abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-28 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

sm2, ssl and license update

Browse Source
This commit is contained in:
Zhi Guan
2015-10-25 21:20:50 +08:00
parent cc316701af
commit 2563a4ed83
58 changed files with 3512 additions and 380 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
apps/01.pem Normal file
View File

@@ -0,0 +1,48 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=CN, ST=Beijing, L=Beijing, O=PKU, OU=Infosec
Validity
Not Before: Oct 11 04:07:34 2015 GMT
Not After : Oct 10 04:07:34 2016 GMT
Subject: C=CN, ST=Beijing, O=PKU, OU=Infosec, CN=hello
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:25:2f:45:5b:29:97:d9:34:c3:61:ba:d4:f9:b6:
82:3e:ea:73:17:d1:e9:65:2f:c0:70:20:e6:a5:4b:
d2:af:94:7e:18:c6:5f:d5:42:fb:34:22:a2:46:8e:
61:a6:03:15:8f:ca:c1:6f:6e:e1:21:02:88:59:8e:
9a:26:9b:e0:92
ASN1 OID: sm2p256v1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
D4:BF:9A:51:35:10:6F:55:6F:6F:97:22:57:3D:27:BC:0D:A7:93:1B
X509v3 Authority Key Identifier:
keyid:96:6F:A7:34:97:51:22:4E:23:79:A9:14:91:76:A3:DA:A1:1D:C4:7A
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:3f:42:fe:9d:98:90:ba:a8:e8:92:27:33:0e:6d:
94:b5:f2:0a:79:08:46:84:2c:e9:e6:c5:ac:a7:49:ca:cc:58:
02:21:00:f7:39:b5:bb:e7:8f:c1:ae:91:4a:4a:03:01:f8:79:
cb:a0:1f:39:74:15:4c:55:ce:99:a9:33:8a:0b:52:06:ca
-----BEGIN CERTIFICATE-----
MIICCjCCAbCgAwIBAgIBATAKBggqhkjOPQQDAjBRMQswCQYDVQQGEwJDTjEQMA4G
A1UECAwHQmVpamluZzEQMA4GA1UEBwwHQmVpamluZzEMMAoGA1UECgwDUEtVMRAw
DgYDVQQLDAdJbmZvc2VjMB4XDTE1MTAxMTA0MDczNFoXDTE2MTAxMDA0MDczNFow
TzELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaWppbmcxDDAKBgNVBAoMA1BLVTEQ
MA4GA1UECwwHSW5mb3NlYzEOMAwGA1UEAwwFaGVsbG8wWTATBgcqhkjOPQIBBggq
gRzPVQGCLQNCAAQlL0VbKZfZNMNhutT5toI+6nMX0ellL8BwIOalS9KvlH4Yxl/V
Qvs0IqJGjmGmAxWPysFvbuEhAohZjpomm+CSo3sweTAJBgNVHRMEAjAAMCwGCWCG
SAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E
FgQU1L+aUTUQb1Vvb5ciVz0nvA2nkxswHwYDVR0jBBgwFoAUlm+nNJdRIk4jeakU
kXaj2qEdxHowCgYIKoZIzj0EAwIDSAAwRQIgP0L+nZiQuqjokiczDm2UtfIKeQhG
hCzp5sWsp0nKzFgCIQD3ObW754/BrpFKSgMB+HnLoB85dBVMVc6ZqTOKC1IGyg==
-----END CERTIFICATE-----

49
apps/02.pem Normal file
View File

@@ -0,0 +1,49 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=CN, ST=Beijing, L=Beijing, O=PKU, OU=Infosec
Validity
Not Before: Oct 11 04:08:28 2015 GMT
Not After : Oct 10 04:08:28 2016 GMT
Subject: C=CN, ST=Beijing, O=PKU, OU=Infosec, CN=guanzhi
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:a6:e8:13:83:f0:02:f1:aa:e4:1b:23:ca:d6:fa:
e9:12:46:e8:68:42:99:6c:a2:92:1d:c1:e4:d2:27:
47:4a:1e:4c:90:89:0a:87:a8:5a:dd:36:2c:c7:4a:
6c:70:cb:33:ab:a7:af:82:ad:a3:d6:47:79:c3:f5:
cd:bd:a3:fd:39
ASN1 OID: sm2p256v1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
E2:1B:90:77:8E:B3:22:7C:C2:B7:06:0C:24:DF:38:8B:57:27:11:4C
X509v3 Authority Key Identifier:
keyid:96:6F:A7:34:97:51:22:4E:23:79:A9:14:91:76:A3:DA:A1:1D:C4:7A
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:d8:7c:52:ed:91:31:95:9a:ba:d1:cd:39:60:
19:44:96:21:89:07:b8:88:3d:1b:e2:2b:b0:f5:85:30:c5:f8:
7e:02:21:00:c2:5b:65:84:ab:bd:b3:0a:2f:89:9e:e6:69:f3:
f7:ba:79:67:38:1d:4e:0f:55:4b:13:69:a5:e6:7a:7a:f0:8f
-----BEGIN CERTIFICATE-----
MIICDTCCAbKgAwIBAgIBAjAKBggqhkjOPQQDAjBRMQswCQYDVQQGEwJDTjEQMA4G
A1UECAwHQmVpamluZzEQMA4GA1UEBwwHQmVpamluZzEMMAoGA1UECgwDUEtVMRAw
DgYDVQQLDAdJbmZvc2VjMB4XDTE1MTAxMTA0MDgyOFoXDTE2MTAxMDA0MDgyOFow
UTELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaWppbmcxDDAKBgNVBAoMA1BLVTEQ
MA4GA1UECwwHSW5mb3NlYzEQMA4GA1UEAwwHZ3VhbnpoaTBZMBMGByqGSM49AgEG
CCqBHM9VAYItA0IABKboE4PwAvGq5Bsjytb66RJG6GhCmWyikh3B5NInR0oeTJCJ
CoeoWt02LMdKbHDLM6unr4Kto9ZHecP1zb2j/TmjezB5MAkGA1UdEwQCMAAwLAYJ
YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud
DgQWBBTiG5B3jrMifMK3Bgwk3ziLVycRTDAfBgNVHSMEGDAWgBSWb6c0l1EiTiN5
qRSRdqPaoR3EejAKBggqhkjOPQQDAgNJADBGAiEA2HxS7ZExlZq60c05YBlEliGJ
B7iIPRviK7D1hTDF+H4CIQDCW2WEq72zCi+JnuZp8/e6eWc4HU4PVUsTaaXmenrw
jw==
-----END CERTIFICATE-----

14
apps/demoCA/cacert.pem
View File

@@ -1,14 +0,0 @@
subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
-----BEGIN X509 CERTIFICATE-----
MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
IMs6ZOZB
-----END X509 CERTIFICATE-----

39
apps/demoCA/index.txt
View File

@@ -1,39 +0,0 @@
R 980705233205Z 951009233205Z 01 certs/00000001 /CN=Eric Young
E 951009233205Z 02 certs/00000002 /CN=Duncan Young
R 980705233205Z 951201010000Z 03 certs/00000003 /CN=Tim Hudson
V 980705233205Z 04 certs/00000004 /CN=Eric Young4
V 980705233205Z 05 certs/00000004 /CN=Eric Young5
V 980705233205Z 06 certs/00000004 /CN=Eric Young6
V 980705233205Z 07 certs/00000004 /CN=Eric Young7
V 980705233205Z 08 certs/00000004 /CN=Eric Young8
V 980705233205Z 09 certs/00000004 /CN=Eric Young9
V 980705233205Z 0A certs/00000004 /CN=Eric YoungA
V 980705233205Z 0B certs/00000004 /CN=Eric YoungB
V 980705233205Z 0C certs/00000004 /CN=Eric YoungC
V 980705233205Z 0D certs/00000004 /CN=Eric YoungD
V 980705233205Z 0E certs/00000004 /CN=Eric YoungE
V 980705233205Z 0F certs/00000004 /CN=Eric YoungF
V 980705233205Z 10 certs/00000004 /CN=Eric Young10
V 980705233205Z 11 certs/00000004 /CN=Eric Young11
V 980705233205Z 12 certs/00000004 /CN=Eric Young12
V 980705233205Z 13 certs/00000004 /CN=Eric Young13
V 980705233205Z 14 certs/00000004 /CN=Eric Young14
V 980705233205Z 15 certs/00000004 /CN=Eric Young15
V 980705233205Z 16 certs/00000004 /CN=Eric Young16
V 980705233205Z 17 certs/00000004 /CN=Eric Young17
V 961206150305Z 010C unknown /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
V 961206153245Z 010D unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
V 970322074816Z 010E unknown /CN=Eric Young/Email=eay@mincom.oz.au
V 970322075152Z 010F unknown /CN=Eric Young
V 970322075906Z 0110 unknown /CN=Eric Youngg
V 970324092238Z 0111 unknown /C=AU/SP=Queensland/CN=Eric Young
V 970324221931Z 0112 unknown /CN=Fred
V 970324224934Z 0113 unknown /C=AU/CN=eay
V 971001005237Z 0114 unknown /C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
V 971001010331Z 0115 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
V 971001013945Z 0117 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
V 971014225415Z 0118 unknown /C=AU/SP=Queensland/CN=test
V 971015004448Z 0119 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
V 971016035001Z 011A unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
V 971016080129Z 011B unknown /C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
V 971016224000Z 011D unknown /L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk

