abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Revert "修改License"

Browse Source 
This reverts commit 0b4308b948.
This commit is contained in:
Simon
2022-08-26 13:44:26 +08:00
parent 0b4308b948
commit 4e5880e2ea
268 changed files with 67015 additions and 67247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
.github/workflows/cmake.yml vendored
View File

@@ -1,37 +1,37 @@
name: CMake name: CMake
on: on:
push: push:
branches: [ develop ] branches: [ develop ]
pull_request: pull_request:
branches: [ develop ] branches: [ develop ]
env: env:
# Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.) # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.)
BUILD_TYPE: Release BUILD_TYPE: Release
jobs: jobs:
build: build:
# The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac. # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac.
# You can convert this to a matrix build if you need cross-platform coverage. # You can convert this to a matrix build if you need cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Configure CMake - name: Configure CMake
# Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
# See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}}
- name: Build - name: Build
# Build your program with the given configuration # Build your program with the given configuration
run: cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} run: cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}}
- name: Test - name: Test
working-directory: ${{github.workspace}}/build working-directory: ${{github.workspace}}/build
# Execute tests defined by the CMake configuration. # Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C ${{env.BUILD_TYPE}} run: ctest -C ${{env.BUILD_TYPE}}

62
.github/workflows/cygwin.yml vendored
View File

@@ -1,31 +1,31 @@
name: Cygwin name: Cygwin
on: on:
push: push:
branches: [ develop ] branches: [ develop ]
pull_request: pull_request:
branches: [ develop ] branches: [ develop ]
env: env:
# Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.) # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.)
BUILD_TYPE: Release BUILD_TYPE: Release
jobs: jobs:
build: build:
# The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac. # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac.
# You can convert this to a matrix build if you need cross-platform coverage. # You can convert this to a matrix build if you need cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
runs-on: windows-latest runs-on: windows-latest
env: env:
SHELLOPTS: igncr SHELLOPTS: igncr
defaults: defaults:
run: run:
shell: C:\tools\cygwin\bin\bash.exe --login '{0}' shell: C:\tools\cygwin\bin\bash.exe --login '{0}'
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Set up Cygwin - name: Set up Cygwin
uses: egor-tensin/setup-cygwin@v3 uses: egor-tensin/setup-cygwin@v3
with: with:
platform: x64 platform: x64
packages: cmake gcc-g++ packages: cmake gcc-g++

433
.gitignore vendored
View File

@@ -1,217 +1,216 @@
# Ignore editor artefacts # Ignore editor artefacts
/.dir-locals.el /.dir-locals.el
# Top level excludes # Top level excludes
/Makefile.orig /Makefile.orig
/MINFO /MINFO
/TABLE /TABLE
/*.a /*.a
/*.pc /*.pc
/rehash.time /rehash.time
/inc.* /inc.*
/makefile.* /makefile.*
/out.* /out.*
/tmp.* /tmp.*
/configdata.pm /configdata.pm
/build /build
/Makefile /Makefile
# *all* Makefiles # *all* Makefiles
#Makefile #Makefile
*.tmp *.tmp
# Java # Java
/java/*.class /java/*.class
/java/Makefile* /java/Makefile*
# Links under apps # Links under apps
/apps/CA.pl /apps/CA.pl
/apps/tsget /apps/tsget
/apps/tsget.pl /apps/tsget.pl
/apps/md4.c /apps/md4.c
# Auto generated headers # Auto generated headers
/crypto/buildinf.h /crypto/buildinf.h
/crypto/include/internal/*_conf.h /crypto/include/internal/*_conf.h
/openssl/include/opensslconf.h /openssl/include/opensslconf.h
/util/domd /util/domd
# Executables # Executables
/apps/openssl /apps/openssl
/test/sha256t /test/sha256t
/test/sha512t /test/sha512t
/test/gost2814789t /test/gost2814789t
/test/ssltest_old /test/ssltest_old
/test/*test /test/*test
/test/fips_aesavs /test/fips_aesavs
/test/fips_desmovs /test/fips_desmovs
/test/fips_dhvs /test/fips_dhvs
/test/fips_drbgvs /test/fips_drbgvs
/test/fips_dssvs /test/fips_dssvs
/test/fips_ecdhvs /test/fips_ecdhvs
/test/fips_ecdsavs /test/fips_ecdsavs
/test/fips_rngvs /test/fips_rngvs
/test/fips_test_suite /test/fips_test_suite
/test/ssltest_old /test/ssltest_old
/test/x509aux /test/x509aux
/test/v3ext /test/v3ext
# Certain files that get created by tests on the fly # Certain files that get created by tests on the fly
/test/*.ss /test/*.ss
/test/*.srl /test/*.srl
/test/.rnd /test/.rnd
/test/test*.pem /test/test*.pem
/test/newkey.pem /test/newkey.pem
/test/*.log /test/*.log
/test/buildtest_* /test/buildtest_*
/test/*.p /test/*.p
/test/*.dd /test/*.dd
/test/*.dp /test/*.dp
/test/*.pd /test/*.pd
/test/*.p /test/*.p
/demos/*.pem
/util/shlib_wrap.sh
/util/shlib_wrap.sh
# Fuzz stuff.
# Fuzz stuff. # Anything without an extension is an executable on Unix, so we keep files
# Anything without an extension is an executable on Unix, so we keep files # with extensions. And we keep the corpora subddir versioned as well.
# with extensions. And we keep the corpora subddir versioned as well. # Anything more generic with extensions that should be ignored will be taken
# Anything more generic with extensions that should be ignored will be taken # care of by general ignores for those extensions (*.o, *.obj, *.exe, ...)
# care of by general ignores for those extensions (*.o, *.obj, *.exe, ...) /fuzz/*
/fuzz/* !/fuzz/README*
!/fuzz/README* !/fuzz/corpora
!/fuzz/corpora !/fuzz/*.*
!/fuzz/*.*
# Misc auto generated files
# Misc auto generated files /include/openssl/opensslconf.h
/include/openssl/opensslconf.h /tools/c_rehash
/tools/c_rehash /tools/c_rehash.pl
/tools/c_rehash.pl /tags
/tags /TAGS
/TAGS /crypto.map
/crypto.map /ssl.map
/ssl.map
# Windows (legacy)
# Windows (legacy) /tmp32
/tmp32 /tmp32.dbg
/tmp32.dbg /tmp32dll
/tmp32dll /tmp32dll.dbg
/tmp32dll.dbg /out32
/out32 /out32.dbg
/out32.dbg /out32dll
/out32dll /out32dll.dbg
/out32dll.dbg /inc32
/inc32 /MINFO
/MINFO /ms/.rnd
/ms/.rnd /ms/bcb.mak
/ms/bcb.mak /ms/libeay32.def
/ms/libeay32.def /ms/nt.mak
/ms/nt.mak /ms/ntdll.mak
/ms/ntdll.mak /ms/ssleay32.def
/ms/ssleay32.def /ms/version32.rc
/ms/version32.rc
# Files created on other branches that are not held in git, and are not
# Files created on other branches that are not held in git, and are not # needed on this branch
# needed on this branch /include/openssl/asn1_mac.h
/include/openssl/asn1_mac.h /include/openssl/des_old.h
/include/openssl/des_old.h /include/openssl/fips.h
/include/openssl/fips.h /include/openssl/fips_rand.h
/include/openssl/fips_rand.h /include/openssl/krb5_asn.h
/include/openssl/krb5_asn.h /include/openssl/kssl.h
/include/openssl/kssl.h /include/openssl/pq_compat.h
/include/openssl/pq_compat.h /include/openssl/ssl23.h
/include/openssl/ssl23.h /include/openssl/tmdiff.h
/include/openssl/tmdiff.h /include/openssl/ui_compat.h
/include/openssl/ui_compat.h /test/fips_aesavs.c
/test/fips_aesavs.c /test/fips_desmovs.c
/test/fips_desmovs.c /test/fips_dsatest.c
/test/fips_dsatest.c /test/fips_dssvs.c
/test/fips_dssvs.c /test/fips_hmactest.c
/test/fips_hmactest.c /test/fips_randtest.c
/test/fips_randtest.c /test/fips_rngvs.c
/test/fips_rngvs.c /test/fips_rsagtest.c
/test/fips_rsagtest.c /test/fips_rsastest.c
/test/fips_rsastest.c /test/fips_rsavtest.c
/test/fips_rsavtest.c /test/fips_shatest.c
/test/fips_shatest.c /test/fips_test_suite.c
/test/fips_test_suite.c /test/shatest.c
/test/shatest.c
##### Generic patterns
##### Generic patterns # Auto generated assembly language source files
# Auto generated assembly language source files *.s
*.s !/crypto/*/asm/*.s
!/crypto/*/asm/*.s /crypto/arm*.S
/crypto/arm*.S /crypto/*/*.S
/crypto/*/*.S *.asm
*.asm !/crypto/*/asm/*.asm
!/crypto/*/asm/*.asm
# Object files
# Object files *.o
*.o *.obj
*.obj
# editor artefacts
# editor artefacts *.swp
*.swp .#*
.#* \#*#
\#*# *~
*~
# Certificate symbolic links
# Certificate symbolic links *.0
*.0
# All kinds of executables
# All kinds of executables *.so
*.so *.so.*
*.so.* *.dylib
*.dylib *.dylib.*
*.dylib.* *.dll
*.dll *.dll.*
*.dll.* *.exe
*.exe *.pyc
*.pyc *.exp
*.exp *.lib
*.lib *.pdb
*.pdb *.ilk
*.ilk *.def
*.def *.rc
*.rc *.res
*.res
# Misc generated stuff
# Misc generated stuff Makefile.save
Makefile.save /crypto/**/lib
/crypto/**/lib /engines/**/lib
/engines/**/lib /ssl/**/lib
/ssl/**/lib *.bak
*.bak cscope.*
cscope.* *.d
*.d
# macOS
# macOS .DS_Store
.DS_Store *.tar.gz
*.tar.gz
# add by LiTianjue for GmSSL
# add by LiTianjue for GmSSL # auto create by Configure
# auto create by Configure crypto/opensslconf.h
crypto/opensslconf.h tool/c_rehash
tool/c_rehash # exec file
# exec file apps/gmssl
apps/gmssl apps/gmca/.ca
apps/gmca/.ca
# gmtls
# gmtls /ssl/ssl_load.c
/ssl/ssl_load.c
# engines
# engines /engines/e_skf*
/engines/e_skf* /engines/e_sdf*
/engines/e_sdf* /engines/sdf
/engines/sdf /engines/skf
/engines/skf
include/openssl/srp.h
include/openssl/srp.h
/*.sh
/*.sh
/rust
/rust /python
/python /build
/build

552
CMakeLists.txt
View File

@@ -1,276 +1,276 @@
cmake_minimum_required(VERSION 3.0) cmake_minimum_required(VERSION 3.0)
project(GmSSL) project(GmSSL)
#set(CMAKE_MACOSX_RPATH 1) #set(CMAKE_MACOSX_RPATH 1)
SET(EXECUTABLE_OUTPUT_PATH ${PROJECT_BINARY_DIR}/bin) SET(EXECUTABLE_OUTPUT_PATH ${PROJECT_BINARY_DIR}/bin)
SET(LIBRARY_OUTPUT_PATH ${PROJECT_BINARY_DIR}/lib) SET(LIBRARY_OUTPUT_PATH ${PROJECT_BINARY_DIR}/lib)
if (CMAKE_VERSION VERSION_LESS "3.1") if (CMAKE_VERSION VERSION_LESS "3.1")
if (CMAKE_C_COMPILER_ID STREQUAL "GNU") if (CMAKE_C_COMPILER_ID STREQUAL "GNU")
set (CMAKE_C_FLAGS "-std=gnu99 ${CMAKE_C_FLAGS}") set (CMAKE_C_FLAGS "-std=gnu99 ${CMAKE_C_FLAGS}")
endif () endif ()
else () else ()
set (CMAKE_C_STANDARD 99) set (CMAKE_C_STANDARD 99)
endif () endif ()
#set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mrdrnd -mrdseed") #set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mrdrnd -mrdseed")
include_directories(include) include_directories(include)
add_library( add_library(
gmssl gmssl
SHARED SHARED
src/version.c src/version.c
src/debug.c src/debug.c
src/sm4_common.c src/sm4_common.c
src/sm4_enc.c src/sm4_enc.c
src/sm4_modes.c src/sm4_modes.c
src/sm4_setkey.c src/sm4_setkey.c
src/sm3.c src/sm3.c
src/sm3_hmac.c src/sm3_hmac.c
src/sm3_kdf.c src/sm3_kdf.c
src/sm2_alg.c src/sm2_alg.c
src/sm2_key.c src/sm2_key.c
src/sm2_lib.c src/sm2_lib.c
src/sm9_alg.c src/sm9_alg.c
src/sm9_key.c src/sm9_key.c
src/sm9_lib.c src/sm9_lib.c
src/zuc.c src/zuc.c
src/zuc_modes.c src/zuc_modes.c
src/aes.c src/aes.c
src/aes_modes.c src/aes_modes.c
src/sha256.c src/sha256.c
src/sha512.c src/sha512.c
src/chacha20.c src/chacha20.c
src/des.c src/des.c
src/sha1.c src/sha1.c
src/md5.c src/md5.c
src/rc4.c src/rc4.c
src/rand.c src/rand.c
src/hash_drbg.c src/hash_drbg.c
# src/rdrand.c # src/rdrand.c
src/block_cipher.c src/block_cipher.c
src/digest.c src/digest.c
src/hmac.c src/hmac.c
src/hkdf.c src/hkdf.c
src/pbkdf2.c src/pbkdf2.c
src/gf128.c src/gf128.c
src/gcm.c src/gcm.c
src/pkcs8.c src/pkcs8.c
src/ec.c src/ec.c
src/rsa.c src/rsa.c
src/asn1.c src/asn1.c
src/hex.c src/hex.c
src/base64.c src/base64.c
src/pem.c src/pem.c
src/x509_oid.c src/x509_oid.c
src/x509_alg.c src/x509_alg.c
src/x509_str.c src/x509_str.c
src/x509_cer.c src/x509_cer.c
src/x509_ext.c src/x509_ext.c
src/x509_req.c src/x509_req.c
src/x509_crl.c src/x509_crl.c
src/cms.c src/cms.c
src/sdf/sdf.c src/sdf/sdf.c
src/sdf/sdf_lib.c src/sdf/sdf_lib.c
src/sdf/sdf_meth.c src/sdf/sdf_meth.c
src/sdf/sdf_ext.c src/sdf/sdf_ext.c
src/sdf/sdf_sansec.c src/sdf/sdf_sansec.c
src/skf/skf.c src/skf/skf.c
src/skf/skf_lib.c src/skf/skf_lib.c
src/skf/skf_meth.c src/skf/skf_meth.c
src/skf/skf_ext.c src/skf/skf_ext.c
src/skf/skf_prn.c src/skf/skf_prn.c
src/skf/skf_wisec.c src/skf/skf_wisec.c
src/tls.c src/tls.c
src/tls_ext.c src/tls_ext.c
src/tls_trace.c src/tls_trace.c
src/tlcp.c src/tlcp.c
src/tls12.c src/tls12.c
src/tls13.c src/tls13.c
) )
target_link_libraries(gmssl dl) target_link_libraries(gmssl dl)
SET_TARGET_PROPERTIES(gmssl PROPERTIES VERSION 3.0 SOVERSION 3) SET_TARGET_PROPERTIES(gmssl PROPERTIES VERSION 3.0 SOVERSION 3)
add_library(sdf_dummy SHARED src/sdf/sdf_dummy.c) add_library(sdf_dummy SHARED src/sdf/sdf_dummy.c)
SET_TARGET_PROPERTIES(sdf_dummy PROPERTIES VERSION 3.0 SOVERSION 3) SET_TARGET_PROPERTIES(sdf_dummy PROPERTIES VERSION 3.0 SOVERSION 3)
add_library(skf_dummy SHARED src/skf/skf_dummy.c) add_library(skf_dummy SHARED src/skf/skf_dummy.c)
SET_TARGET_PROPERTIES(skf_dummy PROPERTIES VERSION 3.0 SOVERSION 3) SET_TARGET_PROPERTIES(skf_dummy PROPERTIES VERSION 3.0 SOVERSION 3)
add_executable( add_executable(
gmssl-bin gmssl-bin
tools/gmssl.c tools/gmssl.c
tools/version.c tools/version.c
tools/sm4.c tools/sm4.c
tools/sm3.c tools/sm3.c
tools/sm3hmac.c tools/sm3hmac.c
tools/sm2keygen.c tools/sm2keygen.c
tools/sm2sign.c tools/sm2sign.c
tools/sm2verify.c tools/sm2verify.c
tools/sm2encrypt.c tools/sm2encrypt.c
tools/sm2decrypt.c tools/sm2decrypt.c
tools/sm9setup.c tools/sm9setup.c
tools/sm9keygen.c tools/sm9keygen.c
tools/sm9sign.c tools/sm9sign.c
tools/sm9verify.c tools/sm9verify.c
tools/sm9encrypt.c tools/sm9encrypt.c
tools/sm9decrypt.c tools/sm9decrypt.c
tools/zuc.c tools/zuc.c
tools/rand.c tools/rand.c
tools/pbkdf2.c tools/pbkdf2.c
tools/certgen.c tools/certgen.c
tools/certparse.c tools/certparse.c
tools/certverify.c tools/certverify.c
tools/reqgen.c tools/reqgen.c
tools/reqparse.c tools/reqparse.c
tools/reqsign.c tools/reqsign.c
tools/crlparse.c tools/crlparse.c
tools/crlverify.c tools/crlverify.c
tools/cmssign.c tools/cmssign.c
tools/cmsverify.c tools/cmsverify.c
tools/cmsencrypt.c tools/cmsencrypt.c
tools/cmsdecrypt.c tools/cmsdecrypt.c
tools/cmsparse.c tools/cmsparse.c
tools/sdfutil.c tools/sdfutil.c
tools/skfutil.c tools/skfutil.c
tools/tlcp_client.c tools/tlcp_client.c
tools/tlcp_server.c tools/tlcp_server.c
tools/tls12_client.c tools/tls12_client.c
tools/tls12_server.c tools/tls12_server.c
tools/tls13_client.c tools/tls13_client.c
tools/tls13_server.c tools/tls13_server.c
) )
target_link_libraries (gmssl-bin LINK_PUBLIC gmssl) target_link_libraries (gmssl-bin LINK_PUBLIC gmssl)
set_target_properties (gmssl-bin PROPERTIES RUNTIME_OUTPUT_NAME gmssl) set_target_properties (gmssl-bin PROPERTIES RUNTIME_OUTPUT_NAME gmssl)
enable_testing() enable_testing()
add_test(NAME sm4 COMMAND sm4test) add_test(NAME sm4 COMMAND sm4test)
add_test(NAME sm3 COMMAND sm3test) add_test(NAME sm3 COMMAND sm3test)
add_test(NAME sm2 COMMAND sm2test) add_test(NAME sm2 COMMAND sm2test)
add_test(NAME sm9 COMMAND sm9test) add_test(NAME sm9 COMMAND sm9test)
add_test(NAME zuc COMMAND zuctest) add_test(NAME zuc COMMAND zuctest)
add_test(NAME aes COMMAND aestest) add_test(NAME aes COMMAND aestest)
add_test(NAME sha224 COMMAND sha224test) add_test(NAME sha224 COMMAND sha224test)
add_test(NAME sha256 COMMAND sha256test) add_test(NAME sha256 COMMAND sha256test)
add_test(NAME sha384 COMMAND sha384test) add_test(NAME sha384 COMMAND sha384test)
add_test(NAME sha512 COMMAND sha512test) add_test(NAME sha512 COMMAND sha512test)
add_test(NAME chacha20 COMMAND chacha20test) add_test(NAME chacha20 COMMAND chacha20test)
add_test(NAME des COMMAND destest) add_test(NAME des COMMAND destest)
add_test(NAME sha1 COMMAND sha1test) add_test(NAME sha1 COMMAND sha1test)
add_test(NAME md5 COMMAND md5test) add_test(NAME md5 COMMAND md5test)
add_test(NAME rc4 COMMAND rc4test) add_test(NAME rc4 COMMAND rc4test)
add_test(NAME hash_drbg COMMAND hash_drbgtest) add_test(NAME hash_drbg COMMAND hash_drbgtest)
add_test(NAME block_cipher COMMAND block_ciphertest) add_test(NAME block_cipher COMMAND block_ciphertest)
add_test(NAME digest COMMAND digesttest) add_test(NAME digest COMMAND digesttest)
add_test(NAME hmac COMMAND hmactest) add_test(NAME hmac COMMAND hmactest)
add_test(NAME hkdf COMMAND hkdftest) add_test(NAME hkdf COMMAND hkdftest)
add_test(NAME pbkdf2 COMMAND pbkdf2test) add_test(NAME pbkdf2 COMMAND pbkdf2test)
add_test(NAME gf128 COMMAND gf128test) add_test(NAME gf128 COMMAND gf128test)
add_test(NAME gcm COMMAND gcmtest) add_test(NAME gcm COMMAND gcmtest)
add_test(NAME pkcs8 COMMAND pkcs8test) add_test(NAME pkcs8 COMMAND pkcs8test)
add_test(NAME ec COMMAND ectest) add_test(NAME ec COMMAND ectest)
add_test(NAME asn1 COMMAND asn1test) add_test(NAME asn1 COMMAND asn1test)
add_test(NAME hex COMMAND hextest) add_test(NAME hex COMMAND hextest)
add_test(NAME base64 COMMAND base64test) add_test(NAME base64 COMMAND base64test)
add_test(NAME pem COMMAND pemtest) add_test(NAME pem COMMAND pemtest)
add_test(NAME x509 COMMAND x509test) add_test(NAME x509 COMMAND x509test)
add_test(NAME x509_oid COMMAND x509_oidtest) add_test(NAME x509_oid COMMAND x509_oidtest)
add_test(NAME x509_alg COMMAND x509_algtest) add_test(NAME x509_alg COMMAND x509_algtest)
add_test(NAME x509_str COMMAND x509_strtest) add_test(NAME x509_str COMMAND x509_strtest)
add_test(NAME x509_ext COMMAND x509_exttest) add_test(NAME x509_ext COMMAND x509_exttest)
add_test(NAME x509_req COMMAND x509_reqtest) add_test(NAME x509_req COMMAND x509_reqtest)
add_test(NAME x509_crl COMMAND x509_crltest) add_test(NAME x509_crl COMMAND x509_crltest)
add_test(NAME cms COMMAND cmstest) add_test(NAME cms COMMAND cmstest)
add_test(NAME tls COMMAND tlstest) add_test(NAME tls COMMAND tlstest)
add_test(NAME tls13 COMMAND tls13test) add_test(NAME tls13 COMMAND tls13test)
add_executable(sm4test tests/sm4test.c) add_executable(sm4test tests/sm4test.c)
target_link_libraries (sm4test LINK_PUBLIC gmssl) target_link_libraries (sm4test LINK_PUBLIC gmssl)
add_executable(sm3test tests/sm3test.c) add_executable(sm3test tests/sm3test.c)
target_link_libraries (sm3test LINK_PUBLIC gmssl) target_link_libraries (sm3test LINK_PUBLIC gmssl)
add_executable(sm2test tests/sm2test.c) add_executable(sm2test tests/sm2test.c)
target_link_libraries (sm2test LINK_PUBLIC gmssl) target_link_libraries (sm2test LINK_PUBLIC gmssl)
add_executable(sm9test tests/sm9test.c) add_executable(sm9test tests/sm9test.c)
target_link_libraries (sm9test LINK_PUBLIC gmssl) target_link_libraries (sm9test LINK_PUBLIC gmssl)
add_executable(zuctest tests/zuctest.c) add_executable(zuctest tests/zuctest.c)
target_link_libraries (zuctest LINK_PUBLIC gmssl) target_link_libraries (zuctest LINK_PUBLIC gmssl)
add_executable(aestest tests/aestest.c) add_executable(aestest tests/aestest.c)
target_link_libraries (aestest LINK_PUBLIC gmssl) target_link_libraries (aestest LINK_PUBLIC gmssl)
add_executable(sha224test tests/sha224test.c) add_executable(sha224test tests/sha224test.c)
target_link_libraries (sha224test LINK_PUBLIC gmssl) target_link_libraries (sha224test LINK_PUBLIC gmssl)
add_executable(sha256test tests/sha256test.c) add_executable(sha256test tests/sha256test.c)
target_link_libraries (sha256test LINK_PUBLIC gmssl) target_link_libraries (sha256test LINK_PUBLIC gmssl)
add_executable(sha384test tests/sha384test.c) add_executable(sha384test tests/sha384test.c)
target_link_libraries (sha384test LINK_PUBLIC gmssl) target_link_libraries (sha384test LINK_PUBLIC gmssl)
add_executable(sha512test tests/sha512test.c) add_executable(sha512test tests/sha512test.c)
target_link_libraries (sha512test LINK_PUBLIC gmssl) target_link_libraries (sha512test LINK_PUBLIC gmssl)
add_executable(chacha20test tests/chacha20test.c) add_executable(chacha20test tests/chacha20test.c)
target_link_libraries (chacha20test LINK_PUBLIC gmssl) target_link_libraries (chacha20test LINK_PUBLIC gmssl)
add_executable(destest tests/destest.c) add_executable(destest tests/destest.c)
target_link_libraries (destest LINK_PUBLIC gmssl) target_link_libraries (destest LINK_PUBLIC gmssl)
add_executable(sha1test tests/sha1test.c) add_executable(sha1test tests/sha1test.c)
target_link_libraries (sha1test LINK_PUBLIC gmssl) target_link_libraries (sha1test LINK_PUBLIC gmssl)
add_executable(md5test tests/md5test.c) add_executable(md5test tests/md5test.c)
target_link_libraries (md5test LINK_PUBLIC gmssl) target_link_libraries (md5test LINK_PUBLIC gmssl)
add_executable(rc4test tests/rc4test.c) add_executable(rc4test tests/rc4test.c)
target_link_libraries (rc4test LINK_PUBLIC gmssl) target_link_libraries (rc4test LINK_PUBLIC gmssl)
add_executable(hash_drbgtest tests/hash_drbgtest.c) add_executable(hash_drbgtest tests/hash_drbgtest.c)
target_link_libraries (hash_drbgtest LINK_PUBLIC gmssl) target_link_libraries (hash_drbgtest LINK_PUBLIC gmssl)
add_executable(block_ciphertest tests/block_ciphertest.c) add_executable(block_ciphertest tests/block_ciphertest.c)
target_link_libraries (block_ciphertest LINK_PUBLIC gmssl) target_link_libraries (block_ciphertest LINK_PUBLIC gmssl)
add_executable(digesttest tests/digesttest.c) add_executable(digesttest tests/digesttest.c)
target_link_libraries (digesttest LINK_PUBLIC gmssl) target_link_libraries (digesttest LINK_PUBLIC gmssl)
add_executable(hmactest tests/hmactest.c) add_executable(hmactest tests/hmactest.c)
target_link_libraries (hmactest LINK_PUBLIC gmssl) target_link_libraries (hmactest LINK_PUBLIC gmssl)
add_executable(hkdftest tests/hkdftest.c) add_executable(hkdftest tests/hkdftest.c)
target_link_libraries (hkdftest LINK_PUBLIC gmssl) target_link_libraries (hkdftest LINK_PUBLIC gmssl)
add_executable(pbkdf2test tests/pbkdf2test.c) add_executable(pbkdf2test tests/pbkdf2test.c)
target_link_libraries (pbkdf2test LINK_PUBLIC gmssl) target_link_libraries (pbkdf2test LINK_PUBLIC gmssl)
add_executable(gf128test tests/gf128test.c) add_executable(gf128test tests/gf128test.c)
target_link_libraries (gf128test LINK_PUBLIC gmssl) target_link_libraries (gf128test LINK_PUBLIC gmssl)
add_executable(gcmtest tests/gcmtest.c) add_executable(gcmtest tests/gcmtest.c)
target_link_libraries (gcmtest LINK_PUBLIC gmssl) target_link_libraries (gcmtest LINK_PUBLIC gmssl)
add_executable(pkcs8test tests/pkcs8test.c) add_executable(pkcs8test tests/pkcs8test.c)
target_link_libraries (pkcs8test LINK_PUBLIC gmssl) target_link_libraries (pkcs8test LINK_PUBLIC gmssl)
add_executable(ectest tests/ectest.c) add_executable(ectest tests/ectest.c)
target_link_libraries (ectest LINK_PUBLIC gmssl) target_link_libraries (ectest LINK_PUBLIC gmssl)
add_executable(asn1test tests/asn1test.c) add_executable(asn1test tests/asn1test.c)
target_link_libraries (asn1test LINK_PUBLIC gmssl) target_link_libraries (asn1test LINK_PUBLIC gmssl)
add_executable(hextest tests/hextest.c) add_executable(hextest tests/hextest.c)
target_link_libraries (hextest LINK_PUBLIC gmssl) target_link_libraries (hextest LINK_PUBLIC gmssl)
add_executable(base64test tests/base64test.c) add_executable(base64test tests/base64test.c)
target_link_libraries (base64test LINK_PUBLIC gmssl) target_link_libraries (base64test LINK_PUBLIC gmssl)
add_executable(pemtest tests/pemtest.c) add_executable(pemtest tests/pemtest.c)
target_link_libraries (pemtest LINK_PUBLIC gmssl) target_link_libraries (pemtest LINK_PUBLIC gmssl)
add_executable(x509test tests/x509test.c) add_executable(x509test tests/x509test.c)
target_link_libraries (x509test LINK_PUBLIC gmssl) target_link_libraries (x509test LINK_PUBLIC gmssl)
add_executable(x509_oidtest tests/x509_oidtest.c) add_executable(x509_oidtest tests/x509_oidtest.c)
target_link_libraries (x509_oidtest LINK_PUBLIC gmssl) target_link_libraries (x509_oidtest LINK_PUBLIC gmssl)
add_executable(x509_algtest tests/x509_algtest.c) add_executable(x509_algtest tests/x509_algtest.c)
target_link_libraries (x509_algtest LINK_PUBLIC gmssl) target_link_libraries (x509_algtest LINK_PUBLIC gmssl)
add_executable(x509_strtest tests/x509_strtest.c) add_executable(x509_strtest tests/x509_strtest.c)
target_link_libraries (x509_strtest LINK_PUBLIC gmssl) target_link_libraries (x509_strtest LINK_PUBLIC gmssl)
add_executable(x509_exttest tests/x509_exttest.c) add_executable(x509_exttest tests/x509_exttest.c)
target_link_libraries (x509_exttest LINK_PUBLIC gmssl) target_link_libraries (x509_exttest LINK_PUBLIC gmssl)
add_executable(x509_reqtest tests/x509_reqtest.c) add_executable(x509_reqtest tests/x509_reqtest.c)
target_link_libraries (x509_reqtest LINK_PUBLIC gmssl) target_link_libraries (x509_reqtest LINK_PUBLIC gmssl)
add_executable(x509_crltest tests/x509_crltest.c) add_executable(x509_crltest tests/x509_crltest.c)
target_link_libraries (x509_crltest LINK_PUBLIC gmssl) target_link_libraries (x509_crltest LINK_PUBLIC gmssl)
add_executable(cmstest tests/cmstest.c) add_executable(cmstest tests/cmstest.c)
target_link_libraries (cmstest LINK_PUBLIC gmssl) target_link_libraries (cmstest LINK_PUBLIC gmssl)
add_executable(tlstest tests/tlstest.c) add_executable(tlstest tests/tlstest.c)
target_link_libraries (tlstest LINK_PUBLIC gmssl) target_link_libraries (tlstest LINK_PUBLIC gmssl)
add_executable(tls13test tests/tls13test.c) add_executable(tls13test tests/tls13test.c)
target_link_libraries (tls13test LINK_PUBLIC gmssl) target_link_libraries (tls13test LINK_PUBLIC gmssl)
INSTALL(TARGETS gmssl ARCHIVE DESTINATION lib LIBRARY DESTINATION lib) INSTALL(TARGETS gmssl ARCHIVE DESTINATION lib LIBRARY DESTINATION lib)
INSTALL(DIRECTORY ${CMAKE_SOURCE_DIR}/include/gmssl DESTINATION include) INSTALL(DIRECTORY ${CMAKE_SOURCE_DIR}/include/gmssl DESTINATION include)
INSTALL(TARGETS gmssl-bin RUNTIME DESTINATION bin) INSTALL(TARGETS gmssl-bin RUNTIME DESTINATION bin)

352
LICENSE
View File

@@ -1,176 +1,176 @@
Apache License Apache License
Version 2.0, January 2004 Version 2.0, January 2004
http://www.apache.org/licenses/ http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions. 1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, "License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document. and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by "Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License. the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all "Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition, control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the "control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity. outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity "You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License. exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications, "Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation including but not limited to software source code, documentation
source, and configuration files. source, and configuration files.
"Object" form shall mean any form resulting from mechanical "Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation, not limited to compiled object code, generated documentation,
and conversions to other media types. and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or "Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work copyright notice that is included in or attached to the work
(an example is provided in the Appendix below). (an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object "Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of, separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof. the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including "Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted" the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems, communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution." designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity "Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work. subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of 2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual, this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of, copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form. Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of 3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual, this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made, (except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work, use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s) Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate granted to You under this License for that Work shall terminate
as of the date such litigation is filed. as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the 4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You modifications, and in Source or Object form, provided that You
meet the following conditions: meet the following conditions:
(a) You must give any other recipients of the Work or (a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices (b) You must cause any modified files to carry prominent notices
stating that You changed the files; and stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works (c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work, attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of excluding those notices that do not pertain to any part of
the Derivative Works; and the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its (d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or, documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed that such additional attribution notices cannot be construed
as modifying the License. as modifying the License.
You may add Your own copyright statement to Your modifications and You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use, for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License. the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, 5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions. this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions. with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade 6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor, names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file. origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or 7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS, Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License. risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory, 8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise, whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special, liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill, Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages. has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing 9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer, the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity, and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify, of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability. of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS

110
README.md
View File

@@ -1,55 +1,55 @@
# GmSSL 3.0 # GmSSL 3.0
[![CMake](https://github.com/guanzhi/GmSSL/workflows/CMake/badge.svg)](https://github.com/guanzhi/GmSSL/actions/workflows/cmake.yml) [![CMake](https://github.com/guanzhi/GmSSL/workflows/CMake/badge.svg)](https://github.com/guanzhi/GmSSL/actions/workflows/cmake.yml)
GmSSL的2.x版本的开发始于2016年目前主分支在功能上实现了对主要国密算法、标准和协议的覆盖并成功应用于多种互联网场景中。但是随着GmSSL在物联网、区块链等新场景中的应用及在密码产品合规检测过程中的实践我们发现应用对GmSSL提出了一些新的需求。由于很难在基于OpenSSL的GmSSL 2.x版本上满足新需求因此我们重新设计了GmSSL的架构GmSSL也迎来第三个大版本——GmSSL 3.0。 GmSSL的2.x版本的开发始于2016年目前主分支在功能上实现了对主要国密算法、标准和协议的覆盖并成功应用于多种互联网场景中。但是随着GmSSL在物联网、区块链等新场景中的应用及在密码产品合规检测过程中的实践我们发现应用对GmSSL提出了一些新的需求。由于很难在基于OpenSSL的GmSSL 2.x版本上满足新需求因此我们重新设计了GmSSL的架构GmSSL也迎来第三个大版本——GmSSL 3.0。
## 主要特性 ## 主要特性
* 超轻量GmSSL 3.0大幅度降低了内存需求和二进制代码体积,不依赖动态内存,可以用于无操作系统的低功耗嵌入式环境(MCU、SOC等)开发者也可以更容易地将国密算法和SSL协议嵌入到现有的项目中。 * 超轻量GmSSL 3.0大幅度降低了内存需求和二进制代码体积,不依赖动态内存,可以用于无操作系统的低功耗嵌入式环境(MCU、SOC等)开发者也可以更容易地将国密算法和SSL协议嵌入到现有的项目中。
* 更合规GmSSL 3.0 可以配置为仅包含国密算法和国密协议(TLCP协议)依赖GmSSL 的密码应用更容易满足密码产品型号检测的要求,避免由于混杂非国密算法、不安全算法等导致的安全问题和合规问题。 * 更合规GmSSL 3.0 可以配置为仅包含国密算法和国密协议(TLCP协议)依赖GmSSL 的密码应用更容易满足密码产品型号检测的要求,避免由于混杂非国密算法、不安全算法等导致的安全问题和合规问题。
* 更安全TLS 1.3在安全性和通信延迟上相对之前的TLS协议有巨大的提升GmSSL 3.0支持TLS 1.3协议和RFC 8998的国密套件。GmSSL 3.0默认支持密钥的加密保护,提升了密码算法的抗侧信道攻击能力。 * 更安全TLS 1.3在安全性和通信延迟上相对之前的TLS协议有巨大的提升GmSSL 3.0支持TLS 1.3协议和RFC 8998的国密套件。GmSSL 3.0默认支持密钥的加密保护,提升了密码算法的抗侧信道攻击能力。
* 跨平台GmSSL 3.0更容易跨平台构建系统不再依赖Perl默认的CMake构建系统可以容易地和Visual Studio、Android NDK等默认编译工具配合使用开发者也可以手工编写Makefile在特殊环境中编译、剪裁。 * 跨平台GmSSL 3.0更容易跨平台构建系统不再依赖Perl默认的CMake构建系统可以容易地和Visual Studio、Android NDK等默认编译工具配合使用开发者也可以手工编写Makefile在特殊环境中编译、剪裁。
## 编译与安装 ## 编译与安装
GmSSL 3.0 采用了cmake构建系统。下载源代码后将其解压缩进入源码目录执行 GmSSL 3.0 采用了cmake构建系统。下载源代码后将其解压缩进入源码目录执行
```bash ```bash
mkdir build mkdir build
cd build cd build
cmake .. cmake ..
make make
make test make test
sudo make install sudo make install
``` ```
## 主要功能 ## 主要功能
### 密码算法 ### 密码算法
* 分组密码SM4 (CBC/CTR/GCM), AES (CBC/CTR/GCM) * 分组密码SM4 (CBC/CTR/GCM), AES (CBC/CTR/GCM)
* 序列密码ZUC/ZUC-256, ChaCha20, RC4 * 序列密码ZUC/ZUC-256, ChaCha20, RC4
* 哈希函数: SM3, SHA-224/256/384/512, SHA-1, MD5 * 哈希函数: SM3, SHA-224/256/384/512, SHA-1, MD5
* 公钥密码SM2加密/签名, SM9加密/签名 * 公钥密码SM2加密/签名, SM9加密/签名
* MAC算法HMAC, GHASH * MAC算法HMAC, GHASH
* 密钥导出函数PBKDF2、HKDF * 密钥导出函数PBKDF2、HKDF
* 随机数生成器Intel RDRAND, HASH_DRBG (NIST.SP.800-90A) * 随机数生成器Intel RDRAND, HASH_DRBG (NIST.SP.800-90A)
### 证书和数字信封 ### 证书和数字信封
* 数字证书X.509证书, CRL证书注销列表, CSR (PKCS #10) 证书签名请求 * 数字证书X.509证书, CRL证书注销列表, CSR (PKCS #10) 证书签名请求
* 私钥加密基于SM4/SM3口令加密的PEM格式私钥 (PKCS #8) * 私钥加密基于SM4/SM3口令加密的PEM格式私钥 (PKCS #8)
* 数字信封SM2密码消息 (GM/T 0010-2012) * 数字信封SM2密码消息 (GM/T 0010-2012)
### SSL协议 ### SSL协议
* TLCP 1.1,支持密码套`TLS_ECC_SM4_CBC_SM3 {0xE0,0x13}` (GB/T 38636-2020、GM/T 0024-2014) * TLCP 1.1,支持密码套`TLS_ECC_SM4_CBC_SM3 {0xE0,0x13}` (GB/T 38636-2020、GM/T 0024-2014)
* TLS 1.2,支持密码套件`TLS_ECDHE_SM4_CBC_SM3 {0xE0,0x11}` (GB/T 38636-2020、GM/T 0024-2014) * TLS 1.2,支持密码套件`TLS_ECDHE_SM4_CBC_SM3 {0xE0,0x11}` (GB/T 38636-2020、GM/T 0024-2014)
* TLS 1.3,支持密码套件`TLS_SM4_GCM_SM3 {0x00,0xC6}` (RFC 8998) * TLS 1.3,支持密码套件`TLS_SM4_GCM_SM3 {0x00,0xC6}` (RFC 8998)
## 典型应用 ## 典型应用
#### Nginx-with-GmSSL3.0 #### Nginx-with-GmSSL3.0
GmSSL支持Nginx的适配并提供了Docker实现具体参见[Nginx-with-GmSSL3.0](https://github.com/zhaoxiaomeng/Nginx-with-GmSSLv3) 项目。 GmSSL支持Nginx的适配并提供了Docker实现具体参见[Nginx-with-GmSSL3.0](https://github.com/zhaoxiaomeng/Nginx-with-GmSSLv3) 项目。

