameth.c
+++ b/src/lib/libcrypto/gost/gost89imit_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gost89imit_ameth.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gost89imit_ameth.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -56,14 +56,14 @@
56 56
57#include "asn1_locl.h" 57#include "asn1_locl.h"
58 58
59static void mackey_free_gost(EVP_PKEY *pk) 59static void
60mackey_free_gost(EVP_PKEY *pk)
60{ 61{
61 if (pk->pkey.ptr) { 62 free(pk->pkey.ptr);
62 free(pk->pkey.ptr);
63 }
64} 63}
65 64
66static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) 65static int
66mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
67{ 67{
68 switch (op) { 68 switch (op) {
69 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 69 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
diff --git a/src/lib/libcrypto/gost/gost89imit_pmeth.c b/src/lib/libcrypto/gost/gost89imit_pmeth.c
index ec9c72372c..fa79abf0af 100644
--- a/src/lib/libcrypto/gost/gost89imit_pmeth.c
+++ b/src/lib/libcrypto/gost/gost89imit_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gost89imit_pmeth.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gost89imit_pmeth.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -57,7 +57,7 @@
57#include <openssl/evp.h> 57#include <openssl/evp.h>
58#include <openssl/err.h> 58#include <openssl/err.h>
59#include <openssl/gost.h> 59#include <openssl/gost.h>
60#include <openssl/x509v3.h> /*For string_to_hex */ 60#include <openssl/x509v3.h> /* For string_to_hex */
61 61
62#include "evp_locl.h" 62#include "evp_locl.h"
63#include "gost_locl.h" 63#include "gost_locl.h"
@@ -65,31 +65,34 @@
65struct gost_mac_pmeth_data { 65struct gost_mac_pmeth_data {
66 EVP_MD *md; 66 EVP_MD *md;
67 unsigned char key[32]; 67 unsigned char key[32];
68 unsigned key_set : 1; 68 unsigned key_set :1;
69}; 69};
70 70
71static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx) 71static int
72pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
72{ 73{
73 struct gost_mac_pmeth_data *data; 74 struct gost_mac_pmeth_data *data;
74 75
75 data = calloc(1, sizeof(struct gost_mac_pmeth_data)); 76 data = calloc(1, sizeof(struct gost_mac_pmeth_data));
76 if (!data) 77 if (data == NULL)
77 return 0; 78 return 0;
78 EVP_PKEY_CTX_set_data(ctx,data); 79 EVP_PKEY_CTX_set_data(ctx, data);
79 return 1; 80 return 1;
80} 81}
81 82
82static void pkey_gost_mac_cleanup (EVP_PKEY_CTX *ctx) 83static void
84pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
83{ 85{
84 struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); 86 struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
85 free(data); 87 free(data);
86} 88}
87 89
88static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) 90static int
91pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
89{ 92{
90 struct gost_mac_pmeth_data *dst_data, *src_data; 93 struct gost_mac_pmeth_data *dst_data, *src_data;
91 94
92 if (!pkey_gost_mac_init(dst)) 95 if (pkey_gost_mac_init(dst) == 0)
93 return 0; 96 return 0;
94 97
95 src_data = EVP_PKEY_CTX_get_data(src); 98 src_data = EVP_PKEY_CTX_get_data(src);
@@ -100,7 +103,8 @@ static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
100 return 1; 103 return 1;
101} 104}
102 105
103static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 106static int
107pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
104{ 108{
105 struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); 109 struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
106 unsigned char *keydata; 110 unsigned char *keydata;
@@ -132,7 +136,8 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
132 136
133 case EVP_PKEY_CTRL_SET_MAC_KEY: 137 case EVP_PKEY_CTRL_SET_MAC_KEY:
134 if (p1 != 32) { 138 if (p1 != 32) {
135 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); 139 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
140 GOST_R_INVALID_MAC_KEY_LENGTH);
136 return 0; 141 return 0;
137 } 142 }
138 143
@@ -141,67 +146,78 @@ static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
141 return 1; 146 return 1;
142 147
143 case EVP_PKEY_CTRL_DIGESTINIT: 148 case EVP_PKEY_CTRL_DIGESTINIT:
144 { 149 {
145 EVP_MD_CTX *mctx = p2; 150 EVP_MD_CTX *mctx = p2;
146 void *key; 151 void *key;
147 if (!data->key_set) { 152
148 EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); 153 if (!data->key_set) {
149 if (!pkey) { 154 EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
150 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_MAC_KEY_NOT_SET); 155 if (pkey == NULL) {
151 return 0; 156 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
152 } 157 GOST_R_MAC_KEY_NOT_SET);
153 key = EVP_PKEY_get0(pkey); 158 return 0;
154 if (!key) {
155 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_MAC_KEY_NOT_SET);
156 return 0;
157 }
158 } else {
159 key = &(data->key);
160 } 159 }
161 if (!mctx->digest->md_ctrl) 160 key = EVP_PKEY_get0(pkey);
161 if (key == NULL) {
162 GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
163 GOST_R_MAC_KEY_NOT_SET);
162 return 0; 164 return 0;
163 return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8, key); 165 }
166 } else {
167 key = &(data->key);
164 } 168 }
169 if (mctx->digest->md_ctrl == NULL)
170 return 0;
171 return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8,
172 key);
173 }
165 174
166 } 175 }
167 176
168 return -2; 177 return -2;
169} 178}
170static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, 179
171 const char *type, const char *value) 180static int
181pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
172{ 182{
173 if (!value) 183 if (value == NULL)
174 return 0; 184 return 0;
175 if (!strcmp(type, "key")) { 185 if (strcmp(type, "key") == 0) {
176 void *p = (void *)value; 186 void *p = (void *)value;
177 return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, strlen(value), p); 187 return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
188 strlen(value), p);
178 } 189 }
179 if (!strcmp(type, "hexkey")) { 190 if (strcmp(type, "hexkey") == 0) {
180 unsigned char *key; 191 unsigned char *key;
181 int r; 192 int r;
182 long keylen; 193 long keylen;
194
183 key = string_to_hex(value, &keylen); 195 key = string_to_hex(value, &keylen);
184 if (!key) 196 if (key == NULL)
185 return 0; 197 return 0;
186 r = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); 198 r = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen,
199 key);
