[xmlsec] experimental GOST2012 support (patch from Nikolay Shaplov)



commit 0606b7421d17b36600f27e338f82dd473d753ec9
Author: Aleksey Sanin <aleksey aleksey com>
Date:   Thu Oct 23 10:14:56 2014 -0700

    experimental GOST2012 support (patch from Nikolay Shaplov)

 configure.in                                       |   22 ++-
 include/xmlsec/app.h                               |   45 +++
 include/xmlsec/openssl/crypto.h                    |   73 +++++-
 include/xmlsec/private.h                           |   12 +
 include/xmlsec/strings.h                           |   30 ++
 src/app.c                                          |  137 ++++++++++
 src/dl.c                                           |   52 ++++-
 src/openssl/crypto.c                               |   19 +-
 src/openssl/digests.c                              |  127 +++++++++-
 src/openssl/evp.c                                  |  286 +++++++++++++++++++-
 src/openssl/signatures.c                           |  138 +++++++++-
 src/skeleton/crypto.c                              |    5 +
 src/strings.c                                      |   34 +++
 .../aleksey-xmldsig-01/enveloping-gost2012-256.xml |    1 +
 .../aleksey-xmldsig-01/enveloping-gots2012-512.xml |    1 +
 tests/keys/gost2012_256.pem                        |    8 +
 tests/keys/gost2012_512.pem                        |   11 +
 17 files changed, 982 insertions(+), 19 deletions(-)
---
diff --git a/configure.in b/configure.in
index 7690e7a..71f9106 100644
--- a/configure.in
+++ b/configure.in
@@ -1325,7 +1325,7 @@ AC_SUBST(XMLSEC_NO_AES)
 dnl ==========================================================================
 dnl See do we need GOST support
 dnl ==========================================================================
-AC_MSG_CHECKING(for GOST support) 
+AC_MSG_CHECKING(for GOST support)
 AC_ARG_ENABLE(gost,   [  --enable-gost           enable GOST support (no)])
 if test "z$enable_gost" != "zyes" ; then
     XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST=1"
@@ -1334,10 +1334,28 @@ if test "z$enable_gost" != "zyes" ; then
 else
     XMLSEC_NO_GOST="0"
     AC_MSG_RESULT(yes)
-fi    
+fi
 AM_CONDITIONAL(XMLSEC_NO_GOST, test "z$XMLSEC_NO_GOST" = "z1")
 AC_SUBST(XMLSEC_NO_GOST)
 
+
+dnl ==========================================================================
+dnl See do we need GOST2012 support
+dnl ==========================================================================
+AC_MSG_CHECKING(for EXPERMIENTAL GOST2012 support)
+AC_ARG_ENABLE(gost,   [  --enable-gost2012       enable EXPERMIENTAL GOST2012 support (no)])
+if test "z$enable_gost2012" != "zyes" ; then
+    XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_GOST2012=1"
+    XMLSEC_NO_GOST2012="1"
+    AC_MSG_RESULT(no)
+else
+    XMLSEC_NO_GOST2012="0"
+    AC_MSG_RESULT(yes)
+fi
+AM_CONDITIONAL(XMLSEC_NO_GOST2012, test "z$XMLSEC_NO_GOST2012" = "z1")
+AC_SUBST(XMLSEC_NO_GOST2012)
+
+
 dnl ==========================================================================
 dnl See do we need XMLDSig support
 dnl ==========================================================================
diff --git a/include/xmlsec/app.h b/include/xmlsec/app.h
index 5fe572a..471bfb6 100644
--- a/include/xmlsec/app.h
+++ b/include/xmlsec/app.h
@@ -80,6 +80,20 @@ XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataEcdsaGetKlass
 #define xmlSecKeyDataGost2001Id                 xmlSecKeyDataGost2001GetKlass()
 XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataGost2001GetKlass   (void);
 /**
+ * xmlSecKeyDataGostR3410_2012_256Id:
+ *
+ * The GOST R 34.10-2012 256 bit key klass.
+ */
+#define xmlSecKeyDataGostR3410_2012_256Id       xmlSecKeyDataGostR3410_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataGostR3410_2012_256GetKlass (void);
+/**
+ * xmlSecKeyDataGostR3410_2012_512Id:
+ *
+ * The GOST R 34.10-2012 512 bit key klass.
+ */
+#define xmlSecKeyDataGostR3410_2012_512Id       xmlSecKeyDataGostR3410_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataGostR3410_2012_512GetKlass (void);
+/**
  * xmlSecKeyDataHmacId:
  *
  * The DHMAC key klass.
@@ -241,6 +255,22 @@ XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha512GetKla
 XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGost2001GostR3411_94GetKlass     (void);
 
