abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-23 21:53:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

Support VC-WIN32

Browse Source
This commit is contained in:
Zhi Guan
2016-07-04 13:03:03 +02:00
parent f881784b73
commit 09f054b2f2
109 changed files with 16877 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1335
ssl/Makefile.save Normal file
View File

File diff suppressed because it is too large Load Diff

35
ssl/t1_lib.c
View File

@@ -253,7 +253,10 @@ static int nid_list[] = {
NID_secp521r1, /* secp521r1 (25) */
NID_brainpoolP256r1, /* brainpoolP256r1 (26) */
NID_brainpoolP384r1, /* brainpoolP384r1 (27) */
NID_brainpoolP512r1 /* brainpool512r1 (28) */
NID_brainpoolP512r1, /* brainpool512r1 (28) */
#ifndef NO_GMSSL
NID_sm2p256v1, /* sm2p256v1 (29) */
#endif
};
static const unsigned char ecformats_default[] = {
@@ -264,6 +267,9 @@ static const unsigned char ecformats_default[] = {
/* The client's default curves / the server's 'auto' curves. */
static const unsigned char eccurves_auto[] = {
#ifndef NO_GMSSL
0, 29, /* sm2p256v1 (29) */
#endif
/* Prefer P-256 which has the fastest and most secure implementations. */
0, 23, /* secp256r1 (23) */
/* Other >= 256-bit prime curves. */
@@ -285,6 +291,9 @@ static const unsigned char eccurves_auto[] = {
};
static const unsigned char eccurves_all[] = {
#ifndef NO_GMSSL
0, 29, /* sm2p256v1 (29) */
#endif
/* Prefer P-256 which has the fastest and most secure implementations. */
0, 23, /* secp256r1 (23) */
/* Other >= 256-bit prime curves. */
@@ -443,6 +452,10 @@ int tls1_ec_nid2curve_id(int nid)
return 27;
case NID_brainpoolP512r1: /* brainpool512r1 (28) */
return 28;
#ifndef NO_GMSSL
case NID_sm2p256v1: /* sm2p256v1 (29) */
return 29;
#endif
default:
return 0;
}
@@ -3465,13 +3478,20 @@ static tls12_lookup tls12_md[] = {
{NID_sha224, TLSEXT_hash_sha224},
{NID_sha256, TLSEXT_hash_sha256},
{NID_sha384, TLSEXT_hash_sha384},
{NID_sha512, TLSEXT_hash_sha512}
{NID_sha512, TLSEXT_hash_sha512},
#ifndef NO_GMSSL
{NID_sm3, TLSEXT_hash_sm3},
#endif
};
static tls12_lookup tls12_sig[] = {
{EVP_PKEY_RSA, TLSEXT_signature_rsa},
{EVP_PKEY_DSA, TLSEXT_signature_dsa},
{EVP_PKEY_EC, TLSEXT_signature_ecdsa}
#ifndef NO_GMSSL
{EVP_PKEY_EC, TLSEXT_signature_sm2sign},
#else
{EVP_PKEY_EC, TLSEXT_signature_ecdsa},
#endif
};
static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
@@ -3512,6 +3532,7 @@ int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
return 1;
}
//FIXME: to support both ecdsa and sm2sign
int tls12_get_sigid(const EVP_PKEY *pk)
{
return tls12_find_id(pk->type, tls12_sig,
@@ -3546,6 +3567,10 @@ const EVP_MD *tls12_get_hash(unsigned char hash_alg)
case TLSEXT_hash_sha512:
return EVP_sha512();
# endif
# ifndef NO_GMSSL
case TLSEXT_hash_sm3:
return EVP_sm3();
# endif
default:
return NULL;
@@ -3567,6 +3592,10 @@ static int tls12_get_pkey_idx(unsigned char sig_alg)
# ifndef OPENSSL_NO_ECDSA
case TLSEXT_signature_ecdsa:
return SSL_PKEY_ECC;
# endif
# ifndef NO_GMSSL
case TLSEXT_signature_sm2sign:
return SSL_PKEY_ECC;
# endif
}
return -1;

10
ssl/tls1.h
View File

@@ -280,9 +280,12 @@ extern "C" {
# define TLSEXT_signature_rsa 1
# define TLSEXT_signature_dsa 2
# define TLSEXT_signature_ecdsa 3
# ifndef NO_GMSSL
# define TLSEXT_signature_sm2sign 4
# endif
/* Total number of different signature algorithms */
# define TLSEXT_signature_num 4
# define TLSEXT_signature_num 5
# define TLSEXT_hash_none 0
# define TLSEXT_hash_md5 1
@@ -291,10 +294,13 @@ extern "C" {
# define TLSEXT_hash_sha256 4
# define TLSEXT_hash_sha384 5
# define TLSEXT_hash_sha512 6
# ifndef NO_GMSSL
# define TLSEXT_hash_sm3 7
# endif
/* Total number of different digest algorithms */
# define TLSEXT_hash_num 7
# define TLSEXT_hash_num 8
/* Flag set for unrecognised algorithms */
# define TLSEXT_nid_unknown 0x1000000