187 free(key); 200 free(key);
188 return r; 201 return r;
189 } 202 }
190 return -2; 203 return -2;
191} 204}
192 205
193static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) 206static int
207pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
194{ 208{
195 return 1; 209 return 1;
196} 210}
197 211
198static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx) 212static int
213pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
214 EVP_MD_CTX *mctx)
199{ 215{
200 unsigned int tmpsiglen=*siglen; /* for platforms where sizeof(int)!=sizeof(size_t)*/ 216 /* for platforms where sizeof(int) != sizeof(size_t)*/
217 unsigned int tmpsiglen = *siglen;
201 int ret; 218 int ret;
202 219
203 220 if (sig == NULL) {
204 if (!sig) {
205 *siglen = 4; 221 *siglen = 4;
206 return 1; 222 return 1;
207 } 223 }
diff --git a/src/lib/libcrypto/gost/gostr341001_ameth.c b/src/lib/libcrypto/gost/gostr341001_ameth.c
index 09b851cef4..710f2aa58c 100644
--- a/src/lib/libcrypto/gost/gostr341001_ameth.c
+++ b/src/lib/libcrypto/gost/gostr341001_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_ameth.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gostr341001_ameth.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -68,15 +68,18 @@
68#include "gost_locl.h" 68#include "gost_locl.h"
69#include "gost_asn1.h" 69#include "gost_asn1.h"
70 70
71static void pkey_free_gost01(EVP_PKEY *key) 71static void
72pkey_free_gost01(EVP_PKEY *key)
72{ 73{
73 GOST_KEY_free(key->pkey.gost); 74 GOST_KEY_free(key->pkey.gost);
74} 75}
75 76
76/* Parses GOST algorithm parameters from X509_ALGOR and 77/*
78 * Parses GOST algorithm parameters from X509_ALGOR and
77 * modifies pkey setting NID and parameters 79 * modifies pkey setting NID and parameters
78 */ 80 */
79static int decode_gost01_algor_params(EVP_PKEY * pkey, const unsigned char **p, int len) 81static int
82decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned char **p, int len)
80{ 83{
81 int param_nid = NID_undef, digest_nid = NID_undef; 84 int param_nid = NID_undef, digest_nid = NID_undef;
82 GOST_KEY_PARAMS *gkp = NULL; 85 GOST_KEY_PARAMS *gkp = NULL;
@@ -84,7 +87,7 @@ static int decode_gost01_algor_params(EVP_PKEY * pkey, const unsigned char **p,
84 GOST_KEY *ec; 87 GOST_KEY *ec;
85 88
86 gkp = d2i_GOST_KEY_PARAMS(NULL, p, len); 89 gkp = d2i_GOST_KEY_PARAMS(NULL, p, len);
87 if (!gkp) { 90 if (gkp == NULL) {
88 GOSTerr(GOST_F_DECODE_GOST01_ALGOR_PARAMS, 91 GOSTerr(GOST_F_DECODE_GOST01_ALGOR_PARAMS,
89 GOST_R_BAD_PKEY_PARAMETERS_FORMAT); 92 GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
90 return 0; 93 return 0;
@@ -92,10 +95,13 @@ static int decode_gost01_algor_params(EVP_PKEY * pkey, const unsigned char **p,
92 param_nid = OBJ_obj2nid(gkp->key_params); 95 param_nid = OBJ_obj2nid(gkp->key_params);
93 digest_nid = OBJ_obj2nid(gkp->hash_params); 96 digest_nid = OBJ_obj2nid(gkp->hash_params);
94 GOST_KEY_PARAMS_free(gkp); 97 GOST_KEY_PARAMS_free(gkp);
98
95 ec = pkey->pkey.gost; 99 ec = pkey->pkey.gost;
96 if (!ec) { 100 if (ec == NULL) {
97 ec = GOST_KEY_new(); 101 ec = GOST_KEY_new();
98 if (!EVP_PKEY_assign_GOST(pkey, ec)) 102 if (ec == NULL)
103 return 0;
104 if (EVP_PKEY_assign_GOST(pkey, ec) == 0)
99 return 0; 105 return 0;
100 } 106 }
101 107
@@ -113,26 +119,30 @@ static int decode_gost01_algor_params(EVP_PKEY * pkey, const unsigned char **p,
113 return 1; 119 return 1;
114} 120}
115 121
116static ASN1_STRING *encode_gost01_algor_params(const EVP_PKEY * key) 122static ASN1_STRING *
123encode_gost01_algor_params(const EVP_PKEY *key)
117{ 124{
118 ASN1_STRING *params = ASN1_STRING_new(); 125 ASN1_STRING *params = ASN1_STRING_new();
119 GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); 126 GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
120 int pkey_param_nid = NID_undef; 127 int pkey_param_nid = NID_undef;
121 128
122 if (!params || !gkp) { 129 if (params == NULL || gkp == NULL) {
123 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); 130 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS,
131 ERR_R_MALLOC_FAILURE);
124 ASN1_STRING_free(params); 132 ASN1_STRING_free(params);
125 params = NULL; 133 params = NULL;
126 goto err; 134 goto err;
127 } 135 }
128 136
129 pkey_param_nid = EC_GROUP_get_curve_name(GOST_KEY_get0_group(key->pkey.gost)); 137 pkey_param_nid =
138 EC_GROUP_get_curve_name(GOST_KEY_get0_group(key->pkey.gost));
130 gkp->key_params = OBJ_nid2obj(pkey_param_nid); 139 gkp->key_params = OBJ_nid2obj(pkey_param_nid);
131 gkp->hash_params = OBJ_nid2obj(GOST_KEY_get_digest(key->pkey.gost)); 140 gkp->hash_params = OBJ_nid2obj(GOST_KEY_get_digest(key->pkey.gost));
132 /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */ 141 /*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */
133 params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data); 142 params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
134 if (params->length <= 0) { 143 if (params->length <= 0) {
135 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); 144 GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS,
145 ERR_R_MALLOC_FAILURE);
136 ASN1_STRING_free(params); 146 ASN1_STRING_free(params);
137 params = NULL; 147 params = NULL;
138 goto err; 148 goto err;
@@ -143,37 +153,42 @@ err:
143 return params; 153 return params;
144} 154}
145 155
146static int pub_cmp_gost01(const EVP_PKEY * a, const EVP_PKEY * b) 156static int
157pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
147{ 158{
148 const GOST_KEY *ea = a->pkey.gost; 159 const GOST_KEY *ea = a->pkey.gost;
149 const GOST_KEY *eb = b->pkey.gost; 160 const GOST_KEY *eb = b->pkey.gost;
150 const EC_POINT *ka, *kb; 161 const EC_POINT *ka, *kb;
151 int ret = 0; 162 int ret = 0;
152 if (!ea || !eb) 163
164 if (ea == NULL || eb == NULL)
153 return 0; 165 return 0;
154 ka = GOST_KEY_get0_public_key(ea); 166 ka = GOST_KEY_get0_public_key(ea);
155 kb = GOST_KEY_get0_public_key(eb); 167 kb = GOST_KEY_get0_public_key(eb);
156 if (!ka || !kb) 168 if (ka == NULL || kb == NULL)
157 return 0; 169 return 0;
158 ret = (0 == EC_POINT_cmp(GOST_KEY_get0_group(ea), ka, kb, NULL)); 170 ret = (0 == EC_POINT_cmp(GOST_KEY_get0_group(ea), ka, kb, NULL));
159 return ret; 171 return ret;
160} 172}
161 173
162static int pkey_size_gost01(const EVP_PKEY * pk) 174static int
175pkey_size_gost01(const EVP_PKEY *pk)
163{ 176{
