1*de0e0e4dSAntonio Huete Jimenez /* $OpenBSD: gost.h,v 1.4 2022/07/12 14:42:49 kn Exp $ */ 2f5b1c8a1SJohn Marino /* 3f5b1c8a1SJohn Marino * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 4f5b1c8a1SJohn Marino * Copyright (c) 2005-2006 Cryptocom LTD 5f5b1c8a1SJohn Marino * 6f5b1c8a1SJohn Marino * Redistribution and use in source and binary forms, with or without 7f5b1c8a1SJohn Marino * modification, are permitted provided that the following conditions 8f5b1c8a1SJohn Marino * are met: 9f5b1c8a1SJohn Marino * 10f5b1c8a1SJohn Marino * 1. Redistributions of source code must retain the above copyright 11f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer. 12f5b1c8a1SJohn Marino * 13f5b1c8a1SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright 14f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer in 15f5b1c8a1SJohn Marino * the documentation and/or other materials provided with the 16f5b1c8a1SJohn Marino * distribution. 17f5b1c8a1SJohn Marino * 18f5b1c8a1SJohn Marino * 3. All advertising materials mentioning features or use of this 19f5b1c8a1SJohn Marino * software must display the following acknowledgment: 20f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project 21f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 22f5b1c8a1SJohn Marino * 23f5b1c8a1SJohn Marino * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 24f5b1c8a1SJohn Marino * endorse or promote products derived from this software without 25f5b1c8a1SJohn Marino * prior written permission. For written permission, please contact 26f5b1c8a1SJohn Marino * openssl-core@openssl.org. 27f5b1c8a1SJohn Marino * 28f5b1c8a1SJohn Marino * 5. Products derived from this software may not be called "OpenSSL" 29f5b1c8a1SJohn Marino * nor may "OpenSSL" appear in their names without prior written 30f5b1c8a1SJohn Marino * permission of the OpenSSL Project. 31f5b1c8a1SJohn Marino * 32f5b1c8a1SJohn Marino * 6. Redistributions of any form whatsoever must retain the following 33f5b1c8a1SJohn Marino * acknowledgment: 34f5b1c8a1SJohn Marino * "This product includes software developed by the OpenSSL Project 35f5b1c8a1SJohn Marino * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 36f5b1c8a1SJohn Marino * 37f5b1c8a1SJohn Marino * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 38f5b1c8a1SJohn Marino * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 39f5b1c8a1SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 40f5b1c8a1SJohn Marino * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 41f5b1c8a1SJohn Marino * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 42f5b1c8a1SJohn Marino * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 43f5b1c8a1SJohn Marino * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 44f5b1c8a1SJohn Marino * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 45f5b1c8a1SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 46f5b1c8a1SJohn Marino * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 47f5b1c8a1SJohn Marino * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48f5b1c8a1SJohn Marino * OF THE POSSIBILITY OF SUCH DAMAGE. 