update crypto

2026-06-21 04:33:38 +08:00 · 2017-03-08 15:02:42 +08:00
parent 4d84dd7557
commit 002096751c
29 changed files with 1062 additions and 134 deletions
--- a/crypto/bb1ibe/bb1ibe_lib.c
+++ b/crypto/bb1ibe/bb1ibe_lib.c
@@ -442,7 +442,7 @@ end:
 * c->u = HashToRange(DoubleHash(c->Chi0, c->Chi1, y, wbuf))
 */
 static int BB1CiphertextBlock_hash_to_range(BB1PublicParameters *mpk,
-	const BB1CiphertextBlock *c, const unsigned char *wbuf, size_t wbuflen,
+	BB1CiphertextBlock *c, const unsigned char *wbuf, size_t wbuflen,
 	BIGNUM *bn, BN_CTX *bn_ctx)
 {
 	int ret = 0;
@@ -870,7 +870,7 @@ int BB1IBE_do_decrypt(BB1PublicParameters *mpk,
 		BB1IBEerr(BB1IBE_F_BB1IBE_DO_DECRYPT, ERR_R_BN_LIB);
 		goto end;
 	}
-	if (BN_GFP2_cmp(w, w1) != 0) {
+	if (!BN_GFP2_equ(w, w1)) {
 		BB1IBEerr(BB1IBE_F_BB1IBE_DO_DECRYPT, BB1IBE_R_BB1CIPHERTEXT_INVALID_MAC);
 		goto end;
 	}
--- a/crypto/bfibe/bfibe_lib.c
+++ b/crypto/bfibe/bfibe_lib.c
@@ -468,7 +468,8 @@ int BFIBE_do_decrypt(BFPublicParameters *mpk,
 	const EVP_MD *md;
 	KDF_FUNC hash_bytes;
 	unsigned char rho[EVP_MAX_MD_SIZE * 2];
-	unsigned int size;
+	size_t size;
+	unsigned int len;
 	int i;

 	if (!mpk || !in || !outlen || !sk) {
@@ -539,7 +540,8 @@ int BFIBE_do_decrypt(BFPublicParameters *mpk,
 		BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
 		goto end;
 	}
-	if (!EVP_Digest(rho, size, rho, &size, md, NULL)) {
+	len = size;
+	if (!EVP_Digest(rho, size, rho, &len, md, NULL)) {
 		BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EVP_LIB);
 		goto end;
 	}
@@ -566,8 +568,8 @@ int BFIBE_do_decrypt(BFPublicParameters *mpk,
 	}

 	/* k = HashToRange(rho || Hash(out)) in [0, mpk->q) */
-	size = EVP_MD_size(md);
-	if (!EVP_Digest(out, in->w->length, rho + EVP_MD_size(md), &size, md, NULL)) {
+	len = EVP_MD_size(md);
+	if (!EVP_Digest(out, in->w->length, rho + EVP_MD_size(md), &len, md, NULL)) {
 		BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EVP_LIB);
 		goto end;
 	}
--- a/crypto/cpk/cpk_lib.c
+++ b/crypto/cpk/cpk_lib.c
@@ -497,7 +497,7 @@ static DSA *X509_ALGOR_get1_DSA(X509_ALGOR *algor)
 {
 	DSA *dsa = NULL;
 	int ptype;
-	void *pval;
+	const void *pval;
 	ASN1_OCTET_STRING *pstr;
 	const unsigned char *p;

@@ -713,7 +713,7 @@ static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
 {
 	EC_KEY *ec_key = NULL;
 	int ptype;
-	void *pval;
+	const void *pval;
 	const unsigned char *p;
 	
 	X509_ALGOR_get0(NULL, &ptype, &pval, algor);
--- a/crypto/ct/ct_vfy.o-29b9236e
+++ b/crypto/ct/ct_vfy.o-29b9236e
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -61,6 +61,9 @@ void EC_KEY_set_default_secg_method(void)
    default_ec_key_meth = EC_KEY_OpenSSL();
 }

+/* defained in sm2/sm2_kmeth.c */
+extern const EC_KEY_METHOD *EC_KEY_GmSSL(void);
+
 void EC_KEY_set_default_sm_method(void)
 {
    default_ec_key_meth = EC_KEY_GmSSL();
--- a/crypto/ec2/bn_gfp2.c
+++ b/crypto/ec2/bn_gfp2.c
@@ -169,6 +169,13 @@ int BN_GFP2_cmp(const BN_GFP2 *a, const BN_GFP2 *b)
 	return ((BN_cmp(a->a0, b->a0) == 0) && (BN_cmp(a->a1, b->a1) == 0));
 }

