abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-30 14:42:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update

Browse Source 
remove ECRS, EC-Schnorr modules
This commit is contained in:
Zhi Guan
2019-06-13 17:02:51 +08:00
parent 246867fd2b
commit 24f8a17c63
27 changed files with 5769 additions and 6939 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/ec/ec_err.c
View File

@@ -215,7 +215,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
"EC_POINT_set_Jprojective_coordinates_GFp"},
{ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
{ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "ec_pre_comp_new"},
{ERR_FUNC(EC_F_EC_SCHNORR_SIGN), "ec_schnorr_sign"},
{ERR_FUNC(EC_F_EC_TYPE1CURVE_TATE), "EC_type1curve_tate"},
{ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
{ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},

2
crypto/ecrs/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=ecrs_err.c ecrs_asn1.c ecrs_lib.c

65
crypto/ecrs/ecrs_asn1.c
View File

@@ -1,65 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/ecrs.h>
#include "./ecrs_lcl.h"
ASN1_SEQUENCE(ECRS_SIG) = {
ASN1_SIMPLE(ECRS_SIG, s, BIGNUM),
ASN1_SEQUENCE_OF(ECRS_SIG, c, BIGNUM),
} ASN1_SEQUENCE_END(ECRS_SIG)
IMPLEMENT_ASN1_FUNCTIONS(ECRS_SIG)
IMPLEMENT_ASN1_DUP_FUNCTION(ECRS_SIG)
int ECRS_size(const EC_KEY *ec_key, int n)
{
return 128 * n;
}

52
crypto/ecrs/ecrs_err.c
View File

@@ -1,52 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ecrs.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECRS,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECRS,0,reason)
static ERR_STRING_DATA ECRS_str_functs[] = {
{ERR_FUNC(ECRS_F_ECRS_DO_SIGN), "ECRS_do_sign"},
{ERR_FUNC(ECRS_F_ECRS_DO_VERIFY), "ECRS_do_verify"},
{ERR_FUNC(ECRS_F_ECRS_SIGN), "ECRS_sign"},
{ERR_FUNC(ECRS_F_ECRS_VERIFY), "ECRS_verify"},
{0, NULL}
};
static ERR_STRING_DATA ECRS_str_reasons[] = {
{ERR_REASON(ECRS_R_EC_KEY_NOT_MATCH), "ec key not match"},
{ERR_REASON(ECRS_R_INVALID_DIGEST_ALGOR), "invalid digest algor"},
{ERR_REASON(ECRS_R_NO_SIGNING_KEY), "no signing key"},
{ERR_REASON(ECRS_R_PARSE_SIGNATURE_FAILURE), "parse signature failure"},
{ERR_REASON(ECRS_R_PUBLIC_KEYS_NOT_MATCH), "public keys not match"},
{ERR_REASON(ECRS_R_PUBLIC_KEYS_NOT_MATCH_SIG),
"public keys not match sig"},
{0, NULL}
};
#endif
int ERR_load_ECRS_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECRS_str_functs[0].error) == NULL) {
ERR_load_strings(0, ECRS_str_functs);
ERR_load_strings(0, ECRS_str_reasons);
}
#endif
return 1;
}

56
crypto/ecrs/ecrs_lcl.h
View File

@@ -1,56 +0,0 @@
/*
* Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <openssl/bn.h>
#include <openssl/stack.h>
struct ECRS_SIG_st {
BIGNUM *s;
STACK_OF(BIGNUM) *c;
};

