[thirdparty/openssl.git] / engines / ccgost / gost_pmeth.c

/**********************************************************************
 *                          gost_pmeth.c                              *
 *             Copyright (c) 2005-2006 Cryptocom LTD                  *
 *         This file is distributed under the same license as OpenSSL *
 *                                                                    *
 *   Implementation of RFC 4357 (GOST R 34.10) Publick key method     *
 *       for OpenSSL                                                  *
 *          Requires OpenSSL 0.9.9 for compilation                    *
 **********************************************************************/
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/ec.h>
#include <openssl/x509v3.h>     /* For string_to_hex */
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include "gost_params.h"
#include "gost_lcl.h"
#include "e_gost_err.h"
/* -----init, cleanup, copy - uniform for all algs  ---------------*/
/* Allocates new gost_pmeth_data structure and assigns it as data */
static int pkey_gost_init(EVP_PKEY_CTX *ctx)
{
    struct gost_pmeth_data *data;
    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
    data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
    if (!data)
        return 0;
    memset(data, 0, sizeof(struct gost_pmeth_data));
    if (pkey && EVP_PKEY_get0(pkey)) {
        switch (EVP_PKEY_base_id(pkey)) {
        case NID_id_GostR3410_94:
            data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey));
            break;
        case NID_id_GostR3410_2001:
            data->sign_param_nid =
                EC_GROUP_get_curve_name(EC_KEY_get0_group
                                        (EVP_PKEY_get0((EVP_PKEY *)pkey)));
            break;
        default:
            return 0;
        }
    }
    EVP_PKEY_CTX_set_data(ctx, data);
    return 1;
}

/* Copies contents of gost_pmeth_data structure */
static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
    struct gost_pmeth_data *dst_data, *src_data;
    if (!pkey_gost_init(dst)) {
        return 0;
    }
    src_data = EVP_PKEY_CTX_get_data(src);
    dst_data = EVP_PKEY_CTX_get_data(dst);
    *dst_data = *src_data;
    if (src_data->shared_ukm) {
        dst_data->shared_ukm = NULL;
    }
    return 1;
}

/* Frees up gost_pmeth_data structure */
static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx)
{
    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
    if (data->shared_ukm)
        OPENSSL_free(data->shared_ukm);
    OPENSSL_free(data);
}

/* --------------------- control functions  ------------------------------*/
static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
    struct gost_pmeth_data *pctx =
        (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
    switch (type) {
    case EVP_PKEY_CTRL_MD:
        {
            if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) {
                GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
                return 0;
            }
            pctx->md = (EVP_MD *)p2;
            return 1;
        }
        break;

    case EVP_PKEY_CTRL_GET_MD:
        *(const EVP_MD **)p2 = pctx->md;
        return 1;

    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
    case EVP_PKEY_CTRL_PKCS7_SIGN:
    case EVP_PKEY_CTRL_DIGESTINIT:
#ifndef OPENSSL_NO_CMS
    case EVP_PKEY_CTRL_CMS_ENCRYPT:
    case EVP_PKEY_CTRL_CMS_DECRYPT:
    case EVP_PKEY_CTRL_CMS_SIGN:
#endif
        return 1;

    case EVP_PKEY_CTRL_GOST_PARAMSET:
        pctx->sign_param_nid = (int)p1;
        return 1;
    case EVP_PKEY_CTRL_SET_IV:
        pctx->shared_ukm = OPENSSL_malloc((int)p1);
        memcpy(pctx->shared_ukm, p2, (int)p1);
        return 1;
    case EVP_PKEY_CTRL_PEER_KEY:
        if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
            return 1;
        if (p1 == 2)            /* TLS: peer key used? */
            return pctx->peer_key_used;
        if (p1 == 3)            /* TLS: peer key used! */
            return (pctx->peer_key_used = 1);
        return -2;
    }
    return -2;
}

static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
                                const char *type, const char *value)
{
    int param_nid = 0;
    if (!strcmp(type, param_ctrl_string)) {
        if (!value) {
            return 0;
        }
        if (strlen(value) == 1) {
            switch (toupper((unsigned char)value[0])) {
            case 'A':
                param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
                break;
            case 'B':
                param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet;
                break;
            case 'C':
                param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet;
                break;
            case 'D':
                param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet;
                break;
            default:
                return 0;
                break;
            }
        } else if ((strlen(value) == 2)
                   && (toupper((unsigned char)value[0]) == 'X')) {
            switch (toupper((unsigned char)value[1])) {
            case 'A':
                param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
                break;
            case 'B':
                param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet;
                break;
            case 'C':
                param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet;
                break;
            default:
                return 0;
                break;
            }
        } else {
            R3410_params *p = R3410_paramset;
            param_nid = OBJ_txt2nid(value);
            if (param_nid == NID_undef) {
                return 0;
            }
            for (; p->nid != NID_undef; p++) {
                if (p->nid == param_nid)
                    break;
            }
            if (p->nid == NID_undef) {
                GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR, GOST_R_INVALID_PARAMSET);
                return 0;
            }
        }

