From 29c657217354ef3b2364bd246cdff364c3d07aef Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Mon, 22 Jun 2026 23:02:50 +0800 Subject: [PATCH] Remove some useless code --- CMakeLists.txt | 7 +- include/gmssl/sm2_blind.h | 49 ---- include/gmssl/sm2_commit.h | 40 --- include/gmssl/sm2_elgamal.h | 67 ------ include/gmssl/sm2_key_share.h | 45 ---- include/gmssl/sm2_recover.h | 31 --- include/gmssl/sm2_ring.h | 63 ----- include/gmssl/sm4_cbc_sm3_hmac.h | 52 ---- include/gmssl/sm4_ctr_sm3_hmac.h | 52 ---- include/gmssl/version.h | 2 +- src/sm4_cbc_sm3_hmac.c | 179 -------------- src/sm4_ctr_sm3_hmac.c | 179 -------------- tests/sm4_sm3_hmactest.c | 402 ------------------------------- tools/gmssl.c | 8 - tools/sm4.c | 16 -- tools/sm4_cbc_sm3_hmac.c | 239 ------------------ tools/sm4_ctr_sm3_hmac.c | 239 ------------------ 17 files changed, 2 insertions(+), 1668 deletions(-) delete mode 100644 include/gmssl/sm2_blind.h delete mode 100644 include/gmssl/sm2_commit.h delete mode 100644 include/gmssl/sm2_elgamal.h delete mode 100644 include/gmssl/sm2_key_share.h delete mode 100644 include/gmssl/sm2_recover.h delete mode 100644 include/gmssl/sm2_ring.h delete mode 100644 include/gmssl/sm4_cbc_sm3_hmac.h delete mode 100644 include/gmssl/sm4_ctr_sm3_hmac.h delete mode 100644 src/sm4_cbc_sm3_hmac.c delete mode 100644 src/sm4_ctr_sm3_hmac.c delete mode 100644 tests/sm4_sm3_hmactest.c delete mode 100755 tools/sm4_cbc_sm3_hmac.c delete mode 100755 tools/sm4_ctr_sm3_hmac.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 3dc13a7b..539d37a2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -177,8 +177,6 @@ set(src src/pbkdf2.c src/gf128.c src/ghash.c - src/sm4_cbc_sm3_hmac.c - src/sm4_ctr_sm3_hmac.c src/pkcs8.c src/ec.c src/asn1.c @@ -206,8 +204,6 @@ set(tools tools/sm4_cbc.c tools/sm4_ctr.c tools/sm4_gcm.c - tools/sm4_cbc_sm3_hmac.c - tools/sm4_ctr_sm3_hmac.c tools/sm3.c tools/sm3hmac.c tools/sm3_pbkdf2.c @@ -242,7 +238,6 @@ set(tests sm3 sm3_hmac sm3_hkdf - sm4_sm3_hmac sm2_z256 sm2_key sm2_sign @@ -942,7 +937,7 @@ endif() # set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_VENDOR "GmSSL develop team") -set(CPACK_PACKAGE_VERSION "3.3.0-dev.1155") +set(CPACK_PACKAGE_VERSION "3.3.0-dev.1156") set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_NSIS_MODIFY_PATH ON) include(CPack) diff --git a/include/gmssl/sm2_blind.h b/include/gmssl/sm2_blind.h deleted file mode 100644 index db34affb..00000000 --- a/include/gmssl/sm2_blind.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ -#ifndef GMSSL_SM2_BLIND_H -#define GMSSL_SM2_BLIND_H - -#include -#include -#include -#include -#include -#include -#include -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef struct { - SM3_CTX sm3_ctx; - SM2_KEY public_key; - uint8_t blind_factor_a[32]; - uint8_t blind_factor_b[32]; - uint8_t sig_r[32]; -} SM2_BLIND_SIGN_CTX; - - -#define SM2_BLIND_SIGN_MAX_COMMITLEN 65 - -int sm2_blind_sign_commit(SM2_Fn k, uint8_t *commit, size_t *commitlen); -int sm2_blind_sign_init(SM2_BLIND_SIGN_CTX *ctx, const SM2_KEY *public_key, const char *id, size_t idlen); -int sm2_blind_sign_update(SM2_BLIND_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); -int sm2_blind_sign_finish(SM2_BLIND_SIGN_CTX *ctx, const uint8_t *commit, size_t commitlen, uint8_t blinded_sig_r[32]); -int sm2_blind_sign(const SM2_KEY *key, const SM2_Fn k, const uint8_t blinded_sig_r[32], uint8_t blinded_sig_s[32]); -int sm2_blind_sign_unblind(SM2_BLIND_SIGN_CTX *ctx, const uint8_t blinded_sig_s[32], uint8_t *sig, size_t *siglen); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm2_commit.h b/include/gmssl/sm2_commit.h deleted file mode 100644 index 6df89583..00000000 --- a/include/gmssl/sm2_commit.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ -#ifndef GMSSL_SM2_COMMIT_H -#define GMSSL_SM2_COMMIT_H - - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -int sm2_commit_generate(const uint8_t x[32], uint8_t r[32], uint8_t commit[65], size_t *commitlen); -int sm2_commit_open(const uint8_t x[32], const uint8_t r[32], const uint8_t *commit, size_t commitlen); -int sm2_commit_vector_generate(const sm2_bn_t *x, size_t count, uint8_t r[32], uint8_t commit[65], size_t *commitlen); -int sm2_commit_vector_open(const sm2_bn_t *x, size_t count, const uint8_t r[32], const uint8_t *commit, size_t commitlen); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm2_elgamal.h b/include/gmssl/sm2_elgamal.h deleted file mode 100644 index e9ee7a9a..00000000 --- a/include/gmssl/sm2_elgamal.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - -#ifndef GMSSL_SM2_ELGAMAL_H -#define GMSSL_SM2_ELGAMAL_H - - -#include -#include -#include - - -#ifdef __cplusplus -extern "C" { -#endif - - -#define SM2_PRE_COMPUTE_MAX_OFFSETS 6 - -typedef struct { - uint16_t offset[SM2_PRE_COMPUTE_MAX_OFFSETS]; - uint8_t offset_count; - uint8_t x_coordinate[32]; -} SM2_PRE_COMPUTE; - -int sm2_elgamal_decrypt_pre_compute(SM2_PRE_COMPUTE table[1<<16]); -int sm2_elgamal_solve_ecdlp(const SM2_PRE_COMPUTE table[1<<16], const SM2_POINT *point, uint32_t *private); - - -typedef struct { - SM2_POINT C1; - SM2_POINT C2; -} SM2_ELGAMAL_CIPHERTEXT; - -int sm2_elgamal_do_encrypt(const SM2_KEY *pub_key, uint32_t in, SM2_ELGAMAL_CIPHERTEXT *out); -int sm2_elgamal_do_decrypt(const SM2_KEY *key, const SM2_ELGAMAL_CIPHERTEXT *in, uint32_t *out); - -int sm2_elgamal_ciphertext_add(SM2_ELGAMAL_CIPHERTEXT *r, - const SM2_ELGAMAL_CIPHERTEXT *a, - const SM2_ELGAMAL_CIPHERTEXT *b, - const SM2_KEY *pub_key); -int sm2_elgamal_cipehrtext_sub(SM2_ELGAMAL_CIPHERTEXT *r, - const SM2_ELGAMAL_CIPHERTEXT *a, const SM2_ELGAMAL_CIPHERTEXT *b, - const SM2_KEY *pub_key); -int sm2_elgamal_cipehrtext_neg(SM2_ELGAMAL_CIPHERTEXT *r, - const SM2_ELGAMAL_CIPHERTEXT *a, const SM2_KEY *pub_key); -int sm2_elgamal_ciphertext_scalar_mul(SM2_ELGAMAL_CIPHERTEXT *R, - const uint8_t scalar[32], const SM2_ELGAMAL_CIPHERTEXT *A, - const SM2_KEY *pub_key); - -int sm2_elgamal_ciphertext_to_der(const SM2_ELGAMAL_CIPHERTEXT *c, uint8_t **out, size_t *outlen); -int sm2_elgamal_ciphertext_from_der(SM2_ELGAMAL_CIPHERTEXT *c, const uint8_t **in, size_t *inlen); - -int sm2_elgamal_encrypt(const SM2_KEY *pub_key, uint32_t in, uint8_t *out, size_t *outlen); -int sm2_elgamal_decrypt(SM2_KEY *key, const uint8_t *in, size_t inlen, uint32_t *out); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm2_key_share.h b/include/gmssl/sm2_key_share.h deleted file mode 100644 index 574b2c4f..00000000 --- a/include/gmssl/sm2_key_share.