 /**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_256Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ */
+#define xmlSecTransformGostR3410_2012GostR3411_2012_256Id   
xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass     
(void);
+
+/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_512Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ */
+#define xmlSecTransformGostR3410_2012GostR3411_2012_512Id   
xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass     
(void);
+
+/**
  * xmlSecTransformHmacMd5Id:
  *
  * The HMAC with MD5 signature transform klass.
@@ -375,6 +405,21 @@ XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaOaepGetKlass
 #define xmlSecTransformGostR3411_94Id                   xmlSecTransformGostR3411_94GetKlass()
 XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3411_94GetKlass     (void);
 /**
+ * xmlSecTransformGostR3411_2012_256Id:
+ *
+ * The GOST R 34.11-2012 256 bit digest transform klass.
+ */
+#define xmlSecTransformGostR3411_2012_256Id     xmlSecTransformGostR3411_2012_256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3411_2012_256GetKlass     (void);
+/**
+ * xmlSecTransformGostR3411_2012_512Id:
+ *
+ * The GOST R 34.11-2012 512 bit digest transform klass.
+ */
+#define xmlSecTransformGostR3411_2012_512Id     xmlSecTransformGostR3411_2012_512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3411_2012_512GetKlass     (void);
+
+/**
  * xmlSecTransformSha1Id:
  *
  * The SHA1 digest transform klass.
diff --git a/include/xmlsec/openssl/crypto.h b/include/xmlsec/openssl/crypto.h
index b2fbea9..7449081 100644
--- a/include/xmlsec/openssl/crypto.h
+++ b/include/xmlsec/openssl/crypto.h
@@ -276,12 +276,13 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha512GetKlass
 
 #endif /* XMLSEC_NO_ECDSA */
 
+#ifndef XMLSEC_NO_GOST
+
 /********************************************************************
  *
  * GOST2001 transform
  *
  *******************************************************************/
-#ifndef XMLSEC_NO_GOST
 
 /**
  * xmlSecOpenSSLKeyDataGost2001Id:
@@ -310,9 +311,77 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGost2001GostR3411_9
 #define xmlSecOpenSSLTransformGostR3411_94Id \
                xmlSecOpenSSLTransformGostR3411_94GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_94GetKlass(void);
-
 #endif /* XMLSEC_NO_GOST */
 
+
+#ifndef XMLSEC_NO_GOST2012
+/********************************************************************
+ *
+ * GOST R 34.10-2012  transform
+ *
+ *******************************************************************/
+
+/**
+ * xmlSecOpenSSLKeyDataGostR4310_2012_256Id:
+ *
+ * The GOST R 34.10-2012 256 key klass.
+ */
+#define xmlSecOpenSSLKeyDataGostR3410_2012_256Id \
+        xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass   (void);
+
+
+/**
+ * xmlSecOpenSSLKeyDataGostR4310_2012_512Id:
+ *
+ * The GOST R 34.10-2012 512 key klass.
+ */
+#define xmlSecOpenSSLKeyDataGostR3410_2012_512Id \
+        xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass   (void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 3411-2012 256 bit signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id \
+        xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id:
+ *
+ * The GOST R 34.10-2012 - GOST R 3411-2012 512 bit signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id \
+        xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_256Id:
+ *
+ * The GOST R 34.11-2012 256 bit hash transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3411_2012_256Id \
+       xmlSecOpenSSLTransformGostR3411_2012_256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_512Id:
+ *
+ * The GOST R 34.11-2012 512 bit hash transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3411_2012_512Id \
+       xmlSecOpenSSLTransformGostR3411_2012_512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void);
+
+#endif /* XMLSEC_NO_GOST2012 */
+
 /********************************************************************
  *
  * HMAC transforms
diff --git a/include/xmlsec/private.h b/include/xmlsec/private.h
index 74e6de1..db743e4 100644
--- a/include/xmlsec/private.h
+++ b/include/xmlsec/private.h
@@ -336,6 +336,8 @@ typedef int                     (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
  * @keyDataDsaGetKlass:         the method to get pointer to DSA key data klass.
  * @keyDataEcdsaGetKlass:       the method to get pointer to ECDSA key data klass.
  * @keyDataGost2001GetKlass:    the method to get pointer to GOST 2001 key data klass.
+ * @keyDataGostR3410_2012_256GetKlass: the method to get pointer to GOST R 34.10-2012 256 bit key data klass.
+ * @keyDataGostR3410_2012_512GetKlass: the method to get pointer to GOST R 34.10-2012 512 bit key data klass.
  * @keyDataHmacGetKlass:        the method to get pointer to HMAC key data klass.
  * @keyDataRsaGetKlass:         the method to get pointer to RSA key data klass.
  * @keyDataX509GetKlass:        the method to get pointer to X509 key data klass.
@@ -357,6 +359,8 @@ typedef int                     (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
  * @transformEcdsaSha384GetKlass: the method to get pointer to ECDSA-SHA384 signature transform.
  * @transformEcdsaSha512GetKlass: the method to get pointer to ECDSA-SHA512 signature transform.
  * @transformGost2001GostR3411_94GetKlass: the method to get pointer to GOST2001 transform.
+ * @transformGostR3410_2012GostR3411_2012_256GetKlass: the method to get pointer to GOST R 34.10-2012 - GOST 
R 34.11-2012 256bit transform.
+ * @transformGostR3410_2012GostR3411_2012_512GetKlass: the method to get pointer to GOST R 34.10-2012 - GOST 
R 34.11_2012 512bit transform.
  * @transformHmacMd5GetKlass:   the method to get pointer to HMAC-MD5 transform.
  * @transformHmacRipemd160GetKlass: the method to get pointer to HMAC-RIPEMD160 transform.
  * @transformHmacSha1GetKlass:  the method to get pointer to HMAC-SHA1 transform.
@@ -376,6 +380,8 @@ typedef int                     (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSec
  * @transformRsaPkcs1GetKlass:  the method to get pointer to RSA-PKCS1_5 key transport transform.
  * @transformRsaOaepGetKlass:   the method to get pointer to RSA-OAEP key transport transform.
  * @transformGostR3411_94GetKlass: the method to get pointer to GOST R3411 transform.
+ * @transformGostR3411_2012_256GetKlass: the method to get pointer to GOST R 34.11-2012 256 bit transform.
+ * @transformGostR3411_2012_512GetKlass: the method to get pointer to GOST R 34.11-2012 512 bit transform.
  * @transformSha1GetKlass:      the method to get pointer to SHA1 digest transform.
  * @transformSha224GetKlass:    the method to get pointer to SHA224 digest transform.
  * @transformSha256GetKlass:    the method to get pointer to SHA256 digest transform.
@@ -411,6 +417,8 @@ struct _xmlSecCryptoDLFunctions {
     xmlSecCryptoKeyDataGetKlassMethod            keyDataDsaGetKlass;
     xmlSecCryptoKeyDataGetKlassMethod            keyDataEcdsaGetKlass;
     xmlSecCryptoKeyDataGetKlassMethod            keyDataGost2001GetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataGostR3410_2012_256GetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataGostR3410_2012_512GetKlass;
     xmlSecCryptoKeyDataGetKlassMethod            keyDataHmacGetKlass;
     xmlSecCryptoKeyDataGetKlassMethod            keyDataRsaGetKlass;
     xmlSecCryptoKeyDataGetKlassMethod            keyDataX509GetKlass;
@@ -436,6 +444,8 @@ struct _xmlSecCryptoDLFunctions {
     xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha384GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha512GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformGost2001GostR3411_94GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGostR3410_2012GostR3411_2012_256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGostR3410_2012GostR3411_2012_512GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformHmacMd5GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformHmacRipemd160GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformHmacSha1GetKlass;
@@ -455,6 +465,8 @@ struct _xmlSecCryptoDLFunctions {
     xmlSecCryptoTransformGetKlassMethod          transformRsaPkcs1GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformRsaOaepGetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformGostR3411_94GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGostR3411_2012_256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGostR3411_2012_512GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformSha1GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformSha224GetKlass;
     xmlSecCryptoTransformGetKlassMethod          transformSha256GetKlass;
diff --git a/include/xmlsec/strings.h b/include/xmlsec/strings.h
index 5e3f6a1..9ee26d8 100644
--- a/include/xmlsec/strings.h
+++ b/include/xmlsec/strings.h
@@ -369,6 +369,26 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGost2001GostR3411_94[];
 