164 if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512) 177 if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
165 return 128; 178 return 128;
166 return 64; 179 return 64;
167} 180}
168 181
169static int pkey_bits_gost01(const EVP_PKEY * pk) 182static int
183pkey_bits_gost01(const EVP_PKEY *pk)
170{ 184{
171 if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512) 185 if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
172 return 512; 186 return 512;
173 return 256; 187 return 256;
174} 188}
175 189
176static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) 190static int
191pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
177{ 192{
178 X509_ALGOR *palg = NULL; 193 X509_ALGOR *palg = NULL;
179 const unsigned char *pubkey_buf = NULL; 194 const unsigned char *pubkey_buf = NULL;
@@ -187,21 +202,22 @@ static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
187 int ptype = V_ASN1_UNDEF; 202 int ptype = V_ASN1_UNDEF;
188 ASN1_STRING *pval = NULL; 203 ASN1_STRING *pval = NULL;
189 204
190 if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, 205 if (X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)
191 &palg, pub)) 206 == 0)
192 return 0; 207 return 0;
193 EVP_PKEY_assign_GOST(pk, NULL); 208 (void)EVP_PKEY_assign_GOST(pk, NULL);
194 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg); 209 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
195 if (ptype != V_ASN1_SEQUENCE) { 210 if (ptype != V_ASN1_SEQUENCE) {
196 GOSTerr(GOST_F_PUB_DECODE_GOST01, 211 GOSTerr(GOST_F_PUB_DECODE_GOST01,
197 GOST_R_BAD_KEY_PARAMETERS_FORMAT); 212 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
198 return 0; 213 return 0;
199 } 214 }
200 p = pval->data; 215 p = pval->data;
201 if (!decode_gost01_algor_params(pk, &p, pval->length)) 216 if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
202 return 0; 217 return 0;
218
203 octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); 219 octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
204 if (!octet) { 220 if (octet == NULL) {
205 GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); 221 GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
206 return 0; 222 return 0;
207 } 223 }
@@ -363,7 +379,8 @@ static int priv_print_gost01(BIO * out, const EVP_PKEY * pkey, int indent,
363 return pub_print_gost01(out, pkey, indent, pctx); 379 return pub_print_gost01(out, pkey, indent, pctx);
364} 380}
365 381
366static int priv_decode_gost01(EVP_PKEY * pk, PKCS8_PRIV_KEY_INFO * p8inf) 382static int
383priv_decode_gost01(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
367{ 384{
368 const unsigned char *pkey_buf = NULL, *p = NULL; 385 const unsigned char *pkey_buf = NULL, *p = NULL;
369 int priv_len = 0; 386 int priv_len = 0;
@@ -376,25 +393,27 @@ static int priv_decode_gost01(EVP_PKEY * pk, PKCS8_PRIV_KEY_INFO * p8inf)
376 int ptype = V_ASN1_UNDEF; 393 int ptype = V_ASN1_UNDEF;
377 ASN1_STRING *pval = NULL; 394 ASN1_STRING *pval = NULL;
378 395
379 if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf)) 396 if (PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf) == 0)
380 return 0; 397 return 0;
381 EVP_PKEY_assign_GOST(pk, NULL); 398 (void)EVP_PKEY_assign_GOST(pk, NULL);
382 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg); 399 X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
383 if (ptype != V_ASN1_SEQUENCE) { 400 if (ptype != V_ASN1_SEQUENCE) {
384 GOSTerr(GOST_F_PUB_DECODE_GOST01, 401 GOSTerr(GOST_F_PUB_DECODE_GOST01,
385 GOST_R_BAD_KEY_PARAMETERS_FORMAT); 402 GOST_R_BAD_KEY_PARAMETERS_FORMAT);
386 return 0; 403 return 0;
387 } 404 }
388 p = pval->data; 405 p = pval->data;
389 if (!decode_gost01_algor_params(pk, &p, pval->length)) 406 if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
390 return 0; 407 return 0;
391 p = pkey_buf; 408 p = pkey_buf;
392 if (V_ASN1_OCTET_STRING == *p) { 409 if (V_ASN1_OCTET_STRING == *p) {
393 /* New format - Little endian octet string */ 410 /* New format - Little endian octet string */
394 unsigned char rev_buf[32]; 411 unsigned char rev_buf[32];
395 int i; 412 int i;
396 ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); 413 ASN1_OCTET_STRING *s =
397 if (!s || s->length != 32) { 414 d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
415
416 if (s == NULL || s->length != 32) {
398 GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR); 417 GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR);
399 return 0; 418 return 0;
400 } 419 }
@@ -483,13 +502,14 @@ static int param_decode_gost01(EVP_PKEY * pkey, const unsigned char **pder,
483 ASN1_OBJECT_free(obj); 502 ASN1_OBJECT_free(obj);
484 503
485 ec = GOST_KEY_new(); 504 ec = GOST_KEY_new();
486 if (!ec) { 505 if (ec == NULL) {
487 GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE); 506 GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
488 return 0; 507 return 0;
489 } 508 }
490 group = EC_GROUP_new_by_curve_name(nid); 509 group = EC_GROUP_new_by_curve_name(nid);
491 if (group == NULL) { 510 if (group == NULL) {
492 GOSTerr(GOST_F_PARAM_DECODE_GOST01, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); 511 GOSTerr(GOST_F_PARAM_DECODE_GOST01,
512 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
493 GOST_KEY_free(ec); 513 GOST_KEY_free(ec);
494 return 0; 514 return 0;
495 } 515 }
@@ -602,10 +622,12 @@ static int pkey_ctrl_gost01(EVP_PKEY * pkey, int op, long arg1, void *arg2)
602 X509_ALGOR_set0(alg2, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_NULL, 0); 622 X509_ALGOR_set0(alg2, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_NULL, 0);
603 if (alg3) { 623 if (alg3) {
604 ASN1_STRING *params = encode_gost01_algor_params(pkey); 624 ASN1_STRING *params = encode_gost01_algor_params(pkey);
605 if (!params) { 625 if (params == NULL) {
606 return -1; 626 return -1;
607 } 627 }
608 X509_ALGOR_set0(alg3, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_SEQUENCE, params); 628 X509_ALGOR_set0(alg3,
629 OBJ_nid2obj(GostR3410_get_pk_digest(digest)),
630 V_ASN1_SEQUENCE, params);
609 } 631 }
610 632
611 return 1; 633 return 1;
diff --git a/src/lib/libcrypto/gost/gostr341001_key.c b/src/lib/libcrypto/gost/gostr341001_key.c
index 9c7f52b769..b236dde28a 100644
--- a/src/lib/libcrypto/gost/gostr341001_key.c
+++ b/src/lib/libcrypto/gost/gostr341001_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_key.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gostr341001_key.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -68,7 +68,8 @@ struct gost_key_st {