8
certs/README.md
View File

@@ -1,4 +1,4 @@
# 国密证书库 # 国密证书库

36
certs/ca/Ant Financial Certification Authority S1.pem
View File

@@ -1,18 +1,18 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICzjCCAnKgAwIBAgIQZMsSZdRKbxEiVT+tvsQxfzAMBggqgRzPVQGDdQUAMC4x MIICzjCCAnKgAwIBAgIQZMsSZdRKbxEiVT+tvsQxfzAMBggqgRzPVQGDdQUAMC4x
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X
DTE4MDMwNTA3MDEwOFoXDTM4MDIyODA3MDEwOFowejELMAkGA1UEBhMCQ04xFjAU DTE4MDMwNTA3MDEwOFoXDTM4MDIyODA3MDEwOFowejELMAkGA1UEBhMCQ04xFjAU
BgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0 BgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0
aG9yaXR5MTEwLwYDVQQDDChBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MTEwLwYDVQQDDChBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IFMxMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEGmfMCs2ZerI5lvrO aG9yaXR5IFMxMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEGmfMCs2ZerI5lvrO
bxfY8HJyIcTwfMtXb3R1KgqJmUTmsdlb3g13lkvkp2GwqGOpptUOxE09hZAeF4tY bxfY8HJyIcTwfMtXb3R1KgqJmUTmsdlb3g13lkvkp2GwqGOpptUOxE09hZAeF4tY
QzSkSaOCASIwggEeMB8GA1UdIwQYMBaAFEwysZfZMxvEpgXBxuWLYlvwl3ZYMA8G QzSkSaOCASIwggEeMB8GA1UdIwQYMBaAFEwysZfZMxvEpgXBxuWLYlvwl3ZYMA8G
A1UdEwEB/wQFMAMBAf8wgboGA1UdHwSBsjCBrzBBoD+gPaQ7MDkxCzAJBgNVBAYT A1UdEwEB/wQFMAMBAf8wgboGA1UdHwSBsjCBrzBBoD+gPaQ7MDkxCzAJBgNVBAYT
AkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoGA1UECwwDQVJMMQwwCgYDVQQDDANhcmww AkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoGA1UECwwDQVJMMQwwCgYDVQQDDANhcmww
KqAooCaGJGh0dHA6Ly93d3cucm9vdGNhLmdvdi5jbi9hcmwvYXJsLmNybDA+oDyg KqAooCaGJGh0dHA6Ly93d3cucm9vdGNhLmdvdi5jbi9hcmwvYXJsLmNybDA+oDyg
OoY4bGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjozODkvQ049YXJsLE9VPUFSTCxP OoY4bGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjozODkvQ049YXJsLE9VPUFSTCxP
PU5SQ0FDLEM9Q04wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQ3NFyrGaAF5BAy PU5SQ0FDLEM9Q04wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQ3NFyrGaAF5BAy
72g+BP4NTGdGEzAMBggqgRzPVQGDdQUAA0gAMEUCIQCXq5uO1PaKFI764ak1Ah5R 72g+BP4NTGdGEzAMBggqgRzPVQGDdQUAA0gAMEUCIQCXq5uO1PaKFI764ak1Ah5R
5vc7E6WGBsO7Jv8+GM8xFgIgbCi8GfqKKiAAhJ3grv5vbQy5kPeC5I/8X3igW4k5 5vc7E6WGBsO7Jv8+GM8xFgIgbCi8GfqKKiAAhJ3grv5vbQy5kPeC5I/8X3igW4k5
1Tc= 1Tc=
-----END CERTIFICATE----- -----END CERTIFICATE-----

36
certs/ca/TJCA.pem
View File

@@ -1,18 +1,18 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIC7jCCApKgAwIBAgIQS66cxft/wk8MdWCL2qSImjAMBggqgRzPVQGDdQUAMDox MIIC7jCCApKgAwIBAgIQS66cxft/wk8MdWCL2qSImjAMBggqgRzPVQGDdQUAMDox
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy
dmFudCBST09UMB4XDTE3MTIwNjAyNTczMFoXDTM3MTIwMTAyNTczMFowVjELMAkG dmFudCBST09UMB4XDTE3MTIwNjAyNTczMFoXDTM3MTIwMTAyNTczMFowVjELMAkG
A1UEBhMCQ04xEjAQBgNVBAgMCeWkqea0peW4gjEkMCIGA1UECgwb5aSp5rSl5biC A1UEBhMCQ04xEjAQBgNVBAgMCeWkqea0peW4gjEkMCIGA1UECgwb5aSp5rSl5biC
55S15a2Q6K6k6K+B5Lit5b+DMQ0wCwYDVQQDDARUSkNBMFkwEwYHKoZIzj0CAQYI 55S15a2Q6K6k6K+B5Lit5b+DMQ0wCwYDVQQDDARUSkNBMFkwEwYHKoZIzj0CAQYI
KoEcz1UBgi0DQgAE2GJUeLtgaq271GSkgvmvBHJVxrg6K8Nx6AogQxNB/qoQjup4 KoEcz1UBgi0DQgAE2GJUeLtgaq271GSkgvmvBHJVxrg6K8Nx6AogQxNB/qoQjup4
YDw9odBrYiqdTbOgYL5I+iiPCXJg+6xKL3VA6aOCAVowggFWMB8GA1UdIwQYMBaA YDw9odBrYiqdTbOgYL5I+iiPCXJg+6xKL3VA6aOCAVowggFWMB8GA1UdIwQYMBaA
FJ/cX1elCW5m8PJ1du0BYnAE/PpUMA8GA1UdEwEB/wQFMAMBAf8wgfIGA1UdHwSB FJ/cX1elCW5m8PJ1du0BYnAE/PpUMA8GA1UdEwEB/wQFMAMBAf8wgfIGA1UdHwSB
6jCB5zBPoE2gS6RJMEcxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoG 6jCB5zBPoE2gS6RJMEcxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoG
A1UECwwDQVJMMRowGAYDVQQDDBFDaXZpbF9TZXJ2YW50X0FSTDBGoESgQoZAaHR0 A1UECwwDQVJMMRowGAYDVQQDDBFDaXZpbF9TZXJ2YW50X0FSTDBGoESgQoZAaHR0
cDovL3d3dy5yb290Y2EuZ292LmNuL0NpdmlsX1NlcnZhbnRfYXJsL0NpdmlsX1Nl cDovL3d3dy5yb290Y2EuZ292LmNuL0NpdmlsX1NlcnZhbnRfYXJsL0NpdmlsX1Nl
cnZhbnRfQVJMLmNybDBMoEqgSIZGbGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjoz cnZhbnRfQVJMLmNybDBMoEqgSIZGbGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjoz
OTAvQ049Q2l2aWxfU2VydmFudF9BUkwsT1U9QVJMLE89TlJDQUMsQz1DTjAOBgNV OTAvQ049Q2l2aWxfU2VydmFudF9BUkwsT1U9QVJMLE89TlJDQUMsQz1DTjAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFE6BR1+l7EDGRDMxpkHLpByil04oMAwGCCqB HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFE6BR1+l7EDGRDMxpkHLpByil04oMAwGCCqB
HM9VAYN1BQADSAAwRQIgC79X9bYZNHi88AOzS1mcL8iMOTnuOhISxkw6Hbou9bIC HM9VAYN1BQADSAAwRQIgC79X9bYZNHi88AOzS1mcL8iMOTnuOhISxkw6Hbou9bIC
IQCGFTlCuEYGX3Qc+HlufzqyKjyYyUCTb0FkfhOfhcEU+g== IQCGFTlCuEYGX3Qc+HlufzqyKjyYyUCTb0FkfhOfhcEU+g==
-----END CERTIFICATE----- -----END CERTIFICATE-----

32
certs/ca/Taier CA.pem
View File

@@ -1,16 +1,16 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIChDCCAiigAwIBAgIQLXrZ9QK+bZE4WSoVyuo7GzAMBggqgRzPVQGDdQUAMC4x MIIChDCCAiigAwIBAgIQLXrZ9QK+bZE4WSoVyuo7GzAMBggqgRzPVQGDdQUAMC4x
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X
DTE2MDcxMzA4MjQ1NFoXDTM2MDcwODA4MjQ1NFowMDELMAkGA1UEBhMCQ04xDjAM DTE2MDcxMzA4MjQ1NFoXDTM2MDcwODA4MjQ1NFowMDELMAkGA1UEBhMCQ04xDjAM
BgNVBAoMBUNBSUNUMREwDwYDVQQDDAhUYWllciBDQTBZMBMGByqGSM49AgEGCCqB BgNVBAoMBUNBSUNUMREwDwYDVQQDDAhUYWllciBDQTBZMBMGByqGSM49AgEGCCqB
HM9VAYItA0IABAxbfsHfqwv8GmfhJYnj0R+fFFqkegyvdZgzRtnnnEDmoy4GNwQa HM9VAYItA0IABAxbfsHfqwv8GmfhJYnj0R+fFFqkegyvdZgzRtnnnEDmoy4GNwQa
kVNElUTsMFIJDOEbXTfYazvOghVNsR1UFRujggEiMIIBHjAfBgNVHSMEGDAWgBRM kVNElUTsMFIJDOEbXTfYazvOghVNsR1UFRujggEiMIIBHjAfBgNVHSMEGDAWgBRM
MrGX2TMbxKYFwcbli2Jb8Jd2WDAPBgNVHRMBAf8EBTADAQH/MIG6BgNVHR8EgbIw MrGX2TMbxKYFwcbli2Jb8Jd2WDAPBgNVHRMBAf8EBTADAQH/MIG6BgNVHR8EgbIw
ga8wQaA/oD2kOzA5MQswCQYDVQQGEwJDTjEOMAwGA1UECgwFTlJDQUMxDDAKBgNV ga8wQaA/oD2kOzA5MQswCQYDVQQGEwJDTjEOMAwGA1UECgwFTlJDQUMxDDAKBgNV
BAsMA0FSTDEMMAoGA1UEAwwDYXJsMCqgKKAmhiRodHRwOi8vd3d3LnJvb3RjYS5n BAsMA0FSTDEMMAoGA1UEAwwDYXJsMCqgKKAmhiRodHRwOi8vd3d3LnJvb3RjYS5n
b3YuY24vYXJsL2FybC5jcmwwPqA8oDqGOGxkYXA6Ly9sZGFwLnJvb3RjYS5nb3Yu b3YuY24vYXJsL2FybC5jcmwwPqA8oDqGOGxkYXA6Ly9sZGFwLnJvb3RjYS5nb3Yu
Y246Mzg5L0NOPWFybCxPVT1BUkwsTz1OUkNBQyxDPUNOMA4GA1UdDwEB/wQEAwIB Y246Mzg5L0NOPWFybCxPVT1BUkwsTz1OUkNBQyxDPUNOMA4GA1UdDwEB/wQEAwIB
BjAdBgNVHQ4EFgQUi2kQa6VC3y6m96DZs4ykCLs9UDkwDAYIKoEcz1UBg3UFAANI BjAdBgNVHQ4EFgQUi2kQa6VC3y6m96DZs4ykCLs9UDkwDAYIKoEcz1UBg3UFAANI
ADBFAiAnOTxqRKjk7+RlMuu6dRIoncmZPPkmVytXeGkvxmN8zAIhAI4zYqRtqy4e ADBFAiAnOTxqRKjk7+RlMuu6dRIoncmZPPkmVytXeGkvxmN8zAIhAI4zYqRtqy4e
754IdYX8fZDRQi9Mf2ZIkEEgIy9o1+Gf 754IdYX8fZDRQi9Mf2ZIkEEgIy9o1+Gf
-----END CERTIFICATE----- -----END CERTIFICATE-----

24
certs/rootca/Civil Servant ROOT.pem
View File

@@ -1,12 +1,12 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIB0jCCAXegAwIBAgIQEdZMMEt/UB6aBlClCPrHdDAMBggqgRzPVQGDdQUAMDox MIIB0jCCAXegAwIBAgIQEdZMMEt/UB6aBlClCPrHdDAMBggqgRzPVQGDdQUAMDox
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy
dmFudCBST09UMB4XDTE0MDcxNTA2NDg1NloXDTQ0MDcwNzA2NDg1NlowOjELMAkG dmFudCBST09UMB4XDTE0MDcxNTA2NDg1NloXDTQ0MDcwNzA2NDg1NlowOjELMAkG
A1UEBhMCQ04xDjAMBgNVBAoMBU5SQ0FDMRswGQYDVQQDDBJDaXZpbCBTZXJ2YW50 A1UEBhMCQ04xDjAMBgNVBAoMBU5SQ0FDMRswGQYDVQQDDBJDaXZpbCBTZXJ2YW50
IFJPT1QwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAR1whSysIMDakj11nL+KgJ1 IFJPT1QwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAR1whSysIMDakj11nL+KgJ1
J+HtXJU2D/EhV+QC1b+/yDXWdcZay7X79wC/g4vJdUIAdyZfLVy3lYYFc3aJ2smr J+HtXJU2D/EhV+QC1b+/yDXWdcZay7X79wC/g4vJdUIAdyZfLVy3lYYFc3aJ2smr
o10wWzAfBgNVHSMEGDAWgBSf3F9XpQluZvDydXbtAWJwBPz6VDAMBgNVHRMEBTAD o10wWzAfBgNVHSMEGDAWgBSf3F9XpQluZvDydXbtAWJwBPz6VDAMBgNVHRMEBTAD
AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUn9xfV6UJbmbw8nV27QFicAT8+lQw AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUn9xfV6UJbmbw8nV27QFicAT8+lQw
DAYIKoEcz1UBg3UFAANHADBEAiAkrV4rtXx+4fdJBIVSxHFKh2znz2vnSgk/eBIl DAYIKoEcz1UBg3UFAANHADBEAiAkrV4rtXx+4fdJBIVSxHFKh2znz2vnSgk/eBIl
gNQK7AIgNVusahBBOxafSdIB1cX8zJCnq+OcCNLRezYSbXQ45Jg= gNQK7AIgNVusahBBOxafSdIB1cX8zJCnq+OcCNLRezYSbXQ45Jg=
-----END CERTIFICATE----- -----END CERTIFICATE-----

24
certs/rootca/Device ROOT.pem
View File

@@ -1,12 +1,12 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIBxjCCAWmgAwIBAgIQVWEAYiD7bkTypcG5eLcUIzAMBggqgRzPVQGDdQUAMDMx MIIBxjCCAWmgAwIBAgIQVWEAYiD7bkTypcG5eLcUIzAMBggqgRzPVQGDdQUAMDMx
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEUMBIGA1UEAwwLRGV2aWNlIFJP CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEUMBIGA1UEAwwLRGV2aWNlIFJP
T1QwHhcNMTQwNzE1MDY0OTE0WhcNNDQwNzA3MDY0OTE0WjAzMQswCQYDVQQGEwJD T1QwHhcNMTQwNzE1MDY0OTE0WhcNNDQwNzA3MDY0OTE0WjAzMQswCQYDVQQGEwJD
TjEOMAwGA1UECgwFTlJDQUMxFDASBgNVBAMMC0RldmljZSBST09UMFkwEwYHKoZI TjEOMAwGA1UECgwFTlJDQUMxFDASBgNVBAMMC0RldmljZSBST09UMFkwEwYHKoZI
zj0CAQYIKoEcz1UBgi0DQgAErrT3rKewd5fIH38K5dUcB6dxxYcFCqHlklxWnwiU zj0CAQYIKoEcz1UBgi0DQgAErrT3rKewd5fIH38K5dUcB6dxxYcFCqHlklxWnwiU
n39eP3O8D3h7gncGBJoxX5XToyqwy4saICZq3MEIBf6XKqNdMFswHwYDVR0jBBgw n39eP3O8D3h7gncGBJoxX5XToyqwy4saICZq3MEIBf6XKqNdMFswHwYDVR0jBBgw
FoAUodkX9LXKzt+c9s0ZP86nFwz5gPUwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMC FoAUodkX9LXKzt+c9s0ZP86nFwz5gPUwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMC
AQYwHQYDVR0OBBYEFKHZF/S1ys7fnPbNGT/OpxcM+YD1MAwGCCqBHM9VAYN1BQAD AQYwHQYDVR0OBBYEFKHZF/S1ys7fnPbNGT/OpxcM+YD1MAwGCCqBHM9VAYN1BQAD
SQAwRgIhAO6XHWXfSyMUt/fn6yB5vPH9bHofYkylecmwqbN7jNlBAiEA2b8vR1TR SQAwRgIhAO6XHWXfSyMUt/fn6yB5vPH9bHofYkylecmwqbN7jNlBAiEA2b8vR1TR
u1rh597JnGgp8tdjAiBbPWYjHcJDRBGcljA= u1rh597JnGgp8tdjAiBbPWYjHcJDRBGcljA=
-----END CERTIFICATE----- -----END CERTIFICATE-----

24
certs/rootca/ROOTCA.pem
View File

@@ -1,12 +1,12 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG
EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw
MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO
UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE
MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT
V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti
W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ
MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b
53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI 53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI
pDoiVhsLwg== pDoiVhsLwg==
-----END CERTIFICATE----- -----END CERTIFICATE-----

44
demos/cademo.sh
View File

@@ -1,22 +1,22 @@
#!/bin/bash #!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem gmssl certparse -in enccert.pem

68
demos/certdemo.sh
View File

@@ -1,34 +1,34 @@
#!/bin/bash #!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem gmssl certparse -in enccert.pem
cat signcert.pem > certs.pem cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem cat cacert.pem >> certs.pem
gmssl certverify -in certs.pem -cacert rootcacert.pem gmssl certverify -in certs.pem -cacert rootcacert.pem
cat signcert.pem > dbl_certs.pem cat signcert.pem > dbl_certs.pem
cat enccert.pem >> dbl_certs.pem cat enccert.pem >> dbl_certs.pem
cat cacert.pem >> dbl_certs.pem cat cacert.pem >> dbl_certs.pem
gmssl certverify -double_certs -in dbl_certs.pem -cacert rootcacert.pem gmssl certverify -double_certs -in dbl_certs.pem -cacert rootcacert.pem

34
demos/cmsdemo.sh
View File

@@ -1,17 +1,17 @@
#!/bin/bash #!/bin/bash
gmssl sm2keygen -pass 1234 -out key.pem -pubout keypub.pem gmssl sm2keygen -pass 1234 -out key.pem -pubout keypub.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key_usage dataEncipherment -days 365 -key key.pem -pass 1234 -out cert.pem gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key_usage dataEncipherment -days 365 -key key.pem -pass 1234 -out cert.pem
echo "<html>The plaintext message.</html>" > plain.txt echo "<html>The plaintext message.</html>" > plain.txt
gmssl cmsencrypt -in plain.txt -rcptcert cert.pem -out enveloped_data.pem gmssl cmsencrypt -in plain.txt -rcptcert cert.pem -out enveloped_data.pem
gmssl cmsparse -in enveloped_data.pem gmssl cmsparse -in enveloped_data.pem
gmssl cmsdecrypt -key key.pem -pass 1234 -cert cert.pem -in enveloped_data.pem gmssl cmsdecrypt -key key.pem -pass 1234 -cert cert.pem -in enveloped_data.pem
gmssl cmssign -key key.pem -pass 1234 -cert cert.pem -in plain.txt -out signed_data.pem gmssl cmssign -key key.pem -pass 1234 -cert cert.pem -in plain.txt -out signed_data.pem
gmssl cmsparse -in signed_data.pem gmssl cmsparse -in signed_data.pem
gmssl cmsverify -in signed_data.pem -out signed_data.txt gmssl cmsverify -in signed_data.pem -out signed_data.txt
cat signed_data.txt cat signed_data.txt

10
demos/pbkdf2demo.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
gmssl pbkdf2 -pass 1234 -salt 1122334455667788 -iter 60000 -outlen 16 gmssl pbkdf2 -pass 1234 -salt 1122334455667788 -iter 60000 -outlen 16

38
demos/reqdemo.sh
View File

@@ -1,19 +1,19 @@
#!/bin/bash -x #!/bin/bash -x
# generate self-signed CA certificate # generate self-signed CA certificate
gmssl sm2keygen -pass 1234 -out cakey.pem -pubout pubkey.pem gmssl sm2keygen -pass 1234 -out cakey.pem -pubout pubkey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 1234 -out cacert.pem gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
# generate a req and sign by CA certificate # generate a req and sign by CA certificate
gmssl sm2keygen -pass 1234 -out signkey.pem -pubout pubkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
# sign a encryption certificate with the same DN, different KeyUsage extension # sign a encryption certificate with the same DN, different KeyUsage extension
gmssl sm2keygen -pass 1234 -out enckey.pem -pubout pubkey.pem gmssl sm2keygen -pass 1234 -out enckey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key enckey.pem -pass 1234 -out encreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem gmssl reqsign -in encreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem gmssl certparse -in enccert.pem

36
demos/sm2/Makefile
View File

@@ -1,18 +1,18 @@
all: all:
cc sm2_keygen_demo.c -lgmssl -o sm2_keygen_demo cc sm2_keygen_demo.c -lgmssl -o sm2_keygen_demo
cc sm2_private_key_demo.c -lgmssl -o sm2_private_key_demo cc sm2_private_key_demo.c -lgmssl -o sm2_private_key_demo
cc sm2_private_key_parse_demo.c -lgmssl -o sm2_private_key_parse_demo cc sm2_private_key_parse_demo.c -lgmssl -o sm2_private_key_parse_demo
cc sm2_public_key_demo.c -lgmssl -o sm2_public_key_demo cc sm2_public_key_demo.c -lgmssl -o sm2_public_key_demo
cc sm2_sign_demo.c -lgmssl -o sm2_sign_demo cc sm2_sign_demo.c -lgmssl -o sm2_sign_demo
cc sm2_sign_ctx_demo.c -lgmssl -o sm2_sign_ctx_demo cc sm2_sign_ctx_demo.c -lgmssl -o sm2_sign_ctx_demo
cc sm2_encrypt_demo.c -lgmssl -o sm2_encrypt_demo cc sm2_encrypt_demo.c -lgmssl -o sm2_encrypt_demo
clear: clear:
rm -fr sm2_keygen_demo rm -fr sm2_keygen_demo
rm -fr sm2_private_key_demo rm -fr sm2_private_key_demo
rm -fr sm2_private_key_parse_demo rm -fr sm2_private_key_parse_demo
rm -fr sm2_public_key_demo rm -fr sm2_public_key_demo
rm -fr sm2_sign_demo rm -fr sm2_sign_demo
rm -fr sm2_sign_ctx_demo rm -fr sm2_sign_ctx_demo
rm -fr sm2_encrypt_demo rm -fr sm2_encrypt_demo

63
demos/sm2/sm2_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,34 +7,33 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/error.h>
#include <gmssl/error.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; SM2_KEY pub_key;
SM2_KEY pub_key; unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE]; unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE]; size_t len;
size_t len;
sm2_key_generate(&sm2_key);
sm2_key_generate(&sm2_key); memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
sm2_encrypt(&pub_key, (uint8_t *)"hello world", strlen("hello world"), ciphertext, &len);
sm2_encrypt(&pub_key, (uint8_t *)"hello world", strlen("hello world"), ciphertext, &len); format_bytes(stdout, 0, 0, "ciphertext", ciphertext, len);
format_bytes(stdout, 0, 0, "ciphertext", ciphertext, len);
if (sm2_decrypt(&sm2_key, ciphertext, len, plaintext, &len) != 1) {
if (sm2_decrypt(&sm2_key, ciphertext, len, plaintext, &len) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
} plaintext[len] = 0;
plaintext[len] = 0; printf("plaintext: %s\n", plaintext);
printf("plaintext: %s\n", plaintext);
return 0;
return 0; }
}

41
demos/sm2/sm2_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,23 +7,22 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key;
if (sm2_key_generate(&sm2_key) != 1) {
if (sm2_key_generate(&sm2_key) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
}
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key);
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key); sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
return 0;
return 0; }
}

47
demos/sm2/sm2_private_key_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,26 +7,25 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; char *password = "123456";
char *password = "123456";
if (sm2_key_generate(&sm2_key) != 1) {
if (sm2_key_generate(&sm2_key) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
}
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, password, stdout) != 1) {
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, password, stdout) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
}
return 0;
return 0; }
}

67
demos/sm2/sm2_private_key_parse_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,36 +7,35 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/mem.h>
#include <gmssl/mem.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; char *password = "123456";
char *password = "123456"; unsigned char buf[512];
unsigned char buf[512]; unsigned char *p;
unsigned char *p; size_t len;
size_t len;
printf("Read SM2 private key file (PEM) from stdin ...\n");
printf("Read SM2 private key file (PEM) from stdin ...\n"); if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
}
p = buf;
p = buf; len = 0;
len = 0; if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
} fwrite(buf, 1, len, stdout);
fwrite(buf, 1, len, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
gmssl_secure_clear(&sm2_key, sizeof(sm2_key)); return 0;
return 0; }
}

51
demos/sm2/sm2_public_key_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,28 +7,27 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/mem.h>
#include <gmssl/mem.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; char *password = "123456";
char *password = "123456";
printf("Read SM2 private key file (PEM) from stdin ...\n");
printf("Read SM2 private key file (PEM) from stdin ...\n"); if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) { fprintf(stderr, "error\n");
fprintf(stderr, "error\n"); return 1;
return 1; }
}
// openssl ec -pubin -in sm2pub.pem -text
// openssl ec -pubin -in sm2pub.pem -text sm2_public_key_info_to_pem(&sm2_key, stdout);
sm2_public_key_info_to_pem(&sm2_key, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
gmssl_secure_clear(&sm2_key, sizeof(sm2_key)); return 0;
return 0; }
}

109
demos/sm2/sm2_sign_ctx_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,57 +7,56 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/error.h>
#include <gmssl/error.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; SM2_KEY pub_key;
SM2_KEY pub_key; SM2_SIGN_CTX sign_ctx;
SM2_SIGN_CTX sign_ctx; unsigned char dgst[32];
unsigned char dgst[32]; unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE]; size_t siglen;
size_t siglen; int ret;
int ret;
sm2_key_generate(&sm2_key);
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
// sign without signer ID (and Z value)
// sign without signer ID (and Z value) sm2_sign_init(&sign_ctx, &sm2_key, NULL, 0);
sm2_sign_init(&sign_ctx, &sm2_key, NULL, 0); sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello ")); sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world")); sm2_sign_finish(&sign_ctx, sig, &siglen);
sm2_sign_finish(&sign_ctx, sig, &siglen); format_bytes(stdout, 0, 0, "signature", sig, siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
// digest and verify
// digest and verify sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst); ret = sm2_verify(&pub_key, dgst, sig, siglen);
ret = sm2_verify(&pub_key, dgst, sig, siglen); printf("verify result: %s\n", ret == 1 ? "success" : "failure");
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// use verify update API
// use verify update API sm2_verify_init(&sign_ctx, &pub_key, NULL, 0);
sm2_verify_init(&sign_ctx, &pub_key, NULL, 0); sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world")); ret = sm2_verify_finish(&sign_ctx, sig, siglen);
ret = sm2_verify_finish(&sign_ctx, sig, siglen); printf("verify result: %s\n", ret == 1 ? "success" : "failure");
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// sign use default signer ID
// sign use default signer ID sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH); sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello ")); sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world")); sm2_sign_finish(&sign_ctx, sig, &siglen);
sm2_sign_finish(&sign_ctx, sig, &siglen); format_bytes(stdout, 0, 0, "signature", sig, siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm2_verify_init(&sign_ctx, &pub_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_verify_init(&sign_ctx, &pub_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH); sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world")); ret = sm2_verify_finish(&sign_ctx, sig, siglen);
ret = sm2_verify_finish(&sign_ctx, sig, siglen); printf("verify result: %s\n", ret == 1 ? "success" : "failure");
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
return 0;
return 0; }
}

71
demos/sm2/sm2_sign_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,38 +7,37 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/error.h>
#include <gmssl/error.h>
int main(void)
int main(void) {
{ SM2_KEY sm2_key;
SM2_KEY sm2_key; SM2_KEY pub_key;
SM2_KEY pub_key; unsigned char dgst[32];
unsigned char dgst[32]; unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE]; size_t siglen;
size_t siglen; int ret;
int ret;
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst); format_bytes(stdout, 0, 0, "to be signed digest", dgst, sizeof(dgst));
format_bytes(stdout, 0, 0, "to be signed digest", dgst, sizeof(dgst));
sm2_key_generate(&sm2_key);
sm2_key_generate(&sm2_key);
sm2_sign(&sm2_key, dgst, sig, &siglen);
sm2_sign(&sm2_key, dgst, sig, &siglen); format_bytes(stdout, 0, 0, "signature", sig, siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
if ((ret = sm2_verify(&pub_key, dgst, sig, siglen)) != 1) {
if ((ret = sm2_verify(&pub_key, dgst, sig, siglen)) != 1) { fprintf(stderr, "verify failed\n");
fprintf(stderr, "verify failed\n"); } else {
} else { printf("verify success\n");
printf("verify success\n"); }
}
return 0;
return 0; }
}

69
demos/sm2/sm2keyparse.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,37 +7,36 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
int main(int argc, char **argv)
int main(int argc, char **argv) {
{ uint8_t buf[4096];
uint8_t buf[4096]; ssize_t len;
ssize_t len; uint8_t dgst[32];
uint8_t dgst[32]; int i;
int i;
for (i = 0; i < sizeof(dgst); i++) {
for (i = 0; i < sizeof(dgst); i++) { printf("%02x", dgst[i]);
printf("%02x", dgst[i]); }
} printf("\n");
printf("\n"); return 0;
return 0; }
}

20
demos/sm2demo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash #!/bin/bash
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo hello | gmssl sm2sign -key sm2.pem -pass 1234 -out sm2.sig #-id 1234567812345678 echo hello | gmssl sm2sign -key sm2.pem -pass 1234 -out sm2.sig #-id 1234567812345678
echo hello | gmssl sm2verify -pubkey sm2pub.pem -sig sm2.sig -id 1234567812345678 echo hello | gmssl sm2verify -pubkey sm2pub.pem -sig sm2.sig -id 1234567812345678
echo hello | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der echo hello | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der
gmssl sm2decrypt -key sm2.pem -pass 1234 -in sm2.der gmssl sm2decrypt -key sm2.pem -pass 1234 -in sm2.der

24
demos/sm3/CMakeLists.txt
View File

@@ -1,12 +1,12 @@
cmake_minimum_required(VERSION 3.0) cmake_minimum_required(VERSION 3.0)
project(sm3demo) project(sm3demo)
include_directories(/usr/local/include) include_directories(/usr/local/include)
link_directories(/usr/local/lib) link_directories(/usr/local/lib)
add_executable(sm3_demo sm3_demo.c) add_executable(sm3_demo sm3_demo.c)
add_executable(sm3_hmac_demo sm3_hmac_demo.c) add_executable(sm3_hmac_demo sm3_hmac_demo.c)
add_executable(sm3_kdf_demo sm3_kdf_demo.c) add_executable(sm3_kdf_demo sm3_kdf_demo.c)
target_link_libraries(sm3_demo gmssl) target_link_libraries(sm3_demo gmssl)
target_link_libraries(sm3_hmac_demo gmssl) target_link_libraries(sm3_hmac_demo gmssl)
target_link_libraries(sm3_kdf_demo gmssl) target_link_libraries(sm3_kdf_demo gmssl)

18
demos/sm3/Makefile
View File

@@ -1,9 +1,9 @@
all: all:
cc sm3_demo.c -lgmssl -o sm3_demo cc sm3_demo.c -lgmssl -o sm3_demo
cc sm3_hmac_demo.c -lgmssl -o sm3_hmac_demo cc sm3_hmac_demo.c -lgmssl -o sm3_hmac_demo
cc sm3_kdf_demo.c -lgmssl -o sm3_kdf_demo cc sm3_kdf_demo.c -lgmssl -o sm3_kdf_demo
clean: clean:
rm -fr sm3_demo rm -fr sm3_demo
rm -fr sm3_hmac_demo rm -fr sm3_hmac_demo
rm -fr sm3_kdf_demo rm -fr sm3_kdf_demo

57
demos/sm3/sm3_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,31 +7,30 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm3.h>
#include <gmssl/sm3.h>
int main(int argc, char **argv)
int main(int argc, char **argv) {
{ SM3_CTX sm3_ctx;
SM3_CTX sm3_ctx; uint8_t buf[4096];
uint8_t buf[4096]; ssize_t len;
ssize_t len; uint8_t dgst[32];
uint8_t dgst[32]; int i;
int i;
sm3_init(&sm3_ctx);
sm3_init(&sm3_ctx); while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) {
while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) { sm3_update(&sm3_ctx, buf, len);
sm3_update(&sm3_ctx, buf, len); }
} sm3_finish(&sm3_ctx, dgst);
sm3_finish(&sm3_ctx, dgst);
for (i = 0; i < sizeof(dgst); i++) {
for (i = 0; i < sizeof(dgst); i++) { printf("%02x", dgst[i]);
printf("%02x", dgst[i]); }
} printf("\n");
printf("\n"); return 0;
return 0; }
}

87
demos/sm3/sm3_hmac_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,46 +7,45 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm3.h>
#include <gmssl/sm3.h>
int main(void)
int main(void) {
{ SM3_HMAC_CTX hmac_ctx;
SM3_HMAC_CTX hmac_ctx; unsigned char key[16] = {
unsigned char key[16] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08, };
}; unsigned char mbuf[16] = {
unsigned char mbuf[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char hmac[32] = {0};
unsigned char hmac[32] = {0}; int i;
int i;
sm3_hmac_init(&hmac_ctx, key, sizeof(key));
sm3_hmac_init(&hmac_ctx, key, sizeof(key)); sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf));
sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf)); sm3_hmac_finish(&hmac_ctx, hmac);
sm3_hmac_finish(&hmac_ctx, hmac);
printf("hmac: ");
printf("hmac: "); for (i = 0; i < sizeof(hmac); i++) {
for (i = 0; i < sizeof(hmac); i++) { printf("%02X", hmac[i]);
printf("%02X", hmac[i]); }
} printf("\n");
printf("\n");
memset(hmac, 0, sizeof(hmac));
memset(hmac, 0, sizeof(hmac)); sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
printf("hmac: ");
printf("hmac: "); for (i = 0; i < sizeof(hmac); i++) {
for (i = 0; i < sizeof(hmac); i++) { printf("%02X", hmac[i]);
printf("%02X", hmac[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

59
demos/sm3/sm3_kdf_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,32 +7,31 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm3.h>
#include <gmssl/sm3.h>
int main(void)
int main(void) {
{ SM3_KDF_CTX kdf_ctx;
SM3_KDF_CTX kdf_ctx; unsigned char key[16] = {0};
unsigned char key[16] = {0}; unsigned char raw[32] = {
unsigned char raw[32] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; int i;
int i;
sm3_kdf_init(&kdf_ctx, sizeof(key));
sm3_kdf_init(&kdf_ctx, sizeof(key)); sm3_kdf_update(&kdf_ctx, raw, sizeof(raw));
sm3_kdf_update(&kdf_ctx, raw, sizeof(raw)); sm3_kdf_finish(&kdf_ctx, key);
sm3_kdf_finish(&kdf_ctx, key);
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

20
demos/sm3demo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash #!/bin/bash
echo -n abc | gmssl sm3 echo -n abc | gmssl sm3
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo -n abc | gmssl sm3 -pubkey sm2pub.pem -id 1234567812345678 echo -n abc | gmssl sm3 -pubkey sm2pub.pem -id 1234567812345678
echo -n abc | gmssl sm3hmac -key 11223344556677881122334455667788 echo -n abc | gmssl sm3hmac -key 11223344556677881122334455667788

44
demos/sm4/Makefile
View File

@@ -1,22 +1,22 @@
all: all:
cc sm4_demo.c -lgmssl -o sm4_demo cc sm4_demo.c -lgmssl -o sm4_demo
cc sm4_cbc_demo.c -lgmssl -o sm4_cbc_demo cc sm4_cbc_demo.c -lgmssl -o sm4_cbc_demo
cc sm4_cbc_padding_demo.c -lgmssl -o sm4_cbc_padding_demo cc sm4_cbc_padding_demo.c -lgmssl -o sm4_cbc_padding_demo
cc sm4_ctr_demo.c -lgmssl -o sm4_ctr_demo cc sm4_ctr_demo.c -lgmssl -o sm4_ctr_demo
cc sm4_gcm_demo.c -lgmssl -o sm4_gcm_demo cc sm4_gcm_demo.c -lgmssl -o sm4_gcm_demo
cc sm4_cbc_encrypt_update_demo.c -lgmssl -o sm4_cbc_encrypt_update_demo cc sm4_cbc_encrypt_update_demo.c -lgmssl -o sm4_cbc_encrypt_update_demo
cc sm4_cbc_decrypt_update_demo.c -lgmssl -o sm4_cbc_decrypt_update_demo cc sm4_cbc_decrypt_update_demo.c -lgmssl -o sm4_cbc_decrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_encrypt_update_demo cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_encrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_decrypt_update_demo cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_decrypt_update_demo
clean: clean:
rm -fr sm4_demo rm -fr sm4_demo
rm -fr sm4_cbc_demo rm -fr sm4_cbc_demo
rm -fr sm4_cbc_padding_demo rm -fr sm4_cbc_padding_demo
rm -fr sm4_ctr_demo rm -fr sm4_ctr_demo
rm -fr sm4_gcm_demo rm -fr sm4_gcm_demo
rm -fr sm4_cbc_encrypt_update_demo rm -fr sm4_cbc_encrypt_update_demo
rm -fr sm4_cbc_decrypt_update_demo rm -fr sm4_cbc_decrypt_update_demo
rm -fr sm4_ctr_encrypt_update_demo rm -fr sm4_ctr_encrypt_update_demo
rm -fr sm4_ctr_decrypt_update_demo rm -fr sm4_ctr_decrypt_update_demo

