abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-12 19:36:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source 
# Conflicts:
#	README.md
This commit is contained in:
Zhi Guan
2017-02-14 16:12:29 +08:00
parent d2254170b8
commit 43fed1108d
3503 changed files with 320546 additions and 408546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
crypto/ecies/Makefile
View File

@@ -1,125 +0,0 @@
#
# crypto/ecies/Makefile
#
DIR= ecies
TOP= ../..
CC= cc
INCLUDES= -I.. -I$(TOP) -I../../include
CFLAG=-g -Wall
MAKEFILE= Makefile
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=eciestest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= ecies_lib.c ecies_asn1.c ecies_err.c
LIBOBJ= ecies_lib.o ecies_asn1.o ecies_err.o
SRC= $(LIBSRC)
EXHEADER= ecies.h
HEADER= $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@headerlist="$(EXHEADER)"; for i in $$headerlist; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
tags:
ctags $(SRC)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
ecies_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
ecies_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ecies_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ecies_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecies_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
ecies_asn1.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
ecies_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_asn1.o: ../../include/openssl/objects.h
ecies_asn1.o: ../../include/openssl/opensslconf.h
ecies_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ecies_asn1.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
ecies_asn1.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
ecies_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ecies_asn1.o: ../../include/openssl/x509_vfy.h ecies.h ecies_asn1.c
ecies_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecies_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ecies_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecies_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ecies_err.o: ../../include/openssl/ecies.h ../../include/openssl/err.h
ecies_err.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
ecies_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_err.o: ../../include/openssl/objects.h
ecies_err.o: ../../include/openssl/opensslconf.h
ecies_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ecies_err.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
ecies_err.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
ecies_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ecies_err.o: ../../include/openssl/x509_vfy.h ecies_err.c
ecies_lib.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
ecies_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ecies_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ecies_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecies_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/ecies.h
ecies_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ecies_lib.o: ../../include/openssl/hmac.h ../../include/openssl/kdf.h
ecies_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_lib.o: ../../include/openssl/objects.h
ecies_lib.o: ../../include/openssl/opensslconf.h
ecies_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
ecies_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ecies_lib.o: ../../include/openssl/sm2.h ../../include/openssl/sm3.h
ecies_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecies_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ecies_lib.o: ../o_str.h ecies_lib.c

125
crypto/ecies/Makefile.save
View File

@@ -1,125 +0,0 @@
#
# crypto/ecies/Makefile
#
DIR= ecies
TOP= ../..
CC= cc
INCLUDES= -I.. -I$(TOP) -I../../include
CFLAG=-g -Wall
MAKEFILE= Makefile
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile
TEST=eciestest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= ecies_lib.c ecies_asn1.c ecies_err.c
LIBOBJ= ecies_lib.o ecies_asn1.o ecies_err.o
SRC= $(LIBSRC)
EXHEADER= ecies.h
HEADER= $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@headerlist="$(EXHEADER)"; for i in $$headerlist; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
tags:
ctags $(SRC)
tests:
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
update: depend
depend:
@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
ecies_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
ecies_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ecies_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ecies_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecies_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
ecies_asn1.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
ecies_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_asn1.o: ../../include/openssl/objects.h
ecies_asn1.o: ../../include/openssl/opensslconf.h
ecies_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ecies_asn1.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
ecies_asn1.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
ecies_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ecies_asn1.o: ../../include/openssl/x509_vfy.h ecies.h ecies_asn1.c
ecies_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecies_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ecies_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
ecies_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
ecies_err.o: ../../include/openssl/ecies.h ../../include/openssl/err.h
ecies_err.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
ecies_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_err.o: ../../include/openssl/objects.h