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - -// SM2 Key Shamir Secret Sharing - - -#ifndef GMSSL_SM2_KEY_SHARE_H -#define GMSSL_SM2_KEY_SHARE_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define SM2_KEY_MAX_SHARES 12 // 12! = 479001600 < 2^31 = 2147483648 - - -typedef struct { - SM2_KEY key; - size_t index; - size_t total_cnt; -} SM2_KEY_SHARE; - -int sm2_key_split(const SM2_KEY *key, size_t recover_cnt, size_t total_cnt, SM2_KEY_SHARE *shares); -int sm2_key_recover(SM2_KEY *key, const SM2_KEY_SHARE *shares, size_t shares_cnt); -int sm2_key_share_encrypt_to_file(const SM2_KEY_SHARE *share, const char *pass, const char *path_prefix); -int sm2_key_share_decrypt_from_file(SM2_KEY_SHARE *share, const char *pass, const char *file); -int sm2_key_share_print(FILE *fp, int fmt, int ind, const char *label, const SM2_KEY_SHARE *share); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm2_recover.h b/include/gmssl/sm2_recover.h deleted file mode 100644 index 93315608..00000000 --- a/include/gmssl/sm2_recover.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - - -#ifndef GMSSL_SM2_RECOVER_H -#define GMSSL_SM2_RECOVER_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -int sm2_signature_to_public_key_points(const SM2_SIGNATURE *sig, const uint8_t dgst[32], - SM2_POINT points[4], size_t *points_cnt); -int sm2_signature_conjugate(const SM2_SIGNATURE *sig, SM2_SIGNATURE *new_sig); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm2_ring.h b/include/gmssl/sm2_ring.h deleted file mode 100644 index 0c3a3670..00000000 --- a/include/gmssl/sm2_ring.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - - -#ifndef GMSSL_SM2_RING_H -#define GMSSL_SM2_RING_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef uint8_t sm2_bn_t[32]; - -int sm2_ring_do_sign(const SM2_KEY *sign_key, const SM2_POINT *public_keys, size_t public_keys_cnt, - const uint8_t dgst[32], uint8_t r[32], sm2_bn_t *s); -int sm2_ring_do_verify(const SM2_POINT *public_keys, size_t public_keys_cnt, - const uint8_t dgst[32], const uint8_t r[32], const sm2_bn_t *s); -int sm2_ring_signature_to_der(const sm2_bn_t r, const sm2_bn_t *s, size_t s_cnt, uint8_t **out, size_t *outlen); -int sm2_ring_signature_from_der(sm2_bn_t r, sm2_bn_t *s, size_t *s_cnt, const uint8_t **in, size_t *inlen); -int sm2_ring_sign(const SM2_KEY *sign_key, const SM2_POINT *public_keys, size_t public_keys_cnt, - const uint8_t dgst[32], uint8_t *sig, size_t *siglen); -int sm2_ring_verify(const SM2_POINT *public_keys, size_t public_keys_cnt, - const uint8_t dgst[32], const uint8_t *sig, size_t siglen); - - -#define SM2_RING_SIGN_MAX_SIGNERS 32 -typedef struct { - int state; - SM3_CTX sm3_ctx; - SM2_KEY sign_key; - SM2_POINT public_keys[SM2_RING_SIGN_MAX_SIGNERS]; - size_t public_keys_count; - char *id; - size_t idlen; -} SM2_RING_SIGN_CTX; - -int sm2_ring_sign_init(SM2_RING_SIGN_CTX *ctx, const SM2_KEY *sign_key, const char *id, size_t idlen); -int sm2_ring_sign_add_signer(SM2_RING_SIGN_CTX *ctx, const SM2_KEY *public_key); -int sm2_ring_sign_update(SM2_RING_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); -int sm2_ring_sign_finish(SM2_RING_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen); -int sm2_ring_verify_init(SM2_RING_SIGN_CTX *ctx, const char *id, size_t idlen); -int sm2_ring_verify_add_signer(SM2_RING_SIGN_CTX *ctx, const SM2_KEY *public_key); -int sm2_ring_verify_update(SM2_RING_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); -int sm2_ring_verify_finish(SM2_RING_SIGN_CTX *ctx, uint8_t *sig, size_t siglen); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm4_cbc_sm3_hmac.h b/include/gmssl/sm4_cbc_sm3_hmac.h deleted file mode 100644 index ff1410e0..00000000 --- a/include/gmssl/sm4_cbc_sm3_hmac.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2014-2024 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - -#ifndef GMSSL_SM4_CBC_SM3_HMAC_H -#define GMSSL_SM4_CBC_SM3_HMAC_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef struct { - SM4_CBC_CTX enc_ctx; - SM3_HMAC_CTX mac_ctx; - uint8_t mac[SM3_HMAC_SIZE]; - size_t maclen; -} SM4_CBC_SM3_HMAC_CTX; - -#define SM4_CBC_SM3_HMAC_KEY_SIZE 48 -#define SM4_CBC_SM3_HMAC_IV_SIZE 16 - -int sm4_cbc_sm3_hmac_encrypt_init(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen); -int sm4_cbc_sm3_hmac_encrypt_update(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm4_cbc_sm3_hmac_encrypt_finish(SM4_CBC_SM3_HMAC_CTX *ctx, - uint8_t *out, size_t *outlen); -int sm4_cbc_sm3_hmac_decrypt_init(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen); -int sm4_cbc_sm3_hmac_decrypt_update(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm4_cbc_sm3_hmac_decrypt_finish(SM4_CBC_SM3_HMAC_CTX *ctx, - uint8_t *out, size_t *outlen); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm4_ctr_sm3_hmac.h b/include/gmssl/sm4_ctr_sm3_hmac.h deleted file mode 100644 index 838e4786..00000000 --- a/include/gmssl/sm4_ctr_sm3_hmac.