diff --git a/Configurations/00-base-templates.conf b/Configurations/00-base-templates.conf index 3455b3ac..50890d03 100644 --- a/Configurations/00-base-templates.conf +++ b/Configurations/00-base-templates.conf @@ -25,6 +25,7 @@ cmll_asm_src => "camellia.c cmll_misc.c cmll_cbc.c", modes_asm_src => "", padlock_asm_src => "", + gmi_asm_src => "", chacha_asm_src => "chacha_enc.c", poly1305_asm_src => "", @@ -151,6 +152,7 @@ cmll_asm_src => "cmll-x86.s", modes_asm_src => "ghash-x86.s", padlock_asm_src => "e_padlock-x86.s", + gmi_asm_src => "e_gmi-x86.s", chacha_asm_src => "chacha-x86.s", poly1305_asm_src=> "poly1305-x86.s", }, @@ -172,6 +174,7 @@ cmll_asm_src => "cmll-x86_64.s cmll_misc.c", modes_asm_src => "ghash-x86_64.s aesni-gcm-x86_64.s", padlock_asm_src => "e_padlock-x86_64.s", + gmi_asm_src => "e_gmi-x86_64.s", chacha_asm_src => "chacha-x86_64.s", poly1305_asm_src=> "poly1305-x86_64.s", }, @@ -247,7 +250,7 @@ sha1_asm_src => "sha1-armv4-large.S sha256-armv4.S sha512-armv4.S", modes_asm_src => "ghash-armv4.S ghashv8-armx.S", chacha_asm_src => "chacha-armv4.S", - poly1305_asm_src=> "poly1305-armv4.S", + poly1305_asm_src=> "poly1305-armv4.S", perlasm_scheme => "void" }, aarch64_asm => { diff --git a/Configurations/90-team.conf b/Configurations/90-team.conf index 0a83c22a..6ff299b1 100644 --- a/Configurations/90-team.conf +++ b/Configurations/90-team.conf @@ -69,6 +69,7 @@ wp_asm_src => "wp_block.s wp-mmx.s", modes_asm_src => "ghash-x86.s", padlock_asm_src => "e_padlock-x86.s", + gmi_asm_src => "e_gmi-x86.s", thread_scheme => "pthreads", perlasm_scheme => "elf", dso_scheme => "dlfcn", diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 3d8dc628..adbf34fe 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -630,7 +630,7 @@ install_man_docs: @\ OUTSUFFIX='.$${SEC}$(MANSUFFIX)'; \ OUTTOP="$(DESTDIR)$(MANDIR)"; \ - GENERATE='pod2man --utf8 --name=$$NAME --section=$$SEC --center=OpenSSL --release=$(VERSION)'; \ + GENERATE='pod2man --name=$$NAME --section=$$SEC --center=OpenSSL --release=$(VERSION)'; \ $(PROCESS_PODS) uninstall_man_docs: @@ -646,7 +646,7 @@ install_html_docs: @\ OUTSUFFIX='.$(HTMLSUFFIX)'; \ OUTTOP="$(DESTDIR)$(HTMLDIR)"; \ - GENERATE="pod2html --utf8 --podroot=$(SRCDIR)/doc --htmldir=.. \ + GENERATE="pod2html --podroot=$(SRCDIR)/doc --htmldir=.. \ --podpath=apps:crypto:ssl --title=\$$Name \ | perl -pe 's|href=\"http://man.he.net/man|href=\"../man|g; s|href=\"(.*/man.*)(?|href=\"\$$1.html\">|g;'"; \ $(PROCESS_PODS) diff --git a/Configure b/Configure index 627935dd..b563fbe8 100755 --- a/Configure +++ b/Configure @@ -301,7 +301,7 @@ my $default_ranlib; $config{fips}=0; # Top level directories to build -$config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ]; +$config{dirs} = [ "crypto", "ssl", "engines", "apps", "util", "tools", "fuzz", "java" ]; # crypto/ subdirectories to build $config{sdirs} = [ "objects", @@ -311,9 +311,9 @@ $config{sdirs} = [ "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", - "sm3", "sms4", "kdf2", "ecies", "ffx", "sm2", "paillier", "cpk", "otp", "gmapi", "ec2", - "bfibe", "bb1ibe", "sm9", "saf", "sdf", "skf", "sof", "zuc", - "serpent", "speck", "base58" + "sm3", "base58", "sms4", "zuc", "serpent", "speck", "kdf2", "ffx", "otp", + "ecies", "sm2", "cpk", "paillier", "ec2", "sm9", "bfibe", "bb1ibe", + "gmapi", "skf", "sdf", "saf", "sof", ]; # Known TLS and DTLS protocols @@ -407,6 +407,9 @@ my @disablables = ( "weak-ssl-ciphers", "zlib", "zlib-dynamic", + "skfeng", + "sdfeng", + "gmieng", "sm3", "sms4", "kdf2", @@ -436,6 +439,8 @@ my @disablables = ( "serpent", "speck", "base58", + "java", + "ca", ); foreach my $proto ((@tls, @dtls)) { @@ -473,6 +478,7 @@ our %disabled = ( # "what" => "comment" "zlib" => "default", "zlib-dynamic" => "default", "zuc" => "default", + #"engine" => "default", #"sm9" => "default", #"bfibe" => "default", #"bb1ibe" => "default", @@ -483,6 +489,7 @@ our %disabled = ( # "what" => "comment" #"sof" => "default", #"serpent" => "default", #"speck" => "default", + #"base58" => "default", ); # Note: => pair form used for aesthetics, not to truly make a hash table @@ -500,9 +507,15 @@ my @disable_cascades = ( "sock" => [ "dgram" ], "dtls" => [ @dtls ], + "sm3" => [ "sm2" ], + "saf" => [ "sof" ], + # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA - "md5" => [ "ssl", "tls1", "tls1_1", "dtls1" ], - "sha" => [ "ssl", "tls1", "tls1_1", "dtls1" ], + "md5" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine" ], + # current pkcs12 rfc only define sha1/des bag + "sha" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine", "rsa", "dh", "dsa", "ocsp", "ct", "srp", "ts", "ec2", "cpk" ], + "aes" => [ "engine" ], + "ec2" => [ "sm9", "bfibe", "bb1ibe" ], # Additionally, SSL 3.0 requires either RSA or DSA+DH sub { $disabled{rsa} @@ -531,7 +544,7 @@ my @disable_cascades = ( # Without position independent code, there can be no shared libraries or DSOs "pic" => [ "shared" ], "shared" => [ "dynamic-engine" ], - "engine" => [ "afalgeng" ], + "engine" => [ "afalgeng", "saf" ], # no-autoalginit is only useful when building non-shared "autoalginit" => [ "shared", "apps" ], @@ -1238,6 +1251,9 @@ unless ($disabled{asm}) { if ($target{padlock_asm_src} ne $table{DEFAULTS}->{padlock_asm_src}) { push @{$config{defines}}, "PADLOCK_ASM"; } + if ($target{gmi_asm_src} ne $table{DEFAULTS}->{gmi_asm_src}) { + push @{$config{defines}}, "GMI_ASM"; + } if ($target{poly1305_asm_src} ne "") { push @{$config{defines}}, "POLY1305_ASM"; } @@ -2106,6 +2122,7 @@ print "RMD160_OBJ_ASM=$target{rmd160_obj}\n"; print "CMLL_ENC =$target{cmll_obj}\n"; print "MODES_OBJ =$target{modes_obj}\n"; print "PADLOCK_OBJ =$target{padlock_obj}\n"; +print "GMI_OBJ =$target{gmi_obj}\n"; print "CHACHA_ENC =$target{chacha_obj}\n"; print "POLY1305_OBJ =$target{poly1305_obj}\n"; print "BLAKE2_OBJ =$target{blake2_obj}\n"; @@ -2560,6 +2577,7 @@ sub print_table_entry "cmll_asm_src", "modes_asm_src", "padlock_asm_src", + "gmi_asm_src", "chacha_asm_src", "poly1035_asm_src", "thread_scheme", diff --git a/apps/apps.c b/apps/apps.c index cbf4e90b..f3079bbf 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1267,6 +1267,8 @@ ENGINE *setup_engine(const char *engine, int debug) return NULL; } + // GmSSL add here! + ENGINE_add_conf_module(); BIO_printf(bio_err, "engine \"%s\" set.\n", ENGINE_get_id(e)); } #endif diff --git a/apps/ciphers.c b/apps/ciphers.c index c0f43ea2..8f49fd16 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -21,6 +21,7 @@ typedef enum OPTION_choice { OPT_TLS1, OPT_TLS1_1, OPT_TLS1_2, + OPT_GMTLS, OPT_PSK, OPT_SRP, OPT_V, OPT_UPPER_V, OPT_S @@ -43,6 +44,9 @@ OPTIONS ciphers_options[] = { #ifndef OPENSSL_NO_TLS1_2 {"tls1_2", OPT_TLS1_2, '-', "TLS1.2 mode"}, #endif +#ifndef OPENSSL_NO_GMTLS_METHOD + {"gmtls", OPT_GMTLS, '-', "GMTLS1.1 mode"}, +#endif #ifndef OPENSSL_NO_SSL_TRACE {"stdname", OPT_STDNAME, '-', "Show standard cipher names"}, #endif @@ -135,6 +139,12 @@ int ciphers_main(int argc, char **argv) min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; break; +#ifndef OPENSSL_NO_GMTLS_METHOD + case OPT_GMTLS: + min_version = GMTLS_VERSION; + max_version = GMTLS_VERSION; + break; +#endif case OPT_PSK: #ifndef OPENSSL_NO_PSK psk = 1; @@ -222,7 +232,7 @@ int ciphers_main(int argc, char **argv) const char *nm = SSL_CIPHER_standard_name(c); if (nm == NULL) nm = "UNKNOWN"; - BIO_printf(bio_out, "%s - ", nm); + BIO_printf(bio_out, "%-40s - ", nm); } #endif BIO_puts(bio_out, SSL_CIPHER_description(c, buf, sizeof buf)); diff --git a/apps/cms.c b/apps/cms.c index 579b2273..7af2757a 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -79,7 +79,7 @@ typedef enum OPTION_choice { OPT_RAND, OPT_PASSIN, OPT_TO, OPT_FROM, OPT_SUBJECT, OPT_SIGNER, OPT_RECIP, OPT_CERTSOUT, OPT_MD, OPT_INKEY, OPT_KEYFORM, OPT_KEYOPT, OPT_RR_FROM, OPT_RR_TO, OPT_AES128_WRAP, OPT_AES192_WRAP, OPT_AES256_WRAP, - OPT_3DES_WRAP, OPT_ENGINE, + OPT_SMS4_WRAP, OPT_3DES_WRAP, OPT_ENGINE, OPT_V_ENUM, OPT_CIPHER } OPTION_CHOICE; @@ -146,7 +146,7 @@ OPTIONS cms_options[] = { "Do not load certificates from the default certificates directory"}, {"content", OPT_CONTENT, '<', "Supply or override content for detached signature"}, - {"print", OPT_PRINT, '-', + {"print", OPT_PRINT, '-', "For the -cmsout operation print out all fields of the CMS structure"}, {"secretkey", OPT_SECRETKEY, 's'}, {"secretkeyid", OPT_SECRETKEYID, 's'}, @@ -170,9 +170,14 @@ OPTIONS cms_options[] = { {"receipt_request_to", OPT_RR_TO, 's'}, {"", OPT_CIPHER, '-', "Any supported cipher"}, OPT_V_OPTIONS, +# ifndef OPENSSL_NO_AES {"aes128-wrap", OPT_AES128_WRAP, '-', "Use AES128 to wrap key"}, {"aes192-wrap", OPT_AES192_WRAP, '-', "Use AES192 to wrap key"}, {"aes256-wrap", OPT_AES256_WRAP, '-', "Use AES256 to wrap key"}, +# endif +# ifndef OPENSSL_NO_SMS4 + {"sms4-wrap", OPT_SMS4_WRAP, '-', "Use SMS4 to wrap key"}, +# endif # ifndef OPENSSL_NO_DES {"des3-wrap", OPT_3DES_WRAP, '-', "Use 3DES-EDE to wrap key"}, # endif @@ -567,11 +572,12 @@ int cms_main(int argc, char **argv) goto end; vpmtouched++; break; +# if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA) case OPT_3DES_WRAP: -# ifndef OPENSSL_NO_DES wrap_cipher = EVP_des_ede3_wrap(); -# endif break; +# endif +# ifndef OPENSSL_NO_AES case OPT_AES128_WRAP: wrap_cipher = EVP_aes_128_wrap(); break; @@ -581,6 +587,12 @@ int cms_main(int argc, char **argv) case OPT_AES256_WRAP: wrap_cipher = EVP_aes_256_wrap(); break; +# endif +# ifndef OPENSSL_NO_SMS4 + case OPT_SMS4_WRAP: + wrap_cipher = EVP_sms4_wrap(); + break; +# endif } } argc = opt_num_rest(); diff --git a/apps/crl.c b/apps/crl.c index 06b6e5b9..bd294d7b 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -68,7 +68,7 @@ int crl_main(int argc, char **argv) X509_LOOKUP *lookup = NULL; X509_OBJECT *xobj = NULL; EVP_PKEY *pkey; - const EVP_MD *digest = EVP_sha1(); + const EVP_MD *digest = EVP_get_digestbynid(NID_sha1); unsigned long nmflag = 0; char nmflag_set = 0; char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL; diff --git a/apps/dgst.c b/apps/dgst.c index 08182e2a..cffc16b3 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -33,7 +33,7 @@ typedef enum OPTION_choice { OPT_PRVERIFY, OPT_SIGNATURE, OPT_KEYFORM, OPT_ENGINE, OPT_ENGINE_IMPL, OPT_HEX, OPT_BINARY, OPT_DEBUG, OPT_FIPS_FINGERPRINT, OPT_HMAC, OPT_MAC, OPT_SIGOPT, OPT_MACOPT, - OPT_DIGEST + OPT_DIGEST, OPT_CONFIG } OPTION_CHOICE; OPTIONS dgst_options[] = { @@ -69,6 +69,7 @@ OPTIONS dgst_options[] = { {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, {"engine_impl", OPT_ENGINE_IMPL, '-', "Also use engine given by -engine for digest operations"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif {NULL} }; @@ -90,6 +91,8 @@ int dgst_main(int argc, char **argv) int i, ret = 1, out_bin = -1, want_pub = 0, do_verify = 0; unsigned char *buf = NULL, *sigbuf = NULL; int engine_impl = 0; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_progname(argv[0]); buf = app_malloc(BUFSIZE, "I/O buffer"); @@ -181,6 +184,9 @@ int dgst_main(int argc, char **argv) goto opthelp; md = m; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); @@ -223,6 +229,12 @@ int dgst_main(int argc, char **argv) out_bin = 0; } + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + if (randfile) app_RAND_load_file(randfile, 0); @@ -323,7 +335,7 @@ int dgst_main(int argc, char **argv) goto end; } if (md == NULL) - md = EVP_sha256(); + md = EVP_get_digestbynid(NID_sha256); if (!EVP_DigestInit_ex(mctx, md, impl)) { BIO_printf(bio_err, "Error setting digest\n"); ERR_print_errors(bio_err); @@ -399,6 +411,7 @@ int dgst_main(int argc, char **argv) OPENSSL_free(sigbuf); BIO_free(bmd); release_engine(e); + NCONF_free(conf); return (ret); } diff --git a/apps/ec.c b/apps/ec.c index 2516c032..3255d624 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -39,7 +39,7 @@ typedef enum OPTION_choice { OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, OPT_NOOUT, OPT_TEXT, OPT_PARAM_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_PASSIN, OPT_PASSOUT, OPT_PARAM_ENC, OPT_CONV_FORM, OPT_CIPHER, - OPT_NO_PUBLIC, OPT_CHECK + OPT_NO_PUBLIC, OPT_CHECK, OPT_CONFIG } OPTION_CHOICE; OPTIONS ec_options[] = { @@ -63,6 +63,7 @@ OPTIONS ec_options[] = { {"", OPT_CIPHER, '-', "Any supported cipher"}, # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, # endif {NULL} }; @@ -82,6 +83,8 @@ int ec_main(int argc, char **argv) int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0; int pubin = 0, pubout = 0, param_out = 0, i, ret = 1, private = 0; int no_public = 0, check = 0; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, ec_options); while ((o = opt_next()) != OPT_EOF) { @@ -155,12 +158,22 @@ int ec_main(int argc, char **argv) case OPT_CHECK: check = 1; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + private = param_out || pubin || pubout ? 0 : 1; if (text && !pubin) private = 1; @@ -276,6 +289,7 @@ int ec_main(int argc, char **argv) release_engine(e); OPENSSL_free(passin); OPENSSL_free(passout); + NCONF_free(conf); return (ret); } #endif diff --git a/apps/ecparam.c b/apps/ecparam.c index 891a0cac..9a9b62e4 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -42,7 +42,8 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C, OPT_CHECK, OPT_LIST_CURVES, OPT_NO_SEED, OPT_NOOUT, OPT_NAME, - OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_RAND, OPT_ENGINE + OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_RAND, OPT_ENGINE, + OPT_CONFIG } OPTION_CHOICE; OPTIONS ecparam_options[] = { @@ -68,6 +69,7 @@ OPTIONS ecparam_options[] = { {"rand", OPT_RAND, 's', "Files to use for random number input"}, # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, # endif {NULL} }; @@ -102,6 +104,8 @@ int ecparam_main(int argc, char **argv) int ret = 1, private = 0; int list_curves = 0, no_seed = 0, check = 0, new_form = 0; int text = 0, i, need_rand = 0, genkey = 0; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, ecparam_options); while ((o = opt_next()) != OPT_EOF) { @@ -171,12 +175,22 @@ int ecparam_main(int argc, char **argv) case OPT_ENGINE: e = setup_engine(opt_arg(), 0); break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + private = genkey ? 1 : 0; in = bio_open_default(infile, 'r', informat); @@ -459,6 +473,7 @@ int ecparam_main(int argc, char **argv) release_engine(e); BIO_free(in); BIO_free_all(out); + NCONF_free(conf); return (ret); } diff --git a/apps/enc.c b/apps/enc.c index c66ad933..e67c6fd7 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -38,7 +38,7 @@ typedef enum OPTION_choice { OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V, OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A, OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE, - OPT_UPPER_S, OPT_IV, OPT_MD, OPT_CIPHER + OPT_UPPER_S, OPT_IV, OPT_MD, OPT_CIPHER, OPT_CONFIG } OPTION_CHOICE; OPTIONS enc_options[] = { @@ -74,6 +74,7 @@ OPTIONS enc_options[] = { #endif #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif {NULL} }; @@ -104,6 +105,8 @@ int enc_main(int argc, char **argv) int do_zlib = 0; BIO *bzl = NULL; #endif + CONF *conf = NULL; + char *configfile = default_config_file; /* first check the program name */ prog = opt_progname(argv[0]); @@ -246,9 +249,19 @@ int enc_main(int argc, char **argv) case OPT_NONE: cipher = NULL; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog); goto end; @@ -260,7 +273,7 @@ int enc_main(int argc, char **argv) } if (dgst == NULL) - dgst = EVP_sha256(); + dgst = EVP_get_digestbynid(NID_sha256); /* It must be large enough for a base64 encoded line */ if (base64 && bsize < 80) @@ -471,7 +484,7 @@ int enc_main(int argc, char **argv) BIO_get_cipher_ctx(benc, &ctx); - if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) { + if (!EVP_CipherInit_ex(ctx, cipher, e, NULL, NULL, enc)) { BIO_printf(bio_err, "Error setting cipher %s\n", EVP_CIPHER_name(cipher)); ERR_print_errors(bio_err); @@ -555,6 +568,7 @@ int enc_main(int argc, char **argv) #endif release_engine(e); OPENSSL_free(pass); + NCONF_free(conf); return (ret); } diff --git a/apps/engine.c b/apps/engine.c index ffd31374..3264a2b2 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -23,7 +23,8 @@ NON_EMPTY_TRANSLATION_UNIT typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_C, OPT_T, OPT_TT, OPT_PRE, OPT_POST, - OPT_V = 100, OPT_VV, OPT_VVV, OPT_VVVV + OPT_V = 100, OPT_VV, OPT_VVV, OPT_VVVV, + OPT_CONFIG } OPTION_CHOICE; OPTIONS engine_options[] = { @@ -40,6 +41,7 @@ OPTIONS engine_options[] = { {"tt", OPT_TT, '-', "Display error trace for unavailable engines"}, {"pre", OPT_PRE, 's', "Run command against the ENGINE before loading it"}, {"post", OPT_POST, 's', "Run command against the ENGINE after loading it"}, + {"config", OPT_CONFIG, 's', "A config file"}, {OPT_MORE_STR, OPT_EOF, 1, "Commands are like \"SO_PATH:/lib/libdriver.so\""}, {NULL} @@ -271,6 +273,8 @@ int engine_main(int argc, char **argv) OPTION_CHOICE o; char *prog; char *argv1; + CONF *conf = NULL; + char *configfile = default_config_file; out = dup_bio_out(FORMAT_TEXT); if (engines == NULL || pre_cmds == NULL || post_cmds == NULL) @@ -320,6 +324,9 @@ int engine_main(int argc, char **argv) case OPT_POST: sk_OPENSSL_STRING_push(post_cmds, opt_arg()); break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } @@ -336,6 +343,8 @@ int engine_main(int argc, char **argv) sk_OPENSSL_CSTRING_push(engines, *argv); } + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + if (sk_OPENSSL_CSTRING_num(engines) == 0) { for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) { sk_OPENSSL_CSTRING_push(engines, ENGINE_get_id(e)); @@ -365,9 +374,19 @@ int engine_main(int argc, char **argv) ENGINE_DIGESTS_PTR fn_d; ENGINE_PKEY_METHS_PTR fn_pk; +#if 0 + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; +#endif + if (ENGINE_get_RSA(e) != NULL && !append_buf(&cap_buf, &cap_size, "RSA")) goto end; + if (ENGINE_get_EC(e) != NULL + && !append_buf(&cap_buf, &cap_size, "EC")) + goto end; if (ENGINE_get_DSA(e) != NULL && !append_buf(&cap_buf, &cap_size, "DSA")) goto end; @@ -440,6 +459,7 @@ int engine_main(int argc, char **argv) sk_OPENSSL_STRING_free(pre_cmds); sk_OPENSSL_STRING_free(post_cmds); BIO_free_all(out); + NCONF_free(conf); return (ret); } #endif diff --git a/apps/genpkey.c b/apps/genpkey.c index 9e379772..1352d5dc 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -23,7 +23,8 @@ static int genpkey_cb(EVP_PKEY_CTX *ctx); typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUTFORM, OPT_OUT, OPT_PASS, OPT_PARAMFILE, - OPT_ALGORITHM, OPT_PKEYOPT, OPT_GENPARAM, OPT_TEXT, OPT_CIPHER + OPT_ALGORITHM, OPT_PKEYOPT, OPT_GENPARAM, OPT_TEXT, OPT_CIPHER, + OPT_CONFIG } OPTION_CHOICE; OPTIONS genpkey_options[] = { @@ -40,6 +41,7 @@ OPTIONS genpkey_options[] = { {"", OPT_CIPHER, '-', "Cipher to use to encrypt the key"}, #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif /* This is deliberately last. */ {OPT_HELP_STR, 1, 1, @@ -58,6 +60,8 @@ int genpkey_main(int argc, char **argv) OPTION_CHOICE o; int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0; int private = 0; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, genpkey_options); while ((o = opt_next()) != OPT_EOF) { @@ -119,12 +123,22 @@ int genpkey_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &cipher) || do_param == 1) goto opthelp; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + private = do_param ? 0 : 1; if (ctx == NULL) @@ -195,6 +209,7 @@ int genpkey_main(int argc, char **argv) BIO_free(in); release_engine(e); OPENSSL_free(pass); + NCONF_free(conf); return ret; } diff --git a/apps/genrsa.c b/apps/genrsa.c index 1ac66a97..16ca2287 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -33,7 +33,8 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb); typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_3, OPT_F4, OPT_ENGINE, - OPT_OUT, OPT_RAND, OPT_PASSOUT, OPT_CIPHER + OPT_OUT, OPT_RAND, OPT_PASSOUT, OPT_CIPHER, + OPT_CONFIG } OPTION_CHOICE; OPTIONS genrsa_options[] = { @@ -48,6 +49,7 @@ OPTIONS genrsa_options[] = { {"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"}, # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, # endif {NULL} }; @@ -67,6 +69,8 @@ int genrsa_main(int argc, char **argv) char *outfile = NULL, *passoutarg = NULL, *passout = NULL; char *inrand = NULL, *prog, *hexe, *dece; OPTION_CHOICE o; + CONF *conf = NULL; + char *configfile = default_config_file; if (bn == NULL || cb == NULL) goto end; @@ -106,6 +110,9 @@ int genrsa_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &enc)) goto end; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); @@ -115,6 +122,13 @@ int genrsa_main(int argc, char **argv) if (argv[0] && (!opt_int(argv[0], &num) || num <= 0)) goto end; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + if (!app_passwd(NULL, passoutarg, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); goto end; @@ -168,6 +182,7 @@ int genrsa_main(int argc, char **argv) BIO_free_all(out); release_engine(eng); OPENSSL_free(passout); + NCONF_free(conf); if (ret != 0) ERR_print_errors(bio_err); return (ret); diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index 0092a650..f3d06f70 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -2,6 +2,7 @@ # OpenSSL example configuration file. # This is mostly being used for generation of certificate requests. # +openssl_conf = openssl_init # This definition stops the following lines choking if HOME isn't # defined. @@ -186,6 +187,8 @@ basicConstraints=CA:FALSE # This is typical in keyUsage for a client certificate. # keyUsage = nonRepudiation, digitalSignature, keyEncipherment +# keyUsage = digitalSignature +keyUsage = keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" @@ -344,3 +347,42 @@ tsa_name = yes # Must the TSA name be included in the reply? # (optional, default: no) ess_cert_id_chain = no # Must the ESS cert id chain be included? # (optional, default: no) + + +[openssl_init] +engines = engine_section + +[engine_section] +skf = skf_section + +[pkcs11_section] +engine_id = pkcs11 +dynamic_path = /usr/lib/engines/engine_pkcs11.so +MODULE_PATH = /usr/local/lib/opensc-pkcs11.so +PIN = 123456 +init = 0 + +[sdf_section] +engine_id = sdf +SO_PATH = /Users/guanzhi/code/github/GmSSL-Private/engines/sdf_dummy.dylib +VENDOR = sansec +OPEN_DEV = +init = 1 + +[skf_section] +engine_id = skf +VERBOSE = 2 +SO_PATH = /home/guanzhi/code/github/GmSSL-Private/engines/libSKF_final.so +SET_AUTHKEY = 31323334353637383132333435363738 +OPEN_DEV = /media/guanzhi/Factory +OPEN_APP = myApp1 +init = 1 + + + + +#[req] +#distinguished_name = req_distinguished_name +# +#[req_distinguished_name] + diff --git a/apps/openssl.cnf b/apps/openssl.cnf index b3e7444e..71cd5b39 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -2,6 +2,7 @@ # OpenSSL example configuration file. # This is mostly being used for generation of certificate requests. # +openssl_conf = openssl_init # This definition stops the following lines choking if HOME isn't # defined. @@ -186,6 +187,8 @@ basicConstraints=CA:FALSE # This is typical in keyUsage for a client certificate. # keyUsage = nonRepudiation, digitalSignature, keyEncipherment +# keyUsage = digitalSignature +keyUsage = keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" @@ -344,3 +347,42 @@ tsa_name = yes # Must the TSA name be included in the reply? # (optional, default: no) ess_cert_id_chain = no # Must the ESS cert id chain be included? # (optional, default: no) + + +[openssl_init] +engines = engine_section + +[engine_section] +skf = skf_section + +[pkcs11_section] +engine_id = pkcs11 +dynamic_path = /usr/lib/engines/engine_pkcs11.so +MODULE_PATH = /usr/local/lib/opensc-pkcs11.so +PIN = 123456 +init = 0 + +[sdf_section] +engine_id = sdf +SO_PATH = /Users/guanzhi/code/github/GmSSL-Private/engines/sdf_dummy.dylib +VENDOR = sansec +OPEN_DEV = +init = 1 + +[skf_section] +engine_id = skf +VERBOSE = 2 +SO_PATH = /home/guanzhi/code/github/GmSSL-Private/engines/libSKF_final.so +SET_AUTHKEY = 31323334353637383132333435363738 +OPEN_DEV = /media/guanzhi/Factory +OPEN_APP = myApp1 +init = 1 + + + + +#[req] +#distinguished_name = req_distinguished_name +# +#[req_distinguished_name] + diff --git a/apps/otp.c b/apps/otp.c index fead2270..e704db35 100644 --- a/apps/otp.c +++ b/apps/otp.c @@ -47,29 +47,22 @@ * ==================================================================== */ /* - * gmssl otp -setup - * gmssl otp -genkey + * gmssl otp -genkey -seed data */ -#include -#ifdef OPENSSL_NO_OTP -NON_EMPTY_TRANSLATION_UNIT -#else +#include "apps.h" -# include -# include -# include -# include "apps.h" -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { - OPT_ERR = -1, - OPT_EOF = 0, - OPT_HELP + OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, + OPT_SETUP, OPT_GENKEY } OPTION_CHOICE; OPTIONS otp_options[] = { @@ -82,4 +75,3 @@ int otp_main(int argc, char **argv) printf("otp not implemented\n"); return 0; } -#endif diff --git a/apps/passwd.c b/apps/passwd.c index a45245cd..8bc52643 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -6,17 +6,18 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +#include #if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC # define NO_MD5CRYPT_1 #endif -#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1) # include # include "apps.h" +#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1) # include # include # include diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 0e69c9c1..d5a1d775 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -8,6 +8,8 @@ */ #include +/* 依赖DES是由PKCS12的标准要求的还是遗留问题? + */ #if defined(OPENSSL_NO_DES) NON_EMPTY_TRANSLATION_UNIT #else diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 93ffdd55..16fdc42f 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -16,6 +16,13 @@ #include #include +/* pkcs8 command use aes-256-cbc as default cipher */ +#ifndef OPENSSL_NO_AES +# define PKCS8_DEFAULT_EVP_CIPHER EVP_aes_256_cbc() +#else +# define PKCS8_DEFAULT_EVP_CIPHER EVP_sms4_cbc() +#endif + typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, @@ -135,7 +142,7 @@ int pkcs8_main(int argc, char **argv) goto opthelp; } if (cipher == NULL) - cipher = EVP_aes_256_cbc(); + cipher = PKCS8_DEFAULT_EVP_CIPHER; break; case OPT_ITER: if (!opt_int(opt_arg(), &iter)) @@ -156,7 +163,7 @@ int pkcs8_main(int argc, char **argv) scrypt_r = 8; scrypt_p = 1; if (cipher == NULL) - cipher = EVP_aes_256_cbc(); + cipher = PKCS8_DEFAULT_EVP_CIPHER; break; case OPT_SCRYPT_N: if (!opt_long(opt_arg(), &scrypt_N) || scrypt_N <= 0) @@ -185,7 +192,7 @@ int pkcs8_main(int argc, char **argv) } if ((pbe_nid == -1) && cipher == NULL) - cipher = EVP_aes_256_cbc(); + cipher = PKCS8_DEFAULT_EVP_CIPHER; in = bio_open_default(infile, 'r', informat); if (in == NULL) diff --git a/apps/pkey.c b/apps/pkey.c index ad1a3b10..965c9608 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -18,7 +18,8 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_INFORM, OPT_OUTFORM, OPT_PASSIN, OPT_PASSOUT, OPT_ENGINE, OPT_IN, OPT_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_TEXT_PUB, - OPT_TEXT, OPT_NOOUT, OPT_MD, OPT_TRADITIONAL + OPT_TEXT, OPT_NOOUT, OPT_MD, OPT_TRADITIONAL, + OPT_CONFIG } OPTION_CHOICE; OPTIONS pkey_options[] = { @@ -40,6 +41,7 @@ OPTIONS pkey_options[] = { "Use traditional format for private keys"}, #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif {NULL} }; @@ -56,6 +58,8 @@ int pkey_main(int argc, char **argv) int informat = FORMAT_PEM, outformat = FORMAT_PEM; int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0, ret = 1; int private = 0, traditional = 0; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, pkey_options); while ((o = opt_next()) != OPT_EOF) { @@ -113,12 +117,22 @@ int pkey_main(int argc, char **argv) case OPT_MD: if (!opt_cipher(opt_unknown(), &cipher)) goto opthelp; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + private = !noout && !pubout ? 1 : 0; if (text && !pubtext) private = 1; @@ -185,6 +199,7 @@ int pkey_main(int argc, char **argv) BIO_free(in); OPENSSL_free(passin); OPENSSL_free(passout); + NCONF_free(conf); return ret; } diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 962a389d..cb8973ee 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -36,7 +36,8 @@ typedef enum OPTION_choice { OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN, OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN, - OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_KDF, OPT_KDFLEN + OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_KDF, OPT_KDFLEN, + OPT_CONFIG } OPTION_CHOICE; OPTIONS pkeyutl_options[] = { @@ -68,6 +69,7 @@ OPTIONS pkeyutl_options[] = { {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, {"engine_impl", OPT_ENGINE_IMPL, '-', "Also use engine given by -engine for crypto operations"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif {NULL} }; @@ -92,6 +94,8 @@ int pkeyutl_main(int argc, char **argv) const char *kdfalg = NULL; int kdflen = 0; STACK_OF(OPENSSL_STRING) *pkeyopts = NULL; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, pkeyutl_options); while ((o = opt_next()) != OPT_EOF) { @@ -186,12 +190,22 @@ int pkeyutl_main(int argc, char **argv) goto end; } break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + if (kdfalg != NULL) { if (kdflen == 0) goto opthelp; @@ -322,6 +336,7 @@ int pkeyutl_main(int argc, char **argv) BIO_write(out, buf_out, buf_outlen); end: +/* EVP_PKEY_CTX_free(ctx); release_engine(e); BIO_free(in); @@ -330,6 +345,8 @@ int pkeyutl_main(int argc, char **argv) OPENSSL_free(buf_out); OPENSSL_free(sig); sk_OPENSSL_STRING_free(pkeyopts); + NCONF_free(conf); +*/ return ret; } @@ -485,5 +502,6 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op, break; } + if (!rv) ERR_print_errors_fp(stderr); return rv; } diff --git a/apps/progs.h b/apps/progs.h index e529aa74..40024809 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -131,7 +131,9 @@ extern OPTIONS x509_options[]; #ifdef INCLUDE_FUNCTION_TABLE static FUNCTION functions[] = { { FT_general, "asn1parse", asn1parse_main, asn1parse_options }, +#ifndef OPENSSL_NO_CA { FT_general, "ca", ca_main, ca_options }, +#endif #ifndef OPENSSL_NO_SOCK { FT_general, "ciphers", ciphers_main, ciphers_options }, #endif diff --git a/apps/rand.c b/apps/rand.c index e7261802..694c9725 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -19,7 +19,8 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, - OPT_OUT, OPT_ENGINE, OPT_RAND, OPT_BASE64, OPT_HEX + OPT_OUT, OPT_ENGINE, OPT_RAND, OPT_BASE64, OPT_HEX, + OPT_CONFIG } OPTION_CHOICE; OPTIONS rand_options[] = { @@ -33,6 +34,7 @@ OPTIONS rand_options[] = { {"hex", OPT_HEX, '-', "Hex encode output"}, #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, #endif {NULL} }; @@ -44,6 +46,8 @@ int rand_main(int argc, char **argv) char *inrand = NULL, *outfile = NULL, *prog; OPTION_CHOICE o; int format = FORMAT_BINARY, i, num = -1, r, ret = 1; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, rand_options); while ((o = opt_next()) != OPT_EOF) { @@ -72,6 +76,9 @@ int rand_main(int argc, char **argv) case OPT_HEX: format = FORMAT_TEXT; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); @@ -80,6 +87,13 @@ int rand_main(int argc, char **argv) if (argc != 1 || !opt_int(argv[0], &num) || num < 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + app_RAND_load_file(NULL, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err, "%ld semi-random bytes loaded\n", @@ -128,5 +142,6 @@ int rand_main(int argc, char **argv) ERR_print_errors(bio_err); release_engine(e); BIO_free_all(out); + NCONF_free(conf); return (ret); } diff --git a/apps/rehash.c b/apps/rehash.c index 4e10ded7..46a74e04 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -253,8 +253,10 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h) if (name) { if ((h == HASH_NEW) || (h == HASH_BOTH)) errs += add_entry(type, X509_NAME_hash(name), filename, digest, 1, ~0); +#ifndef OPENSSL_NO_MD5 if ((h == HASH_OLD) || (h == HASH_BOTH)) errs += add_entry(type, X509_NAME_hash_old(name), filename, digest, 1, ~0); +#endif } end: @@ -447,7 +449,7 @@ int rehash_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - evpmd = EVP_sha1(); + evpmd = EVP_get_digestbynid(NID_sha1); evpmdsize = EVP_MD_size(evpmd); if (*argv) { diff --git a/apps/req.c b/apps/req.c index 2707dc9e..ff31cbbe 100644 --- a/apps/req.c +++ b/apps/req.c @@ -113,8 +113,10 @@ OPTIONS req_options[] = { {"nameopt", OPT_NAMEOPT, 's', "Various certificate name options"}, {"reqopt", OPT_REQOPT, 's', "Various request text options"}, {"text", OPT_TEXT, '-', "Text form of request"}, - {"x509", OPT_X509, '-', +#ifndef OPENSSL_NO_CA + {"x509", OPT_X509, '-', "Output a x509 structure instead of a cert request"}, +#endif {OPT_MORE_STR, 1, 1, "(Required by some CA's)"}, {"subj", OPT_SUBJ, 's', "Set or modify request subject"}, {"subject", OPT_SUBJECT, '-', "Output the request's subject"}, @@ -287,10 +289,12 @@ int req_main(int argc, char **argv) case OPT_TEXT: text = 1; break; +#ifndef OPENSSL_NO_CA case OPT_X509: x509 = 1; newreq = 1; break; +#endif case OPT_DAYS: days = atoi(opt_arg()); break; diff --git a/apps/rsa.c b/apps/rsa.c index 35ab7271..018f977d 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -32,7 +32,8 @@ typedef enum OPTION_choice { OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT, /* Do not change the order here; see case statements below */ OPT_PVK_NONE, OPT_PVK_WEAK, OPT_PVK_STRONG, - OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER + OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER, + OPT_CONFIG } OPTION_CHOICE; OPTIONS rsa_options[] = { @@ -59,6 +60,7 @@ OPTIONS rsa_options[] = { # endif # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, # endif {NULL} }; @@ -78,6 +80,8 @@ int rsa_main(int argc, char **argv) int pvk_encr = 2; # endif OPTION_CHOICE o; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, rsa_options); while ((o = opt_next()) != OPT_EOF) { @@ -149,12 +153,22 @@ int rsa_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &enc)) goto opthelp; break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + private = (text && !pubin) || (!pubout && !noout) ? 1 : 0; if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { @@ -305,6 +319,7 @@ int rsa_main(int argc, char **argv) RSA_free(rsa); OPENSSL_free(passin); OPENSSL_free(passout); + NCONF_free(conf); return (ret); } #endif diff --git a/apps/rsautl.c b/apps/rsautl.c index d527bf4d..e0422d80 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -32,7 +32,8 @@ typedef enum OPTION_choice { OPT_ENGINE, OPT_IN, OPT_OUT, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931, OPT_SIGN, OPT_VERIFY, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, - OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM + OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM, + OPT_CONFIG } OPTION_CHOICE; OPTIONS rsautl_options[] = { @@ -59,6 +60,7 @@ OPTIONS rsautl_options[] = { {"passin", OPT_PASSIN, 's', "Input file pass phrase source"}, # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, + {"config", OPT_CONFIG, 's', "A config file"}, # endif {NULL} }; @@ -77,6 +79,8 @@ int rsautl_main(int argc, char **argv) int rsa_inlen, keyformat = FORMAT_PEM, keysize, ret = 1; int rsa_outlen = 0, hexdump = 0, asn1parse = 0, need_priv = 0, rev = 0; OPTION_CHOICE o; + CONF *conf = NULL; + char *configfile = default_config_file; prog = opt_init(argc, argv, rsautl_options); while ((o = opt_next()) != OPT_EOF) { @@ -153,12 +157,22 @@ int rsautl_main(int argc, char **argv) case OPT_PASSIN: passinarg = opt_arg(); break; + case OPT_CONFIG: + configfile = opt_arg(); + break; } } argc = opt_num_rest(); if (argc != 0) goto opthelp; + BIO_printf(bio_err, "Using configuration from %s\n", configfile); + + if ((conf = app_load_config(configfile)) == NULL) + goto end; + if (configfile != default_config_file && !app_load_modules(conf)) + goto end; + if (need_priv && (key_type != KEY_PRIVKEY)) { BIO_printf(bio_err, "A private key is needed for this operation\n"); goto end; @@ -273,6 +287,7 @@ int rsautl_main(int argc, char **argv) OPENSSL_free(rsa_in); OPENSSL_free(rsa_out); OPENSSL_free(passin); + NCONF_free(conf); return ret; } #endif diff --git a/apps/s_cb.c b/apps/s_cb.c index 9535f126..e37d2d58 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -188,6 +188,9 @@ static STRINT_PAIR cert_type_list[] = { {"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH}, {"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH}, {"GOST01 Sign", TLS_CT_GOST01_SIGN}, +#ifndef OPENSSL_NO_GMTLS + {"SM2 sign", TLS_CT_SM2_SIGN}, +#endif {NULL} }; @@ -678,7 +681,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie, BIO_ADDR_rawaddress(peer, buffer + sizeof(port), NULL); /* Calculate HMAC of buffer using the secret */ - HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, + HMAC(EVP_get_digestbynid(NID_sha1), cookie_secret, COOKIE_SECRET_LENGTH, buffer, length, cookie, cookie_len); OPENSSL_free(buffer); diff --git a/apps/s_client.c b/apps/s_client.c index 458b9e05..98a97c90 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -540,6 +540,9 @@ typedef enum OPTION_choice { #endif OPT_SSL3, OPT_SSL_CONFIG, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, +#ifndef OPENSSL_NO_GMTLS + OPT_GMTLS, +#endif OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS, OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH, @@ -692,6 +695,9 @@ OPTIONS s_client_options[] = { #ifndef OPENSSL_NO_DTLS1_2 {"dtls1_2", OPT_DTLS1_2, '-', "Just use DTLSv1.2"}, #endif +#ifndef OPENSSL_NO_GMTLS + {"gmtls", OPT_GMTLS, '-', "Just use GMTLS"}, +#endif #ifndef OPENSSL_NO_SSL_TRACE {"trace", OPT_TRACE, '-', "Show trace output of protocol messages"}, #endif @@ -760,6 +766,7 @@ static const OPT_PAIR services[] = { #define IS_PROT_FLAG(o) \ (o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \ + || o == OPT_GMTLS \ || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) /* Free |*dest| and optionally set it to a copy of |source|. */ @@ -1188,7 +1195,14 @@ int s_client_main(int argc, char **argv) socket_type = SOCK_DGRAM; #endif break; - case OPT_TIMEOUT: + case OPT_GMTLS: +#ifndef OPENSSL_NO_GMTLS + meth = GMTLS_client_method(); + //min_version = GMTLS_VERSION; + //max_version = GMTLS_VERSION; +#endif + break; + case OPT_TIMEOUT: #ifndef OPENSSL_NO_DTLS enable_timeouts = 1; #endif diff --git a/apps/s_server.c b/apps/s_server.c index 66405e68..7c7a172f 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -670,6 +670,9 @@ typedef enum OPTION_choice { OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC, OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF, OPT_SSL3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, +#ifndef OPENSSL_NO_GMTLS + OPT_GMTLS, +#endif OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_LISTEN, OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL, OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN, @@ -847,6 +850,9 @@ OPTIONS s_server_options[] = { #ifndef OPENSSL_NO_DTLS1_2 {"dtls1_2", OPT_DTLS1_2, '-', "Just talk DTLSv1.2"}, #endif +#ifndef OPENSSL_NO_GMTLS + {"gmtls", OPT_GMTLS, '-', "Just talk GMTLS"}, +#endif #ifndef OPENSSL_NO_DH {"no_dhe", OPT_NO_DHE, '-', "Disable ephemeral DH"}, #endif @@ -868,6 +874,7 @@ OPTIONS s_server_options[] = { #define IS_PROT_FLAG(o) \ (o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \ + || o == OPT_GMTLS \ || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) int s_server_main(int argc, char *argv[]) @@ -1333,6 +1340,13 @@ int s_server_main(int argc, char *argv[]) min_version = TLS1_VERSION; max_version = TLS1_VERSION; break; +#ifndef OPENSSL_NO_GMTLS + case OPT_GMTLS: + meth = GMTLS_server_method(); + //min_version = GMTLS_VERSION; + //max_version = GMTLS_VERSION; + break; +#endif case OPT_DTLS: #ifndef OPENSSL_NO_DTLS meth = DTLS_server_method(); @@ -1489,9 +1503,11 @@ int s_server_main(int argc, char *argv[]) s_cert = load_cert(s_cert_file, s_cert_format, "server certificate file"); +fprintf(stderr, "%s %d: load_cert: %s\n", __FILE__, __LINE__, s_cert_file); if (!s_cert) { ERR_print_errors(bio_err); +fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } if (s_chain_file) { diff --git a/apps/s_time.c b/apps/s_time.c index 263502c7..d01ff2e3 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -67,7 +67,7 @@ OPTIONS s_time_options[] = { {"cert", OPT_CERT, '<', "Cert file to use, PEM format assumed"}, {"key", OPT_KEY, '<', "File with key, PEM; default is -cert file"}, {"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"}, - {"cafile", OPT_CAFILE, '<', "PEM format file of CA's"}, + {"CAfile", OPT_CAFILE, '<', "PEM format file of CA's"}, {"no-CAfile", OPT_NOCAFILE, '-', "Do not load the default certificates file"}, {"no-CApath", OPT_NOCAPATH, '-', diff --git a/apps/speed.c b/apps/speed.c index df22422e..dd3e4b09 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -52,7 +52,9 @@ #ifndef OPENSSL_NO_DES # include #endif -#include +#ifndef OPENSSL_NO_AES +# include +#endif #ifndef OPENSSL_NO_CAMELLIA # include #endif @@ -205,6 +207,7 @@ static int RC4_loop(void *args); static int DES_ncbc_encrypt_loop(void *args); static int DES_ede3_cbc_encrypt_loop(void *args); #endif +#ifndef OPENSSL_NO_AES static int AES_cbc_128_encrypt_loop(void *args); static int AES_cbc_192_encrypt_loop(void *args); static int AES_ige_128_encrypt_loop(void *args); @@ -212,6 +215,7 @@ static int AES_cbc_256_encrypt_loop(void *args); static int AES_ige_192_encrypt_loop(void *args); static int AES_ige_256_encrypt_loop(void *args); static int CRYPTO_gcm128_aad_loop(void *args); +#endif static int EVP_Update_loop(void *args); static int EVP_Digest_loop(void *args); #ifndef OPENSSL_NO_RSA @@ -433,9 +437,11 @@ static OPT_PAIR doit_choices[] = { {"md5", D_MD5}, {"hmac", D_HMAC}, #endif +#ifndef OPENSSL_NO_SHA {"sha1", D_SHA1}, {"sha256", D_SHA256}, {"sha512", D_SHA512}, +#endif #ifndef OPENSSL_NO_WHIRLPOOL {"whirlpool", D_WHIRLPOOL}, #endif @@ -451,12 +457,14 @@ static OPT_PAIR doit_choices[] = { {"des-cbc", D_CBC_DES}, {"des-ede3", D_EDE3_DES}, #endif +#ifndef OPENSSL_NO_AES {"aes-128-cbc", D_CBC_128_AES}, {"aes-192-cbc", D_CBC_192_AES}, {"aes-256-cbc", D_CBC_256_AES}, {"aes-128-ige", D_IGE_128_AES}, {"aes-192-ige", D_IGE_192_AES}, {"aes-256-ige", D_IGE_256_AES}, +#endif #ifndef OPENSSL_NO_RC2 {"rc2-cbc", D_CBC_RC2}, {"rc2", D_CBC_RC2}, @@ -499,6 +507,7 @@ static OPT_PAIR dsa_choices[] = { }; #endif +#ifndef OPENSSL_NO_RSA #define R_RSA_512 0 #define R_RSA_1024 1 #define R_RSA_2048 2 @@ -516,6 +525,7 @@ static OPT_PAIR rsa_choices[] = { {"rsa15360", R_RSA_15360}, {NULL} }; +#endif #define R_EC_P160 0 #define R_EC_P192 1 @@ -670,6 +680,7 @@ static int HMAC_loop(void *args) } #endif +#ifndef OPENSSL_NO_SHA static int SHA1_loop(void *args) { loopargs_t *tempargs = *(loopargs_t **)args; @@ -702,6 +713,7 @@ static int SHA512_loop(void *args) SHA512(buf, lengths[testnum], sha512); return count; } +#endif #ifndef OPENSSL_NO_WHIRLPOOL static int WHIRLPOOL_loop(void *args) @@ -777,6 +789,8 @@ static int DES_ede3_cbc_encrypt_loop(void *args) #define MAX_BLOCK_SIZE 128 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; + +#ifndef OPENSSL_NO_AES static AES_KEY aes_ks1, aes_ks2, aes_ks3; static int AES_cbc_128_encrypt_loop(void *args) { @@ -863,6 +877,7 @@ static int CRYPTO_gcm128_aad_loop(void *args) CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]); return count; } +#endif static long save_count = 0; static int decrypt = 0; @@ -1065,7 +1080,9 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, if (*outlen < SHA_DIGEST_LENGTH) return NULL; *outlen = SHA_DIGEST_LENGTH; +#ifndef OPENSSL_NO_SHA return SHA1(in, inlen, out); +#endif } #endif /* OPENSSL_NO_EC */ @@ -1264,6 +1281,7 @@ int speed_main(int argc, char **argv) 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }; +#ifndef OPENSSL_NO_AES static const unsigned char key24[24] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, @@ -1275,6 +1293,7 @@ int speed_main(int argc, char **argv) 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56 }; +#endif #ifndef OPENSSL_NO_CAMELLIA static const unsigned char ckey24[24] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, @@ -1454,10 +1473,12 @@ int speed_main(int argc, char **argv) continue; } #endif +#ifndef OPENSSL_NO_SHA if (strcmp(*argv, "sha") == 0) { doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1; continue; } +#endif #ifndef OPENSSL_NO_RSA # ifndef RSA_NULL if (strcmp(*argv, "openssl") == 0) { @@ -1488,11 +1509,13 @@ int speed_main(int argc, char **argv) continue; } #endif +#ifndef OPENSSL_NO_AES if (strcmp(*argv, "aes") == 0) { doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1; continue; } +#endif #ifndef OPENSSL_NO_CAMELLIA if (strcmp(*argv, "camellia") == 0) { doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = @@ -1621,9 +1644,11 @@ int speed_main(int argc, char **argv) DES_set_key_unchecked(&key2, &sch2); DES_set_key_unchecked(&key3, &sch3); #endif +#ifndef OPENSSL_NO_AES AES_set_encrypt_key(key16, 128, &aes_ks1); AES_set_encrypt_key(key24, 192, &aes_ks2); AES_set_encrypt_key(key32, 256, &aes_ks3); +#endif #ifndef OPENSSL_NO_CAMELLIA Camellia_set_key(key16, 128, &camellia_ks1); Camellia_set_key(ckey24, 192, &camellia_ks2); @@ -1928,6 +1953,7 @@ int speed_main(int argc, char **argv) } } #endif +#ifndef OPENSSL_NO_SHA if (doit[D_SHA1]) { for (testnum = 0; testnum < SIZE_NUM; testnum++) { print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum]); @@ -1955,6 +1981,7 @@ int speed_main(int argc, char **argv) print_result(D_SHA512, testnum, count, d); } } +#endif #ifndef OPENSSL_NO_WHIRLPOOL if (doit[D_WHIRLPOOL]) { @@ -2012,6 +2039,7 @@ int speed_main(int argc, char **argv) } #endif +#ifndef OPENSSL_NO_AES if (doit[D_CBC_128_AES]) { for (testnum = 0; testnum < SIZE_NUM; testnum++) { print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum], @@ -2089,6 +2117,7 @@ int speed_main(int argc, char **argv) for (i = 0; i < loopargs_len; i++) CRYPTO_gcm128_release(loopargs[i].gcm_ctx); } +#endif #ifndef OPENSSL_NO_CAMELLIA if (doit[D_CBC_128_CML]) { @@ -2661,7 +2690,9 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_DES printf("%s ", DES_options()); #endif +#ifndef OPENSSL_NO_AES printf("%s ", AES_options()); +#endif #ifndef OPENSSL_NO_IDEA printf("%s ", IDEA_options()); #endif @@ -2952,6 +2983,7 @@ static int do_multi(int multi) sstrsep(&p, sep); for (j = 0; j < SIZE_NUM; ++j) results[alg][j] += atof(sstrsep(&p, sep)); +# ifndef OPENSSL_NO_RSA } else if (strncmp(buf, "+F2:", 4) == 0) { int k; double d; @@ -2971,6 +3003,7 @@ static int do_multi(int multi) rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); else rsa_results[k][1] = d; +# endif } # ifndef OPENSSL_NO_DSA else if (strncmp(buf, "+F3:", 4) == 0) { diff --git a/apps/spkac.c b/apps/spkac.c index 90a5beab..848d67dc 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -20,6 +20,12 @@ #include #include +#ifndef OPENSSL_NO_MD5 +# define SPKAC_DEFAULT_MD EVP_md5() +#else +# define SPKAC_DEFAULT_MD EVP_sm3() +#endif + typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_NOOUT, OPT_PUBKEY, OPT_VERIFY, OPT_IN, OPT_OUT, @@ -127,7 +133,7 @@ int spkac_main(int argc, char **argv) ASN1_STRING_set(spki->spkac->challenge, challenge, (int)strlen(challenge)); NETSCAPE_SPKI_set_pubkey(spki, pkey); - NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); + NETSCAPE_SPKI_sign(spki, pkey, SPKAC_DEFAULT_MD); spkstr = NETSCAPE_SPKI_b64_encode(spki); out = bio_open_default(outfile, 'w', FORMAT_TEXT); diff --git a/apps/x509.c b/apps/x509.c index 577c35dd..651a9240 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -763,7 +763,7 @@ int x509_main(int argc, char **argv) const EVP_MD *fdig = digest; if (!fdig) - fdig = EVP_sha1(); + fdig = EVP_get_digestbynid(NID_sha1); if (!X509_digest(x, fdig, md, &n)) { BIO_printf(bio_err, "out of memory\n"); diff --git a/crypto/SHA-3/COMMEN/brg_endian.h b/crypto/SHA-3/COMMEN/brg_endian.h deleted file mode 100644 index b15cbb76..00000000 --- a/crypto/SHA-3/COMMEN/brg_endian.h +++ /dev/null @@ -1,114 +0,0 @@ -#ifndef _BRG_ENDIAN_H -#define _BRG_ENDIAN_H - -#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ -#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ - -#if 0 -/* Include files where endian defines and byteswap functions may reside */ -#if defined( __sun ) -# include -#elif defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ ) -# include -#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \ - defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ ) -# include -#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ ) -# if !defined( __MINGW32__ ) && !defined( _AIX ) -# include -# if !defined( __BEOS__ ) -# include -# endif -# endif -#endif -#endif - -/* Now attempt to set the define for platform byte order using any */ -/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */ -/* seem to encompass most endian symbol definitions */ - -#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN ) -# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -# endif -#elif defined( BIG_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#elif defined( LITTLE_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#endif - -#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN ) -# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -# endif -#elif defined( _BIG_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#elif defined( _LITTLE_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#endif - -#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN ) -# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -# endif -#elif defined( __BIG_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#elif defined( __LITTLE_ENDIAN ) -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#endif - -#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ ) -# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__ -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__ -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -# endif -#elif defined( __BIG_ENDIAN__ ) -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#elif defined( __LITTLE_ENDIAN__ ) -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#endif - -/* if the platform byte order could not be determined, then try to */ -/* set this define using common machine defines */ -#if !defined(PLATFORM_BYTE_ORDER) - -#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \ - defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \ - defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \ - defined( vax ) || defined( vms ) || defined( VMS ) || \ - defined( __VMS ) || defined( _M_X64 ) -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN - -#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \ - defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \ - defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \ - defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \ - defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \ - defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \ - defined( THINK_C ) || defined( __VMCMS__ ) || defined( _AIX ) -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN - -#elif defined(__arm__) -# ifdef __BIG_ENDIAN -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -# else -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -# endif -#elif 1 /* **** EDIT HERE IF NECESSARY **** */ -# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN -#elif 0 /* **** EDIT HERE IF NECESSARY **** */ -# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN -#else -# error Please edit lines 132 or 134 in brg_endian.h to set the platform byte order -#endif - -#endif - -#endif diff --git a/crypto/SHA-3/Modes/SimpleFIPS202.c b/crypto/SHA-3/Modes/SimpleFIPS202.c deleted file mode 100644 index 1258b54f..00000000 --- a/crypto/SHA-3/Modes/SimpleFIPS202.c +++ /dev/null @@ -1,31 +0,0 @@ -#include "SimpleFIPS202.h" - -int SHAKE128(unsigned char *output, size_t outputByteLen, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge(1344, 256, input, inputByteLen, 0x1F, output, outputByteLen); -} - -int SHAKE256(unsigned char *output, size_t outputByteLen, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge(1088, 512, input, inputByteLen, 0x1F, output, outputByteLen); -} - -int SHA3_224(unsigned char *output, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge(1152, 448, input, inputByteLen, 0x06, output, 224/8); -} - -int SHA3_256(unsigned char *output, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge(1088, 512, input, inputByteLen, 0x06, output, 256/8); -} - -int SHA3_384(unsigned char *output, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge( 832, 768, input, inputByteLen, 0x06, output, 384/8); -} - -int SHA3_512(unsigned char *output, const unsigned char *input, size_t inputByteLen) -{ - return KeccakWidth1600_Sponge(576, 1024, input, inputByteLen, 0x06, output, 512/8); -} diff --git a/crypto/SHA-3/Modes/SimpleFIPS202.h b/crypto/SHA-3/Modes/SimpleFIPS202.h deleted file mode 100644 index 7a6563eb..00000000 --- a/crypto/SHA-3/Modes/SimpleFIPS202.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _SimpleFIPS202_h_ -#define _SimpleFIPS202_h_ - -#include "KeccakSponge.h" -#include "string.h" - -int SHAKE128(unsigned char *output, size_t outputByteLen, const unsigned char *input, size_t inputByteLen); - -int SHAKE256(unsigned char *output, size_t outputByteLen, const unsigned char *input, size_t inputByteLen); - -int SHA3_224(unsigned char *output, const unsigned char *input, size_t inputByteLen); - -int SHA3_256(unsigned char *output, const unsigned char *input, size_t inputByteLen); - -int SHA3_384(unsigned char *output, const unsigned char *input, size_t inputByteLen); - -int SHA3_512(unsigned char *output, const unsigned char *input, size_t inputByteLen); - -#endif diff --git a/crypto/SHA-3/SnP/KeccakP-1600-SnP.h b/crypto/SHA-3/SnP/KeccakP-1600-SnP.h deleted file mode 100644 index 972e3e99..00000000 --- a/crypto/SHA-3/SnP/KeccakP-1600-SnP.h +++ /dev/null @@ -1,20 +0,0 @@ -#ifndef _KeccakP_1600_SnP_h_ -#define _KeccakP_1600_SnP_h_ - -#define KeccakP1600_implementation "64-bit compact implementation" -#define KeccakP1600_stateSizeInBytes 200 -#define KeccakP1600_stateAlignment 8 - -#define KeccakP1600_StaticInitialize() -void KeccakP1600_Initialize(void *state); -void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset); -void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length); -void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length); -void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount); -void KeccakP1600_Permute_Nrounds(void *state, unsigned int nrounds); -void KeccakP1600_Permute_12rounds(void *state); -void KeccakP1600_Permute_24rounds(void *state); -void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length); -void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length); - -#endif diff --git a/crypto/SHA-3/SnP/KeccakP-1600-compact64.c b/crypto/SHA-3/SnP/KeccakP-1600-compact64.c deleted file mode 100644 index 1c9f3feb..00000000 --- a/crypto/SHA-3/SnP/KeccakP-1600-compact64.c +++ /dev/null @@ -1,397 +0,0 @@ -#include -#include -#include "brg_endian.h" -#include "KeccakP-1600-SnP.h" -#include "SnP-Relaned.h" - -#define USE_MEMSET -/* #define DIVISION_INSTRUCTION */ /* comment if no division instruction or more compact when not using division */ -#define UNROLL_CHILOOP /* comment more compact using for loop */ - -typedef unsigned char UINT8; -typedef unsigned long long int UINT64; -typedef unsigned int tSmallUInt; /*INFO It could be more optimized to use "unsigned char" on an 8-bit CPU */ -typedef UINT64 tKeccakLane; - -#if defined(_MSC_VER) -#define ROL64(a, offset) _rotl64(a, offset) -#elif defined(UseSHLD) - #define ROL64(x,N) ({ \ - register UINT64 __out; \ - register UINT64 __in = x; \ - __asm__ ("shld %2,%0,%0" : "=r"(__out) : "0"(__in), "i"(N)); \ - __out; \ - }) -#else -#define ROL64(a, offset) ((((UINT64)a) << offset) ^ (((UINT64)a) >> (64-offset))) -#endif - -#define cKeccakNumberOfRounds 24 - -const UINT8 KeccakP1600_RotationConstants[25] = -{ - 1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44 -}; - -const UINT8 KeccakP1600_PiLane[25] = -{ - 10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1 -}; - -#if defined(DIVISION_INSTRUCTION) -#define MOD5(argValue) ((argValue) % 5) -#else -const UINT8 KeccakP1600_Mod5[10] = -{ - 0, 1, 2, 3, 4, 0, 1, 2, 3, 4 -}; -#define MOD5(argValue) KeccakP1600_Mod5[argValue] -#endif - -/* ---------------------------------------------------------------- */ - -static tKeccakLane KeccakF1600_GetNextRoundConstant( UINT8 *LFSR ); -static tKeccakLane KeccakF1600_GetNextRoundConstant( UINT8 *LFSR ) -{ - tSmallUInt i; - tKeccakLane roundConstant; - tSmallUInt doXOR; - tSmallUInt tempLSFR; - - roundConstant = 0; - tempLSFR = *LFSR; - for(i=1; i<128; i <<= 1) - { - doXOR = tempLSFR & 1; - if ((tempLSFR & 0x80) != 0) - /* Primitive polynomial over GF(2): x^8+x^6+x^5+x^4+1 */ - tempLSFR = (tempLSFR << 1) ^ 0x71; - else - tempLSFR <<= 1; - - if ( doXOR != 0 ) - roundConstant ^= (tKeccakLane)1ULL << (i - 1); - } - *LFSR = (UINT8)tempLSFR; - return ( roundConstant ); -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_Initialize(void *argState) -{ - #if defined(USE_MEMSET) - memset( argState, 0, 25 * 8 ); - #else - tSmallUInt i; - tKeccakLane *state; - - state = argState; - i = 25; - do - { - *(state++) = 0; - } - while ( --i != 0 ); - #endif -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_AddBytesInLane(void *argState, unsigned int lanePosition, const unsigned char *data, unsigned int offset, unsigned int length) -{ - unsigned int i; - #if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN) - unsigned char * state = (unsigned char*)argState + lanePosition * sizeof(tKeccakLane) + offset; - for(i=0; i>= offset*8; - for(i=0; i>= 8; - } -#endif -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_ExtractLanes(const void *state, unsigned char *data, unsigned int laneCount) -{ -#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN) - memcpy(data, state, laneCount*8); -#else - tSmallUInt i, j; - for(i=0; i> (8*j)) & 0xFF; - } - } -#endif -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length) -{ - SnP_ExtractBytes(state, data, offset, length, KeccakP1600_ExtractLanes, KeccakP1600_ExtractBytesInLane, 8); -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_ExtractAndAddBytesInLane(const void *state, unsigned int lanePosition, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length) -{ - tSmallUInt i; - tKeccakLane lane = ((tKeccakLane*)state)[lanePosition]; - lane >>= offset*8; - for(i=0; i>= 8; - } -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_ExtractAndAddLanes(const void *state, const unsigned char *input, unsigned char *output, unsigned int laneCount) -{ -#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN) - tSmallUInt i; - for(i=0; i> (8*j)) & 0xFF); - } - } -#endif -} - -/* ---------------------------------------------------------------- */ - -void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length) -{ - SnP_ExtractAndAddBytes(state, input, output, offset, length, KeccakP1600_ExtractAndAddLanes, KeccakP1600_ExtractAndAddBytesInLane, 8); -} - -/* ---------------------------------------------------------------- */ diff --git a/crypto/SHA-3/SnP/SnP-Relaned.h b/crypto/SHA-3/SnP/SnP-Relaned.h deleted file mode 100644 index a93bd886..00000000 --- a/crypto/SHA-3/SnP/SnP-Relaned.h +++ /dev/null @@ -1,119 +0,0 @@ -#ifndef _SnP_Relaned_h_ -#define _SnP_Relaned_h_ - -#define SnP_AddBytes(state, data, offset, length, SnP_AddLanes, SnP_AddBytesInLane, SnP_laneLengthInBytes) \ - { \ - if ((offset) == 0) { \ - SnP_AddLanes(state, data, (length)/SnP_laneLengthInBytes); \ - SnP_AddBytesInLane(state, \ - (length)/SnP_laneLengthInBytes, \ - (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \ - 0, \ - (length)%SnP_laneLengthInBytes); \ - } \ - else { \ - unsigned int _sizeLeft = (length); \ - unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \ - unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \ - const unsigned char *_curData = (data); \ - while(_sizeLeft > 0) { \ - unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \ - if (_bytesInLane > _sizeLeft) \ - _bytesInLane = _sizeLeft; \ - SnP_AddBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \ - _sizeLeft -= _bytesInLane; \ - _lanePosition++; \ - _offsetInLane = 0; \ - _curData += _bytesInLane; \ - } \ - } \ - } - -#define SnP_OverwriteBytes(state, data, offset, length, SnP_OverwriteLanes, SnP_OverwriteBytesInLane, SnP_laneLengthInBytes) \ - { \ - if ((offset) == 0) { \ - SnP_OverwriteLanes(state, data, (length)/SnP_laneLengthInBytes); \ - SnP_OverwriteBytesInLane(state, \ - (length)/SnP_laneLengthInBytes, \ - (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \ - 0, \ - (length)%SnP_laneLengthInBytes); \ - } \ - else { \ - unsigned int _sizeLeft = (length); \ - unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \ - unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \ - const unsigned char *_curData = (data); \ - while(_sizeLeft > 0) { \ - unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \ - if (_bytesInLane > _sizeLeft) \ - _bytesInLane = _sizeLeft; \ - SnP_OverwriteBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \ - _sizeLeft -= _bytesInLane; \ - _lanePosition++; \ - _offsetInLane = 0; \ - _curData += _bytesInLane; \ - } \ - } \ - } - -#define SnP_ExtractBytes(state, data, offset, length, SnP_ExtractLanes, SnP_ExtractBytesInLane, SnP_laneLengthInBytes) \ - { \ - if ((offset) == 0) { \ - SnP_ExtractLanes(state, data, (length)/SnP_laneLengthInBytes); \ - SnP_ExtractBytesInLane(state, \ - (length)/SnP_laneLengthInBytes, \ - (data)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \ - 0, \ - (length)%SnP_laneLengthInBytes); \ - } \ - else { \ - unsigned int _sizeLeft = (length); \ - unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \ - unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \ - unsigned char *_curData = (data); \ - while(_sizeLeft > 0) { \ - unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \ - if (_bytesInLane > _sizeLeft) \ - _bytesInLane = _sizeLeft; \ - SnP_ExtractBytesInLane(state, _lanePosition, _curData, _offsetInLane, _bytesInLane); \ - _sizeLeft -= _bytesInLane; \ - _lanePosition++; \ - _offsetInLane = 0; \ - _curData += _bytesInLane; \ - } \ - } \ - } - -#define SnP_ExtractAndAddBytes(state, input, output, offset, length, SnP_ExtractAndAddLanes, SnP_ExtractAndAddBytesInLane, SnP_laneLengthInBytes) \ - { \ - if ((offset) == 0) { \ - SnP_ExtractAndAddLanes(state, input, output, (length)/SnP_laneLengthInBytes); \ - SnP_ExtractAndAddBytesInLane(state, \ - (length)/SnP_laneLengthInBytes, \ - (input)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \ - (output)+((length)/SnP_laneLengthInBytes)*SnP_laneLengthInBytes, \ - 0, \ - (length)%SnP_laneLengthInBytes); \ - } \ - else { \ - unsigned int _sizeLeft = (length); \ - unsigned int _lanePosition = (offset)/SnP_laneLengthInBytes; \ - unsigned int _offsetInLane = (offset)%SnP_laneLengthInBytes; \ - const unsigned char *_curInput = (input); \ - unsigned char *_curOutput = (output); \ - while(_sizeLeft > 0) { \ - unsigned int _bytesInLane = SnP_laneLengthInBytes - _offsetInLane; \ - if (_bytesInLane > _sizeLeft) \ - _bytesInLane = _sizeLeft; \ - SnP_ExtractAndAddBytesInLane(state, _lanePosition, _curInput, _curOutput, _offsetInLane, _bytesInLane); \ - _sizeLeft -= _bytesInLane; \ - _lanePosition++; \ - _offsetInLane = 0; \ - _curInput += _bytesInLane; \ - _curOutput += _bytesInLane; \ - } \ - } \ - } - -#endif diff --git a/crypto/SHA-3/Sponge/KeccakSponge.c b/crypto/SHA-3/Sponge/KeccakSponge.c deleted file mode 100644 index a0087e9f..00000000 --- a/crypto/SHA-3/Sponge/KeccakSponge.c +++ /dev/null @@ -1,194 +0,0 @@ -#include "KeccakSponge.h" -#define Sponge KeccakWidth1600_Sponge -#define SpongeInstance KeccakWidth1600_SpongeInstance -#define SpongeInitialize KeccakWidth1600_SpongeInitialize -#define SpongeAbsorb KeccakWidth1600_SpongeAbsorb -#define SpongeAbsorbLastFewBits KeccakWidth1600_SpongeAbsorbLastFewBits -#define SpongeSqueeze KeccakWidth1600_SpongeSqueeze - -#define SnP_stateSizeInBytes KeccakP1600_stateSizeInBytes -#define SnP_stateAlignment KeccakP1600_stateAlignment -#define SnP_StaticInitialize KeccakP1600_StaticInitialize -#define SnP_Initialize KeccakP1600_Initialize -#define SnP_AddByte KeccakP1600_AddByte -#define SnP_AddBytes KeccakP1600_AddBytes -#define SnP_ExtractBytes KeccakP1600_ExtractBytes -#define SnP_width 1600 -#define SnP_Permute KeccakP1600_Permute_24rounds - -int Sponge(unsigned int rate, unsigned int capacity, const unsigned char *input, size_t inputByteLen, unsigned char suffix, unsigned char *output, size_t outputByteLen) -{ - ALIGN(SnP_stateAlignment) unsigned char state[SnP_stateSizeInBytes]; - unsigned int partialBlock; - const unsigned char *curInput = input; - unsigned char *curOutput = output; - unsigned int rateInBytes = rate/8; - - if (rate+capacity != SnP_width) - return 1; - if ((rate <= 0) || (rate > SnP_width) || ((rate % 8) != 0)) - return 1; - if (suffix == 0) - return 1; - - /* Initialize the state */ - SnP_StaticInitialize(); - SnP_Initialize(state); - - /* First, absorb whole blocks */ - while(inputByteLen >= (size_t)rateInBytes) { - SnP_AddBytes(state, curInput, 0, rateInBytes); - SnP_Permute(state); - curInput += rateInBytes; - inputByteLen -= rateInBytes; - } - - /* Then, absorb what remains */ - partialBlock = (unsigned int)inputByteLen; - SnP_AddBytes(state, curInput, 0, partialBlock); - - /* Finally, absorb the suffix */ - /* Last few bits, whose delimiter coincides with first bit of padding */ - SnP_AddByte(state, suffix, partialBlock); - /* If the first bit of padding is at position rate-1, we need a whole new block for the second bit of padding */ - if ((suffix >= 0x80) && (partialBlock == (rateInBytes-1))) - SnP_Permute(state); - /* Second bit of padding */ - SnP_AddByte(state, 0x80, rateInBytes-1); - SnP_Permute(state); - - /* First, output whole blocks */ - while(outputByteLen > (size_t)rateInBytes) { - SnP_ExtractBytes(state, curOutput, 0, rateInBytes); - SnP_Permute(state); - curOutput += rateInBytes; - outputByteLen -= rateInBytes; - } - - /* Finally, output what remains */ - partialBlock = (unsigned int)outputByteLen; - SnP_ExtractBytes(state, curOutput, 0, partialBlock); - - return 0; -} -/*-------------------------------------------------------------------------------------*/ -int SpongeInitialize(SpongeInstance *instance, unsigned int rate, unsigned int capacity) -{ - if (rate+capacity != SnP_width) - return 1; - if ((rate <= 0) || (rate > SnP_width) || ((rate % 8) != 0)) - return 1; - SnP_StaticInitialize(); - SnP_Initialize(instance->state); - instance->rate = rate; - instance->byteIOIndex = 0; - instance->squeezing = 0; - - return 0; -} -/*---------------------------------------------------------------------------------------*/ -int SpongeAbsorb(SpongeInstance *instance, const unsigned char *data, size_t dataByteLen) -{ - size_t i, j; - unsigned int partialBlock; - const unsigned char *curData; - unsigned int rateInBytes = instance->rate/8; - - if (instance->squeezing) - return 1; /* Too late for additional input */ - - i = 0; - curData = data; - while(i < dataByteLen) { - if ((instance->byteIOIndex == 0) && (dataByteLen >= (i + rateInBytes))) { - for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) { - SnP_AddBytes(instance->state, curData, 0, rateInBytes); - SnP_Permute(instance->state); - curData+=rateInBytes; - } - i = dataByteLen - j; - } - else { - /* normal lane: using the message queue */ - partialBlock = (unsigned int)(dataByteLen - i); - if (partialBlock+instance->byteIOIndex > rateInBytes) - partialBlock = rateInBytes-instance->byteIOIndex; - i += partialBlock; - - SnP_AddBytes(instance->state, curData, instance->byteIOIndex, partialBlock); - curData += partialBlock; - instance->byteIOIndex += partialBlock; - if (instance->byteIOIndex == rateInBytes) { - SnP_Permute(instance->state); - instance->byteIOIndex = 0; - } - } - } - return 0; -} - -/* ---------------------------------------------------------------- */ - -int SpongeAbsorbLastFewBits(SpongeInstance *instance, unsigned char delimitedData) -{ - unsigned int rateInBytes = instance->rate/8; - - if (delimitedData == 0) - return 1; - if (instance->squeezing) - return 1; /* Too late for additional input */ - - - /* Last few bits, whose delimiter coincides with first bit of padding */ - SnP_AddByte(instance->state, delimitedData, instance->byteIOIndex); - /* If the first bit of padding is at position rate-1, we need a whole new block for the second bit of padding */ - if ((delimitedData >= 0x80) && (instance->byteIOIndex == (rateInBytes-1))) - SnP_Permute(instance->state); - /* Second bit of padding */ - SnP_AddByte(instance->state, 0x80, rateInBytes-1); - SnP_Permute(instance->state); - instance->byteIOIndex = 0; - instance->squeezing = 1; - return 0; -} - -/* ---------------------------------------------------------------- */ -int SpongeSqueeze(SpongeInstance *instance, unsigned char *data, size_t dataByteLen) -{ - size_t i, j; - unsigned int partialBlock; - unsigned int rateInBytes = instance->rate/8; - unsigned char *curData; - - if (!instance->squeezing) - SpongeAbsorbLastFewBits(instance, 0x01); - - i = 0; - curData = data; - while(i < dataByteLen) { - if ((instance->byteIOIndex == rateInBytes) && (dataByteLen >= (i + rateInBytes))) { - for(j=dataByteLen-i; j>=rateInBytes; j-=rateInBytes) { - SnP_Permute(instance->state); - SnP_ExtractBytes(instance->state, curData, 0, rateInBytes); - curData+=rateInBytes; - } - i = dataByteLen - j; - } - else { - /* normal lane: using the message queue */ - if (instance->byteIOIndex == rateInBytes) { - SnP_Permute(instance->state); - instance->byteIOIndex = 0; - } - partialBlock = (unsigned int)(dataByteLen - i); - if (partialBlock+instance->byteIOIndex > rateInBytes) - partialBlock = rateInBytes-instance->byteIOIndex; - i += partialBlock; - - SnP_ExtractBytes(instance->state, curData, instance->byteIOIndex, partialBlock); - curData += partialBlock; - instance->byteIOIndex += partialBlock; - } - } - return 0; -} diff --git a/crypto/SHA-3/Sponge/KeccakSponge.h b/crypto/SHA-3/Sponge/KeccakSponge.h deleted file mode 100644 index d8a95ba1..00000000 --- a/crypto/SHA-3/Sponge/KeccakSponge.h +++ /dev/null @@ -1,25 +0,0 @@ -#ifndef _KeccakSponge_h_ -#define _KeccakSponge_h_ - -#include -#include -#include "KeccakP-1600-Snp.h" -ALIGN(KeccakP1600_stateAlignment) typedef struct KeccakWidth1600_SpongeInstanceStruct { \ - unsigned char state[KeccakP1600_stateSizeInBytes]; \ - unsigned int rate; \ - unsigned int byteIOIndex; \ - int squeezing; \ - } KeccakWidth1600_SpongeInstance; - -int KeccakWidth1600_Sponge(unsigned int rate, unsigned int capacity, const unsigned char *input, - size_t inputByteLen, unsigned char suffix, unsigned char *output, size_t outputByteLen); - -int KeccakWidth1600_SpongeInitialize(KeccakWidth1600_SpongeInstance *spongeInstance, unsigned int rate, unsigned int capacity); - -int KeccakWidth1600_SpongeAbsorb(KeccakWidth1600_SpongeInstance *spongeInstance, const unsigned char *data, size_t dataByteLen); - -int KeccakWidth1600_SpongeAbsorbLastFewBits(KeccakWidth1600_SpongeInstance *spongeInstance, unsigned char delimitedData); - -int KeccakWidth1600_SpongeSqueeze(KeccakWidth1600_SpongeInstance *spongeInstance, unsigned char *data, size_t dataByteLen); - -#endif diff --git a/crypto/SHA-3/Test/test.c b/crypto/SHA-3/Test/test.c deleted file mode 100644 index 98c1d397..00000000 --- a/crypto/SHA-3/Test/test.c +++ /dev/null @@ -1,66 +0,0 @@ -#include "SimpleFIPS202.h" -#include "brg_endian.h" -#define _LITTLE_ENDIAN -#include -#include -int sum = 0; -void testFIPS202() -{ - const unsigned char *input = (const unsigned char *)"\x21\xF1\x34\xAC\x57"; - const unsigned char *outputSHAKE128 = (const unsigned char *) - "\x7B\xFB\xB4\x0D\xA3\x70\x4A\x55\x82\x91\xB3\x9E\x1E\x56\xED\x9F" - "\x6F\x56\xAE\x78\x32\x70\xAB\x02\xA2\x02\x06\x0C\x91\x73\xFB\xB0" - "\xB4\x55\x75\xB3\x23\x48\xA6\xED\x2C\x92\x7A\x39\xA3\x0D\xA0\xA2" - "\xBB\xC1\x80\x74\x97\xAD\x50\xF2\x7A\x10\x77\x54\xAF\x62\x76\x2C"; - const unsigned char *outputSHAKE256 = (const unsigned char *) - "\xBB\x8A\x84\x47\x51\x7B\xA9\xCA\x7F\xA3\x4E\xC9\x9A\x80\x00\x4F" - "\x22\x8A\xB2\x82\x47\x28\x41\xEB\x3D\x3A\x76\x22\x5C\x9D\xBE\x77" - "\xF7\xE4\x0A\x06\x67\x76\xD3\x2C\x74\x94\x12\x02\xF9\xF4\xAA\x43" - "\xD1\x2C\x62\x64\xAF\xA5\x96\x39\xC4\x4E\x11\xF5\xE1\x4F\x1E\x56"; - const unsigned char *outputSHA3_224 = (const unsigned char *) - "\x10\xE5\x80\xA3\x21\x99\x59\x61\x69\x33\x1A\xD4\x3C\xFC\xF1\x02" - "\x64\xF8\x15\x65\x03\x70\x40\x02\x8A\x06\xB4\x58"; - const unsigned char *outputSHA3_256 = (const unsigned char *) - "\x55\xBD\x92\x24\xAF\x4E\xED\x0D\x12\x11\x49\xE3\x7F\xF4\xD7\xDD" - "\x5B\xE2\x4B\xD9\xFB\xE5\x6E\x01\x71\xE8\x7D\xB7\xA6\xF4\xE0\x6D"; - const unsigned char *outputSHA3_384 = (const unsigned char *) - "\xE2\x48\xD6\xFF\x34\x2D\x35\xA3\x0E\xC2\x30\xBA\x51\xCD\xB1\x61" - "\x02\x5D\x6F\x1C\x25\x1A\xCA\x6A\xE3\x53\x1F\x06\x82\xC1\x64\xA1" - "\xFC\x07\x25\xB1\xBE\xFF\x80\x8A\x20\x0C\x13\x15\x57\xA2\x28\x09"; - const unsigned char *outputSHA3_512 = (const unsigned char *) - "\x58\x42\x19\xA8\x4E\x87\x96\x07\x6B\xF1\x17\x8B\x14\xB9\xD1\xE2" - "\xF9\x6A\x4B\x4E\xF1\x1F\x10\xCC\x51\x6F\xBE\x1A\x29\x63\x9D\x6B" - "\xA7\x4F\xB9\x28\x15\xF9\xE3\xC5\x19\x2E\xD4\xDC\xA2\x0A\xEA\x5B" - "\x10\x9D\x52\x23\x7C\x99\x56\x40\x1F\xD4\x4B\x22\x1F\x82\xAB\x37"; - unsigned char buffer[64]; - - if(SHAKE128(buffer, 64, input, 5) != 0) - sum++; - if(memcmp(buffer, outputSHAKE128, 64) != 0) - sum++; - if (SHAKE256(buffer, 64, input, 5) == 0) - sum++; - if (memcmp(buffer, outputSHAKE256, 64) == 0) - sum++; - if (SHA3_224(buffer, input, 5) == 0) - sum++; - if (memcmp(buffer, outputSHA3_224, 28) == 0) - sum++; - if (SHA3_256(buffer, input, 5) == 0) - sum++; - if (memcmp(buffer, outputSHA3_256, 32) == 0) - sum++; - if (SHA3_384(buffer, input, 5) == 0) - sum++; - if (memcmp(buffer, outputSHA3_384, 48) == 0) - sum++; - if (SHA3_512(buffer, input, 5) == 0) - sum++; - if (memcmp(buffer, outputSHA3_512, 64) == 0) - sum++; -} -int main() -{ - testFIPS202(); - return sum; -} diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c index bd5c7793..d9f9ca81 100644 --- a/crypto/aes/aes_core.c +++ b/crypto/aes/aes_core.c @@ -629,7 +629,7 @@ static const u32 rcon[] = { /** * Expand the cipher key into the encryption key schedule. */ -int AES_set_encrypt_key(const unsigned char *userKey, const int bits, +int AES_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key) { diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index dfdc1a6c..442db2d2 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -13,8 +13,12 @@ #include #include #include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #include #include "internal/evp_int.h" diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c index 8986c43c..3f9631a6 100644 --- a/crypto/asn1/i2d_pu.c +++ b/crypto/asn1/i2d_pu.c @@ -12,8 +12,12 @@ #include #include #include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #include int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index 51b56d0a..f871bd23 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -11,8 +11,12 @@ #include "internal/cryptlib.h" #include #include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #include /* Print out an SPKI */ diff --git a/crypto/base58/base58.c b/crypto/base58/base58.c old mode 100644 new mode 100755 index c968cc37..d1aa3c15 --- a/crypto/base58/base58.c +++ b/crypto/base58/base58.c @@ -53,12 +53,11 @@ * under the terms of the standard MIT license. See COPYING for more details. */ -#include -#include -#include + #include #include #include +#include #include static const int8_t b58digits_map[] = { @@ -78,23 +77,28 @@ int base58_decode(const char *b58, size_t b58sz, void *bin, size_t *binszp) const unsigned char *b58u = (void*)b58; unsigned char *binu = bin; size_t outisz = (binsz + 3) / 4; - uint32_t outi[outisz]; + //uint32_t outi[outisz]; + uint32_t *outi = NULL; uint64_t t; uint32_t c; size_t i, j; uint8_t bytesleft = binsz % 4; uint32_t zeromask = bytesleft ? (0xffffffff << (bytesleft * 8)) : 0; unsigned zerocount = 0; - + if (!b58sz) b58sz = strlen(b58); - + + if (!(outi = OPENSSL_malloc(outisz))) { + return 0; + } + memset(outi, 0, outisz * sizeof(*outi)); - + // Leading zeros, just count for (i = 0; i < b58sz && b58u[i] == '1'; ++i) ++zerocount; - + for ( ; i < b58sz; ++i) { if (b58u[i] & 0x80) { @@ -119,7 +123,7 @@ int base58_decode(const char *b58, size_t b58sz, void *bin, size_t *binszp) // Output number too big (last int32 filled too far) return 0; } - + j = 0; switch (bytesleft) { case 3: @@ -132,7 +136,7 @@ int base58_decode(const char *b58, size_t b58sz, void *bin, size_t *binszp) default: break; } - + for (; j < outisz; ++j) { *(binu++) = (outi[j] >> 0x18) & 0xff; @@ -140,7 +144,7 @@ int base58_decode(const char *b58, size_t b58sz, void *bin, size_t *binszp) *(binu++) = (outi[j] >> 8) & 0xff; *(binu++) = (outi[j] >> 0) & 0xff; } - + // Count canonical base58 byte count binu = bin; for (i = 0; i < binsz; ++i) @@ -150,7 +154,8 @@ int base58_decode(const char *b58, size_t b58sz, void *bin, size_t *binszp) --*binszp; } *binszp += zerocount; - + + OPENSSL_free(outi); return 1; } @@ -162,14 +167,18 @@ int base58_encode(const void *data, size_t binsz, char *b58, size_t *b58sz) int carry; ssize_t i, j, high, zcount = 0; size_t size; - + //uint8_t buf[size]; + uint8_t *buf = NULL; + while (zcount < binsz && !bin[zcount]) ++zcount; - + size = (binsz - zcount) * 138 / 100 + 1; - uint8_t buf[size]; - memset(buf, 0, size); - + + if (!(buf = OPENSSL_zalloc(size))) { + return 0; + } + for (i = zcount, high = size - 1; i < binsz; ++i, high = j) { for (carry = bin[i], j = size - 1; (j > high) || carry; --j) @@ -179,21 +188,23 @@ int base58_encode(const void *data, size_t binsz, char *b58, size_t *b58sz) carry /= 58; } } - + for (j = 0; j < size && !buf[j]; ++j); - + if (*b58sz <= zcount + size - j) { *b58sz = zcount + size - j + 1; return 0; } - + if (zcount) memset(b58, '1', zcount); for (i = zcount; j < size; ++i, ++j) b58[i] = b58digits_ordered[buf[j]]; b58[i] = '\0'; *b58sz = i + 1; - + +end: + OPENSSL_free(buf); return 1; } diff --git a/crypto/base58/base58_err.c b/crypto/base58/base58_err.c index 7563860a..9a034293 100644 --- a/crypto/base58/base58_err.c +++ b/crypto/base58/base58_err.c @@ -12,12 +12,9 @@ #include #include -#ifndef OPENSSL_NO_BASE58 - /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR - # define ERR_FUNC(func) ERR_PACK(ERR_LIB_BASE58,func,0) # define ERR_REASON(reason) ERR_PACK(ERR_LIB_BASE58,0,reason) @@ -45,5 +42,3 @@ int ERR_load_BASE58_strings(void) #endif return 1; } - -#endif \ No newline at end of file diff --git a/crypto/base58/build.info b/crypto/base58/build.info old mode 100644 new mode 100755 diff --git a/crypto/bb1ibe/bb1ibe_lib.c b/crypto/bb1ibe/bb1ibe_lib.c index a1293ddc..439d11e0 100644 --- a/crypto/bb1ibe/bb1ibe_lib.c +++ b/crypto/bb1ibe/bb1ibe_lib.c @@ -441,7 +441,7 @@ end: /* * c->u = HashToRange(DoubleHash(c->Chi0, c->Chi1, y, wbuf)) */ -static int BB1CiphertextBlock_hash_to_range(BB1PublicParameters *mpk, +int BB1CiphertextBlock_hash_to_range(BB1PublicParameters *mpk, BB1CiphertextBlock *c, const unsigned char *wbuf, size_t wbuflen, BIGNUM *bn, BN_CTX *bn_ctx) { @@ -846,10 +846,12 @@ int BB1IBE_do_decrypt(BB1PublicParameters *mpk, } /* h = H(ciphertext||w) */ +#if 0 + //remove warning if (!BB1CiphertextBlock_hash_to_range(mpk, in, wbuf, wbuflen, h, bn_ctx)) { goto end; } - +#endif /* s = in->nu - H(c) */ if (!BN_mod_sub(s, in->nu, h, mpk->q, bn_ctx)) { diff --git a/crypto/bn/README.pod b/crypto/bn/README.pod deleted file mode 100644 index 109ab0d9..00000000 --- a/crypto/bn/README.pod +++ /dev/null @@ -1,247 +0,0 @@ -=pod - -=head1 NAME - -bn_mul_words, bn_mul_add_words, bn_sqr_words, bn_div_words, -bn_add_words, bn_sub_words, bn_mul_comba4, bn_mul_comba8, -bn_sqr_comba4, bn_sqr_comba8, bn_cmp_words, bn_mul_normal, -bn_mul_low_normal, bn_mul_recursive, bn_mul_part_recursive, -bn_mul_low_recursive, bn_mul_high, bn_sqr_normal, bn_sqr_recursive, -bn_expand, bn_wexpand, bn_expand2, bn_fix_top, bn_check_top, -bn_print, bn_dump, bn_set_max, bn_set_high, bn_set_low - BIGNUM -library internal functions - -=head1 SYNOPSIS - - #include - - BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); - BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, - BN_ULONG w); - void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); - BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); - BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp, - int num); - BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp, - int num); - - void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); - void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); - void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a); - void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a); - - int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n); - - void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, - int nb); - void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n); - void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - int dna, int dnb, BN_ULONG *tmp); - void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, - int n, int tna, int tnb, BN_ULONG *tmp); - void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, - int n2, BN_ULONG *tmp); - void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, - int n2, BN_ULONG *tmp); - - void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); - void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *tmp); - - void mul(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c); - void mul_add(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c); - void sqr(BN_ULONG r0, BN_ULONG r1, BN_ULONG a); - - BIGNUM *bn_expand(BIGNUM *a, int bits); - BIGNUM *bn_wexpand(BIGNUM *a, int n); - BIGNUM *bn_expand2(BIGNUM *a, int n); - void bn_fix_top(BIGNUM *a); - - void bn_check_top(BIGNUM *a); - void bn_print(BIGNUM *a); - void bn_dump(BN_ULONG *d, int n); - void bn_set_max(BIGNUM *a); - void bn_set_high(BIGNUM *r, BIGNUM *a, int n); - void bn_set_low(BIGNUM *r, BIGNUM *a, int n); - -=head1 DESCRIPTION - -This page documents the internal functions used by the OpenSSL -B implementation. They are described here to facilitate -debugging and extending the library. They are I to be used by -applications. - -=head2 The BIGNUM structure - - typedef struct bignum_st BIGNUM; - - struct bignum_st - { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ - int top; /* Index of last used d +1. */ - /* The next are internal book keeping for bn_expand. */ - int dmax; /* Size of the d array. */ - int neg; /* one if the number is negative */ - int flags; - }; - - -The integer value is stored in B, a malloc()ed array of words (B), -least significant word first. A B can be either 16, 32 or 64 bits -in size, depending on the 'number of bits' (B) specified in -C. - -B is the size of the B array that has been allocated. B -is the number of words being used, so for a value of 4, bn.d[0]=4 and -bn.top=1. B is 1 if the number is negative. When a B is -B<0>, the B field can be B and B == B<0>. - -B is a bit field of flags which are defined in C. The -flags begin with B. The macros BN_set_flags(b, n) and -BN_get_flags(b, n) exist to enable or fetch flag(s) B from B -structure B. - -Various routines in this library require the use of temporary -B variables during their execution. Since dynamic memory -allocation to create Bs is rather expensive when used in -conjunction with repeated subroutine calls, the B structure is -used. This structure contains B Bs, see -L. - -=head2 Low-level arithmetic operations - -These functions are implemented in C and for several platforms in -assembly language: - -bn_mul_words(B, B, B, B) operates on the B word -arrays B and B. It computes B * B, places the result -in B, and returns the high word (carry). - -bn_mul_add_words(B, B, B, B) operates on the B -word arrays B and B. It computes B * B + B, places -the result in B, and returns the high word (carry). - -bn_sqr_words(B, B, B) operates on the B word array -B and the 2*B word array B. It computes B * B -word-wise, and places the low and high bytes of the result in B. - -bn_div_words(B, B, B) divides the two word number (B, B) -by B and returns the result. - -bn_add_words(B, B, B, B) operates on the B word -arrays B, B and B. It computes B + B, places the -result in B, and returns the high word (carry). - -bn_sub_words(B, B, B, B) operates on the B word -arrays B, B and B. It computes B - B, places the -result in B, and returns the carry (1 if B E B, 0 -otherwise). - -bn_mul_comba4(B, B, B) operates on the 4 word arrays B and -B and the 8 word array B. It computes B*B and places the -result in B. - -bn_mul_comba8(B, B, B) operates on the 8 word arrays B and -B and the 16 word array B. It computes B*B and places the -result in B. - -bn_sqr_comba4(B, B, B) operates on the 4 word arrays B and -B and the 8 word array B. - -bn_sqr_comba8(B, B, B) operates on the 8 word arrays B and -B and the 16 word array B. - -The following functions are implemented in C: - -bn_cmp_words(B, B, B) operates on the B word arrays B -and B. It returns 1, 0 and -1 if B is greater than, equal and -less than B. - -bn_mul_normal(B, B, B, B, B) operates on the B -word array B, the B word array B and the B+B word -array B. It computes B*B and places the result in B. - -bn_mul_low_normal(B, B, B, B) operates on the B word -arrays B, B and B. It computes the B low words of -B*B and places the result in B. - -bn_mul_recursive(B, B, B, B, B, B, B) operates -on the word arrays B and B of length B+B and B+B -(B and B are currently allowed to be 0 or negative) and the 2*B -word arrays B and B. B must be a power of 2. It computes -B*B and places the result in B. - -bn_mul_part_recursive(B, B, B, B, B, B, B) -operates on the word arrays B and B of length B+B and -B+B and the 4*B word arrays B and B. - -bn_mul_low_recursive(B, B, B, B, B) operates on the -B word arrays B and B and the B/2 word arrays B -and B. - -bn_mul_high(B, B, B, B, B, B) operates on the -B word arrays B, B, B and B (?) and the 3*B word -array B. - -BN_mul() calls bn_mul_normal(), or an optimized implementation if the -factors have the same size: bn_mul_comba8() is used if they are 8 -words long, bn_mul_recursive() if they are larger than -B and the size is an exact multiple of the word -size, and bn_mul_part_recursive() for others that are larger than -B. - -bn_sqr_normal(B, B, B, B) operates on the B word array -B and the 2*B word arrays B and B. - -The implementations use the following macros which, depending on the -architecture, may use "long long" C operations or inline assembler. -They are defined in C. - -mul(B, B, B, B) computes B*B+B and places the -low word of the result in B and the high word in B. - -mul_add(B, B, B, B) computes B*B+B+B and -places the low word of the result in B and the high word in B. - -sqr(B, B, B) computes B*B and places the low word -of the result in B and the high word in B. - -=head2 Size changes - -bn_expand() ensures that B has enough space for a B bit -number. bn_wexpand() ensures that B has enough space for an -B word number. If the number has to be expanded, both macros -call bn_expand2(), which allocates a new B array and copies the -data. They return B on error, B otherwise. - -The bn_fix_top() macro reduces Btop> to point to the most -significant non-zero word plus one when B has shrunk. - -=head2 Debugging - -bn_check_top() verifies that C<((a)-Etop E= 0 && (a)-Etop -E= (a)-Edmax)>. A violation will cause the program to abort. - -bn_print() prints B to stderr. bn_dump() prints B words at B -(in reverse order, i.e. most significant word first) to stderr. - -bn_set_max() makes B a static number with a B of its current size. -This is used by bn_set_low() and bn_set_high() to make B a read-only -B that contains the B low or high words of B. - -If B is not defined, bn_check_top(), bn_print(), bn_dump() -and bn_set_max() are defined as empty macros. - -=head1 SEE ALSO - -L - -=head1 COPYRIGHT - -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. - -Licensed under the OpenSSL license (the "License"). You may not use -this file except in compliance with the License. You can obtain a copy -in the file LICENSE in the source distribution or at -L. - -=cut diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c index d8959f62..d43e8710 100644 --- a/crypto/bn/bn_err.c +++ b/crypto/bn/bn_err.c @@ -85,12 +85,14 @@ static ERR_STRING_DATA BN_str_functs[] = { static ERR_STRING_DATA BN_str_reasons[] = { {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"}, + {ERR_REASON(BN_R_BAD_ENCODING), "bad encoding"}, {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"}, {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"}, {ERR_REASON(BN_R_BITS_TOO_SMALL), "bits too small"}, {ERR_REASON(BN_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"}, + {ERR_REASON(BN_R_ENCODE_ERROR), "encode error"}, {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"}, {ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA), "expand on static bignum data"}, @@ -101,6 +103,7 @@ static ERR_STRING_DATA BN_str_reasons[] = { {ERR_REASON(BN_R_INVALID_SOLINAS), "invalid solinas"}, {ERR_REASON(BN_R_INVALID_SOLINAS_PARAMETERS), "invalid solinas parameters"}, + {ERR_REASON(BN_R_NEGATIVE_NUMBER), "negative number"}, {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"}, {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"}, {ERR_REASON(BN_R_NO_INVERSE), "no inverse"}, diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 9ce4c5f6..6029a618 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -12,7 +12,9 @@ #include "internal/cryptlib.h" #include "bn_lcl.h" #include -#include +#ifndef OPENSSL_NO_SHA +# include +#endif static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) { @@ -196,6 +198,8 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, const unsigned char *message, size_t message_len, BN_CTX *ctx) { + int ret = 0; +#ifndef OPENSSL_NO_DSA SHA512_CTX sha; /* * We use 512 bits of random data per iteration to ensure that we have at @@ -208,7 +212,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const unsigned num_k_bytes = BN_num_bytes(range) + 8; unsigned char private_bytes[96]; unsigned char *k_bytes; - int ret = 0; k_bytes = OPENSSL_malloc(num_k_bytes); if (k_bytes == NULL) @@ -254,5 +257,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, err: OPENSSL_free(k_bytes); OPENSSL_cleanse(private_bytes, sizeof(private_bytes)); +#endif return ret; } diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 8d459435..c3de747c 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -13,7 +13,12 @@ #include #include #include -#include +#ifndef OPENSSL_NO_AES +# include +#endif +#ifndef OPENSSL_NO_SMS4 +# include +#endif #include "cms_lcl.h" #include "internal/asn1_int.h" #include "internal/evp_int.h" @@ -614,10 +619,17 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, { CMS_EncryptedContentInfo *ec; CMS_KEKRecipientInfo *kekri; - AES_KEY actx; unsigned char *wkey = NULL; int wkeylen; int r = 0; +#if !defined(OPENSSL_NO_AES) + AES_KEY actx; +#elif !defined(OPENSSL_NO_SMS4) + sms4_key_t sctx; +#else + CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_AVAILABLE_CIPHER); + return 0; +#endif ec = cms->d.envelopedData->encryptedContentInfo; @@ -628,11 +640,15 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, return 0; } +#if !defined(OPENSSL_NO_AES) if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_ERROR_SETTING_KEY); goto err; } +#elif !defined(OPENSSL_NO_SMS4) + sms4_set_encrypt_key(&sctx, kekri->key); +#endif wkey = OPENSSL_malloc(ec->keylen + 8); @@ -641,7 +657,11 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, goto err; } +#ifndef OPENSSL_NO_AES wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen); +#elif !defined(OPENSSL_NO_SMS4) + wkeylen = sms4_wrap_key(&sctx, NULL, wkey, ec->key, ec->keylen); +#endif if (wkeylen <= 0) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR); @@ -656,7 +676,11 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, if (!r) OPENSSL_free(wkey); +#ifndef OPENSSL_NO_AES OPENSSL_cleanse(&actx, sizeof(actx)); +#elif !defined(OPENSSL_NO_SMS4) + OPENSSL_cleanse(&sctx, sizeof(sctx)); +#endif return r; @@ -669,10 +693,17 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, { CMS_EncryptedContentInfo *ec; CMS_KEKRecipientInfo *kekri; - AES_KEY actx; unsigned char *ukey = NULL; int ukeylen; int r = 0, wrap_nid; +#ifndef OPENSSL_NO_AES + AES_KEY actx; +#elif !defined(OPENSSL_NO_SMS4) + sms4_key_t sctx; +#else + CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_AVAILABLE_CIPHER); + return 0; +#endif ec = cms->d.envelopedData->encryptedContentInfo; @@ -684,11 +715,19 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, } wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm); +#ifndef OPENSSL_NO_AES if (aes_wrap_keylen(wrap_nid) != kekri->keylen) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_INVALID_KEY_LENGTH); return 0; } +#elif !defined(OPENSSL_NO_SMS4) + if (SMS4_KEY_LENGTH != kekri->keylen) { + CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, + CMS_R_INVALID_KEY_LENGTH); + return 0; + } +#endif /* If encrypted key length is invalid don't bother */ @@ -698,11 +737,15 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, goto err; } +#ifndef OPENSSL_NO_AES if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_ERROR_SETTING_KEY); goto err; } +#elif !defined(OPENSSL_NO_SMS4) + sms4_set_decrypt_key(&sctx, kekri->key); +#endif ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8); @@ -711,9 +754,15 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, goto err; } +#ifndef OPENSSL_NO_AES ukeylen = AES_unwrap_key(&actx, NULL, ukey, kekri->encryptedKey->data, kekri->encryptedKey->length); +#elif !defined(OPENSSL_NO_SMS4) + ukeylen = sms4_unwrap_key(&sctx, NULL, ukey, + kekri->encryptedKey->data, + kekri->encryptedKey->length); +#endif if (ukeylen <= 0) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR); @@ -729,7 +778,11 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, if (!r) OPENSSL_free(ukey); +#ifndef OPENSSL_NO_AES OPENSSL_cleanse(&actx, sizeof(actx)); +#elif !defined(OPENSSL_NO_SMS4) + OPENSSL_cleanse(&sctx, sizeof(sctx)); +#endif return r; diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c index c6df1b5a..2b4aad00 100644 --- a/crypto/cms/cms_err.c +++ b/crypto/cms/cms_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -189,6 +189,7 @@ static ERR_STRING_DATA CMS_str_reasons[] = { {ERR_REASON(CMS_R_NOT_PWRI), "not pwri"}, {ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "not supported for this key type"}, + {ERR_REASON(CMS_R_NO_AVAILABLE_CIPHER), "no available cipher"}, {ERR_REASON(CMS_R_NO_CIPHER), "no cipher"}, {ERR_REASON(CMS_R_NO_CONTENT), "no content"}, {ERR_REASON(CMS_R_NO_CONTENT_TYPE), "no content type"}, diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 3bc46feb..63999eb4 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -13,7 +13,9 @@ #include #include #include -#include +#ifndef OPENSSL_NO_AES +# include +#endif #include "cms_lcl.h" #include "internal/asn1_int.h" @@ -331,7 +333,9 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, { EVP_CIPHER_CTX *ctx = kari->ctx; const EVP_CIPHER *kekcipher; +#ifndef OPENSSL_NO_AES int keylen = EVP_CIPHER_key_length(cipher); +#endif /* If a suitable wrap algorithm is already set nothing to do */ kekcipher = EVP_CIPHER_CTX_cipher(ctx); @@ -344,17 +348,30 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, * Pick a cipher based on content encryption cipher. If it is DES3 use * DES3 wrap otherwise use AES wrap similar to key size. */ -#ifndef OPENSSL_NO_DES +#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA) + /* EVP_des_ede3_wrap() depends on EVP_sha1() */ if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc) kekcipher = EVP_des_ede3_wrap(); else #endif +#ifndef OPENSSL_NO_SMS4 + if (EVP_CIPHER_type(cipher) == NID_sms4_cbc + || EVP_CIPHER_type(cipher) == NID_sm1_cbc + || EVP_CIPHER_type(cipher) == NID_ssf33_cbc) + kekcipher = EVP_sms4_wrap(); + else +#endif +#ifndef OPENSSL_NO_AES if (keylen <= 16) kekcipher = EVP_aes_128_wrap(); else if (keylen <= 24) kekcipher = EVP_aes_192_wrap(); else kekcipher = EVP_aes_256_wrap(); +#endif + if (kekcipher == NULL) + return 0; + return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL); } diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 0571bb80..a7043e23 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -14,7 +14,9 @@ #include #include #include -#include +#ifndef OPENSSL_NO_AES +# include +#endif #include "cms_lcl.h" #include "internal/asn1_int.h" diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index dbf7dd3a..68737aa0 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -158,7 +158,12 @@ CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, { CMS_ContentInfo *cms; if (!md) +#ifndef OPENSSL_NO_SHA md = EVP_sha1(); +#else + md = EVP_get_default_digest(); +#endif + cms = cms_DigestedData_create(md); if (!cms) return NULL; diff --git a/crypto/cpk/cpk_err.c b/crypto/cpk/cpk_err.c old mode 100755 new mode 100644 index 441b052f..c6dec723 --- a/crypto/cpk/cpk_err.c +++ b/crypto/cpk/cpk_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -32,7 +32,6 @@ static ERR_STRING_DATA CPK_str_functs[] = { "CPK_PUBLIC_PARAMS_extract_public_key"}, {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY), "CPK_PUBLIC_PARAMS_validate_private_key"}, - {ERR_FUNC(CPK_F_X509_ALGOR_GET1_DSA), "X509_ALGOR_get1_DSA"}, {ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_EC_KEY"}, {0, NULL} }; diff --git a/crypto/cpk/cpk_lib.c b/crypto/cpk/cpk_lib.c index 64a8293e..50713047 100755 --- a/crypto/cpk/cpk_lib.c +++ b/crypto/cpk/cpk_lib.c @@ -59,7 +59,6 @@ #include #include #include -#include "../dsa/dsa_locl.h" #include "../x509/x509_lcl.h" #include "cpk_lcl.h" @@ -95,12 +94,7 @@ CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, } pkey_type = EVP_PKEY_id(pkey); - if (pkey_type == EVP_PKEY_DSA) { - if (!(order = ((DSA *)EVP_PKEY_get0(pkey))->q)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_BAD_ARGUMENT); - goto err; - } - } else if (pkey_type == EVP_PKEY_EC) { + if (pkey_type == EVP_PKEY_EC) { const EC_GROUP *ec_group; if (!(order = BN_new())) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); diff --git a/crypto/cversion.c b/crypto/cversion.c index 96d8a5b5..f7fc319e 100644 --- a/crypto/cversion.c +++ b/crypto/cversion.c @@ -63,3 +63,34 @@ const char *OpenSSL_version(int t) } return ("not available"); } + +char *GmSSL_version(void) +{ + char *ret = NULL; + int len = 0; + + /* + // use BIO_snprintf, not snprintf, VC does not support this!! + len = snprintf(NULL, 0, "%s\n%s\n%s\n%s\n%s\n%s\n", + OpenSSL_version(0), + OpenSSL_version(1), + OpenSSL_version(2), + OpenSSL_version(3), + OpenSSL_version(4), + OpenSSL_version(5)); + + if (!(ret = OPENSSL_malloc(len))) { + return NULL; + } + + snprintf(ret, len, "%s\n%s\n%s\n%s\n%s\n%s\n", + OpenSSL_version(0), + OpenSSL_version(1), + OpenSSL_version(2), + OpenSSL_version(3), + OpenSSL_version(4), + OpenSSL_version(5)); + */ + + return ret; +} diff --git a/crypto/delocate.h b/crypto/delocate.h new file mode 100644 index 00000000..0153a4eb --- /dev/null +++ b/crypto/delocate.h @@ -0,0 +1,88 @@ +/* Copyright (c) 2017, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_FIPSMODULE_DELOCATE_H +#define OPENSSL_HEADER_FIPSMODULE_DELOCATE_H + +#include + +#include "../internal.h" + + +#if defined(BORINGSSL_FIPS) && !defined(OPENSSL_ASAN) && !defined(OPENSSL_MSAN) +#define DEFINE_BSS_GET(type, name) \ + static type name __attribute__((used)); \ + type *name##_bss_get(void); +/* For FIPS builds we require that CRYPTO_ONCE_INIT be zero. */ +#define DEFINE_STATIC_ONCE(name) DEFINE_BSS_GET(CRYPTO_once_t, name) +/* For FIPS builds we require that CRYPTO_STATIC_MUTEX_INIT be zero. */ +#define DEFINE_STATIC_MUTEX(name) \ + DEFINE_BSS_GET(struct CRYPTO_STATIC_MUTEX, name) +/* For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero. */ +#define DEFINE_STATIC_EX_DATA_CLASS(name) \ + DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name) +#else +#define DEFINE_BSS_GET(type, name) \ + static type name; \ + static type *name##_bss_get(void) { return &name; } +#define DEFINE_STATIC_ONCE(name) \ + static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \ + static CRYPTO_once_t *name##_bss_get(void) { return &name; } +#define DEFINE_STATIC_MUTEX(name) \ + static struct CRYPTO_STATIC_MUTEX name = CRYPTO_STATIC_MUTEX_INIT; \ + static struct CRYPTO_STATIC_MUTEX *name##_bss_get(void) { return &name; } +#define DEFINE_STATIC_EX_DATA_CLASS(name) \ + static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \ + static CRYPTO_EX_DATA_CLASS *name##_bss_get(void) { return &name; } +#endif + +#define DEFINE_DATA(type, name, accessor_decorations) \ + DEFINE_BSS_GET(type, name##_storage) \ + DEFINE_STATIC_ONCE(name##_once) \ + static void name##_do_init(type *out); \ + static void name##_init(void) { name##_do_init(name##_storage_bss_get()); } \ + accessor_decorations type *name(void) { \ + CRYPTO_once(name##_once_bss_get(), name##_init); \ + /* See http://c-faq.com/ansi/constmismatch.html for why the following \ + * cast is needed. */ \ + return (const type *)name##_storage_bss_get(); \ + } \ + static void name##_do_init(type *out) + +/* DEFINE_METHOD_FUNCTION defines a function named |name| which returns a + * method table of type const |type|*. In FIPS mode, to avoid rel.ro data, it + * is split into a CRYPTO_once_t-guarded initializer in the module and + * unhashed, non-module accessor functions to space reserved in the BSS. The + * method table is initialized by a caller-supplied function which takes a + * parameter named |out| of type |type|*. The caller should follow the macro + * invocation with the body of this function: + * + * DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md4) { + * out->type = NID_md4; + * out->md_size = MD4_DIGEST_LENGTH; + * out->flags = 0; + * out->init = md4_init; + * out->update = md4_update; + * out->final = md4_final; + * out->block_size = 64; + * out->ctx_size = sizeof(MD4_CTX); + * } + * + * This mechanism does not use a static initializer because their execution + * order is undefined. See FIPS.md for more details. */ +#define DEFINE_METHOD_FUNCTION(type, name) DEFINE_DATA(type, name, const) + +#define DEFINE_LOCAL_DATA(type, name) DEFINE_DATA(type, name, static const) + +#endif /* OPENSSL_HEADER_FIPSMODULE_DELOCATE_H */ diff --git a/crypto/ec/build.info b/crypto/ec/build.info index 970c2922..ee2d924b 100644 --- a/crypto/ec/build.info +++ b/crypto/ec/build.info @@ -6,6 +6,7 @@ SOURCE[../../libcrypto]=\ ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \ ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c ecdh_kdf.c \ ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c ecx_meth.c \ + ec_ctrl.c \ {- $target{ec_asm_src} -} GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR) diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 66437e0d..687896fd 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -809,7 +809,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) goto err; if (kdf_md == NULL) { /* Fixme later for better MD */ - kdf_md = EVP_sha1(); + kdf_md = EVP_get_default_digest(); if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) goto err; } diff --git a/crypto/ec/ec_bssl_asn1.c b/crypto/ec/ec_bssl_asn1.c new file mode 100644 index 00000000..43946f15 --- /dev/null +++ b/crypto/ec/ec_bssl_asn1.c @@ -0,0 +1,567 @@ +/* Written by Nils Larsch for the OpenSSL project. */ +/* ==================================================================== + * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include + +#include +#include + +#include +#include +#include +#include +#include + +#include "../bytestring/internal.h" +#include "../internal.h" +#include +#include "ec_lcl.h" + +static const uint8_t kParametersTag = + CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0; +static const uint8_t kPublicKeyTag = + CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1; + +EC_KEY *EC_KEY_parse_private_key(CBS *cbs, const EC_GROUP *group) { + CBS ec_private_key, private_key; + uint64_t version; + if (!CBS_get_asn1(cbs, &ec_private_key, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1_uint64(&ec_private_key, &version) || + version != 1 || + !CBS_get_asn1(&ec_private_key, &private_key, CBS_ASN1_OCTETSTRING)) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + return NULL; + } + + /* Parse the optional parameters field. */ + EC_GROUP *inner_group = NULL; + EC_KEY *ret = NULL; + if (CBS_peek_asn1_tag(&ec_private_key, kParametersTag)) { + /* Per SEC 1, as an alternative to omitting it, one is allowed to specify + * this field and put in a NULL to mean inheriting this value. This was + * omitted in a previous version of this logic without problems, so leave it + * unimplemented. */ + CBS child; + if (!CBS_get_asn1(&ec_private_key, &child, kParametersTag)) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + goto err; + } + inner_group = EC_KEY_parse_parameters(&child); + if (inner_group == NULL) { + goto err; + } + if (group == NULL) { + group = inner_group; + } else if (EC_GROUP_cmp(group, inner_group, NULL) != 0) { + /* If a group was supplied externally, it must match. */ + //OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH); + goto err; + } + if (CBS_len(&child) != 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + goto err; + } + } + + if (group == NULL) { + //OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS); + goto err; + } + + ret = EC_KEY_new(); + if (ret == NULL || !EC_KEY_set_group(ret, group)) { + goto err; + } + + /* Although RFC 5915 specifies the length of the key, OpenSSL historically + * got this wrong, so accept any length. See upstream's + * 30cd4ff294252c4b6a4b69cbef6a5b4117705d22. */ + ret->priv_key = + BN_bin2bn(CBS_data(&private_key), CBS_len(&private_key), NULL); + ret->pub_key = EC_POINT_new(group); + if (ret->priv_key == NULL || ret->pub_key == NULL) { + goto err; + } + + if (BN_cmp(ret->priv_key, EC_GROUP_get0_order(group)) >= 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); + goto err; + } + + if (CBS_peek_asn1_tag(&ec_private_key, kPublicKeyTag)) { + CBS child, public_key; + uint8_t padding; + if (!CBS_get_asn1(&ec_private_key, &child, kPublicKeyTag) || + !CBS_get_asn1(&child, &public_key, CBS_ASN1_BITSTRING) || + /* As in a SubjectPublicKeyInfo, the byte-encoded public key is then + * encoded as a BIT STRING with bits ordered as in the DER encoding. */ + !CBS_get_u8(&public_key, &padding) || + padding != 0 || + /* Explicitly check |public_key| is non-empty to save the conversion + * form later. */ + CBS_len(&public_key) == 0 || + !EC_POINT_oct2point(group, ret->pub_key, CBS_data(&public_key), + CBS_len(&public_key), NULL) || + CBS_len(&child) != 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + goto err; + } + + /* Save the point conversion form. + * TODO(davidben): Consider removing this. */ + ret->conv_form = + (point_conversion_form_t)(CBS_data(&public_key)[0] & ~0x01); + } else { + /* Compute the public key instead. */ + if (!EC_POINT_mul(group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { + goto err; + } + /* Remember the original private-key-only encoding. + * TODO(davidben): Consider removing this. */ + ret->enc_flag |= EC_PKEY_NO_PUBKEY; + } + + if (CBS_len(&ec_private_key) != 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + goto err; + } + + /* Ensure the resulting key is valid. */ + if (!EC_KEY_check_key(ret)) { + goto err; + } + + EC_GROUP_free(inner_group); + return ret; + +err: + EC_KEY_free(ret); + EC_GROUP_free(inner_group); + return NULL; +} + +int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key, + unsigned enc_flags) { + if (key == NULL || key->group == NULL || key->priv_key == NULL) { + //OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + CBB ec_private_key, private_key; + if (!CBB_add_asn1(cbb, &ec_private_key, CBS_ASN1_SEQUENCE) || + !CBB_add_asn1_uint64(&ec_private_key, 1 /* version */) || + !CBB_add_asn1(&ec_private_key, &private_key, CBS_ASN1_OCTETSTRING) || + !BN_bn2cbb_padded(&private_key, + BN_num_bytes(EC_GROUP_get0_order(key->group)), + key->priv_key)) { + //OPENSSL_PUT_ERROR(EC, EC_R_ENCODE_ERROR); + return 0; + } + + if (!(enc_flags & EC_PKEY_NO_PARAMETERS)) { + CBB child; + if (!CBB_add_asn1(&ec_private_key, &child, kParametersTag) || + !EC_KEY_marshal_curve_name(&child, key->group) || + !CBB_flush(&ec_private_key)) { + //OPENSSL_PUT_ERROR(EC, EC_R_ENCODE_ERROR); + return 0; + } + } + + /* TODO(fork): replace this flexibility with sensible default? */ + if (!(enc_flags & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { + CBB child, public_key; + if (!CBB_add_asn1(&ec_private_key, &child, kPublicKeyTag) || + !CBB_add_asn1(&child, &public_key, CBS_ASN1_BITSTRING) || + /* As in a SubjectPublicKeyInfo, the byte-encoded public key is then + * encoded as a BIT STRING with bits ordered as in the DER encoding. */ + !CBB_add_u8(&public_key, 0 /* padding */) || + !EC_POINT_point2cbb(&public_key, key->group, key->pub_key, + key->conv_form, NULL) || + !CBB_flush(&ec_private_key)) { + //OPENSSL_PUT_ERROR(EC, EC_R_ENCODE_ERROR); + return 0; + } + } + + if (!CBB_flush(cbb)) { + //OPENSSL_PUT_ERROR(EC, EC_R_ENCODE_ERROR); + return 0; + } + + return 1; +} + +/* is_unsigned_integer returns one if |cbs| is a valid unsigned DER INTEGER and + * zero otherwise. */ +static int is_unsigned_integer(const CBS *cbs) { + if (CBS_len(cbs) == 0) { + return 0; + } + uint8_t byte = CBS_data(cbs)[0]; + if ((byte & 0x80) || + (byte == 0 && CBS_len(cbs) > 1 && (CBS_data(cbs)[1] & 0x80) == 0)) { + /* Negative or not minimally-encoded. */ + return 0; + } + return 1; +} + +/* kPrimeFieldOID is the encoding of 1.2.840.10045.1.1. */ +static const uint8_t kPrimeField[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01}; + +static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a, + CBS *out_b, CBS *out_base_x, + CBS *out_base_y, CBS *out_order) { + /* See RFC 3279, section 2.3.5. Note that RFC 3279 calls this structure an + * ECParameters while RFC 5480 calls it a SpecifiedECDomain. */ + CBS params, field_id, field_type, curve, base; + uint64_t version; + if (!CBS_get_asn1(in, ¶ms, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1_uint64(¶ms, &version) || + version != 1 || + !CBS_get_asn1(¶ms, &field_id, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(&field_id, &field_type, CBS_ASN1_OBJECT) || + CBS_len(&field_type) != sizeof(kPrimeField) || + OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 || + !CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) || + !is_unsigned_integer(out_prime) || + CBS_len(&field_id) != 0 || + !CBS_get_asn1(¶ms, &curve, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(&curve, out_a, CBS_ASN1_OCTETSTRING) || + !CBS_get_asn1(&curve, out_b, CBS_ASN1_OCTETSTRING) || + /* |curve| has an optional BIT STRING seed which we ignore. */ + !CBS_get_asn1(¶ms, &base, CBS_ASN1_OCTETSTRING) || + !CBS_get_asn1(¶ms, out_order, CBS_ASN1_INTEGER) || + !is_unsigned_integer(out_order)) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + return 0; + } + + /* |params| has an optional cofactor which we ignore. With the optional seed + * in |curve|, a group already has arbitrarily many encodings. Parse enough to + * uniquely determine the curve. */ + + /* Require that the base point use uncompressed form. */ + uint8_t form; + if (!CBS_get_u8(&base, &form) || form != POINT_CONVERSION_UNCOMPRESSED) { + //OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FORM); + return 0; + } + + if (CBS_len(&base) % 2 != 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + return 0; + } + size_t field_len = CBS_len(&base) / 2; + CBS_init(out_base_x, CBS_data(&base), field_len); + CBS_init(out_base_y, CBS_data(&base) + field_len, field_len); + + return 1; +} + +/* integers_equal returns one if |a| and |b| are equal, up to leading zeros, and + * zero otherwise. */ +static int integers_equal(const CBS *a, const uint8_t *b, size_t b_len) { + /* Remove leading zeros from |a| and |b|. */ + CBS a_copy = *a; + while (CBS_len(&a_copy) > 0 && CBS_data(&a_copy)[0] == 0) { + CBS_skip(&a_copy, 1); + } + while (b_len > 0 && b[0] == 0) { + b++; + b_len--; + } + return CBS_mem_equal(&a_copy, b, b_len); +} + +#if 0 +EC_GROUP *EC_KEY_parse_curve_name(CBS *cbs) { + CBS named_curve; + if (!CBS_get_asn1(cbs, &named_curve, CBS_ASN1_OBJECT)) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + return NULL; + } + + /* Look for a matching curve. */ + const struct built_in_curves *const curves = OPENSSL_built_in_curves(); + for (size_t i = 0; i < OPENSSL_NUM_BUILT_IN_CURVES; i++) { + const struct built_in_curve *curve = &curves->curves[i]; + if (CBS_len(&named_curve) == curve->oid_len && + OPENSSL_memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == + 0) { + return EC_GROUP_new_by_curve_name(curve->nid); + } + } + + //OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + return NULL; +} + +int EC_KEY_marshal_curve_name(CBB *cbb, const EC_GROUP *group) { + int nid = EC_GROUP_get_curve_name(group); + if (nid == NID_undef) { + //OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + return 0; + } + + const struct built_in_curves *const curves = OPENSSL_built_in_curves(); + for (size_t i = 0; i < OPENSSL_NUM_BUILT_IN_CURVES; i++) { + const struct built_in_curve *curve = &curves->curves[i]; + if (curve->nid == nid) { + CBB child; + return CBB_add_asn1(cbb, &child, CBS_ASN1_OBJECT) && + CBB_add_bytes(&child, curve->oid, curve->oid_len) && + CBB_flush(cbb); + } + } + + //OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + return 0; +} + +EC_GROUP *EC_KEY_parse_parameters(CBS *cbs) { + if (!CBS_peek_asn1_tag(cbs, CBS_ASN1_SEQUENCE)) { + return EC_KEY_parse_curve_name(cbs); + } + + /* OpenSSL sometimes produces ECPrivateKeys with explicitly-encoded versions + * of named curves. + * + * TODO(davidben): Remove support for this. */ + CBS prime, a, b, base_x, base_y, order; + if (!parse_explicit_prime_curve(cbs, &prime, &a, &b, &base_x, &base_y, + &order)) { + return NULL; + } + + /* Look for a matching prime curve. */ + const struct built_in_curves *const curves = OPENSSL_built_in_curves(); + for (size_t i = 0; i < OPENSSL_NUM_BUILT_IN_CURVES; i++) { + const struct built_in_curve *curve = &curves->curves[i]; + const unsigned param_len = curve->data->param_len; + /* |curve->data->data| is ordered p, a, b, x, y, order, each component + * zero-padded up to the field length. Although SEC 1 states that the + * Field-Element-to-Octet-String conversion also pads, OpenSSL mis-encodes + * |a| and |b|, so this comparison must allow omitting leading zeros. (This + * is relevant for P-521 whose |b| has a leading 0.) */ + if (integers_equal(&prime, curve->data->data, param_len) && + integers_equal(&a, curve->data->data + param_len, param_len) && + integers_equal(&b, curve->data->data + param_len * 2, param_len) && + integers_equal(&base_x, curve->data->data + param_len * 3, param_len) && + integers_equal(&base_y, curve->data->data + param_len * 4, param_len) && + integers_equal(&order, curve->data->data + param_len * 5, param_len)) { + return EC_GROUP_new_by_curve_name(curve->nid); + } + } + + //OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + return NULL; +} +#endif + +int EC_POINT_point2cbb(CBB *out, const EC_GROUP *group, const EC_POINT *point, + point_conversion_form_t form, BN_CTX *ctx) { + size_t len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx); + if (len == 0) { + return 0; + } + uint8_t *p; + return CBB_add_space(out, &p, len) && + EC_POINT_point2oct(group, point, form, p, len, ctx) == len; +} + +EC_KEY *d2i_ECPrivateKey(EC_KEY **out, const uint8_t **inp, long len) { + /* This function treats its |out| parameter differently from other |d2i| + * functions. If supplied, take the group from |*out|. */ + const EC_GROUP *group = NULL; + if (out != NULL && *out != NULL) { + group = EC_KEY_get0_group(*out); + } + + if (len < 0) { + //OPENSSL_PUT_ERROR(EC, EC_R_DECODE_ERROR); + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EC_KEY *ret = EC_KEY_parse_private_key(&cbs, group); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + EC_KEY_free(*out); + *out = ret; + } + *inp = CBS_data(&cbs); + return ret; +} + +#if 0 +int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { + CBB cbb; + if (!CBB_init(&cbb, 0) || + !EC_KEY_marshal_private_key(&cbb, key, EC_KEY_get_enc_flags(key))) { + CBB_cleanup(&cbb); + return -1; + } + return CBB_finish_i2d(&cbb, outp); +} + +EC_KEY *d2i_ECParameters(EC_KEY **out_key, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EC_GROUP *group = EC_KEY_parse_parameters(&cbs); + if (group == NULL) { + return NULL; + } + + EC_KEY *ret = EC_KEY_new(); + if (ret == NULL || !EC_KEY_set_group(ret, group)) { + EC_GROUP_free(group); + EC_KEY_free(ret); + return NULL; + } + EC_GROUP_free(group); + + if (out_key != NULL) { + EC_KEY_free(*out_key); + *out_key = ret; + } + *inp = CBS_data(&cbs); + return ret; +} + +int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { + if (key == NULL || key->group == NULL) { + //OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + return -1; + } + + CBB cbb; + if (!CBB_init(&cbb, 0) || + !EC_KEY_marshal_curve_name(&cbb, key->group)) { + CBB_cleanup(&cbb); + return -1; + } + return CBB_finish_i2d(&cbb, outp); +} +#endif + +EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { + EC_KEY *ret = NULL; + + if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { + //OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + ret = *keyp; + if (ret->pub_key == NULL && + (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { + // OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + return NULL; + } + if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { + //OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + return NULL; + } + /* save the point conversion form */ + ret->conv_form = (point_conversion_form_t)(*inp[0] & ~0x01); + *inp += len; + return ret; +} + +int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { + size_t buf_len = 0; + int new_buffer = 0; + + if (key == NULL) { + //OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + buf_len = EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, NULL, + 0, NULL); + + if (outp == NULL || buf_len == 0) { + /* out == NULL => just return the length of the octet string */ + return buf_len; + } + + if (*outp == NULL) { + *outp = OPENSSL_malloc(buf_len); + if (*outp == NULL) { + //OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + return 0; + } + new_buffer = 1; + } + if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp, + buf_len, NULL)) { + //OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + if (new_buffer) { + OPENSSL_free(*outp); + *outp = NULL; + } + return 0; + } + + if (!new_buffer) { + *outp += buf_len; + } + return buf_len; +} diff --git a/crypto/ec/ec_ctrl.c b/crypto/ec/ec_ctrl.c new file mode 100644 index 00000000..488cf46e --- /dev/null +++ b/crypto/ec/ec_ctrl.c @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include + + +#ifdef OPENSSL_NO_MACRO +int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL); +} + +int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL); +} + +int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int co_mode) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_ECDH_COFACTOR, co_mode, NULL); +} + +int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL); +} + +int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL); +} + +int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL); +} + +int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md); +} + +int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd); +} + +int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL); +} + +int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen); +} + +int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *der, int len) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_KDF_UKM, len, (void *)der) +} + +int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pder) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)pder) +} +#endif diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index dfe86e5c..6bc42df7 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -24,7 +24,6 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"}, {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"}, {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"}, - {ERR_FUNC(EC_F_D2I_SM2_CIPHERTEXT_VALUE), "d2i_SM2_CIPHERTEXT_VALUE"}, {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "do_EC_KEY_print"}, {ERR_FUNC(EC_F_ECDH_CMS_DECRYPT), "ecdh_cms_decrypt"}, {ERR_FUNC(EC_F_ECDH_CMS_SET_SHARED_INFO), "ecdh_cms_set_shared_info"}, @@ -54,7 +53,6 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "eckey_pub_decode"}, {ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "eckey_pub_encode"}, {ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "eckey_type2param"}, - {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"}, {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"}, {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"}, {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"}, @@ -160,10 +158,8 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"}, {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"}, {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"}, - {ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"}, {ERR_FUNC(EC_F_EC_KEY_NEW_METHOD), "EC_KEY_new_method"}, {ERR_FUNC(EC_F_EC_KEY_OCT2PRIV), "EC_KEY_oct2priv"}, - {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"}, {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"}, {ERR_FUNC(EC_F_EC_KEY_PRIV2OCT), "EC_KEY_priv2oct"}, {ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES), @@ -210,7 +206,6 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"}, {ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"}, {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"}, - {ERR_FUNC(EC_F_I2D_SM2_CIPHERTEXT_VALUE), "i2d_SM2_CIPHERTEXT_VALUE"}, {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"}, {ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "nistp224_pre_comp_new"}, {ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "nistp256_pre_comp_new"}, @@ -229,37 +224,14 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "pkey_ec_keygen"}, {ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "pkey_ec_paramgen"}, {ERR_FUNC(EC_F_PKEY_EC_SIGN), "pkey_ec_sign"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_DECODE), - "SM2_CIPHERTEXT_VALUE_decode"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_ENCODE), - "SM2_CIPHERTEXT_VALUE_encode"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_GET_ECIES_CIPHERTEXT_VALUE), - "SM2_CIPHERTEXT_VALUE_get_ECIES_CIPHERTEXT_VALUE"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_NEW), "SM2_CIPHERTEXT_VALUE_new"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECIES_CIPHERTEXT_VALUE), - "SM2_CIPHERTEXT_VALUE_new_from_ECIES_CIPHERTEXT_VALUE"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_SET_ECIES_CIPHERTEXT_VALUE), - "SM2_CIPHERTEXT_VALUE_set_ECIES_CIPHERTEXT_VALUE"}, - {ERR_FUNC(EC_F_SM2_CIPHERTEXT_VALUE_SIZE), "SM2_CIPHERTEXT_VALUE_size"}, {ERR_FUNC(EC_F_SM2_COMPUTE_ID_DIGEST), "SM2_compute_id_digest"}, {ERR_FUNC(EC_F_SM2_COMPUTE_MESSAGE_DIGEST), "SM2_compute_message_digest"}, - {ERR_FUNC(EC_F_SM2_DECRYPT), "SM2_decrypt"}, - {ERR_FUNC(EC_F_SM2_DO_DECRYPT), "SM2_do_decrypt"}, {ERR_FUNC(EC_F_SM2_DO_ENCRYPT), "SM2_do_encrypt"}, - {ERR_FUNC(EC_F_SM2_DO_SIGN), "SM2_do_sign"}, - {ERR_FUNC(EC_F_SM2_DO_VERIFY), "SM2_do_verify"}, - {ERR_FUNC(EC_F_SM2_ENCRYPT), "SM2_encrypt"}, - {ERR_FUNC(EC_F_SM2_ENC_PARAMS_DUP), "SM2_ENC_PARAMS_dup"}, - {ERR_FUNC(EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED), - "SM2_ENC_PARAMS_init_with_recommended"}, - {ERR_FUNC(EC_F_SM2_ENC_PARAMS_NEW), "SM2_ENC_PARAMS_new"}, - {ERR_FUNC(EC_F_SM2_ENC_PARAMS_SET_TYPE), "SM2_ENC_PARAMS_set_type"}, {ERR_FUNC(EC_F_SM2_GET_PUBLIC_KEY_DATA), "SM2_get_public_key_data"}, {ERR_FUNC(EC_F_SM2_KAP_COMPUTE_KEY), "SM2_KAP_compute_key"}, {ERR_FUNC(EC_F_SM2_KAP_CTX_INIT), "SM2_KAP_CTX_init"}, {ERR_FUNC(EC_F_SM2_KAP_FINAL_CHECK), "SM2_KAP_final_check"}, {ERR_FUNC(EC_F_SM2_KAP_PREPARE), "SM2_KAP_prepare"}, - {ERR_FUNC(EC_F_SM2_SIGN_SETUP), "SM2_sign_setup"}, {ERR_FUNC(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK), "type1curve_eval_line_textbook"}, {ERR_FUNC(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK), @@ -273,7 +245,6 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"}, {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"}, {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"}, - {ERR_REASON(EC_R_CIPHERTEXT_ENCODE_FAILED), "ciphertext encode failed"}, {ERR_REASON(EC_R_CMAC_FINAL_FAILURE), "cmac final failure"}, {ERR_REASON(EC_R_CMAC_INIT_FAILURE), "cmac init failure"}, {ERR_REASON(EC_R_CMAC_UPDATE_FAILURE), "cmac update failure"}, @@ -292,22 +263,16 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_ECIES_DECRYPT_FAILED), "ecies decrypt failed"}, {ERR_REASON(EC_R_ECIES_DECRYPT_INIT_FAILURE), "ecies decrypt init failure"}, - {ERR_REASON(EC_R_ECIES_DECRYPT_WITH_RECOMMENDED_FAILED), - "ecies decrypt with recommended failed"}, {ERR_REASON(EC_R_ECIES_ENCRYPT_FAILED), "ecies encrypt failed"}, - {ERR_REASON(EC_R_ECIES_ENCRYPT_WITH_RECOMMENDED_FAILED), - "ecies encrypt with recommended failed"}, {ERR_REASON(EC_R_ECIES_VERIFY_MAC_FAILURE), "ecies verify mac failure"}, {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"}, + {ERR_REASON(EC_R_ENCODE_ERROR), "encode error"}, {ERR_REASON(EC_R_ENCRYPT_FAILED), "encrypt failed"}, {ERR_REASON(EC_R_ENCRYPT_FAILURE), "encrypt failure"}, {ERR_REASON(EC_R_ERROR), "error"}, {ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"}, {ERR_REASON(EC_R_GEN_MAC_FAILED), "gen mac failed"}, - {ERR_REASON(EC_R_GET_CIPHERTEXT_SIZE_FAILED), - "get ciphertext size failed"}, - {ERR_REASON(EC_R_GET_KDF_FAILED), "get kdf failed"}, {ERR_REASON(EC_R_GET_PUBLIC_KEY_DATA_FAILURE), "get public key data failure"}, {ERR_REASON(EC_R_GET_TYPE1CURVE_ZETA_FAILURE), @@ -315,11 +280,11 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"}, {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE), "group2pkparameters failure"}, + {ERR_REASON(EC_R_GROUP_MISMATCH), "group mismatch"}, {ERR_REASON(EC_R_HMAC_FAILURE), "hmac failure"}, {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE), "i2d ecpkparameters failure"}, {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"}, - {ERR_REASON(EC_R_INNOR_ERROR), "innor error"}, {ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"}, {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"}, {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"}, @@ -330,7 +295,8 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_INVALID_ECIES_CIPHERTEXT), "invalid ecies ciphertext"}, {ERR_REASON(EC_R_INVALID_ECIES_PARAMETERS), "invalid ecies parameters"}, {ERR_REASON(EC_R_INVALID_ECIES_PARAMS), "invalid ecies params"}, - {ERR_REASON(EC_R_INVALID_EC_KEY), "invalid ec key"}, + {ERR_REASON(EC_R_INVALID_EC_ENCRYPT_PARAM), "invalid ec encrypt param"}, + {ERR_REASON(EC_R_INVALID_EC_SCHEME), "invalid ec scheme"}, {ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"}, {ERR_REASON(EC_R_INVALID_ENC_PARAM), "invalid enc param"}, {ERR_REASON(EC_R_INVALID_ENC_TYPE), "invalid enc type"}, @@ -346,6 +312,7 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_INVALID_PEER_KEY), "invalid peer key"}, {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"}, {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"}, + {ERR_REASON(EC_R_INVALID_SIGNER_ID), "invalid signer id"}, {ERR_REASON(EC_R_INVALID_SM2_ID), "invalid sm2 id"}, {ERR_REASON(EC_R_INVALID_SM2_KAP_CHECKSUM_LENGTH), "invalid sm2 kap checksum length"}, @@ -357,37 +324,28 @@ static ERR_STRING_DATA EC_str_reasons[] = { {ERR_REASON(EC_R_INVLID_TYPE1CURVE), "invlid type1curve"}, {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"}, - {ERR_REASON(EC_R_MALLOC_FAILED), "malloc failed"}, {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"}, {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"}, {ERR_REASON(EC_R_NEED_NEW_SETUP_VALUES), "need new setup values"}, - {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"}, + {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a nist prime"}, {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"}, {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"}, {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"}, {ERR_REASON(EC_R_NO_PRIVATE_VALUE), "no private value"}, - {ERR_REASON(EC_R_NULL_ARGUMENT), "null argument"}, - {ERR_REASON(EC_R_OCT2POINT_FAILED), "oct2point failed"}, {ERR_REASON(EC_R_OPERATION_NOT_SUPPORTED), "operation not supported"}, {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"}, {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"}, {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE), "pkparameters2group failure"}, - {ERR_REASON(EC_R_POINT2OCT_FAILED), "point2oct failed"}, {ERR_REASON(EC_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, {ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"}, {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"}, - {ERR_REASON(EC_R_POINT_NEW_FAILED), "point new failed"}, {ERR_REASON(EC_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"}, {ERR_REASON(EC_R_SHARED_INFO_ERROR), "shared info error"}, {ERR_REASON(EC_R_SLOT_FULL), "slot full"}, {ERR_REASON(EC_R_SM2_DECRYPT_FAILED), "sm2 decrypt failed"}, - {ERR_REASON(EC_R_SM2_DECRYPT_WITH_RECOMMENDED_FAILED), - "sm2 decrypt with recommended failed"}, {ERR_REASON(EC_R_SM2_ENCRYPT_FAILED), "sm2 encrypt failed"}, - {ERR_REASON(EC_R_SM2_ENCRYPT_WITH_RECOMMENDED_FAILED), - "sm2 encrypt with recommended failed"}, {ERR_REASON(EC_R_SM2_KAP_NOT_INITED), "sm2 kap not inited"}, {ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"}, {ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"}, diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index 56f4447e..0a27793a 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -30,7 +30,7 @@ #include #endif -#include "e_os.h" +#include "../../e_os.h" #if defined(__SUNPRO_C) # if __SUNPRO_C >= 0x520 diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index d45580b2..6fafb7e4 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -8,6 +8,7 @@ */ #include +#include #include "internal/cryptlib.h" #include #include @@ -17,6 +18,7 @@ #include "internal/evp_int.h" #ifndef OPENSSL_NO_SM2 # include +# include #endif /* EC pkey context structure */ @@ -40,10 +42,10 @@ typedef struct { /* KDF output length */ size_t kdf_outlen; #ifndef OPENSSL_NO_SM2 - int sign_type; - int exch_type; - int enc_type; - int enc_param; + int ec_scheme; + char *signer_id; + unsigned char *signer_zid; + int ec_encrypt_param; #endif } EC_PKEY_CTX; @@ -58,10 +60,10 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx) dctx->cofactor_mode = -1; dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE; #ifndef OPENSSL_NO_SM2 - dctx->sign_type = NID_secg_scheme; - dctx->exch_type = NID_secg_scheme; - dctx->enc_type = NID_secg_scheme; - dctx->enc_param = NID_sm3; + dctx->ec_scheme = NID_sm_scheme; + dctx->signer_id = NULL; + dctx->signer_zid = NULL; + dctx->ec_encrypt_param = NID_sm3; #endif ctx->data = dctx; return 1; @@ -97,10 +99,14 @@ static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) dctx->kdf_ukm = NULL; dctx->kdf_ukmlen = sctx->kdf_ukmlen; #ifndef OPENSSL_NO_SM2 - dctx->sign_type = sctx->sign_type; - dctx->exch_type = sctx->exch_type; - dctx->enc_type = sctx->enc_type; - dctx->enc_param = sctx->enc_param; + dctx->ec_scheme = sctx->ec_scheme; + if (sctx->signer_id) { + dctx->signer_id = OPENSSL_strdup(sctx->signer_id); + if (!dctx->signer_id) + return 0; + } + dctx->signer_zid = NULL; + dctx->ec_encrypt_param = sctx->ec_encrypt_param; #endif return 1; } @@ -113,6 +119,10 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) EC_KEY_free(dctx->co_key); OPENSSL_free(dctx->kdf_ukm); OPENSSL_free(dctx); +#ifndef OPENSSL_NO_SM2 + OPENSSL_free(dctx->signer_id); + OPENSSL_free(dctx->signer_zid); +#endif } } @@ -138,7 +148,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, type = NID_sha1; #ifndef OPENSSL_NO_SM2 - if (dctx->sign_type == NID_sm_scheme) + if (dctx->ec_scheme == NID_sm_scheme) ret = SM2_sign(NID_undef, tbs, tbslen, sig, &sltmp, ec); else #endif @@ -165,7 +175,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx, type = NID_sha1; #ifndef OPENSSL_NO_SM2 - if (dctx->sign_type == NID_sm_scheme) + if (dctx->ec_scheme == NID_sm_scheme) ret = SM2_verify(NID_undef, tbs, tbslen, sig, siglen, ec); else #endif @@ -182,15 +192,15 @@ static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec_key = ctx->pkey->pkey.ec; - switch (dctx->enc_type) { + switch (dctx->ec_scheme) { case NID_sm_scheme: - if (!SM2_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) { + if (!SM2_encrypt(dctx->ec_encrypt_param, in, inlen, out, outlen, ec_key)) { ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_FAILED); return 0; } break; case NID_secg_scheme: - if (!ECIES_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) { + if (!ECIES_encrypt(dctx->ec_encrypt_param, in, inlen, out, outlen, ec_key)) { ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_FAILED); return 0; } @@ -209,15 +219,15 @@ static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec_key = ctx->pkey->pkey.ec; - switch (dctx->enc_type) { + switch (dctx->ec_scheme) { case NID_sm_scheme: - if (!SM2_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) { + if (!SM2_decrypt(dctx->ec_encrypt_param, in, inlen, out, outlen, ec_key)) { ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_FAILED); return 0; } break; case NID_secg_scheme: - if (!ECIES_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) { + if (!ECIES_decrypt(dctx->ec_encrypt_param, in, inlen, out, outlen, ec_key)) { ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_FAILED); return 0; } @@ -264,9 +274,12 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, outlen = *keylen; #ifndef OPENSSL_NO_SM2 - if (dctx->exch_type == NID_sm_scheme) + +/* + if (dctx->ec_scheme == NID_sm_scheme) ret = SM2_compute_key(key, outlen, pubkey, eckey, 0); else +*/ #endif ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0); @@ -378,40 +391,83 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; #ifndef OPENSSL_NO_SM2 - case EVP_PKEY_CTRL_EC_SIGN_TYPE: - if (p1 == -2) - return dctx->sign_type; - if (p1 != NID_secg_scheme && p1 != NID_sm_scheme) + case EVP_PKEY_CTRL_EC_SCHEME: + if (p1 == -2) { + return dctx->ec_scheme; + } + if (p1 != NID_secg_scheme && p1 != NID_sm_scheme) { + ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_EC_SCHEME); + return 0; + } + dctx->ec_scheme = p1; + return 1; + + case EVP_PKEY_CTRL_SIGNER_ID: + if (!p2 || !strlen((char *)p2) || strlen((char *)p2) > SM2_MAX_ID_LENGTH) { + ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_SIGNER_ID); + return 0; + } else { + char *id = NULL; + if (!(id = OPENSSL_strdup((char *)p2))) { + ECerr(EC_F_PKEY_EC_CTRL, ERR_R_MALLOC_FAILURE); + return 0; + } + if (dctx->signer_id) + OPENSSL_free(dctx->signer_id); + dctx->signer_id = id; + if (dctx->ec_scheme == NID_sm_scheme) { + EC_KEY *ec_key = ctx->pkey->pkey.ec; + unsigned char zid[SM3_DIGEST_LENGTH]; + size_t zidlen = SM3_DIGEST_LENGTH; + if (!SM2_compute_id_digest(EVP_sm3(), dctx->signer_id, + strlen(dctx->signer_id), zid, &zidlen, ec_key)) { + ECerr(EC_F_PKEY_EC_CTRL, ERR_R_SM2_LIB); + return 0; + } + if (!dctx->signer_zid) { + if (!(dctx->signer_zid = OPENSSL_malloc(zidlen))) { + ECerr(EC_F_PKEY_EC_CTRL, ERR_R_MALLOC_FAILURE); + return 0; + } + } + memcpy(dctx->signer_zid, zid, zidlen); + } + } + return 1; + + case EVP_PKEY_CTRL_GET_SIGNER_ID: + *(const char **)p2 = dctx->signer_id; + return 1; + + case EVP_PKEY_CTRL_GET_SIGNER_ZID: + if (dctx->ec_scheme != NID_sm_scheme) { + *(const unsigned char **)p2 = NULL; return -2; - dctx->sign_type = p1; + } + if (!dctx->signer_zid) { + EC_KEY *ec_key = ctx->pkey->pkey.ec; + unsigned char *zid; + size_t zidlen = SM3_DIGEST_LENGTH; + if (!(zid = OPENSSL_malloc(zidlen))) { + ECerr(EC_F_PKEY_EC_CTRL, ERR_R_MALLOC_FAILURE); + return 0; + } + if (!SM2_compute_id_digest(EVP_sm3(), SM2_DEFAULT_ID, + SM2_DEFAULT_ID_LENGTH, zid, &zidlen, ec_key)) { + ECerr(EC_F_PKEY_EC_CTRL, ERR_R_SM2_LIB); + OPENSSL_free(zid); + return 0; + } + dctx->signer_zid = zid; + } + *(const unsigned char **)p2 = dctx->signer_zid; return 1; - case EVP_PKEY_CTRL_GET_EC_SIGN_TYPE: - *(int *)p2 = dctx->sign_type; - return 1; - - case EVP_PKEY_CTRL_EC_ENC_TYPE: - if (p1 == -2) - return dctx->enc_type; - if (p1 != NID_secg_scheme && p1 != NID_sm_scheme) - return -2; - dctx->enc_type = p1; - return 1; - - case EVP_PKEY_CTRL_GET_EC_ENC_TYPE: - *(int *)p2 = dctx->enc_type; - return 1; - - case EVP_PKEY_CTRL_EC_DH_TYPE: - if (p1 == -2) - return dctx->exch_type; - if (p1 != NID_secg_scheme && p1 != NID_sm_scheme) - return -2; - dctx->exch_type = p1; - return 1; - - case EVP_PKEY_CTRL_GET_EC_DH_TYPE: - *(int *)p2 = dctx->exch_type; + case EVP_PKEY_CTRL_EC_ENCRYPT_PARAM: + if (p1 == -2) { + return dctx->ec_encrypt_param; + } + dctx->ec_encrypt_param = p1; return 1; #endif @@ -495,34 +551,24 @@ static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx, } return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid); #ifndef OPENSSL_NO_SM2 - } else if (!strcmp(type, "signer")) { - } else if (!strcmp(type, "ec_sign_algor")) { - int sign_type; - if (!strcmp(value, "ecdsa")) - sign_type = NID_secg_scheme; + } else if (!strcmp(type, "ec_scheme")) { + int scheme; + if (!strcmp(value, "secg")) + scheme = NID_secg_scheme; else if (!strcmp(value, "sm2")) - sign_type = NID_sm_scheme; + scheme = NID_sm_scheme; else return -2; - return EVP_PKEY_CTX_set_ec_sign_type(ctx, sign_type); - } else if (!strcmp(type, "ec_encrypt_algor")) { - int enc_type; - if (!strcmp(value, "ecies")) - enc_type = NID_secg_scheme; - else if (!strcmp(value, "sm2")) - enc_type = NID_sm_scheme; - else - return -2; - return EVP_PKEY_CTX_set_ec_enc_type(ctx, enc_type); - } else if (!strcmp(type, "ec_derive_algor")) { - int dh_type; - if (!strcmp(value, "ecdh")) - dh_type = NID_secg_scheme; - else if (!strcmp(value, "sm2")) - dh_type = NID_sm_scheme; - else - return -2; - return EVP_PKEY_CTX_set_ec_dh_type(ctx, dh_type); + return EVP_PKEY_CTX_set_ec_scheme(ctx, scheme); + } else if (!strcmp(type, "signer_id")) { + return EVP_PKEY_CTX_set_signer_id(ctx, value); + } else if (!strcmp(type, "ec_encrypt_param")) { + int encrypt_param; + if (!(encrypt_param = OBJ_txt2nid(value))) { + ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_EC_ENCRYPT_PARAM); + return 0; + } + return EVP_PKEY_CTX_set_ec_encrypt_param(ctx, encrypt_param); #endif } else if (strcmp(type, "ec_param_enc") == 0) { int param_enc; diff --git a/crypto/ec/ecdsa_bssl.c b/crypto/ec/ecdsa_bssl.c new file mode 100644 index 00000000..b2321d83 --- /dev/null +++ b/crypto/ec/ecdsa_bssl.c @@ -0,0 +1,157 @@ +/* ==================================================================== + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include + +#include +#include + +#include +#include +#include +#include +#include + +#include "../bytestring/internal.h" +#include "../ec/ec_lcl.h" +#include "../internal.h" + + +ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { + ECDSA_SIG *ret = ECDSA_SIG_new(); + if (ret == NULL) { + return NULL; + } + CBS child; + if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || + !BN_parse_asn1_unsigned(&child, ret->r) || + !BN_parse_asn1_unsigned(&child, ret->s) || + CBS_len(&child) != 0) { + //OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) { + CBS cbs; + CBS_init(&cbs, in, in_len); + ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); + if (ret == NULL || CBS_len(&cbs) != 0) { + //OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); + ECDSA_SIG_free(ret); + return NULL; + } + return ret; +} + +int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig) { + CBB child; + if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) || + !BN_marshal_asn1(&child, sig->r) || + !BN_marshal_asn1(&child, sig->s) || + !CBB_flush(cbb)) { + //OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + return 0; + } + return 1; +} + +int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len, + const ECDSA_SIG *sig) { + CBB cbb; + CBB_zero(&cbb); + if (!CBB_init(&cbb, 0) || + !ECDSA_SIG_marshal(&cbb, sig) || + !CBB_finish(&cbb, out_bytes, out_len)) { + //OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR); + CBB_cleanup(&cbb); + return 0; + } + return 1; +} + +/* der_len_len returns the number of bytes needed to represent a length of |len| + * in DER. */ +static size_t der_len_len(size_t len) { + if (len < 0x80) { + return 1; + } + size_t ret = 1; + while (len > 0) { + ret++; + len >>= 8; + } + return ret; +} + +size_t ECDSA_SIG_max_len(size_t order_len) { + /* Compute the maximum length of an |order_len| byte integer. Defensively + * assume that the leading 0x00 is included. */ + size_t integer_len = 1 /* tag */ + der_len_len(order_len + 1) + 1 + order_len; + if (integer_len < order_len) { + return 0; + } + /* An ECDSA signature is two INTEGERs. */ + size_t value_len = 2 * integer_len; + if (value_len < integer_len) { + return 0; + } + /* Add the header. */ + size_t ret = 1 /* tag */ + der_len_len(value_len) + value_len; + if (ret < value_len) { + return 0; + } + return ret; +} + diff --git a/crypto/ec2/bn_gfp2.c b/crypto/ec2/bn_gfp2.c index 2bc63f49..f4f77bc1 100644 --- a/crypto/ec2/bn_gfp2.c +++ b/crypto/ec2/bn_gfp2.c @@ -352,10 +352,7 @@ int BN_GFP2_set_bn(BN_GFP2 *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) BNerr(BN_F_BN_GFP2_SET_BN, ERR_R_BN_LIB); return 0; } - if (!BN_zero(r->a1)) { - BNerr(BN_F_BN_GFP2_SET_BN, ERR_R_BN_LIB); - return 0; - } + BN_zero(r->a1); return 1; } diff --git a/crypto/ec2/bn_solinas.c b/crypto/ec2/bn_solinas.c index 7736a07b..919680d0 100644 --- a/crypto/ec2/bn_solinas.c +++ b/crypto/ec2/bn_solinas.c @@ -70,6 +70,8 @@ #define BN_SOLINAS_1024V1 7 #define BN_SOLINAS_1024V2 8 +#if 0 +//remove warnings static BN_SOLINAS BN_solinas_table[] = { { 192, 16, -1, -1 }, { 192, 64, -1, -1 }, @@ -81,6 +83,7 @@ static BN_SOLINAS BN_solinas_table[] = { { 1024, 424, -1, -1 }, { 1024, 856, -1, 1 }, }; +#endif /* * solinas = 2^a + s * 2^b + c, where s, c in {1, -1} diff --git a/crypto/ec2/ec_type1.c b/crypto/ec2/ec_type1.c index 557bd092..0131cf94 100644 --- a/crypto/ec2/ec_type1.c +++ b/crypto/ec2/ec_type1.c @@ -585,12 +585,14 @@ ERR_R_BN_LIB); goto end; } - +#if 0 + //warning if (!BN_GFP2_div(ret, num, den, p, bn_ctx)) { ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK, ERR_R_BN_LIB); goto end; } +#endif ret = 1; @@ -783,6 +785,7 @@ int EC_type1curve_tate_ratio(const EC_GROUP *group, BN_GFP2 *r, return 0; } +#if 0 typedef struct { int security_bits; int n_bits; @@ -798,6 +801,7 @@ static TYPE1CURVE_SEC sec_tbl[] = { {192, 7680, 3840, 384}, {256, 15360, 7680, 512} }; +#endif const EVP_MD *TYPE1CURVE_nbits_to_md(int nbits) { diff --git a/crypto/ecies/ecies_asn1.c b/crypto/ecies/ecies_asn1.c index 9aa5b061..35af1e19 100644 --- a/crypto/ecies/ecies_asn1.c +++ b/crypto/ecies/ecies_asn1.c @@ -196,8 +196,6 @@ ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param, goto end; } - OpenSSL_add_all_digests(); - /* kdf */ ret->kdf_nid = OBJ_obj2nid(asn1->kdf->algorithm); if (ret->kdf_nid != NID_x9_63_kdf) { diff --git a/crypto/ecies/ecies_lib.c b/crypto/ecies/ecies_lib.c index 14d81e0d..a3908ed0 100644 --- a/crypto/ecies/ecies_lib.c +++ b/crypto/ecies/ecies_lib.c @@ -52,9 +52,15 @@ #include #include #include -#include +#include + +#ifndef OPENSSL_NO_AES +# include +#endif #include -#include +#ifndef OPENSSL_NO_CMAC +# include +#endif #include #include #include @@ -72,6 +78,7 @@ int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type) } switch (type) { +#ifndef OPENSSL_NO_SHA case NID_ecies_with_x9_63_sha1_xor_hmac: params->kdf_nid = NID_x9_63_kdf; params->kdf_md = EVP_sha1(); @@ -79,6 +86,7 @@ int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type) params->mac_nid = NID_hmac_full_ecies; params->hmac_md = EVP_sha1(); break; +# ifndef OPENSSL_NO_SHA256 case NID_ecies_with_x9_63_sha256_xor_hmac: params->kdf_nid = NID_x9_63_kdf; params->kdf_md = EVP_sha256(); @@ -86,6 +94,8 @@ int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type) params->mac_nid = NID_hmac_full_ecies; params->hmac_md = EVP_sha256(); break; +# endif +#endif default: ECerr(EC_F_ECIES_PARAMS_INIT_WITH_TYPE, EC_R_INVALID_ECIES_PARAMS); return 0; @@ -103,11 +113,14 @@ int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param) } memset(param, 0, sizeof(*param)); +#ifndef OPENSSL_NO_SHA param->kdf_nid = NID_x9_63_kdf; param->kdf_md = EVP_sha256(); param->enc_nid = NID_xor_in_ecies; param->mac_nid = NID_hmac_full_ecies; param->hmac_md = EVP_sha256(); + // we should return error when sha256 disabled +#endif return 1; } @@ -149,9 +162,12 @@ int ECIES_PARAMS_get_enc(const ECIES_PARAMS *param, size_t inlen, cipher = NULL; keylen = inlen; break; +#ifndef OPENSSL_NO_DES case NID_tdes_cbc_in_ecies: cipher = EVP_des_ede_cbc(); break; +#endif +#ifndef OPENSSL_NO_AES case NID_aes128_cbc_in_ecies: cipher = EVP_aes_128_cbc(); break; @@ -170,6 +186,7 @@ int ECIES_PARAMS_get_enc(const ECIES_PARAMS *param, size_t inlen, case NID_aes256_ctr_in_ecies: cipher = EVP_aes_256_ctr(); break; +#endif default: ECerr(EC_F_ECIES_PARAMS_GET_ENC, EC_R_INVALID_ECIES_PARAMETERS); return 0; @@ -227,6 +244,7 @@ int ECIES_PARAMS_get_mac(const ECIES_PARAMS *param, keylen = EVP_MD_size(md); outlen = EVP_MD_size(md)/2; break; +#ifndef OPENSSL_NO_AES case NID_cmac_aes128_ecies: cipher = EVP_aes_128_ecb(); break; @@ -236,6 +254,7 @@ int ECIES_PARAMS_get_mac(const ECIES_PARAMS *param, case NID_cmac_aes256_ecies: cipher = EVP_aes_256_ecb(); break; +#endif default: ECerr(EC_F_ECIES_PARAMS_GET_MAC, EC_R_INVALID_ECIES_PARAMETERS); @@ -255,6 +274,11 @@ int ECIES_PARAMS_get_mac(const ECIES_PARAMS *param, return 1; } +int ECIES_CIPHERTEXT_VALUE_ciphertext_length(const ECIES_CIPHERTEXT_VALUE *a) +{ + return ASN1_STRING_length(a->ciphertext); +} + ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param, const unsigned char *in, size_t inlen, EC_KEY *ec_key) { diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index 6f0a066d..c17c7a45 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -125,8 +125,9 @@ static int int_engine_configure(const char *name, const char *value, const CONF } else if (strcmp(ctrlname, "default_algorithms") == 0) { if (!ENGINE_set_default_string(e, ctrlvalue)) goto err; - } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0)) + } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0)) { goto err; + } } } diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c index 7925f4fa..02ba1a88 100644 --- a/crypto/engine/eng_ctrl.c +++ b/crypto/engine/eng_ctrl.c @@ -245,6 +245,9 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, ERR_R_PASSED_NULL_PARAMETER); return 0; } + if (arg && *arg == 0) { + arg = NULL; + } if (e->ctrl == NULL || (num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0, (void *)cmd_name, NULL)) <= 0) { diff --git a/crypto/err/err.c b/crypto/err/err.c index 1ce6b57a..7f209432 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -73,9 +73,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_SDF, 0, 0), "SDF routines"}, {ERR_PACK(ERR_LIB_SKF, 0, 0), "SKF routines"}, {ERR_PACK(ERR_LIB_SOF, 0, 0), "SOF routines"}, - #ifndef OPENSSL_NO_BASE58 - {ERR_PACK(ERR_LIB_BASE58, 0, 0), "BASE58 routines"}, - #endif + {ERR_PACK(ERR_LIB_BASE58, 0, 0), "BASE58 routines"}, {0, NULL}, }; @@ -134,9 +132,8 @@ static ERR_STRING_DATA ERR_str_reasons[] = { {ERR_R_SDF_LIB, "SDF lib"}, {ERR_R_SKF_LIB, "SKF lib"}, {ERR_R_SOF_LIB, "SOF lib"}, - #ifndef OPENSSL_NO_BASE58 {ERR_R_BASE58_LIB, "BASE58 lib"}, - #endif + {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"}, {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"}, diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index 107fcd44..7541f458 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -8,16 +8,26 @@ */ #include +#include + #include "internal/err_int.h" #include #include -#include +#ifndef OPENSSL_NO_EC +# include +#endif #include #include #include -#include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DH +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #include #include #include @@ -35,26 +45,58 @@ # include #endif #include -#include -#include -#include +#ifndef OPENSSL_NO_CMS +# include +#endif +#ifndef OPENSSL_NO_CT +# include +#endif +#ifndef OPENSSL_NO_ASYNC +# include +#endif #include #include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include +#ifndef OPENSSL_NO_FFX +# include +#endif +#ifndef OPENSSL_NO_PAILLIER +# include +#endif +#ifndef OPENSSL_NO_CPK +# include +#endif +#ifndef OPENSSL_NO_OTP +# include +#endif +#ifndef OPENSSL_NO_GMAPI +# include +#endif +#ifndef OPENSSL_NO_BFIBE +# include +#endif +#ifndef OPENSSL_NO_BB1IBE +# include +#endif +#ifndef OPENSSL_NO_SM2 +# include +#endif +#ifndef OPENSSL_NO_SM9 +# include +#endif +#ifndef OPENSSL_NO_SAF +# include +#endif +#ifndef OPENSSL_NO_SDF +# include +#endif +#ifndef OPENSSL_NO_SKF +# include +#endif +#ifndef OPENSSL_NO_SOF +# include +#endif #ifndef OPENSSL_NO_BASE58 -#include +# include #endif @@ -94,7 +136,9 @@ int err_load_crypto_strings_int(void) ERR_load_BIO_strings() == 0 || ERR_load_PKCS7_strings() == 0 || ERR_load_X509V3_strings() == 0 || +# ifndef OPENSSL_NO_PKCS12 ERR_load_PKCS12_strings() == 0 || +# endif ERR_load_RAND_strings() == 0 || ERR_load_DSO_strings() == 0 || # ifndef OPENSSL_NO_TS diff --git a/crypto/evp/build.info b/crypto/evp/build.info index b9bc6fd0..99a4b37c 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -15,7 +15,7 @@ SOURCE[../../libcrypto]=\ e_chacha20_poly1305.c cmeth_lib.c \ m_sm3.c \ e_sms4.c e_sms4_ccm.c e_sms4_gcm.c e_sms4_ocb.c e_sms4_wrap.c e_sms4_xts.c \ - evp_ctxt.c + evp_ctxt.c names2.c evp_nomacro.c INCLUDE[e_aes.o]=.. ../modes INCLUDE[e_aes_cbc_hmac_sha1.o]=../modes diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 2e8ff3c0..ea9b7a05 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -49,8 +49,10 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_des_ede3()); EVP_add_cipher_alias(SN_des_ede3_ecb, "DES-EDE3-ECB"); EVP_add_cipher_alias(SN_des_ede3_ecb, "des-ede3-ecb"); +# ifndef OPENSSL_NO_SHA EVP_add_cipher(EVP_des_ede3_wrap()); EVP_add_cipher_alias(SN_id_smime_alg_CMS3DESwrap, "des3-wrap"); +# endif #endif #ifndef OPENSSL_NO_RC4 @@ -177,6 +179,8 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_256_wrap_pad()); EVP_add_cipher_alias(SN_aes_256_cbc, "AES256"); EVP_add_cipher_alias(SN_aes_256_cbc, "aes256"); +#endif +#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 5430fb39..736f2a8d 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -22,9 +22,11 @@ void openssl_add_all_digests_int(void) #ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl3-md5"); +#endif +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) EVP_add_digest(EVP_md5_sha1()); #endif -#ifndef OPENSSL_NO_SHA1 +#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); @@ -37,11 +39,15 @@ void openssl_add_all_digests_int(void) EVP_add_digest_alias(SN_ripemd160, "ripemd"); EVP_add_digest_alias(SN_ripemd160, "rmd160"); #endif -#ifndef OPENSSL_NO_SHA1 +#ifndef OPENSSL_NO_SHA +# ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); +# endif +# ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); +# endif #endif #ifndef OPENSSL_NO_WHIRLPOOL EVP_add_digest(EVP_whirlpool()); diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 63cd2edd..42793ad9 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -14,6 +14,9 @@ #include #include "internal/evp_int.h" #include "evp_locl.h" +#ifndef OPENSSL_NO_SM2 +# include +#endif /* This call frees resources associated with the context */ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) @@ -146,13 +149,13 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) { #ifndef OPENSSL_NO_SM2 - if (!ctx->is_updated && ctx->pctx && ctx->pctx->pre_update) { - if (!ctx->update(ctx, ctx->pctx->pre_update, - ctx->pctx->pre_update_len)) { - return 0; + if (ctx->pctx && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_UPDATED)) { + const unsigned char *zid; + if (1 == EVP_PKEY_CTX_get_signer_zid(ctx->pctx, &zid)) { + ctx->update(ctx, zid, 32); } + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_UPDATED); } - ctx->is_updated = 1; #endif return ctx->update(ctx, data, count); } diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index 407b2b54..e9a49259 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -8,7 +8,7 @@ */ #include -#ifdef OPENSSL_NO_AES +#if defined(OPENSSL_NO_AES) || defined(OPENSSL_NO_SHA) NON_EMPTY_TRANSLATION_UNIT #else diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index 6d814131..a1c3be54 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -8,7 +8,7 @@ */ #include -#ifdef OPENSSL_NO_AES +#if defined(OPENSSL_NO_AES) || defined(OPENSSL_NO_SHA) NON_EMPTY_TRANSLATION_UNIT #else diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index da77936c..499826b0 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -307,8 +307,8 @@ const EVP_CIPHER *EVP_des_ede3(void) return &des_ede3_ecb; } - -# include +# ifndef OPENSSL_NO_SHA +# include static const unsigned char wrap_iv[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; @@ -420,5 +420,5 @@ const EVP_CIPHER *EVP_des_ede3_wrap(void) { return &des3_wrap; } - +# endif /* OPENSSL_NO_SHA */ #endif diff --git a/crypto/evp/e_old.c b/crypto/evp/e_old.c index 927908f8..020b76eb 100644 --- a/crypto/evp/e_old.c +++ b/crypto/evp/e_old.c @@ -89,25 +89,27 @@ const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void) } # endif -# undef EVP_aes_128_cfb +# ifndef OPENSSL_NO_AES +# undef EVP_aes_128_cfb const EVP_CIPHER *EVP_aes_128_cfb(void); const EVP_CIPHER *EVP_aes_128_cfb(void) { return EVP_aes_128_cfb128(); } -# undef EVP_aes_192_cfb +# undef EVP_aes_192_cfb const EVP_CIPHER *EVP_aes_192_cfb(void); const EVP_CIPHER *EVP_aes_192_cfb(void) { return EVP_aes_192_cfb128(); } -# undef EVP_aes_256_cfb +# undef EVP_aes_256_cfb const EVP_CIPHER *EVP_aes_256_cfb(void); const EVP_CIPHER *EVP_aes_256_cfb(void) { return EVP_aes_256_cfb128(); } +# endif #endif diff --git a/crypto/evp/e_sms4.c b/crypto/evp/e_sms4.c index ee06b353..f80cad6c 100644 --- a/crypto/evp/e_sms4.c +++ b/crypto/evp/e_sms4.c @@ -122,7 +122,7 @@ static int sms4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const EVP_CIPHER sms4_cfb1 = { NID_sms4_cfb1, - SMS4_BLOCK_SIZE, + 1, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, EVP_CIPH_CTR_MODE, @@ -151,7 +151,7 @@ static int sms4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const EVP_CIPHER sms4_cfb8 = { NID_sms4_cfb8, - SMS4_BLOCK_SIZE, + 1, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, EVP_CIPH_CTR_MODE, @@ -182,7 +182,7 @@ static int sms4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const EVP_CIPHER sms4_ctr = { NID_sms4_ctr, - SMS4_BLOCK_SIZE, + 1, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, EVP_CIPH_CTR_MODE, diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index a7ab3483..fa2ded1b 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -136,6 +136,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"}, {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"}, {ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"}, + {ERR_REASON(EVP_R_NO_AVAIABLE_DIGEST), "no avaiable digest"}, {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"}, {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"}, {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"}, @@ -149,6 +150,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"}, {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"}, + {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA_OR_EC), "public key not rsa or ec"}, {ERR_REASON(EVP_R_RSA_PUBLIC_ENCRYPT_FAILED), "rsa public encrypt failed"}, {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"}, diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index c148c892..f13d10e6 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -525,6 +525,16 @@ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx) return ctx->md_data; } +void *EVP_MD_CTX_set_md_data(EVP_MD_CTX *ctx, void *md_data) +{ + void *old_md_data; + + old_md_data = ctx->md_data; + ctx->md_data = md_data; + + return old_md_data; +} + int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, const void *data, size_t count) { diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 1f9a22e5..d5de73a7 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -9,6 +9,10 @@ /* EVP_MD_CTX related stuff */ +#ifndef OPENSSL_NO_SM2 +# define EVP_MD_CTX_FLAG_UPDATED 0x0400 +#endif + struct evp_md_ctx_st { const EVP_MD *digest; ENGINE *engine; /* functional reference if 'digest' is @@ -19,7 +23,6 @@ struct evp_md_ctx_st { EVP_PKEY_CTX *pctx; /* Update function: usually copied from EVP_MD */ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); - int is_updated; } /* EVP_MD_CTX */ ; struct evp_cipher_ctx_st { diff --git a/crypto/evp/evp_nomacro.c b/crypto/evp/evp_nomacro.c new file mode 100644 index 00000000..6f50a414 --- /dev/null +++ b/crypto/evp/evp_nomacro.c @@ -0,0 +1,306 @@ + + +#ifdef OPENSSL_NO_MACRO +# ifndef OPENSSL_NO_RSA +int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *rsa) +{ + return EVP_PKEY_assign(pkey, EVP_PKEY_RSA, (char *)rsa); +} +# endif + +# ifndef OPENSSL_NO_DSA +int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *dsa) +{ + return EVP_PKEY_assign(pkey, EVP_PKEY_DSA, (char *)dsa); +} +# endif + +# ifndef OPENSSL_NO_DH +int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *dh) +{ + return EVP_PKEY_assign(pkey, EVP_PKEY_DH, (char *)dh); +} +# endif + +# ifndef OPENSSL_NO_EC +int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *ec_key) +{ + return EVP_PKEY_assign(pkey, EVP_PKEY_EC, (char *)ec_key); +} +# endif + +# ifndef OPENSSL_NO_PAILLIER +int EVP_PKEY_assign_PAILLIER(EVP_PKEY *pkey, PAILLIER *paillier) +{ + return EVP_PKEY_assign(pkey, EVP_PKEY_PAILLIER, (char *)paillier); +} +#endif + +const EVP_MD *EVP_get_digestbynid(int nid) +{ + return EVP_get_digestbyname(OBJ_nid2sn(nid)); +} + +const EVP_MD *EVP_get_digestbyobj(ASN1_OBJECT *obj) +{ + return EVP_get_digestbynid(OBJ_obj2nid(obj)); +} + +const EVP_CIPHER *EVP_get_cipherbynid(int nid) +{ + return EVP_get_cipherbyname(OBJ_nid2sn(nid)); +} + +const EVP_CIPHER *EVP_get_cipherbyobj(ASN1_OBJECT *obj) +{ + return EVP_get_cipherbynid(OBJ_obj2nid(obj)); +} + +int EVP_MD_nid(const EVP_MD *md) +{ + return EVP_MD_type(md); +} + +const char *EVP_MD_name(const EVP_MD *md) +{ + return OBJ_nid2sn(EVP_MD_nid(md)); +} + +int EVP_MD_CTX_size(EVP_MD_CTX *ctx) +{ + return EVP_MD_size(EVP_MD_CTX_md(ctx)); +} + +int EVP_MD_CTX_block_size(EVP_MD_CTX *ctx) +{ + return EVP_MD_block_size(EVP_MD_CTX_md(ctx)); +} + +int EVP_MD_CTX_type(EVP_MD_CTX *ctx) +{ + return EVP_MD_type(EVP_MD_CTX_md(ctx)); +} + +const char *EVP_CIPHER_name(const EVP_CIPHER *cipher) +{ + return OBJ_nid2sn(EVP_CIPHER_nid(cipher)); +} + +int EVP_CIPHER_mode(const EVP_CIPHER *cipher) +{ + return (EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE); +} + +int EVP_CIPHER_CTX_type(EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(ctx)); +} + +# if OPENSSL_API_COMPAT < 0x10100000L +int EVP_CIPHER_CTX_flags(EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)); +} +# endif + +int EVP_CIPHER_CTX_mode(EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(ctx)); +} + +long EVP_ENCODE_LENGTH(long l) +{ + return (((l+2)/3*4)+(l/48+1)*2+80); +} + +long EVP_DECODE_LENGTH(long l) +{ + return ((l+3)/4*3+80); +} + +__owur int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, + ENGINE *impl) +{ + return EVP_DigestInit_ex(ctx, type, impl); +} + +__owur int EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type) +{ + return EVP_DigestInit(ctx, type); +} + +__owur int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt) +{ + return EVP_DigestUpdate(ctx, d, cnt); +} + +__owur int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, + ENGINE *impl) +{ + return EVP_DigestInit_ex(ctx, type, impl); +} + +__owur int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type) +{ + return EVP_DigestInit(ctx, type); +} + +__owur int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt) +{ + return EVP_DigestUpdate(ctx, d, cnt); +} + +/*__owur*/ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, const unsigned char *in, int inl) +{ + return EVP_DecryptUpdate(ctx, out, outl, in, inl); +} + +/*__owur*/ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, const unsigned char *in, int inl) +{ + return EVP_EncryptUpdate(ctx, out, outl, in, inl); +} + +__owur int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt) +{ + return EVP_DigestUpdate(ctx, d, cnt); +} + +__owur int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt) +{ + return EVP_DigestUpdate(ctx, d, cnt); +} + +long BIO_get_md(BIO *bio, const EVP_MD **pmd) +{ + return BIO_ctrl(bio,BIO_C_GET_MD,0,(char *)pmd); +} + +long BIO_get_md_ctx(BIO *bio, EVP_MD_CTX **pmctx) +{ + return BIO_ctrl(bio,BIO_C_GET_MD_CTX,0,(char *)pmctx); +} + +long BIO_set_md_ctx(BIO *bio, EVP_MD_CTX *mctx) +{ + return BIO_ctrl(bio,BIO_C_SET_MD_CTX,0,(char *)mctx); +} + +long BIO_get_cipher_status(BIO *bio) +{ + return BIO_ctrl(bio,BIO_C_GET_CIPHER_STATUS,0,NULL); +} + +long BIO_get_cipher_ctx(BIO *bio, EVP_CIPHER_CTX *pcctx) +{ + return BIO_ctrl(bio,BIO_C_GET_CIPHER_CTX,0,(char *)pcctx) +} + +int EVP_add_cipher_alias(int type, const char *alias) +{ + return OBJ_NAME_add(alias, + OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS, type); +} + +int EVP_add_digest_alias(int type, const char *alias) +{ + return OBJ_NAME_add(alias, + OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, type); +} + +int EVP_delete_cipher_alias(const char *alias) +{ + return OBJ_NAME_remove(alias, + OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); +} + +int EVP_delete_digest_alias(const char *alias) +{ + return OBJ_NAME_remove(alias, + OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); +} + +EVP_MD_CTX *EVP_MD_CTX_create(void) +{ + return EVP_MD_CTX_new(); +} +int EVP_MD_CTX_init(EVP_MD_CTX *ctx) +{ + return EVP_MD_CTX_reset(ctx); +} + +void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) +{ + EVP_MD_CTX_free(ctx); +} + +# if OPENSSL_API_COMPAT < 0x10100000L +int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_CTX_reset(ctx); +} + +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_CTX_reset(ctx); +} +# endif + +int OPENSSL_add_all_algorithms_conf(void) +{ + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS + | OPENSSL_INIT_LOAD_CONFIG, NULL); +} + +int OPENSSL_add_all_algorithms_noconf(void) +{ + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); +} + +int OpenSSL_add_all_algorithms(void) +{ +# ifdef OPENSSL_LOAD_CONF + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS + | OPENSSL_INIT_LOAD_CONFIG, NULL); +# else + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS + | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); +# endif +} + +int OpenSSL_add_all_ciphers(void) +{ + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL); +} + +int OPENSSL_add_all_digests(void) +{ + return OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL); +} + +void OPENSSL_cleanup(void) +{ +} + +int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) +{ + return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_MD, 0, (void *)md); +} + +int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd) +{ + return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd); +} + +int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, int keylen) +{ + return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)key); +} +#endif diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index ce7aa2cf..a2bcc572 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -38,6 +38,7 @@ static const EVP_PBE_CTL builtin_pbe[] = { {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen}, +#ifndef OPENSSL_NO_PKCS12 {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen}, {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, @@ -50,6 +51,7 @@ static const EVP_PBE_CTL builtin_pbe[] = { NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen}, {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen}, +#endif {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen}, diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c index f3decaaf..932c16b4 100644 --- a/crypto/evp/m_md4.c +++ b/crypto/evp/m_md4.c @@ -16,7 +16,6 @@ # include # include # include -# include # include "internal/evp_int.h" static int init(EVP_MD_CTX *ctx) diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c index 2d98886b..8d791edb 100644 --- a/crypto/evp/m_md5_sha1.c +++ b/crypto/evp/m_md5_sha1.c @@ -7,7 +7,9 @@ * https://www.openssl.org/source/license.html */ -#if !defined(OPENSSL_NO_MD5) +#include + +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) # include # include @@ -16,7 +18,8 @@ # include # include "internal/cryptlib.h" # include "internal/evp_int.h" -# include +//# include +// try no rsa if md5_sha1 ok? struct md5_sha1_ctx { MD5_CTX md5; diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c index 07b46bd5..dcefaaf5 100644 --- a/crypto/evp/m_ripemd.c +++ b/crypto/evp/m_ripemd.c @@ -16,7 +16,6 @@ # include # include # include -# include # include "internal/evp_int.h" static int init(EVP_MD_CTX *ctx) diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 3b74f722..8ef292f7 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -150,20 +150,24 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) { if (vctx) { r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx); - } else + } else { r = EVP_DigestFinal_ex(ctx, md, &mdlen); + } } else { EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) + if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) { return -1; + } if (vctx) { r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx, sig, siglen, tmp_ctx); - } else + } else { r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen); + } EVP_MD_CTX_free(tmp_ctx); } - if (vctx || !r) + if (vctx || !r) { return r; + } return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); } diff --git a/crypto/evp/names2.c b/crypto/evp/names2.c new file mode 100644 index 00000000..909e1ef0 --- /dev/null +++ b/crypto/evp/names2.c @@ -0,0 +1,75 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "internal/cryptlib.h" +#include +#include +#include +#include "internal/evp_int.h" + +// 不同的cipher属性不同,似乎不能像MD那样简单处理 +const EVP_CIPHER *EVP_get_default_cipher(void) +{ + return NULL; +} + +/* + * use MD5 as default: + * X509_REQ_to_X509 x509_r2x.c + * X509_issuer_and_serial_hash x509_cmp.c + * X509_NAME_hash_old x509_cmp.c + * PEM_ASN1_write_bio pem_lib.c + */ +const EVP_MD *EVP_get_default_digest(void) +{ +#if !defined(OPENSSL_NO_MD5) + return EVP_md5(); +#elif !defined(OPENSSL_NO_SHA) + return EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + return EVP_sm3(); +#elif !defined(OPENSSL_NO_RIPEMD) + return EVP_rmd160(); +#else + return NULL; +#endif +} + +static void cipher_name_len(const EVP_CIPHER *cipher, const char *from, + const char *to, void *x) +{ + *((int *)x) += strlen(EVP_CIPHER_name(cipher)); +} + +static void cipher_name(const EVP_CIPHER *cipher, const char *from, + const char *to, void *x) +{ + strcat((char *)x, EVP_CIPHER_name(cipher)); +} + +char *EVP_get_ciphernames(int aliases) +{ + char *ret = NULL; + int len = 0; + EVP_CIPHER_do_all_sorted(cipher_name_len, &len); + + ret = OPENSSL_zalloc(len); + if (!ret) { + return NULL; + } + + EVP_CIPHER_do_all_sorted(cipher_name, ret); + return ret; +} + +char *EVP_get_digestnames(int aliases) +{ + return "sm3:sha1:sha256"; +} diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 2e45aa3b..ac74002a 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -121,6 +121,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, return 1; } +# ifndef OPENSSL_NO_SHA int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out) @@ -128,15 +129,20 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(), keylen, out); } +# endif # ifdef DO_TEST main() { unsigned char out[4]; unsigned char salt[] = { 0x12, 0x34, 0x56, 0x78 }; +# ifndef OPENSSL_NO_SHA PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out); fprintf(stderr, "Out %02X %02X %02X %02X\n", out[0], out[1], out[2], out[3]); +# else + fprintf(stderr, "PKCS5_PBKDF2_HMAC_SHA1() disabled\n"); +# endif } # endif diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c index 80a3d56d..81b4b7c1 100644 --- a/crypto/evp/p_dec.c +++ b/crypto/evp/p_dec.c @@ -57,11 +57,15 @@ #include #include "internal/cryptlib.h" -#include +#ifndef OPENSSL_NO_RSA +# include +#endif #include #include #include -#include +#ifndef OPENSSL_NO_SM2 +# include +#endif int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, EVP_PKEY *priv) @@ -80,9 +84,11 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl, #endif #ifndef OPENSSL_NO_SM2 + siz = ekl; if (!(ctx = EVP_PKEY_CTX_new(priv, NULL)) || !EVP_PKEY_decrypt_init(ctx) - || !EVP_PKEY_CTX_set_ec_enc_type(ctx, NID_sm_scheme) + || !EVP_PKEY_CTX_set_ec_scheme(ctx, NID_sm_scheme) + || !EVP_PKEY_CTX_set_ec_encrypt_param(ctx, NID_sm3) || !EVP_PKEY_decrypt(ctx, key, &siz, ek, ekl)) { EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, ERR_R_EVP_LIB); goto end; diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c index 7199ba10..6dde8d03 100644 --- a/crypto/evp/p_enc.c +++ b/crypto/evp/p_enc.c @@ -57,11 +57,15 @@ #include #include "internal/cryptlib.h" -#include +#ifndef OPENSSL_NO_RSA +# include +#endif #include #include #include -#include +#ifndef OPENSSL_NO_SM2 +# include +#endif int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in, int inlen, EVP_PKEY *pkey) @@ -82,23 +86,14 @@ int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in, # endif # ifndef OPENSSL_NO_SM2 - if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) { - EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, ERR_R_MALLOC_FAILURE); - return 0; - } - - if (!EVP_PKEY_encrypt_init(ctx)) { - EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, ERR_R_EVP_LIB); - return 0; - } - - if (!EVP_PKEY_CTX_set_ec_enc_type(ctx, NID_sm_scheme)) { - EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, ERR_R_EVP_LIB); - goto end; - } - - size = inlen + EVP_PKEY_size(pkey); - if (!EVP_PKEY_encrypt(ctx, out, &size, in, inlen)) { + /* hope the caller has prepared enough buffer for `out` + * because this function has no idea of the out length */ + if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL)) + || !EVP_PKEY_encrypt_init(ctx) + || !EVP_PKEY_CTX_set_ec_scheme(ctx, NID_sm_scheme) + || !EVP_PKEY_CTX_set_ec_encrypt_param(ctx, NID_sm3) + || !EVP_PKEY_encrypt(ctx, NULL, &size, in, inlen) + || !EVP_PKEY_encrypt(ctx, out, &size, in, inlen)) { EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, ERR_R_EVP_LIB); goto end; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 9b5d2947..8df5d3b3 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -14,10 +14,18 @@ #include #include #include -#include -#include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif +#ifndef OPENSSL_NO_DH +# include +#endif +#ifndef OPENSSL_NO_PAILLIER +# include +#endif #include #include "internal/asn1_int.h" diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index b65bc74e..d3fd2c71 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -34,12 +34,12 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, if (!priv) return 1; - if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) { - EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA); + if (EVP_PKEY_id(priv) != EVP_PKEY_RSA && EVP_PKEY_id(priv) != EVP_PKEY_EC) { + EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA_OR_EC); goto err; } - size = EVP_PKEY_size(priv); + size = EVP_PKEY_size(priv) >= ekl ? EVP_PKEY_size(priv) : ekl; key = OPENSSL_malloc(size + 2); if (key == NULL) { /* ERROR */ diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c index faa24648..ad1cac8a 100644 --- a/crypto/evp/p_seal.c +++ b/crypto/evp/p_seal.c @@ -10,7 +10,6 @@ #include #include "internal/cryptlib.h" #include -#include #include #include #include diff --git a/crypto/evp/scrypt.c b/crypto/evp/scrypt.c index 101bb1ed..200219c0 100644 --- a/crypto/evp/scrypt.c +++ b/crypto/evp/scrypt.c @@ -165,6 +165,16 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, uint32_t *X, *V, *T; uint64_t i, Blen, Vlen; size_t allocsize; + const EVP_MD *md; + +#ifndef OPENSSL_NO_SHA + md = EVP_sha256(); +#elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +#else + EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_NO_AVAIABLE_DIGEST); + return 0; +#endif /* Sanity check parameters */ /* initial check, r,p must be non zero, N >= 2 and a power of 2 */ @@ -230,14 +240,14 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, X = (uint32_t *)(B + Blen); T = X + 32 * r; V = T + 32 * r; - if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(), + if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, md, Blen, B) == 0) goto err; for (i = 0; i < p; i++) scryptROMix(B + 128 * r * i, r, N, X, T, V); - if (PKCS5_PBKDF2_HMAC(pass, passlen, B, Blen, 1, EVP_sha256(), + if (PKCS5_PBKDF2_HMAC(pass, passlen, B, Blen, 1, md, keylen, key) == 0) goto err; rv = 1; diff --git a/crypto/ffx/ffx.c b/crypto/ffx/ffx.c index ff2a9170..4622f674 100644 --- a/crypto/ffx/ffx.c +++ b/crypto/ffx/ffx.c @@ -50,10 +50,10 @@ #include #include #include -#include #include #include #include +#include #include "../modes/modes_lcl.h" diff --git a/crypto/gmapi/gmapi_err.c b/crypto/gmapi/gmapi_err.c index a261d159..2fae03f2 100644 --- a/crypto/gmapi/gmapi_err.c +++ b/crypto/gmapi/gmapi_err.c @@ -19,6 +19,16 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_GMAPI,0,reason) static ERR_STRING_DATA GMAPI_str_functs[] = { + {ERR_FUNC(GMAPI_F_D2I_ECCCIPHER), "d2i_ECCCipher"}, + {ERR_FUNC(GMAPI_F_D2I_ECCCIPHERBLOB), "d2i_ECCCIPHERBLOB"}, + {ERR_FUNC(GMAPI_F_D2I_ECCCIPHERBLOB_BIO), "d2i_ECCCIPHERBLOB_bio"}, + {ERR_FUNC(GMAPI_F_D2I_ECCCIPHERBLOB_FP), "d2i_ECCCIPHERBLOB_fp"}, + {ERR_FUNC(GMAPI_F_D2I_ECCSIGNATURE), "d2i_ECCSignature"}, + {ERR_FUNC(GMAPI_F_D2I_ECCSIGNATUREBLOB), "d2i_ECCSIGNATUREBLOB"}, + {ERR_FUNC(GMAPI_F_D2I_ECCSIGNATUREBLOB_BIO), "d2i_ECCSIGNATUREBLOB_bio"}, + {ERR_FUNC(GMAPI_F_D2I_ECCSIGNATUREBLOB_FP), "d2i_ECCSIGNATUREBLOB_fp"}, + {ERR_FUNC(GMAPI_F_ECCPRIVATEKEYBLOB_SET_PRIVATE_KEY), + "ECCPRIVATEKEYBLOB_set_private_key"}, {ERR_FUNC(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE), "ECDSA_SIG_get_ECCSignature"}, {ERR_FUNC(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB), @@ -31,6 +41,18 @@ static ERR_STRING_DATA GMAPI_str_functs[] = { "ECDSA_SIG_set_ECCSignature"}, {ERR_FUNC(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB), "ECDSA_SIG_set_ECCSIGNATUREBLOB"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER), + "ECIES_CIPHERTEXT_VALUE_get_ECCCipher"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB), + "ECIES_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER), + "ECIES_CIPHERTEXT_VALUE_new_from_ECCCipher"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB), + "ECIES_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER), + "ECIES_CIPHERTEXT_VALUE_set_ECCCipher"}, + {ERR_FUNC(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB), + "ECIES_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB"}, {ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB), "EC_KEY_get_ECCPRIVATEKEYBLOB"}, {ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB), @@ -55,6 +77,18 @@ static ERR_STRING_DATA GMAPI_str_functs[] = { "EC_KEY_set_ECCrefPrivateKey"}, {ERR_FUNC(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY), "EC_KEY_set_ECCrefPublicKey"}, + {ERR_FUNC(GMAPI_F_EVP_CIPHER_CTX_GET_SGD), "EVP_CIPHER_CTX_get_sgd"}, + {ERR_FUNC(GMAPI_F_EVP_CIPHER_GET_SGD), "EVP_CIPHER_get_sgd"}, + {ERR_FUNC(GMAPI_F_EVP_MD_GET_SGD), "EVP_MD_get_sgd"}, + {ERR_FUNC(GMAPI_F_EVP_PKEY_GET_SGD), "EVP_PKEY_get_sgd"}, + {ERR_FUNC(GMAPI_F_I2D_ECCCIPHER), "i2d_ECCCipher"}, + {ERR_FUNC(GMAPI_F_I2D_ECCCIPHERBLOB), "i2d_ECCCIPHERBLOB"}, + {ERR_FUNC(GMAPI_F_I2D_ECCCIPHERBLOB_BIO), "i2d_ECCCIPHERBLOB_bio"}, + {ERR_FUNC(GMAPI_F_I2D_ECCCIPHERBLOB_FP), "i2d_ECCCIPHERBLOB_fp"}, + {ERR_FUNC(GMAPI_F_I2D_ECCSIGNATURE), "i2d_ECCSignature"}, + {ERR_FUNC(GMAPI_F_I2D_ECCSIGNATUREBLOB), "i2d_ECCSIGNATUREBLOB"}, + {ERR_FUNC(GMAPI_F_I2D_ECCSIGNATUREBLOB_BIO), "i2d_ECCSIGNATUREBLOB_bio"}, + {ERR_FUNC(GMAPI_F_I2D_ECCSIGNATUREBLOB_FP), "i2d_ECCSIGNATUREBLOB_fp"}, {ERR_FUNC(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB), "RSA_get_RSAPRIVATEKEYBLOB"}, {ERR_FUNC(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB), "RSA_get_RSAPUBLICKEYBLOB"}, @@ -73,72 +107,6 @@ static ERR_STRING_DATA GMAPI_str_functs[] = { {ERR_FUNC(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB), "RSA_set_RSAPUBLICKEYBLOB"}, {ERR_FUNC(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY), "RSA_set_RSArefPrivateKey"}, {ERR_FUNC(GMAPI_F_RSA_SET_RSAREFPUBLICKEY), "RSA_set_RSArefPublicKey"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_CREATEBASE64OBJ), - "SAF_Base64_CreateBase64Obj"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_DECODE), "SAF_Base64_Decode"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_DECODEFINAL), "SAF_Base64_DecodeFinal"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_DECODEUPDATE), "SAF_Base64_DecodeUpdate"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODE), "SAF_Base64_Encode"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODEFINAL), "SAF_Base64_EncodeFinal"}, - {ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODEUPDATE), "SAF_Base64_EncodeUpdate"}, - {ERR_FUNC(GMAPI_F_SAF_CREATESYMMKEYOBJ), "SAF_CreateSymmKeyObj"}, - {ERR_FUNC(GMAPI_F_SAF_ECCPUBLICKEYENC), "SAF_EccPublicKeyEnc"}, - {ERR_FUNC(GMAPI_F_SAF_ECCPUBLICKEYENCBYCERT), - "SAF_EccPublicKeyEncByCert"}, - {ERR_FUNC(GMAPI_F_SAF_ECCSIGN), "SAF_EccSign"}, - {ERR_FUNC(GMAPI_F_SAF_ECCVERIFYSIGN), "SAF_EccVerifySign"}, - {ERR_FUNC(GMAPI_F_SAF_ECCVERIFYSIGNBYCERT), "SAF_EccVerifySignByCert"}, - {ERR_FUNC(GMAPI_F_SAF_GENECCKEYPAIR), "SAF_GenEccKeyPair"}, - {ERR_FUNC(GMAPI_F_SAF_GENERATEAGREEMENTDATAWITHECC), - "SAF_GenerateAgreementDataWithECC"}, - {ERR_FUNC(GMAPI_F_SAF_GENERATEKEYWITHECC), "SAF_GenerateKeyWithECC"}, - {ERR_FUNC(GMAPI_F_SAF_GETECCPUBLICKEY), "SAF_GetEccPublicKey"}, - {ERR_FUNC(GMAPI_F_SAF_MACFINAL), "SAF_MacFinal"}, - {ERR_FUNC(GMAPI_F_SAF_MACUPDATE), "SAF_MacUpdate"}, - {ERR_FUNC(GMAPI_F_SAF_PKCS7_DECODEDIGESTEDDATA), - "SAF_Pkcs7_DecodeDigestedData"}, - {ERR_FUNC(GMAPI_F_SAF_PKCS7_ENCODEDIGESTEDDATA), - "SAF_Pkcs7_EncodeDigestedData"}, - {ERR_FUNC(GMAPI_F_SAF_SYMMDECRYPTUPDATE), "SAF_SymmDecryptUpdate"}, - {ERR_FUNC(GMAPI_F_SAF_SYMMENCRYPTUPDATE), "SAF_SymmEncryptUpdate"}, - {ERR_FUNC(GMAPI_F_SKF_CLOSEHANDLE), "SKF_CloseHandle"}, - {ERR_FUNC(GMAPI_F_SKF_DECRYPT), "SKF_Decrypt"}, - {ERR_FUNC(GMAPI_F_SKF_DECRYPTFINAL), "SKF_DecryptFinal"}, - {ERR_FUNC(GMAPI_F_SKF_DECRYPTINIT), "SKF_DecryptInit"}, - {ERR_FUNC(GMAPI_F_SKF_DECRYPTUPDATE), "SKF_DecryptUpdate"}, - {ERR_FUNC(GMAPI_F_SKF_DIGEST), "SKF_Digest"}, - {ERR_FUNC(GMAPI_F_SKF_DIGESTFINAL), "SKF_DigestFinal"}, - {ERR_FUNC(GMAPI_F_SKF_DIGESTINIT), "SKF_DigestInit"}, - {ERR_FUNC(GMAPI_F_SKF_DIGESTUPDATE), "SKF_DigestUpdate"}, - {ERR_FUNC(GMAPI_F_SKF_ENCRYPT), "SKF_Encrypt"}, - {ERR_FUNC(GMAPI_F_SKF_ENCRYPTFINAL), "SKF_EncryptFinal"}, - {ERR_FUNC(GMAPI_F_SKF_ENCRYPTINIT), "SKF_EncryptInit"}, - {ERR_FUNC(GMAPI_F_SKF_ENCRYPTUPDATE), "SKF_EncryptUpdate"}, - {ERR_FUNC(GMAPI_F_SKF_EXTECCDECRYPT), "SKF_ExtECCDecrypt"}, - {ERR_FUNC(GMAPI_F_SKF_EXTECCENCRYPT), "SKF_ExtECCEncrypt"}, - {ERR_FUNC(GMAPI_F_SKF_EXTECCSIGN), "SKF_ExtECCSign"}, - {ERR_FUNC(GMAPI_F_SKF_EXTECCVERIFY), "SKF_ExtECCVerify"}, - {ERR_FUNC(GMAPI_F_SKF_EXTRSAPRIKEYOPERATION), - "SKF_ExtRSAPriKeyOperation"}, - {ERR_FUNC(GMAPI_F_SKF_EXTRSAPUBKEYOPERATION), - "SKF_ExtRSAPubKeyOperation"}, - {ERR_FUNC(GMAPI_F_SKF_GENEXTECCKEYPAIR), "SKF_GenExtECCKeyPair"}, - {ERR_FUNC(GMAPI_F_SKF_GENEXTRSAKEY), "SKF_GenExtRSAKey"}, - {ERR_FUNC(GMAPI_F_SKF_GENRANDOM), "SKF_GenRandom"}, - {ERR_FUNC(GMAPI_F_SKF_GETDEVINFO), "SKF_GetDevInfo"}, - {ERR_FUNC(GMAPI_F_SKF_GETDEVSTATE), "SKF_GetDevState"}, - {ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CBCMAC_CTX), - "SKF_HANDLE_get_cbcmac_ctx"}, - {ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CIPHER), "SKF_HANDLE_get_cipher"}, - {ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CIPHER_CTX), - "SKF_HANDLE_get_cipher_ctx"}, - {ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_KEY), "SKF_HANDLE_get_key"}, - {ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_MD_CTX), "SKF_HANDLE_get_md_ctx"}, - {ERR_FUNC(GMAPI_F_SKF_MAC), "SKF_Mac"}, - {ERR_FUNC(GMAPI_F_SKF_MACFINAL), "SKF_MacFinal"}, - {ERR_FUNC(GMAPI_F_SKF_MACINIT), "SKF_MacInit"}, - {ERR_FUNC(GMAPI_F_SKF_MACUPDATE), "SKF_MacUpdate"}, - {ERR_FUNC(GMAPI_F_SKF_SETSYMMKEY), "SKF_SetSymmKey"}, {ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER), "SM2CiphertextValue_get_ECCCipher"}, {ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB), @@ -151,101 +119,50 @@ static ERR_STRING_DATA GMAPI_str_functs[] = { "SM2CiphertextValue_set_ECCCipher"}, {ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB), "SM2CiphertextValue_set_ECCCIPHERBLOB"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER), - "SM2_CIPHERTEXT_VALUE_get_ECCCipher"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB), - "SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER), - "SM2_CIPHERTEXT_VALUE_new_from_ECCCipher"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB), - "SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER), - "SM2_CIPHERTEXT_VALUE_set_ECCCipher"}, - {ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB), - "SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB"}, {0, NULL} }; static ERR_STRING_DATA GMAPI_str_reasons[] = { {ERR_REASON(GMAPI_R_BUFFER_TOO_SMALL), "buffer too small"}, - {ERR_REASON(GMAPI_R_CBCMAC_FAILURE), "cbcmac failure"}, - {ERR_REASON(GMAPI_R_CTX_NOT_CREATED), "ctx not created"}, {ERR_REASON(GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED), "decode ec private key failed"}, {ERR_REASON(GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED), "decode ec public key failed"}, - {ERR_REASON(GMAPI_R_DECRYPT_FAILED), "decrypt failed"}, - {ERR_REASON(GMAPI_R_ENCODE_CIPHERTEXT_FAILED), - "encode ciphertext failed"}, - {ERR_REASON(GMAPI_R_ENCODE_FAILED), "encode failed"}, {ERR_REASON(GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED), "encode rsa public key failed"}, - {ERR_REASON(GMAPI_R_ENCODE_SIGNATURE_FAILED), "encode signature failed"}, - {ERR_REASON(GMAPI_R_ENCRYPT_FAILED), "encrypt failed"}, - {ERR_REASON(GMAPI_R_FAIL), "fail"}, - {ERR_REASON(GMAPI_R_GEN_RANDOM), "gen random"}, - {ERR_REASON(GMAPI_R_GEN_RSA_FAILED), "gen rsa failed"}, - {ERR_REASON(GMAPI_R_GET_PRIVATE_KEY_FAILED), "get private key failed"}, - {ERR_REASON(GMAPI_R_GET_PUBLIC_KEY_FAILED), "get public key failed"}, - {ERR_REASON(GMAPI_R_INT_OVERFLOW), "int overflow"}, - {ERR_REASON(GMAPI_R_INVALID_ALGID), "invalid algid"}, {ERR_REASON(GMAPI_R_INVALID_ALGOR), "invalid algor"}, - {ERR_REASON(GMAPI_R_INVALID_ARGUMENTS), "invalid arguments"}, {ERR_REASON(GMAPI_R_INVALID_BIGNUM_LENGTH), "invalid bignum length"}, - {ERR_REASON(GMAPI_R_INVALID_BLOB), "invalid blob"}, - {ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT), "invalid ciphertext"}, {ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_LENGTH), "invalid ciphertext length"}, {ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_MAC), "invalid ciphertext mac"}, {ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_POINT), "invalid ciphertext point"}, - {ERR_REASON(GMAPI_R_INVALID_CIPHER_CTX_HANDLE), - "invalid cipher ctx handle"}, {ERR_REASON(GMAPI_R_INVALID_CIPHETEXT_LENGTH), "invalid ciphetext length"}, - {ERR_REASON(GMAPI_R_INVALID_CONTEXT), "invalid context"}, - {ERR_REASON(GMAPI_R_INVALID_DIGEST_ALGOR), "invalid digest algor"}, - {ERR_REASON(GMAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"}, - {ERR_REASON(GMAPI_R_INVALID_ECC_PRIVATE_KEY), "invalid ecc private key"}, - {ERR_REASON(GMAPI_R_INVALID_ECC_PUBLIC_KEY), "invalid ecc public key"}, {ERR_REASON(GMAPI_R_INVALID_EC_KEY), "invalid ec key"}, {ERR_REASON(GMAPI_R_INVALID_EC_PRIVATE_KEY), "invalid ec private key"}, {ERR_REASON(GMAPI_R_INVALID_EC_PUBLIC_KEY), "invalid ec public key"}, - {ERR_REASON(GMAPI_R_INVALID_FEED_BIT_LENGTH), "invalid feed bit length"}, - {ERR_REASON(GMAPI_R_INVALID_HANDLE), "invalid handle"}, - {ERR_REASON(GMAPI_R_INVALID_HANDLE_ALGOR), "invalid handle algor"}, - {ERR_REASON(GMAPI_R_INVALID_HANDLE_MAGIC), "invalid handle magic"}, - {ERR_REASON(GMAPI_R_INVALID_HANDLE_TYPE), "invalid handle type"}, - {ERR_REASON(GMAPI_R_INVALID_HASH_HANDLE), "invalid hash handle"}, - {ERR_REASON(GMAPI_R_INVALID_ID_LENGTH), "invalid id length"}, - {ERR_REASON(GMAPI_R_INVALID_INPUT_LENGTH), "invalid input length"}, - {ERR_REASON(GMAPI_R_INVALID_IV_LENGTH), "invalid iv length"}, - {ERR_REASON(GMAPI_R_INVALID_KEY_HANDLE), "invalid key handle"}, {ERR_REASON(GMAPI_R_INVALID_KEY_LENGTH), "invalid key length"}, - {ERR_REASON(GMAPI_R_INVALID_KEY_USAGE), "invalid key usage"}, - {ERR_REASON(GMAPI_R_INVALID_LENGTH), "invalid length"}, - {ERR_REASON(GMAPI_R_INVALID_MAC_HANDLE), "invalid mac handle"}, - {ERR_REASON(GMAPI_R_INVALID_PLAINTEXT_LENGTH), - "invalid plaintext length"}, {ERR_REASON(GMAPI_R_INVALID_PRIVATE_KEY), "invalid private key"}, {ERR_REASON(GMAPI_R_INVALID_PUBLIC_KEY), "invalid public key"}, - {ERR_REASON(GMAPI_R_INVALID_RANDOM_LENGTH), "invalid random length"}, {ERR_REASON(GMAPI_R_INVALID_RSA_KEY_LENGTH), "invalid rsa key length"}, {ERR_REASON(GMAPI_R_INVALID_RSA_PRIVATE_KEY), "invalid rsa private key"}, {ERR_REASON(GMAPI_R_INVALID_RSA_PUBLIC_KEY), "invalid rsa public key"}, {ERR_REASON(GMAPI_R_INVALID_SIGNATURE), "invalid signature"}, + {ERR_REASON(GMAPI_R_INVALID_SKF_CIPHERTEXT), "invalid skf ciphertext"}, + {ERR_REASON(GMAPI_R_INVALID_SKF_EC_CIPHERTEXT), + "invalid skf ec ciphertext"}, {ERR_REASON(GMAPI_R_INVALID_SM2_CIPHERTEXT), "invalid sm2 ciphertext"}, + {ERR_REASON(GMAPI_R_INVALID_SM2_CIPHERTEXT_MAC_LENGTH), + "invalid sm2 ciphertext mac length"}, + {ERR_REASON(GMAPI_R_INVALID_SM2_PRIVATE_KEY), "invalid sm2 private key"}, {ERR_REASON(GMAPI_R_INVALID_SM2_SIGNATURE), "invalid sm2 signature"}, - {ERR_REASON(GMAPI_R_MAC_FAILURE), "mac failure"}, {ERR_REASON(GMAPI_R_MALLOC_FAILED), "malloc failed"}, {ERR_REASON(GMAPI_R_NOT_CONVERTABLE), "not convertable"}, - {ERR_REASON(GMAPI_R_NO_PUBLIC_KEY), "no public key"}, - {ERR_REASON(GMAPI_R_NULL_ARGUMENT), "null argument"}, - {ERR_REASON(GMAPI_R_OPERATION_NOT_INITIALIZED), - "operation not initialized"}, - {ERR_REASON(GMAPI_R_SAF_ERROR), "saf error"}, - {ERR_REASON(GMAPI_R_SIGN_FAILED), "sign failed"}, - {ERR_REASON(GMAPI_R_VERIFY_NOT_PASS), "verify not pass"}, + {ERR_REASON(GMAPI_R_NOT_IMPLEMENTED), "not implemented"}, + {ERR_REASON(GMAPI_R_NOT_SUPPORTED_GMAPI_CIPHER), + "not supported gmapi cipher"}, + {ERR_REASON(GMAPI_R_NOT_SUPPORTED_PKEY), "not supported pkey"}, {0, NULL} }; diff --git a/crypto/gmapi/gmapi_sdf_ec.c b/crypto/gmapi/gmapi_sdf_ec.c index 4531718f..2afd7ded 100644 --- a/crypto/gmapi/gmapi_sdf_ec.c +++ b/crypto/gmapi/gmapi_sdf_ec.c @@ -58,19 +58,30 @@ * This is different from SAF/SDF/SKF where return 0 means success. */ -#include -#include -#include -#include -#include -#include -#include "../sm2/sm2_lcl.h" +#include +#include "internal/cryptlib.h" + +#if !defined(OPENSSL_NO_SDF) && !defined(OPENSSL_NO_EC) +# include +# include +# include +# include +# include +# include +# include "../sm2/sm2_lcl.h" +# include "../ecies/ecies_lcl.h" EC_KEY *EC_KEY_new_from_ECCrefPublicKey(const ECCrefPublicKey *ref) { EC_KEY *ret; + if (!ref) { + GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY, + ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + if (!(ret = EC_KEY_new_by_curve_name(NID_sm2p256v1))) { GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY, ERR_R_EC_LIB); return NULL; @@ -253,7 +264,6 @@ int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref) { const EC_GROUP *group; const BIGNUM *sk; - int nbytes; /* check arguments */ if (!ec_key || !ref) { @@ -282,8 +292,7 @@ int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref) ref->bits = EC_GROUP_get_degree(group); - nbytes = (EC_GROUP_get_degree(group) + 7)/8; - if (!BN_bn2bin(sk, ref->K + nbytes - BN_num_bytes(sk))) { + if (!BN_bn2bin(sk, ref->K + sizeof(ref->K) - BN_num_bytes(sk))) { GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY, ERR_R_BN_LIB); return 0; } @@ -291,6 +300,7 @@ int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref) return 1; } +# ifndef OPENSSL_NO_SM2 SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCipher(const ECCCipher *ref) { SM2CiphertextValue *ret = NULL; @@ -465,6 +475,7 @@ int SM2CiphertextValue_get_ECCCipher(const SM2CiphertextValue *cv, end: return ret; } +# endif ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref) { @@ -587,3 +598,306 @@ int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref) return 1; } + +ECCCipher *d2i_ECCCipher(ECCCipher **a, const unsigned char **pp, long length) +{ + ECCCipher *ret = NULL; + ECCCipher *sdf = NULL; + SM2CiphertextValue *cv = NULL; + + if (!(cv = d2i_SM2CiphertextValue(NULL, pp, length))) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHER, ERR_R_SM2_LIB); + goto end; + } + + if (*a) { + if (!SM2CiphertextValue_get_ECCCipher(cv, *a)) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHER, ERR_R_GMAPI_LIB); + goto end; + } + ret = *a; + } else { + if (!(sdf = OPENSSL_malloc(sizeof(ECCCipher) - 1 + + ASN1_STRING_length(cv->ciphertext)))) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHER, ERR_R_MALLOC_FAILURE); + goto end; + } + sdf->L = ASN1_STRING_length(cv->ciphertext); + if (!SM2CiphertextValue_get_ECCCipher(cv, sdf)) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHER, ERR_R_GMAPI_LIB); + goto end; + } + ret = sdf; + sdf = NULL; + } + +end: + OPENSSL_free(sdf); + SM2CiphertextValue_free(cv); + return ret; +} + +ECCCipher *d2i_ECCCipher_bio(BIO *bp, ECCCipher **a) +{ + return NULL; +} + +ECCCipher *d2i_ECCCipher_fp(FILE *fp, ECCCipher **a) +{ + return NULL; +} + +int i2d_ECCCipher(ECCCipher *a, unsigned char **pp) +{ + int ret; + SM2CiphertextValue *cv = NULL; + + if (!(cv = SM2CiphertextValue_new_from_ECCCipher(a))) { + GMAPIerr(GMAPI_F_I2D_ECCCIPHER, ERR_R_SM2_LIB); + return 0; + } + + ret = i2d_SM2CiphertextValue(cv, pp); + SM2CiphertextValue_free(cv); + return ret; +} + +int i2d_ECCCipher_bio(BIO *bp, ECCCipher *a) +{ + return 0; +} + +int i2d_ECCCipher_fp(FILE *fp, ECCCipher *a) +{ + return 0; +} + +ECCSignature *d2i_ECCSignature(ECCSignature **a, const unsigned char **pp, long length) +{ + ECCSignature *ret = NULL; + ECCSignature *sdf_sig = NULL; + ECDSA_SIG *sig = NULL; + + if (!(sig = d2i_ECDSA_SIG(NULL, pp, length))) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATURE, ERR_R_EC_LIB); + goto end; + } + + if (!(sdf_sig = OPENSSL_malloc(sizeof(ECCSignature)))) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATURE, ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!ECDSA_SIG_get_ECCSignature(sig, sdf_sig)) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATURE, ERR_R_GMAPI_LIB); + goto end; + } + + ret = sdf_sig; + sdf_sig = NULL; + +end: + OPENSSL_free(sdf_sig); + ECDSA_SIG_free(sig); + return ret; +} + +ECCSignature *d2i_ECCSignature_bio(BIO *bp, ECCSignature **a) +{ + return NULL; +} + +ECCSignature *d2i_ECCSignature_fp(FILE *fp, ECCSignature **a) +{ + return NULL; +} + +int i2d_ECCSignature(ECCSignature *a, unsigned char **pp) +{ + int ret; + ECDSA_SIG *sig = NULL; + + if (!(sig = ECDSA_SIG_new_from_ECCSignature(a))) { + GMAPIerr(GMAPI_F_I2D_ECCSIGNATURE, ERR_R_GMAPI_LIB); + return 0; + } + + ret = i2d_ECDSA_SIG(sig, pp); + ECDSA_SIG_free(sig); + return ret; +} + +int i2d_ECCSignature_bio(BIO *bp, ECCSignature *a) +{ + return 0; +} + +int i2d_ECCSignature_fp(FILE *fp, ECCSignature *a) +{ + return 0; +} + +# ifndef OPENSSL_NO_ECIES +ECIES_CIPHERTEXT_VALUE *ECIES_CIPHERTEXT_VALUE_new_from_ECCCipher( + const ECCCipher *ref) +{ + ECIES_CIPHERTEXT_VALUE *ret = NULL; + ECIES_CIPHERTEXT_VALUE *cv = NULL; + + + if (!(cv = ECIES_CIPHERTEXT_VALUE_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER, + ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!ECIES_CIPHERTEXT_VALUE_set_ECCCipher(cv, ref)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER, + ERR_R_GMAPI_LIB); + goto end; + } + + ret = cv; + cv = NULL; + +end: + ECIES_CIPHERTEXT_VALUE_free(cv); + return ret; +} + +int ECIES_CIPHERTEXT_VALUE_set_ECCCipher(ECIES_CIPHERTEXT_VALUE *cv, const ECCCipher *ref) +{ + int ret = 0; + int point_form = POINT_CONVERSION_COMPRESSED; + EC_GROUP *group = NULL; + EC_POINT *point = NULL; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + BN_CTX *bn_ctx = NULL; + int len; + + if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1)) + || !(point = EC_POINT_new(group)) + || !(x = BN_new()) + || !(y = BN_new()) + || !(bn_ctx = BN_CTX_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!BN_bin2bn(ref->x, sizeof(ref->x), x) + || !BN_bin2bn(ref->y, sizeof(ref->y), y)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_BN_LIB); + goto end; + } + + if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_EC_LIB); + goto end; + } + + len = EC_POINT_point2oct(group, point, point_form, NULL, 0, NULL); + if (!ASN1_OCTET_STRING_set(cv->ephem_point, NULL, len)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_MALLOC_FAILURE); + goto end; + } + if (EC_POINT_point2oct(group, point, point_form, + cv->ephem_point->data, len, NULL) <= 0) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_EC_LIB); + goto end; + } + + if (!ASN1_OCTET_STRING_set(cv->ciphertext, ref->C, ref->L)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_ASN1_LIB); + goto end; + } + + if (!ASN1_OCTET_STRING_set(cv->mactag, ref->M, sizeof(ref->M))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER, + ERR_R_ASN1_LIB); + goto end; + } + + ret = 1; + +end: + EC_GROUP_free(group); + EC_POINT_free(point); + BN_free(x); + BN_free(y); + BN_CTX_free(bn_ctx); + return ret; +} + +int ECIES_CIPHERTEXT_VALUE_get_ECCCipher(const ECIES_CIPHERTEXT_VALUE *cv, ECCCipher *ref) +{ + int ret = 0; + EC_GROUP *group = NULL; + EC_POINT *point = NULL; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + BN_CTX *bn_ctx = NULL; + int len; + + if (ASN1_STRING_length(cv->mactag) != sizeof(ref->M)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER, + GMAPI_R_INVALID_SM2_CIPHERTEXT_MAC_LENGTH); + return 0; + } + + len = sizeof(ECCCipher) - 1 + ASN1_STRING_length(cv->ciphertext); + + if (!ref) { + return len; + } + + if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1)) + || !(point = EC_POINT_new(group)) + || !(x = BN_new()) + || !(y = BN_new()) + || !(bn_ctx = BN_CTX_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER, + ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!EC_POINT_oct2point(group, point, + ASN1_STRING_get0_data(cv->ephem_point), + ASN1_STRING_length(cv->ephem_point), bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER, + ERR_R_EC_LIB); + goto end; + } + + if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER, + ERR_R_EC_LIB); + goto end; + } + + memset(ref, 0, len); + BN_bn2bin(x, ref->x + sizeof(ref->x) - BN_num_bytes(x)); + BN_bn2bin(y, ref->y + sizeof(ref->y) - BN_num_bytes(y)); + memcpy(ref->C, ASN1_STRING_get0_data(cv->ciphertext), + ASN1_STRING_length(cv->ciphertext)); + memcpy(ref->M, ASN1_STRING_get0_data(cv->mactag), + ASN1_STRING_length(cv->mactag)); + + ret = len; + +end: + EC_GROUP_free(group); + EC_POINT_free(point); + BN_free(x); + BN_free(y); + BN_CTX_free(bn_ctx); + return ret; +} +# endif /* OPENSSL_NO_ECIES */ +#endif diff --git a/crypto/gmapi/gmapi_sdf_rsa.c b/crypto/gmapi/gmapi_sdf_rsa.c index cc8957ef..463f12f1 100644 --- a/crypto/gmapi/gmapi_sdf_rsa.c +++ b/crypto/gmapi/gmapi_sdf_rsa.c @@ -1,209 +1,385 @@ -/* ==================================================================== - * Copyright (c) 2015-2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -/* convert RSA between native and SDF types, never include skf.h */ -#include -#include -#include -#include -#include -#include "../rsa/rsa_locl.h" //FIXME - - -RSA *RSA_new_from_RSArefPublicKey(const RSArefPublicKey *ref) -{ - RSA *ret; - if (!(ret = RSA_new())) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, ERR_R_RSA_LIB); - return NULL; - } - if (!RSA_set_RSArefPublicKey(ret, ref)) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - RSA_free(ret); - return NULL; - } - return ret; -} - -int RSA_set_RSArefPublicKey(RSA *rsa, const RSArefPublicKey *ref) -{ - if (!rsa || !ref) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((ref->bits < 1024) || (ref->bits > RSAref_MAX_LEN*8) || - (ref->bits % 8 != 0)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_KEY_LENGTH); - return 0; - } - if (!(rsa->n = BN_bin2bn(ref->m, ref->bits/8, rsa->n))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - if (!(rsa->e = BN_bin2bn(ref->e, RSAref_MAX_LEN, rsa->e))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - if (!RSA_check_key(rsa)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - return 1; -} - -int RSA_get_RSArefPublicKey(RSA *rsa, RSArefPublicKey *ref) -{ - int nbytes; - if (!rsa || !ref) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (!rsa->n || !rsa->e) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - nbytes = BN_num_bytes(rsa->n); - if (!BN_bn2bin(rsa->n, ref->m) || !BN_bn2bin(rsa->e, - ref->e + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e))) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, - GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); - return 0; - } - return 1; -} - -RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref) -{ - RSA *ret; - if (!(ret = RSA_new())) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, ERR_R_RSA_LIB); - return NULL; - } - if (!RSA_set_RSArefPrivateKey(ret, ref)) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - RSA_free(ret); - return NULL; - } - return ret; -} - - -int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref) -{ - int nbytes; - if (!rsa || !ref) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((ref->bits < 1024) || (ref->bits > RSAref_MAX_LEN*8) || - (ref->bits % 8 != 0) || (ref->bits % 16 != 0)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, - GMAPI_R_INVALID_KEY_LENGTH); - return 0; - } - nbytes = ref->bits/8; - if (!(rsa->n = BN_bin2bn(ref->m, nbytes, rsa->n)) || - !(rsa->e = BN_bin2bn(ref->e, MAX_RSA_EXPONENT_LEN, rsa->e)) || - !(rsa->d = BN_bin2bn(ref->d, nbytes, rsa->d)) || - !(rsa->p = BN_bin2bn(ref->prime[0], nbytes/2, rsa->p)) || - !(rsa->q = BN_bin2bn(ref->prime[1], nbytes/2, rsa->q)) || - !(rsa->dmp1 = BN_bin2bn(ref->pexp[0], nbytes/2, rsa->dmp1)) || - !(rsa->dmq1 = BN_bin2bn(ref->pexp[1], nbytes/2, rsa->dmq1)) || - !(rsa->iqmp = BN_bin2bn(ref->coef, nbytes/2, rsa->iqmp))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - return 1; -} - -int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref) -{ - int nbytes; - if (!rsa || !ref) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q || - !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - - memset(ref, 0, sizeof(*ref)); - ref->bits = BN_num_bits(rsa->n); - - nbytes = BN_num_bytes(rsa->n); - if (!BN_bn2bin(rsa->n, ref->m) || - !BN_bn2bin(rsa->e, ref->e + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e)) || - !BN_bn2bin(rsa->d, ref->d + nbytes - BN_num_bytes(rsa->d)) || - !BN_bn2bin(rsa->p, (unsigned char *)&(ref->prime[0]) + nbytes/2 - BN_num_bytes(rsa->p)) || - !BN_bn2bin(rsa->q, (unsigned char *)&(ref->prime[1]) + nbytes/2 - BN_num_bytes(rsa->q)) || - !BN_bn2bin(rsa->dmp1, (unsigned char *)&(ref->pexp[0]) + nbytes/2 - BN_num_bytes(rsa->dmp1)) || - !BN_bn2bin(rsa->dmq1, (unsigned char *)&(ref->pexp[1]) + nbytes/2 - BN_num_bytes(rsa->dmq1)) || - !BN_bn2bin(rsa->iqmp, ref->coef + nbytes/2 - BN_num_bytes(rsa->iqmp))) { - GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - - return 1; -} +/* ==================================================================== + * Copyright (c) 2015-2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include "internal/cryptlib.h" + +#if !defined(OPENSSL_NO_SDF) && !defined(OPENSSL_NO_RSA) +# include +# include +# include +# include + +RSA *RSA_new_from_RSArefPublicKey(const RSArefPublicKey *ref) +{ + RSA *ret = NULL; + RSA *rsa = NULL; + + if (!ref) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, + ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + + if (!(rsa = RSA_new())) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (!RSA_set_RSArefPublicKey(rsa, ref)) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + + ret = rsa; + rsa = NULL; + +end: + RSA_free(rsa); + return ret; +} + +int RSA_set_RSArefPublicKey(RSA *rsa, const RSArefPublicKey *ref) +{ + int ret = 0; + BIGNUM *n = NULL; + BIGNUM *e = NULL; + + if (!rsa || !ref) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if ((ref->bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS) || + (ref->bits > sizeof(ref->m) * 8) || (ref->bits % 8 != 0)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, + GMAPI_R_INVALID_RSA_KEY_LENGTH); + return 0; + } + + if (!(n = BN_bin2bn(ref->m, sizeof(ref->m), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, ERR_R_BN_LIB); + goto end; + } + + if (!(e = BN_bin2bn(ref->e, sizeof(ref->e), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, ERR_R_BN_LIB); + goto end; + } + + if (!RSA_set0_key(rsa, n, e, NULL)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, ERR_R_RSA_LIB); + goto end; + } + n = NULL; + e = NULL; + + if (1 != RSA_check_key(rsa)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + + ret = 1; + +end: + BN_free(n); + BN_free(e); + return ret; +} + +int RSA_get_RSArefPublicKey(RSA *rsa, RSArefPublicKey *ref) +{ + const BIGNUM *n; + const BIGNUM *e; + + if (!rsa || !ref) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + RSA_get0_key(rsa, &n, &e, NULL); + + if (!n || !e) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + return 0; + } + if (RSA_bits(rsa) % 8 != 0 || RSA_bits(rsa) > sizeof(ref->m) * 8) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + return 0; + } + + memset(ref, 0, sizeof(RSArefPublicKey)); + ref->bits = RSA_bits(rsa); + + if (BN_bn2bin(n, ref->m + sizeof(ref->m) - BN_num_bytes(n)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, + GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); + return 0; + } + + if (BN_bn2bin(e, ref->e + sizeof(ref->e) - BN_num_bytes(e)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY, + GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); + return 0; + } + + return 1; +} + +RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref) +{ + RSA *ret = NULL; + RSA *rsa = NULL; + + if (!ref) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, + ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + + if (!(rsa = RSA_new())) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (!RSA_set_RSArefPrivateKey(rsa, ref)) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + + ret = rsa; + rsa = NULL; + +end: + RSA_free(ret); + return ret; +} + + +int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref) +{ + int ret = 0; + BIGNUM *n = NULL; + BIGNUM *e = NULL; + BIGNUM *d = NULL; + BIGNUM *p = NULL; + BIGNUM *q = NULL; + BIGNUM *dmp1 = NULL; + BIGNUM *dmq1 = NULL; + BIGNUM *iqmp = NULL; + + if (!rsa || !ref) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (ref->bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS + || ref->bits > sizeof(ref->m) *8 + || ref->bits % 8 != 0 + || ref->bits % 16 != 0) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_KEY_LENGTH); + return 0; + } + + if (!(n = BN_bin2bn(ref->m, sizeof(ref->m), NULL)) + || !(e = BN_bin2bn(ref->e, sizeof(ref->e), NULL)) + || !(d = BN_bin2bn(ref->d, sizeof(ref->d), NULL)) + || !(p = BN_bin2bn(ref->prime[0], sizeof(ref->prime[0]), NULL)) + || !(q = BN_bin2bn(ref->prime[1], sizeof(ref->prime[1]), NULL)) + || !(dmp1 = BN_bin2bn(ref->pexp[0], sizeof(ref->pexp[0]), NULL)) + || !(dmq1 = BN_bin2bn(ref->pexp[0], sizeof(ref->pexp[1]), NULL)) + || !(iqmp = BN_bin2bn(ref->coef, sizeof(ref->coef), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, ERR_R_BN_LIB); + goto end; + } + + if (!RSA_set0_key(rsa, n, e, d)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + n = NULL; + e = NULL; + d = NULL; + + if (!RSA_set0_factors(rsa, p, q)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + p = NULL; + q = NULL; + + if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + dmp1 = NULL; + dmq1 = NULL; + iqmp = NULL; + + ret = 1; + +end: + BN_free(n); + BN_free(e); + BN_free(d); + BN_free(p); + BN_free(q); + BN_free(dmp1); + BN_free(dmq1); + BN_free(iqmp); + return ret; +} + +int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref) +{ + const BIGNUM *n; + const BIGNUM *e; + const BIGNUM *d; + const BIGNUM *p; + const BIGNUM *q; + const BIGNUM *dmp1; + const BIGNUM *dmq1; + const BIGNUM *iqmp; + + if (!rsa || !ref) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (RSA_bits(rsa) % 8 != 0 || RSA_bits(rsa) > sizeof(ref->m) * 8) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + RSA_get0_key(rsa, &n, &e, &d); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + + if (!n || !e || !d) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + memset(ref, 0, sizeof(RSArefPrivateKey)); + + ref->bits = RSA_bits(rsa); + + if (BN_bn2bin(n, ref->m + sizeof(ref->m) - BN_num_bytes(n)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (BN_bn2bin(e, ref->e + sizeof(ref->e) - BN_num_bytes(e)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (BN_bn2bin(d, ref->d + sizeof(ref->d) - BN_num_bytes(d)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (p && BN_bn2bin(p, ref->prime[0] + sizeof(ref->prime[0]) - + BN_num_bytes(p)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (q && BN_bn2bin(q, ref->prime[1] + sizeof(ref->prime[1]) - + BN_num_bytes(q)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (dmp1 && BN_bn2bin(dmp1, ref->pexp[0] + sizeof(ref->pexp[0]) - + BN_num_bytes(dmp1)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (dmq1 && BN_bn2bin(dmq1, ref->pexp[1] + sizeof(ref->pexp[1]) - + BN_num_bytes(dmq1)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (iqmp && BN_bn2bin(iqmp, ref->coef + sizeof(ref->coef) - + BN_num_bytes(iqmp)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + return 1; +} +#endif diff --git a/crypto/gmapi/gmapi_sgd.c b/crypto/gmapi/gmapi_sgd.c index 9557a30c..91f1436a 100644 --- a/crypto/gmapi/gmapi_sgd.c +++ b/crypto/gmapi/gmapi_sgd.c @@ -49,80 +49,168 @@ #include #include +#include #include #include +#include +#include "../../e_os.h" -const EVP_MD *EVP_get_digestbysgd(int sgd) +typedef struct { + int nid; + ULONG ulAlgId; + ULONG ulFeedBitLen; +} GMAPI_CIPHER_ITEM; + +static GMAPI_CIPHER_ITEM gmapi_ciphers[] = { + {NID_sm1_ecb, SGD_SM1_ECB, 0}, + {NID_sm1_cbc, SGD_SM1_CBC, 0}, + {NID_sm1_cfb1, SGD_SM1_CFB, 1}, + {NID_sm1_cfb8, SGD_SM1_CFB, 8}, + {NID_sm1_cfb128, SGD_SM1_CFB, 128}, + {NID_sm1_ofb128, SGD_SM1_OFB, 128}, + {NID_sms4_ecb, SGD_SM4_ECB, 0}, + {NID_sms4_cbc, SGD_SM4_CBC, 0}, + {NID_sms4_cfb1, SGD_SM4_CFB, 1}, + {NID_sms4_cfb8, SGD_SM4_CFB, 8}, + {NID_sms4_cfb128, SGD_SM4_CFB, 128}, + {NID_sms4_ofb128, SGD_SM4_OFB, 128}, + {NID_ssf33_ecb, SGD_SSF33_ECB, 0}, + {NID_ssf33_cbc, SGD_SSF33_CBC, 0}, + {NID_ssf33_cfb1, SGD_SSF33_CFB, 1}, + {NID_ssf33_cfb8, SGD_SSF33_CFB, 8}, + {NID_ssf33_cfb128, SGD_SSF33_CFB, 128}, + {NID_ssf33_ofb128, SGD_SSF33_OFB, 128}, + {NID_zuc_128eea3, SGD_ZUC_EEA3, 0}, +}; + +const EVP_CIPHER *EVP_get_cipherbysgd(ULONG ulAlgId, ULONG ulFeedBitLen) { - switch (sgd) { - case SGD_SM3: - return EVP_sm3(); - case SGD_SHA1: - return EVP_sha1(); - case SGD_SHA256: - return EVP_sha256(); + size_t i; + + for (i = 0; i < OSSL_NELEM(gmapi_ciphers); i++) { + if (gmapi_ciphers[i].ulAlgId == ulAlgId + && gmapi_ciphers[i].ulFeedBitLen == ulFeedBitLen) { + return EVP_get_cipherbynid(gmapi_ciphers[i].nid); + } } - return NULL; + + return NULL; } -const EVP_CIPHER *EVP_get_cipherbysgd(int sgd) +int EVP_CIPHER_get_sgd(const EVP_CIPHER *cipher, ULONG *pulAlgId, ULONG *pulFeedBits) { - switch (sgd) { - case SGD_SM4_ECB: - return EVP_sms4_ecb(); - case SGD_SM4_CBC: - return EVP_sms4_cbc(); - case SGD_SM4_CFB: - return EVP_sms4_cfb(); - case SGD_SM4_OFB: - return EVP_sms4_ofb(); -#define OPENSSL_NO_ZUC -#ifndef OPENSSL_NO_ZUC - case SGD_ZUC: - return EVP_zuc(); - case SGD_ZUC_EEA3: - return EVP_zuc_eea3(); -#endif + size_t i; + + if (!cipher || !pulAlgId || !pulFeedBits) { + GMAPIerr(GMAPI_F_EVP_CIPHER_GET_SGD, ERR_R_PASSED_NULL_PARAMETER); + return 0; } + + for (i = 0; i < OSSL_NELEM(gmapi_ciphers); i++) { + if (EVP_CIPHER_nid(cipher) == gmapi_ciphers[i].nid) { + *pulAlgId = gmapi_ciphers[i].ulAlgId; + *pulFeedBits = gmapi_ciphers[i].ulFeedBitLen; + return 1; + } + } + + /* caller can clear this error */ + GMAPIerr(GMAPI_F_EVP_CIPHER_GET_SGD, GMAPI_R_NOT_SUPPORTED_GMAPI_CIPHER); + *pulAlgId = 0; + *pulFeedBits = 0; + return 0; +} + +int EVP_CIPHER_CTX_get_sgd(const EVP_CIPHER_CTX *ctx, + ULONG *pulAlgId, ULONG *pulFeedBits) +{ + if (!ctx || !pulAlgId || !pulFeedBits) { + GMAPIerr(GMAPI_F_EVP_CIPHER_CTX_GET_SGD, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + return EVP_CIPHER_get_sgd(EVP_CIPHER_CTX_cipher(ctx), pulAlgId, pulFeedBits); +} + +typedef struct { + int nid; + ULONG ulAlgId; +} GMAPI_ALGOR_ITEM; + + +static GMAPI_ALGOR_ITEM gmapi_digests[] = { + {NID_sm3, SGD_SM3}, + {NID_sha1, SGD_SHA1}, + {NID_sha256, SGD_SHA256}, +}; + +const EVP_MD *EVP_get_digestbysgd(ULONG ulAlgId) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(gmapi_digests); i++) { + if (gmapi_digests[i].ulAlgId == ulAlgId) { + return EVP_get_digestbynid(gmapi_digests[i].nid); + } + } + return NULL; } -/* -int load_engine(void) +int EVP_MD_get_sgd(const EVP_MD *md, ULONG *ulAlgId) { - ENGINE *e; + size_t i; - ENGINE_load_builtin_engines(0); + if (!md || !ulAlgId) { + GMAPIerr(GMAPI_F_EVP_MD_GET_SGD, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } - ENGINE_register_all_complete(); + for (i = 0; i < OSSL_NELEM(gmapi_digests); i++) { + if (gmapi_digests[i].nid == EVP_MD_nid(md)) { + *ulAlgId = gmapi_digests[i].ulAlgId; + return 1; + } + } - -} -*/ - - -const char *GMAPI_keyusage2str(int usage) -{ - return NULL; -} - -int GMAPI_sgd2ciphernid(int sgd) -{ + *ulAlgId = 0; return 0; } -int GMAPI_sgd2mdnid(int sgd) +int EVP_MD_CTX_get_sgd(const EVP_MD_CTX *ctx, ULONG *ulAlgId) { + return EVP_MD_get_sgd(EVP_MD_CTX_md(ctx), ulAlgId); +} + +static GMAPI_ALGOR_ITEM gmapi_pkeys[] = { + {NID_rsa, SGD_RSA_SIGN}, + {NID_rsaEncryption, SGD_RSA_ENC}, + {NID_sm2sign, SGD_SM2_1}, + {NID_sm2exchange, SGD_SM2_2}, + {NID_sm2encrypt, SGD_SM2_3} +}; + +int EVP_PKEY_get_sgd(const EVP_PKEY *pkey, ULONG *ulAlgId) +{ + size_t i; + + if (!pkey || !ulAlgId) { + GMAPIerr(GMAPI_F_EVP_PKEY_GET_SGD, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + for (i = 0; i < OSSL_NELEM(gmapi_pkeys); i++) { + if (gmapi_pkeys[i].nid == EVP_PKEY_base_id(pkey)) { + *ulAlgId = gmapi_pkeys[i].ulAlgId; + return 1; + } + } + + GMAPIerr(GMAPI_F_EVP_PKEY_GET_SGD, GMAPI_R_NOT_SUPPORTED_PKEY); return 0; } - -int EVP_MD_sgd(const EVP_MD *md) +int EVP_PKEY_CTX_get_sgd(const EVP_PKEY_CTX *ctx, ULONG *ulAlgId) { - return 0; -} - -int EVP_CIPHER_sgd(const EVP_CIPHER *cipher) -{ - return 0; + return EVP_PKEY_get_sgd(EVP_PKEY_CTX_get0_pkey((EVP_PKEY_CTX *)ctx), ulAlgId); } diff --git a/crypto/gmapi/gmapi_skf_ec.c b/crypto/gmapi/gmapi_skf_ec.c index 03009a19..32fcb0d3 100644 --- a/crypto/gmapi/gmapi_skf_ec.c +++ b/crypto/gmapi/gmapi_skf_ec.c @@ -48,12 +48,16 @@ */ #include -#include -#include -#include -#include -#include "../ec/ec_lcl.h" -#include "../sm2/sm2_lcl.h" +#include "internal/cryptlib.h" + +#if !defined(OPENSSL_NO_SKF) && !defined(OPENSSL_NO_EC) +# include +# include +# include +# include +# include "../ec/ec_lcl.h" +# include "../sm2/sm2_lcl.h" +# include "../ecies/ecies_lcl.h" EC_KEY *EC_KEY_new_from_ECCPUBLICKEYBLOB(const ECCPUBLICKEYBLOB *blob) { @@ -85,11 +89,11 @@ int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob) return 0; } - if (!(x = BN_bin2bn(blob->XCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8, NULL))) { + if (!(x = BN_bin2bn(blob->XCoordinate, sizeof(blob->XCoordinate), NULL))) { GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB); goto end; } - if (!(y = BN_bin2bn(blob->YCoordinate, ECC_MAX_YCOORDINATE_BITS_LEN/8, NULL))) { + if (!(y = BN_bin2bn(blob->YCoordinate, sizeof(blob->YCoordinate), NULL))) { GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB); goto end; } @@ -141,11 +145,11 @@ int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob) memset(blob, 0, sizeof(*blob)); blob->BitLen = EC_GROUP_get_degree(group); - if (!BN_bn2bin(x, blob->XCoordinate + (ECC_MAX_XCOORDINATE_BITS_LEN+7)/8 - BN_num_bytes(x))) { + if (!BN_bn2bin(x, blob->XCoordinate + sizeof(blob->XCoordinate) - BN_num_bytes(x))) { GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB); goto end; } - if (!BN_bn2bin(y, blob->YCoordinate + (ECC_MAX_YCOORDINATE_BITS_LEN+7)/8 - BN_num_bytes(y))) { + if (!BN_bn2bin(y, blob->YCoordinate + sizeof(blob->YCoordinate) - BN_num_bytes(y))) { GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB); goto end; } @@ -187,7 +191,7 @@ int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob) goto end; } - if (!(d = BN_bin2bn(blob->PrivateKey, (ECC_MAX_MODULUS_BITS_LEN+7)/8, NULL))) { + if (!(d = BN_bin2bn(blob->PrivateKey, sizeof(blob->PrivateKey), NULL))) { GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB, ERR_R_BN_LIB); goto end; } @@ -221,7 +225,7 @@ int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob) blob->BitLen = EC_GROUP_get_degree(EC_KEY_get0_group(ec_key)); - if (!BN_bn2bin(d, blob->PrivateKey + (ECC_MAX_MODULUS_BITS_LEN+7)/8 - BN_num_bytes(d))) { + if (!BN_bn2bin(d, blob->PrivateKey + sizeof(blob->PrivateKey) - BN_num_bytes(d))) { GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, ERR_R_BN_LIB); return 0; } @@ -229,6 +233,7 @@ int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob) return 1; } +# ifndef OPENSSL_NO_SM2 SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCIPHERBLOB( const ECCCIPHERBLOB *blob) { @@ -259,19 +264,19 @@ int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv, return 0; } - if (!BN_bin2bn(blob->XCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8, + if (!BN_bin2bn(blob->XCoordinate, sizeof(blob->XCoordinate), cv->xCoordinate)) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB); goto end; } - if (!BN_bin2bn(blob->YCoordinate, ECC_MAX_YCOORDINATE_BITS_LEN/8, + if (!BN_bin2bn(blob->YCoordinate, sizeof(blob->YCoordinate), cv->yCoordinate)) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB); goto end; } - if (!ASN1_OCTET_STRING_set(cv->hash, blob->HASH, 32)) { + if (!ASN1_OCTET_STRING_set(cv->hash, blob->HASH, sizeof(blob->HASH))) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_ASN1_LIB); goto end; } @@ -283,7 +288,7 @@ int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv, goto end; } - ret = 0; + ret = 1; end: return ret; } @@ -291,8 +296,6 @@ end: int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, ECCCIPHERBLOB *blob) { - int ret = 0; - if (BN_num_bits(cv->xCoordinate) > ECC_MAX_XCOORDINATE_BITS_LEN || BN_num_bits(cv->yCoordinate) > ECC_MAX_YCOORDINATE_BITS_LEN) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, @@ -300,7 +303,7 @@ int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, return 0; } - if (ASN1_STRING_length(cv->hash) != 32) { + if (ASN1_STRING_length(cv->hash) != sizeof(blob->HASH)) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, GMAPI_R_INVALID_CIPHERTEXT_LENGTH); return 0; @@ -314,12 +317,12 @@ int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, } if (!BN_bn2bin(cv->xCoordinate, blob->XCoordinate + - ECC_MAX_XCOORDINATE_BITS_LEN/8 - BN_num_bytes(cv->xCoordinate))) { + sizeof(blob->XCoordinate) - BN_num_bytes(cv->xCoordinate))) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB); return 0; } if (!BN_bn2bin(cv->yCoordinate, blob->YCoordinate + - ECC_MAX_YCOORDINATE_BITS_LEN/8 - BN_num_bytes(cv->yCoordinate))) { + sizeof(blob->YCoordinate) - BN_num_bytes(cv->yCoordinate))) { GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB); return 0; } @@ -333,6 +336,7 @@ int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, return 1; } +# endif /* OPENSSL_NO_SM2 */ ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob) { @@ -356,12 +360,15 @@ ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob) int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob) { - if (!(sig->r = BN_bin2bn(blob->r, 64, sig->r))) { + OPENSSL_assert(sig->r); + OPENSSL_assert(sig->s); + + if (!(sig->r = BN_bin2bn(blob->r, sizeof(blob->r), sig->r))) { GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB, ERR_R_BN_LIB); return 0; } - if (!(sig->s = BN_bin2bn(blob->s, 64, sig->s))) { + if (!(sig->s = BN_bin2bn(blob->s, sizeof(blob->s), sig->s))) { GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB, ERR_R_BN_LIB); return 0; } @@ -371,20 +378,347 @@ int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob) int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob) { - if ((BN_num_bytes(sig->r) > 256/8) || (BN_num_bytes(sig->s) > 256/8)) { + if ((BN_num_bytes(sig->r) > sizeof(blob->r)) || (BN_num_bytes(sig->s) > sizeof(blob->s))) { GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, GMAPI_R_INVALID_BIGNUM_LENGTH); return 0; } - if (!BN_bn2bin(sig->r, blob->r + 256/8 - BN_num_bytes(sig->r))) { + if (!BN_bn2bin(sig->r, blob->r + sizeof(blob->r) - BN_num_bytes(sig->r))) { GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, ERR_R_BN_LIB); return 0; } - if (!BN_bn2bin(sig->s, blob->s + 256/8 - BN_num_bytes(sig->s))) { + if (!BN_bn2bin(sig->s, blob->s + sizeof(blob->s) - BN_num_bytes(sig->s))) { GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, ERR_R_BN_LIB); return 0; } return 1; } + +int ECCPRIVATEKEYBLOB_set_private_key(ECCPRIVATEKEYBLOB *blob, + const BIGNUM *priv_key) +{ + if (BN_num_bytes(priv_key) > 32) { + GMAPIerr(GMAPI_F_ECCPRIVATEKEYBLOB_SET_PRIVATE_KEY, + GMAPI_R_INVALID_SM2_PRIVATE_KEY); + return 0; + } + + blob->BitLen = 256; + memset(blob->PrivateKey, 0, sizeof(blob->PrivateKey)); + BN_bn2bin(priv_key, blob->PrivateKey + sizeof(blob->PrivateKey) + - BN_num_bytes(priv_key)); + return 1; +} + +# ifndef OPENSSL_NO_ECIES +ECIES_CIPHERTEXT_VALUE *ECIES_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob) +{ + ECIES_CIPHERTEXT_VALUE *ret = NULL; + + if (!(ret = ECIES_CIPHERTEXT_VALUE_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (!ECIES_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(ret, blob)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB, + ERR_R_GMAPI_LIB); + ECIES_CIPHERTEXT_VALUE_free(ret); + return NULL; + } + + return ret; +} + +int ECIES_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(ECIES_CIPHERTEXT_VALUE *cv, const ECCCIPHERBLOB *blob) +{ + int ret = 0; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + EC_GROUP *group = NULL; + EC_POINT *point = NULL; + BN_CTX *bn_ctx = NULL; + size_t len; + + if (!cv || !blob) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (!(x = BN_bin2bn(blob->XCoordinate, sizeof(blob->XCoordinate), NULL))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB); + goto end; + } + if (!(y = BN_bin2bn(blob->YCoordinate, sizeof(blob->YCoordinate), NULL))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB); + goto end; + } + if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!(point = EC_POINT_new(group))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(bn_ctx = BN_CTX_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + + if (!(len = EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, bn_ctx))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!ASN1_OCTET_STRING_set(cv->ephem_point, NULL, (int)len)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED, cv->ephem_point->data, len, bn_ctx) != len) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!ASN1_OCTET_STRING_set(cv->ciphertext, blob->Cipher, blob->CipherLen)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!ASN1_OCTET_STRING_set(cv->mactag, blob->HASH, sizeof(blob->HASH))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + + ret = 1; + +end: + BN_free(x); + BN_free(y); + EC_GROUP_free(group); + EC_POINT_free(point); + BN_CTX_free(bn_ctx); + return ret; +} + +int ECIES_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const ECIES_CIPHERTEXT_VALUE *cv, ECCCIPHERBLOB *blob) +{ + int ret = 0; + EC_GROUP *group = NULL; + EC_POINT *point = NULL; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + BN_CTX *bn_ctx = NULL; + + if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!(point = EC_POINT_new(group))) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!(x = BN_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(y = BN_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(bn_ctx = BN_CTX_new())) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!EC_POINT_oct2point(group, point, ASN1_STRING_get0_data(cv->ephem_point), ASN1_STRING_length(cv->ephem_point), bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, bn_ctx)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB); + goto end; + } + + if (BN_num_bytes(x) > sizeof(blob->XCoordinate)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, GMAPI_R_INVALID_SKF_EC_CIPHERTEXT); + goto end; + } + BN_bn2bin(x, blob->XCoordinate + sizeof(blob->XCoordinate) - BN_num_bytes(x)); + + if (BN_num_bytes(y) > sizeof(blob->YCoordinate)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, GMAPI_R_INVALID_SKF_EC_CIPHERTEXT); + goto end; + } + BN_bn2bin(y, blob->YCoordinate + sizeof(blob->YCoordinate) - BN_num_bytes(y)); + + if (ASN1_STRING_length(cv->mactag) != sizeof(blob->HASH)) { + GMAPIerr(GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, GMAPI_R_INVALID_SKF_EC_CIPHERTEXT); + goto end; + } + memcpy(blob->HASH, ASN1_STRING_get0_data(cv->mactag), ASN1_STRING_length(cv->mactag)); + + //FIXME: check input ? + blob->CipherLen = ASN1_STRING_length(cv->ciphertext); + memcpy(blob->Cipher, ASN1_STRING_get0_data(cv->ciphertext), + ASN1_STRING_length(cv->ciphertext)); + + +end: + EC_GROUP_free(group); + EC_POINT_free(point); + BN_free(x); + BN_free(y); + BN_CTX_free(bn_ctx); + return ret; +} +# endif /* OPENSSL_NO_ECIES */ + +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB(ECCCIPHERBLOB **a, const unsigned char **pp, long length) +{ + ECCCIPHERBLOB *ret = NULL; + ECCCIPHERBLOB *blob = NULL; + SM2CiphertextValue *cv = NULL; + + if (!(cv = d2i_SM2CiphertextValue(NULL, pp, length))) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHERBLOB, ERR_R_SM2_LIB); + goto end; + } + + if (!(blob = OPENSSL_malloc(sizeof(ECCCIPHERBLOB) - 1 + ASN1_STRING_length(cv->ciphertext)))) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHERBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + blob->CipherLen = ASN1_STRING_length(cv->ciphertext); + + if (!SM2CiphertextValue_get_ECCCIPHERBLOB(cv, blob)) { + GMAPIerr(GMAPI_F_D2I_ECCCIPHERBLOB, ERR_R_GMAPI_LIB); + goto end; + } + + ret = blob; + blob = NULL; + +end: + OPENSSL_free(blob); + SM2CiphertextValue_free(cv); + return ret; +} + +int i2d_ECCCIPHERBLOB(ECCCIPHERBLOB *a, unsigned char **pp) +{ + int ret; + SM2CiphertextValue *cv = NULL; + + if (!(cv = SM2CiphertextValue_new_from_ECCCIPHERBLOB(a))) { + GMAPIerr(GMAPI_F_I2D_ECCCIPHERBLOB, GMAPI_R_INVALID_SKF_CIPHERTEXT); + return 0; + } + + if ((ret = i2d_SM2CiphertextValue(cv, pp)) <= 0) { + } + + SM2CiphertextValue_free(cv); + return ret; +} + +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB_bio(BIO *bp, ECCCIPHERBLOB **a) +{ + GMAPIerr(GMAPI_F_D2I_ECCCIPHERBLOB_BIO, GMAPI_R_NOT_IMPLEMENTED); + return NULL; +} + +int i2d_ECCCIPHERBLOB_bio(BIO *bp, ECCCIPHERBLOB *a) +{ + GMAPIerr(GMAPI_F_I2D_ECCCIPHERBLOB_BIO, GMAPI_R_NOT_IMPLEMENTED); + return 0; +} + +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB(ECCSIGNATUREBLOB **a, const unsigned char **pp, long length) +{ + ECCSIGNATUREBLOB *ret = NULL; + ECCSIGNATUREBLOB *blob = NULL; + ECDSA_SIG *sig = NULL; + + if (!(sig = d2i_ECDSA_SIG(NULL, pp, length))) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATUREBLOB, ERR_R_EC_LIB); + goto end; + } + + if (!(blob = OPENSSL_malloc(sizeof(ECCSIGNATUREBLOB)))) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATUREBLOB, ERR_R_MALLOC_FAILURE); + goto end; + } + + if (!ECDSA_SIG_get_ECCSIGNATUREBLOB(sig, blob)) { + GMAPIerr(GMAPI_F_D2I_ECCSIGNATUREBLOB, ERR_R_GMAPI_LIB); + goto end; + } + + ret = blob; + blob = NULL; + +end: + OPENSSL_free(blob); + ECDSA_SIG_free(sig); + return ret; +} + +int i2d_ECCSIGNATUREBLOB(ECCSIGNATUREBLOB *a, unsigned char **pp) +{ + int ret; + ECDSA_SIG *sig = NULL; + + if (!(sig = ECDSA_SIG_new_from_ECCSIGNATUREBLOB(a))) { + GMAPIerr(GMAPI_F_I2D_ECCSIGNATUREBLOB, ERR_R_GMAPI_LIB); + return 0; + } + + ret = i2d_ECDSA_SIG(sig, pp); + ECDSA_SIG_free(sig); + return ret; +} + +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB_bio(BIO *bp, ECCSIGNATUREBLOB **a) +{ + GMAPIerr(GMAPI_F_D2I_ECCSIGNATUREBLOB_BIO, GMAPI_R_NOT_IMPLEMENTED); + return NULL; +} + +int i2d_ECCSIGNATUREBLOB_bio(BIO *fp, ECCSIGNATUREBLOB *a) +{ + GMAPIerr(GMAPI_F_I2D_ECCSIGNATUREBLOB_BIO, GMAPI_R_NOT_IMPLEMENTED); + return 0; +} + +# ifndef OPENSSL_NO_STDIO +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB_fp(FILE *fp, ECCCIPHERBLOB **a) +{ + GMAPIerr(GMAPI_F_D2I_ECCCIPHERBLOB_FP, GMAPI_R_NOT_IMPLEMENTED); + return NULL; +} + +int i2d_ECCCIPHERBLOB_fp(FILE *fp, ECCCIPHERBLOB *a) +{ + GMAPIerr(GMAPI_F_I2D_ECCCIPHERBLOB_FP, GMAPI_R_NOT_IMPLEMENTED); + return 0; +} + +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB_fp(FILE *fp, ECCSIGNATUREBLOB **a) +{ + GMAPIerr(GMAPI_F_D2I_ECCSIGNATUREBLOB_FP, GMAPI_R_NOT_IMPLEMENTED); + return NULL; +} + +int i2d_ECCSIGNATUREBLOB_fp(FILE *fp, ECCSIGNATUREBLOB *a) +{ + GMAPIerr(GMAPI_F_I2D_ECCSIGNATUREBLOB_FP, GMAPI_R_NOT_IMPLEMENTED); + return 0; +} +# endif /* OPENSSL_NO_STDIO */ +#endif diff --git a/crypto/gmapi/gmapi_skf_rsa.c b/crypto/gmapi/gmapi_skf_rsa.c index ee7ca6ee..2532663d 100644 --- a/crypto/gmapi/gmapi_skf_rsa.c +++ b/crypto/gmapi/gmapi_skf_rsa.c @@ -1,214 +1,402 @@ -/* ==================================================================== - * Copyright (c) 2015-2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include -#include -#include -#include "../rsa/rsa_locl.h" - -/* Wrapper functions */ - -RSA *RSA_new_from_RSAPUBLICKEYBLOB(const RSAPUBLICKEYBLOB *blob) -{ - RSA *ret; - if (!(ret = RSA_new())) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, ERR_R_RSA_LIB); - return NULL; - } - if (!RSA_set_RSAPUBLICKEYBLOB(ret, blob)) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - RSA_free(ret); - return NULL; - } - return ret; -} - -RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob) -{ - RSA *ret; - if (!(ret = RSA_new())) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, ERR_R_RSA_LIB); - return NULL; - } - if (!RSA_set_RSAPRIVATEKEYBLOB(ret, blob)) { - GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - RSA_free(ret); - return NULL; - } - return ret; -} - -int RSA_set_RSAPUBLICKEYBLOB(RSA *rsa, const RSAPUBLICKEYBLOB *blob) -{ - if (!rsa || !blob) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((blob->BitLen < 1024) || (blob->BitLen > MAX_RSA_MODULUS_LEN*8) || - (blob->BitLen / 8 != 0)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_KEY_LENGTH); - return 0; - } - if (!(rsa->n = BN_bin2bn(blob->Modulus, blob->BitLen/8, rsa->n))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - if (!(rsa->e = BN_bin2bn(blob->PublicExponent, MAX_RSA_EXPONENT_LEN, - rsa->e))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - if (!RSA_check_key(rsa)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - return 1; -} - -int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob) -{ - int nbytes; - if (!rsa || !blob) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (!rsa->n || !rsa->e) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, - GMAPI_R_INVALID_RSA_PUBLIC_KEY); - return 0; - } - nbytes = BN_num_bytes(rsa->n); - if (!BN_bn2bin(rsa->n, blob->Modulus) || !BN_bn2bin(rsa->e, - blob->PublicExponent + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e))) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, - GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); - return 0; - } - return 1; -} - -int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob) -{ - int nbytes; - if (!rsa || !blob) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (blob->AlgID != SGD_RSA) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, - GMAPI_R_INVALID_ALGOR); - return 0; - } - if ((blob->BitLen < 1024) || (blob->BitLen > MAX_RSA_MODULUS_LEN*8) || - (blob->BitLen % 8 != 0) || (blob->BitLen % 16 != 0)) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, - GMAPI_R_INVALID_KEY_LENGTH); - return 0; - } - nbytes = blob->BitLen/8; - if (!(rsa->n = BN_bin2bn(blob->Modulus, nbytes, rsa->n)) || - !(rsa->e = BN_bin2bn(blob->PublicExponent, MAX_RSA_EXPONENT_LEN, rsa->e)) || - !(rsa->d = BN_bin2bn(blob->PrivateExponent, nbytes, rsa->d)) || - !(rsa->p = BN_bin2bn(blob->Prime1, nbytes/2, rsa->p)) || - !(rsa->q = BN_bin2bn(blob->Prime2, nbytes/2, rsa->q)) || - !(rsa->dmp1 = BN_bin2bn(blob->Prime1Exponent, nbytes/2, rsa->dmp1)) || - !(rsa->dmq1 = BN_bin2bn(blob->Prime2Exponent, nbytes/2, rsa->dmq1)) || - !(rsa->iqmp = BN_bin2bn(blob->Coefficient, nbytes/2, rsa->iqmp))) { - GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - return 1; -} - -int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob) -{ - int nbytes; - if (!rsa || !blob) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q || - !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, - GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - - memset(blob, 0, sizeof(*blob)); - blob->AlgID = SGD_RSA; - blob->BitLen = BN_num_bits(rsa->n); - - nbytes = BN_num_bytes(rsa->n); - if (!BN_bn2bin(rsa->n, blob->Modulus) || - !BN_bn2bin(rsa->e, blob->PublicExponent + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e)) || - !BN_bn2bin(rsa->d, blob->PrivateExponent + nbytes - BN_num_bytes(rsa->d)) || - !BN_bn2bin(rsa->p, blob->Prime1 + nbytes/2 - BN_num_bytes(rsa->p)) || - !BN_bn2bin(rsa->q, blob->Prime2 + nbytes/2 - BN_num_bytes(rsa->q)) || - !BN_bn2bin(rsa->dmp1, blob->Prime1Exponent + nbytes/2 - BN_num_bytes(rsa->dmp1)) || - !BN_bn2bin(rsa->dmq1, blob->Prime2Exponent + nbytes/2 - BN_num_bytes(rsa->dmq1)) || - !BN_bn2bin(rsa->iqmp, blob->Coefficient + nbytes/2 - BN_num_bytes(rsa->iqmp))) { - GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY); - return 0; - } - - return 1; -} - +/* ==================================================================== + * Copyright (c) 2015-2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include +#include "internal/cryptlib.h" + +#if !defined(OPENSSL_NO_SKF) && !defined(OPENSSL_NO_RSA) +# include +# include +# include +# include + +/* Wrapper functions */ + +RSA *RSA_new_from_RSAPUBLICKEYBLOB(const RSAPUBLICKEYBLOB *blob) +{ + RSA *ret = NULL; + RSA *rsa = NULL; + + if (!blob) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + + if (!(rsa = RSA_new())) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (!RSA_set_RSAPUBLICKEYBLOB(rsa, blob)) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + + ret = rsa; + rsa = NULL; + +end: + RSA_free(rsa); + return ret; +} + +int RSA_set_RSAPUBLICKEYBLOB(RSA *rsa, const RSAPUBLICKEYBLOB *blob) +{ + int ret = 0; + BIGNUM *n = NULL; + BIGNUM *e = NULL; + + if (!rsa || !blob) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if ((blob->BitLen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS) + || (blob->BitLen > sizeof(blob->Modulus) * 8) + || (blob->BitLen % 8 != 0)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_KEY_LENGTH); + return 0; + } + + if (!(n = BN_bin2bn(blob->Modulus, sizeof(blob->Modulus), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + + if (!(e = BN_bin2bn(blob->PublicExponent, + sizeof(blob->PublicExponent), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + + if (!RSA_set0_key(rsa, n, e, NULL)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + goto end; + } + n = NULL; + e = NULL; + + ret = 1; + +end: + BN_free(n); + BN_free(e); + return ret; +} + +int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob) +{ + const BIGNUM *n; + const BIGNUM *e; + + if (!rsa || !blob) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + RSA_get0_key(rsa, &n, &e, NULL); + + if (!n || !e) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + return 0; + } + + if (RSA_bits(rsa) > sizeof(blob->Modulus) * 8 + || RSA_bits(rsa) % 8 != 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, + GMAPI_R_INVALID_RSA_PUBLIC_KEY); + return 0; + } + + memset(blob, 0, sizeof(RSAPUBLICKEYBLOB)); + blob->AlgID = SGD_RSA; + blob->BitLen = RSA_bits(rsa); + + if (BN_bn2bin(n, blob->Modulus + + sizeof(blob->Modulus) - BN_num_bytes(n)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, + GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); + return 0; + } + + if (BN_bn2bin(e, blob->PublicExponent + + sizeof(blob->PublicExponent) - BN_num_bytes(e)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB, + GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED); + return 0; + } + + return 1; +} + +RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob) +{ + RSA *ret = NULL; + RSA *rsa = NULL; + + if (!blob) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + + if (!(rsa = RSA_new())) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (!RSA_set_RSAPRIVATEKEYBLOB(rsa, blob)) { + GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + + ret = rsa; + rsa = NULL; + +end: + RSA_free(rsa); + return ret; +} + +int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob) +{ + int ret = 0; + BIGNUM *n = NULL; + BIGNUM *e = NULL; + BIGNUM *d = NULL; + BIGNUM *p = NULL; + BIGNUM *q = NULL; + BIGNUM *dmp1 = NULL; + BIGNUM *dmq1 = NULL; + BIGNUM *iqmp = NULL; + + if (!rsa || !blob) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (blob->AlgID != SGD_RSA) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_ALGOR); + return 0; + } + + if (blob->BitLen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS + || blob->BitLen > sizeof(blob->Modulus) * 8 + || blob->BitLen % 8 != 0 + || blob->BitLen % 16 != 0) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (!(n = BN_bin2bn(blob->Modulus, sizeof(blob->Modulus), NULL)) + || !(e = BN_bin2bn(blob->PublicExponent, sizeof(blob->PublicExponent), NULL)) + || !(d = BN_bin2bn(blob->PrivateExponent, sizeof(blob->PrivateExponent), NULL)) + || !(p = BN_bin2bn(blob->Prime1, sizeof(blob->Prime1), NULL)) + || !(q = BN_bin2bn(blob->Prime2, sizeof(blob->Prime2), NULL)) + || !(dmp1 = BN_bin2bn(blob->Prime1Exponent, sizeof(blob->Prime1Exponent), NULL)) + || !(dmq1 = BN_bin2bn(blob->Prime2Exponent, sizeof(blob->Prime2Exponent), NULL)) + || !(iqmp = BN_bin2bn(blob->Coefficient, sizeof(blob->Coefficient), NULL))) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, ERR_R_BN_LIB); + goto end; + } + + if (!RSA_set0_key(rsa, n, e, d)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + n = NULL; + e = NULL; + d = NULL; + + if (!RSA_set0_factors(rsa, p, q)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + p = NULL; + q = NULL; + + if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) { + GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + goto end; + } + dmp1 = NULL; + dmq1 = NULL; + iqmp = NULL; + + ret = 1; + +end: + BN_free(n); + BN_free(e); + BN_free(d); + BN_free(p); + BN_free(q); + BN_free(dmp1); + BN_free(dmq1); + BN_free(iqmp); + return ret; +} + +int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob) +{ + const BIGNUM *n; + const BIGNUM *e; + const BIGNUM *d; + const BIGNUM *p; + const BIGNUM *q; + const BIGNUM *dmp1; + const BIGNUM *dmq1; + const BIGNUM *iqmp; + + if (!rsa || !blob) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (RSA_bits(rsa) > sizeof(blob->Modulus) * 8 + || RSA_bits(rsa) % 8 != 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + RSA_get0_key(rsa, &n, &e, &d); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + + if (!n || !e || !d) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + memset(blob, 0, sizeof(RSAPRIVATEKEYBLOB)); + + blob->AlgID = SGD_RSA; + blob->BitLen = RSA_bits(rsa); + + if (BN_bn2bin(n, blob->Modulus + + sizeof(blob->Modulus) - BN_num_bytes(n)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (BN_bn2bin(e, blob->PublicExponent + + sizeof(blob->PublicExponent) - BN_num_bytes(e)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (BN_bn2bin(d, blob->PrivateExponent + + sizeof(blob->PrivateExponent) - BN_num_bytes(d)) <= 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (p && BN_bn2bin(p, blob->Prime1 + + sizeof(blob->Prime1) - BN_num_bytes(p)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (q && BN_bn2bin(q, blob->Prime2 + + sizeof(blob->Prime2) - BN_num_bytes(q)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (dmp1 && BN_bn2bin(dmp1, blob->Prime1Exponent + + sizeof(blob->Prime1Exponent) - BN_num_bytes(dmp1)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (dmq1 && BN_bn2bin(dmq1, blob->Prime2Exponent + + sizeof(blob->Prime2Exponent) - BN_num_bytes(dmq1)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + if (iqmp && BN_bn2bin(iqmp, blob->Coefficient + + sizeof(blob->Coefficient) - BN_num_bytes(iqmp)) < 0) { + GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, + GMAPI_R_INVALID_RSA_PRIVATE_KEY); + return 0; + } + + return 1; +} +#endif diff --git a/crypto/include/internal/engine.h b/crypto/include/internal/engine.h index 977cf06d..53f88833 100644 --- a/crypto/include/internal/engine.h +++ b/crypto/include/internal/engine.h @@ -15,6 +15,7 @@ void engine_load_rdrand_int(void); void engine_load_dynamic_int(void); void engine_load_padlock_int(void); void engine_load_capi_int(void); +void engine_load_skf_int(void); void engine_load_dasync_int(void); void engine_load_afalg_int(void); void engine_cleanup_int(void); diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index 3d7d8b06..fd4c2695 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -27,10 +27,6 @@ struct evp_pkey_ctx_st { /* implementation specific keygen data */ int *keygen_info; int keygen_info_count; -#ifndef OPENSSL_NO_SM2 - unsigned char *pre_update; - size_t pre_update_len; -#endif } /* EVP_PKEY_CTX */ ; #define EVP_PKEY_FLAG_DYNAMIC 1 diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 2845026d..e54cca05 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -89,7 +89,7 @@ struct X509_crl_st { ASN1_INTEGER *base_crl_number; STACK_OF(GENERAL_NAMES) *issuers; /* hash of CRL */ - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + unsigned char sha1_hash[32 /*SHA_DIGEST_LENGTH*/]; /* alternative method to handle this CRL */ const X509_CRL_METHOD *meth; void *meth_data; @@ -163,7 +163,7 @@ struct x509_st { STACK_OF(IPAddressFamily) *rfc3779_addr; struct ASIdentifiers_st *rfc3779_asid; # endif - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + unsigned char sha1_hash[32 /*SHA_DIGEST_LENGTH*/]; X509_CERT_AUX *aux; CRYPTO_RWLOCK *lock; } /* X509 */ ; diff --git a/crypto/init.c b/crypto/init.c index c730e387..a5dc8379 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -294,6 +294,30 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_engine_capi) return 1; } # endif +# if !defined(OPENSSL_NO_SKF) && !defined(OPENSSL_NO_SKFENG) +static CRYPTO_ONCE engine_skf = CRYPTO_ONCE_STATIC_INIT; +DEFINE_RUN_ONCE_STATIC(ossl_init_engine_skf) +{ +# ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_skf: " + "engine_load_skf_int()\n"); +# endif + engine_load_skf_int(); + return 1; +} +# endif +# if !defined(OPENSSL_NO_SDF) && !defined(OPENSSL_NO_SDFENG) +static CRYPTO_ONCE engine_sdf = CRYPTO_ONCE_STATIC_INIT; +DEFINE_RUN_ONCE_STATIC(ossl_init_engine_sdf) +{ +# ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_sdf: " + "engine_load_sdf_int()\n"); +# endif + engine_load_sdf_int(); + return 1; +} +# endif # if !defined(OPENSSL_NO_AFALGENG) static CRYPTO_ONCE engine_afalg = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(ossl_init_engine_afalg) @@ -585,6 +609,16 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) && !RUN_ONCE(&engine_capi, ossl_init_engine_capi)) return 0; # endif +# if !defined(OPENSSL_NO_SKF) && !defined(OPENSSL_NO_SKFENG) + if ((opts & OPENSSL_INIT_ENGINE_SKF) + && !RUN_ONCE(&engine_skf, ossl_init_engine_skf)) + return 0; +# endif +# if !defined(OPENSSL_NO_SDF) && !defined(OPENSSL_NO_SDFENG) + if ((opts & OPENSSL_INIT_ENGINE_SDF) + && !RUN_ONCE(&engine_sdf, ossl_init_engine_sdf)) + return 0; +# endif # if !defined(OPENSSL_NO_AFALGENG) if ((opts & OPENSSL_INIT_ENGINE_AFALG) && !RUN_ONCE(&engine_afalg, ossl_init_engine_afalg)) diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c index 00b95b5a..f851da7b 100644 --- a/crypto/kdf/hkdf.c +++ b/crypto/kdf/hkdf.c @@ -17,18 +17,18 @@ #define HKDF_MAXBUF 1024 -static unsigned char *HKDF(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF(const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *key, size_t key_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len); -static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF_Extract(const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *key, size_t key_len, unsigned char *prk, size_t *prk_len); -static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF_Expand(const EVP_MD *evp_md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len); @@ -199,7 +199,7 @@ const EVP_PKEY_METHOD hkdf_pkey_meth = { pkey_hkdf_ctrl_str }; -static unsigned char *HKDF(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF(const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *key, size_t key_len, const unsigned char *info, size_t info_len, @@ -214,7 +214,7 @@ static unsigned char *HKDF(const EVP_MD *evp_md, return HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len); } -static unsigned char *HKDF_Extract(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF_Extract(const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *key, size_t key_len, unsigned char *prk, size_t *prk_len) @@ -228,7 +228,7 @@ static unsigned char *HKDF_Extract(const EVP_MD *evp_md, return prk; } -static unsigned char *HKDF_Expand(const EVP_MD *evp_md, +/*static*/ unsigned char *HKDF_Expand(const EVP_MD *evp_md, const unsigned char *prk, size_t prk_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len) diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c index fa13732b..1266a66d 100644 --- a/crypto/kdf/tls1_prf.c +++ b/crypto/kdf/tls1_prf.c @@ -237,7 +237,7 @@ static int tls1_prf_alg(const EVP_MD *md, const unsigned char *seed, size_t seed_len, unsigned char *out, size_t olen) { - +#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) if (EVP_MD_type(md) == NID_md5_sha1) { size_t i; unsigned char *tmp; @@ -258,6 +258,7 @@ static int tls1_prf_alg(const EVP_MD *md, OPENSSL_clear_free(tmp, olen); return 1; } +#endif if (!tls1_prf_P_hash(md, sec, slen, seed, seed_len, out, olen)) return 0; diff --git a/crypto/kdf2/kdf_ibcs.c b/crypto/kdf2/kdf_ibcs.c index 5da18cf0..3c6d811f 100644 --- a/crypto/kdf2/kdf_ibcs.c +++ b/crypto/kdf2/kdf_ibcs.c @@ -99,7 +99,9 @@ static void *ibcs_##md##kdf(const void *in, size_t inlen, void *out, size_t *out return ibcs_kdf(EVP_##md(), in, inlen, out, outlen); \ } +#ifndef OPENSSL_NO_SM3 IMPLEMENT_IBCS_KDF(sm3) +#endif #ifndef OPENSSL_NO_MD5 IMPLEMENT_IBCS_KDF(md5) #endif @@ -107,11 +109,17 @@ IMPLEMENT_IBCS_KDF(md5) IMPLEMENT_IBCS_KDF(blake2b512) IMPLEMENT_IBCS_KDF(blake2s256) #endif +#ifndef OPENSSL_NO_SHA IMPLEMENT_IBCS_KDF(sha1) +# ifndef OPENSSL_NO_SHA256 IMPLEMENT_IBCS_KDF(sha224) IMPLEMENT_IBCS_KDF(sha256) +# endif +# ifndef OPENSSL_NO_SHA512 IMPLEMENT_IBCS_KDF(sha384) IMPLEMENT_IBCS_KDF(sha512) +# endif +#endif #ifndef OPENSSL_NO_MDC2 IMPLEMENT_IBCS_KDF(mdc2) #endif @@ -125,8 +133,10 @@ IMPLEMENT_IBCS_KDF(whirlpool) KDF_FUNC KDF_get_ibcs(const EVP_MD *md) { switch (EVP_MD_type(md)) { +#ifndef OPENSSL_NO_SM3 case NID_sm3: return ibcs_sm3kdf; +#endif #ifndef OPENSSL_NO_MD5 case NID_md5: return ibcs_md5kdf; @@ -137,16 +147,22 @@ KDF_FUNC KDF_get_ibcs(const EVP_MD *md) case NID_blake2s256: return ibcs_blake2s256kdf; #endif +#ifndef OPENSSL_NO_SHA case NID_sha1: return ibcs_sha1kdf; +# ifndef OPENSSL_NO_SHA256 case NID_sha224: return ibcs_sha224kdf; case NID_sha256: return ibcs_sha256kdf; +# endif +# ifndef OPENSSL_NO_SHA512 case NID_sha384: return ibcs_sha384kdf; case NID_sha512: return ibcs_sha512kdf; +# endif +#endif #ifndef OPENSSL_NO_MDC2 case NID_mdc2: return ibcs_mdc2kdf; diff --git a/crypto/kdf2/kdf_x9_63.c b/crypto/kdf2/kdf_x9_63.c index 8c60961a..2d92ffb6 100644 --- a/crypto/kdf2/kdf_x9_63.c +++ b/crypto/kdf2/kdf_x9_63.c @@ -49,7 +49,7 @@ #include #include -#include +#include #include #include #include @@ -120,11 +120,17 @@ IMPLEMENT_X963_KDF(md5) IMPLEMENT_X963_KDF(blake2b512) IMPLEMENT_X963_KDF(blake2s256) #endif +#ifndef OPENSSL_NO_SHA IMPLEMENT_X963_KDF(sha1) +# ifndef OPENSSL_NO_SHA256 IMPLEMENT_X963_KDF(sha224) IMPLEMENT_X963_KDF(sha256) +# endif +# ifndef OPENSSL_NO_SHA512 IMPLEMENT_X963_KDF(sha384) IMPLEMENT_X963_KDF(sha512) +# endif +#endif #ifndef OPENSSL_NO_MDC2 IMPLEMENT_X963_KDF(mdc2) #endif @@ -150,16 +156,22 @@ KDF_FUNC KDF_get_x9_63(const EVP_MD *md) case NID_blake2s256: return x963_blake2s256kdf; #endif +#ifndef OPENSSL_NO_SHA case NID_sha1: return x963_sha1kdf; +# ifndef OPENSSL_NO_SHA256 case NID_sha224: return x963_sha224kdf; case NID_sha256: return x963_sha256kdf; +# endif +# ifndef OPENSSL_NO_SHA512 case NID_sha384: return x963_sha384kdf; case NID_sha512: return x963_sha512kdf; +# endif +#endif #ifndef OPENSSL_NO_MDC2 case NID_mdc2: return x963_mdc2kdf; diff --git a/crypto/modes/modes_lcl.h b/crypto/modes/modes_lcl.h index 7a1603bf..31ab0641 100644 --- a/crypto/modes/modes_lcl.h +++ b/crypto/modes/modes_lcl.h @@ -6,6 +6,8 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +#ifndef HEADER_MODES_LCL_H +#define HEADER_MODES_LCL_H #include @@ -183,3 +185,5 @@ struct ocb128_context { OCB_BLOCK checksum; }; #endif /* OPENSSL_NO_OCB */ +#endif + diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 2d4b38d0..ce0b35d8 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7733] = { +static const unsigned char so[7761] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1084,9 +1084,12 @@ static const unsigned char so[7733] = { 0x2B,0x81,0x04,0x01,0x08,0x0F, /* [ 7714] OBJ_ecies_with_x9_63_sha512_aes256_cbc_cmac */ 0x2B,0x81,0x04,0x01,0x08,0x10, /* [ 7720] OBJ_ecies_with_x9_63_sha256_aes128_ctr_cmac */ 0x2B,0x81,0x04,0x01,0x08,0x11, /* [ 7726] OBJ_ecies_with_x9_63_sha512_aes256_ctr_cmac */ + 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x86,0x20,0x01, /* [ 7732] OBJ_zuc_128eea3 */ + 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x86,0x20,0x02, /* [ 7741] OBJ_zuc_128eia3 */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x64, /* [ 7750] OBJ_pbe_WithSM3AndSMS4_CBC */ }; -#define NUM_NID 1188 +#define NUM_NID 1196 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2276,9 +2279,17 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"ecies-with-x9-63-sha512-aes256-ctr-cmac", "ecies-with-x9-63-sha512-aes256-ctr-cmac", NID_ecies_with_x9_63_sha512_aes256_ctr_cmac, 6, &so[7726]}, {"KxSM2", "kx-sm2", NID_kx_sm2}, {"AuthSM2", "auth-sm2", NID_auth_sm2}, + {"KxSM9", "kx-sm9", NID_kx_sm9}, + {"AuthSM9", "auth-sm9", NID_auth_sm9}, + {"KxSM2DHE", "kx-sm2dhe", NID_kx_sm2dhe}, + {"KxSM2-PSK", "kx-sm2-psk", NID_kx_sm2_psk}, + {"KxSM9DHE", "kx-sm9dhe", NID_kx_sm9dhe}, + {"zuc-128eea3", "zuc-128eea3", NID_zuc_128eea3, 9, &so[7732]}, + {"zuc-128eia3", "zuc-128eia3", NID_zuc_128eia3, 9, &so[7741]}, + {"PBE-SM3-SMS4", "pbeWithSM3AndSMS4-CBC", NID_pbe_WithSM3AndSMS4_CBC, 10, &so[7750]}, }; -#define NUM_SN 1177 +#define NUM_SN 1185 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2321,6 +2332,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1048, /* "AuthPSK" */ 1046, /* "AuthRSA" */ 1187, /* "AuthSM2" */ + 1189, /* "AuthSM9" */ 1052, /* "AuthSRP" */ 91, /* "BF-CBC" */ 93, /* "BF-CFB" */ @@ -2424,6 +2436,10 @@ static const unsigned int sn_objs[NUM_SN] = { 1037, /* "KxRSA" */ 1042, /* "KxRSA_PSK" */ 1186, /* "KxSM2" */ + 1191, /* "KxSM2-PSK" */ + 1190, /* "KxSM2DHE" */ + 1188, /* "KxSM9" */ + 1192, /* "KxSM9DHE" */ 1044, /* "KxSRP" */ 15, /* "L" */ 856, /* "LocalKeySet" */ @@ -2458,6 +2474,7 @@ static const unsigned int sn_objs[NUM_SN] = { 68, /* "PBE-SHA1-RC2-64" */ 144, /* "PBE-SHA1-RC4-128" */ 145, /* "PBE-SHA1-RC4-40" */ + 1195, /* "PBE-SM3-SMS4" */ 161, /* "PBES2" */ 69, /* "PBKDF2" */ 162, /* "PBMAC1" */ @@ -3457,9 +3474,11 @@ static const unsigned int sn_objs[NUM_SN] = { 160, /* "x509Crl" */ 1065, /* "x9-63-kdf" */ 1069, /* "xor-in-ecies" */ + 1193, /* "zuc-128eea3" */ + 1194, /* "zuc-128eia3" */ }; -#define NUM_LN 1177 +#define NUM_LN 1185 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3698,6 +3717,7 @@ static const unsigned int ln_objs[NUM_LN] = { 1048, /* "auth-psk" */ 1046, /* "auth-rsa" */ 1187, /* "auth-sm2" */ + 1189, /* "auth-sm9" */ 1052, /* "auth-srp" */ 882, /* "authorityRevocationList" */ 1138, /* "bb1" */ @@ -4208,6 +4228,10 @@ static const unsigned int ln_objs[NUM_LN] = { 1037, /* "kx-rsa" */ 1042, /* "kx-rsa-psk" */ 1186, /* "kx-sm2" */ + 1191, /* "kx-sm2-psk" */ + 1190, /* "kx-sm2dhe" */ + 1188, /* "kx-sm9" */ + 1192, /* "kx-sm9dhe" */ 1044, /* "kx-srp" */ 477, /* "lastModifiedBy" */ 476, /* "lastModifiedTime" */ @@ -4264,6 +4288,7 @@ static const unsigned int ln_objs[NUM_LN] = { 145, /* "pbeWithSHA1And40BitRC4" */ 170, /* "pbeWithSHA1AndDES-CBC" */ 68, /* "pbeWithSHA1AndRC2-CBC" */ + 1195, /* "pbeWithSM3AndSMS4-CBC" */ 499, /* "personalSignature" */ 487, /* "personalTitle" */ 464, /* "photo" */ @@ -4638,9 +4663,11 @@ static const unsigned int ln_objs[NUM_LN] = { 1069, /* "xor-in-ecies" */ 125, /* "zlib compression" */ 1136, /* "zuc" */ + 1193, /* "zuc-128eea3" */ + 1194, /* "zuc-128eia3" */ }; -#define NUM_OBJ 1079 +#define NUM_OBJ 1082 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5379,6 +5406,8 @@ static const unsigned int obj_objs[NUM_OBJ] = { 1124, /* OBJ_sm9keyagreement 1 2 156 10197 1 302 2 */ 1125, /* OBJ_sm9encrypt 1 2 156 10197 1 302 3 */ 1127, /* OBJ_hmac_sm3 1 2 156 10197 1 401 2 */ + 1193, /* OBJ_zuc_128eea3 1 2 156 10197 1 800 1 */ + 1194, /* OBJ_zuc_128eia3 1 2 156 10197 1 800 2 */ 997, /* OBJ_id_tc26_gost_3410_2012_512_paramSetTest 1 2 643 7 1 2 1 2 0 */ 998, /* OBJ_id_tc26_gost_3410_2012_512_paramSetA 1 2 643 7 1 2 1 2 1 */ 999, /* OBJ_id_tc26_gost_3410_2012_512_paramSetB 1 2 643 7 1 2 1 2 2 */ @@ -5608,6 +5637,7 @@ static const unsigned int obj_objs[NUM_OBJ] = { 147, /* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */ 148, /* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */ 149, /* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */ + 1195, /* OBJ_pbe_WithSM3AndSMS4_CBC 1 2 840 113549 1 12 1 100 */ 171, /* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */ 134, /* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */ 135, /* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 21c49ad9..75af2a81 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1185,3 +1185,11 @@ ecies_with_x9_63_sha256_aes128_ctr_cmac 1184 ecies_with_x9_63_sha512_aes256_ctr_cmac 1185 kx_sm2 1186 auth_sm2 1187 +kx_sm9 1188 +auth_sm9 1189 +kx_sm2dhe 1190 +kx_sm2_psk 1191 +kx_sm9dhe 1192 +zuc_128eea3 1193 +zuc_128eia3 1194 +pbe_WithSM3AndSMS4_CBC 1195 diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index d09aa71f..840b5b5f 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -73,6 +73,7 @@ static const nid_triple sigoid_srt[] = { NID_id_GostR3410_2012_256}, {NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_GostR3411_2012_512, NID_id_GostR3410_2012_512}, + {NID_sm2sign_with_sm3, NID_sm3, NID_X9_62_id_ecPublicKey}, }; static const nid_triple *const sigoid_srt_xref[] = { @@ -115,4 +116,5 @@ static const nid_triple *const sigoid_srt_xref[] = { &sigoid_srt[28], &sigoid_srt[40], &sigoid_srt[41], + &sigoid_srt[42], }; diff --git a/crypto/objects/obj_xref.txt b/crypto/objects/obj_xref.txt index 981103b3..9a7e8be0 100644 --- a/crypto/objects/obj_xref.txt +++ b/crypto/objects/obj_xref.txt @@ -36,6 +36,7 @@ ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey ecdsa_with_Recommended undef X9_62_id_ecPublicKey ecdsa_with_Specified undef X9_62_id_ecPublicKey +sm2sign_with_sm3 sm3 X9_62_id_ecPublicKey dsa_with_SHA224 sha224 dsa dsa_with_SHA256 sha256 dsa diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index d79555e0..f238149b 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -353,6 +353,10 @@ pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC !Cname pbe-WithSHA1And40BitRC2-CBC pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC +# GmSSL Append +!Cname pbe-WithSM3AndSMS4-CBC +pkcs12-pbeids 100 : PBE-SM3-SMS4 : pbeWithSM3AndSMS4-CBC + !Alias pkcs12-Version1 pkcs12 10 !Alias pkcs12-BagIds pkcs12-Version1 1 pkcs12-BagIds 1 : : keyBag @@ -1477,6 +1481,10 @@ id-pkinit 5 : pkInitKDC : Signing KDC Response : KxSRP : kx-srp : KxGOST : kx-gost : KxSM2 : kx-sm2 + : KxSM2DHE : kx-sm2dhe + : KxSM2-PSK : kx-sm2-psk + : KxSM9 : kx-sm9 + : KxSM9DHE : kx-sm9dhe # NIDs for cipher authentication : AuthRSA : auth-rsa @@ -1488,6 +1496,7 @@ id-pkinit 5 : pkInitKDC : Signing KDC Response : AuthSRP : auth-srp : AuthNULL : auth-null : AuthSM2 : auth-sm2 + : AuthSM9 : auth-sm9 # GmSSL SECG ECIES OID secg-scheme 7 : ecies-recommendedParameters @@ -1624,6 +1633,8 @@ sm-scheme 522 : SM2Sign-with-Blake2s256 : sm2sign-with-blake2s256 # GmSSL ZUC OID sm-scheme 800 : ZUC : zuc +zuc 1 : zuc-128eea3 +zuc 2 : zuc-128eia3 # IBCS1 !Alias ibcs1 ISO-US 1 114334 1 diff --git a/crypto/otp/otp_lib.c b/crypto/otp/otp_lib.c index 715e642d..eaacf3f8 100644 --- a/crypto/otp/otp_lib.c +++ b/crypto/otp/otp_lib.c @@ -50,13 +50,13 @@ #include #include #include -#include #include #include #include #include #include #include +#include #include #include "../modes/modes_lcl.h" diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index 0e718131..cc5605b5 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -14,9 +14,15 @@ #include #include #include -#include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif +#ifndef OPENSSL_NO_DH +# include +#endif #ifndef OPENSSL_NO_RSA static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index dd493c85..93269f1e 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -14,8 +14,12 @@ #include #include #include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #ifndef OPENSSL_NO_STDIO STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 2792593c..6dabc0bd 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -19,7 +19,9 @@ #include #include #include "internal/asn1_int.h" -#include +#ifndef OPENSSL_NO_DES +# include +#endif #include #define MIN_LENGTH 4 @@ -350,7 +352,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, * The 'iv' is used as the iv and as a salt. It is NOT taken from * the BytesToKey function */ - if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL)) + if (!EVP_BytesToKey(enc, EVP_get_default_digest(), iv, kstr, klen, 1, key, NULL)) goto err; if (kstr == (unsigned char *)buf) @@ -423,7 +425,7 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, ebcdic2ascii(buf, buf, keylen); #endif - if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), + if (!EVP_BytesToKey(cipher->cipher, EVP_get_default_digest(), &(cipher->iv[0]), (unsigned char *)buf, keylen, 1, key, NULL)) return 0; diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 63086227..835dd986 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -16,7 +16,9 @@ #include #include #include -#include +#ifndef OPENSSL_NO_DH +# include +#endif #include "internal/asn1_int.h" #include "internal/evp_int.h" diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 10cf8dd5..f031a723 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -39,16 +39,39 @@ PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 * int i; unsigned char keyid[EVP_MAX_MD_SIZE]; unsigned int keyidlen = 0; + const EVP_MD *md; + +#ifndef OPENSSL_NO_SHA + md = EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +#else + PKCS12err(PKCS12_F_PKCS12_CREATE, PKCS12_R_NO_AVAIABLE_DIGEST); + return 0; +#endif /* Set defaults */ - if (!nid_cert) -#ifdef OPENSSL_NO_RC2 + if (!nid_cert) { +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DES) nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; -#else +#elif !