 /*************************************************************************
  *
+ * GOST R 34.10-2012 strings
+ *
+ ************************************************************************/
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012_256KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeGostR3410_2012_256KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012_256KeyValue[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012_512KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeGostR3410_2012_512KeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012_512KeyValue[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_256[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_512[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_512[];
+
+
+/*************************************************************************
+ *
  * EncryptedKey
  *
  ************************************************************************/
@@ -514,6 +534,16 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_94[];
 
 /*************************************************************************
  *
+ * GOST R 34.11-2012 strings
+ *
+ ************************************************************************/
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_2012_256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameGostR3411_2012_512[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefGostR3411_2012_512[];
+
+/*************************************************************************
+ *
  * SHA1 strings
  *
  ************************************************************************/
diff --git a/src/app.c b/src/app.c
index 55f5453..6cf8a08 100644
--- a/src/app.c
+++ b/src/app.c
@@ -220,6 +220,52 @@ xmlSecKeyDataGost2001GetKlass(void) {
 }
 
 /**
+ * xmlSecKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 256 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_256GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataGostR3410_2012_256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecKeyDataIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_256GetKlass());
+}
+
+/**
+ * xmlSecKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: GOST R 34.10-2012 512 bit key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the GOST R 34.10-2012 key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataGostR3410_2012_512GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataGostR3410_2012_512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecKeyDataIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->keyDataGostR3410_2012_512GetKlass());
+}
+
+/**
  * xmlSecKeyDataHmacGetKlass:
  *
  * The HMAC key data klass.
@@ -713,6 +759,52 @@ xmlSecTransformGost2001GostR3411_94GetKlass(void) {
 }
 
 /**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGostR3410_2012GostR3411_2012_256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGostR3410_2012GostR3411_2012_512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformGostR3410_2012GostR3411_2012_512GetKlass());
+}
+
+/**
  * xmlSecTransformHmacMd5GetKlass:
  *
  * The HMAC-MD5 transform klass.
@@ -1149,7 +1241,52 @@ xmlSecTransformGostR3411_94GetKlass(void) {
     return(xmlSecCryptoDLGetFunctions()->transformGostR3411_94GetKlass());
 }
 
+/**
+ * xmlSecTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_256GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGostR3411_2012_256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_256GetKlass());
+}
+
+/**
+ * xmlSecTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformGostR3411_2012_512GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || 
(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGostR3411_2012_512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
 
