Add some docs

Configure

@@ -504,6 +504,7 @@ my @disable_cascades = (
     "dtls"		=> [ @dtls ],
 
     "sm3"               => [ "sm2" ],
+    "sdf"               => [ "saf" ],
     "saf"		=> [ "sof" ],
 
     # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA

doc/crypto/ECAHE_encrypt.pod

@@ -0,0 +1,79 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+ECAHE_CIPHERTEXT_new, ECAHE_CIPHERTEXT_free,
+ECAHE_do_encrypt, ECAHE_do_decrypt
+ECAHE_ciphertext_add, ECAHE_ciphertext_sub, ECAHE_ciphertext_neg - ECAHE Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/ecahe.h>
+
+ ECAHE_CIPHERTEXT *ECAHE_CIPHERTEXT_new(void);
+ void ECAHE_CIPHERTEXT_free(ECAHE_CIPHERTEXT *c);
+
+ int ECAHE_do_encrypt(ECAHE_CIPHERTEXT *c, const BIGNUM *m, EC_KEY *pk);
+ int ECAHE_do_decrypt(BIGNUM *m, const ECAHE_CIPHERTEXT *c, EC_KEY *sk);
+
+ int ECAHE_ciphertext_add(ECAHE_CIPHERTEXT *r,
+                          const ECAHE_CIPHERTEXT *a,
+                          const ECAHE_CIPHERTEXT *b,
+                          EC_KEY *pk);
+ int ECAHE_ciphertext_sub(ECAHE_CIPHERTEXT *r,
+                          const ECAHE_CIPHERTEXT *a,
+                          const ECAHE_CIPHERTEXT *b,
+                          EC_KEY *pk);
+ int ECAHE_ciphertext_neg(ECAHE_CIPHERTEXT *r,
+                          const ECAHE_CIPHERTEXT *a,
+                          EC_KEY *pk);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/ECRS_sign.pod

@@ -0,0 +1,83 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+ECRS_SIG_new, ECRS_SIG_free,
+i2d_ECRS_SIG, d2i_ECRS_SIG,
+ECRS_do_sign, ECRS_do_verify,
+ECRS_size, ECRS_sign, ECRS_verify - EC Ring Signature Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/ecrs.h>
+
+ ECRS_SIG *ECRS_SIG_new(void);
+ void ECRS_SIG_free(ECRS_SIG *sig);
+
+ int i2d_ECRS_SIG(const ECRS_SIG *sig, unsigned char **pp);
+ ECRS_SIG *d2i_ECRS_SIG(ECRS_SIG **sig, const unsigned char **pp, long len);
+
+ ECRS_SIG *ECRS_do_sign(const EVP_MD *md,
+                        const unsigned char *dgst, int dgstlen,
+                        STACK_OF(EC_KEY) *pub_keys, EC_KEY *ec_key);
+ int ECRS_do_verify(const EVP_MD *md, const unsigned char *dgst, int dgstlen,
+                    const ECRS_SIG *sig, STACK_OF(EC_KEY) *pub_keys);
+
+ int ECRS_size(const EC_KEY *ec_key, int n);
+
+ int ECRS_sign(int type, const unsigned char *dgst, int dgstlen,
+               unsigned char *sig, unsigned int *siglen,
+               STACK_OF(EC_KEY) *pub_keys, EC_KEY *ec_key);
+ int ECRS_verify(int type, const unsigned char *dgst, int dgstlen,
+                 const unsigned char *sig, int siglen,
+                 STACK_OF(EC_KEY) *pub_keys);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/EVP_PKEY_CTX_set_paillier_keygen_bits.pod

@@ -0,0 +1,63 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+EVP_PKEY_CTX_set_paillier_keygen_bits,
+EVP_PKEY_CTX_get_paillier_keygen_bits - Paillier EVP_PKEY ctrls
+
+=head1 SYNOPSIS
+
+ #include <openssl/paillier.h>
+
+ int EVP_PKEY_CTX_set_paillier_keygen_bits(EVP_PKEY_CTX *ctx, int nbits);
+ int EVP_PKEY_CTX_get_paillier_keygen_bits(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/FFX_encrypt.pod

@@ -0,0 +1,72 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+FFX_CTX_new, FFX_CTX_free, FFX_init,
+FFX_encrypt, FFX_decrypt, FFX_compute_luhn - Format-Preserving Encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/ffx.h>
+
+ FFX_CTX *FFX_CTX_new(void);
+ void FFX_CTX_free(FFX_CTX *ctx);
+
+ int FFX_init(FFX_CTX *ctx, const EVP_CIPHER *cipher,
+              const unsigned char *key, int flag);
+ int FFX_encrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
+                 unsigned char *tweak, size_t tweaklen);
+ int FFX_decrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
+                 unsigned char *tweak, size_t tweaklen);
+
+ int  FFX_compute_luhn(const char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/OTP_generate.pod