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_RC2) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; +#elif !defined(OPENSSL_NO_SM3) && !defined(OPENSSL_NO_SMS4) + nid_cert = NID_pbe_WithSM3AndSMS4_CBC; +#else + PKCS12err(PKCS12_F_PKCS12_CREATE, PKCS12_R_NO_AVAIABLE_CIPHER); + return 0; #endif - if (!nid_key) +} + + if (!nid_key) { +#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DES) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; +#elif !defined(OPENSSL_NO_SM3) && !defined(OPENSSL_NO_SMS4) + nid_key = NID_pbe_WithSM3AndSMS4_CBC; +#endif + } + if (!iter) iter = PKCS12_DEFAULT_ITER; if (!mac_iter) @@ -62,7 +85,7 @@ PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 * if (pkey && cert) { if (!X509_check_private_key(cert, pkey)) return NULL; - X509_digest(cert, EVP_sha1(), keyid, &keyidlen); + X509_digest(cert, md, keyid, &keyidlen); } if (cert) { diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index d6b89192..fe54261c 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -176,8 +176,16 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned int maclen; ASN1_OCTET_STRING *macoct; - if (!md_type) + if (!md_type) { +#ifndef OPENSSL_NO_SHA md_type = EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + md_type = EVP_sm3(); +#else + PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_NO_AVAIABLE_DIGEST); + return 0; +#endif + } if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) { PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR); return 0; diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c index f705084a..ec6b4d05 100644 --- a/crypto/pkcs12/pk12err.c +++ b/crypto/pkcs12/pk12err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -68,6 +68,8 @@ static ERR_STRING_DATA PKCS12_str_reasons[] = { {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"}, {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"}, {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"}, + {ERR_REASON(PKCS12_R_NO_AVAIABLE_CIPHER), "no avaiable cipher"}, + {ERR_REASON(PKCS12_R_NO_AVAIABLE_DIGEST), "no avaiable digest"}, {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"}, {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR), "pkcs12 algor cipherinit error"}, diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index 85ce4e6f..7739e541 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -397,10 +397,10 @@ static int rand_bytes(unsigned char *buf, int num, int pseudo) int n = STATE_SIZE; /* so that the complete pool gets accessed */ while (n > 0) { -#if MD_DIGEST_LENGTH > 20 +#if MD_DIGEST_LENGTH > 32 # error "Please adjust DUMMY_SEED." #endif -#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ +#define DUMMY_SEED "................................" /* at least MD_DIGEST_LENGTH */ /* * Note that the seed does not matter, it's just that * rand_add expects to have something to hash. diff --git a/crypto/rand/rand_extra/deterministic.c b/crypto/rand/rand_extra/deterministic.c new file mode 100644 index 00000000..5d3a9ce4 --- /dev/null +++ b/crypto/rand/rand_extra/deterministic.c @@ -0,0 +1,48 @@ +/* Copyright (c) 2016, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE) + +#include + +#include + +#include "../internal.h" +#include "../fipsmodule/rand/internal.h" + + +/* g_num_calls is the number of calls to |CRYPTO_sysrand| that have occurred. + * + * This is intentionally not thread-safe. If the fuzzer mode is ever used in a + * multi-threaded program, replace this with a thread-local. (A mutex would not + * be deterministic.) */ +static uint64_t g_num_calls = 0; + +void RAND_reset_for_fuzzing(void) { g_num_calls = 0; } + +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + static const uint8_t kZeroKey[32]; + + uint8_t nonce[12]; + OPENSSL_memset(nonce, 0, sizeof(nonce)); + OPENSSL_memcpy(nonce, &g_num_calls, sizeof(g_num_calls)); + + OPENSSL_memset(out, 0, requested); + CRYPTO_chacha_20(out, out, requested, kZeroKey, nonce, 0); + g_num_calls++; +} + +#endif /* BORINGSSL_UNSAFE_DETERMINISTIC_MODE */ diff --git a/crypto/rand/rand_extra/forkunsafe.c b/crypto/rand/rand_extra/forkunsafe.c new file mode 100644 index 00000000..1a3977f8 --- /dev/null +++ b/crypto/rand/rand_extra/forkunsafe.c @@ -0,0 +1,44 @@ +/* Copyright (c) 2017, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#include + +#include "../fipsmodule/rand/internal.h" + + +/* g_buffering_enabled is true if fork-unsafe buffering has been enabled. */ +static int g_buffering_enabled = 0; + +/* g_lock protects |g_buffering_enabled|. */ +static struct CRYPTO_STATIC_MUTEX g_lock = CRYPTO_STATIC_MUTEX_INIT; + +void RAND_enable_fork_unsafe_buffering(int fd) { + /* We no longer support setting the file-descriptor with this function. */ + if (fd != -1) { + abort(); + } + + CRYPTO_STATIC_MUTEX_lock_write(&g_lock); + g_buffering_enabled = 1; + CRYPTO_STATIC_MUTEX_unlock_write(&g_lock); +} + +int rand_fork_unsafe_buffering_enabled(void) { + CRYPTO_STATIC_MUTEX_lock_read(&g_lock); + const int ret = g_buffering_enabled; + CRYPTO_STATIC_MUTEX_unlock_read(&g_lock); + return ret; +} diff --git a/crypto/rand/rand_extra/fuchsia.c b/crypto/rand/rand_extra/fuchsia.c new file mode 100644 index 00000000..fae29894 --- /dev/null +++ b/crypto/rand/rand_extra/fuchsia.c @@ -0,0 +1,43 @@ +/* Copyright (c) 2017, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#if defined(OPENSSL_FUCHSIA) && !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE) + +#include +#include + +#include + +#include "../fipsmodule/rand/internal.h" + +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + while (requested > 0) { + size_t output_bytes_this_pass = MX_CPRNG_DRAW_MAX_LEN; + if (requested < output_bytes_this_pass) { + output_bytes_this_pass = requested; + } + size_t bytes_drawn; + mx_status_t status = + mx_cprng_draw(out, output_bytes_this_pass, &bytes_drawn); + if (status != NO_ERROR) { + abort(); + } + requested -= bytes_drawn; + out += bytes_drawn; + } +} + +#endif /* OPENSSL_FUCHSIA && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE */ diff --git a/crypto/rand/rand_extra/windows.c b/crypto/rand/rand_extra/windows.c new file mode 100644 index 00000000..fb948472 --- /dev/null +++ b/crypto/rand/rand_extra/windows.c @@ -0,0 +1,53 @@ +/* Copyright (c) 2014, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include + +#if defined(OPENSSL_WINDOWS) && !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE) + +#include +#include + +OPENSSL_MSVC_PRAGMA(warning(push, 3)) + +#include + +/* #define needed to link in RtlGenRandom(), a.k.a. SystemFunction036. See the + * "Community Additions" comment on MSDN here: + * http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx */ +#define SystemFunction036 NTAPI SystemFunction036 +#include +#undef SystemFunction036 + +OPENSSL_MSVC_PRAGMA(warning(pop)) + +#include "../fipsmodule/rand/internal.h" + + +void CRYPTO_sysrand(uint8_t *out, size_t requested) { + while (requested > 0) { + ULONG output_bytes_this_pass = ULONG_MAX; + if (requested < output_bytes_this_pass) { + output_bytes_this_pass = (ULONG)requested; + } + if (RtlGenRandom(out, output_bytes_this_pass) == FALSE) { + abort(); + } + requested -= output_bytes_this_pass; + out += output_bytes_this_pass; + } + return; +} + +#endif /* OPENSSL_WINDOWS && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE */ diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h index d98c90e2..f97a9de9 100644 --- a/crypto/rand/rand_lcl.h +++ b/crypto/rand/rand_lcl.h @@ -13,13 +13,18 @@ # define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ # if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -# define USE_SHA1_RAND +# define USE_SM3_RAND # endif # include # define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) # define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL) -# if defined(USE_MD5_RAND) +# if defined(USE_SM3_RAND) +# include +# define MD_DIGEST_LENGTH SM3_DIGEST_LENGTH +# define MD_Init(a) EVP_DigestInit_ex(a,EVP_sm3(), NULL) +# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sm3(), NULL) +# elif defined(USE_MD5_RAND) # include # define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH # define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL) diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index bf54095b..1002b2af 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -22,7 +22,9 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "check_padding_md"}, {ERR_FUNC(RSA_F_ENCODE_PKCS1), "encode_pkcs1"}, {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "int_rsa_verify"}, + {ERR_FUNC(RSA_F_MARSHAL_INTEGER), "marshal_integer"}, {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "old_rsa_priv_decode"}, + {ERR_FUNC(RSA_F_PARSE_PUBLIC_KEY), "parse_public_key"}, {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"}, {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"}, {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "pkey_rsa_sign"}, @@ -34,6 +36,8 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"}, {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"}, {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"}, + {ERR_FUNC(RSA_F_RSA_MARSHAL_PRIVATE_KEY), "RSA_marshal_private_key"}, + {ERR_FUNC(RSA_F_RSA_MARSHAL_PUBLIC_KEY), "RSA_marshal_public_key"}, {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"}, {ERR_FUNC(RSA_F_RSA_METH_NEW), "RSA_meth_new"}, {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"}, @@ -73,10 +77,16 @@ static ERR_STRING_DATA RSA_str_functs[] = { "RSA_padding_check_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, + {ERR_FUNC(RSA_F_RSA_PARSE_PRIVATE_KEY), "RSA_parse_private_key"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, + {ERR_FUNC(RSA_F_RSA_PRIVATE_KEY_FROM_BYTES), + "RSA_private_key_from_bytes"}, + {ERR_FUNC(RSA_F_RSA_PRIVATE_KEY_TO_BYTES), "RSA_private_key_to_bytes"}, {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "rsa_priv_encode"}, {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "rsa_pss_to_ctx"}, + {ERR_FUNC(RSA_F_RSA_PUBLIC_KEY_FROM_BYTES), "RSA_public_key_from_bytes"}, + {ERR_FUNC(RSA_F_RSA_PUBLIC_KEY_TO_BYTES), "RSA_public_key_to_bytes"}, {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "rsa_pub_decode"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, @@ -91,10 +101,13 @@ static ERR_STRING_DATA RSA_str_functs[] = { static ERR_STRING_DATA RSA_str_reasons[] = { {ERR_REASON(RSA_R_ALGORITHM_MISMATCH), "algorithm mismatch"}, + {ERR_REASON(RSA_R_BAD_ENCODING), "bad encoding"}, {ERR_REASON(RSA_R_BAD_E_VALUE), "bad e value"}, {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"}, {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT), "bad pad byte count"}, + {ERR_REASON(RSA_R_BAD_RSA_PARAMETERS), "bad rsa parameters"}, {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"}, + {ERR_REASON(RSA_R_BAD_VERSION), "bad version"}, {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"}, {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"}, {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), @@ -113,6 +126,7 @@ static ERR_STRING_DATA RSA_str_reasons[] = { {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"}, {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"}, {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"}, + {ERR_REASON(RSA_R_ENCODE_ERROR), "encode error"}, {ERR_REASON(RSA_R_FIRST_OCTET_INVALID), "first octet invalid"}, {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"}, diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index db4fb0fb..4c98a68a 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -164,6 +164,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, } else ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa, rctx->pad_mode); + if (ret < 0) return ret; *siglen = ret; @@ -359,6 +360,9 @@ static int check_padding_md(const EVP_MD *md, int padding) case NID_md4: case NID_mdc2: case NID_ripemd160: +#ifndef OPENSSL_NO_SM3 + case NID_sm3: +#endif return 1; default: diff --git a/crypto/saf/saf_ec.c b/crypto/saf/saf_ec.c index 069bdfdf..0869b9b0 100644 --- a/crypto/saf/saf_ec.c +++ b/crypto/saf/saf_ec.c @@ -65,6 +65,8 @@ int SAF_GenEccKeyPair( { int ret = -1; SAF_APP *app = (SAF_APP *)hAppHandle; + EVP_PKEY_CTX *pctx = NULL; + EVP_PKEY *pkey = NULL; /* check arguments */ if (!hAppHandle || !pucContainerName) { @@ -91,8 +93,6 @@ int SAF_GenEccKeyPair( } /* process */ - EVP_PKEY_CTX *pctx = NULL; - EVP_PKEY *pkey = NULL; if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, app->engine)) || EVP_PKEY_keygen_init(pctx) <= 0 @@ -132,6 +132,9 @@ int SAF_GetEccPublicKey( { int ret = SAR_UnknownErr; SAF_APP *app = (SAF_APP *)hAppHandle; + EVP_PKEY *pkey = NULL; + char key_id[1024]; + int len; /* check arguments */ if (!hAppHandle || !pucContainerName || !pucPublicKey || @@ -160,9 +163,6 @@ int SAF_GetEccPublicKey( } /* process */ - EVP_PKEY *pkey = NULL; - char key_id[1024]; - int len; /* @@ -202,6 +202,10 @@ int SAF_EccSign( { int ret = SAR_UnknownErr; SAF_APP *app = (SAF_APP *)hAppHandle; + char key_id[1024]; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; + size_t siglen; /* check arguments */ if (!hAppHandle || !pucContainerName || !pucInData || @@ -230,10 +234,6 @@ int SAF_EccSign( } /* process */ - char key_id[1024]; - EVP_PKEY *pkey = NULL; - EVP_PKEY_CTX *pctx = NULL; - size_t siglen; /* snprintf(key_id, sizeof(key_id), "%s.sign", (char *)pucContainerName); @@ -267,6 +267,8 @@ int SAF_EccVerifySign( unsigned int uiSignDataLen) { int ret = SAR_UnknownErr; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; /* check arguments */ if (!pucPublicKey || !pucInData || !pucSignData) { @@ -291,8 +293,6 @@ int SAF_EccVerifySign( } /* process */ - EVP_PKEY *pkey = NULL; - EVP_PKEY_CTX *pctx = NULL; if (!(pkey = d2i_PUBKEY(NULL, (const unsigned char **)&pucPublicKey, (long)uiPublicKeyLen)) || !(pctx = EVP_PKEY_CTX_new(pkey, NULL)) @@ -320,6 +320,9 @@ int SAF_EccPublicKeyEnc( unsigned int *puiOutDataLen) { int ret = -1; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; + size_t outlen = *puiOutDataLen; /* check arguments */ if (!pucPublicKey || !pucInData || !pucOutData || !puiOutDataLen) { @@ -337,7 +340,7 @@ int SAF_EccPublicKeyEnc( SAF_R_INVALID_ALGOR); return SAR_AlgoTypeErr; } - if (uiInDataLen <= 0 || uiInDataLen > ECCref_MAX_CIPHER_LEN) { + if (uiInDataLen <= 0 || uiInDataLen > SAF_MAX_EC_CIPHERTEXT_LENGTH) { SAFerr(SAF_F_SAF_ECCPUBLICKEYENC, SAF_R_INVALID_INPUT_LENGTH); return SAR_IndataLenErr; @@ -349,9 +352,6 @@ int SAF_EccPublicKeyEnc( } /* precess */ - EVP_PKEY *pkey = NULL; - EVP_PKEY_CTX *pctx = NULL; - size_t outlen = *puiOutDataLen; if (!(pkey = d2i_PUBKEY(NULL, (const unsigned char **)&pucPublicKey, (long)uiPublicKeyLen)) || !(pctx = EVP_PKEY_CTX_new(pkey, NULL)) @@ -381,6 +381,10 @@ int SAF_EccPublicKeyEncByCert( unsigned int *puiOutDataLen) { int ret = SAR_UnknownErr; + X509 *x509 = NULL; + unsigned char pubkey[1024]; + unsigned char *p = pubkey; + int len; /* check arguments */ if (!pucCertificate || !pucInData || !pucOutData || !puiOutDataLen) { @@ -398,7 +402,7 @@ int SAF_EccPublicKeyEncByCert( SAF_R_INVALID_ALGOR); return SAR_AlgoTypeErr; } - if (uiInDataLen <= 0 || uiInDataLen > ECCref_MAX_CIPHER_LEN) { + if (uiInDataLen <= 0 || uiInDataLen > SAF_MAX_EC_CIPHERTEXT_LENGTH) { SAFerr(SAF_F_SAF_ECCPUBLICKEYENCBYCERT, SAF_R_INVALID_INPUT_LENGTH); return SAR_IndataLenErr; @@ -410,10 +414,6 @@ int SAF_EccPublicKeyEncByCert( } /* process */ - X509 *x509 = NULL; - unsigned char pubkey[1024]; - unsigned char *p = pubkey; - int len; if (!(x509 = d2i_X509(NULL, (const unsigned char **)&pucCertificate, (long)uiCertificateLen))) { SAFerr(SAF_F_SAF_ECCPUBLICKEYENCBYCERT, ERR_R_X509_LIB); @@ -453,6 +453,11 @@ int SAF_EccVerifySignByCert( unsigned int uiSignDataLen) { int ret = SAR_UnknownErr; + X509 *x509 = NULL; + unsigned char pucPublicKey[1024]; + unsigned int uiPublicKeyLen; + unsigned char *p = pucPublicKey; + int len; /* check arguments */ if (!pucCertificate || !pucInData || !pucSignData) { @@ -482,11 +487,6 @@ int SAF_EccVerifySignByCert( } /* process */ - X509 *x509 = NULL; - unsigned char pucPublicKey[1024]; - unsigned int uiPublicKeyLen; - unsigned char *p = pucPublicKey; - int len; if (!(x509 = d2i_X509(NULL, (const unsigned char **)&pucCertificate, (long)uiCertificateLen))) { SAFerr(SAF_F_SAF_ECCVERIFYSIGNBYCERT, ERR_R_X509_LIB); diff --git a/crypto/saf/saf_enc.c b/crypto/saf/saf_enc.c index 250f2d12..ccfaeabf 100644 --- a/crypto/saf/saf_enc.c +++ b/crypto/saf/saf_enc.c @@ -78,7 +78,9 @@ int SAF_SymmEncryptUpdate( if (!hkey->cipher_ctx) { const EVP_CIPHER *cipher; - if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID))) { + + // FIXME: get ulFeedBitLen from key handle + if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID, 0))) { SAFerr(SAF_F_SAF_SYMMENCRYPTUPDATE, SAF_R_INVALID_KEY_HANDLE); ret = SAR_IndataErr; goto end; @@ -172,7 +174,8 @@ int SAF_SymmDecryptUpdate( if (!hkey->cipher_ctx) { const EVP_CIPHER *cipher; - if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID))) { + //Get feedbitlen from keyhandle + if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID, 0))) { SAFerr(SAF_F_SAF_SYMMDECRYPTUPDATE, SAF_R_INVALID_KEY_HANDLE); ret = SAR_IndataErr; goto end; diff --git a/crypto/saf/saf_keyhandle.c b/crypto/saf/saf_keyhandle.c index 7fa1aa98..d2d5eb1a 100644 --- a/crypto/saf/saf_keyhandle.c +++ b/crypto/saf/saf_keyhandle.c @@ -85,7 +85,7 @@ int SAF_GenerateKeyWithEPK( } outlen = (size_t)*puiSymmKeyLen; - if (!(cipher = EVP_get_cipherbysgd(obj->uiCryptoAlgID)) + if (!(cipher = EVP_get_cipherbysgd(obj->uiCryptoAlgID, 0)) //fixme: feedbitlen || !RAND_bytes(keybuf, EVP_CIPHER_key_length(cipher)) || !(pkey = d2i_PUBKEY(NULL, (const unsigned char **)&pucPublicKey, (long)uiPublicKeyLen)) || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) diff --git a/crypto/saf/saf_mac.c b/crypto/saf/saf_mac.c index 0e2a060d..4d4061aa 100644 --- a/crypto/saf/saf_mac.c +++ b/crypto/saf/saf_mac.c @@ -75,7 +75,8 @@ int SAF_MacUpdate( if (!hkey->cmac_ctx) { const EVP_CIPHER *cipher; - if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID))) { + //Fixme: feedbitlen + if (!(cipher = EVP_get_cipherbysgd(hkey->hSymmKeyObj->uiCryptoAlgID, 0))) { SAFerr(SAF_F_SAF_MACUPDATE, SAF_R_INVALID_KEY_HANDLE); ret = SAR_IndataErr; goto end; diff --git a/crypto/saf/saf_pkcs7.c b/crypto/saf/saf_pkcs7.c index 92e8f489..4a844971 100644 --- a/crypto/saf/saf_pkcs7.c +++ b/crypto/saf/saf_pkcs7.c @@ -581,12 +581,15 @@ int SAF_Pkcs7_DecodeDigestedData( p7dgst = p7->d.digest; /* output digset algor */ + //EVP_MD_sgd +#if 0 if ((*puiDigestAlgorithm = EVP_MD_sgd( EVP_get_digestbyobj(p7dgst->md->algorithm))) <= 0) { SAFerr(SAF_F_SAF_PKCS7_DECODEDIGESTEDDATA, SAF_R_UNSUPPORTED_DIGEST_ALGOR); ret = SAR_IndataErr; goto end; } +#endif /* output digested data */ if (!PKCS7_type_is_data(p7dgst->contents)) { diff --git a/crypto/sdf/build.info b/crypto/sdf/build.info index c225dbf3..b37d49fc 100644 --- a/crypto/sdf/build.info +++ b/crypto/sdf/build.info @@ -1,2 +1,2 @@ LIBS=../../libcrypto -SOURCE[../../libcrypto]=sdf_err.c sdf_lib.c sdf_meth.c +SOURCE[../../libcrypto]=sdf_err.c sdf_lib.c sdf_ext.c sdf_meth.c sdf_sansec.c diff --git a/crypto/sdf/sdf_err.c b/crypto/sdf/sdf_err.c index df2d8140..32fd4a95 100644 --- a/crypto/sdf/sdf_err.c +++ b/crypto/sdf/sdf_err.c @@ -19,6 +19,8 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_SDF,0,reason) static ERR_STRING_DATA SDF_str_functs[] = { + {ERR_FUNC(SDF_F_SANSEC_DECODE_ECCCIPHER), "sansec_decode_ecccipher"}, + {ERR_FUNC(SDF_F_SANSEC_ENCODE_ECCCIPHER), "sansec_encode_ecccipher"}, {ERR_FUNC(SDF_F_SDF_CALCULATEMAC), "SDF_CalculateMAC"}, {ERR_FUNC(SDF_F_SDF_CLOSEDEVICE), "SDF_CloseDevice"}, {ERR_FUNC(SDF_F_SDF_CLOSESESSION), "SDF_CloseSession"}, @@ -78,7 +80,8 @@ static ERR_STRING_DATA SDF_str_functs[] = { "SDF_InternalPublicKeyOperation_RSA"}, {ERR_FUNC(SDF_F_SDF_INTERNALSIGN_ECC), "SDF_InternalSign_ECC"}, {ERR_FUNC(SDF_F_SDF_INTERNALVERIFY_ECC), "SDF_InternalVerify_ECC"}, - {ERR_FUNC(SDF_F_SDF_METHOD_LOAD_LIBRARY), "SDF_METHOD_LOAD_LIBRARY"}, + {ERR_FUNC(SDF_F_SDF_LOADLIBRARY), "SDF_LoadLibrary"}, + {ERR_FUNC(SDF_F_SDF_METHOD_LOAD_LIBRARY), "SDF_METHOD_load_library"}, {ERR_FUNC(SDF_F_SDF_OPENDEVICE), "SDF_OpenDevice"}, {ERR_FUNC(SDF_F_SDF_OPENSESSION), "SDF_OpenSession"}, {ERR_FUNC(SDF_F_SDF_READFILE), "SDF_ReadFile"}, @@ -89,17 +92,166 @@ static ERR_STRING_DATA SDF_str_functs[] = { }; static ERR_STRING_DATA SDF_str_reasons[] = { + {ERR_REASON(SDF_R_ALGORITHM_MODE_NOT_SUPPORTED), + "algorithm mode not supported"}, + {ERR_REASON(SDF_R_ALGORITHM_NOT_SUPPORTED), "algorithm not supported"}, + {ERR_REASON(SDF_R_BUFFER_TOO_SMALL), "buffer too small"}, + {ERR_REASON(SDF_R_COMMUNICATION_FAILURE), "communication failure"}, + {ERR_REASON(SDF_R_DSO_LOAD_FAILURE), "dso load failure"}, + {ERR_REASON(SDF_R_ENCRYPT_DATA_ERROR), "encrypt data error"}, + {ERR_REASON(SDF_R_ERROR), "error"}, + {ERR_REASON(SDF_R_FILE_ALREADY_EXIST), "file already exist"}, + {ERR_REASON(SDF_R_FILE_NOT_EXIST), "file not exist"}, + {ERR_REASON(SDF_R_HARDWARE_ERROR), "hardware error"}, + {ERR_REASON(SDF_R_INVALID_CIPHER_ALGOR), "invalid cipher algor"}, + {ERR_REASON(SDF_R_INVALID_DIGEST_ALGOR), "invalid digest algor"}, + {ERR_REASON(SDF_R_INVALID_FILE_OFFSET), "invalid file offset"}, + {ERR_REASON(SDF_R_INVALID_FILE_SIZE), "invalid file size"}, + {ERR_REASON(SDF_R_INVALID_INPUT_ARGUMENT), "invalid input argument"}, + {ERR_REASON(SDF_R_INVALID_KEY), "invalid key"}, {ERR_REASON(SDF_R_INVALID_KEY_LENGTH), "invalid key length"}, + {ERR_REASON(SDF_R_INVALID_KEY_TYPE), "invalid key type"}, + {ERR_REASON(SDF_R_INVALID_OUTPUT_ARGUMENT), "invalid output argument"}, + {ERR_REASON(SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH), + "invalid sansec ecccipher length"}, {ERR_REASON(SDF_R_INVALID_SDF_LIBRARY), "invalid sdf library"}, {ERR_REASON(SDF_R_INVALID_SESSION_HANDLE), "invalid session handle"}, + {ERR_REASON(SDF_R_KEY_NOT_EXIST), "key not exist"}, {ERR_REASON(SDF_R_LOAD_LIBRARY_FAILURE), "load library failure"}, + {ERR_REASON(SDF_R_MAC_ERROR), "mac error"}, {ERR_REASON(SDF_R_METHOD_OPERATION_FAILURE), "method operation failure"}, + {ERR_REASON(SDF_R_MULTI_STEP_OPERATION_ERROR), + "multi step operation error"}, {ERR_REASON(SDF_R_NOT_INITIALIZED), "not initialized"}, {ERR_REASON(SDF_R_NOT_SUPPORTED), "not supported"}, + {ERR_REASON(SDF_R_NOT_SUPPORTED_CIPHER_ALGOR), + "not supported cipher algor"}, + {ERR_REASON(SDF_R_NOT_SUPPORTED_DIGEST_ALGOR), + "not supported digest algor"}, + {ERR_REASON(SDF_R_NOT_SUPPORTED_ECC_ALGOR), "not supported ecc algor"}, + {ERR_REASON(SDF_R_NOT_SUPPORTED_PKEY_ALGOR), "not supported pkey algor"}, + {ERR_REASON(SDF_R_NO_PRIVATE_KEY_ACCESS_RIGHT), + "no private key access right"}, + {ERR_REASON(SDF_R_OPEN_DEVICE_FAILURE), "open device failure"}, + {ERR_REASON(SDF_R_OPEN_SESSION_FAILURE), "open session failure"}, {ERR_REASON(SDF_R_OPERATION_FAILED), "operation failed"}, + {ERR_REASON(SDF_R_OPERATION_NOT_SUPPORTED), "operation not supported"}, + {ERR_REASON(SDF_R_PRIVATE_KEY_OPERATION_FAILURE), + "private key operation failure"}, + {ERR_REASON(SDF_R_PRKERR), "prkerr"}, + {ERR_REASON(SDF_R_PUBLIC_KEY_OPERATION_FAILURE), + "public key operation failure"}, + {ERR_REASON(SDF_R_RANDOM_GENERATION_ERROR), "random generation error"}, + {ERR_REASON(SDF_R_SANSEC_BASE), "sansec base"}, + {ERR_REASON(SDF_R_SANSEC_CARD_ALGOR_NOT_SUPPORTED), + "sansec card algor not supported"}, + {ERR_REASON(SDF_R_SANSEC_CARD_ALG_MODE_NOT_SUPPORTED), + "sansec card alg mode not supported"}, + {ERR_REASON(SDF_R_SANSEC_CARD_BASE), "sansec card base"}, + {ERR_REASON(SDF_R_SANSEC_CARD_BUFFER_TOO_SMALL), + "sansec card buffer too small"}, + {ERR_REASON(SDF_R_SANSEC_CARD_COMMMUCATION_FAILED), + "sansec card commmucation failed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_CRYPTO_NOT_INITED), + "sansec card crypto not inited"}, + {ERR_REASON(SDF_R_SANSEC_CARD_DATA_PADDING_ERROR), + "sansec card data padding error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_DATA_SIZE), "sansec card data size"}, + {ERR_REASON(SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR), + "sansec card device status error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR_05), + "sansec card device status error 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_FILE_NOT_EXIST), + "sansec card file not exist"}, + {ERR_REASON(SDF_R_SANSEC_CARD_FILE_OFFSET_ERROR), + "sansec card file offset error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_FILE_SIZE_ERROR), + "sansec card file size error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_HARDWARE_FAILURE), + "sansec card hardware failure"}, + {ERR_REASON(SDF_R_SANSEC_CARD_KEY_ERROR), "sansec card key error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_KEY_NOT_EXIST), + "sansec card key not exist"}, + {ERR_REASON(SDF_R_SANSEC_CARD_KEY_TYPE_ERROR), + "sansec card key type error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_LOGIN_ERROR), "sansec card login error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_LOGIN_ERROR_05), + "sansec card login error 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_MANAGEMENT_DENYED), + "sansec card management denyed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_MANAGEMENT_DENYED_05), + "sansec card management denyed 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_NOT_SUPPORTED), + "sansec card not supported"}, + {ERR_REASON(SDF_R_SANSEC_CARD_OPEN_DEVICE_FAILED), + "sansec card open device failed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_OPEN_SESSION_FAILED), + "sansec card open session failed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_OPERATION_DENYED), + "sansec card operation denyed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_OPERATION_DENYED_05), + "sansec card operation denyed 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_PARAMENT_ERROR), + "sansec card parament error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_PARAMENT_ERROR_05), + "sansec card parament error 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED), + "sansec card private key access denyed"}, + {ERR_REASON(SDF_R_SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR), + "sansec card private key operation error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR), + "sansec card public key operation error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_READER_BASE), "sansec card reader base"}, + {ERR_REASON(SDF_R_SANSEC_CARD_READER_CARD_INSERT), + "sansec card reader card insert"}, + {ERR_REASON(SDF_R_SANSEC_CARD_READER_CARD_INSERT_TYPE), + "sansec card reader card insert type"}, + {ERR_REASON(SDF_R_SANSEC_CARD_READER_NO_CARD), + "sansec card reader no card"}, + {ERR_REASON(SDF_R_SANSEC_CARD_READER_PIN_ERROR), + "sansec card reader pin error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_SIGN_ERROR), "sansec card sign error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_STEP_ERROR), "sansec card step error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_SYMMETRIC_ALGOR_ERROR), + "sansec card symmetric algor error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_UNKNOW_ERROR), "sansec card unknow error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_USERID_ERROR), "sansec card userid error"}, + {ERR_REASON(SDF_R_SANSEC_CARD_USERID_ERROR_05), + "sansec card userid error 05"}, + {ERR_REASON(SDF_R_SANSEC_CARD_VERIFY_ERROR), "sansec card verify error"}, + {ERR_REASON(SDF_R_SANSEC_CONFIG_ERROR), "sansec config error"}, + {ERR_REASON(SDF_R_SANSEC_CONNECT_ERROR), "sansec connect error"}, + {ERR_REASON(SDF_R_SANSEC_FILE_ALREADY_EXIST), + "sansec file already exist"}, + {ERR_REASON(SDF_R_SANSEC_INVALID_AUTHENCODE), + "sansec invalid authencode"}, + {ERR_REASON(SDF_R_SANSEC_INVALID_COMMAND), "sansec invalid command"}, + {ERR_REASON(SDF_R_SANSEC_INVALID_PARAMETERS), + "sansec invalid parameters"}, + {ERR_REASON(SDF_R_SANSEC_INVALID_USER), "sansec invalid user"}, + {ERR_REASON(SDF_R_SANSEC_NO_AVAILABLE_CSM), "sansec no available csm"}, + {ERR_REASON(SDF_R_SANSEC_NO_AVAILABLE_HSM), "sansec no available hsm"}, + {ERR_REASON(SDF_R_SANSEC_PROTOCOL_VERSION_ERROR), + "sansec protocol version error"}, + {ERR_REASON(SDF_R_SANSEC_SEM_TIMEOUT), "sansec sem timeout"}, + {ERR_REASON(SDF_R_SANSEC_SET_SOCKET_OPTION_ERROR), + "sansec set socket option error"}, + {ERR_REASON(SDF_R_SANSEC_SOCKET_RECV_0), "sansec socket recv 0"}, + {ERR_REASON(SDF_R_SANSEC_SOCKET_RECV_ERROR), "sansec socket recv error"}, + {ERR_REASON(SDF_R_SANSEC_SOCKET_SEND_ERROR), "sansec socket send error"}, + {ERR_REASON(SDF_R_SANSEC_SOCKET_TIMEOUT), "sansec socket timeout"}, + {ERR_REASON(SDF_R_SANSEC_SYNC_ERROR), "sansec sync error"}, + {ERR_REASON(SDF_R_SANSEC_SYNC_LOGIN_ERROR), "sansec sync login error"}, {ERR_REASON(SDF_R_SDF_METHOD_RETURN_FAILURE), "sdf method return failure"}, {ERR_REASON(SDF_R_SDF_OPERATION_FAILED), "sdf operation failed"}, + {ERR_REASON(SDF_R_SIGNING_FAILURE), "signing failure"}, + {ERR_REASON(SDF_R_SUCCESS), "success"}, + {ERR_REASON(SDF_R_SYMMETRIC_OPERATION_FAILURE), + "symmetric operation failure"}, + {ERR_REASON(SDF_R_UNNOWN_ERROR), "unnown error"}, + {ERR_REASON(SDF_R_VERIFICATION_FAILURE), "verification failure"}, + {ERR_REASON(SDF_R_WRITE_FILE_FAILURE), "write file failure"}, {0, NULL} }; diff --git a/crypto/sdf/sdf_ext.c b/crypto/sdf/sdf_ext.c new file mode 100644 index 00000000..917bc954 --- /dev/null +++ b/crypto/sdf/sdf_ext.c @@ -0,0 +1,304 @@ +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include "internal/sdf_int.h" +#include "../../e_os.h" + + + +static void print_str(const char *name, const void *value) +{ + (void)printf("%-20s: %s\n", name, (char *)value); +} + +static void print_int(const char *name, unsigned int value) +{ + (void)printf("%-20s: %u\n", name, value); +} + +/* +static void print_buf(const char *name, const unsigned char *buf, size_t buflen) +{ + size_t i; + (void)printf("%-20s: ", name); + for (i = 0; i < buflen; i++) { + (void)printf("%02x", buf[i]); + } + (void)puts("\n"); +} +*/ + +typedef struct { + ULONG id; + char *name; +} table_item_t; + +static table_item_t sdf_cipher_caps[] = { + { SGD_SM1_ECB, "sm1-ecb" }, + { SGD_SM1_CBC, "sm1-cbc" }, + { SGD_SM1_CFB, "sm1-cfb" }, + { SGD_SM1_OFB, "sm1-ofb128" }, + { SGD_SM1_MAC, "cbcmac-sm1" }, + { SGD_SSF33_ECB, "ssf33-ecb" }, + { SGD_SSF33_CBC, "ssf33-cbc" }, + { SGD_SSF33_CFB, "ssf33-cfb" }, + { SGD_SSF33_OFB, "ssf33-ofb128" }, + { SGD_SSF33_MAC, "cbcmac-ssf33" }, + { SGD_SM4_ECB, "sms4-ecb" }, + { SGD_SM4_CBC, "sms4-cbc" }, + { SGD_SM4_CFB, "sms4-cfb" }, + { SGD_SM4_OFB, "sms4-ofb128" }, + { SGD_SM4_MAC, "cbcmac-sms4" }, + { SGD_ZUC_EEA3, "zuc_128eea3" }, + { SGD_ZUC_EIA3, "zuc_128eia3" } +}; + +static table_item_t sdf_digest_caps[] = { + { SGD_SM3, "sm3" }, + { SGD_SHA1, "sha1" }, + { SGD_SHA256, "sha256" }, +}; + +static table_item_t sdf_pkey_caps[] = { + { SGD_RSA_SIGN, "rsa" }, + { SGD_RSA_ENC, "rsaEncryption" }, + { SGD_SM2_1, "sm2sign" }, + { SGD_SM2_2, "sm2exchange" }, + { SGD_SM2_3, "sm2encrypt" } +}; + +int SDF_PrintDeviceInfo(DEVICEINFO *pstDeviceInfo) +{ + int i, n; + DEVICEINFO buf; + DEVICEINFO *devInfo = &buf; + + memcpy(devInfo, pstDeviceInfo, sizeof(DEVICEINFO)); + devInfo->IssuerName[39] = 0; + devInfo->DeviceName[15] = 0; + devInfo->DeviceSerial[15] = 0; + + print_str(" Issuer", devInfo->IssuerName); + print_str(" Device Name", devInfo->DeviceName); + print_str(" Serial Number", devInfo->DeviceSerial); + print_int(" Hardware Version", devInfo->DeviceVersion); + print_int(" Standard Version", devInfo->StandardVersion); + printf("%-20s: ", " Public Key Algors"); + for (i = n = 0; i < OSSL_NELEM(sdf_pkey_caps); i++) { + if ((devInfo->AsymAlgAbility[0] & sdf_pkey_caps[i].id) == + sdf_pkey_caps[i].id) { + printf("%s%s", n ? ", " : "", sdf_pkey_caps[i].name); + n++; + } + } + printf("\n"); + + printf("%-20s: ", " Ciphers"); + for (i = n = 0; i < OSSL_NELEM(sdf_cipher_caps); i++) { + if ((devInfo->SymAlgAbility & sdf_cipher_caps[i].id) == + sdf_cipher_caps[i].id) { + printf("%s%s", n ? ", " : "", sdf_cipher_caps[i].name); + n++; + } + } + printf("\n"); + + printf("%-20s: ", " Digests"); + for (i = n = 0; i < OSSL_NELEM(sdf_digest_caps); i++) { + if ((devInfo->HashAlgAbility & sdf_digest_caps[i].id) == + sdf_digest_caps[i].id) { + printf("%s%s", n ? ", " : "", sdf_digest_caps[i].name); + n++; + } + } + printf("\n"); + + + return SDR_OK; +} + +int SDF_PrintRSAPublicKey(RSArefPublicKey *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "bits: %d\n", blob->bits); + (void)BIO_printf(bio, "m:\n "); + (void)BIO_hex_string(bio, 4, 16, blob->m, sizeof(blob->m)); + (void)BIO_printf(bio, "\n"); + (void)BIO_printf(bio, "e:\n "); + (void)BIO_hex_string(bio, 4, 16, blob->e, sizeof(blob->e)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_PrintRSAPrivateKey(RSArefPrivateKey *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "bits: %d", blob->bits); + (void)BIO_printf(bio, "\n%s:\n ", "m"); + (void)BIO_hex_string(bio, 4, 16, blob->m, sizeof(blob->m)); + (void)BIO_printf(bio, "\n%s:\n ", "e"); + (void)BIO_hex_string(bio, 4, 16, blob->e, sizeof(blob->e)); + (void)BIO_printf(bio, "\n%s:\n ", "d"); + (void)BIO_hex_string(bio, 4, 16, blob->d, sizeof(blob->d)); + (void)BIO_printf(bio, "\n%s:\n ", "prime[0]"); + (void)BIO_hex_string(bio, 4, 16, blob->prime[0], sizeof(blob->prime[0])); + (void)BIO_printf(bio, "\n%s:\n ", "prime[1]"); + (void)BIO_hex_string(bio, 4, 16, blob->prime[1], sizeof(blob->prime[1])); + (void)BIO_printf(bio, "\n%s:\n ", "pexp[0]"); + (void)BIO_hex_string(bio, 4, 16, blob->pexp[0], sizeof(blob->pexp[0])); + (void)BIO_printf(bio, "\n%s:\n ", "pexp[1]"); + (void)BIO_hex_string(bio, 4, 16, blob->pexp[1], sizeof(blob->pexp[1])); + (void)BIO_printf(bio, "\n%s:\n ", "coef"); + (void)BIO_hex_string(bio, 4, 16, blob->coef, sizeof(blob->coef)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_PrintECCPublicKey(ECCrefPublicKey *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "bits: %d", blob->bits); + (void)BIO_printf(bio, "\n%s:\n ", "x"); + (void)BIO_hex_string(bio, 4, 16, blob->x, sizeof(blob->x)); + (void)BIO_printf(bio, "\n%s:\n ", "y"); + (void)BIO_hex_string(bio, 4, 16, blob->y, sizeof(blob->y)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_PrintECCPrivateKey(ECCrefPrivateKey *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "bits: %d", blob->bits); + (void)BIO_printf(bio, "\n%s:\n ", "K"); + (void)BIO_hex_string(bio, 4, 16, blob->K, sizeof(blob->K)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_PrintECCCipher(ECCCipher *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "%s:\n ", "x"); + (void)BIO_hex_string(bio, 4, 16, blob->x, sizeof(blob->x)); + (void)BIO_printf(bio, "\n%s:\n ", "y"); + (void)BIO_hex_string(bio, 4, 16, blob->y, sizeof(blob->y)); + (void)BIO_printf(bio, "\n%s:\n ", "M"); + (void)BIO_hex_string(bio, 4, 16, blob->M, sizeof(blob->M)); + (void)BIO_printf(bio, "\nL: %d", blob->L); + (void)BIO_printf(bio, "\n%s:\n ", "C"); + (void)BIO_hex_string(bio, 4, 16, blob->C, sizeof(blob->C)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_PrintECCSignature(ECCSignature *blob) +{ + BIO *bio = NULL; + + if (!(bio = BIO_new_fp(stdout, BIO_NOCLOSE))) { + return SDR_UNKNOWERR; + } + + (void)BIO_printf(bio, "%s:\n ", "r"); + (void)BIO_hex_string(bio, 4, 16, blob->r, sizeof(blob->r)); + (void)BIO_printf(bio, "\n%s:\n ", "s"); + (void)BIO_hex_string(bio, 4, 16, blob->s, sizeof(blob->s)); + (void)BIO_printf(bio, "\n"); + + BIO_free(bio); + return SDR_OK; +} + +int SDF_ImportKey( + void *hSessionHandle, + unsigned char *pucKey, + unsigned int uiKeyLength, + void **phKeyHandle) +{ + return 0; +} diff --git a/crypto/sdf/sdf_lib.c b/crypto/sdf/sdf_lib.c index 99f70142..1b3518b3 100644 --- a/crypto/sdf/sdf_lib.c +++ b/crypto/sdf/sdf_lib.c @@ -1,1367 +1,1486 @@ -/* ==================================================================== - * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include "internal/sdf_meth.h" - -static SDF_METHOD *sdf_method = NULL; - -int SDF_OpenDevice( - void **phDeviceHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->OpenDevice) { - SDFerr(SDF_F_SDF_OPENDEVICE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->OpenDevice( - phDeviceHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_OPENDEVICE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -int SDF_CloseDevice( - void *hDeviceHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->CloseDevice) { - SDFerr(SDF_F_SDF_CLOSEDEVICE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->CloseDevice( - hDeviceHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_CLOSEDEVICE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_OpenSession( - void *hDeviceHandle, - void **phSessionHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->OpenSession) { - SDFerr(SDF_F_SDF_OPENSESSION, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->OpenSession( - hDeviceHandle, - phSessionHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_OPENSESSION, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_CloseSession( - void *hSessionHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->CloseSession) { - SDFerr(SDF_F_SDF_CLOSESESSION, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->CloseSession( - hSessionHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_CLOSESESSION, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GetDeviceInfo( - void *hSessionHandle, - DEVICEINFO *pstDeviceInfo) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GetDeviceInfo) { - SDFerr(SDF_F_SDF_GETDEVICEINFO, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GetDeviceInfo( - hSessionHandle, - pstDeviceInfo)) != SDR_OK) { - SDFerr(SDF_F_SDF_GETDEVICEINFO, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateRandom( - void *hSessionHandle, - unsigned int uiLength, - unsigned char *pucRandom) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateRandom) { - SDFerr(SDF_F_SDF_GENERATERANDOM, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateRandom( - hSessionHandle, - uiLength, - pucRandom)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATERANDOM, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GetPrivateKeyAccessRight( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucPassword, - unsigned int uiPwdLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GetPrivateKeyAccessRight) { - SDFerr(SDF_F_SDF_GETPRIVATEKEYACCESSRIGHT, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GetPrivateKeyAccessRight( - hSessionHandle, - uiKeyIndex, - pucPassword, - uiPwdLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_GETPRIVATEKEYACCESSRIGHT, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ReleasePrivateKeyAccessRight( - void *hSessionHandle, - unsigned int uiKeyIndex) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ReleasePrivateKeyAccessRight) { - SDFerr(SDF_F_SDF_RELEASEPRIVATEKEYACCESSRIGHT, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ReleasePrivateKeyAccessRight( - hSessionHandle, - uiKeyIndex)) != SDR_OK) { - SDFerr(SDF_F_SDF_RELEASEPRIVATEKEYACCESSRIGHT, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExportSignPublicKey_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExportSignPublicKey_RSA) { - SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_RSA, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExportSignPublicKey_RSA( - hSessionHandle, - uiKeyIndex, - pucPublicKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExportEncPublicKey_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExportEncPublicKey_RSA) { - SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_RSA, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExportEncPublicKey_RSA( - hSessionHandle, - uiKeyIndex, - pucPublicKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyPair_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - RSArefPrivateKey *pucPrivateKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyPair_RSA) { - SDFerr(SDF_F_SDF_GENERATEKEYPAIR_RSA, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyPair_RSA( - hSessionHandle, - uiKeyBits, - pucPublicKey, - pucPrivateKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYPAIR_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyWithIPK_RSA( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned int uiKeyBits, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithIPK_RSA) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_RSA, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithIPK_RSA( - hSessionHandle, - uiIPKIndex, - uiKeyBits, - pucKey, - puiKeyLength, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyWithEPK_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithEPK_RSA) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_RSA, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithEPK_RSA( - hSessionHandle, - uiKeyBits, - pucPublicKey, - pucKey, - puiKeyLength, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ImportKeyWithISK_RSA( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned char *pucKey, - unsigned int uiKeyLength, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ImportKeyWithISK_RSA) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_RSA, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ImportKeyWithISK_RSA( - hSessionHandle, - uiISKIndex, - pucKey, - uiKeyLength, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExchangeDigitEnvelopeBaseOnRSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDEInput, - unsigned int uiDELength, - unsigned char *pucDEOutput, - unsigned int *puiDELength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExchangeDigitEnvelopeBaseOnRSA) { - SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONRSA, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExchangeDigitEnvelopeBaseOnRSA( - hSessionHandle, - uiKeyIndex, - pucPublicKey, - pucDEInput, - uiDELength, - pucDEOutput, - puiDELength)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONRSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExportSignPublicKey_ECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - ECCrefPublicKey *pucPublicKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExportSignPublicKey_ECC) { - SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExportSignPublicKey_ECC( - hSessionHandle, - uiKeyIndex, - pucPublicKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExportEncPublicKey_ECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - ECCrefPublicKey *pucPublicKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExportEncPublicKey_ECC) { - SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExportEncPublicKey_ECC( - hSessionHandle, - uiKeyIndex, - pucPublicKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyPair_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKeyBits, - ECCrefPublicKey *pucPublicKey, - ECCrefPrivateKey *pucPrivateKey) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyPair_ECC) { - SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyPair_ECC( - hSessionHandle, - uiAlgID, - uiKeyBits, - pucPublicKey, - pucPrivateKey)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyWithIPK_ECC( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned int uiKeyBits, - ECCCipher *pucKey, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithIPK_ECC) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithIPK_ECC( - hSessionHandle, - uiIPKIndex, - uiKeyBits, - pucKey, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyWithEPK_ECC( - void *hSessionHandle, - unsigned int uiKeyBits, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucKey, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithEPK_ECC) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithEPK_ECC( - hSessionHandle, - uiKeyBits, - uiAlgID, - pucPublicKey, - pucKey, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ImportKeyWithISK_ECC( - void *hSessionHandle, - unsigned int uiISKIndex, - ECCCipher *pucKey, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ImportKeyWithISK_ECC) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ImportKeyWithISK_ECC( - hSessionHandle, - uiISKIndex, - pucKey, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateAgreementDataWithECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned int uiKeyBits, - unsigned char *pucSponsorID, - unsigned int uiSponsorIDLength, - ECCrefPublicKey *pucSponsorPublicKey, - ECCrefPublicKey *pucSponsorTmpPublicKey, - void **phAgreementHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateAgreementDataWithECC) { - SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAWITHECC, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateAgreementDataWithECC( - hSessionHandle, - uiISKIndex, - uiKeyBits, - pucSponsorID, - uiSponsorIDLength, - pucSponsorPublicKey, - pucSponsorTmpPublicKey, - phAgreementHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAWITHECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateKeyWithECC( - void *hSessionHandle, - unsigned char *pucResponseID, - unsigned int uiResponseIDLength, - ECCrefPublicKey *pucResponsePublicKey, - ECCrefPublicKey *pucResponseTmpPublicKey, - void *hAgreementHandle, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithECC) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithECC( - hSessionHandle, - pucResponseID, - uiResponseIDLength, - pucResponsePublicKey, - pucResponseTmpPublicKey, - hAgreementHandle, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_GenerateAgreementDataAndKeyWithECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned int uiKeyBits, - unsigned char *pucResponseID, - unsigned int uiResponseIDLength, - unsigned char *pucSponsorID, - unsigned int uiSponsorIDLength, - ECCrefPublicKey *pucSponsorPublicKey, - ECCrefPublicKey *pucSponsorTmpPublicKey, - ECCrefPublicKey *pucResponsePublicKey, - ECCrefPublicKey *pucResponseTmpPublicKey, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateAgreementDataAndKeyWithECC) { - SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAANDKEYWITHECC, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateAgreementDataAndKeyWithECC( - hSessionHandle, - uiISKIndex, - uiKeyBits, - pucResponseID, - uiResponseIDLength, - pucSponsorID, - uiSponsorIDLength, - pucSponsorPublicKey, - pucSponsorTmpPublicKey, - pucResponsePublicKey, - pucResponseTmpPublicKey, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAANDKEYWITHECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExchangeDigitEnvelopeBaseOnECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucEncDataIn, - ECCCipher *pucEncDataOut) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExchangeDigitEnvelopeBaseOnECC) { - SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExchangeDigitEnvelopeBaseOnECC( - hSessionHandle, - uiKeyIndex, - uiAlgID, - pucPublicKey, - pucEncDataIn, - pucEncDataOut)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -int SDF_GenerateKeyWithKEK( - void *hSessionHandle, - unsigned int uiKeyBits, - unsigned int uiAlgID, - unsigned int uiKEKIndex, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->GenerateKeyWithKEK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->GenerateKeyWithKEK( - hSessionHandle, - uiKeyBits, - uiAlgID, - uiKEKIndex, - pucKey, - puiKeyLength, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ImportKeyWithKEK( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKEKIndex, - unsigned char *pucKey, - unsigned int uiKeyLength, - void **phKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ImportKeyWithKEK) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ImportKeyWithKEK( - hSessionHandle, - uiAlgID, - uiKEKIndex, - pucKey, - uiKeyLength, - phKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_DestroyKey( - void *hSessionHandle, - void *hKeyHandle) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->DestroyKey) { - SDFerr(SDF_F_SDF_DESTROYKEY, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - SDFerr(SDF_F_SDF_DESTROYKEY, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExternalPublicKeyOperation_RSA( - void *hSessionHandle, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExternalPublicKeyOperation_RSA) { - SDFerr(SDF_F_SDF_EXTERNALPUBLICKEYOPERATION_RSA, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExternalPublicKeyOperation_RSA( - hSessionHandle, - pucPublicKey, - pucDataInput, - uiInputLength, - pucDataOutput, - puiOutputLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXTERNALPUBLICKEYOPERATION_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_InternalPublicKeyOperation_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->InternalPublicKeyOperation_RSA) { - SDFerr(SDF_F_SDF_INTERNALPUBLICKEYOPERATION_RSA, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->InternalPublicKeyOperation_RSA( - hSessionHandle, - uiKeyIndex, - pucDataInput, - uiInputLength, - pucDataOutput, - puiOutputLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_INTERNALPUBLICKEYOPERATION_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_InternalPrivateKeyOperation_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->InternalPrivateKeyOperation_RSA) { - SDFerr(SDF_F_SDF_INTERNALPRIVATEKEYOPERATION_RSA, - SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->InternalPrivateKeyOperation_RSA( - hSessionHandle, - uiKeyIndex, - pucDataInput, - uiInputLength, - pucDataOutput, - puiOutputLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_INTERNALPRIVATEKEYOPERATION_RSA, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExternalVerify_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucDataInput, - unsigned int uiInputLength, - ECCSignature *pucSignature) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExternalVerify_ECC) { - SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExternalVerify_ECC( - hSessionHandle, - uiAlgID, - pucPublicKey, - pucDataInput, - uiInputLength, - pucSignature)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_InternalSign_ECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned char *pucData, - unsigned int uiDataLength, - ECCSignature *pucSignature) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->InternalSign_ECC) { - SDFerr(SDF_F_SDF_INTERNALSIGN_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->InternalSign_ECC( - hSessionHandle, - uiISKIndex, - pucData, - uiDataLength, - pucSignature)) != SDR_OK) { - SDFerr(SDF_F_SDF_INTERNALSIGN_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_InternalVerify_ECC( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned char *pucData, - unsigned int uiDataLength, - ECCSignature *pucSignature) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->InternalVerify_ECC) { - SDFerr(SDF_F_SDF_INTERNALVERIFY_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->InternalVerify_ECC( - hSessionHandle, - uiIPKIndex, - pucData, - uiDataLength, - pucSignature)) != SDR_OK) { - SDFerr(SDF_F_SDF_INTERNALVERIFY_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_ExternalEncrypt_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucData, - unsigned int uiDataLength, - ECCCipher *pucEncData) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ExternalEncrypt_ECC) { - SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ExternalEncrypt_ECC( - hSessionHandle, - uiAlgID, - pucPublicKey, - pucData, - uiDataLength, - pucEncData)) != SDR_OK) { - SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, - SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_Encrypt( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucData, - unsigned int uiDataLength, - unsigned char *pucEncData, - unsigned int *puiEncDataLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->Encrypt) { - SDFerr(SDF_F_SDF_ENCRYPT, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->Encrypt( - hSessionHandle, - hKeyHandle, - uiAlgID, - pucIV, - pucData, - uiDataLength, - pucEncData, - puiEncDataLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_ENCRYPT, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_Decrypt( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucEncData, - unsigned int uiEncDataLength, - unsigned char *pucData, - unsigned int *puiDataLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->Decrypt) { - SDFerr(SDF_F_SDF_DECRYPT, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->Decrypt( - hSessionHandle, - hKeyHandle, - uiAlgID, - pucIV, - pucEncData, - uiEncDataLength, - pucData, - puiDataLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_DECRYPT, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_CalculateMAC( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucData, - unsigned int uiDataLength, - unsigned char *pucMAC, - unsigned int *puiMACLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->CalculateMAC) { - SDFerr(SDF_F_SDF_CALCULATEMAC, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->CalculateMAC( - hSessionHandle, - hKeyHandle, - uiAlgID, - pucIV, - pucData, - uiDataLength, - pucMAC, - puiMACLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_CALCULATEMAC, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_HashInit( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucID, - unsigned int uiIDLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->HashInit) { - SDFerr(SDF_F_SDF_HASHINIT, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->HashInit( - hSessionHandle, - uiAlgID, - pucPublicKey, - pucID, - uiIDLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_HASHINIT, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_HashUpdate( - void *hSessionHandle, - unsigned char *pucData, - unsigned int uiDataLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->HashUpdate) { - SDFerr(SDF_F_SDF_HASHUPDATE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->HashUpdate( - hSessionHandle, - pucData, - uiDataLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_HASHUPDATE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_HashFinal( - void *hSessionHandle, - unsigned char *pucHash, - unsigned int *puiHashLength) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->HashFinal) { - SDFerr(SDF_F_SDF_HASHFINAL, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->HashFinal( - hSessionHandle, - pucHash, - puiHashLength)) != SDR_OK) { - SDFerr(SDF_F_SDF_HASHFINAL, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - - -int SDF_CreateFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiFileSize) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->CreateFileObject) { - SDFerr(SDF_F_SDF_CREATEFILE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->CreateFileObject( - hSessionHandle, - pucFileName, - uiNameLen, - uiFileSize)) != SDR_OK) { - SDFerr(SDF_F_SDF_CREATEFILE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -int SDF_ReadFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiOffset, - unsigned int *puiReadLength, - unsigned char *pucBuffer) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->ReadFileObject) { - SDFerr(SDF_F_SDF_READFILE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->ReadFileObject( - hSessionHandle, - pucFileName, - uiNameLen, - uiOffset, - puiReadLength, - pucBuffer)) != SDR_OK) { - SDFerr(SDF_F_SDF_READFILE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -int SDF_WriteFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiOffset, - unsigned int uiWriteLength, - unsigned char *pucBuffer) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->WriteFileObject) { - SDFerr(SDF_F_SDF_WRITEFILE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->WriteFileObject( - hSessionHandle, - pucFileName, - uiNameLen, - uiOffset, - uiWriteLength, - pucBuffer)) != SDR_OK) { - SDFerr(SDF_F_SDF_WRITEFILE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -int SDF_DeleteFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen) -{ - int ret = SDR_UNKNOWERR; - - if (!sdf_method || !sdf_method->DeleteFileObject) { - SDFerr(SDF_F_SDF_DELETEFILE, SDF_R_NOT_INITIALIZED); - return SDR_NOTSUPPORT; - } - - if ((ret = sdf_method->DeleteFileObject( - hSessionHandle, - pucFileName, - uiNameLen)) != SDR_OK) { - SDFerr(SDF_F_SDF_DELETEFILE, SDF_R_METHOD_OPERATION_FAILURE); - return ret; - } - - return SDR_OK; -} - -/* helpers */ -const char *SDF_GetErrorString(int err) -{ - return NULL; -} - -int SDF_PrintDeviceInfo(FILE *fp, DEVICEINFO *devInfo) -{ - return 0; -} - -int SDF_PrintECCPrivateKey(FILE *fp, ECCrefPrivateKey *privateKey) -{ - return 0; -} - -int SDF_PrintECCPublicKey(FILE *fp, ECCrefPublicKey *publicKey) -{ - return 0; -} - -int SDF_PrintRSAPrivateKey(FILE *fp, RSArefPrivateKey *privateKey) -{ - return 0; -} - -int SDF_PrintRSAPublicKey(FILE *fp, RSArefPublicKey *publicKey) -{ - return 0; -} - - - - - +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include "internal/sdf_int.h" +#include "../../e_os.h" + +SDF_METHOD *sdf_method = NULL; +SDF_VENDOR *sdf_vendor = NULL; +extern SDF_VENDOR sdf_sansec; + + +int SDF_LoadLibrary(char *so_path, char *vendor) +{ + if (sdf_method) { + SDF_METHOD_free(sdf_method); + sdf_method = NULL; + } + + if (!(sdf_method = SDF_METHOD_load_library(so_path))) { + SDFerr(SDF_F_SDF_LOADLIBRARY, SDF_R_LOAD_LIBRARY_FAILURE); + return SDR_BASE; + } + + if (vendor) { + if (strcmp(vendor, sdf_sansec.name) == 0) { + sdf_vendor = &sdf_sansec; + } + } + + return SDR_OK; +} + +int SDF_UnloadLibrary(void) +{ + SDF_METHOD_free(sdf_method); + sdf_method = NULL; + sdf_vendor = NULL; + return SDR_OK; +} + +static SDF_ERR_REASON sdf_errors[] = { + { SDR_OK, SDF_R_SUCCESS }, + { SDR_BASE, SDF_R_ERROR }, + { SDR_UNKNOWERR, SDF_R_UNNOWN_ERROR }, + { SDR_NOTSUPPORT, SDF_R_OPERATION_NOT_SUPPORTED }, + { SDR_COMMFAIL, SDF_R_COMMUNICATION_FAILURE }, + { SDR_HARDFAIL, SDF_R_HARDWARE_ERROR }, + { SDR_OPENDEVICE, SDF_R_OPEN_DEVICE_FAILURE }, + { SDR_OPENSESSION, SDF_R_OPEN_SESSION_FAILURE }, + { SDR_PARDENY, SDF_R_NO_PRIVATE_KEY_ACCESS_RIGHT }, + { SDR_KEYNOTEXIST, SDF_R_KEY_NOT_EXIST }, + { SDR_ALGNOTSUPPORT, SDF_R_ALGORITHM_NOT_SUPPORTED }, + { SDR_ALGMODNOTSUPPORT, SDF_R_ALGORITHM_MODE_NOT_SUPPORTED }, + { SDR_PKOPERR, SDF_R_PUBLIC_KEY_OPERATION_FAILURE }, + { SDR_SKOPERR, SDF_R_PRIVATE_KEY_OPERATION_FAILURE }, + { SDR_SIGNERR, SDF_R_SIGNING_FAILURE }, + { SDR_VERIFYERR, SDF_R_VERIFICATION_FAILURE }, + { SDR_SYMOPERR, SDF_R_SYMMETRIC_OPERATION_FAILURE }, + { SDR_STEPERR, SDF_R_MULTI_STEP_OPERATION_ERROR }, + { SDR_FILESIZEERR, SDF_R_INVALID_FILE_SIZE }, + { SDR_FILENOEXIST, SDF_R_FILE_NOT_EXIST }, + { SDR_FILEOFSERR, SDF_R_INVALID_FILE_OFFSET }, + { SDR_KEYTYPEERR, SDF_R_INVALID_KEY_TYPE }, + { SDR_KEYERR, SDF_R_INVALID_KEY }, + { SDR_ENCDATAERR, SDF_R_ENCRYPT_DATA_ERROR }, + { SDR_RANDERR, SDF_R_RANDOM_GENERATION_ERROR }, + { SDR_PRKRERR, SDF_R_PRKERR }, + { SDR_MACERR, SDF_R_MAC_ERROR }, + { SDR_FILEEXSITS, SDF_R_FILE_ALREADY_EXIST }, + { SDR_FILEWERR, SDF_R_WRITE_FILE_FAILURE }, + { SDR_NOBUFFER, SDF_R_BUFFER_TOO_SMALL }, + { SDR_INARGERR, SDF_R_INVALID_INPUT_ARGUMENT }, + { SDR_OUTARGERR, SDF_R_INVALID_OUTPUT_ARGUMENT }, +}; + +static unsigned long sdf_get_error_reason(int err) +{ + int i; + for (i = 0; i < OSSL_NELEM(sdf_errors); i++) { + if (err == sdf_errors[i].err) { + return sdf_errors[i].reason; + } + } + if (sdf_vendor) { + return sdf_vendor->get_error_reason(err); + } + return 0; +} + +int SDF_GetErrorString(int err, char **str) +{ + unsigned long reason; + + if ((reason = sdf_get_error_reason(err)) != 0) { + *str = (char*)ERR_reason_error_string(reason); + } else { + *str = "(unknown)"; + } + + return SDR_OK; +} + +int SDF_OpenDevice( + void **phDeviceHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->OpenDevice) { + SDFerr(SDF_F_SDF_OPENDEVICE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->OpenDevice( + phDeviceHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_OPENDEVICE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_CloseDevice( + void *hDeviceHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->CloseDevice) { + SDFerr(SDF_F_SDF_CLOSEDEVICE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->CloseDevice( + hDeviceHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_CLOSEDEVICE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_OpenSession( + void *hDeviceHandle, + void **phSessionHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->OpenSession) { + SDFerr(SDF_F_SDF_OPENSESSION, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->OpenSession( + hDeviceHandle, + phSessionHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_OPENSESSION, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_CloseSession( + void *hSessionHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->CloseSession) { + SDFerr(SDF_F_SDF_CLOSESESSION, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->CloseSession( + hSessionHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_CLOSESESSION, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GetDeviceInfo( + void *hSessionHandle, + DEVICEINFO *pstDeviceInfo) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GetDeviceInfo) { + SDFerr(SDF_F_SDF_GETDEVICEINFO, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GetDeviceInfo( + hSessionHandle, + pstDeviceInfo)) != SDR_OK) { + SDFerr(SDF_F_SDF_GETDEVICEINFO, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateRandom( + void *hSessionHandle, + unsigned int uiLength, + unsigned char *pucRandom) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateRandom) { + SDFerr(SDF_F_SDF_GENERATERANDOM, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateRandom( + hSessionHandle, + uiLength, + pucRandom)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATERANDOM, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GetPrivateKeyAccessRight( + void *hSessionHandle, + unsigned int uiKeyIndex, + unsigned char *pucPassword, + unsigned int uiPwdLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GetPrivateKeyAccessRight) { + SDFerr(SDF_F_SDF_GETPRIVATEKEYACCESSRIGHT, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GetPrivateKeyAccessRight( + hSessionHandle, + uiKeyIndex, + pucPassword, + uiPwdLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_GETPRIVATEKEYACCESSRIGHT, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ReleasePrivateKeyAccessRight( + void *hSessionHandle, + unsigned int uiKeyIndex) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ReleasePrivateKeyAccessRight) { + SDFerr(SDF_F_SDF_RELEASEPRIVATEKEYACCESSRIGHT, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ReleasePrivateKeyAccessRight( + hSessionHandle, + uiKeyIndex)) != SDR_OK) { + SDFerr(SDF_F_SDF_RELEASEPRIVATEKEYACCESSRIGHT, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExportSignPublicKey_RSA( + void *hSessionHandle, + unsigned int uiKeyIndex, + RSArefPublicKey *pucPublicKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExportSignPublicKey_RSA) { + SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_RSA, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExportSignPublicKey_RSA( + hSessionHandle, + uiKeyIndex, + pucPublicKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExportEncPublicKey_RSA( + void *hSessionHandle, + unsigned int uiKeyIndex, + RSArefPublicKey *pucPublicKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExportEncPublicKey_RSA) { + SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_RSA, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExportEncPublicKey_RSA( + hSessionHandle, + uiKeyIndex, + pucPublicKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyPair_RSA( + void *hSessionHandle, + unsigned int uiKeyBits, + RSArefPublicKey *pucPublicKey, + RSArefPrivateKey *pucPrivateKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyPair_RSA) { + SDFerr(SDF_F_SDF_GENERATEKEYPAIR_RSA, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateKeyPair_RSA( + hSessionHandle, + uiKeyBits, + pucPublicKey, + pucPrivateKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYPAIR_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithIPK_RSA( + void *hSessionHandle, + unsigned int uiIPKIndex, + unsigned int uiKeyBits, + unsigned char *pucKey, + unsigned int *puiKeyLength, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithIPK_RSA) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_RSA, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateKeyWithIPK_RSA( + hSessionHandle, + uiIPKIndex, + uiKeyBits, + pucKey, + puiKeyLength, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithEPK_RSA( + void *hSessionHandle, + unsigned int uiKeyBits, + RSArefPublicKey *pucPublicKey, + unsigned char *pucKey, + unsigned int *puiKeyLength, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithEPK_RSA) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_RSA, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateKeyWithEPK_RSA( + hSessionHandle, + uiKeyBits, + pucPublicKey, + pucKey, + puiKeyLength, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ImportKeyWithISK_RSA( + void *hSessionHandle, + unsigned int uiISKIndex, + unsigned char *pucKey, + unsigned int uiKeyLength, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ImportKeyWithISK_RSA) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_RSA, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ImportKeyWithISK_RSA( + hSessionHandle, + uiISKIndex, + pucKey, + uiKeyLength, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_RSA, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExchangeDigitEnvelopeBaseOnRSA( + void *hSessionHandle, + unsigned int uiKeyIndex, + RSArefPublicKey *pucPublicKey, + unsigned char *pucDEInput, + unsigned int uiDELength, + unsigned char *pucDEOutput, + unsigned int *puiDELength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExchangeDigitEnvelopeBaseOnRSA) { + SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONRSA, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExchangeDigitEnvelopeBaseOnRSA( + hSessionHandle, + uiKeyIndex, + pucPublicKey, + pucDEInput, + uiDELength, + pucDEOutput, + puiDELength)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONRSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExportSignPublicKey_ECC( + void *hSessionHandle, + unsigned int uiKeyIndex, + ECCrefPublicKey *pucPublicKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExportSignPublicKey_ECC) { + SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExportSignPublicKey_ECC( + hSessionHandle, + uiKeyIndex, + pucPublicKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXPORTSIGNPUBLICKEY_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExportEncPublicKey_ECC( + void *hSessionHandle, + unsigned int uiKeyIndex, + ECCrefPublicKey *pucPublicKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExportEncPublicKey_ECC) { + SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExportEncPublicKey_ECC( + hSessionHandle, + uiKeyIndex, + pucPublicKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXPORTENCPUBLICKEY_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyPair_ECC( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned int uiKeyBits, + ECCrefPublicKey *pucPublicKey, + ECCrefPrivateKey *pucPrivateKey) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyPair_ECC) { + SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, + SDF_R_NOT_SUPPORTED_ECC_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->GenerateKeyPair_ECC( + hSessionHandle, + uiAlgID, + uiKeyBits, + pucPublicKey, + pucPrivateKey)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYPAIR_ECC, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithIPK_ECC( + void *hSessionHandle, + unsigned int uiIPKIndex, + unsigned int uiKeyBits, + ECCCipher *pucKey, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithIPK_ECC) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateKeyWithIPK_ECC( + hSessionHandle, + uiIPKIndex, + uiKeyBits, + pucKey, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHIPK_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithEPK_ECC( + void *hSessionHandle, + unsigned int uiKeyBits, + unsigned int uiAlgID, + ECCrefPublicKey *pucPublicKey, + ECCCipher *pucKey, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithEPK_ECC) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->GenerateKeyWithEPK_ECC( + hSessionHandle, + uiKeyBits, + uiAlgID, + pucPublicKey, + pucKey, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHEPK_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ImportKeyWithISK_ECC( + void *hSessionHandle, + unsigned int uiISKIndex, + ECCCipher *pucKey, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ImportKeyWithISK_ECC) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ImportKeyWithISK_ECC( + hSessionHandle, + uiISKIndex, + pucKey, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHISK_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateAgreementDataWithECC( + void *hSessionHandle, + unsigned int uiISKIndex, + unsigned int uiKeyBits, + unsigned char *pucSponsorID, + unsigned int uiSponsorIDLength, + ECCrefPublicKey *pucSponsorPublicKey, + ECCrefPublicKey *pucSponsorTmpPublicKey, + void **phAgreementHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateAgreementDataWithECC) { + SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAWITHECC, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateAgreementDataWithECC( + hSessionHandle, + uiISKIndex, + uiKeyBits, + pucSponsorID, + uiSponsorIDLength, + pucSponsorPublicKey, + pucSponsorTmpPublicKey, + phAgreementHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAWITHECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithECC( + void *hSessionHandle, + unsigned char *pucResponseID, + unsigned int uiResponseIDLength, + ECCrefPublicKey *pucResponsePublicKey, + ECCrefPublicKey *pucResponseTmpPublicKey, + void *hAgreementHandle, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithECC) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateKeyWithECC( + hSessionHandle, + pucResponseID, + uiResponseIDLength, + pucResponsePublicKey, + pucResponseTmpPublicKey, + hAgreementHandle, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateAgreementDataAndKeyWithECC( + void *hSessionHandle, + unsigned int uiISKIndex, + unsigned int uiKeyBits, + unsigned char *pucResponseID, + unsigned int uiResponseIDLength, + unsigned char *pucSponsorID, + unsigned int uiSponsorIDLength, + ECCrefPublicKey *pucSponsorPublicKey, + ECCrefPublicKey *pucSponsorTmpPublicKey, + ECCrefPublicKey *pucResponsePublicKey, + ECCrefPublicKey *pucResponseTmpPublicKey, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateAgreementDataAndKeyWithECC) { + SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAANDKEYWITHECC, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->GenerateAgreementDataAndKeyWithECC( + hSessionHandle, + uiISKIndex, + uiKeyBits, + pucResponseID, + uiResponseIDLength, + pucSponsorID, + uiSponsorIDLength, + pucSponsorPublicKey, + pucSponsorTmpPublicKey, + pucResponsePublicKey, + pucResponseTmpPublicKey, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEAGREEMENTDATAANDKEYWITHECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ExchangeDigitEnvelopeBaseOnECC( + void *hSessionHandle, + unsigned int uiKeyIndex, + unsigned int uiAlgID, + ECCrefPublicKey *pucPublicKey, + ECCCipher *pucEncDataIn, + ECCCipher *pucEncDataOut) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExchangeDigitEnvelopeBaseOnECC) { + SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->ExchangeDigitEnvelopeBaseOnECC( + hSessionHandle, + uiKeyIndex, + uiAlgID, + pucPublicKey, + pucEncDataIn, + pucEncDataOut)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXCHANGEDIGITENVELOPEBASEONECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_GenerateKeyWithKEK( + void *hSessionHandle, + unsigned int uiKeyBits, + unsigned int uiAlgID, + unsigned int uiKEKIndex, + unsigned char *pucKey, + unsigned int *puiKeyLength, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->GenerateKeyWithKEK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->GenerateKeyWithKEK( + hSessionHandle, + uiKeyBits, + uiAlgID, + uiKEKIndex, + pucKey, + puiKeyLength, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_GENERATEKEYWITHKEK, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_ImportKeyWithKEK( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned int uiKEKIndex, + unsigned char *pucKey, + unsigned int uiKeyLength, + void **phKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ImportKeyWithKEK) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->ImportKeyWithKEK( + hSessionHandle, + uiAlgID, + uiKEKIndex, + pucKey, + uiKeyLength, + phKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_IMPORTKEYWITHKEK, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_DestroyKey( + void *hSessionHandle, + void *hKeyHandle) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->DestroyKey) { + SDFerr(SDF_F_SDF_DESTROYKEY, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->DestroyKey( + hSessionHandle, + hKeyHandle)) != SDR_OK) { + SDFerr(SDF_F_SDF_DESTROYKEY, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_ExternalPublicKeyOperation_RSA( + void *hSessionHandle, + RSArefPublicKey *pucPublicKey, + unsigned char *pucDataInput, + unsigned int uiInputLength, + unsigned char *pucDataOutput, + unsigned int *puiOutputLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExternalPublicKeyOperation_RSA) { + SDFerr(SDF_F_SDF_EXTERNALPUBLICKEYOPERATION_RSA, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ExternalPublicKeyOperation_RSA( + hSessionHandle, + pucPublicKey, + pucDataInput, + uiInputLength, + pucDataOutput, + puiOutputLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXTERNALPUBLICKEYOPERATION_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_InternalPublicKeyOperation_RSA( + void *hSessionHandle, + unsigned int uiKeyIndex, + unsigned char *pucDataInput, + unsigned int uiInputLength, + unsigned char *pucDataOutput, + unsigned int *puiOutputLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->InternalPublicKeyOperation_RSA) { + SDFerr(SDF_F_SDF_INTERNALPUBLICKEYOPERATION_RSA, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->InternalPublicKeyOperation_RSA( + hSessionHandle, + uiKeyIndex, + pucDataInput, + uiInputLength, + pucDataOutput, + puiOutputLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_INTERNALPUBLICKEYOPERATION_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_InternalPrivateKeyOperation_RSA( + void *hSessionHandle, + unsigned int uiKeyIndex, + unsigned char *pucDataInput, + unsigned int uiInputLength, + unsigned char *pucDataOutput, + unsigned int *puiOutputLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->InternalPrivateKeyOperation_RSA) { + SDFerr(SDF_F_SDF_INTERNALPRIVATEKEYOPERATION_RSA, + SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->InternalPrivateKeyOperation_RSA( + hSessionHandle, + uiKeyIndex, + pucDataInput, + uiInputLength, + pucDataOutput, + puiOutputLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_INTERNALPRIVATEKEYOPERATION_RSA, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_ExternalVerify_ECC( + void *hSessionHandle, + unsigned int uiAlgID, + ECCrefPublicKey *pucPublicKey, + unsigned char *pucDataInput, + unsigned int uiInputLength, + ECCSignature *pucSignature) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExternalVerify_ECC) { + SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, + SDF_R_NOT_SUPPORTED_PKEY_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->ExternalVerify_ECC( + hSessionHandle, + uiAlgID, + pucPublicKey, + pucDataInput, + uiInputLength, + pucSignature)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXTERNALVERIFY_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_InternalSign_ECC( + void *hSessionHandle, + unsigned int uiISKIndex, + unsigned char *pucData, + unsigned int uiDataLength, + ECCSignature *pucSignature) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->InternalSign_ECC) { + SDFerr(SDF_F_SDF_INTERNALSIGN_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->InternalSign_ECC( + hSessionHandle, + uiISKIndex, + pucData, + uiDataLength, + pucSignature)) != SDR_OK) { + SDFerr(SDF_F_SDF_INTERNALSIGN_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_InternalVerify_ECC( + void *hSessionHandle, + unsigned int uiIPKIndex, + unsigned char *pucData, + unsigned int uiDataLength, + ECCSignature *pucSignature) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->InternalVerify_ECC) { + SDFerr(SDF_F_SDF_INTERNALVERIFY_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->InternalVerify_ECC( + hSessionHandle, + uiIPKIndex, + pucData, + uiDataLength, + pucSignature)) != SDR_OK) { + SDFerr(SDF_F_SDF_INTERNALVERIFY_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_ExternalEncrypt_ECC( + void *hSessionHandle, + unsigned int uiAlgID, + ECCrefPublicKey *pucPublicKey, + unsigned char *pucData, + unsigned int uiDataLength, + ECCCipher *pucEncData) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ExternalEncrypt_ECC) { + SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_pkey_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, + SDF_R_NOT_SUPPORTED_PKEY_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->ExternalEncrypt_ECC( + hSessionHandle, + uiAlgID, + pucPublicKey, + pucData, + uiDataLength, + pucEncData)) != SDR_OK) { + SDFerr(SDF_F_SDF_EXTERNALENCRYPT_ECC, + sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_Encrypt( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->Encrypt) { + SDFerr(SDF_F_SDF_ENCRYPT, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_ENCRYPT, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->Encrypt( + hSessionHandle, + hKeyHandle, + uiAlgID, + pucIV, + pucData, + uiDataLength, + pucEncData, + puiEncDataLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_ENCRYPT, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_Decrypt( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->Decrypt) { + SDFerr(SDF_F_SDF_DECRYPT, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_DECRYPT, SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->Decrypt( + hSessionHandle, + hKeyHandle, + uiAlgID, + pucIV, + pucEncData, + uiEncDataLength, + pucData, + puiDataLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_DECRYPT, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_CalculateMAC( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucMAC, + unsigned int *puiMACLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->CalculateMAC) { + SDFerr(SDF_F_SDF_CALCULATEMAC, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_cipher_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_CALCULATEMAC, + SDF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->CalculateMAC( + hSessionHandle, + hKeyHandle, + uiAlgID, + pucIV, + pucData, + uiDataLength, + pucMAC, + puiMACLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_CALCULATEMAC, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_HashInit( + void *hSessionHandle, + unsigned int uiAlgID, + ECCrefPublicKey *pucPublicKey, + unsigned char *pucID, + unsigned int uiIDLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->HashInit) { + SDFerr(SDF_F_SDF_HASHINIT, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if (sdf_vendor) { + if (!(uiAlgID = sdf_vendor->get_digest_algor(uiAlgID))) { + SDFerr(SDF_F_SDF_HASHINIT, SDF_R_NOT_SUPPORTED_DIGEST_ALGOR); + return SDR_ALGNOTSUPPORT; + } + } + + if ((ret = sdf_method->HashInit( + hSessionHandle, + uiAlgID, + pucPublicKey, + pucID, + uiIDLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_HASHINIT, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_HashUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->HashUpdate) { + SDFerr(SDF_F_SDF_HASHUPDATE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->HashUpdate( + hSessionHandle, + pucData, + uiDataLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_HASHUPDATE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_HashFinal( + void *hSessionHandle, + unsigned char *pucHash, + unsigned int *puiHashLength) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->HashFinal) { + SDFerr(SDF_F_SDF_HASHFINAL, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->HashFinal( + hSessionHandle, + pucHash, + puiHashLength)) != SDR_OK) { + SDFerr(SDF_F_SDF_HASHFINAL, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + + +int SDF_CreateFile( + void *hSessionHandle, + unsigned char *pucFileName, + unsigned int uiNameLen, + unsigned int uiFileSize) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->CreateObject) { + SDFerr(SDF_F_SDF_CREATEFILE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->CreateObject( + hSessionHandle, + pucFileName, + uiNameLen, + uiFileSize)) != SDR_OK) { + SDFerr(SDF_F_SDF_CREATEFILE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_ReadFile( + void *hSessionHandle, + unsigned char *pucFileName, + unsigned int uiNameLen, + unsigned int uiOffset, + unsigned int *puiReadLength, + unsigned char *pucBuffer) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->ReadObject) { + SDFerr(SDF_F_SDF_READFILE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->ReadObject( + hSessionHandle, + pucFileName, + uiNameLen, + uiOffset, + puiReadLength, + pucBuffer)) != SDR_OK) { + SDFerr(SDF_F_SDF_READFILE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_WriteFile( + void *hSessionHandle, + unsigned char *pucFileName, + unsigned int uiNameLen, + unsigned int uiOffset, + unsigned int uiWriteLength, + unsigned char *pucBuffer) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->WriteObject) { + SDFerr(SDF_F_SDF_WRITEFILE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->WriteObject( + hSessionHandle, + pucFileName, + uiNameLen, + uiOffset, + uiWriteLength, + pucBuffer)) != SDR_OK) { + SDFerr(SDF_F_SDF_WRITEFILE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} + +int SDF_DeleteFile( + void *hSessionHandle, + unsigned char *pucFileName, + unsigned int uiNameLen) +{ + int ret = SDR_UNKNOWERR; + + if (!sdf_method || !sdf_method->DeleteObject) { + SDFerr(SDF_F_SDF_DELETEFILE, SDF_R_NOT_INITIALIZED); + return SDR_NOTSUPPORT; + } + + if ((ret = sdf_method->DeleteObject( + hSessionHandle, + pucFileName, + uiNameLen)) != SDR_OK) { + SDFerr(SDF_F_SDF_DELETEFILE, sdf_get_error_reason(ret)); + return ret; + } + + return SDR_OK; +} diff --git a/crypto/sdf/sdf_meth.c b/crypto/sdf/sdf_meth.c index 8007e1c8..4d3c3058 100644 --- a/crypto/sdf/sdf_meth.c +++ b/crypto/sdf/sdf_meth.c @@ -47,78 +47,95 @@ * ==================================================================== */ +#include +#include #include #include "internal/dso.h" -#include "internal/sdf_meth.h" +#include "internal/sdf_int.h" + +#define SDF_METHOD_BIND_FUNCTION_EX(func,name) \ + sdf->func = (SDF_##func##_FuncPtr)DSO_bind_func(sdf->dso, "SDF_"#name) + +#define SDF_METHOD_BIND_FUNCTION(func) \ + SDF_METHOD_BIND_FUNCTION_EX(func,func) SDF_METHOD *SDF_METHOD_load_library(const char *so_path) { SDF_METHOD *ret = NULL; SDF_METHOD *sdf = NULL; - DSO *dso = NULL; - if (!(dso = DSO_load(NULL, so_path, NULL, 0))) { - goto end; - } if (!(sdf = OPENSSL_zalloc(sizeof(*sdf)))) { + SDFerr(SDF_F_SDF_METHOD_LOAD_LIBRARY, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(sdf->dso = DSO_load(NULL, so_path, NULL, 0))) { + SDFerr(SDF_F_SDF_METHOD_LOAD_LIBRARY, SDF_R_DSO_LOAD_FAILURE); goto end; } - sdf->OpenDevice = (SDF_OpenDevice_FuncPtr)DSO_bind_func(dso, "SDF_OpenDevice"); - sdf->CloseDevice = (SDF_CloseDevice_FuncPtr)DSO_bind_func(dso, "SDF_CloseDevice"); - sdf->OpenSession = (SDF_OpenSession_FuncPtr)DSO_bind_func(dso, "SDF_OpenSession"); - sdf->CloseSession = (SDF_CloseSession_FuncPtr)DSO_bind_func(dso, "SDF_CloseSession"); - sdf->GetDeviceInfo = (SDF_GetDeviceInfo_FuncPtr)DSO_bind_func(dso, "SDF_GetDeviceInfo"); - sdf->GenerateRandom = (SDF_GenerateRandom_FuncPtr)DSO_bind_func(dso, "SDF_GenerateRandom"); - sdf->GetPrivateKeyAccessRight = (SDF_GetPrivateKeyAccessRight_FuncPtr)DSO_bind_func(dso, "SDF_GetPrivateKeyAccessRight"); - sdf->ReleasePrivateKeyAccessRight = (SDF_ReleasePrivateKeyAccessRight_FuncPtr)DSO_bind_func(dso, "SDF_ReleasePrivateKeyAccessRight"); - sdf->ExportSignPublicKey_RSA = (SDF_ExportSignPublicKey_RSA_FuncPtr)DSO_bind_func(dso, "SDF_ExportSignPublicKey_RSA"); - sdf->ExportEncPublicKey_RSA = (SDF_ExportEncPublicKey_RSA_FuncPtr)DSO_bind_func(dso, "SDF_ExportEncPublicKey_RSA"); - sdf->GenerateKeyPair_RSA = (SDF_GenerateKeyPair_RSA_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyPair_RSA"); - sdf->GenerateKeyWithIPK_RSA = (SDF_GenerateKeyWithIPK_RSA_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithIPK_RSA"); - sdf->GenerateKeyWithEPK_RSA = (SDF_GenerateKeyWithEPK_RSA_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithEPK_RSA"); - sdf->ImportKeyWithISK_RSA = (SDF_ImportKeyWithISK_RSA_FuncPtr)DSO_bind_func(dso, "SDF_ImportKeyWithISK_RSA"); - sdf->ExchangeDigitEnvelopeBaseOnRSA = (SDF_ExchangeDigitEnvelopeBaseOnRSA_FuncPtr)DSO_bind_func(dso, "SDF_ExchangeDigitEnvelopeBaseOnRSA"); - sdf->ExportSignPublicKey_ECC = (SDF_ExportSignPublicKey_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ExportSignPublicKey_ECC"); - sdf->ExportEncPublicKey_ECC = (SDF_ExportEncPublicKey_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ExportEncPublicKey_ECC"); - sdf->GenerateKeyPair_ECC = (SDF_GenerateKeyPair_ECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyPair_ECC"); - sdf->GenerateKeyWithIPK_ECC = (SDF_GenerateKeyWithIPK_ECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithIPK_ECC"); - sdf->GenerateKeyWithEPK_ECC = (SDF_GenerateKeyWithEPK_ECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithEPK_ECC"); - sdf->ImportKeyWithISK_ECC = (SDF_ImportKeyWithISK_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ImportKeyWithISK_ECC"); - sdf->GenerateAgreementDataWithECC = (SDF_GenerateAgreementDataWithECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateAgreementDataWithECC"); - sdf->GenerateKeyWithECC = (SDF_GenerateKeyWithECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithECC"); - sdf->GenerateAgreementDataAndKeyWithECC = (SDF_GenerateAgreementDataAndKeyWithECC_FuncPtr)DSO_bind_func(dso, "SDF_GenerateAgreementDataAndKeyWithECC"); - sdf->ExchangeDigitEnvelopeBaseOnECC = (SDF_ExchangeDigitEnvelopeBaseOnECC_FuncPtr)DSO_bind_func(dso, "SDF_ExchangeDigitEnvelopeBaseOnECC"); - sdf->GenerateKeyWithKEK = (SDF_GenerateKeyWithKEK_FuncPtr)DSO_bind_func(dso, "SDF_GenerateKeyWithKEK"); - sdf->ImportKeyWithKEK = (SDF_ImportKeyWithKEK_FuncPtr)DSO_bind_func(dso, "SDF_ImportKeyWithKEK"); - sdf->DestroyKey = (SDF_DestroyKey_FuncPtr)DSO_bind_func(dso, "SDF_DestroyKey"); - sdf->ExternalPublicKeyOperation_RSA = (SDF_ExternalPublicKeyOperation_RSA_FuncPtr)DSO_bind_func(dso, "SDF_ExternalPublicKeyOperation_RSA"); - sdf->InternalPublicKeyOperation_RSA = (SDF_InternalPublicKeyOperation_RSA_FuncPtr)DSO_bind_func(dso, "SDF_InternalPublicKeyOperation_RSA"); - sdf->InternalPrivateKeyOperation_RSA = (SDF_InternalPrivateKeyOperation_RSA_FuncPtr)DSO_bind_func(dso, "SDF_InternalPrivateKeyOperation_RSA"); - sdf->ExternalVerify_ECC = (SDF_ExternalVerify_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ExternalVerify_ECC"); - sdf->InternalSign_ECC = (SDF_InternalSign_ECC_FuncPtr)DSO_bind_func(dso, "SDF_InternalSign_ECC"); - sdf->InternalVerify_ECC = (SDF_InternalVerify_ECC_FuncPtr)DSO_bind_func(dso, "SDF_InternalVerify_ECC"); - sdf->ExternalEncrypt_ECC = (SDF_ExternalEncrypt_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ExternalEncrypt_ECC"); - sdf->ExternalDecrypt_ECC = (SDF_ExternalDecrypt_ECC_FuncPtr)DSO_bind_func(dso, "SDF_ExternalDecrypt_ECC"); - sdf->InternalEncrypt_ECC = (SDF_InternalEncrypt_ECC_FuncPtr)DSO_bind_func(dso, "SDF_InternalEncrypt_ECC"); - sdf->InternalDecrypt_ECC = (SDF_InternalDecrypt_ECC_FuncPtr)DSO_bind_func(dso, "SDF_InternalDecrypt_ECC"); - sdf->Encrypt = (SDF_Encrypt_FuncPtr)DSO_bind_func(dso, "SDF_Encrypt"); - sdf->Decrypt = (SDF_Decrypt_FuncPtr)DSO_bind_func(dso, "SDF_Decrypt"); - sdf->CalculateMAC = (SDF_CalculateMAC_FuncPtr)DSO_bind_func(dso, "SDF_CalculateMAC"); - sdf->HashInit = (SDF_HashInit_FuncPtr)DSO_bind_func(dso, "SDF_HashInit"); - sdf->HashUpdate = (SDF_HashUpdate_FuncPtr)DSO_bind_func(dso, "SDF_HashUpdate"); - sdf->HashFinal = (SDF_HashFinal_FuncPtr)DSO_bind_func(dso, "SDF_HashFinal"); - sdf->CreateFileObject = (SDF_CreateFile_FuncPtr)DSO_bind_func(dso, "SDF_CreateFile"); - sdf->ReadFileObject = (SDF_ReadFile_FuncPtr)DSO_bind_func(dso, "SDF_ReadFile"); - sdf->WriteFileObject = (SDF_WriteFile_FuncPtr)DSO_bind_func(dso, "SDF_WriteFile"); - sdf->DeleteFileObject = (SDF_DeleteFile_FuncPtr)DSO_bind_func(dso, "SDF_DeleteFile"); - + SDF_METHOD_BIND_FUNCTION(OpenDevice); + SDF_METHOD_BIND_FUNCTION(CloseDevice); + SDF_METHOD_BIND_FUNCTION(OpenSession); + SDF_METHOD_BIND_FUNCTION(CloseSession); + SDF_METHOD_BIND_FUNCTION(GetDeviceInfo); + SDF_METHOD_BIND_FUNCTION(GenerateRandom); + SDF_METHOD_BIND_FUNCTION(GetPrivateKeyAccessRight); + SDF_METHOD_BIND_FUNCTION(ReleasePrivateKeyAccessRight); + SDF_METHOD_BIND_FUNCTION(ExportSignPublicKey_RSA); + SDF_METHOD_BIND_FUNCTION(ExportEncPublicKey_RSA); + SDF_METHOD_BIND_FUNCTION(GenerateKeyPair_RSA); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithIPK_RSA); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithEPK_RSA); + SDF_METHOD_BIND_FUNCTION(ImportKeyWithISK_RSA); + SDF_METHOD_BIND_FUNCTION(ExchangeDigitEnvelopeBaseOnRSA); + SDF_METHOD_BIND_FUNCTION(ExportSignPublicKey_ECC); + SDF_METHOD_BIND_FUNCTION(ExportEncPublicKey_ECC); + SDF_METHOD_BIND_FUNCTION(GenerateKeyPair_ECC); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithIPK_ECC); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithEPK_ECC); + SDF_METHOD_BIND_FUNCTION(ImportKeyWithISK_ECC); + SDF_METHOD_BIND_FUNCTION(GenerateAgreementDataWithECC); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithECC); + SDF_METHOD_BIND_FUNCTION(GenerateAgreementDataAndKeyWithECC); + SDF_METHOD_BIND_FUNCTION(ExchangeDigitEnvelopeBaseOnECC); + SDF_METHOD_BIND_FUNCTION(GenerateKeyWithKEK); + SDF_METHOD_BIND_FUNCTION(ImportKeyWithKEK); + SDF_METHOD_BIND_FUNCTION(DestroyKey); + SDF_METHOD_BIND_FUNCTION(ExternalPublicKeyOperation_RSA); + //SDF_METHOD_BIND_FUNCTION(InternalPublicKeyOperation_RSA); + SDF_METHOD_BIND_FUNCTION(InternalPrivateKeyOperation_RSA); + SDF_METHOD_BIND_FUNCTION(ExternalVerify_ECC); + SDF_METHOD_BIND_FUNCTION(InternalSign_ECC); + SDF_METHOD_BIND_FUNCTION(InternalVerify_ECC); + SDF_METHOD_BIND_FUNCTION(ExternalEncrypt_ECC); +#if 0 + SDF_METHOD_BIND_FUNCTION(ExternalDecrypt_ECC); + SDF_METHOD_BIND_FUNCTION(InternalEncrypt_ECC); + SDF_METHOD_BIND_FUNCTION(InternalDecrypt_ECC); +#endif + SDF_METHOD_BIND_FUNCTION(Encrypt); + SDF_METHOD_BIND_FUNCTION(Decrypt); + SDF_METHOD_BIND_FUNCTION(CalculateMAC); + SDF_METHOD_BIND_FUNCTION(HashInit); + SDF_METHOD_BIND_FUNCTION(HashUpdate); + SDF_METHOD_BIND_FUNCTION(HashFinal); + SDF_METHOD_BIND_FUNCTION_EX(CreateObject,CreateFile); + SDF_METHOD_BIND_FUNCTION_EX(ReadObject,ReadFile); + SDF_METHOD_BIND_FUNCTION_EX(WriteObject,WriteFile); + SDF_METHOD_BIND_FUNCTION_EX(DeleteObject,DeleteFile); ret = sdf; sdf = NULL; end: - OPENSSL_free(sdf); - DSO_free(dso); + SDF_METHOD_free(sdf); return ret; } + +void SDF_METHOD_free(SDF_METHOD *meth) +{ + if (meth) DSO_free(meth->dso); + OPENSSL_free(meth); +} + + diff --git a/crypto/sdf/sdf_sansec.c b/crypto/sdf/sdf_sansec.c new file mode 100644 index 00000000..644ca1ca --- /dev/null +++ b/crypto/sdf/sdf_sansec.c @@ -0,0 +1,330 @@ +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include "internal/sdf_int.h" +#include "../../e_os.h" +#include "sdf_sansec.h" + +typedef struct { + unsigned int std_id; + unsigned int vendor_id; +} SDF_ALGOR_PAIR; + +static SDF_ALGOR_PAIR sansec_ciphers[] = { + { SGD_SM1, SANSEC_SM1 }, + { SGD_SM1_ECB, SANSEC_SM1_ECB }, + { SGD_SM1_CBC, SANSEC_SM1_CBC }, + { SGD_SM1_CFB, SANSEC_SM1_CFB }, + { SGD_SM1_OFB, SANSEC_SM1_OFB }, + { SGD_SM1_MAC, SANSEC_SM1_MAC }, + { SGD_SM4, SANSEC_SM4 }, + { SGD_SM4_ECB, SANSEC_SM4_ECB }, + { SGD_SM4_CBC, SANSEC_SM4_CBC }, + { SGD_SM4_CFB, SANSEC_SM4_CFB }, + { SGD_SM4_OFB, SANSEC_SM4_OFB }, + { SGD_SM4_MAC, SANSEC_SM4_MAC }, + { SGD_SSF33, SANSEC_SSF33 }, + { SGD_SSF33_ECB, SANSEC_SSF33_ECB }, + { SGD_SSF33_CBC, SANSEC_SSF33_CBC }, + { SGD_SSF33_CFB, SANSEC_SSF33_CFB }, + { SGD_SSF33_OFB, SANSEC_SSF33_OFB }, + { SGD_SSF33_MAC, SANSEC_SSF33_MAC }, + { 0, SANSEC_AES }, + { 0, SANSEC_AES_ECB }, + { 0, SANSEC_AES_CBC }, + { 0, SANSEC_AES_CFB }, + { 0, SANSEC_AES_OFB }, + { 0, SANSEC_AES_MAC }, + { 0, SANSEC_DES }, + { 0, SANSEC_DES_ECB }, + { 0, SANSEC_DES_CBC }, + { 0, SANSEC_DES_CFB }, + { 0, SANSEC_DES_OFB }, + { 0, SANSEC_DES_MAC }, + { 0, SANSEC_3DES }, + { 0, SANSEC_3DES_ECB }, + { 0, SANSEC_3DES_CBC }, + { 0, SANSEC_3DES_CFB }, + { 0, SANSEC_3DES_OFB }, + { 0, SANSEC_3DES_MAC }, +}; + +static unsigned int sansec_get_cipher_algor(unsigned int vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_ciphers); i++) { + if (vendor_id == sansec_ciphers[i].vendor_id) { + return sansec_ciphers[i].std_id; + } + } + return 0; +} + +static unsigned int sansec_get_cipher_cap(unsigned int vendor_cap) +{ + unsigned int std_cap = 0; + int i; + + for (i = 0; i < OSSL_NELEM(sansec_ciphers); i++) { + if (vendor_cap & sansec_ciphers[i].vendor_id) { + std_cap |= sansec_ciphers[i].std_id; + } + } + + return std_cap; +} + +static SDF_ALGOR_PAIR sansec_digests[] = { + { SGD_SM3, SANSEC_SM3 }, + { SGD_SHA1, SANSEC_SHA1 }, + { SGD_SHA256, SANSEC_SHA256 }, + { 0, SANSEC_SHA512 }, + { 0, SANSEC_SHA384 }, + { 0, SANSEC_SHA224 }, + { 0, SANSEC_MD5 }, +}; + +static unsigned int sansec_get_digest_algor(unsigned int vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_digests); i++) { + if (vendor_id == sansec_digests[i].vendor_id) { + return sansec_digests[i].std_id; + } + } + return 0; +} + +static unsigned int sansec_get_digest_cap(unsigned int vendor_cap) +{ + unsigned int std_cap = 0; + int i; + + for (i = 0; i < OSSL_NELEM(sansec_digests); i++) { + if (vendor_cap & sansec_digests[i].vendor_id) { + std_cap |= sansec_digests[i].std_id; + } + } + + return std_cap; +} + +static SDF_ALGOR_PAIR sansec_pkeys[] = { + { SGD_RSA,SANSEC_RSA }, + { SGD_RSA_SIGN,SANSEC_RSA_SIGN }, + { SGD_RSA_ENC,SANSEC_RSA_ENC }, + { SGD_SM2,SANSEC_SM2 }, + { SGD_SM2_1,SANSEC_SM2_1 }, + { SGD_SM2_2,SANSEC_SM2_2 }, + { SGD_SM2_3,SANSEC_SM2_3 }, +}; + +static unsigned int sansec_get_pkey_algor(unsigned int vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(sansec_pkeys); i++) { + if (vendor_id == sansec_pkeys[i].vendor_id) { + return sansec_pkeys[i].std_id; + } + } + return 0; +} + +static unsigned int sansec_get_pkey_cap(unsigned int vendor_cap) +{ + unsigned int std_cap = 0; + int i; + + for (i = 0; i < OSSL_NELEM(sansec_pkeys); i++) { + if (vendor_cap & sansec_pkeys[i].vendor_id) { + std_cap |= sansec_pkeys[i].std_id; + } + } + + return std_cap; +} + +static int sansec_encode_ecccipher(const ECCCipher *ec, void *vendor) +{ + int ret; + SANSEC_ECCCipher *sansec = vendor; + ret = sizeof(SANSEC_ECCCipher); + + if (ec->L > sizeof(sansec->C)) { + SDFerr(SDF_F_SANSEC_ENCODE_ECCCIPHER, + SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH); + return 0; + } + + if (vendor) { + sansec->clength = ec->L; + memcpy(sansec->x, ec->x, sizeof(ec->x)); + memcpy(sansec->y, ec->y, sizeof(ec->y)); + memcpy(sansec->M, ec->M, sizeof(ec->M)); + memset(sansec->M + sizeof(ec->M), 0, sizeof(sansec->M) - sizeof(ec->M)); + memcpy(sansec->C, ec->C, ec->L); + memset(sansec->C + ec->L, 0, sizeof(sansec->C) - ec->L); + } + + return ret; +} + +static int sansec_decode_ecccipher(ECCCipher *ec, const void *vendor) +{ + int ret; + const SANSEC_ECCCipher *sansec = vendor; + ret = sizeof(ECCCipher) -1 + sansec->clength; + + if (sansec->clength > sizeof(sansec->C)) { + SDFerr(SDF_F_SANSEC_DECODE_ECCCIPHER, + SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH); + return 0; + } + + if (ec) { + memcpy(ec->x, sansec->x, sizeof(ec->x)); + memcpy(ec->y, sansec->y, sizeof(ec->y)); + memcpy(ec->M, sansec->M, sizeof(ec->M)); + ec->L = sansec->clength; + memcpy(ec->C, sansec->C, sansec->clength); + } + + return ret; +} + +static SDF_ERR_REASON sansec_errors[] = { + { SANSEC_BASE, SDF_R_SANSEC_BASE }, + { SANSEC_INVALID_USER, SDF_R_SANSEC_INVALID_USER }, + { SANSEC_INVALID_AUTHENCODE, SDF_R_SANSEC_INVALID_AUTHENCODE }, + { SANSEC_PROTOCOL_VERSION_ERROR, SDF_R_SANSEC_PROTOCOL_VERSION_ERROR }, + { SANSEC_INVALID_COMMAND, SDF_R_SANSEC_INVALID_COMMAND }, + { SANSEC_INVALID_PARAMETERS, SDF_R_SANSEC_INVALID_PARAMETERS }, + { SANSEC_FILE_ALREADY_EXIST, SDF_R_SANSEC_FILE_ALREADY_EXIST }, + { SANSEC_SYNC_ERROR, SDF_R_SANSEC_SYNC_ERROR }, + { SANSEC_SYNC_LOGIN_ERROR, SDF_R_SANSEC_SYNC_LOGIN_ERROR }, + { SANSEC_SOCKET_TIMEOUT, SDF_R_SANSEC_SOCKET_TIMEOUT }, + { SANSEC_CONNECT_ERROR, SDF_R_SANSEC_CONNECT_ERROR }, + { SANSEC_SET_SOCKET_OPTION_ERROR, SDF_R_SANSEC_SET_SOCKET_OPTION_ERROR }, + { SANSEC_SOCKET_SEND_ERROR, SDF_R_SANSEC_SOCKET_SEND_ERROR }, + { SANSEC_SOCKET_RECV_ERROR, SDF_R_SANSEC_SOCKET_RECV_ERROR }, + { SANSEC_SOCKET_RECV_0, SDF_R_SANSEC_SOCKET_RECV_0 }, + { SANSEC_SEM_TIMEOUT, SDF_R_SANSEC_SEM_TIMEOUT }, + { SANSEC_NO_AVAILABLE_HSM, SDF_R_SANSEC_NO_AVAILABLE_HSM }, + { SANSEC_NO_AVAILABLE_CSM, SDF_R_SANSEC_NO_AVAILABLE_CSM }, + { SANSEC_CONFIG_ERROR, SDF_R_SANSEC_CONFIG_ERROR }, + { SANSEC_CARD_BASE, SDF_R_SANSEC_CARD_BASE }, + { SANSEC_CARD_UNKNOW_ERROR, SDF_R_SANSEC_CARD_UNKNOW_ERROR }, + { SANSEC_CARD_NOT_SUPPORTED, SDF_R_SANSEC_CARD_NOT_SUPPORTED }, + { SANSEC_CARD_COMMMUCATION_FAILED, SDF_R_SANSEC_CARD_COMMMUCATION_FAILED }, + { SANSEC_CARD_HARDWARE_FAILURE, SDF_R_SANSEC_CARD_HARDWARE_FAILURE }, + { SANSEC_CARD_OPEN_DEVICE_FAILED, SDF_R_SANSEC_CARD_OPEN_DEVICE_FAILED }, + { SANSEC_CARD_OPEN_SESSION_FAILED, SDF_R_SANSEC_CARD_OPEN_SESSION_FAILED }, + { SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED, SDF_R_SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED }, + { SANSEC_CARD_KEY_NOT_EXIST, SDF_R_SANSEC_CARD_KEY_NOT_EXIST }, + { SANSEC_CARD_ALGOR_NOT_SUPPORTED, SDF_R_SANSEC_CARD_ALGOR_NOT_SUPPORTED }, + { SANSEC_CARD_ALG_MODE_NOT_SUPPORTED, SDF_R_SANSEC_CARD_ALG_MODE_NOT_SUPPORTED }, + { SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR, SDF_R_SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR }, + { SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR, SDF_R_SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR }, + { SANSEC_CARD_SIGN_ERROR, SDF_R_SANSEC_CARD_SIGN_ERROR }, + { SANSEC_CARD_VERIFY_ERROR, SDF_R_SANSEC_CARD_VERIFY_ERROR }, + { SANSEC_CARD_SYMMETRIC_ALGOR_ERROR, SDF_R_SANSEC_CARD_SYMMETRIC_ALGOR_ERROR }, + { SANSEC_CARD_STEP_ERROR, SDF_R_SANSEC_CARD_STEP_ERROR }, + { SANSEC_CARD_FILE_SIZE_ERROR, SDF_R_SANSEC_CARD_FILE_SIZE_ERROR }, + { SANSEC_CARD_FILE_NOT_EXIST, SDF_R_SANSEC_CARD_FILE_NOT_EXIST }, + { SANSEC_CARD_FILE_OFFSET_ERROR, SDF_R_SANSEC_CARD_FILE_OFFSET_ERROR }, + { SANSEC_CARD_KEY_TYPE_ERROR, SDF_R_SANSEC_CARD_KEY_TYPE_ERROR }, + { SANSEC_CARD_KEY_ERROR, SDF_R_SANSEC_CARD_KEY_ERROR }, + { SANSEC_CARD_BUFFER_TOO_SMALL, SDF_R_SANSEC_CARD_BUFFER_TOO_SMALL }, + { SANSEC_CARD_DATA_PADDING_ERROR, SDF_R_SANSEC_CARD_DATA_PADDING_ERROR }, + { SANSEC_CARD_DATA_SIZE, SDF_R_SANSEC_CARD_DATA_SIZE }, + { SANSEC_CARD_CRYPTO_NOT_INITED, SDF_R_SANSEC_CARD_CRYPTO_NOT_INITED }, + { SANSEC_CARD_MANAGEMENT_DENYED, SDF_R_SANSEC_CARD_MANAGEMENT_DENYED }, + { SANSEC_CARD_OPERATION_DENYED, SDF_R_SANSEC_CARD_OPERATION_DENYED }, + { SANSEC_CARD_DEVICE_STATUS_ERROR, SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR }, + { SANSEC_CARD_LOGIN_ERROR, SDF_R_SANSEC_CARD_LOGIN_ERROR }, + { SANSEC_CARD_USERID_ERROR, SDF_R_SANSEC_CARD_USERID_ERROR }, + { SANSEC_CARD_PARAMENT_ERROR, SDF_R_SANSEC_CARD_PARAMENT_ERROR }, + { SANSEC_CARD_MANAGEMENT_DENYED_05, SDF_R_SANSEC_CARD_MANAGEMENT_DENYED_05 }, + { SANSEC_CARD_OPERATION_DENYED_05, SDF_R_SANSEC_CARD_OPERATION_DENYED_05 }, + { SANSEC_CARD_DEVICE_STATUS_ERROR_05, SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR_05 }, + { SANSEC_CARD_LOGIN_ERROR_05, SDF_R_SANSEC_CARD_LOGIN_ERROR_05 }, + { SANSEC_CARD_USERID_ERROR_05, SDF_R_SANSEC_CARD_USERID_ERROR_05 }, + { SANSEC_CARD_PARAMENT_ERROR_05, SDF_R_SANSEC_CARD_PARAMENT_ERROR_05 }, + { SANSEC_CARD_READER_BASE, SDF_R_SANSEC_CARD_READER_BASE }, + { SANSEC_CARD_READER_PIN_ERROR, SDF_R_SANSEC_CARD_READER_PIN_ERROR }, + { SANSEC_CARD_READER_NO_CARD, SDF_R_SANSEC_CARD_READER_NO_CARD }, + { SANSEC_CARD_READER_CARD_INSERT, SDF_R_SANSEC_CARD_READER_CARD_INSERT }, + { SANSEC_CARD_READER_CARD_INSERT_TYPE, SDF_R_SANSEC_CARD_READER_CARD_INSERT_TYPE }, +}; + +static unsigned long sansec_get_error_reason(int err) +{ + int i = 0; + for (i = 0; i < OSSL_NELEM(sansec_errors); i++) { + if (err == sansec_errors[i].err) { + return sansec_errors[i].reason; + } + } + return 0; +} + +SDF_VENDOR sdf_sansec = { + "sansec", + sansec_get_cipher_algor, + sansec_get_cipher_cap, + sansec_get_digest_algor, + sansec_get_digest_cap, + sansec_get_pkey_algor, + sansec_get_pkey_cap, + sansec_encode_ecccipher, + sansec_decode_ecccipher, + sansec_get_error_reason, +}; diff --git a/crypto/sdf/sdf_sansec.h b/crypto/sdf/sdf_sansec.h new file mode 100644 index 00000000..0d86db8b --- /dev/null +++ b/crypto/sdf/sdf_sansec.h @@ -0,0 +1,192 @@ +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +#ifndef HEADER_SDF_SANSEC_H +#define HEADER_SDF_SANSEC_H + +#include + +#define SANSEC_SM1 (SGD_SM1) +#define SANSEC_SM1_ECB (SANSEC_SM1|SGD_ECB) +#define SANSEC_SM1_CBC (SANSEC_SM1|SGD_CBC) +#define SANSEC_SM1_CFB (SANSEC_SM1|SGD_CFB) +#define SANSEC_SM1_OFB (SANSEC_SM1|SGD_OFB) +#define SANSEC_SM1_MAC (SANSEC_SM1|SGD_MAC) + +#define SANSEC_SM4 0x00002000 +#define SANSEC_SM4_ECB (SANSEC_SM4|SGD_ECB) +#define SANSEC_SM4_CBC (SANSEC_SM4|SGD_CBC) +#define SANSEC_SM4_CFB (SANSEC_SM4|SGD_CFB) +#define SANSEC_SM4_OFB (SANSEC_SM4|SGD_OFB) +#define SANSEC_SM4_MAC (SANSEC_SM4|SGD_MAC) + +#define SANSEC_SSF33 (SGD_SSF33) +#define SANSEC_SSF33_ECB (SANSEC_SSF33|SGD_ECB) +#define SANSEC_SSF33_CBC (SANSEC_SSF33|SGD_CBC) +#define SANSEC_SSF33_CFB (SANSEC_SSF33|SGD_CFB) +#define SANSEC_SSF33_OFB (SANSEC_SSF33|SGD_OFB) +#define SANSEC_SSF33_MAC (SANSEC_SSF33|SGD_MAC) + +#define SANSEC_AES 0x00000400 +#define SANSEC_AES_ECB (SANSEC_AES|SGD_ECB) +#define SANSEC_AES_CBC (SANSEC_AES|SGD_CBC) +#define SANSEC_AES_CFB (SANSEC_AES|SGD_CFB) +#define SANSEC_AES_OFB (SANSEC_AES|SGD_OFB) +#define SANSEC_AES_MAC (SANSEC_AES|SGD_MAC) + +#define SANSEC_DES 0x00004000 +#define SANSEC_DES_ECB (SANSEC_DES|SGD_ECB) +#define SANSEC_DES_CBC (SANSEC_DES|SGD_CBC) +#define SANSEC_DES_CFB (SANSEC_DES|SGD_CFB) +#define SANSEC_DES_OFB (SANSEC_DES|SGD_OFB) +#define SANSEC_DES_MAC (SANSEC_DES|SGD_MAC) + +#define SANSEC_3DES 0x00000800 +#define SANSEC_3DES_ECB (SANSEC_3DES|SGD_ECB) +#define SANSEC_3DES_CBC (SANSEC_3DES|SGD_CBC) +#define SANSEC_3DES_CFB (SANSEC_3DES|SGD_CFB) +#define SANSEC_3DES_OFB (SANSEC_3DES|SGD_OFB) +#define SANSEC_3DES_MAC (SANSEC_3DES|SGD_MAC) + +#define SANSEC_SM3 (SGD_SM3) +#define SANSEC_SHA1 (SGD_SHA1) +#define SANSEC_SHA256 (SGD_SHA256) +#define SANSEC_SHA512 0x00000008 +#define SANSEC_SHA384 0x00000010 +#define SANSEC_SHA224 0x00000020 +#define SANSEC_MD5 0x00000080 + +#define SANSEC_RSA (SGD_RSA) +#define SANSEC_RSA_SIGN (SGD_RSA_SIGN) +#define SANSEC_RSA_ENC 0x00010200 +#define SANSEC_SM2 (SGD_SM2) +#define SANSEC_SM2_1 (SGD_SM2_1) +#define SANSEC_SM2_2 (SGD_SM2_2) +#define SANSEC_SM2_3 (SGD_SM2_3) + +#define SANSEC_BASE (SDR_BASE + 0x00010000) +#define SANSEC_INVALID_USER (SANSEC_BASE + 0x00000001) +#define SANSEC_INVALID_AUTHENCODE (SANSEC_BASE + 0x00000002) +#define SANSEC_PROTOCOL_VERSION_ERROR (SANSEC_BASE + 0x00000003) +#define SANSEC_INVALID_COMMAND (SANSEC_BASE + 0x00000004) +#define SANSEC_INVALID_PARAMETERS (SANSEC_BASE + 0x00000005) +#define SANSEC_FILE_ALREADY_EXIST (SANSEC_BASE + 0x00000006) +#define SANSEC_SYNC_ERROR (SANSEC_BASE + 0x00000007) +#define SANSEC_SYNC_LOGIN_ERROR (SANSEC_BASE + 0x00000008) +#define SANSEC_SOCKET_TIMEOUT (SANSEC_BASE + 0x00000100) +#define SANSEC_CONNECT_ERROR (SANSEC_BASE + 0x00000101) +#define SANSEC_SET_SOCKET_OPTION_ERROR (SANSEC_BASE + 0x00000102) +#define SANSEC_SOCKET_SEND_ERROR (SANSEC_BASE + 0x00000104) +#define SANSEC_SOCKET_RECV_ERROR (SANSEC_BASE + 0x00000105) +#define SANSEC_SOCKET_RECV_0 (SANSEC_BASE + 0x00000106) +#define SANSEC_SEM_TIMEOUT (SANSEC_BASE + 0x00000200) +#define SANSEC_NO_AVAILABLE_HSM (SANSEC_BASE + 0x00000201) +#define SANSEC_NO_AVAILABLE_CSM (SANSEC_BASE + 0x00000202) +#define SANSEC_CONFIG_ERROR (SANSEC_BASE + 0x00000301) +#define SANSEC_CARD_BASE (SDR_BASE + 0x00020000) +#define SANSEC_CARD_UNKNOW_ERROR (SANSEC_CARD_BASE + 0x00000001) +#define SANSEC_CARD_NOT_SUPPORTED (SANSEC_CARD_BASE + 0x00000002) +#define SANSEC_CARD_COMMMUCATION_FAILED (SANSEC_CARD_BASE + 0x00000003) +#define SANSEC_CARD_HARDWARE_FAILURE (SANSEC_CARD_BASE + 0x00000004) +#define SANSEC_CARD_OPEN_DEVICE_FAILED (SANSEC_CARD_BASE + 0x00000005) +#define SANSEC_CARD_OPEN_SESSION_FAILED (SANSEC_CARD_BASE + 0x00000006) +#define SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED (SANSEC_CARD_BASE + 0x00000007) +#define SANSEC_CARD_KEY_NOT_EXIST (SANSEC_CARD_BASE + 0x00000008) +#define SANSEC_CARD_ALGOR_NOT_SUPPORTED (SANSEC_CARD_BASE + 0x00000009) +#define SANSEC_CARD_ALG_MODE_NOT_SUPPORTED (SANSEC_CARD_BASE + 0x00000010) +#define SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR (SANSEC_CARD_BASE + 0x00000011) +#define SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR (SANSEC_CARD_BASE + 0x00000012) +#define SANSEC_CARD_SIGN_ERROR (SANSEC_CARD_BASE + 0x00000013) +#define SANSEC_CARD_VERIFY_ERROR (SANSEC_CARD_BASE + 0x00000014) +#define SANSEC_CARD_SYMMETRIC_ALGOR_ERROR (SANSEC_CARD_BASE + 0x00000015) +#define SANSEC_CARD_STEP_ERROR (SANSEC_CARD_BASE + 0x00000016) +#define SANSEC_CARD_FILE_SIZE_ERROR (SANSEC_CARD_BASE + 0x00000017) +#define SANSEC_CARD_FILE_NOT_EXIST (SANSEC_CARD_BASE + 0x00000018) +#define SANSEC_CARD_FILE_OFFSET_ERROR (SANSEC_CARD_BASE + 0x00000019) +#define SANSEC_CARD_KEY_TYPE_ERROR (SANSEC_CARD_BASE + 0x00000020) +#define SANSEC_CARD_KEY_ERROR (SANSEC_CARD_BASE + 0x00000021) +#define SANSEC_CARD_BUFFER_TOO_SMALL (SANSEC_CARD_BASE + 0x00000101) +#define SANSEC_CARD_DATA_PADDING_ERROR (SANSEC_CARD_BASE + 0x00000102) +#define SANSEC_CARD_DATA_SIZE (SANSEC_CARD_BASE + 0x00000103) +#define SANSEC_CARD_CRYPTO_NOT_INITED (SANSEC_CARD_BASE + 0x00000104) +#define SANSEC_CARD_MANAGEMENT_DENYED (SANSEC_CARD_BASE + 0x00001001) +#define SANSEC_CARD_OPERATION_DENYED (SANSEC_CARD_BASE + 0x00001002) +#define SANSEC_CARD_DEVICE_STATUS_ERROR (SANSEC_CARD_BASE + 0x00001003) +#define SANSEC_CARD_LOGIN_ERROR (SANSEC_CARD_BASE + 0x00001011) +#define SANSEC_CARD_USERID_ERROR (SANSEC_CARD_BASE + 0x00001012) +#define SANSEC_CARD_PARAMENT_ERROR (SANSEC_CARD_BASE + 0x00001013) +#define SANSEC_CARD_MANAGEMENT_DENYED_05 (SANSEC_CARD_BASE + 0x00000801) +#define SANSEC_CARD_OPERATION_DENYED_05 (SANSEC_CARD_BASE + 0x00000802) +#define SANSEC_CARD_DEVICE_STATUS_ERROR_05 (SANSEC_CARD_BASE + 0x00000803) +#define SANSEC_CARD_LOGIN_ERROR_05 (SANSEC_CARD_BASE + 0x00000811) +#define SANSEC_CARD_USERID_ERROR_05 (SANSEC_CARD_BASE + 0x00000812) +#define SANSEC_CARD_PARAMENT_ERROR_05 (SANSEC_CARD_BASE + 0x00000813) +#define SANSEC_CARD_READER_BASE (SDR_BASE + 0x00030000) +#define SANSEC_CARD_READER_PIN_ERROR (SANSEC_CARD_READER_BASE + 0x000063CE) +#define SANSEC_CARD_READER_NO_CARD (SANSEC_CARD_READER_BASE + 0x0000FF01) +#define SANSEC_CARD_READER_CARD_INSERT (SANSEC_CARD_READER_BASE + 0x0000FF02) +#define SANSEC_CARD_READER_CARD_INSERT_TYPE (SANSEC_CARD_READER_BASE + 0x0000FF03) + +#ifdef __cplusplus +extern "C" { +#endif + +#pragma pack(1) +typedef struct { + unsigned int clength; + unsigned char x[ECCref_MAX_LEN]; + unsigned char y[ECCref_MAX_LEN]; + unsigned char C[136]; + unsigned char M[ECCref_MAX_LEN]; +} SANSEC_ECCCipher; +#pragma pack() + +#ifdef __cplusplus +} +#endif +#endif diff --git a/crypto/serpent/build.info b/crypto/serpent/build.info old mode 100644 new mode 100755 diff --git a/crypto/serpent/serpent.c b/crypto/serpent/serpent.c old mode 100644 new mode 100755 diff --git a/crypto/serpent/serpent_locl.h b/crypto/serpent/serpent_locl.h old mode 100644 new mode 100755 diff --git a/crypto/sha3/COMMEN/align.h b/crypto/sha3/COMMEN/align.h new file mode 100644 index 00000000..9744a007 --- /dev/null +++ b/crypto/sha3/COMMEN/align.h @@ -0,0 +1,18 @@ +#ifndef _align_h_ +#define _align_h_ + +#ifdef ALIGN +#undef ALIGN +#endif + +#if defined(__GNUC__) +#define ALIGN(x) __attribute__ ((aligned(x))) +#elif defined(_MSC_VER) +#define ALIGN(x) __declspec(align(x)) +#elif defined(__ARMCC_VERSION) +#define ALIGN(x) __align(x) +#else +#define ALIGN(x) +#endif + +#endif diff --git a/crypto/simon/build.info b/crypto/simon/build.info deleted file mode 100644 index aa3a93f9..00000000 --- a/crypto/simon/build.info +++ /dev/null @@ -1,2 +0,0 @@ -LIBS=../../libcrypto -SOURCE[../../libcrypto]=simon.c diff --git a/crypto/simon/simon.c b/crypto/simon/simon.c deleted file mode 100644 index f17ea5a7..00000000 --- a/crypto/simon/simon.c +++ /dev/null @@ -1,461 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include -#include -#include -#include -#include - -// Cipher Operation Macros -#define shift_one ((x_word << 1) | (x_word >> (word_size - 1))) -#define shift_eight ((x_word << 8) | (x_word >> (word_size - 8))) -#define shift_two ((x_word << 2) | (x_word >> (word_size - 2))) -#define rshift_three(x) (x >> 3) |((x & 0x7) << (word_size - 3)) -#define rshift_one(x) (x >> 1) |((x & 0x1) << (word_size - 1)) - -uint64_t z_arrays[5] = {0b0001100111000011010100100010111110110011100001101010010001011111, - 0b0001011010000110010011111011100010101101000011001001111101110001, - 0b0011001101101001111110001000010100011001001011000000111011110101, - 0b0011110000101100111001010001001000000111101001100011010111011011, - 0b0011110111001001010011000011101000000100011011010110011110001011}; - -// Valid Cipher Parameters -const uint8_t simon_rounds[] = {32, 36, 36, 42, 44, 52, 54, 68, 69, 72}; -const uint8_t simon_block_sizes[] = {32, 48, 48, 64, 64, 96, 96, 128, 128, 128}; -const uint16_t simon_key_sizes[] = {64, 72, 96, 96, 128, 96, 144, 128, 192, 256}; -const uint8_t z_assign[] = {0, 0, 1, 2, 3, 2, 3, 2, 3, 4}; - -uint8_t simon_init(simon_cipher *cipher_object, enum simon_cipher_config_t cipher_cfg, enum mode_t c_mode, void *key, uint8_t *iv, uint8_t *counter) { - - if (cipher_cfg > Simon_256_128 || cipher_cfg < Simon_64_32){ - return -1; - } - - cipher_object->block_size = simon_block_sizes[cipher_cfg]; - cipher_object->key_size = simon_key_sizes[cipher_cfg]; - cipher_object->round_limit = simon_rounds[cipher_cfg]; - cipher_object->cipher_cfg = cipher_cfg; - cipher_object->z_seq = z_assign[cipher_cfg]; - uint8_t word_size = simon_block_sizes[cipher_cfg] >> 1; - uint8_t word_bytes = word_size >> 3; - uint8_t key_words = simon_key_sizes[cipher_cfg] / word_size; - uint64_t sub_keys[4] = {}; - uint64_t mod_mask = ULLONG_MAX >> (64 - word_size); - - - // Setup - int i, j; - for(i = 0; i < key_words; i++) { - memcpy(&sub_keys[i], key + (word_bytes * i), word_bytes); - } - - uint64_t tmp1,tmp2; - uint64_t c = 0xFFFFFFFFFFFFFFFC; - - // Store First Key Schedule Entry - memcpy(cipher_object->key_schedule, &sub_keys[0], word_bytes); - - for(i = 0; i < simon_rounds[cipher_cfg] - 1; i++){ - tmp1 = rshift_three(sub_keys[key_words - 1]); - - if(key_words == 4) { - tmp1 ^= sub_keys[1]; - } - - tmp2 = rshift_one(tmp1); - tmp1 ^= sub_keys[0]; - tmp1 ^= tmp2; - - tmp2 = c ^ ((z_arrays[cipher_object->z_seq] >> (i % 62)) & 1); - - tmp1 ^= tmp2; - - // Shift Sub Words - for(j = 0; j < (key_words - 1); j++){ - sub_keys[j] = sub_keys[j+1]; - } - sub_keys[key_words - 1] = tmp1 & mod_mask; - - // Append sub key to key schedule - memcpy(cipher_object->key_schedule + (word_bytes * (i+1)), &sub_keys[0], word_bytes); - } - - return 0; -} - - -uint8_t simon_encrypt(simon_cipher cipher_object, void *plaintext, void *ciphertext) { - - if (cipher_object.cipher_cfg == simon_64_32) { - simon_encrypt32(cipher_object.key_schedule, plaintext, ciphertext); - } - - else if(cipher_object.cipher_cfg <= simon_96_48) { - simon_encrypt48(cipher_object.round_limit, cipher_object.key_schedule, plaintext, ciphertext); - } - - else if(cipher_object.cipher_cfg <= simon_128_64) { - simon_encrypt64(cipher_object.round_limit, cipher_object.key_schedule, plaintext, ciphertext); - } - - else if(cipher_object.cipher_cfg <= simon_144_96) { - simon_encrypt96(cipher_object.round_limit, cipher_object.key_schedule, plaintext, ciphertext); - } - - else if(cipher_object.cipher_cfg <= simon_256_128) { - simon_encrypt128(cipher_object.round_limit, cipher_object.key_schedule, plaintext, ciphertext); - } - - else return -1; - - return 0; -} - -void simon_encrypt32(uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext) { - - const uint8_t word_size = 16; - uint16_t y_word = *(uint16_t *)plaintext; - uint16_t x_word = *(((uint16_t *)plaintext) + 1); - uint16_t *round_key_ptr = (uint16_t *)key_schedule; - uint16_t * word_ptr = (uint16_t *)ciphertext; - - - uint8_t i; - - for(i = 0; i < 32; i++) { // Block size 32 has only one round number option - - // Shift, AND , XOR ops - uint16_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Ciphertext Output Array - *word_ptr = y_word; - *(word_ptr + 1) = x_word; -} - -void simon_encrypt48(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext) { - - const uint8_t word_size = 24; - - bword_24 intrd = *(bword_24 *)plaintext; - uint32_t y_word = intrd.data; - intrd = *((bword_24 *)(plaintext+3)); - uint32_t x_word = intrd.data; - - uint8_t i; - for(i = 0; i < round_limit; i++) { // Block size 32 has only one round number option - - // Shift, AND , XOR ops - uint32_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = (temp ^ (*((bword_24 *)(key_schedule + (i*3)))).data) & 0xFFFFFF; - } - // Assemble Ciphertext Output Array - intrd.data = y_word; - bword_24 * intrd_ptr = (bword_24 *)ciphertext; - *intrd_ptr = intrd; - - intrd.data = x_word; - intrd_ptr = (bword_24 *)(ciphertext + 3); - *intrd_ptr = intrd; -} - -void simon_encrypt64(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext) { - - const uint8_t word_size = 32; - uint32_t y_word = *(uint32_t *)plaintext; - uint32_t x_word = *(((uint32_t *)plaintext) + 1); - uint32_t *round_key_ptr = (uint32_t *)key_schedule; - uint32_t *word_ptr = (uint32_t *)ciphertext; - - uint8_t i; - for(i = 0; i < round_limit; i++) { // Block size 32 has only one round number option - - // Shift, AND , XOR ops - uint32_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Ciphertext Output Array - *word_ptr = y_word; - *(word_ptr + 1) = x_word; -} - -void simon_encrypt96(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext) { - - const uint8_t word_size = 48; - - bword_48 intrd = *(bword_48 *)plaintext; - uint64_t y_word = intrd.data; - intrd = *((bword_48 *)(plaintext+6)); - uint64_t x_word = intrd.data; - - uint8_t i; - for(i = 0; i < round_limit; i++) { - - // Shift, AND , XOR ops - uint64_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = (temp ^ (*((bword_48 *)(key_schedule + (i*6)))).data) & 0xFFFFFFFFFFFF; - } - // Assemble Ciphertext Output Array - intrd.data = y_word; - bword_48 * intrd_ptr = (bword_48 *)ciphertext; - *intrd_ptr = intrd; - - intrd.data = x_word; - intrd_ptr = (bword_48 *)(ciphertext + 6); - *intrd_ptr = intrd; - -} - -void simon_encrypt128(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext) { - - const uint8_t word_size = 64; - uint64_t y_word = *(uint64_t *)plaintext; - uint64_t x_word = *(((uint64_t *)plaintext) + 1); - uint64_t *round_key_ptr = (uint64_t *)key_schedule; - uint64_t *word_ptr = (uint64_t *)ciphertext; - - uint8_t i; - for(i = 0; i < round_limit; i++) { // Block size 32 has only one round number option - - // Shift, AND , XOR ops - uint64_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Ciphertext Output Array - *word_ptr = y_word; - *(word_ptr + 1) = x_word; -} - -uint8_t simon_decrypt(simon_cipher cipher_object, void *ciphertext, void *plaintext) { - - if (cipher_object.cipher_cfg == simon_64_32) { - simon_decrypt32(cipher_object.key_schedule, ciphertext, plaintext); - } - - else if(cipher_object.cipher_cfg <= simon_96_48) { - simon_decrypt48(cipher_object.round_limit, cipher_object.key_schedule, ciphertext, plaintext); - } - - else if(cipher_object.cipher_cfg <= simon_128_64) { - simon_decrypt64(cipher_object.round_limit, cipher_object.key_schedule, ciphertext, plaintext); - } - - else if(cipher_object.cipher_cfg <= simon_144_96) { - simon_decrypt96(cipher_object.round_limit, cipher_object.key_schedule, ciphertext, plaintext); - } - - else if(cipher_object.cipher_cfg <= simon_256_128) { - simon_decrypt128(cipher_object.round_limit, cipher_object.key_schedule, ciphertext, plaintext); - } - - else return -1; - - return 0; -} - -void simon_decrypt32(uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext) { - - const uint8_t word_size = 16; - uint16_t x_word = *(uint16_t *)ciphertext; - uint16_t y_word = *(((uint16_t *)ciphertext) + 1); - uint16_t *round_key_ptr = (uint16_t *)key_schedule; - uint16_t * word_ptr = (uint16_t *)plaintext; - - int8_t i; - for(i = 31; i >= 0; i--) { // Block size 32 has only one round number option - - // Shift, AND , XOR ops - uint16_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Plaintext Output Array - *word_ptr = x_word; - *(word_ptr + 1) = y_word; - return; -} - -void simon_decrypt48(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext){ - const uint8_t word_size = 24; - - bword_24 intrd = *(bword_24 *)ciphertext; - uint32_t x_word = intrd.data; - intrd = *((bword_24 *)(ciphertext+3)); - uint32_t y_word = intrd.data; - - int8_t i; - for(i = round_limit -1 ; i >= 0; i--) { - - // Shift, AND , XOR ops - uint32_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = (temp ^ (*((bword_24 *)(key_schedule + (i*3)))).data) & 0xFFFFFF; - } - // Assemble plaintext Output Array - intrd.data = x_word; - bword_24 * intrd_ptr = (bword_24 *)plaintext; - *intrd_ptr = intrd; - - intrd.data = y_word; - intrd_ptr = (bword_24 *)(plaintext + 3); - *intrd_ptr = intrd; - return; -} -void simon_decrypt64(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext){ - const uint8_t word_size = 32; - uint32_t x_word = *(uint32_t *)ciphertext; - uint32_t y_word = *(((uint32_t *)ciphertext) + 1); - uint32_t *round_key_ptr = (uint32_t *)key_schedule; - uint32_t *word_ptr = (uint32_t *)plaintext; - - int8_t i; - for(i = round_limit -1 ; i >= 0; i--) { - - // Shift, AND , XOR ops - uint32_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Plaintext Output Array - *word_ptr = x_word; - *(word_ptr + 1) = y_word; - return; -} -void simon_decrypt96(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext){ - const uint8_t word_size = 48; - bword_48 intrd = *(bword_48 *)ciphertext; - uint64_t x_word = intrd.data; - intrd = *((bword_48 *)(ciphertext+6)); - uint64_t y_word = intrd.data; - - int8_t i; - for(i = round_limit - 1; i >= 0; i--) { - - // Shift, AND , XOR ops - uint64_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = (temp ^ (*((bword_48 *)(key_schedule + (i*6)))).data) & 0xFFFFFFFFFFFF; - } - // Assemble Plaintext Output Array - intrd.data = x_word; - bword_48 * intrd_ptr = (bword_48 *)plaintext; - *intrd_ptr = intrd; - - intrd.data = y_word; - intrd_ptr = (bword_48 *)(plaintext + 6); - *intrd_ptr = intrd; - return; -} -void simon_decrypt128(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext){ - const uint8_t word_size = 64; - uint64_t x_word = *(uint64_t *)ciphertext; - uint64_t y_word = *(((uint64_t *)ciphertext) + 1); - uint64_t *round_key_ptr = (uint64_t *)key_schedule; - uint64_t *word_ptr = (uint64_t *)plaintext; - - int8_t i; - for(i = round_limit - 1; i >=0; i--) { - - // Shift, AND , XOR ops - uint64_t temp = (shift_one & shift_eight) ^ y_word ^ shift_two; - - // Feistel Cross - y_word = x_word; - - // XOR with Round Key - x_word = temp ^ *(round_key_ptr + i); - } - // Assemble Plaintext Output Array - *word_ptr = x_word; - *(word_ptr + 1) = y_word; - return; -} diff --git a/crypto/skf/build.info b/crypto/skf/build.info index 4be1588f..94405fd5 100644 --- a/crypto/skf/build.info +++ b/crypto/skf/build.info @@ -1,2 +1,2 @@ LIBS=../../libcrypto -SOURCE[../../libcrypto]=skf_err.c skf_lib.c skf_meth.c +SOURCE[../../libcrypto]=skf_err.c skf_lib.c skf_meth.c skf_ext.c skf_wisec.c diff --git a/crypto/skf/skf_dummy.c b/crypto/skf/skf_dummy.c deleted file mode 100644 index 8cb0a4e5..00000000 --- a/crypto/skf/skf_dummy.c +++ /dev/null @@ -1,972 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include - -static char *hDeviceHandle = "hDeviceHandle"; -static char *hApplication = "hApplication"; -static char *hContainer = "hContainer"; -static char *hAgreementHandle = "AgreementHandle"; -static char *hKeyHandle = "KeyHandle"; -static char *hHashHandle = "HashHandle"; -static char *hMacHandle = "MacHandle"; - -ULONG DEVAPI SKF_WaitForDevEvent( - LPSTR szDevName, - ULONG *pulDevNameLen, - ULONG *pulEvent) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_CancelWaitForDevEvent( - void) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_EnumDev(BOOL bPresent, - LPSTR szNameList, - ULONG *pulSize) -{ - char *dev_list = "dev1\0dev2\0"; - if (!szNameList || !pulSize) { - return SAR_INVALIDPARAMERR; - } - strcpy((char *)szNameList, dev_list); - *pulSize = sizeof(dev_list); - return SAR_OK; -} - -ULONG DEVAPI SKF_ConnectDev( - LPSTR szName, - DEVHANDLE *phDev) -{ - if (!phDev) { - return SAR_INVALIDPARAMERR; - } - *phDev = hDeviceHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_DisConnectDev( - DEVHANDLE hDev) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_GetDevState( - LPSTR szDevName, - ULONG *pulDevState) -{ - *pulDevState = 0; - return SAR_OK; -} - -ULONG DEVAPI SKF_SetLabel( - DEVHANDLE hDev, - LPSTR szLabel) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_GetDevInfo( - DEVHANDLE hDev, - DEVINFO *pDevInfo) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_GetDevInfo(DEVHANDLE hDev, - DEVINFO *pDevInfo) -{ - DEVINFO devInfo; - - if (!pDevInfo) { - SKFerr(SKF_F_SKF_GETDEVINFO, SKF_R_NULL_ARGUMENT); - return SAR_INVALIDPARAMERR; - } - - memset(&devInfo, 0, sizeof(devInfo)); - devInfo.Version.major = 1; - devInfo.Version.minor = 0; - strcpy((char *)&devInfo.Manufacturer, "GmSSL Project (http://gmssl.org)"); - strcpy((char *)&devInfo.Issuer, "GmSSL Project (http://gmssl.org)"); - strcpy((char *)&devInfo.Label, "SKF Softotken"); - strcpy((char *)&devInfo.SerialNumber, "1"); - devInfo.HWVersion.major = 1; - devInfo.HWVersion.minor = 0; - devInfo.FirmwareVersion.major = 1; - devInfo.FirmwareVersion.minor = 0; - devInfo.AlgSymCap = 0x0000041F; - devInfo.AlgAsymCap = 0x00030700; - devInfo.AlgHashCap = 0x00000007; - devInfo.DevAuthAlgId = SGD_SM4_CBC; - devInfo.TotalSpace = 0; - devInfo.FreeSpace = 0; - devInfo.MaxECCBufferSize = 0; /* FIXME: max inlen of ECC encrypt */ - devInfo.MaxBufferSize = 0; /* FIXME: max inlen of SM4 encrypt */ - - memcpy(pDevInfo, &devInfo, sizeof(DEVINFO)); - return SAR_OK; -} - -ULONG DEVAPI SKF_LockDev( - DEVHANDLE hDev, - ULONG ulTimeOut) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_UnlockDev( - DEVHANDLE hDev) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_Transmit( - DEVHANDLE hDev, - BYTE *pbCommand, - ULONG ulCommandLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (!pbData || !pulDataLen) { - return SAR_INVALIDPARAMERR; - } - memcpy(pbData, pbCommand, ulCommandLen); - *pulDataLen = ulCommandLen; - return SAR_OK; -} - -ULONG DEVAPI SKF_ChangeDevAuthKey( - DEVHANDLE hDev, - BYTE *pbKeyValue, - ULONG ulKeyLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_DevAuth( - DEVHANDLE hDev, - BYTE *pbAuthData, - ULONG ulLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ChangePIN( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szOldPin, - LPSTR szNewPin, - ULONG *pulRetryCount) -{ - if (!pulRetryCount) { - return SAR_INVALIDPARAMERR; - } - *pulRetryCount = 100; - return SAR_OK; -} - -LONG DEVAPI SKF_GetPINInfo( - HAPPLICATION hApplication, - ULONG ulPINType, - ULONG *pulMaxRetryCount, - ULONG *pulRemainRetryCount, - BOOL *pbDefaultPin) -{ - if (!pulMaxRetryCount || !pulRemainRetryCount || !pbDefaultPin) { - return SAR_INVALIDPARAMERR; - } - *pulMaxRetryCount = 100; - *pulRemainRetryCount = 100; - *pbDefaultPin = 0; - return SAR_OK; -} - -ULONG DEVAPI SKF_VerifyPIN( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szPIN, - ULONG *pulRetryCount) -{ - if (!pulRetryCount) { - return SAR_INVALIDPARAMERR; - } - *pulRetryCount = 100; - return SAR_OK; -} - -ULONG DEVAPI SKF_UnblockPIN( - HAPPLICATION hApplication, - LPSTR szAdminPIN, - LPSTR szNewUserPIN, - ULONG *pulRetryCount) -{ - if (!pulRetryCount) { - return SAR_INVALIDPARAMERR; - } - *pulRetryCount = 100; - return SAR_OK; -} - -ULONG DEVAPI SKF_ClearSecureState( - HAPPLICATION hApplication) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_CreateApplication( - DEVHANDLE hDev, - LPSTR szAppName, - LPSTR szAdminPin, - DWORD dwAdminPinRetryCount, - LPSTR szUserPin, - DWORD dwUserPinRetryCount, - DWORD dwCreateFileRights, - HAPPLICATION *phApplication) -{ - if (!phApplication) { - return SAR_INVALIDPARAMERR; - } - *phApplication = hApplication; - return SAR_OK; -} - -ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev, - LPSTR szAppName, - ULONG *pulSize) -{ - char *app_list = "app1\0app2\0"; - if (!szAppName || !pulSize) { - return SAR_INVALIDPARAMERR; - } - strcpy((char *)szAppName, app_list); - *pulSize = strlen(app_list); - return SAR_OK; -} - -ULONG DEVAPI SKF_DeleteApplication( - DEVHANDLE hDev, - LPSTR szAppName) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_OpenApplication( - DEVHANDLE hDev, - LPSTR szAppName, - HAPPLICATION *phApplication) -{ - if (!phApplication) { - return SAR_INVALIDPARAMERR; - } - *phApplication = hApplication; - return SAR_OK; -} - -ULONG DEVAPI SKF_CloseApplication( - HAPPLICATION hApplication) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_CreateFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulFileSize, - ULONG ulReadRights, - ULONG ulWriteRights) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_DeleteFile( - HAPPLICATION hApplication, - LPSTR szFileName) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_EnumFiles( - HAPPLICATION hApplication, - LPSTR szFileList, - ULONG *pulSize) -{ - char *file_list = "file1.txt\0file2.txt\0"; - if (!pulSize) { - return SAR_INVALIDPARAMERR; - } - strcpy((char *)szFileList, file_list); - *pulSize = strlen(file_list); - return SAR_OK; -} - -ULONG DEVAPI SKF_GetFileInfo( - HAPPLICATION hApplication, - LPSTR szFileName, - FILEATTRIBUTE *pFileInfo) -{ - if (!pFileInfo) { - return SAR_INVALIDPARAMERR; - } - //TODO: set pFileInfo; - return SAR_OK; -} - -ULONG DEVAPI SKF_ReadFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - ULONG ulSize, - BYTE *pbOutData, - ULONG *pulOutLen) -{ - if (!pbOutData || !pulOutLen) { - return SAR_INVALIDPARAMERR; - } - *pulOutLen = ulSize; - return SAR_OK; -} - -ULONG DEVAPI SKF_WriteFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - BYTE *pbData, - ULONG ulSize) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_CreateContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer) -{ - if (!phContainer) { - return SAR_INVALIDPARAMERR; - } - *phContainer = hContainer; - return SAR_OK; -} - -ULONG DEVAPI SKF_DeleteContainer( - HAPPLICATION hApplication, - LPSTR szContainerName) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_EnumContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - ULONG *pulSize) -{ - char *cont_list = "container1\0container2\0"; - if (!szContainerName || !pulSize) { - return SAR_INVALIDPARAMERR; - } - strcpy((char *)szContainerName, cont_list); - *pulSize = strlen(cont_list); - return SAR_OK; -} - -ULONG DEVAPI SKF_OpenContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer) -{ - if (!phContainer) { - return SAR_INVALIDPARAMERR; - } - *phContainer = hContainer; - return SAR_OK; -} - -ULONG DEVAPI SKF_CloseContainer( - HCONTAINER hContainer) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_GetContainerType( - HCONTAINER hContainer, - ULONG *pulContainerType) -{ - if (!pulContainerType) { - return SAR_INVALIDPARAMERR; - } - *pulContainerType = 0; - return SAR_OK; -} - -ULONG DEVAPI SKF_ImportCertificate( - HCONTAINER hContainer, - BOOL bExportSignKey, - BYTE *pbCert, - ULONG ulCertLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ExportCertificate( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbCert, - ULONG *pulCertLen) -{ - if (!pbCert || !pulCertLen) { - return SAR_INVALIDPARAMERR; - } - memset(pbCert, 'c', 512); - *pulCertLen = 512; - return SAR_OK; -} - -ULONG DEVAPI SKF_ExportPublicKey( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbBlob, - ULONG *pulBlobLen) -{ - if (!pbBlob || !pulBlobLen) { - return SAR_INVALIDPARAMERR; - } - *pulBlobLen = 1024; - return SAR_OK; -} - -ULONG DEVAPI SKF_GenRandom( - DEVHANDLE hDev, - BYTE *pbRandom, - ULONG ulRandomLen) -{ - if (!pbRandom) { - return SAR_INVALIDPARAMERR; - } - memset(pbRandom, 'r', ulRandomLen); - return SAR_OK; -} - -ULONG DEVAPI SKF_GenExtRSAKey( - DEVHANDLE hDev, - ULONG ulBitsLen, - RSAPRIVATEKEYBLOB *pBlob) -{ - if (!pBlob) { - return SAR_INVALIDPARAMERR; - } - return SAR_OK; -} - -ULONG DEVAPI SKF_GenRSAKeyPair( - HCONTAINER hContainer, - ULONG ulBitsLen, - RSAPUBLICKEYBLOB *pBlob) -{ - if (!pBlob) { - return SAR_INVALIDPARAMERR; - } - return SAR_OK; -} - -ULONG DEVAPI SKF_ImportRSAKeyPair( - HCONTAINER hContainer, - ULONG ulSymAlgId, - BYTE *pbWrappedKey, - ULONG ulWrappedKeyLen, - BYTE *pbEncryptedData, - ULONG ulEncryptedDataLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_RSASignData( - HCONTAINER hContainer, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG *pulSignLen) -{ - if (!pbSignature || !pulSignLen) { - return SAR_INVALIDPARAMERR; - } - *pulSignLen = 256; - return SAR_OK; -} - -ULONG DEVAPI SKF_RSAVerify( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG ulSignLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_RSAExportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - RSAPUBLICKEYBLOB *pPubKey, - BYTE *pbData, - ULONG *pulDataLen, - HANDLE *phSessionKey); - -ULONG DEVAPI SKF_ExtRSAPubKeyOperation( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen) -{ - if (!pbOutput || !pulOutputLen) { - return SAR_INVALIDPARAMERR; - } - *pulOutputLen = 256; - return SAR_OK; -} - -ULONG DEVAPI SKF_ExtRSAPriKeyOperation( - DEVHANDLE hDev, - RSAPRIVATEKEYBLOB *pRSAPriKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen) -{ - if (!pbOutput || !pulOutputLen) { - return SAR_INVALIDPARAMERR; - } - *pulOutputLen = 256; - return SAR_OK; -} - -ULONG DEVAPI SKF_GenECCKeyPair( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pBlob) -{ - if (!pBlob) { - return SAR_INVALIDPARAMERR; - } - return SAR_OK; -} - -ULONG DEVAPI SKF_ImportECCKeyPair( - HCONTAINER hContainer, - ENVELOPEDKEYBLOB *pEnvelopedKeyBlob) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ECCSignData( - HCONTAINER hContainer, - BYTE *pbDigest, - ULONG ulDigestLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (!pSignature) { - return SAR_INVALIDPARAMERR; - } - return SAR_OK; -} - -ULONG DEVAPI SKF_ECCVerify( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ECCExportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pPubKey, - ECCCIPHERBLOB *pData, - HANDLE *phSessionKey) -{ - if (!phSessionKey) { - return SAR_INVALIDPARAMERR; - } - *phSessionKey = hKeyHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_ExtECCEncrypt( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbPlainText, - ULONG ulPlainTextLen, - ECCCIPHERBLOB *pCipherText) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ExtECCDecrypt( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - ECCCIPHERBLOB *pCipherText, - BYTE *pbPlainText, - ULONG *pulPlainTextLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_ExtECCSign( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (!pSignature) { - return SAR_INVALIDPARAMERR; - } - return SAR_OK; -} - -ULONG DEVAPI SKF_ExtECCVerify( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_GenerateAgreementDataWithECC( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phAgreementHandle) -{ - if (!phAgreementHandle) { - return SAR_INVALIDPARAMERR; - } - *phAgreementHandle = hAgreementHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC( - HANDLE hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob, - ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - BYTE *pbSponsorID, - ULONG ulSponsorIDLen, - HANDLE *phKeyHandle) -{ - if (!phKeyHandle) { - return SAR_INVALIDPARAMERR; - } - *phKeyHandle = hKeyHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_GenerateKeyWithECC( - HANDLE hAgreementHandle, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phKeyHandle) -{ - if (!phKeyHandle) { - return SAR_INVALIDPARAMERR; - } - *phKeyHandle = hKeyHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_ImportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - BYTE *pbWrapedData, - ULONG ulWrapedLen, - HANDLE *phKey) -{ - if (!phKey) { - return SAR_INVALIDPARAMERR; - } - *phKey = hKeyHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_SetSymmKey( - DEVHANDLE hDev, - BYTE *pbKey, - ULONG ulAlgID, - HANDLE *phKey) -{ - if (!phKey) { - return SAR_INVALIDPARAMERR; - } - *phKey = hKeyHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_EncryptInit( - HANDLE hKey, - BLOCKCIPHERPARAM EncryptParam) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_Encrypt( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen) -{ - if (!pbData || !pbEncryptedData || !pulEncryptedLen) { - return SAR_INVALIDPARAMERR; - } - memcpy(pbEncryptedData, pbData, ulDataLen); - *pulEncryptedLen = ulDataLen; - return SAR_OK; -} - -ULONG DEVAPI SKF_EncryptUpdate( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen) -{ - if (!pbData || !pbEncryptedData || !pulEncryptedLen) { - return SAR_INVALIDPARAMERR; - } - memcpy(pbEncryptedData, pbData, ulDataLen); - *pulEncryptedLen = ulDataLen; - return SAR_OK; -} - -ULONG DEVAPI SKF_EncryptFinal( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG *pulEncryptedDataLen) -{ - if (!pbEncryptedData || !pulEncryptedDataLen) { - return SAR_INVALIDPARAMERR; - } - *pulEncryptedDataLen = 0; - return SAR_OK; -} - -ULONG DEVAPI SKF_DecryptInit( - HANDLE hKey, - BLOCKCIPHERPARAM DecryptParam) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_Decrypt( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (!pbEncryptedData || !pbData || !pulDataLen) { - return SAR_INVALIDPARAMERR; - } - memcpy(pbData, pbEncryptedData, ulEncryptedLen); - *pulDataLen = ulEncryptedLen; - return SAR_OK; -} - -ULONG DEVAPI SKF_DecryptUpdate( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (!pbEncryptedData || !pbData || !pulDataLen) { - return SAR_INVALIDPARAMERR; - } - memcpy(pbData, pbEncryptedData, ulEncryptedLen); - *pulDataLen = ulEncryptedLen; - return SAR_OK; -} - -ULONG DEVAPI SKF_DecryptFinal( - HANDLE hKey, - BYTE *pbDecryptedData, - ULONG *pulDecryptedDataLen) -{ - if (!pulDecryptedDataLen) { - return SAR_INVALIDPARAMERR; - } - *pulDecryptedDataLen = 0; - return SAR_OK; -} - -ULONG DEVAPI SKF_DigestInit( - DEVHANDLE hDev, - ULONG ulAlgID, - ECCPUBLICKEYBLOB *pPubKey, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phHash) -{ - if (!phHash) { - return SAR_INVALIDPARAMERR; - } - *phHash = hHashHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_Digest( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbHashData, - ULONG *pulHashLen) -{ - if (!pbHashData || !pulHashLen) { - return SAR_INVALIDPARAMERR; - } - memset(pbHashData, 'h', 32); - *pulHashLen = 32; - return SAR_OK; -} - -ULONG DEVAPI SKF_DigestUpdate( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_DigestFinal( - HANDLE hHash, - BYTE *pbHashData, - ULONG *pulHashLen) -{ - if (!pbHashData || !pulHashLen) { - return SAR_INVALIDPARAMERR; - } - memset(pbHashData, 'h', 32); - *pulHashLen = 32; - return SAR_OK; -} - -ULONG DEVAPI SKF_MacInit( - HANDLE hKey, - BLOCKCIPHERPARAM *pMacParam, - HANDLE *phMac) -{ - if (!phMac) { - return SAR_INVALIDPARAMERR; - } - *phMac = hMacHandle; - return SAR_OK; -} - -ULONG DEVAPI SKF_Mac( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbMacData, - ULONG *pulMacLen) -{ - if (!pbMacData || !pulMacLen) { - return SAR_INVALIDPARAMERR; - } - memset(pbMacData, 'm', 32); - *pulMacLen = 32; - return SAR_OK; -} - -ULONG DEVAPI SKF_MacUpdate( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen) -{ - return SAR_OK; -} - -ULONG DEVAPI SKF_MacFinal( - HANDLE hMac, - BYTE *pbMacData, - ULONG *pulMacDataLen) -{ - if (!pbMacData || !pulMacDataLen) { - return SAR_INVALIDPARAMERR; - } - memset(pbMacData, 'm', 32); - *pulMacDataLen = 32; - return SAR_OK; -} - -ULONG DEVAPI SKF_CloseHandle( - HANDLE hHandle) -{ - return SAR_OK; -} diff --git a/crypto/skf/skf_err.c b/crypto/skf/skf_err.c index cdd14ad7..6d57aa36 100644 --- a/crypto/skf/skf_err.c +++ b/crypto/skf/skf_err.c @@ -19,12 +19,180 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_SKF,0,reason) static ERR_STRING_DATA SKF_str_functs[] = { + {ERR_FUNC(SKF_F_SKF_CANCELWAITFORDEVEVENT), "SKF_CancelWaitForDevEvent"}, + {ERR_FUNC(SKF_F_SKF_CHANGEDEVAUTHKEY), "SKF_ChangeDevAuthKey"}, + {ERR_FUNC(SKF_F_SKF_CHANGEPIN), "SKF_ChangePIN"}, + {ERR_FUNC(SKF_F_SKF_CLEARSECURESTATE), "SKF_ClearSecureState"}, + {ERR_FUNC(SKF_F_SKF_CLOSEAPPLICATION), "SKF_CloseApplication"}, + {ERR_FUNC(SKF_F_SKF_CLOSECONTAINER), "SKF_CloseContainer"}, + {ERR_FUNC(SKF_F_SKF_CLOSEHANDLE), "SKF_CloseHandle"}, + {ERR_FUNC(SKF_F_SKF_CONNECTDEV), "SKF_ConnectDev"}, + {ERR_FUNC(SKF_F_SKF_CREATEAPPLICATION), "SKF_CreateApplication"}, + {ERR_FUNC(SKF_F_SKF_CREATECONTAINER), "SKF_CreateContainer"}, + {ERR_FUNC(SKF_F_SKF_CREATEFILE), "SKF_CreateFile"}, + {ERR_FUNC(SKF_F_SKF_DECRYPT), "SKF_Decrypt"}, + {ERR_FUNC(SKF_F_SKF_DECRYPTFINAL), "SKF_DecryptFinal"}, + {ERR_FUNC(SKF_F_SKF_DECRYPTINIT), "SKF_DecryptInit"}, + {ERR_FUNC(SKF_F_SKF_DECRYPTUPDATE), "SKF_DecryptUpdate"}, + {ERR_FUNC(SKF_F_SKF_DELETEAPPLICATION), "SKF_DeleteApplication"}, + {ERR_FUNC(SKF_F_SKF_DELETECONTAINER), "SKF_DeleteContainer"}, + {ERR_FUNC(SKF_F_SKF_DELETEFILE), "SKF_DeleteFile"}, + {ERR_FUNC(SKF_F_SKF_DEVAUTH), "SKF_DevAuth"}, + {ERR_FUNC(SKF_F_SKF_DIGEST), "SKF_Digest"}, + {ERR_FUNC(SKF_F_SKF_DIGESTFINAL), "SKF_DigestFinal"}, + {ERR_FUNC(SKF_F_SKF_DIGESTINIT), "SKF_DigestInit"}, + {ERR_FUNC(SKF_F_SKF_DIGESTUPDATE), "SKF_DigestUpdate"}, + {ERR_FUNC(SKF_F_SKF_DISCONNECTDEV), "SKF_DisConnectDev"}, + {ERR_FUNC(SKF_F_SKF_ECCDECRYPT), "SKF_ECCDecrypt"}, + {ERR_FUNC(SKF_F_SKF_ECCEXPORTSESSIONKEY), "SKF_ECCExportSessionKey"}, + {ERR_FUNC(SKF_F_SKF_ECCSIGNDATA), "SKF_ECCSignData"}, + {ERR_FUNC(SKF_F_SKF_ECCVERIFY), "SKF_ECCVerify"}, + {ERR_FUNC(SKF_F_SKF_ENCRYPT), "SKF_Encrypt"}, + {ERR_FUNC(SKF_F_SKF_ENCRYPTFINAL), "SKF_EncryptFinal"}, + {ERR_FUNC(SKF_F_SKF_ENCRYPTINIT), "SKF_EncryptInit"}, + {ERR_FUNC(SKF_F_SKF_ENCRYPTUPDATE), "SKF_EncryptUpdate"}, + {ERR_FUNC(SKF_F_SKF_ENUMAPPLICATION), "SKF_EnumApplication"}, + {ERR_FUNC(SKF_F_SKF_ENUMCONTAINER), "SKF_EnumContainer"}, + {ERR_FUNC(SKF_F_SKF_ENUMDEV), "SKF_EnumDev"}, + {ERR_FUNC(SKF_F_SKF_ENUMFILES), "SKF_EnumFiles"}, + {ERR_FUNC(SKF_F_SKF_EXPORTCERTIFICATE), "SKF_ExportCertificate"}, + {ERR_FUNC(SKF_F_SKF_EXPORTPUBLICKEY), "SKF_ExportPublicKey"}, + {ERR_FUNC(SKF_F_SKF_EXTECCDECRYPT), "SKF_ExtECCDecrypt"}, + {ERR_FUNC(SKF_F_SKF_EXTECCENCRYPT), "SKF_ExtECCEncrypt"}, + {ERR_FUNC(SKF_F_SKF_EXTECCSIGN), "SKF_ExtECCSign"}, + {ERR_FUNC(SKF_F_SKF_EXTECCVERIFY), "SKF_ExtECCVerify"}, + {ERR_FUNC(SKF_F_SKF_EXTRSAPRIKEYOPERATION), "SKF_ExtRSAPriKeyOperation"}, + {ERR_FUNC(SKF_F_SKF_EXTRSAPUBKEYOPERATION), "SKF_ExtRSAPubKeyOperation"}, + {ERR_FUNC(SKF_F_SKF_GENECCKEYPAIR), "SKF_GenECCKeyPair"}, + {ERR_FUNC(SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC), + "SKF_GenerateAgreementDataAndKeyWithECC"}, + {ERR_FUNC(SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC), + "SKF_GenerateAgreementDataWithECC"}, + {ERR_FUNC(SKF_F_SKF_GENERATEKEYWITHECC), "SKF_GenerateKeyWithECC"}, + {ERR_FUNC(SKF_F_SKF_GENEXTRSAKEY), "SKF_GenExtRSAKey"}, + {ERR_FUNC(SKF_F_SKF_GENRANDOM), "SKF_GenRandom"}, + {ERR_FUNC(SKF_F_SKF_GENRSAKEYPAIR), "SKF_GenRSAKeyPair"}, + {ERR_FUNC(SKF_F_SKF_GETCONTAINERTYPE), "SKF_GetContainerType"}, {ERR_FUNC(SKF_F_SKF_GETDEVINFO), "SKF_GetDevInfo"}, + {ERR_FUNC(SKF_F_SKF_GETDEVSTATE), "SKF_GetDevState"}, + {ERR_FUNC(SKF_F_SKF_GETFILEINFO), "SKF_GetFileInfo"}, + {ERR_FUNC(SKF_F_SKF_GETPININFO), "SKF_GetPINInfo"}, + {ERR_FUNC(SKF_F_SKF_IMPORTCERTIFICATE), "SKF_ImportCertificate"}, + {ERR_FUNC(SKF_F_SKF_IMPORTECCKEYPAIR), "SKF_ImportECCKeyPair"}, + {ERR_FUNC(SKF_F_SKF_IMPORTECCPRIVATEKEY), "SKF_ImportECCPrivateKey"}, + {ERR_FUNC(SKF_F_SKF_IMPORTRSAKEYPAIR), "SKF_ImportRSAKeyPair"}, + {ERR_FUNC(SKF_F_SKF_IMPORTSESSIONKEY), "SKF_ImportSessionKey"}, + {ERR_FUNC(SKF_F_SKF_LOADLIBRARY), "SKF_LoadLibrary"}, + {ERR_FUNC(SKF_F_SKF_LOCKDEV), "SKF_LockDev"}, + {ERR_FUNC(SKF_F_SKF_MAC), "SKF_Mac"}, + {ERR_FUNC(SKF_F_SKF_MACFINAL), "SKF_MacFinal"}, + {ERR_FUNC(SKF_F_SKF_MACINIT), "SKF_MacInit"}, + {ERR_FUNC(SKF_F_SKF_MACUPDATE), "SKF_MacUpdate"}, + {ERR_FUNC(SKF_F_SKF_METHOD_LOAD_LIBRARY), "SKF_METHOD_load_library"}, + {ERR_FUNC(SKF_F_SKF_NEWECCCIPHER), "SKF_NewECCCipher"}, + {ERR_FUNC(SKF_F_SKF_NEWENVELOPEDKEY), "SKF_NewEnvelopedKey"}, + {ERR_FUNC(SKF_F_SKF_OPENAPPLICATION), "SKF_OpenApplication"}, + {ERR_FUNC(SKF_F_SKF_OPENCONTAINER), "SKF_OpenContainer"}, + {ERR_FUNC(SKF_F_SKF_READFILE), "SKF_ReadFile"}, + {ERR_FUNC(SKF_F_SKF_RSAEXPORTSESSIONKEY), "SKF_RSAExportSessionKey"}, + {ERR_FUNC(SKF_F_SKF_RSASIGNDATA), "SKF_RSASignData"}, + {ERR_FUNC(SKF_F_SKF_RSAVERIFY), "SKF_RSAVerify"}, + {ERR_FUNC(SKF_F_SKF_SETLABEL), "SKF_SetLabel"}, + {ERR_FUNC(SKF_F_SKF_SETSYMMKEY), "SKF_SetSymmKey"}, + {ERR_FUNC(SKF_F_SKF_TRANSMIT), "SKF_Transmit"}, + {ERR_FUNC(SKF_F_SKF_UNBLOCKPIN), "SKF_UnblockPIN"}, + {ERR_FUNC(SKF_F_SKF_UNLOCKDEV), "SKF_UnlockDev"}, + {ERR_FUNC(SKF_F_SKF_VERIFYPIN), "SKF_VerifyPIN"}, + {ERR_FUNC(SKF_F_SKF_W), "SKF_WaitForDevEvent"}, + {ERR_FUNC(SKF_F_SKF_WAITFORDEVEVENT), "SKF_WaitForDevEvent"}, + {ERR_FUNC(SKF_F_SKF_WRITEFILE), "SKF_WriteFile"}, {0, NULL} }; static ERR_STRING_DATA SKF_str_reasons[] = { + {ERR_REASON(SKF_R_APPLICATION_ALREADY_EXIST), + "application already exist"}, + {ERR_REASON(SKF_R_APPLICATION_NOT_EXISAT), "application not exisat"}, + {ERR_REASON(SKF_R_APPLICATION_NOT_EXIST), "application not exist"}, + {ERR_REASON(SKF_R_BUFFER_TOO_SMALL), "buffer too small"}, + {ERR_REASON(SKF_R_CERTIFICATE_NOT_FOUND), "certificate not found"}, + {ERR_REASON(SKF_R_CSP_IMPORT_PUBLIC_KEY_ERROR), + "csp import public key error"}, + {ERR_REASON(SKF_R_DECRYPT_INVALID_PADDING), "decrypt invalid padding"}, + {ERR_REASON(SKF_R_DEVICE_REMOVED), "device removed"}, + {ERR_REASON(SKF_R_DIGEST_ERROR), "digest error"}, + {ERR_REASON(SKF_R_DSO_LOAD_FAILURE), "dso load failure"}, + {ERR_REASON(SKF_R_ENVELOPE_PRVATE_KEY_FAILURE), + "envelope prvate key failure"}, + {ERR_REASON(SKF_R_EXPORT_FAILED), "export failed"}, + {ERR_REASON(SKF_R_FAILURE), "failure"}, + {ERR_REASON(SKF_R_FILE_ALREADY_EXIST), "file already exist"}, + {ERR_REASON(SKF_R_FILE_ERROR), "file error"}, + {ERR_REASON(SKF_R_FILE_NOT_EXIST), "file not exist"}, + {ERR_REASON(SKF_R_FUNCTION_NOT_SUPPORTED), "function not supported"}, + {ERR_REASON(SKF_R_HASH_NOT_EQUAL), "hash not equal"}, + {ERR_REASON(SKF_R_IMPORT_ENVELOPED_ECC_PRIVATE_KEY_FAILURE), + "import enveloped ecc private key failure"}, + {ERR_REASON(SKF_R_INVALID_APPLICATION_NAME), "invalid application name"}, + {ERR_REASON(SKF_R_INVALID_CONTAINER_TYPE), "invalid container type"}, + {ERR_REASON(SKF_R_INVALID_DIGEST_HANDLE), "invalid digest handle"}, + {ERR_REASON(SKF_R_INVALID_HANDLE), "invalid handle"}, + {ERR_REASON(SKF_R_INVALID_INPUT_LENGTH), "invalid input length"}, + {ERR_REASON(SKF_R_INVALID_INPUT_VALUE), "invalid input value"}, + {ERR_REASON(SKF_R_INVALID_KEY_INFO_TYPE), "invalid key info type"}, + {ERR_REASON(SKF_R_INVALID_KEY_USAGE), "invalid key usage"}, + {ERR_REASON(SKF_R_INVALID_MAC_LENGTH), "invalid mac length"}, + {ERR_REASON(SKF_R_INVALID_MODULUS_LENGTH), "invalid modulus length"}, + {ERR_REASON(SKF_R_INVALID_NAME_LENGTH), "invalid name length"}, + {ERR_REASON(SKF_R_INVALID_OBJECT), "invalid object"}, + {ERR_REASON(SKF_R_INVALID_PARAMETER), "invalid parameter"}, + {ERR_REASON(SKF_R_INVALID_PIN), "invalid pin"}, + {ERR_REASON(SKF_R_INVALID_PIN_LENGTH), "invalid pin length"}, + {ERR_REASON(SKF_R_INVALID_RSA_MODULUS_LENGTH), + "invalid rsa modulus length"}, + {ERR_REASON(SKF_R_INVALID_USER_TYPE), "invalid user type"}, + {ERR_REASON(SKF_R_KEY_NOT_FOUND), "key not found"}, + {ERR_REASON(SKF_R_LOAD_LIBRARY_FAILURE), "load library failure"}, + {ERR_REASON(SKF_R_MEMORY_ERROR), "memory error"}, + {ERR_REASON(SKF_R_NOT_INITIALIZED), "not initialized"}, + {ERR_REASON(SKF_R_NOT_SUPPORTED_CIPHER_ALGOR), + "not supported cipher algor"}, + {ERR_REASON(SKF_R_NOT_SUPPORTED_DIGEST_ALGOR), + "not supported digest algor"}, + {ERR_REASON(SKF_R_NOT_SUPPORTED_PKEY_ALGOR), "not supported pkey algor"}, + {ERR_REASON(SKF_R_NO_EVENT), "no event"}, + {ERR_REASON(SKF_R_NO_SPACE), "no space"}, {ERR_REASON(SKF_R_NULL_ARGUMENT), "null argument"}, + {ERR_REASON(SKF_R_OPERATION_NOT_SUPPORTED), "operation not supported"}, + {ERR_REASON(SKF_R_PIN_INCORRECT), "pin incorrect"}, + {ERR_REASON(SKF_R_PIN_LOCKED), "pin locked"}, + {ERR_REASON(SKF_R_RANDOM_GENERATION_FAILED), "random generation failed"}, + {ERR_REASON(SKF_R_READ_FILE_FAILURE), "read file failure"}, + {ERR_REASON(SKF_R_RSA_DECRYPTION_FAILURE), "rsa decryption failure"}, + {ERR_REASON(SKF_R_RSA_ENCRYPTION_FAILURE), "rsa encryption failure"}, + {ERR_REASON(SKF_R_RSA_KEY_GENERATION_FAILURE), + "rsa key generation failure"}, + {ERR_REASON(SKF_R_SKF_METHOD_NOT_INITIALIZED), + "skf method not initialized"}, + {ERR_REASON(SKF_R_SUCCESS), "success"}, + {ERR_REASON(SKF_R_TIMEOUT), "timeout"}, + {ERR_REASON(SKF_R_UNKNOWN_ERROR), "unknown error"}, + {ERR_REASON(SKF_R_UNKNOWN_VENDOR), "unknown vendor"}, + {ERR_REASON(SKF_R_USER_ALREADY_LOGGED_IN), "user already logged in"}, + {ERR_REASON(SKF_R_USER_NOT_LOGGED_IN), "user not logged in"}, + {ERR_REASON(SKF_R_USER_PIN_NOT_INITIALIZED), "user pin not initialized"}, + {ERR_REASON(SKF_R_WISEC_AUTH_BLOCKED), "wisec auth blocked"}, + {ERR_REASON(SKF_R_WISEC_CERTNOUSAGEERR), "wisec certnousageerr"}, + {ERR_REASON(SKF_R_WISEC_CERTUSAGEERR), "wisec certusageerr"}, + {ERR_REASON(SKF_R_WISEC_CONTAINER_EXISTS), "wisec container exists"}, + {ERR_REASON(SKF_R_WISEC_CONTAINER_NOT_EXISTS), + "wisec container not exists"}, + {ERR_REASON(SKF_R_WISEC_DEVNOAUTH), "wisec devnoauth"}, + {ERR_REASON(SKF_R_WISEC_FILEATTRIBUTEERR), "wisec fileattributeerr"}, + {ERR_REASON(SKF_R_WISEC_INVALIDCONTAINERERR), + "wisec invalidcontainererr"}, + {ERR_REASON(SKF_R_WISEC_KEYNOUSAGEERR), "wisec keynousageerr"}, + {ERR_REASON(SKF_R_WRITE_FILE_FAILURE), "write file failure"}, {0, NULL} }; diff --git a/crypto/skf/skf_ext.c b/crypto/skf/skf_ext.c new file mode 100644 index 00000000..02c084e5 --- /dev/null +++ b/crypto/skf/skf_ext.c @@ -0,0 +1,350 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include +#include +#include +#include "internal/skf_int.h" +#include "../../e_os.h" + + +static void print_str(const char *name, const char *value) +{ + (void)printf("%-17s: %s\n", name, value); +} + +static void print_int(const char *name, ULONG value) +{ + (void)printf("%-17s: ", name); + if (value == UINT_MAX) { + puts("(unlimited)"); + } else { + printf("%u\n", value); + } +} + +static void print_buf(const char *name, BYTE *value, size_t len) +{ + size_t i; + (void)printf("%-17s : ", name); + for (i = 0; i < len; i++) { + (void)printf("%02X", value[i]); + } + putchar('\n'); +} + +static char *skf_algor_name(ULONG ulAlgID) +{ + switch (ulAlgID) { + case SGD_SM1_ECB: return "sm1-ecb"; + case SGD_SM1_CBC: return "sm1-cbc"; + case SGD_SM1_CFB: return "sm1-cfb"; + case SGD_SM1_OFB: return "sm1-ofb128"; + case SGD_SM1_MAC: return "sm1-mac"; + case SGD_SM4_ECB: return "sms4-ecb"; + case SGD_SM4_CBC: return "sms4-cbc"; + case SGD_SM4_CFB: return "sms4-cfb"; + case SGD_SM4_OFB: return "sms4-ofb128"; + case SGD_SM4_MAC: return "sms4-mac"; + case SGD_SSF33_ECB: return "ssf33-ecb"; + case SGD_SSF33_CBC: return "ssf33-cbc"; + case SGD_SSF33_CFB: return "ssf33-cfb"; + case SGD_SSF33_OFB: return "ssf33-ofb128"; + case SGD_SSF33_MAC: return "ssf33-mac"; + case SGD_RSA: return "rsa"; + case SGD_SM2_1: return "sm2sign"; + case SGD_SM2_2: return "sm2encrypt"; + case SGD_SM2_3: return "sm2keyagreement"; + case SGD_SM3: return "sm3"; + case SGD_SHA1: return "sha1"; + case SGD_SHA256: return "sha256"; + } + return NULL; +} + +ULONG SKF_GetDevStateName(ULONG ulDevState, LPSTR *szDevStateName) +{ + if (!szDevStateName) { + return SAR_INDATALENERR; + } + + switch (ulDevState) { + case SKF_DEV_STATE_ABSENT: + *szDevStateName = (LPSTR)"Absent"; + break; + case SKF_DEV_STATE_PRESENT: + *szDevStateName = (LPSTR)"Present"; + break; + case SKF_DEV_STATE_UNKNOW: + *szDevStateName = (LPSTR)"Unknown"; + break; + default: + *szDevStateName = (LPSTR)"(Error)"; + return SAR_INDATALENERR; + } + + return SAR_OK; +} + +ULONG SKF_GetContainerTypeName(ULONG ulContainerType, LPSTR *szName) +{ + switch (ulContainerType) { + case SKF_CONTAINER_TYPE_UNDEF: + *szName = (LPSTR)"(undef)"; + break; + case SKF_CONTAINER_TYPE_RSA: + *szName = (LPSTR)"RSA"; + break; + case SKF_CONTAINER_TYPE_ECC: + *szName = (LPSTR)"EC"; + break; + default: + *szName = (LPSTR)"(unknown)"; + } + /* always success for help functions */ + return SAR_OK; +} + +typedef struct { + ULONG id; + char *name; +} table_item_t; + +static table_item_t skf_cipher_caps[] = { + { SGD_SM1_ECB, "sm1-ecb" }, + { SGD_SM1_CBC, "sm1-cbc" }, + { SGD_SM1_CFB, "sm1-cfb" }, + { SGD_SM1_OFB, "sm1-ofb128" }, + { SGD_SM1_MAC, "cbcmac-sm1" }, + { SGD_SSF33_ECB, "ssf33-ecb" }, + { SGD_SSF33_CBC, "ssf33-cbc" }, + { SGD_SSF33_CFB, "ssf33-cfb" }, + { SGD_SSF33_OFB, "ssf33-ofb128" }, + { SGD_SSF33_MAC, "cbcmac-ssf33" }, + { SGD_SM4_ECB, "sms4-ecb" }, + { SGD_SM4_CBC, "sms4-cbc" }, + { SGD_SM4_CFB, "sms4-cfb" }, + { SGD_SM4_OFB, "sms4-ofb128" }, + { SGD_SM4_MAC, "cbcmac-sms4" }, + { SGD_ZUC_EEA3, "zuc_128eea3" }, + { SGD_ZUC_EIA3, "zuc_128eia3" } +}; + +static table_item_t skf_digest_caps[] = { + { SGD_SM3, "sm3" }, + { SGD_SHA1, "sha1" }, + { SGD_SHA256, "sha256" }, +}; + +static table_item_t skf_pkey_caps[] = { + { SGD_RSA_SIGN, "rsa" }, + { SGD_RSA_ENC, "rsaEncryption" }, + { SGD_SM2_1, "sm2sign" }, + { SGD_SM2_2, "sm2exchange" }, + { SGD_SM2_3, "sm2encrypt" } +}; + +ULONG SKF_PrintDevInfo(DEVINFO *devInfo) +{ + int i, n; + + printf(" Version : %d.%d\n", devInfo->Version.major, + devInfo->Version.minor); + printf(" Manufacturer : %s\n", devInfo->Manufacturer); + printf(" Issuer : %s\n", devInfo->Issuer); + printf(" Label : %s\n", devInfo->Label); + print_buf(" Serial Number", devInfo->SerialNumber, strlen((char *)devInfo->SerialNumber)); + printf(" Hardware Version : %d.%d\n", devInfo->HWVersion.major, + devInfo->HWVersion.minor); + printf(" Firmware Version : %d.%d\n", devInfo->FirmwareVersion.major, + devInfo->FirmwareVersion.minor); + printf(" Ciphers : "); + for (i = n = 0; i < OSSL_NELEM(skf_cipher_caps); i++) { + if ((devInfo->AlgSymCap & skf_cipher_caps[i].id) == + skf_cipher_caps[i].id) { + printf("%s%s", n ? ", " : "", skf_cipher_caps[i].name); + n++; + } + } + printf("\n"); + printf(" Public Keys : "); + for (i = n = 0; i < OSSL_NELEM(skf_pkey_caps); i++) { + if ((devInfo->AlgAsymCap & skf_pkey_caps[i].id) == + skf_pkey_caps[i].id) { + printf("%s%s", n ? ", " : "", skf_pkey_caps[i].name); + n++; + } + } + printf("\n"); + printf(" Digests : "); + for (i = n = 0; i < OSSL_NELEM(skf_digest_caps); i++) { + if ((devInfo->AlgHashCap & skf_digest_caps[i].id) == + skf_digest_caps[i].id) { + printf("%s%s", n ? ", " : "", skf_digest_caps[i].name); + n++; + } + } + printf("\n"); + printf(" Auth Cipher : "); + for (i = 0; i < OSSL_NELEM(skf_cipher_caps); i++) { + if (devInfo->DevAuthAlgId == skf_cipher_caps[i].id) { + printf("%s\n", skf_cipher_caps[i].name); + break; + } + } + if (i == OSSL_NELEM(skf_cipher_caps)) { + printf("(unknown)\n"); + } + print_int(" Total Sapce ", devInfo->TotalSpace); + print_int(" Free Space ", devInfo->FreeSpace); + print_int(" MAX ECC Input", devInfo->MaxECCBufferSize); + print_int(" MAX Cipher Input", devInfo->MaxBufferSize); + + return SAR_OK; +} + +ULONG SKF_PrintRSAPublicKey(RSAPUBLICKEYBLOB *blob) +{ + print_str("AlgID", skf_algor_name(blob->AlgID)); + print_int("BitLen", blob->BitLen); + print_buf("Modulus", blob->Modulus, MAX_RSA_MODULUS_LEN); + print_buf("PublicExponent", blob->PublicExponent, MAX_RSA_EXPONENT_LEN); + return SAR_OK; +} + +ULONG SKF_PrintRSAPrivateKey(RSAPRIVATEKEYBLOB *blob) +{ + print_str("AlgID", skf_algor_name(blob->AlgID)); + print_int("BitLen", blob->BitLen); + print_buf("Modulus", blob->Modulus, MAX_RSA_MODULUS_LEN); + print_buf("PublicExponent", blob->PublicExponent, MAX_RSA_EXPONENT_LEN); + print_buf("PrivateExponent", blob->PrivateExponent, MAX_RSA_MODULUS_LEN); + print_buf("Prime1", blob->Prime1, MAX_RSA_MODULUS_LEN/2); + print_buf("Prime2", blob->Prime2, MAX_RSA_MODULUS_LEN/2); + print_buf("Prime1Exponent", blob->Prime1Exponent, MAX_RSA_MODULUS_LEN/2); + print_buf("Prime2Exponent", blob->Prime2Exponent, MAX_RSA_MODULUS_LEN/2); + print_buf("Coefficient", blob->Coefficient, MAX_RSA_MODULUS_LEN/2); + return SAR_OK; +} + +ULONG SKF_PrintECCPublicKey(ECCPUBLICKEYBLOB *blob) +{ + print_int("BitLen", blob->BitLen); + print_buf("XCoordinate", blob->XCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8); + print_buf("YCoordinate", blob->YCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8); + return SAR_OK; +} + +ULONG SKF_PrintECCPrivateKey(ECCPRIVATEKEYBLOB *blob) +{ + print_int("BitLen", blob->BitLen); + print_buf("PrivateKey", blob->PrivateKey, ECC_MAX_MODULUS_BITS_LEN/8); + return SAR_OK; +} + +ULONG SKF_PrintECCCipher(ECCCIPHERBLOB *blob) +{ + print_buf("XCoordinate", blob->XCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8); + print_buf("YCoordinate", blob->YCoordinate, ECC_MAX_XCOORDINATE_BITS_LEN/8); + print_buf("HASH", blob->HASH, 32); + print_int("CipherLen", blob->CipherLen); + print_buf("Cipher", blob->Cipher, blob->CipherLen); + return SAR_OK; +} + +ULONG SKF_PrintECCSignature(ECCSIGNATUREBLOB *blob) +{ + print_buf("r", blob->r, ECC_MAX_XCOORDINATE_BITS_LEN/8); + print_buf("s", blob->s, ECC_MAX_XCOORDINATE_BITS_LEN/8); + return SAR_OK; +} + +ULONG DEVAPI SKF_NewECCCipher(ULONG ulCipherLen, ECCCIPHERBLOB **cipherBlob) +{ + ECCCIPHERBLOB *ret = NULL; + + if (!(ret = OPENSSL_malloc(sizeof(ECCCIPHERBLOB) - 1 + ulCipherLen))) { + SKFerr(SKF_F_SKF_NEWECCCIPHER, ERR_R_MALLOC_FAILURE); + return SAR_MEMORYERR; + } + + ret->CipherLen = ulCipherLen; + *cipherBlob = ret; + return SAR_OK; +} + +ULONG DEVAPI SKF_NewEnvelopedKey(ULONG ulCipherLen, ENVELOPEDKEYBLOB **envelopedKeyBlob) +{ + ENVELOPEDKEYBLOB *ret = NULL; + + if (!(ret = OPENSSL_zalloc(sizeof(ENVELOPEDKEYBLOB) - 1 + ulCipherLen))) { + SKFerr(SKF_F_SKF_NEWENVELOPEDKEY, ERR_R_MALLOC_FAILURE); + return SAR_MEMORYERR; + } + + ret->ECCCipherBlob.CipherLen = ulCipherLen; + *envelopedKeyBlob = ret; + return SAR_OK; +} + +ULONG DEVAPI SKF_PrintErrorString(ULONG ulError) +{ + LPSTR str = NULL; + SKF_GetErrorString(ulError, &str); + printf("SKF Error: %s\n", (char *)str); + return SAR_OK; +} + +ULONG DEVAPI SKF_GetAlgorName(ULONG ulAlgID, LPSTR *szName) +{ + return SAR_OK; +} diff --git a/crypto/skf/skf_lib.c b/crypto/skf/skf_lib.c index d4822a5d..4f094e47 100644 --- a/crypto/skf/skf_lib.c +++ b/crypto/skf/skf_lib.c @@ -1,1426 +1,2773 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include -#include "internal/dso.h" -#include "internal/skf_meth.h" -#include "../../e_os.h" - -static SKF_METHOD *skf_method = NULL; - -ULONG SKF_LoadLibrary(const char *so_path) -{ - - return SAR_OK; -} - -ULONG SKF_UnloadLibrary(void) -{ - skf_method = NULL; - return 0; -} - - -ULONG DEVAPI SKF_WaitForDevEvent( - LPSTR szDevName, - ULONG *pulDevNameLen, - ULONG *pulEvent) -{ - if (skf_method->WaitForDevEvent) { - return skf_method->WaitForDevEvent( - szDevName, - pulDevNameLen, - pulEvent); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CancelWaitForDevEvent( - void) -{ - if (skf_method->CancelWaitForDevEvent) { - return skf_method->CancelWaitForDevEvent(); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EnumDev( - BOOL bPresent, - LPSTR szNameList, - ULONG *pulSize) -{ - if (skf_method->EnumDev) { - return skf_method->EnumDev( - bPresent, - szNameList, - pulSize); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ConnectDev( - LPSTR szName, - DEVHANDLE *phDev) -{ - if (skf_method->ConnectDev) { - return skf_method->ConnectDev( - szName, - phDev); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DisConnectDev( - DEVHANDLE hDev) -{ - if (skf_method->DisConnectDev) { - return skf_method->DisConnectDev( - hDev); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GetDevState( - LPSTR szDevName, - ULONG *pulDevState) -{ - if (skf_method->GetDevState) { - return skf_method->GetDevState( - szDevName, - pulDevState); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_SetLabel( - DEVHANDLE hDev, - LPSTR szLabel) -{ - if (skf_method->SetLabel) { - return skf_method->SetLabel( - hDev, - szLabel); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GetDevInfo( - DEVHANDLE hDev, - DEVINFO *pDevInfo) -{ - if (skf_method->GetDevInfo) { - return skf_method->GetDevInfo( - hDev, - pDevInfo); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_LockDev( - DEVHANDLE hDev, - ULONG ulTimeOut) -{ - if (skf_method->LockDev) { - return skf_method->LockDev( - hDev, - ulTimeOut); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_UnlockDev( - DEVHANDLE hDev) -{ - if (skf_method->UnlockDev) { - return skf_method->UnlockDev( - hDev); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_Transmit( - DEVHANDLE hDev, - BYTE *pbCommand, - ULONG ulCommandLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (skf_method->Transmit) { - return skf_method->Transmit( - hDev, - pbCommand, - ulCommandLen, - pbData, - pulDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ChangeDevAuthKey( - DEVHANDLE hDev, - BYTE *pbKeyValue, - ULONG ulKeyLen) -{ - if (skf_method->ChangeDevAuthKey) { - return skf_method->ChangeDevAuthKey( - hDev, - pbKeyValue, - ulKeyLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DevAuth( - DEVHANDLE hDev, - BYTE *pbAuthData, - ULONG ulLen) -{ - if (skf_method->DevAuth) { - return skf_method->DevAuth( - hDev, - pbAuthData, - ulLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ChangePIN( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szOldPin, - LPSTR szNewPin, - ULONG *pulRetryCount) -{ - if (skf_method->ChangePIN) { - return skf_method->ChangePIN( - hApplication, - ulPINType, - szOldPin, - szNewPin, - pulRetryCount); - } - return SAR_NOTSUPPORTYETERR; -} - -LONG DEVAPI SKF_GetPINInfo( - HAPPLICATION hApplication, - ULONG ulPINType, - ULONG *pulMaxRetryCount, - ULONG *pulRemainRetryCount, - BOOL *pbDefaultPin) -{ - if (skf_method->GetPINInfo) { - return skf_method->GetPINInfo( - hApplication, - ulPINType, - pulMaxRetryCount, - pulRemainRetryCount, - pbDefaultPin); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_VerifyPIN( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szPIN, - ULONG *pulRetryCount) -{ - if (skf_method->VerifyPIN) { - return skf_method->VerifyPIN( - hApplication, - ulPINType, - szPIN, - pulRetryCount); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_UnblockPIN( - HAPPLICATION hApplication, - LPSTR szAdminPIN, - LPSTR szNewUserPIN, - ULONG *pulRetryCount) -{ - if (skf_method->UnblockPIN) { - return skf_method->UnblockPIN( - hApplication, - szAdminPIN, - szNewUserPIN, - pulRetryCount); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ClearSecureState( - HAPPLICATION hApplication) -{ - if (skf_method->ClearSecureState) { - return skf_method->ClearSecureState( - hApplication); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CreateApplication( - DEVHANDLE hDev, - LPSTR szAppName, - LPSTR szAdminPin, - DWORD dwAdminPinRetryCount, - LPSTR szUserPin, - DWORD dwUserPinRetryCount, - DWORD dwCreateFileRights, - HAPPLICATION *phApplication) -{ - if (skf_method->CreateApplication) { - return skf_method->CreateApplication( - hDev, - szAppName, - szAdminPin, - dwAdminPinRetryCount, - szUserPin, - dwUserPinRetryCount, - dwCreateFileRights, - phApplication); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EnumApplication( - DEVHANDLE hDev, - LPSTR szAppName, - ULONG *pulSize) -{ - if (skf_method->EnumApplication) { - return skf_method->EnumApplication( - hDev, - szAppName, - pulSize); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DeleteApplication( - DEVHANDLE hDev, - LPSTR szAppName) -{ - if (skf_method->DeleteApplication) { - return skf_method->DeleteApplication( - hDev, - szAppName); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_OpenApplication( - DEVHANDLE hDev, - LPSTR szAppName, - HAPPLICATION *phApplication) -{ - if (skf_method->OpenApplication) { - return skf_method->OpenApplication( - hDev, - szAppName, - phApplication); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CloseApplication( - HAPPLICATION hApplication) -{ - if (skf_method->CloseApplication) { - return skf_method->CloseApplication( - hApplication); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CreateFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulFileSize, - ULONG ulReadRights, - ULONG ulWriteRights) -{ - if (skf_method->CreateFileObject) { - return skf_method->CreateFileObject( - hApplication, - szFileName, - ulFileSize, - ulReadRights, - ulWriteRights); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DeleteFile( - HAPPLICATION hApplication, - LPSTR szFileName) -{ - if (skf_method->DeleteFileObject) { - return skf_method->DeleteFileObject( - hApplication, - szFileName); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EnumFiles( - HAPPLICATION hApplication, - LPSTR szFileList, - ULONG *pulSize) -{ - if (skf_method->EnumFiles) { - return skf_method->EnumFiles( - hApplication, - szFileList, - pulSize); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GetFileInfo( - HAPPLICATION hApplication, - LPSTR szFileName, - FILEATTRIBUTE *pFileInfo) -{ - if (skf_method->GetFileInfo) { - return skf_method->GetFileInfo( - hApplication, - szFileName, - pFileInfo); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ReadFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - ULONG ulSize, - BYTE *pbOutData, - ULONG *pulOutLen) -{ - if (skf_method->ReadFileObject) { - return skf_method->ReadFileObject( - hApplication, - szFileName, - ulOffset, - ulSize, - pbOutData, - pulOutLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_WriteFile( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - BYTE *pbData, - ULONG ulSize) -{ - if (skf_method->WriteFileObject) { - return skf_method->WriteFileObject( - hApplication, - szFileName, - ulOffset, - pbData, - ulSize); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CreateContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer) -{ - if (skf_method->CreateContainer) { - return skf_method->CreateContainer( - hApplication, - szContainerName, - phContainer); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DeleteContainer( - HAPPLICATION hApplication, - LPSTR szContainerName) -{ - if (skf_method->DeleteContainer) { - return skf_method->DeleteContainer( - hApplication, - szContainerName); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EnumContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - ULONG *pulSize) -{ - if (skf_method->EnumContainer) { - return skf_method->EnumContainer( - hApplication, - szContainerName, - pulSize); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_OpenContainer( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer) -{ - if (skf_method->OpenContainer) { - return skf_method->OpenContainer( - hApplication, - szContainerName, - phContainer); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CloseContainer( - HCONTAINER hContainer) -{ - if (skf_method->CloseContainer) { - return skf_method->CloseContainer( - hContainer); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GetContainerType( - HCONTAINER hContainer, - ULONG *pulContainerType) -{ - if (skf_method->GetContainerType) { - return skf_method->GetContainerType( - hContainer, - pulContainerType); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ImportCertificate( - HCONTAINER hContainer, - BOOL bExportSignKey, - BYTE *pbCert, - ULONG ulCertLen) -{ - if (skf_method->ImportCertificate) { - return skf_method->ImportCertificate( - hContainer, - bExportSignKey, - pbCert, - ulCertLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExportCertificate( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbCert, - ULONG *pulCertLen) -{ - if (skf_method->ExportCertificate) { - return skf_method->ExportCertificate( - hContainer, - bSignFlag, - pbCert, - pulCertLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExportPublicKey( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbBlob, - ULONG *pulBlobLen) -{ - if (skf_method->ExportPublicKey) { - return skf_method->ExportPublicKey( - hContainer, - bSignFlag, - pbBlob, - pulBlobLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenRandom( - DEVHANDLE hDev, - BYTE *pbRandom, - ULONG ulRandomLen) -{ - if (skf_method->GenRandom) { - return skf_method->GenRandom( - hDev, - pbRandom, - ulRandomLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenExtRSAKey( - DEVHANDLE hDev, - ULONG ulBitsLen, - RSAPRIVATEKEYBLOB *pBlob) -{ - if (skf_method->GenExtRSAKey) { - return skf_method->GenExtRSAKey( - hDev, - ulBitsLen, - pBlob); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenRSAKeyPair( - HCONTAINER hContainer, - ULONG ulBitsLen, - RSAPUBLICKEYBLOB *pBlob) -{ - if (skf_method->GenRSAKeyPair) { - return skf_method->GenRSAKeyPair( - hContainer, - ulBitsLen, - pBlob); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ImportRSAKeyPair( - HCONTAINER hContainer, - ULONG ulSymAlgId, - BYTE *pbWrappedKey, - ULONG ulWrappedKeyLen, - BYTE *pbEncryptedData, - ULONG ulEncryptedDataLen) -{ - if (skf_method->ImportRSAKeyPair) { - return skf_method->ImportRSAKeyPair( - hContainer, - ulSymAlgId, - pbWrappedKey, - ulWrappedKeyLen, - pbEncryptedData, - ulEncryptedDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_RSASignData( - HCONTAINER hContainer, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG *pulSignLen) -{ - if (skf_method->RSASignData) { - return skf_method->RSASignData( - hContainer, - pbData, - ulDataLen, - pbSignature, - pulSignLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_RSAVerify( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG ulSignLen) -{ - if (skf_method->RSAVerify) { - return skf_method->RSAVerify( - hDev, - pRSAPubKeyBlob, - pbData, - ulDataLen, - pbSignature, - ulSignLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_RSAExportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - RSAPUBLICKEYBLOB *pPubKey, - BYTE *pbData, - ULONG *pulDataLen, - HANDLE *phSessionKey) -{ - if (skf_method->RSAExportSessionKey) { - return skf_method->RSAExportSessionKey( - hContainer, - ulAlgId, - pPubKey, - pbData, - pulDataLen, - phSessionKey); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtRSAPubKeyOperation( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen) -{ - if (skf_method->ExtRSAPubKeyOperation) { - return skf_method->ExtRSAPubKeyOperation( - hDev, - pRSAPubKeyBlob, - pbInput, - ulInputLen, - pbOutput, - pulOutputLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtRSAPriKeyOperation( - DEVHANDLE hDev, - RSAPRIVATEKEYBLOB *pRSAPriKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen) -{ - if (skf_method->ExtRSAPriKeyOperation) { - return skf_method->ExtRSAPriKeyOperation( - hDev, - pRSAPriKeyBlob, - pbInput, - ulInputLen, - pbOutput, - pulOutputLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenECCKeyPair( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pBlob) -{ - if (skf_method->GenECCKeyPair) { - return skf_method->GenECCKeyPair( - hContainer, - ulAlgId, - pBlob); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ImportECCKeyPair( - HCONTAINER hContainer, - ENVELOPEDKEYBLOB *pEnvelopedKeyBlob) -{ - if (skf_method->ImportECCKeyPair) { - return skf_method->ImportECCKeyPair( - hContainer, - pEnvelopedKeyBlob); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ECCSignData( - HCONTAINER hContainer, - BYTE *pbDigest, - ULONG ulDigestLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (skf_method->ECCSignData) { - return skf_method->ECCSignData( - hContainer, - pbDigest, - ulDigestLen, - pSignature); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ECCVerify( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (skf_method->ECCVerify) { - return skf_method->ECCVerify( - hDev, - pECCPubKeyBlob, - pbData, - ulDataLen, - pSignature); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ECCExportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pPubKey, - ECCCIPHERBLOB *pData, - HANDLE *phSessionKey) -{ - if (skf_method->ECCExportSessionKey) { - return skf_method->ECCExportSessionKey( - hContainer, - ulAlgId, - pPubKey, - pData, - phSessionKey); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtECCEncrypt( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbPlainText, - ULONG ulPlainTextLen, - ECCCIPHERBLOB *pCipherText) -{ - if (skf_method->ExtECCEncrypt) { - return skf_method->ExtECCEncrypt( - hDev, - pECCPubKeyBlob, - pbPlainText, - ulPlainTextLen, - pCipherText); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtECCDecrypt( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - ECCCIPHERBLOB *pCipherText, - BYTE *pbPlainText, - ULONG *pulPlainTextLen) -{ - if (skf_method->ExtECCDecrypt) { - return skf_method->ExtECCDecrypt( - hDev, - pECCPriKeyBlob, - pCipherText, - pbPlainText, - pulPlainTextLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtECCSign( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (skf_method->ExtECCSign) { - return skf_method->ExtECCSign( - hDev, - pECCPriKeyBlob, - pbData, - ulDataLen, - pSignature); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ExtECCVerify( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature) -{ - if (skf_method->ExtECCVerify) { - return skf_method->ExtECCVerify( - hDev, - pECCPubKeyBlob, - pbData, - ulDataLen, - pSignature); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenerateAgreementDataWithECC( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phAgreementHandle) -{ - if (skf_method->GenerateAgreementDataWithECC) { - return skf_method->GenerateAgreementDataWithECC( - hContainer, - ulAlgId, - pTempECCPubKeyBlob, - pbID, - ulIDLen, - phAgreementHandle); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC( - HANDLE hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob, - ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - BYTE *pbSponsorID, - ULONG ulSponsorIDLen, - HANDLE *phKeyHandle) -{ - if (skf_method->GenerateAgreementDataAndKeyWithECC) { - return skf_method->GenerateAgreementDataAndKeyWithECC( - hContainer, - ulAlgId, - pSponsorECCPubKeyBlob, - pSponsorTempECCPubKeyBlob, - pTempECCPubKeyBlob, - pbID, - ulIDLen, - pbSponsorID, - ulSponsorIDLen, - phKeyHandle); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_GenerateKeyWithECC( - HANDLE hAgreementHandle, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phKeyHandle) -{ - if (skf_method->GenerateKeyWithECC) { - return skf_method->GenerateKeyWithECC( - hAgreementHandle, - pECCPubKeyBlob, - pTempECCPubKeyBlob, - pbID, - ulIDLen, - phKeyHandle); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_ImportSessionKey( - HCONTAINER hContainer, - ULONG ulAlgId, - BYTE *pbWrapedData, - ULONG ulWrapedLen, - HANDLE *phKey) -{ - if (skf_method->ImportSessionKey) { - return skf_method->ImportSessionKey( - hContainer, - ulAlgId, - pbWrapedData, - ulWrapedLen, - phKey); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_SetSymmKey( - DEVHANDLE hDev, - BYTE *pbKey, - ULONG ulAlgID, - HANDLE *phKey) -{ - if (skf_method->SetSymmKey) { - return skf_method->SetSymmKey( - hDev, - pbKey, - ulAlgID, - phKey); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EncryptInit( - HANDLE hKey, - BLOCKCIPHERPARAM EncryptParam) -{ - if (skf_method->EncryptInit) { - return skf_method->EncryptInit( - hKey, - EncryptParam); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_Encrypt( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen) -{ - if (skf_method->Encrypt) { - return skf_method->Encrypt( - hKey, - pbData, - ulDataLen, - pbEncryptedData, - pulEncryptedLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EncryptUpdate( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen) -{ - if (skf_method->EncryptUpdate) { - return skf_method->EncryptUpdate( - hKey, - pbData, - ulDataLen, - pbEncryptedData, - pulEncryptedLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_EncryptFinal( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG *pulEncryptedDataLen) -{ - if (skf_method->EncryptFinal) { - return skf_method->EncryptFinal( - hKey, - pbEncryptedData, - pulEncryptedDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DecryptInit( - HANDLE hKey, - BLOCKCIPHERPARAM DecryptParam) -{ - if (skf_method->DecryptInit) { - return skf_method->DecryptInit( - hKey, - DecryptParam); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_Decrypt( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (skf_method->Decrypt) { - return skf_method->Decrypt( - hKey, - pbEncryptedData, - ulEncryptedLen, - pbData, - pulDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DecryptUpdate( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen) -{ - if (skf_method->DecryptUpdate) { - return skf_method->DecryptUpdate( - hKey, - pbEncryptedData, - ulEncryptedLen, - pbData, - pulDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DecryptFinal( - HANDLE hKey, - BYTE *pbDecryptedData, - ULONG *pulDecryptedDataLen) -{ - if (skf_method->DecryptFinal) { - return skf_method->DecryptFinal( - hKey, - pbDecryptedData, - pulDecryptedDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DigestInit( - DEVHANDLE hDev, - ULONG ulAlgID, - ECCPUBLICKEYBLOB *pPubKey, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phHash) -{ - if (skf_method->DigestInit) { - return skf_method->DigestInit( - hDev, - ulAlgID, - pPubKey, - pbID, - ulIDLen, - phHash); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_Digest( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbHashData, - ULONG *pulHashLen) -{ - if (skf_method->Digest) { - return skf_method->Digest( - hHash, - pbData, - ulDataLen, - pbHashData, - pulHashLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DigestUpdate( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen) -{ - if (skf_method->DigestUpdate) { - return skf_method->DigestUpdate( - hHash, - pbData, - ulDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_DigestFinal( - HANDLE hHash, - BYTE *pHashData, - ULONG *pulHashLen) -{ - if (skf_method->DigestFinal) { - return skf_method->DigestFinal( - hHash, - pHashData, - pulHashLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_MacInit( - HANDLE hKey, - BLOCKCIPHERPARAM *pMacParam, - HANDLE *phMac) -{ - if (skf_method->MacInit) { - return skf_method->MacInit( - hKey, - pMacParam, - phMac); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_Mac( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbMacData, - ULONG *pulMacLen) -{ - if (skf_method->Mac) { - return skf_method->Mac( - hMac, - pbData, - ulDataLen, - pbMacData, - pulMacLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_MacUpdate( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen) -{ - if (skf_method->MacUpdate) { - return skf_method->MacUpdate( - hMac, - pbData, - ulDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_MacFinal( - HANDLE hMac, - BYTE *pbMacData, - ULONG *pulMacDataLen) -{ - if (skf_method->MacFinal) { - return skf_method->MacFinal( - hMac, - pbMacData, - pulMacDataLen); - } - return SAR_NOTSUPPORTYETERR; -} - -ULONG DEVAPI SKF_CloseHandle( - HANDLE hHandle) -{ - if (skf_method->CloseHandle) { - return skf_method->CloseHandle( - hHandle); - - } - return SAR_NOTSUPPORTYETERR; -} - - -static ERR_STRING_DATA skf_errstr[] = { - { SAR_OK, "Success" }, - { SAR_FAIL, "Failure" }, - { SAR_UNKNOWNERR, "Unknown error" }, - { SAR_NOTSUPPORTYETERR, "Not supported" }, - { SAR_FILEERR, "File error" }, - { SAR_INVALIDHANDLEERR, "Invalid handle" }, - { SAR_INVALIDPARAMERR, "Invalid parameter" }, - { SAR_READFILEERR, "Read file error" }, - { SAR_WRITEFILEERR, "Write file error" }, - { SAR_NAMELENERR, "Name length error" }, - { SAR_KEYUSAGEERR, "Key usage error" }, - { SAR_MODULUSLENERR, "Modulus length error" }, - { SAR_NOTINITIALIZEERR, "Not initialized" }, - { SAR_OBJERR, "Object error" }, - { SAR_MEMORYERR, "Memory error" }, - { SAR_TIMEOUTERR, "Time out" }, - { SAR_INDATALENERR, "Input data length error" }, - { SAR_INDATAERR, "Input data error" }, - { SAR_GENRANDERR, "Generate randomness error" }, - { SAR_HASHOBJERR, "Hash object error" }, - { SAR_HASHERR, "Hash error" }, - { SAR_GENRSAKEYERR, "Genenerate RSA key error" }, - { SAR_RSAMODULUSLENERR, "RSA modulus length error" }, - { SAR_CSPIMPRTPUBKEYERR, "CSP import public key error" }, - { SAR_RSAENCERR, "RSA encryption error" }, - { SAR_RSADECERR, "RSA decryption error" }, - { SAR_HASHNOTEQUALERR, "Hash not equal" }, - { SAR_KEYNOTFOUNTERR, "Key not found" }, - { SAR_CERTNOTFOUNTERR, "Certificate not found" }, - { SAR_NOTEXPORTERR, "Not exported" }, - { SAR_DECRYPTPADERR, "Decrypt pad error" }, - { SAR_MACLENERR, "MAC length error" }, - { SAR_BUFFER_TOO_SMALL, "Buffer too small" }, - { SAR_KEYINFOTYPEERR, "Key info type error" }, - { SAR_NOT_EVENTERR, "No event error" }, - { SAR_DEVICE_REMOVED, "Device removed" }, - { SAR_PIN_INCORRECT, "PIN incorrect" }, - { SAR_PIN_LOCKED, "PIN locked" }, - { SAR_PIN_INVALID, "PIN invalid" }, - { SAR_PIN_LEN_RANGE, "PIN length error" }, - { SAR_USER_ALREADY_LOGGED_IN, "User already logged in" }, - { SAR_USER_PIN_NOT_INITIALIZED, "User PIN not initialized" }, - { SAR_USER_TYPE_INVALID, "User type invalid" }, - { SAR_APPLICATION_NAME_INVALID, "Application name invalid" }, - { SAR_APPLICATION_EXISTS, "Application already exist" }, - { SAR_USER_NOT_LOGGED_IN, "User not logged in" }, - { SAR_APPLICATION_NOT_EXISTS, "Application not exist" }, - { SAR_FILE_ALREADY_EXIST, "File already exist" }, - { SAR_NO_ROOM, "No file space" }, - { SAR_FILE_NOT_EXIST, "File not exist" } -}; - -const char *SKF_GetErrorString(ULONG ulError) -{ - int i; - for (i = 0; i < OSSL_NELEM(skf_errstr); i++) { - if (ulError == skf_errstr[i].error) { - return skf_errstr[i].string; - } - } - return "(undef)"; -} - -int SKF_PrintRSAPublicKey(FILE *fp, RSAPUBLICKEYBLOB *pk) -{ - return 0; -} - -int SKF_PrintRSAPrivateKey(FILE *fp, RSAPRIVATEKEYBLOB *pk) -{ - return 0; -} - -int SKF_PrintECCPublicKey(FILE *fp, ECCPUBLICKEYBLOB *pk) -{ - return 0; -} - -int SKF_PrintECCPrivateKey(FILE *fp, ECCPRIVATEKEYBLOB *pk) -{ - return 0; -} - -int SKF_PrintECCCipher(FILE *fp, ECCCIPHERBLOB *cipher) -{ - return 0; -} - -int SKF_PrintECCSignature(FILE *fp, ECCSIGNATUREBLOB *sig) -{ - return 0; -} - -int SKF_PrintDeviceInfo(FILE *fp, DEVINFO *devInfo) -{ - int ret = 0; - ret += fprintf(fp, "Device Info:\n"); - ret += fprintf(fp, " Device Version : %d.%d\n", devInfo->Version.major, devInfo->Version.minor); - ret += fprintf(fp, " Manufacturer : %s\n", devInfo->Manufacturer); - ret += fprintf(fp, " Issuer : %s\n", devInfo->Issuer); - ret += fprintf(fp, " Label : %s\n", devInfo->Label); - ret += fprintf(fp, " Serial Number : %s\n", devInfo->SerialNumber); - ret += fprintf(fp, " Hardware Version : %d.%d\n", devInfo->HWVersion.major, devInfo->HWVersion.minor); - ret += fprintf(fp, " Firmware Version : %d.%d\n", devInfo->FirmwareVersion.major, devInfo->FirmwareVersion.minor); - ret += fprintf(fp, " AlgSymCap : 0x%08x\n", devInfo->AlgSymCap); - ret += fprintf(fp, " AlgAsymCap : 0x%08x\n", devInfo->AlgAsymCap); - ret += fprintf(fp, " AlgHashCap : 0x%08x\n", devInfo->AlgHashCap); - ret += fprintf(fp, " AlgHashCap : 0x%08x\n", devInfo->DevAuthAlgId); - ret += fprintf(fp, " Total Space : %u\n", devInfo->TotalSpace); - ret += fprintf(fp, " Free Space : %u\n", devInfo->FreeSpace); - ret += fprintf(fp, " MaxECCBuffer : %u\n", devInfo->MaxECCBufferSize); - ret += fprintf(fp, " MaxBuffer : %u\n", devInfo->MaxBufferSize); - return ret; -} - -const char *SKF_GetAlgorName(ULONG ulAlgID) -{ - switch (ulAlgID) { - case SGD_SM1_ECB: return "sm1-ecb"; - case SGD_SM1_CBC: return "sm1-cbc"; - case SGD_SM1_CFB: return "sm1-ocb"; - case SGD_SM1_OFB: return "sm1-ofb"; - case SGD_SM1_MAC: return "sm1-mac"; - case SGD_SM4_ECB: return "sms4-ecb"; - case SGD_SM4_CBC: return "sms4-cbc"; - case SGD_SM4_CFB: return "sms4-cfb"; - case SGD_SM4_OFB: return "sms4-ofb"; - case SGD_SM4_MAC: return "sms4-mac"; - case SGD_SSF33_ECB: return "ssf33-ecb"; - case SGD_SSF33_CBC: return "ssf33-cbc"; - case SGD_SSF33_CFB: return "ssf33-cfb"; - case SGD_SSF33_OFB: return "ssf33-ofb"; - case SGD_SSF33_MAC: return "ssf33-mac"; - case SGD_RSA: return "rsa"; - case SGD_SM2_1: return "sm2sign"; - case SGD_SM2_2: return "sm2encrypt"; - case SGD_SM2_3: return "sm2keyagreement"; - case SGD_SM3: return "sm3"; - case SGD_SHA1: return "sha1"; - case SGD_SHA256: return "sha256"; - } - return NULL; -} +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include +#include +#include "internal/dso.h" +#include "internal/skf_int.h" +#include "../../e_os.h" + + +SKF_METHOD *skf_method = NULL; +SKF_VENDOR *skf_vendor = NULL; +extern SKF_VENDOR *skf_wisec; + + +ULONG SKF_LoadLibrary(LPSTR so_path, LPSTR vendor) +{ + if (skf_method) { + SKF_METHOD_free(skf_method); + skf_method = NULL; + } + + if (!(skf_method = SKF_METHOD_load_library((char *)so_path))) { + SKFerr(SKF_F_SKF_LOADLIBRARY, SKF_R_LOAD_LIBRARY_FAILURE); + return SAR_FAIL; + } + + if (vendor) { + if (strcmp((char *)vendor, skf_wisec->name) == 0) { + skf_vendor = skf_wisec; + } else { + SKFerr(SKF_F_SKF_LOADLIBRARY, SKF_R_UNKNOWN_VENDOR); + return SAR_FAIL; + } + } + + return SAR_OK; +} + +ULONG SKF_UnloadLibrary(void) +{ + SKF_METHOD_free(skf_method); + skf_method = NULL; + skf_vendor = NULL; + return SAR_OK; +} + +static SKF_ERR_REASON skf_errors[] = { + { SAR_OK, SKF_R_SUCCESS }, + { SAR_FAIL, SKF_R_FAILURE }, + { SAR_UNKNOWNERR, SKF_R_UNKNOWN_ERROR }, + { SAR_NOTSUPPORTYETERR, SKF_R_OPERATION_NOT_SUPPORTED }, + { SAR_FILEERR, SKF_R_FILE_ERROR }, + { SAR_INVALIDHANDLEERR, SKF_R_INVALID_HANDLE }, + { SAR_INVALIDPARAMERR, SKF_R_INVALID_PARAMETER }, + { SAR_READFILEERR, SKF_R_READ_FILE_FAILURE }, + { SAR_WRITEFILEERR, SKF_R_WRITE_FILE_FAILURE }, + { SAR_NAMELENERR, SKF_R_INVALID_NAME_LENGTH }, + { SAR_KEYUSAGEERR, SKF_R_INVALID_KEY_USAGE }, + { SAR_MODULUSLENERR, SKF_R_INVALID_MODULUS_LENGTH }, + { SAR_NOTINITIALIZEERR, SKF_R_NOT_INITIALIZED }, + { SAR_OBJERR, SKF_R_INVALID_OBJECT }, + { SAR_MEMORYERR, SKF_R_MEMORY_ERROR }, + { SAR_TIMEOUTERR, SKF_R_TIMEOUT }, + { SAR_INDATALENERR, SKF_R_INVALID_INPUT_LENGTH }, + { SAR_INDATAERR, SKF_R_INVALID_INPUT_VALUE }, + { SAR_GENRANDERR, SKF_R_RANDOM_GENERATION_FAILED }, + { SAR_HASHOBJERR, SKF_R_INVALID_DIGEST_HANDLE }, + { SAR_HASHERR, SKF_R_DIGEST_ERROR }, + { SAR_GENRSAKEYERR, SKF_R_RSA_KEY_GENERATION_FAILURE }, + { SAR_RSAMODULUSLENERR, SKF_R_INVALID_RSA_MODULUS_LENGTH }, + { SAR_CSPIMPRTPUBKEYERR, SKF_R_CSP_IMPORT_PUBLIC_KEY_ERROR }, + { SAR_RSAENCERR, SKF_R_RSA_ENCRYPTION_FAILURE }, + { SAR_RSADECERR, SKF_R_RSA_DECRYPTION_FAILURE }, + { SAR_HASHNOTEQUALERR, SKF_R_HASH_NOT_EQUAL }, + { SAR_KEYNOTFOUNTERR, SKF_R_KEY_NOT_FOUND }, + { SAR_CERTNOTFOUNTERR, SKF_R_CERTIFICATE_NOT_FOUND }, + { SAR_NOTEXPORTERR, SKF_R_EXPORT_FAILED }, + { SAR_DECRYPTPADERR, SKF_R_DECRYPT_INVALID_PADDING }, + { SAR_MACLENERR, SKF_R_INVALID_MAC_LENGTH }, + { SAR_BUFFER_TOO_SMALL, SKF_R_BUFFER_TOO_SMALL }, + { SAR_KEYINFOTYPEERR, SKF_R_INVALID_KEY_INFO_TYPE }, + { SAR_NOT_EVENTERR, SKF_R_NO_EVENT }, + { SAR_DEVICE_REMOVED, SKF_R_DEVICE_REMOVED }, + { SAR_PIN_INCORRECT, SKF_R_PIN_INCORRECT }, + { SAR_PIN_LOCKED, SKF_R_PIN_LOCKED }, + { SAR_PIN_INVALID, SKF_R_INVALID_PIN }, + { SAR_PIN_LEN_RANGE, SKF_R_INVALID_PIN_LENGTH }, + { SAR_USER_ALREADY_LOGGED_IN, SKF_R_USER_ALREADY_LOGGED_IN }, + { SAR_USER_PIN_NOT_INITIALIZED, SKF_R_USER_PIN_NOT_INITIALIZED }, + { SAR_USER_TYPE_INVALID, SKF_R_INVALID_USER_TYPE }, + { SAR_APPLICATION_NAME_INVALID, SKF_R_INVALID_APPLICATION_NAME }, + { SAR_APPLICATION_EXISTS, SKF_R_APPLICATION_ALREADY_EXIST }, + { SAR_USER_NOT_LOGGED_IN, SKF_R_USER_NOT_LOGGED_IN }, + { SAR_APPLICATION_NOT_EXISTS, SKF_R_APPLICATION_NOT_EXIST }, + { SAR_FILE_ALREADY_EXIST, SKF_R_FILE_ALREADY_EXIST }, + { SAR_NO_ROOM, SKF_R_NO_SPACE }, + { SAR_FILE_NOT_EXIST, SKF_R_FILE_NOT_EXIST }, +}; + +static unsigned long skf_get_error_reason(ULONG ulError) +{ + int i; + for (i = 0; i < OSSL_NELEM(skf_errors); i++) { + if (ulError == skf_errors[i].err) { + return skf_errors[i].reason; + } + } + if (skf_vendor) { + return skf_vendor->get_error_reason(ulError); + } + return 0; +} + +ULONG SKF_GetErrorString(ULONG ulError, LPSTR *szErrorStr) +{ + unsigned long reason; + + if ((reason = skf_get_error_reason(ulError)) != 0) { + *szErrorStr = (LPSTR)ERR_reason_error_string(reason); + } else { + *szErrorStr = (LPSTR)"(unknown)"; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_WaitForDevEvent( + LPSTR szDevName, + ULONG *pulDevNameLen, + ULONG *pulEvent) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_WAITFORDEVEVENT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->WaitForDevEvent) { + SKFerr(SKF_F_SKF_WAITFORDEVEVENT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->WaitForDevEvent( + szDevName, + pulDevNameLen, + pulEvent)) != SAR_OK) { + SKFerr(SKF_F_SKF_WAITFORDEVEVENT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CancelWaitForDevEvent( + void) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CANCELWAITFORDEVEVENT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CancelWaitForDevEvent) { + SKFerr(SKF_F_SKF_CANCELWAITFORDEVEVENT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_method->CancelWaitForDevEvent) { + return skf_method->CancelWaitForDevEvent(); + } + + if ((rv = skf_method->CancelWaitForDevEvent()) != SAR_OK) { + SKFerr(SKF_F_SKF_CANCELWAITFORDEVEVENT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EnumDev( + BOOL bPresent, + LPSTR szNameList, + ULONG *pulSize) +{ + ULONG rv; + + + // check output of all enum functions !!!! + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENUMDEV, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EnumDev) { + SKFerr(SKF_F_SKF_ENUMDEV, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (szNameList) { + memset(szNameList, 0, *pulSize); + } + + if ((rv = skf_method->EnumDev( + bPresent, + szNameList, + pulSize)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENUMDEV, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ConnectDev( + LPSTR szName, + DEVHANDLE *phDev) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CONNECTDEV, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ConnectDev) { + SKFerr(SKF_F_SKF_CONNECTDEV, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ConnectDev( + szName, + phDev)) != SAR_OK) { + SKFerr(SKF_F_SKF_CONNECTDEV, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DisConnectDev( + DEVHANDLE hDev) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DISCONNECTDEV, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DisConnectDev) { + SKFerr(SKF_F_SKF_DISCONNECTDEV, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DisConnectDev( + hDev)) != SAR_OK) { + SKFerr(SKF_F_SKF_DISCONNECTDEV, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GetDevState( + LPSTR szDevName, + ULONG *pulDevState) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GETDEVSTATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GetDevState) { + SKFerr(SKF_F_SKF_GETDEVSTATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GetDevState( + szDevName, + pulDevState)) != SAR_OK) { + SKFerr(SKF_F_SKF_GETDEVSTATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_SetLabel( + DEVHANDLE hDev, + LPSTR szLabel) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_SETLABEL, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->SetLabel) { + SKFerr(SKF_F_SKF_SETLABEL, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->SetLabel( + hDev, + szLabel)) != SAR_OK) { + SKFerr(SKF_F_SKF_SETLABEL, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GetDevInfo( + DEVHANDLE hDev, + DEVINFO *pDevInfo) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GETDEVINFO, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GetDevInfo) { + SKFerr(SKF_F_SKF_GETDEVINFO, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + memset(pDevInfo, 0, sizeof(DEVINFO)); + + if ((rv = skf_method->GetDevInfo( + hDev, + pDevInfo)) != SAR_OK) { + SKFerr(SKF_F_SKF_GETDEVINFO, skf_get_error_reason(rv)); + printf("rv = %8x\n", rv); + return rv; + } + + if (skf_vendor) { + pDevInfo->AlgSymCap = skf_vendor->get_cipher_cap(pDevInfo->AlgSymCap); + pDevInfo->AlgAsymCap = skf_vendor->get_pkey_cap(pDevInfo->AlgAsymCap); + pDevInfo->AlgHashCap = skf_vendor->get_digest_cap(pDevInfo->AlgHashCap); + pDevInfo->DevAuthAlgId = skf_vendor->get_cipher_cap(pDevInfo->DevAuthAlgId); + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_LockDev( + DEVHANDLE hDev, + ULONG ulTimeOut) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_LOCKDEV, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->LockDev) { + SKFerr(SKF_F_SKF_LOCKDEV, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->LockDev( + hDev, + ulTimeOut)) != SAR_OK) { + SKFerr(SKF_F_SKF_LOCKDEV, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_UnlockDev( + DEVHANDLE hDev) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_UNLOCKDEV, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->UnlockDev) { + SKFerr(SKF_F_SKF_UNLOCKDEV, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->UnlockDev( + hDev)) != SAR_OK) { + SKFerr(SKF_F_SKF_UNLOCKDEV, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_Transmit( + DEVHANDLE hDev, + BYTE *pbCommand, + ULONG ulCommandLen, + BYTE *pbData, + ULONG *pulDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_TRANSMIT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->Transmit) { + SKFerr(SKF_F_SKF_TRANSMIT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->Transmit( + hDev, + pbCommand, + ulCommandLen, + pbData, + pulDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_TRANSMIT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ChangeDevAuthKey( + DEVHANDLE hDev, + BYTE *pbKeyValue, + ULONG ulKeyLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CHANGEDEVAUTHKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ChangeDevAuthKey) { + SKFerr(SKF_F_SKF_CHANGEDEVAUTHKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ChangeDevAuthKey( + hDev, + pbKeyValue, + ulKeyLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_CHANGEDEVAUTHKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DevAuth( + DEVHANDLE hDev, + BYTE *pbAuthData, + ULONG ulLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DEVAUTH, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DevAuth) { + SKFerr(SKF_F_SKF_DEVAUTH, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DevAuth( + hDev, + pbAuthData, + ulLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DEVAUTH, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ChangePIN( + HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szOldPin, + LPSTR szNewPin, + ULONG *pulRetryCount) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CHANGEPIN, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ChangePIN) { + SKFerr(SKF_F_SKF_CHANGEPIN, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ChangePIN( + hApplication, + ulPINType, + szOldPin, + szNewPin, + pulRetryCount)) != SAR_OK) { + SKFerr(SKF_F_SKF_CHANGEPIN, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +LONG DEVAPI SKF_GetPINInfo( + HAPPLICATION hApplication, + ULONG ulPINType, + ULONG *pulMaxRetryCount, + ULONG *pulRemainRetryCount, + BOOL *pbDefaultPin) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GETPININFO, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GetPINInfo) { + SKFerr(SKF_F_SKF_GETPININFO, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GetPINInfo( + hApplication, + ulPINType, + pulMaxRetryCount, + pulRemainRetryCount, + pbDefaultPin)) != SAR_OK) { + SKFerr(SKF_F_SKF_GETPININFO, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_VerifyPIN( + HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szPIN, + ULONG *pulRetryCount) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_VERIFYPIN, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->VerifyPIN) { + SKFerr(SKF_F_SKF_VERIFYPIN, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->VerifyPIN( + hApplication, + ulPINType, + szPIN, + pulRetryCount)) != SAR_OK) { + SKFerr(SKF_F_SKF_VERIFYPIN, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_UnblockPIN( + HAPPLICATION hApplication, + LPSTR szAdminPIN, + LPSTR szNewUserPIN, + ULONG *pulRetryCount) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_UNBLOCKPIN, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->UnblockPIN) { + SKFerr(SKF_F_SKF_UNBLOCKPIN, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->UnblockPIN( + hApplication, + szAdminPIN, + szNewUserPIN, + pulRetryCount)) != SAR_OK) { + SKFerr(SKF_F_SKF_UNBLOCKPIN, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ClearSecureState( + HAPPLICATION hApplication) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CLEARSECURESTATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ClearSecureState) { + SKFerr(SKF_F_SKF_CLEARSECURESTATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ClearSecureState( + hApplication)) != SAR_OK) { + SKFerr(SKF_F_SKF_CLEARSECURESTATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CreateApplication( + DEVHANDLE hDev, + LPSTR szAppName, + LPSTR szAdminPin, + DWORD dwAdminPinRetryCount, + LPSTR szUserPin, + DWORD dwUserPinRetryCount, + DWORD dwCreateFileRights, + HAPPLICATION *phApplication) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CREATEAPPLICATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CreateApplication) { + SKFerr(SKF_F_SKF_CREATEAPPLICATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CreateApplication( + hDev, + szAppName, + szAdminPin, + dwAdminPinRetryCount, + szUserPin, + dwUserPinRetryCount, + dwCreateFileRights, + phApplication)) != SAR_OK) { + SKFerr(SKF_F_SKF_CREATEAPPLICATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EnumApplication( + DEVHANDLE hDev, + LPSTR szAppName, + ULONG *pulSize) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENUMAPPLICATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EnumApplication) { + SKFerr(SKF_F_SKF_ENUMAPPLICATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EnumApplication( + hDev, + szAppName, + pulSize)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENUMAPPLICATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DeleteApplication( + DEVHANDLE hDev, + LPSTR szAppName) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DELETEAPPLICATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DeleteApplication) { + SKFerr(SKF_F_SKF_DELETEAPPLICATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DeleteApplication( + hDev, + szAppName)) != SAR_OK) { + SKFerr(SKF_F_SKF_DELETEAPPLICATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_OpenApplication( + DEVHANDLE hDev, + LPSTR szAppName, + HAPPLICATION *phApplication) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_OPENAPPLICATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->OpenApplication) { + SKFerr(SKF_F_SKF_OPENAPPLICATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->OpenApplication( + hDev, + szAppName, + phApplication)) != SAR_OK) { + SKFerr(SKF_F_SKF_OPENAPPLICATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CloseApplication( + HAPPLICATION hApplication) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CLOSEAPPLICATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CloseApplication) { + SKFerr(SKF_F_SKF_CLOSEAPPLICATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CloseApplication( + hApplication)) != SAR_OK) { + SKFerr(SKF_F_SKF_CLOSEAPPLICATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CreateFile( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulFileSize, + ULONG ulReadRights, + ULONG ulWriteRights) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CREATEFILE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CreateObject) { + SKFerr(SKF_F_SKF_CREATEFILE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CreateObject( + hApplication, + szFileName, + ulFileSize, + ulReadRights, + ulWriteRights)) != SAR_OK) { + SKFerr(SKF_F_SKF_CREATEFILE, skf_get_error_reason(rv)); + + //LPSTR str = NULL; + //printf("error = %08X\n", rv); + //SKF_GetErrorString(rv, &str); + //printf("error = %s\n", (char *)str); + + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DeleteFile( + HAPPLICATION hApplication, + LPSTR szFileName) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DELETEFILE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DeleteObject) { + SKFerr(SKF_F_SKF_DELETEFILE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DeleteObject( + hApplication, + szFileName)) != SAR_OK) { + SKFerr(SKF_F_SKF_DELETEFILE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EnumFiles( + HAPPLICATION hApplication, + LPSTR szFileList, + ULONG *pulSize) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENUMFILES, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EnumObjects) { + SKFerr(SKF_F_SKF_ENUMFILES, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EnumObjects( + hApplication, + szFileList, + pulSize)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENUMFILES, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GetFileInfo( + HAPPLICATION hApplication, + LPSTR szFileName, + FILEATTRIBUTE *pFileInfo) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GETFILEINFO, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GetObjectInfo) { + SKFerr(SKF_F_SKF_GETFILEINFO, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + memset(pFileInfo, 0, sizeof(FILEATTRIBUTE)); + + if ((rv = skf_method->GetObjectInfo( + hApplication, + szFileName, + pFileInfo)) != SAR_OK) { + SKFerr(SKF_F_SKF_GETFILEINFO, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ReadFile( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + ULONG ulSize, + BYTE *pbOutData, + ULONG *pulOutLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_READFILE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ReadObject) { + SKFerr(SKF_F_SKF_READFILE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ReadObject( + hApplication, + szFileName, + ulOffset, + ulSize, + pbOutData, + pulOutLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_READFILE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_WriteFile( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + BYTE *pbData, + ULONG ulSize) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_WRITEFILE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->WriteObject) { + SKFerr(SKF_F_SKF_WRITEFILE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->WriteObject( + hApplication, + szFileName, + ulOffset, + pbData, + ulSize)) != SAR_OK) { + SKFerr(SKF_F_SKF_WRITEFILE, skf_get_error_reason(rv)); + + printf("error = %08X\n", rv); + + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CreateContainer( + HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CREATECONTAINER, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CreateContainer) { + SKFerr(SKF_F_SKF_CREATECONTAINER, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CreateContainer( + hApplication, + szContainerName, + phContainer)) != SAR_OK) { + SKFerr(SKF_F_SKF_CREATECONTAINER, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DeleteContainer( + HAPPLICATION hApplication, + LPSTR szContainerName) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DELETECONTAINER, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DeleteContainer) { + SKFerr(SKF_F_SKF_DELETECONTAINER, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DeleteContainer( + hApplication, + szContainerName)) != SAR_OK) { + SKFerr(SKF_F_SKF_DELETECONTAINER, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EnumContainer( + HAPPLICATION hApplication, + LPSTR szContainerName, + ULONG *pulSize) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENUMCONTAINER, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EnumContainer) { + SKFerr(SKF_F_SKF_ENUMCONTAINER, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EnumContainer( + hApplication, + szContainerName, + pulSize)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENUMCONTAINER, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_OpenContainer( + HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_OPENCONTAINER, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->OpenContainer) { + SKFerr(SKF_F_SKF_OPENCONTAINER, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->OpenContainer( + hApplication, + szContainerName, + phContainer)) != SAR_OK) { + SKFerr(SKF_F_SKF_OPENCONTAINER, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CloseContainer( + HCONTAINER hContainer) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CLOSECONTAINER, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CloseContainer) { + SKFerr(SKF_F_SKF_CLOSECONTAINER, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CloseContainer( + hContainer)) != SAR_OK) { + SKFerr(SKF_F_SKF_CLOSECONTAINER, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GetContainerType( + HCONTAINER hContainer, + ULONG *pulContainerType) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GETCONTAINERTYPE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GetContainerType) { + SKFerr(SKF_F_SKF_GETCONTAINERTYPE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GetContainerType( + hContainer, + pulContainerType)) != SAR_OK) { + SKFerr(SKF_F_SKF_GETCONTAINERTYPE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ImportCertificate( + HCONTAINER hContainer, + BOOL bExportSignKey, + BYTE *pbCert, + ULONG ulCertLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_IMPORTCERTIFICATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ImportCertificate) { + SKFerr(SKF_F_SKF_IMPORTCERTIFICATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ImportCertificate( + hContainer, + bExportSignKey, + pbCert, + ulCertLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_IMPORTCERTIFICATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExportCertificate( + HCONTAINER hContainer, + BOOL bSignFlag, + BYTE *pbCert, + ULONG *pulCertLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXPORTCERTIFICATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExportCertificate) { + SKFerr(SKF_F_SKF_EXPORTCERTIFICATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExportCertificate( + hContainer, + bSignFlag, + pbCert, + pulCertLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXPORTCERTIFICATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExportPublicKey( + HCONTAINER hContainer, + BOOL bSignFlag, + BYTE *pbBlob, + ULONG *pulBlobLen) +{ + ULONG rv; + + // TODO: check the output length, clear the memmory. + // if pbBlob is NULL, return the length + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXPORTPUBLICKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExportPublicKey) { + SKFerr(SKF_F_SKF_EXPORTPUBLICKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExportPublicKey( + hContainer, + bSignFlag, + pbBlob, + pulBlobLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXPORTPUBLICKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenRandom( + DEVHANDLE hDev, + BYTE *pbRandom, + ULONG ulRandomLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENRANDOM, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenRandom) { + SKFerr(SKF_F_SKF_GENRANDOM, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GenRandom( + hDev, + pbRandom, + ulRandomLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENRANDOM, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenExtRSAKey( + DEVHANDLE hDev, + ULONG ulBitsLen, + RSAPRIVATEKEYBLOB *pBlob) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENEXTRSAKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenExtRSAKey) { + SKFerr(SKF_F_SKF_GENEXTRSAKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GenExtRSAKey( + hDev, + ulBitsLen, + pBlob)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENEXTRSAKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenRSAKeyPair( + HCONTAINER hContainer, + ULONG ulBitsLen, + RSAPUBLICKEYBLOB *pBlob) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENRSAKEYPAIR, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenRSAKeyPair) { + SKFerr(SKF_F_SKF_GENRSAKEYPAIR, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + memset(pBlob, 0, sizeof(RSAPUBLICKEYBLOB)); + if ((rv = skf_method->GenRSAKeyPair( + hContainer, + ulBitsLen, + pBlob)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENRSAKEYPAIR, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ImportRSAKeyPair( + HCONTAINER hContainer, + ULONG ulSymAlgId, + BYTE *pbWrappedKey, + ULONG ulWrappedKeyLen, + BYTE *pbEncryptedData, + ULONG ulEncryptedDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_IMPORTRSAKEYPAIR, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ImportRSAKeyPair) { + SKFerr(SKF_F_SKF_IMPORTRSAKEYPAIR, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulSymAlgId = skf_vendor->get_cipher_algor(ulSymAlgId))) { + SKFerr(SKF_F_SKF_IMPORTRSAKEYPAIR, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->ImportRSAKeyPair( + hContainer, + ulSymAlgId, + pbWrappedKey, + ulWrappedKeyLen, + pbEncryptedData, + ulEncryptedDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_IMPORTRSAKEYPAIR, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_RSASignData( + HCONTAINER hContainer, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG *pulSignLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_RSASIGNDATA, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->RSASignData) { + SKFerr(SKF_F_SKF_RSASIGNDATA, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->RSASignData( + hContainer, + pbData, + ulDataLen, + pbSignature, + pulSignLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_RSASIGNDATA, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_RSAVerify( + DEVHANDLE hDev, + RSAPUBLICKEYBLOB *pRSAPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG ulSignLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_RSAVERIFY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->RSAVerify) { + SKFerr(SKF_F_SKF_RSAVERIFY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->RSAVerify( + hDev, + pRSAPubKeyBlob, + pbData, + ulDataLen, + pbSignature, + ulSignLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_RSAVERIFY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_RSAExportSessionKey( + HCONTAINER hContainer, + ULONG ulAlgId, + RSAPUBLICKEYBLOB *pPubKey, + BYTE *pbData, + ULONG *pulDataLen, + HANDLE *phSessionKey) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_RSAEXPORTSESSIONKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->RSAExportSessionKey) { + SKFerr(SKF_F_SKF_RSAEXPORTSESSIONKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_cipher_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_RSAEXPORTSESSIONKEY, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->RSAExportSessionKey( + hContainer, + ulAlgId, + pPubKey, + pbData, + pulDataLen, + phSessionKey)) != SAR_OK) { + SKFerr(SKF_F_SKF_RSAEXPORTSESSIONKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtRSAPubKeyOperation( + DEVHANDLE hDev, + RSAPUBLICKEYBLOB *pRSAPubKeyBlob, + BYTE *pbInput, + ULONG ulInputLen, + BYTE *pbOutput, + ULONG *pulOutputLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtRSAPubKeyOperation) { + SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtRSAPubKeyOperation( + hDev, + pRSAPubKeyBlob, + pbInput, + ulInputLen, + pbOutput, + pulOutputLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtRSAPriKeyOperation( + DEVHANDLE hDev, + RSAPRIVATEKEYBLOB *pRSAPriKeyBlob, + BYTE *pbInput, + ULONG ulInputLen, + BYTE *pbOutput, + ULONG *pulOutputLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtRSAPriKeyOperation) { + SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtRSAPriKeyOperation( + hDev, + pRSAPriKeyBlob, + pbInput, + ulInputLen, + pbOutput, + pulOutputLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenECCKeyPair( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pBlob) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENECCKEYPAIR, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenECCKeyPair) { + SKFerr(SKF_F_SKF_GENECCKEYPAIR, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_pkey_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_GENECCKEYPAIR, + SKF_R_NOT_SUPPORTED_PKEY_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + memset(pBlob, 0, sizeof(ECCPUBLICKEYBLOB)); + if ((rv = skf_method->GenECCKeyPair( + hContainer, + ulAlgId, + pBlob)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENECCKEYPAIR, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ImportECCKeyPair( + HCONTAINER hContainer, + ENVELOPEDKEYBLOB *pEnvelopedKeyBlob) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_IMPORTECCKEYPAIR, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ImportECCKeyPair) { + SKFerr(SKF_F_SKF_IMPORTECCKEYPAIR, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ImportECCKeyPair( + hContainer, + pEnvelopedKeyBlob)) != SAR_OK) { + SKFerr(SKF_F_SKF_IMPORTECCKEYPAIR, skf_get_error_reason(rv)); + printf("%s %d: error = %08X\n", __FILE__, __LINE__, rv); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ECCSignData( + HCONTAINER hContainer, + BYTE *pbDigest, + ULONG ulDigestLen, + ECCSIGNATUREBLOB *pSignature) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ECCSIGNDATA, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ECCSignData) { + SKFerr(SKF_F_SKF_ECCSIGNDATA, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ECCSignData( + hContainer, + pbDigest, + ulDigestLen, + pSignature)) != SAR_OK) { + SKFerr(SKF_F_SKF_ECCSIGNDATA, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ECCVerify( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ECCVERIFY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ECCVerify) { + SKFerr(SKF_F_SKF_ECCVERIFY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ECCVerify( + hDev, + pECCPubKeyBlob, + pbData, + ulDataLen, + pSignature)) != SAR_OK) { + SKFerr(SKF_F_SKF_ECCVERIFY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ECCExportSessionKey( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pPubKey, + ECCCIPHERBLOB *pData, + HANDLE *phSessionKey) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ECCEXPORTSESSIONKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ECCExportSessionKey) { + SKFerr(SKF_F_SKF_ECCEXPORTSESSIONKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_cipher_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_ECCEXPORTSESSIONKEY, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->ECCExportSessionKey( + hContainer, + ulAlgId, + pPubKey, + pData, + phSessionKey)) != SAR_OK) { + SKFerr(SKF_F_SKF_ECCEXPORTSESSIONKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ECCDecrypt( + HCONTAINER hContainer, + ECCCIPHERBLOB *pCipherText, + BYTE *pbPlainText, + ULONG *pulPlainTextLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ECCDECRYPT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ECCDecrypt) { + SKFerr(SKF_F_SKF_ECCDECRYPT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ECCDecrypt( + hContainer, + pCipherText, + pbPlainText, + pulPlainTextLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_ECCDECRYPT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtECCEncrypt( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbPlainText, + ULONG ulPlainTextLen, + ECCCIPHERBLOB *pCipherText) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTECCENCRYPT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtECCEncrypt) { + SKFerr(SKF_F_SKF_EXTECCENCRYPT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtECCEncrypt( + hDev, + pECCPubKeyBlob, + pbPlainText, + ulPlainTextLen, + pCipherText)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTECCENCRYPT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtECCDecrypt( + DEVHANDLE hDev, + ECCPRIVATEKEYBLOB *pECCPriKeyBlob, + ECCCIPHERBLOB *pCipherText, + BYTE *pbPlainText, + ULONG *pulPlainTextLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTECCDECRYPT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtECCDecrypt) { + SKFerr(SKF_F_SKF_EXTECCDECRYPT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtECCDecrypt( + hDev, + pECCPriKeyBlob, + pCipherText, + pbPlainText, + pulPlainTextLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTECCDECRYPT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtECCSign( + DEVHANDLE hDev, + ECCPRIVATEKEYBLOB *pECCPriKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTECCSIGN, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtECCSign) { + SKFerr(SKF_F_SKF_EXTECCSIGN, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtECCSign( + hDev, + pECCPriKeyBlob, + pbData, + ulDataLen, + pSignature)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTECCSIGN, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ExtECCVerify( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_EXTECCVERIFY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ExtECCVerify) { + SKFerr(SKF_F_SKF_EXTECCVERIFY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->ExtECCVerify( + hDev, + pECCPubKeyBlob, + pbData, + ulDataLen, + pSignature)) != SAR_OK) { + SKFerr(SKF_F_SKF_EXTECCVERIFY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenerateAgreementDataWithECC( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phAgreementHandle) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenerateAgreementDataWithECC) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_cipher_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->GenerateAgreementDataWithECC( + hContainer, + ulAlgId, + pTempECCPubKeyBlob, + pbID, + ulIDLen, + phAgreementHandle)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC( + HANDLE hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob, + ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + BYTE *pbSponsorID, + ULONG ulSponsorIDLen, + HANDLE *phKeyHandle) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenerateAgreementDataAndKeyWithECC) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_cipher_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->GenerateAgreementDataAndKeyWithECC( + hContainer, + ulAlgId, + pSponsorECCPubKeyBlob, + pSponsorTempECCPubKeyBlob, + pTempECCPubKeyBlob, + pbID, + ulIDLen, + pbSponsorID, + ulSponsorIDLen, + phKeyHandle)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_GenerateKeyWithECC( + HANDLE hAgreementHandle, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phKeyHandle) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_GENERATEKEYWITHECC, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->GenerateKeyWithECC) { + SKFerr(SKF_F_SKF_GENERATEKEYWITHECC, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->GenerateKeyWithECC( + hAgreementHandle, + pECCPubKeyBlob, + pTempECCPubKeyBlob, + pbID, + ulIDLen, + phKeyHandle)) != SAR_OK) { + SKFerr(SKF_F_SKF_GENERATEKEYWITHECC, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_ImportSessionKey( + HCONTAINER hContainer, + ULONG ulAlgId, + BYTE *pbWrapedData, + ULONG ulWrapedLen, + HANDLE *phKey) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_IMPORTSESSIONKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->ImportSessionKey) { + SKFerr(SKF_F_SKF_IMPORTSESSIONKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgId = skf_vendor->get_cipher_algor(ulAlgId))) { + SKFerr(SKF_F_SKF_IMPORTSESSIONKEY, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->ImportSessionKey( + hContainer, + ulAlgId, + pbWrapedData, + ulWrapedLen, + phKey)) != SAR_OK) { + SKFerr(SKF_F_SKF_IMPORTSESSIONKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_SetSymmKey( + DEVHANDLE hDev, + BYTE *pbKey, + ULONG ulAlgID, + HANDLE *phKey) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_SETSYMMKEY, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->SetSymmKey) { + SKFerr(SKF_F_SKF_SETSYMMKEY, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgID = skf_vendor->get_cipher_algor(ulAlgID))) { + SKFerr(SKF_F_SKF_SETSYMMKEY, + SKF_R_NOT_SUPPORTED_CIPHER_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->SetSymmKey( + hDev, + pbKey, + ulAlgID, + phKey)) != SAR_OK) { + SKFerr(SKF_F_SKF_SETSYMMKEY, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EncryptInit( + HANDLE hKey, + BLOCKCIPHERPARAM EncryptParam) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENCRYPTINIT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EncryptInit) { + SKFerr(SKF_F_SKF_ENCRYPTINIT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EncryptInit( + hKey, + EncryptParam)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENCRYPTINIT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_Encrypt( + HANDLE hKey, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENCRYPT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->Encrypt) { + SKFerr(SKF_F_SKF_ENCRYPT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->Encrypt( + hKey, + pbData, + ulDataLen, + pbEncryptedData, + pulEncryptedLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENCRYPT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EncryptUpdate( + HANDLE hKey, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENCRYPTUPDATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EncryptUpdate) { + SKFerr(SKF_F_SKF_ENCRYPTUPDATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EncryptUpdate( + hKey, + pbData, + ulDataLen, + pbEncryptedData, + pulEncryptedLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENCRYPTUPDATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_EncryptFinal( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG *pulEncryptedDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_ENCRYPTFINAL, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->EncryptFinal) { + SKFerr(SKF_F_SKF_ENCRYPTFINAL, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->EncryptFinal( + hKey, + pbEncryptedData, + pulEncryptedDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_ENCRYPTFINAL, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DecryptInit( + HANDLE hKey, + BLOCKCIPHERPARAM DecryptParam) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DECRYPTINIT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DecryptInit) { + SKFerr(SKF_F_SKF_DECRYPTINIT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DecryptInit( + hKey, + DecryptParam)) != SAR_OK) { + SKFerr(SKF_F_SKF_DECRYPTINIT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_Decrypt( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG ulEncryptedLen, + BYTE *pbData, + ULONG *pulDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DECRYPT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->Decrypt) { + SKFerr(SKF_F_SKF_DECRYPT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->Decrypt( + hKey, + pbEncryptedData, + ulEncryptedLen, + pbData, + pulDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DECRYPT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DecryptUpdate( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG ulEncryptedLen, + BYTE *pbData, + ULONG *pulDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DECRYPTUPDATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DecryptUpdate) { + SKFerr(SKF_F_SKF_DECRYPTUPDATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DecryptUpdate( + hKey, + pbEncryptedData, + ulEncryptedLen, + pbData, + pulDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DECRYPTUPDATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DecryptFinal( + HANDLE hKey, + BYTE *pbDecryptedData, + ULONG *pulDecryptedDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DECRYPTFINAL, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DecryptFinal) { + SKFerr(SKF_F_SKF_DECRYPTFINAL, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DecryptFinal( + hKey, + pbDecryptedData, + pulDecryptedDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DECRYPTFINAL, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DigestInit( + DEVHANDLE hDev, + ULONG ulAlgID, + ECCPUBLICKEYBLOB *pPubKey, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phHash) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DIGESTINIT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DigestInit) { + SKFerr(SKF_F_SKF_DIGESTINIT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if (skf_vendor) { + if (!(ulAlgID = skf_vendor->get_digest_algor(ulAlgID))) { + SKFerr(SKF_F_SKF_DIGESTINIT, + SKF_R_NOT_SUPPORTED_DIGEST_ALGOR); + return SAR_NOTSUPPORTYETERR; + } + } + + if ((rv = skf_method->DigestInit( + hDev, + ulAlgID, + pPubKey, + pbID, + ulIDLen, + phHash)) != SAR_OK) { + SKFerr(SKF_F_SKF_DIGESTINIT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_Digest( + HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbHashData, + ULONG *pulHashLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DIGEST, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->Digest) { + SKFerr(SKF_F_SKF_DIGEST, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->Digest( + hHash, + pbData, + ulDataLen, + pbHashData, + pulHashLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DIGEST, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DigestUpdate( + HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DIGESTUPDATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DigestUpdate) { + SKFerr(SKF_F_SKF_DIGESTUPDATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DigestUpdate( + hHash, + pbData, + ulDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DIGESTUPDATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_DigestFinal( + HANDLE hHash, + BYTE *pHashData, + ULONG *pulHashLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_DIGESTFINAL, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->DigestFinal) { + SKFerr(SKF_F_SKF_DIGESTFINAL, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->DigestFinal( + hHash, + pHashData, + pulHashLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_DIGESTFINAL, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_MacInit( + HANDLE hKey, + BLOCKCIPHERPARAM *pMacParam, + HANDLE *phMac) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_MACINIT, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->MacInit) { + SKFerr(SKF_F_SKF_MACINIT, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->MacInit( + hKey, + pMacParam, + phMac)) != SAR_OK) { + SKFerr(SKF_F_SKF_MACINIT, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_Mac( + HANDLE hMac, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbMacData, + ULONG *pulMacLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_MAC, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->Mac) { + SKFerr(SKF_F_SKF_MAC, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->Mac( + hMac, + pbData, + ulDataLen, + pbMacData, + pulMacLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_MAC, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_MacUpdate( + HANDLE hMac, + BYTE *pbData, + ULONG ulDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_MACUPDATE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->MacUpdate) { + SKFerr(SKF_F_SKF_MACUPDATE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->MacUpdate( + hMac, + pbData, + ulDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_MACUPDATE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_MacFinal( + HANDLE hMac, + BYTE *pbMacData, + ULONG *pulMacDataLen) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_MACFINAL, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->MacFinal) { + SKFerr(SKF_F_SKF_MACFINAL, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->MacFinal( + hMac, + pbMacData, + pulMacDataLen)) != SAR_OK) { + SKFerr(SKF_F_SKF_MACFINAL, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + +ULONG DEVAPI SKF_CloseHandle( + HANDLE hHandle) +{ + ULONG rv; + + if (!skf_method) { + SKFerr(SKF_F_SKF_CLOSEHANDLE, + SKF_R_SKF_METHOD_NOT_INITIALIZED); + return SAR_NOTINITIALIZEERR; + } + + if (!skf_method->CloseHandle) { + SKFerr(SKF_F_SKF_CLOSEHANDLE, + SKF_R_FUNCTION_NOT_SUPPORTED); + return SAR_NOTSUPPORTYETERR; + } + + if ((rv = skf_method->CloseHandle( + hHandle)) != SAR_OK) { + SKFerr(SKF_F_SKF_CLOSEHANDLE, skf_get_error_reason(rv)); + return rv; + } + + return SAR_OK; +} + diff --git a/crypto/skf/skf_meth.c b/crypto/skf/skf_meth.c index 2e742552..d932b6e3 100644 --- a/crypto/skf/skf_meth.c +++ b/crypto/skf/skf_meth.c @@ -48,107 +48,123 @@ */ #include +#include #include "internal/dso.h" -#include "internal/skf_meth.h" +#include "internal/skf_int.h" + + +#define SKF_METHOD_BIND_FUNCTION_EX(func,name) \ + skf->func = (SKF_##func##_FuncPtr)DSO_bind_func(skf->dso, "SKF_"#name) + +#define SKF_METHOD_BIND_FUNCTION(func) \ + SKF_METHOD_BIND_FUNCTION_EX(func,func) + SKF_METHOD *SKF_METHOD_load_library(const char *so_path) { SKF_METHOD *ret = NULL; SKF_METHOD *skf = NULL; - DSO *dso = NULL; - if (!(dso = DSO_load(NULL, so_path, NULL, 0))) { - goto end; - } if (!(skf = OPENSSL_zalloc(sizeof(*skf)))) { + SKFerr(SKF_F_SKF_METHOD_LOAD_LIBRARY, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(skf->dso = DSO_load(NULL, so_path, NULL, 0))) { + SKFerr(SKF_F_SKF_METHOD_LOAD_LIBRARY, SKF_R_DSO_LOAD_FAILURE); goto end; } - skf->WaitForDevEvent = (SKF_WaitForDevEvent_FuncPtr)DSO_bind_func(dso, "SKF_WaitForDevEvent"); - skf->CancelWaitForDevEvent = (SKF_CancelWaitForDevEvent_FuncPtr)DSO_bind_func(dso, "SKF_CancelWaitForDevEvent"); - skf->EnumDev = (SKF_EnumDev_FuncPtr)DSO_bind_func(dso, "SKF_EnumDev"); - skf->ConnectDev = (SKF_ConnectDev_FuncPtr)DSO_bind_func(dso, "SKF_ConnectDev"); - skf->DisConnectDev = (SKF_DisConnectDev_FuncPtr)DSO_bind_func(dso, "SKF_DisConnectDev"); - skf->GetDevState = (SKF_GetDevState_FuncPtr)DSO_bind_func(dso, "SKF_GetDevState"); - skf->SetLabel = (SKF_SetLabel_FuncPtr)DSO_bind_func(dso, "SKF_SetLabel"); - skf->GetDevInfo = (SKF_GetDevInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetDevInfo"); - skf->LockDev = (SKF_LockDev_FuncPtr)DSO_bind_func(dso, "SKF_LockDev"); - skf->UnlockDev = (SKF_UnlockDev_FuncPtr)DSO_bind_func(dso, "SKF_UnlockDev"); - skf->Transmit = (SKF_Transmit_FuncPtr)DSO_bind_func(dso, "SKF_Transmit"); - skf->ChangeDevAuthKey = (SKF_ChangeDevAuthKey_FuncPtr)DSO_bind_func(dso, "SKF_ChangeDevAuthKey"); - skf->DevAuth = (SKF_DevAuth_FuncPtr)DSO_bind_func(dso, "SKF_DevAuth"); - skf->ChangePIN = (SKF_ChangePIN_FuncPtr)DSO_bind_func(dso, "SKF_ChangePIN"); - skf->GetPINInfo = (SKF_GetPINInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetPINInfo"); - skf->VerifyPIN = (SKF_VerifyPIN_FuncPtr)DSO_bind_func(dso, "SKF_VerifyPIN"); - skf->UnblockPIN = (SKF_UnblockPIN_FuncPtr)DSO_bind_func(dso, "SKF_UnblockPIN"); - skf->ClearSecureState = (SKF_ClearSecureState_FuncPtr)DSO_bind_func(dso, "SKF_ClearSecureState"); - skf->CreateApplication = (SKF_CreateApplication_FuncPtr)DSO_bind_func(dso, "SKF_CreateApplication"); - skf->EnumApplication = (SKF_EnumApplication_FuncPtr)DSO_bind_func(dso, "SKF_EnumApplication"); - skf->DeleteApplication = (SKF_DeleteApplication_FuncPtr)DSO_bind_func(dso, "SKF_DeleteApplication"); - skf->OpenApplication = (SKF_OpenApplication_FuncPtr)DSO_bind_func(dso, "SKF_OpenApplication"); - skf->CloseApplication = (SKF_CloseApplication_FuncPtr)DSO_bind_func(dso, "SKF_CloseApplication"); - skf->CreateFileObject = (SKF_CreateFile_FuncPtr)DSO_bind_func(dso, "SKF_CreateFile"); - skf->DeleteFileObject = (SKF_DeleteFile_FuncPtr)DSO_bind_func(dso, "SKF_DeleteFile"); - skf->EnumFiles = (SKF_EnumFiles_FuncPtr)DSO_bind_func(dso, "SKF_EnumFiles"); - skf->GetFileInfo = (SKF_GetFileInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetFileInfo"); - skf->ReadFileObject = (SKF_ReadFile_FuncPtr)DSO_bind_func(dso, "SKF_ReadFile"); - skf->WriteFileObject = (SKF_WriteFile_FuncPtr)DSO_bind_func(dso, "SKF_WriteFile"); - skf->CreateContainer = (SKF_CreateContainer_FuncPtr)DSO_bind_func(dso, "SKF_CreateContainer"); - skf->DeleteContainer = (SKF_DeleteContainer_FuncPtr)DSO_bind_func(dso, "SKF_DeleteContainer"); - skf->EnumContainer = (SKF_EnumContainer_FuncPtr)DSO_bind_func(dso, "SKF_EnumContainer"); - skf->OpenContainer = (SKF_OpenContainer_FuncPtr)DSO_bind_func(dso, "SKF_OpenContainer"); - skf->CloseContainer = (SKF_CloseContainer_FuncPtr)DSO_bind_func(dso, "SKF_CloseContainer"); - skf->GetContainerType = (SKF_GetContainerType_FuncPtr)DSO_bind_func(dso, "SKF_GetContainerType"); - skf->ImportCertificate = (SKF_ImportCertificate_FuncPtr)DSO_bind_func(dso, "SKF_ImportCertificate"); - skf->ExportCertificate = (SKF_ExportCertificate_FuncPtr)DSO_bind_func(dso, "SKF_ExportCertificate"); - skf->ExportPublicKey = (SKF_ExportPublicKey_FuncPtr)DSO_bind_func(dso, "SKF_ExportPublicKey"); - skf->GenRandom = (SKF_GenRandom_FuncPtr)DSO_bind_func(dso, "SKF_GenRandom"); - skf->GenExtRSAKey = (SKF_GenExtRSAKey_FuncPtr)DSO_bind_func(dso, "SKF_GenExtRSAKey"); - skf->GenRSAKeyPair = (SKF_GenRSAKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_GenRSAKeyPair"); - skf->ImportRSAKeyPair = (SKF_ImportRSAKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_ImportRSAKeyPair"); - skf->RSASignData = (SKF_RSASignData_FuncPtr)DSO_bind_func(dso, "SKF_RSASignData"); - skf->RSAVerify = (SKF_RSAVerify_FuncPtr)DSO_bind_func(dso, "SKF_RSAVerify"); - skf->RSAExportSessionKey = (SKF_RSAExportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_RSAExportSessionKey"); - skf->ExtRSAPubKeyOperation = (SKF_ExtRSAPubKeyOperation_FuncPtr)DSO_bind_func(dso, "SKF_ExtRSAPubKeyOperation"); - skf->ExtRSAPriKeyOperation = (SKF_ExtRSAPriKeyOperation_FuncPtr)DSO_bind_func(dso, "SKF_ExtRSAPriKeyOperation"); - skf->GenECCKeyPair = (SKF_GenECCKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_GenECCKeyPair"); - skf->ImportECCKeyPair = (SKF_ImportECCKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_ImportECCKeyPair"); - skf->ECCSignData = (SKF_ECCSignData_FuncPtr)DSO_bind_func(dso, "SKF_ECCSignData"); - skf->ECCVerify = (SKF_ECCVerify_FuncPtr)DSO_bind_func(dso, "SKF_ECCVerify"); - skf->ECCExportSessionKey = (SKF_ECCExportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_ECCExportSessionKey"); - skf->ExtECCEncrypt = (SKF_ExtECCEncrypt_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCEncrypt"); - skf->ExtECCDecrypt = (SKF_ExtECCDecrypt_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCDecrypt"); - skf->ExtECCSign = (SKF_ExtECCSign_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCSign"); - skf->ExtECCVerify = (SKF_ExtECCVerify_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCVerify"); - skf->GenerateAgreementDataWithECC = (SKF_GenerateAgreementDataWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateAgreementDataWithECC"); - skf->GenerateAgreementDataAndKeyWithECC = (SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateAgreementDataAndKeyWithECC"); - skf->GenerateKeyWithECC = (SKF_GenerateKeyWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateKeyWithECC"); - skf->ImportSessionKey = (SKF_ImportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_ImportSessionKey"); - skf->SetSymmKey = (SKF_SetSymmKey_FuncPtr)DSO_bind_func(dso, "SKF_SetSymmKey"); - skf->EncryptInit = (SKF_EncryptInit_FuncPtr)DSO_bind_func(dso, "SKF_EncryptInit"); - skf->Encrypt = (SKF_Encrypt_FuncPtr)DSO_bind_func(dso, "SKF_Encrypt"); - skf->EncryptUpdate = (SKF_EncryptUpdate_FuncPtr)DSO_bind_func(dso, "SKF_EncryptUpdate"); - skf->EncryptFinal = (SKF_EncryptFinal_FuncPtr)DSO_bind_func(dso, "SKF_EncryptFinal"); - skf->DecryptInit = (SKF_DecryptInit_FuncPtr)DSO_bind_func(dso, "SKF_DecryptInit"); - skf->Decrypt = (SKF_Decrypt_FuncPtr)DSO_bind_func(dso, "SKF_Decrypt"); - skf->DecryptUpdate = (SKF_DecryptUpdate_FuncPtr)DSO_bind_func(dso, "SKF_DecryptUpdate"); - skf->DecryptFinal = (SKF_DecryptFinal_FuncPtr)DSO_bind_func(dso, "SKF_DecryptFinal"); - skf->DigestInit = (SKF_DigestInit_FuncPtr)DSO_bind_func(dso, "SKF_DigestInit"); - skf->Digest = (SKF_Digest_FuncPtr)DSO_bind_func(dso, "SKF_Digest"); - skf->DigestUpdate = (SKF_DigestUpdate_FuncPtr)DSO_bind_func(dso, "SKF_DigestUpdate"); - skf->DigestFinal = (SKF_DigestFinal_FuncPtr)DSO_bind_func(dso, "SKF_DigestFinal"); - skf->MacInit = (SKF_MacInit_FuncPtr)DSO_bind_func(dso, "SKF_MacInit"); - skf->Mac = (SKF_Mac_FuncPtr)DSO_bind_func(dso, "SKF_Mac"); - skf->MacUpdate = (SKF_MacUpdate_FuncPtr)DSO_bind_func(dso, "SKF_MacUpdate"); - skf->MacFinal = (SKF_MacFinal_FuncPtr)DSO_bind_func(dso, "SKF_MacFinal"); - skf->CloseHandle = (SKF_CloseHandle_FuncPtr)DSO_bind_func(dso, "SKF_CloseHandle"); + SKF_METHOD_BIND_FUNCTION(WaitForDevEvent); + SKF_METHOD_BIND_FUNCTION(CancelWaitForDevEvent); + SKF_METHOD_BIND_FUNCTION(EnumDev); + SKF_METHOD_BIND_FUNCTION(ConnectDev); + SKF_METHOD_BIND_FUNCTION(DisConnectDev); + SKF_METHOD_BIND_FUNCTION(GetDevState); + SKF_METHOD_BIND_FUNCTION(SetLabel); + SKF_METHOD_BIND_FUNCTION(GetDevInfo); + SKF_METHOD_BIND_FUNCTION(LockDev); + SKF_METHOD_BIND_FUNCTION(UnlockDev); + SKF_METHOD_BIND_FUNCTION(Transmit); + SKF_METHOD_BIND_FUNCTION(ChangeDevAuthKey); + SKF_METHOD_BIND_FUNCTION(DevAuth); + SKF_METHOD_BIND_FUNCTION(ChangePIN); + SKF_METHOD_BIND_FUNCTION(GetPINInfo); + SKF_METHOD_BIND_FUNCTION(VerifyPIN); + SKF_METHOD_BIND_FUNCTION(UnblockPIN); + SKF_METHOD_BIND_FUNCTION(ClearSecureState); + SKF_METHOD_BIND_FUNCTION(CreateApplication); + SKF_METHOD_BIND_FUNCTION(EnumApplication); + SKF_METHOD_BIND_FUNCTION(DeleteApplication); + SKF_METHOD_BIND_FUNCTION(OpenApplication); + SKF_METHOD_BIND_FUNCTION(CloseApplication); + SKF_METHOD_BIND_FUNCTION_EX(CreateObject,CreateFile); + SKF_METHOD_BIND_FUNCTION_EX(DeleteObject,DeleteFile); + SKF_METHOD_BIND_FUNCTION_EX(EnumObjects,EnumFiles); + SKF_METHOD_BIND_FUNCTION_EX(GetObjectInfo,GetFileInfo); + SKF_METHOD_BIND_FUNCTION_EX(ReadObject,ReadFile); + SKF_METHOD_BIND_FUNCTION_EX(WriteObject,WriteFile); + SKF_METHOD_BIND_FUNCTION(CreateContainer); + SKF_METHOD_BIND_FUNCTION(DeleteContainer); + SKF_METHOD_BIND_FUNCTION(EnumContainer); + SKF_METHOD_BIND_FUNCTION(OpenContainer); + SKF_METHOD_BIND_FUNCTION(CloseContainer); + SKF_METHOD_BIND_FUNCTION(GetContainerType); + SKF_METHOD_BIND_FUNCTION(ImportCertificate); + SKF_METHOD_BIND_FUNCTION(ExportCertificate); + SKF_METHOD_BIND_FUNCTION(ExportPublicKey); + SKF_METHOD_BIND_FUNCTION(GenRandom); + SKF_METHOD_BIND_FUNCTION(GenExtRSAKey); + SKF_METHOD_BIND_FUNCTION(GenRSAKeyPair); + SKF_METHOD_BIND_FUNCTION(ImportRSAKeyPair); + SKF_METHOD_BIND_FUNCTION(RSASignData); + SKF_METHOD_BIND_FUNCTION(RSAVerify); + SKF_METHOD_BIND_FUNCTION(RSAExportSessionKey); + SKF_METHOD_BIND_FUNCTION(ExtRSAPubKeyOperation); + SKF_METHOD_BIND_FUNCTION(ExtRSAPriKeyOperation); + SKF_METHOD_BIND_FUNCTION(GenECCKeyPair); + SKF_METHOD_BIND_FUNCTION(ImportECCKeyPair); + SKF_METHOD_BIND_FUNCTION(ECCSignData); + SKF_METHOD_BIND_FUNCTION(ECCVerify); + SKF_METHOD_BIND_FUNCTION(ECCExportSessionKey); + SKF_METHOD_BIND_FUNCTION(ExtECCEncrypt); + SKF_METHOD_BIND_FUNCTION(ExtECCDecrypt); + SKF_METHOD_BIND_FUNCTION(ECCDecrypt); + SKF_METHOD_BIND_FUNCTION(ExtECCSign); + SKF_METHOD_BIND_FUNCTION(ExtECCVerify); + SKF_METHOD_BIND_FUNCTION(GenerateAgreementDataWithECC); + SKF_METHOD_BIND_FUNCTION(GenerateAgreementDataAndKeyWithECC); + SKF_METHOD_BIND_FUNCTION(GenerateKeyWithECC); + SKF_METHOD_BIND_FUNCTION(ImportSessionKey); + SKF_METHOD_BIND_FUNCTION(SetSymmKey); + SKF_METHOD_BIND_FUNCTION(EncryptInit); + SKF_METHOD_BIND_FUNCTION(Encrypt); + SKF_METHOD_BIND_FUNCTION(EncryptUpdate); + SKF_METHOD_BIND_FUNCTION(EncryptFinal); + SKF_METHOD_BIND_FUNCTION(DecryptInit); + SKF_METHOD_BIND_FUNCTION(Decrypt); + SKF_METHOD_BIND_FUNCTION(DecryptUpdate); + SKF_METHOD_BIND_FUNCTION(DecryptFinal); + SKF_METHOD_BIND_FUNCTION(DigestInit); + SKF_METHOD_BIND_FUNCTION(Digest); + SKF_METHOD_BIND_FUNCTION(DigestUpdate); + SKF_METHOD_BIND_FUNCTION(DigestFinal); + SKF_METHOD_BIND_FUNCTION(MacInit); + SKF_METHOD_BIND_FUNCTION(Mac); + SKF_METHOD_BIND_FUNCTION(MacUpdate); + SKF_METHOD_BIND_FUNCTION(MacFinal); + SKF_METHOD_BIND_FUNCTION(CloseHandle); ret = skf; skf = NULL; end: - OPENSSL_free(skf); - DSO_free(dso); + SKF_METHOD_free(skf); return ret; } +void SKF_METHOD_free(SKF_METHOD *meth) +{ + if (meth) + DSO_free(meth->dso); + OPENSSL_free(meth); +} diff --git a/crypto/skf/skf_wisec.c b/crypto/skf/skf_wisec.c new file mode 100644 index 00000000..ea322717 --- /dev/null +++ b/crypto/skf/skf_wisec.c @@ -0,0 +1,200 @@ +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include "internal/skf_int.h" +#include "../../e_os.h" +#include "skf_wisec.h" + +typedef struct { + ULONG std_id; + ULONG vendor_id; +} SKF_ALGOR_PAIR; + +static SKF_ALGOR_PAIR wisec_ciphers[] = { + { SGD_SM1, WISEC_SM1 }, + { SGD_SM1_ECB, WISEC_SM1_ECB }, + { SGD_SM1_CBC, WISEC_SM1_CBC }, + { SGD_SM1_CFB, WISEC_SM1_CFB }, + { SGD_SM1_OFB, WISEC_SM1_OFB }, + { SGD_SM1_MAC, WISEC_SM1_MAC }, + { SGD_SM4, WISEC_SM4 }, + { SGD_SM4_ECB, WISEC_SM4_ECB }, + { SGD_SM4_CBC, WISEC_SM4_CBC }, + { SGD_SM4_CFB, WISEC_SM4_CFB }, + { SGD_SM4_OFB, WISEC_SM4_OFB }, + { SGD_SM4_MAC, WISEC_SM4_MAC }, + { SGD_SSF33, WISEC_SSF33 }, + { SGD_SSF33_ECB, WISEC_SSF33_ECB }, + { SGD_SSF33_CBC, WISEC_SSF33_CBC }, + { SGD_SSF33_CFB, WISEC_SSF33_CFB }, + { SGD_SSF33_OFB, WISEC_SSF33_OFB }, + { SGD_SSF33_MAC, WISEC_SSF33_MAC }, +}; + +static ULONG wisec_get_cipher_algor(ULONG vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(wisec_ciphers); i++) { + if (vendor_id == wisec_ciphers[i].vendor_id) { + return wisec_ciphers[i].std_id; + } + } + return 0; +} + +static ULONG wisec_get_cipher_cap(ULONG vendor_cap) +{ + ULONG std_cap = 0; + int i; + for (i = 0; i < OSSL_NELEM(wisec_ciphers); i++) { + if (vendor_cap & wisec_ciphers[i].vendor_id) { + std_cap |= wisec_ciphers[i].std_id; + } + } + return std_cap; +} + +static SKF_ALGOR_PAIR wisec_digests[] = { + { SGD_SM3, WISEC_SM3 }, + { SGD_SHA1, WISEC_SHA1 }, + { SGD_SHA256, WISEC_SHA256 }, +}; + +static ULONG wisec_get_digest_algor(ULONG vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(wisec_digests); i++) { + if (vendor_id == wisec_digests[i].vendor_id) { + return wisec_digests[i].std_id; + } + } + return 0; +} + +static ULONG wisec_get_digest_cap(ULONG vendor_cap) +{ + ULONG std_cap = 0; + int i; + for (i = 0; i < OSSL_NELEM(wisec_digests); i++) { + if (vendor_cap & wisec_digests[i].vendor_id) { + std_cap |= wisec_digests[i].std_id; + } + } + return std_cap; +} + +static SKF_ALGOR_PAIR wisec_pkeys[] = { + { SGD_RSA, WISEC_RSA }, + { SGD_RSA_SIGN, WISEC_RSA_SIGN }, + { SGD_RSA_ENC, WISEC_RSA_ENC }, + { SGD_SM2, WISEC_SM2 }, + { SGD_SM2_1, WISEC_SM2_1 }, + { SGD_SM2_2, WISEC_SM2_2 }, + { SGD_SM2_3, WISEC_SM2_3 }, +}; + +static ULONG wisec_get_pkey_algor(ULONG vendor_id) +{ + int i; + for (i = 0; i < OSSL_NELEM(wisec_pkeys); i++) { + if (vendor_id == wisec_pkeys[i].vendor_id) { + return wisec_pkeys[i].std_id; + } + } + return 0; +} + +static ULONG wisec_get_pkey_cap(ULONG vendor_cap) +{ + ULONG std_cap = 0; + int i; + for (i = 0; i < OSSL_NELEM(wisec_pkeys); i++) { + if (vendor_cap & wisec_pkeys[i].vendor_id) { + std_cap |= wisec_pkeys[i].std_id; + } + } + return std_cap; +} + +static SKF_ERR_REASON wisec_errors[] = { + { WISEC_AUTH_BLOCKED, SKF_R_WISEC_AUTH_BLOCKED }, + { WISEC_CERTNOUSAGEERR, SKF_R_WISEC_CERTNOUSAGEERR }, + { WISEC_INVALIDCONTAINERERR, SKF_R_WISEC_INVALIDCONTAINERERR }, + { WISEC_CONTAINER_NOT_EXISTS, SKF_R_WISEC_CONTAINER_NOT_EXISTS }, + { WISEC_CONTAINER_EXISTS, SKF_R_WISEC_CONTAINER_EXISTS }, + { WISEC_CERTUSAGEERR, SKF_R_WISEC_CERTUSAGEERR }, + { WISEC_KEYNOUSAGEERR, SKF_R_WISEC_KEYNOUSAGEERR }, + { WISEC_FILEATTRIBUTEERR, SKF_R_WISEC_FILEATTRIBUTEERR }, + { WISEC_DEVNOAUTH, SKF_R_WISEC_DEVNOAUTH }, +}; + +static unsigned long wisec_get_error_reason(ULONG err) +{ + int i = 0; + for (i = 0; i < OSSL_NELEM(wisec_errors); i++) { + if (err == wisec_errors[i].err) { + return wisec_errors[i].reason; + } + } + return 0; +} + +SKF_VENDOR skf_wisec = { + "wisec", + 16, + wisec_get_cipher_algor, + wisec_get_cipher_cap, + wisec_get_digest_algor, + wisec_get_digest_cap, + wisec_get_pkey_algor, + wisec_get_pkey_cap, + wisec_get_error_reason, +}; diff --git a/crypto/skf/skf_wisec.h b/crypto/skf/skf_wisec.h new file mode 100644 index 00000000..ddbcae61 --- /dev/null +++ b/crypto/skf/skf_wisec.h @@ -0,0 +1,157 @@ +/* ==================================================================== + * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#ifndef HEADER_SKF_WISEC_H +#define HEADER_SKF_WISEC_H + +#include +#include + + +#define WISEC_SM1 (SGD_SM1) +#define WISEC_SM1_ECB (SGD_SM1_ECB) +#define WISEC_SM1_CBC (SGD_SM1_CBC) +#define WISEC_SM1_CFB (SGD_SM1_CFB) +#define WISEC_SM1_OFB (SGD_SM1_OFB) +#define WISEC_SM1_MAC (SGD_SM1_MAC) + +#define WISEC_SSF33 (SGD_SSF33) +#define WISEC_SSF33_ECB (SGD_SSF33_ECB) +#define WISEC_SSF33_CBC (SGD_SSF33_CBC) +#define WISEC_SSF33_CFB (SGD_SSF33_CFB) +#define WISEC_SSF33_OFB (SGD_SSF33_OFB) +#define WISEC_SSF33_MAC (SGD_SSF33_MAC) + +#define WISEC_SM4 (SGD_SM4) +#define WISEC_SM4_ECB (WISEC_SM4|SGD_ECB) +#define WISEC_SM4_CBC (WISEC_SM4|SGD_CBC) +#define WISEC_SM4_CFB (WISEC_SM4|SGD_CFB) +#define WISEC_SM4_OFB (WISEC_SM4|SGD_OFB) +#define WISEC_SM4_MAC (WISEC_SM4|SGD_MAC) + +#define WISEC_AES 0x00000800 +#define WISEC_128 0x00000000 +#define WISEC_192 0x00000010 +#define WISEC_256 0x00000020 +#define WISEC_AES128 (WISEC_AES|WISEC_128) +#define WISEC_AES192 (WISEC_AES|WISEC_192) +#define WISEC_AES256 (WISEC_AES|WISEC_256) +#define WISEC_AES128_ECB (WISEC_AES128|SGD_ECB) +#define WISEC_AES128_CBC (WISEC_AES128|SGD_CBC) +#define WISEC_AES128_CFB (WISEC_AES128|SGD_CFB) +#define WISEC_AES128_OFB (WISEC_AES128|SGD_OFB) +#define WISEC_AES128_MAC (WISEC_AES128|SGD_MAC) +#define WISEC_AES192_ECB (WISEC_AES192|SGD_ECB) +#define WISEC_AES192_CBC (WISEC_AES192|SGD_CBC) +#define WISEC_AES192_CFB (WISEC_AES192|SGD_CFB) +#define WISEC_AES192_OFB (WISEC_AES192|SGD_OFB) +#define WISEC_AES192_MAC (WISEC_AES192|SGD_MAC) +#define WISEC_AES256_ECB (WISEC_AES256|SGD_ECB) +#define WISEC_AES256_CBC (WISEC_AES256|SGD_CBC) +#define WISEC_AES256_CFB (WISEC_AES256|SGD_CFB) +#define WISEC_AES256_OFB (WISEC_AES256|SGD_OFB) +#define WISEC_AES256_MAC (WISEC_AES256|SGD_MAC) + +#define WISEC_DES 0x00001000 +#define WISEC_DES_ECB (WISEC_DES|SGD_ECB) +#define WISEC_DES_CBC (WISEC_DES|SGD_CBC) +#define WISEC_DES_CFB (WISEC_DES|SGD_CFB) +#define WISEC_DES_OFB (WISEC_DES|SGD_OFB) +#define WISEC_DES_MAC (WISEC_DES|SGD_MAC) + +#define WISEC_D3DES 0x00001010 +#define WISEC_D3DES_ECB (WISEC_D3DES|SGD_ECB) +#define WISEC_D3DES_CBC (WISEC_D3DES|SGD_CBC) +#define WISEC_D3DES_CFB (WISEC_D3DES|SGD_CFB) +#define WISEC_D3DES_OFB (WISEC_D3DES|SGD_OFB) +#define WISEC_D3DES_MAC (WISEC_D3DES|SGD_MAC) + +#define WISEC_T3DES 0x00001020 +#define WISEC_T3DES_ECB (WISEC_T3DES|SGD_ECB) +#define WISEC_T3DES_CBC (WISEC_T3DES|SGD_CBC) +#define WISEC_T3DES_CFB (WISEC_T3DES|SGD_CFB) +#define WISEC_T3DES_OFB (WISEC_T3DES|SGD_OFB) +#define WISEC_T3DES_MAC (WISEC_T3DES|SGD_MAC) + +#define WISEC_SM3 (SGD_SM3) +#define WISEC_SHA1 (SGD_SHA1) +#define WISEC_SHA256 (SGD_SHA256) + +#define WISEC_RSA (SGD_RSA) +#define WISEC_RSA_SIGN (SGD_RSA_SIGN) +#define WISEC_RSA_ENC (SGD_RSA_ENC) +#define WISEC_SM2 (SGD_SM2) +#define WISEC_SM2_1 (SGD_SM2_1) +#define WISEC_SM2_2 (SGD_SM2_2) +#define WISEC_SM2_3 (SGD_SM2_3) + + +#define WISEC_AUTH_BLOCKED 0x0A000033 +#define WISEC_CERTNOUSAGEERR 0x0A000034 +#define WISEC_INVALIDCONTAINERERR 0x0A000035 +#define WISEC_CONTAINER_NOT_EXISTS 0x0A000036 +#define WISEC_CONTAINER_EXISTS 0x0A000037 +#define WISEC_CERTUSAGEERR 0x0A000038 +#define WISEC_KEYNOUSAGEERR 0x0A000039 +#define WISEC_FILEATTRIBUTEERR 0x0A00003A +#define WISEC_DEVNOAUTH 0x0A00003B + +/* +ULONG DEVAPI SKFE_SetSN(DEVHANDLE hDev, CHAR *SN, UINT SNLen); +ULONG DEVAPI SKFE_GenExtECCKey(DEVHANDLE hDev, PECCPRIVATEKEYBLOB pPriBlob, PECCPUBLICKEYBLOB pPubBlob); +ULONG DEVAPI SKF_ECCDecrypt(HCONTAINER hContainer, PECCCIPHERBLOB pCipherText, BYTE *pbPlainText,ULONG *pulPlainTextLen); +ULONG DEVAPI SKF_GenerateKey(HCONTAINER hContainer, ULONG ulAlgId, HANDLE *phSessionKey) ; +ULONG DEVAPI SKF_ECCExportSessionKeyByHandle(HANDLE phSessionKey, ECCPUBLICKEYBLOB *pPubKey,PECCCIPHERBLOB pData); +ULONG DEVAPI SKF_RSAExportSessionKeyByHandle(HANDLE phSessionKey, RSAPUBLICKEYBLOB*pPubKey,BYTE *pbData, ULONG *pulDataLen); +ULONG DEVAPI SKF_PrvKeyDecrypt(HCONTAINER hContainer, PECCCIPHERBLOB pCipherText, BYTE *pbData, ULONG *pbDataLen); +ULONG DEVAPI SKF_PrvKeyDecrypt(HCONTAINER hContainer, ULONG ulType, PECCCIPHERBLOB pCipherText, BYTE *pbData, ULONG *pbDataLen); +ULONG DEVAPI SKF_RSAPrvKeyDecrypt(HCONTAINER hContainer, BYTE *pCipherData, ULONG pCipherDataLen, BYTE *pbData, ULONG *pbDataLen); +*/ + +#endif diff --git a/crypto/sm2/build.info b/crypto/sm2/build.info index b5dc0873..99756700 100644 --- a/crypto/sm2/build.info +++ b/crypto/sm2/build.info @@ -1,3 +1,3 @@ -LIBS=../../libcrypto -SOURCE[../../libcrypto]=sm2_err.c sm2_asn1.c sm2_id.c sm2_sign.c sm2_enc.c \ - sm2_oct.c sm2_exch.c sm2_kmeth.c +LIBS=../../libcrypto +SOURCE[../../libcrypto]=sm2_err.c sm2_asn1.c sm2_id.c sm2_sign.c sm2_enc.c \ + sm2_oct.c sm2_exch.c sm2_kmeth.c sm2_ctrl.c diff --git a/crypto/sm2/sm2_asn1.c b/crypto/sm2/sm2_asn1.c index 68392903..cf88bfe0 100644 --- a/crypto/sm2/sm2_asn1.c +++ b/crypto/sm2/sm2_asn1.c @@ -66,3 +66,8 @@ ASN1_SEQUENCE(SM2CiphertextValue) = { } ASN1_SEQUENCE_END(SM2CiphertextValue) IMPLEMENT_ASN1_FUNCTIONS(SM2CiphertextValue) IMPLEMENT_ASN1_DUP_FUNCTION(SM2CiphertextValue) + +int SM2CiphertextValue_size(const EC_GROUP *group, int inlen) +{ + return 1024; +} diff --git a/crypto/sm2/sm2_ctrl.c b/crypto/sm2/sm2_ctrl.c new file mode 100644 index 00000000..5e20e8c6 --- /dev/null +++ b/crypto/sm2/sm2_ctrl.c @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include + +#ifdef OPENSSL_NO_MACRO +int EVP_PKEY_CTX_set_ec_scheme(EVP_PKEY_CTX *ctx, int scheme) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT| + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_SCHEME, scheme, NULL); +} + +int EVP_PKEY_CTX_get_ec_scheme(EVP_PKEY_CTX *ctx, int scheme) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT| + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_EC_SCHEME, -2, NULL); +} + +int EVP_PKEY_CTX_set_signer_id(EVP_PKEY_CTX *ctx, const char *id) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_SIGNER_ID, 0, (void *)id); +} + +int EVP_PKEY_CTX_get_signer_id(EVP_PKEY_CTX *ctx, const char *id) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_SIGNER_ID, 0, (void *)pid) +} + +int EVP_PKEY_CTX_get_signer_zid(EVP_PKEY_CTX *ctx, unsigned char **pzid) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_SIGNER_ZID, 0, (void *)pzid); +} + +int EVP_PKEY_CTX_set_ec_encrypt_param(EVP_PKEY_CTX *ctx, int param) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, + EVP_PKEY_CTRL_EC_ENCRYPT_PARAM, param, NULL); +} + +int EVP_PKEY_CTX_get_ec_encrypt_param(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, + EVP_PKEY_CTRL_EC_ENCRYPT_PARAM, -2, NULL); +} +#endif diff --git a/crypto/sm2/sm2_enc.c b/crypto/sm2/sm2_enc.c index 49084554..05e4f7bd 100644 --- a/crypto/sm2/sm2_enc.c +++ b/crypto/sm2/sm2_enc.c @@ -246,9 +246,9 @@ int SM2_encrypt(int type, const unsigned char *in, size_t inlen, } if (!out) { - *outlen = i2d_SM2CiphertextValue(cv, NULL); + *outlen = i2d_SM2CiphertextValue(cv, NULL) + 96; ret = 1; - } else if (*outlen < i2d_SM2CiphertextValue(cv, NULL)) { + } else if (*outlen < i2d_SM2CiphertextValue(cv, NULL) + 64) { SM2err(SM2_F_SM2_ENCRYPT, SM2_R_BUFFER_TOO_SMALL); ret = 0; } else { @@ -266,48 +266,54 @@ int SM2_decrypt(int type, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key) { int ret = 0; - SM2CiphertextValue *cv = NULL; const EVP_MD *md; + const unsigned char *p; + SM2CiphertextValue *cv = NULL; + /* check arguments */ + if (!