release/src/router/openssl/engines/ccgost/gost_lcl.h

   1 #ifndef GOST_TOOLS_H
   2 # define GOST_TOOLS_H
   3 /**********************************************************************
   4  *                        gost_lcl.h                                  *
   5  *             Copyright (c) 2006 Cryptocom LTD                       *
   6  *       This file is distributed under the same license as OpenSSL   *
   7  *                                                                    *
   8  *         Internal declarations  used in GOST engine                *
   9  *         OpenSSL 0.9.9 libraries required to compile and use        *
  10  *                              this code                             *
  11  **********************************************************************/
  12 # include <openssl/bn.h>
  13 # include <openssl/evp.h>
  14 # include <openssl/dsa.h>
  15 # include <openssl/asn1t.h>
  16 # include <openssl/x509.h>
  17 # include <openssl/engine.h>
  18 # include <openssl/ec.h>
  19 # include "gost89.h"
  20 # include "gosthash.h"
  21 /* Control commands */
  22 # define GOST_PARAM_CRYPT_PARAMS 0
  23 # define GOST_PARAM_MAX 0
  24 # define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
  25
  26 extern const ENGINE_CMD_DEFN gost_cmds[];
  27 int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
  28 const char *get_gost_engine_param(int param);
  29 int gost_set_default_param(int param, const char *value);
  30 void gost_param_free(void);
  31
  32 /* method registration */
  33
  34 int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
  35                         const char *pemstr, const char *info);
  36 int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);
  37
  38 /* Gost-specific pmeth control-function parameters */
  39 /* For GOST R34.10 parameters */
  40 # define param_ctrl_string "paramset"
  41 # define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
  42 /* For GOST 28147 MAC */
  43 # define key_ctrl_string "key"
  44 # define hexkey_ctrl_string "hexkey"
  45 # define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
  46 /* Pmeth internal representation */
  47 struct gost_pmeth_data {
  48     int sign_param_nid;         /* Should be set whenever parameters are
  49                                  * filled */
  50     EVP_MD *md;
  51     unsigned char *shared_ukm;
  52     int peer_key_used;
  53 };
  54
  55 struct gost_mac_pmeth_data {
  56     int key_set;
  57     EVP_MD *md;
  58     unsigned char key[32];
  59 };
  60 /* GOST-specific ASN1 structures */
  61
  62 typedef struct {
  63     ASN1_OCTET_STRING *encrypted_key;
  64     ASN1_OCTET_STRING *imit;
  65 } GOST_KEY_INFO;
  66
  67 DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
  68
  69 typedef struct {
  70     ASN1_OBJECT *cipher;
  71     X509_PUBKEY *ephem_key;
  72     ASN1_OCTET_STRING *eph_iv;
  73 } GOST_KEY_AGREEMENT_INFO;
  74
  75 DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
  76
  77 typedef struct {
  78     GOST_KEY_INFO *key_info;
  79     GOST_KEY_AGREEMENT_INFO *key_agreement_info;
  80 } GOST_KEY_TRANSPORT;
  81
  82 DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
  83
  84 typedef struct {                /* FIXME incomplete */
  85     GOST_KEY_TRANSPORT *gkt;
  86 } GOST_CLIENT_KEY_EXCHANGE_PARAMS;
  87
  88 /*
  89  * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
  90  * what's done in symhacks.h, but since this is a very local header file, I
  91  * prefered to put this hack directly here. -- Richard Levitte
  92  */
  93 # ifdef OPENSSL_SYS_VMS
  94 #  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
  95 #  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it      GOST_CLIENT_KEY_EXC_PARAMS_it
  96 #  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
  97 #  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new     GOST_CLIENT_KEY_EXC_PARAMS_new
  98 #  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
  99 #  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free    GOST_CLIENT_KEY_EXC_PARAMS_free
 100 #  undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
 101 #  define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS     d2i_GOST_CLIENT_KEY_EXC_PARAMS
 102 #  undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
 103 #  define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS     i2d_GOST_CLIENT_KEY_EXC_PARAMS
 104 # endif                         /* End of hack */
 105 DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
 106 typedef struct {
 107     ASN1_OBJECT *key_params;
 108     ASN1_OBJECT *hash_params;
 109     ASN1_OBJECT *cipher_params;
 110 } GOST_KEY_PARAMS;
 111
 112 DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
 113
 114 typedef struct {
 115     ASN1_OCTET_STRING *iv;
 116     ASN1_OBJECT *enc_param_set;
 117 } GOST_CIPHER_PARAMS;
 118
 119 DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
 120 /*============== Message digest  and cipher related structures  ==========*/
 121          /*
 122           * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
 123           * in the md-data pointers to dynamically allocated memory. I
 124           * cannot invent better way to avoid memory leaks, because openssl
 125           * insist on invoking Init on Final-ed digests, and there is no
 126           * reliable way to find out whether pointer in the passed md_data is
 127           * valid or not.
