add ec

code need some updates
2026-05-07 00:46:17 +08:00 · 2017-02-15 14:27:41 +08:00
parent b9d27fc4e0
commit 0d7a103151
16 changed files with 5114 additions and 94 deletions
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1372,6 +1372,7 @@ int ERR_load_EC_strings(void);
 # define EC_F_D2I_ECPARAMETERS                            144
 # define EC_F_D2I_ECPKPARAMETERS                          145
 # define EC_F_D2I_ECPRIVATEKEY                            146
+# define EC_F_D2I_SM2_CIPHERTEXT_VALUE                    280
 # define EC_F_DO_EC_KEY_PRINT                             221
 # define EC_F_ECDH_CMS_DECRYPT                            238
 # define EC_F_ECDH_CMS_SET_SHARED_INFO                    239
@@ -1506,6 +1507,7 @@ int ERR_load_EC_strings(void);
 # define EC_F_I2D_ECPARAMETERS                            190
 # define EC_F_I2D_ECPKPARAMETERS                          191
 # define EC_F_I2D_ECPRIVATEKEY                            192
+# define EC_F_I2D_SM2_CIPHERTEXT_VALUE                    281
 # define EC_F_I2O_ECPUBLICKEY                             151
 # define EC_F_NISTP224_PRE_COMP_NEW                       227
 # define EC_F_NISTP256_PRE_COMP_NEW                       236
@@ -1522,12 +1524,38 @@ int ERR_load_EC_strings(void);
 # define EC_F_PKEY_EC_KEYGEN                              199
 # define EC_F_PKEY_EC_PARAMGEN                            219
 # define EC_F_PKEY_EC_SIGN                                218
+# define EC_F_SM2_CIPHERTEXT_VALUE_DECODE                 282
+# define EC_F_SM2_CIPHERTEXT_VALUE_ENCODE                 283
+# define EC_F_SM2_CIPHERTEXT_VALUE_GET_ECIES_CIPHERTEXT_VALUE 284
+# define EC_F_SM2_CIPHERTEXT_VALUE_NEW                    285
+# define EC_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECIES_CIPHERTEXT_VALUE 286
+# define EC_F_SM2_CIPHERTEXT_VALUE_SET_ECIES_CIPHERTEXT_VALUE 287
+# define EC_F_SM2_CIPHERTEXT_VALUE_SIZE                   288
+# define EC_F_SM2_COMPUTE_ID_DIGEST                       289
+# define EC_F_SM2_COMPUTE_MESSAGE_DIGEST                  290
+# define EC_F_SM2_DECRYPT                                 291
+# define EC_F_SM2_DO_DECRYPT                              292
+# define EC_F_SM2_DO_ENCRYPT                              293
+# define EC_F_SM2_DO_SIGN                                 294
+# define EC_F_SM2_DO_VERIFY                               295
+# define EC_F_SM2_ENCRYPT                                 296
+# define EC_F_SM2_ENC_PARAMS_DUP                          297
+# define EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED        298
+# define EC_F_SM2_ENC_PARAMS_NEW                          299
+# define EC_F_SM2_ENC_PARAMS_SET_TYPE                     300
+# define EC_F_SM2_GET_PUBLIC_KEY_DATA                     301
+# define EC_F_SM2_KAP_COMPUTE_KEY                         302
+# define EC_F_SM2_KAP_CTX_INIT                            303
+# define EC_F_SM2_KAP_FINAL_CHECK                         304
+# define EC_F_SM2_KAP_PREPARE                             305
+# define EC_F_SM2_SIGN_SETUP                              306

 /* Reason codes. */
 # define EC_R_ASN1_ERROR                                  115
 # define EC_R_BAD_SIGNATURE                               156
 # define EC_R_BIGNUM_OUT_OF_RANGE                         144
 # define EC_R_BUFFER_TOO_SMALL                            100
+# define EC_R_CIPHERTEXT_ENCODE_FAILED                    173
 # define EC_R_CMAC_FINAL_FAILURE                          136
 # define EC_R_CMAC_INIT_FAILURE                           153
 # define EC_R_CMAC_UPDATE_FAILURE                         162
@@ -1544,33 +1572,46 @@ int ERR_load_EC_strings(void);
 # define EC_R_ECIES_VERIFY_MAC_FAILURE                    167
 # define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE                119
 # define EC_R_ENCRYPT_FAILED                              168
+# define EC_R_ERROR                                       174
 # define EC_R_FIELD_TOO_LARGE                             143
 # define EC_R_GEN_MAC_FAILED                              169
+# define EC_R_GET_CIPHERTEXT_SIZE_FAILED                  175
