From 5e387886599350832ebb49f96de13258376f6657 Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Mon, 3 Oct 2022 11:36:03 +0800 Subject: [PATCH] Add Windows and Visual Studio support --- include/gmssl/asn1.h | 2 +- include/gmssl/cms.h | 2 +- include/gmssl/pkcs8.h | 2 +- include/gmssl/sm2.h | 2 +- include/gmssl/tls.h | 8 +- include/gmssl/version.h | 4 +- include/gmssl/x509.h | 2 +- include/gmssl/x509_ext.h | 2 +- src/asn1.c | 22 +- src/cms.c | 13 +- src/gcm.c | 2 +- src/hello.c | 12 ++ src/pem.c | 16 +- src/sm2_alg.c | 2 +- src/sm2_key.c | 2 +- src/sm3_avx.c | 376 +++++++++++++++++++++++++++++++++ src/sm4_avx.c | 437 +++++++++++++++++++++++++++++++++++++++ src/sm4_modes.c | 4 - src/sm4ni.c | 120 +++++++++++ src/sm9_key.c | 2 +- src/sm9_lib.c | 16 +- src/tlcp.c | 6 +- src/tls.c | 20 +- src/tls12.c | 6 +- src/tls13.c | 6 +- src/tls_ext.c | 11 +- src/tls_trace.c | 4 +- src/x509_cer.c | 2 +- src/x509_ext.c | 9 +- src/x509_str.c | 2 +- tests/asn1test.c | 3 +- tests/hash_drbgtest.c | 2 +- tools/cmsencrypt.c | 2 +- tools/gmssl.c | 2 + tools/sm2sign.c | 2 +- tools/sm2verify.c | 2 +- tools/sm3.c | 2 +- tools/sm9sign.c | 2 +- tools/sm9verify.c | 4 +- tools/tlcp_client.c | 14 +- tools/tlcp_server.c | 13 +- tools/tls12_client.c | 23 ++- tools/tls12_server.c | 8 + tools/tls13_client.c | 13 +- tools/tls13_server.c | 8 + 45 files changed, 1147 insertions(+), 67 deletions(-) create mode 100644 src/hello.c create mode 100644 src/sm3_avx.c create mode 100644 src/sm4_avx.c create mode 100644 src/sm4ni.c diff --git a/include/gmssl/asn1.h b/include/gmssl/asn1.h index b8d667a8..f38da00d 100644 --- a/include/gmssl/asn1.h +++ b/include/gmssl/asn1.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/include/gmssl/cms.h b/include/gmssl/cms.h index 64ed93ce..e52e0575 100644 --- a/include/gmssl/cms.h +++ b/include/gmssl/cms.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/include/gmssl/pkcs8.h b/include/gmssl/pkcs8.h index 7a4c506d..9233b5c5 100644 --- a/include/gmssl/pkcs8.h +++ b/include/gmssl/pkcs8.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/include/gmssl/sm2.h b/include/gmssl/sm2.h index 4c8d02ab..3c1baf77 100644 --- a/include/gmssl/sm2.h +++ b/include/gmssl/sm2.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/include/gmssl/tls.h b/include/gmssl/tls.h index c698c03e..3f413fd3 100644 --- a/include/gmssl/tls.h +++ b/include/gmssl/tls.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -12,6 +12,12 @@ #ifndef GMSSL_TLS_H #define GMSSL_TLS_H +#ifdef WIN32 +#pragma comment (lib, "Ws2_32.lib") +#pragma comment (lib, "Mswsock.lib") +#pragma comment (lib, "AdvApi32.lib") +#endif + #include #include diff --git a/include/gmssl/version.h b/include/gmssl/version.h index 0b35cfaf..320e69b8 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -23,8 +23,8 @@ Version Public API gmssl_version_str */ -#define GMSSL_VERSION_NUM 30000 -#define GMSSL_VERSION_STR "GmSSL 3.0.0" +#define GMSSL_VERSION_NUM 30100 +#define GMSSL_VERSION_STR "GmSSL 3.1.0 Dev" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/include/gmssl/x509.h b/include/gmssl/x509.h index 999fb593..03b6193e 100644 --- a/include/gmssl/x509.h +++ b/include/gmssl/x509.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/include/gmssl/x509_ext.h b/include/gmssl/x509_ext.h index 241a18de..4f9ef23e 100644 --- a/include/gmssl/x509_ext.h +++ b/include/gmssl/x509_ext.h @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/src/asn1.c b/src/asn1.c index 1b1ae4e3..fc56efb7 100644 --- a/src/asn1.c +++ b/src/asn1.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -20,9 +20,27 @@ #include #include #include -#include +#include +#ifdef WIN32 +time_t timegm(struct tm* timeptr) +{ +#error "Not implemented" + return 0; +} +struct tm* gmtime_r(const time_t* clock, struct tm* result) +{ +#error "Not implemented" + return NULL; +} + +char* strptime(const char* buf, const char* format, struct tm* timeptr) +{ +#error "Not implemented" + return NULL; +} +#endif /* ## 返回值 diff --git a/src/cms.c b/src/cms.c index bca3d7df..0d665bf9 100644 --- a/src/cms.c +++ b/src/cms.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -345,8 +345,15 @@ int cms_enced_content_info_encrypt_to_der( { int ret; SM4_KEY sm4_key; - uint8_t enced_content[32 + content_len]; // FIXME: 如果content_len 过长,会直接导致segment fault - size_t enced_content_len = 100; + uint8_t* enced_content = NULL; + size_t enced_content_len = 100; // FIXME: why 100? + + if (!(enced_content = malloc(32 + content_len))) { + error_print(); + return -1; + } + + if (enc_algor != OID_sm4_cbc || keylen != 16 || ivlen != 16) { error_print(); diff --git a/src/gcm.c b/src/gcm.c index e146f8ae..3f032f57 100644 --- a/src/gcm.c +++ b/src/gcm.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/src/hello.c b/src/hello.c new file mode 100644 index 00000000..8d9ebf05 --- /dev/null +++ b/src/hello.c @@ -0,0 +1,12 @@ +#include +#include +#include +#include +#include + +#pragma comment(lib, "Ws2_32.lib") + +int main() { + printf("winsock2"); + return 0; +} \ No newline at end of file diff --git a/src/pem.c b/src/pem.c index 5b28a23b..303184b1 100644 --- a/src/pem.c +++ b/src/pem.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -15,13 +15,23 @@ #include -int pem_write(FILE *fp, const char *name, const uint8_t *data, size_t datalen) +int pem_write(FILE* fp, const char* name, const uint8_t* data, size_t datalen) { int ret = 0; BASE64_CTX ctx; - uint8_t b64[datalen * 2]; + uint8_t* b64 = NULL; int len; + if (!datalen) { + error_print(); + return -1; + } + + if (!