+int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b)
+{
+	//FIXME
+									
+	return 0;
+}
+
 int BN_GFP2_add(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b,
 	const BIGNUM *p, BN_CTX *ctx)
 {
@@ -494,4 +501,3 @@ int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx)
 	}
 	return 1;
 }
-
--- a/crypto/ec2/bn_solinas.c
+++ b/crypto/ec2/bn_solinas.c
@@ -127,14 +127,14 @@ int BN_bn2solinas(const BIGNUM *bn, BN_SOLINAS *solinas)
 	}

 end:
-	return 0;
+	return ret;
 }

 int BN_solinas2bn(const BN_SOLINAS *solinas, BIGNUM *bn)
 {
 	int ret = 0;
-	BIGNUM *tmp = NULL;
 #if 0
+	BIGNUM *tmp = NULL;
 	if (b <= 0 || a <= b || (s != 1 && s != -1) ||
 		(c != 1 && c != -1)) {
 		BNerr(BN_F_BN_SOLINAS2BN, BN_R_INVALID_SOLINAS_PARAMETERS);
--- a/crypto/ecies/ecies_gmssl.c
+++ b/crypto/ecies/ecies_gmssl.c
@@ -50,15 +50,27 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <openssl/rand.h>
 #include <openssl/ecies.h>

+static int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type)
+{
+			
+	return 0;
+}
+
 int gmssl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	ECIES_CIPHERTEXT_VALUE *cv = NULL;
+	ECIES_PARAMS params;
+
+	if (!ECIES_PARAMS_init_with_type(&params, type)) {
+		return 0;
+	}

 	RAND_seed(in, inlen);
-	if (!(cv = ECIES_do_encrypt(type, in, inlen, ec_key))) {
+	if (!(cv = ECIES_do_encrypt(&params, in, inlen, ec_key))) {
 		*outlen = 0;
 		return 0;
 	}
@@ -72,11 +84,16 @@ int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	ECIES_CIPHERTEXT_VALUE *cv = NULL;
+	ECIES_PARAMS params;
 	const unsigned char *cp = in;
 	unsigned char *der = NULL;
 	int derlen = -1;
 	int ret = -1;

+	if (!ECIES_PARAMS_init_with_type(&params, type)) {
+		return -1;
+	}
+
 	if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &cp, inlen))) {
 		return -1;
 	}
@@ -86,7 +103,7 @@ int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,
 		goto end;
 	}

-	ret = ECIES_do_decrypt(type, cv, out, outlen, ec_key);
+	ret = ECIES_do_decrypt(&params, cv, out, outlen, ec_key);

 end:
 	OPENSSL_clear_free(der, derlen);
--- a/crypto/gmapi/gmapi_sdf_rsa.c
+++ b/crypto/gmapi/gmapi_sdf_rsa.c
@@ -195,10 +195,10 @@ int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref)
 	if (!BN_bn2bin(rsa->n, ref->m) ||
 		!BN_bn2bin(rsa->e, ref->e + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e)) ||
 		!BN_bn2bin(rsa->d, ref->d + nbytes - BN_num_bytes(rsa->d)) ||
-		!BN_bn2bin(rsa->p, &(ref->prime[0]) + nbytes/2 - BN_num_bytes(rsa->p)) ||
-		!BN_bn2bin(rsa->q, &(ref->prime[1]) + nbytes/2 - BN_num_bytes(rsa->q)) ||
-		!BN_bn2bin(rsa->dmp1, &(ref->pexp[0]) + nbytes/2 - BN_num_bytes(rsa->dmp1)) ||
-		!BN_bn2bin(rsa->dmq1, &(ref->pexp[1]) + nbytes/2 - BN_num_bytes(rsa->dmq1)) ||
+		!BN_bn2bin(rsa->p, (unsigned char *)&(ref->prime[0]) + nbytes/2 - BN_num_bytes(rsa->p)) ||
+		!BN_bn2bin(rsa->q, (unsigned char *)&(ref->prime[1]) + nbytes/2 - BN_num_bytes(rsa->q)) ||
+		!BN_bn2bin(rsa->dmp1, (unsigned char *)&(ref->pexp[0]) + nbytes/2 - BN_num_bytes(rsa->dmp1)) ||
+		!BN_bn2bin(rsa->dmq1, (unsigned char *)&(ref->pexp[1]) + nbytes/2 - BN_num_bytes(rsa->dmq1)) ||
 		!BN_bn2bin(rsa->iqmp, ref->coef + nbytes/2 - BN_num_bytes(rsa->iqmp))) {
 		GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY,
 			GMAPI_R_INVALID_RSA_PRIVATE_KEY);
--- a/crypto/gmapi/gmapi_sgd.c
+++ b/crypto/gmapi/gmapi_sgd.c
@@ -116,3 +116,13 @@ int GMAPI_sgd2mdnid(int sgd)
 	return 0;
 }

