/**
* @file GOST 34.10-2012 signature function with 1024/512 bits digest
* @version 1.76
* @copyright 2014-2016, Rudolf Nickolaev. All rights reserved.
*/
/*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
import GostRandom from './gostRandom';
import GostCipher from './gostCipher';
import GostDigest from './gostDigest';
import GostSign from './gostSign';
/*
* Engine definition base on normalized algorithm identifier
*
*/ //
var root = {};
// Define engine
function defineEngine(method, algorithm) {
if (!algorithm)
throw new (root.SyntaxError || Error)('Algorithm not defined');
if (!algorithm.name)
throw new (root.SyntaxError || Error)('Algorithm name not defined');
var name = algorithm.name, mode = algorithm.mode;
if ((name === 'GOST 28147' || name === 'GOST R 34.12' || name === 'RC2') && (method === 'generateKey' ||
(mode === 'MAC' && (method === 'sign' || method === 'verify')) ||
((mode === 'KW' || mode === 'MASK') && (method === 'wrapKey' || method === 'unwrapKey')) ||
((!mode || mode === 'ES') && (method === 'encrypt' || method === 'decrypt')))) {
return 'GostCipher';
} else if ((name === 'GOST R 34.11' || name === 'SHA') && (method === 'digest' ||
(mode === 'HMAC' && (method === 'sign' || method === 'verify' || method === 'generateKey')) ||
((mode === 'KDF' || mode === 'PBKDF2' || mode === 'PFXKDF' || mode === 'CPKDF') &&
(method === 'deriveKey' || method === 'deriveBits' || method === 'generateKey')))) {
return 'GostDigest';
} else if (name === 'GOST R 34.10' && (method === 'generateKey' ||
((!mode || mode === 'SIGN') && (method === 'sign' || method === 'verify')) ||
(mode === 'MASK' && (method === 'wrapKey' || method === 'unwrapKey')) ||
(mode === 'DH' && (method === 'deriveKey' || method === 'deriveBits')))) {
return 'GostSign';
} else
throw new (root.NotSupportedError || Error)('Algorithm ' + name + '-' + mode + ' is not valid for ' + method);
} //
/**
* Object implements dedicated Web Workers and provide a simple way to create
* and run GOST cryptographic algorithms in background thread.
*
* Object provide interface to GOST low-level cryptogric classes:
*
* - GostCipher - implementation of GOST 28147, GOST R 34.12, GOST R 34.13 Encryption algorithms. Reference {@link http://tools.ietf.org/html/rfc5830}
* - GostDigest - implementation of GOST R 34.11 Hash Function algorithms. References {@link http://tools.ietf.org/html/rfc5831} and {@link http://tools.ietf.org/html/rfc6986}
* - GostSign - implementation of GOST R 34.10 Digital Signature algorithms. References {@link http://tools.ietf.org/html/rfc5832} and {@link http://tools.ietf.org/html/rfc7091}
*
* @namespace gostEngine
*/
var gostEngine = {
/**
* gostEngine.execute(algorithm, method, args) Entry point to execution
* all low-level GOST cryptographic methods
*
*
* - Determine the appropriate engine for a given execution method
* - Create cipher object for determineted engine
* - Execute method of cipher with given args
*
*
* @memberOf gostEngine
* @param {AlgorithmIndentifier} algorithm Algorithm identifier
* @param {string} method Crypto method for execution
* @param {Array} args Method arguments (keys, data, additional parameters)
* @returns {(CryptoOperationData|Key|KeyPair|boolean)} Result of method execution
*/
execute: function (algorithm, method, args) //
{
// Define engine for GOST algorithms
var engine = defineEngine(method, algorithm);
// Create cipher
var cipher = this['get' + engine](algorithm);
// Execute method
return cipher[method].apply(cipher, args);
}, //
/**
* gostEngine.getGostCipher(algorithm) returns GOST 28147 / GOST R 34.12 cipher instance
*
* GOST 28147-89 / GOST R 34.12-15 Encryption Algorithm
* When keys and initialization vectors are converted to/from byte arrays,
* little-endian byte order is assumed.
