Remove win32 support in SoftHSMv2

Due to license issue, we have to remove win32 support in SoftHSMv2.

Issue-ID: AAF-151
Change-Id: I31dda45ed84065819e26be8205747dd096a37432
Signed-off-by: NingSun <ning.sun@intel.com>

15 files changed, 410 insertions, 221 deletions

diff --git a/SoftHSMv2/src/lib/Makefile.am b/SoftHSMv2/src/lib/Makefile.am
index f3f5bb4..c579d62 100644
--- a/SoftHSMv2/src/lib/Makefile.am
+++ b/SoftHSMv2/src/lib/Makefile.am
@@ -46,7 +46,4 @@ SUBDIRS = 			common \
 				test
 
 EXTRA_DIST =			$(srcdir)/*.h \
-				$(srcdir)/pkcs11/*.h \
-				$(srcdir)/win32/*.cc \
-				$(srcdir)/win32/*.cpp \
-				$(srcdir)/win32/*.h
+				$(srcdir)/pkcs11/*.h 
diff --git a/SoftHSMv2/src/lib/SoftHSM.cpp b/SoftHSMv2/src/lib/SoftHSM.cpp
index b06efc2..7a23a8a 100644
--- a/SoftHSMv2/src/lib/SoftHSM.cpp
+++ b/SoftHSMv2/src/lib/SoftHSM.cpp
@@ -6131,6 +6131,11 @@ CK_RV SoftHSM::C_WrapKey
 				alg = AsymAlgo::ECDSA;
 				break;
 #endif
+#ifdef WITH_GOST
+			case CKK_GOSTR3410:
+				alg = AsymAlgo::GOST;
+				break;
+#endif
 			default:
 				return CKR_KEY_NOT_WRAPPABLE;
 		}
@@ -6160,6 +6165,11 @@ CK_RV SoftHSM::C_WrapKey
 				rv = getECPrivateKey((ECPrivateKey*)privateKey, token, key);
 				break;
 #endif
+#ifdef WITH_GOST
+			case CKK_GOSTR3410:
+				rv = getGOSTPrivateKey((GOSTPrivateKey*)privateKey, token, key);
+				break;
+#endif
 		}
 		if (rv != CKR_OK)
 		{
@@ -6568,10 +6578,18 @@ CK_RV SoftHSM::C_UnwrapKey
 			{
 				bOK = bOK && setDHPrivateKey(osobject, keydata, token, isPrivate != CK_FALSE);
 			}
+#ifdef WITH_ECC
 			else if (keyType == CKK_EC)
 			{
 				bOK = bOK && setECPrivateKey(osobject, keydata, token, isPrivate != CK_FALSE);
 			}
+#endif
+#ifdef WITH_GOST
+			else if (keyType == CKK_GOSTR3410)
+			{
+				bOK = bOK && setGOSTPrivateKey(osobject, keydata, token, isPrivate != CK_FALSE);
+			}
+#endif
 			else
 				bOK = false;
 
@@ -11083,6 +11101,7 @@ bool SoftHSM::setDHPrivateKey(OSObject* key, const ByteString &ber, Token* token
 
 	return bOK;
 }
+
 bool SoftHSM::setECPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const
 {
 	AsymmetricAlgorithm* ecc = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::ECDSA);
@@ -11123,6 +11142,46 @@ bool SoftHSM::setECPrivateKey(OSObject* key, const ByteString &ber, Token* token
 	return bOK;
 }
 
+bool SoftHSM::setGOSTPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const
+{
+	AsymmetricAlgorithm* gost = CryptoFactory::i()->getAsymmetricAlgorithm(AsymAlgo::GOST);
+	if (gost == NULL)
+		return false;
+	PrivateKey* priv = gost->newPrivateKey();
+	if (priv == NULL)
+	{
+		CryptoFactory::i()->recycleAsymmetricAlgorithm(gost);
+		return false;
+	}
+	if (!priv->PKCS8Decode(ber))
+	{
+		gost->recyclePrivateKey(priv);
+		CryptoFactory::i()->recycleAsymmetricAlgorithm(gost);
+		return false;
+	}
+	// GOST Private Key Attributes
+	ByteString value;
+	ByteString param_a;
+	if (isPrivate)
+	{
+		token->encrypt(((GOSTPrivateKey*)priv)->getD(), value);
+		token->encrypt(((GOSTPrivateKey*)priv)->getEC(), param_a);
+	}
+	else
+	{
+		value = ((GOSTPrivateKey*)priv)->getD();
+		param_a = ((GOSTPrivateKey*)priv)->getEC();
+	}
+	bool bOK = true;
+	bOK = bOK && key->setAttribute(CKA_VALUE, value);
+	bOK = bOK && key->setAttribute(CKA_GOSTR3410_PARAMS, param_a);
+
+	gost->recyclePrivateKey(priv);
+	CryptoFactory::i()->recycleAsymmetricAlgorithm(gost);
+
+	return bOK;
+}
+
 CK_RV SoftHSM::MechParamCheckRSAPKCSOAEP(CK_MECHANISM_PTR pMechanism)
 {
 	// This is a programming error
diff --git a/SoftHSMv2/src/lib/SoftHSM.h b/SoftHSMv2/src/lib/SoftHSM.h
index 19909e4..70d497a 100644
--- a/SoftHSMv2/src/lib/SoftHSM.h
+++ b/SoftHSMv2/src/lib/SoftHSM.h
@@ -391,6 +391,7 @@ private:
 	bool setDSAPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
 	bool setDHPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
 	bool setECPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
+	bool setGOSTPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
 