24
apps/demoCA/private/cakey.pem
View File

@@ -1,24 +0,0 @@
issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
-----BEGIN X509 CERTIFICATE-----
MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
IMs6ZOZB
-----END X509 CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
-----END RSA PRIVATE KEY-----

1
apps/demoCA/serial
View File

@@ -1 +0,0 @@
011E

2
apps/sm2-gencert.sh
View File

@@ -7,5 +7,5 @@ CERT_FILE=user.pem
gmssl ecparam -genkey -name sm2p256v1 -text -out $KEY_FILE
gmssl req -new -key $KEY_FILE -out $REQ_FILE
gmssl ca -out $CERT_FILE -outdir . -infiles $REQ_FILE
gmssl pkcs12 -export -out user.pfx -in $CERT_FILE -inkey $KEY_FILE -certfile .demoCA/cacert.pem
gmssl pkcs12 -export -out user.pfx -in $CERT_FILE -inkey $KEY_FILE -certfile ./demoCA/cacert.pem

51
crypto/cpk/cpk.h
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk.h */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_CPK_H
#define HEADER_CPK_H

51
crypto/cpk/cpk_asn1.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_asn1.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/asn1t.h>
#include "cpk.h"

51
crypto/cpk/cpk_err.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_err.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/err.h>
#include "cpk.h"

51
crypto/cpk/cpk_kap.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_kap.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/evp.h>
#include <openssl/ecdh.h>
#include <openssl/objects.h>

51
crypto/cpk/cpk_lib.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_lib.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <assert.h>
#include <openssl/err.h>

51
crypto/cpk/cpk_map.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_map.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/evp.h>
#include <openssl/objects.h>

51
crypto/cpk/cpk_prn.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpk_prn.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/bio.h>
#include "cpk.h"

51
crypto/cpk/cpktest.c
View File

@@ -1,3 +1,54 @@
/* crypto/cpk/cpktest.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <assert.h>

213
crypto/ec/ec_pmeth.c
View File

@@ -66,6 +66,7 @@
#include <openssl/evp.h>
#include "evp_locl.h"
#include <openssl/sm2.h>
#include <openssl/ecies.h>
/* EC pkey context structure */
@@ -279,14 +280,6 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx,
}
#endif
#ifndef OPENSSL_NO_ECIES
static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
#endif
static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
EC_PKEY_CTX *dctx = ctx->data;
@@ -500,6 +493,24 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
return EC_KEY_generate_key(pkey->pkey.ec);
}
#ifndef OPENSSL_NO_ECIES
static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
EC_KEY *ec_key = ctx->pkey->pkey.ec;
ECIES_PARAMS *param = ECIES_get_parameters(ec_key);
return ECIES_encrypt(out, outlen, param, in, inlen, ec_key);
}
static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
EC_KEY *ec_key = ctx->pkey->pkey.ec;
ECIES_PARAMS *param = ECIES_get_parameters(ec_key);
return ECIES_decrypt(out, outlen, param, in, inlen, ec_key);
}
#endif
const EVP_PKEY_METHOD ec_pkey_meth = {
EVP_PKEY_EC,
0,
@@ -548,139 +559,143 @@ const EVP_PKEY_METHOD ec_pkey_meth = {
pkey_ec_ctrl_str
};
#ifndef OPENSSL_NO_ECIES
static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
return 0;
}
static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
return 0;
}
#endif
#ifndef OPENSSL_NO_SM2
static int pkey_sm2_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen)
const unsigned char *dgst, size_t dgstlen)
{
int ret, type;
unsigned int sltmp;
EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec;
int ret;
EC_PKEY_CTX *ec_ctx = ctx->data;
EC_KEY *ec_key = ctx->pkey->pkey.ec;
int type;
unsigned int len;
if (!sig) {
*siglen = ECDSA_size(ec);
return 1;
} else if (*siglen < (size_t)ECDSA_size(ec)) {
ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
return 0;
}
if (!sig) {
*siglen = SM2_signature_size(ec_key);
return 1;
}
if (*siglen < (size_t)SM2_signature_size(ec_key)) {
ECerr(EC_F_PKEY_SM2_SIGN, EC_R_BUFFER_TOO_SMALL);
return 0;
}
if (dctx->md)
type = EVP_MD_type(dctx->md);
else
type = NID_sha1;
type = ec_ctx->md ? EVP_MD_type(ec_ctx->md) : NID_sm3;
if ((ret = SM2_sign(type, dgst, dgstlen, sig, &len, ec_key)) <= 0) {
return ret;
}
ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
if (ret <= 0)
return ret;
*siglen = (size_t)sltmp;
return 1;
*siglen = (size_t)len;
return 1;
}
static int pkey_sm2_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen)
const unsigned char *sig, size_t siglen,
const unsigned char *dgst, size_t dgstlen)
{
int ret, type;
EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec;
EC_PKEY_CTX *ec_ctx = ctx->data;
EC_KEY *ec_key = ctx->pkey->pkey.ec;
int type = ec_ctx->md ? EVP_MD_type(ec_ctx->md) : NID_sm3;
if (dctx->md)
type = EVP_MD_type(dctx->md);
else
type = NID_sha1;
ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
return ret;
return SM2_verify(type, dgst, dgstlen, sig, siglen, ec_key);
}
static int pkey_sm2_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
int ret = 0;
EC_PKEY_CTX *ec_ctx = ctx->data;
EC_KEY *ec_key = ctx->pkey->pkey.ec;
const EVP_MD *kdf_md = ec_ctx->kdf_md;
const EVP_MD *mac_md = ec_ctx->md;
point_conversion_form_t point_form = SM2_DEFAULT_POINT_CONVERSION_FORM;
if (!(ret = SM2_encrypt(kdf_md, mac_md, point_form, out, outlen, in, inlen, ec_key))) {
return 0;
}
return ret;
return SM2_encrypt(kdf_md, mac_md, point_form, out, outlen, in, inlen, ec_key);
}
static int pkey_sm2_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
int ret = 0;
EC_PKEY_CTX *ec_ctx = ctx->data;
EC_KEY *ec_key = ctx->pkey->pkey.ec;
const EVP_MD *kdf_md = ec_ctx->kdf_md;
const EVP_MD *mac_md = ec_ctx->md;
point_conversion_form_t point_form = SM2_DEFAULT_POINT_CONVERSION_FORM;
if (!(ret = SM2_decrypt(kdf_md, mac_md, point_form, in, inlen, out, outlen, ec_key))) {
return SM2_decrypt(kdf_md, mac_md, point_form, in, inlen, out, outlen, ec_key);
}
static int pkey_sm2_ctrl_digestinit(EVP_PKEY_CTX *pk_ctx, EVP_MD_CTX *md_ctx)
{
int ret;
EC_KEY *ec_key = pk_ctx->pkey->pkey.ec;
const EVP_MD *md = EVP_MD_CTX_md(md_ctx);
char *id;
unsigned char zid[EVP_MAX_MD_SIZE];
unsigned int zidlen = sizeof(zid);
if (!(id = SM2_get_id(ec_key))) {
return 0;
}
//FIXME: check this function
if (!SM2_compute_id_digest(zid, &zidlen, md, id, strlen(zidlen), ec_key)) {
return 0;
}
if (!EVP_DigestInit_ex(md_ctx, md, NULL)) {
goto end;
}
if (!EVP_DigestUpdate(md_ctx, zid, zidlen)) {
goto end;
}
EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NO_INIT);
end:
return ret;
}
static int pkey_sm2_ctrl(EVP_PKEY_CTX *pk_ctx, int type, int p1, void *p2)
{
switch (type) {
case EVP_PKEY_CTRL_DIGESTINIT:
return pkey_sm2_ctrl_digestinit(pk_ctx, (EVP_MD_CTX *)p2);
case EVP_PKEY_CTRL_MD:
return 1;
}
return pkey_ec_ctrl(pk_ctx, type, p1, p2);
}
const EVP_PKEY_METHOD sm2_pkey_meth = {
EVP_PKEY_EC,
0,
pkey_ec_init,
pkey_ec_copy,
pkey_ec_cleanup,
0,
pkey_ec_paramgen,
0,
pkey_ec_keygen,
0,
pkey_sm2_sign,
0,
pkey_sm2_verify,
0, 0,
0, 0, 0, 0,
0,
pkey_sm2_encrypt,
0,
pkey_sm2_decrypt,
0,
EVP_PKEY_EC,
0, /* flags */
pkey_ec_init,
pkey_ec_copy,
pkey_ec_cleanup,
0, /* paramgen_init */
pkey_ec_paramgen,
0, /* keygen_init */
pkey_ec_keygen,
0, /* sign_init */
pkey_sm2_sign,
0, /* verify_init */
pkey_sm2_verify,
0, /* verify_recover_init */
0, /* verify_recover */
0, /* signctx_init */
0, /* signctx */
0, /* verifyctx_init */
0, /* verifyctx */
0, /* encrypt_init */
pkey_sm2_encrypt,
0, /* decrypt_init */
pkey_sm2_decrypt,
0, /* derive_init */
#ifndef OPENSSL_NO_ECDH
pkey_ec_kdf_derive,
pkey_ec_kdf_derive,
#else
0,
0,
#endif
pkey_ec_ctrl,
pkey_ec_ctrl_str
pkey_sm2_ctrl,
pkey_ec_ctrl_str
};
#endif