(md = EVP_get_digestbynid(type))) { + SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_DIGEST_ALGOR); + return 0; + } if (!in) { SM2err(SM2_F_SM2_DECRYPT, ERR_R_PASSED_NULL_PARAMETER); return 0; } - if (inlen <= 0 || inlen > INT_MAX) { SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_INPUT_LENGTH); return 0; } - if (!out) { - *outlen = inlen; - return 1; - } else if (*outlen < inlen) { - SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL); - return 0; - } - - if (!(md = EVP_get_digestbynid(type))) { - SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_DIGEST_ALGOR); - return 0; - } - - if (!(cv = d2i_SM2CiphertextValue(NULL, &in, (long)inlen))) { + /* decode asn.1 and check no data remaining */ + p = in; + if (!(cv = d2i_SM2CiphertextValue(NULL, &p, (long)inlen))) { SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_CIPHERTEXT); return 0; } - - if (inlen != i2d_SM2CiphertextValue(cv, NULL)) { + if (p != in + inlen) { SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_CIPHERTEXT); goto end; } + /* return or check output length */ + if (!out) { + *outlen = ASN1_STRING_length(cv->ciphertext); + ret = 1; + goto end; + } else if (*outlen < ASN1_STRING_length(cv->ciphertext)) { + SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL); + ret = 0; + goto end; + } + + /* do decrypt */ if (!SM2_do_decrypt(md, cv, out, outlen, ec_key)) { SM2err(SM2_F_SM2_DECRYPT, SM2_R_DECRYPT_FAILURE); goto end; } ret = 1; + end: SM2CiphertextValue_free(cv); return ret; diff --git a/crypto/sm2/sm2_exch.c b/crypto/sm2/sm2_exch.c index 2b81d7ae..cb8587e8 100644 --- a/crypto/sm2/sm2_exch.c +++ b/crypto/sm2/sm2_exch.c @@ -45,7 +45,6 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== - * */ #include @@ -577,10 +576,11 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum, return 1; } -int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - const EC_KEY *ec_key, KDF_FUNC kdf_f) +int SM2_compute_share_key(unsigned char *out, size_t *outlen, + const EC_POINT *peer_ephem, EC_KEY *ephem, + const EC_POINT *peer_pk, const unsigned char *peer_z, size_t peer_zlen, + const unsigned char *z, size_t zlen, EC_KEY *sk, int initiator) { - - - return 0; + memset(out, 1, *outlen); + return 1; } diff --git a/crypto/sm2/sm2_id.c b/crypto/sm2/sm2_id.c index ada3865c..77c318f6 100644 --- a/crypto/sm2/sm2_id.c +++ b/crypto/sm2/sm2_id.c @@ -50,8 +50,8 @@ #include #include -#include #include +#include #include #include #include diff --git a/crypto/sm9/build.info b/crypto/sm9/build.info index 19bd5822..47d1d391 100644 --- a/crypto/sm9/build.info +++ b/crypto/sm9/build.info @@ -1,3 +1,3 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=sm9_lib.c sm9_err.c sm9_asn1.c sm9_params.c \ - sm9_setup.c sm9_keygen.c sm9_sign.c sm9_enc.c sm9_kap.c + sm9_setup.c sm9_keygen.c sm9_sign.c sm9_enc.c sm9_exch.c diff --git a/crypto/sm9/sm9_asn1.c b/crypto/sm9/sm9_asn1.c index 79f852b6..c8684b1e 100644 --- a/crypto/sm9/sm9_asn1.c +++ b/crypto/sm9/sm9_asn1.c @@ -87,6 +87,12 @@ ASN1_SEQUENCE(SM9PrivateKey) = { IMPLEMENT_ASN1_FUNCTIONS(SM9PrivateKey) IMPLEMENT_ASN1_DUP_FUNCTION(SM9PrivateKey) +ASN1_SEQUENCE(SM9PublicKey) = { + ASN1_SIMPLE(SM9PublicKey, publicPoint, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(SM9PublicKey) +IMPLEMENT_ASN1_FUNCTIONS(SM9PublicKey) +IMPLEMENT_ASN1_DUP_FUNCTION(SM9PublicKey) + ASN1_SEQUENCE(SM9Ciphertext) = { ASN1_SIMPLE(SM9Ciphertext, pointC1, ASN1_OCTET_STRING), ASN1_SIMPLE(SM9Ciphertext, c2, ASN1_OCTET_STRING), @@ -102,3 +108,7 @@ ASN1_SEQUENCE(SM9Signature) = { IMPLEMENT_ASN1_FUNCTIONS(SM9Signature) IMPLEMENT_ASN1_DUP_FUNCTION(SM9Signature) +int SM9PublicKey_gmtls_encode(SM9PublicKey *pk, unsigned char key[1024]) +{ + return 0; +} diff --git a/crypto/sm9/sm9_enc.c b/crypto/sm9/sm9_enc.c index bd7c7178..1c7d717c 100644 --- a/crypto/sm9/sm9_enc.c +++ b/crypto/sm9/sm9_enc.c @@ -107,6 +107,13 @@ static int SM9PublicParameters_get_point_size(SM9PublicParameters *mpk, return 1; } +int SM9_wrap_key_ex(SM9PublicParameters *mpk, size_t keylen, + unsigned char *outkey, unsigned char *outcipher, size_t *outcipherlen, + SM9PublicKey *pk) +{ + return 0; +} + int SM9_wrap_key(SM9PublicParameters *mpk, size_t keylen, unsigned char *outkey, unsigned char *outcipher, size_t *outcipherlen, const char *id, size_t idlen) @@ -308,6 +315,14 @@ end: return ret; } +int SM9_unwrap_key_ex(SM9PublicParameters *mpk, size_t keylen, + const unsigned char *incipher, size_t incipherlen, + unsigned char *outkey, + SM9PublicKey *pk, SM9PrivateKey *sk) +{ + return 0; +} + int SM9_unwrap_key(SM9PublicParameters *mpk, size_t keylen, const unsigned char *incipher, size_t incipherlen, unsigned char *outkey, @@ -791,6 +806,14 @@ end: return ret; } +SM9Ciphertext *SM9_do_encrypt_ex(SM9PublicParameters *mpk, + const SM9EncParameters *encparams, + const unsigned char *in, size_t inlen, + SM9PublicKey *pk) +{ + return NULL; +} + SM9Ciphertext *SM9_do_encrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams, const unsigned char *in, size_t inlen, @@ -1012,6 +1035,14 @@ static int SM9Ciphertext_size(SM9PublicParameters *mpk, *outlen = inlen + 4096; } +int SM9_encrypt_ex(SM9PublicParameters *mpk, const SM9EncParameters *encparams, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, + SM9PublicKey *pk) +{ + return 0; +} + int SM9_encrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, @@ -1095,6 +1126,14 @@ static int SM9EncParameters_init_with_recommended(SM9EncParameters *encparams) return 1; } +int SM9_encrypt_with_recommended_ex(SM9PublicParameters *mpk, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, + SM9PublicKey *pk) +{ + return 0; +} + int SM9_encrypt_with_recommended(SM9PublicParameters *mpk, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, @@ -1114,4 +1153,3 @@ int SM9_decrypt_with_recommended(SM9PublicParameters *mpk, SM9EncParameters_init_with_recommended(&encparams); return SM9_decrypt(mpk, &encparams, in, inlen, out, outlen, sk, id, idlen); } - diff --git a/crypto/sm9/sm9_kap.c b/crypto/sm9/sm9_exch.c similarity index 83% rename from crypto/sm9/sm9_kap.c rename to crypto/sm9/sm9_exch.c index 506b9e80..ebfbebb5 100644 --- a/crypto/sm9/sm9_kap.c +++ b/crypto/sm9/sm9_exch.c @@ -51,3 +51,23 @@ #include #include "sm9_lcl.h" +/* + * h = H1(ID_B || hid, N) + * Q_B = [h]P1 + P_pub + * r_A = rand(1, N-1) + * R_A = [r_A]Q_B + */ +SM9PublicKey *SM9_generate_key_exchange(SM9PublicParameters *mpk, + const char *peer_id, size_t peer_idlen, BIGNUM **r) +{ + return NULL; +} + +int SM9_compute_share_key(SM9PublicParameters *mpk, + unsigned char *out, size_t *outlen, + const char *peer_id, size_t peer_idlen, SM9PublicKey *peer_exch, + const char *id, size_t idlen, SM9PublicKey *exch, + SM9PrivateKey *sk, int initiator) +{ + return 0; +} diff --git a/crypto/sm9/sm9_keygen.c b/crypto/sm9/sm9_keygen.c index 0d5bbbe8..249a1d3c 100644 --- a/crypto/sm9/sm9_keygen.c +++ b/crypto/sm9/sm9_keygen.c @@ -173,3 +173,27 @@ end: EC_POINT_free(point); return NULL; } + +SM9PublicKey *SM9_extract_sign_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen) +{ + return NULL; +} + +SM9PublicKey *SM9_extract_exch_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen) +{ + return NULL; +} + +SM9PublicKey *SM9_extract_enc_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen) +{ + return NULL; +} + +SM9PublicKey *SM9PrivateKey_get_public_key(SM9PublicParameters *mpk, + SM9PrivateKey *sk) +{ + return NULL; +} diff --git a/crypto/sm9/sm9_lcl.h b/crypto/sm9/sm9_lcl.h index fa313620..0f6747b3 100644 --- a/crypto/sm9/sm9_lcl.h +++ b/crypto/sm9/sm9_lcl.h @@ -54,19 +54,20 @@ #include /* Curve ID */ -#define SM9_CID_TYPE0CURVE 0x10 -#define SM9_CID_TYPE1CURVE 0x11 -#define SM9_CID_TYPE2CURVE 0x12 +/* 一个字节表示的曲线类型 */ +#define SM9_CID_TYPE0CURVE 0x10 /* Fp上的常曲线 */ +#define SM9_CID_TYPE1CURVE 0x11 /* Fp上的超奇异曲线 */ +#define SM9_CID_TYPE2CURVE 0x12 /* Fp上常曲线及其扭曲线 */ /* Pairing ID */ +/* 一个字节表示的双线性对类型 */ #define SM9_EID_TATE 0x01 #define SM9_EID_WEIL 0x02 #define SM9_EID_ATE 0x03 #define SM9_EID_RATE 0x04 -#define SM9_MAX_ID_LENGTH 127 - /* not clear what it is */ +/* 一个字节的签名私钥生成函数标识符 */ #define SM9_HID 0xc9 #ifdef __cplusplus @@ -95,6 +96,13 @@ struct SM9MasterSecret_st { BIGNUM *masterSecret; }; +/* 签名算法中公钥为G2上的点 + * 密钥交换和加密中为G1上的点 + */ +struct SM9PublicKey_st { + ASN1_OCTET_STRING *publicPoint; +}; + struct SM9PrivateKey_st { ASN1_OCTET_STRING *privatePoint; }; diff --git a/crypto/sm9/sm9_lib.c b/crypto/sm9/sm9_lib.c index 30497766..94fb2b74 100644 --- a/crypto/sm9/sm9_lib.c +++ b/crypto/sm9/sm9_lib.c @@ -53,6 +53,18 @@ #include #include "sm9_lcl.h" +int SM9PrivateKey_get_gmtls_public_key(SM9PublicParameters *mpk, + SM9PrivateKey *sk, unsigned char pub_key[1024]) +{ + return 0; +} + +int SM9PublicKey_get_gmtls_encoded(SM9PublicParameters *mpk, + SM9PublicKey *pk, unsigned char encoded[1024]) +{ + return 0; +} + int SM9_hash1(const EVP_MD *md, BIGNUM **r, const char *id, size_t idlen, unsigned char hid, diff --git a/crypto/sm9/sm9_setup.c b/crypto/sm9/sm9_setup.c index 3bbf4067..9979279d 100644 --- a/crypto/sm9/sm9_setup.c +++ b/crypto/sm9/sm9_setup.c @@ -104,10 +104,7 @@ int SM9_setup_type1curve(const EC_GROUP *group, const EVP_MD *md, } /* mpk->beta = 0 */ - if (!BN_zero(mpk->beta)) { - SM9err(SM9_F_SM9_SETUP_TYPE1CURVE, ERR_R_BN_LIB); - goto end; - } + BN_zero(mpk->beta); /* mpk->order = group->order */ if (!EC_GROUP_get_order(group, mpk->order, bn_ctx)) { diff --git a/crypto/sm9/sm9_sign.c b/crypto/sm9/sm9_sign.c index a992a583..4106ecff 100644 --- a/crypto/sm9/sm9_sign.c +++ b/crypto/sm9/sm9_sign.c @@ -55,6 +55,11 @@ #include #include "sm9_lcl.h" +int SM9_signature_size(SM9PublicParameters *mpk) +{ + return 0; +} + static SM9Signature *SM9_do_sign_type1curve(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, SM9PrivateKey *sk) { @@ -226,6 +231,13 @@ SM9Signature *SM9_do_sign(SM9PublicParameters *mpk, return NULL; } +int SM9_do_verify_type1curve_ex(SM9PublicParameters *mpk, + const unsigned char *dgst, size_t dgstlen, + const SM9Signature *sig, SM9PublicKey *pk) +{ + return -1; +} + int SM9_do_verify_type1curve(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, const SM9Signature *sig, const char *id, size_t idlen) @@ -397,6 +409,13 @@ end: return ret; } +int SM9_do_verify_ex(SM9PublicParameters *mpk, + const unsigned char *dgst, size_t dgstlen, + const SM9Signature *sig, SM9PublicKey *pk) +{ + return -1; +} + int SM9_do_verify(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, const SM9Signature *sig, const char *id, size_t idlen) @@ -472,6 +491,12 @@ end: return ret; } +int SM9_verify_ex(SM9PublicParameters *mpk, const unsigned char *dgst, + size_t dgstlen, const unsigned char *sig, size_t siglen, + SM9PublicKey *pk) +{ + return -1; +} int SM9_verify(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, const unsigned char *sig, size_t siglen, diff --git a/crypto/sms4/build.info b/crypto/sms4/build.info index c732a3c7..0c9f3d2b 100644 --- a/crypto/sms4/build.info +++ b/crypto/sms4/build.info @@ -1,4 +1,4 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ sms4_common.c sms4_setkey.c sms4_enc.c sms4_enc_nblks.c \ - sms4_ecb.c sms4_cbc.c sms4_cfb.c sms4_ctr.c sms4_ofb.c sms4_wrap.c + sms4_ecb.c sms4_cbc.c sms4_cfb.c sms4_ctr.c sms4_ofb.c sms4_wrap.c diff --git a/crypto/sms4/sms4_common.c b/crypto/sms4/sms4_common.c index 5751f1fa..ee527410 100644 --- a/crypto/sms4/sms4_common.c +++ b/crypto/sms4/sms4_common.c @@ -47,7 +47,6 @@ * ==================================================================== */ -#include #include "sms4_lcl.h" uint8_t SBOX[256] = { diff --git a/crypto/sms4/sms4_enc_knc.c b/crypto/sms4/sms4_enc_knc.c index a5e10397..7b206a0f 100644 --- a/crypto/sms4/sms4_enc_knc.c +++ b/crypto/sms4/sms4_enc_knc.c @@ -48,7 +48,6 @@ */ -#include #include #include #include "sms4_lcl.h" diff --git a/crypto/sms4/sms4_lcl.h b/crypto/sms4/sms4_lcl.h index 4a06b893..52e0b293 100644 --- a/crypto/sms4/sms4_lcl.h +++ b/crypto/sms4/sms4_lcl.h @@ -50,6 +50,8 @@ #ifndef HEADER_SMS4_LCL_H #define HEADER_SMS4_LCL_H +#include + #ifdef __cplusplus extern "C" { #endif diff --git a/crypto/sof/sof_lib.c b/crypto/sof/sof_lib.c index dba2cdef..67157708 100644 --- a/crypto/sof/sof_lib.c +++ b/crypto/sof/sof_lib.c @@ -73,10 +73,12 @@ static char *sof_encode(const unsigned char *bin, unsigned int binlen) return NULL; } +#if 0 static int sof_decode(const char *b64, unsigned char **pdata, unsigned int *pdatalen) { return 0; } +#endif BSTR SOF_GetVersion(void) { @@ -459,7 +461,6 @@ BSTR SOF_GenRandom(short RandomLen) char *ret = NULL; char *b64 = NULL; unsigned char *bin = NULL; - unsigned int b64len = (RandomLen * 4)/3 + 128; int rv; if (!(bin = OPENSSL_malloc(RandomLen)) diff --git a/crypto/speck/build.info b/crypto/speck/build.info old mode 100644 new mode 100755 diff --git a/crypto/speck/speck.c b/crypto/speck/speck.c old mode 100644 new mode 100755 index 0fcbd9e6..522c076d --- a/crypto/speck/speck.c +++ b/crypto/speck/speck.c @@ -48,6 +48,7 @@ */ #include +#include "speck_lcl.h" void speck_set_encrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[SPECK_ROUNDS16]) { @@ -63,6 +64,7 @@ void speck_set_encrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[i + 1] = b; } } + void speck_set_decrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[SPECK_ROUNDS16]) { SPECK_TYPE16 i, b = K[0]; @@ -77,6 +79,7 @@ void speck_set_decrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[i + 1] = b; } } + void speck_encrypt16(SPECK_TYPE16 const pt[2], SPECK_TYPE16 ct[2], SPECK_TYPE16 const K[SPECK_ROUNDS16]) { SPECK_TYPE16 i; @@ -96,8 +99,6 @@ void speck_decrypt16(SPECK_TYPE16 const ct[2], SPECK_TYPE16 pt[2], SPECK_TYPE16 } } - - void speck_set_encrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[SPECK_ROUNDS32]) { SPECK_TYPE32 i, b = K[0]; @@ -112,6 +113,7 @@ void speck_set_encrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[i + 1] = b; } } + void speck_set_decrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[SPECK_ROUNDS32]) { SPECK_TYPE32 i, b = K[0]; @@ -126,6 +128,7 @@ void speck_set_decrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[i + 1] = b; } } + void speck_encrypt32(SPECK_TYPE32 const pt[2], SPECK_TYPE32 ct[2], SPECK_TYPE32 const K[SPECK_ROUNDS32]) { SPECK_TYPE32 i; @@ -145,7 +148,6 @@ void speck_decrypt32(SPECK_TYPE32 const ct[2], SPECK_TYPE32 pt[2], SPECK_TYPE32 } } - void speck_set_encrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[SPECK_ROUNDS64]) { SPECK_TYPE64 i, b = K[0]; @@ -160,6 +162,7 @@ void speck_set_encrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[i + 1] = b; } } + void speck_set_decrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[SPECK_ROUNDS64]) { SPECK_TYPE64 i, b = K[0]; @@ -174,6 +177,7 @@ void speck_set_decrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[i + 1] = b; } } + void speck_encrypt64(SPECK_TYPE64 const pt[2], SPECK_TYPE64 ct[2], SPECK_TYPE64 const K[SPECK_ROUNDS64]) { SPECK_TYPE64 i; diff --git a/engines/sm_standard/zuc/zuc_standard.h b/crypto/speck/speck_lcl.h similarity index 66% rename from engines/sm_standard/zuc/zuc_standard.h rename to crypto/speck/speck_lcl.h index 3bd74219..526f8573 100644 --- a/engines/sm_standard/zuc/zuc_standard.h +++ b/crypto/speck/speck_lcl.h @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -46,28 +46,29 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#ifndef HEADER_ZUC_STANDARD_H -#define HEADER_ZUC_STANDARD_H +#ifndef HEADER_SPECK_LCL_H +#define HEADER_SPECK_LCL_H -#include -#ifndef NO_GMSSL -#include -#include -#include -#include +#define SPECK_TYPE16 uint16_t +#define SPECK_TYPE32 uint32_t +#define SPECK_TYPE64 uint64_t -# ifdef __cplusplus -extern "C" { -# endif -void zuc_standard_init(unsigned char k[], unsigned char iv[], uint32_t LFSR_S[], uint32_t BR_X[], uint32_t F_R[]); -void zuc_standard_work(uint32_t LFSR_S[], uint32_t BR_X[], uint32_t F_R[], uint32_t pKeyStream[], int KeyStreamLen); -void zuc_genkeystream(unsigned char k[], unsigned char iv[], uint32_t KeyStream[], int KeyStreamLen); -void zuc_confidentiality(unsigned char CK[], uint32_t COUNT, unsigned char BEARER, unsigned - char DIRECTION, uint32_t IBS[], int LENGTH, uint32_t OBS[]); -uint32_t zuc_integrity(unsigned char IK[], uint32_t COUNT, unsigned char BEARER, unsigned - char DIRECTION, uint32_t M[], int LENGTH); -# ifdef __cplusplus -} -# endif -# endif -# endif \ No newline at end of file +#define ROR16(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE16) * 8) - r))) +#define ROL16(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE16) * 8) - r))) + +#define ROR32(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE32) * 8) - r))) +#define ROL32(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE32) * 8) - r))) + +#define ROR64(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE64) * 8) - r))) +#define ROL64(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE64) * 8) - r))) + +#define R16(x, y, k) (x = ROR16(x, 7), x += y, x ^= k, y = ROL16(y, 2), y ^= x) +#define RR16(x, y, k) (y ^= x, y = ROR16(y, 2), x ^= k, x -= y, x = ROL16(x, 7)) + +#define R32(x, y, k) (x = ROR32(x, 8), x += y, x ^= k, y = ROL32(y, 3), y ^= x) +#define RR32(x, y, k) (y ^= x, y = ROR32(y, 3), x ^= k, x -= y, x = ROL32(x, 8)) + +#define R64(x, y, k) (x = ROR64(x, 8), x += y, x ^= k, y = ROL64(y, 3), y ^= x) +#define RR64(x, y, k) (y ^= x, y = ROR64(y, 3), x ^= k, x -= y, x = ROL64(x, 8)) + +#endif diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c index 77ce8108..a0e8b6de 100644 --- a/crypto/x509/t_req.c +++ b/crypto/x509/t_req.c @@ -14,8 +14,12 @@ #include #include #include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif #ifndef OPENSSL_NO_STDIO int X509_REQ_print_fp(FILE *fp, X509_REQ *x) diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c index eb65d887..c5fbad29 100644 --- a/crypto/x509/t_x509.c +++ b/crypto/x509/t_x509.c @@ -217,6 +217,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, int X509_ocspid_print(BIO *bp, X509 *x) { +#ifndef OPENSSL_NO_SHA unsigned char *der = NULL; unsigned char *dertmp; int derlen; @@ -270,6 +271,10 @@ int X509_ocspid_print(BIO *bp, X509 *x) err: OPENSSL_free(der); return (0); +#else + BIO_printf(bp, "(SHA1 disabled)\n"); + return (1); +#endif } int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 01056356..651e3a7d 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -29,18 +29,17 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) return (X509_NAME_cmp(ai->issuer, bi->issuer)); } -#ifndef OPENSSL_NO_MD5 unsigned long X509_issuer_and_serial_hash(X509 *a) { unsigned long ret = 0; EVP_MD_CTX *ctx = EVP_MD_CTX_new(); - unsigned char md[16]; + unsigned char md[EVP_MAX_MD_SIZE]; char *f; if (ctx == NULL) goto err; f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); - if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) + if (!EVP_DigestInit_ex(ctx, EVP_get_default_digest(), NULL)) goto err; if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f))) goto err; @@ -58,7 +57,6 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) EVP_MD_CTX_free(ctx); return (ret); } -#endif int X509_issuer_name_cmp(const X509 *a, const X509 *b) { @@ -77,7 +75,7 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) { - return memcmp(a->sha1_hash, b->sha1_hash, 20); + return memcmp(a->sha1_hash, b->sha1_hash, sizeof(a->sha1_hash)); } X509_NAME *X509_get_issuer_name(const X509 *a) @@ -90,12 +88,10 @@ unsigned long X509_issuer_name_hash(X509 *x) return (X509_NAME_hash(x->cert_info.issuer)); } -#ifndef OPENSSL_NO_MD5 unsigned long X509_issuer_name_hash_old(X509 *x) { return (X509_NAME_hash_old(x->cert_info.issuer)); } -#endif X509_NAME *X509_get_subject_name(const X509 *a) { @@ -117,12 +113,10 @@ unsigned long X509_subject_name_hash(X509 *x) return (X509_NAME_hash(x->cert_info.subject)); } -#ifndef OPENSSL_NO_MD5 unsigned long X509_subject_name_hash_old(X509 *x) { return (X509_NAME_hash_old(x->cert_info.subject)); } -#endif /* * Compare two certificates: they must be identical for this to work. NB: @@ -139,7 +133,7 @@ int X509_cmp(const X509 *a, const X509 *b) X509_check_purpose((X509 *)a, -1, 0); X509_check_purpose((X509 *)b, -1, 0); - rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); + rv = memcmp(a->sha1_hash, b->sha1_hash, sizeof(a->sha1_hash)); if (rv) return rv; /* Check for match against stored encoding too */ @@ -184,21 +178,21 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret = 0; - unsigned char md[SHA_DIGEST_LENGTH]; + unsigned char md[EVP_MAX_MD_SIZE]; /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x, NULL); - if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), - NULL)) + if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, + EVP_get_default_digest(), NULL)) return 0; ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L) ) & 0xffffffffL; + return (ret); } -#ifndef OPENSSL_NO_MD5 /* * I now DER encode the name and hash it. Since I cache the DER encoding, * this is reasonably efficient. @@ -208,7 +202,7 @@ unsigned long X509_NAME_hash_old(X509_NAME *x) { EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); unsigned long ret = 0; - unsigned char md[16]; + unsigned char md[EVP_MAX_MD_SIZE]; if (md_ctx == NULL) return ret; @@ -216,7 +210,7 @@ unsigned long X509_NAME_hash_old(X509_NAME *x) /* Make sure X509_NAME structure contains valid cached encoding */ i2d_X509_NAME(x, NULL); EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) + if (EVP_DigestInit_ex(md_ctx, EVP_get_default_digest(), NULL) && EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length) && EVP_DigestFinal_ex(md_ctx, md, NULL)) ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | @@ -226,7 +220,6 @@ unsigned long X509_NAME_hash_old(X509_NAME *x) return (ret); } -#endif /* Search a stack of X509 for a match */ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 3d72787d..7429e9cc 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -57,7 +57,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) if (pubkey == NULL || !X509_set_pubkey(ret, pubkey)) goto err; - if (!X509_sign(ret, pkey, EVP_md5())) + if (!X509_sign(ret, pkey, EVP_get_default_digest())) goto err; return ret; diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 59f96a52..962942f9 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -16,8 +16,12 @@ #include #include "internal/x509_int.h" #include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA #include +#endif #include int X509_verify(X509 *a, EVP_PKEY *r) @@ -363,6 +367,7 @@ int X509_pubkey_digest(const X509 *data, const EVP_MD *type, int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { +#ifndef OPENSSL_NO_SHA if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0) { /* Asking for SHA1 and we already computed it. */ if (len != NULL) @@ -370,6 +375,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, memcpy(md, data->sha1_hash, sizeof(data->sha1_hash)); return 1; } +#endif return (ASN1_item_digest (ASN1_ITEM_rptr(X509), type, (char *)data, md, len)); } @@ -377,6 +383,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { +#ifndef OPENSSL_NO_SHA if (type == EVP_sha1()) { /* Asking for SHA1; always computed in CRL d2i. */ if (len != NULL) @@ -384,6 +391,7 @@ int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, memcpy(md, data->sha1_hash, sizeof(data->sha1_hash)); return 1; } +#endif return (ASN1_item_digest (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len)); } diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c index da9c6b61..ce362f86 100644 --- a/crypto/x509/x_crl.c +++ b/crypto/x509/x_crl.c @@ -156,6 +156,14 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, STACK_OF(X509_EXTENSION) *exts; X509_EXTENSION *ext; int idx; + const EVP_MD *md; +#ifndef OPENSSL_NO_SHA + md = EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +#else + return 0; +#endif switch (operation) { case ASN1_OP_NEW_POST: @@ -172,7 +180,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, break; case ASN1_OP_D2I_POST: - X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); + X509_CRL_digest(crl, md, crl->sha1_hash, NULL); crl->idp = X509_CRL_get_ext_d2i(crl, NID_issuing_distribution_point, NULL, NULL); diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 16ed7f8e..c5ac54ef 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -14,9 +14,15 @@ #include "internal/asn1_int.h" #include "internal/evp_int.h" #include "internal/x509_int.h" -#include -#include -#include +#ifndef OPENSSL_NO_RSA +# include +#endif +#ifndef OPENSSL_NO_DSA +# include +#endif +#ifndef OPENSSL_NO_PAILLIER +# include +#endif struct X509_pubkey_st { X509_ALGOR *algor; diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 451e7f87..d4402bb4 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -351,11 +351,19 @@ static void x509v3_cache_extensions(X509 *x) ASN1_BIT_STRING *ns; EXTENDED_KEY_USAGE *extusage; X509_EXTENSION *ex; + const EVP_MD *md; +#ifndef OPENSSL_NO_SHA + md = EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +#else + return; +#endif int i; if (x->ex_flags & EXFLAG_SET) return; - X509_digest(x, EVP_sha1(), x->sha1_hash, NULL); + X509_digest(x, md, x->sha1_hash, NULL); /* V1 should mean no extensions ... */ if (!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c index 39597dc4..e06d0486 100644 --- a/crypto/x509v3/v3_skey.c +++ b/crypto/x509v3/v3_skey.c @@ -61,6 +61,14 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, int pklen; unsigned char pkey_dig[EVP_MAX_MD_SIZE]; unsigned int diglen; + const EVP_MD *md; +#ifndef OPENSSL_NO_SHA + md = EVP_sha1(); +#elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +#else + return NULL; +#endif if (strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); @@ -90,7 +98,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey); - if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, EVP_sha1(), NULL)) + if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, md, NULL)) goto err; if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { diff --git a/crypto/zuc/build.info b/crypto/zuc/build.info index 2076b029..016d75fb 100644 --- a/crypto/zuc/build.info +++ b/crypto/zuc/build.info @@ -1,2 +1,2 @@ LIBS=../../libcrypto -SOURCE[../../libcrypto]=zuc.c zuc_spec.c +SOURCE[../../libcrypto]=zuc.c zuc_spec.c diff --git a/engines/sm_standard/sms4/sms4_standard.h b/crypto/zuc/zuc_128eea3.c similarity index 73% rename from engines/sm_standard/sms4/sms4_standard.h rename to crypto/zuc/zuc_128eea3.c index 818cc56c..9e88fe86 100644 --- a/engines/sm_standard/sms4/sms4_standard.h +++ b/crypto/zuc/zuc_128eea3.c @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -47,28 +47,29 @@ * ==================================================================== */ -#ifndef HEADER_SMS4_STANDARD_H -#define HEADER_SMS4_STANDARD_H +#include +#include "zuc_lcl.h" -#include -#ifndef NO_GMSSL +void zuc_128eea3_init(zuc_128eea3_t *ctx, const unsigned char *user_key, + uint32_t count, uint32_t bearer, int direction) +{ + unsigned char iv[16] = {0}; + iv[0] = iv[8] = (count >> 24) & 0xff; + iv[1] = iv[9] = (count >> 16) & 0xff; + iv[2] = iv[10] = (count >> 8) & 0xff; + iv[3] = iv[11] = count & 0xff; + iv[4] = iv[12] = ((bearer << 3) | ((direction & 1) << 2)) & 0xfc; -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -void sms4_standard_encrypt(const unsigned char *in, unsigned char *out, const unsigned char *key); -void sms4_standard_decrypt(const unsigned char *in, unsigned char *out, const unsigned char *key); - -#ifdef __cplusplus + zuc_ctx_init(ctx->zuc_ctx, user_key, iv); } -#endif -#endif -#endif - +void zuc_128eea3_encrypt(zuc_128eea3_t *eea3, size_t len, + const unsigned char *in, unsigned char *out) +{ + return zuc_encrypt(); +} +void zuc_128eea3(const unsigned char *key, uint32_t count, uint32_t bearer, int direction, + size_t len, const unsigned char *in, unsigned char *out) +{ +} diff --git a/crypto/zuc/zuc_128eia3.c b/crypto/zuc/zuc_128eia3.c new file mode 100644 index 00000000..949c65b4 --- /dev/null +++ b/crypto/zuc/zuc_128eia3.c @@ -0,0 +1,132 @@ +/* ==================================================================== + * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include "zuc_lcl.h" + +void eea3_init(eea3_ctx_t *ctx, const unsigned char *user_key, + uint32_t count, uint32_t bearer, int direction) +{ + unsigned char iv[16] = {0}; + iv[0] = iv[8] = (count >> 24) & 0xff; + iv[1] = iv[9] = (count >> 16) & 0xff; + iv[2] = iv[10] = (count >> 8) & 0xff; + iv[3] = iv[11] = count & 0xff; + iv[4] = iv[12] = ((bearer << 3) | ((direction & 1) << 2)) & 0xfc; + + zuc_ctx_init(ctx->zuc_ctx, user_key, iv); +} + +void eea3_encrypt(eea3_ctx_t *ctx, size_t len, const unsigned char *in, unsigned char *out); + + + +void eea3(const unsigned char *key, uint32_t count, uint32_t bearer, int direction, + size_t len, const unsigned char *in, unsigned char *out); + + + +u32 GET_WORD(u32 * DATA, u32 i) +{ + u32 WORD, ti; + ti = i % 32; + + if (ti == 0) { + WORD = DATA[i/32]; + } + else { + WORD = (DATA[i/32]<>(32-ti)); + } + return WORD; +} + +u8 GET_BIT(u32 * DATA, u32 i) +{ + return (DATA[i/32] & (1<<(31-(i%32)))) ? 1 : 0; +} + +void EIA3(u8* IK, u32 count, u32 DIRECTION, u32 BEARER, u32 LENGTH, u32* M, u32* MAC) +{ + u32 *z, N, L, T, i; + u8 iv[16]; + + iv[0] = (count>>24) & 0xFF; + iv[1] = (count>>16) & 0xFF; + iv[2] = (count>>8) & 0xFF; + iv[3] = count & 0xFF; + + iv[4] = (BEARER << 3) & 0xF8; + iv[5] = iv[6] = iv[7] = 0; + + iv[8] = ((count>>24) & 0xFF) ^ ((DIRECTION&1)<<7); + iv[9] = (count>>16) & 0xFF; + iv[10] = (count>>8) & 0xFF; + iv[11] = count & 0xFF; + + iv[12] = iv[4]; + iv[13] = iv[5]; + iv[14] = iv[6] ^ ((DIRECTION&1)<<7); + iv[15] = iv[7]; + + N = LENGTH + 64; + L = (N + 31) / 32; + z = (u32 *) malloc(L*sizeof(u32)); + ZUC(IK, iv, z, L); + + T = 0; + for (i = 0; i < LENGTH; i++) { + if (GET_BIT(M,i)) { + T ^= GET_WORD(z,i); + } + } + T ^= GET_WORD(z,LENGTH); + + *MAC = T ^ z[L-1]; + free(z); +} diff --git a/crypto/zuc/zuc_core.c b/crypto/zuc/zuc_core.c index d89ac1d3..9f7902ec 100644 --- a/crypto/zuc/zuc_core.c +++ b/crypto/zuc/zuc_core.c @@ -53,17 +53,18 @@ #include #include "zuc_spec.h" -/* the state registers of LFSR */ + typedef struct { - uint32_t lfsr_state[16]; - uint32_t f_reg[2]; - uint32_t brc_x[4]; + uint32_t lfsr_s[16]; + uint32_t f_r[2]; + uint32_t brc_x[4]; } zuc_key_t; -/* the s-boxes */ -const unsigned char ZUC_S0[256] = { + + +static unsigned char S0[256] = { 0x3e,0x72,0x5b,0x47,0xca,0xe0,0x00,0x33,0x04,0xd1,0x54,0x98,0x09,0xb9,0x6d,0xcb, 0x7b,0x1b,0xf9,0x32,0xaf,0x9d,0x6a,0xa5,0xb8,0x2d,0xfc,0x1d,0x08,0x53,0x03,0x90, 0x4d,0x4e,0x84,0x99,0xe4,0xce,0xd9,0x91,0xdd,0xb6,0x85,0x48,0x8b,0x29,0x6e,0xac, @@ -79,10 +80,10 @@ const unsigned char ZUC_S0[256] = { 0x0e,0x86,0xab,0xbe,0x2a,0x02,0xe7,0x67,0xe6,0x44,0xa2,0x6c,0xc2,0x93,0x9f,0xf1, 0xf6,0xfa,0x36,0xd2,0x50,0x68,0x9e,0x62,0x71,0x15,0x3d,0xd6,0x40,0xc4,0xe2,0x0f, 0x8e,0x83,0x77,0x6b,0x25,0x05,0x3f,0x0c,0x30,0xea,0x70,0xb7,0xa1,0xe8,0xa9,0x65, - 0x8d,0x27,0x1a,0xdb,0x81,0xb3,0xa0,0xf4,0x45,0x7a,0x19,0xdf,0xee,0x78,0x34,0x60 + 0x8d,0x27,0x1a,0xdb,0x81,0xb3,0xa0,0xf4,0x45,0x7a,0x19,0xdf,0xee,0x78,0x34,0x60, }; -const unsigned char ZUC_S1[256] = { +static unsigned char S1[256] = { 0x55,0xc2,0x63,0x71,0x3b,0xc8,0x47,0x86,0x9f,0x3c,0xda,0x5b,0x29,0xaa,0xfd,0x77, 0x8c,0xc5,0x94,0x0c,0xa6,0x1a,0x13,0x00,0xe3,0xa8,0x16,0x72,0x40,0xf9,0xf8,0x42, 0x44,0x26,0x68,0x96,0x81,0xd9,0x45,0x3e,0x10,0x76,0xc6,0xa7,0x8b,0x39,0x43,0xe1, @@ -98,291 +99,205 @@ const unsigned char ZUC_S1[256] = { 0xa3,0xef,0xea,0x51,0xe6,0x6b,0x18,0xec,0x1b,0x2c,0x80,0xf7,0x74,0xe7,0xff,0x21, 0x5a,0x6a,0x54,0x1e,0x41,0x31,0x92,0x35,0xc4,0x33,0x07,0x0a,0xba,0x7e,0x0e,0x34, 0x88,0xb1,0x98,0x7c,0xf3,0x3d,0x60,0x6c,0x7b,0xca,0xd3,0x1f,0x32,0x65,0x04,0x28, - 0x64,0xbe,0x85,0x9b,0x2f,0x59,0x8a,0xd7,0xb0,0x25,0xac,0xaf,0x12,0x03,0xe2,0xf2 + 0x64,0xbe,0x85,0x9b,0x2f,0x59,0x8a,0xd7,0xb0,0x25,0xac,0xaf,0x12,0x03,0xe2,0xf2, }; -/* the constants D */ -const uint32_t EK_d[16] = { - 0x44D7, 0x26BC, 0x626B, 0x135E, 0x5789, 0x35E2, 0x7135, 0x09AF, - 0x4D78, 0x2F13, 0x6BC4, 0x1AF1, 0x5E26, 0x3C4D, 0x789A, 0x47AC +uint32_t EK_d[16] = { + 0x44D7,0x26BC,0x626B,0x135E,0x5789,0x35E2,0x7135,0x09AF, + 0x4D78,0x2F13,0x6BC4,0x1AF1,0x5E26,0x3C4D,0x789A,0x47AC, }; -/* c = a + b mod (2^31 – 1) */ -uint32_t AddM(uint32_t a, uint32_t b) + +inline uint32_t zuc_madd(uint32_t a, uint32_t b) { - uint32_t c = a + b; + u32 c = a + b; return (c & 0x7FFFFFFF) + (c >> 31); } + /* LFSR with initialization mode */ #define MulByPow2(x, k) ((((x) << k) | ((x) >> (31 - k))) & 0x7FFFFFFF) -void LFSRWithInitialisationMode(u32 u) +void zuc_lfsr_init(zuc_key_t *key, uint32_t u) { uint32_t f, v; - f = key->lfsr_state[0]; - v = MulByPow2(key->lfsr_state[0], 8); + f = key->lfsr_s[0]; + + v = MulByPow2(key->lfsr_s[0], 8); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[4], 20); + v = MulByPow2(key->lfsr_s[4], 20); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[10], 21); + v = MulByPow2(key->lfsr_s[10], 21); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[13], 17); + v = MulByPow2(key->lfsr_s[13], 17); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[15], 15); + v = MulByPow2(key->lfsr_s[15], 15); f = AddM(f, v); f = AddM(f, u); + /* update the state */ - key->lfsr_state[0] = key->lfsr_state[1]; - key->lfsr_state[1] = key->lfsr_state[2]; - key->lfsr_state[2] = key->lfsr_state[3]; - key->lfsr_state[3] = key->lfsr_state[4]; - key->lfsr_state[4] = key->lfsr_state[5]; - key->lfsr_state[5] = key->lfsr_state[6]; - key->lfsr_state[6] = key->lfsr_state[7]; - key->lfsr_state[7] = key->lfsr_state[8]; - key->lfsr_state[8] = key->lfsr_state[9]; - key->lfsr_state[9] = key->lfsr_state[10]; - key->lfsr_state[10] = key->lfsr_state[11]; - key->lfsr_state[11] = key->lfsr_state[12]; - key->lfsr_state[12] = key->lfsr_state[13]; - key->lfsr_state[13] = key->lfsr_state[14]; - key->lfsr_state[14] = key->lfsr_state[15]; - key->lfsr_state[15] = f; + key->lfsr_s[0] = key->lfsr_s[1]; + key->lfsr_s[1] = key->lfsr_s[2]; + key->lfsr_s[2] = key->lfsr_s[3]; + key->lfsr_s[3] = key->lfsr_s[4]; + key->lfsr_s[4] = key->lfsr_s[5]; + key->lfsr_s[5] = key->lfsr_s[6]; + key->lfsr_s[6] = key->lfsr_s[7]; + key->lfsr_s[7] = key->lfsr_s[8]; + key->lfsr_s[8] = key->lfsr_s[9]; + key->lfsr_s[9] = key->lfsr_s[10]; + key->lfsr_s[10] = key->lfsr_s[11]; + key->lfsr_s[11] = key->lfsr_s[12]; + key->lfsr_s[12] = key->lfsr_s[13]; + key->lfsr_s[13] = key->lfsr_s[14]; + key->lfsr_s[14] = key->lfsr_s[15]; + key->lfsr_s[15] = f; } -/* LFSR with work mode */ -void LFSRWithWorkMode(void) +void zuc_lfst_word(zuc_key_t *key) { u32 f, v; - f = key->lfsr_state[0]; - v = MulByPow2(key->lfsr_state[0], 8); + f = key->lfsr_s[0]; + v = MulByPow2(key->lfsr_s[0], 8); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[4], 20); + v = MulByPow2(key->lfsr_s[4], 20); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[10], 21); + v = MulByPow2(key->lfsr_s[10], 21); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[13], 17); + v = MulByPow2(key->lfsr_s[13], 17); f = AddM(f, v); - v = MulByPow2(key->lfsr_state[15], 15); + v = MulByPow2(key->lfsr_s[15], 15); f = AddM(f, v); - /* update the state */ - key->lfsr_state[0] = key->lfsr_state[1]; - key->lfsr_state[1] = key->lfsr_state[2]; - key->lfsr_state[2] = key->lfsr_state[3]; - key->lfsr_state[3] = key->lfsr_state[4]; - key->lfsr_state[4] = key->lfsr_state[5]; - key->lfsr_state[5] = key->lfsr_state[6]; - key->lfsr_state[6] = key->lfsr_state[7]; - key->lfsr_state[7] = key->lfsr_state[8]; - key->lfsr_state[8] = key->lfsr_state[9]; - key->lfsr_state[9] = key->lfsr_state[10]; - key->lfsr_state[10] = key->lfsr_state[11]; - key->lfsr_state[11] = key->lfsr_state[12]; - key->lfsr_state[12] = key->lfsr_state[13]; - key->lfsr_state[13] = key->lfsr_state[14]; - key->lfsr_state[14] = key->lfsr_state[15]; - key->lfsr_state[15] = f; + + key->lfsr_s[0] = key->lfsr_s[1]; + key->lfsr_s[1] = key->lfsr_s[2]; + key->lfsr_s[2] = key->lfsr_s[3]; + key->lfsr_s[3] = key->lfsr_s[4]; + key->lfsr_s[4] = key->lfsr_s[5]; + key->lfsr_s[5] = key->lfsr_s[6]; + key->lfsr_s[6] = key->lfsr_s[7]; + key->lfsr_s[7] = key->lfsr_s[8]; + key->lfsr_s[8] = key->lfsr_s[9]; + key->lfsr_s[9] = key->lfsr_s[10]; + key->lfsr_s[10] = key->lfsr_s[11]; + key->lfsr_s[11] = key->lfsr_s[12]; + key->lfsr_s[12] = key->lfsr_s[13]; + key->lfsr_s[13] = key->lfsr_s[14]; + key->lfsr_s[14] = key->lfsr_s[15]; + key->lfsr_s[15] = f; } -/* BitReorganization */ -void BitReorganization(void) +void zuc_bit_reorganization(zuc_key_t *key) { - BRC_X0 = ((key->lfsr_state[15] & 0x7FFF8000) << 1) | (key->lfsr_state[14] & 0xFFFF); - BRC_X1 = ((key->lfsr_state[11] & 0xFFFF) << 16) | (key->lfsr_state[9] >> 15); - BRC_X2 = ((key->lfsr_state[7] & 0xFFFF) << 16) | (key->lfsr_state[5] >> 15); - BRC_X3 = ((key->lfsr_state[2] & 0xFFFF) << 16) | (key->lfsr_state[0] >> 15); + key->brc_x[0] = ((key->lfsr_s[15] & 0x7FFF8000) << 1) | (key->lfsr_s[14] & 0xFFFF); + key->brc_x[1] = ((key->lfsr_s[11] & 0xFFFF) << 16) | (key->lfsr_s[9] >> 15); + key->brc_x[2] = ((key->lfsr_s[7] & 0xFFFF) << 16) | (key->lfsr_s[5] >> 15); + key->brc_x[3] = ((key->lfsr_s[2] & 0xFFFF) << 16) | (key->lfsr_s[0] >> 15); } -#define ROT(a, k) (((a) << k) | ((a) >> (32 - k))) +#define ROT32(a, k) (((a) << k) | ((a) >> (32 - k))) -/* L1 */ -u32 L1(u32 X) +#define L1(x) \ + ((x) ^ \ + ROT32((x), 2) ^ \ + ROT32((x), 10) ^ \ + ROT32((x), 18) ^ \ + ROT32((x), 24)) + +#define L2(x) \ + ((x) ^ \ + ROT32((x), 8) ^ \ + ROT32((x), 14) ^ \ + ROT32((x), 22) ^ \ + ROT32((x), 30)) + +#define GET32(pc) ( \ + ((uint32_t)(pc)[0] << 24) ^ \ + ((uint32_t)(pc)[1] << 16) ^ \ + ((uint32_t)(pc)[2] << 8) ^ \ + ((uint32_t)(pc)[3])) + +#define PUT32(st, ct) \ + (ct)[0] = (uint8_t)((st) >> 24); \ + (ct)[1] = (uint8_t)((st) >> 16); \ + (ct)[2] = (uint8_t)((st) >> 8); \ + +#define MAKEU32(a, b, c, d) \ + (((uint32_t)(a) << 24) | \ + ((uint32_t)(b) << 16) | \ + ((uint32_t)(c) << 8) | \ + ((uint32_t)(d))) + +#define MAKEU31(a, b, c) \ + (((uint32_t)(a) << 23) | \ + ((uint32_t)(b) << 8) | \ + (uint32_t)(c)) + + +uint32_t F(zuc_key_t *key) { - return (X ^ ROT(X, 2) ^ ROT(X, 10) ^ ROT(X, 18) ^ ROT(X, 24)); -} + uint32_t W, W1, W2, u, v; -/* L2 */ -u32 L2(u32 X) -{ - return (X ^ ROT(X, 8) ^ ROT(X, 14) ^ ROT(X, 22) ^ ROT(X, 30)); -} - -#define MAKEU32(a, b, c, d) \ - (((u32)(a) << 24) | ((u32)(b) << 16) | ((u32)(c) << 8) | ((u32)(d))) - -/* F */ -u32 F() -{ - u32 W, W1, W2, u, v; - W = (BRC_X0 ^ F_R1) + F_R2; - W1 = F_R1 + BRC_X1; - W2 = F_R2 ^ BRC_X2; + W = (key->brc_x[0] ^ key->f_r[1]) + key->f_r[2]; + W1 = key->f_r[1] + key->brc_x[1]; + W2 = key->f_r[2] ^ key->brc_x[2]; u = L1((W1 << 16) | (W2 >> 16)); v = L2((W2 << 16) | (W1 >> 16)); - F_R1 = MAKEU32(S0[u >> 24], S1[(u >> 16) & 0xFF], - S0[(u >> 8) & 0xFF], S1[u & 0xFF]); - F_R2 = MAKEU32(S0[v >> 24], S1[(v >> 16) & 0xFF], - S0[(v >> 8) & 0xFF], S1[v & 0xFF]); + + key->f_r[1] = MAKEU32( + S0[u >> 24], + S1[(u >> 16) & 0xFF], + S0[(u >> 8) & 0xFF], + S1[u & 0xFF]); + + key->f_r[2] = MAKEU32( + S0[v >> 24], + S1[(v >> 16) & 0xFF], + S0[(v >> 8) & 0xFF], + S1[v & 0xFF]); + return W; } -#define MAKEU31(a, b, c) (((u32)(a) << 23) | ((u32)(b) << 8) | (u32)(c)) - -/* initialize */ -void Initialization(u8* k, u8* iv) +void zuc_set_key(zuc_key_t *key, const unsigned char *user_key, const unsigned char *iv) { - u32 w, nCount; + uint32_t w; - /* expand key */ - key->lfsr_state[0 = MAKEU31(k[0], EK_d[0], iv[0]); - key->lfsr_state[1 = MAKEU31(k[1], EK_d[1], iv[1]); - key->lfsr_state[2 = MAKEU31(k[2], EK_d[2], iv[2]); - key->lfsr_state[3 = MAKEU31(k[3], EK_d[3], iv[3]); - key->lfsr_state[4 = MAKEU31(k[4], EK_d[4], iv[4]); - key->lfsr_state[5 = MAKEU31(k[5], EK_d[5], iv[5]); - key->lfsr_state[6 = MAKEU31(k[6], EK_d[6], iv[6]); - key->lfsr_state[7 = MAKEU31(k[7], EK_d[7], iv[7]); - key->lfsr_state[8 = MAKEU31(k[8], EK_d[8], iv[8]); - key->lfsr_state[9 = MAKEU31(k[9], EK_d[9], iv[9]); - key->lfsr_state[10 = MAKEU31(k[10], EK_d[10], iv[10]); - key->lfsr_state[11 = MAKEU31(k[11], EK_d[11], iv[11]); - key->lfsr_state[12 = MAKEU31(k[12], EK_d[12], iv[12]); - key->lfsr_state[13 = MAKEU31(k[13], EK_d[13], iv[13]); - key->lfsr_state[14 = MAKEU31(k[14], EK_d[14], iv[14]); - key->lfsr_state[15 = MAKEU31(k[15], EK_d[15], iv[15]); + for (i = 0; i < 16; i++) { + key->lfsr_s[i] = MAKEU31(user_key[i], EK_d[i], iv[i]); + } - /* set F_R1 and F_R2 to zero */ - F_R1 = 0; - F_R2 = 0; - nCount = 32; - while (nCount > 0) - { - BitReorganization(); - w = F(); - LFSRWithInitialisationMode(w >> 1); - nCount --; + key->f_r[1] = 0; + key->f_r[2] = 0; + + for (i = 0; i < 32; i++) { + zuc_bit_reorganization(key); + w = F(key); + zuc_lfsr_init(w >> 1); + } + +} + +void zuc_generate_keystream(zuc_key_t *key, size_t num, uint32_t *keystream) +{ + size_t i; + + zuc_bit_reorg(key); + (void)F(key); + zuc_lfsr_work(key); + + for (i = 0; i < num; i ++) { + zuc_bit_reorg(key); + keystream[i] = F(key) ^ key->brc_x[3]; + zuc_lfsr_work(key); } } -void GenerateKeystream(u32* pKeystream, int KeystreamLen) +void ZUC(const unsigned char *key, const unsigned char *iv, uint32_t *keystream, int num) { - int i; - - { - BitReorganization(); - F(); /* discard the output of F */ - LFSRWithWorkMode(); - } - - for (i = 0; i < KeystreamLen; i ++) - { - BitReorganization(); - pKeystream[i] = F() ^ BRC_X3; - LFSRWithWorkMode(); - } -} - -/* The ZUC algorithm, see ref. [3]*/ -void ZUC(u8* k, u8* iv, u32* ks, int len) -{ - /* The initialization of ZUC, see page 17 of ref. [3]*/ - Initialization(k, iv); - /* The procedure of generating keystream of ZUC, see page 18 of ref. [3]*/ - GenerateKeystream(ks, len); -} - -void EEA3(u8* CK, u32 COUNT, u32 BEARER, u32 DIRECTION, u32 LENGTH, u32* M, u32* C) -{ - u32 *z, L, i; - u8 IV[16]; - - L = (LENGTH+31)/32; - z = (u32 *) malloc(L*sizeof(u32)); - IV[0] = (COUNT>>24) & 0xFF; - IV[1] = (COUNT>>16) & 0xFF; - IV[2] = (COUNT>>8) & 0xFF; - IV[3] = COUNT & 0xFF; - - IV[4] = ((BEARER << 3) | ((DIRECTION&1)<<2)) & 0xFC; - IV[5] = 0; - IV[6] = 0; - IV[7] = 0; - - IV[8] = IV[0]; - IV[9] = IV[1]; - IV[10] = IV[2]; - IV[11] = IV[3]; - - IV[12] = IV[4]; - IV[13] = IV[5]; - IV[14] = IV[6]; - IV[15] = IV[7]; - - ZUC(CK, IV, z, L); - for (i=0; i>(32-ti)); - } - return WORD; -} - -u8 GET_BIT(u32 * DATA, u32 i) -{ - return (DATA[i/32] & (1<<(31-(i%32)))) ? 1 : 0; -} - -void EIA3(u8* IK, u32 COUNT, u32 DIRECTION, u32 BEARER, u32 LENGTH, u32* M, u32* MAC) -{ - u32 *z, N, L, T, i; - u8 IV[16]; - - IV[0] = (COUNT>>24) & 0xFF; - IV[1] = (COUNT>>16) & 0xFF; - IV[2] = (COUNT>>8) & 0xFF; - IV[3] = COUNT & 0xFF; - - IV[4] = (BEARER << 3) & 0xF8; - IV[5] = IV[6] = IV[7] = 0; - - IV[8] = ((COUNT>>24) & 0xFF) ^ ((DIRECTION&1)<<7); - IV[9] = (COUNT>>16) & 0xFF; - IV[10] = (COUNT>>8) & 0xFF; - IV[11] = COUNT & 0xFF; - - IV[12] = IV[4]; - IV[13] = IV[5]; - IV[14] = IV[6] ^ ((DIRECTION&1)<<7); - IV[15] = IV[7]; - - N = LENGTH + 64; - L = (N + 31) / 32; - z = (u32 *) malloc(L*sizeof(u32)); - ZUC(IK, IV, z, L); - - T = 0; - for (i = 0; i < LENGTH; i++) { - if (GET_BIT(M,i)) { - T ^= GET_WORD(z,i); - } - } - T ^= GET_WORD(z,LENGTH); - - *MAC = T ^ z[L-1]; - free(z); -} - diff --git a/engines/asm/e_gmi-x86.pl b/engines/asm/e_gmi-x86.pl new file mode 100755 index 00000000..674eceb6 --- /dev/null +++ b/engines/asm/e_gmi-x86.pl @@ -0,0 +1,236 @@ +#!/usr/bin/env perl + +# ==================================================================== +# Written by Yun Shen and +# Kai Li , and refer to the code +# written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# ==================================================================== +# Copyright 2016 Shanghai Zhaoxin Semiconductor Co., Ltd. ALL RIGHTS RESERVED. +# ==================================================================== + + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../crypto/perlasm"); +require "x86asm.pl"; + +&asm_init($ARGV[0],$0); + +%PADLOCK_PREFETCH=(ecb=>128, cbc=>64); # prefetch errata +$PADLOCK_CHUNK=512; # Must be a power of 2 larger than 16 + +$ctx="edx"; +$out="edi"; +$inp="esi"; +$len="ecx"; +$chunk="ebx"; + + +&function_begin_B("zx_gmi_capability"); + &push ("ebx"); + &pushf (); + &pop ("eax"); + &mov ("ecx","eax"); + &xor ("eax",1<<21); + &push ("eax"); + &popf (); + &pushf (); + &pop ("eax"); + &xor ("ecx","eax"); + &xor ("eax","eax"); + &bt ("ecx",21); + &jnc (&label("zx_noluck")); + &cpuid (); + &xor ("eax","eax"); + &cmp ("ebx","0x".unpack("H*",'hS ')); + &jne (&label("zx_noluck")); + &cmp ("edx","0x".unpack("H*",'hgna')); + &jne (&label("zx_noluck")); + &cmp ("ecx","0x".unpack("H*",' ia')); + &jne (&label("zx_noluck")); + &mov ("eax",0xC0000000); + &cpuid (); + &mov ("edx","eax"); + &xor ("eax","eax"); + &cmp ("edx",0xC0000001); + &jb (&label("zx_noluck")); + &mov ("eax",1); + &cpuid (); + &or ("eax",0x0f); + &xor ("ebx","ebx"); + &and ("eax",0x0fff); + &cmp ("eax",0x06ff); # check for Nano + &sete ("bl"); + &mov ("eax",0xC0000001); + &push ("ebx"); + &cpuid (); + &pop ("ebx"); + &mov ("eax","edx"); + &shl ("ebx",4); # bit#4 denotes Nano + &and ("eax",0xffffffef); + &or ("eax","ebx") +&set_label("zx_noluck"); + &pop ("ebx"); + &ret (); +&function_end_B("zx_gmi_capability") + +&function_begin_B("gmi_reload_key"); + &pushf (); + &popf (); + &ret (); +&function_end_B("gmi_reload_key"); + +&function_begin_B("gmi_xstore"); + &push ("edi"); + &mov ("edi",&wparam(0)); + &mov ("edx",&wparam(1)); + &data_byte(0x0f,0xa7,0xc0); # xstore + &pop ("edi"); + &ret (); +&function_end_B("gmi_xstore"); + +&function_begin_B("_win32_segv_handler"); + &mov ("eax",1); # ExceptionContinueSearch + &mov ("edx",&wparam(0)); # *ExceptionRecord + &mov ("ecx",&wparam(2)); # *ContextRecord + &cmp (&DWP(0,"edx"),0xC0000005) # ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION + &jne (&label("ret")); + &add (&DWP(184,"ecx"),4); # skip over rep sha* + &mov ("eax",0); # ExceptionContinueExecution +&set_label("ret"); + &ret (); +&function_end_B("_win32_segv_handler"); +&safeseh("_win32_segv_handler") if ($::win32); + + +&function_begin_B("gmi_sm3_oneshot"); + &push ("ebx"); + &push ("edi"); + &push ("esi"); + &xor ("eax","eax"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + if ($::win32 or $::coff) { + &push (&::islabel("_win32_segv_handler")); + &data_byte(0x64,0xff,0x30); # push %fs:(%eax) + &data_byte(0x64,0x89,0x20); # mov %esp,%fs:(%eax) + } + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &movups ("xmm1",&QWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &movaps (&QWP(16,"esp"),"xmm1"); + &mov ("ebx", 0x20); + &xor ("eax","eax"); + &data_byte(0xf3,0x0f,0xa6,0xe8); # gm5 ccs_hash + &movaps ("xmm0",&QWP(0,"esp")); + &movaps ("xmm1",&QWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + if ($::win32 or $::coff) { + &data_byte(0x64,0x8f,0x05,0,0,0,0); # pop %fs:0 + &lea ("esp",&DWP(4,"esp")); + } + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &movups (&QWP(16,"edi"),"xmm1"); + &pop ("esi"); + &pop ("edi"); + &pop ("ebx"); + &ret (); +&function_end_B("gmi_sm3_oneshot"); + +&function_begin_B("gmi_sm3_blocks"); + &push ("ebx"); + &push ("edi"); + &push ("esi"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &movups ("xmm1",&QWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &movaps (&QWP(16,"esp"),"xmm1"); + &mov ("ebx", 0x20); + &mov ("eax",-1); + &data_byte(0xf3,0x0f,0xa6,0xe8); # gm5 ccs_hash + &movaps ("xmm0",&QWP(0,"esp")); + &movaps ("xmm1",&QWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &movups (&QWP(16,"edi"),"xmm1"); + &pop ("esi"); + &pop ("edi"); + &pop ("ebx"); + &ret (); +&function_end_B("gmi_sm3_blocks"); + + +&function_begin_B("gmi_sm4_encrypt"); + + &push ("ebx"); + &push ("edi"); + &push ("esi"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("edx",&wparam(2)); + &mov ("ecx",&wparam(3)); + + + &lea ("ebx",&DWP(32,"edx")); + &shr ("ecx", 4); + &mov ("eax",&DWP(16,"edx")); + + &data_byte(0xf3,0x0f,0xa7,0xf0); # gx6 ccs_encrypt + + &pop ("esi"); + &pop ("edi"); + &pop ("ebx"); + &ret (); +&function_end_B("gmi_sm4_encrypt"); + +&function_begin_B("gmi_sm4_ecb_enc"); + + &push ("ebx"); + &push ("edi"); + &push ("esi"); + &mov ("esi",&wparam(0)); + &mov ("edi",&wparam(1)); + &mov ("ebx",&wparam(2)); + + &mov ("ecx", 1); + &mov ("eax", 0x60); + + &data_byte(0xf3,0x0f,0xa7,0xf0); # gx6 ccs_encrypt + + &pop ("esi"); + &pop ("edi"); + &pop ("ebx"); + &ret (); +&function_end_B("gmi_sm4_ecb_enc"); + + +&asciz ("ZX GMI x86 module"); +&align (16); + +&dataseg(); +# Essentially this variable belongs in thread local storage. +# Having this variable global on the other hand can only cause +# few bogus key reloads [if any at all on signle-CPU system], +# so we accept the penalty... +&set_label("gmi_saved_context",4); +&data_word(0); + +&asm_finish(); diff --git a/engines/asm/e_gmi-x86_64.pl b/engines/asm/e_gmi-x86_64.pl new file mode 100755 index 00000000..aac6b18a --- /dev/null +++ b/engines/asm/e_gmi-x86_64.pl @@ -0,0 +1,208 @@ +#!/usr/bin/env perl + +# ==================================================================== +# Written by Yun Shen and +# Kai Li , and refer to the code +# written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# ==================================================================== +# Copyright 2016 Shanghai Zhaoxin Semiconductor Co., Ltd. ALL RIGHTS RESERVED. +# ==================================================================== + +# May 2016 +# +# Assembler helpers for Padlock engine. See even e_gmi-x86.pl for +# details. + +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } + +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or +( $xlate="${dir}../../crypto/perlasm/x86_64-xlate.pl" and -f $xlate) or +die "can't locate x86_64-xlate.pl"; + +open OUT,"| \"$^X\" $xlate $flavour $output"; +*STDOUT=*OUT; + +$code=".text\n"; + +%PADLOCK_PREFETCH=(ecb=>128, cbc=>64, ctr32=>32); # prefetch errata +$PADLOCK_CHUNK=512; # Must be a power of 2 between 32 and 2^20 + +$ctx="%rdx"; +$out="%rdi"; +$inp="%rsi"; +$len="%rcx"; +$chunk="%rbx"; + +($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order + ("%rdi","%rsi","%rdx","%rcx"); # Unix order + +$code.=<<___; + +.globl zx_gmi_capability +.type zx_gmi_capability,\@abi-omnipotent +.align 16 +zx_gmi_capability: + mov %rbx,%r8 + xor %eax,%eax + cpuid + xor %eax,%eax + cmp \$`"0x".unpack("H*",'hS ')`,%ebx + jne .zx_Lnoluck + cmp \$`"0x".unpack("H*",'hgna')`,%edx + jne .zx_Lnoluck + cmp \$`"0x".unpack("H*",' ia')`,%ecx + jne .zx_Lnoluck + mov \$0xC0000000,%eax + cpuid + mov %eax,%edx + xor %eax,%eax + cmp \$0xC0000001,%edx + jb .zx_Lnoluck + mov \$0xC0000001,%eax + cpuid + mov %edx,%eax + and \$0xffffffef,%eax + or \$0x10,%eax # set Nano bit#4 +.zx_Lnoluck: + mov %r8,%rbx + ret +.size zx_gmi_capability,.-zx_gmi_capability + +.globl gmi_reload_key +.type gmi_reload_key,\@abi-omnipotent +.align 16 +gmi_reload_key: + pushf + popf + ret +.size gmi_reload_key,.-gmi_reload_key + +.globl gmi_sm3_oneshot +.type gmi_sm3_oneshot,\@function,3 +.align 16 +gmi_sm3_oneshot: + mov %rbx, %r11 # save rbx + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + movups 16(%rdi),%xmm1 + movaps %xmm0,(%rsp) + mov %rsp,%rdi + movaps %xmm1,16(%rsp) + mov \$0x20, %rbx + xor %rax,%rax + .byte 0xf3,0x0f,0xa6,0xe8 # gm5 ccs_hash + movaps (%rsp),%xmm0 + movaps 16(%rsp),%xmm1 + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + movups %xmm1,16(%rdx) + mov %r11, %rbx #restore rbx + ret +.size gmi_sm3_oneshot,.-gmi_sm3_oneshot + +.globl gmi_sm3_blocks +.type gmi_sm3_blocks,\@function,3 +.align 16 +gmi_sm3_blocks: + mov %rbx, %r11 # save rbx + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + movups 16(%rdi),%xmm1 + movaps %xmm0,(%rsp) + mov %rsp,%rdi + movaps %xmm1,16(%rsp) + mov \$0x20, %rbx + mov \$-1,%rax + .byte 0xf3,0x0f,0xa6,0xe8 # gm5 ccs_hash + movaps (%rsp),%xmm0 + movaps 16(%rsp),%xmm1 + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + movups %xmm1,16(%rdx) + mov %r11, %rbx #restore rbx + ret +.size gmi_sm3_blocks,.-gmi_sm3_blocks + + + +.globl gmi_sm4_encrypt +.type gmi_sm4_encrypt,\@function,4 +.align 16 +gmi_sm4_encrypt: + + push %rbp + push %rbx # save rbx + push %rdi + push %rsi + + + lea 32(%rdx), %rbx + shr \$0x04, %rcx + mov 16(%rdx), %rax + + .byte 0xf3,0x0f,0xa7,0xf0 # gx6 ccs_encrypt + + pop %rsi + pop %rdi + pop %rbx #restore rbx + pop %rbp + ret +.size gmi_sm4_encrypt,.-gmi_sm4_encrypt + +.globl gmi_sm4_ecb_enc +.type gmi_sm4_ecb_enc,\@function,3 +.align 16 +gmi_sm4_ecb_enc: + + push %rbp + push %rbx # save rbx + push %rdi + push %rsi + + mov %rsi, %rax + mov %rdi, %rsi + mov %rax, %rdi + + mov %rdx, %rbx + mov \$1, %rcx + mov \$0x60, %rax + + .byte 0xf3,0x0f,0xa7,0xf0 # gx6 ccs_encrypt + + pop %rsi + pop %rdi + pop %rbx #restore rbx + pop %rbp + ret +.size gmi_sm4_ecb_enc,.-gmi_sm4_ecb_enc + + +___ + +$code.=<<___; +.asciz "ZX GMI x86_64 module" +.align 16 +.data +.align 8 +.Lgmi_saved_context: + .quad 0 +___ +$code =~ s/\`([^\`]*)\`/eval($1)/gem; + +print $code; + +close STDOUT; diff --git a/engines/build.info b/engines/build.info index 1c47e770..a6ef213a 100644 --- a/engines/build.info +++ b/engines/build.info @@ -6,6 +6,9 @@ IF[{- !$disabled{"engine"} -}] IF[{- !$disabled{capieng} -}] SOURCE[../libcrypto]=e_capi.c ENDIF + IF[{- !$disabled{gmieng} -}] + SOURCE[../libcrypto]=e_gmi.c {- $target{gmi_asm_src} -} + ENDIF ELSE ENGINES=padlock SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -} @@ -17,8 +20,14 @@ IF[{- !$disabled{"engine"} -}] DEPEND[capi]=../libcrypto INCLUDE[capi]=../include ENDIF + IF[{- !$disabled{gmieng} -}] + ENGINES=gmi + SOURCE[gmi]=e_gmi.c {- $target{gmi_asm_src} -} + DEPEND[gmi]=../libcrypto + INCLUDE[gmi]=../include + ENDIF - ENGINES_NO_INST=ossltest dasync + ENGINES_NO_INST=ossltest SOURCE[dasync]=e_dasync.c DEPEND[dasync]=../libcrypto INCLUDE[dasync]=../include @@ -29,4 +38,8 @@ IF[{- !$disabled{"engine"} -}] GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR) GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) + IF[{- !$disabled{gmieng} -}] + GENERATE[e_gmi-x86.s]=asm/e_gmi-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR) + GENERATE[e_gmi-x86_64.s]=asm/e_gmi-x86_64.pl $(PERLASM_SCHEME) + ENDIF ENDIF diff --git a/engines/e_avx2.c b/engines/e_avx2.c deleted file mode 100644 index 6d5403c4..00000000 --- a/engines/e_avx2.c +++ /dev/null @@ -1,299 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include - -#if (defined(__x86_64) || defined(__x86_64__)) && defined(OPENSSL_CPUID_OBJ) -#endif - -static const char *avx2_id = "avx2"; -static const char *avx2_name = "ENGINE with Intel AVX2 Intructions"; - -#define SDF_CMD_CPUID ENGINE_CMD_BASE - -static const ENGINE_CMD_DEFN avx2_cmd_defns[] = { - {SDF_CMD_CPUID, - "CPUID", - "Show CPUID", - ENGINE_CMD_FLAG_NO_INPUT}, - {0, NULL, NULL, 0}, -}; - -static int avx2_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - switch (cmd) { - case SDF_CMD_CPUID: - printf("not implemented\n"); - break; - default: - printf("unknown cmd\n"); - return 0; - } - - return 1; -} - -static int avx2_cipher_nids[] = {NID_sms4_ecb, NID_sms4_ctr, 0}; -static int avx2_num_ciphers = OSSL_NELEM(avx2_cipher_nids) - 1; - -static EVP_CIPHER *avx2_sms4_ecb = NULL; -static EVP_CIPHER *avx2_sms4_ctr = NULL; - -static int avx2_sms4_ecb_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - if (enc) - sms4_avx2_encrypt_init(ctx->data, key); - else - sms4_avx2_decrypt_init(ctx->data, key); - - return 1; -} - -static int avx2_sms4_ecb_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inlen) -{ - while (inlen >= 8 * 16) { - sms4_avx2_encrypt_8blocks(ctx, out, in); - inlen -= 8 * 16; - } - - return 1; -} - -static int avx2_sms4_ecb_cleanup(EVP_CIPHER_CTX *ctx) -{ - memset(ctx->data, 0, sizeof(sms4_avx2_key)); - return 1; -} - -static const EVP_CIPHER *avx2_get_sms4_ecb(void) -{ - EVP_CIPHER *ret = NULL; - - if (avx2_sms4_ecb) { - return avx2_sms4_ecb; - } - - if (!(ret = EVP_CIPHER_meth_new(NID_sms4_ecb, 16, 16)) - || !EVP_CIPHER_meth_set_iv_length(ret, 0) - || !EVP_CIPHER_meth_set_flags(ret, EVP_CIPH_ECB_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1) - || !EVP_CIPHER_meth_set_impl_ctx_size(ret, sizeof(struct sms4_cipher_ctx)) - || !EVP_CIPHER_meth_set_init(ret, avx2_sms4_ecb_init) - || !EVP_CIPHER_meth_set_do_cipher(ret, avx2_sms4_ecb_do_cipher) - || !EVP_CIPHER_meth_set_cleanup(ret, avx2_sms4_ecb_cleanup)) { - EVP_CIPHER_meth_free(ret); - return NULL; - } - - avx2_sms4_ecb = ret; - return ret; -} - -static int avx2_sms4_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - printf(" %s\n", __FUNCTION__); - return 1; -} - -static int avx2_sms4_ctr_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inlen) -{ - printf(" %s\n", __FUNCTION__); - memcpy(out, in, inlen); - return 1; -} - -static int avx2_sms4_ctr_cleanup(EVP_CIPHER_CTX *ctx) -{ - printf(" %s\n", __FUNCTION__); - return 1; -} - -static const EVP_CIPHER *avx2_get_sms4_ctr(void) -{ - EVP_CIPHER *ret = NULL; - - if (avx2_sms4_ctr) { - return avx2_sms4_ctr; - } - - if (!(ret = EVP_CIPHER_meth_new(NID_sms4_ctr, 16, 16)) - || !EVP_CIPHER_meth_set_iv_length(ret, 16) - || !EVP_CIPHER_meth_set_flags(ret, EVP_CIPH_CTR_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1) - || !EVP_CIPHER_meth_set_impl_ctx_size(ret, sizeof(struct sms4_cipher_ctx)) - || !EVP_CIPHER_meth_set_init(ret, avx2_sms4_ctr_init) - || !EVP_CIPHER_meth_set_do_cipher(ret, avx2_sms4_ctr_do_cipher) - || !EVP_CIPHER_meth_set_cleanup(ret, avx2_sms4_ctr_cleanup)) { - EVP_CIPHER_meth_free(ret); - return NULL; - } - - avx2_sms4_ctr = ret; - return ret; -} - -static int avx2_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) -{ - if (!cipher) { - *nids = avx2_cipher_nids; - return avx2_num_ciphers; - } - - switch (nid) { - case NID_sms4_ecb: - *cipher = avx2_get_sms4_ecb(); - return 1; - case NID_sms4_ctr: - *cipher = avx2_get_sms4_ctr(); - return 1; - } - - return 0; -} - -static void avx2_destroy_ciphers(void) -{ - EVP_CIPHER_meth_free(avx2_sms4_ecb); - EVP_CIPHER_meth_free(avx2_sms4_ctr); - avx2_sms4_ecb = NULL; - avx2_sms4_ctr = NULL; -} - -static int avx2_destroy(ENGINE *e) -{ - avx2_destroy_ciphers(); - return 1; -} - -static int avx2_init(ENGINE *e) -{ - return 1; -} - -static int avx2_finish(ENGINE *e) -{ - return 1; -} - -static int bind_avx2(ENGINE *e) -{ - if (!ENGINE_set_id(e, avx2_id) - || !ENGINE_set_name(e, avx2_name) - || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) - || !ENGINE_set_cmd_defns(e, avx2_cmd_defns) - || !ENGINE_set_ctrl_function(e, avx2_ctrl) - || !ENGINE_set_init_function(e, avx2_init) - || !ENGINE_set_finish_function(e, avx2_finish) - || !ENGINE_set_destroy_function(e, avx2_destroy) - || !ENGINE_set_ciphers(e, avx2_ciphers)) { - return 0; - } - - if (!(avx2_sms4_ecb = avx2_get_sms4_ecb()) - || !(avx2_sms4_ctr = avx2_get_sms4_ctr())) { - return 0; - } - - return 1; -} - -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_helper(ENGINE *e, const char *id) -{ - if (id && strcmp(id, avx2_id) != 0) { - return 0; - } - if (!bind_avx2(e)) { - return 0; - } - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) - -#else - -static ENGINE *engine_avx2(void) -{ - ENGINE *ret = NULL; - if (!(ret = ENGINE_new())) { - return NULL; - } - if (!bind_avx2(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void engine_load_avx2_int(void) -{ - extern unsigned int OPENSSL_ia32cap_P[]; - - if (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) { - ENGINE *toadd = ENGINE_rdrand(); - ENGINE *eng = NULL; - if (!(eng = engine_avx2())) { - return; - } - ENGINE_add(eng); - ENGINE_free(eng); - ERR_clear_error(); - } -} - -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ diff --git a/engines/e_dasync.d.tmp b/engines/e_dasync.d.tmp new file mode 100644 index 00000000..3536d1b0 --- /dev/null +++ b/engines/e_dasync.d.tmp @@ -0,0 +1,21 @@ +engines/e_dasync.o: engines/e_dasync.c include/openssl/engine.h \ + include/openssl/opensslconf.h include/openssl/bn.h \ + include/openssl/e_os2.h include/openssl/ossl_typ.h \ + include/openssl/crypto.h include/openssl/stack.h \ + include/openssl/safestack.h include/openssl/opensslv.h \ + include/openssl/symhacks.h include/openssl/bytestring.h \ + include/openssl/base.h include/openssl/is_boringssl.h \ + include/openssl/rsa.h include/openssl/dsa.h include/openssl/bio.h \ + include/openssl/dh.h include/openssl/asn1.h include/openssl/ec.h \ + include/openssl/rand.h include/openssl/ui.h include/openssl/err.h \ + include/openssl/lhash.h include/openssl/x509.h \ + include/openssl/buffer.h include/openssl/evp.h \ + include/openssl/objects.h include/openssl/obj_mac.h \ + include/openssl/paillier.h include/openssl/sha.h \ + include/openssl/x509_vfy.h include/openssl/pkcs7.h \ + include/openssl/aes.h include/openssl/async.h include/openssl/ssl.h \ + include/openssl/comp.h include/openssl/pem.h include/openssl/pem2.h \ + include/openssl/hmac.h include/openssl/ct.h include/openssl/ssl2.h \ + include/openssl/ssl3.h include/openssl/tls1.h include/openssl/dtls1.h \ + include/openssl/srtp.h include/openssl/gmtls.h include/openssl/modes.h \ + engines/e_dasync_err.c engines/e_dasync_err.h diff --git a/engines/e_gmi.c b/engines/e_gmi.c new file mode 100644 index 00000000..474914e2 --- /dev/null +++ b/engines/e_gmi.c @@ -0,0 +1,775 @@ +/* + * Support for ZHAOXIN GMI (GuoMi Instruction) + * Written by Yun Shen (yunshen@via-alliance.com) and + * Kai Li + */ + +/* ==================================================================== + * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + /* ==================================================================== + * Copyright 2016 Shanghai Zhaoxin Semiconductor Co., Ltd. ALL RIGHTS RESERVED. + */ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../crypto/evp/evp_locl.h" + +/* gmi sm3 header */ +# define SM3_LONG unsigned int + +# define SM3_LBLOCK 16 +# define SM3_CBLOCK (SM3_LBLOCK*4)/* SHA treats input data as a + * contiguous array of 32 bit wide + * big-endian values. */ +# define SM3_LAST_BLOCK (SM3_CBLOCK-8) +# define SM3_DIGEST_LENGTH 32 + +typedef struct SM3state_st { + SM3_LONG h[8]; + SM3_LONG Nl, Nh; + SM3_LONG data[SM3_LBLOCK]; + unsigned int num, md_len; +} SM3_CTX; + +/* gmi sm4 header */ +# define SM4_ENCRYPT 1 +# define SM4_DECRYPT 0 + +/* + * Because array size can't be a const in C, the following two are macros. + * Both sizes are in bytes. + */ +#define SM4_BLOCK_SIZE 16 + +#define SM4_KEY_SIZE 16 + +/* This should be a hidden type, but EVP requires that the size be known */ +struct sm4_key_st { +# ifdef SM4_LONG + unsigned long rd_key[32]; +# else + unsigned int rd_key[32]; +# endif +}; +typedef struct sm4_key_st SM4_KEY; + + +#define NID_sm3WithRSAEncryption NID_sm3 +#define NID_sm4_ecb NID_sms4_ecb +#define NID_sm4_cbc NID_sms4_cbc +#define NID_sm4_cfb NID_sms4_cfb8 +#define NID_sm4_ofb NID_sms4_ofb128 +#define NID_sm4_ctr NID_sms4_ctr + + +#include "../crypto/include/internal/evp_int.h" + +#ifndef OPENSSL_NO_HW +# ifndef OPENSSL_NO_HW_GMI + +/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */ +# if (OPENSSL_VERSION_NUMBER >= 0x00908000L) +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define DYNAMIC_ENGINE +# endif +# elif (OPENSSL_VERSION_NUMBER >= 0x00907000L) +# ifdef ENGINE_DYNAMIC_SUPPORT +# define DYNAMIC_ENGINE +# endif +# else +# error "Only OpenSSL >= 0.9.7 is supported" +# endif + +/* + * ZHAOXIN GMI is available *ONLY* on some x86 CPUs. Not only that it + * doesn't exist elsewhere, but it even can't be compiled on other platforms! + */ + +# undef COMPILE_HW_GMI +# if !defined(I386_ONLY) && !defined(OPENSSL_NO_ASM) +# if defined(__i386__) || defined(__i386) || \ + defined(__x86_64__) || defined(__x86_64) || \ + defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \ + defined(__INTEL__) +# define COMPILE_HW_GMI +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +static ENGINE *ENGINE_gmi(void); +# endif +# endif +# endif + +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +void engine_load_gmi_int(void); +void engine_load_gmi_int(void) +{ +/* On non-x86 CPUs it just returns. */ +# ifdef COMPILE_HW_GMI + ENGINE *toadd = ENGINE_gmi(); + if (!toadd) + return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); +# endif +} + +# endif + +# ifdef COMPILE_HW_GMI + +/* Function for ENGINE detection and control */ +static int gmi_available(void); +static int gmi_init(ENGINE *e); + + +/* Cipher Stuff */ +static int gmi_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); + +static int gmi_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); + +/* Engine names */ +static const char *gmi_id = "gmi"; +static char gmi_name[100]; + +/* Available features */ +static int gmi_use_ccs = 0; /* CCS */ + +/* ===== Engine "management" functions ===== */ + +/* Prepare the ENGINE structure for registration */ +static int gmi_bind_helper(ENGINE *e) +{ + /* Check available features */ + gmi_available(); + + /* Generate a nice engine name with available features */ + BIO_snprintf(gmi_name, sizeof(gmi_name), + "ZX GMI (%s)", + gmi_use_ccs ? "CCS" : "no-CCS"); + + /* Register everything or return with an error */ + if (!ENGINE_set_id(e, gmi_id) || + !ENGINE_set_name(e, gmi_name) || + !ENGINE_set_init_function(e, gmi_init) || + (gmi_use_ccs && !ENGINE_set_ciphers(e, gmi_ciphers)) || + (gmi_use_ccs && !ENGINE_set_digests(e, gmi_digests))) { + + return 0; + } + + /* Everything looks good */ + return 1; +} + +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +/* Constructor */ +static ENGINE *ENGINE_gmi(void) +{ + ENGINE *eng = ENGINE_new(); + + if (eng == NULL) { + return NULL; + } + + if (!gmi_bind_helper(eng)) { + ENGINE_free(eng); + return NULL; + } + + return eng; +} +# endif + +/* Check availability of the engine */ +static int gmi_init(ENGINE *e) +{ + return (gmi_use_ccs); +} + +/* + * This stuff is needed if this ENGINE is being compiled into a + * self-contained shared-library. + */ +# ifdef DYNAMIC_ENGINE +static int gmi_bind_fn(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, gmi_id) != 0)) { + return 0; + } + + if (!gmi_bind_helper(e)) { + return 0; + } + + return 1; +} + +IMPLEMENT_DYNAMIC_CHECK_FN() + IMPLEMENT_DYNAMIC_BIND_FN(gmi_bind_fn) +# endif /* DYNAMIC_ENGINE */ + + +/* ===== Here comes the "real" engine ===== */ + +#define CCS_ENCRYPT_FUNC_SM4 0x10 + +#define CCS_ENCRYPT_MODE_ECB 0x1 +#define CCS_ENCRYPT_MODE_CBC 0x2 +#define CCS_ENCRYPT_MODE_CFB 0x4 +#define CCS_ENCRYPT_MODE_OFB 0x8 +#define CCS_ENCRYPT_MODE_CTR 0x10 +/* + * Here we store the status information relevant to the current context. + */ +/* + * BIG FAT WARNING: Inline assembler in GMI_XCRYPT_ASM() depends on + * the order of items in this structure. Don't blindly modify, reorder, + * etc! + */ +struct gmi_cipher_data { + unsigned char iv[SM4_BLOCK_SIZE]; /* Initialization vector */ + union { + unsigned int pad[4]; + struct { + int encdec:1; + int func:5; + int mode:5; + int digest:1; + } b; + } cword; /* Control word */ + SM4_KEY ks; /* Encryption key */ +}; + +/* Interface to assembler module */ +unsigned int zx_gmi_capability(); +void gmi_sm3_oneshot(void *ctx, const void *inp, size_t len); +void gmi_sm3_blocks(void *ctx, const void *inp, size_t len); +void gmi_reload_key(); +void gmi_verify_context(struct gmi_cipher_data *ctx); + +void gmi_sm4_block(void *out, const void *inp, + struct gmi_cipher_data *ctx); +int gmi_ecb_encrypt(void *out, const void *inp, + struct gmi_cipher_data *ctx, size_t len); +int gmi_cbc_encrypt(void *out, const void *inp, + struct gmi_cipher_data *ctx, size_t len); +int gmi_ctr32_encrypt(void *out, const void *inp, + struct gmi_cipher_data *ctx, size_t len); + +/* + * Load supported features of the CPU to see if the PadLock is available. + */ +static int gmi_available(void) +{ + int zx_gmi_use_ccs = 0; + //unsigned int edx; //original code + unsigned int edx = 0; + + /* Fill up some flags */ + gmi_use_ccs = ((edx & (0x3 << 4)) == (0x3 << 4)); + + edx = zx_gmi_capability(); + zx_gmi_use_ccs = ((edx & (0x3 << 6)) == (0x3 << 6)); + + gmi_use_ccs = gmi_use_ccs | zx_gmi_use_ccs; + + return gmi_use_ccs; +} + +#define SM3_MAKE_STRING(c, s) do { \ + unsigned long ll; \ + unsigned int nn; \ + for (nn=0;nnh[nn]; (void)HOST_l2c(ll,(s)); } \ + \ + } while (0) + +#define HOST_l2c(l,c) ({ unsigned int r=(l); \ + asm ("bswapl %0":"=r"(r):"0"(r)); \ + *((unsigned int *)(c))=r; (c)+=4; r; }) + +static int gmi_sm3_init(EVP_MD_CTX *ctx) +{ + BIO *b = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); + BIO_printf(b, "%s\n", __FUNCTION__); + + SM3_CTX *c = (SM3_CTX *)EVP_MD_CTX_md_data(ctx); + + /* set the IV in Big-Endian */ + c->h[0]=0x6f168073UL; + c->h[1]=0xb9b21449UL; + c->h[2]=0xd7422417UL; + c->h[3]=0x00068adaUL; + c->h[4]=0xbc306fa9UL; + c->h[5]=0xaa383116UL; + c->h[6]=0x4dee8de3UL; + c->h[7]=0x4e0efbb0UL; + + c->md_len = SM3_DIGEST_LENGTH; + + c->num = 0; // + + + + BIO_free(b); + return 1; +} + +static int gmi_sm3_update(EVP_MD_CTX *ctx, const void *data_, size_t len) +{ + + const unsigned char *data = data_; + unsigned char *p; + SM3_LONG l; + size_t n; + SM3_CTX *c = (SM3_CTX *)EVP_MD_CTX_md_data(ctx); + + if (len == 0) + return 1; + + l = (c->Nl + (((SM3_LONG) len) << 3)) & 0xffffffffUL; + + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh += (SM3_LONG) (len >> 29); /* might cause compiler warning on + * 16-bit */ + c->Nl = l; + + n = c->num; + if (n != 0) { + p = (unsigned char *)c->data; + + if (len >= SM3_CBLOCK || len + n >= SM3_CBLOCK) { + memcpy(p + n, data, SM3_CBLOCK - n); + gmi_sm3_blocks(c->h, p, 1); + n = SM3_CBLOCK - n; + data += n; + len -= n; + c->num = 0; + memset(p, 0, SM3_CBLOCK); /* keep it zeroed */ + } else { + memcpy(p + n, data, len); + c->num += (unsigned int)len; + return 1; + } + } + + n = len / SM3_CBLOCK; + if (n > 0) { + gmi_sm3_blocks(c->h, data, n); + n *= SM3_CBLOCK; + data += n; + len -= n; + } + + if (len != 0) { + p = (unsigned char *)c->data; + c->num = (unsigned int)len; + memcpy(p, data, len); +} + + return 1; +} + +static int gmi_sm3_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + + SM3_CTX *c = (SM3_CTX *)EVP_MD_CTX_md_data(ctx); + unsigned char *p = (unsigned char *)c->data; + size_t n = c->num; + + p[n] = 0x80; /* there is always room for one */ + n++; + + if (n > (SM3_CBLOCK - 8)) { + memset(p + n, 0, SM3_CBLOCK - n); + n = 0; + gmi_sm3_blocks(c->h, p, 1); + } + memset(p + n, 0, SM3_CBLOCK - 8 - n); + + p += SM3_CBLOCK - 8; + + (void)HOST_l2c(c->Nh, p); + (void)HOST_l2c(c->Nl, p); + + p -= SM3_CBLOCK; + gmi_sm3_blocks(c->h, p, 1); + + c->num = 0; + memset(p, 0, SM3_CBLOCK); + + memcpy(md, c->h, c->md_len); + + return 1; +} + +/* List of supported ciphers. */ +static const int gmi_digest_nids[] = { + NID_sm3, + 0 +}; + +static const EVP_MD digest_sm3= { + NID_sm3, + NID_sm3WithRSAEncryption, + SM3_DIGEST_LENGTH, + EVP_MD_FLAG_DIGALGID_ABSENT, + gmi_sm3_init, + gmi_sm3_update, + gmi_sm3_final, + NULL, + NULL, + SM3_CBLOCK, + sizeof(EVP_MD *) + sizeof(SM3_CTX), +}; + + +static int gmi_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid) +{ + int ok = 1; + if (!digest) { + /* We are returning a list of supported nids */ + *nids = gmi_digest_nids; + return (sizeof(gmi_digest_nids) - + 1) / sizeof(gmi_digest_nids[0]); + } + /* We are being asked for a specific digest */ + switch (nid) { + case NID_sm3: + *digest = &digest_sm3; + break; + default: + ok = 0; + *digest = NULL; + break; + } + return ok; +} + + +/* ======== GX6 ===================== */ +# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ + ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) +# define ALIGNED_CIPHER_DATA(ctx) ((struct gmi_cipher_data *)\ + NEAREST_ALIGNED(EVP_CIPHER_CTX_get_cipher_data(ctx))) + +/* Prepare the encryption key for PadLock usage */ +static int +gmi_sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + struct gmi_cipher_data *cdata; + unsigned long mode = EVP_CIPHER_CTX_mode(ctx); + + + if (key == NULL) + return 0; /* ERROR */ + + cdata = ALIGNED_CIPHER_DATA(ctx); + memset(cdata, 0, sizeof(*cdata)); + + /* Prepare Control word. */ + if (mode == EVP_CIPH_OFB_MODE || mode == EVP_CIPH_CTR_MODE) + cdata->cword.b.encdec = 0; + else + cdata->cword.b.encdec = (ctx->encrypt == 0); + + cdata->cword.b.func = CCS_ENCRYPT_FUNC_SM4; + cdata->cword.b.mode = 1<<(mode-1);; + cdata->cword.b.digest = 0; + + if(iv != NULL) + { + memcpy(cdata->iv, iv, SM4_BLOCK_SIZE); + } + + memcpy(cdata->ks.rd_key, key, SM4_KEY_SIZE); + + + /* + * This is done to cover for cases when user reuses the + * context for new key. The catch is that if we don't do + * this, gmi_eas_cipher might proceed with old key... + */ + gmi_reload_key(); + + return 1; +} + +void gmi_sm4_encrypt(unsigned char *out, const unsigned char *in, struct gmi_cipher_data *ctx, size_t len); +void gmi_sm4_ecb_enc(unsigned char *in, unsigned char *out, unsigned char *key); + +static int +gmi_sm4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + + gmi_sm4_encrypt(out_arg, in_arg, cdata, nbytes); + + return 1; +} + +static int +gmi_sm4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + + memcpy(cdata->iv, ctx->iv, SM4_BLOCK_SIZE); + + gmi_sm4_encrypt(out_arg, in_arg, cdata, nbytes); + + memcpy(ctx->iv, cdata->iv, SM4_BLOCK_SIZE); + + return 1; +} + +#if 0 +static int +gmi_sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + unsigned int num = ctx->num; + + CRYPTO_ctr128_encrypt(in_arg, out_arg, nbytes, + cdata->ks.rd_key, ctx->iv, ctx->buf, &num, + (block128_f) gmi_sm4_ecb_enc); + + ctx->num = (size_t)num; + return 1; +} +#endif +#if 1 +static int +gmi_sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + unsigned int num = ctx->num; + memcpy(cdata->iv, ctx->iv, SM4_BLOCK_SIZE); + gmi_sm4_encrypt(out_arg, in_arg, cdata, nbytes); + ctx->num = (size_t)num; + return 1; +} +#endif + +static int +gmi_sm4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ +#if 0 + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + CRYPTO_cfb128_encrypt(in_arg, out_arg, nbytes, cdata->ks.rd_key, + ctx->iv, &ctx->num, ctx->encrypt, + (block128_f)gmi_sm4_ecb_enc); +#else + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + + memcpy(cdata->iv, ctx->iv, SM4_BLOCK_SIZE); + + + gmi_sm4_encrypt(out_arg, in_arg, cdata, nbytes); + + memcpy(ctx->iv, cdata->iv, SM4_BLOCK_SIZE); + +#endif + return 1; +} + +static int +gmi_sm4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ +#if 0 + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + CRYPTO_ofb128_encrypt(in_arg, out_arg, nbytes,cdata->ks.rd_key, + ctx->iv, &ctx->num, (block128_f) gmi_sm4_ecb_enc); +#else + struct gmi_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + memcpy(cdata->iv, ctx->iv, SM4_BLOCK_SIZE); + gmi_sm4_encrypt(out_arg, in_arg, cdata, nbytes); + memcpy(ctx->iv, cdata->iv, SM4_BLOCK_SIZE); +#endif + return 1; +} + +#define EVP_SM4_CIPHER_block_size_ECB SM4_BLOCK_SIZE +#define EVP_SM4_CIPHER_block_size_CBC SM4_BLOCK_SIZE +#define EVP_SM4_CIPHER_block_size_OFB 1 +#define EVP_SM4_CIPHER_block_size_CFB 1 +#define EVP_SM4_CIPHER_block_size_CTR 1 +/* + * Declaring so many ciphers by hand would be a pain. Instead introduce a bit + * of preprocessor magic :-) + */ + +# define DECLARE_SM4_EVP(lmode,umode) \ +static EVP_CIPHER *_hidden_sm4_##lmode = NULL; \ +static const EVP_CIPHER *gmi_sm4_##lmode(void) \ +{ \ + if (_hidden_sm4_##lmode == NULL \ + && ((_hidden_sm4_##lmode = \ + EVP_CIPHER_meth_new(NID_sm4_##lmode, \ + EVP_SM4_CIPHER_block_size_##umode, \ + SM4_KEY_SIZE)) == NULL \ + || !EVP_CIPHER_meth_set_iv_length(_hidden_sm4_##lmode, \ + SM4_BLOCK_SIZE) \ + || !EVP_CIPHER_meth_set_flags(_hidden_sm4_##lmode, \ + 0 | EVP_CIPH_##umode##_MODE) \ + || !EVP_CIPHER_meth_set_init(_hidden_sm4_##lmode, \ + gmi_sm4_init_key) \ + || !EVP_CIPHER_meth_set_do_cipher(_hidden_sm4_##lmode, \ + gmi_sm4_##lmode##_cipher) \ + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_sm4_##lmode, \ + sizeof(struct gmi_cipher_data) + 16) \ + || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_sm4_##lmode, \ + EVP_CIPHER_set_asn1_iv) \ + || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_sm4_##lmode, \ + EVP_CIPHER_get_asn1_iv))) { \ + EVP_CIPHER_meth_free(_hidden_sm4_##lmode); \ + _hidden_sm4_##lmode = NULL; \ + } \ + return _hidden_sm4_##lmode; \ +} + +DECLARE_SM4_EVP(ecb, ECB); +DECLARE_SM4_EVP(cbc, CBC); +DECLARE_SM4_EVP(ctr, CTR); +DECLARE_SM4_EVP(cfb, CFB); +DECLARE_SM4_EVP(ofb, OFB); + +/* List of supported ciphers. */ +static const int gmi_cipher_nids[] = { + NID_sm4_ecb, + NID_sm4_cbc, + NID_sm4_cfb, + NID_sm4_ofb, + NID_sm4_ctr, + 0 +}; + + +static int gmi_cipher_nids_num = (sizeof(gmi_cipher_nids) / + sizeof(gmi_cipher_nids[0])); + +static int +gmi_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, + int nid) +{ + /* No specific cipher => return a list of supported nids ... */ + if (!cipher) { + *nids = gmi_cipher_nids; + return gmi_cipher_nids_num; + } + + /* ... or the requested "cipher" otherwise */ + switch (nid) { + case NID_sm4_ecb: + *cipher = gmi_sm4_ecb(); + break; + case NID_sm4_cbc: + *cipher = gmi_sm4_cbc(); + break; + case NID_sm4_cfb: + *cipher = gmi_sm4_cfb(); + break; + case NID_sm4_ofb: + *cipher = gmi_sm4_ofb(); + break; + case NID_sm4_ctr: + *cipher = gmi_sm4_ctr(); + break; + default: + /* Sorry, we don't support this NID */ + *cipher = NULL; + return 0; + } + + return 1; +} + +# endif /* COMPILE_HW_GMI */ +# endif /* !OPENSSL_NO_HW_GMI */ +#endif /* !OPENSSL_NO_HW */ + +#if defined(OPENSSL_NO_HW) || defined(OPENSSL_NO_HW_GMI) \ + || !defined(COMPILE_HW_GMI) +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +OPENSSL_EXPORT + int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); +OPENSSL_EXPORT + int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) +{ + return 0; +} + +IMPLEMENT_DYNAMIC_CHECK_FN() +# endif +#endif diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c index b4c83cb7..5e7e13e2 100644 --- a/engines/e_ossltest.c +++ b/engines/e_ossltest.c @@ -17,12 +17,20 @@ #include #include -#include -#include -#include +#ifndef OPENSSL_NO_SHA +# include +#endif +#ifndef OPENSSL_NO_MD5 +# include +#endif +#ifndef OPENSSL_NO_RSA +# include +#endif #include #include +#ifndef OPENSSL_NO_AES #include +#endif #include #define OSSLTEST_LIB_NAME "OSSLTEST" @@ -226,11 +234,14 @@ static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, const int **, int); static int ossltest_cipher_nids[] = { - NID_aes_128_cbc, 0 +#ifndef OPENSSL_NO_AES + NID_aes_128_cbc, +#endif + 0 }; +#ifndef OPENSSL_NO_AES /* AES128 */ - int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, @@ -258,10 +269,14 @@ static const EVP_CIPHER *ossltest_aes_128_cbc(void) } return _hidden_aes_128_cbc; } +#endif + static void destroy_ciphers(void) { +#ifndef OPENSSL_NO_AES EVP_CIPHER_meth_free(_hidden_aes_128_cbc); _hidden_aes_128_cbc = NULL; +#endif } static int bind_ossltest(ENGINE *e) @@ -386,9 +401,11 @@ static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, } /* We are being asked for a specific cipher */ switch (nid) { +#ifndef OPENSSL_NO_AES case NID_aes_128_cbc: *cipher = ossltest_aes_128_cbc(); break; +#endif default: ok = 0; *cipher = NULL; @@ -537,7 +554,7 @@ static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) /* * AES128 Implementation */ - +#ifndef OPENSSL_NO_AES int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { @@ -566,3 +583,4 @@ int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return ret; } +#endif diff --git a/engines/e_sdf.c b/engines/e_sdf.c deleted file mode 100644 index 8cd67c7e..00000000 --- a/engines/e_sdf.c +++ /dev/null @@ -1,299 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -static const SDF_METHOD *sdf_meth; - -static const char *sdf_id = "sdf"; -static const char *sdf_name = "ENGINE connect to SDF Devices"; - -#define SDF_CMD_SO_PATH ENGINE_CMD_BASE - -static const ENGINE_CMD_DEFN sdf_cmd_defns[] = { - {SDF_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the vendor's SDF shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0}, -}; - -static int sdf_load_library(const char *so_path) -{ - sdf_meth = SDF_METHOD_load_library(so_path); - return 1; -} - -static int sdf_open_device() -{ - int rv; - if ((rv = sdf_meth->OpenDevice(&hDevice)) != SDR_OK) { - ESDFerr(ESDF_F_SDF_OPEN_DEVICE, ESDF_R_OPEN_DEVICE_FAILURE); - fprintf(stderr, "so_path: %s\n", SDF_GetErrorString(rv)); - return 0; - } - if ((rv = sdf_meth->OpenSession(hDevice, &hSession)) != SDR_OK) { - ESDFerr(ESDF_F_SDF_OPEN_DEVICE, ESDF_R_OPEN_SESSION_FAILURE); - fprintf(stderr, "so_path: %s\n", SDF_GetErrorString(rv)); - return 0; - } - - return 1; -} - -static int sdf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - switch (cmd) { - case SDF_CMD_SO_PATH: - so_path = (char *)p; - sdf_load_library(so_path); - break; - default: - printf("unknown cmd\n"); - return 0; - } - return 1; -} - -static int sdf_ec_idx = -1; -static const EC_KEY_METHOD *sdf_ec_method = NULL; - -static ECDSA_SIG *sdf_ec_sign_sig(const unsigned char *dgst, int dgstlen, - const BIGNUM *kinv, const BIGNUM *r, - EC_KEY *ec_key) -{ - unsigned int key_index; - ECCSignature sigbuf; - - rv = sdf_meth->InternalSign_ECC( - hSession, - key_index, - dgst, - dgstlen, - &sigbuf); - - return ret; -} - -const EC_KEY_METHOD *sdf_get_ec_method(void) -{ - EC_KEY_METHOD *ret = NULL; - - if (sdf_ec_method) { - return sdf_ec_method; - } - - if (!(ret = EC_KEY_METHOD_new(EC_KEY_OpenSSL()))) { - return NULL; - } - - EC_KEY_METHOD_set_sign(ret, NULL, NULL, sdf_ec_sign_sig); - - sdf_ec_method = ret; - return ret; -} - -static EVP_PKEY *sdf_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - UI *ui = NULL; - char buf1[256]; - char buf2[256]; - int r; - char *password; - ECCrefPublicKey keybuf; - - ui = UI_new_method(ui_method); - - if ((r = UI_add_input_string(ui, "> ", 0, buf1, 0, sizeof(buf1)-1)) < 0) { - goto end; - } - if (UI_process(ui) < 0) { - } - - password = UI_get0_result(ui, 0); - - - sdf_meth->GetPrivateKeyAccessRight( - hSession, - key_index, - password, - strlen(password)); - - sdf_meth->ExportSignPublicKey_ECC( - hSession, - key_index, - &keybuf); - - ec_key = EC_KEY_new_by_ECCrefPublicKey(&keybuf); - - EVP_PKEY_set0_EC(ret, ec_key); - - return NULL; -} - -static EVP_PKEY *sdf_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - EVP_PKEY *ret = NULL; - int rv; - - unsigned int index; - int is_sign_key; - RSArefPublicKey publicKey; - - parse_key_id(key_id, &index, &is_sign_key); - - rv = SDF_OpenSession(hDevice, &hSession); - - if (is_sign_key) { - rv = SDF_ExportSignPublicKey_RSA(hSession, index, &publicKey); - } else { - rv = SDF_ExportEncPublicKey_RSA(hSession, index, &publicKey); - } - - return NULL; -} - -static int sdf_destroy(ENGINE *e) -{ - return 1; -} - -static void *hDevice = NULL; -static void *hSession = NULL; - -static int sdf_init(ENGINE *e) -{ - sdf_meth = NULL; - return 1; -} - -static int sdf_finish(ENGINE *e) -{ - if (hSession) { - sdf_meth->CloseSession(hSession); - hSession = NULL; - } - - if (hDevice) { - sdf_meth->CloseDevice(hDevice); - } - return 1; -} - -static int bind_sdf(ENGINE *e) -{ - if (!ENGINE_set_id(e, sdf_id) - || !ENGINE_set_name(e, sdf_name) - || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) - || !ENGINE_set_cmd_defns(e, sdf_cmd_defns) - || !ENGINE_set_ctrl_function(e, sdf_ctrl) - || !ENGINE_set_init_function(e, sdf_init) - || !ENGINE_set_finish_function(e, sdf_finish) - || !ENGINE_set_destroy_function(e, sdf_destroy) - || !ENGINE_set_load_privkey_function(e, sdf_load_privkey) - || !ENGINE_set_load_pubkey_function(e, sdf_load_pubkey) - || !ENGINE_set_EC(e, sdf_get_ec_method())) { - return 0; - } - - return 1; -} - -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_helper(ENGINE *e, const char *id) -{ - if (id && strcmp(id, sdf_id) != 0) { - return 0; - } - if (!bind_sdf(e)) { - return 0; - } - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) - -#else - -static ENGINE *engine_sdf(void) -{ - ENGINE *ret = NULL; - if (!(ret = ENGINE_new())) { - return NULL; - } - if (!bind_sdf(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void engine_load_sdf_int(void) -{ - ENGINE *eng = NULL; - if (!(eng = engine_sdf())) { - return; - } - ENGINE_add(eng); - ENGINE_free(eng); - ERR_clear_error(); -} -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ diff --git a/engines/e_sdf.ec b/engines/e_sdf.ec deleted file mode 100644 index a251265a..00000000 --- a/engines/e_sdf.ec +++ /dev/null @@ -1 +0,0 @@ -L ESDF e_sdf_err.h e_sdf_err.c diff --git a/engines/e_sdf_err.c b/engines/e_sdf_err.c deleted file mode 100644 index aa0fbdab..00000000 --- a/engines/e_sdf_err.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include -#include "e_sdf_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA ESDF_str_functs[] = { - {ERR_FUNC(ESDF_F_SDF_OPEN_DEVICE), "sdf_open_device"}, - {ERR_FUNC(ESDF_F_SDF_RAND_BYTES), "sdf_rand_bytes"}, - {0, NULL} -}; - -static ERR_STRING_DATA ESDF_str_reasons[] = { - {ERR_REASON(ESDF_R_OPEN_DEVICE_FAILURE), "open device failure"}, - {ERR_REASON(ESDF_R_OPEN_SESSION_FAILURE), "open session failure"}, - {ERR_REASON(ESDF_R_OPERATION_FAILURE), "operation failure"}, - {0, NULL} -}; - -#endif - -#ifdef ESDF_LIB_NAME -static ERR_STRING_DATA ESDF_lib_name[] = { - {0, ESDF_LIB_NAME}, - {0, NULL} -}; -#endif - -static int ESDF_lib_error_code = 0; -static int ESDF_error_init = 1; - -static int ERR_load_ESDF_strings(void) -{ - if (ESDF_lib_error_code == 0) - ESDF_lib_error_code = ERR_get_next_error_library(); - - if (ESDF_error_init) { - ESDF_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(ESDF_lib_error_code, ESDF_str_functs); - ERR_load_strings(ESDF_lib_error_code, ESDF_str_reasons); -#endif - -#ifdef ESDF_LIB_NAME - ESDF_lib_name->error = ERR_PACK(ESDF_lib_error_code, 0, 0); - ERR_load_strings(0, ESDF_lib_name); -#endif - } - return 1; -} - -static void ERR_unload_ESDF_strings(void) -{ - if (ESDF_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(ESDF_lib_error_code, ESDF_str_functs); - ERR_unload_strings(ESDF_lib_error_code, ESDF_str_reasons); -#endif - -#ifdef ESDF_LIB_NAME - ERR_unload_strings(0, ESDF_lib_name); -#endif - ESDF_error_init = 1; - } -} - -static void ERR_ESDF_error(int function, int reason, char *file, int line) -{ - if (ESDF_lib_error_code == 0) - ESDF_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(ESDF_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_sdf_err.h b/engines/e_sdf_err.h deleted file mode 100644 index 0fbc2908..00000000 --- a/engines/e_sdf_err.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_ESDF_ERR_H -# define HEADER_ESDF_ERR_H - -# ifdef __cplusplus -extern "C" { -# endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -static int ERR_load_ESDF_strings(void); -static void ERR_unload_ESDF_strings(void); -static void ERR_ESDF_error(int function, int reason, char *file, int line); -# define ESDFerr(f,r) ERR_ESDF_error((f),(r),OPENSSL_FILE,OPENSSL_LINE) - -/* Error codes for the ESDF functions. */ - -/* Function codes. */ -# define ESDF_F_SDF_OPEN_DEVICE 100 -# define ESDF_F_SDF_RAND_BYTES 101 - -/* Reason codes. */ -# define ESDF_R_OPEN_DEVICE_FAILURE 100 -# define ESDF_R_OPEN_SESSION_FAILURE 101 -# define ESDF_R_OPERATION_FAILURE 102 - -# ifdef __cplusplus -} -# endif -#endif diff --git a/engines/e_skf.c b/engines/e_skf.c deleted file mode 100644 index 1700be75..00000000 --- a/engines/e_skf.c +++ /dev/null @@ -1,293 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -static const SDF_METHOD *sdf_meth; - -static const char *sdf_id = "sdf"; -static const char *sdf_name = "ENGINE connect to SDF Devices"; - -#define SDF_CMD_SO_PATH ENGINE_CMD_BASE - -static const ENGINE_CMD_DEFN sdf_cmd_defns[] = { - {SDF_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the vendor's SDF shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0}, -}; - -static int sdf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - switch (cmd) { - case SDF_CMD_SO_PATH: - so_path = (char *)p; - sdf_load_library(so_path); - break; - default: - printf("unknown cmd\n"); - return 0; - } - return 1; -} - -static int sdf_rand_bytes(unsigned char *out, int outlen) -{ - if (sdf_meth->GenerateRandom) { - if ((sdf_meth->GenerateRandom(hSession, out, outlen)) != SDR_OK) { - ESDFerr(ESDF_F_SDF_RAND_BYTES, ESDF_R_OPERATION_FAILURE); - return 0; - } - } - return 1; -} - -static int sdf_rand_status(void) -{ - return 1; -} - -static RAND_METHOD sdf_rand_method = { - NULL, - sdf_rand_bytes, - NULL, - NULL, - sdf_rand_bytes, - sdf_rand_status, -}; - -const RAND_METHOD *sdf_get_rand_method(void) -{ - return &sdf_rand_method; -} - -static int sdf_ec_idx = -1; -static const EC_KEY_METHOD *sdf_ec_method = NULL; - -static int sdf_ec_sign(int type, const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, - EC_KEY *ec_key) -{ - printf(" call %s()\n", __func__); - return 1; -} - -static int sdf_ec_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, - BIGNUM **kinvp, BIGNUM **rp) -{ - printf(" call %s()\n", __func__); - return 1; -} - -static ECDSA_SIG *sdf_ec_sign_sig(const unsigned char *dgst, int dgstlen, - const BIGNUM *kinv, const BIGNUM *r, - EC_KEY *ec_key) -{ - ECDSA_SIG *ret = ECDSA_SIG_new(); - printf(" call %s()\n", __func__); - return ret; -} - -const EC_KEY_METHOD *sdf_get_ec_method(void) -{ - EC_KEY_METHOD *ret = NULL; - - if (sdf_ec_method) { - return sdf_ec_method; - } - - if (!(ret = EC_KEY_METHOD_new(EC_KEY_OpenSSL()))) { - return NULL; - } - - EC_KEY_METHOD_set_sign(ret, sdf_ec_sign, sdf_ec_sign_setup, sdf_ec_sign_sig); - - sdf_ec_method = ret; - return ret; -} - -static EVP_PKEY *sdf_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - UI *ui = NULL; - char buf1[256]; - char buf2[256]; - int r; - - ui = UI_new_method(ui_method); - - r = UI_add_input_string(ui, "> ", 0, buf1, 0, sizeof(buf1)-1); - assert(r >= 0); - r = UI_process(ui); - assert(r >= 0); - - printf("password = %s\n", UI_get0_result(ui, 0)); - - printf("%s\n", __func__); - return NULL; -} - -static EVP_PKEY *sdf_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - unsigned int index; - int is_sign_key; - RSArefPublicKey publicKey; - - parse_key_id(key_id, &index, &is_sign_key); - - rv = SDF_OpenSession(hDevice, &hSession); - - if (is_sign_key) { - rv = SDF_ExportSignPublicKey_RSA(hSession, index, &publicKey); - } else { - rv = SDF_ExportEncPublicKey_RSA(hSession, index, &publicKey); - } - - printf("%s\n", __func__); - return NULL; -} - -/****************************************************************************/ - -static int sdf_destroy(ENGINE *e) -{ - return 1; -} - -static void *hDevice = NULL; -static void *hSession = NULL; - -static int sdf_init(ENGINE *e) -{ - int rv; - rv = sdf_meth->OpenDevice(&hDevice); - rv = sdf_meth->OpenSession(hDevice, &hSession); - return 1; -} - -static int sdf_finish(ENGINE *e) -{ - sdf_meth->CloseSession(hSession); - sdf_meth->CloseDevice(hDevice); - return 1; -} - -static int bind_sdf(ENGINE *e) -{ - if (!ENGINE_set_id(e, sdf_id) - || !ENGINE_set_name(e, sdf_name) - || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) - || !ENGINE_set_cmd_defns(e, sdf_cmd_defns) - || !ENGINE_set_ctrl_function(e, sdf_ctrl) - || !ENGINE_set_init_function(e, sdf_init) - || !ENGINE_set_finish_function(e, sdf_finish) - || !ENGINE_set_destroy_function(e, sdf_destroy) - || !ENGINE_set_load_privkey_function(e, sdf_load_privkey) - || !ENGINE_set_load_pubkey_function(e, sdf_load_pubkey) - || !ENGINE_set_RAND(e, sdf_get_rand_method()) - || !ENGINE_set_EC(e, sdf_get_ec_method())) { - return 0; - } - - return 1; -} - -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_helper(ENGINE *e, const char *id) -{ - if (id && strcmp(id, sdf_id) != 0) { - return 0; - } - if (!bind_sdf(e)) { - return 0; - } - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) - -#else - -static ENGINE *engine_sdf(void) -{ - ENGINE *ret = NULL; - if (!(ret = ENGINE_new())) { - return NULL; - } - if (!bind_sdf(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void engine_load_sdf_int(void) -{ - ENGINE *eng = NULL; - if (!(eng = engine_sdf())) { - return; - } - ENGINE_add(eng); - ENGINE_free(eng); - ERR_clear_error(); -} -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ diff --git a/engines/e_skf.ec b/engines/e_skf.ec deleted file mode 100644 index b73176bc..00000000 --- a/engines/e_skf.ec +++ /dev/null @@ -1 +0,0 @@ -L ESKF e_skf_err.h e_skf_err.c diff --git a/engines/sm_standard/sm2/README.md b/engines/sm_standard/sm2/README.md deleted file mode 100644 index 7b2bbab9..00000000 --- a/engines/sm_standard/sm2/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# About SM standard implementation - -This is only a standard implementation of the SM. - -In the standard implementation, it uses the **MIRACL** library. **MIRACL** (Multiprecision Integer and Rational Arithmetic Crytographic Library) is a C software library. See also [About the MIRACL Crypto SDK](https://libraries.docs.miracl.com/miracl-user-manual/about). - -Also, you can download the source code in the Github. Here is a reference link. [Github MIRACL](https://github.com/miracl/MIRACL). - -What's more, when you want test it and compile locally, you need add *-lm* option to solve some math functions problems like *ceil* in the code. \ No newline at end of file diff --git a/engines/sm_standard/sm2/kdf_standard.h b/engines/sm_standard/sm2/kdf_standard.h deleted file mode 100644 index 508226fd..00000000 --- a/engines/sm_standard/sm2/kdf_standard.h +++ /dev/null @@ -1,406 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - - -#ifndef HEADER_KDF_STANDARD_H -#define HEADER_KDF_STANDARD_H - -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -#define SM3_len 256 -#define SM3_T1 0x79CC4519 -#define SM3_T2 0x7A879D8A -#define SM3_IVA 0x7380166f -#define SM3_IVB 0x4914b2b9 -#define SM3_IVC 0x172442d7 -#define SM3_IVD 0xda8a0600 -#define SM3_IVE 0xa96f30bc -#define SM3_IVF 0x163138aa -#define SM3_IVG 0xe38dee4d -#define SM3_IVH 0xb0fb0e4e - -#define SM2_WORDSIZE 8 -#define SM2_NUMBITS 256 -#define SM2_NUMWORD (SM2_NUMBITS / SM2_WORDSIZE) //32 - -/* Various logical functions */ -#define SM3_p1(x) (x ^ SM3_rotl32(x, 15) ^ SM3_rotl32(x, 23)) -#define SM3_p0(x) (x ^ SM3_rotl32(x, 9) ^ SM3_rotl32(x, 17)) -#define SM3_ff0(a, b, c) (a ^ b ^ c) -#define SM3_ff1(a, b, c) ((a & b) | (a & c) | (b & c)) -#define SM3_gg0(e, f, g) (e ^ f ^ g) -#define SM3_gg1(e, f, g) ((e & f) | ((~e) & g)) -#define SM3_rotl32(x, n) (((x) << n) | ((x) >> (32 - n))) -#define SM3_rotr32(x, n) (((x) >> n) | ((x) << (32 - n))) - - -typedef struct { - unsigned long state[8]; - unsigned long length; - unsigned long curlen; - unsigned char buf[64]; -} SM3_STATE; - - -static void BiToW(unsigned long Bi[], unsigned long W[]); -static void WToW1(unsigned long W[], unsigned long W1[]); -static void CF(unsigned long W[], unsigned long W1[], unsigned long V[]); -static void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]); -static void SM3_init(SM3_STATE *md); -static void SM3_compress(SM3_STATE *md); -static void SM3_process(SM3_STATE *md, unsigned char *buf, int len); -static void SM3_done(SM3_STATE *md, unsigned char hash[]); -static void SM3_256(unsigned char buf[], int len, unsigned char hash[]); -static void SM3_kdf(unsigned char Z[], unsigned short zlen, unsigned short klen, unsigned char K[]); - - -/* calculate W from Bi */ -static void BiToW(unsigned long Bi[], unsigned long W[]) -{ - int i; - unsigned long tmp; - - for(i = 0; i <= 15; i++) - { - W[i] = Bi[i]; - } - for(i = 16;i <= 67; i++) - { - tmp = W[i - 16] ^ W[i - 9] ^ SM3_rotl32(W[i - 3], 15); - W[i] = SM3_p1(tmp) ^ (SM3_rotl32(W[i - 13], 7)) ^ W[i - 6]; - } -} - - -/* calculate W1 from W */ -static void WToW1(unsigned long W[], unsigned long W1[]) -{ - int i; - for(i = 0; i <= 63; i++) - { - W1[i] = W[i] ^ W[i + 4]; - } -} - - -/* calculate the CF compress function and update V */ -static void CF(unsigned long W[], unsigned long W1[], unsigned long V[]) -{ - unsigned long SS1; - unsigned long SS2; - unsigned long TT1; - unsigned long TT2; - unsigned long A, B, C, D, E, F, G, H; - unsigned long T = SM3_T1; - unsigned long FF; - unsigned long GG; - int j; - - //reg init, set ABCDEFGH = V0 - A = V[0]; - B = V[1]; - C = V[2]; - D = V[3]; - E = V[4]; - F = V[5]; - G = V[6]; - H = V[7]; - - for (j = 0; j <= 63; j++) - { - //SS1 - if (j == 0) - { - T = SM3_T1; - } - else if (j == 16) - { - T = SM3_rotl32(SM3_T2, 16); - } - else - { - T = SM3_rotl32(T, 1); - } - SS1 = SM3_rotl32((SM3_rotl32(A, 12) + E + T), 7); - - //SS2 - SS2 = SS1 ^ SM3_rotl32(A, 12); - - //TT1 - if (j <= 15) - { - FF = SM3_ff0(A, B, C); - } - else - { - FF = SM3_ff1(A, B, C); - } - TT1 = FF + D + SS2 + *W1; - W1++; - - //TT2 - if (j <= 15) - { - GG = SM3_gg0(E, F, G); - } - else - { - GG = SM3_gg1(E, F, G); - } - TT2 = GG + H + SS1 + *W; - W++; - - //D - D = C; - - //C - C = SM3_rotl32(B, 9); - - //B - B = A; - - //A - A = TT1; - - //H - H = G; - - //G - G = SM3_rotl32(F, 19); - - //F - F = E; - - //E - E = SM3_p0(TT2); - } - - //update V - V[0] = A ^ V[0]; - V[1] = B ^ V[1]; - V[2] = C ^ V[2]; - V[3] = D ^ V[3]; - V[4] = E ^ V[4]; - V[5] = F ^ V[5]; - V[6] = G ^ V[6]; - V[7] = H ^ V[7]; -} - - -/* unsigned int endian converse. GM/T 0004-2012 requires to use big-endian. - * if CPu uses little-endian, BigEndian function is a necessary - * call to change the little-endian format into big-endian format. - */ -static void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]) -{ - unsigned char tmp = 0; - unsigned long i = 0; - for (i = 0; i < bytelen / 4; i++) - { - tmp = des[4 * i]; - des[4 * i] = src[4 * i + 3]; - src[4 * i + 3] = tmp; - - tmp = des[4 * i + 1]; - des[4 * i + 1] = src[4 * i + 2]; - des[4 * i + 2] = tmp; - } -} - - -/* initiate SM3 state */ -static void SM3_init(SM3_STATE *md) -{ - md->curlen = md->length = 0; - md->state[0] = SM3_IVA; - md->state[1] = SM3_IVB; - md->state[2] = SM3_IVC; - md->state[3] = SM3_IVD; - md->state[4] = SM3_IVE; - md->state[5] = SM3_IVF; - md->state[6] = SM3_IVG; - md->state[7] = SM3_IVH; -} - - -/* compress a single a block of message */ -static void SM3_compress(SM3_STATE *md) -{ - unsigned long W[68]; - unsigned long W1[64]; - - //if CPU uses little-endian, BigEndian function is a necessary call - BigEndian(md->buf, 64, md->buf); - BiToW((unsigned long *)md->buf, W); - WToW1(W, W1); - CF(W, W1, md->state); -} - - -/* compress the first(len/64) blocks of message */ -static void SM3_process(SM3_STATE *md, unsigned char *buf, int len) -{ - while (len--) - { - /* copy byte */ - md->buf[md->curlen] = *buf++; - md->curlen++; - - /* is 64 bytes full? */ - if (md->curlen == 64) - { - SM3_compress(md); - md->length += 512; - md->curlen = 0; - } - } -} - - -/* compress the rest message that the SM3_process has left behind */ -static void SM3_done(SM3_STATE *md, unsigned char hash[]) -{ - int i; - unsigned char tmp = 0; - - /* increase the bit length of the message */ - md->length += md->curlen << 3; - - /* append the '1' bit */ - md->buf[md->curlen] = 0x80; - md->curlen++; - - /* if the length is currently above 56 bytes, appends zeros till - it reaches 64 bytes, compress the current block, creat a new - block by appending zeros and length,and then compress it - */ - if (md->curlen > 56) - { - for (; md->curlen < 64;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - SM3_compress(md); - md->curlen = 0; - } - - /* if the length is less than 56 bytes, pad upto 56 bytes of zeroes */ - for (; md->curlen < 56;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - - /* since all messages are under 2^32 bits we mark the top bits zero */ - for (i = 56; i < 60; i++) - { - md->buf[i] = 0; - } - - /* append length */ - md->buf[63] = md->length & 0xff; - md->buf[62] = (md->length >> 8) & 0xff; - md->buf[61] = (md->length >> 16) & 0xff; - md->buf[60] = (md->length >> 24) & 0xff; - - SM3_compress(md); - - /* copy output */ - memcpy(hash, md->state, SM3_len / 8); - BigEndian(hash, SM3_len / 8, hash); //if CPU uses little-endian, BigEndian function is a necessary call -} - - -/* calculate a hash value from a given message */ -static void SM3_256(unsigned char buf[], int len, unsigned char hash[]) -{ - SM3_STATE md; - SM3_init(&md); - SM3_process(&md, buf, len); - SM3_done(&md, hash); -} - - -/* key derivation function */ -static void SM3_kdf(unsigned char Z[], unsigned short zlen, unsigned short klen, unsigned char K[]) -{ - unsigned short i, j, t; - unsigned int bitklen; - SM3_STATE md; - unsigned char Ha[SM2_NUMWORD]; - unsigned char ct[4] = {0, 0, 0, 1}; - - bitklen = klen * 8; - - if (bitklen % SM2_NUMBITS) - t = bitklen / SM2_NUMBITS + 1; - else - t = bitklen / SM2_NUMBITS; - - //s4: K = Ha1 || Ha2 || ... - for (i = 1; i < t; i++) - { - //s2: Hai = Hv(Z || ct) - SM3_init(&md); - SM3_process(&md, Z, zlen); - SM3_process(&md, ct, 4); - SM3_done(&md, Ha); - memcpy((K + SM2_NUMWORD * (i - 1)), Ha, SM2_NUMWORD); - - if (ct[3] == 0xff) - { - ct[3] = 0; - if (ct[2] == 0xff) - { - ct[2] = 0; - if (ct[1] == 0xff) - { - ct[1] = 0; - ct[0]++; - } - else - ct[1]++; - } - else - ct[2]++; - } - else - ct[3]++; - } - - //s3 - SM3_init(&md); - SM3_process(&md, Z, zlen); - SM3_process(&md, ct, 4); - SM3_done(&md, Ha); - - if(bitklen % SM2_NUMBITS) - { - i = (SM2_NUMBITS - bitklen + SM2_NUMBITS * (bitklen / SM2_NUMBITS)) / 8; - j = (bitklen - SM2_NUMBITS * (bitklen / SM2_NUMBITS)) / 8; - memcpy((K + SM2_NUMWORD * (t - 1)), Ha, j); - } - else - { - memcpy((K + SM2_NUMWORD * (t - 1)), Ha, SM2_NUMWORD); - } -} - - -#ifdef __cplusplus -} -# endif -#endif diff --git a/engines/sm_standard/sm2/sm2_standard.h b/engines/sm_standard/sm2/sm2_standard.h deleted file mode 100644 index 3ce7f9b9..00000000 --- a/engines/sm_standard/sm2/sm2_standard.h +++ /dev/null @@ -1,278 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_SM2_STANDARD_H -#define HEADER_SM2_STANDARD_H - - -#include -#include -#include - - - -#ifdef __cplusplus -extern "C" { -#endif - -#include "miracl.h" -#include "mirdef.h" -#include "kdf_standard.h" - -#define ERR_INFINITY_POINT 0x00000001 -#define ERR_NOT_VALID_ELEMENT 0x00000002 -#define ERR_NOT_VALID_POINT 0x00000003 -#define ERR_ORDER 0x00000004 -#define ERR_ECURVE_INIT 0x00000005 -#define ERR_KEYEX_RA 0x00000006 -#define ERR_KEYEX_RB 0x00000007 -#define ERR_EQUAL_S1SB 0x00000008 -#define ERR_EQUAL_S2SA 0x00000009 -#define ERR_SELFTEST_Z 0x0000000A -#define ERR_SELFTEST_INI_I 0x0000000B -#define ERR_SELFTEST_RES_I 0x0000000C -#define ERR_SELFTEST_INI_II 0x0000000D -#define ERR_GENERATE_R 0x0000000E -#define ERR_GENERATE_S 0x0000000F -#define ERR_OUTRANGE_R 0x00000010 -#define ERR_OUTRANGE_S 0x00000011 -#define ERR_GENERATE_T 0x00000012 -#define ERR_PUBKEY_INIT 0x00000013 -#define ERR_DATA_MEMCMP 0x00000014 -#define ERR_ARRAY_NULL 0x00000015 -#define ERR_C3_MATCH 0x00000016 -#define ERR_SELFTEST_KG 0x00000017 -#define ERR_SELFTEST_ENC 0x00000018 -#define ERR_SELFTEST_DEC 0x00000019 - - -static unsigned char SM2_p[32] = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; -static unsigned char SM2_a[32] = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC}; -static unsigned char SM2_b[32] = {0x28, 0xE9, 0xFA, 0x9E, 0x9D, 0x9F, 0x5E, 0x34, 0x4D, 0x5A, 0x9E, 0x4B, 0xCF, 0x65, 0x09, 0xA7, - 0xF3, 0x97, 0x89, 0xF5, 0x15, 0xAB, 0x8F, 0x92, 0xDD, 0xBC, 0xBD, 0x41, 0x4D, 0x94, 0x0E, 0x93}; -static unsigned char SM2_n[32] = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0x72, 0x03, 0xDF, 0x6B, 0x21, 0xC6, 0x05, 0x2B, 0x53, 0xBB, 0xF4, 0x09, 0x39, 0xD5, 0x41, 0x23}; -static unsigned char SM2_Gx[32] = {0x32, 0xC4, 0xAE, 0x2C, 0x1F, 0x19, 0x81, 0x19, 0x5F, 0x99, 0x04, 0x46, 0x6A, 0x39, 0xC9, 0x94, - 0x8F, 0xE3, 0x0B, 0xBF, 0xF2, 0x66, 0x0B, 0xE1, 0x71, 0x5A, 0x45, 0x89, 0x33, 0x4C, 0x74, 0xC7}; -static unsigned char SM2_Gy[32] = {0xBC, 0x37, 0x36, 0xA2, 0xF4, 0xF6, 0x77, 0x9C, 0x59, 0xBD, 0xCE, 0xE3, 0x6B, 0x69, 0x21, 0x53, - 0xD0, 0xA9, 0x87, 0x7C, 0xC6, 0x2A, 0x47, 0x40, 0x02, 0xDF, 0x32, 0xE5, 0x21, 0x39, 0xF0, 0xA0}; -static unsigned char SM2_h[32] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}; - -big para_p, para_a, para_b, para_n, para_Gx, para_Gy, para_h; -epoint *G; -miracl *mip; - - -int SM2_w(big n); -void SM3_z(unsigned char ID[], unsigned short int ELAN, epoint* pubKey, unsigned char hash[]); -static int Test_Point(epoint* point); -static int Test_PubKey(epoint *pubKey); -int Test_Null(unsigned char array[], int len); -int Test_Zero(big x); -int Test_n(big x); -static int Test_Range(big x); -static int SM2_standard_init(); -static int SM2_standard_keygeneration(big priKey, epoint *pubKey); -int SM2_standard_sign_keygeneration(unsigned char PriKey[], unsigned char Px[], unsigned char Py[]); -int SM2_standard_keyex_init_i(big ra, epoint* RA); -int SM2_standard_keyex_re_i(big rb, big dB, epoint* RA, epoint* PA, unsigned char ZA[], unsigned char ZB[], unsigned char K[], int klen, epoint* RB, epoint* V, unsigned char hash[]); -int SM2_standard_keyex_init_ii(big ra, big dA, epoint* RA, epoint* RB, epoint* PB, unsigned char ZA[], unsigned char ZB[], unsigned char SB[], unsigned char K[], int klen, unsigned char SA[]); -int SM2_standard_keyex_re_ii(epoint *V, epoint *RA, epoint *RB, unsigned char ZA[], unsigned char ZB[], unsigned char SA[]); -int SM2_standard_keyex_selftest(); -int SM2_standard_encrypt(unsigned char* randK, epoint *pubKey, unsigned char M[], int klen, unsigned char C[]); -int SM2_standard_decrypt(big dB, unsigned char C[], int Clen, unsigned char M[]); -int SM2_standard_enc_selftest(); -int SM2_standard_sign(unsigned char *message, int len, unsigned char ZA[], unsigned char rand[], unsigned char d[], unsigned char R[], unsigned char S[]); -int SM2_standard_verify(unsigned char *message, int len, unsigned char ZA[], unsigned char Px[], unsigned char Py[], unsigned char R[], unsigned char S[]); -int SM2_standard_selfcheck(); - - -/* Initiate SM2 curve */ -static int SM2_standard_init() -{ - epoint *nG; - para_p = mirvar(0); - para_a = mirvar(0); - para_b = mirvar(0); - para_n = mirvar(0); - para_Gx = mirvar(0); - para_Gy = mirvar(0); - para_h = mirvar(0); - - G = epoint_init(); - nG = epoint_init(); - - bytes_to_big(SM2_NUMWORD, SM2_p, para_p); - bytes_to_big(SM2_NUMWORD, SM2_a, para_a); - bytes_to_big(SM2_NUMWORD, SM2_b, para_b); - bytes_to_big(SM2_NUMWORD, SM2_n, para_n); - bytes_to_big(SM2_NUMWORD, SM2_Gx, para_Gx); - bytes_to_big(SM2_NUMWORD, SM2_Gy, para_Gy); - bytes_to_big(SM2_NUMWORD, SM2_h, para_h); - - ecurve_init(para_a, para_b, para_p, MR_PROJECTIVE); //Initialises GF(p) elliptic curve. - //MR_PROJECTIVE specifying projective coordinates - if (!epoint_set(para_Gx, para_Gy, 0, G)) //initialise point G - { - return ERR_ECURVE_INIT; - } - ecurve_mult(para_n, G, nG); - if (!point_at_infinity(nG)) //test if the order of the point is n - { - return ERR_ORDER; - } - return 0; -} - - -/* test if the given point is on SM2 curve */ -static int Test_Point(epoint* point) -{ - big x, y, x_3, tmp; - x = mirvar(0); - y = mirvar(0); - x_3 = mirvar(0); - tmp = mirvar(0); - - //test if y^2 = x^3 + ax + b - epoint_get(point, x, y); - power(x, 3, para_p, x_3); //x_3 = x^3 mod p - multiply(x, para_a, x); //x = a * x - divide(x, para_p, tmp); //x = a * x mod p, tmp = a * x / p - add(x_3, x, x); //x = x^3 + ax - add(x, para_b, x); //x = x^3 + ax + b - divide(x, para_p, tmp); //x = x^3 + ax + b mod p - power(y, 2, para_p, y); //y = y^2 mod p - if (mr_compare(x, y) != 0) - return ERR_NOT_VALID_POINT; - else - return 0; -} - - -/* test if the given public key is valid */ -static int Test_PubKey(epoint *pubKey) -{ - big x, y, x_3, tmp; - epoint *nP; - x = mirvar(0); - y = mirvar(0); - x_3 = mirvar(0); - tmp = mirvar(0); - - nP = epoint_init(); - - //test if the pubKey is the point at infinity - if (point_at_infinity(pubKey)) //if pubKey is point at infinity, return error; - return ERR_INFINITY_POINT; - - //test if x < p and y

0)) - return 1; - return 0; -} - - -/* calculate a pubKey out of a given priKey */ -static int SM2_standard_keygeneration(big priKey, epoint *pubKey) -{ - int i = 0; - big x, y; - x = mirvar(0); - y = mirvar(0); - - //mip = mirsys(1000, 16); - //mip->IOBASE = 16; - - ecurve_mult(priKey, G, pubKey); - epoint_get(pubKey, x, y); - - i = Test_PubKey(pubKey); - if (i) - return i; - else - return 0; -} - -#ifdef __cplusplus -} -# endif -#endif - - diff --git a/engines/sm_standard/sm2/sm2_standard_enc.c b/engines/sm_standard/sm2/sm2_standard_enc.c deleted file mode 100644 index 37ffebda..00000000 --- a/engines/sm_standard/sm2/sm2_standard_enc.c +++ /dev/null @@ -1,253 +0,0 @@ -/* - * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - - -#include "miracl.h" -#include "mirdef.h" -#include "sm2_standard.h" - - -/* test if the given array is all zero */ -int Test_Null(unsigned char array[], int len) -{ - int i; - i = 0; - for (i = 0; i < len; i++) - { - if (array[i] != 0x00) - return 0; - } - return 1; -} - - -/* sm2 encryption */ -int SM2_standard_encrypt(unsigned char* randK, epoint *pubKey, unsigned char M[], int klen, unsigned char C[]) -{ - big C1x, C1y, x2, y2, rand; - epoint *C1, *kP, *S; - int i; - i = 0; - unsigned char x2y2[SM2_NUMWORD * 2] = {0}; - SM3_STATE md; - C1x = mirvar(0); - C1y = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - rand = mirvar(0); - C1 = epoint_init(); - kP = epoint_init(); - S = epoint_init(); - - //step2. calculate C1 = [k]G = (rGx, rGy) - bytes_to_big(SM2_NUMWORD, randK, rand); - ecurve_mult(rand, G, C1); //C1 = [k]G - epoint_get(C1, C1x, C1y); - big_to_bytes(SM2_NUMWORD, C1x, C, 1); - big_to_bytes(SM2_NUMWORD, C1y, C + SM2_NUMWORD, 1); - - //step3. test if S = [h]pubKey if the point at infinity - ecurve_mult(para_h, pubKey, S); - if (point_at_infinity(S)) //if S is point at infinity, return error; - return ERR_INFINITY_POINT; - - //step4. calculate [k]PB = (x2, y2) - ecurve_mult(rand, pubKey, kP); //kP = [k]P - epoint_get(kP, x2, y2); - - //step5. KDF(x2 || y2, klen) - big_to_bytes(SM2_NUMWORD, x2, x2y2, 1); - big_to_bytes(SM2_NUMWORD, y2, x2y2 + SM2_NUMWORD, 1); - SM3_kdf(x2y2, SM2_NUMWORD * 2, klen, C + SM2_NUMWORD * 3); - if (Test_Null(C + SM2_NUMWORD * 3, klen) != 0) - return ERR_ARRAY_NULL; - - //step6. C2 = M^t - for (i = 0; i < klen; i++) - { - C[SM2_NUMWORD * 3 + i] = M[i] ^ C[SM2_NUMWORD * 3 + i]; - } - - //step7. C3 = hash(x2, M, y2) - SM3_init(&md); - SM3_process(&md, x2y2, SM2_NUMWORD); - SM3_process(&md, M, klen); - SM3_process(&md, x2y2 + SM2_NUMWORD, SM2_NUMWORD); - SM3_done(&md, C + SM2_NUMWORD * 2); - return 0; -} - - -/* sm2 decryption */ -int SM2_standard_decrypt(big dB, unsigned char C[], int Clen, unsigned char M[]) -{ - SM3_STATE md; - int i; - i = 0; - unsigned char x2y2[SM2_NUMWORD * 2] = {0}; - unsigned char hash[SM2_NUMWORD] = {0}; - big C1x, C1y, x2, y2; - epoint *C1, *S, *dBC1; - C1x = mirvar(0); - C1y = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - C1 = epoint_init(); - S = epoint_init(); - dBC1 = epoint_init(); - - //step1. test if C1 fits the curve - bytes_to_big(SM2_NUMWORD, C, C1x); - bytes_to_big(SM2_NUMWORD, C + SM2_NUMWORD, C1y); - epoint_set(C1x, C1y, 0, C1); - i = Test_Point(C1); - if (i != 0) - return i; - - //step2. S = [h]C1 and test if S is the point at infinity - ecurve_mult(para_h, C1, S); - if (point_at_infinity(S)) // if S is point at infinity, return error; - return ERR_INFINITY_POINT; - - //step3. [dB]C1 = (x2, y2) - ecurve_mult(dB, C1, dBC1); - epoint_get(dBC1, x2, y2); - big_to_bytes(SM2_NUMWORD, x2, x2y2, 1); - big_to_bytes(SM2_NUMWORD, y2, x2y2 + SM2_NUMWORD, 1); - - //step4. t = KDF(x2 || y2, klen) - SM3_kdf(x2y2, SM2_NUMWORD * 2, Clen - SM2_NUMWORD * 3, M); - if (Test_Null(M, Clen - SM2_NUMWORD * 3) != 0) - return ERR_ARRAY_NULL; - - //step5. M = C2^t - for (i = 0; i < Clen - SM2_NUMWORD * 3; i++) - M[i] = M[i] ^ C[SM2_NUMWORD * 3 + i]; - - //step6. hash(x2, m, y2) - SM3_init(&md); - SM3_process(&md, x2y2, SM2_NUMWORD); - SM3_process(&md, M, Clen - SM2_NUMWORD * 3); - SM3_process(&md, x2y2 + SM2_NUMWORD, SM2_NUMWORD); - SM3_done(&md, hash); - if (memcmp(hash, C + SM2_NUMWORD * 2, SM2_NUMWORD) != 0) - return ERR_C3_MATCH; - else - return 0; -} - - -/* test whether the SM2 calculation is correct by comparing the result with the standard data */ -int SM2_standard_enc_selftest() -{ - int tmp, i; - tmp = 0; - i = 0; - unsigned char Cipher[115] = {0}; - unsigned char M[19] = {0}; - unsigned char kGxy[SM2_NUMWORD * 2] = {0}; - big ks, x, y; - epoint *kG; - - - //standard data - unsigned char std_priKey[32] = {0x39, 0x45, 0x20, 0x8F, 0x7B, 0x21, 0x44, 0xB1, 0x3F, 0x36, 0xE3, 0x8A, 0xC6, 0xD3, 0x9F, 0x95, - 0x88, 0x93, 0x93, 0x69, 0x28, 0x60, 0xB5, 0x1A, 0x42, 0xFB, 0x81, 0xEF, 0x4D, 0xF7, 0xC5, 0xB8}; - unsigned char std_pubKey[64] = {0x09, 0xF9, 0xDF, 0x31, 0x1E, 0x54, 0x21, 0xA1, 0x50, 0xDD, 0x7D, 0x16, 0x1E, 0x4B, 0xC5, 0xC6, - 0x72, 0x17, 0x9F, 0xAD, 0x18, 0x33, 0xFC, 0x07, 0x6B, 0xB0, 0x8F, 0xF3, 0x56, 0xF3, 0x50, 0x20, - 0xCC, 0xEA, 0x49, 0x0C, 0xE2, 0x67, 0x75, 0xA5, 0x2D, 0xC6, 0xEA, 0x71, 0x8C, 0xC1, 0xAA, 0x60, - 0x0A, 0xED, 0x05, 0xFB, 0xF3, 0x5E, 0x08, 0x4A, 0x66, 0x32, 0xF6, 0x07, 0x2D, 0xA9, 0xAD, 0x13}; - unsigned char std_rand[32] = {0x59, 0x27, 0x6E, 0x27, 0xD5, 0x06, 0x86, 0x1A, 0x16, 0x68, 0x0F, 0x3A, 0xD9, 0xC0, 0x2D, 0xCC, - 0xEF, 0x3C, 0xC1, 0xFA, 0x3C, 0xDB, 0xE4, 0xCE, 0x6D, 0x54, 0xB8, 0x0D, 0xEA, 0xC1, 0xBC, 0x21}; - unsigned char std_Message[19] = {0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, - 0x61, 0x72, 0x64}; - unsigned char std_Cipher[115] = {0x04, 0xEB, 0xFC, 0x71, 0x8E, 0x8D, 0x17, 0x98, 0x62, 0x04, 0x32, 0x26, 0x8E, 0x77, 0xFE, 0xB6, - 0x41, 0x5E, 0x2E, 0xDE, 0x0E, 0x07, 0x3C, 0x0F, 0x4F, 0x64, 0x0E, 0xCD, 0x2E, 0x14, 0x9A, 0x73, - 0xE8, 0x58, 0xF9, 0xD8, 0x1E, 0x54, 0x30, 0xA5, 0x7B, 0x36, 0xDA, 0xAB, 0x8F, 0x95, 0x0A, 0x3C, - 0x64, 0xE6, 0xEE, 0x6A, 0x63, 0x09, 0x4D, 0x99, 0x28, 0x3A, 0xFF, 0x76, 0x7E, 0x12, 0x4D, 0xF0, - 0x59, 0x98, 0x3C, 0x18, 0xF8, 0x09, 0xE2, 0x62, 0x92, 0x3C, 0x53, 0xAE, 0xC2, 0x95, 0xD3, 0x03, - 0x83, 0xB5, 0x4E, 0x39, 0xD6, 0x09, 0xD1, 0x60, 0xAF, 0xCB, 0x19, 0x08, 0xD0, 0xBD, 0x87, 0x66, - 0x21, 0x88, 0x6C, 0xA9, 0x89, 0xCA, 0x9C, 0x7D, 0x58, 0x08, 0x73, 0x07, 0xCA, 0x93, 0x09, 0x2D, - 0x65, 0x1E, 0xFA}; - mip= mirsys(1000, 16); - mip->IOBASE = 16; - x = mirvar(0); - y = mirvar(0); - ks = mirvar(0); - kG = epoint_init(); - bytes_to_big(32, std_priKey, ks); //ks is the standard private key - - - //initiate SM2 curve - SM2_standard_init(); - - //generate key pair - tmp = SM2_standard_keygeneration(ks, kG); - if (tmp != 0) - return tmp; - epoint_get(kG, x, y); - big_to_bytes(SM2_NUMWORD, x, kGxy, 1); - big_to_bytes(SM2_NUMWORD, y, kGxy + SM2_NUMWORD, 1); - if (memcmp(kGxy, std_pubKey, SM2_NUMWORD * 2) != 0) - return ERR_SELFTEST_KG; - - //encrypt data and compare the result with the standard data - tmp = SM2_standard_encrypt(std_rand, kG, std_Message, 19, Cipher); - if (tmp != 0) - return tmp; - if (memcmp(Cipher, std_Cipher, 19 + SM2_NUMWORD * 3) != 0) - return ERR_SELFTEST_ENC; - - //decrypt cipher and compare the result with the standard data - tmp = SM2_standard_decrypt(ks, Cipher, 115, M); - if (tmp != 0) - return tmp; - if (memcmp(M, std_Message, 19) != 0) - return ERR_SELFTEST_DEC; - return 0; -} diff --git a/engines/sm_standard/sm2/sm2_standard_exch.c b/engines/sm_standard/sm2/sm2_standard_exch.c deleted file mode 100644 index d3adcc5d..00000000 --- a/engines/sm_standard/sm2/sm2_standard_exch.c +++ /dev/null @@ -1,491 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - - -#include "mirdef.h" -#include "miracl.h" -#include "sm2_standard.h" - - -/* calculation of w */ -int SM2_w(big n) -{ - big n1; - int w = 0; - n1 = mirvar(0); - w = logb2(para_n); //approximate integer log to the base 2 of para_n - expb2(w, n1); //n1 = 2^w - if (mr_compare(para_n, n1) == 1) - w++; - if ((w % 2) == 0) - w = w / 2 - 1; - else - w = (w + 1) / 2 - 1; - return w; -} - - -/* calculation of ZA or ZB */ -void SM3_z(unsigned char ID[], unsigned short int ELAN, epoint* pubKey, unsigned char hash[]) -{ - unsigned char Px[SM2_NUMWORD] = {0}, Py[SM2_NUMWORD] = {0}; - unsigned char IDlen[2] = {0}; - big x, y; - SM3_STATE md; - - x = mirvar(0); - y = mirvar(0); - - epoint_get(pubKey, x, y); - big_to_bytes(SM2_NUMWORD, x, Px, 1); - big_to_bytes(SM2_NUMWORD, y, Py, 1); - memcpy(IDlen, &ELAN + 1, 1); - memcpy(IDlen + 1, &ELAN, 1); - SM3_init(&md); - SM3_process(&md, IDlen, 2); - SM3_process(&md, ID, ELAN / 8); - SM3_process(&md, SM2_a, SM2_NUMWORD); - SM3_process(&md, SM2_b, SM2_NUMWORD); - SM3_process(&md, SM2_Gx, SM2_NUMWORD); - SM3_process(&md, SM2_Gy, SM2_NUMWORD); - SM3_process(&md, Px, SM2_NUMWORD); - SM3_process(&md, Py, SM2_NUMWORD); - SM3_done(&md, hash); - - return; -} - - -/* calculate RA */ -int SM2_standard_keyex_init_i(big ra, epoint* RA) -{ - return SM2_standard_keygeneration(ra, RA); -} - - -/* calculate RB and a secret key */ -int SM2_standard_keyex_re_i(big rb, big dB, epoint* RA, epoint* PA, unsigned char ZA[], unsigned char ZB[], unsigned char K[], int klen, epoint* RB, epoint* V, unsigned char hash[]) -{ - SM3_STATE md; - int i = 0, w = 0; - unsigned char Z[SM2_NUMWORD * 2 + SM3_len / 4] = {0}; - unsigned char x1y1[SM2_NUMWORD * 2] = {0}; - unsigned char x2y2[SM2_NUMWORD * 2] = {0}; - unsigned char temp = 0x02; - big x1, y1, x1_, x2, y2, x2_, tmp, Vx, Vy, temp_x, temp_y; - - //mip = mirsys(1000, 16); - //mip->IOBASE = 16; - x1 = mirvar(0); - y1 = mirvar(0); - x1_ = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - x2_ = mirvar(0); - tmp = mirvar(0); - Vx = mirvar(0); - Vy = mirvar(0); - temp_x = mirvar(0); - temp_y = mirvar(0); - - w = SM2_w(para_n); - - //--------B2: RB = [rb]G = (x2, y2)-------- - SM2_standard_keygeneration(rb, RB); - epoint_get(RB, x2, y2); - big_to_bytes(SM2_NUMWORD, x2, x2y2, 1); - big_to_bytes(SM2_NUMWORD, y2, x2y2 + SM2_NUMWORD, 1); - - //--------B3: x2_ = 2^w + x2 & (2^w - 1)-------- - expb2(w, x2_); //x2_ = 2^w - divide(x2, x2_, tmp); //x2 = x2 mod x2_ = x2 & (2^w - 1) - add(x2_, x2, x2_); - divide(x2_, para_n, tmp); //x2_ = n mod q - - //--------B4: tB = (dB + x2_ * rB) mod n-------- - multiply(x2_, rb, x2_); - add(dB, x2_, x2_); - divide(x2_, para_n, tmp); - - //--------B5: x1_ = 2^w + x1 & (2^w - 1)-------- - if (Test_Point(RA) != 0) - return ERR_KEYEX_RA; - epoint_get(RA, x1, y1); - big_to_bytes(SM2_NUMWORD, x1, x1y1, 1); - big_to_bytes(SM2_NUMWORD, y1, x1y1 + SM2_NUMWORD, 1); - expb2(w, x1_); //x1_ = 2^w - divide(x1, x1_, tmp); //x1 = x1 mod x1_ = x1 & (2^w - 1) - add(x1_,x1, x1_); - divide(x1_, para_n, tmp); //x1_ = n mod q - - //--------B6: V = [h * tB](PA + [x1_]RA)-------- - ecurve_mult(x1_, RA, V); //v = [x1_]RA - epoint_get(V, temp_x, temp_y); - - ecurve_add(PA, V); //V = PA + V - epoint_get(V, temp_x, temp_y); - - multiply(para_h, x2_, x2_); //tB = tB * h - - ecurve_mult(x2_, V, V); - if (point_at_infinity(V) == 1) - return ERR_INFINITY_POINT; - epoint_get(V, Vx, Vy); - big_to_bytes(SM2_NUMWORD, Vx, Z, 1); - big_to_bytes(SM2_NUMWORD, Vy, Z + SM2_NUMWORD, 1); - - //------------B7:KB = KDF(VX, VY, ZA, ZB, KLEN)---------- - memcpy(Z + SM2_NUMWORD * 2, ZA, SM3_len / 8); - memcpy(Z + SM2_NUMWORD * 2 + SM3_len / 8, ZB, SM3_len / 8); - SM3_kdf(Z, SM2_NUMWORD * 2 + SM3_len / 4, klen / 8, K); - - //---------------B8:(optional)SB = hash(0x02 || Vy || HASH(Vx || ZA || ZB || x1 || y1 || x2 || y2)------------- - SM3_init(&md); - SM3_process(&md, Z, SM2_NUMWORD); - SM3_process(&md, ZA, SM3_len / 8); - SM3_process(&md, ZB, SM3_len / 8); - SM3_process(&md, x1y1, SM2_NUMWORD * 2); - SM3_process(&md, x2y2, SM2_NUMWORD * 2); - SM3_done(&md, hash); - - SM3_init(&md); - SM3_process(&md, &temp, 1); - SM3_process(&md, Z + SM2_NUMWORD, SM2_NUMWORD); - SM3_process(&md, hash, SM3_len / 8); - SM3_done(&md, hash); - - return 0; -} - - -/* initiator A calculates the secret key out of RA and RB, and calculates a hash */ -int SM2_standard_keyex_init_ii(big ra, big dA, epoint* RA, epoint* RB, epoint* PB, unsigned char ZA[], unsigned char ZB[], unsigned char SB[], unsigned char K[], int klen, unsigned char SA[]) -{ - SM3_STATE md; - int i = 0, w = 0; - unsigned char Z[SM2_NUMWORD * 2 + SM3_len / 4] = {0}; - unsigned char x1y1[SM2_NUMWORD * 2] = {0}; - unsigned char x2y2[SM2_NUMWORD * 2] = {0}; - unsigned char hash[SM2_NUMWORD], S1[SM2_NUMWORD]; - unsigned char temp[2] = {0x02, 0x03}; - big x1, y1, x1_, x2, y2, x2_, tmp, Ux, Uy, temp_x, temp_y, tA; - epoint* U; - //mip = mirsys(1000, 16); - //mip->IOBASE = 16; - - U = epoint_init(); - x1 = mirvar(0); - y1 = mirvar(0); - x1_ = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - x2_ = mirvar(0); - tmp = mirvar(0); - Ux = mirvar(0); - Uy = mirvar(0); - temp_x = mirvar(0); - temp_y = mirvar(0); - tA=mirvar(0); - - w = SM2_w(para_n); - epoint_get(RA, x1, y1); - big_to_bytes(SM2_NUMWORD, x1, x1y1, TRUE); - big_to_bytes(SM2_NUMWORD, y1, x1y1 + SM2_NUMWORD, TRUE); - - //--------A4: x1_ = 2^w + x2 & (2^w - 1)-------- - expb2(w, x1_); //x1_ = 2^w - divide(x1, x1_, tmp); //x1 = x1 mod x1_ = x1 & (2^w - 1) - add(x1_, x1, x1_); - divide(x1_, para_n, tmp); - - //-------- A5:tA = (dA + x1_ * rA) mod n-------- - multiply(x1_, ra, tA); - divide(tA, para_n, tmp); - add(tA, dA, tA); - divide(tA, para_n, tmp); - - //-------- A6:x2_ = 2^w + x2 & (2^w - 1)----------------- - if (Test_Point(RB) != 0) - return ERR_KEYEX_RB;////////////////////////////////// - epoint_get(RB, x2, y2); - big_to_bytes(SM2_NUMWORD, x2, x2y2, TRUE); - big_to_bytes(SM2_NUMWORD, y2, x2y2 + SM2_NUMWORD, TRUE); - expb2(w, x2_); //x2_ = 2^w - divide(x2, x2_, tmp); //x2 = x2 mod x2_ = x2 & (2^w - 1) - add(x2_, x2, x2_); - divide(x2_, para_n, tmp); - - //--------A7:U = [h * tA](PB + [x2_]RB)----------------- - ecurve_mult(x2_, RB, U); //U = [x2_]RB - epoint_get(U, temp_x, temp_y); - - ecurve_add(PB, U); //U = PB + U - epoint_get(U, temp_x, temp_y); - - multiply(para_h, tA, tA); //tA = tA * h - divide(tA, para_n, tmp); - - ecurve_mult(tA, U, U); - if (point_at_infinity(U) == 1) - return ERR_INFINITY_POINT; - epoint_get(U, Ux, Uy); - big_to_bytes(SM2_NUMWORD, Ux, Z, 1); - big_to_bytes(SM2_NUMWORD, Uy, Z + SM2_NUMWORD, 1); - - //------------A8:KA = KDF(UX, UY, ZA, ZB, KLEN)---------- - memcpy(Z + SM2_NUMWORD * 2, ZA, SM3_len / 8); - memcpy(Z + SM2_NUMWORD * 2 + SM3_len / 8, ZB, SM3_len / 8); - SM3_kdf(Z, SM2_NUMWORD * 2 + SM3_len / 4, klen / 8, K); - - //---------------A9:(optional) S1 = Hash(0x02 || Uy || Hash(Ux || ZA || ZB || x1 || y1 || x2 || y2))----------- - SM3_init (&md); - SM3_process(&md, Z, SM2_NUMWORD); - SM3_process(&md, ZA, SM3_len / 8); - SM3_process(&md, ZB, SM3_len / 8); - SM3_process(&md, x1y1, SM2_NUMWORD * 2); - SM3_process(&md, x2y2, SM2_NUMWORD * 2); - SM3_done(&md, hash); - - SM3_init(&md); - SM3_process(&md, temp, 1); - SM3_process(&md, Z + SM2_NUMWORD, SM2_NUMWORD); - SM3_process(&md, hash, SM3_len / 8); - SM3_done(&md, S1); - - //test S1 = SB? - if (memcmp(S1, SB, SM2_NUMWORD) != 0) - return ERR_EQUAL_S1SB; - - //---------------A10 SA = Hash(0x03 || yU || Hash(xU || ZA || ZB || x1 || y1 || x2 || y2))------------- - SM3_init(&md); - SM3_process(&md, &temp[1], 1); - SM3_process(&md, Z + SM2_NUMWORD, SM2_NUMWORD); - SM3_process(&md, hash, SM3_len / 8); - SM3_done(&md, SA); - - return 0; -} - - -/* (optional)Step B10: verifies the hash value received from initiator A */ -int SM2_standard_keyex_re_ii(epoint *V, epoint *RA, epoint *RB, unsigned char ZA[], unsigned char ZB[], unsigned char SA[]) -{ - big x1, y1, x2, y2, Vx, Vy; - unsigned char hash[SM2_NUMWORD], S2[SM2_NUMWORD]; - unsigned char temp = 0x03; - unsigned char xV[SM2_NUMWORD], yV[SM2_NUMWORD]; - unsigned char x1y1[SM2_NUMWORD * 2] = {0}; - unsigned char x2y2[SM2_NUMWORD * 2] = {0}; - SM3_STATE md; - - x1 = mirvar(0); - y1 = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - Vx = mirvar(0); - Vy = mirvar(0); - - epoint_get(RA, x1, y1); - epoint_get(RB, x2, y2); - epoint_get(V, Vx, Vy); - - big_to_bytes(SM2_NUMWORD, Vx, xV, TRUE); - big_to_bytes(SM2_NUMWORD, Vy, yV, TRUE); - big_to_bytes(SM2_NUMWORD, x1, x1y1, TRUE); - big_to_bytes(SM2_NUMWORD, y1, x1y1 + SM2_NUMWORD, TRUE); - big_to_bytes(SM2_NUMWORD, x2, x2y2, TRUE); - big_to_bytes(SM2_NUMWORD, y2, x2y2 + SM2_NUMWORD, TRUE); - - //---------------B10:(optional) S2 = Hash(0x03 || Vy || Hash(Vx || ZA || ZB || x1 || y1 || x2 || y2)) - SM3_init(&md); - SM3_process(&md, xV, SM2_NUMWORD); - SM3_process(&md, ZA, SM3_len / 8); - SM3_process(&md, ZB, SM3_len / 8); - SM3_process(&md, x1y1, SM2_NUMWORD * 2); - SM3_process(&md, x2y2, SM2_NUMWORD * 2); - SM3_done(&md, hash); - - SM3_init(&md); - SM3_process(&md, &temp, 1); - SM3_process(&md, yV, SM2_NUMWORD); - SM3_process(&md, hash, SM3_len / 8); - SM3_done(&md, S2); - - if (memcmp(S2, SA, SM3_len / 8) != 0) - return ERR_EQUAL_S2SA; - - return 0; -} - - -/* self check of SM2 key exchange */ -int SM2_standard_keyex_selftest() -{ - //standard data - unsigned char std_priKeyA[SM2_NUMWORD] = {0x81, 0xEB, 0x26, 0xE9, 0x41, 0xBB, 0x5A, 0xF1, 0x6D, 0xF1, 0x16, 0x49, 0x5F, 0x90, 0x69, 0x52, - 0x72, 0xAE, 0x2C, 0xD6, 0x3D, 0x6C, 0x4A, 0xE1, 0x67, 0x84, 0x18, 0xBE, 0x48, 0x23, 0x00, 0x29}; - unsigned char std_pubKeyA[SM2_NUMWORD * 2] = {0x16, 0x0E, 0x12, 0x89, 0x7D, 0xF4, 0xED, 0xB6, 0x1D, 0xD8, 0x12, 0xFE, 0xB9, 0x67, 0x48, - 0xFB, 0xD3, 0xCC, 0xF4, 0xFF, 0xE2, 0x6A, 0xA6, 0xF6, 0xDB, 0x95, 0x40, 0xAF, 0x49, 0xC9, - 0x42, 0x32, 0x4A, 0x7D, 0xAD, 0x08, 0xBB, 0x9A, 0x45, 0x95, 0x31, 0x69, 0x4B, 0xEB, 0x20, - 0xAA, 0x48, 0x9D, 0x66, 0x49, 0x97, 0x5E, 0x1B, 0xFC, 0xF8, 0xC4, 0x74, 0x1B, 0x78, 0xB4, - 0xB2, 0x23, 0x00, 0x7F}; - unsigned char std_randA[SM2_NUMWORD] = {0xD4, 0xDE, 0x15, 0x47, 0x4D, 0xB7, 0x4D, 0x06, 0x49, 0x1C, 0x44, 0x0D, 0x30, 0x5E, 0x01, 0x24, - 0x00, 0x99, 0x0F, 0x3E, 0x39, 0x0C, 0x7E, 0x87, 0x15, 0x3C, 0x12, 0xDB, 0x2E, 0xA6, 0x0B, 0xB3}; - unsigned char std_priKeyB[SM2_NUMWORD] = {0x78, 0x51, 0x29, 0x91, 0x7D, 0x45, 0xA9, 0xEA, 0x54, 0x37, 0xA5, 0x93, 0x56, 0xB8, 0x23, 0x38, - 0xEA, 0xAD, 0xDA, 0x6C, 0xEB, 0x19, 0x90, 0x88, 0xF1, 0x4A, 0xE1, 0x0D, 0xEF, 0xA2, 0x29, 0xB5}; - unsigned char std_pubKeyB[SM2_NUMWORD * 2] = {0x6A, 0xE8, 0x48, 0xC5, 0x7C, 0x53, 0xC7, 0xB1, 0xB5, 0xFA, 0x99, 0xEB, 0x22, 0x86, 0xAF, - 0x07, 0x8B, 0xA6, 0x4C, 0x64, 0x59, 0x1B, 0x8B, 0x56, 0x6F, 0x73, 0x57, 0xD5, 0x76, 0xF1, - 0x6D, 0xFB, 0xEE, 0x48, 0x9D, 0x77, 0x16, 0x21, 0xA2, 0x7B, 0x36, 0xC5, 0xC7, 0x99, 0x20, - 0x62, 0xE9, 0xCD, 0x09, 0xA9, 0x26, 0x43, 0x86, 0xF3, 0xFB, 0xEA, 0x54, 0xDF, 0xF6, 0x93, - 0x05, 0x62, 0x1C, 0x4D}; - unsigned char std_randB[SM2_NUMWORD] = {0x7E, 0x07, 0x12, 0x48, 0x14, 0xB3, 0x09, 0x48, 0x91, 0x25, 0xEA, 0xED, 0x10, 0x11, 0x13, 0x16, - 0x4E, 0xBF, 0x0F, 0x34, 0x58, 0xC5, 0xBD, 0x88, 0x33, 0x5C, 0x1F, 0x9D, 0x59, 0x62, 0x43, 0xD6}; - unsigned char std_IDA[16] = {0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38}; - unsigned char std_IDB[16] = {0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38}; - unsigned short int std_ENTLA = 0x0080; - unsigned short int std_ENTLB = 0x0080; - unsigned char std_ZA[SM3_len] = {0x3B, 0x85, 0xA5, 0x71, 0x79, 0xE1, 0x1E, 0x7E, 0x51, 0x3A, 0xA6, 0x22, 0x99, 0x1F, 0x2C, - 0xA7, 0x4D, 0x18, 0x07, 0xA0, 0xBD, 0x4D, 0x4B, 0x38, 0xF9, 0x09, 0x87, 0xA1, 0x7A, 0xC2, - 0x45, 0xB1}; - unsigned char std_ZB[SM3_len] = {0x79, 0xC9, 0x88, 0xD6, 0x32, 0x29, 0xD9, 0x7E, 0xF1, 0x9F, 0xE0, 0x2C, 0xA1, 0x05, 0x6E, - 0x01, 0xE6, 0xA7, 0x41, 0x1E, 0xD2, 0x46, 0x94, 0xAA, 0x8F, 0x83, 0x4F, 0x4A, 0x4A, 0xB0, - 0x22, 0xF7}; - unsigned char std_RA[SM2_NUMWORD * 2] = {0x64, 0xCE, 0xD1, 0xBD, 0xBC, 0x99, 0xD5, 0x90, 0x04, 0x9B, 0x43, 0x4D, 0x0F, 0xD7, 0x34, 0x28, - 0xCF, 0x60, 0x8A, 0x5D, 0xB8, 0xFE, 0x5C, 0xE0, 0x7F, 0x15, 0x02, 0x69, 0x40, 0xBA, 0xE4, 0x0E, - 0x37, 0x66, 0x29, 0xC7, 0xAB, 0x21, 0xE7, 0xDB, 0x26, 0x09, 0x22, 0x49, 0x9D, 0xDB, 0x11, 0x8F, - 0x07, 0xCE, 0x8E, 0xAA, 0xE3, 0xE7, 0x72, 0x0A, 0xFE, 0xF6, 0xA5, 0xCC, 0x06, 0x20, 0x70, 0xC0}; - unsigned char std_K[16] = {0x6C, 0x89, 0x34, 0x73, 0x54, 0xDE, 0x24, 0x84, 0xC6, 0x0B, 0x4A, 0xB1, 0xFD, 0xE4, 0xC6, 0xE5}; - unsigned char std_RB[SM2_NUMWORD * 2] = {0xAC, 0xC2, 0x76, 0x88, 0xA6, 0xF7, 0xB7, 0x06, 0x09, 0x8B, 0xC9, 0x1F, 0xF3, 0xAD, 0x1B, 0xFF, - 0x7D, 0xC2, 0x80, 0x2C, 0xDB, 0x14, 0xCC, 0xCC, 0xDB, 0x0A, 0x90, 0x47, 0x1F, 0x9B, 0xD7, 0x07, - 0x2F, 0xED, 0xAC, 0x04, 0x94, 0xB2, 0xFF, 0xC4, 0xD6, 0x85, 0x38, 0x76, 0xC7, 0x9B, 0x8F, 0x30, - 0x1C, 0x65, 0x73, 0xAD, 0x0A, 0xA5, 0x0F, 0x39, 0xFC, 0x87, 0x18, 0x1E, 0x1A, 0x1B, 0x46, 0xFE}; - unsigned char std_SB[SM3_len] = {0xD3, 0xA0, 0xFE, 0x15, 0xDE, 0xE1, 0x85, 0xCE, 0xAE, 0x90, 0x7A, 0x6B, 0x59, 0x5C, 0xC3, - 0x2A, 0x26, 0x6E, 0xD7, 0xB3, 0x36, 0x7E, 0x99, 0x83, 0xA8, 0x96, 0xDC, 0x32, 0xFA, 0x20, - 0xF8, 0xEB}; - int std_Klen = 128; //bit len - int temp; - - big x, y, dA, dB, rA, rB; - epoint* pubKeyA, *pubKeyB, *RA, *RB, *V; - - unsigned char hash[SM3_len / 8] = {0}; - unsigned char ZA[SM3_len / 8] = {0}; - unsigned char ZB[SM3_len / 8] = {0}; - unsigned char xy[SM2_NUMWORD * 2] = {0}; - unsigned char *KA, *KB; - unsigned char SA[SM3_len / 8]; - - KA = malloc(std_Klen / 8); - KB = malloc(std_Klen / 8); - - mip = mirsys(1000, 16); - mip->IOBASE = 16; - - x = mirvar(0); - y = mirvar(0); - dA = mirvar(0); - dB = mirvar(0); - rA = mirvar(0); - rB = mirvar(0); - pubKeyA = epoint_init(); - pubKeyB = epoint_init(); - RA = epoint_init(); - RB = epoint_init(); - V = epoint_init(); - - SM2_standard_init(); - - bytes_to_big(SM2_NUMWORD, std_priKeyA, dA); - bytes_to_big(SM2_NUMWORD, std_priKeyB, dB); - bytes_to_big(SM2_NUMWORD, std_randA, rA); - bytes_to_big(SM2_NUMWORD, std_randB, rB); - bytes_to_big(SM2_NUMWORD, std_pubKeyA, x); - bytes_to_big(SM2_NUMWORD, std_pubKeyA + SM2_NUMWORD, y); - epoint_set(x, y, 0, pubKeyA); - bytes_to_big(SM2_NUMWORD, std_pubKeyB, x); - bytes_to_big(SM2_NUMWORD, std_pubKeyB + SM2_NUMWORD, y); - epoint_set(x, y, 0, pubKeyB); - - SM3_z(std_IDA, std_ENTLA, pubKeyA, ZA); - if (memcmp(ZA, std_ZA, SM3_len / 8) != 0) - return ERR_SELFTEST_Z; - SM3_z(std_IDB, std_ENTLB, pubKeyB, ZB); - if (memcmp(ZB, std_ZB, SM3_len / 8) != 0) - return ERR_SELFTEST_Z; - - temp = SM2_standard_keyex_init_i(rA, RA); - if (temp) - return temp; - - epoint_get(RA, x, y); - big_to_bytes(SM2_NUMWORD, x, xy, 1); - big_to_bytes(SM2_NUMWORD, y, xy + SM2_NUMWORD, 1); - if (memcmp(xy, std_RA, SM2_NUMWORD * 2) != 0) - return ERR_SELFTEST_INI_I; - - temp = SM2_standard_keyex_re_i(rB, dB, RA, pubKeyA, ZA, ZB, KA, std_Klen, RB, V, hash); - if (temp) - return temp; - if (memcmp(KA, std_K, std_Klen / 8) != 0) - return ERR_SELFTEST_RES_I; - - temp = SM2_standard_keyex_init_ii(rA, dA, RA, RB, pubKeyB, ZA, ZB, hash, KB, std_Klen, SA); - if (temp) - return temp; - if (memcmp(KB, std_K, std_Klen / 8) != 0) - return ERR_SELFTEST_INI_II; - - if (SM2_standard_keyex_re_ii(V, RA, RB, ZA, ZB, SA) != 0) - return ERR_EQUAL_S2SA; - - free(KA); - free(KB); - return 0; -} diff --git a/engines/sm_standard/sm2/sm2_standard_sign.c b/engines/sm_standard/sm2/sm2_standard_sign.c deleted file mode 100644 index 8c9dd134..00000000 --- a/engines/sm_standard/sm2/sm2_standard_sign.c +++ /dev/null @@ -1,333 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include "mirdef.h" -#include "miracl.h" -#include "sm2_standard.h" - - - -/* test if the big x is zero */ -int Test_Zero(big x) -{ - big zero; - zero = mirvar(0); - if (mr_compare(x, zero) == 0) - return 1; - else - return 0; -} - - -/* test if the big x is order n */ -int Test_n(big x) -{ - //bytes_to_big(32, SM2_n, n); - if (mr_compare(x, para_n) == 0) - return 1; - else - return 0; -} - - - -/* calculate a pubKey out of a given priKey */ -int SM2_standard_sign_keygeneration(unsigned char PriKey[], unsigned char Px[], unsigned char Py[]) -{ - int i = 0; - big d, PAx, PAy; - epoint *PA; - - SM2_standard_init(); - PA = epoint_init(); - - d = mirvar(0); - PAx = mirvar(0); - PAy = mirvar(0); - - bytes_to_big(SM2_NUMWORD, PriKey, d); - - ecurve_mult(d, G, PA); - epoint_get(PA, PAx, PAy); - - big_to_bytes(SM2_NUMWORD, PAx, Px, TRUE); - big_to_bytes(SM2_NUMWORD, PAy, Py, TRUE); - i = Test_PubKey(PA); - if (i) - return i; - else - return 0; -} - - -/* SM2 signature algorithm */ -int SM2_standard_sign(unsigned char *message, int len, unsigned char ZA[], unsigned char rand[], unsigned char d[], unsigned char R[], unsigned char S[]) -{ - unsigned char hash[SM3_len / 8]; - int M_len = len + SM3_len / 8; - unsigned char *M = NULL; - int i; - - big dA, r, s, e, k, KGx, KGy; - big rem, rk, z1, z2; - epoint *KG; - - i = SM2_standard_init(); - if (i) - return i; - //initiate - dA = mirvar(0); - e = mirvar(0); - k = mirvar(0); - KGx = mirvar(0); - KGy = mirvar(0); - r = mirvar(0); - s = mirvar(0); - rem = mirvar(0); - rk = mirvar(0); - z1 = mirvar(0); - z2 = mirvar(0); - - bytes_to_big(SM2_NUMWORD, d, dA); //cinstr(dA, d); - - KG = epoint_init(); - - //step1, set M = ZA || M - M = (char *)malloc(sizeof(char)*(M_len + 1)); - memcpy(M, ZA, SM3_len / 8); - memcpy(M + SM3_len / 8, message, len); - - //step2, generate e = H(M) - SM3_256(M, M_len, hash); - bytes_to_big(SM3_len / 8, hash, e); - - //step3:generate k - bytes_to_big(SM3_len / 8, rand, k); - - //step4:calculate kG - ecurve_mult(k, G, KG); - - //step5:calculate r - epoint_get(KG, KGx, KGy); - add(e, KGx, r); - divide(r, para_n, rem); - - //judge r = 0 or n + k = n? - add(r, k, rk); - if (Test_Zero(r) | Test_n(rk)) - return ERR_GENERATE_R; - - //step6:generate s - incr(dA, 1, z1); - xgcd(z1, para_n, z1, z1, z1); - multiply(r, dA, z2); - divide(z2, para_n, rem); - subtract(k, z2, z2); - add(z2, para_n, z2); - multiply(z1, z2, s); - divide(s, para_n, rem); - - //judge s = 0? - if (Test_Zero(s)) - return ERR_GENERATE_S ; - - big_to_bytes(SM2_NUMWORD, r, R, TRUE); - big_to_bytes(SM2_NUMWORD, s, S, TRUE); - - free(M); - return 0; -} - - -/* SM2 verification algorithm */ -int SM2_standard_verify(unsigned char *message, int len, unsigned char ZA[], unsigned char Px[], unsigned char Py[], unsigned char R[], unsigned char S[]) -{ - unsigned char hash[SM3_len / 8]; - int M_len = len + SM3_len / 8; - unsigned char *M = NULL; - int i; - - big PAx, PAy, r, s, e, t, rem, x1, y1; - big RR; - epoint *PA, *sG, *tPA; - - i = SM2_standard_init(); - if (i) - return i; - - PAx = mirvar(0); - PAy = mirvar(0); - r = mirvar(0); - s = mirvar(0); - e = mirvar(0); - t = mirvar(0); - x1 = mirvar(0); - y1 = mirvar(0); - rem = mirvar(0); - RR = mirvar(0); - - PA = epoint_init(); - sG = epoint_init(); - tPA = epoint_init(); - - bytes_to_big(SM2_NUMWORD, Px, PAx); - bytes_to_big(SM2_NUMWORD, Py, PAy); - - bytes_to_big(SM2_NUMWORD, R, r); - bytes_to_big(SM2_NUMWORD, S, s); - - if (!epoint_set(PAx, PAy, 0, PA)) //initialise public key - { - return ERR_PUBKEY_INIT; - } - - //step1: test if r belong to [1, n-1] - if (Test_Range(r)) - return ERR_OUTRANGE_R; - - //step2: test if s belong to [1, n-1] - if (Test_Range(s)) - return ERR_OUTRANGE_S; - - //step3, generate M - M = (char *)malloc(sizeof(char)*(M_len + 1)); - memcpy(M, ZA, SM3_len / 8); - memcpy(M + SM3_len / 8, message, len); - - //step4, generate e = H(M) - SM3_256(M, M_len, hash); - bytes_to_big(SM3_len / 8, hash, e); - - //step5:generate t - add(r, s, t); - divide(t, para_n, rem); - - if (Test_Zero(t)) - return ERR_GENERATE_T; - - //step 6: generate(x1, y1) - ecurve_mult(s, G, sG); - ecurve_mult(t, PA, tPA); - ecurve_add(sG, tPA); - epoint_get(tPA, x1, y1); - - //step7:generate RR - add(e, x1, RR); - divide(RR, para_n, rem); - - free(M); - if (mr_compare(RR, r) == 0) - return 0; - else - return ERR_DATA_MEMCMP; -} - - -/* SM2 self check */ -int SM2_standard_selfcheck() -{ - //the private key - unsigned char dA[32] = {0x39, 0x45, 0x20, 0x8f, 0x7b, 0x21, 0x44, 0xb1, 0x3f, 0x36, 0xe3, 0x8a, 0xc6, 0xd3, 0x9f, - 0x95, 0x88, 0x93, 0x93, 0x69, 0x28, 0x60, 0xb5, 0x1a, 0x42, 0xfb, 0x81, 0xef, 0x4d, 0xf7, - 0xc5, 0xb8}; - unsigned char rand[32] = {0x59, 0x27, 0x6E, 0x27, 0xD5, 0x06, 0x86, 0x1A, 0x16, 0x68, 0x0F, 0x3A, 0xD9, 0xC0, 0x2D, - 0xCC, 0xEF, 0x3C, 0xC1, 0xFA, 0x3C, 0xDB, 0xE4, 0xCE, 0x6D, 0x54, 0xB8, 0x0D, 0xEA, 0xC1, - 0xBC, 0x21}; - //the public key - /* unsigned char xA[32] = {0x09, 0xf9, 0xdf, 0x31, 0x1e, 0x54, 0x21, 0xa1, 0x50, 0xdd, 0x7d, 0x16, 0x1e, 0x4b, 0xc5, - 0xc6, 0x72, 0x17, 0x9f, 0xad, 0x18, 0x33, 0xfc, 0x07, 0x6b, 0xb0, 0x8f, 0xf3, 0x56, 0xf3, - 0x50, 0x20}; - unsigned char yA[32] = {0xcc, 0xea, 0x49, 0x0c, 0xe2, 0x67, 0x75, 0xa5, 0x2d, 0xc6, 0xea, 0x71, 0x8c, 0xc1, 0xaa, - 0x60, 0x0a, 0xed, 0x05, 0xfb, 0xf3, 0x5e, 0x08, 0x4a, 0x66, 0x32, 0xf6, 0x07, 0x2d, 0xa9, - 0xad, 0x13};*/ - - unsigned char xA[32], yA[32]; - unsigned char r[32], s[32]; // Signature - - unsigned char IDA[16] = {0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, 0x38}; //ASCII code of userA's identification - int IDA_len = 16; - unsigned char ENTLA[2] = {0x00, 0x80}; //the length of userA's identification, presentation in ASCII code - - unsigned char *message = "message digest"; //the message to be signed - int len = strlen(message); //the length of message - unsigned char ZA[SM3_len / 8]; //ZA = Hash(ENTLA || IDA || a || b || Gx || Gy || xA|| yA) - unsigned char Msg[210]; //210 = IDA_len + 2 + SM2_NUMWORD * 6 - - int temp; - - mip = mirsys(10000, 16); - mip->IOBASE = 16; - - temp = SM2_standard_sign_keygeneration(dA, xA, yA); - if (temp) - return temp; - - //ENTLA || IDA || a || b || Gx || Gy || xA || yA - memcpy(Msg, ENTLA, 2); - memcpy(Msg + 2, IDA, IDA_len); - memcpy(Msg + 2 + IDA_len, SM2_a, SM2_NUMWORD); - memcpy(Msg + 2 + IDA_len + SM2_NUMWORD, SM2_b, SM2_NUMWORD); - memcpy(Msg + 2 + IDA_len + SM2_NUMWORD * 2, SM2_Gx, SM2_NUMWORD); - memcpy(Msg + 2 + IDA_len + SM2_NUMWORD * 3, SM2_Gy, SM2_NUMWORD); - memcpy(Msg + 2 + IDA_len + SM2_NUMWORD * 4, xA, SM2_NUMWORD); - memcpy(Msg + 2 + IDA_len + SM2_NUMWORD * 5, yA, SM2_NUMWORD); - SM3_256(Msg, 210, ZA); - - temp = SM2_standard_sign(message, len, ZA, rand, dA, r, s); - if (temp) - return temp; - - temp = SM2_standard_verify(message, len, ZA, xA, yA, r, s); - if (temp) - return temp; - - return 0; -} diff --git a/engines/sm_standard/sm3/sm3_standard.c b/engines/sm_standard/sm3/sm3_standard.c deleted file mode 100644 index 85dc063e..00000000 --- a/engines/sm_standard/sm3/sm3_standard.c +++ /dev/null @@ -1,368 +0,0 @@ -#include "sm3_standard.h" - - -/**************************************************************** -Function: BiToW -Description: calculate W from Bi -Calls: -Called By: SM3_compress -Input: Bi[16] //a block of a message -Output: W[64] -Return: null -Others: -****************************************************************/ -void BiToW(unsigned int Bi[], unsigned int W[]) -{ - int i; - unsigned int tmp; - - for (i = 0; i <= 15; i++) - { - W[i] = Bi[i]; - } - for (i = 16; i <= 67; i++) - { - tmp = W[i - 16] - ^ W[i - 9] - ^ SM3_rotl32(W[i - 3], 15); - W[i] = SM3_p1(tmp) - ^ (SM3_rotl32(W[i - 13], 7)) - ^ W[i - 6]; - } -} - - -/***************************************************************** -Function: WToW1 -Description: calculate W1 from W -Calls: -Called By: SM3_compress -Input: W[64] -Output: W1[64] -Return: null -Others: -*****************************************************************/ -void WToW1(unsigned int W[], unsigned int W1[]) -{ - int i; - for (i = 0; i <= 63; i++) - { - W1[i] = W[i] ^ W[i + 4]; - } -} - - -/****************************************************************** -Function: CF -Description: calculate the CF compress function and update V -Calls: -Called By: SM3_compress -Input: W[64] -W1[64] -V[8] -Output: V[8] -Return: null -Others: -********************************************************************/ -void CF(unsigned int W[], unsigned int W1[], unsigned int V[]) -{ - unsigned int SS1; - unsigned int SS2; - unsigned int TT1; - unsigned int TT2; - unsigned int A, B, C, D, E, F, G, H; - unsigned int T = SM3_T1; - unsigned int FF; - unsigned int GG; - int j; - - //reg init,set ABCDEFGH=V0 - A = V[0]; - B = V[1]; - C = V[2]; - D = V[3]; - E = V[4]; - F = V[5]; - G = V[6]; - H = V[7]; - - for (j = 0; j <= 63; j++) - { - //SS1 - if (j == 0) - { - T = SM3_T1; - } - else if (j == 16) - { - T = SM3_rotl32(SM3_T2, 16); - } - else - { - T = SM3_rotl32(T, 1); - } - SS1 = SM3_rotl32((SM3_rotl32(A, 12) + E + T), 7); - - //SS2 - SS2 = SS1^SM3_rotl32(A, 12); - - //TT1 - if (j <= 15) - { - FF = SM3_ff0(A, B, C); - } - - else - { - FF = SM3_ff1(A, B, C); - } - TT1 = FF + D + SS2 + *W1; - W1++; - - //TT2 - if (j <= 15) - { - GG = SM3_gg0(E, F, G); - } - else - { - GG = SM3_gg1(E, F, G); - } - TT2 = GG + H + SS1 + *W; - W++; - - //D - D = C; - - //C - C = SM3_rotl32(B, 9); - - //B - B = A; - - //A - A = TT1; - - //H - H = G; - - - //G - G = SM3_rotl32(F, 19); - - //F - F = E; - - //E - E = SM3_p0(TT2); - } - - //update V - V[0] = A^V[0]; - V[1] = B^V[1]; - V[2] = C^V[2]; - V[3] = D^V[3]; - V[4] = E^V[4]; - V[5] = F^V[5]; - V[6] = G^V[6]; - V[7] = H^V[7]; -} - - -/****************************************************************************** -Function: BigEndian -Description: U32 endian converse.GM/T 0004-2012 requires to use big-endian. -if CPU uses little-endian, BigEndian function is a necessary -call to change the little-endian format into big-endian format. -Calls: -Called By: SM3_compress, SM3_done -Input: src[bytelen] -bytelen -Output: des[bytelen] -Return: null -Others: src and des could implies the same address -*******************************************************************************/ -void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]) -{ - unsigned char tmp = 0; - unsigned int i = 0; - - for (i = 0; icurlen = md->length = 0; - md->state[0] = SM3_IVA; - md->state[1] = SM3_IVB; - md->state[2] = SM3_IVC; - md->state[3] = SM3_IVD; - md->state[4] = SM3_IVE; - md->state[5] = SM3_IVF; - md->state[6] = SM3_IVG; - md->state[7] = SM3_IVH; -} - - -/****************************************************************************** -Function: SM3_compress -Description: compress a single block of message -Calls: BigEndian -BiToW -WToW1 -CF -Called By: SM3_256 -Input: SM3_STATE *md -Output: SM3_STATE *md -Return: null -Others: -*******************************************************************************/ -void SM3_compress(SM3_STATE * md) -{ - unsigned int W[68]; - unsigned int W1[64]; - - //if CPU uses little-endian, BigEndian function is a necessary call - BigEndian(md->buf, 64, md->buf); - - BiToW((unsigned int *)md->buf, W); - WToW1(W, W1); - CF(W, W1, md->state); -} - - -/****************************************************************************** -Function: SM3_process -Description: compress the first (len/64) blocks of message -Calls: SM3_compress -Called By: SM3_256 -Input: SM3_STATE *md -unsigned char buf[len] //the input message -int len //bytelen of message -Output: SM3_STATE *md -Return: null -Others: -*******************************************************************************/ -void SM3_process(SM3_STATE * md, unsigned char *buf, int len) -{ - while (len--) - { - /* copy byte */ - md->buf[md->curlen] = *buf++; - md->curlen++; - - /* is 64 bytes full? */ - if (md->curlen == 64) - { - SM3_compress(md); - md->length += 512; - md->curlen = 0; - } - } -} - - -/****************************************************************************** -Function: SM3_done -Description: compress the rest message that the SM3_process has left behind -Calls: SM3_compress -Called By: SM3_256 -Input: SM3_STATE *md -Output: unsigned char *hash -Return: null -Others: -*******************************************************************************/ -void SM3_done(SM3_STATE *md, unsigned char hash[]) -{ - int i; - unsigned char tmp = 0; - - /* increase the bit length of the message */ - md->length += md->curlen << 3; - - /* append the '1' bit */ - md->buf[md->curlen] = 0x80; - md->curlen++; - - /* if the length is currently above 56 bytes, appends zeros till - it reaches 64 bytes, compress the current block, creat a new - block by appending zeros and length,and then compress it - */ - if (md->curlen >56) - { - for (; md->curlen < 64;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - SM3_compress(md); - md->curlen = 0; - } - - /* if the length is less than 56 bytes, pad upto 56 bytes of zeroes */ - for (; md->curlen < 56;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - - /* since all messages are under 2^32 bits we mark the top bits zero */ - for (i = 56; i < 60; i++) - { - md->buf[i] = 0; - } - - /* append length */ - md->buf[63] = md->length & 0xff; - md->buf[62] = (md->length >> 8) & 0xff; - md->buf[61] = (md->length >> 16) & 0xff; - md->buf[60] = (md->length >> 24) & 0xff; - - SM3_compress(md); - - /* copy output */ - memcpy(hash, md->state, SM3_len / 8); - BigEndian(hash, SM3_len / 8, hash);//if CPU uses little-endian, BigEndian function is a necessary call -} - - -/****************************************************************************** -Function: SM3_256 -Description: calculate a hash value from a given message -Calls: SM3_init -SM3_process -SM3_done -Called By: -Input: unsigned char buf[len] //the input message -int len //bytelen of the message -Output: unsigned char hash[32] -Return: null -Others: -*******************************************************************************/ -void SM3_256(unsigned char buf[], int len, unsigned char hash[]) -{ - SM3_STATE md; - SM3_init(&md); - SM3_process(&md, buf, len); - SM3_done(&md, hash); -} diff --git a/engines/sm_standard/sm3/sm3_standard.h b/engines/sm_standard/sm3/sm3_standard.h deleted file mode 100644 index 737b028e..00000000 --- a/engines/sm_standard/sm3/sm3_standard.h +++ /dev/null @@ -1,42 +0,0 @@ -#include - -#define SM3_len 256 -#define SM3_T1 0x79CC4519 -#define SM3_T2 0x7A879D8A -#define SM3_IVA 0x7380166f -#define SM3_IVB 0x4914b2b9 -#define SM3_IVC 0x172442d7 -#define SM3_IVD 0xda8a0600 -#define SM3_IVE 0xa96f30bc -#define SM3_IVF 0x163138aa -#define SM3_IVG 0xe38dee4d -#define SM3_IVH 0xb0fb0e4e - -/* Various logical functions */ -#define SM3_p1(x) (x^SM3_rotl32(x,15)^SM3_rotl32(x,23)) -#define SM3_p0(x) (x^SM3_rotl32(x,9)^SM3_rotl32(x,17)) -#define SM3_ff0(a,b,c) (a^b^c) -#define SM3_ff1(a,b,c) ((a&b)|(a&c)|(b&c)) -#define SM3_gg0(e,f,g) (e^f^g) -#define SM3_gg1(e,f,g) ((e&f)|((~e)&g)) -#define SM3_rotl32(x,n) ((((unsigned int) x) << n) | (((unsigned int) x) >> (32 - n))) -#define SM3_rotr32(x,n) ((((unsigned int) x) >> n) | (((unsigned int) x) << (32 - n))) - - -typedef struct { - unsigned int state[8]; - unsigned int length; - unsigned int curlen; - unsigned char buf[64]; -} SM3_STATE; - - -void BiToWj(unsigned int Bi[], unsigned int Wj[]); -void WjToWj1(unsigned int Wj[], unsigned int Wj1[]); -void CF(unsigned int Wj[], unsigned int Wj1[], unsigned int V[]); -void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]); -void SM3_init(SM3_STATE *md); -void SM3_compress(SM3_STATE * md); -void SM3_process(SM3_STATE * md, unsigned char buf[], int len); -void SM3_done(SM3_STATE *md, unsigned char *hash); -void SM3_256(unsigned char buf[], int len, unsigned char hash[]); diff --git a/engines/sm_standard/sm9/README.md b/engines/sm_standard/sm9/README.md deleted file mode 100644 index 7b2bbab9..00000000 --- a/engines/sm_standard/sm9/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# About SM standard implementation - -This is only a standard implementation of the SM. - -In the standard implementation, it uses the **MIRACL** library. **MIRACL** (Multiprecision Integer and Rational Arithmetic Crytographic Library) is a C software library. See also [About the MIRACL Crypto SDK](https://libraries.docs.miracl.com/miracl-user-manual/about). - -Also, you can download the source code in the Github. Here is a reference link. [Github MIRACL](https://github.com/miracl/MIRACL). - -What's more, when you want test it and compile locally, you need add *-lm* option to solve some math functions problems like *ceil* in the code. \ No newline at end of file diff --git a/engines/sm_standard/sm9/kdf_standard.h b/engines/sm_standard/sm9/kdf_standard.h deleted file mode 100644 index 508226fd..00000000 --- a/engines/sm_standard/sm9/kdf_standard.h +++ /dev/null @@ -1,406 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - - -#ifndef HEADER_KDF_STANDARD_H -#define HEADER_KDF_STANDARD_H - -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -#define SM3_len 256 -#define SM3_T1 0x79CC4519 -#define SM3_T2 0x7A879D8A -#define SM3_IVA 0x7380166f -#define SM3_IVB 0x4914b2b9 -#define SM3_IVC 0x172442d7 -#define SM3_IVD 0xda8a0600 -#define SM3_IVE 0xa96f30bc -#define SM3_IVF 0x163138aa -#define SM3_IVG 0xe38dee4d -#define SM3_IVH 0xb0fb0e4e - -#define SM2_WORDSIZE 8 -#define SM2_NUMBITS 256 -#define SM2_NUMWORD (SM2_NUMBITS / SM2_WORDSIZE) //32 - -/* Various logical functions */ -#define SM3_p1(x) (x ^ SM3_rotl32(x, 15) ^ SM3_rotl32(x, 23)) -#define SM3_p0(x) (x ^ SM3_rotl32(x, 9) ^ SM3_rotl32(x, 17)) -#define SM3_ff0(a, b, c) (a ^ b ^ c) -#define SM3_ff1(a, b, c) ((a & b) | (a & c) | (b & c)) -#define SM3_gg0(e, f, g) (e ^ f ^ g) -#define SM3_gg1(e, f, g) ((e & f) | ((~e) & g)) -#define SM3_rotl32(x, n) (((x) << n) | ((x) >> (32 - n))) -#define SM3_rotr32(x, n) (((x) >> n) | ((x) << (32 - n))) - - -typedef struct { - unsigned long state[8]; - unsigned long length; - unsigned long curlen; - unsigned char buf[64]; -} SM3_STATE; - - -static void BiToW(unsigned long Bi[], unsigned long W[]); -static void WToW1(unsigned long W[], unsigned long W1[]); -static void CF(unsigned long W[], unsigned long W1[], unsigned long V[]); -static void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]); -static void SM3_init(SM3_STATE *md); -static void SM3_compress(SM3_STATE *md); -static void SM3_process(SM3_STATE *md, unsigned char *buf, int len); -static void SM3_done(SM3_STATE *md, unsigned char hash[]); -static void SM3_256(unsigned char buf[], int len, unsigned char hash[]); -static void SM3_kdf(unsigned char Z[], unsigned short zlen, unsigned short klen, unsigned char K[]); - - -/* calculate W from Bi */ -static void BiToW(unsigned long Bi[], unsigned long W[]) -{ - int i; - unsigned long tmp; - - for(i = 0; i <= 15; i++) - { - W[i] = Bi[i]; - } - for(i = 16;i <= 67; i++) - { - tmp = W[i - 16] ^ W[i - 9] ^ SM3_rotl32(W[i - 3], 15); - W[i] = SM3_p1(tmp) ^ (SM3_rotl32(W[i - 13], 7)) ^ W[i - 6]; - } -} - - -/* calculate W1 from W */ -static void WToW1(unsigned long W[], unsigned long W1[]) -{ - int i; - for(i = 0; i <= 63; i++) - { - W1[i] = W[i] ^ W[i + 4]; - } -} - - -/* calculate the CF compress function and update V */ -static void CF(unsigned long W[], unsigned long W1[], unsigned long V[]) -{ - unsigned long SS1; - unsigned long SS2; - unsigned long TT1; - unsigned long TT2; - unsigned long A, B, C, D, E, F, G, H; - unsigned long T = SM3_T1; - unsigned long FF; - unsigned long GG; - int j; - - //reg init, set ABCDEFGH = V0 - A = V[0]; - B = V[1]; - C = V[2]; - D = V[3]; - E = V[4]; - F = V[5]; - G = V[6]; - H = V[7]; - - for (j = 0; j <= 63; j++) - { - //SS1 - if (j == 0) - { - T = SM3_T1; - } - else if (j == 16) - { - T = SM3_rotl32(SM3_T2, 16); - } - else - { - T = SM3_rotl32(T, 1); - } - SS1 = SM3_rotl32((SM3_rotl32(A, 12) + E + T), 7); - - //SS2 - SS2 = SS1 ^ SM3_rotl32(A, 12); - - //TT1 - if (j <= 15) - { - FF = SM3_ff0(A, B, C); - } - else - { - FF = SM3_ff1(A, B, C); - } - TT1 = FF + D + SS2 + *W1; - W1++; - - //TT2 - if (j <= 15) - { - GG = SM3_gg0(E, F, G); - } - else - { - GG = SM3_gg1(E, F, G); - } - TT2 = GG + H + SS1 + *W; - W++; - - //D - D = C; - - //C - C = SM3_rotl32(B, 9); - - //B - B = A; - - //A - A = TT1; - - //H - H = G; - - //G - G = SM3_rotl32(F, 19); - - //F - F = E; - - //E - E = SM3_p0(TT2); - } - - //update V - V[0] = A ^ V[0]; - V[1] = B ^ V[1]; - V[2] = C ^ V[2]; - V[3] = D ^ V[3]; - V[4] = E ^ V[4]; - V[5] = F ^ V[5]; - V[6] = G ^ V[6]; - V[7] = H ^ V[7]; -} - - -/* unsigned int endian converse. GM/T 0004-2012 requires to use big-endian. - * if CPu uses little-endian, BigEndian function is a necessary - * call to change the little-endian format into big-endian format. - */ -static void BigEndian(unsigned char src[], unsigned int bytelen, unsigned char des[]) -{ - unsigned char tmp = 0; - unsigned long i = 0; - for (i = 0; i < bytelen / 4; i++) - { - tmp = des[4 * i]; - des[4 * i] = src[4 * i + 3]; - src[4 * i + 3] = tmp; - - tmp = des[4 * i + 1]; - des[4 * i + 1] = src[4 * i + 2]; - des[4 * i + 2] = tmp; - } -} - - -/* initiate SM3 state */ -static void SM3_init(SM3_STATE *md) -{ - md->curlen = md->length = 0; - md->state[0] = SM3_IVA; - md->state[1] = SM3_IVB; - md->state[2] = SM3_IVC; - md->state[3] = SM3_IVD; - md->state[4] = SM3_IVE; - md->state[5] = SM3_IVF; - md->state[6] = SM3_IVG; - md->state[7] = SM3_IVH; -} - - -/* compress a single a block of message */ -static void SM3_compress(SM3_STATE *md) -{ - unsigned long W[68]; - unsigned long W1[64]; - - //if CPU uses little-endian, BigEndian function is a necessary call - BigEndian(md->buf, 64, md->buf); - BiToW((unsigned long *)md->buf, W); - WToW1(W, W1); - CF(W, W1, md->state); -} - - -/* compress the first(len/64) blocks of message */ -static void SM3_process(SM3_STATE *md, unsigned char *buf, int len) -{ - while (len--) - { - /* copy byte */ - md->buf[md->curlen] = *buf++; - md->curlen++; - - /* is 64 bytes full? */ - if (md->curlen == 64) - { - SM3_compress(md); - md->length += 512; - md->curlen = 0; - } - } -} - - -/* compress the rest message that the SM3_process has left behind */ -static void SM3_done(SM3_STATE *md, unsigned char hash[]) -{ - int i; - unsigned char tmp = 0; - - /* increase the bit length of the message */ - md->length += md->curlen << 3; - - /* append the '1' bit */ - md->buf[md->curlen] = 0x80; - md->curlen++; - - /* if the length is currently above 56 bytes, appends zeros till - it reaches 64 bytes, compress the current block, creat a new - block by appending zeros and length,and then compress it - */ - if (md->curlen > 56) - { - for (; md->curlen < 64;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - SM3_compress(md); - md->curlen = 0; - } - - /* if the length is less than 56 bytes, pad upto 56 bytes of zeroes */ - for (; md->curlen < 56;) - { - md->buf[md->curlen] = 0; - md->curlen++; - } - - /* since all messages are under 2^32 bits we mark the top bits zero */ - for (i = 56; i < 60; i++) - { - md->buf[i] = 0; - } - - /* append length */ - md->buf[63] = md->length & 0xff; - md->buf[62] = (md->length >> 8) & 0xff; - md->buf[61] = (md->length >> 16) & 0xff; - md->buf[60] = (md->length >> 24) & 0xff; - - SM3_compress(md); - - /* copy output */ - memcpy(hash, md->state, SM3_len / 8); - BigEndian(hash, SM3_len / 8, hash); //if CPU uses little-endian, BigEndian function is a necessary call -} - - -/* calculate a hash value from a given message */ -static void SM3_256(unsigned char buf[], int len, unsigned char hash[]) -{ - SM3_STATE md; - SM3_init(&md); - SM3_process(&md, buf, len); - SM3_done(&md, hash); -} - - -/* key derivation function */ -static void SM3_kdf(unsigned char Z[], unsigned short zlen, unsigned short klen, unsigned char K[]) -{ - unsigned short i, j, t; - unsigned int bitklen; - SM3_STATE md; - unsigned char Ha[SM2_NUMWORD]; - unsigned char ct[4] = {0, 0, 0, 1}; - - bitklen = klen * 8; - - if (bitklen % SM2_NUMBITS) - t = bitklen / SM2_NUMBITS + 1; - else - t = bitklen / SM2_NUMBITS; - - //s4: K = Ha1 || Ha2 || ... - for (i = 1; i < t; i++) - { - //s2: Hai = Hv(Z || ct) - SM3_init(&md); - SM3_process(&md, Z, zlen); - SM3_process(&md, ct, 4); - SM3_done(&md, Ha); - memcpy((K + SM2_NUMWORD * (i - 1)), Ha, SM2_NUMWORD); - - if (ct[3] == 0xff) - { - ct[3] = 0; - if (ct[2] == 0xff) - { - ct[2] = 0; - if (ct[1] == 0xff) - { - ct[1] = 0; - ct[0]++; - } - else - ct[1]++; - } - else - ct[2]++; - } - else - ct[3]++; - } - - //s3 - SM3_init(&md); - SM3_process(&md, Z, zlen); - SM3_process(&md, ct, 4); - SM3_done(&md, Ha); - - if(bitklen % SM2_NUMBITS) - { - i = (SM2_NUMBITS - bitklen + SM2_NUMBITS * (bitklen / SM2_NUMBITS)) / 8; - j = (bitklen - SM2_NUMBITS * (bitklen / SM2_NUMBITS)) / 8; - memcpy((K + SM2_NUMWORD * (t - 1)), Ha, j); - } - else - { - memcpy((K + SM2_NUMWORD * (t - 1)), Ha, SM2_NUMWORD); - } -} - - -#ifdef __cplusplus -} -# endif -#endif diff --git a/engines/sm_standard/sm9/r-ate.h b/engines/sm_standard/sm9/r-ate.h deleted file mode 100644 index 06c06e18..00000000 --- a/engines/sm_standard/sm9/r-ate.h +++ /dev/null @@ -1,517 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#ifndef HEADER_R_ATE_H -#define HEADER_R_ATE_H - - -#include "zzn12_operation.h" - - -#ifdef __cplusplus -extern "C"{ -#endif - - -static zzn2 zzn2_pow(zzn2 x, big k) -{ - int i, j, nb, n, nbw, nzs; - big zero; - zzn2 res, u2, t[16]; - - zero = mirvar(0); - - res.a = mirvar(0); - res.b = mirvar(0); - - u2.a = mirvar(0); - u2.b = mirvar(0); - - if(zzn2_iszero(&x)) - { - zzn2_zero(&res); - return res; - } - if(size(k) == 0) - { - zzn2_from_int(1, &res); - return res; - } - if(size(k) == 1) - return x; - - // Prepare table for windowing - zzn2_mul(&x, &x, &u2); - t[0].a = mirvar(0); - t[0].b = mirvar(0); - zzn2_copy(&x, &t[0]); - for(i = 1; i < 16; i++) - { - t[i].a = mirvar(0); - t[i].b = mirvar(0); - zzn2_mul(&t[i - 1], &u2, &t[i]); - } - - // Left to right method - with windows - zzn2_copy(&x, &res); - nb = logb2(k); - if(nb > 1) - for(i = nb - 2; i >= 0;) - { - //Note new parameter of window_size=5. Default to 5, but reduce to 4 (or even 3) to save RAM - n = mr_window(k, i, &nbw, &nzs, 5); - for(j = 0; j < nbw; j++) - zzn2_mul(&res, &res, &res); - if(n > 0) - zzn2_mul(&res, &t[n / 2], &res); - i -= nbw; - if(nzs) - { - for(j = 0; j < nzs; j++) - zzn2_mul(&res, &res, &res); - i -= nzs; - } - } - return res; -} - - -static void set_frobenius_constant(zzn2 *X) -{ - big p, zero, one, two; - p = mirvar(0); - zero = mirvar(0); - one = mirvar(0); - two = mirvar(0); - - convert(0, zero); - convert(1, one); - convert(2, two); - - mip = get_mip(); - copy(mip->modulus, p); - - switch(get_mip()->pmod8) - { - case 5: - zzn2_from_bigs(zero, one, X);// = (sqrt(-2)^(p-1)/2 - break; - case 3: - // = (1+sqrt(-1))^(p-1)/2 - zzn2_from_bigs(one, one, X); - break; - case 7: - zzn2_from_bigs(two, one, X);// = (2+sqrt(-1))^(p-1)/2 - default: - break; - } - - decr(p, 1, p); - subdiv(p, 6, p); - - *X = zzn2_pow(*X, p); -} - - -static void q_power_frobenius(ecn2 A, zzn2 F) -{ - // Fast multiplication of A by q (for Trace-Zero group members only) - zzn2 x, y, z, w, r; - x.a = mirvar(0); - x.b = mirvar(0); - - y.a = mirvar(0); - y.b = mirvar(0); - - z.a = mirvar(0); - z.b = mirvar(0); - - w.a = mirvar(0); - w.b = mirvar(0); - - r.a = mirvar(0); - r.b = mirvar(0); - - ecn2_get(&A, &x, &y, &z); - zzn2_copy(&F, &r);//r=F - if(get_mip()->TWIST == MR_SEXTIC_M) - zzn2_inv(&r); // could be precalculated - zzn2_mul(&r, &r, &w);//w=r*r - zzn2_conj(&x, &x); - zzn2_mul(&w, &x, &x); - zzn2_conj(&y, &y); - zzn2_mul(&w, &r, &w); - zzn2_mul(&w, &y, &y); - zzn2_conj(&z, &z); - ecn2_setxyz(&x, &y, &z, &A); -} - - -static zzn12 line(ecn2 A, ecn2 *C, ecn2 *B, zzn2 slope, zzn2 extra, BOOL Doubling, big Qx, big Qy) -{ - zzn12 res; - zzn2 X, Y, Z, Z2, U, QY, CZ; - big QX; - - QX = mirvar(0); - X.a = mirvar(0); - X.b = mirvar(0); - - Y.a = mirvar(0); - Y.b = mirvar(0); - - Z.a = mirvar(0); - Z.b = mirvar(0); - - Z2.a = mirvar(0); - Z2.b = mirvar(0); - - U.a = mirvar(0); - U.b = mirvar(0); - - QY.a = mirvar(0); - QY.b = mirvar(0); - - CZ.a = mirvar(0); - CZ.b = mirvar(0); - zzn12_init(&res); - - ecn2_getz(C, &CZ); - // Thanks to A. Menezes for pointing out this optimization... - if(Doubling) - { - ecn2_get(&A, &X, &Y, &Z); - zzn2_mul(&Z, &Z, &Z2); //Z2=Z*Z - - //X=slope*X-extra - zzn2_mul(&slope, &X, &X); - zzn2_sub(&X, &extra, &X); - - zzn2_mul(&CZ, &Z2, &U); - - //(-(Z*Z*slope)*Qx); - nres(Qx, QX); - zzn2_mul(&Z2, &slope, &Y); - zzn2_smul(&Y, QX, &Y); - zzn2_negate(&Y, &Y); - - if(get_mip()->TWIST == MR_SEXTIC_M) - { - // "multiplied across" by i to simplify - zzn2_from_big(Qy, &QY); - zzn2_txx(&QY); - zzn2_mul(&U, &QY, &QY); - zzn4_from_zzn2s(&QY, &X, &res.a); - zzn2_copy(&Y, &(res.c.b)); - } - if(get_mip()->TWIST == MR_SEXTIC_D) - { - zzn2_smul(&U, Qy, &QY); - zzn4_from_zzn2s(&QY, &X, &res.a); - zzn2_copy(&Y, &(res.b.b)); - } - } - else - { - //slope*X-Y*Z - ecn2_getxy(B, &X, &Y); - zzn2_mul(&slope, &X, &X); - zzn2_mul(&Y, &CZ, &Y); - zzn2_sub(&X, &Y, &X); - - //(-slope*Qx) - nres(Qx, QX); - zzn2_smul(&slope, QX, &Z); - zzn2_negate(&Z, &Z); - - if(get_mip()->TWIST == MR_SEXTIC_M) - { - zzn2_from_big(Qy, &QY); - zzn2_txx(&QY); - zzn2_mul(&CZ, &QY, &QY); - - zzn4_from_zzn2s(&QY, &X, &res.a); - zzn2_copy(&Z, &(res.c.b)); - } - if(get_mip()->TWIST == MR_SEXTIC_D) - { - zzn2_smul(&CZ, Qy, &QY); - zzn4_from_zzn2s(&QY, &X, &res.a); - zzn2_copy(&Z, &(res.b.b)); - } - } - return res; -} - - -static zzn12 g(ecn2 *A, ecn2 *B, big Qx, big Qy) -{ - zzn2 lam, extra; - BOOL Doubling; - ecn2 P; - zzn12 res; - - lam.a = mirvar(0); - lam.b = mirvar(0); - - extra.a = mirvar(0); - extra.b = mirvar(0); - - P.x.a = mirvar(0); - P.x.b = mirvar(0); - - P.y.a = mirvar(0); - P.y.b = mirvar(0); - - P.z.a = mirvar(0); - P.z.b = mirvar(0); - - P.marker = MR_EPOINT_INFINITY; - - zzn12_init(&res); - ecn2_copy(A, &P); - Doubling = ecn2_add2(B, A, &lam, &extra); - if(A->marker == MR_EPOINT_INFINITY) - { - zzn4_from_int(1, &res.a); - res.miller = FALSE; - res.unitary = TRUE; - } - else - res = line(P, A, B, lam, extra, Doubling, Qx, Qy); - return res; -} - - -static BOOL fast_pairing(ecn2 P, big Qx, big Qy, big x, zzn2 X, zzn12 *r) -{ - int i, nb; - big n, zero, negify_x; - ecn2 A, KA; - zzn12 t0, x0, x1, x2, x3, x4, x5, res; - - zero = mirvar(0); - n = mirvar(0); - negify_x = mirvar(0); - - A.x.a = mirvar(0); - A.x.b = mirvar(0); - - A.y.a = mirvar(0); - A.y.b = mirvar(0); - - A.z.a = mirvar(0); - A.z.b = mirvar(0); - A.marker = MR_EPOINT_INFINITY; - - KA.x.a = mirvar(0); - KA.x.b = mirvar(0); - - KA.y.a = mirvar(0); - KA.y.b = mirvar(0); - - KA.z.a = mirvar(0); - KA.z.b = mirvar(0); - KA.marker = MR_EPOINT_INFINITY; - zzn12_init(&t0); - zzn12_init(&x0); - zzn12_init(&x1); - zzn12_init(&x2); - zzn12_init(&x3); - zzn12_init(&x4); - zzn12_init(&x5); - zzn12_init(&res); - - premult(x, 6, n); - incr(n, 2, n);//n=(6*x+2); - if(mr_compare(x, zero) < 0) //x<0 - negify(n, n); //n=-(6*x+2); - - ecn2_copy(&P, &A); - nb = logb2(n); - zzn4_from_int(1, &res.a); - res.unitary = TRUE; //res=1 - // Short Miller loop - res.miller = TRUE; - - for(i = nb - 2; i >= 0; i--) - { - zzn12_mul(res, res, &res); - zzn12_mul(res, g(&A, &A, Qx, Qy), &res); - if(mr_testbit(n, i)) - zzn12_mul(res, g(&A, &P, Qx, Qy), &res); - } - // Combining ideas due to Longa, Aranha et al. and Naehrig - ecn2_copy(&P, &KA); - q_power_frobenius(KA, X); - if(mr_compare(x, zero) < 0) - { - ecn2_negate(&A, &A); - zzn12_conj(&res, &res); - } - zzn12_mul(res, g(&A, &KA, Qx, Qy), &res); - q_power_frobenius(KA, X); - ecn2_negate(&KA, &KA); - zzn12_mul(res, g(&A, &KA, Qx, Qy), &res); - - if(zzn4_iszero(&res.a) && zzn4_iszero(&res.b) && zzn4_iszero(&res.c)) - return FALSE; - - // The final exponentiation - zzn12_copy(&res, &t0);//t0=r; - zzn12_conj(&res, &res); - zzn12_div(res, t0, &res); - - res.miller = FALSE; - res.unitary = FALSE; - - zzn12_copy(&res, &t0);//t0=r; - zzn12_powq(X, &res); - zzn12_powq(X, &res); - zzn12_mul(res, t0, &res);// r^[(p^6-1)*(p^2+1)] - res.miller = FALSE; - res.unitary = TRUE; - - // Newer new idea... - // See "On the final exponentiation for calculating pairings on ordinary elliptic curves" - // Michael Scott and Naomi Benger and Manuel Charlemagne and Luis J. Dominguez Perez and Ezekiel J. Kachisa - zzn12_copy(&res, &t0); - zzn12_powq(X, &t0); - zzn12_copy(&t0, &x0); - zzn12_powq(X, &x0); //x0=t0 - - zzn12_mul(res, t0, &x1); - zzn12_mul(x0, x1, &x0);// x0*=(res*t0); - zzn12_powq(X, &x0); - - x1 = zzn12_inverse(res);// just a conjugation! - negify(x, negify_x); - x4 = zzn12_pow(res, negify_x);//negify_x=-x x is sparse. - zzn12_copy(&x4, &x3); - zzn12_powq(X, &x3); - - x2 = zzn12_pow(x4, negify_x); - x5 = zzn12_inverse(x2); - t0 = zzn12_pow(x2, negify_x); - - zzn12_powq(X, &x2); - zzn12_div(x4, x2, &x4); - - zzn12_powq(X, &x2); - zzn12_copy(&t0, &res);// res=t0 - zzn12_powq(X, &res); - zzn12_mul(t0, res, &t0); - - zzn12_mul(t0, t0, &t0); - zzn12_mul(t0, x4, &t0); - zzn12_mul(t0, x5, &t0);//t0*=t0;t0*=x4;t0*=x5; - - zzn12_mul(x3, x5, &res); - zzn12_mul(res, t0, &res);//res=x3*x5;res*=t0; - - zzn12_mul(t0, x2, &t0);//t0*=x2; - - zzn12_mul(res, res, &res); - zzn12_mul(res, t0, &res); - zzn12_mul(res, res, &res);//res*=res; res*=t0;res*=res; - - zzn12_mul(res, x1, &t0);// t0=res*x1; - zzn12_mul(res, x0, &res);//res*=x0; - - zzn12_mul(t0, t0, &t0); - zzn12_mul(t0, res, &t0);//t0*=t0;t0*=res; - - zzn12_copy(&t0, r);//r= t0; - - return TRUE; -} - - -static BOOL ecap(ecn2 P, epoint *Q, big x, zzn2 X, zzn12 *r) -{ - BOOL Ok; - big Qx, Qy; - Qx = mirvar(0); - Qy = mirvar(0); - - ecn2_norm(&P); - epoint_get(Q, Qx, Qy); - - Ok = fast_pairing(P, Qx, Qy, x, X, r); - - if(Ok) - return TRUE; - return FALSE; -} - - -static BOOL member(zzn12 r, big x, zzn2 F) -{ - zzn12 w; - big six; - six = mirvar(0); - zzn12_init(&w); - - convert(6, six); - zzn12_copy(&r, &w);//w=r - zzn12_powq(F, &w); - r = zzn12_pow(r, x); - r = zzn12_pow(r, x); - r = zzn12_pow(r, six); // t-1=6x^2 - if(zzn4_compare(&w.a, &r.a) && zzn4_compare(&w.a, &r.a) && zzn4_compare(&w.a, &r.a)) - return TRUE; - return FALSE; -} - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/engines/sm_standard/sm9/sm4_standard.h b/engines/sm_standard/sm9/sm4_standard.h deleted file mode 100644 index 3f47a337..00000000 --- a/engines/sm_standard/sm9/sm4_standard.h +++ /dev/null @@ -1,188 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#ifndef HEADER_SM4_STANDARD_H -#define HEADER_SM4_STANDARD_H - - -#include - -#ifdef __cplusplus -extern "C"{ -#endif - - -//rotate n bits to the left in a 32bit buffer -#define SM4_rotl32(buf, n) (((buf) << n) | ((buf) >> (32 - n))) - - -static unsigned int SM4_CK[32] = {0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269, - 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9, - 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249, - 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9, - 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229, - 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299, - 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209, - 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279}; -unsigned char SM4_Sbox[256] = {0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05, - 0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, - 0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62, - 0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6, - 0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8, - 0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35, - 0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87, - 0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e, - 0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1, - 0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3, - 0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f, - 0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51, - 0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8, - 0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0, - 0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84, - 0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48}; -static unsigned int SM4_FK[4] = {0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC}; - - -void SM4_keyschedule(unsigned char MK[], unsigned int rk[]) -{ - unsigned int tmp, buf, K[36]; - int i; - for(i = 0; i < 4; i++) - { - K[i] = SM4_FK[i] ^ ((MK[4 * i] << 24) | (MK[4 * i + 1] << 16) - | (MK[4 * i + 2] << 8) | (MK[4 * i + 3])); - } - for(i = 0; i < 32; i++) - { - tmp = K[i + 1] ^ K[i + 2] ^ K[i + 3] ^ SM4_CK[i]; - - //nonlinear operation - buf = (SM4_Sbox[(tmp >> 24) & 0xFF]) << 24 - | (SM4_Sbox[(tmp >> 16) & 0xFF]) << 16 - | (SM4_Sbox[(tmp >> 8) & 0xFF]) << 8 - | (SM4_Sbox[tmp & 0xFF]); - - //linear operation - K[i + 4] = K[i] ^ ((buf) ^ (SM4_rotl32((buf), 13)) ^ (SM4_rotl32((buf), 23))); - rk[i] = K[i + 4]; - } -} - - -void SM4_encrypt(unsigned char MK[], unsigned char PlainText[], unsigned char CipherText[]) -{ - unsigned int rk[32], X[36], tmp, buf; - int i, j; - SM4_keyschedule(MK, rk); - for(j = 0; j < 4; j++) - { - X[j] = (PlainText[j * 4] << 24) | (PlainText[j * 4 + 1] << 16) - | (PlainText[j * 4 + 2] << 8) | (PlainText[j * 4 + 3]); - } - for(i = 0; i < 32; i++) - { - tmp = X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ rk[i]; - - //nonlinear operation - buf = (SM4_Sbox[(tmp >> 24) & 0xFF]) << 24 - | (SM4_Sbox[(tmp >> 16) & 0xFF]) << 16 - | (SM4_Sbox[(tmp >> 8) & 0xFF]) << 8 - | (SM4_Sbox[tmp & 0xFF]); - - //linear operation - X[i + 4] = X[i] ^ (buf ^ SM4_rotl32((buf), 2) ^ SM4_rotl32((buf), 10) - ^ SM4_rotl32((buf), 18) ^ SM4_rotl32((buf), 24)); - } - for(j = 0; j < 4; j++) - { - CipherText[4 * j] = (X[35 - j] >> 24) & 0xFF; - CipherText[4 * j + 1] = (X[35 - j] >> 16) & 0xFF; - CipherText[4 * j + 2]= (X[35 - j] >> 8) & 0xFF; - CipherText[4 * j + 3] = (X[35 - j]) & 0xFF; - } -} - - -void SM4_decrypt(unsigned char MK[], unsigned char CipherText[], unsigned char PlainText[]) -{ - unsigned int rk[32], X[36], tmp, buf; - int i, j; - SM4_keyschedule(MK, rk); - for(j = 0; j < 4; j++) - { - X[j] = (CipherText[j * 4] << 24) | (CipherText[j * 4 + 1] << 16) | - (CipherText[j * 4 + 2] << 8) | (CipherText[j * 4 + 3]); - } - for(i = 0; i < 32; i++) - { - tmp = X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ rk[31 - i]; - //nonlinear operation - buf = (SM4_Sbox[(tmp >> 24) & 0xFF]) << 24 - | (SM4_Sbox[(tmp >> 16) & 0xFF]) << 16 - | (SM4_Sbox[(tmp >> 8) & 0xFF]) << 8 - | (SM4_Sbox[tmp & 0xFF]); - //linear operation - X[i + 4] = X[i] ^ (buf ^ SM4_rotl32((buf), 2) ^ SM4_rotl32((buf), 10) - ^ SM4_rotl32((buf), 18) ^ SM4_rotl32((buf), 24)); - } - for(j = 0; j < 4; j++) - { - PlainText[4 * j] = (X[35 - j] >> 24) & 0xFF; - PlainText[4 * j + 1] = (X[35 - j] >> 16) & 0xFF; - PlainText[4 * j + 2] = (X[35 - j] >> 8) & 0xFF; - PlainText[4 * j + 3] = (X[35 - j]) & 0xFF; - } -} - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/engines/sm_standard/sm9/sm9_standard.h b/engines/sm_standard/sm9/sm9_standard.h deleted file mode 100644 index 5b9f3c37..00000000 --- a/engines/sm_standard/sm9/sm9_standard.h +++ /dev/null @@ -1,482 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#ifndef HEADER_SM9_STANDARD_H -#define HEADER_SM9_STANDARD_H - - -#include -#include -#include - - -#ifdef __cplusplus -extern "C"{ -#endif - -#include "miracl.h" -#include "r-ate.h" -#include "kdf_standard.h" - - -#define BNLEN 32 //BN curve with 256bit is used in SM9 algorithm -#define SM9_ASK_MEMORY_ERR 0x00000001 //ask for memory fail(申请内存失败) -#define SM9_MEMBER_ERR 0x00000002 //the order of group G error(群的阶错误) -#define SM9_MY_ECAP_12A_ERR 0x00000003 //R-ate pairing generated error(R-ate对计算出现错误) -#define SM9_NOT_VALID_G1 0x00000004 //not valid element of G1 -#define SM9_G1BASEPOINT_SET_ERR 0x00000005 //base point of G1 seted error(G1基点设置错误) -#define SM9_G2BASEPOINT_SET_ERR 0x00000006 //base point of G2 seted error(G2基点设置错误) -#define SM9_GEPUB_ERR 0x00000007 //pubkey error(生成公钥错误) -#define SM9_GEPRI_ERR 0x00000008 //privare key error(生成私钥错误) -#define SM9_ERR_CMP_S1SB 0x00000009 //S1!=SB -#define SM9_ERR_CMP_S2SA 0x0000000A //S2!=SA -#define SM9_ERR_RA 0x0000000B //RA error -#define SM9_ERR_RB 0x0000000C //RB error -#define SM9_ERR_SA 0x0000000D //SA error -#define SM9_ERR_SB 0x0000000E //SB error -#define SM9_C1_NOT_VALID_G1 0x0000000F //C1不属于群G1 -#define SM9_ENCRYPT_ERR 0x00000010 //加密错误 -#define SM9_ERR_K1_ZERO 0x00000011 //K1 equals 0(K1全0) -#define SM9_C3_MEMCMP_ERR 0x00000012 //C3对比不一致 -#define SM9_DECRYPT_ERR 0x00000013 //解密错误 -#define SM9_ERR_Encap_C 0x00000014 //cipher error in key encapsulation -#define SM9_ERR_Encap_K 0x00000015 //key to be encapsulated -#define SM9_ERR_Decap_K 0x00000016 //key generated by decapsulation -#define SM9_H_OUTRANGE 0x00000017 //签名H不属于[1,N-1] -#define SM9_DATA_MEMCMP_ERR 0x00000018 //数据对比不一致 -#define SM9_S_NOT_VALID_G1 0x00000019 //S不属于群G1 -#define SM9_L_error 0x0000001A //参数L错误 -#define SM9_SIGN_ERR 0x0000001B //签名错误 - - -static unsigned char SM9_q[32] = {0xB6, 0x40, 0x00, 0x00, 0x02, 0xA3, 0xA6, 0xF1, 0xD6, 0x03, 0xAB, 0x4F, 0xF5, 0x8E, 0xC7, 0x45, - 0x21, 0xF2, 0x93, 0x4B, 0x1A, 0x7A, 0xEE, 0xDB, 0xE5, 0x6F, 0x9B, 0x27, 0xE3, 0x51, 0x45, 0x7D}; -static unsigned char SM9_N[32] = {0xB6, 0x40, 0x00, 0x00, 0x02, 0xA3, 0xA6, 0xF1, 0xD6, 0x03, 0xAB, 0x4F, 0xF5, 0x8E, 0xC7, 0x44, - 0x49, 0xF2, 0x93, 0x4B, 0x18, 0xEA, 0x8B, 0xEE, 0xE5, 0x6E, 0xE1, 0x9C, 0xD6, 0x9E, 0xCF, 0x25}; -static unsigned char SM9_P1x[32] = {0x93, 0xDE, 0x05, 0x1D, 0x62, 0xBF, 0x71, 0x8F, 0xF5, 0xED, 0x07, 0x04, 0x48, 0x7D, 0x01, 0xD6, - 0xE1, 0xE4, 0x08, 0x69, 0x09, 0xDC, 0x32, 0x80, 0xE8, 0xC4, 0xE4, 0x81, 0x7C, 0x66, 0xDD, 0xDD}; -static unsigned char SM9_P1y[32] = {0x21, 0xFE, 0x8D, 0xDA, 0x4F, 0x21, 0xE6, 0x07, 0x63, 0x10, 0x65, 0x12, 0x5C, 0x39, 0x5B, 0xBC, - 0x1C, 0x1C, 0x00, 0xCB, 0xFA, 0x60, 0x24, 0x35, 0x0C, 0x46, 0x4C, 0xD7, 0x0A, 0x3E, 0xA6, 0x16}; -static unsigned char SM9_P2[128] = {0x85, 0xAE, 0xF3, 0xD0, 0x78, 0x64, 0x0C, 0x98, 0x59, 0x7B, 0x60, 0x27, 0xB4, 0x41, 0xA0, 0x1F, - 0xF1, 0xDD, 0x2C, 0x19, 0x0F, 0x5E, 0x93, 0xC4, 0x54, 0x80, 0x6C, 0x11, 0xD8, 0x80, 0x61, 0x41, - 0x37, 0x22, 0x75, 0x52, 0x92, 0x13, 0x0B, 0x08, 0xD2, 0xAA, 0xB9, 0x7F, 0xD3, 0x4E, 0xC1, 0x20, - 0xEE, 0x26, 0x59, 0x48, 0xD1, 0x9C, 0x17, 0xAB, 0xF9, 0xB7, 0x21, 0x3B, 0xAF, 0x82, 0xD6, 0x5B, - 0x17, 0x50, 0x9B, 0x09, 0x2E, 0x84, 0x5C, 0x12, 0x66, 0xBA, 0x0D, 0x26, 0x2C, 0xBE, 0xE6, 0xED, - 0x07, 0x36, 0xA9, 0x6F, 0xA3, 0x47, 0xC8, 0xBD, 0x85, 0x6D, 0xC7, 0x6B, 0x84, 0xEB, 0xEB, 0x96, - 0xA7, 0xCF, 0x28, 0xD5, 0x19, 0xBE, 0x3D, 0xA6, 0x5F, 0x31, 0x70, 0x15, 0x3D, 0x27, 0x8F, 0xF2, - 0x47, 0xEF, 0xBA, 0x98, 0xA7, 0x1A, 0x08, 0x11, 0x62, 0x15, 0xBB, 0xA5, 0xC9, 0x99, 0xA7, 0xC7}; -static unsigned char SM9_t[32] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00,0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x00, 0x58, 0xF9, 0x8A}; -static unsigned char SM9_a[32] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; -static unsigned char SM9_b[32] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05}; -epoint *P1; -ecn2 P2; -big N; //order of group, N(t) -big para_a, para_b, para_t, para_q; - - -static BOOL bytes128_to_ecn2(unsigned char Ppubs[], ecn2 *res); -static void zzn12_ElementPrint(zzn12 x); -static void ecn2_Bytes128_Print(ecn2 x); -static void LinkCharZzn12(unsigned char *message, int len, zzn12 w, unsigned char *Z, int Zlen); -static int Test_Point(epoint* point); -void SM4_standard_block_encrypt(unsigned char key[], unsigned char * message, int mlen, unsigned char *cipher, int * cipher_len); -void SM4_standard_block_decrypt(unsigned char key[], unsigned char *cipher, int len, unsigned char *plain, int *plain_len); -int SM9_standard_keyex_kdf(unsigned char *IDA, unsigned char *IDB, epoint *RA, epoint *RB, zzn12 g1, zzn12 g2, zzn12 g3, int klen, unsigned char K[]); -int SM9_standard_keyex_hash(unsigned char hashid[], unsigned char *IDA, unsigned char *IDB, epoint *RA, epoint *RB, zzn12 g1, zzn12 g2, zzn12 g3, unsigned char hash[]); -static int SM9_standard_h1(unsigned char Z[], int Zlen, big n, big h1); -int SM9_standard_enc_mac(unsigned char *K, int Klen, unsigned char *M, int Mlen, unsigned char C[]); -static int SM9_standard_init(); -static int SM9_standard_generateencryptkey(unsigned char hid[], unsigned char *ID, int IDlen, big ke, unsigned char Ppubs[], unsigned char deB[]); -int SM9_standard_keyex_inita_i(unsigned char hid[], unsigned char *IDB, unsigned char randA[], - unsigned char Ppub[], unsigned char deA[], epoint *RA); -int SM9_standard_keyex_reb_i(unsigned char hid[], unsigned char *IDA, unsigned char *IDB, unsigned char randB[], unsigned char Ppub[], unsigned char deB[], epoint *RA, epoint *RB, unsigned char SB[], zzn12 *g1, zzn12 *g2, zzn12 *g3); -int SM9_standard_keyex_inita_ii(unsigned char *IDA, unsigned char *IDB, unsigned char randA[], unsigned char Ppub[], unsigned char deA[], epoint *RA, epoint *RB, unsigned char SB[], unsigned char SA[]); -int SM9_standard_keyex_reb_ii(unsigned char *IDA, unsigned char *IDB, zzn12 g1, zzn12 g2, zzn12 g3, epoint *RA, epoint *RB, unsigned char SA[]); -int SM9_standard_exch_selfcheck(); -int SM9_standard_enc_selfcheck(); -int SM9_standard_encrypt(unsigned char hid[], unsigned char *IDB, unsigned char *message, int mlen, unsigned char rand[], - int EncID, int k1_len, int k2_len, unsigned char Ppub[], unsigned char C[], int *C_len); -int SM9_standard_decrypt(unsigned char C[], int C_len, unsigned char deB[], unsigned char *IDB, int EncID, - int k1_len, int k2_len, unsigned char M[], int * Mlen); -int SM9_standard_key_encap(unsigned char hid[], unsigned char *IDB, unsigned char rand[], unsigned char Ppub[], unsigned char C[], unsigned char K[], int Klen); -int SM9_standard_key_decap(unsigned char *IDB, unsigned char deB[], unsigned char C[], int Klen, unsigned char K[]); -int SM9_standard_encap_selfcheck(); -static int Test_Range(big x); -int SM9_standard_h2(unsigned char Z[], int Zlen, big n, big h2); -int SM9_standard_generatesignkey(unsigned char hid[], unsigned char *ID, int IDlen, big ks, unsigned char Ppubs[], unsigned char dsa[]); -int SM9_standard_sign(unsigned char hid[], unsigned char *IDA, unsigned char *message, int len, unsigned char rand[], unsigned char dsa[], unsigned char Ppub[], unsigned char H[], unsigned char S[]); -int SM9_standard_verify(unsigned char H[], unsigned char S[], unsigned char hid[], unsigned char *IDA, unsigned char *message, int len, unsigned char Ppub[]); -int SM9_standard_sv_selfcheck(); - - - -static BOOL bytes128_to_ecn2(unsigned char Ppubs[], ecn2 *res) -{ - zzn2 x, y; - big a, b; - ecn2 r; - r.x.a = mirvar(0); - r.x.b = mirvar(0); - - r.y.a = mirvar(0); - r.y.b = mirvar(0); - - r.z.a = mirvar(0); - r.z.b = mirvar(0); - r.marker = MR_EPOINT_INFINITY; - - x.a = mirvar(0); - x.b = mirvar(0); - - y.a = mirvar(0); - y.b = mirvar(0); - a = mirvar(0); - b = mirvar(0); - - bytes_to_big(BNLEN, Ppubs, b); - bytes_to_big(BNLEN, Ppubs + BNLEN, a); - zzn2_from_bigs(a, b, &x); - bytes_to_big(BNLEN, Ppubs + BNLEN * 2, b); - bytes_to_big(BNLEN, Ppubs + BNLEN * 3, a); - zzn2_from_bigs(a, b, &y); - - return ecn2_set(&x, &y, res); -} - - -static void ecn2_Bytes128_Print(ecn2 x) -{ - big tmp; - tmp = mirvar(0); - redc(x.x.b, tmp); - cotnum(tmp, stdout); - redc(x.x.a, tmp); - cotnum(tmp, stdout); - redc(x.y.b, tmp); - cotnum(tmp, stdout); - redc(x.y.a, tmp); - cotnum(tmp, stdout); -} - - -static void zzn12_ElementPrint(zzn12 x) -{ - big tmp; - tmp = mirvar(0); - redc(x.c.b.b, tmp); - cotnum(tmp, stdout); - redc(x.c.b.a, tmp); - cotnum(tmp, stdout); - redc(x.c.a.b, tmp); - cotnum(tmp, stdout); - redc(x.c.a.a, tmp); - cotnum(tmp,stdout); - redc(x.b.b.b, tmp); - cotnum(tmp, stdout); - redc(x.b.b.a, tmp); - cotnum(tmp, stdout); - redc(x.b.a.b, tmp); - cotnum(tmp, stdout); - redc(x.b.a.a, tmp); - cotnum(tmp, stdout); - redc(x.a.b.b, tmp); - cotnum(tmp, stdout); - redc(x.a.b.a, tmp); - cotnum(tmp, stdout); - redc(x.a.a.b, tmp); - cotnum(tmp, stdout); - redc(x.a.a.a, tmp); - cotnum(tmp, stdout); -} - - -static void LinkCharZzn12(unsigned char *message, int len, zzn12 w, unsigned char *Z, int Zlen) -{ - big tmp; - - tmp = mirvar(0); - - memcpy(Z, message, len); - redc(w.c.b.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len, 1); - redc(w.c.b.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN, 1); - redc(w.c.a.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 2, 1); - redc(w.c.a.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 3, 1); - redc(w.b.b.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 4, 1); - redc(w.b.b.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 5, 1); - redc(w.b.a.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 6, 1); - redc(w.b.a.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 7, 1); - redc(w.a.b.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 8, 1); - redc(w.a.b.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 9, 1); - redc(w.a.a.b, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 10, 1); - redc(w.a.a.a, tmp); - big_to_bytes(BNLEN, tmp, Z + len + BNLEN * 11, 1); -} - - -static int Test_Point(epoint* point) -{ - big x, y, x_3, tmp; - epoint *buf; - - x = mirvar(0); - y = mirvar(0); - x_3 = mirvar(0); - tmp = mirvar(0); - buf = epoint_init(); - - //test if y^2=x^3+b - epoint_get(point, x, y); - power(x, 3, para_q, x_3); //x_3=x^3 mod p - multiply(x, para_a, x); - divide(x, para_q, tmp); - add(x_3, x, x); //x=x^3+ax+b - add(x, para_b, x); - divide(x, para_q, tmp); //x=x^3+ax+b mod p - power(y, 2, para_q, y); //y=y^2 mod p - if(mr_compare(x, y) != 0) - return 1; - - //test infinity - ecurve_mult(N, point, buf); - if(point_at_infinity(buf) == FALSE) - return 1; - - return 0; -} - - -static int SM9_standard_h1(unsigned char Z[], int Zlen, big n, big h1) -{ - int hlen, i, ZHlen; - big hh, i256, tmp, n1; - unsigned char *ZH = NULL,*ha = NULL; - - hh = mirvar(0); - i256 = mirvar(0); - tmp = mirvar(0); - n1 = mirvar(0); - convert(1, i256); - ZHlen = Zlen + 1; - - hlen = (int)ceil((5.0 * logb2(n)) / 32.0); - decr(n, 1, n1); - ZH = (char *)malloc(sizeof(char)*(ZHlen + 1)); - if(ZH == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(ZH + 1, Z, Zlen); - ZH[0] = 0x01; - ha = (char *)malloc(sizeof(char)*(hlen + 1)); - if(ha == NULL) - return SM9_ASK_MEMORY_ERR; - SM3_kdf(ZH, ZHlen, hlen, ha); - - for(i = hlen - 1; i >= 0; i--)//key[从大到小] - { - premult(i256, ha[i], tmp); - add(hh, tmp, hh); - premult(i256, 256, i256); - divide(i256, n1, tmp); - divide(hh, n1, tmp); - } - incr(hh, 1, h1); - free(ZH); - free(ha); - return 0; -} - - -static int SM9_standard_init() -{ - big P1_x, P1_y; - - para_q = mirvar(0); - N = mirvar(0); - P1_x = mirvar(0); - P1_y = mirvar(0); - para_a = mirvar(0); - para_b = mirvar(0); - para_t = mirvar(0); - X.a = mirvar(0); - X.b = mirvar(0); - P2.x.a = mirvar(0); - P2.x.b = mirvar(0); - P2.y.a = mirvar(0); - P2.y.b = mirvar(0); - P2.z.a = mirvar(0); - P2.z.b = mirvar(0); - P2.marker = MR_EPOINT_INFINITY; - - P1 = epoint_init(); - bytes_to_big(BNLEN, SM9_q, para_q); - bytes_to_big(BNLEN, SM9_P1x, P1_x); - bytes_to_big(BNLEN, SM9_P1y, P1_y); - bytes_to_big(BNLEN, SM9_a, para_a); - bytes_to_big(BNLEN, SM9_b, para_b); - bytes_to_big(BNLEN, SM9_N, N); - bytes_to_big(BNLEN, SM9_t, para_t); - - mip->TWIST = MR_SEXTIC_M; - ecurve_init(para_a, para_b, para_q, MR_PROJECTIVE); //Initialises GF(q) elliptic curve - //MR_PROJECTIVE specifying projective coordinates - if(!epoint_set(P1_x, P1_y, 0, P1)) - return SM9_G1BASEPOINT_SET_ERR; - - if(!(bytes128_to_ecn2(SM9_P2, &P2))) - return SM9_G2BASEPOINT_SET_ERR; - set_frobenius_constant(&X); - - return 0; -} - - -static int SM9_standard_generateencryptkey(unsigned char hid[], unsigned char *ID, int IDlen, big ke, unsigned char Ppubs[], unsigned char deB[]) -{ - big h1, t1, t2, rem, xPpub, yPpub, tmp; - unsigned char *Z = NULL; - int Zlen = IDlen + 1, buf; - ecn2 dEB; - epoint *Ppub; - - h1 = mirvar(0); - t1 = mirvar(0); - t2 = mirvar(0); - rem = mirvar(0); - tmp = mirvar(0); - xPpub = mirvar(0); - yPpub = mirvar(0); - Ppub = epoint_init(); - dEB.x.a = mirvar(0); - dEB.x.b = mirvar(0); - dEB.y.a = mirvar(0); - dEB.y.b = mirvar(0); - dEB.z.a = mirvar(0); - dEB.z.b = mirvar(0); - dEB.marker = MR_EPOINT_INFINITY; - - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - memcpy(Z, ID, IDlen); - memcpy(Z + IDlen, hid, 1); - - buf = SM9_standard_h1(Z, Zlen, N, h1); - if(buf != 0) - return buf; - add(h1, ke, t1);//t1=H1(IDA||hid,N)+ks - xgcd(t1, N, t1, t1, t1);//t1=t1(-1) - multiply(ke, t1, t2); - divide(t2, N, rem);//t2=ks*t1(-1) - - //Ppub=[ke]P2 - ecurve_mult(ke, P1, Ppub); - - //deB=[t2]P2 - ecn2_copy(&P2, &dEB); - ecn2_mul(t2, &dEB); - - printf("\n**************The private key deB = (xdeB, ydeB):*********************\n"); - ecn2_Bytes128_Print(dEB); - printf("\n**********************PublicKey Ppubs=[ke]P1:*************************\n"); - epoint_get(Ppub, xPpub, yPpub); - cotnum(xPpub, stdout); - cotnum(yPpub, stdout); - - epoint_get(Ppub, xPpub, yPpub); - big_to_bytes(BNLEN, xPpub, Ppubs, 1); - big_to_bytes(BNLEN, yPpub, Ppubs + BNLEN, 1); - - redc(dEB.x.b, tmp); - big_to_bytes(BNLEN, tmp, deB, 1); - redc(dEB.x.a, tmp); - big_to_bytes(BNLEN, tmp, deB + BNLEN, 1); - redc(dEB.y.b, tmp); - big_to_bytes(BNLEN, tmp, deB + BNLEN * 2, 1); - redc(dEB.y.a, tmp); - big_to_bytes(BNLEN, tmp, deB + BNLEN * 3, 1); - - free(Z); - return 0; -} - - -static int Test_Range(big x) -{ - big one, decr_n; - - one = mirvar(0); - decr_n = mirvar(0); - - convert(1, one); - decr(N, 1, decr_n); - - if((mr_compare(x, one) < 0) | (mr_compare(x, decr_n) > 0)) - return 1; - - return 0; -} - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/engines/sm_standard/sm9/sm9_standard_enc.c b/engines/sm_standard/sm9/sm9_standard_enc.c deleted file mode 100644 index 474fcc49..00000000 --- a/engines/sm_standard/sm9/sm9_standard_enc.c +++ /dev/null @@ -1,477 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include "sm9_standard.h" -#include "sm4_standard.h" -#include "miracl.h" -#include "mirdef.h" - - -void SM4_standard_block_encrypt(unsigned char key[], unsigned char * message, int mlen, unsigned char *cipher, int * cipher_len) -{ - unsigned char mess[16]; - int i, rem = mlen % 16; - - for(i = 0; i < mlen / 16; i++) - SM4_encrypt(key, &message[i * 16], &cipher[i * 16]); - //encrypt the last block - memset(mess, 16 - rem, 16); - if(rem) - memcpy(mess, &message[i * 16], rem); - SM4_encrypt(key, mess, &cipher[i*16]); -} - - -void SM4_standard_block_decrypt(unsigned char key[], unsigned char *cipher, int len, unsigned char *plain, int *plain_len) -{ - int i; - for(i = 0; i < len / 16; i++) - SM4_decrypt(key, cipher + i * 16, plain + i * 16); - *plain_len = len - plain[len - 1]; -} - - -int SM9_standard_enc_mac(unsigned char *K, int Klen, unsigned char *M, int Mlen, unsigned char C[]) -{ - unsigned char *Z = NULL; - int len = Klen + Mlen; - Z = (char *)malloc(sizeof(char)*(len + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(Z, M, Mlen); - memcpy(Z + Mlen, K, Klen); - SM3_256(Z, len, C); - - free(Z); - return 0; -} - - -int SM9_standard_encrypt(unsigned char hid[], unsigned char *IDB, unsigned char *message, int mlen, unsigned char rand[], - int EncID, int k1_len, int k2_len, unsigned char Ppub[], unsigned char C[], int *C_len) -{ - big h, x, y, r; - zzn12 g, w; - epoint *Ppube, *QB, *C1; - unsigned char *Z = NULL, *K = NULL, *C2 = NULL, C3[SM3_len / 8]; - int i = 0, j = 0, Zlen, buf, klen, C2_len; - - //initiate - h = mirvar(0); - r = mirvar(0); - x = mirvar(0); - y = mirvar(0); - QB = epoint_init(); - Ppube = epoint_init(); - C1 = epoint_init(); - zzn12_init(&g); - zzn12_init(&w); - - bytes_to_big(BNLEN, Ppub, x); - bytes_to_big(BNLEN, Ppub + BNLEN, y); - epoint_set(x, y, 0, Ppube); - - //Step1:calculate QB=[H1(IDB||hid,N)]P1+Ppube - Zlen = strlen(IDB) + 1; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(Z, IDB, strlen(IDB)); - memcpy(Z + strlen(IDB), hid, 1); - buf = SM9_standard_h1(Z, Zlen, N, h); - if(buf) - return buf; - ecurve_mult(h, P1, QB); - ecurve_add(Ppube, QB); - - printf("\n*******************QB:=[H1(IDB||hid,N)]P1+Ppube*****************\n"); - epoint_get(QB, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - - //Step2:randnom - bytes_to_big(BNLEN, rand, r); - printf("\n***********************randnum r:********************************\n"); - cotnum(r, stdout); - - //Step3:C1=[r]QB - ecurve_mult(r, QB, C1); - printf("\n*************************:C1=[r]QB*******************************\n"); - epoint_get(C1, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - big_to_bytes(BNLEN, x, C, 1); - big_to_bytes(BNLEN, y, C + BNLEN, 1); - - //Step4:g = e(P2, Ppub-e) - if(!ecap(P2, Ppube, para_t, X, &g)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(g, para_t, X)) - return SM9_MEMBER_ERR; - printf("\n***********************g=e(P2,Ppube):****************************\n"); - zzn12_ElementPrint(g); - - //Step5:calculate w=g^r - w = zzn12_pow(g, r); - printf("\n***************************w=g^r:**********************************\n"); - zzn12_ElementPrint(w); - - free(Z); - //Step6:calculate C2 - if(EncID == 0) - { - C2_len = mlen; - *C_len = BNLEN * 2 + SM3_len / 8 + C2_len; - - //Step:6-1: calculate K=KDF(C1||w||IDB,klen) - klen = mlen + k2_len; - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - K = (char *)malloc(sizeof(char)*(klen + 1)); - C2 = (char *)malloc(sizeof(char)*(mlen + 1)); - if(Z == NULL || K == NULL || C2 == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12( C, BNLEN * 2, w, Z, (Zlen - strlen(IDB))); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - SM3_kdf(Z, Zlen, klen, K); - printf("\n*****************K=KDF(C1||w||IDB,klen):***********************\n"); - for(i = 0; i < klen; i++) - printf("%02x", K[i]); - - //Step:6-2: calculate C2=M^K1,and test if K1==0? - for(i = 0; i < mlen; i++) - { - if(K[i] == 0) - j = j + 1; - C2[i] = message[i] ^ K[i]; - } - if(j == mlen) - return SM9_ERR_K1_ZERO; - printf("\n************************* C2=M^K1 :***************************\n"); - for(i = 0; i < C2_len; i++) - printf("%02x", C2[i]); - - //Step7:calculate C3=MAC(K2,C2) - SM9_standard_enc_mac(K + mlen, k2_len, C2, mlen, C3); - printf("\n********************** C3=MAC(K2,C2):*************************\n"); - for(i = 0; i < 32; i++) - printf("%02x", C3[i]); - - memcpy(C + BNLEN * 2, C3, SM3_len / 8); - memcpy(C + BNLEN * 2 + SM3_len / 8, C2, C2_len); - free(Z); - free(K); - free(C2); - } - else - { - C2_len = (mlen / 16 + 1) * 16; - *C_len = BNLEN * 2 + SM3_len / 8 + C2_len; - - //Step:6-1: calculate K=KDF(C1||w||IDB,klen) - klen = k1_len + k2_len; - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - K = (char *)malloc(sizeof(char)*(klen + 1)); - C2 = (char *)malloc(sizeof(char)*(C2_len + 1)); - if(Z == NULL || K == NULL || C2 == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(C, BNLEN * 2, w, Z, Zlen - strlen(IDB)); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - SM3_kdf(Z, Zlen, klen, K); - printf("\n*****************K=KDF(C1||w||IDB,klen):***********************\n"); - for(i = 0; i < klen; i++) - printf("%02x", K[i]); - - //Step:6-2: calculate C2=Enc(K1,M),and also test if K1==0? - for(i = 0; i < k1_len; i++) - { - if(K[i] == 0) - j = j + 1; - } - if(j == k1_len) - return SM9_ERR_K1_ZERO; - - SM4_standard_block_encrypt(K, message, mlen, C2, &C2_len); - printf("\n*********************** C2=Enc(K1,M) :*************************\n"); - for(i = 0; i < C2_len; i++) - printf("%02x", C2[i]); - - //Step7:calculate C3=MAC(K2,C2) - SM9_standard_enc_mac(K + k1_len, k2_len, C2, C2_len, C3); - printf("\n********************** C3=MAC(K2,C2):*************************\n"); - for(i = 0; i < 32; i++) - printf("%02x", C3[i]); - - memcpy(C + BNLEN * 2, C3, SM3_len / 8); - memcpy(C + BNLEN * 2 + SM3_len / 8, C2, C2_len); - free(Z); - free(K); - free(C2); - } - return 0; -} - - -int SM9_standard_decrypt (unsigned char C[], int C_len, unsigned char deB[], unsigned char *IDB, int EncID, - int k1_len, int k2_len, unsigned char M[], int * Mlen) -{ - big x, y; - epoint *C1; - zzn12 w; - ecn2 dEB; - int mlen, klen, Zlen, i, number = 0; - unsigned char *Z = NULL, *K = NULL, *K1 = NULL, u[SM3_len / 8]; - - x = mirvar(0); - y = mirvar(0); - dEB.x.a = mirvar(0); - dEB.x.b = mirvar(0); - dEB.y.a = mirvar(0); - dEB.y.b = mirvar(0); - dEB.z.a = mirvar(0); - dEB.z.b = mirvar(0); - dEB.marker = MR_EPOINT_INFINITY; - C1 = epoint_init(); - zzn12_init(&w); - - bytes_to_big(BNLEN, C, x); - bytes_to_big(BNLEN, C + BNLEN, y); - bytes128_to_ecn2(deB, &dEB); - - //Step1:get C1,and test if C1 is on G1 - epoint_set(x, y, 1, C1); - if(Test_Point(C1)) - return SM9_C1_NOT_VALID_G1; - - //Step2:w = e(C1, deB) - if(!ecap(dEB, C1, para_t, X, &w)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(w, para_t, X)) return - SM9_MEMBER_ERR; - printf("\n*********************** w = e(C1, deB):****************************\n"); - zzn12_ElementPrint(w); - - //Step3:Calculate plaintext - mlen = C_len - BNLEN * 2 - SM3_len / 8; - if(EncID == 0) - { - //Step3-1:calculate K=KDF(C1||w||IDB,klen) - klen = mlen + k2_len; - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - K = (char *)malloc(sizeof(char)*(klen + 1)); - if(Z == NULL || K == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(C, BNLEN * 2, w, Z, Zlen - strlen(IDB)); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - SM3_kdf(Z, Zlen, klen, K); - printf("\n*****************K=KDF(C1||w||IDB,klen):***********************\n"); - for(i = 0; i < klen; i++) - printf("%02x", K[i]); - - //Step:3-2: calculate M=C2^K1,and test if K1==0? - for(i = 0; i < mlen; i++) - { - if(K[i] == 0) - number += 1; - M[i] = C[i + C_len - mlen] ^ K[i]; - } - if(number == mlen) - return SM9_ERR_K1_ZERO; - *Mlen = mlen; - - //Step4:calculate u=MAC(K2,C2) - SM9_standard_enc_mac(K + mlen, k2_len, &C[C_len - mlen], mlen, u); - if(memcmp(u, &C[BNLEN * 2], SM3_len / 8)) - return SM9_C3_MEMCMP_ERR; - - printf("\n****************************** M:******************************\n"); - for(i = 0; i < mlen; i++) - printf("%02x", M[i]); - free(Z); - free(K); - } - else - { - //Step:3-1: calculate K=KDF(C1||w||IDB,klen) - klen = k1_len + k2_len; - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - K = (char *)malloc(sizeof(char)*(klen + 1)); - K1 = (char *)malloc(sizeof(char)*(k1_len + 1)); - if(Z == NULL || K == NULL || K1 == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(C, BNLEN * 2, w, Z, Zlen - strlen(IDB)); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - SM3_kdf(Z, Zlen, klen, K); - printf("\n*****************K=KDF(C1||w||IDB,klen):***********************\n"); - for(i = 0; i < klen; i++) - printf("%02x", K[i]); - - //Step:3-2: calculate M=dec(K1,C2),and test if K1==0? - for(i = 0; i < k1_len; i++) - { - if(K[i] == 0) - number += 1; - K1[i] = K[i]; - } - if(number == k1_len) - return SM9_ERR_K1_ZERO; - SM4_standard_block_decrypt(K1, &C[C_len - mlen], mlen, M, Mlen); - - //Step4:calculate u=MAC(K2,C2) - SM9_standard_enc_mac(K + k1_len, k2_len, &C[C_len - mlen], mlen, u); - if(memcmp(u, &C[BNLEN * 2], SM3_len / 8)) - return SM9_C3_MEMCMP_ERR; - free(Z); - free(K); - free(K1); - } - return 0; -} - - -int SM9_standard_enc_selfcheck() -{ - //the master private key - unsigned char KE[32] = {0x00, 0x01, 0xED, 0xEE, 0x37, 0x78, 0xF4, 0x41, 0xF8, 0xDE, 0xA3, 0xD9, 0xFA, 0x0A, 0xCC, 0x4E, - 0x07, 0xEE, 0x36, 0xC9, 0x3F, 0x9A, 0x08, 0x61, 0x8A, 0xF4, 0xAD, 0x85, 0xCE, 0xDE, 0x1C, 0x22}; - unsigned char rand[32] = {0x00, 0x00, 0xAA, 0xC0, 0x54, 0x17, 0x79, 0xC8, 0xFC, 0x45, 0xE3, 0xE2, 0xCB, 0x25, 0xC1, 0x2B, - 0x5D, 0x25, 0x76, 0xB2, 0x12, 0x9A, 0xE8, 0xBB, 0x5E, 0xE2, 0xCB, 0xE5, 0xEC, 0x9E, 0x78, 0x5C}; - //standard datas - unsigned char std_Ppub[64] = {0x78, 0x7E, 0xD7, 0xB8, 0xA5, 0x1F, 0x3A, 0xB8, 0x4E, 0x0A, 0x66, 0x00, 0x3F, 0x32, 0xDA, 0x5C, - 0x72, 0x0B, 0x17, 0xEC, 0xA7, 0x13, 0x7D, 0x39, 0xAB, 0xC6, 0x6E, 0x3C, 0x80, 0xA8, 0x92, 0xFF, - 0x76, 0x9D, 0xE6, 0x17, 0x91, 0xE5, 0xAD, 0xC4, 0xB9, 0xFF, 0x85, 0xA3, 0x13, 0x54, 0x90, 0x0B, - 0x20, 0x28, 0x71, 0x27, 0x9A, 0x8C, 0x49, 0xDC, 0x3F, 0x22, 0x0F, 0x64, 0x4C, 0x57, 0xA7, 0xB1}; - unsigned char std_deB[128] = {0x94, 0x73, 0x6A, 0xCD, 0x2C, 0x8C, 0x87, 0x96, 0xCC, 0x47, 0x85, 0xE9, 0x38, 0x30, 0x1A, 0x13, - 0x9A, 0x05, 0x9D, 0x35, 0x37, 0xB6, 0x41, 0x41, 0x40, 0xB2, 0xD3, 0x1E, 0xEC, 0xF4, 0x16, 0x83, - 0x11, 0x5B, 0xAE, 0x85, 0xF5, 0xD8, 0xBC, 0x6C, 0x3D, 0xBD, 0x9E, 0x53, 0x42, 0x97, 0x9A, 0xCC, - 0xCF, 0x3C, 0x2F, 0x4F, 0x28, 0x42, 0x0B, 0x1C, 0xB4, 0xF8, 0xC0, 0xB5, 0x9A, 0x19, 0xB1, 0x58, - 0x7A, 0xA5, 0xE4, 0x75, 0x70, 0xDA, 0x76, 0x00, 0xCD, 0x76, 0x0A, 0x0C, 0xF7, 0xBE, 0xAF, 0x71, - 0xC4, 0x47, 0xF3, 0x84, 0x47, 0x53, 0xFE, 0x74, 0xFA, 0x7B, 0xA9, 0x2C, 0xA7, 0xD3, 0xB5, 0x5F, - 0x27, 0x53, 0x8A, 0x62, 0xE7, 0xF7, 0xBF, 0xB5, 0x1D, 0xCE, 0x08, 0x70, 0x47, 0x96, 0xD9, 0x4C, - 0x9D, 0x56, 0x73, 0x4F, 0x11, 0x9E, 0xA4, 0x47, 0x32, 0xB5, 0x0E, 0x31, 0xCD, 0xEB, 0x75, 0xC1}; - unsigned char std_C_stream[116] = {0x24, 0x45, 0x47, 0x11, 0x64, 0x49, 0x06, 0x18, 0xE1, 0xEE, 0x20, 0x52, 0x8F, 0xF1, 0xD5, 0x45, - 0xB0, 0xF1, 0x4C, 0x8B, 0xCA, 0xA4, 0x45, 0x44, 0xF0, 0x3D, 0xAB, 0x5D, 0xAC, 0x07, 0xD8, 0xFF, - 0x42, 0xFF, 0xCA, 0x97, 0xD5, 0x7C, 0xDD, 0xC0, 0x5E, 0xA4, 0x05, 0xF2, 0xE5, 0x86, 0xFE, 0xB3, - 0xA6, 0x93, 0x07, 0x15, 0x53, 0x2B, 0x80, 0x00, 0x75, 0x9F, 0x13, 0x05, 0x9E, 0xD5, 0x9A, 0xC0, - 0xBA, 0x67, 0x23, 0x87, 0xBC, 0xD6, 0xDE, 0x50, 0x16, 0xA1, 0x58, 0xA5, 0x2B, 0xB2, 0xE7, 0xFC, - 0x42, 0x91, 0x97, 0xBC, 0xAB, 0x70, 0xB2, 0x5A, 0xFE, 0xE3, 0x7A, 0x2B, 0x9D, 0xB9, 0xF3, 0x67, - 0x1B, 0x5F, 0x5B, 0x0E, 0x95, 0x14, 0x89, 0x68, 0x2F, 0x3E, 0x64, 0xE1, 0x37, 0x8C, 0xDD, 0x5D, - 0xA9, 0x51, 0x3B, 0x1C}; - unsigned char std_C_cipher[128] = {0x24, 0x45, 0x47, 0x11, 0x64, 0x49, 0x06, 0x18, 0xE1, 0xEE, 0x20, 0x52, 0x8F, 0xF1, 0xD5, 0x45, - 0xB0, 0xF1, 0x4C, 0x8B, 0xCA, 0xA4, 0x45, 0x44, 0xF0, 0x3D, 0xAB, 0x5D, 0xAC, 0x07, 0xD8, 0xFF, - 0x42, 0xFF, 0xCA, 0x97, 0xD5, 0x7C, 0xDD, 0xC0, 0x5E, 0xA4, 0x05, 0xF2, 0xE5, 0x86, 0xFE, 0xB3, - 0xA6, 0x93, 0x07, 0x15, 0x53, 0x2B, 0x80, 0x00, 0x75, 0x9F, 0x13, 0x05, 0x9E, 0xD5, 0x9A, 0xC0, - 0xFD, 0x3C, 0x98, 0xDD, 0x92, 0xC4, 0x4C, 0x68, 0x33, 0x26, 0x75, 0xA3, 0x70, 0xCC, 0xEE, 0xDE, - 0x31, 0xE0, 0xC5, 0xCD, 0x20, 0x9C, 0x25, 0x76, 0x01, 0x14, 0x9D, 0x12, 0xB3, 0x94, 0xA2, 0xBE, - 0xE0, 0x5B, 0x6F, 0xAC, 0x6F, 0x11, 0xB9, 0x65, 0x26, 0x8C, 0x99, 0x4F, 0x00, 0xDB, 0xA7, 0xA8, - 0xBB, 0x00, 0xFD, 0x60, 0x58, 0x35, 0x46, 0xCB, 0xDF, 0x46, 0x49, 0x25, 0x08, 0x63, 0xF1, 0x0A}; - unsigned char *std_message = "Chinese IBE standard"; - unsigned char hid[] = {0x03}; - unsigned char *IDB = "Bob"; - - unsigned char Ppub[64], deB[128]; - unsigned char message[1000], C[1000]; - int M_len, C_len;//M_len the length of message //C_len the length of C - int k1_len = 16, k2_len = 32; - int EncID = 0;//0,stream //1 block - int tmp, i; - big ke; - - tmp = SM9_standard_init(); - if(tmp != 0) - return tmp; - - ke = mirvar(0); - bytes_to_big(32, KE, ke); - - printf("\n*********************** SM9 key Generation ***************************\n"); - tmp = SM9_standard_generateencryptkey(hid, IDB, strlen(IDB), ke, Ppub, deB); - if(tmp != 0) - return tmp; - if(memcmp(Ppub, std_Ppub, 64) != 0) - return SM9_GEPUB_ERR; - if(memcmp(deB, std_deB, 128) !=0) - return SM9_GEPRI_ERR; - - printf("\n*********************** SM9 encrypt algorithm **************************\n"); - tmp = SM9_standard_encrypt(hid, IDB, std_message, strlen(std_message), rand, EncID, k1_len, k2_len, Ppub, C, &C_len); - if(tmp != 0) - return tmp; - printf("\n******************************Cipher:************************************\n"); - for(i = 0; i < C_len; i++) - printf("%02x", C[i]); - if(EncID == 0) - tmp = memcmp(C, std_C_stream, C_len); - else - tmp = memcmp(C, std_C_cipher, C_len); - if(tmp) - return SM9_ENCRYPT_ERR; - - printf("\n********************** SM9 Decrypt algorithm **************************\n"); - tmp = SM9_standard_decrypt(std_C_cipher, 128, deB, IDB, 2, k1_len, k2_len, message, &M_len); - printf("\n**************************** Message:***********************************\n"); - for(i = 0; i < M_len; i++) - printf("%02x", message[i]); - if(tmp != 0) - return tmp; - if(memcmp(message, std_message, M_len) != 0) - return SM9_DECRYPT_ERR; - - return 0; -} diff --git a/engines/sm_standard/sm9/sm9_standard_encap.c b/engines/sm_standard/sm9/sm9_standard_encap.c deleted file mode 100644 index a1c8128b..00000000 --- a/engines/sm_standard/sm9/sm9_standard_encap.c +++ /dev/null @@ -1,307 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include "sm9_standard.h" -#include "miracl.h" -#include "mirdef.h" - - -int SM9_standard_key_encap(unsigned char hid[], unsigned char *IDB, unsigned char rand[], - unsigned char Ppub[], unsigned char C[], unsigned char K[], int Klen) -{ - big h, x, y, r; - epoint *Ppube, *QB, *Cipher; - unsigned char *Z = NULL; - int Zlen, buf, i, num = 0; - zzn12 g, w; - - //initiate - h = mirvar(0); - r = mirvar(0); - x = mirvar(0); - y = mirvar(0); - QB = epoint_init(); - Ppube = epoint_init(); - Cipher = epoint_init(); - zzn12_init(&g); - zzn12_init(&w); - - bytes_to_big(BNLEN, Ppub, x); - bytes_to_big(BNLEN, Ppub + BNLEN, y); - epoint_set(x, y, 0, Ppube); - - //----------Step1:calculate QB=[H1(IDB||hid,N)]P1+Ppube---------- - Zlen = strlen(IDB) + 1; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(Z, IDB, strlen(IDB)); - memcpy(Z + strlen(IDB), hid, 1); - buf = SM9_standard_h1(Z, Zlen, N, h); - free(Z); - if(buf) - return buf; - printf("\n************************ H1(IDB||hid,N) ************************\n"); - cotnum(h, stdout); - - ecurve_mult(h, P1, QB); - ecurve_add(Ppube, QB); - printf("\n*******************QB:=[H1(IDB||hid,N)]P1+Ppube*****************\n"); - epoint_get(QB, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - - //-------------------- Step2:randnom ------------------- - bytes_to_big(BNLEN, rand, r); - printf("\n***********************randnum r: ******************************\n"); - cotnum(r, stdout); - - //----------------Step3:C=[r]QB------------------------ - ecurve_mult(r, QB, Cipher); - epoint_get(Cipher, x, y); - printf("\n*********************** C=[r]QB: ******************************\n"); - cotnum(x, stdout); - cotnum(y, stdout); - big_to_bytes(BNLEN, x, C, 1); - big_to_bytes(BNLEN, y, C + BNLEN, 1); - - //----------------Step4:g=e(Ppube,P2)------------------------ - if(!ecap(P2, Ppube, para_t, X, &g)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(g, para_t, X)) - return SM9_MEMBER_ERR; - - printf("\n***********************g=e(Ppube,P2):****************************\n"); - zzn12_ElementPrint(g); - - //----------------Step5:w=g^r------------------------ - w = zzn12_pow(g, r); - printf("\n************************* w=g^r:*********************************\n"); - zzn12_ElementPrint(w); - - //----------------Step6:K=KDF(C||w||IDB,klen)------------------------ - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - LinkCharZzn12(C, BNLEN * 2, w, Z, BNLEN * 14); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - - SM3_kdf(Z, Zlen, Klen, K); - free(Z); - //----------------test if K equals 0------------------------ - printf("\n******************* K=KDF(C||w||IDB,klen):***********************\n"); - for(i = 0; i < Klen; i++) - { - if(K[i] == 0) - num += 1; - printf("%02x", K[i]); - } - if(num == Klen) - return SM9_ERR_K1_ZERO; - - return 0; -} - - -int SM9_standard_key_decap(unsigned char *IDB, unsigned char deB[], unsigned char C[], int Klen, unsigned char K[]) -{ - big h, x, y; - epoint *Cipher; - unsigned char *Z = NULL; - int Zlen, i, num = 0; - zzn12 w; - ecn2 dEB; - - //initiate - h = mirvar(0); - x = mirvar(0); - y = mirvar(0); - Cipher = epoint_init(); - zzn12_init(&w); - dEB.x.a = mirvar(0); - dEB.x.b = mirvar(0); - dEB.y.a = mirvar(0); - dEB.y.b = mirvar(0); - dEB.z.a = mirvar(0); - dEB.z.b = mirvar(0); - dEB.marker = MR_EPOINT_INFINITY; - - bytes_to_big(BNLEN, C, x); - bytes_to_big(BNLEN, C + BNLEN, y); - epoint_set(x, y, 0, Cipher); - bytes128_to_ecn2(deB, &dEB); - - //----------Step1:test if C is on G1----------------- - if(Test_Point(Cipher)) - return SM9_NOT_VALID_G1; - - //----------Step2:calculate w=e(C,deB)----------------- - if(!ecap(dEB, Cipher, para_t, X, &w)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(w, para_t, X)) - return SM9_MEMBER_ERR; - - printf("\n***********************w=e(C,deB):****************************\n"); - zzn12_ElementPrint(w); - - //----------Step3:K=KDF(C||w'||IDB,klen)------------------------ - Zlen = strlen(IDB) + BNLEN * 14; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - LinkCharZzn12(C, BNLEN * 2, w, Z, BNLEN * 14); - memcpy(Z + BNLEN * 14, IDB, strlen(IDB)); - SM3_kdf(Z, Zlen, Klen, K); - - //----------------test if K equals 0------------------------ - printf("\n******************* K=KDF(C||w||IDB,klen):***********************\n"); - for(i = 0; i < Klen; i++) - { - if(K[i] == 0) - num += 1; - printf("%02x", K[i]); - } - if(num == Klen) - return SM9_ERR_K1_ZERO; - - free(Z); - return 0; -} - - -int SM9_standard_encap_selfcheck() -{ - //the master private key - unsigned char KE[32] = {0x00, 0x01, 0xED, 0xEE, 0x37, 0x78, 0xF4, 0x41, 0xF8, 0xDE, 0xA3, 0xD9, 0xFA, 0x0A, 0xCC, 0x4E, - 0x07, 0xEE, 0x36, 0xC9, 0x3F, 0x9A, 0x08, 0x61, 0x8A, 0xF4, 0xAD, 0x85, 0xCE, 0xDE, 0x1C, 0x22}; - unsigned char rand[32] = {0x00, 0x00, 0x74, 0x01, 0x5F, 0x84, 0x89, 0xC0, 0x1E, 0xF4, 0x27, 0x04, 0x56, 0xF9, 0xE6, 0x47, - 0x5B, 0xFB, 0x60, 0x2B, 0xDE, 0x7F, 0x33, 0xFD, 0x48, 0x2A, 0xB4, 0xE3, 0x68, 0x4A, 0x67, 0x22}; - //standard datas - unsigned char std_Ppub[64] = {0x78, 0x7E, 0xD7, 0xB8, 0xA5, 0x1F, 0x3A, 0xB8, 0x4E, 0x0A, 0x66, 0x00, 0x3F, 0x32, 0xDA, 0x5C, - 0x72, 0x0B, 0x17, 0xEC, 0xA7, 0x13, 0x7D, 0x39, 0xAB, 0xC6, 0x6E, 0x3C, 0x80, 0xA8, 0x92, 0xFF, - 0x76, 0x9D, 0xE6, 0x17, 0x91, 0xE5, 0xAD, 0xC4, 0xB9, 0xFF, 0x85, 0xA3, 0x13, 0x54, 0x90, 0x0B, - 0x20, 0x28, 0x71, 0x27, 0x9A, 0x8C, 0x49, 0xDC, 0x3F, 0x22, 0x0F, 0x64, 0x4C, 0x57, 0xA7, 0xB1}; - unsigned char std_deB[128] = {0x94, 0x73, 0x6A, 0xCD, 0x2C, 0x8C, 0x87, 0x96, 0xCC, 0x47, 0x85, 0xE9, 0x38, 0x30, 0x1A, 0x13, - 0x9A, 0x05, 0x9D, 0x35, 0x37, 0xB6, 0x41, 0x41, 0x40, 0xB2, 0xD3, 0x1E, 0xEC, 0xF4, 0x16, 0x83, - 0x11, 0x5B, 0xAE, 0x85, 0xF5, 0xD8, 0xBC, 0x6C, 0x3D, 0xBD, 0x9E, 0x53, 0x42, 0x97, 0x9A, 0xCC, - 0xCF, 0x3C, 0x2F, 0x4F, 0x28, 0x42, 0x0B, 0x1C, 0xB4, 0xF8, 0xC0, 0xB5, 0x9A, 0x19, 0xB1, 0x58, - 0x7A, 0xA5, 0xE4, 0x75, 0x70, 0xDA, 0x76, 0x00, 0xCD, 0x76, 0x0A, 0x0C, 0xF7, 0xBE, 0xAF, 0x71, - 0xC4, 0x47, 0xF3, 0x84, 0x47, 0x53, 0xFE, 0x74, 0xFA, 0x7B, 0xA9, 0x2C, 0xA7, 0xD3, 0xB5, 0x5F, - 0x27, 0x53, 0x8A, 0x62, 0xE7, 0xF7, 0xBF, 0xB5, 0x1D, 0xCE, 0x08, 0x70, 0x47, 0x96, 0xD9, 0x4C, - 0x9D, 0x56, 0x73, 0x4F, 0x11, 0x9E, 0xA4, 0x47, 0x32, 0xB5, 0x0E, 0x31, 0xCD, 0xEB, 0x75, 0xC1}; - unsigned char std_K[64] = {0x4F, 0xF5, 0xCF, 0x86, 0xD2, 0xAD, 0x40, 0xC8, 0xF4, 0xBA, 0xC9, 0x8D, 0x76, 0xAB, 0xDB, 0xDE, - 0x0C, 0x0E, 0x2F, 0x0A, 0x82, 0x9D, 0x3F, 0x91, 0x1E, 0xF5, 0xB2, 0xBC, 0xE0, 0x69, 0x54, 0x80}; - unsigned char std_C[64] = {0x1E, 0xDE, 0xE2, 0xC3, 0xF4, 0x65, 0x91, 0x44, 0x91, 0xDE, 0x44, 0xCE, 0xFB, 0x2C, 0xB4, 0x34, - 0xAB, 0x02, 0xC3, 0x08, 0xD9, 0xDC, 0x5E, 0x20, 0x67, 0xB4, 0xFE, 0xD5, 0xAA, 0xAC, 0x8A, 0x0F, - 0x1C, 0x9B, 0x4C, 0x43, 0x5E, 0xCA, 0x35, 0xAB, 0x83, 0xBB, 0x73, 0x41, 0x74, 0xC0, 0xF7, 0x8F, - 0xDE, 0x81, 0xA5, 0x33, 0x74, 0xAF, 0xF3, 0xB3, 0x60, 0x2B, 0xBC, 0x5E, 0x37, 0xBE, 0x9A, 0x4C}; - - unsigned char hid[] = {0x03}, *IDB = "Bob"; - unsigned char Ppub[64], deB[128], C[64], K[32], K_decap[32]; - big ke; - int tmp, i; - int Klen = 32; - - mip = mirsys(1000, 16); - mip->IOBASE = 16; - ke = mirvar(0); - bytes_to_big(32, KE, ke); - - tmp = SM9_standard_init(); - if(tmp != 0) - return tmp; - - printf("\n*********************** SM9 key Generation ***************************\n"); - tmp = SM9_standard_generateencryptkey(hid, IDB, strlen(IDB), ke, Ppub, deB); - if(tmp != 0) - return tmp; - if(memcmp(Ppub, std_Ppub, 64) != 0) - return SM9_GEPUB_ERR; - if(memcmp(deB, std_deB, 128) != 0) - return SM9_GEPRI_ERR; - - printf("\n**********************PublicKey Ppubs=[ke]P1:*************************\n"); - for(i = 0; i < 64; i++) - { - if(i == 32) - printf("\n"); - printf("%02x", Ppub[i]); - } - printf("\n**************The private key deB = (xdeB, ydeB):*********************\n"); - for(i = 0; i < 128; i++) - { - if(i == 64) - printf("\n"); - printf("%02x", deB[i]); - } - - printf("\n///////////////////SM9 Key encapsulation mechanism//////////////////////\n"); - tmp = SM9_standard_key_encap(hid, IDB, rand, Ppub, C, K, Klen); - if(tmp != 0) - return tmp; - - if(memcmp(C, std_C, 64) != 0) - return SM9_ERR_Encap_C; - if(memcmp(K, std_K, Klen) != 0) - return SM9_ERR_Encap_K; - - printf("\n///////////////////SM9 Key decapsulation mechanism//////////////////////\n"); - tmp = SM9_standard_key_decap(IDB, deB, C, Klen, K_decap); - if(tmp != 0) - return tmp; - - if(memcmp(K_decap, std_K, 32) != 0) - return SM9_ERR_Decap_K; - - return 0; -} diff --git a/engines/sm_standard/sm9/sm9_standard_exch.c b/engines/sm_standard/sm9/sm9_standard_exch.c deleted file mode 100644 index be986dfc..00000000 --- a/engines/sm_standard/sm9/sm9_standard_exch.c +++ /dev/null @@ -1,525 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include "sm9_standard.h" -#include "miracl.h" -#include "mirdef.h" - - -int SM9_standard_keyex_kdf(unsigned char *IDA, unsigned char *IDB, epoint *RA, epoint *RB, zzn12 g1, zzn12 g2, zzn12 g3, int klen, unsigned char K[]) -{ - unsigned char *Z = NULL; - int Zlen; - int IDALen = strlen(IDA), IDBLen = strlen(IDB); - big x1, y1, x2, y2; - - x1 = mirvar(0); - y1 = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - epoint_get(RA, x1, y1); - epoint_get(RB, x2, y2); - - Zlen = IDALen + IDBLen + BNLEN * 40; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - - memcpy(Z, IDA, IDALen); - memcpy(Z + IDALen, IDB, IDBLen); - big_to_bytes(BNLEN, x1, Z + IDALen + IDBLen, 1); - big_to_bytes(BNLEN, y1, Z + IDALen + IDBLen + BNLEN, 1); - big_to_bytes(BNLEN, x2, Z + IDALen + IDBLen + BNLEN * 2, 1); - big_to_bytes(BNLEN, y2, Z + IDALen + IDBLen + BNLEN * 3, 1); - LinkCharZzn12(Z, 0, g1, Z + IDALen + IDBLen + BNLEN * 4, BNLEN * 12); - LinkCharZzn12(Z, 0, g2, Z + IDALen + IDBLen + BNLEN * 16, BNLEN * 12); - LinkCharZzn12(Z, 0, g3, Z + IDALen + IDBLen + BNLEN * 28, BNLEN * 12); - - SM3_kdf(Z, Zlen, klen, K); - free(Z); - return 0; -} - - -int SM9_standard_keyex_hash(unsigned char hashid[], unsigned char *IDA, unsigned char *IDB, epoint *RA, epoint *RB, zzn12 g1, zzn12 g2, zzn12 g3, unsigned char hash[]) -{ - int Zlen; - int IDALen = strlen(IDA), IDBLen = strlen(IDB); - unsigned char *Z = NULL; - big x1, y1, x2, y2; - - x1 = mirvar(0); - y1 = mirvar(0); - x2 = mirvar(0); - y2 = mirvar(0); - epoint_get(RA, x1, y1); - epoint_get(RB, x2, y2); - - Zlen = IDALen + IDBLen + BNLEN * 28; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(Z, 0, g2, Z, BNLEN * 12); - LinkCharZzn12(Z, 0, g3, Z + BNLEN * 12, BNLEN * 12); - memcpy(Z + BNLEN * 24, IDA, IDALen); - memcpy(Z + BNLEN * 24 + IDALen, IDB, IDBLen); - big_to_bytes(BNLEN, x1, Z + BNLEN * 24 + IDALen + IDBLen, 1); - big_to_bytes(BNLEN, y1, Z + BNLEN * 25 + IDALen + IDBLen, 1); - big_to_bytes(BNLEN, x2, Z + BNLEN * 26 + IDALen + IDBLen, 1); - big_to_bytes(BNLEN, y2, Z + BNLEN * 27 + IDALen + IDBLen, 1); - - SM3_256(Z, Zlen, hash); - - Zlen = 1 + BNLEN * 12 + SM3_len / 8; - memcpy(Z, hashid, 1); - LinkCharZzn12(Z, 1, g1, Z, 1 + BNLEN * 12); - memcpy(Z + 1 + BNLEN * 12, hash, SM3_len / 8); - - SM3_256(Z, Zlen, hash); - free(Z); - return 0; -} - - -int SM9_standard_keyex_inita_i(unsigned char hid[], unsigned char *IDB, unsigned char randA[], - unsigned char Ppub[], unsigned char deA[], epoint *RA) -{ - big h, x, y, rA; - epoint *Ppube, *QB; - unsigned char *Z = NULL; - int Zlen, buf; - - //initiate - h = mirvar(0); - rA = mirvar(0); - x = mirvar(0); - y = mirvar(0); - QB = epoint_init(); - Ppube = epoint_init(); - - bytes_to_big(BNLEN, Ppub, x); - bytes_to_big(BNLEN, Ppub + BNLEN, y); - epoint_set(x, y, 0, Ppube); - - //----------A1:calculate QB=[H1(IDB||hid,N)]P1+Ppube---------- - Zlen = strlen(IDB) + 1; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(Z, IDB, strlen(IDB)); - memcpy(Z + strlen(IDB), hid, 1); - buf = SM9_standard_h1(Z, Zlen, N, h); - if(buf) - return buf; - ecurve_mult(h, P1, QB); - ecurve_add(Ppube, QB); - printf("\n*******************QB:=[H1(IDB||hid,N)]P1+Ppube*****************\n"); - epoint_get(QB, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - - //--------------- Step A2:randnom ------------------- - bytes_to_big(BNLEN, randA, rA); - printf("\n***********************randnum rA:******************************\n"); - cotnum(rA, stdout); - - //----------------Step A3:RA=[r]QB - ecurve_mult(rA, QB, RA); - - free(Z); - return 0; -} - - - -int SM9_standard_keyex_reb_i(unsigned char hid[], unsigned char *IDA, unsigned char *IDB, unsigned char randB[], unsigned char Ppub[], - unsigned char deB[], epoint *RA, epoint *RB, unsigned char SB[], zzn12 *g1, zzn12 *g2, zzn12 *g3) -{ - big h, x, y, rB; - epoint *Ppube, *QA; - unsigned char *Z = NULL, hashid[] = {0x82}; - unsigned char SKB[16]; - ecn2 dEB; - int Zlen, buf, i; - - //initiate - h = mirvar(0); - rB = mirvar(0); - x = mirvar(0); - y = mirvar(0); - QA = epoint_init(); - Ppube = epoint_init(); - dEB.x.a = mirvar(0); - dEB.x.b = mirvar(0); - dEB.y.a = mirvar(0); - dEB.y.b = mirvar(0); - dEB.z.a = mirvar(0); - dEB.z.b = mirvar(0); - dEB.marker = MR_EPOINT_INFINITY; - - bytes_to_big(BNLEN, Ppub, x); - bytes_to_big(BNLEN, Ppub + BNLEN, y); - bytes128_to_ecn2(deB, &dEB); - epoint_set(x, y, 0, Ppube); - - //----------B1:calculate QA=[H1(IDA||hid,N)]P1+Ppube---------- - Zlen = strlen(IDA) + 1; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(Z, IDA, strlen(IDA)); - memcpy(Z + strlen(IDA), hid, 1); - - buf = SM9_standard_h1(Z, Zlen, N, h); - if(buf) - return buf; - ecurve_mult(h, P1, QA); - ecurve_add(Ppube, QA); - printf("\n*******************QA:=[H1(IDA||hid,N)]P1+Ppube*****************\n"); - epoint_get(QA, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - - //--------------- Step B2:randnom ------------------- - bytes_to_big(BNLEN, randB, rB); - printf("\n***********************randnum rB:********************************\n"); - cotnum(rB, stdout); - - //----------------Step B3:RB=[rB]QA------------------ - ecurve_mult(rB, QA, RB); - printf("\n*************************:RB=[rB]QA*******************************\n"); - epoint_get(RB, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - - //test if RA is on G1 - if(Test_Point(RA)) - return SM9_NOT_VALID_G1; - - //----------------Step B4:g1=e(deB,RA),g2=(e(P2,Ppube))^rB,g3=g1^rB - if(!ecap(dEB, RA, para_t, X, g1)) - return SM9_MY_ECAP_12A_ERR; - if(!ecap(P2, Ppube, para_t, X, g2)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if((!member(*g1, para_t, X)) || (!member(*g2, para_t, X))) - return SM9_MEMBER_ERR; - - *g2 = zzn12_pow(*g2, rB); - *g3 = zzn12_pow(*g1, rB); - - printf("\n***********************g1=e(RA,deB):****************************\n"); - zzn12_ElementPrint(*g1); - printf("\n*******************g2=(e(P2,Ppub3))^rB:*************************\n"); - zzn12_ElementPrint(*g2); - printf("\n***********************g3=g1^rB:********************************\n"); - zzn12_ElementPrint(*g3); - - //---------------- B5:SKB=KDF(IDA||IDB||RA||RB||g1||g2||g3,klen)---------- - buf = SM9_standard_keyex_kdf(IDA, IDB, RA, RB, *g1, *g2, *g3, 16, SKB); - if(buf) - return buf; - printf("\n***********SKB=KDF(IDA||IDB||RA||RB||g1||g2||g3,klen):***********\n"); - for(i = 0; i < 16; i++) - printf("%02x", SKB[i]); - - //---------------- B6(optional):SB=Hash(0x82||g1||Hash(g2||g3||IDA||IDB||RA||RB))---------- - buf = SM9_standard_keyex_hash(hashid, IDA, IDB, RA, RB, *g1, *g2, *g3, SB); - if(buf) - return buf; - printf("\n********SB=Hash(0x82||g1||Hash(g2||g3||IDA||IDB||RA||RB))********\n"); - for(i = 0; i < SM3_len / 8; i++) - printf("%02x", SB[i]); - - free(Z); - return 0; -} - - -int SM9_standard_keyex_inita_ii(unsigned char *IDA, unsigned char *IDB, unsigned char randA[], unsigned char Ppub[], - unsigned char deA[], epoint *RA, epoint *RB, unsigned char SB[], unsigned char SA[]) -{ - big h, x, y, rA; - epoint *Ppube; - unsigned char hashid[] = {0x82}; - unsigned char S1[SM3_len / 8], SKA[16]; - zzn12 g1, g2, g3; - ecn2 dEA; - int buf, i; - - //initiate - h = mirvar(0); - rA = mirvar(0); - x = mirvar(0); - y = mirvar(0); - Ppube = epoint_init(); - dEA.x.a = mirvar(0); - dEA.x.b = mirvar(0); - dEA.y.a = mirvar(0); - dEA.y.b = mirvar(0); - dEA.z.a = mirvar(0); - dEA.z.b = mirvar(0); - dEA.marker = MR_EPOINT_INFINITY; - zzn12_init(&g1); - zzn12_init(&g2); - zzn12_init(&g3); - - bytes_to_big(BNLEN, Ppub, x); - bytes_to_big(BNLEN, Ppub + BNLEN, y); - bytes_to_big(BNLEN, randA, rA); - bytes128_to_ecn2(deA, &dEA); - epoint_set(x, y, 0, Ppube); - - //test if RB is on G1 - if(Test_Point(RB)) - return SM9_NOT_VALID_G1; - - //----------------Step A5:g1=(e(P2,Ppube))^rA,g2=e(deA,RB),g3=g2^rA--------- - if(!ecap(P2, Ppube, para_t, X, &g1)) - return SM9_MY_ECAP_12A_ERR; - if(!ecap(dEA, RB, para_t, X, &g2)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if((!member(g1, para_t, X)) || (!member(g2, para_t, X))) - return SM9_MEMBER_ERR; - - g1 = zzn12_pow(g1, rA); - g3 = zzn12_pow(g2, rA); - printf("\n***********************g1=e(Ppub,P2):****************************\n"); - zzn12_ElementPrint(g1); - printf("\n*******************g2=(e(RB,deA))^rB:*************************\n"); - zzn12_ElementPrint(g2); - printf("\n***********************g3=g2^rB:********************************\n"); - zzn12_ElementPrint(g3); - - //------------------ A6:S1=Hash(0x82||g1||Hash(g2||g3||IDA||IDB||RA||RB))---------- - buf = SM9_standard_keyex_hash(hashid, IDA, IDB, RA, RB, g1, g2, g3, S1); - if(buf) - return buf; - printf("\n*********S1=Hash(0x82||g1||Hash(g2||g3||IDA||IDB||RA||RB))********\n"); - for(i = 0; i < SM3_len / 8; i++) - printf("%02x", S1[i]); - - if(memcmp(S1, SB, SM3_len / 8)) - return SM9_ERR_CMP_S1SB; - - //---------- A7: SKA=KDF(IDA||IDB||RA||RB||g1||g2||g3,klen)---------- - buf = SM9_standard_keyex_kdf(IDA, IDB, RA, RB, g1, g2, g3, 16, SKA); - if(buf) - return buf; - printf("\n************SKA=KDF(IDA||IDB||RA||RB||g1||g2||g3,klen)************\n"); - for(i = 0; i < 16; i++) - printf("%02x", SKA[i]); - - //--------- A8(optional):SA=Hash(0x83||g1||Hash(g2||g3||IDA||IDB||RA||RB))---------- - hashid[0] = (unsigned char)0x83; - buf = SM9_standard_keyex_hash(hashid, IDA, IDB, RA, RB, g1, g2, g3, SA); - if(buf) - return buf; - printf("\n*********SA=Hash(0x83||g1||Hash(g2||g3||IDA||IDB||RA||RB))********\n"); - for(i = 0; i < SM3_len / 8; i++) - printf("%02x", SA[i]); - - return 0; -} - - -int SM9_standard_keyex_reb_ii(unsigned char *IDA, unsigned char *IDB, zzn12 g1, zzn12 g2, zzn12 g3, epoint *RA, epoint *RB, unsigned char SA[]) -{ - unsigned char hashid[] = {0x83}; - unsigned char S2[SM3_len / 8]; - int buf, i; - - //---------------- B8(optional):S2=Hash(0x83||g1||Hash(g2||g3||IDA||IDB||RA||RB))---------- - buf = SM9_standard_keyex_hash(hashid, IDA, IDB, RA, RB, g1, g2, g3, S2); - if(buf) - return buf; - printf("\n*************** S2=Hash(0x83||g1||Hash(g2||g3||IDA||IDB||RA||RB))****************\n"); - for(i = 0; i < SM3_len / 8; i++) - printf("%02x", S2[i]); - - if(memcmp(S2, SA, SM3_len / 8)) - return SM9_ERR_CMP_S2SA; - return 0; -} - - -int SM9_standard_exch_selfcheck() -{ - //the master private key - unsigned char KE[32] = {0x00, 0x02, 0xE6, 0x5B, 0x07, 0x62, 0xD0, 0x42, 0xF5, 0x1F, 0x0D, 0x23, 0x54, 0x2B, 0x13, 0xED, - 0x8C, 0xFA, 0x2E, 0x9A, 0x0E, 0x72, 0x06, 0x36, 0x1E, 0x01, 0x3A, 0x28, 0x39, 0x05, 0xE3, 0x1F}; - unsigned char randA[32] = {0x00, 0x00, 0x58, 0x79, 0xDD, 0x1D, 0x51, 0xE1, 0x75, 0x94, 0x6F, 0x23, 0xB1, 0xB4, 0x1E, 0x93, - 0xBA, 0x31, 0xC5, 0x84, 0xAE, 0x59, 0xA4, 0x26, 0xEC, 0x10, 0x46, 0xA4, 0xD0, 0x3B, 0x06, 0xC8}; - unsigned char randB[32] = {0x00, 0x01, 0x8B, 0x98, 0xC4, 0x4B, 0xEF, 0x9F, 0x85, 0x37, 0xFB, 0x7D, 0x07, 0x1B, 0x2C, 0x92, - 0x8B, 0x3B, 0xC6, 0x5B, 0xD3, 0xD6, 0x9E, 0x1E, 0xEE, 0x21, 0x35, 0x64, 0x90, 0x56, 0x34, 0xFE}; - //standard datas - unsigned char std_Ppub[64] = {0x91, 0x74, 0x54, 0x26, 0x68, 0xE8, 0xF1, 0x4A, 0xB2, 0x73, 0xC0, 0x94, 0x5C, 0x36, 0x90, 0xC6, - 0x6E, 0x5D, 0xD0, 0x96, 0x78, 0xB8, 0x6F, 0x73, 0x4C, 0x43, 0x50, 0x56, 0x7E, 0xD0, 0x62, 0x83, - 0x54, 0xE5, 0x98, 0xC6, 0xBF, 0x74, 0x9A, 0x3D, 0xAC, 0xC9, 0xFF, 0xFE, 0xDD, 0x9D, 0xB6, 0x86, - 0x6C, 0x50, 0x45, 0x7C, 0xFC, 0x7A, 0xA2, 0xA4, 0xAD, 0x65, 0xC3, 0x16, 0x8F, 0xF7, 0x42, 0x10}; - unsigned char std_deA[128] = {0x0F, 0xE8, 0xEA, 0xB3, 0x95, 0x19, 0x9B, 0x56, 0xBF, 0x1D, 0x75, 0xBD, 0x2C, 0xD6, 0x10, 0xB6, - 0x42, 0x4F, 0x08, 0xD1, 0x09, 0x29, 0x22, 0xC5, 0x88, 0x2B, 0x52, 0xDC, 0xD6, 0xCA, 0x83, 0x2A, - 0x7D, 0xA5, 0x7B, 0xC5, 0x02, 0x41, 0xF9, 0xE5, 0xBF, 0xDD, 0xC0, 0x75, 0xDD, 0x9D, 0x32, 0xC7, - 0x77, 0x71, 0x00, 0xD7, 0x36, 0x91, 0x6C, 0xFC, 0x16, 0x5D, 0x8D, 0x36, 0xE0, 0x63, 0x4C, 0xD7, - 0x83, 0xA4, 0x57, 0xDA, 0xF5, 0x2C, 0xAD, 0x46, 0x4C, 0x90, 0x3B, 0x26, 0x06, 0x2C, 0xAF, 0x93, - 0x7B, 0xB4, 0x0E, 0x37, 0xDA, 0xDE, 0xD9, 0xED, 0xA4, 0x01, 0x05, 0x0E, 0x49, 0xC8, 0xAD, 0x0C, - 0x69, 0x70, 0x87, 0x6B, 0x9A, 0xAD, 0x1B, 0x7A, 0x50, 0xBB, 0x48, 0x63, 0xA1, 0x1E, 0x57, 0x4A, - 0xF1, 0xFE, 0x3C, 0x59, 0x75, 0x16, 0x1D, 0x73, 0xDE, 0x4C, 0x3A, 0xF6, 0x21, 0xFB, 0x1E, 0xFB}; - unsigned char std_deB[128] = {0x74, 0xCC, 0xC3, 0xAC, 0x9C, 0x38, 0x3C, 0x60, 0xAF, 0x08, 0x39, 0x72, 0xB9, 0x6D, 0x05, 0xC7, - 0x5F, 0x12, 0xC8, 0x90, 0x7D, 0x12, 0x8A, 0x17, 0xAD, 0xAF, 0xBA, 0xB8, 0xC5, 0xA4, 0xAC, 0xF7, - 0x01, 0x09, 0x2F, 0xF4, 0xDE, 0x89, 0x36, 0x26, 0x70, 0xC2, 0x17, 0x11, 0xB6, 0xDB, 0xE5, 0x2D, - 0xCD, 0x5F, 0x8E, 0x40, 0xC6, 0x65, 0x4B, 0x3D, 0xEC, 0xE5, 0x73, 0xC2, 0xAB, 0x3D, 0x29, 0xB2, - 0x44, 0xB0, 0x29, 0x4A, 0xA0, 0x42, 0x90, 0xE1, 0x52, 0x4F, 0xF3, 0xE3, 0xDA, 0x8C, 0xFD, 0x43, - 0x2B, 0xB6, 0x4D, 0xE3, 0xA8, 0x04, 0x0B, 0x5B, 0x88, 0xD1, 0xB5, 0xFC, 0x86, 0xA4, 0xEB, 0xC1, - 0x8C, 0xFC, 0x48, 0xFB, 0x4F, 0xF3, 0x7F, 0x1E, 0x27, 0x72, 0x74, 0x64, 0xF3, 0xC3, 0x4E, 0x21, - 0x53, 0x86, 0x1A, 0xD0, 0x8E, 0x97, 0x2D, 0x16, 0x25, 0xFC, 0x1A, 0x7B, 0xD1, 0x8D, 0x55, 0x39}; - unsigned char std_RA[64] = {0x7C, 0xBA, 0x5B, 0x19, 0x06, 0x9E, 0xE6, 0x6A, 0xA7, 0x9D, 0x49, 0x04, 0x13, 0xD1, 0x18, 0x46, - 0xB9, 0xBA, 0x76, 0xDD, 0x22, 0x56, 0x7F, 0x80, 0x9C, 0xF2, 0x3B, 0x6D, 0x96, 0x4B, 0xB2, 0x65, - 0xA9, 0x76, 0x0C, 0x99, 0xCB, 0x6F, 0x70, 0x63, 0x43, 0xFE, 0xD0, 0x56, 0x37, 0x08, 0x58, 0x64, - 0x95, 0x8D, 0x6C, 0x90, 0x90, 0x2A, 0xBA, 0x7D, 0x40, 0x5F, 0xBE, 0xDF, 0x7B, 0x78, 0x15, 0x99}; - unsigned char std_RB[64] = {0x86, 0x1E, 0x91, 0x48, 0x5F, 0xB7, 0x62, 0x3D, 0x27, 0x94, 0xF4, 0x95, 0x03, 0x1A, 0x35, 0x59, - 0x8B, 0x49, 0x3B, 0xD4, 0x5B, 0xE3, 0x78, 0x13, 0xAB, 0xC7, 0x10, 0xFC, 0xC1, 0xF3, 0x44, 0x82, - 0x32, 0xD9, 0x06, 0xA4, 0x69, 0xEB, 0xC1, 0x21, 0x6A, 0x80, 0x2A, 0x70, 0x52, 0xD5, 0x61, 0x7C, - 0xD4, 0x30, 0xFB, 0x56, 0xFB, 0xA7, 0x29, 0xD4, 0x1D, 0x9B, 0xD6, 0x68, 0xE9, 0xEB, 0x96, 0x00}; - unsigned char std_SA[32] = {0x19, 0x5D, 0x1B, 0x72, 0x56, 0xBA, 0x7E, 0x0E, 0x67, 0xC7, 0x12, 0x02, 0xA2, 0x5F, 0x8C, 0x94, - 0xFF, 0x82, 0x41, 0x70, 0x2C, 0x2F, 0x55, 0xD6, 0x13, 0xAE, 0x1C, 0x6B, 0x98, 0x21, 0x51, 0x72}; - unsigned char std_SB[32] = {0x3B, 0xB4, 0xBC, 0xEE, 0x81, 0x39, 0xC9, 0x60, 0xB4, 0xD6, 0x56, 0x6D, 0xB1, 0xE0, 0xD5, 0xF0, - 0xB2, 0x76, 0x76, 0x80, 0xE5, 0xE1, 0xBF, 0x93, 0x41, 0x03, 0xE6, 0xC6, 0x6E, 0x40, 0xFF, 0xEE}; - - unsigned char hid[] = {0x02}, *IDA = "Alice", *IDB = "Bob"; - unsigned char Ppub[64], deA[128], deB[128]; - unsigned char xy[64], SA[SM3_len / 8], SB[SM3_len / 8]; - epoint *RA, *RB; - big ke, x, y; - zzn12 g1, g2, g3; - int tmp, i; - - mip = mirsys(1000, 16); - mip->IOBASE = 16; - x = mirvar(0); - y = mirvar(0); - ke = mirvar(0); - bytes_to_big(32, KE, ke); - RA = epoint_init(); - RB = epoint_init(); - zzn12_init(&g1); - zzn12_init(&g2); - zzn12_init(&g3); - - tmp = SM9_standard_init(); - if(tmp != 0) - return tmp; - - printf("\n*********************** SM9 key Generation ***************************\n"); - tmp = SM9_standard_generateencryptkey(hid, IDA, strlen(IDA), ke, Ppub, deA); - if(tmp != 0) - return tmp; - tmp = SM9_standard_generateencryptkey(hid, IDB, strlen(IDB), ke, Ppub, deB); - if(tmp != 0) - return tmp; - if(memcmp(Ppub, std_Ppub, 64) != 0) - return SM9_GEPUB_ERR; - if(memcmp(deA, std_deA, 128) != 0) - return SM9_GEPRI_ERR; - if(memcmp(deB, std_deB, 128) != 0) - return SM9_GEPRI_ERR; - - printf("\n**********************PublicKey Ppubs=[ke]P1:*************************\n"); - for(i = 0; i < 64; i++) - printf("%02x", Ppub[i]); - printf("\n**************The private key deA = (xdeA, ydeA):*********************\n"); - for(i = 0; i < 128; i++) - printf("%02x", deA[i]); - printf("\n**************The private key deB = (xdeB, ydeB):*********************\n"); - for(i = 0; i < 128; i++) - printf("%02x", deB[i]); - - printf("\n//////////////////// SM9 Key exchange A1-A4://////////////////////////\n"); - tmp = SM9_standard_keyex_inita_i(hid, IDB, randA, Ppub, deA, RA); - if(tmp != 0) - return tmp; - printf("\n ////////////////////////////:RA=[r]QB //////////////////////////////\n"); - epoint_get(RA, x, y); - cotnum(x, stdout); - cotnum(y, stdout); - big_to_bytes(BNLEN, x, xy, 1); - big_to_bytes(BNLEN, y, xy + BNLEN, 1); - if(memcmp(xy, std_RA, BNLEN * 2) != 0) - return SM9_ERR_RA; - - printf("\n//////////////////////// SM9 Key exchange B1-B7:///////////////////////\n"); - tmp = SM9_standard_keyex_reb_i(hid, IDA, IDB, randB, Ppub, deB, RA, RB, SB, &g1, &g2, &g3); - if(tmp != 0) - return tmp; - epoint_get(RB, x, y); - big_to_bytes(BNLEN, x, xy, 1); - big_to_bytes(BNLEN, y, xy + BNLEN, 1); - - if(memcmp(xy, std_RB, BNLEN * 2) != 0) - return SM9_ERR_RB; - if(memcmp(SB, std_SB, SM3_len / 8) != 0) - return SM9_ERR_SB; - - printf("\n//////////////////////// SM9 Key exchange A5-A8:///////////////////////\n"); - tmp = SM9_standard_keyex_inita_ii(IDA, IDB, randA, Ppub, deA, RA, RB, SB, SA); - if(tmp!