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2014-2024 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - -#ifndef GMSSL_SM4_CTR_SM3_HMAC_H -#define GMSSL_SM4_CTR_SM3_HMAC_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef struct { - SM4_CTR_CTX enc_ctx; - SM3_HMAC_CTX mac_ctx; - uint8_t mac[SM3_HMAC_SIZE]; - size_t maclen; -} SM4_CTR_SM3_HMAC_CTX; - -#define SM4_CTR_SM3_HMAC_KEY_SIZE 48 -#define SM4_CTR_SM3_HMAC_IV_SIZE 16 - -int sm4_ctr_sm3_hmac_encrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen); -int sm4_ctr_sm3_hmac_encrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm4_ctr_sm3_hmac_encrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, - uint8_t *out, size_t *outlen); -int sm4_ctr_sm3_hmac_decrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen); -int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, - uint8_t *out, size_t *outlen); - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/version.h b/include/gmssl/version.h index 7ae21e45..9747e783 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -18,7 +18,7 @@ extern "C" { #define GMSSL_VERSION_NUM 30300 -#define GMSSL_VERSION_STR "GmSSL 3.3.0-dev.1155" +#define GMSSL_VERSION_STR "GmSSL 3.3.0-dev.1156" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/src/sm4_cbc_sm3_hmac.c b/src/sm4_cbc_sm3_hmac.c deleted file mode 100644 index 75c5347c..00000000 --- a/src/sm4_cbc_sm3_hmac.c +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include - - -int sm4_cbc_sm3_hmac_encrypt_init(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen) -{ - if (!ctx || !key || !iv || (!aad && aadlen)) { - error_print(); - return -1; - } - memset(ctx, 0, sizeof(*ctx)); - if (sm4_cbc_encrypt_init(&ctx->enc_ctx, key, iv) != 1) { - error_print(); - return -1; - } - sm3_hmac_init(&ctx->mac_ctx, key + SM4_KEY_SIZE, SM3_HMAC_SIZE); - if (aad && aadlen) { - sm3_hmac_update(&ctx->mac_ctx, aad, aadlen); - } - return 1; -} - -int sm4_cbc_sm3_hmac_encrypt_update(SM4_CBC_SM3_HMAC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) -{ - if (!ctx || (!in && inlen) || !out || !outlen) { - error_print(); - return -1; - } - *outlen = 0; - if (!in || !inlen) { - return 1; - } - if (sm4_cbc_encrypt_update(&ctx->enc_ctx, in, inlen, out, outlen) != 1) { - error_print(); - return -1; - } - sm3_hmac_update(&ctx->mac_ctx, out, *outlen); - return 1; -} - -int sm4_cbc_sm3_hmac_encrypt_finish(SM4_CBC_SM3_HMAC_CTX *ctx, uint8_t *out, size_t *outlen) -{ - if (!ctx || !out || !outlen) { - error_print(); - return -1; - } - if (sm4_cbc_encrypt_finish(&ctx->enc_ctx, out, outlen) != 1) { - error_print(); - return -1; - } - sm3_hmac_update(&ctx->mac_ctx, out, *outlen); - sm3_hmac_finish(&ctx->mac_ctx, out + *outlen); - *outlen += SM3_HMAC_SIZE; - return 1; -} - -int sm4_cbc_sm3_hmac_decrypt_init(SM4_CBC_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen) -{ - if (!ctx || !key || !iv || (!aad && aadlen)) { - error_print(); - return -1; - } - memset(ctx, 0, sizeof(*ctx)); - if (sm4_cbc_decrypt_init(&ctx->enc_ctx, key, iv) != 1) { - error_print(); - return -1; - } - sm3_hmac_init(&ctx->mac_ctx, key + SM4_KEY_SIZE, SM3_HMAC_SIZE); - if (aad && aadlen) { - sm3_hmac_update(&ctx->mac_ctx, aad, aadlen); - } - return 1; -} - -int sm4_cbc_sm3_hmac_decrypt_update(SM4_CBC_SM3_HMAC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) -{ - size_t len; - - if (!ctx || (!in && inlen) || !out || !outlen) { - error_print(); - return -1; - } - if (ctx->maclen > SM3_HMAC_SIZE) { - error_print(); - return -1; - } - - *outlen = 0; - if (!in || !inlen) { - return 1; - } - if (ctx->maclen < SM3_HMAC_SIZE) { - len = SM3_HMAC_SIZE - ctx->maclen; - if (inlen <= len) { - memcpy(ctx->mac + ctx->maclen, in, inlen); - ctx->maclen += inlen; - return 1; - } else { - memcpy(ctx->mac + ctx->maclen, in, len); - ctx->maclen += len; - in += len; - inlen -= len; - } - } - - if (inlen <= SM3_HMAC_SIZE) { - uint8_t tmp[SM3_HMAC_SIZE]; - sm3_hmac_update(&ctx->mac_ctx, ctx->mac, inlen); - if (sm4_cbc_decrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) { - error_print(); - return -1; - } - len = SM3_HMAC_SIZE - inlen; - memcpy(tmp, ctx->mac + inlen, len); - memcpy(tmp + len, in, inlen); - memcpy(ctx->mac, tmp, SM3_HMAC_SIZE); - } else { - sm3_hmac_update(&ctx->mac_ctx, ctx->mac, SM3_HMAC_SIZE); - if (sm4_cbc_decrypt_update(&ctx->enc_ctx, ctx->mac, SM3_HMAC_SIZE, out, outlen) != 1) { - error_print(); - return -1; - } - out += *outlen; - - inlen -= SM3_HMAC_SIZE; - sm3_hmac_update(&ctx->mac_ctx, in, inlen); - if (sm4_cbc_decrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) { - error_print(); - return -1; - } - *outlen += len; - memcpy(ctx->mac, in + inlen, SM3_HMAC_SIZE); - } - return 1; -} - -int sm4_cbc_sm3_hmac_decrypt_finish(SM4_CBC_SM3_HMAC_CTX *ctx, uint8_t *out, size_t *outlen) -{ - uint8_t mac[SM3_HMAC_SIZE]; - - if (!ctx || !out || !outlen) { - error_print(); - return -1; - } - if (ctx->maclen != SM3_HMAC_SIZE) { - error_print(); - return -1; - } - sm3_hmac_finish(&ctx->mac_ctx, mac); - if (sm4_cbc_decrypt_finish(&ctx->enc_ctx, out, outlen) != 1) { - error_print(); - return -1; - } - if (gmssl_secure_memcmp(mac, ctx->mac, SM3_HMAC_SIZE) != 0) { - error_print(); - return -1; - } - memset(ctx->mac, 0, SM3_HMAC_SIZE); - ctx->maclen = 0; - return 1; -} diff --git a/src/sm4_ctr_sm3_hmac.c b/src/sm4_ctr_sm3_hmac.c deleted file mode 100644 index fcbeac77..00000000 --- a/src/sm4_ctr_sm3_hmac.c +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include - - -int sm4_ctr_sm3_hmac_encrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen) -{ - if (!ctx || !key || !iv || (!aad && aadlen)) { - error_print(); - return -1; - } - memset(ctx, 0, sizeof(*ctx)); - if (sm4_ctr_encrypt_init(&ctx->enc_ctx, key, iv) != 1) { - error_print(); - return -1; - } - sm3_hmac_init(&ctx->mac_ctx, key + SM4_KEY_SIZE, SM3_HMAC_SIZE); - if (aad && aadlen) { - sm3_hmac_update(&ctx->mac_ctx, aad, aadlen); - } - return 1; -} - -int sm4_ctr_sm3_hmac_encrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) -{ - if (!ctx || (!in && inlen) || !out || !outlen) { - error_print(); - return -1; - } - *outlen = 0; - if (!in || !inlen) { - return 1; - } - if (sm4_ctr_encrypt_update(&ctx->enc_ctx, in, inlen, out, outlen) != 1) { - error_print(); - return -1; - } - sm3_hmac_update(&ctx->mac_ctx, out, *outlen); - return 1; -} - -int sm4_ctr_sm3_hmac_encrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, uint8_t *out, size_t *outlen) -{ - if (!ctx || !out || !outlen) { - error_print(); - return -1; - } - if (sm4_ctr_encrypt_finish(&ctx->enc_ctx, out, outlen) != 1) { - error_print(); - return -1; - } - sm3_hmac_update(&ctx->mac_ctx, out, *outlen); - sm3_hmac_finish(&ctx->mac_ctx, out + *outlen); - *outlen += SM3_HMAC_SIZE; - return 1; -} - -int sm4_ctr_sm3_hmac_decrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx, - const uint8_t key[48], const