diff --git a/include/gmssl/error.h b/include/gmssl/error.h index 499c6633..409a916b 100644 --- a/include/gmssl/error.h +++ b/include/gmssl/error.h @@ -53,7 +53,8 @@ #include #include - +#include +#include #ifdef __cplusplus extern "C" { diff --git a/src/rand.c b/src/rand.c index 8f9321ab..1b9e9aee 100644 --- a/src/rand.c +++ b/src/rand.c @@ -53,14 +53,32 @@ #include #include +#define RAND_MAX_BUF_SIZE 4096 + int rand_bytes(uint8_t *buf, size_t len) { FILE *fp; + if (!buf) { + error_print(); + return -1; + } + if (len > RAND_MAX_BUF_SIZE) { + error_print(); + return -1; + } + if (!len) { + return 0; + } + if (!(fp = fopen("/dev/urandom", "rb"))) { error_print(); return -1; } - fread(buf, 1, len, fp); + if (fread(buf, 1, len, fp) != len) { + error_print(); + fclose(fp); + return -1; + } fclose(fp); return 1; } diff --git a/src/sdf/sdf.c b/src/sdf/sdf.c index 4d3b35a6..77461b4b 100644 --- a/src/sdf/sdf.c +++ b/src/sdf/sdf.c @@ -56,11 +56,13 @@ #include "sdf_ext.h" + static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - -int SDF_ECCrefPublicKey_to_SM2_KEY(const ECCrefPublicKey *ref, SM2_KEY *sm2_key) +static int SDF_ECCrefPublicKey_to_SM2_KEY(const ECCrefPublicKey *ref, SM2_KEY *sm2_key) { + SM2_POINT point; + if (ref->bits != 256) { error_print(); return -1; @@ -70,18 +72,26 @@ int SDF_ECCrefPublicKey_to_SM2_KEY(const ECCrefPublicKey *ref, SM2_KEY *sm2_key) error_print(); return -1; } - memset(sm2_key, 0, sizeof(SM2_KEY)); - memcpy(sm2_key->public_key.x, ref->x + ECCref_MAX_LEN - 32, 32); - memcpy(sm2_key->public_key.y, ref->y + ECCref_MAX_LEN - 32, 32); - return 1; + + if (sm2_point_from_xy(&point, ref->x + ECCref_MAX_LEN - 32, ref->y + ECCref_MAX_LEN - 32) != 1 + || sm2_key_set_public_key(sm2_key, &point) != 1) { + error_print(); + return -1; + } + return SDR_OK; } -int SDF_ECCSignature_to_SM2_SIGNATURE(const ECCSignature *ref, SM2_SIGNATURE *sig) +static int SDF_ECCSignature_to_SM2_SIGNATURE(const ECCSignature *ref, SM2_SIGNATURE *sig) { + if (memcmp(ref->r, zeros, sizeof(zeros)) != 0 + || memcmp(ref->s, zeros, sizeof(zeros)) != 0) { + error_print(); + return -1; + } memset(sig, 0, sizeof(SM2_SIGNATURE)); memcpy(sig->r, ref->r + ECCref_MAX_LEN - 32, 32); memcpy(sig->s, ref->s + ECCref_MAX_LEN - 32, 32); - return 1; + return SDR_OK; } int sdf_load_library(const char *so_path, const char *vendor) @@ -100,10 +110,10 @@ void sdf_unload_library(void) int sdf_open_device(SDF_DEVICE *dev) { - int ret = 0; + int ret = -1; void *hDevice = NULL; void *hSession = NULL; - DEVICEINFO devInfo = {{0}}; + DEVICEINFO devInfo; if (SDF_OpenDevice(&hDevice) != SDR_OK || SDF_OpenSession(hDevice, &hSession) != SDR_OK @@ -111,7 +121,6 @@ int sdf_open_device(SDF_DEVICE *dev) error_print(); goto end; } - SDF_PrintDeviceInfo(stdout, &devInfo); memset(dev, 0, sizeof(SDF_DEVICE)); dev->handle = hDevice; @@ -120,7 +129,6 @@ int sdf_open_device(SDF_DEVICE *dev) memcpy(dev->name, devInfo.DeviceName, 