abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-20 03:44:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update BLOCK_CIPHER

Browse Source
This commit is contained in:
Zhi Guan
2026-06-10 22:30:51 +08:00
parent a21bdf02b2
commit 5e9724cd93
3 changed files with 139 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
include/gmssl/block_cipher.h
View File

@@ -43,15 +43,16 @@ struct BLOCK_CIPHER_KEY {
const BLOCK_CIPHER *cipher; const BLOCK_CIPHER *cipher;
}; };
typedef void (*block_cipher_set_encrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key); typedef int (*block_cipher_set_encrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key);
typedef void (*block_cipher_set_decrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key); typedef int (*block_cipher_set_decrypt_key_func)(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key);
typedef void (*block_cipher_encrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out); typedef int (*block_cipher_encrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
typedef void (*block_cipher_decrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out); typedef int (*block_cipher_decrypt_func)(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out);
struct BLOCK_CIPHER { struct BLOCK_CIPHER {
int oid; int oid;
size_t key_size; size_t key_size;
size_t block_size; size_t block_size;
size_t ctx_size;
block_cipher_set_encrypt_key_func set_encrypt_key; block_cipher_set_encrypt_key_func set_encrypt_key;
block_cipher_set_decrypt_key_func set_decrypt_key; block_cipher_set_decrypt_key_func set_decrypt_key;
block_cipher_encrypt_func encrypt; block_cipher_encrypt_func encrypt;
@@ -61,6 +62,8 @@ struct BLOCK_CIPHER {
const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void); const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void);
#ifdef ENABLE_AES #ifdef ENABLE_AES
const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void); const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void);
const BLOCK_CIPHER *BLOCK_CIPHER_aes192(void);
const BLOCK_CIPHER *BLOCK_CIPHER_aes256(void);
#endif #endif
const BLOCK_CIPHER *block_cipher_from_name(const char *name); const BLOCK_CIPHER *block_cipher_from_name(const char *name);

3
include/gmssl/oid.h
View File

@@ -184,6 +184,9 @@ enum {
OID_xmssmt_hashsig, OID_xmssmt_hashsig,
OID_sphincs_hashsig, // OID not defined in RFC, so no oid[] OID_sphincs_hashsig, // OID not defined in RFC, so no oid[]
OID_kyber_kem, OID_kyber_kem,
OID_aes192, // No OID
OID_aes256, // No OID
}; };
// {iso(1) org(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7)} // {iso(1) org(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7)}