        return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
                              param_nid, NULL);
    }
    return -2;
}

static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
                                const char *type, const char *value)
{
    int param_nid = 0;
    if (!strcmp(type, param_ctrl_string)) {
        if (!value) {
            return 0;
        }
        if (strlen(value) == 1) {
            switch (toupper((unsigned char)value[0])) {
            case 'A':
                param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
                break;
            case 'B':
                param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
                break;
            case 'C':
                param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
                break;
            case '0':
                param_nid = NID_id_GostR3410_2001_TestParamSet;
                break;
            default:
                return 0;
                break;
            }
        } else if ((strlen(value) == 2)
                   && (toupper((unsigned char)value[0]) == 'X')) {
            switch (toupper((unsigned char)value[1])) {
            case 'A':
                param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
                break;
            case 'B':
                param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet;
                break;
            default:
                return 0;
                break;
            }
        } else {
            R3410_2001_params *p = R3410_2001_paramset;
            param_nid = OBJ_txt2nid(value);
            if (param_nid == NID_undef) {
                return 0;
            }
            for (; p->nid != NID_undef; p++) {
                if (p->nid == param_nid)
                    break;
            }
            if (p->nid == NID_undef) {
                GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET);
                return 0;
            }
        }

        return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
                              param_nid, NULL);
    }
    return -2;
}

/* --------------------- key generation  --------------------------------*/

static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx)
{
    return 1;
}

static int pkey_gost94_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
    DSA *dsa = NULL;
    if (data->sign_param_nid == NID_undef) {
        GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
        return 0;
    }
    dsa = DSA_new();
    if (!fill_GOST94_params(dsa, data->sign_param_nid)) {
        DSA_free(dsa);
        return 0;
    }
    EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa);
    return 1;
}

static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
    EC_KEY *ec = NULL;

    if (data->sign_param_nid == NID_undef) {
        GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
        return 0;
    }
    if (!ec)
        ec = EC_KEY_new();
    if (!fill_GOST2001_params(ec, data->sign_param_nid)) {
        EC_KEY_free(ec);
        return 0;
    }
    EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec);
    return 1;
}

/* Generates Gost_R3410_94_cp key */
static int pkey_gost94cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
    DSA *dsa;
    if (!pkey_gost94_paramgen(ctx, pkey))
        return 0;
    dsa = EVP_PKEY_get0(pkey);
    gost_sign_keygen(dsa);
    return 1;
}

/* Generates GOST_R3410 2001 key and assigns it using specified type */
static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
    EC_KEY *ec;
    if (!pkey_gost01_paramgen(ctx, pkey))
        return 0;
    ec = EVP_PKEY_get0(pkey);
    gost2001_keygen(ec);
    return 1;
}

/* ----------- sign callbacks --------------------------------------*/

static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
                               size_t *siglen, const unsigned char *tbs,
                               size_t tbs_len)
{
    DSA_SIG *unpacked_sig = NULL;
    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
    if (!siglen)
        return 0;
    if (!sig) {
        *siglen = 64;           /* better to check size of pkey->pkey.dsa-q */
        return 1;
    }
    unpacked_sig = gost_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
    if (!unpacked_sig) {
        return 0;
    }
    return pack_sign_cp(unpacked_sig, 32, sig, siglen);
}

static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
                               size_t *siglen, const unsigned char *tbs,
                               size_t tbs_len)
{
    DSA_SIG *unpacked_sig = NULL;
    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
    if (!siglen)
        return 0;
    if (!sig) {
        *siglen = 64;           /* better to check size of curve order */
        return 1;
    }
    unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
    if (!unpacked_sig) {
        return 0;
    }
    return pack_sign_cp(unpacked_sig, 32, sig, siglen);
}