87
demos/sm4/sm4_cbc_decrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,46 +7,45 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_CBC_CTX cbc_ctx;
SM4_CBC_CTX cbc_ctx; unsigned char key[16] = {
unsigned char key[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char iv[16] = {
unsigned char iv[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char inbuf[1024];
unsigned char inbuf[1024]; unsigned char outbuf[1024 + 32];
unsigned char outbuf[1024 + 32]; ssize_t inlen;
ssize_t inlen; size_t outlen;
size_t outlen;
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout); }
} if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout);
return 0;
return 0; }
}

129
demos/sm4/sm4_cbc_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,67 +7,66 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_KEY sm4_key;
SM4_KEY sm4_key; unsigned char key[16];
unsigned char key[16]; unsigned char iv[16];
unsigned char iv[16]; unsigned char mbuf[32] = {
unsigned char mbuf[32] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char cbuf[32] = {0};
unsigned char cbuf[32] = {0}; unsigned char pbuf[32] = {0};
unsigned char pbuf[32] = {0}; int i;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(key, sizeof(key)); rand_bytes(iv, sizeof(iv));
rand_bytes(iv, sizeof(iv));
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
printf("iv: ");
printf("iv: "); for (i = 0; i < sizeof(iv); i++) {
for (i = 0; i < sizeof(iv); i++) { printf("%02X", iv[i]);
printf("%02X", iv[i]); }
} printf("\n");
printf("\n");
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < sizeof(mbuf); i++) {
for (i = 0; i < sizeof(mbuf); i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key); sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < sizeof(cbuf); i++) {
for (i = 0; i < sizeof(cbuf); i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_set_decrypt_key(&sm4_key, key); sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < sizeof(pbuf); i++) {
for (i = 0; i < sizeof(pbuf); i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

87
demos/sm4/sm4_cbc_encrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,46 +7,45 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_CBC_CTX cbc_ctx;
SM4_CBC_CTX cbc_ctx; unsigned char key[16] = {
unsigned char key[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char iv[16] = {
unsigned char iv[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char inbuf[1024];
unsigned char inbuf[1024]; unsigned char outbuf[1024 + 32];
unsigned char outbuf[1024 + 32]; ssize_t inlen;
ssize_t inlen; size_t outlen;
size_t outlen;
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout); }
} if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout);
return 0;
return 0; }
}

195
demos/sm4/sm4_cbc_padding_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,100 +7,99 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_KEY sm4_key;
SM4_KEY sm4_key; unsigned char key[16];
unsigned char key[16]; unsigned char iv[16];
unsigned char iv[16]; unsigned char mbuf[32] = {
unsigned char mbuf[32] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char cbuf[32] = {0};
unsigned char cbuf[32] = {0}; unsigned char pbuf[32] = {0};
unsigned char pbuf[32] = {0}; size_t mlen1 = 20, mlen2 = 16;
size_t mlen1 = 20, mlen2 = 16; size_t clen1, clen2;
size_t clen1, clen2; size_t plen1, plen2;
size_t plen1, plen2; int i;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(key, sizeof(key)); rand_bytes(iv, sizeof(iv));
rand_bytes(iv, sizeof(iv));
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
printf("iv: ");
printf("iv: "); for (i = 0; i < sizeof(iv); i++) {
for (i = 0; i < sizeof(iv); i++) { printf("%02X", iv[i]);
printf("%02X", iv[i]); }
} printf("\n");
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < mlen1; i++) {
for (i = 0; i < mlen1; i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key); sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < clen1; i++) {
for (i = 0; i < clen1; i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_set_decrypt_key(&sm4_key, key); sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < plen1; i++) {
for (i = 0; i < plen1; i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < mlen2; i++) {
for (i = 0; i < mlen2; i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key); sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < clen2; i++) {
for (i = 0; i < clen2; i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_set_decrypt_key(&sm4_key, key); sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < plen2; i++) {
for (i = 0; i < plen2; i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

137
demos/sm4/sm4_ctr_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,71 +7,70 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_KEY sm4_key;
SM4_KEY sm4_key; unsigned char key[16];
unsigned char key[16]; unsigned char iv[16];
unsigned char iv[16]; unsigned char ctr[16];
unsigned char ctr[16]; unsigned char mbuf[20] = {
unsigned char mbuf[20] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,
0x31,0x32,0x33,0x34, };
}; unsigned char cbuf[20] = {0};
unsigned char cbuf[20] = {0}; unsigned char pbuf[20] = {0};
unsigned char pbuf[20] = {0}; int i;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(key, sizeof(key)); rand_bytes(iv, sizeof(iv));
rand_bytes(iv, sizeof(iv));
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
printf("ctr: ");
printf("ctr: "); for (i = 0; i < sizeof(iv); i++) {
for (i = 0; i < sizeof(iv); i++) { printf("%02X", iv[i]);
printf("%02X", iv[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < sizeof(mbuf); i++) {
for (i = 0; i < sizeof(mbuf); i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
memcpy(ctr, iv, 16);
memcpy(ctr, iv, 16); sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < sizeof(cbuf); i++) {
for (i = 0; i < sizeof(cbuf); i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
memcpy(ctr, iv, 16);
memcpy(ctr, iv, 16); sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < sizeof(pbuf); i++) {
for (i = 0; i < sizeof(pbuf); i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

87
demos/sm4/sm4_ctr_encrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,46 +7,45 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_CTR_CTX cbc_ctx;
SM4_CTR_CTX cbc_ctx; unsigned char key[16] = {
unsigned char key[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char ctr[16] = {
unsigned char ctr[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char inbuf[1024];
unsigned char inbuf[1024]; unsigned char outbuf[1024 + 32];
unsigned char outbuf[1024 + 32]; ssize_t inlen;
ssize_t inlen; size_t outlen;
size_t outlen;
if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) {
if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout); }
} if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout);
return 0;
return 0; }
}

113
demos/sm4/sm4_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,59 +7,58 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h>
int main(void)
int main(void) {
{ SM4_KEY sm4_key;
SM4_KEY sm4_key; unsigned char key[16] = {
unsigned char key[16] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08, };
}; unsigned char mbuf[16] = {
unsigned char mbuf[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char cbuf[16];
unsigned char cbuf[16]; unsigned char pbuf[16];
unsigned char pbuf[16]; int i;
int i;
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < sizeof(mbuf); i++) {
for (i = 0; i < sizeof(mbuf); i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key); sm4_encrypt(&sm4_key, mbuf, cbuf);
sm4_encrypt(&sm4_key, mbuf, cbuf);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < sizeof(cbuf); i++) {
for (i = 0; i < sizeof(cbuf); i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_set_decrypt_key(&sm4_key, key); sm4_decrypt(&sm4_key, cbuf, pbuf);
sm4_decrypt(&sm4_key, cbuf, pbuf);
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < sizeof(pbuf); i++) {
for (i = 0; i < sizeof(pbuf); i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

165
demos/sm4/sm4_gcm_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,85 +7,84 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h> #include <gmssl/rand.h>
#include <gmssl/rand.h>
int main(void)
int main(void) {
{ SM4_KEY sm4_key;
SM4_KEY sm4_key; unsigned char key[16];
unsigned char key[16]; unsigned char iv[16];
unsigned char iv[16]; unsigned char aad[20];
unsigned char aad[20]; unsigned char mbuf[64] = {
unsigned char mbuf[64] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,
0x31,0x32,0x33,0x34, };
}; unsigned char cbuf[64] = {0};
unsigned char cbuf[64] = {0}; unsigned char pbuf[64] = {0};
unsigned char pbuf[64] = {0}; unsigned char tag[16];
unsigned char tag[16]; int i;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(key, sizeof(key)); rand_bytes(iv, sizeof(iv));
rand_bytes(iv, sizeof(iv));
printf("key: ");
printf("key: "); for (i = 0; i < sizeof(key); i++) {
for (i = 0; i < sizeof(key); i++) { printf("%02X", key[i]);
printf("%02X", key[i]); }
} printf("\n");
printf("\n");
printf("iv: ");
printf("iv: "); for (i = 0; i < sizeof(iv); i++) {
for (i = 0; i < sizeof(iv); i++) { printf("%02X", iv[i]);
printf("%02X", iv[i]); }
} printf("\n");
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 gcm encrypt\n");
printf("sm4 gcm encrypt\n");
printf("auth-only data: ");
printf("auth-only data: "); for (i = 0; i < sizeof(aad); i++) {
for (i = 0; i < sizeof(aad); i++) { printf("%02X", aad[i]);
printf("%02X", aad[i]); }
} printf("\n");
printf("\n");
printf("plaintext: ");
printf("plaintext: "); for (i = 0; i < sizeof(mbuf); i++) {
for (i = 0; i < sizeof(mbuf); i++) { printf("%02X", mbuf[i]);
printf("%02X", mbuf[i]); }
} printf("\n");
printf("\n");
sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
printf("ciphertext: ");
printf("ciphertext: "); for (i = 0; i < sizeof(cbuf); i++) {
for (i = 0; i < sizeof(cbuf); i++) { printf("%02X", cbuf[i]);
printf("%02X", cbuf[i]); }
} printf("\n");
printf("\n");
printf("mac-tag: ");
printf("mac-tag: "); for (i = 0; i < sizeof(tag); i++) {
for (i = 0; i < sizeof(tag); i++) { printf("%02X", tag[i]);
printf("%02X", tag[i]); }
} printf("\n");
printf("\n");
if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) {
if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) { fprintf(stderr, "sm4 gcm decrypt failed\n");
fprintf(stderr, "sm4 gcm decrypt failed\n"); return 1;
return 1; }
}
printf("decrypted: ");
printf("decrypted: "); for (i = 0; i < sizeof(pbuf); i++) {
for (i = 0; i < sizeof(pbuf); i++) { printf("%02X", pbuf[i]);
printf("%02X", pbuf[i]); }
} printf("\n");
printf("\n");
return 0;
return 0; }
}

24
demos/sm4demo.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash #!/bin/bash
KEY=11223344556677881122334455667788 KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788 IV=11223344556677881122334455667788
echo hello | gmssl sm4 -cbc -encrypt -key $KEY -iv $IV -out sm4.cbc echo hello | gmssl sm4 -cbc -encrypt -key $KEY -iv $IV -out sm4.cbc
gmssl sm4 -cbc -decrypt -key $KEY -iv $IV -in sm4.cbc gmssl sm4 -cbc -decrypt -key $KEY -iv $IV -in sm4.cbc
echo hello | gmssl sm4 -ctr -encrypt -key $KEY -iv $IV -out sm4.ctr echo hello | gmssl sm4 -ctr -encrypt -key $KEY -iv $IV -out sm4.ctr
gmssl sm4 -ctr -decrypt -key $KEY -iv $IV -in sm4.ctr gmssl sm4 -ctr -decrypt -key $KEY -iv $IV -in sm4.ctr

20
demos/sm9/Makefile
View File

@@ -1,10 +1,10 @@
all: all:
cc sm9_keygen_demo.c -lgmssl -o sm9_keygen_demo cc sm9_keygen_demo.c -lgmssl -o sm9_keygen_demo
cc sm9_sign_demo.c -lgmssl -o sm9_sign_demo cc sm9_sign_demo.c -lgmssl -o sm9_sign_demo
cc sm9_encrypt_demo.c -lgmssl -o sm9_encrypt_demo cc sm9_encrypt_demo.c -lgmssl -o sm9_encrypt_demo
clean: clean:
rm -fr sm9_keygen_demo rm -fr sm9_keygen_demo
rm -fr sm9_sign_demo rm -fr sm9_sign_demo
rm -fr sm9_encrypt_demo rm -fr sm9_encrypt_demo

79
demos/sm9/sm9_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,42 +7,41 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm9.h>
#include <gmssl/sm9.h> #include <gmssl/error.h>
#include <gmssl/error.h>
int main(void)
int main(void) {
{ SM9_ENC_MASTER_KEY master;
SM9_ENC_MASTER_KEY master; SM9_ENC_MASTER_KEY master_public;
SM9_ENC_MASTER_KEY master_public; SM9_ENC_KEY key;
SM9_ENC_KEY key; const char *id = "Alice";
const char *id = "Alice"; uint8_t buf[512];
uint8_t buf[512]; uint8_t *p = buf;
uint8_t *p = buf; const uint8_t *cp = buf;
const uint8_t *cp = buf; size_t len;
size_t len; char mbuf[256];
char mbuf[256]; size_t mlen;
size_t mlen; int ret;
int ret;
sm9_enc_master_key_generate(&master);
sm9_enc_master_key_generate(&master); sm9_enc_master_key_extract_key(&master, id, strlen(id), &key);
sm9_enc_master_key_extract_key(&master, id, strlen(id), &key);
sm9_enc_master_public_key_to_der(&master, &p, &len);
sm9_enc_master_public_key_to_der(&master, &p, &len); sm9_enc_master_public_key_from_der(&master_public, &cp, &len);
sm9_enc_master_public_key_from_der(&master_public, &cp, &len);
sm9_encrypt(&master_public, id, strlen(id), (uint8_t *)"hello", strlen("hello"), buf, &len);
sm9_encrypt(&master_public, id, strlen(id), (uint8_t *)"hello", strlen("hello"), buf, &len); ret = sm9_decrypt(&key, id, strlen(id), buf, len, (uint8_t *)mbuf, &mlen);
ret = sm9_decrypt(&key, id, strlen(id), buf, len, (uint8_t *)mbuf, &mlen); if (ret != 1) {
if (ret != 1) { fprintf(stderr, "decrypt failed\n");
fprintf(stderr, "decrypt failed\n"); return 1;
return 1; }
} mbuf[mlen] = 0;
mbuf[mlen] = 0; printf("decrypt result: %s\n", mbuf);
printf("decrypt result: %s\n", mbuf);
return 0;
return 0; }
}

55
demos/sm9/sm9_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,30 +7,29 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm9.h>
#include <gmssl/sm9.h>
int main(void)
int main(void) {
{ SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_MASTER_KEY sign_master; SM9_SIGN_KEY sign_key;
SM9_SIGN_KEY sign_key;
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_generate(&sign_master);
printf("SM9 Master Secret\n");
printf("SM9 Master Secret\n"); sm9_sign_master_key_info_encrypt_to_pem(&sign_master, "P@ssw0rd", stdout);
sm9_sign_master_key_info_encrypt_to_pem(&sign_master, "P@ssw0rd", stdout);
printf("SM9 Public Parameters\n");
printf("SM9 Public Parameters\n"); sm9_sign_master_public_key_to_pem(&sign_master, stdout);
sm9_sign_master_public_key_to_pem(&sign_master, stdout);
sm9_sign_master_key_extract_key(&sign_master, "alice", strlen("alice"), &sign_key);
sm9_sign_master_key_extract_key(&sign_master, "alice", strlen("alice"), &sign_key);
printf("SM9 private key for ID '%s'\n", "alice");
printf("SM9 private key for ID '%s'\n", "alice"); sm9_sign_key_info_encrypt_to_pem(&sign_key, "123456", stdout);
sm9_sign_key_info_encrypt_to_pem(&sign_key, "123456", stdout);
return 0;
return 0; }
}

91
demos/sm9/sm9_sign_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,48 +7,47 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm9.h>
#include <gmssl/sm9.h> #include <gmssl/error.h>
#include <gmssl/error.h>
int main(void)
int main(void) {
{ SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_MASTER_KEY sign_master; SM9_SIGN_MASTER_KEY sign_master_public;
SM9_SIGN_MASTER_KEY sign_master_public; SM9_SIGN_KEY sign_key;
SM9_SIGN_KEY sign_key; SM9_SIGN_CTX sign_ctx;
SM9_SIGN_CTX sign_ctx; const char *id = "Alice";
const char *id = "Alice"; uint8_t sig[SM9_SIGNATURE_SIZE];
uint8_t sig[SM9_SIGNATURE_SIZE]; size_t siglen;
size_t siglen; uint8_t buf[512];
uint8_t buf[512]; uint8_t *p = buf;
uint8_t *p = buf; const uint8_t *cp = buf;
const uint8_t *cp = buf; size_t len;
size_t len; int ret;
int ret;
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_extract_key(&sign_master, id, strlen(id), &sign_key);
sm9_sign_master_key_extract_key(&sign_master, id, strlen(id), &sign_key);
sm9_sign_init(&sign_ctx);
sm9_sign_init(&sign_ctx); sm9_sign_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
sm9_sign_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world")); sm9_sign_finish(&sign_ctx, &sign_key, sig, &siglen);
sm9_sign_finish(&sign_ctx, &sign_key, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len); sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
sm9_verify_init(&sign_ctx);
sm9_verify_init(&sign_ctx); sm9_verify_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
sm9_verify_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world")); ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id));
ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id)); printf("verify %s\n", ret == 1 ? "success" : "failure");
printf("verify %s\n", ret == 1 ? "success" : "failure");
return 0;
return 0; }
}

24
demos/sm9demo.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash #!/bin/bash
gmssl sm9setup -alg sm9sign -pass 1234 -out sign_msk.pem -pubout sign_mpk.pem gmssl sm9setup -alg sm9sign -pass 1234 -out sign_msk.pem -pubout sign_mpk.pem
gmssl sm9keygen -alg sm9sign -in sign_msk.pem -inpass 1234 -id alice -out alice.pem -outpass 1234 gmssl sm9keygen -alg sm9sign -in sign_msk.pem -inpass 1234 -id alice -out alice.pem -outpass 1234
echo hello | gmssl sm9sign -key alice.pem -pass 1234 -out hello.sig echo hello | gmssl sm9sign -key alice.pem -pass 1234 -out hello.sig
echo hello | gmssl sm9verify -pubmaster sign_mpk.pem -id alice -sig hello.sig echo hello | gmssl sm9verify -pubmaster sign_mpk.pem -id alice -sig hello.sig
gmssl sm9setup -alg sm9encrypt -pass 1234 -out enc_msk.pem -pubout enc_mpk.pem gmssl sm9setup -alg sm9encrypt -pass 1234 -out enc_msk.pem -pubout enc_mpk.pem
gmssl sm9keygen -alg sm9encrypt -in enc_msk.pem -inpass 1234 -id bob -out bob.pem -outpass 1234 gmssl sm9keygen -alg sm9encrypt -in enc_msk.pem -inpass 1234 -id bob -out bob.pem -outpass 1234
echo hello | gmssl sm9encrypt -pubmaster enc_mpk.pem -id bob -out hello.der echo hello | gmssl sm9encrypt -pubmaster enc_mpk.pem -id bob -out hello.der
gmssl sm9decrypt -key bob.pem -pass 1234 -id bob -in hello.der gmssl sm9decrypt -key bob.pem -pass 1234 -id bob -in hello.der

16
demos/tlcp/Makefile
View File

@@ -1,8 +1,8 @@
all: all:
cc tlcp_get.c url_parser.c -lgmssl -o tlcp_get cc tlcp_get.c url_parser.c -lgmssl -o tlcp_get
cc tlcp_post.c url_parser.c -lgmssl -o tlcp_post cc tlcp_post.c url_parser.c -lgmssl -o tlcp_post
clean: clean:
rm -fr tlcp_get rm -fr tlcp_get
rm -fr tlcp_post rm -fr tlcp_post

203
demos/tlcp/tlcp_get.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,104 +7,103 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <errno.h>
#include <errno.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <unistd.h>
#include <unistd.h> #include <netdb.h>
#include <netdb.h> #include <sys/types.h>
#include <sys/types.h> #include <arpa/inet.h>
#include <arpa/inet.h> #include <sys/socket.h>
#include <sys/socket.h> #include <netinet/in.h>
#include <netinet/in.h> #include <gmssl/tls.h>
#include <gmssl/tls.h> #include <gmssl/error.h>
#include <gmssl/error.h> #include "url_parser.h"
#include "url_parser.h"
int main(int argc, char *argv[])
int main(int argc, char *argv[]) {
{ int ret = -1;
int ret = -1; char *prog = argv[0];
char *prog = argv[0]; const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3; URL_COMPONENTS *url;
URL_COMPONENTS *url; struct hostent *hp;
struct hostent *hp; int port = 443;
int port = 443; struct sockaddr_in server;
struct sockaddr_in server; int sock;
int sock; TLS_CTX ctx;
TLS_CTX ctx; TLS_CONNECT conn;
TLS_CONNECT conn; char request[1024];
char request[1024]; uint8_t buf[16800];
uint8_t buf[16800]; char *p;
char *p; size_t len;
size_t len;
if (argc != 2) {
if (argc != 2) { fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n");
fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n"); return 1;
return 1; }
}
if (!(url = parse_url(argv[1]))) {
if (!(url = parse_url(argv[1]))) { fprintf(stderr, "parse url '%s' failure\n", argv[1]);
fprintf(stderr, "parse url '%s' failure\n", argv[1]); return 1;
return 1; }
} if (!(hp = gethostbyname(url->host))) {
if (!(hp = gethostbyname(url->host))) { herror("tlcp_client: '-host' invalid");
herror("tlcp_client: '-host' invalid"); goto end;
goto end; }
} if (url->port != -1) {
if (url->port != -1) { port = url->port;
port = url->port; }
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]); server.sin_family = AF_INET;
server.sin_family = AF_INET; server.sin_port = htons(port);
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { perror("socket");
perror("socket"); goto end;
goto end; }
} if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) { perror("connect");
perror("connect"); goto end;
goto end; }
}
memset(&ctx, 0, sizeof(ctx));
memset(&ctx, 0, sizeof(ctx)); memset(&conn, 0, sizeof(conn));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode); tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1); tls_init(&conn, &ctx);
tls_init(&conn, &ctx); tls_set_socket(&conn, sock);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
if (tls_do_handshake(&conn) != 1) { fprintf(stderr, "%s: error\n", prog);
fprintf(stderr, "%s: error\n", prog); goto end;
goto end; }
}
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n", url->path ? url->path : "/",
url->path ? url->path : "/", url->host);
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) { fprintf(stderr, "recv failure\n");
fprintf(stderr, "recv failure\n"); goto end;
goto end; }
} buf[len] = 0;
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
p = strstr((char *)buf, "\r\n\r\n"); if (p) {
if (p) { printf("%s", p + 4);
printf("%s", p + 4); fflush(stdout);
fflush(stdout); }
}
end:
end: free_url_components(url);
free_url_components(url); close(sock);
close(sock); tls_ctx_cleanup(&ctx);
tls_ctx_cleanup(&ctx); tls_cleanup(&conn);
tls_cleanup(&conn); return 0;
return 0; }
}

213
demos/tlcp/tlcp_post.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,109 +7,108 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <errno.h>
#include <errno.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <unistd.h>
#include <unistd.h> #include <netdb.h>
#include <netdb.h> #include <sys/types.h>
#include <sys/types.h> #include <arpa/inet.h>
#include <arpa/inet.h> #include <sys/socket.h>
#include <sys/socket.h> #include <netinet/in.h>
#include <netinet/in.h> #include <gmssl/tls.h>
#include <gmssl/tls.h> #include <gmssl/error.h>
#include <gmssl/error.h> #include "url_parser.h"
#include "url_parser.h"
int main(int argc, char *argv[])
int main(int argc, char *argv[]) {
{ int ret = -1;
int ret = -1; char *prog = argv[0];
char *prog = argv[0]; const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3; URL_COMPONENTS *url;
URL_COMPONENTS *url; struct hostent *hp;
struct hostent *hp; int port = 443;
int port = 443; struct sockaddr_in server;
struct sockaddr_in server; int sock;
int sock; TLS_CTX ctx;
TLS_CTX ctx; TLS_CONNECT conn;
TLS_CONNECT conn; char request[1024];
char request[1024]; uint8_t buf[16800];
uint8_t buf[16800]; char *p;
char *p; size_t len;
size_t len;
if (argc != 2) {
if (argc != 2) { fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n");
fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n"); return 1;
return 1; }
}
if (!(url = parse_url(argv[1]))) {
if (!(url = parse_url(argv[1]))) { fprintf(stderr, "parse url '%s' failure\n", argv[1]);
fprintf(stderr, "parse url '%s' failure\n", argv[1]); return 1;
return 1; }
} if (!(hp = gethostbyname(url->host))) {
if (!(hp = gethostbyname(url->host))) { herror("tlcp_client: '-host' invalid");
herror("tlcp_client: '-host' invalid"); goto end;
goto end; }
} if (url->port != -1) {
if (url->port != -1) { port = url->port;
port = url->port; }
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]); server.sin_family = AF_INET;
server.sin_family = AF_INET; server.sin_port = htons(port);
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { perror("socket");
perror("socket"); goto end;
goto end; }
} if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) { perror("connect");
perror("connect"); goto end;
goto end; }
}
memset(&ctx, 0, sizeof(ctx));
memset(&ctx, 0, sizeof(ctx)); memset(&conn, 0, sizeof(conn));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode); tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1); tls_init(&conn, &ctx);
tls_init(&conn, &ctx); tls_set_socket(&conn, sock);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
if (tls_do_handshake(&conn) != 1) { fprintf(stderr, "%s: error\n", prog);
fprintf(stderr, "%s: error\n", prog); goto end;
goto end; }
}
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n",
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n", url->path ? url->path : "/",
url->path ? url->path : "/", url->host);
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
len = fread(buf, 1, sizeof(buf), stdin);
len = fread(buf, 1, sizeof(buf), stdin); if (len) {
if (len) { tls_send(&conn, buf, len, &len);
tls_send(&conn, buf, len, &len); }
}
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) { fprintf(stderr, "recv failure\n");
fprintf(stderr, "recv failure\n"); goto end;
goto end; }
} buf[len] = 0;
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
p = strstr((char *)buf, "\r\n\r\n"); if (p) {
if (p) { printf("%s", p + 4);
printf("%s", p + 4); fflush(stdout);
fflush(stdout); }
}
end:
end: free_url_components(url);
free_url_components(url); close(sock);
close(sock); tls_ctx_cleanup(&ctx);
tls_ctx_cleanup(&ctx); tls_cleanup(&conn);
tls_cleanup(&conn); return 0;
return 0; }
}

817
demos/tlcp/url_parser.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,411 +7,410 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include "url_parser.h"
#include "url_parser.h" #include <errno.h>
#include <errno.h> #include <stdlib.h>
#include <stdlib.h> #include <string.h>
#include <string.h>
static const char *_strnstr(const char *s, size_t s_len, const char *needle)
static const char *_strnstr(const char *s, size_t s_len, const char *needle) {
{ const char *end = s + s_len;
const char *end = s + s_len; size_t needle_len = strlen(needle);
size_t needle_len = strlen(needle); const char *p;
const char *p;
p = s;
p = s; while (p < end - needle_len + 1) {
while (p < end - needle_len + 1) { if (strncmp(p, needle, needle_len) == 0) {
if (strncmp(p, needle, needle_len) == 0) { return p;
return p; }
} p++;
p++; }
}
return NULL;
return NULL; }
}
static const char *find_chars(const char *s, size_t s_len, const char *chars)
static const char *find_chars(const char *s, size_t s_len, const char *chars) {
{ const char *end = s + s_len;
const char *end = s + s_len; size_t chars_n = strlen(chars);
size_t chars_n = strlen(chars); const char *p;
const char *p; int i;
int i;
p = s;
p = s; while (p < end) {
while (p < end) { for (i = 0 ; i < chars_n ; i++) {
for (i = 0 ; i < chars_n ; i++) { if (*p == chars[i]) {
if (*p == chars[i]) { return p;
return p; }
} }
} p++;
p++; }
}
return NULL;
return NULL; }
}
static const char *find_chars_reverse(const char *s, size_t s_len, const char *chars)
static const char *find_chars_reverse(const char *s, size_t s_len, const char *chars) {
{ const char *end = s + s_len;
const char *end = s + s_len; size_t chars_n = strlen(chars);
size_t chars_n = strlen(chars); const char *p;
const char *p; int i;
int i;
p = end - 1;
p = end - 1; while (p >= s) {
while (p >= s) { for (i = 0 ; i < chars_n ; i++) {
for (i = 0 ; i < chars_n ; i++) { if (*p == chars[i]) {
if (*p == chars[i]) { return p;
return p; }
} }
} p--;
p--; }
}
return NULL;
return NULL; }
}
static int is_alpha(char c)
static int is_alpha(char c) {
{ if ((c >= 'a' && c <= 'z') ||
if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')) {
(c >= 'A' && c <= 'Z')) { return 1;
return 1; }
} return 0;
return 0; }
}
static int is_digit(char c)
static int is_digit(char c) {
{ if (c >= '0' && c <= '9') {
if (c >= '0' && c <= '9') { return 1;
return 1; }
} return 0;
return 0; }
}
static int is_control(char c)
static int is_control(char c) {
{ if ((c >= 0x00 && c <= 0x1f) ||
if ((c >= 0x00 && c <= 0x1f) || c == 0x7f) {
c == 0x7f) { return 1;
return 1; }
} return 0;
return 0; }
}
static const char *lookup_scheme(const char *s)
static const char *lookup_scheme(const char *s) {
{ const char *p = s;
const char *p = s; char c;
char c;
if (strlen(s) == 0) {
if (strlen(s) == 0) { return NULL;
return NULL; }
}
if (!is_alpha(*p)) {
if (!is_alpha(*p)) { return NULL;
return NULL; }
} p++;
p++;
while (*p != '\0') {
while (*p != '\0') { c = *p;
c = *p; if (c == ':') {
if (c == ':') { return p;
return p; }
} if (!is_alpha(c) &&
if (!is_alpha(c) && !is_digit(c) &&
!is_digit(c) && c != '+' &&
c != '+' && c != '-' &&
c != '-' && c != '.') {
c != '.') { return NULL;
return NULL; }
} p++;
p++; }
} return NULL;
return NULL; }
}
static int parse_user_password(const char *s, size_t s_len, URL_COMPONENTS *c)
static int parse_user_password(const char *s, size_t s_len, URL_COMPONENTS *c) {
{ const char *end = s + s_len;
const char *end = s + s_len; const char *found;
const char *found;
found = _strnstr(s, s_len, ":");
found = _strnstr(s, s_len, ":"); if (found) {
if (found) { c->user = strndup(s, found - s);
c->user = strndup(s, found - s); if (c->user == NULL) {
if (c->user == NULL) { return -1; /* ENOMEM */
return -1; /* ENOMEM */ }
} c->password = strndup(found + 1, end - found - 1);
c->password = strndup(found + 1, end - found - 1); if (c->password == NULL) {
if (c->password == NULL) { return -1; /* ENOMEM */
return -1; /* ENOMEM */ }
} } else {
} else { c->user = strndup(s, s_len);
c->user = strndup(s, s_len); if (c->user == NULL) {
if (c->user == NULL) { return -1; /* ENOMEM */
return -1; /* ENOMEM */ }
} }
}
return 0;
return 0; }
}
static int parse_authority(const char *s, size_t s_len, URL_COMPONENTS *c)
static int parse_authority(const char *s, size_t s_len, URL_COMPONENTS *c) {
{ const char *end = s + s_len;
const char *end = s + s_len; const char *p, *found, *host_start, *host_end;
const char *p, *found, *host_start, *host_end; int port;
int port;
c->port = -1;
c->port = -1;
if (s_len == 0) { /* empty authority */
if (s_len == 0) { /* empty authority */ return 0;
return 0; }
}
found = _strnstr(s, s_len, "@");
found = _strnstr(s, s_len, "@"); if (found) {
if (found) { if (parse_user_password(s, found - s, c) == -1) {
if (parse_user_password(s, found - s, c) == -1) { return -1;
return -1; }
}
host_start = found + 1;
host_start = found + 1; } else {
} else { host_start = s;
host_start = s; }
}
if (*host_start == '[') {
if (*host_start == '[') { /* IP-literal host */
/* IP-literal host */ if (find_chars(host_start + 1, end - host_start - 1, "[")) {
if (find_chars(host_start + 1, end - host_start - 1, "[")) { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
} host_end = find_chars(host_start + 1, end - host_start - 1, "]");
host_end = find_chars(host_start + 1, end - host_start - 1, "]"); if (!host_end) {
if (!host_end) { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
} /* The next character of ']' is termination or ':'. */
/* The next character of ']' is termination or ':'. */ if (host_end + 1 != end && host_end[1] != ':') {
if (host_end + 1 != end && host_end[1] != ':') { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
} host_end++;
host_end++; } else {
} else { /* IPv4address / reg-name host */
/* IPv4address / reg-name host */ host_end = find_chars_reverse(host_start, end - host_start, ":");
host_end = find_chars_reverse(host_start, end - host_start, ":"); if (host_end == NULL) {
if (host_end == NULL) { host_end = end;
host_end = end; }
} if (find_chars(host_start, host_end - host_start, "[]")) {
if (find_chars(host_start, host_end - host_start, "[]")) { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
} }
} if (find_chars(host_start, host_end - host_start, " ")) {
if (find_chars(host_start, host_end - host_start, " ")) { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
}
/* ASSERT: host_end == end or *host_end == ':' */
/* ASSERT: host_end == end or *host_end == ':' */
if (host_end == end) {
if (host_end == end) { /* without port number */
/* without port number */ if (host_start == end) { /* empty host */
if (host_start == end) { /* empty host */ errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
} c->host = strndup(host_start, end - host_start);
c->host = strndup(host_start, end - host_start); if (c->host == NULL) {
if (c->host == NULL) { return -1; /* ENOMEM */
return -1; /* ENOMEM */ }
} return 0;
return 0; }
}
/* ASSERT: *host_end == ':' */
/* ASSERT: *host_end == ':' */
/* host and port */
/* host and port */
if (host_start == host_end) { /* empty host */
if (host_start == host_end) { /* empty host */ errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
}
if (host_end + 1 < end) {
if (host_end + 1 < end) { p = host_end + 1;
p = host_end + 1; port = 0;
port = 0; while (p < end) {
while (p < end) { if (*p < '0' || *p > '9') {
if (*p < '0' || *p > '9') { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
}
port = port * 10 + *p - '0';
port = port * 10 + *p - '0'; if (port > 65535) {
if (port > 65535) { errno = EINVAL;
errno = EINVAL; return -1;
return -1; }
}
p++;
p++; }
} } else {
} else { /* empty port number */
/* empty port number */ port = -1;
port = -1; }
}
c->host = strndup(host_start, (size_t) (host_end - host_start));
c->host = strndup(host_start, (size_t) (host_end - host_start)); if (c->host == NULL) {
if (c->host == NULL) { return -1; /* ENOMEM */
return -1; /* ENOMEM */ }
} c->port = port;
c->port = port;
return 0;
return 0; }
}
URL_COMPONENTS *parse_url(const char *url)
URL_COMPONENTS *parse_url(const char *url) {
{ URL_COMPONENTS *c;
URL_COMPONENTS *c; const char *p;
const char *p; const char *end = url + strlen(url);
const char *end = url + strlen(url); const char *found;
const char *found; size_t len;
size_t len;
for (p = url ; p < end ; p++) {
for (p = url ; p < end ; p++) { if (is_control(*p)) {
if (is_control(*p)) { errno = EINVAL;
errno = EINVAL; return NULL;
return NULL; }
} }
}
c = malloc(sizeof(URL_COMPONENTS));
c = malloc(sizeof(URL_COMPONENTS)); if (!c) {
if (!c) { return NULL;
return NULL; }
} memset(c, 0, sizeof(URL_COMPONENTS));
memset(c, 0, sizeof(URL_COMPONENTS)); c->port = -1;
c->port = -1;
p = url;
p = url;
/* lookup scheme */
/* lookup scheme */ found = lookup_scheme(p);
found = lookup_scheme(p); if (found) {
if (found) { c->scheme = strndup(url, (size_t) (found - p));
c->scheme = strndup(url, (size_t) (found - p)); if (c->scheme == NULL) {
if (c->scheme == NULL) { goto error;
goto error; }
} p = found + 1; /* skip a colon */
p = found + 1; /* skip a colon */ if (p >= end) {
if (p >= end) { return c;
return c; }
} }
}
if (strlen(p) >= 2 &&
if (strlen(p) >= 2 && p[0] == '/' && p[1] == '/') {
p[0] == '/' && p[1] == '/') { /* authority */
/* authority */ p = p + 2;
p = p + 2; found = find_chars(p, strlen(p), "/?#");
found = find_chars(p, strlen(p), "/?#"); if (found == NULL) {
if (found == NULL) { len = strlen(p);
len = strlen(p); } else {
} else { len = (size_t) (found - p);
len = (size_t) (found - p); }
} if (parse_authority(p, len, c) == -1) {
if (parse_authority(p, len, c) == -1) { goto error; /* ENOMEM,EINVAL */
goto error; /* ENOMEM,EINVAL */ }
}
if (!found) {
if (!found) { return c;
return c; }
}
p = found;
p = found; }
}
if (*p != '?' && *p != '#') {
if (*p != '?' && *p != '#') { /* path */
/* path */ found = find_chars(p, strlen(p), "?#");
found = find_chars(p, strlen(p), "?#"); found = NULL;
found = NULL; if (found == NULL) {
if (found == NULL) { c->path = strdup(p);
c->path = strdup(p); if (c->path == NULL) {
if (c->path == NULL) { goto error;
goto error; }
} } else
} else {
{ if (found != p) {
if (found != p) { c->path = strndup(p, (size_t) (found - p));
c->path = strndup(p, (size_t) (found - p)); if (c->path == NULL) {
if (c->path == NULL) { goto error;
goto error; }
} }
} }
}
if (!found) {
if (!found) { return c;
return c; }
}
p = found;
p = found; }
}
/* ASSERT: *p is '?' or '#' */
/* ASSERT: *p is '?' or '#' */ #if 0
#if 0 if (*p == '?') {
if (*p == '?') { /* query */
/* query */ p = p + 1;
p = p + 1; found = find_chars(p, strlen(p), "#");
found = find_chars(p, strlen(p), "#"); if (found == NULL) {
if (found == NULL) { c->query = strdup(p);
c->query = strdup(p); } else {
} else { c->query = strndup(p, (size_t) (found - p));
c->query = strndup(p, (size_t) (found - p)); }
}
if (c->query == NULL) {
if (c->query == NULL) { goto error;
goto error; }
}
if (!found) {
if (!found) { return c;
return c; }
}
p = found;
p = found; }
} #endif
#endif
/* ASSERT: *p is '#' */
/* ASSERT: *p is '#' */
/* fragment */
/* fragment */ p = p + 1;
p = p + 1; c->fragment = strdup(p);
c->fragment = strdup(p); if (c->fragment == NULL) {
if (c->fragment == NULL) { goto error;
goto error; }
}
return c;
return c;
error:
error: free(c);
free(c);
return NULL;
return NULL; }
}
void free_url_components(URL_COMPONENTS *c)
void free_url_components(URL_COMPONENTS *c) {
{ if (c->scheme) {
if (c->scheme) { free(c->scheme);
free(c->scheme); }
} if (c->user) {
if (c->user) { free(c->user);
free(c->user); }
} if (c->password) {
if (c->password) { free(c->password);
free(c->password); }
} if (c->host) {
if (c->host) { free(c->host);
free(c->host); }
} if (c->path) {
if (c->path) { free(c->path);
free(c->path); }
} if (c->query) {
if (c->query) { free(c->query);
free(c->query); }
} if (c->fragment) {
if (c->fragment) { free(c->fragment);
free(c->fragment); }
} free(c);
free(c); }
}