(b64 = malloc(datalen * 2))) { + error_print(); + return -1; + } + base64_encode_init(&ctx); base64_encode_update(&ctx, data, (int)datalen, b64, &len); base64_encode_finish(&ctx, b64 + len, &len); diff --git a/src/sm2_alg.c b/src/sm2_alg.c index 7d57e74e..ce733b34 100644 --- a/src/sm2_alg.c +++ b/src/sm2_alg.c @@ -19,7 +19,7 @@ #include -#define sm2_print_bn(label,a) sm2_bn_print(stderr,0,0,label,a) // 这个不应该放在这里,应该放在测试文件中 +#define sm2_print_bn(label,a) sm2_bn_print(stderr,0,0,label,a) // Ӧ÷Ӧ÷ڲļ diff --git a/src/sm2_key.c b/src/sm2_key.c index 2f038bf9..d8d7b154 100644 --- a/src/sm2_key.c +++ b/src/sm2_key.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/src/sm3_avx.c b/src/sm3_avx.c new file mode 100644 index 00000000..a1401dee --- /dev/null +++ b/src/sm3_avx.c @@ -0,0 +1,376 @@ +/* + * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * + * http://www.apache.org/licenses/LICENSE-2.0 + */ + + +#include +#include +#include +#include + + +#ifdef SM3_SSE3 +# include +# include + +# define _mm_rotl_epi32(X,i) \ + _mm_xor_si128(_mm_slli_epi32((X),(i)), _mm_srli_epi32((X),32-(i))) +#endif + + +#define ROTL(x,n) (((x)<<(n)) | ((x)>>(32-(n)))) +#define P0(x) ((x) ^ ROL32((x), 9) ^ ROL32((x),17)) +#define P1(x) ((x) ^ ROL32((x),15) ^ ROL32((x),23)) + +#define FF00(x,y,z) ((x) ^ (y) ^ (z)) +#define FF16(x,y,z) (((x)&(y)) | ((x)&(z)) | ((y)&(z))) +#define GG00(x,y,z) ((x) ^ (y) ^ (z)) +#define GG16(x,y,z) ((((y)^(z)) & (x)) ^ (z)) + +#define R(A, B, C, D, E, F, G, H, xx) \ + SS1 = ROL32((ROL32(A, 12) + E + K[j]), 7); \ + SS2 = SS1 ^ ROL32(A, 12); \ + TT1 = FF##xx(A, B, C) + D + SS2 + (W[j] ^ W[j + 4]); \ + TT2 = GG##xx(E, F, G) + H + SS1 + W[j]; \ + B = ROL32(B, 9); \ + H = TT1; \ + F = ROL32(F, 19); \ + D = P0(TT2); \ + j++ + +#define R8(A, B, C, D, E, F, G, H, xx) \ + R(A, B, C, D, E, F, G, H, xx); \ + R(H, A, B, C, D, E, F, G, xx); \ + R(G, H, A, B, C, D, E, F, xx); \ + R(F, G, H, A, B, C, D, E, xx); \ + R(E, F, G, H, A, B, C, D, xx); \ + R(D, E, F, G, H, A, B, C, xx); \ + R(C, D, E, F, G, H, A, B, xx); \ + R(B, C, D, E, F, G, H, A, xx) + + + +#define T00 0x79cc4519U +#define T16 0x7a879d8aU + +#define K0 0x79cc4519U +#define K1 0xf3988a32U +#define K2 0xe7311465U +#define K3 0xce6228cbU +#define K4 0x9cc45197U +#define K5 0x3988a32fU +#define K6 0x7311465eU +#define K7 0xe6228cbcU +#define K8 0xcc451979U +#define K9 0x988a32f3U +#define K10 0x311465e7U +#define K11 0x6228cbceU +#define K12 0xc451979cU +#define K13 0x88a32f39U +#define K14 0x11465e73U +#define K15 0x228cbce6U +#define K16 0x9d8a7a87U +#define K17 0x3b14f50fU +#define K18 0x7629ea1eU +#define K19 0xec53d43cU +#define K20 0xd8a7a879U +#define K21 0xb14f50f3U +#define K22 0x629ea1e7U +#define K23 0xc53d43ceU +#define K24 0x8a7a879dU +#define K25 0x14f50f3bU +#define K26 0x29ea1e76U +#define K27 0x53d43cecU +#define K28 0xa7a879d8U +#define K29 0x4f50f3b1U +#define K30 0x9ea1e762U +#define K31 0x3d43cec5U +#define K32 0x7a879d8aU +#define K33 0xf50f3b14U +#define K34 0xea1e7629U +#define K35 0xd43cec53U +#define K36 0xa879d8a7U +#define K37 0x50f3b14fU +#define K38 0xa1e7629eU +#define K39 0x43cec53dU +#define K40 0x879d8a7aU +#define K41 0x0f3b14f5U +#define K42 0x1e7629eaU +#define K43 0x3cec53d4U +#define K44 0x79d8a7a8U +#define K45 0xf3b14f50U +#define K46 0xe7629ea1U +#define K47 0xcec53d43U +#define K48 0x9d8a7a87U +#define K49 0x3b14f50fU +#define K50 0x7629ea1eU +#define K51 0xec53d43cU +#define K52 0xd8a7a879U +#define K53 0xb14f50f3U +#define K54 0x629ea1e7U +#define K55 0xc53d43ceU +#define K56 0x8a7a879dU +#define K57 0x14f50f3bU +#define K58 0x29ea1e76U +#define K59 0x53d43cecU +#define K60 0xa7a879d8U +#define K61 0x4f50f3b1U +#define K62 0x9ea1e762U +#define K63 0x3d43cec5U + +static uint32_t K[64] = { + K0, K1, K2, K3, K4, K5, K6, K7, + K8, K9, K10, K11, K12, K13, K14, K15, + K16, K17, K18, K19, K20, K21, K22, K23, + K24, K25, K26, K27, K28, K29, K30, K31, + K32, K33, K34, K35, K36, K37, K38, K39, + K40, K41, K42, K43, K44, K45, K46, K47, + K48, K49, K50, K51, K52, K53, K54, K55, + K56, K57, K58, K59, K60, K61, K62, K63, + /* + 0x79cc4519U, 0xf3988a32U, 0xe7311465U, 0xce6228cbU, + 0x9cc45197U, 0x3988a32fU, 0x7311465eU, 0xe6228cbcU, + 0xcc451979U, 0x988a32f3U, 0x311465e7U, 0x6228cbceU, + 0xc451979cU, 0x88a32f39U, 0x11465e73U, 0x228cbce6U, + 0x9d8a7a87U, 0x3b14f50fU, 0x7629ea1eU, 0xec53d43cU, + 0xd8a7a879U, 0xb14f50f3U, 0x629ea1e7U, 0xc53d43ceU, + 0x8a7a879dU, 0x14f50f3bU, 0x29ea1e76U, 0x53d43cecU, + 0xa7a879d8U, 0x4f50f3b1U, 0x9ea1e762U, 0x3d43cec5U, + 0x7a879d8aU, 0xf50f3b14U, 0xea1e7629U, 0xd43cec53U, + 0xa879d8a7U, 0x50f3b14fU, 0xa1e7629eU, 0x43cec53dU, + 0x879d8a7aU, 0x0f3b14f5U, 0x1e7629eaU, 0x3cec53d4U, + 0x79d8a7a8U, 0xf3b14f50U, 0xe7629ea1U, 0xcec53d43U, + 0x9d8a7a87U, 0x3b14f50fU, 0x7629ea1eU, 0xec53d43cU, + 0xd8a7a879U, 0xb14f50f3U, 0x629ea1e7U, 0xc53d43ceU, + 0x8a7a879dU, 0x14f50f3bU, 0x29ea1e76U, 0x53d43cecU, + 0xa7a879d8U, 0x4f50f3b1U, 0x9ea1e762U, 0x3d43cec5U, + */ +}; + +void sm3_compress_blocks_(uint32_t digest[8], const uint8_t *data, size_t blocks) +{ + uint32_t A; + uint32_t B; + uint32_t C; + uint32_t D; + uint32_t E; + uint32_t F; + uint32_t G; + uint32_t H; + uint32_t W[68]; + uint32_t SS1, SS2, TT1, TT2; + int j; + +#ifdef SM3_SSE3 + __m128i X, T, R; + __m128i M = _mm_setr_epi32(0, 0, 0, 0xffffffff); + __m128i V = _mm_setr_epi8(3,2,1,0,7,6,5,4,11,10,9,8,15,14,13,12); +#endif + + while (blocks--) { + + A = digest[0]; + B = digest[1]; + C = digest[2]; + D = digest[3]; + E = digest[4]; + F = digest[5]; + G = digest[6]; + H = digest[7]; + + +#ifdef SM3_SSE3 + + for (j = 0; j < 16; j += 4) { + X = _mm_loadu_si128((__m128i *)(data + j * 4)); + X = _mm_shuffle_epi8(X, V); + _mm_storeu_si128((__m128i *)(W + j), X); + } + + for (j = 16; j < 68; j += 4) { + /* X = (W[j - 3], W[j - 2], W[j - 1], 0) */ + X = _mm_loadu_si128((__m128i *)(W + j - 3)); + X = _mm_andnot_si128(M, X); + + X = _mm_rotl_epi32(X, 15); + T = _mm_loadu_si128((__m128i *)(W + j - 9)); + X = _mm_xor_si128(X, T); + T = _mm_loadu_si128((__m128i *)(W + j - 16)); + X = _mm_xor_si128(X, T); + + /* P1() */ + T = _mm_rotl_epi32(X, (23 - 15)); + T = _mm_xor_si128(T, X); + T = _mm_rotl_epi32(T, 15); + X = _mm_xor_si128(X, T); + + T = _mm_loadu_si128((__m128i *)(W + j - 13)); + T = _mm_rotl_epi32(T, 7); + X = _mm_xor_si128(X, T); + T = _mm_loadu_si128((__m128i *)(W + j - 6)); + X = _mm_xor_si128(X, T); + + /* W[j + 3] ^= P1(ROL32(W[j + 1], 15)) */ + R = _mm_shuffle_epi32(X, 0); + R = _mm_and_si128(R, M); + T = _mm_rotl_epi32(R, 15); + T = _mm_xor_si128(T, R); + T = _mm_rotl_epi32(T, 9); + R = _mm_xor_si128(R, T); + R = _mm_rotl_epi32(R, 6); + X = _mm_xor_si128(X, R); + + _mm_storeu_si128((__m128i *)(W + j), X); + } +#else + for (j = 0; j < 16; j++) + W[j] = GETU32(data + j*4); + + for (; j < 68; j++) + W[j] = P1(W[j - 16] ^ W[j - 9] ^ ROL32(W[j - 3], 15)) + ^ ROL32(W[j - 13], 7) ^ W[j - 6]; +#endif + + + j = 0; + +#define FULL_UNROLL +#ifdef FULL_UNROLL + R8(A, B, C, D, E, F, G, H, 00); + R8(A, B, C, D, E, F, G, H, 00); + R8(A, B, C, D, E, F, G, H, 16); + R8(A, B, C, D, E, F, G, H, 16); + R8(A, B, C, D, E, F, G, H, 16); + R8(A, B, C, D, E, F, G, H, 16); + R8(A, B, C, D, E, F, G, H, 16); + R8(A, B, C, D, E, F, G, H, 16); +#else + for (; j < 16; j++) { + SS1 = ROL32((ROL32(A, 12) + E + K(j)), 7); + SS2 = SS1 ^ ROL32(A, 12); + TT1 = FF00(A, B, C) + D + SS2 + (W[j] ^ W[j + 4]); + TT2 = GG00(E, F, G) + H + SS1 + W[j]; + D = C; + C = ROL32(B, 9); + B = A; + A = TT1; + H = G; + G = ROL32(F, 19); + F = E; + E = P0(TT2); + } + + for (; j < 64; j++) { + SS1 = ROL32((ROL32(A, 12) + E + K(j)), 7); + SS2 = SS1 ^ ROL32(A, 12); + TT1 = FF16(A, B, C) + D + SS2 + (W[j] ^ W[j + 4]); + TT2 = GG16(E, F, G) + H + SS1 + W[j]; + D = C; + C = ROL32(B, 9); + B = A; + A = TT1; + H = G; + G = ROL32(F, 19); + F = E; + E = P0(TT2); + } +#endif + + digest[0] ^= A; + digest[1] ^= B; + digest[2] ^= C; + digest[3] ^= D; + digest[4] ^= E; + digest[5] ^= F; + digest[6] ^= G; + digest[7] ^= H; + + data += 64; + } +} + + +void sm3_init(SM3_CTX *ctx) +{ + memset(ctx, 0, sizeof(*ctx)); + ctx->digest[0] = 0x7380166F; + ctx->digest[1] = 0x4914B2B9; + ctx->digest[2] = 0x172442D7; + ctx->digest[3] = 0xDA8A0600; + ctx->digest[4] = 0xA96F30BC; + ctx->digest[5] = 0x163138AA; + ctx->digest[6] = 0xE38DEE4D; + ctx->digest[7] = 0xB0FB0E4E; +} + +void sm3_update(SM3_CTX *ctx, const uint8_t *data, size_t data_len) +{ + size_t blocks; + + ctx->num &= 0x3f; + if (ctx->num) { + unsigned int left = SM3_BLOCK_SIZE - ctx->num; + if (data_len < left) { + memcpy(ctx->block + ctx->num, data, data_len); + ctx->num += data_len; + return; + } else { + memcpy(ctx->block + ctx->num, data, left); + sm3_compress_blocks(ctx->digest, ctx->block, 1); + ctx->nblocks++; + data += left; + data_len -= left; + } + } + + blocks = data_len / SM3_BLOCK_SIZE; + // 这里如果blocks==0, sm3_compress_blocks是汇编实现,那么会导致汇编SegFault + if (blocks) { + sm3_compress_blocks(ctx->digest, data, (int)blocks); + ctx->nblocks += blocks; + data += SM3_BLOCK_SIZE * blocks; + data_len -= SM3_BLOCK_SIZE * blocks; + } + ctx->num = data_len; + if (data_len) { + memcpy(ctx->block, data, data_len); + } +} + +void sm3_finish(SM3_CTX *ctx, uint8_t *digest) +{ + int i; + + ctx->num &= 0x3f; + ctx->block[ctx->num] = 0x80; + + if (ctx->num <= SM3_BLOCK_SIZE - 9) { + memset(ctx->block + ctx->num + 1, 0, SM3_BLOCK_SIZE - ctx->num - 9); + } else { + memset(ctx->block + ctx->num + 1, 0, SM3_BLOCK_SIZE - ctx->num - 1); + sm3_compress_blocks(ctx->digest, ctx->block, 1); + memset(ctx->block, 0, SM3_BLOCK_SIZE - 8); + } + PUTU32(ctx->block + 56, ctx->nblocks >> 23); + PUTU32(ctx->block + 60, (ctx->nblocks << 9) + (ctx->num << 3)); + + sm3_compress_blocks(ctx->digest, ctx->block, 1); + for (i = 0; i < 8; i++) { + PUTU32(digest + i*4, ctx->digest[i]); + } + memset(ctx, 0, sizeof(SM3_CTX)); +} + +void sm3_digest(const uint8_t *msg, size_t msglen, + uint8_t dgst[SM3_DIGEST_SIZE]) +{ + SM3_CTX ctx; + sm3_init(&ctx); + sm3_update(&ctx, msg, msglen); + sm3_finish(&ctx, dgst); +} diff --git a/src/sm4_avx.c b/src/sm4_avx.c new file mode 100644 index 00000000..1204cdea --- /dev/null +++ b/src/sm4_avx.c @@ -0,0 +1,437 @@ +/* + * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * + * http://www.apache.org/licenses/LICENSE-2.0 + */ + + +#include +#include +#include +#include + +void sm4_cbc_encrypt(const SM4_KEY *key, const uint8_t iv[16], + const uint8_t *in, size_t nblocks, uint8_t *out) +{ + while (nblocks--) { + gmssl_memxor(out, in, iv, 16); + sm4_encrypt(key, out, out); + iv = out; + in += 16; + out += 16; + } +} + +void sm4_cbc_decrypt(const SM4_KEY *key, const uint8_t iv[16], + const uint8_t *in, size_t nblocks, uint8_t *out) +{ + while (nblocks--) { + sm4_encrypt(key, in, out); + memxor(out, iv, 16); + iv = in; + in += 16; + out += 16; + } +} + +int sm4_cbc_padding_encrypt(const SM4_KEY *key, const uint8_t iv[16], + const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen) +{ + uint8_t block[16]; + size_t rem = inlen % 16; + int padding = 16 - inlen % 16; + + if (in) { + memcpy(block, in + inlen - rem, rem); + } + memset(block + rem, padding, padding); + if (inlen/16) { + sm4_cbc_encrypt(key, iv, in, inlen/16, out); + out += inlen - rem; + iv = out - 16; + } + sm4_cbc_encrypt(key, iv, block, 1, out); + *outlen = inlen - rem + 16; + return 1; +} + +int sm4_cbc_padding_decrypt(const SM4_KEY *key, const uint8_t iv[16], + const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen) +{ + uint8_t block[16]; + size_t len = sizeof(block); + int padding; + + if (inlen == 0) { + error_puts("warning: input lenght = 0"); + return 0; + } + if (inlen%16 != 0 || inlen < 16) { + error_puts("invalid cbc ciphertext length"); + return -1; + } + if (inlen > 16) { + sm4_cbc_decrypt(key, iv, in, inlen/16 - 1, out); + iv = in + inlen - 32; + } + sm4_cbc_decrypt(key, iv, in + inlen - 16, 1, block); + + padding = block[15]; + if (padding < 1 || padding > 16) { + error_print(); + return -1; + } + len -= padding; + memcpy(out + inlen - 16, block, len); + *outlen = inlen - padding; + return 1; +} + +static void ctr_incr(uint8_t a[16]) +{ + int i; + for (i = 15; i >= 0; i--) { + a[i]++; + if (a[i]) break; + } +} + +// 这个函数支持任意长度的输入,如果输入的长度不是整数长度,那么调用会出现错误 +// 如果输出的长度正好可以凑够4个分组,那么我们就可以一次性的加密4个分组 +// 我们还是应该先准备一个底层的封装,就是CTR模式,给定一个ctr,然后我们输出的是4个分组,并且对ctr做一个变化 + +void sm4_encrypt4(const uint32_t rk[32], void *src, const void *dst); + +void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[16], const uint8_t *in, size_t inlen, uint8_t *out) +{ + uint8_t blocks[64]; + + while (inlen >= 64) { + memcpy(blocks, ctr, 16); ctr_incr(ctr); + memcpy(blocks + 16, ctr, 16); ctr_incr(ctr); + memcpy(blocks + 32, ctr, 16); ctr_incr(ctr); + memcpy(blocks + 48, ctr, 16); ctr_incr(ctr); + sm4_encrypt4(key->rk, blocks, blocks); + gmssl_memxor(out, in, blocks, 64); + in += 64; + out += 64; + inlen -= 64; + } + + while (inlen) { + size_t len = inlen < 16 ? inlen : 16; + sm4_encrypt(key, ctr, blocks); + gmssl_memxor(out, in, blocks, len); + ctr_incr(ctr); + in += len; + out += len; + inlen -= len; + } +} + +/* +void sm4_ctr_encrypt(const SM4_KEY *key, uint8_t ctr[16], const uint8_t *in, size_t inlen, uint8_t *out) +{ + uint8_t block[16]; + size_t len; + + while (inlen) { + len = inlen < 16 ? inlen : 16; + sm4_encrypt(key, ctr, block); + gmssl_memxor(out, in, block, len); + ctr_incr(ctr); + in += len; + out += len; + inlen -= len; + } +} +*/ + +int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen, + const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, + uint8_t *out, size_t taglen, uint8_t *tag) +{ + const uint8_t *pin = in; + uint8_t *pout = out; + size_t left = inlen; + uint8_t H[16] = {0}; + uint8_t Y[16]; + uint8_t T[16]; + + if (taglen > SM4_GCM_MAX_TAG_SIZE) { + error_print(); + return -1; + } + + sm4_encrypt(key, H, H); + + if (ivlen == 12) { + memcpy(Y, iv, 12); + Y[12] = Y[13] = Y[14] = 0; + Y[15] = 1; + } else { + ghash(H, NULL, 0, iv, ivlen, Y); + } + + sm4_encrypt(key, Y, T); + + while (left) { + uint8_t block[16]; + size_t len = left < 16 ? left : 16; + ctr_incr(Y); + sm4_encrypt(key, Y, block); + gmssl_memxor(pout, pin, block, len); + pin += len; + pout += len; + left -= len; + } + + ghash(H, aad, aadlen, out, inlen, H); + gmssl_memxor(tag, T, H, taglen); + return 1; +} + +int sm4_gcm_decrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen, + const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen, + const uint8_t *tag, size_t taglen, uint8_t *out) +{ + const uint8_t *pin = in; + uint8_t *pout = out; + size_t left = inlen; + uint8_t H[16] = {0}; + uint8_t Y[16]; + uint8_t T[16]; + + sm4_encrypt(key, H, H); + + if (ivlen == 12) { + memcpy(Y, iv, 12); + Y[12] = Y[13] = Y[14] = 0; + Y[15] = 1; + } else { + ghash(H, NULL, 0, iv, ivlen, Y); + } + + ghash(H, aad, aadlen, in, inlen, H); + sm4_encrypt(key, Y, T); + gmssl_memxor(T, T, H, taglen); + if (memcmp(T, tag, taglen) != 0) { + error_print(); + return -1; + } + + while (left) { + uint8_t block[16]; + size_t len = left < 16 ? left : 16; + ctr_incr(Y); + sm4_encrypt(key, Y, block); + gmssl_memxor(pout, pin, block, len); + pin += len; + pout += len; + left -= len; + } + return 1; +} + +int sm4_cbc_encrypt_init(SM4_CBC_CTX *ctx, + const uint8_t key[SM4_BLOCK_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]) +{ + sm4_set_encrypt_key(&ctx->sm4_key, key); + memcpy(ctx->iv, iv, SM4_BLOCK_SIZE); + memset(ctx->block, 0, SM4_BLOCK_SIZE); + ctx->block_nbytes = 0; + return 1; +} + +int sm4_cbc_encrypt_update(SM4_CBC_CTX *ctx, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) +{ + size_t left; + size_t nblocks; + size_t len; + + if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + *outlen = 0; + if (ctx->block_nbytes) { + left = SM4_BLOCK_SIZE - ctx->block_nbytes; + if (inlen < left) { + memcpy(ctx->block + ctx->block_nbytes, in, inlen); + ctx->block_nbytes += inlen; + return 1; + } + memcpy(ctx->block + ctx->block_nbytes, in, left); + sm4_cbc_encrypt(&ctx->sm4_key, ctx->iv, ctx->block, 1, out); + memcpy(ctx->iv, out, SM4_BLOCK_SIZE); + in += left; + inlen -= left; + out += SM4_BLOCK_SIZE; + *outlen += SM4_BLOCK_SIZE; + } + if (inlen >= SM4_BLOCK_SIZE) { + nblocks = inlen / SM4_BLOCK_SIZE; + len = nblocks * SM4_BLOCK_SIZE; + sm4_cbc_encrypt(&ctx->sm4_key, ctx->iv, in, nblocks, out); + memcpy(ctx->iv, out + len - SM4_BLOCK_SIZE, SM4_BLOCK_SIZE); + in += len; + inlen -= len; + out += len; + *outlen += len; + } + if (inlen) { + memcpy(ctx->block, in, inlen); + } + ctx->block_nbytes = inlen; + return 1; +} + +int sm4_cbc_encrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen) +{ + size_t left; + size_t i; + + if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + if (sm4_cbc_padding_encrypt(&ctx->sm4_key, ctx->iv, ctx->block, ctx->block_nbytes, out, outlen) != 1) { + error_print(); + return -1; + } + return 1; +} + +int sm4_cbc_decrypt_init(SM4_CBC_CTX *ctx, + const uint8_t key[SM4_BLOCK_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]) +{ + sm4_set_decrypt_key(&ctx->sm4_key, key); + memcpy(ctx->iv, iv, SM4_BLOCK_SIZE); + memset(ctx->block, 0, SM4_BLOCK_SIZE); + ctx->block_nbytes = 0; + return 1; +} + +int sm4_cbc_decrypt_update(SM4_CBC_CTX *ctx, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) +{ + size_t left, len, nblocks; + + if (ctx->block_nbytes > SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + + *outlen = 0; + if (ctx->block_nbytes) { + left = SM4_BLOCK_SIZE - ctx->block_nbytes; + if (inlen <= left) { + memcpy(ctx->block + ctx->block_nbytes, in, inlen); + ctx->block_nbytes += inlen; + return 1; + } + memcpy(ctx->block + ctx->block_nbytes, in, left); + sm4_cbc_decrypt(&ctx->sm4_key, ctx->iv, ctx->block, 1, out); + memcpy(ctx->iv, ctx->block, SM4_BLOCK_SIZE); + in += left; + inlen -= left; + out += SM4_BLOCK_SIZE; + *outlen += SM4_BLOCK_SIZE; + } + if (inlen > SM4_BLOCK_SIZE) { + nblocks = (inlen-1) / SM4_BLOCK_SIZE; + len = nblocks * SM4_BLOCK_SIZE; + sm4_cbc_decrypt(&ctx->sm4_key, ctx->iv, in, nblocks, out); + memcpy(ctx->iv, in + len - SM4_BLOCK_SIZE, SM4_BLOCK_SIZE); + in += len; + inlen -= len; + out += len; + *outlen += len; + } + memcpy(ctx->block, in, inlen); + ctx->block_nbytes = inlen; + return 1; +} + +int sm4_cbc_decrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen) +{ + if (ctx->block_nbytes != SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + if (sm4_cbc_padding_decrypt(&ctx->sm4_key, ctx->iv, ctx->block, SM4_BLOCK_SIZE, out, outlen) != 1) { + error_print(); + return -1; + } + return 1; +} + +int sm4_ctr_encrypt_init(SM4_CTR_CTX *ctx, + const uint8_t key[SM4_BLOCK_SIZE], const uint8_t ctr[SM4_BLOCK_SIZE]) +{ + sm4_set_encrypt_key(&ctx->sm4_key, key); + memcpy(ctx->ctr, ctr, SM4_BLOCK_SIZE); + memset(ctx->block, 0, SM4_BLOCK_SIZE); + ctx->block_nbytes = 0; + return 1; +} + +int sm4_ctr_encrypt_update(SM4_CTR_CTX *ctx, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) +{ + size_t left; + size_t nblocks; + size_t len; + + if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + *outlen = 0; + if (ctx->block_nbytes) { + left = SM4_BLOCK_SIZE - ctx->block_nbytes; + if (inlen < left) { + memcpy(ctx->block + ctx->block_nbytes, in, inlen); + ctx->block_nbytes += inlen; + return 1; + } + memcpy(ctx->block + ctx->block_nbytes, in, left); + sm4_ctr_encrypt(&ctx->sm4_key, ctx->ctr, ctx->block, SM4_BLOCK_SIZE, out); + in += left; + inlen -= left; + out += SM4_BLOCK_SIZE; + *outlen += SM4_BLOCK_SIZE; + } + if (inlen >= SM4_BLOCK_SIZE) { + nblocks = inlen / SM4_BLOCK_SIZE; + len = nblocks * SM4_BLOCK_SIZE; + sm4_ctr_encrypt(&ctx->sm4_key, ctx->ctr, in, len, out); + in += len; + inlen -= len; + out += len; + *outlen += len; + } + if (inlen) { + memcpy(ctx->block, in, inlen); + } + ctx->block_nbytes = inlen; + return 1; +} + +int sm4_ctr_encrypt_finish(SM4_CTR_CTX *ctx, uint8_t *out, size_t *outlen) +{ + size_t left; + if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { + error_print(); + return -1; + } + sm4_ctr_encrypt(&ctx->sm4_key, ctx->ctr, ctx->block, ctx->block_nbytes, out); + *outlen = ctx->block_nbytes; + return 1; +} diff --git a/src/sm4_modes.c b/src/sm4_modes.c index 1e707407..c6a8f786 100644 --- a/src/sm4_modes.c +++ b/src/sm4_modes.c @@ -259,9 +259,6 @@ int sm4_cbc_encrypt_update(SM4_CBC_CTX *ctx, int sm4_cbc_encrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen) { - size_t left; - size_t i; - if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { error_print(); return -1; @@ -391,7 +388,6 @@ int sm4_ctr_encrypt_update(SM4_CTR_CTX *ctx, int sm4_ctr_encrypt_finish(SM4_CTR_CTX *ctx, uint8_t *out, size_t *outlen) { - size_t left; if (ctx->block_nbytes >= SM4_BLOCK_SIZE) { error_print(); return -1; diff --git a/src/sm4ni.c b/src/sm4ni.c new file mode 100644 index 00000000..9e109a71 --- /dev/null +++ b/src/sm4ni.c @@ -0,0 +1,120 @@ +// sm4ni.c +// 2018-04-20 Markku-Juhani O. Saarinen + +// Vectorized implementation of SM4. Uses affine transformations and AES NI +// to implement the SM4 S-Box. + +//#include "sm4_ref.h" +#include + +// Encrypt 4 blocks (64 bytes) in ECB mode + +void sm4_encrypt4(const uint32_t rk[32], void *src, const void *dst) +{ + // nibble mask + const __m128i c0f __attribute__((aligned(0x10))) = + { 0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F }; + + // flip all bytes in all 32-bit words + const __m128i flp __attribute__((aligned(0x10))) = + { 0x0405060700010203, 0x0C0D0E0F08090A0B }; + + // inverse shift rows + const __m128i shr __attribute__((aligned(0x10))) = + { 0x0B0E0104070A0D00, 0x0306090C0F020508 }; + + // Affine transform 1 (low and high hibbles) + const __m128i m1l __attribute__((aligned(0x10))) = + { 