/* ------------------- verify callbacks ---------------------------*/

static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
                                 size_t siglen, const unsigned char *tbs,
                                 size_t tbs_len)
{
    int ok = 0;
    EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
    DSA_SIG *s = unpack_cp_signature(sig, siglen);
    if (!s)
        return 0;
    if (pub_key)
        ok = gost_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
    DSA_SIG_free(s);
    return ok;
}

static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
                                 size_t siglen, const unsigned char *tbs,
                                 size_t tbs_len)
{
    int ok = 0;
    EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
    DSA_SIG *s = unpack_cp_signature(sig, siglen);
    if (!s)
        return 0;
#ifdef DEBUG_SIGN
    fprintf(stderr, "R=");
    BN_print_fp(stderr, s->r);
    fprintf(stderr, "\nS=");
    BN_print_fp(stderr, s->s);
    fprintf(stderr, "\n");
#endif
    if (pub_key)
        ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
    DSA_SIG_free(s);
    return ok;
}

/* ------------- encrypt init -------------------------------------*/
/* Generates ephermeral key */
static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
{
    return 1;
}

/* --------------- Derive init ------------------------------------*/
static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
{
    return 1;
}

/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/
static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
{
    struct gost_mac_pmeth_data *data;
    data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data));
    if (!data)
        return 0;
    memset(data, 0, sizeof(struct gost_mac_pmeth_data));
    EVP_PKEY_CTX_set_data(ctx, data);
    return 1;
}

static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
{
    struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
    OPENSSL_free(data);
}

static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
    struct gost_mac_pmeth_data *dst_data, *src_data;
    if (!pkey_gost_mac_init(dst)) {
        return 0;
    }
    src_data = EVP_PKEY_CTX_get_data(src);
    dst_data = EVP_PKEY_CTX_get_data(dst);
    *dst_data = *src_data;
    return 1;
}

static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
    struct gost_mac_pmeth_data *data =
        (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);

    switch (type) {
    case EVP_PKEY_CTRL_MD:
        {
            if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) {
                GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
                        GOST_R_INVALID_DIGEST_TYPE);
                return 0;
            }
            data->md = (EVP_MD *)p2;
            return 1;
        }
        break;

    case EVP_PKEY_CTRL_GET_MD:
        *(const EVP_MD **)p2 = data->md;
        return 1;

    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
    case EVP_PKEY_CTRL_PKCS7_SIGN:
        return 1;
    case EVP_PKEY_CTRL_SET_MAC_KEY:
        if (p1 != 32) {
            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
            return 0;
        }

        memcpy(data->key, p2, 32);
        data->key_set = 1;
        return 1;
    case EVP_PKEY_CTRL_DIGESTINIT:
        {
            EVP_MD_CTX *mctx = p2;
            void *key;
            if (!data->key_set) {
                EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
                if (!pkey) {
                    GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
                            GOST_R_MAC_KEY_NOT_SET);
                    return 0;
                }
                key = EVP_PKEY_get0(pkey);
                if (!key) {
                    GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
                            GOST_R_MAC_KEY_NOT_SET);
                    return 0;
                }
            } else {
                key = &(data->key);
            }
            return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
        }
    }
    return -2;
}

static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
                                  const char *type, const char *value)
{
    if (!strcmp(type, key_ctrl_string)) {
        if (strlen(value) != 32) {
            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
                    GOST_R_INVALID_MAC_KEY_LENGTH);
            return 0;
        }
        return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
                                  32, (char *)value);
    }
    if (!strcmp(type, hexkey_ctrl_string)) {
        long keylen;
        int ret;
        unsigned char *keybuf = string_to_hex(value, &keylen);
        if (keylen != 32) {
            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
                    GOST_R_INVALID_MAC_KEY_LENGTH);
            OPENSSL_free(keybuf);
            return 0;
        }
        ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf);
        OPENSSL_free(keybuf);
        return ret;

    }
    return -2;
}

static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
    struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
    unsigned char *keydata;
    if (!data->key_set) {
        GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
        return 0;
    }
    keydata = OPENSSL_malloc(32);
    memcpy(keydata, data->key, 32);
    EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
    return 1;
}

static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
{
    return 1;
}

static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig,
                                 size_t *siglen, EVP_MD_CTX *mctx)
{
    unsigned int tmpsiglen = *siglen; /* for platforms where
                                       * sizeof(int)!=sizeof(size_t) */
    int ret;
    if (!sig) {
        *siglen = 4;
        return 1;
    }
    ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
    *siglen = tmpsiglen;
    return ret;
}