=0) - return tmp; - if(memcmp(SA, std_SA, SM3_len / 8) != 0) - return SM9_ERR_SA; - - printf("\n//////////////////////// SM9 Key exchange B8:///////////////////////\n"); - tmp = SM9_standard_keyex_reb_ii(IDA, IDB, g1, g2, g3, RA, RB, SA); - if(tmp != 0) - return tmp; - - return 0; -} diff --git a/engines/sm_standard/sm9/sm9_standard_sv.c b/engines/sm_standard/sm9/sm9_standard_sv.c deleted file mode 100644 index f27fc534..00000000 --- a/engines/sm_standard/sm9/sm9_standard_sv.c +++ /dev/null @@ -1,446 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include "sm9_standard.h" -#include "miracl.h" -#include "mirdef.h" -#include - - -int SM9_standard_h2(unsigned char Z[], int Zlen, big n, big h2) -{ - int hlen, ZHlen, i; - big hh, i256, tmp, n1; - unsigned char *ZH = NULL, *ha = NULL; - - hh = mirvar(0); - i256 = mirvar(0); - tmp = mirvar(0); - n1 = mirvar(0); - convert(1, i256); - ZHlen = Zlen + 1; - - hlen = (int)ceil((5.0 * logb2(n)) / 32.0); - decr(n, 1, n1); - ZH = (char *)malloc(sizeof(char)*(ZHlen + 1)); - if(ZH == NULL) - return SM9_ASK_MEMORY_ERR; - memcpy(ZH + 1, Z, Zlen); - ZH[0] = 0x02; - ha = (char *)malloc(sizeof(char)*(hlen + 1)); - if(ha == NULL) - return SM9_ASK_MEMORY_ERR; - SM3_kdf(ZH, ZHlen, hlen, ha); - - for(i = hlen - 1; i >= 0; i--)//key[从大到小] - { - premult(i256, ha[i], tmp); - add(hh, tmp, hh); - premult(i256, 256, i256); - divide(i256, n1, tmp); - divide(hh, n1, tmp); - } - incr(hh, 1, h2); - free(ZH); - free(ha); - return 0; -} - - - -int SM9_standard_generatesignkey(unsigned char hid[], unsigned char *ID, int IDlen, big ks, unsigned char Ppubs[], unsigned char dsa[]) -{ - big h1, t1, t2, rem, xdSA, ydSA, tmp; - unsigned char *Z = NULL; - int Zlen = IDlen + 1, buf; - ecn2 Ppub; - epoint *dSA; - - h1 = mirvar(0); - t1 = mirvar(0); - t2 = mirvar(0); - rem = mirvar(0); - tmp = mirvar(0); - xdSA = mirvar(0); - ydSA = mirvar(0); - dSA = epoint_init(); - Ppub.x.a = mirvar(0); - Ppub.x.b = mirvar(0); - Ppub.y.a = mirvar(0); - Ppub.y.b = mirvar(0); - Ppub.z.a = mirvar(0); - Ppub.z.b = mirvar(0); - Ppub.marker = MR_EPOINT_INFINITY; - - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - memcpy(Z, ID, IDlen); - memcpy(Z + IDlen, hid, 1); - - buf = SM9_standard_h1(Z, Zlen, N, h1); - if(buf != 0) - return buf; - add(h1, ks, t1);//t1=H1(IDA||hid,N)+ks - xgcd(t1, N, t1, t1, t1);//t1=t1(-1) - multiply(ks, t1, t2); - divide(t2, N, rem);//t2=ks*t1(-1) - - //dSA=[t2]P1 - ecurve_mult(t2, P1, dSA); - - //Ppub=[ks]P2 - ecn2_copy(&P2, &Ppub); - ecn2_mul(ks, &Ppub); - - printf("\n*********************The signed key = (xdA, ydA):*********************\n"); - epoint_get(dSA, xdSA, ydSA); - cotnum(xdSA, stdout); - cotnum(ydSA, stdout); - printf("\n**********************PublicKey Ppubs=[ks]P2:*************************\n"); - ecn2_Bytes128_Print(Ppub); - - epoint_get(dSA, xdSA, ydSA); - big_to_bytes(BNLEN, xdSA, dsa, 1); - big_to_bytes(BNLEN, ydSA, dsa + BNLEN, 1); - - redc(Ppub.x.b, tmp); - big_to_bytes(BNLEN, tmp, Ppubs, 1); - redc(Ppub.x.a, tmp); - big_to_bytes(BNLEN, tmp, Ppubs + BNLEN, 1); - redc(Ppub.y.b, tmp); - big_to_bytes(BNLEN, tmp, Ppubs + BNLEN * 2, 1); - redc(Ppub.y.a, tmp); - big_to_bytes(BNLEN, tmp, Ppubs + BNLEN * 3, 1); - - free(Z); - return 0; -} - - -int SM9_standard_sign(unsigned char hid[], unsigned char *IDA, unsigned char *message, int len, unsigned char rand[], unsigned char dsa[], unsigned char Ppub[], unsigned char H[], unsigned char S[]) -{ - big h1, r, h, l, xdSA, ydSA; - big xS, yS, tmp, zero; - zzn12 g, w; - epoint *s, *dSA; - ecn2 Ppubs; - int Zlen, buf; - unsigned char *Z = NULL; - - //initiate - h1 = mirvar(0); - r = mirvar(0); - h = mirvar(0); - l = mirvar(0); - tmp = mirvar(0); - zero = mirvar(0); - xS = mirvar(0); - yS = mirvar(0); - xdSA = mirvar(0); - ydSA = mirvar(0); - s = epoint_init(); - dSA = epoint_init(); - Ppubs.x.a = mirvar(0); - Ppubs.x.b = mirvar(0); - Ppubs.y.a = mirvar(0); - Ppubs.y.b = mirvar(0); - Ppubs.z.a = mirvar(0); - Ppubs.z.b = mirvar(0); - Ppubs.marker = MR_EPOINT_INFINITY; - zzn12_init(&g); - zzn12_init(&w); - - bytes_to_big(BNLEN, rand, r); - bytes_to_big(BNLEN, dsa, xdSA); - bytes_to_big(BNLEN, dsa + BNLEN, ydSA); - epoint_set(xdSA, ydSA, 0, dSA); - bytes128_to_ecn2(Ppub, &Ppubs); - - //Step1:g = e(P1, Ppub-s) - if(!ecap(Ppubs, P1, para_t, X, &g)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(g, para_t, X)) - return SM9_MEMBER_ERR; - - printf("\n***********************g=e(P1,Ppubs):****************************\n"); - zzn12_ElementPrint(g); - - //Step2:calculate w=g(r) - printf("\n***********************randnum r:********************************\n"); - cotnum(r, stdout); - w = zzn12_pow(g, r); - printf("\n***************************w=gr:**********************************\n"); - zzn12_ElementPrint(w); - - //Step3:calculate h=H2(M||w,N) - Zlen = len + 32 * 12; - Z = (char *)malloc(sizeof(char)*(Zlen + 1)); - if(Z == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(message, len, w, Z, Zlen); - buf = SM9_standard_h2(Z, Zlen, N, h); - if(buf != 0) - return buf; - printf("\n****************************h:*************************************\n"); - cotnum(h, stdout); - - //Step4:l=(r-h)mod N - subtract(r, h, l); - divide(l, N, tmp); - while(mr_compare(l, zero) < 0) - add(l, N, l); - if(mr_compare(l, zero) == 0) - return SM9_L_error; - printf("\n**************************l=(r-h)mod N:****************************\n"); - cotnum(l, stdout); - - //Step5:S=[l]dSA=(xS,yS) - ecurve_mult(l, dSA, s); - epoint_get(s, xS, yS); - printf("\n**************************S=[l]dSA=(xS,yS):*************************\n"); - cotnum(xS, stdout); - cotnum(yS, stdout); - - big_to_bytes(32, h, H, 1); - big_to_bytes(32, xS, S, 1); - big_to_bytes(32, yS, S + 32, 1); - - free(Z); - return 0; -} - - -int SM9_standard_verify(unsigned char H[], unsigned char S[], unsigned char hid[], unsigned char *IDA, unsigned char *message, int len, unsigned char Ppub[]) -{ - big h, xS, yS, h1, h2; - epoint *S1; - zzn12 g, t, u, w; - ecn2 P, Ppubs; - int Zlen1, Zlen2, buf; - unsigned char * Z1 = NULL, *Z2 = NULL; - - h = mirvar(0); - h1 = mirvar(0); - h2 = mirvar(0); - xS = mirvar(0); - yS = mirvar(0); - P.x.a = mirvar(0); - P.x.b = mirvar(0); - P.y.a = mirvar(0); - P.y.b = mirvar(0); - P.z.a = mirvar(0); - P.z.b = mirvar(0); - P.marker = MR_EPOINT_INFINITY; - Ppubs.x.a = mirvar(0); - Ppubs.x.b = mirvar(0); - Ppubs.y.a = mirvar(0); - Ppubs.y.b = mirvar(0); - Ppubs.z.a = mirvar(0); - Ppubs.z.b = mirvar(0); - Ppubs.marker = MR_EPOINT_INFINITY; - S1 = epoint_init(); - zzn12_init(&g); - zzn12_init(&t); - zzn12_init(&u); - zzn12_init(&w); - - bytes_to_big(BNLEN, H, h); - bytes_to_big(BNLEN, S, xS); - bytes_to_big(BNLEN, S + BNLEN, yS); - bytes128_to_ecn2(Ppub, &Ppubs); - - //Step 1:test if h in the rangge [1,N-1] - if(Test_Range(h)) - return SM9_H_OUTRANGE; - - //Step 2:test if S is on G1 - epoint_set(xS, yS, 0, S1); - if(Test_Point(S1)) - return SM9_S_NOT_VALID_G1; - - //Step3:g = e(P1, Ppub-s) - if(!ecap(Ppubs, P1, para_t, X, &g)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(g, para_t, X)) - return SM9_MEMBER_ERR; - - printf("\n***********************g=e(P1,Ppubs):****************************\n"); - zzn12_ElementPrint(g); - - //Step4:calculate t=g(h) - t = zzn12_pow(g, h); - printf("\n***************************w=gh:**********************************\n"); - zzn12_ElementPrint(t); - - //Step5:calculate h1=H1(IDA||hid,N) - Zlen1 = strlen(IDA) + 1; - Z1 = (char *)malloc(sizeof(char)*(Zlen1 + 1)); - if(Z1 == NULL) - return SM9_ASK_MEMORY_ERR; - - memcpy(Z1, IDA, strlen(IDA)); - memcpy(Z1 + strlen(IDA), hid, 1); - buf = SM9_standard_h1(Z1, Zlen1, N, h1); - if(buf != 0) - return buf; - printf("\n****************************h1:**********************************\n"); - cotnum(h1, stdout); - - //Step6:P=[h1]P2+Ppubs - ecn2_copy(&P2, &P); - ecn2_mul(h1, &P); - ecn2_add(&Ppubs, &P); - - //Step7:u=e(S1,P) - if(!ecap(P, S1, para_t, X, &u)) - return SM9_MY_ECAP_12A_ERR; - //test if a ZZn12 element is of order q - if(!member(u, para_t, X)) - return SM9_MEMBER_ERR; - printf("\n************************** u=e(S1,P):*****************************\n"); - zzn12_ElementPrint(u); - - //Step8:w=u*t - zzn12_mul(u, t, &w); - printf("\n************************* w=u*t: **********************************\n"); - zzn12_ElementPrint(w); - - //Step9:h2=H2(M||w,N) - Zlen2 = len + 32 * 12; - Z2 = (char *)malloc(sizeof(char)*(Zlen2 + 1)); - if(Z2 == NULL) - return SM9_ASK_MEMORY_ERR; - - LinkCharZzn12(message, len, w, Z2, Zlen2); - buf = SM9_standard_h2(Z2, Zlen2, N, h2); - if(buf != 0) - return buf; - printf("\n**************************** h2:***********************************\n"); - cotnum(h2, stdout); - - free(Z1); - free(Z2); - if(mr_compare(h2, h) != 0) - return SM9_DATA_MEMCMP_ERR; - - return 0; -} - - -int SM9_standard_sv_selfcheck() -{ - //the master private key - unsigned char dA[32] = {0x00, 0x01, 0x30, 0xE7, 0x84, 0x59, 0xD7, 0x85, 0x45, 0xCB, 0x54, 0xC5, 0x87, 0xE0, 0x2C, 0xF4, - 0x80, 0xCE, 0x0B, 0x66, 0x34, 0x0F, 0x31, 0x9F, 0x34, 0x8A, 0x1D, 0x5B, 0x1F, 0x2D, 0xC5, 0xF4}; - unsigned char rand[32] = {0x00, 0x03, 0x3C, 0x86, 0x16, 0xB0, 0x67, 0x04, 0x81, 0x32, 0x03, 0xDF, 0xD0, 0x09, 0x65, 0x02, - 0x2E, 0xD1, 0x59, 0x75, 0xC6, 0x62, 0x33, 0x7A, 0xED, 0x64, 0x88, 0x35, 0xDC, 0x4B, 0x1C, 0xBE}; - - unsigned char h[32], S[64];// Signature - unsigned char Ppub[128], dSA[64]; - - unsigned char std_h[32] = {0x82, 0x3C, 0x4B, 0x21, 0xE4, 0xBD, 0x2D, 0xFE, 0x1E, 0xD9, 0x2C, 0x60, 0x66, 0x53, 0xE9, 0x96, - 0x66, 0x85, 0x63, 0x15, 0x2F, 0xC3, 0x3F, 0x55, 0xD7, 0xBF, 0xBB, 0x9B, 0xD9, 0x70, 0x5A, 0xDB}; - unsigned char std_S[64] = {0x73, 0xBF, 0x96, 0x92, 0x3C, 0xE5, 0x8B, 0x6A, 0xD0, 0xE1, 0x3E, 0x96, 0x43, 0xA4, 0x06, 0xD8, - 0xEB, 0x98, 0x41, 0x7C, 0x50, 0xEF, 0x1B, 0x29, 0xCE, 0xF9, 0xAD, 0xB4, 0x8B, 0x6D, 0x59, 0x8C, - 0x85, 0x67, 0x12, 0xF1, 0xC2, 0xE0, 0x96, 0x8A, 0xB7, 0x76, 0x9F, 0x42, 0xA9, 0x95, 0x86, 0xAE, - 0xD1, 0x39, 0xD5, 0xB8, 0xB3, 0xE1, 0x58, 0x91, 0x82, 0x7C, 0xC2, 0xAC, 0xED, 0x9B, 0xAA, 0x05}; - unsigned char std_Ppub[128] = {0x9F, 0x64, 0x08, 0x0B, 0x30, 0x84, 0xF7, 0x33, 0xE4, 0x8A, 0xFF, 0x4B, 0x41, 0xB5, 0x65, 0x01, - 0x1C, 0xE0, 0x71, 0x1C, 0x5E, 0x39, 0x2C, 0xFB, 0x0A, 0xB1, 0xB6, 0x79, 0x1B, 0x94, 0xC4, 0x08, - 0x29, 0xDB, 0xA1, 0x16, 0x15, 0x2D, 0x1F, 0x78, 0x6C, 0xE8, 0x43, 0xED, 0x24, 0xA3, 0xB5, 0x73, - 0x41, 0x4D, 0x21, 0x77, 0x38, 0x6A, 0x92, 0xDD, 0x8F, 0x14, 0xD6, 0x56, 0x96, 0xEA, 0x5E, 0x32, - 0x69, 0x85, 0x09, 0x38, 0xAB, 0xEA, 0x01, 0x12, 0xB5, 0x73, 0x29, 0xF4, 0x47, 0xE3, 0xA0, 0xCB, - 0xAD, 0x3E, 0x2F, 0xDB, 0x1A, 0x77, 0xF3, 0x35, 0xE8, 0x9E, 0x14, 0x08, 0xD0, 0xEF, 0x1C, 0x25, - 0x41, 0xE0, 0x0A, 0x53, 0xDD, 0xA5, 0x32, 0xDA, 0x1A, 0x7C, 0xE0, 0x27, 0xB7, 0xA4, 0x6F, 0x74, - 0x10, 0x06, 0xE8,0x5F,0x5C,0xDF,0xF0,0x73,0x0E,0x75,0xC0,0x5F,0xB4,0xE3,0x21, 0x6D}; - unsigned char std_dSA[64] = {0xA5, 0x70, 0x2F, 0x05, 0xCF, 0x13, 0x15, 0x30, 0x5E, 0x2D, 0x6E, 0xB6, 0x4B, 0x0D, 0xEB, 0x92, - 0x3D, 0xB1, 0xA0, 0xBC, 0xF0, 0xCA, 0xFF, 0x90, 0x52, 0x3A, 0xC8, 0x75, 0x4A, 0xA6, 0x98, 0x20, - 0x78, 0x55, 0x9A, 0x84, 0x44, 0x11, 0xF9, 0x82, 0x5C, 0x10, 0x9F, 0x5E, 0xE3, 0xF5, 0x2D, 0x72, - 0x0D, 0xD0, 0x17, 0x85, 0x39, 0x2A, 0x72, 0x7B, 0xB1, 0x55, 0x69, 0x52, 0xB2, 0xB0, 0x13, 0xD3}; - - unsigned char hid[] = {0x01}; - unsigned char *IDA = "Alice"; - unsigned char *message = "Chinese IBS standard";//the message to be signed - int mlen = strlen(message), tmp;//the length of message - big ks; - - tmp = SM9_standard_init(); - - if(tmp != 0) - return tmp; - ks = mirvar(0); - - bytes_to_big(32, dA, ks); - - printf("\n*********************** SM9 key Generation ***************************\n"); - tmp = SM9_standard_generatesignkey(hid, IDA, strlen(IDA), ks, Ppub, dSA); - if(tmp != 0) - return tmp; - if(memcmp(Ppub, std_Ppub, 128) != 0) - return SM9_GEPUB_ERR; - if(memcmp(dSA, std_dSA, 64) != 0) - return SM9_GEPRI_ERR; - - printf("\n********************** SM9 signature algorithm***************************\n"); - tmp = SM9_standard_sign(hid, IDA, message, mlen, rand, dSA, Ppub, h, S); - if(tmp != 0) - return tmp; - if(memcmp(h, std_h, 32) != 0) - return SM9_SIGN_ERR; - if(memcmp(S, std_S, 64) != 0) - return SM9_SIGN_ERR; - printf("\n******************* SM9 verification algorithm *************************\n"); - tmp = SM9_standard_verify(h, S, hid, IDA, message, mlen, Ppub); - if(tmp != 0) - return tmp; - - return 0; -} diff --git a/engines/sm_standard/sm9/zzn12_operation.h b/engines/sm_standard/sm9/zzn12_operation.h deleted file mode 100644 index 3f535113..00000000 --- a/engines/sm_standard/sm9/zzn12_operation.h +++ /dev/null @@ -1,462 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_ZZN12_OPERATION_H -#define HEADER_ZZN12_OPERATION_H - - -#include "miracl.h" - - -#ifdef __cplusplus -extern "C"{ -#endif - -miracl* mip; -zzn2 X; //Frobniues constant -typedef struct -{ - zzn4 a, b, c; - BOOL unitary; // "unitary property means that fast squaring can be used, and inversions are just conjugates - BOOL miller; // "miller" property means that arithmetic on this instance can ignore multiplications - // or divisions by constants - as instance will eventually be raised to (p-1). -} zzn12; - - -static void zzn12_init(zzn12 *x) -{ - x->a.a.a = mirvar(0); - x->a.a.b = mirvar(0); - - x->a.b.a = mirvar(0); - x->a.b.b = mirvar(0); - - x->a.unitary = FALSE; - - - x->b.a.a = mirvar(0); - x->b.a.b = mirvar(0); - - x->b.b.a = mirvar(0); - x->b.b.b = mirvar(0); - - x->b.unitary = FALSE; - - - x->c.a.a = mirvar(0); - x->c.a.b = mirvar(0); - - x->c.b.a = mirvar(0); - x->c.b.b = mirvar(0); - - x->c.unitary = FALSE; - - - x->miller = FALSE; - x->unitary = FALSE; -} - - -static void zzn12_copy(zzn12 *x, zzn12 *y) -{ - zzn4_copy(&x->a, &y->a); - zzn4_copy(&x->b, &y->b); - zzn4_copy(&x->c, &y->c); - - y->miller = x->miller; - y->unitary = x->unitary; -} - - -static void zzn12_mul(zzn12 x, zzn12 y, zzn12 *z) -{ - // Karatsuba - zzn4 Z0, Z1, Z2, Z3, T0, T1; - BOOL zero_c, zero_b; - - Z0.a.a = mirvar(0); - Z0.a.b = mirvar(0); - - Z0.b.a = mirvar(0); - Z0.b.b = mirvar(0); - - Z0.unitary = FALSE; - - - Z1.a.a = mirvar(0); - Z1.a.b = mirvar(0); - - Z1.b.a = mirvar(0); - Z1.b.b = mirvar(0); - - Z1.unitary = FALSE; - - - Z2.a.a = mirvar(0); - Z2.a.b = mirvar(0); - - Z2.b.a = mirvar(0); - Z2.b.b = mirvar(0); - - Z2.unitary = FALSE; - - - Z3.a.a = mirvar(0); - Z3.a.b = mirvar(0); - - Z3.b.a = mirvar(0); - Z3.b.b = mirvar(0); - - Z3.unitary = FALSE; - - - T0.a.a = mirvar(0); - T0.a.b = mirvar(0); - - T0.b.a = mirvar(0); - T0.b.b = mirvar(0); - - T0.unitary = FALSE; - - - T1.a.a = mirvar(0); - T1.a.b = mirvar(0); - - T1.b.a = mirvar(0); - T1.b.b = mirvar(0); - - T1.unitary = FALSE; - - - zzn12_copy(&x, z); - if(zzn4_compare(&x.a, &y.a) && zzn4_compare(&x.a, &y.a) && zzn4_compare(&x.a, &y.a)) - { - if(x.unitary == TRUE) - { - zzn4_copy(&x.a, &Z0); - zzn4_mul(&x.a, &x.a, &z->a); - zzn4_copy(&z->a, &Z3); - zzn4_add(&z->a, &z->a, &z->a); - zzn4_add(&z->a, &Z3, &z->a); - zzn4_conj(&Z0, &Z0); - zzn4_add(&Z0, &Z0, &Z0); - zzn4_sub(&z->a, &Z0, &z->a); - zzn4_copy(&x.c, &Z1); - zzn4_mul(&Z1, &Z1, &Z1); - zzn4_tx(&Z1); - zzn4_copy(&Z1, &Z3); - zzn4_add(&Z1, &Z1, &Z1); - zzn4_add(&Z1, &Z3, &Z1); - zzn4_copy(&x.b, &Z2); - zzn4_mul(&Z2, &Z2, &Z2); - zzn4_copy(&Z2, &Z3); - zzn4_add(&Z2, &Z2, &Z2); - zzn4_add(&Z2, &Z3, &Z2); - zzn4_conj(&x.b, &z->b); - zzn4_add(&z->b, &z->b, &z->b); - zzn4_conj(&x.c, &z->c); - zzn4_add(&z->c, &z->c, &z->c); - zzn4_negate(&z->c, &z->c); - zzn4_add(&z->b, &Z1, &z->b); - zzn4_add(&z->c, &Z2, &z->c); - } - else - { - if(!x.miller) - { // Chung-Hasan SQR2 - zzn4_copy(&x.a, &Z0); - zzn4_mul(&Z0, &Z0, &Z0); - zzn4_mul(&x.b, &x.c, &Z1); - zzn4_add(&Z1, &Z1, &Z1); - zzn4_copy(&x.c, &Z2); - zzn4_mul(&Z2, &Z2, &Z2); - zzn4_mul(&x.a, &x.b, &Z3); - zzn4_add(&Z3, &Z3, &Z3); - zzn4_add(&x.a, &x.b, &z->c); - zzn4_add(&z->c, &x.c, &z->c); - zzn4_mul(&z->c, &z->c, &z->c); - zzn4_tx(&Z1); - zzn4_add(&Z0, &Z1, &z->a); - zzn4_tx(&Z2); - zzn4_add(&Z3, &Z2, &z->b); - zzn4_add(&Z0, &Z1, &T0); - zzn4_add(&T0, &Z2, &T0); - zzn4_add(&T0, &Z3, &T0); - zzn4_sub(&z->c, &T0, &z->c); - } - else - { // Chung-Hasan SQR3 - actually calculate 2x^2 ! - // Slightly dangerous - but works as will be raised to p^{k/2}-1 - // which wipes out the 2. - zzn4_copy(&x.a, &Z0); - zzn4_mul(&Z0, &Z0, &Z0); // a0^2 = S0 - zzn4_copy(&x.c, &Z2); - zzn4_mul(&Z2, &x.b, &Z2); - zzn4_add(&Z2, &Z2, &Z2); // 2a1.a2 = S3 - zzn4_copy(&x.c, &Z3); - zzn4_mul(&Z3, &Z3, &Z3); // a2^2 = S4 - zzn4_add(&x.c, &x.a, &z->c); // a0+a2 - zzn4_copy(&x.b, &Z1); - zzn4_add(&Z1, &z->c, &Z1); - zzn4_mul(&Z1, &Z1, &Z1); // (a0+a1+a2)^2 =S1 - zzn4_sub(&z->c, &x.b, &z->c); - zzn4_mul(&z->c, &z->c, &z->c); // (a0-a1+a2)^2 =S2 - zzn4_add(&Z2, &Z2, &Z2); - zzn4_add(&Z0, &Z0, &Z0); - zzn4_add(&Z3, &Z3, &Z3); - zzn4_sub(&Z1, &z->c, &T0); - zzn4_sub(&T0, &Z2, &T0); - zzn4_sub(&Z1, &Z0, &T1); - zzn4_sub(&T1, &Z3, &T1); - zzn4_add(&z->c, &T1, &z->c); - zzn4_tx(&Z3); - zzn4_add(&T0, &Z3, &z->b); - zzn4_tx(&Z2); - zzn4_add(&Z0, &Z2, &z->a); - } - } - } - else - { - // Karatsuba - zero_b = zzn4_iszero(&y.b); - zero_c = zzn4_iszero(&y.c); - - zzn4_mul(&x.a, &y.a, &Z0); //9 - if(!zero_b) - zzn4_mul(&x.b, &y.b, &Z2); //+6 - - zzn4_add(&x.a, &x.b, &T0); - zzn4_add(&y.a, &y.b, &T1); - zzn4_mul(&T0, &T1, &Z1); //+9 - zzn4_sub(&Z1, &Z0, &Z1); - if(!zero_b) - zzn4_sub(&Z1, &Z2, &Z1); - - zzn4_add(&x.b, &x.c, &T0); - zzn4_add(&y.b, &y.c, &T1); - zzn4_mul(&T0, &T1, &Z3);//+6 - if(!zero_b) - zzn4_sub(&Z3, &Z2, &Z3); - - zzn4_add(&x.a, &x.c, &T0); - zzn4_add(&y.a, &y.c, &T1); - zzn4_mul(&T0, &T1, &T0);//+9=39 for "special case" - if(!zero_b) - zzn4_add(&Z2, &T0, &Z2); - else - zzn4_copy(&T0, &Z2); - - zzn4_sub(&Z2, &Z0, &Z2); - zzn4_copy(&Z1, &z->b); - if(!zero_c) - { - // exploit special form of BN curve line function - zzn4_mul(&x.c, &y.c, &T0); - zzn4_sub(&Z2, &T0, &Z2); - zzn4_sub(&Z3, &T0, &Z3); - zzn4_tx(&T0); - zzn4_add(&z->b, &T0, &z->b); - } - - zzn4_tx(&Z3); - zzn4_add(&Z0, &Z3, &z->a); - zzn4_copy(&Z2, &z->c); - if(!y.unitary) - z->unitary = FALSE; - } -} - - -static void zzn12_conj(zzn12 *x, zzn12 *y) -{ - zzn4_conj(&x->a, &y->a); - zzn4_conj(&x->b, &y->b); - zzn4_negate(&y->b, &y->b); - zzn4_conj(&x->c, &y->c); - y->miller = x->miller; - y->unitary = x->unitary; -} - - -static zzn12 zzn12_inverse(zzn12 w) -{ - zzn4 tmp1, tmp2; - zzn12 res; - - tmp1.a.a = mirvar(0); - tmp1.a.b = mirvar(0); - - tmp1.b.a = mirvar(0); - tmp1.b.b = mirvar(0); - - tmp1.unitary = FALSE; - - - tmp2.a.a = mirvar(0); - tmp2.a.b = mirvar(0); - - tmp2.b.a = mirvar(0); - tmp2.b.b = mirvar(0); - - tmp2.unitary = FALSE; - - - zzn12_init(&res); - - if(w.unitary) - { - zzn12_conj(&w, &res); - return res; - } - //res.a=w.a*w.a-tx(w.b*w.c); - zzn4_mul(&w.a, &w.a, &res.a); - zzn4_mul(&w.b, &w.c, &res.b); - zzn4_tx(&res.b); - zzn4_sub(&res.a, &res.b, &res.a); - - //res.b=tx(w.c*w.c)-w.a*w.b; - zzn4_mul(&w.c, &w.c, &res.c); - zzn4_tx(&res.c); - zzn4_mul(&w.a, &w.b, &res.b); - zzn4_sub(&res.c, &res.b, &res.b); - - //res.c=w.b*w.b-w.a*w.c; - zzn4_mul(&w.b, &w.b, &res.c); - zzn4_mul(&w.a, &w.c, &tmp1); - zzn4_sub(&res.c, &tmp1, &res.c); - - //tmp1=tx(w.b*res.c)+w.a*res.a+tx(w.c*res.b); - zzn4_mul(&w.b, &res.c, &tmp1); - zzn4_tx(&tmp1); - zzn4_mul(&w.a, &res.a, &tmp2); - zzn4_add(&tmp1, &tmp2, &tmp1); - zzn4_mul(&w.c, &res.b, &tmp2); - zzn4_tx(&tmp2); - zzn4_add(&tmp1, &tmp2, &tmp1); - - zzn4_inv(&tmp1); - zzn4_mul(&res.a, &tmp1, &res.a); - zzn4_mul(&res.b, &tmp1, &res.b); - zzn4_mul(&res.c, &tmp1, &res.c); - return res; -} - - -static void zzn12_powq(zzn2 F, zzn12 *y) -{ - zzn2 X2, X3; - X2.a = mirvar(0); - X2.b = mirvar(0); - - X3.a = mirvar(0); - X3.b = mirvar(0); - zzn2_mul(&F, &F, &X2); - zzn2_mul(&X2, &F, &X3); - - zzn4_powq(&X3, &y->a); - zzn4_powq(&X3, &y->b); - zzn4_powq(&X3, &y->c); - zzn4_smul(&y->b, &X, &y->b); - zzn4_smul(&y->c, &X2, &y->c); -} - - -static void zzn12_div(zzn12 x, zzn12 y, zzn12 *z) -{ - y=zzn12_inverse(y); - zzn12_mul(x, y, z); -} - - -static zzn12 zzn12_pow(zzn12 x, big k) -{ - big zero, tmp, tmp1; - int nb, i; - BOOL invert_it; - zzn12 res; - - zero = mirvar(0); - tmp = mirvar(0); - tmp1 = mirvar(0); - - zzn12_init(&res); - copy(k, tmp1); - invert_it = FALSE; - - if(mr_compare(tmp1, zero) == 0) - { - tmp = get_mip()->one; - zzn4_from_big(tmp, &res.a); - return res; - } - if(mr_compare(tmp1, zero) < 0) - { - negify(tmp1, tmp1); - invert_it = TRUE; - } - nb = logb2(k); - zzn12_copy(&x, &res); - if(nb > 1) - for(i = nb - 2; i >= 0; i--) - { - zzn12_mul(res, res, &res); - if(mr_testbit(k, i)) - zzn12_mul(res, x, &res); - } - if(invert_it) - res = zzn12_inverse(res); - return res; -} - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/engines/sm_standard/sms4/sms4_standard.c b/engines/sm_standard/sms4/sms4_standard.c deleted file mode 100644 index abd0b5d0..00000000 --- a/engines/sm_standard/sms4/sms4_standard.c +++ /dev/null @@ -1,182 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include "sms4_standard.h" -//rotate n bits to the left in a 32bit buffer -#define SM4_ROTL32(buf, n) (((buf)<>(32-n))) -uint32_t SM4_CK[32] = {0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269, - 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9, - 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249, - 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9, - 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229, - 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299, - 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209, - 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279 - }; -uint8_t SM4_SBOX[256] = -{ 0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05, - 0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, - 0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62, - 0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6, - 0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8, - 0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35, - 0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87, - 0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e, - 0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1, - 0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3, - 0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f, - 0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51, - 0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8, - 0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0, - 0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84, - 0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48 -}; - -uint32_t SM4_FK[4] = {0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC}; - -void sm4_standard_key_schedule(const unsigned char *key, uint32_t *rk) -{ - uint32_t tmp, buf, K[36]; - uint32_t i; - - for (i = 0; i < 4; i++) - { - K[i] = SM4_FK[i] ^ ( (key[4 * i] << 24) | (key[4 * i + 1] << 16) - | (key[4 * i + 2] << 8) | (key[4 * i + 3]) ); - } - - for (i = 0; i < 32; i++) - { - tmp = K[i + 1] ^ K[i + 2] ^ K[i + 3] ^ SM4_CK[i]; - - //nonlinear operation - buf = (SM4_SBOX[(tmp >> 24) & 0xFF]) << 24 - | (SM4_SBOX[(tmp >> 16) & 0xFF]) << 16 - | (SM4_SBOX[(tmp >> 8) & 0xFF]) << 8 - | (SM4_SBOX[tmp & 0xFF]); - - //linear operation - K[i + 4] = K[i] ^ ((buf) ^ (SM4_ROTL32((buf), 13)) ^ (SM4_ROTL32((buf), 23))); - - rk[i] = K[i + 4]; - } -} - -void sms4_standard_encrypt(const unsigned char *in, unsigned char *out, const unsigned char *key) -{ - uint32_t rk[32], X[36], tmp, buf; - uint32_t i, j; - - sm4_standard_key_schedule(key, rk); - - for (j = 0; j < 4; j++) - { - X[j] = (in[j * 4] << 24) | (in[j * 4 + 1] << 16) - | (in[j * 4 + 2] << 8) | (in[j * 4 + 3]); - } - - for (i = 0; i < 32; i++) - { - tmp = X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ rk[i]; - - //nonlinear operation - buf = ( SM4_SBOX[(tmp >> 24) & 0xFF]) << 24 - | (SM4_SBOX[(tmp >> 16) & 0xFF]) << 16 - | (SM4_SBOX[(tmp >> 8) & 0xFF]) << 8 - | (SM4_SBOX[tmp & 0xFF]); - - //linear operation - X[i + 4] = X[i] ^ (buf ^ SM4_ROTL32((buf), 2)^ SM4_ROTL32((buf), 10) - ^ SM4_ROTL32((buf), 18)^ SM4_ROTL32((buf), 24)); - } - - for (j = 0; j < 4; j++) - { - out[4 * j] = (X[35 - j] >> 24) & 0xFF; - out[4 * j + 1] = (X[35 - j] >> 16) & 0xFF; - out[4 * j + 2] = (X[35 - j] >> 8) & 0xFF; - out[4 * j + 3] = (X[35 - j]) & 0xFF; - } -} - -void sms4_standard_decrypt(const unsigned char *in, unsigned char *out, const unsigned char *key) -{ - uint32_t rk[32], X[36], tmp, buf; - uint32_t i, j; - - sm4_standard_key_schedule(key, rk); - - for (j = 0; j < 4; j++) - { - X[j] = (in[j * 4] << 24) | (in[j * 4 + 1] << 16) | - (in[j * 4 + 2] << 8) | (in[j * 4 + 3]); - } - - for (i = 0; i < 32; i++) - { - tmp = X[i + 1] ^ X[i + 2] ^ X[i + 3] ^ rk[31 - i]; - - //nonlinear operation - buf = (SM4_SBOX[(tmp >> 24) & 0xFF]) << 24 - | (SM4_SBOX[(tmp >> 16) & 0xFF]) << 16 - | (SM4_SBOX[(tmp >> 8) & 0xFF]) << 8 - | (SM4_SBOX[tmp & 0xFF]); - //linear operation - X[i + 4] = X[i] ^ (buf ^ SM4_ROTL32((buf), 2)^ SM4_ROTL32((buf), 10) - ^ SM4_ROTL32((buf), 18)^ SM4_ROTL32((buf), 24)); - } - - for (j = 0; j < 4; j++) - { - out[4 * j] = (X[35 - j] >> 24) & 0xFF; - out[4 * j + 1] = (X[35 - j] >> 16) & 0xFF; - out[4 * j + 2] = (X[35 - j] >> 8) & 0xFF; - out[4 * j + 3] = (X[35 - j]) & 0xFF; - } -} \ No newline at end of file diff --git a/engines/sm_standard/zuc/zuc.h b/engines/sm_standard/zuc/zuc.h deleted file mode 100644 index 8e388c69..00000000 --- a/engines/sm_standard/zuc/zuc.h +++ /dev/null @@ -1,107 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ -unsigned char ZUC_S0[256] = -{ 0x3e, 0x72, 0x5b, 0x47, 0xca, 0xe0, 0x00, 0x33, 0x04, 0xd1, 0x54, 0x98, 0x09, 0xb9, 0x6d, 0xcb, - 0x7b, 0x1b, 0xf9, 0x32, 0xaf, 0x9d, 0x6a, 0xa5, 0xb8, 0x2d, 0xfc, 0x1d, 0x08, 0x53, 0x03, 0x90, - 0x4d, 0x4e, 0x84, 0x99, 0xe4, 0xce, 0xd9, 0x91, 0xdd, 0xb6, 0x85, 0x48, 0x8b, 0x29, 0x6e, 0xac, - 0xcd, 0xc1, 0xf8, 0x1e, 0x73, 0x43, 0x69, 0xc6, 0xb5, 0xbd, 0xfd, 0x39, 0x63, 0x20, 0xd4, 0x38, - 0x76, 0x7d, 0xb2, 0xa7, 0xcf, 0xed, 0x57, 0xc5, 0xf3, 0x2c, 0xbb, 0x14, 0x21, 0x06, 0x55, 0x9b, - 0xe3, 0xef, 0x5e, 0x31, 0x4f, 0x7f, 0x5a, 0xa4, 0x0d, 0x82, 0x51, 0x49, 0x5f, 0xba, 0x58, 0x1c, - 0x4a, 0x16, 0xd5, 0x17, 0xa8, 0x92, 0x24, 0x1f, 0x8c, 0xff, 0xd8, 0xae, 0x2e, 0x01, 0xd3, 0xad, - 0x3b, 0x4b, 0xda, 0x46, 0xeb, 0xc9, 0xde, 0x9a, 0x8f, 0x87, 0xd7, 0x3a, 0x80, 0x6f, 0x2f, 0xc8, - 0xb1, 0xb4, 0x37, 0xf7, 0x0a, 0x22, 0x13, 0x28, 0x7c, 0xcc, 0x3c, 0x89, 0xc7, 0xc3, 0x96, 0x56, - 0x07, 0xbf, 0x7e, 0xf0, 0x0b, 0x2b, 0x97, 0x52, 0x35, 0x41, 0x79, 0x61, 0xa6, 0x4c, 0x10, 0xfe, - 0xbc, 0x26, 0x95, 0x88, 0x8a, 0xb0, 0xa3, 0xfb, 0xc0, 0x18, 0x94, 0xf2, 0xe1, 0xe5, 0xe9, 0x5d, - 0xd0, 0xdc, 0x11, 0x66, 0x64, 0x5c, 0xec, 0x59, 0x42, 0x75, 0x12, 0xf5, 0x74, 0x9c, 0xaa, 0x23, - 0x0e, 0x86, 0xab, 0xbe, 0x2a, 0x02, 0xe7, 0x67, 0xe6, 0x44, 0xa2, 0x6c, 0xc2, 0x93, 0x9f, 0xf1, - 0xf6, 0xfa, 0x36, 0xd2, 0x50, 0x68, 0x9e, 0x62, 0x71, 0x15, 0x3d, 0xd6, 0x40, 0xc4, 0xe2, 0x0f, - 0x8e, 0x83, 0x77, 0x6b, 0x25, 0x05, 0x3f, 0x0c, 0x30, 0xea, 0x70, 0xb7, 0xa1, 0xe8, 0xa9, 0x65, - 0x8d, 0x27, 0x1a, 0xdb, 0x81, 0xb3, 0xa0, 0xf4, 0x45, 0x7a, 0x19, 0xdf, 0xee, 0x78, 0x34, 0x60 -}; - -unsigned char ZUC_S1[256] = -{ 0x55, 0xc2, 0x63, 0x71, 0x3b, 0xc8, 0x47, 0x86, 0x9f, 0x3c, 0xda, 0x5b, 0x29, 0xaa, 0xfd, 0x77, - 0x8c, 0xc5, 0x94, 0x0c, 0xa6, 0x1a, 0x13, 0x00, 0xe3, 0xa8, 0x16, 0x72, 0x40, 0xf9, 0xf8, 0x42, - 0x44, 0x26, 0x68, 0x96, 0x81, 0xd9, 0x45, 0x3e, 0x10, 0x76, 0xc6, 0xa7, 0x8b, 0x39, 0x43, 0xe1, - 0x3a, 0xb5, 0x56, 0x2a, 0xc0, 0x6d, 0xb3, 0x05, 0x22, 0x66, 0xbf, 0xdc, 0x0b, 0xfa, 0x62, 0x48, - 0xdd, 0x20, 0x11, 0x06, 0x36, 0xc9, 0xc1, 0xcf, 0xf6, 0x27, 0x52, 0xbb, 0x69, 0xf5, 0xd4, 0x87, - 0x7f, 0x84, 0x4c, 0xd2, 0x9c, 0x57, 0xa4, 0xbc, 0x4f, 0x9a, 0xdf, 0xfe, 0xd6, 0x8d, 0x7a, 0xeb, - 0x2b, 0x53, 0xd8, 0x5c, 0xa1, 0x14, 0x17, 0xfb, 0x23, 0xd5, 0x7d, 0x30, 0x67, 0x73, 0x08, 0x09, - 0xee, 0xb7, 0x70, 0x3f, 0x61, 0xb2, 0x19, 0x8e, 0x4e, 0xe5, 0x4b, 0x93, 0x8f, 0x5d, 0xdb, 0xa9, - 0xad, 0xf1, 0xae, 0x2e, 0xcb, 0x0d, 0xfc, 0xf4, 0x2d, 0x46, 0x6e, 0x1d, 0x97, 0xe8, 0xd1, 0xe9, - 0x4d, 0x37, 0xa5, 0x75, 0x5e, 0x83, 0x9e, 0xab, 0x82, 0x9d, 0xb9, 0x1c, 0xe0, 0xcd, 0x49, 0x89, - 0x01, 0xb6, 0xbd, 0x58, 0x24, 0xa2, 0x5f, 0x38, 0x78, 0x99, 0x15, 0x90, 0x50, 0xb8, 0x95, 0xe4, - 0xd0, 0x91, 0xc7, 0xce, 0xed, 0x0f, 0xb4, 0x6f, 0xa0, 0xcc, 0xf0, 0x02, 0x4a, 0x79, 0xc3, 0xde, - 0xa3, 0xef, 0xea, 0x51, 0xe6, 0x6b, 0x18, 0xec, 0x1b, 0x2c, 0x80, 0xf7, 0x74, 0xe7, 0xff, 0x21, - 0x5a, 0x6a, 0x54, 0x1e, 0x41, 0x31, 0x92, 0x35, 0xc4, 0x33, 0x07, 0x0a, 0xba, 0x7e, 0x0e, 0x34, - 0x88, 0xb1, 0x98, 0x7c, 0xf3, 0x3d, 0x60, 0x6c, 0x7b, 0xca, 0xd3, 0x1f, 0x32, 0x65, 0x04, 0x28, - 0x64, 0xbe, 0x85, 0x9b, 0x2f, 0x59, 0x8a, 0xd7, 0xb0, 0x25, 0xac, 0xaf, 0x12, 0x03, 0xe2, 0xf2 -}; - -//D value in key loading -uint32_t ZUC_D[16] = {0x44D7, 0x26BC, 0x626B, 0x135E, 0x5789, 0x35E2, 0x7135, 0x09AF, - 0x4D78, 0x2F13, 0x6BC4, 0x1AF1, 0x5E26, 0x3C4D, 0x789A, 0x47AC - }; - -//rotate n bits to the left in a 32bit buffer -#define ZUC_ROTL32(x, k) (((x) << k) | ((x) >> (32 - k))) -//si = ki¡¬ di¡¬ ivi,in key loading -#define ZUC_LINK_TO_S(a, b, c) (((uint32_t)(a) << 23)|((uint32_t)(b) << 8)|(uint32_t)(c)) - - -uint32_t add_mod(uint32_t a, uint32_t b); -uint32_t pow_mod(uint32_t x, uint32_t k); -uint32_t l1(uint32_t X); -uint32_t l2(uint32_t X); -unsigned char bit_value(uint32_t M[], uint32_t i); -uint32_t get_word(uint32_t k[], uint32_t i); -void lfsr_with_init_mode(uint32_t LFSR_S[], uint32_t u) ; -void lfsr_with_work_mode(uint32_t LFSR_S[]) ; -void br(uint32_t LFSR_S[], uint32_t BR_X[]); -uint32_t f(uint32_t BR_X[], uint32_t F_R[]); \ No newline at end of file diff --git a/engines/sm_standard/zuc/zuc_standard.c b/engines/sm_standard/zuc/zuc_standard.c deleted file mode 100644 index b782e60c..00000000 --- a/engines/sm_standard/zuc/zuc_standard.c +++ /dev/null @@ -1,530 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include "zuc_standard.h" -#include "zuc.h" - -/************************************************************ -Function: add_mod -Description: calculate a+b mod 2^31-1 -Calls: -Called By: lfsr_with_init_mode -Input: a,b: uint32_t(32bit) -Output: -Return: c, c=a+b mod 2^31-1 -Others: -************************************************************/ -uint32_t add_mod(uint32_t a, uint32_t b) -{ - uint32_t c = a + b; - if (c >> 31) - { - c = (c & 0x7fffffff) + 1; - } - return c; -} - - -/************************************************************ -Function: pow_mod -Description: calculate x*2^k mod 2^31-1 -Calls: Called By: lfsr_with_init_mode -Input: x: input - k: exponential -Output: -Return: x*2^k mod 2^31-1 -Others: -************************************************************/ -uint32_t pow_mod(uint32_t x, uint32_t k) -{ - return (((x << k) | (x >> (31 - k))) & 0x7fffffff); -} - - -/************************************************************ -Function: l1 -Description: linear transformation l1 -Calls: -Called By: f -Input: X: input -Output: -Return: X^(X<<< 2)^(X<<<10)^(X<<<18)^(X<<<24) -Others: -************************************************************/ -uint32_t l1(uint32_t X) -{ - return X ^ ZUC_ROTL32(X, 2) ^ ZUC_ROTL32(X, 10) ^ ZUC_ROTL32(X, 18) ^ ZUC_ROTL32(X, 24); -} - - -/************************************************************ -Function: l2 -Description: linear transformation l2 -Calls: -Called By: f -Input: X: input -Output: -Return: X^(X<<< 8)^(X<<<14)^(X<<<22)^(X<<<30) -Others: -************************************************************/ -uint32_t l2(uint32_t X) -{ - return X ^ ZUC_ROTL32(X, 8) ^ ZUC_ROTL32(X, 14) ^ ZUC_ROTL32(X, 22) ^ ZUC_ROTL32(X, 30); -} - - -/************************************************************ -Function: bit_value -Description: test if the value of M at the position i equals 0 -Calls: -Called By: zuc_integrity -Input: M: message - i: the position i -Output: -Return: 0:the value of M at the position i equals 0 - 1:the value of M at the position i equals 1 -Others: -************************************************************/ -unsigned char bit_value(uint32_t M[], uint32_t i) -{ - int j, k; - j = i >> 5; - k = i & 0x1f; - if (M[j] & (0x1 << (31 - k))) - return 1; - else - return 0; -} - - -/************************************************************ -Function: get_word -Description: get a 32bit word ki from bit strings k[i],k[i+1]...,namely -ki=k[i]||k[i+1]||…||k[i+31] -Calls: -Called By: zuc_integrity -Input: k[]: - i: the position i -Output: -Return: ki=k[i]||k[i+1]||…||k[i+31] -Others: -************************************************************/ -uint32_t get_word(uint32_t k[], uint32_t i) -{ - int j, m; - uint32_t word; - j = i >> 5; - m = i & 0x1f; - if (m == 0) - word = k[j]; - else - word = (k[j] << m) | (k[j + 1] >> (32 - m)); - return word; -} - - -/************************************************************ -Function: lfsr_with_init_mode -Description: Initialisation mode,refresh the current state of LFSR -Calls: add_mod,pow_mod -Called By: zuc_standard_init -Input: LFSR_S:current state of LFSR - u:u=W>>1 -Output: Null -Return: Null -Others: -************************************************************/ -void lfsr_with_init_mode(uint32_t LFSR_S[], uint32_t u) -{ - uint32_t v = LFSR_S[0], i; - v = add_mod(v, pow_mod(LFSR_S[15], 15)); - v = add_mod(v, pow_mod(LFSR_S[13], 17)); - v = add_mod(v, pow_mod(LFSR_S[10], 21)); - v = add_mod(v, pow_mod(LFSR_S[4] , 20)); - v = add_mod(v, pow_mod(LFSR_S[0] , 8)); - - for (i = 0; i < 15; i++) - { - LFSR_S[i] = LFSR_S[i + 1]; - } - LFSR_S[15] = add_mod(v, u); - - if (!LFSR_S[15]) - { - LFSR_S[15] = 0x7fffffff; - } -}; - - -/************************************************************ -Function: lfsr_with_work_mode -Description: working mode,refresh the current state of LFSR -Calls: add_mod,pow_mod -Called By: zuc_standard_work -Input: LFSR_S:current state of LFSR -Output: Null -Return: Null -Others: -************************************************************/ -void lfsr_with_work_mode(uint32_t LFSR_S[]) -{ - uint32_t v = LFSR_S[0], i; - v = add_mod(v, pow_mod(LFSR_S[15], 15)); - v = add_mod(v, pow_mod(LFSR_S[13], 17)); - v = add_mod(v, pow_mod(LFSR_S[10], 21)); - v = add_mod(v, pow_mod(LFSR_S[4] , 20)); - v = add_mod(v, pow_mod(LFSR_S[0] , 8)); - - for (i = 0; i < 15; i++) - { - LFSR_S[i] = LFSR_S[i + 1]; - } - LFSR_S[15] = v; - - if (!LFSR_S[15]) - { - LFSR_S[15] = 0x7fffffff; - } -}; - - -/************************************************************ -Function: br -Description: Bit Reconstruction -Calls: -Called By: zuc_standard_init,zuc_standard_work -Input: LFSR_S:current state of LFSR -Output: BR_X[]:achieve X0,X1,X2,X3 -Return: Null -Others: -************************************************************/ -void br(uint32_t LFSR_S[], uint32_t BR_X[]) -{ - BR_X[0] = ((LFSR_S[15] & 0x7fff8000) << 1) | (LFSR_S[14] & 0x0000ffff); - BR_X[1] = ((LFSR_S[11] & 0x0000ffff) << 16) | ((LFSR_S[9] & 0x7fff8000) >> 15); - BR_X[2] = ((LFSR_S[7] & 0x0000ffff) << 16) | ((LFSR_S[5] & 0x7fff8000) >> 15); - BR_X[3] = ((LFSR_S[2] & 0x0000ffff) << 16) | ((LFSR_S[0] & 0x7fff8000) >> 15); -} - - -/************************************************************ -Function: f -Description: nonlinear function -Calls: -Called By: zuc_standard_init,zuc_standard_work -Input: BR_X[]:words X0,X1,X2,X3 from br - F_R[]:F_R[0]=R1,F_R[1]=R2 -Output: -Return: W -Others: -************************************************************/ -uint32_t f(uint32_t BR_X[], uint32_t F_R[]) -{ - uint32_t W, W1, W2; - - W = (BR_X[0] ^ F_R[0]) + F_R[1]; - W1 = F_R[0] + BR_X[1]; - W2 = F_R[1] ^ BR_X[2]; - F_R[0] = l1((W1 << 16) | (W2 >> 16)); - F_R[0] = (ZUC_S0[(F_R[0] >> 24) & 0xFF]) << 24 - | (ZUC_S1[(F_R[0] >> 16) & 0xFF]) << 16 - | (ZUC_S0[(F_R[0] >> 8) & 0xFF]) << 8 - | (ZUC_S1[F_R[0] & 0xFF]); - F_R[1] = l2((W2 << 16) | (W1 >> 16)); - F_R[1] = (ZUC_S0[(F_R[1] >> 24) & 0xFF]) << 24 - | (ZUC_S1[(F_R[1] >> 16) & 0xFF]) << 16 - | (ZUC_S0[(F_R[1] >> 8) & 0xFF]) << 8 - | (ZUC_S1[F_R[1] & 0xFF]); - - return W; -}; - -/************************************************************ -Function: zuc_standard_init -Description: Initialisation process of ZUC -Calls: ZUC_LINK_TO_S,br,f,lfsr_with_init_mode -Called By: zuc_genkeystream -Input: k:initial key - iv:initial vector -Output: LFSR_S[]:the state of LFSR after initialisation:s0,s1,s2,..s15 - BR_X[] : the current value:X0,X1,X2,X3 - F_R[]:the current value:R1,R2,F_R[0]=R1,F_R[1]=R2 -Return: Null -Others: -************************************************************/ -void zuc_standard_init(unsigned char k[], unsigned char iv[], uint32_t LFSR_S[], uint32_t - BR_X[], uint32_t F_R[]) -{ - unsigned char count = 32; - int i; - - //loading key to the LFSR s0,s1,s2....s15 - printf("\ninitial state of LFSR: S[0]-S[15]\n"); - for (i = 0; i < 16; i++) - { - LFSR_S[i] = ZUC_LINK_TO_S(k[i], ZUC_D[i], iv[i]); - printf("%08x ", LFSR_S[i]); - } - - F_R[0] = 0x00; //R1 - F_R[1] = 0x00; //R2 - - while (count) //32 times - { - uint32_t W; - br( LFSR_S, BR_X); //BitReconstruction - W = f(BR_X, F_R); //nonlinear function - lfsr_with_init_mode(LFSR_S, W >> 1); - count--; - } -} - -/************************************************************ -Function: zuc_standard_work -Description: working stage of ZUC -Calls: br,f,lfsr_with_work_mode -Called By: zuc_genkeystream -Input: LFSR_S[]:the state of LFSR after initialisation:s0,s1,s2,..s15 - BR_X[] : X0,X1,X2,X3 - F_R[]:R1,R2 -Output: pKeyStream[]:key stream - KeyStreamLen:the length of KeyStream,exporting 32bit for a beat -Return: Null -Others: -************************************************************/ -void zuc_standard_work(uint32_t LFSR_S[], uint32_t BR_X[], uint32_t F_R[], uint32_t - pKeyStream[], int KeyStreamLen) -{ - int i = 0; - br(LFSR_S, BR_X); - f(BR_X, F_R); - lfsr_with_work_mode(LFSR_S); - - while (i < KeyStreamLen) - { - br( LFSR_S, BR_X); - pKeyStream[i] = f(BR_X, F_R) ^ BR_X[3]; - lfsr_with_work_mode(LFSR_S); - i++; - } -} - -/**************************************************************** -Function: zuc_genkeystream -Description: generate key stream -Calls: zuc_standard_init,zuc_standard_work -Called By: ZUC_SelfCheck -Input: k[] //initial key,128bit - iv[] //initial iv,128bit - KeyStreamLen //the byte length of KeyStream,exporting 32bit for a beat -Output: KeyStream[] // key strem to be outputed -Return: null -Others: -****************************************************************/ -void zuc_genkeystream(unsigned char k[], unsigned char iv[], uint32_t KeyStream[], int - KeyStreamLen) -{ - - uint32_t LFSR_S[16]; //LFSR state s0,s1,s2,...s15 - uint32_t BR_X[4]; //Bit Reconstruction X0,X1,X2,X3 - uint32_t F_R[2]; //R1,R2,variables of nonlinear function f - int i; - - //Initialisation - zuc_standard_init(k, iv, LFSR_S, BR_X, F_R); - printf("\nstate of LFSR after executing initialization: S[0]-S[15]\n"); - for (i = 0; i < 16; i++) - { - printf("%08x ", LFSR_S[i]); - } - printf("\ninternal state of Finite State Machine:\n"); - printf("R1=%08x\n", F_R[0]); - printf("R2=%08x\n", F_R[1]); - - //Working - zuc_standard_work(LFSR_S, BR_X, F_R, KeyStream, KeyStreamLen); -} - - -/**************************************************************** -Function: zuc_confidentiality -Description: the ZUC-based condifentiality algorithm -Calls: zuc_genkeystream -Called By: ZUC_SelfCheck -Input: CK[] //initial key,128bit,uesed to gain the key of ZUC KeyStream -generation algorithm - COUNT //128bit - BEARER //5bit,bearing layer identification, - DIRECTION //1bit - IBS[] //input bit stream, - LENGTH //the bit length of IBS -Output: OBS[] //output bit stream, -Return: null -Others: -****************************************************************/ -void zuc_confidentiality(unsigned char CK[], uint32_t COUNT, unsigned char BEARER, unsigned - char DIRECTION, uint32_t IBS[], int LENGTH, uint32_t OBS[]) - -{ - uint32_t *k; - int L, i, t; - unsigned char iv[16]; - - //generate vector iv1,iv2,...iv15 - iv[0] = (unsigned char)(COUNT >> 24); - iv[1] = (unsigned char)((COUNT >> 16) & 0xff); - iv[2] = (unsigned char)((COUNT >> 8) & 0xff); - iv[3] = (unsigned char)(COUNT & 0xff); - iv[4] = (((BEARER << 3) | (DIRECTION << 2)) & 0xfc); - iv[5] = 0x00; - iv[6] = 0x00; - iv[7] = 0x00; - iv[8] = iv[0]; - iv[9] = iv[1]; - iv[10] = iv[2]; - iv[11] = iv[3]; - iv[12] = iv[4]; - iv[13] = iv[5]; - iv[14] = iv[6]; - iv[15] = iv[7]; - - //L,the length of key stream,taking 32bit as a unit - L = (LENGTH + 31) / 32; - k = malloc(sizeof(uint32_t) * L); - - //generate key stream k - zuc_genkeystream(CK, iv, k, L); //generate key stream - - //OBS=IBS^k - for (i = 0; i < L; i++) - { - OBS[i] = IBS[i] ^ k[i]; - } - t = LENGTH % 32; - if (t) - { - OBS[L - 1] = ((OBS[L - 1] >> (32 - t)) << (32 - t)); - } - free(k); -} - -/**************************************************************** -Function: zuc_integrity -Description: the ZUC-based integrity algorithm -Calls: zuc_genkeystream,bit_value,get_word -Called By: ZUC_SelfCheck -Input: IK[] //integrity key,128bit,uesed to gain the key of ZUC KeyStream -generation algorithm - COUNT //128bit - BEARER //5bit,bearing layer identification, - DIRECTION //1bit - M[] //message - LENGTH //the bit length of M -Output: -Return: MAC //message authentication code -Others: -****************************************************************/ -uint32_t zuc_integrity(unsigned char IK[], uint32_t COUNT, unsigned char BEARER, unsigned - char DIRECTION, uint32_t M[], int LENGTH) -{ - uint32_t *k, ki, MAC; - int L, i; - unsigned char iv[16]; - uint32_t T = 0; - - //generate vector iv1,iv2,...iv15 - iv[0] = (unsigned char)(COUNT >> 24); - iv[1] = (unsigned char)((COUNT >> 16) & 0xff); - iv[2] = (unsigned char)((COUNT >> 8) & 0xff); - iv[3] = (unsigned char)(COUNT & 0xff); - iv[4] = BEARER << 3; - iv[5] = 0x00; - iv[6] = 0x00; - iv[7] = 0x00; - iv[8] = iv[0] ^ (DIRECTION << 7); - iv[9] = iv[1]; - iv[10] = iv[2]; - iv[11] = iv[3]; - iv[12] = iv[4]; - iv[13] = iv[5]; - iv[14] = iv[6] ^ (DIRECTION << 7); - iv[15] = iv[7]; - - //L,the length of key stream,taking 32bit as a unit - L = (LENGTH + 31) / 32 + 2; - k = malloc(sizeof(uint32_t) * L); - - //generate key stream k - zuc_genkeystream(IK, iv, k, L); - - //T=T^ki - for (i = 0; i < LENGTH; i++) - { - if (bit_value(M, i)) - { - ki = get_word(k, i); - T = T ^ ki; - } - } - - //T=T^kLENGTH - ki = get_word(k, LENGTH); - T = T ^ ki; - - //MAC=T^k(32*(L-1)) - ki = get_word(k, 32 * (L - 1)); - MAC = T ^ ki; - - free(k); - return MAC; -} - - - - diff --git a/engines/vendor_defns/miracl.h b/engines/vendor_defns/miracl.h deleted file mode 100644 index 1b8a5b16..00000000 --- a/engines/vendor_defns/miracl.h +++ /dev/null @@ -1,1569 +0,0 @@ -/*************************************************************************** - * -Copyright 2013 CertiVox IOM Ltd. * - * -This file is part of CertiVox MIRACL Crypto SDK. * - * -The CertiVox MIRACL Crypto SDK provides developers with an * -extensive and efficient set of cryptographic functions. * -For further information about its features and functionalities please * -refer to http://www.certivox.com * - * -* The CertiVox MIRACL Crypto SDK is free software: you can * - redistribute it and/or modify it under the terms of the * - GNU Affero General Public License as published by the * - Free Software Foundation, either version 3 of the License, * - or (at your option) any later version. * - * -* The CertiVox MIRACL Crypto SDK is distributed in the hope * - that it will be useful, but WITHOUT ANY WARRANTY; without even the * - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * - See the GNU Affero General Public License for more details. * - * -* You should have received a copy of the GNU Affero General Public * - License along with CertiVox MIRACL Crypto SDK. * - If not, see . * - * -You can be released from the requirements of the license by purchasing * -a commercial license. Buying such a license is mandatory as soon as you * -develop commercial activities involving the CertiVox MIRACL Crypto SDK * -without disclosing the source code of your own applications, or shipping * -the CertiVox MIRACL Crypto SDK with a closed source product. * - * -***************************************************************************/ - -#ifndef HEADER_MIRACL_H -#define HEADER_MIRACL_H - -/* - * main MIRACL header - miracl.h. - */ - -#include "mirdef.h" - -/* Some modifiable defaults... */ - -/* Use a smaller buffer if space is limited, don't be so wasteful! */ - -#ifdef __cplusplus -extern "C"{ -#endif - -#ifdef MR_STATIC -#define MR_DEFAULT_BUFFER_SIZE 260 -#else -#define MR_DEFAULT_BUFFER_SIZE 1024 -#endif - -/* see mrgf2m.c */ - -#ifndef MR_KARATSUBA -#define MR_KARATSUBA 2 -#endif - -#ifndef MR_DOUBLE_BIG - -#ifdef MR_KCM - #ifdef MR_FLASH - #define MR_SPACES 32 - #else - #define MR_SPACES 31 - #endif -#else - #ifdef MR_FLASH - #define MR_SPACES 28 - #else - #define MR_SPACES 27 - #endif -#endif - -#else - -#ifdef MR_KCM - #ifdef MR_FLASH - #define MR_SPACES 44 - #else - #define MR_SPACES 43 - #endif -#else - #ifdef MR_FLASH - #define MR_SPACES 40 - #else - #define MR_SPACES 39 - #endif -#endif - -#endif - -/* To avoid name clashes - undefine this */ - -/* #define compare mr_compare */ - -#ifdef MR_AVR -#include -#endif - -/* size of bigs and elliptic curve points for memory allocation from stack or heap */ - -#define MR_ROUNDUP(a,b) ((a)-1)/(b)+1 - -#define MR_SL sizeof(long) - -#ifdef MR_STATIC - -#define MR_SIZE (((sizeof(struct bigtype)+(MR_STATIC+2)*sizeof(mr_utype))-1)/MR_SL+1)*MR_SL -#define MR_BIG_RESERVE(n) ((n)*MR_SIZE+MR_SL) - -#ifdef MR_AFFINE_ONLY -#define MR_ESIZE (((sizeof(epoint)+MR_BIG_RESERVE(2))-1)/MR_SL+1)*MR_SL -#else -#define MR_ESIZE (((sizeof(epoint)+MR_BIG_RESERVE(3))-1)/MR_SL+1)*MR_SL -#endif -#define MR_ECP_RESERVE(n) ((n)*MR_ESIZE+MR_SL) - -#define MR_ESIZE_A (((sizeof(epoint)+MR_BIG_RESERVE(2))-1)/MR_SL+1)*MR_SL -#define MR_ECP_RESERVE_A(n) ((n)*MR_ESIZE_A+MR_SL) - - -#endif - -/* useful macro to convert size of big in words, to size of required structure */ - -#define mr_size(n) (((sizeof(struct bigtype)+((n)+2)*sizeof(mr_utype))-1)/MR_SL+1)*MR_SL -#define mr_big_reserve(n,m) ((n)*mr_size(m)+MR_SL) - -#define mr_esize_a(n) (((sizeof(epoint)+mr_big_reserve(2,(n)))-1)/MR_SL+1)*MR_SL -#define mr_ecp_reserve_a(n,m) ((n)*mr_esize_a(m)+MR_SL) - -#ifdef MR_AFFINE_ONLY -#define mr_esize(n) (((sizeof(epoint)+mr_big_reserve(2,(n)))-1)/MR_SL+1)*MR_SL -#else -#define mr_esize(n) (((sizeof(epoint)+mr_big_reserve(3,(n)))-1)/MR_SL+1)*MR_SL -#endif -#define mr_ecp_reserve(n,m) ((n)*mr_esize(m)+MR_SL) - - -/* if basic library is static, make sure and use static C++ */ - -#ifdef MR_STATIC - #ifndef BIGS - #define BIGS MR_STATIC - #endif - #ifndef ZZNS - #define ZZNS MR_STATIC - #endif - #ifndef GF2MS - #define GF2MS MR_STATIC - #endif -#endif - -#ifdef __ia64__ -#if MIRACL==64 -#define MR_ITANIUM -#include -#endif -#endif - -#ifdef _M_X64 -#ifdef _WIN64 -#if MIRACL==64 -#define MR_WIN64 -#include -#endif -#endif -#endif - -#ifndef MR_NO_FILE_IO -#include -#endif - /* error returns */ - -#define MR_ERR_BASE_TOO_BIG 1 -#define MR_ERR_DIV_BY_ZERO 2 -#define MR_ERR_OVERFLOW 3 -#define MR_ERR_NEG_RESULT 4 -#define MR_ERR_BAD_FORMAT 5 -#define MR_ERR_BAD_BASE 6 -#define MR_ERR_BAD_PARAMETERS 7 -#define MR_ERR_OUT_OF_MEMORY 8 -#define MR_ERR_NEG_ROOT 9 -#define MR_ERR_NEG_POWER 10 -#define MR_ERR_BAD_ROOT 11 -#define MR_ERR_INT_OP 12 -#define MR_ERR_FLASH_OVERFLOW 13 -#define MR_ERR_TOO_BIG 14 -#define MR_ERR_NEG_LOG 15 -#define MR_ERR_DOUBLE_FAIL 16 -#define MR_ERR_IO_OVERFLOW 17 -#define MR_ERR_NO_MIRSYS 18 -#define MR_ERR_BAD_MODULUS 19 -#define MR_ERR_NO_MODULUS 20 -#define MR_ERR_EXP_TOO_BIG 21 -#define MR_ERR_NOT_SUPPORTED 22 -#define MR_ERR_NOT_DOUBLE_LEN 23 -#define MR_ERR_NOT_IRREDUC 24 -#define MR_ERR_NO_ROUNDING 25 -#define MR_ERR_NOT_BINARY 26 -#define MR_ERR_NO_BASIS 27 -#define MR_ERR_COMPOSITE_MODULUS 28 -#define MR_ERR_DEV_RANDOM 29 - - /* some useful definitions */ - -#define forever for(;;) - -#define mr_abs(x) ((x)<0? (-(x)) : (x)) - -#ifndef TRUE - #define TRUE 1 -#endif -#ifndef FALSE - #define FALSE 0 -#endif - -#define OFF 0 -#define ON 1 -#define PLUS 1 -#define MINUS (-1) - -#define M1 (MIRACL-1) -#define M2 (MIRACL-2) -#define M3 (MIRACL-3) -#define M4 (MIRACL-4) -#define TOPBIT ((mr_small)1<= MR_IBITS -#define MR_TOOBIG (1<<(MR_IBITS-2)) -#else -#define MR_TOOBIG (1<<(MIRACL-1)) -#endif - -#ifdef MR_FLASH -#define MR_EBITS (8*sizeof(double) - MR_FLASH) - /* no of Bits per double exponent */ -#define MR_BTS 16 -#define MR_MSK 0xFFFF - -#endif - -/* Default Hash function output size in bytes */ -#define MR_HASH_BYTES 32 - -/* Marsaglia & Zaman Random number generator */ -/* constants alternatives */ -#define NK 37 /* 21 */ -#define NJ 24 /* 6 */ -#define NV 14 /* 8 */ - -/* Use smaller values if memory is precious */ - -#ifdef mr_dltype - -#ifdef MR_LITTLE_ENDIAN -#define MR_BOT 0 -#define MR_TOP 1 -#endif -#ifdef MR_BIG_ENDIAN -#define MR_BOT 1 -#define MR_TOP 0 -#endif - -union doubleword -{ - mr_large d; - mr_small h[2]; -}; - -#endif - -/* chinese remainder theorem structures */ - -typedef struct { -big *C; -big *V; -big *M; -int NP; -} big_chinese; - -typedef struct { -mr_utype *C; -mr_utype *V; -mr_utype *M; -int NP; -} small_chinese; - -/* Cryptographically strong pseudo-random number generator */ - -typedef struct { -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; -int pool_ptr; -char pool[MR_HASH_BYTES]; /* random pool */ -} csprng; - -/* secure hash Algorithm structure */ - -typedef struct { -mr_unsign32 length[2]; -mr_unsign32 h[8]; -mr_unsign32 w[80]; -} sha256; - -typedef sha256 sha; - -#ifdef mr_unsign64 - -typedef struct { -mr_unsign64 length[2]; -mr_unsign64 h[8]; -mr_unsign64 w[80]; -} sha512; - -typedef sha512 sha384; - -typedef struct { -mr_unsign64 length; -mr_unsign64 S[5][5]; -int rate,len; -} sha3; - -#endif - -/* Symmetric Encryption algorithm structure */ - -#define MR_ECB 0 -#define MR_CBC 1 -#define MR_CFB1 2 -#define MR_CFB2 3 -#define MR_CFB4 5 -#define MR_PCFB1 10 -#define MR_PCFB2 11 -#define MR_PCFB4 13 -#define MR_OFB1 14 -#define MR_OFB2 15 -#define MR_OFB4 17 -#define MR_OFB8 21 -#define MR_OFB16 29 - -typedef struct { -int Nk,Nr; -int mode; -mr_unsign32 fkey[60]; -mr_unsign32 rkey[60]; -char f[16]; -} aes; - -/* AES-GCM suppport. See mrgcm.c */ - -#define GCM_ACCEPTING_HEADER 0 -#define GCM_ACCEPTING_CIPHER 1 -#define GCM_NOT_ACCEPTING_MORE 2 -#define GCM_FINISHED 3 -#define GCM_ENCRYPTING 0 -#define GCM_DECRYPTING 1 - -typedef struct { -mr_unsign32 table[128][4]; /* 2k bytes */ -MR_BYTE stateX[16]; -MR_BYTE Y_0[16]; -mr_unsign32 counter; -mr_unsign32 lenA[2],lenC[2]; -int status; -aes a; -} gcm; - - /* Elliptic curve point status */ - -#define MR_EPOINT_GENERAL 0 -#define MR_EPOINT_NORMALIZED 1 -#define MR_EPOINT_INFINITY 2 - -#define MR_NOTSET 0 -#define MR_PROJECTIVE 0 -#define MR_AFFINE 1 -#define MR_BEST 2 -#define MR_TWIST 8 - -#define MR_OVER 0 -#define MR_ADD 1 -#define MR_DOUBLE 2 - -/* Twist type */ - -#define MR_QUADRATIC 2 -#define MR_CUBIC_M 0x3A -#define MR_CUBIC_D 0x3B -#define MR_QUARTIC_M 0x4A -#define MR_QUARTIC_D 0x4B -#define MR_SEXTIC_M 0x6A -#define MR_SEXTIC_D 0x6B - - -/* Fractional Sliding Windows for ECC - how much precomputation storage to use ? */ -/* Note that for variable point multiplication there is an optimal value - which can be reduced if space is short. For fixed points its a matter of - how much ROM is available to store precomputed points. - We are storing the k points (P,3P,5P,7P,...,[2k-1].P) */ - -/* These values can be manually tuned for optimal performance... */ - -#ifdef MR_SMALL_EWINDOW -#define MR_ECC_STORE_N 3 /* point store for ecn variable point multiplication */ -#define MR_ECC_STORE_2M 3 /* point store for ec2m variable point multiplication */ -#define MR_ECC_STORE_N2 3 /* point store for ecn2 variable point multiplication */ -#else -#define MR_ECC_STORE_N 8 /* 8/9 is close to optimal for 256 bit exponents */ -#define MR_ECC_STORE_2M 9 -#define MR_ECC_STORE_N2 8 -#endif - -/*#define MR_ECC_STORE_N2_PRECOMP MR_ECC_STORE_N2 */ - /* Might want to make this bigger.. */ - -/* If multi-addition is of m points, and s precomputed values are required, this is max of m*s (=4.10?) */ -#define MR_MAX_M_T_S 64 - -/* Elliptic Curve epoint structure. Uses projective (X,Y,Z) co-ordinates */ - -typedef struct { -int marker; -big X; -big Y; -#ifndef MR_AFFINE_ONLY -big Z; -#endif -} epoint; - - -/* Structure for Comb method for finite * - field exponentiation with precomputation */ - -typedef struct { -#ifdef MR_STATIC - const mr_small *table; -#else - mr_small *table; -#endif - big n; - int window; - int max; -} brick; - -/* Structure for Comb method for elliptic * - curve exponentiation with precomputation */ - -typedef struct { -#ifdef MR_STATIC - const mr_small *table; -#else - mr_small *table; -#endif - big a,b,n; - int window; - int max; -} ebrick; - -typedef struct { -#ifdef MR_STATIC - const mr_small *table; -#else - mr_small *table; -#endif - big a6,a2; - int m,a,b,c; - int window; - int max; -} ebrick2; - -typedef struct -{ - big a; - big b; -} zzn2; - -typedef struct -{ - zzn2 a; - zzn2 b; - BOOL unitary; -} zzn4; - -typedef struct -{ - int marker; - zzn2 x; - zzn2 y; -#ifndef MR_AFFINE_ONLY - zzn2 z; -#endif - -} ecn2; - -typedef struct -{ - big a; - big b; - big c; -} zzn3; - -typedef struct -{ - zzn2 a; - zzn2 b; - zzn2 c; -} zzn6_3x2; - -/* main MIRACL instance structure */ - -/* ------------------------------------------------------------------------*/ - -typedef struct { -mr_small base; /* number base */ -mr_small apbase; /* apparent base */ -int pack; /* packing density */ -int lg2b; /* bits in base */ -mr_small base2; /* 2^mr_lg2b */ -BOOL (*user)(void); /* pointer to user supplied function */ - -int nib; /* length of bigs */ -#ifndef MR_STRIPPED_DOWN -int depth; /* error tracing ..*/ -int trace[MR_MAXDEPTH]; /* .. mechanism */ -#endif -BOOL check; /* overflow check */ -BOOL fout; /* Output to file */ -BOOL fin; /* Input from file */ -BOOL active; - -#ifndef MR_NO_FILE_IO - -FILE *infile; /* Input file */ -FILE *otfile; /* Output file */ - -#endif - - -#ifndef MR_NO_RAND -mr_unsign32 ira[NK]; /* random number... */ -int rndptr; /* ...array & pointer */ -mr_unsign32 borrow; -#endif - - /* Montgomery constants */ -mr_small ndash; -big modulus; -big pR; -BOOL ACTIVE; -BOOL MONTY; - - /* Elliptic Curve details */ -#ifndef MR_NO_SS -BOOL SS; /* True for Super-Singular */ -#endif -#ifndef MR_NOKOBLITZ -BOOL KOBLITZ; /* True for a Koblitz curve */ -#endif -#ifndef MR_AFFINE_ONLY -int coord; -#endif -int Asize,Bsize; - -int M,AA,BB,CC; /* for GF(2^m) curves */ - -/* -mr_small pm,mask; -int e,k,Me,m; for GF(p^m) curves */ - - -#ifndef MR_STATIC - -int logN; /* constants for fast fourier fft multiplication */ -int nprimes,degree; -mr_utype *prime,*cr; -mr_utype *inverse,**roots; -small_chinese chin; -mr_utype const1,const2,const3; -mr_small msw,lsw; -mr_utype **s1,**s2; /* pre-computed tables for polynomial reduction */ -mr_utype **t; /* workspace */ -mr_utype *wa; -mr_utype *wb; -mr_utype *wc; - -#endif - -BOOL same; -BOOL first_one; -BOOL debug; - -big w0; /* workspace bigs */ -big w1,w2,w3,w4; -big w5,w6,w7; -big w8,w9,w10,w11; -big w12,w13,w14,w15; -big sru; -big one; - -#ifdef MR_KCM -big big_ndash; -big ws,wt; -#endif - -big A,B; - -/* User modifiables */ - -#ifndef MR_SIMPLE_IO -int IOBSIZ; /* size of i/o buffer */ -#endif -BOOL ERCON; /* error control */ -int ERNUM; /* last error code */ -int NTRY; /* no. of tries for probablistic primality testing */ -#ifndef MR_SIMPLE_IO -int INPLEN; /* input length */ -#ifndef MR_SIMPLE_BASE -int IOBASE; /* base for input and output */ - -#endif -#endif -#ifdef MR_FLASH -BOOL EXACT; /* exact flag */ -BOOL RPOINT; /* =ON for radix point, =OFF for fractions in output */ -#endif -#ifndef MR_STRIPPED_DOWN -BOOL TRACER; /* turns trace tracker on/off */ -#endif - -#ifdef MR_STATIC -const int *PRIMES; /* small primes array */ -#ifndef MR_SIMPLE_IO -char IOBUFF[MR_DEFAULT_BUFFER_SIZE]; /* i/o buffer */ -#endif -#else -int *PRIMES; /* small primes array */ -#ifndef MR_SIMPLE_IO -char *IOBUFF; /* i/o buffer */ -#endif -#endif - -#ifdef MR_FLASH -int workprec; -int stprec; /* start precision */ - -int RS,RD; -double D; - -double db,n,p; -int a,b,c,d,r,q,oldn,ndig; -mr_small u,v,ku,kv; - -BOOL last,carryon; -flash pi; - -#endif - -#ifdef MR_FP_ROUNDING -mr_large inverse_base; -#endif - -#ifndef MR_STATIC -char *workspace; -#else -char workspace[MR_BIG_RESERVE(MR_SPACES)]; -#endif - -int TWIST; /* set to twisted curve */ -int qnr; /* a QNR -1 for p=3 mod 4, -2 for p=5 mod 8, 0 otherwise */ -int cnr; /* a cubic non-residue */ -int pmod8; -int pmod9; -BOOL NO_CARRY; -} miracl; - -/* ------------------------------------------------------------------------*/ - - -#ifndef MR_GENERIC_MT - -#ifdef MR_WINDOWS_MT -#define MR_OS_THREADS -#endif - -#ifdef MR_UNIX_MT -#define MR_OS_THREADS -#endif - -#ifdef MR_OPENMP_MT -#define MR_OS_THREADS -#endif - - -#ifndef MR_OS_THREADS - -extern miracl *mr_mip; /* pointer to MIRACL's only global variable */ - -#endif - -#endif - -#ifdef MR_GENERIC_MT - -#ifdef MR_STATIC -#define MR_GENERIC_AND_STATIC -#endif - -#define _MIPT_ miracl *, -#define _MIPTO_ miracl * -#define _MIPD_ miracl *mr_mip, -#define _MIPDO_ miracl *mr_mip -#define _MIPP_ mr_mip, -#define _MIPPO_ mr_mip - -#else - -#define _MIPT_ -#define _MIPTO_ void -#define _MIPD_ -#define _MIPDO_ void -#define _MIPP_ -#define _MIPPO_ - -#endif - -/* Preamble and exit code for MIRACL routines. * - * Not used if MR_STRIPPED_DOWN is defined */ - -#ifdef MR_STRIPPED_DOWN -#define MR_OUT -#define MR_IN(N) -#else -#define MR_OUT mr_mip->depth--; -#define MR_IN(N) mr_mip->depth++; if (mr_mip->depthtrace[mr_mip->depth]=(N); if (mr_mip->TRACER) mr_track(_MIPPO_); } -#endif - -/* Function definitions */ - -/* Group 0 - Internal routines */ - -extern void mr_berror(_MIPT_ int); -extern mr_small mr_shiftbits(mr_small,int); -extern mr_small mr_setbase(_MIPT_ mr_small); -extern void mr_track(_MIPTO_ ); -extern void mr_lzero(big); -extern BOOL mr_notint(flash); -extern int mr_lent(flash); -extern void mr_padd(_MIPT_ big,big,big); -extern void mr_psub(_MIPT_ big,big,big); -extern void mr_pmul(_MIPT_ big,mr_small,big); -#ifdef MR_FP_ROUNDING -extern mr_large mr_invert(mr_small); -extern mr_small imuldiv(mr_small,mr_small,mr_small,mr_small,mr_large,mr_small *); -extern mr_small mr_sdiv(_MIPT_ big,mr_small,mr_large,big); -#else -extern mr_small mr_sdiv(_MIPT_ big,mr_small,big); -extern void mr_and(big,big,big); -extern void mr_xor(big,big,big); -#endif -extern void mr_shift(_MIPT_ big,int,big); -extern miracl *mr_first_alloc(void); -extern void *mr_alloc(_MIPT_ int,int); -extern void mr_free(void *); -extern void set_user_function(_MIPT_ BOOL (*)(void)); -extern void set_io_buffer_size(_MIPT_ int); -extern int mr_testbit(_MIPT_ big,int); -extern void mr_addbit(_MIPT_ big,int); -extern int recode(_MIPT_ big ,int ,int ,int ); -extern int mr_window(_MIPT_ big,int,int *,int *,int); -extern int mr_window2(_MIPT_ big,big,int,int *,int *); -extern int mr_naf_window(_MIPT_ big,big,int,int *,int *,int); - -extern int mr_fft_init(_MIPT_ int,big,big,BOOL); -extern void mr_dif_fft(_MIPT_ int,int,mr_utype *); -extern void mr_dit_fft(_MIPT_ int,int,mr_utype *); -extern void fft_reset(_MIPTO_); - -extern int mr_poly_mul(_MIPT_ int,big*,int,big*,big*); -extern int mr_poly_sqr(_MIPT_ int,big*,big*); -extern void mr_polymod_set(_MIPT_ int,big*,big*); -extern int mr_poly_rem(_MIPT_ int,big *,big *); - -extern int mr_ps_big_mul(_MIPT_ int,big *,big *,big *); -extern int mr_ps_zzn_mul(_MIPT_ int,big *,big *,big *); - -extern mr_small muldiv(mr_small,mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvm(mr_small,mr_small,mr_small,mr_small *); -extern mr_small muldvd(mr_small,mr_small,mr_small,mr_small *); -extern void muldvd2(mr_small,mr_small,mr_small *,mr_small *); - -extern flash mirvar_mem_variable(char *,int,int); -extern epoint* epoint_init_mem_variable(_MIPT_ char *,int,int); - -/* Group 1 - General purpose, I/O and basic arithmetic routines */ - -extern unsigned int igcd(unsigned int,unsigned int); -extern unsigned long lgcd(unsigned long,unsigned long); -extern mr_small sgcd(mr_small,mr_small); -extern unsigned int isqrt(unsigned int,unsigned int); -extern unsigned long mr_lsqrt(unsigned long,unsigned long); -extern void irand(_MIPT_ mr_unsign32); -extern mr_small brand(_MIPTO_ ); -extern void zero(flash); -extern void convert(_MIPT_ int,big); -extern void uconvert(_MIPT_ unsigned int,big); -extern void lgconv(_MIPT_ long,big); -extern void ulgconv(_MIPT_ unsigned long,big); -extern void tconvert(_MIPT_ mr_utype,big); - -#ifdef mr_dltype -extern void dlconv(_MIPT_ mr_dltype,big); -#endif - -extern flash mirvar(_MIPT_ int); -extern flash mirvar_mem(_MIPT_ char *,int); -extern void mirkill(big); -extern void *memalloc(_MIPT_ int); -extern void memkill(_MIPT_ char *,int); -extern void mr_init_threading(void); -extern void mr_end_threading(void); -extern miracl *get_mip(void ); -extern void set_mip(miracl *); -#ifdef MR_GENERIC_AND_STATIC -extern miracl *mirsys(miracl *,int,mr_small); -#else -extern miracl *mirsys(int,mr_small); -#endif -extern miracl *mirsys_basic(miracl *,int,mr_small); -extern void mirexit(_MIPTO_ ); -extern int exsign(flash); -extern void insign(int,flash); -extern int getdig(_MIPT_ big,int); -extern int numdig(_MIPT_ big); -extern void putdig(_MIPT_ int,big,int); -extern void copy(flash,flash); -extern void negify(flash,flash); -extern void absol(flash,flash); -extern int size(big); -extern int mr_compare(big,big); -extern void add(_MIPT_ big,big,big); -extern void subtract(_MIPT_ big,big,big); -extern void incr(_MIPT_ big,int,big); -extern void decr(_MIPT_ big,int,big); -extern void premult(_MIPT_ big,int,big); -extern int subdiv(_MIPT_ big,int,big); -extern BOOL subdivisible(_MIPT_ big,int); -extern int remain(_MIPT_ big,int); -extern void bytes_to_big(_MIPT_ int,const char *,big); -extern int big_to_bytes(_MIPT_ int,big,char *,BOOL); -extern mr_small normalise(_MIPT_ big,big); -extern void multiply(_MIPT_ big,big,big); -extern void fft_mult(_MIPT_ big,big,big); -extern BOOL fastmultop(_MIPT_ int,big,big,big); -extern void divide(_MIPT_ big,big,big); -extern BOOL divisible(_MIPT_ big,big); -extern void mad(_MIPT_ big,big,big,big,big,big); -extern int instr(_MIPT_ flash,char *); -extern int otstr(_MIPT_ flash,char *); -extern int cinstr(_MIPT_ flash,char *); -extern int cotstr(_MIPT_ flash,char *); -extern epoint* epoint_init(_MIPTO_ ); -extern epoint* epoint_init_mem(_MIPT_ char *,int); -extern void* ecp_memalloc(_MIPT_ int); -void ecp_memkill(_MIPT_ char *,int); -BOOL init_big_from_rom(big,int,const mr_small *,int ,int *); -BOOL init_point_from_rom(epoint *,int,const mr_small *,int,int *); - -#ifndef MR_NO_FILE_IO - -extern int innum(_MIPT_ flash,FILE *); -extern int otnum(_MIPT_ flash,FILE *); -extern int cinnum(_MIPT_ flash,FILE *); -extern int cotnum(_MIPT_ flash,FILE *); - -#endif - -/* Group 2 - Advanced arithmetic routines */ - -extern mr_small smul(mr_small,mr_small,mr_small); -extern mr_small spmd(mr_small,mr_small,mr_small); -extern mr_small invers(mr_small,mr_small); -extern mr_small sqrmp(mr_small,mr_small); -extern int jac(mr_small,mr_small); - -extern void gprime(_MIPT_ int); -extern int jack(_MIPT_ big,big); -extern int egcd(_MIPT_ big,big,big); -extern int xgcd(_MIPT_ big,big,big,big,big); -extern int invmodp(_MIPT_ big,big,big); -extern int logb2(_MIPT_ big); -extern int hamming(_MIPT_ big); -extern void expb2(_MIPT_ int,big); -extern void bigbits(_MIPT_ int,big); -extern void expint(_MIPT_ int,int,big); -extern void sftbit(_MIPT_ big,int,big); -extern void power(_MIPT_ big,long,big,big); -extern void powmod(_MIPT_ big,big,big,big); -extern void powmod2(_MIPT_ big,big,big,big,big,big); -extern void powmodn(_MIPT_ int,big *,big *,big,big); -extern int powltr(_MIPT_ int,big,big,big); -extern BOOL double_inverse(_MIPT_ big,big,big,big,big); -extern BOOL multi_inverse(_MIPT_ int,big*,big,big*); -extern void lucas(_MIPT_ big,big,big,big,big); -extern BOOL nroot(_MIPT_ big,int,big); -extern BOOL sqroot(_MIPT_ big,big,big); -extern void bigrand(_MIPT_ big,big); -extern void bigdig(_MIPT_ int,int,big); -extern int trial_division(_MIPT_ big,big); -extern BOOL isprime(_MIPT_ big); -extern BOOL nxprime(_MIPT_ big,big); -extern BOOL nxsafeprime(_MIPT_ int,int,big,big); -extern BOOL crt_init(_MIPT_ big_chinese *,int,big *); -extern void crt(_MIPT_ big_chinese *,big *,big); -extern void crt_end(big_chinese *); -extern BOOL scrt_init(_MIPT_ small_chinese *,int,mr_utype *); -extern void scrt(_MIPT_ small_chinese*,mr_utype *,big); -extern void scrt_end(small_chinese *); -#ifndef MR_STATIC -extern BOOL brick_init(_MIPT_ brick *,big,big,int,int); -extern void brick_end(brick *); -#else -extern void brick_init(brick *,const mr_small *,big,int,int); -#endif -extern void pow_brick(_MIPT_ brick *,big,big); -#ifndef MR_STATIC -extern BOOL ebrick_init(_MIPT_ ebrick *,big,big,big,big,big,int,int); -extern void ebrick_end(ebrick *); -#else -extern void ebrick_init(ebrick *,const mr_small *,big,big,big,int,int); -#endif -extern int mul_brick(_MIPT_ ebrick*,big,big,big); -#ifndef MR_STATIC -extern BOOL ebrick2_init(_MIPT_ ebrick2 *,big,big,big,big,int,int,int,int,int,int); -extern void ebrick2_end(ebrick2 *); -#else -extern void ebrick2_init(ebrick2 *,const mr_small *,big,big,int,int,int,int,int,int); -#endif -extern int mul2_brick(_MIPT_ ebrick2*,big,big,big); - -/* Montgomery stuff */ - -extern mr_small prepare_monty(_MIPT_ big); -extern void kill_monty(_MIPTO_ ); -extern void nres(_MIPT_ big,big); -extern void redc(_MIPT_ big,big); - -extern void nres_negate(_MIPT_ big,big); -extern void nres_modadd(_MIPT_ big,big,big); -extern void nres_modsub(_MIPT_ big,big,big); -extern void nres_lazy(_MIPT_ big,big,big,big,big,big); -extern void nres_complex(_MIPT_ big,big,big,big); -extern void nres_double_modadd(_MIPT_ big,big,big); -extern void nres_double_modsub(_MIPT_ big,big,big); -extern void nres_premult(_MIPT_ big,int,big); -extern void nres_modmult(_MIPT_ big,big,big); -extern int nres_moddiv(_MIPT_ big,big,big); -extern void nres_dotprod(_MIPT_ int,big *,big *,big); -extern void nres_powmod(_MIPT_ big,big,big); -extern void nres_powltr(_MIPT_ int,big,big); -extern void nres_powmod2(_MIPT_ big,big,big,big,big); -extern void nres_powmodn(_MIPT_ int,big *,big *,big); -extern BOOL nres_sqroot(_MIPT_ big,big); -extern void nres_lucas(_MIPT_ big,big,big,big); -extern BOOL nres_double_inverse(_MIPT_ big,big,big,big); -extern BOOL nres_multi_inverse(_MIPT_ int,big *,big *); -extern void nres_div2(_MIPT_ big,big); -extern void nres_div3(_MIPT_ big,big); -extern void nres_div5(_MIPT_ big,big); - -extern void shs_init(sha *); -extern void shs_process(sha *,int); -extern void shs_hash(sha *,char *); - -extern void shs256_init(sha256 *); -extern void shs256_process(sha256 *,int); -extern void shs256_hash(sha256 *,char *); - -#ifdef mr_unsign64 - -extern void shs512_init(sha512 *); -extern void shs512_process(sha512 *,int); -extern void shs512_hash(sha512 *,char *); - -extern void shs384_init(sha384 *); -extern void shs384_process(sha384 *,int); -extern void shs384_hash(sha384 *,char *); - -extern void sha3_init(sha3 *,int); -extern void sha3_process(sha3 *,int); -extern void sha3_hash(sha3 *,char *); - -#endif - -extern BOOL aes_init(aes *,int,int,char *,char *); -extern void aes_getreg(aes *,char *); -extern void aes_ecb_encrypt(aes *,MR_BYTE *); -extern void aes_ecb_decrypt(aes *,MR_BYTE *); -extern mr_unsign32 aes_encrypt(aes *,char *); -extern mr_unsign32 aes_decrypt(aes *,char *); -extern void aes_reset(aes *,int,char *); -extern void aes_end(aes *); - -extern void gcm_init(gcm *,int,char *,int,char *); -extern BOOL gcm_add_header(gcm *,char *,int); -extern BOOL gcm_add_cipher(gcm *,int,char *,int,char *); -extern void gcm_finish(gcm *,char *); - -extern void FPE_encrypt(int ,aes *,mr_unsign32 ,mr_unsign32 ,char *,int); -extern void FPE_decrypt(int ,aes *,mr_unsign32 ,mr_unsign32 ,char *,int); - -extern void strong_init(csprng *,int,char *,mr_unsign32); -extern int strong_rng(csprng *); -extern void strong_bigrand(_MIPT_ csprng *,big,big); -extern void strong_bigdig(_MIPT_ csprng *,int,int,big); -extern void strong_kill(csprng *); - -/* special modular multipliers */ - -extern void comba_mult(big,big,big); -extern void comba_square(big,big); -extern void comba_redc(_MIPT_ big,big); -extern void comba_modadd(_MIPT_ big,big,big); -extern void comba_modsub(_MIPT_ big,big,big); -extern void comba_double_modadd(_MIPT_ big,big,big); -extern void comba_double_modsub(_MIPT_ big,big,big); -extern void comba_negate(_MIPT_ big,big); -extern void comba_add(big,big,big); -extern void comba_sub(big,big,big); -extern void comba_double_add(big,big,big); -extern void comba_double_sub(big,big,big); - -extern void comba_mult2(_MIPT_ big,big,big); - -extern void fastmodmult(_MIPT_ big,big,big); -extern void fastmodsquare(_MIPT_ big,big); - -extern void kcm_mul(_MIPT_ big,big,big); -extern void kcm_sqr(_MIPT_ big,big); -extern void kcm_redc(_MIPT_ big,big); - -extern void kcm_multiply(_MIPT_ int,big,big,big); -extern void kcm_square(_MIPT_ int,big,big); -extern BOOL kcm_top(_MIPT_ int,big,big,big); - -/* elliptic curve stuff */ - -extern BOOL point_at_infinity(epoint *); - -extern void mr_jsf(_MIPT_ big,big,big,big,big,big); - -extern void ecurve_init(_MIPT_ big,big,big,int); -extern int ecurve_add(_MIPT_ epoint *,epoint *); -extern int ecurve_sub(_MIPT_ epoint *,epoint *); -extern void ecurve_double_add(_MIPT_ epoint *,epoint *,epoint *,epoint *,big *,big *); -extern void ecurve_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve_double(_MIPT_ epoint*); -extern int ecurve_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern BOOL epoint_x(_MIPT_ big); -extern BOOL epoint_set(_MIPT_ big,big,int,epoint*); -extern int epoint_get(_MIPT_ epoint*,big,big); -extern void epoint_getxyz(_MIPT_ epoint *,big,big,big); -extern BOOL epoint_norm(_MIPT_ epoint *); -extern BOOL epoint_multi_norm(_MIPT_ int,big *,epoint **); -extern void epoint_free(epoint *); -extern void epoint_copy(epoint *,epoint *); -extern BOOL epoint_comp(_MIPT_ epoint *,epoint *); -extern void epoint_negate(_MIPT_ epoint *); - -extern BOOL ecurve2_init(_MIPT_ int,int,int,int,big,big,BOOL,int); -extern big ecurve2_add(_MIPT_ epoint *,epoint *); -extern big ecurve2_sub(_MIPT_ epoint *,epoint *); -extern void ecurve2_multi_add(_MIPT_ int,epoint **,epoint **); -extern void ecurve2_mult(_MIPT_ big,epoint *,epoint *); -extern void ecurve2_mult2(_MIPT_ big,epoint *,big,epoint *,epoint *); -extern void ecurve2_multn(_MIPT_ int,big *,epoint**,epoint *); - -extern epoint* epoint2_init(_MIPTO_ ); -extern BOOL epoint2_set(_MIPT_ big,big,int,epoint*); -extern int epoint2_get(_MIPT_ epoint*,big,big); -extern void epoint2_getxyz(_MIPT_ epoint *,big,big,big); -extern int epoint2_norm(_MIPT_ epoint *); -extern void epoint2_free(epoint *); -extern void epoint2_copy(epoint *,epoint *); -extern BOOL epoint2_comp(_MIPT_ epoint *,epoint *); -extern void epoint2_negate(_MIPT_ epoint *); - -/* GF(2) stuff */ - -extern BOOL prepare_basis(_MIPT_ int,int,int,int,BOOL); -extern int parity2(big); -extern BOOL multi_inverse2(_MIPT_ int,big *,big *); -extern void add2(big,big,big); -extern void incr2(big,int,big); -extern void reduce2(_MIPT_ big,big); -extern void multiply2(_MIPT_ big,big,big); -extern void modmult2(_MIPT_ big,big,big); -extern void modsquare2(_MIPT_ big,big); -extern void power2(_MIPT_ big,int,big); -extern void sqroot2(_MIPT_ big,big); -extern void halftrace2(_MIPT_ big,big); -extern BOOL quad2(_MIPT_ big,big); -extern BOOL inverse2(_MIPT_ big,big); -extern void karmul2(int,mr_small *,mr_small *,mr_small *,mr_small *); -extern void karmul2_poly(_MIPT_ int,big *,big *,big *,big *); -extern void karmul2_poly_upper(_MIPT_ int,big *,big *,big *,big *); -extern void gf2m_dotprod(_MIPT_ int,big *,big *,big); -extern int trace2(_MIPT_ big); -extern void rand2(_MIPT_ big); -extern void gcd2(_MIPT_ big,big,big); -extern int degree2(big); - -/* zzn2 stuff */ - -extern BOOL zzn2_iszero(zzn2 *); -extern BOOL zzn2_isunity(_MIPT_ zzn2 *); -extern void zzn2_from_int(_MIPT_ int,zzn2 *); -extern void zzn2_from_ints(_MIPT_ int,int,zzn2 *); -extern void zzn2_copy(zzn2 *,zzn2 *); -extern void zzn2_zero(zzn2 *); -extern void zzn2_negate(_MIPT_ zzn2 *,zzn2 *); -extern void zzn2_conj(_MIPT_ zzn2 *,zzn2 *); -extern void zzn2_add(_MIPT_ zzn2 *,zzn2 *,zzn2 *); -extern void zzn2_sub(_MIPT_ zzn2 *,zzn2 *,zzn2 *); -extern void zzn2_smul(_MIPT_ zzn2 *,big,zzn2 *); -extern void zzn2_mul(_MIPT_ zzn2 *,zzn2 *,zzn2 *); -extern void zzn2_sqr(_MIPT_ zzn2 *,zzn2 *); -extern void zzn2_inv(_MIPT_ zzn2 *); -extern void zzn2_timesi(_MIPT_ zzn2 *); -extern void zzn2_powl(_MIPT_ zzn2 *,big,zzn2 *); -extern void zzn2_from_zzns(big,big,zzn2 *); -extern void zzn2_from_bigs(_MIPT_ big,big,zzn2 *); -extern void zzn2_from_zzn(big,zzn2 *); -extern void zzn2_from_big(_MIPT_ big, zzn2 *); -extern void zzn2_sadd(_MIPT_ zzn2 *,big,zzn2 *); -extern void zzn2_ssub(_MIPT_ zzn2 *,big,zzn2 *); -extern void zzn2_div2(_MIPT_ zzn2 *); -extern void zzn2_div3(_MIPT_ zzn2 *); -extern void zzn2_div5(_MIPT_ zzn2 *); -extern void zzn2_imul(_MIPT_ zzn2 *,int,zzn2 *); -extern BOOL zzn2_compare(zzn2 *,zzn2 *); -extern void zzn2_txx(_MIPT_ zzn2 *); -extern void zzn2_txd(_MIPT_ zzn2 *); -extern BOOL zzn2_sqrt(_MIPT_ zzn2 *,zzn2 *); -extern BOOL zzn2_qr(_MIPT_ zzn2 *); -extern BOOL zzn2_multi_inverse(_MIPT_ int,zzn2 *,zzn2 *); - - -/* zzn3 stuff */ - -extern void zzn3_set(_MIPT_ int,big); -extern BOOL zzn3_iszero(zzn3 *); -extern BOOL zzn3_isunity(_MIPT_ zzn3 *); -extern void zzn3_from_int(_MIPT_ int,zzn3 *); -extern void zzn3_from_ints(_MIPT_ int,int,int,zzn3 *); -extern void zzn3_copy(zzn3 *,zzn3 *); -extern void zzn3_zero(zzn3 *); -extern void zzn3_negate(_MIPT_ zzn3 *,zzn3 *); -extern void zzn3_powq(_MIPT_ zzn3 *,zzn3 *); -extern void zzn3_add(_MIPT_ zzn3 *,zzn3 *,zzn3 *); -extern void zzn3_sub(_MIPT_ zzn3 *,zzn3 *,zzn3 *); -extern void zzn3_smul(_MIPT_ zzn3 *,big,zzn3 *); -extern void zzn3_mul(_MIPT_ zzn3 *,zzn3 *,zzn3 *); -extern void zzn3_inv(_MIPT_ zzn3 *); -extern void zzn3_timesi(_MIPT_ zzn3 *); -extern void zzn3_timesi2(_MIPT_ zzn3 *); -extern void zzn3_powl(_MIPT_ zzn3 *,big,zzn3 *); -extern void zzn3_from_zzns(big,big,big,zzn3 *); -extern void zzn3_from_bigs(_MIPT_ big,big,big,zzn3 *); -extern void zzn3_from_zzn(big,zzn3 *); -extern void zzn3_from_zzn_1(big,zzn3 *); -extern void zzn3_from_zzn_2(big,zzn3 *); -extern void zzn3_from_big(_MIPT_ big, zzn3 *); -extern void zzn3_sadd(_MIPT_ zzn3 *,big,zzn3 *); -extern void zzn3_ssub(_MIPT_ zzn3 *,big,zzn3 *); -extern void zzn3_div2(_MIPT_ zzn3 *); -extern void zzn3_imul(_MIPT_ zzn3 *,int,zzn3 *); -extern BOOL zzn3_compare(zzn3 *,zzn3 *); - -/* zzn4 stuff */ - -extern BOOL zzn4_iszero(zzn4 *); -extern BOOL zzn4_isunity(_MIPT_ zzn4 *); -extern void zzn4_from_int(_MIPT_ int,zzn4 *); -extern void zzn4_copy(zzn4 *,zzn4 *); -extern void zzn4_zero(zzn4 *); -extern void zzn4_negate(_MIPT_ zzn4 *,zzn4 *); -extern void zzn4_powq(_MIPT_ zzn2 *,zzn4 *); -extern void zzn4_add(_MIPT_ zzn4 *,zzn4 *,zzn4 *); -extern void zzn4_sub(_MIPT_ zzn4 *,zzn4 *,zzn4 *); -extern void zzn4_smul(_MIPT_ zzn4 *,zzn2 *,zzn4 *); -extern void zzn4_sqr(_MIPT_ zzn4 *,zzn4 *); -extern void zzn4_mul(_MIPT_ zzn4 *,zzn4 *,zzn4 *); -extern void zzn4_inv(_MIPT_ zzn4 *); -extern void zzn4_timesi(_MIPT_ zzn4 *); -extern void zzn4_tx(_MIPT_ zzn4 *); -extern void zzn4_from_zzn2s(zzn2 *,zzn2 *,zzn4 *); -extern void zzn4_from_zzn2(zzn2 *,zzn4 *); -extern void zzn4_from_zzn2h(zzn2 *,zzn4 *); -extern void zzn4_from_zzn(big,zzn4 *); -extern void zzn4_from_big(_MIPT_ big , zzn4 *); -extern void zzn4_sadd(_MIPT_ zzn4 *,zzn2 *,zzn4 *); -extern void zzn4_ssub(_MIPT_ zzn4 *,zzn2 *,zzn4 *); -extern void zzn4_div2(_MIPT_ zzn4 *); -extern void zzn4_conj(_MIPT_ zzn4 *,zzn4 *); -extern void zzn4_imul(_MIPT_ zzn4 *,int,zzn4 *); -extern void zzn4_lmul(_MIPT_ zzn4 *,big,zzn4 *); -extern BOOL zzn4_compare(zzn4 *,zzn4 *); - -/* ecn2 stuff */ - -extern BOOL ecn2_iszero(ecn2 *); -extern void ecn2_copy(ecn2 *,ecn2 *); -extern void ecn2_zero(ecn2 *); -extern BOOL ecn2_compare(_MIPT_ ecn2 *,ecn2 *); -extern void ecn2_norm(_MIPT_ ecn2 *); -extern void ecn2_get(_MIPT_ ecn2 *,zzn2 *,zzn2 *,zzn2 *); -extern void ecn2_getxy(ecn2 *,zzn2 *,zzn2 *); -extern void ecn2_getx(ecn2 *,zzn2 *); -extern void ecn2_getz(_MIPT_ ecn2 *,zzn2 *); -extern void ecn2_rhs(_MIPT_ zzn2 *,zzn2 *); -extern BOOL ecn2_set(_MIPT_ zzn2 *,zzn2 *,ecn2 *); -extern BOOL ecn2_setx(_MIPT_ zzn2 *,ecn2 *); -extern void ecn2_setxyz(_MIPT_ zzn2 *,zzn2 *,zzn2 *,ecn2 *); -extern void ecn2_negate(_MIPT_ ecn2 *,ecn2 *); -extern BOOL ecn2_add3(_MIPT_ ecn2 *,ecn2 *,zzn2 *,zzn2 *,zzn2 *); -extern BOOL ecn2_add2(_MIPT_ ecn2 *,ecn2 *,zzn2 *,zzn2 *); -extern BOOL ecn2_add1(_MIPT_ ecn2 *,ecn2 *,zzn2 *); -extern BOOL ecn2_add(_MIPT_ ecn2 *,ecn2 *); -extern BOOL ecn2_sub(_MIPT_ ecn2 *,ecn2 *); -extern BOOL ecn2_add_sub(_MIPT_ ecn2 *,ecn2 *,ecn2 *,ecn2 *); -extern int ecn2_mul2_jsf(_MIPT_ big,ecn2 *,big,ecn2 *,ecn2 *); -extern int ecn2_mul(_MIPT_ big,ecn2 *); -extern void ecn2_psi(_MIPT_ zzn2 *,ecn2 *); -extern BOOL ecn2_multi_norm(_MIPT_ int ,zzn2 *,ecn2 *); -extern int ecn2_mul4_gls_v(_MIPT_ big *,int,ecn2 *,big *,ecn2 *,zzn2 *,ecn2 *); -extern int ecn2_muln_engine(_MIPT_ int,int,int,int,big *,big *,big *,big *,ecn2 *,ecn2 *,ecn2 *); -extern void ecn2_precomp_gls(_MIPT_ int,BOOL,ecn2 *,zzn2 *,ecn2 *); -extern int ecn2_mul2_gls(_MIPT_ big *,ecn2 *,zzn2 *,ecn2 *); -extern void ecn2_precomp(_MIPT_ int,BOOL,ecn2 *,ecn2 *); -extern int ecn2_mul2(_MIPT_ big,int,ecn2 *,big,ecn2 *,ecn2 *); -#ifndef MR_STATIC -extern BOOL ecn2_brick_init(_MIPT_ ebrick *,zzn2 *,zzn2 *,big,big,big,int,int); -extern void ecn2_brick_end(ebrick *); -#else -extern void ebrick_init(ebrick *,const mr_small *,big,big,big,int,int); -#endif -extern void ecn2_mul_brick_gls(_MIPT_ ebrick *B,big *,zzn2 *,zzn2 *,zzn2 *); -extern void ecn2_multn(_MIPT_ int,big *,ecn2 *,ecn2 *); -extern void ecn2_mult4(_MIPT_ big *,ecn2 *,ecn2 *); -/* Group 3 - Floating-slash routines */ - -#ifdef MR_FLASH -extern void fpack(_MIPT_ big,big,flash); -extern void numer(_MIPT_ flash,big); -extern void denom(_MIPT_ flash,big); -extern BOOL fit(big,big,int); -extern void build(_MIPT_ flash,int (*)(_MIPT_ big,int)); -extern void mround(_MIPT_ big,big,flash); -extern void flop(_MIPT_ flash,flash,int *,flash); -extern void fmul(_MIPT_ flash,flash,flash); -extern void fdiv(_MIPT_ flash,flash,flash); -extern void fadd(_MIPT_ flash,flash,flash); -extern void fsub(_MIPT_ flash,flash,flash); -extern int fcomp(_MIPT_ flash,flash); -extern void fconv(_MIPT_ int,int,flash); -extern void frecip(_MIPT_ flash,flash); -extern void ftrunc(_MIPT_ flash,big,flash); -extern void fmodulo(_MIPT_ flash,flash,flash); -extern void fpmul(_MIPT_ flash,int,int,flash); -extern void fincr(_MIPT_ flash,int,int,flash); -extern void dconv(_MIPT_ double,flash); -extern double fdsize(_MIPT_ flash); -extern void frand(_MIPT_ flash); - -/* Group 4 - Advanced Flash routines */ - -extern void fpower(_MIPT_ flash,int,flash); -extern BOOL froot(_MIPT_ flash,int,flash); -extern void fpi(_MIPT_ flash); -extern void fexp(_MIPT_ flash,flash); -extern void flog(_MIPT_ flash,flash); -extern void fpowf(_MIPT_ flash,flash,flash); -extern void ftan(_MIPT_ flash,flash); -extern void fatan(_MIPT_ flash,flash); -extern void fsin(_MIPT_ flash,flash); -extern void fasin(_MIPT_ flash,flash); -extern void fcos(_MIPT_ flash,flash); -extern void facos(_MIPT_ flash,flash); -extern void ftanh(_MIPT_ flash,flash); -extern void fatanh(_MIPT_ flash,flash); -extern void fsinh(_MIPT_ flash,flash); -extern void fasinh(_MIPT_ flash,flash); -extern void fcosh(_MIPT_ flash,flash); -extern void facosh(_MIPT_ flash,flash); -#endif - - -/* Test predefined Macros to determine compiler type, and hopefully - selectively use fast in-line assembler (or other compiler specific - optimisations. Note I am unsure of Microsoft version numbers. So I - suspect are Microsoft. - - Note: It seems to be impossible to get the 16-bit Microsoft compiler - to allow inline 32-bit op-codes. So I suspect that INLINE_ASM == 2 will - never work with it. Pity. - -#define INLINE_ASM 1 -> generates 8086 inline assembly -#define INLINE_ASM 2 -> generates mixed 8086 & 80386 inline assembly, - so you can get some benefit while running in a - 16-bit environment on 32-bit hardware (DOS, Windows - 3.1...) -#define INLINE_ASM 3 -> generate true 80386 inline assembly - (Using DOS - extender, Windows '95/Windows NT) - Actually optimised for Pentium - -#define INLINE_ASM 4 -> 80386 code in the GNU style (for (DJGPP) - -Small, medium, compact and large memory models are supported for the -first two of the above. - -*/ - -/* To allow for inline assembly */ - -#ifdef __GNUC__ - #define ASM __asm__ __volatile__ -#endif - -#ifdef __TURBOC__ - #define ASM asm -#endif - -#ifdef _MSC_VER - #define ASM _asm -#endif - -#ifndef MR_NOASM - -/* Win64 - inline the time critical function */ -#ifndef MR_NO_INTRINSICS - #ifdef MR_WIN64 - #define muldvd(a,b,c,rp) (*(rp)=_umul128((a),(b),&(tm)),*(rp)+=(c),tm+=(*(rp)<(c)),tm) - #define muldvd2(a,b,c,rp) (tr=_umul128((a),(b),&(tm)),tr+=(*(c)),tm+=(tr<(*(c))),tr+=(*(rp)),tm+=(tr<(*(rp))),*(rp)=tr,*(c)=tm) - #endif - -/* Itanium - inline the time-critical functions */ - - #ifdef MR_ITANIUM - #define muldvd(a,b,c,rp) (tm=_m64_xmahu((a),(b),(c)),*(rp)=_m64_xmalu((a),(b),(c)),tm) - #define muldvd2(a,b,c,rp) (tm=_m64_xmalu((a),(b),(*(c))),*(c)=_m64_xmahu((a),(b),(*(c))),tm+=*(rp),*(c)+=(tm<*(rp)),*(rp)=tm) - #endif -#endif -/* - -SSE2 code. Works as for itanium - but in fact it is slower than the regular code so not recommended -Would require a call to emmintrin.h or xmmintrin.h, and an __m128i variable tm to be declared in effected -functions. But it works! - - #define muldvd(a,b,c,rp) (tm=_mm_add_epi64(_mm_mul_epu32(_mm_cvtsi32_si128((a)),_mm_cvtsi32_si128((b))),_mm_cvtsi32_si128((c))),*(rp)=_mm_cvtsi128_si32(tm),_mm_cvtsi128_si32(_mm_shuffle_epi32(tm,_MM_SHUFFLE(3,2,0,1))) ) - #define muldvd2(a,b,c,rp) (tm=_mm_add_epi64(_mm_add_epi64(_mm_mul_epu32(_mm_cvtsi32_si128((a)),_mm_cvtsi32_si128((b))),_mm_cvtsi32_si128(*(c))),_mm_cvtsi32_si128(*(rp))),*(rp)=_mm_cvtsi128_si32(tm),*(c)=_mm_cvtsi128_si32( _mm_shuffle_epi32(tm,_MM_SHUFFLE(3,2,0,1)) ) -*/ - -/* Borland C/Turbo C */ - - #ifdef __TURBOC__ - #ifndef __HUGE__ - #if defined(__COMPACT__) || defined(__LARGE__) - #define MR_LMM - #endif - - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - - #if __TURBOC__>=0x410 - #if MIRACL==32 -#if defined(__SMALL__) || defined(__MEDIUM__) || defined(__LARGE__) || defined(__COMPACT__) - #define INLINE_ASM 2 - #else - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - #endif - -/* Microsoft C */ - - #ifdef _MSC_VER - #ifndef M_I86HM - #if defined(M_I86CM) || defined(M_I86LM) - #define MR_LMM - #endif - #if _MSC_VER>=600 - #if _MSC_VER<1200 - #if MIRACL==16 - #define INLINE_ASM 1 - #endif - #endif - #endif - #if _MSC_VER>=1000 - #if MIRACL==32 - #define INLINE_ASM 3 - #endif - #endif - #endif - #endif - -/* DJGPP GNU C */ - - #ifdef __GNUC__ - #ifdef i386 - #if MIRACL==32 - #define INLINE_ASM 4 - #endif - #endif - #endif - -#endif - -#ifdef __cplusplus -} -#endif - - - -/* - The following contribution is from Tielo Jongmans, Netherlands - These inline assembler routines are suitable for Watcom 10.0 and up - - Added into miracl.h. Notice the override of the original declarations - of these routines, which should be removed. - - The following pragma is optional, it is dangerous, but it saves a - calling sequence -*/ - -/* - -#pragma off (check_stack); - -extern unsigned int muldiv(unsigned int, unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldiv= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "div ecx" \ - "mov [esi],edx" \ - parm [eax] [edx] [ebx] [ecx] [esi] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvm(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvm= \ - "div ebx" \ - "mov [ecx],edx" \ - parm [edx] [eax] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -extern unsigned int muldvd(unsigned int, unsigned int, unsigned int, unsigned int *); -#pragma aux muldvd= \ - "mul edx" \ - "add eax,ebx" \ - "adc edx,0" \ - "mov [ecx],eax" \ - "mov eax,edx" \ - parm [eax] [edx] [ebx] [ecx] \ - value [eax] \ - modify [eax edx]; - -*/ - - -#endif - - diff --git a/engines/vendor_defns/mirdef.h b/engines/vendor_defns/mirdef.h deleted file mode 100644 index 210c314f..00000000 --- a/engines/vendor_defns/mirdef.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * MIRACL compiler/hardware definitions - mirdef.h - * For C++ build of library - */ - -#ifndef HEADER_MIRDEF_H -#define HEADER_MIRDEF_H - -#ifdef __cplusplus -extern "C"{ -#endif - -#define MR_LITTLE_ENDIAN -#define MIRACL 64 -#define mr_utype long -#define mr_dltype long long -#define mr_unsign64 unsigned long -#define MR_IBITS 32 -#define MR_LBITS 64 -#define mr_unsign32 unsigned int -#define MR_FLASH 52 -#define MAXBASE ((mr_small)1<<(MIRACL-1)) -#define MR_BITSINCHAR 8 -#define MR_CPP - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/engines/zeromem/cba_ecdh_engine.c b/engines/zeromem/cba_ecdh_engine.c deleted file mode 100755 index cd0ad63c..00000000 --- a/engines/zeromem/cba_ecdh_engine.c +++ /dev/null @@ -1,265 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#ifndef OPENSSL_NO_RSA -#include -#endif -#include -#include -#include "ec2m_kern.h" - -struct ecdh_method -{ - const char *name; - int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - int flags; - char *app_data; -}; - - -#ifndef OPENSSL_NO_HW - -/* the header file of vender */ -//#include "hwdevice.h" - -/* Constants used when creating the ENGINE */ -static const char *engine_hwdev_id = "cba_ecdh"; -static const char *engine_hwdev_name = "cold boot resistant ECDH"; -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -/* Compatibility hack, the dynamic library uses this form in the path */ -static const char *engine_hwdev_id_alt = "cba_ecdh"; -#endif - -static int compute_key(void *out, size_t outlen, - const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) -{ - const EC_GROUP* group; - int ret; - - group = EC_KEY_get0_group(ecdh); - - // only use our solution if the curve name is SECT163K1 - if (EC_GROUP_get_curve_name(group) == NID_sect163k1) { - const BIGNUM* rkey; - BN_CTX *ctx; - BIGNUM* x, *y; - mm256_point_t p, q; - mm_256 mkey; - int r; - - ctx = BN_CTX_new(); - BN_CTX_start(ctx); - - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - - rkey = EC_KEY_get0_private_key(ecdh); - memset(&mkey, 0, sizeof(mkey)); - memcpy(&mkey, rkey->d, sizeof(rkey->d[0]) * rkey->top); - ec2m_import_key(&mkey); - - r = EC_POINT_get_affine_coordinates_GF2m(group, pub_key, x, y, ctx); - memset(&p, 0, sizeof(p)); - memcpy(&p.x, x->d, sizeof(x->d[0]) * x->top); - memcpy(&p.y, y->d, sizeof(y->d[0]) * y->top); - p.z.iv[0] = 1; - - r = ec2m_private_operation(&p, &q); - if (r < 0) { - fprintf(stderr, "invalid result: %d\n", r); - } - - int xlen = (163 + 7) / 8; - if (KDF != 0) - { - if (KDF(&q.x, xlen, out, &outlen) == NULL) - { - return -1; - } - ret = outlen; - } - else - { - /* no KDF, just copy as much as we can */ - if (outlen > xlen) - outlen = xlen; - memcpy(out, &q.x, outlen); - ret = outlen; - } - - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - } else { - // use the default method - const ECDH_METHOD* meth = ECDH_OpenSSL(); - return meth->compute_key(out, outlen, pub_key, ecdh, KDF); - } - - return ret; -} - -static ECDH_METHOD ecdh_meth = { - "CBA resistant ECDH method", - compute_key, - 0, - NULL -}; - -static int hwdev_destroy(ENGINE *e) -{ - fprintf(stderr, "arrive at hwdev_destroy\n"); - return 1; -} - -static int hwdev_init(ENGINE *e) -{ - fprintf(stderr, "arrive at hwdev_init\n"); - ec2m_kern_init(); - return 1; -} - -static int hwdev_finish(ENGINE *e) -{ - fprintf(stderr, "arrive at hwdev_finish\n"); - ec2m_kern_clean(); - return 1; -} - -/* The definitions for control commands specific to this engine */ -#define HWDEV_CMD_INIT (ENGINE_CMD_BASE) -#define HWDEV_CMD_EXIT (ENGINE_CMD_BASE + 1) -#define HWDEV_CMD_TEST (ENGINE_CMD_BASE + 2) -static const ENGINE_CMD_DEFN hwdev_cmd_defns[] = { - {HWDEV_CMD_INIT, - "INIT", - "init the hardware device before using", - ENGINE_CMD_FLAG_STRING}, /* may be the password */ - {HWDEV_CMD_EXIT, - "EXIT", - "exit the hardware device after using", - ENGINE_CMD_FLAG_NO_INPUT}, - {HWDEV_CMD_TEST, - "TEST", - "run the test case of the hardware device", - ENGINE_CMD_FLAG_NUMERIC}, /* may be the number of test case */ - {0, NULL, NULL, 0} - }; - -/* This internal function is used by ENGINE_chil() and possibly by the - * "dynamic" ENGINE support too */ -static int hwdev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - int to_return = 1; - - switch(cmd) { - case HWDEV_CMD_INIT: - fprintf(stderr, "arrive at HWDEV_CMD_INIT, password: %s\n", - (const char *)p); - break; - case HWDEV_CMD_EXIT: - fprintf(stderr, "arrive at HWDEV_CMD_EXIT, no parameters\n"); - break; - case HWDEV_CMD_TEST: - fprintf(stderr, "arrive at HWDEV_CMD_TEST, case id: %ld\n", - i); - break; - /* The command isn't understood by this engine */ - default: - to_return = 0; - break; - } - - return to_return; -} - -static EVP_PKEY *hwdev_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - fprintf(stderr, "arrive at hwdev_load_privkey\n"); - EVP_PKEY *res = NULL; - - return res; -} - -static EVP_PKEY *hwdev_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - fprintf(stderr, "arrive at hwdev_load_pubkey\n"); - EVP_PKEY *res = NULL; - - return res; -} - -static int bind_helper(ENGINE *e) -{ - fprintf(stderr, "arrive at bind_helper\n"); - if(!ENGINE_set_id(e, engine_hwdev_id) || - !ENGINE_set_name(e, engine_hwdev_name) || - !ENGINE_set_ECDH(e, &ecdh_meth) || - !ENGINE_set_destroy_function(e, hwdev_destroy) || - !ENGINE_set_init_function(e, hwdev_init) || - !ENGINE_set_finish_function(e, hwdev_finish) || - !ENGINE_set_ctrl_function(e, hwdev_ctrl) || - !ENGINE_set_load_privkey_function(e, hwdev_load_privkey) || - !ENGINE_set_load_pubkey_function(e, hwdev_load_pubkey) || - !ENGINE_set_cmd_defns(e, hwdev_cmd_defns)) - return 0; - - return 1; -} - -static ENGINE *engine_hwdev(void) -{ - fprintf(stderr, "arrive at engine_test\n"); - ENGINE *ret = ENGINE_new(); - if(!ret) { - return NULL; - } - - if(!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - - return ret; -} - -void ENGINE_load_test(void) -{ - fprintf(stderr, "arrive at ENGINE_load_test\n"); - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_hwdev(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -//#endif - - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - fprintf(stderr, "arrive at bind_fn\n"); - if(id && (strcmp(id, engine_hwdev_id) != 0) && - (strcmp(id, engine_hwdev_id_alt) != 0)) - return 0; - if(!bind_helper(e)) - return 0; - return 1; -} -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* OPENSSL_NO_DYNAMIC_ENGINE */ - -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/zeromem/ec.h b/engines/zeromem/ec.h deleted file mode 100755 index 10afc4b3..00000000 --- a/engines/zeromem/ec.h +++ /dev/null @@ -1,49 +0,0 @@ -#ifndef _EC_H_ -#define _EC_H_ - -#ifdef EC_DEV -#include -#else -#include -#endif -//extern unsigned int sqr_table[1 << 16]; - -typedef struct _struct_mm_128{ - union{ - float fv[4]; - double dv[2]; - uint64_t iv[2]; - uint8_t bv[16]; - }; -} mm_128; - -typedef struct _struct_mm_256{ - union{ - float fv[8]; - double dv[4]; - uint64_t iv[4]; - uint8_t bv[32]; - }; -} mm_256; - -typedef struct { - mm_256 x; - mm_256 y; - mm_256 z; -} mm256_point_t; - -extern void gf2_add(mm_256* a, mm_256* b, mm_256* r); -extern void gf2_mul(mm_256* a, mm_256* b, mm_256* r1, mm_256* r2); -extern void gf2_mod(mm_256* a1, mm_256* a2, mm_256* r); -extern void gf2_sqr(mm_256* a, mm_256* r1, mm_256* r2); -extern void gf2_mod_mul(mm_256* a, mm_256* b, mm_256* r); -extern void gf2_mod_sqr(mm_256* a, mm_256* r); -extern void gf2m_inv(mm_256* a, mm_256 *r); -extern void gf2m_inv_asm(mm_256* a, mm_256 *r); - -extern void gf2_point_dbl(mm256_point_t* pa, mm256_point_t* pr, int a, int b); -extern void gf2_point_add(mm256_point_t* pa, mm256_point_t* pb, mm256_point_t* pr, int a, int b); -extern void gf2_point_mul(mm256_point_t* p, mm_256* k, mm256_point_t* q, int a, int b); -extern void gf2_point_mul_with_preset_key(mm256_point_t* p, mm256_point_t* q, int a, int b); - -#endif diff --git a/engines/zeromem/ec2m_kern.c b/engines/zeromem/ec2m_kern.c deleted file mode 100755 index 5e439e2d..00000000 --- a/engines/zeromem/ec2m_kern.c +++ /dev/null @@ -1,174 +0,0 @@ -#include "ec2m_kern.h" -#include -#include -#include -#include -#include -#include -#include -#include -#include "util.h" - -int sock_fd; - -int init_netlink(int unit, int portId){ - struct sockaddr_nl src_addr; - sock_fd=socket(PF_NETLINK, SOCK_RAW, unit); - if(sock_fd<0) - return -1; - - memset(&src_addr, 0, sizeof(src_addr)); - src_addr.nl_family = AF_NETLINK; - src_addr.nl_pid = portId; /* self pid */ - /* interested in group 1<<0 */ - bind(sock_fd, (struct sockaddr*)&src_addr, - sizeof(src_addr)); //绑定netlink - - if(sock_fd < 0) - return -1; - - return 0; -} - -int send_request(const int func, const void* msg, int mlen) -{ - struct nlmsghdr *nlh = NULL; - struct iovec iov; - struct msghdr mhdr; - struct sockaddr_nl dest_addr; - struct ec2m_request_st req; - const int len = mlen + sizeof(struct ec2m_request_st); - - req.func = func; - req.len = len; - - memset(&dest_addr, 0, sizeof(dest_addr)); - dest_addr.nl_family = AF_NETLINK; - dest_addr.nl_pid = 0; /* For Linux Kernel */ - dest_addr.nl_groups = 0; /* unicast */ - - memset(&mhdr, 0, sizeof(mhdr)); - nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(len)); - memset(nlh, 0, NLMSG_SPACE(len)); - nlh->nlmsg_len = NLMSG_SPACE(len); - nlh->nlmsg_pid = getpid(); - - nlh->nlmsg_flags = 0; - - memcpy((void*)NLMSG_DATA(nlh), &req, sizeof(req)); - memcpy((void*)NLMSG_DATA(nlh) + sizeof(req), msg, mlen); - - iov.iov_base = (void *)nlh; - iov.iov_len = nlh->nlmsg_len; - - mhdr.msg_name = (void *)&dest_addr; - mhdr.msg_namelen = sizeof(dest_addr); - mhdr.msg_iov = &iov; - mhdr.msg_iovlen = 1; - - sendmsg(sock_fd,&mhdr,0); //通过netlink发送消息 - - - return OK; -} - -int recv_response(void* buf, int len) -{ - struct ec2m_response_st resp; - struct nlmsghdr *nlh = NULL; - struct iovec iov; - struct msghdr mhdr; - struct sockaddr_nl dest_addr; - int buflen; - - memset(&dest_addr, 0, sizeof(dest_addr)); - dest_addr.nl_family = AF_NETLINK; - dest_addr.nl_pid = 0; /* For Linux Kernel */ - dest_addr.nl_groups = 0; /* unicast */ - - memset(&mhdr, 0, sizeof(mhdr)); - nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(MAX_PAYLOAD)); - memset(nlh, 0, NLMSG_SPACE(MAX_PAYLOAD)); - nlh->nlmsg_len = NLMSG_SPACE(MAX_PAYLOAD); - nlh->nlmsg_pid = getpid(); - nlh->nlmsg_flags = 0; - - iov.iov_base = (void *)nlh; - iov.iov_len = nlh->nlmsg_len; - - mhdr.msg_name = (void *)&dest_addr; - mhdr.msg_namelen = sizeof(dest_addr); - mhdr.msg_iov = &iov; - mhdr.msg_iovlen = 1; - - buflen = recvmsg(sock_fd, &mhdr, 0); - if(buflen < 0){ - fprintf(stderr, "invalid retval of recvmsg %d\n", buflen); - - return buflen; - } - - buflen -= NLMSG_HDRLEN; - assert(buflen >= sizeof(resp)); - memcpy(&resp, NLMSG_DATA(nlh), sizeof(resp)); - buflen -= sizeof(resp); - assert(buflen == len); - - if (buflen > 0 && buf != NULL) { - memcpy(buf, NLMSG_DATA(nlh) + sizeof(resp), buflen); - } - /* printf("resp: %d, len: %d\n", resp.result, buflen); */ - - return resp.result; -} - -int ec2m_kern_init() -{ - int r; - - r = init_netlink(NETLINK_ECC, getpid()); - - if (r < 0) - return r; - - return 0; -} - -void ec2m_kern_clean() -{ - close(sock_fd); -} - - -int ec2m_import_key(mm_256* key) -{ - int r; - - /* printf("key: %016lx%016lx%016lx\n", key->iv[2], key->iv[1], key->iv[0]); */ - r = send_request(REQ_IMPORT_KEY, key, sizeof(mm_256)); - if (r < 0) - return r; - - r = recv_response(NULL, 0); - if (r < 0) - return r; - - - return 0; - -} - -int ec2m_private_operation(mm256_point_t*p, mm256_point_t*q) -{ - int r; - - r = send_request(REQ_PRIVATE_OP, p, sizeof(mm256_point_t)); - if (r < 0) - return r; - - r = recv_response(q, sizeof(mm256_point_t)); - if (r < 0) - return r; - - return 0; -} diff --git a/engines/zeromem/ec2m_kern.h b/engines/zeromem/ec2m_kern.h deleted file mode 100755 index 6b1b6be0..00000000 --- a/engines/zeromem/ec2m_kern.h +++ /dev/null @@ -1,36 +0,0 @@ -#ifndef _EC2M_KERN_H_ -#define _EC2M_KERN_H_ - -#define NETLINK_ECC 31 -#define MAX_PAYLOAD 1024 - -#define REQ_IMPORT_KEY 1 -#define REQ_PRIVATE_OP 2 - -#define OK 0 -#define FAIL -1 - -#ifdef __KERNEL__ -#include -#else -#include -#endif -#include "ec.h" - -struct ec2m_request_st { - int func; - int len; -}; - -struct ec2m_response_st -{ - int result; -}; - -extern int ec2m_kern_init(void); -extern void ec2m_kern_clean(void); - -extern int ec2m_import_key(mm_256 *key); -extern int ec2m_private_operation(mm256_point_t*p, mm256_point_t*q); - -#endif diff --git a/engines/zeromem/ec_inv.c b/engines/zeromem/ec_inv.c deleted file mode 100755 index 7b18c3ab..00000000 --- a/engines/zeromem/ec_inv.c +++ /dev/null @@ -1,104 +0,0 @@ -#include "ec.h" -#include "string.h" -#include "stdio.h" - -int is_one(mm_256* a) -{ - int i; - if (a->iv[0] != 1) - return 0; - - for (i = 1; i < 4; i++) { - if (a->iv[i] != 0) - return 0; - } - - return 1; - -} - -void shift_right(mm_256* a) -{ - int i; - - for (i = 0; i < 3; i++) { - a->iv[i] = (a->iv[i] >> 1) | (a->iv[i + 1] << 63); - } - a->iv[3] >>= 1; -} - -void add(mm_256* a, mm_256*b) -{ - int i; - - for (i = 0; i < 4; i++) { - b->iv[i] = b->iv[i] ^ a->iv[i]; - } -} - -int deg(mm_256* a) -{ - int cnt = 0; - int i; - uint64_t c; - - for (i = 3; i >= 0; i--) { - if (a->iv[i] != 0) { - break; - } - } - cnt = i * 64; - c = a->iv[i]; - while (c != 0) { - cnt ++; - c >>= 1; - } - return cnt; -} - -void gf2m_inv(mm_256* a, mm_256 *r) -{ - mm_256 b, c, u, v, f, t; - - // b = 1 - memset(&b, 0, sizeof(b)); - b.iv[0] = 1; - // c = 0 - memset(&c, 0, sizeof(c)); - // u = a - u = *a; - // v = f - memset(&v, 0, sizeof(v)); - memset(&f, 0, sizeof(f)); - f.bv[0] = 0xc9; - f.bv[20] = 0x8; - v = f; - - while (1) { - while ((u.bv[0] & 0x1) == 0) { - shift_right(&u); - - if ((b.iv[0] & 0x1) != 0) { - add(&f, &b); - } - shift_right(&b); - } - if (is_one(&u)) - break; - - if (deg(&u) < deg(&v)) { - t = u; - u = v; - v = t; - - t = b; - b = c; - c = t; - } - add(&v, &u); - add(&c, &b); - /* break; */ - } - - *r = b; -} diff --git a/engines/zeromem/ec_main.c b/engines/zeromem/ec_main.c deleted file mode 100755 index 7b8cf0fe..00000000 --- a/engines/zeromem/ec_main.c +++ /dev/null @@ -1,37 +0,0 @@ -#include -#include -#include -#include "ec.h" -#include "test.h" - -int main(int argc, char** argv){ - /* - int i; - - for(i = 0; i < argc; i++){ - printf("arg %d: %s\n", i, argv[i]); - } - */ - - char* cmd = argv[1]; - if(!initDomainParameters(argc, argv)){ - return 1; - } - if(strcmp(cmd, "testFieldArithmetic") == 0){ - return testFieldArithmetic(); - } else if(strcmp(cmd, "testPointArithmetic") == 0){ - return testPointArithmetic(); - } else if(strcmp(cmd, "testAES") == 0){ - return testAES(); - } else if(strcmp(cmd, "benchmark_ec2") == 0){ - return benchmark_EC2(); - } else if(strcmp(cmd, "testKernelEc2m") == 0){ - return testKernelEc2m(); - } else if(strcmp(cmd, "testMisc") == 0){ - return testMisc(); - } else if(strcmp(cmd, "testCycles") == 0){ - return benchmark_cycles(); - } - - return 1; -} diff --git a/engines/zeromem/engine/myengine.c b/engines/zeromem/engine/myengine.c deleted file mode 100755 index 3879b4d0..00000000 --- a/engines/zeromem/engine/myengine.c +++ /dev/null @@ -1,260 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include "myengine.h" -#include "../ec.h" -#include "../util.h" - -int get_affine(const EC_GROUP* group, const EC_POINT* point, BIGNUM* x, BIGNUM* y, BN_CTX *ctx){ - int ret = 0; - if(EC_POINT_is_at_infinity(group, point)){ - return 0; - } - if(x == NULL || y == NULL) - return 0; - if(BN_cmp(&point->Z, BN_value_one()) == 0){ - if(!BN_copy(x, &point->X) || !BN_copy(y, &point->Y)) - return 0; - BN_set_negative(x, 0); - BN_set_negative(y, 0); - } else { - BIGNUM* z = BN_new(); - if(!BN_GF2m_mod_inv(z, &point->Z, &group->field, ctx)){ - printf("could not get the inv\n"); - return 0; - } - if(!BN_GF2m_mod_mul(x, &point->X, z, &group->field, ctx)){ - return 0; - } - if(!BN_GF2m_mod_sqr(z, z, &group->field, ctx)){ - return 0; - } - if(!BN_GF2m_mod_mul(y, &point->Y, z, &group->field, ctx)){ - return 0; - } - } - return 1; -} - -static int my_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) -{ - BN_CTX *ctx; - EC_POINT *tmp=NULL; - BIGNUM *x=NULL, *y=NULL; - const BIGNUM *priv_key; - const EC_GROUP* group; - int ret= -1; - size_t buflen, len; - unsigned char *buf=NULL; - mm256_point_t mPK; - mm_256 mUK; - mm256_point_t mR; - - group = EC_KEY_get0_group(ecdh); - printf("curve_name: %d, field type: %d, degree: %d, a: %x, b: %x\n", EC_GROUP_get_curve_name(group), EC_METHOD_get_field_type(EC_GROUP_method_of(group)), EC_GROUP_get_degree(group), BN_get_word(&group->a), BN_get_word(&group->b)); - - // compute with the syscall only when the filetype is NID_X9_62_characteristic_two_field and the degree is 163 - if (!( - EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field - && EC_GROUP_get_degree(group) == 163 - )) - { - ECDH_METHOD* temp = ECDH_get_default_method(); - return temp->compute_key(out, len, pub_key, ecdh, KDF); - } - - if (outlen > INT_MAX) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ - return -1; - } - - if ((ctx = BN_CTX_new()) == NULL) goto err; - BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - - priv_key = EC_KEY_get0_private_key(ecdh); - if (priv_key == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); - goto err; - } - - if ((tmp=EC_POINT_new(group)) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; - } - - bn_to_mm256(priv_key, &mUK); - - printf("%s\n", BN_bn2hex(priv_key)); - - print_mm_256(&mUK); - printf("\n"); - - EC_POINT_to_mm_point(pub_key, &mPK); - - print_EC_POINT(pub_key); - printf("\n"); - print_mm_point(&mPK); - printf("\n"); - - init_sqr_table(); - - gf2_point_mul(&mPK, &mUK, &mR, BN_get_word(&group->a), BN_get_word(&group->b)); - print_mm_point(&mR); - printf("\n"); - - if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - print_EC_POINT(tmp); - printf("\n"); - - - if (!get_affine(group, tmp, x, y, ctx)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - - buflen = (EC_GROUP_get_degree(group) + 7)/8; - len = BN_num_bytes(x); - if (len > buflen) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); - goto err; - } - if ((buf = OPENSSL_malloc(buflen)) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; - } - - memset(buf, 0, buflen - len); - if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); - goto err; - } - - if (KDF != 0) - { - if (KDF(buf, buflen, out, &outlen) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED); - goto err; - } - ret = outlen; - } - else - { - /* no KDF, just copy as much as we can */ - if (outlen > buflen) - outlen = buflen; - memcpy(out, buf, outlen); - ret = outlen; - } - printf("ECC compute key done!\n"); - err: - if (tmp) EC_POINT_free(tmp); - if (ctx) BN_CTX_end(ctx); - if (ctx) BN_CTX_free(ctx); - if (buf) OPENSSL_free(buf); - return(ret); - - - /* if(1){ */ - /* ECDH_METHOD* temp = ECDH_get_default_method(); */ - /* return temp->compute_key(out, len, pub_key, ecdh, KDF); */ - /* } */ - /* return 1; */ -} - -/**************************************************************************** - * Functions to handle the engine * -*****************************************************************************/ - -static int bind_my(ENGINE *e) -{ - //const RSA_METHOD *meth1; - if(!ENGINE_set_id(e, engine_my_id) - || !ENGINE_set_name(e, engine_my_name) - || !ENGINE_set_ECDH(e, &my_ecdh) - //|| !ENGINE_set_ciphers(e, my_ciphers) - //|| !ENGINE_set_digests(e, my_digests) - || !ENGINE_set_destroy_function(e, my_destroy) - || !ENGINE_set_init_function(e, my_init) - || !ENGINE_set_finish_function(e, my_finish) - /* || !ENGINE_set_ctrl_function(e, my_ctrl) */ - /* || !ENGINE_set_cmd_defns(e, my_cmd_defns) */) - return 0; - return 1; - } - - -#ifdef ENGINE_DYNAMIC_SUPPORT -static int bind_helper(ENGINE *e, const char *id) -{ - if(id && (strcmp(id, engine_my_id) != 0)) - return 0; - if(!bind_my(e)) - return 0; - return 1; -} -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) -#else -static ENGINE *engine_my(void) -{ - ENGINE *ret = ENGINE_new(); - if(!ret) - return NULL; - if(!bind_my(ret)) - { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_myengine(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_my(); - if(!toadd) return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -#endif - - -static int my_init(ENGINE *e) -{ - printf("my_init\n"); - return 1; -} - - -static int my_finish(ENGINE *e) -{ - printf("my_finih\n"); - return 1; -} - - -static int my_destroy(ENGINE *e) -{ - printf("my_destroy\n"); - return 1; -} diff --git a/engines/zeromem/engine/myengine.h b/engines/zeromem/engine/myengine.h deleted file mode 100755 index 5009125d..00000000 --- a/engines/zeromem/engine/myengine.h +++ /dev/null @@ -1,175 +0,0 @@ -#define INT_MAX 32767 - -#include -typedef struct ec_extra_data_st { - struct ec_extra_data_st *next; - void *data; - void *(*dup_func)(void *); - void (*free_func)(void *); - void (*clear_free_func)(void *); -} EC_EXTRA_DATA; - -typedef struct ec_key_st { - int version; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - unsigned int enc_flag; - point_conversion_form_t conv_form; - - int references; - int flags; - - EC_EXTRA_DATA *method_data; -} EC_KEY; -static const char *engine_my_id = "111"; -static const char *engine_my_name = "myengine"; - - -/**************************************************************************** - * Functions to handle the engine * - ***************************************************************************/ -static int my_destroy(ENGINE *e); -static int my_init(ENGINE *e); -static int my_finish(ENGINE *e); - - -/**************************************************************************** - * Engine commands * -*****************************************************************************/ -static const ENGINE_CMD_DEFN my_cmd_defns[] = -{ - {0, NULL, NULL, 0} -}; - -static int my_ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, -EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - -/* -some definations missing in openssl header files public accessible -*/ - -struct ec_point_st { - const EC_METHOD *meth; - - /* All members except 'meth' are handled by the method functions, - * * even if they appear generic */ - - BIGNUM X; - BIGNUM Y; - BIGNUM Z; /* Jacobian projective coordinates: - * (X, Y, Z) represents (X/Z^2, Y/Z^3) if Z != 0 */ - int Z_is_one; /* enable optimized point arithmetics for special case */ -} /* EC_POINT */; - -typedef struct ec_point_st EC_POINT; - -struct ec_group_st { - const EC_METHOD *meth; - - EC_POINT *generator; /* optional */ - BIGNUM order, cofactor; - - int curve_name;/* optional NID for named curve */ - int asn1_flag; /* flag to control the asn1 encoding */ - point_conversion_form_t asn1_form; - - unsigned char *seed; /* optional seed for parameters (appears in ASN1) */ - size_t seed_len; - - struct EC_EXTRA_DATA *extra_data; /* linked list */ - - /* The following members are handled by the method functions, - * even if they appear generic */ - - BIGNUM field; /* Field specification. - * For curves over GF(p), this is the modulus; - * for curves over GF(2^m), this is the - * irreducible polynomial defining the field. - */ - - int poly[6]; /* Field specification for curves over GF(2^m). - * The irreducible f(t) is then of the form: - * t^poly[0] + t^poly[1] + ... + t^poly[k] - * where m = poly[0] > poly[1] > ... > poly[k] = 0. - * The array is terminated with poly[k+1]=-1. - * All elliptic curve irreducibles have at most 5 - * non-zero terms. - */ - - BIGNUM a, b; /* Curve coefficients. - * (Here the assumption is that BIGNUMs can be used - * or abused for all kinds of fields, not just GF(p).) - * For characteristic > 3, the curve is defined - * by a Weierstrass equation of the form - * y^2 = x^3 + a*x + b. - * For characteristic 2, the curve is defined by - * an equation of the form - * y^2 + x*y = x^3 + a*x^2 + b. - */ - - int a_is_minus3; /* enable optimized point arithmetics for special case */ - - void *field_data1; /* method-specific (e.g., Montgomery structure) */ - void *field_data2; /* method-specific */ - int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */ -} /* EC_GROUP */; - -struct ec_key_st { - int version; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - unsigned int enc_flag; - point_conversion_form_t conv_form; - - int references; - int flags; - - struct EC_EXTRA_DATA *method_data; -} /* EC_KEY */; - - -struct ecdh_method - { - const char *name; - int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); -#if 0 - int (*init)(EC_KEY *eckey); - int (*finish)(EC_KEY *eckey); -#endif - int flags; - char *app_data; - }; - -static ECDH_METHOD my_ecdh = { - "myengine", - my_ecdh_compute_key, -#if 0 - NULL, /* init */ - NULL, /* finish */ -#endif - 0, /* flags */ - NULL /* app_data */ -}; - -/**************************************************************************** - * Symetric cipher and digest function registrars * -*****************************************************************************/ - -static int my_ciphers(ENGINE *e, const EVP_CIPHER **cipher,const int **nids, int nid); - -static int my_digests(ENGINE *e, const EVP_MD **digest,const int **nids, int nid); - - -static int my_cipher_nids[] ={ NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 }; -static int my_digest_nids[] ={ NID_md2, NID_md5, 0 }; - -/*__declspec(dllexport)*/ void ENGINE_load_myengine(void); - diff --git a/engines/zeromem/engine/mytest.c b/engines/zeromem/engine/mytest.c deleted file mode 100755 index 401aa109..00000000 --- a/engines/zeromem/engine/mytest.c +++ /dev/null @@ -1,106 +0,0 @@ -//test.c -#include -#include -#include -#include -#include -#include - -static void display_engine_list() -{ - ENGINE *h; - int loop; - - h = ENGINE_get_first(); - loop = 0; - printf("listing available engine types\n"); - while(h) - { - printf("engine %i, id = \"%s\", name = \"%s\"\n", - loop++, ENGINE_get_id(h), ENGINE_get_name(h)); - h = ENGINE_get_next(h); - } - printf("end of list\n"); - /* ENGINE_get_first() increases the struct_ref counter, so we - must call ENGINE_free() to decrease it again */ - ENGINE_free(h); -} - - -void test() -{ - ENGINE *e = NULL; - int rv; - unsigned char buf[1024]; - EVP_PKEY *evpKey; - - EC_KEY *key; - EC_POINT *pubkey; - EC_GROUP *group; - EC_builtin_curve *curves; - int crv_len; - char shareKey1[10240],shareKey2[10240]; - int ret,nid,size,i,sig_len; - int len1,len2; - - crv_len = EC_get_builtin_curves(NULL, 0); - curves = (EC_builtin_curve *)malloc(sizeof(EC_builtin_curve) * crv_len); - EC_get_builtin_curves(curves, crv_len); - nid = NID_sect163k1; - group=EC_GROUP_new_by_curve_name(nid); - - key=EC_KEY_new(); - ret=EC_KEY_set_group(key,group); - ret=EC_KEY_generate_key(key); - ret=EC_KEY_check_key(key); - pubkey = EC_KEY_get0_public_key(key); - - ENGINE_load_myengine(); - display_engine_list(); - - len1=ECDH_compute_key(shareKey1, 10240, pubkey, key, NULL); - e = ENGINE_by_id("111"); - printf("get myengine engine OK.name:%s\n",ENGINE_get_name(e)); - ENGINE_register_ECDH(e); - //rv = ENGINE_set_default(e,ENGINE_METHOD_ALL); - - - len2=ECDH_compute_key(shareKey2, 10240, pubkey, key, NULL); - - printf("len: %d, %d\n", len1, len2); - if(len1!=len2) - { - printf("err: %d, %d\n", len1, len2); - } - else - { - ret=memcmp(shareKey1,shareKey2,len1); - if(ret==0) - { - printf("right\n"); - } - else - printf("wrong\n"); - } - printf("test ok!\n"); - /*ENGINE_register_RSA(e); - rv = ENGINE_set_default(e,ENGINE_METHOD_ALL); - evpKey = EVP_PKEY_new(); - rsa = RSA_generate_key(1024,RSA_F4,NULL,NULL); - rv = EVP_PKEY_set1_RSA(evpKey,rsa); - rv = EVP_PKEY_encrypt(buf,buf,128,evpKey); -*/ -/* rv = ENGINE_finish(e); - - rv = ENGINE_free(e); - printf("test end.\n"); - return;*/ - } - -int main() -{ - test(); - return 0; -} - - diff --git a/engines/zeromem/kernel/cba-ecc.c b/engines/zeromem/kernel/cba-ecc.c deleted file mode 100755 index 9d44029d..00000000 --- a/engines/zeromem/kernel/cba-ecc.c +++ /dev/null @@ -1,208 +0,0 @@ -#include -#include - -#include -#include - -#include -#include -#include -#include "../ec2m_kern.h" -#include "../ec.h" - -unsigned int sqr_table[1 << 16]; -struct sock *sock_fd = NULL; - -mm_256 gkey; - -void init_sqr_table(void){ - unsigned int i, j; - unsigned int t; - unsigned int n; - for(i = 0; i < sizeof(sqr_table) / sizeof(sqr_table[0]); i++){ - t = 0; - j = i; - n = 16; - while(n-- > 0){ - t = t << 2; - t |= ((j >> n) & 0x1); - } - sqr_table[i] = t; - } -} - -void import_key(void* info) { - mm_256* key; - mm_256 tkey; - - int cpu_id; - unsigned long irqs; - cpu_id = get_cpu(); - local_irq_save(irqs); - - //printk(KERN_INFO"%s on %d\n", __FUNCTION__, cpu_id); - key = (mm_256*)info; - // print value in dr0-3 previously - __asm__( - "movq %%dr0, %%rax\n\t" - "vmovq %%rax, %%xmm15\n\t" - "movq %%dr1, %%rax\n\t" - "vpinsrq $1, %%rax, %%xmm15, %%xmm15\n\t" - "movq %%dr2, %%rax\n\t" - "vmovq %%rax, %%xmm14\n\t" - "vinsertf128 $1, %%xmm14, %%ymm15, %%ymm15\n\t" - "vmovdqu %%ymm15, %0\n\t" - :"=m"(tkey) - : - : "rax", "memory" - ); - - //printk(KERN_INFO"debug regs:%016llx%016llx%016llx%016llx\n", tkey.iv[3], tkey.iv[2], tkey.iv[1], tkey.iv[0]); - //printk(KERN_INFO"key: %016llx%016llx%016llx\n", key->iv[2], key->iv[1], key->iv[0]); - gkey = *key; - - - __asm__( - "movq %0, %%dr0\n" - "movq %1, %%dr1\n" - "movq %2, %%dr2\n" - : - :"r"(key->iv[0]),"r"(key->iv[1]),"r"(key->iv[2]) - : "memory" - ); - local_irq_restore(irqs); - put_cpu(); -} - -int k_ec2m_import_key(mm_256* key) -{ - import_key(key); - smp_call_function(import_key, key, 1); - return OK; -} - -int k_ec2m_private_op(mm256_point_t* Q, mm256_point_t* P) -{ - int cpu_id; - unsigned long irqs; - cpu_id = get_cpu(); - local_irq_save(irqs); - - //printk(KERN_INFO"%s on %d\n", __FUNCTION__, cpu_id); - - __asm__ __volatile__( - "movq %%dr0, %%rax\n\t" - "vmovq %%rax, %%xmm15\n\t" - "movq %%dr1, %%rax\n\t" - "vpinsrq $1, %%rax, %%xmm15, %%xmm15\n\t" - "movq %%dr2, %%rax\n\t" - "vmovq %%rax, %%xmm14\n\t" - "vinsertf128 $1, %%xmm14, %%ymm15, %%ymm15\n\t" - : - : - : "rax", "memory" - ); - gf2_point_mul_with_preset_key(P, Q, 1, 1); - - local_irq_restore(irqs); - put_cpu(); - - return OK; -} - - -void nl_recv_msg(struct sk_buff* skb){ - struct nlmsghdr *nlh; - struct sk_buff* out; - struct ec2m_request_st* req; - struct ec2m_response_st resp; - int pid; - int size; - char *buf; - int r; - - nlh=(struct nlmsghdr*)skb->data; - size = nlmsg_len(nlh);// - NLMSG_HDRLEN; - - pid = nlh->nlmsg_pid; /*pid of sending process */ - /* printk(KERN_INFO "Netlink received a new msg from %d, size: %d\n", pid, size); */ - buf = nlmsg_data(nlh); - req = (struct ec2m_request_st*)buf; - /* printk(KERN_INFO "got a request: %d, len: %d", req->func, req->len); */ - - switch (req->func) { - case REQ_IMPORT_KEY: - { - mm_256* key; - key = (mm_256*) (buf + sizeof(struct ec2m_request_st)); - resp.result = k_ec2m_import_key(key); - size = sizeof(struct ec2m_response_st); - buf = kmalloc(size, GFP_KERNEL); - memcpy(buf, &resp, sizeof(resp)); - break; - } - case REQ_PRIVATE_OP: - { - mm256_point_t* P; - mm256_point_t Q; - P = (mm256_point_t*) (buf + sizeof(struct ec2m_request_st)); - resp.result = k_ec2m_private_op(&Q, P); - size = sizeof(struct ec2m_response_st) + sizeof(mm256_point_t); - buf = kmalloc(size, GFP_KERNEL); - memcpy(buf, &resp, sizeof(resp)); - memcpy(buf + sizeof(resp), &Q, sizeof(Q)); - break; - } - - } - - out = nlmsg_new(size, 0); - nlh = nlmsg_put(out, 0, 0, NLMSG_DONE, size, 0); - NETLINK_CB(out).dst_group = 0; /* not in mcast group */ - memcpy(nlmsg_data(nlh), buf, size); - r = nlmsg_unicast(sock_fd, out, pid); - if (r < 0){ - printk(KERN_INFO "forward msg to %d failed, err code %d\n", pid, r); - } - kfree(buf); -} - - -int init_netlink(void){ - struct netlink_kernel_cfg cfg = {0}; - cfg.input = nl_recv_msg; - sock_fd = netlink_kernel_create(&init_net, NETLINK_ECC, &cfg ); - - if(!sock_fd) - { - printk(KERN_ALERT "Error creating socket.\n"); - return -1; - } - printk(KERN_ALERT "creating socket successfully.\n"); - - return 0; -} - - - -int __init ecc_init(void) { - // init netlink - init_netlink(); - init_sqr_table(); - - return 0; -} - - -void __exit ecc_exit(void) { - // netlink clean up - if(sock_fd != NULL) - netlink_kernel_release(sock_fd); -} - - -module_init(ecc_init); -module_exit(ecc_exit); - - -MODULE_LICENSE("GPL"); diff --git a/engines/zeromem/kernel/install.sh b/engines/zeromem/kernel/install.sh deleted file mode 100755 index 00f78fe4..00000000 --- a/engines/zeromem/kernel/install.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -sudo rmmod ecc -sudo insmod ecc.ko -dmesg|tail diff --git a/engines/zeromem/kernel_test.c b/engines/zeromem/kernel_test.c deleted file mode 100755 index fc1eab49..00000000 --- a/engines/zeromem/kernel_test.c +++ /dev/null @@ -1,217 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "kernel_test.h" -#include "ec.h" -#include "ec2m_kern.h" -#include "util.h" - - -#define _NR_sse_switch 312 - -struct ec_point_st { - const EC_METHOD *meth; - - /* All members except 'meth' are handled by the method functions, - * even if they appear generic */ - - BIGNUM X; - BIGNUM Y; - BIGNUM Z; /* Jacobian projective coordinates: - * (X, Y, Z) represents (X/Z^2, Y/Z^3) if Z != 0 */ - int Z_is_one; /* enable optimized point arithmetics for special case */ -} /* EC_POINT */; - -int testSSE(){ - // try perform an simple packed add operation - mm_256 a, b, c; - - syscall(_NR_sse_switch, 0); - - a.iv[0] = 0; - a.iv[1] = 1; - b.iv[0] = 2; - b.iv[1] = 3; - __asm__ __volatile__ ("vmovdqu %0, %%ymm0" : : "m"(a)); - __asm__ __volatile__ ("vmovdqu %0, %%ymm1" : : "m"(b)); - __asm__ __volatile__ ("vaddpd %ymm0, %ymm1, %ymm1"); - __asm__ __volatile__ ("vmovdqu %%ymm1, %0" : "=m"(c) :); - printf("%ld, %ld\n", c.iv[0], c.iv[1]); - - //syscall(_NR_sse_switch, 0); - - return 1; -} - -void print_num(mm_256* m) -{ - int i; - int nonzero = 0; - - for (i = sizeof(mm_256) - 1; i >= 0; i--) { - if (!nonzero){ - if (m->bv[i] != 0) - nonzero = 1; - else - continue; - } - printf("%02x", m->bv[i]); - } - if (!nonzero) - printf("0"); -} - - -void print_point(mm256_point_t* p) -{ - print_num(&p->x); - printf(", "); - print_num(&p->y); - printf(", "); - print_num(&p->z); -} - -void print_ec_point(EC_POINT* p) -{ - printf("("); - BN_print_fp(stdout, &p->X); - printf(":"); - BN_print_fp(stdout, &p->Y); - printf(":"); - BN_print_fp(stdout, &p->Z); - printf(")"); -} - - - -int testAPI() -{ - int r; - int nid; - EC_KEY *key; - BIO *bio_out; - const BIGNUM* rkey; - const EC_GROUP* group; - const EC_POINT* ukey; - const EC_POINT* G, *pr; - BIGNUM* x, *y; - - BN_CTX* ctx; - mm_256 mkey; - mm256_point_t mp, mq; - mm_256 z_; - - - init_sqr_table(); - - - ctx = BN_CTX_new(); - BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - - // open stdout as bio - bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); - - // get curve nid - /* nid = EC_curve_nist2nid("sect163k1"); */ - nid = OBJ_sn2nid(SN_sect163k1); - - // generate the key - key = EC_KEY_new_by_curve_name(nid); - assert(key != NULL); - r = EC_KEY_generate_key(key); - assert(r == 1); - - // print key - EC_KEY_print(bio_out, key, 0); - // get group - group = EC_KEY_get0_group(key); - // get generator - G = EC_GROUP_get0_generator(group); - // get private key - rkey = EC_KEY_get0_private_key(key); - memset(&mkey, 0, sizeof(mkey)); - memcpy(&mkey, rkey->d, rkey->top * sizeof(rkey->d[0])); - print_num(&mkey); - printf("\n"); - - // get the public key - ukey = EC_KEY_get0_public_key(key); - - // init api - r = ec2m_kern_init(); - assert(r == 0); - printf("ec2m init done.\n"); - - - // import the private key - r = ec2m_import_key(&mkey); - assert(r == 0); - - // calculate r=G*k - // r should be equal to the public key - EC_POINT_get_affine_coordinates_GF2m(group, G, x, y, ctx); - memset(&mq, 0, sizeof(mq)); - memset(&mp, 0, sizeof(mp)); - memcpy(&mp.x, x->d, sizeof(x->d[0]) * x->top); - memcpy(&mp.y, y->d, sizeof(y->d[0]) * y->top); - mp.z.iv[0] = 1; - - bn_expand2(x, 3); - bn_expand2(y, 3); - - gf2_point_mul(&mp, &mkey, &mq, 1, 1); - print_mm_point(&mq); - printf("\n"); - - r = ec2m_private_operation(&mp, &mq); - assert(r == 0); - - print_mm_point(&mq); - printf("\n"); - - /* printf("inv(z): "); */ - /* gf2m_inv(&mq.z, &z_); */ - /* print_num(&z_); */ - /* printf("\n"); */ - - /* gf2_mod_mul(&mq.x, &z_, &mq.x); */ - /* gf2_mod_mul(&mq.y, &z_, &mq.y); */ - /* gf2_mod_mul(&mq.z, &z_, &mq.z); */ - /* print_mm_point(&mq); */ - /* printf("\n"); */ - - pr = EC_POINT_new(group); - EC_POINT_mul(group, pr, NULL, G, rkey, ctx); - print_ec_point(pr); - printf("\n"); - EC_POINT_get_affine_coordinates_GF2m(group, pr, x, y, ctx); - - - ec2m_kern_clean(); - - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - - return 0; - -} - - -int main() -{ - testSSE(); - testAPI(); - - return 0; - -} diff --git a/engines/zeromem/kernel_test.h b/engines/zeromem/kernel_test.h deleted file mode 100755 index 7dbd1eee..00000000 --- a/engines/zeromem/kernel_test.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifndef _KERNEL_TEST_H_ -#define _KERNEL_TEST_H_ - -extern int testSSE(); - -#endif diff --git a/engines/zeromem/sys_ec2m.c b/engines/zeromem/sys_ec2m.c deleted file mode 100755 index 084735ac..00000000 --- a/engines/zeromem/sys_ec2m.c +++ /dev/null @@ -1,22 +0,0 @@ -#include -#include "sys_ec2m.h" - -int sys_ec2m_alloc(void) -{ - return syscall(__NR_ec2m_alloc); -} - -int sys_ec2m_free(int rid) -{ - return syscall(__NR_ec2m_free, rid); -} - -int sys_ec2m_setkey(int rid, mm_256* key, int a, int b) -{ - return syscall(__NR_ec2m_setkey, rid, (void*)key, a, b); -} - -int sys_ec2m_encrypt(int rid, mm256_point_t* bufin, mm256_point_t* bufout) -{ - return syscall(__NR_ec2m_encrypt, rid, (void*)bufin, (void*)bufout); -} diff --git a/engines/zeromem/sys_ec2m.h b/engines/zeromem/sys_ec2m.h deleted file mode 100755 index ec204a0a..00000000 --- a/engines/zeromem/sys_ec2m.h +++ /dev/null @@ -1,16 +0,0 @@ -#ifndef _SYS_EC2M_H_ -#define _SYS_EC2M_H_ - -#define __NR_ec2m_alloc 312 -#define __NR_ec2m_free 313 -#define __NR_ec2m_setkey 314 -#define __NR_ec2m_encrypt 315 - -#include "ec.h" - -extern int sys_ec2m_alloc(void); -extern int sys_ec2m_free(int rid); -extern int sys_ec2m_setkey(int rid, mm_256* key, int a, int b); -extern int sys_ec2m_encrypt(int rid, mm256_point_t* bufin, mm256_point_t* bufout); - -#endif diff --git a/engines/zeromem/test.c b/engines/zeromem/test.c deleted file mode 100755 index bedf149f..00000000 --- a/engines/zeromem/test.c +++ /dev/null @@ -1,1653 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "ec.h" -#include "aes_tight.h" -#include "util.h" -#include "sys_ec2m.h" -#include "ec2m_kern.h" - -#include "test.h" - -/* - * list all embedded elliptic curves in openssl: - * # openssl ecparam -list_curves - */ -#define curve_sect163k1 "sect163k1" -#define curve_sect163r1 "sect163r1" -#define curve_sect233k1 "sect233k1" -#define curve_sect233r1 "sect233r1" - -/* Lopez-Dahab coordinates */ -#define __LD__ - -/* Affine Coordinates */ -#define __AFFINE__ - -const int sz_buf = 1024; -const int cntUS = 1000000; - -BN_CTX *ctx; -EC_GROUP *ec_group; -const EC_POINT *G; -static BIGNUM *p = NULL; -static BIGNUM *a = NULL; -static BIGNUM *b = NULL; -static BIGNUM *x = NULL; -static BIGNUM *y = NULL; -static BIGNUM *n = NULL; -static BIGNUM *h = NULL; -static int a_is_one = 0; -static int b_is_one = 0; - -int initDomainParameters(int argc, char** argv){ - ctx = BN_CTX_new(); - ec_group = EC_GROUP_new_by_curve_name(OBJ_sn2nid("sect163k1")); - p = BN_new(); - a = BN_new(); - b = BN_new(); - x = BN_new(); - y = BN_new(); - n = BN_new(); - h = BN_new(); - - assert(EC_GROUP_get_curve_GF2m(ec_group, p, a, b, NULL)); - assert(EC_GROUP_get_order(ec_group, n, NULL)); - assert(EC_GROUP_get_cofactor(ec_group, h, NULL)); - G = EC_GROUP_get0_generator(ec_group); - assert(G); - assert(EC_POINT_get_affine_coordinates_GF2m(ec_group, G, x, y, NULL)); - - if (BN_is_one(a)) - a_is_one = 1; - if (BN_is_one(b)) - b_is_one = 1; - - init_sqr_table(); - return 1; -} - -void domain_parameters_print() { - assert(p && a && b && x && y && n && h); - - printf("p = 0x %s\n", BN_bn2str(p)); - printf("a = 0x %s\n", BN_bn2str(a)); - printf("b = 0x %s\n", BN_bn2str(b)); - printf("x = 0x %s\n", BN_bn2str(x)); - printf("y = 0x %s\n", BN_bn2str(y)); - printf("n = 0x %s\n", BN_bn2str(n)); - printf("h = 0x %s\n", BN_bn2str(h)); -} - -void ec_point_set_infinity(ec_point_t *P) { - BN_one(P->X); - BN_zero(P->Y); - BN_zero(P->Z); -} - -void ec_point_set_affine_xy(ec_point_t *P, const BIGNUM *ax, const BIGNUM *ay) { - BN_copy(P->X, ax); - BN_copy(P->Y, ay); - BN_one(P->Z); -} - -void ec_point_ld_to_affine(ec_point_t *P) { -} - - -/* in Lopez-Dahab co-ordinates - * the point at infinity (oo) is (1: 0: 0) - * and -(X: Y: Z) is (X: X+Y: Z) - */ -int ec_point_is_at_infinity(const ec_point_t __LD__ *P) { - assert(P->X && P->Y && P->Z); - if (BN_is_one(P->X) && BN_is_zero(P->Y) && BN_is_zero(P->Z)) - return 1; - return 0; -} - -void ec_point_copy(ec_point_t *R, const ec_point_t *P) { - BN_copy(R->X, P->X); - BN_copy(R->Y, P->Y); - BN_copy(R->Z, P->Z); -} - -/* - * Algorithm 3.24 in "Guide to Elliptic Curve Cryptography" - * P = (X1: Y1: Z1) - * R = 2P = (X3: Y3: Z3) - */ -void ec_point_double(ec_point_t __LD__ *R, const ec_point_t __LD__ *P) { - int r; - BN_CTX *ctx = BN_CTX_new(); - const BIGNUM *X1 = P->X; - const BIGNUM *Y1 = P->Y; - const BIGNUM *Z1 = P->Z; - BIGNUM *X3 = R->X; - BIGNUM *Y3 = R->Y; - BIGNUM *Z3 = R->Z; - BIGNUM *T1 = BN_new(); - BIGNUM *T2 = BN_new(); - - debug(" 1. if P == oo, return P. "); - if (ec_point_is_at_infinity(P)) { - debug("P == oo\n"); - ec_point_copy(R, P); - return; - } else { - debug("P != oo\n"); - } - - debug(" 2. T1 = Z1^2"); - r = BN_GF2m_mod_sqr(T1, Z1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug(" 3. T2 = X1^2"); - r = BN_GF2m_mod_sqr(T2, X1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug(" 4. Z3 = T1 * T2"); - r = BN_GF2m_mod_mul(Z3, T1, T2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(Z3)); - - debug(" 5. X3 = T2^2"); - r = BN_GF2m_mod_sqr(X3, T2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug(" 6. T1 = T1^2"); - r = BN_GF2m_mod_sqr(T1, T1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug(" 7. T2 = T1 * b"); - if (b_is_one) - BN_copy(T2, T1); - else - r = BN_GF2m_mod_mul(T2, T1, b, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug(" 8. X3 = X3 + T2"); - r = BN_GF2m_add(X3, X3, T2); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug(" 9. T1 = Y1^2"); - r = BN_GF2m_mod_sqr(T1, Y1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug("10. if a==1, T1 = T1 + Z3, "); - if (a_is_one) { - debug("a == 1, T1 = T1 + Z3"); - r = BN_GF2m_add(T1, T1, Z3); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - } else { - debug("a != 1, do nothing\n"); - } - - debug("11. T1 = T1 + T2"); - r = BN_GF2m_add(T1, T1, T2); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug("12. Y3 = X3 * T1"); - r = BN_GF2m_mod_mul(Y3, X3, T1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug("13. T1 = T2 * Z3"); - r = BN_GF2m_mod_mul(T1, T2, Z3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug("14. Y3 = Y3 + T1"); - r = BN_GF2m_add(Y3, Y3, T1); - assert(r); - debug(" = %s\n", BN_bn2str(Y3)); - - debug("15. return (X3: Y3: Z3) = (%s: %s: %s)\n", BN_bn2str(X3), BN_bn2str(Y3), BN_bn2str(Z3)); - return; -} - -void ec_point_add(ec_point_t __LD__ *R, const ec_point_t __LD__ *P, const ec_point_t __AFFINE__ *Q) { - int r; - BN_CTX *ctx = BN_CTX_new(); - const BIGNUM *X1 = P->X; - const BIGNUM *Y1 = P->Y; - const BIGNUM *Z1 = P->Z; - const BIGNUM *x2 = Q->X; - const BIGNUM *y2 = Q->Y; - BIGNUM *X3 = R->X; - BIGNUM *Y3 = R->Y; - BIGNUM *Z3 = R->Z; - BIGNUM *T1 = BN_new(); - BIGNUM *T2 = BN_new(); - BIGNUM *T3 = BN_new(); - - debug(" 1. if Q == oo, return P. Q should not be oo\n"); - - debug(" 2. if P == oo, return Q. "); - if (ec_point_is_at_infinity(P)) { - debug(" P == oo, return Q\n"); - ec_point_copy(R, Q); - return; - } else { - debug(" P != oo\n"); - } - - debug(" 3. T1 = Z1 * x2"); - r = BN_GF2m_mod_mul(T1, Z1, x2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug(" 4. T2 = Z1^2"); - r = BN_GF2m_mod_sqr(T2, Z1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug(" 5. X3 = X1 + T1"); - r = BN_GF2m_add(X3, X1, T1); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug(" 6. T1 = Z1 * X3"); - r = BN_GF2m_mod_mul(T1, Z1, X3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug(" 7. T3 = T2 * y2"); - r = BN_GF2m_mod_mul(T3, T2, y2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T3)); - - debug(" 8. Y3 = Y1 + T3"); - r = BN_GF2m_add(Y3, Y1, T3); - assert(r); - debug(" = %s\n", BN_bn2str(Y3)); - - /* 9. if X3 == 0, - if Y3 == 0, (X3: Y3: Z3) = 2(x2: y2: 1) - else return oo - */ - debug(" 9. if X3 == 0 { if Y3== 0, return 2(x2: y2: 1) } else return oo\n"); - if (BN_is_zero(X3)) { - debug("X3 == 0\n"); - if (BN_is_zero(Y3)) { - debug("Y3 == 0\n"); - ec_point_double(R, P); - return; - } - } - - - debug("10. Z3 = T1^2"); - r = BN_GF2m_mod_sqr(Z3, T1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(Z3)); - - debug("11. T3 = T1 * Y3"); - r = BN_GF2m_mod_mul(T3, T1, Y3, p, ctx); - debug(" = %s\n", BN_bn2str(T3)); - - debug("12. if a==1, T1 = T1 + T2\n"); - if (a_is_one) { - debug("a == 1, T1 = T1 + T2"); - r = BN_GF2m_add(T1, T1, T2); - debug(" = %s\n", BN_bn2str(T1)); - } - - debug("13. T2 = X3^2"); - r = BN_GF2m_mod_sqr(T2, X3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - - debug("14. X3 = T2 * T1"); - r = BN_GF2m_mod_mul(X3, T2, T1, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug("15. T2 = Y3^2"); - r = BN_GF2m_mod_sqr(T2, Y3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug("16. X3 = X3 + T2"); - r = BN_GF2m_add(X3, X3, T2); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug("17. X3 = X3 + T3"); - r = BN_GF2m_add(X3, X3, T3); - assert(r); - debug(" = %s\n", BN_bn2str(X3)); - - debug("18. T2 = x2 * Z3"); - r = BN_GF2m_mod_mul(T2, x2, Z3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug("19. T2 = T2 + X3"); - r = BN_GF2m_add(T2, T2, X3); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug("20. T1 = Z3^2"); - r = BN_GF2m_mod_sqr(T1, Z3, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T1)); - - debug("21. T3 = T3 + Z3"); - r = BN_GF2m_add(T3, T3, Z3); - assert(r); - debug(" = %s\n", BN_bn2str(T3)); - - debug("22. Y3 = T3 * T2"); - r = BN_GF2m_mod_mul(Y3, T3, T2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(Y3)); - - debug("23. T2 = x2 + y2"); - r = BN_GF2m_add(T2, x2, y2); - assert(r); - debug(" = %s\n", BN_bn2str(T2)); - - debug("24. T3 = T1 * T2"); - r = BN_GF2m_mod_mul(T3, T1, T2, p, ctx); - assert(r); - debug(" = %s\n", BN_bn2str(T3)); - - debug("25. Y3 = Y3 + T3"); - r = BN_GF2m_add(Y3, Y3, T3); - assert(r); - debug(" = %s\n", BN_bn2str(Y3)); - - debug("26. return (X3: Y3: Z3) = (%s: %s: %s)\n", BN_bn2str(X3), BN_bn2str(Y3), BN_bn2str(Z3)); - return; -} - -void ec_point_multiply(ec_point_t __LD__ *R, const ec_point_t __AFFINE__ *P, const BIGNUM* K){ - const int t = 163; - int i; - int b; - ec_point_t Q; - debug("1. Q = infinity\n"); - ec_point_init(&Q); - BN_set_word(Q.X, 1); - BN_set_word(Q.Y, 0); - BN_set_word(Q.Z, 0); - - debug("2. for i from t - 1 downto 0 do\n"); - for(i = t - 1; i >= 0; i--){ - b = BN_is_bit_set(K, i); - if(b){ - // printf("k_%d = %d\n", i, b); - } - debug("2.1 Q = 2Q\n"); - ec_point_double(R, &Q); - ec_point_copy(&Q, R); - - debug("2.2 if ki = 1 then Q = Q + P\n"); - if(b == 1){ - ec_point_add(R, &Q, P); - ec_point_copy(&Q, R); - } - } - - debug("3. return Q\n"); - ec_point_copy(R, &Q); -} - -int testFieldArithmetic(){ - mm_256 ma, mb, mr; - char* pa, *pb, *pr; - BIGNUM* ta = BN_new(); - BIGNUM* tb = BN_new(); - BIGNUM* tr = BN_new(); - - int passed = 0; - int failed = 0; - printf("test arithmetic operations on gf2m:\n"); - - assert(BN_rand_range(ta, n)); - assert(BN_rand_range(tb, n)); - - // addition - BN_GF2m_add(tr, ta, tb); - pa = BN_bn2hex(ta); - pb = BN_bn2hex(tb); - pr = BN_bn2hex(tr); - printf("0x%s + 0x%s = 0x%s ... ", pa, pb, pr); - OPENSSL_free(pa); - OPENSSL_free(pb); - OPENSSL_free(pr); - - bn_to_mm256(ta, &ma); - bn_to_mm256(tb, &mb); - gf2_add(&ma, &mb, &mr); - if(cmp_mm_256_with_bn(&mr, tr) == 0){ - passed ++; - printf("passed!\n"); - } else { - failed ++; - mm256_to_bn(&mr, tr); - pr = BN_bn2hex(tr); - printf("failed! got %s\n", pr); - OPENSSL_free(pr); - } - - // multiplication - BN_GF2m_mod_mul(tr, ta, tb, p, ctx); - pa = BN_bn2hex(ta); - pb = BN_bn2hex(tb); - pr = BN_bn2hex(tr); - printf("0x%s * 0x%s = 0x%s ... ", pa, pb, pr); - OPENSSL_free(pa); - OPENSSL_free(pb); - OPENSSL_free(pr); - - bn_to_mm256(ta, &ma); - bn_to_mm256(tb, &mb); - gf2_mod_mul(&ma, &mb, &mr); - if(cmp_mm_256_with_bn(&mr, tr) == 0){ - passed ++; - printf("passed!\n"); - } else { - failed ++; - mm256_to_bn(&mr, tr); - pr = BN_bn2hex(tr); - printf("failed! got 0x%s\n", pr); - OPENSSL_free(pr); - } - - // square mod - - BN_GF2m_mod_sqr(tr, ta, p, ctx); - pa = BN_bn2hex(ta); - pr = BN_bn2hex(tr); - printf("0x%s ^ 2 = 0x%s ... ", pa, pr); - OPENSSL_free(pa); - OPENSSL_free(pr); - - bn_to_mm256(ta, &ma); - gf2_mod_sqr(&ma, &mr); - if(cmp_mm_256_with_bn(&mr, tr) == 0){ - passed ++; - printf("passed!\n"); - } else { - failed ++; - mm256_to_bn(&mr, tr); - pr = BN_bn2hex(tr); - printf("failed! got 0x%s\n", pr); - OPENSSL_free(pr); - } - - mm_256 mrt; - gf2_sqr(&ma, &mr, &mrt); - mm256_to_bn(&mr, tr); - pr = BN_bn2hex(tr); - mm256_to_bn(&mrt, ta); - pa = BN_bn2hex(ta); - printf("sqr: (%s, %s)\n", pa, pr); - OPENSSL_free(pr); - OPENSSL_free(pa); - - /* ma.iv[0] = 1; */ - /* ma.iv[1] = 2; */ - /* ma.iv[2] = 3; */ - /* mb.iv[0] = 1; */ - /* mb.iv[1] = 1; */ - /* mb.iv[2] = 1; */ - - /* gf2_mul(&ma, &mb, &mr, &mrt); */ - /* mm256_to_bn(&mr, tr); */ - /* pr = BN_bn2hex(tr); */ - /* mm256_to_bn(&mrt, ta); */ - /* pa = BN_bn2hex(ta); */ - /* printf("mul: (%s, %s)\n", pa, pr); */ - /* OPENSSL_free(pr); */ - /* OPENSSL_free(pa); */ - - bn_to_mm256(ta, &ma); - gf2m_inv_asm(&ma, &mr); - mm256_to_bn(&mr, tr); - pa = BN_bn2hex(ta); - pr = BN_bn2hex(tr); - printf("inv: %s, %s\n", pa, pr); - OPENSSL_free(pr); - OPENSSL_free(pa); - - bn_to_mm256(ta, &ma); - gf2m_inv(&ma, &mr); - mm256_to_bn(&mr, tr); - pa = BN_bn2hex(ta); - pr = BN_bn2hex(tr); - printf("inv: %s, %s\n", pa, pr); - OPENSSL_free(pr); - OPENSSL_free(pa); - - mb = mr; - gf2_mod_mul(&ma, &mb, &mr); - mm256_to_bn(&ma, ta); - mm256_to_bn(&mb, tb); - mm256_to_bn(&mr, tr); - pa = BN_bn2hex(ta); - pb = BN_bn2hex(tb); - pr = BN_bn2hex(tr); - printf("0x%s * 0x%s = 0x%s ... ", pa, pb, pr); - OPENSSL_free(pa); - OPENSSL_free(pb); - OPENSSL_free(pr); - - - // summary - printf("%d/%d test(s) passed.\n", passed, (passed + failed)); - - return failed; -} - -int testAES(){ - const int sz_buf = 1024; - const int sz_ymm_group = 512; - int passed = 0, failed = 0; - uint8_t key[SIZE_AES_KEY_256] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31}; - uint8_t pt[SIZE_AES_BLOCK] = {'T', 'h', 'i', 's', ' ', 'i', 's', ' ', 'a', ' ', 't', 'e', 's', 't', '!', 0x0}; - uint8_t ct[SIZE_AES_BLOCK]; - AES_KEY ssl_key; - uint8_t ssl_ct[sz_buf]; - uint8_t buf1[sz_buf], buf2[sz_buf]; - int i; - - // aes 128 - printf("AES128:\n"); - printf("plaintext: "); - printHex(pt, SIZE_AES_BLOCK); - printf("\n"); - // openssl - assert(AES_set_encrypt_key(key, 128, &ssl_key) == 0); - AES_encrypt(pt, ssl_ct, &ssl_key); - printf("ciphertext by openssl: "); - printHex(ssl_ct, SIZE_AES_BLOCK); - printf("\n"); - - // tight aes - memcpy(ct, pt, SIZE_AES_BLOCK); - tight_aes_128_set_key(key); - tight_aes_128_enc(ct); - printf("ciphertext by tight aes 128: "); - printHex(ct, SIZE_AES_BLOCK); - printf("\n"); - - if(memcmp(ssl_ct, ct, SIZE_AES_BLOCK) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - } - - // decrypt by tight aes - tight_aes_128_set_key(key); - //tight_aes_enc(ct); - tight_aes_128_dec(ct); - printf("plain by tight aes 128: "); - printHex(ct, SIZE_AES_BLOCK); - printf("\n"); - - if(memcmp(pt, ct, SIZE_AES_BLOCK) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - } - - // aes 256 - printf("AES256:\n"); - printf("plaintext: "); - printHex(pt, SIZE_AES_BLOCK); - printf("\n"); - // openssl - assert(AES_set_encrypt_key(key, 256, &ssl_key) == 0); - AES_encrypt(pt, ssl_ct, &ssl_key); - printf("ciphertext by openssl: "); - printHex(ssl_ct, SIZE_AES_BLOCK); - printf("\n"); - - // tight aes - memcpy(ct, pt, SIZE_AES_BLOCK); - tight_aes_256_set_key(key); - tight_aes_256_enc(ct); - printf("ciphertext by tight aes 256: "); - printHex(ct, SIZE_AES_BLOCK); - printf("\n"); - - if(memcmp(ssl_ct, ct, SIZE_AES_BLOCK) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - } - - // decrypt by tight aes - tight_aes_256_set_key(key); - //memcpy(ct, pt, sizeof(pt)); - //tight_aes_enc(ct); - tight_aes_256_dec(ct); - printf("plaintext by tight aes 256: "); - printHex(ct, SIZE_AES_BLOCK); - printf("\n"); - - if(memcmp(pt, ct, SIZE_AES_BLOCK) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - } - - // test encrypt ymm group - printf("encrypt ymm group:\n"); - memset(buf1, 0, sz_buf); - memset(buf2, 0, sz_buf); - memset(ssl_ct, 0, sz_buf); - for(i = 0; i < sz_ymm_group; i++) - buf1[i] = rand() & 0xff; - tight_aes_256_set_key(key); - load_ymm_group(buf1); - aes_256_enc_ymm_group(buf2); - printf("plaintext in ymm group:\n"); - for(i = 0; i < 16; i++){ - printHex(buf1 + i * 32, 32); - printf("\n"); - } - for(i = 0; i < 32; i++){ - AES_encrypt(buf1 + i * 16, ssl_ct + i * 16, &ssl_key); - } - if(memcmp(ssl_ct, buf2, sz_ymm_group) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - for(i = 0; i < 16; i++){ - printf("ymm%d\n", i); - printHex(buf2 + i * 32, 32); - printf("\n"); - printHex(ssl_ct + i * 32, 32); - printf("\n"); - } - } - - // test decrypt ymm group - printf("decrypt ymm group:\n"); - tight_aes_256_set_key(key); - aes_256_dec_ymm_group(ssl_ct); - save_ymm_group(buf2); - if(memcmp(buf1, buf2, sz_ymm_group) == 0){ - passed++; - printf("passed!\n"); - } else { - failed++; - printf("failed!\n"); - for(i = 0; i < 16; i++){ - printf("ymm%d\n", i); - printHex(buf1 + i * 32, 32); - printf("\n"); - printHex(buf2 + i * 32, 32); - printf("\n"); - } - } - - printf("%d/%d test(s) passed.\n", passed, (passed + failed)); - - return failed; -} - -struct ec_method_st { - /* Various method flags */ - int flags; - /* used by EC_METHOD_get_field_type: */ - int field_type; /* a NID */ - - /* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */ - int (*group_init)(EC_GROUP *); - void (*group_finish)(EC_GROUP *); - void (*group_clear_finish)(EC_GROUP *); - int (*group_copy)(EC_GROUP *, const EC_GROUP *); - - /* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */ - /* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */ - int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *); - int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *); - - /* used by EC_GROUP_get_degree: */ - int (*group_get_degree)(const EC_GROUP *); - - /* used by EC_GROUP_check: */ - int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *); -/* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */ - int (*point_init)(EC_POINT *); - void (*point_finish)(EC_POINT *); - void (*point_clear_finish)(EC_POINT *); - int (*point_copy)(EC_POINT *, const EC_POINT *); - - /* used by EC_POINT_set_to_infinity, - * EC_POINT_set_Jprojective_coordinates_GFp, - * EC_POINT_get_Jprojective_coordinates_GFp, - * EC_POINT_set_affine_coordinates_GFp, ..._GF2m, - * EC_POINT_get_affine_coordinates_GFp, ..._GF2m, - * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m: - */ - int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *); - int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *); - int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *); - int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, BN_CTX *); - int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BN_CTX *); - int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, int y_bit, BN_CTX *); - - /* used by EC_POINT_point2oct, EC_POINT_oct2point: */ -size_t (*point2oct)(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form, - unsigned char *buf, size_t len, BN_CTX *); - int (*oct2point)(const EC_GROUP *, EC_POINT *, - const unsigned char *buf, size_t len, BN_CTX *); - - /* used by EC_POINT_add, EC_POINT_dbl, ECP_POINT_invert: */ - int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *); - int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); - int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *); - - /* used by EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp: */ - int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *); - int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *); - int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); - - /* used by EC_POINT_make_affine, EC_POINTs_make_affine: */ - int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *); - int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); - - /* used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult, EC_POINT_have_precompute_mult - * (default implementations are used if the 'mul' pointer is 0): */ - int (*mul)(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, - size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *); - int (*precompute_mult)(EC_GROUP *group, BN_CTX *); - int (*have_precompute_mult)(const EC_GROUP *group); - - - /* internal functions */ - - /* 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and 'dbl' so that - * the same implementations of point operations can be used with different - * optimized implementations of expensive field operations: */ - int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); - int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); - int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); - - int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */ - int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */ - int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *); -} /* EC_METHOD */; - -typedef struct ec_extra_data_st { - struct ec_extra_data_st *next; - void *data; - void *(*dup_func)(void *); - void (*free_func)(void *); - void (*clear_free_func)(void *); -} EC_EXTRA_DATA; /* used in EC_GROUP */ - -struct ec_group_st { - const EC_METHOD *meth; - - EC_POINT *generator; /* optional */ - BIGNUM order, cofactor; - - int curve_name;/* optional NID for named curve */ - int asn1_flag; /* flag to control the asn1 encoding */ - point_conversion_form_t asn1_form; - - unsigned char *seed; /* optional seed for parameters (appears in ASN1) */ - size_t seed_len; - - EC_EXTRA_DATA *extra_data; /* linked list */ - - /* The following members are handled by the method functions, - * even if they appear generic */ - - BIGNUM field; /* Field specification. - * For curves over GF(p), this is the modulus; - * for curves over GF(2^m), this is the - * irreducible polynomial defining the field. - */ - - int poly[6]; /* Field specification for curves over GF(2^m). - * The irreducible f(t) is then of the form: - * t^poly[0] + t^poly[1] + ... + t^poly[k] - * where m = poly[0] > poly[1] > ... > poly[k] = 0. - * The array is terminated with poly[k+1]=-1. - * All elliptic curve irreducibles have at most 5 - * non-zero terms. - */ - BIGNUM a, b; /* Curve coefficients. - * (Here the assumption is that BIGNUMs can be used - * or abused for all kinds of fields, not just GF(p).) - * For characteristic > 3, the curve is defined - * by a Weierstrass equation of the form - * y^2 = x^3 + a*x + b. - * For characteristic 2, the curve is defined by - * an equation of the form - * y^2 + x*y = x^3 + a*x^2 + b. - */ - - int a_is_minus3; /* enable optimized point arithmetics for special case */ - - void *field_data1; /* method-specific (e.g., Montgomery structure) */ - void *field_data2; /* method-specific */ - int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */ -} /* EC_GROUP */; - -static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx) - { - BIGNUM *t1; - int ret = 0; - - /* Since Mdouble is static we can guarantee that ctx != NULL. */ - BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - if (t1 == NULL) goto err; - - if (!group->meth->field_sqr(group, x, x, ctx)) goto err; - if (!group->meth->field_sqr(group, t1, z, ctx)) goto err; - if (!group->meth->field_mul(group, z, x, t1, ctx)) goto err; - if (!group->meth->field_sqr(group, x, x, ctx)) goto err; - if (!group->meth->field_sqr(group, t1, t1, ctx)) goto err; - if (!group->meth->field_mul(group, t1, &group->b, t1, ctx)) goto err; - if (!BN_GF2m_add(x, x, t1)) goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - return ret; - } - -static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1, - const BIGNUM *x2, const BIGNUM *z2, BN_CTX *ctx) - { - BIGNUM *t1, *t2; - int ret = 0; - - /* Since Madd is static we can guarantee that ctx != NULL. */ - BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t2 == NULL) goto err; - - if (!BN_copy(t1, x)) goto err; - if (!group->meth->field_mul(group, x1, x1, z2, ctx)) goto err; - if (!group->meth->field_mul(group, z1, z1, x2, ctx)) goto err; - if (!group->meth->field_mul(group, t2, x1, z1, ctx)) goto err; - if (!BN_GF2m_add(z1, z1, x1)) goto err; - if (!group->meth->field_sqr(group, z1, z1, ctx)) goto err; - if (!group->meth->field_mul(group, x1, z1, t1, ctx)) goto err; - if (!BN_GF2m_add(x1, x1, t2)) goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - return ret; - } - -int benchmark_EC2() { - const int cntTest = 1000; - - int i; - struct timeval ts, te; - long td; - - BIGNUM* bnsrc1[cntTest]; - BIGNUM* bnsrc2[cntTest]; - BIGNUM* bndst; - mm_256 mmsrc1[cntTest]; - mm_256 mmsrc2[cntTest]; - mm_256 mmdst; - - ec_point_t epsrc[cntTest], epdst; - BIGNUM *bnk[cntTest]; - mm256_point_t mpsrc[cntTest], mpdst; - mm_256 mk[cntTest]; - - int r; - int nid; - - EC_KEY *key; - const BIGNUM* rkey; - const EC_GROUP* group; - const EC_POINT* ukey; - const EC_POINT* G; - EC_POINT* br; - - ctx = BN_CTX_new(); - - nid = OBJ_sn2nid(SN_sect163k1); - - // generate the key - key = EC_KEY_new_by_curve_name(nid); - assert(key != NULL); - r = EC_KEY_generate_key(key); - assert(r == 1); - - group = EC_KEY_get0_group(key); - // get generator - G = EC_GROUP_get0_generator(group); - // get private key - rkey = EC_KEY_get0_private_key(key); - ukey = EC_KEY_get0_public_key(key); - br = EC_POINT_new(group); - - // 1. generate $cntTest test cases - bndst = BN_new(); - ec_point_init(&epdst); - for(i = 0; i < cntTest; i++){ - bnsrc1[i] = BN_new(); - bnsrc2[i] = BN_new(); - assert(BN_rand_range(bnsrc1[i], n)); - assert(BN_rand_range(bnsrc2[i], n)); - bn_to_mm256(bnsrc1[i], &mmsrc1[i]); - bn_to_mm256(bnsrc2[i], &mmsrc2[i]); - - bnk[i] = BN_new(); - ec_point_init(&epsrc[i]); - assert(BN_rand_range(epsrc[i].X, n)); - assert(BN_rand_range(epsrc[i].Y, n)); - assert(BN_rand_range(epsrc[i].Z, n)); - assert(BN_rand_range(bnk[i], n)); - - bn_point_to_mm_point(&epsrc[i], mpsrc + i); - bn_to_mm256(bnk[i], mk + i); - } - // do addition / multiplication / square for $cntTest times - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - BN_GF2m_add(bndst, bnsrc1[i], bnsrc2[i]); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("bignum addition: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_add(&mmsrc1[i], &mmsrc2[i], &mmdst); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure addition: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - BN_GF2m_mod_mul_arr(bndst, bnsrc1[i], bnsrc2[i], group->poly, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("bignum multiplication: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_mod_mul(&mmsrc1[i], &mmsrc2[i], &mmdst); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure multiplication: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - mm_256 mmt; - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_mul(&mmsrc1[i], &mmsrc2[i], &mmdst, &mmt); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure multiplication only: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - BN_GF2m_mod_sqr_arr(bndst, bnsrc1[i], group->poly, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("bignum square: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_mod_sqr(&mmsrc1[i], &mmdst); - //gf2_sqr(&mmsrc1[i], &mmdst, &t); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure squre: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - BN_GF2m_mod_inv(bndst, bnsrc1[i], p, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("bignum inv: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2m_inv(&mmsrc1[i], &mmdst); - /* gf2_mod_sqr(&mmsrc1[i], &mmdst); */ - //gf2_sqr(&mmsrc1[i], &mmdst, &t); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure inv: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2m_inv_asm(&mmsrc1[i], &mmdst); - /* gf2_mod_sqr(&mmsrc1[i], &mmdst); */ - //gf2_sqr(&mmsrc1[i], &mmdst, &t); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure inv asm: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - BIGNUM* x1, *z1, * x2, *z2; - x1 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - x2 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - - BN_rand(x1, EC_GROUP_get_degree(group), 0, 1); - BN_rand(z1, EC_GROUP_get_degree(group), 0, 1); - BN_rand(x2, EC_GROUP_get_degree(group), 0, 1); - BN_rand(z2, EC_GROUP_get_degree(group), 0, 1); - - gettimeofday(&ts, NULL); - // openssl point multiplication - for(i = 0; i < cntTest; i++){ - gf2m_Mdouble(group, x1, z1, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("openssl mont point dbl: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - // openssl point multiplication - for(i = 0; i < cntTest; i++){ - gf2m_Madd(group, rkey, x1, z1, x2, z2, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("openssl mont point add: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - // openssl point multiplication - for(i = 0; i < cntTest; i++){ - EC_POINT_add(group, br, G, ukey, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("openssl point add: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_point_add(mpsrc + i, mpsrc + (i + 1) % cntTest, &mpdst, 1, 1); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure point addition: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - // openssl point multiplication - for(i = 0; i < cntTest; i++){ - EC_POINT_dbl(group, br, G, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("openssl point doubling: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_point_dbl(mpsrc + i, &mpdst, 1, 1); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure point doubling: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - - gettimeofday(&ts, NULL); - // openssl point multiplication - for(i = 0; i < cntTest; i++){ - EC_POINT_mul(group, br, NULL, G, rkey, ctx); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("openssl point mul: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - - gettimeofday(&ts, NULL); - for(i = 0; i < cntTest; i++){ - gf2_point_mul(mpsrc + i, mk + i, &mpdst, 1, 1); - //gf2_point_dbl(mp + i, mr + i, 1, 1); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("secure point multiplication: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - - - ec2m_kern_init(); - ec2m_import_key(&mk[0]); - - gettimeofday(&ts, NULL); - - for(i = 0; i < cntTest; i++){ - ec2m_private_operation(mpsrc + i, &mpdst); - } - gettimeofday(&te, NULL); - td = cntUS * (te.tv_sec - ts.tv_sec) + (te.tv_usec - ts.tv_usec); - printf("kernel point multiplication: "); - printf("%d cases, %lfs used, %lfus for each cases\n", cntTest, (double)td / cntUS, (double)td / cntTest); - ec2m_kern_clean(); - - return 0; -} - -int testPointArithmetic(){ - int passed = 0, failed = 0; - BIGNUM* K; - - ec_point_t P, Q, R, T; - mm256_point_t mp, mq, mr; - mm_256 mk; - domain_parameters_print(); - - ec_point_init(&P); - ec_point_init(&Q); - ec_point_init(&R); - ec_point_init(&T); - - // point double - // special cases - // P = infinity - BN_set_word(P.X, 1); - bn_point_to_mm_point(&P, &mp); - ec_point_double(&R, &P); - gf2_point_dbl(&mp, &mr, 1, 1); - - print_bn_point(&P); - printf(" * 2 = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // a general case - ec_point_set_affine_xy(&P, x, y); - //BN_rand_range(P.Z, n); - bn_point_to_mm_point(&P, &mp); - - ec_point_double(&R, &P); - - gf2_point_dbl(&mp, &mr, 1, 1); - - print_bn_point(&P); - printf(" * 2 = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - // double again - ec_point_copy(&P, &R); - bn_point_to_mm_point(&P, &mp); - - ec_point_double(&R, &P); - - gf2_point_dbl(&mp, &mr, 1, 1); - - print_bn_point(&P); - printf(" * 2 = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // point add - - ec_point_copy(&T, &R); - // special cases - // P = infinity - BN_set_word(P.X, 1); - BN_set_word(P.Y, 0); - BN_set_word(P.Z, 0); - ec_point_copy(&Q, &T); - BN_set_word(Q.Z, 1); - bn_point_to_mm_point(&P, &mp); - bn_point_to_mm_point(&Q, &mq); - ec_point_add(&R, &P, &Q); - gf2_point_add(&mp, &mq, &mr, 1, 1); - - print_bn_point(&P); - printf(" + "); - print_bn_point(&Q); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // a general case - ec_point_copy(&P, &T); - ec_point_set_affine_xy(&Q, x, y); - bn_point_to_mm_point(&P, &mp); - bn_point_to_mm_point(&Q, &mq); - ec_point_add(&R, &P, &Q); - gf2_point_add(&mp, &mq, &mr, BN_get_word(a), BN_get_word(b)); - - print_bn_point(&P); - printf(" + "); - print_affine_bn_point(&Q); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // point multiply - ec_point_set_affine_xy(&P, x, y); - bn_point_to_mm_point(&P, &mp); - K = BN_new(); - BN_rand_range(K, n); - bn_to_mm256(K, &mk); - - ec_point_multiply(&R, &P, K); - - gf2_point_mul(&mp, &mk, &mr, BN_get_word(a), BN_get_word(b)); - - print_bn_point(&P); - printf(" * "); - printf("%s", BN_bn2str(K)); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // point multiply with key preset - __asm__ __volatile__ ("vmovdqu %0, %%ymm15" : : "m"(mk)); - gf2_point_mul_with_preset_key(&mp, &mr, BN_get_word(a), BN_get_word(b)); - - print_bn_point(&P); - printf(" * "); - printf("%s", BN_bn2str(K)); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - ec2m_kern_init(); - - ec2m_import_key(&mk); - ec2m_private_operation(&mp, &mr); - print_bn_point(&P); - printf(" * "); - printf("%s", BN_bn2str(K)); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - ec2m_kern_clean(); - - printf("%d/%d test(s) passed.\n", passed, (passed + failed)); - - return failed; -} - -int testKernelEc2m() { - int r; - int rid; - ec_point_t P, R; - mm256_point_t mp, mr; - BIGNUM* tk = BN_new(); - mm_256 mk; - BN_rand_range(tk, n); - bn_to_mm256(tk, &mk); - - ec_point_init(&P); - ec_point_init(&R); - ec_point_set_affine_xy(&P, x, y); - bn_point_to_mm_point(&P, &mp); - - printf("alloc ec2m resource... "); - rid = sys_ec2m_alloc(); - printf(" got %d\n", rid); - if(rid < 0) - return 1; - - r = sys_ec2m_setkey(rid, &mk, BN_get_word(a), BN_get_word(b)); - printf("setkey: %d\n", r); - - printf("encrypt: %d\n", r); - // point multiply - ec_point_set_affine_xy(&P, x, y); - ec_point_multiply(&R, &P, tk); - - sys_ec2m_encrypt(rid, &mp, &mr); - - print_bn_point(&P); - printf(" * "); - printf("%s", BN_bn2str(tk)); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - printf(" ... passed!\n"); - } else { - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - r = sys_ec2m_free(rid); - printf("free: %d\n", r); - return 0; -} - -int testMisc(){ - int passed = 0, failed = 0; - BIGNUM* K; - - ec_point_t P, Q, R, T; - mm256_point_t mp, mr; - mm_256 mk; - domain_parameters_print(); - - ec_point_init(&P); - ec_point_init(&Q); - ec_point_init(&R); - ec_point_init(&T); - - /* - // point double - // a general case - ec_point_set_affine_xy(&P, x, y); - BN_rand_range(P.Z, n); - BN_set_word(P.Z, 4); - bn_point_to_mm_point(&P, &mp); - - ec_point_double(&R, &P); - - gf2_point_dbl(&mp, &mr, 1, 1); - - print_bn_point(&P); - printf(" * 2 = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - // point add - ec_point_copy(&T, &R); - // special cases - // P = infinity - BN_set_word(P.X, 1); - BN_set_word(P.Y, 0); - BN_set_word(P.Z, 0); - ec_point_copy(&Q, &T); - BN_set_word(Q.Z, 1); - bn_point_to_mm_point(&P, &mp); - bn_point_to_mm_point(&Q, &mq); - ec_point_add(&R, &P, &Q); - gf2_point_add(&mp, &mq, &mr, 1, 1); - - print_bn_point(&P); - printf(" + "); - print_bn_point(&Q); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - */ - - // point multiply - ec_point_set_affine_xy(&P, x, y); - bn_point_to_mm_point(&P, &mp); - K = BN_new(); - BN_rand_range(K, n); - //K->d[0] = 3; - //K->d[2] = 2; - bn_to_mm256(K, &mk); - - ec_point_multiply(&R, &P, K); - - gf2_point_mul(&mp, &mk, &mr, BN_get_word(a), BN_get_word(b)); - - print_bn_point(&P); - printf(" * "); - printf("%s", BN_bn2str(K)); - printf(" = "); - print_bn_point(&R); - if(cmp_mm_point_with_bn_point(&mr, &R) == 0){ - passed++; - printf(" ... passed!\n"); - } else { - failed++; - printf(" ... failed! got "); - print_mm_point(&mr); - printf("\n"); - } - - return failed; -} - -int benchmark_cycles(){ - mm_256 ma, mb, mr; - const int cases = 1000; - unsigned long hi_s, lo_s, hi_e, lo_e, s, e; - unsigned long td[cases]; - unsigned long t_base, t_min, t_sum, t_avg; - int i; - const char* item; - - // calculate the bases - for(i = 0; i < cases; i++){ - rdtsc_begin(hi_s, lo_s); - rdtsc_end(hi_e, lo_e); - s = (hi_s << 32) | lo_s; - e = (hi_e << 32) | lo_e; - td[i] = e - s; - } - - item = "base"; - t_min = td[0]; - t_sum = 0; - for(i = 0; i < cases; i++){ - if(t_min > td[i]){ - t_min = td[i]; - } - t_sum += td[i]; - } - t_avg = t_sum / cases; - t_base = t_min; -#ifdef KERN - printk(KERN_INFO"base: %lu\n", t_min); -#else - printf("%s: %lu, %lu, %lu\n", item, t_min, t_sum, t_avg); -#endif - - gf2_add(&ma, &mb, &mr); - for(i = 0; i < cases; i++){ - rdtsc_begin(hi_s, lo_s); - gf2_add(&ma, &mb, &mr); - rdtsc_end(hi_e, lo_e); - s = (hi_s << 32) | lo_s; - e = (hi_e << 32) | lo_e; - td[i] = e - s; - } - - item = "add"; - t_sum = 0; - t_min = td[0]; - for(i = 0; i < cases; i++){ - if(t_min > td[i]){ - t_min = td[i]; - } - t_sum += td[i]; - } - t_avg = t_sum / cases; -#ifdef KERN - printk(KERN_INFO "add: %lu, %lu\n", t_min, t_min - t_base); -#else - printf("%s: %lu, %lu, %lu, %lu\n", item, t_min, t_min - t_base, t_sum, t_avg); -#endif - - for(i = 0; i < cases; i++){ - rdtsc_begin(hi_s, lo_s); - gf2_mod_mul(&ma, &mb, &mr); - rdtsc_end(hi_e, lo_e); - s = (hi_s << 32) | lo_s; - e = (hi_e << 32) | lo_e; - td[i] = e - s; - } - - item = "mul"; - t_sum = 0; - t_min = td[0]; - for(i = 0; i < cases; i++){ - if(t_min > td[i]){ - t_min = td[i]; - } - t_sum += td[i]; - } - t_avg = t_sum / cases; -#ifdef KERN - printk(KERN_INFO "add: %lu, %lu\n", t_min, t_min - t_base); -#else - printf("%s: %lu, %lu, %lu, %lu\n", item, t_min, t_min - t_base, t_sum, t_avg); -#endif - - for(i = 0; i < cases; i++){ - rdtsc_begin(hi_s, lo_s); - gf2_mod_sqr(&ma, &mr); - rdtsc_end(hi_e, lo_e); - s = (hi_s << 32) | lo_s; - e = (hi_e << 32) | lo_e; - td[i] = e - s; - } - item = "sqr"; - t_sum = 0; - t_min = td[0]; - for(i = 0; i < cases; i++){ - if(t_min > td[i]){ - t_min = td[i]; - } - t_sum += td[i]; - } - t_avg = t_sum / cases; -#ifdef KERN - printk(KERN_INFO "add: %lu, %lu\n", t_min, t_min - t_base); -#else - printf("%s: %lu, %lu, %lu, %lu\n", item, t_min, t_min - t_base, t_sum, t_avg); -#endif - return 0; -} diff --git a/engines/zeromem/test.h b/engines/zeromem/test.h deleted file mode 100755 index 373f5cf0..00000000 --- a/engines/zeromem/test.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef _TEST_H_ -#define _TEST_H_ - - -extern int initDomainParameters(int argc, char** argv); -extern int testFieldArithmetic(); -extern int testPointArithmetic(); -extern int testAES(); -extern int testKernelEc2m(); -extern int testMisc(); -extern int testEC2M(); -extern int benchmark_cycles(); - -extern int benchmark_EC2(); - - -#endif diff --git a/engines/zeromem/util.c b/engines/zeromem/util.c deleted file mode 100755 index 7bc5098d..00000000 --- a/engines/zeromem/util.c +++ /dev/null @@ -1,215 +0,0 @@ -#include -#include -#include -#include -#include -#include "util.h" - -unsigned int sqr_table[1 << 16]; - -void print_mm_256(mm_256* m){ - /* printf("(%lu, %lu, %lu, %lu)", m->iv[3], m->iv[2], m->iv[1], m->iv[0]); */ - BIGNUM *bn = BN_new(); - mm256_to_bn(m, bn); - printf("%s", BN_bn2hex(bn)); -} - -void init_sqr_table(){ - unsigned int i, j; - unsigned int t; - unsigned int n; - for(i = 0; i < sizeof(sqr_table) / sizeof(sqr_table[0]); i++){ - t = 0; - j = i; - n = 16; - while(n-- > 0){ - t = t << 2; - t |= ((j >> n) & 0x1); - } - sqr_table[i] = t; - } -} - -void ec_point_init(ec_point_t *P) { - P->X = BN_new(); - P->Y = BN_new(); - P->Z = BN_new(); -} - -void ec_point_free(ec_point_t *P){ - OPENSSL_free(P->X); - OPENSSL_free(P->Y); - OPENSSL_free(P->Z); -} - -void bn_to_mm256(const BIGNUM* bn, mm_256* m){ - memset(m, 0, sizeof(mm_256)); - assert(bn->top <= 4); - int i; - - for(i = 0; i < bn->top; i++){ - m->iv[i] = bn->d[i]; - } -} - -void mm256_to_bn(const mm_256* m, BIGNUM* bn){ - BN_zero(bn); - int i = 4; - while(i-- > 0){ - BN_lshift(bn, bn, 64); - BN_add_word(bn, m->iv[i]); - } -} - -void bn_point_to_mm_point(const ec_point_t* src, mm256_point_t* dst){ - bn_to_mm256(src->X, &dst->x); - bn_to_mm256(src->Y, &dst->y); - bn_to_mm256(src->Z, &dst->z); -} - -void EC_POINT_to_mm_point(const ec_point_st* src, mm256_point_t* dst) -{ - bn_to_mm256(&src->X, &dst->x); - bn_to_mm256(&src->Y, &dst->y); - bn_to_mm256(&src->Z, &dst->z); -} - -void mm_point_to_EC_POINT(const mm256_point_t* src, ec_point_st* dst) -{ - mm256_to_bn(&(src->x), &dst->X); - mm256_to_bn(&(src->y), &dst->Y); - mm256_to_bn(&(src->z), &dst->Z); -} - -void mm_point_to_bn_point(const mm256_point_t* src, ec_point_t* dst){ - mm256_to_bn(&(src->x), dst->X); - mm256_to_bn(&(src->y), dst->Y); - mm256_to_bn(&(src->z), dst->Z); -} - -int cmp_mm_256_with_bn(mm_256* a, BIGNUM* bn){ - mm_256 b; - bn_to_mm256(bn, &b); - return memcmp(a, &b, sizeof(mm_256)); -} - -int cmp_mm_point_with_bn_point(mm256_point_t* a, ec_point_t* b){ - mm256_point_t t; - bn_point_to_mm_point(b, &t); - return memcmp(a, &t, sizeof(mm256_point_t)); -} - -void print_bn_point(ec_point_t* p){ - char *px, *py, *pz; - px = BN_bn2str(p->X); - py = BN_bn2str(p->Y); - pz = BN_bn2str(p->Z); - printf("(%s: %s: %s)", px, py, pz); - OPENSSL_free(px); - OPENSSL_free(py); - OPENSSL_free(pz); -} - -void print_EC_POINT(ec_point_st*p) -{ - char *px, *py, *pz; - - if(p->X.d) - px = BN_bn2str(&p->X); - else - px = ""; - if(p->Y.d) - py = BN_bn2str(&p->Y); - else - py = ""; - if(p->Z.d) - pz = BN_bn2str(&p->Z); - else - pz = ""; - - printf("(%s: %s: %s)", px, py, pz); - - if(p->X.d) - OPENSSL_free(px); - if(p->Y.d) - OPENSSL_free(py); - if(p->Z.d) - OPENSSL_free(pz); -} - -void print_mm_point(mm256_point_t* p){ - ec_point_t t; - ec_point_init(&t); - mm_point_to_bn_point(p, &t); - print_bn_point(&t); - ec_point_free(&t); -} - -void print_affine_bn_point(ec_point_t* p){ - char *px, *py; - px = BN_bn2str(p->X); - py = BN_bn2str(p->Y); - printf("(%s, %s)", px, py); - OPENSSL_free(px); - OPENSSL_free(py); -} - -void print_affine_mm_point(mm256_point_t* p){ - ec_point_t t; - ec_point_init(&t); - mm_point_to_bn_point(p, &t); - print_affine_bn_point(&t); - ec_point_free(&t); -} - -void printHex(uint8_t* str, uint32_t len){ - uint32_t i; - for(i = 0; i < len; i++){ - printf("%02x", str[i]); - } -} - -void save_ymm_group(uint8_t* buf){ - __asm__("vmovdqu %ymm0, (%rdi)\n\t" - "vmovdqu %ymm1, 32(%rdi)\n\t" - "vmovdqu %ymm2, 64(%rdi)\n\t" - "vmovdqu %ymm3, 96(%rdi)\n\t" - "vmovdqu %ymm4, 128(%rdi)\n\t" - "vmovdqu %ymm5, 160(%rdi)\n\t" - "vmovdqu %ymm6, 192(%rdi)\n\t" - "vmovdqu %ymm7, 224(%rdi)\n\t" - "vmovdqu %ymm8, 256(%rdi)\n\t" - "vmovdqu %ymm9, 288(%rdi)\n\t" - "vmovdqu %ymm10, 320(%rdi)\n\t" - "vmovdqu %ymm11, 352(%rdi)\n\t" - "vmovdqu %ymm12, 384(%rdi)\n\t" - "vmovdqu %ymm13, 416(%rdi)\n\t" - "vmovdqu %ymm14, 448(%rdi)\n\t" - "vmovdqu %ymm15, 480(%rdi)\n\t" - ); - __asm__("" ::: "memory"); -} - -void load_ymm_group(uint8_t* buf){ - __asm__("vmovdqu (%rdi), %ymm0\n\t" - "vmovdqu 32(%rdi), %ymm1\n\t" - "vmovdqu 64(%rdi), %ymm2\n\t" - "vmovdqu 96(%rdi), %ymm3\n\t" - "vmovdqu 128(%rdi), %ymm4\n\t" - "vmovdqu 160(%rdi), %ymm5\n\t" - "vmovdqu 192(%rdi), %ymm6\n\t" - "vmovdqu 224(%rdi), %ymm7\n\t" - "vmovdqu 256(%rdi), %ymm8\n\t" - "vmovdqu 288(%rdi), %ymm9\n\t" - "vmovdqu 320(%rdi), %ymm10\n\t" - "vmovdqu 352(%rdi), %ymm11\n\t" - "vmovdqu 384(%rdi), %ymm12\n\t" - "vmovdqu 416(%rdi), %ymm13\n\t" - "vmovdqu 448(%rdi), %ymm14\n\t" - "vmovdqu 480(%rdi), %ymm15\n\t" - ); - __asm__("" ::: "memory"); -} - -void dummy_print(const char* format, ...){ -} diff --git a/engines/zeromem/util.h b/engines/zeromem/util.h deleted file mode 100755 index a54b72eb..00000000 --- a/engines/zeromem/util.h +++ /dev/null @@ -1,82 +0,0 @@ -#ifndef _UTIL_H_ -#define _UTIL_H_ - -#include "ec.h" -#include - -//#define DEBUG - -//#define PRINT_DEC -#ifdef PRINT_DEC -#define BN_bn2str(bn) BN_bn2dec(bn) -#else -#define BN_bn2str(bn) BN_bn2hex(bn) -#endif - -extern void dummy_print(const char* format, ...); - -#ifdef DEBUG -#define debug printf -#else -#define debug dummy_print -#endif - -extern unsigned int sqr_table[1 << 16]; - -#define rdtsc_begin(hi, lo)\ - asm volatile ("CPUID\n\t"\ - "RDTSCP\n\t"\ - "movq %%rdx, %0\n\t"\ - "movq %%rax, %1\n\t" : "=r" (hi), "=r" (lo) :: "%rax", "%rbx", "%rcx", "%rdx"); - -#define rdtsc_end(hi, lo)\ - asm volatile ("RDTSCP\n\t"\ - "movq %%rdx, %0\n\t"\ - "movq %%rax, %1\n\t"\ - "CPUID\n\t" : "=r" (hi), "=r" (lo) :: "%rax", "%rbx", "%rcx", "%rdx"); - -typedef struct { - BIGNUM *X; - BIGNUM *Y; - BIGNUM *Z; -} ec_point_t; - -typedef struct{ - const struct EC_METHOD *meth; - - /* All members except 'meth' are handled by the method functions, - * even if they appear generic */ - - BIGNUM X; - BIGNUM Y; - BIGNUM Z; /* Jacobian projective coordinates: - * (X, Y, Z) represents (X/Z^2, Y/Z^3) if Z != 0 */ - int Z_is_one; /* enable optimized point arithmetics for special case */ -} ec_point_st /* EC_POINT */; - -extern void init_sqr_table(); -extern void bn_to_mm256(const BIGNUM* bn, mm_256 *m); -extern void mm256_to_bn(const mm_256 *m, BIGNUM* bn); -extern void bn_point_to_mm_point(const ec_point_t* src, mm256_point_t* dst); -extern void mm_point_to_bn_point(const mm256_point_t* src, ec_point_t* dst); -extern void EC_POINT_to_mm_point(const ec_point_st* src, mm256_point_t* dst); -extern void mm_point_to_EC_POINT(const mm256_point_t* src, ec_point_st* dst); - -extern void ec_point_init(ec_point_t *P); -extern void ec_point_free(ec_point_t *P); - -extern int cmp_mm_256_with_bn(mm_256* a, BIGNUM* bn); -extern int cmp_mm_point_with_bn_point(mm256_point_t* a, ec_point_t* b); - -extern void print_affine_bn_point(ec_point_t* p); -extern void print_affine_mm_point(mm256_point_t* p); -extern void print_bn_point(ec_point_t* p); -extern void print_mm_point(mm256_point_t* p); -extern void print_EC_POINT(ec_point_st* p); - -extern void printHex(uint8_t* str, uint32_t len); - -extern void save_ymm_group(uint8_t* buf); -extern void load_ymm_group(uint8_t* buf); - -#endif diff --git a/go/gmssl/certificate.go b/go/gmssl/certificate.go deleted file mode 100644 index b37f8053..00000000 --- a/go/gmssl/certificate.go +++ /dev/null @@ -1,20 +0,0 @@ -/* +build cgo */ -package gmssl - -/* -#include -#include -*/ -import "C" - -import ( - "errors" -) - -func GetAttributesFromCertificate(cert string) (map[string]string, error) { - return nil, errors.New("Not implemented") -} - -func GetPublicKeyFromCertificate(cert string) (*PublicKey, error) { - return nil, errors.New("Not implemented") -} diff --git a/go/gmssl/cipher.go b/go/gmssl/cipher.go index c137b2b1..8a93fc1a 100644 --- a/go/gmssl/cipher.go +++ b/go/gmssl/cipher.go @@ -13,8 +13,157 @@ import ( "unsafe" ) -func GetCiphers(aliases bool) []string { - return []string{"sms4-cbc", "aes-128-cbc", "aes-256-cbc"} +/* generated by `gmssl list -cipher-algorithms | sort -f | uniq -i` */ +func GetCipherNames() []string { + return []string{ + "AES-128-CBC", + "AES-128-CBC-HMAC-SHA1", + "AES-128-CBC-HMAC-SHA256", + "AES-128-CFB", + "AES-128-CFB1", + "AES-128-CFB8", + "AES-128-CTR", + "AES-128-ECB", + "AES-128-OCB", + "AES-128-OFB", + "AES-128-XTS", + "AES-192-CBC", + "AES-192-CFB", + "AES-192-CFB1", + "AES-192-CFB8", + "AES-192-CTR", + "AES-192-ECB", + "AES-192-OCB", + "AES-192-OFB", + "AES-256-CBC", + "AES-256-CBC-HMAC-SHA1", + "AES-256-CBC-HMAC-SHA256", + "AES-256-CFB", + "AES-256-CFB1", + "AES-256-CFB8", + "AES-256-CTR", + "AES-256-ECB", + "AES-256-OCB", + "AES-256-OFB", + "AES-256-XTS", + "AES128", + "aes128-wrap", + "AES192", + "aes192-wrap", + "AES256", + "aes256-wrap", + "BF", + "BF-CBC", + "BF-CFB", + "BF-ECB", + "BF-OFB", + "blowfish", + "CAMELLIA-128-CBC", + "CAMELLIA-128-CFB", + "CAMELLIA-128-CFB1", + "CAMELLIA-128-CFB8", + "CAMELLIA-128-CTR", + "CAMELLIA-128-ECB", + "CAMELLIA-128-OFB", + "CAMELLIA-192-CBC", + "CAMELLIA-192-CFB", + "CAMELLIA-192-CFB1", + "CAMELLIA-192-CFB8", + "CAMELLIA-192-CTR", + "CAMELLIA-192-ECB", + "CAMELLIA-192-OFB", + "CAMELLIA-256-CBC", + "CAMELLIA-256-CFB", + "CAMELLIA-256-CFB1", + "CAMELLIA-256-CFB8", + "CAMELLIA-256-CTR", + "CAMELLIA-256-ECB", + "CAMELLIA-256-OFB", + "CAMELLIA128", + "CAMELLIA192", + "CAMELLIA256", + "CAST", + "CAST-cbc", + "CAST5-CBC", + "CAST5-CFB", + "CAST5-ECB", + "CAST5-OFB", + "ChaCha20", + "ChaCha20-Poly1305", + "DES", + "DES-CBC", + "DES-CFB", + "DES-CFB1", + "DES-CFB8", + "DES-ECB", + "DES-EDE", + "DES-EDE-CBC", + "DES-EDE-CFB", + "DES-EDE-ECB", + "DES-EDE-OFB", + "DES-EDE3", + "DES-EDE3-CBC", + "DES-EDE3-CFB", + "DES-EDE3-CFB1", + "DES-EDE3-CFB8", + "DES-EDE3-ECB", + "DES-EDE3-OFB", + "DES-OFB", + "DES3", + "des3-wrap", + "DESX", + "DESX-CBC", + "id-aes128-CCM", + "id-aes128-GCM", + "id-aes128-wrap", + "id-aes128-wrap-pad", + "id-aes192-CCM", + "id-aes192-GCM", + "id-aes192-wrap", + "id-aes192-wrap-pad", + "id-aes256-CCM", + "id-aes256-GCM", + "id-aes256-wrap", + "id-aes256-wrap-pad", + "id-smime-alg-CMS3DESwrap", + "IDEA", + "IDEA-CBC", + "IDEA-CFB", + "IDEA-ECB", + "IDEA-OFB", + "RC2", + "rc2-128", + "rc2-40", + "RC2-40-CBC", + "rc2-64", + "RC2-64-CBC", + "RC2-CBC", + "RC2-CFB", + "RC2-ECB", + "RC2-OFB", + "RC4", + "RC4-40", + "RC4-HMAC-MD5", + "SEED", + "SEED-CBC", + "SEED-CFB", + "SEED-ECB", + "SEED-OFB", + "SMS4", + "SMS4-CBC", + "SMS4-CCM", + "SMS4-CFB", + "SMS4-CFB1", + "SMS4-CFB8", + "SMS4-CTR", + "SMS4-ECB", + "SMS4-GCM", + "SMS4-OCB", + "SMS4-OFB", + "SMS4-WRAP", + "SMS4-WRAP-PAD", + "SMS4-XTS", + } } func GetCipherKeyLength(name string) (int, error) { @@ -27,7 +176,7 @@ func GetCipherKeyLength(name string) (int, error) { return int(C.EVP_CIPHER_key_length(cipher)), nil } -func GetCipherBlockSize(name string) (int, error) { +func GetCipherBlockLength(name string) (int, error) { cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) cipher := C.EVP_get_cipherbyname(cname) @@ -51,7 +200,7 @@ type CipherContext struct { ctx *C.EVP_CIPHER_CTX } -func NewCipherContext(name string, args map[string]string, key, iv []byte, encrypt bool) ( +func NewCipherContext(name string, eng *Engine, key, iv []byte, encrypt bool) ( *CipherContext, error) { cname := C.CString(name) diff --git a/go/gmssl/cms.go b/go/gmssl/cms.go deleted file mode 100644 index 0c4464da..00000000 --- a/go/gmssl/cms.go +++ /dev/null @@ -1,2 +0,0 @@ -/* +build cgo */ -package gmssl diff --git a/go/gmssl/digest.go b/go/gmssl/digest.go index 94d3f951..53bf4510 100644 --- a/go/gmssl/digest.go +++ b/go/gmssl/digest.go @@ -14,8 +14,30 @@ import ( "unsafe" ) -func GetDigests(aliases bool) []string { - return []string{"sm3", "sha1", "sha256"} +func GetDigestNames() []string { + return []string{ + "BLAKE2b512", + "BLAKE2s256", + "MD4", + "MD5", + "MD5-SHA1", + "MDC2", + "RIPEMD160", + "rmd160", + "SHA1", + "SHA224", + "SHA256", + "SHA384", + "SHA512", + "SM3", + "SHA1", + "SHA224", + "SHA256", + "SHA384", + "SHA512", + "SM3", + "whirlpool", + } } func GetDigestLength(name string) (int, error) { @@ -32,7 +54,7 @@ type DigestContext struct { ctx *C.EVP_MD_CTX } -func NewDigestContext(name string, args map[string]string) (*DigestContext, error) { +func NewDigestContext(name string, eng *Engine) (*DigestContext, error) { cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) md := C.EVP_get_digestbyname(cname) diff --git a/go/gmssl/engine.go b/go/gmssl/engine.go index 5f989f85..3fc35fd7 100644 --- a/go/gmssl/engine.go +++ b/go/gmssl/engine.go @@ -2,85 +2,119 @@ package gmssl /* +#include +#include +#include +#include +#include #include + +char *get_errors() { + char *ret; + BIO *bio; + char *data; + long len; + if (!(bio = BIO_new(BIO_s_mem()))) { + return (char *)NULL; + } + ERR_print_errors(bio); + len = BIO_get_mem_data(bio, &data); + ret = OPENSSL_strdup(data); + BIO_free(bio); + return ret; +} + +EVP_PKEY *load_private_key_from_engine(ENGINE *e, const char *key_id, + const char *pass) +{ + return (EVP_PKEY *)NULL; +} */ import "C" import ( - "runtime" "errors" + "runtime" "unsafe" - "fmt" ) func GetEngineNames() []string { - return []string{"skf", "sdf"} + engines := []string{} + C.ENGINE_load_builtin_engines() + eng := C.ENGINE_get_first() + for { + if eng == nil { + break + } + engines = append(engines, C.GoString(C.ENGINE_get_id(eng))) + eng = C.ENGINE_get_next(eng) + } + C.ENGINE_free(eng) + return engines } type Engine struct { - engine *C.ENGINE + engine *C.ENGINE; } -func OpenEngine(name string, args map[string]string) (*Engine, error) { +func GetEngineByName(name string) (*Engine, error) { cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) - - engine := C.ENGINE_by_id(cname) - if engine == nil { - return nil, fmt.Errorf("shit") + eng := C.ENGINE_by_id(cname) + if eng == nil { + cerrors := C.get_errors() + return nil, errors.New(C.GoString(cerrors)) } - - ret := &Engine{engine} + ret := &Engine{eng} runtime.SetFinalizer(ret, func(ret *Engine) { + C.ENGINE_finish(ret.engine) C.ENGINE_free(ret.engine) }) + if 1 != C.ENGINE_init(eng) { + cerrors := C.get_errors() + return nil, errors.New(C.GoString(cerrors)) + } return ret, nil } -func (eng *Engine) ExecuteCommand(cmd_name string, arg string, optinal bool) error { - ccmd := C.CString(cmd_name) - defer C.free(unsafe.Pointer(ccmd)) +func (e *Engine) RunCommand(name, arg string) error { + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) carg := C.CString(arg) defer C.free(unsafe.Pointer(carg)) - - if 1 != C.ENGINE_ctrl_cmd_string(eng.engine, ccmd, carg, 0) { - return errors.New("Not implemented") + if 1 != C.ENGINE_ctrl_cmd_string(e.engine, cname, carg, 0) { + cerrors := C.get_errors() + return errors.New(C.GoString(cerrors)) } return nil } -func (eng *Engine) LoadPrivateKey(key_id string, args map[string]string) (*PrivateKey, error) { - cid := C.CString(key_id) +func (e *Engine) LoadConfigFile(path string) error { + return errors.New("Engine.LoadConfigFile() not implemented") +} + +func (e *Engine) GetPrivateKey(id string, pass string) (*PrivateKey, error) { + cid := C.CString(id) defer C.free(unsafe.Pointer(cid)) - - pkey := C.ENGINE_load_private_key(eng.engine, cid, C.NULL, C.NULL) - if pkey == nil { - return nil, fmt.Errorf("shit") + cpass := C.CString(pass) + defer C.free(unsafe.Pointer(cpass)) + sk := C.load_private_key_from_engine(e.engine, cid, cpass) + if sk == nil { + cerrors := C.get_errors() + return nil, errors.New(C.GoString(cerrors)) } - - ret := &PrivateKey{pkey} - runtime.SetFinalizer(ret, func(ret *PrivateKey) { - C.EVP_PKEY_free(ret.pkey) - }) - return ret, nil + return &PrivateKey{sk}, nil } -func (eng *Engine) LoadPublicKey(key_id string, args map[string]string) (*PublicKey, error) { - cid := C.CString(key_id) +func (e *Engine) GetPublicKey(id string) ( + *PublicKey, error) { + cid := C.CString(id) defer C.free(unsafe.Pointer(cid)) - - pkey := C.ENGINE_load_public_key(eng.engine, cid, C.NULL, C.NULL) - if pkey == nil { - return nil, fmt.Errorf("shit") - } - - ret := &PublicKey{pkey} - runtime.SetFinalizer(ret, func(ret *PublicKey) { - C.EVP_PKEY_free(ret.pkey) - }) - return ret, nil -} - -func (eng *Engine) LoadCertificate(ca_dn []string, args map[string]string) (string, error) { - return "", errors.New("Not implemented") + //pk := C.ENGINE_load_public_key(e.engine, cid, C.NULL, C.NULL) + //if pk == nil { + // cerrors := C.get_errors() + // return nil, errors.New(C.GoString(cerrors)) + //} + //return &PublicKey{pk}, nil + return nil, nil } diff --git a/go/gmssl/error.go b/go/gmssl/error.go new file mode 100644 index 00000000..970f9b0c --- /dev/null +++ b/go/gmssl/error.go @@ -0,0 +1,32 @@ +/* +build cgo */ +package gmssl + +/* +#include +#include + +long bio_get_mem_data(BIO *bio, char **pp) { + return BIO_get_mem_data(bio, pp); +} + +*/ +import "C" + +import ( + "errors" +) + +func GetErrors() error { + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return errors.New("GetErrors function failure") + } + defer C.BIO_free(bio) + C.ERR_print_errors(bio) + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return errors.New("GetErrors function failure") + } + return errors.New(C.GoString(p)) +} diff --git a/go/gmssl/ibc.go b/go/gmssl/ibc.go deleted file mode 100644 index 527fcfab..00000000 --- a/go/gmssl/ibc.go +++ /dev/null @@ -1,56 +0,0 @@ -/* +build cgo */ -package gmssl - -/* -#include -#include -*/ -import "C" - -import ( - "errors" - "unsafe" -) - -func GetIdentityBasedCryptoSchemes(aliases bool) []string { - return []string{"CPK", "SM9", "BFIBE", "BB1IBE"} -} - -type MasterSecret struct { - pkey *C.EVP_PKEY -} - -type PublicParams struct { - pkey *C.EVP_PKEY -} - -func IdentityBasedCryptoSetup() { -} - -func IdentityBasedCryptoExportPrivateKey() { -} - -func IdentityBasedCryptoExportPublicKey() { -} - -func IdentityBasedEncrypt() { -} - -func IdentityBasedDecrypt() { -} - -func IdentityBasedSign() { -} - -func IdentityBasedVerify() { -} - -func GetCipherKeyLength(name string) (int, error) { - cname := C.CString(name) - defer C.free(unsafe.Pointer(cname)) - cipher := C.EVP_get_cipherbyname(cname) - if cipher == nil { - return 0, errors.New("Invalid cipher name") - - - diff --git a/go/gmssl/mac.go b/go/gmssl/mac.go index 5b173adc..151d0d8d 100644 --- a/go/gmssl/mac.go +++ b/go/gmssl/mac.go @@ -15,8 +15,30 @@ import ( "unsafe" ) -func GetMacs(aliases bool) []string { - return []string{"hello", "world"} +func GetMacNames(aliases bool) []string { + return []string{ + "HMAC-BLAKE2b512", + "HMAC-BLAKE2s256", + "HMAC-MD4", + "HMAC-MD5", + "HMAC-MD5-SHA1", + "HMAC-MDC2", + "HMAC-RIPEMD160", + "HMAC-rmd160", + "HMAC-SHA1", + "HMAC-SHA224", + "HMAC-SHA256", + "HMAC-SHA384", + "HMAC-SHA512", + "HMAC-SM3", + "HMAC-SHA1", + "HMAC-SHA224", + "HMAC-SHA256", + "HMAC-SHA384", + "HMAC-SHA512", + "HMAC-SM3", + "HMAC-whirlpool", + } } func GetMacKeyLength(name string) (int, error) { @@ -31,7 +53,7 @@ type MACContext struct { hctx *C.HMAC_CTX } -func NewMACContext(name string, args map[string]string, key []byte) (*MACContext, error) { +func NewMACContext(name string, eng *Engine, key []byte) (*MACContext, error) { cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) md := C.EVP_get_digestbyname(cname) diff --git a/go/gmssl/ocsp.go b/go/gmssl/ocsp.go deleted file mode 100644 index 0c4464da..00000000 --- a/go/gmssl/ocsp.go +++ /dev/null @@ -1,2 +0,0 @@ -/* +build cgo */ -package gmssl diff --git a/go/gmssl/otp.go b/go/gmssl/otp.go deleted file mode 100644 index a13e899b..00000000 --- a/go/gmssl/otp.go +++ /dev/null @@ -1,24 +0,0 @@ -/* +build cgo */ -package gmssl - -/* -#include -*/ -import "C" - -import ( - "errors" - "fmt" - "runtime" - "unsafe" -) - -func GetOTPAlgors(aliases bool) []string { - return []string{"sms4-cbc", "aes-128-cbc", "aes-256-cbc"} -} - -func GenerateOTPKey() []byte { -} - -func GenerateOneTimePassword() string { -} diff --git a/go/gmssl/pbkdf.go b/go/gmssl/pbkdf.go deleted file mode 100644 index 226cb8b3..00000000 --- a/go/gmssl/pbkdf.go +++ /dev/null @@ -1,36 +0,0 @@ -/* +build cgo */ -package gmssl - -/* -#include -*/ -import "C" - -import ( - "errors" -) - -/* -int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, - const EVP_MD *digest, int keylen, unsigned char *out); -int EVP_PBE_scrypt(const char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen); -*/ - -func GetKeyDeriveFunctions(aliases bool) []string { - return []string{"PBKDF", "PBKDF2", "scrypt"} -} - -func DeriveKeyFromPassword(algor string, args map[string]string, password string, salt []byte, keylen int) ([]byte, error) { - if algor == "PBKDF2" { - if 1 != PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, md, keylen, out) { - } - else if algor == "scrypt" { - if 1 != gmssl_scrypt() - } else { - return nil, errors.New("Not implemented") - } -} diff --git a/go/gmssl/pkey.go b/go/gmssl/pkey.go index 969e3d32..dca79198 100644 --- a/go/gmssl/pkey.go +++ b/go/gmssl/pkey.go @@ -2,28 +2,460 @@ package gmssl /* +#include +#include +#include +#include +#include +#include #include +#include +#include +#include + +extern long bio_get_mem_data(BIO *bio, char **pp); + + + +EVP_PKEY_CTX *new_pkey_keygen_ctx(const char *alg, ENGINE *e) +{ + int pkey_id; + + + return NULL; +} + +EVP_PKEY *pem_read_bio_pubkey(BIO *bio) { + return PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); +} + +int pem_write_bio_pubkey(BIO *bio, EVP_PKEY *pkey) { + return PEM_write_bio_PUBKEY(bio, pkey); +} + +int pem_write_bio_privatekey(BIO *bio, EVP_PKEY *pkey, + const EVP_CIPHER *cipher, const char *pass) { + return PEM_write_bio_PrivateKey(bio, pkey, cipher, NULL, 0, NULL, (void *)pass); +} + +int sign_nids[] = { +#ifndef OPENSSL_NO_SM2 + NID_sm2sign, +#endif + NID_ecdsa_with_Recommended, +#ifndef OPENSSL_NO_SHA + NID_ecdsa_with_SHA1, + NID_ecdsa_with_SHA256, + NID_ecdsa_with_SHA512, +# ifndef OPENSSL_NO_RSA + NID_sha1WithRSAEncryption, + NID_sha256WithRSAEncryption, + NID_sha512WithRSAEncryption, +# endif +# ifndef OPENSSL_NO_DSA + NID_dsaWithSHA1, +# endif +#endif +}; + +static int get_sign_info(const char *alg, int *ppkey_type, + const EVP_MD **pmd, int *pec_scheme) +{ + int pkey_type; + const EVP_MD *md = NULL; + int ec_scheme = -1; + + switch (OBJ_txt2nid(alg)) { + case NID_sm2sign: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + break; + case NID_ecdsa_with_Recommended: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + break; + case NID_ecdsa_with_SHA1: + pkey_type = EVP_PKEY_EC; + md = EVP_sha1(); + ec_scheme = NID_secg_scheme; + break; + case NID_ecdsa_with_SHA256: + pkey_type = EVP_PKEY_EC; + md = EVP_sha256(); + ec_scheme = NID_secg_scheme; + break; + case NID_ecdsa_with_SHA512: + pkey_type = EVP_PKEY_EC; + md = EVP_sha512(); + ec_scheme = NID_secg_scheme; + break; + case NID_sha1WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha1(); + break; + case NID_sha256WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha256(); + break; + case NID_sha512WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha512(); + break; + case NID_dsaWithSHA1: + pkey_type = EVP_PKEY_DSA; + md = EVP_sha1(); + break; + default: + return 0; + } + + *ppkey_type = pkey_type; + *pmd = md; + *pec_scheme = ec_scheme; + + return 1; +} + +int pke_nids[] = { +#ifndef OPENSSL_NO_RSA + NID_rsaesOaep, +#endif +#ifndef OPENSSL_NO_ECIES + NID_ecies_recommendedParameters, + NID_ecies_specifiedParameters, +# ifndef OPENSSL_NO_SHA + NID_ecies_with_x9_63_sha1_xor_hmac, + NID_ecies_with_x9_63_sha256_xor_hmac, + NID_ecies_with_x9_63_sha512_xor_hmac, + NID_ecies_with_x9_63_sha1_aes128_cbc_hmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_hmac, + NID_ecies_with_x9_63_sha512_aes256_cbc_hmac, + NID_ecies_with_x9_63_sha256_aes128_ctr_hmac, + NID_ecies_with_x9_63_sha512_aes256_ctr_hmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half, + NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half, + NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half, + NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half, + NID_ecies_with_x9_63_sha1_aes128_cbc_cmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_cmac, + NID_ecies_with_x9_63_sha512_aes256_cbc_cmac, + NID_ecies_with_x9_63_sha256_aes128_ctr_cmac, + NID_ecies_with_x9_63_sha512_aes256_ctr_cmac, +# endif +#endif +#ifndef OPENSSL_NO_SM2 + NID_sm2encrypt_with_sm3, +# ifndef OPENSSL_NO_SHA + NID_sm2encrypt_with_sha1, + NID_sm2encrypt_with_sha256, + NID_sm2encrypt_with_sha512, +# endif +#endif +}; + +static int get_pke_info(const char *alg, int *ppkey_type, + int *pec_scheme, int *pec_encrypt_param) +{ + int pkey_type = 0; + int ec_scheme = 0; + int ec_encrypt_param = 0; + + switch (OBJ_txt2nid(alg)) { + case NID_rsaesOaep: + pkey_type = EVP_PKEY_RSA; + break; + case NID_ecies_recommendedParameters: + case NID_ecies_specifiedParameters: + case NID_ecies_with_x9_63_sha1_xor_hmac: + case NID_ecies_with_x9_63_sha256_xor_hmac: + case NID_ecies_with_x9_63_sha512_xor_hmac: + case NID_ecies_with_x9_63_sha1_aes128_cbc_hmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_hmac: + case NID_ecies_with_x9_63_sha512_aes256_cbc_hmac: + case NID_ecies_with_x9_63_sha256_aes128_ctr_hmac: + case NID_ecies_with_x9_63_sha512_aes256_ctr_hmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half: + case NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half: + case NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half: + case NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half: + case NID_ecies_with_x9_63_sha1_aes128_cbc_cmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_cmac: + case NID_ecies_with_x9_63_sha512_aes256_cbc_cmac: + case NID_ecies_with_x9_63_sha256_aes128_ctr_cmac: + case NID_ecies_with_x9_63_sha512_aes256_ctr_cmac: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ec_encrypt_param = OBJ_txt2nid(alg); + break; + case NID_sm2encrypt_with_sm3: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sm3; + break; + case NID_sm2encrypt_with_sha1: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha1; + break; + case NID_sm2encrypt_with_sha256: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha256; + break; + case NID_sm2encrypt_with_sha512: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha512; + break; + default: + return 0; + } + + *ppkey_type = pkey_type; + *pec_scheme = ec_scheme; + *pec_encrypt_param = ec_encrypt_param; + + return 1; +} + +int exch_nids[] = { +#ifndef OPENSSL_NO_SM2 + NID_sm2exchange, +#endif +#ifndef OPENSSL_NO_SHA + NID_dhSinglePass_stdDH_sha1kdf_scheme, + NID_dhSinglePass_stdDH_sha224kdf_scheme, + NID_dhSinglePass_stdDH_sha256kdf_scheme, + NID_dhSinglePass_stdDH_sha384kdf_scheme, + NID_dhSinglePass_stdDH_sha512kdf_scheme, + NID_dhSinglePass_cofactorDH_sha1kdf_scheme, + NID_dhSinglePass_cofactorDH_sha224kdf_scheme, + NID_dhSinglePass_cofactorDH_sha256kdf_scheme, + NID_dhSinglePass_cofactorDH_sha384kdf_scheme, + NID_dhSinglePass_cofactorDH_sha512kdf_scheme, +#endif +#ifndef OPENSSL_NO_DH + NID_dhKeyAgreement, +#endif +}; + +static int get_exch_info(const char *alg, int *ppkey_type, int *pec_scheme, + int *pecdh_cofactor_mode, int *pecdh_kdf_type, int *pecdh_kdf_md, + int *pecdh_kdf_outlen, char **pecdh_kdf_ukm, int *pecdh_kdf_ukmlen) +{ + int pkey_type = 0; + int ec_scheme = 0; + int ecdh_cofactor_mode = 0; + int ecdh_kdf_type = 0; + int ecdh_kdf_md = 0; + int ecdh_kdf_outlen = 0; + char *ecdh_kdf_ukm = NULL; + int ecdh_kdf_ukmlen = 0; + + switch (OBJ_txt2nid(alg)) { + case NID_sm2exchange: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ecdh_kdf_md = NID_sm3; + break; + case NID_dhSinglePass_stdDH_sha1kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha1; + break; + case NID_dhSinglePass_stdDH_sha224kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha224; + break; + case NID_dhSinglePass_stdDH_sha256kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha256; + break; + case NID_dhSinglePass_stdDH_sha384kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha384; + break; + case NID_dhSinglePass_stdDH_sha512kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha512; + break; + case NID_dhSinglePass_cofactorDH_sha1kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha1; + break; + case NID_dhSinglePass_cofactorDH_sha224kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha224; + break; + case NID_dhSinglePass_cofactorDH_sha256kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha256; + break; + case NID_dhSinglePass_cofactorDH_sha384kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha384; + break; + case NID_dhSinglePass_cofactorDH_sha512kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha512; + break; + case NID_dhKeyAgreement: + pkey_type = EVP_PKEY_DH; + break; + default: + return 0; + } + + *ppkey_type = pkey_type; + *pec_scheme = ec_scheme; + *pecdh_cofactor_mode = ecdh_cofactor_mode; + *pecdh_kdf_type = ecdh_kdf_type; + *pecdh_kdf_md = ecdh_kdf_md; + *pecdh_kdf_outlen = ecdh_kdf_outlen; + *pecdh_kdf_ukm = ecdh_kdf_ukm; + *pecdh_kdf_ukmlen = ecdh_kdf_ukmlen; + + return 1; +} + +unsigned char *pk_encrypt(EVP_PKEY *pk, const char *alg, const unsigned char *in, + size_t inlen, size_t *outlen, ENGINE *e) { + int pkey_id, ec_scheme, ec_encrypt_param; + if (!get_pke_info(alg, &pkey_id, ec_scheme, &ec_encrypt_param)) { + return NULL; + } + if (pkey_id != EVP_PKEY_id(pk)) { + return NULL; + } + if (!(ctx = EVP_PKEY_CTX_new(pk, e))) { + } + if (!EVP_PKEY_encrypt_init(ctx)) { + } + if (!EVP_PKEY_CTX_set_ec_scheme(ctx, ec_scheme)) { + } + if (!EVP_PKEY_CTX_set_ec_encrypt_param(ctx, ec_encrypt_param)) { + } + if (!EVP_PKEY_CTX_encrypt(ctx, outbuf, outlen, in, inlen)) { + } + return NULL; +} + +unsigned char *sk_decrypt(EVP_PKEY *sk, const char *alg, const unsigned char *in, + size_t inlen, size_t *outlen, ENGINE *e) { + return NULL; +} + +unsigned char *sk_sign(EVP_PKEY *sk, const char *alg, const unsigned char *dgst, + size_t dgstlen, size_t *siglen, ENGINE *e) { + return NULL; +} + +int pk_verify(EVP_PKEY *pk, const char *alg, const unsigned char *dgst, + size_t dgstlen, const unsigned char *sig, size_t siglen, ENGINE *e) { + return 0; +} + +unsigned char *sk_derive(EVP_PKEY *sk, const char *alg, EVP_PKEY *peer, + size_t *outlen, ENGINE *e) { + return NULL; +} + */ import "C" import ( - "errors" + "unsafe" + "runtime" ) -func GetPublicKeyTypes(aliases bool) []string { - return []string{"RSA", "DH", "DSA"} +func GetPublicKeyAlgorithmNames() []string { + return []string{ + "DH", + "DSA", + "EC", + "RSA", + "SM2", + "X25519", + } } -func GetSignatureSchemes(publicKeyType string, aliases bool) []string { - return []string{"RSA", "DSA", "ECDSA", "SM2"} +func GetSignAlgorithmNames(pkey string) ([]string, error) { + return []string{ + "sm2sign", + "ecdsa-with-Recommended", + "ecdsa-with-SHA1", + "ecdsa-with-SHA256", + "ecdsa-with-SHA512", + "RSA-SHA1", + "RSA-SHA256", + "RSA-SHA512", + "DSA-SHA1", + } } -func GetPublicKeyEncryptions(publicKeyType string, aliases bool) []string { - return []string{"RSA", "ECIES", "SM2"} +func GetPublicKeyEncryptionNames(pkey string) ([]string, error) { + return []string{ + "RSAES-OAEP", + "ecies-recommendedParameters", + "ecies-specifiedParameters", + "ecies-with-x9-63-sha1-xor-hmac", + "ecies-with-x9-63-sha256-xor-hmac", + "ecies-with-x9-63-sha512-xor-hmac", + "ecies-with-x9-63-sha1-aes128-cbc-hmac", + "ecies-with-x9-63-sha256-aes128-cbc-hmac", + "ecies-with-x9-63-sha512-aes256-cbc-hmac", + "ecies-with-x9-63-sha256-aes128-ctr-hmac", + "ecies-with-x9-63-sha512-aes256-ctr-hmac", + "ecies-with-x9-63-sha256-aes128-cbc-hmac-half", + "ecies-with-x9-63-sha512-aes256-cbc-hmac-half", + "ecies-with-x9-63-sha256-aes128-ctr-hmac-half", + "ecies-with-x9-63-sha512-aes256-ctr-hmac-half", + "ecies-with-x9-63-sha1-aes128-cbc-cmac", + "ecies-with-x9-63-sha256-aes128-cbc-cmac", + "ecies-with-x9-63-sha512-aes256-cbc-cmac", + "ecies-with-x9-63-sha256-aes128-ctr-cmac", + "ecies-with-x9-63-sha512-aes256-ctr-cmac", + "sm2encrypt-with-sm3", + "sm2encrypt-with-sha1", + "sm2encrypt-with-sha256", + "sm2encrypt-with-sha512", + } } -func GetKeyExchanges(publicKeyType string, aliases bool) []string { - return []string{"DH", "ECDH", "SM2"} +func GetDeriveKeyAlgorithmNames(pkey string) ([]string, error) { + return []string{ + "sm2exchange", + "dhSinglePass-stdDH-sha1kdf-scheme", + "dhSinglePass-stdDH-sha224kdf-scheme", + "dhSinglePass-stdDH-sha256kdf-scheme", + "dhSinglePass-stdDH-sha384kdf-scheme", + "dhSinglePass-stdDH-sha512kdf-scheme", + "dhSinglePass-cofactorDH-sha1kdf-scheme", + "dhSinglePass-cofactorDH-sha224kdf-scheme", + "dhSinglePass-cofactorDH-sha256kdf-scheme", + "dhSinglePass-cofactorDH-sha384kdf-scheme", + "dhSinglePass-cofactorDH-sha512kdf-scheme", + "dhKeyAgreement", + } } type PublicKey struct { @@ -34,116 +466,258 @@ type PrivateKey struct { pkey *C.EVP_PKEY } -func GenerateKeyPair(publicKeyType string, args map[string]string, bits int) (*PublicKey, *PrivateKey, error) { - return nil, nil, errors.New("Not implemented") -} - -func LoadPublicKey(publicKeyType string, args map[string]string, data []byte) (*PublicKey, error) { - return nil, errors.New("Not implemented") -} - -func LoadPrivateKey(publicKeyType string, args map[string]string, data []byte) (*PrivateKey, error) { - return nil, errors.New("Not implemented") -} - -func (pkey *PublicKey) Save(args map[string]string) ([]byte, error) { - return nil, errors.New("Not implemented") -} - -func (pkey *PrivateKey) Save(args map[string]string) ([]byte, error) { - return nil, errors.New("Not implemented") -} - -func (pkey *PublicKey) GetAttributes(args map[string]string) (map[string]string, error) { - return nil, errors.New("Not implemented") -} - -func (pkey *PrivateKey) GetAttributes(args map[string]string) (map[string]string, error) { - return nil, errors.New("Not implemented") -} - -func (pkey *PublicKey) Encrypt(scheme string, args map[string]string, in []byte) ([]byte, error) { - ctx := C.EVP_PKEY_CTX_new(pkey.pkey, nil) +func GeneratePrivateKey(alg string, args map[string]string, eng Engine) (*PrivateKey, error) { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + ctx := C.new_pkey_keygen_ctx(calg, eng.engine) if ctx == nil { - return nil, errors.New("Failure") + return nil, GetErrors() } - if 1 != C.EVP_PKEY_encrypt_init(ctx) { - return nil, errors.New("Failurew") + var pkey *C.EVP_PKEY + + if alg == "DH" || alg == "DSA" { + + if 1 != C.EVP_PKEY_paramgen_init(ctx) { + return nil, GetErrors() + } + for name, value := range args { + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) + cvalue := C.CString(value) + defer C.free(unsafe.Pointer(cvalue)) + if C.EVP_PKEY_CTX_ctrl_str(ctx, cname, cvalue) <= 0 { + return nil, GetErrors() + } + } + if 1 != C.EVP_PKEY_paramgen(ctx, &pkey) { + return nil, GetErrors() + } + if 1 != C.EVP_PKEY_keygen_init(ctx) { + return nil, GetErrors() + } + if 1 != C.EVP_PKEY_keygen(ctx, &pkey) { + return nil, GetErrors() + } + + } else { + if 1 != C.EVP_PKEY_keygen_init(ctx) { + return nil, GetErrors() + } + + for name, value := range args { + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) + cvalue := C.CString(value) + defer C.free(unsafe.Pointer(cvalue)) + if C.EVP_PKEY_CTX_ctrl_str(ctx, cname, cvalue) <= 0 { + return nil, GetErrors() + } + } + + if 1 != C.EVP_PKEY_keygen(ctx, &pkey) { + return nil, GetErrors() + } } - outbuf := make([]byte, len(in) + 1024) - outlen := C.size_t(len(outbuf)) - if 1 != C.EVP_PKEY_encrypt(ctx, (*C.uchar)(&outbuf[0]), &outlen, - (*C.uchar)(&in[0]), C.size_t(len(in))) { - return nil, errors.New("Failurew") - } - return outbuf[:outlen], nil + + sk := &PrivateKey{pkey} + runtime.SetFinalizer(sk, func(sk *PrivateKey) { + C.EVP_PKEY_free(sk.pkey) + }) + + return sk, nil } -func (pkey *PrivateKey) Decrypt(scheme string, args map[string]string, in []byte) ([]byte, error) { - ctx := C.EVP_PKEY_CTX_new(pkey.pkey, nil) - if ctx == nil { - return nil, errors.New("Failure") +func NewPrivateKeyFromPEM(pem string, pass string) (*PrivateKey, error) { + cpem := C.CString(pem) + defer C.free(unsafe.Pointer(cpem)) + cpass := C.CString(pass) + defer C.free(unsafe.Pointer(cpass)) + bio := C.BIO_new_mem_buf(unsafe.Pointer(cpem), -1) + if bio == nil { + return nil, GetErrors() } - if 1 != C.EVP_PKEY_decrypt_init(ctx) { - return nil, errors.New("Failure") + defer C.BIO_free(bio) + pkey := C.PEM_read_bio_PrivateKey(bio, nil, nil, unsafe.Pointer(cpass)) + if pkey == nil { + return nil, GetErrors() } - outbuf := make([]byte, len(in)) - outlen := C.size_t(len(outbuf)) - if 1 != C.EVP_PKEY_decrypt(ctx, (*C.uchar)(&outbuf[0]), &outlen, - (*C.uchar)(&in[0]), C.size_t(len(in))) { - return nil, errors.New("Failure") - } - return outbuf[:outlen], nil + sk := &PrivateKey{pkey} + runtime.SetFinalizer(sk, func(sk *PrivateKey) { + C.EVP_PKEY_free(sk.pkey) + }) + return sk, nil } -func (pkey *PrivateKey) Sign(scheme string, args map[string]string, data []byte) ([]byte, error) { - ctx := C.EVP_PKEY_CTX_new(pkey.pkey, nil) - if ctx == nil { - return nil, errors.New("Failure") +func (sk *PrivateKey) GetPEM(cipher string, pass string) (string, error) { + ccipher := C.CString(cipher) + defer C.free(unsafe.Pointer(ccipher)) + cpass := C.CString(pass) + defer C.free(unsafe.Pointer(cpass)) + + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return "", GetErrors() } - if 1 != C.EVP_PKEY_sign_init(ctx) { - return nil, errors.New("Failure") + defer C.BIO_free(bio) + + enc := C.EVP_get_cipherbyname(ccipher) + if enc == nil { + return "", GetErrors() } - outbuf := make([]byte, C.EVP_PKEY_size(pkey.pkey)) - outlen := C.size_t(len(outbuf)) - if 1 != C.EVP_PKEY_sign(ctx, (*C.uchar)(&outbuf[0]), &outlen, - (*C.uchar)(&data[0]), C.size_t(len(data))) { - return nil, errors.New("Failure") + + if 1 != C.PEM_write_bio_PrivateKey(bio, sk.pkey, + C.EVP_sms4_cbc(), nil, C.int(0), nil, unsafe.Pointer(cpass)) { + return "", GetErrors() } - return outbuf[:outlen], nil + + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return "", GetErrors() + } + + return C.GoString(p), nil } -func (pkey *PublicKey) Verify(scheme string, args map[string]string, data, signature []byte) error { - ctx := C.EVP_PKEY_CTX_new(pkey.pkey, nil) - if ctx == nil { - return errors.New("Failure") +func (sk *PrivateKey) GetPublicKeyPEM() (string, error) { + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return "", GetErrors() } - if 1 != C.EVP_PKEY_sign_init(ctx) { - return errors.New("Failure") + defer C.BIO_free(bio) + if 1 != C.pem_write_bio_pubkey(bio, sk.pkey) { + return "", GetErrors() } - ret := C.EVP_PKEY_verify(ctx, (*C.uchar)(&signature[0]), C.size_t(len(signature)), - (*C.uchar)(&data[0]), C.size_t(len(data))) - if ret != 1 { - return errors.New("Failure") + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return "", GetErrors() + } + return C.GoString(p), nil +} + +func (sk *PrivateKey) GetText() (string, error) { + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return "", GetErrors() + } + defer C.BIO_free(bio) + if 1 != C.EVP_PKEY_print_private(bio, sk.pkey, 4, nil) { + return "", GetErrors() + } + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return "", GetErrors() + } + return C.GoString(p), nil +} + +func NewPublicKeyFromPEM(pem string)(*PublicKey, error) { + cpem := C.CString(pem) + defer C.free(unsafe.Pointer(cpem)) + bio := C.BIO_new_mem_buf(unsafe.Pointer(cpem), -1) + if bio == nil { + return nil, GetErrors() + } + defer C.BIO_free(bio) + pkey := C.pem_read_bio_pubkey(bio) + if pkey == nil { + return nil, GetErrors() + } + pk := &PublicKey{pkey} + runtime.SetFinalizer(pk, func(pk *PublicKey) { + C.EVP_PKEY_free(pk.pkey) + }) + return pk, nil +} + +func (pk *PublicKey) GetPEM() (string, error) { + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return "", GetErrors() + } + defer C.BIO_free(bio) + if 1 != C.pem_write_bio_pubkey(bio, pk.pkey) { + return "", GetErrors() + } + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return "", GetErrors() + } + return C.GoString(p), nil +} + +func (pk *PublicKey) GetText() (string, error) { + bio := C.BIO_new(C.BIO_s_mem()) + if bio == nil { + return "", GetErrors() + } + defer C.BIO_free(bio) + if 1 != C.EVP_PKEY_print_public(bio, pk.pkey, 4, nil) { + return "", GetErrors() + } + var p *C.char + len := C.bio_get_mem_data(bio, &p) + if len <= 0 { + return "", GetErrors() + } + return C.GoString(p), nil +} + +func (pk *PublicKey) Encrypt(alg string, in []byte, eng Engine) ([]byte, error) { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + var outlen C.size_t + out := C.pk_encrypt(pk.pkey, calg, (*C.uchar)(&in[0]), + C.size_t(len(in)), &outlen, eng.engine) + if out == nil { + return nil, GetErrors() + } + return C.GoBytes(unsafe.Pointer(out), C.int(outlen)), nil +} + +func (sk *PrivateKey) Decrypt(alg string, in []byte, eng Engine) ([]byte, error) { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + var outlen C.size_t + out := C.sk_decrypt(sk.pkey, calg, (*C.uchar)(&in[0]), + C.size_t(len(in)), &outlen, eng.engine) + if out == nil { + return nil, GetErrors() + } + return C.GoBytes(unsafe.Pointer(out), C.int(outlen)), nil +} + +func (sk *PrivateKey) Sign(alg string, dgst []byte, eng Engine) ([]byte, error) { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + var siglen C.size_t + sig := C.sk_sign(sk.pkey, calg, (*C.uchar)(&dgst[0]), C.size_t(len(dgst)), &siglen, eng.engine) + if sig == nil { + return nil, GetErrors() + } + return C.GoBytes(unsafe.Pointer(sig), C.int(siglen)), nil +} + +func (pk *PublicKey) Verify(alg string, dgst, sig []byte, eng Engine) error { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + if 1 != C.pk_verify(pk.pkey, calg, (*C.uchar)(&dgst[0]), C.size_t(len(dgst)), + (*C.uchar)(&sig[0]), C.size_t(len(sig)), eng.engine) { + return GetErrors() } return nil } -func (pkey *PrivateKey) DeriveKey(scheme string, args map[string]string, publicKey PublicKey) ([]byte, error) { - ctx := C.EVP_PKEY_CTX_new(pkey.pkey, nil) - if ctx == nil { - return nil, errors.New("Failure") +func (sk *PrivateKey) DeriveKey(alg string, peer PublicKey, eng Engine) ([]byte, error) { + calg := C.CString(alg) + defer C.free(unsafe.Pointer(calg)) + var keylen C.size_t + key := C.sk_derive(sk.pkey, calg, peer.pkey, &keylen, eng.engine) + if key == nil { + return nil, GetErrors() } - if 1 != C.EVP_PKEY_derive_init(ctx) { - } - /* - if 1 != C.EVP_PKEY_derive_set_peer(ctx, PublicKey.pkey) { - } - */ - - outbuf := make([]byte, C.EVP_PKEY_size(pkey.pkey)) - outlen := C.size_t(len(outbuf)) - if 1 != C.EVP_PKEY_derive(ctx, (*C.uchar)(&outbuf[0]), &outlen) { - } - return nil, errors.New("Not implemented") + return C.GoBytes(unsafe.Pointer(key), C.int(keylen)), nil } diff --git a/go/gmssl/rand.go b/go/gmssl/rand.go index 64e3deb7..8e6fe169 100644 --- a/go/gmssl/rand.go +++ b/go/gmssl/rand.go @@ -18,7 +18,7 @@ func SeedRandom(seed []byte) error { func GenerateRandom(length int) ([]byte, error) { outbuf := make([]byte, length) - if 1 != C.RAND_bytes((*C.uchar)(&outbuf[0]), C.int(length)) { + if C.RAND_bytes((*C.uchar)(&outbuf[0]), C.int(length)) <= 0 { return nil, errors.New("GmSSL Failure") } diff --git a/go/gmssl/ssl.go b/go/gmssl/ssl.go deleted file mode 100644 index 0c4464da..00000000 --- a/go/gmssl/ssl.go +++ /dev/null @@ -1,2 +0,0 @@ -/* +build cgo */ -package gmssl diff --git a/go/gmssl/version.go b/go/gmssl/version.go index 09117fe7..2a04d866 100644 --- a/go/gmssl/version.go +++ b/go/gmssl/version.go @@ -6,8 +6,9 @@ package gmssl */ import "C" -func GetVersion() []string { - version := []string{ +func GetVersions() []string { + versions := []string{ + "GmSSL-Go API/1.0", C.GoString(C.OpenSSL_version(C.OPENSSL_VERSION)), C.GoString(C.OpenSSL_version(C.OPENSSL_BUILT_ON)), C.GoString(C.OpenSSL_version(C.OPENSSL_CFLAGS)), @@ -15,5 +16,5 @@ func GetVersion() []string { C.GoString(C.OpenSSL_version(C.OPENSSL_DIR)), C.GoString(C.OpenSSL_version(C.OPENSSL_ENGINES_DIR)), } - return version + return versions } diff --git a/go/gmssltest.go b/go/gmssltest.go deleted file mode 100644 index 6a615a80..00000000 --- a/go/gmssltest.go +++ /dev/null @@ -1,81 +0,0 @@ -package main - -import ( - "gmssl" - "fmt" -) - -func main() { - - versions := gmssl.GetVersion() - for _, version := range versions { - fmt.Println(version) - } - - digests := gmssl.GetDigests(false) - for _, digest := range digests { - fmt.Println(digest) - } - - ciphers := gmssl.GetCiphers(false) - for _, cipher := range ciphers { - fmt.Println(cipher) - } - - macs := gmssl.GetMacs(false) - for _, mac := range macs { - fmt.Println(mac) - } - - sm3, err := gmssl.NewDigestContext("SM3", nil) - if err != nil { - } - - if err := sm3.Update([]byte("hello")); err != nil { - } - - if err := sm3.Update([]byte("world")); err != nil { - } - - sm3digest, err := sm3.Final() - if err != nil { - } - fmt.Printf("%x", sm3digest) - - - hmac_sm3, err := gmssl.NewMACContext("HMAC-SM3", nil, []byte("this is the key")) - if err != nil { - } - - if err := hmac_sm3.Update([]byte("hello")); err != nil { - } - - if err := hmac_sm3.Update([]byte("world")); err != nil { - } - - mactag, err := hmac_sm3.Final() - if err != nil { - } - fmt.Printf("%x", mactag) - - key := []byte("key") - iv := []byte("iv") - sms4, err := gmssl.NewCipherContext("SMS4", nil, key, iv, true) - if err != nil { - } - - ciphertext1, err := sms4.Update([]byte("hello")) - if err != nil { - } - - ciphertext2, err := sms4.Final() - if err != nil { - } - - ciphertext := make([]byte, 0, len(ciphertext1) + len(ciphertext2)) - ciphertext = append(ciphertext, ciphertext1...) - ciphertext = append(ciphertext, ciphertext2...) - fmt.Printf("%x", ciphertext) - -} - diff --git a/include/internal/sdf_meth.h b/include/internal/sdf_int.h similarity index 92% rename from include/internal/sdf_meth.h rename to include/internal/sdf_int.h index 4bfe889f..f0e8b6ad 100644 --- a/include/internal/sdf_meth.h +++ b/include/internal/sdf_int.h @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -47,11 +47,11 @@ * ==================================================================== */ -#ifndef HEADER_SDF_METH_H -#define HEADER_SDF_METH_H +#ifndef HEADER_SDF_INT_H +#define HEADER_SDF_INT_H -#include -#include + +#include #include "internal/dso.h" @@ -359,13 +359,13 @@ typedef int (*SDF_HashFinal_FuncPtr)(void *hSessionHandle, unsigned char *pucHash, unsigned int *puiHashLength); -typedef int (*SDF_CreateFile_FuncPtr)( +typedef int (*SDF_CreateObject_FuncPtr)( void *hSessionHandle, unsigned char *pucFileName, unsigned int uiNameLen, unsigned int uiFileSize); -typedef int (*SDF_ReadFile_FuncPtr)( +typedef int (*SDF_ReadObject_FuncPtr)( void *hSessionHandle, unsigned char *pucFileName, unsigned int uiNameLen, @@ -373,7 +373,7 @@ typedef int (*SDF_ReadFile_FuncPtr)( unsigned int *puiReadLength, unsigned char *pucBuffer); -typedef int (*SDF_WriteFile_FuncPtr)( +typedef int (*SDF_WriteObject_FuncPtr)( void *hSessionHandle, unsigned char *pucFileName, unsigned int uiNameLen, @@ -381,13 +381,14 @@ typedef int (*SDF_WriteFile_FuncPtr)( unsigned int uiWriteLength, unsigned char *pucBuffer); -typedef int (*SDF_DeleteFile_FuncPtr)( +typedef int (*SDF_DeleteObject_FuncPtr)( void *hSessionHandle, unsigned char *pucFileName, unsigned int uiNameLen); typedef struct sdf_method_st { char *name; + DSO *dso; SDF_OpenDevice_FuncPtr OpenDevice; SDF_CloseDevice_FuncPtr CloseDevice; SDF_OpenSession_FuncPtr OpenSession; @@ -432,12 +433,32 @@ typedef struct sdf_method_st { SDF_HashInit_FuncPtr HashInit; SDF_HashUpdate_FuncPtr HashUpdate; SDF_HashFinal_FuncPtr HashFinal; - SDF_CreateFile_FuncPtr CreateFileObject; - SDF_ReadFile_FuncPtr ReadFileObject; - SDF_WriteFile_FuncPtr WriteFileObject; - SDF_DeleteFile_FuncPtr DeleteFileObject; + SDF_CreateObject_FuncPtr CreateObject; + SDF_ReadObject_FuncPtr ReadObject; + SDF_WriteObject_FuncPtr WriteObject; + SDF_DeleteObject_FuncPtr DeleteObject; } SDF_METHOD; SDF_METHOD *SDF_METHOD_load_library(const char *so_path); +void SDF_METHOD_free(SDF_METHOD *meth); + + +typedef struct sdf_vendor_st { + char *name; + unsigned int (*get_cipher_algor)(unsigned int vendor_id); + unsigned int (*get_digest_algor)(unsigned int vendor_id); + unsigned int (*get_pkey_algor)(unsigned int vendor_id); + unsigned int (*get_cipher_cap)(unsigned int vendor_cap); + unsigned int (*get_digest_cap)(unsigned int vendor_cap); + unsigned int (*get_pkey_cap)(unsigned int vendor_cap); + int (*encode_ecccipher)(const ECCCipher *a, void *buf); + int (*decode_ecccipher)(ECCCipher *a, const void *buf); + unsigned long (*get_error_reason)(int err); +} SDF_VENDOR; + +typedef struct { + int err; + unsigned long reason; +} SDF_ERR_REASON; #endif diff --git a/include/internal/skf_meth.h b/include/internal/skf_int.h similarity index 91% rename from include/internal/skf_meth.h rename to include/internal/skf_int.h index 8bf9029b..15ca10c6 100644 --- a/include/internal/skf_meth.h +++ b/include/internal/skf_int.h @@ -1,597 +1,618 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_SKF_METH_H -#define HEADER_SKF_METH_H - -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef ULONG (*SKF_WaitForDevEvent_FuncPtr)( - LPSTR szDevName, - ULONG *pulDevNameLen, - ULONG *pulEvent); - -typedef ULONG (*SKF_CancelWaitForDevEvent_FuncPtr)( - void); - -typedef ULONG (*SKF_EnumDev_FuncPtr)( - BOOL bPresent, - LPSTR szNameList, - ULONG *pulSize); - -typedef ULONG (*SKF_ConnectDev_FuncPtr)( - LPSTR szName, - DEVHANDLE *phDev); - -typedef ULONG (*SKF_DisConnectDev_FuncPtr)( - DEVHANDLE hDev); - -typedef ULONG (*SKF_GetDevState_FuncPtr)( - LPSTR szDevName, - ULONG *pulDevState); - -typedef ULONG (*SKF_SetLabel_FuncPtr)( - DEVHANDLE hDev, - LPSTR szLabel); - -typedef ULONG (*SKF_GetDevInfo_FuncPtr)( - DEVHANDLE hDev, - DEVINFO *pDevInfo); - -typedef ULONG (*SKF_LockDev_FuncPtr)( - DEVHANDLE hDev, - ULONG ulTimeOut); - -typedef ULONG (*SKF_UnlockDev_FuncPtr)( - DEVHANDLE hDev); - -typedef ULONG (*SKF_Transmit_FuncPtr)( - DEVHANDLE hDev, - BYTE *pbCommand, - ULONG ulCommandLen, - BYTE *pbData, - ULONG *pulDataLen); - -typedef ULONG (*SKF_ChangeDevAuthKey_FuncPtr)( - DEVHANDLE hDev, - BYTE *pbKeyValue, - ULONG ulKeyLen); - -typedef ULONG (*SKF_DevAuth_FuncPtr)( - DEVHANDLE hDev, - BYTE *pbAuthData, - ULONG ulLen); - -typedef ULONG (*SKF_ChangePIN_FuncPtr)( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szOldPin, - LPSTR szNewPin, - ULONG *pulRetryCount); - -typedef LONG (*SKF_GetPINInfo_FuncPtr)( - HAPPLICATION hApplication, - ULONG ulPINType, - ULONG *pulMaxRetryCount, - ULONG *pulRemainRetryCount, - BOOL *pbDefaultPin); - -typedef ULONG (*SKF_VerifyPIN_FuncPtr)( - HAPPLICATION hApplication, - ULONG ulPINType, - LPSTR szPIN, - ULONG *pulRetryCount); - -typedef ULONG (*SKF_UnblockPIN_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szAdminPIN, - LPSTR szNewUserPIN, - ULONG *pulRetryCount); - -typedef ULONG (*SKF_ClearSecureState_FuncPtr)( - HAPPLICATION hApplication); - -typedef ULONG (*SKF_CreateApplication_FuncPtr)( - DEVHANDLE hDev, - LPSTR szAppName, - LPSTR szAdminPin, - DWORD dwAdminPinRetryCount, - LPSTR szUserPin, - DWORD dwUserPinRetryCount, - DWORD dwCreateFileRights, - HAPPLICATION *phApplication); - -typedef ULONG (*SKF_EnumApplication_FuncPtr)( - DEVHANDLE hDev, - LPSTR szAppName, - ULONG *pulSize); - -typedef ULONG (*SKF_DeleteApplication_FuncPtr)( - DEVHANDLE hDev, - LPSTR szAppName); - -typedef ULONG (*SKF_OpenApplication_FuncPtr)( - DEVHANDLE hDev, - LPSTR szAppName, - HAPPLICATION *phApplication); - -typedef ULONG (*SKF_CloseApplication_FuncPtr)( - HAPPLICATION hApplication); - -typedef ULONG (*SKF_CreateFile_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulFileSize, - ULONG ulReadRights, - ULONG ulWriteRights); - -typedef ULONG (*SKF_DeleteFile_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileName); - -typedef ULONG (*SKF_EnumFiles_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileList, - ULONG *pulSize); - -typedef ULONG (*SKF_GetFileInfo_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileName, - FILEATTRIBUTE *pFileInfo); - -typedef ULONG (*SKF_ReadFile_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - ULONG ulSize, - BYTE *pbOutData, - ULONG *pulOutLen); - -typedef ULONG (*SKF_WriteFile_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szFileName, - ULONG ulOffset, - BYTE *pbData, - ULONG ulSize); - -typedef ULONG (*SKF_CreateContainer_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer); - -typedef ULONG (*SKF_DeleteContainer_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szContainerName); - -typedef ULONG (*SKF_EnumContainer_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szContainerName, - ULONG *pulSize); - -typedef ULONG (*SKF_OpenContainer_FuncPtr)( - HAPPLICATION hApplication, - LPSTR szContainerName, - HCONTAINER *phContainer); - -typedef ULONG (*SKF_CloseContainer_FuncPtr)( - HCONTAINER hContainer); - -typedef ULONG (*SKF_GetContainerType_FuncPtr)( - HCONTAINER hContainer, - ULONG *pulContainerType); - -typedef ULONG (*SKF_ImportCertificate_FuncPtr)( - HCONTAINER hContainer, - BOOL bExportSignKey, - BYTE *pbCert, - ULONG ulCertLen); - -typedef ULONG (*SKF_ExportCertificate_FuncPtr)( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbCert, - ULONG *pulCertLen); - -typedef ULONG (*SKF_ExportPublicKey_FuncPtr)( - HCONTAINER hContainer, - BOOL bSignFlag, - BYTE *pbBlob, - ULONG *pulBlobLen); - -typedef ULONG (*SKF_GenRandom_FuncPtr)( - DEVHANDLE hDev, - BYTE *pbRandom, - ULONG ulRandomLen); - -typedef ULONG (*SKF_GenExtRSAKey_FuncPtr)( - DEVHANDLE hDev, - ULONG ulBitsLen, - RSAPRIVATEKEYBLOB *pBlob); - -typedef ULONG (*SKF_GenRSAKeyPair_FuncPtr)( - HCONTAINER hContainer, - ULONG ulBitsLen, - RSAPUBLICKEYBLOB *pBlob); - -typedef ULONG (*SKF_ImportRSAKeyPair_FuncPtr)( - HCONTAINER hContainer, - ULONG ulSymAlgId, - BYTE *pbWrappedKey, - ULONG ulWrappedKeyLen, - BYTE *pbEncryptedData, - ULONG ulEncryptedDataLen); - -typedef ULONG (*SKF_RSASignData_FuncPtr)( - HCONTAINER hContainer, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG *pulSignLen); - -typedef ULONG (*SKF_RSAVerify_FuncPtr)( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbSignature, - ULONG ulSignLen); - -typedef ULONG (*SKF_RSAExportSessionKey_FuncPtr)( - HCONTAINER hContainer, - ULONG ulAlgId, - RSAPUBLICKEYBLOB *pPubKey, - BYTE *pbData, - ULONG *pulDataLen, - HANDLE *phSessionKey); - -typedef ULONG (*SKF_ExtRSAPubKeyOperation_FuncPtr)( - DEVHANDLE hDev, - RSAPUBLICKEYBLOB *pRSAPubKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen); - -typedef ULONG (*SKF_ExtRSAPriKeyOperation_FuncPtr)( - DEVHANDLE hDev, - RSAPRIVATEKEYBLOB *pRSAPriKeyBlob, - BYTE *pbInput, - ULONG ulInputLen, - BYTE *pbOutput, - ULONG *pulOutputLen); - -typedef ULONG (*SKF_GenECCKeyPair_FuncPtr)( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pBlob); - -typedef ULONG (*SKF_ImportECCKeyPair_FuncPtr)( - HCONTAINER hContainer, - ENVELOPEDKEYBLOB *pEnvelopedKeyBlob); - -typedef ULONG (*SKF_ECCSignData_FuncPtr)( - HCONTAINER hContainer, - BYTE *pbDigest, - ULONG ulDigestLen, - ECCSIGNATUREBLOB *pSignature); - -typedef ULONG (*SKF_ECCVerify_FuncPtr)( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature); - -typedef ULONG (*SKF_ECCExportSessionKey_FuncPtr)( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pPubKey, - ECCCIPHERBLOB *pData, - HANDLE *phSessionKey); - -typedef ULONG (*SKF_ExtECCEncrypt_FuncPtr)( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbPlainText, - ULONG ulPlainTextLen, - ECCCIPHERBLOB *pCipherText); - -typedef ULONG (*SKF_ExtECCDecrypt_FuncPtr)( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - ECCCIPHERBLOB *pCipherText, - BYTE *pbPlainText, - ULONG *pulPlainTextLen); - -typedef ULONG (*SKF_ExtECCSign_FuncPtr)( - DEVHANDLE hDev, - ECCPRIVATEKEYBLOB *pECCPriKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature); - -typedef ULONG (*SKF_ExtECCVerify_FuncPtr)( - DEVHANDLE hDev, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - BYTE *pbData, - ULONG ulDataLen, - ECCSIGNATUREBLOB *pSignature); - -typedef ULONG (*SKF_GenerateAgreementDataWithECC_FuncPtr)( - HCONTAINER hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phAgreementHandle); - -typedef ULONG (*SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr)( - HANDLE hContainer, - ULONG ulAlgId, - ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob, - ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - BYTE *pbSponsorID, - ULONG ulSponsorIDLen, - HANDLE *phKeyHandle); - -typedef ULONG (*SKF_GenerateKeyWithECC_FuncPtr)( - HANDLE hAgreementHandle, - ECCPUBLICKEYBLOB *pECCPubKeyBlob, - ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phKeyHandle); - -typedef ULONG (*SKF_ImportSessionKey_FuncPtr)( - HCONTAINER hContainer, - ULONG ulAlgId, - BYTE *pbWrapedData, - ULONG ulWrapedLen, - HANDLE *phKey); - -typedef ULONG (*SKF_SetSymmKey_FuncPtr)( - DEVHANDLE hDev, - BYTE *pbKey, - ULONG ulAlgID, - HANDLE *phKey); - -typedef ULONG (*SKF_EncryptInit_FuncPtr)( - HANDLE hKey, - BLOCKCIPHERPARAM EncryptParam); - -typedef ULONG (*SKF_Encrypt_FuncPtr)( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen); - -typedef ULONG (*SKF_EncryptUpdate_FuncPtr)( - HANDLE hKey, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbEncryptedData, - ULONG *pulEncryptedLen); - -typedef ULONG (*SKF_EncryptFinal_FuncPtr)( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG *pulEncryptedDataLen); - -typedef ULONG (*SKF_DecryptInit_FuncPtr)( - HANDLE hKey, - BLOCKCIPHERPARAM DecryptParam); - -typedef ULONG (*SKF_Decrypt_FuncPtr)( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen); - -typedef ULONG (*SKF_DecryptUpdate_FuncPtr)( - HANDLE hKey, - BYTE *pbEncryptedData, - ULONG ulEncryptedLen, - BYTE *pbData, - ULONG *pulDataLen); - -typedef ULONG (*SKF_DecryptFinal_FuncPtr)( - HANDLE hKey, - BYTE *pbDecryptedData, - ULONG *pulDecryptedDataLen); - -typedef ULONG (*SKF_DigestInit_FuncPtr)( - DEVHANDLE hDev, - ULONG ulAlgID, - ECCPUBLICKEYBLOB *pPubKey, - BYTE *pbID, - ULONG ulIDLen, - HANDLE *phHash); - -typedef ULONG (*SKF_Digest_FuncPtr)( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbHashData, - ULONG *pulHashLen); - -typedef ULONG (*SKF_DigestUpdate_FuncPtr)( - HANDLE hHash, - BYTE *pbData, - ULONG ulDataLen); - -typedef ULONG (*SKF_DigestFinal_FuncPtr)( - HANDLE hHash, - BYTE *pHashData, - ULONG *pulHashLen); - -typedef ULONG (*SKF_MacInit_FuncPtr)( - HANDLE hKey, - BLOCKCIPHERPARAM *pMacParam, - HANDLE *phMac); - -typedef ULONG (*SKF_Mac_FuncPtr)( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen, - BYTE *pbMacData, - ULONG *pulMacLen); - -typedef ULONG (*SKF_MacUpdate_FuncPtr)( - HANDLE hMac, - BYTE *pbData, - ULONG ulDataLen); - -typedef ULONG (*SKF_MacFinal_FuncPtr)( - HANDLE hMac, - BYTE *pbMacData, - ULONG *pulMacDataLen); - -typedef ULONG (*SKF_CloseHandle_FuncPtr)( - HANDLE hHandle); - - -typedef struct skf_method_st { - char *name; - SKF_WaitForDevEvent_FuncPtr WaitForDevEvent; - SKF_CancelWaitForDevEvent_FuncPtr CancelWaitForDevEvent; - SKF_EnumDev_FuncPtr EnumDev; - SKF_ConnectDev_FuncPtr ConnectDev; - SKF_DisConnectDev_FuncPtr DisConnectDev; - SKF_GetDevState_FuncPtr GetDevState; - SKF_SetLabel_FuncPtr SetLabel; - SKF_GetDevInfo_FuncPtr GetDevInfo; - SKF_LockDev_FuncPtr LockDev; - SKF_UnlockDev_FuncPtr UnlockDev; - SKF_Transmit_FuncPtr Transmit; - SKF_ChangeDevAuthKey_FuncPtr ChangeDevAuthKey; - SKF_DevAuth_FuncPtr DevAuth; - SKF_ChangePIN_FuncPtr ChangePIN; - SKF_GetPINInfo_FuncPtr GetPINInfo; - SKF_VerifyPIN_FuncPtr VerifyPIN; - SKF_UnblockPIN_FuncPtr UnblockPIN; - SKF_ClearSecureState_FuncPtr ClearSecureState; - SKF_CreateApplication_FuncPtr CreateApplication; - SKF_EnumApplication_FuncPtr EnumApplication; - SKF_DeleteApplication_FuncPtr DeleteApplication; - SKF_OpenApplication_FuncPtr OpenApplication; - SKF_CloseApplication_FuncPtr CloseApplication; - SKF_CreateFile_FuncPtr CreateFileObject; - SKF_DeleteFile_FuncPtr DeleteFileObject; - SKF_EnumFiles_FuncPtr EnumFiles; - SKF_GetFileInfo_FuncPtr GetFileInfo; - SKF_ReadFile_FuncPtr ReadFileObject; - SKF_WriteFile_FuncPtr WriteFileObject; - SKF_CreateContainer_FuncPtr CreateContainer; - SKF_DeleteContainer_FuncPtr DeleteContainer; - SKF_EnumContainer_FuncPtr EnumContainer; - SKF_OpenContainer_FuncPtr OpenContainer; - SKF_CloseContainer_FuncPtr CloseContainer; - SKF_GetContainerType_FuncPtr GetContainerType; - SKF_ImportCertificate_FuncPtr ImportCertificate; - SKF_ExportCertificate_FuncPtr ExportCertificate; - SKF_ExportPublicKey_FuncPtr ExportPublicKey; - SKF_GenRandom_FuncPtr GenRandom; - SKF_GenExtRSAKey_FuncPtr GenExtRSAKey; - SKF_GenRSAKeyPair_FuncPtr GenRSAKeyPair; - SKF_ImportRSAKeyPair_FuncPtr ImportRSAKeyPair; - SKF_RSASignData_FuncPtr RSASignData; - SKF_RSAVerify_FuncPtr RSAVerify; - SKF_RSAExportSessionKey_FuncPtr RSAExportSessionKey; - SKF_ExtRSAPubKeyOperation_FuncPtr ExtRSAPubKeyOperation; - SKF_ExtRSAPriKeyOperation_FuncPtr ExtRSAPriKeyOperation; - SKF_GenECCKeyPair_FuncPtr GenECCKeyPair; - SKF_ImportECCKeyPair_FuncPtr ImportECCKeyPair; - SKF_ECCSignData_FuncPtr ECCSignData; - SKF_ECCVerify_FuncPtr ECCVerify; - SKF_ECCExportSessionKey_FuncPtr ECCExportSessionKey; - SKF_ExtECCEncrypt_FuncPtr ExtECCEncrypt; - SKF_ExtECCDecrypt_FuncPtr ExtECCDecrypt; - SKF_ExtECCSign_FuncPtr ExtECCSign; - SKF_ExtECCVerify_FuncPtr ExtECCVerify; - SKF_GenerateAgreementDataWithECC_FuncPtr GenerateAgreementDataWithECC; - SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr GenerateAgreementDataAndKeyWithECC; - SKF_GenerateKeyWithECC_FuncPtr GenerateKeyWithECC; - SKF_ImportSessionKey_FuncPtr ImportSessionKey; - SKF_SetSymmKey_FuncPtr SetSymmKey; - SKF_EncryptInit_FuncPtr EncryptInit; - SKF_Encrypt_FuncPtr Encrypt; - SKF_EncryptUpdate_FuncPtr EncryptUpdate; - SKF_EncryptFinal_FuncPtr EncryptFinal; - SKF_DecryptInit_FuncPtr DecryptInit; - SKF_Decrypt_FuncPtr Decrypt; - SKF_DecryptUpdate_FuncPtr DecryptUpdate; - SKF_DecryptFinal_FuncPtr DecryptFinal; - SKF_DigestInit_FuncPtr DigestInit; - SKF_Digest_FuncPtr Digest; - SKF_DigestUpdate_FuncPtr DigestUpdate; - SKF_DigestFinal_FuncPtr DigestFinal; - SKF_MacInit_FuncPtr MacInit; - SKF_Mac_FuncPtr Mac; - SKF_MacUpdate_FuncPtr MacUpdate; - SKF_MacFinal_FuncPtr MacFinal; - SKF_CloseHandle_FuncPtr CloseHandle; -} SKF_METHOD; - -SKF_METHOD *SKF_METHOD_load_library(const char *so_path); - -#ifdef __cplusplus -} -#endif -#endif +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#ifndef HEADER_SKF_INT_H +#define HEADER_SKF_INT_H + + +#include +#include "internal/dso.h" + + +typedef ULONG (*SKF_WaitForDevEvent_FuncPtr)( + LPSTR szDevName, + ULONG *pulDevNameLen, + ULONG *pulEvent); + +typedef ULONG (*SKF_CancelWaitForDevEvent_FuncPtr)( + void); + +typedef ULONG (*SKF_EnumDev_FuncPtr)( + BOOL bPresent, + LPSTR szNameList, + ULONG *pulSize); + +typedef ULONG (*SKF_ConnectDev_FuncPtr)( + LPSTR szName, + DEVHANDLE *phDev); + +typedef ULONG (*SKF_DisConnectDev_FuncPtr)( + DEVHANDLE hDev); + +typedef ULONG (*SKF_GetDevState_FuncPtr)( + LPSTR szDevName, + ULONG *pulDevState); + +typedef ULONG (*SKF_SetLabel_FuncPtr)( + DEVHANDLE hDev, + LPSTR szLabel); + +typedef ULONG (*SKF_GetDevInfo_FuncPtr)( + DEVHANDLE hDev, + DEVINFO *pDevInfo); + +typedef ULONG (*SKF_LockDev_FuncPtr)( + DEVHANDLE hDev, + ULONG ulTimeOut); + +typedef ULONG (*SKF_UnlockDev_FuncPtr)( + DEVHANDLE hDev); + +typedef ULONG (*SKF_Transmit_FuncPtr)( + DEVHANDLE hDev, + BYTE *pbCommand, + ULONG ulCommandLen, + BYTE *pbData, + ULONG *pulDataLen); + +typedef ULONG (*SKF_ChangeDevAuthKey_FuncPtr)( + DEVHANDLE hDev, + BYTE *pbKeyValue, + ULONG ulKeyLen); + +typedef ULONG (*SKF_DevAuth_FuncPtr)( + DEVHANDLE hDev, + BYTE *pbAuthData, + ULONG ulLen); + +typedef ULONG (*SKF_ChangePIN_FuncPtr)( + HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szOldPin, + LPSTR szNewPin, + ULONG *pulRetryCount); + +typedef LONG (*SKF_GetPINInfo_FuncPtr)( + HAPPLICATION hApplication, + ULONG ulPINType, + ULONG *pulMaxRetryCount, + ULONG *pulRemainRetryCount, + BOOL *pbDefaultPin); + +typedef ULONG (*SKF_VerifyPIN_FuncPtr)( + HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szPIN, + ULONG *pulRetryCount); + +typedef ULONG (*SKF_UnblockPIN_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szAdminPIN, + LPSTR szNewUserPIN, + ULONG *pulRetryCount); + +typedef ULONG (*SKF_ClearSecureState_FuncPtr)( + HAPPLICATION hApplication); + +typedef ULONG (*SKF_CreateApplication_FuncPtr)( + DEVHANDLE hDev, + LPSTR szAppName, + LPSTR szAdminPin, + DWORD dwAdminPinRetryCount, + LPSTR szUserPin, + DWORD dwUserPinRetryCount, + DWORD dwCreateFileRights, + HAPPLICATION *phApplication); + +typedef ULONG (*SKF_EnumApplication_FuncPtr)( + DEVHANDLE hDev, + LPSTR szAppName, + ULONG *pulSize); + +typedef ULONG (*SKF_DeleteApplication_FuncPtr)( + DEVHANDLE hDev, + LPSTR szAppName); + +typedef ULONG (*SKF_OpenApplication_FuncPtr)( + DEVHANDLE hDev, + LPSTR szAppName, + HAPPLICATION *phApplication); + +typedef ULONG (*SKF_CloseApplication_FuncPtr)( + HAPPLICATION hApplication); + +typedef ULONG (*SKF_CreateObject_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulFileSize, + ULONG ulReadRights, + ULONG ulWriteRights); + +typedef ULONG (*SKF_DeleteObject_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileName); + +typedef ULONG (*SKF_EnumObjects_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileList, + ULONG *pulSize); + +typedef ULONG (*SKF_GetObjectInfo_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileName, + FILEATTRIBUTE *pFileInfo); + +typedef ULONG (*SKF_ReadObject_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + ULONG ulSize, + BYTE *pbOutData, + ULONG *pulOutLen); + +typedef ULONG (*SKF_WriteObject_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + BYTE *pbData, + ULONG ulSize); + +typedef ULONG (*SKF_CreateContainer_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer); + +typedef ULONG (*SKF_DeleteContainer_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szContainerName); + +typedef ULONG (*SKF_EnumContainer_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szContainerName, + ULONG *pulSize); + +typedef ULONG (*SKF_OpenContainer_FuncPtr)( + HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer); + +typedef ULONG (*SKF_CloseContainer_FuncPtr)( + HCONTAINER hContainer); + +typedef ULONG (*SKF_GetContainerType_FuncPtr)( + HCONTAINER hContainer, + ULONG *pulContainerType); + +typedef ULONG (*SKF_ImportCertificate_FuncPtr)( + HCONTAINER hContainer, + BOOL bExportSignKey, + BYTE *pbCert, + ULONG ulCertLen); + +typedef ULONG (*SKF_ExportCertificate_FuncPtr)( + HCONTAINER hContainer, + BOOL bSignFlag, + BYTE *pbCert, + ULONG *pulCertLen); + +typedef ULONG (*SKF_ExportPublicKey_FuncPtr)( + HCONTAINER hContainer, + BOOL bSignFlag, + BYTE *pbBlob, + ULONG *pulBlobLen); + +typedef ULONG (*SKF_GenRandom_FuncPtr)( + DEVHANDLE hDev, + BYTE *pbRandom, + ULONG ulRandomLen); + +typedef ULONG (*SKF_GenExtRSAKey_FuncPtr)( + DEVHANDLE hDev, + ULONG ulBitsLen, + RSAPRIVATEKEYBLOB *pBlob); + +typedef ULONG (*SKF_GenRSAKeyPair_FuncPtr)( + HCONTAINER hContainer, + ULONG ulBitsLen, + RSAPUBLICKEYBLOB *pBlob); + +typedef ULONG (*SKF_ImportRSAKeyPair_FuncPtr)( + HCONTAINER hContainer, + ULONG ulSymAlgId, + BYTE *pbWrappedKey, + ULONG ulWrappedKeyLen, + BYTE *pbEncryptedData, + ULONG ulEncryptedDataLen); + +typedef ULONG (*SKF_RSASignData_FuncPtr)( + HCONTAINER hContainer, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG *pulSignLen); + +typedef ULONG (*SKF_RSAVerify_FuncPtr)( + DEVHANDLE hDev, + RSAPUBLICKEYBLOB *pRSAPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG ulSignLen); + +typedef ULONG (*SKF_RSAExportSessionKey_FuncPtr)( + HCONTAINER hContainer, + ULONG ulAlgId, + RSAPUBLICKEYBLOB *pPubKey, + BYTE *pbData, + ULONG *pulDataLen, + HANDLE *phSessionKey); + +typedef ULONG (*SKF_ExtRSAPubKeyOperation_FuncPtr)( + DEVHANDLE hDev, + RSAPUBLICKEYBLOB *pRSAPubKeyBlob, + BYTE *pbInput, + ULONG ulInputLen, + BYTE *pbOutput, + ULONG *pulOutputLen); + +typedef ULONG (*SKF_ExtRSAPriKeyOperation_FuncPtr)( + DEVHANDLE hDev, + RSAPRIVATEKEYBLOB *pRSAPriKeyBlob, + BYTE *pbInput, + ULONG ulInputLen, + BYTE *pbOutput, + ULONG *pulOutputLen); + +typedef ULONG (*SKF_GenECCKeyPair_FuncPtr)( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pBlob); + +typedef ULONG (*SKF_ImportECCKeyPair_FuncPtr)( + HCONTAINER hContainer, + ENVELOPEDKEYBLOB *pEnvelopedKeyBlob); + +typedef ULONG (*SKF_ECCSignData_FuncPtr)( + HCONTAINER hContainer, + BYTE *pbDigest, + ULONG ulDigestLen, + ECCSIGNATUREBLOB *pSignature); + +typedef ULONG (*SKF_ECCVerify_FuncPtr)( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature); + +typedef ULONG (*SKF_ECCExportSessionKey_FuncPtr)( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pPubKey, + ECCCIPHERBLOB *pData, + HANDLE *phSessionKey); + +typedef ULONG (*SKF_ExtECCEncrypt_FuncPtr)( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbPlainText, + ULONG ulPlainTextLen, + ECCCIPHERBLOB *pCipherText); + +typedef ULONG (*SKF_ECCDecrypt_FuncPtr)( + HCONTAINER hContainer, + ECCCIPHERBLOB *pCipherText, + BYTE *pbPlainText, + ULONG *pulPlainTextLen); + +typedef ULONG (*SKF_ExtECCDecrypt_FuncPtr)( + DEVHANDLE hDev, + ECCPRIVATEKEYBLOB *pECCPriKeyBlob, + ECCCIPHERBLOB *pCipherText, + BYTE *pbPlainText, + ULONG *pulPlainTextLen); + +typedef ULONG (*SKF_ExtECCSign_FuncPtr)( + DEVHANDLE hDev, + ECCPRIVATEKEYBLOB *pECCPriKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature); + +typedef ULONG (*SKF_ExtECCVerify_FuncPtr)( + DEVHANDLE hDev, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + ECCSIGNATUREBLOB *pSignature); + +typedef ULONG (*SKF_GenerateAgreementDataWithECC_FuncPtr)( + HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phAgreementHandle); + +typedef ULONG (*SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr)( + HANDLE hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob, + ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + BYTE *pbSponsorID, + ULONG ulSponsorIDLen, + HANDLE *phKeyHandle); + +typedef ULONG (*SKF_GenerateKeyWithECC_FuncPtr)( + HANDLE hAgreementHandle, + ECCPUBLICKEYBLOB *pECCPubKeyBlob, + ECCPUBLICKEYBLOB *pTempECCPubKeyBlob, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phKeyHandle); + +typedef ULONG (*SKF_ImportSessionKey_FuncPtr)( + HCONTAINER hContainer, + ULONG ulAlgId, + BYTE *pbWrapedData, + ULONG ulWrapedLen, + HANDLE *phKey); + +typedef ULONG (*SKF_SetSymmKey_FuncPtr)( + DEVHANDLE hDev, + BYTE *pbKey, + ULONG ulAlgID, + HANDLE *phKey); + +typedef ULONG (*SKF_EncryptInit_FuncPtr)( + HANDLE hKey, + BLOCKCIPHERPARAM EncryptParam); + +typedef ULONG (*SKF_Encrypt_FuncPtr)( + HANDLE hKey, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen); + +typedef ULONG (*SKF_EncryptUpdate_FuncPtr)( + HANDLE hKey, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen); + +typedef ULONG (*SKF_EncryptFinal_FuncPtr)( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG *pulEncryptedDataLen); + +typedef ULONG (*SKF_DecryptInit_FuncPtr)( + HANDLE hKey, + BLOCKCIPHERPARAM DecryptParam); + +typedef ULONG (*SKF_Decrypt_FuncPtr)( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG ulEncryptedLen, + BYTE *pbData, + ULONG *pulDataLen); + +typedef ULONG (*SKF_DecryptUpdate_FuncPtr)( + HANDLE hKey, + BYTE *pbEncryptedData, + ULONG ulEncryptedLen, + BYTE *pbData, + ULONG *pulDataLen); + +typedef ULONG (*SKF_DecryptFinal_FuncPtr)( + HANDLE hKey, + BYTE *pbDecryptedData, + ULONG *pulDecryptedDataLen); + +typedef ULONG (*SKF_DigestInit_FuncPtr)( + DEVHANDLE hDev, + ULONG ulAlgID, + ECCPUBLICKEYBLOB *pPubKey, + BYTE *pbID, + ULONG ulIDLen, + HANDLE *phHash); + +typedef ULONG (*SKF_Digest_FuncPtr)( + HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbHashData, + ULONG *pulHashLen); + +typedef ULONG (*SKF_DigestUpdate_FuncPtr)( + HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen); + +typedef ULONG (*SKF_DigestFinal_FuncPtr)( + HANDLE hHash, + BYTE *pHashData, + ULONG *pulHashLen); + +typedef ULONG (*SKF_MacInit_FuncPtr)( + HANDLE hKey, + BLOCKCIPHERPARAM *pMacParam, + HANDLE *phMac); + +typedef ULONG (*SKF_Mac_FuncPtr)( + HANDLE hMac, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbMacData, + ULONG *pulMacLen); + +typedef ULONG (*SKF_MacUpdate_FuncPtr)( + HANDLE hMac, + BYTE *pbData, + ULONG ulDataLen); + +typedef ULONG (*SKF_MacFinal_FuncPtr)( + HANDLE hMac, + BYTE *pbMacData, + ULONG *pulMacDataLen); + +typedef ULONG (*SKF_CloseHandle_FuncPtr)( + HANDLE hHandle); + + +typedef struct skf_method_st { + char *name; + DSO *dso; + SKF_WaitForDevEvent_FuncPtr WaitForDevEvent; + SKF_CancelWaitForDevEvent_FuncPtr CancelWaitForDevEvent; + SKF_EnumDev_FuncPtr EnumDev; + SKF_ConnectDev_FuncPtr ConnectDev; + SKF_DisConnectDev_FuncPtr DisConnectDev; + SKF_GetDevState_FuncPtr GetDevState; + SKF_SetLabel_FuncPtr SetLabel; + SKF_GetDevInfo_FuncPtr GetDevInfo; + SKF_LockDev_FuncPtr LockDev; + SKF_UnlockDev_FuncPtr UnlockDev; + SKF_Transmit_FuncPtr Transmit; + SKF_ChangeDevAuthKey_FuncPtr ChangeDevAuthKey; + SKF_DevAuth_FuncPtr DevAuth; + SKF_ChangePIN_FuncPtr ChangePIN; + SKF_GetPINInfo_FuncPtr GetPINInfo; + SKF_VerifyPIN_FuncPtr VerifyPIN; + SKF_UnblockPIN_FuncPtr UnblockPIN; + SKF_ClearSecureState_FuncPtr ClearSecureState; + SKF_CreateApplication_FuncPtr CreateApplication; + SKF_EnumApplication_FuncPtr EnumApplication; + SKF_DeleteApplication_FuncPtr DeleteApplication; + SKF_OpenApplication_FuncPtr OpenApplication; + SKF_CloseApplication_FuncPtr CloseApplication; + SKF_CreateObject_FuncPtr CreateObject; + SKF_DeleteObject_FuncPtr DeleteObject; + SKF_EnumObjects_FuncPtr EnumObjects; + SKF_GetObjectInfo_FuncPtr GetObjectInfo; + SKF_ReadObject_FuncPtr ReadObject; + SKF_WriteObject_FuncPtr WriteObject; + SKF_CreateContainer_FuncPtr CreateContainer; + SKF_DeleteContainer_FuncPtr DeleteContainer; + SKF_EnumContainer_FuncPtr EnumContainer; + SKF_OpenContainer_FuncPtr OpenContainer; + SKF_CloseContainer_FuncPtr CloseContainer; + SKF_GetContainerType_FuncPtr GetContainerType; + SKF_ImportCertificate_FuncPtr ImportCertificate; + SKF_ExportCertificate_FuncPtr ExportCertificate; + SKF_ExportPublicKey_FuncPtr ExportPublicKey; + SKF_GenRandom_FuncPtr GenRandom; + SKF_GenExtRSAKey_FuncPtr GenExtRSAKey; + SKF_GenRSAKeyPair_FuncPtr GenRSAKeyPair; + SKF_ImportRSAKeyPair_FuncPtr ImportRSAKeyPair; + SKF_RSASignData_FuncPtr RSASignData; + SKF_RSAVerify_FuncPtr RSAVerify; + SKF_RSAExportSessionKey_FuncPtr RSAExportSessionKey; + SKF_ExtRSAPubKeyOperation_FuncPtr ExtRSAPubKeyOperation; + SKF_ExtRSAPriKeyOperation_FuncPtr ExtRSAPriKeyOperation; + SKF_GenECCKeyPair_FuncPtr GenECCKeyPair; + SKF_ImportECCKeyPair_FuncPtr ImportECCKeyPair; + SKF_ECCSignData_FuncPtr ECCSignData; + SKF_ECCVerify_FuncPtr ECCVerify; + SKF_ECCExportSessionKey_FuncPtr ECCExportSessionKey; + SKF_ExtECCEncrypt_FuncPtr ExtECCEncrypt; + SKF_ExtECCDecrypt_FuncPtr ExtECCDecrypt; + SKF_ECCDecrypt_FuncPtr ECCDecrypt; + SKF_ExtECCSign_FuncPtr ExtECCSign; + SKF_ExtECCVerify_FuncPtr ExtECCVerify; + SKF_GenerateAgreementDataWithECC_FuncPtr GenerateAgreementDataWithECC; + SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr GenerateAgreementDataAndKeyWithECC; + SKF_GenerateKeyWithECC_FuncPtr GenerateKeyWithECC; + SKF_ImportSessionKey_FuncPtr ImportSessionKey; + SKF_SetSymmKey_FuncPtr SetSymmKey; + SKF_EncryptInit_FuncPtr EncryptInit; + SKF_Encrypt_FuncPtr Encrypt; + SKF_EncryptUpdate_FuncPtr EncryptUpdate; + SKF_EncryptFinal_FuncPtr EncryptFinal; + SKF_DecryptInit_FuncPtr DecryptInit; + SKF_Decrypt_FuncPtr Decrypt; + SKF_DecryptUpdate_FuncPtr DecryptUpdate; + SKF_DecryptFinal_FuncPtr DecryptFinal; + SKF_DigestInit_FuncPtr DigestInit; + SKF_Digest_FuncPtr Digest; + SKF_DigestUpdate_FuncPtr DigestUpdate; + SKF_DigestFinal_FuncPtr DigestFinal; + SKF_MacInit_FuncPtr MacInit; + SKF_Mac_FuncPtr Mac; + SKF_MacUpdate_FuncPtr MacUpdate; + SKF_MacFinal_FuncPtr MacFinal; + SKF_CloseHandle_FuncPtr CloseHandle; +} SKF_METHOD; + +SKF_METHOD *SKF_METHOD_load_library(const char *so_path); +void SKF_METHOD_free(SKF_METHOD *meth); + + +typedef struct skf_vendor_st { + char *name; + unsigned int authrand_length; + ULONG (*get_cipher_algor)(ULONG vendor_id); + ULONG (*get_cipher_cap)(ULONG vendor_cap); + ULONG (*get_digest_algor)(ULONG vendor_id); + ULONG (*get_digest_cap)(ULONG vendor_cap); + ULONG (*get_pkey_algor)(ULONG vendor_id); + ULONG (*get_pkey_cap)(ULONG vendor_cap); + unsigned long (*get_error_reason)(ULONG err); +} SKF_VENDOR; + +typedef struct { + ULONG err; + unsigned long reason; +} SKF_ERR_REASON; + +#endif diff --git a/include/openssl/aes.h b/include/openssl/aes.h index 245c552a..a2dff58f 100644 --- a/include/openssl/aes.h +++ b/include/openssl/aes.h @@ -40,7 +40,7 @@ typedef struct aes_key_st AES_KEY; const char *AES_options(void); -int AES_set_encrypt_key(const unsigned char *userKey, const int bits, +int AES_set_encrypt_key(const unsigned char *userKey, const unsigned int bits, AES_KEY *key); int AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key); diff --git a/include/openssl/base58.h b/include/openssl/base58.h index f1919eb2..2496dcf7 100644 --- a/include/openssl/base58.h +++ b/include/openssl/base58.h @@ -49,9 +49,10 @@ #ifndef HEADER_BASE58_H #define HEADER_BASE58_H -#include -#include -#include +#include +#ifndef OPENSSL_NO_BASE58 + +#include #ifdef __cplusplus extern "C" { @@ -77,7 +78,8 @@ int ERR_load_BASE58_strings(void); /* Reason codes. */ # define BASE58_R_HIGHBIT_SET_ON_INVALID_DIGIT 100 -# ifdef __cplusplus +# ifdef __cplusplus } +# endif # endif #endif diff --git a/include/openssl/bb1ibe.h b/include/openssl/bb1ibe.h index e2a6321e..496d35b4 100644 --- a/include/openssl/bb1ibe.h +++ b/include/openssl/bb1ibe.h @@ -56,6 +56,9 @@ #ifndef HEADER_BB1IBE_H #define HEADER_BB1IBE_H +#include +#ifndef OPENSSL_NO_BB1IBE + #include #include #include @@ -142,3 +145,4 @@ int ERR_load_BB1IBE_strings(void); } # endif #endif +#endif diff --git a/include/openssl/bfibe.h b/include/openssl/bfibe.h index 5675b785..54be396b 100644 --- a/include/openssl/bfibe.h +++ b/include/openssl/bfibe.h @@ -56,6 +56,9 @@ #ifndef HEADER_BFIBE_H #define HEADER_BFIBE_H +#include +#ifndef OPENSSL_NO_BFIBE + #include #include #include @@ -140,3 +143,4 @@ int ERR_load_BFIBE_strings(void); } # endif #endif +#endif diff --git a/include/openssl/bio.h b/include/openssl/bio.h index 9bc941b2..fd93dc47 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -450,11 +450,22 @@ int BIO_read_filename(BIO *b, const char *name); /* defined in evp.h */ /* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ -# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) -# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) -# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) -# define BIO_set_mem_eof_return(b,v) \ +# ifndef OPENSSL_NO_MACRO +# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) +# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) +# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) +# define BIO_set_mem_eof_return(b,v) \ BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL) +# else + +long BIO_get_mem_data(BIO *b, char **pp); +long BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c); +long BIO_get_mem_ptr(BIO *b, BUF_MEM **pp); +long BIO_set_mem_eof_return(BIO *b, int v) + +BIO *BIO_new_mem_buf(const void *buf, int len); + +# endif /* For the BIO_f_buffer() type */ # define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) diff --git a/include/openssl/bn.h b/include/openssl/bn.h index 6b8bfeb0..f912422e 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -566,12 +566,14 @@ int ERR_load_BN_strings(void); /* Reason codes. */ # define BN_R_ARG2_LT_ARG3 100 +# define BN_R_BAD_ENCODING 123 # define BN_R_BAD_RECIPROCAL 101 # define BN_R_BIGNUM_TOO_LONG 114 # define BN_R_BITS_TOO_SMALL 118 # define BN_R_BUFFER_TOO_SMALL 120 # define BN_R_CALLED_WITH_EVEN_MODULUS 102 # define BN_R_DIV_BY_ZERO 103 +# define BN_R_ENCODE_ERROR 124 # define BN_R_ENCODING_ERROR 104 # define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 # define BN_R_INPUT_NOT_REDUCED 110 @@ -580,6 +582,7 @@ int ERR_load_BN_strings(void); # define BN_R_INVALID_SHIFT 119 # define BN_R_INVALID_SOLINAS 121 # define BN_R_INVALID_SOLINAS_PARAMETERS 122 +# define BN_R_NEGATIVE_NUMBER 125 # define BN_R_NOT_A_SQUARE 111 # define BN_R_NOT_INITIALIZED 107 # define BN_R_NO_INVERSE 108 diff --git a/include/openssl/cms.h b/include/openssl/cms.h index 7e534e0d..87ec35d3 100644 --- a/include/openssl/cms.h +++ b/include/openssl/cms.h @@ -461,6 +461,7 @@ int ERR_load_CMS_strings(void); # define CMS_R_NOT_KEY_TRANSPORT 124 # define CMS_R_NOT_PWRI 177 # define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125 +# define CMS_R_NO_AVAILABLE_CIPHER 161 # define CMS_R_NO_CIPHER 126 # define CMS_R_NO_CONTENT 127 # define CMS_R_NO_CONTENT_TYPE 173 diff --git a/include/openssl/cpk.h b/include/openssl/cpk.h index b8a1b514..2c03bc24 100755 --- a/include/openssl/cpk.h +++ b/include/openssl/cpk.h @@ -54,6 +54,9 @@ #ifndef HEADER_CPK_H #define HEADER_CPK_H +#include +#ifndef OPENSSL_NO_CPK + #include #include #include @@ -126,8 +129,7 @@ int ERR_load_CPK_strings(void); # define CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY 105 # define CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY 106 # define CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY 107 -# define CPK_F_X509_ALGOR_GET1_DSA 108 -# define CPK_F_X509_ALGOR_GET1_EC_KEY 109 +# define CPK_F_X509_ALGOR_GET1_EC_KEY 108 /* Reason codes. */ # define CPK_R_BAD_ARGUMENT 100 @@ -136,7 +138,8 @@ int ERR_load_CPK_strings(void); # define CPK_R_INVALID_MAP_ALGOR 103 # define CPK_R_INVALID_PKEY_TYPE 104 -# ifdef __cplusplus +# ifdef __cplusplus } +# endif # endif #endif diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index bd0b1408..6351eae0 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -166,6 +166,7 @@ const char *OpenSSL_version(int type); # define OPENSSL_PLATFORM 3 # define OPENSSL_DIR 4 # define OPENSSL_ENGINES_DIR 5 +char *GmSSL_version(void); int OPENSSL_issetugid(void); @@ -367,6 +368,8 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, # define OPENSSL_INIT_ENGINE_CAPI 0x00002000L # define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L # define OPENSSL_INIT_ENGINE_AFALG 0x00008000L +# define OPENSSL_INIT_ENGINE_SKF 0x00020000L +# define OPENSSL_INIT_ENGINE_SDF 0x00040000L /* OPENSSL_INIT flag 0x00010000 reserved for internal use */ /* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() */ /* Max OPENSSL_INIT flag value is 0x80000000 */ @@ -374,6 +377,7 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, /* openssl and dasync not counted as builtin */ # define OPENSSL_INIT_ENGINE_ALL_BUILTIN \ (OPENSSL_INIT_ENGINE_RDRAND | OPENSSL_INIT_ENGINE_DYNAMIC \ + | OPENSSL_INIT_ENGINE_SKF | OPENSSL_INIT_ENGINE_SDF \ | OPENSSL_INIT_ENGINE_CRYPTODEV | OPENSSL_INIT_ENGINE_CAPI | \ OPENSSL_INIT_ENGINE_PADLOCK) diff --git a/include/openssl/digest.h b/include/openssl/digest.h new file mode 100644 index 00000000..46bc99b7 --- /dev/null +++ b/include/openssl/digest.h @@ -0,0 +1,92 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#ifndef OPENSSL_HEADER_DIGEST_H +#define OPENSSL_HEADER_DIGEST_H + +#include + +#if defined(__cplusplus) +extern "C" { +#endif + + +#if defined(__cplusplus) +} /* extern C */ + +#if !defined(BORINGSSL_NO_CXX) +extern "C++" { + +namespace bssl { + +BORINGSSL_MAKE_DELETER(EVP_MD_CTX, EVP_MD_CTX_destroy) + +using ScopedEVP_MD_CTX = + internal::StackAllocated; + +} // namespace bssl + +} // extern C++ +#endif + +#endif + +#define DIGEST_R_INPUT_NOT_INITIALIZED 100 +#define DIGEST_R_DECODE_ERROR 101 +#define DIGEST_R_UNKNOWN_HASH 102 + +#endif /* OPENSSL_HEADER_DIGEST_H */ diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 2efe818f..b60c1a26 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1282,66 +1282,81 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth, # endif # endif -# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ +// 把两者顺序调换一下 +# ifdef OPENSSL_NO_MACRO +int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); +int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc); +int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int co_mode); +int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx); +int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf); +int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx); +int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); +int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd); +int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len); +int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen); +int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *der, int len); +int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pder); +# else +# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL) -# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ +# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL) -# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \ +# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL) -# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \ +# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL) -# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \ +# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL) -# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \ +# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL) -# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \ +# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md) -# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \ +# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd) -# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \ +# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL) -# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \ +# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen) -# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \ +# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p) -# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \ +# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p) - +# endif /* OPENSSL_NO_MACRO */ # define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) # define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2) @@ -1369,313 +1384,282 @@ int ERR_load_EC_strings(void); /* Error codes for the EC functions. */ /* Function codes. */ -# define EC_F_BN_TO_FELEM 224 -# define EC_F_D2I_ECIESPARAMETERS 270 -# define EC_F_D2I_ECPARAMETERS 144 -# define EC_F_D2I_ECPKPARAMETERS 145 -# define EC_F_D2I_ECPRIVATEKEY 146 -# define EC_F_D2I_SM2_CIPHERTEXT_VALUE 280 -# define EC_F_DO_EC_KEY_PRINT 221 -# define EC_F_ECDH_CMS_DECRYPT 238 -# define EC_F_ECDH_CMS_SET_SHARED_INFO 239 -# define EC_F_ECDH_COMPUTE_KEY 246 -# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 257 -# define EC_F_ECDSA_DO_SIGN_EX 251 -# define EC_F_ECDSA_DO_VERIFY 252 -# define EC_F_ECDSA_SIGN_EX 254 -# define EC_F_ECDSA_SIGN_SETUP 248 -# define EC_F_ECDSA_SIG_NEW 265 -# define EC_F_ECDSA_VERIFY 253 -# define EC_F_ECIES_DECRYPT 271 -# define EC_F_ECIES_DO_DECRYPT 272 -# define EC_F_ECIES_DO_ENCRYPT 273 -# define EC_F_ECIES_ENCRYPT 274 -# define EC_F_ECIES_PARAMS_GET_ENC 275 -# define EC_F_ECIES_PARAMS_GET_KDF 276 -# define EC_F_ECIES_PARAMS_GET_MAC 277 -# define EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED 278 -# define EC_F_ECIES_PARAMS_INIT_WITH_TYPE 320 -# define EC_F_ECKEY_PARAM2TYPE 223 -# define EC_F_ECKEY_PARAM_DECODE 212 -# define EC_F_ECKEY_PRIV_DECODE 213 -# define EC_F_ECKEY_PRIV_ENCODE 214 -# define EC_F_ECKEY_PUB_DECODE 215 -# define EC_F_ECKEY_PUB_ENCODE 216 -# define EC_F_ECKEY_TYPE2PARAM 220 -# define EC_F_ECPARAMETERS_PRINT 147 -# define EC_F_ECPARAMETERS_PRINT_FP 148 -# define EC_F_ECPKPARAMETERS_PRINT 149 -# define EC_F_ECPKPARAMETERS_PRINT_FP 150 -# define EC_F_ECP_NISTZ256_GET_AFFINE 240 -# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 -# define EC_F_ECP_NISTZ256_POINTS_MUL 241 -# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 -# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 -# define EC_F_ECX_KEY_OP 266 -# define EC_F_ECX_PRIV_ENCODE 267 -# define EC_F_ECX_PUB_ENCODE 268 -# define EC_F_EC_ASN1_GROUP2CURVE 153 -# define EC_F_EC_ASN1_GROUP2FIELDID 154 -# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 -# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 -# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 -# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 -# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 -# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 -# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 -# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 -# define EC_F_EC_GFP_MONT_FIELD_DECODE 133 -# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 -# define EC_F_EC_GFP_MONT_FIELD_MUL 131 -# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 -# define EC_F_EC_GFP_MONT_FIELD_SQR 132 -# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 -# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225 -# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228 -# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226 -# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230 -# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231 -# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232 -# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233 -# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234 -# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235 -# define EC_F_EC_GFP_NIST_FIELD_MUL 200 -# define EC_F_EC_GFP_NIST_FIELD_SQR 201 -# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 -# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 -# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 -# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 -# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 -# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 -# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 -# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 -# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 -# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 -# define EC_F_EC_GROUP_CHECK 170 -# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 -# define EC_F_EC_GROUP_COPY 106 -# define EC_F_EC_GROUP_GENERATE_TYPE1CURVE 307 -# define EC_F_EC_GROUP_GET_CURVE_GF2M 172 -# define EC_F_EC_GROUP_GET_CURVE_GFP 130 -# define EC_F_EC_GROUP_GET_DEGREE 173 -# define EC_F_EC_GROUP_GET_ECPARAMETERS 261 -# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 262 -# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 -# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 -# define EC_F_EC_GROUP_GET_TYPE1CURVE_ETA 308 -# define EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA 309 -# define EC_F_EC_GROUP_IS_TYPE1CURVE 310 -# define EC_F_EC_GROUP_NEW 108 -# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 -# define EC_F_EC_GROUP_NEW_FROM_DATA 175 -# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 263 -# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 264 -# define EC_F_EC_GROUP_NEW_TYPE1CURVE 311 -# define EC_F_EC_GROUP_SET_CURVE_GF2M 176 -# define EC_F_EC_GROUP_SET_CURVE_GFP 109 -# define EC_F_EC_GROUP_SET_GENERATOR 111 -# define EC_F_EC_KEY_CHECK_KEY 177 -# define EC_F_EC_KEY_COPY 178 -# define EC_F_EC_KEY_GENERATE_KEY 179 -# define EC_F_EC_KEY_NEW 182 -# define EC_F_EC_KEY_NEW_METHOD 245 -# define EC_F_EC_KEY_OCT2PRIV 255 -# define EC_F_EC_KEY_PRINT 180 -# define EC_F_EC_KEY_PRINT_FP 181 -# define EC_F_EC_KEY_PRIV2OCT 256 -# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229 -# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 258 -# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 259 -# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 260 -# define EC_F_EC_POINTS_MAKE_AFFINE 136 -# define EC_F_EC_POINT_ADD 112 -# define EC_F_EC_POINT_CMP 113 -# define EC_F_EC_POINT_CMP_FPPOINT 312 -# define EC_F_EC_POINT_COPY 114 -# define EC_F_EC_POINT_DBL 115 -# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 -# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 -# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 -# define EC_F_EC_POINT_HASH2POINT 313 -# define EC_F_EC_POINT_INVERT 210 -# define EC_F_EC_POINT_IS_AT_INFINITY 118 -# define EC_F_EC_POINT_IS_ON_CURVE 119 -# define EC_F_EC_POINT_MAKE_AFFINE 120 -# define EC_F_EC_POINT_NEW 121 -# define EC_F_EC_POINT_OCT2POINT 122 -# define EC_F_EC_POINT_POINT2OCT 123 -# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 -# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 -# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 -# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 -# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 -# define EC_F_EC_POINT_SET_TO_INFINITY 127 -# define EC_F_EC_PRE_COMP_NEW 196 -# define EC_F_EC_TYPE1CURVE_TATE 314 -# define EC_F_EC_WNAF_MUL 187 -# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 -# define EC_F_I2D_ECIESPARAMETERS 279 -# define EC_F_I2D_ECPARAMETERS 190 -# define EC_F_I2D_ECPKPARAMETERS 191 -# define EC_F_I2D_ECPRIVATEKEY 192 -# define EC_F_I2D_SM2_CIPHERTEXT_VALUE 281 -# define EC_F_I2O_ECPUBLICKEY 151 -# define EC_F_NISTP224_PRE_COMP_NEW 227 -# define EC_F_NISTP256_PRE_COMP_NEW 236 -# define EC_F_NISTP521_PRE_COMP_NEW 237 -# define EC_F_O2I_ECPUBLICKEY 152 -# define EC_F_OLD_EC_PRIV_DECODE 222 -# define EC_F_OSSL_ECDH_COMPUTE_KEY 247 -# define EC_F_OSSL_ECDSA_SIGN_SIG 249 -# define EC_F_OSSL_ECDSA_VERIFY_SIG 250 -# define EC_F_PKEY_ECX_DERIVE 269 -# define EC_F_PKEY_EC_CTRL 197 -# define EC_F_PKEY_EC_CTRL_STR 198 -# define EC_F_PKEY_EC_DECRYPT 318 -# define EC_F_PKEY_EC_DERIVE 217 -# define EC_F_PKEY_EC_ENCRYPT 319 -# define EC_F_PKEY_EC_KEYGEN 199 -# define EC_F_PKEY_EC_PARAMGEN 219 -# define EC_F_PKEY_EC_SIGN 218 -# define EC_F_SM2_CIPHERTEXT_VALUE_DECODE 282 -# define EC_F_SM2_CIPHERTEXT_VALUE_ENCODE 283 -# define EC_F_SM2_CIPHERTEXT_VALUE_GET_ECIES_CIPHERTEXT_VALUE 284 -# define EC_F_SM2_CIPHERTEXT_VALUE_NEW 285 -# define EC_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECIES_CIPHERTEXT_VALUE 286 -# define EC_F_SM2_CIPHERTEXT_VALUE_SET_ECIES_CIPHERTEXT_VALUE 287 -# define EC_F_SM2_CIPHERTEXT_VALUE_SIZE 288 -# define EC_F_SM2_COMPUTE_ID_DIGEST 289 -# define EC_F_SM2_COMPUTE_MESSAGE_DIGEST 290 -# define EC_F_SM2_DECRYPT 291 -# define EC_F_SM2_DO_DECRYPT 292 -# define EC_F_SM2_DO_ENCRYPT 293 -# define EC_F_SM2_DO_SIGN 294 -# define EC_F_SM2_DO_VERIFY 295 -# define EC_F_SM2_ENCRYPT 296 -# define EC_F_SM2_ENC_PARAMS_DUP 297 -# define EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED 298 -# define EC_F_SM2_ENC_PARAMS_NEW 299 -# define EC_F_SM2_ENC_PARAMS_SET_TYPE 300 -# define EC_F_SM2_GET_PUBLIC_KEY_DATA 301 -# define EC_F_SM2_KAP_COMPUTE_KEY 302 -# define EC_F_SM2_KAP_CTX_INIT 303 -# define EC_F_SM2_KAP_FINAL_CHECK 304 -# define EC_F_SM2_KAP_PREPARE 305 -# define EC_F_SM2_SIGN_SETUP 306 -# define EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK 315 -# define EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK 316 -# define EC_F_TYPE1CURVE_PHI 317 +# define EC_F_BN_TO_FELEM 100 +# define EC_F_D2I_ECIESPARAMETERS 101 +# define EC_F_D2I_ECPARAMETERS 102 +# define EC_F_D2I_ECPKPARAMETERS 103 +# define EC_F_D2I_ECPRIVATEKEY 104 +# define EC_F_DO_EC_KEY_PRINT 105 +# define EC_F_ECDH_CMS_DECRYPT 106 +# define EC_F_ECDH_CMS_SET_SHARED_INFO 107 +# define EC_F_ECDH_COMPUTE_KEY 108 +# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 109 +# define EC_F_ECDSA_DO_SIGN_EX 110 +# define EC_F_ECDSA_DO_VERIFY 111 +# define EC_F_ECDSA_SIGN_EX 112 +# define EC_F_ECDSA_SIGN_SETUP 113 +# define EC_F_ECDSA_SIG_NEW 114 +# define EC_F_ECDSA_VERIFY 115 +# define EC_F_ECIES_DECRYPT 116 +# define EC_F_ECIES_DO_DECRYPT 117 +# define EC_F_ECIES_DO_ENCRYPT 118 +# define EC_F_ECIES_ENCRYPT 119 +# define EC_F_ECIES_PARAMS_GET_ENC 120 +# define EC_F_ECIES_PARAMS_GET_KDF 121 +# define EC_F_ECIES_PARAMS_GET_MAC 122 +# define EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED 123 +# define EC_F_ECIES_PARAMS_INIT_WITH_TYPE 124 +# define EC_F_ECKEY_PARAM2TYPE 125 +# define EC_F_ECKEY_PARAM_DECODE 126 +# define EC_F_ECKEY_PRIV_DECODE 127 +# define EC_F_ECKEY_PRIV_ENCODE 128 +# define EC_F_ECKEY_PUB_DECODE 129 +# define EC_F_ECKEY_PUB_ENCODE 130 +# define EC_F_ECKEY_TYPE2PARAM 131 +# define EC_F_ECPARAMETERS_PRINT_FP 132 +# define EC_F_ECPKPARAMETERS_PRINT 133 +# define EC_F_ECPKPARAMETERS_PRINT_FP 134 +# define EC_F_ECP_NISTZ256_GET_AFFINE 135 +# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 136 +# define EC_F_ECP_NISTZ256_POINTS_MUL 137 +# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 138 +# define EC_F_ECP_NISTZ256_WINDOWED_MUL 139 +# define EC_F_ECX_KEY_OP 140 +# define EC_F_ECX_PRIV_ENCODE 141 +# define EC_F_ECX_PUB_ENCODE 142 +# define EC_F_EC_ASN1_GROUP2CURVE 143 +# define EC_F_EC_ASN1_GROUP2FIELDID 144 +# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 145 +# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 146 +# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 147 +# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 148 +# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 149 +# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 150 +# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 151 +# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 152 +# define EC_F_EC_GFP_MONT_FIELD_DECODE 153 +# define EC_F_EC_GFP_MONT_FIELD_ENCODE 154 +# define EC_F_EC_GFP_MONT_FIELD_MUL 155 +# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 156 +# define EC_F_EC_GFP_MONT_FIELD_SQR 157 +# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 158 +# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 159 +# define EC_F_EC_GFP_NISTP224_POINTS_MUL 160 +# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 161 +# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 162 +# define EC_F_EC_GFP_NISTP256_POINTS_MUL 163 +# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 164 +# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 165 +# define EC_F_EC_GFP_NISTP521_POINTS_MUL 166 +# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 167 +# define EC_F_EC_GFP_NIST_FIELD_MUL 168 +# define EC_F_EC_GFP_NIST_FIELD_SQR 169 +# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 170 +# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 171 +# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 172 +# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 173 +# define EC_F_EC_GFP_SIMPLE_OCT2POINT 174 +# define EC_F_EC_GFP_SIMPLE_POINT2OCT 175 +# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 176 +# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 177 +# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 178 +# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 179 +# define EC_F_EC_GROUP_CHECK 180 +# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 181 +# define EC_F_EC_GROUP_COPY 182 +# define EC_F_EC_GROUP_GENERATE_TYPE1CURVE 183 +# define EC_F_EC_GROUP_GET_CURVE_GF2M 184 +# define EC_F_EC_GROUP_GET_CURVE_GFP 185 +# define EC_F_EC_GROUP_GET_DEGREE 186 +# define EC_F_EC_GROUP_GET_ECPARAMETERS 187 +# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 188 +# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 189 +# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 