ecies_err.o: ../../include/openssl/opensslconf.h
ecies_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ecies_err.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
ecies_err.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
ecies_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ecies_err.o: ../../include/openssl/x509_vfy.h ecies_err.c
ecies_lib.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
ecies_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ecies_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ecies_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ecies_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/ecies.h
ecies_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
ecies_lib.o: ../../include/openssl/hmac.h ../../include/openssl/kdf.h
ecies_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
ecies_lib.o: ../../include/openssl/objects.h
ecies_lib.o: ../../include/openssl/opensslconf.h
ecies_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecies_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
ecies_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
ecies_lib.o: ../../include/openssl/sm2.h ../../include/openssl/sm3.h
ecies_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecies_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
ecies_lib.o: ../o_str.h ecies_lib.c

175
crypto/ecies/ecies.h
View File

@@ -1,175 +0,0 @@
/* crypto/ecies/ecies.h */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_ECIES_H
#define HEADER_ECIES_H
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
KDFSet ALGORITHM ::= {
{ OID x9-63-kdf PARMS HashAlgorithm } |
{ OID nist-concatenation-kdf PARMS HashAlgorithm } |
{ OID tls-kdf PARMS HashAlgorithm } |
{ OID ikev2-kdf PARMS HashAlgorithm }
}
*/
typedef struct ecies_params_st {
/* supported kdf algors:
* x9-63-kdf
* nist-concatenation-kdf
* tls-kdf
* ikev2-kdf
*/
int kdf_nid;
const EVP_MD *kdf_md;
/* supported enc algors:
* xor-in-ecies
* aes128-cbc-in-ecies
* aes192-cbc-in-ecies
* aes256-cbc-in-ecies
* aes128-ctr-in-ecies
* aes192-ctr-in-ecies
* aes256-ctr-in-ecies
*/
const EVP_CIPHER *sym_cipher;
/*
* supported mac algors:
* hmac-full-ecies
* hmac-half-ecies
* cmac-aes128-ecies
* cmac-aes192-ecies
*/
int mac_nid;
const EVP_MD *mac_md;
const EVP_CIPHER *mac_cipher;
} ECIES_PARAMS;
typedef struct ecies_ciphertext_value_st {
ASN1_OCTET_STRING *ephem_point;
ASN1_OCTET_STRING *ciphertext;
ASN1_OCTET_STRING *mactag;
} ECIES_CIPHERTEXT_VALUE;
DECLARE_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE)
int i2d_ECIESParameters(const ECIES_PARAMS *param, unsigned char **out);
ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param, const unsigned char **in, long len);
int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param);
ECIES_PARAMS *ECIES_get_parameters(EC_KEY *ec_key);
ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int ECIES_do_decrypt(const ECIES_CIPHERTEXT_VALUE *cv,
const ECIES_PARAMS *param, unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int ECIES_encrypt(const ECIES_PARAMS *param,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
int ECIES_decrypt(const ECIES_PARAMS *param,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
int ECIES_encrypt_with_recommended(unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
int ECIES_decrypt_with_recommended(unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key);
void ERR_load_ECIES_strings(void);
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ECIES_strings(void);
/* Error codes for the ECIES functions. */
/* Function codes. */
# define ECIES_F_D2I_ECIESPARAMETERS 100
# define ECIES_F_ECIES_DECRYPT 101
# define ECIES_F_ECIES_DO_DECRYPT 102
# define ECIES_F_ECIES_DO_ENCRYPT 103
# define ECIES_F_ECIES_ENCRYPT 104
# define ECIES_F_I2D_ECIESPARAMETERS 105
/* Reason codes. */
# define ECIES_R_BAD_DATA 100
# define ECIES_R_BUFFER_TOO_SMALL 101
# define ECIES_R_DECRYPT_FAILED 102
# define ECIES_R_ECDH_FAILED 103
# define ECIES_R_ENCRYPT_FAILED 104
# define ECIES_R_GEN_MAC_FAILED 105
# define ECIES_R_VERIFY_MAC_FAILED 106
#ifdef __cplusplus
}
#endif
#endif

370
crypto/ecies/ecies_asn1.c
View File

@@ -1,370 +0,0 @@
/* crypto/ecies/ecies_asn1.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include "ecies.h"
/*
* From SEC 1, Version 1.9 Draft, 2008
*
secg-scheme OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) certicom(132) schemes(1) }
ECIESAlgorithmSet ALGORITHM ::= {
{ OID ecies-recommendedParameters} |
{ OID ecies-specifiedParameters PARMS ECIESParameters}
}
ECIESParameters ::= SEQUENCE {
kdf [0] KeyDerivationFunction OPTIONAL,
sym [1] SymmetricEncryption OPTIONAL,
mac [2] MessageAuthenticationCode OPTIONAL
}
KeyDerivationFunction ::= AlgorithmIdentifier {{KDFSet}}
KDFSet ALGORITHM ::= {
{ OID x9-63-kdf PARMS HashAlgorithm } |
{ OID nist-concatenation-kdf PARMS HashAlgorithm } |
{ OID tls-kdf PARMS HashAlgorithm } |
{ OID ikev2-kdf PARMS HashAlgorithm }
}
SymmetricEncryption ::= AlgorithmIdentifier {{SYMENCSet}}
SYMENCSet ALGORITHM ::= {
{ OID xor-in-ecies } |
{ OID tdes-cbc-in-ecies } | -- IV should all be set to ZEROs
{ OID aes128-cbc-in-ecies } |
{ OID aes192-cbc-in-ecies } |
{ OID aes256-cbc-in-ecies } |
{ OID aes128-ctr-in-ecies } |
{ OID aes192-ctr-in-ecies } |
{ OID aes256-ctr-in-ecies } ,
}
MessageAuthenticationCode ::= AlgorithmIdentifier {{MACSet}}
MACSet ALGORITHM ::= {
{ OID hmac-full-ecies PARMS HashAlgorithm} |
{ OID hmac-half-ecies PARMS HashAlgorithm} |
{ OID cmac-aes128-ecies } |
{ OID cmac-aes192-ecies } |
{ OID cmac-aes256-ecies } ,
}
*/
/*
* Something about HMAC
* 1. Key Length: As SHA1 provides 160 bits digest and 80 bits security.