+    return(xmlSecCryptoDLGetFunctions()->transformGostR3411_2012_512GetKlass());
+}
 /**
  * xmlSecTransformSha1GetKlass:
  *
diff --git a/src/dl.c b/src/dl.c
index 255818f..5aa08f3 100644
--- a/src/dl.c
+++ b/src/dl.c
@@ -650,7 +650,22 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
                     XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    if((functions->keyDataHmacGetKlass != NULL) && 
(xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
+    if((functions->keyDataGostR3410_2012_256GetKlass != NULL) && 
(xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_256GetKlass()) < 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_256GetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    if((functions->keyDataGostR3410_2012_512GetKlass != NULL) && 
(xmlSecKeyDataIdsRegister(functions->keyDataGostR3410_2012_512GetKlass()) < 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGostR3410_2012_512GetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }    if((functions->keyDataHmacGetKlass != NULL) && 
(xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
         xmlSecError(XMLSEC_ERRORS_HERE,
                     xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataHmacGetKlass())),
                     "xmlSecKeyDataIdsRegister",
@@ -770,6 +785,24 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
         return(-1);
     }
 
+    if((functions->transformGostR3410_2012GostR3411_2012_256GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_256GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformGostR3410_2012GostR3411_2012_512GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformGostR3410_2012GostR3411_2012_512GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3410_2012GostR3411_2012_512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     if((functions->transformDsaSha1GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformDsaSha1GetKlass()) < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
                     
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha1GetKlass())),
@@ -1004,6 +1037,23 @@ xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFuncti
         return(-1);
     }
 
+    if((functions->transformGostR3411_2012_256GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformGostR3411_2012_256GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformGostR3411_2012_512GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformGostR3411_2012_512GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    
xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_2012_512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     if((functions->transformSha1GetKlass != NULL) && 
xmlSecTransformIdsRegister(functions->transformSha1GetKlass()) < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
                     xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha1GetKlass())),
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index eba1a32..77963a9 100644
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -80,7 +80,12 @@ xmlSecCryptoGetFunctions_openssl(void) {
 
 #ifndef XMLSEC_NO_GOST
     gXmlSecOpenSSLFunctions->keyDataGost2001GetKlass           = xmlSecOpenSSLKeyDataGost2001GetKlass;
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+    gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_256GetKlass = 
xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass;
+    gXmlSecOpenSSLFunctions->keyDataGostR3410_2012_512GetKlass = 
xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
 
 #ifndef XMLSEC_NO_HMAC
     gXmlSecOpenSSLFunctions->keyDataHmacGetKlass        = xmlSecOpenSSLKeyDataHmacGetKlass;
@@ -166,13 +171,17 @@ xmlSecCryptoGetFunctions_openssl(void) {
 
     /******************************* GOST ********************************/
 #ifndef XMLSEC_NO_GOST
-    gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass             = 
xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
-#endif /* XMLSEC_NO_GOST */
-
-#ifndef XMLSEC_NO_GOST
+    gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass     = 
xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
     gXmlSecOpenSSLFunctions->transformGostR3411_94GetKlass             = 
xmlSecOpenSSLTransformGostR3411_94GetKlass;
 #endif /* XMLSEC_NO_GOST */
 
+#ifndef XMLSEC_NO_GOST2012
+    gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass = 
xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass;
+    gXmlSecOpenSSLFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass = 
xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass;
+    gXmlSecOpenSSLFunctions->transformGostR3411_2012_256GetKlass       = 
xmlSecOpenSSLTransformGostR3411_2012_256GetKlass;
+    gXmlSecOpenSSLFunctions->transformGostR3411_2012_512GetKlass       = 
xmlSecOpenSSLTransformGostR3411_2012_512GetKlass;
+#endif /* XMLSEC_NO_GOST2012 */
+
     /******************************* HMAC ********************************/
 #ifndef XMLSEC_NO_HMAC
 
diff --git a/src/openssl/digests.c b/src/openssl/digests.c
index b103035..74b91df 100644
--- a/src/openssl/digests.c
+++ b/src/openssl/digests.c
@@ -108,6 +108,15 @@ xmlSecOpenSSLEvpDigestCheckId(xmlSecTransformPtr transform) {
     } else
 #endif /* XMLSEC_NO_GOST*/
 
+#ifndef XMLSEC_NO_GOST2012
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+        return(1);
+    } else
+
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_GOST2012 */
 
     {
         return(0);
@@ -183,7 +192,35 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
                        return(-1);
                }
     } else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_256Id)) {
+        ctx->digest = EVP_get_digestbyname("md_gost12_256");
+                               if (!ctx->digest)
+                               {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+                               }
+    } else
+
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_2012_512Id)) {
+        ctx->digest = EVP_get_digestbyname("md_gost12_512");
+                               if (!ctx->digest)
+                               {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+                               }
+    } else
+#endif /* XMLSEC_NO_GOST2012 */
 
     {
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -744,3 +781,91 @@ xmlSecOpenSSLTransformGostR3411_94GetKlass(void) {
 }
 #endif /* XMLSEC_NO_GOST*/
 