49f5b1c8a1SJohn Marino * ==================================================================== 50f5b1c8a1SJohn Marino */ 51f5b1c8a1SJohn Marino 52f5b1c8a1SJohn Marino #ifndef HEADER_GOST_H 53f5b1c8a1SJohn Marino #define HEADER_GOST_H 54f5b1c8a1SJohn Marino 55f5b1c8a1SJohn Marino #include <openssl/opensslconf.h> 56f5b1c8a1SJohn Marino 57f5b1c8a1SJohn Marino #ifdef OPENSSL_NO_GOST 58f5b1c8a1SJohn Marino #error GOST is disabled. 59f5b1c8a1SJohn Marino #endif 60f5b1c8a1SJohn Marino 61f5b1c8a1SJohn Marino #include <openssl/asn1t.h> 62f5b1c8a1SJohn Marino #include <openssl/ec.h> 63f5b1c8a1SJohn Marino 64f5b1c8a1SJohn Marino #ifdef __cplusplus 65f5b1c8a1SJohn Marino extern "C" { 66f5b1c8a1SJohn Marino #endif 67f5b1c8a1SJohn Marino 68f5b1c8a1SJohn Marino typedef struct gost2814789_key_st { 69f5b1c8a1SJohn Marino unsigned int key[8]; 70f5b1c8a1SJohn Marino unsigned int k87[256],k65[256],k43[256],k21[256]; 71f5b1c8a1SJohn Marino unsigned int count; 72f5b1c8a1SJohn Marino unsigned key_meshing : 1; 73f5b1c8a1SJohn Marino } GOST2814789_KEY; 74f5b1c8a1SJohn Marino 75f5b1c8a1SJohn Marino int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid); 76f5b1c8a1SJohn Marino int Gost2814789_set_key(GOST2814789_KEY *key, 77f5b1c8a1SJohn Marino const unsigned char *userKey, const int bits); 78f5b1c8a1SJohn Marino void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out, 79f5b1c8a1SJohn Marino GOST2814789_KEY *key, const int enc); 80f5b1c8a1SJohn Marino void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out, 81f5b1c8a1SJohn Marino size_t length, GOST2814789_KEY *key, 82f5b1c8a1SJohn Marino unsigned char *ivec, int *num, const int enc); 83f5b1c8a1SJohn Marino void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, 84f5b1c8a1SJohn Marino size_t length, GOST2814789_KEY *key, 85f5b1c8a1SJohn Marino unsigned char *ivec, unsigned char *cnt_buf, int *num); 86f5b1c8a1SJohn Marino 87f5b1c8a1SJohn Marino typedef struct { 88f5b1c8a1SJohn Marino ASN1_OCTET_STRING *iv; 89f5b1c8a1SJohn Marino ASN1_OBJECT *enc_param_set; 90f5b1c8a1SJohn Marino } GOST_CIPHER_PARAMS; 91f5b1c8a1SJohn Marino 9272c33676SMaxim Ag GOST_CIPHER_PARAMS *GOST_CIPHER_PARAMS_new(void); 9372c33676SMaxim Ag void GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a); 9472c33676SMaxim Ag GOST_CIPHER_PARAMS *d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len); 9572c33676SMaxim Ag int i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out); 9672c33676SMaxim Ag extern const ASN1_ITEM GOST_CIPHER_PARAMS_it; 97f5b1c8a1SJohn Marino 98f5b1c8a1SJohn Marino #define GOST2814789IMIT_LENGTH 4 99f5b1c8a1SJohn Marino #define GOST2814789IMIT_CBLOCK 8 100f5b1c8a1SJohn Marino #define GOST2814789IMIT_LONG unsigned int 101f5b1c8a1SJohn Marino 102f5b1c8a1SJohn Marino typedef struct GOST2814789IMITstate_st { 103f5b1c8a1SJohn Marino GOST2814789IMIT_LONG Nl, Nh; 104f5b1c8a1SJohn Marino unsigned char data[GOST2814789IMIT_CBLOCK]; 105f5b1c8a1SJohn Marino unsigned int num; 106f5b1c8a1SJohn Marino 107f5b1c8a1SJohn Marino GOST2814789_KEY cipher; 108f5b1c8a1SJohn Marino unsigned char mac[GOST2814789IMIT_CBLOCK]; 109f5b1c8a1SJohn Marino } GOST2814789IMIT_CTX; 110f5b1c8a1SJohn Marino 111f5b1c8a1SJohn Marino /* Note, also removed second parameter