16); memcpy(dev->serial, devInfo.DeviceSerial, 16); ret = 1; - end: if (hSession) SDF_CloseSession(hSession); if (hDevice) SDF_CloseDevice(hDevice); @@ -129,17 +137,20 @@ end: int sdf_print_device_info(FILE *fp, int fmt, int ind, const char *lable, SDF_DEVICE *dev) { + int ret = -1; void *hSession = NULL; - DEVICEINFO devInfo = {{0}}; + DEVICEINFO devInfo; if (SDF_OpenSession(dev->handle, hSession) != SDR_OK || SDF_GetDeviceInfo(hSession, &devInfo) != SDR_OK) { error_print(); - return -1; + goto end; } SDF_PrintDeviceInfo(fp, &devInfo); - SDF_CloseSession(&hSession); - return 1; + ret = 1; +end: + if (hSession) SDF_CloseSession(hSession); + return ret; } int sdf_rand_bytes(SDF_DEVICE *dev, uint8_t *buf, size_t len) @@ -151,10 +162,6 @@ int sdf_rand_bytes(SDF_DEVICE *dev, uint8_t *buf, size_t len) error_print(); return -1; } - if (!dev->handle) { - error_print(); - return -1; - } if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK || SDF_GenerateRandom(hSession, len, buf) != SDR_OK) { error_print(); @@ -166,31 +173,57 @@ end: return ret; } -int sdf_load_key(SDF_DEVICE *dev, SDF_KEY *key, int index, const char *pass) +int sdf_export_public_key(SDF_DEVICE *dev, SM2_KEY *public_key, int index) { int ret = -1; void *hSession = NULL; ECCrefPublicKey eccPublicKey; - if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK - || SDF_ExportSignPublicKey_ECC(hSession, index, &eccPublicKey) != SDR_OK - || SDF_ECCrefPublicKey_to_SM2_KEY(&eccPublicKey, &key->public_key) != SDR_OK - || SDF_GetPrivateKeyAccessRight(hSession, index, (unsigned char *)pass, strlen(pass)) != SDR_OK) { + if (!dev || !public_key) { error_print(); return -1; } - - memset(key, 0, sizeof(SDF_KEY)); - key->session = hSession; - key->index = index; - hSession = NULL; + if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK + || SDF_ExportSignPublicKey_ECC(hSession, index, &eccPublicKey) != SDR_OK + || SDF_ECCrefPublicKey_to_SM2_KEY(&eccPublicKey, public_key) != SDR_OK) { + error_print(); + goto end; + } ret = 1; - end: if (hSession) SDF_CloseSession(hSession); return ret; } +int sdf_load_key(SDF_DEVICE *dev, SDF_KEY *key, int index, const char *pass) +{ + int ret = -1; + void *hSession = NULL; + ECCrefPublicKey eccPublicKey; + SM2_KEY public_key; + + if (!dev || !key || !pass) { + error_print(); + return -1; + } + if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK + || SDF_ExportSignPublicKey_ECC(hSession, index, &eccPublicKey) != SDR_OK + || SDF_ECCrefPublicKey_to_SM2_KEY(&eccPublicKey, &public_key) != SDR_OK + || SDF_GetPrivateKeyAccessRight(hSession, index, (unsigned char *)pass, strlen(pass)) != SDR_OK) { + error_print(); + goto end; + } + + memset(key, 0, sizeof(SDF_KEY)); + key->public_key = public_key; + key->session = hSession; + key->index = index; + hSession = NULL; + ret = 1; +end: + if (hSession) SDF_CloseSession(hSession); + return ret; +} int sdf_sign(SDF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen) { @@ -201,15 +234,15 @@ int sdf_sign(SDF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen) error_print(); return -1; } - if (!key->session || key->index < 0) { - error_print(); - return -1; - } if (SDF_InternalSign_ECC(key->session, key->index, (unsigned char *)dgst, 32, &ecc_sig) != SDR_OK || SDF_ECCSignature_to_SM2_SIGNATURE(&ecc_sig, &sm2_sig) != SDR_OK) { error_print(); return -1; } + + + + *siglen = 0; if (sm2_signature_to_der(&sm2_sig, &sig, siglen) != 1) { error_print(); @@ -220,15 +253,11 @@ int sdf_sign(SDF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen) int sdf_release_key(SDF_KEY *key) { - if (SDF_ReleasePrivateKeyAccessRight(key->session, key->index) != SDR_OK) { + if (SDF_ReleasePrivateKeyAccessRight(key->session, key->index) != SDR_OK + || SDF_CloseSession(key->session) != SDR_OK) { error_print(); return -1; } - if (SDF_CloseSession(key->session) != SDR_OK) { - error_print(); - return -1; - } - memset(key, 0, sizeof(SDF_KEY)); return 1; } diff --git a/src/sdf/sdf_ext.c b/src/sdf/sdf_ext.c index 5fb75e23..97b0ee57 100644 --- a/src/sdf/sdf_ext.c +++ b/src/sdf/sdf_ext.c @@ -50,6 +50,7 @@ #include #include #include +#include #include #include #include "sdf_int.h" @@ -98,121 +99,112 @@ static table_item_t sdf_pkey_caps[] = { { SGD_SM2_3, "sm2encrypt" } }; -int SDF_PrintDeviceInfo(FILE *out, DEVICEINFO *pstDeviceInfo) +int SDF_PrintDeviceInfo(FILE *fp, const DEVICEINFO *pstDeviceInfo) { size_t i, n; DEVICEINFO buf; DEVICEINFO *devInfo = &buf; + int fmt = 0, ind = 4; memcpy(devInfo, pstDeviceInfo, sizeof(DEVICEINFO)); devInfo->IssuerName[39] = 0; devInfo->DeviceName[15] = 0; devInfo->DeviceSerial[15] = 0; - fprintf(out, " %-18s : %s\n", "Device Name", devInfo->DeviceName); - fprintf(out, " %-18s : %s\n", "Serial Number", devInfo->DeviceSerial); - fprintf(out, " %-18s : %s\n", "Issuer", devInfo->IssuerName); - fprintf(out, " %-18s : %u\n", "Hardware Version", devInfo->DeviceVersion); - fprintf(out, " %-18s : %u\n", "Standard Version", devInfo->StandardVersion); - fprintf(out, " %-18s : ", "Public Key Algors"); + format_print(fp, fmt, ind, "%-18s: %s\n", "Device Name", devInfo->DeviceName); + format_print(fp, fmt, ind, "%-18s: %s\n", "Serial Number", devInfo->DeviceSerial); + format_print(fp, fmt, ind, "%-18s: %s\n", "Issuer", devInfo->IssuerName); + format_print(fp, fmt, ind, "%-18s: %u\n", "Hardware Version", devInfo->DeviceVersion); + format_print(fp, fmt, ind, "%-18s: %u\n", "Standard Version", devInfo->StandardVersion); + format_print(fp, fmt, ind, "%-18s: ", "Public Key Algors"); for (i = n = 0; i < sizeof(sdf_pkey_caps)/sizeof(sdf_pkey_caps[0]); i++) { if ((devInfo->AsymAlgAbility[0] & sdf_pkey_caps[i].id) == sdf_pkey_caps[i].id) { - fprintf(out, "%s%s", n ? "," : "", sdf_pkey_caps[i].name); + format_print(fp, fmt, 0, "%s%s", n ? "," : "", sdf_pkey_caps[i].name); n++; } } - fprintf(out, "\n"); + format_print(fp, fmt, 