+# define EC_R_GET_KDF_FAILED                              176
+# define EC_R_GET_PUBLIC_KEY_DATA_FAILURE                 177
 # define EC_R_GF2M_NOT_SUPPORTED                          147
 # define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
 # define EC_R_HMAC_FAILURE                                170
 # define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
 # define EC_R_INCOMPATIBLE_OBJECTS                        101
+# define EC_R_INNOR_ERROR                                 178
 # define EC_R_INVALID_ARGUMENT                            112
 # define EC_R_INVALID_COMPRESSED_POINT                    110
 # define EC_R_INVALID_COMPRESSION_BIT                     109
 # define EC_R_INVALID_CURVE                               141
 # define EC_R_INVALID_DIGEST                              151
+# define EC_R_INVALID_DIGEST_ALGOR                        179
 # define EC_R_INVALID_DIGEST_TYPE                         138
 # define EC_R_INVALID_ECIES_CIPHERTEXT                    171
 # define EC_R_INVALID_ECIES_PARAMETERS                    172
+# define EC_R_INVALID_EC_KEY                              180
 # define EC_R_INVALID_ENCODING                            102
 # define EC_R_INVALID_FIELD                               103
 # define EC_R_INVALID_FORM                                104
 # define EC_R_INVALID_GROUP_ORDER                         122
+# define EC_R_INVALID_ID_LENGTH                           181
+# define EC_R_INVALID_KDF_MD                              182
 # define EC_R_INVALID_KEY                                 116
 # define EC_R_INVALID_OUTPUT_LENGTH                       161
 # define EC_R_INVALID_PEER_KEY                            133
 # define EC_R_INVALID_PENTANOMIAL_BASIS                   132
 # define EC_R_INVALID_PRIVATE_KEY                         123
+# define EC_R_INVALID_SM2_ID                              183
+# define EC_R_INVALID_SM2_KAP_CHECKSUM_LENGTH             184
+# define EC_R_INVALID_SM2_KAP_CHECKSUM_VALUE              185
 # define EC_R_INVALID_TRINOMIAL_BASIS                     137
 # define EC_R_KDF_PARAMETER_ERROR                         148
 # define EC_R_KEYS_NOT_SET                                140
+# define EC_R_MALLOC_FAILED                               186
 # define EC_R_MISSING_PARAMETERS                          124
 # define EC_R_MISSING_PRIVATE_KEY                         125
 # define EC_R_NEED_NEW_SETUP_VALUES                       157
@@ -1579,16 +1620,21 @@ int ERR_load_EC_strings(void);
 # define EC_R_NOT_INITIALIZED                             111
 # define EC_R_NO_PARAMETERS_SET                           139
 # define EC_R_NO_PRIVATE_VALUE                            154
+# define EC_R_NULL_ARGUMENT                               187
+# define EC_R_OCT2POINT_FAILED                            188
 # define EC_R_OPERATION_NOT_SUPPORTED                     152
 # define EC_R_PASSED_NULL_PARAMETER                       134
 # define EC_R_PEER_KEY_ERROR                              149
 # define EC_R_PKPARAMETERS2GROUP_FAILURE                  127
+# define EC_R_POINT2OCT_FAILED                            189
 # define EC_R_POINT_ARITHMETIC_FAILURE                    155
 # define EC_R_POINT_AT_INFINITY                           106
 # define EC_R_POINT_IS_NOT_ON_CURVE                       107
+# define EC_R_POINT_NEW_FAILED                            190
 # define EC_R_RANDOM_NUMBER_GENERATION_FAILED             158
 # define EC_R_SHARED_INFO_ERROR                           150
 # define EC_R_SLOT_FULL                                   108
+# define EC_R_SM2_KAP_NOT_INITED                          191
 # define EC_R_UNDEFINED_GENERATOR                         113
 # define EC_R_UNDEFINED_ORDER                             128
 # define EC_R_UNKNOWN_GROUP                               129
--- a/include/openssl/sm2.h
+++ b/include/openssl/sm2.h
@@ -0,0 +1,226 @@
+/* ====================================================================
+ * Copyright (c) 2015 - 2016 The GmSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the GmSSL Project.
