[thirdparty/openssl.git] / engines / ccgost / gost_lcl.h

#ifndef GOST_TOOLS_H
# define GOST_TOOLS_H
/**********************************************************************
 *                        gost_lcl.h                                  *
 *             Copyright (c) 2006 Cryptocom LTD                       *
 *       This file is distributed under the same license as OpenSSL   *
 *                                                                    *
 *         Internal declarations  used in GOST engine                *
 *         OpenSSL 0.9.9 libraries required to compile and use        *
 *                              this code                             *
 **********************************************************************/
# include <openssl/bn.h>
# include <openssl/evp.h>
# include <openssl/dsa.h>
# include <openssl/asn1t.h>
# include <openssl/x509.h>
# include <openssl/engine.h>
# include <openssl/ec.h>
# include "gost89.h"
# include "gosthash.h"
/* Control commands */
# define GOST_PARAM_CRYPT_PARAMS 0
# define GOST_PARAM_MAX 0
# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)

typedef struct R3410_2001 {
    int nid;
    char *a;
    char *b;
    char *p;
    char *q;
    char *x;
    char *y;
} R3410_2001_params;

extern R3410_2001_params R3410_2001_paramset[];

extern const ENGINE_CMD_DEFN gost_cmds[];
int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
const char *get_gost_engine_param(int param);
int gost_set_default_param(int param, const char *value);
void gost_param_free(void);

/* method registration */

int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
                        const char *pemstr, const char *info);
int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);

/* Gost-specific pmeth control-function parameters */
/* For GOST R34.10 parameters */
# define param_ctrl_string "paramset"
# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
/* For GOST 28147 MAC */
# define key_ctrl_string "key"
# define hexkey_ctrl_string "hexkey"
# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
/* Pmeth internal representation */
struct gost_pmeth_data {
    int sign_param_nid;         /* Should be set whenever parameters are
                                 * filled */
    EVP_MD *md;
    unsigned char *shared_ukm;
    int peer_key_used;
};

struct gost_mac_pmeth_data {
    int key_set;
    EVP_MD *md;
    unsigned char key[32];
};
/* GOST-specific ASN1 structures */

typedef struct {
    ASN1_OCTET_STRING *encrypted_key;
    ASN1_OCTET_STRING *imit;
} GOST_KEY_INFO;

DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)

typedef struct {
    ASN1_OBJECT *cipher;
    X509_PUBKEY *ephem_key;
    ASN1_OCTET_STRING *eph_iv;
} GOST_KEY_AGREEMENT_INFO;

DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)

typedef struct {
    GOST_KEY_INFO *key_info;
    GOST_KEY_AGREEMENT_INFO *key_agreement_info;
} GOST_KEY_TRANSPORT;

DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)

typedef struct {                /* FIXME incomplete */
    GOST_KEY_TRANSPORT *gkt;
} GOST_CLIENT_KEY_EXCHANGE_PARAMS;

/*
 * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
 * what's done in symhacks.h, but since this is a very local header file, I
 * prefered to put this hack directly here. -- Richard Levitte
 */
# ifdef OPENSSL_SYS_VMS
#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it      GOST_CLIENT_KEY_EXC_PARAMS_it
#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new     GOST_CLIENT_KEY_EXC_PARAMS_new
#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free    GOST_CLIENT_KEY_EXC_PARAMS_free
#  undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
#  define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS     d2i_GOST_CLIENT_KEY_EXC_PARAMS
#  undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
#  define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS     i2d_GOST_CLIENT_KEY_EXC_PARAMS
# endif                         /* End of hack */
DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
typedef struct {
    ASN1_OBJECT *key_params;
    ASN1_OBJECT *hash_params;
    ASN1_OBJECT *cipher_params;
} GOST_KEY_PARAMS;

DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)

typedef struct {
    ASN1_OCTET_STRING *iv;
    ASN1_OBJECT *enc_param_set;
} GOST_CIPHER_PARAMS;

DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
/*============== Message digest  and cipher related structures  ==========*/
         /*
          * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
          * in the md-data pointers to dynamically allocated memory. I
          * cannot invent better way to avoid memory leaks, because openssl
          * insist on invoking Init on Final-ed digests, and there is no
          * reliable way to find out whether pointer in the passed md_data is
          * valid or not.
          */
struct ossl_gost_digest_ctx {
    gost_hash_ctx dctx;
    gost_ctx cctx;
};
/* EVP_MD structure for GOST R 34.11 */
extern EVP_MD digest_gost;
/* EVP_MD structure for GOST 28147 in MAC mode */
extern EVP_MD imit_gost_cpa;
/* Cipher context used for EVP_CIPHER operation */
struct ossl_gost_cipher_ctx {
    int paramNID;
    unsigned int count;
    int key_meshing;
    gost_ctx cctx;
};
/* Structure to map parameter NID to S-block */
struct gost_cipher_info {
    int nid;
    gost_subst_block *sblock;
    int key_meshing;
};
/* Context for MAC */
struct ossl_gost_imit_ctx {
    gost_ctx cctx;
    unsigned char buffer[8];
    unsigned char partial_block[8];
    unsigned int count;
    int key_meshing;
    int bytes_left;
    int key_set;
};
/* Table which maps parameter NID to S-blocks */
extern struct gost_cipher_info gost_cipher_list[];
/* Find encryption params from ASN1_OBJECT */
const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
extern EVP_CIPHER cipher_gost;
extern EVP_CIPHER cipher_gost_cpacnt;
# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
/* EVP_PKEY_METHOD key encryption callbacks */
/* From gost2001_keyx.c */
int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
                          size_t *outlen, const unsigned char *key,
                          size_t key_len);

int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
                          size_t *outlen, const unsigned char *in,
                          size_t in_len);
/* derive functions */
/* From gost2001_keyx.c */
int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
                         size_t *keylen);
/* Internal functions for signature algorithms */
int fill_GOST2001_params(EC_KEY *eckey, int nid);
int gost_sign_keygen(DSA *dsa);
int gost2001_keygen(EC_KEY *ec);

DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);

int gost_do_verify(const unsigned char *dgst, int dgst_len,
                   DSA_SIG *sig, DSA *dsa);
int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
                       DSA_SIG *sig, EC_KEY *ec);
int gost2001_compute_public(EC_KEY *ec);
/*============== miscellaneous functions============================= */
/* from gost_sign.c */
/* Convert GOST R 34.11 hash sum to bignum according to standard */
BIGNUM *hashsum2bn(const unsigned char *dgst);
/*
 * Store bignum in byte array of given length, prepending by zeros if
 * nesseccary
 */
int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
/* Read bignum, which can have few MSB all-zeros    from buffer*/
BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
/* Pack GOST R 34.10 signature according to CryptoPro rules */
int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
/* Unpack GOST R 34.10 signature according to CryptoPro rules */
DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen);
/* from ameth.c */
/* Get private key as BIGNUM from both 34.10-2001 keys*/
/* Returns pointer into EVP_PKEY structure */
BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey);

