diff --git a/CMakeLists.txt b/CMakeLists.txt index b58456b11..4bf8fccdc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -139,51 +139,51 @@ set(GOST_ENGINE_SOURCE_FILES set(GOST_PROVIDER_SOURCE_FILES gost_prov.c) -add_executable(test_digest test_digest.c) -target_link_libraries(test_digest gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME digest - COMMAND test_digest) - -add_executable(test_curves test_curves.c) -target_link_libraries(test_curves gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME curves - COMMAND test_curves) - -add_executable(test_params test_params.c) -target_link_libraries(test_params gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME parameters - COMMAND test_params) - -add_executable(test_sign test_sign.c) -target_link_libraries(test_sign gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME sign/verify - COMMAND test_sign) - -add_executable(test_tls test_tls.c) -target_link_libraries(test_tls gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY} ${OPENSSL_SSL_LIBRARY}) -add_test(NAME TLS - COMMAND test_tls) - -add_executable(test_context test_context.c) -target_link_libraries(test_context gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME context - COMMAND test_context) - -add_executable(test_grasshopper test_grasshopper.c) -target_link_libraries(test_grasshopper gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME grasshopper - COMMAND test_grasshopper) - -add_executable(test_keyexpimp test_keyexpimp.c) -#target_compile_definitions(test_keyexpimp PUBLIC -DOPENSSL_LOAD_CONF) -target_link_libraries(test_keyexpimp gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME keyexpimp - COMMAND test_keyexpimp) - -add_executable(test_gost89 test_gost89.c) -target_link_libraries(test_gost89 gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_test(NAME gost89 - COMMAND test_gost89) +#add_executable(test_digest test_digest.c) +#target_link_libraries(test_digest gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME digest +# COMMAND test_digest) +# +#add_executable(test_curves test_curves.c) +#target_link_libraries(test_curves gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME curves +# COMMAND test_curves) +# +#add_executable(test_params test_params.c) +#target_link_libraries(test_params gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME parameters +# COMMAND test_params) +# +#add_executable(test_sign test_sign.c) +#target_link_libraries(test_sign gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME sign/verify +# COMMAND test_sign) +# +#add_executable(test_tls test_tls.c) +#target_link_libraries(test_tls gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY} ${OPENSSL_SSL_LIBRARY}) +#add_test(NAME TLS +# COMMAND test_tls) +# +#add_executable(test_context test_context.c) +#target_link_libraries(test_context gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME context +# COMMAND test_context) +# +#add_executable(test_grasshopper test_grasshopper.c) +#target_link_libraries(test_grasshopper gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME grasshopper +# COMMAND test_grasshopper) +# +#add_executable(test_keyexpimp test_keyexpimp.c) +##target_compile_definitions(test_keyexpimp PUBLIC -DOPENSSL_LOAD_CONF) +#target_link_libraries(test_keyexpimp gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME keyexpimp +# COMMAND test_keyexpimp) +# +#add_executable(test_gost89 test_gost89.c) +#target_link_libraries(test_gost89 gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_test(NAME gost89 +# COMMAND test_gost89) if(NOT ASAN) add_test(NAME engine @@ -193,32 +193,32 @@ set_tests_properties(engine PROPERTIES ENVIRONMENT "OPENSSL_ROOT_DIR=${OPENSSL_ROOT_DIR};OPENSSL_ENGINES=${OUTPUT_DIRECTORY};OPENSSL_CONF=${CMAKE_SOURCE_DIR}/test/empty.cnf") endif() -add_executable(sign benchmark/sign.c) -target_link_libraries(sign gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY} ${CLOCK_GETTIME_LIB}) - -# All