72
crypto/ecies/ecies.h
View File

@@ -1,3 +1,55 @@
/* crypto/ecies/ecies.h */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_ECIES_H
#define HEADER_ECIES_H
@@ -41,11 +93,19 @@ DECLARE_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE)
int i2d_ECIESParameters(const ECIES_PARAMS *param, unsigned char **out);
ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param, const unsigned char **in, long len);
int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param);
ECIES_PARAMS *ECIES_get_parameters(const EC_KEY *ec_key);
ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, const EC_KEY *pub_key);
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int ECIES_do_decrypt(const ECIES_CIPHERTEXT_VALUE *cv,
const ECIES_PARAMS *param, unsigned char *out, size_t *outlen,
EC_KEY *pri_key);
EC_KEY *ec_key);
int ECIES_encrypt(unsigned char *out, size_t *outlen,
const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
int ECIES_decrypt(unsigned char *out, size_t *outlen,
const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
void ERR_load_ECIES_strings(void);
@@ -55,8 +115,12 @@ void ERR_load_ECIES_strings(void);
/* Function codes. */
#define ECIES_F_I2D_ECIESPARAMETERS 100
#define ECIES_F_D2I_ECIESPARAMETERS 101
#define ECIES_F_ECIES_DO_ENCRYPT 102
#define ECIES_F_ECIES_DO_DECRYPT 103
#define ECIES_F_ECIES_SET_PARAMETERS 102
#define ECIES_F_ECIES_GET_PARAMETERS 103
#define ECIES_F_ECIES_DO_ENCRYPT 104
#define ECIES_F_ECIES_DO_DECRYPT 105
#define ECIES_F_ECIES_ENCRYPT 106
#define ECIES_F_ECIES_DECRYPT 107
/* Reason codes. */
#define ECIES_R_BAD_DATA 100

51
crypto/ecies/ecies_asn1.c
View File

@@ -1,3 +1,54 @@
/* crypto/ecies/ecies_asn1.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/asn1.h>

57
crypto/ecies/ecies_err.c
View File

@@ -1,3 +1,55 @@
/* crypto/ecies/ecies_err.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/err.h>
#include "ecies.h"
@@ -9,8 +61,12 @@
static ERR_STRING_DATA ECIES_str_functs[] = {
{ERR_FUNC(ECIES_F_ECIES_SET_PARAMETERS),"ECIES_set_parameters"},
{ERR_FUNC(ECIES_F_ECIES_GET_PARAMETERS),"ECIES_get_parameters"},
{ERR_FUNC(ECIES_F_ECIES_DO_ENCRYPT), "ECIES_do_encrypt"},
{ERR_FUNC(ECIES_F_ECIES_DO_DECRYPT), "ECIES_do_decrypt"},
{ERR_FUNC(ECIES_F_ECIES_ENCRYPT), "ECIES_encrypt"},
{ERR_FUNC(ECIES_F_ECIES_DECRYPT), "ECIES_decrypt"},
{0,NULL}
};
@@ -39,3 +95,4 @@ void ERR_load_ECIES_strings(void)
}
#endif
}

149
crypto/ecies/ecies_lib.c
View File

@@ -1,3 +1,55 @@
/* crypto/ecies/ecies_lib.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -9,8 +61,35 @@
#include "kdf.h"
static void *ecies_data_dup(void *data) {
return data;
}
static void ecies_data_free(void *data) {
return;
}
int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param)
{
if (!EC_KEY_insert_key_method_data(ec_key, param,
ecies_data_dup, ecies_data_free, ecies_data_free)) {
return 0;
}
return 1;
}
ECIES_PARAMS *ECIES_get_parameters(const EC_KEY *ec_key)
{
ECIES_PARAMS *ret;
if (!(ret = EC_KEY_get_key_method_data(ec_key,
ecies_data_dup, ecies_data_free, ecies_data_free))) {
return NULL;
}
return ret;
}
ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, const EC_KEY *pub_key)
const unsigned char *in, size_t inlen, EC_KEY *pub_key)
{
int e = 1;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
@@ -335,3 +414,71 @@ err:
return r;
}
int ECIES_encrypt(unsigned char *out, size_t *outlen,
const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
int ret = 0;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
unsigned char *p = out;
int len;
if (!(cv = ECIES_do_encrypt(param, in, inlen, ec_key))) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
return 0;
}
if ((len = i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL)) <= 0) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
goto end;
}
if (!out) {
*outlen = (size_t)len;
ret = 1;
goto end;
}
if (*outlen < len) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
*outlen = (size_t)len;
goto end;
}
if ((len = i2d_ECIES_CIPHERTEXT_VALUE(cv, &p)) <= 0) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
goto end;
}
*outlen = (size_t)len;
ret = 1;
end:
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}
int ECIES_decrypt(unsigned char *out, size_t *outlen,
const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
int ret = 0;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
const unsigned char *p = in;
if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &p, (long)inlen))) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
return 0;
}
if (!ECIES_do_decrypt(cv, param, out, outlen, ec_key)) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
goto end;
}
ret = 1;
end:
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}

51
crypto/ecies/eciestest.c
View File

@@ -1,3 +1,54 @@
/* crypto/ecies/eciestest.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

51
crypto/ecies/kdf.h
View File

@@ -1,3 +1,54 @@
/* crypto/ecies/kdf.h */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_KDF_H
#define HEADER_KDF_H

52
crypto/ecies/kdf_x9_63.c
View File

@@ -1,3 +1,55 @@
/* crypto/ecies/kdf_x9_63.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include "kdf.h"

36
crypto/evp/p_dec.c
View File

@@ -66,7 +66,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
static int ossl_EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
EVP_PKEY *priv)
{
int ret = -1;
@@ -85,3 +85,37 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
#endif
return (ret);
}
int EVP_PKEY_decrypt_old(unsigned char *out, const unsigned char *in, int inlen,
EVP_PKEY *pkey)
{
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t outlen;
if (pkey->type == EVP_PKEY_RSA) {
return ossl_EVP_PKEY_decrypt_old(out, in, inlen, pkey);
}
if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
return 0;
}
if (!EVP_PKEY_encrypt_init(ctx)) {
goto end;
}
if (!EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen)) {
goto end;
}
ret = (int)outlen;
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}

37
crypto/evp/p_enc.c
View File

@@ -66,22 +66,49 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
static int ossl_EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
int key_len, EVP_PKEY *pubk)
{
int ret = 0;
#ifndef OPENSSL_NO_RSA
if (pubk->type != EVP_PKEY_RSA) {
#endif
EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
ret =
RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa,
RSA_PKCS1_PADDING);
err:
#endif
return (ret);
}
int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in,
int inlen, EVP_PKEY *pkey)
{
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t outlen;
if (pkey->type == EVP_PKEY_RSA) {
return ossl_EVP_PKEY_encrypt_old(out, in, inlen, pkey);
}
if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
return 0;
}
if (EVP_PKEY_encrypt_init(ctx) <= 0) {
goto end;
}
/* ctrl operations can be added here */
if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) {
goto end;
}
ret = (int)outlen;
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}

3
crypto/evp/pmeth_lib.c
View File

@@ -75,8 +75,7 @@ STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
extern const EVP_PKEY_METHOD dhx_pkey_meth;
extern const EVP_PKEY_METHOD sm2_pkey_meth;
extern const EVP_PKEY_METHOD dhx_pkey_meth, sm2_pkey_meth;
static const EVP_PKEY_METHOD *standard_methods[] = {
#ifndef OPENSSL_NO_RSA

