sm2 with short ciphertext

Makefile

@@ -11,11 +11,11 @@ SHLIB_VERSION_NUMBER=1.0.0
 SHLIB_VERSION_HISTORY=
 SHLIB_MAJOR=1
 SHLIB_MINOR=0.0
-SHLIB_EXT=.$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
-PLATFORM=darwin64-x86_64-cc
-OPTIONS=--prefix=/usr/local/ --openssldir=/usr/local/openssl/ no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-libunbound no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-unit-test no-zlib no-zlib-dynamic static-engine
-CONFIGURE_ARGS=darwin64-x86_64-cc --prefix=/usr/local/ --openssldir=/usr/local/openssl/
-SHLIB_TARGET=darwin-shared
+SHLIB_EXT=
+PLATFORM=dist
+OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-libunbound no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-unit-test no-zlib no-zlib-dynamic static-engine
+CONFIGURE_ARGS=dist
+SHLIB_TARGET=
 
 # HERE indicates where this Makefile lives.  This can be used to indicate
 # where sub-Makefiles are expected to be.  Currently has very limited usage,
@@ -26,10 +26,10 @@ HERE=.
 # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
 # Normally it is left empty.
 INSTALL_PREFIX=
-INSTALLTOP=/usr/local
+INSTALLTOP=/usr/local/ssl
 
 # Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/openssl
+OPENSSLDIR=/usr/local/ssl
 
 # NO_IDEA - Define to build without the IDEA algorithm
 # NO_RC4  - Define to build without the RC4 algorithm
@@ -60,9 +60,9 @@ OPENSSLDIR=/usr/local/openssl
 # PKCS1_CHECK - pkcs1 tests.
 
 CC= cc
-CFLAG= -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
+CFLAG= -O
 DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
-PEX_LIBS= -Wl,-search_paths_first
+PEX_LIBS= 
 EX_LIBS= 
 EXE_EXT= 
 ARFLAGS= 
@@ -88,23 +88,23 @@ ASFLAG=$(CFLAG)
 PROCESSOR= 
 
 # CPUID module collects small commonly used assembler snippets
-CPUID_OBJ= x86_64cpuid.o
-BN_ASM= x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
-EC_ASM= ecp_nistz256.o ecp_nistz256-x86_64.o
+CPUID_OBJ= mem_clr.o
+BN_ASM= bn_asm.o
+EC_ASM= 
 DES_ENC= des_enc.o fcrypt_b.o
-AES_ENC= aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o
+AES_ENC= aes_core.o aes_cbc.o
 BF_ENC= bf_enc.o
 CAST_ENC= c_enc.o
 RC4_ENC= rc4_enc.o rc4_skey.o
 RC5_ENC= rc5_enc.o
-MD5_ASM_OBJ= md5-x86_64.o
-SHA1_ASM_OBJ= sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o
+MD5_ASM_OBJ= 
+SHA1_ASM_OBJ= 
 RMD160_ASM_OBJ= 
-WP_ASM_OBJ= wp-x86_64.o
-CMLL_ENC= cmll-x86_64.o cmll_misc.o
-MODES_ASM_OBJ= ghash-x86_64.o aesni-gcm-x86_64.o
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ= 
 ENGINES_ASM_OBJ= 
-PERLASM_SCHEME= macosx
+PERLASM_SCHEME= 
 
 # KRB5 stuff
 KRB5_INCLUDES=
@@ -178,8 +178,8 @@ LIBS=   libcrypto.a libssl.a
 SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
 SHARED_SSL=libssl$(SHLIB_EXT)
 SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=.$(SHLIB_MAJOR).dylib .dylib
-SHARED_LDFLAGS=-arch x86_64 -dynamiclib
+SHARED_LIBS_LINK_EXTS=
+SHARED_LDFLAGS=
 
 GENERAL=        Makefile
 BASENAME=       gmssl

Makefile.bak

@@ -151,7 +151,7 @@ SDIRS=  \
 	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
 	cms pqueue ts srp cmac \
-	sm2 sm3 sms4 ecies cpk zuc cbcmac
+	sm2 sm3 sms4 ecies cpk zuc cbcmac otp
 
