GOST is not a block cipher, it's the acronym for "GOsudarstvennyi
STandard", which means "State Standard". It's not dedicated to cryptography.
Speaking of GOST standard is redundant, but clearer for non russian
locutors.
There's a block cipher (poorly) defined as a GOST standard, referenced
"GOST 28147-89". Attempts to be adopted as an ISO standard have failed.
The S-Box to use is not defined in the standard, whence 2 compliant
implementations can be non interoperable.
There's also a hash algorithm defined as a GOST standard, referenced
"GOST R 34.11-94" or "GOST 34.311-95", using GOST 28147-89 inside. "GOST
R 34.11-94" in itself is also useless because of the lack of S-Box
standard. The RFC 4357 defines 2 S-Boxes.
And finally there's a digital signature defined as a GOST standard,
referenced "GOST R 34.10-94" and superseded by "GOST R 34.10-2001"
(RFC5832), consider it similar to ECDSA. It uses "GOST R 34.11-94" to
hash data (just as {EC}DSA uses SHA{1,2*}).
--
Erwann ABALEA
Le 28/07/2012 21:31, Jeffrey Walton a écrit :
On Fri, Jul 27, 2012 at 9:00 AM, Abyss Lingvo <xidex...@yahoo.com> wrote:
Hi all!
The last problem is how to create GOST key pair for certificate.
It is clear how to create RSA keys.
Sample is here : http://www.openssl.org/docs/crypto/EVP_PKEY_keygen.html
#include <openssl/evp.h>
#include <openssl/rsa.h>
EVP_PKEY_CTX *ctx;
EVP_PKEY *pkey = NULL;
ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
if (!ctx)
/* Error occurred */
if (EVP_PKEY_keygen_init(ctx) <= 0)
/* Error */
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
/* Error */
/* Generate key */
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
/* Error */
Unfortunately there is no EVP_PKEY_GOST constant and I can't create EVP_PKEY
containing GOST key pair.
Does anybody know how to create GOST key pair?
GOST is a block cipher. It uses a symmetric key, not public/private keys.
Jeff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org