diff --git a/go/gmssl/engine.go b/go/gmssl/engine.go index 1cf8f8bc..5f989f85 100644 --- a/go/gmssl/engine.go +++ b/go/gmssl/engine.go @@ -7,7 +7,10 @@ package gmssl import "C" import ( + "runtime" "errors" + "unsafe" + "fmt" ) func GetEngineNames() []string { @@ -19,19 +22,63 @@ type Engine struct { } func OpenEngine(name string, args map[string]string) (*Engine, error) { - return nil, errors.New("Not implemented") + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) + + engine := C.ENGINE_by_id(cname) + if engine == nil { + return nil, fmt.Errorf("shit") + } + + ret := &Engine{engine} + runtime.SetFinalizer(ret, func(ret *Engine) { + C.ENGINE_free(ret.engine) + }) + return ret, nil } -func (eng *Engine) ExecuteCommand(cmd_name string, arg string, optinal bool) (string, error) { - return "", errors.New("Not implemented") +func (eng *Engine) ExecuteCommand(cmd_name string, arg string, optinal bool) error { + ccmd := C.CString(cmd_name) + defer C.free(unsafe.Pointer(ccmd)) + carg := C.CString(arg) + defer C.free(unsafe.Pointer(carg)) + + if 1 != C.ENGINE_ctrl_cmd_string(eng.engine, ccmd, carg, 0) { + return errors.New("Not implemented") + } + return nil } func (eng *Engine) LoadPrivateKey(key_id string, args map[string]string) (*PrivateKey, error) { - return nil, errors.New("Not implemented") + cid := C.CString(key_id) + defer C.free(unsafe.Pointer(cid)) + + pkey := C.ENGINE_load_private_key(eng.engine, cid, C.NULL, C.NULL) + if pkey == nil { + return nil, fmt.Errorf("shit") + } + + ret := &PrivateKey{pkey} + runtime.SetFinalizer(ret, func(ret *PrivateKey) { + C.EVP_PKEY_free(ret.pkey) + }) + return ret, nil } func (eng *Engine) LoadPublicKey(key_id string, args map[string]string) (*PublicKey, error) { - return nil, errors.New("Not implemented") + cid := C.CString(key_id) + defer C.free(unsafe.Pointer(cid)) + + pkey := C.ENGINE_load_public_key(eng.engine, cid, C.NULL, C.NULL) + if pkey == nil { + return nil, fmt.Errorf("shit") + } + + ret := &PublicKey{pkey} + runtime.SetFinalizer(ret, func(ret *PublicKey) { + C.EVP_PKEY_free(ret.pkey) + }) + return ret, nil } func (eng *Engine) LoadCertificate(ca_dn []string, args map[string]string) (string, error) { diff --git a/go/gmssl/ibc.go b/go/gmssl/ibc.go index 0c4464da..527fcfab 100644 --- a/go/gmssl/ibc.go +++ b/go/gmssl/ibc.go @@ -1,2 +1,56 @@ /* +build cgo */ package gmssl + +/* +#include +#include +*/ +import "C" + +import ( + "errors" + "unsafe" +) + +func GetIdentityBasedCryptoSchemes(aliases bool) []string { + return []string{"CPK", "SM9", "BFIBE", "BB1IBE"} +} + +type MasterSecret struct { + pkey *C.EVP_PKEY +} + +type PublicParams struct { + pkey *C.EVP_PKEY +} + +func IdentityBasedCryptoSetup() { +} + +func IdentityBasedCryptoExportPrivateKey() { +} + +func IdentityBasedCryptoExportPublicKey() { +} + +func IdentityBasedEncrypt() { +} + +func IdentityBasedDecrypt() { +} + +func IdentityBasedSign() { +} + +func IdentityBasedVerify() { +} + +func GetCipherKeyLength(name string) (int, error) { + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) + cipher := C.EVP_get_cipherbyname(cname) + if cipher == nil { + return 0, errors.New("Invalid cipher name") + + + diff --git a/go/gmssl/otp.go b/go/gmssl/otp.go index 0c4464da..a13e899b 100644 --- a/go/gmssl/otp.go +++ b/go/gmssl/otp.go @@ -1,2 +1,24 @@ /* +build cgo */ package gmssl + +/* +#include +*/ +import "C" + +import ( + "errors" + "fmt" + "runtime" + "unsafe" +) + +func GetOTPAlgors(aliases bool) []string { + return []string{"sms4-cbc", "aes-128-cbc", "aes-256-cbc"} +} + +func GenerateOTPKey() []byte { +} + +func GenerateOneTimePassword() string { +} diff --git a/go/gmssl/pbkdf.go b/go/gmssl/pbkdf.go index bd360679..226cb8b3 100644 --- a/go/gmssl/pbkdf.go +++ b/go/gmssl/pbkdf.go @@ -10,12 +10,27 @@ import ( "errors" ) +/* +int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out); +int EVP_PBE_scrypt(const char *pass, size_t passlen, + const unsigned char *salt, size_t saltlen, + uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, + unsigned char *key, size_t keylen); +*/ + func GetKeyDeriveFunctions(aliases bool) []string { - return []string{"PBKDF2v1", "PBKDFv2", "scrypt"} + return []string{"PBKDF", "PBKDF2", "scrypt"} } -func DeriveKeyFromPassword(scheme string, args map[string]string, password string, salt []byte) ([]byte, error) { - return nil, errors.New("Not implemented") +func DeriveKeyFromPassword(algor string, args map[string]string, password string, salt []byte, keylen int) ([]byte, error) { + if algor == "PBKDF2" { + if 1 != PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, md, keylen, out) { + } + else if algor == "scrypt" { + if 1 != gmssl_scrypt() + } else { + return nil, errors.New("Not implemented") + } } - -