Djam/openssl1.1
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/openssl1.1.git synced 2025-02-23 16:12:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update gost-engine-2 patch with more commits from fixed gost-engine 1.0.2 branch

Browse source
This commit is contained in:
Andrey Bondrov 2016-12-16 12:44:25 +10:00
parent e6f7bcec42
commit 50c21b38da
2 changed files with 189 additions and 123 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

308
openssl-1.0.2j-gost-engine-2.patch
View file

@ -1,6 +1,6 @@
diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.c openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.c openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c
--- openssl-1.0.2j/engines/ccgost/e_gost_err.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/e_gost_err.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.c 2016-04-19 04:43:25.000000000 +1000
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
/* e_gost_err.c */ /* e_gost_err.c */
/* ==================================================================== /* ====================================================================
@ -119,7 +119,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.c openssl-1.0.2j-patched/engi
"signature parts greater than q"}, "signature parts greater than q"},
diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.h openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.h openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h
--- openssl-1.0.2j/engines/ccgost/e_gost_err.h 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/e_gost_err.h 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/e_gost_err.h 2016-04-19 04:43:25.000000000 +1000
@@ -1,12 +1,12 @@ @@ -1,12 +1,12 @@
/* ==================================================================== /* ====================================================================
- * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved.
@ -298,7 +298,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/e_gost_err.h openssl-1.0.2j-patched/engi
} }
diff -urN openssl-1.0.2j/engines/ccgost/gost12sum.c openssl-1.0.2j-patched/engines/ccgost/gost12sum.c diff -urN openssl-1.0.2j/engines/ccgost/gost12sum.c openssl-1.0.2j-patched/engines/ccgost/gost12sum.c
--- openssl-1.0.2j/engines/ccgost/gost12sum.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost12sum.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost12sum.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost12sum.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,266 @@ @@ -0,0 +1,266 @@
+/********************************************************************** +/**********************************************************************
+ * gostsum12.c * + * gostsum12.c *
@ -568,7 +568,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost12sum.c openssl-1.0.2j-patched/engin
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gost89.c openssl-1.0.2j-patched/engines/ccgost/gost89.c diff -urN openssl-1.0.2j/engines/ccgost/gost89.c openssl-1.0.2j-patched/engines/ccgost/gost89.c
--- openssl-1.0.2j/engines/ccgost/gost89.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost89.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost89.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost89.c 2016-04-19 04:43:25.000000000 +1000
@@ -208,6 +208,33 @@ @@ -208,6 +208,33 @@
0x8, 0x3} 0x8, 0x3}
}; };
@ -605,7 +605,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost89.c openssl-1.0.2j-patched/engines/
0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
diff -urN openssl-1.0.2j/engines/ccgost/gost89.h openssl-1.0.2j-patched/engines/ccgost/gost89.h diff -urN openssl-1.0.2j/engines/ccgost/gost89.h openssl-1.0.2j-patched/engines/ccgost/gost89.h
--- openssl-1.0.2j/engines/ccgost/gost89.h 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost89.h 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost89.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost89.h 2016-04-19 04:43:25.000000000 +1000
@@ -92,6 +92,7 @@ @@ -92,6 +92,7 @@
extern gost_subst_block Gost28147_CryptoProParamSetB; extern gost_subst_block Gost28147_CryptoProParamSetB;
extern gost_subst_block Gost28147_CryptoProParamSetC; extern gost_subst_block Gost28147_CryptoProParamSetC;
@ -616,7 +616,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost89.h openssl-1.0.2j-patched/engines/
diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c
--- openssl-1.0.2j/engines/ccgost/gost_ameth.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_ameth.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_ameth.c 2016-04-19 04:43:25.000000000 +1000
@@ -16,23 +16,54 @@ @@ -16,23 +16,54 @@
#ifndef OPENSSL_NO_CMS #ifndef OPENSSL_NO_CMS
# include <openssl/cms.h> # include <openssl/cms.h>
@ -1151,17 +1151,17 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
} }
ret = gost_set_priv_key(pk, pk_num); ret = gost_set_priv_key(pk, pk_num);
@@ -346,166 +431,160 @@ @@ -346,166 +431,163 @@
{ {
ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