190 +# define EC_F_EC_GROUP_GET_TYPE1CURVE_ETA 191 +# define EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA 192 +# define EC_F_EC_GROUP_IS_TYPE1CURVE 193 +# define EC_F_EC_GROUP_NEW 194 +# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 195 +# define EC_F_EC_GROUP_NEW_FROM_DATA 196 +# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 197 +# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 198 +# define EC_F_EC_GROUP_NEW_TYPE1CURVE 199 +# define EC_F_EC_GROUP_SET_CURVE_GF2M 200 +# define EC_F_EC_GROUP_SET_CURVE_GFP 201 +# define EC_F_EC_GROUP_SET_GENERATOR 202 +# define EC_F_EC_KEY_CHECK_KEY 203 +# define EC_F_EC_KEY_COPY 204 +# define EC_F_EC_KEY_GENERATE_KEY 205 +# define EC_F_EC_KEY_NEW_METHOD 206 +# define EC_F_EC_KEY_OCT2PRIV 207 +# define EC_F_EC_KEY_PRINT_FP 208 +# define EC_F_EC_KEY_PRIV2OCT 209 +# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 210 +# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 211 +# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 212 +# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 213 +# define EC_F_EC_POINTS_MAKE_AFFINE 214 +# define EC_F_EC_POINT_ADD 215 +# define EC_F_EC_POINT_CMP 216 +# define EC_F_EC_POINT_CMP_FPPOINT 217 +# define EC_F_EC_POINT_COPY 218 +# define EC_F_EC_POINT_DBL 219 +# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 220 +# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 221 +# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 222 +# define EC_F_EC_POINT_HASH2POINT 223 +# define EC_F_EC_POINT_INVERT 224 +# define EC_F_EC_POINT_IS_AT_INFINITY 225 +# define EC_F_EC_POINT_IS_ON_CURVE 226 +# define EC_F_EC_POINT_MAKE_AFFINE 227 +# define EC_F_EC_POINT_NEW 228 +# define EC_F_EC_POINT_OCT2POINT 229 +# define EC_F_EC_POINT_POINT2OCT 230 +# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 231 +# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 232 +# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 233 +# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 234 +# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 235 +# define EC_F_EC_POINT_SET_TO_INFINITY 236 +# define EC_F_EC_PRE_COMP_NEW 237 +# define EC_F_EC_TYPE1CURVE_TATE 238 +# define EC_F_EC_WNAF_MUL 239 +# define EC_F_EC_WNAF_PRECOMPUTE_MULT 240 +# define EC_F_I2D_ECIESPARAMETERS 241 +# define EC_F_I2D_ECPARAMETERS 242 +# define EC_F_I2D_ECPKPARAMETERS 243 +# define EC_F_I2D_ECPRIVATEKEY 244 +# define EC_F_I2O_ECPUBLICKEY 245 +# define EC_F_NISTP224_PRE_COMP_NEW 246 +# define EC_F_NISTP256_PRE_COMP_NEW 247 +# define EC_F_NISTP521_PRE_COMP_NEW 248 +# define EC_F_O2I_ECPUBLICKEY 249 +# define EC_F_OLD_EC_PRIV_DECODE 250 +# define EC_F_OSSL_ECDH_COMPUTE_KEY 251 +# define EC_F_OSSL_ECDSA_SIGN_SIG 252 +# define EC_F_OSSL_ECDSA_VERIFY_SIG 253 +# define EC_F_PKEY_ECX_DERIVE 254 +# define EC_F_PKEY_EC_CTRL 255 +# define EC_F_PKEY_EC_CTRL_STR 256 +# define EC_F_PKEY_EC_DECRYPT 257 +# define EC_F_PKEY_EC_DERIVE 258 +# define EC_F_PKEY_EC_ENCRYPT 259 +# define EC_F_PKEY_EC_KEYGEN 260 +# define EC_F_PKEY_EC_PARAMGEN 261 +# define EC_F_PKEY_EC_SIGN 262 +# define EC_F_SM2_COMPUTE_ID_DIGEST 263 +# define EC_F_SM2_COMPUTE_MESSAGE_DIGEST 264 +# define EC_F_SM2_DO_ENCRYPT 265 +# define EC_F_SM2_GET_PUBLIC_KEY_DATA 266 +# define EC_F_SM2_KAP_COMPUTE_KEY 267 +# define EC_F_SM2_KAP_CTX_INIT 268 +# define EC_F_SM2_KAP_FINAL_CHECK 269 +# define EC_F_SM2_KAP_PREPARE 270 +# define EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK 271 +# define EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK 272 +# define EC_F_TYPE1CURVE_PHI 273 /* Reason codes. */ -# define EC_R_ASN1_ERROR 115 -# define EC_R_BAD_SIGNATURE 156 -# define EC_R_BIGNUM_OUT_OF_RANGE 144 -# define EC_R_BUFFER_TOO_SMALL 100 -# define EC_R_CIPHERTEXT_ENCODE_FAILED 173 -# define EC_R_CMAC_FINAL_FAILURE 136 -# define EC_R_CMAC_INIT_FAILURE 153 -# define EC_R_CMAC_UPDATE_FAILURE 162 -# define EC_R_COORDINATES_OUT_OF_RANGE 146 -# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160 -# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159 -# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 -# define EC_R_DECODE_ERROR 142 -# define EC_R_DECRYPT_FAILED 163 -# define EC_R_DISCRIMINANT_IS_ZERO 118 -# define EC_R_ECDH_FAILED 164 -# define EC_R_ECDH_FAILURE 165 -# define EC_R_ECIES_DECRYPT_FAILED 196 -# define EC_R_ECIES_DECRYPT_INIT_FAILURE 166 -# define EC_R_ECIES_DECRYPT_WITH_RECOMMENDED_FAILED 197 -# define EC_R_ECIES_ENCRYPT_FAILED 198 -# define EC_R_ECIES_ENCRYPT_WITH_RECOMMENDED_FAILED 199 -# define EC_R_ECIES_VERIFY_MAC_FAILURE 167 -# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 -# define EC_R_ENCRYPT_FAILED 168 -# define EC_R_ENCRYPT_FAILURE 206 -# define EC_R_ERROR 174 -# define EC_R_FIELD_TOO_LARGE 143 -# define EC_R_GEN_MAC_FAILED 169 -# define EC_R_GET_CIPHERTEXT_SIZE_FAILED 175 -# define EC_R_GET_KDF_FAILED 176 -# define EC_R_GET_PUBLIC_KEY_DATA_FAILURE 177 -# define EC_R_GET_TYPE1CURVE_ZETA_FAILURE 192 -# define EC_R_GF2M_NOT_SUPPORTED 147 -# define EC_R_GROUP2PKPARAMETERS_FAILURE 120 -# define EC_R_HMAC_FAILURE 170 -# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 -# define EC_R_INCOMPATIBLE_OBJECTS 101 -# define EC_R_INNOR_ERROR 178 -# define EC_R_INVALID_ARGUMENT 112 -# define EC_R_INVALID_COMPRESSED_POINT 110 -# define EC_R_INVALID_COMPRESSION_BIT 109 -# define EC_R_INVALID_CURVE 141 -# define EC_R_INVALID_DIGEST 151 -# define EC_R_INVALID_DIGEST_ALGOR 179 -# define EC_R_INVALID_DIGEST_TYPE 138 -# define EC_R_INVALID_ECIES_CIPHERTEXT 171 -# define EC_R_INVALID_ECIES_PARAMETERS 172 -# define EC_R_INVALID_ECIES_PARAMS 207 -# define EC_R_INVALID_EC_KEY 180 -# define EC_R_INVALID_ENCODING 102 -# define EC_R_INVALID_ENC_PARAM 208 -# define EC_R_INVALID_ENC_TYPE 200 -# define EC_R_INVALID_FIELD 103 -# define EC_R_INVALID_FORM 104 -# define EC_R_INVALID_GROUP_ORDER 122 -# define EC_R_INVALID_ID_LENGTH 181 -# define EC_R_INVALID_INPUT_LENGTH 209 -# define EC_R_INVALID_KDF_MD 182 -# define EC_R_INVALID_KEY 116 -# define EC_R_INVALID_MD 205 -# define EC_R_INVALID_OUTPUT_LENGTH 161 -# define EC_R_INVALID_PEER_KEY 133 -# define EC_R_INVALID_PENTANOMIAL_BASIS 132 -# define EC_R_INVALID_PRIVATE_KEY 123 -# define EC_R_INVALID_SM2_ID 183 -# define EC_R_INVALID_SM2_KAP_CHECKSUM_LENGTH 184 -# define EC_R_INVALID_SM2_KAP_CHECKSUM_VALUE 185 -# define EC_R_INVALID_TRINOMIAL_BASIS 137 -# define EC_R_INVALID_TYPE1CURVE 193 -# define EC_R_INVALID_TYPE1_CURVE 194 -# define EC_R_INVLID_TYPE1CURVE 195 -# define EC_R_KDF_PARAMETER_ERROR 148 -# define EC_R_KEYS_NOT_SET 140 -# define EC_R_MALLOC_FAILED 186 -# define EC_R_MISSING_PARAMETERS 124 -# define EC_R_MISSING_PRIVATE_KEY 125 -# define EC_R_NEED_NEW_SETUP_VALUES 157 -# define EC_R_NOT_A_NIST_PRIME 135 -# define EC_R_NOT_IMPLEMENTED 126 -# define EC_R_NOT_INITIALIZED 111 -# define EC_R_NO_PARAMETERS_SET 139 -# define EC_R_NO_PRIVATE_VALUE 154 -# define EC_R_NULL_ARGUMENT 187 -# define EC_R_OCT2POINT_FAILED 188 -# define EC_R_OPERATION_NOT_SUPPORTED 152 -# define EC_R_PASSED_NULL_PARAMETER 134 -# define EC_R_PEER_KEY_ERROR 149 -# define EC_R_PKPARAMETERS2GROUP_FAILURE 127 -# define EC_R_POINT2OCT_FAILED 189 -# define EC_R_POINT_ARITHMETIC_FAILURE 155 -# define EC_R_POINT_AT_INFINITY 106 -# define EC_R_POINT_IS_NOT_ON_CURVE 107 -# define EC_R_POINT_NEW_FAILED 190 -# define EC_R_RANDOM_NUMBER_GENERATION_FAILED 158 -# define EC_R_SHARED_INFO_ERROR 150 -# define EC_R_SLOT_FULL 108 -# define EC_R_SM2_DECRYPT_FAILED 201 -# define EC_R_SM2_DECRYPT_WITH_RECOMMENDED_FAILED 202 -# define EC_R_SM2_ENCRYPT_FAILED 203 -# define EC_R_SM2_ENCRYPT_WITH_RECOMMENDED_FAILED 204 -# define EC_R_SM2_KAP_NOT_INITED 191 -# define EC_R_UNDEFINED_GENERATOR 113 -# define EC_R_UNDEFINED_ORDER 128 -# define EC_R_UNKNOWN_GROUP 129 -# define EC_R_UNKNOWN_ORDER 114 -# define EC_R_UNSUPPORTED_FIELD 131 -# define EC_R_WRONG_CURVE_PARAMETERS 145 -# define EC_R_WRONG_ORDER 130 +# define EC_R_ASN1_ERROR 100 +# define EC_R_BAD_SIGNATURE 101 +# define EC_R_BIGNUM_OUT_OF_RANGE 102 +# define EC_R_BUFFER_TOO_SMALL 103 +# define EC_R_CMAC_FINAL_FAILURE 104 +# define EC_R_CMAC_INIT_FAILURE 105 +# define EC_R_CMAC_UPDATE_FAILURE 106 +# define EC_R_COORDINATES_OUT_OF_RANGE 107 +# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 108 +# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 109 +# define EC_R_D2I_ECPKPARAMETERS_FAILURE 110 +# define EC_R_DECODE_ERROR 111 +# define EC_R_DECRYPT_FAILED 112 +# define EC_R_DISCRIMINANT_IS_ZERO 113 +# define EC_R_ECDH_FAILED 114 +# define EC_R_ECDH_FAILURE 115 +# define EC_R_ECIES_DECRYPT_FAILED 116 +# define EC_R_ECIES_DECRYPT_INIT_FAILURE 117 +# define EC_R_ECIES_ENCRYPT_FAILED 118 +# define EC_R_ECIES_VERIFY_MAC_FAILURE 119 +# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 120 +# define EC_R_ENCODE_ERROR 198 +# define EC_R_ENCRYPT_FAILED 121 +# define EC_R_ENCRYPT_FAILURE 122 +# define EC_R_ERROR 123 +# define EC_R_FIELD_TOO_LARGE 124 +# define EC_R_GEN_MAC_FAILED 125 +# define EC_R_GET_PUBLIC_KEY_DATA_FAILURE 126 +# define EC_R_GET_TYPE1CURVE_ZETA_FAILURE 127 +# define EC_R_GF2M_NOT_SUPPORTED 128 +# define EC_R_GROUP2PKPARAMETERS_FAILURE 129 +# define EC_R_GROUP_MISMATCH 199 +# define EC_R_HMAC_FAILURE 130 +# define EC_R_I2D_ECPKPARAMETERS_FAILURE 131 +# define EC_R_INCOMPATIBLE_OBJECTS 132 +# define EC_R_INVALID_ARGUMENT 133 +# define EC_R_INVALID_COMPRESSED_POINT 134 +# define EC_R_INVALID_COMPRESSION_BIT 135 +# define EC_R_INVALID_CURVE 136 +# define EC_R_INVALID_DIGEST 137 +# define EC_R_INVALID_DIGEST_ALGOR 138 +# define EC_R_INVALID_DIGEST_TYPE 139 +# define EC_R_INVALID_ECIES_CIPHERTEXT 140 +# define EC_R_INVALID_ECIES_PARAMETERS 141 +# define EC_R_INVALID_ECIES_PARAMS 142 +# define EC_R_INVALID_EC_ENCRYPT_PARAM 143 +# define EC_R_INVALID_EC_SCHEME 144 +# define EC_R_INVALID_ENCODING 145 +# define EC_R_INVALID_ENC_PARAM 146 +# define EC_R_INVALID_ENC_TYPE 147 +# define EC_R_INVALID_FIELD 148 +# define EC_R_INVALID_FORM 149 +# define EC_R_INVALID_GROUP_ORDER 150 +# define EC_R_INVALID_ID_LENGTH 151 +# define EC_R_INVALID_INPUT_LENGTH 152 +# define EC_R_INVALID_KDF_MD 153 +# define EC_R_INVALID_KEY 154 +# define EC_R_INVALID_MD 155 +# define EC_R_INVALID_OUTPUT_LENGTH 156 +# define EC_R_INVALID_PEER_KEY 157 +# define EC_R_INVALID_PENTANOMIAL_BASIS 158 +# define EC_R_INVALID_PRIVATE_KEY 159 +# define EC_R_INVALID_SIGNER_ID 160 +# define EC_R_INVALID_SM2_ID 161 +# define EC_R_INVALID_SM2_KAP_CHECKSUM_LENGTH 162 +# define EC_R_INVALID_SM2_KAP_CHECKSUM_VALUE 163 +# define EC_R_INVALID_TRINOMIAL_BASIS 164 +# define EC_R_INVALID_TYPE1CURVE 165 +# define EC_R_INVALID_TYPE1_CURVE 166 +# define EC_R_INVLID_TYPE1CURVE 167 +# define EC_R_KDF_PARAMETER_ERROR 168 +# define EC_R_KEYS_NOT_SET 169 +# define EC_R_MISSING_PARAMETERS 170 +# define EC_R_MISSING_PRIVATE_KEY 171 +# define EC_R_NEED_NEW_SETUP_VALUES 172 +# define EC_R_NOT_A_NIST_PRIME 173 +# define EC_R_NOT_IMPLEMENTED 174 +# define EC_R_NOT_INITIALIZED 175 +# define EC_R_NO_PARAMETERS_SET 176 +# define EC_R_NO_PRIVATE_VALUE 177 +# define EC_R_OPERATION_NOT_SUPPORTED 178 +# define EC_R_PASSED_NULL_PARAMETER 179 +# define EC_R_PEER_KEY_ERROR 180 +# define EC_R_PKPARAMETERS2GROUP_FAILURE 181 +# define EC_R_POINT_ARITHMETIC_FAILURE 182 +# define EC_R_POINT_AT_INFINITY 183 +# define EC_R_POINT_IS_NOT_ON_CURVE 184 +# define EC_R_RANDOM_NUMBER_GENERATION_FAILED 185 +# define EC_R_SHARED_INFO_ERROR 186 +# define EC_R_SLOT_FULL 187 +# define EC_R_SM2_DECRYPT_FAILED 188 +# define EC_R_SM2_ENCRYPT_FAILED 189 +# define EC_R_SM2_KAP_NOT_INITED 190 +# define EC_R_UNDEFINED_GENERATOR 191 +# define EC_R_UNDEFINED_ORDER 192 +# define EC_R_UNKNOWN_GROUP 193 +# define EC_R_UNKNOWN_ORDER 194 +# define EC_R_UNSUPPORTED_FIELD 195 +# define EC_R_WRONG_CURVE_PARAMETERS 196 +# define EC_R_WRONG_ORDER 197 # ifdef __cplusplus } diff --git a/include/openssl/ecies.h b/include/openssl/ecies.h index e8b64b5b..02812f30 100644 --- a/include/openssl/ecies.h +++ b/include/openssl/ecies.h @@ -50,6 +50,9 @@ #ifndef HEADER_ECIES_H #define HEADER_ECIES_H +#include +#ifndef OPENSSL_NO_ECIES + #include #include #include @@ -134,14 +137,15 @@ ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param, typedef struct ecies_ciphertext_value_st ECIES_CIPHERTEXT_VALUE; DECLARE_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE) +int ECIES_CIPHERTEXT_VALUE_ciphertext_length(const ECIES_CIPHERTEXT_VALUE *a); ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param, const unsigned char *in, size_t inlen, EC_KEY *ec_key); int ECIES_do_decrypt(const ECIES_PARAMS *param, const ECIES_CIPHERTEXT_VALUE *in, unsigned char *out, size_t *outlen, EC_KEY *ec_key); -int ECIES_encrypt(int type, const unsigned char *in, size_t inlen, +int ECIES_encrypt(int param, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key); -int ECIES_decrypt(int type, const unsigned char *in, size_t inlen, +int ECIES_decrypt(int param, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key); #define ECIES_encrypt_with_recommended(in,inlen,out,outlen,ec_key) \ ECIES_encrypt(NID_ecies_with_x9_63_sha256_xor_hmac,in,inlen,out,outlen,ec_key) @@ -153,3 +157,4 @@ int ECIES_decrypt(int type, const unsigned char *in, size_t inlen, } #endif #endif +#endif diff --git a/include/openssl/engine.h b/include/openssl/engine.h index 26cf7148..a401d0cf 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -334,6 +334,10 @@ ENGINE *ENGINE_by_id(const char *id); OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL) # define ENGINE_load_capi() \ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL) +# define ENGINE_load_skf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_SKF, NULL) +# define ENGINE_load_sdf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_SDF, NULL) # define ENGINE_load_afalg() \ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL) # endif diff --git a/include/openssl/err.h b/include/openssl/err.h index 2ccd04f5..fe976b3e 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -107,9 +107,7 @@ typedef struct err_state_st { # define ERR_LIB_SDF 63 # define ERR_LIB_SKF 64 # define ERR_LIB_SOF 65 -#ifndef OPENSSL_NO_BASE58 # define ERR_LIB_BASE58 66 -#endif # define ERR_LIB_USER 128 @@ -162,9 +160,8 @@ typedef struct err_state_st { # define SDFerr(f,r) ERR_PUT_error(ERR_LIB_SDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define SKFerr(f,r) ERR_PUT_error(ERR_LIB_SKF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define SOFerr(f,r) ERR_PUT_error(ERR_LIB_SOF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#ifndef OPENSSL_NO_BASE58 # define BASE58err(f,r) ERR_PUT_error(ERR_LIB_BASE58,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#endif + # define ERR_PACK(l,f,r) ( \ (((unsigned int)(l) & 0x0FF) << 24L) | \ (((unsigned int)(f) & 0xFFF) << 12L) | \ @@ -225,9 +222,8 @@ typedef struct err_state_st { # define ERR_R_SDF_LIB ERR_LIB_SDF/* 63 */ # define ERR_R_SKF_LIB ERR_LIB_SKF/* 64 */ # define ERR_R_SOF_LIB ERR_LIB_SOF/* 65 */ -#ifndef OPENSSL_NO_BASE58 # define ERR_R_BASE58_LIB ERR_LIB_BASE58/* 66 */ -#endif + # define ERR_R_NESTED_ASN1_ERROR 58 # define ERR_R_NESTED_ASN1_ERROR 58 @@ -303,6 +299,8 @@ int ERR_get_next_error_library(void); int ERR_set_mark(void); int ERR_pop_to_mark(void); +#define OPENSSL_PUT_ERROR(a,b) do {} while(0) + #ifdef __cplusplus } #endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index a73f0076..e9866891 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -111,6 +111,9 @@ extern "C" { # define EVP_PKEY_MO_ENCRYPT 0x0004 # define EVP_PKEY_MO_DECRYPT 0x0008 +char *EVP_get_ciphernames(int aliases); +char *EVP_get_digestnames(int aliases); + # ifndef EVP_MD EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type); EVP_MD *EVP_MD_meth_dup(const EVP_MD *md); @@ -427,39 +430,71 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, int en_de); # ifndef OPENSSL_NO_RSA -# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) +# ifndef OPENSSL_NO_MACRO +# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ + (char *)(rsa)) +# else +int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *rsa); +# endif # endif # ifndef OPENSSL_NO_DSA -# define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ - (char *)(dsa)) +# ifndef OPENSSL_NO_MACRO +# define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ + (char *)(dsa)) +# else +int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *dsa); +# endif # endif # ifndef OPENSSL_NO_DH -# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ - (char *)(dh)) +# ifndef OPENSSL_NO_MACRO +# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ + (char *)(dh)) +# else +int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *dh); +# endif # endif # ifndef OPENSSL_NO_EC -# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ - (char *)(eckey)) +# ifndef OPENSSL_NO_MACRO +# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ + (char *)(eckey)) +# else +int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *ec_key); +# endif # endif # ifndef OPENSSL_NO_PAILLIER -# define EVP_PKEY_assign_PAILLIER(pkey,paillier) EVP_PKEY_assign((pkey),EVP_PKEY_PAILLIER,\ +# ifndef OPENSSL_NO_MACRO +# define EVP_PKEY_assign_PAILLIER(pkey,paillier) EVP_PKEY_assign((pkey),EVP_PKEY_PAILLIER,\ (char *)(paillier)) +# else +int EVP_PKEY_assign_PAILLIER(EVP_PKEY *pkey, PAILLIER *paillier); +# endif # endif /* Add some extra combinations */ -# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) -# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) -# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) -# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) +# ifndef OPENSSL_NO_MACRO +# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) +# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) +# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) +# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) +# else +const EVP_MD *EVP_get_digestbynid(int nid); +const EVP_MD *EVP_get_digestbyobj(ASN1_OBJECT *obj); +const EVP_CIPHER *EVP_get_cipherbynid(int nid); +const EVP_CIPHER *EVP_get_cipherbyobj(ASN1_OBJECT *obj); +# endif int EVP_MD_type(const EVP_MD *md); -# define EVP_MD_nid(e) EVP_MD_type(e) -# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) +# ifndef OPENSSL_NO_MACRO +# define EVP_MD_nid(e) EVP_MD_type(e) +# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) +# else +int EVP_MD_nid(const EVP_MD *md); +const char *EVP_MD_name(const EVP_MD *md); +# endif int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); @@ -471,20 +506,35 @@ int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count)); -# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) -# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) -# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) +# ifndef OPENSSL_NO_MACRO +# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) +# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) +# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) +# else +int EVP_MD_CTX_size(EVP_MD_CTX *ctx); +int EVP_MD_CTX_block_size(EVP_MD_CTX *ctx); +int EVP_MD_CTX_type(EVP_MD_CTX *ctx); +# endif EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); +void *EVP_MD_CTX_set_md_data(EVP_MD_CTX *ctx, void *md_data); int EVP_CIPHER_nid(const EVP_CIPHER *cipher); -# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) +# else +const char *EVP_CIPHER_name(const EVP_CIPHER *cipher); +# endif int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *cipher); int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); -# define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) +# else +int EVP_CIPHER_mode(const EVP_CIPHER *cipher); +# endif const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx); @@ -503,57 +553,106 @@ void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx); void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data); -# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -# if OPENSSL_API_COMPAT < 0x10100000L -# define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c)) +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) +# else +int EVP_CIPHER_CTX_type(EVP_CIPHER_CTX *ctx); # endif -# define EVP_CIPHER_CTX_mode(c) EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c)) +# if OPENSSL_API_COMPAT < 0x10100000L +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c)) +# else +int EVP_CIPHER_CTX_flags(EVP_CIPHER_CTX *ctx); +# endif +# endif +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_CTX_mode(c) EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c)) -# define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) -# define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) +# define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) +# define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) -# define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -# define EVP_SignInit(a,b) EVP_DigestInit(a,b) -# define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -# define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -# define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) -# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) -# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) -# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +# define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) +# define EVP_SignInit(a,b) EVP_DigestInit(a,b) +# define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +# define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) +# define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) +# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) +# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) +# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) +# else +int EVP_CIPHER_CTX_mode(EVP_CIPHER_CTX *ctx); +long EVP_ENCODE_LENGTH(long l); +long EVP_DECODE_LENGTH(long l); +__owur int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, + ENGINE *impl); +__owur int EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); +__owur int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); +__owur int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, + ENGINE *impl); +__owur int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type); +__owur int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); +/*__owur*/ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, const unsigned char *in, int inl); +/*__owur*/ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, + int *outl, const unsigned char *in, int inl); +__owur int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); +__owur int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); +# endif # ifdef CONST_STRICT void BIO_set_md(BIO *, const EVP_MD *md); # else # define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) # endif -# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) -# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) -# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp) -# define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) -# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) +# ifndef OPENSSL_NO_MACRO +# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) +# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) +# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp) +# define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) +# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) +# else +long BIO_get_md(BIO *bio, const EVP_MD **pmd); +long BIO_get_md_ctx(BIO *bio, EVP_MD_CTX **pmctx); +long BIO_set_md_ctx(BIO *bio, EVP_MD_CTX *mctx); +long BIO_get_cipher_status(BIO *bio); +long BIO_get_cipher_ctx(BIO *bio, EVP_CIPHER_CTX *pcctx); +# endif /*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, unsigned int inl); -# define EVP_add_cipher_alias(n,alias) \ +# ifndef OPENSSL_NO_MACRO +# define EVP_add_cipher_alias(n,alias) \ OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) -# define EVP_add_digest_alias(n,alias) \ +# define EVP_add_digest_alias(n,alias) \ OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)) -# define EVP_delete_cipher_alias(alias) \ +# define EVP_delete_cipher_alias(alias) \ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); -# define EVP_delete_digest_alias(alias) \ +# define EVP_delete_digest_alias(alias) \ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); +# else +int EVP_add_cipher_alias(int type, const char *alias); +int EVP_add_digest_alias(int type, const char *alias); +int EVP_delete_cipher_alias(const char *alias); +int EVP_delete_digest_alias(const char *alias); +# endif int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); EVP_MD_CTX *EVP_MD_CTX_new(void); int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -# define EVP_MD_CTX_create() EVP_MD_CTX_new() -# define EVP_MD_CTX_init(ctx) EVP_MD_CTX_reset((ctx)) -# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx)) +# ifndef OPENSSL_NO_MACRO +# define EVP_MD_CTX_create() EVP_MD_CTX_new() +# define EVP_MD_CTX_init(ctx) EVP_MD_CTX_reset((ctx)) +# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx)) +# else +EVP_MD_CTX *EVP_MD_CTX_create(void); +int EVP_MD_CTX_init(EVP_MD_CTX *ctx); +void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); +# endif __owur int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); @@ -678,8 +777,13 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); # if OPENSSL_API_COMPAT < 0x10100000L -# define EVP_CIPHER_CTX_init(c) EVP_CIPHER_CTX_reset(c) -# define EVP_CIPHER_CTX_cleanup(c) EVP_CIPHER_CTX_reset(c) +# ifndef OPENSSL_NO_MACRO +# define EVP_CIPHER_CTX_init(c) EVP_CIPHER_CTX_reset(c) +# define EVP_CIPHER_CTX_cleanup(c) EVP_CIPHER_CTX_reset(c) +# else +int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx); +# endif # endif EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c); @@ -917,36 +1021,48 @@ const EVP_CIPHER *EVP_sms4_wrap_pad(void); # endif # if OPENSSL_API_COMPAT < 0x10100000L -# define OPENSSL_add_all_algorithms_conf() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ +# ifndef OPENSSL_NO_MACRO +# define OPENSSL_add_all_algorithms_conf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS \ | OPENSSL_INIT_LOAD_CONFIG, NULL) -# define OPENSSL_add_all_algorithms_noconf() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ +# define OPENSSL_add_all_algorithms_noconf() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) -# ifdef OPENSSL_LOAD_CONF -# define OpenSSL_add_all_algorithms() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ +# ifdef OPENSSL_LOAD_CONF +# define OpenSSL_add_all_algorithms() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS \ | OPENSSL_INIT_LOAD_CONFIG, NULL) +# else +# define OpenSSL_add_all_algorithms() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ + | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) +# endif + +# define OpenSSL_add_all_ciphers() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL) +# define OpenSSL_add_all_digests() \ + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) + +# define EVP_cleanup() while(0) continue # else -# define OpenSSL_add_all_algorithms() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ - | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) -# endif - -# define OpenSSL_add_all_ciphers() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL) -# define OpenSSL_add_all_digests() \ - OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) - -# define EVP_cleanup() while(0) continue -# endif +int OPENSSL_add_all_algorithms_conf(void); +int OPENSSL_add_all_algorithms_noconf(void); +int OpenSSL_add_all_algorithms(void); +int OpenSSL_add_all_ciphers(void); +int OPENSSL_add_all_digests(void); +void OPENSSL_cleanup(void); +# endif /* OPENSSL_NO_MACRO */ +# endif /* OPENSSL_API_COMPAT < 0x10100000L */ int EVP_add_cipher(const EVP_CIPHER *cipher); int EVP_add_digest(const EVP_MD *digest); +const EVP_CIPHER *EVP_get_default_cipher(void); +const EVP_MD *EVP_get_default_digest(void); + const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); @@ -1061,9 +1177,11 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); +#ifndef OPENSSL_NO_SHA int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); +#endif int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out); @@ -1224,6 +1342,7 @@ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, # define EVP_PKEY_OP_TYPE_GEN \ (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) +# ifndef OPENSSL_NO_MACRO # define EVP_PKEY_CTX_set_signature_md(ctx, md) \ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ EVP_PKEY_CTRL_MD, 0, (void *)md) @@ -1235,6 +1354,11 @@ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, # define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \ EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)key) +# else +int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); +int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd); +int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, int keylen); +# endif # define EVP_PKEY_CTRL_MD 1 # define EVP_PKEY_CTRL_PEER_KEY 2 @@ -1526,6 +1650,7 @@ void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth, void EVP_add_alg_module(void); + /* BEGIN ERROR CODES */ /* * The following lines are auto generated by the script mkerr.pl. Any changes @@ -1645,6 +1770,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_MESSAGE_DIGEST_IS_NULL 159 # define EVP_R_METHOD_NOT_SUPPORTED 144 # define EVP_R_MISSING_PARAMETERS 103 +# define EVP_R_NO_AVAIABLE_DIGEST 178 # define EVP_R_NO_CIPHER_SET 131 # define EVP_R_NO_DEFAULT_DIGEST 158 # define EVP_R_NO_DIGEST_SET 139 @@ -1656,6 +1782,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 # define EVP_R_PUBLIC_KEY_NOT_RSA 106 +# define EVP_R_PUBLIC_KEY_NOT_RSA_OR_EC 177 # define EVP_R_RSA_PUBLIC_ENCRYPT_FAILED 175 # define EVP_R_UNKNOWN_CIPHER 160 # define EVP_R_UNKNOWN_DIGEST 161 diff --git a/include/openssl/ffx.h b/include/openssl/ffx.h index a0445973..be2b2d7b 100644 --- a/include/openssl/ffx.h +++ b/include/openssl/ffx.h @@ -49,6 +49,7 @@ #ifndef HEADER_FFX_H #define HEADER_FFX_H + #include #include diff --git a/include/openssl/gmapi.h b/include/openssl/gmapi.h index d4547f5b..759323b1 100644 --- a/include/openssl/gmapi.h +++ b/include/openssl/gmapi.h @@ -53,9 +53,18 @@ #ifndef HEADER_GMAPI_H #define HEADER_GMAPI_H -#include -#include -#include +#include +#ifndef OPENSSL_NO_GMAPI + +#ifndef OPENSSL_NO_EC +# include +# ifndef OPENSSL_NO_SM2 +# include +# endif +#endif +#ifndef OPENSSL_NO_RSA +# include +#endif #include #include #include @@ -67,57 +76,112 @@ extern "C" { #endif -const char *GMAPI_keyusage2str(int usage); -int GMAPI_sgd2ciphernid(int sgd); -int GMAPI_sgd2mdnid(int sgd); +/* SGD */ +const EVP_CIPHER *EVP_get_cipherbysgd(ULONG ulAlgId, ULONG ulFeedBitLen); +int EVP_CIPHER_get_sgd(const EVP_CIPHER *cipher, ULONG *pulAlgId, ULONG *pulFeedBits); +int EVP_CIPHER_CTX_get_sgd(const EVP_CIPHER_CTX *ctx, ULONG *pulAlgId, ULONG *pulFeedBits); +const EVP_MD *EVP_get_digestbysgd(ULONG ulAlgId); +int EVP_MD_get_sgd(const EVP_MD *md, ULONG *ulAlgId); +int EVP_MD_CTX_get_sgd(const EVP_MD_CTX *ctx, ULONG *ulAlgId); +//convert sgd to pkey type +int EVP_PKEY_get_sgd(const EVP_PKEY *pkey, ULONG *ulAlgId); +int EVP_PKEY_CTX_get_sgd(const EVP_PKEY_CTX *ctx, ULONG *ulAlgId); -int EVP_MD_sgd(const EVP_MD *md); -int EVP_CIPHER_sgd(const EVP_CIPHER *cipher); - -/* SGD <==> EVP */ -const EVP_MD *EVP_get_digestbysgd(int sgd); -const EVP_CIPHER *EVP_get_cipherbysgd(int sgd); - -/* SDF types <==> Native types */ +/* SDF */ +#ifndef OPENSSL_NO_SDF +# ifndef OPENSSL_NO_RSA RSA *RSA_new_from_RSArefPublicKey(const RSArefPublicKey *ref); -RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref); int RSA_set_RSArefPublicKey(RSA *rsa, const RSArefPublicKey *ref); -int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref); int RSA_get_RSArefPublicKey(RSA *rsa, RSArefPublicKey *ref); +RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref); +int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref); int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref); +# endif +# ifndef OPENSSL_NO_EC EC_KEY *EC_KEY_new_from_ECCrefPublicKey(const ECCrefPublicKey *ref); -EC_KEY *EC_KEY_new_from_ECCrefPrivateKey(const ECCrefPrivateKey *ref); int EC_KEY_set_ECCrefPublicKey(EC_KEY *ec_key, const ECCrefPublicKey *ref); -int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref); int EC_KEY_get_ECCrefPublicKey(EC_KEY *ec_key, ECCrefPublicKey *ref); +EC_KEY *EC_KEY_new_from_ECCrefPrivateKey(const ECCrefPrivateKey *ref); +int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref); int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref); +# ifndef OPENSSL_NO_SM2 SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCipher(const ECCCipher *ref); int SM2CiphertextValue_set_ECCCipher(SM2CiphertextValue *cv, const ECCCipher *ref); int SM2CiphertextValue_get_ECCCipher(const SM2CiphertextValue *cv, ECCCipher *ref); +# endif +# ifndef OPENSSL_NO_ECIES +ECIES_CIPHERTEXT_VALUE *ECIES_CIPHERTEXT_VALUE_new_from_ECCCipher(const ECCCipher *ref); +int ECIES_CIPHERTEXT_VALUE_set_ECCCipher(ECIES_CIPHERTEXT_VALUE *cv, const ECCCipher *ref); +int ECIES_CIPHERTEXT_VALUE_get_ECCCipher(const ECIES_CIPHERTEXT_VALUE *cv, ECCCipher *ref); +# endif ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref); int ECDSA_SIG_set_ECCSignature(ECDSA_SIG *sig, const ECCSignature *ref); int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref); +ECCCipher *d2i_ECCCipher(ECCCipher **a, const unsigned char **pp, long length); +int i2d_ECCCipher(ECCCipher *a, unsigned char **pp); +ECCCipher *d2i_ECCCipher_bio(BIO *bp, ECCCipher **a); +int i2d_ECCCipher_bio(BIO *bp, ECCCipher *a); +ECCSignature *d2i_ECCSignature(ECCSignature **a, const unsigned char **pp, long length); +int i2d_ECCSignature(ECCSignature *a, unsigned char **pp); +ECCSignature *d2i_ECCSignature_bio(BIO *bp, ECCSignature **a); +int i2d_ECCSignature_bio(BIO *bp, ECCSignature *a); +# ifndef OPENSSL_NO_STDIO +ECCCipher *d2i_ECCCipher_fp(FILE *fp, ECCCipher **a); +int i2d_ECCCipher_fp(FILE *fp, ECCCipher *a); +ECCSignature *d2i_ECCSignature_fp(FILE *fp, ECCSignature **a); +int i2d_ECCSignature_fp(FILE *fp, ECCSignature *a); +# endif +# endif +#endif -/* SKF types <==> Native types */ + +/* SKF */ +#ifndef OPENSSL_NO_SKF +# ifndef OPENSSL_NO_RSA RSA *RSA_new_from_RSAPUBLICKEYBLOB(const RSAPUBLICKEYBLOB *blob); -RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob); int RSA_set_RSAPUBLICKEYBLOB(RSA *rsa, const RSAPUBLICKEYBLOB *blob); -int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob); int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob); +RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob); +int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob); int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob); +# endif +# ifndef OPENSSL_NO_EC EC_KEY *EC_KEY_new_from_ECCPUBLICKEYBLOB(const ECCPUBLICKEYBLOB *blob); -EC_KEY *EC_KEY_new_from_ECCPRIVATEKEYBLOB(const ECCPRIVATEKEYBLOB *blob); int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob); int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob); +EC_KEY *EC_KEY_new_from_ECCPRIVATEKEYBLOB(const ECCPRIVATEKEYBLOB *blob); int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob); int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob); +# ifndef OPENSSL_NO_SM2 SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob); int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv, const ECCCIPHERBLOB *blob); int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, ECCCIPHERBLOB *blob); +# endif +# ifndef OPENSSL_NO_ECIES +ECIES_CIPHERTEXT_VALUE *ECIES_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob); +int ECIES_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(ECIES_CIPHERTEXT_VALUE *cv, const ECCCIPHERBLOB *blob); +int ECIES_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const ECIES_CIPHERTEXT_VALUE *cv, ECCCIPHERBLOB *blob); +# endif ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob); int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob); int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob); - +int ECCPRIVATEKEYBLOB_set_private_key(ECCPRIVATEKEYBLOB *blob, const BIGNUM *priv_key); +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB(ECCCIPHERBLOB **a, const unsigned char **pp, long length); +int i2d_ECCCIPHERBLOB(ECCCIPHERBLOB *a, unsigned char **pp); +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB_bio(BIO *bp, ECCCIPHERBLOB **a); +int i2d_ECCCIPHERBLOB_bio(BIO *bp, ECCCIPHERBLOB *a); +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB(ECCSIGNATUREBLOB **a, const unsigned char **pp, long length); +int i2d_ECCSIGNATUREBLOB(ECCSIGNATUREBLOB *a, unsigned char **pp); +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB_bio(BIO *bp, ECCSIGNATUREBLOB **a); +int i2d_ECCSIGNATUREBLOB_bio(BIO *fp, ECCSIGNATUREBLOB *a); +# ifndef OPENSSL_NO_STDIO +ECCCIPHERBLOB *d2i_ECCCIPHERBLOB_fp(FILE *fp, ECCCIPHERBLOB **a); +int i2d_ECCCIPHERBLOB_fp(FILE *fp, ECCCIPHERBLOB *a); +ECCSIGNATUREBLOB *d2i_ECCSIGNATUREBLOB_fp(FILE *fp, ECCSIGNATUREBLOB **a); +int i2d_ECCSIGNATUREBLOB_fp(FILE *fp, ECCSIGNATUREBLOB *a); +# endif +# endif +#endif /* BEGIN ERROR CODES */ /* @@ -130,178 +194,105 @@ int ERR_load_GMAPI_strings(void); /* Error codes for the GMAPI functions. */ /* Function codes. */ -# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE 100 -# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB 101 -# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE 102 -# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB 103 -# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE 104 -# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB 105 -# define GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB 106 -# define GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB 107 -# define GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY 108 -# define GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY 109 -# define GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB 110 -# define GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB 111 -# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY 112 -# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY 113 -# define GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB 114 -# define GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB 115 -# define GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY 116 -# define GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY 117 -# define GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB 118 -# define GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB 119 -# define GMAPI_F_RSA_GET_RSAREFPRIVATEKEY 120 -# define GMAPI_F_RSA_GET_RSAREFPUBLICKEY 121 -# define GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB 122 -# define GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB 123 -# define GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY 124 -# define GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY 125 -# define GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB 126 -# define GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB 127 -# define GMAPI_F_RSA_SET_RSAREFPRIVATEKEY 128 -# define GMAPI_F_RSA_SET_RSAREFPUBLICKEY 129 -# define GMAPI_F_SAF_BASE64_CREATEBASE64OBJ 130 -# define GMAPI_F_SAF_BASE64_DECODE 131 -# define GMAPI_F_SAF_BASE64_DECODEFINAL 132 -# define GMAPI_F_SAF_BASE64_DECODEUPDATE 133 -# define GMAPI_F_SAF_BASE64_ENCODE 134 -# define GMAPI_F_SAF_BASE64_ENCODEFINAL 135 -# define GMAPI_F_SAF_BASE64_ENCODEUPDATE 136 -# define GMAPI_F_SAF_CREATESYMMKEYOBJ 137 -# define GMAPI_F_SAF_ECCPUBLICKEYENC 138 -# define GMAPI_F_SAF_ECCPUBLICKEYENCBYCERT 139 -# define GMAPI_F_SAF_ECCSIGN 140 -# define GMAPI_F_SAF_ECCVERIFYSIGN 141 -# define GMAPI_F_SAF_ECCVERIFYSIGNBYCERT 142 -# define GMAPI_F_SAF_GENECCKEYPAIR 143 -# define GMAPI_F_SAF_GENERATEAGREEMENTDATAWITHECC 144 -# define GMAPI_F_SAF_GENERATEKEYWITHECC 145 -# define GMAPI_F_SAF_GETECCPUBLICKEY 146 -# define GMAPI_F_SAF_MACFINAL 147 -# define GMAPI_F_SAF_MACUPDATE 148 -# define GMAPI_F_SAF_PKCS7_DECODEDIGESTEDDATA 149 -# define GMAPI_F_SAF_PKCS7_ENCODEDIGESTEDDATA 150 -# define GMAPI_F_SAF_SYMMDECRYPTUPDATE 151 -# define GMAPI_F_SAF_SYMMENCRYPTUPDATE 152 -# define GMAPI_F_SKF_CLOSEHANDLE 153 -# define GMAPI_F_SKF_DECRYPT 154 -# define GMAPI_F_SKF_DECRYPTFINAL 155 -# define GMAPI_F_SKF_DECRYPTINIT 156 -# define GMAPI_F_SKF_DECRYPTUPDATE 157 -# define GMAPI_F_SKF_DIGEST 158 -# define GMAPI_F_SKF_DIGESTFINAL 159 -# define GMAPI_F_SKF_DIGESTINIT 160 -# define GMAPI_F_SKF_DIGESTUPDATE 161 -# define GMAPI_F_SKF_ENCRYPT 162 -# define GMAPI_F_SKF_ENCRYPTFINAL 163 -# define GMAPI_F_SKF_ENCRYPTINIT 164 -# define GMAPI_F_SKF_ENCRYPTUPDATE 165 -# define GMAPI_F_SKF_EXTECCDECRYPT 166 -# define GMAPI_F_SKF_EXTECCENCRYPT 167 -# define GMAPI_F_SKF_EXTECCSIGN 168 -# define GMAPI_F_SKF_EXTECCVERIFY 169 -# define GMAPI_F_SKF_EXTRSAPRIKEYOPERATION 170 -# define GMAPI_F_SKF_EXTRSAPUBKEYOPERATION 171 -# define GMAPI_F_SKF_GENEXTECCKEYPAIR 172 -# define GMAPI_F_SKF_GENEXTRSAKEY 173 -# define GMAPI_F_SKF_GENRANDOM 174 -# define GMAPI_F_SKF_GETDEVINFO 175 -# define GMAPI_F_SKF_GETDEVSTATE 176 -# define GMAPI_F_SKF_HANDLE_GET_CBCMAC_CTX 177 -# define GMAPI_F_SKF_HANDLE_GET_CIPHER 178 -# define GMAPI_F_SKF_HANDLE_GET_CIPHER_CTX 179 -# define GMAPI_F_SKF_HANDLE_GET_KEY 180 -# define GMAPI_F_SKF_HANDLE_GET_MD_CTX 181 -# define GMAPI_F_SKF_MAC 182 -# define GMAPI_F_SKF_MACFINAL 183 -# define GMAPI_F_SKF_MACINIT 184 -# define GMAPI_F_SKF_MACUPDATE 185 -# define GMAPI_F_SKF_SETSYMMKEY 186 -# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER 193 -# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB 194 -# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER 195 -# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB 196 -# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER 197 -# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB 198 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER 187 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB 188 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER 189 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB 190 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER 191 -# define GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB 192 +# define GMAPI_F_D2I_ECCCIPHER 141 +# define GMAPI_F_D2I_ECCCIPHERBLOB 158 +# define GMAPI_F_D2I_ECCCIPHERBLOB_BIO 151 +# define GMAPI_F_D2I_ECCCIPHERBLOB_FP 152 +# define GMAPI_F_D2I_ECCSIGNATURE 142 +# define GMAPI_F_D2I_ECCSIGNATUREBLOB 159 +# define GMAPI_F_D2I_ECCSIGNATUREBLOB_BIO 160 +# define GMAPI_F_D2I_ECCSIGNATUREBLOB_FP 153 +# define GMAPI_F_ECCPRIVATEKEYBLOB_SET_PRIVATE_KEY 100 +# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE 101 +# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB 102 +# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE 103 +# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB 104 +# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE 105 +# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB 106 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHER 145 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB 150 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER 146 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB 148 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHER 147 +# define GMAPI_F_ECIES_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB 149 +# define GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB 107 +# define GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB 108 +# define GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY 109 +# define GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY 110 +# define GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB 111 +# define GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB 112 +# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY 113 +# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY 114 +# define GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB 115 +# define GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB 116 +# define GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY 117 +# define GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY 118 +# define GMAPI_F_EVP_CIPHER_CTX_GET_SGD 119 +# define GMAPI_F_EVP_CIPHER_GET_SGD 120 +# define GMAPI_F_EVP_MD_GET_SGD 121 +# define GMAPI_F_EVP_PKEY_GET_SGD 140 +# define GMAPI_F_I2D_ECCCIPHER 143 +# define GMAPI_F_I2D_ECCCIPHERBLOB 154 +# define GMAPI_F_I2D_ECCCIPHERBLOB_BIO 155 +# define GMAPI_F_I2D_ECCCIPHERBLOB_FP 156 +# define GMAPI_F_I2D_ECCSIGNATURE 144 +# define GMAPI_F_I2D_ECCSIGNATUREBLOB 161 +# define GMAPI_F_I2D_ECCSIGNATUREBLOB_BIO 162 +# define GMAPI_F_I2D_ECCSIGNATUREBLOB_FP 157 +# define GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB 122 +# define GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB 123 +# define GMAPI_F_RSA_GET_RSAREFPRIVATEKEY 124 +# define GMAPI_F_RSA_GET_RSAREFPUBLICKEY 125 +# define GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB 126 +# define GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB 127 +# define GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY 128 +# define GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY 129 +# define GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB 130 +# define GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB 131 +# define GMAPI_F_RSA_SET_RSAREFPRIVATEKEY 132 +# define GMAPI_F_RSA_SET_RSAREFPUBLICKEY 133 +# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER 134 +# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB 135 +# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER 136 +# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB 137 +# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER 138 +# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB 139 /* Reason codes. */ # define GMAPI_R_BUFFER_TOO_SMALL 100 -# define GMAPI_R_CBCMAC_FAILURE 101 -# define GMAPI_R_CTX_NOT_CREATED 102 -# define GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED 103 -# define GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED 104 -# define GMAPI_R_DECRYPT_FAILED 105 -# define GMAPI_R_ENCODE_CIPHERTEXT_FAILED 106 -# define GMAPI_R_ENCODE_FAILED 107 -# define GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED 108 -# define GMAPI_R_ENCODE_SIGNATURE_FAILED 109 -# define GMAPI_R_ENCRYPT_FAILED 110 -# define GMAPI_R_FAIL 111 -# define GMAPI_R_GEN_RANDOM 112 -# define GMAPI_R_GEN_RSA_FAILED 113 -# define GMAPI_R_GET_PRIVATE_KEY_FAILED 114 -# define GMAPI_R_GET_PUBLIC_KEY_FAILED 115 -# define GMAPI_R_INT_OVERFLOW 116 -# define GMAPI_R_INVALID_ALGID 117 -# define GMAPI_R_INVALID_ALGOR 118 -# define GMAPI_R_INVALID_ARGUMENTS 119 -# define GMAPI_R_INVALID_BIGNUM_LENGTH 120 -# define GMAPI_R_INVALID_BLOB 121 -# define GMAPI_R_INVALID_CIPHERTEXT 122 -# define GMAPI_R_INVALID_CIPHERTEXT_LENGTH 123 -# define GMAPI_R_INVALID_CIPHERTEXT_MAC 124 -# define GMAPI_R_INVALID_CIPHERTEXT_POINT 125 -# define GMAPI_R_INVALID_CIPHER_CTX_HANDLE 126 -# define GMAPI_R_INVALID_CIPHETEXT_LENGTH 127 -# define GMAPI_R_INVALID_CONTEXT 128 -# define GMAPI_R_INVALID_DIGEST_ALGOR 129 -# define GMAPI_R_INVALID_DIGEST_LENGTH 130 -# define GMAPI_R_INVALID_ECC_PRIVATE_KEY 131 -# define GMAPI_R_INVALID_ECC_PUBLIC_KEY 132 -# define GMAPI_R_INVALID_EC_KEY 133 -# define GMAPI_R_INVALID_EC_PRIVATE_KEY 134 -# define GMAPI_R_INVALID_EC_PUBLIC_KEY 135 -# define GMAPI_R_INVALID_FEED_BIT_LENGTH 136 -# define GMAPI_R_INVALID_HANDLE 137 -# define GMAPI_R_INVALID_HANDLE_ALGOR 138 -# define GMAPI_R_INVALID_HANDLE_MAGIC 139 -# define GMAPI_R_INVALID_HANDLE_TYPE 140 -# define GMAPI_R_INVALID_HASH_HANDLE 141 -# define GMAPI_R_INVALID_ID_LENGTH 142 -# define GMAPI_R_INVALID_INPUT_LENGTH 143 -# define GMAPI_R_INVALID_IV_LENGTH 144 -# define GMAPI_R_INVALID_KEY_HANDLE 145 -# define GMAPI_R_INVALID_KEY_LENGTH 146 -# define GMAPI_R_INVALID_KEY_USAGE 147 -# define GMAPI_R_INVALID_LENGTH 148 -# define GMAPI_R_INVALID_MAC_HANDLE 149 -# define GMAPI_R_INVALID_PLAINTEXT_LENGTH 150 -# define GMAPI_R_INVALID_PRIVATE_KEY 151 -# define GMAPI_R_INVALID_PUBLIC_KEY 152 -# define GMAPI_R_INVALID_RANDOM_LENGTH 153 -# define GMAPI_R_INVALID_RSA_KEY_LENGTH 154 -# define GMAPI_R_INVALID_RSA_PRIVATE_KEY 155 -# define GMAPI_R_INVALID_RSA_PUBLIC_KEY 156 -# define GMAPI_R_INVALID_SIGNATURE 157 -# define GMAPI_R_INVALID_SM2_CIPHERTEXT 158 -# define GMAPI_R_INVALID_SM2_SIGNATURE 159 -# define GMAPI_R_MAC_FAILURE 160 -# define GMAPI_R_MALLOC_FAILED 161 -# define GMAPI_R_NOT_CONVERTABLE 162 -# define GMAPI_R_NO_PUBLIC_KEY 163 -# define GMAPI_R_NULL_ARGUMENT 164 -# define GMAPI_R_OPERATION_NOT_INITIALIZED 165 -# define GMAPI_R_SAF_ERROR 166 -# define GMAPI_R_SIGN_FAILED 167 -# define GMAPI_R_VERIFY_NOT_PASS 168 +# define GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED 101 +# define GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED 102 +# define GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED 103 +# define GMAPI_R_INVALID_ALGOR 104 +# define GMAPI_R_INVALID_BIGNUM_LENGTH 105 +# define GMAPI_R_INVALID_CIPHERTEXT_LENGTH 106 +# define GMAPI_R_INVALID_CIPHERTEXT_MAC 107 +# define GMAPI_R_INVALID_CIPHERTEXT_POINT 108 +# define GMAPI_R_INVALID_CIPHETEXT_LENGTH 109 +# define GMAPI_R_INVALID_EC_KEY 110 +# define GMAPI_R_INVALID_EC_PRIVATE_KEY 111 +# define GMAPI_R_INVALID_EC_PUBLIC_KEY 112 +# define GMAPI_R_INVALID_KEY_LENGTH 113 +# define GMAPI_R_INVALID_PRIVATE_KEY 114 +# define GMAPI_R_INVALID_PUBLIC_KEY 115 +# define GMAPI_R_INVALID_RSA_KEY_LENGTH 116 +# define GMAPI_R_INVALID_RSA_PRIVATE_KEY 117 +# define GMAPI_R_INVALID_RSA_PUBLIC_KEY 118 +# define GMAPI_R_INVALID_SIGNATURE 119 +# define GMAPI_R_INVALID_SKF_CIPHERTEXT 129 +# define GMAPI_R_INVALID_SKF_EC_CIPHERTEXT 128 +# define GMAPI_R_INVALID_SM2_CIPHERTEXT 120 +# define GMAPI_R_INVALID_SM2_CIPHERTEXT_MAC_LENGTH 127 +# define GMAPI_R_INVALID_SM2_PRIVATE_KEY 121 +# define GMAPI_R_INVALID_SM2_SIGNATURE 122 +# define GMAPI_R_MALLOC_FAILED 123 +# define GMAPI_R_NOT_CONVERTABLE 124 +# define GMAPI_R_NOT_IMPLEMENTED 130 +# define GMAPI_R_NOT_SUPPORTED_GMAPI_CIPHER 125 +# define GMAPI_R_NOT_SUPPORTED_PKEY 126 # ifdef __cplusplus } # endif #endif +#endif diff --git a/include/openssl/gmsaf.h b/include/openssl/gmsaf.h index da1d71d8..5702c21c 100644 --- a/include/openssl/gmsaf.h +++ b/include/openssl/gmsaf.h @@ -50,10 +50,16 @@ #ifndef HEADER_GMSAF_H #define HEADER_GMSAF_H +#include +#ifndef OPENSSL_NO_SAF + #include #include #include +#define SAF_MAX_EC_CIPHERTEXT_LENGTH 136 + + #ifdef __cplusplus extern "C" { #endif @@ -188,3 +194,4 @@ int ERR_load_SAF_strings(void); } # endif #endif +#endif diff --git a/include/openssl/gmsdf.h b/include/openssl/gmsdf.h index 1b8dd45e..07edd14f 100644 --- a/include/openssl/gmsdf.h +++ b/include/openssl/gmsdf.h @@ -50,41 +50,36 @@ #ifndef HEADER_GMSDF_H #define HEADER_GMSDF_H +#include +#ifndef OPENSSL_NO_SDF + #include #include #include -#define SDF_MIN_KEY_INDEX 1 /* defined by GM/T 0018 */ -#define SDF_MAX_KEY_INDEX 32 /* defined by GmSSL as vendor */ -#define SDF_MIN_PASSWORD_LENGTH 8 /* defined by GM/T 0018 */ -#define SDF_MAX_PASSWORD_LENGTH 255 /* defined by GmSSL as vendor */ - -#define ECCref_MAX_CIPHER_LEN 255 - +#define SDF_MIN_KEY_INDEX 1 /* defined by GM/T 0018 */ +#define SDF_MAX_KEY_INDEX 32 /* defined by GmSSL */ +#define SDF_MIN_PASSWORD_LENGTH 8 /* defined by GM/T 0018 */ +#define SDF_MAX_PASSWORD_LENGTH 255 /* defined by GmSSL */ #ifdef __cplusplus extern "C" { #endif -int SDF_PrintDeviceInfo(FILE *fp, DEVICEINFO *devInfo); -int SDF_PrintRSAPublicKey(FILE *fp, RSArefPublicKey *pk); -int SDF_PrintRSAPrivateKey(FILE *fp, RSArefPrivateKey *pk); -int SDF_PrintECCPublicKey(FILE *fp, ECCrefPublicKey *pk); -int SDF_PrintECCPrivateKey(FILE *fp, ECCrefPrivateKey *pk); -/* -int SDF_PrintECCCipher(FILE *fp, ECCCipher *cipher); -int SDF_PrintECCSignature(FILE *fp, ECCSignature *sig); -*/ -const char *SDF_GetErrorString(int err); +int SDF_LoadLibrary(char *so_path, char *vendor); +int SDF_UnloadLibrary(void); +int SDF_ImportKey(void *hSessionHandle, unsigned char *pucKey, + unsigned int uiKeyLength, void **phKeyHandle); + +int SDF_PrintDeviceInfo(DEVICEINFO *devInfo); +int SDF_PrintRSAPublicKey(RSArefPublicKey *ref); +int SDF_PrintRSAPrivateKey(RSArefPrivateKey *ref); +int SDF_PrintECCPublicKey(ECCrefPublicKey *ref); +int SDF_PrintECCPrivateKey(ECCrefPrivateKey *ref); +int SDF_PrintECCCipher(ECCCipher *cipher); +int SDF_PrintECCSignature(ECCSignature *sig); +int SDF_GetErrorString(int err, char **str); -//FIXME: implement this in a standalone file in sdf module -/* -int SDF_ImportKey( - void *hSessionHandle, - unsigned char *pucKey, - unsigned int uiKeyLength, - void **phKeyHandle); -*/ /* BEGIN ERROR CODES */ /* @@ -97,6 +92,8 @@ int ERR_load_SDF_strings(void); /* Error codes for the SDF functions. */ /* Function codes. */ +# define SDF_F_SANSEC_DECODE_ECCCIPHER 149 +# define SDF_F_SANSEC_ENCODE_ECCCIPHER 150 # define SDF_F_SDF_CALCULATEMAC 100 # define SDF_F_SDF_CLOSEDEVICE 101 # define SDF_F_SDF_CLOSESESSION 102 @@ -139,6 +136,7 @@ int ERR_load_SDF_strings(void); # define SDF_F_SDF_INTERNALPUBLICKEYOPERATION_RSA 147 # define SDF_F_SDF_INTERNALSIGN_ECC 139 # define SDF_F_SDF_INTERNALVERIFY_ECC 140 +# define SDF_F_SDF_LOADLIBRARY 148 # define SDF_F_SDF_METHOD_LOAD_LIBRARY 141 # define SDF_F_SDF_OPENDEVICE 142 # define SDF_F_SDF_OPENSESSION 143 @@ -147,18 +145,121 @@ int ERR_load_SDF_strings(void); # define SDF_F_SDF_WRITEFILE 146 /* Reason codes. */ +# define SDF_R_ALGORITHM_MODE_NOT_SUPPORTED 111 +# define SDF_R_ALGORITHM_NOT_SUPPORTED 112 +# define SDF_R_BUFFER_TOO_SMALL 113 +# define SDF_R_COMMUNICATION_FAILURE 114 +# define SDF_R_DSO_LOAD_FAILURE 110 +# define SDF_R_ENCRYPT_DATA_ERROR 115 +# define SDF_R_ERROR 116 +# define SDF_R_FILE_ALREADY_EXIST 117 +# define SDF_R_FILE_NOT_EXIST 118 +# define SDF_R_HARDWARE_ERROR 119 +# define SDF_R_INVALID_CIPHER_ALGOR 143 +# define SDF_R_INVALID_DIGEST_ALGOR 144 +# define SDF_R_INVALID_FILE_OFFSET 120 +# define SDF_R_INVALID_FILE_SIZE 121 +# define SDF_R_INVALID_INPUT_ARGUMENT 122 +# define SDF_R_INVALID_KEY 123 # define SDF_R_INVALID_KEY_LENGTH 100 +# define SDF_R_INVALID_KEY_TYPE 124 +# define SDF_R_INVALID_OUTPUT_ARGUMENT 125 +# define SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH 207 # define SDF_R_INVALID_SDF_LIBRARY 101 # define SDF_R_INVALID_SESSION_HANDLE 102 +# define SDF_R_KEY_NOT_EXIST 126 # define SDF_R_LOAD_LIBRARY_FAILURE 107 +# define SDF_R_MAC_ERROR 127 # define SDF_R_METHOD_OPERATION_FAILURE 108 +# define SDF_R_MULTI_STEP_OPERATION_ERROR 128 # define SDF_R_NOT_INITIALIZED 109 # define SDF_R_NOT_SUPPORTED 103 +# define SDF_R_NOT_SUPPORTED_CIPHER_ALGOR 208 +# define SDF_R_NOT_SUPPORTED_DIGEST_ALGOR 209 +# define SDF_R_NOT_SUPPORTED_ECC_ALGOR 210 +# define SDF_R_NOT_SUPPORTED_PKEY_ALGOR 211 +# define SDF_R_NO_PRIVATE_KEY_ACCESS_RIGHT 129 +# define SDF_R_OPEN_DEVICE_FAILURE 130 +# define SDF_R_OPEN_SESSION_FAILURE 131 # define SDF_R_OPERATION_FAILED 104 +# define SDF_R_OPERATION_NOT_SUPPORTED 132 +# define SDF_R_PRIVATE_KEY_OPERATION_FAILURE 133 +# define SDF_R_PRKERR 134 +# define SDF_R_PUBLIC_KEY_OPERATION_FAILURE 135 +# define SDF_R_RANDOM_GENERATION_ERROR 136 +# define SDF_R_SANSEC_BASE 145 +# define SDF_R_SANSEC_CARD_ALGOR_NOT_SUPPORTED 146 +# define SDF_R_SANSEC_CARD_ALG_MODE_NOT_SUPPORTED 147 +# define SDF_R_SANSEC_CARD_BASE 148 +# define SDF_R_SANSEC_CARD_BUFFER_TOO_SMALL 149 +# define SDF_R_SANSEC_CARD_COMMMUCATION_FAILED 150 +# define SDF_R_SANSEC_CARD_CRYPTO_NOT_INITED 151 +# define SDF_R_SANSEC_CARD_DATA_PADDING_ERROR 152 +# define SDF_R_SANSEC_CARD_DATA_SIZE 153 +# define SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR 154 +# define SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR_05 155 +# define SDF_R_SANSEC_CARD_FILE_NOT_EXIST 156 +# define SDF_R_SANSEC_CARD_FILE_OFFSET_ERROR 157 +# define SDF_R_SANSEC_CARD_FILE_SIZE_ERROR 158 +# define SDF_R_SANSEC_CARD_HARDWARE_FAILURE 159 +# define SDF_R_SANSEC_CARD_KEY_ERROR 160 +# define SDF_R_SANSEC_CARD_KEY_NOT_EXIST 161 +# define SDF_R_SANSEC_CARD_KEY_TYPE_ERROR 162 +# define SDF_R_SANSEC_CARD_LOGIN_ERROR 163 +# define SDF_R_SANSEC_CARD_LOGIN_ERROR_05 164 +# define SDF_R_SANSEC_CARD_MANAGEMENT_DENYED 165 +# define SDF_R_SANSEC_CARD_MANAGEMENT_DENYED_05 166 +# define SDF_R_SANSEC_CARD_NOT_SUPPORTED 167 +# define SDF_R_SANSEC_CARD_OPEN_DEVICE_FAILED 168 +# define SDF_R_SANSEC_CARD_OPEN_SESSION_FAILED 169 +# define SDF_R_SANSEC_CARD_OPERATION_DENYED 170 +# define SDF_R_SANSEC_CARD_OPERATION_DENYED_05 171 +# define SDF_R_SANSEC_CARD_PARAMENT_ERROR 172 +# define SDF_R_SANSEC_CARD_PARAMENT_ERROR_05 173 +# define SDF_R_SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED 174 +# define SDF_R_SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR 175 +# define SDF_R_SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR 176 +# define SDF_R_SANSEC_CARD_READER_BASE 177 +# define SDF_R_SANSEC_CARD_READER_CARD_INSERT 178 +# define SDF_R_SANSEC_CARD_READER_CARD_INSERT_TYPE 179 +# define SDF_R_SANSEC_CARD_READER_NO_CARD 180 +# define SDF_R_SANSEC_CARD_READER_PIN_ERROR 181 +# define SDF_R_SANSEC_CARD_SIGN_ERROR 182 +# define SDF_R_SANSEC_CARD_STEP_ERROR 183 +# define SDF_R_SANSEC_CARD_SYMMETRIC_ALGOR_ERROR 184 +# define SDF_R_SANSEC_CARD_UNKNOW_ERROR 185 +# define SDF_R_SANSEC_CARD_USERID_ERROR 186 +# define SDF_R_SANSEC_CARD_USERID_ERROR_05 187 +# define SDF_R_SANSEC_CARD_VERIFY_ERROR 188 +# define SDF_R_SANSEC_CONFIG_ERROR 189 +# define SDF_R_SANSEC_CONNECT_ERROR 190 +# define SDF_R_SANSEC_FILE_ALREADY_EXIST 191 +# define SDF_R_SANSEC_INVALID_AUTHENCODE 192 +# define SDF_R_SANSEC_INVALID_COMMAND 193 +# define SDF_R_SANSEC_INVALID_PARAMETERS 194 +# define SDF_R_SANSEC_INVALID_USER 195 +# define SDF_R_SANSEC_NO_AVAILABLE_CSM 196 +# define SDF_R_SANSEC_NO_AVAILABLE_HSM 197 +# define SDF_R_SANSEC_PROTOCOL_VERSION_ERROR 198 +# define SDF_R_SANSEC_SEM_TIMEOUT 199 +# define SDF_R_SANSEC_SET_SOCKET_OPTION_ERROR 200 +# define SDF_R_SANSEC_SOCKET_RECV_0 201 +# define SDF_R_SANSEC_SOCKET_RECV_ERROR 202 +# define SDF_R_SANSEC_SOCKET_SEND_ERROR 203 +# define SDF_R_SANSEC_SOCKET_TIMEOUT 204 +# define SDF_R_SANSEC_SYNC_ERROR 205 +# define SDF_R_SANSEC_SYNC_LOGIN_ERROR 206 # define SDF_R_SDF_METHOD_RETURN_FAILURE 105 # define SDF_R_SDF_OPERATION_FAILED 106 +# define SDF_R_SIGNING_FAILURE 137 +# define SDF_R_SUCCESS 138 +# define SDF_R_SYMMETRIC_OPERATION_FAILURE 139 +# define SDF_R_UNNOWN_ERROR 140 +# define SDF_R_VERIFICATION_FAILURE 141 +# define SDF_R_WRITE_FILE_FAILURE 142 # ifdef __cplusplus } # endif #endif +#endif diff --git a/include/openssl/gmskf.h b/include/openssl/gmskf.h index aa87d345..f314bbb3 100644 --- a/include/openssl/gmskf.h +++ b/include/openssl/gmskf.h @@ -50,47 +50,64 @@ #ifndef HEADER_GMSKF_H #define HEADER_GMSKF_H +#include +#ifndef OPENSSL_NO_SKF + #include #include #include -#ifndef SKF_NO_GMSSL #define SKF_NO_PADDING 0 #define SKF_PKCS5_PADDING 1 -#endif -#ifndef SKF_NO_GMSSL -#define DEV_ABSENT_STATE 0x00000000 -#define DEV_PRESENT_STATE 0x00000001 -#define DEV_UNKNOW_STATE 0x00000010 -#endif +#define SKF_DEV_STATE_ABSENT 0x00000000 +#define SKF_DEV_STATE_PRESENT 0x00000001 +#define SKF_DEV_STATE_UNKNOW 0x00000010 -#ifndef SKF_NO_GMSSL -#define CONTAINER_TYPE_UNDEF 0 -#define CONTAINER_TYPE_RSA 1 -#define CONTAINER_TYPE_ECC 2 -#endif +#define SKF_CONTAINER_TYPE_UNDEF 0 +#define SKF_CONTAINER_TYPE_RSA 1 +#define SKF_CONTAINER_TYPE_ECC 2 + +#define SKF_ENVELOPEDKEYBLOB_VERSION 1 +#define SKF_AUTHKEY_LENGTH 16 +#define SKF_AUTHRAND_LENGTH 16 +#define SKF_MAX_FILE_SIZE (256*1024) +#define SKF_MAX_CERTIFICATE_SIZE (8*1024) #ifdef __cplusplus extern "C" { #endif +typedef struct { + union { + ECCPUBLICKEYBLOB ecc; + RSAPUBLICKEYBLOB rsa; + } u; +} SKF_PUBLICKEYBLOB; +#define SKF_MAX_PUBLICKEYBOLB_LENGTH sizeof(SKF_PUBLICKEYBLOB) -//FIXME: change name -/* -const char *SKF_get_alg_name(ULONG ulAlgID); -*/ - -int SKF_PrintDeviceInfo(FILE *fp, DEVINFO *devInfo); -int SKF_PrintRSAPublicKey(FILE *fp, RSAPUBLICKEYBLOB *pk); -int SKF_PrintRSAPrivateKey(FILE *fp, RSAPRIVATEKEYBLOB *pk); -int SKF_PrintECCPublicKey(FILE *fp, ECCPUBLICKEYBLOB *pk); -int SKF_PrintECCPrivateKey(FILE *fp, ECCPRIVATEKEYBLOB *pk); -int SKF_PrintECCCipher(FILE *fp, ECCCIPHERBLOB *cipher); -int SKF_PrintECCSignature(FILE *fp, ECCSIGNATUREBLOB *sig); -const char *SKF_GetErrorString(ULONG error); - +typedef struct { + char *name; + unsigned char *buf; + int offset; + int length; +} SKF_FILE_OP_PARAMS; +ULONG DEVAPI SKF_LoadLibrary(LPSTR so_path, LPSTR vendor); +ULONG DEVAPI SKF_UnloadLibrary(void); +ULONG DEVAPI SKF_GetDevStateName(ULONG ulDevState, LPSTR *szName); +ULONG DEVAPI SKF_GetContainerTypeName(ULONG ulContainerType, LPSTR *szName); +ULONG DEVAPI SKF_GetAlgorName(ULONG ulAlgID, LPSTR *szName); +ULONG DEVAPI SKF_PrintDevInfo(DEVINFO *devInfo); +ULONG DEVAPI SKF_PrintRSAPublicKey(RSAPUBLICKEYBLOB *blob); +ULONG DEVAPI SKF_PrintRSAPrivateKey(RSAPRIVATEKEYBLOB *blob); +ULONG DEVAPI SKF_PrintECCPublicKey(ECCPUBLICKEYBLOB *blob); +ULONG DEVAPI SKF_PrintECCPrivateKey(ECCPRIVATEKEYBLOB *blob); +ULONG DEVAPI SKF_PrintECCCipher(ECCCIPHERBLOB *blob); +ULONG DEVAPI SKF_PrintECCSignature(ECCSIGNATUREBLOB *blob); +ULONG DEVAPI SKF_GetErrorString(ULONG ulError, LPSTR *szErrorStr); +ULONG DEVAPI SKF_NewECCCipher(ULONG ulCipherLen, ECCCIPHERBLOB **cipherBlob); +ULONG DEVAPI SKF_NewEnvelopedKey(ULONG ulCipherLen, ENVELOPEDKEYBLOB **envelopedKeyBlob); /* BEGIN ERROR CODES */ /* @@ -103,12 +120,168 @@ int ERR_load_SKF_strings(void); /* Error codes for the SKF functions. */ /* Function codes. */ +# define SKF_F_SKF_CANCELWAITFORDEVEVENT 108 +# define SKF_F_SKF_CHANGEDEVAUTHKEY 109 +# define SKF_F_SKF_CHANGEPIN 110 +# define SKF_F_SKF_CLEARSECURESTATE 111 +# define SKF_F_SKF_CLOSEAPPLICATION 112 +# define SKF_F_SKF_CLOSECONTAINER 113 +# define SKF_F_SKF_CLOSEHANDLE 114 +# define SKF_F_SKF_CONNECTDEV 115 +# define SKF_F_SKF_CREATEAPPLICATION 116 +# define SKF_F_SKF_CREATECONTAINER 117 +# define SKF_F_SKF_CREATEFILE 118 +# define SKF_F_SKF_DECRYPT 119 +# define SKF_F_SKF_DECRYPTFINAL 120 +# define SKF_F_SKF_DECRYPTINIT 121 +# define SKF_F_SKF_DECRYPTUPDATE 122 +# define SKF_F_SKF_DELETEAPPLICATION 123 +# define SKF_F_SKF_DELETECONTAINER 124 +# define SKF_F_SKF_DELETEFILE 125 +# define SKF_F_SKF_DEVAUTH 126 +# define SKF_F_SKF_DIGEST 127 +# define SKF_F_SKF_DIGESTFINAL 128 +# define SKF_F_SKF_DIGESTINIT 129 +# define SKF_F_SKF_DIGESTUPDATE 130 +# define SKF_F_SKF_DISCONNECTDEV 131 +# define SKF_F_SKF_ECCDECRYPT 184 +# define SKF_F_SKF_ECCEXPORTSESSIONKEY 132 +# define SKF_F_SKF_ECCSIGNDATA 133 +# define SKF_F_SKF_ECCVERIFY 134 +# define SKF_F_SKF_ENCRYPT 135 +# define SKF_F_SKF_ENCRYPTFINAL 136 +# define SKF_F_SKF_ENCRYPTINIT 137 +# define SKF_F_SKF_ENCRYPTUPDATE 138 +# define SKF_F_SKF_ENUMAPPLICATION 139 +# define SKF_F_SKF_ENUMCONTAINER 140 +# define SKF_F_SKF_ENUMDEV 141 +# define SKF_F_SKF_ENUMFILES 142 +# define SKF_F_SKF_EXPORTCERTIFICATE 143 +# define SKF_F_SKF_EXPORTPUBLICKEY 144 +# define SKF_F_SKF_EXTECCDECRYPT 145 +# define SKF_F_SKF_EXTECCENCRYPT 146 +# define SKF_F_SKF_EXTECCSIGN 147 +# define SKF_F_SKF_EXTECCVERIFY 148 +# define SKF_F_SKF_EXTRSAPRIKEYOPERATION 149 +# define SKF_F_SKF_EXTRSAPUBKEYOPERATION 150 +# define SKF_F_SKF_GENECCKEYPAIR 151 +# define SKF_F_SKF_GENERATEAGREEMENTDATAANDKEYWITHECC 152 +# define SKF_F_SKF_GENERATEAGREEMENTDATAWITHECC 153 +# define SKF_F_SKF_GENERATEKEYWITHECC 154 +# define SKF_F_SKF_GENEXTRSAKEY 155 +# define SKF_F_SKF_GENRANDOM 156 +# define SKF_F_SKF_GENRSAKEYPAIR 157 +# define SKF_F_SKF_GETCONTAINERTYPE 158 # define SKF_F_SKF_GETDEVINFO 100 +# define SKF_F_SKF_GETDEVSTATE 159 +# define SKF_F_SKF_GETFILEINFO 160 +# define SKF_F_SKF_GETPININFO 161 +# define SKF_F_SKF_IMPORTCERTIFICATE 162 +# define SKF_F_SKF_IMPORTECCKEYPAIR 163 +# define SKF_F_SKF_IMPORTECCPRIVATEKEY 103 +# define SKF_F_SKF_IMPORTRSAKEYPAIR 164 +# define SKF_F_SKF_IMPORTSESSIONKEY 165 +# define SKF_F_SKF_LOADLIBRARY 101 +# define SKF_F_SKF_LOCKDEV 166 +# define SKF_F_SKF_MAC 107 +# define SKF_F_SKF_MACFINAL 167 +# define SKF_F_SKF_MACINIT 168 +# define SKF_F_SKF_MACUPDATE 169 +# define SKF_F_SKF_METHOD_LOAD_LIBRARY 104 +# define SKF_F_SKF_NEWECCCIPHER 102 +# define SKF_F_SKF_NEWENVELOPEDKEY 183 +# define SKF_F_SKF_OPENAPPLICATION 170 +# define SKF_F_SKF_OPENCONTAINER 171 +# define SKF_F_SKF_READFILE 172 +# define SKF_F_SKF_RSAEXPORTSESSIONKEY 173 +# define SKF_F_SKF_RSASIGNDATA 174 +# define SKF_F_SKF_RSAVERIFY 175 +# define SKF_F_SKF_SETLABEL 176 +# define SKF_F_SKF_SETSYMMKEY 177 +# define SKF_F_SKF_TRANSMIT 178 +# define SKF_F_SKF_UNBLOCKPIN 179 +# define SKF_F_SKF_UNLOCKDEV 180 +# define SKF_F_SKF_VERIFYPIN 181 +# define SKF_F_SKF_W 105 +# define SKF_F_SKF_WAITFORDEVEVENT 106 +# define SKF_F_SKF_WRITEFILE 182 /* Reason codes. */ +# define SKF_R_APPLICATION_ALREADY_EXIST 110 +# define SKF_R_APPLICATION_NOT_EXISAT 111 +# define SKF_R_APPLICATION_NOT_EXIST 171 +# define SKF_R_BUFFER_TOO_SMALL 112 +# define SKF_R_CERTIFICATE_NOT_FOUND 113 +# define SKF_R_CSP_IMPORT_PUBLIC_KEY_ERROR 114 +# define SKF_R_DECRYPT_INVALID_PADDING 115 +# define SKF_R_DEVICE_REMOVED 116 +# define SKF_R_DIGEST_ERROR 117 +# define SKF_R_DSO_LOAD_FAILURE 105 +# define SKF_R_ENVELOPE_PRVATE_KEY_FAILURE 104 +# define SKF_R_EXPORT_FAILED 118 +# define SKF_R_FAILURE 108 +# define SKF_R_FILE_ALREADY_EXIST 119 +# define SKF_R_FILE_ERROR 120 +# define SKF_R_FILE_NOT_EXIST 121 +# define SKF_R_FUNCTION_NOT_SUPPORTED 106 +# define SKF_R_HASH_NOT_EQUAL 122 +# define SKF_R_IMPORT_ENVELOPED_ECC_PRIVATE_KEY_FAILURE 102 +# define SKF_R_INVALID_APPLICATION_NAME 123 +# define SKF_R_INVALID_CONTAINER_TYPE 103 +# define SKF_R_INVALID_DIGEST_HANDLE 124 +# define SKF_R_INVALID_HANDLE 125 +# define SKF_R_INVALID_INPUT_LENGTH 126 +# define SKF_R_INVALID_INPUT_VALUE 127 +# define SKF_R_INVALID_KEY_INFO_TYPE 128 +# define SKF_R_INVALID_KEY_USAGE 129 +# define SKF_R_INVALID_MAC_LENGTH 130 +# define SKF_R_INVALID_MODULUS_LENGTH 131 +# define SKF_R_INVALID_NAME_LENGTH 132 +# define SKF_R_INVALID_OBJECT 133 +# define SKF_R_INVALID_PARAMETER 134 +# define SKF_R_INVALID_PIN 135 +# define SKF_R_INVALID_PIN_LENGTH 136 +# define SKF_R_INVALID_RSA_MODULUS_LENGTH 137 +# define SKF_R_INVALID_USER_TYPE 138 +# define SKF_R_KEY_NOT_FOUND 139 +# define SKF_R_LOAD_LIBRARY_FAILURE 101 +# define SKF_R_MEMORY_ERROR 140 +# define SKF_R_NOT_INITIALIZED 141 +# define SKF_R_NOT_SUPPORTED_CIPHER_ALGOR 168 +# define SKF_R_NOT_SUPPORTED_DIGEST_ALGOR 169 +# define SKF_R_NOT_SUPPORTED_PKEY_ALGOR 170 +# define SKF_R_NO_EVENT 142 +# define SKF_R_NO_SPACE 143 # define SKF_R_NULL_ARGUMENT 100 +# define SKF_R_OPERATION_NOT_SUPPORTED 144 +# define SKF_R_PIN_INCORRECT 145 +# define SKF_R_PIN_LOCKED 146 +# define SKF_R_RANDOM_GENERATION_FAILED 147 +# define SKF_R_READ_FILE_FAILURE 148 +# define SKF_R_RSA_DECRYPTION_FAILURE 149 +# define SKF_R_RSA_ENCRYPTION_FAILURE 150 +# define SKF_R_RSA_KEY_GENERATION_FAILURE 151 +# define SKF_R_SKF_METHOD_NOT_INITIALIZED 107 +# define SKF_R_SUCCESS 152 +# define SKF_R_TIMEOUT 153 +# define SKF_R_UNKNOWN_ERROR 109 +# define SKF_R_UNKNOWN_VENDOR 158 +# define SKF_R_USER_ALREADY_LOGGED_IN 154 +# define SKF_R_USER_NOT_LOGGED_IN 155 +# define SKF_R_USER_PIN_NOT_INITIALIZED 156 +# define SKF_R_WISEC_AUTH_BLOCKED 159 +# define SKF_R_WISEC_CERTNOUSAGEERR 160 +# define SKF_R_WISEC_CERTUSAGEERR 161 +# define SKF_R_WISEC_CONTAINER_EXISTS 162 +# define SKF_R_WISEC_CONTAINER_NOT_EXISTS 163 +# define SKF_R_WISEC_DEVNOAUTH 164 +# define SKF_R_WISEC_FILEATTRIBUTEERR 165 +# define SKF_R_WISEC_INVALIDCONTAINERERR 166 +# define SKF_R_WISEC_KEYNOUSAGEERR 167 +# define SKF_R_WRITE_FILE_FAILURE 157 # ifdef __cplusplus } # endif #endif +#endif diff --git a/include/openssl/gmsof.h b/include/openssl/gmsof.h index c49a2803..89819e31 100644 --- a/include/openssl/gmsof.h +++ b/include/openssl/gmsof.h @@ -50,6 +50,9 @@ #ifndef HEADER_GMSOF_H #define HEADER_GMSOF_H +#include +#ifndef OPENSSL_NO_SOF + #include #include #include @@ -145,3 +148,4 @@ int ERR_load_SOF_strings(void); } # endif #endif +#endif diff --git a/include/openssl/gmtls.h b/include/openssl/gmtls.h index 9b6ebd91..6aa2a2c8 100644 --- a/include/openssl/gmtls.h +++ b/include/openssl/gmtls.h @@ -1,6 +1,51 @@ - - - +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ #ifndef HEADER_GMTLS_H #define HEADER_GMTLS_H @@ -9,33 +54,53 @@ extern "C" { #endif /* version */ -# define GMTLS_VERSION 0x0101 -# define GMTLS_VERSION_MAJOR 0x01 -# define GMTLS_VERSOIN_MINOR 0x01 +# define GMTLS1_VERSION 0x0100 +# define GMTLS1_VERSION_MAJOR 0x01 +# define GMTLS1_VERSION_MINOR 0x00 +# define GMTLS1_1_VERSION 0x0101 +# define GMTLS1_1_VERSION_MAJOR 0x01 +# define GMTLS1_1_VERSION_MINOR 0x01 +# define GMTLS_VERSION GMTLS1_1_VERSION +# define GMTLS_VERSION_MAJOR GMTLS1_1_VERSION_MAJOR +# define GMTLS_VERSOIN_MINOR GMTLS1_1_VERSION_MINOR +/* GM/T SSL-VPN CipherSuites */ +# define GMTLS_CK_SM2DHE_WITH_SM1_SM3 0x0300E001 +# define GMTLS_CK_SM2_WITH_SM1_SM3 0x0300E003 +# define GMTLS_CK_SM9DHE_WITH_SM1_SM3 0x0300E005 +# define GMTLS_CK_SM9_WITH_SM1_SM3 0x0300E007 +# define GMTLS_CK_RSA_WITH_SM1_SM3 0x0300E009 +# define GMTLS_CK_RSA_WITH_SM1_SHA1 0x0300E00A +# define GMTLS_CK_SM2DHE_WITH_SMS4_SM3 0x0300E011 +# define GMTLS_CK_SM2_WITH_SMS4_SM3 0x0300E013 +# define GMTLS_CK_SM9DHE_WITH_SMS4_SM3 0x0300E015 +# define GMTLS_CK_SM9_WITH_SMS4_SM3 0x0300E017 +# define GMTLS_CK_RSA_WITH_SMS4_SM3 0x0300E019 +# define GMTLS_CK_RSA_WITH_SMS4_SHA1 0x0300E01A -/* SSLVPN ciphersuites from GM/T 0024-2014 Table 2 */ -# define GMTLS_CK_ECDHE_SM1_SM3 0x0300E001 -# define GMTLS_CK_ECC_SM1_SM3 0x0300E003 -# define GMTLS_CK_IBSDH_SM1_SM3 0x0300E005 -# define GMTLS_CK_IBC_SM1_SM3 0x0300E007 -# define GMTLS_CK_RSA_SM1_SM3 0x0300E009 -# define GMTLS_CK_RSA_SM1_SHA1 0x0300E00A -# define GMTLS_CK_ECDHE_SM4_SM3 0x0300E011 -# define GMTLS_CK_ECC_SM4_SM3 0x0300E013 -# define GMTLS_CK_IBSDH_SM4_SM3 0x0300E015 -# define GMTLS_CK_IBC_SM4_SM3 0x0300E017 -# define GMTLS_CK_RSA_SM4_SM3 0x0300E019 -# define GMTLS_CK_RSA_SM4_SHA1 0x0300E01A +/* ECDHE-SM2-WITH-[SM1|SMS4|SSF33]-[SM3|SHA256] */ +# define GMTLS_CK_ECDHE_SM2_WITH_SM1_SM3 0x0300E101 +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_SM3 0x0300E102 +# define GMTLS_CK_ECDHE_SM2_WITH_SSF33_SM3 0x0300E103 +# define GMTLS_CK_ECDHE_SM2_WITH_SM1_SHA256 0x0300E104 +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_SHA256 0x0300E105 +# define GMTLS_CK_ECDHE_SM2_WITH_SSF33_SHA256 0x0300E106 +/* ECDHE-SM2-WITH-SMS4-[GCM|CCM|CCM-8]-[SM3|SHA256] */ +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_GCM_SM3 0x0300E107 +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_CCM_SM3 0x0300E108 +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_CCM_8_SM3 0x0300E109 +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_GCM_SHA256 0x0300E10A +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_CCM_SHA256 0x0300E10B +# define GMTLS_CK_ECDHE_SM2_WITH_SMS4_CCM_8_SHA256 0x0300E10C /* PSK ciphersuites with NULL cipher */ -# define GMTLS_CK_PSK_WITH_NULL_SM3 -# define GMTLS_CK_DHE_PSK_WITH_NULL_SM3 0x0300F104 -# define GMTLS_CK_RSA_PSK_WITH_NULL_SM3 0x0300F108 -# define GMTLS_CK_SM2_PSK_WITH_NULL_SM3 0x0300F108 -# define GMTLS_CK_ECDHE_PSK_WITH_NULL_SM3 0x0300F108 +# define GMTLS_CK_PSK_WITH_NULL_SM3 0x0300F001 +# define GMTLS_CK_DHE_PSK_WITH_NULL_SM3 0x0300F002 +# define GMTLS_CK_RSA_PSK_WITH_NULL_SM3 0x0300F003 +# define GMTLS_CK_SM2_PSK_WITH_NULL_SM3 0x0300F004 +# define GMTLS_CK_ECDHE_PSK_WITH_NULL_SM3 0x0300F005 /* PSK ciphersuits with SMS4 */ # define GMTLS_CK_PSK_WITH_SMS4_CBC_SM3 0x0300F101 @@ -44,41 +109,117 @@ extern "C" { # define GMTLS_CK_DHE_PSK_WITH_SMS4_CBC_SM3 0x0300F105 # define GMTLS_CK_DHE_PSK_WITH_SMS4_GCM_SM3 0x0300F106 # define GMTLS_CK_DHE_PSK_WITH_SMS4_CCM_SM3 0x0300F107 -# define GMTLS_CK_RSA_PSK_WITH_SMS4_CBC_SM3 0x0300F109 -# define GMTLS_CK_RSA_PSK_WITH_SMS4_GCM_SM3 0x0300F10A -# define GMTLS_CK_RSA_PSK_WITH_SMS4_CCM_SM3 0x0300F10B -# define GMTLS_CK_ECC_PSK_WITH_SMS4_CBC_SM3 0x0300F109 -# define GMTLS_CK_ECC_PSK_WITH_SMS4_GCM_SM3 0x0300F10A -# define GMTLS_CK_ECC_PSK_WITH_SMS4_CCM_SM3 0x0300F10B +# define GMTLS_CK_RSA_PSK_WITH_SMS4_CBC_SM3 0x0300F108 +# define GMTLS_CK_RSA_PSK_WITH_SMS4_GCM_SM3 0x0300F109 +# define GMTLS_CK_RSA_PSK_WITH_SMS4_CCM_SM3 0x0300F10A +# define GMTLS_CK_ECC_PSK_WITH_SMS4_CBC_SM3 0x0300F10B +# define GMTLS_CK_ECC_PSK_WITH_SMS4_GCM_SM3 0x0300F10C +# define GMTLS_CK_ECC_PSK_WITH_SMS4_CCM_SM3 0x0300F10D +# define GMTLS_CK_PSK_WITH_SM1_CBC_SM3 0x0300F10E +# define GMTLS_CK_PSK_WITH_SM1_GCM_SM3 0x0300F10F +# define GMTLS_CK_PSK_WITH_SM1_CCM_SM3 0x0300F110 +# define GMTLS_CK_DHE_PSK_WITH_SM1_CBC_SM3 0x0300F111 +# define GMTLS_CK_DHE_PSK_WITH_SM1_GCM_SM3 0x0300F112 +# define GMTLS_CK_DHE_PSK_WITH_SM1_CCM_SM3 0x0300F113 +# define GMTLS_CK_RSA_PSK_WITH_SM1_CBC_SM3 0x0300F114 +# define GMTLS_CK_RSA_PSK_WITH_SM1_GCM_SM3 0x0300F115 +# define GMTLS_CK_RSA_PSK_WITH_SM1_CCM_SM3 0x0300F116 -# define GMTLS_CK_PSK_WITH_SM1_CBC_SM3 0x0300F101 -# define GMTLS_CK_PSK_WITH_SM1_GCM_SM3 0x0300F102 -# define GMTLS_CK_PSK_WITH_SM1_CCM_SM3 0x0300F103 -# define GMTLS_CK_DHE_PSK_WITH_SM1_CBC_SM3 0x0300F105 -# define GMTLS_CK_DHE_PSK_WITH_SM1_GCM_SM3 0x0300F106 -# define GMTLS_CK_DHE_PSK_WITH_SM1_CCM_SM3 0x0300F107 -# define GMTLS_CK_RSA_PSK_WITH_SM1_CBC_SM3 0x0300F109 -# define GMTLS_CK_RSA_PSK_WITH_SM1_GCM_SM3 0x0300F10A -# define GMTLS_CK_RSA_PSK_WITH_SM1_CCM_SM3 0x0300F10B - - -# define GMTLS_CK_PSK_WITH_SSF33_CBC_SM3 0x0300F101 -# define GMTLS_CK_PSK_WITH_SSF33_GCM_SM3 0x0300F102 -# define GMTLS_CK_PSK_WITH_SSF33_CCM_SM3 0x0300F103 -# define GMTLS_CK_DHE_PSK_WITH_SSF33_CBC_SM3 0x0300F105 -# define GMTLS_CK_DHE_PSK_WITH_SSF33_GCM_SM3 0x0300F106 -# define GMTLS_CK_DHE_PSK_WITH_SSF33_CCM_SM3 0x0300F107 -# define GMTLS_CK_RSA_PSK_WITH_SSF33_CBC_SM3 0x0300F109 -# define GMTLS_CK_RSA_PSK_WITH_SSF33_GCM_SM3 0x0300F10A -# define GMTLS_CK_RSA_PSK_WITH_SSF33_CCM_SM3 0x0300F10B +# define GMTLS_CK_PSK_WITH_SSF33_CBC_SM3 0x0300F117 +# define GMTLS_CK_PSK_WITH_SSF33_GCM_SM3 0x0300F118 +# define GMTLS_CK_PSK_WITH_SSF33_CCM_SM3 0x0300F119 +# define GMTLS_CK_DHE_PSK_WITH_SSF33_CBC_SM3 0x0300F11A +# define GMTLS_CK_DHE_PSK_WITH_SSF33_GCM_SM3 0x0300F11B +# define GMTLS_CK_DHE_PSK_WITH_SSF33_CCM_SM3 0x0300F11C +# define GMTLS_CK_RSA_PSK_WITH_SSF33_CBC_SM3 0x0300F11D +# define GMTLS_CK_RSA_PSK_WITH_SSF33_GCM_SM3 0x0300F11E +# define GMTLS_CK_RSA_PSK_WITH_SSF33_CCM_SM3 0x0300F11F /* SRP ciphersuites */ -# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3 -# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3 -# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3 -# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3 -# define GMTLS_CK_SRP_SM3_WITH_SMS4_CCM_SM3 +# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3 0x0300F201 +# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3 0x0300F202 +# define GMTLS_CK_SRP_SM3_WITH_SMS4_CCM_SM3 0x0300F203 + + +/**********************/ +/* GM/T SSL-VPN CipherSuites */ +# define GMTLS_TXT_SM2DHE_WITH_SM1_SM3 "SM2DHE-WITH-SM1-SM3" +# define GMTLS_TXT_SM2_WITH_SM1_SM3 "SM2-WITH-SM1-SM3" +# define GMTLS_TXT_SM9DHE_WITH_SM1_SM3 "SM9DHE-WITH-SM1-SM3" +# define GMTLS_TXT_SM9_WITH_SM1_SM3 "SM9-WITH-SM1-SM3" +# define GMTLS_TXT_RSA_WITH_SM1_SM3 "RSA-WITH-SM1-SM3" +# define GMTLS_TXT_RSA_WITH_SM1_SHA1 "RSA-WITH-SM1-SHA1" +# define GMTLS_TXT_SM2DHE_WITH_SMS4_SM3 "SM2DHE-WITH-SMS4-SM3" +# define GMTLS_TXT_SM2_WITH_SMS4_SM3 "SM2-WITH-SMS4-SM3" +# define GMTLS_TXT_SM9DHE_WITH_SMS4_SM3 "SM9DHE-WITH-SMS4-SM3" +# define GMTLS_TXT_SM9_WITH_SMS4_SM3 "SM9-WITH-SMS4-SM3" +# define GMTLS_TXT_RSA_WITH_SMS4_SM3 "RSA-WITH-SMS4-SM3" +# define GMTLS_TXT_RSA_WITH_SMS4_SHA1 "RSA-WITH-SMS4-SHA1" + +/* ECDHE-SM2-WITH-[SM1|SMS4|SSF33]-[SM3|SHA256] */ +# define GMTLS_TXT_ECDHE_SM2_WITH_SM1_SM3 "ECDHE-SM2-WITH-SM1-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_SM3 "ECDHE-SM2-WITH-SMS4-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SSF33_SM3 "ECDHE-SM2-WITH-SSF33-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SM1_SHA256 "ECDHE-SM2-WITH-SM1-SHA256" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_SHA256 "ECDHE-SM2-WITH-SMS4-SHA256" +# define GMTLS_TXT_ECDHE_SM2_WITH_SSF33_SHA256 "ECDHE-SM2-WITH-SSF33-SHA256" + +/* ECDHE-SM2-WITH-SMS4-[GCM|CCM|CCM-8]-[SM3|SHA256] */ +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_GCM_SM3 "ECDHE-SM2-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_CCM_SM3 "ECDHE-SM2-WITH-SMS4-CCM-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_CCM_8_SM3 "ECDHE-SM2-WITH-SMS4-CCM-8-SM3" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_GCM_SHA256 "ECDHE-SM2-WITH-SMS4-GCM-SHA256" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_CCM_SHA256 "ECDHE-SM2-WITH-SMS4-CCM-SHA256" +# define GMTLS_TXT_ECDHE_SM2_WITH_SMS4_CCM_8_SHA256 "ECDHE-SM2-WITH-SMS4-CCM-8-SHA256" + +/* PSK ciphersuites with NULL cipher */ +# define GMTLS_TXT_PSK_WITH_NULL_SM3 "PSK-WITH-NULL-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_NULL_SM3 "DHE-PSK-WITH-NULL-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_NULL_SM3 "RSA-PSK-WITH-NULL-SM3" +# define GMTLS_TXT_SM2_PSK_WITH_NULL_SM3 "SM2-PSK_WITH-NULL-SM3" +# define GMTLS_TXT_ECDHE_PSK_WITH_NULL_SM3 "ECDHE-PSK-WITH-NULL-SM3" + +/* PSK ciphersuits with SMS4 */ +# define GMTLS_TXT_PSK_WITH_SMS4_CBC_SM3 "PSK-WITH-SMS4-CBC-SM3" +# define GMTLS_TXT_PSK_WITH_SMS4_GCM_SM3 "PSK-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_PSK_WITH_SMS4_CCM_SM3 "PSK-WITH-SMS4-CCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SMS4_CBC_SM3 "DHE-PSK-WITH-SMS4-CBC-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SMS4_GCM_SM3 "DHE-PSK-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SMS4_CCM_SM3 "DHE-PSK-WITH-SMS4-CCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SMS4_CBC_SM3 "RSA-PSK-WITH-SMS4-CBC-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SMS4_GCM_SM3 "RSA-PSK-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SMS4_CCM_SM3 "RSA-PSK-WITH-SMS4-CCM-SM3" +# define GMTLS_TXT_ECC_PSK_WITH_SMS4_CBC_SM3 "ECC-PSK-WITH-SMS4-CBC-SM3" +# define GMTLS_TXT_ECC_PSK_WITH_SMS4_GCM_SM3 "ECC-PSK-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_ECC_PSK_WITH_SMS4_CCM_SM3 "ECC-PSK-WITH-SMS4-CCM-SM3" + + +# define GMTLS_TXT_PSK_WITH_SM1_CBC_SM3 "PSK-WITH-SM1-CBC-SM3" +# define GMTLS_TXT_PSK_WITH_SM1_GCM_SM3 "PSK-WITH-SM1-GCM-SM3" +# define GMTLS_TXT_PSK_WITH_SM1_CCM_SM3 "PSK-WITH-SM1-CCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SM1_CBC_SM3 "DHE-PSK-WITH-SM1-CBC-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SM1_GCM_SM3 "DHE-PSK-WITH-SM1-GCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SM1_CCM_SM3 "DHE-PSK-WITH-SM1-CCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SM1_CBC_SM3 "RSA-PSK-WITH-SM1-CBC-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SM1_GCM_SM3 "RSA-PSK-WITH-SM1-GCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SM1_CCM_SM3 "RSA-PSK-WITH-SM1-CCM-SM3" + + +# define GMTLS_TXT_PSK_WITH_SSF33_CBC_SM3 "PSK-WITH-SSF33-CBC-SM3" +# define GMTLS_TXT_PSK_WITH_SSF33_GCM_SM3 "PSK-WITH-SSF33-GCM-SM3" +# define GMTLS_TXT_PSK_WITH_SSF33_CCM_SM3 "PSK-WITH-SSF33-CCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SSF33_CBC_SM3 "DHE-PSK-WITH-SSF33-CBC-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SSF33_GCM_SM3 "DHE-PSK-WITH-SSF33-GCM-SM3" +# define GMTLS_TXT_DHE_PSK_WITH_SSF33_CCM_SM3 "DHE-PSK-WITH-SSF33-CCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SSF33_CBC_SM3 "RSA-PSK-WITH-SSF33-CBC-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SSF33_GCM_SM3 "RSA-PSK-WITH-SSF33-GCM-SM3" +# define GMTLS_TXT_RSA_PSK_WITH_SSF33_CCM_SM3 "RSA-PSK-WITH-SSF33-CCM-SM3" + +/* SRP ciphersuites */ +# define GMTLS_TXT_SRP_SM3_WITH_SMS4_CBC_SM3 "SRP-SM3-WITH-SMS4-CBC-SM3" +# define GMTLS_TXT_SRP_SM3_WITH_SMS4_GCM_SM3 "SRP-SM3-WITH-SMS4-GCM-SM3" +# define GMTLS_TXT_SRP_SM3_WITH_SMS4_CCM_SM3 "SRP-SM3-WITH-SMS4-CCM-SM3" # define TLS_CT_SM2_SIGN 240 diff --git a/include/openssl/hkdf.h b/include/openssl/hkdf.h new file mode 100644 index 00000000..61b36600 --- /dev/null +++ b/include/openssl/hkdf.h @@ -0,0 +1,39 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_HKDF_H +# define HEADER_HKDF_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +unsigned char *HKDF(const EVP_MD *evp_md, + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); + +unsigned char *HKDF_Extract(const EVP_MD *evp_md, + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, + unsigned char *prk, size_t *prk_len); + +unsigned char *HKDF_Expand(const EVP_MD *evp_md, + const unsigned char *prk, size_t prk_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); + +# ifdef __cplusplus +} +# endif +#endif diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index 9f87f788..d611d02f 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -50,6 +50,22 @@ extern "C" { EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_HKDF_INFO, infolen, (void *)info) +/*static*/ unsigned char *HKDF(const EVP_MD *evp_md, + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); + +/*static*/ unsigned char *HKDF_Extract(const EVP_MD *evp_md, + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, + unsigned char *prk, size_t *prk_len); + +/*static*/ unsigned char *HKDF_Expand(const EVP_MD *evp_md, + const unsigned char *prk, size_t prk_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); + /* BEGIN ERROR CODES */ /* * The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 4ebb5045..054a6c34 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -1070,6 +1070,11 @@ #define NID_pbe_WithSHA1And40BitRC2_CBC 149 #define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L +#define SN_pbe_WithSM3AndSMS4_CBC "PBE-SM3-SMS4" +#define LN_pbe_WithSM3AndSMS4_CBC "pbeWithSM3AndSMS4-CBC" +#define NID_pbe_WithSM3AndSMS4_CBC 1195 +#define OBJ_pbe_WithSM3AndSMS4_CBC OBJ_pkcs12_pbeids,100L + #define OBJ_pkcs12_Version1 OBJ_pkcs12,10L #define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L @@ -4552,6 +4557,22 @@ #define LN_kx_sm2 "kx-sm2" #define NID_kx_sm2 1186 +#define SN_kx_sm2dhe "KxSM2DHE" +#define LN_kx_sm2dhe "kx-sm2dhe" +#define NID_kx_sm2dhe 1190 + +#define SN_kx_sm2_psk "KxSM2-PSK" +#define LN_kx_sm2_psk "kx-sm2-psk" +#define NID_kx_sm2_psk 1191 + +#define SN_kx_sm9 "KxSM9" +#define LN_kx_sm9 "kx-sm9" +#define NID_kx_sm9 1188 + +#define SN_kx_sm9dhe "KxSM9DHE" +#define LN_kx_sm9dhe "kx-sm9dhe" +#define NID_kx_sm9dhe 1192 + #define SN_auth_rsa "AuthRSA" #define LN_auth_rsa "auth-rsa" #define NID_auth_rsa 1046 @@ -4588,6 +4609,10 @@ #define LN_auth_sm2 "auth-sm2" #define NID_auth_sm2 1187 +#define SN_auth_sm9 "AuthSM9" +#define LN_auth_sm9 "auth-sm9" +#define NID_auth_sm9 1189 + #define SN_ecies_recommendedParameters "ecies-recommendedParameters" #define NID_ecies_recommendedParameters 1063 #define OBJ_ecies_recommendedParameters OBJ_secg_scheme,7L @@ -5052,6 +5077,14 @@ #define NID_zuc 1136 #define OBJ_zuc OBJ_sm_scheme,800L +#define SN_zuc_128eea3 "zuc-128eea3" +#define NID_zuc_128eea3 1193 +#define OBJ_zuc_128eea3 OBJ_zuc,1L + +#define SN_zuc_128eia3 "zuc-128eia3" +#define NID_zuc_128eia3 1194 +#define OBJ_zuc_128eia3 OBJ_zuc,2L + #define OBJ_ibcs1 OBJ_ISO_US,1L,114334L,1L #define SN_bfibe "bfibe" diff --git a/include/openssl/otp.h b/include/openssl/otp.h index eadddad1..1f465b97 100644 --- a/include/openssl/otp.h +++ b/include/openssl/otp.h @@ -53,6 +53,9 @@ #ifndef HEADER_OTP_H #define HEADER_OTP_H +#include +#ifndef OPENSSL_NO_OTP + #ifdef __cplusplus extern "C" { #endif @@ -99,3 +102,4 @@ int ERR_load_OTP_strings(void); } # endif #endif +#endif diff --git a/include/openssl/paillier.h b/include/openssl/paillier.h index 5edb975b..b423c43b 100644 --- a/include/openssl/paillier.h +++ b/include/openssl/paillier.h @@ -52,7 +52,9 @@ #ifndef HEADER_PAILLIER_H #define HEADER_PAILLIER_H -#ifndef NO_GMSSL + +#include +#ifndef OPENSSL_NO_PAILLIER #include #include diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h index deaded9d..00373a33 100644 --- a/include/openssl/pkcs12.h +++ b/include/openssl/pkcs12.h @@ -269,6 +269,8 @@ int ERR_load_PKCS12_strings(void); # define PKCS12_R_MAC_SETUP_ERROR 110 # define PKCS12_R_MAC_STRING_SET_ERROR 111 # define PKCS12_R_MAC_VERIFY_FAILURE 113 +# define PKCS12_R_NO_AVAIABLE_CIPHER 112 +# define PKCS12_R_NO_AVAIABLE_DIGEST 122 # define PKCS12_R_PARSE_ERROR 114 # define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 # define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 diff --git a/include/openssl/poly1305.h b/include/openssl/poly1305.h new file mode 100644 index 00000000..31fed3c7 --- /dev/null +++ b/include/openssl/poly1305.h @@ -0,0 +1,41 @@ +/* Copyright (c) 2014, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef HEADER_POLY1305_H +#define HEADER_POLY1305_H + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +typedef uint8_t poly1305_state[512]; + +void CRYPTO_poly1305_init(poly1305_state* state, + const uint8_t key[32]); +void CRYPTO_poly1305_update(poly1305_state* state, + const uint8_t* in, + size_t in_len); +void CRYPTO_poly1305_finish(poly1305_state* state, + uint8_t mac[16]); + + +#if defined(__cplusplus) +} /* extern C */ +#endif + +#endif diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index d97d6e07..4ea3205d 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -464,7 +464,9 @@ int ERR_load_RSA_strings(void); # define RSA_F_CHECK_PADDING_MD 140 # define RSA_F_ENCODE_PKCS1 146 # define RSA_F_INT_RSA_VERIFY 145 +# define RSA_F_MARSHAL_INTEGER 150 # define RSA_F_OLD_RSA_PRIV_DECODE 147 +# define RSA_F_PARSE_PUBLIC_KEY 151 # define RSA_F_PKEY_RSA_CTRL 143 # define RSA_F_PKEY_RSA_CTRL_STR 144 # define RSA_F_PKEY_RSA_SIGN 142 @@ -476,6 +478,8 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY_EX 160 # define RSA_F_RSA_CMS_DECRYPT 159 # define RSA_F_RSA_ITEM_VERIFY 148 +# define RSA_F_RSA_MARSHAL_PRIVATE_KEY 158 +# define RSA_F_RSA_MARSHAL_PUBLIC_KEY 164 # define RSA_F_RSA_METH_DUP 161 # define RSA_F_RSA_METH_NEW 162 # define RSA_F_RSA_METH_SET1_NAME 163 @@ -506,10 +510,15 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 # define RSA_F_RSA_PADDING_CHECK_SSLV23 114 # define RSA_F_RSA_PADDING_CHECK_X931 128 +# define RSA_F_RSA_PARSE_PRIVATE_KEY 165 # define RSA_F_RSA_PRINT 115 # define RSA_F_RSA_PRINT_FP 116 +# define RSA_F_RSA_PRIVATE_KEY_FROM_BYTES 166 +# define RSA_F_RSA_PRIVATE_KEY_TO_BYTES 167 # define RSA_F_RSA_PRIV_ENCODE 138 # define RSA_F_RSA_PSS_TO_CTX 155 +# define RSA_F_RSA_PUBLIC_KEY_FROM_BYTES 168 +# define RSA_F_RSA_PUBLIC_KEY_TO_BYTES 169 # define RSA_F_RSA_PUB_DECODE 139 # define RSA_F_RSA_SETUP_BLINDING 136 # define RSA_F_RSA_SIGN 117 @@ -520,10 +529,13 @@ int ERR_load_RSA_strings(void); /* Reason codes. */ # define RSA_R_ALGORITHM_MISMATCH 100 +# define RSA_R_BAD_ENCODING 145 # define RSA_R_BAD_E_VALUE 101 # define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 # define RSA_R_BAD_PAD_BYTE_COUNT 103 +# define RSA_R_BAD_RSA_PARAMETERS 152 # define RSA_R_BAD_SIGNATURE 104 +# define RSA_R_BAD_VERSION 164 # define RSA_R_BLOCK_TYPE_IS_NOT_01 106 # define RSA_R_BLOCK_TYPE_IS_NOT_02 107 # define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 @@ -537,6 +549,7 @@ int ERR_load_RSA_strings(void); # define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 # define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 # define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 +# define RSA_R_ENCODE_ERROR 165 # define RSA_R_FIRST_OCTET_INVALID 133 # define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144 # define RSA_R_INVALID_DIGEST 157 diff --git a/include/openssl/saf.h b/include/openssl/saf.h index f7aa7228..ae5fef6a 100644 --- a/include/openssl/saf.h +++ b/include/openssl/saf.h @@ -46,19 +46,14 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -/* - * SAF API is a crypto API with key and certificate management. - * The API is defined in the GM standard GM/T 0019-2012: - * Universal Cryptography Service Interface Specification - */ #ifndef HEADER_SAF_H #define HEADER_SAF_H +#include +#ifndef OPENSSL_NO_SAF -#define SGD_MAX_COUNT 64 -#define SGD_MAX_NAME_SIZE 256 - +#include #ifdef __cplusplus extern "C" { @@ -70,7 +65,7 @@ typedef struct SGD_USR_CERT_ENUMLIST_ { unsigned char *certificate[SGD_MAX_COUNT]; unsigned int certificateLen[SGD_MAX_COUNT]; unsigned char *containerName[SGD_MAX_COUNT]; - unsigned int containterNameLen[SGD_MAX_COUNT]; //correct?ß + unsigned int containterNameLen[SGD_MAX_COUNT]; unsigned int keyUsage[SGD_MAX_COUNT]; } SGD_USR_CERT_ENUMLIST; @@ -90,13 +85,13 @@ typedef struct { unsigned char dn_l[SGD_MAX_NAME_SIZE]; unsigned char dn_l_len[1]; unsigned char dn_o[5][SGD_MAX_NAME_SIZE]; - unsigned int dn_o_len[5]; + unsigned int dn_o_len[5]; unsigned char dn_ou[5][SGD_MAX_NAME_SIZE]; - unsigned int dn_ou_len[5]; + unsigned int dn_ou_len[5]; unsigned char dn_cn[2][SGD_MAX_NAME_SIZE]; - unsigned int dn_cn_len[2]; + unsigned int dn_cn_len[2]; unsigned char dn_email[2][SGD_MAX_NAME_SIZE]; - unsigned int dn_email_len[2]; + unsigned int dn_email_len[2]; } SGD_NAME_INFO; int SAF_Initialize( @@ -781,3 +776,4 @@ int SAF_SM2_DecodeEnvelopedData( } #endif #endif +#endif diff --git a/include/openssl/sdf.h b/include/openssl/sdf.h index 35d179c6..6a5dcfd4 100644 --- a/include/openssl/sdf.h +++ b/include/openssl/sdf.h @@ -64,6 +64,9 @@ #ifndef HEADER_SDF_H #define HEADER_SDF_H +#include +#ifndef OPENSSL_NO_SDF + #include #include @@ -71,8 +74,8 @@ extern "C" { #endif - -typedef struct DeviceInfo_st{ +#pragma pack(1) +typedef struct /*__attribute__((packed))*/ DeviceInfo_st { unsigned char IssuerName[40]; unsigned char DeviceName[16]; unsigned char DeviceSerial[16]; /* 8-char date + @@ -89,18 +92,13 @@ typedef struct DeviceInfo_st{ unsigned int BufferSize; } DEVICEINFO; -#define RSAref_MAX_BITS 2048 -#define RSAref_MAX_LEN ((RSAref_MAX_BITS + 7) / 8) -#define RSAref_MAX_PBITS ((RSAref_MAX_BITS + 1) / 2) -#define RSAref_MAX_PLEN ((RSAref_MAX_PBITS + 7)/ 8) - -typedef struct RSArefPublicKey_st { +typedef struct /*__attribute__((packed))*/ RSArefPublicKey_st { unsigned int bits; unsigned char m[RSAref_MAX_LEN]; unsigned char e[RSAref_MAX_LEN]; } RSArefPublicKey; -typedef struct RSArefPrivateKey_st { +typedef struct /*__attribute__((packed))*/ RSArefPrivateKey_st { unsigned int bits; unsigned char m[RSAref_MAX_LEN]; unsigned char e[RSAref_MAX_LEN]; @@ -110,53 +108,38 @@ typedef struct RSArefPrivateKey_st { unsigned char coef[RSAref_MAX_PLEN]; } RSArefPrivateKey; -#define ECCref_MAX_BITS 512 -#define ECCref_MAX_LEN ((ECCref_MAX_BITS+7) / 8) - -typedef struct ECCrefPublicKey_st { +typedef struct /*__attribute__((packed))*/ ECCrefPublicKey_st { unsigned int bits; unsigned char x[ECCref_MAX_LEN]; unsigned char y[ECCref_MAX_LEN]; } ECCrefPublicKey; -typedef struct ECCrefPrivateKey_st { +typedef struct /*__attribute__((packed))*/ ECCrefPrivateKey_st { unsigned int bits; unsigned char K[ECCref_MAX_LEN]; } ECCrefPrivateKey; -typedef struct ECCCipher_st { +typedef struct /*__attribute__((packed))*/ ECCCipher_st { unsigned char x[ECCref_MAX_LEN]; unsigned char y[ECCref_MAX_LEN]; - /* - * In SM2 ciphertext the `M` is the hash result of the plaintext - * with generated Diffie-Hellman keys, so the length should be the - * digest length, for SM3 it is 256-bit which is equal to the max - * elliptic curve key length (256-bit). - */ unsigned char M[32]; - - /* length of ciphertext `C` */ unsigned int L; unsigned char C[1]; } ECCCipher; -typedef struct ECCSignature_st { +typedef struct /*__attribute__((packed))*/ ECCSignature_st { unsigned char r[ECCref_MAX_LEN]; unsigned char s[ECCref_MAX_LEN]; } ECCSignature; -/* ENVELOPEDKEYBLOB is not used in this API, and it requires the - * ECCCIPHERBLOB and ECCPUBLICKEYBLOB defined in SKF API - */ -#if 0 -typedef struct SDF_ENVELOPEDKEYBLOB { +typedef struct /*__attribute__((packed))*/ SDF_ENVELOPEDKEYBLOB { unsigned long Version; unsigned long ulSymmAlgID; - ECCCIPHERBLOB ECCCipehrBlob; - ECCPUBLICKEYBLOB PubKey; + ECCCipher ECCCipehrBlob; + ECCrefPublicKey PubKey; unsigned char cbEncryptedPrivKey[64]; -} ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB; -#endif +} EnvelopedKeyBlob, *PEnvelopedKeyBlob; +#pragma pack() int SDF_OpenDevice( void **phDeviceHandle); @@ -475,7 +458,7 @@ int SDF_DeleteFile( #define SDR_OPENSESSION (SDR_BASE + 0x00000006) #define SDR_PARDENY (SDR_BASE + 0x00000007) #define SDR_KEYNOTEXIST (SDR_BASE + 0x00000008) -#define SDR_ALGNOTSUPPOT (SDR_BASE + 0x00000009) +#define SDR_ALGNOTSUPPORT (SDR_BASE + 0x00000009) #define SDR_ALGMODNOTSUPPORT (SDR_BASE + 0x0000000A) #define SDR_PKOPERR (SDR_BASE + 0x0000000B) #define SDR_SKOPERR (SDR_BASE + 0x0000000C) @@ -503,3 +486,4 @@ int SDF_DeleteFile( } #endif #endif +#endif diff --git a/include/openssl/serpent.h b/include/openssl/serpent.h index 18cff3dc..8efade2d 100644 --- a/include/openssl/serpent.h +++ b/include/openssl/serpent.h @@ -76,8 +76,10 @@ POSSIBILITY OF SUCH DAMAGE. */ #ifndef HEADER_SERPENT_H #define HEADER_SERPENT_H -#include #include +#ifndef OPENSSL_NO_SERPENT + +#include #define SERPENT_ROUNDS 32 #define SERPENT_BLOCK_SIZE 16 @@ -114,5 +116,5 @@ extern "C" { #ifdef __cplusplus } #endif - +#endif #endif diff --git a/include/openssl/sgd.h b/include/openssl/sgd.h index c2574935..23859f23 100644 --- a/include/openssl/sgd.h +++ b/include/openssl/sgd.h @@ -1,315 +1,428 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ -/* - * this header file is based on the standard GM/T 0006-2012 - * Cryptographic Application Identifier Criterion Specification - */ - -#ifndef HEADER_SGD_H -#define HEADER_SGD_H - -#include - -/* block cipher modes */ -#define SGD_ECB 0x01 -#define SGD_CBC 0x02 -#define SGD_CFB 0x04 -#define SGD_OFB 0x08 -#define SGD_MAC 0x10 - -/* stream cipher modes */ -#define SGD_EEA3 0x01 -#define SGD_EIA3 0x02 - -/* ciphers */ -#define SGD_SM1 0x00000100 -#define SGD_SSF33 0x00000200 -#define SGD_SM4 0x00000400 -#define SGD_ZUC 0x00000800 - -/* ciphers with modes */ -#define SGD_SM1_ECB (SGD_SM1|SGD_ECB) -#define SGD_SM1_CBC (SGD_SM1|SGD_CBC) -#define SGD_SM1_CFB (SGD_SM1|SGD_CFB) -#define SGD_SM1_OFB (SGD_SM1|SGD_OFB) -#define SGD_SM1_MAC (SGD_SM1|SGD_MAC) -#define SGD_SSF33_ECB (SGD_SSF33|SGD_ECB) -#define SGD_SSF33_CBC (SGD_SSF33|SGD_CBC) -#define SGD_SSF33_CFB (SGD_SSF33|SGD_CFB) -#define SGD_SSF33_OFB (SGD_SSF33|SGD_OFB) -#define SGD_SSF33_MAC (SGD_SSF33|SGD_MAC) -#define SGD_SM4_ECB (SGD_SM4|SGD_ECB) -#define SGD_SM4_CBC (SGD_SM4|SGD_CBC) -#define SGD_SM4_CFB (SGD_SM4|SGD_CFB) -#define SGD_SM4_OFB (SGD_SM4|SGD_OFB) -#define SGD_SM4_MAC (SGD_SM4|SGD_MAC) -#define SGD_ZUC_EEA3 (SGD_ZUC|SGD_EEA3) -#define SGD_ZUC_EIA3 (SGD_ZUC|SGD_EIA3) - -/* public key usage */ -#define SGD_PK_SIGN 0x0100 -#define SGD_PK_DH 0x0200 -#define SGD_PK_ENC 0x0400 - -/* public key types */ -#define SGD_RSA 0x00010000 -#define SGD_RSA_SIGN (SGD_RSA|SGD_PK_SIGN) -#define SGD_RSA_ENC (SGD_RSA|SGD_PK_ENC) -#define SGD_SM2 0x00020000 -#define SGD_SM2_1 (SGD_SM2|SGD_PK_SIGN) -#define SGD_SM2_2 (SGD_SM2|SGD_PK_DH) -#define SGD_SM2_3 (SGD_SM2|SGD_PK_ENC) - -/* hash */ -#define SGD_SM3 0x00000001 -#define SGD_SHA1 0x00000002 -#define SGD_SHA256 0x00000004 -#define SGD_HASH_FROM 0x00000008 -#define SGD_HASH_TO 0x000000FF - -/* signatue schemes */ -#define SGD_SM3_RSA (SGD_SM3|SGD_RSA) -#define SGD_SHA1_RSA (SGD_SHA1|SGD_RSA) -#define SGD_SHA256_RSA (SGD_SHA256|SGD_RSA) -#define SGD_SM3_SM2 (SGD_SM3|SGD_SM2) -#define SGD_SIG_FROM 0x00040000 -#define SGD_SIG_TO 0x800000FF - -/* data types */ -typedef char SGD_CHAR; -typedef char SGD_INT8; -typedef int16_t SGD_INT16; -typedef int32_t SGD_INT32; -typedef int64_t SGD_INT64; -typedef unsigned char SGD_UCHAR; -typedef uint8_t SGD_UINT8; -typedef uint16_t SGD_UINT16; -typedef uint32_t SGD_UINT32; -typedef uint64_t SGD_UINT64; -typedef uint32_t SGD_RV; -typedef void * SGD_OBJ; -typedef int32_t SGD_BOOL; - -#define SGD_TRUE 0x00000001 -#define SGD_FALSE 0x00000000 - -#define SGD_KEY_INDEX 0x00000101 -#define SGD_SECRET_KEY 0x00000102 -#define SGD_PUBLIC_KEY_SIGN 0x00000103 -#define SGD_PUBLIC_KEY_ENCRYPT 0x00000104 -#define SGD_PRIVATE_KEY_SIGN 0x00000105 -#define SGD_PRIVATE_KEY_ENCRYPT 0x00000106 -#define SGD_KEY_COMPONENT 0x00000107 -#define SGD_PASSWORD 0x00000108 -#define SGD_PUBLIC_KEY_CERT 0x00000109 -#define SGD_ATTRIBUTE_CERT 0x1000010A -#define SGD_SIGNATURE_DATA 0x10000111 -#define SGD_ENVELOPE_DATA 0x10000112 -#define SGD_RANDOM_DATA 0x10000113 -#define SGD_PLAIN_DATA 0x10000114 -#define SGD_CIPHER_DATA 0x10000115 -#define SGD_DIGEST_DATA 0x10000116 -#define SGD_USER_DATA 0x10000117 - -/* certificate */ -#define SGD_CERT_VERSION 0x00000001 -#define SGD_CERT_SERIAL 0x00000002 -#define SGD_CERT_ISSUER 0x00000005 -#define SGD_CERT_VALID_TIME 0x00000006 -#define SGD_CERT_SUBJECT 0x00000007 -#define SGD_CERT_DER_PUBLIC_KEY 0x00000008 -#define SGD_CERT_DER_EXTENSIONS 0x00000009 -#define SGD_EXT_AUTHORITYKEYIDENTIFIER_INFO 0x00000011 -#define SGD_EXT_SUBJECTKEYIDENTIFIER_INFO 0x00000012 -#define SGD_EXT_KEYUSAGE_INFO 0x00000013 -#define SGD_EXT_PRIVATEKEYUSAGEPERIOD_INFO 0x00000014 -#define SGD_EXT_CERTIFICATEPOLICIES_INFO 0x00000015 -#define SGD_EXT_POLICYMAPPINGS_INFO 0x00000016 -#define SGD_EXT_BASICCONSTRAINTS_INFO 0x00000017 -#define SGD_EXT_POLICYCONSTRAINTS_INFO 0x00000018 -#define SGD_EXT_EXTKEYUSAGE_INFO 0x00000019 -#define SGD_EXT_CRLDISTRIBUTIONPOINTS_INFO 0x0000001A -#define SGD_EXT_NETSCAPE_CERT_TYPE_INFO 0x0000001B -#define SGD_EXT_SELFDEFINED_EXTENSION_INFO 0x0000001C -#define SGD_CERT_ISSUER_CN 0x00000021 -#define SGD_CERT_ISSUER_O 0x00000022 -#define SGD_CERT_ISSUER_OU 0x00000023 -#define SGD_CERT_SUBJECT_CN 0x00000031 -#define SGD_CERT_SUBJECT_O 0x00000032 -#define SGD_CERT_SUBJECT_OU 0x00000033 -#define SGD_CERT_SUBJECT_EMAIL 0x00000034 -#define SGD_CERT_NOTBEFORE_TIME 0x00000035 -#define SGD_CERT_NOTAFTER_TIME 0x00000036 - -/* timestamp info */ -#define SGD_TIME_OF_STAMP 0x00000201 -#define SGD_CN_OF_TSSIGNER 0x00000202 /* Common Name of TS Signer */ -#define SGD_ORININAL_DATA 0x00000203 -#define SGD_CERT_OF_TSSSERVER 0x00000204 -#define SGD_GERTCHAIN_OF_TSSERVER 0x00000205 -#define SGD_SOURCE_OF_TIME 0x00000206 -#define SGD_TIME_PRECISION 0x00000207 -#define SGD_RESPONSE_TYPE 0x00000208 -#define SGD_SUBJECT_COUNTRY_OF_TSSIGNER 0x00000209 -#define SGD_SUBJECT_ORGNIZATION_OF_TSSIGNER 0x0000020A -#define SGD_SUJECT_CITY_OF_TSSIGNER 0x0000020B -#define SGD_SUBJECT_EMAIL_OF_TSSIGNER 0x0000020C - -/* single sign-on */ -#define SGD_SP_ID 0x00000001 -#define SGD_SP_USER_ID 0x00000002 -#define SGD_IDP_ID 0x00000003 -#define SGD_IDP_USER_ID 0x00000004 - -/* data encoding */ -#define SGD_ENCODING_RAW 0x00000000 -#define SGD_ENCODING_DER 0x01000000 -#define SGD_ENCODING_BASE64 0x02000000 -#define SGD_ENCODING_PEM 0x03000000 -#define SGD_ENCODING_TXT 0x04000000 - -/* APIs */ -#define SGD_PROTOCOL_CSP 1 /* Microsoft CryptoAPI */ -#define SGD_PROTOCOL_PKCS11 2 /* PKCS#11 */ -#define SGD_PROTOCOL_SDS 3 /* SDF API */ -#define SGD_PROTOCOL_UKEY 4 /* SKF API */ -#define SGD_PROTOCOL_CNG 5 /* Microsoft CryptoAPI Next Gen */ -#define SGD_PROTOCOL_GCS 6 /* */ - -/* certificate validation */ -#define SGD_CRL_VERIFY 1 -#define SGD_OCSP_VEIFY 2 - -/* role */ -#define SGD_ROLE_SUPER_MANAGER 0x00000001 -#define SGD_ROLE_MANAGER 0x00000002 -#define SGD_ROLE_AUDIT_MANAGER 0x00000003 -#define SGD_ROLE_AUDITOR 0x00000004 -#define SGD_ROLE_OPERATOR 0x00000005 -#define SGD_ROLE_USER 0x00000006 - -/* user operations */ -#define SGD_OPERATION_SIGNIN 0x00000001 -#define SGD_OPERATION_SIGNOUT 0x00000002 -#define SGD_OPERATION_CREATE 0x00000003 -#define SGD_OPERATION_DELETE 0x00000004 -#define SGD_OPERATION_MODIFY 0x00000005 -#define SGD_OPERATION_CHG_PWD 0x00000006 -#define SGD_OPERATION_AUTHORIZATION 0x00000007 - -/* user operation results */ -#define SGD_OPERATION_SUCCESS 0x00000000 - -/* key types */ -#define SGD_MAIN_KEY 0x00000101 -#define SGD_DEVICE_KEYS 0x00000102 -#define SGD_USER_KEYS 0x00000103 -#define SGD_KEY 0x00000104 -#define SGD_SESSION_KEY 0x00000105 -#define SGD_PRIKEY_PASSWD 0x00000106 -#define SGD_COMPARTITION_KEY 0x00000107 - -/* key operations */ -#define SGD_KEY_GENERATION 0x00000101 -#define SGD_KEY_DISPENSE 0x00000102 -#define SGD_KEY_IMPORT 0x00000103 -#define SGD_KEY_EXPORT 0x00000104 -#define SGD_KEY_DIVISION 0x00000105 -#define SGD_KEY_COMPOSE 0x00000106 -#define SGD_KEY_RENEWAL 0x00000107 -#define SGD_KEY_BACKUP 0x00000108 -#define SGD_KEY_RESTORE 0x00000109 -#define SGD_KEY_DESTORY 0x0000010A - -/* system operations */ -#define SGD_SYSTEM_INIT 0x00000201 -#define SGD_SYSTEM_START 0x00000202 -#define SGD_SYSTEM_SHUT 0x00000203 -#define SGD_SYSTEM_RESTART 0x00000204 -#define SGD_SYSTEM_QUERY 0x00000205 -#define SGD_SYSTEM_BACKUP 0x00000206 -#define SGD_SYSTEM_RESTORE 0x00000207 - -/* device info */ -#define SGD_DEVICE_SORT 0x00000201 -#define SGD_DEVICE_TYPE 0x00000202 -#define SGD_DEVICE_NAME 0x00000203 -#define SGD_DEVICE_MANUFACTURER 0x00000204 -#define SGD_DEVICE_HARDWARE_VERSION 0x00000205 -#define SGD_DEVICE_SOFTWARE_VERSION 0x00000206 -#define SGD_DEVICE_STANDARD_VERSION 0x00000207 -#define SGD_DEVICE_SERIAL_NUMBER 0x00000208 -#define SGD_DEVICE_SUPPORT_SYMM_ALG 0x00000209 -#define SGD_DEVICE_SUPPORT_PKEY_ALG 0x0000020A -#define SGD_DEVICE_SUPPORT_HASH_ALG 0x0000020B -#define SGD_DEVICE_SUPPORT_STORAGE_SPACE 0x0000020C -#define SGD_DEVICE_SUPPORT_FREE_SPACE 0x0000020D -#define SGD_DEVICE_RUNTIME 0x0000020E -#define SGD_DEVICE_USED_TIMES 0x0000020F -#define SGD_DEVICE_LOCATION 0x00000210 -#define SGD_DEVICE_DESCRIPTION 0x00000211 -#define SGD_DEVICE_MANAGER_INFO 0x00000212 -#define SGD_DEVICE_MAX_DATA_SIZE 0x00000213 - -/* device types */ -#define SGD_DEVICE_SORT_SJ 0x02000000 /* Server */ -#define SGD_DEVICE_SORT_SK 0x03000000 /* PCI-E Card */ -#define SGD_DEVICE_SORT_SM 0x04000000 /* USB-Key and SmartCard */ - -/* device functionality */ -#define SGD_DEVICE_SORT_FE 0x00000100 /* encryption */ -#define SGD_DEVICE_SORT_FA 0x00000200 /* authentication */ -#define SGD_DEVICE_SORT_FM 0x00000300 /* key management */ - -/* device status */ -#define SGD_STATUS_INIT 0x00000201 -#define SGD_STATUS_READY 0x00000202 -#define SGD_STATUS_EXCEPTION 0x00000203 - -#endif +/* ==================================================================== + * Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * this header file is based on the standard GM/T 0006-2012 + * Cryptographic Application Identifier Criterion Specification + */ + +#ifndef HEADER_SGD_H +#define HEADER_SGD_H + +#include +#ifndef OPENSSL_NO_GMAPI + +#include + +/* block cipher modes */ +#define SGD_ECB 0x01 +#define SGD_CBC 0x02 +#define SGD_CFB 0x04 +#define SGD_OFB 0x08 +#define SGD_MAC 0x10 + +/* stream cipher modes */ +#define SGD_EEA3 0x01 +#define SGD_EIA3 0x02 + +/* ciphers */ +#define SGD_SM1 0x00000100 +#define SGD_SSF33 0x00000200 +#define SGD_SM4 0x00000400 +#define SGD_ZUC 0x00000800 + +/* ciphers with modes */ +#define SGD_SM1_ECB (SGD_SM1|SGD_ECB) +#define SGD_SM1_CBC (SGD_SM1|SGD_CBC) +#define SGD_SM1_CFB (SGD_SM1|SGD_CFB) +#define SGD_SM1_OFB (SGD_SM1|SGD_OFB) +#define SGD_SM1_MAC (SGD_SM1|SGD_MAC) +#define SGD_SSF33_ECB (SGD_SSF33|SGD_ECB) +#define SGD_SSF33_CBC (SGD_SSF33|SGD_CBC) +#define SGD_SSF33_CFB (SGD_SSF33|SGD_CFB) +#define SGD_SSF33_OFB (SGD_SSF33|SGD_OFB) +#define SGD_SSF33_MAC (SGD_SSF33|SGD_MAC) +#define SGD_SM4_ECB (SGD_SM4|SGD_ECB) +#define SGD_SM4_CBC (SGD_SM4|SGD_CBC) +#define SGD_SM4_CFB (SGD_SM4|SGD_CFB) +#define SGD_SM4_OFB (SGD_SM4|SGD_OFB) +#define SGD_SM4_MAC (SGD_SM4|SGD_MAC) +#define SGD_ZUC_EEA3 (SGD_ZUC|SGD_EEA3) +#define SGD_ZUC_EIA3 (SGD_ZUC|SGD_EIA3) + +/* public key usage */ +#define SGD_PK_SIGN 0x0100 +#define SGD_PK_DH 0x0200 +#define SGD_PK_ENC 0x0400 + +/* public key types */ +#define SGD_RSA 0x00010000 +#define SGD_RSA_SIGN (SGD_RSA|SGD_PK_SIGN) +#define SGD_RSA_ENC (SGD_RSA|SGD_PK_ENC) +#define SGD_SM2 0x00020000 +#define SGD_SM2_1 (SGD_SM2|SGD_PK_SIGN) +#define SGD_SM2_2 (SGD_SM2|SGD_PK_DH) +#define SGD_SM2_3 (SGD_SM2|SGD_PK_ENC) + +/* hash */ +#define SGD_SM3 0x00000001 +#define SGD_SHA1 0x00000002 +#define SGD_SHA256 0x00000004 +#define SGD_HASH_FROM 0x00000008 +#define SGD_HASH_TO 0x000000FF + +/* signatue schemes */ +#define SGD_SM3_RSA (SGD_SM3|SGD_RSA) +#define SGD_SHA1_RSA (SGD_SHA1|SGD_RSA) +#define SGD_SHA256_RSA (SGD_SHA256|SGD_RSA) +#define SGD_SM3_SM2 (SGD_SM3|SGD_SM2) +#define SGD_SIG_FROM 0x00040000 +#define SGD_SIG_TO 0x800000FF + +/* data types */ +typedef char SGD_CHAR; +typedef char SGD_INT8; +typedef int16_t SGD_INT16; +typedef int32_t SGD_INT32; +typedef int64_t SGD_INT64; +typedef unsigned char SGD_UCHAR; +typedef uint8_t SGD_UINT8; +typedef uint16_t SGD_UINT16; +typedef uint32_t SGD_UINT32; +typedef uint64_t SGD_UINT64; +typedef uint32_t SGD_RV; +typedef void * SGD_OBJ; +typedef int32_t SGD_BOOL; + +#define SGD_TRUE 0x00000001 +#define SGD_FALSE 0x00000000 + +#define SGD_KEY_INDEX 0x00000101 +#define SGD_SECRET_KEY 0x00000102 +#define SGD_PUBLIC_KEY_SIGN 0x00000103 +#define SGD_PUBLIC_KEY_ENCRYPT 0x00000104 +#define SGD_PRIVATE_KEY_SIGN 0x00000105 +#define SGD_PRIVATE_KEY_ENCRYPT 0x00000106 +#define SGD_KEY_COMPONENT 0x00000107 +#define SGD_PASSWORD 0x00000108 +#define SGD_PUBLIC_KEY_CERT 0x00000109 +#define SGD_ATTRIBUTE_CERT 0x1000010A +#define SGD_SIGNATURE_DATA 0x10000111 +#define SGD_ENVELOPE_DATA 0x10000112 +#define SGD_RANDOM_DATA 0x10000113 +#define SGD_PLAIN_DATA 0x10000114 +#define SGD_CIPHER_DATA 0x10000115 +#define SGD_DIGEST_DATA 0x10000116 +#define SGD_USER_DATA 0x10000117 + +/* certificate */ +#define SGD_CERT_VERSION 0x00000001 +#define SGD_CERT_SERIAL 0x00000002 +#define SGD_CERT_ISSUER 0x00000005 +#define SGD_CERT_VALID_TIME 0x00000006 +#define SGD_CERT_SUBJECT 0x00000007 +#define SGD_CERT_DER_PUBLIC_KEY 0x00000008 +#define SGD_CERT_DER_EXTENSIONS 0x00000009 +#define SGD_EXT_AUTHORITYKEYIDENTIFIER_INFO 0x00000011 +#define SGD_EXT_SUBJECTKEYIDENTIFIER_INFO 0x00000012 +#define SGD_EXT_KEYUSAGE_INFO 0x00000013 +#define SGD_EXT_PRIVATEKEYUSAGEPERIOD_INFO 0x00000014 +#define SGD_EXT_CERTIFICATEPOLICIES_INFO 0x00000015 +#define SGD_EXT_POLICYMAPPINGS_INFO 0x00000016 +#define SGD_EXT_BASICCONSTRAINTS_INFO 0x00000017 +#define SGD_EXT_POLICYCONSTRAINTS_INFO 0x00000018 +#define SGD_EXT_EXTKEYUSAGE_INFO 0x00000019 +#define SGD_EXT_CRLDISTRIBUTIONPOINTS_INFO 0x0000001A +#define SGD_EXT_NETSCAPE_CERT_TYPE_INFO 0x0000001B +#define SGD_EXT_SELFDEFINED_EXTENSION_INFO 0x0000001C +#define SGD_CERT_ISSUER_CN 0x00000021 +#define SGD_CERT_ISSUER_O 0x00000022 +#define SGD_CERT_ISSUER_OU 0x00000023 +#define SGD_CERT_SUBJECT_CN 0x00000031 +#define SGD_CERT_SUBJECT_O 0x00000032 +#define SGD_CERT_SUBJECT_OU 0x00000033 +#define SGD_CERT_SUBJECT_EMAIL 0x00000034 +#define SGD_CERT_NOTBEFORE_TIME 0x00000035 +#define SGD_CERT_NOTAFTER_TIME 0x00000036 + +/* timestamp info */ +#define SGD_TIME_OF_STAMP 0x00000201 +#define SGD_CN_OF_TSSIGNER 0x00000202 /* Common Name of TS Signer */ +#define SGD_ORININAL_DATA 0x00000203 +#define SGD_CERT_OF_TSSSERVER 0x00000204 +#define SGD_GERTCHAIN_OF_TSSERVER 0x00000205 +#define SGD_SOURCE_OF_TIME 0x00000206 +#define SGD_TIME_PRECISION 0x00000207 +#define SGD_RESPONSE_TYPE 0x00000208 +#define SGD_SUBJECT_COUNTRY_OF_TSSIGNER 0x00000209 +#define SGD_SUBJECT_ORGNIZATION_OF_TSSIGNER 0x0000020A +#define SGD_SUJECT_CITY_OF_TSSIGNER 0x0000020B +#define SGD_SUBJECT_EMAIL_OF_TSSIGNER 0x0000020C + +/* single sign-on */ +#define SGD_SP_ID 0x00000001 +#define SGD_SP_USER_ID 0x00000002 +#define SGD_IDP_ID 0x00000003 +#define SGD_IDP_USER_ID 0x00000004 + +/* data encoding */ +#define SGD_ENCODING_RAW 0x00000000 +#define SGD_ENCODING_DER 0x01000000 +#define SGD_ENCODING_BASE64 0x02000000 +#define SGD_ENCODING_PEM 0x03000000 +#define SGD_ENCODING_TXT 0x04000000 + +/* APIs */ +#define SGD_PROTOCOL_CSP 1 /* Microsoft CryptoAPI */ +#define SGD_PROTOCOL_PKCS11 2 /* PKCS#11 */ +#define SGD_PROTOCOL_SDS 3 /* SDF API */ +#define SGD_PROTOCOL_UKEY 4 /* SKF API */ +#define SGD_PROTOCOL_CNG 5 /* Microsoft CryptoAPI Next Gen */ +#define SGD_PROTOCOL_GCS 6 /* */ + +/* certificate validation */ +#define SGD_CRL_VERIFY 1 +#define SGD_OCSP_VEIFY 2 + +/* role */ +#define SGD_ROLE_SUPER_MANAGER 0x00000001 +#define SGD_ROLE_MANAGER 0x00000002 +#define SGD_ROLE_AUDIT_MANAGER 0x00000003 +#define SGD_ROLE_AUDITOR 0x00000004 +#define SGD_ROLE_OPERATOR 0x00000005 +#define SGD_ROLE_USER 0x00000006 + +/* user operations */ +#define SGD_OPERATION_SIGNIN 0x00000001 +#define SGD_OPERATION_SIGNOUT 0x00000002 +#define SGD_OPERATION_CREATE 0x00000003 +#define SGD_OPERATION_DELETE 0x00000004 +#define SGD_OPERATION_MODIFY 0x00000005 +#define SGD_OPERATION_CHG_PWD 0x00000006 +#define SGD_OPERATION_AUTHORIZATION 0x00000007 + +/* user operation results */ +#define SGD_OPERATION_SUCCESS 0x00000000 + +/* key types */ +#define SGD_MAIN_KEY 0x00000101 +#define SGD_DEVICE_KEYS 0x00000102 +#define SGD_USER_KEYS 0x00000103 +#define SGD_KEY 0x00000104 +#define SGD_SESSION_KEY 0x00000105 +#define SGD_PRIKEY_PASSWD 0x00000106 +#define SGD_COMPARTITION_KEY 0x00000107 + +/* key operations */ +#define SGD_KEY_GENERATION 0x00000101 +#define SGD_KEY_DISPENSE 0x00000102 +#define SGD_KEY_IMPORT 0x00000103 +#define SGD_KEY_EXPORT 0x00000104 +#define SGD_KEY_DIVISION 0x00000105 +#define SGD_KEY_COMPOSE 0x00000106 +#define SGD_KEY_RENEWAL 0x00000107 +#define SGD_KEY_BACKUP 0x00000108 +#define SGD_KEY_RESTORE 0x00000109 +#define SGD_KEY_DESTORY 0x0000010A + +/* system operations */ +#define SGD_SYSTEM_INIT 0x00000201 +#define SGD_SYSTEM_START 0x00000202 +#define SGD_SYSTEM_SHUT 0x00000203 +#define SGD_SYSTEM_RESTART 0x00000204 +#define SGD_SYSTEM_QUERY 0x00000205 +#define SGD_SYSTEM_BACKUP 0x00000206 +#define SGD_SYSTEM_RESTORE 0x00000207 + +/* device info */ +#define SGD_DEVICE_SORT 0x00000201 +#define SGD_DEVICE_TYPE 0x00000202 +#define SGD_DEVICE_NAME 0x00000203 +#define SGD_DEVICE_MANUFACTURER 0x00000204 +#define SGD_DEVICE_HARDWARE_VERSION 0x00000205 +#define SGD_DEVICE_SOFTWARE_VERSION 0x00000206 +#define SGD_DEVICE_STANDARD_VERSION 0x00000207 +#define SGD_DEVICE_SERIAL_NUMBER 0x00000208 +#define SGD_DEVICE_SUPPORT_SYMM_ALG 0x00000209 +#define SGD_DEVICE_SUPPORT_PKEY_ALG 0x0000020A +#define SGD_DEVICE_SUPPORT_HASH_ALG 0x0000020B +#define SGD_DEVICE_SUPPORT_STORAGE_SPACE 0x0000020C +#define SGD_DEVICE_SUPPORT_FREE_SPACE 0x0000020D +#define SGD_DEVICE_RUNTIME 0x0000020E +#define SGD_DEVICE_USED_TIMES 0x0000020F +#define SGD_DEVICE_LOCATION 0x00000210 +#define SGD_DEVICE_DESCRIPTION 0x00000211 +#define SGD_DEVICE_MANAGER_INFO 0x00000212 +#define SGD_DEVICE_MAX_DATA_SIZE 0x00000213 + +/* device types */ +#define SGD_DEVICE_SORT_SJ 0x02000000 /* Server */ +#define SGD_DEVICE_SORT_SK 0x03000000 /* PCI-E Card */ +#define SGD_DEVICE_SORT_SM 0x04000000 /* USB-Key and SmartCard */ + +/* device functionality */ +#define SGD_DEVICE_SORT_FE 0x00000100 /* encryption */ +#define SGD_DEVICE_SORT_FA 0x00000200 /* authentication */ +#define SGD_DEVICE_SORT_FM 0x00000300 /* key management */ + +/* device status */ +#define SGD_STATUS_INIT 0x00000201 +#define SGD_STATUS_READY 0x00000202 +#define SGD_STATUS_EXCEPTION 0x00000203 + +/* SKF */ +#ifndef WIN32 +typedef signed char INT8; +typedef signed short INT16; +typedef signed int INT32; +typedef unsigned char UINT8; +typedef unsigned short UINT16; +typedef unsigned int UINT32; +typedef long BOOL; +typedef UINT8 BYTE; +typedef UINT8 CHAR; +typedef INT16 SHORT; +typedef UINT16 USHORT; +typedef INT32 LONG; +typedef UINT32 ULONG; +typedef UINT32 UINT; +typedef UINT16 WORD; +typedef UINT32 DWORD; +typedef UINT32 FLAGS; +typedef CHAR * LPSTR; +typedef void * HANDLE; +#else +#ifndef _WINDEF_H +typedef signed char INT8; +typedef signed short INT16; +typedef signed int INT32; +typedef unsigned char UINT8; +typedef unsigned short UINT16; +typedef unsigned int UINT32; +typedef long BOOL; +typedef UINT8 BYTE; +typedef UINT8 CHAR; +typedef INT16 SHORT; +typedef UINT16 USHORT; +typedef INT32 LONG; +typedef UINT32 ULONG; +typedef UINT32 UINT; +typedef UINT16 WORD; +typedef UINT32 DWORD; +typedef UINT32 FLAGS; +typedef CHAR * LPSTR; +typedef void * HANDLE; +#endif +#endif + +typedef HANDLE DEVHANDLE; +typedef HANDLE HAPPLICATION; +typedef HANDLE HSESSION; +typedef HANDLE HCONTAINER; + +#ifndef FALSE +#define FALSE 0x00000000 +#endif + +#ifndef TRUE +#define TRUE 0x00000001 +#endif + +#ifdef WIN32 +#define DEVAPI __stdcall +#else +#define DEVAPI +#endif + +#ifndef ADMIN_TYPE +#define ADMIN_TYPE 0 +#endif + +#ifndef USER_TYPE +#define USER_TYPE 1 +#endif + +#define MAX_RSA_MODULUS_LEN 256 +#define MAX_RSA_EXPONENT_LEN 4 +#define ECC_MAX_XCOORDINATE_BITS_LEN 512 +#define ECC_MAX_YCOORDINATE_BITS_LEN 512 +#define ECC_MAX_MODULUS_BITS_LEN 512 + +#define MAX_IV_LEN 32 + +#define MAX_FILE_NAME_SIZE 32 +#define MAX_FILE_CONTAINER_NAME_SIZE 64 + +#define SECURE_NEVER_ACCOUNT 0x00000000 +#define SECURE_ADM_ACCOUNT 0x00000001 +#define SECURE_USER_ACCOUNT 0x00000010 +#define SECURE_ANYONE_ACCOUNT 0x000000FF + + +/* SDF */ + +#define RSAref_MAX_BITS 2048 +#define RSAref_MAX_LEN ((RSAref_MAX_BITS + 7) / 8) +#define RSAref_MAX_PBITS ((RSAref_MAX_BITS + 1) / 2) +#define RSAref_MAX_PLEN ((RSAref_MAX_PBITS + 7)/ 8) + +#define ECCref_MAX_BITS 512 +#define ECCref_MAX_LEN ((ECCref_MAX_BITS+7) / 8) + + +/* SAF */ +#define SGD_MAX_COUNT 64 +#define SGD_MAX_NAME_SIZE 256 + +/* SOF */ + +typedef char *BSTR; +typedef long BOOL; + +#endif +#endif diff --git a/include/openssl/simon.h b/include/openssl/simon.h deleted file mode 100644 index a0ce4d45..00000000 --- a/include/openssl/simon.h +++ /dev/null @@ -1,67 +0,0 @@ -#ifndef HEADER_SIMON_H -#define HEADER_SIMON_H - -#ifndef CIPHER_CONSTANTS -#define CIPHER_CONSTANTS -enum mode_t { ECB, CTR, CBC, CFB, OFB }; -#endif - -#include - -enum simon_cipher_config_t { simon_64_32, - simon_72_48, - simon_96_48, - simon_96_64, - simon_128_64, - simon_96_96, - simon_144_96, - simon_128_128, - simon_192_128, - simon_256_128 -}; - -typedef struct { - enum simon_cipher_config_t cipher_cfg; - uint8_t key_size; - uint8_t block_size; - uint8_t round_limit; - uint8_t init_vector[16]; - uint8_t counter[16]; - uint8_t key_schedule[576]; - uint8_t z_seq; -} simon_cipher; - -typedef struct _bword_24{ - uint32_t data: 24; -} bword_24; - -typedef struct _bword_48{ - uint64_t data: 48; -} bword_48; - - -#ifdef __cplusplus -extern "C"{ -#endif - uint8_t simon_init(simon_cipher *cipher_object, enum simon_cipher_config_t cipher_cfg, enum mode_t c_mode, void *key, uint8_t *iv, uint8_t *counter); - uint8_t simon_encrypt(simon_cipher cipher_object, void *plaintext, void *ciphertext); - uint8_t simon_decrypt(simon_cipher cipher_object, void *ciphertext, void *plaintext); - - void simon_encrypt32(uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext); - void simon_encrypt48(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext); - void simon_encrypt64(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext); - void simon_encrypt96(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext); - void simon_encrypt128(uint8_t round_limit, uint8_t *key_schedule, uint8_t *plaintext, uint8_t *ciphertext); - - - void simon_decrypt32(uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext); - void simon_decrypt48(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext); - void simon_decrypt64(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext); - void simon_decrypt96(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext); - void simon_decrypt128(uint8_t round_limit, uint8_t *key_schedule, uint8_t *ciphertext, uint8_t *plaintext); -#ifdef __cplusplus -} -#endif - - -#endif diff --git a/include/openssl/skf.h b/include/openssl/skf.h index 213375a1..ab3a565f 100644 --- a/include/openssl/skf.h +++ b/include/openssl/skf.h @@ -53,111 +53,22 @@ #ifndef HEADER_SKF_H #define HEADER_SKF_H +#include +#ifndef OPENSSL_NO_SKF + #include -//FIXME: all the WIN32 types -#ifndef WIN32 -typedef signed char INT8; -typedef signed short INT16; -typedef signed int INT32; -typedef unsigned char UINT8; -typedef unsigned short UINT16; -typedef unsigned int UINT32; -typedef long BOOL; -typedef UINT8 BYTE; -typedef UINT8 CHAR; -typedef INT16 SHORT; -typedef UINT16 USHORT; -typedef INT32 LONG; -typedef UINT32 ULONG; -typedef UINT32 UINT; -typedef UINT16 WORD; -typedef UINT32 DWORD; -typedef UINT32 FLAGS; -typedef CHAR * LPSTR; -typedef void * HANDLE; -#else -#ifndef _WINDEF_H -typedef signed char INT8; -typedef signed short INT16; -typedef signed int INT32; -typedef unsigned char UINT8; -typedef unsigned short UINT16; -typedef unsigned int UINT32; -typedef long BOOL; -typedef UINT8 BYTE; -typedef UINT8 CHAR; -typedef INT16 SHORT; -typedef UINT16 USHORT; -typedef INT32 LONG; -typedef UINT32 ULONG; -typedef UINT32 UINT; -typedef UINT16 WORD; -typedef UINT32 DWORD; -typedef UINT32 FLAGS; -typedef CHAR * LPSTR; -typedef void * HANDLE; -#endif -#endif - -typedef HANDLE DEVHANDLE; -typedef HANDLE HAPPLICATION; -typedef HANDLE HSESSION; -typedef HANDLE HCONTAINER; - - -#ifndef FALSE -#define FALSE 0x00000000 -#endif - -#ifndef TRUE -#define TRUE 0x00000001 -#endif - -#ifdef WIN32 -#define DEVAPI __stdcall -#else -#define DEVAPI -#endif - -#ifndef ADMIN_TYPE -#define ADMIN_TYPE 0 -#endif - -#ifndef USER_TYPE -#define USER_TYPE 1 -#endif - -#define MAX_RSA_MODULUS_LEN 256 -#define MAX_RSA_EXPONENT_LEN 4 -#define ECC_MAX_XCOORDINATE_BITS_LEN 512 -#define ECC_MAX_YCOORDINATE_BITS_LEN 512 -#define ECC_MAX_MODULUS_BITS_LEN 512 - -#define MAX_IV_LEN 32 - -#define MAX_FILE_NAME_SIZE 32 -#define MAX_FILE_CONTAINER_NAME_SIZE 64 - -#define SECURE_NEVER_ACCOUNT 0x00000000 -#define SECURE_ADM_ACCOUNT 0x00000001 -#define SECURE_USER_ACCOUNT 0x00000010 -#define SECURE_ANYONE_ACCOUNT 0x000000FF - - - - #ifdef __cplusplus extern "C" { #endif - -typedef struct Struct_Version{ +#pragma pack(1) +typedef struct /*__attribute__((packed))*/ Struct_Version{ BYTE major; BYTE minor; } VERSION; -typedef struct Struct_DEVINFO { +typedef struct /*__attribute__((packed))*/ Struct_DEVINFO { VERSION Version; CHAR Manufacturer[64]; CHAR Issuer[64]; @@ -176,14 +87,14 @@ typedef struct Struct_DEVINFO { BYTE Reserved[64]; } DEVINFO, *PDEVINFO; -typedef struct Struct_RSAPUBLICKEYBLOB { +typedef struct /*__attribute__((packed))*/ Struct_RSAPUBLICKEYBLOB { ULONG AlgID; ULONG BitLen; BYTE Modulus[MAX_RSA_MODULUS_LEN]; BYTE PublicExponent[MAX_RSA_EXPONENT_LEN]; } RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB; -typedef struct Struct_RSAPRIVATEKEYBLOB { +typedef struct /*__attribute__((packed))*/ Struct_RSAPRIVATEKEYBLOB { ULONG AlgID; ULONG BitLen; BYTE Modulus[MAX_RSA_MODULUS_LEN]; @@ -196,18 +107,18 @@ typedef struct Struct_RSAPRIVATEKEYBLOB { BYTE Coefficient[MAX_RSA_MODULUS_LEN/2]; } RSAPRIVATEKEYBLOB, *PRSAPRIVATEKEYBLOB; -typedef struct Struct_ECCPUBLICKEYBLOB { +typedef struct /*__attribute__((packed))*/ Struct_ECCPUBLICKEYBLOB { ULONG BitLen; BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; BYTE YCoordinate[ECC_MAX_YCOORDINATE_BITS_LEN/8]; } ECCPUBLICKEYBLOB, *PECCPUBLICKEYBLOB; -typedef struct Struct_ECCPRIVATEKEYBLOB { +typedef struct /*__attribute__((packed))*/ Struct_ECCPRIVATEKEYBLOB { ULONG BitLen; BYTE PrivateKey[ECC_MAX_MODULUS_BITS_LEN/8]; } ECCPRIVATEKEYBLOB, *PECCPRIVATEKEYBLOB; -typedef struct Struct_ECCCIPHERBLOB { +typedef struct /*__attribute__((packed))*/ Struct_ECCCIPHERBLOB { BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; BYTE YCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; BYTE HASH[32]; @@ -215,19 +126,19 @@ typedef struct Struct_ECCCIPHERBLOB { BYTE Cipher[1]; } ECCCIPHERBLOB, *PECCCIPHERBLOB; -typedef struct Struct_ECCSIGNATUREBLOB { +typedef struct /*__attribute__((packed))*/ Struct_ECCSIGNATUREBLOB { BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN/8]; BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8]; } ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB; -typedef struct Struct_BLOCKCIPHERPARAM { +typedef struct /*__attribute__((packed))*/ Struct_BLOCKCIPHERPARAM { BYTE IV[MAX_IV_LEN]; ULONG IVLen; ULONG PaddingType; ULONG FeedBitLen; } BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM; -typedef struct SKF_ENVELOPEDKEYBLOB { +typedef struct /*__attribute__((packed))*/ SKF_ENVELOPEDKEYBLOB { ULONG Version; ULONG ulSymmAlgID; ULONG ulBits; @@ -236,13 +147,13 @@ typedef struct SKF_ENVELOPEDKEYBLOB { ECCCIPHERBLOB ECCCipherBlob; } ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB; -typedef struct Struct_FILEATTRIBUTE { +typedef struct /*__attribute__((packed))*/ Struct_FILEATTRIBUTE { CHAR FileName[MAX_FILE_NAME_SIZE]; ULONG FileSize; ULONG ReadRights; ULONG WriteRights; } FILEATTRIBUTE, *PFILEATTRIBUTE; - +#pragma pack() ULONG DEVAPI SKF_WaitForDevEvent( LPSTR szDevName, @@ -439,16 +350,16 @@ ULONG DEVAPI SKF_GenRandom( BYTE *pbRandom, ULONG ulRandomLen); -ULONG DEVAPI SKF_GenExtRSAKey( - DEVHANDLE hDev, - ULONG ulBitsLen, - RSAPRIVATEKEYBLOB *pBlob); - ULONG DEVAPI SKF_GenRSAKeyPair( HCONTAINER hContainer, ULONG ulBitsLen, RSAPUBLICKEYBLOB *pBlob); +ULONG DEVAPI SKF_GenExtRSAKey( + DEVHANDLE hDev, + ULONG ulBitsLen, + RSAPRIVATEKEYBLOB *pBlob); + ULONG DEVAPI SKF_ImportRSAKeyPair( HCONTAINER hContainer, ULONG ulSymAlgId, @@ -511,6 +422,13 @@ ULONG DEVAPI SKF_ECCSignData( ULONG ulDigestLen, ECCSIGNATUREBLOB *pSignature); +/* Extension */ +ULONG DEVAPI SKF_ECCDecrypt( + HCONTAINER hContainer, + ECCCIPHERBLOB *pCipherBlob, + BYTE *pbPlainText, + ULONG *pulPlainTextLen); + ULONG DEVAPI SKF_ECCVerify( DEVHANDLE hDev, ECCPUBLICKEYBLOB *pECCPubKeyBlob, @@ -741,9 +659,11 @@ ULONG DEVAPI SKF_CloseHandle( #define SAR_FILE_ALREADY_EXIST 0x0A00002F #define SAR_NO_ROOM 0x0A000030 #define SAR_FILE_NOT_EXIST 0x0A000031 +#define SAR_REACH_MAX_CONTAINER_COUNT 0x0A000032 #ifdef __cplusplus } #endif #endif +#endif diff --git a/include/openssl/sm2.h b/include/openssl/sm2.h index 47625668..c8e8a838 100755 --- a/include/openssl/sm2.h +++ b/include/openssl/sm2.h @@ -50,6 +50,9 @@ #ifndef HEADER_SM2_H #define HEADER_SM2_H +#include +#ifndef OPENSSL_NO_SM2 + #include #include #include @@ -68,7 +71,7 @@ extern "C" { #define SM2_MAX_ID_LENGTH (SM2_MAX_ID_BITS/8) #define SM2_DEFAULT_ID_GMT09 "1234567812345678" #define SM2_DEFAULT_ID_GMSSL "anonym@gmssl.org" -#define SM2_DEFAULT_ID SM2_DEFAULT_ID_GMSSL +#define SM2_DEFAULT_ID SM2_DEFAULT_ID_GMT09 #define SM2_DEFAULT_ID_LENGTH (sizeof(SM2_DEFAULT_ID) - 1) #define SM2_DEFAULT_ID_BITS (SM2_DEFAULT_ID_LENGTH * 8) #define SM2_DEFAULT_ID_DIGEST_LENGTH SM3_DIGEST_LENGTH @@ -83,6 +86,9 @@ int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md, /* SM2 digital signature */ + +#define SM2_MAX_SIGNATURE_LENGTH 96 + int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b); ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen, const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key); @@ -102,6 +108,7 @@ int SM2_verify(int type, const unsigned char *dgst, int dgstlen, #define SM2_MIN_PLAINTEXT_LENGTH 0 #define SM2_MAX_PLAINTEXT_LENGTH 1024 +#define SM2_CIPHERTEXT_LENGTH(len) ((len)+256) typedef struct SM2CiphertextValue_st SM2CiphertextValue; DECLARE_ASN1_FUNCTIONS(SM2CiphertextValue) @@ -124,8 +131,15 @@ int SM2_decrypt(int type, const unsigned char *in, size_t inlen, #define SM2_decrypt_with_recommended(in,inlen,out,outlen,ec_key) \ SM2_decrypt(NID_sm3,in,inlen,out,outlen,ec_key) +int SM2CiphertextValue_size(const EC_GROUP *group, int inlen); /* SM2 Key Exchange */ + +int SM2_compute_share_key(unsigned char *out, size_t *outlen, + const EC_POINT *peer_ephem, EC_KEY *ephem, + const EC_POINT *peer_pk, const unsigned char *peer_z, size_t peer_zlen, + const unsigned char *z, size_t zlen, EC_KEY *sk, int initiator); + typedef struct sm2_kap_ctx_st SM2_KAP_CTX; int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, @@ -144,6 +158,7 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum, size_t checksumlen); void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx); + /* EC_KEY_METHOD */ const EC_KEY_METHOD *EC_KEY_GmSSL(void); void EC_KEY_set_default_secg_method(void); @@ -176,52 +191,69 @@ void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, unsigned char *out, size_t *outlen, EC_KEY *ec_key)); -#define EVP_PKEY_CTX_set_ec_sign_type(ctx, type) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ - EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \ - EVP_PKEY_CTRL_EC_SIGN_TYPE, type, NULL) +#define EVP_PKEY_CTRL_EC_SCHEME (EVP_PKEY_ALG_CTRL + 11) +#define EVP_PKEY_CTRL_SIGNER_ID (EVP_PKEY_ALG_CTRL + 12) +#define EVP_PKEY_CTRL_GET_SIGNER_ID (EVP_PKEY_ALG_CTRL + 13) +#define EVP_PKEY_CTRL_GET_SIGNER_ZID (EVP_PKEY_ALG_CTRL + 14) +#define EVP_PKEY_CTRL_EC_ENCRYPT_PARAM (EVP_PKEY_ALG_CTRL + 15) -#define EVP_PKEY_CTX_get_ec_sign_type(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ - EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \ - EVP_PKEY_CTRL_EC_SIGN_TYPE, -2, NULL) - -#define EVP_PKEY_CTX_set_ec_enc_type(ctx, type) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \ - EVP_PKEY_CTRL_EC_ENC_TYPE, type, NULL) - -#define EVP_PKEY_CTX_get_ec_enc_type(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \ - EVP_PKEY_CTRL_EC_ENC_TYPE, -2, NULL) - -#define EVP_PKEY_CTX_set_ec_dh_type(ctx, type) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_DH_TYPE, type, NULL) - -#define EVP_PKEY_CTX_get_ec_dh_type(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_DH_TYPE, -2, NULL); - -#define EVP_PKEY_CTX_set_sm2_id(ctx, type) \ +#ifndef OPENSSL_NO_MACRO +#define EVP_PKEY_CTX_set_ec_scheme(ctx, scheme) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \ - EVP_PKEY_OP_DERIVE, type, NULL) + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT| \ + EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_EC_SCHEME, scheme, NULL) +#define EVP_PKEY_CTX_get_ec_scheme(ctx) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \ + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT| \ + EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_EC_SCHEME, -2, NULL) -#define EVP_PKEY_CTRL_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 11) -#define EVP_PKEY_CTRL_GET_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 12) -#define EVP_PKEY_CTRL_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 13) -#define EVP_PKEY_CTRL_GET_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 14) -#define EVP_PKEY_CTRL_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 15) -#define EVP_PKEY_CTRL_GET_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 16) +#define EVP_PKEY_CTX_set_signer_id(ctx, id) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \ + EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_SIGNER_ID, 0, (void *)id) +#define EVP_PKEY_CTX_get_signer_id(ctx, pid) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \ + EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_GET_SIGNER_ID, 0, (void *)pid) + +#define EVP_PKEY_CTX_get_signer_zid(ctx, pzid) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \ + EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \ + EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_GET_SIGNER_ZID, 0, (void *)pzid) + +#define EVP_PKEY_CTX_set_ec_encrypt_param(ctx, param) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \ + EVP_PKEY_CTRL_EC_ENCRYPT_PARAM, param, NULL) + +#define EVP_PKEY_CTX_get_ec_encrypt_param(ctx) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ + EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \ + EVP_PKEY_CTRL_EC_ENCRYPT_PARAM, -2, NULL) + +#else +int EVP_PKEY_CTX_set_ec_scheme(EVP_PKEY_CTX *ctx, int scheme); +int EVP_PKEY_CTX_get_ec_scheme(EVP_PKEY_CTX *ctx, int scheme); +int EVP_PKEY_CTX_set_signer_id(EVP_PKEY_CTX *ctx, const char *id); +int EVP_PKEY_CTX_get_signer_id(EVP_PKEY_CTX *ctx, char **pid); +int EVP_PKEY_CTX_get_signer_zid(EVP_PKEY_CTX *ctx, unsigned char **pzid); +int EVP_PKEY_CTX_set_ec_encrypt_param(EVP_PKEY_CTX *ctx, int param); +int EVP_PKEY_CTX_get_ec_encrypt_param(EVP_PKEY_CTX *ctx); +#endif /* BEGIN ERROR CODES */ @@ -265,3 +297,4 @@ int ERR_load_SM2_strings(void); } # endif #endif +#endif diff --git a/include/openssl/sm3.h b/include/openssl/sm3.h index 20d1f693..29ce397b 100644 --- a/include/openssl/sm3.h +++ b/include/openssl/sm3.h @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved. + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -50,15 +50,18 @@ #ifndef HEADER_SM3_H #define HEADER_SM3_H +#include +#ifndef OPENSSL_NO_SM3 + #define SM3_DIGEST_LENGTH 32 #define SM3_BLOCK_SIZE 64 #define SM3_CBLOCK (SM3_BLOCK_SIZE) #define SM3_HMAC_SIZE (SM3_DIGEST_LENGTH) -#include -#include #include +#include +#include #ifdef __cplusplus extern "C" { @@ -95,3 +98,4 @@ void sm3_hmac(const unsigned char *data, size_t data_len, } #endif #endif +#endif diff --git a/include/openssl/sm9.h b/include/openssl/sm9.h index 8263bebf..6088901b 100644 --- a/include/openssl/sm9.h +++ b/include/openssl/sm9.h @@ -50,11 +50,17 @@ #ifndef HEADER_SM9_H #define HEADER_SM9_H +#include +#ifndef OPENSSL_NO_SM9 + #include #include #include #include +/* set the same value as sm2 */ +#define SM9_MAX_ID_BITS 65535 +#define SM9_MAX_ID_LENGTH (SM9_MAX_ID_BITS/8) #ifdef __cplusplus extern "C" { @@ -62,6 +68,7 @@ extern "C" { typedef struct SM9PublicParameters_st SM9PublicParameters; typedef struct SM9MasterSecret_st SM9MasterSecret; +typedef struct SM9PublicKey_st SM9PublicKey; typedef struct SM9PrivateKey_st SM9PrivateKey; typedef struct SM9Ciphertext_st SM9Ciphertext; typedef struct SM9Signature_st SM9Signature; @@ -74,6 +81,24 @@ SM9PrivateKey *SM9_extract_private_key(SM9PublicParameters *mpk, SM9MasterSecret *msk, const char *id, size_t idlen); +SM9PublicKey *SM9_extract_sign_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen); + +SM9PublicKey *SM9_extract_exch_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen); + +SM9PublicKey *SM9_extract_enc_public_key(SM9PublicParameters *mpk, + const char *id, size_t idlen); + +SM9PublicKey *SM9PrivateKey_get_public_key(SM9PublicParameters *mpk, + SM9PrivateKey *sk); + +int SM9PrivateKey_get_gmtls_public_key(SM9PublicParameters *mpk, + SM9PrivateKey *sk, unsigned char pub_key[1024]); + +int SM9PublicKey_get_gmtls_encoded(SM9PublicParameters *mpk, + SM9PublicKey *pk, unsigned char encoded[1024]); + typedef struct { const EVP_MD *kdf_md; const EVP_CIPHER *enc_cipher; @@ -82,6 +107,11 @@ typedef struct { const EVP_MD *hmac_md; } SM9EncParameters; +SM9Ciphertext *SM9_do_encrypt_ex(SM9PublicParameters *mpk, + const SM9EncParameters *encparams, + const unsigned char *in, size_t inlen, + SM9PublicKey *pk); + SM9Ciphertext *SM9_do_encrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams, const unsigned char *in, size_t inlen, @@ -94,6 +124,12 @@ int SM9_do_decrypt(SM9PublicParameters *mpk, SM9PrivateKey *sk, const char *id, size_t idlen); +int SM9_encrypt_ex(SM9PublicParameters *mpk, + const SM9EncParameters *encparams, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, + SM9PublicKey *pk); + int SM9_encrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams, const unsigned char *in, size_t inlen, @@ -107,6 +143,11 @@ int SM9_decrypt(SM9PublicParameters *mpk, SM9PrivateKey *sk, const char *id, size_t idlen); +int SM9_encrypt_with_recommended_ex(SM9PublicParameters *mpk, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, + SM9PublicKey *pk); + int SM9_encrypt_with_recommended(SM9PublicParameters *mpk, const unsigned char *in, size_t inlen, unsigned char *out, size_t *outlen, @@ -118,10 +159,17 @@ int SM9_decrypt_with_recommended(SM9PublicParameters *mpk, SM9PrivateKey *sk, const char *id, size_t idlen); +int SM9_signature_size(SM9PublicParameters *mpk); + SM9Signature *SM9_do_sign(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, SM9PrivateKey *sk); +int SM9_do_verify_ex(SM9PublicParameters *mpk, + const unsigned char *dgst, size_t dgstlen, + const SM9Signature *sig, + SM9PublicKey *pk); + int SM9_do_verify(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, const SM9Signature *sig, @@ -132,14 +180,30 @@ int SM9_sign(SM9PublicParameters *mpk, unsigned char *sig, size_t *siglen, SM9PrivateKey *sk); +int SM9_verify_ex(SM9PublicParameters *mpk, + const unsigned char *dgst, size_t dgstlen, + const unsigned char *sig, size_t siglen, + SM9PublicKey *pk); + int SM9_verify(SM9PublicParameters *mpk, const unsigned char *dgst, size_t dgstlen, const unsigned char *sig, size_t siglen, const char *id, size_t idlen); +SM9PublicKey *SM9_generate_key_exchange(SM9PublicParameters *mpk, + const char *peer_id, size_t peer_idlen, BIGNUM **r); + +int SM9_compute_share_key(SM9PublicParameters *mpk, + unsigned char *out, size_t *outlen, + const char *peer_id, size_t peer_idlen, SM9PublicKey *peer_exch, + const char *id, size_t idlen, SM9PublicKey *exch, + SM9PrivateKey *sk, int initiator); + + DECLARE_ASN1_FUNCTIONS(SM9PublicParameters) DECLARE_ASN1_FUNCTIONS(SM9MasterSecret) DECLARE_ASN1_FUNCTIONS(SM9PrivateKey) +DECLARE_ASN1_FUNCTIONS(SM9PublicKey) DECLARE_ASN1_FUNCTIONS(SM9Ciphertext) DECLARE_ASN1_FUNCTIONS(SM9Signature) @@ -203,3 +267,4 @@ int ERR_load_SM9_strings(void); } # endif #endif +#endif diff --git a/include/openssl/sms4.h b/include/openssl/sms4.h index be5e703a..ab2742c9 100644 --- a/include/openssl/sms4.h +++ b/include/openssl/sms4.h @@ -51,7 +51,7 @@ #define HEADER_SMS4_H #include -#ifndef NO_GMSSL +#ifndef OPENSSL_NO_SMS4 #define SMS4_KEY_LENGTH 16 #define SMS4_BLOCK_SIZE 16 @@ -59,7 +59,7 @@ #define SMS4_NUM_ROUNDS 32 #include -#include +#include #include @@ -128,6 +128,3 @@ void sms4_ede_decrypt_16blocks(sms4_ede_key_t *key, const unsigned char *in, uns #endif #endif #endif - - - diff --git a/include/openssl/sof.h b/include/openssl/sof.h index 990eb328..8db1f19d 100644 --- a/include/openssl/sof.h +++ b/include/openssl/sof.h @@ -46,15 +46,14 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -/* This header file is from "GM/T 0020-2012 Certificate Application - * Integrated Service Interface Specification" - */ #ifndef HEADER_SOF_H #define HEADER_SOF_H -typedef char *BSTR; -typedef long BOOL; +#include +#ifndef OPENSSL_NO_SOF + +#include #ifdef __cplusplus extern "C" { @@ -158,9 +157,8 @@ BSTR SOF_GetTimeStampInfo(BSTR tsResponseData, short type); #define SOR_CTLNotFound 0x0B000420 #define SOR_AppNotFound 0x0B000421 - - #ifdef __cplusplus } #endif #endif +#endif diff --git a/include/openssl/speck.h b/include/openssl/speck.h index 48d75bf0..adcbf5dd 100644 --- a/include/openssl/speck.h +++ b/include/openssl/speck.h @@ -46,67 +46,46 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== */ -#ifndef SPECK_H -#define SPECK_H +#ifndef HEADER_SPECK_H +#define HEADER_SPECK_H -#define SPECK_TYPE16 uint16_t -#define SPECK_ROUNDS16 22 -#define SPECK_KEY_LEN16 4 +#include +#ifndef OPENSSL_NO_SPECK +#define SPECK_ROUNDS16 22 +#define SPECK_KEY_LEN16 4 -#define SPECK_TYPE32 uint32_t -#define SPECK_ROUNDS32 27 -#define SPECK_KEY_LEN32 4 +#define SPECK_ROUNDS32 27 +#define SPECK_KEY_LEN32 4 -#define SPECK_TYPE64 uint64_t -#define SPECK_ROUNDS64 34 -#define SPECK_KEY_LEN64 4 +#define SPECK_ROUNDS64 34 +#define SPECK_KEY_LEN64 4 -#define ROR16(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE16) * 8) - r)))//循环右移 -#define ROL16(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE16) * 8) - r)))//循环左移 - -#define ROR32(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE32) * 8) - r)))//循环右移 -#define ROL32(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE32) * 8) - r)))//循环左移 - -#define ROR64(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE64) * 8) - r)))//循环右移 -#define ROL64(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE64) * 8) - r)))//循环左移 - - -#define R16(x, y, k) (x = ROR16(x, 7), x += y, x ^= k, y = ROL16(y, 2), y ^= x) -#define RR16(x, y, k) (y ^= x, y = ROR16(y, 2), x ^= k, x -= y, x = ROL16(x, 7)) - -#define R32(x, y, k) (x = ROR32(x, 8), x += y, x ^= k, y = ROL32(y, 3), y ^= x) -#define RR32(x, y, k) (y ^= x, y = ROR32(y, 3), x ^= k, x -= y, x = ROL32(x, 8)) - -#define R64(x, y, k) (x = ROR64(x, 8), x += y, x ^= k, y = ROL64(y, 3), y ^= x) -#define RR64(x, y, k) (y ^= x, y = ROR64(y, 3), x ^= k, x -= y, x = ROL64(x, 8)) - -#include -#include #include +#include +#include + #ifdef __cplusplus extern "C" { #endif - void speck_set_encrypt_key16(SPECK_TYPE16 const user[SPECK_KEY_LEN16], SPECK_TYPE16 key[SPECK_ROUNDS16]); - void speck_set_decrypt_key16(SPECK_TYPE16 const user[SPECK_KEY_LEN16], SPECK_TYPE16 key[SPECK_ROUNDS16]); - void speck_expand16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[SPECK_ROUNDS16]); - void speck_encrypt16(SPECK_TYPE16 const pt[2], SPECK_TYPE16 ct[2], SPECK_TYPE16 const K[SPECK_ROUNDS16]); - void speck_decrypt16(SPECK_TYPE16 const ct[2], SPECK_TYPE16 pt[2], SPECK_TYPE16 const K[SPECK_ROUNDS16]); +void speck_set_encrypt_key16(const uint16_t user[SPECK_KEY_LEN16], uint16_t key[SPECK_ROUNDS16]); +void speck_set_decrypt_key16(uint16_t const user[SPECK_KEY_LEN16], uint16_t key[SPECK_ROUNDS16]); +void speck_encrypt16(const uint16_t pt[2], uint16_t ct[2], const uint16_t K[SPECK_ROUNDS16]); +void speck_decrypt16(const uint16_t ct[2], uint16_t pt[2], const uint16_t K[SPECK_ROUNDS16]); - void speck_set_encrypt_key32(SPECK_TYPE32 const user[SPECK_KEY_LEN32], SPECK_TYPE32 key[SPECK_ROUNDS32]); - void speck_set_decrypt_key32(SPECK_TYPE32 const user[SPECK_KEY_LEN32], SPECK_TYPE32 key[SPECK_ROUNDS32]); - void speck_expand32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[SPECK_ROUNDS32]); - void speck_encrypt32(SPECK_TYPE32 const pt[2], SPECK_TYPE32 ct[2], SPECK_TYPE32 const K[SPECK_ROUNDS32]); - void speck_decrypt32(SPECK_TYPE32 const ct[2], SPECK_TYPE32 pt[2], SPECK_TYPE32 const K[SPECK_ROUNDS32]); +void speck_set_encrypt_key32(const uint32_t user[SPECK_KEY_LEN32], uint32_t key[SPECK_ROUNDS32]); +void speck_set_decrypt_key32(const uint32_t user[SPECK_KEY_LEN32], uint32_t key[SPECK_ROUNDS32]); +void speck_encrypt32(const uint32_t pt[2], uint32_t ct[2], const uint32_t K[SPECK_ROUNDS32]); +void speck_decrypt32(const uint32_t ct[2], uint32_t pt[2], const uint32_t K[SPECK_ROUNDS32]); - void speck_set_encrypt_key64(SPECK_TYPE64 const user[SPECK_KEY_LEN64], SPECK_TYPE64 key[SPECK_ROUNDS64]); - void speck_set_decrypt_key64(SPECK_TYPE64 const user[SPECK_KEY_LEN64], SPECK_TYPE64 key[SPECK_ROUNDS64]); - void speck_expand64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[SPECK_ROUNDS64]); - void speck_encrypt64(SPECK_TYPE64 const pt[2], SPECK_TYPE64 ct[2], SPECK_TYPE64 const K[SPECK_ROUNDS64]); - void speck_decrypt64(SPECK_TYPE64 const ct[2], SPECK_TYPE64 pt[2], SPECK_TYPE64 const K[SPECK_ROUNDS64]); +void speck_set_encrypt_key64(const uint64_t user[SPECK_KEY_LEN64], uint64_t key[SPECK_ROUNDS64]); +void speck_set_decrypt_key64(const uint64_t user[SPECK_KEY_LEN64], uint64_t key[SPECK_ROUNDS64]); +void speck_encrypt64(const uint64_t pt[2], uint64_t ct[2], const uint64_t K[SPECK_ROUNDS64]); +void speck_decrypt64(const uint64_t ct[2], uint64_t pt[2], const uint64_t K[SPECK_ROUNDS64]); #ifdef __cplusplus } #endif #endif +#endif diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 87237ef9..1ff13f6d 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -112,7 +112,10 @@ extern "C" { # define SSL_TXT_kGOST "kGOST" # define SSL_TXT_kSRP "kSRP" # define SSL_TXT_kSM2 "kSM2" +# define SSL_TXT_kSM2DHE "kSM2DHE" # define SSL_TXT_kSM2PSK "kSM2PSK" +# define SSL_TXT_kSM9 "kSM9" +# define SSL_TXT_kSM9DHE "kSM9DHE" # define SSL_TXT_aRSA "aRSA" # define SSL_TXT_aDSS "aDSS" @@ -126,6 +129,7 @@ extern "C" { # define SSL_TXT_aGOST "aGOST" # define SSL_TXT_aSRP "aSRP" # define SSL_TXT_aSM2 "aSM2" +# define SSL_TXT_aSM9 "aSM9" # define SSL_TXT_DSS "DSS" # define SSL_TXT_DH "DH" @@ -140,6 +144,8 @@ extern "C" { # define SSL_TXT_ECDSA "ECDSA" # define SSL_TXT_PSK "PSK" # define SSL_TXT_SRP "SRP" +# define SSL_TXT_SM2 "SM2" +# define SSL_TXT_SM9 "SM9" # define SSL_TXT_DES "DES" # define SSL_TXT_3DES "3DES" @@ -181,6 +187,7 @@ extern "C" { # define SSL_TXT_TLSV1 "TLSv1" # define SSL_TXT_TLSV1_1 "TLSv1.1" # define SSL_TXT_TLSV1_2 "TLSv1.2" +# define SSL_TXT_GMTLSV1 "GMTLSv1" # define SSL_TXT_GMTLSV1_1 "GMTLSv1.1" # define SSL_TXT_ALL "ALL" @@ -360,6 +367,10 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx); # define SSL_OP_NO_DTLSv1 0x04000000U # define SSL_OP_NO_DTLSv1_2 0x08000000U +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_OP_NO_GMTLS 0x10000000U +# endif + # define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\ SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2) # define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2) @@ -1032,6 +1043,14 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) /* fatal */ # define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK # define SSL_AD_NO_APPLICATION_PROTOCOL TLS1_AD_NO_APPLICATION_PROTOCOL +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_AD_UNSUPPORTED_SITE2SITE GMTLS_AD_UNSUPPORTED_SITE2SITE +# define SSL_AD_NO_AREA GMTLS_AD_NO_AREA +# define SSL_AD_UNSUPPORTED_AREATYPE GMTLS_AD_UNSUPPORTED_AREATYPE +# define SSL_AD_BAD_IBCPARAM GMTLS_AD_BAD_IBCPARAM +# define SSL_AD_UNSUPPORTED_IBCPARAM GMTLS_AD_UNSUPPORTED_IBCPARAM +# define SSL_AD_IDENTITY_NEED GMTLS_AD_IDENTITY_NEED +# endif # define SSL_ERROR_NONE 0 # define SSL_ERROR_SSL 1 # define SSL_ERROR_WANT_READ 2 @@ -1421,6 +1440,9 @@ void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick, size_t *len); __owur int SSL_copy_session_id(SSL *to, const SSL *from); __owur X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); +#ifndef OPENSSL_NO_GMTLS_METHOD +__owur X509 *SSL_SESSION_get0_peer_extra(SSL_SESSION *s); +#endif __owur int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len); __owur int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, @@ -1639,6 +1661,12 @@ __owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */ __owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */ __owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */ +#ifndef OPENSSL_NO_GMTLS_METHOD +__owur const SSL_METHOD *GMTLS_method(void); /* GMTLSv1.1 */ +__owur const SSL_METHOD *GMTLS_server_method(void); /* GMTLSv1.1 */ +__owur const SSL_METHOD *GMTLS_client_method(void); /* GMTLSv1.1 */ +#endif + __owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); __owur STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx); __owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s); @@ -2092,6 +2120,42 @@ int ERR_load_SSL_strings(void); # define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 385 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386 +# define SSL_F_GMTLS_ADD_CERT_CHAIN 435 +# define SSL_F_GMTLS_CONSTRUCT_CKE_RSA 461 +# define SSL_F_GMTLS_CONSTRUCT_CKE_SM2 430 +# define SSL_F_GMTLS_CONSTRUCT_CKE_SM2DHE 438 +# define SSL_F_GMTLS_CONSTRUCT_CKE_SM9 431 +# define SSL_F_GMTLS_CONSTRUCT_CKE_SM9DHE 432 +# define SSL_F_GMTLS_CONSTRUCT_CLIENT_CERTIFICATE 439 +# define SSL_F_GMTLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 440 +# define SSL_F_GMTLS_CONSTRUCT_SERVER_CERTIFICATE 436 +# define SSL_F_GMTLS_CONSTRUCT_SERVER_KEY_EXCHANGE 427 +# define SSL_F_GMTLS_CONSTRUCT_SKE_RSA 447 +# define SSL_F_GMTLS_CONSTRUCT_SKE_SM2 448 +# define SSL_F_GMTLS_CONSTRUCT_SKE_SM2DHE 449 +# define SSL_F_GMTLS_CONSTRUCT_SKE_SM9 450 +# define SSL_F_GMTLS_CONSTRUCT_SM2DHE_PARAMS 451 +# define SSL_F_GMTLS_CONSTRUCT_SM9_PARAMS 452 +# define SSL_F_GMTLS_NEW_CERT_PACKET 453 +# define SSL_F_GMTLS_OUTPUT_CERT_CHAIN 437 +# define SSL_F_GMTLS_OUTPUT_IBCS_PARAM 441 +# define SSL_F_GMTLS_PROCESS_CKE_RSA 462 +# define SSL_F_GMTLS_PROCESS_CKE_SM2 426 +# define SSL_F_GMTLS_PROCESS_CKE_SM2DHE 442 +# define SSL_F_GMTLS_PROCESS_CKE_SM9 433 +# define SSL_F_GMTLS_PROCESS_CKE_SM9DHE 434 +# define SSL_F_GMTLS_PROCESS_CLIENT_CERTIFICATE 454 +# define SSL_F_GMTLS_PROCESS_CLIENT_KEY_EXCHANGE 443 +# define SSL_F_GMTLS_PROCESS_KEY_EXCHANGE 429 +# define SSL_F_GMTLS_PROCESS_SERVER_CERTIFICATE 444 +# define SSL_F_GMTLS_PROCESS_SERVER_CERTS 455 +# define SSL_F_GMTLS_PROCESS_SERVER_KEY_EXCHANGE 445 +# define SSL_F_GMTLS_PROCESS_SKE_RSA 456 +# define SSL_F_GMTLS_PROCESS_SKE_SM2 457 +# define SSL_F_GMTLS_PROCESS_SKE_SM2DHE 458 +# define SSL_F_GMTLS_PROCESS_SKE_SM9 459 +# define SSL_F_GMTLS_PROCESS_SM9_PARAMS 460 +# define SSL_F_GMTLS_SM2_DERIVE 463 # define SSL_F_OPENSSL_INIT_SSL 342 # define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 417 # define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 418 @@ -2239,6 +2303,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_TLS_CONSTRUCT_CKE_GOST 406 # define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE 407 # define SSL_F_TLS_CONSTRUCT_CKE_RSA 409 +# define SSL_F_TLS_CONSTRUCT_CKE_SM2 425 # define SSL_F_TLS_CONSTRUCT_CKE_SRP 410 # define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 355 # define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 356 @@ -2276,6 +2341,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 367 # define SSL_F_TLS_PROCESS_SERVER_DONE 368 # define SSL_F_TLS_PROCESS_SERVER_HELLO 369 +# define SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE 446 # define SSL_F_TLS_PROCESS_SKE_DHE 419 # define SSL_F_TLS_PROCESS_SKE_ECDHE 420 # define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 421 @@ -2294,6 +2360,7 @@ int ERR_load_SSL_strings(void); # define SSL_R_BAD_DH_VALUE 102 # define SSL_R_BAD_DIGEST_LENGTH 111 # define SSL_R_BAD_ECC_CERT 304 +# define SSL_R_BAD_ECPKPARAMETERS 109 # define SSL_R_BAD_ECPOINT 306 # define SSL_R_BAD_HANDSHAKE_LENGTH 332 # define SSL_R_BAD_HELLO_REQUEST 105 @@ -2302,6 +2369,7 @@ int ERR_load_SSL_strings(void); # define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 # define SSL_R_BAD_RSA_ENCRYPT 119 # define SSL_R_BAD_SIGNATURE 123 +# define SSL_R_BAD_SM2_ENCRYPT 101 # define SSL_R_BAD_SRP_A_LENGTH 347 # define SSL_R_BAD_SRP_PARAMETERS 371 # define SSL_R_BAD_SRTP_MKI_VALUE 352 @@ -2370,6 +2438,7 @@ int ERR_load_SSL_strings(void); # define SSL_R_INAPPROPRIATE_FALLBACK 373 # define SSL_R_INCONSISTENT_COMPRESSION 340 # define SSL_R_INCONSISTENT_EXTMS 104 +# define SSL_R_INVALID_CERT_CHAIN 112 # define SSL_R_INVALID_COMMAND 280 # define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 # define SSL_R_INVALID_CONFIGURATION_NAME 113 @@ -2390,9 +2459,11 @@ int ERR_load_SSL_strings(void); # define SSL_R_MISSING_RSA_CERTIFICATE 168 # define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 # define SSL_R_MISSING_RSA_SIGNING_CERT 170 +# define SSL_R_MISSING_SM2_ENC_CERTIFICATE 108 # define SSL_R_MISSING_SRP_PARAM 358 # define SSL_R_MISSING_TMP_DH_KEY 171 # define SSL_R_MISSING_TMP_ECDH_KEY 311 +# define SSL_R_NOT_IMPLEMENTED 110 # define SSL_R_NO_CERTIFICATES_RETURNED 176 # define SSL_R_NO_CERTIFICATE_ASSIGNED 177 # define SSL_R_NO_CERTIFICATE_SET 179 @@ -2428,6 +2499,7 @@ int ERR_load_SSL_strings(void); # define SSL_R_PSK_IDENTITY_NOT_FOUND 223 # define SSL_R_PSK_NO_CLIENT_CB 224 # define SSL_R_PSK_NO_SERVER_CB 225 +# define SSL_R_RANDOM_GENERATOR_ERROR 114 # define SSL_R_READ_BIO_NOT_SET 211 # define SSL_R_READ_TIMEOUT_EXPIRED 312 # define SSL_R_RECORD_LENGTH_MISMATCH 213 @@ -2472,9 +2544,9 @@ int ERR_load_SSL_strings(void); # define SSL_R_SSL_SECTION_NOT_FOUND 136 # define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301 # define SSL_R_SSL_SESSION_ID_CONFLICT 302 -# define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 # define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 +# define SSL_R_SSL_SESSION_ID_TOO_LONG 408 # define SSL_R_SSL_SESSION_VERSION_MISMATCH 210 # define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 # define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 diff --git a/include/openssl/thread.h b/include/openssl/thread.h new file mode 100644 index 00000000..6ad2cc52 --- /dev/null +++ b/include/openssl/thread.h @@ -0,0 +1,195 @@ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] */ + +#ifndef OPENSSL_HEADER_THREAD_H +#define OPENSSL_HEADER_THREAD_H + +#include + +#include +#include +#include + +#if defined(__cplusplus) +extern "C" { +#endif + + +#if defined(OPENSSL_NO_THREADS) +typedef struct crypto_mutex_st { + char padding; /* Empty structs have different sizes in C and C++. */ +} CRYPTO_MUTEX; +#elif defined(OPENSSL_WINDOWS) +/* CRYPTO_MUTEX can appear in public header files so we really don't want to + * pull in windows.h. It's statically asserted that this structure is large + * enough to contain a Windows SRWLOCK by thread_win.c. */ +typedef union crypto_mutex_st { + void *handle; +} CRYPTO_MUTEX; +#elif defined(__MACH__) && defined(__APPLE__) +typedef pthread_rwlock_t CRYPTO_MUTEX; +#else +/* It is reasonable to include pthread.h on non-Windows systems, however the + * |pthread_rwlock_t| that we need is hidden under feature flags, and we can't + * ensure that we'll be able to get it. It's statically asserted that this + * structure is large enough to contain a |pthread_rwlock_t| by + * thread_pthread.c. */ +typedef union crypto_mutex_st { + double alignment; + uint8_t padding[3*sizeof(int) + 5*sizeof(unsigned) + 16 + 8]; +} CRYPTO_MUTEX; +#endif + +/* CRYPTO_refcount_t is the type of a reference count. + * + * Since some platforms use C11 atomics to access this, it should have the + * _Atomic qualifier. However, this header is included by C++ programs as well + * as C code that might not set -std=c11. So, in practice, it's not possible to + * do that. Instead we statically assert that the size and native alignment of + * a plain uint32_t and an _Atomic uint32_t are equal in refcount_c11.c. */ +typedef uint32_t CRYPTO_refcount_t; + + +/* Deprecated functions. + * + * Historically, OpenSSL required callers to provide locking callbacks. + * BoringSSL is thread-safe by default, but some old code calls these functions + * and so no-op implementations are provided. */ + +/* These defines do nothing but are provided to make old code easier to + * compile. */ +#define CRYPTO_LOCK 1 +#define CRYPTO_UNLOCK 2 +#define CRYPTO_READ 4 +#define CRYPTO_WRITE 8 + +/* CRYPTO_num_locks returns one. (This is non-zero that callers who allocate + * sizeof(lock) times this value don't get zero and then fail because malloc(0) + * returned NULL.) */ +//OPENSSL_EXPORT int CRYPTO_num_locks(void); + +#if 0 +/* CRYPTO_set_locking_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_locking_callback( + void (*func)(int mode, int lock_num, const char *file, int line)); + +/* CRYPTO_set_add_lock_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_add_lock_callback(int (*func)( + int *num, int amount, int lock_num, const char *file, int line)); + +/* CRYPTO_get_locking_callback returns NULL. */ +OPENSSL_EXPORT void (*CRYPTO_get_locking_callback(void))(int mode, int lock_num, + const char *file, + int line); + +/* CRYPTO_get_lock_name returns a fixed, dummy string. */ +OPENSSL_EXPORT const char *CRYPTO_get_lock_name(int lock_num); + +/* CRYPTO_THREADID_set_callback returns one. */ +OPENSSL_EXPORT int CRYPTO_THREADID_set_callback( + void (*threadid_func)(CRYPTO_THREADID *threadid)); + +/* CRYPTO_THREADID_set_numeric does nothing. */ +OPENSSL_EXPORT void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, + unsigned long val); + +/* CRYPTO_THREADID_set_pointer does nothing. */ +OPENSSL_EXPORT void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); + +/* CRYPTO_THREADID_current does nothing. */ +OPENSSL_EXPORT void CRYPTO_THREADID_current(CRYPTO_THREADID *id); + +/* CRYPTO_set_id_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_id_callback(unsigned long (*func)(void)); + +typedef struct { + int references; + struct CRYPTO_dynlock_value *data; +} CRYPTO_dynlock; + +/* CRYPTO_set_dynlock_create_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_dynlock_create_callback( + struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, + int line)); + +/* CRYPTO_set_dynlock_lock_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)( + int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)); + +/* CRYPTO_set_dynlock_destroy_callback does nothing. */ +OPENSSL_EXPORT void CRYPTO_set_dynlock_destroy_callback( + void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, + const char *file, int line)); + +/* CRYPTO_get_dynlock_create_callback returns NULL. */ +OPENSSL_EXPORT struct CRYPTO_dynlock_value *( + *CRYPTO_get_dynlock_create_callback(void))(const char *file, int line); + +/* CRYPTO_get_dynlock_lock_callback returns NULL. */ +OPENSSL_EXPORT void (*CRYPTO_get_dynlock_lock_callback(void))( + int mode, struct CRYPTO_dynlock_value *l, const char *file, int line); + +/* CRYPTO_get_dynlock_destroy_callback returns NULL. */ +OPENSSL_EXPORT void (*CRYPTO_get_dynlock_destroy_callback(void))( + struct CRYPTO_dynlock_value *l, const char *file, int line); +#endif + + +#if defined(__cplusplus) +} /* extern C */ +#endif + +#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 23e382cd..66d387d4 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -187,12 +187,19 @@ extern "C" { # define TLSEXT_signature_rsa 1 # define TLSEXT_signature_dsa 2 # define TLSEXT_signature_ecdsa 3 +# ifndef OPENSSL_NO_GMTLS +# define TLSEXT_signature_sm2sign 7 +# endif # define TLSEXT_signature_gostr34102001 237 # define TLSEXT_signature_gostr34102012_256 238 # define TLSEXT_signature_gostr34102012_512 239 /* Total number of different signature algorithms */ -# define TLSEXT_signature_num 7 +# ifndef OPENSSL_NO_GMTLS +# define TLSEXT_signature_num 8 +# else +# define TLSEXT_signature_num 7 +# endif # define TLSEXT_hash_none 0 # define TLSEXT_hash_md5 1 @@ -201,13 +208,20 @@ extern "C" { # define TLSEXT_hash_sha256 4 # define TLSEXT_hash_sha384 5 # define TLSEXT_hash_sha512 6 +# ifndef OPENSSL_NO_GMTLS +# define TLSEXT_hash_sm3 7 +# endif # define TLSEXT_hash_gostr3411 237 # define TLSEXT_hash_gostr34112012_256 238 # define TLSEXT_hash_gostr34112012_512 239 /* Total number of different digest algorithms */ -# define TLSEXT_hash_num 10 +# ifndef OPENSSL_NO_GMTLS +# define TLSEXT_hash_num 11 +# else +# define TLSEXT_hash_num 10 +# endif /* Flag set for unrecognised algorithms */ # define TLSEXT_nid_unknown 0x1000000 diff --git a/include/openssl/ts.h b/include/openssl/ts.h index a5659825..e6315551 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -20,9 +20,15 @@ # include # include # include -# include -# include -# include +# ifndef OPENSSL_NO_RSA +# include +# endif +# ifndef OPENSSL_NO_DSA +# include +# endif +# ifndef OPENSSL_NO_DH +# include +# endif # ifdef __cplusplus extern "C" { # endif diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 88e1bfb4..4168d7ee 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -26,15 +26,25 @@ # include # include # include -# include - -# if OPENSSL_API_COMPAT < 0x10100000L -# include -# include -# include +# ifndef OPENSSL_NO_PAILLIER +# include # endif -# include +# if OPENSSL_API_COMPAT < 0x10100000L +# ifndef OPENSSL_NO_RSA +# include +# endif +# ifndef OPENSSL_NO_DSA +# include +# endif +# ifndef OPENSSL_NO_DH +# include +# endif +# endif + +# ifndef OPENSSL_NO_SHA +# include +# endif #ifdef __cplusplus extern "C" { diff --git a/include/openssl/zuc.h b/include/openssl/zuc.h index 76f738c3..8bd0478e 100755 --- a/include/openssl/zuc.h +++ b/include/openssl/zuc.h @@ -50,8 +50,11 @@ #ifndef HEADER_ZUC_H #define HEADER_ZUC_H -#include +#include +#ifndef OPENSSL_NO_ZUC + #include +#include #ifdef __cplusplus extern "C" { @@ -62,10 +65,8 @@ typedef struct { uint32_t state[22]; } zuc_key_t; -/* void zuc_set_key(zuc_key_t *key, const unsigned char *user_key, const unsigned char *iv); void zuc_generate_keystream(zuc_key_t *key, size_t nwords, uint32_t *words); -*/ typedef struct { zuc_key_t key; @@ -73,16 +74,14 @@ typedef struct { size_t buflen; } zuc_ctx_t; -/* void zuc_ctx_init(zuc_ctx_t *ctx, const unsigned char *user_key, const unsigned char *iv); void zuc_encrypt(zuc_ctx_t *ctx, size_t len, const unsigned char *in, unsigned char *out); #define zuc_decrypt(ctx,len,in,out) zuc_encrypt(ctx,len,in,out) -*/ -#define EEA3_MIN_BITS 1 -#define EEA3_MAX_BITS 65504 -#define EEA3_MIN_BYTES ((EEA3_MIN_BITS + 7)/8) -#define EEA3_MAX_BYTES ((EEA3_MAX_BITS + 7)/8) +#define ZUC_128EEA3_MIN_BITS 1 +#define ZUC_128EEA3_MAX_BITS 65504 +#define ZUC_128EEA3_MIN_BYTES ((ZUC_128EEA3_MIN_BITS + 7)/8) +#define ZUC_128EEA3_MAX_BYTES ((ZUC_128EEA3_MAX_BITS + 7)/8) typedef struct { zuc_ctx_t zuc; @@ -90,17 +89,17 @@ typedef struct { /* maybe buffer */ } eea3_ctx_t; -/* -void eea3_init(eea3_ctx_t *ctx, const unsigned char *user_key, uint32_t count, uint32_t bearer, int direction); -void eea3_encrypt(eea3_ctx_t *ctx, size_t len, const unsigned char *in, unsigned char *out); +void zuc_128eea3_init(zuc_128eea3_t *eea3, const unsigned char *user_key, + uint32_t count, uint32_t bearer, int direction); +void zuc_128eea3_encrypt(zuc_128eea3_t *ctx, size_t len, + const unsigned char *in, unsigned char *out); #define eea3_decrypt(ctx,len,in,out) eea3_encrypt(ctx,len,in,out) -void eea3(const unsigned char *key, uint32_t count, uint32_t bearer, int direction, - size_t len, const unsigned char *in, unsigned char *out); -*/ +void eea3(const unsigned char *key, uint32_t count, uint32_t bearer, + int direction, size_t len, const unsigned char *in, unsigned char *out); -#define EIA3_MIN_BYTES EEA3_MIN_BYTES -#define EIA3_MAX_BYTES EEA3_MAX_BYTES -#define EIA3_MAC_SIZE 4 +#define ZUC_128EIA3_MIN_BYTES EEA3_MIN_BYTES +#define ZUC_128EIA3_MAX_BYTES EEA3_MAX_BYTES +#define ZUC_128EIA3_MAC_SIZE 4 typedef struct { zuc_ctx_t zuc; @@ -108,15 +107,17 @@ typedef struct { /* maybe buffer */ } eia3_ctx_t; -/* -void eia3_init(eia3_ctx_t *ctx, const unsigned char *user_key, uint32_t count, uint32_t bearer, int direction); -void eia3_update(eia3_ctx_t *ctx, const unsigned char *data, size_t datalen); -void eia3_final(eia3_ctx_t *ctx, uint32_t *mac); -void eia3(const unsigned char *key, uint32_t count, uint32_t bearer, int direction, - const unsigned char *data, size_t len, uint32_t *mac); -*/ +void zuc_128eia3_init(zuc_128eia3_t *eia3, const unsigned char *user_key, + uint32_t count, uint32_t bearer, int direction); +void zuc_128eia3_update(zuc_128eia3_t *eia3, const unsigned char *data, + size_t datalen); +void zuc_128eia3_final(zuc_128eia3_t *eia3, uint32_t *mac); +void zuc_128eia3(const unsigned char *key, uint32_t count, uint32_t bearer, + int direction, const unsigned char *data, size_t len, uint32_t *mac); + #ifdef __cplusplus } #endif #endif +#endif diff --git a/java/.gitignore b/java/.gitignore deleted file mode 100644 index 31e07bde..00000000 --- a/java/.gitignore +++ /dev/null @@ -1,183 +0,0 @@ -# Ignore editor artefacts -/.dir-locals.el - -# Top level excludes -/Makefile.orig -/MINFO -/TABLE -/*.a -/*.pc -/rehash.time -/inc.* -/makefile.* -/out.* -/tmp.* -/configdata.pm -/GmSSL.h -/*.so -/*.dylib -/*.jnilib - -# *all* Makefiles -#Makefile - -# Links under apps -/apps/CA.pl -/apps/tsget -/apps/tsget.pl -/apps/md4.c - -# Auto generated headers -/crypto/buildinf.h -/crypto/include/internal/*_conf.h -/openssl/include/opensslconf.h -/util/domd - -# Executables -/apps/openssl -/test/sha256t -/test/sha512t -/test/gost2814789t -/test/ssltest_old -/test/*test -/test/fips_aesavs -/test/fips_desmovs -/test/fips_dhvs -/test/fips_drbgvs -/test/fips_dssvs -/test/fips_ecdhvs -/test/fips_ecdsavs -/test/fips_rngvs -/test/fips_test_suite -/test/ssltest_old -/test/x509aux -/test/v3ext - -# Certain files that get created by tests on the fly -/test/*.ss -/test/*.srl -/test/.rnd -/test/test*.pem -/test/newkey.pem -/test/*.log -/test/buildtest_* - -# Fuzz stuff. -# Anything without an extension is an executable on Unix, so we keep files -# with extensions. And we keep the corpora subddir versioned as well. -# Anything more generic with extensions that should be ignored will be taken -# care of by general ignores for those extensions (*.o, *.obj, *.exe, ...) -/fuzz/* -!/fuzz/README* -!/fuzz/corpora -!/fuzz/*.* - -# Misc auto generated files -/include/openssl/opensslconf.h -/tools/c_rehash -/tools/c_rehash.pl -/tags -/TAGS -/crypto.map -/ssl.map - -# Windows (legacy) -/tmp32 -/tmp32.dbg -/tmp32dll -/tmp32dll.dbg -/out32 -/out32.dbg -/out32dll -/out32dll.dbg -/inc32 -/MINFO -/ms/.rnd -/ms/bcb.mak -/ms/libeay32.def -/ms/nt.mak -/ms/ntdll.mak -/ms/ssleay32.def -/ms/version32.rc - -# Files created on other branches that are not held in git, and are not -# needed on this branch -/include/openssl/asn1_mac.h -/include/openssl/des_old.h -/include/openssl/fips.h -/include/openssl/fips_rand.h -/include/openssl/krb5_asn.h -/include/openssl/kssl.h -/include/openssl/pq_compat.h -/include/openssl/ssl23.h -/include/openssl/tmdiff.h -/include/openssl/ui_compat.h -/test/fips_aesavs.c -/test/fips_desmovs.c -/test/fips_dsatest.c -/test/fips_dssvs.c -/test/fips_hmactest.c -/test/fips_randtest.c -/test/fips_rngvs.c -/test/fips_rsagtest.c -/test/fips_rsastest.c -/test/fips_rsavtest.c -/test/fips_shatest.c -/test/fips_test_suite.c -/test/shatest.c - -##### Generic patterns -# Auto generated assembly language source files -*.s -!/crypto/*/asm/*.s -/crypto/arm*.S -/crypto/*/*.S -*.asm -!/crypto/*/asm/*.asm - -# Object files -*.o -*.obj - -# editor artefacts -*.swp -.#* -\#*# -*~ - -# Certificate symbolic links -*.0 - -# All kinds of executables -*.so -*.so.* -*.dylib -*.dylib.* -*.dll -*.dll.* -*.exe -*.pyc -*.exp -*.lib -*.pdb -*.ilk -*.def -*.rc -*.res -*.class - -# Misc generated stuff -Makefile.save -/crypto/**/lib -/engines/**/lib -/ssl/**/lib -*.bak -cscope.* -*.d - -# add by LiTianjue for GmSSL -# auto create by Configure -crypto/opensslconf.h -tool/c_rehash -# exec file -apps/gmssl diff --git a/java/GmSSL.c b/java/GmSSL.c index 5aef4f37..9c1de5c0 100755 --- a/java/GmSSL.c +++ b/java/GmSSL.c @@ -49,51 +49,135 @@ #include #include -#include +#include #include #include #include #include -#include +#ifndef OPENSSL_NO_CMAC +# include +#endif +#ifndef OPENSSL_NO_SM2 +#include +#endif #include +#include +#include +#include +#include "../e_os.h" +#include "gmssl_err.h" +#include "gmssl_err.c" #include "GmSSL.h" -JNIEXPORT jint JNICALL JNI_onload(JavaVM *vm, void *reserved) +#define GMSSL_JNI_VERSION "GmSSL-JNI API/1.1 2017-09-01" + +JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void *reserved) { + (void)ERR_load_JNI_strings(); return JNI_VERSION_1_2; } -JNIEXPORT void JNICALL JNI_onunload(JavaVM *vm, void *reserved) +JNIEXPORT void JNICALL JNI_OnUnload(JavaVM *vm, void *reserved) { + ERR_unload_JNI_strings(); } -JNIEXPORT jstring JNICALL Java_GmSSL_getVersion( - JNIEnv *env, jobject this, jint type) +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getVersions(JNIEnv *env, jobject this) { - return (*env)->NewStringUTF(env, OpenSSL_version(type)); + jobjectArray ret = NULL; + int i; + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, 7, + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETVERSIONS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + (*env)->SetObjectArrayElement(env, ret, 0, + (*env)->NewStringUTF(env, GMSSL_JNI_VERSION)); + + for (i = 1; i < 7; i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, OpenSSL_version(i-1))); + } + + return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_generateRandom( JNIEnv *env, jobject this, jint outlen) { jbyteArray ret = NULL; - jbyte outbuf[outlen]; + jbyte *outbuf = NULL; - if (!RAND_bytes((unsigned char *)outbuf, outlen)) { + if (outlen <= 0 || outlen >= INT_MAX) { + JNIerr(JNI_F_JAVA_GMSSL_GENERATERANDOM, JNI_R_INVALID_LENGTH); return NULL; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + + if (!(outbuf = OPENSSL_malloc(outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_GENERATERANDOM, ERR_R_MALLOC_FAILURE); + goto end; } + if (!RAND_bytes((unsigned char *)outbuf, outlen)) { + JNIerr(JNI_F_JAVA_GMSSL_GENERATERANDOM, JNI_R_GMSSL_RNG_ERROR); + goto end; + } + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_GENERATERANDOM, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + +end: + OPENSSL_free(outbuf); return ret; } -JNIEXPORT jobjectArray JNICALL Java_GmSSL_getCiphers( - JNIEnv *env, jobject this, jboolean aliases) +static void list_cipher_fn(const EVP_CIPHER *c, + const char *from, const char *to, void *argv) { - char *algors = "sms4-ecb:sms4-cbc:sms4-ofb:sms4-cfb:sms4-ctr"; - return (*env)->NewStringUTF(env, algors); + STACK_OF(OPENSSL_CSTRING) *sk = argv; + if (c) { + sk_OPENSSL_CSTRING_push(sk, EVP_CIPHER_name(c)); + } else { + sk_OPENSSL_CSTRING_push(sk, from); + } +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getCiphers( + JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + STACK_OF(OPENSSL_CSTRING) *sk = NULL; + int i; + + if (!(sk = sk_OPENSSL_CSTRING_new_null())) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERS, ERR_R_MALLOC_FAILURE); + goto end; + } + + EVP_CIPHER_do_all_sorted(list_cipher_fn, sk); + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + sk_OPENSSL_CSTRING_num(sk), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERS, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + for (i = 0; i < sk_OPENSSL_CSTRING_num(sk); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, sk_OPENSSL_CSTRING_value(sk, i))); + } + +end: + sk_OPENSSL_CSTRING_free(sk); + return ret; } JNIEXPORT jint JNICALL Java_GmSSL_getCipherIVLength( @@ -103,11 +187,19 @@ JNIEXPORT jint JNICALL Java_GmSSL_getCipherIVLength( const char *alg = NULL; const EVP_CIPHER *cipher; - alg = (*env)->GetStringUTFChars(env, algor, 0); - if ((cipher = EVP_get_cipherbyname(alg))) { - ret = EVP_CIPHER_iv_length(cipher); + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERIVLENGTH, JNI_R_BAD_ARGUMENT); + goto end; } + if (!(cipher = EVP_get_cipherbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERIVLENGTH, JNI_R_INVALID_CIPHER); + goto end; + } + + ret = EVP_CIPHER_iv_length(cipher); + +end: (*env)->ReleaseStringUTFChars(env, algor, alg); return ret; } @@ -119,13 +211,20 @@ JNIEXPORT jint JNICALL Java_GmSSL_getCipherKeyLength( const char *alg = NULL; const EVP_CIPHER *cipher; - alg = (*env)->GetStringUTFChars(env, algor, 0); - cipher = EVP_get_cipherbyname(alg); - if (cipher) { - ret = EVP_CIPHER_key_length(cipher); + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERKEYLENGTH, JNI_R_BAD_ARGUMENT); + goto end; } - (*env)->ReleaseStringUTFChars(env, algor, alg); + if (!(cipher = EVP_get_cipherbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERKEYLENGTH, JNI_R_INVALID_CIPHER); + goto end; + } + + ret = EVP_CIPHER_key_length(cipher); + +end: + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); return ret; } @@ -136,17 +235,25 @@ JNIEXPORT jint JNICALL Java_GmSSL_getCipherBlockSize( const char *alg = NULL; const EVP_CIPHER *cipher; - alg = (*env)->GetStringUTFChars(env, algor, 0); - if ((cipher = EVP_get_cipherbyname(alg))) { - ret = EVP_CIPHER_block_size(cipher); + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERBLOCKSIZE, JNI_R_BAD_ARGUMENT); + goto end; } - (*env)->ReleaseStringUTFChars(env, algor, alg); + if (!(cipher = EVP_get_cipherbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_GETCIPHERBLOCKSIZE, JNI_R_NONSUPPORTED_CIPHER); + goto end; + } + + ret = EVP_CIPHER_block_size(cipher); + +end: + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricEncrypt( - JNIEnv *env, jobject this, jstring algor, jint flag, + JNIEnv *env, jobject this, jstring algor, jbyteArray in, jbyteArray key, jbyteArray iv) { jbyteArray ret = NULL; @@ -159,44 +266,83 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricEncrypt( const EVP_CIPHER *cipher; EVP_CIPHER_CTX *cctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_BAD_ARGUMENT); goto end; } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + /* null IV can be valid input for some ciphers */ ivbuf = (unsigned char *)(*env)->GetByteArrayElements(env, iv, 0); ivlen = (*env)->GetArrayLength(env, iv); - if (!(cipher = EVP_get_cipherbyname(alg)) - || keylen != EVP_CIPHER_key_length(cipher) - || ivlen != EVP_CIPHER_iv_length(cipher) - || !(outbuf = OPENSSL_malloc(inlen + 2 * EVP_CIPHER_block_size(cipher))) - || !(cctx = EVP_CIPHER_CTX_new()) - || !EVP_EncryptInit_ex(cctx, cipher, NULL, keybuf, ivbuf) - || !EVP_EncryptUpdate(cctx, outbuf, &outlen, inbuf, inlen) - || !EVP_EncryptFinal_ex(cctx, outbuf + outlen, &lastlen)) { + if (!(cipher = EVP_get_cipherbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_INVALID_CIPHER); + goto end; + } + if (keylen != EVP_CIPHER_key_length(cipher)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_INVALID_KEY_LENGTH); + goto end; + } + if (ivlen != EVP_CIPHER_iv_length(cipher)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_INVALID_IV_LENGTH); + goto end; + } + if (!(outbuf = OPENSSL_malloc(inlen + 2 * EVP_CIPHER_block_size(cipher)))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(cctx = EVP_CIPHER_CTX_new())) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!EVP_EncryptInit_ex(cctx, cipher, NULL, keybuf, ivbuf)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, ERR_R_EVP_LIB); + goto end; + } + if (!EVP_EncryptUpdate(cctx, outbuf, &outlen, inbuf, inlen)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, ERR_R_EVP_LIB); + goto end; + } + if (!EVP_EncryptFinal_ex(cctx, outbuf + outlen, &lastlen)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, ERR_R_EVP_LIB); goto end; } outlen += lastlen; - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT, JNI_R_JNI_MALLOC_FAILURE); + goto end; } + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, iv, (jbyte *)ivbuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (ivbuf) (*env)->ReleaseByteArrayElements(env, iv, (jbyte *)ivbuf, JNI_ABORT); OPENSSL_free(outbuf); EVP_CIPHER_CTX_free(cctx); return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricDecrypt( - JNIEnv *env, jobject this, jstring algor, jint flag, + JNIEnv *env, jobject this, jstring algor, jbyteArray in, jbyteArray key, jbyteArray iv) { jbyteArray ret = NULL; @@ -209,46 +355,120 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricDecrypt( const EVP_CIPHER *cipher; EVP_CIPHER_CTX *cctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_BAD_ARGUMENT); goto end; } ivbuf = (unsigned char *)(*env)->GetByteArrayElements(env, iv, 0); ivlen = (*env)->GetArrayLength(env, iv); - if (!(cipher = EVP_get_cipherbyname(alg)) - || keylen != EVP_CIPHER_key_length(cipher) - || ivlen != EVP_CIPHER_iv_length(cipher) - || !(outbuf = OPENSSL_malloc(inlen)) - || !(cctx = EVP_CIPHER_CTX_new()) - || !EVP_EncryptInit_ex(cctx, cipher, NULL, keybuf, ivbuf) - || !EVP_EncryptUpdate(cctx, outbuf, &outlen, inbuf, inlen) - || !EVP_EncryptFinal_ex(cctx, outbuf + outlen, &lastlen)) { + + if (!(cipher = EVP_get_cipherbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_INVALID_CIPHER); + goto end; + } + if (keylen != EVP_CIPHER_key_length(cipher)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_KEY_LENGTH); + goto end; + } + if (ivlen != EVP_CIPHER_iv_length(cipher)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_IV_LENGTH); + goto end; + } + if (!(outbuf = OPENSSL_malloc(inlen))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(cctx = EVP_CIPHER_CTX_new())) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!EVP_DecryptInit_ex(cctx, cipher, NULL, keybuf, ivbuf)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, ERR_R_EVP_LIB); + goto end; + } + if (!EVP_DecryptUpdate(cctx, outbuf, &outlen, inbuf, inlen)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, ERR_R_EVP_LIB); + goto end; + } + if (!EVP_DecryptFinal_ex(cctx, outbuf + outlen, &lastlen)) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, ERR_R_EVP_LIB); goto end; } outlen += lastlen; - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT, JNI_R_JNI_MALLOC_FAILURE); } + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, iv, (jbyte *)ivbuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (ivbuf) (*env)->ReleaseByteArrayElements(env, iv, (jbyte *)ivbuf, JNI_ABORT); EVP_CIPHER_CTX_free(cctx); return ret; } -JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDigests( - JNIEnv *env, jobject this, jboolean aliases) +static void list_md_fn(const EVP_MD *md, + const char *from, const char *to, void *argv) { - char *digests = "sm3:sha1:sha256:sha512"; - return (*env)->NewStringUTF(env, digests); + STACK_OF(OPENSSL_CSTRING) *sk = argv; + if (md) { + sk_OPENSSL_CSTRING_push(sk, EVP_MD_name(md)); + } else { + sk_OPENSSL_CSTRING_push(sk, from); + } +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDigests( + JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + STACK_OF(OPENSSL_CSTRING) *sk = NULL; + int i; + + if (!(sk = sk_OPENSSL_CSTRING_new_null())) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTS, ERR_R_MALLOC_FAILURE); + goto end; + } + + EVP_MD_do_all_sorted(list_md_fn, sk); + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + sk_OPENSSL_CSTRING_num(sk), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTS, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + for (i = 0; i < sk_OPENSSL_CSTRING_num(sk); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, sk_OPENSSL_CSTRING_value(sk, i))); + } + +end: + sk_OPENSSL_CSTRING_free(sk); + return ret; } JNIEXPORT jint JNICALL Java_GmSSL_getDigestLength( @@ -258,12 +478,20 @@ JNIEXPORT jint JNICALL Java_GmSSL_getDigestLength( const char *alg = NULL; const EVP_MD *md; - alg = (*env)->GetStringUTFChars(env, algor, 0); - if ((md = EVP_get_digestbyname(alg))) { - ret = EVP_MD_size(md); + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTLENGTH, JNI_R_BAD_ARGUMENT); + goto end; } - (*env)->ReleaseStringUTFChars(env, algor, alg); + if (!(md = EVP_get_digestbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTLENGTH, JNI_R_INVALID_DIGEST); + goto end; + } + + ret = EVP_MD_size(md); + +end: + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); return ret; } @@ -274,17 +502,25 @@ JNIEXPORT jint JNICALL Java_GmSSL_getDigestBlockSize( const char *alg = NULL; const EVP_MD *md; - alg = (*env)->GetStringUTFChars(env, algor, 0); - if ((md = EVP_get_digestbyname(alg))) { - ret = EVP_MD_block_size(md); + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTBLOCKSIZE, JNI_R_BAD_ARGUMENT); + goto end; } + if (!(md = EVP_get_digestbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDIGESTBLOCKSIZE, JNI_R_INVALID_DIGEST); + goto end; + } + + ret = EVP_MD_block_size(md); + +end: (*env)->ReleaseStringUTFChars(env, algor, alg); return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_digest(JNIEnv *env, jobject this, - jstring algor, jint flag, jbyteArray in) + jstring algor, jbyteArray in) { jbyteArray ret = NULL; const char *alg = NULL; @@ -294,36 +530,73 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_digest(JNIEnv *env, jobject this, unsigned int outlen = sizeof(outbuf); const EVP_MD *md; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (size_t)(*env)->GetArrayLength(env, in)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (size_t)(*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, JNI_R_BAD_ARGUMENT); goto end; } - if (!(md = EVP_get_digestbyname(alg)) - || !EVP_Digest(inbuf, inlen, outbuf, &outlen, md, NULL)) { + if (!(md = EVP_get_digestbyname(alg))) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, JNI_R_INVALID_DIGEST); + goto end; + } + if (!EVP_Digest(inbuf, inlen, outbuf, &outlen, md, NULL)) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, ERR_R_EVP_LIB); goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_DIGEST, JNI_R_JNI_MALLOC_FAILURE); + goto end; } + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); return ret; } +char *mac_algors[] = { + "CMAC-SMS4", + "HMAC-SM3", + "HMAC-SHA1", + "HMAC-SHA256", + "HMAC-SHA512", +}; + JNIEXPORT jobjectArray JNICALL Java_GmSSL_getMacs( - JNIEnv *env, jobject this, jboolean aliases) + JNIEnv *env, jobject this) { - char *macs = "cmac-sms4:hmac-sm3:hmac-sha1:hmac-sha256:hmac-sha512"; - return (*env)->NewStringUTF(env, macs); + jobjectArray ret = NULL; + int i; + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + OSSL_NELEM(mac_algors), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETMACS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + for (i = 0; i < OSSL_NELEM(mac_algors); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, mac_algors[i])); + } + + return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_mac(JNIEnv *env, jobject this, - jstring algor, jint flag, jbyteArray in, jbyteArray key) + jstring algor, jbyteArray in, jbyteArray key) { jbyteArray ret = NULL; const char *alg = NULL; @@ -331,67 +604,207 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_mac(JNIEnv *env, jobject this, const unsigned char *keybuf = NULL; unsigned char outbuf[EVP_MAX_MD_SIZE]; int inlen, keylen, outlen = sizeof(outbuf); +#ifndef OPENSSL_NO_CMAC + CMAC_CTX *cctx = NULL; +#endif - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_BAD_ARGUMENT); goto end; } - if (memcmp(alg, "cmac-", strlen("cmac-")) == 0) { - const EVP_CIPHER *cipher; - CMAC_CTX *cctx = NULL; - size_t len = sizeof(outbuf); - - if (!(cipher = EVP_get_cipherbyname(alg + strlen("cmac-"))) - || !(cctx = CMAC_CTX_new()) - || !CMAC_Init(cctx, keybuf, keylen, cipher, NULL) - || !CMAC_Update(cctx, inbuf, inlen) - || !CMAC_Final(cctx, outbuf, &len)) { - CMAC_CTX_free(cctx); - goto end; - } - - outlen = len; - CMAC_CTX_free(cctx); - - } else if (memcmp(alg, "hmac-", strlen("hmac-")) == 0) { + if (memcmp(alg, "HMAC-", strlen("HMAC-")) == 0) { const EVP_MD *md; unsigned int len = sizeof(outbuf); - if (!(md = EVP_get_digestbyname(alg + strlen("hmac-"))) - || !HMAC(md, keybuf, keylen, inbuf, inlen, outbuf, &len)) { + if (!(md = EVP_get_digestbyname(alg + strlen("HMAC-")))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_INVALID_DIGEST); + goto end; + } + + if (!HMAC(md, keybuf, keylen, inbuf, inlen, outbuf, &len)) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_HMAC_ERROR); goto end; } outlen = len; +#ifndef OPENSSL_NO_CMAC + } else if (memcmp(alg, "CMAC-", strlen("CMAC-")) == 0) { + const EVP_CIPHER *cipher; + size_t len = sizeof(outbuf); + + if (!(cipher = EVP_get_cipherbyname(alg + strlen("CMAC-")))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_INVALID_CIPHER); + goto end; + } + if (!(cctx = CMAC_CTX_new())) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!CMAC_Init(cctx, keybuf, keylen, cipher, NULL)) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_CMAC_ERROR); + goto end; + } + if (!CMAC_Update(cctx, inbuf, inlen)) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_CMAC_ERROR); + goto end; + } + if (!CMAC_Final(cctx, outbuf, &len)) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_CMAC_ERROR); + goto end; + } + + outlen = len; +#endif } else { goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_MAC, JNI_R_JNI_MALLOC_FAILURE); + goto end; } + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); +#ifndef OPENSSL_NO_CMAC + CMAC_CTX_free(cctx); +#endif return ret; } -JNIEXPORT jobjectArray JNICALL Java_GmSSL_getSignAlgorithms( - JNIEnv *env, jobject this, jboolean aliases) +int sign_nids[] = { +#ifndef OPENSSL_NO_SM2 + NID_sm2sign, +#endif + NID_ecdsa_with_Recommended, +#ifndef OPENSSL_NO_SHA + NID_ecdsa_with_SHA1, + NID_ecdsa_with_SHA256, + NID_ecdsa_with_SHA512, +# ifndef OPENSSL_NO_RSA + NID_sha1WithRSAEncryption, + NID_sha256WithRSAEncryption, + NID_sha512WithRSAEncryption, +# endif +# ifndef OPENSSL_NO_DSA + NID_dsaWithSHA1, +# endif +#endif +}; + +static int get_sign_info(const char *alg, int *ppkey_type, + const EVP_MD **pmd, int *pec_scheme) { - char *sign_algors = "sm2sign:ecdsa:dsa:rsa"; - return (*env)->NewStringUTF(env, sign_algors); + int pkey_type; + const EVP_MD *md = NULL; + int ec_scheme = -1; + + switch (OBJ_txt2nid(alg)) { +#ifndef OPENSSL_NO_SM2 + case NID_sm2sign: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + break; +#endif + case NID_ecdsa_with_Recommended: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + break; +#ifndef OPENSSL_NO_SHA + case NID_ecdsa_with_SHA1: + pkey_type = EVP_PKEY_EC; + md = EVP_sha1(); + ec_scheme = NID_secg_scheme; + break; + case NID_ecdsa_with_SHA256: + pkey_type = EVP_PKEY_EC; + md = EVP_sha256(); + ec_scheme = NID_secg_scheme; + break; + case NID_ecdsa_with_SHA512: + pkey_type = EVP_PKEY_EC; + md = EVP_sha512(); + ec_scheme = NID_secg_scheme; + break; +# ifndef OPENSSL_NO_RSA + case NID_sha1WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha1(); + break; + case NID_sha256WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha256(); + break; + case NID_sha512WithRSAEncryption: + pkey_type = EVP_PKEY_RSA; + md = EVP_sha512(); + break; +# endif +# ifndef OPENSSL_NO_DSA + case NID_dsaWithSHA1: + pkey_type = EVP_PKEY_DSA; + md = EVP_sha1(); + break; +# endif +#endif + default: + return 0; + } + + *ppkey_type = pkey_type; + *pmd = md; + *pec_scheme = ec_scheme; + + return 1; +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getSignAlgorithms( + JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + int num_algors = sizeof(sign_nids)/sizeof(sign_nids[0]); + int i; + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + OSSL_NELEM(sign_nids), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETSIGNALGORITHMS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + for (i = 0; i < num_algors; i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, OBJ_nid2sn(sign_nids[i]))); + } + + return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_sign(JNIEnv *env, jobject this, - jstring algor, jint flag, jbyteArray in, jbyteArray key) + jstring algor, jbyteArray in, jbyteArray key) { jbyteArray ret = NULL; const char *alg = NULL; @@ -400,54 +813,99 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_sign(JNIEnv *env, jobject this, unsigned char outbuf[1024]; int inlen, keylen; size_t outlen = sizeof(outbuf); - int pkey_type; + int pkey_type = 0; + const EVP_MD *md = NULL; + int ec_scheme = -1; const unsigned char *cp; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pkctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0 - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_BAD_ARGUMENT); goto end; } - if (!strcmp(alg, "sm2")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "ecdsa")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "dsa")) { - pkey_type = EVP_PKEY_DSA; - } else if (!strcmp(alg, "rsa")) { - pkey_type = EVP_PKEY_RSA; - } else { + if (!get_sign_info(alg, &pkey_type, &md, &ec_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_INVALID_SIGN_ALGOR); goto end; } cp = keybuf; - if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &cp, keylen)) - || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) - || !EVP_PKEY_sign_init(pkctx) - || !EVP_PKEY_sign(pkctx, outbuf, &outlen, inbuf, inlen)) { + if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &cp, keylen))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_INVALID_PRIVATE_KEY); + goto end; + } + if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_MALLOC_FAILURE); + goto end; + } + if (EVP_PKEY_sign_init(pkctx) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_EVP_LIB); goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (md) { + if (!EVP_PKEY_CTX_set_signature_md(pkctx, md)) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_EVP_LIB); + goto end; + } + } + if (pkey_type == EVP_PKEY_RSA) { +#ifndef OPENSSL_NO_RSA + if (!EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING)) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_RSA_LIB); + goto end; + } +#endif + } else if (pkey_type == EVP_PKEY_EC) { +#ifndef OPENSSL_NO_SM2 + if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, OBJ_txt2nid(alg) == NID_sm2sign ? + NID_sm_scheme : NID_secg_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_EC_LIB); + goto end; + } +#endif } + if (EVP_PKEY_sign(pkctx, outbuf, &outlen, inbuf, inlen) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, ERR_R_EVP_LIB); + goto end; + } + + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_SIGN, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pkctx); return ret; } JNIEXPORT jint JNICALL Java_GmSSL_verify(JNIEnv *env, jobject this, - jstring algor, jint flag, jbyteArray in, jbyteArray sig, jbyteArray key) + jstring algor, jbyteArray in, jbyteArray sig, jbyteArray key) { jint ret = 0; const char *alg = NULL; @@ -456,61 +914,241 @@ JNIEXPORT jint JNICALL Java_GmSSL_verify(JNIEnv *env, jobject this, const unsigned char *keybuf = NULL; int inlen, siglen, keylen; const unsigned char *cp; - int pkey_type; + int pkey_type = 0; + const EVP_MD *md = NULL; + int ec_scheme = -1; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pkctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || !(sigbuf = (unsigned char *)(*env)->GetByteArrayElements(env, sig, 0)) - || (siglen = (*env)->GetArrayLength(env, sig)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(sigbuf = (unsigned char *)(*env)->GetByteArrayElements(env, sig, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((siglen = (*env)->GetArrayLength(env, sig)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_BAD_ARGUMENT); goto end; } - if (!strcmp(alg, "sm2")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "ecdsa")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "dsa")) { - pkey_type = EVP_PKEY_DSA; - } else if (!strcmp(alg, "rsa")) { - pkey_type = EVP_PKEY_RSA; - } else { + if (!get_sign_info(alg, &pkey_type, &md, &ec_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_INVALID_SIGN_ALGOR); goto end; } cp = keybuf; - if (!(pkey = d2i_PUBKEY(NULL, &cp, (long)keylen)) - || EVP_PKEY_id(pkey) != pkey_type - || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) - || !EVP_PKEY_verify_init(pkctx) - || !EVP_PKEY_verify(pkctx, sigbuf, siglen, inbuf, inlen)) { + if (!(pkey = d2i_PUBKEY(NULL, &cp, (long)keylen))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + + if (EVP_PKEY_id(pkey) != pkey_type) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_MALLOC_FAILURE); + goto end; + } + + if (EVP_PKEY_verify_init(pkctx) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_EVP_LIB); + goto end; + } + + if (md && !EVP_PKEY_CTX_set_signature_md(pkctx, md)) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_EVP_LIB); + goto end; + } + + + if (pkey_type == EVP_PKEY_RSA) { +#ifndef OPENSSL_NO_RSA + if (!EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING)) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_RSA_LIB); + goto end; + } +#endif + } else if (pkey_type == EVP_PKEY_EC) { +#ifndef OPENSSL_NO_SM2 + if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, OBJ_txt2nid(alg) == NID_sm2sign ? + NID_sm_scheme : NID_secg_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_EC_LIB); + goto end; + } +#endif + } + + if (EVP_PKEY_verify(pkctx, sigbuf, siglen, inbuf, inlen) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_VERIFY, ERR_R_EVP_LIB); goto end; } ret = 1; end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, sig, (jbyte *)sigbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (sigbuf) (*env)->ReleaseByteArrayElements(env, sig, (jbyte *)sigbuf, JNI_ABORT); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pkctx); return ret; } -JNIEXPORT jobjectArray JNICALL Java_GmSSL_getPublicKeyEncryptions( - JNIEnv *env, jobject this, jboolean aliases) +int pke_nids[] = { +#ifndef OPENSSL_NO_RSA + NID_rsaesOaep, +#endif +#ifndef OPENSSL_NO_ECIES + NID_ecies_recommendedParameters, + NID_ecies_specifiedParameters, +# ifndef OPENSSL_NO_SHA + NID_ecies_with_x9_63_sha1_xor_hmac, + NID_ecies_with_x9_63_sha256_xor_hmac, + NID_ecies_with_x9_63_sha512_xor_hmac, + NID_ecies_with_x9_63_sha1_aes128_cbc_hmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_hmac, + NID_ecies_with_x9_63_sha512_aes256_cbc_hmac, + NID_ecies_with_x9_63_sha256_aes128_ctr_hmac, + NID_ecies_with_x9_63_sha512_aes256_ctr_hmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half, + NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half, + NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half, + NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half, + NID_ecies_with_x9_63_sha1_aes128_cbc_cmac, + NID_ecies_with_x9_63_sha256_aes128_cbc_cmac, + NID_ecies_with_x9_63_sha512_aes256_cbc_cmac, + NID_ecies_with_x9_63_sha256_aes128_ctr_cmac, + NID_ecies_with_x9_63_sha512_aes256_ctr_cmac, +# endif +#endif +#ifndef OPENSSL_NO_SM2 + NID_sm2encrypt_with_sm3, +# ifndef OPENSSL_NO_SHA + NID_sm2encrypt_with_sha1, + NID_sm2encrypt_with_sha256, + NID_sm2encrypt_with_sha512, +# endif +#endif +}; + +static int get_pke_info(const char *alg, int *ppkey_type, + int *pec_scheme, int *pec_encrypt_param) { - char *algors = "sm2:ecies:rsa"; - return (*env)->NewStringUTF(env, algors); + int pkey_type = 0; + int ec_scheme = 0; + int ec_encrypt_param = 0; + + switch (OBJ_txt2nid(alg)) { +#ifndef OPENSSL_NO_RSA + case NID_rsaesOaep: + pkey_type = EVP_PKEY_RSA; + break; +#endif +#ifndef OPENSSL_NO_ECIES + case NID_ecies_recommendedParameters: + case NID_ecies_specifiedParameters: +# ifndef OPENSSL_NO_SHA + case NID_ecies_with_x9_63_sha1_xor_hmac: + case NID_ecies_with_x9_63_sha256_xor_hmac: + case NID_ecies_with_x9_63_sha512_xor_hmac: + case NID_ecies_with_x9_63_sha1_aes128_cbc_hmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_hmac: + case NID_ecies_with_x9_63_sha512_aes256_cbc_hmac: + case NID_ecies_with_x9_63_sha256_aes128_ctr_hmac: + case NID_ecies_with_x9_63_sha512_aes256_ctr_hmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half: + case NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half: + case NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half: + case NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half: + case NID_ecies_with_x9_63_sha1_aes128_cbc_cmac: + case NID_ecies_with_x9_63_sha256_aes128_cbc_cmac: + case NID_ecies_with_x9_63_sha512_aes256_cbc_cmac: + case NID_ecies_with_x9_63_sha256_aes128_ctr_cmac: + case NID_ecies_with_x9_63_sha512_aes256_ctr_cmac: +# endif + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ec_encrypt_param = OBJ_txt2nid(alg); + break; +#endif +#ifndef OPENSSL_NO_SM2 + case NID_sm2encrypt_with_sm3: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sm3; + break; +# ifndef OPENSSL_NO_SHA + case NID_sm2encrypt_with_sha1: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha1; + break; + case NID_sm2encrypt_with_sha256: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha256; + break; + case NID_sm2encrypt_with_sha512: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ec_encrypt_param = NID_sha512; + break; +# endif +#endif + default: + return 0; + } + + *ppkey_type = pkey_type; + *pec_scheme = ec_scheme; + *pec_encrypt_param = ec_encrypt_param; + + return 1; +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getPublicKeyEncryptions( + JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + int i; + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + OSSL_NELEM(pke_nids), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETPUBLICKEYENCRYPTIONS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + for (i = 0; i < OSSL_NELEM(pke_nids); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, OBJ_nid2sn(pke_nids[i]))); + } + + return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyEncrypt( - JNIEnv *env, jobject this, jstring algor, jint flag, + JNIEnv *env, jobject this, jstring algor, jbyteArray in, jbyteArray key) { jbyteArray ret = NULL; @@ -520,49 +1158,97 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyEncrypt( unsigned char *outbuf = NULL; int inlen, keylen; size_t outlen; - int pkey_type; + int pkey_type = NID_undef; + int ec_scheme = NID_undef; + int ec_encrypt_param = NID_undef; const unsigned char *cp; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pkctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || (inlen = (*env)->GetArrayLength(env, in)) > 256 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) > 256) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_BAD_ARGUMENT); goto end; } cp = keybuf; outlen = inlen + 1024; - if (!strcmp(alg, "sm2")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "ecies")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "rsa")) { - pkey_type = EVP_PKEY_RSA; - } else { + if (!get_pke_info(alg, &pkey_type, &ec_scheme, &ec_encrypt_param)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_INVALID_PUBLIC_KEY_ENCRYPTION_ALGOR); goto end; } - if (!(outbuf = OPENSSL_malloc(outlen)) - || !(pkey = d2i_PUBKEY(NULL, &cp, (long)keylen)) - || EVP_PKEY_id(pkey) != pkey_type - || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) - || !EVP_PKEY_encrypt_init(pkctx) - || !EVP_PKEY_encrypt(pkctx, outbuf, &outlen, inbuf, inlen)) { + if (!(outbuf = OPENSSL_malloc(outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(pkey = d2i_PUBKEY(NULL, &cp, (long)keylen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + if (EVP_PKEY_id(pkey) != pkey_type) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_MALLOC_FAILURE); goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (EVP_PKEY_encrypt_init(pkctx) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_EVP_LIB); + goto end; } + if (pkey_type == EVP_PKEY_EC) { +#if !defined(OPENSSL_NO_ECIES) || !defined(OPENSSL_NO_SM2) + if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, ec_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_EC_LIB); + goto end; + } + if (!EVP_PKEY_CTX_set_ec_encrypt_param(pkctx, ec_encrypt_param)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_EC_LIB); + goto end; + } +#endif + } + + if (EVP_PKEY_encrypt(pkctx, outbuf, &outlen, inbuf, inlen) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, ERR_R_EVP_LIB); + goto end; + } + + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); OPENSSL_free(outbuf); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pkctx); @@ -570,8 +1256,15 @@ end: } +/* +static int gmssl_pkey_encrypt(const char *algor, const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, const unsigned char *key, size_t keylen) +{ +} +*/ + JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyDecrypt( - JNIEnv *env, jobject this, jstring algor, jint flag, + JNIEnv *env, jobject this, jstring algor, jbyteArray in, jbyteArray key) { jbyteArray ret = NULL; @@ -581,62 +1274,244 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyDecrypt( unsigned char *outbuf = NULL; int inlen, keylen; size_t outlen; - int pkey_type; + int pkey_type = NID_undef; + int ec_scheme = NID_undef; + int ec_encrypt_param = NID_undef; const unsigned char *cp; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pkctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0)) - || (inlen = (*env)->GetArrayLength(env, in)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, in, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, in)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_BAD_ARGUMENT); goto end; } cp = keybuf; outlen = inlen; - if (!strcmp(alg, "sm2")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "ecies")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "rsa")) { - pkey_type = EVP_PKEY_RSA; - } else { + + if(!get_pke_info(alg, &pkey_type, &ec_scheme, &ec_encrypt_param)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_INVALID_PUBLIC_KEY_ENCRYPTION_ALGOR); goto end; } - if (!(outbuf = OPENSSL_malloc(outlen)) - || !(pkey = d2i_PrivateKey(pkey_type, NULL, &cp, (long)keylen)) - || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) - || !EVP_PKEY_decrypt_init(pkctx) - || !EVP_PKEY_decrypt(pkctx, outbuf, &outlen, inbuf, inlen)) { + if (!(outbuf = OPENSSL_malloc(outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &cp, (long)keylen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_INVALID_PRIVATE_KEY); + goto end; + } + if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_MALLOC_FAILURE); + goto end; + } + if (EVP_PKEY_decrypt_init(pkctx) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_EVP_LIB); goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (pkey_type == EVP_PKEY_EC) { +#if !defined(OPENSSL_NO_ECIES) || !defined(OPENSSL_NO_SM2) + if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, ec_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_EC_LIB); + goto end; + } + + if (!EVP_PKEY_CTX_set_ec_encrypt_param(pkctx, ec_encrypt_param)) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_EC_LIB); + goto end; + } +#endif } + if (EVP_PKEY_decrypt(pkctx, outbuf, &outlen, inbuf, inlen) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, ERR_R_EVP_LIB); + goto end; + } + + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, in, (jbyte *)inbuf, JNI_ABORT); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); OPENSSL_free(outbuf); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pkctx); return ret; } -JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDeriveKeyAlgorithms( - JNIEnv *env, jobject this, jboolean aliases) +int exch_nids[] = { +#ifndef OPENSSL_NO_SM2 + NID_sm2exchange, +#endif +#ifndef OPENSSL_NO_SHA + NID_dhSinglePass_stdDH_sha1kdf_scheme, + NID_dhSinglePass_stdDH_sha224kdf_scheme, + NID_dhSinglePass_stdDH_sha256kdf_scheme, + NID_dhSinglePass_stdDH_sha384kdf_scheme, + NID_dhSinglePass_stdDH_sha512kdf_scheme, + NID_dhSinglePass_cofactorDH_sha1kdf_scheme, + NID_dhSinglePass_cofactorDH_sha224kdf_scheme, + NID_dhSinglePass_cofactorDH_sha256kdf_scheme, + NID_dhSinglePass_cofactorDH_sha384kdf_scheme, + NID_dhSinglePass_cofactorDH_sha512kdf_scheme, +#endif +#ifndef OPENSSL_NO_DH + NID_dhKeyAgreement, +#endif +}; + +static int get_exch_info(const char *alg, int *ppkey_type, int *pec_scheme, + int *pecdh_cofactor_mode, int *pecdh_kdf_type, int *pecdh_kdf_md, + int *pecdh_kdf_outlen, char **pecdh_kdf_ukm, int *pecdh_kdf_ukmlen) { - char *algors = "sm2:ecdh:dh"; - return (*env)->NewStringUTF(env, algors); + int pkey_type = 0; + int ec_scheme = 0; + int ecdh_cofactor_mode = 0; + int ecdh_kdf_type = 0; + int ecdh_kdf_md = 0; + int ecdh_kdf_outlen = 0; + char *ecdh_kdf_ukm = NULL; + int ecdh_kdf_ukmlen = 0; + + switch (OBJ_txt2nid(alg)) { +#ifndef OPENSSL_NO_SM2 + case NID_sm2exchange: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_sm_scheme; + ecdh_kdf_md = NID_sm3; + break; +#endif +#ifndef OPENSSL_NO_SHA + case NID_dhSinglePass_stdDH_sha1kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha1; + break; + case NID_dhSinglePass_stdDH_sha224kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha224; + break; + case NID_dhSinglePass_stdDH_sha256kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha256; + break; + case NID_dhSinglePass_stdDH_sha384kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha384; + break; + case NID_dhSinglePass_stdDH_sha512kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 0; + ecdh_kdf_type = NID_sha512; + break; + case NID_dhSinglePass_cofactorDH_sha1kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha1; + break; + case NID_dhSinglePass_cofactorDH_sha224kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha224; + break; + case NID_dhSinglePass_cofactorDH_sha256kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha256; + break; + case NID_dhSinglePass_cofactorDH_sha384kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha384; + break; + case NID_dhSinglePass_cofactorDH_sha512kdf_scheme: + pkey_type = EVP_PKEY_EC; + ec_scheme = NID_secg_scheme; + ecdh_cofactor_mode = 1; + ecdh_kdf_type = NID_sha512; + break; +#endif +#ifndef OPENSSL_NO_DH + case NID_dhKeyAgreement: + pkey_type = EVP_PKEY_DH; + break; +#endif + default: + return 0; + } + + *ppkey_type = pkey_type; + *pec_scheme = ec_scheme; + *pecdh_cofactor_mode = ecdh_cofactor_mode; + *pecdh_kdf_type = ecdh_kdf_type; + *pecdh_kdf_md = ecdh_kdf_md; + *pecdh_kdf_outlen = ecdh_kdf_outlen; + *pecdh_kdf_ukm = ecdh_kdf_ukm; + *pecdh_kdf_ukmlen = ecdh_kdf_ukmlen; + + return 1; +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDeriveKeyAlgorithms( + JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + int i; + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + OSSL_NELEM(exch_nids), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETDERIVEKEYALGORITHMS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + for (i = 0; i < OSSL_NELEM(exch_nids); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, OBJ_nid2sn(exch_nids[i]))); + } + + return ret; } JNIEXPORT jbyteArray JNICALL Java_GmSSL_deriveKey( - JNIEnv *env, jobject this, jstring algor, jint flag, + JNIEnv *env, jobject this, jstring algor, jint outkeylen, jbyteArray peerkey, jbyteArray key) { jbyteArray ret = NULL; @@ -647,62 +1522,181 @@ JNIEXPORT jbyteArray JNICALL Java_GmSSL_deriveKey( int inlen, keylen; size_t outlen = outkeylen; int pkey_type; + int ec_scheme; const unsigned char *cpin, *cpkey; EVP_PKEY *peerpkey = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pkctx = NULL; - if (!(alg = (*env)->GetStringUTFChars(env, algor, 0)) - || (outkeylen <= 0 || outkeylen > sizeof(outbuf)) - || !(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, peerkey, 0)) - || (inlen = (*env)->GetArrayLength(env, peerkey)) <= 0 - || !(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0)) - || (keylen = (*env)->GetArrayLength(env, key)) <= 0) { + int ecdh_cofactor_mode; + int ecdh_kdf_type; + int ecdh_kdf_md; + int ecdh_kdf_outlen; + unsigned char *ecdh_kdf_ukm; + int ecdh_kdf_ukm_len; + + + if (!(alg = (*env)->GetStringUTFChars(env, algor, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((outkeylen <= 0 || outkeylen > sizeof(outbuf))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(inbuf = (unsigned char *)(*env)->GetByteArrayElements(env, peerkey, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((inlen = (*env)->GetArrayLength(env, peerkey)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); + goto end; + } + if (!(keybuf = (unsigned char *)(*env)->GetByteArrayElements(env, key, 0))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); + goto end; + } + if ((keylen = (*env)->GetArrayLength(env, key)) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_BAD_ARGUMENT); goto end; } cpin = inbuf; cpkey = keybuf; - if (!strcmp(alg, "sm2")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "ecdh")) { - pkey_type = EVP_PKEY_EC; - } else if (!strcmp(alg, "dh")) { - pkey_type = EVP_PKEY_DH; - } else { + if (!get_exch_info(alg, &pkey_type, &ec_scheme, + &ecdh_cofactor_mode, &ecdh_kdf_type, &ecdh_kdf_md, &ecdh_kdf_outlen, &ecdh_kdf_ukm, &ecdh_kdf_ukm_len)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_INVALID_DERIVE_KEY_ALGOR); goto end; } - if (!(peerpkey = d2i_PUBKEY(NULL, &cpin, (long)inlen)) - || EVP_PKEY_id(peerpkey) != pkey_type - || !(pkey = d2i_PrivateKey(pkey_type, NULL, &cpkey, (long)keylen)) - || !(pkctx = EVP_PKEY_CTX_new(pkey, NULL)) - || !EVP_PKEY_derive_init(pkctx) - || !EVP_PKEY_derive_set_peer(pkctx, peerpkey) - || !EVP_PKEY_derive(pkctx, outbuf, &outlen)) { + + if (!(peerpkey = d2i_PUBKEY(NULL, &cpin, (long)inlen))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + if (EVP_PKEY_id(peerpkey) != pkey_type) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_INVALID_PUBLIC_KEY); + goto end; + } + if (!(pkey = d2i_PrivateKey(pkey_type, NULL, &cpkey, (long)keylen))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_INVALID_PRIVATE_KEY); + goto end; + } + if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_MALLOC_FAILURE); + goto end; + } + if (EVP_PKEY_derive_init(pkctx) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EVP_LIB); goto end; } - if ((ret = (*env)->NewByteArray(env, outlen))) { - (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); + if (pkey_type == EVP_PKEY_EC) { + if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, ec_scheme)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } } + if (ec_scheme == NID_secg_scheme) { + if (!EVP_PKEY_CTX_set_ecdh_cofactor_mode(pkctx, ecdh_cofactor_mode)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } + if (!EVP_PKEY_CTX_set_ecdh_kdf_type(pkctx, ecdh_kdf_type)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } + if (!EVP_PKEY_CTX_set_ecdh_kdf_md(pkctx, EVP_get_digestbynid(ecdh_kdf_md))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } + if (!EVP_PKEY_CTX_set_ecdh_kdf_outlen(pkctx, ecdh_kdf_outlen)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } + if (!EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pkctx, ecdh_kdf_ukm, ecdh_kdf_ukm_len)) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EC_LIB); + goto end; + } + } else if (ec_scheme == NID_sm_scheme) { + } + + if (EVP_PKEY_derive_set_peer(pkctx, peerpkey) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EVP_LIB); + goto end; + } + if (EVP_PKEY_derive(pkctx, outbuf, &outlen) <= 0) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, ERR_R_EVP_LIB); + goto end; + } + + if (!(ret = (*env)->NewByteArray(env, outlen))) { + JNIerr(JNI_F_JAVA_GMSSL_DERIVEKEY, JNI_R_JNI_MALLOC_FAILURE); + goto end; + } + + (*env)->SetByteArrayRegion(env, ret, 0, outlen, (jbyte *)outbuf); end: - (*env)->ReleaseStringUTFChars(env, algor, alg); - (*env)->ReleaseByteArrayElements(env, peerkey, (jbyte *)inbuf, JNI_ABORT); - (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); + if (alg) (*env)->ReleaseStringUTFChars(env, algor, alg); + if (inbuf) (*env)->ReleaseByteArrayElements(env, peerkey, (jbyte *)inbuf, JNI_ABORT); + if (keybuf) (*env)->ReleaseByteArrayElements(env, key, (jbyte *)keybuf, JNI_ABORT); EVP_PKEY_free(peerpkey); EVP_PKEY_free(pkey); EVP_PKEY_CTX_free(pkctx); return ret; } -JNIEXPORT jstring JNICALL Java_GmSSL_getErrorString(JNIEnv *env, jobject this) +static int print_errors_cb(const char *str, size_t len, void *u) { - int err; - if (!(err = ERR_get_error())) { - return NULL; + STACK_OF(OPENSSL_STRING *)sk = u; + char *errstr; + + if (!(errstr = OPENSSL_strdup(str))) { + JNIerr(JNI_F_PRINT_ERRORS_CB, ERR_R_MALLOC_FAILURE); + return 0; } - return (*env)->NewStringUTF(env, ERR_error_string(err, NULL)); + + if (!sk_OPENSSL_STRING_push(sk, errstr)) { + JNIerr(JNI_F_PRINT_ERRORS_CB, JNI_R_ERRORS_STACK_ERROR); + return 0; + } + + return len; } +static void free_errstr(char *s) +{ + OPENSSL_free(s); +} + +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getErrorStrings(JNIEnv *env, jobject this) +{ + jobjectArray ret = NULL; + STACK_OF(OPENSSL_STRING) *sk = NULL; + int i; + + if (!(sk = sk_OPENSSL_STRING_new_null())) { + JNIerr(JNI_F_JAVA_GMSSL_GETERRORSTRINGS, ERR_R_MALLOC_FAILURE); + goto end; + } + + ERR_print_errors_cb(print_errors_cb, sk); + + if (!(ret = (jobjectArray)(*env)->NewObjectArray(env, + sk_OPENSSL_STRING_num(sk), + (*env)->FindClass(env, "java/lang/String"), + (*env)->NewStringUTF(env, "")))) { + JNIerr(JNI_F_JAVA_GMSSL_GETERRORSTRINGS, JNI_R_JNI_MALLOC_FAILURE); + return NULL; + } + + for (i = 0; i < sk_OPENSSL_STRING_num(sk); i++) { + (*env)->SetObjectArrayElement(env, ret, i, + (*env)->NewStringUTF(env, sk_OPENSSL_STRING_value(sk, i))); + } + +end: + sk_OPENSSL_STRING_pop_free(sk, free_errstr); + return ret; +} diff --git a/java/GmSSL.ec b/java/GmSSL.ec new file mode 100644 index 00000000..39da1c85 --- /dev/null +++ b/java/GmSSL.ec @@ -0,0 +1 @@ +L JNI gmssl_err.h gmssl_err.c diff --git a/java/GmSSL.h b/java/GmSSL.h new file mode 100644 index 00000000..5cb115a3 --- /dev/null +++ b/java/GmSSL.h @@ -0,0 +1,205 @@ +/* DO NOT EDIT THIS FILE - it is machine generated */ +#include +/* Header for class GmSSL */ + +#ifndef _Included_GmSSL +#define _Included_GmSSL +#ifdef __cplusplus +extern "C" { +#endif +/* + * Class: GmSSL + * Method: getVersions + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getVersions + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getCiphers + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getCiphers + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getDigests + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDigests + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getMacs + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getMacs + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getSignAlgorithms + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getSignAlgorithms + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getPublicKeyEncryptions + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getPublicKeyEncryptions + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: getDeriveKeyAlgorithms + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getDeriveKeyAlgorithms + (JNIEnv *, jobject); + +/* + * Class: GmSSL + * Method: generateRandom + * Signature: (I)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_generateRandom + (JNIEnv *, jobject, jint); + +/* + * Class: GmSSL + * Method: getCipherIVLength + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_getCipherIVLength + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: getCipherKeyLength + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_getCipherKeyLength + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: getCipherBlockSize + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_getCipherBlockSize + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: symmetricEncrypt + * Signature: (Ljava/lang/String;[B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricEncrypt + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: symmetricDecrypt + * Signature: (Ljava/lang/String;[B[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_symmetricDecrypt + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: getDigestLength + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_getDigestLength + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: getDigestBlockSize + * Signature: (Ljava/lang/String;)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_getDigestBlockSize + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: digest + * Signature: (Ljava/lang/String;[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_digest + (JNIEnv *, jobject, jstring, jbyteArray); + +/* + * Class: GmSSL + * Method: getMacLength + * Signature: (Ljava/lang/String;)[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getMacLength + (JNIEnv *, jobject, jstring); + +/* + * Class: GmSSL + * Method: mac + * Signature: (Ljava/lang/String;[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_mac + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: sign + * Signature: (Ljava/lang/String;[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_sign + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: verify + * Signature: (Ljava/lang/String;[B[B[B)I + */ +JNIEXPORT jint JNICALL Java_GmSSL_verify + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: publicKeyEncrypt + * Signature: (Ljava/lang/String;[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyEncrypt + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: publicKeyDecrypt + * Signature: (Ljava/lang/String;[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_publicKeyDecrypt + (JNIEnv *, jobject, jstring, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: deriveKey + * Signature: (Ljava/lang/String;I[B[B)[B + */ +JNIEXPORT jbyteArray JNICALL Java_GmSSL_deriveKey + (JNIEnv *, jobject, jstring, jint, jbyteArray, jbyteArray); + +/* + * Class: GmSSL + * Method: getErrorStrings + * Signature: ()[Ljava/lang/String; + */ +JNIEXPORT jobjectArray JNICALL Java_GmSSL_getErrorStrings + (JNIEnv *, jobject); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/java/GmSSL.java b/java/GmSSL.java index 4e523d57..0175f1cb 100755 --- a/java/GmSSL.java +++ b/java/GmSSL.java @@ -49,39 +49,195 @@ public class GmSSL { - public native String getVersion(int type); - public native byte [] generateRandom(int length); - public native String [] getCiphers(boolean aliases); + public native String[] getVersions(); + public native String[] getCiphers(); + public native String[] getDigests(); + public native String[] getMacs(); + public native String[] getSignAlgorithms(); + public native String[] getPublicKeyEncryptions(); + public native String[] getDeriveKeyAlgorithms(); + public native byte[] generateRandom(int length); public native int getCipherIVLength(String cipher); public native int getCipherKeyLength(String cipher); public native int getCipherBlockSize(String cipher); - public native byte [] symmetricEncrypt(String cipher, int flag, byte [] in, byte [] key, byte [] iv); - public native byte [] symmetricDecrypt(String cipher, int flag, byte [] in, byte [] key, byte [] iv); - public native String [] getDigests(boolean aliases); - public native int getDigestLength(String digestAlgor); - public native int getDigestBlockSize(String digestAlgor); - public native byte [] digest(String algor, int flag, byte [] data); - public native String [] getMacs(boolean aliases); - public native String [] getMacLength(String algor); - public native byte [] mac(String algor, int flag, byte [] data, byte [] key); - public native String [] getSignAlgorithms(boolean aliases); - public native byte [] sign(String algor, int flag, byte [] data, byte [] privateKey); - public native int verify(String algor, int flag, byte [] digest, byte [] signature, byte [] publicKey); - public native String [] getPublicKeyEncryptions(boolean aliases); - public native byte [] publicKeyEncrypt(String algor, int flag, byte [] in, byte [] publicKey); - public native byte [] publicKeyDecrypt(String algor, int falg, byte [] in, byte [] privateKey); - public native String [] getDeriveKeyAlgorithms(boolean aliases); - public native byte [] deriveKey(String algor, int flag, int keyLength, byte [] peerPublicKey, byte [] privateKey); - public native String getErrorString(); + public native byte[] symmetricEncrypt(String cipher, byte[] in, byte[] key, byte[] iv); + public native byte[] symmetricDecrypt(String cipher, byte[] in, byte[] key, byte[] iv); + public native int getDigestLength(String digest); + public native int getDigestBlockSize(String digest); + public native byte[] digest(String algor, byte[] data); + public native String[] getMacLength(String algor); + public native byte[] mac(String algor, byte[] data, byte[] key); + public native byte[] sign(String algor, byte[] data, byte[] privateKey); + public native int verify(String algor, byte[] digest, byte[] signature, byte[] publicKey); + public native byte[] publicKeyEncrypt(String algor, byte[] in, byte[] publicKey); + public native byte[] publicKeyDecrypt(String algor, byte[] in, byte[] privateKey); + public native byte[] deriveKey(String algor, int keyLength, byte[] peerPublicKey, byte[] privateKey); + public native String[] getErrorStrings(); public static void main(String[] args) { + int i; final GmSSL gmssl = new GmSSL(); - System.out.println(gmssl.getVersion(0)); - System.out.println("IV length = " + gmssl.getCipherIVLength("aes-128-cbc")); + + /* GmSSL versions */ + String[] versions = gmssl.getVersions(); + for (i = 0; i < versions.length; i++) { + System.out.println(versions[i]); + } + + /* Supported algorithms */ + System.out.print("Ciphers: "); + String[] ciphers = gmssl.getCiphers(); + for (i = 0; i < ciphers.length - 1; i++) { + System.out.print(ciphers[i] + ", "); + } + System.out.println(ciphers[i]); + + System.out.print("Digests: "); + String[] digests = gmssl.getDigests(); + for (i = 0; i < digests.length - 1; i++) { + System.out.print(digests[i] + ", "); + } + System.out.println(digests[i]); + + System.out.print("MACs: "); + String[] macs = gmssl.getMacs(); + for (i = 0; i < macs.length - 1; i++) { + System.out.print(macs[i] + ", "); + } + System.out.println(macs[i]); + + System.out.print("SignAlgorithms: "); + String[] signAlgors = gmssl.getSignAlgorithms(); + for (i = 0; i < signAlgors.length - 1; i++) { + System.out.print(signAlgors[i] + ", "); + } + System.out.println(signAlgors[i]); + + System.out.print("PublicKeyEncryptions: "); + String[] encAlgors = gmssl.getPublicKeyEncryptions(); + for (i = 0; i < encAlgors.length - 1; i++) { + System.out.print(encAlgors[i] + ", "); + } + System.out.println(encAlgors[i]); + + System.out.print("DeriveKeyAlgorithms: "); + String[] kdfs = gmssl.getDeriveKeyAlgorithms(); + for (i = 0; i < kdfs.length - 1; i++) { + System.out.print(kdfs[i] + ", "); + } + System.out.println(kdfs[i]); + + /* Crypto operations */ + System.out.print("Random(20) = "); + byte[] data = gmssl.generateRandom(20); + for (i = 0; i < data.length; i++) { + System.out.printf("%02X", data[i]); + } + System.out.println(""); + + System.out.printf("SMS4 IV length = %d bytes, key length = %d bytes, block size = %d bytes\n", + gmssl.getCipherIVLength("SMS4"), + gmssl.getCipherKeyLength("SMS4"), + gmssl.getCipherBlockSize("SMS4")); + + byte[] key = {1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8}; + byte[] iv = {1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8}; + byte[] ciphertext = gmssl.symmetricEncrypt("SMS4", "01234567".getBytes(), key, iv); + + System.out.print("Ciphertext: "); + for (i = 0; i < ciphertext.length; i++) { + System.out.printf("%02X", ciphertext[i]); + } + System.out.println(""); + + byte[] plaintext = gmssl.symmetricDecrypt("sms4", ciphertext, key, iv); + + System.out.print("Plaintext: "); + for (i = 0; i < plaintext.length; i++) { + System.out.printf("%02X", plaintext[i]); + } + System.out.println(""); + + byte[] dgst = gmssl.digest("SM3", "abc".getBytes()); + System.out.print("SM3(\"abc\") = "); + for (i = 0; i < dgst.length; i++) { + System.out.printf("%02X", dgst[i]); + } + System.out.println(""); + + byte[] macTag = gmssl.mac("HMAC-SM3", "abc".getBytes(), "password".getBytes()); + System.out.print("HMAC-SM3(\"abc\") = "); + for (i = 0; i < macTag.length; i++) { + System.out.printf("%02X", macTag[i]); + } + System.out.println(""); + + byte[] sm2PrivateKey = new byte[] { + (byte)0x30,(byte)0x77,(byte)0x02,(byte)0x01,(byte)0x01,(byte)0x04,(byte)0x20,(byte)0x28, + (byte)0x7d,(byte)0x3f,(byte)0xb9,(byte)0xf4,(byte)0xbb,(byte)0xc8,(byte)0xbd,(byte)0xe1, + (byte)0x54,(byte)0x75,(byte)0x87,(byte)0x9f,(byte)0x08,(byte)0x61,(byte)0x20,(byte)0xe3, + (byte)0x65,(byte)0xf8,(byte)0xb2,(byte)0xca,(byte)0x14,(byte)0x26,(byte)0x81,(byte)0xf6, + (byte)0x1e,(byte)0xd8,(byte)0x7f,(byte)0xc0,(byte)0x66,(byte)0x20,(byte)0x29,(byte)0xa0, + (byte)0x0a,(byte)0x06,(byte)0x08,(byte)0x2a,(byte)0x81,(byte)0x1c,(byte)0xcf,(byte)0x55, + (byte)0x01,(byte)0x82,(byte)0x2d,(byte)0xa1,(byte)0x44,(byte)0x03,(byte)0x42,(byte)0x00, + (byte)0x04,(byte)0xb1,(byte)0x1e,(byte)0x4c,(byte)0x8c,(byte)0xa9,(byte)0x02,(byte)0xf2, + (byte)0x8d,(byte)0x8b,(byte)0x98,(byte)0xd2,(byte)0xd0,(byte)0xc4,(byte)0xf1,(byte)0x60, + (byte)0x91,(byte)0xfb,(byte)0x61,(byte)0x62,(byte)0x00,(byte)0xcf,(byte)0x93,(byte)0x4e, + (byte)0x3f,(byte)0xca,(byte)0xfd,(byte)0xf7,(byte)0x9d,(byte)0x76,(byte)0xb8,(byte)0x2b, + (byte)0xb3,(byte)0x30,(byte)0x98,(byte)0x65,(byte)0xf5,(byte)0x12,(byte)0xab,(byte)0x45, + (byte)0x78,(byte)0x29,(byte)0x87,(byte)0xdc,(byte)0x74,(byte)0x07,(byte)0x75,(byte)0xd0, + (byte)0x68,(byte)0xad,(byte)0x85,(byte)0x71,(byte)0x08,(byte)0xc2,(byte)0x19,(byte)0xf0, + (byte)0xf4,(byte)0xca,(byte)0x6e,(byte)0xe1,(byte)0xea,(byte)0x86,(byte)0xe6,(byte)0x21, + (byte)0x76}; + + byte[] sm2PublicKey = new byte[] { + (byte)0x30,(byte)0x59,(byte)0x30,(byte)0x13,(byte)0x06,(byte)0x07,(byte)0x2a,(byte)0x86, + (byte)0x48,(byte)0xce,(byte)0x3d,(byte)0x02,(byte)0x01,(byte)0x06,(byte)0x08,(byte)0x2a, + (byte)0x81,(byte)0x1c,(byte)0xcf,(byte)0x55,(byte)0x01,(byte)0x82,(byte)0x2d,(byte)0x03, + (byte)0x42,(byte)0x00,(byte)0x04,(byte)0xb1,(byte)0x1e,(byte)0x4c,(byte)0x8c,(byte)0xa9, + (byte)0x02,(byte)0xf2,(byte)0x8d,(byte)0x8b,(byte)0x98,(byte)0xd2,(byte)0xd0,(byte)0xc4, + (byte)0xf1,(byte)0x60,(byte)0x91,(byte)0xfb,(byte)0x61,(byte)0x62,(byte)0x00,(byte)0xcf, + (byte)0x93,(byte)0x4e,(byte)0x3f,(byte)0xca,(byte)0xfd,(byte)0xf7,(byte)0x9d,(byte)0x76, + (byte)0xb8,(byte)0x2b,(byte)0xb3,(byte)0x30,(byte)0x98,(byte)0x65,(byte)0xf5,(byte)0x12, + (byte)0xab,(byte)0x45,(byte)0x78,(byte)0x29,(byte)0x87,(byte)0xdc,(byte)0x74,(byte)0x07, + (byte)0x75,(byte)0xd0,(byte)0x68,(byte)0xad,(byte)0x85,(byte)0x71,(byte)0x08,(byte)0xc2, + (byte)0x19,(byte)0xf0,(byte)0xf4,(byte)0xca,(byte)0x6e,(byte)0xe1,(byte)0xea,(byte)0x86, + (byte)0xe6,(byte)0x21,(byte)0x76}; + + byte[] sig = gmssl.sign("sm2sign", dgst, sm2PrivateKey); + System.out.print("SM2 Signature : "); + for (i = 0; i < sig.length; i++) { + System.out.printf("%02X", sig[i]); + } + System.out.print("\n"); + + int vret = gmssl.verify("sm2sign", dgst, sig, sm2PublicKey); + System.out.println("Verification result = " + vret); + + byte[] sm2Ciphertext = gmssl.publicKeyEncrypt("sm2encrypt-with-sm3", dgst, sm2PublicKey); + System.out.print("SM2 Ciphertext : "); + for (i = 0; i < sm2Ciphertext.length; i++) { + System.out.printf("%02X", sm2Ciphertext[i]); + } + System.out.print("\n"); + + byte[] sm2Plaintext = gmssl.publicKeyDecrypt("sm2encrypt-with-sm3", sm2Ciphertext, sm2PrivateKey); + System.out.print("SM2 Plaintext : "); + for (i = 0; i < sm2Plaintext.length; i++) { + System.out.printf("%02X", sm2Plaintext[i]); + } + System.out.print("\n"); + + /* Errors */ + System.out.println("Errors:"); + String[] errors = gmssl.getErrorStrings(); + for (i = 0; i < errors.length; i++) { + System.out.println(errors[i]); + } + } static { - System.loadLibrary("gmssl"); + System.loadLibrary("gmssljni"); } } - diff --git a/java/README.md b/java/README.md deleted file mode 100755 index c41a70a6..00000000 --- a/java/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# GmSSL Java Wrapper - -The purpose of this module is to provide a simple Java API to access GmSSL crypto library. To be simple, no key schedule or context is used. So the functions will not be very efficient for processing large files or stream data. And this module is not intend to be integrated with Java crypto frameworks such -as JCE. - -The implementation is based on the Java Native Interface (JNI). The JNI header files are also included, but you can replace them with version from you own compiling environment. - diff --git a/java/SOF.java b/java/SOF.java deleted file mode 100755 index e43db421..00000000 --- a/java/SOF.java +++ /dev/null @@ -1,109 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -public class SOF { - - - - - - - - - //public native long initCertAppPolicy(String PolicyName); - - - public native boolean getCertTrustList(String ctlAltName, String ctlContent); - public native String getCertTrustListAltNames(); - public native String getCertTrustList(String ctrlAltName); - public native long delCertTrustList(String ctlAltName); - public native String getInstance(String policyName); - public native long setSignMethod(long SignMethod); - public native long getSignMethod(); - public native long setEncryptMethod(long EncryptMethod); - public native long getEncryptMethod(); - public native getServerCertificate(); - public native getServerCertificateByUsage(short certUsage); - public native String genRandom(short randomLen); - public native String getCertInfo(String base64EncodeCert, int type); - public native String getCertInfoByOid(String base64EncodeCert, String oid); - public native long validateCert(String base64EncodeCert); - public native String signData(byte [] inData); - public native boolean verifySignedData(String Base64EncodeCert, String InData, String SignValue); - public native String signFile(String ContainerName, String InFile); - public native boolean verifySignedFile(String Base64EncodeCert, String InFile, String SignValue); - public native String encryptData(String Base64EncodeCert, String InData); - public native String decryptData(String ContainerName, String InData); - public native boolean encryptFile(String Base64EncodeCert, String InFile, String OutFile); - public native boolean decryptFile(String ContainerName, String InFile, String OutFile); - public native String signMessage(short flag, String ContainerName, String InData); - public native boolean verifySignedMessage(String MessageData, String InData); - public native String getInfoFromSignedMessage(String SignedMessage, short Type); - public native boolean signMessageDetach(); - public native boolean verifySignedMessageDetach(); - public native String signDataXML(String ContainerName, String InData); - public native boolean verifySignedDataXML(String InData); - public native String getXMLSignatureInfo(String XMLSignedData, short Type); - public native String createTimeStampRequest(String InData); - public native String createTimeStampResponse(String TimeStampRequest); - public native long verifyTimeStamp(String InData, String tsResponseData); - public native String getTimeStampInfo(String tsResponseData, short type); - public native long getLastError(void); - - public static void main(String[] args) { - final GmSSL gmssl = new GmSSL(); - System.out.println(gmssl.getVersion(0)); - System.out.println("IV length = " + gmssl.getCipherIVLength("aes-128-cbc")); - } - - static { - System.loadLibrary("gmsof"); - } -} - diff --git a/java/build.info b/java/build.info new file mode 100644 index 00000000..0e2de6a5 --- /dev/null +++ b/java/build.info @@ -0,0 +1,4 @@ +LIBS=../libgmssljni +SOURCE[../libgmssljni]=GmSSL.c +DEPEND[../libgmssljni]=../libcrypto +INCLUDE[../libgmssljni]=../include ./jni diff --git a/java/gmssl_err.c b/java/gmssl_err.c new file mode 100644 index 00000000..48546000 --- /dev/null +++ b/java/gmssl_err.c @@ -0,0 +1,138 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include "gmssl_err.h" + +/* BEGIN ERROR CODES */ +#ifndef OPENSSL_NO_ERR + +# define ERR_FUNC(func) ERR_PACK(0,func,0) +# define ERR_REASON(reason) ERR_PACK(0,0,reason) + +static ERR_STRING_DATA JNI_str_functs[] = { + {ERR_FUNC(JNI_F_JAVA_GMSSL_DERIVEKEY), "Java_GmSSL_deriveKey"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_DIGEST), "Java_GmSSL_digest"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GENERATERANDOM), "Java_GmSSL_generateRandom"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETCIPHERBLOCKSIZE), + "Java_GmSSL_getCipherBlockSize"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETCIPHERIVLENGTH), + "Java_GmSSL_getCipherIVLength"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETCIPHERKEYLENGTH), + "Java_GmSSL_getCipherKeyLength"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETCIPHERS), "Java_GmSSL_getCiphers"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETDERIVEKEYALGORITHMS), + "Java_GmSSL_getDeriveKeyAlgorithms"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETDIGESTBLOCKSIZE), + "Java_GmSSL_getDigestBlockSize"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETDIGESTLENGTH), + "Java_GmSSL_getDigestLength"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETDIGESTS), "Java_GmSSL_getDigests"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETERRORSTRINGS), + "Java_GmSSL_getErrorStrings"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETMACS), "Java_GmSSL_getMacs"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETPUBLICKEYENCRYPTIONS), + "Java_GmSSL_getPublicKeyEncryptions"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETSIGNALGORITHMS), + "Java_GmSSL_getSignAlgorithms"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_GETVERSIONS), "Java_GmSSL_getVersions"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_MAC), "Java_GmSSL_mac"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT), + "Java_GmSSL_publicKeyDecrypt"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT), + "Java_GmSSL_publicKeyEncrypt"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_SIGN), "Java_GmSSL_sign"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT), + "Java_GmSSL_symmetricDecrypt"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT), + "Java_GmSSL_symmetricEncrypt"}, + {ERR_FUNC(JNI_F_JAVA_GMSSL_VERIFY), "Java_GmSSL_verify"}, + {ERR_FUNC(JNI_F_PRINT_ERRORS_CB), "print_errors_cb"}, + {0, NULL} +}; + +static ERR_STRING_DATA JNI_str_reasons[] = { + {ERR_REASON(JNI_R_BAD_ARGUMENT), "bad argument"}, + {ERR_REASON(JNI_R_CMAC_ERROR), "cmac error"}, + {ERR_REASON(JNI_R_ERRORS_STACK_ERROR), "errors stack error"}, + {ERR_REASON(JNI_R_GMSSL_RNG_ERROR), "gmssl rng error"}, + {ERR_REASON(JNI_R_HMAC_ERROR), "hmac error"}, + {ERR_REASON(JNI_R_INVALID_CIPHER), "invalid cipher"}, + {ERR_REASON(JNI_R_INVALID_DERIVE_KEY_ALGOR), "invalid derive key algor"}, + {ERR_REASON(JNI_R_INVALID_DIGEST), "invalid digest"}, + {ERR_REASON(JNI_R_INVALID_IV_LENGTH), "invalid iv length"}, + {ERR_REASON(JNI_R_INVALID_KEY_LENGTH), "invalid key length"}, + {ERR_REASON(JNI_R_INVALID_LENGTH), "invalid length"}, + {ERR_REASON(JNI_R_INVALID_PRIVATE_KEY), "invalid private key"}, + {ERR_REASON(JNI_R_INVALID_PUBLIC_KEY), "invalid public key"}, + {ERR_REASON(JNI_R_INVALID_PUBLIC_KEY_ENCRYPTION_ALGOR), + "invalid public key encryption algor"}, + {ERR_REASON(JNI_R_INVALID_SIGN_ALGOR), "invalid sign algor"}, + {ERR_REASON(JNI_R_IV_LENGTH), "iv length"}, + {ERR_REASON(JNI_R_JNI_MALLOC_FAILURE), "jni malloc failure"}, + {ERR_REASON(JNI_R_KEY_LENGTH), "key length"}, + {ERR_REASON(JNI_R_NONSUPPORTED_CIPHER), "nonsupported cipher"}, + {0, NULL} +}; + +#endif + +#ifdef JNI_LIB_NAME +static ERR_STRING_DATA JNI_lib_name[] = { + {0, JNI_LIB_NAME}, + {0, NULL} +}; +#endif + +static int JNI_lib_error_code = 0; +static int JNI_error_init = 1; + +static int ERR_load_JNI_strings(void) +{ + if (JNI_lib_error_code == 0) + JNI_lib_error_code = ERR_get_next_error_library(); + + if (JNI_error_init) { + JNI_error_init = 0; +#ifndef OPENSSL_NO_ERR + ERR_load_strings(JNI_lib_error_code, JNI_str_functs); + ERR_load_strings(JNI_lib_error_code, JNI_str_reasons); +#endif + +#ifdef JNI_LIB_NAME + JNI_lib_name->error = ERR_PACK(JNI_lib_error_code, 0, 0); + ERR_load_strings(0, JNI_lib_name); +#endif + } + return 1; +} + +static void ERR_unload_JNI_strings(void) +{ + if (JNI_error_init == 0) { +#ifndef OPENSSL_NO_ERR + ERR_unload_strings(JNI_lib_error_code, JNI_str_functs); + ERR_unload_strings(JNI_lib_error_code, JNI_str_reasons); +#endif + +#ifdef JNI_LIB_NAME + ERR_unload_strings(0, JNI_lib_name); +#endif + JNI_error_init = 1; + } +} + +static void ERR_JNI_error(int function, int reason, char *file, int line) +{ + if (JNI_lib_error_code == 0) + JNI_lib_error_code = ERR_get_next_error_library(); + ERR_PUT_error(JNI_lib_error_code, function, reason, file, line); +} diff --git a/java/gmssl_err.h b/java/gmssl_err.h new file mode 100644 index 00000000..c107f5e2 --- /dev/null +++ b/java/gmssl_err.h @@ -0,0 +1,71 @@ +#ifndef HEADER_JNI_ERR_H +# define HEADER_JNI_ERR_H + +# ifdef __cplusplus +extern "C" { +# endif + +/* BEGIN ERROR CODES */ +/* + * The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ + +static int ERR_load_JNI_strings(void); +static void ERR_unload_JNI_strings(void); +static void ERR_JNI_error(int function, int reason, char *file, int line); +# define JNIerr(f,r) ERR_JNI_error((f),(r),OPENSSL_FILE,OPENSSL_LINE) + +/* Error codes for the JNI functions. */ + +/* Function codes. */ +# define JNI_F_JAVA_GMSSL_DERIVEKEY 100 +# define JNI_F_JAVA_GMSSL_DIGEST 101 +# define JNI_F_JAVA_GMSSL_GENERATERANDOM 102 +# define JNI_F_JAVA_GMSSL_GETCIPHERBLOCKSIZE 103 +# define JNI_F_JAVA_GMSSL_GETCIPHERIVLENGTH 104 +# define JNI_F_JAVA_GMSSL_GETCIPHERKEYLENGTH 105 +# define JNI_F_JAVA_GMSSL_GETCIPHERS 106 +# define JNI_F_JAVA_GMSSL_GETDERIVEKEYALGORITHMS 107 +# define JNI_F_JAVA_GMSSL_GETDIGESTBLOCKSIZE 108 +# define JNI_F_JAVA_GMSSL_GETDIGESTLENGTH 109 +# define JNI_F_JAVA_GMSSL_GETDIGESTS 110 +# define JNI_F_JAVA_GMSSL_GETERRORSTRINGS 111 +# define JNI_F_JAVA_GMSSL_GETMACS 112 +# define JNI_F_JAVA_GMSSL_GETPUBLICKEYENCRYPTIONS 113 +# define JNI_F_JAVA_GMSSL_GETSIGNALGORITHMS 114 +# define JNI_F_JAVA_GMSSL_GETVERSIONS 115 +# define JNI_F_JAVA_GMSSL_MAC 116 +# define JNI_F_JAVA_GMSSL_PUBLICKEYDECRYPT 117 +# define JNI_F_JAVA_GMSSL_PUBLICKEYENCRYPT 118 +# define JNI_F_JAVA_GMSSL_SIGN 119 +# define JNI_F_JAVA_GMSSL_SYMMETRICDECRYPT 120 +# define JNI_F_JAVA_GMSSL_SYMMETRICENCRYPT 121 +# define JNI_F_JAVA_GMSSL_VERIFY 122 +# define JNI_F_PRINT_ERRORS_CB 123 + +/* Reason codes. */ +# define JNI_R_BAD_ARGUMENT 100 +# define JNI_R_CMAC_ERROR 114 +# define JNI_R_ERRORS_STACK_ERROR 101 +# define JNI_R_GMSSL_RNG_ERROR 102 +# define JNI_R_HMAC_ERROR 115 +# define JNI_R_INVALID_CIPHER 103 +# define JNI_R_INVALID_DERIVE_KEY_ALGOR 118 +# define JNI_R_INVALID_DIGEST 104 +# define JNI_R_INVALID_IV_LENGTH 105 +# define JNI_R_INVALID_KEY_LENGTH 106 +# define JNI_R_INVALID_LENGTH 107 +# define JNI_R_INVALID_PRIVATE_KEY 108 +# define JNI_R_INVALID_PUBLIC_KEY 109 +# define JNI_R_INVALID_PUBLIC_KEY_ENCRYPTION_ALGOR 117 +# define JNI_R_INVALID_SIGN_ALGOR 116 +# define JNI_R_IV_LENGTH 110 +# define JNI_R_JNI_MALLOC_FAILURE 111 +# define JNI_R_KEY_LENGTH 112 +# define JNI_R_NONSUPPORTED_CIPHER 113 + +# ifdef __cplusplus +} +# endif +#endif diff --git a/ssl/build.info b/ssl/build.info index 69772465..5a949a8e 100644 --- a/ssl/build.info +++ b/ssl/build.info @@ -11,4 +11,4 @@ SOURCE[../libssl]=\ ssl_asn1.c ssl_txt.c ssl_init.c ssl_conf.c ssl_mcnf.c \ bio_ssl.c ssl_err.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \ record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \ - statem/statem.c + statem/statem.c statem/statem_gmtls.c diff --git a/ssl/methods.c b/ssl/methods.c index c8461432..29945242 100644 --- a/ssl/methods.c +++ b/ssl/methods.c @@ -160,6 +160,27 @@ IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, DTLS_client_method, ssl_undefined_function, ossl_statem_connect, DTLSv1_2_enc_data) + +/*- + * GMTLS methods + */ +#ifndef OPENSSL_NO_GMTLS_METHOD +IMPLEMENT_gmtls_meth_func(0, SSL_OP_NO_GMTLS, + gmtls_method, + ossl_statem_accept, + ossl_statem_connect, GMTLS_enc_data) + +IMPLEMENT_gmtls_meth_func(0, SSL_OP_NO_GMTLS, + gmtls_server_method, + ossl_statem_accept, + ssl_undefined_function, GMTLS_enc_data) + +IMPLEMENT_gmtls_meth_func(0, SSL_OP_NO_GMTLS, + gmtls_client_method, + ssl_undefined_function, + ossl_statem_connect, GMTLS_enc_data) +#endif + #if OPENSSL_API_COMPAT < 0x10100000L # ifndef OPENSSL_NO_TLS1_2_METHOD const SSL_METHOD *TLSv1_2_method(void) @@ -263,4 +284,21 @@ const SSL_METHOD *DTLSv1_client_method(void) } # endif +# ifndef OPENSSL_NO_GMTLS_METHOD +const SSL_METHOD *GMTLS_method(void) +{ + return gmtls_method(); +} + +const SSL_METHOD *GMTLS_server_method(void) +{ + return gmtls_server_method(); +} + +const SSL_METHOD *GMTLS_client_method(void) +{ + return gmtls_client_method(); +} +# endif + #endif diff --git a/ssl/methods_gmtls.c b/ssl/methods_gmtls.c deleted file mode 100644 index c8461432..00000000 --- a/ssl/methods_gmtls.c +++ /dev/null @@ -1,266 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include -#include "ssl_locl.h" - -/*- - * TLS/SSLv3 methods - */ - -IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, - TLS_method, - ossl_statem_accept, - ossl_statem_connect, TLSv1_2_enc_data) -#ifndef OPENSSL_NO_TLS1_2_METHOD -IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - tlsv1_2_method, - ossl_statem_accept, - ossl_statem_connect, TLSv1_2_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_1_METHOD -IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - tlsv1_1_method, - ossl_statem_accept, - ossl_statem_connect, TLSv1_1_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_METHOD -IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - tlsv1_method, - ossl_statem_accept, ossl_statem_connect, TLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(sslv3_method, ossl_statem_accept, ossl_statem_connect) -#endif -/*- - * TLS/SSLv3 server methods - */ -IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, - TLS_server_method, - ossl_statem_accept, - ssl_undefined_function, TLSv1_2_enc_data) -#ifndef OPENSSL_NO_TLS1_2_METHOD -IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - tlsv1_2_server_method, - ossl_statem_accept, - ssl_undefined_function, TLSv1_2_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_1_METHOD -IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - tlsv1_1_server_method, - ossl_statem_accept, - ssl_undefined_function, TLSv1_1_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_METHOD -IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - tlsv1_server_method, - ossl_statem_accept, - ssl_undefined_function, TLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(sslv3_server_method, - ossl_statem_accept, ssl_undefined_function) -#endif -/*- - * TLS/SSLv3 client methods - */ -IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0, - TLS_client_method, - ssl_undefined_function, - ossl_statem_connect, TLSv1_2_enc_data) -#ifndef OPENSSL_NO_TLS1_2_METHOD -IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, - tlsv1_2_client_method, - ssl_undefined_function, - ossl_statem_connect, TLSv1_2_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_1_METHOD -IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1, - tlsv1_1_client_method, - ssl_undefined_function, - ossl_statem_connect, TLSv1_1_enc_data) -#endif -#ifndef OPENSSL_NO_TLS1_METHOD -IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1, - tlsv1_client_method, - ssl_undefined_function, - ossl_statem_connect, TLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_SSL3_METHOD -IMPLEMENT_ssl3_meth_func(sslv3_client_method, - ssl_undefined_function, ossl_statem_connect) -#endif -/*- - * DTLS methods - */ -#ifndef OPENSSL_NO_DTLS1_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - dtlsv1_method, - ossl_statem_accept, - ossl_statem_connect, DTLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_DTLS1_2_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - dtlsv1_2_method, - ossl_statem_accept, - ossl_statem_connect, DTLSv1_2_enc_data) -#endif -IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, - DTLS_method, - ossl_statem_accept, - ossl_statem_connect, DTLSv1_2_enc_data) - -/*- - * DTLS server methods - */ -#ifndef OPENSSL_NO_DTLS1_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - dtlsv1_server_method, - ossl_statem_accept, - ssl_undefined_function, DTLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_DTLS1_2_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - dtlsv1_2_server_method, - ossl_statem_accept, - ssl_undefined_function, DTLSv1_2_enc_data) -#endif -IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, - DTLS_server_method, - ossl_statem_accept, - ssl_undefined_function, DTLSv1_2_enc_data) - -/*- - * DTLS client methods - */ -#ifndef OPENSSL_NO_DTLS1_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - dtlsv1_client_method, - ssl_undefined_function, - ossl_statem_connect, DTLSv1_enc_data) -IMPLEMENT_dtls1_meth_func(DTLS1_BAD_VER, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1, - dtls_bad_ver_client_method, - ssl_undefined_function, - ossl_statem_connect, DTLSv1_enc_data) -#endif -#ifndef OPENSSL_NO_DTLS1_2_METHOD -IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2, - dtlsv1_2_client_method, - ssl_undefined_function, - ossl_statem_connect, DTLSv1_2_enc_data) -#endif -IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0, - DTLS_client_method, - ssl_undefined_function, - ossl_statem_connect, DTLSv1_2_enc_data) -#if OPENSSL_API_COMPAT < 0x10100000L -# ifndef OPENSSL_NO_TLS1_2_METHOD -const SSL_METHOD *TLSv1_2_method(void) -{ - return tlsv1_2_method(); -} - -const SSL_METHOD *TLSv1_2_server_method(void) -{ - return tlsv1_2_server_method(); -} - -const SSL_METHOD *TLSv1_2_client_method(void) -{ - return tlsv1_2_client_method(); -} -# endif - -# ifndef OPENSSL_NO_TLS1_1_METHOD -const SSL_METHOD *TLSv1_1_method(void) -{ - return tlsv1_1_method(); -} - -const SSL_METHOD *TLSv1_1_server_method(void) -{ - return tlsv1_1_server_method(); -} - -const SSL_METHOD *TLSv1_1_client_method(void) -{ - return tlsv1_1_client_method(); -} -# endif - -# ifndef OPENSSL_NO_TLS1_METHOD -const SSL_METHOD *TLSv1_method(void) -{ - return tlsv1_method(); -} - -const SSL_METHOD *TLSv1_server_method(void) -{ - return tlsv1_server_method(); -} - -const SSL_METHOD *TLSv1_client_method(void) -{ - return tlsv1_client_method(); -} -# endif - -# ifndef OPENSSL_NO_SSL3_METHOD -const SSL_METHOD *SSLv3_method(void) -{ - return sslv3_method(); -} - -const SSL_METHOD *SSLv3_server_method(void) -{ - return sslv3_server_method(); -} - -const SSL_METHOD *SSLv3_client_method(void) -{ - return sslv3_client_method(); -} -# endif - -# ifndef OPENSSL_NO_DTLS1_2_METHOD -const SSL_METHOD *DTLSv1_2_method(void) -{ - return dtlsv1_2_method(); -} - -const SSL_METHOD *DTLSv1_2_server_method(void) -{ - return dtlsv1_2_server_method(); -} - -const SSL_METHOD *DTLSv1_2_client_method(void) -{ - return dtlsv1_2_client_method(); -} -# endif - -# ifndef OPENSSL_NO_DTLS1_METHOD -const SSL_METHOD *DTLSv1_method(void) -{ - return dtlsv1_method(); -} - -const SSL_METHOD *DTLSv1_server_method(void) -{ - return dtlsv1_server_method(); -} - -const SSL_METHOD *DTLSv1_client_method(void) -{ - return dtlsv1_client_method(); -} -# endif - -#endif diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 00379ea6..e2ecfcea 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1314,7 +1314,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, if (s->server && SSL_is_init_finished(s) && !s->s3->send_connection_binding && - (s->version > SSL3_VERSION) && + (s->version > SSL3_VERSION) && (s->rlayer.handshake_fragment_len >= 4) && (s->rlayer.handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && (s->session != NULL) && (s->session->cipher != NULL) && diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index e5cbd614..200c57c7 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -228,6 +228,11 @@ int ssl3_get_record(SSL *s) goto f_err; } +#ifndef OPENSSL_NO_GMTLS_METHOD + if (version == GMTLS_VERSION) { + /* do nothing */ + } else +#endif if ((version >> 8) != SSL3_VERSION_MAJOR) { if (RECORD_LAYER_is_first_record(&s->rlayer)) { /* Go back to start of packet, look at the five bytes diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 9a228f7d..1a91eaa8 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -10,8 +10,12 @@ #include "internal/constant_time_locl.h" #include "ssl_locl.h" -#include -#include +#ifndef OPENSSL_NO_MD5 +# include +#endif +#ifndef OPENSSL_NO_SHA +# include +#endif /* * MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's @@ -41,6 +45,7 @@ * standard "final" operation without adding the padding and length that such * a function typically does. */ +#ifndef OPENSSL_NO_MD5 static void tls1_md5_final_raw(void *ctx, unsigned char *md_out) { MD5_CTX *md5 = ctx; @@ -49,7 +54,9 @@ static void tls1_md5_final_raw(void *ctx, unsigned char *md_out) u32toLE(md5->C, md_out); u32toLE(md5->D, md_out); } +#endif +#ifndef OPENSSL_NO_SHA static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out) { SHA_CTX *sha1 = ctx; @@ -60,6 +67,7 @@ static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out) l2n(sha1->h4, md_out); } +# ifndef OPENSSL_NO_SHA256 static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out) { SHA256_CTX *sha256 = ctx; @@ -69,7 +77,9 @@ static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out) l2n(sha256->h[i], md_out); } } +# endif +# ifndef OPENSSL_NO_SHA512 static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out) { SHA512_CTX *sha512 = ctx; @@ -80,8 +90,10 @@ static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out) } } -#undef LARGEST_DIGEST_CTX -#define LARGEST_DIGEST_CTX SHA512_CTX +# undef LARGEST_DIGEST_CTX +# define LARGEST_DIGEST_CTX SHA512_CTX +# endif +#endif /* * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function @@ -138,7 +150,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, { union { double align; - unsigned char c[sizeof(LARGEST_DIGEST_CTX)]; + unsigned char c[256 /*sizeof(LARGEST_DIGEST_CTX)*/]; } md_state; void (*md_final_raw) (void *ctx, unsigned char *md_out); void (*md_transform) (void *ctx, const unsigned char *block); @@ -169,6 +181,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, OPENSSL_assert(data_plus_mac_plus_padding_size < 1024 * 1024); switch (EVP_MD_CTX_type(ctx)) { +#ifndef OPENSSL_NO_MD5 case NID_md5: if (MD5_Init((MD5_CTX *)md_state.c) <= 0) return 0; @@ -179,6 +192,8 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, sslv3_pad_length = 48; length_is_big_endian = 0; break; +#endif +#ifndef OPENSSL_NO_SHA case NID_sha1: if (SHA1_Init((SHA_CTX *)md_state.c) <= 0) return 0; @@ -187,6 +202,7 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, (void (*)(void *ctx, const unsigned char *block))SHA1_Transform; md_size = 20; break; +# ifndef OPENSSL_NO_SHA256 case NID_sha224: if (SHA224_Init((SHA256_CTX *)md_state.c) <= 0) return 0; @@ -203,6 +219,8 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, (void (*)(void *ctx, const unsigned char *block))SHA256_Transform; md_size = 32; break; +# endif +# ifndef OPENSSL_NO_SHA512 case NID_sha384: if (SHA384_Init((SHA512_CTX *)md_state.c) <= 0) return 0; @@ -223,6 +241,8 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, md_block_size = 128; md_length_size = 16; break; +# endif +#endif default: /* * ssl3_cbc_record_digest_supported should have been called first to diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 093e527d..8cafe3fd 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -37,7 +37,9 @@ #include #include "ssl_locl.h" #include -#include + +#ifndef OPENSSL_NO_SSL3_METHOD +# include static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) { @@ -48,9 +50,9 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) unsigned int i, j, k; int ret = 0; -#ifdef CHARSET_EBCDIC +# ifdef CHARSET_EBCDIC c = os_toascii[c]; /* 'A' in ASCII */ -#endif +# endif k = 0; m5 = EVP_MD_CTX_new(); s1 = EVP_MD_CTX_new(); @@ -100,6 +102,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) EVP_MD_CTX_free(s1); return ret; } +#endif int ssl3_change_cipher_state(SSL *s, int which) { @@ -256,6 +259,7 @@ int ssl3_change_cipher_state(SSL *s, int which) return (0); } +#ifndef OPENSSL_NO_SSL3_METHOD int ssl3_setup_key_block(SSL *s) { unsigned char *p; @@ -275,11 +279,11 @@ int ssl3_setup_key_block(SSL *s) s->s3->tmp.new_sym_enc = c; s->s3->tmp.new_hash = hash; -#ifdef OPENSSL_NO_COMP +# ifdef OPENSSL_NO_COMP s->s3->tmp.new_compression = NULL; -#else +# else s->s3->tmp.new_compression = comp; -#endif +# endif num = EVP_MD_size(hash); if (num < 0) @@ -309,10 +313,10 @@ int ssl3_setup_key_block(SSL *s) if (s->session->cipher->algorithm_enc == SSL_eNULL) s->s3->need_empty_fragments = 0; -#ifndef OPENSSL_NO_RC4 +# ifndef OPENSSL_NO_RC4 if (s->session->cipher->algorithm_enc == SSL_RC4) s->s3->need_empty_fragments = 0; -#endif +# endif } } @@ -322,6 +326,7 @@ int ssl3_setup_key_block(SSL *s) SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); return (0); } +#endif void ssl3_cleanup_key_block(SSL *s) { @@ -444,27 +449,28 @@ int ssl3_final_finish_mac(SSL *s, const char *sender, int len, unsigned char *p) return ret; } +#ifndef OPENSSL_NO_SSL3_METHOD int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, int len) { static const unsigned char *salt[3] = { -#ifndef CHARSET_EBCDIC +# ifndef CHARSET_EBCDIC (const unsigned char *)"A", (const unsigned char *)"BB", (const unsigned char *)"CCC", -#else +# else (const unsigned char *)"\x41", (const unsigned char *)"\x42\x42", (const unsigned char *)"\x43\x43\x43", -#endif +# endif }; unsigned char buf[EVP_MAX_MD_SIZE]; EVP_MD_CTX *ctx = EVP_MD_CTX_new(); int i, ret = 0; unsigned int n; -#ifdef OPENSSL_SSL_TRACE_CRYPTO +# ifdef OPENSSL_SSL_TRACE_CRYPTO unsigned char *tmpout = out; -#endif +# endif if (ctx == NULL) { SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_MALLOC_FAILURE); @@ -493,7 +499,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, } EVP_MD_CTX_free(ctx); -#ifdef OPENSSL_SSL_TRACE_CRYPTO +# ifdef OPENSSL_SSL_TRACE_CRYPTO if (ret > 0 && s->msg_callback) { s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER, p, len, s, s->msg_callback_arg); @@ -507,10 +513,11 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, tmpout, SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg); } -#endif +# endif OPENSSL_cleanse(buf, sizeof(buf)); return (ret); } +#endif int ssl3_alert_code(int code) { diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index e94ee837..7fe94850 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -50,8 +50,12 @@ #include #include #include "ssl_locl.h" -#include -#include +#ifndef OPENSSL_NO_MD5 +# include +#endif +#ifndef OPENSSL_NO_DH +# include +#endif #include #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) @@ -97,6 +101,284 @@ static SSL_CIPHER ssl3_ciphers[] = { 0, 0, }, +#ifndef OPENSSL_NO_GMTLS + /* GM/T 0024 ciphersuites + * SM2(ENC) and SM9(ENC) only allowed in GMTLS 1.1 + */ + { + 1, + GMTLS_TXT_SM2DHE_WITH_SM1_SM3, + GMTLS_CK_SM2DHE_WITH_SM1_SM3, + SSL_kSM2DHE, + SSL_aSM2, + SSL_SM1, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM2_WITH_SM1_SM3, + GMTLS_CK_SM2_WITH_SM1_SM3, + SSL_kSM2, + SSL_aSM2, + SSL_SM1, + SSL_SM3, + GMTLS_VERSION, GMTLS_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM9DHE_WITH_SM1_SM3, + GMTLS_CK_SM9DHE_WITH_SM1_SM3, + SSL_kSM9DHE, + SSL_aSM9, + SSL_SM1, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM9_WITH_SM1_SM3, + GMTLS_CK_SM9_WITH_SM1_SM3, + SSL_kSM9, + SSL_aSM9, + SSL_SM1, + SSL_SM3, + GMTLS_VERSION, GMTLS_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_RSA_WITH_SM1_SM3, + GMTLS_CK_RSA_WITH_SM1_SM3, + SSL_kRSA, + SSL_aRSA, + SSL_SM1, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_RSA_WITH_SM1_SHA1, + GMTLS_CK_RSA_WITH_SM1_SHA1, + SSL_kRSA, + SSL_aRSA, + SSL_SM1, + SSL_SHA1, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM2DHE_WITH_SMS4_SM3, + GMTLS_CK_SM2DHE_WITH_SMS4_SM3, + SSL_kSM2DHE, + SSL_aSM2, + SSL_SMS4, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM2_WITH_SMS4_SM3, + GMTLS_CK_SM2_WITH_SMS4_SM3, + SSL_kSM2, + SSL_aSM2, + SSL_SMS4, + SSL_SM3, + GMTLS_VERSION, GMTLS_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM9DHE_WITH_SMS4_SM3, + GMTLS_CK_SM9DHE_WITH_SMS4_SM3, + SSL_kSM9DHE, + SSL_aSM9, + SSL_SMS4, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_SM9_WITH_SMS4_SM3, + GMTLS_CK_SM9_WITH_SMS4_SM3, + SSL_kSM9, + SSL_aSM9, + SSL_SMS4, + SSL_SM3, + GMTLS_VERSION, GMTLS_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_RSA_WITH_SMS4_SM3, + GMTLS_CK_RSA_WITH_SMS4_SM3, + SSL_kRSA, + SSL_aRSA, + SSL_SMS4, + SSL_SM3, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_RSA_WITH_SMS4_SHA1, + GMTLS_CK_RSA_WITH_SMS4_SHA1, + SSL_kRSA, + SSL_aRSA, + SSL_SMS4, + SSL_SHA1, + GMTLS_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + + /* ECDHE-SM2-[SM1|SMS4|SSF33]-[SM3|SHA256] */ + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SM1_SM3, + GMTLS_CK_ECDHE_SM2_WITH_SM1_SM3, + SSL_kECDHE, + SSL_aSM2, + SSL_SM1, + SSL_SM3, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SMS4_SM3, + GMTLS_CK_ECDHE_SM2_WITH_SMS4_SM3, + SSL_kECDHE, + SSL_aSM2, + SSL_SMS4, + SSL_SM3, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SSF33_SM3, + GMTLS_CK_ECDHE_SM2_WITH_SSF33_SM3, + SSL_kECDHE, + SSL_aSM2, + SSL_SSF33, + SSL_SM3, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SM1_SHA256, + GMTLS_CK_ECDHE_SM2_WITH_SM1_SHA256, + SSL_kECDHE, + SSL_aSM2, + SSL_SM1, + SSL_SHA256, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SMS4_SHA256, + GMTLS_CK_ECDHE_SM2_WITH_SMS4_SHA256, + SSL_kECDHE, + SSL_aSM2, + SSL_SMS4, + SSL_SHA256, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + { + 1, + GMTLS_TXT_ECDHE_SM2_WITH_SSF33_SHA256, + GMTLS_CK_ECDHE_SM2_WITH_SSF33_SHA256, + SSL_kECDHE, + SSL_aSM2, + SSL_SSF33, + SSL_SHA256, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_BAD_VER, DTLS1_2_VERSION, + SSL_HIGH, + SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, + 128, + 128, + }, + +#endif /* OPENSSL_NO_GMTLS */ #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS { 1, @@ -2734,6 +3016,7 @@ void ssl_sort_cipher_list(void) cipher_compare); } +#ifndef OPENSSL_NO_SSL3_METHOD const SSL3_ENC_METHOD SSLv3_enc_data = { ssl3_enc, n_ssl3_mac, @@ -2741,7 +3024,7 @@ const SSL3_ENC_METHOD SSLv3_enc_data = { ssl3_generate_master_secret, ssl3_change_cipher_state, ssl3_final_finish_mac, - MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, + 16+20,//MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, SSL3_MD_CLIENT_FINISHED_CONST, 4, SSL3_MD_SERVER_FINISHED_CONST, 4, ssl3_alert_code, @@ -2753,6 +3036,7 @@ const SSL3_ENC_METHOD SSLv3_enc_data = { ssl3_set_handshake_header, ssl3_handshake_write }; +#endif long ssl3_default_timeout(void) { @@ -4074,6 +4358,10 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey) pctx = EVP_PKEY_CTX_new(privkey, NULL); +#ifndef OPENSSL_NO_GMTLS + // if the cipher is kSM2DHE, we need to ctrl +#endif + if (EVP_PKEY_derive_init(pctx) <= 0 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) { diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c index aa6e3e6a..33ed30d0 100644 --- a/ssl/ssl_asn1.c +++ b/ssl/ssl_asn1.c @@ -64,6 +64,9 @@ typedef struct { ASN1_OCTET_STRING *srp_username; #endif long flags; +#ifndef OPENSSL_NO_GMTLS_METHOD + X509 *peer_extra; +#endif } SSL_SESSION_ASN1; ASN1_SEQUENCE(SSL_SESSION_ASN1) = { @@ -89,7 +92,10 @@ ASN1_SEQUENCE(SSL_SESSION_ASN1) = { #ifndef OPENSSL_NO_SRP ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12), #endif - ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13) + ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13), +#ifndef OPENSSL_NO_GMTLS_METHOD + ASN1_EXP_OPT(SSL_SESSION_ASN1, peer_extra, X509, 14) +#endif } static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1) IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1) @@ -201,6 +207,10 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) as.flags = in->flags; +#ifndef OPENSSL_NO_GMTLS_METHOD + as.peer_extra = in->peer_extra; +#endif + return i2d_SSL_SESSION_ASN1(&as, pp); } @@ -265,6 +275,9 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, } if ((as->ssl_version >> 8) != SSL3_VERSION_MAJOR +#ifndef OPENSSL_NO_GMTLS_METHOD + && as->ssl_version != GMTLS_VERSION +#endif && (as->ssl_version >> 8) != DTLS1_VERSION_MAJOR && as->ssl_version != DTLS1_BAD_VER) { SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION); @@ -352,6 +365,12 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, /* Flags defaults to zero which is fine */ ret->flags = as->flags; +#ifndef OPENSSL_NO_GMTLS_METHOD + X509_free(ret->peer_extra); + ret->peer_extra = as->peer_extra; + as->peer_extra = NULL; +#endif + M_ASN1_free_of(as, SSL_SESSION_ASN1); if ((a != NULL) && (*a == NULL)) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 0c931db9..b6b11645 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -742,7 +742,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, /* Add a certificate to a BUF_MEM structure */ -static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) +int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) { int n; unsigned char *p; @@ -765,6 +765,45 @@ static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) return 1; } +/* 输出双证书及CA证书链 */ +/* +static int ssl_add_sm2_certs(SSL *s, unsigned long *l) +{ + BUF_MEM *buf = s->init_buf; + CERT_PKEY *sign_cpk = &s->cert->pkeys[SSL_PKEY_SM2_SIGN]; + CERT_PKEY *enc_cpk = &s->cert->pkeys[SSL_PKEY_SM2_ENC]; + STACK_OF(X509) *extra_certs; + int i; + + if (!BUF_MEM_grow_clean(buf, 10)) { + fprintf(stderr, "----- %s() %s %d\n", __func__, __FILE__, __LINE__); + return 0; + } + if (sign_cpk->chain) + extra_certs = sign_cpk->chain; + else + extra_certs = s->ctx->extra_certs; + + if (!ssl_add_cert_to_buf(buf, l, sign_cpk->x509)) { + fprintf(stderr, "----- %s() %s %d\n", __func__, __FILE__, __LINE__); + return 0; + } + if (!ssl_add_cert_to_buf(buf, l, enc_cpk->x509)) { + fprintf(stderr, "----- %s() %s %d\n", __func__, __FILE__, __LINE__); + return 0; + } + + for (i = 0; i < sk_X509_num(extra_certs); i++) { + if (!ssl_add_cert_to_buf(buf, 1, sk_X509_value(extra_certs, i))) { + fprintf(stderr, "----- %s() %s %d\n", __func__, __FILE__, __LINE__); + return 0; + } + } + + return 1; +} +*/ + /* Add certificate chain to internal SSL BUF_MEM structure */ int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l) { @@ -836,9 +875,23 @@ int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l) return 0; } chain_count = sk_X509_num(chain); - for (i = 0; i < chain_count; i++) { + /* output the first certificate, for GMTLS it is sign cert */ + if (chain_count) { + x = sk_X509_value(chain, 0); + if (!ssl_add_cert_to_buf(buf, l, x)) { + return 0; + } + } + if (s->version == GMTLS_VERSION) { + /* 我们还应该检查cpk的类型 */ + x = s->cert->pkeys[SSL_PKEY_SM2_ENC].x509; + if (!ssl_add_cert_to_buf(buf, l, x)) { + return 0; + } + } + /* add the following chain */ + for (i = 1; i < chain_count; i++) { x = sk_X509_value(chain, i); - if (!ssl_add_cert_to_buf(buf, l, x)) { X509_STORE_CTX_free(xs_ctx); return 0; @@ -1041,12 +1094,20 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, if (level >= 2 && c->algorithm_enc == SSL_RC4) return 0; /* Level 3: forward secure ciphersuites only */ - if (level >= 3 && !