[xmlsec] experimental GOST2012 support (patch from Nikolay Shaplov)
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] experimental GOST2012 support (patch from Nikolay Shaplov)
- Date: Thu, 23 Oct 2014 17:16:50 +0000 (UTC)
commit 0606b7421d17b36600f27e338f82dd473d753ec9
Author: Aleksey Sanin <aleksey aleksey com>
Date: Thu Oct 23 10:14:56 2014 -0700
experimental GOST2012 support (patch from Nikolay Shaplov)
configure.in | 22 ++-
include/xmlsec/app.h | 45 +++
include/xmlsec/openssl/crypto.h | 73 +++++-
include/xmlsec/private.h | 12 +
include/xmlsec/strings.h | 30 ++
src/app.c | 137 ++++++++++
src/dl.c | 52 ++++-
src/openssl/crypto.c | 19 +-
src/openssl/digests.c | 127 +++++++++-
src/openssl/evp.c | 286 +++++++++++++++++++-
src/openssl/signatures.c | 138 +++++++++-
src/skeleton/crypto.c | 5 +
src/strings.c | 34 +++
.../aleksey-xmldsig-01/enveloping-gost2012-256.xml | 1 +
.../aleksey-xmldsig-01/enveloping-gots2012-512.xml | 1 +
tests/keys/gost2012_256.pem | 8 +
tests/keys/gost2012_512.pem | 11 +
17 files changed, 982 insertions(+), 19 deletions(-)
---
diff --git a/configure.in b/configure.in
index 7690e7a..71f9106 100644
--- a/configure.in
+++ b/configure.in
@@ -1325,7 +1325,7 @@ AC_SUBST(XMLSEC_NO_AES)
dnl ==========================================================================
dnl See do we need GOST support
dnl ==========================================================================
-AC_MSG_CHECKING(for GOST support)
+AC_MSG_CHECKING(for GOST support)
AC_ARG_ENABLE(gost, [ --enable-gost enable GOST support (no)])
if test "z$enable_gost" != "zyes" ; then
XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST=1"
@@ -1334,10 +1334,28 @@ if test "z$enable_gost" != "zyes" ; then
else
XMLSEC_NO_GOST="0"
AC_MSG_RESULT(yes)
-fi
+fi
AM_CONDITIONAL(XMLSEC_NO_GOST, test "z$XMLSEC_NO_GOST" = "z1")
AC_SUBST(XMLSEC_NO_GOST)
+
+dnl ==========================================================================
+dnl See do we need GOST2012 support
+dnl ==========================================================================
+AC_MSG_CHECKING(for EXPERMIENTAL GOST2012 support)
+AC_ARG_ENABLE(gost, [ --enable-gost2012 enable EXPERMIENTAL GOST2012 support (no)])
+if test "z$enable_gost2012" != "zyes" ; then
+ XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST2012=1"
+ XMLSEC_NO_GOST2012="1"
+ AC_MSG_RESULT(no)
+else
+ XMLSEC_NO_GOST2012="0"
+ AC_MSG_RESULT(yes)
+fi
+AM_CONDITIONAL(XMLSEC_NO_GOST2012, test "z$XMLSEC_NO_GOST2012" = "z1")
+AC_SUBST(XMLSEC_NO_GOST2012)
+
+
dnl ==========================================================================
dnl See do we need XMLDSig support
dnl ==========================================================================
diff --git a/include/xmlsec/app.h b/include/xmlsec/app.h
index 5fe572a..471bfb6 100644
--- a/include/xmlsec/app.h
+++ b/include/xmlsec/app.h
@@ -80,6 +80,20 @@ XMLSEC_EXPORT xmlSecKeyDataId xmlSecKeyDataEcdsaGetKlass
#define xmlSecKeyDataGost2001Id xmlSecKeyDataGost2001GetKlass()
XMLSEC_EXPORT xmlSecKeyDataId xmlSecKeyDataGost2001GetKlass (void);
/**
+ * xmlSecKeyDataGostR3410_2012_256Id:
+ *
+ * The GOST R 34.10-2012 256 bit key klass.
+ */
+#define xmlSecKeyDataGostR3410_2012_256Id xmlSecKeyDataGostR3410_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId xmlSecKeyDataGostR3410_2012_256GetKlass (void);
+/**
+ * xmlSecKeyDataGostR3410_2012_512Id:
+ *
+ * The GOST R 34.10-2012 512 bit key klass.
+ */
+#define xmlSecKeyDataGostR3410_2012_512Id xmlSecKeyDataGostR3410_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId xmlSecKeyDataGostR3410_2012_512GetKlass (void);
+/**
* xmlSecKeyDataHmacId:
*
* The DHMAC key klass.
@@ -241,6 +255,22 @@ XMLSEC_EXPORT xmlSecTransformId xmlSecTransformEcdsaSha512GetKla
XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGost2001GostR3411_94GetKlass (void);
/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_256Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ */
+#define xmlSecTransformGostR3410_2012GostR3411_2012_256Id
xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass
(void);
+
+/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_512Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ */
+#define xmlSecTransformGostR3410_2012GostR3411_2012_512Id
xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass
(void);
+
+/**
* xmlSecTransformHmacMd5Id:
*
* The HMAC with MD5 signature transform klass.