45
demos/tlcp/url_parser.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,25 +7,24 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef URL_PARSER_H
#ifndef URL_PARSER_H #define URL_PARSER_H
#define URL_PARSER_H
#define URL_PARSER_VERSION 0x00000300 /* 0.0.3 */
#define URL_PARSER_VERSION 0x00000300 /* 0.0.3 */
typedef struct url_components {
typedef struct url_components { char *scheme;
char *scheme; char *user;
char *user; char *password;
char *password; char *host;
char *host; int port;
int port; char *path;
char *path; char *query;
char *query; char *fragment;
char *fragment; } URL_COMPONENTS;
} URL_COMPONENTS;
extern URL_COMPONENTS *parse_url(const char *url);
extern URL_COMPONENTS *parse_url(const char *url); extern void free_url_components(URL_COMPONENTS *c);
extern void free_url_components(URL_COMPONENTS *c);
#endif
#endif

16
demos/tlcp_client.sh
View File

@@ -1,8 +1,8 @@
#!/bin/bash -x #!/bin/bash -x
# https://ebssec.boc.cn # https://ebssec.boc.cn
gmssl tlcp_client -host 123.124.191.183 gmssl tlcp_client -host 123.124.191.183
# https://zffw.jxzwfww.gov.cn # https://zffw.jxzwfww.gov.cn
gmssl tlcp_client -host 218.87.21.62 gmssl tlcp_client -host 218.87.21.62

78
demos/tlcp_server.sh
View File

@@ -1,39 +1,39 @@
#!/bin/bash -x #!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null & sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3 sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem gmssl certparse -in clientcert.pem
# build and install BabaSSL 8.3.1 # build and install BabaSSL 8.3.1
openssl version openssl version
openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem

72
demos/tlcpdemo.sh
View File

@@ -1,36 +1,36 @@
#!/bin/bash -x #!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null & sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3 sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem gmssl certparse -in clientcert.pem
gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234 gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

60
demos/tls12demo.sh
View File

@@ -1,30 +1,30 @@
#!/bin/bash -x #!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem cat cacert.pem >> certs.pem
sudo gmssl tls12_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null & sudo gmssl tls12_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3 sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem gmssl certparse -in clientcert.pem
gmssl tls12_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234 gmssl tls12_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

60
demos/tls13demo.sh
View File

@@ -1,30 +1,30 @@
#!/bin/bash -x #!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem cat cacert.pem >> certs.pem
sudo gmssl tls13_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null & sudo gmssl tls13_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3 sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem gmssl certparse -in clientcert.pem
gmssl tls13_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234 gmssl tls13_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

16
demos/zuc/Makefile
View File

@@ -1,8 +1,8 @@
all: all:
cc zuc_demo.c -lgmssl -o zuc_encrypt_demo cc zuc_demo.c -lgmssl -o zuc_encrypt_demo
cc zuc_demo.c -lgmssl -o zuc_decrypt_demo cc zuc_demo.c -lgmssl -o zuc_decrypt_demo
clean: clean:
rm -fr zuc_encrypt_demo rm -fr zuc_encrypt_demo
rm -fr zuc_decrypt_demo rm -fr zuc_decrypt_demo

85
demos/zuc/zuc_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,45 +7,44 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/zuc.h>
#include <gmssl/zuc.h>
int main(void)
int main(void) {
{ ZUC_CTX zuc_ctx;
ZUC_CTX zuc_ctx; unsigned char key[16] = {
unsigned char key[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char iv[16] = {
unsigned char iv[16] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, };
}; unsigned char inbuf[1024];
unsigned char inbuf[1024]; unsigned char outbuf[1024 + 32];
unsigned char outbuf[1024 + 32]; ssize_t inlen;
ssize_t inlen; size_t outlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout); }
} if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) { fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); return 1;
return 1; }
} fwrite(outbuf, 1, outlen, stdout);
fwrite(outbuf, 1, outlen, stdout);
return 0;
return 0; }
}

20
demos/zucdemo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash #!/bin/bash
KEY=11223344556677881122334455667788 KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788 IV=11223344556677881122334455667788
echo hello | gmssl zuc -key $KEY -iv $IV -out zuc.bin echo hello | gmssl zuc -key $KEY -iv $IV -out zuc.bin
gmssl zuc -key $KEY -iv $IV -in zuc.bin gmssl zuc -key $KEY -iv $IV -in zuc.bin

165
include/gmssl/aes.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,85 +7,84 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_AES_H
#ifndef GMSSL_AES_H #define GMSSL_AES_H
#define GMSSL_AES_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define AES128_KEY_BITS 128
#define AES128_KEY_BITS 128 #define AES192_KEY_BITS 192
#define AES192_KEY_BITS 192 #define AES256_KEY_BITS 256
#define AES256_KEY_BITS 256
#define AES128_KEY_SIZE (AES128_KEY_BITS/8)
#define AES128_KEY_SIZE (AES128_KEY_BITS/8) #define AES192_KEY_SIZE (AES192_KEY_BITS/8)
#define AES192_KEY_SIZE (AES192_KEY_BITS/8) #define AES256_KEY_SIZE (AES256_KEY_BITS/8)
#define AES256_KEY_SIZE (AES256_KEY_BITS/8)
#define AES_BLOCK_SIZE 16
#define AES_BLOCK_SIZE 16
#define AES128_ROUNDS 10
#define AES128_ROUNDS 10 #define AES192_ROUNDS 12
#define AES192_ROUNDS 12 #define AES256_ROUNDS 14
#define AES256_ROUNDS 14 #define AES_MAX_ROUNDS AES256_ROUNDS
#define AES_MAX_ROUNDS AES256_ROUNDS
typedef struct {
typedef struct { uint32_t rk[4 * (AES_MAX_ROUNDS + 1)];
uint32_t rk[4 * (AES_MAX_ROUNDS + 1)]; size_t rounds;
size_t rounds; } AES_KEY;
} AES_KEY;
int aes_set_encrypt_key(AES_KEY *key, const uint8_t *raw_key, size_t raw_key_len);
int aes_set_encrypt_key(AES_KEY *key, const uint8_t *raw_key, size_t raw_key_len); int aes_set_decrypt_key(AES_KEY *key, const uint8_t *raw_key, size_t raw_key_len);
int aes_set_decrypt_key(AES_KEY *key, const uint8_t *raw_key, size_t raw_key_len); void aes_encrypt(const AES_KEY *key, const uint8_t in[AES_BLOCK_SIZE], uint8_t out[AES_BLOCK_SIZE]);
void aes_encrypt(const AES_KEY *key, const uint8_t in[AES_BLOCK_SIZE], uint8_t out[AES_BLOCK_SIZE]); void aes_decrypt(const AES_KEY *key, const uint8_t in[AES_BLOCK_SIZE], uint8_t out[AES_BLOCK_SIZE]);
void aes_decrypt(const AES_KEY *key, const uint8_t in[AES_BLOCK_SIZE], uint8_t out[AES_BLOCK_SIZE]);
void aes_cbc_encrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE],
void aes_cbc_encrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE], const uint8_t *in, size_t nblocks, uint8_t *out);
const uint8_t *in, size_t nblocks, uint8_t *out); void aes_cbc_decrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE],
void aes_cbc_decrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE], const uint8_t *in, size_t nblocks, uint8_t *out);
const uint8_t *in, size_t nblocks, uint8_t *out); int aes_cbc_padding_encrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE],
int aes_cbc_padding_encrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE], const uint8_t *in, size_t inlen,
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
uint8_t *out, size_t *outlen); int aes_cbc_padding_decrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE],
int aes_cbc_padding_decrypt(const AES_KEY *key, const uint8_t iv[AES_BLOCK_SIZE], const uint8_t *in, size_t inlen,
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
uint8_t *out, size_t *outlen);
void aes_ctr_encrypt(const AES_KEY *key, uint8_t ctr[AES_BLOCK_SIZE],
void aes_ctr_encrypt(const AES_KEY *key, uint8_t ctr[AES_BLOCK_SIZE], const uint8_t *in, size_t inlen, uint8_t *out);
const uint8_t *in, size_t inlen, uint8_t *out); #define aes_ctr_decrypt(key,ctr,in,inlen,out) aes_ctr_encrypt(key,ctr,in,inlen,out)
#define aes_ctr_decrypt(key,ctr,in,inlen,out) aes_ctr_encrypt(key,ctr,in,inlen,out)
#define AES_GCM_IV_MIN_SIZE 1
#define AES_GCM_IV_MIN_SIZE 1 #define AES_GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3)))
#define AES_GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3))) #define AES_GCM_IV_DEFAULT_BITS 96
#define AES_GCM_IV_DEFAULT_BITS 96 #define AES_GCM_IV_DEFAULT_SIZE 12
#define AES_GCM_IV_DEFAULT_SIZE 12
#define AES_GCM_MIN_AAD_SIZE 0
#define AES_GCM_MIN_AAD_SIZE 0 #define AES_GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define AES_GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define AES_GCM_MIN_PLAINTEXT_SIZE 0
#define AES_GCM_MIN_PLAINTEXT_SIZE 0 #define AES_GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define AES_GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define AES_GCM_MAX_TAG_SIZE 16
#define AES_GCM_MAX_TAG_SIZE 16
int aes_gcm_encrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen,
int aes_gcm_encrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, uint8_t *out, size_t taglen, uint8_t *tag);
uint8_t *out, size_t taglen, uint8_t *tag); int aes_gcm_decrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen,
int aes_gcm_decrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, const uint8_t *tag, size_t taglen, uint8_t *out);
const uint8_t *tag, size_t taglen, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

539
include/gmssl/asn1.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,272 +7,271 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_ASN1_H
#ifndef GMSSL_ASN1_H #define GMSSL_ASN1_H
#define GMSSL_ASN1_H
#include <time.h>
#include <time.h> #include <stdlib.h>
#include <stdlib.h> #include <stdint.h>
#include <stdint.h>
#if __cplusplus
#if __cplusplus extern "C" {
extern "C" { #endif
#endif
#define ASN1_TAG_UNIVERSAL 0x00
#define ASN1_TAG_UNIVERSAL 0x00 #define ASN1_TAG_APPLICATION 0x40
#define ASN1_TAG_APPLICATION 0x40 #define ASN1_TAG_CONTENT_SPECIFIC 0x80
#define ASN1_TAG_CONTENT_SPECIFIC 0x80 #define ASN1_TAG_PRIVATE 0xC0
#define ASN1_TAG_PRIVATE 0xC0 #define ASN1_TAG_PRIMITIVE 0x00
#define ASN1_TAG_PRIMITIVE 0x00 #define ASN1_TAG_CONSTRUCTED 0x20
#define ASN1_TAG_CONSTRUCTED 0x20
#define ASN1_TAG_IMPLICIT(index) (ASN1_TAG_CONTENT_SPECIFIC|(index))
#define ASN1_TAG_IMPLICIT(index) (ASN1_TAG_CONTENT_SPECIFIC|(index)) #define ASN1_TAG_EXPLICIT(index) ASN1_TAG_IMPLICIT(ASN1_TAG_CONSTRUCTED|(index))
#define ASN1_TAG_EXPLICIT(index) ASN1_TAG_IMPLICIT(ASN1_TAG_CONSTRUCTED|(index))
#define ASN1_FMT_FULL 0x01
#define ASN1_FMT_FULL 0x01
enum ASN1_TAG {
enum ASN1_TAG { ASN1_TAG_BOOLEAN = 1,
ASN1_TAG_BOOLEAN = 1, ASN1_TAG_INTEGER = 2,
ASN1_TAG_INTEGER = 2, ASN1_TAG_BIT_STRING = 3,
ASN1_TAG_BIT_STRING = 3, ASN1_TAG_OCTET_STRING = 4,
ASN1_TAG_OCTET_STRING = 4, ASN1_TAG_NULL = 5,
ASN1_TAG_NULL = 5, ASN1_TAG_OBJECT_IDENTIFIER = 6,
ASN1_TAG_OBJECT_IDENTIFIER = 6, ASN1_TAG_ObjectDescriptor = 7,
ASN1_TAG_ObjectDescriptor = 7, ASN1_TAG_EXTERNAL = 8,
ASN1_TAG_EXTERNAL = 8, ASN1_TAG_REAL = 9,
ASN1_TAG_REAL = 9, ASN1_TAG_ENUMERATED = 10, // 0x0A
ASN1_TAG_ENUMERATED = 10, // 0x0A ASN1_TAG_EMBEDDED = 11, // 0x0B
ASN1_TAG_EMBEDDED = 11, // 0x0B ASN1_TAG_UTF8String = 12, // 0x0C
ASN1_TAG_UTF8String = 12, // 0x0C ASN1_TAG_RELATIVE_OID = 13, // 0x0D
ASN1_TAG_RELATIVE_OID = 13, // 0x0D ASN1_TAG_NumericString = 18, // 0x12
ASN1_TAG_NumericString = 18, // 0x12 ASN1_TAG_PrintableString = 19, // 0x13, printable subset of ascii
ASN1_TAG_PrintableString = 19, // 0x13, printable subset of ascii ASN1_TAG_TeletexString = 20, // 0x14, T61String
ASN1_TAG_TeletexString = 20, // 0x14, T61String ASN1_TAG_VideotexString = 21, // 0x15
ASN1_TAG_VideotexString = 21, // 0x15 ASN1_TAG_IA5String = 22, // 0x16, 7-bit ascii
ASN1_TAG_IA5String = 22, // 0x16, 7-bit ascii ASN1_TAG_UTCTime = 23, // 0x17
ASN1_TAG_UTCTime = 23, // 0x17 ASN1_TAG_GeneralizedTime = 24, // 0x18
ASN1_TAG_GeneralizedTime = 24, // 0x18 ASN1_TAG_GraphicString = 25, // 0x19
ASN1_TAG_GraphicString = 25, // 0x19 ASN1_TAG_VisibleString = 26, // 0x20
ASN1_TAG_VisibleString = 26, // 0x20 ASN1_TAG_GeneralString = 27, // 0x21
ASN1_TAG_GeneralString = 27, // 0x21 ASN1_TAG_UniversalString = 28, // 0x22
ASN1_TAG_UniversalString = 28, // 0x22 ASN1_TAG_CHARACTER_STRING = 29, // 0x23
ASN1_TAG_CHARACTER_STRING = 29, // 0x23 ASN1_TAG_BMPString = 30, // 0x24, 2-byte unicode with zeros
ASN1_TAG_BMPString = 30, // 0x24, 2-byte unicode with zeros ASN1_TAG_SEQUENCE = 0x30,
ASN1_TAG_SEQUENCE = 0x30, ASN1_TAG_SET = 0x31,
ASN1_TAG_SET = 0x31, ASN1_TAG_EXPLICIT = 0xa0,
ASN1_TAG_EXPLICIT = 0xa0, };
};
const char *asn1_tag_name(int tag);
const char *asn1_tag_name(int tag); int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen);
int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen); int asn1_tag_from_der(int tag, const uint8_t **in, size_t *inlen);
int asn1_tag_from_der(int tag, const uint8_t **in, size_t *inlen); int asn1_any_tag_from_der(int *tag, const uint8_t **in, size_t *inlen);
int asn1_any_tag_from_der(int *tag, const uint8_t **in, size_t *inlen); int asn1_tag_get(int *tag, const uint8_t **in, size_t *inlen); // 尝试读取下一个tag但是并不修改in,inlen
int asn1_tag_get(int *tag, const uint8_t **in, size_t *inlen); // 尝试读取下一个tag但是并不修改in,inlen int asn1_tag_is_cstring(int tag);
int asn1_tag_is_cstring(int tag); int asn1_length_to_der(size_t dlen, uint8_t **out, size_t *outlen);
int asn1_length_to_der(size_t dlen, uint8_t **out, size_t *outlen); int asn1_length_from_der(size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_length_from_der(size_t *dlen, const uint8_t **in, size_t *inlen); int asn1_length_is_zero(size_t len);
int asn1_length_is_zero(size_t len); int asn1_length_le(size_t len1, size_t len2); // less than
int asn1_length_le(size_t len1, size_t len2); // less than int asn1_data_to_der(const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_data_to_der(const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_data_from_der(const uint8_t **d, size_t dlen, const uint8_t **in, size_t *inlen);
int asn1_data_from_der(const uint8_t **d, size_t dlen, const uint8_t **in, size_t *inlen);
int asn1_type_to_der(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_type_to_der(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_type_from_der(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_type_from_der(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); int asn1_any_type_from_der(int *tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_any_type_from_der(int *tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); int asn1_any_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); // 调用方应保证a,alen为TLV
int asn1_any_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); // 调用方应保证a,alen为TLV int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); // 该函数会检查输入是否为TLV
int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); // 该函数会检查输入是否为TLV
const char *asn1_boolean_name(int val);
const char *asn1_boolean_name(int val); int asn1_boolean_from_name(int *val, const char *name);
int asn1_boolean_from_name(int *val, const char *name); int asn1_boolean_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen);
int asn1_boolean_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen); int asn1_boolean_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen);
int asn1_boolean_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen); #define asn1_boolean_to_der(val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_BOOLEAN,val,out,outlen)
#define asn1_boolean_to_der(val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_BOOLEAN,val,out,outlen) #define asn1_boolean_from_der(val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_BOOLEAN,val,in,inlen)
#define asn1_boolean_from_der(val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_BOOLEAN,val,in,inlen) #define asn1_implicit_boolean_to_der(i,val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen)
#define asn1_implicit_boolean_to_der(i,val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) #define asn1_implicit_boolean_from_der(i,val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
#define asn1_implicit_boolean_from_der(i,val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
// asn1_integer_ 不支持负数编解码
// asn1_integer_ 不支持负数编解码 int asn1_integer_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_integer_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_integer_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_integer_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define asn1_integer_to_der(d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_INTEGER,d,dlen,out,outlen)
#define asn1_integer_to_der(d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_INTEGER,d,dlen,out,outlen) #define asn1_integer_from_der(d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_INTEGER,d,dlen,in,inlen)
#define asn1_integer_from_der(d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_INTEGER,d,dlen,in,inlen) #define asn1_implicit_integer_to_der(i,d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_integer_to_der(i,d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_integer_from_der(i,d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_integer_from_der(i,d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
// asn1_int_ 只支持小的无符号整数的编解码,不支持负数
// asn1_int_ 只支持小的无符号整数的编解码,不支持负数 int asn1_int_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen); // 当 val == -1 时,不输出,返回 0
int asn1_int_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen); // 当 val == -1 时,不输出,返回 0 int asn1_int_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen); // 不支持负数返回0时 *val 设置为 -1
int asn1_int_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen); // 不支持负数返回0时 *val 设置为 -1 #define asn1_int_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_INTEGER,val,out,outlen)
#define asn1_int_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_INTEGER,val,out,outlen) #define asn1_int_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_INTEGER,val,in,inlen)
#define asn1_int_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_INTEGER,val,in,inlen) #define asn1_implicit_int_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen)
#define asn1_implicit_int_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) #define asn1_implicit_int_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
#define asn1_implicit_int_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
// 比特长度不必须为8的整数倍
// 比特长度不必须为8的整数倍 int asn1_bit_string_to_der_ex(int tag, const uint8_t *d, size_t nbits, uint8_t **out, size_t *outlen);
int asn1_bit_string_to_der_ex(int tag, const uint8_t *d, size_t nbits, uint8_t **out, size_t *outlen); int asn1_bit_string_from_der_ex(int tag, const uint8_t **d, size_t *nbits, const uint8_t **in, size_t *inlen);
int asn1_bit_string_from_der_ex(int tag, const uint8_t **d, size_t *nbits, const uint8_t **in, size_t *inlen); #define asn1_bit_string_to_der(d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_BIT_STRING,d,nbits,out,outlen)
#define asn1_bit_string_to_der(d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_BIT_STRING,d,nbits,out,outlen) #define asn1_bit_string_from_der(d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_BIT_STRING,d,nbits,in,inlen)
#define asn1_bit_string_from_der(d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_BIT_STRING,d,nbits,in,inlen) #define asn1_implicit_bit_string_to_der(i,d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,out,outlen)
#define asn1_implicit_bit_string_to_der(i,d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,out,outlen) #define asn1_implicit_bit_string_from_der(i,d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,in,inlen)
#define asn1_implicit_bit_string_from_der(i,d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,in,inlen)
// 比特长度必须为8的整数倍因此使用字节长度
// 比特长度必须为8的整数倍因此使用字节长度 int asn1_bit_octets_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_bit_octets_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_bit_octets_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_bit_octets_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define asn1_bit_octets_to_der(d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_BIT_STRING,d,dlen,out,outlen)
#define asn1_bit_octets_to_der(d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_BIT_STRING,d,dlen,out,outlen) #define asn1_bit_octets_from_der(d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_BIT_STRING,d,dlen,in,inlen)
#define asn1_bit_octets_from_der(d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_BIT_STRING,d,dlen,in,inlen) #define asn1_implicit_bit_octets_to_der(i,d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_bit_octets_to_der(i,d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_bit_octets_from_der(i,d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_bit_octets_from_der(i,d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
// bits == -1 不编码,只支持较少的比特数量
// bits == -1 不编码,只支持较少的比特数量 int asn1_bits_to_der_ex(int tag, int bits, uint8_t **out, size_t *outlen);
int asn1_bits_to_der_ex(int tag, int bits, uint8_t **out, size_t *outlen); int asn1_bits_from_der_ex(int tag, int *bits, const uint8_t **in, size_t *inlen);
int asn1_bits_from_der_ex(int tag, int *bits, const uint8_t **in, size_t *inlen); #define asn1_bits_to_der(bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_BIT_STRING,bits,out,outlen)
#define asn1_bits_to_der(bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_BIT_STRING,bits,out,outlen) #define asn1_bits_from_der(bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_BIT_STRING,bits,in,inlen)
#define asn1_bits_from_der(bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_BIT_STRING,bits,in,inlen) #define asn1_implicit_bits_to_der(i,bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_IMPLICIT(i),bits,out,outlen)
#define asn1_implicit_bits_to_der(i,bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_IMPLICIT(i),bits,out,outlen) #define asn1_implicit_bits_from_der(i,bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_IMPLICIT(i),bits,in,inlen)
#define asn1_implicit_bits_from_der(i,bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_IMPLICIT(i),bits,in,inlen) // names[i]对应第i个比特
// names[i]对应第i个比特 int asn1_bits_print(FILE *fp, int fmt, int ind, const char *label, const char **names, size_t names_cnt, int bits);
int asn1_bits_print(FILE *fp, int fmt, int ind, const char *label, const char **names, size_t names_cnt, int bits);
#define asn1_octet_string_to_der_ex(tag,d,dlen,out,outlen) asn1_type_to_der(tag,d,dlen,out,outlen)
#define asn1_octet_string_to_der_ex(tag,d,dlen,out,outlen) asn1_type_to_der(tag,d,dlen,out,outlen) #define asn1_octet_string_from_der_ex(tag,d,dlen,in,inlen) asn1_type_from_der(tag,d,dlen,in,inlen)
#define asn1_octet_string_from_der_ex(tag,d,dlen,in,inlen) asn1_type_from_der(tag,d,dlen,in,inlen) #define asn1_octet_string_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_OCTET_STRING,d,dlen,out,outlen)
#define asn1_octet_string_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_OCTET_STRING,d,dlen,out,outlen) #define asn1_octet_string_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_OCTET_STRING,d,dlen,in,inlen)
#define asn1_octet_string_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_OCTET_STRING,d,dlen,in,inlen) #define asn1_implicit_octet_string_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_octet_string_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_octet_string_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_octet_string_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
const char *asn1_null_name(void);
const char *asn1_null_name(void); int asn1_null_to_der(uint8_t **out, size_t *outlen);
int asn1_null_to_der(uint8_t **out, size_t *outlen); int asn1_null_from_der(const uint8_t **in, size_t *inlen);
int asn1_null_from_der(const uint8_t **in, size_t *inlen);
#define ASN1_OID_MAX_NODES 32
#define ASN1_OID_MAX_NODES 32 int asn1_object_identifier_to_octets(const uint32_t *nodes, size_t nodes_cnt, uint8_t *out, size_t *outlen);
int asn1_object_identifier_to_octets(const uint32_t *nodes, size_t nodes_cnt, uint8_t *out, size_t *outlen); int asn1_object_identifier_from_octets(uint32_t *nodes, size_t *nodes_cnt, const uint8_t *in, size_t inlen);
int asn1_object_identifier_from_octets(uint32_t *nodes, size_t *nodes_cnt, const uint8_t *in, size_t inlen);
int asn1_object_identifier_equ(const uint32_t *a, size_t a_cnt, const uint32_t *b, size_t b_cnt);
int asn1_object_identifier_equ(const uint32_t *a, size_t a_cnt, const uint32_t *b, size_t b_cnt); int asn1_object_identifier_to_der_ex(int tag, const uint32_t *nodes, size_t nodes_cnt, uint8_t **out, size_t *outlen);
int asn1_object_identifier_to_der_ex(int tag, const uint32_t *nodes, size_t nodes_cnt, uint8_t **out, size_t *outlen); int asn1_object_identifier_from_der_ex(int tag, uint32_t *nodes, size_t *nodes_cnt, const uint8_t **in, size_t *inlen);
int asn1_object_identifier_from_der_ex(int tag, uint32_t *nodes, size_t *nodes_cnt, const uint8_t **in, size_t *inlen); #define asn1_object_identifier_to_der(nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,out,outlen)
#define asn1_object_identifier_to_der(nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,out,outlen) #define asn1_object_identifier_from_der(nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,in,inlen)
#define asn1_object_identifier_from_der(nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,in,inlen) #define asn1_implicit_object_identifier_to_der(i,nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,out,outlen)
#define asn1_implicit_object_identifier_to_der(i,nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,out,outlen) #define asn1_implicit_object_identifier_from_der(i,nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,in,inlen)
#define asn1_implicit_object_identifier_from_der(i,nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,in,inlen) int asn1_object_identifier_print(FILE *fp, int fmt, int ind, const char *label, const char *name,
int asn1_object_identifier_print(FILE *fp, int fmt, int ind, const char *label, const char *name, const uint32_t *nodes, size_t nodes_cnt);
const uint32_t *nodes, size_t nodes_cnt);
#define asn1_enumerated_to_der_ex(tag,val,out,outlen) asn1_int_to_der_ex(tag,val,out,outlen)
#define asn1_enumerated_to_der_ex(tag,val,out,outlen) asn1_int_to_der_ex(tag,val,out,outlen) #define asn1_enumerated_from_der_ex(tag,val,in,inlen) asn1_int_from_der_ex(tag,val,in,inlen)
#define asn1_enumerated_from_der_ex(tag,val,in,inlen) asn1_int_from_der_ex(tag,val,in,inlen) #define asn1_enumerated_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_ENUMERATED,val,out,outlen)
#define asn1_enumerated_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_ENUMERATED,val,out,outlen) #define asn1_enumerated_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_ENUMERATED,val,in,inlen)
#define asn1_enumerated_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_ENUMERATED,val,in,inlen) #define asn1_implicit_enumerated_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen)
#define asn1_implicit_enumerated_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) #define asn1_implicit_enumerated_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
#define asn1_implicit_enumerated_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen)
int asn1_utf8_string_check(const char *d, size_t dlen);
int asn1_utf8_string_check(const char *d, size_t dlen); int asn1_utf8_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_utf8_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_utf8_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_utf8_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define asn1_utf8_string_to_der(d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_UTF8String,d,dlen,out,outlen)
#define asn1_utf8_string_to_der(d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_UTF8String,d,dlen,out,outlen) #define asn1_utf8_string_from_der(d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_UTF8String,d,dlen,in,inlen)
#define asn1_utf8_string_from_der(d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_UTF8String,d,dlen,in,inlen) #define asn1_implicit_utf8_string_to_der(i,d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_utf8_string_to_der(i,d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_utf8_string_from_der(i,d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_utf8_string_from_der(i,d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
int asn1_printable_string_check(const char *d, size_t dlen);
int asn1_printable_string_check(const char *d, size_t dlen); int asn1_printable_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_printable_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_printable_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_printable_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define asn1_printable_string_to_der(d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_PrintableString,d,dlen,out,outlen)
#define asn1_printable_string_to_der(d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_PrintableString,d,dlen,out,outlen) #define asn1_printable_string_from_der(d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_PrintableString,d,dlen,in,inlen)
#define asn1_printable_string_from_der(d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_PrintableString,d,dlen,in,inlen) #define asn1_implicit_printable_string_to_der(i,d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_printable_string_to_der(i,d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_printable_string_from_der(i,d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_printable_string_from_der(i,d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
int asn1_ia5_string_check(const char *d, size_t dlen);
int asn1_ia5_string_check(const char *d, size_t dlen); int asn1_ia5_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_ia5_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_ia5_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int asn1_ia5_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define asn1_ia5_string_to_der(d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IA5String,d,dlen,out,outlen)
#define asn1_ia5_string_to_der(d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IA5String,d,dlen,out,outlen) #define asn1_ia5_string_from_der(d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IA5String,d,dlen,in,inlen)
#define asn1_ia5_string_from_der(d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IA5String,d,dlen,in,inlen) #define asn1_implicit_ia5_string_to_der(i,d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_ia5_string_to_der(i,d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_ia5_string_from_der(i,d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_ia5_string_from_der(i,d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
int asn1_string_print(FILE *fp, int fmt, int ind, const char *label, int tag, const uint8_t *d, size_t dlen);
int asn1_string_print(FILE *fp, int fmt, int ind, const char *label, int tag, const uint8_t *d, size_t dlen);
#define ASN1_UTC_TIME_LEN (sizeof("YYMMDDHHMMSSZ")-1)
#define ASN1_UTC_TIME_LEN (sizeof("YYMMDDHHMMSSZ")-1) #define ASN1_GENERALIZED_TIME_LEN (sizeof("YYYYMMDDHHMMSSZ")-1)
#define ASN1_GENERALIZED_TIME_LEN (sizeof("YYYYMMDDHHMMSSZ")-1)
int asn1_utc_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen);
int asn1_utc_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen); int asn1_utc_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen);
int asn1_utc_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen); #define asn1_utc_time_to_der(tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_UTCTime,tv,out,outlen)
#define asn1_utc_time_to_der(tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_UTCTime,tv,out,outlen) #define asn1_utc_time_from_der(tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_UTCTime,tv,in,inlen)
#define asn1_utc_time_from_der(tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_UTCTime,tv,in,inlen) #define asn1_implicit_utc_time_to_der(i,tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen)
#define asn1_implicit_utc_time_to_der(i,tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen) #define asn1_implicit_utc_time_from_der(i,tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen)
#define asn1_implicit_utc_time_from_der(i,tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen)
int asn1_generalized_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen);
int asn1_generalized_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen); int asn1_generalized_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen);
int asn1_generalized_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen); #define asn1_generalized_time_to_der(tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_GeneralizedTime,tv,out,outlen)
#define asn1_generalized_time_to_der(tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_GeneralizedTime,tv,out,outlen) #define asn1_generalized_time_from_der(tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_GeneralizedTime,tv,in,inlen)
#define asn1_generalized_time_from_der(tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_GeneralizedTime,tv,in,inlen) #define asn1_implicit_generalized_time_to_der(i,tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen)
#define asn1_implicit_generalized_time_to_der(i,tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen) #define asn1_implicit_generalized_time_from_der(i,tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen)
#define asn1_implicit_generalized_time_from_der(i,tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen)
#define asn1_sequence_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SEQUENCE,d,dlen,out,outlen)
#define asn1_sequence_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SEQUENCE,d,dlen,out,outlen) #define asn1_sequence_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SEQUENCE,d,dlen,in,inlen)
#define asn1_sequence_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SEQUENCE,d,dlen,in,inlen) #define asn1_implicit_sequence_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_sequence_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_sequence_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_sequence_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_set_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen)
#define asn1_set_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) #define asn1_set_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen)
#define asn1_set_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) #define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
#define asn1_implicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen)
int asn1_header_to_der(int tag, size_t dlen, uint8_t **out, size_t *outlen);
int asn1_header_to_der(int tag, size_t dlen, uint8_t **out, size_t *outlen); #define asn1_implicit_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_implicit_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_octet_string_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_OCTET_STRING,dlen,out,outlen)
#define asn1_octet_string_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_OCTET_STRING,dlen,out,outlen)
#define asn1_sequence_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SEQUENCE,dlen,out,outlen)
#define asn1_sequence_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SEQUENCE,dlen,out,outlen) #define asn1_implicit_sequence_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_implicit_sequence_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_set_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SET,dlen,out,outlen)
#define asn1_set_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SET,dlen,out,outlen) #define asn1_implicit_set_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_implicit_set_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_explicit_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_explicit_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen)
#define asn1_explicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen)
#define asn1_explicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) #define asn1_explicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_explicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
// d,dlen 是 SEQUENCE OF, SET OF 中的值
// d,dlen 是 SEQUENCE OF, SET OF 中的值 int asn1_types_get_count(const uint8_t *d, size_t dlen, int tag, size_t *cnt);
int asn1_types_get_count(const uint8_t *d, size_t dlen, int tag, size_t *cnt); int asn1_types_get_item_by_index(const uint8_t *d, size_t *dlen, int tag,
int asn1_types_get_item_by_index(const uint8_t *d, size_t *dlen, int tag, int index, const uint8_t **item_d, size_t *item_dlen);
int index, const uint8_t **item_d, size_t *item_dlen);
int asn1_sequence_of_int_to_der(const int *nums, size_t nums_cnt, uint8_t **out, size_t *outlen);
int asn1_sequence_of_int_to_der(const int *nums, size_t nums_cnt, uint8_t **out, size_t *outlen); int asn1_sequence_of_int_from_der(int *nums, size_t *nums_cnt, const uint8_t **in, size_t *inlen);
int asn1_sequence_of_int_from_der(int *nums, size_t *nums_cnt, const uint8_t **in, size_t *inlen); int asn1_sequence_of_int_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int asn1_sequence_of_int_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
typedef struct {
typedef struct { int oid;
int oid; char *name;
char *name; uint32_t *nodes;
uint32_t *nodes; size_t nodes_cnt;
size_t nodes_cnt; int flags;
int flags; char *description;
char *description; } ASN1_OID_INFO;
} ASN1_OID_INFO;
const ASN1_OID_INFO *asn1_oid_info_from_name(const ASN1_OID_INFO *infos, size_t count, const char *name);
const ASN1_OID_INFO *asn1_oid_info_from_name(const ASN1_OID_INFO *infos, size_t count, const char *name); const ASN1_OID_INFO *asn1_oid_info_from_oid(const ASN1_OID_INFO *infos, size_t count, int oid);
const ASN1_OID_INFO *asn1_oid_info_from_oid(const ASN1_OID_INFO *infos, size_t count, int oid); int asn1_oid_info_from_der_ex(const ASN1_OID_INFO **info, uint32_t *nodes, size_t *nodes_cnt,
int asn1_oid_info_from_der_ex(const ASN1_OID_INFO **info, uint32_t *nodes, size_t *nodes_cnt, const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen);
const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen); int asn1_oid_info_from_der(const ASN1_OID_INFO **info,
int asn1_oid_info_from_der(const ASN1_OID_INFO **info, const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen);
const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen);
int asn1_check(int expr);
int asn1_check(int expr);
#if __cplusplus
#if __cplusplus }
} #endif
#endif #endif
#endif

129
include/gmssl/base64.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,67 +7,66 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_BASE64_H
#ifndef GMSSL_BASE64_H #define GMSSL_BASE64_H
#define GMSSL_BASE64_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* BASE64 Public API
BASE64 Public API
BASE64_CTX
BASE64_CTX base64_encode_init
base64_encode_init base64_encode_update
base64_encode_update base64_encode_finish
base64_encode_finish base64_decode_init
base64_decode_init base64_decode_update
base64_decode_update base64_decode_finish
base64_decode_finish
*/
*/
typedef struct {
typedef struct { /* number saved in a partial encode/decode */
/* number saved in a partial encode/decode */ int num;
int num; /*
/* * The length is either the output line length (in input bytes) or the
* The length is either the output line length (in input bytes) or the * shortest input line length that is ok. Once decoding begins, the
* shortest input line length that is ok. Once decoding begins, the * length is adjusted up each time a longer line is decoded
* length is adjusted up each time a longer line is decoded */
*/ int length;
int length; /* data to encode */
/* data to encode */ unsigned char enc_data[80];
unsigned char enc_data[80]; /* number read on current line */
/* number read on current line */ int line_num;
int line_num; int expect_nl;
int expect_nl; } BASE64_CTX;
} BASE64_CTX;
# define BASE64_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
# define BASE64_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) # define BASE64_DECODE_LENGTH(l) ((l+3)/4*3+80)
# define BASE64_DECODE_LENGTH(l) ((l+3)/4*3+80)
void base64_encode_init(BASE64_CTX *ctx);
void base64_encode_init(BASE64_CTX *ctx); int base64_encode_update(BASE64_CTX *ctx, const uint8_t *in, int inlen, uint8_t *out, int *outlen);
int base64_encode_update(BASE64_CTX *ctx, const uint8_t *in, int inlen, uint8_t *out, int *outlen); void base64_encode_finish(BASE64_CTX *ctx, uint8_t *out, int *outlen);
void base64_encode_finish(BASE64_CTX *ctx, uint8_t *out, int *outlen);
void base64_decode_init(BASE64_CTX *ctx);
void base64_decode_init(BASE64_CTX *ctx); int base64_decode_update(BASE64_CTX *ctx, const uint8_t *in, int inlen, uint8_t *out, int *outlen);
int base64_decode_update(BASE64_CTX *ctx, const uint8_t *in, int inlen, uint8_t *out, int *outlen); int base64_decode_finish(BASE64_CTX *ctx, uint8_t *out, int *outlen);
int base64_decode_finish(BASE64_CTX *ctx, uint8_t *out, int *outlen);
int base64_encode_block(unsigned char *t, const unsigned char *f, int dlen);
int base64_encode_block(unsigned char *t, const unsigned char *f, int dlen); int base64_decode_block(unsigned char *t, const unsigned char *f, int n);
int base64_decode_block(unsigned char *t, const unsigned char *f, int n);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

133
include/gmssl/block_cipher.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,69 +7,68 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_BLOCK_CIPHER_H
#ifndef GMSSL_BLOCK_CIPHER_H #define GMSSL_BLOCK_CIPHER_H
#define GMSSL_BLOCK_CIPHER_H
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/aes.h>
#include <gmssl/aes.h> #include <gmssl/sm4.h>
#include <gmssl/sm4.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define BLOCK_CIPHER_BLOCK_SIZE 16
#define BLOCK_CIPHER_BLOCK_SIZE 16 #define BLOCK_CIPHER_MIN_KEY_SIZE 16
#define BLOCK_CIPHER_MIN_KEY_SIZE 16 #define BLOCK_CIPHER_MAX_KEY_SIZE 32
#define BLOCK_CIPHER_MAX_KEY_SIZE 32
typedef struct BLOCK_CIPHER BLOCK_CIPHER;
typedef struct BLOCK_CIPHER BLOCK_CIPHER; typedef struct BLOCK_CIPHER_KEY BLOCK_CIPHER_KEY;
typedef struct BLOCK_CIPHER_KEY BLOCK_CIPHER_KEY;
struct BLOCK_CIPHER_KEY {
struct BLOCK_CIPHER_KEY { union {
union { SM4_KEY sm4_key;
SM4_KEY sm4_key; AES_KEY aes_key;
AES_KEY aes_key; } u;
} u; const BLOCK_CIPHER *cipher;
const BLOCK_CIPHER *cipher; };
};
typedef void (*block_cipher_set_encrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key);
typedef void (*block_cipher_set_encrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key); typedef void (*block_cipher_set_decrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key);
typedef void (*block_cipher_set_decrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key); typedef void (*block_cipher_encrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
typedef void (*block_cipher_encrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out); typedef void (*block_cipher_decrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
typedef void (*block_cipher_decrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
struct BLOCK_CIPHER {
struct BLOCK_CIPHER { int oid;
int oid; size_t key_size;
size_t key_size; size_t block_size;
size_t block_size; block_cipher_set_encrypt_key_func set_encrypt_key;
block_cipher_set_encrypt_key_func set_encrypt_key; block_cipher_set_decrypt_key_func set_decrypt_key;
block_cipher_set_decrypt_key_func set_decrypt_key; block_cipher_encrypt_func encrypt;
block_cipher_encrypt_func encrypt; block_cipher_decrypt_func decrypt;
block_cipher_decrypt_func decrypt; };
};
const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void);
const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void); const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void);
const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void);
const BLOCK_CIPHER *block_cipher_from_name(const char *name);
const BLOCK_CIPHER *block_cipher_from_name(const char *name); const char *block_cipher_name(const BLOCK_CIPHER *cipher);
const char *block_cipher_name(const BLOCK_CIPHER *cipher); int block_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key);
int block_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key); int block_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key);
int block_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key); int block_cipher_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
int block_cipher_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out); int block_cipher_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
int block_cipher_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