uint8_t iv[16], - const uint8_t *aad, size_t aadlen) -{ - if (!ctx || !key || !iv || (!aad && aadlen)) { - error_print(); - return -1; - } - memset(ctx, 0, sizeof(*ctx)); - if (sm4_ctr_encrypt_init(&ctx->enc_ctx, key, iv) != 1) { - error_print(); - return -1; - } - sm3_hmac_init(&ctx->mac_ctx, key + SM4_KEY_SIZE, SM3_HMAC_SIZE); - if (aad && aadlen) { - sm3_hmac_update(&ctx->mac_ctx, aad, aadlen); - } - return 1; -} - -int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) -{ - size_t len; - - if (!ctx || (!in && inlen) || !out || !outlen) { - error_print(); - return -1; - } - if (ctx->maclen > SM3_HMAC_SIZE) { - error_print(); - return -1; - } - - *outlen = 0; - if (!in || !inlen) { - return 1; - } - if (ctx->maclen < SM3_HMAC_SIZE) { - len = SM3_HMAC_SIZE - ctx->maclen; - if (inlen <= len) { - memcpy(ctx->mac + ctx->maclen, in, inlen); - ctx->maclen += inlen; - return 1; - } else { - memcpy(ctx->mac + ctx->maclen, in, len); - ctx->maclen += len; - in += len; - inlen -= len; - } - } - - if (inlen <= SM3_HMAC_SIZE) { - uint8_t tmp[SM3_HMAC_SIZE]; - sm3_hmac_update(&ctx->mac_ctx, ctx->mac, inlen); - if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) { - error_print(); - return -1; - } - len = SM3_HMAC_SIZE - inlen; - memcpy(tmp, ctx->mac + inlen, len); - memcpy(tmp + len, in, inlen); - memcpy(ctx->mac, tmp, SM3_HMAC_SIZE); - } else { - sm3_hmac_update(&ctx->mac_ctx, ctx->mac, SM3_HMAC_SIZE); - if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, SM3_HMAC_SIZE, out, outlen) != 1) { - error_print(); - return -1; - } - out += *outlen; - - inlen -= SM3_HMAC_SIZE; - sm3_hmac_update(&ctx->mac_ctx, in, inlen); - if (sm4_ctr_encrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) { - error_print(); - return -1; - } - *outlen += len; - memcpy(ctx->mac, in + inlen, SM3_HMAC_SIZE); - } - return 1; -} - -int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, uint8_t *out, size_t *outlen) -{ - uint8_t mac[SM3_HMAC_SIZE]; - - if (!ctx || !out || !outlen) { - error_print(); - return -1; - } - if (ctx->maclen != SM3_HMAC_SIZE) { - error_print(); - return -1; - } - sm3_hmac_finish(&ctx->mac_ctx, mac); - if (sm4_ctr_encrypt_finish(&ctx->enc_ctx, out, outlen) != 1) { - error_print(); - return -1; - } - if (gmssl_secure_memcmp(mac, ctx->mac, SM3_HMAC_SIZE) != 0) { - error_print(); - return -1; - } - memset(ctx->mac, 0, SM3_HMAC_SIZE); - ctx->maclen = 0; - return 1; -} diff --git a/tests/sm4_sm3_hmactest.c b/tests/sm4_sm3_hmactest.c deleted file mode 100644 index bf9d8ef9..00000000 --- a/tests/sm4_sm3_hmactest.c +++ /dev/null @@ -1,402 +0,0 @@ -/* - * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -static int test_sm4_cbc_sm3_hmac(void) -{ - SM4_CBC_SM3_HMAC_CTX aead_ctx; - uint8_t key[16 + 32]; - uint8_t iv[16]; - uint8_t aad[29]; - uint8_t plain[71]; - size_t plainlen = sizeof(plain); - uint8_t cipher[256]; - size_t cipherlen = 0; - uint8_t buf[256]; - size_t buflen = 0; - - size_t lens[] = { 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37 }; - uint8_t *in = plain; - uint8_t *out = cipher; - size_t inlen, outlen; - size_t i; - - rand_bytes(key, sizeof(key)); - rand_bytes(iv, sizeof(iv)); - rand_bytes(aad, sizeof(aad)); - rand_bytes(plain, plainlen); - - if (sm4_cbc_sm3_hmac_encrypt_init(&aead_ctx, key, iv, aad, sizeof(aad)) != 1) { - error_print(); - return -1; - } - for (i = 0; plainlen; i++) { - assert(i < sizeof(lens)/sizeof(lens[0])); - - inlen = plainlen < lens[i] ? plainlen : lens[i]; - if (sm4_cbc_sm3_hmac_encrypt_update(&aead_ctx, in, inlen, out, &outlen) != 1) { - error_print(); - return -1; - } - in += inlen; - plainlen -= inlen; - out += outlen; - cipherlen += outlen; - } - if (sm4_cbc_sm3_hmac_encrypt_finish(&aead_ctx, out, &outlen) != 1) { - error_print(); - return -1; - } - out += outlen; - cipherlen += outlen; - - format_bytes(stdout, 0, 4, "plaintext ", plain, sizeof(plain)); - format_bytes(stdout, 0, 4, "ciphertext", cipher, cipherlen); - - { - SM4_KEY sm4_key; - SM3_HMAC_CTX sm3_hmac_ctx; - uint8_t tmp[256]; - size_t tmplen; - - sm4_set_encrypt_key(&sm4_key, key); - if (sm4_cbc_padding_encrypt(&sm4_key, iv, plain, sizeof(plain), tmp, &tmplen) != 1) { - error_print(); - return -1; - } - - sm3_hmac_init(&sm3_hmac_ctx, key + 16, 32); - sm3_hmac_update(&sm3_hmac_ctx, aad, sizeof(aad)); - sm3_hmac_update(&sm3_hmac_ctx, tmp, tmplen); - sm3_hmac_finish(&sm3_hmac_ctx, tmp + tmplen); - tmplen += 32; - - format_bytes(stdout, 0, 4, "ciphertext", tmp, tmplen); - - if (cipherlen != tmplen - || memcmp(cipher, tmp, tmplen) != 0) { - error_print(); - return -1; - } - } - - in = cipher; - out = buf; - - if (sm4_cbc_sm3_hmac_decrypt_init(&aead_ctx, key, iv, aad, sizeof(aad)) != 1) { - error_print(); - return -1; - } - for (i = sizeof(lens)/sizeof(lens[0]) - 1; cipherlen; i--) { - inlen = cipherlen < lens[i] ? cipherlen : lens[i]; - - if (sm4_cbc_sm3_hmac_decrypt_update(&aead_ctx, in, inlen, out, &outlen) != 1) { - error_print(); - return -1; - } - in += inlen; - cipherlen -= inlen; - out += outlen; - buflen += outlen; - } - if (sm4_cbc_sm3_hmac_decrypt_finish(&aead_ctx, out, &outlen) != 1) { - error_print(); - return -1; - } - out += outlen; - buflen += outlen; - - format_bytes(stdout, 0, 4, "plaintext ", buf, buflen); - - if (buflen != sizeof(plain)) { - error_print(); - return -1; - } - if (memcmp(buf, plain, sizeof(plain)) != 0) { - error_print(); - return -1; - } - - printf("%s() ok\n", __FUNCTION__); - return 1; -} - -static int test_sm4_ctr_sm3_hmac(void) -{ - SM4_CTR_SM3_HMAC_CTX aead_ctx; - uint8_t key[16 + 32]; - uint8_t iv[16]; - uint8_t aad[29]; - uint8_t plain[71]; - size_t plainlen = sizeof(plain); - uint8_t cipher[256]; - size_t cipherlen = 0; - uint8_t buf[256]; - size_t buflen = 0; - - size_t lens[] = { 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37 }; - uint8_t *in = plain; - uint8_t *out = cipher; - size_t inlen, outlen; - size_t i; - - rand_bytes(key, sizeof(key)); - rand_bytes(iv, sizeof(iv)); - rand_bytes(aad, sizeof(aad)); - rand_bytes(plain, plainlen); - - if (sm4_ctr_sm3_hmac_encrypt_init(&aead_ctx, key, iv, aad, sizeof(aad)) != 