+#ifndef XMLSEC_NO_GOST2012
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 256 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecOpenSSLEvpDigestSize,                   /* size_t objSize */
+
+    xmlSecNameGostR3411_2012_256,               /* const xmlChar* name; */
+    xmlSecHrefGostR3411_2012_256,               /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecOpenSSLEvpDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_256GetKlass:
+ *
+ * GOST R 34.11-2012 256 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 256 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void) {
+    return(&xmlSecOpenSSLGostR3411_2012_256Klass);
+}
+
+/******************************************************************************
+ *
+ * GOST R 34.11-2012 512 bit
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_2012_512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecOpenSSLEvpDigestSize,                   /* size_t objSize */
+
+    xmlSecNameGostR3411_2012_512,               /* const xmlChar* name; */
+    xmlSecHrefGostR3411_2012_512,               /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecOpenSSLEvpDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_2012_512GetKlass:
+ *
+ * GOST R 34.11-2012 512 bit digest transform klass.
+ *
+ * Returns: pointer to GOST R 34.11-2012 512 bit digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void) {
+    return(&xmlSecOpenSSLGostR3411_2012_512Klass);
+}
+
+#endif /* XMLSEC_NO_GOST2012 */
+
diff --git a/src/openssl/evp.c b/src/openssl/evp.c
index 464a5a3..41b808a 100644
--- a/src/openssl/evp.c
+++ b/src/openssl/evp.c
@@ -250,6 +250,7 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
         }
         break;
 #endif /* XMLSEC_NO_ECDSA */
+
 #ifndef XMLSEC_NO_GOST
     case NID_id_GostR3410_2001:
         data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGost2001Id);
@@ -263,6 +264,33 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
         }
         break;
 #endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+    case NID_id_GostR3410_2012_256:
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_256Id);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataGostR3410_2012_256Id");
+            return(NULL);
+        }
+        break;
+
+    case NID_id_GostR3410_2012_512:
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGostR3410_2012_512Id);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataGostR3410_2012_512Id");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_GOST2012 */
+
     default:
         xmlSecError(XMLSEC_ERRORS_HERE,
                     NULL,
@@ -1844,14 +1872,12 @@ xmlSecOpenSSLKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
             xmlSecOpenSSLKeyDataRsaGetSize(data));
 }
-
 #endif /* XMLSEC_NO_RSA */
 
-
 #ifndef XMLSEC_NO_GOST
 /**************************************************************************
  *
- * GOST2001 xml key representation processing. Contain errors.
+ * GOST2001 xml key representation processing
  *
  *************************************************************************/
 static int              xmlSecOpenSSLKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
@@ -1970,6 +1996,258 @@ xmlSecOpenSSLKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
             xmlSecOpenSSLKeyDataGost2001GetSize(data));
 }
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 256 bit xml key representation processing
+ *
+ *************************************************************************/
+static int              xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data);
+static void              xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_256Klass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecOpenSSLEvpKeyDataSize,
+
+    /* data */
+    xmlSecNameGostR3410_2012_256KeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefGostR3410_2012_256KeyValue,         /* const xmlChar* href; */
+    xmlSecNodeGostR3410_2012_256KeyValue,         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize,    /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate,     /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize,      /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_256Generate,*/   /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256GetType,       /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize,       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    NULL,       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump,     /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 256 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 256 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetKlass(void) {
+    return(&xmlSecOpenSSLKeyDataGostR3410_2012_256Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Initialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_256Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256Finalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+
+    xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetType(xmlSecKeyDataPtr data) {
+       /* Now I don't know how to find whether we have both private and public key
+       or the public only*/
+       return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id), 0);
+
+    return 512;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== gost key: size = %d\n",
+            xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_256DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_256Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<GOST2012_256KeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataGostR3410_2012_256GetSize(data));
+}
+
+
+
+
+/**************************************************************************
+ *
+ * GOST R 34.10-2012 512 bit xml key representation processing
+ *
+ *************************************************************************/
+static int              xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data);
+static void              xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGostR3410_2012_512Klass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecOpenSSLEvpKeyDataSize,
+
+    /* data */
+    xmlSecNameGostR3410_2012_512KeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefGostR3410_2012_512KeyValue,         /* const xmlChar* href; */
+    xmlSecNodeGostR3410_2012_512KeyValue,         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize,    /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate,     /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize,      /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL, /* xmlSecOpenSSLKeyDataGostR3410_2012_512Generate,*/   /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512GetType,       /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize,       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    NULL,       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump,     /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 512 bit key data klass.
+ *
+ * Returns: pointer to GOST R 34.10-2012 512 bit key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetKlass(void) {
+    return(&xmlSecOpenSSLKeyDataGostR3410_2012_512Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Initialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGostR3410_2012_512Duplicate(xmlSecKeyDataPtr dst,
+xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512Finalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+
+    xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetType(xmlSecKeyDataPtr data) {
+       /* Now I don't know how to find whether we have both private and public key
+       or the public only*/
+       return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id), 0);
+
+    return 1024;
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== gost key: size = %d\n",
+            xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGostR3410_2012_512DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGostR3410_2012_512Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<GOST2012_512KeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataGostR3410_2012_512GetSize(data));
+}
 