and removed dctx->cipher setting */ 112f5b1c8a1SJohn Marino int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid); 113f5b1c8a1SJohn Marino int GOST2814789IMIT_Update(GOST2814789IMIT_CTX *c, const void *data, size_t len); 114f5b1c8a1SJohn Marino int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c); 115f5b1c8a1SJohn Marino void GOST2814789IMIT_Transform(GOST2814789IMIT_CTX *c, const unsigned char *data); 116f5b1c8a1SJohn Marino unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n, 117f5b1c8a1SJohn Marino unsigned char *md, int nid, 118f5b1c8a1SJohn Marino const unsigned char *key, const unsigned char *iv); 119f5b1c8a1SJohn Marino 120f5b1c8a1SJohn Marino #define GOSTR341194_LONG unsigned int 121f5b1c8a1SJohn Marino 122f5b1c8a1SJohn Marino #define GOSTR341194_LENGTH 32 123f5b1c8a1SJohn Marino #define GOSTR341194_CBLOCK 32 124f5b1c8a1SJohn Marino #define GOSTR341194_LBLOCK (GOSTR341194_CBLOCK/4) 125f5b1c8a1SJohn Marino 126f5b1c8a1SJohn Marino typedef struct GOSTR341194state_st { 127f5b1c8a1SJohn Marino GOSTR341194_LONG Nl, Nh; 128f5b1c8a1SJohn Marino GOSTR341194_LONG data[GOSTR341194_LBLOCK]; 129f5b1c8a1SJohn Marino unsigned int num; 130f5b1c8a1SJohn Marino 131f5b1c8a1SJohn Marino GOST2814789_KEY cipher; 132f5b1c8a1SJohn Marino unsigned char H[GOSTR341194_CBLOCK]; 133f5b1c8a1SJohn Marino unsigned char S[GOSTR341194_CBLOCK]; 134f5b1c8a1SJohn Marino } GOSTR341194_CTX; 135f5b1c8a1SJohn Marino 136f5b1c8a1SJohn Marino /* Note, also removed second parameter and removed dctx->cipher setting */ 137f5b1c8a1SJohn Marino int GOSTR341194_Init(GOSTR341194_CTX *c, int nid); 138f5b1c8a1SJohn Marino int GOSTR341194_Update(GOSTR341194_CTX *c, const void *data, size_t len); 139f5b1c8a1SJohn Marino int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX *c); 140f5b1c8a1SJohn Marino void GOSTR341194_Transform(GOSTR341194_CTX *c, const unsigned char *data); 141f5b1c8a1SJohn Marino unsigned char *GOSTR341194(const unsigned char *d, size_t n,unsigned char *md, int nid); 142f5b1c8a1SJohn Marino 143f5b1c8a1SJohn Marino #if defined(_LP64) 144f5b1c8a1SJohn Marino #define STREEBOG_LONG64 unsigned long 145f5b1c8a1SJohn Marino #define U64(C) C##UL 146f5b1c8a1SJohn Marino #else 147f5b1c8a1SJohn Marino #define STREEBOG_LONG64 unsigned long long 148f5b1c8a1SJohn Marino #define U64(C) C##ULL 149f5b1c8a1SJohn Marino #endif 150f5b1c8a1SJohn Marino 151f5b1c8a1SJohn Marino #define STREEBOG_LBLOCK 8 152f5b1c8a1SJohn Marino #define STREEBOG_CBLOCK 64 153f5b1c8a1SJohn Marino #define STREEBOG256_LENGTH 32 154f5b1c8a1SJohn Marino #define STREEBOG512_LENGTH 64 155f5b1c8a1SJohn Marino 156f5b1c8a1SJohn Marino typedef struct STREEBOGstate_st { 157f5b1c8a1SJohn Marino STREEBOG_LONG64 data[STREEBOG_LBLOCK]; 158f5b1c8a1SJohn Marino unsigned int num; 159f5b1c8a1SJohn Marino unsigned int md_len; 160f5b1c8a1SJohn Marino STREEBOG_LONG64 h[STREEBOG_LBLOCK]; 161f5b1c8a1SJohn Marino STREEBOG_LONG64 N[STREEBOG_LBLOCK]; 162f5b1c8a1SJohn Marino STREEBOG_LONG64 Sigma[STREEBOG_LBLOCK]; 163f5b1c8a1SJohn Marino } STREEBOG_CTX; 164f5b1c8a1SJohn Marino 165f5b1c8a1SJohn Marino int STREEBOG256_Init(STREEBOG_CTX *c); 166f5b1c8a1SJohn Marino int STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len); 167f5b1c8a1SJohn Marino int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX *c); 168f5b1c8a1SJohn Marino void STREEBOG256_Transform(STREEBOG_CTX *c, const unsigned char *data); 169f5b1c8a1SJohn Marino unsigned char *STREEBOG256(const unsigned char *d, size_t n,unsigned char *md); 170f5b1c8a1SJohn Marino 171f5b1c8a1SJohn Marino int STREEBOG512_Init(STREEBOG_CTX *c); 172f5b1c8a1SJohn Marino int STREEBOG512_Update(STREEBOG_CTX *c, const void *data, size_t len); 173f5b1c8a1SJohn Marino int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c); 174f5b1c8a1SJohn Marino void STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data); 175f5b1c8a1SJohn Marino unsigned char *STREEBOG512(const unsigned char *d, size_t n,unsigned char *md); 176f5b1c8a1SJohn Marino 177f5b1c8a1SJohn Marino typedef struct gost_key_st GOST_KEY; 178f5b1c8a1SJohn Marino GOST_KEY *GOST_KEY_new(void); 179f5b1c8a1SJohn Marino void GOST_KEY_free(GOST_KEY * r); 180f5b1c8a1SJohn Marino int GOST_KEY_check_key(const GOST_KEY * eckey); 181f5b1c8a1SJohn Marino int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNUM * y); 182f5b1c8a1SJohn Marino const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key); 183f5b1c8a1SJohn Marino int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group); 184f5b1c8a1SJohn Marino int GOST_KEY_get_digest(const GOST_KEY * key); 185f5b1c8a1SJohn Marino int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid); 186f5b1c8a1SJohn Marino const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key); 187f5b1c8a1SJohn Marino int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key); 188f5b1c8a1SJohn Marino const EC_POINT * GOST_KEY_get0_public_key(const GOST_KEY * key); 189f5b1c8a1SJohn Marino int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key); 190f5b1c8a1SJohn Marino size_t GOST_KEY_get_size(const GOST_KEY * r); 191f5b1c8a1SJohn Marino 192f5b1c8a1SJohn Marino /* Gost-specific pmeth control-function parameters */ 193f5b1c8a1SJohn Marino /* For GOST R34.10 parameters */ 194f5b1c8a1SJohn Marino #define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) 195f5b1c8a1SJohn Marino #define EVP_PKEY_CTRL_GOST_SIG_FORMAT (EVP_PKEY_ALG_CTRL+2) 196f5b1c8a1SJohn Marino #define EVP_PKEY_CTRL_GOST_SET_DIGEST (EVP_PKEY_ALG_CTRL+3) 197f5b1c8a1SJohn Marino #define EVP_PKEY_CTRL_GOST_GET_DIGEST (EVP_PKEY_ALG_CTRL+4) 198f5b1c8a1SJohn Marino 199f5b1c8a1SJohn Marino #define GOST_SIG_FORMAT_SR_BE 0 200f5b1c8a1SJohn Marino #define GOST_SIG_FORMAT_RS_LE 1 201f5b1c8a1SJohn Marino 202f5b1c8a1SJohn Marino void ERR_load_GOST_strings(void); 203f5b1c8a1SJohn Marino 204f5b1c8a1SJohn Marino /* Error codes for the GOST functions. */ 205f5b1c8a1SJohn Marino 206f5b1c8a1SJohn Marino /* Function codes. */ 207f5b1c8a1SJohn Marino #define GOST_F_DECODE_GOST01_ALGOR_PARAMS 104 208f5b1c8a1SJohn Marino #define GOST_F_ENCODE_GOST01_ALGOR_PARAMS 105 209f5b1c8a1SJohn Marino #define GOST_F_GOST2001_COMPUTE_PUBLIC 106 210f5b1c8a1SJohn Marino #define GOST_F_GOST2001_DO_SIGN 107 211f5b1c8a1SJohn Marino #define GOST_F_GOST2001_DO_VERIFY 108 212f5b1c8a1SJohn Marino #define GOST_F_GOST2001_KEYGEN 109 