ASN1_STRING *params = encode_gost_algor_params(pk); ASN1_STRING *params = encode_gost_algor_params(pk);
- unsigned char *priv_buf = NULL; - unsigned char *priv_buf = NULL;
- int priv_len; - int priv_len;
+ unsigned char *priv_buf = NULL, *buf = NULL; + unsigned char /**priv_buf = NULL,*/ *buf = NULL;
+ int key_len = pkey_bits_gost(pk), priv_len = 0, i = 0; + int key_len = pkey_bits_gost(pk), /*priv_len = 0,*/ i = 0;
- ASN1_INTEGER *asn1key = NULL; - ASN1_INTEGER *asn1key = NULL;
+ ASN1_STRING *octet = NULL; + /*ASN1_STRING *octet = NULL;*/
if (!params) { if (!params) {
return 0; return 0;
} }
@ -1186,6 +1186,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
+ buf[key_len - 1 - i] = tmp; + buf[key_len - 1 - i] = tmp;
+ } + }
+ +
+/*
+ octet = ASN1_STRING_new(); + octet = ASN1_STRING_new();
+ ASN1_OCTET_STRING_set(octet, buf, key_len); + ASN1_OCTET_STRING_set(octet, buf, key_len);
+ +
@ -1193,8 +1194,11 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
+ ASN1_STRING_free(octet); + ASN1_STRING_free(octet);
+ OPENSSL_free(buf); + OPENSSL_free(buf);
+ +
+ return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
+ priv_buf, priv_len); */
return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
priv_buf, priv_len); - priv_buf, priv_len);
+ buf, key_len);
} }
/* --------- printing keys --------------------------------*/ /* --------- printing keys --------------------------------*/
@ -1359,11 +1363,11 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
- return 0; - return 0;
- } - }
- if (!BIO_indent(out, indent, 128)) - if (!BIO_indent(out, indent, 128))
- return 0;
- BIO_printf(out, "Public key:\n");
- if (!BIO_indent(out, indent + 3, 128))
+ if (print_gost_ec_pub(out, pkey, indent) == 0) + if (print_gost_ec_pub(out, pkey, indent) == 0)
return 0; return 0;
- BIO_printf(out, "Public key:\n");
- if (!BIO_indent(out, indent + 3, 128))
- return 0;
- BIO_printf(out, "X:"); - BIO_printf(out, "X:");
- BN_print(out, X); - BN_print(out, X);
- BIO_printf(out, "\n"); - BIO_printf(out, "\n");
@ -1382,24 +1386,24 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
- return 0; - return 0;
- BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
- return 1; - return 1;
+ return print_gost_ec_param(out, pkey, indent); -}
} -
-static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, -static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx) - ASN1_PCTX *pctx)
+static int param_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent, -{
+ ASN1_PCTX *pctx)
{
- return print_gost_01(out, pkey, indent, pctx, 0); - return print_gost_01(out, pkey, indent, pctx, 0);
+ return print_gost_ec(out, pkey, indent, pctx, 0); + return print_gost_ec_param(out, pkey, indent);
} }
-static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, -static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx) - ASN1_PCTX *pctx)
-{ +static int param_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx)
{
- return print_gost_01(out, pkey, indent, pctx, 1); - return print_gost_01(out, pkey, indent, pctx, 1);
-} + return print_gost_ec(out, pkey, indent, pctx, 0);
- }
-static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, -static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+static int pub_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent, +static int pub_print_gost_ec(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx) ASN1_PCTX *pctx)
@ -1428,7 +1432,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
{ {
const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
if (!ec) if (!ec)
@@ -515,159 +594,61 @@ @@ -515,159 +597,61 @@
return 0; return 0;
} }
@ -1612,7 +1616,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
{ {
X509_ALGOR *palg = NULL; X509_ALGOR *palg = NULL;
const unsigned char *pubkey_buf = NULL; const unsigned char *pubkey_buf = NULL;
@@ -688,12 +669,13 @@ @@ -688,12 +672,13 @@
group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
if (!octet) { if (!octet) {
@ -1628,7 +1632,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
return 0; return 0;
} }
for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) {
@@ -707,7 +689,7 @@ @@ -707,7 +692,7 @@
OPENSSL_free(databuf); OPENSSL_free(databuf);
pub_key = EC_POINT_new(group); pub_key = EC_POINT_new(group);
if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) { if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) {
@ -1637,7 +1641,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
EC_POINT_free(pub_key); EC_POINT_free(pub_key);
BN_free(X); BN_free(X);
BN_free(Y); BN_free(Y);
@@ -716,7 +698,7 @@ @@ -716,7 +701,7 @@
BN_free(X); BN_free(X);
BN_free(Y); BN_free(Y);
if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) { if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) {
@ -1646,7 +1650,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
EC_POINT_free(pub_key); EC_POINT_free(pub_key);
return 0; return 0;
} }
@@ -725,15 +707,15 @@ @@ -725,15 +710,15 @@
} }
@ -1666,7 +1670,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