99
include/gmssl/chacha20.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,52 +7,51 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
/* RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols" */
/* RFC 8439 "ChaCha20 and Poly1305 for IETF Protocols" */
#ifndef GMSSL_CHACHA20_H
#ifndef GMSSL_CHACHA20_H #define GMSSL_CHACHA20_H
#define GMSSL_CHACHA20_H
#define CHACHA20_IS_BIG_ENDIAN 0
#define CHACHA20_IS_BIG_ENDIAN 0
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h>
#include <string.h>
#include <string.h>
#define CHACHA20_KEY_BITS 256
#define CHACHA20_KEY_BITS 256 #define CHACHA20_NONCE_BITS 96
#define CHACHA20_NONCE_BITS 96 #define CHACHA20_COUNTER_BITS 32
#define CHACHA20_COUNTER_BITS 32
#define CHACHA20_KEY_SIZE (CHACHA20_KEY_BITS/8)
#define CHACHA20_KEY_SIZE (CHACHA20_KEY_BITS/8) #define CHACHA20_NONCE_SIZE (CHACHA20_NONCE_BITS/8)
#define CHACHA20_NONCE_SIZE (CHACHA20_NONCE_BITS/8) #define CHACHA20_COUNTER_SIZE (CHACHA20_COUNTER_BITS/8)
#define CHACHA20_COUNTER_SIZE (CHACHA20_COUNTER_BITS/8)
#define CHACHA20_KEY_WORDS (CHACHA20_KEY_SIZE/sizeof(uint32_t))
#define CHACHA20_KEY_WORDS (CHACHA20_KEY_SIZE/sizeof(uint32_t)) #define CHACHA20_NONCE_WORDS (CHACHA20_NONCE_SIZE/sizeof(uint32_t))
#define CHACHA20_NONCE_WORDS (CHACHA20_NONCE_SIZE/sizeof(uint32_t)) #define CHACHA20_COUNTER_WORDS (CHACHA20_COUNTER_SIZE/sizeof(uint32_t))
#define CHACHA20_COUNTER_WORDS (CHACHA20_COUNTER_SIZE/sizeof(uint32_t))
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
typedef struct {
typedef struct { uint32_t d[16];
uint32_t d[16]; } CHACHA20_STATE;
} CHACHA20_STATE;
void chacha20_init(CHACHA20_STATE *state,
void chacha20_init(CHACHA20_STATE *state, const uint8_t key[CHACHA20_KEY_SIZE],
const uint8_t key[CHACHA20_KEY_SIZE], const uint8_t nonce[CHACHA20_NONCE_SIZE], uint32_t counter);
const uint8_t nonce[CHACHA20_NONCE_SIZE], uint32_t counter);
void chacha20_generate_keystream(CHACHA20_STATE *state,
void chacha20_generate_keystream(CHACHA20_STATE *state, size_t counts, uint8_t *out);
size_t counts, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

1089
include/gmssl/cms.h
View File

File diff suppressed because it is too large Load Diff

101
include/gmssl/des.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,53 +7,52 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
/* FIPS PUB 46-3 "Data Encryption Standard (DES)" */
/* FIPS PUB 46-3 "Data Encryption Standard (DES)" */
#ifndef GMSSL_DES_H
#ifndef GMSSL_DES_H #define GMSSL_DES_H
#define GMSSL_DES_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define DES_KEY_BITS 56
#define DES_KEY_BITS 56 #define DES_BLOCK_BITS 64
#define DES_BLOCK_BITS 64 #define DES_KEY_SIZE ((DES_KEY_BITS)/7)
#define DES_KEY_SIZE ((DES_KEY_BITS)/7) #define DES_BLOCK_SIZE (DES_BLOCK_BITS/8)
#define DES_BLOCK_SIZE (DES_BLOCK_BITS/8)
#define DES_RK_BITS 48
#define DES_RK_BITS 48 #define DES_RK_SIZE (DES_RK_BITS/8)
#define DES_RK_SIZE (DES_RK_BITS/8) #define DES_ROUNDS 16
#define DES_ROUNDS 16
#define DES_EDE_KEY_SIZE (DES_KEY_SIZE * 3)
#define DES_EDE_KEY_SIZE (DES_KEY_SIZE * 3)
typedef struct {
typedef struct { uint64_t rk[DES_ROUNDS];
uint64_t rk[DES_ROUNDS]; } DES_KEY;
} DES_KEY;
void des_set_encrypt_key(DES_KEY *key, const uint8_t raw_key[DES_KEY_SIZE]);
void des_set_encrypt_key(DES_KEY *key, const uint8_t raw_key[DES_KEY_SIZE]); void des_set_decrypt_key(DES_KEY *key, const uint8_t raw_key[DES_KEY_SIZE]);
void des_set_decrypt_key(DES_KEY *key, const uint8_t raw_key[DES_KEY_SIZE]); void des_encrypt(DES_KEY *key, const uint8_t in[DES_BLOCK_SIZE], uint8_t out[DES_BLOCK_SIZE]);
void des_encrypt(DES_KEY *key, const uint8_t in[DES_BLOCK_SIZE], uint8_t out[DES_BLOCK_SIZE]);
typedef struct {
typedef struct { DES_KEY K[3];
DES_KEY K[3]; } DES_EDE_KEY;
} DES_EDE_KEY;
void des_ede_set_encrypt_key(DES_EDE_KEY *key, const uint8_t raw_key[DES_EDE_KEY_SIZE]);
void des_ede_set_encrypt_key(DES_EDE_KEY *key, const uint8_t raw_key[DES_EDE_KEY_SIZE]); void des_ede_set_decrypt_key(DES_EDE_KEY *key, const uint8_t raw_key[DES_EDE_KEY_SIZE]);
void des_ede_set_decrypt_key(DES_EDE_KEY *key, const uint8_t raw_key[DES_EDE_KEY_SIZE]); void des_ede_encrypt(DES_EDE_KEY *key, const uint8_t in[DES_BLOCK_SIZE], uint8_t out[DES_BLOCK_SIZE]);
void des_ede_encrypt(DES_EDE_KEY *key, const uint8_t in[DES_BLOCK_SIZE], uint8_t out[DES_BLOCK_SIZE]);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

147
include/gmssl/digest.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,76 +7,75 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_DIGEST_H
#ifndef GMSSL_DIGEST_H #define GMSSL_DIGEST_H
#define GMSSL_DIGEST_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm3.h>
#include <gmssl/sm3.h> #include <gmssl/md5.h>
#include <gmssl/md5.h> #include <gmssl/sha1.h>
#include <gmssl/sha1.h> #include <gmssl/sha2.h>
#include <gmssl/sha2.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
typedef struct DIGEST DIGEST;
typedef struct DIGEST DIGEST; typedef struct DIGEST_CTX DIGEST_CTX;
typedef struct DIGEST_CTX DIGEST_CTX;
#define DIGEST_MAX_SIZE 64
#define DIGEST_MAX_SIZE 64 #define DIGEST_MAX_BLOCK_SIZE (1024/8)
#define DIGEST_MAX_BLOCK_SIZE (1024/8)
struct DIGEST_CTX {
struct DIGEST_CTX { union {
union { SM3_CTX sm3_ctx;
SM3_CTX sm3_ctx; // MD5_CTX md5_ctx;
// MD5_CTX md5_ctx; SHA1_CTX sha1_ctx;
SHA1_CTX sha1_ctx; SHA224_CTX sha224_ctx;
SHA224_CTX sha224_ctx; SHA256_CTX sha256_ctx;
SHA256_CTX sha256_ctx; SHA384_CTX sha384_ctx;
SHA384_CTX sha384_ctx; SHA512_CTX sha512_ctx;
SHA512_CTX sha512_ctx; } u;
} u; const DIGEST *digest;
const DIGEST *digest; };
};
struct DIGEST {
struct DIGEST { int oid;
int oid; size_t digest_size;
size_t digest_size; size_t block_size;
size_t block_size; size_t ctx_size;
size_t ctx_size; int (*init)(DIGEST_CTX *ctx);
int (*init)(DIGEST_CTX *ctx); int (*update)(DIGEST_CTX *ctx, const uint8_t *data, size_t datalen);
int (*update)(DIGEST_CTX *ctx, const uint8_t *data, size_t datalen); int (*finish)(DIGEST_CTX *ctx, uint8_t *dgst);
int (*finish)(DIGEST_CTX *ctx, uint8_t *dgst); };
};
const DIGEST *DIGEST_sm3(void);
const DIGEST *DIGEST_sm3(void); //const DIGEST *DIGEST_md5(void);
//const DIGEST *DIGEST_md5(void); const DIGEST *DIGEST_sha1(void);
const DIGEST *DIGEST_sha1(void); const DIGEST *DIGEST_sha224(void);
const DIGEST *DIGEST_sha224(void); const DIGEST *DIGEST_sha256(void);
const DIGEST *DIGEST_sha256(void); const DIGEST *DIGEST_sha384(void);
const DIGEST *DIGEST_sha384(void); const DIGEST *DIGEST_sha512(void);
const DIGEST *DIGEST_sha512(void); const DIGEST *DIGEST_sha512_224(void);
const DIGEST *DIGEST_sha512_224(void); const DIGEST *DIGEST_sha512_256(void);
const DIGEST *DIGEST_sha512_256(void);
const DIGEST *digest_from_name(const char *name);
const DIGEST *digest_from_name(const char *name); const char *digest_name(const DIGEST *digest);
const char *digest_name(const DIGEST *digest); int digest_init(DIGEST_CTX *ctx, const DIGEST *algor);
int digest_init(DIGEST_CTX *ctx, const DIGEST *algor); int digest_update(DIGEST_CTX *ctx, const uint8_t *data, size_t datalen);
int digest_update(DIGEST_CTX *ctx, const uint8_t *data, size_t datalen); int digest_finish(DIGEST_CTX *ctx, uint8_t *dgst, size_t *dgstlen);
int digest_finish(DIGEST_CTX *ctx, uint8_t *dgst, size_t *dgstlen); int digest(const DIGEST *digest, const uint8_t *data, size_t datalen, uint8_t *dgst, size_t *dgstlen);
int digest(const DIGEST *digest, const uint8_t *data, size_t datalen, uint8_t *dgst, size_t *dgstlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

113
include/gmssl/ec.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,59 +7,58 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_EC_H
#ifndef GMSSL_EC_H #define GMSSL_EC_H
#define GMSSL_EC_H
#include <time.h>
#include <time.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/oid.h>
#include <gmssl/oid.h> #include <gmssl/asn1.h>
#include <gmssl/asn1.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* NamedCurve:
NamedCurve: OID_sm2
OID_sm2 OID_prime192v1
OID_prime192v1 OID_prime256v1
OID_prime256v1 OID_secp256k1
OID_secp256k1 OID_secp384r1
OID_secp384r1 OID_secp521r1
OID_secp521r1 */
*/ const char *ec_named_curve_name(int curve);
const char *ec_named_curve_name(int curve); int ec_named_curve_from_name(const char *name);
int ec_named_curve_from_name(const char *name); int ec_named_curve_to_der(int curve, uint8_t **out, size_t *outlen);
int ec_named_curve_to_der(int curve, uint8_t **out, size_t *outlen); int ec_named_curve_from_der(int *curve, const uint8_t **in, size_t *inlen);
int ec_named_curve_from_der(int *curve, const uint8_t **in, size_t *inlen);
/*
/* ECPoint ::= OCTET STRING -- uncompressed point
ECPoint ::= OCTET STRING -- uncompressed point */
*/ int ec_point_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int ec_point_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* ECPrivateKey ::= SEQUENCE {
ECPrivateKey ::= SEQUENCE { version INTEGER, -- value MUST be (1)
version INTEGER, -- value MUST be (1) privateKey OCTET STRING, -- big endian encoding of integer
privateKey OCTET STRING, -- big endian encoding of integer parameters [0] EXPLICIT OBJECT IDENTIFIER OPTIONAL, -- namedCurve
parameters [0] EXPLICIT OBJECT IDENTIFIER OPTIONAL, -- namedCurve publicKey [1] EXPLICIT BIT STRING OPTIONAL -- ECPoint
publicKey [1] EXPLICIT BIT STRING OPTIONAL -- ECPoint }
} */
*/
enum {
enum { EC_private_key_version = 1,
EC_private_key_version = 1, };
};
int ec_private_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int ec_private_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

141
include/gmssl/endian.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,73 +7,72 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_ENDIAN_H
#ifndef GMSSL_ENDIAN_H #define GMSSL_ENDIAN_H
#define GMSSL_ENDIAN_H
/* Big Endian R/W */
/* Big Endian R/W */
#define GETU16(p) \
#define GETU16(p) \ ((uint16_t)(p)[0] << 8 | \
((uint16_t)(p)[0] << 8 | \ (uint16_t)(p)[1])
(uint16_t)(p)[1])
#define GETU32(p) \
#define GETU32(p) \ ((uint32_t)(p)[0] << 24 | \
((uint32_t)(p)[0] << 24 | \ (uint32_t)(p)[1] << 16 | \
(uint32_t)(p)[1] << 16 | \ (uint32_t)(p)[2] << 8 | \
(uint32_t)(p)[2] << 8 | \ (uint32_t)(p)[3])
(uint32_t)(p)[3])
#define GETU64(p) \
#define GETU64(p) \ ((uint64_t)(p)[0] << 56 | \
((uint64_t)(p)[0] << 56 | \ (uint64_t)(p)[1] << 48 | \
(uint64_t)(p)[1] << 48 | \ (uint64_t)(p)[2] << 40 | \
(uint64_t)(p)[2] << 40 | \ (uint64_t)(p)[3] << 32 | \
(uint64_t)(p)[3] << 32 | \ (uint64_t)(p)[4] << 24 | \
(uint64_t)(p)[4] << 24 | \ (uint64_t)(p)[5] << 16 | \
(uint64_t)(p)[5] << 16 | \ (uint64_t)(p)[6] << 8 | \
(uint64_t)(p)[6] << 8 | \ (uint64_t)(p)[7])
(uint64_t)(p)[7])
// 注意PUTU32(buf, val++) 会出错!
// 注意PUTU32(buf, val++) 会出错! #define PUTU16(p,V) \
#define PUTU16(p,V) \ ((p)[0] = (uint8_t)((V) >> 8), \
((p)[0] = (uint8_t)((V) >> 8), \ (p)[1] = (uint8_t)(V))
(p)[1] = (uint8_t)(V))
#define PUTU32(p,V) \
#define PUTU32(p,V) \ ((p)[0] = (uint8_t)((V) >> 24), \
((p)[0] = (uint8_t)((V) >> 24), \ (p)[1] = (uint8_t)((V) >> 16), \
(p)[1] = (uint8_t)((V) >> 16), \ (p)[2] = (uint8_t)((V) >> 8), \
(p)[2] = (uint8_t)((V) >> 8), \ (p)[3] = (uint8_t)(V))
(p)[3] = (uint8_t)(V))
#define PUTU64(p,V) \
#define PUTU64(p,V) \ ((p)[0] = (uint8_t)((V) >> 56), \
((p)[0] = (uint8_t)((V) >> 56), \ (p)[1] = (uint8_t)((V) >> 48), \
(p)[1] = (uint8_t)((V) >> 48), \ (p)[2] = (uint8_t)((V) >> 40), \
(p)[2] = (uint8_t)((V) >> 40), \ (p)[3] = (uint8_t)((V) >> 32), \
(p)[3] = (uint8_t)((V) >> 32), \ (p)[4] = (uint8_t)((V) >> 24), \
(p)[4] = (uint8_t)((V) >> 24), \ (p)[5] = (uint8_t)((V) >> 16), \
(p)[5] = (uint8_t)((V) >> 16), \ (p)[6] = (uint8_t)((V) >> 8), \
(p)[6] = (uint8_t)((V) >> 8), \ (p)[7] = (uint8_t)(V))
(p)[7] = (uint8_t)(V))
/* Little Endian R/W */
/* Little Endian R/W */
#define GETU16_LE(p) (*(const uint16_t *)(p))
#define GETU16_LE(p) (*(const uint16_t *)(p)) #define GETU32_LE(p) (*(const uint32_t *)(p))
#define GETU32_LE(p) (*(const uint32_t *)(p)) #define GETU64_LE(p) (*(const uint64_t *)(p))
#define GETU64_LE(p) (*(const uint64_t *)(p))
#define PUTU16_LE(p,V) *(uint16_t *)(p) = (V)
#define PUTU16_LE(p,V) *(uint16_t *)(p) = (V) #define PUTU32_LE(p,V) *(uint32_t *)(p) = (V)
#define PUTU32_LE(p,V) *(uint32_t *)(p) = (V) #define PUTU64_LE(p,V) *(uint64_t *)(p) = (V)
#define PUTU64_LE(p,V) *(uint64_t *)(p) = (V)
/* Rotate */
/* Rotate */
#define ROL32(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
#define ROL32(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) #define ROL64(a,n) (((a)<<(n))|((a)>>(64-(n))))
#define ROL64(a,n) (((a)<<(n))|((a)>>(64-(n))))
#define ROR32(a,n) ROL32((a),32-(n))
#define ROR32(a,n) ROL32((a),32-(n)) #define ROR64(a,n) ROL64(a,64-n)
#define ROR64(a,n) ROL64(a,64-n)
#endif
#endif

113
include/gmssl/error.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,59 +7,58 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_ERROR_H
#ifndef GMSSL_ERROR_H #define GMSSL_ERROR_H
#define GMSSL_ERROR_H
#include <stdio.h>
#include <stdio.h> #include <stdarg.h>
#include <stdarg.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define GMSSL_FMT_BIN 1
#define GMSSL_FMT_BIN 1 #define GMSSL_FMT_HEX 2
#define GMSSL_FMT_HEX 2 #define GMSSL_FMT_DER 4
#define GMSSL_FMT_DER 4 #define GMSSL_FMT_PEM 8
#define GMSSL_FMT_PEM 8
#define DEBUG 1
#define DEBUG 1
#define error_print() \
#define error_print() \ do { if (DEBUG) fprintf(stderr, "%s:%d:%s():\n",__FILE__, __LINE__, __func__); } while (0)
do { if (DEBUG) fprintf(stderr, "%s:%d:%s():\n",__FILE__, __LINE__, __func__); } while (0)
#define error_print_msg(fmt, ...) \
#define error_print_msg(fmt, ...) \ do { if (DEBUG) fprintf(stderr, "%s:%d:%s(): " fmt, __FILE__, __LINE__, __func__, __VA_ARGS__); } while (0)
do { if (DEBUG) fprintf(stderr, "%s:%d:%s(): " fmt, __FILE__, __LINE__, __func__, __VA_ARGS__); } while (0)
#define error_puts(str) \
#define error_puts(str) \ do { if (DEBUG) fprintf(stderr, "%s: %d: %s: %s", __FILE__, __LINE__, __func__, str); } while (0)
do { if (DEBUG) fprintf(stderr, "%s: %d: %s: %s", __FILE__, __LINE__, __func__, str); } while (0)
void print_der(const uint8_t *in, size_t inlen);
void print_der(const uint8_t *in, size_t inlen); void print_bytes(const uint8_t *in, size_t inlen);
void print_bytes(const uint8_t *in, size_t inlen); void print_nodes(const uint32_t *in, size_t inlen);
void print_nodes(const uint32_t *in, size_t inlen);
#define FMT_CARRAY 0x80
#define FMT_CARRAY 0x80
int format_print(FILE *fp, int format, int indent, const char *str, ...);
int format_print(FILE *fp, int format, int indent, const char *str, ...); int format_bytes(FILE *fp, int format, int indent, const char *str, const uint8_t *data, size_t datalen);
int format_bytes(FILE *fp, int format, int indent, const char *str, const uint8_t *data, size_t datalen); int format_string(FILE *fp, int format, int indent, const char *str, const uint8_t *data, size_t datalen);
int format_string(FILE *fp, int format, int indent, const char *str, const uint8_t *data, size_t datalen);
//int tls_trace(int format, int indent, const char *str, ...);
//int tls_trace(int format, int indent, const char *str, ...);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

103
include/gmssl/gcm.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,54 +7,53 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_GCM_H
#ifndef GMSSL_GCM_H #define GMSSL_GCM_H
#define GMSSL_GCM_H
#include <stdlib.h>
#include <stdlib.h> #include <stdint.h>
#include <stdint.h> #include <string.h>
#include <string.h> #include <gmssl/gf128.h>
#include <gmssl/gf128.h> #include <gmssl/block_cipher.h>
#include <gmssl/block_cipher.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define GCM_IV_MIN_SIZE 1
#define GCM_IV_MIN_SIZE 1 #define GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3)))
#define GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3))) #define GCM_IV_DEFAULT_BITS 96
#define GCM_IV_DEFAULT_BITS 96 #define GCM_IV_DEFAULT_SIZE 12
#define GCM_IV_DEFAULT_SIZE 12
#define GCM_MIN_AAD_SIZE 0
#define GCM_MIN_AAD_SIZE 0 #define GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define GCM_MIN_PLAINTEXT_SIZE 0
#define GCM_MIN_PLAINTEXT_SIZE 0 #define GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define GHASH_SIZE (16)
#define GHASH_SIZE (16)
#define GCM_IS_LITTLE_ENDIAN 1
#define GCM_IS_LITTLE_ENDIAN 1
void ghash(const uint8_t h[16], const uint8_t *aad, size_t aadlen,
void ghash(const uint8_t h[16], const uint8_t *aad, size_t aadlen, const uint8_t *c, size_t clen, uint8_t out[16]);
const uint8_t *c, size_t clen, uint8_t out[16]);
int gcm_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen,
int gcm_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, uint8_t *out, size_t taglen, uint8_t *tag);
uint8_t *out, size_t taglen, uint8_t *tag);
int gcm_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen,
int gcm_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, const uint8_t *tag, size_t taglen, uint8_t *out);
const uint8_t *tag, size_t taglen, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

91
include/gmssl/gf128.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,48 +7,47 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
/* GF(2^128) defined by f(x) = x^128 + x^7 + x^2 + x + 1
/* GF(2^128) defined by f(x) = x^128 + x^7 + x^2 + x + 1 * A + B mod f(x) = a xor b
* A + B mod f(x) = a xor b * A * 2 mod f(x)
* A * 2 mod f(x) */
*/
#ifndef GMSSL_GF128_H
#ifndef GMSSL_GF128_H #define GMSSL_GF128_H
#define GMSSL_GF128_H
#include <stdio.h>
#include <stdio.h> #include <stdlib.h>
#include <stdlib.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
//typedef unsigned __int128 gf128_t;
//typedef unsigned __int128 gf128_t;
typedef struct {
typedef struct { uint64_t hi;
uint64_t hi; uint64_t lo;
uint64_t lo; } gf128_t;
} gf128_t;
// Note: send by value is comptabile with uint128_t and sse2
// Note: send by value is comptabile with uint128_t and sse2 gf128_t gf128_from_hex(const char *s);
gf128_t gf128_from_hex(const char *s); int gf128_equ_hex(gf128_t a, const char *s);
int gf128_equ_hex(gf128_t a, const char *s); gf128_t gf128_zero(void);
gf128_t gf128_zero(void); gf128_t gf128_add(gf128_t a, gf128_t b);
gf128_t gf128_add(gf128_t a, gf128_t b); gf128_t gf128_mul(gf128_t a, gf128_t b);
gf128_t gf128_mul(gf128_t a, gf128_t b); gf128_t gf128_mul2(gf128_t a);
gf128_t gf128_mul2(gf128_t a); gf128_t gf128_from_bytes(const uint8_t p[16]);
gf128_t gf128_from_bytes(const uint8_t p[16]); void gf128_to_bytes(gf128_t a, uint8_t p[16]);
void gf128_to_bytes(gf128_t a, uint8_t p[16]); int gf128_print(FILE *fp, int fmt ,int ind, const char *label, gf128_t a);
int gf128_print(FILE *fp, int fmt ,int ind, const char *label, gf128_t a);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

143
include/gmssl/hash_drbg.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,74 +7,73 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
/* NIST SP800-90A Rev.1 "Recommendation for Random Number Generation
/* NIST SP800-90A Rev.1 "Recommendation for Random Number Generation * Using Deterministic Random Bit Generators", 10.1.1 Hash_DRBG */
* Using Deterministic Random Bit Generators", 10.1.1 Hash_DRBG */
#ifndef GMSSL_HASH_DRBG_H
#ifndef GMSSL_HASH_DRBG_H #define GMSSL_HASH_DRBG_H
#define GMSSL_HASH_DRBG_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/digest.h>
#include <gmssl/digest.h>
/* seedlen for hash_drgb, table 2 of nist sp 800-90a rev.1 */
/* seedlen for hash_drgb, table 2 of nist sp 800-90a rev.1 */ #define HASH_DRBG_SM3_SEED_BITS 440 /* 55 bytes */
#define HASH_DRBG_SM3_SEED_BITS 440 /* 55 bytes */ #define HASH_DRBG_SHA1_SEED_BITS 440
#define HASH_DRBG_SHA1_SEED_BITS 440 #define HASH_DRBG_SHA224_SEED_BITS 440
#define HASH_DRBG_SHA224_SEED_BITS 440 #define HASH_DRBG_SHA512_224_SEED_BITS 440
#define HASH_DRBG_SHA512_224_SEED_BITS 440 #define HASH_DRBG_SHA256_SEED_BITS 440
#define HASH_DRBG_SHA256_SEED_BITS 440 #define HASH_DRBG_SHA512_256_SEED_BITS 440
#define HASH_DRBG_SHA512_256_SEED_BITS 440 #define HASH_DRBG_SHA384_SEED_BITS 888 /* 110 bytes */
#define HASH_DRBG_SHA384_SEED_BITS 888 /* 110 bytes */ #define HASH_DRBG_SHA512_SEED_BITS 888
#define HASH_DRBG_SHA512_SEED_BITS 888 #define HASH_DRBG_MAX_SEED_BITS 888
#define HASH_DRBG_MAX_SEED_BITS 888
#define HASH_DRBG_SM3_SEED_SIZE (HASH_DRBG_SM3_SEED_BITS/8)
#define HASH_DRBG_SM3_SEED_SIZE (HASH_DRBG_SM3_SEED_BITS/8) #define HASH_DRBG_SHA1_SEED_SIZE (HASH_DRBG_SHA1_SEED_BITS/8)
#define HASH_DRBG_SHA1_SEED_SIZE (HASH_DRBG_SHA1_SEED_BITS/8) #define HASH_DRBG_SHA224_SEED_SIZE (HASH_DRBG_SHA224_SEED_BITS/8)
#define HASH_DRBG_SHA224_SEED_SIZE (HASH_DRBG_SHA224_SEED_BITS/8) #define HASH_DRBG_SHA512_224_SEED_SIZE (HASH_DRBG_SHA512_224_SEED_BITS/8)
#define HASH_DRBG_SHA512_224_SEED_SIZE (HASH_DRBG_SHA512_224_SEED_BITS/8) #define HASH_DRBG_SHA256_SEED_SIZE (HASH_DRBG_SHA256_SEED_BITS/8)
#define HASH_DRBG_SHA256_SEED_SIZE (HASH_DRBG_SHA256_SEED_BITS/8) #define HASH_DRBG_SHA512_256_SEED_SIZE (HASH_DRBG_SHA512_256_SEED_BITS/8)
#define HASH_DRBG_SHA512_256_SEED_SIZE (HASH_DRBG_SHA512_256_SEED_BITS/8) #define HASH_DRBG_SHA384_SEED_SIZE (HASH_DRBG_SHA384_SEED_BITS/8)
#define HASH_DRBG_SHA384_SEED_SIZE (HASH_DRBG_SHA384_SEED_BITS/8) #define HASH_DRBG_SHA512_SEED_SIZE (HASH_DRBG_SHA512_SEED_BITS/8)
#define HASH_DRBG_SHA512_SEED_SIZE (HASH_DRBG_SHA512_SEED_BITS/8) #define HASH_DRBG_MAX_SEED_SIZE (HASH_DRBG_MAX_SEED_BITS/8)
#define HASH_DRBG_MAX_SEED_SIZE (HASH_DRBG_MAX_SEED_BITS/8)
#define HASH_DRBG_RESEED_INTERVAL ((uint64_t)1 << 48)
#define HASH_DRBG_RESEED_INTERVAL ((uint64_t)1 << 48)
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
typedef struct {
typedef struct { const DIGEST *digest;
const DIGEST *digest; uint8_t V[HASH_DRBG_MAX_SEED_SIZE];
uint8_t V[HASH_DRBG_MAX_SEED_SIZE]; uint8_t C[HASH_DRBG_MAX_SEED_SIZE];
uint8_t C[HASH_DRBG_MAX_SEED_SIZE]; size_t seedlen;
size_t seedlen; uint64_t reseed_counter;
uint64_t reseed_counter; } HASH_DRBG;
} HASH_DRBG;
int hash_drbg_init(HASH_DRBG *drbg,
int hash_drbg_init(HASH_DRBG *drbg, const DIGEST *digest,
const DIGEST *digest, const uint8_t *entropy, size_t entropy_len,
const uint8_t *entropy, size_t entropy_len, const uint8_t *nonce, size_t nonce_len,
const uint8_t *nonce, size_t nonce_len, const uint8_t *personalstr, size_t personalstr_len);
const uint8_t *personalstr, size_t personalstr_len);
int hash_drbg_reseed(HASH_DRBG *drbg,
int hash_drbg_reseed(HASH_DRBG *drbg, const uint8_t *entropy, size_t entropy_len,
const uint8_t *entropy, size_t entropy_len, const uint8_t *additional, size_t additional_len);
const uint8_t *additional, size_t additional_len);
int hash_drbg_generate(HASH_DRBG *drbg,
int hash_drbg_generate(HASH_DRBG *drbg, const uint8_t *additional, size_t additional_len,
const uint8_t *additional, size_t additional_len, size_t outlen, uint8_t *out);
size_t outlen, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

49
include/gmssl/hex.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,27 +7,26 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_HEX_H
#ifndef GMSSL_HEX_H #define GMSSL_HEX_H
#define GMSSL_HEX_H
#include <stdio.h>
#include <stdio.h> #include <stdlib.h>
#include <stdlib.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
int hex_to_bytes(const char *in, size_t inlen, uint8_t *out, size_t *outlen);
int hex_to_bytes(const char *in, size_t inlen, uint8_t *out, size_t *outlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

75
include/gmssl/hkdf.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,40 +7,39 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
// RFC 5869
// RFC 5869
#ifndef GMSSL_HKDF_H
#ifndef GMSSL_HKDF_H #define GMSSL_HKDF_H
#define GMSSL_HKDF_H
#include <string.h>
#include <string.h> #include <gmssl/digest.h>
#include <gmssl/digest.h> #include <gmssl/hmac.h>
#include <gmssl/hmac.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
int hkdf_extract(const DIGEST *digest, const uint8_t *salt, size_t saltlen,
int hkdf_extract(const DIGEST *digest, const uint8_t *salt, size_t saltlen, const uint8_t *ikm, size_t ikmlen,
const uint8_t *ikm, size_t ikmlen, uint8_t *prk, size_t *prklen);
uint8_t *prk, size_t *prklen);
int hkdf_expand(const DIGEST *digest, const uint8_t *prk, size_t prklen,
int hkdf_expand(const DIGEST *digest, const uint8_t *prk, size_t prklen, const uint8_t *opt_info, size_t opt_infolen,
const uint8_t *opt_info, size_t opt_infolen, size_t L, uint8_t *okm);
size_t L, uint8_t *okm);
int sm3_hkdf_extract(const uint8_t *salt, size_t saltlen,
int sm3_hkdf_extract(const uint8_t *salt, size_t saltlen, const uint8_t *ikm, size_t ikmlen,
const uint8_t *ikm, size_t ikmlen, uint8_t *prk, size_t *prklen);
uint8_t *prk, size_t *prklen);
int sm3_hkdf_expand(const uint8_t *prk, size_t prklen,
int sm3_hkdf_expand(const uint8_t *prk, size_t prklen, const uint8_t *opt_info, size_t opt_infolen,
const uint8_t *opt_info, size_t opt_infolen, size_t L, uint8_t *okm);
size_t L, uint8_t *okm);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

79
include/gmssl/hmac.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,42 +7,41 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_HMAC_H
#ifndef GMSSL_HMAC_H #define GMSSL_HMAC_H
#define GMSSL_HMAC_H
#include <string.h>
#include <string.h> #include <gmssl/digest.h>
#include <gmssl/digest.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define HMAC_MAX_SIZE (DIGEST_MAX_SIZE)
#define HMAC_MAX_SIZE (DIGEST_MAX_SIZE)
typedef struct hmac_ctx_st {
typedef struct hmac_ctx_st { const DIGEST *digest;
const DIGEST *digest; DIGEST_CTX digest_ctx;
DIGEST_CTX digest_ctx; DIGEST_CTX i_ctx;
DIGEST_CTX i_ctx; DIGEST_CTX o_ctx;
DIGEST_CTX o_ctx; } HMAC_CTX;
} HMAC_CTX;
size_t hmac_size(const HMAC_CTX *ctx);
size_t hmac_size(const HMAC_CTX *ctx);
int hmac_init(HMAC_CTX *ctx, const DIGEST *digest, const uint8_t *key, size_t keylen);
int hmac_init(HMAC_CTX *ctx, const DIGEST *digest, const uint8_t *key, size_t keylen); int hmac_update(HMAC_CTX *ctx, const uint8_t *data, size_t datalen);
int hmac_update(HMAC_CTX *ctx, const uint8_t *data, size_t datalen); int hmac_finish(HMAC_CTX *ctx, uint8_t *mac, size_t *maclen);
int hmac_finish(HMAC_CTX *ctx, uint8_t *mac, size_t *maclen);
int hmac(const DIGEST *md, const uint8_t *key, size_t keylen,
int hmac(const DIGEST *md, const uint8_t *key, size_t keylen, const uint8_t *data, size_t dlen,
const uint8_t *data, size_t dlen, uint8_t *mac, size_t *maclen);
uint8_t *mac, size_t *maclen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

81
include/gmssl/md5.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,43 +7,42 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_MD5_H
#ifndef GMSSL_MD5_H #define GMSSL_MD5_H
#define GMSSL_MD5_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define MD5_IS_BIG_ENDIAN 0
#define MD5_IS_BIG_ENDIAN 0
#define MD5_DIGEST_SIZE 16
#define MD5_DIGEST_SIZE 16 #define MD5_BLOCK_SIZE 64
#define MD5_BLOCK_SIZE 64 #define MD5_STATE_WORDS (MD5_BLOCK_SIZE/sizeof(uint32_t))
#define MD5_STATE_WORDS (MD5_BLOCK_SIZE/sizeof(uint32_t))
typedef struct {
typedef struct { uint32_t state[MD5_STATE_WORDS];
uint32_t state[MD5_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[MD5_BLOCK_SIZE];
uint8_t block[MD5_BLOCK_SIZE]; size_t num;
size_t num; } MD5_CTX;
} MD5_CTX;
void md5_init(MD5_CTX *ctx);
void md5_init(MD5_CTX *ctx); void md5_update(MD5_CTX *ctx, const uint8_t *data, size_t datalen);
void md5_update(MD5_CTX *ctx, const uint8_t *data, size_t datalen); void md5_finish(MD5_CTX *ctx, uint8_t dgst[MD5_DIGEST_SIZE]);
void md5_finish(MD5_CTX *ctx, uint8_t dgst[MD5_DIGEST_SIZE]); void md5_digest(const uint8_t *data, size_t datalen, uint8_t dgst[MD5_DIGEST_SIZE]);
void md5_digest(const uint8_t *data, size_t datalen, uint8_t dgst[MD5_DIGEST_SIZE]);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

39
include/gmssl/mem.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,22 +7,21 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_MEM_H
#ifndef GMSSL_MEM_H #define GMSSL_MEM_H
#define GMSSL_MEM_H
#include <stdint.h>
#include <stdint.h> #include <stddef.h> // where size_t from
#include <stddef.h> // where size_t from
void memxor(void *r, const void *a, size_t len);
void memxor(void *r, const void *a, size_t len); void gmssl_memxor(void *r, const void *a, const void *b, size_t len);
void gmssl_memxor(void *r, const void *a, const void *b, size_t len);
int gmssl_secure_memcmp(const volatile void * volatile in_a, const volatile void * volatile in_b, size_t len);
int gmssl_secure_memcmp(const volatile void * volatile in_a, const volatile void * volatile in_b, size_t len); void gmssl_secure_clear(void *ptr, size_t len);
void gmssl_secure_clear(void *ptr, size_t len);
int mem_is_zero(const uint8_t *buf, size_t len); // FIXME: uint8_t * to void *
int mem_is_zero(const uint8_t *buf, size_t len); // FIXME: uint8_t * to void *
#endif
#endif