 
 	CK_RV WrapKeyAsym
diff --git a/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp b/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp
index 890f135..e5bb3b4 100644
--- a/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp
+++ b/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp
@@ -38,6 +38,12 @@
 #include "BotanRNG.h"
 #include "BotanUtil.h"
 #include <string.h>
+#include <botan/pkcs8.h>
+#include <botan/ber_dec.h>
+#include <botan/der_enc.h>
+#include <botan/asn1_oid.h>
+#include <botan/oids.h>
+#include <botan/version.h>
 
 // Constructors
 BotanGOSTPrivateKey::BotanGOSTPrivateKey()
@@ -151,14 +157,93 @@ bool BotanGOSTPrivateKey::deserialise(ByteString& serialised)
 ByteString BotanGOSTPrivateKey::PKCS8Encode()
 {
 	ByteString der;
-	// TODO
-	return der;
+	createBotanKey();
+	if (eckey == NULL) return der;
+	// Force EC_DOMPAR_ENC_OID
+	const size_t PKCS8_VERSION = 0;
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(2,0,0)
+	const std::vector<Botan::byte> parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID);
+	const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters);
+	const Botan::secure_vector<Botan::byte> ber =
+		Botan::DER_Encoder()
+		.start_cons(Botan::SEQUENCE)
+		    .encode(PKCS8_VERSION)
+		    .encode(alg_id)
+		    .encode(eckey->private_key_bits(), Botan::OCTET_STRING)
+		.end_cons()
+	    .get_contents();
+#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)
+	const std::vector<Botan::byte> parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID);
+	const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters);
+	const Botan::secure_vector<Botan::byte> ber =
+		Botan::DER_Encoder()
+		.start_cons(Botan::SEQUENCE)
+		    .encode(PKCS8_VERSION)
+		    .encode(alg_id)
+		    .encode(eckey->pkcs8_private_key(), Botan::OCTET_STRING)
+		.end_cons()
+	    .get_contents();
+#else
+	const Botan::MemoryVector<Botan::byte> parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID);
+	const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters);
+	const Botan::SecureVector<Botan::byte> ber =
+		Botan::DER_Encoder()
+		.start_cons(Botan::SEQUENCE)
+		.encode(PKCS8_VERSION)
+		    .encode(alg_id)
+		    .encode(eckey->pkcs8_private_key(), Botan::OCTET_STRING)
+		.end_cons()
+	    .get_contents();
+#endif
+	der.resize(ber.size());
+	memcpy(&der[0], &ber[0], ber.size());
+        return der;
 }
 
 // Decode from PKCS#8 BER
-bool BotanGOSTPrivateKey::PKCS8Decode(const ByteString& /*ber*/)
+bool BotanGOSTPrivateKey::PKCS8Decode(const ByteString& ber)
 {
-	return false;
+	Botan::DataSource_Memory source(ber.const_byte_str(), ber.size());
+	if (source.end_of_data()) return false;
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0)
+	Botan::secure_vector<Botan::byte> keydata;
+#else
+	Botan::SecureVector<Botan::byte> keydata;
+#endif
+	Botan::AlgorithmIdentifier alg_id;
+	Botan::GOST_3410_PrivateKey* key = NULL;
+	try
+	{
+		Botan::BER_Decoder(source)
+		.start_cons(Botan::SEQUENCE)
+			.decode_and_check<size_t>(0, "Unknown PKCS #8 version number")
+			.decode(alg_id)
+			.decode(keydata, Botan::OCTET_STRING)
+			.discard_remaining()
+		.end_cons();
+		if (keydata.empty())
+			throw Botan::Decoding_Error("PKCS #8 private key decoding failed");
+		if (Botan::OIDS::lookup(alg_id.oid).compare("GOST-34.10"))
+		{
+			ERROR_MSG("Decoded private key not GOST-34.10");
+
+			return false;
+		}
+		key = new Botan::GOST_3410_PrivateKey(alg_id, keydata);
+		if (key == NULL) return false;
+
+		setFromBotan(key);
+
+		delete key;
+	}
+	catch (std::exception& e)
+	{
+		ERROR_MSG("Decode failed on %s", e.what());
+
+		return false;
+	}
+
+	return true;
 }
 