213f5b1c8a1SJohn Marino #define GOST_F_GOST89_GET_ASN1_PARAMETERS 102 214f5b1c8a1SJohn Marino #define GOST_F_GOST89_SET_ASN1_PARAMETERS 103 215f5b1c8a1SJohn Marino #define GOST_F_GOST_KEY_CHECK_KEY 124 216f5b1c8a1SJohn Marino #define GOST_F_GOST_KEY_NEW 125 217f5b1c8a1SJohn Marino #define GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 126 218f5b1c8a1SJohn Marino #define GOST_F_PARAM_COPY_GOST01 110 219f5b1c8a1SJohn Marino #define GOST_F_PARAM_DECODE_GOST01 111 220f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_CTRL 116 221f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_DECRYPT 112 222f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_DERIVE 113 223f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_ENCRYPT 114 224f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_PARAMGEN 115 225f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST01_SIGN 123 226f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST_MAC_CTRL 100 227f5b1c8a1SJohn Marino #define GOST_F_PKEY_GOST_MAC_KEYGEN 101 228f5b1c8a1SJohn Marino #define GOST_F_PRIV_DECODE_GOST01 117 229f5b1c8a1SJohn Marino #define GOST_F_PUB_DECODE_GOST01 118 230f5b1c8a1SJohn Marino #define GOST_F_PUB_ENCODE_GOST01 119 231f5b1c8a1SJohn Marino #define GOST_F_PUB_PRINT_GOST01 120 232f5b1c8a1SJohn Marino #define GOST_F_UNPACK_SIGNATURE_CP 121 233f5b1c8a1SJohn Marino #define GOST_F_UNPACK_SIGNATURE_LE 122 234f5b1c8a1SJohn Marino 235f5b1c8a1SJohn Marino /* Reason codes. */ 236f5b1c8a1SJohn Marino #define GOST_R_BAD_KEY_PARAMETERS_FORMAT 104 237f5b1c8a1SJohn Marino #define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 105 238f5b1c8a1SJohn Marino #define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 106 239f5b1c8a1SJohn Marino #define GOST_R_CTRL_CALL_FAILED 107 240f5b1c8a1SJohn Marino #define GOST_R_ERROR_COMPUTING_SHARED_KEY 108 241f5b1c8a1SJohn Marino #define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 109 242f5b1c8a1SJohn Marino #define GOST_R_INCOMPATIBLE_ALGORITHMS 110 243f5b1c8a1SJohn Marino #define GOST_R_INCOMPATIBLE_PEER_KEY 111 244f5b1c8a1SJohn Marino #define GOST_R_INVALID_DIGEST_TYPE 100 245f5b1c8a1SJohn Marino #define GOST_R_INVALID_IV_LENGTH 103 246f5b1c8a1SJohn Marino #define GOST_R_INVALID_MAC_KEY_LENGTH 101 247f5b1c8a1SJohn Marino #define GOST_R_KEY_IS_NOT_INITIALIZED 112 248f5b1c8a1SJohn Marino #define GOST_R_KEY_PARAMETERS_MISSING 113 249f5b1c8a1SJohn Marino #define GOST_R_MAC_KEY_NOT_SET 102 250f5b1c8a1SJohn Marino #define GOST_R_NO_PARAMETERS_SET 115 251f5b1c8a1SJohn Marino #define GOST_R_NO_PEER_KEY 116 252f5b1c8a1SJohn Marino #define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 117 253f5b1c8a1SJohn Marino #define GOST_R_PUBLIC_KEY_UNDEFINED 118 254f5b1c8a1SJohn Marino #define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 120 255f5b1c8a1SJohn Marino #define GOST_R_SIGNATURE_MISMATCH 121 256f5b1c8a1SJohn Marino #define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 122 257f5b1c8a1SJohn Marino #define GOST_R_UKM_NOT_SET 123 258f5b1c8a1SJohn Marino 259f5b1c8a1SJohn Marino #ifdef __cplusplus 260f5b1c8a1SJohn Marino } 261f5b1c8a1SJohn Marino #endif 262f5b1c8a1SJohn Marino #endif 263