411
include/gmssl/oid.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,208 +7,207 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_OID_H
#ifndef GMSSL_OID_H #define GMSSL_OID_H
#define GMSSL_OID_H
#include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
enum {
enum { OID_undef = 0,
OID_undef = 0,
// ShangMi schemes in GM/T 0006-2012
// ShangMi schemes in GM/T 0006-2012 OID_sm1,
OID_sm1, OID_ssf33,
OID_ssf33, OID_sm4,
OID_sm4, OID_zuc,
OID_zuc, OID_sm2,
OID_sm2, OID_sm2sign,
OID_sm2sign, OID_sm2keyagreement,
OID_sm2keyagreement, OID_sm2encrypt,
OID_sm2encrypt, OID_sm9,
OID_sm9, OID_sm9sign,
OID_sm9sign, OID_sm9keyagreement,
OID_sm9keyagreement, OID_sm9encrypt,
OID_sm9encrypt, OID_sm3,
OID_sm3, OID_sm3_keyless,
OID_sm3_keyless, OID_hmac_sm3,
OID_hmac_sm3, OID_sm2sign_with_sm3,
OID_sm2sign_with_sm3, OID_rsasign_with_sm3,
OID_rsasign_with_sm3, OID_ec_public_key, // X9.62 ecPublicKey
OID_ec_public_key, // X9.62 ecPublicKey OID_prime192v1,
OID_prime192v1, OID_prime256v1,
OID_prime256v1, OID_secp256k1,
OID_secp256k1, OID_secp192k1,
OID_secp192k1, OID_secp224k1,
OID_secp224k1, OID_secp224r1,
OID_secp224r1, OID_secp384r1,
OID_secp384r1, OID_secp521r1,
OID_secp521r1,
OID_at_name,
OID_at_name, OID_at_surname,
OID_at_surname, OID_at_given_name,
OID_at_given_name, OID_at_initials,
OID_at_initials, OID_at_generation_qualifier,
OID_at_generation_qualifier, OID_at_common_name,
OID_at_common_name, OID_at_locality_name,
OID_at_locality_name, OID_at_state_or_province_name,
OID_at_state_or_province_name, OID_at_organization_name,
OID_at_organization_name, OID_at_organizational_unit_name,
OID_at_organizational_unit_name, OID_at_title,
OID_at_title, OID_at_dn_qualifier,
OID_at_dn_qualifier, OID_at_country_name,
OID_at_country_name, OID_at_serial_number,
OID_at_serial_number, OID_at_pseudonym,
OID_at_pseudonym, OID_domain_component,
OID_domain_component, OID_email_address,
OID_email_address,
// Cert Extensions
// Cert Extensions OID_ce_authority_key_identifier,
OID_ce_authority_key_identifier, OID_ce_subject_key_identifier,
OID_ce_subject_key_identifier, OID_ce_key_usage,
OID_ce_key_usage, OID_ce_certificate_policies,
OID_ce_certificate_policies, OID_ce_policy_mappings,
OID_ce_policy_mappings, OID_ce_subject_alt_name,
OID_ce_subject_alt_name, OID_ce_issuer_alt_name,
OID_ce_issuer_alt_name, OID_ce_subject_directory_attributes,
OID_ce_subject_directory_attributes, OID_ce_basic_constraints,
OID_ce_basic_constraints, OID_ce_name_constraints,
OID_ce_name_constraints, OID_ce_policy_constraints,
OID_ce_policy_constraints, OID_ce_ext_key_usage,
OID_ce_ext_key_usage, OID_ce_crl_distribution_points,
OID_ce_crl_distribution_points, OID_ce_inhibit_any_policy,
OID_ce_inhibit_any_policy, OID_ce_freshest_crl,
OID_ce_freshest_crl, OID_netscape_cert_type,
OID_netscape_cert_type, OID_netscape_cert_comment,
OID_netscape_cert_comment, OID_cert_authority_info_access,
OID_cert_authority_info_access, OID_ct_precertificate_scts,
OID_ct_precertificate_scts,
// CRL Extensions
// CRL Extensions //OID_ce_authority_key_identifier,
//OID_ce_authority_key_identifier, //OID_ce_issuer_alt_name,
//OID_ce_issuer_alt_name, OID_ce_crl_number,
OID_ce_crl_number, OID_ce_delta_crl_indicator,
OID_ce_delta_crl_indicator, OID_ce_issuing_distribution_point,
OID_ce_issuing_distribution_point, //OID_ce_freshest_crl,
//OID_ce_freshest_crl, OID_pe_authority_info_access,
OID_pe_authority_info_access,
// CRL Entry Extensions
// CRL Entry Extensions OID_ce_crl_reasons,
OID_ce_crl_reasons, OID_ce_invalidity_date,
OID_ce_invalidity_date, OID_ce_certificate_issuer,
OID_ce_certificate_issuer,
// X.509 KeyPropuseID
// X.509 KeyPropuseID OID_kp_server_auth,
OID_kp_server_auth, OID_kp_client_auth,
OID_kp_client_auth, OID_kp_code_signing,
OID_kp_code_signing, OID_kp_email_protection,
OID_kp_email_protection, OID_kp_time_stamping,
OID_kp_time_stamping, OID_kp_ocsp_signing,
OID_kp_ocsp_signing,
OID_qt_cps,
OID_qt_cps, OID_qt_unotice,
OID_qt_unotice,
OID_md5,
OID_md5, OID_sha1,
OID_sha1, OID_sha224,
OID_sha224, OID_sha256,
OID_sha256, OID_sha384,
OID_sha384, OID_sha512,
OID_sha512, OID_sha512_224,
OID_sha512_224, OID_sha512_256,
OID_sha512_256,
OID_hmac_sha1,
OID_hmac_sha1, OID_hmac_sha224,
OID_hmac_sha224, OID_hmac_sha256,
OID_hmac_sha256, OID_hmac_sha384,
OID_hmac_sha384, OID_hmac_sha512,
OID_hmac_sha512, OID_hmac_sha512_224,
OID_hmac_sha512_224, OID_hmac_sha512_256,
OID_hmac_sha512_256,
OID_pbkdf2, // {pkcs-5 12}
OID_pbkdf2, // {pkcs-5 12} OID_pbes2, // {pkcs-5 13}
OID_pbes2, // {pkcs-5 13}
OID_sm4_ecb, // 1 2 156 10197 1 104 1
OID_sm4_ecb, // 1 2 156 10197 1 104 1 OID_sm4_cbc, // 1 2 156 10197 1 104 2
OID_sm4_cbc, // 1 2 156 10197 1 104 2
OID_aes,
OID_aes, OID_aes128_cbc,
OID_aes128_cbc, OID_aes192_cbc,
OID_aes192_cbc, OID_aes256_cbc,
OID_aes256_cbc,
OID_aes128, // 没有OID
OID_aes128, // 没有OID
OID_ecdsa_with_sha1,
OID_ecdsa_with_sha1, OID_ecdsa_with_sha224,
OID_ecdsa_with_sha224, OID_ecdsa_with_sha256,
OID_ecdsa_with_sha256, OID_ecdsa_with_sha384,
OID_ecdsa_with_sha384, OID_ecdsa_with_sha512,
OID_ecdsa_with_sha512,
OID_rsasign_with_md5,
OID_rsasign_with_md5, OID_rsasign_with_sha1,
OID_rsasign_with_sha1, OID_rsasign_with_sha224,
OID_rsasign_with_sha224, OID_rsasign_with_sha256,
OID_rsasign_with_sha256, OID_rsasign_with_sha384,
OID_rsasign_with_sha384, OID_rsasign_with_sha512,
OID_rsasign_with_sha512,
OID_rsa_encryption,
OID_rsa_encryption, OID_rsaes_oaep,
OID_rsaes_oaep,
OID_any_policy,
OID_any_policy,
OID_cms_data,
OID_cms_data, OID_cms_signed_data,
OID_cms_signed_data, OID_cms_enveloped_data,
OID_cms_enveloped_data, OID_cms_signed_and_enveloped_data,
OID_cms_signed_and_enveloped_data, OID_cms_encrypted_data,
OID_cms_encrypted_data, OID_cms_key_agreement_info,
OID_cms_key_agreement_info, };
};
// {iso(1) org(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
// {iso(1) org(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7)} #define oid_pkix 1,3,6,1,5,5,7
#define oid_pkix 1,3,6,1,5,5,7
#define oid_pe oid_pkix,1
#define oid_pe oid_pkix,1 #define oid_qt oid_pkix,2
#define oid_qt oid_pkix,2 #define oid_kp oid_pkix,3
#define oid_kp oid_pkix,3 #define oid_ad oid_pkix,48
#define oid_ad oid_pkix,48
// {iso(1) member-body(2) us(840) rsadsi(113549)}
// {iso(1) member-body(2) us(840) rsadsi(113549)} #define oid_rsadsi 1,2,840,113549
#define oid_rsadsi 1,2,840,113549 #define oid_pkcs oid_rsadsi,1
#define oid_pkcs oid_rsadsi,1 #define oid_pkcs5 oid_pkcs,5
#define oid_pkcs5 oid_pkcs,5
// {iso(1) member-body(2) us(840) ansi-x962(10045)}
// {iso(1) member-body(2) us(840) ansi-x962(10045)} #define oid_x9_62 1,2,840,10045
#define oid_x9_62 1,2,840,10045
#define oid_at 2,5,4
#define oid_at 2,5,4 #define oid_ce 2,5,29
#define oid_ce 2,5,29
#define oid_sm 1,2,156,10197
#define oid_sm 1,2,156,10197 #define oid_sm_algors oid_sm,1
#define oid_sm_algors oid_sm,1 #define oid_sm2_cms oid_sm,6,1,4,2
#define oid_sm2_cms oid_sm,6,1,4,2
#define oid_cnt(nodes) (sizeof(nodes)/sizeof(int))
#define oid_cnt(nodes) (sizeof(nodes)/sizeof(int))
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

93
include/gmssl/pbkdf2.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,49 +7,48 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_PBKDF2_H
#ifndef GMSSL_PBKDF2_H #define GMSSL_PBKDF2_H
#define GMSSL_PBKDF2_H
#include <stdio.h>
#include <stdio.h> #include <stdlib.h>
#include <stdlib.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <limits.h>
#include <limits.h> #include <gmssl/hmac.h>
#include <gmssl/hmac.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* PBKDF2 Public API
PBKDF2 Public API
PBKDF2_MIN_ITER
PBKDF2_MIN_ITER PBKDF2_DEFAULT_SALT_SIZE
PBKDF2_DEFAULT_SALT_SIZE PBKDF2_MAX_SALT_SIZE
PBKDF2_MAX_SALT_SIZE
pbkdf2_hmac_sm3_genkey
pbkdf2_hmac_sm3_genkey */
*/
#define PBKDF2_MIN_ITER 10000
#define PBKDF2_MIN_ITER 10000 #define PBKDF2_MAX_ITER (INT_MAX)
#define PBKDF2_MAX_ITER (INT_MAX) #define PBKDF2_MAX_SALT_SIZE 64
#define PBKDF2_MAX_SALT_SIZE 64 #define PBKDF2_DEFAULT_SALT_SIZE 8
#define PBKDF2_DEFAULT_SALT_SIZE 8
int pbkdf2_genkey(const DIGEST *digest,
int pbkdf2_genkey(const DIGEST *digest, const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, size_t iter,
const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, size_t iter, size_t outlen, uint8_t *out);
size_t outlen, uint8_t *out);
int pbkdf2_hmac_sm3_genkey(
int pbkdf2_hmac_sm3_genkey( const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, size_t iter,
const char *pass, size_t passlen, const uint8_t *salt, size_t saltlen, size_t iter, size_t outlen, uint8_t *out);
size_t outlen, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

51
include/gmssl/pem.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,28 +7,27 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_PEM_H
#ifndef GMSSL_PEM_H #define GMSSL_PEM_H
#define GMSSL_PEM_H
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/base64.h>
#include <gmssl/base64.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
int pem_read(FILE *fp, const char *name, uint8_t *out, size_t *outlen, size_t maxlen);
int pem_read(FILE *fp, const char *name, uint8_t *out, size_t *outlen, size_t maxlen); int pem_write(FILE *fp, const char *name, const uint8_t *in, size_t inlen);
int pem_write(FILE *fp, const char *name, const uint8_t *in, size_t inlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

323
include/gmssl/pkcs8.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,164 +7,163 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
// RFC 5208: PKCS #8: Private-Key Information Syntax Specification version 1.2
// RFC 5208: PKCS #8: Private-Key Information Syntax Specification version 1.2
#ifndef GMSSL_PKCS8_H
#ifndef GMSSL_PKCS8_H #define GMSSL_PKCS8_H
#define GMSSL_PKCS8_H
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdlib.h>
#include <stdlib.h> #include <stdint.h>
#include <stdint.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/pem.h>
#include <gmssl/pem.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
PBKDF2-params ::= SEQUENCE {
PBKDF2-params ::= SEQUENCE { salt CHOICE {
salt CHOICE { specified OCTET STRING,
specified OCTET STRING, otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}} },
}, iterationCount INTEGER (1..MAX),
iterationCount INTEGER (1..MAX), keyLength INTEGER (1..MAX) OPTIONAL, -- 这个参数可以由函数指定
keyLength INTEGER (1..MAX) OPTIONAL, -- 这个参数可以由函数指定 prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1
prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
}
prf must be OID_hmac_sm3
prf must be OID_hmac_sm3 cipher must be OID_sm4_cbc
cipher must be OID_sm4_cbc */
*/ int pbkdf2_params_to_der(const uint8_t *salt, size_t saltlen, int iter, int keylen, int prf,
int pbkdf2_params_to_der(const uint8_t *salt, size_t saltlen, int iter, int keylen, int prf, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pbkdf2_params_from_der(const uint8_t **salt, size_t *saltlen, int *iter, int *keylen, int *prf,
int pbkdf2_params_from_der(const uint8_t **salt, size_t *saltlen, int *iter, int *keylen, int *prf, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pbkdf2_params_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbkdf2_params_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbkdf2_algor_to_der(
int pbkdf2_algor_to_der( const uint8_t *salt, size_t saltlen,
const uint8_t *salt, size_t saltlen, int iter,
int iter, int keylen,
int keylen, int prf,
int prf, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pbkdf2_algor_from_der(
int pbkdf2_algor_from_der( const uint8_t **salt, size_t *saltlen,
const uint8_t **salt, size_t *saltlen, int *iter,
int *iter, int *keylen,
int *keylen, int *prf,
int *prf, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pbkdf2_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbkdf2_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
PBES2-params ::= SEQUENCE {
PBES2-params ::= SEQUENCE { keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, -- id-PBKDF2
keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, -- id-PBKDF2 encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}}
encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}}
PBES2-Encs:
PBES2-Encs: AES-CBC-Pad [RFC2898]
AES-CBC-Pad [RFC2898] RC5-CBC-Pad
RC5-CBC-Pad DES-CBC-Pad legacy
DES-CBC-Pad legacy DES-EDE3-CBC-Pad legacy
DES-EDE3-CBC-Pad legacy RC2-CBC-Pad legacy
RC2-CBC-Pad legacy */
*/
int pbes2_enc_algor_to_der(
int pbes2_enc_algor_to_der( int cipher,
int cipher, const uint8_t *iv, size_t ivlen,
const uint8_t *iv, size_t ivlen, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pbes2_enc_algor_from_der(
int pbes2_enc_algor_from_der( int *cipher,
int *cipher, const uint8_t **iv, size_t *ivlen,
const uint8_t **iv, size_t *ivlen, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pbes2_enc_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbes2_enc_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbes2_params_to_der(
int pbes2_params_to_der( const uint8_t *salt, size_t saltlen,
const uint8_t *salt, size_t saltlen, int iter,
int iter, int keylen,
int keylen, int prf,
int prf, int cipher,
int cipher, const uint8_t *iv, size_t ivlen,
const uint8_t *iv, size_t ivlen, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pbes2_params_from_der(
int pbes2_params_from_der( const uint8_t **salt, size_t *saltlen,
const uint8_t **salt, size_t *saltlen, int *iter,
int *iter, int *keylen,
int *keylen, int *prf,
int *prf, int *cipher,
int *cipher, const uint8_t **iv, size_t *ivlen,
const uint8_t **iv, size_t *ivlen, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pbes2_params_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbes2_params_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbes2_algor_to_der(
int pbes2_algor_to_der( const uint8_t *salt, size_t saltlen,
const uint8_t *salt, size_t saltlen, int iter,
int iter, int keylen,
int keylen, int prf,
int prf, int cipher,
int cipher, const uint8_t *iv, size_t ivlen,
const uint8_t *iv, size_t ivlen, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pbes2_algor_from_der(
int pbes2_algor_from_der( const uint8_t **salt, size_t *saltlen,
const uint8_t **salt, size_t *saltlen, int *iter,
int *iter, int *keylen,
int *keylen, int *prf,
int *prf, int *cipher,
int *cipher, const uint8_t **iv, size_t *ivlen,
const uint8_t **iv, size_t *ivlen, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pbes2_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pbes2_algor_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* from [RFC 5208]
from [RFC 5208]
EncryptedPrivateKeyInfo ::= SEQUENCE {
EncryptedPrivateKeyInfo ::= SEQUENCE { encryptionAlgorithm EncryptionAlgorithmIdentifier,
encryptionAlgorithm EncryptionAlgorithmIdentifier, encryptedData OCTET STRING }
encryptedData OCTET STRING }
encryptionAlgorithm:
encryptionAlgorithm: id-PBES2
id-PBES2
PrivateKeyInfo ::= SEQUENCE {
PrivateKeyInfo ::= SEQUENCE { version INTEGER { v1(0) },
version INTEGER { v1(0) }, privateKeyAlgorithm AlgorithmIdentifier,
privateKeyAlgorithm AlgorithmIdentifier, privateKey OCTET STRING,
privateKey OCTET STRING, attributes [0] Attributes OPTIONAL }
attributes [0] Attributes OPTIONAL } */
*/
int pkcs8_enced_private_key_info_to_der(
int pkcs8_enced_private_key_info_to_der( const uint8_t *salt, size_t saltlen,
const uint8_t *salt, size_t saltlen, int iter,
int iter, int keylen,
int keylen, int prf,
int prf, int cipher,
int cipher, const uint8_t *iv, size_t ivlen,
const uint8_t *iv, size_t ivlen, const uint8_t *enced, size_t encedlen,
const uint8_t *enced, size_t encedlen, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int pkcs8_enced_private_key_info_from_der(
int pkcs8_enced_private_key_info_from_der( const uint8_t **salt, size_t *saltlen,
const uint8_t **salt, size_t *saltlen, int *iter,
int *iter, int *keylen,
int *keylen, int *prf,
int *prf, int *cipher,
int *cipher, const uint8_t **iv, size_t *ivlen,
const uint8_t **iv, size_t *ivlen, const uint8_t **enced, size_t *encedlen,
const uint8_t **enced, size_t *encedlen, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int pkcs8_enced_private_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int pkcs8_enced_private_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

61
include/gmssl/rand.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,33 +7,32 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_RAND_H
#ifndef GMSSL_RAND_H #define GMSSL_RAND_H
#define GMSSL_RAND_H
#include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* Rand Public API
Rand Public API
rand_bytes
rand_bytes
*/
*/
int rand_bytes(uint8_t *buf, size_t buflen);
int rand_bytes(uint8_t *buf, size_t buflen);
int rdrand_bytes(uint8_t *buf, size_t buflen);
int rdrand_bytes(uint8_t *buf, size_t buflen); int rdseed_bytes(uint8_t *buf, size_t buflen);
int rdseed_bytes(uint8_t *buf, size_t buflen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

65
include/gmssl/rc4.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,35 +7,34 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_RC4_H
#ifndef GMSSL_RC4_H #define GMSSL_RC4_H
#define GMSSL_RC4_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define RC4_MIN_KEY_BITS 40
#define RC4_MIN_KEY_BITS 40 #define RC4_STATE_NUM_WORDS 256
#define RC4_STATE_NUM_WORDS 256
typedef struct {
typedef struct { uint8_t d[RC4_STATE_NUM_WORDS];
uint8_t d[RC4_STATE_NUM_WORDS]; } RC4_STATE;
} RC4_STATE;
void rc4_init(RC4_STATE *state, const uint8_t *key, size_t keylen);
void rc4_init(RC4_STATE *state, const uint8_t *key, size_t keylen); void rc4_generate_keystream(RC4_STATE *state, size_t outlen, uint8_t *out);
void rc4_generate_keystream(RC4_STATE *state, size_t outlen, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

97
include/gmssl/rsa.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,51 +7,50 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_RSA_H
#ifndef GMSSL_RSA_H #define GMSSL_RSA_H
#define GMSSL_RSA_H
#include <stdio.h>
#include <stdio.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* RSAPublicKey ::= SEQUENCE {
RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- n
modulus INTEGER, -- n publicExponent INTEGER -- e
publicExponent INTEGER -- e }
}
RSAPrivateKey ::= SEQUENCE {
RSAPrivateKey ::= SEQUENCE { version INTEGER, -- 0
version INTEGER, -- 0 modulus INTEGER, -- n
modulus INTEGER, -- n publicExponent INTEGER, -- e
publicExponent INTEGER, -- e privateExponent INTEGER, -- d
privateExponent INTEGER, -- d prime1 INTEGER, -- p
prime1 INTEGER, -- p prime2 INTEGER, -- q
prime2 INTEGER, -- q exponent1 INTEGER, -- d mod (p-1)
exponent1 INTEGER, -- d mod (p-1) exponent2 INTEGER, -- d mod (q-1)
exponent2 INTEGER, -- d mod (q-1) coefficient INTEGER -- q^-1 mod p
coefficient INTEGER -- q^-1 mod p }
} */
*/
int rsa_public_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int rsa_public_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

123
include/gmssl/sdf.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,64 +7,63 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SDF_H
#ifndef GMSSL_SDF_H #define GMSSL_SDF_H
#define GMSSL_SDF_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* SDF Public API
SDF Public API
sdf_load_library
sdf_load_library sdf_unload_library
sdf_unload_library
SDF_DEVICE
SDF_DEVICE sdf_open_device
sdf_open_device sdf_close_device
sdf_close_device sdf_print_device_info
sdf_print_device_info sdf_rand_bytes
sdf_rand_bytes sdf_load_sign_key
sdf_load_sign_key
SDF_KEY
SDF_KEY sdf_sign
sdf_sign sdf_release_key
sdf_release_key */
*/
typedef struct {
typedef struct { void *handle;
void *handle; char issuer[41];
char issuer[41]; char name[17];
char name[17]; char serial[17];
char serial[17]; } SDF_DEVICE;
} SDF_DEVICE;
typedef struct {
typedef struct { SM2_KEY public_key;
SM2_KEY public_key; void *session;
void *session; int index;
int index; } SDF_KEY;
} SDF_KEY;
int sdf_load_library(const char *so_path, const char *vendor);
int sdf_load_library(const char *so_path, const char *vendor); int sdf_open_device(SDF_DEVICE *dev);
int sdf_open_device(SDF_DEVICE *dev); int sdf_print_device_info(FILE *fp, int fmt, int ind, const char *lable, SDF_DEVICE *dev);
int sdf_print_device_info(FILE *fp, int fmt, int ind, const char *lable, SDF_DEVICE *dev); int sdf_rand_bytes(SDF_DEVICE *dev, uint8_t *buf, size_t len);
int sdf_rand_bytes(SDF_DEVICE *dev, uint8_t *buf, size_t len); int sdf_load_sign_key(SDF_DEVICE *dev, SDF_KEY *key, int index, const char *pass);
int sdf_load_sign_key(SDF_DEVICE *dev, SDF_KEY *key, int index, const char *pass); int sdf_sign(SDF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen);
int sdf_sign(SDF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen); int sdf_release_key(SDF_KEY *key);
int sdf_release_key(SDF_KEY *key); int sdf_close_device(SDF_DEVICE *dev);
int sdf_close_device(SDF_DEVICE *dev); void sdf_unload_library(void);
void sdf_unload_library(void);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

75
include/gmssl/sha1.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,40 +7,39 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SHA1_H
#ifndef GMSSL_SHA1_H #define GMSSL_SHA1_H
#define GMSSL_SHA1_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define SHA1_IS_BIG_ENDIAN 1
#define SHA1_IS_BIG_ENDIAN 1
#define SHA1_DIGEST_SIZE 20
#define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64
#define SHA1_BLOCK_SIZE 64 #define SHA1_STATE_WORDS (SHA1_DIGEST_SIZE/sizeof(uint32_t))
#define SHA1_STATE_WORDS (SHA1_DIGEST_SIZE/sizeof(uint32_t))
typedef struct {
typedef struct { uint32_t state[SHA1_STATE_WORDS];
uint32_t state[SHA1_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SHA1_BLOCK_SIZE];
uint8_t block[SHA1_BLOCK_SIZE]; size_t num;
size_t num; } SHA1_CTX;
} SHA1_CTX;
void sha1_init(SHA1_CTX *ctx);
void sha1_init(SHA1_CTX *ctx); void sha1_update(SHA1_CTX *ctx, const uint8_t *data, size_t datalen);
void sha1_update(SHA1_CTX *ctx, const uint8_t *data, size_t datalen); void sha1_finish(SHA1_CTX *ctx, uint8_t dgst[SHA1_DIGEST_SIZE]);
void sha1_finish(SHA1_CTX *ctx, uint8_t dgst[SHA1_DIGEST_SIZE]); void sha1_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA1_DIGEST_SIZE]);
void sha1_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA1_DIGEST_SIZE]);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

189
include/gmssl/sha2.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,97 +7,96 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SHA2_H
#ifndef GMSSL_SHA2_H #define GMSSL_SHA2_H
#define GMSSL_SHA2_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <sys/types.h>
#include <sys/types.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define SHA2_IS_BIG_ENDIAN 1
#define SHA2_IS_BIG_ENDIAN 1
#define SHA224_DIGEST_SIZE 28
#define SHA224_DIGEST_SIZE 28 #define SHA224_BLOCK_SIZE 64
#define SHA224_BLOCK_SIZE 64 #define SHA224_STATE_WORDS 8
#define SHA224_STATE_WORDS 8
typedef struct {
typedef struct { uint32_t state[SHA224_STATE_WORDS];
uint32_t state[SHA224_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SHA224_BLOCK_SIZE];
uint8_t block[SHA224_BLOCK_SIZE]; int num;
int num; } SHA224_CTX;
} SHA224_CTX;
void sha224_init(SHA224_CTX *ctx);
void sha224_init(SHA224_CTX *ctx); void sha224_update(SHA224_CTX *ctx, const uint8_t* data, size_t datalen);
void sha224_update(SHA224_CTX *ctx, const uint8_t* data, size_t datalen); void sha224_finish(SHA224_CTX *ctx, uint8_t dgst[SHA224_DIGEST_SIZE]);
void sha224_finish(SHA224_CTX *ctx, uint8_t dgst[SHA224_DIGEST_SIZE]); void sha224_digest(const uint8_t *data, size_t datalen,
void sha224_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA224_DIGEST_SIZE]);
uint8_t dgst[SHA224_DIGEST_SIZE]);
#define SHA256_DIGEST_SIZE 32
#define SHA256_DIGEST_SIZE 32 #define SHA256_BLOCK_SIZE 64
#define SHA256_BLOCK_SIZE 64 #define SHA256_STATE_WORDS 8
#define SHA256_STATE_WORDS 8
typedef struct {
typedef struct { uint32_t state[SHA256_STATE_WORDS];
uint32_t state[SHA256_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SHA256_BLOCK_SIZE];
uint8_t block[SHA256_BLOCK_SIZE]; int num;
int num; } SHA256_CTX;
} SHA256_CTX;
void sha256_init(SHA256_CTX *ctx);
void sha256_init(SHA256_CTX *ctx); void sha256_update(SHA256_CTX *ctx, const uint8_t* data, size_t datalen);
void sha256_update(SHA256_CTX *ctx, const uint8_t* data, size_t datalen); void sha256_finish(SHA256_CTX *ctx, uint8_t dgst[SHA256_DIGEST_SIZE]);
void sha256_finish(SHA256_CTX *ctx, uint8_t dgst[SHA256_DIGEST_SIZE]); void sha256_digest(const uint8_t *data, size_t datalen,
void sha256_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA256_DIGEST_SIZE]);
uint8_t dgst[SHA256_DIGEST_SIZE]);
#define SHA384_DIGEST_SIZE 48
#define SHA384_DIGEST_SIZE 48 #define SHA384_BLOCK_SIZE 128
#define SHA384_BLOCK_SIZE 128 #define SHA384_STATE_WORDS 8
#define SHA384_STATE_WORDS 8
typedef struct {
typedef struct { uint64_t state[SHA384_STATE_WORDS];
uint64_t state[SHA384_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SHA384_BLOCK_SIZE];
uint8_t block[SHA384_BLOCK_SIZE]; int num;
int num; } SHA384_CTX;
} SHA384_CTX;
void sha384_init(SHA384_CTX *ctx);
void sha384_init(SHA384_CTX *ctx); void sha384_update(SHA384_CTX *ctx, const uint8_t* data, size_t datalen);
void sha384_update(SHA384_CTX *ctx, const uint8_t* data, size_t datalen); void sha384_finish(SHA384_CTX *ctx, uint8_t dgst[SHA384_DIGEST_SIZE]);
void sha384_finish(SHA384_CTX *ctx, uint8_t dgst[SHA384_DIGEST_SIZE]); void sha384_digest(const uint8_t *data, size_t datalen,
void sha384_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA384_DIGEST_SIZE]);
uint8_t dgst[SHA384_DIGEST_SIZE]);
#define SHA512_DIGEST_SIZE 64
#define SHA512_DIGEST_SIZE 64 #define SHA512_BLOCK_SIZE 128
#define SHA512_BLOCK_SIZE 128 #define SHA512_STATE_WORDS 8
#define SHA512_STATE_WORDS 8
typedef struct {
typedef struct { uint64_t state[SHA512_STATE_WORDS];
uint64_t state[SHA512_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SHA512_BLOCK_SIZE];
uint8_t block[SHA512_BLOCK_SIZE]; int num;
int num; } SHA512_CTX;
} SHA512_CTX;
void sha512_init(SHA512_CTX *ctx);
void sha512_init(SHA512_CTX *ctx); void sha512_update(SHA512_CTX *ctx, const uint8_t* data, size_t datalen);
void sha512_update(SHA512_CTX *ctx, const uint8_t* data, size_t datalen); void sha512_finish(SHA512_CTX *ctx, uint8_t dgst[SHA512_DIGEST_SIZE]);
void sha512_finish(SHA512_CTX *ctx, uint8_t dgst[SHA512_DIGEST_SIZE]); void sha512_digest(const uint8_t *data, size_t datalen,
void sha512_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SHA512_DIGEST_SIZE]);
uint8_t dgst[SHA512_DIGEST_SIZE]);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

169
include/gmssl/sha3.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,87 +7,86 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SHA3_H
#ifndef GMSSL_SHA3_H #define GMSSL_SHA3_H
#define GMSSL_SHA3_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <sys/types.h>
#include <sys/types.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
#define SHA3_KECCAK_P_SIZE (1600/8)
#define SHA3_KECCAK_P_SIZE (1600/8)
#define SHA3_224_DIGEST_SIZE (224/8)
#define SHA3_224_DIGEST_SIZE (224/8) #define SHA3_256_DIGEST_SIZE (256/8)
#define SHA3_256_DIGEST_SIZE (256/8) #define SHA3_384_DIGEST_SIZE (384/8)
#define SHA3_384_DIGEST_SIZE (384/8) #define SHA3_512_DIGEST_SIZE (512/8)
#define SHA3_512_DIGEST_SIZE (512/8)
#define SHA3_224_CAPACITY (SHA3_224_DIGEST_SIZE * 2)
#define SHA3_224_CAPACITY (SHA3_224_DIGEST_SIZE * 2) #define SHA3_256_CAPACITY (SHA3_256_DIGEST_SIZE * 2)
#define SHA3_256_CAPACITY (SHA3_256_DIGEST_SIZE * 2) #define SHA3_384_CAPACITY (SHA3_384_DIGEST_SIZE * 2)
#define SHA3_384_CAPACITY (SHA3_384_DIGEST_SIZE * 2) #define SHA3_512_CAPACITY (SHA3_512_DIGEST_SIZE * 2)
#define SHA3_512_CAPACITY (SHA3_512_DIGEST_SIZE * 2)
#define SHA3_224_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 144
#define SHA3_224_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 144 #define SHA3_256_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 136
#define SHA3_256_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 136 #define SHA3_384_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 104
#define SHA3_384_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 104 #define SHA3_512_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 72
#define SHA3_512_BLOCK_SIZE (SHA3_KECCAK_P_SIZE - SHA3_224_CAPACITY) // 72
typedef struct {
typedef struct { uint64_t A[5][5];
uint64_t A[5][5]; uint8_t buf[SHA3_224_BLOCK_SIZE];
uint8_t buf[SHA3_224_BLOCK_SIZE]; int num;
int num; } SHA3_224_CTX;
} SHA3_224_CTX;
void sha3_224_init(SHA3_224_CTX *ctx);
void sha3_224_init(SHA3_224_CTX *ctx); void sha3_224_update(SHA3_224_CTX *ctx, const uint8_t *data, size_t datalen);
void sha3_224_update(SHA3_224_CTX *ctx, const uint8_t *data, size_t datalen); void sha3_224_finish(SHA3_224_CTX *ctx, uint8_t dgst[SHA3_224_DIGEST_SIZE]);
void sha3_224_finish(SHA3_224_CTX *ctx, uint8_t dgst[SHA3_224_DIGEST_SIZE]);
typedef struct {
typedef struct { uint64_t A[5][5];
uint64_t A[5][5]; uint8_t buf[SHA3_256_BLOCK_SIZE];
uint8_t buf[SHA3_256_BLOCK_SIZE]; int num;
int num; } SHA3_256_CTX;
} SHA3_256_CTX;
void sha3_256_init(SHA3_256_CTX *ctx);
void sha3_256_init(SHA3_256_CTX *ctx); void sha3_256_update(SHA3_256_CTX *ctx, const uint8_t *data, size_t datalen);
void sha3_256_update(SHA3_256_CTX *ctx, const uint8_t *data, size_t datalen); void sha3_256_finish(SHA3_256_CTX *ctx, uint8_t dgst[SHA3_256_DIGEST_SIZE]);
void sha3_256_finish(SHA3_256_CTX *ctx, uint8_t dgst[SHA3_256_DIGEST_SIZE]);
typedef struct {
typedef struct { uint64_t A[5][5];
uint64_t A[5][5]; uint8_t buf[SHA3_384_BLOCK_SIZE];
uint8_t buf[SHA3_384_BLOCK_SIZE]; int num;
int num; } SHA3_384_CTX;
} SHA3_384_CTX;
void sha3_384_init(SHA3_384_CTX *ctx);
void sha3_384_init(SHA3_384_CTX *ctx); void sha3_384_update(SHA3_384_CTX *ctx, const uint8_t *data, size_t datalen);
void sha3_384_update(SHA3_384_CTX *ctx, const uint8_t *data, size_t datalen); void sha3_384_finish(SHA3_384_CTX *ctx, uint8_t dgst[SHA3_384_DIGEST_SIZE]);
void sha3_384_finish(SHA3_384_CTX *ctx, uint8_t dgst[SHA3_384_DIGEST_SIZE]);
typedef struct {
typedef struct { uint64_t A[5][5];
uint64_t A[5][5]; uint8_t buf[SHA3_512_BLOCK_SIZE];
uint8_t buf[SHA3_512_BLOCK_SIZE]; int num;
int num; } SHA3_512_CTX;
} SHA3_512_CTX;
void sha3_512_init(SHA3_512_CTX *ctx);
void sha3_512_init(SHA3_512_CTX *ctx); void sha3_512_update(SHA3_512_CTX *ctx, const uint8_t *data, size_t datalen);
void sha3_512_update(SHA3_512_CTX *ctx, const uint8_t *data, size_t datalen); void sha3_512_finish(SHA3_512_CTX *ctx, uint8_t dgst[SHA3_512_DIGEST_SIZE]);
void sha3_512_finish(SHA3_512_CTX *ctx, uint8_t dgst[SHA3_512_DIGEST_SIZE]);
void sha3_shake128(const uint8_t *in, size_t *inlen, size_t outlen, uint8_t *out);
void sha3_shake128(const uint8_t *in, size_t *inlen, size_t outlen, uint8_t *out); void sha3_shake256(const uint8_t *in, size_t *inlen, size_t outlen, uint8_t *out);
void sha3_shake256(const uint8_t *in, size_t *inlen, size_t outlen, uint8_t *out); void sha3_keccak_p(uint8_t state[SHA3_KECCAK_P_SIZE]);
void sha3_keccak_p(uint8_t state[SHA3_KECCAK_P_SIZE]);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

217
include/gmssl/skf.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,111 +7,110 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SKF_H
#ifndef GMSSL_SKF_H #define GMSSL_SKF_H
#define GMSSL_SKF_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* SKF Public API
SKF Public API
skf_load_library
skf_load_library skf_unload_library
skf_unload_library skf_list_devices
skf_list_devices skf_print_device_info
skf_print_device_info
SKF_DEVICE
SKF_DEVICE skf_open_device
skf_open_device skf_close_deivce
skf_close_deivce skf_set_label
skf_set_label skf_change_authkey
skf_change_authkey skf_list_apps
skf_list_apps skf_create_app
skf_create_app skf_delete_app
skf_delete_app skf_change_app_admin_pin
skf_change_app_admin_pin skf_change_app_user_pin
skf_change_app_user_pin skf_unblock_user_pin
skf_unblock_user_pin skf_list_objects
skf_list_objects skf_import_object
skf_import_object skf_export_object
skf_export_object skf_delete_object
skf_delete_object skf_list_containers
skf_list_containers skf_create_container
skf_create_container skf_delete_container
skf_delete_container skf_import_sign_cert
skf_import_sign_cert skf_export_sign_cert
skf_export_sign_cert skf_rand_bytes
skf_rand_bytes skf_load_sign_key
skf_load_sign_key
SKF_KEY
SKF_KEY skf_sign
skf_sign skf_release_key
skf_release_key */
*/
typedef struct {
typedef struct { void *handle;
void *handle; char manufacturer[65];
char manufacturer[65]; char issuer[65];
char issuer[65]; char label[33];
char label[33]; char serial[33];
char serial[33]; uint8_t hardware_version[2];
uint8_t hardware_version[2]; uint8_t firmware_version[2];
uint8_t firmware_version[2]; } SKF_DEVICE;
} SKF_DEVICE;
typedef struct {
typedef struct { SM2_KEY public_key;
SM2_KEY public_key; void *app_handle;
void *app_handle; char app_name[65];
char app_name[65]; void *container_handle;
void *container_handle; char container_name[65];
char container_name[65]; } SKF_KEY;
} SKF_KEY;
int skf_load_library(const char *so_path, const char *vendor);
int skf_load_library(const char *so_path, const char *vendor); void skf_unload_library(void);
void skf_unload_library(void);
int skf_list_devices(FILE *fp, int fmt, int ind, const char *label);
int skf_list_devices(FILE *fp, int fmt, int ind, const char *label); int skf_print_device_info(FILE *fp, int fmt, int ind, const char *devname);
int skf_print_device_info(FILE *fp, int fmt, int ind, const char *devname); int skf_open_device(SKF_DEVICE *dev, const char *devname, const uint8_t authkey[16]);
int skf_open_device(SKF_DEVICE *dev, const char *devname, const uint8_t authkey[16]); int skf_set_label(SKF_DEVICE *dev, const char *label);
int skf_set_label(SKF_DEVICE *dev, const char *label); int skf_change_authkey(SKF_DEVICE *dev, const uint8_t authkey[16]);
int skf_change_authkey(SKF_DEVICE *dev, const uint8_t authkey[16]); int skf_close_device(SKF_DEVICE *dev);
int skf_close_device(SKF_DEVICE *dev);
int skf_list_apps(SKF_DEVICE *dev, int fmt, int ind, const char *label, FILE *fp);
int skf_list_apps(SKF_DEVICE *dev, int fmt, int ind, const char *label, FILE *fp); int skf_create_app(SKF_DEVICE *dev, const char *appname, const char *admin_pin, const char *user_pin);
int skf_create_app(SKF_DEVICE *dev, const char *appname, const char *admin_pin, const char *user_pin); int skf_delete_app(SKF_DEVICE *dev, const char *appname);
int skf_delete_app(SKF_DEVICE *dev, const char *appname); int skf_change_app_admin_pin(SKF_DEVICE *dev, const char *appname, const char *oid_pin, const char *new_pin);
int skf_change_app_admin_pin(SKF_DEVICE *dev, const char *appname, const char *oid_pin, const char *new_pin); int skf_change_app_user_pin(SKF_DEVICE *dev, const char *appname, const char *oid_pin, const char *new_pin);
int skf_change_app_user_pin(SKF_DEVICE *dev, const char *appname, const char *oid_pin, const char *new_pin); int skf_unblock_user_pin(SKF_DEVICE *dev, const char *appname, const char *admin_pin, const char *new_user_pin);
int skf_unblock_user_pin(SKF_DEVICE *dev, const char *appname, const char *admin_pin, const char *new_user_pin);
int skf_list_objects(FILE *fp, int fmt, int ind, const char *label, SKF_DEVICE *dev, const char *appname, const char *pin);
int skf_list_objects(FILE *fp, int fmt, int ind, const char *label, SKF_DEVICE *dev, const char *appname, const char *pin); int skf_import_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname, const uint8_t *data, size_t datalen);
int skf_import_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname, const uint8_t *data, size_t datalen); int skf_export_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname, uint8_t *out, size_t *outlen);
int skf_export_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname, uint8_t *out, size_t *outlen); int skf_delete_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname);
int skf_delete_object(SKF_DEVICE *dev, const char *appname, const char *pin, const char *objname);
int skf_list_containers(FILE *fp, int fmt, int ind, const char *label, SKF_DEVICE *dev, const char *appname, const char *pin);
int skf_list_containers(FILE *fp, int fmt, int ind, const char *label, SKF_DEVICE *dev, const char *appname, const char *pin); int skf_create_container(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name);
int skf_create_container(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name); int skf_delete_container(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name);
int skf_delete_container(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name); int skf_import_sign_cert(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, const uint8_t *cert, size_t certlen);
int skf_import_sign_cert(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, const uint8_t *cert, size_t certlen); int skf_export_sign_cert(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, uint8_t *cert, size_t *certlen);
int skf_export_sign_cert(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, uint8_t *cert, size_t *certlen);
int skf_rand_bytes(SKF_DEVICE *dev, uint8_t *buf, size_t len);
int skf_rand_bytes(SKF_DEVICE *dev, uint8_t *buf, size_t len); int skf_load_sign_key(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, SKF_KEY *key);
int skf_load_sign_key(SKF_DEVICE *dev, const char *appname, const char *pin, const char *container_name, SKF_KEY *key); int skf_sign(SKF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen);
int skf_sign(SKF_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen); int skf_release_key(SKF_KEY *key);
int skf_release_key(SKF_KEY *key);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