* Thus the key length of HMAC-SHA1 should be at least 80 bits. The key
* length should be [80, 160] bits. If the key length is larger than
* 512 bits, need to hash it.
* 2. Ouput Length: The HMAC-SHA1 can ouput at most 160 bits. Sometimes the
* output is truncated but should be at least 4 bytes. The turncated
* output should be the left most bytes (why?) and the length should be
* 80 bits to 160 bits. The standard hmac-full means use full output
* i.e. hmac-sha1-160 and hmac-half means use the left most 80 bits i.e.
* hmac-sha1-80
*
* About CMAC
* In OpenSSL version 1.0.1c CMAC has been supported! For CMAC-AES the
* output is always 128 bits. It is obvious that the CMAC key length
* should be the same as the block cipher key length.
*/
/*
# Add these to "objects.txt" and run `make'
!Alias secg_scheme certicom-arc 1
secg-scheme 7 : ecies-recommendedParameters
secg-scheme 8 : ecies-specifiedParameters
secg-scheme 17 0 : x9-63-kdf
secg-scheme 17 1 : nist-concatenation-kdf
secg-scheme 17 2 : tls-kdf
secg-scheme 17 3 : ikev2-kdf
secg-scheme 18 : xor-in-ecies
secg-scheme 20 0 : aes128-cbc-in-ecies
secg-scheme 20 1 : aes192-cbc-in-ecies
secg-scheme 20 2 : aes256-cbc-in-ecies
secg-scheme 21 0 : aes128-ctr-in-ecies
secg-scheme 21 1 : aes192-ctr-in-ecies
secg-scheme 21 2 : aes256-ctr-in-ecies
secg-scheme 22 : hmac-full-ecies
secg-scheme 23 : hmac-half-ecies
secg-scheme 24 0 : cmac-aes128-ecies
secg-scheme 24 1 : cmac-aes192-ecies
FIXME: we can not get an EVP_algor object from these new NIDs
*/
typedef struct ecies_parameters_st {
X509_ALGOR *kdf;
X509_ALGOR *sym;
X509_ALGOR *mac;
} ECIES_PARAMETERS;
ASN1_SEQUENCE(ECIES_PARAMETERS) = {
ASN1_EXP_OPT(ECIES_PARAMETERS, kdf, X509_ALGOR, 0),
ASN1_EXP_OPT(ECIES_PARAMETERS, sym, X509_ALGOR, 1),
ASN1_EXP_OPT(ECIES_PARAMETERS, mac, X509_ALGOR, 2)
} ASN1_SEQUENCE_END(ECIES_PARAMETERS)
IMPLEMENT_ASN1_FUNCTIONS(ECIES_PARAMETERS)
IMPLEMENT_ASN1_DUP_FUNCTION(ECIES_PARAMETERS)
ASN1_SEQUENCE(ECIES_CIPHERTEXT_VALUE) = {
ASN1_SIMPLE(ECIES_CIPHERTEXT_VALUE, ephem_point, ASN1_OCTET_STRING),
ASN1_SIMPLE(ECIES_CIPHERTEXT_VALUE, ciphertext, ASN1_OCTET_STRING),
ASN1_SIMPLE(ECIES_CIPHERTEXT_VALUE, mactag, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(ECIES_CIPHERTEXT_VALUE)
IMPLEMENT_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE)
IMPLEMENT_ASN1_DUP_FUNCTION(ECIES_CIPHERTEXT_VALUE)
int i2d_ECIESParameters(const ECIES_PARAMS *param, unsigned char **out)
{
int ret = 0;
ECIES_PARAMETERS *tmp = NULL;
int sym_nid = NID_xor_in_ecies;
OPENSSL_assert(param);
OPENSSL_assert(param->kdf_md);
OPENSSL_assert(param->mac_md);
OpenSSL_add_all_digests();
if (!(tmp = ECIES_PARAMETERS_new()))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(tmp->kdf = X509_ALGOR_new()))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!X509_ALGOR_set0(tmp->kdf, OBJ_nid2obj(NID_x9_63_kdf), V_ASN1_OBJECT, OBJ_nid2obj(EVP_MD_nid(param->kdf_md))))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_X509_LIB);
