This is a second patch to add new Russian standard GOST algorithms.
Needs GOST 34.11-2012 hash implementation listed in RT #3311.
See also both patches required in a pull request on github:
https://github.com/openssl/openssl/pull/75
No test cases added, as there are none present in ccgost nor the format
of such is apparent.
However generated certificates were tested against CryptoPro CSP 4.0 and
vise-versa.
Some examples of usage:
dmitry@linux64 ~/openssl/apps $ ./openssl req -engine gost -keyout
new.pem -newkey gost2012-512 -pkeyopt paramset:B -batch new.req
engine gost set.
Generating a 2048 bit GOST2012-512 private key
writing new private key to 'new.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-
dmitry@linux64 ~/openssl/apps $ ./openssl x509 -engine gost -signkey
new.pem -req new.req
engine gost set.
Signature ok
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Getting Private key
Enter pass phrase for new.pem:
-BEGIN CERTIFICATE-
MIICCjCCAXQCCQDa+tA+pJiE/DAMBggqhQMHAQEDAwUAMEUxCzAJBgNVBAYTAkFV
MRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRz
IFB0eSBMdGQwHhcNMTQwNDIzMTMzMzIzWhcNMTQwNTIzMTMzMzIzWjBFMQswCQYD
VQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQg
V2lkZ2l0cyBQdHkgTHRkMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAgYIKoUD
BwEBAgMDgYQABIGAxmt61J1wPiggpm21ILxGboDoMekKHo+9ZD+uhlCIRgNFnIZ9
FBjPyUGvMKPwicE4QPyouId4+pAzf7W3gxP9SQtIIJ9cEKUyHwaF1fU8RgQ4P3JF
qzVo5O5u5Gpj0TgdriCjRig1Z0n2CWw045tsqK+AScj2Wer/3BDbiVEgon0wDAYI
KoUDBwEBAwMFAAOBgQAi7B2eNIFJt/B+uCxh5Bey9OoRbwgnkU00rZf8Yx83jYrb
C7P6+jtJg4XDihaLzHXIScG4Qvoi0LGMa7ZYxzG9OhCGpNH7koxA4t/78JIqn7zY
sFvbj/HZx7DjyiAGnqNh1uBDjPQrFEFm1jJyNooypYHjFyUvt9EbxKDXbiPP9w==
-END CERTIFICATE-
--
Dmitry Olshansky
Systems Engineer
Demos llc.
security.demos.ru
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index f9e422c..64134bd 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
-#define NUM_NID 963
-#define NUM_SN 954
-#define NUM_LN 954
-#define NUM_OBJ 893
+#define NUM_NID 975
+#define NUM_SN 966
+#define NUM_LN 966
+#define NUM_OBJ 905
-static const unsigned char lvalues[6282]={
+static const unsigned char lvalues[6382]={
0x00,/* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -961,6 +961,18 @@ static const unsigned char lvalues[6282]={
0x2A,0x85,0x03,0x07,0x01,/* [6260] OBJ_tc_26 */
0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x02, /* [6265]
OBJ_id_tc26_gost3411_12_256 */
0x2A,0x85,0x03,0x07,0x01,0x01,0x02,0x03, /* [6273]
OBJ_id_tc26_gost3411_12_512 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x01, /* [6281]
OBJ_id_tc26_gost3410_12_256 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x01,0x02, /* [6289]
OBJ_id_tc26_gost3410_12_512 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x02, /* [6297]
OBJ_id_tc26_signwithdigest_gost3410_12_256 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x03,0x03, /* [6305]
OBJ_id_tc26_signwithdigest_gost3410_12_512 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x01, /* [6313]
OBJ_id_tc26_hmac_gost_3411_12_256 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x04,0x02, /* [6321]
OBJ_id_tc26_hmac_gost_3411_12_512 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x01, /* [6329]
OBJ_id_tc26_agreement_gost_3410_12_256 */
+0x2A,0x85,0x03,0x07,0x01,0x01,0x06,0x02, /* [6337]
OBJ_id_tc26_agreement_gost_3410_12_512 */
+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x00,/* [6345]
OBJ_id_tc26_gost_3410_12_512_paramSetTest */
+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x01,/* [6354]
OBJ_id_tc26_gost_3410_12_512_paramSetA */
+0x2A,0x85,0x03,0x07,0x01,0x02,0x01,0x02,0x02,/* [6363]
OBJ_id_tc26_gost_3410_12_512_paramSetB */
+0x2A,0x85,0x03,0x07,0x01,0x02,0x05,0x01,0x01,/* [6372]
OBJ_id_tc26_gost_28147_param_A */
};
static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2531,6 +2543,37 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
NID_id_tc26_gost3411_12_256,8,(lvalues[6265]),0},
{md_gost12_512,GOST R 34.11-2012 512-bit length,
NID_id_tc26_gost3411_12_512,8,(lvalues[6273]),0},
+{gost2012_256,GOST R 34.10-2012 with 256-bit key,
+ NID_id_tc26_gost3410_12_256,8,(lvalues[6281]),0},
+{gost2012_512,GOST R 34.10-2012 with 512-bit key,
+ NID_id_tc26_gost3410_12_512,8,(lvalues[6289]),0},
+{id-tc26-signwithdigest-gost3410-12-256,
+ GOST R 34.10-2012 with 34.11-2012 256-bit,
+ NID_id_tc26_signwithdigest_gost3410_12_256,8,(lvalues[6297]),0},
+{id-tc26-signwithdigest-gost3410-12-512,
+ GOST R 34.10-2012 with 34.11-2012 512-bit,
+ NID_id_tc26_signwithdigest_gost3410_12_512,8,(lvalues[6305]),0},
+{id-tc26-hmac-gost-3411-12-256,HMAC GOST R 34.11-2012 L=32 B=64,
+ NID_id_tc26_hmac_gost_3411_12_256,8,(lvalues[6313]),0},
+{id-tc26-hmac-gost-3411-12-512,HMAC GOST R 34.11-2012 L=64 B=64,
+