733
include/gmssl/sm2.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,369 +7,368 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SM2_H
#ifndef GMSSL_SM2_H #define GMSSL_SM2_H
#define GMSSL_SM2_H
#include <stdio.h>
#include <stdio.h> #include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm3.h>
#include <gmssl/sm3.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* SM2 Public API
SM2 Public API
SM2_DEFAULT_ID
SM2_DEFAULT_ID SM2_MAX_ID_LENGTH
SM2_MAX_ID_LENGTH SM2_MAX_SIGNATURE_SIZE
SM2_MAX_SIGNATURE_SIZE SM2_MAX_PLAINTEXT_SIZE
SM2_MAX_PLAINTEXT_SIZE SM2_MAX_CIPHERTEXT_SIZE
SM2_MAX_CIPHERTEXT_SIZE
SM2_KEY
SM2_KEY sm2_key_generate
sm2_key_generate sm2_private_key_info_encrypt_to_der
sm2_private_key_info_encrypt_to_der sm2_private_key_info_decrypt_from_der
sm2_private_key_info_decrypt_from_der sm2_private_key_info_encrypt_to_pem
sm2_private_key_info_encrypt_to_pem sm2_private_key_info_decrypt_from_pem
sm2_private_key_info_decrypt_from_pem sm2_public_key_info_to_der
sm2_public_key_info_to_der sm2_public_key_info_from_der
sm2_public_key_info_from_der sm2_public_key_info_to_pem
sm2_public_key_info_to_pem sm2_public_key_info_from_pem
sm2_public_key_info_from_pem
sm2_sign
sm2_sign sm2_verify
sm2_verify sm2_encrypt
sm2_encrypt sm2_decrypt
sm2_decrypt sm2_ecdh
sm2_ecdh
SM2_SIGN_CTX
SM2_SIGN_CTX sm2_sign_init
sm2_sign_init sm2_sign_update
sm2_sign_update sm2_sign_finish
sm2_sign_finish sm2_verify_init
sm2_verify_init sm2_verify_update
sm2_verify_update sm2_verify_finish
sm2_verify_finish */
*/
typedef uint64_t SM2_BN[8];
typedef uint64_t SM2_BN[8];
int sm2_bn_is_zero(const SM2_BN a);
int sm2_bn_is_zero(const SM2_BN a); int sm2_bn_is_one(const SM2_BN a);
int sm2_bn_is_one(const SM2_BN a); int sm2_bn_is_odd(const SM2_BN a);
int sm2_bn_is_odd(const SM2_BN a); int sm2_bn_cmp(const SM2_BN a, const SM2_BN b);
int sm2_bn_cmp(const SM2_BN a, const SM2_BN b); int sm2_bn_from_hex(SM2_BN r, const char hex[64]);
int sm2_bn_from_hex(SM2_BN r, const char hex[64]); int sm2_bn_from_asn1_integer(SM2_BN r, const uint8_t *d, size_t dlen);
int sm2_bn_from_asn1_integer(SM2_BN r, const uint8_t *d, size_t dlen); int sm2_bn_equ_hex(const SM2_BN a, const char *hex);
int sm2_bn_equ_hex(const SM2_BN a, const char *hex); int sm2_bn_print(FILE *fp, int fmt, int ind, const char *label, const SM2_BN a);
int sm2_bn_print(FILE *fp, int fmt, int ind, const char *label, const SM2_BN a);
void sm2_bn_to_bytes(const SM2_BN a, uint8_t out[32]);
void sm2_bn_to_bytes(const SM2_BN a, uint8_t out[32]); void sm2_bn_from_bytes(SM2_BN r, const uint8_t in[32]);
void sm2_bn_from_bytes(SM2_BN r, const uint8_t in[32]); void sm2_bn_to_hex(const SM2_BN a, char hex[64]);
void sm2_bn_to_hex(const SM2_BN a, char hex[64]); void sm2_bn_to_bits(const SM2_BN a, char bits[256]);
void sm2_bn_to_bits(const SM2_BN a, char bits[256]); void sm2_bn_set_word(SM2_BN r, uint32_t a);
void sm2_bn_set_word(SM2_BN r, uint32_t a); void sm2_bn_add(SM2_BN r, const SM2_BN a, const SM2_BN b);
void sm2_bn_add(SM2_BN r, const SM2_BN a, const SM2_BN b); void sm2_bn_sub(SM2_BN ret, const SM2_BN a, const SM2_BN b);
void sm2_bn_sub(SM2_BN ret, const SM2_BN a, const SM2_BN b); void sm2_bn_rand_range(SM2_BN r, const SM2_BN range); // 这个函数需要修改一下,从外部引入随机数
void sm2_bn_rand_range(SM2_BN r, const SM2_BN range); // 这个函数需要修改一下,从外部引入随机数
#define sm2_bn_init(r) memset((r),0,sizeof(SM2_BN))
#define sm2_bn_init(r) memset((r),0,sizeof(SM2_BN)) #define sm2_bn_set_zero(r) memset((r),0,sizeof(SM2_BN))
#define sm2_bn_set_zero(r) memset((r),0,sizeof(SM2_BN)) #define sm2_bn_set_one(r) sm2_bn_set_word((r),1)
#define sm2_bn_set_one(r) sm2_bn_set_word((r),1) #define sm2_bn_copy(r,a) memcpy((r),(a),sizeof(SM2_BN))
#define sm2_bn_copy(r,a) memcpy((r),(a),sizeof(SM2_BN)) #define sm2_bn_clean(r) memset((r),0,sizeof(SM2_BN))
#define sm2_bn_clean(r) memset((r),0,sizeof(SM2_BN))
// GF(p)
// GF(p) typedef SM2_BN SM2_Fp;
typedef SM2_BN SM2_Fp;
void sm2_fp_add(SM2_Fp r, const SM2_Fp a, const SM2_Fp b);
void sm2_fp_add(SM2_Fp r, const SM2_Fp a, const SM2_Fp b); void sm2_fp_sub(SM2_Fp r, const SM2_Fp a, const SM2_Fp b);
void sm2_fp_sub(SM2_Fp r, const SM2_Fp a, const SM2_Fp b); void sm2_fp_mul(SM2_Fp r, const SM2_Fp a, const SM2_Fp b);
void sm2_fp_mul(SM2_Fp r, const SM2_Fp a, const SM2_Fp b); void sm2_fp_exp(SM2_Fp r, const SM2_Fp a, const SM2_Fp e);
void sm2_fp_exp(SM2_Fp r, const SM2_Fp a, const SM2_Fp e); void sm2_fp_dbl(SM2_Fp r, const SM2_Fp a);
void sm2_fp_dbl(SM2_Fp r, const SM2_Fp a); void sm2_fp_tri(SM2_Fp r, const SM2_Fp a);
void sm2_fp_tri(SM2_Fp r, const SM2_Fp a); void sm2_fp_div2(SM2_Fp r, const SM2_Fp a);
void sm2_fp_div2(SM2_Fp r, const SM2_Fp a); void sm2_fp_neg(SM2_Fp r, const SM2_Fp a);
void sm2_fp_neg(SM2_Fp r, const SM2_Fp a); void sm2_fp_sqr(SM2_Fp r, const SM2_Fp a);
void sm2_fp_sqr(SM2_Fp r, const SM2_Fp a); void sm2_fp_inv(SM2_Fp r, const SM2_Fp a);
void sm2_fp_inv(SM2_Fp r, const SM2_Fp a); void sm2_fp_rand(SM2_Fp r); // 外部提供随机性,如果满足条件就输出,如果不满足条件就哈希一下再输出
void sm2_fp_rand(SM2_Fp r); // 外部提供随机性,如果满足条件就输出,如果不满足条件就哈希一下再输出
#define sm2_fp_init(r) sm2_bn_init(r)
#define sm2_fp_init(r) sm2_bn_init(r) #define sm2_fp_set_zero(r) sm2_bn_set_zero(r)
#define sm2_fp_set_zero(r) sm2_bn_set_zero(r) #define sm2_fp_set_one(r) sm2_bn_set_one(r)
#define sm2_fp_set_one(r) sm2_bn_set_one(r) #define sm2_fp_copy(r,a) sm2_bn_copy(r,a)
#define sm2_fp_copy(r,a) sm2_bn_copy(r,a) #define sm2_fp_clean(r) sm2_bn_clean(r)
#define sm2_fp_clean(r) sm2_bn_clean(r)
// GF(n)
// GF(n) typedef SM2_BN SM2_Fn;
typedef SM2_BN SM2_Fn;
void sm2_fn_add(SM2_Fn r, const SM2_Fn a, const SM2_Fn b);
void sm2_fn_add(SM2_Fn r, const SM2_Fn a, const SM2_Fn b); void sm2_fn_sub(SM2_Fn r, const SM2_Fn a, const SM2_Fn b);
void sm2_fn_sub(SM2_Fn r, const SM2_Fn a, const SM2_Fn b); void sm2_fn_mul(SM2_Fn r, const SM2_Fn a, const SM2_Fn b);
void sm2_fn_mul(SM2_Fn r, const SM2_Fn a, const SM2_Fn b); void sm2_fn_exp(SM2_Fn r, const SM2_Fn a, const SM2_Fn e);
void sm2_fn_exp(SM2_Fn r, const SM2_Fn a, const SM2_Fn e); void sm2_fn_neg(SM2_Fn r, const SM2_Fn a);
void sm2_fn_neg(SM2_Fn r, const SM2_Fn a); void sm2_fn_sqr(SM2_Fn r, const SM2_Fn a);
void sm2_fn_sqr(SM2_Fn r, const SM2_Fn a); void sm2_fn_inv(SM2_Fn r, const SM2_Fn a);
void sm2_fn_inv(SM2_Fn r, const SM2_Fn a); void sm2_fn_rand(SM2_Fn r);
void sm2_fn_rand(SM2_Fn r);
#define sm2_fn_init(r) sm2_bn_init(r)
#define sm2_fn_init(r) sm2_bn_init(r) #define sm2_fn_set_zero(r) sm2_bn_set_zero(r)
#define sm2_fn_set_zero(r) sm2_bn_set_zero(r) #define sm2_fn_set_one(r) sm2_bn_set_one(r)
#define sm2_fn_set_one(r) sm2_bn_set_one(r) #define sm2_fn_copy(r,a) sm2_bn_copy(r,a)
#define sm2_fn_copy(r,a) sm2_bn_copy(r,a) #define sm2_fn_clean(r) sm2_bn_clean(r)
#define sm2_fn_clean(r) sm2_bn_clean(r)
typedef struct {
typedef struct { SM2_BN X;
SM2_BN X; SM2_BN Y;
SM2_BN Y; SM2_BN Z;
SM2_BN Z; } SM2_JACOBIAN_POINT;
} SM2_JACOBIAN_POINT;
void sm2_jacobian_point_init(SM2_JACOBIAN_POINT *R);
void sm2_jacobian_point_init(SM2_JACOBIAN_POINT *R); void sm2_jacobian_point_set_xy(SM2_JACOBIAN_POINT *R, const SM2_BN x, const SM2_BN y); // 应该返回错误
void sm2_jacobian_point_set_xy(SM2_JACOBIAN_POINT *R, const SM2_BN x, const SM2_BN y); // 应该返回错误 void sm2_jacobian_point_get_xy(const SM2_JACOBIAN_POINT *P, SM2_BN x, SM2_BN y);
void sm2_jacobian_point_get_xy(const SM2_JACOBIAN_POINT *P, SM2_BN x, SM2_BN y); void sm2_jacobian_point_neg(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P);
void sm2_jacobian_point_neg(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P); void sm2_jacobian_point_dbl(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P);
void sm2_jacobian_point_dbl(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P); void sm2_jacobian_point_add(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P, const SM2_JACOBIAN_POINT *Q);
void sm2_jacobian_point_add(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P, const SM2_JACOBIAN_POINT *Q); void sm2_jacobian_point_sub(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P, const SM2_JACOBIAN_POINT *Q);
void sm2_jacobian_point_sub(SM2_JACOBIAN_POINT *R, const SM2_JACOBIAN_POINT *P, const SM2_JACOBIAN_POINT *Q); void sm2_jacobian_point_mul(SM2_JACOBIAN_POINT *R, const SM2_BN k, const SM2_JACOBIAN_POINT *P);
void sm2_jacobian_point_mul(SM2_JACOBIAN_POINT *R, const SM2_BN k, const SM2_JACOBIAN_POINT *P); void sm2_jacobian_point_to_bytes(const SM2_JACOBIAN_POINT *P, uint8_t out[64]);
void sm2_jacobian_point_to_bytes(const SM2_JACOBIAN_POINT *P, uint8_t out[64]); void sm2_jacobian_point_from_bytes(SM2_JACOBIAN_POINT *P, const uint8_t in[64]);
void sm2_jacobian_point_from_bytes(SM2_JACOBIAN_POINT *P, const uint8_t in[64]); void sm2_jacobian_point_mul_generator(SM2_JACOBIAN_POINT *R, const SM2_BN k);
void sm2_jacobian_point_mul_generator(SM2_JACOBIAN_POINT *R, const SM2_BN k); void sm2_jacobian_point_mul_sum(SM2_JACOBIAN_POINT *R, const SM2_BN t, const SM2_JACOBIAN_POINT *P, const SM2_BN s); // 应该返回错误
void sm2_jacobian_point_mul_sum(SM2_JACOBIAN_POINT *R, const SM2_BN t, const SM2_JACOBIAN_POINT *P, const SM2_BN s); // 应该返回错误 void sm2_jacobian_point_from_hex(SM2_JACOBIAN_POINT *P, const char hex[64 * 2]); // 应该返回错误
void sm2_jacobian_point_from_hex(SM2_JACOBIAN_POINT *P, const char hex[64 * 2]); // 应该返回错误
int sm2_jacobian_point_is_at_infinity(const SM2_JACOBIAN_POINT *P);
int sm2_jacobian_point_is_at_infinity(const SM2_JACOBIAN_POINT *P); int sm2_jacobian_point_is_on_curve(const SM2_JACOBIAN_POINT *P);
int sm2_jacobian_point_is_on_curve(const SM2_JACOBIAN_POINT *P); int sm2_jacobian_point_equ_hex(const SM2_JACOBIAN_POINT *P, const char hex[128]);
int sm2_jacobian_point_equ_hex(const SM2_JACOBIAN_POINT *P, const char hex[128]); int sm2_jacobian_point_print(FILE *fp, int fmt, int ind, const char *label, const SM2_JACOBIAN_POINT *P);
int sm2_jacobian_point_print(FILE *fp, int fmt, int ind, const char *label, const SM2_JACOBIAN_POINT *P);
#define sm2_jacobian_point_set_infinity(R) sm2_jacobian_point_init(R)
#define sm2_jacobian_point_set_infinity(R) sm2_jacobian_point_init(R) #define sm2_jacobian_point_copy(R, P) memcpy((R), (P), sizeof(SM2_JACOBIAN_POINT))
#define sm2_jacobian_point_copy(R, P) memcpy((R), (P), sizeof(SM2_JACOBIAN_POINT))
/*
/* SM2 Public API
SM2 Public API
SM2接口有两个层次基本的和ASN.1/PKI的
SM2接口有两个层次基本的和ASN.1/PKI的 基本的接口不依赖ASN.1编码,可以直接将结构体的内存输出(endian一致即可)
基本的接口不依赖ASN.1编码,可以直接将结构体的内存输出(endian一致即可) 基本的接口也不进行输入的格式检查,调用方应保证输入不为空
基本的接口也不进行输入的格式检查,调用方应保证输入不为空 */
*/
// 这里应该用#define 给出常量的值
// 这里应该用#define 给出常量的值 extern const SM2_BN SM2_P;
extern const SM2_BN SM2_P; //extern const SM2_BN SM2_A;
//extern const SM2_BN SM2_A; extern const SM2_BN SM2_B;
extern const SM2_BN SM2_B; extern const SM2_BN SM2_N;
extern const SM2_BN SM2_N; extern const SM2_BN SM2_ONE;
extern const SM2_BN SM2_ONE; extern const SM2_BN SM2_TWO;
extern const SM2_BN SM2_TWO; extern const SM2_BN SM2_THREE;
extern const SM2_BN SM2_THREE; extern const SM2_BN SM2_U_PLUS_ONE;
extern const SM2_BN SM2_U_PLUS_ONE; extern const SM2_JACOBIAN_POINT *SM2_G; // 应该同时给出Affine的
extern const SM2_JACOBIAN_POINT *SM2_G; // 应该同时给出Affine的
typedef struct {
typedef struct { uint8_t x[32];
uint8_t x[32]; uint8_t y[32];
uint8_t y[32]; } SM2_POINT;
} SM2_POINT;
void sm2_point_to_compressed_octets(const SM2_POINT *P, uint8_t out[33]);
void sm2_point_to_compressed_octets(const SM2_POINT *P, uint8_t out[33]); void sm2_point_to_uncompressed_octets(const SM2_POINT *P, uint8_t out[65]);
void sm2_point_to_uncompressed_octets(const SM2_POINT *P, uint8_t out[65]); int sm2_point_from_octets(SM2_POINT *P, const uint8_t *in, size_t inlen);
int sm2_point_from_octets(SM2_POINT *P, const uint8_t *in, size_t inlen);
int sm2_point_from_x(SM2_POINT *P, const uint8_t x[32], int y);
int sm2_point_from_x(SM2_POINT *P, const uint8_t x[32], int y); int sm2_point_from_xy(SM2_POINT *P, const uint8_t x[32], const uint8_t y[32]);
int sm2_point_from_xy(SM2_POINT *P, const uint8_t x[32], const uint8_t y[32]); int sm2_point_is_on_curve(const SM2_POINT *P);
int sm2_point_is_on_curve(const SM2_POINT *P); int sm2_point_mul(SM2_POINT *R, const uint8_t k[32], const SM2_POINT *P);
int sm2_point_mul(SM2_POINT *R, const uint8_t k[32], const SM2_POINT *P); int sm2_point_mul_generator(SM2_POINT *R, const uint8_t k[32]);
int sm2_point_mul_generator(SM2_POINT *R, const uint8_t k[32]); int sm2_point_mul_sum(SM2_POINT *R, const uint8_t k[32], const SM2_POINT *P, const uint8_t s[32]); // R = k * P + s * G
int sm2_point_mul_sum(SM2_POINT *R, const uint8_t k[32], const SM2_POINT *P, const uint8_t s[32]); // R = k * P + s * G
/*
/* RFC 5480 Elliptic Curve Cryptography Subject Public Key Information
RFC 5480 Elliptic Curve Cryptography Subject Public Key Information ECPoint ::= OCTET STRING
ECPoint ::= OCTET STRING */
*/ #define SM2_POINT_MAX_SIZE (2 + 65)
#define SM2_POINT_MAX_SIZE (2 + 65) int sm2_point_to_der(const SM2_POINT *P, uint8_t **out, size_t *outlen);
int sm2_point_to_der(const SM2_POINT *P, uint8_t **out, size_t *outlen); int sm2_point_from_der(SM2_POINT *P, const uint8_t **in, size_t *inlen);
int sm2_point_from_der(SM2_POINT *P, const uint8_t **in, size_t *inlen); int sm2_point_print(FILE *fp, int fmt, int ind, const char *label, const SM2_POINT *P);
int sm2_point_print(FILE *fp, int fmt, int ind, const char *label, const SM2_POINT *P);
typedef struct {
typedef struct { SM2_POINT public_key;
SM2_POINT public_key; uint8_t private_key[32];
uint8_t private_key[32]; } SM2_KEY;
} SM2_KEY;
int sm2_key_generate(SM2_KEY *key);
int sm2_key_generate(SM2_KEY *key); int sm2_key_set_private_key(SM2_KEY *key, const uint8_t private_key[32]); // 自动生成公钥
int sm2_key_set_private_key(SM2_KEY *key, const uint8_t private_key[32]); // 自动生成公钥 int sm2_key_set_public_key(SM2_KEY *key, const SM2_POINT *public_key); // 自动清空私钥不要和set_private_key同时用
int sm2_key_set_public_key(SM2_KEY *key, const SM2_POINT *public_key); // 自动清空私钥不要和set_private_key同时用 int sm2_key_print(FILE *fp, int fmt, int ind, const char *label, const SM2_KEY *key);
int sm2_key_print(FILE *fp, int fmt, int ind, const char *label, const SM2_KEY *key);
int sm2_public_key_equ(const SM2_KEY *sm2_key, const SM2_KEY *pub_key);
int sm2_public_key_equ(const SM2_KEY *sm2_key, const SM2_KEY *pub_key); //int sm2_public_key_copy(SM2_KEY *sm2_key, const SM2_KEY *pub_key); // 这个函数的逻辑不清楚
//int sm2_public_key_copy(SM2_KEY *sm2_key, const SM2_KEY *pub_key); // 这个函数的逻辑不清楚 int sm2_public_key_digest(const SM2_KEY *key, uint8_t dgst[32]);
int sm2_public_key_digest(const SM2_KEY *key, uint8_t dgst[32]); int sm2_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM2_KEY *pub_key); // 和private_key_print参数不一致
int sm2_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM2_KEY *pub_key); // 和private_key_print参数不一致
/*
/* from RFC 5915
from RFC 5915
ECPrivateKey ::= SEQUENCE {
ECPrivateKey ::= SEQUENCE { version INTEGER, -- value MUST be (1)
version INTEGER, -- value MUST be (1) privateKey OCTET STRING, -- big endian encoding of integer 这里不是以INTEGER编码的因此长度固定
privateKey OCTET STRING, -- big endian encoding of integer 这里不是以INTEGER编码的因此长度固定 parameters [0] EXPLICIT ECParameters OPTIONAL,
parameters [0] EXPLICIT ECParameters OPTIONAL, -- ONLY namedCurve OID is permitted, by RFC 5480
-- ONLY namedCurve OID is permitted, by RFC 5480 -- MUST always include this field, by RFC 5915
-- MUST always include this field, by RFC 5915 publicKey [1] EXPLICIT BIT STRING OPTIONAL -- compressed_point
publicKey [1] EXPLICIT BIT STRING OPTIONAL -- compressed_point -- SHOULD always include this field, by RFC 5915 }
-- SHOULD always include this field, by RFC 5915 }
ECParameters ::= CHOICE { namedCurve OBJECT IDENTIFIER }
ECParameters ::= CHOICE { namedCurve OBJECT IDENTIFIER } */
*/ #define SM2_PRIVATE_KEY_DEFAULT_SIZE 120 // generated
#define SM2_PRIVATE_KEY_DEFAULT_SIZE 120 // generated #define SM2_PRIVATE_KEY_BUF_SIZE 512 // MUST >= SM2_PRIVATE_KEY_DEFAULT_SIZE
#define SM2_PRIVATE_KEY_BUF_SIZE 512 // MUST >= SM2_PRIVATE_KEY_DEFAULT_SIZE
int sm2_private_key_to_der(const SM2_KEY *key, uint8_t **out, size_t *outlen);
int sm2_private_key_to_der(const SM2_KEY *key, uint8_t **out, size_t *outlen); int sm2_private_key_from_der(SM2_KEY *key, const uint8_t **in, size_t *inlen);
int sm2_private_key_from_der(SM2_KEY *key, const uint8_t **in, size_t *inlen); int sm2_private_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int sm2_private_key_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); //int sm2_private_key_to_pem(const SM2_KEY *key, FILE *fp);
//int sm2_private_key_to_pem(const SM2_KEY *key, FILE *fp); //int sm2_private_key_from_pem(SM2_KEY *key, FILE *fp);
//int sm2_private_key_from_pem(SM2_KEY *key, FILE *fp);
/*
/* AlgorithmIdentifier ::= {
AlgorithmIdentifier ::= { algorithm OBJECT IDENTIFIER { id-ecPublicKey },
algorithm OBJECT IDENTIFIER { id-ecPublicKey }, parameters OBJECT IDENTIFIER { id-sm2 } }
parameters OBJECT IDENTIFIER { id-sm2 } } */
*/ int sm2_public_key_algor_to_der(uint8_t **out, size_t *outlen);
int sm2_public_key_algor_to_der(uint8_t **out, size_t *outlen); int sm2_public_key_algor_from_der(const uint8_t **in, size_t *inlen);
int sm2_public_key_algor_from_der(const uint8_t **in, size_t *inlen);
/*
/* X.509 SubjectPublicKeyInfo from RFC 5280
X.509 SubjectPublicKeyInfo from RFC 5280
SubjectPublicKeyInfo ::= SEQUENCE {
SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier,
algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING -- uncompressed octets of ECPoint }
subjectPublicKey BIT STRING -- uncompressed octets of ECPoint } */
*/ int sm2_public_key_info_to_der(const SM2_KEY *a, uint8_t **out, size_t *outlen);
int sm2_public_key_info_to_der(const SM2_KEY *a, uint8_t **out, size_t *outlen); int sm2_public_key_info_from_der(SM2_KEY *a, const uint8_t **in, size_t *inlen);
int sm2_public_key_info_from_der(SM2_KEY *a, const uint8_t **in, size_t *inlen); int sm2_public_key_info_to_pem(const SM2_KEY *a, FILE *fp);
int sm2_public_key_info_to_pem(const SM2_KEY *a, FILE *fp); int sm2_public_key_info_from_pem(SM2_KEY *a, FILE *fp);
int sm2_public_key_info_from_pem(SM2_KEY *a, FILE *fp);
/*
/* PKCS #8 PrivateKeyInfo from RFC 5208
PKCS #8 PrivateKeyInfo from RFC 5208
PrivateKeyInfo ::= SEQUENCE {
PrivateKeyInfo ::= SEQUENCE { version Version { v1(0) },
version Version { v1(0) }, privateKeyAlgorithm AlgorithmIdentifier,
privateKeyAlgorithm AlgorithmIdentifier, privateKey OCTET STRING, -- DER-encoding of ECPrivateKey
privateKey OCTET STRING, -- DER-encoding of ECPrivateKey attributes [0] IMPLICIT SET OF Attribute OPTIONAL }
attributes [0] IMPLICIT SET OF Attribute OPTIONAL } */
*/ enum {
enum { PKCS8_private_key_info_version = 0,
PKCS8_private_key_info_version = 0, };
};
int sm2_private_key_info_to_der(const SM2_KEY *key, uint8_t **out, size_t *outlen);
int sm2_private_key_info_to_der(const SM2_KEY *key, uint8_t **out, size_t *outlen); int sm2_private_key_info_from_der(SM2_KEY *key, const uint8_t **attrs, size_t *attrslen, const uint8_t **in, size_t *inlen);
int sm2_private_key_info_from_der(SM2_KEY *key, const uint8_t **attrs, size_t *attrslen, const uint8_t **in, size_t *inlen); int sm2_private_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int sm2_private_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); //int sm2_private_key_info_to_pem(const SM2_KEY *key, FILE *fp);
//int sm2_private_key_info_to_pem(const SM2_KEY *key, FILE *fp); //int sm2_private_key_info_from_pem(SM2_KEY *key, const uint8_t **attrs, size_t *attrslen, FILE *fp);
//int sm2_private_key_info_from_pem(SM2_KEY *key, const uint8_t **attrs, size_t *attrslen, FILE *fp);
/*
/* EncryptedPrivateKeyInfo ::= SEQUENCE {
EncryptedPrivateKeyInfo ::= SEQUENCE { encryptionAlgorithm EncryptionAlgorithmIdentifier, -- id-PBES2
encryptionAlgorithm EncryptionAlgorithmIdentifier, -- id-PBES2 encryptedData OCTET STRING }
encryptedData OCTET STRING } */
*/ int sm2_private_key_info_encrypt_to_der(const SM2_KEY *key,
int sm2_private_key_info_encrypt_to_der(const SM2_KEY *key, const char *pass, uint8_t **out, size_t *outlen);
const char *pass, uint8_t **out, size_t *outlen); int sm2_private_key_info_decrypt_from_der(SM2_KEY *key, const uint8_t **attrs, size_t *attrs_len,
int sm2_private_key_info_decrypt_from_der(SM2_KEY *key, const uint8_t **attrs, size_t *attrs_len, const char *pass, const uint8_t **in, size_t *inlen);
const char *pass, const uint8_t **in, size_t *inlen); int sm2_private_key_info_encrypt_to_pem(const SM2_KEY *key, const char *pass, FILE *fp);
int sm2_private_key_info_encrypt_to_pem(const SM2_KEY *key, const char *pass, FILE *fp); int sm2_private_key_info_decrypt_from_pem(SM2_KEY *key, const char *pass, FILE *fp);
int sm2_private_key_info_decrypt_from_pem(SM2_KEY *key, const char *pass, FILE *fp);
typedef struct {
typedef struct { uint8_t r[32];
uint8_t r[32]; uint8_t s[32];
uint8_t s[32]; } SM2_SIGNATURE;
} SM2_SIGNATURE;
int sm2_do_sign_ex(const SM2_KEY *key, int flags, const uint8_t dgst[32], SM2_SIGNATURE *sig);
int sm2_do_sign_ex(const SM2_KEY *key, int flags, const uint8_t dgst[32], SM2_SIGNATURE *sig); int sm2_do_sign(const SM2_KEY *key, const uint8_t dgst[32], SM2_SIGNATURE *sig);
int sm2_do_sign(const SM2_KEY *key, const uint8_t dgst[32], SM2_SIGNATURE *sig); int sm2_do_verify(const SM2_KEY *key, const uint8_t dgst[32], const SM2_SIGNATURE *sig);
int sm2_do_verify(const SM2_KEY *key, const uint8_t dgst[32], const SM2_SIGNATURE *sig);
#define SM2_MIN_SIGNATURE_SIZE 8
#define SM2_MIN_SIGNATURE_SIZE 8 #define SM2_MAX_SIGNATURE_SIZE 72
#define SM2_MAX_SIGNATURE_SIZE 72 int sm2_signature_to_der(const SM2_SIGNATURE *sig, uint8_t **out, size_t *outlen);
int sm2_signature_to_der(const SM2_SIGNATURE *sig, uint8_t **out, size_t *outlen); int sm2_signature_from_der(SM2_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
int sm2_signature_from_der(SM2_SIGNATURE *sig, const uint8_t **in, size_t *inlen); int sm2_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
int sm2_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen); int sm2_sign_ex(const SM2_KEY *key, int flags, const uint8_t dgst[32], uint8_t *sig, size_t *siglen);
int sm2_sign_ex(const SM2_KEY *key, int flags, const uint8_t dgst[32], uint8_t *sig, size_t *siglen); int sm2_sign(const SM2_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen);
int sm2_sign(const SM2_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen); int sm2_verify(const SM2_KEY *key, const uint8_t dgst[32], const uint8_t *sig, size_t siglen);
int sm2_verify(const SM2_KEY *key, const uint8_t dgst[32], const uint8_t *sig, size_t siglen);
#define SM2_DEFAULT_ID "1234567812345678"
#define SM2_DEFAULT_ID "1234567812345678" #define SM2_DEFAULT_ID_LENGTH (sizeof(SM2_DEFAULT_ID) - 1) // LENGTH for string and SIZE for bytes
#define SM2_DEFAULT_ID_LENGTH (sizeof(SM2_DEFAULT_ID) - 1) // LENGTH for string and SIZE for bytes #define SM2_DEFAULT_ID_BITS (SM2_DEFAULT_ID_LENGTH * 8)
#define SM2_DEFAULT_ID_BITS (SM2_DEFAULT_ID_LENGTH * 8) #define SM2_MAX_ID_BITS 65535
#define SM2_MAX_ID_BITS 65535 #define SM2_MAX_ID_LENGTH (SM2_MAX_ID_BITS/8)
#define SM2_MAX_ID_LENGTH (SM2_MAX_ID_BITS/8)
int sm2_compute_z(uint8_t z[32], const SM2_POINT *pub, const char *id, size_t idlen);
int sm2_compute_z(uint8_t z[32], const SM2_POINT *pub, const char *id, size_t idlen);
typedef struct {
typedef struct { SM3_CTX sm3_ctx;
SM3_CTX sm3_ctx; SM2_KEY key;
SM2_KEY key; } SM2_SIGN_CTX;
} SM2_SIGN_CTX;
int sm2_sign_init(SM2_SIGN_CTX *ctx, const SM2_KEY *key, const char *id, size_t idlen);
int sm2_sign_init(SM2_SIGN_CTX *ctx, const SM2_KEY *key, const char *id, size_t idlen); int sm2_sign_update(SM2_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm2_sign_update(SM2_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int sm2_sign_finish(SM2_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int sm2_sign_finish(SM2_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen);
int sm2_verify_init(SM2_SIGN_CTX *ctx, const SM2_KEY *key, const char *id, size_t idlen);
int sm2_verify_init(SM2_SIGN_CTX *ctx, const SM2_KEY *key, const char *id, size_t idlen); int sm2_verify_update(SM2_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
int sm2_verify_update(SM2_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int sm2_verify_finish(SM2_SIGN_CTX *ctx, const uint8_t *sig, size_t siglen);
int sm2_verify_finish(SM2_SIGN_CTX *ctx, const uint8_t *sig, size_t siglen);
/*
/* SM2Cipher ::= SEQUENCE {
SM2Cipher ::= SEQUENCE { XCoordinate INTEGER,
XCoordinate INTEGER, YCoordinate INTEGER,
YCoordinate INTEGER, HASH OCTET STRING SIZE(32),
HASH OCTET STRING SIZE(32), CipherText OCTET STRING }
CipherText OCTET STRING } */
*/ #define SM2_MIN_PLAINTEXT_SIZE 1 // re-compute SM2_MIN_CIPHERTEXT_SIZE when modify
#define SM2_MIN_PLAINTEXT_SIZE 1 // re-compute SM2_MIN_CIPHERTEXT_SIZE when modify #define SM2_MAX_PLAINTEXT_SIZE 255 // re-compute SM2_MAX_CIPHERTEXT_SIZE when modify
#define SM2_MAX_PLAINTEXT_SIZE 255 // re-compute SM2_MAX_CIPHERTEXT_SIZE when modify
typedef struct {
typedef struct { SM2_POINT point;
SM2_POINT point; uint8_t hash[32];
uint8_t hash[32]; uint8_t ciphertext_size;
uint8_t ciphertext_size; uint8_t ciphertext[SM2_MAX_PLAINTEXT_SIZE];
uint8_t ciphertext[SM2_MAX_PLAINTEXT_SIZE]; } SM2_CIPHERTEXT;
} SM2_CIPHERTEXT;
int sm2_do_encrypt_ex(const SM2_KEY *key, int flags, const uint8_t *in, size_t inlen, SM2_CIPHERTEXT *out);
int sm2_do_encrypt_ex(const SM2_KEY *key, int flags, const uint8_t *in, size_t inlen, SM2_CIPHERTEXT *out); int sm2_do_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, SM2_CIPHERTEXT *out);
int sm2_do_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, SM2_CIPHERTEXT *out); int sm2_do_decrypt(const SM2_KEY *key, const SM2_CIPHERTEXT *in, uint8_t *out, size_t *outlen);
int sm2_do_decrypt(const SM2_KEY *key, const SM2_CIPHERTEXT *in, uint8_t *out, size_t *outlen);
#define SM2_MIN_CIPHERTEXT_SIZE 45 // dependes on SM2_MIN_PLAINTEXT_SIZE
#define SM2_MIN_CIPHERTEXT_SIZE 45 // dependes on SM2_MIN_PLAINTEXT_SIZE #define SM2_MAX_CIPHERTEXT_SIZE 366 // depends on SM2_MAX_PLAINTEXT_SIZE
#define SM2_MAX_CIPHERTEXT_SIZE 366 // depends on SM2_MAX_PLAINTEXT_SIZE int sm2_ciphertext_to_der(const SM2_CIPHERTEXT *c, uint8_t **out, size_t *outlen);
int sm2_ciphertext_to_der(const SM2_CIPHERTEXT *c, uint8_t **out, size_t *outlen); int sm2_ciphertext_from_der(SM2_CIPHERTEXT *c, const uint8_t **in, size_t *inlen);
int sm2_ciphertext_from_der(SM2_CIPHERTEXT *c, const uint8_t **in, size_t *inlen); int sm2_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen);
int sm2_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen); int sm2_encrypt_ex(const SM2_KEY *key, int flags, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm2_encrypt_ex(const SM2_KEY *key, int flags, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm2_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm2_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm2_decrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm2_decrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm2_ecdh(const SM2_KEY *key, const SM2_POINT *peer_public, SM2_POINT *out);
int sm2_ecdh(const SM2_KEY *key, const SM2_POINT *peer_public, SM2_POINT *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