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST2012 */
 
diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c
index 6751ba0..563ce7b 100644
--- a/src/openssl/signatures.c
+++ b/src/openssl/signatures.c
@@ -208,7 +208,16 @@ xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
         return(1);
     } else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+        return(1);
+    } else
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_GOST2012 */
 
     {
         return(0);
@@ -354,7 +363,35 @@ xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
                return(-1);
         }
     } else
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256Id)) {
+        ctx->keyId  = xmlSecOpenSSLKeyDataGostR3410_2012_256Id;
+        ctx->digest = EVP_get_digestbyname("md_gost12_256");
+               if (!ctx->digest) {
+                       xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+                       return(-1);
+               }
+    } else
+
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512Id)) {
+        ctx->keyId  = xmlSecOpenSSLKeyDataGostR3410_2012_512Id;
+        ctx->digest = EVP_get_digestbyname("md_gost12_512");
+               if (!ctx->digest) {
+                       xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+                       return(-1);
+               }
+    } else
+#endif /* XMLSEC_NO_GOST2012 */
 
     if(1) {
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1988,7 +2025,6 @@ xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
 
 #endif /* XMLSEC_NO_RSA */
 
-
 #ifndef XMLSEC_NO_GOST
 /****************************************************************************
  *
@@ -2034,7 +2070,101 @@ xmlSecTransformId
 xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void) {
     return(&xmlSecOpenSSLGost2001GostR3411_94Klass);
 }
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST2012
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameGostR3410_2012GostR3411_2012_256, /* const xmlChar* name; */
+    xmlSecHrefGostR3410_2012GostR3411_2012_256, /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_256GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 256 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_256GetKlass(void) {
+    return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_256Klass);
+}
+
+
+/****************************************************************************
+ *
+ * GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameGostR3410_2012GostR3411_2012_512, /* const xmlChar* name; */
+    xmlSecHrefGostR3410_2012GostR3411_2012_512, /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost3410_2012GostR3411_2012_512GetKlass:
+ *
+ * The GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ *
+ * Returns: GOST R 34.10-2012 - GOST R 34.11-2012 512 bit signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3410_2012GostR3411_2012_512GetKlass(void) {
+    return(&xmlSecOpenSSLGostR3410_2012GostR3411_2012_512Klass);
+}
 
-#endif /* XMLSEC_NO_GOST*/
+#endif /* XMLSEC_NO_GOST2012 */
 
 
diff --git a/src/skeleton/crypto.c b/src/skeleton/crypto.c
index 3be2064..f3d6da9 100644
--- a/src/skeleton/crypto.c
+++ b/src/skeleton/crypto.c
@@ -74,6 +74,7 @@ xmlSecCryptoGetFunctions_skeleton(void) {
 
 #ifndef XMLSEC_NO_GOST
     gXmlSecSkeletonFunctions->keyDataGost2001GetKlass   = xmlSecSkeletonKeyDataGost2001GetKlass;
+    gXmlSecSkeletonFunctions->keyDataGostR3410_2012GetKlass = xmlSecSkeletonKeyDataGostR3410_2012GetKlass;
 #endif /* XMLSEC_NO_GOST */
 
 #ifndef XMLSEC_NO_HMAC
@@ -161,10 +162,14 @@ xmlSecCryptoGetFunctions_skeleton(void) {
     /******************************* GOST ********************************/
 #ifndef XMLSEC_NO_GOST
     gXmlSecSkeletonFunctions->transformGost2001GostR3411_94GetKlass             = 
xmlSecSkeletonTransformGost2001GostR3411_94GetKlass;
+    gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_256GetKlass = 
xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_256GetKlass;
+    gXmlSecSkeletonFunctions->transformGostR3410_2012GostR3411_2012_512GetKlass = 
xmlSecSkeletonTransformGostR3410_2012GostR3411_2012_512GetKlass;
 #endif /* XMLSEC_GOST */
 
 #ifndef XMLSEC_NO_GOST
     gXmlSecSkeletonFunctions->transformGostR3411_94GetKlass             = 
xmlSecSkeletonTransformGostR3411_94GetKlass;
+    gXmlSecSkeletonFunctions->transformGostR3411_2012_256GetKlass       = 
xmlSecSkeletonTransformGostR3411_2012_256GetKlass;
+    gXmlSecSkeletonFunctions->transformGostR3411_2012_512GetKlass       = 
xmlSecSkeletonTransformGostR3411_2012_512GetKlass;
 #endif /* XMLSEC_NO_GOST */
 
     /******************************* HMAC ********************************/
diff --git a/src/strings.c b/src/strings.c
index f746f4d..818fd28 100644
--- a/src/strings.c
+++ b/src/strings.c
@@ -304,6 +304,26 @@ const xmlChar xmlSecHrefGost2001GostR3411_94[]          = "http://www.w3.org/200
 
