diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-11-09 14:02:56 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-06-23 12:20:16 +0300 |
| commit | b8d3b99c4eedaa52537c9a2caf957e0215a7e313 (patch) | |
| tree | 73023f12297b1a48cca2a86efc311ed0592abdf0 /lib/includes | |
| parent | 8062f19086f9e54e87359a3924072927e20104ee (diff) | |
| download | gnutls-b8d3b99c4eedaa52537c9a2caf957e0215a7e313.tar.gz | |
Add support for PBES2/PBKDF2 using GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'lib/includes')
| -rw-r--r-- | lib/includes/gnutls/x509.h | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 7f9c29e253..cd54e8c4ca 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -1098,6 +1098,11 @@ unsigned gnutls_x509_crt_check_key_purpose(gnutls_x509_crt_t cert, * @GNUTLS_PKCS_PBES2_AES_256: PBES2 AES-256. * @GNUTLS_PKCS_PBES2_DES: PBES2 single DES. * @GNUTLS_PKCS_PBES2_DES_MD5: PBES1 with single DES; for compatibility with openssl only. + * @GNUTLS_PKCS_PBES2_GOST_TC26Z: PBES2 GOST 28147-89 CFB with TC26-Z S-box. + * @GNUTLS_PKCS_PBES2_GOST_CPA: PBES2 GOST 28147-89 CFB with CryptoPro-A S-box. + * @GNUTLS_PKCS_PBES2_GOST_CPB: PBES2 GOST 28147-89 CFB with CryptoPro-B S-box. + * @GNUTLS_PKCS_PBES2_GOST_CPC: PBES2 GOST 28147-89 CFB with CryptoPro-C S-box. + * @GNUTLS_PKCS_PBES2_GOST_CPD: PBES2 GOST 28147-89 CFB with CryptoPro-D S-box. * * Enumeration of different PKCS encryption flags. */ @@ -1112,7 +1117,12 @@ typedef enum gnutls_pkcs_encrypt_flags_t { GNUTLS_PKCS_PBES2_AES_256 = 1<<7, GNUTLS_PKCS_NULL_PASSWORD = 1<<8, GNUTLS_PKCS_PBES2_DES = 1<<9, - GNUTLS_PKCS_PBES1_DES_MD5 = 1<<10 + GNUTLS_PKCS_PBES1_DES_MD5 = 1<<10, + GNUTLS_PKCS_PBES2_GOST_TC26Z = 1<<11, + GNUTLS_PKCS_PBES2_GOST_CPA = 1<<12, + GNUTLS_PKCS_PBES2_GOST_CPB = 1<<13, + GNUTLS_PKCS_PBES2_GOST_CPC = 1<<14, + GNUTLS_PKCS_PBES2_GOST_CPD = 1<<15 } gnutls_pkcs_encrypt_flags_t; #define GNUTLS_PKCS_CIPHER_MASK(x) ((x)&(~(GNUTLS_PKCS_NULL_PASSWORD))) @@ -1124,6 +1134,11 @@ typedef enum gnutls_pkcs_encrypt_flags_t { #define GNUTLS_PKCS_USE_PBES2_AES_128 GNUTLS_PKCS_PBES2_AES_128 #define GNUTLS_PKCS_USE_PBES2_AES_192 GNUTLS_PKCS_PBES2_AES_192 #define GNUTLS_PKCS_USE_PBES2_AES_256 GNUTLS_PKCS_PBES2_AES_256 +#define GNUTLS_PKCS_USE_PBES2_GOST_TC26Z GNUTLS_PKCS_PBES2_GOST_TC26Z +#define GNUTLS_PKCS_USE_PBES2_GOST_CPA GNUTLS_PKCS_PBES2_GOST_CPA +#define GNUTLS_PKCS_USE_PBES2_GOST_CPB GNUTLS_PKCS_PBES2_GOST_CPB +#define GNUTLS_PKCS_USE_PBES2_GOST_CPC GNUTLS_PKCS_PBES2_GOST_CPC +#define GNUTLS_PKCS_USE_PBES2_GOST_CPD GNUTLS_PKCS_PBES2_GOST_CPD const char *gnutls_pkcs_schema_get_name(unsigned int schema); const char *gnutls_pkcs_schema_get_oid(unsigned int schema); |