 // Retrieve the Botan representation of the key
diff --git a/SoftHSMv2/src/lib/crypto/OSSLGOSTPrivateKey.cpp b/SoftHSMv2/src/lib/crypto/OSSLGOSTPrivateKey.cpp
index 6371e8f..a68b720 100644
--- a/SoftHSMv2/src/lib/crypto/OSSLGOSTPrivateKey.cpp
+++ b/SoftHSMv2/src/lib/crypto/OSSLGOSTPrivateKey.cpp
@@ -36,6 +36,7 @@
 #include "OSSLGOSTPrivateKey.h"
 #include "OSSLUtil.h"
 #include <string.h>
+#include <openssl/x509.h>
 #include <openssl/ec.h>
 
 // DER of a private key
@@ -172,13 +173,36 @@ bool OSSLGOSTPrivateKey::deserialise(ByteString& serialised)
 ByteString OSSLGOSTPrivateKey::PKCS8Encode()
 {
 	ByteString der;
-	// TODO
+	if (pkey == NULL) return der;
+	PKCS8_PRIV_KEY_INFO* p8inf = EVP_PKEY2PKCS8(pkey);
+	if (p8inf == NULL) return der;
+	int len = i2d_PKCS8_PRIV_KEY_INFO(p8inf, NULL);
+	if (len < 0)
+	{
+		PKCS8_PRIV_KEY_INFO_free(p8inf);
+		return der;
+	}
+	der.resize(len);
+	unsigned char* priv = &der[0];
+	int len2 = i2d_PKCS8_PRIV_KEY_INFO(p8inf, &priv);
+	PKCS8_PRIV_KEY_INFO_free(p8inf);
+	if (len2 != len) der.wipe();
 	return der;
 }
 
 // Decode from PKCS#8 BER
-bool OSSLGOSTPrivateKey::PKCS8Decode(const ByteString& /*ber*/)
+bool OSSLGOSTPrivateKey::PKCS8Decode(const ByteString& ber)
 {
-	return false;
+	int len = ber.size();
+	if (len <= 0) return false;
+	const unsigned char* priv = ber.const_byte_str();
+	PKCS8_PRIV_KEY_INFO* p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &priv, len);
+	if (p8 == NULL) return false;
+	EVP_PKEY* key = EVP_PKCS82PKEY(p8);
+	PKCS8_PRIV_KEY_INFO_free(p8);
+	if (key == NULL) return false;
+	setFromOSSL(key);
+	EVP_PKEY_free(key);
+	return true;
 }
 #endif
diff --git a/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp b/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
index 91f6876..50d42e0 100644
--- a/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
+++ b/SoftHSMv2/src/lib/crypto/test/GOSTTests.cpp
@@ -264,6 +264,40 @@ void GOSTTests::testSerialisation()
 	gost->recycleKeyPair(dKP);
 }
 
+void GOSTTests::testPKCS8()
+{
+	AsymmetricKeyPair* kp;
+	ECParameters *p;
+	ByteString curve = "06072a850302022301";
+
+	// Get parameters
+	p = new ECParameters;
+	CPPUNIT_ASSERT(p != NULL);
+	p->setEC(curve);
+
+	// Generate key-pair
+	CPPUNIT_ASSERT(gost->generateKeyPair(&kp, p));
+	CPPUNIT_ASSERT(kp != NULL);
+
+	GOSTPrivateKey* priv = (GOSTPrivateKey*) kp->getPrivateKey();
+	CPPUNIT_ASSERT(priv != NULL);
+
+	// Encode and decode the private key
+	ByteString pkcs8 = priv->PKCS8Encode();
+	CPPUNIT_ASSERT(pkcs8.size() != 0);
+
+	GOSTPrivateKey* dPriv = (GOSTPrivateKey*) gost->newPrivateKey();
+	CPPUNIT_ASSERT(dPriv != NULL);
+
+	CPPUNIT_ASSERT(dPriv->PKCS8Decode(pkcs8));
+
+	CPPUNIT_ASSERT(priv->getD() == dPriv->getD());
+	CPPUNIT_ASSERT(priv->getEC() == dPriv->getEC());
+
+	gost->recycleKeyPair(kp);
+	gost->recyclePrivateKey(dPriv);
+}
+
 void GOSTTests::testSigningVerifying()
 {
 	AsymmetricKeyPair* kp;
diff --git a/SoftHSMv2/src/lib/crypto/test/GOSTTests.h b/SoftHSMv2/src/lib/crypto/test/GOSTTests.h
index f243392..ac6bf01 100644
--- a/SoftHSMv2/src/lib/crypto/test/GOSTTests.h
+++ b/SoftHSMv2/src/lib/crypto/test/GOSTTests.h
@@ -47,6 +47,7 @@ class GOSTTests : public CppUnit::TestFixture
 	CPPUNIT_TEST(testHashKnownVector);
 	CPPUNIT_TEST(testKeyGeneration);
 	CPPUNIT_TEST(testSerialisation);
+	CPPUNIT_TEST(testPKCS8);
 	CPPUNIT_TEST(testSigningVerifying);
 	CPPUNIT_TEST(testSignVerifyKnownVector);
 	CPPUNIT_TEST_SUITE_END();
@@ -57,6 +58,7 @@ public:
 	void testHashKnownVector();
 	void testKeyGeneration();
 	void testSerialisation();
+	void testPKCS8();
 	void testSigningVerifying();
 	void testSignVerifyKnownVector();
 
