update sm9 api

2026-05-14 04:16:23 +08:00 · 2017-11-30 00:03:57 +08:00
parent 7be7ce60dc
commit 5bdb3e20ff
7 changed files with 60 additions and 31 deletions
--- a/crypto/ec2/pairing_lcl.h
+++ b/crypto/ec2/pairing_lcl.h
@@ -0,0 +1,24 @@
+
+
+
+typedef struct pairing_parameters_st {
+	long version;
+	ASN1_OBJECT *cid;
+	ASN1_INTEGER *p;
+	ASN1_INTEGER *a;
+	ASN1_INTEGER *b;
+	ASN1_OBJECT *beta;
+	ASN1_INTEGER *cofactor;
+	ASN1_INTEGER *order;
+	ASN1_INTEGER *embedded_degree;
+	ASN1_OCTET_STRING *G1;
+	ASN1_OCTET_STRING *G2;
+	ASN1_TYPE *eid;
+	ASN1_INTEGER *d1;
+	ASN1_INTEGER *d2;
+	ANS1_OBJECT *phi;
+}
+
+
+
+
--- a/crypto/sm9/sm9_enc.c
+++ b/crypto/sm9/sm9_enc.c
@@ -199,7 +199,7 @@ int SM9_wrap_key(SM9PublicParameters *mpk, size_t keylen,
 	}

 	/* h = H1(ID||hid) in range [0, mpk->order] */
-	if (!SM9_hash1(md, &h, id, idlen, SM9_HID, mpk->order, bn_ctx)) {
+	if (!SM9_hash1(md, &h, id, idlen, SM9_HID_ENC, mpk->order, bn_ctx)) {
 		SM9err(SM9_F_SM9_WRAP_KEY, SM9_R_HASH_FAILURE);
 		goto end;
 	}
@@ -1061,8 +1061,10 @@ int SM9_encrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams,
 		goto end;
 	}

+	//TODO: ret!!
+
 end:
-	return 0;
+	return ret;
 }

 int SM9_decrypt(SM9PublicParameters *mpk, const SM9EncParameters *encparams,
--- a/crypto/sm9/sm9_keygen.c
+++ b/crypto/sm9/sm9_keygen.c
@@ -53,6 +53,11 @@
 #include <openssl/ec_type1.h>
 #include "sm9_lcl.h"

+static int SM9PublicParameters_get_usage(SM9PublicParameters *mpk)
+{
+	//FIXME
+	return SM9_HID_SIGN;
+}

 SM9PrivateKey *SM9_extract_private_key(SM9PublicParameters *mpk,
 	SM9MasterSecret *msk, const char *id, size_t idlen)
@@ -67,6 +72,8 @@ SM9PrivateKey *SM9_extract_private_key(SM9PublicParameters *mpk,
 	int point_form = POINT_CONVERSION_UNCOMPRESSED;
 	size_t size;

+	int hid = SM9PublicParameters_get_usage(mpk);
+
 	if (!mpk || !msk || !id) {
 		SM9err(SM9_F_SM9_EXTRACT_PRIVATE_KEY,
 			ERR_R_PASSED_NULL_PARAMETER);
@@ -111,7 +118,7 @@ SM9PrivateKey *SM9_extract_private_key(SM9PublicParameters *mpk,
 	}

 	/* h = H1(ID||HID) in [0, mpk->order] */
-	if (!SM9_hash1(md, &h, id, idlen, SM9_HID, mpk->order, bn_ctx)) {
+	if (!SM9_hash1(md, &h, id, idlen, hid, mpk->order, bn_ctx)) {
 		SM9err(SM9_F_SM9_EXTRACT_PRIVATE_KEY, ERR_R_SM9_LIB);
 		goto end;
 	}
--- a/crypto/sm9/sm9_lcl.h
+++ b/crypto/sm9/sm9_lcl.h
@@ -54,21 +54,23 @@
 #include <openssl/sm9.h>

 /* Curve ID */
-/* 一个字节表示的曲线类型 */
-#define SM9_CID_TYPE0CURVE	0x10 /* Fp上的常曲线 */
-#define SM9_CID_TYPE1CURVE	0x11 /* Fp上的超奇异曲线 */
-#define SM9_CID_TYPE2CURVE	0x12 /* Fp上常曲线及其扭曲线 */
+/* non-supersingular curve over Fp */
+#define SM9_CID_TYPE0CURVE	0x10
+/* supersingular curve over Fp */
+#define SM9_CID_TYPE1CURVE	0x11
+/* twist curve over Fp */
+#define SM9_CID_TYPE2CURVE	0x12