+
+int EVP_MD_sgd(const EVP_MD *md)
+{
+	return 0;
+}
+
+int EVP_CIPHER_sgd(const EVP_CIPHER *cipher)
+{
+	return 0;
+}
--- a/crypto/kdf2/kdf_ibcs.c
+++ b/crypto/kdf2/kdf_ibcs.c
@@ -133,7 +133,7 @@ KDF_FUNC KDF_get_ibcs(const EVP_MD *md)
 #endif
 #ifndef OPENSSL_NO_BLAKE2
 	case NID_blake2b512:
-		return ibcs_blake2s256kdf;
+		return ibcs_blake2b512kdf;
 	case NID_blake2s256:
 		return ibcs_blake2s256kdf;
 #endif
--- a/crypto/saf/saf_base64.c
+++ b/crypto/saf/saf_base64.c
@@ -362,51 +362,3 @@ end:
 	SAF_Base64_DestroyBase64Obj(handle);
 	return ret;
 }
-
-int SAF_Base64_test(int verbose)
-{
-	int ret = SAR_UnknownErr;
-	/* sizeof(buf1)%3 == 1 makes base64 ended with "==" */
-	unsigned char buf1[121];
-	unsigned char buf2[512];
-	unsigned char buf3[512];
-	unsigned int len1, len2, len3;
-
-	/* generate some random binary for testing */
-	RAND_bytes(buf1, sizeof(buf1));
-	memset(buf2, 0, sizeof(buf2));
-	memset(buf3, 0, sizeof(buf3));
-
-	len1 = (unsigned int)sizeof(buf1);
-	len2 = (unsigned int)sizeof(buf2);
-	if ((ret = SAF_Base64_Encode(buf1, len1, buf2, &len2)) != SAR_OK) {
-		ERR_print_errors_fp(stderr);
-		goto end;
-	}
-	if (verbose) {
-		printf("%s\n", buf2);
-	}
-
-	len3 = sizeof(buf3);
-	if ((ret = SAF_Base64_Decode(buf2, len2, buf3, &len3)) != SAR_OK) {
-		ERR_print_errors_fp(stderr);
-		goto end;
-	}
-
-	/* check correctness */
-	if (len1 == len3 && memcmp(buf1, buf3, len1) == 0) {
-		ret = SAR_OK;
-	} else {
-		/* make sure to assign `ret`, or it might be set as OK by
-		 * previous functions */
-		ret = SAR_UnknownErr;
-	}
-
-end:
-	if (verbose) {
-		printf("%s %s\n", __FUNCTION__,
-			ret == SAR_OK ? "passed" : "failed");
-	}
-
-	return SAR_OK;
-}
--- a/crypto/saf/saf_err.c
+++ b/crypto/saf/saf_err.c
@@ -56,10 +56,18 @@ static ERR_STRING_DATA SAF_str_functs[] = {
    {ERR_FUNC(SAF_F_SAF_HASHUPDATE), "SAF_HashUpdate"},
    {ERR_FUNC(SAF_F_SAF_INITIALIZE), "SAF_Initialize"},
    {ERR_FUNC(SAF_F_SAF_KEY_NEW), "SAF_KEY_new"},
+    {ERR_FUNC(SAF_F_SAF_LOAD_PRIVATE_KEY), "SAF_load_private_key"},
+    {ERR_FUNC(SAF_F_SAF_LOAD_PUBLIC_KEY), "SAF_load_public_key"},
    {ERR_FUNC(SAF_F_SAF_LOGIN), "SAF_Login"},
    {ERR_FUNC(SAF_F_SAF_LOGOUT), "SAF_Logout"},
    {ERR_FUNC(SAF_F_SAF_MACFINAL), "SAF_MacFinal"},
