Refactor gost-engine cipher implementation to use internal cipher contexts

[VladGud]

Refactor gost-engine cipher implementation to use internal cipher contexts

Issue Summary

Refactor the cipher implementation in gost_crypt.c, gost_grasshopper_cipher.c, and related cipher files to use internal cipher contexts exclusively, removing dependencies on EVP_CIPHER and EVP_CIPHER_CTX. Eliminate usage of deprecated IV accessors like EVP_CIPHER_CTX_iv, EVP_CIPHER_CTX_iv_noconst, EVP_CIPHER_CTX_original_iv.

Problem Description

The current cipher code relies on EVP_CIPHER_CTX and legacy EVP wrappers, which are incompatible with OpenSSL builds disabling deprecated functionality. Cipher operations are tied to EVP contexts, preventing pure provider implementations. Additionally, deprecated IV accessor functions (EVP_CIPHER_CTX_iv, EVP_CIPHER_CTX_iv_noconst, EVP_CIPHER_CTX_original_iv) are used extensively in gost_grasshopper_cipher.c and other files, adding further incompatibility.

Current Implementation

• Cipher functions like gost_cipher_do_cfb, gost_grasshopper_cipher_do_ctr, etc., take EVP_CIPHER_CTX * as the first parameter
• Contexts are extracted from EVP wrappers: struct ossl_gost_cipher_ctx *c = EVP_CIPHER_CTX_get_cipher_data(ctx)
• IV management uses deprecated accessors: EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_original_iv(ctx)
• Methods are defined in GOST_cipher structure with EVP-dependent signatures

Required Changes

1. Extend GOST_cipher structure

• Add new provider-native method pointers to struct gost_cipher_st in gost_lcl.h:
  • int (*init_direct) (void *cipher_data, ...)
  • int (*do_cipher_direct)(void *cipher_data, ...)
  • int (*cleanup_direct)(void *cipher_data)
  • int (*set_asn1_parameters_direct)(void *cipher_data, ASN1_TYPE *)
  • int (*get_asn1_parameters_direct)(void *cipher_data, ASN1_TYPE *)
  • int (*ctrl_direct)(void *cipher_data, int type, int arg, void *ptr)
• Keep existing EVP-based methods for backward compatibility

2. Implement direct method variants

• For each cipher method in gost_crypt.c, gost_grasshopper_cipher.c, gost_magma_cipher.c, etc., create a _direct variant that takes struct ossl_gost_cipher_ctx * directly
• Extract cipher logic from EVP wrappers into direct functions
• Replace deprecated IV accessors with direct manipulation of internal context fields (e.g., store IV in cipher_data)
• Examples:
  • gost_cipher_do_cfb_direct(struct ossl_gost_cipher_ctx *c, ...)
  • gost_grasshopper_cipher_do_ctr_direct(struct gost_grasshopper_cipher_ctx *c, ...)
  • magma_cipher_do_ctr_direct(struct ossl_gost_cipher_ctx *c, ...)

3. Update existing EVP methods

• Modify current EVP-based methods to delegate to direct variants
• Example: gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, ...) calls gost_cipher_do_cfb_direct(c, ...)

4. Update cipher descriptors

• Populate new direct method pointers in GOST_cipher instances (e.g., Gost28147_89_cipher, grasshopper_cbc_cipher)

Files to Modify

• gost_lcl.h: Extend struct gost_cipher_st with direct method pointers
• gost_crypt.c: Implement _direct variants for all cipher methods; remove EVP dependencies; replace deprecated IV accessors with internal storage
• gost_grasshopper_cipher.c: Implement direct variants for grasshopper ciphers; remove EVP dependencies; replace deprecated IV accessors with internal storage

Acceptance Criteria

• All cipher methods have direct variants that operate without EVP_CIPHER_CTX
• Deprecated IV accessors are eliminated; IV managed internally
• Cipher logic is isolated from EVP wrappers
• Builds succeed with internal contexts

Testing

• Unit tests for cipher operations pass with direct methods
• Integration tests for encryption/decryption work
• Compatibility with existing EVP-based usage maintained