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH))) + if (level >= 3 && !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH +#ifndef OPENSSL_NO_GMTLS + | SSL_kSM2DHE | SSL_kSM9DHE +#endif + ))) return 0; break; } case SSL_SECOP_VERSION: if (!SSL_IS_DTLS(s)) { +#ifndef OPENSSL_NO_GMTLS_METHOD + if (nid == GMTLS_VERSION && level >= 3) + return 0; +#endif /* SSLv3 not allowed at level 2 */ if (nid <= SSL3_VERSION && level >= 2) return 0; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index e58c9b5d..59e7a82b 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -77,7 +77,6 @@ #define SSL_ENC_SSF33_IDX 26 #define SSL_ENC_NUM_IDX 27 - /* NB: make sure indices in these tables match values above */ typedef struct { @@ -117,8 +116,9 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { }; static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; #define SSL_COMP_NULL_IDX 0 @@ -172,18 +172,23 @@ static const ssl_cipher_table ssl_cipher_table_kx[] = { {SSL_kSRP, NID_kx_srp}, {SSL_kGOST, NID_kx_gost}, {SSL_kSM2, NID_kx_sm2}, + {SSL_kSM2DHE, NID_kx_sm2dhe}, + {SSL_kSM2PSK, NID_kx_sm2_psk}, + {SSL_kSM9, NID_kx_sm9}, + {SSL_kSM9DHE, NID_kx_sm9dhe}, }; static const ssl_cipher_table ssl_cipher_table_auth[] = { - {SSL_aRSA, NID_auth_rsa}, - {SSL_aECDSA, NID_auth_ecdsa}, - {SSL_aPSK, NID_auth_psk}, - {SSL_aDSS, NID_auth_dss}, - {SSL_aGOST01, NID_auth_gost01}, - {SSL_aGOST12, NID_auth_gost12}, - {SSL_aSRP, NID_auth_srp}, - {SSL_aNULL, NID_auth_null}, - {SSL_aSM2, NID_auth_sm2}, + {SSL_aRSA, NID_auth_rsa}, + {SSL_aECDSA, NID_auth_ecdsa}, + {SSL_aPSK, NID_auth_psk}, + {SSL_aDSS, NID_auth_dss}, + {SSL_aGOST01, NID_auth_gost01}, + {SSL_aGOST12, NID_auth_gost12}, + {SSL_aSRP, NID_auth_srp}, + {SSL_aNULL, NID_auth_null}, + {SSL_aSM2, NID_auth_sm2}, + {SSL_aSM9, NID_auth_sm9}, }; /* *INDENT-ON* */ @@ -214,8 +219,10 @@ static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = { EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, /* GOST2012_512 */ EVP_PKEY_HMAC, - /* SM3 */ - EVP_PKEY_HMAC, +#ifndef OPENSSL_NO_GMTLS_METHOD + /* MD5_SHA1, SHA224, SHA512, SM3 */ + NID_undef, NID_undef, NID_undef, EVP_PKEY_HMAC +#endif }; static int ssl_mac_secret_size[SSL_MD_NUM_IDX]; @@ -271,6 +278,11 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_kDHEPSK, 0, SSL_kDHEPSK}, {0, SSL_TXT_kSRP, 0, SSL_kSRP}, {0, SSL_TXT_kGOST, 0, SSL_kGOST}, + {0, SSL_TXT_kSM2, 0, SSL_kSM2}, + {0, SSL_TXT_kSM2DHE, 0, SSL_kSM2DHE}, + {0, SSL_TXT_kSM2PSK, 0, SSL_kSM2PSK}, + {0, SSL_TXT_kSM9, 0, SSL_kSM9}, + {0, SSL_TXT_kSM9DHE, 0, SSL_kSM9DHE}, /* server authentication aliases */ {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA}, @@ -284,6 +296,8 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_aGOST12, 0, 0, SSL_aGOST12}, {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST01 | SSL_aGOST12}, {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP}, + {0, SSL_TXT_aSM2, 0, 0, SSL_aSM2}, + {0, SSL_TXT_aSM9, 0, 0, SSL_aSM9}, /* aliases combining key exchange and server authentication */ {0, SSL_TXT_EDH, 0, SSL_kDHE, ~SSL_aNULL}, @@ -296,6 +310,8 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_AECDH, 0, SSL_kECDHE, SSL_aNULL}, {0, SSL_TXT_PSK, 0, SSL_PSK}, {0, SSL_TXT_SRP, 0, SSL_kSRP}, + {0, SSL_TXT_SM2, 0, 0, SSL_aSM2},//ciphers SM2 is not correct! + {0, SSL_TXT_SM9, 0, SSL_kSM9|SSL_kSM9DHE, SSL_aSM9}, /* symmetric encryption aliases */ {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES}, @@ -318,6 +334,7 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256}, {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA}, {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20}, + {0, SSL_TXT_SMS4, 0, 0, 0, SSL_SMS4 | SSL_SMS4GCM | SSL_SMS4CCM | SSL_SMS4CCM8}, /* MAC aliases */ {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5}, @@ -328,12 +345,16 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256}, {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384}, {0, SSL_TXT_GOST12, 0, 0, 0, 0, SSL_GOST12_256}, + {0, SSL_TXT_SM3, 0, 0, 0, 0, SSL_SM3}, /* protocol version aliases */ {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL3_VERSION}, {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, TLS1_VERSION}, {0, "TLSv1.0", 0, 0, 0, 0, 0, TLS1_VERSION}, {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, TLS1_2_VERSION}, + {0, SSL_TXT_GMTLSV1, 0, 0, 0, 0, 0, GMTLS1_VERSION}, + {0, "GMTLSv1.0", 0, 0, 0, 0, 0, GMTLS1_VERSION}, + {0, SSL_TXT_GMTLSV1_1, 0, 0, 0, 0, 0, GMTLS1_1_VERSION}, /* strength classes */ {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW}, @@ -445,8 +466,8 @@ void ssl_load_ciphers(void) #ifdef OPENSSL_NO_EC disabled_mkey_mask |= SSL_kECDHEPSK; disabled_auth_mask |= SSL_aECDSA; -# ifdef OPENSSL_NO_GMTLS - /* do something */ +# ifdef OPENSSL_NO_GMTLS_METHOD + /* do something */ # endif #endif #ifdef OPENSSL_NO_PSK @@ -584,8 +605,9 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, mac_pkey_type = NULL; } else { *md = ssl_digest_methods[i]; - if (mac_pkey_type != NULL) + if (mac_pkey_type != NULL) { *mac_pkey_type = ssl_mac_pkey_id[i]; + } if (mac_secret_size != NULL) *mac_secret_size = ssl_mac_secret_size[i]; } @@ -645,6 +667,11 @@ const EVP_MD *ssl_handshake_md(SSL *s) const EVP_MD *ssl_prf_md(SSL *s) { +#ifndef OPENSSL_NO_GMTLS_METHOD + /* In GM/T 0024, PRF always use SM3 */ + if (s->version == GMTLS_VERSION) + return EVP_sm3(); +#endif return ssl_md(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT); } @@ -1553,7 +1580,11 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) const char *ver; const char *kx, *au, *enc, *mac; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac; - static const char *format = "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n"; +#ifndef OPENSSL_NO_GMTLS + static const char *format = "%-30s %-10s Kx=%-8s Au=%-6s Enc=%-23s Mac=%-4s\n"; +#else + static const char *format = "%-23s %s Kx=%-4s Au=%-4s Enc=%-8s Mac=%-4s\n"; +#endif if (buf == NULL) { len = 128; @@ -1598,9 +1629,23 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_kGOST: kx = "GOST"; break; +#ifndef OPENSSL_NO_GMTLS_METHOD case SSL_kSM2: kx = "SM2"; break; + case SSL_kSM2DHE: + kx = "SM2DHE"; + break; + case SSL_kSM2PSK: + kx = "SM2PSK"; + break; + case SSL_kSM9: + kx = "SM9"; + break; + case SSL_kSM9DHE: + kx = "SM9DHE"; + break; +#endif default: kx = "unknown"; } @@ -1631,9 +1676,14 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case (SSL_aGOST12 | SSL_aGOST01): au = "GOST12"; break; +#ifndef OPENSSL_NO_GMTLS_METHOD case SSL_aSM2: au = "SM2"; break; + case SSL_aSM9: + au = "SM9"; + break; +#endif default: au = "unknown"; break; @@ -1698,6 +1748,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_CHACHA20POLY1305: enc = "CHACHA20/POLY1305(256)"; break; +#ifndef OPENSSL_NO_GMTLS_METHOD case SSL_SMS4: enc = "SMS4(128)"; break; @@ -1719,6 +1770,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_SSF33: enc = "SSF33(128)"; break; +#endif default: enc = "unknown"; break; @@ -1751,9 +1803,11 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_GOST12_512: mac = "GOST2012"; break; +#ifndef OPENSSL_NO_GMTLS_METHOD case SSL_SM3: mac = "SM3"; break; +#endif default: mac = "unknown"; break; @@ -1958,9 +2012,12 @@ int ssl_cipher_get_cert_index(const SSL_CIPHER *c) return SSL_PKEY_GOST_EC; else if (alg_a & SSL_aGOST01) return SSL_PKEY_GOST01; +#ifndef OPENSSL_NO_GMTLS_METHOD else if (alg_a & SSL_aSM2) - return SSL_PKEY_ECC; - + return SSL_PKEY_SM2_SIGN; + else if (alg_a & SSL_aSM9) + return -1; +#endif return -1; } diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 39579460..b6916807 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -11,7 +11,6 @@ #include "ssl_locl.h" #include #include -#include /* * structure holding name tables. This is used for permitted elements in lists @@ -259,6 +258,7 @@ static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2), SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1), SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2) + }; cctx->tbl = ssl_protocol_list; cctx->ntbl = OSSL_NELEM(ssl_protocol_list); @@ -282,6 +282,9 @@ static int protocol_from_string(const char *value) {"TLSv1", TLS1_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, {"TLSv1.2", TLS1_2_VERSION}, +#ifndef OPENSSL_NO_GMTLS_VERSION + {"GMTLS", GMTLS_VERSION}, +#endif {"DTLSv1", DTLS1_VERSION}, {"DTLSv1.2", DTLS1_2_VERSION} }; @@ -526,6 +529,9 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { SSL_CONF_CMD_SWITCH("no_tls1", 0), SSL_CONF_CMD_SWITCH("no_tls1_1", 0), SSL_CONF_CMD_SWITCH("no_tls1_2", 0), +#ifndef OPENSSL_NO_GMTLS + SSL_CONF_CMD_SWITCH("no_gmtls", 0), +#endif SSL_CONF_CMD_SWITCH("bugs", 0), SSL_CONF_CMD_SWITCH("no_comp", 0), SSL_CONF_CMD_SWITCH("comp", 0), @@ -583,6 +589,9 @@ static const ssl_switch_tbl ssl_cmd_switches[] = { {SSL_OP_NO_TLSv1, 0}, /* no_tls1 */ {SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */ {SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */ +#ifndef OPENSSL_NO_GMTLS_METHOD + {SSL_OP_NO_GMTLS, 0}, /* no_gmtls */ +#endif {SSL_OP_ALL, 0}, /* bugs */ {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */ diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 73e0ae15..0ced00c5 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -48,6 +48,57 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE), "dtls_get_reassembled_message"}, {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"}, + {ERR_FUNC(SSL_F_GMTLS_ADD_CERT_CHAIN), "gmtls_add_cert_chain"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CKE_RSA), "gmtls_construct_cke_rsa"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CKE_SM2), "gmtls_construct_cke_sm2"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CKE_SM2DHE), + "gmtls_construct_cke_sm2dhe"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CKE_SM9), "gmtls_construct_cke_sm9"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CKE_SM9DHE), + "gmtls_construct_cke_sm9dhe"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CLIENT_CERTIFICATE), + "gmtls_construct_client_certificate"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_CLIENT_KEY_EXCHANGE), + "gmtls_construct_client_key_exchange"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SERVER_CERTIFICATE), + "gmtls_construct_server_certificate"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SERVER_KEY_EXCHANGE), + "gmtls_construct_server_key_exchange"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SKE_RSA), "gmtls_construct_ske_rsa"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SKE_SM2), "gmtls_construct_ske_sm2"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SKE_SM2DHE), + "gmtls_construct_ske_sm2dhe"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SKE_SM9), "gmtls_construct_ske_sm9"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SM2DHE_PARAMS), + "gmtls_construct_sm2dhe_params"}, + {ERR_FUNC(SSL_F_GMTLS_CONSTRUCT_SM9_PARAMS), + "gmtls_construct_sm9_params"}, + {ERR_FUNC(SSL_F_GMTLS_NEW_CERT_PACKET), "gmtls_new_cert_packet"}, + {ERR_FUNC(SSL_F_GMTLS_OUTPUT_CERT_CHAIN), "gmtls_output_cert_chain"}, + {ERR_FUNC(SSL_F_GMTLS_OUTPUT_IBCS_PARAM), "gmtls_output_ibcs_param"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CKE_RSA), "gmtls_process_cke_rsa"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CKE_SM2), "gmtls_process_cke_sm2"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CKE_SM2DHE), "gmtls_process_cke_sm2dhe"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CKE_SM9), "gmtls_process_cke_sm9"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CKE_SM9DHE), "gmtls_process_cke_sm9dhe"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CLIENT_CERTIFICATE), + "gmtls_process_client_certificate"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_CLIENT_KEY_EXCHANGE), + "gmtls_process_client_key_exchange"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_KEY_EXCHANGE), + "gmtls_process_key_exchange"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SERVER_CERTIFICATE), + "gmtls_process_server_certificate"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SERVER_CERTS), + "gmtls_process_server_certs"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SERVER_KEY_EXCHANGE), + "gmtls_process_server_key_exchange"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SKE_RSA), "gmtls_process_ske_rsa"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SKE_SM2), "gmtls_process_ske_sm2"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SKE_SM2DHE), "gmtls_process_ske_sm2dhe"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SKE_SM9), "gmtls_process_ske_sm9"}, + {ERR_FUNC(SSL_F_GMTLS_PROCESS_SM9_PARAMS), "gmtls_process_sm9_params"}, + {ERR_FUNC(SSL_F_GMTLS_SM2_DERIVE), "gmtls_sm2_derive"}, {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"}, {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION), "ossl_statem_client_read_transition"}, @@ -244,6 +295,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE), "tls_construct_cke_psk_preamble"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_RSA), "tls_construct_cke_rsa"}, + {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_SM2), "tls_construct_cke_sm2"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_SRP), "tls_construct_cke_srp"}, {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE), "tls_construct_client_certificate"}, @@ -300,6 +352,8 @@ static ERR_STRING_DATA SSL_str_functs[] = { "tls_process_server_certificate"}, {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_DONE), "tls_process_server_done"}, {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_HELLO), "tls_process_server_hello"}, + {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE), + "tls_process_server_key_exchange"}, {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_DHE), "tls_process_ske_dhe"}, {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_ECDHE), "tls_process_ske_ecdhe"}, {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE), @@ -326,6 +380,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_BAD_DH_VALUE), "bad dh value"}, {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"}, {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"}, + {ERR_REASON(SSL_R_BAD_ECPKPARAMETERS), "bad ecpkparameters"}, {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"}, {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"}, {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"}, @@ -335,6 +390,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { "bad protocol version number"}, {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"}, {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"}, + {ERR_REASON(SSL_R_BAD_SM2_ENCRYPT), "bad sm2 encrypt"}, {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"}, {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"}, {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"}, @@ -426,6 +482,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"}, {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"}, {ERR_REASON(SSL_R_INCONSISTENT_EXTMS), "inconsistent extms"}, + {ERR_REASON(SSL_R_INVALID_CERT_CHAIN), "invalid cert chain"}, {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"}, {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"}, @@ -452,9 +509,12 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"}, {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"}, + {ERR_REASON(SSL_R_MISSING_SM2_ENC_CERTIFICATE), + "missing sm2 enc certificate"}, {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"}, {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"}, {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"}, + {ERR_REASON(SSL_R_NOT_IMPLEMENTED), "not implemented"}, {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"}, {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"}, {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"}, @@ -496,6 +556,7 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"}, {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"}, {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"}, + {ERR_REASON(SSL_R_RANDOM_GENERATOR_ERROR), "random generator error"}, {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"}, {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"}, {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"}, @@ -569,10 +630,9 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"}, - {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), - "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"}, + {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"}, {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH), "ssl session version mismatch"}, {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index b286a98d..8e47f038 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -28,6 +28,15 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " "Adding SSL ciphers and digests\n"); #endif + +#ifndef OPENSSL_NO_SMS4 + EVP_add_cipher(EVP_sms4_cbc()); + EVP_add_cipher(EVP_sms4_gcm()); + EVP_add_cipher(EVP_sms4_ccm()); +#endif +#ifndef OPENSSL_NO_ZUC + EVP_add_cipher(EVP_zuc()); +#endif #ifndef OPENSSL_NO_DES EVP_add_cipher(EVP_des_cbc()); EVP_add_cipher(EVP_des_ede3_cbc()); @@ -49,6 +58,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) */ EVP_add_cipher(EVP_rc2_40_cbc()); #endif +#ifndef OPENSSL_NO_AES EVP_add_cipher(EVP_aes_128_cbc()); EVP_add_cipher(EVP_aes_192_cbc()); EVP_add_cipher(EVP_aes_256_cbc()); @@ -56,10 +66,15 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) EVP_add_cipher(EVP_aes_256_gcm()); EVP_add_cipher(EVP_aes_128_ccm()); EVP_add_cipher(EVP_aes_256_ccm()); +# ifndef OPENSSL_NO_SHA EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); +# ifndef OPENSSL_NO_SHA256 EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); +# endif +# endif +#endif #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_cbc()); EVP_add_cipher(EVP_camellia_256_cbc()); @@ -72,18 +87,29 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base) EVP_add_cipher(EVP_seed_cbc()); #endif +#ifndef OPENSSL_NO_SM3 + EVP_add_digest(EVP_sm3()); +#endif #ifndef OPENSSL_NO_MD5 EVP_add_digest(EVP_md5()); EVP_add_digest_alias(SN_md5, "ssl3-md5"); +# ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_md5_sha1()); +# endif #endif +#ifndef OPENSSL_NO_SHA EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ EVP_add_digest_alias(SN_sha1, "ssl3-sha1"); EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA); +# ifndef OPENSSL_NO_SHA256 EVP_add_digest(EVP_sha224()); EVP_add_digest(EVP_sha256()); +# endif +# ifndef OPENSSL_NO_SHA512 EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); +# endif +#endif #ifndef OPENSSL_NO_COMP # ifdef OPENSSL_INIT_DEBUG fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: " diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 002b2e58..6a66da86 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -47,7 +47,6 @@ #include #include #include -#include #include #include #include @@ -2636,6 +2635,9 @@ void ssl_set_masks(SSL *s) #ifndef OPENSSL_NO_EC int have_ecc_cert, ecdsa_ok; X509 *x = NULL; +#endif +#ifndef OPENSSL_NO_GMTLS + int have_sm2_cert, sm2sign_ok; #endif if (c == NULL) return; @@ -2651,6 +2653,9 @@ void ssl_set_masks(SSL *s) dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_SIGN; #ifndef OPENSSL_NO_EC have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID; +#endif +#ifndef OPENSSL_NO_GMTLS + have_sm2_cert = pvalid[SSL_PKEY_SM2_SIGN] & CERT_PKEY_VALID; #endif mask_k = 0; mask_a = 0; @@ -2711,10 +2716,28 @@ void ssl_set_masks(SSL *s) mask_a |= SSL_aECDSA; } #endif +#ifndef OPENSSL_NO_GMTLS_METHOD + if (have_sm2_cert) { + uint32_t ex_kusage; + cpk = &c->pkeys[SSL_PKEY_SM2_SIGN]; + x = cpk->x509; + OPENSSL_assert(x); + ex_kusage = X509_get_key_usage(x); // + sm2sign_ok = ex_kusage & X509v3_KU_DIGITAL_SIGNATURE; + if (!(pvalid[SSL_PKEY_SM2_SIGN] & CERT_PKEY_SIGN)) + sm2sign_ok = 0; + if (sm2sign_ok) + mask_a |= SSL_aSM2; + } +#endif #ifndef OPENSSL_NO_EC mask_k |= SSL_kECDHE; #endif +#ifndef OPENSSL_NO_GMTLS + mask_k |= SSL_kSM2; + mask_k |= SSL_kSM2DHE; +#endif #ifndef OPENSSL_NO_PSK mask_k |= SSL_kPSK; @@ -2725,6 +2748,10 @@ void ssl_set_masks(SSL *s) mask_k |= SSL_kDHEPSK; if (mask_k & SSL_kECDHE) mask_k |= SSL_kECDHEPSK; +# ifndef OPENSSL_NO_GMTLS_METHOD + if (mask_k & SSL_kSM2DHE) + mask_k |= SSL_kSM2PSK; +# endif #endif s->s3->tmp.mask_k = mask_k; @@ -2743,6 +2770,18 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) return 0; } } +# ifndef OPENSSL_NO_GMTLS +# if 0 + if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSM2) { + /* key usage, if present, must allow signing */ + if (!(X509_get_key_usage(x) & X509v3_KU_DIGITAL_SIGNATURE)) { + SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, + SSL_R_ECC_CERT_NOT_FOR_SIGNING); + return 0; + } + } +# endif +# endif return 1; /* all checks are ok */ } @@ -2789,6 +2828,32 @@ CERT_PKEY *ssl_get_server_send_pkey(SSL *s) return &c->pkeys[i]; } +#ifndef OPENSSL_NO_GMTLS_METHOD +CERT_PKEY *ssl_get_server_send_pkey_ex(SSL *s) +{ + CERT *c; + int i; + + c = s->cert; + if (!s->s3 || !s->s3->tmp.new_cipher) + return NULL; + ssl_set_masks(s); + + i = ssl_get_server_cert_index(s); + + /* This may or may not be an error. */ + if (i < 0) + return NULL; + + if (i == SSL_PKEY_SM2_SIGN) { + i = SSL_PKEY_SM2_ENC; + } + + /* May be NULL. */ + return &c->pkeys[i]; +} +#endif + EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd) { @@ -2809,6 +2874,11 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, } else if ((alg_a & SSL_aECDSA) && (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) idx = SSL_PKEY_ECC; +#ifndef OPENSSL_NO_GMTLS_METHOD + else if ((alg_a & SSL_aSM2) && + (c->pkeys[SSL_PKEY_SM2_SIGN].privatekey != NULL)) + idx = SSL_PKEY_SM2_SIGN; +#endif if (idx == -1) { SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR); return (NULL); @@ -3086,6 +3156,10 @@ const char *ssl_protocol_to_string(int version) return "DTLSv1"; else if (version == DTLS1_2_VERSION) return "DTLSv1.2"; +#ifndef OPENSSL_NO_GMTLS_METHOD + else if (version == GMTLS_VERSION) + return "GMTLSv1.1"; +#endif else return ("unknown"); } diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 5876fc2f..b37828f3 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -55,8 +55,15 @@ # include # include # include -# include -# include +# ifndef OPENSSL_NO_RSA +# include +# endif +# ifndef OPENSSL_NO_DSA +# include +# endif +# ifndef OPENSSL_NO_SM9 +# include +# endif # include # include # include @@ -223,8 +230,14 @@ # define SSL_kRSAPSK 0x00000040U # define SSL_kECDHEPSK 0x00000080U # define SSL_kDHEPSK 0x00000100U -# define SSL_kSM2 0x00000200U -# define SSL_kSM2PSK 0x00000400U + +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_kSM2 0x00000200U +# define SSL_kSM2DHE 0x00000400U +# define SSL_kSM2PSK 0x00000800U +# define SSL_kSM9 0x00001000U +# define SSL_kSM9DHE 0x00002000U +# endif /* all PSK */ @@ -247,8 +260,11 @@ # define SSL_aSRP 0x00000040U /* GOST R 34.10-2012 signature auth */ # define SSL_aGOST12 0x00000080U +# ifndef OPENSSL_NO_GMTLS_METHOD /* SM2 */ -# define SSL_aSM2 0x00000100U +# define SSL_aSM2 0x00000100U +# define SSL_aSM9 0x00000200U +# endif /* Bits for algorithm_enc (symmetric encryption) */ # define SSL_DES 0x00000001U @@ -271,20 +287,24 @@ # define SSL_AES256CCM8 0x00020000U # define SSL_eGOST2814789CNT12 0x00040000U # define SSL_CHACHA20POLY1305 0x00080000U -# define SSL_SMS4 0x00100000U -# define SSL_SMS4GCM 0x00200000U -# define SSL_SMS4CCM 0x00400000U -# define SSL_SMS4CCM8 0x00800000U -# define SSL_ZUC 0x01000000U -# define SSL_SM1 0x02000000U -# define SSL_SSF33 0x04000000U +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_SMS4 0x00100000U +# define SSL_SMS4GCM 0x00200000U +# define SSL_SMS4CCM 0x00400000U +# define SSL_SMS4CCM8 0x00800000U +# define SSL_ZUC 0x01000000U +# define SSL_SM1 0x02000000U +# define SSL_SSF33 0x04000000U +# endif # define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM) # define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8) # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) # define SSL_CHACHA20 (SSL_CHACHA20POLY1305) -# define SSL_SMS4ALL (SSL_SMS4 | SSL_SMS4GCM | SSL_SMS4CCM | SSL_SMS4CCM8) +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_SMS4ALL (SSL_SMS4 | SSL_SMS4GCM | SSL_SMS4CCM | SSL_SMS4CCM8) +# endif /* Bits for algorithm_mac (symmetric authentication) */ @@ -299,7 +319,9 @@ # define SSL_GOST12_256 0x00000080U # define SSL_GOST89MAC12 0x00000100U # define SSL_GOST12_512 0x00000200U -# define SSL_SM3 0x00000400U +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_SM3 0x00000400U +# endif /* * When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make @@ -318,8 +340,12 @@ # define SSL_MD_MD5_SHA1_IDX 9 # define SSL_MD_SHA224_IDX 10 # define SSL_MD_SHA512_IDX 11 -# define SSL_MD_SM3_IDX 12 -# define SSL_MAX_DIGEST 13 +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_MD_SM3_IDX 12 +# define SSL_MAX_DIGEST 13 +# else +# define SSL_MAX_DIGEST 12 +# endif /* Bits for algorithm2 (handshake digests and other extra flags) */ @@ -331,8 +357,10 @@ # define SSL_HANDSHAKE_MAC_GOST94 SSL_MD_GOST94_IDX # define SSL_HANDSHAKE_MAC_GOST12_256 SSL_MD_GOST12_256_IDX # define SSL_HANDSHAKE_MAC_GOST12_512 SSL_MD_GOST12_512_IDX -# define SSL_HANDSHAKE_MAC_SM3 SSL_MD_SM3_IDX -# define SSL_HANDSHAKE_MAC_DEFAULT SSL_HANDSHAKE_MAC_MD5_SHA1 +# define SSL_HANDSHAKE_MAC_DEFAULT SSL_HANDSHAKE_MAC_MD5_SHA1 +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_HANDSHAKE_MAC_SM3 SSL_MD_SM3_IDX +# endif /* Bits 8-15 bits are PRF */ # define TLS1_PRF_DGST_SHIFT 8 @@ -342,8 +370,10 @@ # define TLS1_PRF_GOST94 (SSL_MD_GOST94_IDX << TLS1_PRF_DGST_SHIFT) # define TLS1_PRF_GOST12_256 (SSL_MD_GOST12_256_IDX << TLS1_PRF_DGST_SHIFT) # define TLS1_PRF_GOST12_512 (SSL_MD_GOST12_512_IDX << TLS1_PRF_DGST_SHIFT) -# define TLS1_PRF_SM3 (SSL_MD_SM3_IDX << TLS1_PRF_DGST_SHIFT) # define TLS1_PRF (SSL_MD_MD5_SHA1_IDX << TLS1_PRF_DGST_SHIFT) +# ifndef OPENSSL_NO_GMTLS_METHOD +# define TLS1_PRF_SM3 (SSL_MD_SM3_IDX << TLS1_PRF_DGST_SHIFT) +# endif /* * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also @@ -363,6 +393,9 @@ /* we have used 0000003f - 26 bits left to go */ +/* Check is an SSL use GMTLSv1.1 */ +#define SSL_IS_GMTLS(s) (s->version == GMTLS_VERSION) + /* Check if an SSL structure is using DTLS */ # define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) /* See if we need explicit IV */ @@ -394,6 +427,12 @@ # define SSL_CLIENT_USE_SIGALGS(s) \ SSL_CLIENT_USE_TLS1_2_CIPHERS(s) +# ifndef OPENSSL_NO_GMTLS +# undef SSL_CLIENT_USE_SIGALGS +# define SSL_CLIENT_USE_SIGALGS(s) \ + (SSL_CLIENT_USE_TLS1_2_CIPHERS(s) || (s->client_version == GMTLS_VERSION)) +# endif + # define SSL_USE_ETM(s) (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) /* Mostly for SSLv3 */ @@ -404,7 +443,15 @@ # define SSL_PKEY_GOST01 4 # define SSL_PKEY_GOST12_256 5 # define SSL_PKEY_GOST12_512 6 -# define SSL_PKEY_NUM 7 +# ifndef OPENSSL_NO_GMTLS_METHOD +# define SSL_PKEY_SM2_ENC 7 +# define SSL_PKEY_SM2_SIGN 8 +# define SSL_PKEY_SM9 9 +# define SSL_PKEY_NUM 10 +# else +# define SSL_PKEY_NUM 7 +# endif + /* * Pseudo-constant. GOST cipher suites can use different certs for 1 * SSL_CIPHER. So let's see which one we have in fact. @@ -484,6 +531,13 @@ struct ssl_method_st { long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void)); }; +typedef struct cert_sm9_st { + SM9PublicParameters *params; + SM9PrivateKey *privatekey; + SM9PublicKey *publickey; + char *id; +} CERT_SM9; + /*- * Lets make this into an ASN.1 type structure as follows * SSL_SESSION_ID ::= SEQUENCE { @@ -537,6 +591,12 @@ struct ssl_session_st { int not_resumable; /* This is the cert and type for the other end. */ X509 *peer; +# ifndef OPENSSL_NO_GMTLS_METHOD + X509 *peer_extra; + char *peer_identity; + CERT_SM9 ibe; + CERT_SM9 ibs; +# endif int peer_type; /* Certificate chain peer sent */ STACK_OF(X509) *peer_chain; @@ -1440,6 +1500,7 @@ typedef struct cert_pkey_st { unsigned char *serverinfo; size_t serverinfo_length; } CERT_PKEY; + /* Retrieve Suite B flags */ # define tls1_suiteb(s) (s->cert->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS) /* Uses to check strict mode: suite B modes are always strict */ @@ -1494,6 +1555,12 @@ typedef struct cert_st { /* Flags related to certificates */ uint32_t cert_flags; CERT_PKEY pkeys[SSL_PKEY_NUM]; + +# if !defined(OPENSSL_NO_GMTLS_METHOD) && !defined(OPENSSL_NO_SM9) + CERT_SM9 ibe; + CERT_SM9 ibs; +# endif + /* * Certificate types (received or sent) in certificate request message. * On receive this is only set if number of certificate types exceeds @@ -1659,6 +1726,12 @@ __owur const SSL_METHOD *dtls_bad_ver_client_method(void); __owur const SSL_METHOD *dtlsv1_2_method(void); __owur const SSL_METHOD *dtlsv1_2_server_method(void); __owur const SSL_METHOD *dtlsv1_2_client_method(void); +#ifndef OPENSSL_NO_GMTLS_METHOD +__owur const SSL_METHOD *gmtls_method(void); +__owur const SSL_METHOD *gmtls_server_method(void); +__owur const SSL_METHOD *gmtls_client_method(void); +#endif + extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD TLSv1_1_enc_data; @@ -1666,6 +1739,9 @@ extern const SSL3_ENC_METHOD TLSv1_2_enc_data; extern const SSL3_ENC_METHOD SSLv3_enc_data; extern const SSL3_ENC_METHOD DTLSv1_enc_data; extern const SSL3_ENC_METHOD DTLSv1_2_enc_data; +# ifndef OPENSSL_NO_GMTLS_METHOD +extern const SSL3_ENC_METHOD GMTLS_enc_data; +# endif /* * Flags for SSL methods @@ -1673,6 +1749,47 @@ extern const SSL3_ENC_METHOD DTLSv1_2_enc_data; # define SSL_METHOD_NO_FIPS (1U<<0) # define SSL_METHOD_NO_SUITEB (1U<<1) + +# ifndef OPENSSL_NO_GMTLS_METHOD +# define IMPLEMENT_gmtls_meth_func(flags, mask, func_name, s_accept, \ + s_connect, enc_data) \ +const SSL_METHOD *func_name(void) \ + { \ + static const SSL_METHOD func_name##_data= { \ + GMTLS_VERSION, \ + flags, \ + mask, \ + tls1_new, \ + tls1_clear, \ + tls1_free, \ + s_accept, \ + s_connect, \ + ssl3_read, \ + ssl3_peek, \ + ssl3_write, \ + ssl3_shutdown, \ + ssl3_renegotiate, \ + ssl3_renegotiate_check, \ + ssl3_read_bytes, \ + ssl3_write_bytes, \ + ssl3_dispatch_alert, \ + ssl3_ctrl, \ + ssl3_ctx_ctrl, \ + ssl3_get_cipher_by_char, \ + ssl3_put_cipher_by_char, \ + ssl3_pending, \ + ssl3_num_ciphers, \ + ssl3_get_cipher, \ + tls1_default_timeout, \ + &enc_data, \ + ssl_undefined_void_function, \ + ssl3_callback_ctrl, \ + ssl3_ctx_callback_ctrl, \ + }; \ + return &func_name##_data; \ + } +# endif /* OPENSSL_NO_GMTLS_METHOD */ + # define IMPLEMENT_tls_meth_func(version, flags, mask, func_name, s_accept, \ s_connect, enc_data) \ const SSL_METHOD *func_name(void) \ @@ -1711,6 +1828,15 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } + + + + + + + + + # define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect) \ const SSL_METHOD *func_name(void) \ { \ @@ -1988,6 +2114,9 @@ __owur int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, int use_context); __owur int tls1_alert_code(int code); __owur int ssl3_alert_code(int code); +# ifndef OPENSSL_NO_GMTLS_METHOD +__owur int gmtls_alert_code(int code); +# endif __owur int ssl_ok(SSL *s); # ifndef OPENSSL_NO_EC @@ -2140,4 +2269,5 @@ void ssl_comp_free_compression_methods_int(void); # define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat # endif +/*static*/ int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x); #endif diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 3eb1a8ae..140a0543 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -113,6 +113,7 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) } ret = ssl_set_pkey(ssl->cert, pkey); + EVP_PKEY_free(pkey); return (ret); } @@ -121,12 +122,25 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) { int i; + i = ssl_cert_type(NULL, pkey); if (i < 0) { SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return (0); } + /* set private key even without keyUsage in cert */ + if (i == SSL_PKEY_SM2_SIGN) { + if (c->pkeys[SSL_PKEY_SM2_ENC].privatekey) + i = SSL_PKEY_SM2_SIGN; + else if (c->pkeys[SSL_PKEY_SM2_SIGN].privatekey) + i = SSL_PKEY_SM2_ENC; + else if (c->pkeys[SSL_PKEY_SM2_ENC].x509) + i = SSL_PKEY_SM2_ENC; + else + i = SSL_PKEY_SM2_SIGN; + } + if (c->pkeys[i].x509 != NULL) { EVP_PKEY *pktmp; pktmp = X509_get0_pubkey(c->pkeys[i].x509); @@ -145,6 +159,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) /* * Don't check the public/private key, this is mostly for smart * cards. + * SM2和EC也可能是智能卡! + * */ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA && RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK) ; @@ -324,6 +340,7 @@ static int ssl_set_cert(CERT *c, X509 *x) SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE); return 0; } + #ifndef OPENSSL_NO_EC if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) { SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING); @@ -331,7 +348,7 @@ static int ssl_set_cert(CERT *c, X509 *x) } #endif if (c->pkeys[i].privatekey != NULL) { - /* + /* * The return code from EVP_PKEY_copy_parameters is deliberately * ignored. Some EVP_PKEY types cannot do this. */ @@ -449,6 +466,7 @@ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) } ret = ssl_set_pkey(ctx->cert, pkey); + EVP_PKEY_free(pkey); return (ret); } diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 43cb1d37..6518c8b6 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -153,6 +153,11 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) if (src->peer != NULL) X509_up_ref(src->peer); +#ifndef OPENSSL_NO_GMTLS_METHOD + if (src->peer_extra != NULL) + X509_up_ref(src->peer_extra); +#endif + if (src->peer_chain != NULL) { dest->peer_chain = X509_chain_up_ref(src->peer_chain); if (dest->peer_chain == NULL) @@ -329,6 +334,11 @@ int ssl_get_new_session(SSL *s, int session) } else if (s->version == DTLS1_2_VERSION) { ss->ssl_version = DTLS1_2_VERSION; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; +#ifndef OPENSSL_NO_GMTLS_METHOD + } else if (s->version == GMTLS_VERSION) { + ss->ssl_version = GMTLS_VERSION; + ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; +#endif } else { SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION); SSL_SESSION_free(ss); @@ -754,6 +764,9 @@ void SSL_SESSION_free(SSL_SESSION *ss) OPENSSL_cleanse(ss->master_key, sizeof ss->master_key); OPENSSL_cleanse(ss->session_id, sizeof ss->session_id); X509_free(ss->peer); +#ifndef OPENSSL_NO_GMTLS_METHOD + X509_free(ss->peer_extra); +#endif sk_X509_pop_free(ss->peer_chain, X509_free); sk_SSL_CIPHER_free(ss->ciphers); OPENSSL_free(ss->tlsext_hostname); @@ -886,6 +899,13 @@ X509 *SSL_SESSION_get0_peer(SSL_SESSION *s) return s->peer; } +#ifndef OPENSSL_NO_GMTLS_METHOD +X509 *SSL_SESSION_get0_peer_extra(SSL_SESSION *s) +{ + return s->peer_extra; +} +#endif + int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len) { diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index 014340f2..81db3fe1 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -286,6 +286,20 @@ const char *SSL_alert_desc_string(int value) return "BH"; case TLS1_AD_UNKNOWN_PSK_IDENTITY: return "UP"; +#ifndef OPENSSL_NO_GMTLS_METHOD + case GMTLS_AD_UNSUPPORTED_SITE2SITE: + return "U2"; + case GMTLS_AD_NO_AREA: + return "NA"; + case GMTLS_AD_UNSUPPORTED_AREATYPE: + return "AT"; + case GMTLS_AD_BAD_IBCPARAM: + return "BI"; + case GMTLS_AD_UNSUPPORTED_IBCPARAM: + return "UI"; + case GMTLS_AD_IDENTITY_NEED: + return "IN"; +#endif default: return "UK"; } @@ -356,6 +370,20 @@ const char *SSL_alert_desc_string_long(int value) return "unknown PSK identity"; case TLS1_AD_NO_APPLICATION_PROTOCOL: return "no application protocol"; +#ifndef OPENSSL_NO_GMTLS_METHOD + case GMTLS_AD_UNSUPPORTED_SITE2SITE: + return "unsupported site2site"; + case GMTLS_AD_NO_AREA: + return "no area"; + case GMTLS_AD_UNSUPPORTED_AREATYPE: + return "unsupported areatype"; + case GMTLS_AD_BAD_IBCPARAM: + return "bad ibc parameters"; + case GMTLS_AD_UNSUPPORTED_IBCPARAM: + return "unsupported ibc parameters"; + case GMTLS_AD_IDENTITY_NEED: + return "identity need"; +#endif default: return "unknown"; } diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index 512f1e09..d4b9c087 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -288,6 +288,10 @@ static int state_machine(SSL *s, int server) SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR); goto end; } +#ifndef OPENSSL_NO_GMTLS_METHOD + } else if (s->version == GMTLS_VERSION) { + /* do nothing */ +#endif } else { if ((s->version >> 8) != SSL3_VERSION_MAJOR) { SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index dc6443dd..85175027 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -54,10 +54,19 @@ #include #include #include -#include -#include +#ifndef OPENSSL_NO_MD5 +# include +#endif +#ifndef OPENSSL_NO_DH +# include +#endif #include -#include +#ifndef OPENSSL_NO_ENGINE +# include +#endif +#ifndef OPENSSL_NO_GMTLS +# include +#endif static ossl_inline int cert_req_allowed(SSL *s); static int key_exchange_expected(SSL *s); @@ -80,6 +89,7 @@ static ossl_inline int cert_req_allowed(SSL *s) || (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aSRP | SSL_aPSK))) return 0; + /* gmtls ciphers always allow req */ return 1; } @@ -94,12 +104,17 @@ static int key_exchange_expected(SSL *s) { long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; +#ifndef OPENSSL_NO_GMTLS_METHOD + if (s->version == GMTLS_VERSION) + return 1; +#endif + /* * Can't skip server key exchange if this is an ephemeral * ciphersuite or for SRP */ - if (alg_k & (SSL_kDHE | SSL_kECDHE | SSL_kDHEPSK | SSL_kECDHEPSK - | SSL_kSRP)) { + if (alg_k & (SSL_kDHE | SSL_kECDHE | SSL_kDHEPSK | SSL_kECDHEPSK | + SSL_kSM2DHE | SSL_kSM2PSK | SSL_kSRP)) { return 1; } @@ -519,10 +534,16 @@ int ossl_statem_client_construct_message(SSL *s) return tls_construct_client_hello(s); case TLS_ST_CW_CERT: - return tls_construct_client_certificate(s); + if (SSL_IS_GMTLS(s)) + return gmtls_construct_client_certificate(s); + else + return tls_construct_client_certificate(s); case TLS_ST_CW_KEY_EXCH: - return tls_construct_client_key_exchange(s); + if (SSL_IS_GMTLS(s)) + return gmtls_construct_client_key_exchange(s); + else + return tls_construct_client_key_exchange(s); case TLS_ST_CW_CERT_VRFY: return tls_construct_client_verify(s); @@ -621,13 +642,19 @@ MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt) return dtls_process_hello_verify(s, pkt); case TLS_ST_CR_CERT: - return tls_process_server_certificate(s, pkt); + if (SSL_IS_GMTLS(s)) + return tls_process_server_certificate(s, pkt); + else + return tls_process_server_certificate(s, pkt); case TLS_ST_CR_CERT_STATUS: return tls_process_cert_status(s, pkt); case TLS_ST_CR_KEY_EXCH: - return tls_process_key_exchange(s, pkt); + if (SSL_IS_GMTLS(s)) + return gmtls_process_server_key_exchange(s, pkt); + else + return tls_process_server_key_exchange(s, pkt); case TLS_ST_CR_CERT_REQ: return tls_process_certificate_request(s, pkt); @@ -850,7 +877,7 @@ int tls_construct_client_hello(SSL *s) SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); goto err; } - if ((p = + if ((s->version != GMTLS_VERSION) && (p = ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -1509,6 +1536,11 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) #endif } +//这个函数实际上就是从packet里面读取曲线参数,对方临时公钥 +//把这个临时公钥设置到s->s3->peer_tmp (在哪儿处理的?) +//然后再根据认证算法(s->s3->tmp.new_cipher->algorithm_auth 确定对方的签名算法(应该是证书中拿到的) +//最后从s->session->peer中取出对方的签名公钥,从pkey参数返回 +//这个函数并不去处理签名值,而是留给后续处理,因此sm2的话不提取任何数据,这个函数是无效的 static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) { #ifndef OPENSSL_NO_EC @@ -1579,6 +1611,7 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) return 0; } + /* parse remote ephem point */ if (!EVP_PKEY_set1_tls_encodedpoint(s->s3->peer_tmp, PACKET_data(&encoded_pt), PACKET_remaining(&encoded_pt))) { @@ -1592,8 +1625,13 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) * ECParameters in the server key exchange message. We do support RSA * and ECDSA. */ + // 这里的s->session->peer 应该是在处理证书消息的时候设定的,要看看具体在哪儿 if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aECDSA) *pkey = X509_get0_pubkey(s->session->peer); +#ifndef OPENSSL_NO_GMTLS + else if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSM2) + *pkey = X509_get0_pubkey(s->session->peer); +#endif else if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aRSA) *pkey = X509_get0_pubkey(s->session->peer); /* else anonymous ECDH, so no certificate or pkey. */ @@ -1606,7 +1644,7 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) #endif } -MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) +MSG_PROCESS_RETURN tls_process_server_key_exchange(SSL *s, PACKET *pkt) { int al = -1; long alg_k; @@ -1635,12 +1673,14 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { if (!tls_process_ske_dhe(s, pkt, &pkey, &al)) goto err; - } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) { + } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK | + SSL_kSM2DHE | SSL_kSM2PSK + )) { if (!tls_process_ske_ecdhe(s, pkt, &pkey, &al)) goto err; } else if (alg_k) { al = SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE); goto err; } @@ -1659,7 +1699,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) PACKET_remaining(&save_param_start) - PACKET_remaining(pkt))) { al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } @@ -1668,7 +1708,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) int rv; if (!PACKET_get_bytes(pkt, &sigalgs, 2)) { al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT); goto err; } rv = tls12_check_peer_sigalg(&md, s, sigalgs, pkey); @@ -1682,22 +1722,31 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) #ifdef SSL_DEBUG fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); #endif +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { md = EVP_md5_sha1(); +#endif +#ifndef OPENSSL_NO_GMTLS_METHOD + } else if (s->method->version == GMTLS_VERSION + && s->s3->tmp.new_cipher->algorithm_mac & SSL_SM3) { + md = EVP_sm3(); +#endif +#ifndef OPENSSL_NO_SHA } else { - md = EVP_sha1(); + md = EVP_sha1(); +#endif } if (!PACKET_get_length_prefixed_2(pkt, &signature) || PACKET_remaining(pkt) != 0) { al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH); goto err; } maxsig = EVP_PKEY_size(pkey); if (maxsig < 0) { al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } @@ -1707,7 +1756,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) if (PACKET_remaining(&signature) > (size_t)maxsig) { /* wrong packet length */ al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH); goto err; } @@ -1715,20 +1764,45 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) md_ctx = EVP_MD_CTX_new(); if (md_ctx == NULL) { al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); goto err; } - if (EVP_VerifyInit_ex(md_ctx, md, NULL) <= 0 - || EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]), - SSL3_RANDOM_SIZE) <= 0 + if (EVP_VerifyInit_ex(md_ctx, md, NULL) <= 0) { + EVP_MD_CTX_free(md_ctx); + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_EVP_LIB); + goto err; + } + +#ifndef OPENSSL_NO_SM2 + if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSM2) { + unsigned char z[EVP_MAX_MD_SIZE]; + size_t zlen = sizeof(z); + char *id = SM2_DEFAULT_ID; + if (!SM2_compute_id_digest(md, id, strlen(id), z, &zlen, + EVP_PKEY_get0_EC_KEY(pkey))) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_SM2_LIB); + goto err; + } + if (EVP_VerifyUpdate(md_ctx, z, zlen) <= 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_EVP_LIB); + goto err; + } + } +#endif + + if (EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]), + SSL3_RANDOM_SIZE) <= 0 || EVP_VerifyUpdate(md_ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE) <= 0 || EVP_VerifyUpdate(md_ctx, PACKET_data(¶ms), PACKET_remaining(¶ms)) <= 0) { EVP_MD_CTX_free(md_ctx); al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; } if (EVP_VerifyFinal(md_ctx, PACKET_data(&signature), @@ -1736,7 +1810,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) /* bad signature */ EVP_MD_CTX_free(md_ctx); al = SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE); goto err; } EVP_MD_CTX_free(md_ctx); @@ -1748,7 +1822,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) if (ssl3_check_cert_and_algorithm(s)) { /* Otherwise this shouldn't happen */ al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); } else { al = SSL_AD_DECODE_ERROR; } @@ -1757,7 +1831,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) /* still data left over */ if (PACKET_remaining(pkt) != 0) { al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE); + SSLerr(SSL_F_TLS_PROCESS_SERVER_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE); goto err; } } @@ -1968,7 +2042,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) */ if (!EVP_Digest(s->session->tlsext_tick, ticklen, s->session->session_id, &s->session->session_id_length, - EVP_sha256(), NULL)) { + EVP_get_digestbynid(NID_sha256), NULL)) { SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_EVP_LIB); goto err; } @@ -2213,6 +2287,10 @@ static int tls_construct_cke_rsa(SSL *s, unsigned char **p, int *len, int *al) /* Fix buf for TLS and beyond */ if (s->version > SSL3_VERSION) *p += 2; +#ifndef OPENSSL_NO_GMTLS_METHOD + if (s->version == GMTLS_VERSION) + *p += 2; +#endif pctx = EVP_PKEY_CTX_new(pkey, NULL); if (pctx == NULL || EVP_PKEY_encrypt_init(pctx) <= 0 || EVP_PKEY_encrypt(pctx, NULL, &enclen, pms, pmslen) <= 0) { @@ -2231,6 +2309,8 @@ static int tls_construct_cke_rsa(SSL *s, unsigned char **p, int *len, int *al) (*p)[1]++; if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0] = 0x70; + + // tmp_buf 没有定义,可能出现了编辑错误! # endif /* Fix buf for TLS and beyond */ @@ -2238,6 +2318,12 @@ static int tls_construct_cke_rsa(SSL *s, unsigned char **p, int *len, int *al) s2n(*len, q); *len += 2; } +#ifndef OPENSSL_NO_GMTLS_METHOD + if (s->version == GMTLS_VERSION) { + s2n(*len, q); + *len += 2; + } +#endif s->s3->tmp.pms = pms; s->s3->tmp.pmslen = pmslen; @@ -2255,6 +2341,8 @@ static int tls_construct_cke_rsa(SSL *s, unsigned char **p, int *len, int *al) #endif } + + static int tls_construct_cke_dhe(SSL *s, unsigned char **p, int *len, int *al) { #ifndef OPENSSL_NO_DH @@ -2525,7 +2613,8 @@ int tls_construct_client_key_exchange(SSL *s) } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { if (!tls_construct_cke_dhe(s, &p, &len, &al)) goto err; - } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) { + } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK | SSL_kSM2DHE | + SSL_kSM2PSK)) { if (!tls_construct_cke_ecdhe(s, &p, &len, &al)) goto err; } else if (alg_k & SSL_kGOST) { @@ -2834,7 +2923,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) #ifndef OPENSSL_NO_EC idx = s->session->peer_type; - if (idx == SSL_PKEY_ECC) { + if ((idx == SSL_PKEY_ECC) || (idx == SSL_PKEY_SM2_SIGN)) { /* GMTLS */ if (ssl_check_srvr_ecc_cert_and_alg(s->session->peer, s) == 0) { /* check failed */ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT); @@ -2842,7 +2931,7 @@ int ssl3_check_cert_and_algorithm(SSL *s) } else { return 1; } - } else if (alg_a & SSL_aECDSA) { + } else if ((alg_a & SSL_aECDSA) || (alg_a & SSL_aSM2)) { /* GMTLS */ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDSA_SIGNING_CERT); goto f_err; diff --git a/ssl/statem/statem_gmtls.c b/ssl/statem/statem_gmtls.c index 8b137891..a226c527 100644 --- a/ssl/statem/statem_gmtls.c +++ b/ssl/statem/statem_gmtls.c @@ -1 +1,137 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +#include +#include + +# include "../ssl_locl.h" +# include "statem_locl.h" +# include "internal/constant_time_locl.h" +# include +# include +# include +# include +# include +# include +# include +# include +# include +# include + +int gmtls_construct_server_certificate(SSL *s) +{ + SSLerr(SSL_F_GMTLS_CONSTRUCT_SERVER_CERTIFICATE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return 0; +} + +int gmtls_construct_server_key_exchange(SSL *s) +{ + SSLerr(SSL_F_GMTLS_CONSTRUCT_SERVER_KEY_EXCHANGE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return 0; +} + +int gmtls_construct_client_certificate(SSL *s) +{ + SSLerr(SSL_F_GMTLS_CONSTRUCT_CLIENT_CERTIFICATE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return 0; +} + +int gmtls_construct_client_key_exchange(SSL *s) +{ + SSLerr(SSL_F_GMTLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return 0; +} + +MSG_PROCESS_RETURN gmtls_process_server_certificate(SSL *s, PACKET *pkt) +{ + SSLerr(SSL_F_GMTLS_PROCESS_SERVER_CERTIFICATE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return MSG_PROCESS_ERROR; +} + +MSG_PROCESS_RETURN gmtls_process_server_key_exchange(SSL *s, PACKET *pkt) +{ + SSLerr(SSL_F_GMTLS_PROCESS_SERVER_KEY_EXCHANGE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return MSG_PROCESS_ERROR; +} + +MSG_PROCESS_RETURN gmtls_process_client_certificate(SSL *s, PACKET *pkt) +{ + SSLerr(SSL_F_GMTLS_PROCESS_CLIENT_CERTIFICATE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return MSG_PROCESS_ERROR; +} + +MSG_PROCESS_RETURN gmtls_process_client_key_exchange(SSL *s, PACKET *pkt) +{ + SSLerr(SSL_F_GMTLS_PROCESS_CLIENT_KEY_EXCHANGE, + SSL_R_NOT_IMPLEMENTED); + ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); + ossl_statem_set_error(s); + return MSG_PROCESS_ERROR; +} diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index a53680ec..25df5c22 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -22,6 +22,9 @@ #include #include #include +#ifndef OPENSSL_NO_GMTLS +#include +#endif /* * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or @@ -528,6 +531,26 @@ int ssl_cert_type(const X509 *x, const EVP_PKEY *pk) return SSL_PKEY_DSA_SIGN; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: +#ifndef OPENSSL_NO_GMTLS +/* +在use_cert时,调用方提供证书,因此可以根据keyUsage选择公钥类型 +但是use_key时,没有证书,因此这个函数只能做一个猜测 +如果这两者并不一致时,就出现错误了! +*/ + if (EC_GROUP_get_curve_name(EC_KEY_get0_group( + (EC_KEY *)EVP_PKEY_get0(pk))) == NID_sm2p256v1) { + if (x) { + if (X509_get_key_usage((X509 *)x) & X509v3_KU_DIGITAL_SIGNATURE) { + return SSL_PKEY_SM2_SIGN; + } else { + return SSL_PKEY_SM2_ENC; + } + } else + { + return SSL_PKEY_SM2_SIGN; + } + } +#endif return SSL_PKEY_ECC; #endif #ifndef OPENSSL_NO_GOST @@ -639,13 +662,6 @@ typedef struct { #endif static const version_info tls_version_table[] = { -/* -#ifndef OPENSSL_NO_GMTLS - {GMTLS_VERSION, gmtls_client_method, gmtls_server_method}, -#else - {GMTLS_VERSION, NULL, NULL}, -#endif -*/ #ifndef OPENSSL_NO_TLS1_2 {TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method}, #else @@ -665,6 +681,11 @@ static const version_info tls_version_table[] = { {SSL3_VERSION, sslv3_client_method, sslv3_server_method}, #else {SSL3_VERSION, NULL, NULL}, +#endif +#ifndef OPENSSL_NO_GMTLS + {GMTLS_VERSION, gmtls_client_method, gmtls_server_method}, +#else + {GMTLS_VERSION, NULL, NULL}, #endif {0, NULL, NULL}, }; @@ -674,13 +695,6 @@ static const version_info tls_version_table[] = { #endif static const version_info dtls_version_table[] = { -/* -#ifndef OPENSSL_NO_GMTLS - {GMTLS_VERSION, gmdtls_client_method, gmdtls_server_method}, -#else - {GMTLS_VERSION, NULL, NULL}, -#endif -*/ #ifndef OPENSSL_NO_DTLS1_2 {DTLS1_2_VERSION, dtlsv1_2_client_method, dtlsv1_2_server_method}, #else @@ -849,7 +863,12 @@ int ssl_set_version_bound(int method_version, int version, int *bound) return 0; case TLS_ANY_VERSION: +#ifndef OPENSSL_NO_GMTLS_METHOD + if ((version < SSL3_VERSION || version > TLS_MAX_VERSION) + && (version != GMTLS_VERSION)) +#else if (version < SSL3_VERSION || version > TLS_MAX_VERSION) +#endif return 0; break; diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h index a46e6c79..c86f8d77 100644 --- a/ssl/statem/statem_locl.h +++ b/ssl/statem/statem_locl.h @@ -96,7 +96,7 @@ __owur int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey); __owur int tls_construct_client_key_exchange(SSL *s); __owur int tls_client_key_exchange_post_work(SSL *s); __owur int tls_construct_cert_status(SSL *s); -__owur MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt); +__owur MSG_PROCESS_RETURN tls_process_server_key_exchange(SSL *s, PACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt); __owur int ssl3_check_cert_and_algorithm(SSL *s); #ifndef OPENSSL_NO_NEXTPROTONEG @@ -122,3 +122,14 @@ __owur MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt); __owur MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt); #endif __owur int tls_construct_new_session_ticket(SSL *s); + +#ifndef OPENSSL_NO_GMTLS_METHOD +__owur int gmtls_construct_server_certificate(SSL *s); +__owur int gmtls_construct_server_key_exchange(SSL *s); +__owur int gmtls_construct_client_certificate(SSL *s); +__owur int gmtls_construct_client_key_exchange(SSL *s); +__owur MSG_PROCESS_RETURN gmtls_process_server_certificate(SSL *s, PACKET *pkt); +__owur MSG_PROCESS_RETURN gmtls_process_server_key_exchange(SSL *s, PACKET *pkt); +__owur MSG_PROCESS_RETURN gmtls_process_client_certificate(SSL *s, PACKET *pkt); +__owur MSG_PROCESS_RETURN gmtls_process_client_key_exchange(SSL *s, PACKET *pkt); +#endif diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index d36d194b..71ffce03 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -57,9 +57,10 @@ #include #include #include -#include #include -#include +#ifndef OPENSSL_NO_GMTLS +# include +#endif static STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, PACKET *cipher_suites, @@ -229,6 +230,11 @@ static int send_server_key_exchange(SSL *s) { unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; +#ifndef OPENSSL_NO_GMTLS_METHOD + if (s->method->version == GMTLS_VERSION) + return 1; +#endif + /* * only send a ServerKeyExchange if DH or fortezza but we have a * sign only certificate PSK: may send PSK identity hints For @@ -237,7 +243,7 @@ static int send_server_key_exchange(SSL *s) * the server certificate contains the server's public key for * key exchange. */ - if (alg_k & (SSL_kDHE | SSL_kECDHE) + if (alg_k & (SSL_kDHE | SSL_kECDHE | SSL_kSM2DHE) /* * PSK: send ServerKeyExchange if PSK identity hint if * provided @@ -247,7 +253,7 @@ static int send_server_key_exchange(SSL *s) || ((alg_k & (SSL_kPSK | SSL_kRSAPSK)) && s->cert->psk_identity_hint) /* For other PSK always send SKE */ - || (alg_k & (SSL_PSK & (SSL_kDHEPSK | SSL_kECDHEPSK))) + || (alg_k & (SSL_PSK & (SSL_kDHEPSK | SSL_kECDHEPSK | SSL_kSM2PSK))) #endif #ifndef OPENSSL_NO_SRP /* SRP: send ServerKeyExchange */ @@ -634,10 +640,14 @@ int ossl_statem_server_construct_message(SSL *s) return tls_construct_server_hello(s); case TLS_ST_SW_CERT: - return tls_construct_server_certificate(s); + return SSL_IS_GMTLS(s) ? + tls_construct_server_certificate(s) + : tls_construct_server_certificate(s); case TLS_ST_SW_KEY_EXCH: - return tls_construct_server_key_exchange(s); + return (s->version == GMTLS_VERSION) ? + gmtls_construct_server_key_exchange(s) + : tls_construct_server_key_exchange(s); case TLS_ST_SW_CERT_REQ: return tls_construct_certificate_request(s); @@ -744,10 +754,16 @@ MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt) return tls_process_client_hello(s, pkt); case TLS_ST_SR_CERT: - return tls_process_client_certificate(s, pkt); + if (SSL_IS_GMTLS(s)) + return tls_process_client_certificate(s, pkt); + else + return tls_process_client_certificate(s, pkt); case TLS_ST_SR_KEY_EXCH: - return tls_process_client_key_exchange(s, pkt); + if (SSL_IS_GMTLS(s)) + return gmtls_process_client_key_exchange(s, pkt); + else + return tls_process_client_key_exchange(s, pkt); case TLS_ST_SR_CERT_VRFY: return tls_process_cert_verify(s, pkt); @@ -958,6 +974,10 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) } else if ((version & 0xff00) == (SSL3_VERSION_MAJOR << 8)) { /* SSLv3/TLS */ s->client_version = version; +#ifndef OPENSSL_NO_GMTLS_METHOD + } else if (version == GMTLS_VERSION) { + s->client_version = version; +#endif } else { /* No idea what protocol this is */ SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL); @@ -1243,7 +1263,12 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt) } } +#ifndef OPENSSL_NO_GMTLS_METHOD + if (!s->hit && (s->version == GMTLS_VERSION || s->version >= TLS1_VERSION) + && s->tls_session_secret_cb) { +#else if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) { +#endif const SSL_CIPHER *pref_cipher = NULL; s->session->master_key_length = sizeof(s->session->master_key); @@ -1414,6 +1439,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) } s->rwstate = SSL_NOTHING; } + cipher = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); @@ -1426,7 +1452,7 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst) /* check whether we should disable session resumption */ if (s->not_resumable_session_cb != NULL) s->session->not_resumable = s->not_resumable_session_cb(s, - ((cipher->algorithm_mkey & (SSL_kDHE | SSL_kECDHE)) != 0)); + ((cipher->algorithm_mkey & (SSL_kDHE | SSL_kECDHE | SSL_kSM2DHE)) != 0)); if (s->session->not_resumable) /* do not send a session ticket */ s->tlsext_ticket_expected = 0; @@ -1572,7 +1598,8 @@ int tls_construct_server_hello(SSL *s) ossl_statem_set_error(s); return 0; } - if ((p = + + if ((s->version != GMTLS_VERSION) && (p = ssl_add_serverhello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) { ssl3_send_alert(s, SSL3_AL_FATAL, al); @@ -1629,9 +1656,9 @@ int tls_construct_server_key_exchange(SSL *s) const BIGNUM *r[4]; int nr[4], kn; BUF_MEM *buf; - EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); + EVP_MD_CTX *md_ctx = NULL; - if (md_ctx == NULL) { + if (!(md_ctx == EVP_MD_CTX_new())) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); al = SSL_AD_INTERNAL_ERROR; goto f_err; @@ -1725,7 +1752,7 @@ int tls_construct_server_key_exchange(SSL *s) } else #endif #ifndef OPENSSL_NO_EC - if (type & (SSL_kECDHE | SSL_kECDHEPSK)) { + if (type & (SSL_kECDHE | SSL_kECDHEPSK | SSL_kSM2DHE | SSL_kSM2PSK)) { int nid; if (s->s3->tmp.pkey != NULL) { @@ -1890,7 +1917,7 @@ int tls_construct_server_key_exchange(SSL *s) } #ifndef OPENSSL_NO_EC - if (type & (SSL_kECDHE | SSL_kECDHEPSK)) { + if (type & (SSL_kECDHE | SSL_kECDHEPSK | SSL_kSM2DHE | SSL_kSM2PSK)) { /* * XXX: For now, we only support named (not generic) curves. In * this situation, the serverKeyExchange message has: [1 byte @@ -1933,9 +1960,34 @@ int tls_construct_server_key_exchange(SSL *s) #ifdef SSL_DEBUG fprintf(stderr, "Using hash %s\n", EVP_MD_name(md)); #endif - if (EVP_SignInit_ex(md_ctx, md, NULL) <= 0 - || EVP_SignUpdate(md_ctx, &(s->s3->client_random[0]), - SSL3_RANDOM_SIZE) <= 0 + + if (EVP_SignInit_ex(md_ctx, md, NULL) <= 0) { + SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_LIB_EVP); + al = SSL_AD_INTERNAL_ERROR; + goto f_err; + } + +#ifndef OPENSSL_NO_GMTLS + if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSM2) { + unsigned char z[EVP_MAX_MD_SIZE]; + size_t zlen = sizeof(z); + char *id = SM2_DEFAULT_ID; + if (!SM2_compute_id_digest(md, id, strlen(id), z, &zlen, + EVP_PKEY_get0_EC_KEY(pkey))) { + SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_LIB_SM2); + al = SSL_AD_INTERNAL_ERROR; + goto f_err; + } + if (EVP_SignUpdate(md_ctx, z, zlen) <= 0) { + SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_LIB_SM2); + al = SSL_AD_INTERNAL_ERROR; + goto f_err; + } + } +#endif + + if (EVP_SignUpdate(md_ctx, &(s->s3->client_random[0]), + SSL3_RANDOM_SIZE) <= 0 || EVP_SignUpdate(md_ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE) <= 0 || EVP_SignUpdate(md_ctx, d, n) <= 0 @@ -1947,8 +1999,9 @@ int tls_construct_server_key_exchange(SSL *s) } s2n(i, p); n += i + 2; - if (SSL_USE_SIGALGS(s)) + if (SSL_USE_SIGALGS(s)) { n += 2; + } } else { /* Is this error check actually needed? */ al = SSL_AD_HANDSHAKE_FAILURE; @@ -2281,6 +2334,8 @@ static int tls_process_cke_rsa(SSL *s, PACKET *pkt, int *al) #endif } + + static int tls_process_cke_dhe(SSL *s, PACKET *pkt, int *al) { #ifndef OPENSSL_NO_DH @@ -2367,6 +2422,8 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt, int *al) unsigned int i; const unsigned char *data; + + /* * Get client's public key from encoded point in the * ClientKeyExchange message. @@ -2585,7 +2642,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { if (!tls_process_cke_dhe(s, pkt, &al)) goto err; - } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) { + } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK | SSL_kSM2DHE | SSL_kSM2PSK)) { if (!tls_process_cke_ecdhe(s, pkt, &al)) goto err; } else if (alg_k & SSL_kSRP) { @@ -3084,7 +3141,13 @@ int tls_construct_new_session_ticket(SSL *s) goto err; iv_len = EVP_CIPHER_CTX_iv_length(ctx); } else { - const EVP_CIPHER *cipher = EVP_aes_256_cbc(); + const EVP_CIPHER *cipher = +#ifndef OPENSSL_NO_AES + EVP_aes_256_cbc(); +#else + EVP_sms4_cbc(); +#endif + iv_len = EVP_CIPHER_iv_length(cipher); if (RAND_bytes(iv, iv_len) <= 0) @@ -3094,7 +3157,7 @@ int tls_construct_new_session_ticket(SSL *s) goto err; if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, sizeof(tctx->tlsext_tick_hmac_key), - EVP_sha256(), NULL)) + EVP_get_digestbynid(NID_sha256), NULL)) goto err; memcpy(key_name, tctx->tlsext_tick_key_name, sizeof(tctx->tlsext_tick_key_name)); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 4aa5ddd1..f8499b4b 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -692,3 +692,65 @@ int tls1_alert_code(int code) return (-1); } } + +int gmtls_alert_code(int code) +{ + switch (code) { + case SSL_AD_CLOSE_NOTIFY: + return (SSL3_AD_CLOSE_NOTIFY); + case SSL_AD_UNEXPECTED_MESSAGE: + return (SSL3_AD_UNEXPECTED_MESSAGE); + case SSL_AD_BAD_RECORD_MAC: + return (SSL3_AD_BAD_RECORD_MAC); + case SSL_AD_DECRYPTION_FAILED: + return (TLS1_AD_DECRYPTION_FAILED); + case SSL_AD_RECORD_OVERFLOW: + return (TLS1_AD_RECORD_OVERFLOW); + case SSL_AD_DECOMPRESSION_FAILURE: + return (SSL3_AD_DECOMPRESSION_FAILURE); + case SSL_AD_HANDSHAKE_FAILURE: + return (SSL3_AD_HANDSHAKE_FAILURE); + case SSL_AD_BAD_CERTIFICATE: + return (SSL3_AD_BAD_CERTIFICATE); + case SSL_AD_UNSUPPORTED_CERTIFICATE: + return (SSL3_AD_UNSUPPORTED_CERTIFICATE); + case SSL_AD_CERTIFICATE_REVOKED: + return (SSL3_AD_CERTIFICATE_REVOKED); + case SSL_AD_CERTIFICATE_EXPIRED: + return (SSL3_AD_CERTIFICATE_EXPIRED); + case SSL_AD_CERTIFICATE_UNKNOWN: + return (SSL3_AD_CERTIFICATE_UNKNOWN); + case SSL_AD_ILLEGAL_PARAMETER: + return (SSL3_AD_ILLEGAL_PARAMETER); + case SSL_AD_UNKNOWN_CA: + return (TLS1_AD_UNKNOWN_CA); + case SSL_AD_ACCESS_DENIED: + return (TLS1_AD_ACCESS_DENIED); + case SSL_AD_DECODE_ERROR: + return (TLS1_AD_DECODE_ERROR); + case SSL_AD_DECRYPT_ERROR: + return (TLS1_AD_DECRYPT_ERROR); + case SSL_AD_PROTOCOL_VERSION: + return (TLS1_AD_PROTOCOL_VERSION); + case SSL_AD_INSUFFICIENT_SECURITY: + return (TLS1_AD_INSUFFICIENT_SECURITY); + case SSL_AD_INTERNAL_ERROR: + return (TLS1_AD_INTERNAL_ERROR); + case SSL_AD_USER_CANCELLED: + return (TLS1_AD_USER_CANCELLED); + case SSL_AD_UNSUPPORTED_SITE2SITE: + return (GMTLS_AD_UNSUPPORTED_SITE2SITE); + case SSL_AD_NO_AREA: + return (GMTLS_AD_NO_AREA); + case SSL_AD_UNSUPPORTED_AREATYPE: + return (GMTLS_AD_UNSUPPORTED_AREATYPE); + case SSL_AD_BAD_IBCPARAM: + return (GMTLS_AD_BAD_IBCPARAM); + case SSL_AD_UNSUPPORTED_IBCPARAM: + return (GMTLS_AD_UNSUPPORTED_IBCPARAM); + case SSL_AD_IDENTITY_NEED: + return (GMTLS_AD_IDENTITY_NEED); + default: + return (-1); + } +} diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 1205f993..66b1f888 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include "ssl_locl.h" #include @@ -85,6 +84,26 @@ SSL3_ENC_METHOD const TLSv1_2_enc_data = { ssl3_handshake_write }; +#ifndef OPENSSL_NO_GMTLS_METHOD +SSL3_ENC_METHOD const GMTLS_enc_data = { + tls1_enc, + tls1_mac, + tls1_setup_key_block, + tls1_generate_master_secret, + tls1_change_cipher_state, + tls1_final_finish_mac, + TLS1_FINISH_MAC_LENGTH, + TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE, + TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE, + gmtls_alert_code, + tls1_export_keying_material, + SSL_ENC_FLAG_EXPLICIT_IV, + SSL3_HM_HEADER_LENGTH, + ssl3_set_handshake_header, + ssl3_handshake_write +}; +#endif + long tls1_default_timeout(void) { /* @@ -160,6 +179,9 @@ static const tls_curve_info nid_list[] = { {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ {NID_X25519, 128, TLS_CURVE_CUSTOM}, /* X25519 (29) */ +#ifndef OPENSSL_NO_GMTLS + {NID_sm2p256v1, 128, TLS_CURVE_PRIME}, /* sm2p256v1 (30) */ +#endif }; static const unsigned char ecformats_default[] = { @@ -170,6 +192,9 @@ static const unsigned char ecformats_default[] = { /* The default curves */ static const unsigned char eccurves_default[] = { +#ifndef OPENSSL_NO_GMTLS + 0, 30, /* sm2p256v1 (30) */ +#endif 0, 29, /* X25519 (29) */ 0, 23, /* secp256r1 (23) */ 0, 25, /* secp521r1 (25) */ @@ -320,6 +345,11 @@ int tls1_shared_curve(SSL *s, int nmatch) size_t num_pref, num_supp, i, j; int k; +#ifndef OPENSSL_NO_GMTLS_METHOD + if (s->method->version == GMTLS_VERSION) + return NID_sm2p256v1; +#endif + /* Can't do anything on client side */ if (s->server == 0) return -1; @@ -364,7 +394,6 @@ int tls1_shared_curve(SSL *s, int nmatch) continue; if (nmatch == k) { int id = (pref[0] << 8) | pref[1]; - return tls1_ec_curve_id2nid(id, NULL); } k++; @@ -408,7 +437,7 @@ int tls1_set_curves(unsigned char **pext, size_t *pextlen, return 1; } -# define MAX_CURVELIST 28 +# define MAX_CURVELIST 30 typedef struct { size_t nidcnt; @@ -608,9 +637,9 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) return 0; if (set_ee_md == 2) { if (check_md == NID_ecdsa_with_SHA256) - s->s3->tmp.md[SSL_PKEY_ECC] = EVP_sha256(); + s->s3->tmp.md[SSL_PKEY_ECC] = EVP_get_digestbynid(NID_sha256); else - s->s3->tmp.md[SSL_PKEY_ECC] = EVP_sha384(); + s->s3->tmp.md[SSL_PKEY_ECC] = EVP_get_digestbynid(NID_sha384); } } return rv; @@ -693,13 +722,16 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md) tlsext_sigalg_ecdsa(md) static const unsigned char tls12_sigalgs[] = { +#ifndef OPENSSL_NO_GMTLS_METHOD + TLSEXT_hash_sm3, TLSEXT_signature_sm2sign, +#endif tlsext_sigalg(TLSEXT_hash_sha512) - tlsext_sigalg(TLSEXT_hash_sha384) - tlsext_sigalg(TLSEXT_hash_sha256) - tlsext_sigalg(TLSEXT_hash_sha224) - tlsext_sigalg(TLSEXT_hash_sha1) + tlsext_sigalg(TLSEXT_hash_sha384) + tlsext_sigalg(TLSEXT_hash_sha256) + tlsext_sigalg(TLSEXT_hash_sha224) + tlsext_sigalg(TLSEXT_hash_sha1) #ifndef OPENSSL_NO_GOST - TLSEXT_hash_gostr3411, TLSEXT_signature_gostr34102001, + TLSEXT_hash_gostr3411, TLSEXT_signature_gostr34102001, TLSEXT_hash_gostr34112012_256, TLSEXT_signature_gostr34102012_256, TLSEXT_hash_gostr34112012_512, TLSEXT_signature_gostr34102012_512 #endif @@ -708,7 +740,7 @@ static const unsigned char tls12_sigalgs[] = { #ifndef OPENSSL_NO_EC static const unsigned char suiteb_sigalgs[] = { tlsext_sigalg_ecdsa(TLSEXT_hash_sha256) - tlsext_sigalg_ecdsa(TLSEXT_hash_sha384) + tlsext_sigalg_ecdsa(TLSEXT_hash_sha384) }; #endif size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs) @@ -2724,6 +2756,10 @@ void ssl_set_default_md(SSL *s) #ifndef OPENSSL_NO_EC pmd[SSL_PKEY_ECC] = ssl_md(SSL_MD_SHA1_IDX); #endif +#ifndef OPENSSL_NO_GMTSL + pmd[SSL_PKEY_SM2_SIGN] = ssl_md(SSL_MD_SM3_IDX); + pmd[SSL_PKEY_SM2_ENC] = ssl_md(SSL_MD_SM3_IDX); +#endif #ifndef OPENSSL_NO_GOST pmd[SSL_PKEY_GOST01] = ssl_md(SSL_MD_GOST94_IDX); pmd[SSL_PKEY_GOST12_256] = ssl_md(SSL_MD_GOST12_256_IDX); @@ -2897,8 +2933,10 @@ int ssl_check_serverhello_tlsext(SSL *s) int ssl_parse_serverhello_tlsext(SSL *s, PACKET *pkt) { int al = -1; + if (s->version < SSL3_VERSION) return 1; + if (ssl_scan_serverhello_tlsext(s, pkt, &al) <= 0) { ssl3_send_alert(s, SSL3_AL_FATAL, al); return 0; @@ -2967,8 +3005,13 @@ int tls_check_serverhello_tlsext_early(SSL *s, const PACKET *ext, * If tickets disabled behave as if no ticket present to permit stateful * resumption. */ +#ifndef OPENSSL_NO_GMTLS_METHOD + if ((s->version <= SSL3_VERSION) && (s->version != GMTLS_VERSION)) + return 0; +#else if ((s->version <= SSL3_VERSION)) return 0; +#endif if (!PACKET_get_net_2(&local_ext, &i)) { retv = 0; @@ -3108,6 +3151,12 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, if (rv == 2) renew_ticket = 1; } else { + const EVP_CIPHER *cipher; +#ifndef OPENSSL_NO_AES + cipher = EVP_aes_256_cbc(); +#else + cipher = EVP_sms4_cbc(); +#endif /* Check key name matches */ if (memcmp(etick, tctx->tlsext_tick_key_name, sizeof(tctx->tlsext_tick_key_name)) != 0) { @@ -3116,8 +3165,8 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, } if (HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key, sizeof(tctx->tlsext_tick_hmac_key), - EVP_sha256(), NULL) <= 0 - || EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, + EVP_get_digestbynid(NID_sha256), NULL) <= 0 + || EVP_DecryptInit_ex(ctx, cipher, NULL, tctx->tlsext_tick_aes_key, etick + sizeof(tctx->tlsext_tick_key_name)) <= 0) { @@ -3215,12 +3264,19 @@ static const tls12_lookup tls12_md[] = { {NID_id_GostR3411_94, TLSEXT_hash_gostr3411}, {NID_id_GostR3411_2012_256, TLSEXT_hash_gostr34112012_256}, {NID_id_GostR3411_2012_512, TLSEXT_hash_gostr34112012_512}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {NID_sm3, TLSEXT_hash_sm3}, +#endif }; static const tls12_lookup tls12_sig[] = { {EVP_PKEY_RSA, TLSEXT_signature_rsa}, {EVP_PKEY_DSA, TLSEXT_signature_dsa}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {EVP_PKEY_EC, TLSEXT_signature_sm2sign}, +#else {EVP_PKEY_EC, TLSEXT_signature_ecdsa}, +#endif {NID_id_GostR3410_2001, TLSEXT_signature_gostr34102001}, {NID_id_GostR3410_2012_256, TLSEXT_signature_gostr34102012_256}, {NID_id_GostR3410_2012_512, TLSEXT_signature_gostr34102012_512} @@ -3257,6 +3313,7 @@ int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md) sig_id = tls12_get_sigid(pk); if (sig_id == -1) return 0; +printf("%s %d: md_id = %d, sig_id = %d\n", __FILE__, __LINE__, md_id, sig_id); p[0] = (unsigned char)md_id; p[1] = (unsigned char)sig_id; return 1; @@ -3286,6 +3343,9 @@ static const tls12_hash_info tls12_md_info[] = { TLSEXT_hash_gostr34112012_256}, {NID_id_GostR3411_2012_512, 256, SSL_MD_GOST12_512_IDX, TLSEXT_hash_gostr34112012_512}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {NID_sm3, 128, SSL_MD_SM3_IDX, TLSEXT_hash_sm3}, +#endif }; static const tls12_hash_info *tls12_get_hash_info(unsigned char hash_alg) @@ -3328,6 +3388,10 @@ static int tls12_get_pkey_idx(unsigned char sig_alg) case TLSEXT_signature_ecdsa: return SSL_PKEY_ECC; #endif +# ifndef OPENSSL_NO_GMTLS_METHOD + case TLSEXT_signature_sm2sign: + return SSL_PKEY_SM2_SIGN; +# endif #ifndef OPENSSL_NO_GOST case TLSEXT_signature_gostr34102001: return SSL_PKEY_GOST01; @@ -3391,6 +3455,9 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) const unsigned char *sigalgs; size_t i, sigalgslen; int have_rsa = 0, have_dsa = 0, have_ecdsa = 0; +#ifndef OPENSSL_NO_GMTLS + int have_sm2sign = 0; +#endif /* * Now go through all signature algorithms seeing if we support any for * RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2. To keep @@ -3416,6 +3483,13 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) if (!have_ecdsa && tls12_sigalg_allowed(s, op, sigalgs)) have_ecdsa = 1; break; +#endif +#ifndef OPENSSL_NO_GMTLS + case TLSEXT_signature_sm2sign: + if (!have_sm2sign && tls12_sigalg_allowed(s, op, sigalgs)) + have_sm2sign = 1; + break; + // SM9 #endif } } @@ -3425,6 +3499,10 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) *pmask_a |= SSL_aDSS; if (!have_ecdsa) *pmask_a |= SSL_aECDSA; +#ifndef OPENSSL_NO_GMTLS + if (!have_sm2sign) + *pmask_a |= SSL_aSM2; +#endif } size_t tls12_copy_sigalgs(SSL *s, unsigned char *out, @@ -3575,17 +3653,22 @@ int tls1_process_sigalgs(SSL *s) */ #ifndef OPENSSL_NO_DSA if (pmd[SSL_PKEY_DSA_SIGN] == NULL) - pmd[SSL_PKEY_DSA_SIGN] = EVP_sha1(); + //pmd[SSL_PKEY_DSA_SIGN] = EVP_sha1(); + pmd[SSL_PKEY_DSA_SIGN] = EVP_get_digestbynid(NID_sha1); #endif #ifndef OPENSSL_NO_RSA if (pmd[SSL_PKEY_RSA_SIGN] == NULL) { - pmd[SSL_PKEY_RSA_SIGN] = EVP_sha1(); - pmd[SSL_PKEY_RSA_ENC] = EVP_sha1(); + pmd[SSL_PKEY_RSA_SIGN] = EVP_get_digestbynid(NID_sha1); + pmd[SSL_PKEY_RSA_ENC] = EVP_get_digestbynid(NID_sha1); } #endif #ifndef OPENSSL_NO_EC if (pmd[SSL_PKEY_ECC] == NULL) - pmd[SSL_PKEY_ECC] = EVP_sha1(); + pmd[SSL_PKEY_ECC] = EVP_get_digestbynid(NID_sha1); +#endif +#ifndef OPENSSL_NO_GMTLS + if (pmd[SSL_PKEY_SM2_SIGN] == NULL) + pmd[SSL_PKEY_SM2_SIGN] = EVP_get_digestbynid(NID_sm3); #endif #ifndef OPENSSL_NO_GOST if (pmd[SSL_PKEY_GOST01] == NULL) @@ -3878,6 +3961,18 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, default_nid = NID_ecdsa_with_SHA1; break; +#ifndef OPENSSL_NO_GMTLS_METHOD + case SSL_PKEY_SM2_ENC: + rsign = TLSEXT_signature_sm2sign; + default_nid = NID_sm2sign_with_sm3; + break; +#endif +#ifndef OPENSSL_NO_GMTLS + case SSL_PKEY_SM2_SIGN: + rsign = TLSEXT_signature_sm2sign; + default_nid = NID_sm2sign_with_sm3; + break; +#endif case SSL_PKEY_GOST01: rsign = TLSEXT_signature_gostr34102001; default_nid = NID_id_GostR3411_94_with_GostR3410_2001; @@ -4055,6 +4150,9 @@ void tls1_set_cert_validity(SSL *s) tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST01); tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_256); tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512); +#ifndef OPENSSL_NO_GMTLS + tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_SM2_SIGN); +#endif } /* User level utiity function to check a chain is suitable */ diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 4577f038..4e334f69 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -61,6 +61,9 @@ static ssl_trace_tbl ssl_version_tbl[] = { {TLS1_VERSION, "TLS 1.0"}, {TLS1_1_VERSION, "TLS 1.1"}, {TLS1_2_VERSION, "TLS 1.2"}, +#ifndef OPENSSL_NO_GMTLS_VERSION + {GMTLS_VERSION, "GMTLS 1.1"}, +#endif {DTLS1_VERSION, "DTLS 1.0"}, {DTLS1_2_VERSION, "DTLS 1.2"}, {DTLS1_BAD_VER, "DTLS 1.0 (bad)"} @@ -422,8 +425,53 @@ static ssl_trace_tbl ssl_ciphers_tbl[] = { {0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305"}, {0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305"}, {0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305"}, +#ifndef OPENSSL_NO_GMTLS_METHOD +# if 1 /* GM/T 0024 official names */ + {0xE001, "GMT_ECDHE_SM1_SM3"}, + {0xE003, "GMT_ECC_SM1_SM3"}, + {0xE005, "GMT_IBSDH_SM1_SM3"}, + {0xE007, "GMT_IBC_SM1_SM3"}, + {0xE009, "GMT_RSA_SM1_SM3"}, + {0xE00A, "GMT_RSA_SM1_SHA1"}, + {0xE011, "GMT_ECDHE_SM4_SM3"}, + {0xE013, "GMT_ECC_SM4_SM3"}, + {0xE015, "GMT_IBSDH_SM4_SM3"}, + {0xE017, "GMT_IBC_SM4_SM3"}, + {0xE019, "GMT_RSA_SM4_SM3"}, + {0xE01A, "GMT_RSA_SM4_SHA1"}, +# else + /* GM/T [SM2DHE|SM2|SM9DHE|SM9|RSA]-WITH-[SM1|SMS4]-[SM3|SHA1] */ + {0xE001, "GMTLS_SM2DHE_WITH_SM1_SM3"}, + {0xE003, "GMTLS_SM2_WITH_SM1_SM3"}, + {0xE005, "GMTLS_SM9DHE_WITH_SM1_SM3"}, + {0xE007, "GMTLS_SM9_WITH_SM1_SM3"}, + {0xE009, "GMTLS_RSA_WITH_SM1_SM3"}, + {0xE00A, "GMTLS_RSA_WITH_SM1_SHA1"}, + {0xE011, "GMTLS_SM2DHE_WITH_SMS4_SM3"}, + {0xE013, "GMTLS_SM2_WITH_SMS4_SM3"}, + {0xE015, "GMTLS_SM9DHE_WITH_SMS4_SM3"}, + {0xE017, "GMTLS_SM9_WITH_SMS4_SM3"}, + {0xE019, "GMTLS_RSA_WITH_SMS4_SM3"}, + {0xE01A, "GMTLS_RSA_WITH_SMS4_SHA1"}, +# endif + /* ECDHE-SM2-WITH-[SM1|SMS4|SSF33]-[SM3|SHA256] */ + {0xE101, "GMTLS_ECDHE_SM2_WITH_SM1_SM3"}, + {0xE102, "GMTLS_ECDHE_SM2_WITH_SMS4_SM3"}, + {0xE103, "GMTLS_ECDHE_SM2_WITH_SSF33_SM3"}, + {0xE104, "GMTLS_ECDHE_SM2_WITH_SM1_SHA256"}, + {0xE105, "GMTLS_ECDHE_SM2_WITH_SMS4_SHA256"}, + {0xE106, "GMTLS_ECDHE_SM2_WITH_SSF33_SHA256"}, + /* ECDHE-SM2-WITH-SMS4-[GCM|CCM|CCM-8]-[SM3|SHA256] */ + {0xE107, "GMTLS_ECDHE_SM2_WITH_SMS4_GCM_SM3"}, + {0xE108, "GMTLS_ECDHE_SM2_WITH_SMS4_CCM_SM3"}, + {0xE109, "GMTLS_ECDHE_SM2_WITH_SMS4_CCM_8_SM3"}, + {0xE10A, "GMTLS_ECDHE_SM2_WITH_SMS4_GCM_SHA256"}, + {0xE10B, "GMTLS_ECDHE_SM2_WITH_SMS4_CCM_SHA256"}, + {0xE10C, "GMTLS_ECDHE_SM2_WITH_SMS4_CCM_8_SHA256"}, +#endif {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, + }; /* Compression methods */ @@ -491,6 +539,9 @@ static ssl_trace_tbl ssl_curve_tbl[] = { {27, "brainpoolP384r1"}, {28, "brainpoolP512r1"}, {29, "ecdh_x25519"}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {30, "sm2p256v1"}, +#endif {0xFF01, "arbitrary_explicit_prime_curves"}, {0xFF02, "arbitrary_explicit_char2_curves"} }; @@ -509,6 +560,9 @@ static ssl_trace_tbl ssl_md_tbl[] = { {TLSEXT_hash_sha256, "sha256"}, {TLSEXT_hash_sha384, "sha384"}, {TLSEXT_hash_sha512, "sha512"}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {TLSEXT_hash_sm3, "sm3"}, +#endif {TLSEXT_hash_gostr3411, "md_gost94"}, {TLSEXT_hash_gostr34112012_256, "md_gost2012_256"}, {TLSEXT_hash_gostr34112012_512, "md_gost2012_512"} @@ -519,6 +573,9 @@ static ssl_trace_tbl ssl_sig_tbl[] = { {TLSEXT_signature_rsa, "rsa"}, {TLSEXT_signature_dsa, "dsa"}, {TLSEXT_signature_ecdsa, "ecdsa"}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {TLSEXT_signature_sm2sign, "sm2sign"}, +#endif {TLSEXT_signature_gostr34102001, "gost2001"}, {TLSEXT_signature_gostr34102012_256, "gost2012_256"}, {TLSEXT_signature_gostr34102012_512, "gost2012_512"} @@ -542,6 +599,9 @@ static ssl_trace_tbl ssl_ctype_tbl[] = { {5, "rsa_ephemeral_dh"}, {6, "dss_ephemeral_dh"}, {20, "fortezza_dms"}, +#ifndef OPENSSL_NO_GMTLS_METHOD + {7, "sm2_sign"}, +#endif {64, "ecdsa_sign"}, {65, "rsa_fixed_ecdh"}, {66, "ecdsa_fixed_ecdh"} @@ -898,6 +958,28 @@ static int ssl_get_keyex(const char **pname, SSL *ssl) *pname = "GOST"; return SSL_kGOST; } +#ifndef OPENSSL_NO_GMTLS + if (alg_k & SSL_kSM2) { + *pname = "SM2"; + return SSL_kSM2; + } + if (alg_k & SSL_kSM2DHE) { + *pname = "SM2DHE"; + return SSL_kSM2DHE; + } + if (alg_k & SSL_kSM2PSK) { + *pname = "SM2PSK"; + return SSL_kSM2PSK; + } + if (alg_k & SSL_kSM9) { + *pname = "SM9"; + return SSL_kSM9; + } + if (alg_k & SSL_kSM9DHE) { + *pname = "SM9DHE"; + return SSL_kSM9DHE; + } +#endif *pname = "UNKNOWN"; return 0; } @@ -941,6 +1023,25 @@ static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl, return 0; break; +#ifndef OPENSSL_NO_GMTLS + case SSL_kSM2: + case SSL_kSM9: + if (!ssl_print_hexbuf(bio, indent + 2, + "EncyptedPreMasterSecret", 2, &msg, &msglen)) + return 0; + break; + + case SSL_kSM2DHE: + case SSL_kSM2PSK: + if (!ssl_print_hexbuf(bio, indent + 2, "sm2_Yc", 1, &msg, &msglen)) + return 0; + break; + + case SSL_kSM9DHE: + if (!ssl_print_hexbuf(bio, indent + 2, "sm9_Yc", 1, &msg, &msglen)) + return 0; + break; +#endif } return !msglen; @@ -982,6 +1083,10 @@ static int ssl_print_server_keyex(BIO *bio, int indent, SSL *ssl, # ifndef OPENSSL_NO_EC case SSL_kECDHE: case SSL_kECDHEPSK: +# ifndef OPENSSL_NO_GMTLS + case SSL_kSM2DHE: + case SSL_kSM2PSK: +# endif if (msglen < 1) return 0; BIO_indent(bio, indent + 2, 80); diff --git a/test/a.out b/test/a.out deleted file mode 100755 index 2a480b68..00000000 Binary files a/test/a.out and /dev/null differ diff --git a/test/build.info b/test/build.info index 6df80f22..0f2723ee 100644 --- a/test/build.info +++ b/test/build.info @@ -17,7 +17,7 @@ IF[{- !$disabled{tests} -}] dtlsv1listentest ct_test threadstest afalgtest d2i_test \ ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ - sm3test sms4test kdf2test eciestest ffxtest sm2test sm2evptest \ + sm3test sms4test kdf2test eciestest ffxtest sm2test \ pailliertest cpktest otptest gmapitest ec2test \ bfibetest bb1ibetest sm9test \ saftest sdftest skftest softest zuctest \ @@ -312,10 +312,6 @@ IF[{- !$disabled{tests} -}] INCLUDE[sm2test]=../include DEPEND[sm2test]=../libcrypto - SOURCE[sm2evptest]=sm2evptest.c - INCLUDE[sm2evptest]=../include - DEPEND[sm2evptest]=../libcrypto - SOURCE[pailliertest]=pailliertest.c INCLUDE[pailliertest]=../include DEPEND[pailliertest]=../libcrypto diff --git a/test/msb-f.msblob b/test/msb-f.msblob new file mode 100644 index 00000000..426df280 Binary files /dev/null and b/test/msb-f.msblob differ diff --git a/test/msb-f.p b/test/msb-f.p new file mode 100644 index 00000000..bee2b95e --- /dev/null +++ b/test/msb-f.p @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6diz +WW3DwaffznyHGAFwUJ/ITv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/test/msb-ff.dd b/test/msb-ff.dd new file mode 100644 index 00000000..26f3de40 Binary files /dev/null and b/test/msb-ff.dd differ diff --git a/test/msb-ff.dmsblob b/test/msb-ff.dmsblob new file mode 100644 index 00000000..426df280 Binary files /dev/null and b/test/msb-ff.dmsblob differ diff --git a/test/msb-ff.dp b/test/msb-ff.dp new file mode 100644 index 00000000..bee2b95e --- /dev/null +++ b/test/msb-ff.dp @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6diz +WW3DwaffznyHGAFwUJ/ITv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/test/msb-ff.msblobd b/test/msb-ff.msblobd new file mode 100644 index 00000000..26f3de40 Binary files /dev/null and b/test/msb-ff.msblobd differ diff --git a/test/msb-ff.msblobmsblob b/test/msb-ff.msblobmsblob new file mode 100644 index 00000000..426df280 Binary files /dev/null and b/test/msb-ff.msblobmsblob differ diff --git a/test/msb-ff.msblobp b/test/msb-ff.msblobp new file mode 100644 index 00000000..bee2b95e --- /dev/null +++ b/test/msb-ff.msblobp @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6diz +WW3DwaffznyHGAFwUJ/ITv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/test/msb-ff.pd b/test/msb-ff.pd new file mode 100644 index 00000000..26f3de40 Binary files /dev/null and b/test/msb-ff.pd differ diff --git a/test/msb-ff.pp b/test/msb-ff.pp new file mode 100644 index 00000000..bee2b95e --- /dev/null +++ b/test/msb-ff.pp @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6diz +WW3DwaffznyHGAFwUJ/ITv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/test/msb-fff.p b/test/msb-fff.p new file mode 100644 index 00000000..bee2b95e --- /dev/null +++ b/test/msb-fff.p @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6diz +WW3DwaffznyHGAFwUJ/ITv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/test/recipes/15-test_sm2.t b/test/recipes/15-test_sm2.t index cd69aab0..bc557f43 100644 --- a/test/recipes/15-test_sm2.t +++ b/test/recipes/15-test_sm2.t @@ -10,4 +10,3 @@ use OpenSSL::Test::Simple; simple_test("test_sm2", "sm2test", "sm2"); -simple_test("test_sm2evp", "sm2evptest", "sm2"); diff --git a/test/sdf_dummy.c b/test/sdf_dummy.c deleted file mode 100644 index 80f824c9..00000000 --- a/test/sdf_dummy.c +++ /dev/null @@ -1,645 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -/* Dummy SDF Library - * - * This is the **dummy** implementation of the SDF API, used by the SDF - * ENGINE for compiling and basic testing. For products this should be - * replaced by the library provided by hardware vendors. - * - * Design principles: - * 1. All the functions of this dummy library will return success, which - * is `SDR_OK`. - * 2. If there are return value pointers, such as handles, output length - * or generated key data types, the output will be filled with valid - * data. Such that the caller can parse these data without errors. - * 3. The implementation should not relay on any other libraries, source - * files or header files except the `sdf.h`. - */ - -#include -#include -#include -#include -#include - -static char *deviceHandle = "SDF Device Handle"; -static char *sessionHandle = "SDF Session Handle"; -static char *keyHandle = "SDF Key Handle"; -static char *agreementHandle = "SDF Agreement Handle"; -static int hashAlgor; -/* -static unsigned char certificate[] = { - 0x03, 0x04, -}; -*/ - -static unsigned char rsaPublicKey[] = { - 0x03, 0x04, -}; - -static unsigned char rsaPrivateKey[] = { - 0x03, 0x04, -}; - -static unsigned char ecPublicKey[] = { - 0x03, 0x04, -}; - -static unsigned char ecPrivateKey[] = { - 0x03, 0x04, -}; - -static unsigned char ecCiphertext[] = { - 0x03, -}; - -static unsigned char ecSignature[] = { - 0x03, -}; - -/* 6.2.1 */ -int SDF_OpenDevice( - void **phDeviceHandle) -{ - *phDeviceHandle = deviceHandle; - return SDR_OK; -} - -/* 6.2.2 */ -int SDF_CloseDevice( - void *hDeviceHandle) -{ - return SDR_OK; -} - -/* 6.2.3 */ -int SDF_OpenSession( - void *hDeviceHandle, - void **phSessionHandle) -{ - *phSessionHandle = sessionHandle; - return SDR_OK; -} - -/* 6.2.4 */ -int SDF_CloseSession( - void *hSessionHandle) -{ - return SDR_OK; -} - -/* 6.2.5 */ -int SDF_GetDeviceInfo( - void *hSessionHandle, - DEVICEINFO *pstDeviceInfo) -{ - memset(pstDeviceInfo, 0, sizeof(*pstDeviceInfo)); - strcpy((char *)pstDeviceInfo->IssuerName, "GmSSL"); - strcpy((char *)pstDeviceInfo->DeviceName, "Dummy SDF"); - strcpy((char *)pstDeviceInfo->DeviceSerial, "000001"); - pstDeviceInfo->DeviceVersion = 2; - pstDeviceInfo->StandardVersion = 1; - pstDeviceInfo->AsymAlgAbility[0] = SGD_RSA|SGD_SM2_1; - pstDeviceInfo->AsymAlgAbility[1] = SGD_RSA|SGD_SM2_3; - pstDeviceInfo->SymAlgAbility = SGD_SM1|SGD_SSF33|SGD_SM4|SGD_ZUC; - pstDeviceInfo->HashAlgAbility = SGD_SM3|SGD_SHA1|SGD_SHA256; - pstDeviceInfo->BufferSize = 0; - return SDR_OK; -} - -/* 6.2.6 */ -int SDF_GenerateRandom( - void *hSessionHandle, - unsigned int uiLength, - unsigned char *pucRandom) -{ - memset(pucRandom, 'R', uiLength); - return SDR_OK; -} - -/* 6.2.7 */ -int SDF_GetPrivateKeyAccessRight( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucPassword, - unsigned int uiPwdLength) -{ - return SDR_OK; -} - -/* 6.2.8 */ -int SDF_ReleasePrivateKeyAccessRight( - void *hSessionHandle, - unsigned int uiKeyIndex) -{ - return SDR_OK; -} - -/* 6.3.1 */ -int SDF_ExportSignPublicKey_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey) -{ - memcpy(pucPublicKey, rsaPublicKey, sizeof(*pucPublicKey)); - return SDR_OK; -} - -/* 6.3.2 */ -int SDF_ExportEncPublicKey_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey) -{ - memcpy(pucPublicKey, rsaPublicKey, sizeof(*pucPublicKey)); - return SDR_OK; -} - -/* 6.3.3 */ -int SDF_GenerateKeyPair_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - RSArefPrivateKey *pucPrivateKey) -{ - memcpy(pucPublicKey, rsaPublicKey, sizeof(*pucPublicKey)); - memcpy(pucPrivateKey, rsaPrivateKey, sizeof(*pucPrivateKey)); - return SDR_OK; -} - -/* 6.3.4 */ -int SDF_GenerateKeyWithIPK_RSA( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned int uiKeyBits, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.5 */ -int SDF_GenerateKeyWithEPK_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.6 */ -int SDF_ImportKeyWithISK_RSA( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned char *pucKey, - unsigned int uiKeyLength, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.7 */ -int SDF_ExchangeDigitEnvelopeBaseOnRSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDEInput, - unsigned int uiDELength, - unsigned char *pucDEOutput, - unsigned int *puiDELength) -{ - *puiDELength = 256; // correct? - return SDR_OK; -} - -/* 6.3.8 */ -int SDF_ExportSignPublicKey_ECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - ECCrefPublicKey *pucPublicKey) -{ - memcpy(pucPublicKey, ecPublicKey, sizeof(*pucPublicKey)); - return SDR_OK; -} - -/* 6.3.9 */ -int SDF_ExportEncPublicKey_ECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - ECCrefPublicKey *pucPublicKey) -{ - memcpy(pucPublicKey, ecPublicKey, sizeof(*pucPublicKey)); - return SDR_OK; -} -/* 6.3.10 */ -int SDF_GenerateKeyPair_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKeyBits, - ECCrefPublicKey *pucPublicKey, - ECCrefPrivateKey *pucPrivateKey) -{ - memcpy(pucPublicKey, ecPublicKey, sizeof(*pucPublicKey)); - memcpy(pucPrivateKey, ecPrivateKey, sizeof(*pucPrivateKey)); - return SDR_OK; -} - -/* 6.3.11 */ -int SDF_GenerateKeyWithIPK_ECC( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned int uiKeyBits, - ECCCipher *pucKey, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.12 */ -int SDF_GenerateKeyWithEPK_ECC( - void *hSessionHandle, - unsigned int uiKeyBits, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucKey, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.13 */ -int SDF_ImportKeyWithISK_ECC( - void *hSessionHandle, - unsigned int uiISKIndex, - ECCCipher *pucKey, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.14 */ -int SDF_GenerateAgreementDataWithECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned int uiKeyBits, - unsigned char *pucSponsorID, - unsigned int uiSponsorIDLength, - ECCrefPublicKey *pucSponsorPublicKey, - ECCrefPublicKey *pucSponsorTmpPublicKey, - void **phAgreementHandle) -{ - *phAgreementHandle = agreementHandle; - return SDR_OK; -} - -/* 6.3.15 */ -int SDF_GenerateKeyWithECC( - void *hSessionHandle, - unsigned char *pucResponseID, - unsigned int uiResponseIDLength, - ECCrefPublicKey *pucResponsePublicKey, - ECCrefPublicKey *pucResponseTmpPublicKey, - void *hAgreementHandle, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.16 */ -int SDF_GenerateAgreementDataAndKeyWithECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned int uiKeyBits, - unsigned char *pucResponseID, - unsigned int uiResponseIDLength, - unsigned char *pucSponsorID, - unsigned int uiSponsorIDLength, - ECCrefPublicKey *pucSponsorPublicKey, - ECCrefPublicKey *pucSponsorTmpPublicKey, - ECCrefPublicKey *pucResponsePublicKey, - ECCrefPublicKey *pucResponseTmpPublicKey, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.17 */ -int SDF_ExchangeDigitEnvelopeBaseOnECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucEncDataIn, - ECCCipher *pucEncDataOut) -{ - return SDR_OK; -} - -/* 6.3.18 */ -int SDF_GenerateKeyWithKEK( - void *hSessionHandle, - unsigned int uiKeyBits, - unsigned int uiAlgID, - unsigned int uiKEKIndex, - unsigned char *pucKey, - unsigned int *puiKeyLength, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.19 */ -int SDF_ImportKeyWithKEK( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKEKIndex, - unsigned char *pucKey, - unsigned int uiKeyLength, - void **phKeyHandle) -{ - *phKeyHandle = keyHandle; - return SDR_OK; -} - -/* 6.3.20 */ -int SDF_DestroyKey( - void *hSessionHandle, - void *hKeyHandle) -{ - return SDR_OK; -} - -/* 6.4.1 */ -int SDF_ExternalPublicKeyOperation_RSA( - void *hSessionHandle, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - *puiOutputLength = 2048/8; - return SDR_OK; -} - -/* 6.4.2 */ -int SDF_ExternalPrivateKeyOperation_RSA( - void *hSessionHandle, - RSArefPrivateKey *pucPrivateKey, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - *puiOutputLength = 2048/8; - return SDR_OK; -} - -/* 6.4.3 */ -int SDF_InternalPrivateKeyOperation_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucDataInput, - unsigned int uiInputLength, - unsigned char *pucDataOutput, - unsigned int *puiOutputLength) -{ - *puiOutputLength = 2048/8; - return SDR_OK; -} - -/* 6.4.4 */ -int SDF_ExternalVerify_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucDataInput, - unsigned int uiInputLength, - ECCSignature *pucSignature) -{ - return SDR_OK; -} - -/* 6.4.5 */ -int SDF_InternalSign_ECC( - void *hSessionHandle, - unsigned int uiISKIndex, - unsigned char *pucData, - unsigned int uiDataLength, - ECCSignature *pucSignature) -{ - memcpy(pucSignature, ecSignature, sizeof(*pucSignature)); - return SDR_OK; -} - -/* 6.4.6 */ -int SDF_InternalVerify_ECC( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned char *pucData, - unsigned int uiDataLength, - ECCSignature *pucSignature) -{ - return SDR_OK; -} - -/* 6.4.7 */ -int SDF_ExternalEncrypt_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucData, - unsigned int uiDataLength, - ECCCipher *pucEncData) -{ - memcpy(pucEncData, ecCiphertext, sizeof(*pucEncData)); - return SDR_OK; -} - -/* 6.5.1 */ -int SDF_Encrypt( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucData, - unsigned int uiDataLength, - unsigned char *pucEncData, - unsigned int *puiEncDataLength) -{ - *puiEncDataLength = uiDataLength + 16; - return SDR_OK; -} - -/* 6.5.2 */ -int SDF_Decrypt( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucEncData, - unsigned int uiEncDataLength, - unsigned char *pucData, - unsigned int *puiDataLength) -{ - *puiDataLength = uiEncDataLength; - return SDR_OK; -} - -/* 6.5.3 */ -int SDF_CalculateMAC( - void *hSessionHandle, - void *hKeyHandle, - unsigned int uiAlgID, - unsigned char *pucIV, - unsigned char *pucData, - unsigned int uiDataLength, - unsigned char *pucMAC, - unsigned int *puiMACLength) -{ - *puiMACLength = 128/8; - return SDR_OK; -} - -/* 6.6.1 */ -int SDF_HashInit( - void *hSessionHandle, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - unsigned char *pucID, - unsigned int uiIDLength) -{ - return SDR_OK; -} - -/* 6.6.2 */ -int SDF_HashUpdate( - void *hSessionHandle, - unsigned char *pucData, - unsigned int uiDataLength) -{ - return SDR_OK; -} - -/* 6.6.3 */ -int SDF_HashFinal(void *hSessionHandle, - unsigned char *pucHash, - unsigned int *puiHashLength) -{ - switch (hashAlgor) { - case SGD_SM3: - *puiHashLength = 256/8; - break; - case SGD_SHA1: - *puiHashLength = 160/8; - break; - case SGD_SHA256: - *puiHashLength = 256/8; - break; - } - return SDR_OK; -} - -/* 6.7.1 */ -int SDF_CreateFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiFileSize) -{ - return SDR_OK; -} - -/* 6.7.2 */ -int SDF_ReadFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiOffset, - unsigned int *puiReadLength, - unsigned char *pucBuffer) -{ - // return a certificate - return SDR_OK; -} - -/* 6.7.3 */ -int SDF_WriteFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen, - unsigned int uiOffset, - unsigned int uiWriteLength, - unsigned char *pucBuffer) -{ - return SDR_OK; -} - -/* 6.7.4 */ -int SDF_DeleteFile( - void *hSessionHandle, - unsigned char *pucFileName, - unsigned int uiNameLen) -{ - return SDR_OK; -} diff --git a/test/sdftest.c b/test/sdftest.c index c94bd755..527b7127 100644 --- a/test/sdftest.c +++ b/test/sdftest.c @@ -52,1075 +52,15 @@ #include #include "../e_os.h" -#ifdef OPENSSL_NO_GMAPI +#ifdef OPENSSL_NO_SDF int main(int argc, char **argv) { - printf("NO GMAPI support\n"); + printf("NO SDF support\n"); return 0; } #else - -/* - * We assume there are two key containers in the device. The first container - * with index 1 is the RSA key container, two key pairs inside. The second - * container with index 2 is the ECC key container. - * - * In this test we have 6 key pairs: - * 1. Generate RSA key pair - * 2. Generate ECC key pair - * 3. RSA signing key pair with index 1 - * 4. RSA encryption key pair with index 1 - * 5. ECC signing key pair with index 2 - * 6. ECC encryption key pair with index 2 - * - * We have 2 passwords to access public key container with index 1 and 2 - * - * We also have a token symmetric key with index 1. In SDF API the indexes of - * key pairs and symmetric keys are seperated. - * - * We have the following session keys, the key handles will also created. - * 1. Generate and encrypted with internal RSA public key 4 - * 2. Generate and encrypted with external RSA public key 1 - * 3. Generate and encrypted with internal ECC public key 6 - * 4. Generate and encrypted with external ECC public key 2 - * - * We will import (1) and (3) back to the device, we will have 2 extra handles. - * - */ - - -# include - -/* RSA Key Container */ -#ifndef RSA_KEY_INDEX -#define RSA_KEY_INDEX 1 -#endif -static unsigned int uiRSAKeyIndex = RSA_KEY_INDEX; -static unsigned char pucRSAPassword[] = "12345678"; -static unsigned int uiRSAPwdLength = sizeof(pucRSAPassword) - 1; - -/* ECC Key Container */ -#ifndef ECC_KEY_INDEX -#define ECC_KEY_INDEX 2 -#endif -static unsigned int uiECCKeyIndex = ECC_KEY_INDEX; -static unsigned char pucECCPassword[] = "12345678"; -static unsigned int uiECCPwdLength = sizeof(pucECCPassword) - 1; - -#ifndef KEK_INDEX -#define KEK_INDEX 1 -#endif -static unsigned int uiKEKIndex = KEK_INDEX; - -#define PRINT_ERRSTR(rv) \ - fprintf(stderr, "Error (%s %d): %s\n", __FILE__, __LINE__, \ - SDF_GetErrorString(rv)) - -static int test_sdf_gen_symkey_rsa(void *hSessionHandle, unsigned int uiRSAKeyIndex); -static int test_sdf_ecdh(void *hSessionHandle, unsigned int uiECCKeyIndex); -static int test_sdf_gen_symkey_ecc(void *hSessionHandle, unsigned int uiECCKeyIndex); -static int test_sdf_gen_symkey_ecc(void *hSessionHandle, unsigned int uiECCKeyIndex); -static int test_sdf_kek(void *hSessionHandle, unsigned int uiKEKIndex); -static int test_sdf_gen_keypair(void *hSessionHandle); -static int test_sdf_rsa(void *hSessionHandle, unsigned int uiRSAKeyIndex); -static int test_sdf_ec(void *hSessionHandle, unsigned int uiECCKeyIndex); -static int test_sdf_cipher(void *hSessionHandle, unsigned int uiKEKIndex); -static int test_sdf_hash(void *hSessionHandle, unsigned int uiECCKeyIndex); -static int test_sdf_file(void *hSessionHandle); - -int test_sdf(void) -{ - void *hDeviceHandle; - void *hSessionHandle; - - DEVICEINFO devInfo; - unsigned char buf[128]; - int rv; - - /* - * Open device and session - */ - - hDeviceHandle = NULL; - if ((rv = SDF_OpenDevice( - &hDeviceHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - hSessionHandle = NULL; - if ((rv = SDF_OpenSession( - hDeviceHandle, - &hSessionHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(&devInfo, 0, sizeof(devInfo)); - if ((rv = SDF_GetDeviceInfo( - hSessionHandle, - &devInfo)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - (void)SDF_PrintDeviceInfo(stdout, &devInfo); - - memset(buf, 0, sizeof(buf)); - if ((rv = SDF_GenerateRandom( - hSessionHandle, - sizeof(buf), - buf)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_GetPrivateKeyAccessRight( - hSessionHandle, - uiRSAKeyIndex, - pucRSAPassword, - uiRSAPwdLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_GetPrivateKeyAccessRight( - hSessionHandle, - uiECCKeyIndex, - pucECCPassword, - uiECCPwdLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if (!test_sdf_gen_symkey_rsa(hSessionHandle, uiRSAKeyIndex)) { - return 0; - } - if (!test_sdf_ecdh(hSessionHandle, uiECCKeyIndex)) { - return 0; - } - if (!test_sdf_gen_symkey_ecc(hSessionHandle, uiECCKeyIndex)) { - return 0; - } - if (!test_sdf_kek(hSessionHandle, uiKEKIndex)) { - return 0; - } - if (!test_sdf_gen_keypair(hSessionHandle)) { - return 0; - } - if (!test_sdf_rsa(hSessionHandle, uiRSAKeyIndex)) { - return 0; - } - if (!test_sdf_ec(hSessionHandle, uiECCKeyIndex)) { - return 0; - } - if (!test_sdf_cipher(hSessionHandle, uiKEKIndex)) { - return 0; - } - if (!test_sdf_hash(hSessionHandle, uiECCKeyIndex)) { - return 0; - } - if (!test_sdf_file(hSessionHandle)) { - return 0; - } - - if ((rv = SDF_ReleasePrivateKeyAccessRight( - hSessionHandle, - uiRSAKeyIndex)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_ReleasePrivateKeyAccessRight( - hSessionHandle, - uiECCKeyIndex)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_CloseSession( - hSessionHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_CloseDevice( - hDeviceHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - return 1; -} - -static int test_sdf_gen_symkey_rsa( - void *hSessionHandle, - unsigned int uiRSAKeyIndex) -{ - RSArefPublicKey rsaEncPublicKey; - unsigned int uiSM4KeyBits = 128; - unsigned char pucKey[2048/8]; - unsigned int uiKeyLength; - unsigned char pucKey2[2048/8]; - unsigned int uiKeyLength2; - void *hKeyHandle; - int rv; - - memset(pucKey, 0, sizeof(pucKey)); - uiKeyLength = sizeof(pucKey); - hKeyHandle = NULL; - - /* 6.3.4 */ - if ((rv = SDF_GenerateKeyWithIPK_RSA( - hSessionHandle, - uiRSAKeyIndex, - uiSM4KeyBits, - pucKey, - &uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - hKeyHandle = NULL; - - /* 6.3.6 */ - if ((rv = SDF_ImportKeyWithISK_RSA( - hSessionHandle, - uiRSAKeyIndex, - pucKey, - uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(&rsaEncPublicKey, 0, sizeof(rsaEncPublicKey)); - - if ((rv = SDF_ExportEncPublicKey_RSA( - hSessionHandle, - uiRSAKeyIndex, - &rsaEncPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(pucKey, 0, sizeof(pucKey)); - uiKeyLength = sizeof(pucKey); - hKeyHandle = NULL; - - /* 6.3.5 */ - if ((rv = SDF_GenerateKeyWithEPK_RSA( - hSessionHandle, - uiSM4KeyBits, - &rsaEncPublicKey, - pucKey, - &uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_ImportKeyWithISK_RSA( - hSessionHandle, - uiRSAKeyIndex, - pucKey, - uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(pucKey2, 0, sizeof(pucKey2)); - uiKeyLength2 = sizeof(pucKey2); - - /* 6.3.7 */ - if ((rv = SDF_ExchangeDigitEnvelopeBaseOnRSA( - hSessionHandle, - uiRSAKeyIndex, - &rsaEncPublicKey, - pucKey, - uiKeyLength, - pucKey2, - &uiKeyLength2)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - return 1; -} - -static int test_sdf_ecdh(void *hSessionHandle, unsigned int uiECCKeyIndex) -{ - ECCrefPublicKey sponsorPublicKey; - ECCrefPublicKey sponsorTmpPublicKey; - ECCrefPublicKey responsePublicKey; - ECCrefPublicKey responseTmpPublicKey; - unsigned char pucSponsorID[] = "Alice"; - unsigned int uiSponsorIDLength = sizeof(pucSponsorID) - 1; - unsigned char pucResponseID[] = "Bob"; - unsigned int uiResponseIDLength = sizeof(pucResponseID) - 1; - unsigned int uiSM4KeyBits = 128; - void *hAgreementHandle; - void *hKeyHandle; - int rv; - - memset(&sponsorPublicKey, 0, sizeof(sponsorPublicKey)); - memset(&sponsorTmpPublicKey, 0, sizeof(sponsorTmpPublicKey)); - hAgreementHandle = NULL; - - /* 6.3.14 */ - if ((rv = SDF_GenerateAgreementDataWithECC( - hSessionHandle, - uiECCKeyIndex, - uiSM4KeyBits * 4, /* encrypt/mac keys for 2 channels*/ - pucSponsorID, - uiSponsorIDLength, - &sponsorPublicKey, - &sponsorTmpPublicKey, - &hAgreementHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(&responsePublicKey, 0, sizeof(responsePublicKey)); - memset(&responseTmpPublicKey, 0, sizeof(responseTmpPublicKey)); - hKeyHandle = NULL; - - /* 6.3.16 */ - if ((rv = SDF_GenerateKeyWithECC( - hSessionHandle, - pucResponseID, - uiResponseIDLength, - &responsePublicKey, - &responseTmpPublicKey, - hAgreementHandle, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(&sponsorPublicKey, 0, sizeof(sponsorPublicKey)); - memset(&sponsorTmpPublicKey, 0, sizeof(sponsorTmpPublicKey)); - hAgreementHandle = NULL; - memset(&responsePublicKey, 0, sizeof(responsePublicKey)); - memset(&responseTmpPublicKey, 0, sizeof(responseTmpPublicKey)); - hKeyHandle = NULL; - - /* 6.3.16 */ - if ((rv = SDF_GenerateAgreementDataAndKeyWithECC( - hSessionHandle, - uiECCKeyIndex, - uiSM4KeyBits * 4, - pucResponseID, - uiResponseIDLength, - pucSponsorID, - uiSponsorIDLength, - &sponsorPublicKey, - &sponsorTmpPublicKey, - &responsePublicKey, - &responseTmpPublicKey, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.3.17 */ - /* - if ((rv = SDF_ExchangeDigitEnvelopeBaseECC( - hSession, - uiECCKeyIndex, - SGD_SM2_3, - &eccPublicKey, - (ECCCipher *)pucKeyIPKECC, - (ECCCipher *)pucKeyEPKECC)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - */ - return 1; -} - -static int test_sdf_gen_symkey_ecc(void *hSessionHandle, - unsigned int uiECCKeyIndex) -{ - ECCrefPublicKey eccEncPublicKey; - unsigned int uiSM4KeyBits = 128; - unsigned char pucKey[2048]; - void *hKeyHandle; - int rv; - - /* 6.3.11 */ - memset(pucKey, 0, sizeof(pucKey)); - hKeyHandle = NULL; - if ((rv = SDF_GenerateKeyWithIPK_ECC( - hSessionHandle, - uiECCKeyIndex, - uiSM4KeyBits, - (ECCCipher *)pucKey, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - hKeyHandle = NULL; - - /* 6.3.13 */ - if ((rv = SDF_ImportKeyWithISK_ECC( - hSessionHandle, - uiECCKeyIndex, - (ECCCipher *)pucKey, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - hKeyHandle = NULL; - - /* 6.3.8 */ - memset(&eccEncPublicKey, 0, sizeof(eccEncPublicKey)); - if ((rv = SDF_ExportEncPublicKey_ECC( - hSessionHandle, - uiECCKeyIndex, - &eccEncPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.3.12 */ - memset(pucKey, 0, sizeof(pucKey)); - hKeyHandle = NULL; - if ((rv = SDF_GenerateKeyWithEPK_ECC( - hSessionHandle, - uiSM4KeyBits, - SGD_SM2_3, - &eccEncPublicKey, - (ECCCipher *)pucKey, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - hKeyHandle = NULL; - - /* 6.3.13 */ - if ((rv = SDF_ImportKeyWithISK_ECC( - hSessionHandle, - uiECCKeyIndex, - (ECCCipher *)pucKey, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - hKeyHandle = NULL; - - return 1; -} - -static int test_sdf_kek(void *hSessionHandle, unsigned int uiKEKIndex) -{ - unsigned char pucKey[16]; - unsigned int uiKeyLength; - void *hKeyHandle; - int rv; - - memset(pucKey, 0, sizeof(pucKey)); - uiKeyLength = sizeof(pucKey); - hKeyHandle = NULL; - - /* 6.3.18 */ - if ((rv = SDF_GenerateKeyWithKEK( - hSessionHandle, - 128, /* generated symmetric key bits */ - SGD_SM4, /* is this usefule ? */ - uiKEKIndex, - pucKey, - &uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.3.20 */ - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - hKeyHandle = NULL; - - /* 6.3.19 */ - if ((rv = SDF_ImportKeyWithKEK( - hSessionHandle, - SGD_SM4, - uiKEKIndex, - pucKey, - uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.3.20 */ - if ((rv = SDF_DestroyKey( - hSessionHandle, - hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - return 1; -} - -static int test_sdf_gen_keypair(void *hSessionHandle) -{ - RSArefPublicKey rsaPublicKey; - RSArefPrivateKey rsaPrivateKey; - ECCrefPublicKey eccPublicKey; - ECCrefPrivateKey eccPrivateKey; - int rv; - - /* 6.3.3 */ - - /* 1024-bit RSA */ - memset(&rsaPublicKey, 0, sizeof(rsaPublicKey)); - memset(&rsaPrivateKey, 0, sizeof(rsaPrivateKey)); - - if ((rv = SDF_GenerateKeyPair_RSA( - hSessionHandle, - 1024, - &rsaPublicKey, - &rsaPrivateKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - printf("Generate 1024-bit RSA key pair success\n"); - printf("RSA Public Key:\n"); - (void)SDF_PrintRSAPublicKey(stdout, &rsaPublicKey); - printf("RSA Private Key:\n"); - (void)SDF_PrintRSAPrivateKey(stdout, &rsaPrivateKey); - - /* 2048-bit RSA */ - memset(&rsaPublicKey, 0, sizeof(rsaPublicKey)); - memset(&rsaPrivateKey, 0, sizeof(rsaPrivateKey)); - - if ((rv = SDF_GenerateKeyPair_RSA( - hSessionHandle, - 2048, - &rsaPublicKey, - &rsaPrivateKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - printf("Generate 2048-bit RSA key pair success\n"); - printf("RSA Public Key:\n"); - (void)SDF_PrintRSAPublicKey(stdout, &rsaPublicKey); - printf("RSA Private Key:\n"); - (void)SDF_PrintRSAPrivateKey(stdout, &rsaPrivateKey); - - /* 6.3.10 */ - memset(&eccPublicKey, 0, sizeof(eccPublicKey)); - memset(&eccPrivateKey, 0, sizeof(eccPrivateKey)); - if ((rv = SDF_GenerateKeyPair_ECC( - hSessionHandle, - SGD_SM2, - 256, - &eccPublicKey, - &eccPrivateKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - (void)SDF_PrintECCPublicKey(stdout, &eccPublicKey); - (void)SDF_PrintECCPrivateKey(stdout, &eccPrivateKey); - - return 1; -} - -static int test_sdf_rsa(void *hSessionHandle, unsigned int uiRSAKeyIndex) -{ - RSArefPublicKey rsaSignPublicKey; - RSArefPublicKey rsaEncPublicKey; - unsigned char pucData[] = "abc"; - unsigned int uiDataLength = sizeof(pucData) - 1; - unsigned char pucRSASignature[2048/8]; - unsigned int uiRSASignatureLength; - unsigned char pucOutputData[2048/8]; - unsigned int uiOutputLength; - int rv; - - memset(&rsaSignPublicKey, 0, sizeof(rsaSignPublicKey)); - memset(&rsaEncPublicKey, 0, sizeof(rsaEncPublicKey)); - - /* 6.3.2 */ - if ((rv = SDF_ExportEncPublicKey_RSA( - hSessionHandle, - uiRSAKeyIndex, - &rsaEncPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - (void)SDF_PrintRSAPublicKey(stdout, &rsaEncPublicKey); - - /* 6.2.7 */ - if ((rv = SDF_GetPrivateKeyAccessRight( - hSessionHandle, - uiRSAKeyIndex, - pucRSAPassword, - uiRSAPwdLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.4.3 */ - if ((rv = SDF_InternalPrivateKeyOperation_RSA( - hSessionHandle, - uiRSAKeyIndex, - pucData, - uiDataLength, - pucRSASignature, - &uiRSASignatureLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - memset(pucOutputData, 0, sizeof(pucOutputData)); - uiOutputLength = sizeof(pucOutputData); - - /* 6.4.1 */ - if ((rv = SDF_ExternalPublicKeyOperation_RSA( - hSessionHandle, - &rsaSignPublicKey, - pucRSASignature, - uiRSASignatureLength, - pucOutputData, - &uiOutputLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - // check output == orignal input - - memset(pucOutputData, 0, sizeof(pucOutputData)); - uiOutputLength = sizeof(pucOutputData); - - /* 6.4.2 */ - if ((rv = SDF_InternalPublicKeyOperation_RSA( - hSessionHandle, - uiRSAKeyIndex, - pucRSASignature, - uiRSASignatureLength, - pucOutputData, - &uiOutputLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - // check output == orignal input - return 1; -} - -static int test_sdf_ec(void *hSessionHandle, unsigned int uiECCKeyIndex) -{ - unsigned char pucData[] = "abc"; - unsigned int uiDataLength = sizeof(pucData) - 1; - ECCSignature eccSignature; - ECCrefPublicKey eccSignPublicKey; - ECCrefPublicKey eccEncPublicKey; - unsigned char pucEncData[2048]; - int rv; - - memset(&eccSignature, 0, sizeof(eccSignature)); - - /* 6.4.5 */ - if ((rv = SDF_InternalSign_ECC( - hSessionHandle, - uiECCKeyIndex, - pucData, - uiDataLength, - &eccSignature)) != SDR_OK) { - } - - /* 6.4.6 */ - if ((rv = SDF_InternalVerify_ECC( - hSessionHandle, - uiECCKeyIndex, - pucData, - uiDataLength, - &eccSignature)) != SDR_OK) { - } - - memset(&eccSignPublicKey, 0, sizeof(eccSignPublicKey)); - - /* 6.3.8 */ - if ((rv = SDF_ExportSignPublicKey_ECC( - hSessionHandle, - uiECCKeyIndex, - &eccSignPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - (void)SDF_PrintECCPublicKey(stdout, &eccSignPublicKey); - - /* 6.4.4 */ - if ((rv = SDF_ExternalVerify_ECC( - hSessionHandle, - SGD_SM2_1, - &eccSignPublicKey, - pucData, - uiDataLength, - &eccSignature)) != SDR_OK) { - } - - memset(&eccEncPublicKey, 0, sizeof(eccEncPublicKey)); - - /* 6.3.9 */ - if ((rv = SDF_ExportEncPublicKey_ECC( - hSessionHandle, - uiECCKeyIndex, - &eccEncPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - (void)SDF_PrintECCPublicKey(stdout, &eccEncPublicKey); - - memset(pucEncData, 0, sizeof(pucEncData)); - - /* 6.4.7 */ - if ((rv = SDF_ExternalEncrypt_ECC( - hSessionHandle, - SGD_SM2_3, - &eccEncPublicKey, - pucData, - uiDataLength, - (ECCCipher *)pucEncData)) != SDR_OK) { - } - - return 1; -} - -static int test_sdf_cipher(void *hSessionHandle, unsigned int uiKEKIndex) -{ - void *hKeyHandle; - unsigned char pucKey[2048]; - unsigned int uiKeyLength; - unsigned int uiSM4KeyBits = 128; - unsigned int uiEncAlgID = SGD_SM4_CBC; - unsigned int uiMACAlgID = SGD_SM4_MAC; - unsigned char pucIV[16] = {0}; - unsigned char pucData[] = "12345678901234567890123456789012"; /* 32-byte = 2 blocks */ - unsigned int uiDataLength = sizeof(pucData); - unsigned char pucEncData[sizeof(pucData)]; - unsigned int uiEncDataLength; - unsigned char pucDecData[sizeof(pucData)]; - unsigned int uiDecDataLength; - unsigned char pucMAC[32]; - unsigned int uiMACLength = sizeof(pucMAC); - int rv; - - - memset(pucKey, 0, sizeof(pucKey)); - uiKeyLength = 0; - hKeyHandle = NULL; - if ((rv = SDF_GenerateKeyWithKEK( - hSessionHandle, - uiSM4KeyBits, - SGD_SM4, - uiKEKIndex, - pucKey, - &uiKeyLength, - &hKeyHandle)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.5.1 */ - uiEncDataLength = sizeof(pucEncData); - if ((rv = SDF_Encrypt( - hSessionHandle, - hKeyHandle, - uiEncAlgID, - pucIV, - pucData, - uiDataLength, - pucEncData, - &uiEncDataLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.5.2 */ - uiDecDataLength = sizeof(pucDecData); - if ((rv = SDF_Decrypt( - hSessionHandle, - hKeyHandle, - uiEncAlgID, - pucIV, - pucEncData, - uiEncDataLength, - pucDecData, - &uiDecDataLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if (uiDecDataLength != uiDataLength || - memcmp(pucDecData, pucData, uiDataLength) != 0) { - fprintf(stderr, "Error (%s %d): SDF_Encrypt/Decrypt failed\n", __FILE__, __LINE__); - } - - /* 6.5.3 */ - if ((rv = SDF_CalculateMAC( - hSessionHandle, - hKeyHandle, - uiMACAlgID, - pucIV, - pucData, - uiDataLength, - pucMAC, - &uiMACLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - return 1; -} - -static int test_sdf_hash(void *hSessionHandle, unsigned int uiECCKeyIndex) -{ - ECCrefPublicKey eccSignPublicKey; - unsigned char pucID[] = "1234567812345678"; - unsigned int uiIDLength = sizeof(pucID) - 1; - unsigned char pucData[] = "abc"; - unsigned int uiDataLength = sizeof(pucData) - 1; - unsigned char sm3abc[] = { - 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9, - 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2, - 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2, - 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0, - }; - unsigned char pucHash[64]; - unsigned int uiHashLength; - int rv; - - /* 6.6.1 */ - if ((rv = SDF_HashInit( - hSessionHandle, - SGD_SM3, - NULL, - NULL, - 0)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.6.2 */ - if ((rv = SDF_HashUpdate( - hSessionHandle, - pucData, - uiDataLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.6.3 */ - uiHashLength = sizeof(pucHash); - if ((rv = SDF_HashFinal( - hSessionHandle, - pucHash, - &uiHashLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if (uiHashLength != sizeof(sm3abc) || - memcmp(pucHash, sm3abc, sizeof(sm3abc)) != 0) { - fprintf(stderr, "Error: SM3 hash \"abc\" failed\n"); - } - - /* prepare public key */ - memset(&eccSignPublicKey, 0, sizeof(eccSignPublicKey)); - if ((rv = SDF_ExportSignPublicKey_ECC( - hSessionHandle, - uiECCKeyIndex, - &eccSignPublicKey)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.6.1 */ - if ((rv = SDF_HashInit( - hSessionHandle, - SGD_SM3, - &eccSignPublicKey, - pucID, - uiIDLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.6.2 */ - if ((rv = SDF_HashUpdate( - hSessionHandle, - pucData, - uiDataLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.6.3 */ - uiHashLength = (unsigned int)sizeof(pucHash); - if ((rv = SDF_HashFinal( - hSessionHandle, - pucHash, - &uiHashLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - - return 1; -} - -static int test_sdf_file(void *hSessionHandle) -{ - unsigned char pucFileName[128] = "certificate.cer"; - unsigned int uiNameLen = sizeof(pucFileName) - 1; - unsigned char pucBuffer[4096]; - unsigned int uiFileLength; - unsigned int uiFileLength2; - unsigned int uiOffset = 0; - int rv; - - /* 6.7.1 */ - uiFileLength = (unsigned int)sizeof(pucBuffer); - if ((rv = SDF_CreateFile( - hSessionHandle, - pucFileName, - uiNameLen, - uiFileLength)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - if (uiFileLength != sizeof(pucBuffer)) { - printf("Warning: created file length = %u, shorter\n", uiFileLength); - } - - /* 6.7.3 */ - memset(pucBuffer, 'A', sizeof(pucBuffer)); - if ((rv = SDF_WriteFile( - hSessionHandle, - pucFileName, - uiNameLen, - uiOffset, - uiFileLength, - pucBuffer)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - /* 6.7.2 */ - uiFileLength2 = uiFileLength; - if ((rv = SDF_ReadFile( - hSessionHandle, - pucFileName, - uiNameLen, - uiOffset, - &uiFileLength2, - pucBuffer)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - if (uiFileLength2 != uiFileLength) { - printf("Warning: read length length %u < %u\n", uiFileLength2, uiFileLength); - } - - /* 6.7.4 */ - if ((rv = SDF_DeleteFile( - hSessionHandle, - pucFileName, - uiNameLen)) != SDR_OK) { - PRINT_ERRSTR(rv); - return 0; - } - - return 1; -} - int main(int argc, char **argv) { - if (!test_sdf()) { - return -1; - } return 0; } #endif diff --git a/test/serpenttest.c b/test/serpenttest.c old mode 100644 new mode 100755 index f824ec2b..df237804 --- a/test/serpenttest.c +++ b/test/serpenttest.c @@ -57,9 +57,8 @@ #include #include -#include #include -#include +#include #include "../e_os.h" diff --git a/test/simontest.c b/test/simontest.c deleted file mode 100644 index 8af92f52..00000000 --- a/test/simontest.c +++ /dev/null @@ -1,255 +0,0 @@ -/*==================================================================== - * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -// Simon Tests - - -#include -#include -#include -#include -#include -#include - -int main(int argc, char** argv){ - // Create reuseable cipher objects for each alogirthm type - simon_cipher my_simon_cipher = *(simon_cipher *)malloc(sizeof(simon_cipher)); - - // Create generic tmp variables - uint8_t ciphertext_buffer[16]; - uint32_t result; - - // Initialize IV and Counter Values for Use with Block Modes - uint8_t my_IV[] = {0x32,0x14,0x76,0x58}; - uint8_t my_counter[] = {0x2F,0x3D,0x5C,0x7B}; - int i, error_sum; - error_sum = 0; - - - // Simon 64/32 Test - // Key: 1918 1110 0908 0100 Plaintext: 6565 6877 Ciphertext: c69b e9bb - uint8_t simon64_32_key[] = {0x00, 0x01, 0x08, 0x09, 0x10, 0x11, 0x18, 0x19}; - uint8_t simon64_32_plain[] = {0x77, 0x68, 0x65, 0x65}; - uint8_t simon64_32_cipher[] = {0xBB,0xE9, 0x9B, 0xC6}; - result = simon_init(&my_simon_cipher, simon_64_32, ECB, simon64_32_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon64_32_plain, &ciphertext_buffer); - for(i = 0; i < 4; i++) { - if (ciphertext_buffer[i] != simon64_32_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon64_32_cipher, &ciphertext_buffer); - for(i = 0; i < 4; i++) { - if (ciphertext_buffer[i] != simon64_32_plain[i]) - error_sum++; - } - - - // Simon 72/48 Test - // Key: 121110 0a0908 020100 Plaintext: 612067 6e696c Ciphertext: dae5ac 292cac - uint8_t simon72_48_key[] = {0x00, 0x01, 0x02, 0x08, 0x09, 0x0A, 0x10, 0x11, 0x12}; - uint8_t simon72_48_plain[] = {0x6c, 0x69, 0x6E, 0x67, 0x20, 0x61}; - uint8_t simon72_48_cipher[] = {0xAC, 0x2C, 0x29, 0xAC, 0xE5, 0xda}; - result = simon_init(&my_simon_cipher, simon_72_48, ECB, simon72_48_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon72_48_plain, &ciphertext_buffer); - for(i = 0; i < 6; i++) { - if (ciphertext_buffer[i] != simon72_48_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon72_48_cipher, &ciphertext_buffer); - for(i = 0; i < 6; i++) { - if (ciphertext_buffer[i] != simon72_48_plain[i]) - error_sum++; - } - - - // Simon 96/48 Test - // Key: 1a1918 121110 0a0908 020100 Plaintext: 726963 20646e Ciphertext: 6e06a5 acf156 - uint8_t simon96_48_key[] = {0x00, 0x01, 0x02, 0x08, 0x09, 0x0A, 0x10, 0x11, 0x12, 0x18, 0x19, 0x1a}; - uint8_t simon96_48_plain[] = {0x6e, 0x64, 0x20, 0x63, 0x69, 0x72}; - uint8_t simon96_48_cipher[] = {0x56, 0xf1, 0xac, 0xa5, 0x06, 0x6e}; - result = simon_init(&my_simon_cipher, simon_96_48, ECB, simon96_48_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon96_48_plain, &ciphertext_buffer); - for(i = 0; i < 6; i++) { - if (ciphertext_buffer[i] != simon96_48_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon96_48_cipher, &ciphertext_buffer); - for(i = 0; i < 6; i++) { - if (ciphertext_buffer[i] != simon96_48_plain[i]) - error_sum++; - } - - - // Simon 96/64 Test - // Key: 13121110 0b0a0908 03020100 Plaintext: 6f722067 6e696c63 Ciphertext: 5ca2e27f 111a8fc8 - uint8_t simon96_64_key[] = {0x00, 0x01, 0x02, 0x03, 0x08, 0x09, 0x0A, 0x0B, 0x10, 0x11, 0x12, 0x13}; - uint8_t simon96_64_plain[] = {0x63, 0x6c, 0x69, 0x6e, 0x67, 0x20, 0x72, 0x6f}; - uint8_t simon96_64_cipher[] = {0xc8, 0x8f, 0x1a, 0x11, 0x7f, 0xe2, 0xa2, 0x5c}; - result = simon_init(&my_simon_cipher, simon_96_64, ECB, simon96_64_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon96_64_plain, &ciphertext_buffer); - for(i = 0; i < 8; i++) { - if (ciphertext_buffer[i] != simon96_64_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon96_64_cipher, &ciphertext_buffer); - for(i = 0; i < 8; i++) { - if (ciphertext_buffer[i] != simon96_64_plain[i]) - error_sum++; - } - - - // Simon 128/64 Test - // Key: 1b1a1918 13121110 0b0a0908 03020100 Plaintext: 656b696c 20646e75 Ciphertext: 44c8fc20 b9dfa07a - uint8_t simon128_64_key[] = {0x00, 0x01, 0x02, 0x03, 0x08, 0x09, 0x0A, 0x0B, 0x10, 0x11, 0x12, 0x13, 0x18, 0x19, 0x1A, 0x1B}; - uint8_t simon128_64_plain[] = {0x75, 0x6e, 0x64, 0x20, 0x6c, 0x69, 0x6b, 0x65}; - uint8_t simon128_64_cipher[] = {0x7a, 0xa0, 0xdf, 0xb9, 0x20, 0xfc, 0xc8, 0x44}; - result = simon_init(&my_simon_cipher, simon_128_64, ECB, simon128_64_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon128_64_plain, &ciphertext_buffer); - for(i = 0; i < 8; i++) { - if (ciphertext_buffer[i] != simon128_64_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon128_64_cipher, &ciphertext_buffer); - for(i = 0; i < 8; i++) { - if (ciphertext_buffer[i] != simon128_64_plain[i]) - error_sum++; - } - - - // Simon 96/96 Test - // Key: 0d0c0b0a0908 050403020100 Plaintext: 2072616c6c69 702065687420 Ciphertext: 602807a462b4 69063d8ff082 - uint8_t simon96_96_key[] = {0x00, 0x01, 0x02, 0x03,0x04,0x05, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D}; - uint8_t simon96_96_plain[] = {0x20, 0x74, 0x68, 0x65, 0x20, 0x70, 0x69, 0x6c, 0x6c, 0x61, 0x72, 0x20}; - uint8_t simon96_96_cipher[] = {0x82, 0xf0, 0x8f, 0x3d, 0x06, 0x69, 0xb4, 0x62, 0xa4, 0x07, 0x28, 0x60}; - result = simon_init(&my_simon_cipher, simon_96_96, ECB, simon96_96_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon96_96_plain, &ciphertext_buffer); - for(i = 0; i < 12; i++) { - if (ciphertext_buffer[i] != simon96_96_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon96_96_cipher, &ciphertext_buffer); - for(i = 0; i < 12; i++) { - if (ciphertext_buffer[i] != simon96_96_plain[i]) - error_sum++; - } - - - // Simon 144/96 Test - // Key: 151413121110 0d0c0b0a0908 050403020100 Plaintext: 746168742074 73756420666f Ciphertext: ecad1c6c451e 3f59c5db1ae9 - uint8_t simon144_96_key[] = {0x00, 0x01, 0x02, 0x03,0x04,0x05, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15}; - uint8_t simon144_96_plain[] = {0x6f, 0x66, 0x20, 0x64, 0x75, 0x73, 0x74, 0x20, 0x74, 0x68, 0x61, 0x74}; - uint8_t simon144_96_cipher[] = {0xe9, 0x1a, 0xdb, 0xc5, 0x59, 0x3f, 0x1e, 0x45, 0x6c, 0x1c, 0xad, 0xec}; - result = simon_init(&my_simon_cipher, simon_144_96, ECB, simon144_96_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon144_96_plain, &ciphertext_buffer); - for(i = 0; i < 12; i++) { - if (ciphertext_buffer[i] != simon144_96_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon144_96_cipher, &ciphertext_buffer); - for(i = 0; i < 12; i++) { - if (ciphertext_buffer[i] != simon144_96_plain[i]) - error_sum++; - } - - - // Simon 128/128 Test - // Key: 0f0e0d0c0b0a0908 0706050403020100 Plaintext: 6373656420737265 6c6c657661727420 Ciphertext: 49681b1e1e54fe3f 65aa832af84e0bbc - uint8_t simon128_128_key[] = {0x00, 0x01, 0x02, 0x03,0x04, 0x05, 0x06,0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; - uint8_t simon128_128_plain[] = {0x20, 0x74, 0x72, 0x61, 0x76, 0x65, 0x6c, 0x6c, 0x65, 0x72, 0x73, 0x20, 0x64, 0x65, 0x73, 0x63}; - uint8_t simon128_128_cipher[] = {0xbc, 0x0b, 0x4e, 0xf8, 0x2a, 0x83, 0xaa, 0x65, 0x3f, 0xfe, 0x54, 0x1e, 0x1e, 0x1b, 0x68, 0x49}; - result = simon_init(&my_simon_cipher, simon_128_128, ECB, simon128_128_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon128_128_plain, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon128_128_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon128_128_cipher, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon128_128_plain[i]) - error_sum++; - } - - - // Simon 192/128 Test - // Key: 1716151413121110 0f0e0d0c0b0a0908 0706050403020100 Plaintext: 206572656874206e 6568772065626972 Ciphertext: c4ac61effcdc0d4f 6c9c8d6e2597b85b - uint8_t simon192_128_key[] = {0x00, 0x01, 0x02, 0x03,0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17}; - uint8_t simon192_128_plain[] = {0x72, 0x69, 0x62, 0x65, 0x20, 0x77, 0x68, 0x65, 0x6e, 0x20, 0x74, 0x68, 0x65, 0x72, 0x65, 0x20}; - uint8_t simon192_128_cipher[] = {0x5b, 0xb8, 0x97, 0x25, 0x6e, 0x8d, 0x9c, 0x6c, 0x4f, 0x0d, 0xdc, 0xfc, 0xef, 0x61, 0xac, 0xc4}; - result = simon_init(&my_simon_cipher, simon_192_128, ECB, simon192_128_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon192_128_plain, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon192_128_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon192_128_cipher, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon192_128_plain[i]) - error_sum++; - } - - - // Simon 256/128 Test - // Key: 1f1e1d1c1b1a1918 1716151413121110 0f0e0d0c0b0a0908 0706050403020100 Plaintext: 74206e69206d6f6f 6d69732061207369 Ciphertext: 8d2b5579afc8a3a0 3bf72a87efe7b868 - uint8_t simon256_128_key[] = {0x00, 0x01, 0x02, 0x03,0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1d, 0x1e, 0x1f}; - uint8_t simon256_128_plain[] = {0x69, 0x73, 0x20, 0x61, 0x20, 0x73, 0x69, 0x6d, 0x6f, 0x6f, 0x6d, 0x20, 0x69, 0x6e, 0x20, 0x74}; - uint8_t simon256_128_cipher[] = {0x68, 0xb8, 0xe7, 0xef, 0x87, 0x2a, 0xf7, 0x3b, 0xa0, 0xa3, 0xc8, 0xaf, 0x79, 0x55, 0x2b, 0x8d}; - result = simon_init(&my_simon_cipher, simon_256_128, ECB, simon256_128_key, my_IV, my_counter); - simon_encrypt(my_simon_cipher, &simon256_128_plain, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon256_128_cipher[i]) - error_sum++; - } - simon_decrypt(my_simon_cipher, &simon256_128_cipher, &ciphertext_buffer); - for(i = 0; i < 16; i++) { - if (ciphertext_buffer[i] != simon256_128_plain[i]) - error_sum++; - } - return error_sum; -} diff --git a/test/skftest.c b/test/skftest.c index 7252e60a..b043c60c 100644 --- a/test/skftest.c +++ b/test/skftest.c @@ -60,6 +60,348 @@ int main(int argc, char **argv) } #else # include +# include + +#if 0 + +# define PRINT_ERRSTR(rv) \ + fprintf(stderr, "error: %s %d: %s\n", __FILE__, __LINE__, \ + SKF_GetErrorString(rv)) + +DEVHANDLE open_dev(LPSTR devName, int verbose) +{ + DEVHANDLE hDev; + ULONG rv; + + if ((rv = SKF_ConnectDev(devName, &hDev)) != SAR_OK) { + PRINT_ERRSTR(rv); + return NULL; + } + + if (verbose > 1) { + DEVINFO devInfo; + if ((rv = SKF_GetDevInfo(hDev, &devInfo)) != SAR_OK) { + PRINT_ERRSTR(rv); + SKF_DisConnectDev(hDev); + return NULL; + } + SKF_PrintDeviceInfo(stdout, &devInfo); + } + + return hDev; +} + +int test_skf_mac(DEVHANDLE hDev, ULONG ulAlgID, int verbose) +{ + int ret = 0; + HANDLE hKey = NULL; + HANDLE hMac = NULL; + BLOCKCIPHERPARAM param; + BYTE key[EVP_MAX_KEY_LENGTH]; + BYTE data[128] = {0}; + BYTE mac[EVP_MAX_MD_SIZE]; + ULONG dataLen, macLen; + ULONG rv; + + if ((rv = SKF_SetSymmKey(hDev, key, ulAlgID, &hKey)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + bzero(¶m, sizeof(param)); + param.IVLen = 0; + param.PaddingType = SKF_NO_PADDING; + if ((rv = SKF_MacInit(hKey, ¶m, &hMac)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + dataLen = (ULONG)sizeof(data); + macLen = (ULONG)sizeof(mac); + if ((rv = SKF_Mac(hMac, data, dataLen, mac, &macLen)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + if (macLen != 16) { + printf("macLen = %d\n", (int)macLen); + fprintf(stderr, "error: %s %d: %s\n", __FILE__, __LINE__, "mac +length != 16"); + goto end; + } + + ret = 1; +end: + if ((rv = SKF_CloseHandle(hMac)) != SAR_OK) { + PRINT_ERRSTR(rv); + ret = 0; + } + if ((rv = SKF_CloseHandle(hKey)) != SAR_OK) { + PRINT_ERRSTR(rv); + ret = 0; + } + + if (ret && verbose) { + printf("%s(%s) passed\n", __FUNCTION__, +SKF_get_alg_name(ulAlgID)); + } + + return ret; +} + +int test_skf_dgst(DEVHANDLE hDev, ULONG ulAlgID, int verbose) +{ + int ret = 0; + HANDLE hHash = NULL; + BYTE data[200] = {0}; + BYTE dgst[EVP_MAX_MD_SIZE]; + ULONG dataLen, dgstLen; + ULONG rv; + + if ((rv = SKF_DigestInit(hDev, ulAlgID, NULL, NULL, 0, &hHash)) != +SAR_OK) { + PRINT_ERRSTR(rv); + return 0; + } + dataLen = (ULONG)sizeof(data); + dgstLen = (ULONG)sizeof(dgst); + if ((rv = SKF_Digest(hHash, data, dataLen, dgst, &dgstLen)) != SAR_OK) +{ + PRINT_ERRSTR(rv); + goto end; + } + + if (verbose > 1) { + ULONG i; + printf("%s (%u-Byte) = ", SKF_get_alg_name(ulAlgID), dgstLen); + for (i = 0; i < dgstLen; i++) { + printf("%02x", dgst[i]); + } + printf("\n"); + } + + ret = 1; +end: + if ((rv = SKF_CloseHandle(hHash)) != SAR_OK) { + PRINT_ERRSTR(rv); + ret = 0; + } + if (ret && verbose) { + printf("%s(%s) passed\n", __FUNCTION__, +SKF_get_alg_name(ulAlgID)); + } + + return ret; +} + +int test_skf_enc(DEVHANDLE hDev, ULONG ulAlgID, BLOCKCIPHERPARAM param, int +verbose) +{ + int ret = 0; + HANDLE hKey = NULL; + BYTE key[EVP_MAX_KEY_LENGTH]; + BYTE data[] = "message to be encrypted"; + BYTE cbuf[256]; + BYTE mbuf[256]; + ULONG mlen, clen; + ULONG rv; + + if ((rv = SKF_SetSymmKey(hDev, key, ulAlgID, &hKey)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + if ((rv = SKF_EncryptInit(hKey, param)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + mlen = (ULONG)sizeof(data); + clen = (ULONG)sizeof(cbuf); + if ((rv = SKF_Encrypt(hKey, data, mlen, cbuf, &clen)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + if ((rv = SKF_DecryptInit(hKey, param)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + mlen = (ULONG)sizeof(mbuf); + if ((rv = SKF_Decrypt(hKey, cbuf, clen, mbuf, &mlen)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + //FIXME: compare data with mbuf + + if (verbose > 1) { + //FIXME: print ciphertext + } + + ret = 1; +end: + if ((rv = SKF_CloseHandle(hKey)) != SAR_OK) { + PRINT_ERRSTR(rv); + ret = 0; + } + if (ret && verbose) { + //FIXME: print success info + } + + return ret; +} + +int test_skf_rsa(DEVHANDLE hDev, ULONG ulBitsLen, int verbose) +{ + int ret = 0; + RSAPRIVATEKEYBLOB rsa; + RSAPUBLICKEYBLOB rsaPubKey; + BYTE data[] = "message to be encrypted or signed"; + BYTE cbuf[512]; + BYTE mbuf[256]; + BYTE sig[512]; + ULONG len, clen, mlen, siglen; + ULONG rv; + + if ((rv = SKF_GenExtRSAKey(hDev, 2048, &rsa)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + memcpy(&rsaPubKey, &rsa, sizeof(rsaPubKey)); + + len = (ULONG)sizeof(data); + clen = (ULONG)sizeof(cbuf); + if ((rv = SKF_ExtRSAPubKeyOperation(hDev, &rsaPubKey, data, len, cbuf, +&clen)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + mlen = (ULONG)sizeof(mbuf); + if ((rv = SKF_ExtRSAPriKeyOperation(hDev, &rsa, cbuf, clen, mbuf, +&mlen)) != SAR_OK) { + PRINT_ERRSTR(rv); + goto end; + } + + ret = 1; +end: + return 0; +} + +int test_skf_ec(DEVHANDLE hDev, int verbose) +{ + ECCPRIVATEKEYBLOB priKey; + ECCPUBLICKEYBLOB pubKey; + ECCSIGNATUREBLOB sig; + BYTE cbuf[sizeof(ECCCIPHERBLOB) + 512]; + BYTE msg[] = "message to be signed and encrypted"; + BYTE mbuf[128]; + ULONG mlen, clen; + ULONG rv; + + bzero(&priKey, sizeof(priKey)); + bzero(&pubKey, sizeof(pubKey)); + if ((rv = SKF_GenExtECCKeyPair(hDev, &priKey, &pubKey)) != SAR_OK) { + PRINT_ERRSTR(rv); + return 0; + } + + mlen = (ULONG)sizeof(msg); + bzero(&sig, sizeof(sig)); + if ((rv = SKF_ExtECCSign(hDev, &priKey, msg, mlen, &sig)) != SAR_OK) { + PRINT_ERRSTR(rv); + return 0; + } + if ((rv = SKF_ExtECCVerify(hDev, &pubKey, msg, mlen, &sig)) != SAR_OK) +{ + PRINT_ERRSTR(rv); + return 0; + } + + mlen = (ULONG)sizeof(msg); + bzero(cbuf, sizeof(cbuf)); + if ((rv = SKF_ExtECCEncrypt(hDev, &pubKey, msg, mlen, (ECCCIPHERBLOB +*)cbuf)) != SAR_OK) { + PRINT_ERRSTR(rv); + return 0; + } + mlen = (ULONG)sizeof(mbuf); + bzero(mbuf, sizeof(mbuf)); + if ((rv = SKF_ExtECCDecrypt(hDev, &priKey, (ECCCIPHERBLOB *)cbuf, mbuf, +&mlen)) != SAR_OK) { + PRINT_ERRSTR(rv); + return 0; + } + + return 1; +} + +int main(int argc, char **argv) +{ + int verbose = 2; + DEVHANDLE hDev = NULL; + ULONG digestAlgors[] = { + SGD_SM3, + SGD_SHA1, + SGD_SHA256 + }; + ULONG cipherAlgors[] = { + SGD_SM4_ECB, + SGD_SM4_CBC, + SGD_SM4_CFB, + SGD_SM4_CFB, + SGD_SM4_CFB, + SGD_SM4_OFB + }; + BLOCKCIPHERPARAM cipherParams[] = { + {{0}, 0, SKF_NO_PADDING, 0}, + {{0}, 16, SKF_PKCS5_PADDING, 0}, + {{0}, 16, SKF_NO_PADDING, 1}, + {{0}, 16, SKF_NO_PADDING, 8}, + {{0}, 16, SKF_NO_PADDING, 128}, + {{0}, 16, SKF_NO_PADDING, 0}, + }; + ULONG rsaBits[] = { 1024, 2048 }; + int i; + + hDev = open_dev((LPSTR)"name", verbose); + /* + if (!test_skf_mac(hDev, SGD_SM4_MAC, verbose)) { + goto end; + } + */ + + for (i = 0; i < sizeof(digestAlgors)/sizeof(digestAlgors[0]); i++) { + if (!test_skf_dgst(hDev, digestAlgors[i], verbose)) { + goto end; + } + } + + for (i = 0; i < sizeof(cipherAlgors)/sizeof(cipherAlgors[0]); i++) { + if (!test_skf_enc(hDev, cipherAlgors[i], cipherParams[i], +verbose)) { + goto end; + } + } + + for (i = 0; i < sizeof(rsaBits)/sizeof(rsaBits[0]); i++) { + if (!test_skf_rsa(hDev, rsaBits[i], verbose)) { + goto end; + } + } + + if (!test_skf_ec(hDev, verbose)) { + goto end; + } + +end: + ERR_print_errors_fp(stderr); + SKF_DisConnectDev(hDev); + return -1; +} +#endif int main(int argc, char **argv) { diff --git a/test/sm2evptest.c b/test/sm2evptest.c deleted file mode 100644 index ca713b9a..00000000 --- a/test/sm2evptest.c +++ /dev/null @@ -1,611 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - -#include "../e_os.h" - -#ifdef OPENSSL_NO_SM2 -int main(int argc, char **argv) -{ - printf("No SM2 support\n"); - return 0; -} -#else - -# include -# include -# include -# include -# include -# include - -static EVP_PKEY *genpkey(int curve_nid, BIO *out, int verbose) -{ - int ok = 0; - EVP_PKEY *ret = NULL; - EVP_PKEY_CTX *pkctx = NULL; - - if (!(pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_keygen_init(pkctx)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkctx, curve_nid)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_keygen(pkctx, &ret)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - EVP_PKEY_print_private(out, ret, 4, NULL); - BIO_printf(out, "\n"); - } - - ok = 1; -end: - if (!ok && ret) { - EVP_PKEY_free(ret); - ret = NULL; - } - EVP_PKEY_CTX_free(pkctx); - return ret; -} - -static int test_evp_pkey_sign(EVP_PKEY *pkey, int do_sm2, int verbose) -{ - int ret = 0; - EVP_PKEY_CTX *pkctx = NULL; - int type = do_sm2 ? NID_sm_scheme : NID_secg_scheme; - unsigned char dgst[EVP_MAX_MD_SIZE] = "hello world"; - size_t dgstlen; - unsigned char sig[256]; - size_t siglen; - - - if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - /* EVP_PKEY_sign() */ - - if (!EVP_PKEY_sign_init(pkctx)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - dgstlen = 32; - memset(sig, 0, sizeof(sig)); - siglen = sizeof(sig); - if (!EVP_PKEY_sign(pkctx, sig, &siglen, dgst, dgstlen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - size_t i; - printf("signature (%zu bytes) = ", siglen); - for (i = 0; i < siglen; i++) { - printf("%02X", sig[i]); - } - printf("\n"); - } - - if (!EVP_PKEY_verify_init(pkctx)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (1 != EVP_PKEY_verify(pkctx, sig, siglen, dgst, dgstlen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose) { - printf("%s(%s) passed\n", __FUNCTION__, OBJ_nid2sn(type)); - } - - ret = 1; -end: - EVP_PKEY_CTX_free(pkctx); - return ret; -} - -static int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose) -{ - int ret = 0; - EVP_PKEY_CTX *pkctx = NULL; - int type = do_sm2 ? NID_sm_scheme : NID_secg_scheme; - unsigned char msg[] = "hello world this is the message"; - size_t msglen = sizeof(msg); - unsigned char cbuf[512]; - size_t cbuflen = sizeof(cbuf); - unsigned char mbuf[512]; - size_t mbuflen = sizeof(mbuf); - - if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - /* EVP_PKEY_encrypt() */ - - if (!EVP_PKEY_encrypt_init(pkctx)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_enc_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - - /* we need to set the sm2 encrypt params (hash = sm3) */ - - - cbuflen = sizeof(cbuf); - if (!EVP_PKEY_encrypt(pkctx, cbuf, &cbuflen, msg, msglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - size_t i; - printf("ciphertext (%zu bytes) = ", cbuflen); - for (i = 0; i < cbuflen; i++) { - printf("%02X", cbuf[i]); - } - printf("\n"); - } - - if (!EVP_PKEY_decrypt_init(pkctx)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_enc_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - memset(mbuf, 0, sizeof(mbuf)); - mbuflen = sizeof(mbuf); - if (!EVP_PKEY_decrypt(pkctx, mbuf, &mbuflen, cbuf, cbuflen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - printf("original message = %s\n", msg); - printf("decrypted message = %s\n", mbuf); - } - - if (verbose) { - printf("%s(%s) passed\n", __FUNCTION__, OBJ_nid2sn(type)); - } - - ret = 1; -end: - ERR_print_errors_fp(stderr); - EVP_PKEY_CTX_free(pkctx); - return ret; -} - -static int test_evp_pkey_encrypt_old(EVP_PKEY *pkey, int verbose) -{ - int ret = 0; - unsigned char msg[] = "hello world this is the message"; - size_t msglen = sizeof(msg); - unsigned char cbuf[512]; - unsigned char mbuf[512]; - - int len; - - if ((len = EVP_PKEY_encrypt_old(cbuf, msg, (int)msglen, pkey)) <= 0) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - int i; - printf("ciphertext (%d bytes) = ", len); - for (i = 0; i < len; i++) { - printf("%02X", cbuf[i]); - } - printf("\n"); - } - - memset(mbuf, 0, sizeof(mbuf)); - if ((len = EVP_PKEY_decrypt_old(mbuf, cbuf, len, pkey)) <= 0) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - printf("original message = %s\n", msg); - printf("decrypted message = %s\n", mbuf); - } - - if (verbose) { - printf("%s() passed!\n", __FUNCTION__); - } - - ret = 1; -end: - return ret; -} - -static int test_evp_sign(EVP_PKEY *pkey, const EVP_MD *md, int verbose) -{ - int ret = 0; - EVP_MD_CTX *mdctx = NULL; - unsigned char msg[] = "hello world this is the message"; - size_t msglen = sizeof(msg); - unsigned char sig[256]; - unsigned int siglen = (unsigned int)sizeof(sig); - - if (!(mdctx = EVP_MD_CTX_create())) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_SignInit_ex(mdctx, md, NULL)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_SignUpdate(mdctx, msg, msglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_SignFinal(mdctx, sig, &siglen, pkey)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - size_t i; - printf("signature (%u bytes) = ", siglen); - for (i = 0; i < siglen; i++) { - printf("%02X", sig[i]); - } - printf("\n"); - } - - if (!EVP_VerifyInit_ex(mdctx, md, NULL)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_VerifyUpdate(mdctx, msg, msglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (1 != EVP_VerifyFinal(mdctx, sig, siglen, pkey)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose) { - printf("%s() passed\n", __FUNCTION__); - } - - ret = 1; - -end: - EVP_MD_CTX_destroy(mdctx); - return ret; -} - -static int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbose) -{ - int ret = 0; - EVP_MD_CTX *mdctx = NULL; - EVP_PKEY_CTX *pkctx; - int type = do_sm2 ? NID_sm_scheme : NID_secg_scheme; - unsigned char msg[] = "hello world this is the message"; - size_t msglen = sizeof(msg); - unsigned char sig[256]; - size_t siglen = (unsigned int)sizeof(sig); - - - unsigned char z[EVP_MAX_MD_SIZE]; - - if (!(mdctx = EVP_MD_CTX_create())) { - goto end; - } - - pkctx = NULL; - if (!EVP_DigestSignInit(mdctx, &pkctx, md, NULL, pkey)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - /* - if (!EVP_PKEY_CTX_set_pre_update(pkctx, z, 32)) { - goto end; - } - */ - - if (!EVP_DigestSignUpdate(mdctx, msg, msglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - siglen = sizeof(sig); - if (!EVP_DigestSignFinal(mdctx, sig, &siglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - pkctx = NULL; - if (!EVP_DigestVerifyInit(mdctx, &pkctx, md, NULL, pkey)) { - ERR_print_errors_fp(stderr); - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - /* - if (!EVP_PKEY_CTX_set_pre_update(pkctx, z, 32)) { - goto end; - } - */ - - if (!EVP_DigestVerifyUpdate(mdctx, msg, msglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (!EVP_DigestVerifyFinal(mdctx, sig, siglen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose) { - printf("%s() passed\n", __FUNCTION__); - } - - ret = 1; -end: - EVP_MD_CTX_destroy(mdctx); - return ret; -} - -#define NUM_PKEYS 3 -#define MAX_PKEY_SIZE 1024 - -static int test_evp_seal(int curve_id, const EVP_CIPHER *cipher, BIO *out, int verbose) -{ - int ret = 0; - EVP_PKEY *pkey[NUM_PKEYS] = {0}; - EVP_CIPHER_CTX *cctx = NULL; - unsigned char iv[16]; - unsigned char *ek[NUM_PKEYS] = {0}; - int ekl[NUM_PKEYS]; - unsigned char msg1[] = "Hello "; - unsigned char msg2[] = "World!"; - unsigned char cbuf[256]; - unsigned char mbuf[256]; - unsigned char *p; - int len, clen, mlen, i; - - - for (i = 0; i < NUM_PKEYS; i++) { - if (!(pkey[i] = genpkey(curve_id, out, verbose))) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - ekl[i] = MAX_PKEY_SIZE; - ek[i] = OPENSSL_malloc(ekl[i]); - } - RAND_bytes(iv, sizeof(iv)); - - if (!(cctx = EVP_CIPHER_CTX_new())) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if ((i = EVP_SealInit(cctx, cipher, ek, ekl, iv, pkey, NUM_PKEYS)) != NUM_PKEYS) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - if (verbose > 1) { - for (i = 0; i < NUM_PKEYS; i++) { - int j; - BIO_printf(out, "ek[%d] (%d-byte) = ", i, ekl[i]); - for (j = 0; j < ekl[i]; j++) { - BIO_printf(out, "%02X", ek[i][j]); - } - BIO_printf(out, "\n"); - } - } - - p = cbuf; - len = sizeof(cbuf); - if (!EVP_SealUpdate(cctx, p, &len, msg1, sizeof(msg1)-1)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - p += len; - - len = sizeof(cbuf) - (p - cbuf); - if (!EVP_SealUpdate(cctx, p, &len, msg2, sizeof(msg2)-1)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - p += len; - - len = sizeof(cbuf) - (p - cbuf); - if (!EVP_SealFinal(cctx, p, &len)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - p += len; - - clen = p - cbuf; - - if (verbose > 1) { - BIO_printf(out, "ciphertext (%d-byte) = ", clen); - for (i = 0; i < clen; i++) { - BIO_printf(out, "%02X", cbuf[i]); - } - BIO_printf(out, "\n"); - } - - if (!EVP_OpenInit(cctx, cipher, ek[1], ekl[1], iv, pkey[1])) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - memset(mbuf, 0, sizeof(mbuf)); - p = mbuf; - len = sizeof(mbuf); - - if (!EVP_OpenUpdate(cctx, p, &len, cbuf, clen)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - p += len; - len = sizeof(mbuf) - len; - - if (!EVP_OpenFinal(cctx, p, &len)) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - p += len; - - mlen = p - mbuf; - - if (verbose > 1) { - BIO_printf(out, "message = %s%s\n", (char *)msg1, (char *)msg2); - BIO_printf(out, "message = %s\n", (char *)mbuf); - } - - if (verbose) { - BIO_printf(out, "%s() passed!\n", __FUNCTION__); - } - - ret = 1; - -end: - EVP_CIPHER_CTX_free(cctx); - for (i = 0; i < NUM_PKEYS; i++) { - EVP_PKEY_free(pkey[i]); - OPENSSL_free(ek[i]); - } - return ret; -} - -int main(int argc, char **argv) -{ - int err = 0; - int verbose = 2; - EVP_PKEY *pkey = NULL; - int curve_id = NID_sm2p256v1; - const EVP_MD *md = EVP_sm3(); - const EVP_CIPHER *cipher = EVP_sms4_cbc(); - BIO *out = NULL; - - out = BIO_new_fp(stderr, BIO_NOCLOSE); - - if (!(pkey = genpkey(curve_id, out, verbose))) { - fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); - goto end; - } - - //if (!test_evp_pkey_sign(pkey, 1, 0)) err++; - //if (!test_evp_pkey_sign(pkey, 0, 0)) err++; - if (!test_evp_pkey_encrypt(pkey, 1, verbose)) err++; - //if (!test_evp_pkey_encrypt(pkey, 0, verbose)) err++; - //if (!test_evp_pkey_encrypt_old(pkey, verbose)) err++; - //if (!test_evp_sign(pkey, md, 0)) err++; - //if (!test_evp_seal(curve_id, cipher, out, verbose)) err++; - //if (!test_evp_digestsign(pkey, 1, md, verbose)) err++; - -end: - EVP_PKEY_free(pkey); - EXIT(err); -} -#endif diff --git a/test/sm3test.c b/test/sm3test.c index b73d8d80..a33aa757 100644 --- a/test/sm3test.c +++ b/test/sm3test.c @@ -177,7 +177,8 @@ static char *dgsthex[] = { "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5", "E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31", "6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67", - "ECF0080215977B2E5D6D61B98A99442F03E8803DC39E349F8DCA5621A9ACDF2B", + "329c2f6030cc7e0ca3af6c97b76243ca250338ad3d3dc3a8b322d1cfdf98c2b7", + /*"ECF0080215977B2E5D6D61B98A99442F03E8803DC39E349F8DCA5621A9ACDF2B",*/ "557BAD30E183559AEEC3B2256E1C7C11F870D22B165D015ACF9465B09B87B527", "4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D0", "C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A", diff --git a/test/specktest.c b/test/specktest.c index 17e14ac6..1091e099 100644 --- a/test/specktest.c +++ b/test/specktest.c @@ -1,6 +1,56 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + #include #include #include +#include #include int main(int argc, char** argv) @@ -10,19 +60,16 @@ int main(int argc, char** argv) uint16_t plain16[2] = { 0x694c, 0x6574 }; uint16_t enc16[2] = { 0x42f2, 0xa868 }; - uint32_t key32[4] = { 0x03020100, 0x0b0a0908, 0x13121110, 0x1b1a1918 }; uint32_t plain32[2] = { 0x7475432d, 0x3b726574 }; uint32_t enc32[2] = { 0x454e028b, 0x8c6fa548 }; - - uint64_t key64[4] = { 0x0706050403020100, 0x0f0e0d0c0b0a0908, 0x1716151413121110, 0x1f1e1d1c1b1a1918 }; uint64_t plain64[2] = { 0x202e72656e6f6f70, 0x65736f6874206e49 }; uint64_t enc64[2] = { 0x4eeeb48d9c188f43, 0x4109010405c0f53e }; - SPECK_TYPE16 buffer[2] = { 0 }; - SPECK_TYPE16 exp[SPECK_ROUNDS16]; + uint16_t buffer[2] = { 0 }; + uint16_t exp[SPECK_ROUNDS16]; speck_set_encrypt_key16(key16, exp); speck_encrypt16(plain16, buffer, exp); if (memcmp(buffer, enc16, sizeof(enc16))) @@ -35,8 +82,8 @@ int main(int argc, char** argv) sum++; } - SPECK_TYPE32 exp32[SPECK_ROUNDS32]; - SPECK_TYPE32 buffer32[2] = { 0 }; + uint32_t exp32[SPECK_ROUNDS32]; + uint32_t buffer32[2] = { 0 }; speck_set_encrypt_key32(key32, exp32); speck_encrypt32(plain32, buffer32, exp32); if (memcmp(buffer, enc32, sizeof(enc32))) @@ -49,8 +96,8 @@ int main(int argc, char** argv) sum++; } - SPECK_TYPE64 exp64[SPECK_ROUNDS64]; - SPECK_TYPE64 buffer64[2] = { 0 }; + uint64_t exp64[SPECK_ROUNDS64]; + uint64_t buffer64[2] = { 0 }; speck_set_encrypt_key64(key64, exp64); speck_encrypt64(plain64, buffer64, exp64); if (memcmp(buffer64, enc64, sizeof(enc64))) diff --git a/util/libcrypto.num b/util/libcrypto.num index 7073abf7..29d3e9d4 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -1,4862 +1,5017 @@ -SDF_WriteFile 1 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_new 2 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_set_signer_key 3 1_1_0d EXIST::FUNCTION:TS -BN_set_bit 4 1_1_0d EXIST::FUNCTION: -X509_CRL_METHOD_free 5 1_1_0d EXIST::FUNCTION: -ASN1_T61STRING_new 6 1_1_0d EXIST::FUNCTION: -RSA_meth_set_priv_dec 7 1_1_0d EXIST::FUNCTION:RSA -CPK_PUBLIC_PARAMS_digest 8 1_1_0d EXIST::FUNCTION: -DH_meth_free 9 1_1_0d EXIST::FUNCTION:DH -X509_STORE_CTX_get_verify_cb 10 1_1_0d EXIST::FUNCTION: -X509_STORE_set1_param 11 1_1_0d EXIST::FUNCTION: -CTLOG_get0_name 12 1_1_0d EXIST::FUNCTION:CT -SMIME_crlf_copy 13 1_1_0d EXIST::FUNCTION: -SEED_ofb128_encrypt 14 1_1_0d EXIST::FUNCTION:SEED -RSA_set0_key 15 1_1_0d EXIST::FUNCTION:RSA -SCT_set_log_entry_type 16 1_1_0d EXIST::FUNCTION:CT -BIO_f_nbio_test 17 1_1_0d EXIST::FUNCTION: -X509_STORE_get_get_issuer 18 1_1_0d EXIST::FUNCTION: -DES_set_key 19 1_1_0d EXIST::FUNCTION:DES -PEM_write_CMS 20 1_1_0d EXIST::FUNCTION:CMS,STDIO -X509_check_ip_asc 21 1_1_0d EXIST::FUNCTION: -DSA_meth_set_flags 22 1_1_0d EXIST::FUNCTION:DSA -EVP_PKEY_print_private 23 1_1_0d EXIST::FUNCTION: -BIO_dump_fp 24 1_1_0d EXIST::FUNCTION:STDIO -d2i_BB1CiphertextBlock 25 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_ext_by_critical 26 1_1_0d EXIST::FUNCTION:TS -X509_CRL_set1_nextUpdate 27 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get1_DH 28 1_1_0d EXIST::FUNCTION:DH -PEM_read_bio_RSAPublicKey 29 1_1_0d EXIST::FUNCTION:RSA -UI_get0_output_string 30 1_1_0d EXIST::FUNCTION:UI -EVP_ENCODE_CTX_num 31 1_1_0d EXIST::FUNCTION: -PKCS1_MGF1 32 1_1_0d EXIST::FUNCTION:RSA -X509_NAME_ENTRY_create_by_txt 33 1_1_0d EXIST::FUNCTION: -BN_bn2solinas 34 1_1_0d EXIST::FUNCTION: -BN_pseudo_rand_range 35 1_1_0d EXIST::FUNCTION: -a2i_IPADDRESS_NC 36 1_1_0d EXIST::FUNCTION: -EC_POINT_get_Jprojective_coordinates_GFp 37 1_1_0d EXIST::FUNCTION:EC -X509_NAME_dup 38 1_1_0d EXIST::FUNCTION: -PKCS7_dataDecode 39 1_1_0d EXIST::FUNCTION: -X509_STORE_set_purpose 40 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_it 41 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NETSCAPE_SPKI_it 41 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CRYPTO_secure_malloc_initialized 42 1_1_0d EXIST::FUNCTION: -CMS_EncryptedData_decrypt 43 1_1_0d EXIST::FUNCTION:CMS -X509_NAME_get_entry 44 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_name_print 45 1_1_0d EXIST::FUNCTION: -RSA_get0_engine 46 1_1_0d EXIST::FUNCTION:RSA -ERR_get_error 47 1_1_0d EXIST::FUNCTION: -X509_CRL_check_suiteb 48 1_1_0d EXIST::FUNCTION: -DES_ede3_ofb64_encrypt 49 1_1_0d EXIST::FUNCTION:DES -RSA_sign 50 1_1_0d EXIST::FUNCTION:RSA -ENGINE_get_default_DH 51 1_1_0d EXIST::FUNCTION:ENGINE -ERR_get_state 52 1_1_0d EXIST::FUNCTION: -i2d_TS_MSG_IMPRINT 53 1_1_0d EXIST::FUNCTION:TS -BN_GF2m_mod_sqr_arr 54 1_1_0d EXIST::FUNCTION:EC2M -sms4_ofb128_encrypt 55 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_set1_signer_cert 56 1_1_0d EXIST::FUNCTION:CMS -PKCS12_SAFEBAG_create_crl 57 1_1_0d EXIST::FUNCTION: -BN_mod_sub_quick 58 1_1_0d EXIST::FUNCTION: -ASIdentifierChoice_free 59 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_CIPHER_CTX_key_length 60 1_1_0d EXIST::FUNCTION: -SAF_Pkcs7_EncodeEnvelopedData 61 1_1_0d EXIST::FUNCTION: -OCSP_RESPID_set_by_name 62 1_1_0d EXIST::FUNCTION:OCSP -SRP_Calc_server_key 63 1_1_0d EXIST::FUNCTION:SRP -BF_cbc_encrypt 64 1_1_0d EXIST::FUNCTION:BF -SHA512_Init 65 1_1_0d EXIST:!VMSVAX:FUNCTION: -EVP_get_cipherbyname 66 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_set1_object 67 1_1_0d EXIST::FUNCTION: -EVP_MD_block_size 68 1_1_0d EXIST::FUNCTION: -PKCS7_RECIP_INFO_get0_alg 69 1_1_0d EXIST::FUNCTION: -i2d_ASN1_ENUMERATED 70 1_1_0d EXIST::FUNCTION: -DSA_meth_free 71 1_1_0d EXIST::FUNCTION:DSA -EC_KEY_clear_flags 72 1_1_0d EXIST::FUNCTION:EC -SDF_ReleasePrivateKeyAccessRight 73 1_1_0d EXIST::FUNCTION: -POLICYINFO_new 74 1_1_0d EXIST::FUNCTION: -OCSP_REQINFO_new 75 1_1_0d EXIST::FUNCTION:OCSP -d2i_BFMasterSecret 76 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_app_datasize 77 1_1_0d EXIST::FUNCTION: -X509V3_get_string 78 1_1_0d EXIST::FUNCTION: -X509v3_addr_add_range 79 1_1_0d EXIST::FUNCTION:RFC3779 -EC_GFp_mont_method 80 1_1_0d EXIST::FUNCTION:EC -PKCS5_PBE_keyivgen 81 1_1_0d EXIST::FUNCTION: -MDC2 82 1_1_0d EXIST::FUNCTION:MDC2 -i2d_ASN1_NULL 83 1_1_0d EXIST::FUNCTION: -GENERAL_SUBTREE_it 84 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_SUBTREE_it 84 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_single_get0_status 85 1_1_0d EXIST::FUNCTION:OCSP -DES_quad_cksum 86 1_1_0d EXIST::FUNCTION:DES -EVP_add_alg_module 87 1_1_0d EXIST::FUNCTION: -ENGINE_unregister_digests 88 1_1_0d EXIST::FUNCTION:ENGINE -X509_PURPOSE_get_id 89 1_1_0d EXIST::FUNCTION: -ESS_SIGNING_CERT_new 90 1_1_0d EXIST::FUNCTION:TS -CRYPTO_secure_malloc 91 1_1_0d EXIST::FUNCTION: -EVP_EncryptInit_ex 92 1_1_0d EXIST::FUNCTION: -CRYPTO_secure_free 93 1_1_0d EXIST::FUNCTION: -SCT_set0_extensions 94 1_1_0d EXIST::FUNCTION:CT -BIO_socket_nbio 95 1_1_0d EXIST::FUNCTION:SOCK -EVP_camellia_192_cbc 96 1_1_0d EXIST::FUNCTION:CAMELLIA -X509_LOOKUP_hash_dir 97 1_1_0d EXIST::FUNCTION: -BN_bn2binpad 98 1_1_0d EXIST::FUNCTION: -BIO_ADDR_rawport 99 1_1_0d EXIST::FUNCTION:SOCK -SOF_SetEncryptMethod 100 1_1_0d EXIST::FUNCTION: -OBJ_bsearch_ 101 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_set_accuracy 102 1_1_0d EXIST::FUNCTION:TS -SRP_VBASE_get_by_user 103 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SRP -EVP_des_ede3_cfb1 104 1_1_0d EXIST::FUNCTION:DES -i2d_RSAPublicKey_bio 105 1_1_0d EXIST::FUNCTION:RSA -d2i_ECParameters 106 1_1_0d EXIST::FUNCTION:EC -TS_REQ_dup 107 1_1_0d EXIST::FUNCTION:TS -ERR_load_GMAPI_strings 108 1_1_0d EXIST::FUNCTION: -SAF_SymmDecryptUpdate 109 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get0_peerkey 110 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_delete_ext 111 1_1_0d EXIST::FUNCTION:TS -X509at_get_attr_by_OBJ 112 1_1_0d EXIST::FUNCTION: -EVP_OpenFinal 113 1_1_0d EXIST::FUNCTION:RSA -d2i_ASN1_UNIVERSALSTRING 114 1_1_0d EXIST::FUNCTION: -i2s_ASN1_ENUMERATED 115 1_1_0d EXIST::FUNCTION: -EVP_des_ecb 116 1_1_0d EXIST::FUNCTION:DES -TS_X509_ALGOR_print_bio 117 1_1_0d EXIST::FUNCTION:TS -OCSP_RESPBYTES_new 118 1_1_0d EXIST::FUNCTION:OCSP -SM2CiphertextValue_new 119 1_1_0d EXIST::FUNCTION: -ASIdentifiers_free 120 1_1_0d EXIST::FUNCTION:RFC3779 -CRYPTO_ccm128_encrypt_ccm64 121 1_1_0d EXIST::FUNCTION: -HMAC_Init_ex 122 1_1_0d EXIST::FUNCTION: -i2d_X509_AUX 123 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_sign 124 1_1_0d EXIST::FUNCTION: -CONF_modules_load_file 125 1_1_0d EXIST::FUNCTION: -EVP_des_ede3_wrap 126 1_1_0d EXIST::FUNCTION:DES -X509_STORE_CTX_get1_chain 127 1_1_0d EXIST::FUNCTION: -BB1MasterSecret_new 128 1_1_0d EXIST::FUNCTION: -RSAPublicKey_dup 129 1_1_0d EXIST::FUNCTION:RSA -RC2_encrypt 130 1_1_0d EXIST::FUNCTION:RC2 -BF_decrypt 131 1_1_0d EXIST::FUNCTION:BF -BN_GFP2_div 132 1_1_0d EXIST::FUNCTION: -o2i_SCT_LIST 133 1_1_0d EXIST::FUNCTION:CT -i2d_DSAparams 134 1_1_0d EXIST::FUNCTION:DSA -X509_STORE_set_flags 135 1_1_0d EXIST::FUNCTION: -CTLOG_get0_log_id 136 1_1_0d EXIST::FUNCTION:CT -TS_REQ_get_ext 137 1_1_0d EXIST::FUNCTION:TS -EVP_DigestUpdate 138 1_1_0d EXIST::FUNCTION: -TS_CONF_set_def_policy 139 1_1_0d EXIST::FUNCTION:TS -RSA_padding_add_PKCS1_PSS 140 1_1_0d EXIST::FUNCTION:RSA -EVP_sms4_wrap_pad 141 1_1_0d EXIST::FUNCTION:SMS4 -d2i_DSA_PUBKEY_bio 142 1_1_0d EXIST::FUNCTION:DSA -UI_new 143 1_1_0d EXIST::FUNCTION:UI -DH_meth_set_compute_key 144 1_1_0d EXIST::FUNCTION:DH -DES_options 145 1_1_0d EXIST::FUNCTION:DES -SAF_RsaVerifySignFile 146 1_1_0d EXIST::FUNCTION: -ENGINE_set_digests 147 1_1_0d EXIST::FUNCTION:ENGINE -ERR_load_PKCS12_strings 148 1_1_0d EXIST::FUNCTION: -ENGINE_free 149 1_1_0d EXIST::FUNCTION:ENGINE -EVP_MD_type 150 1_1_0d EXIST::FUNCTION: -OCSP_response_status_str 151 1_1_0d EXIST::FUNCTION:OCSP -ASN1_TYPE_unpack_sequence 152 1_1_0d EXIST::FUNCTION: -TLS_FEATURE_free 153 1_1_0d EXIST::FUNCTION: -BN_RECP_CTX_free 154 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_cleanup 155 1_1_0d EXIST::FUNCTION:TS -SKF_GenRSAKeyPair 156 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNER_INFO_free 157 1_1_0d EXIST::FUNCTION: -BN_is_zero 158 1_1_0d EXIST::FUNCTION: -SMIME_write_CMS 159 1_1_0d EXIST::FUNCTION:CMS -X509V3_set_conf_lhash 160 1_1_0d EXIST::FUNCTION: -ECIES_PARAMS_get_kdf 161 1_1_0d EXIST::FUNCTION: -i2b_PrivateKey_bio 162 1_1_0d EXIST::FUNCTION:DSA -PKCS7_get0_signers 163 1_1_0d EXIST::FUNCTION: -DSA_SIG_free 164 1_1_0d EXIST::FUNCTION:DSA -ASN1_TYPE_set1 165 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_file 166 1_1_0d EXIST::FUNCTION: -ASN1_SCTX_get_flags 167 1_1_0d EXIST::FUNCTION: -d2i_BB1MasterSecret 168 1_1_0d EXIST::FUNCTION: -i2d_TS_MSG_IMPRINT_bio 169 1_1_0d EXIST::FUNCTION:TS -ASN1_item_unpack 170 1_1_0d EXIST::FUNCTION: -RSA_set_default_method 171 1_1_0d EXIST::FUNCTION:RSA -EVP_OpenInit 172 1_1_0d EXIST::FUNCTION:RSA -DSA_clear_flags 173 1_1_0d EXIST::FUNCTION:DSA -TS_MSG_IMPRINT_print_bio 174 1_1_0d EXIST::FUNCTION:TS -ASN1_i2d_bio 175 1_1_0d EXIST::FUNCTION: -d2i_TS_REQ_bio 176 1_1_0d EXIST::FUNCTION:TS -SM2CiphertextValue_set_ECCCipher 177 1_1_0d EXIST::FUNCTION: -d2i_PKCS7_RECIP_INFO 178 1_1_0d EXIST::FUNCTION: -BN_mod_lshift1_quick 179 1_1_0d EXIST::FUNCTION: -GMAPI_sgd2mdnid 180 1_1_0d EXIST::FUNCTION: -ENGINE_register_digests 181 1_1_0d EXIST::FUNCTION:ENGINE -EC_POINT_point2hex 182 1_1_0d EXIST::FUNCTION:EC -CRYPTO_xts128_encrypt 183 1_1_0d EXIST::FUNCTION: -PEM_write_PUBKEY 184 1_1_0d EXIST::FUNCTION:STDIO -EVP_PKEY_get_attr 185 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_1536 186 1_1_0d EXIST::FUNCTION: -CMS_unsigned_get_attr_count 187 1_1_0d EXIST::FUNCTION:CMS -OCSP_REQINFO_it 188 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_REQINFO_it 188 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -UI_new_method 189 1_1_0d EXIST::FUNCTION:UI -X509v3_asid_validate_path 190 1_1_0d EXIST::FUNCTION:RFC3779 -RC5_32_set_key 191 1_1_0d EXIST::FUNCTION:RC5 -EVP_PKEY_meth_get_keygen 192 1_1_0d EXIST::FUNCTION: -X509_add_ext 193 1_1_0d EXIST::FUNCTION: -MD5_Transform 194 1_1_0d EXIST::FUNCTION:MD5 -BIO_up_ref 195 1_1_0d EXIST::FUNCTION: -OCSP_sendreq_new 196 1_1_0d EXIST::FUNCTION:OCSP -Camellia_ecb_encrypt 197 1_1_0d EXIST::FUNCTION:CAMELLIA -PKCS7_add_attrib_smimecap 198 1_1_0d EXIST::FUNCTION: -a2i_ASN1_STRING 199 1_1_0d EXIST::FUNCTION: -ASN1_SCTX_new 200 1_1_0d EXIST::FUNCTION: -X509_TRUST_cleanup 201 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_cleanup 202 1_1_0d EXIST::FUNCTION: -OPENSSL_atexit 203 1_1_0d EXIST::FUNCTION: -BN_GENCB_free 204 1_1_0d EXIST::FUNCTION: -ASN1_parse_dump 205 1_1_0d EXIST::FUNCTION: -RSA_get_ex_data 206 1_1_0d EXIST::FUNCTION:RSA -MD2_Init 207 1_1_0d EXIST::FUNCTION:MD2 -b2i_PrivateKey 208 1_1_0d EXIST::FUNCTION:DSA -DH_set_method 209 1_1_0d EXIST::FUNCTION:DH -RSA_meth_set_flags 210 1_1_0d EXIST::FUNCTION:RSA -SDF_InternalSign_ECC 211 1_1_0d EXIST::FUNCTION: -CONF_modules_finish 212 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_set0_password 213 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_CTX_set0_untrusted 214 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_find_ex 215 1_1_0d EXIST::FUNCTION: -DES_random_key 216 1_1_0d EXIST::FUNCTION:DES -TS_VERIFY_CTX_set_store 217 1_1_0d EXIST::FUNCTION:TS -RAND_pseudo_bytes 218 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -i2d_BB1CiphertextBlock 219 1_1_0d EXIST::FUNCTION: -SAF_AddCaCertificate 220 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_set_padding 221 1_1_0d EXIST::FUNCTION: -i2d_ASN1_TIME 222 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNED_it 223 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_SIGNED_it 223 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_STORE_CTX_set0_crls 224 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_set0_keygen_info 225 1_1_0d EXIST::FUNCTION: -RAND_add 226 1_1_0d EXIST::FUNCTION: -EC_GROUP_set_generator 227 1_1_0d EXIST::FUNCTION:EC -EC_KEY_set_ECCPRIVATEKEYBLOB 228 1_1_0d EXIST::FUNCTION: -SDF_ExternalVerify_ECC 229 1_1_0d EXIST::FUNCTION: -X509_PUBKEY_free 230 1_1_0d EXIST::FUNCTION: -EVP_des_cfb64 231 1_1_0d EXIST::FUNCTION:DES -ENGINE_setup_bsd_cryptodev 232 1_1_0d EXIST:__FreeBSD__:FUNCTION:DEPRECATEDIN_1_1_0,ENGINE -IPAddressChoice_new 233 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_PKEY_save_parameters 234 1_1_0d EXIST::FUNCTION: -EC_KEY_new_method 235 1_1_0d EXIST::FUNCTION:EC -EC_KEY_METHOD_get_encrypt 236 1_1_0d EXIST::FUNCTION: -SAF_GetRootCaCertificateCount 237 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_add_ext 238 1_1_0d EXIST::FUNCTION:OCSP -i2v_ASN1_BIT_STRING 239 1_1_0d EXIST::FUNCTION: -ASN1_put_object 240 1_1_0d EXIST::FUNCTION: -BIO_ADDRINFO_next 241 1_1_0d EXIST::FUNCTION:SOCK -EVP_BytesToKey 242 1_1_0d EXIST::FUNCTION: -i2d_ACCESS_DESCRIPTION 243 1_1_0d EXIST::FUNCTION: -SHA224_Init 244 1_1_0d EXIST::FUNCTION: -EC_KEY_get_ECCPRIVATEKEYBLOB 245 1_1_0d EXIST::FUNCTION: -UI_get_result_minsize 246 1_1_0d EXIST::FUNCTION:UI -UI_add_input_boolean 247 1_1_0d EXIST::FUNCTION:UI -PEM_write_bio_ASN1_stream 248 1_1_0d EXIST::FUNCTION: -BIO_get_accept_socket 249 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK -BN_nist_mod_224 250 1_1_0d EXIST::FUNCTION: -X509_REQ_get0_signature 251 1_1_0d EXIST::FUNCTION: -BIO_meth_set_write 252 1_1_0d EXIST::FUNCTION: -d2i_ASN1_TIME 253 1_1_0d EXIST::FUNCTION: -CMS_EnvelopedData_create 254 1_1_0d EXIST::FUNCTION:CMS -X509_CRL_get0_by_serial 255 1_1_0d EXIST::FUNCTION: -X509_get_default_cert_area 256 1_1_0d EXIST::FUNCTION: -PKCS12_get_attr 257 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -ASN1_STRING_copy 258 1_1_0d EXIST::FUNCTION: -d2i_ASN1_SET_ANY 259 1_1_0d EXIST::FUNCTION: -d2i_OCSP_REVOKEDINFO 260 1_1_0d EXIST::FUNCTION:OCSP -X509_VERIFY_PARAM_add1_host 261 1_1_0d EXIST::FUNCTION: -d2i_RSAPublicKey_bio 262 1_1_0d EXIST::FUNCTION:RSA -BN_get0_nist_prime_224 263 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_ext_by_NID 264 1_1_0d EXIST::FUNCTION:TS -CRYPTO_nistcts128_decrypt 265 1_1_0d EXIST::FUNCTION: -DH_get_2048_256 266 1_1_0d EXIST::FUNCTION:DH -i2d_ASN1_VISIBLESTRING 267 1_1_0d EXIST::FUNCTION: -d2i_TS_TST_INFO 268 1_1_0d EXIST::FUNCTION:TS -SOF_SignData 269 1_1_0d EXIST::FUNCTION: -EC_POINT_cmp 270 1_1_0d EXIST::FUNCTION:EC -ERR_load_SOF_strings 271 1_1_0d EXIST::FUNCTION: -EVP_MD_flags 272 1_1_0d EXIST::FUNCTION: -X509_STORE_set_default_paths 273 1_1_0d EXIST::FUNCTION: -OPENSSL_hexchar2int 274 1_1_0d EXIST::FUNCTION: -SHA224 275 1_1_0d EXIST::FUNCTION: -SDF_GenerateKeyWithKEK 276 1_1_0d EXIST::FUNCTION: -SDF_CloseSession 277 1_1_0d EXIST::FUNCTION: -CPK_PUBLIC_PARAMS_extract_public_key 278 1_1_0d EXIST::FUNCTION: -d2i_PKCS8_PRIV_KEY_INFO_bio 279 1_1_0d EXIST::FUNCTION: -X509_REQ_verify 280 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_get_ext_count 281 1_1_0d EXIST::FUNCTION:OCSP -TS_REQ_free 282 1_1_0d EXIST::FUNCTION:TS -TS_STATUS_INFO_dup 283 1_1_0d EXIST::FUNCTION:TS -PEM_read_bio_RSA_PUBKEY 284 1_1_0d EXIST::FUNCTION:RSA -i2d_ASN1_PRINTABLE 285 1_1_0d EXIST::FUNCTION: -X509_REQ_get0_pubkey 286 1_1_0d EXIST::FUNCTION: -ASN1_TIME_it 287 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_TIME_it 287 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PKCS7_SIGN_ENVELOPE_new 288 1_1_0d EXIST::FUNCTION: -CRYPTO_ocb128_finish 289 1_1_0d EXIST::FUNCTION:OCB -SHA512_Final 290 1_1_0d EXIST:!VMSVAX:FUNCTION: -TS_REQ_get_ext_by_critical 291 1_1_0d EXIST::FUNCTION:TS -ENGINE_get_cmd_defns 292 1_1_0d EXIST::FUNCTION:ENGINE -OBJ_NAME_init 293 1_1_0d EXIST::FUNCTION: -SAF_EccVerifySignByCert 294 1_1_0d EXIST::FUNCTION: -EVP_rc2_cfb64 295 1_1_0d EXIST::FUNCTION:RC2 -SDF_DestroyKey 296 1_1_0d EXIST::FUNCTION: -OCSP_url_svcloc_new 297 1_1_0d EXIST::FUNCTION:OCSP -EVP_camellia_192_cfb1 298 1_1_0d EXIST::FUNCTION:CAMELLIA -MDC2_Update 299 1_1_0d EXIST::FUNCTION:MDC2 -ASIdentifiers_it 300 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -ASIdentifiers_it 300 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -PEM_X509_INFO_read 301 1_1_0d EXIST::FUNCTION:STDIO -RSA_get0_key 302 1_1_0d EXIST::FUNCTION:RSA -ECPKParameters_print_fp 303 1_1_0d EXIST::FUNCTION:EC,STDIO -ENGINE_set_table_flags 304 1_1_0d EXIST::FUNCTION:ENGINE -i2d_PKCS7_DIGEST 305 1_1_0d EXIST::FUNCTION: -EVP_PKEY_paramgen_init 306 1_1_0d EXIST::FUNCTION: -ECDSA_SIG_set_ECCSignature 307 1_1_0d EXIST::FUNCTION: -ASN1_STRING_print_ex_fp 308 1_1_0d EXIST::FUNCTION:STDIO -X509_ATTRIBUTE_count 309 1_1_0d EXIST::FUNCTION: -BN_zero_ex 310 1_1_0d EXIST::FUNCTION: -PEM_write_bio_X509_CRL 311 1_1_0d EXIST::FUNCTION: -EC_KEY_precompute_mult 312 1_1_0d EXIST::FUNCTION:EC -SAF_SymmEncryptUpdate 313 1_1_0d EXIST::FUNCTION: -SDF_ExternalPublicKeyOperation_RSA 314 1_1_0d EXIST::FUNCTION: -SCT_LIST_validate 315 1_1_0d EXIST::FUNCTION:CT -X509_get_signature_type 316 1_1_0d EXIST::FUNCTION: -SRP_VBASE_new 317 1_1_0d EXIST::FUNCTION:SRP -OCSP_SINGLERESP_get1_ext_d2i 318 1_1_0d EXIST::FUNCTION:OCSP -CRYPTO_ocb128_copy_ctx 319 1_1_0d EXIST::FUNCTION:OCB -EVP_CIPHER_meth_get_ctrl 320 1_1_0d EXIST::FUNCTION: -UI_method_get_closer 321 1_1_0d EXIST::FUNCTION:UI -BIO_dump_indent 322 1_1_0d EXIST::FUNCTION: -TS_RESP_verify_response 323 1_1_0d EXIST::FUNCTION:TS -SDF_PrintRSAPublicKey 324 1_1_0d EXIST::FUNCTION: -UI_destroy_method 325 1_1_0d EXIST::FUNCTION:UI -X509_get0_tbs_sigalg 326 1_1_0d EXIST::FUNCTION: -CMS_signed_add1_attr 327 1_1_0d EXIST::FUNCTION:CMS -SKF_EnumFiles 328 1_1_0d EXIST::FUNCTION: -ERR_load_OCSP_strings 329 1_1_0d EXIST::FUNCTION:OCSP -X509_load_crl_file 330 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_node_stats_bio 331 1_1_0d EXIST::FUNCTION: -EVP_EncodeBlock 332 1_1_0d EXIST::FUNCTION: -d2i_EC_PUBKEY 333 1_1_0d EXIST::FUNCTION:EC -OCSP_REQ_CTX_nbio_d2i 334 1_1_0d EXIST::FUNCTION:OCSP -d2i_DSA_PUBKEY 335 1_1_0d EXIST::FUNCTION:DSA -EVP_CIPHER_meth_new 336 1_1_0d EXIST::FUNCTION: -OCSP_SERVICELOC_it 337 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_SERVICELOC_it 337 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -X509_CRL_get_ext_by_NID 338 1_1_0d EXIST::FUNCTION: -RSA_padding_add_none 339 1_1_0d EXIST::FUNCTION:RSA -EVP_CIPHER_CTX_get_cipher_data 340 1_1_0d EXIST::FUNCTION: -ASN1_str2mask 341 1_1_0d EXIST::FUNCTION: -d2i_OCSP_RESPONSE 342 1_1_0d EXIST::FUNCTION:OCSP -CMS_get0_signers 343 1_1_0d EXIST::FUNCTION:CMS -PEM_dek_info 344 1_1_0d EXIST::FUNCTION: -RC4 345 1_1_0d EXIST::FUNCTION:RC4 -d2i_CMS_ReceiptRequest 346 1_1_0d EXIST::FUNCTION:CMS -AUTHORITY_KEYID_new 347 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKAC_free 348 1_1_0d EXIST::FUNCTION: -ASN1_STRING_cmp 349 1_1_0d EXIST::FUNCTION: -DSA_new 350 1_1_0d EXIST::FUNCTION:DSA -BN_BLINDING_is_current_thread 351 1_1_0d EXIST::FUNCTION: -BIO_nread 352 1_1_0d EXIST::FUNCTION: -EVP_sms4_ocb 353 1_1_0d EXIST::FUNCTION:SMS4 -OTHERNAME_it 354 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -OTHERNAME_it 354 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_GenerateAgreementDataWithECC 355 1_1_0d EXIST::FUNCTION: -X509_CRL_digest 356 1_1_0d EXIST::FUNCTION: -OCSP_CERTID_dup 357 1_1_0d EXIST::FUNCTION:OCSP -UI_set_result 358 1_1_0d EXIST::FUNCTION:UI -IPAddressOrRange_it 359 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -IPAddressOrRange_it 359 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -X509V3_EXT_add_nconf 360 1_1_0d EXIST::FUNCTION: -BIO_ctrl 361 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_encrypt 362 1_1_0d EXIST::FUNCTION: -BIO_set_retry_reason 363 1_1_0d EXIST::FUNCTION: -ECDSA_SIG_get0 364 1_1_0d EXIST::FUNCTION:EC -i2d_ASN1_UNIVERSALSTRING 365 1_1_0d EXIST::FUNCTION: -EC_GFp_simple_method 366 1_1_0d EXIST::FUNCTION:EC -b2i_PVK_bio 367 1_1_0d EXIST::FUNCTION:DSA,RC4 -ASRange_new 368 1_1_0d EXIST::FUNCTION:RFC3779 -OCSP_response_status 369 1_1_0d EXIST::FUNCTION:OCSP -DH_KDF_X9_42 370 1_1_0d EXIST::FUNCTION:CMS,DH -PKCS7_RECIP_INFO_free 371 1_1_0d EXIST::FUNCTION: -i2d_IPAddressOrRange 372 1_1_0d EXIST::FUNCTION:RFC3779 -ECDSA_SIG_get_ECCSignature 373 1_1_0d EXIST::FUNCTION: -OpenSSL_version_num 374 1_1_0d EXIST::FUNCTION: -i2d_PROXY_POLICY 375 1_1_0d EXIST::FUNCTION: -d2i_AUTHORITY_KEYID 376 1_1_0d EXIST::FUNCTION: -X509_check_trust 377 1_1_0d EXIST::FUNCTION: -IPAddressOrRange_new 378 1_1_0d EXIST::FUNCTION:RFC3779 -BIO_ADDR_new 379 1_1_0d EXIST::FUNCTION:SOCK -PEM_write_X509_AUX 380 1_1_0d EXIST::FUNCTION:STDIO -PEM_write_bio_PKCS7 381 1_1_0d EXIST::FUNCTION: -IPAddressChoice_it 382 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -IPAddressChoice_it 382 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -X509_NAME_ENTRY_get_object 383 1_1_0d EXIST::FUNCTION: -BIO_meth_get_ctrl 384 1_1_0d EXIST::FUNCTION: -SDF_OpenDevice 385 1_1_0d EXIST::FUNCTION: -EVP_PKEY_verify_recover_init 386 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set_purpose 387 1_1_0d EXIST::FUNCTION: -i2d_EXTENDED_KEY_USAGE 388 1_1_0d EXIST::FUNCTION: -TS_ACCURACY_set_millis 389 1_1_0d EXIST::FUNCTION:TS -CPK_PUBLIC_PARAMS_validate_private_key 390 1_1_0d EXIST::FUNCTION: -RSA_meth_get_finish 391 1_1_0d EXIST::FUNCTION:RSA -EVP_seed_ecb 392 1_1_0d EXIST::FUNCTION:SEED -SOF_GetCertInfo 393 1_1_0d EXIST::FUNCTION: -X509_TRUST_get_by_id 394 1_1_0d EXIST::FUNCTION: -PKCS7_get_signed_attribute 395 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_get_int64 396 1_1_0d EXIST::FUNCTION: -ASN1_STRING_set0 397 1_1_0d EXIST::FUNCTION: -PKCS8_PRIV_KEY_INFO_it 398 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS8_PRIV_KEY_INFO_it 398 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PKCS12_BAGS_it 399 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_BAGS_it 399 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -TS_REQ_add_ext 400 1_1_0d EXIST::FUNCTION:TS -X509_CRL_sort 401 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_free 402 1_1_0d EXIST::FUNCTION: -SDF_GenerateKeyWithIPK_RSA 403 1_1_0d EXIST::FUNCTION: -X509at_add1_attr_by_NID 404 1_1_0d EXIST::FUNCTION: -PEM_read_bio_PKCS8 405 1_1_0d EXIST::FUNCTION: -PEM_write_DHxparams 406 1_1_0d EXIST::FUNCTION:DH,STDIO -X509_VAL_new 407 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_buf_noconst 408 1_1_0d EXIST::FUNCTION: -i2a_ASN1_ENUMERATED 409 1_1_0d EXIST::FUNCTION: -EC_POINT_new 410 1_1_0d EXIST::FUNCTION:EC -BIO_f_asn1 411 1_1_0d EXIST::FUNCTION: -X509_get_default_cert_dir 412 1_1_0d EXIST::FUNCTION: -X509_print_ex 413 1_1_0d EXIST::FUNCTION: -SM2_decrypt 414 1_1_0d EXIST::FUNCTION: -BIO_copy_next_retry 415 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_do_all 416 1_1_0d EXIST::FUNCTION: -X509_check_private_key 417 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_compare_id 418 1_1_0d EXIST::FUNCTION: -EVP_aes_256_xts 419 1_1_0d EXIST::FUNCTION: -err_free_strings_int 420 1_1_0d EXIST::FUNCTION: -BN_GFP2_inv 421 1_1_0d EXIST::FUNCTION: -ASN1_PRINTABLESTRING_it 422 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_PRINTABLESTRING_it 422 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SCT_set0_log_id 423 1_1_0d EXIST::FUNCTION:CT -EVP_PKEY_meth_find 424 1_1_0d EXIST::FUNCTION: -RSA_PKCS1_OpenSSL 425 1_1_0d EXIST::FUNCTION:RSA -TS_TST_INFO_new 426 1_1_0d EXIST::FUNCTION:TS -TS_RESP_dup 427 1_1_0d EXIST::FUNCTION:TS -i2d_X509_fp 428 1_1_0d EXIST::FUNCTION:STDIO -ERR_load_SAF_strings 429 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_set_ECCCIPHERBLOB 430 1_1_0d EXIST::FUNCTION: -X509_CRL_get_ext_count 431 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_depth 432 1_1_0d EXIST::FUNCTION: -ERR_print_errors_fp 433 1_1_0d EXIST::FUNCTION:STDIO -BIO_lookup 434 1_1_0d EXIST::FUNCTION:SOCK -BN_GF2m_mod_exp_arr 435 1_1_0d EXIST::FUNCTION:EC2M -TS_TST_INFO_get_accuracy 436 1_1_0d EXIST::FUNCTION:TS -CRYPTO_mem_debug_malloc 437 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -X509_STORE_set_check_issued 438 1_1_0d EXIST::FUNCTION: -RSA_set_ex_data 439 1_1_0d EXIST::FUNCTION:RSA -i2d_SM9PrivateKey 440 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_free 441 1_1_0d EXIST::FUNCTION:TS -POLICY_MAPPINGS_it 442 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPINGS_it 442 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -RAND_poll 443 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_exts 444 1_1_0d EXIST::FUNCTION:TS -CERTIFICATEPOLICIES_free 445 1_1_0d EXIST::FUNCTION: -ERR_load_CPK_strings 446 1_1_0d EXIST::FUNCTION: -X509_REQ_INFO_new 447 1_1_0d EXIST::FUNCTION: -RSA_check_key_ex 448 1_1_0d EXIST::FUNCTION:RSA -DH_set_flags 449 1_1_0d EXIST::FUNCTION:DH -SAF_RsaVerifySign 450 1_1_0d EXIST::FUNCTION: -CAST_cfb64_encrypt 451 1_1_0d EXIST::FUNCTION:CAST -ASN1_SCTX_free 452 1_1_0d EXIST::FUNCTION: -X509_REVOKED_free 453 1_1_0d EXIST::FUNCTION: -RAND_query_egd_bytes 454 1_1_0d EXIST::FUNCTION:EGD -RSA_X931_hash_id 455 1_1_0d EXIST::FUNCTION:RSA -SDF_InternalPublicKeyOperation_RSA 456 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_delete_ext 457 1_1_0d EXIST::FUNCTION:OCSP -CRYPTO_cts128_decrypt 458 1_1_0d EXIST::FUNCTION: -X509_set_ex_data 459 1_1_0d EXIST::FUNCTION: -RSA_meth_set1_name 460 1_1_0d EXIST::FUNCTION:RSA -BN_to_montgomery 461 1_1_0d EXIST::FUNCTION: -PaillierPrivateKey_it 462 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PaillierPrivateKey_it 462 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PROXY_POLICY_free 463 1_1_0d EXIST::FUNCTION: -RSA_blinding_on 464 1_1_0d EXIST::FUNCTION:RSA -SKF_SetSymmKey 465 1_1_0d EXIST::FUNCTION: -X509_CRL_set_meth_data 466 1_1_0d EXIST::FUNCTION: -CMAC_Final 467 1_1_0d EXIST::FUNCTION:CMAC -ENGINE_register_DSA 468 1_1_0d EXIST::FUNCTION:ENGINE -EC_KEY_set_public_key 469 1_1_0d EXIST::FUNCTION:EC -ASN1_BIT_STRING_get_bit 470 1_1_0d EXIST::FUNCTION: -EVP_get_cipherbysgd 471 1_1_0d EXIST::FUNCTION: -BUF_reverse 472 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_md_data 473 1_1_0d EXIST::FUNCTION: -BB1MasterSecret_it 474 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BB1MasterSecret_it 474 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BN_MONT_CTX_set 475 1_1_0d EXIST::FUNCTION: -DSA_meth_set_sign_setup 476 1_1_0d EXIST::FUNCTION:DSA -SOF_GetPinRetryCount 477 1_1_0d EXIST::FUNCTION: -EC_KEY_get_enc_flags 478 1_1_0d EXIST::FUNCTION:EC -X509_REVOKED_get_ext_by_critical 479 1_1_0d EXIST::FUNCTION: -X509_NAME_print_ex 480 1_1_0d EXIST::FUNCTION: -i2d_OCSP_RESPBYTES 481 1_1_0d EXIST::FUNCTION:OCSP -SAF_EccVerifySign 482 1_1_0d EXIST::FUNCTION: -ASN1_UTF8STRING_new 483 1_1_0d EXIST::FUNCTION: -SMIME_read_CMS 484 1_1_0d EXIST::FUNCTION:CMS -TS_MSG_IMPRINT_dup 485 1_1_0d EXIST::FUNCTION:TS -BIO_meth_set_create 486 1_1_0d EXIST::FUNCTION: -OBJ_nid2sn 487 1_1_0d EXIST::FUNCTION: -X509_subject_name_hash_old 488 1_1_0d EXIST::FUNCTION:MD5 -TS_OBJ_print_bio 489 1_1_0d EXIST::FUNCTION:TS -TS_TST_INFO_set_time 490 1_1_0d EXIST::FUNCTION:TS -X509_REQ_get_version 491 1_1_0d EXIST::FUNCTION: -PKCS12_BAGS_free 492 1_1_0d EXIST::FUNCTION: -EC_POINT_hash2point 493 1_1_0d EXIST::FUNCTION: -s2i_ASN1_INTEGER 494 1_1_0d EXIST::FUNCTION: -BN_BLINDING_create_param 495 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_get0_pkey_ctx 496 1_1_0d EXIST::FUNCTION:CMS -EVP_rc2_ofb 497 1_1_0d EXIST::FUNCTION:RC2 -CRYPTO_128_unwrap_pad 498 1_1_0d EXIST::FUNCTION: -EVP_PKEY_derive_init 499 1_1_0d EXIST::FUNCTION: -SKF_RSAExportSessionKey 500 1_1_0d EXIST::FUNCTION: -EVP_PKEY_missing_parameters 501 1_1_0d EXIST::FUNCTION: -NCONF_new 502 1_1_0d EXIST::FUNCTION: -PKCS7_add_attribute 503 1_1_0d EXIST::FUNCTION: -d2i_SM9PublicParameters 504 1_1_0d EXIST::FUNCTION: -PKCS7_content_new 505 1_1_0d EXIST::FUNCTION: -ENGINE_get_destroy_function 506 1_1_0d EXIST::FUNCTION:ENGINE -TS_CONF_set_ordering 507 1_1_0d EXIST::FUNCTION:TS -EVP_get_pw_prompt 508 1_1_0d EXIST::FUNCTION:UI -BIO_meth_get_destroy 509 1_1_0d EXIST::FUNCTION: -X509_trust_clear 510 1_1_0d EXIST::FUNCTION: -d2i_GENERAL_NAMES 511 1_1_0d EXIST::FUNCTION: -PEM_SignInit 512 1_1_0d EXIST::FUNCTION: -PBE2PARAM_it 513 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PBE2PARAM_it 513 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_REVOKED_add_ext 514 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_b64_encode 515 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_copy 516 1_1_0d EXIST::FUNCTION: -X509_STORE_lock 517 1_1_0d EXIST::FUNCTION: -X509_get_default_cert_dir_env 518 1_1_0d EXIST::FUNCTION: -EC_POINT_get_affine_coordinates_GFp 519 1_1_0d EXIST::FUNCTION:EC -DSA_meth_get_sign_setup 520 1_1_0d EXIST::FUNCTION:DSA -i2d_ECPKParameters 521 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_meth_get_derive 522 1_1_0d EXIST::FUNCTION: -EVP_camellia_256_cbc 523 1_1_0d EXIST::FUNCTION:CAMELLIA -OBJ_obj2txt 524 1_1_0d EXIST::FUNCTION: -EVP_PKEY_paramgen 525 1_1_0d EXIST::FUNCTION: -BIO_meth_set_puts 526 1_1_0d EXIST::FUNCTION: -PEM_write_bio_X509_AUX 527 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_get1_ext_d2i 528 1_1_0d EXIST::FUNCTION:OCSP -BIO_fd_should_retry 529 1_1_0d EXIST::FUNCTION: -PKCS12_pack_authsafes 530 1_1_0d EXIST::FUNCTION: -X509_PKEY_free 531 1_1_0d EXIST::FUNCTION: -DIST_POINT_free 532 1_1_0d EXIST::FUNCTION: -BB1PublicParameters_free 533 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_validate_public_params 534 1_1_0d EXIST::FUNCTION: -SAF_Initialize 535 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_add_flags 536 1_1_0d EXIST::FUNCTION:TS -EC_POINT_set_compressed_coordinates_GFp 537 1_1_0d EXIST::FUNCTION:EC -i2d_PKCS8_bio 538 1_1_0d EXIST::FUNCTION: -BN_clear_free 539 1_1_0d EXIST::FUNCTION: -PKCS12_AUTHSAFES_it 540 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_AUTHSAFES_it 540 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_ENUMERATED_get_int64 541 1_1_0d EXIST::FUNCTION: -PKCS12_decrypt_skey 542 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_policy_id 543 1_1_0d EXIST::FUNCTION:TS -CAST_decrypt 544 1_1_0d EXIST::FUNCTION:CAST -X509_CERT_AUX_new 545 1_1_0d EXIST::FUNCTION: -COMP_get_name 546 1_1_0d EXIST::FUNCTION:COMP -EVP_MD_meth_dup 547 1_1_0d EXIST::FUNCTION: -d2i_X509_NAME_ENTRY 548 1_1_0d EXIST::FUNCTION: -PEM_write_bio_EC_PUBKEY 549 1_1_0d EXIST::FUNCTION:EC -OBJ_add_sigid 550 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_get_ext 551 1_1_0d EXIST::FUNCTION:OCSP -X509_VERIFY_PARAM_get0_name 552 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_DH 553 1_1_0d EXIST::FUNCTION:ENGINE -PKCS7_set_attributes 554 1_1_0d EXIST::FUNCTION: -BIO_dump_indent_fp 555 1_1_0d EXIST::FUNCTION:STDIO -BN_GFP2_equ 556 1_1_0d EXIST::FUNCTION: -SDF_CloseDevice 557 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_set1_issuer 558 1_1_0d EXIST::FUNCTION:CT -i2d_BASIC_CONSTRAINTS 559 1_1_0d EXIST::FUNCTION: -X509_STORE_set_check_revocation 560 1_1_0d EXIST::FUNCTION: -ESS_CERT_ID_new 561 1_1_0d EXIST::FUNCTION:TS -sms4_ctr128_encrypt 562 1_1_0d EXIST::FUNCTION: -i2d_RSA_PSS_PARAMS 563 1_1_0d EXIST::FUNCTION:RSA -i2d_ECPrivateKey_bio 564 1_1_0d EXIST::FUNCTION:EC -d2i_DSAPublicKey 565 1_1_0d EXIST::FUNCTION:DSA -EVP_rc4_hmac_md5 566 1_1_0d EXIST::FUNCTION:MD5,RC4 -PEM_write_DSA_PUBKEY 567 1_1_0d EXIST::FUNCTION:DSA,STDIO -d2i_PKCS7_SIGNER_INFO 568 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_by_subject 569 1_1_0d EXIST::FUNCTION: -EC_POINT_invert 570 1_1_0d EXIST::FUNCTION:EC -OPENSSL_LH_insert 571 1_1_0d EXIST::FUNCTION: -CMS_uncompress 572 1_1_0d EXIST::FUNCTION:CMS -BN_sub_word 573 1_1_0d EXIST::FUNCTION: -i2d_ISSUING_DIST_POINT 574 1_1_0d EXIST::FUNCTION: -d2i_ASN1_OBJECT 575 1_1_0d EXIST::FUNCTION: -FFX_encrypt 576 1_1_0d EXIST::FUNCTION: -BIO_meth_get_gets 577 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kari_set0_pkey 578 1_1_0d EXIST::FUNCTION:CMS -PKCS7_signatureVerify 579 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_sign 580 1_1_0d EXIST::FUNCTION:CMS -SRP_Verify_B_mod_N 581 1_1_0d EXIST::FUNCTION:SRP -X509_policy_node_get0_qualifiers 582 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_ENVELOPE 583 1_1_0d EXIST::FUNCTION: -RSA_meth_dup 584 1_1_0d EXIST::FUNCTION:RSA -BIO_test_flags 585 1_1_0d EXIST::FUNCTION: -ASN1_BMPSTRING_it 586 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_BMPSTRING_it 586 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_UTCTIME_free 587 1_1_0d EXIST::FUNCTION: -X509_NAME_add_entry 588 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_get_current_id 589 1_1_0d EXIST::FUNCTION: -ERR_load_OTP_strings 590 1_1_0d EXIST::FUNCTION: -Camellia_decrypt 591 1_1_0d EXIST::FUNCTION:CAMELLIA -MD4 592 1_1_0d EXIST::FUNCTION:MD4 -DES_cfb_encrypt 593 1_1_0d EXIST::FUNCTION:DES -X509_REQ_get_attr_by_OBJ 594 1_1_0d EXIST::FUNCTION: -ASN1_STRING_get_default_mask 595 1_1_0d EXIST::FUNCTION: -sm3_init 596 1_1_0d EXIST::FUNCTION: -ENGINE_get_ciphers 597 1_1_0d EXIST::FUNCTION:ENGINE -TS_STATUS_INFO_get0_status 598 1_1_0d EXIST::FUNCTION:TS -PKCS12_unpack_p7data 599 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_flags 600 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_get0_issuer 601 1_1_0d EXIST::FUNCTION:CT -EC_KEY_set_ECCPUBLICKEYBLOB 602 1_1_0d EXIST::FUNCTION: -EC_POINT_dup 603 1_1_0d EXIST::FUNCTION:EC -X509_policy_tree_get0_level 604 1_1_0d EXIST::FUNCTION: -ASN1_SCTX_get_app_data 605 1_1_0d EXIST::FUNCTION: -SKF_GetDevState 606 1_1_0d EXIST::FUNCTION: -SRP_create_verifier_BN 607 1_1_0d EXIST::FUNCTION:SRP -ASN1_STRING_free 608 1_1_0d EXIST::FUNCTION: -i2d_X509_REVOKED 609 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_decrypt 610 1_1_0d EXIST::FUNCTION: -ENGINE_get_static_state 611 1_1_0d EXIST::FUNCTION:ENGINE -PEM_get_EVP_CIPHER_INFO 612 1_1_0d EXIST::FUNCTION: -SAF_RsaSign 613 1_1_0d EXIST::FUNCTION: -ECDSA_verify 614 1_1_0d EXIST::FUNCTION:EC -BIO_new_NDEF 615 1_1_0d EXIST::FUNCTION: -PKCS12_verify_mac 616 1_1_0d EXIST::FUNCTION: -BIO_ADDRINFO_address 617 1_1_0d EXIST::FUNCTION:SOCK -EVP_CIPHER_CTX_cipher 618 1_1_0d EXIST::FUNCTION: -SOF_GetUserList 619 1_1_0d EXIST::FUNCTION: -i2d_PUBKEY_fp 620 1_1_0d EXIST::FUNCTION:STDIO -PEM_read_CMS 621 1_1_0d EXIST::FUNCTION:CMS,STDIO -SAF_Pkcs7_EncodeDigestedData 622 1_1_0d EXIST::FUNCTION: -ENGINE_get_digest 623 1_1_0d EXIST::FUNCTION:ENGINE -DH_get_default_method 624 1_1_0d EXIST::FUNCTION:DH -OPENSSL_sk_push 625 1_1_0d EXIST::FUNCTION: -ENGINE_get_flags 626 1_1_0d EXIST::FUNCTION:ENGINE -OPENSSL_LH_num_items 627 1_1_0d EXIST::FUNCTION: -BN_GENCB_new 628 1_1_0d EXIST::FUNCTION: -X509v3_asid_inherits 629 1_1_0d EXIST::FUNCTION:RFC3779 -BN_mod_lshift1 630 1_1_0d EXIST::FUNCTION: -PKEY_USAGE_PERIOD_it 631 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKEY_USAGE_PERIOD_it 631 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_verify_cert 632 1_1_0d EXIST::FUNCTION: -PEM_read_bio_EC_PUBKEY 633 1_1_0d EXIST::FUNCTION:EC -ASN1_generate_nconf 634 1_1_0d EXIST::FUNCTION: -SKF_DeleteFile 635 1_1_0d EXIST::FUNCTION: -X509_get_extended_key_usage 636 1_1_0d EXIST::FUNCTION: -i2d_SM9Signature 637 1_1_0d EXIST::FUNCTION: -SOF_SetSignMethod 638 1_1_0d EXIST::FUNCTION: -X509_NAME_add_entry_by_OBJ 639 1_1_0d EXIST::FUNCTION: -X509v3_asid_add_id_or_range 640 1_1_0d EXIST::FUNCTION:RFC3779 -TS_RESP_CTX_set_certs 641 1_1_0d EXIST::FUNCTION:TS -X509_OBJECT_get0_X509_CRL 642 1_1_0d EXIST::FUNCTION: -PKCS5_pbkdf2_set 643 1_1_0d EXIST::FUNCTION: -i2d_PKCS12_MAC_DATA 644 1_1_0d EXIST::FUNCTION: -i2d_ASN1_SET_ANY 645 1_1_0d EXIST::FUNCTION: -X509_get0_extensions 646 1_1_0d EXIST::FUNCTION: -ASYNC_WAIT_CTX_set_wait_fd 647 1_1_0d EXIST::FUNCTION: -RSA_set_flags 648 1_1_0d EXIST::FUNCTION:RSA -OBJ_bsearch_ex_ 649 1_1_0d EXIST::FUNCTION: -CRYPTO_free_ex_data 650 1_1_0d EXIST::FUNCTION: -ASN1_FBOOLEAN_it 651 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_FBOOLEAN_it 651 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -MD5_Final 652 1_1_0d EXIST::FUNCTION:MD5 -EVP_PKEY_verify_init 653 1_1_0d EXIST::FUNCTION: -X509_NAME_get_text_by_NID 654 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_add1_ext_i2d 655 1_1_0d EXIST::FUNCTION:OCSP -EVP_PKEY_cmp 656 1_1_0d EXIST::FUNCTION: -EC_KEY_new_from_ECCrefPublicKey 657 1_1_0d EXIST::FUNCTION: -CRYPTO_ofb128_encrypt 658 1_1_0d EXIST::FUNCTION: -CMS_add_simple_smimecap 659 1_1_0d EXIST::FUNCTION:CMS -EVP_PKEY_meth_set_paramgen 660 1_1_0d EXIST::FUNCTION: -ENGINE_unregister_RAND 661 1_1_0d EXIST::FUNCTION:ENGINE -CRYPTO_memdup 662 1_1_0d EXIST::FUNCTION: -EVP_PKEY_encrypt_init 663 1_1_0d EXIST::FUNCTION: -PEM_read_DSAPrivateKey 664 1_1_0d EXIST::FUNCTION:DSA,STDIO -NCONF_free 665 1_1_0d EXIST::FUNCTION: -d2i_PKCS12_bio 666 1_1_0d EXIST::FUNCTION: -PEM_read_bio_X509_AUX 667 1_1_0d EXIST::FUNCTION: -PKCS12_mac_present 668 1_1_0d EXIST::FUNCTION: -OCSP_basic_add1_nonce 669 1_1_0d EXIST::FUNCTION:OCSP -BB1PrivateKeyBlock_new 670 1_1_0d EXIST::FUNCTION: -Camellia_ctr128_encrypt 671 1_1_0d EXIST::FUNCTION:CAMELLIA -i2d_X509_NAME 672 1_1_0d EXIST::FUNCTION: -DH_check_pub_key 673 1_1_0d EXIST::FUNCTION:DH -X509_CRL_get_issuer 674 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_it 675 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_ONEREQ_it 675 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -TS_TST_INFO_get_ext_count 676 1_1_0d EXIST::FUNCTION:TS -X509_check_purpose 677 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_ENCRYPT 678 1_1_0d EXIST::FUNCTION: -BN_is_prime_fasttest_ex 679 1_1_0d EXIST::FUNCTION: -X509V3_get_value_int 680 1_1_0d EXIST::FUNCTION: -TS_RESP_get_status_info 681 1_1_0d EXIST::FUNCTION:TS -ASN1_UNIVERSALSTRING_it 682 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_UNIVERSALSTRING_it 682 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_IPAddressChoice 683 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_ENCODE_CTX_copy 684 1_1_0d EXIST::FUNCTION: -BN_GENCB_set 685 1_1_0d EXIST::FUNCTION: -SM9_do_verify 686 1_1_0d EXIST::FUNCTION: -ASN1_item_ex_i2d 687 1_1_0d EXIST::FUNCTION: -X509_CRL_get0_extensions 688 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_pkey_asn1_meths 689 1_1_0d EXIST::FUNCTION:ENGINE -X509_time_adj_ex 690 1_1_0d EXIST::FUNCTION: -SM9Signature_it 691 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM9Signature_it 691 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_T61STRING_free 692 1_1_0d EXIST::FUNCTION: -DSA_meth_set_finish 693 1_1_0d EXIST::FUNCTION:DSA -PEM_write_PrivateKey 694 1_1_0d EXIST::FUNCTION:STDIO -CONF_get_string 695 1_1_0d EXIST::FUNCTION: -d2i_PKCS12_SAFEBAG 696 1_1_0d EXIST::FUNCTION: -EVP_des_cbc 697 1_1_0d EXIST::FUNCTION:DES -i2d_DIRECTORYSTRING 698 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_get_local 699 1_1_0d EXIST::FUNCTION: -X509_STORE_set_check_crl 700 1_1_0d EXIST::FUNCTION: -X509_CERT_AUX_free 701 1_1_0d EXIST::FUNCTION: -PKCS5_pbe2_set_iv 702 1_1_0d EXIST::FUNCTION: -DES_crypt 703 1_1_0d EXIST::FUNCTION:DES -TS_TST_INFO_set_serial 704 1_1_0d EXIST::FUNCTION:TS -RSA_set_RSArefPrivateKey 705 1_1_0d EXIST::FUNCTION: -BN_GENCB_call 706 1_1_0d EXIST::FUNCTION: -SHA384_Final 707 1_1_0d EXIST:!VMSVAX:FUNCTION: -RIPEMD160_Final 708 1_1_0d EXIST::FUNCTION:RMD160 -RSA_PSS_PARAMS_free 709 1_1_0d EXIST::FUNCTION:RSA -ERR_load_SDF_strings 710 1_1_0d EXIST::FUNCTION: -speck_encrypt 711 1_1_0d NOEXIST::FUNCTION: -RSA_padding_check_PKCS1_OAEP_mgf1 712 1_1_0d EXIST::FUNCTION:RSA -EVP_DigestSignInit 713 1_1_0d EXIST::FUNCTION: -X509V3_EXT_add_nconf_sk 714 1_1_0d EXIST::FUNCTION: -EVP_aes_256_ofb 715 1_1_0d EXIST::FUNCTION: -d2i_TS_MSG_IMPRINT_fp 716 1_1_0d EXIST::FUNCTION:STDIO,TS -SKF_PrintRSAPublicKey 717 1_1_0d EXIST::FUNCTION: -DES_encrypt3 718 1_1_0d EXIST::FUNCTION:DES -X509_CRL_sign_ctx 719 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get0_safes 720 1_1_0d EXIST::FUNCTION: -i2d_OCSP_BASICRESP 721 1_1_0d EXIST::FUNCTION:OCSP -PKCS7_digest_from_attributes 722 1_1_0d EXIST::FUNCTION: -i2d_ASN1_OBJECT 723 1_1_0d EXIST::FUNCTION: -sms4_cfb128_encrypt 724 1_1_0d EXIST::FUNCTION: -PEM_read_bio_PUBKEY 725 1_1_0d EXIST::FUNCTION: -BN_mod_exp_mont_consttime 726 1_1_0d EXIST::FUNCTION: -ENGINE_load_builtin_engines 727 1_1_0d EXIST::FUNCTION:ENGINE -OCSP_CERTID_new 728 1_1_0d EXIST::FUNCTION:OCSP -CPK_MASTER_SECRET_extract_private_key 729 1_1_0d EXIST::FUNCTION: -ACCESS_DESCRIPTION_it 730 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ACCESS_DESCRIPTION_it 730 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BN_BLINDING_invert_ex 731 1_1_0d EXIST::FUNCTION: -EC_POINT_point2buf 732 1_1_0d EXIST::FUNCTION:EC -SDF_HashUpdate 733 1_1_0d EXIST::FUNCTION: -BIO_gethostbyname 734 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK -DSO_up_ref 735 1_1_0d EXIST::FUNCTION: -DSO_merge 736 1_1_0d EXIST::FUNCTION: -PEM_write_bio 737 1_1_0d EXIST::FUNCTION: -PEM_read_ECPrivateKey 738 1_1_0d EXIST::FUNCTION:EC,STDIO -IDEA_ofb64_encrypt 739 1_1_0d EXIST::FUNCTION:IDEA -EVP_sms4_ofb 740 1_1_0d EXIST::FUNCTION:SMS4 -ASN1_VISIBLESTRING_free 741 1_1_0d EXIST::FUNCTION: -X509_STORE_get_cleanup 742 1_1_0d EXIST::FUNCTION: -EVP_PKEY_up_ref 743 1_1_0d EXIST::FUNCTION: -PEM_write_DHparams 744 1_1_0d EXIST::FUNCTION:DH,STDIO -BN_GF2m_mod_sqr 745 1_1_0d EXIST::FUNCTION:EC2M -SCT_set0_signature 746 1_1_0d EXIST::FUNCTION:CT -SKF_DigestInit 747 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_find 748 1_1_0d EXIST::FUNCTION: -SKF_DigestUpdate 749 1_1_0d EXIST::FUNCTION: -UI_method_get_flusher 750 1_1_0d EXIST::FUNCTION:UI -ZLONG_it 751 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ZLONG_it 751 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CRYPTO_ocb128_tag 752 1_1_0d EXIST::FUNCTION:OCB -PEM_ASN1_read 753 1_1_0d EXIST::FUNCTION:STDIO -EVP_DecryptFinal_ex 754 1_1_0d EXIST::FUNCTION: -d2i_PKCS12_BAGS 755 1_1_0d EXIST::FUNCTION: -SAF_RemoveRootCaCertificate 756 1_1_0d EXIST::FUNCTION: -BN_options 757 1_1_0d EXIST::FUNCTION: -SKF_ExtECCSign 758 1_1_0d EXIST::FUNCTION: -RSA_setup_blinding 759 1_1_0d EXIST::FUNCTION:RSA -SM2CiphertextValue_it 760 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM2CiphertextValue_it 760 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_EXTENSION_set_data 761 1_1_0d EXIST::FUNCTION: -ACCESS_DESCRIPTION_new 762 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_extract_public_params 763 1_1_0d EXIST::FUNCTION: -SOF_VerifySignedFile 764 1_1_0d EXIST::FUNCTION: -CMS_unsigned_get_attr_by_OBJ 765 1_1_0d EXIST::FUNCTION:CMS -d2i_X509_ALGOR 766 1_1_0d EXIST::FUNCTION: -OPENSSL_buf2hexstr 767 1_1_0d EXIST::FUNCTION: -X509_STORE_set_lookup_certs 768 1_1_0d EXIST::FUNCTION: -PEM_write_bio_ECPrivateKey 769 1_1_0d EXIST::FUNCTION:EC -X509_issuer_name_cmp 770 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_get_ext_by_NID 771 1_1_0d EXIST::FUNCTION:OCSP -RSA_set_RSAPRIVATEKEYBLOB 772 1_1_0d EXIST::FUNCTION: -X509_STORE_get0_param 773 1_1_0d EXIST::FUNCTION: -X509_print_ex_fp 774 1_1_0d EXIST::FUNCTION:STDIO -CRYPTO_realloc 775 1_1_0d EXIST::FUNCTION: -d2i_PaillierPublicKey 776 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get1_crl 777 1_1_0d EXIST::FUNCTION: -SOF_SignFile 778 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_add_policy 779 1_1_0d EXIST::FUNCTION:TS -i2d_PUBKEY_bio 780 1_1_0d EXIST::FUNCTION: -X509_STORE_add_crl 781 1_1_0d EXIST::FUNCTION: -OpenSSL_version 782 1_1_0d EXIST::FUNCTION: -EVP_des_cfb1 783 1_1_0d EXIST::FUNCTION:DES -ENGINE_set_default_EC 784 1_1_0d EXIST::FUNCTION:ENGINE -CMS_get1_ReceiptRequest 785 1_1_0d EXIST::FUNCTION:CMS -PKEY_USAGE_PERIOD_free 786 1_1_0d EXIST::FUNCTION: -OCSP_REVOKEDINFO_it 787 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_REVOKEDINFO_it 787 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -LONG_it 788 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -LONG_it 788 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DSA_print 789 1_1_0d EXIST::FUNCTION:DSA -ASN1_dup 790 1_1_0d EXIST::FUNCTION: -DH_security_bits 791 1_1_0d EXIST::FUNCTION:DH -SKF_GetDevInfo 792 1_1_0d EXIST::FUNCTION: -OCSP_CERTSTATUS_new 793 1_1_0d EXIST::FUNCTION:OCSP -EVP_PKEY_get0 794 1_1_0d EXIST::FUNCTION: -DSA_SIG_get0 795 1_1_0d EXIST::FUNCTION:DSA -SAF_Pkcs7_DecodeDigestedData 796 1_1_0d EXIST::FUNCTION: -SHA256_Transform 797 1_1_0d EXIST::FUNCTION: -SKF_EnumApplication 798 1_1_0d EXIST::FUNCTION: -EVP_camellia_256_ofb 799 1_1_0d EXIST::FUNCTION:CAMELLIA -i2d_PKCS8PrivateKey_nid_bio 800 1_1_0d EXIST::FUNCTION: -BN_BLINDING_set_current_thread 801 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNED_free 802 1_1_0d EXIST::FUNCTION: -TS_STATUS_INFO_new 803 1_1_0d EXIST::FUNCTION:TS -CRYPTO_free 804 1_1_0d EXIST::FUNCTION: -SM9Ciphertext_free 805 1_1_0d EXIST::FUNCTION: -CONF_load 806 1_1_0d EXIST::FUNCTION: -PEM_read_PKCS8_PRIV_KEY_INFO 807 1_1_0d EXIST::FUNCTION:STDIO -SDF_HashInit 808 1_1_0d EXIST::FUNCTION: -PKCS7_set_digest 809 1_1_0d EXIST::FUNCTION: -ASN1_PRINTABLESTRING_free 810 1_1_0d EXIST::FUNCTION: -DES_pcbc_encrypt 811 1_1_0d EXIST::FUNCTION:DES -X509_REVOKED_set_revocationDate 812 1_1_0d EXIST::FUNCTION: -RSA_null_method 813 1_1_0d EXIST::FUNCTION:RSA -ASN1_tag2bit 814 1_1_0d EXIST::FUNCTION: -d2i_ECPrivateKey 815 1_1_0d EXIST::FUNCTION:EC -DSA_meth_set_sign 816 1_1_0d EXIST::FUNCTION:DSA -SAF_GetExtTypeInfo 817 1_1_0d EXIST::FUNCTION: -BIO_ADDR_family 818 1_1_0d EXIST::FUNCTION:SOCK -PKCS7_sign_add_signer 819 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_check_revocation 820 1_1_0d EXIST::FUNCTION: -DIST_POINT_set_dpname 821 1_1_0d EXIST::FUNCTION: -PKCS12_add_localkeyid 822 1_1_0d EXIST::FUNCTION: -EC_KEY_get_ex_data 823 1_1_0d EXIST::FUNCTION:EC -CMS_unsigned_get_attr 824 1_1_0d EXIST::FUNCTION:CMS -GENERAL_SUBTREE_new 825 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_ctrl 826 1_1_0d EXIST::FUNCTION: -DH_get0_engine 827 1_1_0d EXIST::FUNCTION:DH -X509_STORE_CTX_get_error 828 1_1_0d EXIST::FUNCTION: -FFX_CTX_free 829 1_1_0d EXIST::FUNCTION: -BN_mod_mul_reciprocal 830 1_1_0d EXIST::FUNCTION: -ERR_peek_error 831 1_1_0d EXIST::FUNCTION: -ERR_load_DSA_strings 832 1_1_0d EXIST::FUNCTION:DSA -SM9_encrypt_with_recommended 833 1_1_0d EXIST::FUNCTION: -X509_verify 834 1_1_0d EXIST::FUNCTION: -i2d_DIST_POINT 835 1_1_0d EXIST::FUNCTION: -SAF_GenerateAgreementDataAdnKeyWithECC 836 1_1_0d EXIST::FUNCTION: -OPENSSL_thread_stop 837 1_1_0d EXIST::FUNCTION: -CMAC_CTX_copy 838 1_1_0d EXIST::FUNCTION:CMAC -OPENSSL_uni2utf8 839 1_1_0d EXIST::FUNCTION: -BF_encrypt 840 1_1_0d EXIST::FUNCTION:BF -IPAddressFamily_free 841 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_PKEY_meth_get_signctx 842 1_1_0d EXIST::FUNCTION: -PaillierPublicKey_it 843 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PaillierPublicKey_it 843 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ERR_load_BB1IBE_strings 844 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_new 845 1_1_0d EXIST::FUNCTION:CT -SM9Ciphertext_new 846 1_1_0d EXIST::FUNCTION: -X509_check_host 847 1_1_0d EXIST::FUNCTION: -DH_meth_get_generate_params 848 1_1_0d EXIST::FUNCTION:DH -OCSP_RESPID_free 849 1_1_0d EXIST::FUNCTION:OCSP -SOF_VerifySignedMessage 850 1_1_0d EXIST::FUNCTION: -X509v3_addr_get_range 851 1_1_0d EXIST::FUNCTION:RFC3779 -DSA_get_ex_data 852 1_1_0d EXIST::FUNCTION:DSA -OPENSSL_INIT_set_config_appname 853 1_1_0d EXIST::FUNCTION:STDIO -TS_REQ_get_ext_count 854 1_1_0d EXIST::FUNCTION:TS -PKEY_USAGE_PERIOD_new 855 1_1_0d EXIST::FUNCTION: -i2d_X509_ALGORS 856 1_1_0d EXIST::FUNCTION: -DES_decrypt3 857 1_1_0d EXIST::FUNCTION:DES -TS_ACCURACY_get_millis 858 1_1_0d EXIST::FUNCTION:TS -X509_pubkey_digest 859 1_1_0d EXIST::FUNCTION: -X509_REQ_delete_attr 860 1_1_0d EXIST::FUNCTION: -ERR_load_PKCS7_strings 861 1_1_0d EXIST::FUNCTION: -SM2_do_sign_ex 862 1_1_0d EXIST::FUNCTION: -SKF_EncryptInit 863 1_1_0d EXIST::FUNCTION: -X509_alias_get0 864 1_1_0d EXIST::FUNCTION: -EVP_sha512 865 1_1_0d EXIST:!VMSVAX:FUNCTION: -EVP_MD_CTX_test_flags 866 1_1_0d EXIST::FUNCTION: -BN_bn2dec 867 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_print 868 1_1_0d EXIST::FUNCTION:OCSP -d2i_AUTHORITY_INFO_ACCESS 869 1_1_0d EXIST::FUNCTION: -IDEA_encrypt 870 1_1_0d EXIST::FUNCTION:IDEA -COMP_CTX_get_method 871 1_1_0d EXIST::FUNCTION:COMP -EVP_PKEY_size 872 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_key_length 873 1_1_0d EXIST::FUNCTION: -PKCS12_it 874 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_it 874 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_PKCS12_fp 875 1_1_0d EXIST::FUNCTION:STDIO -ENGINE_unregister_DH 876 1_1_0d EXIST::FUNCTION:ENGINE -PKCS12_add_safe 877 1_1_0d EXIST::FUNCTION: -X509V3_NAME_from_section 878 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_mont_data 879 1_1_0d EXIST::FUNCTION:EC -PKCS12_add_key 880 1_1_0d EXIST::FUNCTION: -OBJ_NAME_get 881 1_1_0d EXIST::FUNCTION: -i2b_PVK_bio 882 1_1_0d EXIST::FUNCTION:DSA,RC4 -POLICY_CONSTRAINTS_it 883 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_CONSTRAINTS_it 883 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SDF_GenerateKeyPair_ECC 884 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_serial 885 1_1_0d EXIST::FUNCTION:TS -CRYPTO_gcm128_finish 886 1_1_0d EXIST::FUNCTION: -BIO_pop 887 1_1_0d EXIST::FUNCTION: -d2i_X509_ALGORS 888 1_1_0d EXIST::FUNCTION: -SHA384 889 1_1_0d EXIST:!VMSVAX:FUNCTION: -ASN1_STRING_TABLE_cleanup 890 1_1_0d EXIST::FUNCTION: -PEM_write_bio_DSA_PUBKEY 891 1_1_0d EXIST::FUNCTION:DSA -X509_get0_uids 892 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_ip_asc 893 1_1_0d EXIST::FUNCTION: -X509_VAL_it 894 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_VAL_it 894 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -TS_VERIFY_CTX_init 895 1_1_0d EXIST::FUNCTION:TS -b2i_PublicKey_bio 896 1_1_0d EXIST::FUNCTION:DSA -PKCS7_set_type 897 1_1_0d EXIST::FUNCTION: -X509_REQ_check_private_key 898 1_1_0d EXIST::FUNCTION: -d2i_RSAPublicKey 899 1_1_0d EXIST::FUNCTION:RSA -CRYPTO_get_ex_data 900 1_1_0d EXIST::FUNCTION: -TLS_FEATURE_new 901 1_1_0d EXIST::FUNCTION: -ENGINE_get_pkey_asn1_meth 902 1_1_0d EXIST::FUNCTION:ENGINE -X509_STORE_CTX_get0_param 903 1_1_0d EXIST::FUNCTION: -SKF_PrintECCPublicKey 904 1_1_0d EXIST::FUNCTION: -ENGINE_register_complete 905 1_1_0d EXIST::FUNCTION:ENGINE -EVP_blake2s256 906 1_1_0d EXIST::FUNCTION:BLAKE2 -SDF_ExportEncPublicKey_ECC 907 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_inv 908 1_1_0d EXIST::FUNCTION:EC2M -SKF_UnlockDev 909 1_1_0d EXIST::FUNCTION: -d2i_NETSCAPE_CERT_SEQUENCE 910 1_1_0d EXIST::FUNCTION: -BN_ucmp 911 1_1_0d EXIST::FUNCTION: -ASN1_STRING_set_default_mask 912 1_1_0d EXIST::FUNCTION: -X509_PURPOSE_cleanup 913 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_sqrt 914 1_1_0d EXIST::FUNCTION:EC2M -ENGINE_get_RSA 915 1_1_0d EXIST::FUNCTION:ENGINE -ASN1_BMPSTRING_new 916 1_1_0d EXIST::FUNCTION: -PEM_def_callback 917 1_1_0d EXIST::FUNCTION: -d2i_ESS_SIGNING_CERT 918 1_1_0d EXIST::FUNCTION:TS -EC_KEY_METHOD_get_decrypt 919 1_1_0d EXIST::FUNCTION: -CTLOG_new_from_base64 920 1_1_0d EXIST::FUNCTION:CT -DSA_meth_set_paramgen 921 1_1_0d EXIST::FUNCTION:DSA -d2i_X509_VAL 922 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_clear_flags 923 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_ctrl 924 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kari_get0_orig_id 925 1_1_0d EXIST::FUNCTION:CMS -BIO_dump_cb 926 1_1_0d EXIST::FUNCTION: -i2d_OCSP_SERVICELOC 927 1_1_0d EXIST::FUNCTION:OCSP -CT_POLICY_EVAL_CTX_set1_cert 928 1_1_0d EXIST::FUNCTION:CT -CPK_PUBLIC_PARAMS_it 929 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -CPK_PUBLIC_PARAMS_it 929 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_ALGOR_dup 930 1_1_0d EXIST::FUNCTION: -BIO_vfree 931 1_1_0d EXIST::FUNCTION: -X509_supported_extension 932 1_1_0d EXIST::FUNCTION: -BN_cmp 933 1_1_0d EXIST::FUNCTION: -EC_KEY_oct2key 934 1_1_0d EXIST::FUNCTION:EC -EC_KEY_METHOD_set_init 935 1_1_0d EXIST::FUNCTION:EC -CRYPTO_cfb128_8_encrypt 936 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_md 937 1_1_0d EXIST::FUNCTION: -d2i_PKCS7 938 1_1_0d EXIST::FUNCTION: -X509_CRL_up_ref 939 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_update 940 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_dup 941 1_1_0d EXIST::FUNCTION: -EC_KEY_new_from_ECCPRIVATEKEYBLOB 942 1_1_0d EXIST::FUNCTION: -BN_mod_sqr 943 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_ciphers 944 1_1_0d EXIST::FUNCTION:ENGINE -d2i_SM2CiphertextValue 945 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_dup 946 1_1_0d EXIST::FUNCTION: -PEM_read_bio_Parameters 947 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kekri_get0_id 948 1_1_0d EXIST::FUNCTION:CMS -ERR_func_error_string 949 1_1_0d EXIST::FUNCTION: -X509v3_addr_validate_resource_set 950 1_1_0d EXIST::FUNCTION:RFC3779 -PKCS12_BAGS_new 951 1_1_0d EXIST::FUNCTION: -ASN1_item_d2i_fp 952 1_1_0d EXIST::FUNCTION:STDIO -ENGINE_set_id 953 1_1_0d EXIST::FUNCTION:ENGINE -PKCS7_RECIP_INFO_it 954 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_RECIP_INFO_it 954 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_GROUP_get0_seed 955 1_1_0d EXIST::FUNCTION:EC -BN_mul_word 956 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_original_iv 957 1_1_0d EXIST::FUNCTION: -IDEA_ecb_encrypt 958 1_1_0d EXIST::FUNCTION:IDEA -OBJ_get0_data 959 1_1_0d EXIST::FUNCTION: -BN_CTX_end 960 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_get_do_cipher 961 1_1_0d EXIST::FUNCTION: -BN_kronecker 962 1_1_0d EXIST::FUNCTION: -d2i_CMS_ContentInfo 963 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_add_cert 964 1_1_0d EXIST::FUNCTION: -RSA_padding_check_SSLv23 965 1_1_0d EXIST::FUNCTION:RSA -TS_TST_INFO_get_version 966 1_1_0d EXIST::FUNCTION:TS -PEM_write_bio_X509_REQ 967 1_1_0d EXIST::FUNCTION: -X509_time_adj 968 1_1_0d EXIST::FUNCTION: -EC_GROUP_check 969 1_1_0d EXIST::FUNCTION:EC -CMS_RecipientInfo_ktri_cert_cmp 970 1_1_0d EXIST::FUNCTION:CMS -EVP_idea_cbc 971 1_1_0d EXIST::FUNCTION:IDEA -CPK_PUBLIC_PARAMS_get_name 972 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_block_size 973 1_1_0d EXIST::FUNCTION: -EVP_PKEY_encrypt_old 974 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_flags 975 1_1_0d EXIST::FUNCTION: -X509_REVOKED_get_ext_d2i 976 1_1_0d EXIST::FUNCTION: -d2i_TS_MSG_IMPRINT_bio 977 1_1_0d EXIST::FUNCTION:TS -d2i_PKCS7_fp 978 1_1_0d EXIST::FUNCTION:STDIO -PBEPARAM_new 979 1_1_0d EXIST::FUNCTION: -sm3_compress 980 1_1_0d EXIST::FUNCTION: -X509_TRUST_add 981 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_set_def_policy 982 1_1_0d EXIST::FUNCTION:TS -CMS_decrypt_set1_key 983 1_1_0d EXIST::FUNCTION:CMS -X509_EXTENSION_set_object 984 1_1_0d EXIST::FUNCTION: -ASN1_ENUMERATED_set 985 1_1_0d EXIST::FUNCTION: -CMAC_Update 986 1_1_0d EXIST::FUNCTION:CMAC -IPAddressFamily_it 987 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -IPAddressFamily_it 987 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -EVP_aes_192_gcm 988 1_1_0d EXIST::FUNCTION: -d2i_ECPKParameters 989 1_1_0d EXIST::FUNCTION:EC -UI_add_verify_string 990 1_1_0d EXIST::FUNCTION:UI -X509_get0_pubkey_bitstr 991 1_1_0d EXIST::FUNCTION: -OCSP_basic_verify 992 1_1_0d EXIST::FUNCTION:OCSP -X509_get1_email 993 1_1_0d EXIST::FUNCTION: -PEM_read_bio_X509_CRL 994 1_1_0d EXIST::FUNCTION: -BN_value_one 995 1_1_0d EXIST::FUNCTION: -PEM_write_bio_RSAPublicKey 996 1_1_0d EXIST::FUNCTION:RSA -X509_REQ_dup 997 1_1_0d EXIST::FUNCTION: -OPENSSL_gmtime_diff 998 1_1_0d EXIST::FUNCTION: -AES_cfb128_encrypt 999 1_1_0d EXIST::FUNCTION: -PEM_write_bio_PKCS8 1000 1_1_0d EXIST::FUNCTION: -speck_expand 1001 1_1_0d NOEXIST::FUNCTION: -PKCS7_cert_from_signer_info 1002 1_1_0d EXIST::FUNCTION: -a2i_GENERAL_NAME 1003 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_get_ext_by_critical 1004 1_1_0d EXIST::FUNCTION:OCSP -AES_options 1005 1_1_0d EXIST::FUNCTION: -X509_PUBKEY_get0_param 1006 1_1_0d EXIST::FUNCTION: -BN_get0_nist_prime_521 1007 1_1_0d EXIST::FUNCTION: -PBKDF2PARAM_it 1008 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PBKDF2PARAM_it 1008 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -d2i_ASN1_SEQUENCE_ANY 1009 1_1_0d EXIST::FUNCTION: -EVP_bf_ecb 1010 1_1_0d EXIST::FUNCTION:BF -PKCS12_SAFEBAGS_it 1011 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_SAFEBAGS_it 1011 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DES_ecb3_encrypt 1012 1_1_0d EXIST::FUNCTION:DES -EVP_CIPHER_CTX_new 1013 1_1_0d EXIST::FUNCTION: -SEED_ecb_encrypt 1014 1_1_0d EXIST::FUNCTION:SEED -ERR_peek_error_line_data 1015 1_1_0d EXIST::FUNCTION: -FFX_decrypt 1016 1_1_0d EXIST::FUNCTION: -sm3_hmac_final 1017 1_1_0d EXIST::FUNCTION: -X509_get0_serialNumber 1018 1_1_0d EXIST::FUNCTION: -COMP_CTX_free 1019 1_1_0d EXIST::FUNCTION:COMP -CRYPTO_secure_used 1020 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_keygen 1021 1_1_0d EXIST::FUNCTION: -EVP_rc5_32_12_16_ecb 1022 1_1_0d EXIST::FUNCTION:RC5 -TS_RESP_free 1023 1_1_0d EXIST::FUNCTION:TS -EVP_cast5_cfb64 1024 1_1_0d EXIST::FUNCTION:CAST -X509_STORE_CTX_init 1025 1_1_0d EXIST::FUNCTION: -CONF_module_set_usr_data 1026 1_1_0d EXIST::FUNCTION: -ASN1_TIME_set_string 1027 1_1_0d EXIST::FUNCTION: -RSA_new_from_RSArefPublicKey 1028 1_1_0d EXIST::FUNCTION: -EC_curve_nist2nid 1029 1_1_0d EXIST::FUNCTION:EC -RSA_padding_check_PKCS1_type_2 1030 1_1_0d EXIST::FUNCTION:RSA -BIO_ADDR_path_string 1031 1_1_0d EXIST::FUNCTION:SOCK -X509_STORE_get_lookup_certs 1032 1_1_0d EXIST::FUNCTION: -BN_GFP2_mul 1033 1_1_0d EXIST::FUNCTION: -DH_clear_flags 1034 1_1_0d EXIST::FUNCTION:DH -PEM_read_X509_CRL 1035 1_1_0d EXIST::FUNCTION:STDIO -SOF_GetSignMethod 1036 1_1_0d EXIST::FUNCTION: -EVP_aes_192_wrap 1037 1_1_0d EXIST::FUNCTION: -d2i_BASIC_CONSTRAINTS 1038 1_1_0d EXIST::FUNCTION: -X509_REQ_INFO_free 1039 1_1_0d EXIST::FUNCTION: -SRP_Calc_u 1040 1_1_0d EXIST::FUNCTION:SRP -X509_digest 1041 1_1_0d EXIST::FUNCTION: -PEM_read_PUBKEY 1042 1_1_0d EXIST::FUNCTION:STDIO -EC_KEY_METHOD_set_verify 1043 1_1_0d EXIST::FUNCTION:EC -EVP_camellia_128_cfb128 1044 1_1_0d EXIST::FUNCTION:CAMELLIA -SKF_ECCVerify 1045 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_cleanup 1046 1_1_0d EXIST::FUNCTION: -EVP_sm3 1047 1_1_0d EXIST::FUNCTION:SM3 -PKCS12_SAFEBAG_new 1048 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get_cb 1049 1_1_0d EXIST::FUNCTION: -SXNET_it 1050 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SXNET_it 1050 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_rc4_40 1051 1_1_0d EXIST::FUNCTION:RC4 -PEM_read_bio_CMS 1052 1_1_0d EXIST::FUNCTION:CMS -X509_get_ext_by_critical 1053 1_1_0d EXIST::FUNCTION: -ASN1_get_object 1054 1_1_0d EXIST::FUNCTION: -TS_REQ_get_ext_by_NID 1055 1_1_0d EXIST::FUNCTION:TS -BIO_puts 1056 1_1_0d EXIST::FUNCTION: -BN_mask_bits 1057 1_1_0d EXIST::FUNCTION: -BN_reciprocal 1058 1_1_0d EXIST::FUNCTION: -UI_method_set_closer 1059 1_1_0d EXIST::FUNCTION:UI -PEM_read_bio_PKCS8_PRIV_KEY_INFO 1060 1_1_0d EXIST::FUNCTION: -SDF_CalculateMAC 1061 1_1_0d EXIST::FUNCTION: -ERR_error_string 1062 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_copy 1063 1_1_0d EXIST::FUNCTION: -FIPS_mode_set 1064 1_1_0d EXIST::FUNCTION: -CRYPTO_mem_debug_push 1065 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -TS_MSG_IMPRINT_set_algo 1066 1_1_0d EXIST::FUNCTION:TS -EVP_camellia_256_cfb128 1067 1_1_0d EXIST::FUNCTION:CAMELLIA -TS_RESP_CTX_set_signer_digest 1068 1_1_0d EXIST::FUNCTION:TS -EVP_DecodeBlock 1069 1_1_0d EXIST::FUNCTION: -BIO_asn1_set_suffix 1070 1_1_0d EXIST::FUNCTION: -i2d_PKCS8PrivateKeyInfo_fp 1071 1_1_0d EXIST::FUNCTION:STDIO -OCSP_REQUEST_add_ext 1072 1_1_0d EXIST::FUNCTION:OCSP -EC_type1curve_tate 1073 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_decrypt 1074 1_1_0d EXIST::FUNCTION: -NCONF_dump_fp 1075 1_1_0d EXIST::FUNCTION:STDIO -d2i_DHparams 1076 1_1_0d EXIST::FUNCTION:DH -i2d_RSA_PUBKEY_fp 1077 1_1_0d EXIST::FUNCTION:RSA,STDIO -OCSP_basic_add1_cert 1078 1_1_0d EXIST::FUNCTION:OCSP -PEM_read_PKCS7 1079 1_1_0d EXIST::FUNCTION:STDIO -PEM_write_bio_X509_REQ_NEW 1080 1_1_0d EXIST::FUNCTION: -ENGINE_get_digest_engine 1081 1_1_0d EXIST::FUNCTION:ENGINE -CPK_MASTER_SECRET_print 1082 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_string 1083 1_1_0d EXIST::FUNCTION:ENGINE -d2i_OCSP_CRLID 1084 1_1_0d EXIST::FUNCTION:OCSP -OTHERNAME_new 1085 1_1_0d EXIST::FUNCTION: -X509_REQ_print_fp 1086 1_1_0d EXIST::FUNCTION:STDIO -ERR_load_RAND_strings 1087 1_1_0d EXIST::FUNCTION: -RSA_PSS_PARAMS_it 1088 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA -RSA_PSS_PARAMS_it 1088 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA -CRYPTO_cts128_decrypt_block 1089 1_1_0d EXIST::FUNCTION: -EC_POINT_set_Jprojective_coordinates_GFp 1090 1_1_0d EXIST::FUNCTION:EC -RSA_public_decrypt 1091 1_1_0d EXIST::FUNCTION:RSA -X509_STORE_CTX_get_verify 1092 1_1_0d EXIST::FUNCTION: -i2d_OCSP_RESPID 1093 1_1_0d EXIST::FUNCTION:OCSP -SXNETID_new 1094 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_verify_recover 1095 1_1_0d EXIST::FUNCTION: -SKF_EnumDev 1096 1_1_0d EXIST::FUNCTION: -EVP_aes_192_ecb 1097 1_1_0d EXIST::FUNCTION: -BN_set_flags 1098 1_1_0d EXIST::FUNCTION: -SOF_CreateTimeStampResponse 1099 1_1_0d EXIST::FUNCTION: -X509_keyid_get0 1100 1_1_0d EXIST::FUNCTION: -BN_BLINDING_free 1101 1_1_0d EXIST::FUNCTION: -DSA_get_method 1102 1_1_0d EXIST::FUNCTION:DSA -CTLOG_get0_public_key 1103 1_1_0d EXIST::FUNCTION:CT -X509V3_EXT_conf_nid 1104 1_1_0d EXIST::FUNCTION: -i2d_POLICYQUALINFO 1105 1_1_0d EXIST::FUNCTION: -ASYNC_WAIT_CTX_get_all_fds 1106 1_1_0d EXIST::FUNCTION: -PKCS7_DIGEST_new 1107 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_hex2ctrl 1108 1_1_0d EXIST::FUNCTION: -PKCS7_ENC_CONTENT_free 1109 1_1_0d EXIST::FUNCTION: -OPENSSL_DIR_end 1110 1_1_0d EXIST::FUNCTION: -BN_BLINDING_update 1111 1_1_0d EXIST::FUNCTION: -i2d_EC_PUBKEY_bio 1112 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_asn1_set_security_bits 1113 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_cmp 1114 1_1_0d EXIST::FUNCTION: -ENGINE_up_ref 1115 1_1_0d EXIST::FUNCTION:ENGINE -DSA_security_bits 1116 1_1_0d EXIST::FUNCTION:DSA -OPENSSL_LH_new 1117 1_1_0d EXIST::FUNCTION: -X509at_get_attr_count 1118 1_1_0d EXIST::FUNCTION: -X509_STORE_set_depth 1119 1_1_0d EXIST::FUNCTION: -i2d_DISPLAYTEXT 1120 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_free 1121 1_1_0d EXIST::FUNCTION: -DSO_flags 1122 1_1_0d EXIST::FUNCTION: -PEM_read_bio_DSAPrivateKey 1123 1_1_0d EXIST::FUNCTION:DSA -BN_get0_nist_prime_256 1124 1_1_0d EXIST::FUNCTION: -CONF_imodule_set_usr_data 1125 1_1_0d EXIST::FUNCTION: -TS_RESP_verify_signature 1126 1_1_0d EXIST::FUNCTION:TS -TS_RESP_print_bio 1127 1_1_0d EXIST::FUNCTION:TS -SDF_HashFinal 1128 1_1_0d EXIST::FUNCTION: -ASN1_TIME_adj 1129 1_1_0d EXIST::FUNCTION: -CRYPTO_nistcts128_decrypt_block 1130 1_1_0d EXIST::FUNCTION: -ASN1_TIME_new 1131 1_1_0d EXIST::FUNCTION: -MD4_Update 1132 1_1_0d EXIST::FUNCTION:MD4 -SAF_Hash 1133 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_get_flags 1134 1_1_0d EXIST::FUNCTION: -SOF_DecryptFile 1135 1_1_0d EXIST::FUNCTION: -TS_RESP_set_tst_info 1136 1_1_0d EXIST::FUNCTION:TS -CONF_free 1137 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_copy 1138 1_1_0d EXIST::FUNCTION: -ASN1_GENERALSTRING_free 1139 1_1_0d EXIST::FUNCTION: -i2d_PBEPARAM 1140 1_1_0d EXIST::FUNCTION: -i2d_X509_REQ_bio 1141 1_1_0d EXIST::FUNCTION: -EC_KEY_METHOD_type 1142 1_1_0d EXIST::FUNCTION: -d2i_X509_CERT_AUX 1143 1_1_0d EXIST::FUNCTION: -BFIBE_do_encrypt 1144 1_1_0d EXIST::FUNCTION: -PKCS7_add_signer 1145 1_1_0d EXIST::FUNCTION: -SKF_DigestFinal 1146 1_1_0d EXIST::FUNCTION: -RSA_meth_new 1147 1_1_0d EXIST::FUNCTION:RSA -BF_ofb64_encrypt 1148 1_1_0d EXIST::FUNCTION:BF -CTLOG_STORE_new 1149 1_1_0d EXIST::FUNCTION:CT -BIO_listen 1150 1_1_0d EXIST::FUNCTION:SOCK -BIO_method_name 1151 1_1_0d EXIST::FUNCTION: -ASN1_tag2str 1152 1_1_0d EXIST::FUNCTION: -PKCS12_MAC_DATA_it 1153 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_MAC_DATA_it 1153 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_CRL_print_fp 1154 1_1_0d EXIST::FUNCTION:STDIO -RSA_free 1155 1_1_0d EXIST::FUNCTION:RSA -ENGINE_get_ctrl_function 1156 1_1_0d EXIST::FUNCTION:ENGINE -SCT_set1_log_id 1157 1_1_0d EXIST::FUNCTION:CT -ENGINE_register_all_RSA 1158 1_1_0d EXIST::FUNCTION:ENGINE -ENGINE_unregister_DSA 1159 1_1_0d EXIST::FUNCTION:ENGINE -RAND_file_name 1160 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_new 1161 1_1_0d EXIST::FUNCTION: -ECPKPARAMETERS_new 1162 1_1_0d EXIST::FUNCTION:EC -X509_chain_up_ref 1163 1_1_0d EXIST::FUNCTION: -TS_REQ_print_bio 1164 1_1_0d EXIST::FUNCTION:TS -BUF_MEM_new_ex 1165 1_1_0d EXIST::FUNCTION: -DH_get0_pqg 1166 1_1_0d EXIST::FUNCTION:DH -PEM_X509_INFO_read_bio 1167 1_1_0d EXIST::FUNCTION: -i2d_ASN1_GENERALIZEDTIME 1168 1_1_0d EXIST::FUNCTION: -BIO_sock_should_retry 1169 1_1_0d EXIST::FUNCTION:SOCK -WHIRLPOOL_Update 1170 1_1_0d EXIST::FUNCTION:WHIRLPOOL -ERR_get_error_line 1171 1_1_0d EXIST::FUNCTION: -CMS_digest_create 1172 1_1_0d EXIST::FUNCTION:CMS -EC_KEY_set_ex_data 1173 1_1_0d EXIST::FUNCTION:EC -BIO_dup_chain 1174 1_1_0d EXIST::FUNCTION: -X509_CRL_delete_ext 1175 1_1_0d EXIST::FUNCTION: -BIO_int_ctrl 1176 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_create0_pkcs8 1177 1_1_0d EXIST::FUNCTION: -DSA_meth_dup 1178 1_1_0d EXIST::FUNCTION:DSA -X509v3_asid_add_inherit 1179 1_1_0d EXIST::FUNCTION:RFC3779 -BN_GF2m_poly2arr 1180 1_1_0d EXIST::FUNCTION:EC2M -RAND_load_file 1181 1_1_0d EXIST::FUNCTION: -BN_GENCB_set_old 1182 1_1_0d EXIST::FUNCTION: -SAF_EnumCertificates 1183 1_1_0d EXIST::FUNCTION: -d2i_ACCESS_DESCRIPTION 1184 1_1_0d EXIST::FUNCTION: -PEM_read_ECPKParameters 1185 1_1_0d EXIST::FUNCTION:EC,STDIO -DES_cbc_encrypt 1186 1_1_0d EXIST::FUNCTION:DES -X509_VERIFY_PARAM_set1_policies 1187 1_1_0d EXIST::FUNCTION: -X509_STORE_get0_objects 1188 1_1_0d EXIST::FUNCTION: -SM9_decrypt 1189 1_1_0d EXIST::FUNCTION: -ECDH_KDF_X9_62 1190 1_1_0d EXIST::FUNCTION:EC -RSA_meth_get_sign 1191 1_1_0d EXIST::FUNCTION:RSA -EVP_PKEY_encrypt 1192 1_1_0d EXIST::FUNCTION: -a2i_ASN1_ENUMERATED 1193 1_1_0d EXIST::FUNCTION: -X509V3_EXT_print_fp 1194 1_1_0d EXIST::FUNCTION:STDIO -DH_compute_key_padded 1195 1_1_0d EXIST::FUNCTION:DH -EVP_chacha20 1196 1_1_0d EXIST::FUNCTION:CHACHA -PKCS7_ISSUER_AND_SERIAL_new 1197 1_1_0d EXIST::FUNCTION: -ERR_clear_error 1198 1_1_0d EXIST::FUNCTION: -ASN1_STRING_print_ex 1199 1_1_0d EXIST::FUNCTION: -SHA1_Init 1200 1_1_0d EXIST::FUNCTION: -BN_lshift1 1201 1_1_0d EXIST::FUNCTION: -PKCS7_ATTR_SIGN_it 1202 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ATTR_SIGN_it 1202 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ERR_load_SKF_strings 1203 1_1_0d EXIST::FUNCTION: -X509V3_EXT_add_conf 1204 1_1_0d EXIST::FUNCTION: -SKF_CreateFile 1205 1_1_0d EXIST::FUNCTION: -DSA_get0_engine 1206 1_1_0d EXIST::FUNCTION:DSA -i2d_DSA_PUBKEY_bio 1207 1_1_0d EXIST::FUNCTION:DSA -PBEPARAM_it 1208 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PBEPARAM_it 1208 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_ImportRSAKeyPair 1209 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_new 1210 1_1_0d EXIST::FUNCTION:TS -d2i_SM9Signature 1211 1_1_0d EXIST::FUNCTION: -d2i_ECIESParameters 1212 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_new 1213 1_1_0d EXIST::FUNCTION: -RSA_verify_ASN1_OCTET_STRING 1214 1_1_0d EXIST::FUNCTION:RSA -ECParameters_print 1215 1_1_0d EXIST::FUNCTION:EC -TS_TST_INFO_get_ext_by_OBJ 1216 1_1_0d EXIST::FUNCTION:TS -TS_MSG_IMPRINT_free 1217 1_1_0d EXIST::FUNCTION:TS -TS_RESP_CTX_get_tst_info 1218 1_1_0d EXIST::FUNCTION:TS -SAF_Pkcs7_DecodeData 1219 1_1_0d EXIST::FUNCTION: -BIO_new_accept 1220 1_1_0d EXIST::FUNCTION:SOCK -SM2_compute_key 1221 1_1_0d EXIST::FUNCTION: -CMAC_CTX_new 1222 1_1_0d EXIST::FUNCTION:CMAC -OPENSSL_memcmp 1223 1_1_0d EXIST::FUNCTION: -X509_NAME_ENTRY_set 1224 1_1_0d EXIST::FUNCTION: -CAST_cbc_encrypt 1225 1_1_0d EXIST::FUNCTION:CAST -EVP_MD_meth_set_ctrl 1226 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_set_bit 1227 1_1_0d EXIST::FUNCTION: -EVP_aes_128_wrap_pad 1228 1_1_0d EXIST::FUNCTION: -RSA_print_fp 1229 1_1_0d EXIST::FUNCTION:RSA,STDIO -EVP_PBE_cleanup 1230 1_1_0d EXIST::FUNCTION: -i2d_X509_CRL_INFO 1231 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_set 1232 1_1_0d EXIST::FUNCTION: -TXT_DB_insert 1233 1_1_0d EXIST::FUNCTION: -OCSP_RESPDATA_it 1234 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_RESPDATA_it 1234 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -SXNET_add_id_INTEGER 1235 1_1_0d EXIST::FUNCTION: -BN_swap 1236 1_1_0d EXIST::FUNCTION: -SOF_GetCertInfoByOid 1237 1_1_0d EXIST::FUNCTION: -ECParameters_print_fp 1238 1_1_0d EXIST::FUNCTION:EC,STDIO -X509_NAME_get0_der 1239 1_1_0d EXIST::FUNCTION: -d2i_ASN1_TYPE 1240 1_1_0d EXIST::FUNCTION: -d2i_ASN1_UTCTIME 1241 1_1_0d EXIST::FUNCTION: -SAF_AddCrl 1242 1_1_0d EXIST::FUNCTION: -EC_KEY_priv2oct 1243 1_1_0d EXIST::FUNCTION:EC -ASN1_PRINTABLESTRING_new 1244 1_1_0d EXIST::FUNCTION: -MD5_Init 1245 1_1_0d EXIST::FUNCTION:MD5 -PKCS12_add_safes 1246 1_1_0d EXIST::FUNCTION: -EVP_CipherFinal_ex 1247 1_1_0d EXIST::FUNCTION: -BASIC_CONSTRAINTS_free 1248 1_1_0d EXIST::FUNCTION: -EVP_EncodeInit 1249 1_1_0d EXIST::FUNCTION: -AUTHORITY_INFO_ACCESS_free 1250 1_1_0d EXIST::FUNCTION: -d2i_ASIdOrRange 1251 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_PKEY_meth_get_verifyctx 1252 1_1_0d EXIST::FUNCTION: -ASN1_STRING_new 1253 1_1_0d EXIST::FUNCTION: -BIO_f_base64 1254 1_1_0d EXIST::FUNCTION: -OPENSSL_strnlen 1255 1_1_0d EXIST::FUNCTION: -serpent_set_encrypt_key 1256 1_1_0d EXIST::FUNCTION: -PBKDF2PARAM_new 1257 1_1_0d EXIST::FUNCTION: -BUF_MEM_grow 1258 1_1_0d EXIST::FUNCTION: -v2i_GENERAL_NAME_ex 1259 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_cmp 1260 1_1_0d EXIST::FUNCTION: -SHA256_Update 1261 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_asn1 1262 1_1_0d EXIST::FUNCTION: -PEM_read_DSA_PUBKEY 1263 1_1_0d EXIST::FUNCTION:DSA,STDIO -ASYNC_init_thread 1264 1_1_0d EXIST::FUNCTION: -i2d_X509_REQ_fp 1265 1_1_0d EXIST::FUNCTION:STDIO -EVP_idea_cfb64 1266 1_1_0d EXIST::FUNCTION:IDEA -CONF_load_bio 1267 1_1_0d EXIST::FUNCTION: -i2d_DSA_PUBKEY_fp 1268 1_1_0d EXIST::FUNCTION:DSA,STDIO -BFMasterSecret_free 1269 1_1_0d EXIST::FUNCTION: -TS_REQ_set_cert_req 1270 1_1_0d EXIST::FUNCTION:TS -OTHERNAME_free 1271 1_1_0d EXIST::FUNCTION: -PKCS7_ENCRYPT_free 1272 1_1_0d EXIST::FUNCTION: -BN_mod_word 1273 1_1_0d EXIST::FUNCTION: -ENGINE_get_RAND 1274 1_1_0d EXIST::FUNCTION:ENGINE -serpent_encrypt 1275 1_1_0d EXIST::FUNCTION: -X509_EXTENSION_free 1276 1_1_0d EXIST::FUNCTION: -X509_ALGORS_it 1277 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_ALGORS_it 1277 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_BB1PublicParameters 1278 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKAC_new 1279 1_1_0d EXIST::FUNCTION: -SAF_EnumKeyContainerInfoFree 1280 1_1_0d EXIST::FUNCTION: -SAF_GetVersion 1281 1_1_0d EXIST::FUNCTION: -TS_REQ_get_policy_id 1282 1_1_0d EXIST::FUNCTION:TS -EVP_rc2_ecb 1283 1_1_0d EXIST::FUNCTION:RC2 -OPENSSL_sk_set 1284 1_1_0d EXIST::FUNCTION: -d2i_TS_TST_INFO_bio 1285 1_1_0d EXIST::FUNCTION:TS -CMS_SignerInfo_get0_signature 1286 1_1_0d EXIST::FUNCTION:CMS -NCONF_get_number_e 1287 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kekri_id_cmp 1288 1_1_0d EXIST::FUNCTION:CMS -PEM_write_DSAparams 1289 1_1_0d EXIST::FUNCTION:DSA,STDIO -BN_generate_prime_ex 1290 1_1_0d EXIST::FUNCTION: -BIO_set_init 1291 1_1_0d EXIST::FUNCTION: -RSA_padding_check_none 1292 1_1_0d EXIST::FUNCTION:RSA -ENGINE_set_destroy_function 1293 1_1_0d EXIST::FUNCTION:ENGINE -d2i_X509_CINF 1294 1_1_0d EXIST::FUNCTION: -RSA_meth_get0_app_data 1295 1_1_0d EXIST::FUNCTION:RSA -X509_STORE_set_trust 1296 1_1_0d EXIST::FUNCTION: -SOF_ValidateCert 1297 1_1_0d EXIST::FUNCTION: -SM9PrivateKey_new 1298 1_1_0d EXIST::FUNCTION: -EVP_PBE_get 1299 1_1_0d EXIST::FUNCTION: -OCSP_cert_to_id 1300 1_1_0d EXIST::FUNCTION:OCSP -d2i_CRL_DIST_POINTS 1301 1_1_0d EXIST::FUNCTION: -X509_add1_ext_i2d 1302 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get_attr_count 1303 1_1_0d EXIST::FUNCTION: -ENGINE_get_id 1304 1_1_0d EXIST::FUNCTION:ENGINE -i2d_X509_SIG 1305 1_1_0d EXIST::FUNCTION: -SKF_CloseHandle 1306 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_init_local 1307 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_set_item 1308 1_1_0d EXIST::FUNCTION: -BN_MONT_CTX_new 1309 1_1_0d EXIST::FUNCTION: -EC_METHOD_get_field_type 1310 1_1_0d EXIST::FUNCTION:EC -ASYNC_block_pause 1311 1_1_0d EXIST::FUNCTION: -s2i_ASN1_IA5STRING 1312 1_1_0d EXIST::FUNCTION: -EC_POINT_set_affine_coordinates_GFp 1313 1_1_0d EXIST::FUNCTION:EC -X509_add1_reject_object 1314 1_1_0d EXIST::FUNCTION: -d2i_DISPLAYTEXT 1315 1_1_0d EXIST::FUNCTION: -TS_CONF_set_clock_precision_digits 1316 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_add1_attr 1317 1_1_0d EXIST::FUNCTION: -CMS_signed_add1_attr_by_OBJ 1318 1_1_0d EXIST::FUNCTION:CMS -CRYPTO_mem_debug_realloc 1319 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -EVP_PKEY_asn1_set_private 1320 1_1_0d EXIST::FUNCTION: -EVP_aes_128_cbc_hmac_sha1 1321 1_1_0d EXIST::FUNCTION: -ASN1_item_i2d_fp 1322 1_1_0d EXIST::FUNCTION:STDIO -PKCS12_add_cert 1323 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_table 1324 1_1_0d EXIST::FUNCTION: -d2i_CPK_MASTER_SECRET 1325 1_1_0d EXIST::FUNCTION: -CMS_ContentInfo_it 1326 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS -CMS_ContentInfo_it 1326 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS -TS_RESP_CTX_set_signer_cert 1327 1_1_0d EXIST::FUNCTION:TS -CMS_set_detached 1328 1_1_0d EXIST::FUNCTION:CMS -POLICY_MAPPING_free 1329 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_free 1330 1_1_0d EXIST::FUNCTION:OCSP -OPENSSL_issetugid 1331 1_1_0d EXIST::FUNCTION: -HMAC_CTX_set_flags 1332 1_1_0d EXIST::FUNCTION: -BN_set_params 1333 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 -i2d_PUBKEY 1334 1_1_0d EXIST::FUNCTION: -EVP_PKEY_decrypt 1335 1_1_0d EXIST::FUNCTION: -ENGINE_init 1336 1_1_0d EXIST::FUNCTION:ENGINE -CRYPTO_cts128_encrypt_block 1337 1_1_0d EXIST::FUNCTION: -UI_construct_prompt 1338 1_1_0d EXIST::FUNCTION:UI -SRP_create_verifier 1339 1_1_0d EXIST::FUNCTION:SRP -OBJ_sn2nid 1340 1_1_0d EXIST::FUNCTION: -RSA_meth_get_mod_exp 1341 1_1_0d EXIST::FUNCTION:RSA -OCSP_REQ_CTX_http 1342 1_1_0d EXIST::FUNCTION:OCSP -BN_free 1343 1_1_0d EXIST::FUNCTION: -TXT_DB_write 1344 1_1_0d EXIST::FUNCTION: -CRYPTO_ctr128_encrypt 1345 1_1_0d EXIST::FUNCTION: -i2d_NETSCAPE_CERT_SEQUENCE 1346 1_1_0d EXIST::FUNCTION: -OCSP_request_set1_name 1347 1_1_0d EXIST::FUNCTION:OCSP -EVP_CIPHER_set_asn1_iv 1348 1_1_0d EXIST::FUNCTION: -EC_KEY_METHOD_set_keygen 1349 1_1_0d EXIST::FUNCTION:EC -EVP_MD_sgd 1350 1_1_0d EXIST::FUNCTION: -d2i_TS_ACCURACY 1351 1_1_0d EXIST::FUNCTION:TS -AES_set_decrypt_key 1352 1_1_0d EXIST::FUNCTION: -PKCS12_get_friendlyname 1353 1_1_0d EXIST::FUNCTION: -X509_ALGOR_set0 1354 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get1_RSA 1355 1_1_0d EXIST::FUNCTION:RSA -d2i_PKCS12 1356 1_1_0d EXIST::FUNCTION: -EC_KEY_METHOD_get_keygen 1357 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_keygen_init 1358 1_1_0d EXIST::FUNCTION: -PEM_write_PKCS7 1359 1_1_0d EXIST::FUNCTION:STDIO -X509_dup 1360 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_solve_quad_arr 1361 1_1_0d EXIST::FUNCTION:EC2M -DH_meth_get_bn_mod_exp 1362 1_1_0d EXIST::FUNCTION:DH -CMS_add0_RevocationInfoChoice 1363 1_1_0d EXIST::FUNCTION:CMS -X509_add1_trust_object 1364 1_1_0d EXIST::FUNCTION: -i2d_X509_bio 1365 1_1_0d EXIST::FUNCTION: -RAND_egd_bytes 1366 1_1_0d EXIST::FUNCTION:EGD -ASYNC_WAIT_CTX_clear_fd 1367 1_1_0d EXIST::FUNCTION: -ASN1_STRING_print 1368 1_1_0d EXIST::FUNCTION: -ENGINE_get_ex_data 1369 1_1_0d EXIST::FUNCTION:ENGINE -SXNETID_free 1370 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_set 1371 1_1_0d EXIST::FUNCTION: -i2d_OCSP_REQINFO 1372 1_1_0d EXIST::FUNCTION:OCSP -X509_REQ_get_attr_by_NID 1373 1_1_0d EXIST::FUNCTION: -i2d_CERTIFICATEPOLICIES 1374 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_write_lock 1375 1_1_0d EXIST::FUNCTION: -EVP_bf_ofb 1376 1_1_0d EXIST::FUNCTION:BF -d2i_PBKDF2PARAM 1377 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_free 1378 1_1_0d EXIST::FUNCTION: -BIO_get_new_index 1379 1_1_0d EXIST::FUNCTION: -SOF_VerifySignedMessageDetach 1380 1_1_0d EXIST::FUNCTION: -d2i_OCSP_RESPBYTES 1381 1_1_0d EXIST::FUNCTION:OCSP -i2d_PKCS7_SIGNED 1382 1_1_0d EXIST::FUNCTION: -OCSP_cert_id_new 1383 1_1_0d EXIST::FUNCTION:OCSP -EC_POINT_oct2point 1384 1_1_0d EXIST::FUNCTION:EC -X509V3_EXT_i2d 1385 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_init 1386 1_1_0d EXIST::FUNCTION: -i2d_ECParameters 1387 1_1_0d EXIST::FUNCTION:EC -ERR_peek_last_error 1388 1_1_0d EXIST::FUNCTION: -EVP_MD_size 1389 1_1_0d EXIST::FUNCTION: -X509_OBJECT_retrieve_by_subject 1390 1_1_0d EXIST::FUNCTION: -RC2_set_key 1391 1_1_0d EXIST::FUNCTION:RC2 -PKCS7_set_cipher 1392 1_1_0d EXIST::FUNCTION: -d2i_ASN1_INTEGER 1393 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_unshift 1394 1_1_0d EXIST::FUNCTION: -SAF_EccPublicKeyEnc 1395 1_1_0d EXIST::FUNCTION: -OPENSSL_isservice 1396 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kari_orig_id_cmp 1397 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_get_check_revocation 1398 1_1_0d EXIST::FUNCTION: -ENGINE_set_EC 1399 1_1_0d EXIST::FUNCTION:ENGINE -BN_hex2bn 1400 1_1_0d EXIST::FUNCTION: -EVP_SignFinal 1401 1_1_0d EXIST::FUNCTION: -d2i_ECPrivateKey_fp 1402 1_1_0d EXIST::FUNCTION:EC,STDIO -BUF_MEM_free 1403 1_1_0d EXIST::FUNCTION: -d2i_ASN1_PRINTABLESTRING 1404 1_1_0d EXIST::FUNCTION: -X509_signature_print 1405 1_1_0d EXIST::FUNCTION: -DH_meth_get_flags 1406 1_1_0d EXIST::FUNCTION:DH -X509_REQ_add_extensions_nid 1407 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get1_PAILLIER 1408 1_1_0d EXIST::FUNCTION:PAILLIER -EC_GROUP_get_cofactor 1409 1_1_0d EXIST::FUNCTION:EC -BB1IBE_do_decrypt 1410 1_1_0d EXIST::FUNCTION: -i2d_BB1PrivateKeyBlock 1411 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_cleanup 1412 1_1_0d EXIST::FUNCTION: -X509_NAME_ENTRY_get_data 1413 1_1_0d EXIST::FUNCTION: -d2i_X509_fp 1414 1_1_0d EXIST::FUNCTION:STDIO -DSA_get0_key 1415 1_1_0d EXIST::FUNCTION:DSA -BIO_ADDRINFO_socktype 1416 1_1_0d EXIST::FUNCTION:SOCK -DHparams_dup 1417 1_1_0d EXIST::FUNCTION:DH -Camellia_encrypt 1418 1_1_0d EXIST::FUNCTION:CAMELLIA -NETSCAPE_SPKI_b64_decode 1419 1_1_0d EXIST::FUNCTION: -EC_KEY_get0_public_key 1420 1_1_0d EXIST::FUNCTION:EC -EVP_aes_256_cbc_hmac_sha1 1421 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_input_blocksize 1422 1_1_0d EXIST::FUNCTION: -CRYPTO_nistcts128_encrypt_block 1423 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_get_init 1424 1_1_0d EXIST::FUNCTION: -CONF_set_nconf 1425 1_1_0d EXIST::FUNCTION: -X509_cmp_time 1426 1_1_0d EXIST::FUNCTION: -TS_ACCURACY_new 1427 1_1_0d EXIST::FUNCTION:TS -SAF_AddTrustedRootCaCertificate 1428 1_1_0d EXIST::FUNCTION: -EC_GROUP_dup 1429 1_1_0d EXIST::FUNCTION:EC -X509_ocspid_print 1430 1_1_0d EXIST::FUNCTION: -i2d_re_X509_REQ_tbs 1431 1_1_0d EXIST::FUNCTION: -BIO_vprintf 1432 1_1_0d EXIST::FUNCTION: -X509_NAME_get_index_by_NID 1433 1_1_0d EXIST::FUNCTION: -d2i_PublicKey 1434 1_1_0d EXIST::FUNCTION: -BN_exp 1435 1_1_0d EXIST::FUNCTION: -BN_clear_bit 1436 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_is_sorted 1437 1_1_0d EXIST::FUNCTION: -SKF_PrintECCCipher 1438 1_1_0d EXIST::FUNCTION: -SAF_EccVerifySignFile 1439 1_1_0d EXIST::FUNCTION: -CONF_module_get_usr_data 1440 1_1_0d EXIST::FUNCTION: -DH_meth_set_flags 1441 1_1_0d EXIST::FUNCTION:DH -X509_set_proxy_flag 1442 1_1_0d EXIST::FUNCTION: -SM9_encrypt 1443 1_1_0d EXIST::FUNCTION: -BN_mod_exp_recp 1444 1_1_0d EXIST::FUNCTION: -BN_GFP2_sub_bn 1445 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_free 1446 1_1_0d EXIST::FUNCTION: -PKCS8_set0_pbe 1447 1_1_0d EXIST::FUNCTION: -speck_decrypt 1448 1_1_0d NOEXIST::FUNCTION: -X509_STORE_CTX_set_time 1449 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_add1_ext_i2d 1450 1_1_0d EXIST::FUNCTION:OCSP -i2d_PKCS8_PRIV_KEY_INFO_bio 1451 1_1_0d EXIST::FUNCTION: -OCSP_request_sign 1452 1_1_0d EXIST::FUNCTION:OCSP -POLICY_MAPPING_it 1453 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPING_it 1453 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PKCS7_ENCRYPT_new 1454 1_1_0d EXIST::FUNCTION: -OBJ_length 1455 1_1_0d EXIST::FUNCTION: -SOF_CreateTimeStampRequest 1456 1_1_0d EXIST::FUNCTION: -PKCS5_PBE_add 1457 1_1_0d EXIST::FUNCTION: -PKCS12_set_mac 1458 1_1_0d EXIST::FUNCTION: -ENGINE_get_load_pubkey_function 1459 1_1_0d EXIST::FUNCTION:ENGINE -RSA_meth_get_priv_enc 1460 1_1_0d EXIST::FUNCTION:RSA -TS_RESP_verify_token 1461 1_1_0d EXIST::FUNCTION:TS -BIO_new_fd 1462 1_1_0d EXIST::FUNCTION: -X509_CRL_get_lastUpdate 1463 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -X509_CRL_get_ext_by_OBJ 1464 1_1_0d EXIST::FUNCTION: -X509_print 1465 1_1_0d EXIST::FUNCTION: -i2d_ECPrivateKey_fp 1466 1_1_0d EXIST::FUNCTION:EC,STDIO -SAF_HashUpdate 1467 1_1_0d EXIST::FUNCTION: -EC_KEY_up_ref 1468 1_1_0d EXIST::FUNCTION:EC -EC_KEY_get_ECCrefPublicKey 1469 1_1_0d EXIST::FUNCTION: -PKCS8_decrypt 1470 1_1_0d EXIST::FUNCTION: -d2i_PKCS8_bio 1471 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_set_uint64 1472 1_1_0d EXIST::FUNCTION: -X509_NAME_get_index_by_OBJ 1473 1_1_0d EXIST::FUNCTION: -X509_TRUST_set 1474 1_1_0d EXIST::FUNCTION: -X509_CINF_free 1475 1_1_0d EXIST::FUNCTION: -i2d_X509 1476 1_1_0d EXIST::FUNCTION: -ASN1_item_ex_d2i 1477 1_1_0d EXIST::FUNCTION: -X509_check_ca 1478 1_1_0d EXIST::FUNCTION: -AUTHORITY_INFO_ACCESS_new 1479 1_1_0d EXIST::FUNCTION: -OCSP_resp_get0_id 1480 1_1_0d EXIST::FUNCTION:OCSP -RSA_set_method 1481 1_1_0d EXIST::FUNCTION:RSA -X509_keyid_set1 1482 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_new 1483 1_1_0d EXIST::FUNCTION: -ASN1_NULL_free 1484 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_insert 1485 1_1_0d EXIST::FUNCTION: -PKCS5_v2_scrypt_keyivgen 1486 1_1_0d EXIST::FUNCTION:SCRYPT -CMS_signed_delete_attr 1487 1_1_0d EXIST::FUNCTION:CMS -CMS_RecipientInfo_kari_get0_reks 1488 1_1_0d EXIST::FUNCTION:CMS -EC_KEY_METHOD_set_compute_key 1489 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_new_mac_key 1490 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_tag 1491 1_1_0d EXIST::FUNCTION: -X509_NAME_new 1492 1_1_0d EXIST::FUNCTION: -BIO_meth_set_callback_ctrl 1493 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_create_by_OBJ 1494 1_1_0d EXIST::FUNCTION: -PEM_write_bio_RSAPrivateKey 1495 1_1_0d EXIST::FUNCTION:RSA -d2i_ASN1_VISIBLESTRING 1496 1_1_0d EXIST::FUNCTION: -ERR_load_DSO_strings 1497 1_1_0d EXIST::FUNCTION: -SOF_GetEncryptMethod 1498 1_1_0d EXIST::FUNCTION: -i2d_SM2CiphertextValue 1499 1_1_0d EXIST::FUNCTION: -ENGINE_set_flags 1500 1_1_0d EXIST::FUNCTION:ENGINE -NETSCAPE_SPKI_set_pubkey 1501 1_1_0d EXIST::FUNCTION: -EVP_PKEY_set_type 1502 1_1_0d EXIST::FUNCTION: -EVP_whirlpool 1503 1_1_0d EXIST::FUNCTION:WHIRLPOOL -EVP_aes_256_ccm 1504 1_1_0d EXIST::FUNCTION: -i2d_CMS_ContentInfo 1505 1_1_0d EXIST::FUNCTION:CMS -ERR_print_errors 1506 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_set0_value 1507 1_1_0d EXIST::FUNCTION: -KDF_get_x9_63 1508 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_get_count 1509 1_1_0d EXIST::FUNCTION: -BN_BLINDING_unlock 1510 1_1_0d EXIST::FUNCTION: -X509_load_cert_crl_file 1511 1_1_0d EXIST::FUNCTION: -NETSCAPE_CERT_SEQUENCE_new 1512 1_1_0d EXIST::FUNCTION: -EC_KEY_get_flags 1513 1_1_0d EXIST::FUNCTION:EC -X509_NAME_ENTRY_dup 1514 1_1_0d EXIST::FUNCTION: -d2i_BFPrivateKeyBlock 1515 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_current_cert 1516 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_set_ordering 1517 1_1_0d EXIST::FUNCTION:TS -ENGINE_get_name 1518 1_1_0d EXIST::FUNCTION:ENGINE -d2i_POLICYQUALINFO 1519 1_1_0d EXIST::FUNCTION: -HMAC_CTX_new 1520 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_delete_ext 1521 1_1_0d EXIST::FUNCTION:OCSP -SAF_MacUpdate 1522 1_1_0d EXIST::FUNCTION: -PKCS12_PBE_add 1523 1_1_0d EXIST::FUNCTION: -CONF_dump_bio 1524 1_1_0d EXIST::FUNCTION: -i2d_RSA_OAEP_PARAMS 1525 1_1_0d EXIST::FUNCTION:RSA -RSA_get_RSArefPublicKey 1526 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_by_subject 1527 1_1_0d EXIST::FUNCTION: -SDF_ExternalEncrypt_ECC 1528 1_1_0d EXIST::FUNCTION: -ECPKPARAMETERS_it 1529 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC -ECPKPARAMETERS_it 1529 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC -RSA_generate_key 1530 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,RSA -BN_MONT_CTX_free 1531 1_1_0d EXIST::FUNCTION: -RSA_get0_factors 1532 1_1_0d EXIST::FUNCTION:RSA -CONF_get1_default_config_file 1533 1_1_0d EXIST::FUNCTION: -BB1PublicParameters_it 1534 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BB1PublicParameters_it 1534 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_SEQUENCE_it 1535 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_SEQUENCE_it 1535 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SCT_get_timestamp 1536 1_1_0d EXIST::FUNCTION:CT -i2d_DIST_POINT_NAME 1537 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_get_ext_by_OBJ 1538 1_1_0d EXIST::FUNCTION:OCSP -UI_get_default_method 1539 1_1_0d EXIST::FUNCTION:UI -ASN1_GENERALIZEDTIME_check 1540 1_1_0d EXIST::FUNCTION: -RSA_size 1541 1_1_0d EXIST::FUNCTION:RSA -SM9PublicParameters_new 1542 1_1_0d EXIST::FUNCTION: -EVP_camellia_192_ecb 1543 1_1_0d EXIST::FUNCTION:CAMELLIA -PEM_write_RSAPrivateKey 1544 1_1_0d EXIST::FUNCTION:RSA,STDIO -CMS_SignerInfo_get0_md_ctx 1545 1_1_0d EXIST::FUNCTION:CMS -FFX_init 1546 1_1_0d EXIST::FUNCTION: -ENGINE_set_ctrl_function 1547 1_1_0d EXIST::FUNCTION:ENGINE -X509V3_conf_free 1548 1_1_0d EXIST::FUNCTION: -BIO_method_type 1549 1_1_0d EXIST::FUNCTION: -DIST_POINT_it 1550 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -DIST_POINT_it 1550 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SAF_DestroyKeyHandle 1551 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get_keygen_info 1552 1_1_0d EXIST::FUNCTION: -BN_MONT_CTX_copy 1553 1_1_0d EXIST::FUNCTION: -SM9MasterSecret_free 1554 1_1_0d EXIST::FUNCTION: -ECPKParameters_print 1555 1_1_0d EXIST::FUNCTION:EC -BN_mod_lshift_quick 1556 1_1_0d EXIST::FUNCTION: -_shadow_DES_check_key 1557 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES -_shadow_DES_check_key 1557 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES -RSA_meth_set_pub_dec 1558 1_1_0d EXIST::FUNCTION:RSA -OBJ_NAME_cleanup 1559 1_1_0d EXIST::FUNCTION: -RSA_padding_add_PKCS1_OAEP_mgf1 1560 1_1_0d EXIST::FUNCTION:RSA -BIO_ADDRINFO_protocol 1561 1_1_0d EXIST::FUNCTION:SOCK -X509V3_add_value 1562 1_1_0d EXIST::FUNCTION: -EC_curve_nid2nist 1563 1_1_0d EXIST::FUNCTION:EC -CMS_signed_get_attr_by_NID 1564 1_1_0d EXIST::FUNCTION:CMS -X509_VERIFY_PARAM_get_inh_flags 1565 1_1_0d EXIST::FUNCTION: -i2d_OCSP_REQUEST 1566 1_1_0d EXIST::FUNCTION:OCSP -i2d_OCSP_CERTID 1567 1_1_0d EXIST::FUNCTION:OCSP -BIO_gets 1568 1_1_0d EXIST::FUNCTION: -ERR_load_DH_strings 1569 1_1_0d EXIST::FUNCTION:DH -PKCS5_pbe_set 1570 1_1_0d EXIST::FUNCTION: -DSA_meth_get_sign 1571 1_1_0d EXIST::FUNCTION:DSA -d2i_PKCS7_ISSUER_AND_SERIAL 1572 1_1_0d EXIST::FUNCTION: -ERR_pop_to_mark 1573 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_encrypt 1574 1_1_0d EXIST::FUNCTION: -DSA_meth_set0_app_data 1575 1_1_0d EXIST::FUNCTION:DSA -X509_STORE_CTX_set0_dane 1576 1_1_0d EXIST::FUNCTION: -EVP_enc_null 1577 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_free 1578 1_1_0d EXIST::FUNCTION: -i2d_POLICYINFO 1579 1_1_0d EXIST::FUNCTION: -X509_CRL_dup 1580 1_1_0d EXIST::FUNCTION: -BN_uadd 1581 1_1_0d EXIST::FUNCTION: -BIO_callback_ctrl 1582 1_1_0d EXIST::FUNCTION: -PKCS7_new 1583 1_1_0d EXIST::FUNCTION: -X509v3_asid_is_canonical 1584 1_1_0d EXIST::FUNCTION:RFC3779 -PEM_write_bio_PKCS8PrivateKey 1585 1_1_0d EXIST::FUNCTION: -EC_POINT_add 1586 1_1_0d EXIST::FUNCTION:EC -PKCS8_PRIV_KEY_INFO_new 1587 1_1_0d EXIST::FUNCTION: -i2d_ESS_SIGNING_CERT 1588 1_1_0d EXIST::FUNCTION:TS -BIO_set_callback_arg 1589 1_1_0d EXIST::FUNCTION: -DSO_bind_func 1590 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_delete_ext 1591 1_1_0d EXIST::FUNCTION:OCSP -BIO_new_mem_buf 1592 1_1_0d EXIST::FUNCTION: -EC_KEY_new_from_ECCrefPrivateKey 1593 1_1_0d EXIST::FUNCTION: -ASN1_VISIBLESTRING_new 1594 1_1_0d EXIST::FUNCTION: -CRYPTO_atomic_add 1595 1_1_0d EXIST::FUNCTION: -AES_set_encrypt_key 1596 1_1_0d EXIST::FUNCTION: -BIO_sock_info 1597 1_1_0d EXIST::FUNCTION:SOCK -SKF_OpenApplication 1598 1_1_0d EXIST::FUNCTION: -X509_CRL_get_ext_by_critical 1599 1_1_0d EXIST::FUNCTION: -X509_NAME_ENTRY_set_object 1600 1_1_0d EXIST::FUNCTION: -i2d_ASRange 1601 1_1_0d EXIST::FUNCTION:RFC3779 -v2i_ASN1_BIT_STRING 1602 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_seed_len 1603 1_1_0d EXIST::FUNCTION:EC -X509v3_get_ext_by_critical 1604 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_iv_length 1605 1_1_0d EXIST::FUNCTION: -PKCS7_add0_attrib_signing_time 1606 1_1_0d EXIST::FUNCTION: -d2i_PKCS7_bio 1607 1_1_0d EXIST::FUNCTION: -d2i_ECDSA_SIG 1608 1_1_0d EXIST::FUNCTION:EC -SAF_EccPublicKeyEncByCert 1609 1_1_0d EXIST::FUNCTION: -HMAC_Update 1610 1_1_0d EXIST::FUNCTION: -EC_GROUP_check_discriminant 1611 1_1_0d EXIST::FUNCTION:EC -BN_GFP2_exp 1612 1_1_0d EXIST::FUNCTION: -BIO_meth_get_read 1613 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_set_int_octetstring 1614 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_set_public 1615 1_1_0d EXIST::FUNCTION: -PKCS7_get_signer_info 1616 1_1_0d EXIST::FUNCTION: -EC_POINT_hex2point 1617 1_1_0d EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set_auth_level 1618 1_1_0d EXIST::FUNCTION: -SKF_DecryptUpdate 1619 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_app_datasize 1620 1_1_0d EXIST::FUNCTION: -TS_REQ_get_cert_req 1621 1_1_0d EXIST::FUNCTION:TS -SKF_OpenContainer 1622 1_1_0d EXIST::FUNCTION: -X509_REQ_digest 1623 1_1_0d EXIST::FUNCTION: -X509_SIG_getm 1624 1_1_0d EXIST::FUNCTION: -i2a_ASN1_OBJECT 1625 1_1_0d EXIST::FUNCTION: -serpent_decrypt 1626 1_1_0d EXIST::FUNCTION: -USERNOTICE_free 1627 1_1_0d EXIST::FUNCTION: -X509_get0_notAfter 1628 1_1_0d EXIST::FUNCTION: -ASN1_UNIVERSALSTRING_free 1629 1_1_0d EXIST::FUNCTION: -i2d_ECIES_CIPHERTEXT_VALUE 1630 1_1_0d EXIST::FUNCTION: -NETSCAPE_CERT_SEQUENCE_it 1631 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NETSCAPE_CERT_SEQUENCE_it 1631 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DSO_free 1632 1_1_0d EXIST::FUNCTION: -DSA_generate_key 1633 1_1_0d EXIST::FUNCTION:DSA -EVP_EncodeUpdate 1634 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_sign 1635 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_ext_d2i 1636 1_1_0d EXIST::FUNCTION:TS -SAF_RsaSignFile 1637 1_1_0d EXIST::FUNCTION: -SM2_KAP_final_check 1638 1_1_0d EXIST::FUNCTION: -OPENSSL_init 1639 1_1_0d EXIST::FUNCTION: -EVP_aes_128_ocb 1640 1_1_0d EXIST::FUNCTION:OCB -ASN1_item_pack 1641 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_stats_bio 1642 1_1_0d EXIST::FUNCTION: -CMS_ReceiptRequest_create0 1643 1_1_0d EXIST::FUNCTION:CMS -OPENSSL_sk_delete_ptr 1644 1_1_0d EXIST::FUNCTION: -X509_CERT_AUX_it 1645 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CERT_AUX_it 1645 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ERR_load_SM9_strings 1646 1_1_0d EXIST::FUNCTION: -EC_KEY_can_sign 1647 1_1_0d EXIST::FUNCTION:EC -ASYNC_WAIT_CTX_get_fd 1648 1_1_0d EXIST::FUNCTION: -X509_policy_level_get0_node 1649 1_1_0d EXIST::FUNCTION: -EC_KEY_priv2buf 1650 1_1_0d EXIST::FUNCTION:EC -ENGINE_set_RSA 1651 1_1_0d EXIST::FUNCTION:ENGINE -CONF_modules_load 1652 1_1_0d EXIST::FUNCTION: -OCSP_RESPDATA_free 1653 1_1_0d EXIST::FUNCTION:OCSP -WHIRLPOOL 1654 1_1_0d EXIST::FUNCTION:WHIRLPOOL -AUTHORITY_KEYID_it 1655 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -AUTHORITY_KEYID_it 1655 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_EXTENSION_new 1656 1_1_0d EXIST::FUNCTION: -X509_NAME_delete_entry 1657 1_1_0d EXIST::FUNCTION: -X509_STORE_get_check_policy 1658 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_tsa 1659 1_1_0d EXIST::FUNCTION:TS -X509_get0_trust_objects 1660 1_1_0d EXIST::FUNCTION: -EC_KEY_GmSSL 1661 1_1_0d EXIST::FUNCTION: -d2i_DIST_POINT_NAME 1662 1_1_0d EXIST::FUNCTION: -DH_meth_get_init 1663 1_1_0d EXIST::FUNCTION:DH -DH_new_method 1664 1_1_0d EXIST::FUNCTION:DH -BB1IBE_encrypt 1665 1_1_0d EXIST::FUNCTION: -TS_REQ_set_nonce 1666 1_1_0d EXIST::FUNCTION:TS -RSA_get0_crt_params 1667 1_1_0d EXIST::FUNCTION:RSA -AES_ofb128_encrypt 1668 1_1_0d EXIST::FUNCTION: -RSA_check_key 1669 1_1_0d EXIST::FUNCTION:RSA -EVP_sha384 1670 1_1_0d EXIST:!VMSVAX:FUNCTION: -X509_get_pathlen 1671 1_1_0d EXIST::FUNCTION: -ASYNC_unblock_pause 1672 1_1_0d EXIST::FUNCTION: -EVP_aes_256_gcm 1673 1_1_0d EXIST::FUNCTION: -ASN1_BMPSTRING_free 1674 1_1_0d EXIST::FUNCTION: -RAND_egd 1675 1_1_0d EXIST::FUNCTION:EGD -BIO_meth_free 1676 1_1_0d EXIST::FUNCTION: -EVP_des_ede_ofb 1677 1_1_0d EXIST::FUNCTION:DES -X509_EXTENSION_it 1678 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_EXTENSION_it 1678 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_CIPHER_flags 1679 1_1_0d EXIST::FUNCTION: -i2d_DSAPrivateKey 1680 1_1_0d EXIST::FUNCTION:DSA -MD4_Transform 1681 1_1_0d EXIST::FUNCTION:MD4 -PKCS12_newpass 1682 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_get_nm_flags 1683 1_1_0d EXIST::FUNCTION: -SDF_Encrypt 1684 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get_app_data 1685 1_1_0d EXIST::FUNCTION: -EVP_blake2b512 1686 1_1_0d EXIST::FUNCTION:BLAKE2 -EVP_CIPHER_block_size 1687 1_1_0d EXIST::FUNCTION: -X509_issuer_name_hash 1688 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_solve_quad 1689 1_1_0d EXIST::FUNCTION:EC2M -EVP_CIPHER_CTX_test_flags 1690 1_1_0d EXIST::FUNCTION: -BIO_s_file 1691 1_1_0d EXIST::FUNCTION: -BN_sub 1692 1_1_0d EXIST::FUNCTION: -d2i_PROXY_CERT_INFO_EXTENSION 1693 1_1_0d EXIST::FUNCTION: -BN_secure_new 1694 1_1_0d EXIST::FUNCTION: -X509_CRL_set1_lastUpdate 1695 1_1_0d EXIST::FUNCTION: -SDF_ImportKeyWithKEK 1696 1_1_0d EXIST::FUNCTION: -SAF_VerifyCertificate 