 /*************************************************************************
  *
+ * GOST R 34.10-2012 strings
+ *
+ ************************************************************************/
+const xmlChar xmlSecNameGostR3410_2012_256KeyValue[]              = "gostr34102012-256";
+const xmlChar xmlSecNodeGostR3410_2012_256KeyValue[]              = "gostr34102012-256";
+const xmlChar xmlSecHrefGostR3410_2012_256KeyValue[]              = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-256";
+
+const xmlChar xmlSecNameGostR3410_2012_512KeyValue[]              = "gostr34102012-512";
+const xmlChar xmlSecNodeGostR3410_2012_512KeyValue[]              = "gostr34102012-512";
+const xmlChar xmlSecHrefGostR3410_2012_512KeyValue[]              = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-512";
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.6 */
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_256[]    = "gostr34102012-gostr34112012-256";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_256[]    = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3410_2012GostR3411_2012_512[]    = "gostr34102012-gostr34112012-512";
+const xmlChar xmlSecHrefGostR3410_2012GostR3411_2012_512[]    = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512";
+
+/*************************************************************************
+ *
  * DSA strings
  *
  ************************************************************************/
@@ -504,6 +524,20 @@ const xmlChar xmlSecHrefGostR3411_94[]                  = "http://www.w3.org/200
 
 /*************************************************************************
  *
+ * GOST R 34.11-2012 strings
+ *
+ ************************************************************************/
+
+/* see http://tools.ietf.org/html/draft-chudov-cryptopro-cpxmldsig-09#section-6.2 */
+const xmlChar xmlSecNameGostR3411_2012_256[]                  = "gostr34112012-256";
+const xmlChar xmlSecHrefGostR3411_2012_256[]                  = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256";
+
+const xmlChar xmlSecNameGostR3411_2012_512[]                  = "gostr34112012-512";
+const xmlChar xmlSecHrefGostR3411_2012_512[]                  = 
"urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512";
+
+
+/*************************************************************************
+ *
  * SHA1 strings
  *
  ************************************************************************/
diff --git a/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml 
b/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml
new file mode 100644
index 0000000..765ea39
--- /dev/null
+++ b/tests/aleksey-xmldsig-01/enveloping-gost2012-256.xml
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="utf-8"?><outer><inner Id="obj1">Here is some data to sign.<Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod 
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-256"/><Reference 
Id="refId123456" URI=""><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></Transforms><DigestMethod 
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-256"/><DigestValue>1EBEnqCZUd8rJWCaHTc+ytnVkD0VTmk8tk0pne61Aps=</DigestValue></Reference></SignedInfo><SignatureValue>6MdaXUBxBfpy3ziCeAIMrmUlZA4M2LVkHKeoXLt27B/p3oej1DMSNLd5U0D0idirFRvylToogb/mwryyyQ0Iiw==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIBRzCB86ADAgECAhDYvceOSjlEUQPqYpNAPDZlMAwGCCqFAwcBAQMCBQAwITEfMB0GA1UEAxMWZ29zdC0yMDEyLTI1Ni
 
10ZXN0LTAwMTAeFw0xMzEyMDkxNDIzMTlaFw0zOTEyMzEyMzU5NTlaMCExHzAdBgNVBAMTFmdvc3QtMjAxMi0yNTYtdGVzdC0wMDEwZjAfBggqhQMHAQEBATATBgcqhQMCAiMBBggqhQMHAQECAgNDAARAd6J9ff29w6XQsUDdggB1LCYM2oDRrlrg3mPZB+NXNsyZmO1WHCDHw01UIW+Jq9ReLxWCkHYA+TTMfmciE1F0rjAMBggqhQMHAQEDAgUAA0EAPoJj9VFY7DeVWDWuoH7Jrv9xUNMFCxSYPVn0Tpf40jVBu4+46sHuS8ShK+sqJu5rGEQse2UhAIzMBvw8AfHysA==</X509Certificate></X509Data><KeyValue><cpxmlsec:GOSTKeyValue
 
xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"><cpxmlsec:PublicKey>BEB3on19/b3DpdCxQN2CAHUsJgzagNGuWuDeY9kH41c2zJmY7VYcIMfDTVQhb4mr1F4vFYKQdgD5NMx+ZyITUXSu</cpxmlsec:PublicKey><cpxmlsec:PublicKeyParameters><cpxmlsec:publicKeyParamSet>1.2.643.2.2.35.1</cpxmlsec:publicKeyParamSet><cpxmlsec:digestParamSet>1.2.643.7.1.1.2.2</cpxmlsec:digestParamSet></cpxmlsec:PublicKeyParameters></cpxmlsec:GOSTKeyValue></KeyValue></KeyInfo></Signature></inner></outer>
\ No newline at end of file
diff --git a/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml 
b/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml
new file mode 100644
index 0000000..ff3ba50
--- /dev/null
+++ b/tests/aleksey-xmldsig-01/enveloping-gots2012-512.xml
@@ -0,0 +1 @@
+<outer><inner Id="obj1">Here is some data to sign.<Signature 
xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod 
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102012-gostr34112012-512"/><Reference 
Id="refId123456" URI=""><Transforms><Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></Transforms><DigestMethod 
Algorithm="urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34112012-512"/><DigestValue>IRFRnY9xTD+FxJ65FCmoapu5+O7BipRrgliXBA5mURl38b3sf5pqHtVykI4y/xLebQJzOewrBNV1OKUjsaq00w==</DigestValue></Reference></SignedInfo><SignatureValue>82t15yts413kkZbN/1xnBiC+vWqvA/7ejEaHjWPog7V/CmP62P28rCVfu6uZ3nsk+/F2CvdGLNw8fNUkoaKcCYWmrPrhcsxM/g1LZxwQJVwwmSK2RRcJA5wU/4AIafB4wkO1Gc31sRYxeg7SeC//ia4frC9EZFuZvuVesAHkPq0=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIB
 