@@ -375,6 +405,21 @@ XMLSEC_EXPORT xmlSecTransformId xmlSecTransformRsaOaepGetKlass
#define xmlSecTransformGostR3411_94Id xmlSecTransformGostR3411_94GetKlass()
XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGostR3411_94GetKlass (void);
/**
+ * xmlSecTransformGostR3411_2012_256Id:
+ *
+ * The GOST R 34.11-2012 256 bit digest transform klass.
+ */
+#define xmlSecTransformGostR3411_2012_256Id xmlSecTransformGostR3411_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGostR3411_2012_256GetKlass (void);
+/**
+ * xmlSecTransformGostR3411_2012_512Id:
+ *
+ * The GOST R 34.11-2012 512 bit digest transform klass.
+ */
+#define xmlSecTransformGostR3411_2012_512Id xmlSecTransformGostR3411_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformGostR3411_2012_512GetKlass (void);
+
+/**
* xmlSecTransformSha1Id:
*
* The SHA1 digest transform klass.
diff --git a/include/xmlsec/openssl/crypto.h b/include/xmlsec/openssl/crypto.h
index b2fbea9..7449081 100644
--- a/include/xmlsec/openssl/crypto.h
+++ b/include/xmlsec/openssl/crypto.h
@@ -276,12 +276,13 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha512GetKlass
#endif /* XMLSEC_NO_ECDSA */
+#ifndef XMLSEC_NO_GOST
+
/********************************************************************
*
* GOST2001 transform
*
*******************************************************************/
-#ifndef XMLSEC_NO_GOST
/**
* xmlSecOpenSSLKeyDataGost2001Id:
@@ -310,9 +311,77 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGost2001GostR3411_9
#define xmlSecOpenSSLTransformGostR3411_94Id \
xmlSecOpenSSLTransformGostR3411_94GetKlass()
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_94GetKlass(void);
-
#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+/********************************************************************
+ *
+ * GOST R 34.10-2012 transform
+ *
+ *******************************************************************/
+
+/**
+ * xmlSecOpenSSLKeyDataGostR4310_2012_256Id:
+ *
+ * The GOST R 34.10-2012 256 key klass.
+ */
+#define xmlSecOpenSSLKeyDataGostR3410_2012_256Id \
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass (void);
+
+
+/**
+ * xmlSecOpenSSLKeyDataGostR4310_2012_512Id:
+ *
+ * The GOST R 34.10-2012 512 key klass.
+ */
+#define xmlSecOpenSSLKeyDataGostR3410_2012_512Id \
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass (void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 3411-2012 256 bit signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id \
+ xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 3411-2012 512 bit signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id \
+ xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_256Id:
+ *
+ * The GOST R 34.11-2012 256 bit hash transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3411_2012_256Id \
+ xmlSecOpenSSLTransformGostR3411_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_512Id:
+ *
+ * The GOST R 34.11-2012 512 bit hash transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3411_2012_512Id \
+ xmlSecOpenSSLTransformGostR3411_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void);
+
+#endif /* XMLSEC_NO_GOST2012 */
+
/********************************************************************
*
* HMAC transforms
diff --git a/include/xmlsec/private.h b/include/xmlsec/private.h
index 74e6de1..db743e4 100644
--- a/include/xmlsec/private.h
+++ b/include/xmlsec/private.h
@@ -336,6 +336,8 @@ typedef int (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
* @keyDataDsaGetKlass: the method to get pointer to DSA key data klass.
* @keyDataEcdsaGetKlass: the method to get pointer to ECDSA key data klass.
* @keyDataGost2001GetKlass: the method to get pointer to GOST 2001 key data klass.
+ * @keyDataGostR3410_2012_256GetKlass: the method to get pointer to GOST R 34.10-2012 256 bit key data klass.
+ * @keyDataGostR3410_2012_512GetKlass: the method to get pointer to GOST R 34.10-2012 512 bit key data klass.
* @keyDataHmacGetKlass: the method to get pointer to HMAC key data klass.
* @keyDataRsaGetKlass: the method to get pointer to RSA key data klass.
* @keyDataX509GetKlass: the method to get pointer to X509 key data klass.
@@ -357,6 +359,8 @@ typedef int (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
* @transformEcdsaSha384GetKlass: the method to get pointer to ECDSA-SHA384 signature transform.
* @transformEcdsaSha512GetKlass: the method to get pointer to ECDSA-SHA512 signature transform.
* @transformGost2001GostR3411_94GetKlass: the method to get pointer to GOST2001 transform.
+ * @transformGostR3410_2012GostR3411_2012_256GetKlass: the method to get pointer to GOST R 34.10-2012 - GOST
R 34.11-2012 256bit transform.