int ptype = V_ASN1_UNDEF; int ptype = V_ASN1_UNDEF;
@@ -744,116 +726,125 @@ @@ -744,116 +729,125 @@
ptype = V_ASN1_SEQUENCE; ptype = V_ASN1_SEQUENCE;
} }
order = BN_new(); order = BN_new();
@ -1841,7 +1845,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
} }
static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
@@ -864,46 +855,18 @@ @@ -864,46 +858,18 @@
return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
} }
@ -1890,7 +1894,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
} }
/* ----------------------------------------------------------------------*/ /* ----------------------------------------------------------------------*/
@@ -914,44 +877,53 @@ @@ -914,44 +880,53 @@
if (!*ameth) if (!*ameth)
return 0; return 0;
switch (nid) { switch (nid) {
@ -1962,8 +1966,8 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ameth.c openssl-1.0.2j-patched/engi
} }
diff -urN openssl-1.0.2j/engines/ccgost/gost_asn1.c openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c diff -urN openssl-1.0.2j/engines/ccgost/gost_asn1.c openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c
--- openssl-1.0.2j/engines/ccgost/gost_asn1.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_asn1.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_asn1.c 2016-04-19 04:43:25.000000000 +1000
@@ -12,45 +12,52 @@ @@ -12,45 +12,58 @@
#include "gost_lcl.h" #include "gost_lcl.h"
ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = { ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = {
@ -1971,88 +1975,88 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_asn1.c openssl-1.0.2j-patched/engin
- ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0) - ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0)
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT)
- -
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) + ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO),
- + ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info,
+ GOST_KEY_AGREEMENT_INFO, 0)
+}
+ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT)
IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = { -ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = {
- ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING),
- ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) - ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING)
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO)
+ ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), -
+ ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, +ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) =
+ GOST_KEY_AGREEMENT_INFO, 0) +{
+ ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING)
+} +}
+ +ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO)
+ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = { -ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = {
- ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT),
+ ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = - ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0),
+{ - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING)
+ ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO)
+ ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) +ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) =
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
+ ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) =
+{ +{
+ ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), + ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT),
ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), + ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0),
ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) + ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING)
} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) +}
- +ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO)
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
-
-ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = { -ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = {
- ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
+ ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) =
+{
+ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
- ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), - ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT),
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
- -
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) +ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) =
- +{
+ ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
+ ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
+ ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT),
+}
+ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
-ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = { -ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = {
- ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING),
- ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT),
-} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) -} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS)