68 int digest_nid; 68 int digest_nid;
69}; 69};
70 70
71GOST_KEY * GOST_KEY_new(void) 71GOST_KEY *
72GOST_KEY_new(void)
72{ 73{
73 GOST_KEY *ret; 74 GOST_KEY *ret;
74 75
@@ -85,7 +86,8 @@ GOST_KEY * GOST_KEY_new(void)
85 return (ret); 86 return (ret);
86} 87}
87 88
88void GOST_KEY_free(GOST_KEY * r) 89void
90GOST_KEY_free(GOST_KEY *r)
89{ 91{
90 int i; 92 int i;
91 93
@@ -100,23 +102,23 @@ void GOST_KEY_free(GOST_KEY * r)
100 EC_POINT_free(r->pub_key); 102 EC_POINT_free(r->pub_key);
101 BN_clear_free(r->priv_key); 103 BN_clear_free(r->priv_key);
102 104
103 OPENSSL_cleanse((void *) r, sizeof(GOST_KEY)); 105 OPENSSL_cleanse((void *)r, sizeof(GOST_KEY));
104
105 free(r); 106 free(r);
106} 107}
107 108
108int GOST_KEY_check_key(const GOST_KEY * key) 109int
110GOST_KEY_check_key(const GOST_KEY *key)
109{ 111{
110 int ok = 0; 112 int ok = 0;
111 BN_CTX *ctx = NULL; 113 BN_CTX *ctx = NULL;
112 BIGNUM *order = NULL; 114 BIGNUM *order = NULL;
113 EC_POINT *point = NULL; 115 EC_POINT *point = NULL;
114 116
115 if (!key || !key->group || !key->pub_key) { 117 if (key == NULL || key->group == NULL || key->pub_key == NULL) {
116 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); 118 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
117 return 0; 119 return 0;
118 } 120 }
119 if (EC_POINT_is_at_infinity(key->group, key->pub_key)) { 121 if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) {
120 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY); 122 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
121 goto err; 123 goto err;
122 } 124 }
@@ -126,22 +128,23 @@ int GOST_KEY_check_key(const GOST_KEY * key)
126 goto err; 128 goto err;
127 129
128 /* testing whether the pub_key is on the elliptic curve */ 130 /* testing whether the pub_key is on the elliptic curve */
129 if (!EC_POINT_is_on_curve(key->group, key->pub_key, ctx)) { 131 if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) == 0) {
130 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE); 132 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
131 goto err; 133 goto err;
132 } 134 }
133 /* testing whether pub_key * order is the point at infinity */ 135 /* testing whether pub_key * order is the point at infinity */
134 if ((order = BN_new()) == NULL) 136 if ((order = BN_new()) == NULL)
135 goto err; 137 goto err;
136 if (!EC_GROUP_get_order(key->group, order, ctx)) { 138 if (EC_GROUP_get_order(key->group, order, ctx) == 0) {
137 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER); 139 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
138 goto err; 140 goto err;
139 } 141 }
140 if (!EC_POINT_mul(key->group, point, NULL, key->pub_key, order, ctx)) { 142 if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order,
143 ctx) == 0) {
141 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB); 144 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB);
142 goto err; 145 goto err;
143 } 146 }
144 if (!EC_POINT_is_at_infinity(key->group, point)) { 147 if (EC_POINT_is_at_infinity(key->group, point) == 0) {
145 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER); 148 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
146 goto err; 149 goto err;
147 } 150 }
@@ -149,19 +152,19 @@ int GOST_KEY_check_key(const GOST_KEY * key)
149 * in case the priv_key is present : check if generator * priv_key == 152 * in case the priv_key is present : check if generator * priv_key ==
150 * pub_key 153 * pub_key
151 */ 154 */
152 if (key->priv_key) { 155 if (key->priv_key != NULL) {
153 if (BN_cmp(key->priv_key, order) >= 0) { 156 if (BN_cmp(key->priv_key, order) >= 0) {
154 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER); 157 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
155 goto err; 158 goto err;
156 } 159 }
157 if (!EC_POINT_mul(key->group, point, key->priv_key, 160 if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL,
158 NULL, NULL, ctx)) { 161 ctx) == 0) {
159 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB); 162 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB);
160 goto err; 163 goto err;
161 } 164 }
162 if (EC_POINT_cmp(key->group, point, key->pub_key, 165 if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) {
163 ctx) != 0) { 166 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY,
164 GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY); 167 EC_R_INVALID_PRIVATE_KEY);
165 goto err; 168 goto err;
166 } 169 }
167 } 170 }
@@ -220,30 +223,34 @@ int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNU
220 ok = 1; 223 ok = 1;
221 224
222err: 225err:
223 BN_CTX_free(ctx);
224 EC_POINT_free(point); 226 EC_POINT_free(point);
227 BN_CTX_free(ctx);
225 return ok; 228 return ok;
226 229
227} 230}
228 231
229const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key) 232const EC_GROUP *
233GOST_KEY_get0_group(const GOST_KEY *key)
230{ 234{
231 return key->group; 235 return key->group;
232} 236}
233 237
234int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group) 238int
239GOST_KEY_set_group(GOST_KEY *key, const EC_GROUP *group)
235{ 240{
236 EC_GROUP_free(key->group); 241 EC_GROUP_free(key->group);
237 key->group = EC_GROUP_dup(group); 242 key->group = EC_GROUP_dup(group);
238 return (key->group == NULL) ? 0 : 1; 243 return (key->group == NULL) ? 0 : 1;
239} 244}
240 245
241const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key) 246const BIGNUM *
247GOST_KEY_get0_private_key(const GOST_KEY *key)
242{ 248{
243 return key->priv_key; 249 return key->priv_key;
244} 250}
245 251
246int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key) 252int
253GOST_KEY_set_private_key(GOST_KEY *key, const BIGNUM *priv_key)
247{ 254{
248 BN_clear_free(key->priv_key); 255 BN_clear_free(key->priv_key);
249 key->priv_key = BN_dup(priv_key); 256 key->priv_key = BN_dup(priv_key);
@@ -251,23 +258,26 @@ int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key)
251} 258}
252 259
253const EC_POINT * 260const EC_POINT *
254GOST_KEY_get0_public_key(const GOST_KEY * key) 261GOST_KEY_get0_public_key(const GOST_KEY *key)
255{ 262{
256 return key->pub_key; 263 return key->pub_key;
257} 264}
258 265
259int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key) 266int
267GOST_KEY_set_public_key(GOST_KEY *key, const EC_POINT *pub_key)
260{ 268{
261 EC_POINT_free(key->pub_key); 269 EC_POINT_free(key->pub_key);