0x9197E2E474720701, 0xC7C1B4B222245157 }; + const __m128i m1h __attribute__((aligned(0x10))) = + { 0xE240AB09EB49A200, 0xF052B91BF95BB012 }; + + // Affine transform 2 (low and high hibbles) + const __m128i m2l __attribute__((aligned(0x10))) = + { 0x5B67F2CEA19D0834, 0xEDD14478172BBE82 }; + const __m128i m2h __attribute__((aligned(0x10))) = + { 0xAE7201DD73AFDC00, 0x11CDBE62CC1063BF }; + + // left rotations of 32-bit words by 8-bit increments + const __m128i r08 __attribute__((aligned(0x10))) = + { 0x0605040702010003, 0x0E0D0C0F0A09080B }; + const __m128i r16 __attribute__((aligned(0x10))) = + { 0x0504070601000302, 0x0D0C0F0E09080B0A }; + const __m128i r24 __attribute__((aligned(0x10))) = + { 0x0407060500030201, 0x0C0F0E0D080B0A09 }; + + __m128i x, y, t0, t1, t2, t3; + + uint32_t k, *p32, v[4] __attribute__((aligned(0x10))); + int i; + + p32 = (uint32_t *) src; + t0 = _mm_set_epi32(p32[12], p32[ 8], p32[ 4], p32[ 0]); + t0 = _mm_shuffle_epi8(t0, flp); + t1 = _mm_set_epi32(p32[13], p32[ 9], p32[ 5], p32[ 1]); + t1 = _mm_shuffle_epi8(t1, flp); + t2 = _mm_set_epi32(p32[14], p32[10], p32[ 6], p32[ 2]); + t2 = _mm_shuffle_epi8(t2, flp); + t3 = _mm_set_epi32(p32[15], p32[11], p32[ 7], p32[ 3]); + t3 = _mm_shuffle_epi8(t3, flp); + + for (i = 0; i < 32; i++) { + + k = rk[i]; + x = t1 ^ t2 ^ t3 ^ _mm_set_epi32(k, k, k, k); + + y = _mm_and_si128(x, c0f); // inner affine + y = _mm_shuffle_epi8(m1l, y); + x = _mm_srli_epi64(x, 4); + x = _mm_and_si128(x, c0f); + x = _mm_shuffle_epi8(m1h, x) ^ y; + + x = _mm_shuffle_epi8(x, shr); // inverse MixColumns + x = _mm_aesenclast_si128(x, c0f); // AESNI instruction + + y = _mm_andnot_si128(x, c0f); // outer affine + y = _mm_shuffle_epi8(m2l, y); + x = _mm_srli_epi64(x, 4); + x = _mm_and_si128(x, c0f); + x = _mm_shuffle_epi8(m2h, x) ^ y; + + // 4 parallel L1 linear transforms + y = x ^ _mm_shuffle_epi8(x, r08) ^ _mm_shuffle_epi8(x, r16); + y = _mm_slli_epi32(y, 2) ^ _mm_srli_epi32(y, 30); + x = x ^ y ^ _mm_shuffle_epi8(x, r24); + + // rotate registers + x ^= t0; + t0 = t1; + t1 = t2; + t2 = t3; + t3 = x; + } + + p32 = (uint32_t *) dst; + + _mm_store_si128((__m128i *) v, _mm_shuffle_epi8(t3, flp)); + p32[ 0] = v[0]; + p32[ 4] = v[1]; + p32[ 8] = v[2]; + p32[12] = v[3]; + + _mm_store_si128((__m128i *) v, _mm_shuffle_epi8(t2, flp)); + p32[ 1] = v[0]; + p32[ 5] = v[1]; + p32[ 9] = v[2]; + p32[13] = v[3]; + + _mm_store_si128((__m128i *) v, _mm_shuffle_epi8(t1, flp)); + p32[ 2] = v[0]; + p32[ 6] = v[1]; + p32[10] = v[2]; + p32[14] = v[3]; + + _mm_store_si128((__m128i *) v, _mm_shuffle_epi8(t0, flp)); + p32[ 3] = v[0]; + p32[ 7] = v[1]; + p32[11] = v[2]; + p32[15] = v[3]; +} + diff --git a/src/sm9_key.c b/src/sm9_key.c index 72c420a3..7ce3d3d7 100644 --- a/src/sm9_key.c +++ b/src/sm9_key.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/src/sm9_lib.c b/src/sm9_lib.c index 558793bc..288d40de 100644 --- a/src/sm9_lib.c +++ b/src/sm9_lib.c @@ -330,7 +330,7 @@ int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, SM9_POINT *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE]) { SM3_HMAC_CTX hmac_ctx; - uint8_t K[inlen + 32]; + uint8_t K[SM9_MAX_PLAINTEXT_SIZE + 32]; if (sm9_kem_encrypt(mpk, id, idlen, sizeof(K), K, C1) != 1) { error_print(); @@ -351,9 +351,14 @@ int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, uint8_t *out) { SM3_HMAC_CTX hmac_ctx; - uint8_t k[c2len + SM3_HMAC_SIZE]; + uint8_t k[SM9_MAX_PLAINTEXT_SIZE + SM3_HMAC_SIZE]; uint8_t mac[SM3_HMAC_SIZE]; + if (c2len > SM9_MAX_PLAINTEXT_SIZE) { + error_print(); + return -1; + } + if (sm9_kem_decrypt(key, id, idlen, C1, sizeof(k), k) != 1) { error_print(); return -1; @@ -458,9 +463,14 @@ int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) { SM9_POINT C1; - uint8_t c2[inlen]; + uint8_t c2[SM9_MAX_PLAINTEXT_SIZE]; uint8_t c3[SM3_HMAC_SIZE]; + if (inlen > SM9_MAX_PLAINTEXT_SIZE) { + error_print(); + return -1; + } + if (sm9_do_encrypt(mpk, id, idlen, in, inlen, &C1, c2, c3) != 1) { error_print(); return -1; diff --git a/src/tlcp.c b/src/tlcp.c index e1cde11c..cec7ea8c 100644 --- a/src/tlcp.c +++ b/src/tlcp.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -14,11 +14,15 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include +#endif #include #include #include diff --git a/src/tls.c b/src/tls.c index 7c42dbf3..f928ac89 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -14,12 +14,19 @@ #include #include #include + +#ifdef WIN32 +#include +#else + #include #include #include #include #include #include +#endif + #include #include #include @@ -1455,7 +1462,11 @@ int tls_cipher_suite_in_list(int cipher, const int *list, size_t list_count) int tls_record_send(const uint8_t *record, size_t recordlen, int sock) { +#ifdef WIN32 + int r; +#else ssize_t r; +#endif if (!record) { error_print(); return -1; @@ -1481,7 +1492,11 @@ int tls_record_send(const uint8_t *record, size_t recordlen, int sock) int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock) { +#ifdef WIN32 + int r; +#else ssize_t r; +#endif int type; size_t len; @@ -2270,6 +2285,8 @@ int tls_set_socket(TLS_CONNECT *conn, int sock) { int opts; +#if 0 + // FIXME: do we still need this? when using select? if ((opts = fcntl(sock, F_GETFL)) < 0) { error_print(); perror("tls_set_socket"); @@ -2280,6 +2297,7 @@ int tls_set_socket(TLS_CONNECT *conn, int sock) error_print(); return -1; } +#endif conn->sock = sock; return 1; } diff --git a/src/tls12.c b/src/tls12.c index c5a4110f..89963297 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -13,12 +13,16 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include #include +#endif #include #include #include diff --git a/src/tls13.c b/src/tls13.c index 534e2c81..6d445e1a 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -13,11 +13,15 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include +#endif #include #include #include diff --git a/src/tls_ext.c b/src/tls_ext.c index 3c18bbf4..db84a17d 100644 --- a/src/tls_ext.c +++ b/src/tls_ext.