From 36a3974d24809ffc0de320eb67de7a83e810eb97 Mon Sep 17 00:00:00 2001 From: Dmitry Eremin-Solenikov Date: Tue, 29 Aug 2017 11:09:31 +0300 Subject: Declare groups corresponding to GOST curves Signed-off-by: Dmitry Eremin-Solenikov --- devel/libgnutls-latest-x86_64.abi | 7 ++++++ lib/algorithms/groups.c | 52 +++++++++++++++++++++++++++++++++++++++ lib/includes/gnutls/gnutls.h.in | 15 +++++++++++ 3 files changed, 74 insertions(+) diff --git a/devel/libgnutls-latest-x86_64.abi b/devel/libgnutls-latest-x86_64.abi index b2c058d71d..af21b7d548 100644 --- a/devel/libgnutls-latest-x86_64.abi +++ b/devel/libgnutls-latest-x86_64.abi @@ -1670,6 +1670,13 @@ + + + + + + + diff --git a/lib/algorithms/groups.c b/lib/algorithms/groups.c index 1f82bf678a..6e1326666a 100644 --- a/lib/algorithms/groups.c +++ b/lib/algorithms/groups.c @@ -73,6 +73,58 @@ static const gnutls_group_entry_st supported_groups[] = { .tls_id = 29, .pk = GNUTLS_PK_ECDH_X25519 }, +#ifdef ENABLE_GOST + /* draft-smyshlyaev-tls12-gost-suites-06, Section 6 */ + { + .name = "GC256A", + .id = GNUTLS_GROUP_GC256A, + .curve = GNUTLS_ECC_CURVE_GOST256A, + .pk = GNUTLS_PK_GOST_12_256, + .tls_id = 34, + }, + { + .name = "GC256B", + .id = GNUTLS_GROUP_GC256B, + .curve = GNUTLS_ECC_CURVE_GOST256B, + .pk = GNUTLS_PK_GOST_12_256, + .tls_id = 35, + }, + { + .name = "GC256C", + .id = GNUTLS_GROUP_GC256C, + .curve = GNUTLS_ECC_CURVE_GOST256C, + .pk = GNUTLS_PK_GOST_12_256, + .tls_id = 36, + }, + { + .name = "GC256D", + .id = GNUTLS_GROUP_GC256D, + .curve = GNUTLS_ECC_CURVE_GOST256D, + .pk = GNUTLS_PK_GOST_12_256, + .tls_id = 37, + }, + { + .name = "GC512A", + .id = GNUTLS_GROUP_GC512A, + .curve = GNUTLS_ECC_CURVE_GOST512A, + .pk = GNUTLS_PK_GOST_12_512, + .tls_id = 38, + }, + { + .name = "GC512B", + .id = GNUTLS_GROUP_GC512B, + .curve = GNUTLS_ECC_CURVE_GOST512B, + .pk = GNUTLS_PK_GOST_12_512, + .tls_id = 39, + }, + { + .name = "GC512C", + .id = GNUTLS_GROUP_GC512C, + .curve = GNUTLS_ECC_CURVE_GOST512C, + .pk = GNUTLS_PK_GOST_12_512, + .tls_id = 40, + }, +#endif #ifdef ENABLE_DHE { .name = "FFDHE2048", diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index f4bbbce306..cfd84d6e2d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -1027,6 +1027,13 @@ typedef enum { * @GNUTLS_GROUP_SECP384R1: the SECP384R1 curve group * @GNUTLS_GROUP_SECP521R1: the SECP521R1 curve group * @GNUTLS_GROUP_X25519: the X25519 curve group + * @GNUTLS_GROUP_GC256A: the GOST R 34.10 TC26 256 A curve group + * @GNUTLS_GROUP_GC256B: the GOST R 34.10 TC26 256 B curve group + * @GNUTLS_GROUP_GC256C: the GOST R 34.10 TC26 256 C curve group + * @GNUTLS_GROUP_GC256D: the GOST R 34.10 TC26 256 D curve group + * @GNUTLS_GROUP_GC512A: the GOST R 34.10 TC26 512 A curve group + * @GNUTLS_GROUP_GC512B: the GOST R 34.10 TC26 512 B curve group + * @GNUTLS_GROUP_GC512C: the GOST R 34.10 TC26 512 C curve group * @GNUTLS_GROUP_FFDHE2048: the FFDHE2048 group * @GNUTLS_GROUP_FFDHE3072: the FFDHE3072 group * @GNUTLS_GROUP_FFDHE4096: the FFDHE4096 group @@ -1046,6 +1053,14 @@ typedef enum { GNUTLS_GROUP_SECP521R1 = GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_GROUP_X25519 = GNUTLS_ECC_CURVE_X25519, + GNUTLS_GROUP_GC256A = GNUTLS_ECC_CURVE_GOST256A, + GNUTLS_GROUP_GC256B = GNUTLS_ECC_CURVE_GOST256B, + GNUTLS_GROUP_GC256C = GNUTLS_ECC_CURVE_GOST256C, + GNUTLS_GROUP_GC256D = GNUTLS_ECC_CURVE_GOST256D, + GNUTLS_GROUP_GC512A = GNUTLS_ECC_CURVE_GOST512A, + GNUTLS_GROUP_GC512B = GNUTLS_ECC_CURVE_GOST512B, + GNUTLS_GROUP_GC512C = GNUTLS_ECC_CURVE_GOST512C, + GNUTLS_GROUP_FFDHE2048 = 256, GNUTLS_GROUP_FFDHE3072, GNUTLS_GROUP_FFDHE4096, -- cgit v1.2.1