39
crypto/paillier/paillier.h Normal file
View File

@@ -0,0 +1,39 @@
#ifndef HEADER_PAILLIER_H
#define HEADER_PAILLIER_H
#include <openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct paillier_st {
int bits;
BIGNUM *n; /* public key */
BIGNUM *lambda; /* private key, lambda(n) = lcm(p-1, q-1) */
BIGNUM *n_squared; /* online */
BIGNUM *n_plusone; /* online */
BIGNUM *x; /* online */
} PAILLIER;
PAILLIER *PAILLIER_new(void);
void PAILLIER_free(PAILLIER *key);
int PAILLIER_generate_key(PAILLIER *key, int bits);
int PAILLIER_check_key(PAILLIER *key);
int PAILLIER_encrypt(BIGNUM *out, const BIGNUM *in, PAILLIER *pub_key);
int PAILLIER_decrypt(BIGNUM *out, const BIGNUM *in, PAILLIER *pri_key);
int PAILLIER_ciphertext_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
PAILLIER *pub_key);
int PAILLIER_ciphertext_scalar_mul(BIGNUM *r, unsigned int k,
const BIGNUM *a, PAILLIER *pub_key)
#ifdef __cplusplus
}
#endif
#endif

4
crypto/sm2/Makefile
View File

@@ -17,9 +17,9 @@ TEST=sm2test.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= sm2_dgst.c sm2_enc.c
LIBSRC= sm2_lib.c sm2_err.c sm2_sign.c sm2_enc.c
LIBOBJ= sm2_dgst.o sm2_enc.o
LIBOBJ= sm2_lib.o sm2_err.o sm2_sign.o sm2_enc.o
SRC= $(LIBSRC)

89
crypto/sm2/sm2.h
View File

@@ -1,3 +1,55 @@
/* crypto/sm2/sm2.h */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_SM2_H
#define HEADER_SM2_H
@@ -6,12 +58,17 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/ecdsa.h>
#ifdef __cplusplus
extern "C" {
#endif
#define SM2_DEFAULT_POINT_CONVERSION_FORM 0
#define SM2_MAX_ID_BITS 65535
#define SM2_MAX_ID_LENGTH 8191
#define SM2_DEFAULT_POINT_CONVERSION_FORM POINT_CONVERSION_UNCOMPRESSED
typedef struct sm2_ciphertext_value_st {
@@ -23,6 +80,16 @@ typedef struct sm2_ciphertext_value_st {
} SM2_CIPHERTEXT_VALUE;
typedef ECDSA_SIG SM2_SIG;
char *SM2_get_id(EC_KEY *ec_key);
int SM2_set_id(EC_KEY *ec_key, const char *id);
int SM2_compute_id_digest(unsigned char *dgst, unsigned int *dgstlen,
const EVP_MD *md, const void *id, size_t idlen, EC_KEY *ec_key);
int SM2_compute_za(unsigned char *za, const EVP_MD *md,
const void *id, size_t idlen, EC_KEY *ec_key);
@@ -62,6 +129,26 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
point_conversion_form_t point_form, const unsigned char *in,
size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key);
ECDSA_SIG *SM2_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *ec_key);
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
int SM2_do_verify(const unsigned char *dgst, int dgstlen,
const ECDSA_SIG *sig, EC_KEY *ec_key);
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
#define SM2_signature_size(ec_key) ECDSA_size(ec_key)
int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *ec_key);
void ERR_load_SM2_strings(void);
/* Error codes for the ECIES functions. */

174
crypto/sm2/sm2_dgst.c
View File

@@ -1,174 +0,0 @@
#include <stdio.h>
#include <assert.h>
#include <string.h>
#include <strings.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#define EC_MAX_NBYTES ((OPENSSL_ECC_MAX_FIELD_BITS + 7)/8)
#define SM2_MAX_ID_LENGTH 4096
/*
* pkdata = a || b || G.x || G.y || P.x || P.y
*/
static int sm2_get_public_key_data(unsigned char *buf, EC_KEY *ec_key)
{
int ret = -1;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
const EC_POINT *point;
int nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
unsigned char oct[EC_MAX_NBYTES * 2 + 1];
BN_CTX *bn_ctx = NULL;
BIGNUM *p = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
size_t len;
OPENSSL_assert(ec_key);
OPENSSL_assert(nbytes == 256/8);
if (!buf) {
return (nbytes * 6);
}
bzero(buf, nbytes * 6);
bn_ctx = BN_CTX_new();
p = BN_new();
x = BN_new();
y = BN_new();
if (!bn_ctx || !p || !x || !y) {
goto err;
}
/* get curve coefficients a, b */
if (!EC_GROUP_get_curve_GFp(ec_group, p, x, y, bn_ctx)) {
goto err;
}
buf += nbytes;
if (!BN_bn2bin(x, buf - BN_num_bytes(x))) {
goto err;
}
buf += nbytes;
if (!BN_bn2bin(y, buf - BN_num_bytes(y))) {
goto err;
}
/* get curve generator coordinates */
if (!(point = EC_GROUP_get0_generator(ec_group))) {
goto err;
}
if (!(len = EC_POINT_point2oct(ec_group, point,
POINT_CONVERSION_UNCOMPRESSED, oct, sizeof(oct), bn_ctx))) {
goto err;
}
OPENSSL_assert(len == 32 * 2 + 1);
memcpy(buf, oct + 1, len - 1);
buf += len - 1;
/* get pub_key coorindates */
if (!(point = EC_KEY_get0_public_key(ec_key))) {
goto err;
}
if (!(len = EC_POINT_point2oct(ec_group, point,
POINT_CONVERSION_UNCOMPRESSED, oct, sizeof(oct), bn_ctx))) {
goto err;
}
OPENSSL_assert(len == 32 * 2 + 1);
memcpy(buf, oct + 1, len - 1);
buf += len - 1;
ret = (nbytes * 6);
err:
if (bn_ctx) BN_CTX_free(bn_ctx);
if (p) BN_free(p);
if (x) BN_free(x);
if (y) BN_free(y);
return ret;
}
int SM2_compute_za(unsigned char *za, unsigned int *zalen,
const EVP_MD *md, const void *id, size_t idlen, EC_KEY *ec_key)
{
int ret = 0;
EVP_MD_CTX *md_ctx = NULL;
unsigned char pkdata[EC_MAX_NBYTES * 6];
uint16_t idbits = idlen * 8;
int pkdatalen;
if ((pkdatalen = sm2_get_public_key_data(pkdata, ec_key)) < 0) {
goto err;
}
if (!(md_ctx = EVP_MD_CTX_create())) {
goto err;
}
if (!EVP_DigestInit_ex(md_ctx, md, NULL)) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, &idbits, sizeof(idbits))) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, id, idlen)) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, pkdata, pkdatalen)) {
goto err;
}
if (!EVP_DigestFinal(md_ctx, za, zalen)) {
goto err;
}
ret = 1;
err:
if (md_ctx) EVP_MD_CTX_destroy(md_ctx);
return ret;
}
int SM2_compute_digest(unsigned char *dgst, unsigned int *dgstlen,
const EVP_MD *za_md, const void *id, size_t idlen, EC_KEY *ec_key,
const EVP_MD *msg_md, const void *msg, size_t msglen)
{
int ret = 0;
unsigned char za[EVP_MAX_MD_SIZE];
unsigned int zalen;
EVP_MD_CTX *ctx = NULL;
/* compute Za */
if (idlen > SM2_MAX_ID_LENGTH) {
goto err;
}
if (!SM2_compute_za(za, &zalen, za_md, id, idlen, ec_key)) {
goto err;
}
/* compute digest */
if (!(ctx = EVP_MD_CTX_create())) {
goto err;
}
if (!EVP_DigestInit_ex(ctx, msg_md, NULL)) {
goto err;
}
if (!EVP_DigestUpdate(ctx, za, zalen)) {
goto err;
}
if (!EVP_DigestUpdate(ctx, msg, msglen)) {
goto err;
}
if (!EVP_DigestFinal_ex(ctx, dgst, dgstlen)) {
goto err;
}
ret = 1;
err:
if (ctx) EVP_MD_CTX_destroy(ctx);
return ret;
}

52
crypto/sm2/sm2_enc.c
View File

@@ -1,3 +1,55 @@
/* crypto/sm2/sm2_enc.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <assert.h>