 # keep in mind that the above list is adjusted by ./Configure
 # according to no-xxx arguments...

crypto/cbcmac/cbcmactest.c

@@ -0,0 +1,4 @@
+#include <openssl/cbcmac.h>
+
+
+

crypto/opensslconf.h

@@ -5,9 +5,6 @@
 extern "C" {
 #endif
 /* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_SYSNAME_MACOSX
-# define OPENSSL_SYSNAME_MACOSX
-#endif
 #ifndef OPENSSL_DOING_MAKEDEPEND
 
 
@@ -50,9 +47,6 @@ extern "C" {
 
 #endif /* OPENSSL_DOING_MAKEDEPEND */
 
-#ifndef OPENSSL_THREADS
-# define OPENSSL_THREADS
-#endif
 #ifndef OPENSSL_NO_DYNAMIC_ENGINE
 # define OPENSSL_NO_DYNAMIC_ENGINE
 #endif
@@ -100,8 +94,6 @@ extern "C" {
 # endif
 #endif
 
-#define OPENSSL_CPUID_OBJ
-
 /* crypto/opensslconf.h.in */
 
 /* Generate 80386 code? */
@@ -109,8 +101,8 @@ extern "C" {
 
 #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/lib/engines"
-#define OPENSSLDIR "/usr/local/openssl"
+#define ENGINESDIR "/usr/local/ssl/lib/engines"
+#define OPENSSLDIR "/usr/local/ssl"
 #endif
 #endif
 
@@ -148,7 +140,7 @@ extern "C" {
  * This enables code handling data aligned at natural CPU word
  * boundary. See crypto/rc4/rc4_enc.c for further details.
  */
-#define RC4_CHUNK unsigned long
+#undef RC4_CHUNK
 #endif
 #endif
 
@@ -156,7 +148,7 @@ extern "C" {
 /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
  * %20 speed up (longs are 8 bytes, int's are 4). */
 #ifndef DES_LONG
-#define DES_LONG unsigned int
+#define DES_LONG unsigned long
 #endif
 #endif
 
@@ -167,9 +159,9 @@ extern "C" {
 /* Should we define BN_DIV2W here? */
 
 /* Only one for the following should be defined */
-#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
-#undef THIRTY_TWO_BIT
+#define THIRTY_TWO_BIT
 #endif
 
 #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
@@ -211,7 +203,7 @@ extern "C" {
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
  * Very mucy CPU dependant */
 #ifndef DES_UNROLL
-#define DES_UNROLL
+#undef DES_UNROLL
 #endif
 
 /* These default values were supplied by

crypto/otp/otp.c

@@ -1,6 +1,7 @@
 #include <time.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdint.h>
 #include <string.h>
 #include <strings.h>
 #include <openssl/evp.h>
@@ -45,11 +46,12 @@ int OTP_generate(const OTP_PARAMS *params, const void *event, size_t eventlen,
 	unsigned char s[EVP_MAX_MD_SIZE];
 	size_t slen;
 	uint32_t od;
-	int i;
+	int i, n;
 
 	OPENSSL_assert(sizeof(time_t) == 8);
 
 	if (!check_params(params)) {
+		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		return 0;
 	}
 
@@ -58,11 +60,12 @@ int OTP_generate(const OTP_PARAMS *params, const void *event, size_t eventlen,
 		idlen = 16;
 	}
 	if (!(id = OPENSSL_malloc(idlen))) {
+		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 	bzero(id, idlen);
 