+ * @transformGostR3410_2012GostR3411_2012_512GetKlass: the method to get pointer to GOST R 34.10-2012 - GOST
R 34.11_2012 512bit transform.
* @transformHmacMd5GetKlass: the method to get pointer to HMAC-MD5 transform.
* @transformHmacRipemd160GetKlass: the method to get pointer to HMAC-RIPEMD160 transform.
* @transformHmacSha1GetKlass: the method to get pointer to HMAC-SHA1 transform.
@@ -376,6 +380,8 @@ typedef int (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
* @transformRsaPkcs1GetKlass: the method to get pointer to RSA-PKCS1_5 key transport transform.
* @transformRsaOaepGetKlass: the method to get pointer to RSA-OAEP key transport transform.
* @transformGostR3411_94GetKlass: the method to get pointer to GOST R3411 transform.
+ * @transformGostR3411_2012_256GetKlass: the method to get pointer to GOST R 34.11-2012 256 bit transform.
+ * @transformGostR3411_2012_512GetKlass: the method to get pointer to GOST R 34.11-2012 512 bit transform.
* @transformSha1GetKlass: the method to get pointer to SHA1 digest transform.
* @transformSha224GetKlass: the method to get pointer to SHA224 digest transform.
* @transformSha256GetKlass: the method to get pointer to SHA256 digest transform.
@@ -411,6 +417,8 @@ struct _xmlSecCryptoDLFunctions {
xmlSecCryptoKeyDataGetKlassMethod keyDataDsaGetKlass;
xmlSecCryptoKeyDataGetKlassMethod keyDataEcdsaGetKlass;
xmlSecCryptoKeyDataGetKlassMethod keyDataGost2001GetKlass;
+ xmlSecCryptoKeyDataGetKlassMethod keyDataGostR3410_2012_256GetKlass;
+ xmlSecCryptoKeyDataGetKlassMethod keyDataGostR3410_2012_512GetKlass;
xmlSecCryptoKeyDataGetKlassMethod keyDataHmacGetKlass;
xmlSecCryptoKeyDataGetKlassMethod keyDataRsaGetKlass;
xmlSecCryptoKeyDataGetKlassMethod keyDataX509GetKlass;
@@ -436,6 +444,8 @@ struct _xmlSecCryptoDLFunctions {
xmlSecCryptoTransformGetKlassMethod transformEcdsaSha384GetKlass;
xmlSecCryptoTransformGetKlassMethod transformEcdsaSha512GetKlass;
xmlSecCryptoTransformGetKlassMethod transformGost2001GostR3411_94GetKlass;
+ xmlSecCryptoTransformGetKlassMethod transformGostR3410_2012GostR3411_2012_256GetKlass;
+ xmlSecCryptoTransformGetKlassMethod transformGostR3410_2012GostR3411_2012_512GetKlass;
xmlSecCryptoTransformGetKlassMethod transformHmacMd5GetKlass;
xmlSecCryptoTransformGetKlassMethod transformHmacRipemd160GetKlass;
xmlSecCryptoTransformGetKlassMethod transformHmacSha1GetKlass;
@@ -455,6 +465,8 @@ struct _xmlSecCryptoDLFunctions {
xmlSecCryptoTransformGetKlassMethod transformRsaPkcs1GetKlass;
xmlSecCryptoTransformGetKlassMethod transformRsaOaepGetKlass;
xmlSecCryptoTransformGetKlassMethod transformGostR3411_94GetKlass;
+ xmlSecCryptoTransformGetKlassMethod transformGostR3411_2012_256GetKlass;
+ xmlSecCryptoTransformGetKlassMethod transformGostR3411_2012_512GetKlass;
xmlSecCryptoTransformGetKlassMethod transformSha1GetKlass;
xmlSecCryptoTransformGetKlassMethod transformSha224GetKlass;
xmlSecCryptoTransformGetKlassMethod transformSha256GetKlass;
diff --git a/include/xmlsec/strings.h b/include/xmlsec/strings.h
index 5e3f6a1..9ee26d8 100644
--- a/include/xmlsec/strings.h
+++ b/include/xmlsec/strings.h
@@ -369,6 +369,26 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGost2001GostR3411_94[];
/*************************************************************************
*
+ * GOST R 34.10-2012 strings
+ *
+ ************************************************************************/
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012_256KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeGostR3410_2012_256KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012_256KeyValue[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012_512KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeGostR3410_2012_512KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012_512KeyValue[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_256[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_512[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_512[];
+
+
+/*************************************************************************
+ *
* EncryptedKey
*
************************************************************************/
@@ -514,6 +534,16 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_94[];
/*************************************************************************
*
+ * GOST R 34.11-2012 strings
+ *
+ ************************************************************************/
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3411_2012_512[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_2012_512[];
+
+/*************************************************************************
+ *
* SHA1 strings
*
************************************************************************/
diff --git a/src/app.c b/src/app.c
index 55f5453..6cf8a08 100644
--- a/src/app.c
+++ b/src/app.c
@@ -220,6 +220,52 @@ xmlSecKeyDataGost2001GetKlass(void) {
}
/**
+ * xmlSecKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 256 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "keyDataGostR3410_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecKeyDataIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass());
+}
+
+/**
+ * xmlSecKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 512 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "keyDataGostR3410_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecKeyDataIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass());
+}
+
+/**
* xmlSecKeyDataHmacGetKlass:
*
* The HMAC key data klass.