411
crypto/ecrs/ecrs_lib.c
View File

@@ -1,411 +0,0 @@
/*
* Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <openssl/err.h>
#include <openssl/ecrs.h>
#include "./ecrs_lcl.h"
ECRS_SIG *ECRS_do_sign(const EVP_MD *md, const unsigned char *dgst,
int dgstlen, STACK_OF(EC_KEY) *pub_keys, EC_KEY *ec_key)
{
ECRS_SIG *ret = NULL;
ECRS_SIG *sig = NULL;
const EC_GROUP *group;
const BIGNUM *order;
BIGNUM *ck = NULL; /* ref of STACK_OF(BIGNUM) elements, dont free */
BIGNUM *a = NULL;
BIGNUM *c = NULL;
BIGNUM *z = NULL;
BN_CTX *bn_ctx = NULL;
EC_POINT *R = NULL;
EC_POINT *T = NULL;
EVP_MD_CTX *mctx = NULL;
int form = POINT_CONVERSION_UNCOMPRESSED;
unsigned char buf[512];
unsigned char *p = buf;
unsigned int ulen;
size_t siz;
int len, i;
group = EC_KEY_get0_group(ec_key);
order = EC_GROUP_get0_order(group);
if (!(sig = ECRS_SIG_new())
|| !(sig->s = BN_new())
|| !(sig->c = sk_BIGNUM_new(NULL))
|| !(a = BN_new())
|| !(c = BN_new())
|| !(z = BN_new())
|| !(bn_ctx = BN_CTX_new())
|| !(R = EC_POINT_new(group))
|| !(T = EC_POINT_new(group))
|| !(mctx = EVP_MD_CTX_new())) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto end;
}
/* hash update ECParameters */
if (!(len = i2d_ECPKParameters(group, &p))) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestInit_ex(mctx, md, NULL)
|| !EVP_DigestUpdate(mctx, buf, len)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EVP_LIB);
goto end;
}
/* a = rand(1, order) */
do {
if (!BN_rand_range(a, order)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
} while (BN_is_zero(a));
/* R = [a]G */
if (!EC_POINT_mul(group, R, a, NULL, NULL, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
for (i = 0; i < sk_EC_KEY_num(pub_keys); i++) {
const EC_KEY *pub_key = sk_EC_KEY_value(pub_keys, i);
const EC_POINT *Pi = EC_KEY_get0_public_key(pub_key);
BIGNUM *ci;
/* check P_i */
if (EC_GROUP_cmp(EC_KEY_get0_group(pub_key), group, bn_ctx) != 0) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ECRS_R_EC_KEY_NOT_MATCH);
goto end;
}
/* hash update P_i = (x_i, y_i) */
if (!(siz = EC_POINT_point2oct(group, Pi, form, buf,
sizeof(buf), bn_ctx))) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestUpdate(mctx, buf + 1, siz - 1)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EVP_LIB);
goto end;
}
/* create c_i */
if (!(ci = BN_new())) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto end;
}
sk_BIGNUM_push(sig->c, ci);
/* find signer's public key */
if (EC_POINT_cmp(group, Pi, EC_KEY_get0_public_key(ec_key),
bn_ctx) == 0) {
if (ck) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_ECRS_LIB);
goto end;
}
ck = ci;
continue;
}
/* c_i = rand(1, order) */
do {
if (!BN_rand_range(ci, order)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
} while (BN_is_zero(ci));
/* R = R + [c_i]P_i */
if (!EC_POINT_mul(group, T, NULL, Pi, ci, bn_ctx)
|| !EC_POINT_add(group, R, R, T, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
/* z = z + c_i */
if (!BN_mod_add(z, z, ci, order, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
}
/* no signing private key found */
if (!ck) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ECRS_R_NO_SIGNING_KEY);
goto end;
}
/* hash update dgst and R */
if (!(siz = EC_POINT_point2oct(group, R, form, buf, sizeof(buf),
bn_ctx))) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestUpdate(mctx, dgst, dgstlen)
|| !EVP_DigestUpdate(mctx, buf + 1, siz - 1)
|| !EVP_DigestFinal_ex(mctx, buf, &ulen)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_EVP_LIB);
goto end;
}
/* c = hash({Pi}, Hash(m), R) mod #G */
if (!BN_bin2bn(buf, ulen, c)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
/* c_k = c - (c_0 + ... + c_{k-1} + c_{k+1} + ... + c_{n-1}) mod #G */
if (!BN_mod_sub(ck, c, z, order, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
/* sig->s = a - c_k * x_k mod #G */
if (!BN_mod_mul(sig->s, ck, EC_KEY_get0_private_key(ec_key), order, bn_ctx)
|| !BN_mod_sub(sig->s, a, sig->s, order, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
ret = sig;
sig = NULL;
end:
ECRS_SIG_free(sig);
BN_free(a);
BN_free(c);
BN_CTX_free(bn_ctx);
EC_POINT_free(R);