65
crypto/sm2/sm2_err.c
View File

@@ -1,3 +1,55 @@
/* crypto/sm2/sm2_err.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/err.h>
#include "sm2.h"
@@ -7,14 +59,16 @@
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECIES,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECIES,0,reason)
static ERR_STRING_DATA SM2_str_functs[] = {
/*
{ERR_FUNC(ECIES_F_ECIES_DO_ENCRYPT), "ECIES_do_encrypt"},
{ERR_FUNC(ECIES_F_ECIES_DO_DECRYPT), "ECIES_do_decrypt"},
*/
{0,NULL}
};
static ERR_STRING_DATA SM2_str_reasons[] = {
/*
{ERR_REASON(ECIES_R_BAD_DATA), "bad data"},
{ERR_REASON(ECIES_R_UNKNOWN_CIPHER_TYPE),"unknown cipher type"},
{ERR_REASON(ECIES_R_ENCRYPT_FAILED), "encrypt failed"},
@@ -24,18 +78,19 @@ static ERR_STRING_DATA SM2_str_reasons[] = {
{ERR_REASON(ECIES_R_VERIFY_MAC_FAILED), "MAC verification failed"},
{ERR_REASON(ECIES_R_ECDH_FAILED), "ECDH failed"},
{ERR_REASON(ECIES_R_BUFFER_TOO_SMALL), "buffer too small"},
*/
{0,NULL}
};
#endif
void ERR_load_ECIES_strings(void)
void ERR_load_SM2_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECIES_str_functs[0].error) == NULL) {
ERR_load_strings(0,ECIES_str_functs);
ERR_load_strings(0,ECIES_str_reasons);
if (ERR_func_error_string(SM2_str_functs[0].error) == NULL) {
ERR_load_strings(0,SM2_str_functs);
ERR_load_strings(0,SM2_str_reasons);
}
#endif
}

50
crypto/sm2/sm2_kap.c Normal file
View File

@@ -0,0 +1,50 @@
/* crypto/sm2/sm2_kap.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/

225
crypto/sm2/sm2_lib.c Normal file
View File

@@ -0,0 +1,225 @@
/* crypto/sm2/sm2_lib.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <assert.h>
#include <stdint.h>
#include <string.h>
#include <strings.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sm2.h>
#define EC_MAX_NBYTES ((OPENSSL_ECC_MAX_FIELD_BITS + 7)/8)
static void *sm2_data_dup(void *data) {
return OPENSSL_strdup((const char *)data);
}
static void sm2_data_free(void *data) {
return OPENSSL_free(data);
}
int SM2_set_id(EC_KEY *ec_key, const char *id)
{
char *pid;
if (strlen(id) > SM2_MAX_ID_LENGTH) {
return 0;
}
if ((pid = EC_KEY_get_key_method_data(ec_key, sm2_data_dup,
sm2_data_free, sm2_data_free)) != NULL) {
return 0;
}
if (!(pid = OPENSSL_strdup(id))) {
return 0;
}
if (!EC_KEY_insert_key_method_data(ec_key, pid, sm2_data_dup,
sm2_data_free, sm2_data_free)) {
OPENSSL_free(pid);
return 0;
}
return 1;
}
char *SM2_get_id(EC_KEY *ec_key)
{
return (char *)EC_KEY_get_key_method_data(ec_key, sm2_data_dup,
sm2_data_free, sm2_data_free);
}
/*
* pkdata = a || b || G.x || G.y || P.x || P.y
*/
static int sm2_get_public_key_data(unsigned char *buf, EC_KEY *ec_key)
{
int ret = -1;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
const EC_POINT *point;
int nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
unsigned char oct[EC_MAX_NBYTES * 2 + 1];
BN_CTX *bn_ctx = NULL;
BIGNUM *p = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
size_t len;
OPENSSL_assert(ec_key);
OPENSSL_assert(nbytes == 256/8);
if (!buf) {
return (nbytes * 6);
}
bzero(buf, nbytes * 6);
bn_ctx = BN_CTX_new();
p = BN_new();
x = BN_new();
y = BN_new();
if (!bn_ctx || !p || !x || !y) {
goto err;
}
/* get curve coefficients a, b */
if (!EC_GROUP_get_curve_GFp(ec_group, p, x, y, bn_ctx)) {
goto err;
}
buf += nbytes;
if (!BN_bn2bin(x, buf - BN_num_bytes(x))) {
goto err;
}
buf += nbytes;
if (!BN_bn2bin(y, buf - BN_num_bytes(y))) {
goto err;
}
/* get curve generator coordinates */
if (!(point = EC_GROUP_get0_generator(ec_group))) {
goto err;
}
if (!(len = EC_POINT_point2oct(ec_group, point,
POINT_CONVERSION_UNCOMPRESSED, oct, sizeof(oct), bn_ctx))) {
goto err;
}
OPENSSL_assert(len == 32 * 2 + 1);
memcpy(buf, oct + 1, len - 1);
buf += len - 1;
/* get pub_key coorindates */
if (!(point = EC_KEY_get0_public_key(ec_key))) {
goto err;
}
if (!(len = EC_POINT_point2oct(ec_group, point,
POINT_CONVERSION_UNCOMPRESSED, oct, sizeof(oct), bn_ctx))) {
goto err;
}
OPENSSL_assert(len == 32 * 2 + 1);
memcpy(buf, oct + 1, len - 1);
buf += len - 1;
ret = (nbytes * 6);
err:
if (bn_ctx) BN_CTX_free(bn_ctx);
if (p) BN_free(p);
if (x) BN_free(x);
if (y) BN_free(y);
return ret;
}
int SM2_compute_id_digest(unsigned char *dgst, unsigned int *dgstlen,
const EVP_MD *md, const void *id, size_t idlen, EC_KEY *ec_key)
{
int ret = 0;
EVP_MD_CTX *md_ctx = NULL;
unsigned char pkdata[EC_MAX_NBYTES * 6];
uint16_t idbits = idlen * 8;
int pkdatalen;
if ((pkdatalen = sm2_get_public_key_data(pkdata, ec_key)) < 0) {
goto err;
}
if (!(md_ctx = EVP_MD_CTX_create())) {
goto err;
}
if (!EVP_DigestInit_ex(md_ctx, md, NULL)) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, &idbits, sizeof(idbits))) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, id, idlen)) {
goto err;
}
if (!EVP_DigestUpdate(md_ctx, pkdata, pkdatalen)) {
goto err;
}
if (!EVP_DigestFinal(md_ctx, dgst, dgstlen)) {
goto err;
}
ret = 1;
err:
if (md_ctx) EVP_MD_CTX_destroy(md_ctx);
return ret;
}