- -
-IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) +ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) =
-
-ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */
+ ASN1_OPT(GOST_KEY_PARAMS, cipher_params,
+ ASN1_OBJECT),} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+ ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) =
+{ +{
+ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), + ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, + ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT),
+ ASN1_OBJECT),} +}
+ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) +ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS)
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+ ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) =
-ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */
+ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) =
+{ /* FIXME incomplete */ +{ /* FIXME incomplete */
ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT) ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT)
-} }
+} ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -
ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+ +
+ IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) +ASN1_NDEF_SEQUENCE(MASKED_GOST_KEY) =
-ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
-IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+ ASN1_NDEF_SEQUENCE(MASKED_GOST_KEY) =
+{ +{
+ ASN1_SIMPLE(MASKED_GOST_KEY, masked_priv_key, ASN1_OCTET_STRING), + ASN1_SIMPLE(MASKED_GOST_KEY, masked_priv_key, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(MASKED_GOST_KEY, public_key, ASN1_OCTET_STRING) + ASN1_SIMPLE(MASKED_GOST_KEY, public_key, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(MASKED_GOST_KEY) +}
+ IMPLEMENT_ASN1_FUNCTIONS(MASKED_GOST_KEY) +ASN1_NDEF_SEQUENCE_END(MASKED_GOST_KEY)
+IMPLEMENT_ASN1_FUNCTIONS(MASKED_GOST_KEY)
diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c
--- openssl-1.0.2j/engines/ccgost/gost_crypt.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_crypt.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_crypt.c 2016-04-19 04:43:25.000000000 +1000
@@ -8,6 +8,7 @@ @@ -8,6 +8,7 @@
**********************************************************************/ **********************************************************************/
#include <string.h> #include <string.h>
@ -2250,12 +2254,12 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
+int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, +int gost_cipher_do_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl)
+{ +{
+ OPENSSL_assert(inl % 8 == 0);
+ unsigned char b[8]; + unsigned char b[8];
+ const unsigned char *in_ptr = in; + const unsigned char *in_ptr = in;
+ unsigned char *out_ptr = out; + unsigned char *out_ptr = out;
+ int i; + int i;
+ struct ossl_gost_cipher_ctx *c = ctx->cipher_data; + struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+ OPENSSL_assert(inl % 8 == 0);
+ if (ctx->encrypt) { + if (ctx->encrypt) {
+ while (inl > 0) { + while (inl > 0) {
+ for (i = 0; i < 8; i++) { + for (i = 0; i < 8; i++) {
@ -2285,7 +2289,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
/* GOST encryption in CFB mode */ /* GOST encryption in CFB mode */
int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl) const unsigned char *in, size_t inl)
@@ -398,18 +524,36 @@ @@ -398,23 +524,86 @@
int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{ {
switch (type) { switch (type) {
@ -2325,7 +2329,57 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
return 1; return 1;
} else { } else {
return 0; return 0;
@@ -433,22 +577,22 @@ }
+#ifdef EVP_CTRL_SET_SBOX
+ case EVP_CTRL_SET_SBOX:
+ if (ptr) {
+ struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+ int nid;
+ int cur_meshing;
+ int ret;
+
+ if (c == NULL) {
+ return -1;
+ }
+
+ if (c->count != 0) {
+ return -1;
+ }
+
+ nid = OBJ_txt2nid(ptr);
+ if (nid == NID_undef) {
+ return 0;
+ }
+
+ cur_meshing = c->key_meshing;
+ ret = gost_cipher_set_param(c, nid);
+ c->key_meshing = cur_meshing;
+ return ret;
+ } else {
+ return 0;
+ }
+#endif
+#ifdef EVP_CTRL_KEY_MESH
+ case EVP_CTRL_KEY_MESH:
+ {
+ struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+
+ if (c == NULL) {
+ return -1;
+ }
+
+ if (c->count != 0) {
+ return -1;
+ }
+ c->key_meshing = arg;
+ return 1;
+ }
+#endif
default:
GOSTerr(GOST_F_GOST_CIPHER_CTL,
GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
@@ -433,22 +622,22 @@
GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
ASN1_OCTET_STRING *os = NULL; ASN1_OCTET_STRING *os = NULL;
if (!gcp) { if (!gcp) {
@ -2352,7 +2406,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
return 0; return 0;
} }
i2d_GOST_CIPHER_PARAMS(gcp, &p); i2d_GOST_CIPHER_PARAMS(gcp, &p);
@@ -458,7 +602,7 @@ @@ -458,7 +647,7 @@
if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
OPENSSL_free(buf); OPENSSL_free(buf);
@ -2361,7 +2415,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
return 0; return 0;
} }
OPENSSL_free(buf); OPENSSL_free(buf);