that may need to load just built engine will have path to it defined. -set(BINARY_TESTS_TARGETS - test_digest - test_curves - test_params - test_sign - test_context - test_grasshopper - test_keyexpimp - test_gost89 - test_tls - ) -set_property(TARGET ${BINARY_TESTS_TARGETS} APPEND PROPERTY COMPILE_DEFINITIONS ENGINE_DIR="${OUTPUT_DIRECTORY}") +#add_executable(sign benchmark/sign.c) +#target_link_libraries(sign gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY} ${CLOCK_GETTIME_LIB}) +# +## All that may need to load just built engine will have path to it defined. +#set(BINARY_TESTS_TARGETS +# test_digest +# test_curves +# test_params +# test_sign +# test_context +# test_grasshopper +# test_keyexpimp +# test_gost89 +# test_tls +# ) +#set_property(TARGET ${BINARY_TESTS_TARGETS} APPEND PROPERTY COMPILE_DEFINITIONS ENGINE_DIR="${OUTPUT_DIRECTORY}") add_library(gost_core STATIC ${GOST_LIB_SOURCE_FILES}) set_target_properties(gost_core PROPERTIES POSITION_INDEPENDENT_CODE ON) -add_library(gost_engine SHARED ${GOST_ENGINE_SOURCE_FILES}) -set_target_properties(gost_engine PROPERTIES PREFIX "" OUTPUT_NAME "gost") -set_target_properties(gost_engine PROPERTIES VERSION ${GOST_SOVERSION} SOVERSION ${GOST_SOVERSION}) -target_link_libraries(gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) +#add_library(gost_engine SHARED ${GOST_ENGINE_SOURCE_FILES}) +#set_target_properties(gost_engine PROPERTIES PREFIX "" OUTPUT_NAME "gost") +#set_target_properties(gost_engine PROPERTIES VERSION ${GOST_SOVERSION} SOVERSION ${GOST_SOVERSION}) +#target_link_libraries(gost_engine gost_core ${OPENSSL_CRYPTO_LIBRARY}) -add_library(gost_provider SHARED ${GOST_PROVIDER_SOURCE_FILES}) +add_library(gost_provider SHARED ${GOST_PROVIDER_SOURCE_FILES} ${GOST_ENGINE_SOURCE_FILES}) set_target_properties(gost_provider PROPERTIES PREFIX "" OUTPUT_NAME "gost_prov") set_target_properties(gost_provider PROPERTIES VERSION ${GOST_SOVERSION} SOVERSION ${GOST_SOVERSION}) target_link_libraries(gost_provider gost_core ${OPENSSL_CRYPTO_LIBRARY}) @@ -248,7 +248,7 @@ target_link_libraries(test_tlstree PUBLIC ${OPENSSL_CRYPTO_LIBRARY}) # install set(OPENSSL_MAN_INSTALL_DIR ${CMAKE_INSTALL_MANDIR}/man1) -install(TARGETS gost_engine gostsum gost12sum EXPORT GostEngineConfig +install(TARGETS gost_provider gostsum gost12sum EXPORT GostEngineConfig LIBRARY DESTINATION ${OPENSSL_ENGINES_DIR} RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}) install(FILES gostsum.1 gost12sum.1 DESTINATION ${OPENSSL_MAN_INSTALL_DIR}) diff --git a/gost_md2012.c b/gost_md2012.c index 5acb111d3..1d0168bf9 100644 --- a/gost_md2012.c +++ b/gost_md2012.c @@ -1,168 +1,115 @@ -/********************************************************************** - * gost_md2012.c * - * Copyright (c) 2013 Cryptocom LTD. * - * This file is distributed under the same license as OpenSSL * - * * - * GOST R 34.11-2012 interface to OpenSSL engine. * - * * - * Author: Alexey Degtyarev * - * * - **********************************************************************/ - -#include -#include "gosthash2012.h" +#include +#include +#include -static int gost_digest_init512(EVP_MD_CTX *ctx); -static int gost_digest_init256(EVP_MD_CTX *ctx); -static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count); -static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md); -static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_digest_cleanup(EVP_MD_CTX *ctx); -static int gost_digest_ctrl_256(EVP_MD_CTX *ctx, int type, int arg, - void *ptr); -static int gost_digest_ctrl_512(EVP_MD_CTX *ctx, int type, int arg, - void *ptr); +#include "gost_prov.h" +#include "gosthash2012.h" const char micalg_256[] = "gostr3411-2012-256"; const char micalg_512[] = "gostr3411-2012-512"; -static EVP_MD *_hidden_GostR3411_2012_256_md = NULL; -static EVP_MD *_hidden_GostR3411_2012_512_md = NULL; +/* Context management */ +static void *STREEBOG256_newctx(void *provctx); +static void STREEBOG_freectx(void *dctx); +static void *STREEBOG_dupctx(void *dctx); -EVP_MD *digest_gost2012_256(void) -{ - if (_hidden_GostR3411_2012_256_md == NULL) { - EVP_MD *md; - - if ((md = - EVP_MD_meth_new(NID_id_GostR3411_2012_256, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 32) - || !EVP_MD_meth_set_input_blocksize(md, 64) - || !