1) { - error_print(); - return -1; - } - for (i = 0; plainlen; i++) { - assert(i < sizeof(lens)/sizeof(lens[0])); - - inlen = plainlen < lens[i] ? plainlen : lens[i]; - if (sm4_ctr_sm3_hmac_encrypt_update(&aead_ctx, in, inlen, out, &outlen) != 1) { - error_print(); - return -1; - } - in += inlen; - plainlen -= inlen; - out += outlen; - cipherlen += outlen; - } - if (sm4_ctr_sm3_hmac_encrypt_finish(&aead_ctx, out, &outlen) != 1) { - error_print(); - return -1; - } - out += outlen; - cipherlen += outlen; - - format_bytes(stdout, 0, 4, "plaintext ", plain, sizeof(plain)); - format_bytes(stdout, 0, 4, "ciphertext", cipher, cipherlen); - - { - SM4_KEY sm4_key; - uint8_t ctr[16]; - SM3_HMAC_CTX sm3_hmac_ctx; - uint8_t tmp[256]; - size_t tmplen; - - sm4_set_encrypt_key(&sm4_key, key); - memcpy(ctr, iv, 16); - - sm4_ctr_encrypt(&sm4_key, ctr, plain, sizeof(plain), tmp); - tmplen = sizeof(plain); - - sm3_hmac_init(&sm3_hmac_ctx, key + 16, 32); - sm3_hmac_update(&sm3_hmac_ctx, aad, sizeof(aad)); - sm3_hmac_update(&sm3_hmac_ctx, tmp, tmplen); - sm3_hmac_finish(&sm3_hmac_ctx, tmp + tmplen); - tmplen += 32; - - format_bytes(stdout, 0, 4, "ciphertext", tmp, tmplen); - - if (cipherlen != tmplen - || memcmp(cipher, tmp, tmplen) != 0) { - error_print(); - return -1; - } - } - - - in = cipher; - out = buf; - - if (sm4_ctr_sm3_hmac_decrypt_init(&aead_ctx, key, iv, aad, sizeof(aad)) != 1) { - error_print(); - return -1; - } - for (i = sizeof(lens)/sizeof(lens[0]) - 1; cipherlen; i--) { - inlen = cipherlen < lens[i] ? cipherlen : lens[i]; - - if (sm4_ctr_sm3_hmac_decrypt_update(&aead_ctx, in, inlen, out, &outlen) != 1) { - error_print(); - return -1; - } - in += inlen; - cipherlen -= inlen; - out += outlen; - buflen += outlen; - - } - if (sm4_ctr_sm3_hmac_decrypt_finish(&aead_ctx, out, &outlen) != 1) { - error_print(); - return -1; - } - out += outlen; - buflen += outlen; - - format_bytes(stdout, 0, 4, "plaintext ", buf, buflen); - - if (buflen != sizeof(plain)) { - error_print(); - return -1; - } - if (memcmp(buf, plain, sizeof(plain)) != 0) { - error_print(); - return -1; - } - - printf("%s() ok\n", __FUNCTION__); - return 1; -} - -static int test_sm4_cbc_sm3_hmac_args(void) -{ - SM4_CBC_SM3_HMAC_CTX ctx; - uint8_t key[SM4_CBC_SM3_HMAC_KEY_SIZE] = {0}; - uint8_t iv[SM4_CBC_SM3_HMAC_IV_SIZE] = {0}; - uint8_t aad[16] = {0}; - uint8_t in[64] = {0}; - uint8_t out[128]; - size_t outlen; - - if (sm4_cbc_sm3_hmac_encrypt_init(NULL, key, iv, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_encrypt_init(&ctx, NULL, iv, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, NULL, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, iv, NULL, sizeof(aad)) != -1 - || sm4_cbc_sm3_hmac_decrypt_init(NULL, key, iv, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_decrypt_init(&ctx, NULL, iv, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, NULL, NULL, 0) != -1 - || sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, sizeof(aad)) != -1) { - error_print(); - return -1; - } - - if (sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_cbc_sm3_hmac_encrypt_update(NULL, in, sizeof(in), out, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_update(&ctx, NULL, 1, out, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_update(&ctx, in, sizeof(in), NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_update(&ctx, in, sizeof(in), out, NULL) != -1 - || sm4_cbc_sm3_hmac_encrypt_update(&ctx, NULL, 0, out, &outlen) != 1 - || outlen != 0 - || sm4_cbc_sm3_hmac_encrypt_update(&ctx, NULL, 0, NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_finish(NULL, out, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_finish(&ctx, NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_encrypt_finish(&ctx, out, NULL) != -1) { - error_print(); - return -1; - } - - if (sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_cbc_sm3_hmac_decrypt_update(NULL, in, sizeof(in), out, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, NULL, 1, out, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, in, sizeof(in), NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, in, sizeof(in), out, NULL) != -1 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, NULL, 0, out, &outlen) != 1 - || outlen != 0 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, NULL, 0, NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_finish(NULL, out, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_finish(&ctx, NULL, &outlen) != -1 - || sm4_cbc_sm3_hmac_decrypt_finish(&ctx, out, NULL) != -1) { - error_print(); - return -1; - } - - outlen = 123; - if (sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_cbc_sm3_hmac_decrypt_update(&ctx, in, 1, out, &outlen) != 1 - || outlen != 0) { - error_print(); - return -1; - } - - printf("%s() ok\n", __FUNCTION__); - return 1; -} - -static int test_sm4_ctr_sm3_hmac_args(void) -{ - SM4_CTR_SM3_HMAC_CTX ctx; - uint8_t key[SM4_CTR_SM3_HMAC_KEY_SIZE] = {0}; - uint8_t iv[SM4_CTR_SM3_HMAC_IV_SIZE] = {0}; - uint8_t aad[16] = {0}; - uint8_t in[64] = {0}; - uint8_t out[128]; - size_t outlen; - - if (sm4_ctr_sm3_hmac_encrypt_init(NULL, key, iv, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_encrypt_init(&ctx, NULL, iv, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, NULL, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, iv, NULL, sizeof(aad)) != -1 - || sm4_ctr_sm3_hmac_decrypt_init(NULL, key, iv, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_decrypt_init(&ctx, NULL, iv, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, NULL, NULL, 0) != -1 - || sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, sizeof(aad)) != -1) { - error_print(); - return -1; - } - - if (sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_ctr_sm3_hmac_encrypt_update(NULL, in, sizeof(in), out, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_update(&ctx, NULL, 1, out, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_update(&ctx, in, sizeof(in), NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_update(&ctx, in, sizeof(in), out, NULL) != -1 - || sm4_ctr_sm3_hmac_encrypt_update(&ctx, NULL, 