262 key->pub_key = EC_POINT_dup(pub_key, key->group); 270 key->pub_key = EC_POINT_dup(pub_key, key->group);
263 return (key->pub_key == NULL) ? 0 : 1; 271 return (key->pub_key == NULL) ? 0 : 1;
264} 272}
265 273
266int GOST_KEY_get_digest(const GOST_KEY * key) 274int
275GOST_KEY_get_digest(const GOST_KEY *key)
267{ 276{
268 return key->digest_nid; 277 return key->digest_nid;
269} 278}
270int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid) 279int
280GOST_KEY_set_digest(GOST_KEY *key, int digest_nid)
271{ 281{
272 if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet || 282 if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet ||
273 digest_nid == NID_id_tc26_gost3411_2012_256 || 283 digest_nid == NID_id_tc26_gost3411_2012_256 ||
@@ -279,7 +289,8 @@ int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid)
279 return 0; 289 return 0;
280} 290}
281 291
282size_t GOST_KEY_get_size(const GOST_KEY * r) 292size_t
293GOST_KEY_get_size(const GOST_KEY *r)
283{ 294{
284 int i; 295 int i;
285 BIGNUM *order = NULL; 296 BIGNUM *order = NULL;
@@ -294,7 +305,7 @@ size_t GOST_KEY_get_size(const GOST_KEY * r)
294 if ((order = BN_new()) == NULL) 305 if ((order = BN_new()) == NULL)
295 return 0; 306 return 0;
296 307
297 if (!EC_GROUP_get_order(group,order,NULL)) { 308 if (EC_GROUP_get_order(group, order, NULL) == 0) {
298 BN_clear_free(order); 309 BN_clear_free(order);
299 return 0; 310 return 0;
300 } 311 }
diff --git a/src/lib/libcrypto/gost/gostr341001_params.c b/src/lib/libcrypto/gost/gostr341001_params.c
index 1c8276e7b0..d14097df7e 100644
--- a/src/lib/libcrypto/gost/gostr341001_params.c
+++ b/src/lib/libcrypto/gost/gostr341001_params.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_params.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gostr341001_params.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -59,14 +59,16 @@
59 59
60#include "gost_locl.h" 60#include "gost_locl.h"
61 61
62int GostR3410_get_md_digest(int nid) 62int
63GostR3410_get_md_digest(int nid)
63{ 64{
64 if (nid == NID_id_GostR3411_94_CryptoProParamSet) 65 if (nid == NID_id_GostR3411_94_CryptoProParamSet)
65 return NID_id_GostR3411_94; 66 return NID_id_GostR3411_94;
66 return nid; 67 return nid;
67} 68}
68 69
69int GostR3410_get_pk_digest(int nid) 70int
71GostR3410_get_pk_digest(int nid)
70{ 72{
71 switch (nid) { 73 switch (nid) {
72 case NID_id_GostR3411_94_CryptoProParamSet: 74 case NID_id_GostR3411_94_CryptoProParamSet:
@@ -101,22 +103,26 @@ static const GostR3410_params GostR3410_512_params[] = {
101 { NULL, NID_undef }, 103 { NULL, NID_undef },
102}; 104};
103 105
104int GostR3410_256_param_id(const char *value) 106int
107GostR3410_256_param_id(const char *value)
105{ 108{
106 int i; 109 int i;
110
107 for (i = 0; GostR3410_256_params[i].nid != NID_undef; i++) { 111 for (i = 0; GostR3410_256_params[i].nid != NID_undef; i++) {
108 if (!strcasecmp(GostR3410_256_params[i].name, value)) 112 if (strcasecmp(GostR3410_256_params[i].name, value) == 0)
109 return GostR3410_256_params[i].nid; 113 return GostR3410_256_params[i].nid;
110 } 114 }
111 115
112 return NID_undef; 116 return NID_undef;
113} 117}
114 118
115int GostR3410_512_param_id(const char *value) 119int
120GostR3410_512_param_id(const char *value)
116{ 121{
117 int i; 122 int i;
123
118 for (i = 0; GostR3410_512_params[i].nid != NID_undef; i++) { 124 for (i = 0; GostR3410_512_params[i].nid != NID_undef; i++) {
119 if (!strcasecmp(GostR3410_512_params[i].name, value)) 125 if (strcasecmp(GostR3410_512_params[i].name, value) == 0)
120 return GostR3410_512_params[i].nid; 126 return GostR3410_512_params[i].nid;
121 } 127 }
122 128
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
index 77a84a3657..afcf8f973a 100644
--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341001_pmeth.c,v 1.4 2014/11/09 19:28:44 miod Exp $ */ 1/* $OpenBSD: gostr341001_pmeth.c,v 1.5 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -65,7 +65,8 @@
65#include "gost_locl.h" 65#include "gost_locl.h"
66#include "gost_asn1.h" 66#include "gost_asn1.h"
67 67
68static ECDSA_SIG *unpack_signature_cp(const unsigned char *sig, size_t siglen) 68static ECDSA_SIG *
69unpack_signature_cp(const unsigned char *sig, size_t siglen)
69{ 70{
70 ECDSA_SIG *s; 71 ECDSA_SIG *s;
71 72
@@ -79,12 +80,13 @@ static ECDSA_SIG *unpack_signature_cp(const unsigned char *sig, size_t siglen)
79 return s; 80 return s;
80} 81}
81 82
82static int pack_signature_cp(ECDSA_SIG * s, int order, unsigned char *sig, size_t * siglen) 83static int
84pack_signature_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
83{ 85{
84 int r_len = BN_num_bytes(s->r); 86 int r_len = BN_num_bytes(s->r);
85 int s_len = BN_num_bytes(s->s); 87 int s_len = BN_num_bytes(s->s);
86 88
87 if ((r_len > order) || (s_len > order)) 89 if (r_len > order || s_len > order)
88 return 0; 90 return 0;
89 91
90 *siglen = 2 * order; 92 *siglen = 2 * order;
@@ -96,7 +98,8 @@ static int pack_signature_cp(ECDSA_SIG * s, int order, unsigned char *sig, size_
96 return 1; 98 return 1;
97} 99}
98 100
99static ECDSA_SIG *unpack_signature_le(const unsigned char *sig, size_t siglen) 101static ECDSA_SIG *
102unpack_signature_le(const unsigned char *sig, size_t siglen)
100{ 103{
101 ECDSA_SIG *s; 104 ECDSA_SIG *s;
102 105
@@ -110,7 +113,8 @@ static ECDSA_SIG *unpack_signature_le(const unsigned char *sig, size_t siglen)
110 return s; 113 return s;
111} 114}
112 115
113static int pack_signature_le(ECDSA_SIG * s, int order, unsigned char *sig, size_t * siglen) 116static int
117pack_signature_le(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
114{ 118{
115 *siglen = 2 * order; 119 *siglen = 2 * order;
116 memset(sig, 0, *siglen); 120 memset(sig, 0, *siglen);
@@ -259,7 +263,7 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
259 ECDSA_SIG *s = NULL; 263 ECDSA_SIG *s = NULL;
260 BIGNUM *md; 264 BIGNUM *md;
261 265
262 if (!pub_key) 266 if (pub_key == NULL)
263 return 0; 267 return 0;
264 switch (pctx->sig_format) { 268 switch (pctx->sig_format) {
265 case GOST_SIG_FORMAT_SR_BE: 269 case GOST_SIG_FORMAT_SR_BE:
@@ -269,10 +273,10 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
269 s = unpack_signature_le(sig, siglen); 273 s = unpack_signature_le(sig, siglen);
270 break; 274 break;
271 } 275 }
272 if (!s) 276 if (s == NULL)
273 return 0; 277 return 0;
274 md = GOST_le2bn(tbs, tbs_len, NULL); 278 md = GOST_le2bn(tbs, tbs_len, NULL);