145
src/block_cipher.c
View File

@@ -28,6 +28,10 @@ const BLOCK_CIPHER *block_cipher_from_name(const char *name)
#ifdef ENABLE_AES #ifdef ENABLE_AES
} else if (!strcmp(name, "aes128")) { } else if (!strcmp(name, "aes128")) {
return BLOCK_CIPHER_aes128(); return BLOCK_CIPHER_aes128();
} else if (!strcmp(name, "aes192")) {
return BLOCK_CIPHER_aes192();
} else if (!strcmp(name, "aes256")) {
return BLOCK_CIPHER_aes256();
#endif #endif
} }
error_print(); error_print();
@@ -44,6 +48,8 @@ const char *block_cipher_name(const BLOCK_CIPHER *cipher)
case OID_sm4: return "sm4"; case OID_sm4: return "sm4";
#ifdef ENABLE_AES #ifdef ENABLE_AES
case OID_aes128: return "aes128"; case OID_aes128: return "aes128";
case OID_aes192: return "aes192";
case OID_aes256: return "aes256";
#endif #endif
} }
error_print(); error_print();
@@ -52,24 +58,46 @@ const char *block_cipher_name(const BLOCK_CIPHER *cipher)
int block_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key) int block_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key)
{ {
if (!key || !cipher || !cipher->set_encrypt_key || !raw_key) { if (!key || !cipher || !cipher->set_encrypt_key || !cipher->encrypt || !cipher->decrypt || !raw_key) {
error_print();
return -1;
}
if (cipher->key_size < BLOCK_CIPHER_MIN_KEY_SIZE
|| cipher->key_size > BLOCK_CIPHER_MAX_KEY_SIZE
|| cipher->block_size != BLOCK_CIPHER_BLOCK_SIZE
|| cipher->ctx_size > sizeof(key->u)) {
error_print(); error_print();
return -1; return -1;
} }
memset(key, 0, sizeof(BLOCK_CIPHER_KEY)); memset(key, 0, sizeof(BLOCK_CIPHER_KEY));
cipher->set_encrypt_key(key, raw_key); if (cipher->set_encrypt_key(key, raw_key) != 1) {
error_print();
memset(key, 0, sizeof(BLOCK_CIPHER_KEY));
return -1;
}
key->cipher = cipher; key->cipher = cipher;
return 1; return 1;
} }
int block_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key) int block_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const BLOCK_CIPHER *cipher, const uint8_t *raw_key)
{ {
if (!key || !cipher || !cipher->set_decrypt_key || !raw_key) { if (!key || !cipher || !cipher->set_decrypt_key || !cipher->encrypt || !cipher->decrypt || !raw_key) {
error_print();
return -1;
}
if (cipher->key_size < BLOCK_CIPHER_MIN_KEY_SIZE
|| cipher->key_size > BLOCK_CIPHER_MAX_KEY_SIZE
|| cipher->block_size != BLOCK_CIPHER_BLOCK_SIZE
|| cipher->ctx_size > sizeof(key->u)) {
error_print(); error_print();
return -1; return -1;
} }
memset(key, 0, sizeof(BLOCK_CIPHER_KEY)); memset(key, 0, sizeof(BLOCK_CIPHER_KEY));
cipher->set_decrypt_key(key, raw_key); if (cipher->set_decrypt_key(key, raw_key) != 1) {
error_print();
memset(key, 0, sizeof(BLOCK_CIPHER_KEY));
return -1;
}
key->cipher = cipher; key->cipher = cipher;
return 1; return 1;
} }
@@ -80,7 +108,10 @@ int block_cipher_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t
error_print(); error_print();
return -1; return -1;
} }
key->cipher->encrypt(key, in, out); if (key->cipher->encrypt(key, in, out) != 1) {
error_print();
return -1;
}
return 1; return 1;
} }
@@ -90,7 +121,26 @@ int block_cipher_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t
error_print(); error_print();
return -1; return -1;
} }
key->cipher->decrypt(key, in, out); if (key->cipher->decrypt(key, in, out) != 1) {
error_print();
return -1;
}
return 1;
}
static int sm4_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
sm4_set_encrypt_key(&key->u.sm4_key, raw_key);
return 1;
}
static int sm4_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
sm4_set_decrypt_key(&key->u.sm4_key, raw_key);
return 1;
}
static int sm4_cipher_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out) {
sm4_encrypt(&key->u.sm4_key, in, out);
return 1; return 1;
} }
@@ -98,36 +148,95 @@ static const BLOCK_CIPHER sm4_block_cipher_object = {
OID_sm4, OID_sm4,
SM4_KEY_SIZE, SM4_KEY_SIZE,
SM4_BLOCK_SIZE, SM4_BLOCK_SIZE,
(block_cipher_set_encrypt_key_func)sm4_set_encrypt_key, sizeof(SM4_KEY),
(block_cipher_set_decrypt_key_func)sm4_set_decrypt_key, sm4_cipher_set_encrypt_key,
(block_cipher_encrypt_func)sm4_encrypt, sm4_cipher_set_decrypt_key,
(block_cipher_decrypt_func)sm4_encrypt, sm4_cipher_encrypt,
sm4_cipher_encrypt,
}; };
const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void) { const BLOCK_CIPHER *BLOCK_CIPHER_sm4(void) {
return &sm4_block_cipher_object; return &sm4_block_cipher_object;
} }
#ifdef ENABLE_AES #ifdef ENABLE_AES
static int aes128_set_encrypt_key(AES_KEY *aes_key, const uint8_t key[16]) { static int aes128_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_encrypt_key(aes_key, key, 16); return aes_set_encrypt_key(&key->u.aes_key, raw_key, AES128_KEY_SIZE);
} }
static int aes128_set_decrypt_key(AES_KEY *aes_key, const uint8_t key[16]) { static int aes128_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_decrypt_key(aes_key, key, 16); return aes_set_decrypt_key(&key->u.aes_key, raw_key, AES128_KEY_SIZE);
}
static int aes192_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_encrypt_key(&key->u.aes_key, raw_key, AES192_KEY_SIZE);
}
static int aes192_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_decrypt_key(&key->u.aes_key, raw_key, AES192_KEY_SIZE);
}
static int aes256_cipher_set_encrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_encrypt_key(&key->u.aes_key, raw_key, AES256_KEY_SIZE);
}
static int aes256_cipher_set_decrypt_key(BLOCK_CIPHER_KEY *key, const uint8_t *raw_key) {
return aes_set_decrypt_key(&key->u.aes_key, raw_key, AES256_KEY_SIZE);
}
static int aes_cipher_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out) {
aes_encrypt(&key->u.aes_key, in, out);
return 1;
}
static int aes_cipher_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *in, uint8_t *out) {
aes_decrypt(&key->u.aes_key, in, out);
return 1;
} }
static const BLOCK_CIPHER aes128_block_cipher_object = { static const BLOCK_CIPHER aes128_block_cipher_object = {
OID_aes128, OID_aes128,
AES128_KEY_SIZE, AES128_KEY_SIZE,
AES_BLOCK_SIZE, AES_BLOCK_SIZE,
(block_cipher_set_encrypt_key_func)aes128_set_encrypt_key, sizeof(AES_KEY),
(block_cipher_set_decrypt_key_func)aes128_set_decrypt_key, aes128_cipher_set_encrypt_key,
(block_cipher_encrypt_func)aes_encrypt, aes128_cipher_set_decrypt_key,
(block_cipher_decrypt_func)aes_decrypt, aes_cipher_encrypt,
aes_cipher_decrypt,
}; };
const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void) { const BLOCK_CIPHER *BLOCK_CIPHER_aes128(void) {
return &aes128_block_cipher_object; return &aes128_block_cipher_object;
} }
static const BLOCK_CIPHER aes192_block_cipher_object = {
OID_aes192,
AES192_KEY_SIZE,
AES_BLOCK_SIZE,
sizeof(AES_KEY),
aes192_cipher_set_encrypt_key,
aes192_cipher_set_decrypt_key,
aes_cipher_encrypt,
aes_cipher_decrypt,
};
const BLOCK_CIPHER *BLOCK_CIPHER_aes192(void) {
return &aes192_block_cipher_object;
}
static const BLOCK_CIPHER aes256_block_cipher_object = {
OID_aes256,
AES256_KEY_SIZE,
AES_BLOCK_SIZE,
sizeof(AES_KEY),
aes256_cipher_set_encrypt_key,
aes256_cipher_set_decrypt_key,
aes_cipher_encrypt,
aes_cipher_decrypt,
};
const BLOCK_CIPHER *BLOCK_CIPHER_aes256(void) {
return &aes256_block_cipher_object;
}
#endif // ENABLE_AES #endif // ENABLE_AES