@@ -475,6 +619,8 @@ @@ -475,6 +664,8 @@
GOST_CIPHER_PARAMS *gcp = NULL; GOST_CIPHER_PARAMS *gcp = NULL;
unsigned char *p; unsigned char *p;
struct ossl_gost_cipher_ctx *c = ctx->cipher_data; struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
@ -2370,7 +2424,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
return ret; return ret;
} }
@@ -490,7 +636,16 @@ @@ -490,18 +681,33 @@
GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH); GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH);
return -1; return -1;
} }
@ -2388,7 +2442,17 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
GOST_CIPHER_PARAMS_free(gcp); GOST_CIPHER_PARAMS_free(gcp);
return -1; return -1;
} }
@@ -501,7 +656,7 @@ - memcpy(ctx->oiv, gcp->iv->data, len);
+
+ {
+ ASN1_TYPE tmp;
+ tmp.value.octet_string = gcp->iv;
+ tmp.type = V_ASN1_OCTET_STRING;
+ EVP_CIPHER_get_asn1_iv(ctx, &tmp);
+ }
GOST_CIPHER_PARAMS_free(gcp);
return 1; return 1;
} }
@ -2397,7 +2461,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
{ {
struct ossl_gost_imit_ctx *c = ctx->md_data; struct ossl_gost_imit_ctx *c = ctx->md_data;
memset(c->buffer, 0, sizeof(c->buffer)); memset(c->buffer, 0, sizeof(c->buffer));
@@ -509,10 +664,21 @@ @@ -509,10 +715,21 @@
c->count = 0; c->count = 0;
c->bytes_left = 0; c->bytes_left = 0;
c->key_meshing = 1; c->key_meshing = 1;
@ -2420,7 +2484,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
static void mac_block_mesh(struct ossl_gost_imit_ctx *c, static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
const unsigned char *data) const unsigned char *data)
{ {
@@ -581,7 +747,7 @@ @@ -581,7 +798,7 @@
} }
mac_block_mesh(c, c->partial_block); mac_block_mesh(c, c->partial_block);
} }
@ -2429,7 +2493,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
return 1; return 1;
} }
@@ -593,17 +759,50 @@ @@ -593,17 +810,50 @@
return 1; return 1;
case EVP_MD_CTRL_SET_KEY: case EVP_MD_CTRL_SET_KEY:
{ {
@ -2488,7 +2552,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_crypt.c openssl-1.0.2j-patched/engi
} }
diff -urN openssl-1.0.2j/engines/ccgost/gost_ctl.c openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c diff -urN openssl-1.0.2j/engines/ccgost/gost_ctl.c openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c
--- openssl-1.0.2j/engines/ccgost/gost_ctl.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_ctl.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_ctl.c 2016-04-19 04:43:25.000000000 +1000
@@ -15,34 +15,28 @@ @@ -15,34 +15,28 @@
#include "gost_lcl.h" #include "gost_lcl.h"
@ -2560,7 +2624,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ctl.c openssl-1.0.2j-patched/engine
return 1; return 1;
diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c
--- openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_keyx.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,341 @@ @@ -0,0 +1,341 @@
+/********************************************************************** +/**********************************************************************
+ * gost_ec_keyx.c * + * gost_ec_keyx.c *
@ -2905,7 +2969,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_keyx.c openssl-1.0.2j-patched/en
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_sign.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_sign.c openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c
--- openssl-1.0.2j/engines/ccgost/gost_ec_sign.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_ec_sign.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_ec_sign.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,522 @@ @@ -0,0 +1,522 @@
+/********************************************************************** +/**********************************************************************
+ * gost_ec_sign.c * + * gost_ec_sign.c *
@ -3431,7 +3495,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_ec_sign.c openssl-1.0.2j-patched/en
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gost_eng.c openssl-1.0.2j-patched/engines/ccgost/gost_eng.c diff -urN openssl-1.0.2j/engines/ccgost/gost_eng.c openssl-1.0.2j-patched/engines/ccgost/gost_eng.c
--- openssl-1.0.2j/engines/ccgost/gost_eng.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_eng.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_eng.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_eng.c 2016-04-19 04:43:25.000000000 +1000
@@ -33,20 +33,41 @@ @@ -33,20 +33,41 @@
static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
const int **nids, int nid); const int **nids, int nid);
@ -3692,7 +3756,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_eng.c openssl-1.0.2j-patched/engine
if (!toadd) if (!toadd)
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.c openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.c openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c
--- openssl-1.0.2j/engines/ccgost/gosthash2012.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,230 @@ @@ -0,0 +1,230 @@
+/* +/*
+ * GOST R 34.11-2012 core functions. + * GOST R 34.11-2012 core functions.