#endif
Commit	Line	Data
926c41bd	1	#ifndef GOST_TOOLS_H
0f113f3e	2	# define GOST_TOOLS_H
926c41bd DSH	3	/**********************************************************************
	4	* gost_lcl.h *
	5	* Copyright (c) 2006 Cryptocom LTD *
	6	* This file is distributed under the same license as OpenSSL *
	7	* *
	8	* Internal declarations used in GOST engine *
	9	* OpenSSL 0.9.9 libraries required to compile and use *
	10	* this code *
0f113f3e MC	11	**********************************************************************/
	12	# include <openssl/bn.h>
	13	# include <openssl/evp.h>
	14	# include <openssl/dsa.h>
	15	# include <openssl/asn1t.h>
	16	# include <openssl/x509.h>
	17	# include <openssl/engine.h>
	18	# include <openssl/ec.h>
	19	# include "gost89.h"
	20	# include "gosthash.h"
926c41bd	21	/* Control commands */
0f113f3e MC	22	# define GOST_PARAM_CRYPT_PARAMS 0
	23	# define GOST_PARAM_MAX 0
	24	# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
926c41bd	25
ade44dcb RS	26	typedef struct R3410_2001 {
	27	int nid;
	28	char *a;
	29	char *b;
	30	char *p;
	31	char *q;
	32	char *x;
	33	char *y;
	34	} R3410_2001_params;
	35
	36	extern R3410_2001_params R3410_2001_paramset[];
	37
0f113f3e MC	38	extern const ENGINE_CMD_DEFN gost_cmds[];
	39	int gost_control_func(ENGINE e, int cmd, long i, void p, void (*f) (void));
	40	const char *get_gost_engine_param(int param);
	41	int gost_set_default_param(int param, const char *value);
	42	void gost_param_free(void);
926c41bd DSH	43
	44	/* method registration */
	45
0f113f3e MC	46	int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
	47	const char pemstr, const char info);
	48	int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);
926c41bd DSH	49
926c41bd DSH	50	/* Gost-specific pmeth control-function parameters */
a4346646	51	/* For GOST R34.10 parameters */
0f113f3e MC	52	# define param_ctrl_string "paramset"
0f113f3e MC	53	# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
a4346646	54	/* For GOST 28147 MAC */
0f113f3e MC	55	# define key_ctrl_string "key"
	56	# define hexkey_ctrl_string "hexkey"
	57	# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
926c41bd	58	/* Pmeth internal representation */
0f113f3e MC	59	struct gost_pmeth_data {
	60	int sign_param_nid; /* Should be set whenever parameters are
	61	* filled */
	62	EVP_MD *md;
	63	unsigned char *shared_ukm;
	64	int peer_key_used;
	65	};
926c41bd	66
0f113f3e MC	67	struct gost_mac_pmeth_data {
	68	int key_set;
	69	EVP_MD *md;
	70	unsigned char key[32];
	71	};
	72	/* GOST-specific ASN1 structures */
926c41bd DSH	73
926c41bd DSH	74	typedef struct {
0f113f3e MC	75	ASN1_OCTET_STRING *encrypted_key;
0f113f3e MC	76	ASN1_OCTET_STRING *imit;
926c41bd DSH	77	} GOST_KEY_INFO;
	78
	79	DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
	80
	81	typedef struct {
0f113f3e MC	82	ASN1_OBJECT *cipher;
	83	X509_PUBKEY *ephem_key;
	84	ASN1_OCTET_STRING *eph_iv;
926c41bd DSH	85	} GOST_KEY_AGREEMENT_INFO;
	86
	87	DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
0f113f3e	88
926c41bd	89	typedef struct {
0f113f3e MC	90	GOST_KEY_INFO *key_info;
0f113f3e MC	91	GOST_KEY_AGREEMENT_INFO *key_agreement_info;
926c41bd DSH	92	} GOST_KEY_TRANSPORT;
	93
	94	DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
	95
0f113f3e MC	96	typedef struct { /* FIXME incomplete */
0f113f3e MC	97	GOST_KEY_TRANSPORT *gkt;
926c41bd DSH	98	} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
926c41bd DSH	99
0f113f3e MC	100	/*
	101	* Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
	102	* what's done in symhacks.h, but since this is a very local header file, I
	103	* prefered to put this hack directly here. -- Richard Levitte
	104	*/
	105	# ifdef OPENSSL_SYS_VMS
	106	# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
	107	# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it
	108	# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
	109	# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new
	110	# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
	111	# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free
	112	# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
	113	# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS
	114	# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
	115	# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS
	116	# endif /* End of hack */
926c41bd DSH	117	DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
926c41bd DSH	118	typedef struct {
0f113f3e MC	119	ASN1_OBJECT *key_params;
	120	ASN1_OBJECT *hash_params;
	121	ASN1_OBJECT *cipher_params;
926c41bd DSH	122	} GOST_KEY_PARAMS;
	123
	124	DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