+ *    (http://gmssl.org/)"
+ *
+ * 4. The name "GmSSL Project" must not be used to endorse or promote
+ *    products derived from this software without prior written
+ *    permission. For written permission, please contact
+ *    guanzhi1980@gmail.com.
+ *
+ * 5. Products derived from this software may not be called "GmSSL"
+ *    nor may "GmSSL" appear in their names without prior written
+ *    permission of the GmSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the GmSSL Project
+ *    (http://gmssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_SM2_H
+#define HEADER_SM2_H
+
+#include <openssl/ec.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/kdf2.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/ecdsa.h>
+#include <openssl/sm3.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#define SM2_MAX_ID_BITS				65535
+#define SM2_MAX_ID_LENGTH			(SM2_MAX_ID_BITS/8)
+
+#define SM2_DEFAULT_ID_GMT09			"1234567812345678"
+#define SM2_DEFAULT_ID_GMSSL			"anonym@gmssl.org"
+#define SM2_DEFAULT_ID				SM2_DEFAULT_ID_GMSSL
+#define SM2_DEFAULT_ID_LENGTH			(sizeof(SM2_DEFAULT_ID) - 1)
+#define SM2_DEFAULT_ID_BITS			(SM2_DEFAULT_ID_LENGTH * 8)
+#define SM2_ID_DIGEST_LENGTH			SM3_DIGEST_LENGTH
+
+#define SM2_DEFAULT_POINT_CONVERSION_FORM	POINT_CONVERSION_UNCOMPRESSED
+
+#define SM2_MAX_PKEY_DATA_LENGTH		((EC_MAX_NBYTES + 1) * 6)
+
+
+
+int SM2_get_public_key_data(EC_KEY *ec_key, unsigned char *out, size_t *outlen);
+
+int SM2_compute_id_digest(const EVP_MD *md, const char *id, size_t idlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+
+/*
+ * Generate GM/T 0003.2-2012 message digest for SM2 signature scheme.