-	t = time(NULL);
+	t = time(NULL) + params->offset;
 	t /= params->te;
 
 	memcpy(id, &t, sizeof(t));
@@ -108,7 +111,9 @@ int OTP_generate(const OTP_PARAMS *params, const void *event, size_t eventlen,
 	OPENSSL_assert(slen % 4 == 0);
 
 	od = 0;
-	for (i = 0; i < slen/4; i++) {
+
+	n = (int)slen;
+	for (i = 0; i < n/4; i++) {
 		od += GETU32(&s[i * 4]);
 	}
 

crypto/otp/otp.h

@@ -64,6 +64,8 @@ typedef struct OTP_PARAMS_st {
 	void *option;
 	size_t option_size;
 	int otp_digits;
+	/* adjust the clock in seconds */
+	int offset;
 } OTP_PARAMS;
 
 /* OTP reference to the GM/T OTP specification

crypto/otp/otptest.c

@@ -0,0 +1,30 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/evp.h>
+#include <openssl/otp.h>
+
+
+int main(int argc, char **argv)
+{
+	OTP_PARAMS params;
+	unsigned char key[] = {1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8};
+	unsigned char event[] = "this is a fixed value";
+	unsigned int otp;
+
+	params.type = NID_sm3;
+	params.te = 60;
+	params.option = NULL;
+	params.option_size = 0;
+	params.otp_digits = 6;
+
+	OpenSSL_add_all_algorithms();
+
+	if (!OTP_generate(&params, event, sizeof(event), &otp, key, sizeof(key))) {
+		printf("OTP_generate() failed\n");
+		return -1;
+	}
+
+	printf("OTP = %06u\n", otp);
+	return 0;
+}

crypto/sm2/sm2.h

@@ -83,12 +83,16 @@ int SM2_compute_id_digest(const EVP_MD *md, unsigned char *dgst,
 
 
 typedef struct sm2_enc_params_st {
-	EVP_MD *kdf_md;
-	EVP_MD *mac_md;
+	const EVP_MD *kdf_md;
+	const EVP_MD *mac_md;
 	int mactag_size;
 	point_conversion_form_t point_form;
 } SM2_ENC_PARAMS;
 
+#define SM2_ENC_PARAMS_mactag_size(params) \
+	((params)->mactag_size<0 ? EVP_MD_size((params)->mac_md) : (params->mactag_size))
+
+
 typedef struct sm2_ciphertext_value_st {
 	EC_POINT *ephem_point;
 	unsigned char *ciphertext;
@@ -98,15 +102,13 @@ typedef struct sm2_ciphertext_value_st {
 } SM2_CIPHERTEXT_VALUE;
 
 int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
-	point_conversion_form_t point_form, size_t mlen,
-	const EVP_MD *mac_md);
+	const SM2_ENC_PARAMS *params, size_t mlen);
 void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv);
 int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
-	const EC_GROUP *ec_group, point_conversion_form_t point_form,
+	const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
 	unsigned char *buf, size_t *buflen);
 SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
-	point_conversion_form_t point_form, const EVP_MD *mac_md,
-	const unsigned char *buf, size_t buflen);
+	const SM2_ENC_PARAMS *params, const unsigned char *buf, size_t buflen);
 int i2d_SM2_CIPHERTEXT_VALUE(const SM2_CIPHERTEXT_VALUE *c, unsigned char **out);
 SM2_CIPHERTEXT_VALUE *d2i_SM2_CIPHERTEXT_VALUE(SM2_CIPHERTEXT_VALUE **c,
 	const unsigned char **in, long len);

crypto/sm2/sm2_enc.c

@@ -61,34 +61,33 @@
 #include <openssl/kdf.h>
 #include "sm2.h"
 
-int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
-	point_conversion_form_t point_form, size_t mlen,
-	const EVP_MD *mac_md)
+int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *group,
+	const SM2_ENC_PARAMS *params, size_t mlen)
 {
 	int ret = 0;
-	EC_POINT *point = EC_POINT_new(ec_group);
-	BN_CTX *bn_ctx = BN_CTX_new();
-	size_t len;
+	EC_KEY *ec_key = NULL;
+	size_t len = 0;
 