@@ -0,0 +1,74 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+OTP_generate - One-Time Password Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/otp.h>
+
+ typedef struct OTP_PARAMS_st {
+	int type;
+	int te;
+	void *option;
+	size_t option_size;
+	int otp_digits;
+	/* adjust the clock in seconds */
+	int offset;
+ } OTP_PARAMS;
+
+ int OTP_generate(const OTP_PARAMS *params,
+                  const void *event, size_t eventlen,
+                  unsigned int *otp,
+                  const unsigned char *key, size_t keylen);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/PAILLIER_new.pod

@@ -0,0 +1,90 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+PAILLIER_new, PAILLIER_free,
+i2d_PaillierPrivateKey, d2i_PaillierPrivateKey,
+i2d_PaillierPublicKey, d2i_PaillierPublicKey,
+PAILLIER_size, PAILLIER_security_bits
+PAILLIER_generate_key, PAILLIER_check_key,
+PAILLIER_encrypt, PAILLIER_decrypt,
+PAILLIER_ciphertext_add, PAILLIER_ciphertext_scalar_mul,
+PAILLIER_up_ref - Paillier Additive Homomorphic Encryption
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/paillier.h>
+
+ PAILLIER *PAILLIER_new(void);
+ void PAILLIER_free(PAILLIER *key);
+
+
+ int i2d_PaillierPrivateKey(const PaillierPrivateKey *sk, unsigned char **pp);
+ PaillierPrivateKey *d2i_PaillierPrivateKey(PaillierPrivateKey **sk,
+                                            const unsigned char **pp, long len);
+ int i2d_PaillierPublicKey(const PaillierPublicKey *pk, unsigned char **pp);
+ PaillierPublicKey *d2i_PaillierPublicKey(PaillierPublicKey **pk,
+                                           const unsigned char **pp, long len);
+
+ int PAILLIER_size(const PAILLIER *key);
+ int PAILLIER_security_bits(const PAILLIER *key);
+
+ int PAILLIER_generate_key(PAILLIER *key, int bits/* as RSA N */);
+ int PAILLIER_check_key(PAILLIER *key);
+ int PAILLIER_encrypt(BIGNUM *out, const BIGNUM *in, PAILLIER *key);
+ int PAILLIER_decrypt(BIGNUM *out, const BIGNUM *in, PAILLIER *key);
+ int PAILLIER_ciphertext_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, PAILLIER *key);
+ int PAILLIER_ciphertext_scalar_mul(BIGNUM *r, const BIGNUM *scalar, const BIGNUM *a, PAILLIER *key);
+
+ int PAILLIER_up_ref(PAILLIER *key);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/SM9_MASTER_KEY_new.pod

@@ -0,0 +1,42 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+SM9_MASTER_KEY_new, SM9_MASTER_KEY_free, SM9_KEY_new, SM9_KEY_free - SM9 Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/sm9.h>
+
+ SM9_MASTER_KEY *SM9_MASTER_KEY_new(void);
+ void SM9_MASTER_KEY_free(SM9_MASTER_KEY *a);
+
+ SM9_KEY *SM9_KEY_new(void);
+ void SM9_KEY_free(SM9_KEY *a);
+
+=head1 DESCRIPTION
+
+
+=head1 RETURN VALUES
+
+
+=head1 CONFORMING TO
+
+GM/T 0044-2016 SM9 Identification Cryptographic Algorithm
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/SM9_setup.pod

@@ -0,0 +1,49 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+SM9_setup, SM9_generate_master_secret, SM9_extract_public_parameters,
+SM9_extract_private_key, SM9_extract_public_key - SM9 Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/sm9.h>
+
+ int SM9_setup(int pairing, int scheme, int hash1,
+	SM9PublicParameters **mpk, SM9MasterSecret **msk);
+
+ SM9MasterSecret *SM9_generate_master_secret(int pairing, int scheme, int hash1);
+ SM9PublicParameters *SM9_extract_public_parameters(SM9MasterSecret *msk);
+
+ SM9PrivateKey *SM9_extract_private_key(SM9MasterSecret *msk,
+	const char *id, size_t idlen);
+
+ SM9PublicKey *SM9_extract_public_key(SM9PublicParameters *mpk,
+	const char *id, size_t idlen);
+
+=head1 DESCRIPTION
+
+
+=head1 RETURN VALUES
+
+
+=head1 CONFORMING TO
+
+GM/T 0044-2016 SM9 Identification Cryptographic Algorithm
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/ZUC_set_key.pod

@@ -0,0 +1,63 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+ZUC_set_key, ZUC_generate_keystream, ZUC_generate_keyword - ZUC Stream Cipher
+
+=head1 SYNOPSIS
+
+ #include <openssl/zuc.h>
+
+ void ZUC_set_key(ZUC_KEY *key, const unsigned char *user_key, const unsigned char *iv);
+ void ZUC_generate_keystream(ZUC_KEY *key, size_t nwords, uint32_t *words);
+ uint32_t ZUC_generate_keyword(ZUC_KEY *key);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/sm3_hmac_init.pod