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -13,12 +13,19 @@ #include #include #include -#include #include +#ifdef WIN32 + +#include + + +#else +#include #include #include #include #include +#endif #include #include #include diff --git a/src/tls_trace.c b/src/tls_trace.c index 6811ca2b..31c210f0 100644 --- a/src/tls_trace.c +++ b/src/tls_trace.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -11,7 +11,7 @@ #include #include #include -#include +//#include #include #include #include diff --git a/src/x509_cer.c b/src/x509_cer.c index e5a36551..e10703cc 100644 --- a/src/x509_cer.c +++ b/src/x509_cer.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/src/x509_ext.c b/src/x509_ext.c index 36f5b835..ee9ad29c 100644 --- a/src/x509_ext.c +++ b/src/x509_ext.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -28,11 +28,16 @@ int x509_exts_add_sequence(uint8_t *exts, size_t *extslen, size_t maxlen, int oid, int critical, const uint8_t *d, size_t dlen) { - uint8_t val[32 + dlen]; + uint8_t *val = NULL; uint8_t *p = val; size_t curlen = *extslen; size_t vlen = 0; + if (!(val = malloc(32 + dlen))) { + error_print(); + return -1; + } + exts += *extslen; if (asn1_sequence_to_der(d, dlen, &p, &vlen) != 1 || x509_ext_to_der(oid, critical, val, vlen, NULL, &curlen) != 1 diff --git a/src/x509_str.c b/src/x509_str.c index e8400b76..5c32008f 100644 --- a/src/x509_str.c +++ b/src/x509_str.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/tests/asn1test.c b/tests/asn1test.c index 8826e4cd..5060ec0b 100644 --- a/tests/asn1test.c +++ b/tests/asn1test.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -172,7 +172,6 @@ static int test_asn1_int(void) const uint8_t *cp = buf; size_t len = 0; size_t i; - int rv; format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_INTEGER)); for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { diff --git a/tests/hash_drbgtest.c b/tests/hash_drbgtest.c index b9b4aa46..01bf98f3 100644 --- a/tests/hash_drbgtest.c +++ b/tests/hash_drbgtest.c @@ -40,7 +40,7 @@ int main(void) uint8_t entropy[sizeof(EntropyInput)/2]; uint8_t nonce[sizeof(Nonce)/2]; - uint8_t personalstr[sizeof(PersonalizationString)/2]; + uint8_t personalstr[1 + sizeof(PersonalizationString)/2]; uint8_t v[sizeof(V0)/2]; uint8_t c[sizeof(C0)/2]; uint8_t entropy_pr1[sizeof(EntropyInputPR1)/2]; diff --git a/tools/cmsencrypt.c b/tools/cmsencrypt.c index 551d6630..de830713 100644 --- a/tools/cmsencrypt.c +++ b/tools/cmsencrypt.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may diff --git a/tools/gmssl.c b/tools/gmssl.c index 273c7833..1612c5a0 100644 --- a/tools/gmssl.c +++ b/tools/gmssl.c @@ -192,10 +192,12 @@ int main(int argc, char **argv) return tls13_client_main(argc, argv); } else if (!strcmp(*argv, "tls13_server")) { return tls13_server_main(argc, argv); +#ifndef WIN32 } else if (!strcmp(*argv, "sdfutil")) { return sdfutil_main(argc, argv); } else if (!strcmp(*argv, "skfutil")) { return skfutil_main(argc, argv); +#endif } else { fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv); fprintf(stderr, "usage: %s %s\n", prog, options); diff --git a/tools/sm2sign.c b/tools/sm2sign.c index 9e77eb8d..8e4d2d50 100644 --- a/tools/sm2sign.c +++ b/tools/sm2sign.c @@ -33,7 +33,7 @@ int sm2sign_main(int argc, char **argv) SM2_KEY key; SM2_SIGN_CTX sign_ctx; uint8_t buf[4096]; - ssize_t len; + size_t len; uint8_t sig[SM2_MAX_SIGNATURE_SIZE]; size_t siglen; diff --git a/tools/sm2verify.c b/tools/sm2verify.c index ed199176..caa43869 100644 --- a/tools/sm2verify.c +++ b/tools/sm2verify.c @@ -36,7 +36,7 @@ int sm2verify_main(int argc, char **argv) uint8_t cert[1024]; size_t certlen; uint8_t buf[4096]; - ssize_t len; + size_t len; uint8_t sig[SM2_MAX_SIGNATURE_SIZE]; size_t siglen; int vr; diff --git a/tools/sm3.c b/tools/sm3.c index 77448051..75efc28b 100644 --- a/tools/sm3.c +++ b/tools/sm3.c @@ -34,7 +34,7 @@ int sm3_main(int argc, char **argv) SM3_CTX sm3_ctx; uint8_t dgst[32]; uint8_t buf[4096]; - ssize_t len; + size_t len; int i; argc--; diff --git a/tools/sm9sign.c b/tools/sm9sign.c index 77b7d2e4..7fccd36a 100644 --- a/tools/sm9sign.c +++ b/tools/sm9sign.c @@ -33,7 +33,7 @@ int sm9sign_main(int argc, char **argv) SM9_SIGN_KEY key; SM9_SIGN_CTX ctx; uint8_t buf[4096]; - ssize_t len; + size_t len; uint8_t sig[SM9_SIGNATURE_SIZE]; size_t siglen; diff --git a/tools/sm9verify.c b/tools/sm9verify.c index 9b446464..4ce1fc24 100644 --- a/tools/sm9verify.c +++ b/tools/sm9verify.c @@ -31,9 +31,9 @@ int sm9verify_main(int argc, char **argv) SM9_SIGN_MASTER_KEY mpk; SM9_SIGN_CTX ctx; uint8_t buf[4096]; - ssize_t len; + size_t len; uint8_t sig[SM9_SIGNATURE_SIZE]; - ssize_t siglen; + size_t siglen; argc--; argv++; diff --git a/tools/tlcp_client.c b/tools/tlcp_client.c index ba22a001..8c2e9738 100644 --- a/tools/tlcp_client.c +++ b/tools/tlcp_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -12,12 +12,18 @@ #include #include #include +#ifdef WIN32 +// FIMXE: socket related headers should be moved to tls.h +#include +#else #include #include #include #include #include #include +#endif + #include #include @@ -95,7 +101,7 @@ bad: return -1; } if (!