	125
	126	typedef struct {
0f113f3e MC	127	ASN1_OCTET_STRING *iv;
	128	ASN1_OBJECT *enc_param_set;
	129	} GOST_CIPHER_PARAMS;
926c41bd DSH	130
	131	DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
	132	/============== Message digest and cipher related structures ==========/
0f113f3e MC	133	/*
	134	* Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
	135	* in the md-data pointers to dynamically allocated memory. I
	136	* cannot invent better way to avoid memory leaks, because openssl
	137	* insist on invoking Init on Final-ed digests, and there is no
	138	* reliable way to find out whether pointer in the passed md_data is
	139	* valid or not.
	140	*/
926c41bd	141	struct ossl_gost_digest_ctx {
0f113f3e MC	142	gost_hash_ctx dctx;
	143	gost_ctx cctx;
	144	};
926c41bd DSH	145	/* EVP_MD structure for GOST R 34.11 */
926c41bd DSH	146	extern EVP_MD digest_gost;
ec06417d DSH	147	/* EVP_MD structure for GOST 28147 in MAC mode */
ec06417d DSH	148	extern EVP_MD imit_gost_cpa;
926c41bd DSH	149	/* Cipher context used for EVP_CIPHER operation */
926c41bd DSH	150	struct ossl_gost_cipher_ctx {
0f113f3e MC	151	int paramNID;
	152	unsigned int count;
	153	int key_meshing;
	154	gost_ctx cctx;
	155	};
926c41bd DSH	156	/* Structure to map parameter NID to S-block */
926c41bd DSH	157	struct gost_cipher_info {
0f113f3e MC	158	int nid;
	159	gost_subst_block *sblock;
	160	int key_meshing;
926c41bd	161	};
926c41bd DSH	162	/* Context for MAC */
926c41bd DSH	163	struct ossl_gost_imit_ctx {
0f113f3e MC	164	gost_ctx cctx;
	165	unsigned char buffer[8];
	166	unsigned char partial_block[8];
	167	unsigned int count;
	168	int key_meshing;
	169	int bytes_left;
	170	int key_set;
	171	};
926c41bd DSH	172	/* Table which maps parameter NID to S-blocks */
	173	extern struct gost_cipher_info gost_cipher_list[];
	174	/* Find encryption params from ASN1_OBJECT */
	175	const struct gost_cipher_info get_encryption_params(ASN1_OBJECT obj);
	176	/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
	177	extern EVP_CIPHER cipher_gost;
9981a51e	178	extern EVP_CIPHER cipher_gost_cpacnt;
0f113f3e MC	179	# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
0f113f3e MC	180	# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
926c41bd	181	/* EVP_PKEY_METHOD key encryption callbacks */
926c41bd	182	/* From gost2001_keyx.c */
0f113f3e MC	183	int pkey_GOST01cp_encrypt(EVP_PKEY_CTX ctx, unsigned char out,
	184	size_t outlen, const unsigned char key,
	185	size_t key_len);
926c41bd	186
0f113f3e MC	187	int pkey_GOST01cp_decrypt(EVP_PKEY_CTX ctx, unsigned char out,
	188	size_t outlen, const unsigned char in,
	189	size_t in_len);
0e1dba93 DSH	190	/* derive functions */
0e1dba93 DSH	191	/* From gost2001_keyx.c */
0f113f3e MC	192	int pkey_gost2001_derive(EVP_PKEY_CTX ctx, unsigned char key,
0f113f3e MC	193	size_t *keylen);
926c41bd	194	/* Internal functions for signature algorithms */
926c41bd	195	int fill_GOST2001_params(EC_KEY *eckey, int nid);
0f113f3e MC	196	int gost_sign_keygen(DSA *dsa);
0f113f3e MC	197	int gost2001_keygen(EC_KEY *ec);
926c41bd	198
0f113f3e MC	199	DSA_SIG gost_do_sign(const unsigned char dgst, int dlen, DSA *dsa);
0f113f3e MC	200	DSA_SIG gost2001_do_sign(const unsigned char dgst, int dlen, EC_KEY *eckey);
926c41bd DSH	201
926c41bd DSH	202	int gost_do_verify(const unsigned char *dgst, int dgst_len,
0f113f3e MC	203	DSA_SIG sig, DSA dsa);
	204	int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
	205	DSA_SIG sig, EC_KEY ec);
	206	int gost2001_compute_public(EC_KEY *ec);
926c41bd DSH	207	/============== miscellaneous functions============================= /
	208	/* from gost_sign.c */
	209	/* Convert GOST R 34.11 hash sum to bignum according to standard */
0f113f3e MC	210	BIGNUM hashsum2bn(const unsigned char dgst);
	211	/*
	212	* Store bignum in byte array of given length, prepending by zeros if
	213	* nesseccary
	214	*/
	215	int store_bignum(BIGNUM bn, unsigned char buf, int len);
	216	/* Read bignum, which can have few MSB all-zeros from buffer*/
	217	BIGNUM getbnfrombuf(const unsigned char buf, size_t len);
926c41bd	218	/* Pack GOST R 34.10 signature according to CryptoPro rules */
0f113f3e	219	int pack_sign_cp(DSA_SIG s, int order, unsigned char sig, size_t *siglen);
926c41bd	220	/* Unpack GOST R 34.10 signature according to CryptoPro rules */
0f113f3e	221	DSA_SIG unpack_cp_signature(const unsigned char sig, size_t siglen);
926c41bd	222	/* from ameth.c */
ade44dcb	223	/* Get private key as BIGNUM from both 34.10-2001 keys*/
0e1dba93	224	/* Returns pointer into EVP_PKEY structure */
0f113f3e	225	BIGNUM gost_get0_priv_key(const EVP_PKEY pkey);
926c41bd DSH	226
926c41bd DSH	227	#endif