@@ -713,6 +759,52 @@ xmlSecTransformGost2001GostR3411_94GetKlass(void) {
}
/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3410_2012GostR3411_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3410_2012GostR3411_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass());
+}
+
+/**
* xmlSecTransformHmacMd5GetKlass:
*
* The HMAC-MD5 transform klass.
@@ -1149,7 +1241,52 @@ xmlSecTransformGostR3411_94GetKlass(void) {
return(xmlSecCryptoDLGetFunctions()->transformGostR3411_94GetKlass());
}
+/**
+ * xmlSecTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_256GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3411_2012_256Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_512GetKlass(void) {
+ if((xmlSecCryptoDLGetFunctions() == NULL) ||
(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass == NULL)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "transformGostR3411_2012_512Id",
+ XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(xmlSecTransformIdUnknown);
+ }
+ return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass());
+}
/**
* xmlSecTransformSha1GetKlass:
*
diff --git a/src/dl.c b/src/dl.c
index 255818f..5aa08f3 100644
--- a/src/dl.c
+++ b/src/dl.c
@@ -650,7 +650,22 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
XMLSEC_ERRORS_NO_MESSAGE);
return(-1);
}
- if((functions->keyDataHmacGetKlass != NULL) &&
(xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
+ if((functions->keyDataGostR3410_2012_256GetKlass != NULL) &&
(xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_256GetKlass()) < 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_256GetKlass())),
+ "xmlSecKeyDataIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ if((functions->keyDataGostR3410_2012_512GetKlass != NULL) &&
(xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_512GetKlass()) < 0)) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_512GetKlass())),
+ "xmlSecKeyDataIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ } if((functions->keyDataHmacGetKlass != NULL) &&
(xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataHmacGetKlass())),
"xmlSecKeyDataIdsRegister",
@@ -770,6 +785,24 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
return(-1);
}
+ if((functions->transformGostR3410_2012GostR3411_2012_256GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_256GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_256GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if((functions->transformGostR3410_2012GostR3411_2012_512GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_512GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_512GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
if((functions->transformDsaSha1GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformDsaSha1GetKlass()) < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha1GetKlass())),
@@ -1004,6 +1037,23 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
return(-1);
}
+ if((functions->transformGostR3411_2012_256GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformGostR3411_2012_256GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_256GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+
+ if((functions->transformGostR3411_2012_512GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformGostR3411_2012_512GetKlass()) < 0) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_512GetKlass())),
+ "xmlSecTransformIdsRegister",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
if((functions->transformSha1GetKlass != NULL) &&
xmlSecTransformIdsRegister(functions->transformSha1GetKlass()) < 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha1GetKlass())),
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index eba1a32..77963a9 100644
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -80,7 +80,12 @@ xmlSecCryptoGetFunctions_openssl(void) {
#ifndef XMLSEC_NO_GOST
gXmlSecOpenSSLFunctions->keyDataGost2001GetKlass = xmlSecOpenSSLKeyDataGost2001GetKlass;
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_256GetKlass =
xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_512GetKlass =
xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
#ifndef XMLSEC_NO_HMAC
gXmlSecOpenSSLFunctions->keyDataHmacGetKlass = xmlSecOpenSSLKeyDataHmacGetKlass;
@@ -166,13 +171,17 @@ xmlSecCryptoGetFunctions_openssl(void) {
/******************************* GOST ********************************/
#ifndef XMLSEC_NO_GOST
- gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass =
xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
-#endif /* XMLSEC_NO_GOST */
-
-#ifndef XMLSEC_NO_GOST
+ gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass =
xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
gXmlSecOpenSSLFunctions->transformGostR3411_94GetKlass =
xmlSecOpenSSLTransformGostR3411_94GetKlass;
#endif /* XMLSEC_NO_GOST */
+#ifndef XMLSEC_NO_GOST2012
+ gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass =
xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass =
xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3411_2012_256GetKlass =
xmlSecOpenSSLTransformGostR3411_2012_256GetKlass;
+ gXmlSecOpenSSLFunctions->transformGostR3411_2012_512GetKlass =
xmlSecOpenSSLTransformGostR3411_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
+
/******************************* HMAC ********************************/
#ifndef XMLSEC_NO_HMAC
diff --git a/src/openssl/digests.c b/src/openssl/digests.c