diff --git a/SoftHSMv2/src/lib/test/Makefile.am b/SoftHSMv2/src/lib/test/Makefile.am
index 4345878..3723399 100644
--- a/SoftHSMv2/src/lib/test/Makefile.am
+++ b/SoftHSMv2/src/lib/test/Makefile.am
@@ -35,6 +35,4 @@ p11test_LDFLAGS = 		@CRYPTO_LIBS@ @CPPUNIT_LIBS@ -no-install -pthread -static
 TESTS = 			p11test
 
 EXTRA_DIST =			$(srcdir)/*.h \
-				$(srcdir)/softhsm2-alt.conf.win32 \
-				$(srcdir)/softhsm2.conf.win32 \
 				$(srcdir)/tokens/dummy.in
diff --git a/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.cpp b/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.cpp
index f301c73..bbc340c 100644
--- a/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.cpp
+++ b/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.cpp
@@ -370,7 +370,54 @@ CK_RV SymmetricAlgorithmTests::generateRsaPrivateKey(CK_SESSION_HANDLE hSession,
 	return rv;
 }
 
-void SymmetricAlgorithmTests::aesWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+#ifdef WITH_GOST
+CK_RV SymmetricAlgorithmTests::generateGostPrivateKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey)
+{
+	CK_MECHANISM mechanism = { CKM_GOSTR3410_KEY_PAIR_GEN, NULL_PTR, 0 };
+	CK_BYTE param_a[] = { 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x01 };
+	CK_BYTE param_b[] = { 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x01 };
+	CK_BYTE subject[] = { 0x12, 0x34 }; // dummy
+	CK_BYTE id[] = { 123 } ; // dummy
+	CK_BBOOL bFalse = CK_FALSE;
+	CK_BBOOL bTrue = CK_TRUE;
+	CK_ATTRIBUTE pubAttribs[] = {
+		{ CKA_TOKEN, &bToken, sizeof(bToken) },
+		{ CKA_PRIVATE, &bPrivate, sizeof(bPrivate) },
+		{ CKA_ENCRYPT, &bFalse, sizeof(bFalse) },
+		{ CKA_VERIFY, &bTrue, sizeof(bTrue) },
+		{ CKA_WRAP, &bFalse, sizeof(bFalse) },
+		{ CKA_GOSTR3410_PARAMS, &param_a[0], sizeof(param_a) },
+		{ CKA_GOSTR3411_PARAMS, &param_b[0], sizeof(param_b) }
+	};
+	CK_ATTRIBUTE privAttribs[] = {
+		{ CKA_TOKEN, &bToken, sizeof(bToken) },
+		{ CKA_PRIVATE, &bPrivate, sizeof(bPrivate) },
+		{ CKA_SUBJECT, &subject[0], sizeof(subject) },
+		{ CKA_ID, &id[0], sizeof(id) },
+		{ CKA_SENSITIVE, &bTrue, sizeof(bTrue) },
+		{ CKA_DECRYPT, &bFalse, sizeof(bFalse) },
+		{ CKA_SIGN, &bTrue, sizeof(bTrue) },
+		{ CKA_UNWRAP, &bFalse, sizeof(bFalse) },
+		{ CKA_SENSITIVE, &bFalse, sizeof(bFalse) },
+		{ CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }
+	};
+
+	CK_OBJECT_HANDLE hPub = CK_INVALID_HANDLE;
+	hKey = CK_INVALID_HANDLE;
+	CK_RV rv;
+	rv = CRYPTOKI_F_PTR( C_GenerateKeyPair(hSession, &mechanism,
+			       pubAttribs, sizeof(pubAttribs)/sizeof(CK_ATTRIBUTE),
+			       privAttribs, sizeof(privAttribs)/sizeof(CK_ATTRIBUTE),
+			       &hPub, &hKey) );
+	if (hPub != CK_INVALID_HANDLE)
+	{
+		CRYPTOKI_F_PTR( C_DestroyObject(hSession, hPub) );
+	}
+	return rv;
+}
+#endif
+
+void SymmetricAlgorithmTests::aesWrapUnwrapGeneric(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
 {
 	CK_MECHANISM mechanism = { mechanismType, NULL_PTR, 0 };
 	CK_BBOOL bFalse = CK_FALSE;
@@ -455,54 +502,61 @@ void SymmetricAlgorithmTests::aesWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_
 	wrappedPtr = NULL_PTR;
 	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hSecret) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
+}
 