@@ -0,0 +1,62 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+sm3_hmac_init, sm3_hmac_update, sm3_hmac_final, sm3_hmac - SM3 Hash Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/sm3.h>
+
+ void sm3_hmac_init(sm3_hmac_ctx_t *ctx, const unsigned char *key, size_t key_len);
+ void sm3_hmac_update(sm3_hmac_ctx_t *ctx, const unsigned char *data, size_t data_len);
+ void sm3_hmac_final(sm3_hmac_ctx_t *ctx, unsigned char mac[SM3_HMAC_SIZE]);
+ void sm3_hmac(const unsigned char *data, size_t data_len,
+	const unsigned char *key, size_t key_len, unsigned char mac[SM3_HMAC_SIZE]);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<HMAC_Init(3)> etc. instead of calling the hash
+functions directly.
+
+sm3_hmac() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_hmac_init() initializes a B<sm3_ctx_t> structure.
+
+sm3_hmac_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_hmac_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_hmac_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<HMAC_Init(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/sm3_init.pod

@@ -0,0 +1,67 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+sm3_init, sm3_update, sm3_final, sm3_compress, sm3 - SM3 Hash Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/sm3.h>
+
+ void sm3_init(sm3_ctx_t *ctx);
+ void sm3_update(sm3_ctx_t *ctx, const unsigned char* data, size_t data_len);
+ void sm3_final(sm3_ctx_t *ctx, unsigned char digest[SM3_DIGEST_LENGTH]);
+ void sm3_compress(uint32_t digest[8], const unsigned char block[SM3_BLOCK_SIZE]);
+ void sm3(const unsigned char *data, size_t datalen,
+	unsigned char digest[SM3_DIGEST_LENGTH]);
+
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut

doc/crypto/sms4_set_encrypt_key.pod

@@ -0,0 +1,92 @@
+=pod
+
+=encoding utf8
+
+=head1 NAME
+
+sms4_set_encrypt_key, sms4_set_decrypt_key,
+sms4_encrypt, sms4_decrypt,
+sms4_encrypt_init, sms4_encrypt_8blocks, sms4_encrypt_16blocks,
+sms4_ecb_encrypt, sms4_cbc_encrypt,
+sms4_cfb128_encrypt, sms4_ofb128_encrypt, sms4_ctr128_encrypt,
+sms4_wrap_key, sms4_unwrap_key - SM4 Block Cipher
+
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/sms4.h>
+
+ void sms4_set_encrypt_key(sms4_key_t *key, const unsigned char *user_key);
+ void sms4_set_decrypt_key(sms4_key_t *key, const unsigned char *user_key);
+ void sms4_encrypt(const unsigned char *in, unsigned char *out, const sms4_key_t *key);
+ #define sms4_decrypt(in,out,key)  sms4_encrypt(in,out,key)
+
+ void sms4_encrypt_init(sms4_key_t *key);
+ void sms4_encrypt_8blocks(const unsigned char *in, unsigned char *out, const sms4_key_t *key);
+ void sms4_encrypt_16blocks(const unsigned char *in, unsigned char *out, const sms4_key_t *key);
+
+ void sms4_ecb_encrypt(const unsigned char *in, unsigned char *out,
+	const sms4_key_t *key, int enc);
+ void sms4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+	size_t len, const sms4_key_t *key, unsigned char *iv, int enc);
+ void sms4_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t len, const sms4_key_t *key, unsigned char *iv, int *num, int enc);
+ void sms4_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t len, const sms4_key_t *key, unsigned char *iv, int *num);
+ void sms4_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+	size_t len, const sms4_key_t *key, unsigned char *iv,
+	unsigned char ecount_buf[SMS4_BLOCK_SIZE], unsigned int *num);
+
+ int sms4_wrap_key(sms4_key_t *key, const unsigned char *iv,
+	unsigned char *out, const unsigned char *in, unsigned int inlen);
+ int sms4_unwrap_key(sms4_key_t *key, const unsigned char *iv,
+	unsigned char *out, const unsigned char *in, unsigned int inlen);
+
+=head1 DESCRIPTION
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)> etc. instead of calling the hash
+functions directly.
+
+SM3 (ShangMi#3 Hash Algorithm) is a cryptographic hash function with a
+256 bit output.
+
+sm3() computes the SM3 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array. Note: setting B<md> to NULL is B<not thread safe>.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+sm3_nit() initializes a B<sm3_ctx_t> structure.
+
+sm3_update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+sm3_final() places the message digest in B<md>, which must have space
+for SM3_DIGEST_LENGTH == 32 bytes of output, and erases the B<sm3_ctx_t>.
+
+=head1 RETURN VALUES
+
+sm3_init(), sm3_update(), sm3_final(), sm3_compress() and sm3() return void.
+
+=head1 CONFORMING TO
+
+GM/T 0004-2012 SM3 Cryptogrpahic Hash Algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2014-2019 The GmSSL Project. All Rights Reserved.
+
+Licensed under the GmSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<http://gmssl.org/license.html>.
+
+=cut