 128           */
 129 struct ossl_gost_digest_ctx {
 130     gost_hash_ctx dctx;
 131     gost_ctx cctx;
 132 };
 133 /* EVP_MD structure for GOST R 34.11 */
 134 extern EVP_MD digest_gost;
 135 /* EVP_MD structure for GOST 28147 in MAC mode */
 136 extern EVP_MD imit_gost_cpa;
 137 /* Cipher context used for EVP_CIPHER operation */
 138 struct ossl_gost_cipher_ctx {
 139     int paramNID;
 140     unsigned int count;
 141     int key_meshing;
 142     gost_ctx cctx;
 143 };
 144 /* Structure to map parameter NID to S-block */
 145 struct gost_cipher_info {
 146     int nid;
 147     gost_subst_block *sblock;
 148     int key_meshing;
 149 };
 150 /* Context for MAC */
 151 struct ossl_gost_imit_ctx {
 152     gost_ctx cctx;
 153     unsigned char buffer[8];
 154     unsigned char partial_block[8];
 155     unsigned int count;
 156     int key_meshing;
 157     int bytes_left;
 158     int key_set;
 159 };
 160 /* Table which maps parameter NID to S-blocks */
 161 extern struct gost_cipher_info gost_cipher_list[];
 162 /* Find encryption params from ASN1_OBJECT */
 163 const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
 164 /* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
 165 extern EVP_CIPHER cipher_gost;
 166 extern EVP_CIPHER cipher_gost_cpacnt;
 167 # define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
 168 # define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
 169 /* EVP_PKEY_METHOD key encryption callbacks */
 170 /* From gost94_keyx.c */
 171 int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
 172                           size_t *outlen, const unsigned char *key,
 173                           size_t key_len);
 174
 175 int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
 176                           size_t *outlen, const unsigned char *in,
 177                           size_t in_len);
 178 /* From gost2001_keyx.c */
 179 int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
 180                           size_t *outlen, const unsigned char *key,
 181                           size_t key_len);
 182
 183 int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
 184                           size_t *outlen, const unsigned char *in,
 185                           size_t in_len);
 186 /* derive functions */
 187 /* From gost2001_keyx.c */
 188 int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
 189                          size_t *keylen);
 190 /* From gost94_keyx.c */
 191 int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
 192 /* Internal functions for signature algorithms */
 193 int fill_GOST94_params(DSA *dsa, int nid);
 194 int fill_GOST2001_params(EC_KEY *eckey, int nid);
 195 int gost_sign_keygen(DSA *dsa);
 196 int gost2001_keygen(EC_KEY *ec);
 197
 198 DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 199 DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);
 200
 201 int gost_do_verify(const unsigned char *dgst, int dgst_len,
 202                    DSA_SIG *sig, DSA *dsa);
 203 int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
 204                        DSA_SIG *sig, EC_KEY *ec);
 205 int gost2001_compute_public(EC_KEY *ec);
 206 int gost94_compute_public(DSA *dsa);
 207 /*============== miscellaneous functions============================= */
 208 /* from gost_sign.c */
 209 /* Convert GOST R 34.11 hash sum to bignum according to standard */
 210 BIGNUM *hashsum2bn(const unsigned char *dgst);
 211 /*
 212  * Store bignum in byte array of given length, prepending by zeros if
 213  * nesseccary
 214  */
 215 int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
 216 /* Read bignum, which can have few MSB all-zeros    from buffer*/
 217 BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
 218 /* Pack GOST R 34.10 signature according to CryptoPro rules */
 219 int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
 220 /* Unpack GOST R 34.10 signature according to CryptoPro rules */
 221 DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen);
 222 /* from ameth.c */
 223 /* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001  keys*/
 224 /* Returns pointer into EVP_PKEY structure */
 225 BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey);
 226 /* Find NID by GOST 94 parameters */
 227 int gost94_nid_by_params(DSA *p);
 228
 229 #endif