-	if (!point || !bn_ctx) {
+	if (!(ec_key = EC_KEY_new())) {
 		goto end;
 	}
-
-#if 0	
-	//FIXME: len will be 1 !!!
-	if (!(len = EC_POINT_point2oct(ec_group, point, point_form,
-		NULL, 0, bn_ctx))) {
+	if (!EC_KEY_set_group(ec_key, group)) {
 		goto end;
 	}
-#endif
-	len = 1 + 2 * ((EC_GROUP_get_degree(ec_group) + 7)/8);
-	len += mlen + EVP_MD_size(mac_md);
+	if (!EC_KEY_generate_key(ec_key)) {
+		goto end;
+	}
+	len += EC_POINT_point2oct(group, EC_KEY_get0_public_key(ec_key),
+		params->point_form, NULL, 0, NULL);
+	len += mlen;
+	len += params->mactag_size < 0 ? EVP_MD_size(params->mac_md) :
+		params->mactag_size;
+
+ 	ret = (int)len;
 
-	ret = len;
 end:
-	if (point) EC_POINT_free(point);
-	if (bn_ctx) BN_CTX_free(bn_ctx);
- 	return ret;
+	EC_KEY_free(ec_key);
+	return ret;
 }
 
 void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv)
@@ -100,7 +99,7 @@ void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv)
 }
 
 int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
-	const EC_GROUP *ec_group, point_conversion_form_t point_form,
+	const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
 	unsigned char *buf, size_t *buflen)
 {
 	int ret = 0;
@@ -112,7 +111,7 @@ int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
 	}
 
 	if (!(ptlen = EC_POINT_point2oct(ec_group, cv->ephem_point,
-		point_form, NULL, 0, bn_ctx))) {
+		params->point_form, NULL, 0, bn_ctx))) {
 		goto end;
 	}
 	cvlen = ptlen + cv->ciphertext_size + cv->mactag_size;
@@ -127,13 +126,15 @@ int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
 	}
 
 	if (!(ptlen = EC_POINT_point2oct(ec_group, cv->ephem_point,
-		point_form, buf, *buflen, bn_ctx))) {
+		params->point_form, buf, *buflen, bn_ctx))) {
 		goto end;
 	}
 	buf += ptlen;
 	memcpy(buf, cv->ciphertext, cv->ciphertext_size);
 	buf += cv->ciphertext_size;
-	memcpy(buf, cv->mactag, cv->mactag_size);
+	if (cv->mactag_size > 0) {
+		memcpy(buf, cv->mactag, cv->mactag_size);
+	}
 
 	*buflen = cvlen;
 	ret = 1;
@@ -142,8 +143,8 @@ end:
 	return ret;
 }
 
-SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
-	point_conversion_form_t point_form, const EVP_MD *mac_md,
+SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(
+	const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
 	const unsigned char *buf, size_t buflen)
 {
 	int ok = 0;
@@ -156,7 +157,7 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
 		return NULL;
 	}
 
-	if (!(fixlen = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) {
+	if (!(fixlen = SM2_CIPHERTEXT_VALUE_size(ec_group, params, 0))) {
 		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
@@ -179,7 +180,7 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
 		goto end;
 	}
 
-	ptlen = fixlen - EVP_MD_size(mac_md);
+	ptlen = fixlen - SM2_ENC_PARAMS_mactag_size(params);
 	if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, ptlen, bn_ctx)) {
 		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		ERR_print_errors_fp(stdout);
@@ -187,9 +188,10 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
 	}
 
 	memcpy(ret->ciphertext, buf + ptlen, ret->ciphertext_size);
-	ret->mactag_size = EVP_MD_size(mac_md);
-	memcpy(ret->mactag, buf + buflen - ret->mactag_size, ret->mactag_size);
-
+	ret->mactag_size = SM2_ENC_PARAMS_mactag_size(params);
+	if (ret->mactag_size > 0) {
+		memcpy(ret->mactag, buf + buflen - ret->mactag_size, ret->mactag_size);
+	}
 	ok = 1;
 
 end:
@@ -248,8 +250,7 @@ int SM2_encrypt(const SM2_ENC_PARAMS *params,
 	SM2_CIPHERTEXT_VALUE *cv = NULL;
 	int len;
 