    {ERR_FUNC(SAF_F_SAF_MACUPDATE), "SAF_MacUpdate"},
+    {ERR_FUNC(SAF_F_SAF_PKCS7_DECODEDIGESTEDDATA),
+     "SAF_Pkcs7_DecodeDigestedData"},
+    {ERR_FUNC(SAF_F_SAF_PKCS7_DECODEENVELOPEDDATA),
+     "SAF_Pkcs7_DecodeEnvelopedData"},
+    {ERR_FUNC(SAF_F_SAF_PKCS7_DECODESIGNEDDATA),
+     "SAF_Pkcs7_DecodeSignedData"},
    {ERR_FUNC(SAF_F_SAF_PKCS7_ENCODEDIGESTEDDATA),
     "SAF_Pkcs7_EncodeDigestedData"},
    {ERR_FUNC(SAF_F_SAF_PKCS7_ENCODEENVELOPEDDATA),
@@ -89,6 +97,7 @@ static ERR_STRING_DATA SAF_str_reasons[] = {
    {ERR_REASON(SAF_R_GEN_RANDOM_FAILURE), "gen random failure"},
    {ERR_REASON(SAF_R_INT_OVERFLOW), "int overflow"},
    {ERR_REASON(SAF_R_INVALID_ALGOR), "invalid algor"},
+    {ERR_REASON(SAF_R_INVALID_APP), "invalid app"},
    {ERR_REASON(SAF_R_INVALID_CERTIFICATE), "invalid certificate"},
    {ERR_REASON(SAF_R_INVALID_DIGEST_ALGOR), "invalid digest algor"},
    {ERR_REASON(SAF_R_INVALID_HANDLE), "invalid handle"},
@@ -98,14 +107,23 @@ static ERR_STRING_DATA SAF_str_reasons[] = {
    {ERR_REASON(SAF_R_INVALID_KEY_LENGTH), "invalid key length"},
    {ERR_REASON(SAF_R_INVALID_KEY_USAGE), "invalid key usage"},
    {ERR_REASON(SAF_R_INVALID_LENGTH), "invalid length"},
+    {ERR_REASON(SAF_R_INVALID_PKCS7), "invalid pkcs7"},
+    {ERR_REASON(SAF_R_INVALID_PKCS7_DATA), "invalid pkcs7 data"},
+    {ERR_REASON(SAF_R_INVALID_PKCS7_TYPE), "invalid pkcs7 type"},
+    {ERR_REASON(SAF_R_INVALID_PKEY_TYPE), "invalid pkey type"},
    {ERR_REASON(SAF_R_INVALID_PUBLIC_KEY), "invalid public key"},
+    {ERR_REASON(SAF_R_LOA), "loa"},
    {ERR_REASON(SAF_R_LOAD_CERTS_FAILURE), "load certs failure"},
    {ERR_REASON(SAF_R_LOAD_KEY_FAILURE), "load key failure"},
+    {ERR_REASON(SAF_R_LOAD_PRIVATE_KEY_FAILURE), "load private key failure"},
+    {ERR_REASON(SAF_R_LOAD_PUBLIC_KEY_FAILURE), "load public key failure"},
    {ERR_REASON(SAF_R_MAC_FAILURE), "mac failure"},
    {ERR_REASON(SAF_R_NOT_SUPPORTED), "not supported"},
    {ERR_REASON(SAF_R_OPERATION_NOT_INITIALIZED),
     "operation not initialized"},
+    {ERR_REASON(SAF_R_PKCS7_VERIFY_FAILURE), "pkcs7 verify failure"},
    {ERR_REASON(SAF_R_UNSUPPORTED_ALGOR), "unsupported algor"},
+    {ERR_REASON(SAF_R_UNSUPPORTED_DIGEST_ALGOR), "unsupported digest algor"},
    {0, NULL}
 };