goto err;
}
if (!(tmp->sym = X509_ALGOR_new()))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (param->sym_cipher)
{
switch (EVP_CIPHER_nid(param->sym_cipher))
{
case NID_aes_128_cbc:
sym_nid = NID_aes128_cbc_in_ecies;
break;
case NID_aes_192_cbc:
sym_nid = NID_aes192_cbc_in_ecies;
break;
case NID_aes_256_cbc:
sym_nid = NID_aes256_cbc_in_ecies;
break;
case NID_aes_128_ctr:
sym_nid = NID_aes128_ctr_in_ecies;
break;
case NID_aes_192_ctr:
sym_nid = NID_aes192_ctr_in_ecies;
break;
case NID_aes_256_ctr:
sym_nid = NID_aes256_ctr_in_ecies;
break;
default:
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
}
if (!X509_ALGOR_set0(tmp->sym, OBJ_nid2obj(sym_nid), V_ASN1_UNDEF, NULL))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_X509_LIB);
goto err;
}
if (!(tmp->mac = X509_ALGOR_new()))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!X509_ALGOR_set0(tmp->mac, OBJ_nid2obj(NID_hmac_full_ecies), V_ASN1_OBJECT, OBJ_nid2obj(EVP_MD_nid(param->mac_md))))
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_X509_LIB);
goto err;
}
if ((ret = i2d_ECIES_PARAMETERS(tmp, out)) <= 0)
{
ECIESerr(ECIES_F_I2D_ECIESPARAMETERS, ERR_R_ASN1_LIB);
goto err;
}
err:
if (tmp)
ECIES_PARAMETERS_free(tmp);
return ret;
}
ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param, const unsigned char **in, long len)
{
int e = 1;
ECIES_PARAMS *ret = NULL;
ECIES_PARAMETERS *tmp = NULL;
if (!(ret = OPENSSL_malloc(sizeof(ECIES_PARAMS))))
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ASN1_LIB);
goto err;
}
if (!(tmp = d2i_ECIES_PARAMETERS(NULL, in, len)))
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ASN1_LIB);
goto err;
}
/* get kdf, parameter is hash oid */
if (OBJ_obj2nid(tmp->kdf->algorithm) != NID_x9_63_kdf)
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ECIES_LIB);
goto err;
}
if (tmp->kdf->parameter->type != V_ASN1_OBJECT)
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ECIES_LIB);
goto err;
}
OpenSSL_add_all_digests();
if (!(ret->kdf_md = EVP_get_digestbynid(OBJ_obj2nid(tmp->kdf->parameter->value.object))))
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ECIES_LIB);
goto err;
}
/* get sym, no parameter for iv is zero */
switch (OBJ_obj2nid(tmp->sym->algorithm)) {
case NID_xor_in_ecies:
ret->sym_cipher = NULL;
break;
case NID_aes128_cbc_in_ecies:
ret->sym_cipher = EVP_aes_128_cbc();
break;
case NID_aes192_cbc_in_ecies:
ret->sym_cipher = EVP_aes_192_cbc();
break;
case NID_aes256_cbc_in_ecies:
ret->sym_cipher = EVP_aes_256_cbc();
break;
case NID_aes128_ctr_in_ecies:
ret->sym_cipher = EVP_aes_128_ctr();
break;
case NID_aes192_ctr_in_ecies:
ret->sym_cipher = EVP_aes_192_ctr();
break;
case NID_aes256_ctr_in_ecies:
ret->sym_cipher = EVP_aes_256_ctr();
break;
default:
goto err;
}
/* get mac, parameter is hash oid */
switch (OBJ_obj2nid(tmp->mac->algorithm)) {
case NID_hmac_full_ecies:
break;