-	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group,
-		params->point_form, inlen, params->mac_md))) {
+	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, params, inlen))) {
 		goto end;
 	}
 
@@ -264,8 +265,7 @@ int SM2_encrypt(const SM2_ENC_PARAMS *params,
 	if (!(cv = SM2_do_encrypt(params, in, inlen, ec_key))) {
 		goto end;
 	}
-	if (!SM2_CIPHERTEXT_VALUE_encode(cv, ec_group,
-		params->point_form, out, outlen)) {
+	if (!SM2_CIPHERTEXT_VALUE_encode(cv, ec_group, params, out, outlen)) {
 		goto end;
 	}
 	
@@ -386,30 +386,34 @@ SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const SM2_ENC_PARAMS *params,
 	for (i = 0; i < inlen; i++) {
 		cv->ciphertext[i] ^= in[i];
 	}
-	
-	/* A7: C3 = Hash(x2 || M || y2) */
-	if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, in, inlen)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
-		goto end;
-	}
-	if (!EVP_DigestFinal_ex(md_ctx, dgst, &dgstlen)) {
-		goto end;
-	}
 
-	/* GmSSL specific: reduce mactag size */
-	if (params->mactag_size > dgstlen) {
-		goto end;
+	if (params->mactag_size) {
+
+		/* A7: C3 = Hash(x2 || M || y2) */
+		if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, in, inlen)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
+			goto end;
+		}
+		if (!EVP_DigestFinal_ex(md_ctx, dgst, &dgstlen)) {
+			goto end;
+		}
+
+		/* GmSSL specific: reduce mactag size */
+		if (params->mactag_size > dgstlen) {
+			goto end;
+		}
+
+		cv->mactag_size = params->mactag_size;
+		memcpy(cv->mactag, dgst, cv->mactag_size);
 	}
-	cv->mactag_size = params->mactag_size;
-	memcpy(cv->mactag, dgst, cv->mactag_size);
 
 	ok = 1;
 
@@ -438,7 +442,7 @@ int SM2_decrypt(const SM2_ENC_PARAMS *params,
 	SM2_CIPHERTEXT_VALUE *cv = NULL;
 	int len;
 
-	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, params->point_form, 0, params->mac_md))) {
+	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, params, 0))) {
 		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
@@ -455,7 +459,7 @@ int SM2_decrypt(const SM2_ENC_PARAMS *params,
 		return 0;
 	}
 
-	if (!(cv = SM2_CIPHERTEXT_VALUE_decode(ec_group, params->point_form, params->mac_md, in, inlen))) {
+	if (!(cv = SM2_CIPHERTEXT_VALUE_decode(ec_group, params, in, inlen))) {
 		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
@@ -486,8 +490,6 @@ int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
 	unsigned char buf[(OPENSSL_ECC_MAX_FIELD_BITS + 7)/4 + 1];
 	unsigned char mac[EVP_MAX_MD_SIZE];
 	unsigned int maclen;
-	unsigned char dgst[EVP_MAX_MD_SIZE];
-	unsigned int dgstlen;
 	int nbytes;
 	size_t size;
 	int i;
@@ -556,30 +558,33 @@ int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
 	}
 	*outlen = cv->ciphertext_size;
 
-	/* B6: check Hash(x2 || M || y2) == C3 */
-	if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, out, *outlen)) {
-		goto end;
-	}
-	if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
-		goto end;
-	}
-	if (!EVP_DigestFinal_ex(md_ctx, mac, &maclen)) {
-		goto end;
-	}
+	if (params->mactag_size) {
 
