pkcs11gost_link.c revision 0c27b3fe77ac1d5094ba3521e8142d9e7973133f
/*
* Copyright (C) 2014-2016 Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
#include <config.h>
#if defined(PKCS11CRYPTO) && defined(HAVE_PKCS11_GOST)
#include <dns/keyvalues.h>
#include "dst_internal.h"
#include "dst_parse.h"
#include "dst_pkcs11.h"
#include "dst_gost.h"
#include <pk11/internal.h>
#define WANT_GOST_PARAMS
#include <pk11/constants.h>
/*
* RU CryptoPro GOST keys:
* mechanisms:
* CKM_GOSTR3411
* CKM_GOSTR3410_WITH_GOSTR3411
* CKM_GOSTR3410_KEY_PAIR_GEN
* domain parameters:
* CKA_GOSTR3410_PARAMS (fixed BER OID 1.2.643.2.2.35.1)
* CKA_GOSTR3411_PARAMS (fixed BER OID 1.2.643.2.2.30.1)
* CKA_GOST28147_PARAMS (optional, don't use)
* public keys:
* object class CKO_PUBLIC_KEY
* key type CKK_GOSTR3410
* attribute CKA_VALUE (point Q)
* attribute CKA_GOSTR3410_PARAMS
* attribute CKA_GOSTR3411_PARAMS
* attribute CKA_GOST28147_PARAMS
* private keys:
* object class CKO_PRIVATE_KEY
* key type CKK_GOSTR3410
* attribute CKA_VALUE (big int d)
* attribute CKA_GOSTR3410_PARAMS
* attribute CKA_GOSTR3411_PARAMS
* attribute CKA_GOST28147_PARAMS
* point format: <x> <y> (little endian)
*/
#define CKA_VALUE2 CKA_PRIVATE_EXPONENT
#define ISC_GOST_SIGNATURELENGTH 64
#define ISC_GOST_PUBKEYLENGTH 64
#define ISC_GOST_KEYSIZE 256
/* HASH methods */
int ret = ISC_R_SUCCESS;
if (ret != ISC_R_SUCCESS)
return (ret);
return (ret);
}
void
return;
}
int ret = ISC_R_SUCCESS;
return (ret);
}
int ret = ISC_R_SUCCESS;
return (ret);
}
/* DST methods */
static isc_result_t
{
(CK_ULONG) sizeof(pk11_gost_a_paramset) },
(CK_ULONG) sizeof(pk11_gost_paramset) }
};
unsigned int i;
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
goto token_key;
}
case CKA_VALUE2:
attr->ulValueLen);
attr->ulValueLen);
break;
}
for (i = 6; i <= 6; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ISC_R_SUCCESS);
err:
for (i = 6; i <= 6; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ret);
}
static isc_result_t
{
(CK_ULONG) sizeof(pk11_gost_a_paramset) },
(CK_ULONG) sizeof(pk11_gost_paramset) }
};
unsigned int i;
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
goto token_key;
}
case CKA_VALUE:
attr->ulValueLen);
attr->ulValueLen);
break;
}
for (i = 5; i <= 5; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ISC_R_SUCCESS);
err:
for (i = 5; i <= 5; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ret);
}
static isc_result_t
else
}
static void
}
}
static isc_result_t
else
return (ret);
}
static isc_result_t
isc_region_t r;
if (r.length < ISC_GOST_SIGNATURELENGTH)
return (ISC_R_NOSPACE);
if (siglen != ISC_GOST_SIGNATURELENGTH)
return (DST_R_SIGNFAILURE);
err:
return (ret);
}
static isc_result_t
return (ret);
}
static isc_boolean_t
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
attr1->ulValueLen))
return (ISC_FALSE);
attr1->ulValueLen)))
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
}
static isc_result_t
{
(CK_ULONG) sizeof(pk11_gost_a_paramset) },
(CK_ULONG) sizeof(pk11_gost_paramset) }
};
{
};
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
sizeof(*attr) * 2);
attr++;
return (ISC_R_SUCCESS);
err:
if (priv != CK_INVALID_HANDLE)
if (pub != CK_INVALID_HANDLE)
return (ret);
}
static isc_boolean_t
return (ISC_FALSE);
}
static void
return;
case CKA_VALUE:
case CKA_VALUE2:
attr->ulValueLen);
}
break;
}
}
}
static isc_result_t
isc_region_t r;
return (ISC_R_FAILURE);
if (r.length < ISC_GOST_PUBKEYLENGTH)
return (ISC_R_NOSPACE);
return (ISC_R_SUCCESS);
}
static isc_result_t
isc_region_t r;
if (r.length == 0)
return (ISC_R_SUCCESS);
if (r.length != ISC_GOST_PUBKEYLENGTH)
return (DST_R_INVALIDPUBLICKEY);
return (ISC_R_NOMEMORY);
goto nomemory;
goto nomemory;
return (ISC_R_SUCCESS);
case CKA_VALUE:
attr->ulValueLen);
}
break;
}
}
return (ISC_R_NOMEMORY);
}
static unsigned char gost_private_der[39] = {
0x30, 0x45, 0x02, 0x01, 0x00, 0x30, 0x1c, 0x06,
0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13, 0x30,
0x12, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02,
0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02,
0x02, 0x1e, 0x01, 0x04, 0x22, 0x02, 0x20
};
#ifdef PREFER_GOSTASN1
static isc_result_t
unsigned int i = 0;
int adj;
return (DST_R_NULLKEY);
}
return (ISC_R_NOMEMORY);
if (adj != 0) {
}
i++;
} else
return (DST_R_CRYPTOFAILURE);
}
return (ret);
}
#else
static isc_result_t
unsigned int i = 0;
return (DST_R_NULLKEY);
}
return (ISC_R_NOMEMORY);
i++;
} else
return (DST_R_CRYPTOFAILURE);
}
return (ret);
}
#endif
static isc_result_t
/* read private key file */
if (ret != ISC_R_SUCCESS)
return (ret);
return (ISC_R_SUCCESS);
}
unsigned char buf[39];
if (adj != 0) {
}
32 + adj);
}
sizeof(*attr) * 2);
attr++;
return (ISC_R_SUCCESS);
err:
return (ret);
}
static dst_func_t pkcs11gost_functions = {
NULL, /*%< createctx2 */
NULL, /*%< verify2 */
NULL, /*%< computesecret */
NULL, /*%< paramcompare */
NULL, /*%< cleanup */
NULL, /*%< fromlabel */
NULL, /*%< dump */
NULL, /*%< restore */
};
return (ISC_R_SUCCESS);
}
#else /* PKCS11CRYPTO && HAVE_PKCS11_GOST */
#endif /* PKCS11CRYPTO && HAVE_PKCS11_GOST */
/*! \file */