0, out, &outlen) != 1 - || outlen != 0 - || sm4_ctr_sm3_hmac_encrypt_update(&ctx, NULL, 0, NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_finish(NULL, out, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_finish(&ctx, NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_encrypt_finish(&ctx, out, NULL) != -1) { - error_print(); - return -1; - } - - if (sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_ctr_sm3_hmac_decrypt_update(NULL, in, sizeof(in), out, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, NULL, 1, out, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, in, sizeof(in), NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, in, sizeof(in), out, NULL) != -1 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, NULL, 0, out, &outlen) != 1 - || outlen != 0 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, NULL, 0, NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_finish(NULL, out, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_finish(&ctx, NULL, &outlen) != -1 - || sm4_ctr_sm3_hmac_decrypt_finish(&ctx, out, NULL) != -1) { - error_print(); - return -1; - } - - outlen = 123; - if (sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, iv, NULL, 0) != 1 - || sm4_ctr_sm3_hmac_decrypt_update(&ctx, in, 1, out, &outlen) != 1 - || outlen != 0) { - error_print(); - return -1; - } - - printf("%s() ok\n", __FUNCTION__); - return 1; -} - -int main(void) -{ - if (test_sm4_cbc_sm3_hmac() != 1) goto err; - if (test_sm4_ctr_sm3_hmac() != 1) goto err; - if (test_sm4_cbc_sm3_hmac_args() != 1) goto err; - if (test_sm4_ctr_sm3_hmac_args() != 1) goto err; - printf("%s all tests passed\n", __FILE__); - return 0; -err: - error_print(); - return 1; -} diff --git a/tools/gmssl.c b/tools/gmssl.c index e20280dc..236dac32 100644 --- a/tools/gmssl.c +++ b/tools/gmssl.c @@ -59,8 +59,6 @@ extern int sm4_xts_main(int argc, char **argv); #ifdef ENABLE_SM4_FF1 extern int sm4_ff1_main(int argc, char **argv); #endif -extern int sm4_cbc_sm3_hmac_main(int argc, char **argv); -extern int sm4_ctr_sm3_hmac_main(int argc, char **argv); #ifdef ENABLE_SM4_CBC_MAC extern int sm4_cbc_mac_main(int argc, char **argv); #endif @@ -155,8 +153,6 @@ static const char *options = " sm4_gcm Encrypt or decrypt with SM4 GCM\n" " sm4_cbc Encrypt or decrypt with SM4 CBC\n" " sm4_ctr Encrypt or decrypt with SM4 CTR\n" - " sm4_cbc_sm3_hmac Encrypt or decrypt with SM4 CBC with SM3-HMAC\n" - " sm4_ctr_sm3_hmac Encrypt or decrypt with SM4 CTR with SM3-HMAC\n" #ifdef ENABLE_SM4_CCM " sm4_ccm Encrypt or decrypt with SM4 CCM\n" #endif @@ -366,10 +362,6 @@ int main(int argc, char **argv) } else if (!strcmp(*argv, "sm4_ff1")) { return sm4_ff1_main(argc, argv); #endif - } else if (!strcmp(*argv, "sm4_cbc_sm3_hmac")) { - return sm4_cbc_sm3_hmac_main(argc, argv); - } else if (!strcmp(*argv, "sm4_ctr_sm3_hmac")) { - return sm4_ctr_sm3_hmac_main(argc, argv); #ifdef ENABLE_GHASH } else if (!strcmp(*argv, "ghash")) { return ghash_main(argc, argv); diff --git a/tools/sm4.c b/tools/sm4.c index 989dd6aa..e0f19042 100755 --- a/tools/sm4.c +++ b/tools/sm4.c @@ -14,8 +14,6 @@ #include #include #include -#include -#include #include #include @@ -255,8 +253,6 @@ int sm4_main(int argc, char **argv) SM4_XTS_CTX xts; #endif SM4_GCM_CTX gcm; - SM4_CBC_SM3_HMAC_CTX cbc_sm3_hmac; - SM4_CTR_SM3_HMAC_CTX ctr_sm3_hmac; } sm4_ctx; @@ -585,8 +581,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_encrypt_init(&sm4_ctx.xts, key, iv, xts_data_unit_size); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_encrypt_init(&sm4_ctx.gcm, key, keylen, iv, ivlen, aad, aadlen, GHASH_SIZE); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_init(&sm4_ctx.cbc_sm3_hmac, key, iv, aad, aadlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_init(&sm4_ctx.ctr_sm3_hmac, key, iv, aad, aadlen); break; } if (rv != 1) { error_print(); @@ -609,8 +603,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_encrypt_update(&sm4_ctx.xts, inbuf, inlen, outbuf, &outlen); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_encrypt_update(&sm4_ctx.gcm, inbuf, inlen, outbuf, &outlen); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_update(&sm4_ctx.cbc_sm3_hmac, inbuf, inlen, outbuf, &outlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_update(&sm4_ctx.ctr_sm3_hmac, inbuf, inlen, outbuf, &outlen); break; } if (rv != 1) { error_print(); @@ -637,8 +629,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_encrypt_finish(&sm4_ctx.xts, outbuf, &outlen); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_encrypt_finish(&sm4_ctx.gcm, outbuf, &outlen); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_finish(&sm4_ctx.cbc_sm3_hmac, outbuf, &outlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_finish(&sm4_ctx.ctr_sm3_hmac, outbuf, &outlen); break; } if (rv != 1) { error_print(); @@ -665,8 +655,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_decrypt_init(&sm4_ctx.xts, key, iv, xts_data_unit_size); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_decrypt_init(&sm4_ctx.gcm, key, keylen, iv, ivlen, aad, aadlen, GHASH_SIZE); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_init(&sm4_ctx.cbc_sm3_hmac, key, iv, aad, aadlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_init(&sm4_ctx.ctr_sm3_hmac, key, iv, aad, aadlen); break; } if (rv != 1) { error_print(); @@ -689,8 +677,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_decrypt_update(&sm4_ctx.xts, inbuf, inlen, outbuf, &outlen); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_decrypt_update(&sm4_ctx.gcm, inbuf, inlen, outbuf, &outlen); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_update(&sm4_ctx.cbc_sm3_hmac, inbuf, inlen, outbuf, &outlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_update(&sm4_ctx.ctr_sm3_hmac, inbuf, inlen, outbuf, &outlen); break; } if (rv != 1) { error_print(); @@ -718,8 +704,6 @@ bad: case SM4_MODE_XTS: rv = sm4_xts_decrypt_finish(&sm4_ctx.xts, outbuf, &outlen); break; #endif case SM4_MODE_GCM: rv = sm4_gcm_decrypt_finish(&sm4_ctx.gcm, outbuf, &outlen); break; - case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_finish(&sm4_ctx.cbc_sm3_hmac, outbuf, &outlen); break; - case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_finish(&sm4_ctx.ctr_sm3_hmac, outbuf, &outlen); break; } if (rv != 1) { error_print(); diff --git a/tools/sm4_cbc_sm3_hmac.c b/tools/sm4_cbc_sm3_hmac.c deleted file mode 100755 index f871a665..00000000 --- a/tools/sm4_cbc_sm3_hmac.