PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

set correct curve parameters for GOST R 34.10

pull/816/head
orignal 8 years ago
parent
d75b916153
commit
1cb89ce20d
3 changed files with 26 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      Crypto.cpp
  2. 2
      Crypto.h
  3. 18
      Signature.h

16
Crypto.cpp
Unescape View File

@ -803,17 +803,18 @@ namespace crypto
static ENGINE * g_GostEngine = nullptr; static ENGINE * g_GostEngine = nullptr;
static const EVP_MD * g_Gost3411 = nullptr; static const EVP_MD * g_Gost3411 = nullptr;
static EVP_PKEY * g_GostPKEY = nullptr;
ENGINE * GetGostEngine () const EVP_PKEY * GetGostPKEY ()
{ {
return g_GostEngine; return g_GostPKEY;
} }
uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest) uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest)
{ {
if (!g_Gost3411) return nullptr; if (!g_Gost3411) return nullptr;
auto ctx = EVP_MD_CTX_new (); auto ctx = EVP_MD_CTX_new ();
EVP_DigestInit_ex (ctx, g_Gost3411, GetGostEngine ()); EVP_DigestInit_ex (ctx, g_Gost3411, g_GostEngine);
EVP_DigestUpdate (ctx, buf, len); EVP_DigestUpdate (ctx, buf, len);
EVP_DigestFinal_ex (ctx, digest, nullptr); EVP_DigestFinal_ex (ctx, digest, nullptr);
EVP_MD_CTX_free (ctx); EVP_MD_CTX_free (ctx);
@ -833,13 +834,20 @@ namespace crypto
ENGINE_init (g_GostEngine); ENGINE_init (g_GostEngine);
ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL); ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL);
ENGINE_ctrl_cmd_string(g_GostEngine, "CRYPT_PARAMS", "id-Gost28147-89-CryptoPro-A-ParamSet", 0);
g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94); g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94);
auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, g_GostEngine);
EVP_PKEY_keygen_init (ctx);
EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); // possible values 'A', 'B', 'C', 'XA', 'XB'
EVP_PKEY_keygen (ctx, &g_GostPKEY); // it seems only way to fill with correct params
EVP_PKEY_CTX_free (ctx);
return true; return true;
} }
void TerminateGost () void TerminateGost ()
{ {
if (g_GostPKEY)
EVP_PKEY_free (g_GostPKEY);
if (g_GostEngine) if (g_GostEngine)
{ {
ENGINE_finish (g_GostEngine); ENGINE_finish (g_GostEngine);

2
Crypto.h
Unescape View File

@ -282,7 +282,7 @@ namespace crypto
// GOST // GOST
bool InitGost (); bool InitGost ();
void TerminateGost (); void TerminateGost ();
ENGINE * GetGostEngine (); const EVP_PKEY * GetGostPKEY ();
uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest); // hash uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest); // hash
void InitCrypto (bool precomputation, bool withGost = false); void InitCrypto (bool precomputation, bool withGost = false);

18
Signature.h
Unescape View File

@ -453,8 +453,9 @@ namespace crypto
GOSTR3410Verifier (const uint8_t * signingKey) GOSTR3410Verifier (const uint8_t * signingKey)
{ {
m_PublicKey = EVP_PKEY_new (); m_PublicKey = EVP_PKEY_new ();
EVP_PKEY_set_type (m_PublicKey, NID_id_GostR3410_2001); EC_KEY * ecKey = EC_KEY_new ();
EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PublicKey); EVP_PKEY_assign (m_PublicKey, NID_id_GostR3410_2001, ecKey);
EVP_PKEY_copy_parameters (m_PublicKey, GetGostPKEY ());
BIGNUM * x = BN_bin2bn (signingKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); BIGNUM * x = BN_bin2bn (signingKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL);
BIGNUM * y = BN_bin2bn (signingKey + GOSTR3410_PUBLIC_KEY_LENGTH/2, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); BIGNUM * y = BN_bin2bn (signingKey + GOSTR3410_PUBLIC_KEY_LENGTH/2, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL);
EC_KEY_set_public_key_affine_coordinates (ecKey, x, y); EC_KEY_set_public_key_affine_coordinates (ecKey, x, y);
@ -466,7 +467,7 @@ namespace crypto
{ {
uint8_t digest[32]; uint8_t digest[32];
GOSTR3411 (buf, len, digest); GOSTR3411 (buf, len, digest);
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, GetGostEngine ()); EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, nullptr);
EVP_PKEY_verify_init (ctx); EVP_PKEY_verify_init (ctx);
int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, digest, 32); int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, digest, 32);
EVP_PKEY_CTX_free (ctx); EVP_PKEY_CTX_free (ctx);
@ -488,8 +489,9 @@ namespace crypto
GOSTR3410Signer (const uint8_t * signingPrivateKey) GOSTR3410Signer (const uint8_t * signingPrivateKey)
{ {
m_PrivateKey = EVP_PKEY_new (); m_PrivateKey = EVP_PKEY_new ();
EVP_PKEY_set_type (m_PrivateKey, NID_id_GostR3410_2001); EC_KEY * ecKey = EC_KEY_new ();
EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PrivateKey); EVP_PKEY_assign (m_PrivateKey, NID_id_GostR3410_2001, ecKey);
EVP_PKEY_copy_parameters (m_PrivateKey, GetGostPKEY ());
EC_KEY_set_private_key (ecKey, BN_bin2bn (signingPrivateKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL)); EC_KEY_set_private_key (ecKey, BN_bin2bn (signingPrivateKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL));
} }
~GOSTR3410Signer () { EVP_PKEY_free (m_PrivateKey); } ~GOSTR3410Signer () { EVP_PKEY_free (m_PrivateKey); }
@ -498,7 +500,7 @@ namespace crypto
{ {
uint8_t digest[32]; uint8_t digest[32];
GOSTR3411 (buf, len, digest); GOSTR3411 (buf, len, digest);
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, GetGostEngine ()); EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, nullptr);
EVP_PKEY_sign_init (ctx); EVP_PKEY_sign_init (ctx);
size_t l = GOSTR3410_SIGNATURE_LENGTH; size_t l = GOSTR3410_SIGNATURE_LENGTH;
EVP_PKEY_sign (ctx, signature, &l, digest, 32); EVP_PKEY_sign (ctx, signature, &l, digest, 32);
@ -512,9 +514,9 @@ namespace crypto
inline void CreateGOSTR3410RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) inline void CreateGOSTR3410RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
{ {
auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, GetGostEngine ()); auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, nullptr);
EVP_PKEY_keygen_init (ctx); EVP_PKEY_keygen_init (ctx);
EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); // TODO should be in one place
EVP_PKEY* pkey = nullptr; EVP_PKEY* pkey = nullptr;
EVP_PKEY_keygen (ctx, &pkey); EVP_PKEY_keygen (ctx, &pkey);
const EC_KEY* ecKey = (const EC_KEY*) EVP_PKEY_get0(pkey); const EC_KEY* ecKey = (const EC_KEY*) EVP_PKEY_get0(pkey);

Write Preview
Loading…
Cancel
Save