--- a/crypto/saf/saf_lcl.h
+++ b/crypto/saf/saf_lcl.h
@@ -77,7 +77,7 @@ typedef struct {
 typedef struct {
 	SAF_SYMMKEYOBJ *hSymmKeyObj;
 	unsigned char key[64];
-	int keylen;
+	size_t keylen;
 	EVP_CIPHER_CTX *cipher_ctx;
 	CMAC_CTX *cmac_ctx;
 } SAF_KEY;
@@ -87,3 +87,8 @@ void SAF_KEY_free(SAF_KEY *key);

 SAF_SYMMKEYOBJ *SAF_SYMMKEYOBJ_dup(const SAF_SYMMKEYOBJ *a);
 void SAF_SYMMKEYOBJ_free(SAF_SYMMKEYOBJ *a);
+
+
+EVP_PKEY *SAF_load_private_key(SAF_APP *app, const char *container, int flags);
+EVP_PKEY *SAF_load_public_key(SAF_APP *app, const char *container, int flags);
+
--- a/crypto/saf/saf_lib.c
+++ b/crypto/saf/saf_lib.c
@@ -50,9 +50,68 @@
 #include <openssl/gmsaf.h>
 #include "saf_lcl.h"

-static int readfile(const char *file, unsigned char **pout, size_t *len)
+
+EVP_PKEY *SAF_load_private_key(SAF_APP *app, const char *container, int flags)
 {
-	return SAR_Ok;
+	EVP_PKEY *ret = NULL;
+	EVP_PKEY *pkey = NULL;
+	char key_id[1024];
+	int type;
+
+	if (!app->engine) {
+		SAFerr(SAF_F_SAF_LOAD_PRIVATE_KEY, SAF_R_INVALID_APP);
+		return NULL;
+	}
+
+	snprintf(key_id, sizeof(key_id), "%s.%s", container,
+		((flags & EVP_PKT_SIGN) ? "sign" : "enc"));
+
+	if (!(pkey = ENGINE_load_private_key(app->engine, key_id, NULL, NULL))) {
+		SAFerr(SAF_F_SAF_LOAD_PRIVATE_KEY, SAF_R_LOAD_PRIVATE_KEY_FAILURE);
+		goto end;
+	}
+
+	if (EVP_PKEY_base_id(pkey) !=
+		((flags & EVP_PK_EC) ? EVP_PKEY_EC : EVP_PKEY_RSA)) {
+		SAFerr(SAF_F_SAF_LOAD_PRIVATE_KEY, SAF_R_INVALID_PKEY_TYPE);
+		goto end;
+	}
+
+	ret = pkey;
+	pkey = NULL;
+end:
+	EVP_PKEY_free(pkey);
+	return ret;
 }

+EVP_PKEY *SAF_load_public_key(SAF_APP *app, const char *container, int flags)
+{
+	EVP_PKEY *ret = NULL;
+	EVP_PKEY *pkey = NULL;
+	char key_id[1024];

+	if (!app->engine) {
+		SAFerr(SAF_F_SAF_LOAD_PUBLIC_KEY, SAF_R_INVALID_APP);
+		return NULL;
+	}
+
+	snprintf(key_id, sizeof(key_id), "%s.%s", container,
+		((flags & EVP_PKT_SIGN) ? "sign" : "enc"));
+
+	if (!(pkey = ENGINE_load_public_key(app->engine, key_id, NULL, NULL))) {
+		SAFerr(SAF_F_SAF_LOAD_PUBLIC_KEY, SAF_R_LOAD_PUBLIC_KEY_FAILURE);
+		goto end;
+	}
+
+	if (EVP_PKEY_base_id(pkey) !=
+		((flags & EVP_PK_EC) ? EVP_PKEY_EC : EVP_PKEY_RSA)) {
+		SAFerr(SAF_F_SAF_LOAD_PUBLIC_KEY, SAF_R_INVALID_PKEY_TYPE);
+		goto end;
+	}
+
+	ret = pkey;
+	pkey = NULL;
+end:
+	EVP_PKEY_free(pkey);
+	return ret;
+}
--- a/crypto/saf/saf_pkcs7.c
+++ b/crypto/saf/saf_pkcs7.c
@@ -48,6 +48,7 @@
 */

 #include <openssl/evp.h>
+#include <openssl/asn1.h>
 #include <openssl/pkcs7.h>
 #include <openssl/gmapi.h>
 #include <openssl/gmsaf.h>
@@ -70,37 +71,28 @@ int SAF_Pkcs7_EncodeData(
 	unsigned int *puiDerP7DataLen)
 {
 	int ret = SAR_UnknownErr;
-
-	STACK_OF(X509) *encerts = NULL;
-
-	p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-
-	p7 = PKCS7_sign(NULL, NULL, other, in, flags);
-
-
-
-
-
 	return ret;
 }


 /* 7.4.3 */
 int SAF_Pkcs7_DecodeData(
-	void *hAppHandle)
+	void *hAppHandle,
+	unsigned char *pucDecContainerName,
+	unsigned int uiDecContainerNameLen,
+	unsigned int uiDecKeyUsage,
+	unsigned char *pucDerP7Data,
+	unsigned int uiDerP7DataLen,
+	unsigned char *pucData,
+	unsigned int *puiDataLen,
+	unsigned char *pucSignerCertificate,
+	unsigned int *puiSignerCertificateLen,
+	unsigned int *puiDigestAlgorithm)
 {
 	int ret = SAR_UnknownErr;
 	return ret;
 }

-EVP_PKEY *SAF_LoadPrivateKey(
-	void *hAppHandle,
-	unsigned char *pucSignContainerName,
-	unsigned int uiSignContainerNameLen)
-{
-	return NULL;
-}
-
 /* 7.4.4 */
 int SAF_Pkcs7_EncodeSignedData(
 	void *hAppHandle,
@@ -116,9 +108,12 @@ int SAF_Pkcs7_EncodeSignedData(
 	unsigned int *puiDerP7DataLen)
 {
 	int ret = SAR_UnknownErr;
+	SAF_APP *app = (SAF_APP *)hAppHandle;
+	PKCS7 *p7 = NULL;
 	EVP_PKEY *pkey = NULL;
 	X509 *x509 = NULL;
 	BIO *data = NULL;
+	int len;

 	if (!hAppHandle || !pucSignContainerName || !pucSignerCertificate
 		|| !pucData || !pucDerP7Data || !puiDerP7DataLen) {
@@ -127,21 +122,21 @@ int SAF_Pkcs7_EncodeSignedData(
 	}

 	if (uiSignContainerNameLen <= 0 || uiSignContainerNameLen > INT_MAX
+		|| strlen((char *)pucSignContainerName) != uiSignContainerNameLen
 		|| uiSignerCertificateLen <= 0 || uiSignerCertificateLen > INT_MAX
 		|| uiDataLen <= 0 || uiDataLen > INT_MAX) {
 		SAFerr(SAF_F_SAF_PKCS7_ENCODESIGNEDDATA, SAF_R_INVALID_INPUT_LENGTH);
 		return SAR_IndataLenErr;
 	}