/* ----------------------------------------------------------------*/
int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
{
    *pmeth = EVP_PKEY_meth_new(id, flags);
    if (!*pmeth)
        return 0;

    switch (id) {
    case NID_id_GostR3410_94:
        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl94_str);
        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost94cp_keygen);
        EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
        EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
        EVP_PKEY_meth_set_encrypt(*pmeth,
                                  pkey_gost_encrypt_init,
                                  pkey_GOST94cp_encrypt);
        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
        EVP_PKEY_meth_set_derive(*pmeth,
                                 pkey_gost_derive_init, pkey_gost94_derive);
        EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
                                   pkey_gost94_paramgen);
        break;
    case NID_id_GostR3410_2001:
        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str);
        EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign);
        EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify);

        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);

        EVP_PKEY_meth_set_encrypt(*pmeth,
                                  pkey_gost_encrypt_init,
                                  pkey_GOST01cp_encrypt);
        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
        EVP_PKEY_meth_set_derive(*pmeth,
                                 pkey_gost_derive_init, pkey_gost2001_derive);
        EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
                                   pkey_gost01_paramgen);
        break;
    case NID_id_Gost28147_89_MAC:
        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
                               pkey_gost_mac_ctrl_str);
        EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init,
                                  pkey_gost_mac_signctx);
        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen);
        EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init);
        EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup);
        EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
        return 1;
    default:                   /* Unsupported method */
        return 0;
    }
    EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
    EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);

    EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy);
    /*
     * FIXME derive etc...
     */

