From 25d4ff1afb50cbc0e17d26a054dece50e8179d5a Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Fri, 26 Jan 2018 23:56:18 +0800 Subject: [PATCH] Fix SDF vendor feature --- crypto/sdf/sdf_lib.c | 22 +++++++------- crypto/sdf/sdf_sansec.c | 60 ++++++++++++++++++++++++++++++-------- include/internal/sdf_int.h | 15 ++++++---- include/openssl/opensslv.h | 4 +-- 4 files changed, 70 insertions(+), 31 deletions(-) diff --git a/crypto/sdf/sdf_lib.c b/crypto/sdf/sdf_lib.c index 4b6c6d16..581ff1ce 100644 --- a/crypto/sdf/sdf_lib.c +++ b/crypto/sdf/sdf_lib.c @@ -577,7 +577,7 @@ int SDF_GenerateKeyPair_ECC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->pkey_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, SDF_R_NOT_SUPPORTED_ECC_ALGOR); return SDR_ALGNOTSUPPORT; @@ -641,7 +641,7 @@ int SDF_GenerateKeyWithEPK_ECC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -816,7 +816,7 @@ int SDF_ExchangeDigitEnvelopeBaseOnECC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -856,7 +856,7 @@ int SDF_GenerateKeyWithKEK( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -895,7 +895,7 @@ int SDF_ImportKeyWithKEK( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -1046,7 +1046,7 @@ int SDF_ExternalVerify_ECC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->pkey_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, SDF_R_NOT_SUPPORTED_PKEY_ALGOR); return SDR_ALGNOTSUPPORT; @@ -1140,7 +1140,7 @@ int SDF_ExternalEncrypt_ECC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->pkey_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, SDF_R_NOT_SUPPORTED_PKEY_ALGOR); return SDR_ALGNOTSUPPORT; @@ -1210,7 +1210,7 @@ int SDF_Encrypt( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_ENCRYPT, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -1251,7 +1251,7 @@ int SDF_Decrypt( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_DECRYPT, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; } @@ -1291,7 +1291,7 @@ int SDF_CalculateMAC( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->cipher_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_CALCULATEMAC, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); return SDR_ALGNOTSUPPORT; @@ -1329,7 +1329,7 @@ int SDF_HashInit( } if (sdf_vendor) { - if (!(uiAlgID = sdf_vendor->get_digest_algor(uiAlgID))) { + if (!(uiAlgID = sdf_vendor->digest_std2vendor(uiAlgID))) { SDFerr(SDF_F_SDF_HASHINIT, SDF_R_NOT_SUPPORTED_DIGEST_ALGOR); return SDR_ALGNOTSUPPORT; } diff --git a/crypto/sdf/sdf_sansec.c b/crypto/sdf/sdf_sansec.c index 644ca1ca..5d6a7f03 100644 --- a/crypto/sdf/sdf_sansec.c +++ b/crypto/sdf/sdf_sansec.c @@ -97,7 +97,7 @@ static SDF_ALGOR_PAIR sansec_ciphers[] = { { 0, SANSEC_3DES_MAC }, }; -static unsigned int sansec_get_cipher_algor(unsigned int vendor_id) +static unsigned int sansec_cipher_vendor2std(unsigned int vendor_id) { int i; for (i = 0; i < OSSL_NELEM(sansec_ciphers); i++) { @@ -108,7 +108,18 @@ static unsigned int sansec_get_cipher_algor(unsigned int vendor_id) return 0; } -static unsigned int sansec_get_cipher_cap(unsigned int vendor_cap) +static unsigned int sansec_cipher_std2vendor(unsigned int std_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_ciphers); i++) { + if (std_id == sansec_ciphers[i].std_id) { + return sansec_ciphers[i].vendor_id; + } + } + return 0; +} + +static unsigned int sansec_cipher_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; int i; @@ -132,7 +143,7 @@ static SDF_ALGOR_PAIR sansec_digests[] = { { 0, SANSEC_MD5 }, }; -static unsigned int sansec_get_digest_algor(unsigned int vendor_id) +static unsigned int sansec_digest_vendor2std(unsigned int vendor_id) { int i; for (i = 0; i < OSSL_NELEM(sansec_digests); i++) { @@ -143,7 +154,18 @@ static unsigned int sansec_get_digest_algor(unsigned int vendor_id) return 0; } -static unsigned int sansec_get_digest_cap(unsigned int vendor_cap) +static unsigned int sansec_digest_std2vendor(unsigned int std_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_digests); i++) { + if (std_id == sansec_digests[i].std_id) { + return sansec_digests[i].vendor_id; + } + } + return 0; +} + +static unsigned int sansec_digest_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; int i; @@ -167,7 +189,7 @@ static SDF_ALGOR_PAIR sansec_pkeys[] = { { SGD_SM2_3,SANSEC_SM2_3 }, }; -static unsigned int sansec_get_pkey_algor(unsigned int vendor_id) +static unsigned int sansec_pkey_vendor2std(unsigned int vendor_id) { int i; for (i = 0; i < OSSL_NELEM(sansec_pkeys); i++) { @@ -178,7 +200,18 @@ static unsigned int sansec_get_pkey_algor(unsigned int vendor_id) return 0; } -static unsigned int sansec_get_pkey_cap(unsigned int vendor_cap) +static unsigned int sansec_pkey_std2vendor(unsigned int std_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_pkeys); i++) { + if (std_id == sansec_pkeys[i].std_id) { + return sansec_pkeys[i].vendor_id; + } + } + return 0; +} + +static unsigned int sansec_pkey_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; int i; @@ -318,12 +351,15 @@ static unsigned long sansec_get_error_reason(int err) SDF_VENDOR sdf_sansec = { "sansec", - sansec_get_cipher_algor, - sansec_get_cipher_cap, - sansec_get_digest_algor, - sansec_get_digest_cap, - sansec_get_pkey_algor, - sansec_get_pkey_cap, + sansec_cipher_vendor2std, + sansec_cipher_std2vendor, + sansec_cipher_cap, + sansec_digest_vendor2std, + sansec_digest_std2vendor, + sansec_digest_cap, + sansec_pkey_vendor2std, + sansec_pkey_std2vendor, + sansec_pkey_cap, sansec_encode_ecccipher, sansec_decode_ecccipher, sansec_get_error_reason, diff --git a/include/internal/sdf_int.h b/include/internal/sdf_int.h index f0e8b6ad..92ce77c3 100644 --- a/include/internal/sdf_int.h +++ b/include/internal/sdf_int.h @@ -445,12 +445,15 @@ void SDF_METHOD_free(SDF_METHOD *meth); typedef struct sdf_vendor_st { char *name; - unsigned int (*get_cipher_algor)(unsigned int vendor_id); - unsigned int (*get_digest_algor)(unsigned int vendor_id); - unsigned int (*get_pkey_algor)(unsigned int vendor_id); - unsigned int (*get_cipher_cap)(unsigned int vendor_cap); - unsigned int (*get_digest_cap)(unsigned int vendor_cap); - unsigned int (*get_pkey_cap)(unsigned int vendor_cap); + unsigned int (*cipher_vendor2std)(unsigned int vendor_id); + unsigned int (*cipher_std2vendor)(unsigned int std_id); + unsigned int (*cipher_cap)(unsigned int vendor_cap); + unsigned int (*digest_vendor2std)(unsigned int vendor_id); + unsigned int (*digest_std2vendor)(unsigned int std_id); + unsigned int (*digest_cap)(unsigned int vendor_cap); + unsigned int (*pkey_vendor2std)(unsigned int vendor_id); + unsigned int (*pkey_std2vendor)(unsigned int std_id); + unsigned int (*pkey_cap)(unsigned int vendor_cap); int (*encode_ecccipher)(const ECCCipher *a, void *buf); int (*decode_ecccipher)(ECCCipher *a, const void *buf); unsigned long (*get_error_reason)(int err); diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h index e6cb2da3..67d89706 100644 --- a/include/openssl/opensslv.h +++ b/include/openssl/opensslv.h @@ -41,9 +41,9 @@ extern "C" { */ # define OPENSSL_VERSION_NUMBER 0x1010004fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "GmSSL 2.1.0 - OpenSSL 1.1.0d-fips 07 Jan 2018" +# define OPENSSL_VERSION_TEXT "GmSSL 2.1.1 - OpenSSL 1.1.0d-fips 26 Jan 2018" # else -# define OPENSSL_VERSION_TEXT "GmSSL 2.1.0 - OpenSSL 1.1.0d 07 Jan 2018" +# define OPENSSL_VERSION_TEXT "GmSSL 2.1.1 - OpenSSL 1.1.0d 26 Jan 2018" # endif /*-