EC_POINT_free(T);
EVP_MD_CTX_free(mctx);
return ret;
}
/*
* Verify(m, sig=(s, c_0, ..., c_{n-1}, {P_i}):
* R = [s]G + [c_0]P_0 + ... + [c_{n-1}]P_{n-1}
* c = c_0 + ... + c_{n-1}
* h = Hash({P_i}, Hash(m), R)
* return c =?= h
*/
int ECRS_do_verify(const EVP_MD *md, const unsigned char *dgst, int dgstlen,
const ECRS_SIG *sig, STACK_OF(EC_KEY) *pub_keys)
{
int ret = -1;
const EC_GROUP *group = NULL;
const BIGNUM *order = NULL;
BIGNUM *c = NULL;
BIGNUM *h = NULL;
BN_CTX *bn_ctx = NULL;
EC_POINT *R = NULL;
EC_POINT *T = NULL;
EVP_MD_CTX *mctx = NULL;
int form = POINT_CONVERSION_UNCOMPRESSED;
unsigned char buf[512];
unsigned char *p = buf;
unsigned int ulen;
size_t siz;
int len, i;
if (sk_BIGNUM_num(sig->c) != sk_EC_KEY_num(pub_keys)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ECRS_R_PUBLIC_KEYS_NOT_MATCH_SIG);
return -1;
}
group = EC_KEY_get0_group(sk_EC_KEY_value(pub_keys, 0));
order = EC_GROUP_get0_order(group);
if (!(c = BN_new())
|| !(h = BN_new())
|| !(bn_ctx = BN_CTX_new())
|| !(R = EC_POINT_new(group))
|| !(T = EC_POINT_new(group))
|| !(mctx = EVP_MD_CTX_new())) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto end;
}
/* hash update ECParameters */
/* hash update ECParameters */
if (!(len = i2d_ECPKParameters(group, &p))) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestInit_ex(mctx, md, NULL)
|| !EVP_DigestUpdate(mctx, buf, len)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EVP_LIB);
goto end;
}
/* R = [s]G */
if (!EC_POINT_mul(group, R, sig->s, NULL, NULL, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
for (i = 0; i < sk_BIGNUM_num(sig->c); i++) {
EC_KEY *ec_key = sk_EC_KEY_value(pub_keys, i);
const EC_POINT *Pi = EC_KEY_get0_public_key(ec_key);
BIGNUM *ci = sk_BIGNUM_value(sig->c, i);
/* check Pi */
if (EC_GROUP_cmp(EC_KEY_get0_group(ec_key), group, bn_ctx) != 0) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ECRS_R_PUBLIC_KEYS_NOT_MATCH);
goto end;
}
/* hash update P_i = (x_i, y_i) */
if (!(siz = EC_POINT_point2oct(group, Pi, form, buf,
sizeof(buf), bn_ctx))) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestUpdate(mctx, buf + 1, siz - 1)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EVP_LIB);
goto end;
}
/* R = R + [c_i]P_i */
if (!EC_POINT_mul(group, T, NULL, Pi, ci, bn_ctx)
|| !EC_POINT_add(group, R, R, T, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
/* c = c + c_i mod #G */
if (!BN_mod_add(c, c, ci, order, bn_ctx)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
}
/* hash update dgst and R */
if (!(siz = EC_POINT_point2oct(group, R, form, buf, sizeof(buf),
bn_ctx))) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestUpdate(mctx, dgst, dgstlen)
|| !EVP_DigestUpdate(mctx, buf + 1, siz - 1)
|| !EVP_DigestFinal_ex(mctx, buf, &ulen)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_EVP_LIB);
goto end;
}
/* h = hash({Pi}, Hash(m), R) mod #G */
if (!BN_bin2bn(buf, ulen, h)) {
ECRSerr(ECRS_F_ECRS_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
//FIXME: h mod #G */
if (BN_cmp(h, c) == 0)
ret = 1;
else
ret = 0;
end:
BN_free(c);
BN_free(h);
BN_CTX_free(bn_ctx);
EC_POINT_free(R);
EC_POINT_free(T);
EVP_MD_CTX_free(mctx);
return ret;
}
int ECRS_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, STACK_OF(EC_KEY) *pub_keys,
EC_KEY *ec_key)
{
const EVP_MD *md;
ECRS_SIG *s = NULL;
if (!(md = EVP_get_digestbynid(type))) {
ECRSerr(ECRS_F_ECRS_SIGN, ECRS_R_INVALID_DIGEST_ALGOR);
return 0;
}
if (!(s = ECRS_do_sign(md, dgst, dgstlen, pub_keys, ec_key))) {
ECRSerr(ECRS_F_ECRS_SIGN, ERR_R_ECRS_LIB);
return 0;
}
*siglen = i2d_ECRS_SIG(s, &sig);
ECRS_SIG_free(s);
return 1;
}
int ECRS_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, STACK_OF(EC_KEY) *pub_keys)
{
const EVP_MD *md;
ECRS_SIG *s = NULL;
const unsigned char *p = sig;
int ret = -1;
if (!(s = d2i_ECRS_SIG(NULL, &p, siglen))) {
ECRSerr(ECRS_F_ECRS_VERIFY, ECRS_R_PARSE_SIGNATURE_FAILURE);
return -1;
}
if (p != sig + siglen) {
ECRSerr(ECRS_F_ECRS_VERIFY, ECRS_R_PARSE_SIGNATURE_FAILURE);
goto end;
}
ret = ECRS_do_verify(md, dgst, dgstlen, s, pub_keys);
end:
ECRS_SIG_free(s);
return ret;
}