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include -#include -#include - - -static const char *usage = "{-encrypt|-decrypt} -key hex -iv hex [-aad str| -aad_hex hex] [-in file] [-out file]"; - -static const char *options = -"Options\n" -"\n" -" -encrypt Encrypt\n" -" -decrypt Decrypt\n" -" -key hex Symmetric key in HEX format, 48 bytes\n" -" -iv hex IV in HEX format, 16 bytes\n" -" -aad str Authenticated-only message\n" -" -aad_hex hex Authenticated-only data in HEX format\n" -" -in file | stdin Input data\n" -" -out file | stdout Output data\n" -"\n" -"Examples\n" -"\n" -" $ TEXT=`gmssl rand -outlen 20 -hex`\n" -" $ KEY=`gmssl rand -outlen 48 -hex`\n" -" $ IV=`gmssl rand -outlen 16 -hex`\n" -" $ echo -n $TEXT | gmssl sm4_cbc_sm3_hmac -encrypt -key $KEY -iv $IV -out sm4_cbc_sm3_hmac_ciphertext.bin\n" -" $ gmssl sm4_cbc_sm3_hmac -decrypt -key $KEY -iv $IV -in sm4_cbc_sm3_hmac_ciphertext.bin\n" -"\n"; - - -int sm4_cbc_sm3_hmac_main(int argc, char **argv) -{ - int ret = 1; - char *prog = argv[0]; - int enc = -1; - char *keyhex = NULL; - char *ivhex = NULL; - uint8_t *aad = NULL; - uint8_t *aad_buf = NULL; - size_t aadlen = 0; - char *infile = NULL; - char *outfile = NULL; - uint8_t key[48]; - size_t keylen; - uint8_t iv[16]; - size_t ivlen; - FILE *infp = stdin; - FILE *outfp = stdout; - SM4_CBC_SM3_HMAC_CTX ctx; - uint8_t buf[4096]; - size_t inlen; - size_t outlen; - - argc--; - argv++; - - if (argc < 1) { - fprintf(stderr, "usage: gmssl %s %s\n", prog, usage); - return 1; - } - - while (argc > 0) { - if (!strcmp(*argv, "-help")) { - printf("usage: gmssl %s %s\n", prog, usage); - printf("%s\n", options); - ret = 0; - goto end; - } else if (!strcmp(*argv, "-encrypt")) { - if (enc == 0) { - fprintf(stderr, "gmssl %s: `-encrypt` `-decrypt` should not be used together\n", prog); - goto end; - } - enc = 1; - } else if (!strcmp(*argv, "-decrypt")) { - if (enc == 1) { - fprintf(stderr, "gmssl %s: `-encrypt` `-decrypt` should not be used together\n", prog); - goto end; - } - enc = 0; - } else if (!strcmp(*argv, "-key")) { - if (--argc < 1) goto bad; - keyhex = *(++argv); - if (strlen(keyhex) != sizeof(key) * 2) { - fprintf(stderr, "gmssl %s: invalid key length, should be %d bytes\n", prog, SM4_CBC_SM3_HMAC_KEY_SIZE); - goto end; - } - if (hex_to_bytes(keyhex, strlen(keyhex), key, &keylen) != 1) { - fprintf(stderr, "gmssl %s: invalid key hex digits, should be %d bytes\n", prog, SM4_CBC_SM3_HMAC_KEY_SIZE); - goto end; - } - } else if (!strcmp(*argv, "-iv")) { - if (--argc < 1) goto bad; - ivhex = *(++argv); - if (strlen(ivhex) != sizeof(iv) * 2) { - fprintf(stderr, "gmssl %s: invalid IV length\n", prog); - goto end; - } - if (hex_to_bytes(ivhex, strlen(ivhex), iv, &ivlen) != 1) { - fprintf(stderr, "gmssl %s: invalid IV hex digits\n", prog); - goto end; - } - } else if (!strcmp(*argv, "-aad")) { - if (--argc < 1) goto bad; - if (aad) { - fprintf(stderr, "gmssl %s: `-aad` or `aad_hex` has been specified\n", prog); - goto bad; - } - aad = (uint8_t *)(*(++argv)); - aadlen = strlen((char *)aad); - } else if (!strcmp(*argv, "-aad_hex")) { - if (--argc < 1) goto bad; - if (aad) { - fprintf(stderr, "gmssl %s: `-aad` or `aad_hex` has been specified\n", prog); - goto bad; - } - aad = (uint8_t *)(*(++argv)); - if (!(aad_buf = malloc(strlen((char *)aad)/2 + 1))) { - fprintf(stderr, "gmssl %s: malloc failure\n", prog); - goto end; - } - if (hex_to_bytes((char *)aad, strlen((char *)aad), aad_buf, &aadlen) != 1) { - fprintf(stderr, "gmssl %s: `-aad_hex` invalid HEX format argument\n", prog); - goto end; - } - aad = aad_buf; - } else if (!strcmp(*argv, "-in")) { - if (--argc < 1) goto bad; - infile = *(++argv); - if (!(infp = fopen(infile, "rb"))) { - fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno)); - goto end; - } - } else if (!strcmp(*argv, "-out")) { - if (--argc < 1) goto bad; - outfile = *(++argv); - if (!(outfp = fopen(outfile, "wb"))) { - fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno)); - goto end; - } - } else { - fprintf(stderr, "gmssl %s: illegal option `%s`\n", prog, *argv); - goto end; -bad: - fprintf(stderr, "gmssl %s: `%s` option value missing\n", prog, *argv); - goto end; - } - - argc--; - argv++; - } - - if (enc < 0) { - fprintf(stderr, "gmssl %s: option -encrypt or -decrypt should be set\n", prog); - goto end; - } - if (!keyhex) { - fprintf(stderr, "gmssl %s: option `-key` missing\n", prog); - goto end; - } - if (!ivhex) { - fprintf(stderr, "gmssl %s: option `-iv` missing\n", prog); - goto end; - } - - if (enc) { - if (sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, iv, aad, aadlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, iv, aad, aadlen) != 1) { - error_print(); - goto end; - } - } - - while ((inlen = fread(buf, 1, sizeof(buf), infp)) > 0) { - if (enc) { - if (sm4_cbc_sm3_hmac_encrypt_update(&ctx, buf, inlen, buf, &outlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_cbc_sm3_hmac_decrypt_update(&ctx, buf, inlen, buf, &outlen) != 1) { - error_print(); - goto end; - } - } - if (fwrite(buf, 1, outlen, outfp) != outlen) { - fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); - goto end; - } - } - if (ferror(infp)) { - fprintf(stderr, "%s: read failure\n", prog); - goto end; - } - - if (enc) { - if (sm4_cbc_sm3_hmac_encrypt_finish(&ctx, buf, &outlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_cbc_sm3_hmac_decrypt_finish(&ctx, buf, &outlen) != 1) { - error_print(); - goto end; - } - } - if (fwrite(buf, 1, outlen, outfp) != outlen) { - fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); - goto end; - } - - ret = 0; - -end: - gmssl_secure_clear(key, sizeof(key)); - gmssl_secure_clear(iv, sizeof(iv)); - gmssl_secure_clear(&ctx, sizeof(ctx)); - gmssl_secure_clear(buf, sizeof(buf)); - if (infile && infp) fclose(infp); - if (outfile && outfp) fclose(outfp); - return ret; -} diff --git a/tools/sm4_ctr_sm3_hmac.c b/tools/sm4_ctr_sm3_hmac.c deleted file mode 100755 index cbb236bc..00000000 --- a/tools/sm4_ctr_sm3_hmac.