@ -3926,7 +3990,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.c openssl-1.0.2j-patched/en
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_const.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_const.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h
--- openssl-1.0.2j/engines/ccgost/gosthash2012_const.h 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012_const.h 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_const.h 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,352 @@ @@ -0,0 +1,352 @@
+/* +/*
+ * GOST R 34.11-2012 constants. + * GOST R 34.11-2012 constants.
@ -4282,7 +4346,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_const.h openssl-1.0.2j-patc
+}; +};
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h
--- openssl-1.0.2j/engines/ccgost/gosthash2012.h 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012.h 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012.h 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,66 @@ @@ -0,0 +1,66 @@
+/* +/*
+ * GOST R 34.11-2012 core functions definitions. + * GOST R 34.11-2012 core functions definitions.
@ -4352,7 +4416,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012.h openssl-1.0.2j-patched/en
+void gost2012_finish_hash(gost2012_hash_ctx * CTX, unsigned char *digest); +void gost2012_finish_hash(gost2012_hash_ctx * CTX, unsigned char *digest);
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h
--- openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_precalc.h 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,1411 @@ @@ -0,0 +1,1411 @@
+/* +/*
+ * Precalculation of matrix A multiplication. + * Precalculation of matrix A multiplication.
@ -5767,7 +5831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_precalc.h openssl-1.0.2j-pa
+#endif +#endif
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h
--- openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_ref.h 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,63 @@ @@ -0,0 +1,63 @@
+/* +/*
+ * Portable implementation of core functions for GOST R 34.11-2012. + * Portable implementation of core functions for GOST R 34.11-2012.
@ -5834,7 +5898,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_ref.h openssl-1.0.2j-patche
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h
--- openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash2012_sse2.h 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,204 @@ @@ -0,0 +1,204 @@
+/* +/*
+ * Implementation of core functions for GOST R 34.11-2012 using SSE2. + * Implementation of core functions for GOST R 34.11-2012 using SSE2.
@ -6042,7 +6106,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash2012_sse2.h openssl-1.0.2j-patch
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gosthash.c openssl-1.0.2j-patched/engines/ccgost/gosthash.c diff -urN openssl-1.0.2j/engines/ccgost/gosthash.c openssl-1.0.2j-patched/engines/ccgost/gosthash.c
--- openssl-1.0.2j/engines/ccgost/gosthash.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gosthash.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gosthash.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gosthash.c 2016-04-19 04:43:25.000000000 +1000
@@ -154,7 +154,7 @@ @@ -154,7 +154,7 @@
int init_gost_hash_ctx(gost_hash_ctx * ctx, int init_gost_hash_ctx(gost_hash_ctx * ctx,
const gost_subst_block * subst_block) const gost_subst_block * subst_block)
@ -6063,7 +6127,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gosthash.c openssl-1.0.2j-patched/engine
while (fin_len > 0) { while (fin_len > 0) {
diff -urN openssl-1.0.2j/engines/ccgost/gost_lcl.h openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h diff -urN openssl-1.0.2j/engines/ccgost/gost_lcl.h openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h
--- openssl-1.0.2j/engines/ccgost/gost_lcl.h 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_lcl.h 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_lcl.h 2016-04-19 04:43:25.000000000 +1000
@@ -20,8 +20,23 @@ @@ -20,8 +20,23 @@
# include "gosthash.h" # include "gosthash.h"
/* Control commands */ /* Control commands */
@ -6261,7 +6325,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_lcl.h openssl-1.0.2j-patched/engine
#endif #endif