-	if (!(pkey = SAF_LoadPrivateKey(
-		hAppHandle,
-		pucSignContainerName,
-		uiSignContainerNameLen))) {
+	if (!(pkey = SAF_load_private_key(app, (char *)pucSignContainerName,
+		EVP_PK_EC|EVP_PKT_SIGN))) {
 		SAFerr(SAF_F_SAF_PKCS7_ENCODESIGNEDDATA, SAF_R_LOAD_KEY_FAILURE);
 		goto end;
 	}

-	if (!(x509 = d2i_X509(NULL, &pucSignerCertificate, uiSignerCertificateLen))) {
+	if (!(x509 = d2i_X509(NULL, (const unsigned char **)&pucSignerCertificate,
+		uiSignerCertificateLen))) {
 		SAFerr(SAF_F_SAF_PKCS7_ENCODESIGNEDDATA, ERR_R_X509_LIB);
 		goto end;
 	}
@@ -192,36 +187,114 @@ int SAF_Pkcs7_DecodeSignedData(
 {
 	int ret = SAR_UnknownErr;
 	PKCS7 *p7 = NULL;
+	PKCS7_SIGNED *p7signed;
 	X509 *x509 = NULL;
+	PKCS7_SIGNER_INFO *signer_info;
+	X509_ALGOR *algor;
+	BIO *bio = NULL;

-	p7 = d2i_PKCS7(NULL, &pucDerP7SignedData, uiDerP7SignedDataLen);
+	if (!hAppHandle || !pucDerP7SignedData || !puiDigestAlgorithm
+		|| !puiSignerCertificateLen || !puiDataLen || !puiSigLen) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, ERR_R_PASSED_NULL_PARAMETER);
+		return SAR_IndataErr;
+	}
+
+	if (uiDerP7SignedDataLen <= 0 || uiDerP7SignedDataLen > INT_MAX) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_INPUT_LENGTH);
+		return SAR_IndataLenErr;
+	}
+
+	/* process */
+	if (!(p7 = d2i_PKCS7(NULL, (const unsigned char **)&pucDerP7SignedData,
+		uiDerP7SignedDataLen))) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}
+
+	if (!(bio = BIO_new(BIO_s_mem()))) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, ERR_R_MALLOC_FAILURE);
+		goto end;
+	}

 	if (!PKCS7_type_is_signed(p7)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_TYPE);
 		goto end;
 	}

-	PKCS7_SIGNED *p7signed = p7->d.sign;
-
-	X509_ALGOR *algor = sk_X509_ALGOR_value(p7signed->md_algs, 0);
-	const EVP_MD *md = EVP_get_digestbyobj(algor->algorithm);
-	*puiDigestAlgorithm = EVP_MD_sdg(md);
-
-	X509 *x509 = sk_X509_ALGOR_value(p7signed->cert);
-	PKCS7_SIGNER_INFO *signer_info = sk_PKCS7_SIGNER_INFO_value(p7signed->signer_info, 0);
-
-	PKCS7 *p7data = p7signed->contents;
-	if (!PKCS7_type_is_data(p7data)) {
+	if (!PKCS7_verify(p7, NULL, NULL, NULL, bio, 0)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_PKCS7_VERIFY_FAILURE);
 		goto end;
 	}
-	ASN1_OCTET_STRING *data = p7data->d.data;

+	if (!(p7signed = p7->d.sign)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}
+
+	/* get digest algor */
+	if (sk_X509_ALGOR_num(p7signed->md_algs) != 1
+		|| !(algor = sk_X509_ALGOR_value(p7signed->md_algs, 0))
+		|| (*puiDigestAlgorithm = EVP_MD_sgd(EVP_get_digestbyobj(algor->algorithm))) <= 0) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}
+
+	/* get signer's certificate */
+	if (sk_X509_ALGOR_num(p7signed->cert) != 1
+		|| !(x509 = sk_X509_ALGOR_value(p7signed->cert, 0))) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}
+	if ((len = i2d_X509(x509, NULL)) <= 0) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, ERR_R_X509_LIB);
+		goto end;
+	}
+	if (*puiSignerCertificateLen < len) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_BUFFER_TOO_SMALL);
+		goto end;
+	}
+	if ((len = i2d_X509(x509, &pucSignerCertficate)) <= 0) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, ERR_R_X509_LIB);
+		goto end;
+	}
+	*puiSignerCertificateLen = len;
+
+	/* get data */
+	if (!(p7signed->contents)
+		|| !PKCS7_type_is_data(p7signed->contents)
+		|| !(data = p7signed->contents->d.data)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}
+
+	if (*puiDataLen < ASN1_OCTET_STRING_length(data)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_BUFFER_TOO_SMALL);
+		goto end;
+	}
+
+	memcpy(pucData, ASN1_OCTET_STRING_get0_data(data), ASN1_OCTET_STRING_length(data));
 	*puiDataLen = ASN1_OCTET_STRING_length(data);
-	memcpy(pucData, ASN1_OCTET_STRING_get0_data(data), *puiDataLen);