-	CK_OBJECT_HANDLE hRsa;
-	hRsa = CK_INVALID_HANDLE;
-	rv = generateRsaPrivateKey(hSession, CK_TRUE, CK_TRUE, hRsa);
+void SymmetricAlgorithmTests::aesWrapUnwrapRsa(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+{
+	CK_MECHANISM mechanism = { mechanismType, NULL_PTR, 0 };
+	CK_BBOOL bFalse = CK_FALSE;
+	CK_BBOOL bTrue = CK_TRUE;
+	CK_OBJECT_HANDLE hPrk = CK_INVALID_HANDLE;
+	CK_RV rv = generateRsaPrivateKey(hSession, CK_TRUE, CK_TRUE, hPrk);
 	CPPUNIT_ASSERT(rv == CKR_OK);
-	CPPUNIT_ASSERT(hRsa != CK_INVALID_HANDLE);
+	CPPUNIT_ASSERT(hPrk != CK_INVALID_HANDLE);
 
 	CK_OBJECT_CLASS privateClass = CKO_PRIVATE_KEY;
-	CK_KEY_TYPE rsaKeyType = CKK_RSA;
-	CK_BYTE_PTR p2Ptr = NULL_PTR;
-	CK_ULONG p2Len = 0UL;
-	CK_ATTRIBUTE rsaAttribs[] = {
+	CK_KEY_TYPE keyType = CKK_RSA;
+	CK_BYTE_PTR prkAttrPtr = NULL_PTR;
+	CK_ULONG prkAttrLen = 0UL;
+	CK_ATTRIBUTE prkAttribs[] = {
 		{ CKA_CLASS, &privateClass, sizeof(privateClass) },
-		{ CKA_KEY_TYPE, &rsaKeyType, sizeof(rsaKeyType) },
+		{ CKA_KEY_TYPE, &keyType, sizeof(keyType) },
 		{ CKA_PRIME_2, NULL_PTR, 0UL }
 	};
 
-	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)) );
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 
-	CPPUNIT_ASSERT(rsaAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
-	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)rsaAttribs[0].pValue == CKO_PRIVATE_KEY);
-	CPPUNIT_ASSERT(rsaAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
-	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)rsaAttribs[1].pValue == CKK_RSA);
+	CPPUNIT_ASSERT(prkAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
+	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)prkAttribs[0].pValue == CKO_PRIVATE_KEY);
+	CPPUNIT_ASSERT(prkAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
+	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)prkAttribs[1].pValue == CKK_RSA);
 
-	p2Len = rsaAttribs[2].ulValueLen;
-	p2Ptr = (CK_BYTE_PTR) malloc(2 * p2Len);
-	CPPUNIT_ASSERT(p2Ptr != NULL_PTR);
-	rsaAttribs[2].pValue = p2Ptr;
-	rsaAttribs[2].ulValueLen = p2Len;
+	prkAttrLen = prkAttribs[2].ulValueLen;
+	prkAttrPtr = (CK_BYTE_PTR) malloc(2 * prkAttrLen);
+	CPPUNIT_ASSERT(prkAttrPtr != NULL_PTR);
+	prkAttribs[2].pValue = prkAttrPtr;
+	prkAttribs[2].ulValueLen = prkAttrLen;
 
-	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)) );
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
-	CPPUNIT_ASSERT(rsaAttribs[2].ulValueLen == p2Len);
+	CPPUNIT_ASSERT(prkAttribs[2].ulValueLen == prkAttrLen);
 
-	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hRsa, wrappedPtr, &wrappedLen) );
+	CK_BYTE_PTR wrappedPtr = NULL_PTR;
+	CK_ULONG wrappedLen = 0UL;
+	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hPrk, wrappedPtr, &wrappedLen) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 	wrappedPtr = (CK_BYTE_PTR) malloc(wrappedLen);
 	CPPUNIT_ASSERT(wrappedPtr != NULL_PTR);
-	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hRsa, wrappedPtr, &wrappedLen) );
+	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hPrk, wrappedPtr, &wrappedLen) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 
-	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hRsa) );
+	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hPrk) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 
-	CK_ATTRIBUTE nRsaAttribs[] = {
+	CK_ATTRIBUTE nPrkAttribs[] = {
 		{ CKA_CLASS, &privateClass, sizeof(privateClass) },
-		{ CKA_KEY_TYPE, &rsaKeyType, sizeof(rsaKeyType) },
+		{ CKA_KEY_TYPE, &keyType, sizeof(keyType) },
 		{ CKA_TOKEN, &bFalse, sizeof(bFalse) },
 		{ CKA_PRIVATE, &bTrue, sizeof(bTrue) },
 		{ CKA_DECRYPT, &bTrue, sizeof(bTrue) },
@@ -512,28 +566,114 @@ void SymmetricAlgorithmTests::aesWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_
 		{ CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }
 	};
 