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include -#include -#include - - -static const char *usage = "{-encrypt|-decrypt} -key hex -iv hex [-aad str| -aad_hex hex] [-in file] [-out file]"; - -static const char *options = -"Options\n" -"\n" -" -encrypt Encrypt\n" -" -decrypt Decrypt\n" -" -key hex Symmetric key in HEX format, 48 bytes\n" -" -iv hex IV in HEX format, 16 bytes\n" -" -aad str Authenticated-only message\n" -" -aad_hex hex Authenticated-only data in HEX format\n" -" -in file | stdin Input data\n" -" -out file | stdout Output data\n" -"\n" -"Examples\n" -"\n" -" $ TEXT=`gmssl rand -outlen 20 -hex`\n" -" $ KEY=`gmssl rand -outlen 48 -hex`\n" -" $ IV=`gmssl rand -outlen 16 -hex`\n" -" $ echo -n $TEXT | gmssl sm4_ctr_sm3_hmac -encrypt -key $KEY -iv $IV -out sm4_ctr_sm3_hmac_ciphertext.bin\n" -" $ gmssl sm4_ctr_sm3_hmac -decrypt -key $KEY -iv $IV -in sm4_ctr_sm3_hmac_ciphertext.bin\n" -"\n"; - - -int sm4_ctr_sm3_hmac_main(int argc, char **argv) -{ - int ret = 1; - char *prog = argv[0]; - int enc = -1; - char *keyhex = NULL; - char *ivhex = NULL; - uint8_t *aad = NULL; - uint8_t *aad_buf = NULL; - size_t aadlen = 0; - char *infile = NULL; - char *outfile = NULL; - uint8_t key[48]; - size_t keylen; - uint8_t iv[16]; - size_t ivlen; - FILE *infp = stdin; - FILE *outfp = stdout; - SM4_CTR_SM3_HMAC_CTX ctx; - uint8_t buf[4096]; - size_t inlen; - size_t outlen; - - argc--; - argv++; - - if (argc < 1) { - fprintf(stderr, "usage: gmssl %s %s\n", prog, usage); - return 1; - } - - while (argc > 0) { - if (!strcmp(*argv, "-help")) { - printf("usage: gmssl %s %s\n", prog, usage); - printf("%s\n", options); - ret = 0; - goto end; - } else if (!strcmp(*argv, "-encrypt")) { - if (enc == 0) { - fprintf(stderr, "gmssl %s: `-encrypt` `-decrypt` should not be used together\n", prog); - goto end; - } - enc = 1; - } else if (!strcmp(*argv, "-decrypt")) { - if (enc == 1) { - fprintf(stderr, "gmssl %s: `-encrypt` `-decrypt` should not be used together\n", prog); - goto end; - } - enc = 0; - } else if (!strcmp(*argv, "-key")) { - if (--argc < 1) goto bad; - keyhex = *(++argv); - if (strlen(keyhex) != sizeof(key) * 2) { - fprintf(stderr, "gmssl %s: invalid key length, should be %d bytes\n", prog, SM4_CTR_SM3_HMAC_KEY_SIZE); - goto end; - } - if (hex_to_bytes(keyhex, strlen(keyhex), key, &keylen) != 1) { - fprintf(stderr, "gmssl %s: invalid key hex digits, should be %d bytes\n", prog, SM4_CTR_SM3_HMAC_KEY_SIZE); - goto end; - } - } else if (!strcmp(*argv, "-iv")) { - if (--argc < 1) goto bad; - ivhex = *(++argv); - if (strlen(ivhex) != sizeof(iv) * 2) { - fprintf(stderr, "gmssl %s: invalid IV length\n", prog); - goto end; - } - if (hex_to_bytes(ivhex, strlen(ivhex), iv, &ivlen) != 1) { - fprintf(stderr, "gmssl %s: invalid IV hex digits\n", prog); - goto end; - } - } else if (!strcmp(*argv, "-aad")) { - if (--argc < 1) goto bad; - if (aad) { - fprintf(stderr, "gmssl %s: `-aad` or `aad_hex` has been specified\n", prog); - goto bad; - } - aad = (uint8_t *)(*(++argv)); - aadlen = strlen((char *)aad); - } else if (!strcmp(*argv, "-aad_hex")) { - if (--argc < 1) goto bad; - if (aad) { - fprintf(stderr, "gmssl %s: `-aad` or `aad_hex` has been specified\n", prog); - goto bad; - } - aad = (uint8_t *)(*(++argv)); - if (!(aad_buf = malloc(strlen((char *)aad)/2 + 1))) { - fprintf(stderr, "gmssl %s: malloc failure\n", prog); - goto end; - } - if (hex_to_bytes((char *)aad, strlen((char *)aad), aad_buf, &aadlen) != 1) { - fprintf(stderr, "gmssl %s: `-aad_hex` invalid HEX format argument\n", prog); - goto end; - } - aad = aad_buf; - } else if (!strcmp(*argv, "-in")) { - if (--argc < 1) goto bad; - infile = *(++argv); - if (!(infp = fopen(infile, "rb"))) { - fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno)); - goto end; - } - } else if (!strcmp(*argv, "-out")) { - if (--argc < 1) goto bad; - outfile = *(++argv); - if (!(outfp = fopen(outfile, "wb"))) { - fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno)); - goto end; - } - } else { - fprintf(stderr, "gmssl %s: illegal option `%s`\n", prog, *argv); - goto end; -bad: - fprintf(stderr, "gmssl %s: `%s` option value missing\n", prog, *argv); - goto end; - } - - argc--; - argv++; - } - - if (enc < 0) { - fprintf(stderr, "gmssl %s: option -encrypt or -decrypt should be set\n", prog); - goto end; - } - if (!keyhex) { - fprintf(stderr, "gmssl %s: option `-key` missing\n", prog); - goto end; - } - if (!ivhex) { - fprintf(stderr, "gmssl %s: option `-iv` missing\n", prog); - goto end; - } - - if (enc) { - if (sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, iv, aad, aadlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, iv, aad, aadlen) != 1) { - error_print(); - goto end; - } - } - - while ((inlen = fread(buf, 1, sizeof(buf), infp)) > 0) { - if (enc) { - if (sm4_ctr_sm3_hmac_encrypt_update(&ctx, buf, inlen, buf, &outlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_ctr_sm3_hmac_decrypt_update(&ctx, buf, inlen, buf, &outlen) != 1) { - error_print(); - goto end; - } - } - if (fwrite(buf, 1, outlen, outfp) != outlen) { - fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); - goto end; - } - } - if (ferror(infp)) { - fprintf(stderr, "%s: read failure\n", prog); - goto end; - } - - if (enc) { - if (sm4_ctr_sm3_hmac_encrypt_finish(&ctx, buf, &outlen) != 1) { - error_print(); - goto end; - } - } else { - if (sm4_ctr_sm3_hmac_decrypt_finish(&ctx, buf, &outlen) != 1) { - error_print(); - goto end; - } - } - if (fwrite(buf, 1, outlen, outfp) != outlen) { - fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); - goto end; - } - - ret = 0; - -end: - gmssl_secure_clear(key, sizeof(key)); - gmssl_secure_clear(iv, sizeof(iv)); - gmssl_secure_clear(&ctx, sizeof(ctx)); - gmssl_secure_clear(buf, sizeof(buf)); - if (infile && infp) fclose(infp); - if (outfile && outfp) fclose(outfp); - return ret; -}