+ * Return dgst = msg_md( id_md(id, ec_key) || msg )
+ */
+int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md,
+	const unsigned char *msg, size_t msglen, const char *id, size_t idlen,
+	unsigned char *out, size_t *outlen,
+	EC_KEY *ec_key);
+
+
+typedef struct sm2_enc_params_st {
+	const EVP_MD *kdf_md;
+	const EVP_MD *mac_md;
+	point_conversion_form_t point_form;
+} SM2_ENC_PARAMS;
+
+
+/* SM2_ENC_PARAMS_dup() is used by ec_pmeth.c,
+ * so the SM2_ENC_PARAMS_new() and SM2_ENC_PARAMS_free() is also provided
+ */
+SM2_ENC_PARAMS *SM2_ENC_PARAMS_new(void);
+SM2_ENC_PARAMS *SM2_ENC_PARAMS_dup(const SM2_ENC_PARAMS *param);
+void SM2_ENC_PARAMS_free(SM2_ENC_PARAMS *param);
+
+int SM2_ENC_PARAMS_init_with_recommended(SM2_ENC_PARAMS *param);
+
+
+typedef struct sm2_ciphertext_value_st {
+	EC_POINT *ephem_point;
+	unsigned char *ciphertext;
+	size_t ciphertext_size;
+	unsigned char mactag[EVP_MAX_MD_SIZE];
+	unsigned int mactag_size;
+} SM2_CIPHERTEXT_VALUE;
+
+int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
+	const SM2_ENC_PARAMS *params, size_t mlen);
+
+SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new(const EC_GROUP *group);
+void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv);
+int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
+	const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
+	unsigned char *buf, size_t *buflen);
+SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
+	const SM2_ENC_PARAMS *params, const unsigned char *buf, size_t buflen);
+
+int i2d_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
+	const SM2_CIPHERTEXT_VALUE *c, unsigned char **out);
+SM2_CIPHERTEXT_VALUE *d2i_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
+	SM2_CIPHERTEXT_VALUE **c, const unsigned char **in, long len);
+
+int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
+	const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags);
+
+SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const SM2_ENC_PARAMS *params,
+	const unsigned char *in, size_t inlen, EC_KEY *ec_key);
+int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
+	const SM2_CIPHERTEXT_VALUE *in, unsigned char *out, size_t *outlen,
+	EC_KEY *ec_key);
+int SM2_encrypt(const SM2_ENC_PARAMS *params,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen,
+	EC_KEY *ec_key);
+int SM2_decrypt(const SM2_ENC_PARAMS *params,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen,
+	EC_KEY *ec_key);
+
+
+int SM2_encrypt_with_recommended(const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+int SM2_decrypt_with_recommended(const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+
+
+int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
+ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
+	const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
+ECDSA_SIG *SM2_do_sign(const unsigned char *dgst, int dgst_len,
+	EC_KEY *ec_key);
+int SM2_do_verify(const unsigned char *dgst, int dgstlen,
+	const ECDSA_SIG *sig, EC_KEY *ec_key);
+int SM2_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+	unsigned char *sig, unsigned int *siglen,
+	const BIGNUM *k, const BIGNUM *x, EC_KEY *ec_key);
+int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
+	unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
+	const unsigned char *sig, int siglen, EC_KEY *ec_key);
+
+
+typedef struct sm2_kap_ctx_st {
+
+	const EVP_MD *id_dgst_md;
+	const EVP_MD *kdf_md;
+	const EVP_MD *checksum_md;
+	point_conversion_form_t point_form;
+	KDF_FUNC kdf;
+
+	int is_initiator;
+	int do_checksum;
+
+	EC_KEY *ec_key;
+	unsigned char id_dgst[EVP_MAX_MD_SIZE];
+	unsigned int id_dgstlen;
+
+	EC_KEY *remote_pubkey;
+	unsigned char remote_id_dgst[EVP_MAX_MD_SIZE];
+	unsigned int remote_id_dgstlen;
+
+	const EC_GROUP *group;
+	BN_CTX *bn_ctx;
+	BIGNUM *order;
+	BIGNUM *two_pow_w;
+
+	BIGNUM *t;
+	EC_POINT *point;
+	unsigned char pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4];
+	unsigned char checksum[EVP_MAX_MD_SIZE];
+} SM2_KAP_CTX;
+
+int SM2_KAP_CTX_init(SM2_KAP_CTX *ctx,
+	EC_KEY *ec_key, const char *id, size_t idlen,
+	EC_KEY *remote_pubkey, const char *rid, size_t ridlen,
+	int is_initiator, int do_checksum);
+int SM2_KAP_prepare(SM2_KAP_CTX *ctx, unsigned char *ephem_point,
+	size_t *ephem_point_len);
+int SM2_KAP_compute_key(SM2_KAP_CTX *ctx, const unsigned char *remote_ephem_point,
+	size_t remote_ephem_point_len, unsigned char *key, size_t keylen,
+	unsigned char *checksum, size_t *checksumlen);
+int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum,
+	size_t checksumlen);
+void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx);
+
+
+#ifdef  __cplusplus
+}
+#endif
+#endif