add CBC-MAC and GM OTP, not tested

2026-05-13 03:46:26 +08:00 · 2016-05-15 20:21:51 +02:00
parent 8c0439e7d6
commit 60d14da0cc
81 changed files with 2789 additions and 1401 deletions
--- a/crypto/ecies/ecies.h
+++ b/crypto/ecies/ecies.h
@@ -74,12 +74,36 @@ extern "C" {
 */

 typedef struct ecies_params_st {
-	int                  kdf_nid;
+	/* supported kdf algors:
+	 *   x9-63-kdf
+	 *   nist-concatenation-kdf
+         *   tls-kdf
+         *   ikev2-kdf
+	 */
+	int kdf_nid;
 	const EVP_MD        *kdf_md;
+
+	/* supported enc algors:
+	 *   xor-in-ecies
+         *   aes128-cbc-in-ecies
+	 *   aes192-cbc-in-ecies
+	 *   aes256-cbc-in-ecies
+	 *   aes128-ctr-in-ecies
+	 *   aes192-ctr-in-ecies
+	 *   aes256-ctr-in-ecies
+         */
 	const EVP_CIPHER    *sym_cipher;
-	int                  mac_nid;
-	const EVP_MD        *mac_md;
-	const EVP_CIPHER    *mac_cipher;
+
+	/*
+	 * supported mac algors:
+	 *   hmac-full-ecies
+	 *   hmac-half-ecies
+	 *   cmac-aes128-ecies
+	 *   cmac-aes192-ecies
+	 */
+	int mac_nid;
+	const EVP_MD *mac_md;
+	const EVP_CIPHER *mac_cipher;
 } ECIES_PARAMS;

 typedef struct ecies_ciphertext_value_st {
@@ -100,11 +124,19 @@ ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
 int ECIES_do_decrypt(const ECIES_CIPHERTEXT_VALUE *cv,
 	const ECIES_PARAMS *param, unsigned char *out, size_t *outlen, 
 	EC_KEY *ec_key);
-int ECIES_encrypt(unsigned char *out, size_t *outlen,
-	const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
+int ECIES_encrypt(const ECIES_PARAMS *param,
+	unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
 	EC_KEY *ec_key);
-int ECIES_decrypt(unsigned char *out, size_t *outlen,
-	const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
+int ECIES_decrypt(const ECIES_PARAMS *param,
+	unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
+	EC_KEY *ec_key);
+int ECIES_encrypt_with_recommended(unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
+	EC_KEY *ec_key);
+int ECIES_decrypt_with_recommended(unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
 	EC_KEY *ec_key);


--- a/crypto/ecies/ecies_lib.c
+++ b/crypto/ecies/ecies_lib.c
@@ -448,8 +448,9 @@ err:
 	return r;
 }

-int ECIES_encrypt(unsigned char *out, size_t *outlen,
-	const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
+int ECIES_encrypt(const ECIES_PARAMS *param,
+	unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
 	EC_KEY *ec_key)
 {
 	int ret = 0;
@@ -496,8 +497,9 @@ end:
 	return ret;
 }

-int ECIES_decrypt(unsigned char *out, size_t *outlen,
-	const ECIES_PARAMS *param, const unsigned char *in, size_t inlen,
+int ECIES_decrypt(const ECIES_PARAMS *param,
+	unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
 	EC_KEY *ec_key)
 {
 	int ret = 0;
@@ -520,3 +522,37 @@ end:
 	return ret;
 }

+int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
+{
+	if (!param) {
+		return 0;
+	}
+	param->kdf_nid = NID_undef;
+	param->kdf_md = EVP_sha256();
+	param->sym_cipher = EVP_aes_128_cbc();
+	param->mac_nid = NID_undef;
+	param->mac_md = EVP_sha256();
+	param->mac_cipher = NULL;
+	return 1;
+}
+
+int ECIES_encrypt_with_recommended(unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
+	EC_KEY *ec_key)
+{
+	ECIES_PARAMS param;
+	ECIES_PARAMS_init_with_recommended(&param);
+	return ECIES_encrypt(&param, out, outlen, in, inlen, ec_key);
+}
+
+int ECIES_decrypt_with_recommended(unsigned char *out, size_t *outlen,
+	const unsigned char *in, size_t inlen,
+	EC_KEY *ec_key)
+{
+	ECIES_PARAMS param;
+	ECIES_PARAMS_init_with_recommended(&param);
+	return ECIES_decrypt(&param, out, outlen, in, inlen, ec_key);
+}
+
+
+