500
crypto/sm2/sm2_sign.c Normal file
View File

@@ -0,0 +1,500 @@
/* crypto/sm2/sm2_sign.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/err.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/ec.h>
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/sm2.h>
//FIXME: ECDSAerr()
/* k in [1, n-1], (x, y) = kG */
static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **xp)
{
int ret = 0;
const EC_GROUP *ec_group;
BN_CTX *ctx = NULL;
BIGNUM *k = NULL;
BIGNUM *x = NULL;
BIGNUM *order = NULL;
EC_POINT *point=NULL;
if (ec_key == NULL || (ec_group = EC_KEY_get0_group(ec_key)) == NULL) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ctx_in == NULL) {
if ((ctx = BN_CTX_new()) == NULL) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE);
return 0;
}
}
else {
ctx = ctx_in;
}
k = BN_new();
x = BN_new();
order = BN_new();
if (!k || !x || !order) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
if ((point = EC_POINT_new(ec_group)) == NULL) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
do {
/* get random k */
do {
if (!BN_rand_range(k, order)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}
} while (BN_is_zero(k));
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(ec_group, point, k, NULL, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, x, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
goto err;
}
} else /* NID_X9_62_characteristic_two_field */ {
if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, x, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
goto err;
}
}
if (!BN_nnmod(x, x, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
}
} while (BN_is_zero(x));
/* clear old values if necessary */
if (*kp != NULL)
BN_clear_free(*kp);
if (*xp != NULL)
BN_clear_free(*xp);
/* save the pre-computed values */
*kp = k;
*xp = x;
ret = 1;
err:
if (!ret) {
if (k) BN_clear_free(k);
if (x) BN_clear_free(x);
}
if (ctx_in == NULL) BN_CTX_free(ctx);
if (order) BN_free(order);
if (point) EC_POINT_free(point);
return(ret);
}
static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgst_len,
const BIGNUM *in_k, const BIGNUM *in_x, EC_KEY *ec_key)
{
int ok = 0;
ECDSA_SIG *ret = NULL;
const EC_GROUP *ec_group;
const BIGNUM *priv_key;
const BIGNUM *ck;
BIGNUM *k = NULL;
BN_CTX *ctx = NULL;
BIGNUM *order = NULL;
BIGNUM *e = NULL;
BIGNUM *bn = NULL;
int i;
ec_group = EC_KEY_get0_group(ec_key);
priv_key = EC_KEY_get0_private_key(ec_key);
if (!ec_group || !priv_key) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (!(ret = ECDSA_SIG_new())) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
return NULL;
}
ctx = BN_CTX_new();
order = BN_new();
e = BN_new();
bn = BN_new();
if (!ctx || !order || !e || !bn) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
goto err;
}
/* convert dgst to e */
i = BN_num_bits(order);
if (8 * dgst_len > i) {
dgst_len = (i + 7)/8;
}
if (!BN_bin2bn(dgst, dgst_len, e)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if ((8 * dgst_len > i) && !BN_rshift(e, e, 8 - (i & 0x7))) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
do {
/* use or compute k and (kG).x */
if (!in_k || !in_x) {
if (!sm2_sign_setup(ec_key, ctx, &k, &ret->r)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
goto err;
}
ck = k;
} else {
ck = in_k;
if (!BN_copy(ret->r, in_x)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
}
/* r = e + x (mod n) */
if (!BN_mod_add(ret->r, ret->r, e, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_add(bn, ret->r, ck, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
/* check r != 0 && r + k != n */
if (BN_is_zero(ret->r) || BN_is_zero(bn)) {
if (in_k && in_x) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
goto err;
} else
continue;
}
/* s = ((1 + d)^-1 * (k - rd)) mod n */
if (!BN_one(bn)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_add(ret->s, priv_key, bn, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_inverse(ret->s, ret->s, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_mul(bn, ret->r, priv_key, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_sub(bn, ck, bn, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_mod_mul(ret->s, ret->s, bn, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
/* check s != 0 */
if (BN_is_zero(ret->s)) {
if (in_k && in_x) {
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_NEED_NEW_SETUP_VALUES);
goto err;
}
} else
break;
} while (1);
ok = 1;
err:
if (!ok) {
ECDSA_SIG_free(ret);
ret = NULL;
}
if (k) BN_free(k);
if (ctx) BN_CTX_free(ctx);
if (order) BN_free(order);
if (e) BN_free(e);
if (bn) BN_free(bn);
return ret;
}
int sm2_do_verify(const unsigned char *dgst, int dgstlen,
const ECDSA_SIG *sig, EC_KEY *ec_key)
{
int ret = -1;
const EC_GROUP *ec_group;
const EC_POINT *pub_key;
EC_POINT *point = NULL;
BN_CTX *ctx = NULL;
BIGNUM *order = NULL;
BIGNUM *e = NULL;
BIGNUM *t = NULL;
int i;
if (!sig || !ec_key ||
!(ec_group = EC_KEY_get0_group(ec_key)) ||
!(pub_key = EC_KEY_get0_public_key(ec_key))) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
return -1;
}
ctx = BN_CTX_new();
order = BN_new();
e = BN_new();
t = BN_new();
if (!ctx || !order || !e || !t) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
/* check r, s in [1, n-1] and r + s != 0 (mod n) */
if (BN_is_zero(sig->r) ||
BN_is_negative(sig->r) ||
BN_ucmp(sig->r, order) >= 0 ||
BN_is_zero(sig->s) ||
BN_is_negative(sig->s) ||
BN_ucmp(sig->s, order) >= 0) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
ret = 0;
goto err;
}
/* check t = r + s != 0 */
if (!BN_mod_add(t, sig->r, sig->s, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(t)) {
ret = 0;
goto err;
}
/* convert digest to e */
i = BN_num_bits(order);
if (8 * dgstlen > i) {
dgstlen = (i + 7)/8;
}
if (!BN_bin2bn(dgst, dgstlen, e)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
if ((8 * dgstlen > i) && !BN_rshift(e, e, 8 - (i & 0x7))) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* compute (x, y) = sG + tP, P is pub_key */
if (!(point = EC_POINT_new(ec_group))) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_POINT_mul(ec_group, point, sig->s, pub_key, t, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, t, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
} else /* NID_X9_62_characteristic_two_field */ {
if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, t, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
}
if (!BN_nnmod(t, t, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* check (sG + tP).x + e == sig.r */
if (!BN_mod_add(t, t, e, order, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
ret = (BN_ucmp(t, sig->r) == 0);
err:
if (point) EC_POINT_free(point);
if (order) BN_free(order);
if (e) BN_free(e);
if (t) BN_free(t);
if (ctx) BN_CTX_free(ctx);
return ret;
}
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **xp)
{
return sm2_sign_setup(ec_key, ctx_in, kp, xp);
}
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kp, const BIGNUM *xp, EC_KEY *ec_key)
{
return sm2_do_sign(dgst, dgstlen, kp, xp, ec_key);
}
ECDSA_SIG *SM2_do_sign(const unsigned char *dgst, int dgstlen, EC_KEY *ec_key)
{
return SM2_do_sign_ex(dgst, dgstlen, NULL, NULL, ec_key);
}
int SM2_do_verify(const unsigned char *dgst, int dgstlen,
const ECDSA_SIG *sig, EC_KEY *ec_key)
{
return sm2_do_verify(dgst, dgstlen, sig, ec_key);
}
int SM2_sign_ex(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen,
const BIGNUM *k, const BIGNUM *x, EC_KEY *ec_key)
{
ECDSA_SIG *s;
RAND_seed(dgst, dgstlen);
if (!(s = SM2_do_sign_ex(dgst, dgstlen, k, x, ec_key))) {
*siglen = 0;
return 0;
}
*siglen = i2d_ECDSA_SIG(s, &sig);
ECDSA_SIG_free(s);
return 1;
}
int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *ec_key)
{
return SM2_sign_ex(type, dgst, dgstlen, sig, siglen, NULL, NULL, ec_key);
}
int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *ec_key)
{
ECDSA_SIG *s;
const unsigned char *p = sig;
unsigned char *der = NULL;
int derlen = -1;
int ret = -1;
if (!(s = ECDSA_SIG_new())) {
return ret;
}
if (!d2i_ECDSA_SIG(&s, &p, siglen)) {
goto err;
}
derlen = i2d_ECDSA_SIG(s, &der);
if (derlen != siglen || memcmp(sig, der, derlen)) {
goto err;
}
ret = SM2_do_verify(dgst, dgstlen, s, ec_key);
err:
if (derlen > 0) {
OPENSSL_cleanse(der, derlen);
OPENSSL_free(der);
}
ECDSA_SIG_free(s);
return ret;
}

51
crypto/sm2/sm2test.c
View File

@@ -1,3 +1,54 @@
/* crypto/sm2/sm2test.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/bn.h>

52
crypto/sm3/sm3.c
View File

@@ -1,3 +1,55 @@
/* crypto/sm3/sm3.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include "sm3.h"
#include "byteorder.h"
#include <string.h>

51
crypto/sm3/sm3.h
View File

@@ -1,3 +1,54 @@
/* crypto/sm3/sm3.h */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_SM3_H
#define HEADER_SM3_H

51
crypto/sms4/sms4.c
View File

@@ -1,3 +1,54 @@
/* crypto/sms4/sms4.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include "sms4.h"
#define FK0 0xa3b1bac6

51
crypto/sms4/sms4.h
View File

@@ -1,3 +1,54 @@
/* crypto/sms4/sms4.h */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_SMS4_H
#define HEADER_SMS4_H

52
crypto/sms4/sms4_cbc.c
View File

@@ -1,3 +1,55 @@
/* crypto/sms4/sms4_cbc.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

51
crypto/sms4/sms4_cfb.c
View File

@@ -1,3 +1,54 @@
/* crypto/sms4/sms4_cfb.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

52
crypto/sms4/sms4_ecb.c
View File

@@ -1,3 +1,55 @@
/* crypto/sms4/sms4_ecb.h */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

54
crypto/sms4/sms4_ofb.c
View File

@@ -1,3 +1,55 @@
/* crypto/sms4/sms4_ofb.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -17,4 +69,4 @@ void sms4_ofb128_encrypt(const unsigned char *in, unsigned char *out,
unsigned int *num) {
CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)sms4_encrypt);
}
//cprefix##_ofb##cbits##_encrypt
//cprefix##_ofb##cbits##_encrypt

2
crypto/zuc/zuc.h
View File

@@ -1,7 +1,7 @@
#ifndef HEADER_ZUC_H
#define HEADER_ZUC_H
#include <stdint.h>
#include <stdlib.h>
#ifdef __cplusplus

1
include/openssl/gmssl.h Symbolic link
View File

@@ -0,0 +1 @@
../../ssl/gmssl.h

73
ssl/gm_clnt.c Normal file
View File

@@ -0,0 +1,73 @@
/* ssl/gm_clnt.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/gmssl.h>
static const SSL_METHOD *gmssl_get_client_method(int ver)
{
if (ver == GMSSL1_1_VERSION) {
return GMSSLv1_1_client_method();
}
return NULL;
}
IMPLEMENT_gmssl_meth_func(GMSSL1_1_VERSION, GMSSLv1_1_client_method,
ssl_undefined_function,
ssl3_connect,
gmssl_get_client_method, GMSSLv1_1_enc_data)

67
ssl/gm_enc.c Normal file
View File

@@ -0,0 +1,67 @@
/* ssl/gm_enc.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/gmssl.h>
int gmssl_alert_code(int code)
{
return tls1_alert_code(code);
}