diff -urN openssl-1.0.2j/engines/ccgost/gost_md2012.c openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c diff -urN openssl-1.0.2j/engines/ccgost/gost_md2012.c openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c
--- openssl-1.0.2j/engines/ccgost/gost_md2012.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_md2012.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_md2012.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,139 @@ @@ -0,0 +1,139 @@
+/********************************************************************** +/**********************************************************************
+ * gost_md2012.c * + * gost_md2012.c *
@ -6404,7 +6468,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_md2012.c openssl-1.0.2j-patched/eng
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gost_params.c openssl-1.0.2j-patched/engines/ccgost/gost_params.c diff -urN openssl-1.0.2j/engines/ccgost/gost_params.c openssl-1.0.2j-patched/engines/ccgost/gost_params.c
--- openssl-1.0.2j/engines/ccgost/gost_params.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_params.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_params.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_params.c 2016-04-19 04:43:25.000000000 +1000
@@ -1,144 +1,17 @@ @@ -1,144 +1,17 @@
/********************************************************************** /**********************************************************************
* params.c * * params.c *
@ -6609,7 +6673,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_params.c openssl-1.0.2j-patched/eng
}; };
diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c
--- openssl-1.0.2j/engines/ccgost/gost_pmeth.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gost_pmeth.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gost_pmeth.c 2016-04-19 04:43:25.000000000 +1000
@@ -1,43 +1,50 @@ @@ -1,43 +1,50 @@
/********************************************************************** /**********************************************************************
* gost_pmeth.c * * gost_pmeth.c *
@ -6767,7 +6831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
} }
- return -2; - return -2;
-} -}
-
-static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx, -static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value) - const char *type, const char *value)
-{ -{
@ -6825,7 +6889,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
- return 0; - return 0;
- } - }
- } - }
-
- return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- param_nid, NULL); - param_nid, NULL);
- } - }
@ -7295,7 +7359,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
long keylen; long keylen;
int ret; int ret;
unsigned char *keybuf = string_to_hex(value, &keylen); unsigned char *keybuf = string_to_hex(value, &keylen);
@@ -523,42 +615,101 @@ @@ -523,42 +615,103 @@
return ret; return ret;
} }
@ -7317,11 +7381,13 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
+ } + }
+ +
+ param = get_encryption_params(obj); + param = get_encryption_params(obj);
+ ASN1_OBJECT_free(obj);
+ if (param == NULL) { + if (param == NULL) {
+ GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS); + GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, GOST_R_INVALID_MAC_PARAMS);
+ return 0; + return 0;
+ } + }
+ +
+
+ return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, 0, + return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, 0,
+ (void *)param); + (void *)param);
+ } + }
@ -7407,7 +7473,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
return ret; return ret;
} }
@@ -570,35 +721,58 @@ @@ -570,35 +723,58 @@
return 0; return 0;
switch (id) { switch (id) {
@ -7485,7 +7551,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
break; break;
case NID_id_Gost28147_89_MAC: case NID_id_Gost28147_89_MAC:
EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
@@ -609,6 +783,16 @@ @@ -609,6 +785,16 @@
EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init); EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init);
EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup); EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup);
EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy); EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
@ -7504,7 +7570,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gost_pmeth.c openssl-1.0.2j-patched/engi
return 0; return 0;