    return 1;
}
Commit	Line	Data
a04549cc	1	/**********************************************************************
926c41bd	2	* gost_pmeth.c *
a04549cc DSH	3	* Copyright (c) 2005-2006 Cryptocom LTD *
	4	* This file is distributed under the same license as OpenSSL *
	5	* *
	6	* Implementation of RFC 4357 (GOST R 34.10) Publick key method *
	7	* for OpenSSL *
	8	* Requires OpenSSL 0.9.9 for compilation *
	9	**********************************************************************/
	10	#include <openssl/evp.h>
	11	#include <openssl/objects.h>
	12	#include <openssl/ec.h>
ae5c8664	13	#include <openssl/x509v3.h> /* For string_to_hex */
a04549cc DSH	14	#include <stdlib.h>
	15	#include <string.h>
	16	#include <ctype.h>
926c41bd DSH	17	#include "gost_params.h"
926c41bd DSH	18	#include "gost_lcl.h"
a04549cc	19	#include "e_gost_err.h"
ae5c8664	20	/* -----init, cleanup, copy - uniform for all algs ---------------*/
a04549cc	21	/* Allocates new gost_pmeth_data structure and assigns it as data */
926c41bd	22	static int pkey_gost_init(EVP_PKEY_CTX *ctx)
ae5c8664 MC	23	{
	24	struct gost_pmeth_data *data;
	25	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
	26	data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
	27	if (!data)
	28	return 0;
	29	memset(data, 0, sizeof(struct gost_pmeth_data));
	30	if (pkey && EVP_PKEY_get0(pkey)) {
	31	switch (EVP_PKEY_base_id(pkey)) {
	32	case NID_id_GostR3410_94:
	33	data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey));
	34	break;
	35	case NID_id_GostR3410_2001:
	36	data->sign_param_nid =
	37	EC_GROUP_get_curve_name(EC_KEY_get0_group
	38	(EVP_PKEY_get0((EVP_PKEY *)pkey)));
	39	break;
	40	default:
	41	return 0;
	42	}
	43	}
	44	EVP_PKEY_CTX_set_data(ctx, data);
	45	return 1;
	46	}
926c41bd	47
a04549cc DSH	48	/* Copies contents of gost_pmeth_data structure */
a04549cc DSH	49	static int pkey_gost_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)
ae5c8664 MC	50	{
	51	struct gost_pmeth_data dst_data, src_data;
	52	if (!pkey_gost_init(dst)) {
	53	return 0;
	54	}
	55	src_data = EVP_PKEY_CTX_get_data(src);
	56	dst_data = EVP_PKEY_CTX_get_data(dst);
	57	dst_data = src_data;
	58	if (src_data->shared_ukm) {
	59	dst_data->shared_ukm = NULL;
	60	}
	61	return 1;
	62	}
926c41bd	63
a04549cc	64	/* Frees up gost_pmeth_data structure */
ae5c8664 MC	65	static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx)
	66	{
	67	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
	68	if (data->shared_ukm)
	69	OPENSSL_free(data->shared_ukm);
	70	OPENSSL_free(data);
	71	}
926c41bd	72
a04549cc	73	/* --------------------- control functions ------------------------------*/
92e2c81a	74	static int pkey_gost_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
ae5c8664 MC	75	{
	76	struct gost_pmeth_data *pctx =
	77	(struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
	78	switch (type) {
	79	case EVP_PKEY_CTRL_MD:
	80	{
	81	if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) {
	82	GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
	83	return 0;
	84	}
	85	pctx->md = (EVP_MD *)p2;
	86	return 1;
	87	}
	88	break;
	89
	90	case EVP_PKEY_CTRL_GET_MD:
	91	(const EVP_MD *)p2 = pctx->md;
	92	return 1;
	93
	94	case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
	95	case EVP_PKEY_CTRL_PKCS7_DECRYPT:
	96	case EVP_PKEY_CTRL_PKCS7_SIGN:
	97	case EVP_PKEY_CTRL_DIGESTINIT:
	98	#ifndef OPENSSL_NO_CMS
	99	case EVP_PKEY_CTRL_CMS_ENCRYPT:
	100	case EVP_PKEY_CTRL_CMS_DECRYPT:
	101	case EVP_PKEY_CTRL_CMS_SIGN:
	102	#endif
	103	return 1;
	104
	105	case EVP_PKEY_CTRL_GOST_PARAMSET:
	106	pctx->sign_param_nid = (int)p1;
	107	return 1;
	108	case EVP_PKEY_CTRL_SET_IV:
	109	pctx->shared_ukm = OPENSSL_malloc((int)p1);
	110	memcpy(pctx->shared_ukm, p2, (int)p1);
	111	return 1;
	112	case EVP_PKEY_CTRL_PEER_KEY:
	113	if (p1 == 0 \|\| p1 == 1) /* call from EVP_PKEY_derive_set_peer */
	114	return 1;
	115	if (p1 == 2) /* TLS: peer key used? */
	116	return pctx->peer_key_used;
	117	if (p1 == 3) /* TLS: peer key used! */
	118	return (pctx->peer_key_used = 1);
	119	return -2;
	120	}
	121	return -2;
	122	}
926c41bd DSH	123
926c41bd DSH	124	static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
ae5c8664 MC	125	const char type, const char value)
	126	{
	127	int param_nid = 0;
	128	if (!strcmp(type, param_ctrl_string)) {
	129	if (!value) {
	130	return 0;
	131	}
	132	if (strlen(value) == 1) {
	133	switch (toupper((unsigned char)value[0])) {
	134	case 'A':
	135	param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
	136	break;
	137	case 'B':
	138	param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet;
	139	break;
	140	case 'C':
	141	param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet;
	142	break;
	143	case 'D':
	144	param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet;
	145	break;
	146	default:
	147	return 0;
	148	break;
	149	}
	150	} else if ((strlen(value) == 2)
	151	&& (toupper((unsigned char)value[0]) == 'X')) {
	152	switch (toupper((unsigned char)value[1])) {
	153	case 'A':
	154	param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
	155	break;
	156	case 'B':
	157	param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet;
	158	break;
	159	case 'C':
	160	param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet;
	161	break;
	162	default:
	163	return 0;
	164	break;
	165	}
	166	} else {
	167	R3410_params *p = R3410_paramset;
	168	param_nid = OBJ_txt2nid(value);
	169	if (param_nid == NID_undef) {
	170	return 0;
	171	}
	172	for (; p->nid != NID_undef; p++) {
	173	if (p->nid == param_nid)
	174	break;
	175	}
	176	if (p->nid == NID_undef) {
	177	GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR, GOST_R_INVALID_PARAMSET);
	178	return 0;
	179	}
	180	}
	181
	182	return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
	183	param_nid, NULL);
	184	}
	185	return -2;
	186	}
a04549cc	187
926c41bd	188	static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
ae5c8664 MC	189	const char type, const char value)
	190	{
	191	int param_nid = 0;
	192	if (!strcmp(type, param_ctrl_string)) {
	193	if (!value) {
	194	return 0;
	195	}
	196	if (strlen(value) == 1) {
	197	switch (toupper((unsigned char)value[0])) {
	198	case 'A':
	199	param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
	200	break;
	201	case 'B':
	202	param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
	203	break;
	204	case 'C':
	205	param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
	206	break;
	207	case '0':
	208	param_nid = NID_id_GostR3410_2001_TestParamSet;
	209	break;
	210	default:
	211	return 0;
	212	break;
	213	}
	214	} else if ((strlen(value) == 2)
	215	&& (toupper((unsigned char)value[0]) == 'X')) {
	216	switch (toupper((unsigned char)value[1])) {
	217	case 'A':
	218	param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
	219	break;
	220	case 'B':
	221	param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet;
	222	break;
	223	default:
	224	return 0;
	225	break;
	226	}
	227	} else {
	228	R3410_2001_params *p = R3410_2001_paramset;
	229	param_nid = OBJ_txt2nid(value);
	230	if (param_nid == NID_undef) {
	231	return 0;
	232	}
	233	for (; p->nid != NID_undef; p++) {
	234	if (p->nid == param_nid)
	235	break;
	236	}
	237	if (p->nid == NID_undef) {
	238	GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET);
	239	return 0;
	240	}
	241	}
	242
	243	return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
	244	param_nid, NULL);
	245	}
	246	return -2;
	247	}
926c41bd	248
a04549cc	249	/* --------------------- key generation --------------------------------*/
0e1dba93	250
ae5c8664 MC	251	static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx)
	252	{
	253	return 1;
	254	}
	255
	256	static int pkey_gost94_paramgen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
	257	{
	258	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
	259	DSA *dsa = NULL;
	260	if (data->sign_param_nid == NID_undef) {
	261	GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
	262	return 0;
	263	}
	264	dsa = DSA_new();
	265	if (!fill_GOST94_params(dsa, data->sign_param_nid)) {
	266	DSA_free(dsa);
	267	return 0;
	268	}
	269	EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa);
	270	return 1;
	271	}
	272
b6af2c7e	273	static int pkey_gost01_paramgen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
ae5c8664 MC	274	{
	275	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
	276	EC_KEY *ec = NULL;
	277
	278	if (data->sign_param_nid == NID_undef) {
	279	GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
	280	return 0;
	281	}
	282	if (!ec)
	283	ec = EC_KEY_new();
	284	if (!fill_GOST2001_params(ec, data->sign_param_nid)) {
	285	EC_KEY_free(ec);
	286	return 0;
	287	}
	288	EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec);
	289	return 1;
	290	}
926c41bd	291
b6af2c7e DSH	292	/* Generates Gost_R3410_94_cp key */
b6af2c7e DSH	293	static int pkey_gost94cp_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
ae5c8664 MC	294	{
	295	DSA *dsa;
	296	if (!pkey_gost94_paramgen(ctx, pkey))
	297	return 0;
	298	dsa = EVP_PKEY_get0(pkey);
	299	gost_sign_keygen(dsa);
	300	return 1;
	301	}
b6af2c7e DSH	302
	303	/* Generates GOST_R3410 2001 key and assigns it using specified type */
	304	static int pkey_gost01cp_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
ae5c8664 MC	305	{
	306	EC_KEY *ec;
	307	if (!pkey_gost01_paramgen(ctx, pkey))
	308	return 0;
	309	ec = EVP_PKEY_get0(pkey);
	310	gost2001_keygen(ec);
	311	return 1;
	312	}
926c41bd	313
a04549cc	314	/* ----------- sign callbacks --------------------------------------*/
a04549cc	315
ae5c8664 MC	316	static int pkey_gost94_cp_sign(EVP_PKEY_CTX ctx, unsigned char sig,