case NID_hmac_half_ecies:
case NID_cmac_aes128_ecies:
case NID_cmac_aes192_ecies:
goto err;
break;
default:
goto err;
break;
}
if (tmp->mac->parameter->type != V_ASN1_OBJECT)
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ECIES_LIB);
goto err;
}
if (!(ret->mac_md = EVP_get_digestbynid(OBJ_obj2nid(
tmp->mac->parameter->value.object))))
{
ECIESerr(ECIES_F_D2I_ECIESPARAMETERS, ERR_R_ECIES_LIB);
goto err;
}
if (param && *param)
OPENSSL_free(*param);
if (param)
*param = ret;
e = 0;
err:
if (e && ret)
{
OPENSSL_free(ret);
ret = NULL;
}
if (tmp) ECIES_PARAMETERS_free(tmp);
return ret;
}

104
crypto/ecies/ecies_err.c
View File

@@ -1,104 +0,0 @@
/* crypto/ecies/ecies_err.c */
/* ====================================================================
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ecies.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECIES,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECIES,0,reason)
static ERR_STRING_DATA ECIES_str_functs[] = {
{ERR_FUNC(ECIES_F_D2I_ECIESPARAMETERS), "d2i_ECIESParameters"},
{ERR_FUNC(ECIES_F_ECIES_DECRYPT), "ECIES_decrypt"},
{ERR_FUNC(ECIES_F_ECIES_DO_DECRYPT), "ECIES_do_decrypt"},
{ERR_FUNC(ECIES_F_ECIES_DO_ENCRYPT), "ECIES_do_encrypt"},
{ERR_FUNC(ECIES_F_ECIES_ENCRYPT), "ECIES_encrypt"},
{ERR_FUNC(ECIES_F_I2D_ECIESPARAMETERS), "i2d_ECIESParameters"},
{0, NULL}
};
static ERR_STRING_DATA ECIES_str_reasons[] = {
{ERR_REASON(ECIES_R_BAD_DATA), "bad data"},
{ERR_REASON(ECIES_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(ECIES_R_DECRYPT_FAILED), "decrypt failed"},
{ERR_REASON(ECIES_R_ECDH_FAILED), "ECDH failed"},
{ERR_REASON(ECIES_R_ENCRYPT_FAILED), "encrypt failed"},
{ERR_REASON(ECIES_R_GEN_MAC_FAILED), "MAC generation failed"},
{ERR_REASON(ECIES_R_VERIFY_MAC_FAILED), "MAC verification failed"},
{0, NULL}
};
#endif
void ERR_load_ECIES_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(ECIES_str_functs[0].error) == NULL) {
ERR_load_strings(0, ECIES_str_functs);
ERR_load_strings(0, ECIES_str_reasons);
}
#endif
}

558
crypto/ecies/ecies_lib.c
View File

@@ -1,558 +0,0 @@
/* crypto/ecies/ecies_lib.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include <openssl/ecdh.h>
#include <openssl/kdf.h>
#include <openssl/ecies.h>
#include "../o_str.h"
static void *ecies_data_dup(void *data) {
ECIES_PARAMS *ret = NULL;
ECIES_PARAMS *param = (ECIES_PARAMS *)data;
OPENSSL_assert(data);
if (!(ret = OPENSSL_malloc(sizeof(ECIES_PARAMS)))) {
return NULL;
}
memcpy(ret, param, sizeof(*param));
return ret;
}
static void ecies_data_free(void *data) {
OPENSSL_free(data);
return;
}
int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param)
{
ECIES_PARAMS *data = NULL;
OPENSSL_assert(ec_key);
OPENSSL_assert(param);
data = (ECIES_PARAMS *)ecies_data_dup((void *)param);
if (EC_KEY_insert_key_method_data(ec_key, data,
ecies_data_dup, ecies_data_free, ecies_data_free)) {
return 0;
}
return 1;
}
//FIXME: is is _get0_ ?
