1238384Sjkim#ifndef GOST_TOOLS_H 2280304Sjkim# define GOST_TOOLS_H 3238384Sjkim/********************************************************************** 4238384Sjkim * gost_lcl.h * 5238384Sjkim * Copyright (c) 2006 Cryptocom LTD * 6238384Sjkim * This file is distributed under the same license as OpenSSL * 7238384Sjkim * * 8238384Sjkim * Internal declarations used in GOST engine * 9238384Sjkim * OpenSSL 0.9.9 libraries required to compile and use * 10238384Sjkim * this code * 11280304Sjkim **********************************************************************/ 12280304Sjkim# include <openssl/bn.h> 13280304Sjkim# include <openssl/evp.h> 14280304Sjkim# include <openssl/dsa.h> 15280304Sjkim# include <openssl/asn1t.h> 16280304Sjkim# include <openssl/x509.h> 17280304Sjkim# include <openssl/engine.h> 18280304Sjkim# include <openssl/ec.h> 19280304Sjkim# include "gost89.h" 20280304Sjkim# include "gosthash.h" 21238384Sjkim/* Control commands */ 22280304Sjkim# define GOST_PARAM_CRYPT_PARAMS 0 23280304Sjkim# define GOST_PARAM_MAX 0 24280304Sjkim# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS) 25238384Sjkim 26280304Sjkimextern const ENGINE_CMD_DEFN gost_cmds[]; 27280304Sjkimint gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); 28280304Sjkimconst char *get_gost_engine_param(int param); 29280304Sjkimint gost_set_default_param(int param, const char *value); 30280304Sjkimvoid gost_param_free(void); 31238384Sjkim 32238384Sjkim/* method registration */ 33238384Sjkim 34280304Sjkimint register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, 35280304Sjkim const char *pemstr, const char *info); 36280304Sjkimint register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags); 37238384Sjkim 38238384Sjkim/* Gost-specific pmeth control-function parameters */ 39238384Sjkim/* For GOST R34.10 parameters */ 40280304Sjkim# define param_ctrl_string "paramset" 41280304Sjkim# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) 42238384Sjkim/* For GOST 28147 MAC */ 43280304Sjkim# define key_ctrl_string "key" 44280304Sjkim# define hexkey_ctrl_string "hexkey" 45280304Sjkim# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) 46238384Sjkim/* Pmeth internal representation */ 47280304Sjkimstruct gost_pmeth_data { 48280304Sjkim int sign_param_nid; /* Should be set whenever parameters are 49280304Sjkim * filled */ 50280304Sjkim EVP_MD *md; 51280304Sjkim unsigned char *shared_ukm; 52280304Sjkim int peer_key_used; 53280304Sjkim}; 54238384Sjkim 55280304Sjkimstruct gost_mac_pmeth_data { 56280304Sjkim int key_set; 57280304Sjkim EVP_MD *md; 58280304Sjkim unsigned char key[32]; 59280304Sjkim}; 60238384Sjkim/* GOST-specific ASN1 structures */ 61238384Sjkim 62238384Sjkimtypedef struct { 63280304Sjkim ASN1_OCTET_STRING *encrypted_key; 64280304Sjkim ASN1_OCTET_STRING *imit; 65238384Sjkim} GOST_KEY_INFO; 66238384Sjkim 67238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO) 68238384Sjkim 69238384Sjkimtypedef struct { 70280304Sjkim ASN1_OBJECT *cipher; 71280304Sjkim X509_PUBKEY *ephem_key; 72280304Sjkim ASN1_OCTET_STRING *eph_iv; 73238384Sjkim} GOST_KEY_AGREEMENT_INFO; 74238384Sjkim 75238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) 76280304Sjkim 77238384Sjkimtypedef struct { 78280304Sjkim GOST_KEY_INFO *key_info; 79280304Sjkim GOST_KEY_AGREEMENT_INFO *key_agreement_info; 80238384Sjkim} GOST_KEY_TRANSPORT; 81238384Sjkim 82238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) 83238384Sjkim 84280304Sjkimtypedef struct { /* FIXME incomplete */ 85280304Sjkim GOST_KEY_TRANSPORT *gkt; 86238384Sjkim} GOST_CLIENT_KEY_EXCHANGE_PARAMS; 87238384Sjkim 88280304Sjkim/* 89280304Sjkim * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics 90280304Sjkim * what's done in symhacks.h, but since this is a very local header file, I 91280304Sjkim * prefered to put this hack directly here. -- Richard Levitte 92280304Sjkim */ 93280304Sjkim# ifdef OPENSSL_SYS_VMS 94280304Sjkim# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it 95280304Sjkim# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it 96280304Sjkim# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new 97280304Sjkim# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new 98280304Sjkim# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free 99280304Sjkim# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free 100280304Sjkim# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS 101280304Sjkim# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS 102280304Sjkim# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS 103280304Sjkim# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS 104280304Sjkim# endif /* End of hack */ 105238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) 106238384Sjkimtypedef struct { 107280304Sjkim ASN1_OBJECT *key_params; 108280304Sjkim ASN1_OBJECT *hash_params; 109280304Sjkim ASN1_OBJECT *cipher_params; 110238384Sjkim} GOST_KEY_PARAMS; 111238384Sjkim 112238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS) 113238384Sjkim 114238384Sjkimtypedef struct { 115280304Sjkim ASN1_OCTET_STRING *iv; 116280304Sjkim ASN1_OBJECT *enc_param_set; 117280304Sjkim} GOST_CIPHER_PARAMS; 118238384Sjkim 119238384SjkimDECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) 120238384Sjkim/*============== Message digest and cipher related structures ==========*/ 121280304Sjkim /* 122280304Sjkim * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing 123280304Sjkim * in the md-data pointers to dynamically allocated memory. I 124280304Sjkim * cannot invent better way to avoid memory leaks, because openssl 125280304Sjkim * insist on invoking Init on Final-ed digests, and there is no 126280304Sjkim * reliable way to find out whether pointer in the passed md_data is 127280304Sjkim * valid or not. 128280304Sjkim */ 129238384Sjkimstruct ossl_gost_digest_ctx { 130280304Sjkim gost_hash_ctx dctx; 131280304Sjkim gost_ctx cctx; 132280304Sjkim}; 133238384Sjkim/* EVP_MD structure for GOST R 34.11 */ 134238384Sjkimextern EVP_MD digest_gost; 135238384Sjkim/* EVP_MD structure for GOST 28147 in MAC mode */ 136238384Sjkimextern EVP_MD imit_gost_cpa; 137238384Sjkim/* Cipher context used for EVP_CIPHER operation */ 138238384Sjkimstruct ossl_gost_cipher_ctx { 139280304Sjkim int paramNID; 140280304Sjkim unsigned int count; 141280304Sjkim int key_meshing; 142280304Sjkim gost_ctx cctx; 143280304Sjkim}; 144238384Sjkim/* Structure to map parameter NID to S-block */ 145238384Sjkimstruct gost_cipher_info { 146280304Sjkim int nid; 147280304Sjkim gost_subst_block *sblock; 148280304Sjkim int key_meshing; 149238384Sjkim}; 150238384Sjkim/* Context for MAC */ 151238384Sjkimstruct ossl_gost_imit_ctx { 152280304Sjkim gost_ctx cctx; 153280304Sjkim unsigned char buffer[8]; 154280304Sjkim unsigned char partial_block[8]; 155280304Sjkim unsigned int count; 156280304Sjkim int key_meshing; 157280304Sjkim int bytes_left; 158280304Sjkim int key_set; 159280304Sjkim}; 160238384Sjkim/* Table which maps parameter NID to S-blocks */ 161238384Sjkimextern struct gost_cipher_info gost_cipher_list[]; 162238384Sjkim/* Find encryption params from ASN1_OBJECT */ 163238384Sjkimconst struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj); 164238384Sjkim/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */ 165238384Sjkimextern EVP_CIPHER cipher_gost; 166238384Sjkimextern EVP_CIPHER cipher_gost_cpacnt; 167280304Sjkim# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) 168280304Sjkim# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) 169238384Sjkim/* EVP_PKEY_METHOD key encryption callbacks */ 170238384Sjkim/* From gost94_keyx.c */ 171280304Sjkimint pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, 172280304Sjkim size_t *outlen, const unsigned char *key, 173280304Sjkim size_t key_len); 174238384Sjkim 175280304Sjkimint pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, 176280304Sjkim size_t *outlen, const unsigned char *in, 177280304Sjkim size_t in_len); 178238384Sjkim/* From gost2001_keyx.c */ 179280304Sjkimint pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, 180280304Sjkim size_t *outlen, const unsigned char *key, 181280304Sjkim size_t key_len); 182238384Sjkim 183280304Sjkimint pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, 184280304Sjkim size_t *outlen, const unsigned char *in, 185280304Sjkim size_t in_len); 186238384Sjkim/* derive functions */ 187238384Sjkim/* From gost2001_keyx.c */ 188280304Sjkimint pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, 189280304Sjkim size_t *keylen); 190238384Sjkim/* From gost94_keyx.c */ 191238384Sjkimint pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); 192238384Sjkim/* Internal functions for signature algorithms */ 193280304Sjkimint fill_GOST94_params(DSA *dsa, int nid); 194238384Sjkimint fill_GOST2001_params(EC_KEY *eckey, int nid); 195280304Sjkimint gost_sign_keygen(DSA *dsa); 196280304Sjkimint gost2001_keygen(EC_KEY *ec); 197238384Sjkim 198280304SjkimDSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); 199280304SjkimDSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); 200238384Sjkim 201238384Sjkimint gost_do_verify(const unsigned char *dgst, int dgst_len, 202280304Sjkim DSA_SIG *sig, DSA *dsa); 203280304Sjkimint gost2001_do_verify(const unsigned char *dgst, int dgst_len, 204280304Sjkim DSA_SIG *sig, EC_KEY *ec); 205280304Sjkimint gost2001_compute_public(EC_KEY *ec); 206280304Sjkimint gost94_compute_public(DSA *dsa); 207238384Sjkim/*============== miscellaneous functions============================= */ 208238384Sjkim/* from gost_sign.c */ 209238384Sjkim/* Convert GOST R 34.11 hash sum to bignum according to standard */ 210280304SjkimBIGNUM *hashsum2bn(const unsigned char *dgst); 211280304Sjkim/* 212280304Sjkim * Store bignum in byte array of given length, prepending by zeros if 213280304Sjkim * nesseccary 214280304Sjkim */ 215280304Sjkimint store_bignum(BIGNUM *bn, unsigned char *buf, int len); 216280304Sjkim/* Read bignum, which can have few MSB all-zeros from buffer*/ 217280304SjkimBIGNUM *getbnfrombuf(const unsigned char *buf, size_t len); 218238384Sjkim/* Pack GOST R 34.10 signature according to CryptoPro rules */ 219280304Sjkimint pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen); 220238384Sjkim/* Unpack GOST R 34.10 signature according to CryptoPro rules */ 221280304SjkimDSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen); 222238384Sjkim/* from ameth.c */ 223238384Sjkim/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/ 224238384Sjkim/* Returns pointer into EVP_PKEY structure */ 225280304SjkimBIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey); 226238384Sjkim/* Find NID by GOST 94 parameters */ 227280304Sjkimint gost94_nid_by_params(DSA *p); 228238384Sjkim 229238384Sjkim#endif 230