161
include/gmssl/sm3.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,83 +7,82 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SM3_H
#ifndef GMSSL_SM3_H #define GMSSL_SM3_H
#define GMSSL_SM3_H
#include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* SM3 Public API
SM3 Public API
SM3_DIGEST_SIZE
SM3_DIGEST_SIZE SM3_HMAC_SIZE
SM3_HMAC_SIZE
SM3_CTX
SM3_CTX sm3_init
sm3_init sm3_update
sm3_update sm3_finish
sm3_finish
SM3_HMAC_CTX
SM3_HMAC_CTX sm3_hmac_init
sm3_hmac_init sm3_hmac_update
sm3_hmac_update sm3_hmac_finish
sm3_hmac_finish
sm3_digest
sm3_digest sm3_hmac
sm3_hmac */
*/
#define SM3_IS_BIG_ENDIAN 1
#define SM3_IS_BIG_ENDIAN 1
#define SM3_DIGEST_SIZE 32
#define SM3_DIGEST_SIZE 32 #define SM3_BLOCK_SIZE 64
#define SM3_BLOCK_SIZE 64 #define SM3_STATE_WORDS 8
#define SM3_STATE_WORDS 8 #define SM3_HMAC_SIZE (SM3_DIGEST_SIZE)
#define SM3_HMAC_SIZE (SM3_DIGEST_SIZE)
typedef struct {
typedef struct { uint32_t digest[SM3_STATE_WORDS];
uint32_t digest[SM3_STATE_WORDS]; uint64_t nblocks;
uint64_t nblocks; uint8_t block[SM3_BLOCK_SIZE];
uint8_t block[SM3_BLOCK_SIZE]; size_t num;
size_t num; } SM3_CTX;
} SM3_CTX;
void sm3_init(SM3_CTX *ctx);
void sm3_init(SM3_CTX *ctx); void sm3_update(SM3_CTX *ctx, const uint8_t *data, size_t datalen);
void sm3_update(SM3_CTX *ctx, const uint8_t *data, size_t datalen); void sm3_finish(SM3_CTX *ctx, uint8_t dgst[SM3_DIGEST_SIZE]);
void sm3_finish(SM3_CTX *ctx, uint8_t dgst[SM3_DIGEST_SIZE]); void sm3_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SM3_DIGEST_SIZE]);
void sm3_digest(const uint8_t *data, size_t datalen, uint8_t dgst[SM3_DIGEST_SIZE]);
typedef struct {
typedef struct { SM3_CTX sm3_ctx;
SM3_CTX sm3_ctx; unsigned char key[SM3_BLOCK_SIZE];
unsigned char key[SM3_BLOCK_SIZE]; } SM3_HMAC_CTX;
} SM3_HMAC_CTX;
void sm3_hmac_init(SM3_HMAC_CTX *ctx, const uint8_t *key, size_t keylen);
void sm3_hmac_init(SM3_HMAC_CTX *ctx, const uint8_t *key, size_t keylen); void sm3_hmac_update(SM3_HMAC_CTX *ctx, const uint8_t *data, size_t datalen);
void sm3_hmac_update(SM3_HMAC_CTX *ctx, const uint8_t *data, size_t datalen); void sm3_hmac_finish(SM3_HMAC_CTX *ctx, uint8_t mac[SM3_HMAC_SIZE]);
void sm3_hmac_finish(SM3_HMAC_CTX *ctx, uint8_t mac[SM3_HMAC_SIZE]); void sm3_hmac(const uint8_t *key, size_t keylen,
void sm3_hmac(const uint8_t *key, size_t keylen, const uint8_t *data, size_t datalen,
const uint8_t *data, size_t datalen, uint8_t mac[SM3_HMAC_SIZE]);
uint8_t mac[SM3_HMAC_SIZE]);
typedef struct {
typedef struct { SM3_CTX sm3_ctx;
SM3_CTX sm3_ctx; size_t outlen;
size_t outlen; } SM3_KDF_CTX;
} SM3_KDF_CTX;
void sm3_kdf_init(SM3_KDF_CTX *ctx, size_t outlen);
void sm3_kdf_init(SM3_KDF_CTX *ctx, size_t outlen); void sm3_kdf_update(SM3_KDF_CTX *ctx, const uint8_t *data, size_t datalen);
void sm3_kdf_update(SM3_KDF_CTX *ctx, const uint8_t *data, size_t datalen); void sm3_kdf_finish(SM3_KDF_CTX *ctx, uint8_t *out);
void sm3_kdf_finish(SM3_KDF_CTX *ctx, uint8_t *out);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

247
include/gmssl/sm4.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,126 +7,125 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_SM4_H
#ifndef GMSSL_SM4_H #define GMSSL_SM4_H
#define GMSSL_SM4_H
#include <stdint.h>
#include <stdint.h> #include <string.h>
#include <string.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* SM4 Public API
SM4 Public API
SM4_KEY_SIZE
SM4_KEY_SIZE SM4_BLOCK_SIZE
SM4_BLOCK_SIZE
SM4_CBC_CTX
SM4_CBC_CTX sm4_cbc_encrypt_init
sm4_cbc_encrypt_init sm4_cbc_encrypt_update
sm4_cbc_encrypt_update sm4_cbc_encrypt_finish
sm4_cbc_encrypt_finish sm4_cbc_decrypt_init
sm4_cbc_decrypt_init sm4_cbc_decrypt_update
sm4_cbc_decrypt_update sm4_cbc_decrypt_finish
sm4_cbc_decrypt_finish
SM4_CTR_CTX
SM4_CTR_CTX sm4_ctr_encrypt_init
sm4_ctr_encrypt_init sm4_ctr_encrypt_update
sm4_ctr_encrypt_update sm4_ctr_encrypt_finish
sm4_ctr_encrypt_finish sm4_ctr_decrypt_init
sm4_ctr_decrypt_init sm4_ctr_decrypt_update
sm4_ctr_decrypt_update sm4_ctr_decrypt_finish
sm4_ctr_decrypt_finish */
*/
#define SM4_KEY_SIZE (16)
#define SM4_KEY_SIZE (16) #define SM4_BLOCK_SIZE (16)
#define SM4_BLOCK_SIZE (16) #define SM4_NUM_ROUNDS (32)
#define SM4_NUM_ROUNDS (32)
typedef struct {
typedef struct { uint32_t rk[SM4_NUM_ROUNDS];
uint32_t rk[SM4_NUM_ROUNDS]; } SM4_KEY;
} SM4_KEY;
void sm4_set_encrypt_key(SM4_KEY *key, const uint8_t raw_key[SM4_KEY_SIZE]);
void sm4_set_encrypt_key(SM4_KEY *key, const uint8_t raw_key[SM4_KEY_SIZE]); void sm4_set_decrypt_key(SM4_KEY *key, const uint8_t raw_key[SM4_KEY_SIZE]);
void sm4_set_decrypt_key(SM4_KEY *key, const uint8_t raw_key[SM4_KEY_SIZE]); void sm4_encrypt(const SM4_KEY *key, const uint8_t in[SM4_BLOCK_SIZE], uint8_t out[SM4_BLOCK_SIZE]);
void sm4_encrypt(const SM4_KEY *key, const uint8_t in[SM4_BLOCK_SIZE], uint8_t out[SM4_BLOCK_SIZE]); #define sm4_decrypt(key,in,out) sm4_encrypt(key,in,out)
#define sm4_decrypt(key,in,out) sm4_encrypt(key,in,out)
void sm4_cbc_encrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE],
void sm4_cbc_encrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE], const uint8_t *in, size_t nblocks, uint8_t *out);
const uint8_t *in, size_t nblocks, uint8_t *out); void sm4_cbc_decrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE],
void sm4_cbc_decrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE], const uint8_t *in, size_t nblocks, uint8_t *out);
const uint8_t *in, size_t nblocks, uint8_t *out); int sm4_cbc_padding_encrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE],
int sm4_cbc_padding_encrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE], const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm4_cbc_padding_decrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE],
int sm4_cbc_padding_decrypt(const SM4_KEY *key, const uint8_t iv[SM4_BLOCK_SIZE], const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[SM4_BLOCK_SIZE],
void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[SM4_BLOCK_SIZE], const uint8_t *in, size_t inlen, uint8_t *out);
const uint8_t *in, size_t inlen, uint8_t *out); #define sm4_ctr_decrypt(key,ctr,in,inlen,out) sm4_ctr_encrypt(key,ctr,in,inlen,out)
#define sm4_ctr_decrypt(key,ctr,in,inlen,out) sm4_ctr_encrypt(key,ctr,in,inlen,out)
#define SM4_GCM_IV_MIN_SIZE 1
#define SM4_GCM_IV_MIN_SIZE 1 #define SM4_GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3)))
#define SM4_GCM_IV_MAX_SIZE ((uint64_t)(1 << (64-3))) #define SM4_GCM_IV_DEFAULT_BITS 96
#define SM4_GCM_IV_DEFAULT_BITS 96 #define SM4_GCM_IV_DEFAULT_SIZE 12
#define SM4_GCM_IV_DEFAULT_SIZE 12
#define SM4_GCM_MIN_AAD_SIZE 0
#define SM4_GCM_MIN_AAD_SIZE 0 #define SM4_GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define SM4_GCM_MAX_AAD_SIZE ((uint64_t)(1 << (64-3)))
#define SM4_GCM_MIN_PLAINTEXT_SIZE 0
#define SM4_GCM_MIN_PLAINTEXT_SIZE 0 #define SM4_GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define SM4_GCM_MAX_PLAINTEXT_SIZE ((((uint64_t)1 << 39) - 256) >> 3)
#define SM4_GCM_MAX_TAG_SIZE 16
#define SM4_GCM_MAX_TAG_SIZE 16
int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, uint8_t *out, size_t taglen, uint8_t *tag);
uint8_t *out, size_t taglen, uint8_t *tag); int sm4_gcm_decrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
int sm4_gcm_decrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen, const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, const uint8_t *tag, size_t taglen, uint8_t *out);
const uint8_t *tag, size_t taglen, uint8_t *out);
typedef struct {
typedef struct { SM4_KEY sm4_key;
SM4_KEY sm4_key; uint8_t iv[SM4_BLOCK_SIZE];
uint8_t iv[SM4_BLOCK_SIZE]; uint8_t block[SM4_BLOCK_SIZE];
uint8_t block[SM4_BLOCK_SIZE]; size_t block_nbytes;
size_t block_nbytes; } SM4_CBC_CTX;
} SM4_CBC_CTX;
int sm4_cbc_encrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
int sm4_cbc_encrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]); int sm4_cbc_encrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm4_cbc_encrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm4_cbc_encrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
int sm4_cbc_encrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
int sm4_cbc_decrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
int sm4_cbc_decrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]); int sm4_cbc_decrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm4_cbc_decrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm4_cbc_decrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
int sm4_cbc_decrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
typedef struct {
typedef struct { SM4_KEY sm4_key;
SM4_KEY sm4_key; uint8_t ctr[SM4_BLOCK_SIZE];
uint8_t ctr[SM4_BLOCK_SIZE]; uint8_t block[SM4_BLOCK_SIZE];
uint8_t block[SM4_BLOCK_SIZE]; size_t block_nbytes;
size_t block_nbytes; } SM4_CTR_CTX;
} SM4_CTR_CTX;
int sm4_ctr_encrypt_init(SM4_CTR_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t ctr[SM4_BLOCK_SIZE]);
int sm4_ctr_encrypt_init(SM4_CTR_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t ctr[SM4_BLOCK_SIZE]); int sm4_ctr_encrypt_update(SM4_CTR_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
int sm4_ctr_encrypt_update(SM4_CTR_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm4_ctr_encrypt_finish(SM4_CTR_CTX *ctx, uint8_t *out, size_t *outlen);
int sm4_ctr_encrypt_finish(SM4_CTR_CTX *ctx, uint8_t *out, size_t *outlen);
#define sm4_ctr_decrypt_init(ctx,key,ctr) sm4_ctr_encrypt_init(ctx,key,ctr)
#define sm4_ctr_decrypt_init(ctx,key,ctr) sm4_ctr_encrypt_init(ctx,key,ctr) #define sm4_ctr_decrypt_update(ctx,in,inlen,out,outlen) sm4_ctr_encrypt_update(ctx,in,inlen,out,outlen)
#define sm4_ctr_decrypt_update(ctx,in,inlen,out,outlen) sm4_ctr_encrypt_update(ctx,in,inlen,out,outlen) #define sm4_ctr_decrypt_finish(ctx,out,outlen) sm4_ctr_encrypt_finish(ctx,out,outlen)
#define sm4_ctr_decrypt_finish(ctx,out,outlen) sm4_ctr_encrypt_finish(ctx,out,outlen)
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

1123
include/gmssl/sm9.h
View File

File diff suppressed because it is too large Load Diff

1745
include/gmssl/tls.h
View File

File diff suppressed because it is too large Load Diff

55
include/gmssl/version.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,30 +7,29 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_VERSION_H
#ifndef GMSSL_VERSION_H #define GMSSL_VERSION_H
#define GMSSL_VERSION_H
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* Version Public API
Version Public API
gmssl_version_num
gmssl_version_num gmssl_version_str
gmssl_version_str */
*/
#define GMSSL_VERSION_NUM 30000
#define GMSSL_VERSION_NUM 30000 #define GMSSL_VERSION_STR "GmSSL 3.0.0 Beta"
#define GMSSL_VERSION_STR "GmSSL 3.0.0 Beta"
int gmssl_version_num(void);
int gmssl_version_num(void); const char *gmssl_version_str(void);
const char *gmssl_version_str(void);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

707
include/gmssl/x509.h
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2022 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -7,356 +7,355 @@
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
#ifndef GMSSL_X509_H
#ifndef GMSSL_X509_H #define GMSSL_X509_H
#define GMSSL_X509_H
#include <time.h>
#include <time.h> #include <string.h>
#include <string.h> #include <stdint.h>
#include <stdint.h> #include <stdlib.h>
#include <stdlib.h> #include <gmssl/sm2.h>
#include <gmssl/sm2.h> #include <gmssl/oid.h>
#include <gmssl/oid.h> #include <gmssl/asn1.h>
#include <gmssl/asn1.h>
#ifdef __cplusplus
#ifdef __cplusplus extern "C" {
extern "C" { #endif
#endif
/*
/* X509 Public API
X509 Public API
x509_name_add_rdn
x509_name_add_rdn x509_name_add_country_name
x509_name_add_country_name x509_name_add_state_or_province_name
x509_name_add_state_or_province_name x509_name_add_locality_name
x509_name_add_locality_name x509_name_add_organization_name
x509_name_add_organization_name x509_name_add_organizational_unit_name
x509_name_add_organizational_unit_name x509_name_add_common_name
x509_name_add_common_name x509_name_add_domain_component
x509_name_add_domain_component x509_name_to_der
x509_name_to_der x509_name_from_der
x509_name_from_der x509_name_print
x509_name_print x509_name_get_value_by_type
x509_name_get_value_by_type x509_name_get_common_name
x509_name_get_common_name
x509_cert_sign
x509_cert_sign x509_cert_verify
x509_cert_verify x509_cert_verify_by_ca_cert
x509_cert_verify_by_ca_cert x509_cert_get_issuer_and_serial_number
x509_cert_get_issuer_and_serial_number x509_cert_get_issuer
x509_cert_get_issuer x509_cert_get_subject
x509_cert_get_subject x509_cert_get_subject_public_key
x509_cert_get_subject_public_key x509_cert_to_der
x509_cert_to_der x509_cert_from_der
x509_cert_from_der x509_cert_to_pem
x509_cert_to_pem x509_cert_from_pem
x509_cert_from_pem x509_cert_print
x509_cert_print */
*/
enum X509_Version {
enum X509_Version { X509_version_v1 = 0,
X509_version_v1 = 0, X509_version_v2 = 1,
X509_version_v2 = 1, X509_version_v3 = 2,
X509_version_v3 = 2, };
};
const char *x509_version_name(int version);
const char *x509_version_name(int version); int x509_explicit_version_to_der(int index, int version, uint8_t **out, size_t *outlen);
int x509_explicit_version_to_der(int index, int version, uint8_t **out, size_t *outlen); int x509_explicit_version_from_der(int index, int *version, const uint8_t **in, size_t *inlen);
int x509_explicit_version_from_der(int index, int *version, const uint8_t **in, size_t *inlen);
/*
/* Time ::= CHOICE {
Time ::= CHOICE { utcTime UTCTime,
utcTime UTCTime, generalTime GeneralizedTime }
generalTime GeneralizedTime } */
*/ int x509_time_to_der(time_t a, uint8_t **out, size_t *outlen);
int x509_time_to_der(time_t a, uint8_t **out, size_t *outlen); int x509_time_from_der(time_t *a, const uint8_t **in, size_t *inlen);
int x509_time_from_der(time_t *a, const uint8_t **in, size_t *inlen);
/*
/* Validity ::= SEQUENCE {
Validity ::= SEQUENCE { notBefore Time,
notBefore Time, notAfter Time }
notAfter Time } */
*/ #define X509_VALIDITY_MIN_DAYS 1
#define X509_VALIDITY_MIN_DAYS 1 #define X509_VALIDITY_MAX_DAYS (365 * 10) // ROOTCA, CA需要更长的时间
#define X509_VALIDITY_MAX_DAYS (365 * 10) // ROOTCA, CA需要更长的时间 int x509_validity_add_days(time_t *not_after, time_t not_before, int days);
int x509_validity_add_days(time_t *not_after, time_t not_before, int days); int x509_validity_to_der(time_t not_before, time_t not_after, uint8_t **out, size_t *outlen);
int x509_validity_to_der(time_t not_before, time_t not_after, uint8_t **out, size_t *outlen); int x509_validity_from_der(time_t *not_before, time_t *not_after, const uint8_t **in, size_t *inlen);
int x509_validity_from_der(time_t *not_before, time_t *not_after, const uint8_t **in, size_t *inlen); int x509_validity_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_validity_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* AttributeTypeAndValue ::= SEQUENCE {
AttributeTypeAndValue ::= SEQUENCE { type OBJECT IDENTIFIER,
type OBJECT IDENTIFIER, value ANY -- DEFINED BY AttributeType }
value ANY -- DEFINED BY AttributeType }
id-at
id-at name DirectoryName 1..ub-name
name DirectoryName 1..ub-name surname DirectoryName 1..ub-name
surname DirectoryName 1..ub-name givenName DirectoryName 1..ub-name
givenName DirectoryName 1..ub-name initials DirectoryName 1..ub-name
initials DirectoryName 1..ub-name generationQualifier DirectoryName 1..ub-name
generationQualifier DirectoryName 1..ub-name commonName DirectoryName 1..ub-common-name
commonName DirectoryName 1..ub-common-name localityName DirectoryName 1..ub-locality-name
localityName DirectoryName 1..ub-locality-name stateOrProvinceName DirectoryName 1..ub-state-name
stateOrProvinceName DirectoryName 1..ub-state-name organizationName DirectoryName 1..ub-organization-name
organizationName DirectoryName 1..ub-organization-name organizationalUnitName DirectoryName 1..ub-organizational-unit-name
organizationalUnitName DirectoryName 1..ub-organizational-unit-name title DirectoryName 1..ub-title
title DirectoryName 1..ub-title dnQualifier PrintableString N/A
dnQualifier PrintableString N/A countryName PrintableString 2..2
countryName PrintableString 2..2 serialNumber PrintableString 1..ub-serial-number
serialNumber PrintableString 1..ub-serial-number pseudonym DirectoryName 1..ub-pseudonym
pseudonym DirectoryName 1..ub-pseudonym domainComponent IA5String N/A
domainComponent IA5String N/A */
*/ #define X509_ub_name 32768
#define X509_ub_name 32768 #define X509_ub_common_name 64
#define X509_ub_common_name 64 #define X509_ub_locality_name 128
#define X509_ub_locality_name 128 #define X509_ub_state_name 128
#define X509_ub_state_name 128 #define X509_ub_organization_name 64
#define X509_ub_organization_name 64 #define X509_ub_organizational_unit_name 64
#define X509_ub_organizational_unit_name 64 #define X509_ub_title 64
#define X509_ub_title 64 #define X509_ub_serial_number 64
#define X509_ub_serial_number 64 #define X509_ub_pseudonym 128
#define X509_ub_pseudonym 128
int x509_attr_type_and_value_check(int oid, int tag, const uint8_t *val, size_t vlen);
int x509_attr_type_and_value_check(int oid, int tag, const uint8_t *val, size_t vlen); int x509_attr_type_and_value_to_der(int oid, int tag, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen);
int x509_attr_type_and_value_to_der(int oid, int tag, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen); int x509_attr_type_and_value_from_der(int *oid, int *tag, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen);
int x509_attr_type_and_value_from_der(int *oid, int *tag, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen); int x509_attr_type_and_value_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_attr_type_and_value_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue */
*/ int x509_rdn_to_der(int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen, uint8_t **out, size_t *outlen);
int x509_rdn_to_der(int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen, uint8_t **out, size_t *outlen); int x509_rdn_from_der(int *oid, int *tag, const uint8_t **val, size_t *vlen, const uint8_t **more, size_t *mlen, const uint8_t **in, size_t *inlen);
int x509_rdn_from_der(int *oid, int *tag, const uint8_t **val, size_t *vlen, const uint8_t **more, size_t *mlen, const uint8_t **in, size_t *inlen); int x509_rdn_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_rdn_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* Name ::= SEQUENCE OF RelativeDistinguishedName
Name ::= SEQUENCE OF RelativeDistinguishedName
Example:
Example: SEQUENCE LEN
SEQUENCE LEN SET LEN
SET LEN SEQUENCE LEN OID=countryName, String=CN
SEQUENCE LEN OID=countryName, String=CN SET LEN
SET LEN SEQUENCE LEN OID=stateName, String=CN
SEQUENCE LEN OID=stateName, String=CN SEQUENCE LEN OID=unknown, String=ABC
SEQUENCE LEN OID=unknown, String=ABC SET LEN
SET LEN SEQUENCE LEN OID=commonNmame, String=ABC
SEQUENCE LEN OID=commonNmame, String=ABC */
*/ int x509_name_add_rdn(uint8_t *d, size_t *dlen, size_t maxlen, int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen);
int x509_name_add_rdn(uint8_t *d, size_t *dlen, size_t maxlen, int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen); int x509_name_add_country_name(uint8_t *d, size_t *dlen, int maxlen, const char val[2] ); // val: PrintableString SIZE(2)
int x509_name_add_country_name(uint8_t *d, size_t *dlen, int maxlen, const char val[2] ); // val: PrintableString SIZE(2) int x509_name_add_state_or_province_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen);
int x509_name_add_state_or_province_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_locality_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen);
int x509_name_add_locality_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_organization_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen);
int x509_name_add_organization_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_organizational_unit_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen);
int x509_name_add_organizational_unit_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_common_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen);
int x509_name_add_common_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_domain_component(uint8_t *d, size_t *dlen, int maxlen, const char *val, size_t vlen); // val: IA5String
int x509_name_add_domain_component(uint8_t *d, size_t *dlen, int maxlen, const char *val, size_t vlen); // val: IA5String
int x509_name_set(uint8_t *d, size_t *dlen, size_t maxlen,
int x509_name_set(uint8_t *d, size_t *dlen, size_t maxlen, const char *country, const char *state, const char *locality,
const char *country, const char *state, const char *locality, const char *org, const char *org_unit, const char *common_name);
const char *org, const char *org_unit, const char *common_name);
#define x509_name_to_der(d,dlen,out,outlen) asn1_sequence_to_der(d,dlen,out,outlen)
#define x509_name_to_der(d,dlen,out,outlen) asn1_sequence_to_der(d,dlen,out,outlen) #define x509_name_from_der(d,dlen,in,inlen) asn1_sequence_from_der(d,dlen,in,inlen)
#define x509_name_from_der(d,dlen,in,inlen) asn1_sequence_from_der(d,dlen,in,inlen) int x509_name_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_name_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); int x509_name_get_value_by_type(const uint8_t *d, size_t dlen, int oid, int *tag, const uint8_t **val, size_t *vlen);
int x509_name_get_value_by_type(const uint8_t *d, size_t dlen, int oid, int *tag, const uint8_t **val, size_t *vlen); int x509_name_get_common_name(const uint8_t *d, size_t dlen, int *tag, const uint8_t **val, size_t *vlen);
int x509_name_get_common_name(const uint8_t *d, size_t dlen, int *tag, const uint8_t **val, size_t *vlen); int x509_name_equ(const uint8_t *a, size_t alen, const uint8_t *b, size_t blen);
int x509_name_equ(const uint8_t *a, size_t alen, const uint8_t *b, size_t blen);
int x509_names_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_names_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* SubjectPublicKeyInfo ::= SEQUENCE {
SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier,
algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING }
subjectPublicKey BIT STRING }
algorithm.algorithm = OID_ec_public_key;
algorithm.algorithm = OID_ec_public_key; algorithm.parameters = OID_sm2;
algorithm.parameters = OID_sm2; subjectPublicKey = ECPoint
subjectPublicKey = ECPoint */
*/ #define x509_public_key_info_to_der(key,out,outlen) sm2_public_key_info_to_der(key,out,outlen)
#define x509_public_key_info_to_der(key,out,outlen) sm2_public_key_info_to_der(key,out,outlen) #define x509_public_key_info_from_der(key,in,inlen) sm2_public_key_info_from_der(key,in,inlen)
#define x509_public_key_info_from_der(key,in,inlen) sm2_public_key_info_from_der(key,in,inlen) int x509_public_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_public_key_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* Extension ::= SEQUENCE {
Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER,
extnID OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE,
critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING -- contains the DER encoding of an ASN.1 value
extnValue OCTET STRING -- contains the DER encoding of an ASN.1 value */
*/ int x509_ext_to_der(int oid, int critical, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen);
int x509_ext_to_der(int oid, int critical, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen); int x509_ext_from_der(int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen);
int x509_ext_from_der(int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen); int x509_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* [3] EXPLICIT SEQUENCE OF Extension
[3] EXPLICIT SEQUENCE OF Extension */
*/ int x509_explicit_exts_to_der(int index, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
int x509_explicit_exts_to_der(int index, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int x509_explicit_exts_from_der(int index, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
int x509_explicit_exts_from_der(int index, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); #define x509_exts_to_der(d,dlen,out,outlen) x509_explicit_exts_to_der(3,d,dlen,out,outlen)
#define x509_exts_to_der(d,dlen,out,outlen) x509_explicit_exts_to_der(3,d,dlen,out,outlen) #define x509_exts_from_der(d,dlen,in,inlen) x509_explicit_exts_from_der(3,d,dlen,in,inlen)
#define x509_exts_from_der(d,dlen,in,inlen) x509_explicit_exts_from_der(3,d,dlen,in,inlen)
int x509_exts_get_count(const uint8_t *d, size_t dlen, size_t *cnt);
int x509_exts_get_count(const uint8_t *d, size_t dlen, size_t *cnt); int x509_exts_get_ext_by_index(const uint8_t *d, size_t dlen, int index,
int x509_exts_get_ext_by_index(const uint8_t *d, size_t dlen, int index, int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical,
int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical, const uint8_t **val, size_t *vlen);
const uint8_t **val, size_t *vlen); int x509_exts_get_ext_by_oid(const uint8_t *d, size_t dlen, int oid,
int x509_exts_get_ext_by_oid(const uint8_t *d, size_t dlen, int oid, int *critical, const uint8_t **val, size_t *vlen);
int *critical, const uint8_t **val, size_t *vlen); int x509_exts_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_exts_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* TBSCertificate ::= SEQUENCE {
TBSCertificate ::= SEQUENCE { version [0] EXPLICIT INTEGER DEFAULT v1,
version [0] EXPLICIT INTEGER DEFAULT v1, serialNumber INTEGER,
serialNumber INTEGER, siganture AlgorithmIdentifier,
siganture AlgorithmIdentifier, issuer Name,
issuer Name, validity Validity,
validity Validity, subject Name,
subject Name, subjectPulbicKeyInfo SubjectPublicKeyInfo,
subjectPulbicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT BIT STRING OPTIONAL, -- If present, must be v2,v3
issuerUniqueID [1] IMPLICIT BIT STRING OPTIONAL, -- If present, must be v2,v3 subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL, -- If present, must be v2,v3
subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL, -- If present, must be v2,v3 extensions [3] EXPLICIT Extensions OPTIONAL -- If present, must be v3 }
extensions [3] EXPLICIT Extensions OPTIONAL -- If present, must be v3 } */
*/ #define X509_SERIAL_NUMBER_MIN_LEN 1
#define X509_SERIAL_NUMBER_MIN_LEN 1 #define X509_SERIAL_NUMBER_MAX_LEN 20
#define X509_SERIAL_NUMBER_MAX_LEN 20 #define X509_UNIQUE_ID_MIN_LEN 32
#define X509_UNIQUE_ID_MIN_LEN 32 #define X509_UNIQUE_ID_MAX_LEN 32
#define X509_UNIQUE_ID_MAX_LEN 32
int x509_tbs_cert_to_der(
int x509_tbs_cert_to_der( int version,
int version, const uint8_t *serial, size_t serial_len,
const uint8_t *serial, size_t serial_len, int signature_algor,
int signature_algor, const uint8_t *issuer, size_t issuer_len,
const uint8_t *issuer, size_t issuer_len, time_t not_before, time_t not_after,
time_t not_before, time_t not_after, const uint8_t *subject, size_t subject_len,
const uint8_t *subject, size_t subject_len, const SM2_KEY *subject_public_key,
const SM2_KEY *subject_public_key, const uint8_t *issuer_unique_id, size_t issuer_unique_id_len,
const uint8_t *issuer_unique_id, size_t issuer_unique_id_len, const uint8_t *subject_unique_id, size_t subject_unique_id_len,
const uint8_t *subject_unique_id, size_t subject_unique_id_len, const uint8_t *exts, size_t exts_len,
const uint8_t *exts, size_t exts_len, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int x509_tbs_cert_from_der(
int x509_tbs_cert_from_der( int *version,
int *version, const uint8_t **serial, size_t *serial_len,
const uint8_t **serial, size_t *serial_len, int *signature_algor,
int *signature_algor, const uint8_t **issuer, size_t *issuer_len,
const uint8_t **issuer, size_t *issuer_len, time_t *not_before, time_t *not_after,
time_t *not_before, time_t *not_after, const uint8_t **subject, size_t *subject_len,
const uint8_t **subject, size_t *subject_len, SM2_KEY *subject_public_key,
SM2_KEY *subject_public_key, const uint8_t **issuer_unique_id, size_t *issuer_unique_id_len,
const uint8_t **issuer_unique_id, size_t *issuer_unique_id_len, const uint8_t **subject_unique_id, size_t *subject_unique_id_len,
const uint8_t **subject_unique_id, size_t *subject_unique_id_len, const uint8_t **exts, size_t *exts_len,
const uint8_t **exts, size_t *exts_len, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int x509_tbs_cert_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_tbs_cert_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
/*
/* Certificate ::= SEQUENCE {
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate,
tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier,
signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING }
signatureValue BIT STRING } */
*/ int x509_certificate_to_der(
int x509_certificate_to_der( const uint8_t *tbs, size_t tbslen,
const uint8_t *tbs, size_t tbslen, int signature_algor,
int signature_algor, const uint8_t *sig, size_t siglen,
const uint8_t *sig, size_t siglen, uint8_t **out, size_t *outlen);
uint8_t **out, size_t *outlen); int x509_certificate_from_der(
int x509_certificate_from_der( const uint8_t **tbs, size_t *tbslen,
const uint8_t **tbs, size_t *tbslen, int *signature_algor,
int *signature_algor, const uint8_t **sig, size_t *siglen,
const uint8_t **sig, size_t *siglen, const uint8_t **in, size_t *inlen);
const uint8_t **in, size_t *inlen); int x509_certificate_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_certificate_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
// x509_cert functions
// x509_cert functions int x509_cert_sign(
int x509_cert_sign( uint8_t *cert, size_t *certlen, size_t maxlen,
uint8_t *cert, size_t *certlen, size_t maxlen, int version,
int version, const uint8_t *serial, size_t serial_len,
const uint8_t *serial, size_t serial_len, int signature_algor,
int signature_algor, const uint8_t *issuer, size_t issuer_len,
const uint8_t *issuer, size_t issuer_len, time_t not_before, time_t not_after,
time_t not_before, time_t not_after, const uint8_t *subject, size_t subject_len,
const uint8_t *subject, size_t subject_len, const SM2_KEY *subject_public_key,
const SM2_KEY *subject_public_key, const uint8_t *issuer_unique_id, size_t issuer_unique_id_len,
const uint8_t *issuer_unique_id, size_t issuer_unique_id_len, const uint8_t *subject_unique_id, size_t subject_unique_id_len,
const uint8_t *subject_unique_id, size_t subject_unique_id_len, const uint8_t *exts, size_t exts_len,
const uint8_t *exts, size_t exts_len, const SM2_KEY *sign_key,
const SM2_KEY *sign_key, const char *signer_id, size_t signer_id_len);
const char *signer_id, size_t signer_id_len); int x509_cert_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key,
int x509_cert_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key, const char *signer_id, size_t signer_id_len);
const char *signer_id, size_t signer_id_len); int x509_cert_verify_by_ca_cert(const uint8_t *a, size_t alen, const uint8_t *cacert, size_t cacertlen,
int x509_cert_verify_by_ca_cert(const uint8_t *a, size_t alen, const uint8_t *cacert, size_t cacertlen, const char *signer_id, size_t signer_id_len);
const char *signer_id, size_t signer_id_len);
int x509_cert_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen);
int x509_cert_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); int x509_cert_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen);
int x509_cert_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); int x509_cert_to_pem(const uint8_t *a, size_t alen, FILE *fp);
int x509_cert_to_pem(const uint8_t *a, size_t alen, FILE *fp); int x509_cert_from_pem(uint8_t *a, size_t *alen, size_t maxlen, FILE *fp);
int x509_cert_from_pem(uint8_t *a, size_t *alen, size_t maxlen, FILE *fp); int x509_cert_from_pem_by_index(uint8_t *a, size_t *alen, size_t maxlen, int index, FILE *fp);
int x509_cert_from_pem_by_index(uint8_t *a, size_t *alen, size_t maxlen, int index, FILE *fp); int x509_cert_from_pem_by_subject(uint8_t *a, size_t *alen, size_t maxlen, const uint8_t *name, size_t namelen, FILE *fp);
int x509_cert_from_pem_by_subject(uint8_t *a, size_t *alen, size_t maxlen, const uint8_t *name, size_t namelen, FILE *fp); int x509_cert_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen);
int x509_cert_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen);
int x509_cert_get_details(const uint8_t *a, size_t alen,
int x509_cert_get_details(const uint8_t *a, size_t alen, int *version,
int *version, const uint8_t **serial_number, size_t *serial_number_len,
const uint8_t **serial_number, size_t *serial_number_len, int *inner_signature_algor,
int *inner_signature_algor, const uint8_t **issuer, size_t *issuer_len,
const uint8_t **issuer, size_t *issuer_len, time_t *not_before, time_t *not_after,
time_t *not_before, time_t *not_after, const uint8_t **subject, size_t *subject_len,
const uint8_t **subject, size_t *subject_len, SM2_KEY *subject_public_key,
SM2_KEY *subject_public_key, const uint8_t **issuer_unique_id, size_t *issuer_unique_id_len,
const uint8_t **issuer_unique_id, size_t *issuer_unique_id_len, const uint8_t **subject_unique_id, size_t *subject_unique_id_len,
const uint8_t **subject_unique_id, size_t *subject_unique_id_len, const uint8_t **extensions, size_t *extensions_len,
const uint8_t **extensions, size_t *extensions_len, int *signature_algor,
int *signature_algor, const uint8_t **signature, size_t *signature_len);
const uint8_t **signature, size_t *signature_len);
/*
/* IssuerAndSerialNumber ::= SEQUENCE {
IssuerAndSerialNumber ::= SEQUENCE { isser Name,
isser Name, serialNumber INTEGER }
serialNumber INTEGER } */
*/ int x509_cert_get_issuer_and_serial_number(const uint8_t *a, size_t alen,
int x509_cert_get_issuer_and_serial_number(const uint8_t *a, size_t alen, const uint8_t **issuer, size_t *issuer_len,
const uint8_t **issuer, size_t *issuer_len, const uint8_t **serial_number, size_t *serial_number_len);
const uint8_t **serial_number, size_t *serial_number_len); int x509_cert_get_issuer(const uint8_t *a, size_t alen, const uint8_t **name, size_t *namelen);
int x509_cert_get_issuer(const uint8_t *a, size_t alen, const uint8_t **name, size_t *namelen); int x509_cert_get_subject(const uint8_t *a, size_t alen, const uint8_t **subj, size_t *subj_len);
int x509_cert_get_subject(const uint8_t *a, size_t alen, const uint8_t **subj, size_t *subj_len); int x509_cert_get_subject_public_key(const uint8_t *a, size_t alen, SM2_KEY *public_key);
int x509_cert_get_subject_public_key(const uint8_t *a, size_t alen, SM2_KEY *public_key);
int x509_certs_to_pem(const uint8_t *d, size_t dlen, FILE *fp);
int x509_certs_to_pem(const uint8_t *d, size_t dlen, FILE *fp); int x509_certs_from_pem(uint8_t *d, size_t *dlen, size_t maxlen, FILE *fp);
int x509_certs_from_pem(uint8_t *d, size_t *dlen, size_t maxlen, FILE *fp); int x509_certs_get_count(const uint8_t *d, size_t dlen, size_t *cnt);
int x509_certs_get_count(const uint8_t *d, size_t dlen, size_t *cnt); int x509_certs_get_cert_by_index(const uint8_t *d, size_t dlen, int index, const uint8_t **cert, size_t *certlen);
int x509_certs_get_cert_by_index(const uint8_t *d, size_t dlen, int index, const uint8_t **cert, size_t *certlen); int x509_certs_get_cert_by_subject(const uint8_t *d, size_t dlen, const uint8_t *subject, size_t subject_len, const uint8_t **cert, size_t *certlen);
int x509_certs_get_cert_by_subject(const uint8_t *d, size_t dlen, const uint8_t *subject, size_t subject_len, const uint8_t **cert, size_t *certlen); int x509_certs_get_last(const uint8_t *d, size_t dlen, const uint8_t **cert, size_t *certlen);
int x509_certs_get_last(const uint8_t *d, size_t dlen, const uint8_t **cert, size_t *certlen);
int x509_certs_get_cert_by_issuer_and_serial_number(
int x509_certs_get_cert_by_issuer_and_serial_number( const uint8_t *certs, size_t certs_len,
const uint8_t *certs, size_t certs_len, const uint8_t *issuer, size_t issuer_len,
const uint8_t *issuer, size_t issuer_len, const uint8_t *serial, size_t serial_len,
const uint8_t *serial, size_t serial_len, const uint8_t **cert, size_t *cert_len);
const uint8_t **cert, size_t *cert_len);
typedef enum {
typedef enum { X509_verify_err_cert_revoked = -2,
X509_verify_err_cert_revoked = -2, X509_verify_err_cert_not_yet_valid = -3,
X509_verify_err_cert_not_yet_valid = -3, X509_verify_err_cert_has_expired = -4,
X509_verify_err_cert_has_expired = -4, X509_verify_err_cert_chain_too_long = -5,
X509_verify_err_cert_chain_too_long = -5, } X509_VERIFY_ERR;
} X509_VERIFY_ERR;
int x509_certs_verify(const uint8_t *certs, size_t certslen,
int x509_certs_verify(const uint8_t *certs, size_t certslen, const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result);
const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result); int x509_certs_verify_tlcp(const uint8_t *certs, size_t certslen,
int x509_certs_verify_tlcp(const uint8_t *certs, size_t certslen, const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result);
const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result); int x509_certs_get_subjects(const uint8_t *certs, size_t certslen, uint8_t *names, size_t *nameslen);
int x509_certs_get_subjects(const uint8_t *certs, size_t certslen, uint8_t *names, size_t *nameslen); int x509_certs_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_certs_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
int x509_cert_new_from_file(uint8_t **out, size_t *outlen, const char *file);
int x509_cert_new_from_file(uint8_t **out, size_t *outlen, const char *file); int x509_certs_new_from_file(uint8_t **out, size_t *outlen, const char *file);
int x509_certs_new_from_file(uint8_t **out, size_t *outlen, const char *file);
#ifdef __cplusplus
#ifdef __cplusplus }
} #endif
#endif #endif
#endif

Some files were not shown because too many files have changed in this diff Show More