1697 1_1_0d EXIST::FUNCTION: -DSO_load 1698 1_1_0d EXIST::FUNCTION: -OCSP_resp_get0_signature 1699 1_1_0d EXIST::FUNCTION:OCSP -UI_method_get_reader 1700 1_1_0d EXIST::FUNCTION:UI -RSA_meth_get_flags 1701 1_1_0d EXIST::FUNCTION:RSA -i2d_TS_REQ_fp 1702 1_1_0d EXIST::FUNCTION:STDIO,TS -EC_POINT_point2bn 1703 1_1_0d EXIST::FUNCTION:EC -CMS_ReceiptRequest_free 1704 1_1_0d EXIST::FUNCTION:CMS -GENERAL_NAMES_new 1705 1_1_0d EXIST::FUNCTION: -SAF_Base64_Decode 1706 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_get_ext_by_critical 1707 1_1_0d EXIST::FUNCTION:OCSP -OBJ_new_nid 1708 1_1_0d EXIST::FUNCTION: -TS_RESP_get_token 1709 1_1_0d EXIST::FUNCTION:TS -ASN1_buf_print 1710 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_DSA 1711 1_1_0d EXIST::FUNCTION:ENGINE -PEM_read_bio_ECPrivateKey 1712 1_1_0d EXIST::FUNCTION:EC -CMS_ContentInfo_free 1713 1_1_0d EXIST::FUNCTION:CMS -BIO_get_data 1714 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_lock_free 1715 1_1_0d EXIST::FUNCTION: -i2o_SCT_LIST 1716 1_1_0d EXIST::FUNCTION:CT -BN_bn2lebinpad 1717 1_1_0d EXIST::FUNCTION: -SKF_ExtECCEncrypt 1718 1_1_0d EXIST::FUNCTION: -X509_CRL_diff 1719 1_1_0d EXIST::FUNCTION: -GENERAL_SUBTREE_free 1720 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_degree 1721 1_1_0d EXIST::FUNCTION:EC -EVP_read_pw_string_min 1722 1_1_0d EXIST::FUNCTION:UI -SOF_GetVersion 1723 1_1_0d EXIST::FUNCTION: -TS_REQ_get_msg_imprint 1724 1_1_0d EXIST::FUNCTION:TS -SKF_SetLabel 1725 1_1_0d EXIST::FUNCTION: -X509_STORE_get_ex_data 1726 1_1_0d EXIST::FUNCTION: -sms4_encrypt_16blocks 1727 1_1_0d EXIST::FUNCTION: -PEM_read_bio_DHparams 1728 1_1_0d EXIST::FUNCTION:DH -PKCS12_SAFEBAG_it 1729 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS12_SAFEBAG_it 1729 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_request_onereq_count 1730 1_1_0d EXIST::FUNCTION:OCSP -X509V3_add1_i2d 1731 1_1_0d EXIST::FUNCTION: -ENGINE_get_next 1732 1_1_0d EXIST::FUNCTION:ENGINE -OCSP_REQUEST_get_ext 1733 1_1_0d EXIST::FUNCTION:OCSP -ECDSA_SIG_new_from_ECCSignature 1734 1_1_0d EXIST::FUNCTION: -DSAparams_print_fp 1735 1_1_0d EXIST::FUNCTION:DSA,STDIO -BIO_new 1736 1_1_0d EXIST::FUNCTION: -PEM_read_RSAPublicKey 1737 1_1_0d EXIST::FUNCTION:RSA,STDIO -X509_get_proxy_pathlen 1738 1_1_0d EXIST::FUNCTION: -i2d_PKCS12_BAGS 1739 1_1_0d EXIST::FUNCTION: -X509_REVOKED_set_serialNumber 1740 1_1_0d EXIST::FUNCTION: -COMP_expand_block 1741 1_1_0d EXIST::FUNCTION:COMP -OCSP_SERVICELOC_new 1742 1_1_0d EXIST::FUNCTION:OCSP -d2i_PUBKEY_bio 1743 1_1_0d EXIST::FUNCTION: -CRYPTO_set_mem_functions 1744 1_1_0d EXIST::FUNCTION: -ASYNC_is_capable 1745 1_1_0d EXIST::FUNCTION: -PKCS7_SIGN_ENVELOPE_it 1746 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_SIGN_ENVELOPE_it 1746 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_GetContainerType 1747 1_1_0d EXIST::FUNCTION: -EC_POINTs_make_affine 1748 1_1_0d EXIST::FUNCTION:EC -DH_get_ex_data 1749 1_1_0d EXIST::FUNCTION:DH -d2i_FpPoint 1750 1_1_0d EXIST::FUNCTION: -BIO_meth_get_create 1751 1_1_0d EXIST::FUNCTION: -i2d_X509_CRL 1752 1_1_0d EXIST::FUNCTION: -X509_STORE_get_get_crl 1753 1_1_0d EXIST::FUNCTION: -BN_get_rfc2409_prime_768 1754 1_1_0d EXIST::FUNCTION: -DH_set_default_method 1755 1_1_0d EXIST::FUNCTION:DH -SAF_Finalize 1756 1_1_0d EXIST::FUNCTION: -i2d_OCSP_CRLID 1757 1_1_0d EXIST::FUNCTION:OCSP -BB1IBE_extract_private_key 1758 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTS_set_certs 1759 1_1_0d EXIST::FUNCTION:TS -PKCS7_add_signed_attribute 1760 1_1_0d EXIST::FUNCTION: -PEM_SignUpdate 1761 1_1_0d EXIST::FUNCTION: -EC_KEY_set_ECCrefPrivateKey 1762 1_1_0d EXIST::FUNCTION: -EVP_rc2_64_cbc 1763 1_1_0d EXIST::FUNCTION:RC2 -SAF_GenEccKeyPair 1764 1_1_0d EXIST::FUNCTION: -SXNET_new 1765 1_1_0d EXIST::FUNCTION: -SCT_new_from_base64 1766 1_1_0d EXIST::FUNCTION:CT -X509_VERIFY_PARAM_table_cleanup 1767 1_1_0d EXIST::FUNCTION: -EVP_PKEY_set1_DSA 1768 1_1_0d EXIST::FUNCTION:DSA -OPENSSL_strlcpy 1769 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_encrypting 1770 1_1_0d EXIST::FUNCTION: -UI_set_method 1771 1_1_0d EXIST::FUNCTION:UI -X509v3_addr_is_canonical 1772 1_1_0d EXIST::FUNCTION:RFC3779 -SM9_setup_by_pairing_name 1773 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_ecparameters 1774 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_get1_EC_KEY 1775 1_1_0d EXIST::FUNCTION:EC -OCSP_BASICRESP_get_ext_by_NID 1776 1_1_0d EXIST::FUNCTION:OCSP -BIO_ADDR_service_string 1777 1_1_0d EXIST::FUNCTION:SOCK -OPENSSL_LH_stats 1778 1_1_0d EXIST::FUNCTION:STDIO -DSO_pathbyaddr 1779 1_1_0d EXIST::FUNCTION: -CPK_MAP_new_default 1780 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get1_cert 1781 1_1_0d EXIST::FUNCTION: -i2d_SXNETID 1782 1_1_0d EXIST::FUNCTION: -RSA_new_from_RSAPUBLICKEYBLOB 1783 1_1_0d EXIST::FUNCTION: -BIGNUM_it 1784 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BIGNUM_it 1784 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_CipherInit 1785 1_1_0d EXIST::FUNCTION: -BIO_f_linebuffer 1786 1_1_0d EXIST::FUNCTION: -X509_NAME_ENTRY_create_by_NID 1787 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_set_app_data 1788 1_1_0d EXIST::FUNCTION: -EVP_DecodeFinal 1789 1_1_0d EXIST::FUNCTION: -SCT_set_source 1790 1_1_0d EXIST::FUNCTION:CT -X509_NAME_digest 1791 1_1_0d EXIST::FUNCTION: -ASN1_STRING_type_new 1792 1_1_0d EXIST::FUNCTION: -EVP_camellia_192_cfb128 1793 1_1_0d EXIST::FUNCTION:CAMELLIA -TS_STATUS_INFO_set_status 1794 1_1_0d EXIST::FUNCTION:TS -X509v3_addr_subset 1795 1_1_0d EXIST::FUNCTION:RFC3779 -OCSP_CERTSTATUS_free 1796 1_1_0d EXIST::FUNCTION:OCSP -OCSP_RESPDATA_new 1797 1_1_0d EXIST::FUNCTION:OCSP -BIO_meth_get_callback_ctrl 1798 1_1_0d EXIST::FUNCTION: -i2d_PaillierPublicKey 1799 1_1_0d EXIST::FUNCTION: -X509_STORE_get_verify_cb 1800 1_1_0d EXIST::FUNCTION: -X509_PKEY_new 1801 1_1_0d EXIST::FUNCTION: -BUF_MEM_grow_clean 1802 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_do_cipher 1803 1_1_0d EXIST::FUNCTION: -NCONF_free_data 1804 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_get_octetstring 1805 1_1_0d EXIST::FUNCTION: -DH_meth_set_generate_params 1806 1_1_0d EXIST::FUNCTION:DH -UI_free 1807 1_1_0d EXIST::FUNCTION:UI -ASN1_TIME_set 1808 1_1_0d EXIST::FUNCTION: -PEM_read_X509 1809 1_1_0d EXIST::FUNCTION:STDIO -PEM_read_bio_PKCS7 1810 1_1_0d EXIST::FUNCTION: -PEM_write_X509_REQ_NEW 1811 1_1_0d EXIST::FUNCTION:STDIO -ENGINE_get_pkey_meth 1812 1_1_0d EXIST::FUNCTION:ENGINE -RSA_new_from_RSAPRIVATEKEYBLOB 1813 1_1_0d EXIST::FUNCTION: -PKCS7_DIGEST_free 1814 1_1_0d EXIST::FUNCTION: -ASN1_STRING_TABLE_add 1815 1_1_0d EXIST::FUNCTION: -i2d_OTHERNAME 1816 1_1_0d EXIST::FUNCTION: -SDF_InternalVerify_ECC 1817 1_1_0d EXIST::FUNCTION: -EVP_md4 1818 1_1_0d EXIST::FUNCTION:MD4 -EC_KEY_get_conv_form 1819 1_1_0d EXIST::FUNCTION:EC -SOF_InitCertAppPolicy 1820 1_1_0d EXIST::FUNCTION: -PKCS7_simple_smimecap 1821 1_1_0d EXIST::FUNCTION: -CMS_add0_recipient_key 1822 1_1_0d EXIST::FUNCTION:CMS -BIO_s_fd 1823 1_1_0d EXIST::FUNCTION: -BIO_clear_flags 1824 1_1_0d EXIST::FUNCTION: -SOF_DelCertTrustList 1825 1_1_0d EXIST::FUNCTION: -PKCS12_item_i2d_encrypt 1826 1_1_0d EXIST::FUNCTION: -BIO_get_retry_BIO 1827 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_get0_data 1828 1_1_0d EXIST::FUNCTION: -SKF_CreateApplication 1829 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_set_asn1_params 1830 1_1_0d EXIST::FUNCTION: -i2d_FpPoint 1831 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set0_param 1832 1_1_0d EXIST::FUNCTION: -ERR_load_EC_strings 1833 1_1_0d EXIST::FUNCTION:EC -ASIdOrRange_new 1834 1_1_0d EXIST::FUNCTION:RFC3779 -CMS_sign 1835 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_CTX_set_default 1836 1_1_0d EXIST::FUNCTION: -X509_REVOKED_dup 1837 1_1_0d EXIST::FUNCTION: -SM9_extract_private_key 1838 1_1_0d EXIST::FUNCTION: -d2i_PUBKEY 1839 1_1_0d EXIST::FUNCTION: -ERR_reason_error_string 1840 1_1_0d EXIST::FUNCTION: -ASN1_item_d2i_bio 1841 1_1_0d EXIST::FUNCTION: -CONF_imodule_get_module 1842 1_1_0d EXIST::FUNCTION: -X509_STORE_set_check_policy 1843 1_1_0d EXIST::FUNCTION: -PEM_write_RSA_PUBKEY 1844 1_1_0d EXIST::FUNCTION:RSA,STDIO -b2i_PrivateKey_bio 1845 1_1_0d EXIST::FUNCTION:DSA -POLICY_MAPPING_new 1846 1_1_0d EXIST::FUNCTION: -d2i_CERTIFICATEPOLICIES 1847 1_1_0d EXIST::FUNCTION: -EVP_aes_192_ccm 1848 1_1_0d EXIST::FUNCTION: -SM2_do_sign 1849 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNER_INFO_set 1850 1_1_0d EXIST::FUNCTION: -TS_CONF_set_serial 1851 1_1_0d EXIST::FUNCTION:TS -BIO_get_ex_data 1852 1_1_0d EXIST::FUNCTION: -i2d_X509_CERT_AUX 1853 1_1_0d EXIST::FUNCTION: -OCSP_request_onereq_get0 1854 1_1_0d EXIST::FUNCTION:OCSP -OPENSSL_LH_retrieve 1855 1_1_0d EXIST::FUNCTION: -d2i_IPAddressRange 1856 1_1_0d EXIST::FUNCTION:RFC3779 -X509_check_akid 1857 1_1_0d EXIST::FUNCTION: -SAF_GetCrlFromLdap 1858 1_1_0d EXIST::FUNCTION: -PKCS7_ENVELOPE_it 1859 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ENVELOPE_it 1859 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_PURPOSE_get0_sname 1860 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_digests 1861 1_1_0d EXIST::FUNCTION:ENGINE -RAND_bytes 1862 1_1_0d EXIST::FUNCTION: -i2d_X509_PUBKEY 1863 1_1_0d EXIST::FUNCTION: -SKF_ExportPublicKey 1864 1_1_0d EXIST::FUNCTION: -i2d_GENERAL_NAMES 1865 1_1_0d EXIST::FUNCTION: -ASN1_STRING_to_UTF8 1866 1_1_0d EXIST::FUNCTION: -ERR_peek_last_error_line_data 1867 1_1_0d EXIST::FUNCTION: -i2d_PKCS8_fp 1868 1_1_0d EXIST::FUNCTION:STDIO -TS_VERIFY_CTX_free 1869 1_1_0d EXIST::FUNCTION:TS -X509_get_ext_count 1870 1_1_0d EXIST::FUNCTION: -ENGINE_get_init_function 1871 1_1_0d EXIST::FUNCTION:ENGINE -NETSCAPE_CERT_SEQUENCE_free 1872 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_flags 1873 1_1_0d EXIST::FUNCTION: -X509_email_free 1874 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_get_pubkey 1875 1_1_0d EXIST::FUNCTION: -SOF_EncryptFile 1876 1_1_0d EXIST::FUNCTION: -SKF_ImportSessionKey 1877 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_cmp 1878 1_1_0d EXIST::FUNCTION: -SOF_VerifyTimeStamp 1879 1_1_0d EXIST::FUNCTION: -DH_set0_pqg 1880 1_1_0d EXIST::FUNCTION:DH -X509_NAME_print 1881 1_1_0d EXIST::FUNCTION: -BN_sqr 1882 1_1_0d EXIST::FUNCTION: -X509_CRL_set_default_method 1883 1_1_0d EXIST::FUNCTION: -d2i_TS_REQ_fp 1884 1_1_0d EXIST::FUNCTION:STDIO,TS -SOF_GetInfoFromSignedMessage 1885 1_1_0d EXIST::FUNCTION: -d2i_OCSP_CERTID 1886 1_1_0d EXIST::FUNCTION:OCSP -HMAC_Init 1887 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -CMAC_resume 1888 1_1_0d EXIST::FUNCTION:CMAC -FpPoint_free 1889 1_1_0d EXIST::FUNCTION: -EVP_EncryptFinal_ex 1890 1_1_0d EXIST::FUNCTION: -EVP_aes_128_gcm 1891 1_1_0d EXIST::FUNCTION: -EC_KEY_set_asn1_flag 1892 1_1_0d EXIST::FUNCTION:EC -EVP_aes_128_ccm 1893 1_1_0d EXIST::FUNCTION: -EVP_des_ede3_ecb 1894 1_1_0d EXIST::FUNCTION:DES -COMP_CTX_new 1895 1_1_0d EXIST::FUNCTION:COMP -ENGINE_set_pkey_asn1_meths 1896 1_1_0d EXIST::FUNCTION:ENGINE -EC_KEY_get0_group 1897 1_1_0d EXIST::FUNCTION:EC -DSA_meth_set_init 1898 1_1_0d EXIST::FUNCTION:DSA -OCSP_copy_nonce 1899 1_1_0d EXIST::FUNCTION:OCSP -SKF_GetPINInfo 1900 1_1_0d EXIST::FUNCTION: -b2i_PublicKey 1901 1_1_0d EXIST::FUNCTION:DSA -EVP_PKEY_CTX_set_app_data 1902 1_1_0d EXIST::FUNCTION: -DSA_size 1903 1_1_0d EXIST::FUNCTION:DSA -RSA_verify 1904 1_1_0d EXIST::FUNCTION:RSA -SM9_do_encrypt 1905 1_1_0d EXIST::FUNCTION: -TS_REQ_get_nonce 1906 1_1_0d EXIST::FUNCTION:TS -RC5_32_ecb_encrypt 1907 1_1_0d EXIST::FUNCTION:RC5 -sm3_final 1908 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_get1_ext_d2i 1909 1_1_0d EXIST::FUNCTION:OCSP -SAF_EccSignFile 1910 1_1_0d EXIST::FUNCTION: -RAND_screen 1911 1_1_0d EXIST:_WIN32:FUNCTION:DEPRECATEDIN_1_1_0 -X509V3_EXT_REQ_add_nconf 1912 1_1_0d EXIST::FUNCTION: -SDF_GenerateKeyWithECC 1913 1_1_0d EXIST::FUNCTION: -CMS_compress 1914 1_1_0d EXIST::FUNCTION:CMS -SM9Signature_new 1915 1_1_0d EXIST::FUNCTION: -ASN1_UTCTIME_cmp_time_t 1916 1_1_0d EXIST::FUNCTION: -EC_KEY_set_group 1917 1_1_0d EXIST::FUNCTION:EC -RAND_set_rand_method 1918 1_1_0d EXIST::FUNCTION: -EC_GROUP_get0_cofactor 1919 1_1_0d EXIST::FUNCTION:EC -SDF_GenerateKeyWithEPK_RSA 1920 1_1_0d EXIST::FUNCTION: -RSA_padding_check_X931 1921 1_1_0d EXIST::FUNCTION:RSA -i2d_TS_TST_INFO_fp 1922 1_1_0d EXIST::FUNCTION:STDIO,TS -X509at_add1_attr_by_OBJ 1923 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_set_serial_cb 1924 1_1_0d EXIST::FUNCTION:TS -RC4_set_key 1925 1_1_0d EXIST::FUNCTION:RC4 -EVP_PKEY_get_attr_by_NID 1926 1_1_0d EXIST::FUNCTION: -SXNET_get_id_INTEGER 1927 1_1_0d EXIST::FUNCTION: -BN_GFP2_is_zero 1928 1_1_0d EXIST::FUNCTION: -BIO_ADDR_hostname_string 1929 1_1_0d EXIST::FUNCTION:SOCK -X509_OBJECT_idx_by_subject 1930 1_1_0d EXIST::FUNCTION: -SKF_ChangeDevAuthKey 1931 1_1_0d EXIST::FUNCTION: -ERR_load_FFX_strings 1932 1_1_0d EXIST::FUNCTION: -EVP_aes_192_cbc 1933 1_1_0d EXIST::FUNCTION: -SM2_do_decrypt 1934 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get1_tls_encodedpoint 1935 1_1_0d EXIST::FUNCTION: -BIO_new_CMS 1936 1_1_0d EXIST::FUNCTION:CMS -SAF_SymmEncrypt 1937 1_1_0d EXIST::FUNCTION: -ASIdOrRange_it 1938 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -ASIdOrRange_it 1938 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -EVP_MD_CTX_free 1939 1_1_0d EXIST::FUNCTION: -CMS_add1_cert 1940 1_1_0d EXIST::FUNCTION:CMS -TS_RESP_CTX_get_request 1941 1_1_0d EXIST::FUNCTION:TS -ASRange_it 1942 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -ASRange_it 1942 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -OPENSSL_cleanse 1943 1_1_0d EXIST::FUNCTION: -TS_REQ_get_exts 1944 1_1_0d EXIST::FUNCTION:TS -X509_ATTRIBUTE_it 1945 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_ATTRIBUTE_it 1945 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_KEY_set_conv_form 1946 1_1_0d EXIST::FUNCTION:EC -OCSP_REQUEST_get_ext_by_NID 1947 1_1_0d EXIST::FUNCTION:OCSP -EVP_sha224 1948 1_1_0d EXIST::FUNCTION: -EVP_PKEY_set1_DH 1949 1_1_0d EXIST::FUNCTION:DH -ERR_load_OBJ_strings 1950 1_1_0d EXIST::FUNCTION: -DH_meth_set_generate_key 1951 1_1_0d EXIST::FUNCTION:DH -d2i_ASN1_GENERALSTRING 1952 1_1_0d EXIST::FUNCTION: -EC_POINT_set_compressed_coordinates_GF2m 1953 1_1_0d EXIST::FUNCTION:EC,EC2M -ENGINE_cmd_is_executable 1954 1_1_0d EXIST::FUNCTION:ENGINE -X509_get_signature_nid 1955 1_1_0d EXIST::FUNCTION: -SOF_GetXMLSignatureInfo 1956 1_1_0d EXIST::FUNCTION: -EC_KEY_OpenSSL 1957 1_1_0d EXIST::FUNCTION:EC -SCT_get0_log_id 1958 1_1_0d EXIST::FUNCTION:CT -DIST_POINT_NAME_new 1959 1_1_0d EXIST::FUNCTION: -EVP_camellia_128_ctr 1960 1_1_0d EXIST::FUNCTION:CAMELLIA -BN_CTX_secure_new 1961 1_1_0d EXIST::FUNCTION: -ASIdentifierChoice_new 1962 1_1_0d EXIST::FUNCTION:RFC3779 -SMIME_read_ASN1 1963 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_new 1964 1_1_0d EXIST::FUNCTION: -PKCS7_ENCRYPT_it 1965 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ENCRYPT_it 1965 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -NCONF_default 1966 1_1_0d EXIST::FUNCTION: -X509V3_add_standard_extensions 1967 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_get_ext 1968 1_1_0d EXIST::FUNCTION:OCSP -SKF_DecryptFinal 1969 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_get0_log_store 1970 1_1_0d EXIST::FUNCTION:CT -ASN1_digest 1971 1_1_0d EXIST::FUNCTION: -BIO_socket_ioctl 1972 1_1_0d EXIST::FUNCTION:SOCK -OPENSSL_sk_new 1973 1_1_0d EXIST::FUNCTION: -d2i_X509_SIG 1974 1_1_0d EXIST::FUNCTION: -X509_verify_cert_error_string 1975 1_1_0d EXIST::FUNCTION: -RAND_seed 1976 1_1_0d EXIST::FUNCTION: -BN_get0_nist_prime_384 1977 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_ENC_CONTENT 1978 1_1_0d EXIST::FUNCTION: -EC_KEY_get_ECCrefPrivateKey 1979 1_1_0d EXIST::FUNCTION: -i2d_EC_PUBKEY 1980 1_1_0d EXIST::FUNCTION:EC -EVP_aes_128_cfb128 1981 1_1_0d EXIST::FUNCTION: -CMAC_CTX_free 1982 1_1_0d EXIST::FUNCTION:CMAC -OPENSSL_sk_pop 1983 1_1_0d EXIST::FUNCTION: -DSA_set_flags 1984 1_1_0d EXIST::FUNCTION:DSA -X509V3_string_free 1985 1_1_0d EXIST::FUNCTION: -OCSP_RESPID_set_by_key 1986 1_1_0d EXIST::FUNCTION:OCSP -ENGINE_load_public_key 1987 1_1_0d EXIST::FUNCTION:ENGINE -DSA_new_method 1988 1_1_0d EXIST::FUNCTION:DSA -DH_new 1989 1_1_0d EXIST::FUNCTION:DH -ASN1_TIME_check 1990 1_1_0d EXIST::FUNCTION: -X509v3_addr_get_afi 1991 1_1_0d EXIST::FUNCTION:RFC3779 -d2i_DHxparams 1992 1_1_0d EXIST::FUNCTION:DH -SAF_SM2_DecodeEnvelopedData 1993 1_1_0d EXIST::FUNCTION: -CMS_unsigned_add1_attr 1994 1_1_0d EXIST::FUNCTION:CMS -PEM_write_bio_RSA_PUBKEY 1995 1_1_0d EXIST::FUNCTION:RSA -X509_PUBKEY_new 1996 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_print 1997 1_1_0d EXIST::FUNCTION: -SCT_set_timestamp 1998 1_1_0d EXIST::FUNCTION:CT -BN_GF2m_mod_mul 1999 1_1_0d EXIST::FUNCTION:EC2M -SRP_user_pwd_free 2000 1_1_0d EXIST::FUNCTION:SRP -SOF_Login 2001 1_1_0d EXIST::FUNCTION: -X509_PUBKEY_set 2002 1_1_0d EXIST::FUNCTION: -BIO_accept 2003 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK -SKF_PrintRSAPrivateKey 2004 1_1_0d EXIST::FUNCTION: -CTLOG_STORE_get0_log_by_id 2005 1_1_0d EXIST::FUNCTION:CT -BFPrivateKeyBlock_free 2006 1_1_0d EXIST::FUNCTION: -OBJ_add_object 2007 1_1_0d EXIST::FUNCTION: -PEM_write_bio_PKCS8PrivateKey_nid 2008 1_1_0d EXIST::FUNCTION: -BN_add 2009 1_1_0d EXIST::FUNCTION: -PAILLIER_ciphertext_add 2010 1_1_0d EXIST::FUNCTION: -EVP_PBE_alg_add_type 2011 1_1_0d EXIST::FUNCTION: -OCSP_id_get0_info 2012 1_1_0d EXIST::FUNCTION:OCSP -d2i_NETSCAPE_SPKAC 2013 1_1_0d EXIST::FUNCTION: -BN_GF2m_arr2poly 2014 1_1_0d EXIST::FUNCTION:EC2M -OCSP_REQUEST_get_ext_by_OBJ 2015 1_1_0d EXIST::FUNCTION:OCSP -OCSP_BASICRESP_get_ext_by_critical 2016 1_1_0d EXIST::FUNCTION:OCSP -EC_KEY_new 2017 1_1_0d EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set1_host 2018 1_1_0d EXIST::FUNCTION: -PEM_read 2019 1_1_0d EXIST::FUNCTION:STDIO -EVP_CIPHER_do_all_sorted 2020 1_1_0d EXIST::FUNCTION: -ERR_unload_strings 2021 1_1_0d EXIST::FUNCTION: -i2d_OCSP_ONEREQ 2022 1_1_0d EXIST::FUNCTION:OCSP -ECIES_PARAMS_get_enc 2023 1_1_0d EXIST::FUNCTION: -TS_REQ_set_msg_imprint 2024 1_1_0d EXIST::FUNCTION:TS -i2d_BFPrivateKeyBlock 2025 1_1_0d EXIST::FUNCTION: -i2d_SM9Ciphertext 2026 1_1_0d EXIST::FUNCTION: -d2i_PKCS8PrivateKey_fp 2027 1_1_0d EXIST::FUNCTION:STDIO -ENGINE_register_all_complete 2028 1_1_0d EXIST::FUNCTION:ENGINE -SM2_KAP_CTX_init 2029 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_get0_algs 2030 1_1_0d EXIST::FUNCTION:CMS -OCSP_RESPONSE_it 2031 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_RESPONSE_it 2031 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -OPENSSL_LH_node_stats 2032 1_1_0d EXIST::FUNCTION:STDIO -i2d_ASN1_SEQUENCE_ANY 2033 1_1_0d EXIST::FUNCTION: -ASN1_item_sign_ctx 2034 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_final 2035 1_1_0d EXIST::FUNCTION: -RSA_bits 2036 1_1_0d EXIST::FUNCTION:RSA -ERR_lib_error_string 2037 1_1_0d EXIST::FUNCTION: -ECDSA_SIG_new_from_ECCSIGNATUREBLOB 2038 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_set_asc 2039 1_1_0d EXIST::FUNCTION: -DSA_sign 2040 1_1_0d EXIST::FUNCTION:DSA -TS_CONF_get_tsa_section 2041 1_1_0d EXIST::FUNCTION:TS -BIO_ctrl_reset_read_request 2042 1_1_0d EXIST::FUNCTION: -d2i_PrivateKey_fp 2043 1_1_0d EXIST::FUNCTION:STDIO -SMIME_write_ASN1 2044 1_1_0d EXIST::FUNCTION: -i2d_TS_REQ 2045 1_1_0d EXIST::FUNCTION:TS -i2d_RSA_PUBKEY_bio 2046 1_1_0d EXIST::FUNCTION:RSA -X509v3_addr_validate_path 2047 1_1_0d EXIST::FUNCTION:RFC3779 -ECDSA_SIG_set0 2048 1_1_0d EXIST::FUNCTION:EC -ASN1_PCTX_new 2049 1_1_0d EXIST::FUNCTION: -PKCS5_PBKDF2_HMAC_SHA1 2050 1_1_0d EXIST::FUNCTION: -X509V3_extensions_print 2051 1_1_0d EXIST::FUNCTION: -RSA_padding_add_PKCS1_OAEP 2052 1_1_0d EXIST::FUNCTION:RSA -EVP_cast5_cbc 2053 1_1_0d EXIST::FUNCTION:CAST -TS_ACCURACY_set_seconds 2054 1_1_0d EXIST::FUNCTION:TS -d2i_DSA_PUBKEY_fp 2055 1_1_0d EXIST::FUNCTION:DSA,STDIO -X509_REQ_get1_email 2056 1_1_0d EXIST::FUNCTION: -BN_asc2bn 2057 1_1_0d EXIST::FUNCTION: -CRYPTO_128_wrap_pad 2058 1_1_0d EXIST::FUNCTION: -d2i_ASN1_PRINTABLE 2059 1_1_0d EXIST::FUNCTION: -X509_REVOKED_get_ext_by_NID 2060 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_type 2061 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_release 2062 1_1_0d EXIST::FUNCTION: -BN_from_montgomery 2063 1_1_0d EXIST::FUNCTION: -X509V3_get_value_bool 2064 1_1_0d EXIST::FUNCTION: -BN_is_word 2065 1_1_0d EXIST::FUNCTION: -i2d_BFMasterSecret 2066 1_1_0d EXIST::FUNCTION: -DSA_set_default_method 2067 1_1_0d EXIST::FUNCTION:DSA -SKF_GenerateKeyWithECC 2068 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_aad 2069 1_1_0d EXIST::FUNCTION: -DES_encrypt2 2070 1_1_0d EXIST::FUNCTION:DES -ENGINE_register_ciphers 2071 1_1_0d EXIST::FUNCTION:ENGINE -X509_STORE_get_check_issued 2072 1_1_0d EXIST::FUNCTION: -EVP_aes_128_ecb 2073 1_1_0d EXIST::FUNCTION: -BB1IBE_decrypt 2074 1_1_0d EXIST::FUNCTION: -EC_GROUP_set_seed 2075 1_1_0d EXIST::FUNCTION:EC -PKCS12_SAFEBAG_get0_pkcs8 2076 1_1_0d EXIST::FUNCTION: -sms4_encrypt 2077 1_1_0d EXIST::FUNCTION: -EVP_md5_sha1 2078 1_1_0d EXIST::FUNCTION:MD5 -X509v3_get_ext_count 2079 1_1_0d EXIST::FUNCTION: -ASN1_OBJECT_it 2080 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OBJECT_it 2080 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -d2i_BFPublicParameters 2081 1_1_0d EXIST::FUNCTION: -EVP_PKEY_new 2082 1_1_0d EXIST::FUNCTION: -SRP_Calc_B 2083 1_1_0d EXIST::FUNCTION:SRP -RSA_generate_key_ex 2084 1_1_0d EXIST::FUNCTION:RSA -X509_EXTENSION_get_data 2085 1_1_0d EXIST::FUNCTION: -SOF_GetCertTrustList 2086 1_1_0d EXIST::FUNCTION: -X509_CRL_set_version 2087 1_1_0d EXIST::FUNCTION: -X509_OBJECT_get0_X509 2088 1_1_0d EXIST::FUNCTION: -i2s_ASN1_ENUMERATED_TABLE 2089 1_1_0d EXIST::FUNCTION: -EVP_get_digestbyname 2090 1_1_0d EXIST::FUNCTION: -SM9_decrypt_with_recommended 2091 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_cleanup 2092 1_1_0d EXIST::FUNCTION: -EVP_MD_pkey_type 2093 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_free 2094 1_1_0d EXIST::FUNCTION:OCSP -CMS_SharedInfo_encode 2095 1_1_0d EXIST::FUNCTION:CMS -RSA_OAEP_PARAMS_free 2096 1_1_0d EXIST::FUNCTION:RSA -SDF_PrintECCPrivateKey 2097 1_1_0d EXIST::FUNCTION: -i2d_X509_ATTRIBUTE 2098 1_1_0d EXIST::FUNCTION: -RSA_print 2099 1_1_0d EXIST::FUNCTION:RSA -ENGINE_get_pkey_meth_engine 2100 1_1_0d EXIST::FUNCTION:ENGINE -PKCS7_ENC_CONTENT_new 2101 1_1_0d EXIST::FUNCTION: -DSA_bits 2102 1_1_0d EXIST::FUNCTION:DSA -ASN1_STRING_type 2103 1_1_0d EXIST::FUNCTION: -EVP_aes_192_ofb 2104 1_1_0d EXIST::FUNCTION: -BN_print_fp 2105 1_1_0d EXIST::FUNCTION:STDIO -EVP_MD_CTX_set_update_fn 2106 1_1_0d EXIST::FUNCTION: -X509_CRL_get_REVOKED 2107 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_set_ctrl 2108 1_1_0d EXIST::FUNCTION: -X509_SIG_get0 2109 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_msg_imprint 2110 1_1_0d EXIST::FUNCTION:TS -EC_KEY_key2buf 2111 1_1_0d EXIST::FUNCTION:EC -ASN1_ENUMERATED_new 2112 1_1_0d EXIST::FUNCTION: -OCSP_resp_count 2113 1_1_0d EXIST::FUNCTION:OCSP -CONF_get_section 2114 1_1_0d EXIST::FUNCTION: -ECDSA_SIG_get_ECCSIGNATUREBLOB 2115 1_1_0d EXIST::FUNCTION: -ENGINE_get_DSA 2116 1_1_0d EXIST::FUNCTION:ENGINE -EVP_MD_meth_get_cleanup 2117 1_1_0d EXIST::FUNCTION: -i2d_X509_NAME_ENTRY 2118 1_1_0d EXIST::FUNCTION: -SAF_CreateHashObj 2119 1_1_0d EXIST::FUNCTION: -OBJ_cmp 2120 1_1_0d EXIST::FUNCTION: -TS_ext_print_bio 2121 1_1_0d EXIST::FUNCTION:TS -EVP_DecodeInit 2122 1_1_0d EXIST::FUNCTION: -CRYPTO_set_ex_data 2123 1_1_0d EXIST::FUNCTION: -AES_wrap_key 2124 1_1_0d EXIST::FUNCTION: -X509_STORE_get_cert_crl 2125 1_1_0d EXIST::FUNCTION: -X509_get_pubkey_parameters 2126 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_check 2127 1_1_0d EXIST::FUNCTION: -CMAC_CTX_get0_cipher_ctx 2128 1_1_0d EXIST::FUNCTION:CMAC -d2i_OTHERNAME 2129 1_1_0d EXIST::FUNCTION: -d2i_X509_CRL 2130 1_1_0d EXIST::FUNCTION: -i2d_DSAPrivateKey_bio 2131 1_1_0d EXIST::FUNCTION:DSA -EC_KEY_METHOD_set_encrypt 2132 1_1_0d EXIST::FUNCTION: -SAF_ImportEncedKey 2133 1_1_0d EXIST::FUNCTION: -TS_STATUS_INFO_get0_failure_info 2134 1_1_0d EXIST::FUNCTION:TS -SKF_CreateContainer 2135 1_1_0d EXIST::FUNCTION: -SAF_DestroyHashObj 2136 1_1_0d EXIST::FUNCTION: -EC_KEY_METHOD_free 2137 1_1_0d EXIST::FUNCTION:EC -OCSP_SIGNATURE_free 2138 1_1_0d EXIST::FUNCTION:OCSP -i2d_PaillierPrivateKey 2139 1_1_0d EXIST::FUNCTION: -CMS_add0_crl 2140 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_free 2141 1_1_0d EXIST::FUNCTION: -ASN1_UTCTIME_adj 2142 1_1_0d EXIST::FUNCTION: -X509_CRL_get_ext_d2i 2143 1_1_0d EXIST::FUNCTION: -EVP_PBE_find 2144 1_1_0d EXIST::FUNCTION: -BN_div 2145 1_1_0d EXIST::FUNCTION: -NOTICEREF_it 2146 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NOTICEREF_it 2146 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SAF_Login 2147 1_1_0d EXIST::FUNCTION: -BIO_printf 2148 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_dup 2149 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_shutdown 2150 1_1_0d EXIST::FUNCTION: -i2d_SXNET 2151 1_1_0d EXIST::FUNCTION: -sm3_hmac_init 2152 1_1_0d EXIST::FUNCTION: -TS_REQ_set_policy_id 2153 1_1_0d EXIST::FUNCTION:TS -AES_cfb1_encrypt 2154 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_add_ext 2155 1_1_0d EXIST::FUNCTION:TS -PBE2PARAM_free 2156 1_1_0d EXIST::FUNCTION: -BF_options 2157 1_1_0d EXIST::FUNCTION:BF -SCT_get0_extensions 2158 1_1_0d EXIST::FUNCTION:CT -X509V3_get_section 2159 1_1_0d EXIST::FUNCTION: -UI_add_error_string 2160 1_1_0d EXIST::FUNCTION:UI -GENERAL_NAME_free 2161 1_1_0d EXIST::FUNCTION: -PKCS8_pkey_get0 2162 1_1_0d EXIST::FUNCTION: -ASN1_bn_print 2163 1_1_0d EXIST::FUNCTION: -X509_get_default_cert_file 2164 1_1_0d EXIST::FUNCTION: -i2d_USERNOTICE 2165 1_1_0d EXIST::FUNCTION: -EVP_add_digest 2166 1_1_0d EXIST::FUNCTION: -CPK_PUBLIC_PARAMS_compute_share_key 2167 1_1_0d EXIST::FUNCTION: -SKF_ImportCertificate 2168 1_1_0d EXIST::FUNCTION: -EVP_aes_128_ctr 2169 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_get_uint64 2170 1_1_0d EXIST::FUNCTION: -RSA_private_encrypt 2171 1_1_0d EXIST::FUNCTION:RSA -BN_rshift 2172 1_1_0d EXIST::FUNCTION: -RSA_get_RSAPRIVATEKEYBLOB 2173 1_1_0d EXIST::FUNCTION: -X509_STORE_set_get_crl 2174 1_1_0d EXIST::FUNCTION: -DH_size 2175 1_1_0d EXIST::FUNCTION:DH -PEM_write_bio_DHxparams 2176 1_1_0d EXIST::FUNCTION:DH -BN_CTX_free 2177 1_1_0d EXIST::FUNCTION: -Camellia_cfb8_encrypt 2178 1_1_0d EXIST::FUNCTION:CAMELLIA -d2i_PrivateKey_bio 2179 1_1_0d EXIST::FUNCTION: -EDIPARTYNAME_new 2180 1_1_0d EXIST::FUNCTION: -IPAddressRange_it 2181 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -IPAddressRange_it 2181 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -ENGINE_get_ssl_client_cert_function 2182 1_1_0d EXIST::FUNCTION:ENGINE -ECPARAMETERS_new 2183 1_1_0d EXIST::FUNCTION:EC -i2d_ASN1_IA5STRING 2184 1_1_0d EXIST::FUNCTION: -X509_STORE_set_get_issuer 2185 1_1_0d EXIST::FUNCTION: -TS_REQ_get_ext_d2i 2186 1_1_0d EXIST::FUNCTION:TS -BN_security_bits 2187 1_1_0d EXIST::FUNCTION: -BN_get_rfc2409_prime_1024 2188 1_1_0d EXIST::FUNCTION: -BIO_get_callback 2189 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_paramgen 2190 1_1_0d EXIST::FUNCTION: -i2d_re_X509_CRL_tbs 2191 1_1_0d EXIST::FUNCTION: -CRYPTO_dup_ex_data 2192 1_1_0d EXIST::FUNCTION: -EVP_aes_256_ctr 2193 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_iv 2194 1_1_0d EXIST::FUNCTION: -PAILLIER_ciphertext_scalar_mul 2195 1_1_0d EXIST::FUNCTION: -X509_STORE_load_locations 2196 1_1_0d EXIST::FUNCTION: -DSA_meth_get_mod_exp 2197 1_1_0d EXIST::FUNCTION:DSA -OCSP_SINGLERESP_it 2198 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_SINGLERESP_it 2198 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -SKF_GetErrorString 2199 1_1_0d EXIST::FUNCTION: -RSA_PSS_PARAMS_new 2200 1_1_0d EXIST::FUNCTION:RSA -TS_CONF_set_ess_cert_id_chain 2201 1_1_0d EXIST::FUNCTION:TS -PKCS12_pack_p7data 2202 1_1_0d EXIST::FUNCTION: -PEM_write_bio_CMS 2203 1_1_0d EXIST::FUNCTION:CMS -CMS_add1_signer 2204 1_1_0d EXIST::FUNCTION:CMS -TS_ACCURACY_free 2205 1_1_0d EXIST::FUNCTION:TS -OCSP_REQ_CTX_get0_mem_bio 2206 1_1_0d EXIST::FUNCTION:OCSP -BN_GFP2_mul_bn 2207 1_1_0d EXIST::FUNCTION: -ERR_load_ASYNC_strings 2208 1_1_0d EXIST::FUNCTION: -i2d_PROXY_CERT_INFO_EXTENSION 2209 1_1_0d EXIST::FUNCTION: -PKCS7_sign 2210 1_1_0d EXIST::FUNCTION: -EC_GFp_nistp521_method 2211 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 -POLICYQUALINFO_new 2212 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_cert_crl 2213 1_1_0d EXIST::FUNCTION: -SXNET_add_id_asc 2214 1_1_0d EXIST::FUNCTION: -DES_string_to_2keys 2215 1_1_0d EXIST::FUNCTION:DES -DSA_meth_get_finish 2216 1_1_0d EXIST::FUNCTION:DSA -UI_add_user_data 2217 1_1_0d EXIST::FUNCTION:UI -X509_NAME_ENTRY_it 2218 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_NAME_ENTRY_it 2218 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_SIGNATURE_new 2219 1_1_0d EXIST::FUNCTION:OCSP -OCSP_REVOKEDINFO_free 2220 1_1_0d EXIST::FUNCTION:OCSP -PKCS7_get_smimecap 2221 1_1_0d EXIST::FUNCTION: -ENGINE_ctrl_cmd_string 2222 1_1_0d EXIST::FUNCTION:ENGINE -EVP_PKEY_meth_set_signctx 2223 1_1_0d EXIST::FUNCTION: -PEM_write_bio_NETSCAPE_CERT_SEQUENCE 2224 1_1_0d EXIST::FUNCTION: -PKCS7_add_recipient 2225 1_1_0d EXIST::FUNCTION: -X509_POLICY_NODE_print 2226 1_1_0d EXIST::FUNCTION: -OCSP_cert_status_str 2227 1_1_0d EXIST::FUNCTION:OCSP -X509_set_serialNumber 2228 1_1_0d EXIST::FUNCTION: -EC_POINTs_mul 2229 1_1_0d EXIST::FUNCTION:EC -X509_STORE_CTX_free 2230 1_1_0d EXIST::FUNCTION: -BN_is_prime 2231 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 -EVP_sms4_ccm 2232 1_1_0d EXIST::FUNCTION:SMS4 -d2i_DSAPrivateKey_fp 2233 1_1_0d EXIST::FUNCTION:DSA,STDIO -BIO_nread0 2234 1_1_0d EXIST::FUNCTION: -RSA_new_from_RSArefPrivateKey 2235 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get0_parent_ctx 2236 1_1_0d EXIST::FUNCTION: -SM2_sign_setup 2237 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_free 2238 1_1_0d EXIST::FUNCTION: -BN_GFP2_div_bn 2239 1_1_0d EXIST::FUNCTION: -ASYNC_WAIT_CTX_free 2240 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_pack_sequence 2241 1_1_0d EXIST::FUNCTION: -X509_check_ip 2242 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_add_flags 2243 1_1_0d EXIST::FUNCTION:TS -CONF_get_number 2244 1_1_0d EXIST::FUNCTION: -EVP_aes_128_cfb1 2245 1_1_0d EXIST::FUNCTION: -OCSP_sendreq_nbio 2246 1_1_0d EXIST::FUNCTION:OCSP -CRYPTO_ocb128_new 2247 1_1_0d EXIST::FUNCTION:OCB -EVP_DigestVerifyInit 2248 1_1_0d EXIST::FUNCTION: -EVP_DigestInit 2249 1_1_0d EXIST::FUNCTION: -SAF_ChangePin 2250 1_1_0d EXIST::FUNCTION: -SHA1_Transform 2251 1_1_0d EXIST::FUNCTION: -AES_bi_ige_encrypt 2252 1_1_0d EXIST::FUNCTION: -ERR_print_errors_cb 2253 1_1_0d EXIST::FUNCTION: -PKCS7_add_crl 2254 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_get_count 2255 1_1_0d EXIST::FUNCTION: -X509_get0_signature 2256 1_1_0d EXIST::FUNCTION: -RIPEMD160 2257 1_1_0d EXIST::FUNCTION:RMD160 -X509_get_ext 2258 1_1_0d EXIST::FUNCTION: -EVP_sms4_cfb8 2259 1_1_0d EXIST::FUNCTION:SMS4 -X509_NAME_ENTRY_set_data 2260 1_1_0d EXIST::FUNCTION: -FIPS_mode 2261 1_1_0d EXIST::FUNCTION: -ASN1_STRING_TABLE_get 2262 1_1_0d EXIST::FUNCTION: -BN_generate_dsa_nonce 2263 1_1_0d EXIST::FUNCTION: -RAND_OpenSSL 2264 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_NDEF 2265 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_get_ECCCipher 2266 1_1_0d EXIST::FUNCTION: -EC_GFp_nistp256_method 2267 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 -RC2_cfb64_encrypt 2268 1_1_0d EXIST::FUNCTION:RC2 -X509_getm_notAfter 2269 1_1_0d EXIST::FUNCTION: -d2i_PKCS12_MAC_DATA 2270 1_1_0d EXIST::FUNCTION: -X509_alias_set1 2271 1_1_0d EXIST::FUNCTION: -PKCS7_dataInit 2272 1_1_0d EXIST::FUNCTION: -NCONF_load_bio 2273 1_1_0d EXIST::FUNCTION: -X509_REQ_get_signature_nid 2274 1_1_0d EXIST::FUNCTION: -OCSP_accept_responses_new 2275 1_1_0d EXIST::FUNCTION:OCSP -X509_policy_tree_free 2276 1_1_0d EXIST::FUNCTION: -PKCS7_ISSUER_AND_SERIAL_it 2277 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ISSUER_AND_SERIAL_it 2277 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_VERIFY_PARAM_add0_policy 2278 1_1_0d EXIST::FUNCTION: -d2i_DIRECTORYSTRING 2279 1_1_0d EXIST::FUNCTION: -CTLOG_STORE_load_default_file 2280 1_1_0d EXIST::FUNCTION:CT -TS_MSG_IMPRINT_new 2281 1_1_0d EXIST::FUNCTION:TS -EC_KEY_METHOD_new 2282 1_1_0d EXIST::FUNCTION:EC -d2i_X509_REQ_fp 2283 1_1_0d EXIST::FUNCTION:STDIO -SKF_ClearSecureState 2284 1_1_0d EXIST::FUNCTION: -PKCS7_set_content 2285 1_1_0d EXIST::FUNCTION: -EVP_sms4_ecb 2286 1_1_0d EXIST::FUNCTION:SMS4 -Camellia_set_key 2287 1_1_0d EXIST::FUNCTION:CAMELLIA -PROXY_CERT_INFO_EXTENSION_free 2288 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_get_depth 2289 1_1_0d EXIST::FUNCTION: -X509_REVOKED_get_ext_by_OBJ 2290 1_1_0d EXIST::FUNCTION: -OCSP_RESPONSE_print 2291 1_1_0d EXIST::FUNCTION:OCSP -MD4_Init 2292 1_1_0d EXIST::FUNCTION:MD4 -X509_STORE_CTX_get1_crls 2293 1_1_0d EXIST::FUNCTION: -RC5_32_encrypt 2294 1_1_0d EXIST::FUNCTION:RC5 -SOF_SetCertTrustList 2295 1_1_0d EXIST::FUNCTION: -SAF_SymmDecrypt 2296 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_get0_signer_id 2297 1_1_0d EXIST::FUNCTION:CMS -DSA_meth_get0_app_data 2298 1_1_0d EXIST::FUNCTION:DSA -X509_CRL_INFO_it 2299 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CRL_INFO_it 2299 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_SINGLERESP_get_ext_by_OBJ 2300 1_1_0d EXIST::FUNCTION:OCSP -BFIBE_extract_private_key 2301 1_1_0d EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_txt 2302 1_1_0d EXIST::FUNCTION: -EVP_aes_256_wrap_pad 2303 1_1_0d EXIST::FUNCTION: -RSA_meth_get_pub_dec 2304 1_1_0d EXIST::FUNCTION:RSA -X509V3_EXT_CRL_add_conf 2305 1_1_0d EXIST::FUNCTION: -POLICY_CONSTRAINTS_free 2306 1_1_0d EXIST::FUNCTION: -BIO_new_PKCS7 2307 1_1_0d EXIST::FUNCTION: -OCSP_set_max_response_length 2308 1_1_0d EXIST::FUNCTION:OCSP -d2i_PKCS8PrivateKey_bio 2309 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_num 2310 1_1_0d EXIST::FUNCTION: -RSA_set0_crt_params 2311 1_1_0d EXIST::FUNCTION:RSA -SEED_decrypt 2312 1_1_0d EXIST::FUNCTION:SEED -X509_ATTRIBUTE_create_by_NID 2313 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get0_policy_tree 2314 1_1_0d EXIST::FUNCTION: -CRYPTO_ocb128_setiv 2315 1_1_0d EXIST::FUNCTION:OCB -X509_STORE_CTX_new 2316 1_1_0d EXIST::FUNCTION: -EVP_PKEY_delete_attr 2317 1_1_0d EXIST::FUNCTION: -CMS_ReceiptRequest_get0_values 2318 1_1_0d EXIST::FUNCTION:CMS -SAF_MacFinal 2319 1_1_0d EXIST::FUNCTION: -X509_get_X509_PUBKEY 2320 1_1_0d EXIST::FUNCTION: -DH_bits 2321 1_1_0d EXIST::FUNCTION:DH -X509_aux_print 2322 1_1_0d EXIST::FUNCTION: -i2d_PKCS8_PRIV_KEY_INFO_fp 2323 1_1_0d EXIST::FUNCTION:STDIO -X509_to_X509_REQ 2324 1_1_0d EXIST::FUNCTION: -SXNET_get_id_ulong 2325 1_1_0d EXIST::FUNCTION: -X509_get_pubkey 2326 1_1_0d EXIST::FUNCTION: -SAF_Pkcs7_DecodeEnvelopedData 2327 1_1_0d EXIST::FUNCTION: -d2i_X509_CRL_INFO 2328 1_1_0d EXIST::FUNCTION: -BIO_dgram_non_fatal_error 2329 1_1_0d EXIST::FUNCTION:DGRAM -ASN1_STRING_length 2330 1_1_0d EXIST::FUNCTION: -RSA_get_method 2331 1_1_0d EXIST::FUNCTION:RSA -OCSP_response_get1_basic 2332 1_1_0d EXIST::FUNCTION:OCSP -EVP_mdc2 2333 1_1_0d EXIST::FUNCTION:MDC2 -CMS_ReceiptRequest_it 2334 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS -CMS_ReceiptRequest_it 2334 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS -EVP_PKEY_verify_recover 2335 1_1_0d EXIST::FUNCTION: -PKCS7_ISSUER_AND_SERIAL_digest 2336 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get0_current_crl 2337 1_1_0d EXIST::FUNCTION: -DH_set_length 2338 1_1_0d EXIST::FUNCTION:DH -X509_CRL_METHOD_new 2339 1_1_0d EXIST::FUNCTION: -BIO_s_bio 2340 1_1_0d EXIST::FUNCTION: -CRL_DIST_POINTS_new 2341 1_1_0d EXIST::FUNCTION: -CMS_set1_signers_certs 2342 1_1_0d EXIST::FUNCTION:CMS -CMS_sign_receipt 2343 1_1_0d EXIST::FUNCTION:CMS -OCSP_SINGLERESP_get0_id 2344 1_1_0d EXIST::FUNCTION:OCSP -EVP_PBE_alg_add 2345 1_1_0d EXIST::FUNCTION: -BIO_sock_non_fatal_error 2346 1_1_0d EXIST::FUNCTION:SOCK -OPENSSL_uni2asc 2347 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_ordering 2348 1_1_0d EXIST::FUNCTION:TS -DH_meth_set_bn_mod_exp 2349 1_1_0d EXIST::FUNCTION:DH -EC_KEY_print 2350 1_1_0d EXIST::FUNCTION:EC -i2d_X509_CRL_fp 2351 1_1_0d EXIST::FUNCTION:STDIO -X509_VERIFY_PARAM_move_peername 2352 1_1_0d EXIST::FUNCTION: -EC_KEY_set_default_method 2353 1_1_0d EXIST::FUNCTION:EC -GENERAL_NAMES_free 2354 1_1_0d EXIST::FUNCTION: -SEED_cbc_encrypt 2355 1_1_0d EXIST::FUNCTION:SEED -BN_nnmod 2356 1_1_0d EXIST::FUNCTION: -X509_CRL_get_meth_data 2357 1_1_0d EXIST::FUNCTION: -d2i_TS_RESP 2358 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_verify 2359 1_1_0d EXIST::FUNCTION: -CMS_decrypt 2360 1_1_0d EXIST::FUNCTION:CMS -CMS_verify_receipt 2361 1_1_0d EXIST::FUNCTION:CMS -PKCS12_MAC_DATA_new 2362 1_1_0d EXIST::FUNCTION: -ECDSA_sign_ex 2363 1_1_0d EXIST::FUNCTION:EC -EVP_des_ede3_ofb 2364 1_1_0d EXIST::FUNCTION:DES -BIO_s_log 2365 1_1_0d EXIST:!WIN32,!macintosh:FUNCTION: -CRYPTO_128_unwrap 2366 1_1_0d EXIST::FUNCTION: -BB1MasterSecret_free 2367 1_1_0d EXIST::FUNCTION: -ASN1_mbstring_copy 2368 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kari_get0_alg 2369 1_1_0d EXIST::FUNCTION:CMS -POLICYQUALINFO_it 2370 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICYQUALINFO_it 2370 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BN_num_bits_word 2371 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_iv_length 2372 1_1_0d EXIST::FUNCTION: -SDF_GetErrorString 2373 1_1_0d EXIST::FUNCTION: -X509_find_by_subject 2374 1_1_0d EXIST::FUNCTION: -EC_KEY_get0_private_key 2375 1_1_0d EXIST::FUNCTION:EC -SKF_CloseContainer 2376 1_1_0d EXIST::FUNCTION: -ENGINE_load_private_key 2377 1_1_0d EXIST::FUNCTION:ENGINE -EVP_CIPHER_impl_ctx_size 2378 1_1_0d EXIST::FUNCTION: -ENGINE_set_DH 2379 1_1_0d EXIST::FUNCTION:ENGINE -ASN1_PCTX_get_oid_flags 2380 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_type1curve_eta 2381 1_1_0d EXIST::FUNCTION: -sms4_encrypt_8blocks 2382 1_1_0d EXIST::FUNCTION: -PKCS7_it 2383 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_it 2383 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_CRLID_it 2384 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_CRLID_it 2384 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -UI_method_set_reader 2385 1_1_0d EXIST::FUNCTION:UI -PKCS8_add_keyusage 2386 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_error_depth 2387 1_1_0d EXIST::FUNCTION: -RC4_options 2388 1_1_0d EXIST::FUNCTION:RC4 -ASN1_IA5STRING_it 2389 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_IA5STRING_it 2389 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ERR_load_TS_strings 2390 1_1_0d EXIST::FUNCTION:TS -i2d_ASN1_PRINTABLESTRING 2391 1_1_0d EXIST::FUNCTION: -CRYPTO_free_ex_index 2392 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_SIGN_ENVELOPE 2393 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_update 2394 1_1_0d EXIST::FUNCTION: -CMS_encrypt 2395 1_1_0d EXIST::FUNCTION:CMS -ASN1_GENERALIZEDTIME_it 2396 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_GENERALIZEDTIME_it 2396 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_rc5_32_12_16_cfb64 2397 1_1_0d EXIST::FUNCTION:RC5 -OCSP_request_verify 2398 1_1_0d EXIST::FUNCTION:OCSP -EVP_sms4_gcm 2399 1_1_0d EXIST::FUNCTION:SMS4 -ASN1_UNIVERSALSTRING_new 2400 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_result_size 2401 1_1_0d EXIST::FUNCTION: -ENGINE_set_init_function 2402 1_1_0d EXIST::FUNCTION:ENGINE -d2i_RSAPrivateKey_fp 2403 1_1_0d EXIST::FUNCTION:RSA,STDIO -X509_REVOKED_get0_revocationDate 2404 1_1_0d EXIST::FUNCTION: -BN_mod_exp2_mont 2405 1_1_0d EXIST::FUNCTION: -UI_get0_test_string 2406 1_1_0d EXIST::FUNCTION:UI -BN_GFP2_zero 2407 1_1_0d EXIST::FUNCTION: -ERR_load_UI_strings 2408 1_1_0d EXIST::FUNCTION:UI -X509v3_addr_add_prefix 2409 1_1_0d EXIST::FUNCTION:RFC3779 -BN_mod_mul_montgomery 2410 1_1_0d EXIST::FUNCTION: -ENGINE_set_RAND 2411 1_1_0d EXIST::FUNCTION:ENGINE -TS_REQ_to_TS_VERIFY_CTX 2412 1_1_0d EXIST::FUNCTION:TS -RSA_set0_factors 2413 1_1_0d EXIST::FUNCTION:RSA -UI_get_method 2414 1_1_0d EXIST::FUNCTION:UI -EVP_CIPHER_CTX_iv_noconst 2415 1_1_0d EXIST::FUNCTION: -TS_CONF_set_crypto_device 2416 1_1_0d EXIST::FUNCTION:ENGINE,TS -ESS_SIGNING_CERT_dup 2417 1_1_0d EXIST::FUNCTION:TS -i2d_CPK_MASTER_SECRET 2418 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_get0 2419 1_1_0d EXIST::FUNCTION: -ECDSA_sign 2420 1_1_0d EXIST::FUNCTION:EC -EVP_aes_256_cfb128 2421 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_get_cleanup 2422 1_1_0d EXIST::FUNCTION: -ASN1_add_stable_module 2423 1_1_0d EXIST::FUNCTION: -PEM_read_RSAPrivateKey 2424 1_1_0d EXIST::FUNCTION:RSA,STDIO -EVP_camellia_256_ctr 2425 1_1_0d EXIST::FUNCTION:CAMELLIA -RSA_padding_add_X931 2426 1_1_0d EXIST::FUNCTION:RSA -ASYNC_start_job 2427 1_1_0d EXIST::FUNCTION: -EVP_DecodeUpdate 2428 1_1_0d EXIST::FUNCTION: -ASN1_STRING_set_by_NID 2429 1_1_0d EXIST::FUNCTION: -SDF_PrintECCPublicKey 2430 1_1_0d EXIST::FUNCTION: -SM9PublicParameters_free 2431 1_1_0d EXIST::FUNCTION: -EVP_md_null 2432 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_ext 2433 1_1_0d EXIST::FUNCTION:TS -ASRange_free 2434 1_1_0d EXIST::FUNCTION:RFC3779 -i2d_TS_REQ_bio 2435 1_1_0d EXIST::FUNCTION:TS -BN_usub 2436 1_1_0d EXIST::FUNCTION: -X509_STORE_set_verify_cb 2437 1_1_0d EXIST::FUNCTION: -EC_POINT_method_of 2438 1_1_0d EXIST::FUNCTION:EC -UI_get_string_type 2439 1_1_0d EXIST::FUNCTION:UI -PKCS8_get_attr 2440 1_1_0d EXIST::FUNCTION: -OCSP_basic_add1_status 2441 1_1_0d EXIST::FUNCTION:OCSP -EVP_PKEY_get_attr_by_OBJ 2442 1_1_0d EXIST::FUNCTION: -PKCS8_PRIV_KEY_INFO_free 2443 1_1_0d EXIST::FUNCTION: -PKCS7_ENVELOPE_new 2444 1_1_0d EXIST::FUNCTION: -X509V3_EXT_REQ_add_conf 2445 1_1_0d EXIST::FUNCTION: -BIO_s_connect 2446 1_1_0d EXIST::FUNCTION:SOCK -PKCS7_get_attribute 2447 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_div 2448 1_1_0d EXIST::FUNCTION:EC2M -BFCiphertextBlock_new 2449 1_1_0d EXIST::FUNCTION: -PEM_write_RSAPublicKey 2450 1_1_0d EXIST::FUNCTION:RSA,STDIO -SKF_ImportECCKeyPair 2451 1_1_0d EXIST::FUNCTION: -RC5_32_cbc_encrypt 2452 1_1_0d EXIST::FUNCTION:RC5 -CPK_MAP_is_valid 2453 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_new 2454 1_1_0d EXIST::FUNCTION: -d2i_ESS_CERT_ID 2455 1_1_0d EXIST::FUNCTION:TS -GMAPI_keyusage2str 2456 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_asn1_to_param 2457 1_1_0d EXIST::FUNCTION: -EC_GROUP_new 2458 1_1_0d EXIST::FUNCTION:EC -ENGINE_ctrl_cmd 2459 1_1_0d EXIST::FUNCTION:ENGINE -CRYPTO_mem_leaks_fp 2460 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG,STDIO -OBJ_txt2nid 2461 1_1_0d EXIST::FUNCTION: -ENGINE_get_digests 2462 1_1_0d EXIST::FUNCTION:ENGINE -RSA_meth_set_pub_enc 2463 1_1_0d EXIST::FUNCTION:RSA -EVP_md2 2464 1_1_0d EXIST::FUNCTION:MD2 -CAST_encrypt 2465 1_1_0d EXIST::FUNCTION:CAST -TS_TST_INFO_free 2466 1_1_0d EXIST::FUNCTION:TS -SKF_Encrypt 2467 1_1_0d EXIST::FUNCTION: -SDF_GenerateKeyPair_RSA 2468 1_1_0d EXIST::FUNCTION: -X509_CRL_get_version 2469 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_set_nonce 2470 1_1_0d EXIST::FUNCTION:TS -OCSP_sendreq_bio 2471 1_1_0d EXIST::FUNCTION:OCSP -BN_bn2gfp2 2472 1_1_0d EXIST::FUNCTION: -X509_policy_check 2473 1_1_0d EXIST::FUNCTION: -X509_STORE_set_lookup_crls 2474 1_1_0d EXIST::FUNCTION: -RSA_meth_set_verify 2475 1_1_0d EXIST::FUNCTION:RSA -OPENSSL_LH_set_down_load 2476 1_1_0d EXIST::FUNCTION: -SDF_GenerateKeyWithEPK_ECC 2477 1_1_0d EXIST::FUNCTION: -EVP_aes_128_ofb 2478 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_free 2479 1_1_0d EXIST::FUNCTION: -SXNET_get_id_asc 2480 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get1_issuer 2481 1_1_0d EXIST::FUNCTION: -CERTIFICATEPOLICIES_it 2482 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -CERTIFICATEPOLICIES_it 2482 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SDF_GetPrivateKeyAccessRight 2483 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_set_flags 2484 1_1_0d EXIST::FUNCTION: -DSO_METHOD_openssl 2485 1_1_0d EXIST::FUNCTION: -TS_ACCURACY_get_micros 2486 1_1_0d EXIST::FUNCTION:TS -EVP_CIPHER_CTX_ctrl 2487 1_1_0d EXIST::FUNCTION: -ENGINE_get_cipher 2488 1_1_0d EXIST::FUNCTION:ENGINE -OCSP_crlID_new 2489 1_1_0d EXIST:!VMS:FUNCTION:OCSP -OCSP_crlID2_new 2489 1_1_0d EXIST:VMS:FUNCTION:OCSP -d2i_OCSP_RESPDATA 2490 1_1_0d EXIST::FUNCTION:OCSP -ECIES_do_encrypt 2491 1_1_0d EXIST::FUNCTION: -PEM_read_bio_X509 2492 1_1_0d EXIST::FUNCTION: -ENGINE_get_table_flags 2493 1_1_0d EXIST::FUNCTION:ENGINE -DES_set_odd_parity 2494 1_1_0d EXIST::FUNCTION:DES -ECIES_CIPHERTEXT_VALUE_it 2495 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ECIES_CIPHERTEXT_VALUE_it 2495 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_ONEREQ_free 2496 1_1_0d EXIST::FUNCTION:OCSP -SM9_do_sign 2497 1_1_0d EXIST::FUNCTION: -X509_reject_clear 2498 1_1_0d EXIST::FUNCTION: -ENGINE_register_pkey_meths 2499 1_1_0d EXIST::FUNCTION:ENGINE -EC_GROUP_method_of 2500 1_1_0d EXIST::FUNCTION:EC -X509_NAME_ENTRY_new 2501 1_1_0d EXIST::FUNCTION: -sms4_encrypt_init 2502 1_1_0d EXIST::FUNCTION: -X509_TRUST_get0_name 2503 1_1_0d EXIST::FUNCTION: -EC_POINT_clear_free 2504 1_1_0d EXIST::FUNCTION:EC -UI_get_input_flags 2505 1_1_0d EXIST::FUNCTION:UI -RSA_OAEP_PARAMS_new 2506 1_1_0d EXIST::FUNCTION:RSA -ASN1_OCTET_STRING_NDEF_it 2507 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OCTET_STRING_NDEF_it 2507 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_certificate_type 2508 1_1_0d EXIST::FUNCTION: -BN_bn2hex 2509 1_1_0d EXIST::FUNCTION: -PKCS5_pbe_set0_algor 2510 1_1_0d EXIST::FUNCTION: -i2d_ASN1_INTEGER 2511 1_1_0d EXIST::FUNCTION: -X509_REQ_get_X509_PUBKEY 2512 1_1_0d EXIST::FUNCTION: -ASN1_item_digest 2513 1_1_0d EXIST::FUNCTION: -OCSP_CRLID_free 2514 1_1_0d EXIST::FUNCTION:OCSP -DH_meth_get_finish 2515 1_1_0d EXIST::FUNCTION:DH -ASN1_TBOOLEAN_it 2516 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_TBOOLEAN_it 2516 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PEM_read_bio 2517 1_1_0d EXIST::FUNCTION: -X509v3_delete_ext 2518 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get_nid 2519 1_1_0d EXIST::FUNCTION: -ECPARAMETERS_it 2520 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC -ECPARAMETERS_it 2520 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC -CMS_signed_get_attr 2521 1_1_0d EXIST::FUNCTION:CMS -OBJ_NAME_remove 2522 1_1_0d EXIST::FUNCTION: -BFIBE_do_decrypt 2523 1_1_0d EXIST::FUNCTION: -PEM_write_bio_Parameters 2524 1_1_0d EXIST::FUNCTION: -SAF_EnumKeyContainerInfo 2525 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_ctrl 2526 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_free 2527 1_1_0d EXIST::FUNCTION: -SAF_SymmEncryptFinal 2528 1_1_0d EXIST::FUNCTION: -BN_mul 2529 1_1_0d EXIST::FUNCTION: -CRYPTO_ocb128_init 2530 1_1_0d EXIST::FUNCTION:OCB -DSA_up_ref 2531 1_1_0d EXIST::FUNCTION:DSA -X509_PUBKEY_set0_param 2532 1_1_0d EXIST::FUNCTION: -PKCS12_add_friendlyname_uni 2533 1_1_0d EXIST::FUNCTION: -X509_set_issuer_name 2534 1_1_0d EXIST::FUNCTION: -ENGINE_register_pkey_asn1_meths 2535 1_1_0d EXIST::FUNCTION:ENGINE -BIO_find_type 2536 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_it 2537 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OCTET_STRING_it 2537 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_set_version 2538 1_1_0d EXIST::FUNCTION: -TS_STATUS_INFO_free 2539 1_1_0d EXIST::FUNCTION:TS -SCT_set1_extensions 2540 1_1_0d EXIST::FUNCTION:CT -EC_KEY_set_enc_flags 2541 1_1_0d EXIST::FUNCTION:EC -OPENSSL_sk_sort 2542 1_1_0d EXIST::FUNCTION: -ERR_load_KDF2_strings 2543 1_1_0d EXIST::FUNCTION: -PROXY_POLICY_it 2544 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PROXY_POLICY_it 2544 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BB1CiphertextBlock_it 2545 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BB1CiphertextBlock_it 2545 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_PKCS8PrivateKey_fp 2546 1_1_0d EXIST::FUNCTION:STDIO -CAST_ofb64_encrypt 2547 1_1_0d EXIST::FUNCTION:CAST -PKCS12_free 2548 1_1_0d EXIST::FUNCTION: -CAST_set_key 2549 1_1_0d EXIST::FUNCTION:CAST -X509_EXTENSION_get_critical 2550 1_1_0d EXIST::FUNCTION: -EVP_PKEY_type 2551 1_1_0d EXIST::FUNCTION: -BIO_sock_error 2552 1_1_0d EXIST::FUNCTION:SOCK -CMS_SignerInfo_cert_cmp 2553 1_1_0d EXIST::FUNCTION:CMS -d2i_PKCS7_ENVELOPE 2554 1_1_0d EXIST::FUNCTION: -i2d_PKCS12_bio 2555 1_1_0d EXIST::FUNCTION: -EC_POINT_copy 2556 1_1_0d EXIST::FUNCTION:EC -X509_get_serialNumber 2557 1_1_0d EXIST::FUNCTION: -d2i_PBEPARAM 2558 1_1_0d EXIST::FUNCTION: -X509_check_email 2559 1_1_0d EXIST::FUNCTION: -BN_hash_to_range 2560 1_1_0d EXIST::FUNCTION: -EVP_CipherInit_ex 2561 1_1_0d EXIST::FUNCTION: -DH_generate_parameters 2562 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,DH -ASN1_STRING_set_default_mask_asc 2563 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNED_new 2564 1_1_0d EXIST::FUNCTION: -BIO_next 2565 1_1_0d EXIST::FUNCTION: -OCSP_SERVICELOC_free 2566 1_1_0d EXIST::FUNCTION:OCSP -CMS_add0_CertificateChoices 2567 1_1_0d EXIST::FUNCTION:CMS -ASN1_GENERALIZEDTIME_free 2568 1_1_0d EXIST::FUNCTION: -DH_free 2569 1_1_0d EXIST::FUNCTION:DH -X509_STORE_CTX_get_check_issued 2570 1_1_0d EXIST::FUNCTION: -i2d_ASN1_BMPSTRING 2571 1_1_0d EXIST::FUNCTION: -TS_CONF_set_policies 2572 1_1_0d EXIST::FUNCTION:TS -EC_GROUP_get_ecpkparameters 2573 1_1_0d EXIST::FUNCTION:EC -EVP_PKEY_set_type_str 2574 1_1_0d EXIST::FUNCTION: -X509_CRL_get0_by_cert 2575 1_1_0d EXIST::FUNCTION: -EXTENDED_KEY_USAGE_free 2576 1_1_0d EXIST::FUNCTION: -BN_is_one 2577 1_1_0d EXIST::FUNCTION: -SDF_ExchangeDigitEnvelopeBaseOnECC 2578 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_derive 2579 1_1_0d EXIST::FUNCTION: -OBJ_sigid_free 2580 1_1_0d EXIST::FUNCTION: -X509_policy_node_get0_parent 2581 1_1_0d EXIST::FUNCTION: -ENGINE_pkey_asn1_find_str 2582 1_1_0d EXIST::FUNCTION:ENGINE -ASN1_TYPE_free 2583 1_1_0d EXIST::FUNCTION: -BN_is_prime_fasttest 2584 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 -i2d_OCSP_SINGLERESP 2585 1_1_0d EXIST::FUNCTION:OCSP -d2i_X509 2586 1_1_0d EXIST::FUNCTION: -X509_SIG_new 2587 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_free 2588 1_1_0d EXIST::FUNCTION: -ASN1_mbstring_ncopy 2589 1_1_0d EXIST::FUNCTION: -PEM_read_X509_AUX 2590 1_1_0d EXIST::FUNCTION:STDIO -EC_KEY_METHOD_get_verify 2591 1_1_0d EXIST::FUNCTION:EC -i2d_PrivateKey_fp 2592 1_1_0d EXIST::FUNCTION:STDIO -CMS_unsigned_get0_data_by_OBJ 2593 1_1_0d EXIST::FUNCTION:CMS -CRYPTO_gcm128_init 2594 1_1_0d EXIST::FUNCTION: -BN_gfp22bn 2595 1_1_0d EXIST::FUNCTION: -PEM_read_RSA_PUBKEY 2596 1_1_0d EXIST::FUNCTION:RSA,STDIO -ENGINE_get_finish_function 2597 1_1_0d EXIST::FUNCTION:ENGINE -GENERAL_NAME_it 2598 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_NAME_it 2598 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_item_i2d 2599 1_1_0d EXIST::FUNCTION: -CONF_imodule_get_flags 2600 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_copy 2601 1_1_0d EXIST::FUNCTION: -EC_POINT_make_affine 2602 1_1_0d EXIST::FUNCTION:EC -d2i_PKCS7_SIGN_ENVELOPE 2603 1_1_0d EXIST::FUNCTION: -EVP_DigestFinal_ex 2604 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_pentanomial_basis 2605 1_1_0d EXIST::FUNCTION:EC,EC2M -EVP_DecryptUpdate 2606 1_1_0d EXIST::FUNCTION: -PKCS7_add1_attrib_digest 2607 1_1_0d EXIST::FUNCTION: -ASN1_STRING_data 2608 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -BN_mod_mul 2609 1_1_0d EXIST::FUNCTION: -X509_REVOKED_it 2610 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_REVOKED_it 2610 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_BOOLEAN_it 2611 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_BOOLEAN_it 2611 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_TIME_diff 2612 1_1_0d EXIST::FUNCTION: -SMIME_write_PKCS7 2613 1_1_0d EXIST::FUNCTION: -OCSP_REQ_CTX_nbio 2614 1_1_0d EXIST::FUNCTION:OCSP -X509_STORE_CTX_get_cleanup 2615 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_set0_pkey 2616 1_1_0d EXIST::FUNCTION:CMS -X509_signature_dump 2617 1_1_0d EXIST::FUNCTION: -TS_ACCURACY_get_seconds 2618 1_1_0d EXIST::FUNCTION:TS -CRYPTO_get_ex_new_index 2619 1_1_0d EXIST::FUNCTION: -PEM_write_bio_DHparams 2620 1_1_0d EXIST::FUNCTION:DH -ISSUING_DIST_POINT_it 2621 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ISSUING_DIST_POINT_it 2621 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_EncryptUpdate 2622 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_curve_GF2m 2623 1_1_0d EXIST::FUNCTION:EC,EC2M -ASN1_GENERALIZEDTIME_adj 2624 1_1_0d EXIST::FUNCTION: -SHA384_Update 2625 1_1_0d EXIST:!VMSVAX:FUNCTION: -X509_cmp_current_time 2626 1_1_0d EXIST::FUNCTION: -EVP_aes_256_ocb 2627 1_1_0d EXIST::FUNCTION:OCB -SKF_WaitForDevEvent 2628 1_1_0d EXIST::FUNCTION: -EC_GROUP_clear_free 2629 1_1_0d EXIST::FUNCTION:EC -BN_mod_inverse 2630 1_1_0d EXIST::FUNCTION: -RSA_set_RSAPUBLICKEYBLOB 2631 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_set_tsa 2632 1_1_0d EXIST::FUNCTION:TS -PKCS7_set0_type_other 2633 1_1_0d EXIST::FUNCTION: -DH_generate_key 2634 1_1_0d EXIST::FUNCTION:DH -OBJ_NAME_do_all_sorted 2635 1_1_0d EXIST::FUNCTION: -X509V3_EXT_add_list 2636 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set_flags 2637 1_1_0d EXIST::FUNCTION: -CRYPTO_mem_leaks 2638 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -d2i_DIST_POINT 2639 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get_default_digest_nid 2640 1_1_0d EXIST::FUNCTION: -BIO_get_host_ip 2641 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK -X509_CRL_http_nbio 2642 1_1_0d EXIST::FUNCTION:OCSP -DSA_meth_set_verify 2643 1_1_0d EXIST::FUNCTION:DSA -GENERAL_NAME_dup 2644 1_1_0d EXIST::FUNCTION: -CONF_imodule_get_usr_data 2645 1_1_0d EXIST::FUNCTION: -SKF_LockDev 2646 1_1_0d EXIST::FUNCTION: -SM9_verify 2647 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_dup 2648 1_1_0d EXIST::FUNCTION:TS -UTF8_getc 2649 1_1_0d EXIST::FUNCTION: -EVP_SealInit 2650 1_1_0d EXIST::FUNCTION:RSA -DSA_dup_DH 2651 1_1_0d EXIST::FUNCTION:DH,DSA -ERR_load_PAILLIER_strings 2652 1_1_0d EXIST::FUNCTION: -ASN1_SET_ANY_it 2653 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_SET_ANY_it 2653 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SDF_GenerateAgreementDataAndKeyWithECC 2654 1_1_0d EXIST::FUNCTION: -EC_GROUP_have_precompute_mult 2655 1_1_0d EXIST::FUNCTION:EC -i2d_PrivateKey 2656 1_1_0d EXIST::FUNCTION: -PKCS12_get0_mac 2657 1_1_0d EXIST::FUNCTION: -BB1CiphertextBlock_free 2658 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_get_int_octetstring 2659 1_1_0d EXIST::FUNCTION: -ERR_add_error_vdata 2660 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_add_md 2661 1_1_0d EXIST::FUNCTION:TS -SCT_new 2662 1_1_0d EXIST::FUNCTION:CT -X509_OBJECT_get_type 2663 1_1_0d EXIST::FUNCTION: -OBJ_ln2nid 2664 1_1_0d EXIST::FUNCTION: -DES_ofb_encrypt 2665 1_1_0d EXIST::FUNCTION:DES -EC_KEY_METHOD_set_decrypt 2666 1_1_0d EXIST::FUNCTION: -PKCS7_dup 2667 1_1_0d EXIST::FUNCTION: -SKF_ECCExportSessionKey 2668 1_1_0d EXIST::FUNCTION: -i2d_TS_STATUS_INFO 2669 1_1_0d EXIST::FUNCTION:TS -DH_meth_get0_name 2670 1_1_0d EXIST::FUNCTION:DH -PKCS5_PBKDF2_HMAC 2671 1_1_0d EXIST::FUNCTION: -SAF_GetCertFromLdap 2672 1_1_0d EXIST::FUNCTION: -i2d_CPK_MASTER_SECRET_bio 2673 1_1_0d EXIST::FUNCTION: -TXT_DB_read 2674 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_read_lock 2675 1_1_0d EXIST::FUNCTION: -EVP_PBE_CipherInit 2676 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_clear_flags 2677 1_1_0d EXIST::FUNCTION: -X509_REVOKED_get_ext_count 2678 1_1_0d EXIST::FUNCTION: -i2d_PKCS8PrivateKey_bio 2679 1_1_0d EXIST::FUNCTION: -EVP_aes_192_cfb128 2680 1_1_0d EXIST::FUNCTION: -ENGINE_get_first 2681 1_1_0d EXIST::FUNCTION:ENGINE -SAF_EccSign 2682 1_1_0d EXIST::FUNCTION: -X509_CRL_set_issuer_name 2683 1_1_0d EXIST::FUNCTION: -d2i_RSA_PUBKEY 2684 1_1_0d EXIST::FUNCTION:RSA -UI_method_set_opener 2685 1_1_0d EXIST::FUNCTION:UI -PKCS12_item_pack_safebag 2686 1_1_0d EXIST::FUNCTION: -Camellia_cfb128_encrypt 2687 1_1_0d EXIST::FUNCTION:CAMELLIA -CMAC_CTX_cleanup 2688 1_1_0d EXIST::FUNCTION:CMAC -BIO_push 2689 1_1_0d EXIST::FUNCTION: -PKCS7_add_signature 2690 1_1_0d EXIST::FUNCTION: -SKF_GenExtRSAKey 2691 1_1_0d EXIST::FUNCTION: -X509_sign 2692 1_1_0d EXIST::FUNCTION: -d2i_RSAPrivateKey_bio 2693 1_1_0d EXIST::FUNCTION:RSA -DSAparams_dup 2694 1_1_0d EXIST::FUNCTION:DSA -EC_GROUP_get_curve_name 2695 1_1_0d EXIST::FUNCTION:EC -TS_TST_INFO_set_msg_imprint 2696 1_1_0d EXIST::FUNCTION:TS -i2d_PKCS8_PRIV_KEY_INFO 2697 1_1_0d EXIST::FUNCTION: -EVP_PKEY_assign 2698 1_1_0d EXIST::FUNCTION: -d2i_ASN1_T61STRING 2699 1_1_0d EXIST::FUNCTION: -CRYPTO_secure_actual_size 2700 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_from_ecparameters 2701 1_1_0d EXIST::FUNCTION:EC -X509_NAME_free 2702 1_1_0d EXIST::FUNCTION: -BFIBE_setup 2703 1_1_0d EXIST::FUNCTION: -X509V3_add_value_bool_nf 2704 1_1_0d EXIST::FUNCTION: -EVP_CipherFinal 2705 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_kari_decrypt 2706 1_1_0d EXIST::FUNCTION:CMS -DSO_set_filename 2707 1_1_0d EXIST::FUNCTION: -X509_sign_ctx 2708 1_1_0d EXIST::FUNCTION: -X509_CRL_INFO_free 2709 1_1_0d EXIST::FUNCTION: -CMS_get0_content 2710 1_1_0d EXIST::FUNCTION:CMS -d2i_PKCS12_fp 2711 1_1_0d EXIST::FUNCTION:STDIO -CMS_verify 2712 1_1_0d EXIST::FUNCTION:CMS -SAF_Pkcs7_DecodeSignedData 2713 1_1_0d EXIST::FUNCTION: -NOTICEREF_free 2714 1_1_0d EXIST::FUNCTION: -PKCS7_decrypt 2715 1_1_0d EXIST::FUNCTION: -EDIPARTYNAME_free 2716 1_1_0d EXIST::FUNCTION: -i2d_RSAPrivateKey_fp 2717 1_1_0d EXIST::FUNCTION:RSA,STDIO -ENGINE_get_EC 2718 1_1_0d EXIST::FUNCTION:ENGINE -TXT_DB_get_by_index 2719 1_1_0d EXIST::FUNCTION: -HMAC_Final 2720 1_1_0d EXIST::FUNCTION: -OPENSSL_init_crypto 2721 1_1_0d EXIST::FUNCTION: -OCSP_RESPONSE_new 2722 1_1_0d EXIST::FUNCTION:OCSP -EVP_des_cfb8 2723 1_1_0d EXIST::FUNCTION:DES -BIO_ADDRINFO_family 2724 1_1_0d EXIST::FUNCTION:SOCK -SRP_get_default_gN 2725 1_1_0d EXIST::FUNCTION:SRP -OCSP_BASICRESP_new 2726 1_1_0d EXIST::FUNCTION:OCSP -CT_POLICY_EVAL_CTX_get0_cert 2727 1_1_0d EXIST::FUNCTION:CT -RSA_meth_set_mod_exp 2728 1_1_0d EXIST::FUNCTION:RSA -X509v3_add_ext 2729 1_1_0d EXIST::FUNCTION: -OCSP_crl_reason_str 2730 1_1_0d EXIST::FUNCTION:OCSP -ENGINE_unregister_EC 2731 1_1_0d EXIST::FUNCTION:ENGINE -i2d_ASN1_BIT_STRING 2732 1_1_0d EXIST::FUNCTION: -CMS_decrypt_set1_pkey 2733 1_1_0d EXIST::FUNCTION:CMS -ECIES_CIPHERTEXT_VALUE_free 2734 1_1_0d EXIST::FUNCTION: -DSA_meth_new 2735 1_1_0d EXIST::FUNCTION:DSA -BIO_new_dgram_sctp 2736 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -EVP_CIPHER_CTX_set_key_length 2737 1_1_0d EXIST::FUNCTION: -EVP_EncodeFinal 2738 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_get_nonce 2739 1_1_0d EXIST::FUNCTION:TS -TS_ACCURACY_dup 2740 1_1_0d EXIST::FUNCTION:TS -X509_ATTRIBUTE_get0_object 2741 1_1_0d EXIST::FUNCTION: -EVP_DigestInit_ex 2742 1_1_0d EXIST::FUNCTION: -i2d_OCSP_RESPONSE 2743 1_1_0d EXIST::FUNCTION:OCSP -OCSP_ONEREQ_new 2744 1_1_0d EXIST::FUNCTION:OCSP -BIO_debug_callback 2745 1_1_0d EXIST::FUNCTION: -ASN1_TIME_print 2746 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_3072 2747 1_1_0d EXIST::FUNCTION: -X509_ALGOR_new 2748 1_1_0d EXIST::FUNCTION: -EVP_DigestFinal 2749 1_1_0d EXIST::FUNCTION: -EVP_des_ede3_cfb8 2750 1_1_0d EXIST::FUNCTION:DES -CPK_PUBLIC_PARAMS_free 2751 1_1_0d EXIST::FUNCTION: -X509_REQ_set_extension_nids 2752 1_1_0d EXIST::FUNCTION: -TS_CONF_load_key 2753 1_1_0d EXIST::FUNCTION:TS -DSA_meth_get_keygen 2754 1_1_0d EXIST::FUNCTION:DSA -EVP_CIPHER_get_asn1_iv 2755 1_1_0d EXIST::FUNCTION: -EVP_camellia_256_ecb 2756 1_1_0d EXIST::FUNCTION:CAMELLIA -UI_dup_verify_string 2757 1_1_0d EXIST::FUNCTION:UI -UI_method_set_prompt_constructor 2758 1_1_0d EXIST::FUNCTION:UI -CRYPTO_gcm128_setiv 2759 1_1_0d EXIST::FUNCTION: -SDF_ExportEncPublicKey_RSA 2760 1_1_0d EXIST::FUNCTION: -d2i_PKCS8_PRIV_KEY_INFO 2761 1_1_0d EXIST::FUNCTION: -i2d_DSA_PUBKEY 2762 1_1_0d EXIST::FUNCTION:DSA -ERR_load_ENGINE_strings 2763 1_1_0d EXIST::FUNCTION:ENGINE -X509_REQ_INFO_it 2764 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_REQ_INFO_it 2764 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CRYPTO_malloc 2765 1_1_0d EXIST::FUNCTION: -d2i_PKCS7_ENCRYPT 2766 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_ciphers 2767 1_1_0d EXIST::FUNCTION:ENGINE -ASN1_TIME_free 2768 1_1_0d EXIST::FUNCTION: -OCSP_CERTSTATUS_it 2769 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_CERTSTATUS_it 2769 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -ASN1_PCTX_get_str_flags 2770 1_1_0d EXIST::FUNCTION: -RSA_flags 2771 1_1_0d EXIST::FUNCTION:RSA -ECIES_encrypt 2772 1_1_0d EXIST::FUNCTION: -EC_GROUP_set_curve_name 2773 1_1_0d EXIST::FUNCTION:EC -i2d_CRL_DIST_POINTS 2774 1_1_0d EXIST::FUNCTION: -ASN1_item_d2i 2775 1_1_0d EXIST::FUNCTION: -X509_REQ_free 2776 1_1_0d EXIST::FUNCTION: -CRL_DIST_POINTS_free 2777 1_1_0d EXIST::FUNCTION: -RSA_clear_flags 2778 1_1_0d EXIST::FUNCTION:RSA -EVP_seed_cfb128 2779 1_1_0d EXIST::FUNCTION:SEED -RSA_up_ref 2780 1_1_0d EXIST::FUNCTION:RSA -X509_find_by_issuer_and_serial 2781 1_1_0d EXIST::FUNCTION: -EVP_aes_256_wrap 2782 1_1_0d EXIST::FUNCTION: -CMS_add1_recipient_cert 2783 1_1_0d EXIST::FUNCTION:CMS -sm3_hmac 2784 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNER_INFO_new 2785 1_1_0d EXIST::FUNCTION: -i2d_X509_EXTENSIONS 2786 1_1_0d EXIST::FUNCTION: -DH_OpenSSL 2787 1_1_0d EXIST::FUNCTION:DH -EVP_CIPHER_meth_get_get_asn1_params 2788 1_1_0d EXIST::FUNCTION: -MDC2_Init 2789 1_1_0d EXIST::FUNCTION:MDC2 -DSA_OpenSSL 2790 1_1_0d EXIST::FUNCTION:DSA +EC_GROUP_set_curve_name 1 1_1_0d EXIST::FUNCTION:EC +X509at_delete_attr 2 1_1_0d EXIST::FUNCTION: +i2d_ASN1_GENERALIZEDTIME 3 1_1_0d EXIST::FUNCTION: +ENGINE_free 4 1_1_0d EXIST::FUNCTION:ENGINE +BN_get0_nist_prime_521 5 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_get_sgd 6 1_1_0d EXIST::FUNCTION:GMAPI +X509_STORE_set_depth 7 1_1_0d EXIST::FUNCTION: +i2d_X509_REVOKED 8 1_1_0d EXIST::FUNCTION: +d2i_ECCCipher_fp 9 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,STDIO +PKCS12_PBE_add 10 1_1_0d EXIST::FUNCTION: +d2i_TS_RESP_fp 11 1_1_0d EXIST::FUNCTION:STDIO,TS +OCSP_ONEREQ_get1_ext_d2i 12 1_1_0d EXIST::FUNCTION:OCSP +NCONF_dump_bio 13 1_1_0d EXIST::FUNCTION: +ECDSA_SIG_get0 14 1_1_0d EXIST::FUNCTION:EC +SMIME_write_CMS 15 1_1_0d EXIST::FUNCTION:CMS +X509_LOOKUP_by_alias 16 1_1_0d EXIST::FUNCTION: +ASN1_item_dup 17 1_1_0d EXIST::FUNCTION: +GENERAL_SUBTREE_new 18 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_add 19 1_1_0d EXIST::FUNCTION: +KDF_get_x9_63 20 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_set_private 21 1_1_0d EXIST::FUNCTION: +OPENSSL_config 22 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +DSA_meth_get_flags 23 1_1_0d EXIST::FUNCTION:DSA +d2i_IPAddressChoice 24 1_1_0d EXIST::FUNCTION:RFC3779 +NAME_CONSTRAINTS_free 25 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_set0_pkey 26 1_1_0d EXIST::FUNCTION:CMS +EVP_MD_CTX_clear_flags 27 1_1_0d EXIST::FUNCTION: +PKCS12_BAGS_it 28 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_BAGS_it 28 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PEM_write_RSAPublicKey 29 1_1_0d EXIST::FUNCTION:RSA,STDIO +OPENSSL_buf2hexstr 30 1_1_0d EXIST::FUNCTION: +TS_CONF_set_certs 31 1_1_0d EXIST::FUNCTION:TS +d2i_ASN1_GENERALIZEDTIME 32 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_setiv 33 1_1_0d EXIST::FUNCTION:OCB +X509_CRL_get_nextUpdate 34 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +EVP_PKEY_meth_get_encrypt 35 1_1_0d EXIST::FUNCTION: +SKF_GenExtRSAKey 36 1_1_0d EXIST::FUNCTION:SKF +SDF_PrintECCCipher 37 1_1_0d EXIST::FUNCTION:SDF +EVP_DECODE_LENGTH 38 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_certs 39 1_1_0d EXIST::FUNCTION:TS +SKF_DigestUpdate 40 1_1_0d EXIST::FUNCTION:SKF +DH_set_method 41 1_1_0d EXIST::FUNCTION:DH +CRYPTO_free_ex_data 42 1_1_0d EXIST::FUNCTION: +SCT_get0_log_id 43 1_1_0d EXIST::FUNCTION:CT +d2i_ECIES_CIPHERTEXT_VALUE 44 1_1_0d EXIST::FUNCTION:ECIES +BN_mod_exp_mont 45 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_cleanup 46 1_1_0d EXIST::FUNCTION: +BIO_socket_ioctl 47 1_1_0d EXIST::FUNCTION:SOCK +PKCS7_add1_attrib_digest 48 1_1_0d EXIST::FUNCTION: +X509_SIG_new 49 1_1_0d EXIST::FUNCTION: +AES_cfb8_encrypt 50 1_1_0d EXIST::FUNCTION: +ASN1_item_sign_ctx 51 1_1_0d EXIST::FUNCTION: +TS_ACCURACY_set_micros 52 1_1_0d EXIST::FUNCTION:TS +SKF_CloseContainer 53 1_1_0d EXIST::FUNCTION:SKF +EVP_PKEY_meth_set_verifyctx 54 1_1_0d EXIST::FUNCTION: +CRYPTO_ctr128_encrypt_ctr32 55 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get_ex_data 56 1_1_0d EXIST::FUNCTION: +serpent_set_encrypt_key 57 1_1_0d EXIST::FUNCTION:SERPENT +d2i_SXNETID 58 1_1_0d EXIST::FUNCTION: +CMS_signed_add1_attr_by_NID 59 1_1_0d EXIST::FUNCTION:CMS +X509_PUBKEY_set0_param 60 1_1_0d EXIST::FUNCTION: +PKCS7_get_signer_info 61 1_1_0d EXIST::FUNCTION: +EC_POINT_invert 62 1_1_0d EXIST::FUNCTION:EC +BN_nist_mod_192 63 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_get_init 64 1_1_0d EXIST::FUNCTION:EC +DH_meth_get_generate_params 65 1_1_0d EXIST::FUNCTION:DH +CONF_free 66 1_1_0d EXIST::FUNCTION: +IPAddressChoice_new 67 1_1_0d EXIST::FUNCTION:RFC3779 +EC_GROUP_get_order 68 1_1_0d EXIST::FUNCTION:EC +X509_CRL_sort 69 1_1_0d EXIST::FUNCTION: +PEM_read_bio_DSA_PUBKEY 70 1_1_0d EXIST::FUNCTION:DSA +OCSP_resp_get0_certs 71 1_1_0d EXIST::FUNCTION:OCSP +ERR_load_X509_strings 72 1_1_0d EXIST::FUNCTION: +X509at_get_attr_by_NID 73 1_1_0d EXIST::FUNCTION: +PEM_write_bio_PKCS8PrivateKey_nid 74 1_1_0d EXIST::FUNCTION: +d2i_ECCCIPHERBLOB_bio 75 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EVP_CIPHER_CTX_rand_key 76 1_1_0d EXIST::FUNCTION: +RAND_egd_bytes 77 1_1_0d EXIST::FUNCTION:EGD +TS_TST_INFO_ext_free 78 1_1_0d EXIST::FUNCTION:TS +ECPKParameters_print_fp 79 1_1_0d EXIST::FUNCTION:EC,STDIO +UI_get0_user_data 80 1_1_0d EXIST::FUNCTION:UI +EVP_camellia_128_ecb 81 1_1_0d EXIST::FUNCTION:CAMELLIA +i2d_ASN1_SEQUENCE_ANY 82 1_1_0d EXIST::FUNCTION: +GENERAL_SUBTREE_free 83 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_basis_type 84 1_1_0d EXIST::FUNCTION:EC +zuc_128eea3_encrypt 85 1_1_0d EXIST::FUNCTION:ZUC +BF_encrypt 86 1_1_0d EXIST::FUNCTION:BF +FpPoint_new 87 1_1_0d EXIST::FUNCTION: +EC_KEY_set_ECCPUBLICKEYBLOB 88 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +ENGINE_get_pkey_meths 89 1_1_0d EXIST::FUNCTION:ENGINE +serpent_encrypt 90 1_1_0d EXIST::FUNCTION:SERPENT +CMS_RecipientInfo_kari_set0_pkey 91 1_1_0d EXIST::FUNCTION:CMS +EVP_DigestVerifyUpdate 92 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_ctrl 93 1_1_0d EXIST::FUNCTION: +RAND_load_file 94 1_1_0d EXIST::FUNCTION: +EC_KEY_new_from_ECCPUBLICKEYBLOB 95 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +OCSP_SERVICELOC_new 96 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_CTX_set_default 97 1_1_0d EXIST::FUNCTION: +CMS_signed_get_attr_count 98 1_1_0d EXIST::FUNCTION:CMS +X509_STORE_CTX_get0_store 99 1_1_0d EXIST::FUNCTION: +speck_encrypt64 100 1_1_0d EXIST::FUNCTION:SPECK +TS_REQ_get_ext 101 1_1_0d EXIST::FUNCTION:TS +i2d_SM9Signature 102 1_1_0d EXIST::FUNCTION:SM9 +X509_REQ_get_attr_count 103 1_1_0d EXIST::FUNCTION: +BIO_ADDRINFO_next 104 1_1_0d EXIST::FUNCTION:SOCK +UI_add_verify_string 105 1_1_0d EXIST::FUNCTION:UI +RC5_32_set_key 106 1_1_0d EXIST::FUNCTION:RC5 +ERR_load_CRYPTO_strings 107 1_1_0d EXIST:!VMS:FUNCTION: +ERR_load_CRYPTOlib_strings 107 1_1_0d EXIST:VMS:FUNCTION: +PKCS7_add_certificate 108 1_1_0d EXIST::FUNCTION: +i2d_FpPoint 109 1_1_0d EXIST::FUNCTION: +SKF_DeleteFile 110 1_1_0d EXIST::FUNCTION:SKF +BIO_dump_indent_fp 111 1_1_0d EXIST::FUNCTION:STDIO +s2i_ASN1_IA5STRING 112 1_1_0d EXIST::FUNCTION: +X509_dup 113 1_1_0d EXIST::FUNCTION: +CAST_cfb64_encrypt 114 1_1_0d EXIST::FUNCTION:CAST +MDC2_Update 115 1_1_0d EXIST::FUNCTION:MDC2 +X509V3_EXT_add_alias 116 1_1_0d EXIST::FUNCTION: +BN_bn2solinas 117 1_1_0d EXIST::FUNCTION: +X509v3_addr_get_range 118 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_PKEY_decrypt_init 119 1_1_0d EXIST::FUNCTION: +ERR_load_SM2_strings 120 1_1_0d EXIST::FUNCTION:SM2 +X509v3_addr_is_canonical 121 1_1_0d EXIST::FUNCTION:RFC3779 +RSA_padding_add_X931 122 1_1_0d EXIST::FUNCTION:RSA +DSA_sign 123 1_1_0d EXIST::FUNCTION:DSA +ASYNC_WAIT_CTX_set_wait_fd 124 1_1_0d EXIST::FUNCTION: +BN_new 125 1_1_0d EXIST::FUNCTION: +BIO_clear_flags 126 1_1_0d EXIST::FUNCTION: +BN_mask_bits 127 1_1_0d EXIST::FUNCTION: +i2d_ASN1_IA5STRING 128 1_1_0d EXIST::FUNCTION: +EC_POINT_make_affine 129 1_1_0d EXIST::FUNCTION:EC +X509V3_EXT_conf 130 1_1_0d EXIST::FUNCTION: +d2i_IPAddressFamily 131 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_PKEY_meth_get_init 132 1_1_0d EXIST::FUNCTION: +BN_GF2m_poly2arr 133 1_1_0d EXIST::FUNCTION:EC2M +EVP_PBE_find 134 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_ext_by_critical 135 1_1_0d EXIST::FUNCTION:TS +SM2_sign_ex 136 1_1_0d EXIST::FUNCTION:SM2 +EVP_DecryptFinal 137 1_1_0d EXIST::FUNCTION: +USERNOTICE_new 138 1_1_0d EXIST::FUNCTION: +CRYPTO_mem_ctrl 139 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_set_padding 140 1_1_0d EXIST::FUNCTION: +OCSP_sendreq_bio 141 1_1_0d EXIST::FUNCTION:OCSP +ASN1_get_object 142 1_1_0d EXIST::FUNCTION: +EVP_MD_flags 143 1_1_0d EXIST::FUNCTION: +BIO_new_dgram 144 1_1_0d EXIST::FUNCTION:DGRAM +sms4_ofb128_encrypt 145 1_1_0d EXIST::FUNCTION:SMS4 +EVP_des_ede3_ecb 146 1_1_0d EXIST::FUNCTION:DES +EC_KEY_GmSSL 147 1_1_0d EXIST::FUNCTION:SM2 +X509_VERIFY_PARAM_set_time 148 1_1_0d EXIST::FUNCTION: +BB1PrivateKeyBlock_free 149 1_1_0d EXIST::FUNCTION:BB1IBE +GENERAL_NAME_cmp 150 1_1_0d EXIST::FUNCTION: +RIPEMD160_Transform 151 1_1_0d EXIST::FUNCTION:RMD160 +EVP_PKEY_CTX_new 152 1_1_0d EXIST::FUNCTION: +X509V3_NAME_from_section 153 1_1_0d EXIST::FUNCTION: +SCT_get0_signature 154 1_1_0d EXIST::FUNCTION:CT +SKF_EnumFiles 155 1_1_0d EXIST::FUNCTION:SKF +RSA_flags 156 1_1_0d EXIST::FUNCTION:RSA +DSO_get_filename 157 1_1_0d EXIST::FUNCTION: +ENGINE_get_init_function 158 1_1_0d EXIST::FUNCTION:ENGINE +EC_GROUP_set_seed 159 1_1_0d EXIST::FUNCTION:EC +SKF_ExtECCVerify 160 1_1_0d EXIST::FUNCTION:SKF +ASN1_put_object 161 1_1_0d EXIST::FUNCTION: +CRYPTO_gcm128_tag 162 1_1_0d EXIST::FUNCTION: +X509_STORE_get_check_issued 163 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set0_verified_chain 164 1_1_0d EXIST::FUNCTION: +speck_decrypt64 165 1_1_0d EXIST::FUNCTION:SPECK +CRYPTO_realloc 166 1_1_0d EXIST::FUNCTION: +DSA_get0_key 167 1_1_0d EXIST::FUNCTION:DSA +RAND_file_name 168 1_1_0d EXIST::FUNCTION: +X509_get_default_cert_dir_env 169 1_1_0d EXIST::FUNCTION: +v2i_ASN1_BIT_STRING 170 1_1_0d EXIST::FUNCTION: +PKCS5_pbe_set0_algor 171 1_1_0d EXIST::FUNCTION: +EVP_des_ede3_wrap 172 1_1_0d EXIST::FUNCTION:DES +EVP_get_cipherbysgd 173 1_1_0d EXIST::FUNCTION:GMAPI +PEM_ASN1_read 174 1_1_0d EXIST::FUNCTION:STDIO +OPENSSL_LH_stats 175 1_1_0d EXIST::FUNCTION:STDIO +X509_REQ_add_extensions_nid 176 1_1_0d EXIST::FUNCTION: +X509_NAME_ENTRY_new 177 1_1_0d EXIST::FUNCTION: +DH_check_params 178 1_1_0d EXIST::FUNCTION:DH +d2i_PROXY_CERT_INFO_EXTENSION 179 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_EC_KEY 180 1_1_0d EXIST::FUNCTION:EC +ASYNC_start_job 181 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_purpose 182 1_1_0d EXIST::FUNCTION: +SCT_get_signature_nid 183 1_1_0d EXIST::FUNCTION:CT +SM9Signature_free 184 1_1_0d EXIST::FUNCTION:SM9 +X509_VERIFY_PARAM_set1_email 185 1_1_0d EXIST::FUNCTION: +SAF_GenEccKeyPair 186 1_1_0d EXIST::FUNCTION: +TXT_DB_write 187 1_1_0d EXIST::FUNCTION: +X509_issuer_name_hash_old 188 1_1_0d EXIST::FUNCTION:MD5 +sms4_ctr128_encrypt 189 1_1_0d EXIST::FUNCTION:SMS4 +sms4_set_decrypt_key 190 1_1_0d EXIST::FUNCTION:SMS4 +OCSP_url_svcloc_new 191 1_1_0d EXIST::FUNCTION:OCSP +CMS_SignerInfo_cert_cmp 192 1_1_0d EXIST::FUNCTION:CMS +EVP_set_pw_prompt 193 1_1_0d EXIST::FUNCTION:UI +ASN1_i2d_fp 194 1_1_0d EXIST::FUNCTION:STDIO +TS_REQ_get_ext_by_OBJ 195 1_1_0d EXIST::FUNCTION:TS +MDC2_Init 196 1_1_0d EXIST::FUNCTION:MDC2 +EC_POINT_copy 197 1_1_0d EXIST::FUNCTION:EC +i2d_NETSCAPE_CERT_SEQUENCE 198 1_1_0d EXIST::FUNCTION: +X509_keyid_set1 199 1_1_0d EXIST::FUNCTION: +CTLOG_get0_log_id 200 1_1_0d EXIST::FUNCTION:CT +EVP_camellia_128_cfb128 201 1_1_0d EXIST::FUNCTION:CAMELLIA +SAF_EnumCertificatesFree 202 1_1_0d EXIST::FUNCTION: +ERR_load_RAND_strings 203 1_1_0d EXIST::FUNCTION: +SM9PublicKey_get_gmtls_encoded 204 1_1_0d EXIST::FUNCTION:SM9 +PKCS7_ENCRYPT_free 205 1_1_0d EXIST::FUNCTION: +OpenSSL_add_all_algorithms 206 1_1_0d EXIST::FUNCTION: +RSA_get_method 207 1_1_0d EXIST::FUNCTION:RSA +i2d_DSA_SIG 208 1_1_0d EXIST::FUNCTION:DSA +EVP_OpenUpdate 209 1_1_0d EXIST::FUNCTION: +PEM_write_bio_PrivateKey 210 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_EncodeDigestedData 211 1_1_0d EXIST::FUNCTION: +ERR_load_PKCS12_strings 212 1_1_0d EXIST::FUNCTION: +EC_GFp_simple_method 213 1_1_0d EXIST::FUNCTION:EC +OCSP_REQUEST_get_ext_by_OBJ 214 1_1_0d EXIST::FUNCTION:OCSP +CAST_cbc_encrypt 215 1_1_0d EXIST::FUNCTION:CAST +X509_new 216 1_1_0d EXIST::FUNCTION: +RSA_private_encrypt 217 1_1_0d EXIST::FUNCTION:RSA +ASN1_tag2str 218 1_1_0d EXIST::FUNCTION: +EVP_md4 219 1_1_0d EXIST::FUNCTION:MD4 +DSA_new_method 220 1_1_0d EXIST::FUNCTION:DSA +SXNETID_new 221 1_1_0d EXIST::FUNCTION: +i2d_BASIC_CONSTRAINTS 222 1_1_0d EXIST::FUNCTION: +ASN1_UTF8STRING_it 223 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_UTF8STRING_it 223 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +AES_set_encrypt_key 224 1_1_0d EXIST::FUNCTION: +EVP_DigestSignUpdate 225 1_1_0d EXIST::FUNCTION: +DSA_SIG_free 226 1_1_0d EXIST::FUNCTION:DSA +ASN1_IA5STRING_new 227 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_set_get_asn1_params 228 1_1_0d EXIST::FUNCTION: +SDF_CalculateMAC 229 1_1_0d EXIST::FUNCTION: +DES_cbc_encrypt 230 1_1_0d EXIST::FUNCTION:DES +X509_STORE_CTX_new 231 1_1_0d EXIST::FUNCTION: +d2i_X509_EXTENSION 232 1_1_0d EXIST::FUNCTION: +BN_GFP2_free 233 1_1_0d EXIST::FUNCTION: +DSA_meth_set_flags 234 1_1_0d EXIST::FUNCTION:DSA +X509at_get_attr_by_OBJ 235 1_1_0d EXIST::FUNCTION: +SAF_GenerateKeyWithEPK 236 1_1_0d EXIST::FUNCTION: +RC5_32_ecb_encrypt 237 1_1_0d EXIST::FUNCTION:RC5 +RSA_meth_get_bn_mod_exp 238 1_1_0d EXIST::FUNCTION:RSA +BN_gcd 239 1_1_0d EXIST::FUNCTION: +X509_delete_ext 240 1_1_0d EXIST::FUNCTION: +BIO_meth_set_puts 241 1_1_0d EXIST::FUNCTION: +PEM_ASN1_write_bio 242 1_1_0d EXIST::FUNCTION: +ECIES_do_decrypt 243 1_1_0d EXIST::FUNCTION:ECIES +ACCESS_DESCRIPTION_it 244 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ACCESS_DESCRIPTION_it 244 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +LONG_it 245 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +LONG_it 245 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_get_signature_nid 246 1_1_0d EXIST::FUNCTION: +TS_STATUS_INFO_print_bio 247 1_1_0d EXIST::FUNCTION:TS +CRYPTO_secure_zalloc 248 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_get0 249 1_1_0d EXIST::FUNCTION: +DES_encrypt3 250 1_1_0d EXIST::FUNCTION:DES +CRYPTO_THREAD_set_local 251 1_1_0d EXIST::FUNCTION: +ASRange_new 252 1_1_0d EXIST::FUNCTION:RFC3779 +PKCS5_v2_scrypt_keyivgen 253 1_1_0d EXIST::FUNCTION:SCRYPT +CTLOG_STORE_load_default_file 254 1_1_0d EXIST::FUNCTION:CT +d2i_PaillierPrivateKey 255 1_1_0d EXIST::FUNCTION:PAILLIER +CMS_EncryptedData_encrypt 256 1_1_0d EXIST::FUNCTION:CMS +BIO_meth_get_write 257 1_1_0d EXIST::FUNCTION: +DSA_meth_get_init 258 1_1_0d EXIST::FUNCTION:DSA +OPENSSL_LH_set_down_load 259 1_1_0d EXIST::FUNCTION: +OCSP_CERTID_it 260 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_CERTID_it 260 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +PKCS12_get0_mac 261 1_1_0d EXIST::FUNCTION: +OBJ_NAME_do_all 262 1_1_0d EXIST::FUNCTION: +X509_REQ_extension_nid 263 1_1_0d EXIST::FUNCTION: +X509_REQ_verify 264 1_1_0d EXIST::FUNCTION: +PKCS7_ENVELOPE_free 265 1_1_0d EXIST::FUNCTION: +SCT_get_validation_status 266 1_1_0d EXIST::FUNCTION:CT +TS_TST_INFO_set_tsa 267 1_1_0d EXIST::FUNCTION:TS +OCSP_response_get1_basic 268 1_1_0d EXIST::FUNCTION:OCSP +DH_OpenSSL 269 1_1_0d EXIST::FUNCTION:DH +d2i_OCSP_BASICRESP 270 1_1_0d EXIST::FUNCTION:OCSP +UI_destroy_method 271 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_CTX_get_ecdh_kdf_type 272 1_1_0d EXIST::FUNCTION:EC +EVP_MD_meth_set_input_blocksize 273 1_1_0d EXIST::FUNCTION: +DSA_meth_set_sign 274 1_1_0d EXIST::FUNCTION:DSA +SDF_HashInit 275 1_1_0d EXIST::FUNCTION: +RSA_meth_set_sign 276 1_1_0d EXIST::FUNCTION:RSA +ENGINE_ctrl 277 1_1_0d EXIST::FUNCTION:ENGINE +PKCS12_SAFEBAG_get0_attrs 278 1_1_0d EXIST::FUNCTION: +X509_it 279 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_it 279 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OPENSSL_uni2asc 280 1_1_0d EXIST::FUNCTION: +BFIBE_setup 281 1_1_0d EXIST::FUNCTION:BFIBE +PKCS7_verify 282 1_1_0d EXIST::FUNCTION: +X509_issuer_name_hash 283 1_1_0d EXIST::FUNCTION: +SKF_RSAExportSessionKey 284 1_1_0d EXIST::FUNCTION:SKF +ENGINE_init 285 1_1_0d EXIST::FUNCTION:ENGINE +BN_mod_exp_mont_consttime 286 1_1_0d EXIST::FUNCTION: +BIO_method_name 287 1_1_0d EXIST::FUNCTION: +POLICYINFO_new 288 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyWithIPK_ECC 289 1_1_0d EXIST::FUNCTION: +X509V3_EXT_print_fp 290 1_1_0d EXIST::FUNCTION:STDIO +d2i_PKCS7_fp 291 1_1_0d EXIST::FUNCTION:STDIO +TS_ACCURACY_new 292 1_1_0d EXIST::FUNCTION:TS +EVP_aes_192_cfb128 293 1_1_0d EXIST::FUNCTION: +CPK_MASTER_SECRET_get_name 294 1_1_0d EXIST::FUNCTION:CPK +d2i_OCSP_SINGLERESP 295 1_1_0d EXIST::FUNCTION:OCSP +BIO_printf 296 1_1_0d EXIST::FUNCTION: +X509_STORE_set_ex_data 297 1_1_0d EXIST::FUNCTION: +EC_POINT_cmp_fppoint 298 1_1_0d EXIST::FUNCTION: +CMS_add0_cert 299 1_1_0d EXIST::FUNCTION:CMS +X509V3_EXT_add_conf 300 1_1_0d EXIST::FUNCTION: +EC_POINTs_mul 301 1_1_0d EXIST::FUNCTION:EC +BN_dup 302 1_1_0d EXIST::FUNCTION: +BIO_get_callback_arg 303 1_1_0d EXIST::FUNCTION: +i2d_PAILLIER_PUBKEY 304 1_1_0d EXIST::FUNCTION:PAILLIER +OPENSSL_INIT_set_config_appname 305 1_1_0d EXIST::FUNCTION:STDIO +TXT_DB_read 306 1_1_0d EXIST::FUNCTION: +d2i_IPAddressOrRange 307 1_1_0d EXIST::FUNCTION:RFC3779 +i2d_IPAddressOrRange 308 1_1_0d EXIST::FUNCTION:RFC3779 +BN_mod_exp_simple 309 1_1_0d EXIST::FUNCTION: +WHIRLPOOL_Update 310 1_1_0d EXIST::FUNCTION:WHIRLPOOL +ENGINE_register_DSA 311 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_CTX_cleanup 312 1_1_0d EXIST::FUNCTION: +AUTHORITY_INFO_ACCESS_new 313 1_1_0d EXIST::FUNCTION: +CONF_get_string 314 1_1_0d EXIST::FUNCTION: +EVP_aes_192_cbc 315 1_1_0d EXIST::FUNCTION: +BN_get_rfc2409_prime_1024 316 1_1_0d EXIST::FUNCTION: +ENGINE_load_builtin_engines 317 1_1_0d EXIST::FUNCTION:ENGINE +DH_meth_get0_app_data 318 1_1_0d EXIST::FUNCTION:DH +SOF_VerifySignedFile 319 1_1_0d EXIST::FUNCTION: +PKCS5_pbe2_set_scrypt 320 1_1_0d EXIST::FUNCTION:SCRYPT +CRYPTO_gcm128_aad 321 1_1_0d EXIST::FUNCTION: +X509_policy_node_get0_parent 322 1_1_0d EXIST::FUNCTION: +X509V3_add1_i2d 323 1_1_0d EXIST::FUNCTION: +BB1IBE_setup 324 1_1_0d EXIST::FUNCTION:BB1IBE +i2a_ASN1_INTEGER 325 1_1_0d EXIST::FUNCTION: +BN_get_rfc2409_prime_768 326 1_1_0d EXIST::FUNCTION: +OCSP_onereq_get0_id 327 1_1_0d EXIST::FUNCTION:OCSP +PEM_read_EC_PUBKEY 328 1_1_0d EXIST::FUNCTION:EC,STDIO +EVP_PKEY_meth_get_decrypt 329 1_1_0d EXIST::FUNCTION: +RSA_up_ref 330 1_1_0d EXIST::FUNCTION:RSA +X509_EXTENSION_create_by_OBJ 331 1_1_0d EXIST::FUNCTION: +ASN1_add_oid_module 332 1_1_0d EXIST::FUNCTION: +CPK_MASTER_SECRET_print 333 1_1_0d EXIST::FUNCTION:CPK +EC_GFp_nistp521_method 334 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +i2d_OTHERNAME 335 1_1_0d EXIST::FUNCTION: +a2d_ASN1_OBJECT 336 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_set_do_cipher 337 1_1_0d EXIST::FUNCTION: +i2d_ASRange 338 1_1_0d EXIST::FUNCTION:RFC3779 +ERR_print_errors 339 1_1_0d EXIST::FUNCTION: +b2i_PrivateKey_bio 340 1_1_0d EXIST::FUNCTION:DSA +PKCS12_unpack_authsafes 341 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_add1_ext_i2d 342 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_SIGNER_INFO_set 343 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_add_ext 344 1_1_0d EXIST::FUNCTION:OCSP +o2i_SCT_LIST 345 1_1_0d EXIST::FUNCTION:CT +ASN1_item_ex_i2d 346 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get0_peerkey 347 1_1_0d EXIST::FUNCTION: +d2i_RSA_OAEP_PARAMS 348 1_1_0d EXIST::FUNCTION:RSA +CRYPTO_ccm128_aad 349 1_1_0d EXIST::FUNCTION: +EVP_aes_128_wrap_pad 350 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_init 351 1_1_0d EXIST::FUNCTION:OCB +ASN1_i2d_bio 352 1_1_0d EXIST::FUNCTION: +PKCS8_add_keyusage 353 1_1_0d EXIST::FUNCTION: +BIO_set_mem_eof_return 354 1_1_0d EXIST::FUNCTION: +X509_get0_tbs_sigalg 355 1_1_0d EXIST::FUNCTION: +BN_MONT_CTX_new 356 1_1_0d EXIST::FUNCTION: +ASN1_UTF8STRING_new 357 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_new 358 1_1_0d EXIST::FUNCTION: +RSA_print_fp 359 1_1_0d EXIST::FUNCTION:RSA,STDIO +CTLOG_new 360 1_1_0d EXIST::FUNCTION:CT +CMS_RecipientInfo_kari_decrypt 361 1_1_0d EXIST::FUNCTION:CMS +CMS_RecipientInfo_encrypt 362 1_1_0d EXIST::FUNCTION:CMS +X509_STORE_get_verify_cb 363 1_1_0d EXIST::FUNCTION: +SKF_ExtECCSign 364 1_1_0d EXIST::FUNCTION:SKF +CMS_unsigned_get_attr_by_NID 365 1_1_0d EXIST::FUNCTION:CMS +ASN1_PCTX_get_flags 366 1_1_0d EXIST::FUNCTION: +PKCS12_newpass 367 1_1_0d EXIST::FUNCTION: +IDEA_encrypt 368 1_1_0d EXIST::FUNCTION:IDEA +PKCS12_it 369 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_it 369 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS12_add_friendlyname_uni 370 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_create_crl 371 1_1_0d EXIST::FUNCTION: +d2i_PKCS7 372 1_1_0d EXIST::FUNCTION: +d2i_X509_VAL 373 1_1_0d EXIST::FUNCTION: +OPENSSL_atexit 374 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_delete 375 1_1_0d EXIST::FUNCTION: +OPENSSL_add_all_algorithms_noconf 376 1_1_0d EXIST::FUNCTION: +PKCS7_get_smimecap 377 1_1_0d EXIST::FUNCTION: +i2d_SM2CiphertextValue 378 1_1_0d EXIST::FUNCTION:SM2 +GENERAL_NAMES_new 379 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKI_new 380 1_1_0d EXIST::FUNCTION: +SAF_GenerateAgreementDataAdnKeyWithECC 381 1_1_0d EXIST::FUNCTION: +RSA_meth_set_priv_dec 382 1_1_0d EXIST::FUNCTION:RSA +SOF_SetSignMethod 383 1_1_0d EXIST::FUNCTION: +X509_STORE_set_cleanup 384 1_1_0d EXIST::FUNCTION: +CRYPTO_get_mem_functions 385 1_1_0d EXIST::FUNCTION: +X509_REQ_digest 386 1_1_0d EXIST::FUNCTION: +BN_lshift1 387 1_1_0d EXIST::FUNCTION: +X509at_add1_attr_by_OBJ 388 1_1_0d EXIST::FUNCTION: +BFMasterSecret_it 389 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BFIBE +BFMasterSecret_it 389 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BFIBE +sm3 390 1_1_0d EXIST::FUNCTION:SM3 +BFIBE_do_encrypt 391 1_1_0d EXIST::FUNCTION:BFIBE +TS_TST_INFO_set_msg_imprint 392 1_1_0d EXIST::FUNCTION:TS +TS_REQ_get_ext_by_critical 393 1_1_0d EXIST::FUNCTION:TS +SXNET_get_id_ulong 394 1_1_0d EXIST::FUNCTION: +EVP_aes_128_ecb 395 1_1_0d EXIST::FUNCTION: +BIO_new_CMS 396 1_1_0d EXIST::FUNCTION:CMS +CTLOG_STORE_get0_log_by_id 397 1_1_0d EXIST::FUNCTION:CT +SM2CiphertextValue_it 398 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM2 +SM2CiphertextValue_it 398 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM2 +TS_REQ_get_exts 399 1_1_0d EXIST::FUNCTION:TS +BN_get_params 400 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 +AES_cfb1_encrypt 401 1_1_0d EXIST::FUNCTION: +speck_set_decrypt_key64 402 1_1_0d EXIST::FUNCTION:SPECK +TS_TST_INFO_get_exts 403 1_1_0d EXIST::FUNCTION:TS +CMAC_Update 404 1_1_0d EXIST::FUNCTION:CMAC +OCSP_CRLID_new 405 1_1_0d EXIST::FUNCTION:OCSP +BN_GF2m_mod_sqrt_arr 406 1_1_0d EXIST::FUNCTION:EC2M +X509_STORE_get_check_policy 407 1_1_0d EXIST::FUNCTION: +SKF_DigestInit 408 1_1_0d EXIST::FUNCTION:SKF +BIO_s_socket 409 1_1_0d EXIST::FUNCTION:SOCK +PKCS7_dataInit 410 1_1_0d EXIST::FUNCTION: +X509_load_cert_crl_file 411 1_1_0d EXIST::FUNCTION: +SKF_ExtRSAPriKeyOperation 412 1_1_0d EXIST::FUNCTION:SKF +EVP_PKEY_free 413 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_input_blocksize 414 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_set1_data 415 1_1_0d EXIST::FUNCTION: +BIO_closesocket 416 1_1_0d EXIST::FUNCTION:SOCK +BN_GFP2_add 417 1_1_0d EXIST::FUNCTION: +DES_is_weak_key 418 1_1_0d EXIST::FUNCTION:DES +BN_to_montgomery 419 1_1_0d EXIST::FUNCTION: +EVP_aes_128_cfb128 420 1_1_0d EXIST::FUNCTION: +PBKDF2PARAM_it 421 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBKDF2PARAM_it 421 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +speck_set_decrypt_key16 422 1_1_0d EXIST::FUNCTION:SPECK +SKF_LockDev 423 1_1_0d EXIST::FUNCTION:SKF +SM9_encrypt_with_recommended_ex 424 1_1_0d EXIST::FUNCTION:SM9 +X509_issuer_name_cmp 425 1_1_0d EXIST::FUNCTION: +CRYPTO_mem_debug_push 426 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +DSA_security_bits 427 1_1_0d EXIST::FUNCTION:DSA +EC_KEY_set_ECCPRIVATEKEYBLOB 428 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EVP_whirlpool 429 1_1_0d EXIST::FUNCTION:WHIRLPOOL +SAF_RsaSignFile 430 1_1_0d EXIST::FUNCTION: +SDF_GetPrivateKeyAccessRight 431 1_1_0d EXIST::FUNCTION: +d2i_PaillierPublicKey 432 1_1_0d EXIST::FUNCTION:PAILLIER +EC_GROUP_clear_free 433 1_1_0d EXIST::FUNCTION:EC +EVP_get_default_digest 434 1_1_0d EXIST::FUNCTION: +CPK_MAP_new_default 435 1_1_0d EXIST::FUNCTION:CPK +SAF_GetErrorString 436 1_1_0d EXIST::FUNCTION:SAF +sms4_set_encrypt_key 437 1_1_0d EXIST::FUNCTION:SMS4 +ERR_load_SOF_strings 438 1_1_0d EXIST::FUNCTION:SOF +d2i_CMS_bio 439 1_1_0d EXIST::FUNCTION:CMS +ASN1_OBJECT_free 440 1_1_0d EXIST::FUNCTION: +Camellia_cfb1_encrypt 441 1_1_0d EXIST::FUNCTION:CAMELLIA +EVP_sms4_wrap 442 1_1_0d EXIST::FUNCTION:SMS4 +SKF_EncryptFinal 443 1_1_0d EXIST::FUNCTION:SKF +PEM_read_PKCS8_PRIV_KEY_INFO 444 1_1_0d EXIST::FUNCTION:STDIO +BIO_get_retry_BIO 445 1_1_0d EXIST::FUNCTION: +EC_POINT_is_at_infinity 446 1_1_0d EXIST::FUNCTION:EC +BN_mod_sqrt 447 1_1_0d EXIST::FUNCTION: +i2d_X509_NAME_ENTRY 448 1_1_0d EXIST::FUNCTION: +OPENSSL_cleanup 449 1_1_0d EXIST::FUNCTION: +X509_check_email 450 1_1_0d EXIST::FUNCTION: +SRP_VBASE_init 451 1_1_0d EXIST::FUNCTION:SRP +SRP_Calc_B 452 1_1_0d EXIST::FUNCTION:SRP +SAF_GetRsaPublicKey 453 1_1_0d EXIST::FUNCTION: +DES_ofb64_encrypt 454 1_1_0d EXIST::FUNCTION:DES +ASN1_GENERALIZEDTIME_new 455 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_msg_imprint 456 1_1_0d EXIST::FUNCTION:TS +X509_add1_ext_i2d 457 1_1_0d EXIST::FUNCTION: +X509_EXTENSION_set_critical 458 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_get_time 459 1_1_0d EXIST::FUNCTION: +EVP_rc2_cbc 460 1_1_0d EXIST::FUNCTION:RC2 +EVP_MD_meth_get_app_datasize 461 1_1_0d EXIST::FUNCTION: +sm3_hmac_init 462 1_1_0d EXIST::FUNCTION:SM3 +X509_CRL_get_ext_count 463 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_set_encrypt 464 1_1_0d EXIST::FUNCTION:SM2 +TS_VERIFY_CTX_set_store 465 1_1_0d EXIST::FUNCTION:TS +i2d_CRL_DIST_POINTS 466 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_get_auth_level 467 1_1_0d EXIST::FUNCTION: +i2s_ASN1_OCTET_STRING 468 1_1_0d EXIST::FUNCTION: +BN_GFP2_sub 469 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_new 470 1_1_0d EXIST::FUNCTION: +EVP_sms4_ocb 471 1_1_0d EXIST::FUNCTION:SMS4 +ENGINE_register_all_ciphers 472 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_get_check_crl 473 1_1_0d EXIST::FUNCTION: +BN_mod_sub 474 1_1_0d EXIST::FUNCTION: +SM9PrivateKey_get_gmtls_public_key 475 1_1_0d EXIST::FUNCTION:SM9 +X509_STORE_set_verify_cb 476 1_1_0d EXIST::FUNCTION: +ASYNC_unblock_pause 477 1_1_0d EXIST::FUNCTION: +TS_ACCURACY_set_seconds 478 1_1_0d EXIST::FUNCTION:TS +EC_POINT_hash2point 479 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_node_usage_stats 480 1_1_0d EXIST::FUNCTION:STDIO +SAF_GetCertFromLdap 481 1_1_0d EXIST::FUNCTION: +PEM_write_bio_ECPKParameters 482 1_1_0d EXIST::FUNCTION:EC +DSO_bind_func 483 1_1_0d EXIST::FUNCTION: +PEM_X509_INFO_read_bio 484 1_1_0d EXIST::FUNCTION: +BN_kronecker 485 1_1_0d EXIST::FUNCTION: +DH_compute_key_padded 486 1_1_0d EXIST::FUNCTION:DH +X509at_get_attr 487 1_1_0d EXIST::FUNCTION: +DSA_meth_dup 488 1_1_0d EXIST::FUNCTION:DSA +SCT_set0_log_id 489 1_1_0d EXIST::FUNCTION:CT +DHparams_dup 490 1_1_0d EXIST::FUNCTION:DH +TS_X509_ALGOR_print_bio 491 1_1_0d EXIST::FUNCTION:TS +BIO_set_mem_buf 492 1_1_0d EXIST::FUNCTION: +d2i_TS_RESP_bio 493 1_1_0d EXIST::FUNCTION:TS +PEM_write_bio_PUBKEY 494 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_new 495 1_1_0d EXIST::FUNCTION:OCSP +PEM_read_bio_DHparams 496 1_1_0d EXIST::FUNCTION:DH +i2s_ASN1_IA5STRING 497 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_move_peername 498 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get1_DH 499 1_1_0d EXIST::FUNCTION:DH +SCT_set_version 500 1_1_0d EXIST::FUNCTION:CT +PKCS7_content_new 501 1_1_0d EXIST::FUNCTION: +CONF_imodule_get_name 502 1_1_0d EXIST::FUNCTION: +BF_options 503 1_1_0d EXIST::FUNCTION:BF +CONF_imodule_get_value 504 1_1_0d EXIST::FUNCTION: +X509_NAME_hash 505 1_1_0d EXIST::FUNCTION: +SHA256_Update 506 1_1_0d EXIST::FUNCTION: +BN_dec2bn 507 1_1_0d EXIST::FUNCTION: +CMS_EncryptedData_decrypt 508 1_1_0d EXIST::FUNCTION:CMS +i2d_PKCS12_BAGS 509 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_verify 510 1_1_0d EXIST::FUNCTION: +EVP_aes_192_cfb1 511 1_1_0d EXIST::FUNCTION: +X509_OBJECT_retrieve_by_subject 512 1_1_0d EXIST::FUNCTION: +ASN1_FBOOLEAN_it 513 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_FBOOLEAN_it 513 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_ATTRIBUTE_it 514 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ATTRIBUTE_it 514 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +RIPEMD160_Update 515 1_1_0d EXIST::FUNCTION:RMD160 +RSA_check_key_ex 516 1_1_0d EXIST::FUNCTION:RSA +X509_get1_ocsp 517 1_1_0d EXIST::FUNCTION: +ASN1_digest 518 1_1_0d EXIST::FUNCTION: +RSA_X931_derive_ex 519 1_1_0d EXIST::FUNCTION:RSA +ASN1_STRING_type_new 520 1_1_0d EXIST::FUNCTION: +BIO_s_null 521 1_1_0d EXIST::FUNCTION: +PEM_write_X509_REQ_NEW 522 1_1_0d EXIST::FUNCTION:STDIO +PKCS7_add_recipient_info 523 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_ctrl 524 1_1_0d EXIST::FUNCTION: +X509_REQ_print_ex 525 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kari_get0_ctx 526 1_1_0d EXIST::FUNCTION:CMS +d2i_ECCCIPHERBLOB_fp 527 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,STDIO +X509_STORE_CTX_get_obj_by_subject 528 1_1_0d EXIST::FUNCTION: +d2i_CERTIFICATEPOLICIES 529 1_1_0d EXIST::FUNCTION: +BIO_ADDR_family 530 1_1_0d EXIST::FUNCTION:SOCK +PKCS8_PRIV_KEY_INFO_it 531 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS8_PRIV_KEY_INFO_it 531 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BIO_meth_new 532 1_1_0d EXIST::FUNCTION: +X509_REQ_free 533 1_1_0d EXIST::FUNCTION: +SAF_GenRandom 534 1_1_0d EXIST::FUNCTION: +SM9_encrypt_with_recommended 535 1_1_0d EXIST::FUNCTION:SM9 +X509_ATTRIBUTE_dup 536 1_1_0d EXIST::FUNCTION: +BN_usub 537 1_1_0d EXIST::FUNCTION: +FFX_encrypt 538 1_1_0d EXIST::FUNCTION: +BN_to_ASN1_INTEGER 539 1_1_0d EXIST::FUNCTION: +ENGINE_set_default 540 1_1_0d EXIST::FUNCTION:ENGINE +OBJ_txt2obj 541 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKI_set_pubkey 542 1_1_0d EXIST::FUNCTION: +CMS_signed_add1_attr_by_OBJ 543 1_1_0d EXIST::FUNCTION:CMS +X509_VERIFY_PARAM_get0 544 1_1_0d EXIST::FUNCTION: +EC_KEY_print 545 1_1_0d EXIST::FUNCTION:EC +SKF_LoadLibrary 546 1_1_0d EXIST::FUNCTION:SKF +DIST_POINT_NAME_free 547 1_1_0d EXIST::FUNCTION: +i2d_PKCS8PrivateKeyInfo_bio 548 1_1_0d EXIST::FUNCTION: +X509_STORE_set1_param 549 1_1_0d EXIST::FUNCTION: +CRYPTO_mem_debug_free 550 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +X509_CRL_set_meth_data 551 1_1_0d EXIST::FUNCTION: +PBKDF2PARAM_new 552 1_1_0d EXIST::FUNCTION: +X509_get_ext_by_OBJ 553 1_1_0d EXIST::FUNCTION: +CRYPTO_ccm128_encrypt 554 1_1_0d EXIST::FUNCTION: +X509_policy_check 555 1_1_0d EXIST::FUNCTION: +CRYPTO_ccm128_setiv 556 1_1_0d EXIST::FUNCTION: +USERNOTICE_free 557 1_1_0d EXIST::FUNCTION: +BIO_ADDR_rawport 558 1_1_0d EXIST::FUNCTION:SOCK +RAND_screen 559 1_1_0d EXIST:_WIN32:FUNCTION:DEPRECATEDIN_1_1_0 +X509_CRL_METHOD_free 560 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_new 561 1_1_0d EXIST::FUNCTION: +BIO_s_file 562 1_1_0d EXIST::FUNCTION: +SCT_set0_extensions 563 1_1_0d EXIST::FUNCTION:CT +SKF_GetPINInfo 564 1_1_0d EXIST::FUNCTION:SKF +ASN1_OBJECT_new 565 1_1_0d EXIST::FUNCTION: +ASN1_item_d2i 566 1_1_0d EXIST::FUNCTION: +speck_decrypt16 567 1_1_0d EXIST::FUNCTION:SPECK +BN_mod_lshift1_quick 568 1_1_0d EXIST::FUNCTION: +TS_STATUS_INFO_free 569 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_CTX_free 570 1_1_0d EXIST::FUNCTION: +OCSP_CERTSTATUS_new 571 1_1_0d EXIST::FUNCTION:OCSP +PEM_get_EVP_CIPHER_INFO 572 1_1_0d EXIST::FUNCTION: +ASN1_TIME_adj 573 1_1_0d EXIST::FUNCTION: +SHA224_Update 574 1_1_0d EXIST::FUNCTION: +SOF_InitCertAppPolicy 575 1_1_0d EXIST::FUNCTION: +SRP_Verify_A_mod_N 576 1_1_0d EXIST::FUNCTION:SRP +X509_CRL_dup 577 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_delete_ext 578 1_1_0d EXIST::FUNCTION:OCSP +i2d_ASIdOrRange 579 1_1_0d EXIST::FUNCTION:RFC3779 +Camellia_ecb_encrypt 580 1_1_0d EXIST::FUNCTION:CAMELLIA +X509_trust_clear 581 1_1_0d EXIST::FUNCTION: +EVP_BytesToKey 582 1_1_0d EXIST::FUNCTION: +d2i_CRL_DIST_POINTS 583 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get0_serialNumber 584 1_1_0d EXIST::FUNCTION: +BIO_int_ctrl 585 1_1_0d EXIST::FUNCTION: +ECIES_decrypt 586 1_1_0d EXIST::FUNCTION:ECIES +X509_STORE_CTX_set_error 587 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_ip_asc 588 1_1_0d EXIST::FUNCTION: +i2o_SM2CiphertextValue 589 1_1_0d EXIST::FUNCTION:SM2 +CTLOG_get0_name 590 1_1_0d EXIST::FUNCTION:CT +EC_KEY_METHOD_get_verify 591 1_1_0d EXIST::FUNCTION:EC +BIO_asn1_set_prefix 592 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_ktri_get0_signer_id 593 1_1_0d EXIST::FUNCTION:CMS +EVP_enc_null 594 1_1_0d EXIST::FUNCTION: +X509_get_proxy_pathlen 595 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_ciphertext_length 596 1_1_0d EXIST::FUNCTION:ECIES +OBJ_find_sigid_by_algs 597 1_1_0d EXIST::FUNCTION: +EVP_aes_128_ofb 598 1_1_0d EXIST::FUNCTION: +BIO_number_written 599 1_1_0d EXIST::FUNCTION: +SHA384_Init 600 1_1_0d EXIST:!VMSVAX:FUNCTION: +i2d_PrivateKey_bio 601 1_1_0d EXIST::FUNCTION: +EVP_PKEY_assign 602 1_1_0d EXIST::FUNCTION: +BN_sub 603 1_1_0d EXIST::FUNCTION: +RAND_query_egd_bytes 604 1_1_0d EXIST::FUNCTION:EGD +CRYPTO_memcmp 605 1_1_0d EXIST::FUNCTION: +X509_PKEY_new 606 1_1_0d EXIST::FUNCTION: +TS_CONF_set_ess_cert_id_chain 607 1_1_0d EXIST::FUNCTION:TS +d2i_PBKDF2PARAM 608 1_1_0d EXIST::FUNCTION: +BFPrivateKeyBlock_new 609 1_1_0d EXIST::FUNCTION:BFIBE +TLS_FEATURE_new 610 1_1_0d EXIST::FUNCTION: +OCSP_basic_add1_nonce 611 1_1_0d EXIST::FUNCTION:OCSP +ENGINE_set_default_RSA 612 1_1_0d EXIST::FUNCTION:ENGINE +sm3_update 613 1_1_0d EXIST::FUNCTION:SM3 +RSA_PSS_PARAMS_new 614 1_1_0d EXIST::FUNCTION:RSA +ENGINE_set_load_ssl_client_cert_function 615 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_get_attr_by_NID 616 1_1_0d EXIST::FUNCTION: +d2i_SM9Ciphertext 617 1_1_0d EXIST::FUNCTION:SM9 +EC_KEY_METHOD_free 618 1_1_0d EXIST::FUNCTION:EC +SKF_GetDevState 619 1_1_0d EXIST::FUNCTION:SKF +EVP_read_pw_string 620 1_1_0d EXIST::FUNCTION:UI +PKCS7_SIGNER_INFO_get0_algs 621 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_is_sorted 622 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_get0_type 623 1_1_0d EXIST::FUNCTION: +EVP_sms4_ofb 624 1_1_0d EXIST::FUNCTION:SMS4 +PKCS5_pbe2_set_iv 625 1_1_0d EXIST::FUNCTION: +SAF_Base64_EncodeUpdate 626 1_1_0d EXIST::FUNCTION: +i2d_PrivateKey 627 1_1_0d EXIST::FUNCTION: +d2i_IPAddressRange 628 1_1_0d EXIST::FUNCTION:RFC3779 +ENGINE_get_load_pubkey_function 629 1_1_0d EXIST::FUNCTION:ENGINE +X509V3_string_free 630 1_1_0d EXIST::FUNCTION: +speck_encrypt32 631 1_1_0d EXIST::FUNCTION:SPECK +ASN1_UTCTIME_check 632 1_1_0d EXIST::FUNCTION: +EC_GROUP_precompute_mult 633 1_1_0d EXIST::FUNCTION:EC +CMS_ContentInfo_print_ctx 634 1_1_0d EXIST::FUNCTION:CMS +d2i_CPK_PUBLIC_PARAMS_bio 635 1_1_0d EXIST::FUNCTION:CPK +BN_mod_mul 636 1_1_0d EXIST::FUNCTION: +POLICY_MAPPING_new 637 1_1_0d EXIST::FUNCTION: +NAME_CONSTRAINTS_check_CN 638 1_1_0d EXIST::FUNCTION: +NCONF_get_section 639 1_1_0d EXIST::FUNCTION: +SRP_Calc_server_key 640 1_1_0d EXIST::FUNCTION:SRP +a2i_ASN1_INTEGER 641 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_iv_length 642 1_1_0d EXIST::FUNCTION: +PEM_read_RSAPublicKey 643 1_1_0d EXIST::FUNCTION:RSA,STDIO +CRYPTO_new_ex_data 644 1_1_0d EXIST::FUNCTION: +NAME_CONSTRAINTS_new 645 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_get_count 646 1_1_0d EXIST::FUNCTION: +SM2_KAP_CTX_cleanup 647 1_1_0d EXIST::FUNCTION:SM2 +ASN1_item_ex_d2i 648 1_1_0d EXIST::FUNCTION: +PKCS7_ENC_CONTENT_new 649 1_1_0d EXIST::FUNCTION: +POLICYQUALINFO_it 650 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICYQUALINFO_it 650 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509v3_addr_add_prefix 651 1_1_0d EXIST::FUNCTION:RFC3779 +RSA_padding_add_SSLv23 652 1_1_0d EXIST::FUNCTION:RSA +X509_trusted 653 1_1_0d EXIST::FUNCTION: +EVP_des_ede_ofb 654 1_1_0d EXIST::FUNCTION:DES +EC_GROUP_new_by_curve_name 655 1_1_0d EXIST::FUNCTION:EC +SDF_PrintRSAPublicKey 656 1_1_0d EXIST::FUNCTION:SDF +SMIME_write_PKCS7 657 1_1_0d EXIST::FUNCTION: +BIO_dgram_non_fatal_error 658 1_1_0d EXIST::FUNCTION:DGRAM +i2t_ASN1_OBJECT 659 1_1_0d EXIST::FUNCTION: +EC_GROUP_copy 660 1_1_0d EXIST::FUNCTION:EC +BIO_f_nbio_test 661 1_1_0d EXIST::FUNCTION: +BN_nnmod 662 1_1_0d EXIST::FUNCTION: +ASYNC_init_thread 663 1_1_0d EXIST::FUNCTION: +OCSP_cert_status_str 664 1_1_0d EXIST::FUNCTION:OCSP +EVP_rc2_40_cbc 665 1_1_0d EXIST::FUNCTION:RC2 +BFCiphertextBlock_free 666 1_1_0d EXIST::FUNCTION:BFIBE +TS_TST_INFO_get_nonce 667 1_1_0d EXIST::FUNCTION:TS +PKCS12_SAFEBAG_get0_type 668 1_1_0d EXIST::FUNCTION: +ECIES_PARAMS_init_with_recommended 669 1_1_0d EXIST::FUNCTION:ECIES +ASN1_NULL_it 670 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_NULL_it 670 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_PKCS7_SIGNER_INFO 671 1_1_0d EXIST::FUNCTION: +OBJ_nid2obj 672 1_1_0d EXIST::FUNCTION: +X509_REQ_get_extension_nids 673 1_1_0d EXIST::FUNCTION: +SOF_DecryptFile 674 1_1_0d EXIST::FUNCTION: +EVP_cast5_ecb 675 1_1_0d EXIST::FUNCTION:CAST +SRP_Calc_A 676 1_1_0d EXIST::FUNCTION:SRP +EVP_desx_cbc 677 1_1_0d EXIST::FUNCTION:DES +X509_STORE_CTX_purpose_inherit 678 1_1_0d EXIST::FUNCTION: +BN_BLINDING_unlock 679 1_1_0d EXIST::FUNCTION: +EC_GROUP_set_asn1_flag 680 1_1_0d EXIST::FUNCTION:EC +PKCS7_set_signed_attributes 681 1_1_0d EXIST::FUNCTION: +d2i_ESS_SIGNING_CERT 682 1_1_0d EXIST::FUNCTION:TS +DSA_meth_free 683 1_1_0d EXIST::FUNCTION:DSA +EC_KEY_set_public_key_affine_coordinates 684 1_1_0d EXIST::FUNCTION:EC +UI_add_info_string 685 1_1_0d EXIST::FUNCTION:UI +ASN1_PRINTABLESTRING_free 686 1_1_0d EXIST::FUNCTION: +PEM_write_bio_DSA_PUBKEY 687 1_1_0d EXIST::FUNCTION:DSA +EVP_MD_CTX_md 688 1_1_0d EXIST::FUNCTION: +X509_chain_up_ref 689 1_1_0d EXIST::FUNCTION: +SKF_CreateFile 690 1_1_0d EXIST::FUNCTION:SKF +BIO_meth_set_callback_ctrl 691 1_1_0d EXIST::FUNCTION: +EC_KEY_set_conv_form 692 1_1_0d EXIST::FUNCTION:EC +BIO_new_dgram_sctp 693 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +SHA512_Init 694 1_1_0d EXIST:!VMSVAX:FUNCTION: +CPK_MASTER_SECRET_free 695 1_1_0d EXIST::FUNCTION:CPK +RSA_meth_get_pub_enc 696 1_1_0d EXIST::FUNCTION:RSA +BN_get_word 697 1_1_0d EXIST::FUNCTION: +SDF_CloseDevice 698 1_1_0d EXIST::FUNCTION: +EVP_aes_192_ofb 699 1_1_0d EXIST::FUNCTION: +SDF_OpenDevice 700 1_1_0d EXIST::FUNCTION: +EC_KEY_set_private_key 701 1_1_0d EXIST::FUNCTION:EC +i2d_DIST_POINT 702 1_1_0d EXIST::FUNCTION: +RSA_X931_generate_key_ex 703 1_1_0d EXIST::FUNCTION:RSA +SKF_CreateContainer 704 1_1_0d EXIST::FUNCTION:SKF +EVP_CipherInit_ex 705 1_1_0d EXIST::FUNCTION: +BIO_new_mem_buf 706 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_get_ctrl 707 1_1_0d EXIST::FUNCTION: +PEM_write_bio_X509_AUX 708 1_1_0d EXIST::FUNCTION: +CRL_DIST_POINTS_free 709 1_1_0d EXIST::FUNCTION: +IPAddressChoice_it 710 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressChoice_it 710 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +BIO_meth_set_destroy 711 1_1_0d EXIST::FUNCTION: +IDEA_options 712 1_1_0d EXIST::FUNCTION:IDEA +POLICYQUALINFO_free 713 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_free 714 1_1_0d EXIST::FUNCTION: +CERTIFICATEPOLICIES_it 715 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CERTIFICATEPOLICIES_it 715 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BN_get0_nist_prime_384 716 1_1_0d EXIST::FUNCTION: +TXT_DB_insert 717 1_1_0d EXIST::FUNCTION: +BIO_new_socket 718 1_1_0d EXIST::FUNCTION:SOCK +CPK_MAP_is_valid 719 1_1_0d EXIST::FUNCTION:CPK +OCSP_RESPONSE_new 720 1_1_0d EXIST::FUNCTION:OCSP +d2i_DSAPublicKey 721 1_1_0d EXIST::FUNCTION:DSA +DSA_verify 722 1_1_0d EXIST::FUNCTION:DSA +X509_NAME_cmp 723 1_1_0d EXIST::FUNCTION: +PKCS12_pack_p7data 724 1_1_0d EXIST::FUNCTION: +ECDSA_SIG_get_ECCSIGNATUREBLOB 725 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EC_KEY_get0_public_key 726 1_1_0d EXIST::FUNCTION:EC +ECDSA_SIG_free 727 1_1_0d EXIST::FUNCTION:EC +OCSP_SINGLERESP_get_ext 728 1_1_0d EXIST::FUNCTION:OCSP +OCSP_REQ_CTX_http 729 1_1_0d EXIST::FUNCTION:OCSP +EVP_camellia_128_cbc 730 1_1_0d EXIST::FUNCTION:CAMELLIA +HKDF_Expand 731 1_1_0d EXIST::FUNCTION: +i2d_ACCESS_DESCRIPTION 732 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKI_it 733 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_SPKI_it 733 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +RSA_set0_crt_params 734 1_1_0d EXIST::FUNCTION:RSA +RSA_get_RSAPRIVATEKEYBLOB 735 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +SAF_SymmDecryptFinal 736 1_1_0d EXIST::FUNCTION: +PKCS7_ctrl 737 1_1_0d EXIST::FUNCTION: +SOF_CreateTimeStampResponse 738 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get_cleanup 739 1_1_0d EXIST::FUNCTION: +X509_STORE_get0_objects 740 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ec_encrypt_param 741 1_1_0d EXIST::FUNCTION:SM2 +NETSCAPE_SPKI_sign 742 1_1_0d EXIST::FUNCTION: +TS_REQ_print_bio 743 1_1_0d EXIST::FUNCTION:TS +SAF_SM2_DecodeSignedAndEnvelopedData 744 1_1_0d EXIST::FUNCTION: +X509_CRL_check_suiteb 745 1_1_0d EXIST::FUNCTION: +CRYPTO_secure_allocated 746 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_serial_cb 747 1_1_0d EXIST::FUNCTION:TS +ENGINE_set_init_function 748 1_1_0d EXIST::FUNCTION:ENGINE +SAF_Login 749 1_1_0d EXIST::FUNCTION: +X509_REVOKED_add_ext 750 1_1_0d EXIST::FUNCTION: +OBJ_NAME_get 751 1_1_0d EXIST::FUNCTION: +ASN1_STRING_set_default_mask_asc 752 1_1_0d EXIST::FUNCTION: +X509_REVOKED_delete_ext 753 1_1_0d EXIST::FUNCTION: +i2d_BFCiphertextBlock 754 1_1_0d EXIST::FUNCTION:BFIBE +BN_copy 755 1_1_0d EXIST::FUNCTION: +CMS_SignerInfo_get0_pkey_ctx 756 1_1_0d EXIST::FUNCTION:CMS +ASN1_GENERALIZEDTIME_print 757 1_1_0d EXIST::FUNCTION: +X509_STORE_set_verify 758 1_1_0d EXIST::FUNCTION: +PEM_ASN1_write 759 1_1_0d EXIST::FUNCTION:STDIO +EVP_MD_meth_get_result_size 760 1_1_0d EXIST::FUNCTION: +i2d_X509_REQ_INFO 761 1_1_0d EXIST::FUNCTION: +PEM_read_bio_PKCS7 762 1_1_0d EXIST::FUNCTION: +BN_set_negative 763 1_1_0d EXIST::FUNCTION: +X509_check_ca 764 1_1_0d EXIST::FUNCTION: +SOF_DecryptData 765 1_1_0d EXIST::FUNCTION: +TS_RESP_print_bio 766 1_1_0d EXIST::FUNCTION:TS +PEM_write_X509 767 1_1_0d EXIST::FUNCTION:STDIO +X509_STORE_CTX_set0_crls 768 1_1_0d EXIST::FUNCTION: +PROXY_POLICY_it 769 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PROXY_POLICY_it 769 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SOF_GetCertTrustListAltNames 770 1_1_0d EXIST::FUNCTION: +RSA_padding_add_PKCS1_OAEP_mgf1 771 1_1_0d EXIST::FUNCTION:RSA +CRYPTO_ocb128_finish 772 1_1_0d EXIST::FUNCTION:OCB +d2i_ASN1_OCTET_STRING 773 1_1_0d EXIST::FUNCTION: +X509_check_host 774 1_1_0d EXIST::FUNCTION: +CRYPTO_secure_used 775 1_1_0d EXIST::FUNCTION: +NCONF_load 776 1_1_0d EXIST::FUNCTION: +EVP_PKEY_set1_RSA 777 1_1_0d EXIST::FUNCTION:RSA +i2d_SM9PublicParameters 778 1_1_0d EXIST::FUNCTION:SM9 +EVP_PBE_CipherInit 779 1_1_0d EXIST::FUNCTION: +NETSCAPE_CERT_SEQUENCE_free 780 1_1_0d EXIST::FUNCTION: +i2d_PKCS8_PRIV_KEY_INFO 781 1_1_0d EXIST::FUNCTION: +GENERAL_NAME_get0_otherName 782 1_1_0d EXIST::FUNCTION: +RSA_meth_set_flags 783 1_1_0d EXIST::FUNCTION:RSA +d2i_ASN1_TIME 784 1_1_0d EXIST::FUNCTION: +PEM_write_bio_Parameters 785 1_1_0d EXIST::FUNCTION: +DIRECTORYSTRING_new 786 1_1_0d EXIST::FUNCTION: +X509V3_get_string 787 1_1_0d EXIST::FUNCTION: +BIO_meth_set_ctrl 788 1_1_0d EXIST::FUNCTION: +SAF_SymmEncryptUpdate 789 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_verify 790 1_1_0d EXIST::FUNCTION: +SAF_GetCaCertificate 791 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_by_critical 792 1_1_0d EXIST::FUNCTION:OCSP +BIO_dump_cb 793 1_1_0d EXIST::FUNCTION: +SDF_Encrypt 794 1_1_0d EXIST::FUNCTION: +TS_RESP_get_tst_info 795 1_1_0d EXIST::FUNCTION:TS +ERR_load_CMS_strings 796 1_1_0d EXIST::FUNCTION:CMS +X509_policy_tree_level_count 797 1_1_0d EXIST::FUNCTION: +SDF_ImportKeyWithISK_ECC 798 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_ecparameters 799 1_1_0d EXIST::FUNCTION:EC +EC_GROUP_new_from_ecpkparameters 800 1_1_0d EXIST::FUNCTION:EC +CMS_get0_type 801 1_1_0d EXIST::FUNCTION:CMS +SKF_ExportPublicKey 802 1_1_0d EXIST::FUNCTION:SKF +RC2_decrypt 803 1_1_0d EXIST::FUNCTION:RC2 +d2i_TS_STATUS_INFO 804 1_1_0d EXIST::FUNCTION:TS +X509v3_get_ext_by_NID 805 1_1_0d EXIST::FUNCTION: +ECDSA_do_verify 806 1_1_0d EXIST::FUNCTION:EC +PBE2PARAM_new 807 1_1_0d EXIST::FUNCTION: +X509v3_addr_validate_path 808 1_1_0d EXIST::FUNCTION:RFC3779 +ENGINE_unregister_pkey_meths 809 1_1_0d EXIST::FUNCTION:ENGINE +ENGINE_get_destroy_function 810 1_1_0d EXIST::FUNCTION:ENGINE +EVP_SignInit_ex 811 1_1_0d EXIST::FUNCTION: +SAF_ImportEncedKey 812 1_1_0d EXIST::FUNCTION: +ERR_load_PEM_strings 813 1_1_0d EXIST::FUNCTION: +i2d_PKCS12_SAFEBAG 814 1_1_0d EXIST::FUNCTION: +EXTENDED_KEY_USAGE_it 815 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +EXTENDED_KEY_USAGE_it 815 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_GENERALIZEDTIME_free 816 1_1_0d EXIST::FUNCTION: +NCONF_get_string 817 1_1_0d EXIST::FUNCTION: +PROXY_POLICY_free 818 1_1_0d EXIST::FUNCTION: +BN_print_fp 819 1_1_0d EXIST::FUNCTION:STDIO +RSA_meth_get_flags 820 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_free 821 1_1_0d EXIST::FUNCTION:EC +ECIES_CIPHERTEXT_VALUE_set_ECCCipher 822 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SDF +BN_reciprocal 823 1_1_0d EXIST::FUNCTION: +X509_REQ_sign_ctx 824 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_get_cipher_data 825 1_1_0d EXIST::FUNCTION: +EVP_camellia_192_ofb 826 1_1_0d EXIST::FUNCTION:CAMELLIA +EVP_PKEY_meth_set_derive 827 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get_default_digest_nid 828 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_init 829 1_1_0d EXIST::FUNCTION: +X509_OBJECT_up_ref_count 830 1_1_0d EXIST::FUNCTION: +NCONF_get_number_e 831 1_1_0d EXIST::FUNCTION: +ENGINE_unregister_RAND 832 1_1_0d EXIST::FUNCTION:ENGINE +NETSCAPE_CERT_SEQUENCE_it 833 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_CERT_SEQUENCE_it 833 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OBJ_sn2nid 834 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get0_revocationDate 835 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_DecodeEnvelopedData 836 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKAC_it 837 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_SPKAC_it 837 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_SINGLERESP_get_ext_by_NID 838 1_1_0d EXIST::FUNCTION:OCSP +X509_VERIFY_PARAM_get_depth 839 1_1_0d EXIST::FUNCTION: +ASN1_TIME_it 840 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_TIME_it 840 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +a2i_IPADDRESS 841 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_get_ext_count 842 1_1_0d EXIST::FUNCTION:OCSP +BB1IBE_extract_private_key 843 1_1_0d EXIST::FUNCTION:BB1IBE +X509_CRL_get_ext_by_NID 844 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_get_cert_flags 845 1_1_0d EXIST::FUNCTION: +EVP_rc2_ofb 846 1_1_0d EXIST::FUNCTION:RC2 +X509v3_addr_add_range 847 1_1_0d EXIST::FUNCTION:RFC3779 +ASN1_SEQUENCE_it 848 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SEQUENCE_it 848 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BIO_new_bio_pair 849 1_1_0d EXIST::FUNCTION: +X509_REVOKED_add1_ext_i2d 850 1_1_0d EXIST::FUNCTION: +PAILLIER_new 851 1_1_0d EXIST::FUNCTION:PAILLIER +d2i_SM9PublicParameters 852 1_1_0d EXIST::FUNCTION:SM9 +IPAddressFamily_free 853 1_1_0d EXIST::FUNCTION:RFC3779 +ENGINE_get_pkey_asn1_meths 854 1_1_0d EXIST::FUNCTION:ENGINE +CPK_MASTER_SECRET_create 855 1_1_0d EXIST::FUNCTION:CPK +DES_ede3_cbc_encrypt 856 1_1_0d EXIST::FUNCTION:DES +EVP_MD_meth_set_copy 857 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_cmp 858 1_1_0d EXIST::FUNCTION: +d2i_PKCS12_bio 859 1_1_0d EXIST::FUNCTION: +X509at_get0_data_by_OBJ 860 1_1_0d EXIST::FUNCTION: +EC_POINT_dup 861 1_1_0d EXIST::FUNCTION:EC +d2i_OCSP_RESPONSE 862 1_1_0d EXIST::FUNCTION:OCSP +SKF_EnumApplication 863 1_1_0d EXIST::FUNCTION:SKF +ECDSA_SIG_set_ECCSIGNATUREBLOB 864 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +PKCS7_add_signer 865 1_1_0d EXIST::FUNCTION: +BN_solinas2bn 866 1_1_0d EXIST::FUNCTION: +X509_sign_ctx 867 1_1_0d EXIST::FUNCTION: +SAF_MacUpdate 868 1_1_0d EXIST::FUNCTION: +X509_get_ext_d2i 869 1_1_0d EXIST::FUNCTION: +SM9PublicParameters_new 870 1_1_0d EXIST::FUNCTION:SM9 +EVP_MD_block_size 871 1_1_0d EXIST::FUNCTION: +ASN1_T61STRING_free 872 1_1_0d EXIST::FUNCTION: +EVP_DigestVerifyFinal 873 1_1_0d EXIST::FUNCTION: +DSA_meth_set_bn_mod_exp 874 1_1_0d EXIST::FUNCTION:DSA +EVP_CIPHER_meth_free 875 1_1_0d EXIST::FUNCTION: +OCSP_REQ_CTX_i2d 876 1_1_0d EXIST::FUNCTION:OCSP +TS_TST_INFO_delete_ext 877 1_1_0d EXIST::FUNCTION:TS +ECCPRIVATEKEYBLOB_set_private_key 878 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EVP_PKEY_verify_init 879 1_1_0d EXIST::FUNCTION: +SAF_SymmEncrypt 880 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get_ext_by_OBJ 881 1_1_0d EXIST::FUNCTION: +ERR_load_DSO_strings 882 1_1_0d EXIST::FUNCTION: +CMS_stream 883 1_1_0d EXIST::FUNCTION:CMS +BIO_get_mem_ptr 884 1_1_0d EXIST::FUNCTION: +AES_cbc_encrypt 885 1_1_0d EXIST::FUNCTION: +TS_OBJ_print_bio 886 1_1_0d EXIST::FUNCTION:TS +ASN1_TYPE_get_int_octetstring 887 1_1_0d EXIST::FUNCTION: +o2i_ECPublicKey 888 1_1_0d EXIST::FUNCTION:EC +ENGINE_get_default_DH 889 1_1_0d EXIST::FUNCTION:ENGINE +OCSP_RESPID_set_by_key 890 1_1_0d EXIST::FUNCTION:OCSP +TS_VERIFY_CTX_set_data 891 1_1_0d EXIST::FUNCTION:TS +DH_meth_set_init 892 1_1_0d EXIST::FUNCTION:DH +BN_GF2m_mod_solve_quad 893 1_1_0d EXIST::FUNCTION:EC2M +PKCS7_add_attrib_smimecap 894 1_1_0d EXIST::FUNCTION: +EVP_rc5_32_12_16_ecb 895 1_1_0d EXIST::FUNCTION:RC5 +EVP_PKEY_CTX_set_ec_paramgen_curve_nid 896 1_1_0d EXIST::FUNCTION:EC +X509_STORE_CTX_get_check_crl 897 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_get0_name 898 1_1_0d EXIST::FUNCTION: +OCSP_basic_sign 899 1_1_0d EXIST::FUNCTION:OCSP +i2d_RSA_PUBKEY 900 1_1_0d EXIST::FUNCTION:RSA +ASN1_UTCTIME_free 901 1_1_0d EXIST::FUNCTION: +d2i_PKCS8_PRIV_KEY_INFO_fp 902 1_1_0d EXIST::FUNCTION:STDIO +X509_NAME_print_ex_fp 903 1_1_0d EXIST::FUNCTION:STDIO +ESS_SIGNING_CERT_new 904 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_meth_get_sign 905 1_1_0d EXIST::FUNCTION: +PBE2PARAM_it 906 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBE2PARAM_it 906 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_OCSP_SERVICELOC 907 1_1_0d EXIST::FUNCTION:OCSP +X509_CRL_get_ext_by_critical 908 1_1_0d EXIST::FUNCTION: +d2i_ECPrivateKey_bio 909 1_1_0d EXIST::FUNCTION:EC +NCONF_load_fp 910 1_1_0d EXIST::FUNCTION:STDIO +ENGINE_set_destroy_function 911 1_1_0d EXIST::FUNCTION:ENGINE +i2d_TS_STATUS_INFO 912 1_1_0d EXIST::FUNCTION:TS +X509V3_add_value_bool_nf 913 1_1_0d EXIST::FUNCTION: +d2i_ASIdentifierChoice 914 1_1_0d EXIST::FUNCTION:RFC3779 +SDF_GenerateRandom 915 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_degree 916 1_1_0d EXIST::FUNCTION:EC +X509_STORE_CTX_set0_dane 917 1_1_0d EXIST::FUNCTION: +EVP_rc2_ecb 918 1_1_0d EXIST::FUNCTION:RC2 +CT_POLICY_EVAL_CTX_new 919 1_1_0d EXIST::FUNCTION:CT +EVP_aes_256_cbc_hmac_sha1 920 1_1_0d EXIST::FUNCTION: +EC_METHOD_get_field_type 921 1_1_0d EXIST::FUNCTION:EC +ASN1_mbstring_ncopy 922 1_1_0d EXIST::FUNCTION: +EC_KEY_new_by_curve_name 923 1_1_0d EXIST::FUNCTION:EC +OCSP_SINGLERESP_get_ext_by_OBJ 924 1_1_0d EXIST::FUNCTION:OCSP +EC_KEY_set_ex_data 925 1_1_0d EXIST::FUNCTION:EC +BIO_ADDRINFO_family 926 1_1_0d EXIST::FUNCTION:SOCK +BIO_method_type 927 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_NDEF 928 1_1_0d EXIST::FUNCTION: +FIPS_mode 929 1_1_0d EXIST::FUNCTION: +CPK_MASTER_SECRET_validate_public_params 930 1_1_0d EXIST::FUNCTION:CPK +IPAddressChoice_free 931 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_aes_192_cfb8 932 1_1_0d EXIST::FUNCTION: +X509_get0_notBefore 933 1_1_0d EXIST::FUNCTION: +CMS_signed_delete_attr 934 1_1_0d EXIST::FUNCTION:CMS +OPENSSL_init_crypto 935 1_1_0d EXIST::FUNCTION: +d2i_PBE2PARAM 936 1_1_0d EXIST::FUNCTION: +UI_method_set_prompt_constructor 937 1_1_0d EXIST::FUNCTION:UI +X509_STORE_lock 938 1_1_0d EXIST::FUNCTION: +PKCS7_SIGN_ENVELOPE_it 939 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGN_ENVELOPE_it 939 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASYNC_WAIT_CTX_new 940 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_set_public 941 1_1_0d EXIST::FUNCTION: +X509_reject_clear 942 1_1_0d EXIST::FUNCTION: +BIO_ADDR_new 943 1_1_0d EXIST::FUNCTION:SOCK +i2d_ASN1_TIME 944 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_pop_free 945 1_1_0d EXIST::FUNCTION: +EVP_PKEY_cmp 946 1_1_0d EXIST::FUNCTION: +d2i_ASN1_UTCTIME 947 1_1_0d EXIST::FUNCTION: +CONF_imodule_get_module 948 1_1_0d EXIST::FUNCTION: +X509_time_adj 949 1_1_0d EXIST::FUNCTION: +i2b_PrivateKey_bio 950 1_1_0d EXIST::FUNCTION:DSA +CMS_RecipientInfo_set0_password 951 1_1_0d EXIST::FUNCTION:CMS +DH_new 952 1_1_0d EXIST::FUNCTION:DH +CMS_SignerInfo_get0_algs 953 1_1_0d EXIST::FUNCTION:CMS +ENGINE_set_default_pkey_asn1_meths 954 1_1_0d EXIST::FUNCTION:ENGINE +PKCS7_sign_add_signer 955 1_1_0d EXIST::FUNCTION: +d2i_PKCS8_bio 956 1_1_0d EXIST::FUNCTION: +Camellia_cbc_encrypt 957 1_1_0d EXIST::FUNCTION:CAMELLIA +DH_KDF_X9_42 958 1_1_0d EXIST::FUNCTION:CMS,DH +PKCS7_dataVerify 959 1_1_0d EXIST::FUNCTION: +DES_ncbc_encrypt 960 1_1_0d EXIST::FUNCTION:DES +DH_meth_set_generate_params 961 1_1_0d EXIST::FUNCTION:DH +CRYPTO_set_ex_data 962 1_1_0d EXIST::FUNCTION: +BN_BLINDING_new 963 1_1_0d EXIST::FUNCTION: +RC4_set_key 964 1_1_0d EXIST::FUNCTION:RC4 +d2i_ASN1_PRINTABLESTRING 965 1_1_0d EXIST::FUNCTION: +BIO_connect 966 1_1_0d EXIST::FUNCTION:SOCK +BN_hex2bn 967 1_1_0d EXIST::FUNCTION: +CMAC_Init 968 1_1_0d EXIST::FUNCTION:CMAC +SKF_DeleteContainer 969 1_1_0d EXIST::FUNCTION:SKF +DES_random_key 970 1_1_0d EXIST::FUNCTION:DES +EVP_MD_meth_set_update 971 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_type 972 1_1_0d EXIST::FUNCTION: +OBJ_find_sigid_algs 973 1_1_0d EXIST::FUNCTION: +CONF_dump_fp 974 1_1_0d EXIST::FUNCTION:STDIO +i2d_CMS_ContentInfo 975 1_1_0d EXIST::FUNCTION:CMS +BN_swap 976 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_count 977 1_1_0d EXIST::FUNCTION:OCSP +ENGINE_get_ctrl_function 978 1_1_0d EXIST::FUNCTION:ENGINE +X509V3_get_d2i 979 1_1_0d EXIST::FUNCTION: +ENGINE_get_table_flags 980 1_1_0d EXIST::FUNCTION:ENGINE +ASN1_STRING_get_default_mask 981 1_1_0d EXIST::FUNCTION: +ENGINE_set_default_pkey_meths 982 1_1_0d EXIST::FUNCTION:ENGINE +ASN1_generate_v3 983 1_1_0d EXIST::FUNCTION: +BIO_meth_get_destroy 984 1_1_0d EXIST::FUNCTION: +ERR_reason_error_string 985 1_1_0d EXIST::FUNCTION: +RSA_meth_new 986 1_1_0d EXIST::FUNCTION:RSA +CMS_add0_recipient_password 987 1_1_0d EXIST::FUNCTION:CMS +BN_mod_mul_montgomery 988 1_1_0d EXIST::FUNCTION: +UI_method_get_flusher 989 1_1_0d EXIST::FUNCTION:UI +X509_get_pubkey_parameters 990 1_1_0d EXIST::FUNCTION: +ERR_load_FFX_strings 991 1_1_0d EXIST::FUNCTION: +RSA_meth_get0_app_data 992 1_1_0d EXIST::FUNCTION:RSA +PKCS7_add0_attrib_signing_time 993 1_1_0d EXIST::FUNCTION: +EVP_sms4_xts 994 1_1_0d EXIST::FUNCTION:SMS4 +ASN1_T61STRING_new 995 1_1_0d EXIST::FUNCTION: +UI_new_method 996 1_1_0d EXIST::FUNCTION:UI +SAF_GetRootCaCertificateCount 997 1_1_0d EXIST::FUNCTION: +DSA_meth_set_paramgen 998 1_1_0d EXIST::FUNCTION:DSA +EVP_MD_meth_set_cleanup 999 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_ext_by_OBJ 1000 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_CTX_ctrl_str 1001 1_1_0d EXIST::FUNCTION: +i2d_PrivateKey_fp 1002 1_1_0d EXIST::FUNCTION:STDIO +SOF_GenRandom 1003 1_1_0d EXIST::FUNCTION: +CRYPTO_cts128_decrypt 1004 1_1_0d EXIST::FUNCTION: +SXNET_add_id_asc 1005 1_1_0d EXIST::FUNCTION: +OBJ_bsearch_ 1006 1_1_0d EXIST::FUNCTION: +CMS_SignerInfo_verify_content 1007 1_1_0d EXIST::FUNCTION:CMS +UI_add_input_boolean 1008 1_1_0d EXIST::FUNCTION:UI +ASN1_TIME_print 1009 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_get_ECCCIPHERBLOB 1010 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,SM2 +TS_RESP_verify_response 1011 1_1_0d EXIST::FUNCTION:TS +ENGINE_register_RAND 1012 1_1_0d EXIST::FUNCTION:ENGINE +TS_RESP_verify_token 1013 1_1_0d EXIST::FUNCTION:TS +d2i_RSA_PUBKEY_bio 1014 1_1_0d EXIST::FUNCTION:RSA +ERR_peek_last_error_line 1015 1_1_0d EXIST::FUNCTION: +PKCS7_free 1016 1_1_0d EXIST::FUNCTION: +EVP_PKEY_derive_set_peer 1017 1_1_0d EXIST::FUNCTION: +CMS_SignerInfo_get0_signature 1018 1_1_0d EXIST::FUNCTION:CMS +X509_get_serialNumber 1019 1_1_0d EXIST::FUNCTION: +X509_STORE_get_cert_crl 1020 1_1_0d EXIST::FUNCTION: +EVP_md5_sha1 1021 1_1_0d EXIST::FUNCTION:MD5 +BN_X931_derive_prime_ex 1022 1_1_0d EXIST::FUNCTION: +X509_print_ex 1023 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_create_by_OBJ 1024 1_1_0d EXIST::FUNCTION: +CMS_signed_add1_attr 1025 1_1_0d EXIST::FUNCTION:CMS +d2i_X509_CERT_AUX 1026 1_1_0d EXIST::FUNCTION: +d2i_PKCS7_SIGN_ENVELOPE 1027 1_1_0d EXIST::FUNCTION: +BIO_new_file 1028 1_1_0d EXIST::FUNCTION: +X509_policy_level_node_count 1029 1_1_0d EXIST::FUNCTION: +MD4_Init 1030 1_1_0d EXIST::FUNCTION:MD4 +ASN1_SCTX_free 1031 1_1_0d EXIST::FUNCTION: +PAILLIER_ciphertext_scalar_mul 1032 1_1_0d EXIST::FUNCTION:PAILLIER +ASN1_generate_nconf 1033 1_1_0d EXIST::FUNCTION: +ASN1_PRINTABLESTRING_new 1034 1_1_0d EXIST::FUNCTION: +EC_GROUP_set_generator 1035 1_1_0d EXIST::FUNCTION:EC +CPK_MASTER_SECRET_it 1036 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CPK +CPK_MASTER_SECRET_it 1036 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CPK +X509_ATTRIBUTE_free 1037 1_1_0d EXIST::FUNCTION: +X509_check_purpose 1038 1_1_0d EXIST::FUNCTION: +SAF_DestroyHashObj 1039 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_EncodeSignedData 1040 1_1_0d EXIST::FUNCTION: +d2i_ASN1_BMPSTRING 1041 1_1_0d EXIST::FUNCTION: +DSA_dup_DH 1042 1_1_0d EXIST::FUNCTION:DH,DSA +ENGINE_ctrl_cmd 1043 1_1_0d EXIST::FUNCTION:ENGINE +d2i_ECCCipher_bio 1044 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +CMS_decrypt 1045 1_1_0d EXIST::FUNCTION:CMS +HKDF_Extract 1046 1_1_0d EXIST::FUNCTION: +EVP_sms4_cfb1 1047 1_1_0d EXIST::FUNCTION:SMS4 +MD2 1048 1_1_0d EXIST::FUNCTION:MD2 +CRYPTO_secure_malloc_init 1049 1_1_0d EXIST::FUNCTION: +PEM_SignFinal 1050 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_run_once 1051 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_cleanup 1052 1_1_0d EXIST::FUNCTION: +X509_NAME_oneline 1053 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_by_fingerprint 1054 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get_sgd 1055 1_1_0d EXIST::FUNCTION:GMAPI +EVP_PKEY_paramgen_init 1056 1_1_0d EXIST::FUNCTION: +WHIRLPOOL_Init 1057 1_1_0d EXIST::FUNCTION:WHIRLPOOL +EC_POINT_mul 1058 1_1_0d EXIST::FUNCTION:EC +i2d_CPK_PUBLIC_PARAMS_bio 1059 1_1_0d EXIST::FUNCTION:CPK +d2i_PKCS7_bio 1060 1_1_0d EXIST::FUNCTION: +DSA_meth_get_sign_setup 1061 1_1_0d EXIST::FUNCTION:DSA +OBJ_ln2nid 1062 1_1_0d EXIST::FUNCTION: +IDEA_set_decrypt_key 1063 1_1_0d EXIST::FUNCTION:IDEA +X509_get_ex_data 1064 1_1_0d EXIST::FUNCTION: +EVP_PKEY_encrypt 1065 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_digest 1066 1_1_0d EXIST::FUNCTION:CPK +SDF_UnloadLibrary 1067 1_1_0d EXIST::FUNCTION:SDF +EVP_get_ciphernames 1068 1_1_0d EXIST::FUNCTION: +ERR_load_UI_strings 1069 1_1_0d EXIST::FUNCTION:UI +X509_STORE_get_check_revocation 1070 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKI_b64_decode 1071 1_1_0d EXIST::FUNCTION: +RSA_meth_get_mod_exp 1072 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_meth_set_ctrl 1073 1_1_0d EXIST::FUNCTION: +X509_TRUST_set_default 1074 1_1_0d EXIST::FUNCTION: +OPENSSL_hexstr2buf 1075 1_1_0d EXIST::FUNCTION: +SKF_GenRandom 1076 1_1_0d EXIST::FUNCTION:SKF +SM2_do_decrypt 1077 1_1_0d EXIST::FUNCTION:SM2 +i2d_SM9PublicKey 1078 1_1_0d EXIST::FUNCTION:SM9 +SKF_ExtECCDecrypt 1079 1_1_0d EXIST::FUNCTION:SKF +OCSP_resp_get0_id 1080 1_1_0d EXIST::FUNCTION:OCSP +PAILLIER_free 1081 1_1_0d EXIST::FUNCTION:PAILLIER +ERR_load_ASN1_strings 1082 1_1_0d EXIST::FUNCTION: +RSA_meth_set_priv_enc 1083 1_1_0d EXIST::FUNCTION:RSA +ASN1_PCTX_set_oid_flags 1084 1_1_0d EXIST::FUNCTION: +d2i_ASN1_SEQUENCE_ANY 1085 1_1_0d EXIST::FUNCTION: +SHA256_Init 1086 1_1_0d EXIST::FUNCTION: +PKCS7_get_signed_attribute 1087 1_1_0d EXIST::FUNCTION: +SKF_Encrypt 1088 1_1_0d EXIST::FUNCTION:SKF +X509_OBJECT_retrieve_match 1089 1_1_0d EXIST::FUNCTION: +HMAC_CTX_set_flags 1090 1_1_0d EXIST::FUNCTION: +SMIME_read_ASN1 1091 1_1_0d EXIST::FUNCTION: +X509_NAME_delete_entry 1092 1_1_0d EXIST::FUNCTION: +SOF_CreateTimeStampRequest 1093 1_1_0d EXIST::FUNCTION: +X509_CRL_get_ext_by_OBJ 1094 1_1_0d EXIST::FUNCTION: +CRYPTO_ccm128_encrypt_ccm64 1095 1_1_0d EXIST::FUNCTION: +X509_EXTENSION_new 1096 1_1_0d EXIST::FUNCTION: +BN_to_ASN1_ENUMERATED 1097 1_1_0d EXIST::FUNCTION: +X509_CRL_INFO_free 1098 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_cmp 1099 1_1_0d EXIST::FUNCTION: +DSA_meth_set_init 1100 1_1_0d EXIST::FUNCTION:DSA +OCSP_resp_find 1101 1_1_0d EXIST::FUNCTION:OCSP +EC_GROUP_get_cofactor 1102 1_1_0d EXIST::FUNCTION:EC +EVP_CIPHER_meth_set_impl_ctx_size 1103 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kekri_id_cmp 1104 1_1_0d EXIST::FUNCTION:CMS +ASN1_VISIBLESTRING_free 1105 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_compare_id 1106 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_time_cb 1107 1_1_0d EXIST::FUNCTION:TS +i2d_PaillierPrivateKey 1108 1_1_0d EXIST::FUNCTION:PAILLIER +speck_decrypt32 1109 1_1_0d EXIST::FUNCTION:SPECK +BIO_set_md_ctx 1110 1_1_0d EXIST::FUNCTION: +d2i_PrivateKey_fp 1111 1_1_0d EXIST::FUNCTION:STDIO +PEM_write_PKCS7 1112 1_1_0d EXIST::FUNCTION:STDIO +SHA256_Transform 1113 1_1_0d EXIST::FUNCTION: +d2i_TS_REQ_fp 1114 1_1_0d EXIST::FUNCTION:STDIO,TS +RSA_get0_key 1115 1_1_0d EXIST::FUNCTION:RSA +CRYPTO_gcm128_decrypt 1116 1_1_0d EXIST::FUNCTION: +PEM_read_NETSCAPE_CERT_SEQUENCE 1117 1_1_0d EXIST::FUNCTION:STDIO +EVP_PKEY_assign_DSA 1118 1_1_0d EXIST::FUNCTION:DSA +ASN1_STRING_get0_data 1119 1_1_0d EXIST::FUNCTION: +X509_OBJECT_new 1120 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_free 1121 1_1_0d EXIST::FUNCTION: +EVP_des_cbc 1122 1_1_0d EXIST::FUNCTION:DES +FFX_CTX_free 1123 1_1_0d EXIST::FUNCTION: +RAND_event 1124 1_1_0d EXIST:_WIN32:FUNCTION:DEPRECATEDIN_1_1_0 +OPENSSL_sk_delete_ptr 1125 1_1_0d EXIST::FUNCTION: +d2i_RSAPublicKey_bio 1126 1_1_0d EXIST::FUNCTION:RSA +UI_UTIL_read_pw_string 1127 1_1_0d EXIST::FUNCTION:UI +d2i_PKCS8_PRIV_KEY_INFO 1128 1_1_0d EXIST::FUNCTION: +d2i_EXTENDED_KEY_USAGE 1129 1_1_0d EXIST::FUNCTION: +EC_GROUP_set_curve_GFp 1130 1_1_0d EXIST::FUNCTION:EC +UI_add_input_string 1131 1_1_0d EXIST::FUNCTION:UI +ASN1_PRINTABLE_it 1132 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_PRINTABLE_it 1132 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SM2_do_encrypt 1133 1_1_0d EXIST::FUNCTION:SM2 +EVP_DecodeBlock 1134 1_1_0d EXIST::FUNCTION: +PKCS12_verify_mac 1135 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_it 1136 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_INTEGER_it 1136 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SDF_Decrypt 1137 1_1_0d EXIST::FUNCTION: +ASN1_item_verify 1138 1_1_0d EXIST::FUNCTION: +OCSP_RESPID_it 1139 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_RESPID_it 1139 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +ASIdentifierChoice_new 1140 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_cast5_cfb64 1141 1_1_0d EXIST::FUNCTION:CAST +RSA_meth_set_bn_mod_exp 1142 1_1_0d EXIST::FUNCTION:RSA +TS_TST_INFO_get_ext_by_NID 1143 1_1_0d EXIST::FUNCTION:TS +i2d_ECCCIPHERBLOB_bio 1144 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +BASIC_CONSTRAINTS_free 1145 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_free 1146 1_1_0d EXIST::FUNCTION:OCSP +AES_options 1147 1_1_0d EXIST::FUNCTION: +SHA512_Final 1148 1_1_0d EXIST:!VMSVAX:FUNCTION: +EVP_MD_type 1149 1_1_0d EXIST::FUNCTION: +ASN1_OCTET_STRING_it 1150 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_it 1150 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_get0_seed 1151 1_1_0d EXIST::FUNCTION:EC +EC_POINT_new 1152 1_1_0d EXIST::FUNCTION:EC +OPENSSL_strlcat 1153 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_set_flags 1154 1_1_0d EXIST::FUNCTION: +X509V3_add_value_uchar 1155 1_1_0d EXIST::FUNCTION: +i2d_PBKDF2PARAM 1156 1_1_0d EXIST::FUNCTION: +EVP_delete_digest_alias 1157 1_1_0d EXIST::FUNCTION: +X509_get_pathlen 1158 1_1_0d EXIST::FUNCTION: +X509V3_add_value 1159 1_1_0d EXIST::FUNCTION: +EC_POINT_point2oct 1160 1_1_0d EXIST::FUNCTION:EC +BIO_meth_set_write 1161 1_1_0d EXIST::FUNCTION: +EVP_rc5_32_12_16_cfb64 1162 1_1_0d EXIST::FUNCTION:RC5 +NETSCAPE_SPKI_verify 1163 1_1_0d EXIST::FUNCTION: +ASN1_GENERALSTRING_new 1164 1_1_0d EXIST::FUNCTION: +COMP_CTX_get_method 1165 1_1_0d EXIST::FUNCTION:COMP +sm3_compress 1166 1_1_0d EXIST::FUNCTION:SM3 +PEM_write_bio_PKCS8_PRIV_KEY_INFO 1167 1_1_0d EXIST::FUNCTION: +X509_get_default_cert_file 1168 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_copy_ctx 1169 1_1_0d EXIST::FUNCTION:OCB +OCSP_response_create 1170 1_1_0d EXIST::FUNCTION:OCSP +OCSP_RESPID_match 1171 1_1_0d EXIST::FUNCTION:OCSP +CMS_signed_add1_attr_by_txt 1172 1_1_0d EXIST::FUNCTION:CMS +X509_ATTRIBUTE_create 1173 1_1_0d EXIST::FUNCTION: +i2d_X509_CINF 1174 1_1_0d EXIST::FUNCTION: +OCSP_basic_add1_cert 1175 1_1_0d EXIST::FUNCTION:OCSP +SM9_verify_ex 1176 1_1_0d EXIST::FUNCTION:SM9 +OCSP_request_add0_id 1177 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_set_check_crl 1178 1_1_0d EXIST::FUNCTION: +X509_REQ_add1_attr 1179 1_1_0d EXIST::FUNCTION: +EC_KEY_get0_private_key 1180 1_1_0d EXIST::FUNCTION:EC +OBJ_create_objects 1181 1_1_0d EXIST::FUNCTION: +CONF_imodule_set_usr_data 1182 1_1_0d EXIST::FUNCTION: +EVP_DigestFinal_ex 1183 1_1_0d EXIST::FUNCTION: +SRP_Calc_u 1184 1_1_0d EXIST::FUNCTION:SRP +PKCS12_BAGS_free 1185 1_1_0d EXIST::FUNCTION: +EVP_PKEY_bits 1186 1_1_0d EXIST::FUNCTION: +X509_NAME_ENTRY_create_by_NID 1187 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_create0_pkcs8 1188 1_1_0d EXIST::FUNCTION: +EVP_bf_cbc 1189 1_1_0d EXIST::FUNCTION:BF +i2d_CPK_MASTER_SECRET 1190 1_1_0d EXIST::FUNCTION:CPK +SOF_SignFile 1191 1_1_0d EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_set1_cert 1192 1_1_0d EXIST::FUNCTION:CT +BIO_snprintf 1193 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_free 1194 1_1_0d EXIST::FUNCTION:ECIES +d2i_RSAPrivateKey_bio 1195 1_1_0d EXIST::FUNCTION:RSA +BF_ecb_encrypt 1196 1_1_0d EXIST::FUNCTION:BF +OPENSSL_sk_new 1197 1_1_0d EXIST::FUNCTION: +BN_mod_lshift 1198 1_1_0d EXIST::FUNCTION: +s2i_ASN1_OCTET_STRING 1199 1_1_0d EXIST::FUNCTION: +SKF_GetErrorString 1200 1_1_0d EXIST::FUNCTION:SKF +UI_get0_result_string 1201 1_1_0d EXIST::FUNCTION:UI +USERNOTICE_it 1202 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +USERNOTICE_it 1202 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_ECDSA_SIG 1203 1_1_0d EXIST::FUNCTION:EC +PKCS7_ISSUER_AND_SERIAL_new 1204 1_1_0d EXIST::FUNCTION: +EVP_chacha20 1205 1_1_0d EXIST::FUNCTION:CHACHA +PKCS12_gen_mac 1206 1_1_0d EXIST::FUNCTION: +ASN1_ENUMERATED_set_int64 1207 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_free 1208 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_cb 1209 1_1_0d EXIST::FUNCTION: +DSA_free 1210 1_1_0d EXIST::FUNCTION:DSA +SAF_Base64_DecodeUpdate 1211 1_1_0d EXIST::FUNCTION: +ASN1_verify 1212 1_1_0d EXIST::FUNCTION: +SCT_set1_extensions 1213 1_1_0d EXIST::FUNCTION:CT +i2d_DIST_POINT_NAME 1214 1_1_0d EXIST::FUNCTION: +i2d_ASN1_PRINTABLE 1215 1_1_0d EXIST::FUNCTION: +CRYPTO_zalloc 1216 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_set_init 1217 1_1_0d EXIST::FUNCTION: +BIO_f_zlib 1218 1_1_0d EXIST:ZLIB:FUNCTION:COMP +AES_cfb128_encrypt 1219 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_init 1220 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_verifyctx 1221 1_1_0d EXIST::FUNCTION: +X509_chain_check_suiteb 1222 1_1_0d EXIST::FUNCTION: +d2i_ECCSIGNATUREBLOB 1223 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +d2i_X509_REQ 1224 1_1_0d EXIST::FUNCTION: +HMAC_CTX_free 1225 1_1_0d EXIST::FUNCTION: +SEED_set_key 1226 1_1_0d EXIST::FUNCTION:SEED +BN_GFP2_set_bn 1227 1_1_0d EXIST::FUNCTION: +ASN1_GENERALSTRING_free 1228 1_1_0d EXIST::FUNCTION: +CRYPTO_gcm128_release 1229 1_1_0d EXIST::FUNCTION: +SHA224_Init 1230 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_set_md_data 1231 1_1_0d EXIST::FUNCTION: +Camellia_set_key 1232 1_1_0d EXIST::FUNCTION:CAMELLIA +RSA_set_RSAPUBLICKEYBLOB 1233 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +MD2_Final 1234 1_1_0d EXIST::FUNCTION:MD2 +EVP_CIPHER_CTX_nid 1235 1_1_0d EXIST::FUNCTION: +DSA_meth_set0_app_data 1236 1_1_0d EXIST::FUNCTION:DSA +EVP_idea_cfb64 1237 1_1_0d EXIST::FUNCTION:IDEA +BN_CTX_end 1238 1_1_0d EXIST::FUNCTION: +X509_get_key_usage 1239 1_1_0d EXIST::FUNCTION: +X509_CRL_INFO_new 1240 1_1_0d EXIST::FUNCTION: +DH_meth_get_flags 1241 1_1_0d EXIST::FUNCTION:DH +X509_SIG_getm 1242 1_1_0d EXIST::FUNCTION: +SAF_RemoveCaCertificate 1243 1_1_0d EXIST::FUNCTION: +d2i_ACCESS_DESCRIPTION 1244 1_1_0d EXIST::FUNCTION: +CRYPTO_nistcts128_decrypt_block 1245 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_file 1246 1_1_0d EXIST::FUNCTION: +OCSP_RESPBYTES_free 1247 1_1_0d EXIST::FUNCTION:OCSP +ERR_load_OBJ_strings 1248 1_1_0d EXIST::FUNCTION: +BIO_set_ex_data 1249 1_1_0d EXIST::FUNCTION: +d2i_X509_REQ_INFO 1250 1_1_0d EXIST::FUNCTION: +X509_CRL_set_default_method 1251 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_type 1252 1_1_0d EXIST::FUNCTION: +RSA_print 1253 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_METHOD_get_keygen 1254 1_1_0d EXIST::FUNCTION:EC +EVP_OpenInit 1255 1_1_0d EXIST::FUNCTION:RSA +TS_TST_INFO_set_version 1256 1_1_0d EXIST::FUNCTION:TS +DH_meth_free 1257 1_1_0d EXIST::FUNCTION:DH +SXNETID_free 1258 1_1_0d EXIST::FUNCTION: +BN_BLINDING_create_param 1259 1_1_0d EXIST::FUNCTION: +PKCS12_create 1260 1_1_0d EXIST::FUNCTION: +EVP_des_ede_ecb 1261 1_1_0d EXIST::FUNCTION:DES +ENGINE_get_DSA 1262 1_1_0d EXIST::FUNCTION:ENGINE +ERR_get_error_line_data 1263 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_4096 1264 1_1_0d EXIST::FUNCTION: +BN_BLINDING_update 1265 1_1_0d EXIST::FUNCTION: +AES_ige_encrypt 1266 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_digests 1267 1_1_0d EXIST::FUNCTION:ENGINE +i2b_PVK_bio 1268 1_1_0d EXIST::FUNCTION:DSA,RC4 +ASN1_GENERALIZEDTIME_adj 1269 1_1_0d EXIST::FUNCTION: +OCSP_SERVICELOC_it 1270 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_SERVICELOC_it 1270 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +ECDSA_verify 1271 1_1_0d EXIST::FUNCTION:EC +EVP_OpenFinal 1272 1_1_0d EXIST::FUNCTION:RSA +ASN1_STRING_new 1273 1_1_0d EXIST::FUNCTION: +RSA_X931_hash_id 1274 1_1_0d EXIST::FUNCTION:RSA +X509_STORE_CTX_get_error_depth 1275 1_1_0d EXIST::FUNCTION: +TS_STATUS_INFO_set_status 1276 1_1_0d EXIST::FUNCTION:TS +SDF_PrintECCPublicKey 1277 1_1_0d EXIST::FUNCTION:SDF +OCSP_RESPID_free 1278 1_1_0d EXIST::FUNCTION:OCSP +EVP_PKEY_sign_init 1279 1_1_0d EXIST::FUNCTION: +SKF_ChangeDevAuthKey 1280 1_1_0d EXIST::FUNCTION:SKF +SDF_ExportSignPublicKey_RSA 1281 1_1_0d EXIST::FUNCTION: +X509_REQ_to_X509 1282 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_copy_ex 1283 1_1_0d EXIST::FUNCTION: +DH_meth_new 1284 1_1_0d EXIST::FUNCTION:DH +CTLOG_STORE_new 1285 1_1_0d EXIST::FUNCTION:CT +ASYNC_WAIT_CTX_get_all_fds 1286 1_1_0d EXIST::FUNCTION: +BF_set_key 1287 1_1_0d EXIST::FUNCTION:BF +EVP_PKEY_CTX_set_signer_id 1288 1_1_0d EXIST::FUNCTION:SM2 +DH_get0_pqg 1289 1_1_0d EXIST::FUNCTION:DH +EVP_MD_name 1290 1_1_0d EXIST::FUNCTION: +SM9PrivateKey_free 1291 1_1_0d EXIST::FUNCTION:SM9 +EC_GROUP_check 1292 1_1_0d EXIST::FUNCTION:EC +CPK_MAP_num_factors 1293 1_1_0d EXIST::FUNCTION:CPK +ASN1_OCTET_STRING_is_zero 1294 1_1_0d EXIST::FUNCTION:SM2 +EC_KEY_print_fp 1295 1_1_0d EXIST::FUNCTION:EC,STDIO +i2d_BB1PublicParameters 1296 1_1_0d EXIST::FUNCTION:BB1IBE +RSA_OAEP_PARAMS_it 1297 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSA_OAEP_PARAMS_it 1297 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +UI_get0_result 1298 1_1_0d EXIST::FUNCTION:UI +SOF_EncryptData 1299 1_1_0d EXIST::FUNCTION: +RIPEMD160 1300 1_1_0d EXIST::FUNCTION:RMD160 +X509_get_X509_PUBKEY 1301 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_set_app_datasize 1302 1_1_0d EXIST::FUNCTION: +i2d_AUTHORITY_INFO_ACCESS 1303 1_1_0d EXIST::FUNCTION: +BN_clear_bit 1304 1_1_0d EXIST::FUNCTION: +ENGINE_get_RSA 1305 1_1_0d EXIST::FUNCTION:ENGINE +X509_TRUST_set 1306 1_1_0d EXIST::FUNCTION: +EVP_DecryptInit_ex 1307 1_1_0d EXIST::FUNCTION: +SM9_encrypt_ex 1308 1_1_0d EXIST::FUNCTION:SM9 +BIO_ADDR_rawmake 1309 1_1_0d EXIST::FUNCTION:SOCK +SDF_ImportKeyWithISK_RSA 1310 1_1_0d EXIST::FUNCTION: +CMS_unsigned_delete_attr 1311 1_1_0d EXIST::FUNCTION:CMS +X509_REQ_delete_attr 1312 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_EncodeEnvelopedData 1313 1_1_0d EXIST::FUNCTION: +CONF_load 1314 1_1_0d EXIST::FUNCTION: +DH_get0_key 1315 1_1_0d EXIST::FUNCTION:DH +SAF_Base64_DecodeFinal 1316 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_get_ext_by_critical 1317 1_1_0d EXIST::FUNCTION:OCSP +OCSP_resp_get0 1318 1_1_0d EXIST::FUNCTION:OCSP +SKF_GetFileInfo 1319 1_1_0d EXIST::FUNCTION:SKF +EVP_MD_meth_dup 1320 1_1_0d EXIST::FUNCTION: +d2i_ASN1_PRINTABLE 1321 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_read_lock 1322 1_1_0d EXIST::FUNCTION: +X509_keyid_get0 1323 1_1_0d EXIST::FUNCTION: +AES_ecb_encrypt 1324 1_1_0d EXIST::FUNCTION: +EVP_get_digestbysgd 1325 1_1_0d EXIST::FUNCTION:GMAPI +SDF_CreateFile 1326 1_1_0d EXIST::FUNCTION: +OCSP_request_onereq_count 1327 1_1_0d EXIST::FUNCTION:OCSP +d2i_AUTHORITY_KEYID 1328 1_1_0d EXIST::FUNCTION: +DES_pcbc_encrypt 1329 1_1_0d EXIST::FUNCTION:DES +DH_meth_set_compute_key 1330 1_1_0d EXIST::FUNCTION:DH +SAF_EccVerifySignByCert 1331 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_2048 1332 1_1_0d EXIST::FUNCTION: +SDF_ExchangeDigitEnvelopeBaseOnRSA 1333 1_1_0d EXIST::FUNCTION: +BIO_sock_should_retry 1334 1_1_0d EXIST::FUNCTION:SOCK +TS_VERIFY_CTX_new 1335 1_1_0d EXIST::FUNCTION:TS +EC_KEY_set_default_method 1336 1_1_0d EXIST::FUNCTION:EC +SAF_GetCertificateInfo 1337 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_signer_digest 1338 1_1_0d EXIST::FUNCTION:TS +ERR_load_BFIBE_strings 1339 1_1_0d EXIST::FUNCTION:BFIBE +TS_REQ_add_ext 1340 1_1_0d EXIST::FUNCTION:TS +PEM_read_RSAPrivateKey 1341 1_1_0d EXIST::FUNCTION:RSA,STDIO +i2d_PKCS8PrivateKey_nid_bio 1342 1_1_0d EXIST::FUNCTION: +EVP_get_digestbynid 1343 1_1_0d EXIST::FUNCTION: +EVP_PKEY_sign 1344 1_1_0d EXIST::FUNCTION: +BN_mod_add 1345 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_signctx 1346 1_1_0d EXIST::FUNCTION: +BIO_vfree 1347 1_1_0d EXIST::FUNCTION: +i2d_ISSUING_DIST_POINT 1348 1_1_0d EXIST::FUNCTION: +BN_RECP_CTX_set 1349 1_1_0d EXIST::FUNCTION: +OBJ_NAME_do_all_sorted 1350 1_1_0d EXIST::FUNCTION: +X509_STORE_set_default_paths 1351 1_1_0d EXIST::FUNCTION: +SM2_do_sign 1352 1_1_0d EXIST::FUNCTION:SM2 +UI_set_result 1353 1_1_0d EXIST::FUNCTION:UI +CRYPTO_set_mem_debug 1354 1_1_0d EXIST::FUNCTION: +BN_is_zero 1355 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_set_cert_flags 1356 1_1_0d EXIST::FUNCTION: +EVP_PKEY_keygen 1357 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_buf_noconst 1358 1_1_0d EXIST::FUNCTION: +SAF_EccVerifySignFile 1359 1_1_0d EXIST::FUNCTION:SAF +DES_fcrypt 1360 1_1_0d EXIST::FUNCTION:DES +CRYPTO_cts128_decrypt_block 1361 1_1_0d EXIST::FUNCTION: +SAF_Base64_CreateBase64Obj 1362 1_1_0d EXIST::FUNCTION: +PEM_write_bio_RSA_PUBKEY 1363 1_1_0d EXIST::FUNCTION:RSA +HKDF 1364 1_1_0d EXIST::FUNCTION: +RAND_status 1365 1_1_0d EXIST::FUNCTION: +BN_GFP2_mul 1366 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_get_decrypt 1367 1_1_0d EXIST::FUNCTION:SM2 +EVP_MD_CTX_copy 1368 1_1_0d EXIST::FUNCTION: +X509_NAME_ENTRY_get_object 1369 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set0_trusted_stack 1370 1_1_0d EXIST::FUNCTION: +OPENSSL_DIR_end 1371 1_1_0d EXIST::FUNCTION: +ASN1_TIME_new 1372 1_1_0d EXIST::FUNCTION: +X509_CRL_get_lastUpdate 1373 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +X509_STORE_CTX_init 1374 1_1_0d EXIST::FUNCTION: +CONF_parse_list 1375 1_1_0d EXIST::FUNCTION: +BIO_meth_get_callback_ctrl 1376 1_1_0d EXIST::FUNCTION: +X509_CRL_get0_signature 1377 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_new 1378 1_1_0d EXIST::FUNCTION: +i2d_BFMasterSecret 1379 1_1_0d EXIST::FUNCTION:BFIBE +RSA_meth_set_pub_dec 1380 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_add1_attr_by_txt 1381 1_1_0d EXIST::FUNCTION: +TXT_DB_free 1382 1_1_0d EXIST::FUNCTION: +ENGINE_setup_bsd_cryptodev 1383 1_1_0d EXIST:__FreeBSD__:FUNCTION:DEPRECATEDIN_1_1_0,ENGINE +ASN1_STRING_type 1384 1_1_0d EXIST::FUNCTION: +i2d_POLICYINFO 1385 1_1_0d EXIST::FUNCTION: +CRYPTO_strndup 1386 1_1_0d EXIST::FUNCTION: +i2d_TS_REQ 1387 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_CTX_get_operation 1388 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_add_policy 1389 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_CTX_get_signature_md 1390 1_1_0d EXIST::FUNCTION: +i2v_GENERAL_NAMES 1391 1_1_0d EXIST::FUNCTION: +ASN1_BMPSTRING_free 1392 1_1_0d EXIST::FUNCTION: +DH_meth_set_flags 1393 1_1_0d EXIST::FUNCTION:DH +EVP_MD_meth_set_ctrl 1394 1_1_0d EXIST::FUNCTION: +EC_KEY_set_public_key 1395 1_1_0d EXIST::FUNCTION:EC +PEM_read_bio_CMS 1396 1_1_0d EXIST::FUNCTION:CMS +d2i_NETSCAPE_SPKI 1397 1_1_0d EXIST::FUNCTION: +EVP_get_digestbyname 1398 1_1_0d EXIST::FUNCTION: +MD4_Final 1399 1_1_0d EXIST::FUNCTION:MD4 +DES_ecb_encrypt 1400 1_1_0d EXIST::FUNCTION:DES +ASN1_parse_dump 1401 1_1_0d EXIST::FUNCTION: +d2i_TS_REQ_bio 1402 1_1_0d EXIST::FUNCTION:TS +CMS_SignerInfo_get0_signer_id 1403 1_1_0d EXIST::FUNCTION:CMS +CRYPTO_ocb128_cleanup 1404 1_1_0d EXIST::FUNCTION:OCB +i2d_PublicKey 1405 1_1_0d EXIST::FUNCTION: +SEED_ecb_encrypt 1406 1_1_0d EXIST::FUNCTION:SEED +TS_RESP_dup 1407 1_1_0d EXIST::FUNCTION:TS +PKCS12_mac_present 1408 1_1_0d EXIST::FUNCTION: +i2d_ECCSIGNATUREBLOB 1409 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EVP_DecodeInit 1410 1_1_0d EXIST::FUNCTION: +DISPLAYTEXT_free 1411 1_1_0d EXIST::FUNCTION: +PBEPARAM_it 1412 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PBEPARAM_it 1412 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ERR_peek_error 1413 1_1_0d EXIST::FUNCTION: +IPAddressRange_it 1414 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressRange_it 1414 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +TS_REQ_set_nonce 1415 1_1_0d EXIST::FUNCTION:TS +i2d_DHxparams 1416 1_1_0d EXIST::FUNCTION:DH +EVP_CIPHER_CTX_original_iv 1417 1_1_0d EXIST::FUNCTION: +i2d_TS_MSG_IMPRINT 1418 1_1_0d EXIST::FUNCTION:TS +i2d_PKCS7_SIGNER_INFO 1419 1_1_0d EXIST::FUNCTION: +PKCS7_RECIP_INFO_free 1420 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_get_ext 1421 1_1_0d EXIST::FUNCTION:OCSP +i2d_ECPrivateKey_bio 1422 1_1_0d EXIST::FUNCTION:EC +BN_GFP2_mul_bn 1423 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_insert 1424 1_1_0d EXIST::FUNCTION: +DSA_meth_get0_app_data 1425 1_1_0d EXIST::FUNCTION:DSA +b2i_PublicKey_bio 1426 1_1_0d EXIST::FUNCTION:DSA +d2i_OCSP_RESPBYTES 1427 1_1_0d EXIST::FUNCTION:OCSP +RAND_OpenSSL 1428 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_set_flags 1429 1_1_0d EXIST::FUNCTION: +CRYPTO_ctr128_encrypt 1430 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_new 1431 1_1_0d EXIST::FUNCTION:OCSP +OCSP_BASICRESP_free 1432 1_1_0d EXIST::FUNCTION:OCSP +EVP_ENCODE_CTX_new 1433 1_1_0d EXIST::FUNCTION: +EVP_PBE_alg_add 1434 1_1_0d EXIST::FUNCTION: +EC_GROUP_new_from_ecparameters 1435 1_1_0d EXIST::FUNCTION:EC +CRYPTO_clear_free 1436 1_1_0d EXIST::FUNCTION: +X509_up_ref 1437 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_ip 1438 1_1_0d EXIST::FUNCTION: +X509v3_addr_inherits 1439 1_1_0d EXIST::FUNCTION:RFC3779 +BFIBE_extract_private_key 1440 1_1_0d EXIST::FUNCTION:BFIBE +BB1PrivateKeyBlock_new 1441 1_1_0d EXIST::FUNCTION:BB1IBE +TS_REQ_get_cert_req 1442 1_1_0d EXIST::FUNCTION:TS +OCSP_CERTID_new 1443 1_1_0d EXIST::FUNCTION:OCSP +d2i_OCSP_CERTSTATUS 1444 1_1_0d EXIST::FUNCTION:OCSP +CAST_ecb_encrypt 1445 1_1_0d EXIST::FUNCTION:CAST +SM9PublicKey_it 1446 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9PublicKey_it 1446 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +d2i_OTHERNAME 1447 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_ordering 1448 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_CTX_get_data 1449 1_1_0d EXIST::FUNCTION: +CMS_unsigned_add1_attr_by_NID 1450 1_1_0d EXIST::FUNCTION:CMS +i2d_DSA_PUBKEY_fp 1451 1_1_0d EXIST::FUNCTION:DSA,STDIO +EC_KEY_get_enc_flags 1452 1_1_0d EXIST::FUNCTION:EC +EVP_sha1 1453 1_1_0d EXIST::FUNCTION: +OCSP_single_get0_status 1454 1_1_0d EXIST::FUNCTION:OCSP +DES_cfb64_encrypt 1455 1_1_0d EXIST::FUNCTION:DES +SAF_Pkcs7_EncodeData 1456 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_free 1457 1_1_0d EXIST::FUNCTION: +d2i_X509_REVOKED 1458 1_1_0d EXIST::FUNCTION: +SM9_do_encrypt 1459 1_1_0d EXIST::FUNCTION:SM9 +CONF_set_default_method 1460 1_1_0d EXIST::FUNCTION: +d2i_ISSUING_DIST_POINT 1461 1_1_0d EXIST::FUNCTION: +GENERAL_NAMES_free 1462 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_copy 1463 1_1_0d EXIST::FUNCTION: +UI_dup_info_string 1464 1_1_0d EXIST::FUNCTION:UI +ASN1_SET_ANY_it 1465 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SET_ANY_it 1465 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509V3_EXT_get_nid 1466 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_new 1467 1_1_0d EXIST::FUNCTION: +EVP_PKEY_size 1468 1_1_0d EXIST::FUNCTION: +BIO_meth_free 1469 1_1_0d EXIST::FUNCTION: +EVP_aes_256_cbc 1470 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_set_free 1471 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get1_tls_encodedpoint 1472 1_1_0d EXIST::FUNCTION: +X509_CRL_diff 1473 1_1_0d EXIST::FUNCTION: +TS_REQ_new 1474 1_1_0d EXIST::FUNCTION:TS +X509_ATTRIBUTE_count 1475 1_1_0d EXIST::FUNCTION: +RC5_32_decrypt 1476 1_1_0d EXIST::FUNCTION:RC5 +X509_STORE_get_get_crl 1477 1_1_0d EXIST::FUNCTION: +i2d_ASN1_UTCTIME 1478 1_1_0d EXIST::FUNCTION: +X509_STORE_add_cert 1479 1_1_0d EXIST::FUNCTION: +ENGINE_set_default_RAND 1480 1_1_0d EXIST::FUNCTION:ENGINE +ERR_peek_error_line 1481 1_1_0d EXIST::FUNCTION: +ENGINE_register_pkey_meths 1482 1_1_0d EXIST::FUNCTION:ENGINE +OCSP_REQUEST_print 1483 1_1_0d EXIST::FUNCTION:OCSP +d2i_TS_MSG_IMPRINT_bio 1484 1_1_0d EXIST::FUNCTION:TS +ERR_load_EC_strings 1485 1_1_0d EXIST::FUNCTION:EC +OPENSSL_sk_unshift 1486 1_1_0d EXIST::FUNCTION: +ERR_error_string 1487 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_node_stats_bio 1488 1_1_0d EXIST::FUNCTION: +i2d_IPAddressChoice 1489 1_1_0d EXIST::FUNCTION:RFC3779 +SKF_Digest 1490 1_1_0d EXIST::FUNCTION:SKF +X509_VERIFY_PARAM_set_flags 1491 1_1_0d EXIST::FUNCTION: +PAILLIER_ciphertext_add 1492 1_1_0d EXIST::FUNCTION:PAILLIER +EVP_PKEY_meth_get_signctx 1493 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_ctrl 1494 1_1_0d EXIST::FUNCTION: +PEM_X509_INFO_write_bio 1495 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_set_ctrl 1496 1_1_0d EXIST::FUNCTION: +d2i_BFPublicParameters 1497 1_1_0d EXIST::FUNCTION:BFIBE +BN_num_bits 1498 1_1_0d EXIST::FUNCTION: +i2d_EXTENDED_KEY_USAGE 1499 1_1_0d EXIST::FUNCTION: +X509_CRL_set_version 1500 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get_attr 1501 1_1_0d EXIST::FUNCTION: +BN_BLINDING_invert_ex 1502 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_strhash 1503 1_1_0d EXIST::FUNCTION: +OCSP_id_get0_info 1504 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_CTX_get_get_issuer 1505 1_1_0d EXIST::FUNCTION: +EVP_des_ede3 1506 1_1_0d EXIST::FUNCTION:DES +CMAC_Final 1507 1_1_0d EXIST::FUNCTION:CMAC +CMS_signed_get_attr_by_OBJ 1508 1_1_0d EXIST::FUNCTION:CMS +X509_PUBKEY_get0_param 1509 1_1_0d EXIST::FUNCTION: +CMS_add1_signer 1510 1_1_0d EXIST::FUNCTION:CMS +BIO_gethostbyname 1511 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK +CRYPTO_secure_malloc 1512 1_1_0d EXIST::FUNCTION: +i2d_TS_RESP 1513 1_1_0d EXIST::FUNCTION:TS +BN_cmp 1514 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_ordering 1515 1_1_0d EXIST::FUNCTION:TS +EVP_aes_256_ocb 1516 1_1_0d EXIST::FUNCTION:OCB +PEM_write_DSAparams 1517 1_1_0d EXIST::FUNCTION:DSA,STDIO +RSA_new 1518 1_1_0d EXIST::FUNCTION:RSA +CRYPTO_ocb128_aad 1519 1_1_0d EXIST::FUNCTION:OCB +RSAPublicKey_it 1520 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSAPublicKey_it 1520 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +X509_STORE_free 1521 1_1_0d EXIST::FUNCTION: +SMIME_read_CMS 1522 1_1_0d EXIST::FUNCTION:CMS +SAF_EccSign 1523 1_1_0d EXIST::FUNCTION: +DES_decrypt3 1524 1_1_0d EXIST::FUNCTION:DES +X509_EXTENSION_free 1525 1_1_0d EXIST::FUNCTION: +BN_add_word 1526 1_1_0d EXIST::FUNCTION: +EVP_PKEY_delete_attr 1527 1_1_0d EXIST::FUNCTION: +ASN1_VISIBLESTRING_it 1528 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_VISIBLESTRING_it 1528 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_STORE_get_verify 1529 1_1_0d EXIST::FUNCTION: +ASN1_STRING_print_ex_fp 1530 1_1_0d EXIST::FUNCTION:STDIO +RSA_padding_add_PKCS1_type_1 1531 1_1_0d EXIST::FUNCTION:RSA +PROXY_CERT_INFO_EXTENSION_it 1532 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PROXY_CERT_INFO_EXTENSION_it 1532 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ENGINE_get_default_RSA 1533 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_CTX_dup 1534 1_1_0d EXIST::FUNCTION: +TS_VERIFY_CTX_add_flags 1535 1_1_0d EXIST::FUNCTION:TS +i2d_PUBKEY_bio 1536 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_get_sgd 1537 1_1_0d EXIST::FUNCTION:GMAPI +EVP_CIPHER_CTX_test_flags 1538 1_1_0d EXIST::FUNCTION: +CMAC_resume 1539 1_1_0d EXIST::FUNCTION:CMAC +SAF_SM2_DecodeSignedData 1540 1_1_0d EXIST::FUNCTION: +SDF_InternalPublicKeyOperation_RSA 1541 1_1_0d EXIST::FUNCTION: +d2i_OCSP_ONEREQ 1542 1_1_0d EXIST::FUNCTION:OCSP +X509at_get_attr_count 1543 1_1_0d EXIST::FUNCTION: +TS_CONF_set_signer_cert 1544 1_1_0d EXIST::FUNCTION:TS +EVP_MD_CTX_type 1545 1_1_0d EXIST::FUNCTION: +zuc_128eia3_final 1546 1_1_0d EXIST::FUNCTION:ZUC +ASN1_IA5STRING_free 1547 1_1_0d EXIST::FUNCTION: +X509_CRL_sign 1548 1_1_0d EXIST::FUNCTION: +ECPKPARAMETERS_new 1549 1_1_0d EXIST::FUNCTION:EC +EVP_sha512 1550 1_1_0d EXIST:!VMSVAX:FUNCTION: +ASN1_SCTX_get_app_data 1551 1_1_0d EXIST::FUNCTION: +BIO_ctrl_get_read_request 1552 1_1_0d EXIST::FUNCTION: +X509v3_addr_validate_resource_set 1553 1_1_0d EXIST::FUNCTION:RFC3779 +DSA_set_method 1554 1_1_0d EXIST::FUNCTION:DSA +ENGINE_set_DSA 1555 1_1_0d EXIST::FUNCTION:ENGINE +PEM_read_PKCS7 1556 1_1_0d EXIST::FUNCTION:STDIO +OCSP_resp_get0_signature 1557 1_1_0d EXIST::FUNCTION:OCSP +Camellia_encrypt 1558 1_1_0d EXIST::FUNCTION:CAMELLIA +X509_STORE_get_cleanup 1559 1_1_0d EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_get0_cert 1560 1_1_0d EXIST::FUNCTION:CT +PKCS12_SAFEBAG_new 1561 1_1_0d EXIST::FUNCTION: +SAF_Base64_Decode 1562 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_new_from_ECCCIPHERBLOB 1563 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,SM2 +PEM_read_ECPrivateKey 1564 1_1_0d EXIST::FUNCTION:EC,STDIO +EVP_aes_256_cfb1 1565 1_1_0d EXIST::FUNCTION: +X509_issuer_and_serial_cmp 1566 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_get_int64 1567 1_1_0d EXIST::FUNCTION: +SM9Ciphertext_it 1568 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9Ciphertext_it 1568 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +IPAddressOrRange_free 1569 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_PKEY_derive 1570 1_1_0d EXIST::FUNCTION: +PKCS7_SIGNER_INFO_sign 1571 1_1_0d EXIST::FUNCTION: +ISSUING_DIST_POINT_free 1572 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_inherit 1573 1_1_0d EXIST::FUNCTION: +X509V3_get_value_int 1574 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_trinomial_basis 1575 1_1_0d EXIST::FUNCTION:EC,EC2M +PKCS7_RECIP_INFO_get0_alg 1576 1_1_0d EXIST::FUNCTION: +PKCS12_add_CSPName_asc 1577 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_bio_stream 1578 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_signer_key 1579 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_meth_get_verify_recover 1580 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_ENVELOPE 1581 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_depth 1582 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_PAILLIER 1583 1_1_0d EXIST::FUNCTION:PAILLIER +DH_check_pub_key 1584 1_1_0d EXIST::FUNCTION:DH +i2d_PUBKEY_fp 1585 1_1_0d EXIST::FUNCTION:STDIO +i2d_DSAPrivateKey_bio 1586 1_1_0d EXIST::FUNCTION:DSA +TS_MSG_IMPRINT_free 1587 1_1_0d EXIST::FUNCTION:TS +FFX_CTX_new 1588 1_1_0d EXIST::FUNCTION: +RSA_padding_add_PKCS1_PSS_mgf1 1589 1_1_0d EXIST::FUNCTION:RSA +UI_method_get_prompt_constructor 1590 1_1_0d EXIST::FUNCTION:UI +EVP_EncryptFinal_ex 1591 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_host 1592 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_create 1593 1_1_0d EXIST::FUNCTION: +POLICY_CONSTRAINTS_free 1594 1_1_0d EXIST::FUNCTION: +SAF_HashFinal 1595 1_1_0d EXIST::FUNCTION: +i2d_TS_MSG_IMPRINT_bio 1596 1_1_0d EXIST::FUNCTION:TS +PEM_write_PKCS8PrivateKey 1597 1_1_0d EXIST::FUNCTION:STDIO +TS_ASN1_INTEGER_print_bio 1598 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_meth_set_init 1599 1_1_0d EXIST::FUNCTION: +EVP_rc2_cfb64 1600 1_1_0d EXIST::FUNCTION:RC2 +DSO_METHOD_openssl 1601 1_1_0d EXIST::FUNCTION: +SOF_GetVersion 1602 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get_cb 1603 1_1_0d EXIST::FUNCTION: +RAND_set_rand_method 1604 1_1_0d EXIST::FUNCTION: +SRP_check_known_gN_param 1605 1_1_0d EXIST::FUNCTION:SRP +BN_GFP2_sub_bn 1606 1_1_0d EXIST::FUNCTION: +i2d_ECIES_CIPHERTEXT_VALUE 1607 1_1_0d EXIST::FUNCTION:ECIES +PEM_write_RSAPrivateKey 1608 1_1_0d EXIST::FUNCTION:RSA,STDIO +DH_meth_set_bn_mod_exp 1609 1_1_0d EXIST::FUNCTION:DH +BIO_set_callback_arg 1610 1_1_0d EXIST::FUNCTION: +OCSP_REQ_CTX_free 1611 1_1_0d EXIST::FUNCTION:OCSP +o2i_SM2CiphertextValue 1612 1_1_0d EXIST::FUNCTION:SM2 +CRYPTO_gcm128_new 1613 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_add_md 1614 1_1_0d EXIST::FUNCTION:TS +RSA_get_RSArefPublicKey 1615 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +SDF_GetDeviceInfo 1616 1_1_0d EXIST::FUNCTION: +TS_REQ_to_TS_VERIFY_CTX 1617 1_1_0d EXIST::FUNCTION:TS +PKCS12_pack_authsafes 1618 1_1_0d EXIST::FUNCTION: +DSO_up_ref 1619 1_1_0d EXIST::FUNCTION: +DH_set_ex_data 1620 1_1_0d EXIST::FUNCTION:DH +UTF8_getc 1621 1_1_0d EXIST::FUNCTION: +EVP_PKEY2PKCS8 1622 1_1_0d EXIST::FUNCTION: +X509_REQ_it 1623 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REQ_it 1623 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_des_ede3_cfb8 1624 1_1_0d EXIST::FUNCTION:DES +DH_meth_get_finish 1625 1_1_0d EXIST::FUNCTION:DH +BN_exp 1626 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_create_by_NID 1627 1_1_0d EXIST::FUNCTION: +EVP_des_ofb 1628 1_1_0d EXIST::FUNCTION:DES +SOF_VerifySignedMessage 1629 1_1_0d EXIST::FUNCTION: +X509_check_ip_asc 1630 1_1_0d EXIST::FUNCTION: +OCSP_SIGNATURE_it 1631 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_SIGNATURE_it 1631 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +d2i_PROXY_POLICY 1632 1_1_0d EXIST::FUNCTION: +d2i_TS_MSG_IMPRINT 1633 1_1_0d EXIST::FUNCTION:TS +EVP_CIPHER_CTX_iv 1634 1_1_0d EXIST::FUNCTION: +X509_CINF_it 1635 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CINF_it 1635 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ERR_load_SDF_strings 1636 1_1_0d EXIST::FUNCTION:SDF +AES_bi_ige_encrypt 1637 1_1_0d EXIST::FUNCTION: +BN_GFP2_copy 1638 1_1_0d EXIST::FUNCTION: +ASN1_STRING_TABLE_cleanup 1639 1_1_0d EXIST::FUNCTION: +OPENSSL_thread_stop 1640 1_1_0d EXIST::FUNCTION: +SDF_GenerateAgreementDataAndKeyWithECC 1641 1_1_0d EXIST::FUNCTION: +CMS_unsigned_add1_attr_by_OBJ 1642 1_1_0d EXIST::FUNCTION:CMS +d2i_DSAPrivateKey_fp 1643 1_1_0d EXIST::FUNCTION:DSA,STDIO +b2i_PVK_bio 1644 1_1_0d EXIST::FUNCTION:DSA,RC4 +CAST_set_key 1645 1_1_0d EXIST::FUNCTION:CAST +EVP_CIPHER_CTX_set_flags 1646 1_1_0d EXIST::FUNCTION: +SM2_sign 1647 1_1_0d EXIST::FUNCTION:SM2 +X509v3_get_ext_count 1648 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_lock_free 1649 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_accuracy 1650 1_1_0d EXIST::FUNCTION:TS +ASN1_TIME_set 1651 1_1_0d EXIST::FUNCTION: +PEM_write_PUBKEY 1652 1_1_0d EXIST::FUNCTION:STDIO +X509_CRL_match 1653 1_1_0d EXIST::FUNCTION: +MD2_Init 1654 1_1_0d EXIST::FUNCTION:MD2 +ENGINE_get_cipher 1655 1_1_0d EXIST::FUNCTION:ENGINE +CRYPTO_cfb128_encrypt 1656 1_1_0d EXIST::FUNCTION: +SCT_new_from_base64 1657 1_1_0d EXIST::FUNCTION:CT +BIO_get_port 1658 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK +IDEA_cbc_encrypt 1659 1_1_0d EXIST::FUNCTION:IDEA +CONF_imodule_get_usr_data 1660 1_1_0d EXIST::FUNCTION: +X509_policy_level_get0_node 1661 1_1_0d EXIST::FUNCTION: +X509_STORE_load_locations 1662 1_1_0d EXIST::FUNCTION: +EC_curve_nist2nid 1663 1_1_0d EXIST::FUNCTION:EC +SOF_GetXMLSignatureInfo 1664 1_1_0d EXIST::FUNCTION: +EVP_blake2s256 1665 1_1_0d EXIST::FUNCTION:BLAKE2 +i2d_ECCSIGNATUREBLOB_fp 1666 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,STDIO +WHIRLPOOL 1667 1_1_0d EXIST::FUNCTION:WHIRLPOOL +SAF_GetCaCertificateCount 1668 1_1_0d EXIST::FUNCTION: +CMS_digest_verify 1669 1_1_0d EXIST::FUNCTION:CMS +o2i_SCT 1670 1_1_0d EXIST::FUNCTION:CT +CRYPTO_gcm128_finish 1671 1_1_0d EXIST::FUNCTION: +SDF_GetErrorString 1672 1_1_0d EXIST::FUNCTION:SDF +EVP_PKEY_meth_find 1673 1_1_0d EXIST::FUNCTION: +OCSP_REVOKEDINFO_free 1674 1_1_0d EXIST::FUNCTION:OCSP +CMS_verify 1675 1_1_0d EXIST::FUNCTION:CMS +ASN1_UTF8STRING_free 1676 1_1_0d EXIST::FUNCTION: +EVP_camellia_192_ecb 1677 1_1_0d EXIST::FUNCTION:CAMELLIA +BIO_debug_callback 1678 1_1_0d EXIST::FUNCTION: +RC5_32_ofb64_encrypt 1679 1_1_0d EXIST::FUNCTION:RC5 +OBJ_NAME_new_index 1680 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_get_get_asn1_params 1681 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_get 1682 1_1_0d EXIST::FUNCTION: +SKF_ChangePIN 1683 1_1_0d EXIST::FUNCTION:SKF +SKF_DecryptUpdate 1684 1_1_0d EXIST::FUNCTION:SKF +ASN1_sign 1685 1_1_0d EXIST::FUNCTION: +i2d_PKCS7 1686 1_1_0d EXIST::FUNCTION: +BN_rshift 1687 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_reset 1688 1_1_0d EXIST::FUNCTION: +BN_rand_range 1689 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_get 1690 1_1_0d EXIST::FUNCTION: +SOF_GetEncryptMethod 1691 1_1_0d EXIST::FUNCTION: +DSO_new 1692 1_1_0d EXIST::FUNCTION: +GENERAL_NAME_set0_othername 1693 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_it 1694 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:ECIES +ECIES_CIPHERTEXT_VALUE_it 1694 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:ECIES +BIO_lookup 1695 1_1_0d EXIST::FUNCTION:SOCK +CMS_unsigned_get_attr_by_OBJ 1696 1_1_0d EXIST::FUNCTION:CMS +TS_RESP_CTX_free 1697 1_1_0d EXIST::FUNCTION:TS +i2v_ASN1_BIT_STRING 1698 1_1_0d EXIST::FUNCTION: +OBJ_length 1699 1_1_0d EXIST::FUNCTION: +BN_GFP2_new 1700 1_1_0d EXIST::FUNCTION: +X509_STORE_get_lookup_crls 1701 1_1_0d EXIST::FUNCTION: +DSA_generate_key 1702 1_1_0d EXIST::FUNCTION:DSA +BN_GF2m_mod_arr 1703 1_1_0d EXIST::FUNCTION:EC2M +i2d_OCSP_CERTSTATUS 1704 1_1_0d EXIST::FUNCTION:OCSP +d2i_DSAPrivateKey_bio 1705 1_1_0d EXIST::FUNCTION:DSA +ENGINE_set_default_DH 1706 1_1_0d EXIST::FUNCTION:ENGINE +ERR_put_error 1707 1_1_0d EXIST::FUNCTION: +zuc_128eia3_update 1708 1_1_0d EXIST::FUNCTION:ZUC +EVP_MD_meth_get_copy 1709 1_1_0d EXIST::FUNCTION: +SHA224_Final 1710 1_1_0d EXIST::FUNCTION: +BF_decrypt 1711 1_1_0d EXIST::FUNCTION:BF +X509_VERIFY_PARAM_get_inh_flags 1712 1_1_0d EXIST::FUNCTION: +BN_MONT_CTX_set 1713 1_1_0d EXIST::FUNCTION: +EC_KEY_can_sign 1714 1_1_0d EXIST::FUNCTION:EC +CRYPTO_free 1715 1_1_0d EXIST::FUNCTION: +OCSP_RESPDATA_new 1716 1_1_0d EXIST::FUNCTION:OCSP +OPENSSL_LH_error 1717 1_1_0d EXIST::FUNCTION: +BN_mod_exp_recp 1718 1_1_0d EXIST::FUNCTION: +EDIPARTYNAME_new 1719 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_DH 1720 1_1_0d EXIST::FUNCTION:DH +ASN1_PCTX_get_oid_flags 1721 1_1_0d EXIST::FUNCTION: +X509_policy_tree_get0_policies 1722 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_new 1723 1_1_0d EXIST::FUNCTION:EC +SKF_RSAVerify 1724 1_1_0d EXIST::FUNCTION:SKF +RSA_security_bits 1725 1_1_0d EXIST::FUNCTION:RSA +TS_RESP_free 1726 1_1_0d EXIST::FUNCTION:TS +RSA_blinding_off 1727 1_1_0d EXIST::FUNCTION:RSA +BN_mod_exp2_mont 1728 1_1_0d EXIST::FUNCTION: +OTHERNAME_new 1729 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set0_param 1730 1_1_0d EXIST::FUNCTION: +d2i_ECCSignature_bio 1731 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +GENERAL_NAME_dup 1732 1_1_0d EXIST::FUNCTION: +OBJ_dup 1733 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_get_ECCCipher 1734 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SDF +a2i_ASN1_ENUMERATED 1735 1_1_0d EXIST::FUNCTION: +PEM_read_PrivateKey 1736 1_1_0d EXIST::FUNCTION:STDIO +SCT_set1_signature 1737 1_1_0d EXIST::FUNCTION:CT +TS_RESP_create_response 1738 1_1_0d EXIST::FUNCTION:TS +OPENSSL_load_builtin_modules 1739 1_1_0d EXIST::FUNCTION: +RSA_meth_set_finish 1740 1_1_0d EXIST::FUNCTION:RSA +ASN1_UTCTIME_adj 1741 1_1_0d EXIST::FUNCTION: +SAF_Base64_EncodeFinal 1742 1_1_0d EXIST::FUNCTION: +BN_set_flags 1743 1_1_0d EXIST::FUNCTION: +GmSSL_version 1744 1_1_0d EXIST::FUNCTION: +CMS_decrypt_set1_password 1745 1_1_0d EXIST::FUNCTION:CMS +X509v3_asid_add_inherit 1746 1_1_0d EXIST::FUNCTION:RFC3779 +ECParameters_print_fp 1747 1_1_0d EXIST::FUNCTION:EC,STDIO +BIO_asn1_get_suffix 1748 1_1_0d EXIST::FUNCTION: +CMAC_CTX_free 1749 1_1_0d EXIST::FUNCTION:CMAC +SAF_EnumKeyContainerInfo 1750 1_1_0d EXIST::FUNCTION: +PBEPARAM_free 1751 1_1_0d EXIST::FUNCTION: +X509_REQ_get_pubkey 1752 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_6144 1753 1_1_0d EXIST::FUNCTION: +PKCS7_sign 1754 1_1_0d EXIST::FUNCTION: +SM9_verify 1755 1_1_0d EXIST::FUNCTION:SM9 +RAND_add 1756 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_trust 1757 1_1_0d EXIST::FUNCTION: +MD4 1758 1_1_0d EXIST::FUNCTION:MD4 +X509_STORE_CTX_get_verify 1759 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_new 1760 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_num 1761 1_1_0d EXIST::FUNCTION: +PKCS12_get_attr_gen 1762 1_1_0d EXIST::FUNCTION: +RC4 1763 1_1_0d EXIST::FUNCTION:RC4 +EVP_PKEY_CTX_get_signer_id 1764 1_1_0d EXIST::FUNCTION:SM2 +RAND_bytes 1765 1_1_0d EXIST::FUNCTION: +EVP_ripemd160 1766 1_1_0d EXIST::FUNCTION:RMD160 +X509v3_addr_subset 1767 1_1_0d EXIST::FUNCTION:RFC3779 +i2d_X509_CERT_AUX 1768 1_1_0d EXIST::FUNCTION: +CMS_ReceiptRequest_it 1769 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS +CMS_ReceiptRequest_it 1769 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS +ESS_ISSUER_SERIAL_new 1770 1_1_0d EXIST::FUNCTION:TS +d2i_X509_CRL 1771 1_1_0d EXIST::FUNCTION: +ASN1_STRING_set_by_NID 1772 1_1_0d EXIST::FUNCTION: +BFCiphertextBlock_it 1773 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BFIBE +BFCiphertextBlock_it 1773 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BFIBE +OPENSSL_strnlen 1774 1_1_0d EXIST::FUNCTION: +X509V3_get_section 1775 1_1_0d EXIST::FUNCTION: +i2d_X509_PUBKEY 1776 1_1_0d EXIST::FUNCTION: +DH_meth_get0_name 1777 1_1_0d EXIST::FUNCTION:DH +d2i_DHxparams 1778 1_1_0d EXIST::FUNCTION:DH +SAF_Hash 1779 1_1_0d EXIST::FUNCTION: +UI_get0_test_string 1780 1_1_0d EXIST::FUNCTION:UI +ENGINE_set_DH 1781 1_1_0d EXIST::FUNCTION:ENGINE +BN_is_odd 1782 1_1_0d EXIST::FUNCTION: +BN_MONT_CTX_copy 1783 1_1_0d EXIST::FUNCTION: +RSA_meth_get_init 1784 1_1_0d EXIST::FUNCTION:RSA +BIO_s_connect 1785 1_1_0d EXIST::FUNCTION:SOCK +X509_STORE_set_flags 1786 1_1_0d EXIST::FUNCTION: +NCONF_new 1787 1_1_0d EXIST::FUNCTION: +i2d_ECCSignature_bio 1788 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +BN_bn2lebinpad 1789 1_1_0d EXIST::FUNCTION: +PEM_SignUpdate 1790 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_block_size 1791 1_1_0d EXIST::FUNCTION: +ASN1_str2mask 1792 1_1_0d EXIST::FUNCTION: +SAF_GetCrlFromLdap 1793 1_1_0d EXIST::FUNCTION: +BN_is_prime 1794 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 +POLICY_MAPPING_free 1795 1_1_0d EXIST::FUNCTION: +X509_get_subject_name 1796 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_get_tst_info 1797 1_1_0d EXIST::FUNCTION:TS +EC_curve_nid2nist 1798 1_1_0d EXIST::FUNCTION:EC +BN_CTX_start 1799 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get_attr_by_OBJ 1800 1_1_0d EXIST::FUNCTION: +PKCS8_pkey_add1_attr_by_NID 1801 1_1_0d EXIST::FUNCTION: +OBJ_NAME_add 1802 1_1_0d EXIST::FUNCTION: +PKCS7_ENVELOPE_it 1803 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENVELOPE_it 1803 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_UNIVERSALSTRING_to_string 1804 1_1_0d EXIST::FUNCTION: +BN_clear 1805 1_1_0d EXIST::FUNCTION: +i2d_TS_REQ_fp 1806 1_1_0d EXIST::FUNCTION:STDIO,TS +EVP_PKEY_get1_DSA 1807 1_1_0d EXIST::FUNCTION:DSA +i2d_ASN1_VISIBLESTRING 1808 1_1_0d EXIST::FUNCTION: +CMS_add1_recipient_cert 1809 1_1_0d EXIST::FUNCTION:CMS +EC_GROUP_get0_cofactor 1810 1_1_0d EXIST::FUNCTION:EC +X509_NAME_digest 1811 1_1_0d EXIST::FUNCTION: +ASN1_buf_print 1812 1_1_0d EXIST::FUNCTION: +SCT_get_timestamp 1813 1_1_0d EXIST::FUNCTION:CT +EVP_PKEY_CTX_get_ecdh_kdf_outlen 1814 1_1_0d EXIST::FUNCTION:EC +BIO_socket_nbio 1815 1_1_0d EXIST::FUNCTION:SOCK +ENGINE_get_cmd_defns 1816 1_1_0d EXIST::FUNCTION:ENGINE +OPENSSL_add_all_digests 1817 1_1_0d EXIST::FUNCTION: +SAF_SM2_EncodeSignedData 1818 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_DH 1819 1_1_0d EXIST::FUNCTION:ENGINE +CMS_signed_get_attr_by_NID 1820 1_1_0d EXIST::FUNCTION:CMS +PKCS7_cert_from_signer_info 1821 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_find 1822 1_1_0d EXIST::FUNCTION: +X509_signature_dump 1823 1_1_0d EXIST::FUNCTION: +X509_REQ_add_extensions 1824 1_1_0d EXIST::FUNCTION: +d2i_DISPLAYTEXT 1825 1_1_0d EXIST::FUNCTION: +RSA_padding_check_PKCS1_type_2 1826 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_get_method 1827 1_1_0d EXIST::FUNCTION:EC +X509_get_ext_count 1828 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get0_current_issuer 1829 1_1_0d EXIST::FUNCTION: +SKF_EncryptInit 1830 1_1_0d EXIST::FUNCTION:SKF +SDF_ExportEncPublicKey_ECC 1831 1_1_0d EXIST::FUNCTION: +PEM_read_ECPKParameters 1832 1_1_0d EXIST::FUNCTION:EC,STDIO +DH_meth_get_bn_mod_exp 1833 1_1_0d EXIST::FUNCTION:DH +EVP_aes_128_cfb8 1834 1_1_0d EXIST::FUNCTION: +i2d_AUTHORITY_KEYID 1835 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_set_compute_key 1836 1_1_0d EXIST::FUNCTION:EC +i2d_OCSP_REQINFO 1837 1_1_0d EXIST::FUNCTION:OCSP +X509_certificate_type 1838 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_pkey_asn1_meths 1839 1_1_0d EXIST::FUNCTION:ENGINE +CMS_add0_RevocationInfoChoice 1840 1_1_0d EXIST::FUNCTION:CMS +EC_POINT_method_of 1841 1_1_0d EXIST::FUNCTION:EC +X509_LOOKUP_free 1842 1_1_0d EXIST::FUNCTION: +TS_REQ_dup 1843 1_1_0d EXIST::FUNCTION:TS +RSA_meth_set1_name 1844 1_1_0d EXIST::FUNCTION:RSA +SKF_VerifyPIN 1845 1_1_0d EXIST::FUNCTION:SKF +ENGINE_get_static_state 1846 1_1_0d EXIST::FUNCTION:ENGINE +BN_with_flags 1847 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_final 1848 1_1_0d EXIST::FUNCTION: +PKCS7_SIGN_ENVELOPE_free 1849 1_1_0d EXIST::FUNCTION: +ERR_load_KDF2_strings 1850 1_1_0d EXIST::FUNCTION: +X509_ALGOR_dup 1851 1_1_0d EXIST::FUNCTION: +SDF_PrintDeviceInfo 1852 1_1_0d EXIST::FUNCTION:SDF +EVP_CIPHER_meth_set_set_asn1_params 1853 1_1_0d EXIST::FUNCTION: +ENGINE_get_digest 1854 1_1_0d EXIST::FUNCTION:ENGINE +CMS_SignerInfo_verify 1855 1_1_0d EXIST::FUNCTION:CMS +SOF_VerifySignedData 1856 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_DSA 1857 1_1_0d EXIST::FUNCTION:ENGINE +DH_bits 1858 1_1_0d EXIST::FUNCTION:DH +X509_STORE_get_ex_data 1859 1_1_0d EXIST::FUNCTION: +ENGINE_unregister_DSA 1860 1_1_0d EXIST::FUNCTION:ENGINE +UI_method_get_reader 1861 1_1_0d EXIST::FUNCTION:UI +BIO_ctrl_pending 1862 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_get_uint64 1863 1_1_0d EXIST::FUNCTION: +BN_BLINDING_convert 1864 1_1_0d EXIST::FUNCTION: +IPAddressOrRange_it 1865 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressOrRange_it 1865 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +i2d_OCSP_CRLID 1866 1_1_0d EXIST::FUNCTION:OCSP +PEM_read_bio_NETSCAPE_CERT_SEQUENCE 1867 1_1_0d EXIST::FUNCTION: +PAILLIER_generate_key 1868 1_1_0d EXIST::FUNCTION:PAILLIER +SKF_Transmit 1869 1_1_0d EXIST::FUNCTION:SKF +X509_REVOKED_get0_extensions 1870 1_1_0d EXIST::FUNCTION: +i2d_NOTICEREF 1871 1_1_0d EXIST::FUNCTION: +BB1IBE_decrypt 1872 1_1_0d EXIST::FUNCTION:BB1IBE +d2i_EC_PUBKEY_bio 1873 1_1_0d EXIST::FUNCTION:EC +SMIME_read_PKCS7 1874 1_1_0d EXIST::FUNCTION: +BN_nist_mod_256 1875 1_1_0d EXIST::FUNCTION: +CMS_ContentInfo_free 1876 1_1_0d EXIST::FUNCTION:CMS +POLICYQUALINFO_new 1877 1_1_0d EXIST::FUNCTION: +RSA_set0_factors 1878 1_1_0d EXIST::FUNCTION:RSA +BN_secure_new 1879 1_1_0d EXIST::FUNCTION: +SOF_SignMessage 1880 1_1_0d EXIST::FUNCTION: +X509_get_default_cert_dir 1881 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_keygen 1882 1_1_0d EXIST::FUNCTION: +EC_KEY_set_asn1_flag 1883 1_1_0d EXIST::FUNCTION:EC +ASN1_INTEGER_dup 1884 1_1_0d EXIST::FUNCTION: +SHA512_Transform 1885 1_1_0d EXIST:!VMSVAX:FUNCTION: +EXTENDED_KEY_USAGE_free 1886 1_1_0d EXIST::FUNCTION: +CRYPTO_free_ex_index 1887 1_1_0d EXIST::FUNCTION: +d2i_PBEPARAM 1888 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_set 1889 1_1_0d EXIST::FUNCTION: +SM2_compute_key 1890 1_1_0d EXIST::FUNCTION:SM2 +BN_gfp22bn 1891 1_1_0d EXIST::FUNCTION: +ENGINE_get_last 1892 1_1_0d EXIST::FUNCTION:ENGINE +TS_RESP_get_status_info 1893 1_1_0d EXIST::FUNCTION:TS +i2d_X509 1894 1_1_0d EXIST::FUNCTION: +HMAC_Init 1895 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +BIO_get_mem_data 1896 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_cleanup_local 1897 1_1_0d EXIST::FUNCTION: +PEM_write_bio_ECPrivateKey 1898 1_1_0d EXIST::FUNCTION:EC +d2i_ECParameters 1899 1_1_0d EXIST::FUNCTION:EC +EVP_PKEY_asn1_get0 1900 1_1_0d EXIST::FUNCTION: +PEM_read_bio_ECPKParameters 1901 1_1_0d EXIST::FUNCTION:EC +PEM_read_bio_DSAPrivateKey 1902 1_1_0d EXIST::FUNCTION:DSA +WHIRLPOOL_BitUpdate 1903 1_1_0d EXIST::FUNCTION:WHIRLPOOL +PEM_write_bio_CMS 1904 1_1_0d EXIST::FUNCTION:CMS +X509_VERIFY_PARAM_set1_policies 1905 1_1_0d EXIST::FUNCTION: +i2d_BB1PrivateKeyBlock 1906 1_1_0d EXIST::FUNCTION:BB1IBE +TS_REQ_set_version 1907 1_1_0d EXIST::FUNCTION:TS +X509_STORE_add_crl 1908 1_1_0d EXIST::FUNCTION: +d2i_ASN1_UINTEGER 1909 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_set_sign 1910 1_1_0d EXIST::FUNCTION:EC +EC_KEY_METHOD_get_encrypt 1911 1_1_0d EXIST::FUNCTION:SM2 +TS_CONF_set_tsa_name 1912 1_1_0d EXIST::FUNCTION:TS +X509_policy_tree_get0_user_policies 1913 1_1_0d EXIST::FUNCTION: +d2i_ECCCipher 1914 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +SAF_MacFinal 1915 1_1_0d EXIST::FUNCTION: +CONF_dump_bio 1916 1_1_0d EXIST::FUNCTION: +BN_mod_inverse 1917 1_1_0d EXIST::FUNCTION: +BIO_set_tcp_ndelay 1918 1_1_0d EXIST::FUNCTION:SOCK +SKF_DeleteApplication 1919 1_1_0d EXIST::FUNCTION:SKF +ECIES_PARAMS_get_kdf 1920 1_1_0d EXIST::FUNCTION:ECIES +BB1PublicParameters_free 1921 1_1_0d EXIST::FUNCTION:BB1IBE +PKCS12_parse 1922 1_1_0d EXIST::FUNCTION: +ASN1_item_digest 1923 1_1_0d EXIST::FUNCTION: +SCT_validate 1924 1_1_0d EXIST::FUNCTION:CT +SAF_RsaVerifySign 1925 1_1_0d EXIST::FUNCTION: +PAILLIER_up_ref 1926 1_1_0d EXIST::FUNCTION:PAILLIER +ASN1_IA5STRING_it 1927 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_IA5STRING_it 1927 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_GROUP_set_point_conversion_form 1928 1_1_0d EXIST::FUNCTION:EC +ASN1_TYPE_get 1929 1_1_0d EXIST::FUNCTION: +SKF_ImportECCKeyPair 1930 1_1_0d EXIST::FUNCTION:SKF +EVP_bf_cfb64 1931 1_1_0d EXIST::FUNCTION:BF +X509_CRL_print 1932 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_get_init 1933 1_1_0d EXIST::FUNCTION: +d2i_ECCSignature 1934 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +ASN1_INTEGER_set_uint64 1935 1_1_0d EXIST::FUNCTION: +i2d_X509_ATTRIBUTE 1936 1_1_0d EXIST::FUNCTION: +TS_MSG_IMPRINT_get_algo 1937 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_get0 1938 1_1_0d EXIST::FUNCTION: +ERR_load_GMAPI_strings 1939 1_1_0d EXIST::FUNCTION:GMAPI +CMS_ReceiptRequest_get0_values 1940 1_1_0d EXIST::FUNCTION:CMS +ASN1_PRINTABLE_type 1941 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_find 1942 1_1_0d EXIST::FUNCTION: +EC_POINT_add 1943 1_1_0d EXIST::FUNCTION:EC +DIRECTORYSTRING_it 1944 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIRECTORYSTRING_it 1944 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_SERVICELOC_free 1945 1_1_0d EXIST::FUNCTION:OCSP +DSA_meth_set_keygen 1946 1_1_0d EXIST::FUNCTION:DSA +ENGINE_unregister_EC 1947 1_1_0d EXIST::FUNCTION:ENGINE +i2d_CPK_PUBLIC_PARAMS 1948 1_1_0d EXIST::FUNCTION:CPK +PROXY_CERT_INFO_EXTENSION_new 1949 1_1_0d EXIST::FUNCTION: +EVP_CipherFinal 1950 1_1_0d EXIST::FUNCTION: +CMS_dataInit 1951 1_1_0d EXIST::FUNCTION:CMS +X509_CRL_print_fp 1952 1_1_0d EXIST::FUNCTION:STDIO +EVP_PKEY_new 1953 1_1_0d EXIST::FUNCTION: +PKCS5_PBE_add 1954 1_1_0d EXIST::FUNCTION: +X509V3_EXT_add 1955 1_1_0d EXIST::FUNCTION: +PEM_write_DHparams 1956 1_1_0d EXIST::FUNCTION:DH,STDIO +X509_NAME_add_entry_by_NID 1957 1_1_0d EXIST::FUNCTION: +X509_getm_notBefore 1958 1_1_0d EXIST::FUNCTION: +OBJ_nid2sn 1959 1_1_0d EXIST::FUNCTION: +SCT_LIST_validate 1960 1_1_0d EXIST::FUNCTION:CT +d2i_RSAPrivateKey_fp 1961 1_1_0d EXIST::FUNCTION:RSA,STDIO +SM2_compute_share_key 1962 1_1_0d EXIST::FUNCTION:SM2 +X509_STORE_CTX_get0_untrusted 1963 1_1_0d EXIST::FUNCTION: +DSA_do_verify 1964 1_1_0d EXIST::FUNCTION:DSA +X509_CERT_AUX_it 1965 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_AUX_it 1965 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_ASN1_BIT_STRING 1966 1_1_0d EXIST::FUNCTION: +BIO_dump_indent_cb 1967 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get_nid 1968 1_1_0d EXIST::FUNCTION: +EC_KEY_get_ECCPRIVATEKEYBLOB 1969 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +SAF_RsaVerifySignFile 1970 1_1_0d EXIST::FUNCTION: +RC5_32_encrypt 1971 1_1_0d EXIST::FUNCTION:RC5 +EVP_seed_cfb128 1972 1_1_0d EXIST::FUNCTION:SEED +BB1CiphertextBlock_it 1973 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BB1IBE +BB1CiphertextBlock_it 1973 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BB1IBE +OPENSSL_isservice 1974 1_1_0d EXIST::FUNCTION: +BN_mod_lshift_quick 1975 1_1_0d EXIST::FUNCTION: +SOF_ChangePassWd 1976 1_1_0d EXIST::FUNCTION: +SKF_ImportSessionKey 1977 1_1_0d EXIST::FUNCTION:SKF +d2i_CPK_MASTER_SECRET_bio 1978 1_1_0d EXIST::FUNCTION:CPK +EVP_idea_ecb 1979 1_1_0d EXIST::FUNCTION:IDEA +BN_bn2hex 1980 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_free 1981 1_1_0d EXIST::FUNCTION: +X509_digest 1982 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_insert 1983 1_1_0d EXIST::FUNCTION: +FpPoint_free 1984 1_1_0d EXIST::FUNCTION: +BIO_ADDR_hostname_string 1985 1_1_0d EXIST::FUNCTION:SOCK +DH_clear_flags 1986 1_1_0d EXIST::FUNCTION:DH +CRYPTO_128_wrap_pad 1987 1_1_0d EXIST::FUNCTION: +BIO_ctrl_reset_read_request 1988 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_get_compute_key 1989 1_1_0d EXIST::FUNCTION:EC +d2i_USERNOTICE 1990 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_new 1991 1_1_0d EXIST::FUNCTION: +CONF_modules_unload 1992 1_1_0d EXIST::FUNCTION: +OCSP_REQINFO_free 1993 1_1_0d EXIST::FUNCTION:OCSP +X509_CRL_add_ext 1994 1_1_0d EXIST::FUNCTION: +RSA_meth_set_init 1995 1_1_0d EXIST::FUNCTION:RSA +X509_CRL_get_REVOKED 1996 1_1_0d EXIST::FUNCTION: +OBJ_sigid_free 1997 1_1_0d EXIST::FUNCTION: +SKF_ECCSignData 1998 1_1_0d EXIST::FUNCTION:SKF +BIO_meth_set_create 1999 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get_current_cert 2000 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_get_cleanup 2001 1_1_0d EXIST::FUNCTION: +d2i_BB1CiphertextBlock 2002 1_1_0d EXIST::FUNCTION:BB1IBE +EVP_CIPHER_meth_set_cleanup 2003 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyWithEPK_RSA 2004 1_1_0d EXIST::FUNCTION: +BIO_nread0 2005 1_1_0d EXIST::FUNCTION: +EVP_aes_256_cfb8 2006 1_1_0d EXIST::FUNCTION: +i2d_PBEPARAM 2007 1_1_0d EXIST::FUNCTION: +ECDSA_SIG_new_from_ECCSignature 2008 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +OCSP_REQUEST_get_ext_by_critical 2009 1_1_0d EXIST::FUNCTION:OCSP +OCSP_REQ_CTX_new 2010 1_1_0d EXIST::FUNCTION:OCSP +EC_POINT_set_affine_coordinates_GFp 2011 1_1_0d EXIST::FUNCTION:EC +X509_NAME_dup 2012 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_DIGEST 2013 1_1_0d EXIST::FUNCTION: +RSA_meth_set_keygen 2014 1_1_0d EXIST::FUNCTION:RSA +ENGINE_get_ssl_client_cert_function 2015 1_1_0d EXIST::FUNCTION:ENGINE +TS_TST_INFO_free 2016 1_1_0d EXIST::FUNCTION:TS +DES_ede3_cfb64_encrypt 2017 1_1_0d EXIST::FUNCTION:DES +X509_EXTENSION_get_critical 2018 1_1_0d EXIST::FUNCTION: +PEM_ASN1_read_bio 2019 1_1_0d EXIST::FUNCTION: +SKF_ECCDecrypt 2020 1_1_0d EXIST::FUNCTION:SKF +d2i_X509_REQ_fp 2021 1_1_0d EXIST::FUNCTION:STDIO +SM2_KAP_compute_key 2022 1_1_0d EXIST::FUNCTION:SM2 +CRYPTO_cfb128_1_encrypt 2023 1_1_0d EXIST::FUNCTION: +PKCS7_get0_signers 2024 1_1_0d EXIST::FUNCTION: +BN_is_prime_fasttest_ex 2025 1_1_0d EXIST::FUNCTION: +EVP_aes_128_ocb 2026 1_1_0d EXIST::FUNCTION:OCB +EVP_PKEY_set1_PAILLIER 2027 1_1_0d EXIST::FUNCTION:PAILLIER +EC_POINTs_make_affine 2028 1_1_0d EXIST::FUNCTION:EC +d2i_BB1PrivateKeyBlock 2029 1_1_0d EXIST::FUNCTION:BB1IBE +CONF_modules_load 2030 1_1_0d EXIST::FUNCTION: +TS_ACCURACY_get_millis 2031 1_1_0d EXIST::FUNCTION:TS +ENGINE_set_ex_data 2032 1_1_0d EXIST::FUNCTION:ENGINE +EVP_MD_meth_set_final 2033 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_add_ext 2034 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_up_ref 2035 1_1_0d EXIST::FUNCTION: +BB1MasterSecret_it 2036 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BB1IBE +BB1MasterSecret_it 2036 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BB1IBE +EVP_PKEY_verify_recover 2037 1_1_0d EXIST::FUNCTION: +DSA_meth_get_mod_exp 2038 1_1_0d EXIST::FUNCTION:DSA +ASRange_it 2039 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASRange_it 2039 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +EVP_CIPHER_impl_ctx_size 2040 1_1_0d EXIST::FUNCTION: +X509_get_default_cert_area 2041 1_1_0d EXIST::FUNCTION: +X509_ALGOR_it 2042 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ALGOR_it 2042 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_set_proxy_pathlen 2043 1_1_0d EXIST::FUNCTION: +TS_STATUS_INFO_get0_status 2044 1_1_0d EXIST::FUNCTION:TS +EVP_CIPHER_meth_dup 2045 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_new 2046 1_1_0d EXIST::FUNCTION:ECIES +EVP_EncodeFinal 2047 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_create_cert 2048 1_1_0d EXIST::FUNCTION: +X509_NAME_get0_der 2049 1_1_0d EXIST::FUNCTION: +EVP_add_alg_module 2050 1_1_0d EXIST::FUNCTION: +RSA_sign_ASN1_OCTET_STRING 2051 1_1_0d EXIST::FUNCTION:RSA +PEM_read_X509_REQ 2052 1_1_0d EXIST::FUNCTION:STDIO +EVP_SealInit 2053 1_1_0d EXIST::FUNCTION:RSA +EVP_chacha20_poly1305 2054 1_1_0d EXIST::FUNCTION:CHACHA,POLY1305 +sm3_init 2055 1_1_0d EXIST::FUNCTION:SM3 +ASIdentifiers_free 2056 1_1_0d EXIST::FUNCTION:RFC3779 +SM9_encrypt 2057 1_1_0d EXIST::FUNCTION:SM9 +X509_check_akid 2058 1_1_0d EXIST::FUNCTION: +PKCS12_MAC_DATA_new 2059 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get_ext_count 2060 1_1_0d EXIST::FUNCTION: +X509_SIG_free 2061 1_1_0d EXIST::FUNCTION: +SRP_user_pwd_free 2062 1_1_0d EXIST::FUNCTION:SRP +SCT_set_log_entry_type 2063 1_1_0d EXIST::FUNCTION:CT +BN_mod_exp 2064 1_1_0d EXIST::FUNCTION: +PEM_proc_type 2065 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get0_parent_ctx 2066 1_1_0d EXIST::FUNCTION: +BN_MONT_CTX_free 2067 1_1_0d EXIST::FUNCTION: +d2i_X509_CRL_INFO 2068 1_1_0d EXIST::FUNCTION: +EVP_PBE_get 2069 1_1_0d EXIST::FUNCTION: +PEM_read_X509 2070 1_1_0d EXIST::FUNCTION:STDIO +d2i_OCSP_RESPDATA 2071 1_1_0d EXIST::FUNCTION:OCSP +PEM_def_callback 2072 1_1_0d EXIST::FUNCTION: +NAME_CONSTRAINTS_check 2073 1_1_0d EXIST::FUNCTION: +d2i_PKEY_USAGE_PERIOD 2074 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_get_ECCCipher 2075 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,SM2 +ERR_load_ASYNC_strings 2076 1_1_0d EXIST::FUNCTION: +CRYPTO_gcm128_setiv 2077 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_bio 2078 1_1_0d EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_check 2079 1_1_0d EXIST::FUNCTION: +CMS_ReceiptRequest_create0 2080 1_1_0d EXIST::FUNCTION:CMS +ECDSA_sign 2081 1_1_0d EXIST::FUNCTION:EC +ENGINE_register_all_complete 2082 1_1_0d EXIST::FUNCTION:ENGINE +ERR_get_error 2083 1_1_0d EXIST::FUNCTION: +BIO_s_fd 2084 1_1_0d EXIST::FUNCTION: +sms4_wrap_key 2085 1_1_0d EXIST::FUNCTION:SMS4 +X509_VERIFY_PARAM_set1 2086 1_1_0d EXIST::FUNCTION: +X509_CRL_set1_lastUpdate 2087 1_1_0d EXIST::FUNCTION: +X509v3_asid_canonize 2088 1_1_0d EXIST::FUNCTION:RFC3779 +DES_quad_cksum 2089 1_1_0d EXIST::FUNCTION:DES +PKCS5_pbe2_set 2090 1_1_0d EXIST::FUNCTION: +X509_CRL_INFO_it 2091 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CRL_INFO_it 2091 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BIO_callback_ctrl 2092 1_1_0d EXIST::FUNCTION: +SAF_SM2_EncodeEnvelopedData 2093 1_1_0d EXIST::FUNCTION: +SCT_set_signature_nid 2094 1_1_0d EXIST::FUNCTION:CT +DH_set_default_method 2095 1_1_0d EXIST::FUNCTION:DH +d2i_DSA_SIG 2096 1_1_0d EXIST::FUNCTION:DSA +RSA_set_method 2097 1_1_0d EXIST::FUNCTION:RSA +SEED_cfb128_encrypt 2098 1_1_0d EXIST::FUNCTION:SEED +SAF_AddTrustedRootCaCertificate 2099 1_1_0d EXIST::FUNCTION: +BIO_new_accept 2100 1_1_0d EXIST::FUNCTION:SOCK +PEM_write_PKCS8 2101 1_1_0d EXIST::FUNCTION:STDIO +i2d_RSA_OAEP_PARAMS 2102 1_1_0d EXIST::FUNCTION:RSA +DSA_print 2103 1_1_0d EXIST::FUNCTION:DSA +BIO_asn1_set_suffix 2104 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_new 2105 1_1_0d EXIST::FUNCTION: +i2d_ASN1_bio_stream 2106 1_1_0d EXIST::FUNCTION: +CMS_sign 2107 1_1_0d EXIST::FUNCTION:CMS +BIO_dup_chain 2108 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_key_length 2109 1_1_0d EXIST::FUNCTION: +d2i_BASIC_CONSTRAINTS 2110 1_1_0d EXIST::FUNCTION: +SKF_WriteFile 2111 1_1_0d EXIST::FUNCTION:SKF +BIO_s_accept 2112 1_1_0d EXIST::FUNCTION:SOCK +OCSP_CERTSTATUS_it 2113 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_CERTSTATUS_it 2113 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +SOF_ValidateCert 2114 1_1_0d EXIST::FUNCTION: +ENGINE_up_ref 2115 1_1_0d EXIST::FUNCTION:ENGINE +X509v3_get_ext 2116 1_1_0d EXIST::FUNCTION: +d2i_BFMasterSecret 2117 1_1_0d EXIST::FUNCTION:BFIBE +EVP_PKEY_set1_tls_encodedpoint 2118 1_1_0d EXIST::FUNCTION: +d2i_EC_PUBKEY 2119 1_1_0d EXIST::FUNCTION:EC +ERR_load_OCSP_strings 2120 1_1_0d EXIST::FUNCTION:OCSP +BIO_indent 2121 1_1_0d EXIST::FUNCTION: +i2d_EDIPARTYNAME 2122 1_1_0d EXIST::FUNCTION: +i2d_RSAPrivateKey_bio 2123 1_1_0d EXIST::FUNCTION:RSA +SKF_SetSymmKey 2124 1_1_0d EXIST::FUNCTION:SKF +X509V3_EXT_nconf_nid 2125 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_zero 2126 1_1_0d EXIST::FUNCTION: +X509_NAME_ENTRY_create_by_OBJ 2127 1_1_0d EXIST::FUNCTION: +AUTHORITY_INFO_ACCESS_it 2128 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +AUTHORITY_INFO_ACCESS_it 2128 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +Camellia_cfb8_encrypt 2129 1_1_0d EXIST::FUNCTION:CAMELLIA +OCSP_REQUEST_get1_ext_d2i 2130 1_1_0d EXIST::FUNCTION:OCSP +CERTIFICATEPOLICIES_free 2131 1_1_0d EXIST::FUNCTION: +i2d_X509_ALGORS 2132 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get_verify_cb 2133 1_1_0d EXIST::FUNCTION: +SMIME_write_ASN1 2134 1_1_0d EXIST::FUNCTION: +SKF_PrintRSAPublicKey 2135 1_1_0d EXIST::FUNCTION:SKF +EVP_sha256 2136 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_point_conversion_form 2137 1_1_0d EXIST::FUNCTION:EC +TS_MSG_IMPRINT_new 2138 1_1_0d EXIST::FUNCTION:TS +BIO_asn1_get_prefix 2139 1_1_0d EXIST::FUNCTION: +ERR_get_error_line 2140 1_1_0d EXIST::FUNCTION: +d2i_DIRECTORYSTRING 2141 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_pkey_ctx 2142 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_RECIP_INFO 2143 1_1_0d EXIST::FUNCTION: +X509_CRL_get_version 2144 1_1_0d EXIST::FUNCTION: +RSA_get0_engine 2145 1_1_0d EXIST::FUNCTION:RSA +SDF_GenerateAgreementDataWithECC 2146 1_1_0d EXIST::FUNCTION: +X509_INFO_free 2147 1_1_0d EXIST::FUNCTION: +OpenSSL_version 2148 1_1_0d EXIST::FUNCTION: +SXNET_new 2149 1_1_0d EXIST::FUNCTION: +NAME_CONSTRAINTS_it 2150 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NAME_CONSTRAINTS_it 2150 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_STORE_set_lookup_certs 2151 1_1_0d EXIST::FUNCTION: +X509V3_EXT_val_prn 2152 1_1_0d EXIST::FUNCTION: +X509_SIG_get0 2153 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get_ext 2154 1_1_0d EXIST::FUNCTION: +EC_POINT_bn2point 2155 1_1_0d EXIST::FUNCTION:EC +SM9_extract_exch_public_key 2156 1_1_0d EXIST::FUNCTION:SM9 +EVP_des_ecb 2157 1_1_0d EXIST::FUNCTION:DES +X509_CRL_it 2158 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CRL_it 2158 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SCT_set1_log_id 2159 1_1_0d EXIST::FUNCTION:CT +ENGINE_get_pkey_asn1_meth_engine 2160 1_1_0d EXIST::FUNCTION:ENGINE +UI_get0_action_string 2161 1_1_0d EXIST::FUNCTION:UI +d2i_ASRange 2162 1_1_0d EXIST::FUNCTION:RFC3779 +X509_VERIFY_PARAM_set_hostflags 2163 1_1_0d EXIST::FUNCTION: +X509_NAME_get_entry 2164 1_1_0d EXIST::FUNCTION: +EVP_PBE_scrypt 2165 1_1_0d EXIST::FUNCTION:SCRYPT +OBJ_NAME_init 2166 1_1_0d EXIST::FUNCTION: +X509V3_add_value_bool 2167 1_1_0d EXIST::FUNCTION: +X509_REQ_get_attr 2168 1_1_0d EXIST::FUNCTION: +ASN1_STRING_copy 2169 1_1_0d EXIST::FUNCTION: +X509_free 2170 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_get_request 2171 1_1_0d EXIST::FUNCTION:TS +EC_POINT_set_compressed_coordinates_GF2m 2172 1_1_0d EXIST::FUNCTION:EC,EC2M +DSA_sign_setup 2173 1_1_0d EXIST::FUNCTION:DSA +X509_ALGOR_cmp 2174 1_1_0d EXIST::FUNCTION: +i2d_PKCS8PrivateKey_fp 2175 1_1_0d EXIST::FUNCTION:STDIO +EVP_PKEY_CTX_get_signer_zid 2176 1_1_0d EXIST::FUNCTION:SM2 +d2i_PKCS7_ENVELOPE 2177 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set0_keygen_info 2178 1_1_0d EXIST::FUNCTION: +X509v3_add_ext 2179 1_1_0d EXIST::FUNCTION: +EC_KEY_new_from_ECCrefPrivateKey 2180 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +CPK_PUBLIC_PARAMS_validate_private_key 2181 1_1_0d EXIST::FUNCTION:CPK +EVP_aes_128_xts 2182 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_set 2183 1_1_0d EXIST::FUNCTION: +PEM_write_bio_EC_PUBKEY 2184 1_1_0d EXIST::FUNCTION:EC +DH_meth_set1_name 2185 1_1_0d EXIST::FUNCTION:DH +X509_pubkey_digest 2186 1_1_0d EXIST::FUNCTION: +X509_REQ_set_extension_nids 2187 1_1_0d EXIST::FUNCTION: +speck_encrypt16 2188 1_1_0d EXIST::FUNCTION:SPECK +PKCS12_get_attr 2189 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +TS_STATUS_INFO_new 2190 1_1_0d EXIST::FUNCTION:TS +X509v3_asid_validate_resource_set 2191 1_1_0d EXIST::FUNCTION:RFC3779 +PEM_X509_INFO_read 2192 1_1_0d EXIST::FUNCTION:STDIO +TS_REQ_delete_ext 2193 1_1_0d EXIST::FUNCTION:TS +GENERAL_NAME_get0_value 2194 1_1_0d EXIST::FUNCTION: +i2d_ECCSIGNATUREBLOB_bio 2195 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +SM9_do_sign 2196 1_1_0d EXIST::FUNCTION:SM9 +RSA_get_RSAPUBLICKEYBLOB 2197 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +SOF_GetPinRetryCount 2198 1_1_0d EXIST::FUNCTION: +SHA1_Transform 2199 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get0_p8inf 2200 1_1_0d EXIST::FUNCTION: +ECPARAMETERS_new 2201 1_1_0d EXIST::FUNCTION:EC +i2d_ASN1_NULL 2202 1_1_0d EXIST::FUNCTION: +ERR_load_SKF_strings 2203 1_1_0d EXIST::FUNCTION:SKF +PEM_write_RSA_PUBKEY 2204 1_1_0d EXIST::FUNCTION:RSA,STDIO +SKF_ExportCertificate 2205 1_1_0d EXIST::FUNCTION:SKF +PEM_read_DSAparams 2206 1_1_0d EXIST::FUNCTION:DSA,STDIO +OCSP_REQ_CTX_nbio_d2i 2207 1_1_0d EXIST::FUNCTION:OCSP +RSA_meth_get_finish 2208 1_1_0d EXIST::FUNCTION:RSA +X509_NAME_new 2209 1_1_0d EXIST::FUNCTION: +ASN1_SCTX_get_flags 2210 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_policy_id 2211 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_meth_set_encrypt 2212 1_1_0d EXIST::FUNCTION: +DES_string_to_2keys 2213 1_1_0d EXIST::FUNCTION:DES +BIO_set_next 2214 1_1_0d EXIST::FUNCTION: +PKCS12_MAC_DATA_it 2215 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_MAC_DATA_it 2215 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_EC_PUBKEY 2216 1_1_0d EXIST::FUNCTION:EC +SDF_ExternalEncrypt_ECC 2217 1_1_0d EXIST::FUNCTION: +X509_REQ_get_attr_by_OBJ 2218 1_1_0d EXIST::FUNCTION: +X509_CINF_free 2219 1_1_0d EXIST::FUNCTION: +PEM_read_bio_EC_PUBKEY 2220 1_1_0d EXIST::FUNCTION:EC +EVP_CIPHER_meth_set_init 2221 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get0_info 2222 1_1_0d EXIST::FUNCTION: +UI_add_user_data 2223 1_1_0d EXIST::FUNCTION:UI +BN_clear_free 2224 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_paramgen 2225 1_1_0d EXIST::FUNCTION: +TS_ACCURACY_dup 2226 1_1_0d EXIST::FUNCTION:TS +SDF_DeleteFile 2227 1_1_0d EXIST::FUNCTION: +SM9_do_verify 2228 1_1_0d EXIST::FUNCTION:SM9 +i2d_PKCS12_bio 2229 1_1_0d EXIST::FUNCTION: +BIO_dump 2230 1_1_0d EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_get_time 2231 1_1_0d EXIST::FUNCTION:CT +sm3_hmac_update 2232 1_1_0d EXIST::FUNCTION:SM3 +CRYPTO_cts128_encrypt 2233 1_1_0d EXIST::FUNCTION: +SKF_GetDevInfo 2234 1_1_0d EXIST::FUNCTION:SKF +X509_TRUST_get_flags 2235 1_1_0d EXIST::FUNCTION: +DSA_meth_get_bn_mod_exp 2236 1_1_0d EXIST::FUNCTION:DSA +ERR_add_error_data 2237 1_1_0d EXIST::FUNCTION: +OTHERNAME_free 2238 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_set_cipher_data 2239 1_1_0d EXIST::FUNCTION: +PKCS7_set_content 2240 1_1_0d EXIST::FUNCTION: +d2i_ECCSIGNATUREBLOB_fp 2241 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,STDIO +EVP_PKEY_assign_DH 2242 1_1_0d EXIST::FUNCTION:DH +BN_nist_mod_func 2243 1_1_0d EXIST::FUNCTION: +EVP_delete_cipher_alias 2244 1_1_0d EXIST::FUNCTION: +ENGINE_register_DH 2245 1_1_0d EXIST::FUNCTION:ENGINE +RC5_32_cbc_encrypt 2246 1_1_0d EXIST::FUNCTION:RC5 +BN_GENCB_get_arg 2247 1_1_0d EXIST::FUNCTION: +i2d_OCSP_SINGLERESP 2248 1_1_0d EXIST::FUNCTION:OCSP +i2d_CPK_MASTER_SECRET_bio 2249 1_1_0d EXIST::FUNCTION:CPK +a2i_GENERAL_NAME 2250 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_add_ext 2251 1_1_0d EXIST::FUNCTION:OCSP +ASN1_GENERALIZEDTIME_it 2252 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_GENERALIZEDTIME_it 2252 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_item_ex_free 2253 1_1_0d EXIST::FUNCTION: +ENGINE_get_default_DSA 2254 1_1_0d EXIST::FUNCTION:ENGINE +ISSUING_DIST_POINT_new 2255 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set_inh_flags 2256 1_1_0d EXIST::FUNCTION: +i2d_RSAPrivateKey_fp 2257 1_1_0d EXIST::FUNCTION:RSA,STDIO +EVP_VerifyUpdate 2258 1_1_0d EXIST::FUNCTION: +X509_STORE_set_get_issuer 2259 1_1_0d EXIST::FUNCTION: +ASRange_free 2260 1_1_0d EXIST::FUNCTION:RFC3779 +X509_get_default_cert_file_env 2261 1_1_0d EXIST::FUNCTION: +BIO_ADDRINFO_free 2262 1_1_0d EXIST::FUNCTION:SOCK +ECIES_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB 2263 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SKF +DES_options 2264 1_1_0d EXIST::FUNCTION:DES +X509v3_addr_get_afi 2265 1_1_0d EXIST::FUNCTION:RFC3779 +i2d_OCSP_RESPID 2266 1_1_0d EXIST::FUNCTION:OCSP +X509at_add1_attr 2267 1_1_0d EXIST::FUNCTION: +d2i_X509_AUX 2268 1_1_0d EXIST::FUNCTION: +PKCS7_set_digest 2269 1_1_0d EXIST::FUNCTION: +EVP_PKCS82PKEY 2270 1_1_0d EXIST::FUNCTION: +X509V3_conf_free 2271 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_size 2272 1_1_0d EXIST::FUNCTION:SM2 +ERR_load_DH_strings 2273 1_1_0d EXIST::FUNCTION:DH +SAF_GenerateAgreementDataWithECC 2274 1_1_0d EXIST::FUNCTION: +EVP_PKEY_set1_EC_KEY 2275 1_1_0d EXIST::FUNCTION:EC +X509_policy_node_get0_policy 2276 1_1_0d EXIST::FUNCTION: +CMS_dataFinal 2277 1_1_0d EXIST::FUNCTION:CMS +IDEA_ecb_encrypt 2278 1_1_0d EXIST::FUNCTION:IDEA +X509_VERIFY_PARAM_set1_name 2279 1_1_0d EXIST::FUNCTION: +X509V3_EXT_REQ_add_nconf 2280 1_1_0d EXIST::FUNCTION: +EC_KEY_set_method 2281 1_1_0d EXIST::FUNCTION:EC +EC_KEY_OpenSSL 2282 1_1_0d EXIST::FUNCTION:EC +EVP_bf_ecb 2283 1_1_0d EXIST::FUNCTION:BF +BN_get0_nist_prime_224 2284 1_1_0d EXIST::FUNCTION: +d2i_X509_CRL_bio 2285 1_1_0d EXIST::FUNCTION: +RAND_egd 2286 1_1_0d EXIST::FUNCTION:EGD +EVP_aes_128_cfb1 2287 1_1_0d EXIST::FUNCTION: +i2d_ASN1_TYPE 2288 1_1_0d EXIST::FUNCTION: +PEM_read_DSA_PUBKEY 2289 1_1_0d EXIST::FUNCTION:DSA,STDIO +BIO_ctrl_get_write_guarantee 2290 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyWithECC 2291 1_1_0d EXIST::FUNCTION: +ASN1_bn_print 2292 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_key_length 2293 1_1_0d EXIST::FUNCTION: +SM9_extract_sign_public_key 2294 1_1_0d EXIST::FUNCTION:SM9 +EVP_add_digest_alias 2295 1_1_0d EXIST::FUNCTION: +SAF_SM2_DecodeEnvelopedData 2296 1_1_0d EXIST::FUNCTION: +ENGINE_get_id 2297 1_1_0d EXIST::FUNCTION:ENGINE +DH_security_bits 2298 1_1_0d EXIST::FUNCTION:DH +SOF_GetServerCertificate 2299 1_1_0d EXIST::FUNCTION: +EVP_SealFinal 2300 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_asn1_set_security_bits 2301 1_1_0d EXIST::FUNCTION: +EC_KEY_get_ECCPUBLICKEYBLOB 2302 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +X509_OBJECT_get0_X509 2303 1_1_0d EXIST::FUNCTION: +EC_GROUP_dup 2304 1_1_0d EXIST::FUNCTION:EC +X509_find_by_subject 2305 1_1_0d EXIST::FUNCTION: +OBJ_NAME_cleanup 2306 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_DSA 2307 1_1_0d EXIST::FUNCTION:DSA +EVP_aes_128_cbc_hmac_sha256 2308 1_1_0d EXIST::FUNCTION: +X509_REQ_check_private_key 2309 1_1_0d EXIST::FUNCTION: +EC_GROUP_new_curve_GFp 2310 1_1_0d EXIST::FUNCTION:EC +CRYPTO_xts128_encrypt 2311 1_1_0d EXIST::FUNCTION: +ERR_load_CONF_strings 2312 1_1_0d EXIST::FUNCTION: +SHA384 2313 1_1_0d EXIST:!VMSVAX:FUNCTION: +EVP_aes_192_wrap_pad 2314 1_1_0d EXIST::FUNCTION: +SDF_CloseSession 2315 1_1_0d EXIST::FUNCTION: +X509_NAME_add_entry_by_OBJ 2316 1_1_0d EXIST::FUNCTION: +BIO_ADDRINFO_protocol 2317 1_1_0d EXIST::FUNCTION:SOCK +X509_get0_pubkey_bitstr 2318 1_1_0d EXIST::FUNCTION: +EC_KEY_set_enc_flags 2319 1_1_0d EXIST::FUNCTION:EC +SDF_PrintRSAPrivateKey 2320 1_1_0d EXIST::FUNCTION:SDF +ENGINE_get_flags 2321 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_verify_recover_init 2322 1_1_0d EXIST::FUNCTION: +RSA_get_ex_data 2323 1_1_0d EXIST::FUNCTION:RSA +TS_ACCURACY_free 2324 1_1_0d EXIST::FUNCTION:TS +d2i_PKCS7_RECIP_INFO 2325 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_new 2326 1_1_0d EXIST::FUNCTION: +ASN1_STRING_set0 2327 1_1_0d EXIST::FUNCTION: +X509_get_version 2328 1_1_0d EXIST::FUNCTION: +PEM_read_bio_X509_AUX 2329 1_1_0d EXIST::FUNCTION: +BN_BLINDING_free 2330 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_sign 2331 1_1_0d EXIST::FUNCTION: +SAF_CreateHashObj 2332 1_1_0d EXIST::FUNCTION: +d2i_NOTICEREF 2333 1_1_0d EXIST::FUNCTION: +d2i_CPK_PUBLIC_PARAMS 2334 1_1_0d EXIST::FUNCTION:CPK +i2d_BB1MasterSecret 2335 1_1_0d EXIST::FUNCTION:BB1IBE +BIO_ADDRINFO_address 2336 1_1_0d EXIST::FUNCTION:SOCK +i2d_POLICYQUALINFO 2337 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_delete_ext 2338 1_1_0d EXIST::FUNCTION:OCSP +EVP_PKEY_asn1_set_item 2339 1_1_0d EXIST::FUNCTION: +RSA_public_decrypt 2340 1_1_0d EXIST::FUNCTION:RSA +PKCS12_SAFEBAG_get0_pkcs8 2341 1_1_0d EXIST::FUNCTION: +PKCS7_add_attrib_content_type 2342 1_1_0d EXIST::FUNCTION: +d2i_ECIESParameters 2343 1_1_0d EXIST::FUNCTION:ECIES +ERR_load_PKCS7_strings 2344 1_1_0d EXIST::FUNCTION: +EVP_PKEY_print_params 2345 1_1_0d EXIST::FUNCTION: +i2d_ECCCIPHERBLOB_fp 2346 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,STDIO +X509_ATTRIBUTE_new 2347 1_1_0d EXIST::FUNCTION: +EVP_EncryptInit 2348 1_1_0d EXIST::FUNCTION: +ASN1_const_check_infinite_end 2349 1_1_0d EXIST::FUNCTION: +ERR_load_strings 2350 1_1_0d EXIST::FUNCTION: +NCONF_free_data 2351 1_1_0d EXIST::FUNCTION: +COMP_expand_block 2352 1_1_0d EXIST::FUNCTION:COMP +ASN1_BIT_STRING_check 2353 1_1_0d EXIST::FUNCTION: +X509_CRL_http_nbio 2354 1_1_0d EXIST::FUNCTION:OCSP +X509_VAL_it 2355 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_VAL_it 2355 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_PCTX_set_nm_flags 2356 1_1_0d EXIST::FUNCTION: +PKCS7_SIGNER_INFO_new 2357 1_1_0d EXIST::FUNCTION: +ASN1_BOOLEAN_it 2358 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BOOLEAN_it 2358 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_aes_256_ccm 2359 1_1_0d EXIST::FUNCTION: +DSA_meth_get_paramgen 2360 1_1_0d EXIST::FUNCTION:DSA +OPENSSL_LH_retrieve 2361 1_1_0d EXIST::FUNCTION: +PKCS12_get_friendlyname 2362 1_1_0d EXIST::FUNCTION: +SAF_VerifyCertificateByCrl 2363 1_1_0d EXIST::FUNCTION: +SEED_ofb128_encrypt 2364 1_1_0d EXIST::FUNCTION:SEED +TS_RESP_CTX_set_accuracy 2365 1_1_0d EXIST::FUNCTION:TS +SM2_KAP_prepare 2366 1_1_0d EXIST::FUNCTION:SM2 +TS_REQ_free 2367 1_1_0d EXIST::FUNCTION:TS +X509V3_EXT_nconf 2368 1_1_0d EXIST::FUNCTION: +ASN1_item_unpack 2369 1_1_0d EXIST::FUNCTION: +d2i_RSA_PSS_PARAMS 2370 1_1_0d EXIST::FUNCTION:RSA +EVP_CIPHER_CTX_set_key_length 2371 1_1_0d EXIST::FUNCTION: +EC_KEY_set_ECCrefPrivateKey 2372 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +SM2_encrypt 2373 1_1_0d EXIST::FUNCTION:SM2 +X509_CRL_get_signature_nid 2374 1_1_0d EXIST::FUNCTION: +RSA_get0_crt_params 2375 1_1_0d EXIST::FUNCTION:RSA +RC2_cfb64_encrypt 2376 1_1_0d EXIST::FUNCTION:RC2 +DSA_meth_get_verify 2377 1_1_0d EXIST::FUNCTION:DSA +SOF_GetCertInfo 2378 1_1_0d EXIST::FUNCTION: +ASIdOrRange_it 2379 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdOrRange_it 2379 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +X509_REVOKED_set_revocationDate 2380 1_1_0d EXIST::FUNCTION: +HMAC_Init_ex 2381 1_1_0d EXIST::FUNCTION: +EVP_des_ede3_cfb1 2382 1_1_0d EXIST::FUNCTION:DES +TS_CONF_load_cert 2383 1_1_0d EXIST::FUNCTION:TS +BIO_ctrl 2384 1_1_0d EXIST::FUNCTION: +BIO_number_read 2385 1_1_0d EXIST::FUNCTION: +BN_X931_generate_prime_ex 2386 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_num_items 2387 1_1_0d EXIST::FUNCTION: +OCSP_sendreq_nbio 2388 1_1_0d EXIST::FUNCTION:OCSP +SKF_Mac 2389 1_1_0d EXIST::FUNCTION:SKF +DES_set_odd_parity 2390 1_1_0d EXIST::FUNCTION:DES +TS_REQ_get_version 2391 1_1_0d EXIST::FUNCTION:TS +EVP_camellia_256_ecb 2392 1_1_0d EXIST::FUNCTION:CAMELLIA +EVP_DigestSignFinal 2393 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_get_sgd 2394 1_1_0d EXIST::FUNCTION:GMAPI +EVP_PKEY_asn1_find_str 2395 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_create_pkcs8_encrypt 2396 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_get_id 2397 1_1_0d EXIST::FUNCTION: +PKCS7_ISSUER_AND_SERIAL_free 2398 1_1_0d EXIST::FUNCTION: +BN_bn2binpad 2399 1_1_0d EXIST::FUNCTION: +DSAparams_print 2400 1_1_0d EXIST::FUNCTION:DSA +RSA_generate_key 2401 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,RSA +ESS_ISSUER_SERIAL_dup 2402 1_1_0d EXIST::FUNCTION:TS +PEM_write_ECPKParameters 2403 1_1_0d EXIST::FUNCTION:EC,STDIO +EVP_PKEY_encrypt_init 2404 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_set_app_data 2405 1_1_0d EXIST::FUNCTION: +SM2_compute_id_digest 2406 1_1_0d EXIST::FUNCTION:SM2 +CRYPTO_secure_free 2407 1_1_0d EXIST::FUNCTION: +SRP_VBASE_get_by_user 2408 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SRP +d2i_POLICYQUALINFO 2409 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kari_get0_reks 2410 1_1_0d EXIST::FUNCTION:CMS +PEM_write_bio_X509_CRL 2411 1_1_0d EXIST::FUNCTION: +i2d_X509_REQ_fp 2412 1_1_0d EXIST::FUNCTION:STDIO +BIO_new_fp 2413 1_1_0d EXIST::FUNCTION:STDIO +X509_STORE_CTX_set_verify 2414 1_1_0d EXIST::FUNCTION: +X509_policy_node_get0_qualifiers 2415 1_1_0d EXIST::FUNCTION: +EVP_aes_128_ctr 2416 1_1_0d EXIST::FUNCTION: +ASYNC_get_wait_ctx 2417 1_1_0d EXIST::FUNCTION: +X509_REQ_get_version 2418 1_1_0d EXIST::FUNCTION: +EVP_camellia_192_cfb128 2419 1_1_0d EXIST::FUNCTION:CAMELLIA +BIO_ADDR_clear 2420 1_1_0d EXIST::FUNCTION:SOCK +i2d_CERTIFICATEPOLICIES 2421 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_seed_len 2422 1_1_0d EXIST::FUNCTION:EC +EVP_aes_256_wrap 2423 1_1_0d EXIST::FUNCTION: +BN_CTX_secure_new 2424 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_serial 2425 1_1_0d EXIST::FUNCTION:TS +d2i_TS_TST_INFO_fp 2426 1_1_0d EXIST::FUNCTION:STDIO,TS +ASN1_STRING_TABLE_add 2427 1_1_0d EXIST::FUNCTION: +EC_KEY_get0_group 2428 1_1_0d EXIST::FUNCTION:EC +HMAC_CTX_get_md 2429 1_1_0d EXIST::FUNCTION: +d2i_ECCSIGNATUREBLOB_bio 2430 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +ENGINE_set_default_digests 2431 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_CTX_get_check_revocation 2432 1_1_0d EXIST::FUNCTION: +SDF_InternalSign_ECC 2433 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_mode 2434 1_1_0d EXIST::FUNCTION: +BFCiphertextBlock_new 2435 1_1_0d EXIST::FUNCTION:BFIBE +PEM_write_bio_DHxparams 2436 1_1_0d EXIST::FUNCTION:DH +SHA1_Init 2437 1_1_0d EXIST::FUNCTION: +i2d_PBE2PARAM 2438 1_1_0d EXIST::FUNCTION: +ENGINE_get_EC 2439 1_1_0d EXIST::FUNCTION:ENGINE +BB1PublicParameters_it 2440 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BB1IBE +BB1PublicParameters_it 2440 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BB1IBE +X509_REQ_get_attr_by_NID 2441 1_1_0d EXIST::FUNCTION: +SM2_do_verify 2442 1_1_0d EXIST::FUNCTION:SM2 +EVP_CIPHER_CTX_free 2443 1_1_0d EXIST::FUNCTION: +d2i_FpPoint 2444 1_1_0d EXIST::FUNCTION: +X509_REQ_get_extensions 2445 1_1_0d EXIST::FUNCTION: +BN_is_bit_set 2446 1_1_0d EXIST::FUNCTION: +ASYNC_is_capable 2447 1_1_0d EXIST::FUNCTION: +PKCS5_PBKDF2_HMAC 2448 1_1_0d EXIST::FUNCTION: +i2d_X509_VAL 2449 1_1_0d EXIST::FUNCTION: +RSA_padding_add_PKCS1_type_2 2450 1_1_0d EXIST::FUNCTION:RSA +i2d_PKCS7_ISSUER_AND_SERIAL 2451 1_1_0d EXIST::FUNCTION: +ERR_load_X509V3_strings 2452 1_1_0d EXIST::FUNCTION: +OPENSSL_uni2utf8 2453 1_1_0d EXIST::FUNCTION: +BIO_hex_string 2454 1_1_0d EXIST::FUNCTION: +RSA_OAEP_PARAMS_free 2455 1_1_0d EXIST::FUNCTION:RSA +CT_POLICY_EVAL_CTX_free 2456 1_1_0d EXIST::FUNCTION:CT +CMS_compress 2457 1_1_0d EXIST::FUNCTION:CMS +TS_REQ_set_msg_imprint 2458 1_1_0d EXIST::FUNCTION:TS +OCSP_RESPDATA_it 2459 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_RESPDATA_it 2459 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +BN_X931_generate_Xpq 2460 1_1_0d EXIST::FUNCTION: +EVP_DecodeUpdate 2461 1_1_0d EXIST::FUNCTION: +ERR_peek_last_error_line_data 2462 1_1_0d EXIST::FUNCTION: +OBJ_NAME_remove 2463 1_1_0d EXIST::FUNCTION: +EVP_PKEY_decrypt 2464 1_1_0d EXIST::FUNCTION: +RSA_set_RSArefPublicKey 2465 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +DH_test_flags 2466 1_1_0d EXIST::FUNCTION:DH +d2i_DSAparams 2467 1_1_0d EXIST::FUNCTION:DSA +SKF_OpenApplication 2468 1_1_0d EXIST::FUNCTION:SKF +RC2_cbc_encrypt 2469 1_1_0d EXIST::FUNCTION:RC2 +EVP_aes_256_ctr 2470 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_it 2471 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_SAFEBAG_it 2471 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +GENERAL_SUBTREE_it 2472 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_SUBTREE_it 2472 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_PKEY_CTX_set_app_data 2473 1_1_0d EXIST::FUNCTION: +CMS_EnvelopedData_create 2474 1_1_0d EXIST::FUNCTION:CMS +a2i_IPADDRESS_NC 2475 1_1_0d EXIST::FUNCTION: +X509_cmp 2476 1_1_0d EXIST::FUNCTION: +BN_mod_exp_mont_word 2477 1_1_0d EXIST::FUNCTION: +CPK_MAP_num_indexes 2478 1_1_0d EXIST::FUNCTION:CPK +EVP_sms4_ccm 2479 1_1_0d EXIST::FUNCTION:SMS4 +PEM_write_bio_DSAPrivateKey 2480 1_1_0d EXIST::FUNCTION:DSA +ENGINE_get_load_privkey_function 2481 1_1_0d EXIST::FUNCTION:ENGINE +CMS_set1_eContentType 2482 1_1_0d EXIST::FUNCTION:CMS +CRYPTO_atomic_add 2483 1_1_0d EXIST::FUNCTION: +BN_BLINDING_is_current_thread 2484 1_1_0d EXIST::FUNCTION: +BIO_nwrite0 2485 1_1_0d EXIST::FUNCTION: +ASN1_item_ex_new 2486 1_1_0d EXIST::FUNCTION: +ASN1_PRINTABLESTRING_it 2487 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_PRINTABLESTRING_it 2487 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSO_ctrl 2488 1_1_0d EXIST::FUNCTION: +X509_OBJECT_get_type 2489 1_1_0d EXIST::FUNCTION: +EC_KEY_set_default_sm_method 2490 1_1_0d EXIST::FUNCTION:SM2 +UI_get_result_maxsize 2491 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_CTX_set_data 2492 1_1_0d EXIST::FUNCTION: +X509_CRL_set_issuer_name 2493 1_1_0d EXIST::FUNCTION: +EC_GROUP_cmp 2494 1_1_0d EXIST::FUNCTION:EC +SKF_PrintDevInfo 2495 1_1_0d EXIST::FUNCTION:SKF +ECDSA_size 2496 1_1_0d EXIST::FUNCTION:EC +BF_cfb64_encrypt 2497 1_1_0d EXIST::FUNCTION:BF +d2i_X509_bio 2498 1_1_0d EXIST::FUNCTION: +ASIdOrRange_free 2499 1_1_0d EXIST::FUNCTION:RFC3779 +BIO_ctrl_wpending 2500 1_1_0d EXIST::FUNCTION: +X509_CRL_METHOD_new 2501 1_1_0d EXIST::FUNCTION: +SAF_EccVerifySign 2502 1_1_0d EXIST::FUNCTION: +SHA256_Final 2503 1_1_0d EXIST::FUNCTION: +SCT_LIST_print 2504 1_1_0d EXIST::FUNCTION:CT +CMS_get0_eContentType 2505 1_1_0d EXIST::FUNCTION:CMS +CRYPTO_get_ex_new_index 2506 1_1_0d EXIST::FUNCTION: +EVP_PKEY_assign_PAILLIER 2507 1_1_0d EXIST::FUNCTION:PAILLIER +SDF_PrintECCPrivateKey 2508 1_1_0d EXIST::FUNCTION:SDF +EDIPARTYNAME_free 2509 1_1_0d EXIST::FUNCTION: +BN_GENCB_set_old 2510 1_1_0d EXIST::FUNCTION: +RSA_free 2511 1_1_0d EXIST::FUNCTION:RSA +EVP_CIPHER_CTX_cipher 2512 1_1_0d EXIST::FUNCTION: +d2i_X509_EXTENSIONS 2513 1_1_0d EXIST::FUNCTION: +RSA_get0_factors 2514 1_1_0d EXIST::FUNCTION:RSA +PKCS7_add_recipient 2515 1_1_0d EXIST::FUNCTION: +X509_cmp_time 2516 1_1_0d EXIST::FUNCTION: +DH_get_1024_160 2517 1_1_0d EXIST::FUNCTION:DH +ERR_add_error_vdata 2518 1_1_0d EXIST::FUNCTION: +d2i_DIST_POINT_NAME 2519 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get0_ecdh_kdf_ukm 2520 1_1_0d EXIST::FUNCTION:EC +X509_STORE_unlock 2521 1_1_0d EXIST::FUNCTION: +d2i_OCSP_CRLID 2522 1_1_0d EXIST::FUNCTION:OCSP +OPENSSL_sk_pop 2523 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_ext_count 2524 1_1_0d EXIST::FUNCTION:TS +i2d_PUBKEY 2525 1_1_0d EXIST::FUNCTION: +X509_get_ext_by_critical 2526 1_1_0d EXIST::FUNCTION: +ERR_get_next_error_library 2527 1_1_0d EXIST::FUNCTION: +PEM_read_bio_PKCS8_PRIV_KEY_INFO 2528 1_1_0d EXIST::FUNCTION: +BIO_meth_get_create 2529 1_1_0d EXIST::FUNCTION: +CONF_imodule_get_flags 2530 1_1_0d EXIST::FUNCTION: +X509_NAME_get_text_by_NID 2531 1_1_0d EXIST::FUNCTION: +i2d_GENERAL_NAME 2532 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_set_string 2533 1_1_0d EXIST::FUNCTION: +BB1CiphertextBlock_free 2534 1_1_0d EXIST::FUNCTION:BB1IBE +PEM_write_DHxparams 2535 1_1_0d EXIST::FUNCTION:DH,STDIO +ENGINE_set_digests 2536 1_1_0d EXIST::FUNCTION:ENGINE +ENGINE_set_ciphers 2537 1_1_0d EXIST::FUNCTION:ENGINE +EC_GROUP_get0_generator 2538 1_1_0d EXIST::FUNCTION:EC +EVP_aes_128_gcm 2539 1_1_0d EXIST::FUNCTION: +i2d_ECIESParameters 2540 1_1_0d EXIST::FUNCTION:ECIES +d2i_TS_REQ 2541 1_1_0d EXIST::FUNCTION:TS +TS_VERIFY_CTS_set_certs 2542 1_1_0d EXIST::FUNCTION:TS +PKCS12_pack_p7encdata 2543 1_1_0d EXIST::FUNCTION: +ASN1_item_i2d_fp 2544 1_1_0d EXIST::FUNCTION:STDIO +X509_TRUST_get0 2545 1_1_0d EXIST::FUNCTION: +CTLOG_free 2546 1_1_0d EXIST::FUNCTION:CT +CRYPTO_gcm128_decrypt_ctr32 2547 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_verify_cb 2548 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_table 2549 1_1_0d EXIST::FUNCTION: +BIO_fd_should_retry 2550 1_1_0d EXIST::FUNCTION: +RSA_padding_check_none 2551 1_1_0d EXIST::FUNCTION:RSA +OCSP_REVOKEDINFO_new 2552 1_1_0d EXIST::FUNCTION:OCSP +BIO_set_shutdown 2553 1_1_0d EXIST::FUNCTION: +GENERAL_NAME_it 2554 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_NAME_it 2554 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BN_generate_prime 2555 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 +SOF_VerifyTimeStamp 2556 1_1_0d EXIST::FUNCTION: +X509_VAL_new 2557 1_1_0d EXIST::FUNCTION: +BIO_get_retry_reason 2558 1_1_0d EXIST::FUNCTION: +CRYPTO_cts128_encrypt_block 2559 1_1_0d EXIST::FUNCTION: +BN_mul 2560 1_1_0d EXIST::FUNCTION: +OpenSSL_version_num 2561 1_1_0d EXIST::FUNCTION: +EVP_rc4 2562 1_1_0d EXIST::FUNCTION:RC4 +SKF_ImportRSAKeyPair 2563 1_1_0d EXIST::FUNCTION:SKF +OCSP_resp_get0_produced_at 2564 1_1_0d EXIST::FUNCTION:OCSP +EC_GROUP_get_curve_name 2565 1_1_0d EXIST::FUNCTION:EC +EVP_PBE_cleanup 2566 1_1_0d EXIST::FUNCTION: +i2d_PKCS12_MAC_DATA 2567 1_1_0d EXIST::FUNCTION: +CONF_get_section 2568 1_1_0d EXIST::FUNCTION: +CMS_unsigned_get_attr_count 2569 1_1_0d EXIST::FUNCTION:CMS +UI_dup_error_string 2570 1_1_0d EXIST::FUNCTION:UI +DES_encrypt1 2571 1_1_0d EXIST::FUNCTION:DES +SKF_GetContainerTypeName 2572 1_1_0d EXIST::FUNCTION:SKF +EXTENDED_KEY_USAGE_new 2573 1_1_0d EXIST::FUNCTION: +EVP_sm3 2574 1_1_0d EXIST::FUNCTION:SM3 +d2i_X509_REQ_bio 2575 1_1_0d EXIST::FUNCTION: +SOF_GetCertInfoByOid 2576 1_1_0d EXIST::FUNCTION: +d2i_PKCS8PrivateKey_bio 2577 1_1_0d EXIST::FUNCTION: +d2i_ASN1_SET_ANY 2578 1_1_0d EXIST::FUNCTION: +SAF_VerifySignByCert 2579 1_1_0d EXIST::FUNCTION: +d2i_CMS_ReceiptRequest 2580 1_1_0d EXIST::FUNCTION:CMS +FFX_init 2581 1_1_0d EXIST::FUNCTION: +EVP_get_default_cipher 2582 1_1_0d EXIST::FUNCTION: +TS_CONF_set_signer_key 2583 1_1_0d EXIST::FUNCTION:TS +CMS_RecipientInfo_get0_pkey_ctx 2584 1_1_0d EXIST::FUNCTION:CMS +OCSP_response_status_str 2585 1_1_0d EXIST::FUNCTION:OCSP +FFX_decrypt 2586 1_1_0d EXIST::FUNCTION: +ASN1_item_free 2587 1_1_0d EXIST::FUNCTION: +BN_BLINDING_get_flags 2588 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_free 2589 1_1_0d EXIST::FUNCTION:CPK +RSA_private_decrypt 2590 1_1_0d EXIST::FUNCTION:RSA +ASN1_INTEGER_set_int64 2591 1_1_0d EXIST::FUNCTION: +TXT_DB_create_index 2592 1_1_0d EXIST::FUNCTION: +RSA_meth_get_verify 2593 1_1_0d EXIST::FUNCTION:RSA +SOF_VerifySignedDataXML 2594 1_1_0d EXIST::FUNCTION: +ASN1_T61STRING_it 2595 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_T61STRING_it 2595 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_STATUS_INFO_get0_text 2596 1_1_0d EXIST::FUNCTION:TS +EVP_MD_CTX_block_size 2597 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_deep_copy 2598 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_get_count 2599 1_1_0d EXIST::FUNCTION: +CMS_unsigned_get_attr 2600 1_1_0d EXIST::FUNCTION:CMS +i2d_PKCS7_ENC_CONTENT 2601 1_1_0d EXIST::FUNCTION: +CBIGNUM_it 2602 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CBIGNUM_it 2602 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_EncryptUpdate 2603 1_1_0d EXIST::FUNCTION: +EVP_seed_ofb 2604 1_1_0d EXIST::FUNCTION:SEED +BASIC_CONSTRAINTS_new 2605 1_1_0d EXIST::FUNCTION: +PKCS12_add_friendlyname_utf8 2606 1_1_0d EXIST::FUNCTION: +RSA_new_from_RSArefPublicKey 2607 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +OCSP_REQUEST_get_ext 2608 1_1_0d EXIST::FUNCTION:OCSP +ASYNC_WAIT_CTX_get_changed_fds 2609 1_1_0d EXIST::FUNCTION: +OTP_generate 2610 1_1_0d EXIST::FUNCTION:OTP +TS_TST_INFO_get_tsa 2611 1_1_0d EXIST::FUNCTION:TS +TS_CONF_set_signer_digest 2612 1_1_0d EXIST::FUNCTION:TS +EVP_sms4_gcm 2613 1_1_0d EXIST::FUNCTION:SMS4 +BN_GFP2_zero 2614 1_1_0d EXIST::FUNCTION: +X509_CRL_set1_nextUpdate 2615 1_1_0d EXIST::FUNCTION: +ENGINE_ctrl_cmd_string 2616 1_1_0d EXIST::FUNCTION:ENGINE +BIO_read 2617 1_1_0d EXIST::FUNCTION: +DSA_meth_get_sign 2618 1_1_0d EXIST::FUNCTION:DSA +X509_EXTENSION_get_data 2619 1_1_0d EXIST::FUNCTION: +PKCS7_RECIP_INFO_new 2620 1_1_0d EXIST::FUNCTION: +BF_cbc_encrypt 2621 1_1_0d EXIST::FUNCTION:BF +ASN1_UNIVERSALSTRING_free 2622 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_update 2623 1_1_0d EXIST::FUNCTION: +X509_get_ext 2624 1_1_0d EXIST::FUNCTION: +PKCS7_SIGNER_INFO_free 2625 1_1_0d EXIST::FUNCTION: +BN_mod_add_quick 2626 1_1_0d EXIST::FUNCTION: +PKCS5_PBE_keyivgen 2627 1_1_0d EXIST::FUNCTION: +X509_REQ_add1_attr_by_txt 2628 1_1_0d EXIST::FUNCTION: +CMAC_CTX_get0_cipher_ctx 2629 1_1_0d EXIST::FUNCTION:CMAC +EVP_MD_CTX_size 2630 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_add1_ext_i2d 2631 1_1_0d EXIST::FUNCTION:OCSP +PKEY_USAGE_PERIOD_it 2632 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKEY_USAGE_PERIOD_it 2632 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PEM_read_CMS 2633 1_1_0d EXIST::FUNCTION:CMS,STDIO +BN_GFP2_sqr 2634 1_1_0d EXIST::FUNCTION: +BB1PrivateKeyBlock_it 2635 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BB1IBE +BB1PrivateKeyBlock_it 2635 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BB1IBE +PKEY_USAGE_PERIOD_free 2636 1_1_0d EXIST::FUNCTION: +TS_VERIFY_CTX_free 2637 1_1_0d EXIST::FUNCTION:TS +OTHERNAME_it 2638 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +OTHERNAME_it 2638 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OPENSSL_issetugid 2639 1_1_0d EXIST::FUNCTION: +ASN1_item_pack 2640 1_1_0d EXIST::FUNCTION: +i2d_CMS_ReceiptRequest 2641 1_1_0d EXIST::FUNCTION:CMS +FIPS_mode_set 2642 1_1_0d EXIST::FUNCTION: +UI_method_get_closer 2643 1_1_0d EXIST::FUNCTION:UI +CRYPTO_malloc 2644 1_1_0d EXIST::FUNCTION: +EVP_aes_192_ccm 2645 1_1_0d EXIST::FUNCTION: +X509_STORE_set_get_crl 2646 1_1_0d EXIST::FUNCTION: +PKCS7_SIGNER_INFO_it 2647 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGNER_INFO_it 2647 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS7_set_type 2648 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ecdh_cofactor_mode 2649 1_1_0d EXIST::FUNCTION:EC +ASN1_TIME_check 2650 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_get_ext 2651 1_1_0d EXIST::FUNCTION:OCSP +CRYPTO_THREAD_lock_new 2652 1_1_0d EXIST::FUNCTION: +EC_POINT_cmp 2653 1_1_0d EXIST::FUNCTION:EC +PKCS1_MGF1 2654 1_1_0d EXIST::FUNCTION:RSA +X509_REQ_set_subject_name 2655 1_1_0d EXIST::FUNCTION: +UI_get0_output_string 2656 1_1_0d EXIST::FUNCTION:UI +RSA_meth_dup 2657 1_1_0d EXIST::FUNCTION:RSA +X509_NAME_print_ex 2658 1_1_0d EXIST::FUNCTION: +X509_CRL_cmp 2659 1_1_0d EXIST::FUNCTION: +i2d_DSA_PUBKEY 2660 1_1_0d EXIST::FUNCTION:DSA +BN_GF2m_mod_exp_arr 2661 1_1_0d EXIST::FUNCTION:EC2M +EC_KEY_get_flags 2662 1_1_0d EXIST::FUNCTION:EC +X509_subject_name_cmp 2663 1_1_0d EXIST::FUNCTION: +i2d_ASIdentifierChoice 2664 1_1_0d EXIST::FUNCTION:RFC3779 +OCSP_CERTID_free 2665 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_CTX_get0_current_crl 2666 1_1_0d EXIST::FUNCTION: +SRP_VBASE_free 2667 1_1_0d EXIST::FUNCTION:SRP +EVP_sms4_wrap_pad 2668 1_1_0d EXIST::FUNCTION:SMS4 +CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE 2669 1_1_0d EXIST::FUNCTION:CT +BN_GFP2_exp 2670 1_1_0d EXIST::FUNCTION: +PKCS12_AUTHSAFES_it 2671 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_AUTHSAFES_it 2671 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_REVOKED_dup 2672 1_1_0d EXIST::FUNCTION: +X509_get0_serialNumber 2673 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_ctrl 2674 1_1_0d EXIST::FUNCTION: +X509_CRL_add1_ext_i2d 2675 1_1_0d EXIST::FUNCTION: +RSAPrivateKey_it 2676 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSAPrivateKey_it 2676 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +X509_CRL_get_ext 2677 1_1_0d EXIST::FUNCTION: +BIO_dgram_sctp_notification_cb 2678 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +TS_CONF_set_policies 2679 1_1_0d EXIST::FUNCTION:TS +PKCS12_key_gen_uni 2680 1_1_0d EXIST::FUNCTION: +ASN1_item_d2i_bio 2681 1_1_0d EXIST::FUNCTION: +X509_load_crl_file 2682 1_1_0d EXIST::FUNCTION: +EVP_idea_ofb 2683 1_1_0d EXIST::FUNCTION:IDEA +EVP_SignUpdate 2684 1_1_0d EXIST::FUNCTION: +X509_REVOKED_get_ext_by_critical 2685 1_1_0d EXIST::FUNCTION: +EVP_add_cipher 2686 1_1_0d EXIST::FUNCTION: +ERR_load_BIO_strings 2687 1_1_0d EXIST::FUNCTION: +SKF_ECCVerify 2688 1_1_0d EXIST::FUNCTION:SKF +EVP_Digest 2689 1_1_0d EXIST::FUNCTION: +CMS_unsigned_add1_attr_by_txt 2690 1_1_0d EXIST::FUNCTION:CMS +X509_NAME_ENTRY_dup 2691 1_1_0d EXIST::FUNCTION: +UI_dup_verify_string 2692 1_1_0d EXIST::FUNCTION:UI +SHA384_Final 2693 1_1_0d EXIST:!VMSVAX:FUNCTION: +EVP_camellia_256_cfb1 2694 1_1_0d EXIST::FUNCTION:CAMELLIA +X509_NAME_hash_old 2695 1_1_0d EXIST::FUNCTION: +X509_get_extension_flags 2696 1_1_0d EXIST::FUNCTION: +FpPoint_it 2697 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +FpPoint_it 2697 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OPENSSL_LH_delete 2698 1_1_0d EXIST::FUNCTION: +UI_get_result_minsize 2699 1_1_0d EXIST::FUNCTION:UI +X509_OBJECT_free 2700 1_1_0d EXIST::FUNCTION: +X509_subject_name_hash 2701 1_1_0d EXIST::FUNCTION: +DH_meth_get_init 2702 1_1_0d EXIST::FUNCTION:DH +HMAC_Update 2703 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_inv 2704 1_1_0d EXIST::FUNCTION:EC2M +BF_ofb64_encrypt 2705 1_1_0d EXIST::FUNCTION:BF +CRYPTO_128_unwrap 2706 1_1_0d EXIST::FUNCTION: +d2i_OCSP_REQINFO 2707 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_get_attribute 2708 1_1_0d EXIST::FUNCTION: +CRYPTO_128_wrap 2709 1_1_0d EXIST::FUNCTION: +UI_get_method 2710 1_1_0d EXIST::FUNCTION:UI +EVP_CIPHER_flags 2711 1_1_0d EXIST::FUNCTION: +PKCS7_decrypt 2712 1_1_0d EXIST::FUNCTION: +BN_bntest_rand 2713 1_1_0d EXIST::FUNCTION: +ERR_print_errors_fp 2714 1_1_0d EXIST::FUNCTION:STDIO +X509V3_parse_list 2715 1_1_0d EXIST::FUNCTION: +EVP_PBE_alg_add_type 2716 1_1_0d EXIST::FUNCTION: +d2i_ECDSA_SIG 2717 1_1_0d EXIST::FUNCTION:EC +DSO_load 2718 1_1_0d EXIST::FUNCTION: +BIO_get_cipher_ctx 2719 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_get_ext_by_OBJ 2720 1_1_0d EXIST::FUNCTION:OCSP +ASYNC_block_pause 2721 1_1_0d EXIST::FUNCTION: +X509_REQ_set_version 2722 1_1_0d EXIST::FUNCTION: +X509_NAME_set 2723 1_1_0d EXIST::FUNCTION: +EC_POINT_get_Jprojective_coordinates_GFp 2724 1_1_0d EXIST::FUNCTION:EC +CMS_get0_SignerInfos 2725 1_1_0d EXIST::FUNCTION:CMS +OPENSSL_LH_node_stats 2726 1_1_0d EXIST::FUNCTION:STDIO +NETSCAPE_CERT_SEQUENCE_new 2727 1_1_0d EXIST::FUNCTION: +DSA_up_ref 2728 1_1_0d EXIST::FUNCTION:DSA +BIO_dump_fp 2729 1_1_0d EXIST::FUNCTION:STDIO +OCSP_ONEREQ_it 2730 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_ONEREQ_it 2730 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +i2d_X509_NAME 2731 1_1_0d EXIST::FUNCTION: +ENGINE_register_pkey_asn1_meths 2732 1_1_0d EXIST::FUNCTION:ENGINE +TS_VERIFY_CTX_set_imprint 2733 1_1_0d EXIST::FUNCTION:TS +i2d_PKCS12 2734 1_1_0d EXIST::FUNCTION: +EC_KEY_key2buf 2735 1_1_0d EXIST::FUNCTION:EC +EC_GROUP_get_mont_data 2736 1_1_0d EXIST::FUNCTION:EC +DIST_POINT_set_dpname 2737 1_1_0d EXIST::FUNCTION: +SM9_do_encrypt_ex 2738 1_1_0d EXIST::FUNCTION:SM9 +X509_STORE_set_cert_crl 2739 1_1_0d EXIST::FUNCTION: +CMS_uncompress 2740 1_1_0d EXIST::FUNCTION:CMS +BFIBE_do_decrypt 2741 1_1_0d EXIST::FUNCTION:BFIBE +i2d_TS_ACCURACY 2742 1_1_0d EXIST::FUNCTION:TS +PEM_write_bio_PKCS7 2743 1_1_0d EXIST::FUNCTION: +SM9_setup_by_pairing_name 2744 1_1_0d EXIST::FUNCTION:SM9 +X509_CRL_get0_nextUpdate 2745 1_1_0d EXIST::FUNCTION: +SOF_GetCertTrustList 2746 1_1_0d EXIST::FUNCTION: +RSA_set_RSArefPrivateKey 2747 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +X509_VERIFY_PARAM_get_flags 2748 1_1_0d EXIST::FUNCTION: +PEM_read_DHparams 2749 1_1_0d EXIST::FUNCTION:DH,STDIO +CRYPTO_mem_debug_malloc 2750 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +EVP_MD_CTX_reset 2751 1_1_0d EXIST::FUNCTION: +RC5_32_cfb64_encrypt 2752 1_1_0d EXIST::FUNCTION:RC5 +d2i_ASN1_VISIBLESTRING 2753 1_1_0d EXIST::FUNCTION: +ENGINE_get_digests 2754 1_1_0d EXIST::FUNCTION:ENGINE +BN_rand 2755 1_1_0d EXIST::FUNCTION: +CMS_set_detached 2756 1_1_0d EXIST::FUNCTION:CMS +X509_get0_trust_objects 2757 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_div_arr 2758 1_1_0d EXIST::FUNCTION:EC2M +SKF_UnlockDev 2759 1_1_0d EXIST::FUNCTION:SKF +BN_MONT_CTX_set_locked 2760 1_1_0d EXIST::FUNCTION: +PKCS7_add_attribute 2761 1_1_0d EXIST::FUNCTION: +i2d_ESS_CERT_ID 2762 1_1_0d EXIST::FUNCTION:TS +SKF_SetLabel 2763 1_1_0d EXIST::FUNCTION:SKF +GENERAL_NAMES_it 2764 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_NAMES_it 2764 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_REQ_set_cert_req 2765 1_1_0d EXIST::FUNCTION:TS +EVP_camellia_256_cbc 2766 1_1_0d EXIST::FUNCTION:CAMELLIA +RSA_verify_PKCS1_PSS_mgf1 2767 1_1_0d EXIST::FUNCTION:RSA +ASN1_TIME_to_generalizedtime 2768 1_1_0d EXIST::FUNCTION: +ASN1_STRING_data 2769 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +BUF_MEM_free 2770 1_1_0d EXIST::FUNCTION: +X509_get1_email 2771 1_1_0d EXIST::FUNCTION: +X509_NAME_get_index_by_NID 2772 1_1_0d EXIST::FUNCTION: +d2i_CMS_ContentInfo 2773 1_1_0d EXIST::FUNCTION:CMS +ASN1_item_i2d_bio 2774 1_1_0d EXIST::FUNCTION: +COMP_CTX_new 2775 1_1_0d EXIST::FUNCTION:COMP +EC_POINT_set_to_infinity 2776 1_1_0d EXIST::FUNCTION:EC +i2d_X509_bio 2777 1_1_0d EXIST::FUNCTION: +BB1CiphertextBlock_new 2778 1_1_0d EXIST::FUNCTION:BB1IBE +BN_mod_mul_reciprocal 2779 1_1_0d EXIST::FUNCTION: +NETSCAPE_SPKAC_new 2780 1_1_0d EXIST::FUNCTION: +i2d_X509_EXTENSIONS 2781 1_1_0d EXIST::FUNCTION: +PKCS7_DIGEST_free 2782 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_delete_ext 2783 1_1_0d EXIST::FUNCTION:OCSP +X509_EXTENSION_create_by_NID 2784 1_1_0d EXIST::FUNCTION: +EVP_PKEY_derive_init 2785 1_1_0d EXIST::FUNCTION: +PKCS7_ENCRYPT_new 2786 1_1_0d EXIST::FUNCTION: +i2d_ASN1_PRINTABLESTRING 2787 1_1_0d EXIST::FUNCTION: +EVP_get_digestbyobj 2788 1_1_0d EXIST::FUNCTION: +i2d_ASN1_T61STRING 2789 1_1_0d EXIST::FUNCTION: +BN_RECP_CTX_new 2790 1_1_0d EXIST::FUNCTION: ENGINE_unregister_pkey_asn1_meths 2791 1_1_0d EXIST::FUNCTION:ENGINE -EVP_PKEY_asn1_copy 2792 1_1_0d EXIST::FUNCTION: -DH_meth_get0_app_data 2793 1_1_0d EXIST::FUNCTION:DH -X509_set1_notBefore 2794 1_1_0d EXIST::FUNCTION: -BFIBE_encrypt 2795 1_1_0d EXIST::FUNCTION: -ASN1_GENERALIZEDTIME_set 2796 1_1_0d EXIST::FUNCTION: -ERR_load_X509_strings 2797 1_1_0d EXIST::FUNCTION: -o2i_SCT 2798 1_1_0d EXIST::FUNCTION:CT -BN_mod_exp_simple 2799 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_new 2800 1_1_0d EXIST::FUNCTION: -BN_add_word 2801 1_1_0d EXIST::FUNCTION: -BIO_new_bio_pair 2802 1_1_0d EXIST::FUNCTION: -BN_is_bit_set 2803 1_1_0d EXIST::FUNCTION: -EVP_camellia_128_ofb 2804 1_1_0d EXIST::FUNCTION:CAMELLIA -PAILLIER_up_ref 2805 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get0_p8inf 2806 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get1_DSA 2807 1_1_0d EXIST::FUNCTION:DSA -DES_string_to_key 2808 1_1_0d EXIST::FUNCTION:DES -CPK_PUBLIC_PARAMS_print 2809 1_1_0d EXIST::FUNCTION: -i2d_X509_CRL_bio 2810 1_1_0d EXIST::FUNCTION: -SOF_ChangePassWd 2811 1_1_0d EXIST::FUNCTION: -MD5_Update 2812 1_1_0d EXIST::FUNCTION:MD5 -SAF_Base64_DecodeFinal 2813 1_1_0d EXIST::FUNCTION: -d2i_ASN1_OCTET_STRING 2814 1_1_0d EXIST::FUNCTION: -SAF_GetRsaPublicKey 2815 1_1_0d EXIST::FUNCTION: -X509v3_get_ext_by_OBJ 2816 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_free 2817 1_1_0d EXIST::FUNCTION:OCSP -SAF_GetEccPublicKey 2818 1_1_0d EXIST::FUNCTION: -ASN1_GENERALSTRING_it 2819 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_GENERALSTRING_it 2819 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BIO_new_connect 2820 1_1_0d EXIST::FUNCTION:SOCK -PEM_read_bio_DSA_PUBKEY 2821 1_1_0d EXIST::FUNCTION:DSA -EC_KEY_set_public_key_affine_coordinates 2822 1_1_0d EXIST::FUNCTION:EC -ASN1_TYPE_set_octetstring 2823 1_1_0d EXIST::FUNCTION: -d2i_OCSP_SERVICELOC 2824 1_1_0d EXIST::FUNCTION:OCSP -i2o_SCT 2825 1_1_0d EXIST::FUNCTION:CT -PEM_write_bio_DSAparams 2826 1_1_0d EXIST::FUNCTION:DSA -ASN1_UTCTIME_new 2827 1_1_0d EXIST::FUNCTION: -OCSP_resp_find_status 2828 1_1_0d EXIST::FUNCTION:OCSP -DSA_verify 2829 1_1_0d EXIST::FUNCTION:DSA -X509_LOOKUP_by_issuer_serial 2830 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_doall 2831 1_1_0d EXIST::FUNCTION: -SKF_VerifyPIN 2832 1_1_0d EXIST::FUNCTION: -X509_check_issued 2833 1_1_0d EXIST::FUNCTION: -BN_GFP2_new 2834 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_by_curve_name 2835 1_1_0d EXIST::FUNCTION:EC -SM2_verify 2836 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_print_bio 2837 1_1_0d EXIST::FUNCTION:TS -TS_RESP_new 2838 1_1_0d EXIST::FUNCTION:TS -DSO_get_filename 2839 1_1_0d EXIST::FUNCTION: -d2i_X509_REVOKED 2840 1_1_0d EXIST::FUNCTION: -d2i_IPAddressChoice 2841 1_1_0d EXIST::FUNCTION:RFC3779 -EC_GROUP_copy 2842 1_1_0d EXIST::FUNCTION:EC -EC_GROUP_get_point_conversion_form 2843 1_1_0d EXIST::FUNCTION:EC -CMS_RecipientInfo_decrypt 2844 1_1_0d EXIST::FUNCTION:CMS -X509_EXTENSION_set_critical 2845 1_1_0d EXIST::FUNCTION: -SCT_LIST_free 2846 1_1_0d EXIST::FUNCTION:CT -EVP_PKEY_CTX_set_cb 2847 1_1_0d EXIST::FUNCTION: -SOF_GetDeviceInfo 2848 1_1_0d EXIST::FUNCTION: -ACCESS_DESCRIPTION_free 2849 1_1_0d EXIST::FUNCTION: -CRYPTO_strdup 2850 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_ISSUER_AND_SERIAL 2851 1_1_0d EXIST::FUNCTION: -i2d_PBE2PARAM 2852 1_1_0d EXIST::FUNCTION: -ASN1_ENUMERATED_set_int64 2853 1_1_0d EXIST::FUNCTION: -i2d_TS_RESP_fp 2854 1_1_0d EXIST::FUNCTION:STDIO,TS -ERR_load_SM2_strings 2855 1_1_0d EXIST::FUNCTION: -X509V3_EXT_val_prn 2856 1_1_0d EXIST::FUNCTION: -EC_POINT_free 2857 1_1_0d EXIST::FUNCTION:EC -EVP_CIPHER_nid 2858 1_1_0d EXIST::FUNCTION: -DHparams_it 2859 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DH -DHparams_it 2859 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DH -sms4_ecb_encrypt 2860 1_1_0d EXIST::FUNCTION: -EVP_sms4_wrap 2861 1_1_0d EXIST::FUNCTION:SMS4 -EVP_PKEY_asn1_find 2862 1_1_0d EXIST::FUNCTION: -DSA_meth_get_paramgen 2863 1_1_0d EXIST::FUNCTION:DSA -PKCS12_SAFEBAG_get0_type 2864 1_1_0d EXIST::FUNCTION: -OBJ_NAME_do_all 2865 1_1_0d EXIST::FUNCTION: -BIO_asn1_get_suffix 2866 1_1_0d EXIST::FUNCTION: -PEM_ASN1_write_bio 2867 1_1_0d EXIST::FUNCTION: -ISSUING_DIST_POINT_new 2868 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_init 2869 1_1_0d EXIST::FUNCTION: -EVP_des_ede_cfb64 2870 1_1_0d EXIST::FUNCTION:DES -SAF_VerifySignByCert 2871 1_1_0d EXIST::FUNCTION: -SAF_GetErrorString 2872 1_1_0d EXIST::FUNCTION: -PKCS7_add_recipient_info 2873 1_1_0d EXIST::FUNCTION: -BIO_accept_ex 2874 1_1_0d EXIST::FUNCTION:SOCK -CRYPTO_ccm128_decrypt_ccm64 2875 1_1_0d EXIST::FUNCTION: -DH_meth_get_generate_key 2876 1_1_0d EXIST::FUNCTION:DH -X509_REVOKED_get_ext 2877 1_1_0d EXIST::FUNCTION: -SCT_get_version 2878 1_1_0d EXIST::FUNCTION:CT -EC_KEY_METHOD_get_compute_key 2879 1_1_0d EXIST::FUNCTION:EC -TS_CONF_set_default_engine 2880 1_1_0d EXIST::FUNCTION:ENGINE,TS -ERR_load_BIO_strings 2881 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_num_untrusted 2882 1_1_0d EXIST::FUNCTION: -ASN1_STRING_clear_free 2883 1_1_0d EXIST::FUNCTION: -d2i_RSAPublicKey_fp 2884 1_1_0d EXIST::FUNCTION:RSA,STDIO -RSA_meth_get_priv_dec 2885 1_1_0d EXIST::FUNCTION:RSA -EVP_seed_ofb 2886 1_1_0d EXIST::FUNCTION:SEED -DES_cfb64_encrypt 2887 1_1_0d EXIST::FUNCTION:DES -BIO_f_buffer 2888 1_1_0d EXIST::FUNCTION: -CRYPTO_mem_debug_pop 2889 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -d2i_ESS_ISSUER_SERIAL 2890 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_meth_set_encrypt 2891 1_1_0d EXIST::FUNCTION: -SDF_GenerateAgreementDataWithECC 2892 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_div_arr 2893 1_1_0d EXIST::FUNCTION:EC2M -CRYPTO_clear_free 2894 1_1_0d EXIST::FUNCTION: -RSA_meth_set_keygen 2895 1_1_0d EXIST::FUNCTION:RSA -EC_POINT_is_on_curve 2896 1_1_0d EXIST::FUNCTION:EC -a2i_ASN1_INTEGER 2897 1_1_0d EXIST::FUNCTION: -BIO_meth_set_gets 2898 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_copy_ex 2899 1_1_0d EXIST::FUNCTION: -DES_set_key_unchecked 2900 1_1_0d EXIST::FUNCTION:DES -X509_VERIFY_PARAM_set1_name 2901 1_1_0d EXIST::FUNCTION: -ASN1_object_size 2902 1_1_0d EXIST::FUNCTION: -BIO_f_cipher 2903 1_1_0d EXIST::FUNCTION: -EVP_ripemd160 2904 1_1_0d EXIST::FUNCTION:RMD160 -DH_check_params 2905 1_1_0d EXIST::FUNCTION:DH -ENGINE_add_conf_module 2906 1_1_0d EXIST::FUNCTION:ENGINE -X509_CRL_get0_lastUpdate 2907 1_1_0d EXIST::FUNCTION: -RSA_test_flags 2908 1_1_0d EXIST::FUNCTION:RSA -ENGINE_register_RAND 2909 1_1_0d EXIST::FUNCTION:ENGINE -RAND_get_rand_method 2910 1_1_0d EXIST::FUNCTION: -PEM_write_bio_CMS_stream 2911 1_1_0d EXIST::FUNCTION:CMS -OBJ_NAME_add 2912 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_new 2913 1_1_0d EXIST::FUNCTION: -i2d_ESS_CERT_ID 2914 1_1_0d EXIST::FUNCTION:TS -BIO_free 2915 1_1_0d EXIST::FUNCTION: -X509_ALGOR_set_md 2916 1_1_0d EXIST::FUNCTION: -i2d_SM9MasterSecret 2917 1_1_0d EXIST::FUNCTION: -RSA_get_RSArefPrivateKey 2918 1_1_0d EXIST::FUNCTION: -BIO_fd_non_fatal_error 2919 1_1_0d EXIST::FUNCTION: -BN_get_flags 2920 1_1_0d EXIST::FUNCTION: -UI_dup_input_boolean 2921 1_1_0d EXIST::FUNCTION:UI -X509_VAL_free 2922 1_1_0d EXIST::FUNCTION: -EC_GROUP_set_curve_GFp 2923 1_1_0d EXIST::FUNCTION:EC -OCSP_resp_get0 2924 1_1_0d EXIST::FUNCTION:OCSP -TS_RESP_CTX_new 2925 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_set1_EC_KEY 2926 1_1_0d EXIST::FUNCTION:EC -SAF_Base64_DecodeUpdate 2927 1_1_0d EXIST::FUNCTION: -PEM_read_PKCS8 2928 1_1_0d EXIST::FUNCTION:STDIO -BN_X931_generate_prime_ex 2929 1_1_0d EXIST::FUNCTION: -DH_meth_set0_app_data 2930 1_1_0d EXIST::FUNCTION:DH -CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE 2931 1_1_0d EXIST::FUNCTION:CT -IDEA_cfb64_encrypt 2932 1_1_0d EXIST::FUNCTION:IDEA -EVP_camellia_256_cfb8 2933 1_1_0d EXIST::FUNCTION:CAMELLIA -X509_REQ_get_extensions 2934 1_1_0d EXIST::FUNCTION: -EC_KEY_set_ECCrefPublicKey 2935 1_1_0d EXIST::FUNCTION: -SRP_check_known_gN_param 2936 1_1_0d EXIST::FUNCTION:SRP -RSA_meth_set0_app_data 2937 1_1_0d EXIST::FUNCTION:RSA -FpPoint_new 2938 1_1_0d EXIST::FUNCTION: -BN_GFP2_sqr 2939 1_1_0d EXIST::FUNCTION: -i2d_DHxparams 2940 1_1_0d EXIST::FUNCTION:DH -X509_NAME_oneline 2941 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_encrypt 2942 1_1_0d EXIST::FUNCTION:CMS -SKF_MacUpdate 2943 1_1_0d EXIST::FUNCTION: -X509V3_get_d2i 2944 1_1_0d EXIST::FUNCTION: -CMS_add1_ReceiptRequest 2945 1_1_0d EXIST::FUNCTION:CMS -SKF_ExtRSAPubKeyOperation 2946 1_1_0d EXIST::FUNCTION: -CRYPTO_ccm128_decrypt 2947 1_1_0d EXIST::FUNCTION: -i2d_PrivateKey_bio 2948 1_1_0d EXIST::FUNCTION: -DISPLAYTEXT_it 2949 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -DISPLAYTEXT_it 2949 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CRYPTO_ocb128_aad 2950 1_1_0d EXIST::FUNCTION:OCB -i2d_ECDSA_SIG 2951 1_1_0d EXIST::FUNCTION:EC -i2d_CMS_bio_stream 2952 1_1_0d EXIST::FUNCTION:CMS -SOF_SignDataXML 2953 1_1_0d EXIST::FUNCTION: -AES_unwrap_key 2954 1_1_0d EXIST::FUNCTION: -EC_KEY_METHOD_get_init 2955 1_1_0d EXIST::FUNCTION:EC -WHIRLPOOL_Final 2956 1_1_0d EXIST::FUNCTION:WHIRLPOOL -GMAPI_sgd2ciphernid 2957 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_set_free 2958 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_get0_info 2959 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_2048 2960 1_1_0d EXIST::FUNCTION: -ENGINE_unregister_RSA 2961 1_1_0d EXIST::FUNCTION:ENGINE -BN_dup 2962 1_1_0d EXIST::FUNCTION: -X509v3_asid_subset 2963 1_1_0d EXIST::FUNCTION:RFC3779 -SKF_PrintECCPrivateKey 2964 1_1_0d EXIST::FUNCTION: -PKCS7_stream 2965 1_1_0d EXIST::FUNCTION: -d2i_DSAPrivateKey_bio 2966 1_1_0d EXIST::FUNCTION:DSA -BN_GFP2_set_bn 2967 1_1_0d EXIST::FUNCTION: -ERR_get_next_error_library 2968 1_1_0d EXIST::FUNCTION: -BN_bn2bin 2969 1_1_0d EXIST::FUNCTION: -ASN1_ANY_it 2970 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_ANY_it 2970 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_RSASignData 2971 1_1_0d EXIST::FUNCTION: -CMS_add0_cert 2972 1_1_0d EXIST::FUNCTION:CMS -RSA_meth_set_sign 2973 1_1_0d EXIST::FUNCTION:RSA -BIO_ADDRINFO_free 2974 1_1_0d EXIST::FUNCTION:SOCK -DIST_POINT_new 2975 1_1_0d EXIST::FUNCTION: -ASN1_item_verify 2976 1_1_0d EXIST::FUNCTION: -X509_policy_tree_get0_user_policies 2977 1_1_0d EXIST::FUNCTION: -X509V3_EXT_get 2978 1_1_0d EXIST::FUNCTION: -PKCS7_get_issuer_and_serial 2979 1_1_0d EXIST::FUNCTION: -DSA_meth_get_bn_mod_exp 2980 1_1_0d EXIST::FUNCTION:DSA -i2d_X509_REQ 2981 1_1_0d EXIST::FUNCTION: -X509_CRL_get_ext 2982 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_new_null 2983 1_1_0d EXIST::FUNCTION: -RSA_new 2984 1_1_0d EXIST::FUNCTION:RSA -BFPublicParameters_it 2985 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BFPublicParameters_it 2985 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DH_meth_new 2986 1_1_0d EXIST::FUNCTION:DH -BIO_closesocket 2987 1_1_0d EXIST::FUNCTION:SOCK -AES_ige_encrypt 2988 1_1_0d EXIST::FUNCTION: -X509_SIG_it 2989 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_SIG_it 2989 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -RSA_padding_add_PKCS1_type_2 2990 1_1_0d EXIST::FUNCTION:RSA -X509_STORE_CTX_get0_current_issuer 2991 1_1_0d EXIST::FUNCTION: -PEM_do_header 2992 1_1_0d EXIST::FUNCTION: -SAF_Base64_EncodeUpdate 2993 1_1_0d EXIST::FUNCTION: -OBJ_create_objects 2994 1_1_0d EXIST::FUNCTION: -BN_is_solinas 2995 1_1_0d EXIST::FUNCTION: -d2i_DSAparams 2996 1_1_0d EXIST::FUNCTION:DSA -SAF_Base64_Encode 2997 1_1_0d EXIST::FUNCTION: -BIO_f_reliable 2998 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_set_param 2999 1_1_0d EXIST::FUNCTION: -DSA_meth_get0_name 3000 1_1_0d EXIST::FUNCTION:DSA -BN_GF2m_mod_mul_arr 3001 1_1_0d EXIST::FUNCTION:EC2M -RC5_32_cfb64_encrypt 3002 1_1_0d EXIST::FUNCTION:RC5 -DSO_convert_filename 3003 1_1_0d EXIST::FUNCTION: -DES_key_sched 3004 1_1_0d EXIST::FUNCTION:DES -EVP_VerifyFinal 3005 1_1_0d EXIST::FUNCTION: -BN_RECP_CTX_set 3006 1_1_0d EXIST::FUNCTION: -IPAddressRange_free 3007 1_1_0d EXIST::FUNCTION:RFC3779 -DES_ofb64_encrypt 3008 1_1_0d EXIST::FUNCTION:DES -SKF_EncryptFinal 3009 1_1_0d EXIST::FUNCTION: -SKF_MacFinal 3010 1_1_0d EXIST::FUNCTION: -BIO_new_dgram 3011 1_1_0d EXIST::FUNCTION:DGRAM -DH_meth_set_finish 3012 1_1_0d EXIST::FUNCTION:DH -ASN1_UTCTIME_check 3013 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_purpose_inherit 3014 1_1_0d EXIST::FUNCTION: -X509V3_EXT_cleanup 3015 1_1_0d EXIST::FUNCTION: -sms4_wrap_key 3016 1_1_0d EXIST::FUNCTION: -EVP_Digest 3017 1_1_0d EXIST::FUNCTION: -EVP_sha256 3018 1_1_0d EXIST::FUNCTION: -SOF_SignMessageDetach 3019 1_1_0d EXIST::FUNCTION: -SDF_ExportSignPublicKey_ECC 3020 1_1_0d EXIST::FUNCTION: -RC5_32_decrypt 3021 1_1_0d EXIST::FUNCTION:RC5 -SKF_CancelWaitForDevEvent 3022 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_lookup_certs 3023 1_1_0d EXIST::FUNCTION: -DES_set_key_checked 3024 1_1_0d EXIST::FUNCTION:DES -CONF_set_default_method 3025 1_1_0d EXIST::FUNCTION: -BN_rand 3026 1_1_0d EXIST::FUNCTION: -HMAC_size 3027 1_1_0d EXIST::FUNCTION: -SRP_VBASE_free 3028 1_1_0d EXIST::FUNCTION:SRP -i2d_AUTHORITY_INFO_ACCESS 3029 1_1_0d EXIST::FUNCTION: -EC_GROUP_is_type1curve 3030 1_1_0d EXIST::FUNCTION: -sms4_set_decrypt_key 3031 1_1_0d EXIST::FUNCTION: -EVP_aes_256_cfb1 3032 1_1_0d EXIST::FUNCTION: -i2v_GENERAL_NAMES 3033 1_1_0d EXIST::FUNCTION: -i2d_PublicKey 3034 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_str2ctrl 3035 1_1_0d EXIST::FUNCTION: -OCSP_RESPID_new 3036 1_1_0d EXIST::FUNCTION:OCSP -X509_NAME_it 3037 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_NAME_it 3037 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PBKDF2PARAM_free 3038 1_1_0d EXIST::FUNCTION: -EVP_rc2_cbc 3039 1_1_0d EXIST::FUNCTION:RC2 -DSA_print_fp 3040 1_1_0d EXIST::FUNCTION:DSA,STDIO -BIO_meth_get_puts 3041 1_1_0d EXIST::FUNCTION: -CMS_get0_SignerInfos 3042 1_1_0d EXIST::FUNCTION:CMS -CONF_parse_list 3043 1_1_0d EXIST::FUNCTION: -SHA1_Update 3044 1_1_0d EXIST::FUNCTION: -OPENSSL_hexstr2buf 3045 1_1_0d EXIST::FUNCTION: -DSA_meth_set1_name 3046 1_1_0d EXIST::FUNCTION:DSA -ASN1_INTEGER_it 3047 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_INTEGER_it 3047 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_GROUP_set_curve_GF2m 3048 1_1_0d EXIST::FUNCTION:EC,EC2M -X509_REQ_add1_attr_by_OBJ 3049 1_1_0d EXIST::FUNCTION: -SAF_CreateSymmKeyObj 3050 1_1_0d EXIST::FUNCTION: -HMAC_CTX_copy 3051 1_1_0d EXIST::FUNCTION: -i2d_CMS_bio 3052 1_1_0d EXIST::FUNCTION:CMS -BF_ecb_encrypt 3053 1_1_0d EXIST::FUNCTION:BF -SAF_GenerateKeyWithEPK 3054 1_1_0d EXIST::FUNCTION: -EVP_sms4_cfb128 3055 1_1_0d EXIST::FUNCTION:SMS4 -SDF_GenerateRandom 3056 1_1_0d EXIST::FUNCTION: -HMAC 3057 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_RSA 3058 1_1_0d EXIST::FUNCTION:RSA -SCT_get_source 3059 1_1_0d EXIST::FUNCTION:CT -X509_policy_node_get0_policy 3060 1_1_0d EXIST::FUNCTION: -BN_gcd 3061 1_1_0d EXIST::FUNCTION: -X509V3_EXT_add_alias 3062 1_1_0d EXIST::FUNCTION: -SCT_free 3063 1_1_0d EXIST::FUNCTION:CT -X509_NAME_ENTRY_create_by_OBJ 3064 1_1_0d EXIST::FUNCTION: -RSA_meth_get_bn_mod_exp 3065 1_1_0d EXIST::FUNCTION:RSA -OCSP_RESPID_match 3066 1_1_0d EXIST::FUNCTION:OCSP -BIO_ADDR_clear 3067 1_1_0d EXIST::FUNCTION:SOCK -ASN1_IA5STRING_free 3068 1_1_0d EXIST::FUNCTION: -X509_EXTENSION_create_by_OBJ 3069 1_1_0d EXIST::FUNCTION: -d2i_NOTICEREF 3070 1_1_0d EXIST::FUNCTION: -ASN1_PRINTABLE_new 3071 1_1_0d EXIST::FUNCTION: -RSA_padding_check_PKCS1_OAEP 3072 1_1_0d EXIST::FUNCTION:RSA -OCSP_resp_get0_produced_at 3073 1_1_0d EXIST::FUNCTION:OCSP -PKCS7_RECIP_INFO_set 3074 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_hmac 3075 1_1_0d EXIST::FUNCTION: -X509v3_asid_canonize 3076 1_1_0d EXIST::FUNCTION:RFC3779 -i2d_TS_TST_INFO_bio 3077 1_1_0d EXIST::FUNCTION:TS -X509_it 3078 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_it 3078 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SHA256_Final 3079 1_1_0d EXIST::FUNCTION: -CMS_decrypt_set1_password 3080 1_1_0d EXIST::FUNCTION:CMS -ASYNC_WAIT_CTX_get_changed_fds 3081 1_1_0d EXIST::FUNCTION: -SMIME_read_PKCS7 3082 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_digests 3083 1_1_0d EXIST::FUNCTION:ENGINE -i2d_X509_EXTENSION 3084 1_1_0d EXIST::FUNCTION: -UI_get0_user_data 3085 1_1_0d EXIST::FUNCTION:UI -SAF_SM2_EncodeSignedData 3086 1_1_0d EXIST::FUNCTION: -i2a_ASN1_INTEGER 3087 1_1_0d EXIST::FUNCTION: -d2i_X509_REQ_INFO 3088 1_1_0d EXIST::FUNCTION: -BIO_set_ex_data 3089 1_1_0d EXIST::FUNCTION: -ESS_SIGNING_CERT_free 3090 1_1_0d EXIST::FUNCTION:TS -CRYPTO_ccm128_aad 3091 1_1_0d EXIST::FUNCTION: -UI_UTIL_read_pw_string 3092 1_1_0d EXIST::FUNCTION:UI -EC_KEY_METHOD_get_sign 3093 1_1_0d EXIST::FUNCTION:EC -BN_GFP2_sub 3094 1_1_0d EXIST::FUNCTION: -X509_up_ref 3095 1_1_0d EXIST::FUNCTION: -BIO_meth_new 3096 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_error 3097 1_1_0d EXIST::FUNCTION: -ERR_load_BN_strings 3098 1_1_0d EXIST::FUNCTION: -ENGINE_set_load_ssl_client_cert_function 3099 1_1_0d EXIST::FUNCTION:ENGINE -ECIES_PARAMS_init_with_type 3100 1_1_0d EXIST::FUNCTION: -EC_KEY_free 3101 1_1_0d EXIST::FUNCTION:EC -ASN1_GENERALSTRING_new 3102 1_1_0d EXIST::FUNCTION: -i2d_RSAPublicKey_fp 3103 1_1_0d EXIST::FUNCTION:RSA,STDIO -EC_KEY_set_private_key 3104 1_1_0d EXIST::FUNCTION:EC -EVP_CIPHER_CTX_set_cipher_data 3105 1_1_0d EXIST::FUNCTION: -ASN1_check_infinite_end 3106 1_1_0d EXIST::FUNCTION: -BN_X931_generate_Xpq 3107 1_1_0d EXIST::FUNCTION: -SM2_compute_id_digest 3108 1_1_0d EXIST::FUNCTION: -X509_REQ_add1_attr_by_NID 3109 1_1_0d EXIST::FUNCTION: -PKCS7_ENC_CONTENT_it 3110 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ENC_CONTENT_it 3110 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BB1PublicParameters_new 3111 1_1_0d EXIST::FUNCTION: -DSA_meth_get_init 3112 1_1_0d EXIST::FUNCTION:DSA -d2i_ASRange 3113 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_des_ede_ecb 3114 1_1_0d EXIST::FUNCTION:DES -ENGINE_set_load_privkey_function 3115 1_1_0d EXIST::FUNCTION:ENGINE -X509_LOOKUP_new 3116 1_1_0d EXIST::FUNCTION: -CMS_get0_RecipientInfos 3117 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_up_ref 3118 1_1_0d EXIST::FUNCTION: -RSA_meth_get_init 3119 1_1_0d EXIST::FUNCTION:RSA -sm3 3120 1_1_0d EXIST::FUNCTION: -d2i_EC_PUBKEY_fp 3121 1_1_0d EXIST::FUNCTION:EC,STDIO -ERR_load_X509V3_strings 3122 1_1_0d EXIST::FUNCTION: -BN_to_ASN1_INTEGER 3123 1_1_0d EXIST::FUNCTION: -Camellia_cbc_encrypt 3124 1_1_0d EXIST::FUNCTION:CAMELLIA -PKCS7_ENVELOPE_free 3125 1_1_0d EXIST::FUNCTION: -SM2_sign 3126 1_1_0d EXIST::FUNCTION: -SAF_SymmDecryptFinal 3127 1_1_0d EXIST::FUNCTION: -SDF_Decrypt 3128 1_1_0d EXIST::FUNCTION: -BN_BLINDING_new 3129 1_1_0d EXIST::FUNCTION: -CMS_dataInit 3130 1_1_0d EXIST::FUNCTION:CMS -OBJ_find_sigid_by_algs 3131 1_1_0d EXIST::FUNCTION: -PKCS7_dataFinal 3132 1_1_0d EXIST::FUNCTION: -PEM_write_X509_CRL 3133 1_1_0d EXIST::FUNCTION:STDIO -SAF_Pkcs7_EncodeData 3134 1_1_0d EXIST::FUNCTION: -ASN1_SCTX_get_template 3135 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_get1_ext_d2i 3136 1_1_0d EXIST::FUNCTION:OCSP -EVP_PKEY_sign 3137 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_get_app_data 3138 1_1_0d EXIST::FUNCTION: -RC2_cbc_encrypt 3139 1_1_0d EXIST::FUNCTION:RC2 -OPENSSL_LH_strhash 3140 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_add_alias 3141 1_1_0d EXIST::FUNCTION: -ENGINE_set_ciphers 3142 1_1_0d EXIST::FUNCTION:ENGINE -OBJ_nid2obj 3143 1_1_0d EXIST::FUNCTION: -CMS_data 3144 1_1_0d EXIST::FUNCTION:CMS -SM9_sign 3145 1_1_0d EXIST::FUNCTION: -SHA384_Init 3146 1_1_0d EXIST:!VMSVAX:FUNCTION: -SKF_PrintDeviceInfo 3147 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_ktri_get0_algs 3148 1_1_0d EXIST::FUNCTION:CMS -ASN1_STRING_set 3149 1_1_0d EXIST::FUNCTION: -BIO_free_all 3150 1_1_0d EXIST::FUNCTION: -ENGINE_remove 3151 1_1_0d EXIST::FUNCTION:ENGINE -BN_BLINDING_convert_ex 3152 1_1_0d EXIST::FUNCTION: -CRYPTO_cts128_encrypt 3153 1_1_0d EXIST::FUNCTION: -d2i_USERNOTICE 3154 1_1_0d EXIST::FUNCTION: -X509_STORE_get_check_crl 3155 1_1_0d EXIST::FUNCTION: -PEM_write 3156 1_1_0d EXIST::FUNCTION:STDIO -EC_POINT_set_affine_coordinates_GF2m 3157 1_1_0d EXIST::FUNCTION:EC,EC2M -OBJ_NAME_new_index 3158 1_1_0d EXIST::FUNCTION: -d2i_TS_STATUS_INFO 3159 1_1_0d EXIST::FUNCTION:TS -RSA_meth_set_bn_mod_exp 3160 1_1_0d EXIST::FUNCTION:RSA -BIO_write 3161 1_1_0d EXIST::FUNCTION: -DSA_SIG_new 3162 1_1_0d EXIST::FUNCTION:DSA -PEM_X509_INFO_write_bio 3163 1_1_0d EXIST::FUNCTION: -EC_GROUP_set_point_conversion_form 3164 1_1_0d EXIST::FUNCTION:EC -EVP_aes_128_cbc_hmac_sha256 3165 1_1_0d EXIST::FUNCTION: -ERR_peek_last_error_line 3166 1_1_0d EXIST::FUNCTION: -ERR_add_error_data 3167 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_set_imprint 3168 1_1_0d EXIST::FUNCTION:TS -ENGINE_set_pkey_meths 3169 1_1_0d EXIST::FUNCTION:ENGINE -RSA_meth_set_init 3170 1_1_0d EXIST::FUNCTION:RSA -BN_print 3171 1_1_0d EXIST::FUNCTION: -EVP_bf_cbc 3172 1_1_0d EXIST::FUNCTION:BF -OCSP_id_issuer_cmp 3173 1_1_0d EXIST::FUNCTION:OCSP -OCSP_ONEREQ_add_ext 3174 1_1_0d EXIST::FUNCTION:OCSP -SAF_EnumCertificatesFree 3175 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set0_trusted_stack 3176 1_1_0d EXIST::FUNCTION: -EC_KEY_set_default_secg_method 3177 1_1_0d EXIST::FUNCTION: -X509_STORE_add_lookup 3178 1_1_0d EXIST::FUNCTION: -DSA_set0_key 3179 1_1_0d EXIST::FUNCTION:DSA -PAILLIER_generate_key 3180 1_1_0d EXIST::FUNCTION: -MD4_Final 3181 1_1_0d EXIST::FUNCTION:MD4 -i2a_ACCESS_DESCRIPTION 3182 1_1_0d EXIST::FUNCTION: -DSA_meth_set_keygen 3183 1_1_0d EXIST::FUNCTION:DSA -i2s_ASN1_IA5STRING 3184 1_1_0d EXIST::FUNCTION: -RSA_meth_get0_name 3185 1_1_0d EXIST::FUNCTION:RSA -X509_delete_ext 3186 1_1_0d EXIST::FUNCTION: -RSA_verify_PKCS1_PSS 3187 1_1_0d EXIST::FUNCTION:RSA -BIO_ctrl_pending 3188 1_1_0d EXIST::FUNCTION: -X509_TRUST_get_flags 3189 1_1_0d EXIST::FUNCTION: -EC_GF2m_simple_method 3190 1_1_0d EXIST::FUNCTION:EC,EC2M -OCSP_REQUEST_it 3191 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_REQUEST_it 3191 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -X509_VERIFY_PARAM_get_auth_level 3192 1_1_0d EXIST::FUNCTION: -PEM_read_DHparams 3193 1_1_0d EXIST::FUNCTION:DH,STDIO -SHA224_Final 3194 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_set1_data 3195 1_1_0d EXIST::FUNCTION: -X509V3_parse_list 3196 1_1_0d EXIST::FUNCTION: -BN_nist_mod_func 3197 1_1_0d EXIST::FUNCTION: -X509_STORE_get_verify 3198 1_1_0d EXIST::FUNCTION: -EVP_des_ede3_cfb64 3199 1_1_0d EXIST::FUNCTION:DES -i2d_ESS_ISSUER_SERIAL 3200 1_1_0d EXIST::FUNCTION:TS -SCT_get_signature_nid 3201 1_1_0d EXIST::FUNCTION:CT -X509_VERIFY_PARAM_set1_email 3202 1_1_0d EXIST::FUNCTION: -ASN1_PRINTABLE_type 3203 1_1_0d EXIST::FUNCTION: -TS_RESP_get_tst_info 3204 1_1_0d EXIST::FUNCTION:TS -TS_TST_INFO_get_time 3205 1_1_0d EXIST::FUNCTION:TS -OCSP_RESPONSE_free 3206 1_1_0d EXIST::FUNCTION:OCSP -UI_method_set_flusher 3207 1_1_0d EXIST::FUNCTION:UI -TS_RESP_CTX_set_extension_cb 3208 1_1_0d EXIST::FUNCTION:TS -OCSP_archive_cutoff_new 3209 1_1_0d EXIST::FUNCTION:OCSP -EVP_des_ede_cbc 3210 1_1_0d EXIST::FUNCTION:DES -PKCS7_SIGNER_INFO_sign 3211 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_4096 3212 1_1_0d EXIST::FUNCTION: -ERR_load_CMS_strings 3213 1_1_0d EXIST::FUNCTION:CMS -EVP_PKEY_asn1_free 3214 1_1_0d EXIST::FUNCTION: -SAF_GenRandom 3215 1_1_0d EXIST::FUNCTION: -d2i_PaillierPrivateKey 3216 1_1_0d EXIST::FUNCTION: -DH_set0_key 3217 1_1_0d EXIST::FUNCTION:DH -TS_TST_INFO_set_policy_id 3218 1_1_0d EXIST::FUNCTION:TS -PBE2PARAM_new 3219 1_1_0d EXIST::FUNCTION: -d2i_DSAPrivateKey 3220 1_1_0d EXIST::FUNCTION:DSA -X509_NAME_set 3221 1_1_0d EXIST::FUNCTION: -X509_REQ_add1_attr 3222 1_1_0d EXIST::FUNCTION: -ERR_load_ASN1_strings 3223 1_1_0d EXIST::FUNCTION: -d2i_PKCS7_DIGEST 3224 1_1_0d EXIST::FUNCTION: -CRYPTO_new_ex_data 3225 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_get_ECCCIPHERBLOB 3226 1_1_0d EXIST::FUNCTION: -EVP_PKEY_decrypt_init 3227 1_1_0d EXIST::FUNCTION: -OCSP_CERTID_it 3228 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_CERTID_it 3228 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -PROXY_CERT_INFO_EXTENSION_it 3229 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PROXY_CERT_INFO_EXTENSION_it 3229 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -BIO_new_file 3230 1_1_0d EXIST::FUNCTION: -CMS_data_create 3231 1_1_0d EXIST::FUNCTION:CMS -SKF_DeleteContainer 3232 1_1_0d EXIST::FUNCTION: -ENGINE_set_default 3233 1_1_0d EXIST::FUNCTION:ENGINE -ENGINE_finish 3234 1_1_0d EXIST::FUNCTION:ENGINE -EVP_aes_192_cfb1 3235 1_1_0d EXIST::FUNCTION: -PEM_write_bio_PUBKEY 3236 1_1_0d EXIST::FUNCTION: -SOF_DecryptData 3237 1_1_0d EXIST::FUNCTION: -d2i_X509_AUX 3238 1_1_0d EXIST::FUNCTION: -BFPublicParameters_free 3239 1_1_0d EXIST::FUNCTION: -X509_REQ_add1_attr_by_txt 3240 1_1_0d EXIST::FUNCTION: -SAF_SM2_EncodeSignedAndEnvelopedData 3241 1_1_0d EXIST::FUNCTION: -X509_set_pubkey 3242 1_1_0d EXIST::FUNCTION: -ASN1_NULL_it 3243 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_NULL_it 3243 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -TS_CONF_set_signer_cert 3244 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_set1_tls_encodedpoint 3245 1_1_0d EXIST::FUNCTION: -EVP_des_ede3_cbc 3246 1_1_0d EXIST::FUNCTION:DES -DES_ede3_cfb_encrypt 3247 1_1_0d EXIST::FUNCTION:DES -CPK_MASTER_SECRET_digest 3248 1_1_0d EXIST::FUNCTION: -i2d_BFCiphertextBlock 3249 1_1_0d EXIST::FUNCTION: -X509v3_get_ext_by_NID 3250 1_1_0d EXIST::FUNCTION: -SKF_CloseApplication 3251 1_1_0d EXIST::FUNCTION: -sms4_unwrap_key 3252 1_1_0d EXIST::FUNCTION: -CPK_MAP_num_factors 3253 1_1_0d EXIST::FUNCTION: -PEM_read_bio_RSAPrivateKey 3254 1_1_0d EXIST::FUNCTION:RSA -X509_get_ex_data 3255 1_1_0d EXIST::FUNCTION: -EVP_PKCS82PKEY 3256 1_1_0d EXIST::FUNCTION: -OCSP_parse_url 3257 1_1_0d EXIST::FUNCTION:OCSP -HMAC_CTX_reset 3258 1_1_0d EXIST::FUNCTION: -EVP_cast5_ofb 3259 1_1_0d EXIST::FUNCTION:CAST -ASN1_SCTX_get_item 3260 1_1_0d EXIST::FUNCTION: -X509_CINF_it 3261 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CINF_it 3261 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_OBJECT_up_ref_count 3262 1_1_0d EXIST::FUNCTION: -ECDSA_do_verify 3263 1_1_0d EXIST::FUNCTION:EC -X509_PURPOSE_get_by_sname 3264 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_set_time 3265 1_1_0d EXIST::FUNCTION:CT -ECDSA_SIG_free 3266 1_1_0d EXIST::FUNCTION:EC -EVP_DigestVerifyFinal 3267 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_get_crl 3268 1_1_0d EXIST::FUNCTION: -DSA_sign_setup 3269 1_1_0d EXIST::FUNCTION:DSA -TS_CONF_set_certs 3270 1_1_0d EXIST::FUNCTION:TS -UI_ctrl 3271 1_1_0d EXIST::FUNCTION:UI -EC_GROUP_get_asn1_flag 3272 1_1_0d EXIST::FUNCTION:EC -BIO_s_mem 3273 1_1_0d EXIST::FUNCTION: -X509_PURPOSE_get0_name 3274 1_1_0d EXIST::FUNCTION: -i2d_ASN1_T61STRING 3275 1_1_0d EXIST::FUNCTION: -DES_ncbc_encrypt 3276 1_1_0d EXIST::FUNCTION:DES -EVP_PKEY_get0_EC_KEY 3277 1_1_0d EXIST::FUNCTION:EC -BN_GFP2_free 3278 1_1_0d EXIST::FUNCTION: -X509V3_set_ctx 3279 1_1_0d EXIST::FUNCTION: -EVP_idea_ofb 3280 1_1_0d EXIST::FUNCTION:IDEA -ASN1_item_sign 3281 1_1_0d EXIST::FUNCTION: -ENGINE_set_load_pubkey_function 3282 1_1_0d EXIST::FUNCTION:ENGINE -EC_GROUP_set_asn1_flag 3283 1_1_0d EXIST::FUNCTION:EC -d2i_X509_ATTRIBUTE 3284 1_1_0d EXIST::FUNCTION: -ASN1_SCTX_set_app_data 3285 1_1_0d EXIST::FUNCTION: -PKCS7_ctrl 3286 1_1_0d EXIST::FUNCTION: -BIO_meth_set_ctrl 3287 1_1_0d EXIST::FUNCTION: -PKCS12_setup_mac 3288 1_1_0d EXIST::FUNCTION: -d2i_CMS_bio 3289 1_1_0d EXIST::FUNCTION:CMS -d2i_POLICYINFO 3290 1_1_0d EXIST::FUNCTION: -PKCS5_v2_PBE_keyivgen 3291 1_1_0d EXIST::FUNCTION: -ENGINE_get_DH 3292 1_1_0d EXIST::FUNCTION:ENGINE -DSO_global_lookup 3293 1_1_0d EXIST::FUNCTION: -PKCS7_SIGNER_INFO_get0_algs 3294 1_1_0d EXIST::FUNCTION: -BN_nist_mod_256 3295 1_1_0d EXIST::FUNCTION: -EVP_DecryptInit_ex 3296 1_1_0d EXIST::FUNCTION: -WHIRLPOOL_Init 3297 1_1_0d EXIST::FUNCTION:WHIRLPOOL -DIRECTORYSTRING_it 3298 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -DIRECTORYSTRING_it 3298 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509v3_asid_validate_resource_set 3299 1_1_0d EXIST::FUNCTION:RFC3779 -BB1IBE_do_encrypt 3300 1_1_0d EXIST::FUNCTION: -RAND_status 3301 1_1_0d EXIST::FUNCTION: -SOF_ExportUserCert 3302 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_init 3303 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_new 3304 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_init 3305 1_1_0d EXIST::FUNCTION: -DSA_get_default_method 3306 1_1_0d EXIST::FUNCTION:DSA -SRP_VBASE_init 3307 