-	hRsa = CK_INVALID_HANDLE;
-	rv = CRYPTOKI_F_PTR( C_UnwrapKey(hSession, &mechanism, hKey, wrappedPtr, wrappedLen, nRsaAttribs, sizeof(nRsaAttribs)/sizeof(CK_ATTRIBUTE), &hRsa) );
+	hPrk = CK_INVALID_HANDLE;
+	rv = CRYPTOKI_F_PTR( C_UnwrapKey(hSession, &mechanism, hKey, wrappedPtr, wrappedLen, nPrkAttribs, sizeof(nPrkAttribs)/sizeof(CK_ATTRIBUTE), &hPrk) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
-	CPPUNIT_ASSERT(hRsa != CK_INVALID_HANDLE);
+	CPPUNIT_ASSERT(hPrk != CK_INVALID_HANDLE);
 
-	rsaAttribs[2].pValue = p2Ptr + p2Len;
-	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)) );
+	prkAttribs[2].pValue = prkAttrPtr + prkAttrLen;
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 
-	CPPUNIT_ASSERT(rsaAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
-	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)rsaAttribs[0].pValue == CKO_PRIVATE_KEY);
-	CPPUNIT_ASSERT(rsaAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
-	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)rsaAttribs[1].pValue == CKK_RSA);
-	CPPUNIT_ASSERT(rsaAttribs[2].ulValueLen == p2Len);
-	CPPUNIT_ASSERT(memcmp(p2Ptr, p2Ptr + p2Len, p2Len) == 0);
+	CPPUNIT_ASSERT(prkAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
+	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)prkAttribs[0].pValue == CKO_PRIVATE_KEY);
+	CPPUNIT_ASSERT(prkAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
+	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)prkAttribs[1].pValue == CKK_RSA);
+	CPPUNIT_ASSERT(prkAttribs[2].ulValueLen == prkAttrLen);
+	CPPUNIT_ASSERT(memcmp(prkAttrPtr, prkAttrPtr + prkAttrLen, prkAttrLen) == 0);
 
 	free(wrappedPtr);
-	free(p2Ptr);
-	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hRsa) );
+	free(prkAttrPtr);
+	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hPrk) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 }
 
+#ifdef WITH_GOST
+void SymmetricAlgorithmTests::aesWrapUnwrapGost(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+{
+	CK_MECHANISM mechanism = { mechanismType, NULL_PTR, 0 };
+	CK_BBOOL bFalse = CK_FALSE;
+	CK_BBOOL bTrue = CK_TRUE;
+	CK_OBJECT_HANDLE hPrk = CK_INVALID_HANDLE;
+	CK_RV rv = generateGostPrivateKey(hSession, CK_TRUE, CK_TRUE, hPrk);
+	CPPUNIT_ASSERT(rv == CKR_OK);
+	CPPUNIT_ASSERT(hPrk != CK_INVALID_HANDLE);
+
+	CK_OBJECT_CLASS privateClass = CKO_PRIVATE_KEY;
+	CK_KEY_TYPE keyType = CKK_GOSTR3410;
+	CK_BYTE_PTR prkAttrPtr = NULL_PTR;
+	CK_ULONG prkAttrLen = 0UL;
+	CK_ATTRIBUTE prkAttribs[] = {
+		{ CKA_CLASS, &privateClass, sizeof(privateClass) },
+		{ CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+		{ CKA_VALUE, NULL_PTR, 0UL }
+	};
+
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+
+	CPPUNIT_ASSERT(prkAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
+	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)prkAttribs[0].pValue == CKO_PRIVATE_KEY);
+	CPPUNIT_ASSERT(prkAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
+	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)prkAttribs[1].pValue == CKK_GOSTR3410);
+
+	prkAttrLen = prkAttribs[2].ulValueLen;
+	prkAttrPtr = (CK_BYTE_PTR) malloc(2 * prkAttrLen);
+	CPPUNIT_ASSERT(prkAttrPtr != NULL_PTR);
+	prkAttribs[2].pValue = prkAttrPtr;
+	prkAttribs[2].ulValueLen = prkAttrLen;
+
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+	CPPUNIT_ASSERT(prkAttribs[2].ulValueLen == prkAttrLen);
+
+	CK_BYTE_PTR wrappedPtr = NULL_PTR;
+	CK_ULONG wrappedLen = 0UL;
+	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hPrk, wrappedPtr, &wrappedLen) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+	wrappedPtr = (CK_BYTE_PTR) malloc(wrappedLen);
+	CPPUNIT_ASSERT(wrappedPtr != NULL_PTR);
+	rv = CRYPTOKI_F_PTR( C_WrapKey(hSession, &mechanism, hKey, hPrk, wrappedPtr, &wrappedLen) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+
+	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hPrk) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+
+	CK_ATTRIBUTE nPrkAttribs[] = {
+		{ CKA_CLASS, &privateClass, sizeof(privateClass) },
+		{ CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+		{ CKA_TOKEN, &bFalse, sizeof(bFalse) },
+		{ CKA_PRIVATE, &bTrue, sizeof(bTrue) },
+		{ CKA_DECRYPT, &bTrue, sizeof(bTrue) },
+		{ CKA_SIGN, &bFalse,sizeof(bFalse) },
+		{ CKA_UNWRAP, &bTrue, sizeof(bTrue) },
+		{ CKA_SENSITIVE, &bFalse, sizeof(bFalse) },
+		{ CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }
+	};
+
+	hPrk = CK_INVALID_HANDLE;
+	rv = CRYPTOKI_F_PTR( C_UnwrapKey(hSession, &mechanism, hKey, wrappedPtr, wrappedLen, nPrkAttribs, sizeof(nPrkAttribs)/sizeof(CK_ATTRIBUTE), &hPrk) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+	CPPUNIT_ASSERT(hPrk != CK_INVALID_HANDLE);
+
+	prkAttribs[2].pValue = prkAttrPtr + prkAttrLen;
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPrk, prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE)) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+
+	CPPUNIT_ASSERT(prkAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS));
+	CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)prkAttribs[0].pValue == CKO_PRIVATE_KEY);
+	CPPUNIT_ASSERT(prkAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE));
+	CPPUNIT_ASSERT(*(CK_KEY_TYPE*)prkAttribs[1].pValue == CKK_GOSTR3410);
+	CPPUNIT_ASSERT(prkAttribs[2].ulValueLen == prkAttrLen);
+	CPPUNIT_ASSERT(memcmp(prkAttrPtr, prkAttrPtr + prkAttrLen, prkAttrLen) == 0);
+
+	free(wrappedPtr);
+	free(prkAttrPtr);
+	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hPrk) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+}
+#endif
+
 void SymmetricAlgorithmTests::testAesEncryptDecrypt()
 {
 	CK_RV rv;
@@ -620,9 +760,18 @@ void SymmetricAlgorithmTests::testAesWrapUnwrap()
 	rv = generateAesKey(hSession,IN_SESSION,IS_PUBLIC,hKey);
 	CPPUNIT_ASSERT(rv == CKR_OK);
 
