We've found out that ccgost Engine doesn't support one of parameter sets
for GOST 28147-89 listed in RFC 4357. Actually S-Boxes for this
parameter set present in gost89.c, but are not linked to appropriate
OID. Attached patch fixes this problem and allows to use
Gost28147_89_TestParamSet (1.2.643.2.2.31.0) in the data encryption and
PBKDF function.
Index: gost_crypt.c
===================================================================
RCS file: /cvs-openssl/openssl/engines/ccgost/gost_crypt.c,v
retrieving revision 1.4
diff -u -r1.4 gost_crypt.c
--- gost_crypt.c 8 Nov 2006 09:45:12 -0000 1.4
+++ gost_crypt.c 9 Feb 2007 13:38:46 -0000
@@ -158,6 +158,7 @@
{NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
{NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
{NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
+ {NID_id_Gost28147_89_TestParamSet,&Gost28147_TestParamSet,1},
{NID_undef,NULL,0}
};