0, "\n"); - fprintf(out, " %-18s : ", "Ciphers"); + format_print(fp, fmt, ind, "%-18s: ", "Ciphers"); for (i = n = 0; i < sizeof(sdf_cipher_caps)/sizeof(sdf_cipher_caps[0]); i++) { if ((devInfo->SymAlgAbility & sdf_cipher_caps[i].id) == sdf_cipher_caps[i].id) { - fprintf(out, "%s%s", n ? "," : "", sdf_cipher_caps[i].name); + format_print(fp, fmt, 0, "%s%s", n ? "," : "", sdf_cipher_caps[i].name); n++; } } - fprintf(out, "\n"); + format_print(fp, fmt, 0, "\n"); - fprintf(out, " %-18s : ", "Digests"); + format_print(fp, fmt, ind, "%-18s: ", "Digests"); for (i = n = 0; i < sizeof(sdf_digest_caps)/sizeof(sdf_digest_caps[0]); i++) { if ((devInfo->HashAlgAbility & sdf_digest_caps[i].id) == sdf_digest_caps[i].id) { - fprintf(out, "%s%s", n ? "," : "", sdf_digest_caps[i].name); + format_print(fp, fmt, 0, "%s%s", n ? "," : "", sdf_digest_caps[i].name); n++; } } - fprintf(out, "\n"); - fprintf(out, "\n"); - + format_print(fp, fmt, 0, "\n"); return SDR_OK; } -int SDF_PrintRSAPublicKey(FILE *out, RSArefPublicKey *blob) +int SDF_PrintRSAPublicKey(FILE *fp, const RSArefPublicKey *blob) { - (void)fprintf(out, "bits: %d\n", blob->bits); - (void)fprintf(out, "m:\n "); - (void)format_bytes(out, 4, 16, "m", blob->m, sizeof(blob->m)); - (void)fprintf(out, "\n"); - (void)fprintf(out, "e:\n "); - (void)format_bytes(out, 4, 16, "e", blob->e, sizeof(blob->e)); - (void)fprintf(out, "\n"); + int fmt = 0, ind = 4; + (void)format_print(fp, fmt, ind, "bits: %d\n", blob->bits); + (void)format_bytes(fp, fmt, ind, "m", blob->m, sizeof(blob->m)); + (void)format_bytes(fp, fmt, ind, "e", blob->e, sizeof(blob->e)); return SDR_OK; } -int SDF_PrintRSAPrivateKey(FILE *bio, RSArefPrivateKey *blob) +int SDF_PrintRSAPrivateKey(FILE *fp, const RSArefPrivateKey *blob) { - (void)fprintf(bio, "bits: %d", blob->bits); - (void)format_bytes(bio, 4, 16, "m", blob->m, sizeof(blob->m)); - (void)format_bytes(bio, 4, 16, "e", blob->e, sizeof(blob->e)); - (void)format_bytes(bio, 4, 16, "d", blob->d, sizeof(blob->d)); - (void)format_bytes(bio, 4, 16, "prime[0]", blob->prime[0], sizeof(blob->prime[0])); - (void)format_bytes(bio, 4, 16, "prime[1]", blob->prime[1], sizeof(blob->prime[1])); - (void)format_bytes(bio, 4, 16, "pexp[0]", blob->pexp[0], sizeof(blob->pexp[0])); - (void)format_bytes(bio, 4, 16, "pexp[1]", blob->pexp[1], sizeof(blob->pexp[1])); - (void)format_bytes(bio, 4, 16, "coef", blob->coef, sizeof(blob->coef)); - (void)fprintf(bio, "\n"); - + int fmt = 0, ind = 4; + (void)format_print(fp, fmt, ind, "bits: %d", blob->bits); + (void)format_bytes(fp, fmt, ind, "m", blob->m, sizeof(blob->m)); + (void)format_bytes(fp, fmt, ind, "e", blob->e, sizeof(blob->e)); + (void)format_bytes(fp, fmt, ind, "d", blob->d, sizeof(blob->d)); + (void)format_bytes(fp, fmt, ind, "prime[0]", blob->prime[0], sizeof(blob->prime[0])); + (void)format_bytes(fp, fmt, ind, "prime[1]", blob->prime[1], sizeof(blob->prime[1])); + (void)format_bytes(fp, fmt, ind, "pexp[0]", blob->pexp[0], sizeof(blob->pexp[0])); + (void)format_bytes(fp, fmt, ind, "pexp[1]", blob->pexp[1], sizeof(blob->pexp[1])); + (void)format_bytes(fp, fmt, ind, "coef", blob->coef, sizeof(blob->coef)); return