index b103035..74b91df 100644
--- a/src/openssl/digests.c
+++ b/src/openssl/digests.c
@@ -108,6 +108,15 @@ xmlSecOpenSSLEvpDigestCheckId(xmlSecTransformPtr transform) {
} else
#endif /* XMLSEC_NO_GOST*/
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+ return(1);
+ } else
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
{
return(0);
@@ -183,7 +192,35 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
return(-1);
}
} else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+ ctx->digest = EVP_get_digestbyname("md_gost12_256");
+ if (!ctx->digest)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+ ctx->digest = EVP_get_digestbyname("md_gost12_512");
+ if (!ctx->digest)
+ {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
{
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -744,3 +781,91 @@ xmlSecOpenSSLTransformGostR3411_94GetKlass(void) {
}
#endif /* XMLSEC_NO_GOST*/
+#ifndef XMLSEC_NO_GOST2012
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 256 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* size_t klassSize */
+ xmlSecOpenSSLEvpDigestSize, /* size_t objSize */
+
+ xmlSecNameGostR3411_2012_256, /* const xmlChar* name; */
+ xmlSecHrefGostR3411_2012_256, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+ xmlSecOpenSSLEvpDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3411_2012_256Klass);
+}
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 512 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* size_t klassSize */
+ xmlSecOpenSSLEvpDigestSize, /* size_t objSize */
+
+ xmlSecNameGostR3411_2012_512, /* const xmlChar* name; */
+ xmlSecHrefGostR3411_2012_512, /* const xmlChar* href; */
+ xmlSecTransformUsageDigestMethod, /* xmlSecTransformUsage usage; */
+ xmlSecOpenSSLEvpDigestInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpDigestFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ NULL, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ NULL, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpDigestVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpDigestExecute, /* xmlSecTransformExecuteMethod execute; */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3411_2012_512Klass);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
diff --git a/src/openssl/evp.c b/src/openssl/evp.c
index 464a5a3..41b808a 100644
--- a/src/openssl/evp.c
+++ b/src/openssl/evp.c
@@ -250,6 +250,7 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
}
break;
#endif /* XMLSEC_NO_ECDSA */
+
#ifndef XMLSEC_NO_GOST
case NID_id_GostR3410_2001:
data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGost2001Id);
@@ -263,6 +264,33 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
}
break;
#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ case NID_id_GostR3410_2012_256:
+ data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_256Id);
+ if(data == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyDataCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "xmlSecOpenSSLKeyDataGostR3410_2012_256Id");
+ return(NULL);
+ }
+ break;
+
+ case NID_id_GostR3410_2012_512:
+ data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_512Id);
+ if(data == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ "xmlSecKeyDataCreate",
+ XMLSEC_ERRORS_R_XMLSEC_FAILED,
+ "xmlSecOpenSSLKeyDataGostR3410_2012_512Id");
+ return(NULL);
+ }
+ break;
+#endif /* XMLSEC_NO_GOST2012 */
+
default:
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
@@ -1844,14 +1872,12 @@ xmlSecOpenSSLKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
xmlSecOpenSSLKeyDataRsaGetSize(data));
}
-
#endif /* XMLSEC_NO_RSA */
-
#ifndef XMLSEC_NO_GOST
/**************************************************************************
*
- * GOST2001 xml key representation processing. Contain errors.
+ * GOST2001 xml key representation processing
*
*************************************************************************/
static int xmlSecOpenSSLKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
@@ -1970,6 +1996,258 @@ xmlSecOpenSSLKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
xmlSecOpenSSLKeyDataGost2001GetSize(data));
}
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 256 bit xml key representation processing
+ *
+ *************************************************************************/
+static int xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data);
+static int xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_256Klass = {
+ sizeof(xmlSecKeyDataKlass),
+ xmlSecOpenSSLEvpKeyDataSize,
+
+ /* data */
+ xmlSecNameGostR3410_2012_256KeyValue,
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+ /* xmlSecKeyDataUsage usage; */
+ xmlSecHrefGostR3410_2012_256KeyValue, /* const xmlChar* href; */
+ xmlSecNodeGostR3410_2012_256KeyValue, /* const xmlChar* dataNodeName; */
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
+
+ /* constructors/destructor */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
+ NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_256Generate,*/ /* xmlSecKeyDataGenerateMethod generate; */
+
+ /* get info */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetType, /* xmlSecKeyDataGetTypeMethod getType; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+ /* read/write */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+ /* debug */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+ /* reserved for the future */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 256 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLKeyDataGostR3410_2012_256Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+
+ xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data) {
+ /* Now I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), 0);
+
+ return 512;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== gost key: size = %d\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<GOST2012_256KeyValue size=\"%d\" />\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+
+
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 512 bit xml key representation processing
+ *
+ *************************************************************************/
+static int xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data);
+static int xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+ xmlSecKeyDataPtr src);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data);
+static xmlSecSize xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data,
+ FILE* output);
+static void xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data,
+ FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_512Klass = {
+ sizeof(xmlSecKeyDataKlass),
+ xmlSecOpenSSLEvpKeyDataSize,
+
+ /* data */
+ xmlSecNameGostR3410_2012_512KeyValue,
+ xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+ /* xmlSecKeyDataUsage usage; */
+ xmlSecHrefGostR3410_2012_512KeyValue, /* const xmlChar* href; */
+ xmlSecNodeGostR3410_2012_512KeyValue, /* const xmlChar* dataNodeName; */
+ xmlSecDSigNs, /* const xmlChar* dataNodeNs; */
+
+ /* constructors/destructor */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize, /* xmlSecKeyDataInitializeMethod initialize; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */
+ NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_512Generate,*/ /* xmlSecKeyDataGenerateMethod generate; */
+
+ /* get info */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetType, /* xmlSecKeyDataGetTypeMethod getType; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize, /* xmlSecKeyDataGetSizeMethod getSize; */
+ NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+ /* read/write */
+ NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */
+ NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+ NULL, /* xmlSecKeyDataBinReadMethod binRead; */
+ NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+ /* debug */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */
+ xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+ /* reserved for the future */
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 512 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLKeyDataGostR3410_2012_512Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+ xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+ return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+
+ xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data) {
+ /* Now I don't know how to find whether we have both private and public key
+ or the public only*/
+ return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data) {
+ xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), 0);
+
+ return 1024;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "=== gost key: size = %d\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+ xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+ xmlSecAssert(output != NULL);
+
+ fprintf(output, "<GOST2012_512KeyValue size=\"%d\" />\n",
+ xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST2012 */
diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c
index 6751ba0..563ce7b 100644
--- a/src/openssl/signatures.c
+++ b/src/openssl/signatures.c
@@ -208,7 +208,16 @@ xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
return(1);
} else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+ return(1);
+ } else
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+ return(1);
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
{
return(0);
@@ -354,7 +363,35 @@ xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
return(-1);
}
} else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+ ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_256Id;
+ ctx->digest = EVP_get_digestbyname("md_gost12_256");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+
+ if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+ ctx->keyId = xmlSecOpenSSLKeyDataGostR3410_2012_512Id;
+ ctx->digest = EVP_get_digestbyname("md_gost12_512");
+ if (!ctx->digest) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+ XMLSEC_ERRORS_NO_MESSAGE);
+ return(-1);
+ }
+ } else
+#endif /* XMLSEC_NO_GOST2012 */
if(1) {
xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1988,7 +2025,6 @@ xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
#endif /* XMLSEC_NO_RSA */
-
#ifndef XMLSEC_NO_GOST
/****************************************************************************
*
@@ -2034,7 +2070,101 @@ xmlSecTransformId
xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void) {
return(&xmlSecOpenSSLGost2001GostR3411_94Klass);
}
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameGostR3410_2012GostR3411_2012_256, /* const xmlChar* name; */
+ xmlSecHrefGostR3410_2012GostR3411_2012_256, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass);
+}
+
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass = {
+ /* klass/object sizes */
+ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
+ xmlSecOpenSSLEvpSignatureSize, /* xmlSecSize objSize */
+
+ xmlSecNameGostR3410_2012GostR3411_2012_512, /* const xmlChar* name; */
+ xmlSecHrefGostR3410_2012GostR3411_2012_512, /* const xmlChar* href; */
+ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
+
+ xmlSecOpenSSLEvpSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
+ xmlSecOpenSSLEvpSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
+ NULL, /* xmlSecTransformNodeReadMethod readNode; */
+ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
+ xmlSecOpenSSLEvpSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+ xmlSecOpenSSLEvpSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
+ xmlSecOpenSSLEvpSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
+ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
+ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
+ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
+ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
+ NULL, /* xmlSecTransformPopXmlMethod popXml; */
+ xmlSecOpenSSLEvpSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
+
+ NULL, /* void* reserved0; */
+ NULL, /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+ return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass);
+}
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST2012 */
diff --git a/src/skeleton/crypto.c b/src/skeleton/crypto.c
index 3be2064..f3d6da9 100644
--- a/src/skeleton/crypto.c
+++ b/src/skeleton/crypto.c
@@ -74,6 +74,7 @@ xmlSecCryptoGetFunctions_skeleton(void) {
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->keyDataGost2001GetKlass = xmlSecSkeletonKeyDataGost2001GetKlass;
+ gXmlSecSkeletonFunctions->keyDataGostR3410_2012GetKlass = xmlSecSkeletonKeyDataGostR3410_2012GetKlass;
#endif /* XMLSEC_NO_GOST */
#ifndef XMLSEC_NO_HMAC
@@ -161,10 +162,14 @@ xmlSecCryptoGetFunctions_skeleton(void) {
/******************************* GOST ********************************/
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->transformGost2001GostR3411_94GetKlass =
xmlSecSkeletonTransformGost2001GostR3411_94GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass =
xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_256GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass =
xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_512GetKlass;
#endif /* XMLSEC_GOST */
#ifndef XMLSEC_NO_GOST
gXmlSecSkeletonFunctions->transformGostR3411_94GetKlass =
xmlSecSkeletonTransformGostR3411_94GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3411_2012_256GetKlass =
xmlSecSkeletonTransformGostR3411_2012_256GetKlass;
+ gXmlSecSkeletonFunctions->transformGostR3411_2012_512GetKlass =
xmlSecSkeletonTransformGostR3411_2012_512GetKlass;
#endif /* XMLSEC_NO_GOST */
/******************************* HMAC ********************************/
diff --git a/src/strings.c b/src/strings.c
index f746f4d..818fd28 100644
--- a/src/strings.c
+++ b/src/strings.c
@@ -304,6 +304,26 @@ const xmlChar xmlSecHrefGost2001GostR3411_94[] = "http://www.w3.org/200
/*************************************************************************
*
+ * GOST R 34.10-2012 strings
+ *
+ ************************************************************************/
+const xmlChar xmlSecNameGostR3410_2012_256KeyValue[] = "gostr34102012-256";
+const xmlChar xmlSecNodeGostR3410_2012_256KeyValue[] = "gostr34102012-256";
+const xmlChar xmlSecHrefGostR3410_2012_256KeyValue[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-256";
+
+const xmlChar xmlSecNameGostR3410_2012_512KeyValue[] = "gostr34102012-512";
+const xmlChar xmlSecNodeGostR3410_2012_512KeyValue[] = "gostr34102012-512";
+const xmlChar xmlSecHrefGostR3410_2012_512KeyValue[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-512";
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.6 */
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_256[] = "gostr34102012-gostr34112012-256";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_256[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_512[] = "gostr34102012-gostr34112012-512";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_512[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512";
+
+/*************************************************************************
+ *
* DSA strings
*
************************************************************************/
@@ -504,6 +524,20 @@ const xmlChar xmlSecHrefGostR3411_94[] = "http://www.w3.org/200
/*************************************************************************
*
+ * GOST R 34.11-2012 strings
+ *
+ ************************************************************************/
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.2 */
+const xmlChar xmlSecNameGostR3411_2012_256[] = "gostr34112012-256";
+const xmlChar xmlSecHrefGostR3411_2012_256[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3411_2012_512[] = "gostr34112012-512";
+const xmlChar xmlSecHrefGostR3411_2012_512[] =
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512";
+
+
+/*************************************************************************
+ *
* SHA1 strings
*
************************************************************************/
diff --git a/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml
b/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml
new file mode 100644
index 0000000..765ea39
--- /dev/null