-/* Pairing ID */
-/* 一个字节表示的双线性对类型 */
+/* Pairing Type */
 #define SM9_EID_TATE		0x01
 #define SM9_EID_WEIL		0x02
 #define SM9_EID_ATE		0x03
-#define SM9_EID_RATE		0x04
+#define SM9_EID_R_ATE		0x04

-/* not clear what it is */
-/* 一个字节的签名私钥生成函数标识符 */
-#define SM9_HID			0xc9
+/* phi() with different embedded degree */
+#define SM9_PHI_D2		0x02
+#define SM9_PHI_D4		0x04
+#define SM9_PHI_D6		0x06

 #ifdef __cplusplus
 extern "C" {
@@ -96,9 +98,6 @@ struct SM9MasterSecret_st {
 	BIGNUM *masterSecret;
 };

-/* 签名算法中公钥为G2上的点
- * 密钥交换和加密中为G1上的点
- */
 struct SM9PublicKey_st {
 	ASN1_OCTET_STRING *publicPoint;
 };
@@ -118,7 +117,6 @@ struct SM9Signature_st {
 	ASN1_OCTET_STRING *pointS;
 };

-
 int SM9_hash1(const EVP_MD *md, BIGNUM **r,
 	const char *id, size_t idlen, unsigned char hid,
 	const BIGNUM *range, BN_CTX *ctx);
--- a/crypto/sm9/sm9_setup.c
+++ b/crypto/sm9/sm9_setup.c
@@ -51,6 +51,7 @@
 #include <openssl/sm9.h>
 #include "sm9_lcl.h"

+//TODO: `hid` should be add to arguments
 int SM9_setup_type1curve(const EC_GROUP *group, const EVP_MD *md,
 	SM9PublicParameters **pmpk, SM9MasterSecret **pmsk)
 {
@@ -214,7 +215,7 @@ end:
 	return ret;
 }

-int SM9_setup_by_pairing_name(int nid,
+int SM9_setup_by_pairing_name(int nid, int hid,
 	SM9PublicParameters **mpk, SM9MasterSecret **msk)
 {
 	EC_GROUP *group = EC_GROUP_new_sm9s256t1();
--- a/crypto/sm9/sm9_sign.c
+++ b/crypto/sm9/sm9_sign.c
@@ -333,7 +333,7 @@ int SM9_do_verify_type1curve(SM9PublicParameters *mpk,
 	}

 	/* h1 = H1(ID||hid) to range [0, mpk->order) */
-	if (!SM9_hash1(md, &h1, id, idlen, SM9_HID, mpk->order, bn_ctx)) {
+	if (!SM9_hash1(md, &h1, id, idlen, SM9_HID_SIGN, mpk->order, bn_ctx)) {
 		SM9err(SM9_F_SM9_DO_VERIFY_TYPE1CURVE, ERR_R_SM9_LIB);
 		goto end;
 	}
--- a/include/openssl/sm9.h
+++ b/include/openssl/sm9.h
@@ -62,6 +62,11 @@
 #define SM9_MAX_ID_BITS		65535
 #define SM9_MAX_ID_LENGTH	(SM9_MAX_ID_BITS/8)

+/* private key extract algorithms */
+#define SM9_HID_SIGN		0x01
+#define SM9_HID_EXCH		0x02
+#define SM9_HID_ENC		0x03
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -73,21 +78,13 @@ typedef struct SM9PrivateKey_st SM9PrivateKey;
 typedef struct SM9Ciphertext_st SM9Ciphertext;
 typedef struct SM9Signature_st SM9Signature;

-int SM9_setup_by_pairing_name(int nid,
-	SM9PublicParameters **mpk,
-	SM9MasterSecret **msk);
+int SM9_setup_by_pairing_name(int nid, int hid,
+	SM9PublicParameters **mpk, SM9MasterSecret **msk);

 SM9PrivateKey *SM9_extract_private_key(SM9PublicParameters *mpk,
-	SM9MasterSecret *msk,
-	const char *id, size_t idlen);
+	SM9MasterSecret *msk, const char *id, size_t idlen);

-SM9PublicKey *SM9_extract_sign_public_key(SM9PublicParameters *mpk,
-	const char *id, size_t idlen);
-
-SM9PublicKey *SM9_extract_exch_public_key(SM9PublicParameters *mpk,
-	const char *id, size_t idlen);
-
-SM9PublicKey *SM9_extract_enc_public_key(SM9PublicParameters *mpk,
+SM9PublicKey *SM9_extract_public_key(SM9PublicParameters *mpk,
 	const char *id, size_t idlen);

 SM9PublicKey *SM9PrivateKey_get_public_key(SM9PublicParameters *mpk,