-	aesWrapUnwrap(CKM_AES_KEY_WRAP, hSession, hKey);
+	aesWrapUnwrapGeneric(CKM_AES_KEY_WRAP, hSession, hKey);
+	aesWrapUnwrapRsa(CKM_AES_KEY_WRAP, hSession, hKey);
+#ifdef WITH_GOST
+	aesWrapUnwrapGost(CKM_AES_KEY_WRAP, hSession, hKey);
+#endif
+
 #ifdef HAVE_AES_KEY_WRAP_PAD
-	aesWrapUnwrap(CKM_AES_KEY_WRAP_PAD, hSession, hKey);
+	aesWrapUnwrapGeneric(CKM_AES_KEY_WRAP_PAD, hSession, hKey);
+	aesWrapUnwrapRsa(CKM_AES_KEY_WRAP_PAD, hSession, hKey);
+#ifdef WITH_GOST
+	aesWrapUnwrapGost(CKM_AES_KEY_WRAP_PAD, hSession, hKey);
+#endif
 #endif
 }
 
diff --git a/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.h b/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.h
index 9b96ae1..76191d9 100644
--- a/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.h
+++ b/SoftHSMv2/src/lib/test/SymmetricAlgorithmTests.h
@@ -73,8 +73,13 @@ protected:
 			CK_OBJECT_HANDLE hKey,
 			size_t messageSize,
 			bool isSizeOK=true);
-	void aesWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
+	void aesWrapUnwrapGeneric(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
+	void aesWrapUnwrapRsa(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
 	CK_RV generateRsaPrivateKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey);
+#ifdef WITH_GOST
+	void aesWrapUnwrapGost(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
+	CK_RV generateGostPrivateKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey);
+#endif
 };
 