281
ssl/gm_lib.c Normal file
View File

@@ -0,0 +1,281 @@
/* ssl/gm_lib.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/gmssl.h>
SSL3_ENC_METHOD GMSSLv1_1_enc_data = {
gmssl_enc,
gmssl_mac,
gmssl_setup_key_block,
gmssl_generate_master_secret,
gmssl_change_cipher_state,
gmssl_final_finish_mac,
GMSSL_FINISH_MAC_LENGTH,
gmssl_cert_verify_mac,
TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
tls1_export_keying_material,
0,
SSL3_HM_HEADER_LENGTH,
ssl3_set_handshake_header,
ssl3_handshake_write
};
OPENSSL_GLOBAL SSL_CIPHER gm1_ciphers[] = {
/* Cipher 1 */
{
1,
GM1_TXT_ECDHE_SM1_SM3,
GM1_CK_ECDHE_SM1_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 2 */
{
1,
GM1_TXT_ECC_SM1_SM3,
GM1_CK_ECC_SM1_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 3 */
{
1,
GM1_TXT_IBSDH_SM1_SM3,
GM1_CK_IBSDH_SM1_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 4 */
{
1,
GM1_TXT_IBC_SM1_SHA1,
GM1_CK_IBC_SM1_SHA1,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 5 */
{
1,
GM1_TXT_RSA_SM1_SM3,
GM1_CK_RSA_SM1_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 6 */
{
1,
GM1_TXT_RSA_SM1_SHA1,
GM1_CK_RSA_SM1_SHA1,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 7 */
{
1,
GM1_TXT_ECDHE_SM4_SM3,
GM1_CK_ECDHE_SM4_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 8 */
{
1,
GM1_TXT_ECC_SM4_SM3,
GM1_CK_ECC_SM4_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 9 */
{
1,
GM1_TXT_IBSDH_SM4_SM3,
GM1_CK_IBSDH_SM4_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 10 */
{
1,
GM1_TXT_IBC_SM4_SM3,
GM1_CK_IBC_SM4_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 11 */
{
1,
GM1_TXT_RSA_SM4_SM3,
GM1_CK_RSA_SM4_SM3,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
/* Cipher 12 */
{
1,
GM1_TXT_RSA_SM4_SHA1,
GM1_CK_RSA_SM4_SHA1,
SSL_kEECDH, /* ephemeral ECDH key exchange algorithm bits */
SSL_aSM2, /* auth algor bits */
SSL_SM1, /* symmetric encryption */
SSL_SM3, /* symmetric authentication */
SSL_GMV1_1, /* (major) protocol version */
SSL_NOT_EXP | SSL_STRONG_NONE, /* strength and export flags */
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, /* extra flags */
0, /* number of bits really used */
0, /* number of bits for algorithm */
},
};

72
ssl/gm_meth.c Normal file
View File

@@ -0,0 +1,72 @@
/* ssl/gm_meth.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/objects.h>
#include "ssl_locl.h"
#include <openssl/gmssl.h>
static const SSL_METHOD *gmssl_get_method(int ver)
{
if (ver == GMSSL1_1_VERSION) {
return GMSSLv1_1_method();
}
return NULL;
}
IMPLEMENT_gmssl_meth_func(GMSSL1_1_VERSION, GMSSLv1_1_method,
ssl3_accept,
ssl3_connect,
gmssl_get_method, GMSSLv1_1_enc_data)

79
ssl/gm_srvr.c Normal file
View File

@@ -0,0 +1,79 @@
/* ssl/gm_srvr.c */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "ssl_locl.h"
#include <openssl/buffer.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/gmssl.h>
static const SSL_METHOD *gmssl_get_server_method(int ver)
{
if (ver == GMSSL1_1_VERSION) {
return GMSSLv1_1_server_method();
}
return NULL;
}
IMPLEMENT_gmssl_meth_func(GMSSL1_1_VERSION, GMSSLv1_1_server_method,
ssl3_accept,
ssl_undefined_function,
gmssl_get_server_method, GMSSLv1_1_enc_data)
int gm1_send_server_certificate(SSL *s)
{
return 0;
}

134
ssl/gmssl.h Normal file
View File

@@ -0,0 +1,134 @@
/* ssl/gmssl.h */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_GMSSL_H
#define HEADER_GMSSL_H
#ifdef __cplusplus
extern "C" {
#endif
#define GM1_VERSION 0x0101
#define GM1_VERSION_MAJOR 0x01
#define GM1_VERSION_MINOR 0x01
#define GMSSL1_1_VERSION 0x0101
#define GM1_get_version(s) \
((s->version >> 8) == GM1_VERSION_MAJOR ? s->version : 0)
#define GM1_get_client_version(s) \
((s->client_version >> 8) == GM1_VERSION_MAJOR ? s->client_version : 0)
/* from GM/T 0024-2014 Table 2 */
#define GM1_CK_ECDHE_SM1_SM3 0x0300E001
#define GM1_CK_ECC_SM1_SM3 0x0300E003
#define GM1_CK_IBSDH_SM1_SM3 0x0300E005
#define GM1_CK_IBC_SM1_SM3 0x0300E007
#define GM1_CK_RSA_SM1_SM3 0x0300E009
#define GM1_CK_RSA_SM1_SHA1 0x0300E00A
#define GM1_CK_ECDHE_SM4_SM3 0x0300E011
#define GM1_CK_ECC_SM4_SM3 0x0300E013
#define GM1_CK_IBSDH_SM4_SM3 0x0300E015
#define GM1_CK_IBC_SM4_SM3 0x0300E017
#define GM1_CK_RSA_SM4_SM3 0x0300E019
#define GM1_CK_RSA_SM4_SHA1 0x0300E01A
#define GM1_TXT_ECDHE_SM1_SM3 "ECDHE-SM1-SM3"
#define GM1_TXT_ECC_SM1_SM3 "ECC-SM1-SM3"
#define GM1_TXT_IBSDH_SM1_SM3 "IBSDH-SM1-SM3"
#define GM1_TXT_IBC_SM1_SM3 "IBC-SM1-SM3"
#define GM1_TXT_RSA_SM1_SM3 "RSA-SM1-SM3"
#define GM1_TXT_RSA_SM1_SHA1 "RSA-SM1-SHA1"
#define GM1_TXT_ECDHE_SM4_SM3 "ECDHE-SM4-SM3"
#define GM1_TXT_ECC_SM4_SM3 "ECC-SM4-SM3"
#define GM1_TXT_IBSDH_SM4_SM3 "IBSDH-SM4-SM3"
#define GM1_TXT_IBC_SM4_SM3 "IBC-SM4-SM3"
#define GM1_TXT_RSA_SM4_SM3 "RSA-SM4-SM3"
#define GM1_TXT_RSA_SM4_SHA1 "RSA-SM4-SHA1"
/* from GM/T 0024-2014 Table 1 */
#define GM1_AD_UNSUPPORTED_SITE2SITE 200 /* fatal */
#define GM1_AD_NO_AREA 201
#define GM1_AD_UNSUPPORTED_AREATYPE 202
#define GM1_AD_BAD_IBCPARAM 203 /* fatal */
#define GM1_AD_UNSUPPORTED_IBCPARAM 204 /* fatal */
#define GM1_AD_IDENTITY_NEED 205 /* fatal */
#if 0
/* Bits for algorithm_enc (symmetric encryption */
#define SSL_SM1 0x00004000L
#define SSL_SM4 0x00008000L
/* bits for algorithm_mac */
#define SSL_SM3 0x00000040L
#endif
#define SSL_HANDSHAKE_MAC_SM3 0x200
/* SSL_MAX_DIGEST in ssl_locl.h should be update */
#define GM1_PRF_SM3 (SSL_HANDSHAKE_MAC_SM3 << TLS1_PRF_DGST_SHIFT)
#ifdef __cplusplus
}
#endif
#endif

5
ssl/ssl.h
View File

@@ -1700,6 +1700,11 @@ struct ssl_st {
# include <openssl/ssl23.h>
# include <openssl/srtp.h> /* Support for the use_srtp extension */
#ifndef OPENSSL_NO_GMSSL
#include <openssl/gmssl.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif

12
ssl/ssl_algs.c
View File

@@ -61,7 +61,7 @@
#include <openssl/lhash.h>
#include "ssl_locl.h"
int SSL_library_init(void)
static int _SSL_library_init(void)
{
#ifndef OPENSSL_NO_DES
@@ -137,6 +137,7 @@ int SSL_library_init(void)
#ifndef OPENSSL_NO_ECDSA
EVP_add_digest(EVP_ecdsa());
#endif
/* If you want support for phased out ciphers, add the following */
#if 0
EVP_add_digest(EVP_sha());
@@ -153,3 +154,12 @@ int SSL_library_init(void)
ssl_load_ciphers();
return (1);
}
int SSL_library_init(void)
{
EVP_add_cipher(EVP_sms4_cbc());
EVP_add_digest(EVP_sm3());
return _SSL_library_init();
}