275 if (!md) 279 if (md == NULL)
276 goto err; 280 goto err;
277 ok = gost2001_do_verify(md, s, pub_key->pkey.gost); 281 ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
278 282
@@ -341,34 +345,36 @@ int pkey_gost01_decrypt(EVP_PKEY_CTX * pctx, unsigned char *key,
341 EVP_PKEY *eph_key = NULL, *peerkey = NULL; 345 EVP_PKEY *eph_key = NULL, *peerkey = NULL;
342 int nid; 346 int nid;
343 347
344 if (!key) { 348 if (key == NULL) {
345 *key_len = 32; 349 *key_len = 32;
346 return 1; 350 return 1;
347 } 351 }
348 gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); 352 gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
349 if (!gkt) { 353 if (gkt == NULL) {
350 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 354 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
351 GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); 355 GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
352 return -1; 356 return -1;
353 } 357 }
354 358
355 /* If key transport structure contains public key, use it */ 359 /* If key transport structure contains public key, use it */
356 eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); 360 eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
357 if (eph_key) { 361 if (eph_key != NULL) {
358 if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { 362 if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
359 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, 363 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
360 GOST_R_INCOMPATIBLE_PEER_KEY); 364 GOST_R_INCOMPATIBLE_PEER_KEY);
361 goto err; 365 goto err;
362 } 366 }
363 } else { 367 } else {
364 /* Set control "public key from client certificate used" */ 368 /* Set control "public key from client certificate used" */
365 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= 0) { 369 if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
366 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, GOST_R_CTRL_CALL_FAILED); 370 NULL) <= 0) {
371 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
372 GOST_R_CTRL_CALL_FAILED);
367 goto err; 373 goto err;
368 } 374 }
369 } 375 }
370 peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); 376 peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
371 if (!peerkey) { 377 if (peerkey == NULL) {
372 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, GOST_R_NO_PEER_KEY); 378 GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, GOST_R_NO_PEER_KEY);
373 goto err; 379 goto err;
374 } 380 }
@@ -408,7 +414,7 @@ int pkey_gost01_derive(EVP_PKEY_CTX * ctx, unsigned char *key,
408 EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); 414 EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
409 struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); 415 struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
410 416
411 if (!data->shared_ukm) { 417 if (data->shared_ukm == NULL) {
412 GOSTerr(GOST_F_PKEY_GOST01_DERIVE, GOST_R_UKM_NOT_SET); 418 GOSTerr(GOST_F_PKEY_GOST01_DERIVE, GOST_R_UKM_NOT_SET);
413 return 0; 419 return 0;
414 } 420 }
@@ -573,17 +579,17 @@ static int pkey_gost01_ctrl(EVP_PKEY_CTX * ctx, int type, int p1, void *p2)
573 } 579 }
574} 580}
575 581
576static int pkey_gost01_ctrl_str(EVP_PKEY_CTX * ctx, 582static int
577 const char *type, const char *value) 583pkey_gost01_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
578{ 584{
579 int param_nid = NID_undef; 585 int param_nid = NID_undef;
580 int digest_nid = NID_undef; 586 int digest_nid = NID_undef;
581 587
582 if (!strcmp(type, "paramset")) { 588 if (strcmp(type, "paramset") == 0) {
583 if (!value) { 589 if (value == NULL)
584 return 0; 590 return 0;
585 } 591 if (pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_GET_DIGEST, 0,
586 if (!pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_GET_DIGEST, 0, &digest_nid)) 592 &digest_nid) == 0)
587 return 0; 593 return 0;
588 if (digest_nid == NID_id_tc26_gost3411_2012_512) 594 if (digest_nid == NID_id_tc26_gost3411_2012_512)
589 param_nid = GostR3410_512_param_id(value); 595 param_nid = GostR3410_512_param_id(value);
@@ -595,23 +601,24 @@ static int pkey_gost01_ctrl_str(EVP_PKEY_CTX * ctx,
595 return 0; 601 return 0;
596 602
597 return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, 603 return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
598 param_nid, NULL); 604 param_nid, NULL);
599 } 605 }
600 if (!strcmp(type, "dgst")) { 606 if (strcmp(type, "dgst") == 0) {
601 if (!value) 607 if (value == NULL)
602 return 0; 608 return 0;
603 else if (!strcmp(value, "gost94") || !strcmp(value, "md_gost94")) 609 else if (strcmp(value, "gost94") == 0 ||
610 strcmp(value, "md_gost94") == 0)
604 digest_nid = NID_id_GostR3411_94_CryptoProParamSet; 611 digest_nid = NID_id_GostR3411_94_CryptoProParamSet;
605 else if (!strcmp(value, "streebog256")) 612 else if (strcmp(value, "streebog256") == 0)
606 digest_nid = NID_id_tc26_gost3411_2012_256; 613 digest_nid = NID_id_tc26_gost3411_2012_256;
607 else if (!strcmp(value, "streebog512")) 614 else if (strcmp(value, "streebog512") == 0)
608 digest_nid = NID_id_tc26_gost3411_2012_512; 615 digest_nid = NID_id_tc26_gost3411_2012_512;
609 616
610 if (digest_nid == NID_undef) 617 if (digest_nid == NID_undef)
611 return 0; 618 return 0;
612 619
613 return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_SET_DIGEST, 620 return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_SET_DIGEST,
614 digest_nid, NULL); 621 digest_nid, NULL);
615 } 622 }
616 return -2; 623 return -2;
617} 624}
diff --git a/src/lib/libcrypto/gost/gostr341194.c b/src/lib/libcrypto/gost/gostr341194.c
index 706bf3d431..3151d9fe12 100644
--- a/src/lib/libcrypto/gost/gostr341194.c
+++ b/src/lib/libcrypto/gost/gostr341194.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gostr341194.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: gostr341194.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -62,17 +62,19 @@
62 62
63/* Following functions are various bit meshing routines used in 63/* Following functions are various bit meshing routines used in
64 * GOST R 34.11-94 algorithms */ 64 * GOST R 34.11-94 algorithms */
65static void swap_bytes(unsigned char *w, unsigned char *k) 65static void
66swap_bytes(unsigned char *w, unsigned char *k)
66{ 67{
67 int i, j; 68 int i, j;
69
68 for (i = 0; i < 4; i++) 70 for (i = 0; i < 4; i++)