2
crypto/err/err.c
View File

@@ -74,7 +74,6 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_SKF, 0, 0), "SKF routines"},
{ERR_PACK(ERR_LIB_SOF, 0, 0), "SOF routines"},
{ERR_PACK(ERR_LIB_BASE58, 0, 0), "BASE58 routines"},
{ERR_PACK(ERR_LIB_ECRS, 0, 0), "ECRS routines"},
{0, NULL},
};
@@ -134,7 +133,6 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_SKF_LIB, "SKF lib"},
{ERR_R_SOF_LIB, "SOF lib"},
{ERR_R_BASE58_LIB, "BASE58 lib"},
{ERR_R_ECRS_LIB, "ECRS lib"},
{ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
{ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},

6
crypto/err/err_all.c
View File

@@ -108,9 +108,6 @@
#ifndef OPENSSL_NO_BASE58
# include <openssl/base58.h>
#endif
#ifndef OPENSSL_NO_ECRS
# include <openssl/ecrs.h>
#endif
int err_load_crypto_strings_int(void)
@@ -221,9 +218,6 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_BASE58
ERR_load_BASE58_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_ECRS
ERR_load_ECRS_strings() == 0 ||
# endif
#endif
ERR_load_KDF_strings() == 0)
return 0;

1
crypto/err/openssl.ec
View File

@@ -50,7 +50,6 @@ L SDF include/openssl/gmsdf.h crypto/sdf/sdf_err.c
L SKF include/openssl/gmskf.h crypto/skf/skf_err.c
L SOF include/openssl/gmsof.h crypto/sof/sof_err.c
L BASE58 include/openssl/base58.h crypto/base58/base58_err.c
L ECRS include/openssl/ecrs.h crypto/ecrs/ecrs_err.c
# additional header files to be scanned for function names
L NONE crypto/x509/x509_vfy.h NONE

71
crypto/schnorr/ecschnorr_asn1.c
View File

@@ -1,71 +0,0 @@
/*
* Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <string.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include <openssl/ecschnorr.h>
#include "ecschnorr_lcl.h"
ASN1_SEQUENCE(ECSCHNORR_SIG) = {
ASN1_SIMPLE(ECSCHNORR_SIG, R, ASN1_OCTET_STRING),
ASN1_SIMPLE(ECSCHNORR_SIG, s, BIGNUM),
} ASN1_SEQUENCE_END(ECSCHNORR_SIG)
IMPLEMENT_ASN1_FUNCTIONS(ECSCHNORR_SIG)
IMPLEMENT_ASN1_DUP_FUNCTION(ECSCHNORR_SIG)
int ECSCHNORR_size(const EC_KEY *ec_key)
{
return 0;
}