+	/* get signature */
+	if (sk_SIGNER_INFO_num(p7signed->signer_info) <= 0
+		|| !(signer_info = sk_SIGNER_INFO_value(p7signed->signer_info, 0))) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_INVALID_PKCS7_DATA);
+		goto end;
+	}

-	PKCS7_verify(p7, NULL, chain_store, NULL, outbio, flags);
-
+	if (*puiSigLen < ASN1_OCTET_STRING_length(signer_info->enc_digest)) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODESIGNEDDATA, SAF_R_BUFFER_TOO_SMALL);
+		goto end;
+	}
+	memcpy(pucSig, ASN1_OCTET_STRING_get0_data(signer_info->enc_digest),
+		ASN1_OCTET_STRING_length(signer_info->enc_digest));
+	*puiSigLen = ASN1_OCTET_STRING_length(signer_info->enc_digest);

+	ret = SAR_Ok;
+end:
+	PKCS7_free(p7);
+	X509_free(x509);
+	BIO_free(bio);
 	return ret;
 }

@@ -275,7 +348,6 @@ int SAF_Pkcs7_EncodeEnvelopedData(
 		ret = SAR_CertEncodeErr;
 		goto end;
 	}
-	// FIXME: check usage, valid time of x509

 	sk_X509_push(certs, x509);
 	x509 = NULL;
@@ -340,7 +412,7 @@ int SAF_Pkcs7_DecodeEnvelopedData(

 	if (uiDecContainerNameLen <= 0 || uiDecContainerNameLen > INT_MAX
 		|| uiDerP7EnvelopedDataLen <= 0 || uiDerP7EnvelopedDataLen > INT_MAX) {
-		SAFerr(SAF_F_SAF_PKCS7_DECODEENVELOPEDDATA, SAR_R_INVALID_INPUT_LENGTH);
+		SAFerr(SAF_F_SAF_PKCS7_DECODEENVELOPEDDATA, SAF_R_INVALID_INPUT_LENGTH);
 		return SAR_IndataLenErr;
 	}

@@ -352,21 +424,27 @@ int SAF_Pkcs7_DecodeEnvelopedData(
 		return SAR_IndataLenErr;
 	}

-	if (!(pkey = SAF_load_private_key(app, pucDecContainerName,
-		uiDecContainerNameLen, SGD_PK_ENC))) {
+	if (!(pkey = SAF_load_private_key(app, (char *)pucDecContainerName,
+		EVP_PK_EC|EVP_PKT_ENC))) {
+		SAFerr(SAF_F_SAF_PKCS7_DECODEENVELOPEDDATA, SAF_R_LOAd_PUBLIC_KEY_FAILURE);
+		goto end;
 	}

 	if (!(x509 = SAF_LoadCertificate(app, pucDecContainerName,
 		uiDecContainerNameLen, SGD_PK_ENC))) {
+		goto end;
 	}

