Define GOST R 34.10 curves

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

diff --git a/lib/algorithms.h b/lib/algorithms.h
index fead2c2ed6ff43a94c791e2f72248311b9d9119d..d105b3cd68b058f07ad6d8c78135d18d2bfabca6 100644 (file)
--- a/lib/algorithms.h
+++ b/lib/algorithms.h
@@ -410,6 +410,7 @@ typedef struct gnutls_ecc_curve_entry_st {
        gnutls_pk_algorithm_t pk;
        unsigned size;          /* the size in bytes */
        unsigned sig_size;      /* the size of curve signatures in bytes (EdDSA) */
+       unsigned gost_curve;
 } gnutls_ecc_curve_entry_st;
 
 const gnutls_ecc_curve_entry_st

diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c
index a757feb7bbf95612b5422cc2db72643f26881bf3..7537708d900742c25e2944f13b2ba9c165e4d1cc 100644 (file)
--- a/lib/algorithms/ecc.c
+++ b/lib/algorithms/ecc.c
@@ -79,6 +79,62 @@ static const gnutls_ecc_curve_entry_st ecc_curves[] = {
         .size = 32,
         .sig_size = 64
        },
+       {
+        .name = "CryptoPro-A",
+        .oid = "1.2.643.2.2.35.1",
+        .id = GNUTLS_ECC_CURVE_GOST256CPA,
+        .pk = GNUTLS_PK_UNKNOWN,
+        .size = 32,
+        .gost_curve = 1,
+       },
+       {
+        .name = "CryptoPro-B",
+        .oid = "1.2.643.2.2.35.2",
+        .id = GNUTLS_ECC_CURVE_GOST256CPB,
+        .pk = GNUTLS_PK_UNKNOWN,
+        .size = 32,
+        .gost_curve = 1,
+       },
+       {
+        .name = "CryptoPro-C",
+        .oid = "1.2.643.2.2.35.3",
+        .id = GNUTLS_ECC_CURVE_GOST256CPC,
+        .pk = GNUTLS_PK_UNKNOWN,
+        .size = 32,
+        .gost_curve = 1,
+       },
+       {
+        .name = "CryptoPro-XchA",
+        .oid = "1.2.643.2.2.36.0",
+        .id = GNUTLS_ECC_CURVE_GOST256CPXA,
+        .pk = GNUTLS_PK_UNKNOWN,
+        .size = 32,
+        .gost_curve = 1,
+       },
+       {
+        .name = "CryptoPro-XchB",
+        .oid = "1.2.643.2.2.36.1",
+        .id = GNUTLS_ECC_CURVE_GOST256CPXB,
+        .pk = GNUTLS_PK_UNKNOWN,
+        .size = 32,
+        .gost_curve = 1,
+       },
+       {
+        .name = "TC26-512-A",
+        .oid = "1.2.643.7.1.2.1.2.1",
+        .id = GNUTLS_ECC_CURVE_GOST512A,
+        .pk = GNUTLS_PK_GOST_12_512,
+        .size = 64,
+        .gost_curve = 1,
+       },
+       {
+        .name = "TC26-512-B",
+        .oid = "1.2.643.7.1.2.1.2.2",
+        .id = GNUTLS_ECC_CURVE_GOST512B,
+        .pk = GNUTLS_PK_GOST_12_512,
+        .size = 64,
+        .gost_curve = 1,
+       },
        {0, 0, 0}
 };
 
@@ -162,6 +218,19 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name)
        return ret;
 }
 
+static int _gnutls_ecc_pk_compatible(const gnutls_ecc_curve_entry_st *p,
+                                    gnutls_pk_algorithm_t pk)
+{
+       if (!_gnutls_pk_curve_exists(p->id))
+               return 0;
+
+       if (pk == GNUTLS_PK_GOST_01 ||
+           pk == GNUTLS_PK_GOST_12_256)
+               return p->gost_curve && p->size == 32;
+
+       return pk == p->pk;
+}
+
 /*-
  * _gnutls_ecc_bits_to_curve:
  * @bits: is a security parameter in bits
@@ -175,11 +244,16 @@ gnutls_ecc_curve_t _gnutls_ecc_bits_to_curve(gnutls_pk_algorithm_t pk, int bits)
 
        if (pk == GNUTLS_PK_ECDSA)
                ret = GNUTLS_ECC_CURVE_SECP256R1;
+       else if (pk == GNUTLS_PK_GOST_01 ||
+                pk == GNUTLS_PK_GOST_12_256)
+               ret = GNUTLS_ECC_CURVE_GOST256CPA;
+       else if (pk == GNUTLS_PK_GOST_12_512)
+               ret = GNUTLS_ECC_CURVE_GOST512A;
        else
                ret = GNUTLS_ECC_CURVE_ED25519;
 
        GNUTLS_ECC_CURVE_LOOP(
-               if (pk == p->pk && 8 * p->size >= (unsigned)bits && _gnutls_pk_curve_exists(p->id)) {
+               if (_gnutls_ecc_pk_compatible(p, pk) && 8 * p->size >= (unsigned)bits) {
                        ret = p->id;
                        break;
                }

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index e95879a543c5228bad4c73260dd74410c345e651..a1e3aaf0cc88183f1ce4f00dfe50a514863732e9 100644 (file)
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -912,6 +912,13 @@ typedef enum {
  * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
  * @GNUTLS_ECC_CURVE_X25519: the X25519 curve (ECDH only)
  * @GNUTLS_ECC_CURVE_ED25519: the Ed25519 curve
+ * @GNUTLS_ECC_CURVE_GOST256CPA: GOST R 34.10 CryptoPro 256 A curve
+ * @GNUTLS_ECC_CURVE_GOST256CPB: GOST R 34.10 CryptoPro 256 B curve
+ * @GNUTLS_ECC_CURVE_GOST256CPC: GOST R 34.10 CryptoPro 256 C curve
+ * @GNUTLS_ECC_CURVE_GOST256CPXA: GOST R 34.10 CryptoPro 256 XchA curve
+ * @GNUTLS_ECC_CURVE_GOST256CPXB: GOST R 34.10 CryptoPro 256 XchB curve
+ * @GNUTLS_ECC_CURVE_GOST512A: GOST R 34.10 TC26 512 A curve
+ * @GNUTLS_ECC_CURVE_GOST512B: GOST R 34.10 TC26 512 B curve
  *
  * Enumeration of ECC curves.
  */
@@ -924,7 +931,14 @@ typedef enum {
        GNUTLS_ECC_CURVE_SECP192R1,
        GNUTLS_ECC_CURVE_X25519,
        GNUTLS_ECC_CURVE_ED25519,
-       GNUTLS_ECC_CURVE_MAX = GNUTLS_ECC_CURVE_ED25519
+       GNUTLS_ECC_CURVE_GOST256CPA,
+       GNUTLS_ECC_CURVE_GOST256CPB,
+       GNUTLS_ECC_CURVE_GOST256CPC,
+       GNUTLS_ECC_CURVE_GOST256CPXA,
+       GNUTLS_ECC_CURVE_GOST256CPXB,
+       GNUTLS_ECC_CURVE_GOST512A,
+       GNUTLS_ECC_CURVE_GOST512B,
+       GNUTLS_ECC_CURVE_MAX = GNUTLS_ECC_CURVE_GOST512B
 } gnutls_ecc_curve_t;
 
 /**