SDR_OK; } -int SDF_PrintECCPublicKey(FILE *bio, ECCrefPublicKey *blob) +int SDF_PrintECCPublicKey(FILE *fp, const ECCrefPublicKey *blob) { - (void)fprintf(bio, "bits: %d", blob->bits); - (void)format_bytes(bio, 4, 16, "x", blob->x, sizeof(blob->x)); - (void)format_bytes(bio, 4, 16, "y", blob->y, sizeof(blob->y)); - (void)fprintf(bio, "\n"); - + int fmt = 0, ind = 4; + (void)format_print(fp, fmt, ind, "bits: %d", blob->bits); + (void)format_bytes(fp, fmt, ind, "x", blob->x, sizeof(blob->x)); + (void)format_bytes(fp, fmt, ind, "y", blob->y, sizeof(blob->y)); return SDR_OK; } -int SDF_PrintECCPrivateKey(FILE *bio, ECCrefPrivateKey *blob) +int SDF_PrintECCPrivateKey(FILE *fp, const ECCrefPrivateKey *blob) { - (void)fprintf(bio, "bits: %d", blob->bits); - (void)format_bytes(bio, 4, 16, "K", blob->K, sizeof(blob->K)); - (void)fprintf(bio, "\n"); - + int fmt = 0, ind = 4; + (void)format_print(fp, fmt, ind, "bits: %d", blob->bits); + (void)format_bytes(fp, fmt, ind, "K", blob->K, sizeof(blob->K)); return SDR_OK; } -int SDF_PrintECCCipher(FILE *bio, ECCCipher *blob) +int SDF_PrintECCCipher(FILE *fp, const ECCCipher *blob) { - (void)format_bytes(bio, 4, 16, "x", blob->x, sizeof(blob->x)); - (void)format_bytes(bio, 4, 16, "y", blob->y, sizeof(blob->y)); - (void)format_bytes(bio, 4, 16, "M", blob->M, sizeof(blob->M)); - (void)fprintf(bio, "\nL: %d", blob->L); - (void)format_bytes(bio, 4, 16, "C", blob->C, sizeof(blob->C)); - (void)fprintf(bio, "\n"); - + int fmt = 0, ind = 4; + (void)format_bytes(fp, fmt, ind, "x", blob->x, sizeof(blob->x)); + (void)format_bytes(fp, fmt, ind, "y", blob->y, sizeof(blob->y)); + (void)format_bytes(fp, fmt, ind, "M", blob->M, sizeof(blob->M)); + (void)format_print(fp, fmt, ind, "L: %d", blob->L); + (void)format_bytes(fp, fmt, ind, "C", blob->C, sizeof(blob->C)); return SDR_OK; } -int SDF_PrintECCSignature(FILE *bio, ECCSignature *blob) +int SDF_PrintECCSignature(FILE *fp, const ECCSignature *blob) { - (void)format_bytes(bio, 4, 16, "r", blob->r, sizeof(blob->r)); - (void)format_bytes(bio, 4, 16, "s", blob->s, sizeof(blob->s)); - (void)fprintf(bio, "\n"); - + int fmt = 0, ind = 4; + (void)format_bytes(fp, fmt, ind, "r", blob->r, sizeof(blob->r)); + (void)format_bytes(fp, fmt, ind, "s", blob->s, sizeof(blob->s)); return SDR_OK; } diff --git a/src/sdf/sdf_ext.h b/src/sdf/sdf_ext.h index 0e066600..91b476fe 100644 --- a/src/sdf/sdf_ext.h +++ b/src/sdf/sdf_ext.h @@ -74,12 +74,12 @@ int SDF_UnloadLibrary(void); int SDF_ImportKey(void *hSessionHandle, unsigned char *pucKey, unsigned int uiKeyLength, void **phKeyHandle); -int SDF_PrintDeviceInfo(FILE *out, DEVICEINFO *devInfo); -int SDF_PrintRSAPublicKey(FILE *out, RSArefPublicKey *ref); -int