 	if (!(bio = BIO_new(BIO_s_membuf()))) {
+		goto end;
 	}

 	if (!PKCS7_decrypt(p7, pkey, x509, bio, 0)) {
+		goto end;
 	}

 	if (!BIO_get_mem_buf(bio, &buf)) {
+		goto end;
 	}

 	memcpy(pucData, buf->data, buf->length);
--- a/crypto/saf/saf_pkcs7.d.tmp
+++ b/crypto/saf/saf_pkcs7.d.tmp
@@ -0,0 +1,17 @@
+crypto/saf/saf_pkcs7.o: crypto/saf/saf_pkcs7.c include/openssl/evp.h \
+  include/openssl/opensslconf.h include/openssl/ossl_typ.h \
+  include/openssl/e_os2.h include/openssl/symhacks.h \
+  include/openssl/bio.h include/openssl/crypto.h include/openssl/stack.h \
+  include/openssl/safestack.h include/openssl/opensslv.h \
+  include/openssl/objects.h include/openssl/obj_mac.h \
+  include/openssl/asn1.h include/openssl/bn.h include/openssl/pkcs7.h \
+  include/openssl/gmapi.h include/openssl/ec.h include/openssl/sm2.h \
+  include/openssl/err.h include/openssl/lhash.h include/openssl/kdf2.h \
+  include/openssl/kdf.h include/openssl/x509.h include/openssl/buffer.h \
+  include/openssl/rsa.h include/openssl/dsa.h include/openssl/dh.h \
+  include/openssl/sha.h include/openssl/x509_vfy.h \
+  include/openssl/ecies.h include/openssl/sm3.h include/openssl/sgd.h \
+  include/openssl/saf.h include/openssl/sdf.h include/openssl/skf.h \
+  include/openssl/sof.h include/openssl/gmsaf.h crypto/saf/saf_lcl.h \
+  include/openssl/cmac.h include/openssl/gmsdf.h \
+  include/openssl/engine.h include/openssl/rand.h include/openssl/ui.h
--- a/crypto/skf/skf_meth.c
+++ b/crypto/skf/skf_meth.c
@@ -56,8 +56,6 @@ SKF_METHOD *SKF_METHOD_load_library(const char *so_path)
 	SKF_METHOD *ret = NULL;
 	SKF_METHOD *skf = NULL;
 	DSO *dso = NULL;
-	void *func;
-	int i;

 	if (!(dso = DSO_load(NULL, so_path, NULL, 0))) {
 		goto end;
--- a/crypto/sm2/sm2_kap.c
+++ b/crypto/sm2/sm2_kap.c
@@ -569,10 +569,8 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum,
 	return 1;
 }

-int SM2_compute_key(void *out, size_t outlen,
-	const EC_POINT *pub_key, EC_KEY *ecdh,
-	const EC_POINT *pub_key2, EC_KEY *ec_key2,
-	const char *id1, const char *id2, int is_ini)
+int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+	const EC_KEY *ec_key, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))
 {
 	return 0;
 }
--- a/crypto/sm9/sm9_enc.c
+++ b/crypto/sm9/sm9_enc.c
@@ -47,6 +47,9 @@
 * ====================================================================
 */

+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
 #include <openssl/ec.h>
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -888,8 +891,10 @@ end:
 		SM9Ciphertext_free(ret);
 		ret = NULL;
 	}
-	OPENSSL_cleanse(key, keylen);
-	OPENSSL_free(key);
+	if (key) {
+		OPENSSL_cleanse(key, keylen);
+		OPENSSL_free(key);
+	}
 	return ret;
 }

--- a/crypto/sof/sof_err.c
+++ b/crypto/sof/sof_err.c
@@ -1,6 +1,6 @@
 /*
 * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
@@ -30,7 +30,7 @@ static ERR_STRING_DATA SOF_str_functs[] = {
    {ERR_FUNC(SOF_F_SOF_ENCRYPTDATA), "SOF_EncryptData"},
    {ERR_FUNC(SOF_F_SOF_ENCRYPTFILE), "SOF_EncryptFile"},
    {ERR_FUNC(SOF_F_SOF_EXPORTEXCHANGEUSERCERT),
-     "SOF_ExportExChangeUserCert"},
+     "SOF_ExportExchangeUserCert"},
    {ERR_FUNC(SOF_F_SOF_EXPORTUSERCERT), "SOF_ExportUserCert"},
    {ERR_FUNC(SOF_F_SOF_GENRANDOM), "SOF_GenRandom"},
    {ERR_FUNC(SOF_F_SOF_GETCERTINFO), "SOF_GetCertInfo"},
@@ -72,7 +72,9 @@ static ERR_STRING_DATA SOF_str_functs[] = {
 };

 static ERR_STRING_DATA SOF_str_reasons[] = {
+    {ERR_REASON(SOF_R_DECODE_FAILURE), "decode failure"},
    {ERR_REASON(SOF_R_NOT_IMPLEMENTED), "not implemented"},
+    {ERR_REASON(SOF_R_READ_FILE_FAILURE), "read file failure"},
    {0, NULL}
 };

--- a/crypto/sof/sof_lib.d.tmp
+++ b/crypto/sof/sof_lib.d.tmp
@@ -0,0 +1,8 @@
+crypto/sof/sof_lib.o: crypto/sof/sof_lib.c include/openssl/err.h \
+  include/openssl/e_os2.h include/openssl/opensslconf.h \
+  include/openssl/ossl_typ.h include/openssl/bio.h \
+  include/openssl/crypto.h include/openssl/stack.h \
+  include/openssl/safestack.h include/openssl/opensslv.h \
+  include/openssl/symhacks.h include/openssl/lhash.h \
+  include/openssl/gmsof.h include/openssl/sgd.h include/openssl/sof.h \
+  crypto/sof/../../e_os.h