69 for (j = 0; j < 8; j++) 71 for (j = 0; j < 8; j++)
70 k[i + 4 * j] = w[8 * i + j]; 72 k[i + 4 * j] = w[8 * i + j];
71
72} 73}
73 74
74/* was A_A */ 75/* was A_A */
75static void circle_xor8(const unsigned char *w, unsigned char *k) 76static void
77circle_xor8(const unsigned char *w, unsigned char *k)
76{ 78{
77 unsigned char buf[8]; 79 unsigned char buf[8];
78 int i; 80 int i;
@@ -84,9 +86,11 @@ static void circle_xor8(const unsigned char *w, unsigned char *k)
84} 86}
85 87
86/* was R_R */ 88/* was R_R */
87static void transform_3(unsigned char *data) 89static void
90transform_3(unsigned char *data)
88{ 91{
89 unsigned short int acc; 92 unsigned short int acc;
93
90 acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) | 94 acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) |
91 ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8); 95 ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8);
92 memmove(data, data + 2, 30); 96 memmove(data, data + 2, 30);
@@ -95,7 +99,8 @@ static void transform_3(unsigned char *data)
95} 99}
96 100
97/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/ 101/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
98static int add_blocks(int n, unsigned char *left, const unsigned char *right) 102static int
103add_blocks(int n, unsigned char *left, const unsigned char *right)
99{ 104{
100 int i; 105 int i;
101 int carry = 0; 106 int carry = 0;
@@ -110,10 +115,12 @@ static int add_blocks(int n, unsigned char *left, const unsigned char *right)
110} 115}
111 116
112/* Xor two sequences of bytes */ 117/* Xor two sequences of bytes */
113static void xor_blocks(unsigned char *result, const unsigned char *a, 118static void
114 const unsigned char *b, size_t len) 119xor_blocks(unsigned char *result, const unsigned char *a,
120 const unsigned char *b, size_t len)
115{ 121{
116 size_t i; 122 size_t i;
123
117 for (i = 0; i < len; i++) 124 for (i = 0; i < len; i++)
118 result[i] = a[i] ^ b[i]; 125 result[i] = a[i] ^ b[i];
119} 126}
@@ -122,7 +129,8 @@ static void xor_blocks(unsigned char *result, const unsigned char *a,
122 * Calculate H(i+1) = Hash(Hi,Mi) 129 * Calculate H(i+1) = Hash(Hi,Mi)
123 * Where H and M are 32 bytes long 130 * Where H and M are 32 bytes long
124 */ 131 */
125static int hash_step(GOSTR341194_CTX *c, unsigned char *H, const unsigned char *M) 132static int
133hash_step(GOSTR341194_CTX *c, unsigned char *H, const unsigned char *M)
126{ 134{
127 unsigned char U[32], W[32], V[32], S[32], Key[32]; 135 unsigned char U[32], W[32], V[32], S[32], Key[32];
128 int i; 136 int i;
@@ -191,15 +199,18 @@ static int hash_step(GOSTR341194_CTX *c, unsigned char *H, const unsigned char *
191 return 1; 199 return 1;
192} 200}
193 201
194int GOSTR341194_Init(GOSTR341194_CTX *c, int nid) 202int
203GOSTR341194_Init(GOSTR341194_CTX *c, int nid)
195{ 204{
196 memset (c,0,sizeof(*c)); 205 memset(c, 0, sizeof(*c));
197 return Gost2814789_set_sbox(&c->cipher, nid); 206 return Gost2814789_set_sbox(&c->cipher, nid);
198} 207}
199 208
200static void GOSTR341194_block_data_order(GOSTR341194_CTX *ctx, const void *p, size_t num) 209static void
210GOSTR341194_block_data_order(GOSTR341194_CTX *ctx, const void *p, size_t num)
201{ 211{
202 int i; 212 int i;
213
203 for (i = 0; i < num; i++) { 214 for (i = 0; i < num; i++) {
204 hash_step(ctx, ctx->H, p); 215 hash_step(ctx, ctx->H, p);
205 add_blocks(32, ctx->S, p); 216 add_blocks(32, ctx->S, p);
@@ -219,7 +230,8 @@ static void GOSTR341194_block_data_order(GOSTR341194_CTX *ctx, const void *p, si
219 230
220#include "md32_common.h" 231#include "md32_common.h"
221 232
222int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX * c) 233int
234GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX * c)
223{ 235{
224 unsigned char *p = (unsigned char *)c->data; 236 unsigned char *p = (unsigned char *)c->data;
225 unsigned char T[32]; 237 unsigned char T[32];
@@ -233,7 +245,7 @@ int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX * c)
233 p = T; 245 p = T;
234 HOST_l2c(c->Nl, p); 246 HOST_l2c(c->Nl, p);
235 HOST_l2c(c->Nh, p); 247 HOST_l2c(c->Nh, p);
236 memset(p, 0, 32-8); 248 memset(p, 0, 32 - 8);
237 hash_step(c, c->H, T); 249 hash_step(c, c->H, T);
238 hash_step(c, c->H, c->S); 250 hash_step(c, c->H, c->S);
239 251
@@ -242,7 +254,8 @@ int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX * c)
242 return 1; 254 return 1;
243} 255}
244 256
245unsigned char *GOSTR341194(const unsigned char *d, size_t n, unsigned char *md, int nid) 257unsigned char *
258GOSTR341194(const unsigned char *d, size_t n, unsigned char *md, int nid)
246{ 259{
247 GOSTR341194_CTX c; 260 GOSTR341194_CTX c;
248 static unsigned char m[GOSTR341194_LENGTH]; 261 static unsigned char m[GOSTR341194_LENGTH];
diff --git a/src/lib/libcrypto/gost/streebog.c b/src/lib/libcrypto/gost/streebog.c
index c621c41daa..0a49fca5d9 100644
--- a/src/lib/libcrypto/gost/streebog.c
+++ b/src/lib/libcrypto/gost/streebog.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: streebog.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ 1/* $OpenBSD: streebog.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -1166,7 +1166,9 @@ static const STREEBOG_LONG64 C16[12][8] =
1166#define PULL64(x) (B(x,0,0)|B(x,1,1)|B(x,2,2)|B(x,3,3)|B(x,4,4)|B(x,5,5)|B(x,6,6)|B(x,7,7)) 1166#define PULL64(x) (B(x,0,0)|B(x,1,1)|B(x,2,2)|B(x,3,3)|B(x,4,4)|B(x,5,5)|B(x,6,6)|B(x,7,7))
1167#define SWAB64(x) (B(x,0,7)|B(x,1,6)|B(x,2,5)|B(x,3,4)|B(x,4,3)|B(x,5,2)|B(x,6,1)|B(x,7,0)) 1167#define SWAB64(x) (B(x,0,7)|B(x,1,6)|B(x,2,5)|B(x,3,4)|B(x,4,3)|B(x,5,2)|B(x,6,1)|B(x,7,0))
1168 1168
1169static inline STREEBOG_LONG64 multipermute(const STREEBOG_LONG64 *in, int i) { 1169static inline STREEBOG_LONG64
1170multipermute(const STREEBOG_LONG64 *in, int i)
1171{
1170 STREEBOG_LONG64 t = 0; 1172 STREEBOG_LONG64 t = 0;
1171 1173
1172 t ^= A_PI_table[0][(in[0] >> (i * 8)) & 0xff]; 1174 t ^= A_PI_table[0][(in[0] >> (i * 8)) & 0xff];
@@ -1181,30 +1183,33 @@ static inline STREEBOG_LONG64 multipermute(const STREEBOG_LONG64 *in, int i) {
1181 return t; 1183 return t;
1182} 1184}
1183 1185
1184static void transform(STREEBOG_LONG64 *out, const STREEBOG_LONG64 *a, const STREEBOG_LONG64 *b) 1186static void
1187transform(STREEBOG_LONG64 *out, const STREEBOG_LONG64 *a,
1188 const STREEBOG_LONG64 *b)
1185{ 1189{
1186 STREEBOG_LONG64 tmp[8]; 1190 STREEBOG_LONG64 tmp[8];
1187 1191