+++ b/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="utf-8"?><outer><inner Id="obj1">Here is some data to sign.<Signature
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256"/><Reference
Id="refId123456" URI=""><Transforms><Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></Transforms><DigestMethod
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256"/><DigestValue>1EBEnqCZUd8rJWCaHTc+ytnVkD0VTmk8tk0pne61Aps=</DigestValue></Reference></SignedInfo><SignatureValue>6MdaXUBxBfpy3ziCeAIMrmUlZA4M2LVkHKeoXLt27B/p3oej1DMSNLd5U0D0idirFRvylToogb/mwryyyQ0Iiw==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIBRzCB86ADAgECAhDYvceOSjlEUQPqYpNAPDZlMAwGCCqFAwcBAQMCBQAwITEfMB0GA1UEAxMWZ29zdC0yMDEyLTI1Ni
10ZXN0LTAwMTAeFw0xMzEyMDkxNDIzMTlaFw0zOTEyMzEyMzU5NTlaMCExHzAdBgNVBAMTFmdvc3QtMjAxMi0yNTYtdGVzdC0wMDEwZjAfBggqhQMHAQEBATATBgcqhQMCAiMBBggqhQMHAQECAgNDAARAd6J9ff29w6XQsUDdggB1LCYM2oDRrlrg3mPZB+NXNsyZmO1WHCDHw01UIW+Jq9ReLxWCkHYA+TTMfmciE1F0rjAMBggqhQMHAQEDAgUAA0EAPoJj9VFY7DeVWDWuoH7Jrv9xUNMFCxSYPVn0Tpf40jVBu4+46sHuS8ShK+sqJu5rGEQse2UhAIzMBvw8AfHysA==</X509Certificate></X509Data><KeyValue><cpxmlsec:GOSTKeyValue
xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"><cpxmlsec:PublicKey>BEB3on19/b3DpdCxQN2CAHUsJgzagNGuWuDeY9kH41c2zJmY7VYcIMfDTVQhb4mr1F4vFYKQdgD5NMx+ZyITUXSu</cpxmlsec:PublicKey><cpxmlsec:PublicKeyParameters><cpxmlsec:publicKeyParamSet>1.2.643.2.2.35.1</cpxmlsec:publicKeyParamSet><cpxmlsec:digestParamSet>1.2.643.7.1.1.2.2</cpxmlsec:digestParamSet></cpxmlsec:PublicKeyParameters></cpxmlsec:GOSTKeyValue></KeyValue></KeyInfo></Signature></inner></outer>
\ No newline at end of file
diff --git a/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml
b/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml
new file mode 100644
index 0000000..ff3ba50
--- /dev/null
+++ b/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml
@@ -0,0 +1 @@
+<outer><inner Id="obj1">Here is some data to sign.<Signature
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512"/><Reference
Id="refId123456" URI=""><Transforms><Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></Transforms><DigestMethod
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512"/><DigestValue>IRFRnY9xTD+FxJ65FCmoapu5+O7BipRrgliXBA5mURl38b3sf5pqHtVykI4y/xLebQJzOewrBNV1OKUjsaq00w==</DigestValue></Reference></SignedInfo><SignatureValue>82t15yts413kkZbN/1xnBiC+vWqvA/7ejEaHjWPog7V/CmP62P28rCVfu6uZ3nsk+/F2CvdGLNw8fNUkoaKcCYWmrPrhcsxM/g1LZxwQJVwwmSK2RRcJA5wU/4AIafB4wkO1Gc31sRYxeg7SeC//ia4frC9EZFuZvuVesAHkPq0=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIB
zjCCATigAwIBAgIQaLzR+6Byrz72SsBV3IMTCjAMBggqhQMHAQEDAwUAMCExHzAdBgNVBAMTFmdvc3QtMjAxMi01MTItdGVzdC0wMDMwHhcNMTMxMjA5MTQzMjU4WhcNMzkxMjMxMjM1OTU5WjAhMR8wHQYDVQQDExZnb3N0LTIwMTItNTEyLXRlc3QtMDAzMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAQYIKoUDBwEBAgMDgYQABIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTvshe3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64wDAYIKoUDBwEBAwMFAAOBgQB7rFkFr9uG2WTVkebjOXRuxNkL1orfzo6VRO4JhHARjfjQvHEq892f2iUEsJxO//xjgFxBQx3h6gAsaNZZzKXzsuxpfrwrTR/tAXz2qzJiMR0iY4JMp6EG2GkjsIymUt+JZGf0kjVR7s3zDih3mc9S5bqF0aLXcL+4H4JZm19yCw==</X509Certificate></X509Data><KeyValue><cpxmlsec:GOSTKeyValue
xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"><cpxmlsec:PublicKey>BIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTvshe3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64=</cpxmlsec:PublicKey><cpxmlsec:PublicKeyParameters><cpxmlsec:p
ublicKeyParamSet>1.2.643.7.1.2.1.2.1</cpxmlsec:publicKeyParamSet><cpxmlsec:digestParamSet>1.2.643.7.1.1.2.3</cpxmlsec:digestParamSet></cpxmlsec:PublicKeyParameters></cpxmlsec:GOSTKeyValue></KeyValue></KeyInfo></Signature></inner></outer>
\ No newline at end of file
diff --git a/tests/keys/gost2012_256.pem b/tests/keys/gost2012_256.pem
new file mode 100644
index 0000000..d70326c
--- /dev/null
+++ b/tests/keys/gost2012_256.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE-----
+MIIBRzCB86ADAgECAhDYvceOSjlEUQPqYpNAPDZlMAwGCCqFAwcBAQMCBQAwITEfMB0GA1UEAxMW
+Z29zdC0yMDEyLTI1Ni10ZXN0LTAwMTAeFw0xMzEyMDkxNDIzMTlaFw0zOTEyMzEyMzU5NTlaMCEx
+HzAdBgNVBAMTFmdvc3QtMjAxMi0yNTYtdGVzdC0wMDEwZjAfBggqhQMHAQEBATATBgcqhQMCAiMB
+BggqhQMHAQECAgNDAARAd6J9ff29w6XQsUDdggB1LCYM2oDRrlrg3mPZB+NXNsyZmO1WHCDHw01U
+IW+Jq9ReLxWCkHYA+TTMfmciE1F0rjAMBggqhQMHAQEDAgUAA0EAPoJj9VFY7DeVWDWuoH7Jrv9x
+UNMFCxSYPVn0Tpf40jVBu4+46sHuS8ShK+sqJu5rGEQse2UhAIzMBvw8AfHysA==
+-----END CERTIFICATE-----
diff --git a/tests/keys/gost2012_512.pem b/tests/keys/gost2012_512.pem
new file mode 100644
index 0000000..e1dc33b
--- /dev/null
+++ b/tests/keys/gost2012_512.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBzjCCATigAwIBAgIQaLzR+6Byrz72SsBV3IMTCjAMBggqhQMHAQEDAwUAMCExHzAdBgNVBAMT
+Fmdvc3QtMjAxMi01MTItdGVzdC0wMDMwHhcNMTMxMjA5MTQzMjU4WhcNMzkxMjMxMjM1OTU5WjAh
+MR8wHQYDVQQDExZnb3N0LTIwMTItNTEyLXRlc3QtMDAzMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcB
+AgECAQYIKoUDBwEBAgMDgYQABIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTv
+she3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0
+TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64wDAYIKoUDBwEBAwMFAAOBgQB7rFkF
+r9uG2WTVkebjOXRuxNkL1orfzo6VRO4JhHARjfjQvHEq892f2iUEsJxO//xjgFxBQx3h6gAsaNZZ
+zKXzsuxpfrwrTR/tAXz2qzJiMR0iY4JMp6EG2GkjsIymUt+JZGf0kjVR7s3zDih3mc9S5bqF0aLX
+cL+4H4JZm19yCw==
+-----END CERTIFICATE-----
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