	317	size_t siglen, const unsigned char tbs,
	318	size_t tbs_len)
	319	{
	320	DSA_SIG *unpacked_sig = NULL;
	321	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
	322	if (!siglen)
	323	return 0;
	324	if (!sig) {
	325	siglen = 64; / better to check size of pkey->pkey.dsa-q */
	326	return 1;
	327	}
	328	unpacked_sig = gost_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
	329	if (!unpacked_sig) {
	330	return 0;
	331	}
	332	return pack_sign_cp(unpacked_sig, 32, sig, siglen);
	333	}
	334
	335	static int pkey_gost01_cp_sign(EVP_PKEY_CTX ctx, unsigned char sig,
	336	size_t siglen, const unsigned char tbs,
	337	size_t tbs_len)
	338	{
	339	DSA_SIG *unpacked_sig = NULL;
	340	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
	341	if (!siglen)
	342	return 0;
	343	if (!sig) {
	344	siglen = 64; / better to check size of curve order */
	345	return 1;
	346	}
	347	unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
	348	if (!unpacked_sig) {
	349	return 0;
	350	}
	351	return pack_sign_cp(unpacked_sig, 32, sig, siglen);
	352	}
926c41bd	353
a04549cc	354	/* ------------------- verify callbacks ---------------------------*/
a04549cc DSH	355
a04549cc DSH	356	static int pkey_gost94_cp_verify(EVP_PKEY_CTX ctx, const unsigned char sig,
ae5c8664 MC	357	size_t siglen, const unsigned char *tbs,
	358	size_t tbs_len)
	359	{
	360	int ok = 0;
	361	EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
	362	DSA_SIG *s = unpack_cp_signature(sig, siglen);
	363	if (!s)
	364	return 0;
	365	if (pub_key)
	366	ok = gost_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
	367	DSA_SIG_free(s);
	368	return ok;
	369	}
a04549cc DSH	370
a04549cc DSH	371	static int pkey_gost01_cp_verify(EVP_PKEY_CTX ctx, const unsigned char sig,
ae5c8664 MC	372	size_t siglen, const unsigned char *tbs,
	373	size_t tbs_len)
	374	{
	375	int ok = 0;
	376	EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
	377	DSA_SIG *s = unpack_cp_signature(sig, siglen);
	378	if (!s)
	379	return 0;
	380	#ifdef DEBUG_SIGN
	381	fprintf(stderr, "R=");
	382	BN_print_fp(stderr, s->r);
	383	fprintf(stderr, "\nS=");
	384	BN_print_fp(stderr, s->s);
	385	fprintf(stderr, "\n");
	386	#endif
	387	if (pub_key)
	388	ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
	389	DSA_SIG_free(s);
	390	return ok;
	391	}
926c41bd	392
a04549cc DSH	393	/* ------------- encrypt init -------------------------------------*/
a04549cc DSH	394	/* Generates ephermeral key */
926c41bd	395	static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
ae5c8664 MC	396	{
	397	return 1;
	398	}
	399
0e1dba93	400	/* --------------- Derive init ------------------------------------*/
10f0c85c	401	static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
0e1dba93	402	{
ae5c8664	403	return 1;
0e1dba93	404	}
ae5c8664	405
a4346646 DSH	406	/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/
a4346646 DSH	407	static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
ae5c8664 MC	408	{
	409	struct gost_mac_pmeth_data *data;
	410	data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data));
	411	if (!data)
	412	return 0;
	413	memset(data, 0, sizeof(struct gost_mac_pmeth_data));
	414	EVP_PKEY_CTX_set_data(ctx, data);
	415	return 1;
	416	}
	417
	418	static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
	419	{
	420	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
	421	OPENSSL_free(data);
	422	}
	423
a4346646	424	static int pkey_gost_mac_copy(EVP_PKEY_CTX dst, EVP_PKEY_CTX src)
ae5c8664 MC	425	{
	426	struct gost_mac_pmeth_data dst_data, src_data;
	427	if (!pkey_gost_mac_init(dst)) {
	428	return 0;
	429	}
	430	src_data = EVP_PKEY_CTX_get_data(src);
	431	dst_data = EVP_PKEY_CTX_get_data(dst);
	432	dst_data = src_data;
	433	return 1;
	434	}
	435
92e2c81a	436	static int pkey_gost_mac_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
ae5c8664 MC	437	{
	438	struct gost_mac_pmeth_data *data =
	439	(struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
	440
	441	switch (type) {
	442	case EVP_PKEY_CTRL_MD:
	443	{
	444	if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) {
	445	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
	446	GOST_R_INVALID_DIGEST_TYPE);
	447	return 0;
	448	}
	449	data->md = (EVP_MD *)p2;
	450	return 1;
	451	}
	452	break;
	453
	454	case EVP_PKEY_CTRL_GET_MD:
	455	(const EVP_MD *)p2 = data->md;
	456	return 1;
	457
	458	case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
	459	case EVP_PKEY_CTRL_PKCS7_DECRYPT:
	460	case EVP_PKEY_CTRL_PKCS7_SIGN:
	461	return 1;
	462	case EVP_PKEY_CTRL_SET_MAC_KEY:
	463	if (p1 != 32) {
	464	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
	465	return 0;
	466	}
	467
	468	memcpy(data->key, p2, 32);
	469	data->key_set = 1;
	470	return 1;
	471	case EVP_PKEY_CTRL_DIGESTINIT:
	472	{
	473	EVP_MD_CTX *mctx = p2;
	474	void *key;
	475	if (!data->key_set) {