diff -urN openssl-1.0.2j/engines/ccgost/gostsum12.c openssl-1.0.2j-patched/engines/ccgost/gostsum12.c diff -urN openssl-1.0.2j/engines/ccgost/gostsum12.c openssl-1.0.2j-patched/engines/ccgost/gostsum12.c
--- openssl-1.0.2j/engines/ccgost/gostsum12.c 1970-01-01 10:00:00.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gostsum12.c 1970-01-01 10:00:00.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gostsum12.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gostsum12.c 2016-04-19 04:43:25.000000000 +1000
@@ -0,0 +1,257 @@ @@ -0,0 +1,257 @@
+/********************************************************************** +/**********************************************************************
+ * gostsum12.c * + * gostsum12.c *
@ -7765,7 +7831,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gostsum12.c openssl-1.0.2j-patched/engin
+} +}
diff -urN openssl-1.0.2j/engines/ccgost/gostsum.c openssl-1.0.2j-patched/engines/ccgost/gostsum.c diff -urN openssl-1.0.2j/engines/ccgost/gostsum.c openssl-1.0.2j-patched/engines/ccgost/gostsum.c
--- openssl-1.0.2j/engines/ccgost/gostsum.c 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/gostsum.c 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/gostsum.c 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/gostsum.c 2016-04-19 04:43:25.000000000 +1000
@@ -12,6 +12,9 @@ @@ -12,6 +12,9 @@
#include <unistd.h> #include <unistd.h>
#include <limits.h> #include <limits.h>
@ -7831,7 +7897,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/gostsum.c openssl-1.0.2j-patched/engines
exit(1); exit(1);
diff -urN openssl-1.0.2j/engines/ccgost/Makefile openssl-1.0.2j-patched/engines/ccgost/Makefile diff -urN openssl-1.0.2j/engines/ccgost/Makefile openssl-1.0.2j-patched/engines/ccgost/Makefile
--- openssl-1.0.2j/engines/ccgost/Makefile 2016-09-26 19:49:47.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/Makefile 2016-09-26 19:49:47.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/Makefile 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/Makefile 2016-04-19 04:43:25.000000000 +1000
@@ -8,16 +8,16 @@ @@ -8,16 +8,16 @@
CFLAGS= $(INCLUDES) $(CFLAG) CFLAGS= $(INCLUDES) $(CFLAG)
LIB=$(TOP)/libcrypto.a LIB=$(TOP)/libcrypto.a
@ -8079,7 +8145,7 @@ diff -urN openssl-1.0.2j/engines/ccgost/Makefile openssl-1.0.2j-patched/engines/
+gosthash2012.o: gosthash2012_precalc.h gosthash2012_ref.h +gosthash2012.o: gosthash2012_precalc.h gosthash2012_ref.h
diff -urN openssl-1.0.2j/engines/ccgost/README.gost openssl-1.0.2j-patched/engines/ccgost/README.gost diff -urN openssl-1.0.2j/engines/ccgost/README.gost openssl-1.0.2j-patched/engines/ccgost/README.gost
--- openssl-1.0.2j/engines/ccgost/README.gost 2016-09-26 19:49:07.000000000 +1000 --- openssl-1.0.2j/engines/ccgost/README.gost 2016-09-26 19:49:07.000000000 +1000
+++ openssl-1.0.2j-patched/engines/ccgost/README.gost 2016-01-04 00:30:05.000000000 +1000 +++ openssl-1.0.2j-patched/engines/ccgost/README.gost 2016-04-19 04:43:25.000000000 +1000
@@ -28,6 +28,8 @@ @@ -28,6 +28,8 @@
It has 256-bit symmetric key and only 32 bits of MAC value It has 256-bit symmetric key and only 32 bits of MAC value
(while HMAC has same key size and value size). (while HMAC has same key size and value size).

4
openssl.spec
View file

@ -15,7 +15,7 @@
Summary: Secure Sockets Layer communications libs & utils Summary: Secure Sockets Layer communications libs & utils
Name: openssl Name: openssl
Version: 1.0.2j Version: 1.0.2j
Release: 4 Release: 5
License: BSD-like License: BSD-like
Group: System/Libraries Group: System/Libraries
Url: https://www.openssl.org Url: https://www.openssl.org
@ -27,7 +27,7 @@ Source4: openssl-thread-test.c
# Based on https://github.com/gost-engine/engine # Based on https://github.com/gost-engine/engine
# Never remove gost-engine patches # Never remove gost-engine patches
Patch0: openssl-1.0.2j-gost-engine.patch Patch0: openssl-1.0.2j-gost-engine.patch
# Copy https://github.com/gost-engine/engine/tree/56c5e3414135c9443739db3b2b1409c3be265a50 # Copy https://github.com/gost-engine/engine/tree/openssl_1_0_2
# over engines/ccgost/ and make diff # over engines/ccgost/ and make diff
Patch1: openssl-1.0.2j-gost-engine-2.patch Patch1: openssl-1.0.2j-gost-engine-2.patch
# Handle RPM_OPT_FLAGS in Configure # Handle RPM_OPT_FLAGS in Configure