1188 tmp[0] = a[0] ^ b[0]; 1192 tmp[0] = a[0] ^ b[0];
1189 tmp[1] = a[1] ^ b[1]; 1193 tmp[1] = a[1] ^ b[1];
1190 tmp[2] = a[2] ^ b[2]; 1194 tmp[2] = a[2] ^ b[2];
1191 tmp[3] = a[3] ^ b[3]; 1195 tmp[3] = a[3] ^ b[3];
1192 tmp[4] = a[4] ^ b[4]; 1196 tmp[4] = a[4] ^ b[4];
1193 tmp[5] = a[5] ^ b[5]; 1197 tmp[5] = a[5] ^ b[5];
1194 tmp[6] = a[6] ^ b[6]; 1198 tmp[6] = a[6] ^ b[6];
1195 tmp[7] = a[7] ^ b[7]; 1199 tmp[7] = a[7] ^ b[7];
1196 1200
1197 out[0] = multipermute(tmp, 0); 1201 out[0] = multipermute(tmp, 0);
1198 out[1] = multipermute(tmp, 1); 1202 out[1] = multipermute(tmp, 1);
1199 out[2] = multipermute(tmp, 2); 1203 out[2] = multipermute(tmp, 2);
1200 out[3] = multipermute(tmp, 3); 1204 out[3] = multipermute(tmp, 3);
1201 out[4] = multipermute(tmp, 4); 1205 out[4] = multipermute(tmp, 4);
1202 out[5] = multipermute(tmp, 5); 1206 out[5] = multipermute(tmp, 5);
1203 out[6] = multipermute(tmp, 6); 1207 out[6] = multipermute(tmp, 6);
1204 out[7] = multipermute(tmp, 7); 1208 out[7] = multipermute(tmp, 7);
1205} 1209}
1206 1210
1207static inline void gN(STREEBOG_LONG64 *h, STREEBOG_LONG64 *m, STREEBOG_LONG64 *N) 1211static inline void
1212gN(STREEBOG_LONG64 *h, STREEBOG_LONG64 *m, STREEBOG_LONG64 *N)
1208{ 1213{
1209 STREEBOG_LONG64 K[8]; 1214 STREEBOG_LONG64 K[8];
1210 STREEBOG_LONG64 T[8]; 1215 STREEBOG_LONG64 T[8];
@@ -1230,7 +1235,8 @@ static inline void gN(STREEBOG_LONG64 *h, STREEBOG_LONG64 *m, STREEBOG_LONG64 *N
1230} 1235}
1231 1236
1232 1237
1233static void streebog_single_block(STREEBOG_CTX * ctx, const unsigned char *in, size_t num) 1238static void
1239streebog_single_block(STREEBOG_CTX *ctx, const unsigned char *in, size_t num)
1234{ 1240{
1235 STREEBOG_LONG64 M[8], l; 1241 STREEBOG_LONG64 M[8], l;
1236 int i; 1242 int i;
@@ -1261,14 +1267,17 @@ static void streebog_single_block(STREEBOG_CTX * ctx, const unsigned char *in, s
1261 1267
1262 1268
1263 1269
1264static void streebog_block_data_order(STREEBOG_CTX * ctx, const void *in, size_t num) 1270static void
1271streebog_block_data_order(STREEBOG_CTX *ctx, const void *in, size_t num)
1265{ 1272{
1266 int i; 1273 int i;
1274
1267 for (i = 0; i < num; i++) 1275 for (i = 0; i < num; i++)
1268 streebog_single_block(ctx, in + i * STREEBOG_CBLOCK, 64 * 8); 1276 streebog_single_block(ctx, in + i * STREEBOG_CBLOCK, 64 * 8);
1269} 1277}
1270 1278
1271int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX * c) 1279int
1280STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c)
1272{ 1281{
1273 int n; 1282 int n;
1274 unsigned char *p = (unsigned char *)c->data; 1283 unsigned char *p = (unsigned char *)c->data;
@@ -1281,7 +1290,7 @@ int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX * c)
1281 1290
1282 n = c->num; 1291 n = c->num;
1283 p[n++] = 1; 1292 p[n++] = 1;
1284 memset(p+n, 0, STREEBOG_CBLOCK - n); 1293 memset(p + n, 0, STREEBOG_CBLOCK - n);
1285 1294
1286 streebog_single_block(c, p, c->num * 8); 1295 streebog_single_block(c, p, c->num * 8);
1287 1296
@@ -1291,7 +1300,7 @@ int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX * c)
1291 for (n = 0; n < STREEBOG_LBLOCK; n++) 1300 for (n = 0; n < STREEBOG_LBLOCK; n++)
1292 c->h[n] = SWAB64(c->h[n]); 1301 c->h[n] = SWAB64(c->h[n]);
1293 1302
1294 if (md == 0) 1303 if (md == NULL)
1295 return 0; 1304 return 0;
1296 1305
1297 switch (c->md_len) { 1306 switch (c->md_len) {
@@ -1332,12 +1341,14 @@ int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX * c)
1332 return 1; 1341 return 1;
1333} 1342}
1334 1343
1335int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX * c) 1344int
1345STREEBOG256_Final(unsigned char *md, STREEBOG_CTX * c)
1336{ 1346{
1337 return STREEBOG512_Final(md, c); 1347 return STREEBOG512_Final(md, c);
1338} 1348}
1339 1349
1340int STREEBOG512_Update(STREEBOG_CTX * c, const void *_data, size_t len) 1350int
1351STREEBOG512_Update(STREEBOG_CTX *c, const void *_data, size_t len)
1341{ 1352{
1342 unsigned char *p = (unsigned char *)c->data; 1353 unsigned char *p = (unsigned char *)c->data;
1343 const unsigned char *data = (const unsigned char *)_data; 1354 const unsigned char *data = (const unsigned char *)_data;
@@ -1376,17 +1387,20 @@ int STREEBOG512_Update(STREEBOG_CTX * c, const void *_data, size_t len)
1376 return 1; 1387 return 1;
1377} 1388}
1378 1389
1379int STREEBOG256_Update(STREEBOG_CTX * c, const void *data, size_t len) 1390int
1391STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len)
1380{ 1392{
1381 return STREEBOG512_Update(c, data, len); 1393 return STREEBOG512_Update(c, data, len);
1382} 1394}
1383 1395
1384void STREEBOG512_Transform(STREEBOG_CTX * c, const unsigned char *data) 1396void
1397STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data)
1385{ 1398{
1386 streebog_block_data_order(c, data, 1); 1399 streebog_block_data_order(c, data, 1);
1387} 1400}
1388 1401
1389int STREEBOG256_Init(STREEBOG_CTX * c) 1402int
1403STREEBOG256_Init(STREEBOG_CTX *c)
1390{ 1404{
1391 memset(c, 0, sizeof(*c)); 1405 memset(c, 0, sizeof(*c));
1392 memset(c->h, 1, sizeof(c->h)); 1406 memset(c->h, 1, sizeof(c->h));
@@ -1395,7 +1409,8 @@ int STREEBOG256_Init(STREEBOG_CTX * c)
1395 return 1; 1409 return 1;
1396} 1410}
1397 1411
1398int STREEBOG512_Init(STREEBOG_CTX * c) 1412int
1413STREEBOG512_Init(STREEBOG_CTX *c)
1399{ 1414{
1400 memset(c, 0, sizeof(*c)); 1415 memset(c, 0, sizeof(*c));
1401 memset(c->h, 0, sizeof(c->h)); 1416 memset(c->h, 0, sizeof(c->h));
@@ -1405,7 +1420,8 @@ int STREEBOG512_Init(STREEBOG_CTX * c)
1405 return 1; 1420 return 1;
1406} 1421}
1407 1422
1408unsigned char *STREEBOG256(const unsigned char *d, size_t n, unsigned char *md) 1423unsigned char *
1424STREEBOG256(const unsigned char *d, size_t n, unsigned char *md)
1409{ 1425{
1410 STREEBOG_CTX c; 1426 STREEBOG_CTX c;
1411 static unsigned char m[STREEBOG256_LENGTH]; 1427 static unsigned char m[STREEBOG256_LENGTH];
@@ -1419,7 +1435,8 @@ unsigned char *STREEBOG256(const unsigned char *d, size_t n, unsigned char *md)
1419 return (md); 1435 return (md);
1420} 1436}
1421 1437
1422unsigned char *STREEBOG512(const unsigned char *d, size_t n, unsigned char *md) 1438unsigned char *
1439STREEBOG512(const unsigned char *d, size_t n, unsigned char *md)
1423{ 1440{
1424 STREEBOG_CTX c; 1441 STREEBOG_CTX c;
1425 static unsigned char m[STREEBOG512_LENGTH]; 1442 static unsigned char m[STREEBOG512_LENGTH];
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-28 09:18:00 +0000