	476	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
	477	if (!pkey) {
	478	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
	479	GOST_R_MAC_KEY_NOT_SET);
	480	return 0;
	481	}
	482	key = EVP_PKEY_get0(pkey);
	483	if (!key) {
	484	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
	485	GOST_R_MAC_KEY_NOT_SET);
	486	return 0;
	487	}
	488	} else {
	489	key = &(data->key);
	490	}
	491	return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
	492	}
	493	}
	494	return -2;
	495	}
	496
a4346646	497	static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
ae5c8664 MC	498	const char type, const char value)
	499	{
	500	if (!strcmp(type, key_ctrl_string)) {
	501	if (strlen(value) != 32) {
	502	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
	503	GOST_R_INVALID_MAC_KEY_LENGTH);
	504	return 0;
	505	}
	506	return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
	507	32, (char *)value);
	508	}
	509	if (!strcmp(type, hexkey_ctrl_string)) {
	510	long keylen;
	511	int ret;
	512	unsigned char *keybuf = string_to_hex(value, &keylen);
	513	if (keylen != 32) {
	514	GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
	515	GOST_R_INVALID_MAC_KEY_LENGTH);
	516	OPENSSL_free(keybuf);
	517	return 0;
	518	}
	519	ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf);
	520	OPENSSL_free(keybuf);
	521	return ret;
	522
	523	}
	524	return -2;
	525	}
a4346646 DSH	526
a4346646 DSH	527	static int pkey_gost_mac_keygen(EVP_PKEY_CTX ctx, EVP_PKEY pkey)
ae5c8664 MC	528	{
	529	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
	530	unsigned char *keydata;
	531	if (!data->key_set) {
	532	GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
	533	return 0;
	534	}
	535	keydata = OPENSSL_malloc(32);
	536	memcpy(keydata, data->key, 32);
	537	EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
	538	return 1;
	539	}
a4346646 DSH	540
a4346646 DSH	541	static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX ctx, EVP_MD_CTX mctx)
ae5c8664 MC	542	{
ae5c8664 MC	543	return 1;
a4346646 DSH	544	}
a4346646 DSH	545
ae5c8664 MC	546	static int pkey_gost_mac_signctx(EVP_PKEY_CTX ctx, unsigned char sig,
	547	size_t siglen, EVP_MD_CTX mctx)
	548	{
	549	unsigned int tmpsiglen = siglen; / for platforms where
	550	* sizeof(int)!=sizeof(size_t) */
	551	int ret;
	552	if (!sig) {
	553	*siglen = 4;
	554	return 1;
	555	}
	556	ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
	557	*siglen = tmpsiglen;
	558	return ret;
	559	}
a04549cc	560
ae5c8664 MC	561	/* ----------------------------------------------------------------*/
	562	int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
	563	{
	564	*pmeth = EVP_PKEY_meth_new(id, flags);
	565	if (!*pmeth)
	566	return 0;
	567
	568	switch (id) {
	569	case NID_id_GostR3410_94:
	570	EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl94_str);
	571	EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost94cp_keygen);
	572	EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
	573	EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
	574	EVP_PKEY_meth_set_encrypt(*pmeth,
	575	pkey_gost_encrypt_init,
	576	pkey_GOST94cp_encrypt);
	577	EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
	578	EVP_PKEY_meth_set_derive(*pmeth,
	579	pkey_gost_derive_init, pkey_gost94_derive);
	580	EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
	581	pkey_gost94_paramgen);
	582	break;
	583	case NID_id_GostR3410_2001:
	584	EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str);
	585	EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign);
	586	EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify);
	587
	588	EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);
	589
	590	EVP_PKEY_meth_set_encrypt(*pmeth,
	591	pkey_gost_encrypt_init,
	592	pkey_GOST01cp_encrypt);
	593	EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
	594	EVP_PKEY_meth_set_derive(*pmeth,
	595	pkey_gost_derive_init, pkey_gost2001_derive);
	596	EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
	597	pkey_gost01_paramgen);
	598	break;
	599	case NID_id_Gost28147_89_MAC:
	600	EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
	601	pkey_gost_mac_ctrl_str);
	602	EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init,
	603	pkey_gost_mac_signctx);
	604	EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen);
	605	EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init);
	606	EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup);
	607	EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
	608	return 1;
	609	default: /* Unsupported method */
	610	return 0;
	611	}
	612	EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
	613	EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);
	614
	615	EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy);
	616	/*
	617	* FIXME derive etc...
	618	*/
	619
	620	return 1;
	621	}