 #endif // !_SOFTHSM_V2_SYMENCRYPTDECRYPTTESTS_H
diff --git a/SoftHSMv2/src/lib/win32/dllmain.cc b/SoftHSMv2/src/lib/win32/dllmain.cc
deleted file mode 100644
index 359227d..0000000
--- a/SoftHSMv2/src/lib/win32/dllmain.cc
+++ /dev/null
@@ -1,18 +0,0 @@
-#include <windows.h>
-
-__declspec(dllexport) BOOL WINAPI
-DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpvReserved)
-{
-    hModule = hModule;
-    lpvReserved = lpvReserved;
-    
-    switch (ul_reason_for_call) { 
-    case DLL_PROCESS_ATTACH:
-    case DLL_THREAD_ATTACH: 
-    case DLL_THREAD_DETACH: 
-    case DLL_PROCESS_DETACH: 
-    default:
-        break;
-    }
-    return (TRUE);
-}
diff --git a/SoftHSMv2/src/lib/win32/setenv.cpp b/SoftHSMv2/src/lib/win32/setenv.cpp
deleted file mode 100644
index da41a62..0000000
--- a/SoftHSMv2/src/lib/win32/setenv.cpp
+++ /dev/null
@@ -1,20 +0,0 @@
-#include <config.h>
-#include <stdlib.h>
-#include <string>
-
-#ifdef _WIN32
-
-int
-setenv(const char *name, const char *value, int overwrite)
-{
-	std::string vv = name;
-	vv += "=";
-	vv += value;
-
-	if (overwrite != 1)
-		return false;
-
-	return _putenv(vv.c_str()) == 0;
-}
-
-#endif
diff --git a/SoftHSMv2/src/lib/win32/setenv.h b/SoftHSMv2/src/lib/win32/setenv.h
deleted file mode 100644
index e199227..0000000
--- a/SoftHSMv2/src/lib/win32/setenv.h
+++ /dev/null
@@ -1,12 +0,0 @@
-#include <config.h>
-
-#ifdef _WIN32
-
-#ifndef _SETENV_H
-#define _SETENV_H
-
-int setenv(const char *name, const char *value, int overwrite);
-
-#endif
-
-#endif
\ No newline at end of file
diff --git a/SoftHSMv2/src/lib/win32/syslog.cpp b/SoftHSMv2/src/lib/win32/syslog.cpp
deleted file mode 100644
index 927592e..0000000
--- a/SoftHSMv2/src/lib/win32/syslog.cpp
+++ /dev/null
@@ -1,69 +0,0 @@
-#include <config.h>
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-#include <syslog.h>
-
-#ifdef _WIN32
-
-static HANDLE hEventLog = NULL;
-
-/*
- * Close the Handle to the application Event Log
- */
-void
-closelog() {
-	DeregisterEventSource(hEventLog);
-}
-
-/*
- * Initialize event logging
- */
-void
-openlog(const char *ident, int logopt, int facility) {
-	/* Get a handle to the Application event log */
-	hEventLog = RegisterEventSourceA(NULL, ident);
-}
-
-/*
- * Log to the NT Event Log
- */
-void
-syslog(int priority, const char *message, ...) {
-	va_list ap;
-	char buf[1024];
-	LPCSTR str[1];
-
-	str[0] = buf;
-
-	va_start(ap, message);
-	vsprintf(buf, message, ap);
-	va_end(ap);
-
-	/* Make sure that the channel is open to write the event */
-	if (hEventLog == NULL) {
-		openlog("SoftHSM", 0, 0);
-	}
-	if (hEventLog != NULL) {
-		switch (priority) {
-		case LOG_INFO:
-		case LOG_NOTICE:
-		case LOG_DEBUG:
-			ReportEventA(hEventLog, EVENTLOG_INFORMATION_TYPE, 0,
-				     0x40000003, NULL, 1, 0, str, NULL);
-			break;
-		case LOG_WARNING:
-			ReportEventA(hEventLog, EVENTLOG_WARNING_TYPE, 0,
-				     0x80000002, NULL, 1, 0, str, NULL);
-			break;
-		default:
-			ReportEventA(hEventLog, EVENTLOG_ERROR_TYPE, 0,
-				     0xc0000001, NULL, 1, 0, str, NULL);
-			break;
-		}
-	}
-}
-
-#endif
diff --git a/SoftHSMv2/src/lib/win32/syslog.h b/SoftHSMv2/src/lib/win32/syslog.h
deleted file mode 100644
index 1ed207c..0000000
--- a/SoftHSMv2/src/lib/win32/syslog.h
+++ /dev/null
@@ -1,46 +0,0 @@
-#ifndef _SYSLOG_H
-#define _SYSLOG_H
-
-#include <stdio.h>
-
-/* priorities */
-#define LOG_EMERG       0       /* system is unusable */
-#define LOG_ALERT       1       /* action must be taken immediately */
-#define LOG_CRIT        2       /* critical conditions */
-#define LOG_ERR         3       /* error conditions */
-#define LOG_WARNING     4       /* warning conditions */
-#define LOG_NOTICE      5       /* normal but signification condition */
-#define LOG_INFO        6       /* informational */
-#define LOG_DEBUG       7       /* debug-level messages */
-
-/* NT event log does not support facility level */
-#define LOG_KERN	0
-#define LOG_USER	0
-#define LOG_MAIL	0
-#define LOG_DAEMON	0
-#define LOG_AUTH	0
-#define LOG_SYSLOG	0
-#define LOG_LPR		0
-#define LOG_LOCAL0	0
-#define LOG_LOCAL1	0
-#define LOG_LOCAL2	0
-#define LOG_LOCAL3	0
-#define LOG_LOCAL4	0
-#define LOG_LOCAL5	0
-#define LOG_LOCAL6	0
-#define LOG_LOCAL7	0
-
-/* Constant definitions for openlog() */
-#define LOG_PID		1
-#define LOG_CONS	2
-
-void
-closelog(void);
-
-void
-openlog(const char *ident, int logopt, int facility);
-
-void
-syslog(int priority, const char *message, ...);
-
-#endif