(hp = gethostbyname(host))) { - herror("tlcp_client: '-host' invalid"); + //herror("tlcp_client: '-host' invalid"); goto end; } @@ -149,7 +155,7 @@ bad: FD_ZERO(&fds); FD_SET(conn.sock, &fds); - FD_SET(STDIN_FILENO, &fds); + FD_SET(fileno(stdin), &fds); //FD_SET(STDIN_FILENO, &fds); if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); @@ -172,7 +178,7 @@ bad: } } - if (FD_ISSET(STDIN_FILENO, &fds)) { + if (FD_ISSET(fileno(stdin), &fds)) { fprintf(stderr, "recv from stdin\n"); memset(send_buf, 0, sizeof(send_buf)); diff --git a/tools/tlcp_server.c b/tools/tlcp_server.c index 7ef063e9..4da63e06 100644 --- a/tools/tlcp_server.c +++ b/tools/tlcp_server.c @@ -12,11 +12,15 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include +#endif #include #include #include @@ -38,7 +42,6 @@ int tlcp_server_main(int argc , char **argv) char *cacertfile = NULL; int server_ciphers[] = { TLS_cipher_ecc_sm4_cbc_sm3, }; - uint8_t verify_buf[4096]; TLS_CTX ctx; TLS_CONNECT conn; @@ -48,7 +51,11 @@ int tlcp_server_main(int argc , char **argv) int sock; struct sockaddr_in server_addr; struct sockaddr_in client_addr; +#ifdef WIN32 + int client_addrlen; +#else socklen_t client_addrlen; +#endif int conn_sock; @@ -189,7 +196,11 @@ restart: if (tls_send(&conn, (uint8_t *)buf, len, &sentlen) != 1) { fprintf(stderr, "%s: send failure, close connection\n", prog); +#ifdef WIN32 + closesocket(conn.sock); +#else close(conn.sock); +#endif goto end; } } diff --git a/tools/tls12_client.c b/tools/tls12_client.c index a03d2859..e0a77800 100644 --- a/tools/tls12_client.c +++ b/tools/tls12_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -12,6 +12,9 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include @@ -19,6 +22,9 @@ #include #include #include +#endif + + #include #include @@ -52,7 +58,6 @@ int tls12_client_main(int argc, char *argv[]) char buf[1024] = {0}; size_t len = sizeof(buf); char send_buf[1024] = {0}; - size_t send_len; argc--; argv++; @@ -98,7 +103,7 @@ bad: return -1; } if (!(hp = gethostbyname(host))) { - herror("tls12_client: '-host' invalid"); + //herror("tls12_client: '-host' invalid"); // herror() not in winsock2, use WSAGetLastError() instead goto end; } @@ -111,11 +116,11 @@ bad: if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - fprintf(stderr, "%s: open socket error : %s\n", prog, strerror(errno)); + //fprintf(stderr, "%s: open socket error : %s\n", prog, strerror(errno)); //FIXME: WIN32 use WSAGetLastError() goto end; } if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) { - fprintf(stderr, "%s: connect error : %s\n", prog, strerror(errno)); + //fprintf(stderr, "%s: connect error : %s\n", prog, strerror(errno)); // goto end; } @@ -150,7 +155,7 @@ bad: FD_ZERO(&fds); FD_SET(conn.sock, &fds); - FD_SET(STDIN_FILENO, &fds); + FD_SET(fileno(stdin), &fds); if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); @@ -173,7 +178,7 @@ bad: } } - if (FD_ISSET(STDIN_FILENO, &fds)) { + if (FD_ISSET(fileno(stdin), &fds)) { memset(send_buf, 0, sizeof(send_buf)); if (!fgets(send_buf, sizeof(send_buf), stdin)) { @@ -193,7 +198,11 @@ bad: end: +#ifdef WIN32 + closesocket(sock); +#else close(sock); +#endif tls_ctx_cleanup(&ctx); tls_cleanup(&conn); return 0; diff --git a/tools/tls12_server.c b/tools/tls12_server.c index 3c4210f0..bc2042cf 100644 --- a/tools/tls12_server.c +++ b/tools/tls12_server.c @@ -12,11 +12,15 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include +#endif #include #include #include @@ -46,7 +50,11 @@ int tls12_server_main(int argc , char **argv) int sock; struct sockaddr_in server_addr; struct sockaddr_in client_addr; +#ifdef WIN32 + int client_addrlen; +#else socklen_t client_addrlen; +#endif int conn_sock; diff --git a/tools/tls13_client.c b/tools/tls13_client.c index ad31da9c..8df24834 100644 --- a/tools/tls13_client.c +++ b/tools/tls13_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may @@ -12,13 +12,16 @@ #include #include #include - +#ifdef WIN32 +#include +#else #include #include #include #include #include #include +#endif #include #include @@ -98,7 +101,7 @@ bad: return -1; } if (!(hp = gethostbyname(host))) { - herror("tls13_client: '-host' invalid"); + //herror("tls13_client: '-host' invalid"); goto end; } @@ -149,7 +152,7 @@ bad: FD_ZERO(&fds); FD_SET(conn.sock, &fds); - FD_SET(STDIN_FILENO, &fds); + FD_SET(fileno(stdin), &fds); if (select(conn.sock + 1, &fds, NULL, NULL, NULL) < 0) { fprintf(stderr, "%s: select failed\n", prog); @@ -172,7 +175,7 @@ bad: } } - if (FD_ISSET(STDIN_FILENO, &fds)) { + if (FD_ISSET(fileno(stdin), &fds)) { memset(send_buf, 0, sizeof(send_buf)); if (!fgets(send_buf, sizeof(send_buf), stdin)) { diff --git a/tools/tls13_server.c b/tools/tls13_server.c index 6f6eb80c..db72031a 100644 --- a/tools/tls13_server.c +++ b/tools/tls13_server.c @@ -12,11 +12,15 @@ #include #include #include +#ifdef WIN32 +#include +#else #include #include #include #include #include +#endif #include #include #include @@ -46,7 +50,11 @@ int tls13_server_main(int argc , char **argv) int sock; struct sockaddr_in server_addr; struct sockaddr_in client_addr; +#ifdef WIN32 + int client_addrlen; +#else socklen_t client_addrlen; +#endif int conn_sock;