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx)) - || !EVP_MD_meth_set_init(md, gost_digest_init256) - || !EVP_MD_meth_set_update(md, gost_digest_update) - || !EVP_MD_meth_set_final(md, gost_digest_final) - || !EVP_MD_meth_set_copy(md, gost_digest_copy) - || !EVP_MD_meth_set_ctrl(md, gost_digest_ctrl_256) - || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_GostR3411_2012_256_md = md; - } - return _hidden_GostR3411_2012_256_md; -} +/* Digest generation */ +static int STREEBOG256_digest_init(void *dctx); +static int STREEBOG_digest_update(void *dctx, const unsigned char *in, size_t inl); +static int STREEBOG_digest_final(void *dctx, unsigned char *out, size_t *outl, + size_t outsz); -void digest_gost2012_256_destroy(void) -{ - EVP_MD_meth_free(_hidden_GostR3411_2012_256_md); - _hidden_GostR3411_2012_256_md = NULL; -} +/* Digest parameter descriptors */ +static const OSSL_PARAM *STREEBOG_gettable_params(void); +static int STREEBOG256_digest_get_params(OSSL_PARAM params[]); -EVP_MD *digest_gost2012_512(void) -{ - if (_hidden_GostR3411_2012_512_md == NULL) { - EVP_MD *md; - - if ((md = - EVP_MD_meth_new(NID_id_GostR3411_2012_512, NID_undef)) == NULL - || !EVP_MD_meth_set_result_size(md, 64) - || !EVP_MD_meth_set_input_blocksize(md, 64) - || !EVP_MD_meth_set_app_datasize(md, sizeof(gost2012_hash_ctx)) - || !EVP_MD_meth_set_init(md, gost_digest_init512) - || !EVP_MD_meth_set_update(md, gost_digest_update) - || !EVP_MD_meth_set_final(md, gost_digest_final) - || !EVP_MD_meth_set_copy(md, gost_digest_copy) - || !EVP_MD_meth_set_ctrl(md, gost_digest_ctrl_512) - || !EVP_MD_meth_set_cleanup(md, gost_digest_cleanup)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_GostR3411_2012_512_md = md; - } - return _hidden_GostR3411_2012_512_md; -} +OSSL_DISPATCH streebog256_funcs[] = { + { OSSL_FUNC_DIGEST_NEWCTX, (funcptr_t)STREEBOG256_newctx }, + { OSSL_FUNC_DIGEST_FREECTX, (funcptr_t)STREEBOG_freectx }, + { OSSL_FUNC_DIGEST_DUPCTX, (funcptr_t)STREEBOG_dupctx }, -void digest_gost2012_512_destroy(void) -{ - EVP_MD_meth_free(_hidden_GostR3411_2012_512_md); - _hidden_GostR3411_2012_512_md = NULL; -} + { OSSL_FUNC_DIGEST_INIT, (funcptr_t)STREEBOG256_digest_init }, + { OSSL_FUNC_DIGEST_UPDATE, (funcptr_t)STREEBOG_digest_update }, + { OSSL_FUNC_DIGEST_FINAL, (funcptr_t)STREEBOG_digest_final }, + + { OSSL_FUNC_DIGEST_GETTABLE_PARAMS, (funcptr_t)STREEBOG_gettable_params }, + { OSSL_FUNC_DIGEST_GET_PARAMS, (funcptr_t)STREEBOG256_digest_get_params }, + + { 0, NULL }, +}; -static int gost_digest_init512(EVP_MD_CTX *ctx) +static void *STREEBOG256_newctx(void *provctx) { - init_gost2012_hash_ctx((gost2012_hash_ctx *) EVP_MD_CTX_md_data(ctx), - 512); - return 1; + gost2012_hash_ctx *pctx = OPENSSL_zalloc(sizeof(gost2012_hash_ctx)); + return pctx; } -static int gost_digest_init256(EVP_MD_CTX *ctx) +static void STREEBOG_freectx(void *dctx) { - init_gost2012_hash_ctx((gost2012_hash_ctx *) EVP_MD_CTX_md_data(ctx), - 256); - return 1; + OPENSSL_free(dctx); } -static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) +static void *STREEBOG_dupctx(void *dctx) { - gost2012_hash_block((gost2012_hash_ctx *) EVP_MD_CTX_md_data(ctx), data, - count); - return 1; + gost2012_hash_ctx *pctx = OPENSSL_zalloc(sizeof(gost2012_hash_ctx)); + if (pctx == NULL) + return NULL; + + if (pctx) + memcpy(pctx, dctx, sizeof(gost2012_hash_ctx)); + + return pctx; } -static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md) +static int STREEBOG256_digest_init(void *dctx) { - gost2012_finish_hash((gost2012_hash_ctx *) EVP_MD_CTX_md_data(ctx), md); - return 1; + init_gost2012_hash_ctx((gost2012_hash_ctx *)dctx, 256); + return 1; } -static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) +static int STREEBOG_digest_update(void *dctx, const unsigned char *in, size_t inl) { - if (EVP_MD_CTX_md_data(to) && EVP_MD_CTX_md_data(from)) - memcpy(EVP_MD_CTX_md_data(to), EVP_MD_CTX_md_data(from), - sizeof(gost2012_hash_ctx)); - + gost2012_hash_block((gost2012_hash_ctx *)dctx, in, inl); return 1; } -static int gost_digest_cleanup(EVP_MD_CTX *ctx) +static int STREEBOG_digest_final(void *dctx, unsigned char *out, size_t *outl, + size_t outsz) { - if (EVP_MD_CTX_md_data(ctx)) - memset(EVP_MD_CTX_md_data(ctx), 0x00, sizeof(gost2012_hash_ctx)); + gost2012_hash_ctx *pctx = (gost2012_hash_ctx *)dctx; - return 1; + if (pctx->digest_size/8 > outsz) + return 0; + + gost2012_finish_hash(pctx, out); + *outl = pctx->digest_size/8; + return 1; } -static int gost_digest_ctrl_256(EVP_MD_CTX *ctx, int type, int arg, void *ptr) +static const OSSL_PARAM *STREEBOG_gettable_params(void) { - switch (type) { - case EVP_MD_CTRL_MICALG: - { - *((char **)ptr) = OPENSSL_malloc(strlen(micalg_256) + 1); - if (*((char **)ptr) != NULL) { - strcpy(*((char **)ptr), micalg_256); - return 1; - } - return 0; - } - default: - return 0; - } + static const OSSL_PARAM table[] = { + OSSL_PARAM_size_t("blocksize", NULL), + OSSL_PARAM_size_t("size", NULL), + /* OSSL_PARAM_utf8_ptr("micalg", NULL, strlen(micalg_256)+1), */ + OSSL_PARAM_END + }; + + return table; } -static int gost_digest_ctrl_512(EVP_MD_CTX *ctx, int type, int arg, void *ptr) +static int STREEBOG256_digest_get_params(OSSL_PARAM params[]) { - switch (type) { - case EVP_MD_CTRL_MICALG: - { - *((char **)ptr) = OPENSSL_malloc(strlen(micalg_512) + 1); - if (*((char **)ptr) != NULL) { - strcpy(*((char **)ptr), micalg_512); - return 1; - } - } - default: - return 0; - } + OSSL_PARAM *p; + + if ((p = OSSL_PARAM_locate(params, "blocksize")) != NULL) + if (!OSSL_PARAM_set_size_t(p, 64)) + return 0; + if ((p = OSSL_PARAM_locate(params, "size")) != NULL) + if (!OSSL_PARAM_set_size_t(p, 32)) + return 0; +/* if ((p = OSSL_PARAM_locate(params, "micalg")) != NULL) + if (!OSSL_PARAM_set_utf8_ptr(p, micalg_256)) + return 0; */ + return 1; } diff --git a/gost_prov.c b/gost_prov.c index 273703be0..0bbe71d4a 100644 --- a/gost_prov.c +++ b/gost_prov.c @@ -5,8 +5,7 @@ #include #include -#define GOST_PROV_VERSION_STR "3.0.0" -#define GOST_PROV_FULL_VERSION_STR "3.0.0" +#include "gost_prov.h" /* Functions provided by the core */ static OSSL_core_gettable_params_fn *c_gettable_params = NULL; @@ -30,7 +29,7 @@ static int gost_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_NAME); - if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, "GOST Provider")) + if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, GOST_PROV_NAME)) return 0; p = OSSL_PARAM_locate(params, OSSL_PROV_PARAM_VERSION); if (p != NULL && !OSSL_PARAM_set_utf8_ptr(p, GOST_PROV_VERSION_STR)) @@ -43,8 +42,7 @@ static int gost_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]) } static const OSSL_ALGORITHM gost_digests[] = { - { "md_gost94", "gost.legacy=yes", NULL }, /* FIXME */ - { "md_gost2012_256:streebog256", "gost.gost=yes", NULL }, + { "md_gost2012_256:streebog256", "gost.gost=yes", streebog256_funcs }, { "md_gost2012_512:streebog512", "gost.gost=yes", NULL }, { NULL, NULL, NULL } diff --git a/gost_prov.h b/gost_prov.h new file mode 100644 index 000000000..19530cc8e --- /dev/null +++ b/gost_prov.h @@ -0,0 +1,14 @@ +#ifndef GOST_PROV_H +#define GOST_PROV_H + +#define GOST_PROV_VERSION_STR "3.0.0" +#define GOST_PROV_FULL_VERSION_STR "3.0.0" +#define GOST_PROV_NAME "GOST Provider" +/* Basic definitions */ +typedef void (*funcptr_t)(void); + +/* Digest */ +extern OSSL_DISPATCH streebog256_funcs[]; +/* extern OSSL_DISPATCH streebog512_funcs[]; */ + +#endif