ECIES_PARAMS *ECIES_get_parameters(EC_KEY *ec_key)
{
ECIES_PARAMS *ret;
if (!(ret = EC_KEY_get_key_method_data(ec_key,
ecies_data_dup, ecies_data_free, ecies_data_free))) {
return NULL;
}
return ret;
}
ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, EC_KEY *pub_key)
{
int e = 1;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
EC_KEY *ephem_key = NULL;
unsigned char *share = NULL;
unsigned char *enckey, *mackey, *p;
int sharelen, enckeylen, mackeylen, maclen, len;
EVP_CIPHER_CTX cipher_ctx;
EVP_CIPHER_CTX_init(&cipher_ctx);
if (!(cv = ECIES_CIPHERTEXT_VALUE_new()))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
/*
* generate and encode ephem_point
*/
if (!(ephem_key = EC_KEY_new()))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_KEY_set_group(ephem_key, EC_KEY_get0_group(pub_key)))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_EC_LIB);
goto err;
}
if (!EC_KEY_generate_key(ephem_key))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_EC_LIB);
goto err;
}
len = (int)EC_POINT_point2oct(EC_KEY_get0_group(ephem_key),
EC_KEY_get0_public_key(ephem_key), POINT_CONVERSION_COMPRESSED,
NULL, 0, NULL);
if (!M_ASN1_OCTET_STRING_set(cv->ephem_point, NULL, len))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_ASN1_LIB);
goto err;
}
if (EC_POINT_point2oct(EC_KEY_get0_group(ephem_key),
EC_KEY_get0_public_key(ephem_key), POINT_CONVERSION_COMPRESSED,
cv->ephem_point->data, len, NULL) <= 0)
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_EC_LIB);
goto err;
}
/*
* use ecdh to compute enckey and mackey
*/
if (param->sym_cipher)
enckeylen = EVP_CIPHER_key_length(param->sym_cipher);
else enckeylen = inlen;
switch (param->mac_nid) {
case NID_hmac_full_ecies:
maclen = EVP_MD_size(param->mac_md);
mackeylen = EVP_MD_size(param->mac_md);
break;
case NID_hmac_half_ecies:
maclen = EVP_MD_size(param->mac_md)/2;
mackeylen = EVP_MD_size(param->mac_md);
break;
case NID_cmac_aes128_ecies:
maclen = AES_BLOCK_SIZE;
mackeylen = 128/8;
break;
case NID_cmac_aes192_ecies:
maclen = AES_BLOCK_SIZE;
mackeylen = 192/8;
break;
default:
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_EC_LIB);
goto err;
}
sharelen = enckeylen + mackeylen;
if (!(share = OPENSSL_malloc(sharelen)))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!ECDH_compute_key(share, sharelen,
EC_KEY_get0_public_key(pub_key), ephem_key,
KDF_get_x9_63(param->kdf_md)))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ECIES_R_ECDH_FAILED);
goto err;
}
enckey = share;
mackey = share + enckeylen;
/*
* encrypt data and encode result to ciphertext
*/
if (param->sym_cipher)
len = (int)(inlen + EVP_MAX_BLOCK_LENGTH * 2);
else len = inlen;
if (!M_ASN1_OCTET_STRING_set(cv->ciphertext, NULL, len))
{
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto err;
}
if (param->sym_cipher)
{
unsigned char iv[EVP_MAX_IV_LENGTH];
memset(iv, 0, sizeof(iv));
if (!EVP_EncryptInit(&cipher_ctx, param->sym_cipher, enckey, iv))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT,
ECIES_R_ENCRYPT_FAILED);
goto err;
}
p = cv->ciphertext->data;
if (!EVP_EncryptUpdate(&cipher_ctx, p, &len, in, (int)inlen))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT,
ECIES_R_ENCRYPT_FAILED);
goto err;
}
p += len;
if (!EVP_EncryptFinal(&cipher_ctx, p, &len))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT,
ECIES_R_ENCRYPT_FAILED);
goto err;
}
p += len;
cv->ciphertext->length = (int)(p - cv->ciphertext->data);
}
else
{
int i;
for (i = 0; i < len; i++)
cv->ciphertext->data[i] = in[i] ^ enckey[i];
cv->ciphertext->length = len;
}
/*
* calculate mactag of ciphertext and encode
*/
cv->mactag->length = maclen;
if (!M_ASN1_OCTET_STRING_set(cv->mactag, NULL, cv->mactag->length))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!HMAC(param->mac_md, mackey, mackeylen,
cv->ciphertext->data, (size_t)cv->ciphertext->length,
cv->mactag->data, (unsigned int *)&len))
{
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_DO_ENCRYPT, ECIES_R_GEN_MAC_FAILED);
goto err;
}
e = 0;
err:
EVP_CIPHER_CTX_cleanup(&cipher_ctx);
if (share) OPENSSL_free(share);
if (ephem_key) EC_KEY_free(ephem_key);
if (e && cv)
{
ECIES_CIPHERTEXT_VALUE_free(cv);
cv = NULL;
}
return cv;
}
int ECIES_do_decrypt(const ECIES_CIPHERTEXT_VALUE *cv,
const ECIES_PARAMS *param, unsigned char *out, size_t *outlen,
EC_KEY *pri_key)
{
int r = 0;
EC_POINT *ephem_point = NULL;
unsigned char *share = NULL;
unsigned char mac[EVP_MAX_MD_SIZE];
unsigned char *enckey, *mackey;
int sharelen, enckeylen, mackeylen, len;
unsigned char *p;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
// check output buffer size
if (!out)
{
*outlen = cv->ciphertext->length;
r = 1;
goto err;
}
if ((int)(*outlen) < cv->ciphertext->length)
{
*outlen = cv->ciphertext->length;
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_BUFFER_TOO_SMALL);
goto err;
}
/*
* decode ephem_point
*/
if (!cv->ephem_point || !cv->ephem_point->data)
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_BAD_DATA);
goto err;
}
if (!(ephem_point = EC_POINT_new(EC_KEY_get0_group(pri_key))))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_POINT_oct2point(EC_KEY_get0_group(pri_key), ephem_point,
cv->ephem_point->data, cv->ephem_point->length, NULL))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_BAD_DATA);
goto err;
}
/*
* use ecdh to compute enckey and mackey
*/
if (param->sym_cipher)
enckeylen = EVP_CIPHER_key_length(param->sym_cipher);
else enckeylen = cv->ciphertext->length;
mackeylen = EVP_MD_size(param->mac_md);
sharelen = enckeylen + mackeylen;
if (!(share = OPENSSL_malloc(sharelen)))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!ECDH_compute_key(share, enckeylen + mackeylen,
ephem_point, pri_key,
KDF_get_x9_63(param->kdf_md)))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_ECDH_FAILED);
goto err;
}
enckey = share;
mackey = share + enckeylen;
/*
* generate and verify mac
*/
if (!cv->mactag || !cv->mactag->data)
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_BAD_DATA);
goto err;
}
if (!HMAC(param->mac_md, mackey, mackeylen,
cv->ciphertext->data, (size_t)cv->ciphertext->length,
mac, (unsigned int *)&len))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_GEN_MAC_FAILED);
goto err;
}
if (len != cv->mactag->length)
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_VERIFY_MAC_FAILED);
goto err;
}
if (OPENSSL_memcmp(cv->mactag->data, mac, len))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_VERIFY_MAC_FAILED);
goto err;
}
/*
* decrypt ciphertext and output
*/
if (param->sym_cipher)
{
unsigned char iv[EVP_MAX_IV_LENGTH];
memset(iv, 0, sizeof(iv));
if (!EVP_DecryptInit(&ctx, param->sym_cipher, enckey, iv))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_DECRYPT_FAILED);
goto err;
}
p = out;
if (!EVP_DecryptUpdate(&ctx, p, &len,
cv->ciphertext->data, cv->ciphertext->length))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_DECRYPT_FAILED);
goto err;
}
p += len;
if (!EVP_DecryptFinal(&ctx, p, &len))
{
ECIESerr(ECIES_F_ECIES_DO_DECRYPT, ECIES_R_DECRYPT_FAILED);
goto err;
}
p += len;
*outlen = (int)(p - out);
}
else
{
int i;
for (i = 0; i < cv->ciphertext->length; i++)
out[i] = cv->ciphertext->data[i] ^ enckey[i];
*outlen = cv->ciphertext->length;
}
r = 1;
err:
if (share) OPENSSL_free(share);
EVP_CIPHER_CTX_cleanup(&ctx);
if (ephem_point) EC_POINT_free(ephem_point);
return r;
}
int ECIES_encrypt(const ECIES_PARAMS *param,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
int ret = 0;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
unsigned char *p = out;
int len;
if (!(cv = ECIES_do_encrypt(param, in, inlen, ec_key))) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
return 0;
}
if ((len = i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL)) <= 0) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
goto end;
}
if (!out) {
*outlen = (size_t)len;
ret = 1;
goto end;
}
if (*outlen < len) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
*outlen = (size_t)len;
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if ((len = i2d_ECIES_CIPHERTEXT_VALUE(cv, &p)) <= 0) {