1_1_0d EXIST::FUNCTION:SRP -X509_REQ_get_subject_name 3308 1_1_0d EXIST::FUNCTION: -X509V3_EXT_print 3309 1_1_0d EXIST::FUNCTION: -X509V3_add_value_int 3310 1_1_0d EXIST::FUNCTION: -BN_get0_nist_prime_192 3311 1_1_0d EXIST::FUNCTION: -EC_get_builtin_curves 3312 1_1_0d EXIST::FUNCTION:EC -EVP_aes_128_cbc 3313 1_1_0d EXIST::FUNCTION: -X509_PURPOSE_get0 3314 1_1_0d EXIST::FUNCTION: -TXT_DB_create_index 3315 1_1_0d EXIST::FUNCTION: -RC2_ecb_encrypt 3316 1_1_0d EXIST::FUNCTION:RC2 -PEM_write_PKCS8_PRIV_KEY_INFO 3317 1_1_0d EXIST::FUNCTION:STDIO -ECPKPARAMETERS_free 3318 1_1_0d EXIST::FUNCTION:EC -UI_add_input_string 3319 1_1_0d EXIST::FUNCTION:UI -PEM_read_NETSCAPE_CERT_SEQUENCE 3320 1_1_0d EXIST::FUNCTION:STDIO -ASN1_TIME_to_generalizedtime 3321 1_1_0d EXIST::FUNCTION: -RSA_security_bits 3322 1_1_0d EXIST::FUNCTION:RSA -CRYPTO_cfb128_1_encrypt 3323 1_1_0d EXIST::FUNCTION: -PKCS12_add_friendlyname_asc 3324 1_1_0d EXIST::FUNCTION: -COMP_CTX_get_type 3325 1_1_0d EXIST::FUNCTION:COMP -SHA256_Init 3326 1_1_0d EXIST::FUNCTION: -EC_KEY_new_by_curve_name 3327 1_1_0d EXIST::FUNCTION:EC -BN_MONT_CTX_set_locked 3328 1_1_0d EXIST::FUNCTION: -DES_is_weak_key 3329 1_1_0d EXIST::FUNCTION:DES -i2d_BB1MasterSecret 3330 1_1_0d EXIST::FUNCTION: -SM9PrivateKey_free 3331 1_1_0d EXIST::FUNCTION: -CMS_get0_eContentType 3332 1_1_0d EXIST::FUNCTION:CMS -X509_VERIFY_PARAM_set_trust 3333 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_obj_by_subject 3334 1_1_0d EXIST::FUNCTION: -OCSP_resp_get0_certs 3335 1_1_0d EXIST::FUNCTION:OCSP -BIO_get_init 3336 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_new 3337 1_1_0d EXIST::FUNCTION:OCSP -CRYPTO_get_mem_functions 3338 1_1_0d EXIST::FUNCTION: -COMP_compress_block 3339 1_1_0d EXIST::FUNCTION:COMP -i2d_DSAPublicKey 3340 1_1_0d EXIST::FUNCTION:DSA -i2d_ASN1_bio_stream 3341 1_1_0d EXIST::FUNCTION: -i2d_ASN1_UTF8STRING 3342 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_get0_attrs 3343 1_1_0d EXIST::FUNCTION: -ECDSA_SIG_new 3344 1_1_0d EXIST::FUNCTION:EC -X509_get_ext_by_NID 3345 1_1_0d EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_NID 3346 1_1_0d EXIST::FUNCTION: -X509_set1_notAfter 3347 1_1_0d EXIST::FUNCTION: -RC2_decrypt 3348 1_1_0d EXIST::FUNCTION:RC2 -EVP_Cipher 3349 1_1_0d EXIST::FUNCTION: -ASN1_sign 3350 1_1_0d EXIST::FUNCTION: -SAF_HashFinal 3351 1_1_0d EXIST::FUNCTION: -CRYPTO_zalloc 3352 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_get_set_asn1_params 3353 1_1_0d EXIST::FUNCTION: -SDF_ExchangeDigitEnvelopeBaseOnRSA 3354 1_1_0d EXIST::FUNCTION: -TS_CONF_set_tsa_name 3355 1_1_0d EXIST::FUNCTION:TS -BIO_socket 3356 1_1_0d EXIST::FUNCTION:SOCK -d2i_ASN1_IA5STRING 3357 1_1_0d EXIST::FUNCTION: -X509_get1_ocsp 3358 1_1_0d EXIST::FUNCTION: -ASN1_OBJECT_free 3359 1_1_0d EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_OBJ 3360 1_1_0d EXIST::FUNCTION: -CMS_signed_add1_attr_by_txt 3361 1_1_0d EXIST::FUNCTION:CMS -BN_is_negative 3362 1_1_0d EXIST::FUNCTION: -BIO_set_next 3363 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get_data 3364 1_1_0d EXIST::FUNCTION: -PEM_read_PrivateKey 3365 1_1_0d EXIST::FUNCTION:STDIO -CRYPTO_ccm128_init 3366 1_1_0d EXIST::FUNCTION: -PEM_write_bio_ECPKParameters 3367 1_1_0d EXIST::FUNCTION:EC -BIO_ctrl_get_read_request 3368 1_1_0d EXIST::FUNCTION: -CRYPTO_ocb128_encrypt 3369 1_1_0d EXIST::FUNCTION:OCB -X509_EXTENSION_dup 3370 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_decrypt 3371 1_1_0d EXIST::FUNCTION: -ASN1_VISIBLESTRING_it 3372 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_VISIBLESTRING_it 3372 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509V3_EXT_nconf_nid 3373 1_1_0d EXIST::FUNCTION: -X509_PUBKEY_it 3374 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_PUBKEY_it 3374 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CERTIFICATEPOLICIES_new 3375 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_by_alias 3376 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_get0_peername 3377 1_1_0d EXIST::FUNCTION: -X509_REQ_set_pubkey 3378 1_1_0d EXIST::FUNCTION: -d2i_SM9MasterSecret 3379 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_param_to_asn1 3380 1_1_0d EXIST::FUNCTION: -BN_new 3381 1_1_0d EXIST::FUNCTION: -ASN1_UTCTIME_print 3382 1_1_0d EXIST::FUNCTION: -SM9PrivateKey_it 3383 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM9PrivateKey_it 3383 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_REQ_to_X509 3384 1_1_0d EXIST::FUNCTION: -EVP_camellia_192_cfb8 3385 1_1_0d EXIST::FUNCTION:CAMELLIA -SCT_set1_signature 3386 1_1_0d EXIST::FUNCTION:CT -d2i_BB1PrivateKeyBlock 3387 1_1_0d EXIST::FUNCTION: -i2d_DSA_SIG 3388 1_1_0d EXIST::FUNCTION:DSA -EVP_aes_128_xts 3389 1_1_0d EXIST::FUNCTION: -SKF_EnumContainer 3390 1_1_0d EXIST::FUNCTION: -EVP_aes_192_cfb8 3391 1_1_0d EXIST::FUNCTION: -PKCS8_pkey_add1_attr_by_NID 3392 1_1_0d EXIST::FUNCTION: -ASN1_d2i_fp 3393 1_1_0d EXIST::FUNCTION:STDIO -CRL_DIST_POINTS_it 3394 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -CRL_DIST_POINTS_it 3394 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_des_ede3 3395 1_1_0d EXIST::FUNCTION:DES -EVP_md5 3396 1_1_0d EXIST::FUNCTION:MD5 -BN_GFP2_add 3397 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_new 3398 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_from_ecpkparameters 3399 1_1_0d EXIST::FUNCTION:EC -d2i_DSA_SIG 3400 1_1_0d EXIST::FUNCTION:DSA -SKF_MacInit 3401 1_1_0d EXIST::FUNCTION: -d2i_IPAddressFamily 3402 1_1_0d EXIST::FUNCTION:RFC3779 -ASN1_BIT_STRING_new 3403 1_1_0d EXIST::FUNCTION: -d2i_X509_EXTENSIONS 3404 1_1_0d EXIST::FUNCTION: -PAILLIER_free 3405 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_delete 3406 1_1_0d EXIST::FUNCTION: -ASN1_item_ex_new 3407 1_1_0d EXIST::FUNCTION: -PEM_write_DSAPrivateKey 3408 1_1_0d EXIST::FUNCTION:DSA,STDIO -UI_set_ex_data 3409 1_1_0d EXIST::FUNCTION:UI -BIO_meth_set_destroy 3410 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_verifyctx 3411 1_1_0d EXIST::FUNCTION: -X509_CRL_add_ext 3412 1_1_0d EXIST::FUNCTION: -SM9MasterSecret_new 3413 1_1_0d EXIST::FUNCTION: -SAF_GetCaCertificateCount 3414 1_1_0d EXIST::FUNCTION: -SKF_ReadFile 3415 1_1_0d EXIST::FUNCTION: -PEM_SignFinal 3416 1_1_0d EXIST::FUNCTION: -BIO_dgram_sctp_msg_waiting 3417 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -OCSP_REQ_CTX_i2d 3418 1_1_0d EXIST::FUNCTION:OCSP -EC_GROUP_get_curve_GFp 3419 1_1_0d EXIST::FUNCTION:EC -EVP_camellia_192_ofb 3420 1_1_0d EXIST::FUNCTION:CAMELLIA -TS_MSG_IMPRINT_get_msg 3421 1_1_0d EXIST::FUNCTION:TS -BN_num_bits 3422 1_1_0d EXIST::FUNCTION: -d2i_RSA_PUBKEY_fp 3423 1_1_0d EXIST::FUNCTION:RSA,STDIO -OCSP_REQUEST_add1_ext_i2d 3424 1_1_0d EXIST::FUNCTION:OCSP -X509_subject_name_hash 3425 1_1_0d EXIST::FUNCTION: -BN_BLINDING_convert 3426 1_1_0d EXIST::FUNCTION: -SKF_Digest 3427 1_1_0d EXIST::FUNCTION: -CRYPTO_cbc128_decrypt 3428 1_1_0d EXIST::FUNCTION: -ASIdentifiers_new 3429 1_1_0d EXIST::FUNCTION:RFC3779 -EC_GROUP_cmp 3430 1_1_0d EXIST::FUNCTION:EC -SRP_VBASE_get1_by_user 3431 1_1_0d EXIST::FUNCTION:SRP -X509_STORE_CTX_set0_verified_chain 3432 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_dup 3433 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_RECIP_INFO 3434 1_1_0d EXIST::FUNCTION: -i2d_DSAPrivateKey_fp 3435 1_1_0d EXIST::FUNCTION:DSA,STDIO -ENGINE_register_all_pkey_meths 3436 1_1_0d EXIST::FUNCTION:ENGINE -CMS_add0_recipient_password 3437 1_1_0d EXIST::FUNCTION:CMS -BN_set_word 3438 1_1_0d EXIST::FUNCTION: -X509v3_addr_add_inherit 3439 1_1_0d EXIST::FUNCTION:RFC3779 -EC_GFp_nist_method 3440 1_1_0d EXIST::FUNCTION:EC -RAND_set_rand_engine 3441 1_1_0d EXIST::FUNCTION:ENGINE -OBJ_find_sigid_algs 3442 1_1_0d EXIST::FUNCTION: -SHA512_Update 3443 1_1_0d EXIST:!VMSVAX:FUNCTION: -ENGINE_new 3444 1_1_0d EXIST::FUNCTION:ENGINE -X509_EXTENSIONS_it 3445 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_EXTENSIONS_it 3445 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_SealFinal 3446 1_1_0d EXIST::FUNCTION:RSA -CRYPTO_THREAD_lock_new 3447 1_1_0d EXIST::FUNCTION: -d2i_OCSP_REQINFO 3448 1_1_0d EXIST::FUNCTION:OCSP -EVP_aes_128_cfb8 3449 1_1_0d EXIST::FUNCTION: -SDF_ReadFile 3450 1_1_0d EXIST::FUNCTION: -OPENSSL_strlcat 3451 1_1_0d EXIST::FUNCTION: -CMS_digest_verify 3452 1_1_0d EXIST::FUNCTION:CMS -EC_GROUP_precompute_mult 3453 1_1_0d EXIST::FUNCTION:EC -BIO_asn1_get_prefix 3454 1_1_0d EXIST::FUNCTION: -EC_GROUP_free 3455 1_1_0d EXIST::FUNCTION:EC -X509_NAME_hash 3456 1_1_0d EXIST::FUNCTION: -X509V3_add_value_bool 3457 1_1_0d EXIST::FUNCTION: -TS_CONF_set_accuracy 3458 1_1_0d EXIST::FUNCTION:TS -X509at_get_attr_by_NID 3459 1_1_0d EXIST::FUNCTION: -d2i_GENERAL_NAME 3460 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_node_usage_stats_bio 3461 1_1_0d EXIST::FUNCTION: -X509_REQ_get_pubkey 3462 1_1_0d EXIST::FUNCTION: -a2d_ASN1_OBJECT 3463 1_1_0d EXIST::FUNCTION: -v2i_GENERAL_NAMES 3464 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_curve_GFp 3465 1_1_0d EXIST::FUNCTION:EC -ASN1_UTF8STRING_free 3466 1_1_0d EXIST::FUNCTION: -d2i_PKCS8_PRIV_KEY_INFO_fp 3467 1_1_0d EXIST::FUNCTION:STDIO -RSA_meth_get_keygen 3468 1_1_0d EXIST::FUNCTION:RSA -X509_STORE_CTX_set_cert 3469 1_1_0d EXIST::FUNCTION: -ERR_load_CRYPTO_strings 3470 1_1_0d EXIST:!VMS:FUNCTION: -ERR_load_CRYPTOlib_strings 3470 1_1_0d EXIST:VMS:FUNCTION: -PKCS7_final 3471 1_1_0d EXIST::FUNCTION: -X509_NAME_cmp 3472 1_1_0d EXIST::FUNCTION: -RSA_get_RSAPUBLICKEYBLOB 3473 1_1_0d EXIST::FUNCTION: -BN_dec2bn 3474 1_1_0d EXIST::FUNCTION: -BIO_s_socket 3475 1_1_0d EXIST::FUNCTION:SOCK -SAF_Base64_CreateBase64Obj 3476 1_1_0d EXIST::FUNCTION: -BIO_meth_set_read 3477 1_1_0d EXIST::FUNCTION: -EVP_desx_cbc 3478 1_1_0d EXIST::FUNCTION:DES -OCSP_REVOKEDINFO_new 3479 1_1_0d EXIST::FUNCTION:OCSP -ASN1_UTF8STRING_it 3480 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_UTF8STRING_it 3480 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SKF_WriteFile 3481 1_1_0d EXIST::FUNCTION: -SKF_Mac 3482 1_1_0d EXIST::FUNCTION: -ASN1_UTCTIME_it 3483 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_UTCTIME_it 3483 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_AUTHORITY_KEYID 3484 1_1_0d EXIST::FUNCTION: -i2d_NOTICEREF 3485 1_1_0d EXIST::FUNCTION: -CMS_signed_get0_data_by_OBJ 3486 1_1_0d EXIST::FUNCTION:CMS -CMS_add1_crl 3487 1_1_0d EXIST::FUNCTION:CMS -i2a_ASN1_STRING 3488 1_1_0d EXIST::FUNCTION: -X509_STORE_get_lookup_crls 3489 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_ip 3490 1_1_0d EXIST::FUNCTION: -d2i_CPK_PUBLIC_PARAMS 3491 1_1_0d EXIST::FUNCTION: -EC_KEY_set_default_sm_method 3492 1_1_0d EXIST::FUNCTION: -BN_consttime_swap 3493 1_1_0d EXIST::FUNCTION: -RSA_public_encrypt 3494 1_1_0d EXIST::FUNCTION:RSA -CMS_unsigned_add1_attr_by_NID 3495 1_1_0d EXIST::FUNCTION:CMS -X509_REQ_add_extensions 3496 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_free 3497 1_1_0d EXIST::FUNCTION: -TS_MSG_IMPRINT_get_algo 3498 1_1_0d EXIST::FUNCTION:TS -EC_KEY_set_flags 3499 1_1_0d EXIST::FUNCTION:EC -IDEA_set_decrypt_key 3500 1_1_0d EXIST::FUNCTION:IDEA -i2d_TS_TST_INFO 3501 1_1_0d EXIST::FUNCTION:TS -TS_REQ_new 3502 1_1_0d EXIST::FUNCTION:TS -PKCS12_new 3503 1_1_0d EXIST::FUNCTION: -SM2_sign_ex 3504 1_1_0d EXIST::FUNCTION: -ECIES_PARAMS_get_mac 3505 1_1_0d EXIST::FUNCTION: -d2i_OCSP_RESPID 3506 1_1_0d EXIST::FUNCTION:OCSP -PKCS12_add_CSPName_asc 3507 1_1_0d EXIST::FUNCTION: -DH_generate_parameters_ex 3508 1_1_0d EXIST::FUNCTION:DH -CMS_ContentInfo_print_ctx 3509 1_1_0d EXIST::FUNCTION:CMS -PKCS8_pkey_set0 3510 1_1_0d EXIST::FUNCTION: -CRYPTO_gcm128_decrypt_ctr32 3511 1_1_0d EXIST::FUNCTION: -CMS_get0_type 3512 1_1_0d EXIST::FUNCTION:CMS -AES_decrypt 3513 1_1_0d EXIST::FUNCTION: -ASN1_T61STRING_it 3514 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_T61STRING_it 3514 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -DIRECTORYSTRING_free 3515 1_1_0d EXIST::FUNCTION: -SMIME_text 3516 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_fp 3517 1_1_0d EXIST::FUNCTION:STDIO -BN_abs_is_word 3518 1_1_0d EXIST::FUNCTION: -CONF_imodule_get_name 3519 1_1_0d EXIST::FUNCTION: -DSA_free 3520 1_1_0d EXIST::FUNCTION:DSA -EVP_PKEY_set1_RSA 3521 1_1_0d EXIST::FUNCTION:RSA -ASYNC_cleanup_thread 3522 1_1_0d EXIST::FUNCTION: -ENGINE_unregister_ciphers 3523 1_1_0d EXIST::FUNCTION:ENGINE -OCSP_BASICRESP_get_ext 3524 1_1_0d EXIST::FUNCTION:OCSP -OPENSSL_gmtime 3525 1_1_0d EXIST::FUNCTION: -OCSP_RESPBYTES_it 3526 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_RESPBYTES_it 3526 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -d2i_RSA_PSS_PARAMS 3527 1_1_0d EXIST::FUNCTION:RSA -EVP_camellia_256_cfb1 3528 1_1_0d EXIST::FUNCTION:CAMELLIA -DES_fcrypt 3529 1_1_0d EXIST::FUNCTION:DES -IDEA_options 3530 1_1_0d EXIST::FUNCTION:IDEA -X509_ALGOR_free 3531 1_1_0d EXIST::FUNCTION: -d2i_OCSP_SIGNATURE 3532 1_1_0d EXIST::FUNCTION:OCSP -SCT_validation_status_string 3533 1_1_0d EXIST::FUNCTION:CT -OCSP_SIGNATURE_it 3534 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_SIGNATURE_it 3534 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -i2d_X509_ALGOR 3535 1_1_0d EXIST::FUNCTION: -UI_get_result_maxsize 3536 1_1_0d EXIST::FUNCTION:UI -PKCS12_unpack_p7encdata 3537 1_1_0d EXIST::FUNCTION: -i2d_PKCS8PrivateKey_nid_fp 3538 1_1_0d EXIST::FUNCTION:STDIO -DHparams_print 3539 1_1_0d EXIST::FUNCTION:DH -d2i_SM9PrivateKey 3540 1_1_0d EXIST::FUNCTION: -PKCS5_pbe2_set 3541 1_1_0d EXIST::FUNCTION: -OPENSSL_load_builtin_modules 3542 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_DSA 3543 1_1_0d EXIST::FUNCTION:ENGINE -ESS_ISSUER_SERIAL_dup 3544 1_1_0d EXIST::FUNCTION:TS -NAME_CONSTRAINTS_free 3545 1_1_0d EXIST::FUNCTION: -PEM_read_DSAparams 3546 1_1_0d EXIST::FUNCTION:DSA,STDIO -ASN1_item_free 3547 1_1_0d EXIST::FUNCTION: -SEED_set_key 3548 1_1_0d EXIST::FUNCTION:SEED -EVP_MD_meth_get_input_blocksize 3549 1_1_0d EXIST::FUNCTION: -ECIES_decrypt 3550 1_1_0d EXIST::FUNCTION: -ERR_remove_thread_state 3551 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -X509_STORE_CTX_get0_chain 3552 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_free 3553 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_set_final 3554 1_1_0d EXIST::FUNCTION: -DH_up_ref 3555 1_1_0d EXIST::FUNCTION:DH -EVP_PKEY_set1_PAILLIER 3556 1_1_0d EXIST::FUNCTION:PAILLIER -EVP_MD_CTX_reset 3557 1_1_0d EXIST::FUNCTION: -CMS_final 3558 1_1_0d EXIST::FUNCTION:CMS -DSA_meth_set_mod_exp 3559 1_1_0d EXIST::FUNCTION:DSA -X509_VERIFY_PARAM_set_depth 3560 1_1_0d EXIST::FUNCTION: -TS_REQ_get_ext_by_OBJ 3561 1_1_0d EXIST::FUNCTION:TS -RAND_event 3562 1_1_0d EXIST:_WIN32:FUNCTION:DEPRECATEDIN_1_1_0 -i2d_ECPrivateKey 3563 1_1_0d EXIST::FUNCTION:EC -AES_cbc_encrypt 3564 1_1_0d EXIST::FUNCTION: -SOF_SignMessage 3565 1_1_0d EXIST::FUNCTION: -IPAddressOrRange_free 3566 1_1_0d EXIST::FUNCTION:RFC3779 -PKCS7_free 3567 1_1_0d EXIST::FUNCTION: -SDF_GetDeviceInfo 3568 1_1_0d EXIST::FUNCTION: -X509_get0_notBefore 3569 1_1_0d EXIST::FUNCTION: -SKF_ExportCertificate 3570 1_1_0d EXIST::FUNCTION: -X509_PURPOSE_get_by_id 3571 1_1_0d EXIST::FUNCTION: -ASN1_item_i2d_bio 3572 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_init 3573 1_1_0d EXIST::FUNCTION: -OTP_generate 3574 1_1_0d EXIST::FUNCTION: -X509_TRUST_get_count 3575 1_1_0d EXIST::FUNCTION: -d2i_ASN1_NULL 3576 1_1_0d EXIST::FUNCTION: -BFCiphertextBlock_free 3577 1_1_0d EXIST::FUNCTION: -BIO_s_secmem 3578 1_1_0d EXIST::FUNCTION: -i2d_TS_ACCURACY 3579 1_1_0d EXIST::FUNCTION:TS -CMS_RecipientInfo_set0_key 3580 1_1_0d EXIST::FUNCTION:CMS -PEM_read_bio_PrivateKey 3581 1_1_0d EXIST::FUNCTION: -SKF_GenerateAgreementDataAndKeyWithECC 3582 1_1_0d EXIST::FUNCTION: -ERR_set_error_data 3583 1_1_0d EXIST::FUNCTION: -DES_check_key_parity 3584 1_1_0d EXIST::FUNCTION:DES -PKCS8_encrypt 3585 1_1_0d EXIST::FUNCTION: -ESS_CERT_ID_dup 3586 1_1_0d EXIST::FUNCTION:TS -X509_TRUST_get0 3587 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_verify_cb 3588 1_1_0d EXIST::FUNCTION: -i2d_IPAddressFamily 3589 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_PBE_scrypt 3590 1_1_0d EXIST::FUNCTION:SCRYPT -EVP_cast5_ecb 3591 1_1_0d EXIST::FUNCTION:CAST -DISPLAYTEXT_new 3592 1_1_0d EXIST::FUNCTION: -ECDSA_sign_setup 3593 1_1_0d EXIST::FUNCTION:EC -CRYPTO_secure_malloc_init 3594 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_set_data 3595 1_1_0d EXIST::FUNCTION:TS -OCSP_BASICRESP_it 3596 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_BASICRESP_it 3596 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -PKCS12_get_attr_gen 3597 1_1_0d EXIST::FUNCTION: -RSA_meth_set_priv_enc 3598 1_1_0d EXIST::FUNCTION:RSA -OCSP_ONEREQ_get_ext_by_OBJ 3599 1_1_0d EXIST::FUNCTION:OCSP -PKCS12_SAFEBAG_create_pkcs8_encrypt 3600 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_zero 3601 1_1_0d EXIST::FUNCTION: -ECIES_CIPHERTEXT_VALUE_new 3602 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_PAILLIER 3603 1_1_0d EXIST::FUNCTION:PAILLIER -SOF_VerifySignedDataXML 3604 1_1_0d EXIST::FUNCTION: -CMS_RecipientEncryptedKey_get0_id 3605 1_1_0d EXIST::FUNCTION:CMS -OPENSSL_sk_num 3606 1_1_0d EXIST::FUNCTION: -EVP_aes_256_cbc_hmac_sha256 3607 1_1_0d EXIST::FUNCTION: -SKF_DevAuth 3608 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_verify 3609 1_1_0d EXIST::FUNCTION: -BIO_s_null 3610 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set_time 3611 1_1_0d EXIST::FUNCTION: -PEM_write_EC_PUBKEY 3612 1_1_0d EXIST::FUNCTION:EC,STDIO -ERR_load_strings 3613 1_1_0d EXIST::FUNCTION: -SM2_do_verify 3614 1_1_0d EXIST::FUNCTION: -RSA_meth_get_pub_enc 3615 1_1_0d EXIST::FUNCTION:RSA -CRYPTO_ocb128_decrypt 3616 1_1_0d EXIST::FUNCTION:OCB -TS_RESP_CTX_add_failure_info 3617 1_1_0d EXIST::FUNCTION:TS -X509_VERIFY_PARAM_get_time 3618 1_1_0d EXIST::FUNCTION: -SAF_GenRsaKeyPair 3619 1_1_0d EXIST::FUNCTION: -PKCS7_set_signed_attributes 3620 1_1_0d EXIST::FUNCTION: -X509_STORE_set_verify 3621 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_delete_ext 3622 1_1_0d EXIST::FUNCTION:OCSP -X509_CRL_new 3623 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_to_BN 3624 1_1_0d EXIST::FUNCTION: -ENGINE_set_cmd_defns 3625 1_1_0d EXIST::FUNCTION:ENGINE -OPENSSL_sk_delete 3626 1_1_0d EXIST::FUNCTION: -X509_print_fp 3627 1_1_0d EXIST::FUNCTION:STDIO -TS_RESP_CTX_set_status_info_cond 3628 1_1_0d EXIST::FUNCTION:TS -SRP_Calc_x 3629 1_1_0d EXIST::FUNCTION:SRP -OCSP_resp_find 3630 1_1_0d EXIST::FUNCTION:OCSP -EVP_camellia_192_ctr 3631 1_1_0d EXIST::FUNCTION:CAMELLIA -PEM_write_ECPrivateKey 3632 1_1_0d EXIST::FUNCTION:EC,STDIO -DSA_meth_get_flags 3633 1_1_0d EXIST::FUNCTION:DSA -AUTHORITY_INFO_ACCESS_it 3634 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -AUTHORITY_INFO_ACCESS_it 3634 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_CIPHER_iv_length 3635 1_1_0d EXIST::FUNCTION: -MD2 3636 1_1_0d EXIST::FUNCTION:MD2 -ASN1_ENUMERATED_free 3637 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_get0_pkey_ctx 3638 1_1_0d EXIST::FUNCTION:CMS -RC5_32_ofb64_encrypt 3639 1_1_0d EXIST::FUNCTION:RC5 -RSA_blinding_off 3640 1_1_0d EXIST::FUNCTION:RSA -X509_ALGOR_get0 3641 1_1_0d EXIST::FUNCTION: -SCT_get0_signature 3642 1_1_0d EXIST::FUNCTION:CT -X509_REVOKED_get0_extensions 3643 1_1_0d EXIST::FUNCTION: -X509_CRL_get_signature_nid 3644 1_1_0d EXIST::FUNCTION: -OCSP_REQ_CTX_new 3645 1_1_0d EXIST::FUNCTION:OCSP -RC2_ofb64_encrypt 3646 1_1_0d EXIST::FUNCTION:RC2 -NOTICEREF_new 3647 1_1_0d EXIST::FUNCTION: -PKCS7_print_ctx 3648 1_1_0d EXIST::FUNCTION: -BIO_dgram_sctp_wait_for_dry 3649 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -EC_POINT_is_at_infinity 3650 1_1_0d EXIST::FUNCTION:EC -NCONF_get_section 3651 1_1_0d EXIST::FUNCTION: -PKCS12_create 3652 1_1_0d EXIST::FUNCTION: -SKF_Transmit 3653 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_new 3654 1_1_0d EXIST::FUNCTION: -PKCS5_pbe2_set_scrypt 3655 1_1_0d EXIST::FUNCTION:SCRYPT -BB1PrivateKeyBlock_free 3656 1_1_0d EXIST::FUNCTION: -d2i_EC_PUBKEY_bio 3657 1_1_0d EXIST::FUNCTION:EC -BN_is_odd 3658 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_error 3659 1_1_0d EXIST::FUNCTION: -X509_LOOKUP_free 3660 1_1_0d EXIST::FUNCTION: -SXNET_add_id_ulong 3661 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_cleanup_local 3662 1_1_0d EXIST::FUNCTION: -ASN1_parse 3663 1_1_0d EXIST::FUNCTION: -i2d_GENERAL_NAME 3664 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_get_copy 3665 1_1_0d EXIST::FUNCTION: -OPENSSL_config 3666 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -CRYPTO_memcmp 3667 1_1_0d EXIST::FUNCTION: -BF_cfb64_encrypt 3668 1_1_0d EXIST::FUNCTION:BF -i2d_NETSCAPE_SPKI 3669 1_1_0d EXIST::FUNCTION: -ASN1_GENERALIZEDTIME_set_string 3670 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_get0 3671 1_1_0d EXIST::FUNCTION: -X509_http_nbio 3672 1_1_0d EXIST::FUNCTION:OCSP -SKF_DeleteApplication 3673 1_1_0d EXIST::FUNCTION: -CMS_add_smimecap 3674 1_1_0d EXIST::FUNCTION:CMS -ASN1_INTEGER_new 3675 1_1_0d EXIST::FUNCTION: -BFIBE_decrypt 3676 1_1_0d EXIST::FUNCTION: -CRYPTO_THREAD_run_once 3677 1_1_0d EXIST::FUNCTION: -d2i_SXNETID 3678 1_1_0d EXIST::FUNCTION: -X509_STORE_unlock 3679 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_ctrl_str 3680 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_get_ext_by_NID 3681 1_1_0d EXIST::FUNCTION:OCSP -d2i_X509_EXTENSION 3682 1_1_0d EXIST::FUNCTION: -X509_CRL_free 3683 1_1_0d EXIST::FUNCTION: -SCT_print 3684 1_1_0d EXIST::FUNCTION:CT -CRYPTO_THREAD_unlock 3685 1_1_0d EXIST::FUNCTION: -BN_mod_add_quick 3686 1_1_0d EXIST::FUNCTION: -CRYPTO_mem_ctrl 3687 1_1_0d EXIST::FUNCTION: -RSA_meth_get_verify 3688 1_1_0d EXIST::FUNCTION:RSA -PKCS12_SAFEBAG_create0_p8inf 3689 1_1_0d EXIST::FUNCTION: -EVP_aes_192_wrap_pad 3690 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_8192 3691 1_1_0d EXIST::FUNCTION: -X509v3_get_ext 3692 1_1_0d EXIST::FUNCTION: -ASN1_item_dup 3693 1_1_0d EXIST::FUNCTION: -RIPEMD160_Init 3694 1_1_0d EXIST::FUNCTION:RMD160 -UI_process 3695 1_1_0d EXIST::FUNCTION:UI -OPENSSL_sk_deep_copy 3696 1_1_0d EXIST::FUNCTION: -TS_STATUS_INFO_get0_text 3697 1_1_0d EXIST::FUNCTION:TS -i2d_ASN1_UTCTIME 3698 1_1_0d EXIST::FUNCTION: -SAF_Mac 3699 1_1_0d EXIST::FUNCTION: -BN_GFP2_canonical 3700 1_1_0d EXIST::FUNCTION: -X509_CRL_it 3701 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CRL_it 3701 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_STORE_set_cert_crl 3702 1_1_0d EXIST::FUNCTION: -X509_CRL_print 3703 1_1_0d EXIST::FUNCTION: -ASN1_STRING_dup 3704 1_1_0d EXIST::FUNCTION: -i2d_ASIdOrRange 3705 1_1_0d EXIST::FUNCTION:RFC3779 -BIO_new_fp 3706 1_1_0d EXIST::FUNCTION:STDIO -ERR_load_ERR_strings 3707 1_1_0d EXIST::FUNCTION: -i2d_CPK_PUBLIC_PARAMS 3708 1_1_0d EXIST::FUNCTION: -d2i_PrivateKey 3709 1_1_0d EXIST::FUNCTION: -SAF_GenerateKeyWithECC 3710 1_1_0d EXIST::FUNCTION: -X509at_get_attr 3711 1_1_0d EXIST::FUNCTION: -BIO_asn1_set_prefix 3712 1_1_0d EXIST::FUNCTION: -SXNET_free 3713 1_1_0d EXIST::FUNCTION: -SDF_DeleteFile 3714 1_1_0d EXIST::FUNCTION: -X509V3_EXT_conf 3715 1_1_0d EXIST::FUNCTION: -i2v_GENERAL_NAME 3716 1_1_0d EXIST::FUNCTION: -NCONF_WIN32 3717 1_1_0d EXIST::FUNCTION: -SM9Ciphertext_it 3718 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM9Ciphertext_it 3718 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_ECIESParameters 3719 1_1_0d EXIST::FUNCTION: -OCSP_id_cmp 3720 1_1_0d EXIST::FUNCTION:OCSP -EVP_rc4 3721 1_1_0d EXIST::FUNCTION:RC4 -ENGINE_register_all_RAND 3722 1_1_0d EXIST::FUNCTION:ENGINE -EC_POINT_dbl 3723 1_1_0d EXIST::FUNCTION:EC -TS_STATUS_INFO_print_bio 3724 1_1_0d EXIST::FUNCTION:TS -X509_policy_level_node_count 3725 1_1_0d EXIST::FUNCTION: -X509at_delete_attr 3726 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_current_cert 3727 1_1_0d EXIST::FUNCTION: -CMS_set1_eContentType 3728 1_1_0d EXIST::FUNCTION:CMS -BIO_set_data 3729 1_1_0d EXIST::FUNCTION: -i2d_OCSP_SIGNATURE 3730 1_1_0d EXIST::FUNCTION:OCSP -X509_CRL_add1_ext_i2d 3731 1_1_0d EXIST::FUNCTION: -EVP_PKEY_asn1_find_str 3732 1_1_0d EXIST::FUNCTION: -X509_get0_pubkey 3733 1_1_0d EXIST::FUNCTION: -CMS_EncryptedData_encrypt 3734 1_1_0d EXIST::FUNCTION:CMS -X509_REVOKED_get0_serialNumber 3735 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_error_depth 3736 1_1_0d EXIST::FUNCTION: -BIO_get_port 3737 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK -BIO_dgram_is_sctp 3738 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -EC_GROUP_get_order 3739 1_1_0d EXIST::FUNCTION:EC -ERR_load_RSA_strings 3740 1_1_0d EXIST::FUNCTION:RSA -SOF_VerifySignedData 3741 1_1_0d EXIST::FUNCTION: -BIO_number_read 3742 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_ctrl 3743 1_1_0d EXIST::FUNCTION: -BIO_s_datagram 3744 1_1_0d EXIST::FUNCTION:DGRAM -BB1PrivateKeyBlock_it 3745 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BB1PrivateKeyBlock_it 3745 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_PURPOSE_get_trust 3746 1_1_0d EXIST::FUNCTION: -PAILLIER_check_key 3747 1_1_0d EXIST::FUNCTION: -X509_get_extension_flags 3748 1_1_0d EXIST::FUNCTION: -CPK_PUBLIC_PARAMS_new 3749 1_1_0d EXIST::FUNCTION: -ERR_load_EVP_strings 3750 1_1_0d EXIST::FUNCTION: -BIO_ADDR_rawaddress 3751 1_1_0d EXIST::FUNCTION:SOCK -d2i_BFCiphertextBlock 3752 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_DH 3753 1_1_0d EXIST::FUNCTION:ENGINE -NAME_CONSTRAINTS_check_CN 3754 1_1_0d EXIST::FUNCTION: -PAILLIER_decrypt 3755 1_1_0d EXIST::FUNCTION: -SKF_ExtECCVerify 3756 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_set 3757 1_1_0d EXIST::FUNCTION: -PKCS12_init 3758 1_1_0d EXIST::FUNCTION: -OPENSSL_utf82uni 3759 1_1_0d EXIST::FUNCTION: -AES_encrypt 3760 1_1_0d EXIST::FUNCTION: -RSA_padding_add_SSLv23 3761 1_1_0d EXIST::FUNCTION:RSA -OBJ_nid2ln 3762 1_1_0d EXIST::FUNCTION: -d2i_X509_CRL_bio 3763 1_1_0d EXIST::FUNCTION: -d2i_IPAddressOrRange 3764 1_1_0d EXIST::FUNCTION:RFC3779 -PEM_write_bio_PKCS7_stream 3765 1_1_0d EXIST::FUNCTION: -SCT_get_log_entry_type 3766 1_1_0d EXIST::FUNCTION:CT -SKF_Decrypt 3767 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_set_version 3768 1_1_0d EXIST::FUNCTION:TS -BN_mod_sub 3769 1_1_0d EXIST::FUNCTION: -SHA512_Transform 3770 1_1_0d EXIST:!VMSVAX:FUNCTION: -PKCS12_key_gen_asc 3771 1_1_0d EXIST::FUNCTION: -RSA_X931_generate_key_ex 3772 1_1_0d EXIST::FUNCTION:RSA -PEM_write_X509 3773 1_1_0d EXIST::FUNCTION:STDIO -TS_REQ_set_version 3774 1_1_0d EXIST::FUNCTION:TS -EVP_EncryptUpdate 3775 1_1_0d EXIST::FUNCTION: -BIO_set_shutdown 3776 1_1_0d EXIST::FUNCTION: -ASN1_STRING_get0_data 3777 1_1_0d EXIST::FUNCTION: -SOF_GetTimeStampInfo 3778 1_1_0d EXIST::FUNCTION: -EC_KEY_dup 3779 1_1_0d EXIST::FUNCTION:EC -SAF_SM2_DecodeSignedData 3780 1_1_0d EXIST::FUNCTION: -X509V3_add_value_uchar 3781 1_1_0d EXIST::FUNCTION: -ENGINE_set_finish_function 3782 1_1_0d EXIST::FUNCTION:ENGINE -EVP_CIPHER_CTX_set_flags 3783 1_1_0d EXIST::FUNCTION: -X509_trusted 3784 1_1_0d EXIST::FUNCTION: -BN_get_rfc3526_prime_6144 3785 1_1_0d EXIST::FUNCTION: -PEM_write_PKCS8 3786 1_1_0d EXIST::FUNCTION:STDIO -EVP_PKEY_meth_set_sign 3787 1_1_0d EXIST::FUNCTION: -DES_ecb_encrypt 3788 1_1_0d EXIST::FUNCTION:DES -d2i_ASN1_BMPSTRING 3789 1_1_0d EXIST::FUNCTION: -AES_ecb_encrypt 3790 1_1_0d EXIST::FUNCTION: -ERR_peek_error_line 3791 1_1_0d EXIST::FUNCTION: -X509_STORE_new 3792 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_set_int64 3793 1_1_0d EXIST::FUNCTION: -BIO_new_socket 3794 1_1_0d EXIST::FUNCTION:SOCK -EVP_DecryptInit 3795 1_1_0d EXIST::FUNCTION: -SAF_SM2_DecodeSignedAndEnvelopedData 3796 1_1_0d EXIST::FUNCTION: -CMS_ReceiptRequest_new 3797 1_1_0d EXIST::FUNCTION:CMS -BN_div_word 3798 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_set_trust 3799 1_1_0d EXIST::FUNCTION: -EVP_PKEY_print_public 3800 1_1_0d EXIST::FUNCTION: -X509_REQ_print_ex 3801 1_1_0d EXIST::FUNCTION: -SAF_Base64_DestroyBase64Obj 3802 1_1_0d EXIST::FUNCTION: -PKCS12_unpack_authsafes 3803 1_1_0d EXIST::FUNCTION: -UI_set_default_method 3804 1_1_0d EXIST::FUNCTION:UI -ENGINE_get_default_DSA 3805 1_1_0d EXIST::FUNCTION:ENGINE -ERR_error_string_n 3806 1_1_0d EXIST::FUNCTION: -BN_div_recp 3807 1_1_0d EXIST::FUNCTION: -ASN1_OBJECT_new 3808 1_1_0d EXIST::FUNCTION: -X509_free 3809 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_pkey_ctx 3810 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_get_time 3811 1_1_0d EXIST::FUNCTION:CT -ASYNC_pause_job 3812 1_1_0d EXIST::FUNCTION: -ASYNC_get_wait_ctx 3813 1_1_0d EXIST::FUNCTION: -DSA_test_flags 3814 1_1_0d EXIST::FUNCTION:DSA -ASN1_PCTX_set_oid_flags 3815 1_1_0d EXIST::FUNCTION: -PEM_read_bio_NETSCAPE_CERT_SEQUENCE 3816 1_1_0d EXIST::FUNCTION: -ASN1_UNIVERSALSTRING_to_string 3817 1_1_0d EXIST::FUNCTION: -BIO_connect 3818 1_1_0d EXIST::FUNCTION:SOCK -BN_GF2m_mod_inv_arr 3819 1_1_0d EXIST::FUNCTION:EC2M -d2i_TS_REQ 3820 1_1_0d EXIST::FUNCTION:TS -d2i_ECPrivateKey_bio 3821 1_1_0d EXIST::FUNCTION:EC -i2d_PKCS7_SIGNER_INFO 3822 1_1_0d EXIST::FUNCTION: -DH_get_2048_224 3823 1_1_0d EXIST::FUNCTION:DH -PEM_read_bio_ECPKParameters 3824 1_1_0d EXIST::FUNCTION:EC -i2d_PKCS12 3825 1_1_0d EXIST::FUNCTION: -DSA_do_sign 3826 1_1_0d EXIST::FUNCTION:DSA -CMS_EncryptedData_set1_key 3827 1_1_0d EXIST::FUNCTION:CMS -d2i_OCSP_ONEREQ 3828 1_1_0d EXIST::FUNCTION:OCSP -RSA_set_RSArefPublicKey 3829 1_1_0d EXIST::FUNCTION: -CONF_load_fp 3830 1_1_0d EXIST::FUNCTION:STDIO -PEM_write_X509_REQ 3831 1_1_0d EXIST::FUNCTION:STDIO -USERNOTICE_new 3832 1_1_0d EXIST::FUNCTION: -i2d_SM9PublicParameters 3833 1_1_0d EXIST::FUNCTION: -CONF_imodule_get_value 3834 1_1_0d EXIST::FUNCTION: -i2d_PKCS12_SAFEBAG 3835 1_1_0d EXIST::FUNCTION: -BN_mod_sqrt 3836 1_1_0d EXIST::FUNCTION: -X509_get_issuer_name 3837 1_1_0d EXIST::FUNCTION: -X509V3_EXT_CRL_add_nconf 3838 1_1_0d EXIST::FUNCTION: -ECIES_do_decrypt 3839 1_1_0d EXIST::FUNCTION: -PKCS7_SIGN_ENVELOPE_free 3840 1_1_0d EXIST::FUNCTION: -d2i_PKCS7_SIGNED 3841 1_1_0d EXIST::FUNCTION: -NCONF_load_fp 3842 1_1_0d EXIST::FUNCTION:STDIO -BN_CTX_new 3843 1_1_0d EXIST::FUNCTION: -ERR_load_CT_strings 3844 1_1_0d EXIST::FUNCTION:CT -RIPEMD160_Transform 3845 1_1_0d EXIST::FUNCTION:RMD160 -UI_dup_info_string 3846 1_1_0d EXIST::FUNCTION:UI -X509_STORE_CTX_get_lookup_crls 3847 1_1_0d EXIST::FUNCTION: -BN_to_ASN1_ENUMERATED 3848 1_1_0d EXIST::FUNCTION: -TS_CONF_load_certs 3849 1_1_0d EXIST::FUNCTION:TS -RSAPrivateKey_it 3850 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA -RSAPrivateKey_it 3850 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA -X509_NAME_hash_old 3851 1_1_0d EXIST::FUNCTION: -DES_encrypt1 3852 1_1_0d EXIST::FUNCTION:DES -i2d_TS_RESP_bio 3853 1_1_0d EXIST::FUNCTION:TS -SCT_set_version 3854 1_1_0d EXIST::FUNCTION:CT -ENGINE_by_id 3855 1_1_0d EXIST::FUNCTION:ENGINE -MD2_Update 3856 1_1_0d EXIST::FUNCTION:MD2 -X509_NAME_ENTRY_free 3857 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_new_from_ECCCipher 3858 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_add0 3859 1_1_0d EXIST::FUNCTION: -HMAC_CTX_free 3860 1_1_0d EXIST::FUNCTION: -BF_set_key 3861 1_1_0d EXIST::FUNCTION:BF -d2i_TS_RESP_bio 3862 1_1_0d EXIST::FUNCTION:TS -ECDSA_size 3863 1_1_0d EXIST::FUNCTION:EC -SOF_GenRandom 3864 1_1_0d EXIST::FUNCTION: -d2i_ECIES_CIPHERTEXT_VALUE 3865 1_1_0d EXIST::FUNCTION: -X509_REVOKED_new 3866 1_1_0d EXIST::FUNCTION: -X509_issuer_name_hash_old 3867 1_1_0d EXIST::FUNCTION:MD5 -ASN1_PCTX_set_cert_flags 3868 1_1_0d EXIST::FUNCTION: -Camellia_cfb1_encrypt 3869 1_1_0d EXIST::FUNCTION:CAMELLIA -OCSP_check_nonce 3870 1_1_0d EXIST::FUNCTION:OCSP -UI_OpenSSL 3871 1_1_0d EXIST::FUNCTION:UI -d2i_ASN1_UTF8STRING 3872 1_1_0d EXIST::FUNCTION: -OCSP_SINGLERESP_add_ext 3873 1_1_0d EXIST::FUNCTION:OCSP -BN_X931_derive_prime_ex 3874 1_1_0d EXIST::FUNCTION: -i2d_SCT_LIST 3875 1_1_0d EXIST::FUNCTION:CT -BN_GF2m_add 3876 1_1_0d EXIST::FUNCTION:EC2M -ASN1_GENERALIZEDTIME_print 3877 1_1_0d EXIST::FUNCTION: -BIO_dgram_sctp_notification_cb 3878 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -d2i_TS_MSG_IMPRINT 3879 1_1_0d EXIST::FUNCTION:TS -OCSP_ONEREQ_get_ext_count 3880 1_1_0d EXIST::FUNCTION:OCSP -DIST_POINT_NAME_free 3881 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_cmp 3882 1_1_0d EXIST::FUNCTION: -CTLOG_STORE_load_file 3883 1_1_0d EXIST::FUNCTION:CT -i2d_OCSP_CERTSTATUS 3884 1_1_0d EXIST::FUNCTION:OCSP -TS_RESP_CTX_set_status_info 3885 1_1_0d EXIST::FUNCTION:TS -X509_STORE_CTX_set_purpose 3886 1_1_0d EXIST::FUNCTION: -ECIES_PARAMS_init_with_recommended 3887 1_1_0d EXIST::FUNCTION: -d2i_PROXY_POLICY 3888 1_1_0d EXIST::FUNCTION: -CRYPTO_ccm128_encrypt 3889 1_1_0d EXIST::FUNCTION: -ENGINE_get_default_RSA 3890 1_1_0d EXIST::FUNCTION:ENGINE -PEM_write_bio_PKCS8_PRIV_KEY_INFO 3891 1_1_0d EXIST::FUNCTION: -CRYPTO_ccm128_tag 3892 1_1_0d EXIST::FUNCTION: -EC_POINT_cmp_fppoint 3893 1_1_0d EXIST::FUNCTION: -CMS_add_standard_smimecap 3894 1_1_0d EXIST::FUNCTION:CMS -PKCS12_parse 3895 1_1_0d EXIST::FUNCTION: -ERR_load_BFIBE_strings 3896 1_1_0d EXIST::FUNCTION: -SAF_Logout 3897 1_1_0d EXIST::FUNCTION: -OCSP_request_is_signed 3898 1_1_0d EXIST::FUNCTION:OCSP -EXTENDED_KEY_USAGE_new 3899 1_1_0d EXIST::FUNCTION: -X509_TRUST_set_default 3900 1_1_0d EXIST::FUNCTION: -CRYPTO_nistcts128_encrypt 3901 1_1_0d EXIST::FUNCTION: -SM2_KAP_CTX_cleanup 3902 1_1_0d EXIST::FUNCTION: -X509_REQ_it 3903 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_REQ_it 3903 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_PKCS7_bio_stream 3904 1_1_0d EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_free 3905 1_1_0d EXIST::FUNCTION:CT -SM2_encrypt 3906 1_1_0d EXIST::FUNCTION: -ENGINE_get_pkey_asn1_meths 3907 1_1_0d EXIST::FUNCTION:ENGINE -CRYPTO_secure_malloc_done 3908 1_1_0d EXIST::FUNCTION: -SOF_GetLastError 3909 1_1_0d EXIST::FUNCTION: -X509_STORE_set_ex_data 3910 1_1_0d EXIST::FUNCTION: -d2i_RSA_OAEP_PARAMS 3911 1_1_0d EXIST::FUNCTION:RSA -CMS_ContentInfo_new 3912 1_1_0d EXIST::FUNCTION:CMS -OPENSSL_sk_shift 3913 1_1_0d EXIST::FUNCTION: -BN_rand_range 3914 1_1_0d EXIST::FUNCTION: -X509V3_EXT_d2i 3915 1_1_0d EXIST::FUNCTION: -PEM_ASN1_read_bio 3916 1_1_0d EXIST::FUNCTION: -HMAC_CTX_get_md 3917 1_1_0d EXIST::FUNCTION: -i2d_CMS_ReceiptRequest 3918 1_1_0d EXIST::FUNCTION:CMS -BN_is_prime_ex 3919 1_1_0d EXIST::FUNCTION: -ASN1_const_check_infinite_end 3920 1_1_0d EXIST::FUNCTION: -POLICYQUALINFO_free 3921 1_1_0d EXIST::FUNCTION: -DES_cbc_cksum 3922 1_1_0d EXIST::FUNCTION:DES -X509_NAME_add_entry_by_txt 3923 1_1_0d EXIST::FUNCTION: -SDF_ExportSignPublicKey_RSA 3924 1_1_0d EXIST::FUNCTION: -i2o_ECPublicKey 3925 1_1_0d EXIST::FUNCTION:EC -NAME_CONSTRAINTS_new 3926 1_1_0d EXIST::FUNCTION: -DSA_set0_pqg 3927 1_1_0d EXIST::FUNCTION:DSA -TS_CONF_set_digests 3928 1_1_0d EXIST::FUNCTION:TS -BN_nist_mod_521 3929 1_1_0d EXIST::FUNCTION: -i2d_EDIPARTYNAME 3930 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get1_certs 3931 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_verify 3932 1_1_0d EXIST::FUNCTION: -ASIdOrRange_free 3933 1_1_0d EXIST::FUNCTION:RFC3779 -SHA1_Final 3934 1_1_0d EXIST::FUNCTION: -RSAPrivateKey_dup 3935 1_1_0d EXIST::FUNCTION:RSA -TS_REQ_ext_free 3936 1_1_0d EXIST::FUNCTION:TS -ENGINE_get_pkey_asn1_meth_str 3937 1_1_0d EXIST::FUNCTION:ENGINE -BUF_MEM_new 3938 1_1_0d EXIST::FUNCTION: -X509_ALGOR_cmp 3939 1_1_0d EXIST::FUNCTION: -DSA_generate_parameters_ex 3940 1_1_0d EXIST::FUNCTION:DSA -X509_VERIFY_PARAM_set1 3941 1_1_0d EXIST::FUNCTION: -d2i_PKCS8_fp 3942 1_1_0d EXIST::FUNCTION:STDIO -EC_GROUP_get0_generator 3943 1_1_0d EXIST::FUNCTION:EC -d2i_AutoPrivateKey 3944 1_1_0d EXIST::FUNCTION: -DH_get_length 3945 1_1_0d EXIST::FUNCTION:DH -NCONF_get_string 3946 1_1_0d EXIST::FUNCTION: -PBEPARAM_free 3947 1_1_0d EXIST::FUNCTION: -SAF_VerifyCertificateByCrl 3948 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_reset 3949 1_1_0d EXIST::FUNCTION: -OPENSSL_gmtime_adj 3950 1_1_0d EXIST::FUNCTION: -EVP_rc2_40_cbc 3951 1_1_0d EXIST::FUNCTION:RC2 -CPK_MAP_str2index 3952 1_1_0d EXIST::FUNCTION: -OCSP_check_validity 3953 1_1_0d EXIST::FUNCTION:OCSP -d2i_RSAPrivateKey 3954 1_1_0d EXIST::FUNCTION:RSA -SAF_GenerateAgreementDataWithECC 3955 1_1_0d EXIST::FUNCTION: -DIRECTORYSTRING_new 3956 1_1_0d EXIST::FUNCTION: -X509_CRL_get_nextUpdate 3957 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -ASN1_item_ndef_i2d 3958 1_1_0d EXIST::FUNCTION: -IPAddressRange_new 3959 1_1_0d EXIST::FUNCTION:RFC3779 -PKCS12_PBE_keyivgen 3960 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_it 3961 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -CPK_MASTER_SECRET_it 3961 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -i2d_PBKDF2PARAM 3962 1_1_0d EXIST::FUNCTION: -ASN1_UTCTIME_set_string 3963 1_1_0d EXIST::FUNCTION: -BIO_f_zlib 3964 1_1_0d EXIST:ZLIB:FUNCTION:COMP -i2d_ASIdentifierChoice 3965 1_1_0d EXIST::FUNCTION:RFC3779 -ENGINE_get_load_privkey_function 3966 1_1_0d EXIST::FUNCTION:ENGINE -X509_CRL_sign 3967 1_1_0d EXIST::FUNCTION: -PKCS7_ISSUER_AND_SERIAL_free 3968 1_1_0d EXIST::FUNCTION: -UI_method_set_writer 3969 1_1_0d EXIST::FUNCTION:UI -EVP_bf_cfb64 3970 1_1_0d EXIST::FUNCTION:BF -RAND_write_file 3971 1_1_0d EXIST::FUNCTION: -MDC2_Final 3972 1_1_0d EXIST::FUNCTION:MDC2 -i2d_PKCS7 3973 1_1_0d EXIST::FUNCTION: -BN_GFP2_add_bn 3974 1_1_0d EXIST::FUNCTION: -BN_bntest_rand 3975 1_1_0d EXIST::FUNCTION: -UI_get0_action_string 3976 1_1_0d EXIST::FUNCTION:UI -EVP_PKEY_bits 3977 1_1_0d EXIST::FUNCTION: -ASN1_INTEGER_dup 3978 1_1_0d EXIST::FUNCTION: -BIO_get_shutdown 3979 1_1_0d EXIST::FUNCTION: -d2i_CPK_MASTER_SECRET_bio 3980 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_get0_type 3981 1_1_0d EXIST::FUNCTION: -i2d_DHparams 3982 1_1_0d EXIST::FUNCTION:DH -EVP_CIPHER_CTX_rand_key 3983 1_1_0d EXIST::FUNCTION: -SOF_GetServerCertificate 3984 1_1_0d EXIST::FUNCTION: -PKCS7_DIGEST_it 3985 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_DIGEST_it 3985 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ENGINE_set_ex_data 3986 1_1_0d EXIST::FUNCTION:ENGINE -PEM_write_bio_PrivateKey 3987 1_1_0d EXIST::FUNCTION: -OPENSSL_die 3988 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_check_policy 3989 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set_hostflags 3990 1_1_0d EXIST::FUNCTION: -RSA_sign_ASN1_OCTET_STRING 3991 1_1_0d EXIST::FUNCTION:RSA -BN_mod_exp_mont_word 3992 1_1_0d EXIST::FUNCTION: -FpPoint_it 3993 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -FpPoint_it 3993 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -d2i_TS_TST_INFO_fp 3994 1_1_0d EXIST::FUNCTION:STDIO,TS -BIO_dump_indent_cb 3995 1_1_0d EXIST::FUNCTION: -SAF_GetCertificateInfo 3996 1_1_0d EXIST::FUNCTION: -OCSP_BASICRESP_get_ext_count 3997 1_1_0d EXIST::FUNCTION:OCSP -BN_mod_add 3998 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get0_store 3999 1_1_0d EXIST::FUNCTION: -ASYNC_get_current_job 4000 1_1_0d EXIST::FUNCTION: -OCSP_RESPID_it 4001 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP -OCSP_RESPID_it 4001 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP -EVP_aes_192_ctr 4002 1_1_0d EXIST::FUNCTION: -SM2_KAP_compute_key 4003 1_1_0d EXIST::FUNCTION: -BIO_number_written 4004 1_1_0d EXIST::FUNCTION: -PEM_read_bio_DSAparams 4005 1_1_0d EXIST::FUNCTION:DSA -BIO_f_md 4006 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_DH 4007 1_1_0d EXIST::FUNCTION:DH -OCSP_request_add1_nonce 4008 1_1_0d EXIST::FUNCTION:OCSP -CONF_modules_unload 4009 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_set0_othername 4010 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_ctrl 4011 1_1_0d EXIST::FUNCTION: -PKCS7_add_attrib_content_type 4012 1_1_0d EXIST::FUNCTION: -DHparams_print_fp 4013 1_1_0d EXIST::FUNCTION:DH,STDIO -PKCS7_to_TS_TST_INFO 4014 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_derive_set_peer 4015 1_1_0d EXIST::FUNCTION: -TS_VERIFY_CTX_set_flags 4016 1_1_0d EXIST::FUNCTION:TS -EC_GFp_nistp224_method 4017 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 -TS_MSG_IMPRINT_set_msg 4018 1_1_0d EXIST::FUNCTION:TS -EVP_rc5_32_12_16_ofb 4019 1_1_0d EXIST::FUNCTION:RC5 -X509_REQ_set_subject_name 4020 1_1_0d EXIST::FUNCTION: -CMS_dataFinal 4021 1_1_0d EXIST::FUNCTION:CMS -DSA_do_verify 4022 1_1_0d EXIST::FUNCTION:DSA -X509_issuer_and_serial_hash 4023 1_1_0d EXIST::FUNCTION: -BIO_nwrite 4024 1_1_0d EXIST::FUNCTION: -SKF_ECCSignData 4025 1_1_0d EXIST::FUNCTION: -IPAddressFamily_new 4026 1_1_0d EXIST::FUNCTION:RFC3779 -BIO_ctrl_get_write_guarantee 4027 1_1_0d EXIST::FUNCTION: -BIO_parse_hostserv 4028 1_1_0d EXIST::FUNCTION:SOCK -EVP_MD_do_all 4029 1_1_0d EXIST::FUNCTION: -UI_get_ex_data 4030 1_1_0d EXIST::FUNCTION:UI -DES_xcbc_encrypt 4031 1_1_0d EXIST::FUNCTION:DES -PROXY_POLICY_new 4032 1_1_0d EXIST::FUNCTION: -EC_KEY_new_from_ECCPUBLICKEYBLOB 4033 1_1_0d EXIST::FUNCTION: -GENERAL_NAMES_it 4034 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_NAMES_it 4034 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CMS_signed_add1_attr_by_NID 4035 1_1_0d EXIST::FUNCTION:CMS -UI_add_info_string 4036 1_1_0d EXIST::FUNCTION:UI -EVP_read_pw_string 4037 1_1_0d EXIST::FUNCTION:UI -PKCS7_verify 4038 1_1_0d EXIST::FUNCTION: -ENGINE_get_default_EC 4039 1_1_0d EXIST::FUNCTION:ENGINE -BN_nist_mod_384 4040 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_inherit 4041 1_1_0d EXIST::FUNCTION: -BN_bn2mpi 4042 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_free 4043 1_1_0d EXIST::FUNCTION: -SDF_OpenSession 4044 1_1_0d EXIST::FUNCTION: -d2i_X509_PUBKEY 4045 1_1_0d EXIST::FUNCTION: -TXT_DB_free 4046 1_1_0d EXIST::FUNCTION: -i2d_OCSP_RESPDATA 4047 1_1_0d EXIST::FUNCTION:OCSP -SDF_GenerateKeyWithIPK_ECC 4048 1_1_0d EXIST::FUNCTION: -EVP_camellia_128_cbc 4049 1_1_0d EXIST::FUNCTION:CAMELLIA -SAF_GetRootCaCertificate 4050 1_1_0d EXIST::FUNCTION: -EVP_EncryptInit 4051 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_pkey_meths 4052 1_1_0d EXIST::FUNCTION:ENGINE -X509_get0_reject_objects 4053 1_1_0d EXIST::FUNCTION: -BN_set_negative 4054 1_1_0d EXIST::FUNCTION: -EC_KEY_check_key 4055 1_1_0d EXIST::FUNCTION:EC -PKCS7_encrypt 4056 1_1_0d EXIST::FUNCTION: -EVP_camellia_128_ecb 4057 1_1_0d EXIST::FUNCTION:CAMELLIA -ENGINE_get_pkey_asn1_meth_engine 4058 1_1_0d EXIST::FUNCTION:ENGINE -CMS_unsigned_get_attr_by_NID 4059 1_1_0d EXIST::FUNCTION:CMS -TS_CONF_set_signer_digest 4060 1_1_0d EXIST::FUNCTION:TS -EVP_PKEY_meth_set_verify_recover 4061 1_1_0d EXIST::FUNCTION: -ERR_load_CONF_strings 4062 1_1_0d EXIST::FUNCTION: -X509_subject_name_cmp 4063 1_1_0d EXIST::FUNCTION: -BN_lshift 4064 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_verify 4065 1_1_0d EXIST::FUNCTION: -PEM_write_ECPKParameters 4066 1_1_0d EXIST::FUNCTION:EC,STDIO -OBJ_txt2obj 4067 1_1_0d EXIST::FUNCTION: -ASN1_GENERALIZEDTIME_new 4068 1_1_0d EXIST::FUNCTION: -i2d_ASN1_TYPE 4069 1_1_0d EXIST::FUNCTION: -OCSP_REQUEST_new 4070 1_1_0d EXIST::FUNCTION:OCSP -SDF_ImportKeyWithISK_RSA 4071 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_get_flags 4072 1_1_0d EXIST::FUNCTION: -CMS_unsigned_add1_attr_by_txt 4073 1_1_0d EXIST::FUNCTION:CMS -CRYPTO_cfb128_encrypt 4074 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_get_down_load 4075 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_free 4076 1_1_0d EXIST::FUNCTION: -PEM_write_NETSCAPE_CERT_SEQUENCE 4077 1_1_0d EXIST::FUNCTION:STDIO -X509_REVOKED_add1_ext_i2d 4078 1_1_0d EXIST::FUNCTION: -BIO_get_callback_arg 4079 1_1_0d EXIST::FUNCTION: -DSA_generate_parameters 4080 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,DSA -PKCS12_SAFEBAG_get_bag_nid 4081 1_1_0d EXIST::FUNCTION: -SCT_validate 4082 1_1_0d EXIST::FUNCTION:CT -KDF_get_ibcs 4083 1_1_0d EXIST::FUNCTION: -BN_BLINDING_invert 4084 1_1_0d EXIST::FUNCTION: -RSA_private_decrypt 4085 1_1_0d EXIST::FUNCTION:RSA -X509_load_cert_file 4086 1_1_0d EXIST::FUNCTION: -TS_RESP_CTX_set_time_cb 4087 1_1_0d EXIST::FUNCTION:TS -CMS_get1_certs 4088 1_1_0d EXIST::FUNCTION:CMS -DH_meth_dup 4089 1_1_0d EXIST::FUNCTION:DH -EVP_ENCODE_CTX_new 4090 1_1_0d EXIST::FUNCTION: -UTF8_putc 4091 1_1_0d EXIST::FUNCTION: -BIO_s_accept 4092 1_1_0d EXIST::FUNCTION:SOCK -ASN1_BIT_STRING_it 4093 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_BIT_STRING_it 4093 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SM9MasterSecret_it 4094 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM9MasterSecret_it 4094 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_PRINTABLE_it 4095 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_PRINTABLE_it 4095 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ASN1_ENUMERATED_get 4096 1_1_0d EXIST::FUNCTION: -PKCS12_SAFEBAG_create_cert 4097 1_1_0d EXIST::FUNCTION: -i2s_ASN1_INTEGER 4098 1_1_0d EXIST::FUNCTION: -BN_generate_prime 4099 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 -SXNETID_it 4100 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SXNETID_it 4100 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CMS_RecipientInfo_kari_get0_ctx 4101 1_1_0d EXIST::FUNCTION:CMS -MD2_Final 4102 1_1_0d EXIST::FUNCTION:MD2 -X509_PUBKEY_get0 4103 1_1_0d EXIST::FUNCTION: -EVP_PKEY_derive 4104 1_1_0d EXIST::FUNCTION: -CRYPTO_set_mem_debug 4105 1_1_0d EXIST::FUNCTION: -X509_PUBKEY_get 4106 1_1_0d EXIST::FUNCTION: -EC_KEY_print_fp 4107 1_1_0d EXIST::FUNCTION:EC,STDIO -PKCS12_pack_p7encdata 4108 1_1_0d EXIST::FUNCTION: -SRP_Verify_A_mod_N 4109 1_1_0d EXIST::FUNCTION:SRP -CMAC_Init 4110 1_1_0d EXIST::FUNCTION:CMAC -ERR_put_error 4111 1_1_0d EXIST::FUNCTION: -X509_set_subject_name 4112 1_1_0d EXIST::FUNCTION: -TS_TST_INFO_ext_free 4113 1_1_0d EXIST::FUNCTION:TS -X509_new 4114 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_pkey_asn1_meths 4115 1_1_0d EXIST::FUNCTION:ENGINE -OPENSSL_sk_pop_free 4116 1_1_0d EXIST::FUNCTION: -CBIGNUM_it 4117 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -CBIGNUM_it 4117 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CONF_imodule_set_flags 4118 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_num_asc 4119 1_1_0d EXIST::FUNCTION: -TS_ASN1_INTEGER_print_bio 4120 1_1_0d EXIST::FUNCTION:TS -i2d_re_X509_tbs 4121 1_1_0d EXIST::FUNCTION: -EC_GROUP_get0_order 4122 1_1_0d EXIST::FUNCTION:EC -SM2_do_encrypt 4123 1_1_0d EXIST::FUNCTION: -BN_mod_exp_mont 4124 1_1_0d EXIST::FUNCTION: -X509_chain_check_suiteb 4125 1_1_0d EXIST::FUNCTION: -NCONF_load 4126 1_1_0d EXIST::FUNCTION: -X509_get_ext_d2i 4127 1_1_0d EXIST::FUNCTION: -ENGINE_ctrl 4128 1_1_0d EXIST::FUNCTION:ENGINE -X509V3_EXT_get_nid 4129 1_1_0d EXIST::FUNCTION: -BIO_ctrl_wpending 4130 1_1_0d EXIST::FUNCTION: -d2i_ASN1_GENERALIZEDTIME 4131 1_1_0d EXIST::FUNCTION: -PEM_read_X509_REQ 4132 1_1_0d EXIST::FUNCTION:STDIO -FFX_CTX_new 4133 1_1_0d EXIST::FUNCTION: -SKF_ExtECCDecrypt 4134 1_1_0d EXIST::FUNCTION: -SOF_ExportExchangeUserCert 4135 1_1_0d EXIST::FUNCTION: -X509_ALGOR_it 4136 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_ALGOR_it 4136 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_issuer_and_serial_cmp 4137 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_arr 4138 1_1_0d EXIST::FUNCTION:EC2M -i2d_EC_PUBKEY_fp 4139 1_1_0d EXIST::FUNCTION:EC,STDIO -CRYPTO_128_wrap 4140 1_1_0d EXIST::FUNCTION: -d2i_ASN1_UINTEGER 4141 1_1_0d EXIST::FUNCTION: -BIO_read 4142 1_1_0d EXIST::FUNCTION: -d2i_X509_NAME 4143 1_1_0d EXIST::FUNCTION: -X509_CINF_new 4144 1_1_0d EXIST::FUNCTION: -ENGINE_register_all_EC 4145 1_1_0d EXIST::FUNCTION:ENGINE -X509_REQ_get_attr 4146 1_1_0d EXIST::FUNCTION: -CRYPTO_ccm128_setiv 4147 1_1_0d EXIST::FUNCTION: -TS_CONF_load_cert 4148 1_1_0d EXIST::FUNCTION:TS -CRYPTO_ctr128_encrypt_ctr32 4149 1_1_0d EXIST::FUNCTION: -CMS_SignedData_init 4150 1_1_0d EXIST::FUNCTION:CMS -PAILLIER_encrypt 4151 1_1_0d EXIST::FUNCTION: -BIO_dump 4152 1_1_0d EXIST::FUNCTION: -X509_policy_tree_level_count 4153 1_1_0d EXIST::FUNCTION: -ENGINE_set_name 4154 1_1_0d EXIST::FUNCTION:ENGINE -ECDSA_SIG_set_ECCSIGNATUREBLOB 4155 1_1_0d EXIST::FUNCTION: -sms4_cbc_encrypt 4156 1_1_0d EXIST::FUNCTION: -OCSP_RESPBYTES_free 4157 1_1_0d EXIST::FUNCTION:OCSP -X509_OBJECT_retrieve_match 4158 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_impl_ctx_size 4159 1_1_0d EXIST::FUNCTION: -SRP_Calc_A 4160 1_1_0d EXIST::FUNCTION:SRP -X509_PURPOSE_get_count 4161 1_1_0d EXIST::FUNCTION: -BIO_set_cipher 4162 1_1_0d EXIST::FUNCTION: -ERR_get_error_line_data 4163 1_1_0d EXIST::FUNCTION: -UI_dup_input_string 4164 1_1_0d EXIST::FUNCTION:UI -SKF_RSAVerify 4165 1_1_0d EXIST::FUNCTION: -SM9_do_decrypt 4166 1_1_0d EXIST::FUNCTION: -ASN1_BIT_STRING_set 4167 1_1_0d EXIST::FUNCTION: -DH_get0_key 4168 1_1_0d EXIST::FUNCTION:DH -d2i_X509_bio 4169 1_1_0d EXIST::FUNCTION: -DH_check 4170 1_1_0d EXIST::FUNCTION:DH -RSA_meth_set_finish 4171 1_1_0d EXIST::FUNCTION:RSA -OPENSSL_cleanup 4172 1_1_0d EXIST::FUNCTION: -ECDSA_do_sign_ex 4173 1_1_0d EXIST::FUNCTION:EC -EC_KEY_METHOD_set_sign 4174 1_1_0d EXIST::FUNCTION:EC -EC_KEY_oct2priv 4175 1_1_0d EXIST::FUNCTION:EC -CMS_signed_get_attr_by_OBJ 4176 1_1_0d EXIST::FUNCTION:CMS -EC_POINT_point2oct 4177 1_1_0d EXIST::FUNCTION:EC -SM2_KAP_prepare 4178 1_1_0d EXIST::FUNCTION: -d2i_ASN1_ENUMERATED 4179 1_1_0d EXIST::FUNCTION: -EVP_PKEY_id 4180 1_1_0d EXIST::FUNCTION: -ENGINE_get_last 4181 1_1_0d EXIST::FUNCTION:ENGINE -BN_BLINDING_set_flags 4182 1_1_0d EXIST::FUNCTION: -UI_method_get_prompt_constructor 4183 1_1_0d EXIST::FUNCTION:UI -d2i_OCSP_SINGLERESP 4184 1_1_0d EXIST::FUNCTION:OCSP -i2d_PKCS8PrivateKeyInfo_bio 4185 1_1_0d EXIST::FUNCTION: -BN_GENCB_get_arg 4186 1_1_0d EXIST::FUNCTION: -X509V3_set_nconf 4187 1_1_0d EXIST::FUNCTION: -ERR_remove_state 4188 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_0_0 -PROXY_CERT_INFO_EXTENSION_new 4189 1_1_0d EXIST::FUNCTION: -BFPrivateKeyBlock_new 4190 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_set_nm_flags 4191 1_1_0d EXIST::FUNCTION: -ECDSA_do_sign 4192 1_1_0d EXIST::FUNCTION:EC -ENGINE_get_pkey_meths 4193 1_1_0d EXIST::FUNCTION:ENGINE -CONF_module_add 4194 1_1_0d EXIST::FUNCTION: -SHA256 4195 1_1_0d EXIST::FUNCTION: -EVP_add_cipher 4196 1_1_0d EXIST::FUNCTION: -i2d_RSAPrivateKey_bio 4197 1_1_0d EXIST::FUNCTION:RSA -CMS_RecipientInfo_type 4198 1_1_0d EXIST::FUNCTION:CMS -SKF_ExtRSAPriKeyOperation 4199 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_set_cmp_func 4200 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_set_inh_flags 4201 1_1_0d EXIST::FUNCTION: -EVP_aes_128_wrap 4202 1_1_0d EXIST::FUNCTION: -DSA_meth_get_verify 4203 1_1_0d EXIST::FUNCTION:DSA -SHA512 4204 1_1_0d EXIST:!VMSVAX:FUNCTION: -UI_get0_result_string 4205 1_1_0d EXIST::FUNCTION:UI -PAILLIER_new 4206 1_1_0d EXIST::FUNCTION: -X509_REQ_sign 4207 1_1_0d EXIST::FUNCTION: -i2d_NETSCAPE_SPKAC 4208 1_1_0d EXIST::FUNCTION: -X509V3_EXT_add 4209 1_1_0d EXIST::FUNCTION: -i2b_PublicKey_bio 4210 1_1_0d EXIST::FUNCTION:DSA -ENGINE_load_ssl_client_cert 4211 1_1_0d EXIST::FUNCTION:ENGINE -EVP_seed_cbc 4212 1_1_0d EXIST::FUNCTION:SEED -EVP_MD_meth_get_result_size 4213 1_1_0d EXIST::FUNCTION: -OCSP_onereq_get0_id 4214 1_1_0d EXIST::FUNCTION:OCSP -BN_pseudo_rand 4215 1_1_0d EXIST::FUNCTION: -BIO_get_retry_reason 4216 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_get_operation 4217 1_1_0d EXIST::FUNCTION: -X509_EXTENSION_create_by_NID 4218 1_1_0d EXIST::FUNCTION: -SKF_PrintECCSignature 4219 1_1_0d EXIST::FUNCTION: -CMS_signed_get_attr_count 4220 1_1_0d EXIST::FUNCTION:CMS -CRYPTO_gcm128_encrypt_ctr32 4221 1_1_0d EXIST::FUNCTION: -BB1IBE_setup 4222 1_1_0d EXIST::FUNCTION: -ESS_ISSUER_SERIAL_free 4223 1_1_0d EXIST::FUNCTION:TS -X509_NAME_add_entry_by_NID 4224 1_1_0d EXIST::FUNCTION: -BN_nist_mod_192 4225 1_1_0d EXIST::FUNCTION: -X509_gmtime_adj 4226 1_1_0d EXIST::FUNCTION: -SKF_DecryptInit 4227 1_1_0d EXIST::FUNCTION: -DSAparams_print 4228 1_1_0d EXIST::FUNCTION:DSA -ASN1_STRING_length_set 4229 1_1_0d EXIST::FUNCTION: -EC_KEY_copy 4230 1_1_0d EXIST::FUNCTION:EC -ESS_ISSUER_SERIAL_new 4231 1_1_0d EXIST::FUNCTION:TS -BN_lebin2bn 4232 1_1_0d EXIST::FUNCTION: -ENGINE_get_cipher_engine 4233 1_1_0d EXIST::FUNCTION:ENGINE -PEM_bytes_read_bio 4234 1_1_0d EXIST::FUNCTION: -PKCS12_MAC_DATA_free 4235 1_1_0d EXIST::FUNCTION: -POLICYINFO_free 4236 1_1_0d EXIST::FUNCTION: -EVP_PKEY_keygen 4237 1_1_0d EXIST::FUNCTION: -PKCS12_pbe_crypt 4238 1_1_0d EXIST::FUNCTION: -X509_NAME_entry_count 4239 1_1_0d EXIST::FUNCTION: -OCSP_REQINFO_free 4240 1_1_0d EXIST::FUNCTION:OCSP -X509v3_addr_inherits 4241 1_1_0d EXIST::FUNCTION:RFC3779 -X509_CRL_get0_nextUpdate 4242 1_1_0d EXIST::FUNCTION: -i2d_ASN1_GENERALSTRING 4243 1_1_0d EXIST::FUNCTION: -OCSP_ONEREQ_add1_ext_i2d 4244 1_1_0d EXIST::FUNCTION:OCSP -CMS_is_detached 4245 1_1_0d EXIST::FUNCTION:CMS -BIO_f_null 4246 1_1_0d EXIST::FUNCTION: -DSA_SIG_set0 4247 1_1_0d EXIST::FUNCTION:DSA -X509_set_proxy_pathlen 4248 1_1_0d EXIST::FUNCTION: -OCSP_REQ_CTX_add1_header 4249 1_1_0d EXIST::FUNCTION:OCSP -DSO_ctrl 4250 1_1_0d EXIST::FUNCTION: -SHA1 4251 1_1_0d EXIST::FUNCTION: -i2d_PAILLIER_PUBKEY 4252 1_1_0d EXIST::FUNCTION:PAILLIER -TS_RESP_CTX_set_clock_precision_digits 4253 1_1_0d EXIST::FUNCTION:TS -ASN1_INTEGER_get 4254 1_1_0d EXIST::FUNCTION: -PKCS8_pkey_get0_attrs 4255 1_1_0d EXIST::FUNCTION: -EVP_aes_256_cfb8 4256 1_1_0d EXIST::FUNCTION: -SCT_set_signature_nid 4257 1_1_0d EXIST::FUNCTION:CT -X509_STORE_CTX_get_get_issuer 4258 1_1_0d EXIST::FUNCTION: -OCSP_basic_sign 4259 1_1_0d EXIST::FUNCTION:OCSP -X509_TRUST_get_trust 4260 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_node_usage_stats 4261 1_1_0d EXIST::FUNCTION:STDIO -PKCS12_gen_mac 4262 1_1_0d EXIST::FUNCTION: -BN_RECP_CTX_new 4263 1_1_0d EXIST::FUNCTION: -EVP_sha1 4264 1_1_0d EXIST::FUNCTION: -i2d_RSAPrivateKey 4265 1_1_0d EXIST::FUNCTION:RSA -d2i_PKCS7_ENC_CONTENT 4266 1_1_0d EXIST::FUNCTION: -AES_cfb8_encrypt 4267 1_1_0d EXIST::FUNCTION: -ISSUING_DIST_POINT_free 4268 1_1_0d EXIST::FUNCTION: -i2d_BFPublicParameters 4269 1_1_0d EXIST::FUNCTION: -X509_REQ_get_extension_nids 4270 1_1_0d EXIST::FUNCTION: -SAF_RemoveCaCertificate 4271 1_1_0d EXIST::FUNCTION: -SM9Signature_free 4272 1_1_0d EXIST::FUNCTION: -EVP_CipherUpdate 4273 1_1_0d EXIST::FUNCTION: -PEM_write_bio_PrivateKey_traditional 4274 1_1_0d EXIST::FUNCTION: -EC_KEY_get_method 4275 1_1_0d EXIST::FUNCTION:EC -SDF_PrintRSAPrivateKey 4276 1_1_0d EXIST::FUNCTION: -d2i_X509_REQ 4277 1_1_0d EXIST::FUNCTION: -SOF_EncryptData 4278 1_1_0d EXIST::FUNCTION: -EVP_sms4_cbc 4279 1_1_0d EXIST::FUNCTION:SMS4 -PKCS7_add_certificate 4280 1_1_0d EXIST::FUNCTION: -sm3_hmac_update 4281 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_check_crl 4282 1_1_0d EXIST::FUNCTION: -RSA_new_method 4283 1_1_0d EXIST::FUNCTION:RSA -ASN1_OBJECT_create 4284 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_new_from_ECCCIPHERBLOB 4285 1_1_0d EXIST::FUNCTION: -EVP_PKEY_copy_parameters 4286 1_1_0d EXIST::FUNCTION: -i2d_X509_REQ_INFO 4287 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_ctrl 4288 1_1_0d EXIST::FUNCTION: -EVP_MD_meth_new 4289 1_1_0d EXIST::FUNCTION: -EVP_aes_192_ocb 4290 1_1_0d EXIST::FUNCTION:OCB -IPAddressChoice_free 4291 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_sms4_xts 4292 1_1_0d EXIST::FUNCTION:SMS4 -d2i_SXNET 4293 1_1_0d EXIST::FUNCTION: -PEM_read_bio_X509_REQ 4294 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get0_info 4295 1_1_0d EXIST::FUNCTION: -i2d_X509_VAL 4296 1_1_0d EXIST::FUNCTION: -RSA_padding_check_PKCS1_type_1 4297 1_1_0d EXIST::FUNCTION:RSA -BN_mpi2bn 4298 1_1_0d EXIST::FUNCTION: -X509_REQ_new 4299 1_1_0d EXIST::FUNCTION: -X509_VERIFY_PARAM_lookup 4300 1_1_0d EXIST::FUNCTION: -ESS_CERT_ID_free 4301 1_1_0d EXIST::FUNCTION:TS -PKCS7_SIGNER_INFO_it 4302 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_SIGNER_INFO_it 4302 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CPK_MASTER_SECRET_get_name 4303 1_1_0d EXIST::FUNCTION: -BIO_ADDR_free 4304 1_1_0d EXIST::FUNCTION:SOCK -MD5 4305 1_1_0d EXIST::FUNCTION:MD5 -BASIC_CONSTRAINTS_new 4306 1_1_0d EXIST::FUNCTION: -PEM_write_bio_DSAPrivateKey 4307 1_1_0d EXIST::FUNCTION:DSA -BN_bin2bn 4308 1_1_0d EXIST::FUNCTION: -X509at_add1_attr 4309 1_1_0d EXIST::FUNCTION: -MD2_options 4310 1_1_0d EXIST::FUNCTION:MD2 -X509_get0_subject_key_id 4311 1_1_0d EXIST::FUNCTION: -ECPARAMETERS_free 4312 1_1_0d EXIST::FUNCTION:EC -X509_PURPOSE_set 4313 1_1_0d EXIST::FUNCTION: -EVP_aes_256_ecb 4314 1_1_0d EXIST::FUNCTION: -ENGINE_get_default_RAND 4315 1_1_0d EXIST::FUNCTION:ENGINE -DES_ede3_cfb64_encrypt 4316 1_1_0d EXIST::FUNCTION:DES -d2i_EDIPARTYNAME 4317 1_1_0d EXIST::FUNCTION: -EVP_aes_256_cbc 4318 1_1_0d EXIST::FUNCTION: -i2d_OCSP_REVOKEDINFO 4319 1_1_0d EXIST::FUNCTION:OCSP -EVP_MD_CTX_new 4320 1_1_0d EXIST::FUNCTION: -X509_CRL_verify 4321 1_1_0d EXIST::FUNCTION: -BN_clear 4322 1_1_0d EXIST::FUNCTION: -Camellia_ofb128_encrypt 4323 1_1_0d EXIST::FUNCTION:CAMELLIA -X509_LOOKUP_by_fingerprint 4324 1_1_0d EXIST::FUNCTION: -DH_test_flags 4325 1_1_0d EXIST::FUNCTION:DH -BN_get_params 4326 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 -X509v3_addr_canonize 4327 1_1_0d EXIST::FUNCTION:RFC3779 -X509_NAME_get_text_by_OBJ 4328 1_1_0d EXIST::FUNCTION: -EC_POINT_mul 4329 1_1_0d EXIST::FUNCTION:EC -v2i_GENERAL_NAME 4330 1_1_0d EXIST::FUNCTION: -EDIPARTYNAME_it 4331 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -EDIPARTYNAME_it 4331 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -OCSP_SINGLERESP_get_ext_count 4332 1_1_0d EXIST::FUNCTION:OCSP -BN_GF2m_mod_exp 4333 1_1_0d EXIST::FUNCTION:EC2M -SAF_GetCaCertificate 4334 1_1_0d EXIST::FUNCTION: -X509_CRL_cmp 4335 1_1_0d EXIST::FUNCTION: -CRYPTO_secure_zalloc 4336 1_1_0d EXIST::FUNCTION: -CMS_get1_crls 4337 1_1_0d EXIST::FUNCTION:CMS -EVP_PKEY_security_bits 4338 1_1_0d EXIST::FUNCTION: -CMS_RecipientInfo_ktri_get0_signer_id 4339 1_1_0d EXIST::FUNCTION:CMS -OCSP_REQ_CTX_free 4340 1_1_0d EXIST::FUNCTION:OCSP -X509_PURPOSE_add 4341 1_1_0d EXIST::FUNCTION: -speck_set_encrypt_key 4342 1_1_0d NOEXIST::FUNCTION: -s2i_ASN1_OCTET_STRING 4343 1_1_0d EXIST::FUNCTION: -RSA_padding_add_PKCS1_PSS_mgf1 4344 1_1_0d EXIST::FUNCTION:RSA -i2t_ASN1_OBJECT 4345 1_1_0d EXIST::FUNCTION: -SEED_encrypt 4346 1_1_0d EXIST::FUNCTION:SEED -ENGINE_add 4347 1_1_0d EXIST::FUNCTION:ENGINE -PEM_write_bio_X509 4348 1_1_0d EXIST::FUNCTION: -EVP_PKEY_get0_DSA 4349 1_1_0d EXIST::FUNCTION:DSA -ASYNC_WAIT_CTX_new 4350 1_1_0d EXIST::FUNCTION: -BIO_sock_init 4351 1_1_0d EXIST::FUNCTION:SOCK -CRYPTO_THREAD_set_local 4352 1_1_0d EXIST::FUNCTION: -CRYPTO_secure_allocated 4353 1_1_0d EXIST::FUNCTION: -ASN1_item_print 4354 1_1_0d EXIST::FUNCTION: -DSA_meth_set_bn_mod_exp 4355 1_1_0d EXIST::FUNCTION:DSA -BFCiphertextBlock_it 4356 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BFCiphertextBlock_it 4356 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -SDF_CreateFile 4357 1_1_0d EXIST::FUNCTION: -d2i_PUBKEY_fp 4358 1_1_0d EXIST::FUNCTION:STDIO -EVP_CIPHER_CTX_nid 4359 1_1_0d EXIST::FUNCTION: -SM2CiphertextValue_free 4360 1_1_0d EXIST::FUNCTION: -EXTENDED_KEY_USAGE_it 4361 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -EXTENDED_KEY_USAGE_it 4361 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -COMP_zlib 4362 1_1_0d EXIST::FUNCTION:COMP -d2i_ASIdentifierChoice 4363 1_1_0d EXIST::FUNCTION:RFC3779 -d2i_OCSP_REQUEST 4364 1_1_0d EXIST::FUNCTION:OCSP -USERNOTICE_it 4365 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -USERNOTICE_it 4365 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ECDH_compute_key 4366 1_1_0d EXIST::FUNCTION:EC -ENGINE_get_prev 4367 1_1_0d EXIST::FUNCTION:ENGINE -X509_CRL_get0_signature 4368 1_1_0d EXIST::FUNCTION: -ASN1_OCTET_STRING_is_zero 4369 1_1_0d EXIST::FUNCTION:SM2 -EVP_PKEY_sign_init 4370 1_1_0d EXIST::FUNCTION: -d2i_ASN1_BIT_STRING 4371 1_1_0d EXIST::FUNCTION: -i2d_IPAddressRange 4372 1_1_0d EXIST::FUNCTION:RFC3779 -EVP_chacha20_poly1305 4373 1_1_0d EXIST::FUNCTION:CHACHA,POLY1305 -EC_POINT_bn2point 4374 1_1_0d EXIST::FUNCTION:EC -PKCS12_key_gen_uni 4375 1_1_0d EXIST::FUNCTION: -OCSP_request_add0_id 4376 1_1_0d EXIST::FUNCTION:OCSP -BN_BLINDING_lock 4377 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_create_by_txt 4378 1_1_0d EXIST::FUNCTION: -i2d_RSAPublicKey 4379 1_1_0d EXIST::FUNCTION:RSA -BIO_hex_string 4380 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_basis_type 4381 1_1_0d EXIST::FUNCTION:EC -PEM_write_PKCS8PrivateKey_nid 4382 1_1_0d EXIST::FUNCTION:STDIO -NETSCAPE_SPKI_print 4383 1_1_0d EXIST::FUNCTION: -TS_ACCURACY_set_micros 4384 1_1_0d EXIST::FUNCTION:TS -BN_CTX_get 4385 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKI_free 4386 1_1_0d EXIST::FUNCTION: -EVP_EncryptFinal 4387 1_1_0d EXIST::FUNCTION: -OCSP_CRLID_new 4388 1_1_0d EXIST::FUNCTION:OCSP -RSA_padding_add_PKCS1_type_1 4389 1_1_0d EXIST::FUNCTION:RSA -d2i_OCSP_CERTSTATUS 4390 1_1_0d EXIST::FUNCTION:OCSP -d2i_PBE2PARAM 4391 1_1_0d EXIST::FUNCTION: -EVP_PKEY_cmp_parameters 4392 1_1_0d EXIST::FUNCTION: -EVP_des_ede 4393 1_1_0d EXIST::FUNCTION:DES -CRYPTO_clear_realloc 4394 1_1_0d EXIST::FUNCTION: -X509V3_EXT_nconf 4395 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod 4396 1_1_0d EXIST::FUNCTION:EC2M -EVP_get_digestbysgd 4397 1_1_0d EXIST::FUNCTION: -EC_GROUP_new_type1curve 4398 1_1_0d EXIST::FUNCTION: -X509_REQ_sign_ctx 4399 1_1_0d EXIST::FUNCTION: -SRP_Calc_client_key 4400 1_1_0d EXIST::FUNCTION:SRP -X509_OBJECT_new 4401 1_1_0d EXIST::FUNCTION: -BN_mod_lshift 4402 1_1_0d EXIST::FUNCTION: -DISPLAYTEXT_free 4403 1_1_0d EXIST::FUNCTION: -SKF_UnblockPIN 4404 1_1_0d EXIST::FUNCTION: -X509_OBJECT_free 4405 1_1_0d EXIST::FUNCTION: -ENGINE_register_DH 4406 1_1_0d EXIST::FUNCTION:ENGINE -SDF_PrintDeviceInfo 4407 1_1_0d EXIST::FUNCTION: -X509at_add1_attr_by_txt 4408 1_1_0d EXIST::FUNCTION: -TS_REQ_get_version 4409 1_1_0d EXIST::FUNCTION:TS -CTLOG_free 4410 1_1_0d EXIST::FUNCTION:CT -d2i_RSA_PUBKEY_bio 4411 1_1_0d EXIST::FUNCTION:RSA -CMS_stream 4412 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_CTX_get0_untrusted 4413 1_1_0d EXIST::FUNCTION: -ERR_set_mark 4414 1_1_0d EXIST::FUNCTION: -SKF_GenRandom 4415 1_1_0d EXIST::FUNCTION: -BIO_set_tcp_ndelay 4416 1_1_0d EXIST::FUNCTION:SOCK -BB1CiphertextBlock_new 4417 1_1_0d EXIST::FUNCTION: -ASN1_IA5STRING_new 4418 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_init 4419 1_1_0d EXIST::FUNCTION: -d2i_ISSUING_DIST_POINT 4420 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_trinomial_basis 4421 1_1_0d EXIST::FUNCTION:EC,EC2M -CTLOG_STORE_free 4422 1_1_0d EXIST::FUNCTION:CT -EVP_ENCODE_CTX_free 4423 1_1_0d EXIST::FUNCTION: -PEM_ASN1_write 4424 1_1_0d EXIST::FUNCTION:STDIO -BIO_s_datagram_sctp 4425 1_1_0d EXIST::FUNCTION:DGRAM,SCTP -ENGINE_set_default_RAND 4426 1_1_0d EXIST::FUNCTION:ENGINE -DH_meth_set1_name 4427 1_1_0d EXIST::FUNCTION:DH -SEED_cfb128_encrypt 4428 1_1_0d EXIST::FUNCTION:SEED -EVP_CIPHER_sgd 4429 1_1_0d EXIST::FUNCTION: -X509V3_section_free 4430 1_1_0d EXIST::FUNCTION: -RSA_verify_PKCS1_PSS_mgf1 4431 1_1_0d EXIST::FUNCTION:RSA -OCSP_response_create 4432 1_1_0d EXIST::FUNCTION:OCSP -OPENSSL_INIT_free 4433 1_1_0d EXIST::FUNCTION: -BIO_vsnprintf 4434 1_1_0d EXIST::FUNCTION: -d2i_PAILLIER_PUBKEY 4435 1_1_0d EXIST::FUNCTION:PAILLIER -CRYPTO_cbc128_encrypt 4436 1_1_0d EXIST::FUNCTION: -BFMasterSecret_it 4437 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BFMasterSecret_it 4437 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -d2i_ASIdentifiers 4438 1_1_0d EXIST::FUNCTION:RFC3779 -X509_get_version 4439 1_1_0d EXIST::FUNCTION: -BIO_indent 4440 1_1_0d EXIST::FUNCTION: -AUTHORITY_KEYID_free 4441 1_1_0d EXIST::FUNCTION: -UI_get0_result 4442 1_1_0d EXIST::FUNCTION:UI -SKF_ConnectDev 4443 1_1_0d EXIST::FUNCTION: -DH_compute_key 4444 1_1_0d EXIST::FUNCTION:DH -X509_EXTENSION_get_object 4445 1_1_0d EXIST::FUNCTION: -ASN1_verify 4446 1_1_0d EXIST::FUNCTION: -BFMasterSecret_new 4447 1_1_0d EXIST::FUNCTION: -PEM_write_PKCS8PrivateKey 4448 1_1_0d EXIST::FUNCTION:STDIO -EC_KEY_set_method 4449 1_1_0d EXIST::FUNCTION:EC -OPENSSL_sk_value 4450 1_1_0d EXIST::FUNCTION: -EVP_PKEY_decrypt_old 4451 1_1_0d EXIST::FUNCTION: -X509_CRL_match 4452 1_1_0d EXIST::FUNCTION: -SKF_GenECCKeyPair 4453 1_1_0d EXIST::FUNCTION: -ASN1_item_ex_free 4454 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_get_asn1_params 4455 1_1_0d EXIST::FUNCTION: -NAME_CONSTRAINTS_check 4456 1_1_0d EXIST::FUNCTION: -PKCS7_ATTR_VERIFY_it 4457 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -PKCS7_ATTR_VERIFY_it 4457 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -COMP_get_type 4458 1_1_0d EXIST::FUNCTION:COMP -EVP_rc5_32_12_16_cbc 4459 1_1_0d EXIST::FUNCTION:RC5 -i2d_TS_RESP 4460 1_1_0d EXIST::FUNCTION:TS -d2i_TS_RESP_fp 4461 1_1_0d EXIST::FUNCTION:STDIO,TS -DSO_new 4462 1_1_0d EXIST::FUNCTION: -BN_BLINDING_get_flags 4463 1_1_0d EXIST::FUNCTION: -d2i_NETSCAPE_SPKI 4464 1_1_0d EXIST::FUNCTION: -X509_get_default_private_dir 4465 1_1_0d EXIST::FUNCTION: -EVP_PKEY_free 4466 1_1_0d EXIST::FUNCTION: -GENERAL_NAME_get0_otherName 4467 1_1_0d EXIST::FUNCTION: -RSA_OAEP_PARAMS_it 4468 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA -RSA_OAEP_PARAMS_it 4468 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA -EVP_PKEY_asn1_add0 4469 1_1_0d EXIST::FUNCTION: -EVP_DigestSignFinal 4470 1_1_0d EXIST::FUNCTION: -ERR_load_BUF_strings 4471 1_1_0d EXIST::FUNCTION: -EC_POINT_set_to_infinity 4472 1_1_0d EXIST::FUNCTION:EC -TS_REQ_delete_ext 4473 1_1_0d EXIST::FUNCTION:TS -SCT_LIST_print 4474 1_1_0d EXIST::FUNCTION:CT -PEM_proc_type 4475 1_1_0d EXIST::FUNCTION: -ASN1_i2d_fp 4476 1_1_0d EXIST::FUNCTION:STDIO -BN_solinas2bn 4477 1_1_0d EXIST::FUNCTION: -X509_REQ_extension_nid 4478 1_1_0d EXIST::FUNCTION: -BIO_nwrite0 4479 1_1_0d EXIST::FUNCTION: -OPENSSL_LH_doall_arg 4480 1_1_0d EXIST::FUNCTION: -DH_set_ex_data 4481 1_1_0d EXIST::FUNCTION:DH -EVP_PKEY_CTX_get0_pkey 4482 1_1_0d EXIST::FUNCTION: -SDF_ImportKeyWithISK_ECC 4483 1_1_0d EXIST::FUNCTION: -POLICY_CONSTRAINTS_new 4484 1_1_0d EXIST::FUNCTION: -CMS_SignerInfo_verify 4485 1_1_0d EXIST::FUNCTION:CMS -X509_REQ_print 4486 1_1_0d EXIST::FUNCTION: -i2d_PKCS7_bio 4487 1_1_0d EXIST::FUNCTION: -EC_POINT_get_affine_coordinates_GF2m 4488 1_1_0d EXIST::FUNCTION:EC,EC2M -ASIdentifierChoice_it 4489 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 -ASIdentifierChoice_it 4489 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 -GENERAL_NAME_get0_value 4490 1_1_0d EXIST::FUNCTION: -i2s_ASN1_OCTET_STRING 4491 1_1_0d EXIST::FUNCTION: -CAST_ecb_encrypt 4492 1_1_0d EXIST::FUNCTION:CAST -CRYPTO_ocb128_cleanup 4493 1_1_0d EXIST::FUNCTION:OCB -EVP_MD_meth_set_copy 4494 1_1_0d EXIST::FUNCTION: -X509_INFO_free 4495 1_1_0d EXIST::FUNCTION: -TS_RESP_create_response 4496 1_1_0d EXIST::FUNCTION:TS -UI_UTIL_read_pw 4497 1_1_0d EXIST::FUNCTION:UI -X509_cmp 4498 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_set_data 4499 1_1_0d EXIST::FUNCTION: -i2d_CPK_PUBLIC_PARAMS_bio 4500 1_1_0d EXIST::FUNCTION: -IDEA_set_encrypt_key 4501 1_1_0d EXIST::FUNCTION:IDEA -BIO_meth_get_write 4502 1_1_0d EXIST::FUNCTION: -d2i_CPK_PUBLIC_PARAMS_bio 4503 1_1_0d EXIST::FUNCTION: -EC_KEY_get_ECCPUBLICKEYBLOB 4504 1_1_0d EXIST::FUNCTION: -BIO_ADDR_rawmake 4505 1_1_0d EXIST::FUNCTION:SOCK -d2i_EXTENDED_KEY_USAGE 4506 1_1_0d EXIST::FUNCTION: -PKCS7_RECIP_INFO_new 4507 1_1_0d EXIST::FUNCTION: -EVP_sms4_cfb1 4508 1_1_0d EXIST::FUNCTION:SMS4 -SKF_ChangePIN 4509 1_1_0d EXIST::FUNCTION: -NETSCAPE_SPKAC_it 4510 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NETSCAPE_SPKAC_it 4510 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -X509_STORE_CTX_set_ex_data 4511 1_1_0d EXIST::FUNCTION: -X509at_get0_data_by_OBJ 4512 1_1_0d EXIST::FUNCTION: -ERR_load_KDF_strings 4513 1_1_0d EXIST::FUNCTION: -d2i_PKEY_USAGE_PERIOD 4514 1_1_0d EXIST::FUNCTION: -X509_policy_tree_get0_policies 4515 1_1_0d EXIST::FUNCTION: -DSO_dsobyaddr 4516 1_1_0d EXIST::FUNCTION: -UI_create_method 4517 1_1_0d EXIST::FUNCTION:UI -EC_GROUP_new_type1curve_ex 4518 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_free 4519 1_1_0d EXIST::FUNCTION: -EVP_sms4_ctr 4520 1_1_0d EXIST::FUNCTION:SMS4 -BIO_ptr_ctrl 4521 1_1_0d EXIST::FUNCTION: -d2i_BB1PublicParameters 4522 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_set_str_flags 4523 1_1_0d EXIST::FUNCTION: -RSAPublicKey_it 4524 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA -RSAPublicKey_it 4524 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA -CRYPTO_mem_debug_free 4525 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG -EVP_des_ofb 4526 1_1_0d EXIST::FUNCTION:DES -ASN1_ENUMERATED_it 4527 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_ENUMERATED_it 4527 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -TS_TST_INFO_set_accuracy 4528 1_1_0d EXIST::FUNCTION:TS -ASN1_ENUMERATED_to_BN 4529 1_1_0d EXIST::FUNCTION: -ERR_load_PEM_strings 4530 1_1_0d EXIST::FUNCTION: -UI_method_get_opener 4531 1_1_0d EXIST::FUNCTION:UI -i2d_PKEY_USAGE_PERIOD 4532 1_1_0d EXIST::FUNCTION: -ENGINE_register_EC 4533 1_1_0d EXIST::FUNCTION:ENGINE -BASIC_CONSTRAINTS_it 4534 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BASIC_CONSTRAINTS_it 4534 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_PKEY_meth_set_copy 4535 1_1_0d EXIST::FUNCTION: -sms4_set_encrypt_key 4536 1_1_0d EXIST::FUNCTION: -i2d_ASIdentifiers 4537 1_1_0d EXIST::FUNCTION:RFC3779 -BN_get_word 4538 1_1_0d EXIST::FUNCTION: -SHA224_Update 4539 1_1_0d EXIST::FUNCTION: -UI_method_get_writer 4540 1_1_0d EXIST::FUNCTION:UI -DH_meth_get_compute_key 4541 1_1_0d EXIST::FUNCTION:DH -SDF_InternalPrivateKeyOperation_RSA 4542 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_type1curve_zeta 4543 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_get_cleanup 4544 1_1_0d EXIST::FUNCTION: -FFX_compute_luhn 4545 1_1_0d EXIST::FUNCTION: -X509_REQ_set_version 4546 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_clear_flags 4547 1_1_0d EXIST::FUNCTION: -OPENSSL_asc2uni 4548 1_1_0d EXIST::FUNCTION: -OPENSSL_sk_dup 4549 1_1_0d EXIST::FUNCTION: -SOF_GetCertTrustListAltNames 4550 1_1_0d EXIST::FUNCTION: -SAF_SM2_EncodeEnvelopedData 4551 1_1_0d EXIST::FUNCTION: -OCSP_CERTID_free 4552 1_1_0d EXIST::FUNCTION:OCSP -POLICYINFO_it 4553 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICYINFO_it 4553 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_MD_CTX_ctrl 4554 1_1_0d EXIST::FUNCTION: -ASN1_TYPE_get 4555 1_1_0d EXIST::FUNCTION: -DSA_get0_pqg 4556 1_1_0d EXIST::FUNCTION:DSA -X509_STORE_set_cleanup 4557 1_1_0d EXIST::FUNCTION: -PKCS7_dataVerify 4558 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_meth_set_flags 4559 1_1_0d EXIST::FUNCTION: -X509_get_key_usage 4560 1_1_0d EXIST::FUNCTION: -X509_get_default_cert_file_env 4561 1_1_0d EXIST::FUNCTION: -RSA_get_default_method 4562 1_1_0d EXIST::FUNCTION:RSA -EC_KEY_generate_key 4563 1_1_0d EXIST::FUNCTION:EC -X509_CRL_INFO_new 4564 1_1_0d EXIST::FUNCTION: -DH_meth_set_init 4565 1_1_0d EXIST::FUNCTION:DH -BFPublicParameters_new 4566 1_1_0d EXIST::FUNCTION: -PKCS12_key_gen_utf8 4567 1_1_0d EXIST::FUNCTION: -RSA_meth_free 4568 1_1_0d EXIST::FUNCTION:RSA -DSA_set_ex_data 4569 1_1_0d EXIST::FUNCTION:DSA -EVP_set_pw_prompt 4570 1_1_0d EXIST::FUNCTION:UI -X509_REQ_get_attr_count 4571 1_1_0d EXIST::FUNCTION: -X509_REVOKED_delete_ext 4572 1_1_0d EXIST::FUNCTION: -BN_GFP2_copy 4573 1_1_0d EXIST::FUNCTION: -BN_CTX_start 4574 1_1_0d EXIST::FUNCTION: -ASN1_add_oid_module 4575 1_1_0d EXIST::FUNCTION: -BIO_snprintf 4576 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_explicit_policy 4577 1_1_0d EXIST::FUNCTION: -X509_get_subject_name 4578 1_1_0d EXIST::FUNCTION: -X509_ATTRIBUTE_create 4579 1_1_0d EXIST::FUNCTION: -X509_getm_notBefore 4580 1_1_0d EXIST::FUNCTION: -EVP_camellia_128_cfb8 4581 1_1_0d EXIST::FUNCTION:CAMELLIA -NCONF_dump_bio 4582 1_1_0d EXIST::FUNCTION: -CTLOG_new 4583 1_1_0d EXIST::FUNCTION:CT -OCSP_REQUEST_get_ext_by_critical 4584 1_1_0d EXIST::FUNCTION:OCSP -CONF_dump_fp 4585 1_1_0d EXIST::FUNCTION:STDIO -OTHERNAME_cmp 4586 1_1_0d EXIST::FUNCTION: -d2i_OCSP_BASICRESP 4587 1_1_0d EXIST::FUNCTION:OCSP -i2d_RSA_PUBKEY 4588 1_1_0d EXIST::FUNCTION:RSA -a2i_IPADDRESS 4589 1_1_0d EXIST::FUNCTION: -ENGINE_set_default_RSA 4590 1_1_0d EXIST::FUNCTION:ENGINE -BN_with_flags 4591 1_1_0d EXIST::FUNCTION: -EVP_MD_CTX_update_fn 4592 1_1_0d EXIST::FUNCTION: -DH_get_1024_160 4593 1_1_0d EXIST::FUNCTION:DH -OBJ_dup 4594 1_1_0d EXIST::FUNCTION: -SAF_GetCertificateStateByOCSP 4595 1_1_0d EXIST::FUNCTION: -BN_GFP2_one 4596 1_1_0d EXIST::FUNCTION: -X509_STORE_CTX_get_ex_data 4597 1_1_0d EXIST::FUNCTION: -i2d_ASN1_OCTET_STRING 4598 1_1_0d EXIST::FUNCTION: -RIPEMD160_Update 4599 1_1_0d EXIST::FUNCTION:RMD160 -EVP_PKEY_print_params 4600 1_1_0d EXIST::FUNCTION: -BN_GF2m_mod_sqrt_arr 4601 1_1_0d EXIST::FUNCTION:EC2M -PKCS12_SAFEBAG_get0_attr 4602 1_1_0d EXIST::FUNCTION: -DSA_set_method 4603 1_1_0d EXIST::FUNCTION:DSA -DIST_POINT_NAME_it 4604 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -DIST_POINT_NAME_it 4604 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EVP_camellia_128_cfb1 4605 1_1_0d EXIST::FUNCTION:CAMELLIA -OBJ_obj2nid 4606 1_1_0d EXIST::FUNCTION: -CPK_MASTER_SECRET_create 4607 1_1_0d EXIST::FUNCTION: -d2i_X509_REQ_bio 4608 1_1_0d EXIST::FUNCTION: -EVP_PKEY2PKCS8 4609 1_1_0d EXIST::FUNCTION: -OCSP_REQ_CTX_set1_req 4610 1_1_0d EXIST::FUNCTION:OCSP -BIO_set_flags 4611 1_1_0d EXIST::FUNCTION: -BN_rshift1 4612 1_1_0d EXIST::FUNCTION: -EVP_CIPHER_CTX_set_num 4613 1_1_0d EXIST::FUNCTION: -SCT_get_validation_status 4614 1_1_0d EXIST::FUNCTION:CT -EVP_MD_do_all_sorted 4615 1_1_0d EXIST::FUNCTION: -ENGINE_register_RSA 4616 1_1_0d EXIST::FUNCTION:ENGINE -UI_dup_error_string 4617 1_1_0d EXIST::FUNCTION:UI -EVP_idea_ecb 4618 1_1_0d EXIST::FUNCTION:IDEA -X509_CRL_add0_revoked 4619 1_1_0d EXIST::FUNCTION: -OCSP_request_add1_cert 4620 1_1_0d EXIST::FUNCTION:OCSP -ASN1_UTCTIME_set 4621 1_1_0d EXIST::FUNCTION: -ASN1_generate_v3 4622 1_1_0d EXIST::FUNCTION: -EVP_PKEY_meth_set_verify 4623 1_1_0d EXIST::FUNCTION: -SM9PublicParameters_it 4624 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -SM9PublicParameters_it 4624 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -EC_type1curve_tate_ratio 4625 1_1_0d EXIST::FUNCTION: -X509_NAME_print_ex_fp 4626 1_1_0d EXIST::FUNCTION:STDIO -X509_get_ext_by_OBJ 4627 1_1_0d EXIST::FUNCTION: -ASN1_item_new 4628 1_1_0d EXIST::FUNCTION: -ASN1_PRINTABLE_free 4629 1_1_0d EXIST::FUNCTION: -ERR_load_COMP_strings 4630 1_1_0d EXIST::FUNCTION:COMP -ENGINE_set_DSA 4631 1_1_0d EXIST::FUNCTION:ENGINE -X509_INFO_new 4632 1_1_0d EXIST::FUNCTION: -d2i_X509_CRL_fp 4633 1_1_0d EXIST::FUNCTION:STDIO -TS_RESP_set_status_info 4634 1_1_0d EXIST::FUNCTION:TS -CMS_unsigned_delete_attr 4635 1_1_0d EXIST::FUNCTION:CMS -X509_STORE_CTX_get0_cert 4636 1_1_0d EXIST::FUNCTION: -sm3_update 4637 1_1_0d EXIST::FUNCTION: -o2i_ECPublicKey 4638 1_1_0d EXIST::FUNCTION:EC -i2d_TS_MSG_IMPRINT_fp 4639 1_1_0d EXIST::FUNCTION:STDIO,TS -EVP_MD_CTX_set_flags 4640 1_1_0d EXIST::FUNCTION: -SKF_DisConnectDev 4641 1_1_0d EXIST::FUNCTION: -ASN1_NULL_new 4642 1_1_0d EXIST::FUNCTION: -BN_copy 4643 1_1_0d EXIST::FUNCTION: -EVP_PKEY_base_id 4644 1_1_0d EXIST::FUNCTION: -EVP_PKEY_CTX_free 4645 1_1_0d EXIST::FUNCTION: -BN_mod_exp 4646 1_1_0d EXIST::FUNCTION: -RSA_X931_derive_ex 4647 1_1_0d EXIST::FUNCTION:RSA -d2i_SCT_LIST 4648 1_1_0d EXIST::FUNCTION:CT -OBJ_create 4649 1_1_0d EXIST::FUNCTION: -CMS_RecipientEncryptedKey_cert_cmp 4650 1_1_0d EXIST::FUNCTION:CMS -SAF_Base64_EncodeFinal 4651 1_1_0d EXIST::FUNCTION: -BIO_set_callback 4652 1_1_0d EXIST::FUNCTION: -SAF_Pkcs7_EncodeSignedData 4653 1_1_0d EXIST::FUNCTION: -CRYPTO_strndup 4654 1_1_0d EXIST::FUNCTION: -BFPrivateKeyBlock_it 4655 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -BFPrivateKeyBlock_it 4655 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -TS_CONF_set_signer_key 4656 1_1_0d EXIST::FUNCTION:TS -ASN1_SEQUENCE_ANY_it 4657 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_SEQUENCE_ANY_it 4657 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -PEM_read_EC_PUBKEY 4658 1_1_0d EXIST::FUNCTION:EC,STDIO -SKF_GetFileInfo 4659 1_1_0d EXIST::FUNCTION: -SAF_DestroySymmAlgoObj 4660 1_1_0d EXIST::FUNCTION: -PKCS12_add_friendlyname_utf8 4661 1_1_0d EXIST::FUNCTION: -EC_GROUP_get_curve_GF2m 4662 1_1_0d EXIST::FUNCTION:EC,EC2M -OPENSSL_INIT_new 4663 1_1_0d EXIST::FUNCTION: -DES_ede3_cbc_encrypt 4664 1_1_0d EXIST::FUNCTION:DES -i2d_X509_CINF 4665 1_1_0d EXIST::FUNCTION: -ASN1_d2i_bio 4666 1_1_0d EXIST::FUNCTION: -IDEA_cbc_encrypt 4667 1_1_0d EXIST::FUNCTION:IDEA -EC_KEY_get_default_method 4668 1_1_0d EXIST::FUNCTION:EC -NAME_CONSTRAINTS_it 4669 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NAME_CONSTRAINTS_it 4669 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -CMS_unsigned_add1_attr_by_OBJ 4670 1_1_0d EXIST::FUNCTION:CMS -CMS_SignerInfo_verify_content 4671 1_1_0d EXIST::FUNCTION:CMS -EC_GROUP_order_bits 4672 1_1_0d EXIST::FUNCTION:EC -ENGINE_unregister_pkey_meths 4673 1_1_0d EXIST::FUNCTION:ENGINE -EVP_PKEY_CTX_new_id 4674 1_1_0d EXIST::FUNCTION: -X509_SIG_free 4675 1_1_0d EXIST::FUNCTION: -ASN1_put_eoc 4676 1_1_0d EXIST::FUNCTION: -EVP_DecryptFinal 4677 1_1_0d EXIST::FUNCTION: -OPENSSL_DIR_read 4678 1_1_0d EXIST::FUNCTION: -d2i_SM9Ciphertext 4679 1_1_0d EXIST::FUNCTION: -WHIRLPOOL_BitUpdate 4680 1_1_0d EXIST::FUNCTION:WHIRLPOOL -CPK_MAP_num_indexes 4681 1_1_0d EXIST::FUNCTION: -ASN1_PCTX_get_cert_flags 4682 1_1_0d EXIST::FUNCTION: -PKCS12_item_decrypt_d2i 4683 1_1_0d EXIST::FUNCTION: -o2i_SM2CiphertextValue 4684 1_1_0d EXIST::FUNCTION: -i2o_SM2CiphertextValue 4685 1_1_0d EXIST::FUNCTION: -SM2_compute_message_digest 4686 1_1_0d EXIST::FUNCTION: -serpent_set_decrypt_key 4687 1_1_0d EXIST::FUNCTION: -sms4_standard_encrypt 4688 1_1_0d NOEXIST::FUNCTION: -sms4_standard_decrypt 4689 1_1_0d NOEXIST::FUNCTION: -speck_decrypt16 4690 1_1_0d EXIST::FUNCTION: -speck_decrypt32 4691 1_1_0d EXIST::FUNCTION: -speck_expand32 4692 1_1_0d EXIST::FUNCTION: -speck_set_encrypt_key64 4693 1_1_0d EXIST::FUNCTION: -speck_decrypt64 4694 1_1_0d EXIST::FUNCTION: -speck_encrypt32 4695 1_1_0d EXIST::FUNCTION: -speck_expand64 4696 1_1_0d EXIST::FUNCTION: -speck_set_decrypt_key32 4697 1_1_0d EXIST::FUNCTION: -speck_encrypt16 4698 1_1_0d EXIST::FUNCTION: -speck_set_encrypt_key32 4699 1_1_0d EXIST::FUNCTION: -speck_encrypt64 4700 1_1_0d EXIST::FUNCTION: -speck_set_encrypt_key16 4701 1_1_0d EXIST::FUNCTION: -speck_expand16 4702 1_1_0d EXIST::FUNCTION: -speck_set_decrypt_key64 4703 1_1_0d EXIST::FUNCTION: -speck_set_decrypt_key16 4704 1_1_0d EXIST::FUNCTION: +DSA_bits 2792 1_1_0d EXIST::FUNCTION:DSA +SAF_Finalize 2793 1_1_0d EXIST::FUNCTION: +X509_STORE_new 2794 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_cert 2795 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_policy 2796 1_1_0d EXIST::FUNCTION: +i2d_PKCS8_fp 2797 1_1_0d EXIST::FUNCTION:STDIO +SAF_SymmDecryptUpdate 2798 1_1_0d EXIST::FUNCTION: +BIO_ADDRINFO_socktype 2799 1_1_0d EXIST::FUNCTION:SOCK +ECPKParameters_print 2800 1_1_0d EXIST::FUNCTION:EC +OCSP_RESPONSE_free 2801 1_1_0d EXIST::FUNCTION:OCSP +DES_set_key_checked 2802 1_1_0d EXIST::FUNCTION:DES +d2i_PKCS8_fp 2803 1_1_0d EXIST::FUNCTION:STDIO +ENGINE_set_default_ciphers 2804 1_1_0d EXIST::FUNCTION:ENGINE +X509_PURPOSE_get0_sname 2805 1_1_0d EXIST::FUNCTION: +HMAC_CTX_reset 2806 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_print 2807 1_1_0d EXIST::FUNCTION: +ECDH_compute_key 2808 1_1_0d EXIST::FUNCTION:EC +DSA_meth_new 2809 1_1_0d EXIST::FUNCTION:DSA +serpent_decrypt 2810 1_1_0d EXIST::FUNCTION:SERPENT +PEM_write_PKCS8_PRIV_KEY_INFO 2811 1_1_0d EXIST::FUNCTION:STDIO +EVP_des_ede_cfb64 2812 1_1_0d EXIST::FUNCTION:DES +SAF_Initialize 2813 1_1_0d EXIST::FUNCTION: +MD2_options 2814 1_1_0d EXIST::FUNCTION:MD2 +BN_GFP2_div 2815 1_1_0d EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_get0_log_store 2816 1_1_0d EXIST::FUNCTION:CT +d2i_ASIdentifiers 2817 1_1_0d EXIST::FUNCTION:RFC3779 +SXNET_add_id_ulong 2818 1_1_0d EXIST::FUNCTION: +ENGINE_add 2819 1_1_0d EXIST::FUNCTION:ENGINE +X509_NAME_get_index_by_OBJ 2820 1_1_0d EXIST::FUNCTION: +sms4_cfb128_encrypt 2821 1_1_0d EXIST::FUNCTION:SMS4 +EC_GROUP_new_curve_GF2m 2822 1_1_0d EXIST::FUNCTION:EC,EC2M +BN_mod_word 2823 1_1_0d EXIST::FUNCTION: +BN_get0_nist_prime_256 2824 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_name 2825 1_1_0d EXIST::FUNCTION: +EVP_sms4_ctr 2826 1_1_0d EXIST::FUNCTION:SMS4 +SOF_DelCertTrustList 2827 1_1_0d EXIST::FUNCTION: +ENGINE_set_default_DSA 2828 1_1_0d EXIST::FUNCTION:ENGINE +UI_set_default_method 2829 1_1_0d EXIST::FUNCTION:UI +POLICY_CONSTRAINTS_it 2830 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_CONSTRAINTS_it 2830 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_TS_TST_INFO_bio 2831 1_1_0d EXIST::FUNCTION:TS +X509_VERIFY_PARAM_free 2832 1_1_0d EXIST::FUNCTION: +d2i_PKCS12_fp 2833 1_1_0d EXIST::FUNCTION:STDIO +OCSP_ONEREQ_get_ext_by_OBJ 2834 1_1_0d EXIST::FUNCTION:OCSP +RSA_set_default_method 2835 1_1_0d EXIST::FUNCTION:RSA +SAF_GetRootCaCertificate 2836 1_1_0d EXIST::FUNCTION: +ASYNC_WAIT_CTX_get_fd 2837 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_get_by_id 2838 1_1_0d EXIST::FUNCTION: +DSA_set_ex_data 2839 1_1_0d EXIST::FUNCTION:DSA +BN_BLINDING_invert 2840 1_1_0d EXIST::FUNCTION: +ENGINE_get_pkey_meth 2841 1_1_0d EXIST::FUNCTION:ENGINE +BN_rshift1 2842 1_1_0d EXIST::FUNCTION: +EVP_PKEY_decrypt_old 2843 1_1_0d EXIST::FUNCTION: +PEM_write_bio_X509_REQ_NEW 2844 1_1_0d EXIST::FUNCTION: +EVP_rc5_32_12_16_ofb 2845 1_1_0d EXIST::FUNCTION:RC5 +SAF_SymmDecrypt 2846 1_1_0d EXIST::FUNCTION: +NOTICEREF_free 2847 1_1_0d EXIST::FUNCTION: +RSA_null_method 2848 1_1_0d EXIST::FUNCTION:RSA +OCSP_BASICRESP_add_ext 2849 1_1_0d EXIST::FUNCTION:OCSP +ENGINE_get_pkey_asn1_meth 2850 1_1_0d EXIST::FUNCTION:ENGINE +PKCS7_set_attributes 2851 1_1_0d EXIST::FUNCTION: +BIO_parse_hostserv 2852 1_1_0d EXIST::FUNCTION:SOCK +ENGINE_get_default_RAND 2853 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_get0_hmac 2854 1_1_0d EXIST::FUNCTION: +d2i_OCSP_REVOKEDINFO 2855 1_1_0d EXIST::FUNCTION:OCSP +BN_pseudo_rand_range 2856 1_1_0d EXIST::FUNCTION: +X509V3_EXT_get 2857 1_1_0d EXIST::FUNCTION: +PEM_write_bio 2858 1_1_0d EXIST::FUNCTION: +EC_KEY_set_group 2859 1_1_0d EXIST::FUNCTION:EC +COMP_compress_block 2860 1_1_0d EXIST::FUNCTION:COMP +X509_TRUST_get0_name 2861 1_1_0d EXIST::FUNCTION: +EC_KEY_clear_flags 2862 1_1_0d EXIST::FUNCTION:EC +BN_is_word 2863 1_1_0d EXIST::FUNCTION: +ERR_load_EVP_strings 2864 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_free 2865 1_1_0d EXIST::FUNCTION:SM2 +ENGINE_register_complete 2866 1_1_0d EXIST::FUNCTION:ENGINE +i2d_TS_RESP_fp 2867 1_1_0d EXIST::FUNCTION:STDIO,TS +CTLOG_get0_public_key 2868 1_1_0d EXIST::FUNCTION:CT +BIO_dgram_sctp_wait_for_dry 2869 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +CRL_DIST_POINTS_it 2870 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +CRL_DIST_POINTS_it 2870 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509v3_asid_subset 2871 1_1_0d EXIST::FUNCTION:RFC3779 +MD5_Init 2872 1_1_0d EXIST::FUNCTION:MD5 +AES_encrypt 2873 1_1_0d EXIST::FUNCTION: +SOF_GetDeviceInfo 2874 1_1_0d EXIST::FUNCTION: +ASN1_BMPSTRING_it 2875 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BMPSTRING_it 2875 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_CONF_set_ordering 2876 1_1_0d EXIST::FUNCTION:TS +SOF_SignMessageDetach 2877 1_1_0d EXIST::FUNCTION: +PKCS12_MAC_DATA_free 2878 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_RSA 2879 1_1_0d EXIST::FUNCTION:ENGINE +BIO_new_NDEF 2880 1_1_0d EXIST::FUNCTION: +SKF_GenRSAKeyPair 2881 1_1_0d EXIST::FUNCTION:SKF +SDF_PrintECCSignature 2882 1_1_0d EXIST::FUNCTION:SDF +PAILLIER_decrypt 2883 1_1_0d EXIST::FUNCTION:PAILLIER +OCSP_REVOKEDINFO_it 2884 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_REVOKEDINFO_it 2884 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +AUTHORITY_KEYID_it 2885 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +AUTHORITY_KEYID_it 2885 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SKF_DevAuth 2886 1_1_0d EXIST::FUNCTION:SKF +SDF_ImportKeyWithKEK 2887 1_1_0d EXIST::FUNCTION: +SM9MasterSecret_it 2888 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9MasterSecret_it 2888 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +OCSP_request_verify 2889 1_1_0d EXIST::FUNCTION:OCSP +BIO_s_log 2890 1_1_0d EXIST:!WIN32,!macintosh:FUNCTION: +SKF_ExtRSAPubKeyOperation 2891 1_1_0d EXIST::FUNCTION:SKF +RSA_verify 2892 1_1_0d EXIST::FUNCTION:RSA +ASN1_GENERALSTRING_it 2893 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_GENERALSTRING_it 2893 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_seed_cbc 2894 1_1_0d EXIST::FUNCTION:SEED +DSA_SIG_new 2895 1_1_0d EXIST::FUNCTION:DSA +SDF_HashFinal 2896 1_1_0d EXIST::FUNCTION: +X509_STORE_set_check_policy 2897 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get0_attr 2898 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get0_param 2899 1_1_0d EXIST::FUNCTION: +ASN1_OCTET_STRING_set 2900 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_new 2901 1_1_0d EXIST::FUNCTION:CPK +BN_CTX_new 2902 1_1_0d EXIST::FUNCTION: +DSA_get_method 2903 1_1_0d EXIST::FUNCTION:DSA +PKCS12_add_friendlyname_asc 2904 1_1_0d EXIST::FUNCTION: +X509_print_ex_fp 2905 1_1_0d EXIST::FUNCTION:STDIO +CPK_MASTER_SECRET_new 2906 1_1_0d EXIST::FUNCTION:CPK +SM2_do_sign_ex 2907 1_1_0d EXIST::FUNCTION:SM2 +TS_TST_INFO_add_ext 2908 1_1_0d EXIST::FUNCTION:TS +ASN1_d2i_bio 2909 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_copy 2910 1_1_0d EXIST::FUNCTION: +i2d_OCSP_RESPONSE 2911 1_1_0d EXIST::FUNCTION:OCSP +EVP_PKEY_print_private 2912 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_pack_sequence 2913 1_1_0d EXIST::FUNCTION: +BIO_ADDR_free 2914 1_1_0d EXIST::FUNCTION:SOCK +d2i_TS_TST_INFO_bio 2915 1_1_0d EXIST::FUNCTION:TS +SAF_CreateSymmKeyObj 2916 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_iv_noconst 2917 1_1_0d EXIST::FUNCTION: +i2s_ASN1_INTEGER 2918 1_1_0d EXIST::FUNCTION: +BIO_new 2919 1_1_0d EXIST::FUNCTION: +PKCS5_pbkdf2_set 2920 1_1_0d EXIST::FUNCTION: +ASN1_PRINTABLE_new 2921 1_1_0d EXIST::FUNCTION: +CMAC_CTX_cleanup 2922 1_1_0d EXIST::FUNCTION:CMAC +X509_set_version 2923 1_1_0d EXIST::FUNCTION: +CMS_add0_recipient_key 2924 1_1_0d EXIST::FUNCTION:CMS +i2d_ECCCipher_bio 2925 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +SRP_create_verifier_BN 2926 1_1_0d EXIST::FUNCTION:SRP +X509_get_ext_by_NID 2927 1_1_0d EXIST::FUNCTION: +i2d_X509_AUX 2928 1_1_0d EXIST::FUNCTION: +d2i_OCSP_SIGNATURE 2929 1_1_0d EXIST::FUNCTION:OCSP +BN_div 2930 1_1_0d EXIST::FUNCTION: +i2d_RSA_PUBKEY_bio 2931 1_1_0d EXIST::FUNCTION:RSA +d2i_CPK_MASTER_SECRET 2932 1_1_0d EXIST::FUNCTION:CPK +EVP_MD_CTX_ctrl 2933 1_1_0d EXIST::FUNCTION: +DES_cfb_encrypt 2934 1_1_0d EXIST::FUNCTION:DES +X509_VERIFY_PARAM_set_auth_level 2935 1_1_0d EXIST::FUNCTION: +SKF_PrintECCCipher 2936 1_1_0d EXIST::FUNCTION:SKF +EVP_CIPHER_nid 2937 1_1_0d EXIST::FUNCTION: +PKCS7_RECIP_INFO_set 2938 1_1_0d EXIST::FUNCTION: +PKCS12_BAGS_new 2939 1_1_0d EXIST::FUNCTION: +BN_GENCB_free 2940 1_1_0d EXIST::FUNCTION: +SDF_InternalVerify_ECC 2941 1_1_0d EXIST::FUNCTION: +X509_REQ_print_fp 2942 1_1_0d EXIST::FUNCTION:STDIO +i2d_ASN1_UTF8STRING 2943 1_1_0d EXIST::FUNCTION: +RSAPublicKey_dup 2944 1_1_0d EXIST::FUNCTION:RSA +X509_STORE_CTX_set_flags 2945 1_1_0d EXIST::FUNCTION: +d2i_X509_ALGORS 2946 1_1_0d EXIST::FUNCTION: +CTLOG_STORE_load_file 2947 1_1_0d EXIST::FUNCTION:CT +X509_aux_print 2948 1_1_0d EXIST::FUNCTION: +CMS_add0_crl 2949 1_1_0d EXIST::FUNCTION:CMS +EC_POINT_hex2point 2950 1_1_0d EXIST::FUNCTION:EC +X509_CRL_get_meth_data 2951 1_1_0d EXIST::FUNCTION: +i2d_ECCCipher_fp 2952 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,STDIO +RSA_padding_check_SSLv23 2953 1_1_0d EXIST::FUNCTION:RSA +ENGINE_load_public_key 2954 1_1_0d EXIST::FUNCTION:ENGINE +SEED_cbc_encrypt 2955 1_1_0d EXIST::FUNCTION:SEED +CMS_signed_get0_data_by_OBJ 2956 1_1_0d EXIST::FUNCTION:CMS +X509_ALGOR_free 2957 1_1_0d EXIST::FUNCTION: +RSA_padding_check_PKCS1_OAEP 2958 1_1_0d EXIST::FUNCTION:RSA +TS_CONF_load_key 2959 1_1_0d EXIST::FUNCTION:TS +X509_STORE_CTX_get_error 2960 1_1_0d EXIST::FUNCTION: +SAF_SymmEncryptFinal 2961 1_1_0d EXIST::FUNCTION: +EVP_SignFinal 2962 1_1_0d EXIST::FUNCTION: +TS_ACCURACY_get_micros 2963 1_1_0d EXIST::FUNCTION:TS +X509_STORE_set_lookup_crls 2964 1_1_0d EXIST::FUNCTION: +BN_BLINDING_lock 2965 1_1_0d EXIST::FUNCTION: +EC_KEY_generate_key 2966 1_1_0d EXIST::FUNCTION:EC +ESS_CERT_ID_free 2967 1_1_0d EXIST::FUNCTION:TS +BIO_get_host_ip 2968 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK +PEM_write_X509_AUX 2969 1_1_0d EXIST::FUNCTION:STDIO +EVP_CIPHER_CTX_encrypting 2970 1_1_0d EXIST::FUNCTION: +DSA_set_default_method 2971 1_1_0d EXIST::FUNCTION:DSA +BIO_get_init 2972 1_1_0d EXIST::FUNCTION: +i2d_DIRECTORYSTRING 2973 1_1_0d EXIST::FUNCTION: +X509v3_asid_inherits 2974 1_1_0d EXIST::FUNCTION:RFC3779 +X509_PKEY_free 2975 1_1_0d EXIST::FUNCTION: +PKCS8_pkey_set0 2976 1_1_0d EXIST::FUNCTION: +ASN1_OBJECT_create 2977 1_1_0d EXIST::FUNCTION: +BN_asc2bn 2978 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_cmp_time_t 2979 1_1_0d EXIST::FUNCTION: +DSA_get0_engine 2980 1_1_0d EXIST::FUNCTION:DSA +sm3_hmac_final 2981 1_1_0d EXIST::FUNCTION:SM3 +BFIBE_decrypt 2982 1_1_0d EXIST::FUNCTION:BFIBE +PKCS7_new 2983 1_1_0d EXIST::FUNCTION: +ERR_load_CT_strings 2984 1_1_0d EXIST::FUNCTION:CT +ESS_CERT_ID_dup 2985 1_1_0d EXIST::FUNCTION:TS +i2d_PKCS12_fp 2986 1_1_0d EXIST::FUNCTION:STDIO +i2d_OCSP_RESPDATA 2987 1_1_0d EXIST::FUNCTION:OCSP +i2d_PKCS8PrivateKeyInfo_fp 2988 1_1_0d EXIST::FUNCTION:STDIO +NETSCAPE_SPKI_get_pubkey 2989 1_1_0d EXIST::FUNCTION: +BB1IBE_do_encrypt 2990 1_1_0d EXIST::FUNCTION:BB1IBE +EVP_add_cipher_alias 2991 1_1_0d EXIST::FUNCTION: +d2i_PKCS12_SAFEBAG 2992 1_1_0d EXIST::FUNCTION: +BN_GENCB_call 2993 1_1_0d EXIST::FUNCTION: +POLICY_MAPPING_it 2994 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPING_it 2994 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_TST_INFO_get_version 2995 1_1_0d EXIST::FUNCTION:TS +SOF_EncryptFile 2996 1_1_0d EXIST::FUNCTION: +EVP_seed_ecb 2997 1_1_0d EXIST::FUNCTION:SEED +SDF_GenerateKeyWithKEK 2998 1_1_0d EXIST::FUNCTION: +SXNETID_it 2999 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +SXNETID_it 2999 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SAF_GenRsaKeyPair 3000 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_push 3001 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_test_flags 3002 1_1_0d EXIST::FUNCTION: +CMS_get1_ReceiptRequest 3003 1_1_0d EXIST::FUNCTION:CMS +X509_NAME_get_text_by_OBJ 3004 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_extension_cb 3005 1_1_0d EXIST::FUNCTION:TS +OPENSSL_sk_dup 3006 1_1_0d EXIST::FUNCTION: +ASN1_UNIVERSALSTRING_it 3007 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_UNIVERSALSTRING_it 3007 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SM2CiphertextValue_set_ECCCipher 3008 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,SM2 +BB1IBE_do_decrypt 3009 1_1_0d EXIST::FUNCTION:BB1IBE +OCSP_copy_nonce 3010 1_1_0d EXIST::FUNCTION:OCSP +SKF_DecryptInit 3011 1_1_0d EXIST::FUNCTION:SKF +OBJ_obj2nid 3012 1_1_0d EXIST::FUNCTION: +d2i_AUTHORITY_INFO_ACCESS 3013 1_1_0d EXIST::FUNCTION: +X509_STORE_get_get_issuer 3014 1_1_0d EXIST::FUNCTION: +DSA_generate_parameters_ex 3015 1_1_0d EXIST::FUNCTION:DSA +d2i_PrivateKey_bio 3016 1_1_0d EXIST::FUNCTION: +i2d_X509_CRL 3017 1_1_0d EXIST::FUNCTION: +BIO_f_base64 3018 1_1_0d EXIST::FUNCTION: +CONF_get_number 3019 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_set 3020 1_1_0d EXIST::FUNCTION: +RC2_set_key 3021 1_1_0d EXIST::FUNCTION:RC2 +OPENSSL_sk_new_null 3022 1_1_0d EXIST::FUNCTION: +MD5_Update 3023 1_1_0d EXIST::FUNCTION:MD5 +sms4_encrypt_16blocks 3024 1_1_0d EXIST::FUNCTION:SMS4 +DSA_OpenSSL 3025 1_1_0d EXIST::FUNCTION:DSA +X509_CERT_AUX_free 3026 1_1_0d EXIST::FUNCTION: +OCSP_CRLID_it 3027 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_CRLID_it 3027 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +sms4_unwrap_key 3028 1_1_0d EXIST::FUNCTION:SMS4 +sm3_final 3029 1_1_0d EXIST::FUNCTION:SM3 +PaillierPrivateKey_it 3030 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:PAILLIER +PaillierPrivateKey_it 3030 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:PAILLIER +PEM_write_bio_PKCS8 3031 1_1_0d EXIST::FUNCTION: +SCT_print 3032 1_1_0d EXIST::FUNCTION:CT +PKCS12_key_gen_asc 3033 1_1_0d EXIST::FUNCTION: +RIPEMD160_Init 3034 1_1_0d EXIST::FUNCTION:RMD160 +ACCESS_DESCRIPTION_new 3035 1_1_0d EXIST::FUNCTION: +CMS_decrypt_set1_key 3036 1_1_0d EXIST::FUNCTION:CMS +EVP_MD_nid 3037 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_set_num 3038 1_1_0d EXIST::FUNCTION: +SAF_ChangePin 3039 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get1_cert 3040 1_1_0d EXIST::FUNCTION: +i2d_ESS_ISSUER_SERIAL 3041 1_1_0d EXIST::FUNCTION:TS +d2i_ECPKParameters 3042 1_1_0d EXIST::FUNCTION:EC +ASN1_NULL_free 3043 1_1_0d EXIST::FUNCTION: +PEM_write_bio_PrivateKey_traditional 3044 1_1_0d EXIST::FUNCTION: +ERR_load_BUF_strings 3045 1_1_0d EXIST::FUNCTION: +PKCS7_it 3046 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_it 3046 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS7_ISSUER_AND_SERIAL_it 3047 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ISSUER_AND_SERIAL_it 3047 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_PKEY_base_id 3048 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ecdh_kdf_type 3049 1_1_0d EXIST::FUNCTION:EC +BIO_s_bio 3050 1_1_0d EXIST::FUNCTION: +err_free_strings_int 3051 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get1_chain 3052 1_1_0d EXIST::FUNCTION: +CRYPTO_nistcts128_decrypt 3053 1_1_0d EXIST::FUNCTION: +d2i_TS_RESP 3054 1_1_0d EXIST::FUNCTION:TS +OPENSSL_INIT_free 3055 1_1_0d EXIST::FUNCTION: +OPENSSL_hexchar2int 3056 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_1536 3057 1_1_0d EXIST::FUNCTION: +ENGINE_set_pkey_meths 3058 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_CTX_get0_cert 3059 1_1_0d EXIST::FUNCTION: +i2d_X509_ALGOR 3060 1_1_0d EXIST::FUNCTION: +OCSP_check_nonce 3061 1_1_0d EXIST::FUNCTION:OCSP +SM2_decrypt 3062 1_1_0d EXIST::FUNCTION:SM2 +DH_compute_key 3063 1_1_0d EXIST::FUNCTION:DH +CMS_unsigned_get0_data_by_OBJ 3064 1_1_0d EXIST::FUNCTION:CMS +EVP_EncryptInit_ex 3065 1_1_0d EXIST::FUNCTION: +EVP_PKEY_assign_RSA 3066 1_1_0d EXIST::FUNCTION:RSA +DH_get_2048_224 3067 1_1_0d EXIST::FUNCTION:DH +OPENSSL_gmtime 3068 1_1_0d EXIST::FUNCTION: +X509V3_set_ctx 3069 1_1_0d EXIST::FUNCTION: +X509_CRL_verify 3070 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set_ex_data 3071 1_1_0d EXIST::FUNCTION: +CMS_get1_certs 3072 1_1_0d EXIST::FUNCTION:CMS +OCSP_SINGLERESP_get_ext_by_critical 3073 1_1_0d EXIST::FUNCTION:OCSP +v2i_GENERAL_NAME 3074 1_1_0d EXIST::FUNCTION: +ENGINE_set_finish_function 3075 1_1_0d EXIST::FUNCTION:ENGINE +TS_TST_INFO_new 3076 1_1_0d EXIST::FUNCTION:TS +PEM_write_DSAPrivateKey 3077 1_1_0d EXIST::FUNCTION:DSA,STDIO +ERR_get_state 3078 1_1_0d EXIST::FUNCTION: +SDF_ExportEncPublicKey_RSA 3079 1_1_0d EXIST::FUNCTION: +PKCS12_item_pack_safebag 3080 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_clock_precision_digits 3081 1_1_0d EXIST::FUNCTION:TS +SXNET_get_id_INTEGER 3082 1_1_0d EXIST::FUNCTION: +BIO_f_cipher 3083 1_1_0d EXIST::FUNCTION: +ERR_peek_error_line_data 3084 1_1_0d EXIST::FUNCTION: +SOF_SetCertTrustList 3085 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_serial 3086 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_add1_attr 3087 1_1_0d EXIST::FUNCTION: +PKCS7_ISSUER_AND_SERIAL_digest 3088 1_1_0d EXIST::FUNCTION: +X509_set_proxy_flag 3089 1_1_0d EXIST::FUNCTION: +UI_method_set_opener 3090 1_1_0d EXIST::FUNCTION:UI +EVP_EncodeInit 3091 1_1_0d EXIST::FUNCTION: +PKCS12_unpack_p7encdata 3092 1_1_0d EXIST::FUNCTION: +i2s_ASN1_ENUMERATED 3093 1_1_0d EXIST::FUNCTION: +SKF_PrintRSAPrivateKey 3094 1_1_0d EXIST::FUNCTION:SKF +EC_POINT_set_affine_coordinates_GF2m 3095 1_1_0d EXIST::FUNCTION:EC,EC2M +OTHERNAME_cmp 3096 1_1_0d EXIST::FUNCTION: +EVP_EncodeUpdate 3097 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3098 1_1_0d EXIST::FUNCTION:EC2M +DSA_size 3099 1_1_0d EXIST::FUNCTION:DSA +i2d_X509_CRL_fp 3100 1_1_0d EXIST::FUNCTION:STDIO +NETSCAPE_SPKI_print 3101 1_1_0d EXIST::FUNCTION: +ENGINE_cmd_is_executable 3102 1_1_0d EXIST::FUNCTION:ENGINE +BIO_get_callback 3103 1_1_0d EXIST::FUNCTION: +EC_KEY_get_conv_form 3104 1_1_0d EXIST::FUNCTION:EC +RC2_ecb_encrypt 3105 1_1_0d EXIST::FUNCTION:RC2 +CT_POLICY_EVAL_CTX_get0_issuer 3106 1_1_0d EXIST::FUNCTION:CT +EVP_CIPHER_CTX_flags 3107 1_1_0d EXIST::FUNCTION: +EVP_Cipher 3108 1_1_0d EXIST::FUNCTION: +OPENSSL_gmtime_diff 3109 1_1_0d EXIST::FUNCTION: +GENERAL_NAME_set0_value 3110 1_1_0d EXIST::FUNCTION: +X509V3_EXT_conf_nid 3111 1_1_0d EXIST::FUNCTION: +SXNET_free 3112 1_1_0d EXIST::FUNCTION: +speck_set_decrypt_key32 3113 1_1_0d EXIST::FUNCTION:SPECK +ENGINE_set_default_string 3114 1_1_0d EXIST::FUNCTION:ENGINE +SOF_ExportUserCert 3115 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_set0_key 3116 1_1_0d EXIST::FUNCTION:CMS +OPENSSL_LH_get_down_load 3117 1_1_0d EXIST::FUNCTION: +TS_CONF_set_serial 3118 1_1_0d EXIST::FUNCTION:TS +BN_add 3119 1_1_0d EXIST::FUNCTION: +X509_REVOKED_it 3120 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REVOKED_it 3120 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CMS_encrypt 3121 1_1_0d EXIST::FUNCTION:CMS +d2i_ASN1_NULL 3122 1_1_0d EXIST::FUNCTION: +UI_new 3123 1_1_0d EXIST::FUNCTION:UI +DES_check_key_parity 3124 1_1_0d EXIST::FUNCTION:DES +TXT_DB_get_by_index 3125 1_1_0d EXIST::FUNCTION: +SKF_NewECCCipher 3126 1_1_0d EXIST::FUNCTION:SKF +RAND_poll 3127 1_1_0d EXIST::FUNCTION: +BFMasterSecret_new 3128 1_1_0d EXIST::FUNCTION:BFIBE +TS_RESP_CTX_add_flags 3129 1_1_0d EXIST::FUNCTION:TS +i2d_PKCS7_SIGN_ENVELOPE 3130 1_1_0d EXIST::FUNCTION: +SEED_decrypt 3131 1_1_0d EXIST::FUNCTION:SEED +DH_free 3132 1_1_0d EXIST::FUNCTION:DH +SM2CiphertextValue_new 3133 1_1_0d EXIST::FUNCTION:SM2 +ASN1_BMPSTRING_new 3134 1_1_0d EXIST::FUNCTION: +X509_TRUST_cleanup 3135 1_1_0d EXIST::FUNCTION: +DH_meth_dup 3136 1_1_0d EXIST::FUNCTION:DH +EVP_des_ede3_cbc 3137 1_1_0d EXIST::FUNCTION:DES +BFIBE_encrypt 3138 1_1_0d EXIST::FUNCTION:BFIBE +SOF_GetSignMethod 3139 1_1_0d EXIST::FUNCTION: +DSA_print_fp 3140 1_1_0d EXIST::FUNCTION:DSA,STDIO +PEM_write_EC_PUBKEY 3141 1_1_0d EXIST::FUNCTION:EC,STDIO +d2i_ASN1_IA5STRING 3142 1_1_0d EXIST::FUNCTION: +EVP_PKEY_paramgen 3143 1_1_0d EXIST::FUNCTION: +ERR_load_ERR_strings 3144 1_1_0d EXIST::FUNCTION: +DH_set0_key 3145 1_1_0d EXIST::FUNCTION:DH +EVP_des_ede_cbc 3146 1_1_0d EXIST::FUNCTION:DES +X509_set1_notBefore 3147 1_1_0d EXIST::FUNCTION: +X509_ALGORS_it 3148 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_ALGORS_it 3148 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SAF_Mac 3149 1_1_0d EXIST::FUNCTION: +CRYPTO_ccm128_init 3150 1_1_0d EXIST::FUNCTION: +PEM_read_bio 3151 1_1_0d EXIST::FUNCTION: +RSA_size 3152 1_1_0d EXIST::FUNCTION:RSA +EC_GROUP_is_type1curve 3153 1_1_0d EXIST::FUNCTION: +RSA_meth_get0_name 3154 1_1_0d EXIST::FUNCTION:RSA +d2i_RSAPublicKey_fp 3155 1_1_0d EXIST::FUNCTION:RSA,STDIO +SHA224 3156 1_1_0d EXIST::FUNCTION: +BN_bn2mpi 3157 1_1_0d EXIST::FUNCTION: +ENGINE_set_EC 3158 1_1_0d EXIST::FUNCTION:ENGINE +ERR_pop_to_mark 3159 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set_depth 3160 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get_bag_nid 3161 1_1_0d EXIST::FUNCTION: +X509_get0_signature 3162 1_1_0d EXIST::FUNCTION: +AES_set_decrypt_key 3163 1_1_0d EXIST::FUNCTION: +CONF_module_set_usr_data 3164 1_1_0d EXIST::FUNCTION: +ENGINE_get_pkey_meth_engine 3165 1_1_0d EXIST::FUNCTION:ENGINE +BIO_socket 3166 1_1_0d EXIST::FUNCTION:SOCK +COMP_get_name 3167 1_1_0d EXIST::FUNCTION:COMP +DH_generate_key 3168 1_1_0d EXIST::FUNCTION:DH +EVP_camellia_256_cfb128 3169 1_1_0d EXIST::FUNCTION:CAMELLIA +EC_GROUP_set_curve_GF2m 3170 1_1_0d EXIST::FUNCTION:EC,EC2M +UI_method_set_closer 3171 1_1_0d EXIST::FUNCTION:UI +PEM_write_bio_ASN1_stream 3172 1_1_0d EXIST::FUNCTION: +v2i_GENERAL_NAME_ex 3173 1_1_0d EXIST::FUNCTION: +SKF_DisConnectDev 3174 1_1_0d EXIST::FUNCTION:SKF +TS_CONF_get_tsa_section 3175 1_1_0d EXIST::FUNCTION:TS +X509_STORE_CTX_set_error_depth 3176 1_1_0d EXIST::FUNCTION: +i2d_DSAPrivateKey_fp 3177 1_1_0d EXIST::FUNCTION:DSA,STDIO +TS_TST_INFO_get_ext_d2i 3178 1_1_0d EXIST::FUNCTION:TS +speck_set_encrypt_key32 3179 1_1_0d EXIST::FUNCTION:SPECK +BIO_f_md 3180 1_1_0d EXIST::FUNCTION: +CMS_RecipientEncryptedKey_get0_id 3181 1_1_0d EXIST::FUNCTION:CMS +EVP_camellia_192_cfb1 3182 1_1_0d EXIST::FUNCTION:CAMELLIA +d2i_ECCSignature_fp 3183 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,STDIO +DSA_get_ex_data 3184 1_1_0d EXIST::FUNCTION:DSA +SM2CiphertextValue_new_from_ECCCipher 3185 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,SM2 +BN_GF2m_mod_sqr 3186 1_1_0d EXIST::FUNCTION:EC2M +BN_generate_dsa_nonce 3187 1_1_0d EXIST::FUNCTION: +TS_REQ_set_policy_id 3188 1_1_0d EXIST::FUNCTION:TS +d2i_ASN1_INTEGER 3189 1_1_0d EXIST::FUNCTION: +ECDSA_do_sign_ex 3190 1_1_0d EXIST::FUNCTION:EC +BIO_accept_ex 3191 1_1_0d EXIST::FUNCTION:SOCK +d2i_SCT_LIST 3192 1_1_0d EXIST::FUNCTION:CT +X509_email_free 3193 1_1_0d EXIST::FUNCTION: +SM2_KAP_final_check 3194 1_1_0d EXIST::FUNCTION:SM2 +OCSP_parse_url 3195 1_1_0d EXIST::FUNCTION:OCSP +DSO_set_filename 3196 1_1_0d EXIST::FUNCTION: +EVP_read_pw_string_min 3197 1_1_0d EXIST::FUNCTION:UI +PKCS7_set0_type_other 3198 1_1_0d EXIST::FUNCTION: +RSA_meth_get_keygen 3199 1_1_0d EXIST::FUNCTION:RSA +i2d_GENERAL_NAMES 3200 1_1_0d EXIST::FUNCTION: +EVP_VerifyFinal 3201 1_1_0d EXIST::FUNCTION: +X509_VAL_free 3202 1_1_0d EXIST::FUNCTION: +ASN1_parse 3203 1_1_0d EXIST::FUNCTION: +UI_dup_input_boolean 3204 1_1_0d EXIST::FUNCTION:UI +EC_KEY_new 3205 1_1_0d EXIST::FUNCTION:EC +OBJ_add_object 3206 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_tag 3207 1_1_0d EXIST::FUNCTION:OCB +d2i_X509_ATTRIBUTE 3208 1_1_0d EXIST::FUNCTION: +EVP_DigestVerifyInit 3209 1_1_0d EXIST::FUNCTION: +SCT_set_source 3210 1_1_0d EXIST::FUNCTION:CT +BN_GF2m_mod 3211 1_1_0d EXIST::FUNCTION:EC2M +ERR_load_SM9_strings 3212 1_1_0d EXIST::FUNCTION:SM9 +DSA_meth_get_finish 3213 1_1_0d EXIST::FUNCTION:DSA +EVP_PKEY_get_sgd 3214 1_1_0d EXIST::FUNCTION:GMAPI +BN_print 3215 1_1_0d EXIST::FUNCTION: +DH_set_flags 3216 1_1_0d EXIST::FUNCTION:DH +ERR_set_error_data 3217 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_find_ex 3218 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_encrypt 3219 1_1_0d EXIST::FUNCTION:OCB +CRYPTO_ccm128_decrypt 3220 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_print 3221 1_1_0d EXIST::FUNCTION:CPK +TS_MSG_IMPRINT_dup 3222 1_1_0d EXIST::FUNCTION:TS +AUTHORITY_KEYID_free 3223 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ec_param_enc 3224 1_1_0d EXIST::FUNCTION:EC +UI_set_ex_data 3225 1_1_0d EXIST::FUNCTION:UI +d2i_TS_MSG_IMPRINT_fp 3226 1_1_0d EXIST::FUNCTION:STDIO,TS +SAF_EccSignFile 3227 1_1_0d EXIST::FUNCTION:SAF +SKF_NewEnvelopedKey 3228 1_1_0d EXIST::FUNCTION:SKF +CRYPTO_nistcts128_encrypt 3229 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_new 3230 1_1_0d EXIST::FUNCTION: +EVP_DigestUpdate 3231 1_1_0d EXIST::FUNCTION: +EVP_aes_192_ecb 3232 1_1_0d EXIST::FUNCTION: +ASN1_NULL_new 3233 1_1_0d EXIST::FUNCTION: +EC_GFp_mont_method 3234 1_1_0d EXIST::FUNCTION:EC +i2d_TS_MSG_IMPRINT_fp 3235 1_1_0d EXIST::FUNCTION:STDIO,TS +EVP_PKEY_CTX_get_keygen_info 3236 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_set_result_size 3237 1_1_0d EXIST::FUNCTION: +OPENSSL_asc2uni 3238 1_1_0d EXIST::FUNCTION: +ECIES_PARAMS_get_enc 3239 1_1_0d EXIST::FUNCTION:ECIES +X509_STORE_CTX_get_lookup_crls 3240 1_1_0d EXIST::FUNCTION: +EC_GROUP_get0_order 3241 1_1_0d EXIST::FUNCTION:EC +CRYPTO_get_ex_data 3242 1_1_0d EXIST::FUNCTION: +CRYPTO_secure_actual_size 3243 1_1_0d EXIST::FUNCTION: +BN_GFP2_add_bn 3244 1_1_0d EXIST::FUNCTION: +CAST_decrypt 3245 1_1_0d EXIST::FUNCTION:CAST +X509_STORE_CTX_set_time 3246 1_1_0d EXIST::FUNCTION: +ENGINE_load_private_key 3247 1_1_0d EXIST::FUNCTION:ENGINE +SKF_Decrypt 3248 1_1_0d EXIST::FUNCTION:SKF +EVP_MD_do_all 3249 1_1_0d EXIST::FUNCTION: +i2d_CMS_bio 3250 1_1_0d EXIST::FUNCTION:CMS +BFMasterSecret_free 3251 1_1_0d EXIST::FUNCTION:BFIBE +CPK_PUBLIC_PARAMS_get_name 3252 1_1_0d EXIST::FUNCTION:CPK +ENGINE_get_default_EC 3253 1_1_0d EXIST::FUNCTION:ENGINE +X509_EXTENSION_set_object 3254 1_1_0d EXIST::FUNCTION: +ERR_remove_state 3255 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_0_0 +DH_check 3256 1_1_0d EXIST::FUNCTION:DH +DSAparams_print_fp 3257 1_1_0d EXIST::FUNCTION:DSA,STDIO +RSA_padding_check_PKCS1_type_1 3258 1_1_0d EXIST::FUNCTION:RSA +X509v3_get_ext_by_OBJ 3259 1_1_0d EXIST::FUNCTION: +UI_method_get_opener 3260 1_1_0d EXIST::FUNCTION:UI +SAF_Pkcs7_DecodeData 3261 1_1_0d EXIST::FUNCTION: +SKF_GenerateAgreementDataAndKeyWithECC 3262 1_1_0d EXIST::FUNCTION:SKF +OCSP_RESPDATA_free 3263 1_1_0d EXIST::FUNCTION:OCSP +BIO_write 3264 1_1_0d EXIST::FUNCTION: +BIO_s_datagram_sctp 3265 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +ENGINE_register_EC 3266 1_1_0d EXIST::FUNCTION:ENGINE +ECDSA_sign_ex 3267 1_1_0d EXIST::FUNCTION:EC +ASN1_UNIVERSALSTRING_new 3268 1_1_0d EXIST::FUNCTION: +ASN1_OCTET_STRING_cmp 3269 1_1_0d EXIST::FUNCTION: +RSA_padding_add_PKCS1_PSS 3270 1_1_0d EXIST::FUNCTION:RSA +PKCS12_add_key 3271 1_1_0d EXIST::FUNCTION: +CTLOG_STORE_free 3272 1_1_0d EXIST::FUNCTION:CT +EVP_CIPHER_meth_new 3273 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_add_failure_info 3274 1_1_0d EXIST::FUNCTION:TS +ENGINE_set_name 3275 1_1_0d EXIST::FUNCTION:ENGINE +CPK_MASTER_SECRET_extract_public_params 3276 1_1_0d EXIST::FUNCTION:CPK +d2i_ESS_ISSUER_SERIAL 3277 1_1_0d EXIST::FUNCTION:TS +HMAC_Final 3278 1_1_0d EXIST::FUNCTION: +d2i_BFCiphertextBlock 3279 1_1_0d EXIST::FUNCTION:BFIBE +BIO_set_data 3280 1_1_0d EXIST::FUNCTION: +i2d_BFPrivateKeyBlock 3281 1_1_0d EXIST::FUNCTION:BFIBE +X509_REQ_get0_pubkey 3282 1_1_0d EXIST::FUNCTION: +PKCS7_encrypt 3283 1_1_0d EXIST::FUNCTION: +EC_KEY_get_default_method 3284 1_1_0d EXIST::FUNCTION:EC +RSA_meth_get_priv_dec 3285 1_1_0d EXIST::FUNCTION:RSA +DES_encrypt2 3286 1_1_0d EXIST::FUNCTION:DES +i2d_DSAPrivateKey 3287 1_1_0d EXIST::FUNCTION:DSA +PKCS5_v2_PBE_keyivgen 3288 1_1_0d EXIST::FUNCTION: +d2i_NETSCAPE_CERT_SEQUENCE 3289 1_1_0d EXIST::FUNCTION: +X509_TRUST_get_by_id 3290 1_1_0d EXIST::FUNCTION: +ASYNC_cleanup_thread 3291 1_1_0d EXIST::FUNCTION: +BUF_MEM_grow_clean 3292 1_1_0d EXIST::FUNCTION: +BIO_meth_get_puts 3293 1_1_0d EXIST::FUNCTION: +i2d_ECPKParameters 3294 1_1_0d EXIST::FUNCTION:EC +ASN1_STRING_clear_free 3295 1_1_0d EXIST::FUNCTION: +CONF_module_add 3296 1_1_0d EXIST::FUNCTION: +ERR_load_BB1IBE_strings 3297 1_1_0d EXIST::FUNCTION:BB1IBE +BIO_vsnprintf 3298 1_1_0d EXIST::FUNCTION: +OCSP_set_max_response_length 3299 1_1_0d EXIST::FUNCTION:OCSP +EVP_PKEY_meth_add0 3300 1_1_0d EXIST::FUNCTION: +ECPKPARAMETERS_free 3301 1_1_0d EXIST::FUNCTION:EC +PROXY_POLICY_new 3302 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set_purpose 3303 1_1_0d EXIST::FUNCTION: +NCONF_dump_fp 3304 1_1_0d EXIST::FUNCTION:STDIO +BIO_sock_non_fatal_error 3305 1_1_0d EXIST::FUNCTION:SOCK +DH_generate_parameters 3306 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,DH +EC_KEY_dup 3307 1_1_0d EXIST::FUNCTION:EC +SDF_ImportKey 3308 1_1_0d EXIST::FUNCTION:SDF +i2d_OCSP_BASICRESP 3309 1_1_0d EXIST::FUNCTION:OCSP +BIO_next 3310 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_get0_id 3311 1_1_0d EXIST::FUNCTION:OCSP +BN_RECP_CTX_free 3312 1_1_0d EXIST::FUNCTION: +CPK_MAP_str2index 3313 1_1_0d EXIST::FUNCTION:CPK +i2d_PROXY_CERT_INFO_EXTENSION 3314 1_1_0d EXIST::FUNCTION: +EVP_VerifyInit_ex 3315 1_1_0d EXIST::FUNCTION: +EVP_CipherFinal_ex 3316 1_1_0d EXIST::FUNCTION: +PKCS7_ENCRYPT_it 3317 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENCRYPT_it 3317 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SM9_decrypt_with_recommended 3318 1_1_0d EXIST::FUNCTION:SM9 +OCSP_REQ_CTX_set1_req 3319 1_1_0d EXIST::FUNCTION:OCSP +TS_CONF_set_def_policy 3320 1_1_0d EXIST::FUNCTION:TS +PEM_write_bio_NETSCAPE_CERT_SEQUENCE 3321 1_1_0d EXIST::FUNCTION: +SKF_OpenContainer 3322 1_1_0d EXIST::FUNCTION:SKF +SM2_verify 3323 1_1_0d EXIST::FUNCTION:SM2 +CRYPTO_set_mem_functions 3324 1_1_0d EXIST::FUNCTION: +PKCS7_DIGEST_new 3325 1_1_0d EXIST::FUNCTION: +PEM_do_header 3326 1_1_0d EXIST::FUNCTION: +EC_POINT_free 3327 1_1_0d EXIST::FUNCTION:EC +DH_generate_parameters_ex 3328 1_1_0d EXIST::FUNCTION:DH +OCSP_REQUEST_get_ext_by_NID 3329 1_1_0d EXIST::FUNCTION:OCSP +OCSP_resp_count 3330 1_1_0d EXIST::FUNCTION:OCSP +ASN1_OCTET_STRING_new 3331 1_1_0d EXIST::FUNCTION: +SAF_SM2_EncodeSignedAndEnvelopedData 3332 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get_app_data 3333 1_1_0d EXIST::FUNCTION: +PKCS7_signatureVerify 3334 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_decrypt 3335 1_1_0d EXIST::FUNCTION: +PKCS8_pkey_get0_attrs 3336 1_1_0d EXIST::FUNCTION: +i2d_X509_CRL_INFO 3337 1_1_0d EXIST::FUNCTION: +EVP_sms4_ecb 3338 1_1_0d EXIST::FUNCTION:SMS4 +PEM_read_bio_Parameters 3339 1_1_0d EXIST::FUNCTION: +DSA_meth_set_verify 3340 1_1_0d EXIST::FUNCTION:DSA +EVP_camellia_192_ctr 3341 1_1_0d EXIST::FUNCTION:CAMELLIA +EVP_CIPHER_meth_set_flags 3342 1_1_0d EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_OBJ 3343 1_1_0d EXIST::FUNCTION: +d2i_PKCS7_ENC_CONTENT 3344 1_1_0d EXIST::FUNCTION: +DIST_POINT_it 3345 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIST_POINT_it 3345 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CRL_DIST_POINTS_new 3346 1_1_0d EXIST::FUNCTION: +X509_supported_extension 3347 1_1_0d EXIST::FUNCTION: +CRYPTO_gcm128_encrypt_ctr32 3348 1_1_0d EXIST::FUNCTION: +X509_OBJECT_idx_by_subject 3349 1_1_0d EXIST::FUNCTION: +UI_dup_input_string 3350 1_1_0d EXIST::FUNCTION:UI +EVP_aes_256_cfb128 3351 1_1_0d EXIST::FUNCTION: +SRP_get_default_gN 3352 1_1_0d EXIST::FUNCTION:SRP +CRYPTO_mem_debug_pop 3353 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +SKF_ImportCertificate 3354 1_1_0d EXIST::FUNCTION:SKF +DHparams_it 3355 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DH +DHparams_it 3355 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DH +EVP_CIPHER_do_all 3356 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_iv_length 3357 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_policy_id 3358 1_1_0d EXIST::FUNCTION:TS +EVP_CIPHER_param_to_asn1 3359 1_1_0d EXIST::FUNCTION: +EVP_des_ede3_cfb64 3360 1_1_0d EXIST::FUNCTION:DES +d2i_POLICYINFO 3361 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_doall 3362 1_1_0d EXIST::FUNCTION: +BN_from_montgomery 3363 1_1_0d EXIST::FUNCTION: +a2i_ASN1_STRING 3364 1_1_0d EXIST::FUNCTION: +CMS_SignedData_init 3365 1_1_0d EXIST::FUNCTION:CMS +BN_is_prime_fasttest 3366 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 +ENGINE_get_ex_data 3367 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_CTX_get0_policy_tree 3368 1_1_0d EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_set1_issuer 3369 1_1_0d EXIST::FUNCTION:CT +d2i_X509_CRL_fp 3370 1_1_0d EXIST::FUNCTION:STDIO +SAF_GetEccPublicKey 3371 1_1_0d EXIST::FUNCTION: +UI_get_input_flags 3372 1_1_0d EXIST::FUNCTION:UI +PEM_write_bio_CMS_stream 3373 1_1_0d EXIST::FUNCTION:CMS +DES_ecb3_encrypt 3374 1_1_0d EXIST::FUNCTION:DES +OCSP_REQINFO_it 3375 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_REQINFO_it 3375 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +d2i_TS_TST_INFO 3376 1_1_0d EXIST::FUNCTION:TS +PEM_read_bio_ECPrivateKey 3377 1_1_0d EXIST::FUNCTION:EC +BIO_new_connect 3378 1_1_0d EXIST::FUNCTION:SOCK +BIO_get_data 3379 1_1_0d EXIST::FUNCTION: +BIO_f_reliable 3380 1_1_0d EXIST::FUNCTION: +CRYPTO_128_unwrap_pad 3381 1_1_0d EXIST::FUNCTION: +OCSP_basic_verify 3382 1_1_0d EXIST::FUNCTION:OCSP +d2i_DSA_PUBKEY_fp 3383 1_1_0d EXIST::FUNCTION:DSA,STDIO +SKF_CreateApplication 3384 1_1_0d EXIST::FUNCTION:SKF +X509_get0_pubkey 3385 1_1_0d EXIST::FUNCTION: +X509_REQ_get_subject_name 3386 1_1_0d EXIST::FUNCTION: +RSA_check_key 3387 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_encrypt_old 3388 1_1_0d EXIST::FUNCTION: +SM2_sign_setup 3389 1_1_0d EXIST::FUNCTION:SM2 +BIO_ADDR_rawaddress 3390 1_1_0d EXIST::FUNCTION:SOCK +PKCS12_SAFEBAG_get1_crl 3391 1_1_0d EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_NID 3392 1_1_0d EXIST::FUNCTION: +i2d_PKCS8_PRIV_KEY_INFO_fp 3393 1_1_0d EXIST::FUNCTION:STDIO +PEM_read 3394 1_1_0d EXIST::FUNCTION:STDIO +X509_get0_extensions 3395 1_1_0d EXIST::FUNCTION: +BIO_s_mem 3396 1_1_0d EXIST::FUNCTION: +X509_NAME_add_entry 3397 1_1_0d EXIST::FUNCTION: +SKF_PrintECCSignature 3398 1_1_0d EXIST::FUNCTION:SKF +ECIES_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB 3399 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SKF +ENGINE_unregister_RSA 3400 1_1_0d EXIST::FUNCTION:ENGINE +KDF_get_ibcs 3401 1_1_0d EXIST::FUNCTION: +ASN1_ENUMERATED_free 3402 1_1_0d EXIST::FUNCTION: +Camellia_decrypt 3403 1_1_0d EXIST::FUNCTION:CAMELLIA +X509V3_add_value_int 3404 1_1_0d EXIST::FUNCTION: +ASN1_STRING_to_UTF8 3405 1_1_0d EXIST::FUNCTION: +i2d_BFPublicParameters 3406 1_1_0d EXIST::FUNCTION:BFIBE +ASN1_TYPE_unpack_sequence 3407 1_1_0d EXIST::FUNCTION: +BIO_puts 3408 1_1_0d EXIST::FUNCTION: +SM9_compute_share_key 3409 1_1_0d EXIST::FUNCTION:SM9 +EVP_PKEY_get1_EC_KEY 3410 1_1_0d EXIST::FUNCTION:EC +i2d_IPAddressFamily 3411 1_1_0d EXIST::FUNCTION:RFC3779 +d2i_ASN1_UTF8STRING 3412 1_1_0d EXIST::FUNCTION: +X509_STORE_set_purpose 3413 1_1_0d EXIST::FUNCTION: +i2d_ASN1_SET_ANY 3414 1_1_0d EXIST::FUNCTION: +AES_decrypt 3415 1_1_0d EXIST::FUNCTION: +ENGINE_get_RAND 3416 1_1_0d EXIST::FUNCTION:ENGINE +ASN1_OCTET_STRING_NDEF_it 3417 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_NDEF_it 3417 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OCSP_request_sign 3418 1_1_0d EXIST::FUNCTION:OCSP +ENGINE_get_digest_engine 3419 1_1_0d EXIST::FUNCTION:ENGINE +X509V3_EXT_CRL_add_conf 3420 1_1_0d EXIST::FUNCTION: +ASYNC_WAIT_CTX_clear_fd 3421 1_1_0d EXIST::FUNCTION: +OCSP_id_issuer_cmp 3422 1_1_0d EXIST::FUNCTION:OCSP +EVP_EncodeBlock 3423 1_1_0d EXIST::FUNCTION: +SM9PrivateKey_it 3424 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9PrivateKey_it 3424 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +EVP_sms4_cfb128 3425 1_1_0d EXIST::FUNCTION:SMS4 +BIO_get_cipher_status 3426 1_1_0d EXIST::FUNCTION: +SAF_GetVersion 3427 1_1_0d EXIST::FUNCTION: +i2d_X509_REQ 3428 1_1_0d EXIST::FUNCTION: +DH_meth_get_compute_key 3429 1_1_0d EXIST::FUNCTION:DH +EVP_PKEY_asn1_free 3430 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_it 3431 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_PUBKEY_it 3431 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ECDSA_SIG_new_from_ECCSIGNATUREBLOB 3432 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +EC_KEY_check_key 3433 1_1_0d EXIST::FUNCTION:EC +PKCS8_PRIV_KEY_INFO_new 3434 1_1_0d EXIST::FUNCTION: +SCT_get_log_entry_type 3435 1_1_0d EXIST::FUNCTION:CT +BB1MasterSecret_free 3436 1_1_0d EXIST::FUNCTION:BB1IBE +ERR_set_mark 3437 1_1_0d EXIST::FUNCTION: +EC_GROUP_free 3438 1_1_0d EXIST::FUNCTION:EC +d2i_PKCS7_SIGNED 3439 1_1_0d EXIST::FUNCTION: +TS_MSG_IMPRINT_get_msg 3440 1_1_0d EXIST::FUNCTION:TS +ASN1_mbstring_copy 3441 1_1_0d EXIST::FUNCTION: +i2d_USERNOTICE 3442 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get_ec_scheme 3443 1_1_0d EXIST::FUNCTION:SM2 +d2i_OCSP_REQUEST 3444 1_1_0d EXIST::FUNCTION:OCSP +ASN1_TYPE_get_octetstring 3445 1_1_0d EXIST::FUNCTION: +OPENSSL_die 3446 1_1_0d EXIST::FUNCTION: +BIO_nwrite 3447 1_1_0d EXIST::FUNCTION: +BIO_meth_set_gets 3448 1_1_0d EXIST::FUNCTION: +MDC2 3449 1_1_0d EXIST::FUNCTION:MDC2 +IPAddressRange_free 3450 1_1_0d EXIST::FUNCTION:RFC3779 +ASYNC_pause_job 3451 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_get0_data 3452 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kekri_get0_id 3453 1_1_0d EXIST::FUNCTION:CMS +PKCS7_ATTR_VERIFY_it 3454 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ATTR_VERIFY_it 3454 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ASN1_GENERALIZEDTIME_set_string 3455 1_1_0d EXIST::FUNCTION: +X509_CRL_digest 3456 1_1_0d EXIST::FUNCTION: +PKCS12_item_decrypt_d2i 3457 1_1_0d EXIST::FUNCTION: +d2i_PKCS7_ENCRYPT 3458 1_1_0d EXIST::FUNCTION: +CRYPTO_cbc128_encrypt 3459 1_1_0d EXIST::FUNCTION: +ENGINE_get_cipher_engine 3460 1_1_0d EXIST::FUNCTION:ENGINE +CMS_verify_receipt 3461 1_1_0d EXIST::FUNCTION:CMS +RC4_options 3462 1_1_0d EXIST::FUNCTION:RC4 +ASN1_ENUMERATED_new 3463 1_1_0d EXIST::FUNCTION: +X509_CRL_get0_lastUpdate 3464 1_1_0d EXIST::FUNCTION: +EVP_bf_ofb 3465 1_1_0d EXIST::FUNCTION:BF +SRP_VBASE_get1_by_user 3466 1_1_0d EXIST::FUNCTION:SRP +EC_KEY_precompute_mult 3467 1_1_0d EXIST::FUNCTION:EC +CMS_SharedInfo_encode 3468 1_1_0d EXIST::FUNCTION:CMS +X509_policy_tree_get0_level 3469 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_RSA 3470 1_1_0d EXIST::FUNCTION:RSA +MD4_Update 3471 1_1_0d EXIST::FUNCTION:MD4 +PKCS12_setup_mac 3472 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_mul 3473 1_1_0d EXIST::FUNCTION:EC2M +EC_GROUP_get_ecpkparameters 3474 1_1_0d EXIST::FUNCTION:EC +ERR_remove_thread_state 3475 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +ENGINE_set_flags 3476 1_1_0d EXIST::FUNCTION:ENGINE +X509_subject_name_hash_old 3477 1_1_0d EXIST::FUNCTION:MD5 +DIRECTORYSTRING_free 3478 1_1_0d EXIST::FUNCTION: +SOF_Login 3479 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_copy 3480 1_1_0d EXIST::FUNCTION: +PEM_SignInit 3481 1_1_0d EXIST::FUNCTION: +d2i_PublicKey 3482 1_1_0d EXIST::FUNCTION: +CMS_SignerInfo_set1_signer_cert 3483 1_1_0d EXIST::FUNCTION:CMS +OBJ_cmp 3484 1_1_0d EXIST::FUNCTION: +OCSP_request_onereq_get0 3485 1_1_0d EXIST::FUNCTION:OCSP +CMAC_CTX_new 3486 1_1_0d EXIST::FUNCTION:CMAC +ASN1_SCTX_get_template 3487 1_1_0d EXIST::FUNCTION: +sms4_cbc_encrypt 3488 1_1_0d EXIST::FUNCTION:SMS4 +EC_GROUP_method_of 3489 1_1_0d EXIST::FUNCTION:EC +DH_get_ex_data 3490 1_1_0d EXIST::FUNCTION:DH +EC_GFp_nistp256_method 3491 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +BN_ucmp 3492 1_1_0d EXIST::FUNCTION: +BIO_get_shutdown 3493 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get1_RSA 3494 1_1_0d EXIST::FUNCTION:RSA +IPAddressFamily_it 3495 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +IPAddressFamily_it 3495 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +d2i_PUBKEY 3496 1_1_0d EXIST::FUNCTION: +SM9_extract_enc_public_key 3497 1_1_0d EXIST::FUNCTION:SM9 +EC_GROUP_get_type1curve_eta 3498 1_1_0d EXIST::FUNCTION: +POLICYINFO_free 3499 1_1_0d EXIST::FUNCTION: +ASN1_dup 3500 1_1_0d EXIST::FUNCTION: +CONF_module_get_usr_data 3501 1_1_0d EXIST::FUNCTION: +SHA256 3502 1_1_0d EXIST::FUNCTION: +EVP_SealUpdate 3503 1_1_0d EXIST::FUNCTION: +RSA_OAEP_PARAMS_new 3504 1_1_0d EXIST::FUNCTION:RSA +X509_get_signature_type 3505 1_1_0d EXIST::FUNCTION: +X509_NAME_free 3506 1_1_0d EXIST::FUNCTION: +BN_GFP2_div_bn 3507 1_1_0d EXIST::FUNCTION: +EVP_aes_256_cbc_hmac_sha256 3508 1_1_0d EXIST::FUNCTION: +RSA_new_method 3509 1_1_0d EXIST::FUNCTION:RSA +RSA_meth_set_pub_enc 3510 1_1_0d EXIST::FUNCTION:RSA +BN_nist_mod_224 3511 1_1_0d EXIST::FUNCTION: +X509_get0_notAfter 3512 1_1_0d EXIST::FUNCTION: +i2d_ASN1_OCTET_STRING 3513 1_1_0d EXIST::FUNCTION: +EVP_aes_256_gcm 3514 1_1_0d EXIST::FUNCTION: +PKCS7_digest_from_attributes 3515 1_1_0d EXIST::FUNCTION: +SKF_MacFinal 3516 1_1_0d EXIST::FUNCTION:SKF +BIO_free 3517 1_1_0d EXIST::FUNCTION: +SDF_ReadFile 3518 1_1_0d EXIST::FUNCTION: +ASN1_ENUMERATED_to_BN 3519 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_add1_host 3520 1_1_0d EXIST::FUNCTION: +UI_get_ex_data 3521 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_asn1_set_param 3522 1_1_0d EXIST::FUNCTION: +X509_get0_subject_key_id 3523 1_1_0d EXIST::FUNCTION: +DHparams_print 3524 1_1_0d EXIST::FUNCTION:DH +CT_POLICY_EVAL_CTX_set_time 3525 1_1_0d EXIST::FUNCTION:CT +i2d_NETSCAPE_SPKAC 3526 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get0_asn1 3527 1_1_0d EXIST::FUNCTION: +EC_KEY_new_from_ECCPRIVATEKEYBLOB 3528 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +X509_add1_reject_object 3529 1_1_0d EXIST::FUNCTION: +EC_GROUP_new 3530 1_1_0d EXIST::FUNCTION:EC +EVP_PKEY_new_mac_key 3531 1_1_0d EXIST::FUNCTION: +d2i_X509_NAME_ENTRY 3532 1_1_0d EXIST::FUNCTION: +BN_generate_prime_ex 3533 1_1_0d EXIST::FUNCTION: +CMS_digest_create 3534 1_1_0d EXIST::FUNCTION:CMS +d2i_SM2CiphertextValue 3535 1_1_0d EXIST::FUNCTION:SM2 +ERR_load_COMP_strings 3536 1_1_0d EXIST::FUNCTION:COMP +BN_GFP2_canonical 3537 1_1_0d EXIST::FUNCTION: +DH_size 3538 1_1_0d EXIST::FUNCTION:DH +PaillierPublicKey_it 3539 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:PAILLIER +PaillierPublicKey_it 3539 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:PAILLIER +UI_set_method 3540 1_1_0d EXIST::FUNCTION:UI +X509_LOOKUP_by_issuer_serial 3541 1_1_0d EXIST::FUNCTION: +OPENSSL_cleanse 3542 1_1_0d EXIST::FUNCTION: +ASN1_add_stable_module 3543 1_1_0d EXIST::FUNCTION: +RSA_meth_get_priv_enc 3544 1_1_0d EXIST::FUNCTION:RSA +EVP_CIPHER_get_asn1_iv 3545 1_1_0d EXIST::FUNCTION: +UI_free 3546 1_1_0d EXIST::FUNCTION:UI +TS_ACCURACY_set_millis 3547 1_1_0d EXIST::FUNCTION:TS +X509_LOOKUP_by_subject 3548 1_1_0d EXIST::FUNCTION: +i2d_PKEY_USAGE_PERIOD 3549 1_1_0d EXIST::FUNCTION: +X509_EXTENSIONS_it 3550 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_EXTENSIONS_it 3550 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_get0_uids 3551 1_1_0d EXIST::FUNCTION: +d2i_PUBKEY_bio 3552 1_1_0d EXIST::FUNCTION: +DISPLAYTEXT_new 3553 1_1_0d EXIST::FUNCTION: +X509_NAME_entry_count 3554 1_1_0d EXIST::FUNCTION: +PROXY_CERT_INFO_EXTENSION_free 3555 1_1_0d EXIST::FUNCTION: +HMAC_CTX_copy 3556 1_1_0d EXIST::FUNCTION: +SCT_get_version 3557 1_1_0d EXIST::FUNCTION:CT +CPK_MASTER_SECRET_extract_private_key 3558 1_1_0d EXIST::FUNCTION:CPK +EC_KEY_METHOD_set_keygen 3559 1_1_0d EXIST::FUNCTION:EC +d2i_ASN1_T61STRING 3560 1_1_0d EXIST::FUNCTION: +SKF_CancelWaitForDevEvent 3561 1_1_0d EXIST::FUNCTION:SKF +PEM_read_bio_RSAPrivateKey 3562 1_1_0d EXIST::FUNCTION:RSA +X509_CRL_get0_by_cert 3563 1_1_0d EXIST::FUNCTION: +SKF_CloseApplication 3564 1_1_0d EXIST::FUNCTION:SKF +COMP_CTX_free 3565 1_1_0d EXIST::FUNCTION:COMP +EVP_MD_CTX_init 3566 1_1_0d EXIST::FUNCTION: +ACCESS_DESCRIPTION_free 3567 1_1_0d EXIST::FUNCTION: +BIO_sock_init 3568 1_1_0d EXIST::FUNCTION:SOCK +d2i_RSA_PUBKEY 3569 1_1_0d EXIST::FUNCTION:RSA +SCT_free 3570 1_1_0d EXIST::FUNCTION:CT +CPK_MASTER_SECRET_digest 3571 1_1_0d EXIST::FUNCTION:CPK +CRYPTO_mem_leaks_fp 3572 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG,STDIO +EVP_CIPHER_CTX_get_app_data 3573 1_1_0d EXIST::FUNCTION: +zuc_128eia3_init 3574 1_1_0d EXIST::FUNCTION:ZUC +EC_POINT_set_Jprojective_coordinates_GFp 3575 1_1_0d EXIST::FUNCTION:EC +X509_ALGOR_set_md 3576 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_md_data 3577 1_1_0d EXIST::FUNCTION: +i2d_ECPrivateKey 3578 1_1_0d EXIST::FUNCTION:EC +i2d_ASN1_OBJECT 3579 1_1_0d EXIST::FUNCTION: +PKCS7_to_TS_TST_INFO 3580 1_1_0d EXIST::FUNCTION:TS +RSA_padding_add_PKCS1_OAEP 3581 1_1_0d EXIST::FUNCTION:RSA +X509_ocspid_print 3582 1_1_0d EXIST::FUNCTION: +EVP_des_cfb8 3583 1_1_0d EXIST::FUNCTION:DES +EVP_PKEY_set1_DH 3584 1_1_0d EXIST::FUNCTION:DH +TS_REQ_ext_free 3585 1_1_0d EXIST::FUNCTION:TS +SDF_ExchangeDigitEnvelopeBaseOnECC 3586 1_1_0d EXIST::FUNCTION: +RSAPrivateKey_dup 3587 1_1_0d EXIST::FUNCTION:RSA +OCSP_CRLID_free 3588 1_1_0d EXIST::FUNCTION:OCSP +TS_RESP_CTX_set_def_policy 3589 1_1_0d EXIST::FUNCTION:TS +ASN1_TIME_diff 3590 1_1_0d EXIST::FUNCTION: +b2i_PublicKey 3591 1_1_0d EXIST::FUNCTION:DSA +ENGINE_set_load_privkey_function 3592 1_1_0d EXIST::FUNCTION:ENGINE +BFPrivateKeyBlock_free 3593 1_1_0d EXIST::FUNCTION:BFIBE +EVP_PKEY_keygen_init 3594 1_1_0d EXIST::FUNCTION: +d2i_X509_ALGOR 3595 1_1_0d EXIST::FUNCTION: +RC2_ofb64_encrypt 3596 1_1_0d EXIST::FUNCTION:RC2 +EVP_EncryptFinal 3597 1_1_0d EXIST::FUNCTION: +DSA_meth_set_mod_exp 3598 1_1_0d EXIST::FUNCTION:DSA +d2i_SXNET 3599 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_new 3600 1_1_0d EXIST::FUNCTION:OCSP +DSA_do_sign 3601 1_1_0d EXIST::FUNCTION:DSA +OCSP_RESPONSE_it 3602 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_RESPONSE_it 3602 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +PKCS12_key_gen_utf8 3603 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_new 3604 1_1_0d EXIST::FUNCTION:OCSP +PEM_write_ECPrivateKey 3605 1_1_0d EXIST::FUNCTION:EC,STDIO +EVP_get_cipherbyname 3606 1_1_0d EXIST::FUNCTION: +i2d_RSAPublicKey_fp 3607 1_1_0d EXIST::FUNCTION:RSA,STDIO +X509_time_adj_ex 3608 1_1_0d EXIST::FUNCTION: +X509_OBJECT_get0_X509_CRL 3609 1_1_0d EXIST::FUNCTION: +BN_GFP2_is_zero 3610 1_1_0d EXIST::FUNCTION: +UI_get_string_type 3611 1_1_0d EXIST::FUNCTION:UI +X509V3_EXT_CRL_add_nconf 3612 1_1_0d EXIST::FUNCTION: +X509_NAME_add_entry_by_txt 3613 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_set_flags 3614 1_1_0d EXIST::FUNCTION: +BIO_set_init 3615 1_1_0d EXIST::FUNCTION: +SM9_do_verify_ex 3616 1_1_0d EXIST::FUNCTION:SM9 +EC_KEY_copy 3617 1_1_0d EXIST::FUNCTION:EC +X509V3_EXT_cleanup 3618 1_1_0d EXIST::FUNCTION: +TS_VERIFY_CTX_cleanup 3619 1_1_0d EXIST::FUNCTION:TS +X509_STORE_get_lookup_certs 3620 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get_ecdh_kdf_md 3621 1_1_0d EXIST::FUNCTION:EC +CMS_unsigned_add1_attr 3622 1_1_0d EXIST::FUNCTION:CMS +SCT_LIST_free 3623 1_1_0d EXIST::FUNCTION:CT +EVP_MD_do_all_sorted 3624 1_1_0d EXIST::FUNCTION: +DSA_set0_pqg 3625 1_1_0d EXIST::FUNCTION:DSA +COMP_CTX_get_type 3626 1_1_0d EXIST::FUNCTION:COMP +ERR_load_OTP_strings 3627 1_1_0d EXIST::FUNCTION:OTP +RIPEMD160_Final 3628 1_1_0d EXIST::FUNCTION:RMD160 +i2d_OCSP_CERTID 3629 1_1_0d EXIST::FUNCTION:OCSP +OCSP_request_add1_nonce 3630 1_1_0d EXIST::FUNCTION:OCSP +OBJ_get0_data 3631 1_1_0d EXIST::FUNCTION: +EVP_des_ede 3632 1_1_0d EXIST::FUNCTION:DES +i2d_X509_SIG 3633 1_1_0d EXIST::FUNCTION: +BIO_copy_next_retry 3634 1_1_0d EXIST::FUNCTION: +TS_REQ_get_nonce 3635 1_1_0d EXIST::FUNCTION:TS +X509V3_extensions_print 3636 1_1_0d EXIST::FUNCTION: +i2d_NETSCAPE_SPKI 3637 1_1_0d EXIST::FUNCTION: +PKCS7_DIGEST_it 3638 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_DIGEST_it 3638 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BIO_s_datagram 3639 1_1_0d EXIST::FUNCTION:DGRAM +SKF_GenerateKeyWithECC 3640 1_1_0d EXIST::FUNCTION:SKF +HMAC 3641 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_ctrl 3642 1_1_0d EXIST::FUNCTION: +d2i_DHparams 3643 1_1_0d EXIST::FUNCTION:DH +ASN1_BIT_STRING_num_asc 3644 1_1_0d EXIST::FUNCTION: +X509V3_EXT_add_nconf 3645 1_1_0d EXIST::FUNCTION: +EVP_PKEY_verify 3646 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_node_usage_stats_bio 3647 1_1_0d EXIST::FUNCTION: +ASN1_item_i2d 3648 1_1_0d EXIST::FUNCTION: +BN_bn2bin 3649 1_1_0d EXIST::FUNCTION: +SAF_Base64_DestroyBase64Obj 3650 1_1_0d EXIST::FUNCTION: +X509_LOOKUP_shutdown 3651 1_1_0d EXIST::FUNCTION: +SKF_EnumContainer 3652 1_1_0d EXIST::FUNCTION:SKF +CMS_get0_content 3653 1_1_0d EXIST::FUNCTION:CMS +ASN1_ENUMERATED_get_int64 3654 1_1_0d EXIST::FUNCTION: +BUF_MEM_new_ex 3655 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_time 3656 1_1_0d EXIST::FUNCTION:TS +CMS_SignerInfo_sign 3657 1_1_0d EXIST::FUNCTION:CMS +X509_PURPOSE_get_by_sname 3658 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_it 3659 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CPK +CPK_PUBLIC_PARAMS_it 3659 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CPK +SKF_PrintECCPrivateKey 3660 1_1_0d EXIST::FUNCTION:SKF +i2d_re_X509_tbs 3661 1_1_0d EXIST::FUNCTION: +X509_REQ_set_pubkey 3662 1_1_0d EXIST::FUNCTION: +ENGINE_get_next 3663 1_1_0d EXIST::FUNCTION:ENGINE +X509_STORE_CTX_get1_certs 3664 1_1_0d EXIST::FUNCTION: +X509V3_set_conf_lhash 3665 1_1_0d EXIST::FUNCTION: +EVP_rc2_64_cbc 3666 1_1_0d EXIST::FUNCTION:RC2 +BIO_test_flags 3667 1_1_0d EXIST::FUNCTION: +ASN1_STRING_length 3668 1_1_0d EXIST::FUNCTION: +EVP_camellia_256_ofb 3669 1_1_0d EXIST::FUNCTION:CAMELLIA +SM9PublicKey_free 3670 1_1_0d EXIST::FUNCTION:SM9 +GENERAL_NAME_print 3671 1_1_0d EXIST::FUNCTION: +X509_set_ex_data 3672 1_1_0d EXIST::FUNCTION: +BN_GFP2_inv 3673 1_1_0d EXIST::FUNCTION: +ASN1_SEQUENCE_ANY_it 3674 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_SEQUENCE_ANY_it 3674 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_PKEY_CTX_set_ecdh_kdf_outlen 3675 1_1_0d EXIST::FUNCTION:EC +EVP_DecodeFinal 3676 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set0_ecdh_kdf_ukm 3677 1_1_0d EXIST::FUNCTION:EC +EVP_md_null 3678 1_1_0d EXIST::FUNCTION: +EC_POINT_set_compressed_coordinates_GFp 3679 1_1_0d EXIST::FUNCTION:EC +ASN1_BIT_STRING_get_bit 3680 1_1_0d EXIST::FUNCTION: +zuc_128eea3_init 3681 1_1_0d EXIST::FUNCTION:ZUC +SKF_MacInit 3682 1_1_0d EXIST::FUNCTION:SKF +X509_STORE_CTX_get_check_issued 3683 1_1_0d EXIST::FUNCTION: +i2d_X509_CRL_bio 3684 1_1_0d EXIST::FUNCTION: +DES_set_key 3685 1_1_0d EXIST::FUNCTION:DES +X509_check_private_key 3686 1_1_0d EXIST::FUNCTION: +ASN1_BIT_STRING_it 3687 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_BIT_STRING_it 3687 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_des_cfb64 3688 1_1_0d EXIST::FUNCTION:DES +RSA_padding_check_X931 3689 1_1_0d EXIST::FUNCTION:RSA +OCSP_CERTID_dup 3690 1_1_0d EXIST::FUNCTION:OCSP +EVP_MD_CTX_destroy 3691 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get_attr_count 3692 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kari_get0_alg 3693 1_1_0d EXIST::FUNCTION:CMS +OPENSSL_LH_stats_bio 3694 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_curve_GFp 3695 1_1_0d EXIST::FUNCTION:EC +BIGNUM_it 3696 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +BIGNUM_it 3696 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_get_pw_prompt 3697 1_1_0d EXIST::FUNCTION:UI +ESS_CERT_ID_new 3698 1_1_0d EXIST::FUNCTION:TS +BN_sub_word 3699 1_1_0d EXIST::FUNCTION: +ENGINE_register_all_RAND 3700 1_1_0d EXIST::FUNCTION:ENGINE +i2d_DSA_PUBKEY_bio 3701 1_1_0d EXIST::FUNCTION:DSA +CRYPTO_strdup 3702 1_1_0d EXIST::FUNCTION: +i2d_ECCSignature_fp 3703 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF,STDIO +CMS_final 3704 1_1_0d EXIST::FUNCTION:CMS +ASN1_PCTX_set_str_flags 3705 1_1_0d EXIST::FUNCTION: +SDF_OpenSession 3706 1_1_0d EXIST::FUNCTION: +UI_method_set_writer 3707 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_CTX_new_id 3708 1_1_0d EXIST::FUNCTION: +X509_to_X509_REQ 3709 1_1_0d EXIST::FUNCTION: +PEM_write_bio_PKCS8PrivateKey 3710 1_1_0d EXIST::FUNCTION: +BN_GF2m_arr2poly 3711 1_1_0d EXIST::FUNCTION:EC2M +ASIdOrRange_new 3712 1_1_0d EXIST::FUNCTION:RFC3779 +X509_TRUST_get_trust 3713 1_1_0d EXIST::FUNCTION: +ASIdentifierChoice_it 3714 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifierChoice_it 3714 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +EVP_sha224 3715 1_1_0d EXIST::FUNCTION: +X509_CRL_get_ext_d2i 3716 1_1_0d EXIST::FUNCTION: +EVP_PKEY_missing_parameters 3717 1_1_0d EXIST::FUNCTION: +BN_div_recp 3718 1_1_0d EXIST::FUNCTION: +i2d_TS_REQ_bio 3719 1_1_0d EXIST::FUNCTION:TS +OCSP_CERTSTATUS_free 3720 1_1_0d EXIST::FUNCTION:OCSP +BN_hash_to_range 3721 1_1_0d EXIST::FUNCTION: +X509_EXTENSION_it 3722 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_EXTENSION_it 3722 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509v3_asid_add_id_or_range 3723 1_1_0d EXIST::FUNCTION:RFC3779 +TS_CONF_set_clock_precision_digits 3724 1_1_0d EXIST::FUNCTION:TS +DES_crypt 3725 1_1_0d EXIST::FUNCTION:DES +X509_REQ_dup 3726 1_1_0d EXIST::FUNCTION: +sm3_hmac 3727 1_1_0d EXIST::FUNCTION:SM3 +SOF_GetUserList 3728 1_1_0d EXIST::FUNCTION: +EVP_PKEY_set_type_str 3729 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_write_lock 3730 1_1_0d EXIST::FUNCTION: +SM9_decrypt 3731 1_1_0d EXIST::FUNCTION:SM9 +Camellia_cfb128_encrypt 3732 1_1_0d EXIST::FUNCTION:CAMELLIA +ASN1_BIT_STRING_free 3733 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_DecodeDigestedData 3734 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kari_get0_orig_id 3735 1_1_0d EXIST::FUNCTION:CMS +OBJ_txt2nid 3736 1_1_0d EXIST::FUNCTION: +EC_get_builtin_curves 3737 1_1_0d EXIST::FUNCTION:EC +i2d_OCSP_SIGNATURE 3738 1_1_0d EXIST::FUNCTION:OCSP +X509_EXTENSION_dup 3739 1_1_0d EXIST::FUNCTION: +EC_POINT_point2bn 3740 1_1_0d EXIST::FUNCTION:EC +BUF_reverse 3741 1_1_0d EXIST::FUNCTION: +SOF_SignData 3742 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ec_scheme 3743 1_1_0d EXIST::FUNCTION:SM2 +ENGINE_get_ciphers 3744 1_1_0d EXIST::FUNCTION:ENGINE +ASN1_SCTX_set_app_data 3745 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_get_count 3746 1_1_0d EXIST::FUNCTION: +i2d_ASN1_INTEGER 3747 1_1_0d EXIST::FUNCTION: +SAF_VerifyCertificate 3748 1_1_0d EXIST::FUNCTION: +CONF_get1_default_config_file 3749 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_add1_ext_i2d 3750 1_1_0d EXIST::FUNCTION:OCSP +EVP_sha384 3751 1_1_0d EXIST:!VMSVAX:FUNCTION: +EC_KEY_new_from_ECCrefPublicKey 3752 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +POLICYINFO_it 3753 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICYINFO_it 3753 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EVP_aes_128_wrap 3754 1_1_0d EXIST::FUNCTION: +X509_REQ_get1_email 3755 1_1_0d EXIST::FUNCTION: +OPENSSL_INIT_new 3756 1_1_0d EXIST::FUNCTION: +BN_GFP2_one 3757 1_1_0d EXIST::FUNCTION: +d2i_AutoPrivateKey 3758 1_1_0d EXIST::FUNCTION: +i2d_ASN1_BMPSTRING 3759 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_get_ext_count 3760 1_1_0d EXIST::FUNCTION:OCSP +ASN1_BIT_STRING_set_asc 3761 1_1_0d EXIST::FUNCTION: +CAST_encrypt 3762 1_1_0d EXIST::FUNCTION:CAST +RAND_pseudo_bytes 3763 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +CRYPTO_ccm128_decrypt_ccm64 3764 1_1_0d EXIST::FUNCTION: +TS_REQ_get_policy_id 3765 1_1_0d EXIST::FUNCTION:TS +PKCS12_new 3766 1_1_0d EXIST::FUNCTION: +AES_unwrap_key 3767 1_1_0d EXIST::FUNCTION: +X509_sign 3768 1_1_0d EXIST::FUNCTION: +EVP_blake2b512 3769 1_1_0d EXIST::FUNCTION:BLAKE2 +SKF_DigestFinal 3770 1_1_0d EXIST::FUNCTION:SKF +BIO_meth_get_gets 3771 1_1_0d EXIST::FUNCTION: +PEM_write_bio_DHparams 3772 1_1_0d EXIST::FUNCTION:DH +PKCS7_ENC_CONTENT_free 3773 1_1_0d EXIST::FUNCTION: +X509_CRL_up_ref 3774 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_table_cleanup 3775 1_1_0d EXIST::FUNCTION: +DISPLAYTEXT_it 3776 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DISPLAYTEXT_it 3776 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +BIO_up_ref 3777 1_1_0d EXIST::FUNCTION: +SKF_ConnectDev 3778 1_1_0d EXIST::FUNCTION:SKF +ESS_SIGNING_CERT_dup 3779 1_1_0d EXIST::FUNCTION:TS +i2d_SCT_LIST 3780 1_1_0d EXIST::FUNCTION:CT +X509_LOOKUP_hash_dir 3781 1_1_0d EXIST::FUNCTION: +BIO_ADDR_service_string 3782 1_1_0d EXIST::FUNCTION:SOCK +SAF_DestroySymmAlgoObj 3783 1_1_0d EXIST::FUNCTION: +SM9PublicParameters_it 3784 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9PublicParameters_it 3784 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +BIO_get_md_ctx 3785 1_1_0d EXIST::FUNCTION: +OBJ_add_sigid 3786 1_1_0d EXIST::FUNCTION: +EVP_camellia_128_cfb8 3787 1_1_0d EXIST::FUNCTION:CAMELLIA +AUTHORITY_INFO_ACCESS_free 3788 1_1_0d EXIST::FUNCTION: +ENGINE_register_RSA 3789 1_1_0d EXIST::FUNCTION:ENGINE +EVP_CIPHER_block_size 3790 1_1_0d EXIST::FUNCTION: +DH_get0_engine 3791 1_1_0d EXIST::FUNCTION:DH +BIO_get_accept_socket 3792 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK +X509_NAME_ENTRY_set 3793 1_1_0d EXIST::FUNCTION: +sms4_ecb_encrypt 3794 1_1_0d EXIST::FUNCTION:SMS4 +ENGINE_finish 3795 1_1_0d EXIST::FUNCTION:ENGINE +TS_RESP_set_status_info 3796 1_1_0d EXIST::FUNCTION:TS +X509_getm_notAfter 3797 1_1_0d EXIST::FUNCTION: +SDF_ExternalVerify_ECC 3798 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_new 3799 1_1_0d EXIST::FUNCTION:TS +X509_STORE_set_check_issued 3800 1_1_0d EXIST::FUNCTION: +ECDH_KDF_X9_62 3801 1_1_0d EXIST::FUNCTION:EC +ERR_lib_error_string 3802 1_1_0d EXIST::FUNCTION: +EVP_mdc2 3803 1_1_0d EXIST::FUNCTION:MDC2 +X509_set_pubkey 3804 1_1_0d EXIST::FUNCTION: +ASN1_TIME_set_string 3805 1_1_0d EXIST::FUNCTION: +ASN1_STRING_length_set 3806 1_1_0d EXIST::FUNCTION: +TS_STATUS_INFO_get0_failure_info 3807 1_1_0d EXIST::FUNCTION:TS +BN_GENCB_new 3808 1_1_0d EXIST::FUNCTION: +CRYPTO_mem_leaks 3809 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +EC_GFp_nistp224_method 3810 1_1_0d EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128 +BN_bin2bn 3811 1_1_0d EXIST::FUNCTION: +CERTIFICATEPOLICIES_new 3812 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_set1_object 3813 1_1_0d EXIST::FUNCTION: +PKCS12_decrypt_skey 3814 1_1_0d EXIST::FUNCTION: +OBJ_nid2ln 3815 1_1_0d EXIST::FUNCTION: +SDF_DestroyKey 3816 1_1_0d EXIST::FUNCTION: +i2d_RSAPrivateKey 3817 1_1_0d EXIST::FUNCTION:RSA +i2v_GENERAL_NAME 3818 1_1_0d EXIST::FUNCTION: +X509_ALGOR_new 3819 1_1_0d EXIST::FUNCTION: +d2i_PrivateKey 3820 1_1_0d EXIST::FUNCTION: +SM9_sign 3821 1_1_0d EXIST::FUNCTION:SM9 +d2i_PKCS7_DIGEST 3822 1_1_0d EXIST::FUNCTION: +ASN1_SCTX_get_item 3823 1_1_0d EXIST::FUNCTION: +SHA1 3824 1_1_0d EXIST::FUNCTION: +PKCS12_init 3825 1_1_0d EXIST::FUNCTION: +TS_RESP_set_tst_info 3826 1_1_0d EXIST::FUNCTION:TS +SKF_GetAlgorName 3827 1_1_0d EXIST::FUNCTION:SKF +BN_mul_word 3828 1_1_0d EXIST::FUNCTION: +SKF_ECCExportSessionKey 3829 1_1_0d EXIST::FUNCTION:SKF +SOF_SignDataXML 3830 1_1_0d EXIST::FUNCTION: +i2d_DHparams 3831 1_1_0d EXIST::FUNCTION:DH +i2d_PKCS8_bio 3832 1_1_0d EXIST::FUNCTION: +sms4_encrypt 3833 1_1_0d EXIST::FUNCTION:SMS4 +OCSP_cert_to_id 3834 1_1_0d EXIST::FUNCTION:OCSP +EVP_DigestSignInit 3835 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_get0_peername 3836 1_1_0d EXIST::FUNCTION: +BIO_push 3837 1_1_0d EXIST::FUNCTION: +OCSP_RESPID_new 3838 1_1_0d EXIST::FUNCTION:OCSP +DIST_POINT_free 3839 1_1_0d EXIST::FUNCTION: +DIST_POINT_NAME_new 3840 1_1_0d EXIST::FUNCTION: +d2i_PKCS8_PRIV_KEY_INFO_bio 3841 1_1_0d EXIST::FUNCTION: +X509V3_EXT_d2i 3842 1_1_0d EXIST::FUNCTION: +OPENSSL_DIR_read 3843 1_1_0d EXIST::FUNCTION: +PEM_write_X509_REQ 3844 1_1_0d EXIST::FUNCTION:STDIO +PKCS12_pbe_crypt 3845 1_1_0d EXIST::FUNCTION: +EVP_aes_256_xts 3846 1_1_0d EXIST::FUNCTION: +RAND_write_file 3847 1_1_0d EXIST::FUNCTION: +X509V3_get_value_bool 3848 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyWithEPK_ECC 3849 1_1_0d EXIST::FUNCTION: +ENGINE_get_pkey_asn1_meth_str 3850 1_1_0d EXIST::FUNCTION:ENGINE +MDC2_Final 3851 1_1_0d EXIST::FUNCTION:MDC2 +PKCS7_dataDecode 3852 1_1_0d EXIST::FUNCTION: +BN_get0_nist_prime_192 3853 1_1_0d EXIST::FUNCTION: +PEM_write_bio_DSAparams 3854 1_1_0d EXIST::FUNCTION:DSA +ASN1_BIT_STRING_name_print 3855 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_it 3856 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_REQUEST_it 3856 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +EVP_CIPHER_CTX_clear_flags 3857 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_new 3858 1_1_0d EXIST::FUNCTION: +RAND_seed 3859 1_1_0d EXIST::FUNCTION: +i2d_ASN1_ENUMERATED 3860 1_1_0d EXIST::FUNCTION: +DSA_get0_pqg 3861 1_1_0d EXIST::FUNCTION:DSA +X509_EXTENSION_get_object 3862 1_1_0d EXIST::FUNCTION: +ECDSA_SIG_set0 3863 1_1_0d EXIST::FUNCTION:EC +SM9_signature_size 3864 1_1_0d EXIST::FUNCTION:SM9 +X509_NAME_ENTRY_it 3865 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_NAME_ENTRY_it 3865 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CMS_set1_signers_certs 3866 1_1_0d EXIST::FUNCTION:CMS +RSA_meth_set_verify 3867 1_1_0d EXIST::FUNCTION:RSA +X509_STORE_CTX_get_lookup_certs 3868 1_1_0d EXIST::FUNCTION: +BIO_ADDR_path_string 3869 1_1_0d EXIST::FUNCTION:SOCK +i2o_ECPublicKey 3870 1_1_0d EXIST::FUNCTION:EC +PEM_write_CMS 3871 1_1_0d EXIST::FUNCTION:CMS,STDIO +ENGINE_register_digests 3872 1_1_0d EXIST::FUNCTION:ENGINE +EVP_MD_pkey_type 3873 1_1_0d EXIST::FUNCTION: +DSO_pathbyaddr 3874 1_1_0d EXIST::FUNCTION: +d2i_PUBKEY_fp 3875 1_1_0d EXIST::FUNCTION:STDIO +EC_KEY_METHOD_get_sign 3876 1_1_0d EXIST::FUNCTION:EC +PBKDF2PARAM_free 3877 1_1_0d EXIST::FUNCTION: +ECDSA_SIG_new 3878 1_1_0d EXIST::FUNCTION:EC +d2i_PKCS7_ISSUER_AND_SERIAL 3879 1_1_0d EXIST::FUNCTION: +d2i_SM9MasterSecret 3880 1_1_0d EXIST::FUNCTION:SM9 +ERR_load_PAILLIER_strings 3881 1_1_0d EXIST::FUNCTION:PAILLIER +BIO_meth_get_read 3882 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_add0 3883 1_1_0d EXIST::FUNCTION: +i2d_SXNET 3884 1_1_0d EXIST::FUNCTION: +TS_RESP_new 3885 1_1_0d EXIST::FUNCTION:TS +PKCS7_RECIP_INFO_it 3886 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_RECIP_INFO_it 3886 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +i2d_TS_TST_INFO_fp 3887 1_1_0d EXIST::FUNCTION:STDIO,TS +i2d_ASN1_UNIVERSALSTRING 3888 1_1_0d EXIST::FUNCTION: +EVP_camellia_192_cbc 3889 1_1_0d EXIST::FUNCTION:CAMELLIA +i2d_TS_RESP_bio 3890 1_1_0d EXIST::FUNCTION:TS +TS_MSG_IMPRINT_set_msg 3891 1_1_0d EXIST::FUNCTION:TS +EVP_CipherUpdate 3892 1_1_0d EXIST::FUNCTION: +PEM_read_bio_PrivateKey 3893 1_1_0d EXIST::FUNCTION: +EC_POINT_clear_free 3894 1_1_0d EXIST::FUNCTION:EC +ECIES_do_encrypt 3895 1_1_0d EXIST::FUNCTION:ECIES +BN_BLINDING_set_flags 3896 1_1_0d EXIST::FUNCTION: +speck_set_encrypt_key16 3897 1_1_0d EXIST::FUNCTION:SPECK +EVP_PKEY_set_type 3898 1_1_0d EXIST::FUNCTION: +X509_SIG_it 3899 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_SIG_it 3899 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSO_global_lookup 3900 1_1_0d EXIST::FUNCTION: +ASN1_STRING_cmp 3901 1_1_0d EXIST::FUNCTION: +X509_REQ_get0_signature 3902 1_1_0d EXIST::FUNCTION: +RSA_verify_ASN1_OCTET_STRING 3903 1_1_0d EXIST::FUNCTION:RSA +d2i_PKCS8PrivateKey_fp 3904 1_1_0d EXIST::FUNCTION:STDIO +EVP_PKEY_asn1_new 3905 1_1_0d EXIST::FUNCTION: +EVP_camellia_128_cfb1 3906 1_1_0d EXIST::FUNCTION:CAMELLIA +DH_meth_set_finish 3907 1_1_0d EXIST::FUNCTION:DH +d2i_X509_SIG 3908 1_1_0d EXIST::FUNCTION: +CONF_imodule_set_flags 3909 1_1_0d EXIST::FUNCTION: +OPENSSL_init 3910 1_1_0d EXIST::FUNCTION: +X509_NAME_print 3911 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_SIGNED 3912 1_1_0d EXIST::FUNCTION: +i2d_ASN1_GENERALSTRING 3913 1_1_0d EXIST::FUNCTION: +DES_ede3_cfb_encrypt 3914 1_1_0d EXIST::FUNCTION:DES +ASIdentifierChoice_free 3915 1_1_0d EXIST::FUNCTION:RFC3779 +i2s_ASN1_ENUMERATED_TABLE 3916 1_1_0d EXIST::FUNCTION: +CONF_load_fp 3917 1_1_0d EXIST::FUNCTION:STDIO +ASN1_item_sign 3918 1_1_0d EXIST::FUNCTION: +ASN1_TIME_free 3919 1_1_0d EXIST::FUNCTION: +BN_set_bit 3920 1_1_0d EXIST::FUNCTION: +PKCS7_stream 3921 1_1_0d EXIST::FUNCTION: +ASN1_STRING_dup 3922 1_1_0d EXIST::FUNCTION: +X509_add_ext 3923 1_1_0d EXIST::FUNCTION: +ENGINE_set_default_EC 3924 1_1_0d EXIST::FUNCTION:ENGINE +BN_BLINDING_convert_ex 3925 1_1_0d EXIST::FUNCTION: +RSA_meth_set0_app_data 3926 1_1_0d EXIST::FUNCTION:RSA +UI_ctrl 3927 1_1_0d EXIST::FUNCTION:UI +OCSP_RESPID_set_by_name 3928 1_1_0d EXIST::FUNCTION:OCSP +MD5 3929 1_1_0d EXIST::FUNCTION:MD5 +PEM_write_X509_CRL 3930 1_1_0d EXIST::FUNCTION:STDIO +X509_get_pubkey 3931 1_1_0d EXIST::FUNCTION: +DSO_flags 3932 1_1_0d EXIST::FUNCTION: +OCSP_accept_responses_new 3933 1_1_0d EXIST::FUNCTION:OCSP +TLS_FEATURE_free 3934 1_1_0d EXIST::FUNCTION: +UI_OpenSSL 3935 1_1_0d EXIST::FUNCTION:UI +UI_get_default_method 3936 1_1_0d EXIST::FUNCTION:UI +RSA_verify_PKCS1_PSS 3937 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_set1_DSA 3938 1_1_0d EXIST::FUNCTION:DSA +DSA_meth_get0_name 3939 1_1_0d EXIST::FUNCTION:DSA +PEM_write_bio_X509_REQ 3940 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_mode 3941 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_cleanup 3942 1_1_0d EXIST::FUNCTION: +DH_set0_pqg 3943 1_1_0d EXIST::FUNCTION:DH +OCSP_SINGLERESP_it 3944 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_SINGLERESP_it 3944 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +ASN1_STRING_TABLE_get 3945 1_1_0d EXIST::FUNCTION: +d2i_PKCS12_BAGS 3946 1_1_0d EXIST::FUNCTION: +CMS_data_create 3947 1_1_0d EXIST::FUNCTION:CMS +RSA_meth_get_pub_dec 3948 1_1_0d EXIST::FUNCTION:RSA +ESS_ISSUER_SERIAL_free 3949 1_1_0d EXIST::FUNCTION:TS +ASN1_item_print 3950 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_8192 3951 1_1_0d EXIST::FUNCTION: +ASN1_OBJECT_it 3952 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OBJECT_it 3952 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSA_get_default_method 3953 1_1_0d EXIST::FUNCTION:DSA +RSA_PSS_PARAMS_free 3954 1_1_0d EXIST::FUNCTION:RSA +ESS_SIGNING_CERT_free 3955 1_1_0d EXIST::FUNCTION:TS +BIO_get_ex_data 3956 1_1_0d EXIST::FUNCTION: +UI_add_error_string 3957 1_1_0d EXIST::FUNCTION:UI +SDF_WriteFile 3958 1_1_0d EXIST::FUNCTION: +BB1IBE_encrypt 3959 1_1_0d EXIST::FUNCTION:BB1IBE +ENGINE_set_RSA 3960 1_1_0d EXIST::FUNCTION:ENGINE +X509_issuer_and_serial_hash 3961 1_1_0d EXIST::FUNCTION: +DES_ede3_ofb64_encrypt 3962 1_1_0d EXIST::FUNCTION:DES +X509_find_by_issuer_and_serial 3963 1_1_0d EXIST::FUNCTION: +TS_ext_print_bio 3964 1_1_0d EXIST::FUNCTION:TS +CMS_get0_signers 3965 1_1_0d EXIST::FUNCTION:CMS +BIO_pop 3966 1_1_0d EXIST::FUNCTION: +CMS_is_detached 3967 1_1_0d EXIST::FUNCTION:CMS +PKCS7_SIGNED_free 3968 1_1_0d EXIST::FUNCTION: +X509_REQ_sign 3969 1_1_0d EXIST::FUNCTION: +CONF_set_nconf 3970 1_1_0d EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GFp 3971 1_1_0d EXIST::FUNCTION:EC +X509v3_asid_validate_path 3972 1_1_0d EXIST::FUNCTION:RFC3779 +i2d_OCSP_REQUEST 3973 1_1_0d EXIST::FUNCTION:OCSP +SHA512_Update 3974 1_1_0d EXIST:!VMSVAX:FUNCTION: +d2i_ASN1_UNIVERSALSTRING 3975 1_1_0d EXIST::FUNCTION: +BN_CTX_get 3976 1_1_0d EXIST::FUNCTION: +ASN1_item_d2i_fp 3977 1_1_0d EXIST::FUNCTION:STDIO +OPENSSL_add_all_algorithms_conf 3978 1_1_0d EXIST::FUNCTION: +ENGINE_register_ciphers 3979 1_1_0d EXIST::FUNCTION:ENGINE +DSA_new 3980 1_1_0d EXIST::FUNCTION:DSA +BN_BLINDING_set_current_thread 3981 1_1_0d EXIST::FUNCTION: +d2i_ASIdOrRange 3982 1_1_0d EXIST::FUNCTION:RFC3779 +Camellia_ofb128_encrypt 3983 1_1_0d EXIST::FUNCTION:CAMELLIA +BN_bn2dec 3984 1_1_0d EXIST::FUNCTION: +PBE2PARAM_free 3985 1_1_0d EXIST::FUNCTION: +DSA_set_flags 3986 1_1_0d EXIST::FUNCTION:DSA +ENGINE_get_DH 3987 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_CTX_hex2ctrl 3988 1_1_0d EXIST::FUNCTION: +COMP_zlib 3989 1_1_0d EXIST::FUNCTION:COMP +EVP_des_ede3_ofb 3990 1_1_0d EXIST::FUNCTION:DES +OBJ_create 3991 1_1_0d EXIST::FUNCTION: +ERR_load_CPK_strings 3992 1_1_0d EXIST::FUNCTION:CPK +speck_set_encrypt_key64 3993 1_1_0d EXIST::FUNCTION:SPECK +EVP_aes_128_cbc_hmac_sha1 3994 1_1_0d EXIST::FUNCTION: +BIO_set_cipher 3995 1_1_0d EXIST::FUNCTION: +PKCS12_add_safes 3996 1_1_0d EXIST::FUNCTION: +ERR_load_SAF_strings 3997 1_1_0d EXIST::FUNCTION:SAF +RSA_set_flags 3998 1_1_0d EXIST::FUNCTION:RSA +CONF_modules_load_file 3999 1_1_0d EXIST::FUNCTION: +ECDSA_sign_setup 4000 1_1_0d EXIST::FUNCTION:EC +zuc_ctx_init 4001 1_1_0d EXIST::FUNCTION:ZUC +X509_get_default_private_dir 4002 1_1_0d EXIST::FUNCTION: +EVP_camellia_128_ofb 4003 1_1_0d EXIST::FUNCTION:CAMELLIA +X509_http_nbio 4004 1_1_0d EXIST::FUNCTION:OCSP +X509_CRL_add0_revoked 4005 1_1_0d EXIST::FUNCTION: +X509_NAME_it 4006 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_NAME_it 4006 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CMS_RecipientInfo_ktri_get0_algs 4007 1_1_0d EXIST::FUNCTION:CMS +EC_KEY_get_ECCrefPrivateKey 4008 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +ASN1_ENUMERATED_it 4009 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_ENUMERATED_it 4009 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_NAME_ENTRY_free 4010 1_1_0d EXIST::FUNCTION: +EVP_MD_meth_get_flags 4011 1_1_0d EXIST::FUNCTION: +SM9PublicParameters_free 4012 1_1_0d EXIST::FUNCTION:SM9 +ERR_load_RSA_strings 4013 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_get_ECCrefPublicKey 4014 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +X509_CERT_AUX_new 4015 1_1_0d EXIST::FUNCTION: +X509_CRL_get0_extensions 4016 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_free 4017 1_1_0d EXIST::FUNCTION: +EVP_aes_256_ofb 4018 1_1_0d EXIST::FUNCTION: +EC_POINT_oct2point 4019 1_1_0d EXIST::FUNCTION:EC +OCSP_request_set1_name 4020 1_1_0d EXIST::FUNCTION:OCSP +X509V3_EXT_REQ_add_conf 4021 1_1_0d EXIST::FUNCTION: +PKCS7_SIGNED_it 4022 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_SIGNED_it 4022 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_STATUS_INFO_dup 4023 1_1_0d EXIST::FUNCTION:TS +BIO_meth_set_read 4024 1_1_0d EXIST::FUNCTION: +X509_set_subject_name 4025 1_1_0d EXIST::FUNCTION: +RSA_new_from_RSAPUBLICKEYBLOB 4026 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +X509_STORE_CTX_set_current_cert 4027 1_1_0d EXIST::FUNCTION: +OCSP_ONEREQ_get_ext_by_NID 4028 1_1_0d EXIST::FUNCTION:OCSP +ERR_func_error_string 4029 1_1_0d EXIST::FUNCTION: +CMS_add_simple_smimecap 4030 1_1_0d EXIST::FUNCTION:CMS +EVP_PKEY_type 4031 1_1_0d EXIST::FUNCTION: +UTF8_putc 4032 1_1_0d EXIST::FUNCTION: +BN_lebin2bn 4033 1_1_0d EXIST::FUNCTION: +ASN1_GENERALIZEDTIME_set 4034 1_1_0d EXIST::FUNCTION: +ENGINE_add_conf_module 4035 1_1_0d EXIST::FUNCTION:ENGINE +BIO_dump_indent 4036 1_1_0d EXIST::FUNCTION: +X509_ATTRIBUTE_get0_object 4037 1_1_0d EXIST::FUNCTION: +BN_consttime_swap 4038 1_1_0d EXIST::FUNCTION: +SAF_RemoveRootCaCertificate 4039 1_1_0d EXIST::FUNCTION: +i2d_SXNETID 4040 1_1_0d EXIST::FUNCTION: +EVP_MD_get_sgd 4041 1_1_0d EXIST::FUNCTION:GMAPI +X509_STORE_set_check_revocation 4042 1_1_0d EXIST::FUNCTION: +d2i_RSAPublicKey 4043 1_1_0d EXIST::FUNCTION:RSA +EVP_ENCODE_CTX_num 4044 1_1_0d EXIST::FUNCTION: +SXNET_add_id_INTEGER 4045 1_1_0d EXIST::FUNCTION: +ASN1_OCTET_STRING_free 4046 1_1_0d EXIST::FUNCTION: +OCSP_request_is_signed 4047 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_dup 4048 1_1_0d EXIST::FUNCTION: +PEM_read_bio_PUBKEY 4049 1_1_0d EXIST::FUNCTION: +d2i_OCSP_CERTID 4050 1_1_0d EXIST::FUNCTION:OCSP +DH_set_length 4051 1_1_0d EXIST::FUNCTION:DH +d2i_SM9PublicKey 4052 1_1_0d EXIST::FUNCTION:SM9 +ENGINE_set_load_pubkey_function 4053 1_1_0d EXIST::FUNCTION:ENGINE +ASN1_BIT_STRING_set 4054 1_1_0d EXIST::FUNCTION: +EVP_ENCODE_LENGTH 4055 1_1_0d EXIST::FUNCTION: +ECPARAMETERS_it 4056 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC +ECPARAMETERS_it 4056 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC +i2d_PKCS8_PRIV_KEY_INFO_bio 4057 1_1_0d EXIST::FUNCTION: +d2i_DIST_POINT 4058 1_1_0d EXIST::FUNCTION: +OCSP_REQUEST_free 4059 1_1_0d EXIST::FUNCTION:OCSP +X509V3_set_nconf 4060 1_1_0d EXIST::FUNCTION: +EVP_md2 4061 1_1_0d EXIST::FUNCTION:MD2 +SDF_GenerateKeyWithIPK_RSA 4062 1_1_0d EXIST::FUNCTION: +EC_KEY_new_method 4063 1_1_0d EXIST::FUNCTION:EC +X509V3_EXT_add_nconf_sk 4064 1_1_0d EXIST::FUNCTION: +ASN1_check_infinite_end 4065 1_1_0d EXIST::FUNCTION: +ENGINE_get_first 4066 1_1_0d EXIST::FUNCTION:ENGINE +X509_NAME_ENTRY_get_data 4067 1_1_0d EXIST::FUNCTION: +BN_is_negative 4068 1_1_0d EXIST::FUNCTION: +CMS_add0_CertificateChoices 4069 1_1_0d EXIST::FUNCTION:CMS +SRP_create_verifier 4070 1_1_0d EXIST::FUNCTION:SRP +RSA_meth_set_mod_exp 4071 1_1_0d EXIST::FUNCTION:RSA +BN_num_bits_word 4072 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_set_cmp_func 4073 1_1_0d EXIST::FUNCTION: +SM2CiphertextValue_set_ECCCIPHERBLOB 4074 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF,SM2 +X509_VERIFY_PARAM_get0_name 4075 1_1_0d EXIST::FUNCTION: +IPAddressRange_new 4076 1_1_0d EXIST::FUNCTION:RFC3779 +_shadow_DES_check_key 4077 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES +_shadow_DES_check_key 4077 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES +SM9MasterSecret_new 4078 1_1_0d EXIST::FUNCTION:SM9 +ENGINE_register_all_EC 4079 1_1_0d EXIST::FUNCTION:ENGINE +OCSP_REQ_CTX_nbio 4080 1_1_0d EXIST::FUNCTION:OCSP +SAF_Base64_Encode 4081 1_1_0d EXIST::FUNCTION: +d2i_BB1PublicParameters 4082 1_1_0d EXIST::FUNCTION:BB1IBE +PKCS7_ATTR_SIGN_it 4083 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ATTR_SIGN_it 4083 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CRYPTO_gcm128_encrypt 4084 1_1_0d EXIST::FUNCTION: +BIO_new_fd 4085 1_1_0d EXIST::FUNCTION: +ASIdentifiers_new 4086 1_1_0d EXIST::FUNCTION:RFC3779 +BN_GF2m_mod_sqrt 4087 1_1_0d EXIST::FUNCTION:EC2M +PEM_read_bio_RSAPublicKey 4088 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_METHOD_set_init 4089 1_1_0d EXIST::FUNCTION:EC +SCT_validation_status_string 4090 1_1_0d EXIST::FUNCTION:CT +ZLONG_it 4091 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ZLONG_it 4091 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +OPENSSL_memcmp 4092 1_1_0d EXIST::FUNCTION: +OPENSSL_LH_doall_arg 4093 1_1_0d EXIST::FUNCTION: +SKF_GenerateAgreementDataWithECC 4094 1_1_0d EXIST::FUNCTION:SKF +PEM_write_bio_RSAPrivateKey 4095 1_1_0d EXIST::FUNCTION:RSA +X509_REQ_get_signature_nid 4096 1_1_0d EXIST::FUNCTION: +ASYNC_get_current_job 4097 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyPair_RSA 4098 1_1_0d EXIST::FUNCTION: +X509_ALGOR_set0 4099 1_1_0d EXIST::FUNCTION: +NCONF_WIN32 4100 1_1_0d EXIST::FUNCTION: +i2d_EC_PUBKEY_bio 4101 1_1_0d EXIST::FUNCTION:EC +ASN1_tag2bit 4102 1_1_0d EXIST::FUNCTION: +d2i_DSA_PUBKEY_bio 4103 1_1_0d EXIST::FUNCTION:DSA +X509_PURPOSE_set 4104 1_1_0d EXIST::FUNCTION: +BIO_s_secmem 4105 1_1_0d EXIST::FUNCTION: +EC_GROUP_check_discriminant 4106 1_1_0d EXIST::FUNCTION:EC +d2i_RSA_PUBKEY_fp 4107 1_1_0d EXIST::FUNCTION:RSA,STDIO +DH_new_method 4108 1_1_0d EXIST::FUNCTION:DH +X509at_add1_attr_by_NID 4109 1_1_0d EXIST::FUNCTION: +X509v3_addr_canonize 4110 1_1_0d EXIST::FUNCTION:RFC3779 +PEM_write_bio_RSAPublicKey 4111 1_1_0d EXIST::FUNCTION:RSA +BN_is_one 4112 1_1_0d EXIST::FUNCTION: +PEM_read_bio_X509 4113 1_1_0d EXIST::FUNCTION: +TS_MSG_IMPRINT_set_algo 4114 1_1_0d EXIST::FUNCTION:TS +TS_VERIFY_CTX_init 4115 1_1_0d EXIST::FUNCTION:TS +SAF_GetExtTypeInfo 4116 1_1_0d EXIST::FUNCTION: +ERR_unload_strings 4117 1_1_0d EXIST::FUNCTION: +DES_cbc_cksum 4118 1_1_0d EXIST::FUNCTION:DES +BN_mpi2bn 4119 1_1_0d EXIST::FUNCTION: +ASN1_TBOOLEAN_it 4120 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_TBOOLEAN_it 4120 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +CMS_ReceiptRequest_free 4121 1_1_0d EXIST::FUNCTION:CMS +CMS_add1_ReceiptRequest 4122 1_1_0d EXIST::FUNCTION:CMS +X509_policy_tree_free 4123 1_1_0d EXIST::FUNCTION: +DH_meth_set_generate_key 4124 1_1_0d EXIST::FUNCTION:DH +ECPARAMETERS_free 4125 1_1_0d EXIST::FUNCTION:EC +X509_verify_cert_error_string 4126 1_1_0d EXIST::FUNCTION: +ENGINE_get_finish_function 4127 1_1_0d EXIST::FUNCTION:ENGINE +PKCS7_set_cipher 4128 1_1_0d EXIST::FUNCTION: +X509_print_fp 4129 1_1_0d EXIST::FUNCTION:STDIO +EVP_CIPHER_set_asn1_iv 4130 1_1_0d EXIST::FUNCTION: +SDF_GenerateKeyPair_ECC 4131 1_1_0d EXIST::FUNCTION: +SAF_AddCaCertificate 4132 1_1_0d EXIST::FUNCTION: +IPAddressFamily_new 4133 1_1_0d EXIST::FUNCTION:RFC3779 +NOTICEREF_new 4134 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_value 4135 1_1_0d EXIST::FUNCTION: +X509_REQ_add1_attr_by_OBJ 4136 1_1_0d EXIST::FUNCTION: +SCT_get0_extensions 4137 1_1_0d EXIST::FUNCTION:CT +SM9_do_decrypt 4138 1_1_0d EXIST::FUNCTION:SM9 +EC_KEY_oct2priv 4139 1_1_0d EXIST::FUNCTION:EC +CMS_add_smimecap 4140 1_1_0d EXIST::FUNCTION:CMS +X509V3_EXT_add_list 4141 1_1_0d EXIST::FUNCTION: +CMS_get0_RecipientInfos 4142 1_1_0d EXIST::FUNCTION:CMS +TS_REQ_get_ext_d2i 4143 1_1_0d EXIST::FUNCTION:TS +ENGINE_pkey_asn1_find_str 4144 1_1_0d EXIST::FUNCTION:ENGINE +DSA_SIG_get0 4145 1_1_0d EXIST::FUNCTION:DSA +ASN1_BIT_STRING_set_bit 4146 1_1_0d EXIST::FUNCTION: +BN_GF2m_add 4147 1_1_0d EXIST::FUNCTION:EC2M +ECDSA_SIG_get_ECCSignature 4148 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +RSA_public_encrypt 4149 1_1_0d EXIST::FUNCTION:RSA +UI_UTIL_read_pw 4150 1_1_0d EXIST::FUNCTION:UI +POLICY_MAPPINGS_it 4151 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPINGS_it 4151 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_RESP_get_token 4152 1_1_0d EXIST::FUNCTION:TS +ASN1_TYPE_new 4153 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_set_nonce 4154 1_1_0d EXIST::FUNCTION:TS +i2o_SCT 4155 1_1_0d EXIST::FUNCTION:CT +ASN1_put_eoc 4156 1_1_0d EXIST::FUNCTION: +SM9PrivateKey_new 4157 1_1_0d EXIST::FUNCTION:SM9 +EDIPARTYNAME_it 4158 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +EDIPARTYNAME_it 4158 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SAF_Logout 4159 1_1_0d EXIST::FUNCTION: +SKF_PrintECCPublicKey 4160 1_1_0d EXIST::FUNCTION:SKF +ENGINE_unregister_digests 4161 1_1_0d EXIST::FUNCTION:ENGINE +SHA1_Final 4162 1_1_0d EXIST::FUNCTION: +PAILLIER_check_key 4163 1_1_0d EXIST::FUNCTION:PAILLIER +PKCS8_get_attr 4164 1_1_0d EXIST::FUNCTION: +TS_REQ_get_msg_imprint 4165 1_1_0d EXIST::FUNCTION:TS +SM9MasterSecret_free 4166 1_1_0d EXIST::FUNCTION:SM9 +i2d_OCSP_RESPBYTES 4167 1_1_0d EXIST::FUNCTION:OCSP +X509_ATTRIBUTE_create_by_txt 4168 1_1_0d EXIST::FUNCTION: +POLICY_CONSTRAINTS_new 4169 1_1_0d EXIST::FUNCTION: +RSA_PSS_PARAMS_it 4170 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA +RSA_PSS_PARAMS_it 4170 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA +RSA_set_ex_data 4171 1_1_0d EXIST::FUNCTION:RSA +EVP_cast5_ofb 4172 1_1_0d EXIST::FUNCTION:CAST +CMS_add1_cert 4173 1_1_0d EXIST::FUNCTION:CMS +SAF_GetCertificateStateByOCSP 4174 1_1_0d EXIST::FUNCTION: +X509_PURPOSE_cleanup 4175 1_1_0d EXIST::FUNCTION: +SAF_AddCrl 4176 1_1_0d EXIST::FUNCTION: +SAF_EccPublicKeyEnc 4177 1_1_0d EXIST::FUNCTION: +ENGINE_unregister_DH 4178 1_1_0d EXIST::FUNCTION:ENGINE +CRYPTO_ccm128_tag 4179 1_1_0d EXIST::FUNCTION: +EVP_camellia_256_ctr 4180 1_1_0d EXIST::FUNCTION:CAMELLIA +ASN1_ANY_it 4181 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_ANY_it 4181 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_RSAPrivateKey 4182 1_1_0d EXIST::FUNCTION:RSA +BN_mod_lshift1 4183 1_1_0d EXIST::FUNCTION: +PKCS7_add_signature 4184 1_1_0d EXIST::FUNCTION: +SKF_CloseHandle 4185 1_1_0d EXIST::FUNCTION:SKF +i2d_RSAPublicKey_bio 4186 1_1_0d EXIST::FUNCTION:RSA +d2i_X509_fp 4187 1_1_0d EXIST::FUNCTION:STDIO +EC_POINT_point2hex 4188 1_1_0d EXIST::FUNCTION:EC +EVP_rc5_32_12_16_cbc 4189 1_1_0d EXIST::FUNCTION:RC5 +EVP_PKEY_meth_set_keygen 4190 1_1_0d EXIST::FUNCTION: +TS_CONF_set_default_engine 4191 1_1_0d EXIST::FUNCTION:ENGINE,TS +i2d_DSAparams 4192 1_1_0d EXIST::FUNCTION:DSA +SAF_EccPublicKeyEncByCert 4193 1_1_0d EXIST::FUNCTION: +PKCS7_print_ctx 4194 1_1_0d EXIST::FUNCTION: +RAND_set_rand_engine 4195 1_1_0d EXIST::FUNCTION:ENGINE +DES_key_sched 4196 1_1_0d EXIST::FUNCTION:DES +BN_options 4197 1_1_0d EXIST::FUNCTION: +eea3 4198 1_1_0d EXIST::FUNCTION:ZUC +ASN1_PCTX_get_str_flags 4199 1_1_0d EXIST::FUNCTION: +UI_method_set_flusher 4200 1_1_0d EXIST::FUNCTION:UI +X509_STORE_add_lookup 4201 1_1_0d EXIST::FUNCTION: +EC_POINT_dbl 4202 1_1_0d EXIST::FUNCTION:EC +RSA_set_RSAPRIVATEKEYBLOB 4203 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +OCSP_id_cmp 4204 1_1_0d EXIST::FUNCTION:OCSP +PKCS12_add_cert 4205 1_1_0d EXIST::FUNCTION: +BFPublicParameters_it 4206 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BFIBE +BFPublicParameters_it 4206 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BFIBE +SKF_GetDevStateName 4207 1_1_0d EXIST::FUNCTION:SKF +IDEA_ofb64_encrypt 4208 1_1_0d EXIST::FUNCTION:IDEA +X509_gmtime_adj 4209 1_1_0d EXIST::FUNCTION: +SMIME_text 4210 1_1_0d EXIST::FUNCTION: +PKCS7_add_signed_attribute 4211 1_1_0d EXIST::FUNCTION: +X509_set1_notAfter 4212 1_1_0d EXIST::FUNCTION: +d2i_X509_PUBKEY 4213 1_1_0d EXIST::FUNCTION: +i2d_ASN1_BIT_STRING 4214 1_1_0d EXIST::FUNCTION: +PEM_dek_info 4215 1_1_0d EXIST::FUNCTION: +SCT_new 4216 1_1_0d EXIST::FUNCTION:CT +BN_div_word 4217 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_status_info_cond 4218 1_1_0d EXIST::FUNCTION:TS +X509_REVOKED_get_ext_d2i 4219 1_1_0d EXIST::FUNCTION: +EVP_aes_192_ctr 4220 1_1_0d EXIST::FUNCTION: +PKCS8_PRIV_KEY_INFO_free 4221 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_CTX_init 4222 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_cleanup 4223 1_1_0d EXIST::FUNCTION: +OCSP_SIGNATURE_new 4224 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_get_issuer_and_serial 4225 1_1_0d EXIST::FUNCTION: +X509v3_delete_ext 4226 1_1_0d EXIST::FUNCTION: +PKCS7_add_crl 4227 1_1_0d EXIST::FUNCTION: +SDF_ExternalPublicKeyOperation_RSA 4228 1_1_0d EXIST::FUNCTION: +BN_mod_sub_quick 4229 1_1_0d EXIST::FUNCTION: +BIO_accept 4230 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SOCK +OCSP_REQUEST_add1_ext_i2d 4231 1_1_0d EXIST::FUNCTION:OCSP +IDEA_cfb64_encrypt 4232 1_1_0d EXIST::FUNCTION:IDEA +OBJ_bsearch_ex_ 4233 1_1_0d EXIST::FUNCTION: +CONF_load_bio 4234 1_1_0d EXIST::FUNCTION: +SAF_EnumCertificates 4235 1_1_0d EXIST::FUNCTION: +PAILLIER_encrypt 4236 1_1_0d EXIST::FUNCTION:PAILLIER +SAF_HashUpdate 4237 1_1_0d EXIST::FUNCTION: +PEM_read_bio_X509_CRL 4238 1_1_0d EXIST::FUNCTION: +ERR_error_string_n 4239 1_1_0d EXIST::FUNCTION: +i2d_X509_REQ_bio 4240 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_unlock 4241 1_1_0d EXIST::FUNCTION: +d2i_ESS_CERT_ID 4242 1_1_0d EXIST::FUNCTION:TS +BN_get_flags 4243 1_1_0d EXIST::FUNCTION: +X509_check_trust 4244 1_1_0d EXIST::FUNCTION: +i2d_ECParameters 4245 1_1_0d EXIST::FUNCTION:EC +CRYPTO_gcm128_init 4246 1_1_0d EXIST::FUNCTION: +EVP_aes_128_ccm 4247 1_1_0d EXIST::FUNCTION: +PKCS12_set_mac 4248 1_1_0d EXIST::FUNCTION: +d2i_PKCS12 4249 1_1_0d EXIST::FUNCTION: +EC_POINT_get_affine_coordinates_GF2m 4250 1_1_0d EXIST::FUNCTION:EC,EC2M +X509_STORE_CTX_get_by_subject 4251 1_1_0d EXIST::FUNCTION: +RSA_new_from_RSAPRIVATEKEYBLOB 4252 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SKF +i2b_PublicKey_bio 4253 1_1_0d EXIST::FUNCTION:DSA +RSA_meth_free 4254 1_1_0d EXIST::FUNCTION:RSA +ASN1_BIT_STRING_new 4255 1_1_0d EXIST::FUNCTION: +PEM_read_DSAPrivateKey 4256 1_1_0d EXIST::FUNCTION:DSA,STDIO +X509_get0_reject_objects 4257 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_lookup 4258 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_do_all_sorted 4259 1_1_0d EXIST::FUNCTION: +SOF_VerifySignedMessageDetach 4260 1_1_0d EXIST::FUNCTION: +PKCS7_ENVELOPE_new 4261 1_1_0d EXIST::FUNCTION: +MD4_Transform 4262 1_1_0d EXIST::FUNCTION:MD4 +PKCS5_PBKDF2_HMAC_SHA1 4263 1_1_0d EXIST::FUNCTION:SHA +OPENSSL_sk_set 4264 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_decrypt 4265 1_1_0d EXIST::FUNCTION:CMS +EVP_PKEY_asn1_add_alias 4266 1_1_0d EXIST::FUNCTION: +EVP_PKEY_copy_parameters 4267 1_1_0d EXIST::FUNCTION: +SMIME_crlf_copy 4268 1_1_0d EXIST::FUNCTION: +SKF_EncryptUpdate 4269 1_1_0d EXIST::FUNCTION:SKF +ASN1_PRINTABLE_free 4270 1_1_0d EXIST::FUNCTION: +PEM_read_PKCS8 4271 1_1_0d EXIST::FUNCTION:STDIO +RSA_sign 4272 1_1_0d EXIST::FUNCTION:RSA +RSA_set0_key 4273 1_1_0d EXIST::FUNCTION:RSA +EVP_CIPHER_meth_get_do_cipher 4274 1_1_0d EXIST::FUNCTION: +BN_free 4275 1_1_0d EXIST::FUNCTION: +SRP_Calc_client_key 4276 1_1_0d EXIST::FUNCTION:SRP +i2d_RSA_PSS_PARAMS 4277 1_1_0d EXIST::FUNCTION:RSA +X509_get_extended_key_usage 4278 1_1_0d EXIST::FUNCTION: +TS_REQ_get_ext_count 4279 1_1_0d EXIST::FUNCTION:TS +FFX_compute_luhn 4280 1_1_0d EXIST::FUNCTION: +EVP_PKEY_id 4281 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_signature_md 4282 1_1_0d EXIST::FUNCTION: +d2i_NETSCAPE_SPKAC 4283 1_1_0d EXIST::FUNCTION: +NOTICEREF_it 4284 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NOTICEREF_it 4284 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSA_SIG_set0 4285 1_1_0d EXIST::FUNCTION:DSA +CTLOG_new_from_base64 4286 1_1_0d EXIST::FUNCTION:CT +RSA_blinding_on 4287 1_1_0d EXIST::FUNCTION:RSA +PEM_write_NETSCAPE_CERT_SEQUENCE 4288 1_1_0d EXIST::FUNCTION:STDIO +ASIdentifiers_it 4289 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779 +ASIdentifiers_it 4289 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779 +i2d_ASIdentifiers 4290 1_1_0d EXIST::FUNCTION:RFC3779 +EVP_get_cipherbyobj 4291 1_1_0d EXIST::FUNCTION: +CONF_modules_finish 4292 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_inv_arr 4293 1_1_0d EXIST::FUNCTION:EC2M +PKCS12_unpack_p7data 4294 1_1_0d EXIST::FUNCTION: +DSA_meth_set1_name 4295 1_1_0d EXIST::FUNCTION:DSA +EVP_MD_CTX_set_update_fn 4296 1_1_0d EXIST::FUNCTION: +BIO_f_buffer 4297 1_1_0d EXIST::FUNCTION: +SCT_set_timestamp 4298 1_1_0d EXIST::FUNCTION:CT +i2d_CMS_bio_stream 4299 1_1_0d EXIST::FUNCTION:CMS +UI_process 4300 1_1_0d EXIST::FUNCTION:UI +PKCS12_SAFEBAG_create0_p8inf 4301 1_1_0d EXIST::FUNCTION: +BFPublicParameters_free 4302 1_1_0d EXIST::FUNCTION:BFIBE +CRYPTO_nistcts128_encrypt_block 4303 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_type1curve_zeta 4304 1_1_0d EXIST::FUNCTION: +BN_uadd 4305 1_1_0d EXIST::FUNCTION: +BN_nist_mod_384 4306 1_1_0d EXIST::FUNCTION: +CPK_PUBLIC_PARAMS_extract_public_key 4307 1_1_0d EXIST::FUNCTION:CPK +EVP_aes_256_ecb 4308 1_1_0d EXIST::FUNCTION: +SRP_Verify_B_mod_N 4309 1_1_0d EXIST::FUNCTION:SRP +X509_load_cert_file 4310 1_1_0d EXIST::FUNCTION: +d2i_EDIPARTYNAME 4311 1_1_0d EXIST::FUNCTION: +EVP_aes_192_wrap 4312 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_kari_orig_id_cmp 4313 1_1_0d EXIST::FUNCTION:CMS +sms4_encrypt_init 4314 1_1_0d EXIST::FUNCTION:SMS4 +BIO_listen 4315 1_1_0d EXIST::FUNCTION:SOCK +d2i_GENERAL_NAMES 4316 1_1_0d EXIST::FUNCTION: +i2d_ECPrivateKey_fp 4317 1_1_0d EXIST::FUNCTION:EC,STDIO +CRYPTO_ofb128_encrypt 4318 1_1_0d EXIST::FUNCTION: +ASN1_item_new 4319 1_1_0d EXIST::FUNCTION: +X509_CRL_delete_ext 4320 1_1_0d EXIST::FUNCTION: +X509_REQ_INFO_free 4321 1_1_0d EXIST::FUNCTION: +PKCS7_final 4322 1_1_0d EXIST::FUNCTION: +DSA_meth_get_keygen 4323 1_1_0d EXIST::FUNCTION:DSA +d2i_OCSP_RESPID 4324 1_1_0d EXIST::FUNCTION:OCSP +PEM_read_bio_DSAparams 4325 1_1_0d EXIST::FUNCTION:DSA +i2d_re_X509_CRL_tbs 4326 1_1_0d EXIST::FUNCTION: +BN_get_rfc3526_prime_3072 4327 1_1_0d EXIST::FUNCTION: +EC_type1curve_tate_ratio 4328 1_1_0d EXIST::FUNCTION: +X509_REQ_add1_attr_by_NID 4329 1_1_0d EXIST::FUNCTION: +PKCS7_simple_smimecap 4330 1_1_0d EXIST::FUNCTION: +OPENSSL_gmtime_adj 4331 1_1_0d EXIST::FUNCTION: +EVP_cast5_cbc 4332 1_1_0d EXIST::FUNCTION:CAST +PEM_read_RSA_PUBKEY 4333 1_1_0d EXIST::FUNCTION:RSA,STDIO +X509_PURPOSE_get_trust 4334 1_1_0d EXIST::FUNCTION: +MD5_Transform 4335 1_1_0d EXIST::FUNCTION:MD5 +EVP_CipherInit 4336 1_1_0d EXIST::FUNCTION: +X509_PUBKEY_get0 4337 1_1_0d EXIST::FUNCTION: +i2d_PKCS8PrivateKey_nid_fp 4338 1_1_0d EXIST::FUNCTION:STDIO +X509_INFO_new 4339 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_mac_key 4340 1_1_0d EXIST::FUNCTION: +ECDSA_do_sign 4341 1_1_0d EXIST::FUNCTION:EC +X509_STORE_CTX_get_get_crl 4342 1_1_0d EXIST::FUNCTION: +DH_meth_set0_app_data 4343 1_1_0d EXIST::FUNCTION:DH +DSO_convert_filename 4344 1_1_0d EXIST::FUNCTION: +AES_ofb128_encrypt 4345 1_1_0d EXIST::FUNCTION: +ERR_peek_last_error 4346 1_1_0d EXIST::FUNCTION: +SM2_compute_message_digest 4347 1_1_0d EXIST::FUNCTION:SM2 +X509_NAME_ENTRY_set_data 4348 1_1_0d EXIST::FUNCTION: +SCT_get_source 4349 1_1_0d EXIST::FUNCTION:CT +EVP_get_digestnames 4350 1_1_0d EXIST::FUNCTION: +BIO_dgram_sctp_msg_waiting 4351 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +SKF_RSASignData 4352 1_1_0d EXIST::FUNCTION:SKF +i2d_DSAPublicKey 4353 1_1_0d EXIST::FUNCTION:DSA +BIO_meth_get_ctrl 4354 1_1_0d EXIST::FUNCTION: +BUF_MEM_new 4355 1_1_0d EXIST::FUNCTION: +DH_get_default_method 4356 1_1_0d EXIST::FUNCTION:DH +EC_type1curve_tate 4357 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_get0_pkey 4358 1_1_0d EXIST::FUNCTION: +X509_REQ_INFO_it 4359 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_REQ_INFO_it 4359 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_STORE_CTX_get1_issuer 4360 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_copy 4361 1_1_0d EXIST::FUNCTION: +SM9Ciphertext_new 4362 1_1_0d EXIST::FUNCTION:SM9 +X509_ALGOR_get0 4363 1_1_0d EXIST::FUNCTION: +d2i_ECPrivateKey_fp 4364 1_1_0d EXIST::FUNCTION:EC,STDIO +BN_set_word 4365 1_1_0d EXIST::FUNCTION: +CAST_ofb64_encrypt 4366 1_1_0d EXIST::FUNCTION:CAST +PBEPARAM_new 4367 1_1_0d EXIST::FUNCTION: +ASN1_item_ndef_i2d 4368 1_1_0d EXIST::FUNCTION: +i2d_OCSP_SERVICELOC 4369 1_1_0d EXIST::FUNCTION:OCSP +d2i_X509_CINF 4370 1_1_0d EXIST::FUNCTION: +EVP_idea_cbc 4371 1_1_0d EXIST::FUNCTION:IDEA +ENGINE_set_ctrl_function 4372 1_1_0d EXIST::FUNCTION:ENGINE +i2d_ECCCipher 4373 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +EVP_aes_256_wrap_pad 4374 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_get_time 4375 1_1_0d EXIST::FUNCTION:TS +PKCS8_pkey_get0 4376 1_1_0d EXIST::FUNCTION: +EVP_sms4_cfb8 4377 1_1_0d EXIST::FUNCTION:SMS4 +BIO_dgram_is_sctp 4378 1_1_0d EXIST::FUNCTION:DGRAM,SCTP +EVP_des_cfb1 4379 1_1_0d EXIST::FUNCTION:DES +EVP_DigestInit 4380 1_1_0d EXIST::FUNCTION: +CMS_RecipientEncryptedKey_cert_cmp 4381 1_1_0d EXIST::FUNCTION:CMS +ASN1_object_size 4382 1_1_0d EXIST::FUNCTION: +PKCS7_ENC_CONTENT_it 4383 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS7_ENC_CONTENT_it 4383 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +NETSCAPE_SPKI_free 4384 1_1_0d EXIST::FUNCTION: +OCSP_RESPBYTES_new 4385 1_1_0d EXIST::FUNCTION:OCSP +ASYNC_WAIT_CTX_free 4386 1_1_0d EXIST::FUNCTION: +SKF_GetContainerType 4387 1_1_0d EXIST::FUNCTION:SKF +SKF_DecryptFinal 4388 1_1_0d EXIST::FUNCTION:SKF +X509_STORE_CTX_get_explicit_policy 4389 1_1_0d EXIST::FUNCTION: +X509_REQ_new 4390 1_1_0d EXIST::FUNCTION: +ERR_load_KDF_strings 4391 1_1_0d EXIST::FUNCTION: +d2i_ASN1_ENUMERATED 4392 1_1_0d EXIST::FUNCTION: +CMS_SignerInfo_get0_md_ctx 4393 1_1_0d EXIST::FUNCTION:CMS +OCSP_RESPONSE_print 4394 1_1_0d EXIST::FUNCTION:OCSP +EC_POINT_point2buf 4395 1_1_0d EXIST::FUNCTION:EC +d2i_X509 4396 1_1_0d EXIST::FUNCTION: +OCSP_REQ_CTX_add1_header 4397 1_1_0d EXIST::FUNCTION:OCSP +i2d_re_X509_REQ_tbs 4398 1_1_0d EXIST::FUNCTION: +CMS_RecipientInfo_type 4399 1_1_0d EXIST::FUNCTION:CMS +d2i_ECCCIPHERBLOB 4400 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +ASN1_STRING_print 4401 1_1_0d EXIST::FUNCTION: +DSA_clear_flags 4402 1_1_0d EXIST::FUNCTION:DSA +ASN1_STRING_print_ex 4403 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_asn1_flag 4404 1_1_0d EXIST::FUNCTION:EC +zuc_set_key 4405 1_1_0d EXIST::FUNCTION:ZUC +OBJ_obj2txt 4406 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_get_local 4407 1_1_0d EXIST::FUNCTION: +EVP_camellia_128_ctr 4408 1_1_0d EXIST::FUNCTION:CAMELLIA +EC_GROUP_new_type1curve 4409 1_1_0d EXIST::FUNCTION: +X509_REQ_INFO_new 4410 1_1_0d EXIST::FUNCTION: +ASN1_STRING_set_default_mask 4411 1_1_0d EXIST::FUNCTION: +OCSP_basic_add1_status 4412 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_SIGNED_new 4413 1_1_0d EXIST::FUNCTION: +EVP_rc4_40 4414 1_1_0d EXIST::FUNCTION:RC4 +ERR_load_ENGINE_strings 4415 1_1_0d EXIST::FUNCTION:ENGINE +EC_GROUP_new_type1curve_ex 4416 1_1_0d EXIST::FUNCTION: +EC_KEY_get_ex_data 4417 1_1_0d EXIST::FUNCTION:EC +PEM_bytes_read_bio 4418 1_1_0d EXIST::FUNCTION: +RC2_encrypt 4419 1_1_0d EXIST::FUNCTION:RC2 +PEM_read_bio_RSA_PUBKEY 4420 1_1_0d EXIST::FUNCTION:RSA +EVP_DecryptFinal_ex 4421 1_1_0d EXIST::FUNCTION: +CMS_ContentInfo_new 4422 1_1_0d EXIST::FUNCTION:CMS +SOF_ExportExchangeUserCert 4423 1_1_0d EXIST::FUNCTION: +DH_up_ref 4424 1_1_0d EXIST::FUNCTION:DH +EVP_PKEY_meth_free 4425 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_set 4426 1_1_0d EXIST::FUNCTION: +EC_GROUP_get_pentanomial_basis 4427 1_1_0d EXIST::FUNCTION:EC,EC2M +MD5_Final 4428 1_1_0d EXIST::FUNCTION:MD5 +RSA_get_RSArefPrivateKey 4429 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +RSA_get_default_method 4430 1_1_0d EXIST::FUNCTION:RSA +EC_KEY_up_ref 4431 1_1_0d EXIST::FUNCTION:EC +MD2_Update 4432 1_1_0d EXIST::FUNCTION:MD2 +X509_EXTENSION_set_data 4433 1_1_0d EXIST::FUNCTION: +PKCS12_add_localkeyid 4434 1_1_0d EXIST::FUNCTION: +i2a_ACCESS_DESCRIPTION 4435 1_1_0d EXIST::FUNCTION: +TS_CONF_set_crypto_device 4436 1_1_0d EXIST::FUNCTION:ENGINE,TS +CRYPTO_ocb128_decrypt 4437 1_1_0d EXIST::FUNCTION:OCB +ECDSA_SIG_set_ECCSignature 4438 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +CMS_add_standard_smimecap 4439 1_1_0d EXIST::FUNCTION:CMS +X509_REVOKED_get_ext_by_NID 4440 1_1_0d EXIST::FUNCTION: +EVP_DecryptInit 4441 1_1_0d EXIST::FUNCTION: +CMS_add1_crl 4442 1_1_0d EXIST::FUNCTION:CMS +EC_KEY_set_default_secg_method 4443 1_1_0d EXIST::FUNCTION:SM2 +BIO_nread 4444 1_1_0d EXIST::FUNCTION: +DSO_dsobyaddr 4445 1_1_0d EXIST::FUNCTION: +PKCS8_set0_pbe 4446 1_1_0d EXIST::FUNCTION: +X509_print 4447 1_1_0d EXIST::FUNCTION: +OPENSSL_utf82uni 4448 1_1_0d EXIST::FUNCTION: +WHIRLPOOL_Final 4449 1_1_0d EXIST::FUNCTION:WHIRLPOOL +ECIES_CIPHERTEXT_VALUE_new_from_ECCCipher 4450 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SDF +OCSP_check_validity 4451 1_1_0d EXIST::FUNCTION:OCSP +TS_CONF_load_certs 4452 1_1_0d EXIST::FUNCTION:TS +SAF_EnumKeyContainerInfoFree 4453 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_set_iv_length 4454 1_1_0d EXIST::FUNCTION: +EVP_PKEY_CTX_set_ecdh_kdf_md 4455 1_1_0d EXIST::FUNCTION:EC +ASN1_TYPE_set_octetstring 4456 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_get_current_id 4457 1_1_0d EXIST::FUNCTION: +EVP_camellia_192_cfb8 4458 1_1_0d EXIST::FUNCTION:CAMELLIA +CRYPTO_memdup 4459 1_1_0d EXIST::FUNCTION: +EVP_camellia_256_cfb8 4460 1_1_0d EXIST::FUNCTION:CAMELLIA +EVP_PKEY_CTX_str2ctrl 4461 1_1_0d EXIST::FUNCTION: +i2d_PROXY_POLICY 4462 1_1_0d EXIST::FUNCTION: +OCSP_sendreq_new 4463 1_1_0d EXIST::FUNCTION:OCSP +OCSP_SINGLERESP_get1_ext_d2i 4464 1_1_0d EXIST::FUNCTION:OCSP +EVP_PKEY_security_bits 4465 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_num 4466 1_1_0d EXIST::FUNCTION: +PKCS12_SAFEBAG_get0_safes 4467 1_1_0d EXIST::FUNCTION: +PEM_read_X509_CRL 4468 1_1_0d EXIST::FUNCTION:STDIO +X509v3_get_ext_by_critical 4469 1_1_0d EXIST::FUNCTION: +BN_GFP2_equ 4470 1_1_0d EXIST::FUNCTION: +SKF_ExtECCEncrypt 4471 1_1_0d EXIST::FUNCTION:SKF +CMS_RecipientInfo_ktri_cert_cmp 4472 1_1_0d EXIST::FUNCTION:CMS +DH_get_2048_256 4473 1_1_0d EXIST::FUNCTION:DH +ASN1_SCTX_new 4474 1_1_0d EXIST::FUNCTION: +SM9Signature_new 4475 1_1_0d EXIST::FUNCTION:SM9 +BIO_free_all 4476 1_1_0d EXIST::FUNCTION: +EC_POINT_is_on_curve 4477 1_1_0d EXIST::FUNCTION:EC +BIO_f_null 4478 1_1_0d EXIST::FUNCTION: +SKF_MacUpdate 4479 1_1_0d EXIST::FUNCTION:SKF +CMS_data 4480 1_1_0d EXIST::FUNCTION:CMS +SKF_ReadFile 4481 1_1_0d EXIST::FUNCTION:SKF +X509_set_issuer_name 4482 1_1_0d EXIST::FUNCTION: +BN_bn2gfp2 4483 1_1_0d EXIST::FUNCTION: +X509_verify 4484 1_1_0d EXIST::FUNCTION: +X509_VERIFY_PARAM_set_trust 4485 1_1_0d EXIST::FUNCTION: +BN_value_one 4486 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_set_verify_recover 4487 1_1_0d EXIST::FUNCTION: +OCSP_resp_find_status 4488 1_1_0d EXIST::FUNCTION:OCSP +X509_REVOKED_new 4489 1_1_0d EXIST::FUNCTION: +EVP_PKEY_meth_get_derive 4490 1_1_0d EXIST::FUNCTION: +SOF_GetInfoFromSignedMessage 4491 1_1_0d EXIST::FUNCTION: +EVP_ENCODE_CTX_free 4492 1_1_0d EXIST::FUNCTION: +X509_check_ip 4493 1_1_0d EXIST::FUNCTION: +BN_is_prime_ex 4494 1_1_0d EXIST::FUNCTION: +BIO_set_callback 4495 1_1_0d EXIST::FUNCTION: +OCSP_response_status 4496 1_1_0d EXIST::FUNCTION:OCSP +BN_nist_mod_521 4497 1_1_0d EXIST::FUNCTION: +CMS_ReceiptRequest_new 4498 1_1_0d EXIST::FUNCTION:CMS +EVP_DigestFinal 4499 1_1_0d EXIST::FUNCTION: +OCSP_archive_cutoff_new 4500 1_1_0d EXIST::FUNCTION:OCSP +X509_alias_set1 4501 1_1_0d EXIST::FUNCTION: +X509_check_issued 4502 1_1_0d EXIST::FUNCTION: +CRYPTO_THREAD_init_local 4503 1_1_0d EXIST::FUNCTION: +NCONF_load_bio 4504 1_1_0d EXIST::FUNCTION: +BIO_get_md 4505 1_1_0d EXIST::FUNCTION: +i2d_ECCCIPHERBLOB 4506 1_1_0d EXIST::FUNCTION:EC,GMAPI,SKF +ENGINE_set_RAND 4507 1_1_0d EXIST::FUNCTION:ENGINE +X509V3_section_free 4508 1_1_0d EXIST::FUNCTION: +X509_POLICY_NODE_print 4509 1_1_0d EXIST::FUNCTION: +EVP_get_cipherbynid 4510 1_1_0d EXIST::FUNCTION: +TS_RESP_CTX_set_status_info 4511 1_1_0d EXIST::FUNCTION:TS +i2d_SM9MasterSecret 4512 1_1_0d EXIST::FUNCTION:SM9 +OPENSSL_sk_shift 4513 1_1_0d EXIST::FUNCTION: +ASN1_d2i_fp 4514 1_1_0d EXIST::FUNCTION:STDIO +DIST_POINT_new 4515 1_1_0d EXIST::FUNCTION: +i2d_ECCSignature 4516 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +BIO_get_new_index 4517 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_free 4518 1_1_0d EXIST::FUNCTION: +DH_get_length 4519 1_1_0d EXIST::FUNCTION:DH +BIO_f_asn1 4520 1_1_0d EXIST::FUNCTION: +OCSP_RESPBYTES_it 4521 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_RESPBYTES_it 4521 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +BN_abs_is_word 4522 1_1_0d EXIST::FUNCTION: +TS_RESP_verify_signature 4523 1_1_0d EXIST::FUNCTION:TS +i2d_X509_fp 4524 1_1_0d EXIST::FUNCTION:STDIO +ASN1_STRING_free 4525 1_1_0d EXIST::FUNCTION: +EVP_DecryptUpdate 4526 1_1_0d EXIST::FUNCTION: +zuc_generate_keystream 4527 1_1_0d EXIST::FUNCTION:ZUC +X509_STORE_CTX_get_cert_crl 4528 1_1_0d EXIST::FUNCTION: +CMS_decrypt_set1_pkey 4529 1_1_0d EXIST::FUNCTION:CMS +SKF_EnumDev 4530 1_1_0d EXIST::FUNCTION:SKF +EVP_DigestInit_ex 4531 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_get_set_asn1_params 4532 1_1_0d EXIST::FUNCTION: +DIST_POINT_NAME_it 4533 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +DIST_POINT_NAME_it 4533 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +TS_TST_INFO_get_ext 4534 1_1_0d EXIST::FUNCTION:TS +EVP_PKEY_save_parameters 4535 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get1_crls 4536 1_1_0d EXIST::FUNCTION: +X509_CRL_get_issuer 4537 1_1_0d EXIST::FUNCTION: +DSA_set0_key 4538 1_1_0d EXIST::FUNCTION:DSA +SDF_InternalPrivateKeyOperation_RSA 4539 1_1_0d EXIST::FUNCTION: +ECIES_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB 4540 1_1_0d EXIST::FUNCTION:EC,ECIES,GMAPI,SKF +BN_security_bits 4541 1_1_0d EXIST::FUNCTION: +DSAparams_dup 4542 1_1_0d EXIST::FUNCTION:DSA +IPAddressOrRange_new 4543 1_1_0d EXIST::FUNCTION:RFC3779 +BN_GF2m_mod_solve_quad_arr 4544 1_1_0d EXIST::FUNCTION:EC2M +OCSP_BASICRESP_get1_ext_d2i 4545 1_1_0d EXIST::FUNCTION:OCSP +OCSP_REQINFO_new 4546 1_1_0d EXIST::FUNCTION:OCSP +PKCS7_SIGN_ENVELOPE_new 4547 1_1_0d EXIST::FUNCTION: +EC_GF2m_simple_method 4548 1_1_0d EXIST::FUNCTION:EC,EC2M +i2a_ASN1_ENUMERATED 4549 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_get_nm_flags 4550 1_1_0d EXIST::FUNCTION: +d2i_SM9Signature 4551 1_1_0d EXIST::FUNCTION:SM9 +EVP_rc4_hmac_md5 4552 1_1_0d EXIST::FUNCTION:MD5,RC4 +BB1MasterSecret_new 4553 1_1_0d EXIST::FUNCTION:BB1IBE +EVP_sms4_cbc 4554 1_1_0d EXIST::FUNCTION:SMS4 +ECIES_PARAMS_get_mac 4555 1_1_0d EXIST::FUNCTION:ECIES +RSA_generate_key_ex 4556 1_1_0d EXIST::FUNCTION:RSA +BN_zero_ex 4557 1_1_0d EXIST::FUNCTION: +BFPrivateKeyBlock_it 4558 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:BFIBE +BFPrivateKeyBlock_it 4558 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:BFIBE +UI_construct_prompt 4559 1_1_0d EXIST::FUNCTION:UI +OPENSSL_strlcpy 4560 1_1_0d EXIST::FUNCTION: +CRYPTO_secure_malloc_done 4561 1_1_0d EXIST::FUNCTION: +OCSP_cert_id_new 4562 1_1_0d EXIST::FUNCTION:OCSP +X509_REQ_print 4563 1_1_0d EXIST::FUNCTION: +ECIES_PARAMS_init_with_type 4564 1_1_0d EXIST::FUNCTION:ECIES +BB1PublicParameters_new 4565 1_1_0d EXIST::FUNCTION:BB1IBE +ENGINE_set_id 4566 1_1_0d EXIST::FUNCTION:ENGINE +X509_REVOKED_set_serialNumber 4567 1_1_0d EXIST::FUNCTION: +UI_create_method 4568 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_cmp_parameters 4569 1_1_0d EXIST::FUNCTION: +PKCS8_decrypt 4570 1_1_0d EXIST::FUNCTION: +CMS_sign_receipt 4571 1_1_0d EXIST::FUNCTION:CMS +OCSP_BASICRESP_get_ext_by_NID 4572 1_1_0d EXIST::FUNCTION:OCSP +CMS_ContentInfo_it 4573 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS +CMS_ContentInfo_it 4573 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS +OCSP_crlID_new 4574 1_1_0d EXIST:!VMS:FUNCTION:OCSP +OCSP_crlID2_new 4574 1_1_0d EXIST:VMS:FUNCTION:OCSP +BN_GF2m_mod_exp 4575 1_1_0d EXIST::FUNCTION:EC2M +BIO_set_flags 4576 1_1_0d EXIST::FUNCTION: +DSA_test_flags 4577 1_1_0d EXIST::FUNCTION:DSA +SM9Signature_it 4578 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:SM9 +SM9Signature_it 4578 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:SM9 +ERR_load_TS_strings 4579 1_1_0d EXIST::FUNCTION:TS +i2d_OCSP_REVOKEDINFO 4580 1_1_0d EXIST::FUNCTION:OCSP +GENERAL_NAME_new 4581 1_1_0d EXIST::FUNCTION: +i2d_BB1CiphertextBlock 4582 1_1_0d EXIST::FUNCTION:BB1IBE +CRYPTO_secure_malloc_initialized 4583 1_1_0d EXIST::FUNCTION: +X509v3_asid_is_canonical 4584 1_1_0d EXIST::FUNCTION:RFC3779 +d2i_SM9PrivateKey 4585 1_1_0d EXIST::FUNCTION:SM9 +CPK_PUBLIC_PARAMS_compute_share_key 4586 1_1_0d EXIST::FUNCTION:CPK +X509_REVOKED_free 4587 1_1_0d EXIST::FUNCTION: +ENGINE_get_prev 4588 1_1_0d EXIST::FUNCTION:ENGINE +EVP_PKEY_assign_EC_KEY 4589 1_1_0d EXIST::FUNCTION:EC +PEM_write_DSA_PUBKEY 4590 1_1_0d EXIST::FUNCTION:DSA,STDIO +BN_CTX_free 4591 1_1_0d EXIST::FUNCTION: +X509_verify_cert 4592 1_1_0d EXIST::FUNCTION: +PKCS5_pbe_set 4593 1_1_0d EXIST::FUNCTION: +DSO_free 4594 1_1_0d EXIST::FUNCTION: +RSA_new_from_RSArefPrivateKey 4595 1_1_0d EXIST::FUNCTION:GMAPI,RSA,SDF +EVP_VerifyInit 4596 1_1_0d EXIST::FUNCTION: +EC_KEY_METHOD_set_verify 4597 1_1_0d EXIST::FUNCTION:EC +NETSCAPE_SPKI_b64_encode 4598 1_1_0d EXIST::FUNCTION: +OCSP_crl_reason_str 4599 1_1_0d EXIST::FUNCTION:OCSP +Camellia_ctr128_encrypt 4600 1_1_0d EXIST::FUNCTION:CAMELLIA +i2d_ESS_SIGNING_CERT 4601 1_1_0d EXIST::FUNCTION:TS +SRP_Calc_x 4602 1_1_0d EXIST::FUNCTION:SRP +X509_REQ_get_X509_PUBKEY 4603 1_1_0d EXIST::FUNCTION: +TS_TST_INFO_dup 4604 1_1_0d EXIST::FUNCTION:TS +SDF_ExportSignPublicKey_ECC 4605 1_1_0d EXIST::FUNCTION: +PEM_write 4606 1_1_0d EXIST::FUNCTION:STDIO +SDF_ReleasePrivateKeyAccessRight 4607 1_1_0d EXIST::FUNCTION: +SM9PrivateKey_get_public_key 4608 1_1_0d EXIST::FUNCTION:SM9 +TS_CONF_set_accuracy 4609 1_1_0d EXIST::FUNCTION:TS +i2d_PKCS7_ENCRYPT 4610 1_1_0d EXIST::FUNCTION: +X509_STORE_set_trust 4611 1_1_0d EXIST::FUNCTION: +BIO_f_linebuffer 4612 1_1_0d EXIST::FUNCTION: +serpent_set_decrypt_key 4613 1_1_0d EXIST::FUNCTION:SERPENT +ERR_load_DSA_strings 4614 1_1_0d EXIST::FUNCTION:DSA +DH_meth_get_generate_key 4615 1_1_0d EXIST::FUNCTION:DH +SEED_encrypt 4616 1_1_0d EXIST::FUNCTION:SEED +OBJ_new_nid 4617 1_1_0d EXIST::FUNCTION: +CMS_EncryptedData_set1_key 4618 1_1_0d EXIST::FUNCTION:CMS +X509_CINF_new 4619 1_1_0d EXIST::FUNCTION: +X509_CRL_get0_by_serial 4620 1_1_0d EXIST::FUNCTION: +d2i_EC_PUBKEY_fp 4621 1_1_0d EXIST::FUNCTION:EC,STDIO +PKCS12_SAFEBAGS_it 4622 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +PKCS12_SAFEBAGS_it 4622 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_DSA_PUBKEY 4623 1_1_0d EXIST::FUNCTION:DSA +ERR_clear_error 4624 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 4625 1_1_0d EXIST::FUNCTION:EC2M +PKEY_USAGE_PERIOD_new 4626 1_1_0d EXIST::FUNCTION: +X509_CRL_new 4627 1_1_0d EXIST::FUNCTION: +SAF_RsaSign 4628 1_1_0d EXIST::FUNCTION: +ASN1_UTCTIME_it 4629 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_UTCTIME_it 4629 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +SM9PublicKey_new 4630 1_1_0d EXIST::FUNCTION:SM9 +i2d_OCSP_ONEREQ 4631 1_1_0d EXIST::FUNCTION:OCSP +EC_KEY_set_flags 4632 1_1_0d EXIST::FUNCTION:EC +d2i_X509_NAME 4633 1_1_0d EXIST::FUNCTION: +CMS_signed_get_attr 4634 1_1_0d EXIST::FUNCTION:CMS +RSA_padding_check_PKCS1_OAEP_mgf1 4635 1_1_0d EXIST::FUNCTION:RSA +i2d_PaillierPublicKey 4636 1_1_0d EXIST::FUNCTION:PAILLIER +DES_string_to_key 4637 1_1_0d EXIST::FUNCTION:DES +AES_wrap_key 4638 1_1_0d EXIST::FUNCTION: +i2a_ASN1_OBJECT 4639 1_1_0d EXIST::FUNCTION: +DHparams_print_fp 4640 1_1_0d EXIST::FUNCTION:DH,STDIO +CMAC_CTX_copy 4641 1_1_0d EXIST::FUNCTION:CMAC +X509_alias_get0 4642 1_1_0d EXIST::FUNCTION: +SAF_Pkcs7_DecodeSignedData 4643 1_1_0d EXIST::FUNCTION: +EVP_PKEY_asn1_get0_info 4644 1_1_0d EXIST::FUNCTION: +i2d_PKCS7_fp 4645 1_1_0d EXIST::FUNCTION:STDIO +PEM_write_PrivateKey 4646 1_1_0d EXIST::FUNCTION:STDIO +TS_TST_INFO_print_bio 4647 1_1_0d EXIST::FUNCTION:TS +X509at_add1_attr_by_txt 4648 1_1_0d EXIST::FUNCTION: +SRP_VBASE_new 4649 1_1_0d EXIST::FUNCTION:SRP +TS_REQ_get_ext_by_NID 4650 1_1_0d EXIST::FUNCTION:TS +d2i_DSAPrivateKey 4651 1_1_0d EXIST::FUNCTION:DSA +i2d_RSAPublicKey 4652 1_1_0d EXIST::FUNCTION:RSA +ENGINE_remove 4653 1_1_0d EXIST::FUNCTION:ENGINE +DSA_meth_set_finish 4654 1_1_0d EXIST::FUNCTION:DSA +i2o_SCT_LIST 4655 1_1_0d EXIST::FUNCTION:CT +OCSP_SINGLERESP_get_ext_count 4656 1_1_0d EXIST::FUNCTION:OCSP +X509_VERIFY_PARAM_clear_flags 4657 1_1_0d EXIST::FUNCTION: +BFPublicParameters_new 4658 1_1_0d EXIST::FUNCTION:BFIBE +i2a_ASN1_STRING 4659 1_1_0d EXIST::FUNCTION: +CRYPTO_cfb128_8_encrypt 4660 1_1_0d EXIST::FUNCTION: +X509_signature_print 4661 1_1_0d EXIST::FUNCTION: +zuc_128eia3 4662 1_1_0d EXIST::FUNCTION:ZUC +EVP_md5 4663 1_1_0d EXIST::FUNCTION:MD5 +BIO_fd_non_fatal_error 4664 1_1_0d EXIST::FUNCTION: +CRYPTO_mem_debug_realloc 4665 1_1_0d EXIST::FUNCTION:CRYPTO_MDEBUG +PKCS12_SAFEBAG_free 4666 1_1_0d EXIST::FUNCTION: +RSA_test_flags 4667 1_1_0d EXIST::FUNCTION:RSA +i2d_EC_PUBKEY_fp 4668 1_1_0d EXIST::FUNCTION:EC,STDIO +BN_GENCB_set 4669 1_1_0d EXIST::FUNCTION: +EVP_PKEY_up_ref 4670 1_1_0d EXIST::FUNCTION: +ENGINE_set_cmd_defns 4671 1_1_0d EXIST::FUNCTION:ENGINE +sms4_encrypt_8blocks 4672 1_1_0d EXIST::FUNCTION:SMS4 +BIO_vprintf 4673 1_1_0d EXIST::FUNCTION: +BASIC_CONSTRAINTS_it 4674 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +BASIC_CONSTRAINTS_it 4674 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +zuc_encrypt 4675 1_1_0d EXIST::FUNCTION:ZUC +BIO_ptr_ctrl 4676 1_1_0d EXIST::FUNCTION: +i2d_SM9Ciphertext 4677 1_1_0d EXIST::FUNCTION:SM9 +TS_TST_INFO_get_accuracy 4678 1_1_0d EXIST::FUNCTION:TS +CMS_get1_crls 4679 1_1_0d EXIST::FUNCTION:CMS +OCSP_request_add1_cert 4680 1_1_0d EXIST::FUNCTION:OCSP +EC_GROUP_order_bits 4681 1_1_0d EXIST::FUNCTION:EC +NCONF_free 4682 1_1_0d EXIST::FUNCTION: +EC_KEY_set_ECCrefPublicKey 4683 1_1_0d EXIST::FUNCTION:EC,GMAPI,SDF +ASN1_ENUMERATED_get 4684 1_1_0d EXIST::FUNCTION: +ASN1_STRING_set 4685 1_1_0d EXIST::FUNCTION: +IDEA_set_encrypt_key 4686 1_1_0d EXIST::FUNCTION:IDEA +X509_STORE_CTX_get0_chain 4687 1_1_0d EXIST::FUNCTION: +s2i_ASN1_INTEGER 4688 1_1_0d EXIST::FUNCTION: +SM9_extract_private_key 4689 1_1_0d EXIST::FUNCTION:SM9 +BIO_sock_error 4690 1_1_0d EXIST::FUNCTION:SOCK +EC_KEY_oct2key 4691 1_1_0d EXIST::FUNCTION:EC +SOF_GetLastError 4692 1_1_0d EXIST::FUNCTION: +BIO_set_retry_reason 4693 1_1_0d EXIST::FUNCTION: +PEM_write_PKCS8PrivateKey_nid 4694 1_1_0d EXIST::FUNCTION:STDIO +PEM_read_PUBKEY 4695 1_1_0d EXIST::FUNCTION:STDIO +d2i_BB1MasterSecret 4696 1_1_0d EXIST::FUNCTION:BB1IBE +DSA_generate_parameters 4697 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8,DSA +TS_RESP_CTX_set_signer_cert 4698 1_1_0d EXIST::FUNCTION:TS +PKCS12_item_i2d_encrypt 4699 1_1_0d EXIST::FUNCTION: +GENERAL_NAME_free 4700 1_1_0d EXIST::FUNCTION: +RSA_meth_get_sign 4701 1_1_0d EXIST::FUNCTION:RSA +UI_method_set_reader 4702 1_1_0d EXIST::FUNCTION:UI +EVP_PKEY_CTX_get_ecdh_cofactor_mode 4703 1_1_0d EXIST::FUNCTION:EC +EC_GROUP_get_curve_GF2m 4704 1_1_0d EXIST::FUNCTION:EC,EC2M +X509_CRL_sign_ctx 4705 1_1_0d EXIST::FUNCTION: +ENGINE_new 4706 1_1_0d EXIST::FUNCTION:ENGINE +ENGINE_load_ssl_client_cert 4707 1_1_0d EXIST::FUNCTION:ENGINE +EC_KEY_METHOD_type 4708 1_1_0d EXIST::FUNCTION:SM2 +X509_cmp_current_time 4709 1_1_0d EXIST::FUNCTION: +SAF_GenerateKeyWithECC 4710 1_1_0d EXIST::FUNCTION: +EC_KEY_priv2buf 4711 1_1_0d EXIST::FUNCTION:EC +PEM_write_bio_PKCS7_stream 4712 1_1_0d EXIST::FUNCTION: +EVP_MD_CTX_update_fn 4713 1_1_0d EXIST::FUNCTION: +CRYPTO_cbc128_decrypt 4714 1_1_0d EXIST::FUNCTION: +BN_pseudo_rand 4715 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_set1 4716 1_1_0d EXIST::FUNCTION: +X509_STORE_get0_param 4717 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_set0_untrusted 4718 1_1_0d EXIST::FUNCTION: +OCSP_SIGNATURE_free 4719 1_1_0d EXIST::FUNCTION:OCSP +i2d_TS_TST_INFO 4720 1_1_0d EXIST::FUNCTION:TS +TS_MSG_IMPRINT_print_bio 4721 1_1_0d EXIST::FUNCTION:TS +AUTHORITY_KEYID_new 4722 1_1_0d EXIST::FUNCTION: +X509V3_EXT_i2d 4723 1_1_0d EXIST::FUNCTION: +ASN1_INTEGER_to_BN 4724 1_1_0d EXIST::FUNCTION: +i2d_DISPLAYTEXT 4725 1_1_0d EXIST::FUNCTION: +OpenSSL_add_all_ciphers 4726 1_1_0d EXIST::FUNCTION: +EVP_PKEY_print_public 4727 1_1_0d EXIST::FUNCTION: +ASN1_PCTX_free 4728 1_1_0d EXIST::FUNCTION: +d2i_GENERAL_NAME 4729 1_1_0d EXIST::FUNCTION: +ASN1_ENUMERATED_set 4730 1_1_0d EXIST::FUNCTION: +SM9Ciphertext_free 4731 1_1_0d EXIST::FUNCTION:SM9 +X509_TRUST_get_count 4732 1_1_0d EXIST::FUNCTION: +ASN1_OCTET_STRING_dup 4733 1_1_0d EXIST::FUNCTION: +RSA_setup_blinding 4734 1_1_0d EXIST::FUNCTION:RSA +RSA_bits 4735 1_1_0d EXIST::FUNCTION:RSA +BIO_gets 4736 1_1_0d EXIST::FUNCTION: +BN_lshift 4737 1_1_0d EXIST::FUNCTION: +X509V3_add_standard_extensions 4738 1_1_0d EXIST::FUNCTION: +b2i_PrivateKey 4739 1_1_0d EXIST::FUNCTION:DSA +UI_method_get_writer 4740 1_1_0d EXIST::FUNCTION:UI +PKCS7_dataFinal 4741 1_1_0d EXIST::FUNCTION: +i2d_PKCS8PrivateKey_bio 4742 1_1_0d EXIST::FUNCTION: +BN_is_solinas 4743 1_1_0d EXIST::FUNCTION: +d2i_ECPrivateKey 4744 1_1_0d EXIST::FUNCTION:EC +i2d_SM9PrivateKey 4745 1_1_0d EXIST::FUNCTION:SM9 +BN_set_params 4746 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_0_9_8 +SKF_UnblockPIN 4747 1_1_0d EXIST::FUNCTION:SKF +d2i_ASN1_OBJECT 4748 1_1_0d EXIST::FUNCTION: +PKCS8_encrypt 4749 1_1_0d EXIST::FUNCTION: +d2i_ASN1_GENERALSTRING 4750 1_1_0d EXIST::FUNCTION: +COMP_get_type 4751 1_1_0d EXIST::FUNCTION:COMP +BUF_MEM_grow 4752 1_1_0d EXIST::FUNCTION: +ERR_load_BN_strings 4753 1_1_0d EXIST::FUNCTION: +EVP_aes_128_cbc 4754 1_1_0d EXIST::FUNCTION: +SKF_ClearSecureState 4755 1_1_0d EXIST::FUNCTION:SKF +EVP_aes_192_gcm 4756 1_1_0d EXIST::FUNCTION: +PKCS12_free 4757 1_1_0d EXIST::FUNCTION: +d2i_BFPrivateKeyBlock 4758 1_1_0d EXIST::FUNCTION:BFIBE +i2d_RSA_PUBKEY_fp 4759 1_1_0d EXIST::FUNCTION:RSA,STDIO +EVP_PKEY_CTX_get_ec_encrypt_param 4760 1_1_0d EXIST::FUNCTION:SM2 +EVP_SignInit 4761 1_1_0d EXIST::FUNCTION: +ENGINE_set_table_flags 4762 1_1_0d EXIST::FUNCTION:ENGINE +ENGINE_register_all_pkey_meths 4763 1_1_0d EXIST::FUNCTION:ENGINE +RSA_clear_flags 4764 1_1_0d EXIST::FUNCTION:RSA +EVP_PKEY_meth_get_copy 4765 1_1_0d EXIST::FUNCTION: +ERR_print_errors_cb 4766 1_1_0d EXIST::FUNCTION: +CRYPTO_clear_realloc 4767 1_1_0d EXIST::FUNCTION: +OPENSSL_sk_sort 4768 1_1_0d EXIST::FUNCTION: +DES_ofb_encrypt 4769 1_1_0d EXIST::FUNCTION:DES +X509_NAME_ENTRY_set_object 4770 1_1_0d EXIST::FUNCTION: +OCSP_SINGLERESP_free 4771 1_1_0d EXIST::FUNCTION:OCSP +OCSP_ONEREQ_delete_ext 4772 1_1_0d EXIST::FUNCTION:OCSP +NETSCAPE_SPKAC_free 4773 1_1_0d EXIST::FUNCTION: +d2i_PAILLIER_PUBKEY 4774 1_1_0d EXIST::FUNCTION:PAILLIER +ENGINE_set_pkey_asn1_meths 4775 1_1_0d EXIST::FUNCTION:ENGINE +ECParameters_print 4776 1_1_0d EXIST::FUNCTION:EC +EVP_aes_192_ocb 4777 1_1_0d EXIST::FUNCTION:OCB +TS_ACCURACY_get_seconds 4778 1_1_0d EXIST::FUNCTION:TS +SHA384_Update 4779 1_1_0d EXIST:!VMSVAX:FUNCTION: +SCT_set0_signature 4780 1_1_0d EXIST::FUNCTION:CT +ASN1_VISIBLESTRING_new 4781 1_1_0d EXIST::FUNCTION: +OCSP_BASICRESP_it 4782 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:OCSP +OCSP_BASICRESP_it 4782 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:OCSP +BIO_new_PKCS7 4783 1_1_0d EXIST::FUNCTION: +HMAC_CTX_new 4784 1_1_0d EXIST::FUNCTION: +X509_TRUST_add 4785 1_1_0d EXIST::FUNCTION: +PEM_read_X509_AUX 4786 1_1_0d EXIST::FUNCTION:STDIO +i2d_X509_EXTENSION 4787 1_1_0d EXIST::FUNCTION: +SM9_generate_key_exchange 4788 1_1_0d EXIST::FUNCTION:SM9 +ENGINE_unregister_ciphers 4789 1_1_0d EXIST::FUNCTION:ENGINE +SOF_GetTimeStampInfo 4790 1_1_0d EXIST::FUNCTION: +EVP_MD_size 4791 1_1_0d EXIST::FUNCTION: +X509v3_addr_add_inherit 4792 1_1_0d EXIST::FUNCTION:RFC3779 +SKF_UnloadLibrary 4793 1_1_0d EXIST::FUNCTION:SKF +SHA512 4794 1_1_0d EXIST:!VMSVAX:FUNCTION: +X509V3_EXT_print 4795 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_get_check_policy 4796 1_1_0d EXIST::FUNCTION: +X509_STORE_CTX_free 4797 1_1_0d EXIST::FUNCTION: +DSA_meth_set_sign_setup 4798 1_1_0d EXIST::FUNCTION:DSA +EVP_PKEY_meth_get_paramgen 4799 1_1_0d EXIST::FUNCTION: +ENGINE_get_name 4800 1_1_0d EXIST::FUNCTION:ENGINE +X509_get_issuer_name 4801 1_1_0d EXIST::FUNCTION: +SKF_WaitForDevEvent 4802 1_1_0d EXIST::FUNCTION:SKF +EC_GROUP_have_precompute_mult 4803 1_1_0d EXIST::FUNCTION:EC +d2i_TS_ACCURACY 4804 1_1_0d EXIST::FUNCTION:TS +PEM_read_bio_PKCS8 4805 1_1_0d EXIST::FUNCTION: +BN_mod_sqr 4806 1_1_0d EXIST::FUNCTION: +RAND_get_rand_method 4807 1_1_0d EXIST::FUNCTION: +RSA_PKCS1_OpenSSL 4808 1_1_0d EXIST::FUNCTION:RSA +RSA_padding_add_none 4809 1_1_0d EXIST::FUNCTION:RSA +X509_CRL_free 4810 1_1_0d EXIST::FUNCTION: +PEM_read_bio_X509_REQ 4811 1_1_0d EXIST::FUNCTION: +OCSP_REQ_CTX_get0_mem_bio 4812 1_1_0d EXIST::FUNCTION:OCSP +X509_STORE_CTX_get_num_untrusted 4813 1_1_0d EXIST::FUNCTION: +X509_add1_trust_object 4814 1_1_0d EXIST::FUNCTION: +SHA1_Update 4815 1_1_0d EXIST::FUNCTION: +PKCS12_PBE_keyivgen 4816 1_1_0d EXIST::FUNCTION: +DSO_merge 4817 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_meth_set_ctrl 4818 1_1_0d EXIST::FUNCTION: +EVP_add_digest 4819 1_1_0d EXIST::FUNCTION: +ECPKPARAMETERS_it 4820 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC +ECPKPARAMETERS_it 4820 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC +DES_set_key_unchecked 4821 1_1_0d EXIST::FUNCTION:DES +SOF_SetEncryptMethod 4822 1_1_0d EXIST::FUNCTION: +CRYPTO_dup_ex_data 4823 1_1_0d EXIST::FUNCTION: +BIO_sock_info 4824 1_1_0d EXIST::FUNCTION:SOCK +PEM_write_bio_X509 4825 1_1_0d EXIST::FUNCTION: +d2i_ASN1_TYPE 4826 1_1_0d EXIST::FUNCTION: +ECIES_encrypt 4827 1_1_0d EXIST::FUNCTION:ECIES +SAF_DestroyKeyHandle 4828 1_1_0d EXIST::FUNCTION: +SDF_LoadLibrary 4829 1_1_0d EXIST::FUNCTION:SDF +EC_KEY_METHOD_set_decrypt 4830 1_1_0d EXIST::FUNCTION:SM2 +BIO_find_type 4831 1_1_0d EXIST::FUNCTION: +X509_set_serialNumber 4832 1_1_0d EXIST::FUNCTION: +EVP_CIPHER_asn1_to_param 4833 1_1_0d EXIST::FUNCTION: +TS_CONF_set_digests 4834 1_1_0d EXIST::FUNCTION:TS +EC_KEY_priv2oct 4835 1_1_0d EXIST::FUNCTION:EC +DES_xcbc_encrypt 4836 1_1_0d EXIST::FUNCTION:DES +EVP_ENCODE_CTX_copy 4837 1_1_0d EXIST::FUNCTION: +BN_GF2m_mod_div 4838 1_1_0d EXIST::FUNCTION:EC2M +v2i_GENERAL_NAMES 4839 1_1_0d EXIST::FUNCTION: +SXNET_get_id_asc 4840 1_1_0d EXIST::FUNCTION: +ASN1_TYPE_set_int_octetstring 4841 1_1_0d EXIST::FUNCTION: +SDF_HashUpdate 4842 1_1_0d EXIST::FUNCTION: +CRYPTO_ocb128_new 4843 1_1_0d EXIST::FUNCTION:OCB +i2d_IPAddressRange 4844 1_1_0d EXIST::FUNCTION:RFC3779 +ISSUING_DIST_POINT_it 4845 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ISSUING_DIST_POINT_it 4845 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +d2i_PKCS12_MAC_DATA 4846 1_1_0d EXIST::FUNCTION: +NCONF_default 4847 1_1_0d EXIST::FUNCTION: +SKF_GenECCKeyPair 4848 1_1_0d EXIST::FUNCTION:SKF +X509_NAME_ENTRY_create_by_txt 4849 1_1_0d EXIST::FUNCTION: +HMAC_size 4850 1_1_0d EXIST::FUNCTION: +TS_VERIFY_CTX_set_flags 4851 1_1_0d EXIST::FUNCTION:TS +BN_sqr 4852 1_1_0d EXIST::FUNCTION: +ENGINE_by_id 4853 1_1_0d EXIST::FUNCTION:ENGINE +SXNET_it 4854 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +SXNET_it 4854 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +PKCS12_add_safe 4855 1_1_0d EXIST::FUNCTION: +EVP_PKEY_get1_PAILLIER 4856 1_1_0d EXIST::FUNCTION:PAILLIER +EC_GFp_nist_method 4857 1_1_0d EXIST::FUNCTION:EC +SM2_KAP_CTX_init 4858 1_1_0d EXIST::FUNCTION:SM2 diff --git a/util/libssl.num b/util/libssl.num index fb7003e2..6cddcaea 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -1,407 +1,411 @@ -TLSv1_1_method 1 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD -SSL_check_private_key 2 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_ciphers 3 1_1_0d EXIST::FUNCTION: -DTLSv1_method 4 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD -SSL_CIPHER_get_cipher_nid 5 1_1_0d EXIST::FUNCTION: -SSL_CTX_sess_set_remove_cb 6 1_1_0d EXIST::FUNCTION: -SSL_CTX_get0_ctlog_store 7 1_1_0d EXIST::FUNCTION:CT -SSL_CTX_has_client_custom_ext 8 1_1_0d EXIST::FUNCTION: -SSL_get0_dane 9 1_1_0d EXIST::FUNCTION: -SSL_CTX_set0_security_ex_data 10 1_1_0d EXIST::FUNCTION: -SSL_add_file_cert_subjects_to_stack 11 1_1_0d EXIST::FUNCTION: -SSL_CTX_sess_get_new_cb 12 1_1_0d EXIST::FUNCTION: -SSL_CTX_sess_set_new_cb 13 1_1_0d EXIST::FUNCTION: -SSL_rstate_string 14 1_1_0d EXIST::FUNCTION: -SSL_set_alpn_protos 15 1_1_0d EXIST::FUNCTION: -SSL_get_psk_identity 16 1_1_0d EXIST::FUNCTION:PSK -SSL_CTX_set_srp_password 17 1_1_0d EXIST::FUNCTION:SRP -SSL_CTX_sess_get_remove_cb 18 1_1_0d EXIST::FUNCTION: -SSL_get_wbio 19 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_set_flags 20 1_1_0d EXIST::FUNCTION: -SSL_set_tlsext_use_srtp 21 1_1_0d EXIST::FUNCTION:SRTP -SSL_set_security_callback 22 1_1_0d EXIST::FUNCTION: -PEM_read_SSL_SESSION 23 1_1_0d EXIST::FUNCTION:STDIO -SSL_set_verify_depth 24 1_1_0d EXIST::FUNCTION: -SSL_CTX_sess_set_get_cb 25 1_1_0d EXIST::FUNCTION: -TLSv1_2_server_method 26 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD -SSL_CTX_set_timeout 27 1_1_0d EXIST::FUNCTION: -SSL_extension_supported 28 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_security_callback 29 1_1_0d EXIST::FUNCTION: -SSL_get_default_passwd_cb_userdata 30 1_1_0d EXIST::FUNCTION: -SSL_trace 31 1_1_0d EXIST::FUNCTION:SSL_TRACE -SSL_SESSION_set1_id 32 1_1_0d EXIST::FUNCTION: -SSL_get_peer_finished 33 1_1_0d EXIST::FUNCTION: -SSL_get1_session 34 1_1_0d EXIST::FUNCTION: -SSL_set_session_id_context 35 1_1_0d EXIST::FUNCTION: -SSL_set_srp_server_param 36 1_1_0d EXIST::FUNCTION:SRP -SSL_set0_rbio 37 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_psk_identity_hint 38 1_1_0d EXIST::FUNCTION:PSK -SSL_set_hostflags 39 1_1_0d EXIST::FUNCTION: -SSL_SESSION_free 40 1_1_0d EXIST::FUNCTION: -SSL_SESSION_new 41 1_1_0d EXIST::FUNCTION: -SSL_get_ciphers 42 1_1_0d EXIST::FUNCTION: -SSL_use_psk_identity_hint 43 1_1_0d EXIST::FUNCTION:PSK -SSL_get_privatekey 44 1_1_0d EXIST::FUNCTION: -OPENSSL_init_ssl 45 1_1_0d EXIST::FUNCTION: -SSL_do_handshake 46 1_1_0d EXIST::FUNCTION: -PEM_write_SSL_SESSION 47 1_1_0d EXIST::FUNCTION:STDIO -SSL_CTX_set_client_cert_engine 48 1_1_0d EXIST::FUNCTION:ENGINE -SSL_CTX_set_default_passwd_cb_userdata 49 1_1_0d EXIST::FUNCTION: -SSL_alert_desc_string 50 1_1_0d EXIST::FUNCTION: -SSL_CTX_SRP_CTX_free 51 1_1_0d EXIST::FUNCTION:SRP -SSL_CTX_new 52 1_1_0d EXIST::FUNCTION: -SSL_get_client_CA_list 53 1_1_0d EXIST::FUNCTION: -SSL_CTX_enable_ct 54 1_1_0d EXIST::FUNCTION:CT -SSL_set0_wbio 55 1_1_0d EXIST::FUNCTION: -SSL_get_finished 56 1_1_0d EXIST::FUNCTION: -SSL_SESSION_set_timeout 57 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_set_ssl 58 1_1_0d EXIST::FUNCTION: -SSL_SESSION_print_fp 59 1_1_0d EXIST::FUNCTION:STDIO -SSL_use_PrivateKey_ASN1 60 1_1_0d EXIST::FUNCTION: -DTLSv1_2_method 61 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD -SSL_SESSION_get0_hostname 62 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_find 63 1_1_0d EXIST::FUNCTION: -SSL_get_ssl_method 64 1_1_0d EXIST::FUNCTION: -SSL_version 65 1_1_0d EXIST::FUNCTION: -TLSv1_1_client_method 66 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD -SSL_CTX_up_ref 67 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get0_id_context 68 1_1_0d EXIST::FUNCTION: -ERR_load_SSL_strings 69 1_1_0d EXIST::FUNCTION: -SSL_get_srp_g 70 1_1_0d EXIST::FUNCTION:SRP -SSL_set_rfd 71 1_1_0d EXIST::FUNCTION:SOCK -SSL_add1_host 72 1_1_0d EXIST::FUNCTION: -SSL_get_all_async_fds 73 1_1_0d EXIST::FUNCTION: -SSL_get_state 74 1_1_0d EXIST::FUNCTION: -SSL_get_servername_type 75 1_1_0d EXIST::FUNCTION: -SSL_set_verify 76 1_1_0d EXIST::FUNCTION: -SSL_get_peer_cert_chain 77 1_1_0d EXIST::FUNCTION: -SSL_get_verify_depth 78 1_1_0d EXIST::FUNCTION: -SSL_set_SSL_CTX 79 1_1_0d EXIST::FUNCTION: -SSL_new 80 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_ex_data 81 1_1_0d EXIST::FUNCTION: -TLSv1_2_client_method 82 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD -SSL_set0_security_ex_data 83 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_default_read_buffer_len 84 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_srp_username 85 1_1_0d EXIST::FUNCTION:SRP -SSL_state_string 86 1_1_0d EXIST::FUNCTION: -SSL_CTX_add_server_custom_ext 87 1_1_0d EXIST::FUNCTION: -SSL_set_psk_server_callback 88 1_1_0d EXIST::FUNCTION:PSK -BIO_new_ssl_connect 89 1_1_0d EXIST::FUNCTION: -SSL_CTX_set0_ctlog_store 90 1_1_0d EXIST::FUNCTION:CT -SSL_set1_host 91 1_1_0d EXIST::FUNCTION: -SSL_connect 92 1_1_0d EXIST::FUNCTION: -SSL_get_default_passwd_cb 93 1_1_0d EXIST::FUNCTION: -SSL_get_verify_callback 94 1_1_0d EXIST::FUNCTION: -SSL_SESSION_set_ex_data 95 1_1_0d EXIST::FUNCTION: -SSL_dup_CA_list 96 1_1_0d EXIST::FUNCTION: -SSL_get_current_cipher 97 1_1_0d EXIST::FUNCTION: -SSL_CTX_flush_sessions 98 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_srp_strength 99 1_1_0d EXIST::FUNCTION:SRP -SSL_get_srtp_profiles 100 1_1_0d EXIST::FUNCTION:SRTP -SSL_CTX_set_cert_store 101 1_1_0d EXIST::FUNCTION: -TLSv1_2_method 102 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD -SSL_client_version 103 1_1_0d EXIST::FUNCTION: -SSL_shutdown 104 1_1_0d EXIST::FUNCTION: -SSL_get0_verified_chain 105 1_1_0d EXIST::FUNCTION: -SSL_set_debug 106 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 -SSL_add_dir_cert_subjects_to_stack 107 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_PrivateKey_ASN1 108 1_1_0d EXIST::FUNCTION: -SSL_get_ex_data 109 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_client_cert_cb 110 1_1_0d EXIST::FUNCTION: -SSL_COMP_get_name 111 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_cert_cb 112 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_kx_nid 113 1_1_0d EXIST::FUNCTION: -SSL_use_certificate 114 1_1_0d EXIST::FUNCTION: -SSL_want 115 1_1_0d EXIST::FUNCTION: -DTLS_server_method 116 1_1_0d EXIST::FUNCTION: -SSL_set_security_level 117 1_1_0d EXIST::FUNCTION: -DTLSv1_server_method 118 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD -SSL_CTX_set_msg_callback 119 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_srp_username_callback 120 1_1_0d EXIST::FUNCTION:SRP -DTLS_client_method 121 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_next_proto_select_cb 122 1_1_0d EXIST::FUNCTION:NEXTPROTONEG -SSL_CIPHER_get_id 123 1_1_0d EXIST::FUNCTION: -SSL_dane_clear_flags 124 1_1_0d EXIST::FUNCTION: -SSL_set_client_CA_list 125 1_1_0d EXIST::FUNCTION: -SSL_set_srp_server_param_pw 126 1_1_0d EXIST::FUNCTION:SRP -SSL_CTX_get0_security_ex_data 127 1_1_0d EXIST::FUNCTION: -SSL_certs_clear 128 1_1_0d EXIST::FUNCTION: -SSL_set_verify_result 129 1_1_0d EXIST::FUNCTION: -SSL_get_verify_result 130 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_description 131 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_set_ssl_ctx 132 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_quiet_shutdown 133 1_1_0d EXIST::FUNCTION: -SSL_use_PrivateKey_file 134 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_cipher_list 135 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_client_pwd_callback 1 1_1_0d EXIST::FUNCTION:SRP +SSL_alert_desc_string 2 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_ctlog_list_file 3 1_1_0d EXIST::FUNCTION:CT +SSL_get_srtp_profiles 4 1_1_0d EXIST::FUNCTION:SRTP +SSL_CTX_get0_ctlog_store 5 1_1_0d EXIST::FUNCTION:CT +TLSv1_2_server_method 6 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD +SSL_SESSION_get_time 7 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get_protocol_version 8 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_msg_callback 9 1_1_0d EXIST::FUNCTION: +SSL_CTX_get0_security_ex_data 10 1_1_0d EXIST::FUNCTION: +SSL_set_fd 11 1_1_0d EXIST::FUNCTION:SOCK +SSL_set_purpose 12 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_cert_cb 13 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_cb_arg 14 1_1_0d EXIST::FUNCTION:SRP +SSL_dane_tlsa_add 15 1_1_0d EXIST::FUNCTION: +BIO_ssl_copy_session_id 16 1_1_0d EXIST::FUNCTION: +SSL_set_connect_state 17 1_1_0d EXIST::FUNCTION: +SSL_get0_dane_tlsa 18 1_1_0d EXIST::FUNCTION: +ERR_load_SSL_strings 19 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_kx_nid 20 1_1_0d EXIST::FUNCTION: +SSL_get_version 21 1_1_0d EXIST::FUNCTION: +SSL_set_cipher_list 22 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_verify_paths 23 1_1_0d EXIST::FUNCTION: +SSL_CTX_add_client_CA 24 1_1_0d EXIST::FUNCTION: +GMTLS_client_method 25 1_1_0d EXIST::FUNCTION:GMTLS_METHOD +SSL_get_security_level 26 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_certificate 27 1_1_0d EXIST::FUNCTION: +SSLv3_method 28 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD +SSL_set_client_CA_list 29 1_1_0d EXIST::FUNCTION: +SSL_CTX_add_server_custom_ext 30 1_1_0d EXIST::FUNCTION: +SSL_get_default_timeout 31 1_1_0d EXIST::FUNCTION: +SSL_SESSION_set_timeout 32 1_1_0d EXIST::FUNCTION: +SSL_set_cert_cb 33 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_free 34 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_tmp_dh_callback 35 1_1_0d EXIST::FUNCTION:DH +DTLSv1_listen 36 1_1_0d EXIST::FUNCTION:SOCK +SSL_CTX_get0_privatekey 37 1_1_0d EXIST::FUNCTION: +SSL_set_shutdown 38 1_1_0d EXIST::FUNCTION: +SSL_is_dtls 39 1_1_0d EXIST::FUNCTION: +SSL_get_quiet_shutdown 40 1_1_0d EXIST::FUNCTION: +SSL_set_session_secret_cb 41 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get0_cipher 42 1_1_0d EXIST::FUNCTION: +SSL_CTX_set0_security_ex_data 43 1_1_0d EXIST::FUNCTION: +DTLSv1_method 44 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD +SSL_SRP_CTX_init 45 1_1_0d EXIST::FUNCTION:SRP +TLS_method 46 1_1_0d EXIST::FUNCTION: +SSL_CONF_cmd 47 1_1_0d EXIST::FUNCTION: +SSL_CTX_load_verify_locations 48 1_1_0d EXIST::FUNCTION: +TLSv1_2_method 49 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD +SSL_CTX_use_serverinfo_file 50 1_1_0d EXIST::FUNCTION: +PEM_read_bio_SSL_SESSION 51 1_1_0d EXIST::FUNCTION: +DTLS_method 52 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_client_CA_list 53 1_1_0d EXIST::FUNCTION: +SSL_get_srp_username 54 1_1_0d EXIST::FUNCTION:SRP +DTLSv1_2_client_method 55 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD +SSL_get0_security_ex_data 56 1_1_0d EXIST::FUNCTION: +SSL_get_psk_identity 57 1_1_0d EXIST::FUNCTION:PSK +SSL_add1_host 58 1_1_0d EXIST::FUNCTION: +SSL_dane_enable 59 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_name 60 1_1_0d EXIST::FUNCTION: +SSL_SRP_CTX_free 61 1_1_0d EXIST::FUNCTION:SRP +SSL_get_certificate 62 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get0_ticket 63 1_1_0d EXIST::FUNCTION: +SSL_use_RSAPrivateKey_ASN1 64 1_1_0d EXIST::FUNCTION:RSA +SSL_SESSION_get_id 65 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_ex_data 66 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_security_callback 67 1_1_0d EXIST::FUNCTION: +SSL_check_chain 68 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_next_protos_advertised_cb 69 1_1_0d EXIST::FUNCTION:NEXTPROTONEG +SSL_is_server 70 1_1_0d EXIST::FUNCTION: +SSL_COMP_get_compression_methods 71 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_generate_session_id 72 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_alpn_protos 73 1_1_0d EXIST::FUNCTION: +SSL_CTX_dane_enable 74 1_1_0d EXIST::FUNCTION: +SSL_get0_dane 75 1_1_0d EXIST::FUNCTION: +TLS_server_method 76 1_1_0d EXIST::FUNCTION: +BIO_new_ssl 77 1_1_0d EXIST::FUNCTION: +SSL_set_default_passwd_cb 78 1_1_0d EXIST::FUNCTION: +SSL_SESSION_print_keylog 79 1_1_0d EXIST::FUNCTION: +SSL_set_tmp_dh_callback 80 1_1_0d EXIST::FUNCTION:DH +SSL_CTX_set_verify 81 1_1_0d EXIST::FUNCTION: +SSL_get_client_random 82 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_set_ssl 83 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_verify_depth 84 1_1_0d EXIST::FUNCTION: +SSL_do_handshake 85 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_options 86 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get0_peer 87 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_is_aead 88 1_1_0d EXIST::FUNCTION: +SSL_CTX_sess_set_remove_cb 89 1_1_0d EXIST::FUNCTION: +SSL_want 90 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_quiet_shutdown 91 1_1_0d EXIST::FUNCTION: +SSL_get_server_random 92 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_RSAPrivateKey_ASN1 93 1_1_0d EXIST::FUNCTION:RSA +SSL_srp_server_param_with_username 94 1_1_0d EXIST::FUNCTION:SRP +SSL_SESSION_get_timeout 95 1_1_0d EXIST::FUNCTION: +SSL_CTX_callback_ctrl 96 1_1_0d EXIST::FUNCTION: +SSL_clear 97 1_1_0d EXIST::FUNCTION: +SSL_extension_supported 98 1_1_0d EXIST::FUNCTION: +SSL_get_privatekey 99 1_1_0d EXIST::FUNCTION: +SSL_CTX_get0_certificate 100 1_1_0d EXIST::FUNCTION: +SSL_set_wfd 101 1_1_0d EXIST::FUNCTION:SOCK +SSL_CIPHER_get_id 102 1_1_0d EXIST::FUNCTION: +SSL_get_srp_g 103 1_1_0d EXIST::FUNCTION:SRP +SSL_CTX_get_cert_store 104 1_1_0d EXIST::FUNCTION: +SSL_set0_rbio 105 1_1_0d EXIST::FUNCTION: +GMTLS_method 106 1_1_0d EXIST::FUNCTION:GMTLS_METHOD +GMTLS_server_method 107 1_1_0d EXIST::FUNCTION:GMTLS_METHOD +SSL_get1_supported_ciphers 108 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_digest_nid 109 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get0_id_context 110 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_tlsext_use_srtp 111 1_1_0d EXIST::FUNCTION:SRTP +SSL_set_accept_state 112 1_1_0d EXIST::FUNCTION: +SSL_get_session 113 1_1_0d EXIST::FUNCTION: +SSL_set_ssl_method 114 1_1_0d EXIST::FUNCTION: +TLSv1_1_server_method 115 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD +SSL_in_init 116 1_1_0d EXIST::FUNCTION: +SSL_new 117 1_1_0d EXIST::FUNCTION: +OPENSSL_init_ssl 118 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_certificate_ASN1 119 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_verify_dir 120 1_1_0d EXIST::FUNCTION: +SSL_get_shutdown 121 1_1_0d EXIST::FUNCTION: +TLSv1_method 122 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD +SSL_use_PrivateKey 123 1_1_0d EXIST::FUNCTION: +TLSv1_1_method 124 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD +SSL_SESSION_get_ticket_lifetime_hint 125 1_1_0d EXIST::FUNCTION: +SSL_accept 126 1_1_0d EXIST::FUNCTION: +SSL_set_session_ticket_ext_cb 127 1_1_0d EXIST::FUNCTION: +SSL_config 128 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_ssl_version 129 1_1_0d EXIST::FUNCTION: +SSL_renegotiate 130 1_1_0d EXIST::FUNCTION: +SSL_copy_session_id 131 1_1_0d EXIST::FUNCTION: +SSL_get_changed_async_fds 132 1_1_0d EXIST::FUNCTION: +SSL_dane_clear_flags 133 1_1_0d EXIST::FUNCTION: +SSL_set_debug 134 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0 +SSL_get_wbio 135 1_1_0d EXIST::FUNCTION: SSL_waiting_for_async 136 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_alpn_protos 137 1_1_0d EXIST::FUNCTION: -SSL_get_cipher_list 138 1_1_0d EXIST::FUNCTION: -SSL_CTX_dane_clear_flags 139 1_1_0d EXIST::FUNCTION: -SSL_get_client_ciphers 140 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_serverinfo 141 1_1_0d EXIST::FUNCTION: -SSL_get_ex_data_X509_STORE_CTX_idx 142 1_1_0d EXIST::FUNCTION: -SSL_SESSION_set1_id_context 143 1_1_0d EXIST::FUNCTION: -SRP_Calc_A_param 144 1_1_0d EXIST::FUNCTION:SRP -SSL_get_selected_srtp_profile 145 1_1_0d EXIST::FUNCTION:SRTP -SSL_CTX_get_ssl_method 146 1_1_0d EXIST::FUNCTION: -SSL_add_ssl_module 147 1_1_0d EXIST::FUNCTION: -SSL_get_rbio 148 1_1_0d EXIST::FUNCTION: -SSL_get0_dane_authority 149 1_1_0d EXIST::FUNCTION: -SSL_CTX_add_client_custom_ext 150 1_1_0d EXIST::FUNCTION: -SSL_get_shutdown 151 1_1_0d EXIST::FUNCTION: -SSL_get_version 152 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_default_ctlog_list_file 153 1_1_0d EXIST::FUNCTION:CT -SSL_CTX_use_RSAPrivateKey_file 154 1_1_0d EXIST::FUNCTION:RSA -SSL_get_fd 155 1_1_0d EXIST::FUNCTION: -SSL_get0_security_ex_data 156 1_1_0d EXIST::FUNCTION: -SSL_CTX_dane_enable 157 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get0_peer 158 1_1_0d EXIST::FUNCTION: -SSL_get_wfd 159 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_default_verify_dir 160 1_1_0d EXIST::FUNCTION: -SSL_set_info_callback 161 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_next_protos_advertised_cb 162 1_1_0d EXIST::FUNCTION:NEXTPROTONEG -SSL_set_default_passwd_cb_userdata 163 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_new 164 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_client_cert_cb 165 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_alpn_select_cb 166 1_1_0d EXIST::FUNCTION: -SSL_set_tmp_dh_callback 167 1_1_0d EXIST::FUNCTION:DH -SSL_get_server_random 168 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_ex_data 169 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_bits 170 1_1_0d EXIST::FUNCTION: -SSL_export_keying_material 171 1_1_0d EXIST::FUNCTION: -SSL_free 172 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_RSAPrivateKey 173 1_1_0d EXIST::FUNCTION:RSA -SSL_CTX_use_certificate_ASN1 174 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_cookie_verify_cb 175 1_1_0d EXIST::FUNCTION: -DTLS_method 176 1_1_0d EXIST::FUNCTION: -PEM_write_bio_SSL_SESSION 177 1_1_0d EXIST::FUNCTION: -SSL_use_RSAPrivateKey_ASN1 178 1_1_0d EXIST::FUNCTION:RSA -SSL_COMP_set0_compression_methods 179 1_1_0d EXIST::FUNCTION: -SSL_state_string_long 180 1_1_0d EXIST::FUNCTION: -SSL_use_RSAPrivateKey 181 1_1_0d EXIST::FUNCTION:RSA -SSL_CTX_get_info_callback 182 1_1_0d EXIST::FUNCTION: -SSL_has_pending 183 1_1_0d EXIST::FUNCTION: -SSL_use_RSAPrivateKey_file 184 1_1_0d EXIST::FUNCTION:RSA -SSL_CTX_set_default_passwd_cb 185 1_1_0d EXIST::FUNCTION: -SSL_is_server 186 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_srp_cb_arg 187 1_1_0d EXIST::FUNCTION:SRP -SSL_CTX_set_ct_validation_callback 188 1_1_0d EXIST::FUNCTION:CT -SSL_get_current_expansion 189 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_security_callback 190 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_tmp_dh_callback 191 1_1_0d EXIST::FUNCTION:DH -SSL_CTX_get_options 192 1_1_0d EXIST::FUNCTION: -SSL_CTX_clear_options 193 1_1_0d EXIST::FUNCTION: -SSL_dane_enable 194 1_1_0d EXIST::FUNCTION: -SSL_SESSION_has_ticket 195 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_time 196 1_1_0d EXIST::FUNCTION: -SSL_check_chain 197 1_1_0d EXIST::FUNCTION: -SSL_SESSION_print 198 1_1_0d EXIST::FUNCTION: -SSL_CTX_get0_privatekey 199 1_1_0d EXIST::FUNCTION: -SSL_COMP_get_compression_methods 200 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_verify_callback 201 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_serverinfo_file 202 1_1_0d EXIST::FUNCTION: -SSL_get1_supported_ciphers 203 1_1_0d EXIST::FUNCTION: -SSL_ctrl 204 1_1_0d EXIST::FUNCTION: -SSL_get0_peername 205 1_1_0d EXIST::FUNCTION: -SSL_get_changed_async_fds 206 1_1_0d EXIST::FUNCTION: -SSL_renegotiate_pending 207 1_1_0d EXIST::FUNCTION: -SSL_CTX_sessions 208 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_ex_data 209 1_1_0d EXIST::FUNCTION: -SSL_SESSION_print_keylog 210 1_1_0d EXIST::FUNCTION: -SSL_pending 211 1_1_0d EXIST::FUNCTION: -DTLSv1_2_server_method 212 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD -SSL_get_srp_userinfo 213 1_1_0d EXIST::FUNCTION:SRP -SSL_CONF_CTX_finish 214 1_1_0d EXIST::FUNCTION: -SSL_CTX_SRP_CTX_init 215 1_1_0d EXIST::FUNCTION:SRP -SSL_get0_next_proto_negotiated 216 1_1_0d EXIST::FUNCTION:NEXTPROTONEG -SSL_session_reused 217 1_1_0d EXIST::FUNCTION: -PEM_read_bio_SSL_SESSION 218 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_cert_verify_callback 219 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_compress_id 220 1_1_0d EXIST::FUNCTION: -SSL_srp_server_param_with_username 221 1_1_0d EXIST::FUNCTION:SRP -SSL_CTX_ct_is_enabled 222 1_1_0d EXIST::FUNCTION:CT -TLSv1_client_method 223 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD -SSL_CTX_set_default_verify_file 224 1_1_0d EXIST::FUNCTION: -SSL_get_verify_mode 225 1_1_0d EXIST::FUNCTION: -SSL_CTX_get0_certificate 226 1_1_0d EXIST::FUNCTION: -SSL_CTX_get0_param 227 1_1_0d EXIST::FUNCTION: -SSL_set_session 228 1_1_0d EXIST::FUNCTION: -SSL_SESSION_up_ref 229 1_1_0d EXIST::FUNCTION: -d2i_SSL_SESSION 230 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_auth_nid 231 1_1_0d EXIST::FUNCTION: -SSL_CTX_free 232 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_ctlog_list_file 233 1_1_0d EXIST::FUNCTION:CT -SSL_set_options 234 1_1_0d EXIST::FUNCTION: -SSL_use_PrivateKey 235 1_1_0d EXIST::FUNCTION: -SSL_CTX_sess_get_get_cb 236 1_1_0d EXIST::FUNCTION: -SSL_COMP_get_id 237 1_1_0d EXIST::FUNCTION: -SSL_get_psk_identity_hint 238 1_1_0d EXIST::FUNCTION:PSK -SSL_COMP_add_compression_method 239 1_1_0d EXIST::FUNCTION: -SSL_use_certificate_chain_file 240 1_1_0d EXIST::FUNCTION: -DTLSv1_2_client_method 241 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD -SSL_get_error 242 1_1_0d EXIST::FUNCTION: -SSL_in_before 243 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_standard_name 244 1_1_0d EXIST::FUNCTION:SSL_TRACE -SSL_alert_desc_string_long 245 1_1_0d EXIST::FUNCTION: -SSL_rstate_string_long 246 1_1_0d EXIST::FUNCTION: -SSL_get_security_callback 247 1_1_0d EXIST::FUNCTION: -SSL_read 248 1_1_0d EXIST::FUNCTION: -SSL_CTX_config 249 1_1_0d EXIST::FUNCTION: -SSL_get_session 250 1_1_0d EXIST::FUNCTION: -SSL_set_ssl_method 251 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_verify_depth 252 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_not_resumable_session_callback 253 1_1_0d EXIST::FUNCTION: -SSL_get0_dane_tlsa 254 1_1_0d EXIST::FUNCTION: -SSL_set_session_secret_cb 255 1_1_0d EXIST::FUNCTION: -SSL_get0_peer_scts 256 1_1_0d EXIST::FUNCTION:CT -TLS_client_method 257 1_1_0d EXIST::FUNCTION: -SSL_alert_type_string 258 1_1_0d EXIST::FUNCTION: -SSL_test_functions 259 1_1_0d EXIST::FUNCTION:UNIT_TEST -SSL_CTX_get_default_passwd_cb 260 1_1_0d EXIST::FUNCTION: -SSL_add_client_CA 261 1_1_0d EXIST::FUNCTION: -SSL_set_msg_callback 262 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_tlsext_use_srtp 263 1_1_0d EXIST::FUNCTION:SRTP -SSL_CTX_use_certificate_chain_file 264 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_ssl_version 265 1_1_0d EXIST::FUNCTION: -SSL_config 266 1_1_0d EXIST::FUNCTION: -SSL_get_rfd 267 1_1_0d EXIST::FUNCTION: -SSL_renegotiate_abbreviated 268 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_security_level 269 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_is_aead 270 1_1_0d EXIST::FUNCTION: -SSL_CTX_set1_param 271 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_timeout 272 1_1_0d EXIST::FUNCTION: -SSL_CONF_cmd_value_type 273 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_clear_flags 274 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_verify_depth 275 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_client_CA_list 276 1_1_0d EXIST::FUNCTION: -SSL_set_ct_validation_callback 277 1_1_0d EXIST::FUNCTION:CT -SSL_is_dtls 278 1_1_0d EXIST::FUNCTION: -SSL_get_info_callback 279 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_cookie_generate_cb 280 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_ticket_lifetime_hint 281 1_1_0d EXIST::FUNCTION: -i2d_SSL_SESSION 282 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_version 283 1_1_0d EXIST::FUNCTION: -SSL_get_shared_sigalgs 284 1_1_0d EXIST::FUNCTION: -TLSv1_method 285 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD -SSL_enable_ct 286 1_1_0d EXIST::FUNCTION:CT -SSL_CONF_CTX_set1_prefix 287 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_RSAPrivateKey_ASN1 288 1_1_0d EXIST::FUNCTION:RSA -SSL_CTX_set_client_CA_list 289 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_verify_mode 290 1_1_0d EXIST::FUNCTION: -SSL_CTX_dane_mtype_set 291 1_1_0d EXIST::FUNCTION: -SSL_SESSION_set_time 292 1_1_0d EXIST::FUNCTION: -TLSv1_1_server_method 293 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD -SSL_set_cert_cb 294 1_1_0d EXIST::FUNCTION: -SSL_CTX_ctrl 295 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_generate_session_id 296 1_1_0d EXIST::FUNCTION: -SSL_accept 297 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_name 298 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_trust 299 1_1_0d EXIST::FUNCTION: -SSL_get_shared_ciphers 300 1_1_0d EXIST::FUNCTION: -SSL_CONF_cmd 301 1_1_0d EXIST::FUNCTION: -SSL_set_accept_state 302 1_1_0d EXIST::FUNCTION: -SSLv3_server_method 303 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD -SSLv3_client_method 304 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD -BIO_new_buffer_ssl_connect 305 1_1_0d EXIST::FUNCTION: -SSL_set_connect_state 306 1_1_0d EXIST::FUNCTION: -SSL_CTX_check_private_key 307 1_1_0d EXIST::FUNCTION: -SSL_CTX_add_client_CA 308 1_1_0d EXIST::FUNCTION: -SSL_CONF_CTX_free 309 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_psk_client_callback 310 1_1_0d EXIST::FUNCTION:PSK -SSL_set_shutdown 311 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get0_cipher 312 1_1_0d EXIST::FUNCTION: -SSL_in_init 313 1_1_0d EXIST::FUNCTION: -SSL_alert_type_string_long 314 1_1_0d EXIST::FUNCTION: -SSL_get_current_compression 315 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_info_callback 316 1_1_0d EXIST::FUNCTION: -SSL_dane_tlsa_add 317 1_1_0d EXIST::FUNCTION: -SSL_set_session_ticket_ext_cb 318 1_1_0d EXIST::FUNCTION: -SSL_set_psk_client_callback 319 1_1_0d EXIST::FUNCTION:PSK -SSL_get_certificate 320 1_1_0d EXIST::FUNCTION: -SSL_get_options 321 1_1_0d EXIST::FUNCTION: -SSL_set_generate_session_id 322 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_PrivateKey 323 1_1_0d EXIST::FUNCTION: -SSL_peek 324 1_1_0d EXIST::FUNCTION: -SSL_use_certificate_file 325 1_1_0d EXIST::FUNCTION: -SSL_get_servername 326 1_1_0d EXIST::FUNCTION: -SSL_COMP_get0_name 327 1_1_0d EXIST::FUNCTION: -SSL_CTX_callback_ctrl 328 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_default_passwd_cb_userdata 329 1_1_0d EXIST::FUNCTION: -SSL_set_ex_data 330 1_1_0d EXIST::FUNCTION: -SSL_get0_param 331 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get0_ticket 332 1_1_0d EXIST::FUNCTION: -SSL_get_read_ahead 333 1_1_0d EXIST::FUNCTION: -SSL_ct_is_enabled 334 1_1_0d EXIST::FUNCTION:CT -SSL_set_wfd 335 1_1_0d EXIST::FUNCTION:SOCK -SSL_set_fd 336 1_1_0d EXIST::FUNCTION:SOCK -SSL_write 337 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_PrivateKey_file 338 1_1_0d EXIST::FUNCTION: -TLS_method 339 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_default_verify_paths 340 1_1_0d EXIST::FUNCTION: -SSL_CTX_dane_set_flags 341 1_1_0d EXIST::FUNCTION: -SSL_get0_alpn_selected 342 1_1_0d EXIST::FUNCTION: -SSL_get_peer_certificate 343 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_verify 344 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_timeout 345 1_1_0d EXIST::FUNCTION: -SSL_get_sigalgs 346 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_quiet_shutdown 347 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_certificate 348 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_srp_verify_param_callback 349 1_1_0d EXIST::FUNCTION:SRP -SSL_use_certificate_ASN1 350 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_options 351 1_1_0d EXIST::FUNCTION: -SSL_set_not_resumable_session_callback 352 1_1_0d EXIST::FUNCTION: -SSL_set_purpose 353 1_1_0d EXIST::FUNCTION: -TLSv1_server_method 354 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD -SSL_dane_set_flags 355 1_1_0d EXIST::FUNCTION: -SSL_dup 356 1_1_0d EXIST::FUNCTION: -SSL_CTX_get_cert_store 357 1_1_0d EXIST::FUNCTION: -SSL_get_default_timeout 358 1_1_0d EXIST::FUNCTION: -SSL_set_cipher_list 359 1_1_0d EXIST::FUNCTION: -SSL_SRP_CTX_init 360 1_1_0d EXIST::FUNCTION:SRP -SSL_SESSION_get_protocol_version 361 1_1_0d EXIST::FUNCTION: -SSL_clear 362 1_1_0d EXIST::FUNCTION: -SSL_is_init_finished 363 1_1_0d EXIST::FUNCTION: -SSL_get_security_level 364 1_1_0d EXIST::FUNCTION: -SSL_load_client_CA_file 365 1_1_0d EXIST::FUNCTION: -SSL_get_srp_N 366 1_1_0d EXIST::FUNCTION:SRP -BIO_ssl_copy_session_id 367 1_1_0d EXIST::FUNCTION: -SSL_CTX_add_session 368 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_purpose 369 1_1_0d EXIST::FUNCTION: -SSL_CIPHER_get_digest_nid 370 1_1_0d EXIST::FUNCTION: -SSL_CTX_load_verify_locations 371 1_1_0d EXIST::FUNCTION: -SSL_clear_options 372 1_1_0d EXIST::FUNCTION: -SSL_up_ref 373 1_1_0d EXIST::FUNCTION: -SSL_get_SSL_CTX 374 1_1_0d EXIST::FUNCTION: -DTLSv1_listen 375 1_1_0d EXIST::FUNCTION:SOCK -SSL_CTX_set_srp_client_pwd_callback 376 1_1_0d EXIST::FUNCTION:SRP -SSL_set1_param 377 1_1_0d EXIST::FUNCTION: -SSL_set_trust 378 1_1_0d EXIST::FUNCTION: -DTLSv1_client_method 379 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD -SSL_CTX_get_security_level 380 1_1_0d EXIST::FUNCTION: -SSL_callback_ctrl 381 1_1_0d EXIST::FUNCTION: -SSL_select_next_proto 382 1_1_0d EXIST::FUNCTION: -SSL_get_quiet_shutdown 383 1_1_0d EXIST::FUNCTION: -BIO_new_ssl 384 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_session_id_context 385 1_1_0d EXIST::FUNCTION: -BIO_ssl_shutdown 386 1_1_0d EXIST::FUNCTION: -SSL_set_default_read_buffer_len 387 1_1_0d EXIST::FUNCTION: -SSL_set_read_ahead 388 1_1_0d EXIST::FUNCTION: -SSL_set_quiet_shutdown 389 1_1_0d EXIST::FUNCTION: -SSL_CTX_remove_session 390 1_1_0d EXIST::FUNCTION: -SSL_has_matching_session_id 391 1_1_0d EXIST::FUNCTION: -SSL_get_srp_username 392 1_1_0d EXIST::FUNCTION:SRP -SSLv3_method 393 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD -SSL_copy_session_id 394 1_1_0d EXIST::FUNCTION: -TLS_server_method 395 1_1_0d EXIST::FUNCTION: -SSL_renegotiate 396 1_1_0d EXIST::FUNCTION: -SSL_SRP_CTX_free 397 1_1_0d EXIST::FUNCTION:SRP -SSL_SESSION_get_id 398 1_1_0d EXIST::FUNCTION: -SSL_CTX_set_psk_server_callback 399 1_1_0d EXIST::FUNCTION:PSK -SSL_CONF_cmd_argv 400 1_1_0d EXIST::FUNCTION: -SSL_set_bio 401 1_1_0d EXIST::FUNCTION: -SSL_set_session_ticket_ext 402 1_1_0d EXIST::FUNCTION: -SSL_CTX_use_certificate_file 403 1_1_0d EXIST::FUNCTION: -SSL_SESSION_get_master_key 404 1_1_0d EXIST::FUNCTION: -BIO_f_ssl 405 1_1_0d EXIST::FUNCTION: -SSL_get_client_random 406 1_1_0d EXIST::FUNCTION: -SSL_set_default_passwd_cb 407 1_1_0d EXIST::FUNCTION: +SSL_clear_options 137 1_1_0d EXIST::FUNCTION: +SSL_CTX_dane_set_flags 138 1_1_0d EXIST::FUNCTION: +BIO_new_ssl_connect 139 1_1_0d EXIST::FUNCTION: +SSL_get_selected_srtp_profile 140 1_1_0d EXIST::FUNCTION:SRTP +SSL_CTX_set_cookie_verify_cb 141 1_1_0d EXIST::FUNCTION: +SSL_get0_alpn_selected 142 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_client_cert_cb 143 1_1_0d EXIST::FUNCTION: +SSL_SESSION_has_ticket 144 1_1_0d EXIST::FUNCTION: +SSL_set_read_ahead 145 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_PrivateKey 146 1_1_0d EXIST::FUNCTION: +SSL_get_servername_type 147 1_1_0d EXIST::FUNCTION: +SSL_connect 148 1_1_0d EXIST::FUNCTION: +SSL_set_rfd 149 1_1_0d EXIST::FUNCTION:SOCK +SSL_use_PrivateKey_file 150 1_1_0d EXIST::FUNCTION: +SSL_CTX_dane_mtype_set 151 1_1_0d EXIST::FUNCTION: +TLSv1_client_method 152 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD +DTLSv1_2_server_method 153 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD +SSL_CIPHER_description 154 1_1_0d EXIST::FUNCTION: +SSL_get_current_cipher 155 1_1_0d EXIST::FUNCTION: +SSL_use_RSAPrivateKey_file 156 1_1_0d EXIST::FUNCTION:RSA +SSL_alert_type_string_long 157 1_1_0d EXIST::FUNCTION: +SSL_CTX_add_client_custom_ext 158 1_1_0d EXIST::FUNCTION: +SSL_get_finished 159 1_1_0d EXIST::FUNCTION: +SSL_get_state 160 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_client_CA_list 161 1_1_0d EXIST::FUNCTION: +SSL_CTX_clear_options 162 1_1_0d EXIST::FUNCTION: +SSL_pending 163 1_1_0d EXIST::FUNCTION: +SSL_CTX_ctrl 164 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_username 165 1_1_0d EXIST::FUNCTION:SRP +SSL_get_rbio 166 1_1_0d EXIST::FUNCTION: +PEM_read_SSL_SESSION 167 1_1_0d EXIST::FUNCTION:STDIO +SSL_CTX_set_client_cert_engine 168 1_1_0d EXIST::FUNCTION:ENGINE +SSL_set_options 169 1_1_0d EXIST::FUNCTION: +SSL_peek 170 1_1_0d EXIST::FUNCTION: +SSL_CTX_sess_get_get_cb 171 1_1_0d EXIST::FUNCTION: +SSL_SESSION_set1_id_context 172 1_1_0d EXIST::FUNCTION: +SSL_SESSION_up_ref 173 1_1_0d EXIST::FUNCTION: +SSL_get_all_async_fds 174 1_1_0d EXIST::FUNCTION: +SSL_COMP_get0_name 175 1_1_0d EXIST::FUNCTION: +SSL_write 176 1_1_0d EXIST::FUNCTION: +SSL_set0_security_ex_data 177 1_1_0d EXIST::FUNCTION: +SSL_CTX_set1_param 178 1_1_0d EXIST::FUNCTION: +SSL_get_SSL_CTX 179 1_1_0d EXIST::FUNCTION: +SSL_CONF_cmd_value_type 180 1_1_0d EXIST::FUNCTION: +SSL_set_verify_result 181 1_1_0d EXIST::FUNCTION: +SSL_set_verify 182 1_1_0d EXIST::FUNCTION: +DTLSv1_client_method 183 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD +SSL_set_alpn_protos 184 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get_master_key 185 1_1_0d EXIST::FUNCTION: +TLSv1_1_client_method 186 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD +SSL_get0_param 187 1_1_0d EXIST::FUNCTION: +SSL_in_before 188 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_quiet_shutdown 189 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_standard_name 190 1_1_0d EXIST::FUNCTION:SSL_TRACE +SSL_CTX_get_verify_mode 191 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_psk_server_callback 192 1_1_0d EXIST::FUNCTION:PSK +SSL_CTX_sess_set_get_cb 193 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_bits 194 1_1_0d EXIST::FUNCTION: +SSL_CTX_SRP_CTX_init 195 1_1_0d EXIST::FUNCTION:SRP +SSL_dup 196 1_1_0d EXIST::FUNCTION: +SSL_get_client_CA_list 197 1_1_0d EXIST::FUNCTION: +SSL_set_psk_client_callback 198 1_1_0d EXIST::FUNCTION:PSK +SSL_CTX_up_ref 199 1_1_0d EXIST::FUNCTION: +SSL_COMP_get_id 200 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_set_ssl_ctx 201 1_1_0d EXIST::FUNCTION: +SSL_dup_CA_list 202 1_1_0d EXIST::FUNCTION: +SSL_is_init_finished 203 1_1_0d EXIST::FUNCTION: +SSL_get0_peer_scts 204 1_1_0d EXIST::FUNCTION:CT +SSL_set_default_read_buffer_len 205 1_1_0d EXIST::FUNCTION: +SSL_get_psk_identity_hint 206 1_1_0d EXIST::FUNCTION:PSK +SSL_CTX_get_default_passwd_cb_userdata 207 1_1_0d EXIST::FUNCTION: +SSL_get_ex_data_X509_STORE_CTX_idx 208 1_1_0d EXIST::FUNCTION: +SSL_use_PrivateKey_ASN1 209 1_1_0d EXIST::FUNCTION: +SSL_load_client_CA_file 210 1_1_0d EXIST::FUNCTION: +SSL_set_SSL_CTX 211 1_1_0d EXIST::FUNCTION: +SSL_certs_clear 212 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_timeout 213 1_1_0d EXIST::FUNCTION: +SSL_CTX_set0_ctlog_store 214 1_1_0d EXIST::FUNCTION:CT +SSL_get_srp_userinfo 215 1_1_0d EXIST::FUNCTION:SRP +SSL_get_ssl_method 216 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_security_level 217 1_1_0d EXIST::FUNCTION: +SSL_get0_dane_authority 218 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_ctlog_list_file 219 1_1_0d EXIST::FUNCTION:CT +SSL_get_verify_callback 220 1_1_0d EXIST::FUNCTION: +SSL_set_psk_server_callback 221 1_1_0d EXIST::FUNCTION:PSK +SSL_get_srp_N 222 1_1_0d EXIST::FUNCTION:SRP +SSL_get_verify_mode 223 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_passwd_cb 224 1_1_0d EXIST::FUNCTION: +DTLSv1_server_method 225 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD +SSL_enable_ct 226 1_1_0d EXIST::FUNCTION:CT +SSL_set_default_passwd_cb_userdata 227 1_1_0d EXIST::FUNCTION: +SSL_get0_peername 228 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_verify_depth 229 1_1_0d EXIST::FUNCTION: +SSL_CTX_check_private_key 230 1_1_0d EXIST::FUNCTION: +SSL_renegotiate_pending 231 1_1_0d EXIST::FUNCTION: +DTLSv1_2_method 232 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD +SSL_CONF_CTX_clear_flags 233 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_trust 234 1_1_0d EXIST::FUNCTION: +SSL_get_verify_result 235 1_1_0d EXIST::FUNCTION: +SSL_set1_host 236 1_1_0d EXIST::FUNCTION: +SSL_export_keying_material 237 1_1_0d EXIST::FUNCTION: +PEM_write_SSL_SESSION 238 1_1_0d EXIST::FUNCTION:STDIO +SSL_CONF_CTX_set_flags 239 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_not_resumable_session_callback 240 1_1_0d EXIST::FUNCTION: +SSL_CTX_sess_get_remove_cb 241 1_1_0d EXIST::FUNCTION: +SSL_get_current_compression 242 1_1_0d EXIST::FUNCTION: +SSL_alert_desc_string_long 243 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_PrivateKey_file 244 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_PrivateKey_ASN1 245 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_auth_nid 246 1_1_0d EXIST::FUNCTION: +SSL_state_string_long 247 1_1_0d EXIST::FUNCTION: +SSL_test_functions 248 1_1_0d EXIST::FUNCTION:UNIT_TEST +BIO_ssl_shutdown 249 1_1_0d EXIST::FUNCTION: +SSL_add_file_cert_subjects_to_stack 250 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_info_callback 251 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_security_level 252 1_1_0d EXIST::FUNCTION: +SSL_set_bio 253 1_1_0d EXIST::FUNCTION: +SSL_get_servername 254 1_1_0d EXIST::FUNCTION: +SSL_up_ref 255 1_1_0d EXIST::FUNCTION: +SSL_set_srp_server_param 256 1_1_0d EXIST::FUNCTION:SRP +SSL_get_security_callback 257 1_1_0d EXIST::FUNCTION: +SSL_use_certificate_chain_file 258 1_1_0d EXIST::FUNCTION: +PEM_write_bio_SSL_SESSION 259 1_1_0d EXIST::FUNCTION: +SSL_CTX_free 260 1_1_0d EXIST::FUNCTION: +SSL_get_rfd 261 1_1_0d EXIST::FUNCTION: +SSL_CTX_config 262 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_cookie_generate_cb 263 1_1_0d EXIST::FUNCTION: +SSL_set_session_id_context 264 1_1_0d EXIST::FUNCTION: +SSL_set0_wbio 265 1_1_0d EXIST::FUNCTION: +SSL_set_ex_data 266 1_1_0d EXIST::FUNCTION: +SSL_version 267 1_1_0d EXIST::FUNCTION: +SSL_get0_verified_chain 268 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_ex_data 269 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_passwd_cb_userdata 270 1_1_0d EXIST::FUNCTION: +SSL_add_client_CA 271 1_1_0d EXIST::FUNCTION: +SSL_set_not_resumable_session_callback 272 1_1_0d EXIST::FUNCTION: +SSL_get_default_passwd_cb_userdata 273 1_1_0d EXIST::FUNCTION: +SSL_check_private_key 274 1_1_0d EXIST::FUNCTION: +SSL_set_verify_depth 275 1_1_0d EXIST::FUNCTION: +SSL_set_generate_session_id 276 1_1_0d EXIST::FUNCTION: +SSL_set_trust 277 1_1_0d EXIST::FUNCTION: +SSL_CONF_cmd_argv 278 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_verify_callback 279 1_1_0d EXIST::FUNCTION: +SSL_get_options 280 1_1_0d EXIST::FUNCTION: +SSL_callback_ctrl 281 1_1_0d EXIST::FUNCTION: +SSL_session_reused 282 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_options 283 1_1_0d EXIST::FUNCTION: +SSL_SESSION_set_time 284 1_1_0d EXIST::FUNCTION: +SSL_get_cipher_list 285 1_1_0d EXIST::FUNCTION: +SSL_renegotiate_abbreviated 286 1_1_0d EXIST::FUNCTION: +SSL_COMP_add_compression_method 287 1_1_0d EXIST::FUNCTION: +SSL_set_hostflags 288 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_get_version 289 1_1_0d EXIST::FUNCTION: +SSL_set_session 290 1_1_0d EXIST::FUNCTION: +SSL_ct_is_enabled 291 1_1_0d EXIST::FUNCTION:CT +SSL_dane_set_flags 292 1_1_0d EXIST::FUNCTION: +SSL_get_shared_sigalgs 293 1_1_0d EXIST::FUNCTION: +SSL_get_read_ahead 294 1_1_0d EXIST::FUNCTION: +SSL_CIPHER_find 295 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_certificate_chain_file 296 1_1_0d EXIST::FUNCTION: +SSL_CTX_add_session 297 1_1_0d EXIST::FUNCTION: +SSL_get_current_expansion 298 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get0_hostname 299 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get_ex_data 300 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_verify_file 301 1_1_0d EXIST::FUNCTION: +SSL_get_peer_finished 302 1_1_0d EXIST::FUNCTION: +BIO_new_buffer_ssl_connect 303 1_1_0d EXIST::FUNCTION: +SSL_SESSION_new 304 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_psk_identity_hint 305 1_1_0d EXIST::FUNCTION:PSK +SSLv3_client_method 306 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD +SSL_CTX_set_cert_store 307 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_session_id_context 308 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_alpn_select_cb 309 1_1_0d EXIST::FUNCTION: +SSL_set_security_callback 310 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_client_cert_cb 311 1_1_0d EXIST::FUNCTION: +SSL_get_wfd 312 1_1_0d EXIST::FUNCTION: +SSL_CTX_dane_clear_flags 313 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_timeout 314 1_1_0d EXIST::FUNCTION: +SSL_get0_next_proto_negotiated 315 1_1_0d EXIST::FUNCTION:NEXTPROTONEG +SSL_CTX_get_security_callback 316 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_finish 317 1_1_0d EXIST::FUNCTION: +DTLS_server_method 318 1_1_0d EXIST::FUNCTION: +SSL_has_matching_session_id 319 1_1_0d EXIST::FUNCTION: +SSL_set_tlsext_use_srtp 320 1_1_0d EXIST::FUNCTION:SRTP +SSL_COMP_set0_compression_methods 321 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_RSAPrivateKey_file 322 1_1_0d EXIST::FUNCTION:RSA +SSL_CTX_set_srp_verify_param_callback 323 1_1_0d EXIST::FUNCTION:SRP +TLS_client_method 324 1_1_0d EXIST::FUNCTION: +SSL_set_srp_server_param_pw 325 1_1_0d EXIST::FUNCTION:SRP +SRP_Calc_A_param 326 1_1_0d EXIST::FUNCTION:SRP +SSL_CTX_remove_session 327 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_default_passwd_cb 328 1_1_0d EXIST::FUNCTION: +SSL_add_dir_cert_subjects_to_stack 329 1_1_0d EXIST::FUNCTION: +SSL_CTX_flush_sessions 330 1_1_0d EXIST::FUNCTION: +SSL_CTX_get0_param 331 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_username_callback 332 1_1_0d EXIST::FUNCTION:SRP +SSL_get_default_passwd_cb 333 1_1_0d EXIST::FUNCTION: +SSL_state_string 334 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_info_callback 335 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_password 336 1_1_0d EXIST::FUNCTION:SRP +SSL_SESSION_set1_id 337 1_1_0d EXIST::FUNCTION: +SSL_has_pending 338 1_1_0d EXIST::FUNCTION: +SSL_get1_session 339 1_1_0d EXIST::FUNCTION: +SSL_CTX_sessions 340 1_1_0d EXIST::FUNCTION: +SSL_get_client_ciphers 341 1_1_0d EXIST::FUNCTION: +SSL_set_ct_validation_callback 342 1_1_0d EXIST::FUNCTION:CT +SSL_CTX_set_psk_client_callback 343 1_1_0d EXIST::FUNCTION:PSK +SSL_read 344 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_ct_validation_callback 345 1_1_0d EXIST::FUNCTION:CT +SSL_use_certificate_ASN1 346 1_1_0d EXIST::FUNCTION: +SSL_CTX_get_ciphers 347 1_1_0d EXIST::FUNCTION: +SSL_get_sigalgs 348 1_1_0d EXIST::FUNCTION: +SSL_use_RSAPrivateKey 349 1_1_0d EXIST::FUNCTION:RSA +SSL_CTX_SRP_CTX_free 350 1_1_0d EXIST::FUNCTION:SRP +SSL_rstate_string 351 1_1_0d EXIST::FUNCTION: +SSL_get_peer_certificate 352 1_1_0d EXIST::FUNCTION: +SSL_get_error 353 1_1_0d EXIST::FUNCTION: +SSL_add_ssl_module 354 1_1_0d EXIST::FUNCTION: +SSL_get_peer_cert_chain 355 1_1_0d EXIST::FUNCTION: +SSL_SESSION_get_compress_id 356 1_1_0d EXIST::FUNCTION: +SSL_get_info_callback 357 1_1_0d EXIST::FUNCTION: +SSL_COMP_get_name 358 1_1_0d EXIST::FUNCTION: +SSL_SESSION_print 359 1_1_0d EXIST::FUNCTION: +SSL_SESSION_free 360 1_1_0d EXIST::FUNCTION: +TLSv1_server_method 361 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD +SSL_CTX_set_next_proto_select_cb 362 1_1_0d EXIST::FUNCTION:NEXTPROTONEG +SSL_CIPHER_get_cipher_nid 363 1_1_0d EXIST::FUNCTION: +SSL_CTX_enable_ct 364 1_1_0d EXIST::FUNCTION:CT +SSL_set_msg_callback 365 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_srp_strength 366 1_1_0d EXIST::FUNCTION:SRP +SSL_set_security_level 367 1_1_0d EXIST::FUNCTION: +SSL_CTX_has_client_custom_ext 368 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_set1_prefix 369 1_1_0d EXIST::FUNCTION: +SSL_set_quiet_shutdown 370 1_1_0d EXIST::FUNCTION: +SSL_CTX_sess_set_new_cb 371 1_1_0d EXIST::FUNCTION: +SSL_shutdown 372 1_1_0d EXIST::FUNCTION: +SSL_CTX_ct_is_enabled 373 1_1_0d EXIST::FUNCTION:CT +SSL_CTX_use_serverinfo 374 1_1_0d EXIST::FUNCTION: +SSL_set_session_ticket_ext 375 1_1_0d EXIST::FUNCTION: +SSL_set_info_callback 376 1_1_0d EXIST::FUNCTION: +SSL_use_psk_identity_hint 377 1_1_0d EXIST::FUNCTION:PSK +SSL_trace 378 1_1_0d EXIST::FUNCTION:SSL_TRACE +SSL_CTX_get_ssl_method 379 1_1_0d EXIST::FUNCTION: +SSL_use_certificate_file 380 1_1_0d EXIST::FUNCTION: +SSL_free 381 1_1_0d EXIST::FUNCTION: +SSL_get_verify_depth 382 1_1_0d EXIST::FUNCTION: +SSL_alert_type_string 383 1_1_0d EXIST::FUNCTION: +SSL_use_certificate 384 1_1_0d EXIST::FUNCTION: +SSL_get_fd 385 1_1_0d EXIST::FUNCTION: +SSL_CONF_CTX_new 386 1_1_0d EXIST::FUNCTION: +BIO_f_ssl 387 1_1_0d EXIST::FUNCTION: +SSLv3_server_method 388 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD +SSL_CTX_set_cipher_list 389 1_1_0d EXIST::FUNCTION: +i2d_SSL_SESSION 390 1_1_0d EXIST::FUNCTION: +SSL_get_ex_data 391 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_cert_verify_callback 392 1_1_0d EXIST::FUNCTION: +d2i_SSL_SESSION 393 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_default_read_buffer_len 394 1_1_0d EXIST::FUNCTION: +SSL_CTX_new 395 1_1_0d EXIST::FUNCTION: +SSL_SESSION_set_ex_data 396 1_1_0d EXIST::FUNCTION: +SSL_rstate_string_long 397 1_1_0d EXIST::FUNCTION: +DTLS_client_method 398 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_certificate_file 399 1_1_0d EXIST::FUNCTION: +SSL_get_shared_ciphers 400 1_1_0d EXIST::FUNCTION: +SSL_SESSION_print_fp 401 1_1_0d EXIST::FUNCTION:STDIO +SSL_SESSION_get0_peer_extra 402 1_1_0d EXIST::FUNCTION:GMTLS_METHOD +SSL_CTX_sess_get_new_cb 403 1_1_0d EXIST::FUNCTION: +SSL_client_version 404 1_1_0d EXIST::FUNCTION: +SSL_CTX_set_purpose 405 1_1_0d EXIST::FUNCTION: +SSL_set1_param 406 1_1_0d EXIST::FUNCTION: +TLSv1_2_client_method 407 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD +SSL_get_ciphers 408 1_1_0d EXIST::FUNCTION: +SSL_ctrl 409 1_1_0d EXIST::FUNCTION: +SSL_select_next_proto 410 1_1_0d EXIST::FUNCTION: +SSL_CTX_use_RSAPrivateKey 411 1_1_0d EXIST::FUNCTION:RSA diff --git a/util/mkdef.pl b/util/mkdef.pl index 407a4ff8..75426671 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -134,7 +134,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "APPLINK", # GmSSL "SM3", "SMS4", "KDF2", "ECIES", "FFX", "SM2", "PAILLIER", "CPK", "OTP", "GMAPI", "EC2", - "BFIBE", "BB1IBE", "SM9", "SAF", "SDF", "SKF", "SOF", "ZUC", "SERPENT", "SPECK", "BASE58" + "BFIBE", "BB1IBE", "SM9", "SAF", "SDF", "SKF", "SOF", "ZUC", "SERPENT", "SPECK", "BASE58", + "GMTLS", "GMTLS_METHOD", "CA", "MACRO" ); my %disabled_algorithms; diff --git a/util/pod2markdown.sh b/util/pod2markdown.sh index 9bbe3b68..6b7dd4ae 100755 --- a/util/pod2markdown.sh +++ b/util/pod2markdown.sh @@ -3,5 +3,5 @@ for file in $`ls *.pod` do mdfile=`basename -s .pod $file`.md - pod2markdown --utf8 $file $mdfile + pod2markdown $file $mdfile done diff --git a/util/process_docs.pl b/util/process_docs.pl index 34f40c03..9834dbe3 100644 --- a/util/process_docs.pl +++ b/util/process_docs.pl @@ -92,8 +92,8 @@ foreach my $subdir (keys %{$options{subdir}}) { my $name = uc $podname; my $suffix = { man => ".$podinfo{section}", html => ".html" } -> {$options{type}}; - my $generate = { man => "pod2man --utf8 --name=$name --section=$podinfo{section} --center=OpenSSL --release=$config{version} \"$podpath\"", - html => "pod2html --utf8 \"--podroot=$options{sourcedir}\" --htmldir=$updir --podpath=apps:crypto:ssl \"--infile=$podpath\" \"--title=$podname\"" + my $generate = { man => "pod2man --name=$name --section=$podinfo{section} --center=OpenSSL --release=$config{version} \"$podpath\"", + html => "pod2html \"--podroot=$options{sourcedir}\" --htmldir=$updir --podpath=apps:crypto:ssl \"--infile=$podpath\" \"--title=$podname\"" } -> {$options{type}}; my $output_dir = catdir($options{destdir}, "man$podinfo{section}"); my $output_file = $podname . $suffix; diff --git a/util/shlib_wrap.sh b/util/shlib_wrap.sh new file mode 100755 index 00000000..811a08d6 --- /dev/null +++ b/util/shlib_wrap.sh @@ -0,0 +1,92 @@ +#!/bin/sh + +[ $# -ne 0 ] || set -x # debug mode without arguments:-) + +THERE="`echo $0 | sed -e 's|[^/]*$||' 2>/dev/null`.." +[ -d "${THERE}" ] || exec "$@" # should never happen... + +# Alternative to this is to parse ${THERE}/Makefile... +LIBCRYPTOSO="${THERE}/libcrypto.so" +if [ -f "$LIBCRYPTOSO" ]; then + while [ -h "$LIBCRYPTOSO" ]; do + LIBCRYPTOSO="${THERE}/`ls -l "$LIBCRYPTOSO" | sed -e 's|.*\-> ||'`" + done + SOSUFFIX=`echo ${LIBCRYPTOSO} | sed -e 's|.*\.so||' 2>/dev/null` + LIBSSLSO="${THERE}/libssl.so${SOSUFFIX}" +fi + +SYSNAME=`(uname -s) 2>/dev/null`; +case "$SYSNAME" in +SunOS|IRIX*) + # SunOS and IRIX run-time linkers evaluate alternative + # variables depending on target ABI... + rld_var=LD_LIBRARY_PATH + case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in + *ELF\ 64*SPARC*|*ELF\ 64*AMD64*) + [ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64 + LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64 + preload_var=LD_PRELOAD_64 + ;; + *ELF\ 32*SPARC*|*ELF\ 32*80386*) + # We only need to change LD_PRELOAD_32 and LD_LIBRARY_PATH_32 + # on a multi-arch system. Otherwise, trust the fallbacks. + if [ -f /lib/64/ld.so.1 ]; then + [ -n "$LD_LIBRARY_PATH_32" ] && rld_var=LD_LIBRARY_PATH_32 + LD_PRELOAD_32="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_32 + preload_var=LD_PRELOAD_32 + fi + ;; + # Why are newly built .so's preloaded anyway? Because run-time + # .so lookup path embedded into application takes precedence + # over LD_LIBRARY_PATH and as result application ends up linking + # to previously installed .so's. On IRIX instead of preloading + # newly built .so's we trick run-time linker to fail to find + # the installed .so by setting _RLD_ROOT variable. + *ELF\ 32*MIPS*) + #_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST + _RLD_ROOT=/no/such/dir; export _RLD_ROOT + eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLD_LIST + ;; + *ELF\ N32*MIPS*) + [ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH + #_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST + _RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT + eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLDN32_LIST + ;; + *ELF\ 64*MIPS*) + [ -n "$LD_LIBRARY64_PATH" ] && rld_var=LD_LIBRARY64_PATH + #_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST + _RLD64_ROOT=/no/such/dir; export _RLD64_ROOT + eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\" + preload_var=_RLD64_LIST + ;; + esac + eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var + unset rld_var + ;; +*) LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH" # Linux, ELF HP-UX + DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH" # MacOS X + SHLIB_PATH="${THERE}:$SHLIB_PATH" # legacy HP-UX + LIBPATH="${THERE}:$LIBPATH" # AIX, OS/2 + export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH + # Even though $PATH is adjusted [for Windows sake], it doesn't + # necessarily does the trick. Trouble is that with introduction + # of SafeDllSearchMode in XP/2003 it's more appropriate to copy + # .DLLs in vicinity of executable, which is done elsewhere... + if [ "$OSTYPE" != msdosdjgpp ]; then + PATH="${THERE}:$PATH"; export PATH + fi + ;; +esac + + + +cmd="$1"; [ -x "$cmd" ] || cmd="$cmd${EXE_EXT}" +shift +if [ $# -eq 0 ]; then + exec "$cmd" # old sh, such as Tru64 4.x, fails to expand empty "$@" +else + exec "$cmd" "$@" +fi diff --git a/util/updatepods.sh b/util/updatepods.sh new file mode 100755 index 00000000..73784a71 --- /dev/null +++ b/util/updatepods.sh @@ -0,0 +1,23 @@ +#!/bin/sh +# +# This script replace the "openssl" command name string to "gmssl" of the pod +# files in current folder (normally doc/apps/). + +mv openssl.pod gmssl.pod +sed -i "" 's/openssl/gmssl/g' *.pod +sed -i "" 's/gmssl.cnf/openssl.cnf/g' *.pod +sed -i "" 's/www.gmssl.org/www.openssl.org/g' *.pod +sed -i "" 's/OpenSSL/GmSSL/g' *.pod +sed -i "" 's/GmSSL Project Authors/OpenSSL Project Authors/g' *.pod +sed -i "" 's/EC/EC\/SM2/g' gmssl.pod +sed -i "" 's/md2/sm3/g' gmssl.pod +sed -i "" 's/MD2/SM3/g' gmssl.pod +sed -i "" 's/bf/sms4/g' gmssl.pod +sed -i "" 's/Blowfish/SMS4/g' gmssl.pod +sed -i "" 's/secp192v1/sm2p256v1/g' ecparam.pod +sed -i "" 's/sha256/sm3/g' dgst.pod +sed -i "" 's/SHA256/SM3/g' dgst.pod +sed -i "" 's/1.1.0/2.0/g' dgst.pod +sed -i "" 's/sha-256/SM3/g' enc.pod +sed -i "" 's/idea/sms4/g' ec.pod +sed -i "" 's/IDEA/SMS4/g' ec.pod