*
* Normalized algorithm identifier common parameters:
*
*
* - name Algorithm name 'GOST 28147' or 'GOST R 34.12'
* - version Algorithm version, number
*
* - 1989 Current version of standard
* - 2015 New draft version of standard
*
*
* - length Block length
*
* - 64 64 bits length (default)
* - 128 128 bits length (only for version 2015)
*
*
* - mode Algorithm mode, string
*
* - ES Encryption mode (default)
* - MAC "imitovstavka" (MAC) mode
* - KW Key wrapping mode
* - MASK Key mask mode
*
*
* - sBox Paramset sBox for GOST 28147-89, string. Used only if version = 1989
*
*
* Supported algorithms, modes and parameters:
*
*
* - Encript/Decrypt mode (ES)
*
* - block Block mode, string. Default ECB
* - keyMeshing Key meshing mode, string. Default NO
* - padding Padding mode, string. Default NO for CFB and CTR modes, or ZERO for others
* - iv {@link CryptoOperationData} Initial vector with length of block. Default - zero block
*
*
* - Sign/Verify mode (MAC)
*
* - macLength Length of mac in bits (default - 32 bits)
* - iv {@link CryptoOperationData} Initial vector with length of block. Default - zero block
*
*
* - Wrap/Unwrap key mode (KW)
*
* - keyWrapping Mode of keywrapping, string. Default NO - standard GOST key wrapping
* - ukm {@link CryptoOperationData} User key material. Default - random generated value
*
*
* - Wrap/Unwrap key mode (MASK)
*
*
* Supported paramters values:
*
*
* - Block modes (parameter 'block')
*
* - ECB "prostaya zamena" (ECB) mode (default)
* - CFB "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode
* - CTR "gammirovanie" (counter) mode
* - CBC Cipher-Block-Chaining (CBC) mode
*
*
* - Key meshing modes (parameter 'keyMeshing')
*
* - NO No key wrapping (default)
* - CP CryptoPor Key key meshing
*
*
* - Padding modes (parameter 'padding')
*
* - NO No padding only for CFB and CTR modes
* - PKCS5 PKCS#5 padding mode
* - ZERO Zero bits padding mode
* - RANDOM Random bits padding mode
*
*
* - Wrapping key modes (parameter 'keyWrapping')
*
* - NO Ref. rfc4357 6.1 GOST 28147-89 Key wrapping
* - CP CryptoPro Key wrapping mode
* - SC SignalCom Key wrapping mode
*
*
*
*
* @memberOf gostEngine
* @param {AlgorithmIndentifier} algorithm Algorithm identifier
* @returns {GostCipher} Instance of GostCipher
*/
getGostCipher: function (algorithm) //
{
return new (GostCipher || (GostCipher = root.GostCipher))(algorithm);
}, //
/**
* gostEngine.getGostDigest(algorithm) returns GOST R 34.11 cipher instance
*
* Normalized algorithm identifier common parameters:
*
*
* - name Algorithm name 'GOST R 34.11'
* - version Algorithm version
*
* - 1994 old-style 256 bits digest based on GOST 28147-89
* - 2012 256 ro 512 bits digest algorithm "Streebog" GOST R 34.11-2012 (default)
*
*
* - length Digest length
*
* - 256 256 bits digest
* - 512 512 bits digest, valid only for algorithm "Streebog"
*
*
* - mode Algorithm mode
*
* - HASH simple digest mode (default)
* - HMAC HMAC algorithm based on GOST R 34.11
* - KDF Derive bits for KEK deversification
* - PBKDF2 Password based key dirivation algorithms PBKDF2 (based on HMAC)
* - PFXKDF PFX key dirivation algorithms PFXKDF
* - CPKDF CryptoPro Password based key dirivation algorithms
*
*
* - sBox Paramset sBox for GOST 28147-89. Used only if version = 1994
*
*
* Supported algorithms, modes and parameters:
*
*
* - Digest HASH mode (default)
* - Sign/Verify HMAC modes parameters depends on version and length
*
* - version: 1994 HMAC parameters (B = 32, L = 32)
* - version: 2012, length: 256 HMAC parameters (B = 64, L = 32)
* - version: 2012, length: 512 HMAC parameters (B = 64, L = 64)
*
*
* - DeriveBits/DeriveKey KDF mode
*
* - context {@link CryptoOperationData} Context of the key derivation
* - label {@link CryptoOperationData} Label that identifies the purpose for the derived keying material
*
*
* - DeriveBits/DeriveKey PBKDF2 mode
*
* - salt {@link CryptoOperationData} Random salt as input for HMAC algorithm
* - iterations Iteration count. GOST recomended value 1000 (default) or 2000
*
*
* - DeriveBits/DeriveKey PFXKDF mode
*
* - salt {@link CryptoOperationData} Random salt as input for HMAC algorithm
* - iterations Iteration count. GOST recomended value 1000 (default) or 2000
* - diversifier Deversifier, ID=1 - key material for performing encryption or decryption,
* ID=2 - IV (Initial Value) for encryption or decryption, ID=3 - integrity key for MACing
*
*
* - DeriveBits/DeriveKey CPKDF mode
*
* - salt {@link CryptoOperationData} Random salt as input for HMAC algorithm
* - iterations Iteration count. GOST recomended value 1000 (default) or 2000
*
*
*
*
* @memberOf gostEngine
* @param {AlgorithmIndentifier} algorithm Algorithm identifier