ECIESerr(ECIES_F_ECIES_ENCRYPT, ECIES_R_ENCRYPT_FAILED);
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
*outlen = (size_t)len;
ret = 1;
end:
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}
int ECIES_decrypt(const ECIES_PARAMS *param,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
int ret = 0;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
const unsigned char *p = in;
if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &p, (long)inlen))) {
ECIESerr(ECIES_F_ECIES_DECRYPT, ECIES_R_ENCRYPT_FAILED);
return 0;
}
if (!ECIES_do_decrypt(cv, param, out, outlen, ec_key)) {
ECIESerr(ECIES_F_ECIES_DECRYPT, ECIES_R_ENCRYPT_FAILED);
goto end;
}
ret = 1;
end:
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}
int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
{
if (!param) {
return 0;
}
param->kdf_nid = NID_undef;
param->kdf_md = EVP_sha1(); //FIXME: EVP_sha256() will error
param->sym_cipher = EVP_aes_128_cbc();
param->mac_nid = NID_hmac_full_ecies;
param->mac_md = EVP_sha1(); //FIXME: EVP_sha256() need test
param->mac_cipher = NULL;
return 1;
}
int ECIES_encrypt_with_recommended(unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_encrypt(&param, out, outlen, in, inlen, ec_key);
}
int ECIES_decrypt_with_recommended(unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_decrypt(&param, out, outlen, in, inlen, ec_key);
}

174
crypto/ecies/eciestest.c
View File

@@ -1,174 +0,0 @@
/* crypto/ecies/eciestest.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <assert.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include "ecies.h"
int ecies_test_ECIESParameters(void)
{
int ret = 0;
ECIES_PARAMS buffer;
ECIES_PARAMS *param = &buffer;
unsigned char *der = NULL;
int derlen;
unsigned char *p;
const unsigned char *cp;
param->kdf_md = EVP_sha1();
param->sym_cipher = NULL;
param->mac_md = EVP_sha1();
derlen = i2d_ECIESParameters(param, NULL);
if (derlen <= 0) {
fprintf(stderr, "test i2d_ECIESParameters failed test suite 1\n");
goto end;
}
der = OPENSSL_malloc(derlen);
OPENSSL_assert(der);
p = der;
derlen = i2d_ECIESParameters(param, &p);
param = NULL;
cp = der;
param = d2i_ECIESParameters(NULL, &cp, derlen);
if (!param) {
fprintf(stderr, "test d2i_ECIESParameters faild\n");
goto end;
}
OPENSSL_free(param);
param = NULL;
cp = der;
d2i_ECIESParameters(&param, &cp, derlen);
if (!param) {
fprintf(stderr, "test failed\n");
goto end;
}
ret = 1;
end:
return ret;
}
void ecies_test(void)
{
int r;
EC_GROUP *ec_group = NULL;
EC_KEY *ec_key = NULL;
ECIES_PARAMS params;
ECIES_PARAMS *param2 = NULL;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
unsigned char buffer1[1024];
unsigned char buffer2[1024];
unsigned char buffer3[1024];
unsigned char *der = NULL;
int derlen;
unsigned char *p;
const unsigned char *cp;
ec_key = EC_KEY_new_by_curve_name(OBJ_sn2nid("secp192k1"));
OPENSSL_assert(ec_key);
r = EC_KEY_generate_key(ec_key);
assert(r);
/* set ECIESParameters */
params.kdf_md = EVP_sha1();
params.sym_cipher = EVP_aes_128_cbc();
params.mac_md = EVP_sha1();
derlen = i2d_ECIESParameters(&params, NULL);
printf("ECIESParameters DER length = %d\n", derlen);
memset(buffer1, 0, sizeof(buffer1));
strcpy((char *)buffer1, "hello");
cv = ECIES_do_encrypt(&params, buffer1, strlen(buffer1) + 1, ec_key);
assert(cv);
memset(buffer3, 0, sizeof(buffer3));
if (!ECIES_do_decrypt(cv, &params, buffer3, &derlen, ec_key)) {
ERR_print_errors_fp(stderr);
return;
}
printf("decrypted plaintext length = %d\n", derlen);
printf("%s\n", buffer3);
derlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL);
printf("ECIES Test: ECIES_CIPHERTEXT_VALUE DER encoding length = %d\n", derlen);
der = OPENSSL_malloc(derlen);
assert(der);
p = der;
i2d_ECIES_CIPHERTEXT_VALUE(cv, &p);
ECIES_CIPHERTEXT_VALUE_free(cv);
cv = NULL;
cp = der;
cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &cp, derlen);
assert(cv);
ecies_test_ECIESParameters();
}
int main(int argc, char **argv)
{
ecies_test();
return 0;
}