SDF_PrintRSAPrivateKey(FILE *out, RSArefPrivateKey *ref); -int SDF_PrintECCPublicKey(FILE *out, ECCrefPublicKey *ref); -int SDF_PrintECCPrivateKey(FILE *out, ECCrefPrivateKey *ref); -int SDF_NewECCCipher(ECCCipher **cipher, size_t ulDataLen); +int SDF_PrintDeviceInfo(FILE *fp, const DEVICEINFO *devInfo); +int SDF_PrintRSAPublicKey(FILE *fp, const RSArefPublicKey *ref); +int SDF_PrintRSAPrivateKey(FILE *fp, const RSArefPrivateKey *ref); +int SDF_PrintECCPublicKey(FILE *fp, const ECCrefPublicKey *ref); +int SDF_PrintECCPrivateKey(FILE *fp, const ECCrefPrivateKey *ref); +int SDF_NewECCCipher(ECCCipher **cipher, size_t ulDataLen); // FIMXE: 和GmSSL的内存使用方式不同 int SDF_FreeECCCipher(ECCCipher *cipher); int SDF_PrintECCCipher(FILE *out, ECCCipher *cipher); int SDF_PrintECCSignature(FILE *out, ECCSignature *sig); diff --git a/src/sdf/sdf_meth.c b/src/sdf/sdf_meth.c index c172777c..df72da63 100644 --- a/src/sdf/sdf_meth.c +++ b/src/sdf/sdf_meth.c @@ -72,7 +72,8 @@ SDF_METHOD *SDF_METHOD_load_library(const char *so_path) } memset(sdf, 0, sizeof(*sdf)); - if (!(sdf->dso = dlopen(so_path, 0))) { + if (!(sdf->dso = dlopen(so_path, RTLD_LAZY))) { + fprintf(stderr, "%s %d: %s\n", __FILE__, __LINE__, dlerror()); SDFerr(SDF_F_SDF_METHOD_LOAD_LIBRARY, SDF_R_DSO_LOAD_FAILURE); goto end; } diff --git a/src/skf/skf.c b/src/skf/skf.c new file mode 100644 index 00000000..e184c8c5 --- /dev/null +++ b/src/skf/skf.c @@ -0,0 +1,97 @@ +/* + * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include + + +int skf_open_device(SKF_DEVICE *dev, const char *devname, const uint8_t *authkey, size_t authkeylen) +{ + error_print(); + return -1; +} + +int skf_print_device_info(FILE *fp, int fmt, int ind, const char *lable, SKF_DEVICE *dev) +{ + error_print(); + return -1; +} + +int skf_rand_bytes(SKF_DEVICE *dev, uint8_t *buf, size_t len) +{ + error_print(); + return -1; +} + +int sdf_load_key(SKF_DEVICE *dev, const char *appname, const char *pass, const char *container_name, SKF_KEY *key) +{ + error_print(); + return -1; +} + +int skf_sign(SKF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen) +{ + error_print(); + return -1; +} + +int skf_release_key(SKF_KEY *key) +{ + error_print(); + return -1; +} + +int skf_close_deivce(SKF_DEVICE *dev) +{ + error_print(); + return -1; +} + diff --git a/src/sm2_alg.c b/src/sm2_alg.c index 702038ce..702b3273 100644 --- a/src/sm2_alg.c +++ b/src/sm2_alg.c @@ -52,6 +52,7 @@ #include #include #include +#include #include #include @@ -331,19 +332,14 @@ void sm2_bn_sub(SM2_BN ret, const SM2_BN a, const SM2_BN b) sm2_bn_copy(ret, r); } +// FIXME: get random from outside void sm2_bn_rand_range(SM2_BN r, const SM2_BN range) { - FILE *fp; - uint8_t buf[256]; - - fp = fopen("/dev/urandom", "rb"); - + uint8_t buf[32]; do { - fread(buf, 1, 256, fp); + (void)rand_bytes(buf, sizeof(buf)); sm2_bn_from_bytes(r, buf); } while (sm2_bn_cmp(r, range) >= 0); - - fclose(fp); } typedef SM2_BN SM2_Fp;