GOST is now a separately-maintained engine.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hello Andrey,
Thank you for your work, but I do not see the patch :-(
I should say that in practice the CNT mode is used in TLS where usage of
the Gost28147_CryptoProParamSetA is required.
On Mon, Apr 21, 2014 at 7:40 PM, Andrey Kulikov via RT r...@openssl.orgwrote:
Currently ccgost engine
Dmitriy,
Thanks for noticing!
I do not see it either - correcting myself. :-)
You are right - according to
http://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04
CryptoProParamSetA is required in GOST TLS.
But only for content encryption.
Premaster secret encryption could use any other
Currently ccgost engine use configured params (s-boxes) when it works in
CFB mode only.
For CNT and IMITO parameters are hardcoded to Gost28147_CryptoProParamSetA
Supplied patch allow ccgost engine to really use parameters, specified
either in config file, or via engine API.
When nothing is