From bd2c2acd5f9671852ac60d7d189d7b8db2234a21 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 21 Mar 2017 11:48:34 -0400 Subject: [PATCH] use CryptoProA params for GOST R 34.10-2012 256 bits --- Gost.cpp | 10 +--------- Gost.h | 5 +---- Identity.cpp | 39 +++++++++++++-------------------------- Identity.h | 5 ++--- Signature.h | 14 ++++++-------- tests/test-gost-sig.cpp | 10 ++++++++-- 6 files changed, 31 insertions(+), 52 deletions(-) diff --git a/Gost.cpp b/Gost.cpp index 21ec0259..b847708c 100644 --- a/Gost.cpp +++ b/Gost.cpp @@ -108,15 +108,7 @@ namespace crypto "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", "1", "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14" - }, // A - { - "C2173F1513981673AF4892C23035A27CE25E2013BF95AA33B22C656F277E7335", - "295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "400000000000000000000000000000000FD8CDDFC87B6635C115AF556C360C67", - "0D", - "32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C" - }, // tc26-2012-paramSetA-256 + }, // CryptoPro A { "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4", "E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760", diff --git a/Gost.h b/Gost.h index 9b65fcf1..2802aac0 100644 --- a/Gost.h +++ b/Gost.h @@ -13,13 +13,10 @@ namespace crypto enum GOSTR3410ParamSet { - // GOST R 34.10-2001 eGOSTR3410CryptoProA = 0, // 1.2.643.2.2.35.1 // XchA = A, XchB = C //eGOSTR3410CryptoProXchA, // 1.2.643.2.2.36.0 - //eGOSTR3410CryptoProXchB, // 1.2.643.2.2.36.1 - // GOST R 34.10-2012 - eGOSTR3410TC26A256, // 1.2.643.7.1.2.1.1.1 + //eGOSTR3410CryptoProXchB, // 1.2.643.2.2.36.1 eGOSTR3410TC26A512, // 1.2.643.7.1.2.1.2.1 eGOSTR3410NumParamSets }; diff --git a/Identity.cpp b/Identity.cpp index a23185ed..b9fd7199 100644 --- a/Identity.cpp +++ b/Identity.cpp @@ -102,8 +102,7 @@ namespace data memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH); break; } - case SIGNING_KEY_TYPE_GOSTR3410_2001_CRYPTO_PRO_A_SHA256: - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_256_GOSTR3411: + case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256: { // 256 size_t padding = 128 - i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH; // 64 = 128 - 64 @@ -111,7 +110,7 @@ namespace data memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH); break; } - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_512_GOSTR3411: + case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512: { // 512 // no padding, key length is 128 @@ -386,22 +385,16 @@ namespace data UpdateVerifier (new i2p::crypto::EDDSA25519Verifier (m_StandardIdentity.signingKey + padding)); break; } - case SIGNING_KEY_TYPE_GOSTR3410_2001_CRYPTO_PRO_A_SHA256 : + case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256: { size_t padding = 128 - i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH; // 64 = 128 - 64 - UpdateVerifier (new i2p::crypto::GOSTR3410_2001_Verifier (i2p::crypto::eGOSTR3410CryptoProA, m_StandardIdentity.signingKey + padding)); - break; - } - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_256_GOSTR3411: - { - size_t padding = 128 - i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH; // 64 = 128 - 64 - UpdateVerifier (new i2p::crypto::GOSTR3410_2012_256_Verifier (i2p::crypto::eGOSTR3410TC26A256, m_StandardIdentity.signingKey + padding)); + UpdateVerifier (new i2p::crypto::GOSTR3410_256_Verifier (i2p::crypto::eGOSTR3410CryptoProA, m_StandardIdentity.signingKey + padding)); break; } - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_512_GOSTR3411: + case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512: { // zero padding - UpdateVerifier (new i2p::crypto::GOSTR3410_2012_512_Verifier (i2p::crypto::eGOSTR3410TC26A512, m_StandardIdentity.signingKey)); + UpdateVerifier (new i2p::crypto::GOSTR3410_512_Verifier (i2p::crypto::eGOSTR3410TC26A512, m_StandardIdentity.signingKey)); break; } default: @@ -545,14 +538,11 @@ namespace data case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().certificate - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH)); break; - case SIGNING_KEY_TYPE_GOSTR3410_2001_CRYPTO_PRO_A_SHA256: - m_Signer.reset (new i2p::crypto::GOSTR3410_2001_Signer (i2p::crypto::eGOSTR3410CryptoProA, m_SigningPrivateKey)); - break; - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_256_GOSTR3411: - m_Signer.reset (new i2p::crypto::GOSTR3410_2012_256_Signer (i2p::crypto::eGOSTR3410TC26A256, m_SigningPrivateKey)); + case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256: + m_Signer.reset (new i2p::crypto::GOSTR3410_256_Signer (i2p::crypto::eGOSTR3410CryptoProA, m_SigningPrivateKey)); break; - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_512_GOSTR3411: - m_Signer.reset (new i2p::crypto::GOSTR3410_2012_512_Signer (i2p::crypto::eGOSTR3410TC26A512, m_SigningPrivateKey)); + case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512: + m_Signer.reset (new i2p::crypto::GOSTR3410_512_Signer (i2p::crypto::eGOSTR3410TC26A512, m_SigningPrivateKey)); break; default: LogPrint (eLogError, "Identity: Signing key type ", (int)m_Public->GetSigningKeyType (), " is not supported"); @@ -588,14 +578,11 @@ namespace data break; case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: i2p::crypto::CreateEDDSA25519RandomKeys (keys.m_SigningPrivateKey, signingPublicKey); - break; - case SIGNING_KEY_TYPE_GOSTR3410_2001_CRYPTO_PRO_A_SHA256: + break; + case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256: i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410CryptoProA, keys.m_SigningPrivateKey, signingPublicKey); break; - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_256_GOSTR3411: - i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410TC26A256, keys.m_SigningPrivateKey, signingPublicKey); - break; - case SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_512_GOSTR3411: + case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512: i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410TC26A512, keys.m_SigningPrivateKey, signingPublicKey); break; default: diff --git a/Identity.h b/Identity.h index 40a09d59..6ff83254 100644 --- a/Identity.h +++ b/Identity.h @@ -61,9 +61,8 @@ namespace data const uint16_t SIGNING_KEY_TYPE_RSA_SHA512_4096 = 6; const uint16_t SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 = 7; // following signature type should never appear in netid=2 - const uint16_t SIGNING_KEY_TYPE_GOSTR3410_2001_CRYPTO_PRO_A_SHA256 = 65280; - const uint16_t SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_256_GOSTR3411 = 65281; - const uint16_t SIGNING_KEY_TYPE_GOSTR3410_2012_TC26_A_512_GOSTR3411 = 65282; // approved by FSB + const uint16_t SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256 = 65281; + const uint16_t SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512 = 65282; // approved by FSB typedef uint16_t SigningKeyType; typedef uint16_t CryptoKeyType; diff --git a/Signature.h b/Signature.h index b6fef1ba..b85ef4cf 100644 --- a/Signature.h +++ b/Signature.h @@ -445,7 +445,7 @@ namespace crypto // ГОСТ Р 34.11 - struct GOSTR3411_2012_256_Hash + struct GOSTR3411_256_Hash { static void CalculateHash (const uint8_t * buf, size_t len, uint8_t * digest) { @@ -455,7 +455,7 @@ namespace crypto enum { hashLen = 32 }; }; - struct GOSTR3411_2012_512_Hash + struct GOSTR3411_512_Hash { static void CalculateHash (const uint8_t * buf, size_t len, uint8_t * digest) { @@ -556,12 +556,10 @@ namespace crypto BN_free (x); BN_free (y); } - typedef GOSTR3410Verifier GOSTR3410_2001_Verifier; - typedef GOSTR3410Signer GOSTR3410_2001_Signer; - typedef GOSTR3410Verifier GOSTR3410_2012_256_Verifier; - typedef GOSTR3410Signer GOSTR3410_2012_256_Signer; - typedef GOSTR3410Verifier GOSTR3410_2012_512_Verifier; - typedef GOSTR3410Signer GOSTR3410_2012_512_Signer; + typedef GOSTR3410Verifier GOSTR3410_256_Verifier; + typedef GOSTR3410Signer GOSTR3410_256_Signer; + typedef GOSTR3410Verifier GOSTR3410_512_Verifier; + typedef GOSTR3410Signer GOSTR3410_512_Signer; } } diff --git a/tests/test-gost-sig.cpp b/tests/test-gost-sig.cpp index fd222dd2..63f7b27e 100644 --- a/tests/test-gost-sig.cpp +++ b/tests/test-gost-sig.cpp @@ -19,10 +19,16 @@ int main () { uint8_t priv[64], pub[128], signature[128]; i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410TC26A512, priv, pub); - i2p::crypto::GOSTR3410_2012_512_Signer signer (i2p::crypto::eGOSTR3410TC26A512, priv); + i2p::crypto::GOSTR3410_512_Signer signer (i2p::crypto::eGOSTR3410TC26A512, priv); signer.Sign (example2, 72, signature); - i2p::crypto::GOSTR3410_2012_512_Verifier verifier (i2p::crypto::eGOSTR3410TC26A512, pub); + i2p::crypto::GOSTR3410_512_Verifier verifier (i2p::crypto::eGOSTR3410TC26A512, pub); assert (verifier.Verify (example2, 72, signature)); + + i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410CryptoProA, priv, pub); + i2p::crypto::GOSTR3410_256_Signer signer1 (i2p::crypto::eGOSTR3410CryptoProA, priv); + signer1.Sign (example2, 72, signature); + i2p::crypto::GOSTR3410_256_Verifier verifier1 (i2p::crypto::eGOSTR3410CryptoProA, pub); + assert (verifier1.Verify (example2, 72, signature)); }