63
ssl/ssl_ciph.c
View File

@@ -164,11 +164,19 @@
#define SSL_ENC_SEED_IDX 11
#define SSL_ENC_AES128GCM_IDX 12
#define SSL_ENC_AES256GCM_IDX 13
#ifndef OPENSSL_NO_GMSSL
#define SSL_ENC_SM4_IDX 14
#define SSL_ENC_NUM_IDX 15
#else
#define SSL_ENC_NUM_IDX 14
#endif
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
NULL, NULL
NULL, NULL,
#ifndef OPENSSL_NO_GMSSL
NULL
#endif
};
#define SSL_COMP_NULL_IDX 0
@@ -183,13 +191,20 @@ static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
#define SSL_MD_GOST89MAC_IDX 3
#define SSL_MD_SHA256_IDX 4
#define SSL_MD_SHA384_IDX 5
#ifndef OPENSSL_NO_GMSSL
#define SSL_MD_SM3_IDX 6
#endif
/*
* Constant SSL_MAX_DIGEST equal to size of digests array should be defined
* in the ssl_locl.h
*/
#define SSL_MD_NUM_IDX SSL_MAX_DIGEST
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
NULL, NULL, NULL, NULL, NULL, NULL
NULL, NULL, NULL, NULL, NULL, NULL,
#ifndef OPENSSL_NO_GMSSL
NULL
#endif
};
/*
@@ -209,7 +224,10 @@ static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
SSL_HANDSHAKE_MAC_SHA384
SSL_HANDSHAKE_MAC_SHA384,
#ifndef OPENSSL_NO_GMSSL
SSL_HANDSHAKE_MAC_SM3
#endif
};
#define CIPHER_ADD 1
@@ -457,6 +475,12 @@ void ssl_load_ciphers(void)
ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
#ifndef OPENSSL_NO_GMSSL
ssl_cipher_methods[SSL_ENC_SM4_IDX] = EVP_get_cipherbyname(SN_sms4_cbc);
ssl_digest_methods[SSL_MD_SM3_IDX] = EVP_get_digestbyname(SN_sm3);
#endif
}
#ifndef OPENSSL_NO_COMP
@@ -579,6 +603,11 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_AES256GCM:
i = SSL_ENC_AES256GCM_IDX;
break;
#ifndef OPENSSL_NO_GMSSL
case SSL_SM4:
i = SSL_ENC_SM4_IDX;
break;
#endif
default:
i = -1;
break;
@@ -612,6 +641,11 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
case SSL_GOST89MAC:
i = SSL_MD_GOST89MAC_IDX;
break;
#ifndef OPENSSL_NO_GMSSL
case SSL_SM3:
i = SSL_MD_SM3_IDX;
break;
#endif
default:
i = -1;
break;
@@ -666,6 +700,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
c->algorithm_mac == SSL_SHA256 &&
(evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
*enc = evp, *md = NULL;
#ifndef OPENSSL_NO_GMSSL
else if (c->algorithm_enc == SSL_SM4 &&
c->algorithm_mac == SSL_SM3 &&
(evp = EVP_get_cipherbyname("SM4-CBC-HMAC_SM3")))
*enc = evp, *md = NULL;
#endif
return (1);
} else
return (0);
@@ -813,6 +853,9 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
|| ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
NID_undef) ? SSL_GOST89MAC : 0;
#ifndef OPENSSL_NO_GMSSL
/* what we should do? */
#endif
}
static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
@@ -1820,6 +1863,11 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_eGOST2814789CNT:
enc = "GOST89(256)";
break;
#ifndef OPENSSL_NO_GMSSL
case SSL_SM4:
enc = "SM4(128)";
break;
#endif
default:
enc = "unknown";
break;
@@ -1847,6 +1895,11 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_GOST94:
mac = "GOST94";
break;
#ifndef OPENSSL_NO_GMSSL
case SSL_SM3:
mac = "SM3";
break;
#endif
default:
mac = "unknown";
break;
@@ -1881,6 +1934,10 @@ char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
return ("TLSv1/SSLv3");
else if (i == 2)
return ("SSLv2");
#ifndef OPENSSL_NO_GMSSL
else if (i == 1)
return ("GMSSLv1");
#endif
else
return ("unknown");
}

55
ssl/ssl_locl.h
View File

@@ -354,6 +354,9 @@
# define SSL_SEED 0x00000800L
# define SSL_AES128GCM 0x00001000L
# define SSL_AES256GCM 0x00002000L
#ifndef OPENSSL_NO_GMSSL
# define SSL_SM4 0x00004000L
#endif
# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
@@ -368,6 +371,9 @@
# define SSL_SHA384 0x00000020L
/* Not a real MAC, just an indication it is part of cipher */
# define SSL_AEAD 0x00000040L
#ifndef OPENSSL_NO_GMSSL
# define SSL_SM3 0x00000080L
#endif
/* Bits for algorithm_ssl (protocol version) */
# define SSL_SSLV2 0x00000001UL
@@ -382,13 +388,20 @@
# define SSL_HANDSHAKE_MAC_GOST94 0x40
# define SSL_HANDSHAKE_MAC_SHA256 0x80
# define SSL_HANDSHAKE_MAC_SHA384 0x100
#ifndef OPENSSL_NO_GMSSL
# define SSL_HANDSHAKE_MAC_SM3 0x200
#endif
# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
/*
* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
* sure to update this constant too
*/
# define SSL_MAX_DIGEST 6
#ifndef OPENSSL_NO_GMSSL
#define SSL_MAX_DIGEST 7
#else
#define SSL_MAX_DIGEST 6
#endif
# define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
@@ -848,6 +861,46 @@ extern SSL3_ENC_METHOD SSLv3_enc_data;
extern SSL3_ENC_METHOD DTLSv1_enc_data;
extern SSL3_ENC_METHOD DTLSv1_2_enc_data;
#ifndef OPENSSL_NO_GMSSL
#define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
s_get_meth, enc_data) \
const SSL_METHOD *func_name(void) \
{ \
static const SSL_METHOD func_name##_data= { \
version, \
tls1_new, \
tls1_clear, \
tls1_free, \
s_accept, \
s_connect, \
ssl3_read, \
ssl3_peek, \
ssl3_write, \
ssl3_shutdown, \
ssl3_renegotiate, \
ssl3_renegotiate_check, \
ssl3_get_message, \
ssl3_read_bytes, \
ssl3_write_bytes, \
ssl3_dispatch_alert, \
ssl3_ctrl, \
ssl3_ctx_ctrl, \
ssl3_get_cipher_by_char, \
ssl3_put_cipher_by_char, \
ssl3_pending, \
ssl3_num_ciphers, \
ssl3_get_cipher, \
s_get_meth, \
tls1_default_timeout, \
&enc_data, \
ssl_undefined_void_function, \
ssl3_callback_ctrl, \
ssl3_ctx_callback_ctrl, \
}; \
return &func_name##_data; \
}
#endif
# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
s_get_meth, enc_data) \
const SSL_METHOD *func_name(void) \

24
ssl/ssl_stat.c
View File

@@ -823,6 +823,10 @@ const char *SSL_state_string(const SSL *s)
str = "DWCHVB";
break;
#ifndef OPENSSL_NO_GMSSL
/* GMSSL */
#endif
default:
str = "UNKWN ";
break;
@@ -1049,6 +1053,26 @@ const char *SSL_alert_desc_string_long(int value)
case TLS1_AD_UNKNOWN_PSK_IDENTITY:
str = "unknown PSK identity";
break;
#ifndef OPENSSL_NO_GMSSL
case GM1_AD_UNSUPPORTED_SITE2SITE:
str = "unsupported site2site";
break;
case GM1_AD_NO_AREA:
str = "no area";
break;
case GM1_AD_UNSUPPORTED_AREATYPE:
str = "unsupported areatype";
break;
case GM1_AD_BAD_IBCPARAM:
str = "bad ibc parameters";
break;
case GM1_AD_UNSUPPORTED_IBCPARAM:
str = "unsupported ibcparam";
break;
case GM1_AD_IDENTITY_NEED:
str = "identity need";
break;
#endif
default:
str = "unknown";
break;

4
ssl/ssl_txt.c
View File

@@ -128,6 +128,10 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
s = "DTLSv1.2";
else if (x->ssl_version == DTLS1_BAD_VER)
s = "DTLSv1-bad";
#ifndef OPENSSL_NO_GMSSL
else if (x->ssl_version == GMSSL1_1_VERSION)
s = "GMSSLv1.1";
#endif
else
s = "unknown";
if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)