zjCCATigAwIBAgIQaLzR+6Byrz72SsBV3IMTCjAMBggqhQMHAQEDAwUAMCExHzAdBgNVBAMTFmdvc3QtMjAxMi01MTItdGVzdC0wMDMwHhcNMTMxMjA5MTQzMjU4WhcNMzkxMjMxMjM1OTU5WjAhMR8wHQYDVQQDExZnb3N0LTIwMTItNTEyLXRlc3QtMDAzMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAQYIKoUDBwEBAgMDgYQABIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTvshe3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64wDAYIKoUDBwEBAwMFAAOBgQB7rFkFr9uG2WTVkebjOXRuxNkL1orfzo6VRO4JhHARjfjQvHEq892f2iUEsJxO//xjgFxBQx3h6gAsaNZZzKXzsuxpfrwrTR/tAXz2qzJiMR0iY4JMp6EG2GkjsIymUt+JZGf0kjVR7s3zDih3mc9S5bqF0aLXcL+4H4JZm19yCw==</X509Certificate></X509Data><KeyValue><cpxmlsec:GOSTKeyValue
 
xmlns:cpxmlsec="urn:ietf:params:xml:ns:cpxmlsec"><cpxmlsec:PublicKey>BIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTvshe3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64=</cpxmlsec:PublicKey><cpxmlsec:PublicKeyParameters><cpxmlsec:p
 
ublicKeyParamSet>1.2.643.7.1.2.1.2.1</cpxmlsec:publicKeyParamSet><cpxmlsec:digestParamSet>1.2.643.7.1.1.2.3</cpxmlsec:digestParamSet></cpxmlsec:PublicKeyParameters></cpxmlsec:GOSTKeyValue></KeyValue></KeyInfo></Signature></inner></outer>
\ No newline at end of file
diff --git a/tests/keys/gost2012_256.pem b/tests/keys/gost2012_256.pem
new file mode 100644
index 0000000..d70326c
--- /dev/null
+++ b/tests/keys/gost2012_256.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE-----
+MIIBRzCB86ADAgECAhDYvceOSjlEUQPqYpNAPDZlMAwGCCqFAwcBAQMCBQAwITEfMB0GA1UEAxMW
+Z29zdC0yMDEyLTI1Ni10ZXN0LTAwMTAeFw0xMzEyMDkxNDIzMTlaFw0zOTEyMzEyMzU5NTlaMCEx
+HzAdBgNVBAMTFmdvc3QtMjAxMi0yNTYtdGVzdC0wMDEwZjAfBggqhQMHAQEBATATBgcqhQMCAiMB
+BggqhQMHAQECAgNDAARAd6J9ff29w6XQsUDdggB1LCYM2oDRrlrg3mPZB+NXNsyZmO1WHCDHw01U
+IW+Jq9ReLxWCkHYA+TTMfmciE1F0rjAMBggqhQMHAQEDAgUAA0EAPoJj9VFY7DeVWDWuoH7Jrv9x
+UNMFCxSYPVn0Tpf40jVBu4+46sHuS8ShK+sqJu5rGEQse2UhAIzMBvw8AfHysA==
+-----END CERTIFICATE-----
diff --git a/tests/keys/gost2012_512.pem b/tests/keys/gost2012_512.pem
new file mode 100644
index 0000000..e1dc33b
--- /dev/null
+++ b/tests/keys/gost2012_512.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBzjCCATigAwIBAgIQaLzR+6Byrz72SsBV3IMTCjAMBggqhQMHAQEDAwUAMCExHzAdBgNVBAMT
+Fmdvc3QtMjAxMi01MTItdGVzdC0wMDMwHhcNMTMxMjA5MTQzMjU4WhcNMzkxMjMxMjM1OTU5WjAh
+MR8wHQYDVQQDExZnb3N0LTIwMTItNTEyLXRlc3QtMDAzMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcB
+AgECAQYIKoUDBwEBAgMDgYQABIGAYU+aJU4/ouaeqbL6A3a1KeiCaurafF6NwsCX4W/tjSHOTaTv
+she3MqCDYGgWC6OQ1a8RWYunTtI8Tf0wmUVPO4ltgDCg4qwnJsKMzNWnDRK+OWNuXE7kJuFCjnM0
+TTbdP8DlXyXO9v9D17613FcBnrz189UkxpSGZp7M+c81B64wDAYIKoUDBwEBAwMFAAOBgQB7rFkF
+r9uG2WTVkebjOXRuxNkL1orfzo6VRO4JhHARjfjQvHEq892f2iUEsJxO//xjgFxBQx3h6gAsaNZZ
+zKXzsuxpfrwrTR/tAXz2qzJiMR0iY4JMp6EG2GkjsIymUt+JZGf0kjVR7s3zDih3mc9S5bqF0aLX
+cL+4H4JZm19yCw==
+-----END CERTIFICATE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]