* @returns {GostDigest} Instance of GostDigest
*/
getGostDigest: function (algorithm) //
{
return new (GostDigest || (GostDigest = root.GostDigest))(algorithm);
}, //
/**
* gostEngine.getGostSign(algorithm) returns GOST R 34.10 cipher instance
*
* Normalized algorithm identifier common parameters:
*
*
* - name Algorithm name 'GOST R 34.10'
* - version Algorithm version
*
* - 1994 - Old-style GOST R 34.10-94 ExpMod algorithm with GOST R 34.11-94 hash
* - 2001 - GOST R 34.10-2001 Eliptic curve algorithm with old GOST R 34.11-94 hash
* - 2012 - GOST R 34.10-2012 Eliptic curve algorithm with GOST R 34.11-12 hash, default mode
*
*
* - length Length of hash and signature. Key length == hash length for EC algorithms and 2 * hash length for ExpMod algorithm
*
* - GOST R 34.10-256 - 256 bits digest, default mode
* - GOST R 34.10-512 - 512 bits digest only for GOST R 34.11-2012 hash
*
*
* - mode Algorithm mode
*
* - SIGN Digital signature mode (default)
* - DH Diffie-Hellman key generation and key agreement mode
* - MASK Key mask mode
*
*
* - sBox Paramset sBox for GOST 34.11-94. Used only if version = 1994 or 2001
*
*
* Supported algorithms, modes and parameters:
*
*
* - Sign/Verify mode (SIGN)
* - Wrap/Unwrap mode (MASK)
* - DeriveKey/DeriveBits mode (DH)
*
* - {@link CryptoOperationData} ukm User key material. Default - random generated value
* - {@link CryptoOperationData} public The peer's EC public key data
*
*
* - GenerateKey mode (SIGN and DH and MASK) version = 1994
*
* - namedParam Paramset for key generation algorithm. If specified no additianal parameters required
*
* Additional parameters, if namedParam not specified
*
* - modulusLength Bit length of p (512 or 1024 bits). Default = 1024
* - p {@link CryptoOperationData} Modulus, prime number, 2^(t-1)
*
- q {@link CryptoOperationData} Order of cyclic group, prime number, 2^254
*
- a {@link CryptoOperationData} Generator, integer, 1
*
*
* - GenerateKey mode (SIGN and DH and MASK) version = 2001 or 2012
*
* - namedCurve Paramset for key generation algorithm. If specified no additianal parameters required
*
* Additional EC parameters, if namedCurve not specified
*
* - p {@link CryptoOperationData} Prime number - elliptic curve modulus
* - a {@link CryptoOperationData} Coefficients a of the elliptic curve E
* - b {@link CryptoOperationData} Coefficients b of the elliptic curve E
* - q {@link CryptoOperationData} Prime number - order of cyclic group
* - x {@link CryptoOperationData} Base point p x-coordinate
* - y {@link CryptoOperationData} Base point p y-coordinate
*
*
*
*
* @memberOf gostEngine
* @param {AlgorithmIndentifier} algorithm Algorithm identifier
* @returns {GostSign} Instance of GostSign
*/
getGostSign: function (algorithm) //
{
return new (GostSign || (GostSign = root.GostSign))(algorithm);
} //
};
/*
* Worker method execution
*
*/ //
// Worker for gostCripto method execution
if (root.importScripts) {
/**
* Method called when {@link SubtleCrypto} calls its own postMessage()
* method with data parameter: algorithm, method and arg.
* Call method execute and postMessage() results to onmessage event handler
* in the main process.
* If error occured onerror event handler executed in main process.
*
* @memberOf gostEngine
* @name onmessage
* @param {MessageEvent} event Message event with data {algorithm, method, args}
*/
root.onmessage = function (event) {
try {
postMessage({
id: event.data.id,
result: gostEngine.execute(event.data.algorithm,
event.data.method, event.data.args)});
} catch (e) {
postMessage({
id: event.data.id,
error: e.message
});
}
};
} else {
// Load dependens
var baseUrl = '', nameSuffix = '';
// Try to define from DOM model
if (typeof document !== 'undefined') {
(function () {
var regs = /^(.*)gostCrypto(.*)\.js$/i;
var list = document.querySelectorAll('script');
for (var i = 0, n = list.length; i < n; i++) {
var value = list[i].getAttribute('src');
var test = regs.exec(value);
if (test) {
baseUrl = test[1];
nameSuffix = test[2];
}
}
})();
}
// Local importScripts procedure for include dependens
var importScripts = function () {
for (var i = 0, n = arguments.length; i < n; i++) {
var name = arguments[i].split('.'),
src = baseUrl + name[0] + nameSuffix + '.' + name[1];
var el = document.querySelector('script[src="' + src + '"]');
if (!el) {
el = document.createElement('script');
el.setAttribute('src', src);
document.head.appendChild(el);
}
}
};
// Import engines
if (!GostRandom)
importScripts('gostRandom.js');
if (!GostCipher)
importScripts('gostCipher.js');
if (!GostDigest)
importScripts('gostDigest.js');
if (!GostSign)
importScripts('gostSign.js');
} //
export default gostEngine;