2 * Copyright (c) 2010 SURFnet bv
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
18 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
20 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
22 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
23 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
24 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 /*****************************************************************************
28 OSSLGOSTPrivateKey.cpp
30 OpenSSL GOST R 34.10-2001 private key class
31 *****************************************************************************/
36 #include "OSSLGOSTPrivateKey.h"
39 #include <openssl/ec.h>
41 // DER of a private key
42 const unsigned char dummyKey[] = {
43 0x30, 0x45, 0x02, 0x01, 0x00, 0x30, 0x1c, 0x06,
44 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13, 0x30,
45 0x12, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02,
46 0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02,
47 0x02, 0x1e, 0x01, 0x04, 0x22, 0x02, 0x20, 0x1b,
48 0x3f, 0x94, 0xf7, 0x1a, 0x5f, 0x2f, 0xe7, 0xe5,
49 0x74, 0x0b, 0x8c, 0xd4, 0xb7, 0x18, 0xdd, 0x65,
50 0x68, 0x26, 0xd1, 0x54, 0xfb, 0x77, 0xba, 0x63,
51 0x72, 0xd9, 0xf0, 0x63, 0x87, 0xe0, 0xd6
55 OSSLGOSTPrivateKey::OSSLGOSTPrivateKey()
57 pkey = EVP_PKEY_new();
60 OSSLGOSTPrivateKey::OSSLGOSTPrivateKey(const EVP_PKEY* inPKEY)
68 OSSLGOSTPrivateKey::~OSSLGOSTPrivateKey()
74 /*static*/ const char* OSSLGOSTPrivateKey::type = "OpenSSL GOST Private Key";
76 // Get the output length
77 unsigned long OSSLGOSTPrivateKey::getOutputLength() const
82 // Set from OpenSSL representation
83 void OSSLGOSTPrivateKey::setFromOSSL(const EVP_PKEY* pkey)
85 const EC_KEY* eckey = (const EC_KEY*) EVP_PKEY_get0((EVP_PKEY*) pkey);
86 const BIGNUM* priv = EC_KEY_get0_private_key(eckey);
87 setD(OSSL::bn2ByteString(priv));
90 int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(eckey));
91 inEC.resize(i2d_ASN1_OBJECT(OBJ_nid2obj(nid), NULL));
92 unsigned char *p = &inEC[0];
93 i2d_ASN1_OBJECT(OBJ_nid2obj(nid), &p);
97 // Check if the key is of the given type
98 bool OSSLGOSTPrivateKey::isOfType(const char* inType)
100 return !strcmp(type, inType);
103 // Setters for the GOST private key components
104 void OSSLGOSTPrivateKey::setD(const ByteString& inD)
106 GOSTPrivateKey::setD(inD);
108 EC_KEY* inEC = (EC_KEY*) EVP_PKEY_get0((EVP_PKEY*) pkey);
111 const unsigned char* p = dummyKey;
112 if (d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p, (long) sizeof(dummyKey)) == NULL)
114 ERROR_MSG("d2i_PrivateKey failed");
118 inEC = (EC_KEY*) EVP_PKEY_get0((EVP_PKEY*) pkey);
121 const BIGNUM* priv = OSSL::byteString2bn(inD);
122 if (EC_KEY_set_private_key(inEC, priv) <= 0)
124 ERROR_MSG("EC_KEY_set_private_key failed");
127 BN_clear_free((BIGNUM*)priv);
130 if (gost2001_compute_public(inEC) <= 0)
131 ERROR_MSG("gost2001_compute_public failed");
135 // Setters for the GOST public key components
136 void OSSLGOSTPrivateKey::setEC(const ByteString& inEC)
138 GOSTPrivateKey::setEC(inEC);
141 // Retrieve the OpenSSL representation of the key
142 EVP_PKEY* OSSLGOSTPrivateKey::getOSSLKey()
148 ByteString OSSLGOSTPrivateKey::serialise() const
150 return ec.serialise() +
154 bool OSSLGOSTPrivateKey::deserialise(ByteString& serialised)
156 ByteString dEC = ByteString::chainDeserialise(serialised);
157 ByteString dD = ByteString::chainDeserialise(serialised);
159 if ((dEC.size() == 0) ||
171 // Encode into PKCS#8 DER
172 ByteString OSSLGOSTPrivateKey::PKCS8Encode()
179 // Decode from PKCS#8 BER
180 bool OSSLGOSTPrivateKey::PKCS8Decode(const ByteString& /*ber*/)