53
crypto/schnorr/ecschnorr_lcl.h
View File

@@ -1,53 +0,0 @@
/*
* Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
struct ECSCHNORR_SIG_st {
ASN1_OCTET_STRING *R; /* R = [k]G */
BIGNUM *s; /* s = k + e * x, e = H(R || P || M) */
};

77
crypto/schnorr/ecschnorr_lib.c
View File

@@ -1,77 +0,0 @@
/* ====================================================================
* Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/ecschnorr.h>
#include "ecschnorr_lcl.h"
ECSCHNORR_SIG *ECSCHNORR_do_sign(const EVP_MD *md,
const unsigned char *dgst, int dgst_len, EC_KEY *ec_key)
{
return NULL;
}
int ECSCHNORR_do_verify(const EVP_MD *md,
const unsigned char *dgst, int dgstlen,
const ECSCHNORR_SIG *sig, EC_KEY *ec_key)
{
return -1;
}
int ECSCHNORR_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey)
{
return 0;
}
int ECSCHNORR_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *ec_key)
{
return -1;
}

103
crypto/sm3/sm3.c
View File

@@ -46,6 +46,10 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* This implementation is a very straitforward implementaton of the SM3
* specification without any optimization tricks. It is also designed
* as a standalone module that can be ported.
*/
#include <string.h>
#include <openssl/sm3.h>
@@ -53,6 +57,7 @@
void sm3_init(sm3_ctx_t *ctx)
{
memset(ctx, 0, sizeof(*ctx));
ctx->digest[0] = 0x7380166F;
ctx->digest[1] = 0x4914B2B9;
ctx->digest[2] = 0x172442D7;
@@ -61,12 +66,9 @@ void sm3_init(sm3_ctx_t *ctx)
ctx->digest[5] = 0x163138AA;
ctx->digest[6] = 0xE38DEE4D;
ctx->digest[7] = 0xB0FB0E4E;
ctx->nblocks = 0;
ctx->num = 0;
}
void sm3_update(sm3_ctx_t *ctx, const unsigned char* data, size_t data_len)
void sm3_update(sm3_ctx_t *ctx, const unsigned char *data, size_t data_len)
{
if (ctx->num) {
unsigned int left = SM3_BLOCK_SIZE - ctx->num;
@@ -119,24 +121,20 @@ void sm3_final(sm3_ctx_t *ctx, unsigned char *digest)
}
}
#define ROTATELEFT(X,n) (((X)<<(n)) | ((X)>>(32-(n))))
#define ROTL(x,n) (((x)<<(n)) | ((x)>>(32-(n))))
#define P0(x) ((x) ^ ROTL((x), 9) ^ ROTL((x),17))
#define P1(x) ((x) ^ ROTL((x),15) ^ ROTL((x),23))
#define P0(x) ((x) ^ ROTATELEFT((x),9) ^ ROTATELEFT((x),17))
#define P1(x) ((x) ^ ROTATELEFT((x),15) ^ ROTATELEFT((x),23))
#define FF0(x,y,z) ( (x) ^ (y) ^ (z))
#define FF1(x,y,z) (((x) & (y)) | ( (x) & (z)) | ( (y) & (z)))
#define GG0(x,y,z) ( (x) ^ (y) ^ (z))
#define GG1(x,y,z) (((x) & (y)) | ( (~(x)) & (z)) )
#define FF00(x,y,z) ((x) ^ (y) ^ (z))
#define FF16(x,y,z) (((x)&(y)) | ((x)&(z)) | ((y)&(z)))
#define GG00(x,y,z) ((x) ^ (y) ^ (z))
#define GG16(x,y,z) (((x)&(y)) | ((~(x))&(z)))
#define T00 0x79CC4519
#define T16 0x7A879D8A
void sm3_compress(uint32_t digest[8], const unsigned char block[64])
{
int j;
uint32_t W[68], W1[64];
const uint32_t *pblock = (const uint32_t *)block;
uint32_t A = digest[0];
uint32_t B = digest[1];
uint32_t C = digest[2];
@@ -145,48 +143,48 @@ void sm3_compress(uint32_t digest[8], const unsigned char block[64])
uint32_t F = digest[5];
uint32_t G = digest[6];
uint32_t H = digest[7];
uint32_t SS1,SS2,TT1,TT2,T[64];
const uint32_t *pblock = (const uint32_t *)block;
uint32_t W[68], W1[64];
uint32_t SS1, SS2, TT1, TT2;
int j;
for (j = 0; j < 16; j++)
W[j] = cpu_to_be32(pblock[j]);
for (; j < 68; j++)
W[j] = P1(W[j - 16] ^ W[j - 9] ^ ROTL(W[j - 3], 15))
^ ROTL(W[j - 13], 7) ^ W[j - 6];
for(j = 0; j < 64; j++)
W1[j] = W[j] ^ W[j + 4];
for (j = 0; j < 16; j++) {
W[j] = cpu_to_be32(pblock[j]);
}
for (j = 16; j < 68; j++) {
W[j] = P1( W[j-16] ^ W[j-9] ^ ROTATELEFT(W[j-3],15)) ^ ROTATELEFT(W[j - 13],7 ) ^ W[j-6];;
}
for( j = 0; j < 64; j++) {
W1[j] = W[j] ^ W[j+4];
}
for(j =0; j < 16; j++) {
T[j] = 0x79CC4519;
SS1 = ROTATELEFT((ROTATELEFT(A,12) + E + ROTATELEFT(T[j],j)), 7);
SS2 = SS1 ^ ROTATELEFT(A,12);
TT1 = FF0(A,B,C) + D + SS2 + W1[j];
TT2 = GG0(E,F,G) + H + SS1 + W[j];
SS1 = ROTL((ROTL(A, 12) + E + ROTL(T00, j)), 7);
SS2 = SS1 ^ ROTL(A, 12);
TT1 = FF00(A, B, C) + D + SS2 + W1[j];
TT2 = GG00(E, F, G) + H + SS1 + W[j];
D = C;
C = ROTATELEFT(B,9);
C = ROTL(B, 9);
B = A;
A = TT1;
H = G;
G = ROTATELEFT(F,19);
G = ROTL(F, 19);
F = E;
E = P0(TT2);
}
for(j =16; j < 64; j++) {
T[j] = 0x7A879D8A;
SS1 = ROTATELEFT((ROTATELEFT(A,12) + E + ROTATELEFT(T[j],j%32)), 7);
SS2 = SS1 ^ ROTATELEFT(A,12);
TT1 = FF1(A,B,C) + D + SS2 + W1[j];
TT2 = GG1(E,F,G) + H + SS1 + W[j];
for (; j < 64; j++) {
SS1 = ROTL((ROTL(A, 12) + E + ROTL(T16, j % 32)), 7);
SS2 = SS1 ^ ROTL(A, 12);
TT1 = FF16(A, B, C) + D + SS2 + W1[j];
TT2 = GG16(E, F, G) + H + SS1 + W[j];
D = C;
C = ROTATELEFT(B,9);
C = ROTL(B, 9);
B = A;
A = TT1;
H = G;
G = ROTATELEFT(F,19);
G = ROTL(F, 19);
F = E;
E = P0(TT2);
}
@@ -212,3 +210,18 @@ void sm3(const unsigned char *msg, size_t msglen,
memset(&ctx, 0, sizeof(sm3_ctx_t));
}
#define DATA_ORDER_IS_BIG_ENDIAN
#define HASH_LONG SM3_LONG
#define HASH_CTX SM3_CTX
#define HASH_CBLOCK SM3_CBLOCK

1
crypto/sm3/sm3_hmac.c
View File

@@ -122,4 +122,3 @@ void sm3_hmac(const unsigned char *data, size_t data_len,
sm3_hmac_final(&ctx, mac);
memset(&ctx, 0, sizeof(ctx));
}