-	/* GmSSL specific */
-	if (params->mactag_size > maclen) {
-		goto end;
-	}
-	if (cv->mactag_size != params->mactag_size ||
-		memcmp(mac, cv->mactag, cv->mactag_size)) {
-		goto end;
+		/* B6: check Hash(x2 || M || y2) == C3 */
+		if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, out, *outlen)) {
+			goto end;
+		}
+		if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
+			goto end;
+		}
+		if (!EVP_DigestFinal_ex(md_ctx, mac, &maclen)) {
+			goto end;
+		}
+
+		/* GmSSL specific */
+		if (params->mactag_size > maclen) {
+			goto end;
+		}
+		if (cv->mactag_size != params->mactag_size ||
+			memcmp(mac, cv->mactag, cv->mactag_size)) {
+			goto end;
+		}
 	}
 
 	ret = 1;
@@ -643,5 +648,3 @@ int SM2_decrypt_elgamal(const unsigned char *in, size_t inlen,
 	return SM2_decrypt(&params, in, inlen, out, outlen, ec_key);
 }
 
-
-

crypto/sm2/sm2_lib.c

@@ -130,8 +130,6 @@ int sm2_get_public_key_data(unsigned char *buf, EC_KEY *ec_key)
 	BIGNUM *y = NULL;
 	size_t len;
 
-	unsigned char *pbuf = buf;
-
 	if (!ec_key || !buf) {
 		return 0;
 	}
@@ -288,10 +286,11 @@ int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md,
 		goto err;
 	}
 
-	if (!EVP_DigestFinal_ex(&md_ctx, dgst, &dgstlen)) {
+	if (!EVP_DigestFinal_ex(&md_ctx, dgst, &len)) {
 		goto err;
 	}
 
+	*dgstlen = len;
 	ret = 1;
 err:
 	EVP_MD_CTX_cleanup(&md_ctx);

demos/otp/Makefile

@@ -0,0 +1,5 @@
+all:
+	gcc mkgen.c ../../libcrypto.a -o mkgen
+	gcc tkgen.c ../../libcrypto.a -o tkgen
+clean:
+	rm -fr mkgen tkgen

demos/otp/mkgen.c

@@ -0,0 +1,21 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <libgen.h>
+#include <openssl/rand.h>
+
+int main(int argc, char **argv)
+{
+	unsigned char mk[32];
+	int i;
+
+	RAND_bytes(mk, sizeof(mk));
+	
+	for (i = 0; i < sizeof(mk); i++) {
+		printf("%02x", mk[i]);
+	}
+	printf("\n");
+	
+	return 0;
+}
+

demos/otp/tkgen.c

@@ -0,0 +1,49 @@
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <libgen.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/otp.h>
+#include <openssl/rand.h>
+
+
+int main(int argc, char **argv)
+{
+	char *prog;
+	char *id;
+	char *mk;
+	int offset;
+	OTP_PARAMS params;
+	unsigned int otp;
+
+	prog = basename(argv[0]);
+
+	if (argc < 3) {
+		printf("usage: %s <event> <key> [<offset>]\n", prog);
+		return 0;
+	}
+
+	id = argv[1];
+	mk = argv[2];
+
+	if (argc > 3)
+		offset = atoi(argv[3]);
+
+	params.type = NID_sm3;
+	params.te = 60;
+	params.option = "end";
+	params.option_size = strlen(params.option);
+	params.otp_digits = 6;
+	params.offset = offset;
+
+	OpenSSL_add_all_algorithms();
+	if (!OTP_generate(&params, id, strlen(id), &otp, (unsigned char *)mk, strlen(mk))) {
+		fprintf(stderr, "failed\n");
+	}
+
+	printf("OTP = %06u\n", otp);	
+	return 0;
+}
+

engines/skf/skf_dummy.c

@@ -10,7 +10,6 @@
 #define CONTAINER_NAME_LIST	CONTAINER_NAME"\0"
 
 
-
 ULONG DEVAPI SKF_WaitForDevEvent(LPSTR szDevName,
 	ULONG *pulDevNameLen, ULONG *pulEvent)
 {

tools/c_rehash

@@ -3,8 +3,8 @@
 # Perl c_rehash script, scan all files in a directory
 # and add symbolic links to their hash values.
 
-my $dir = "/usr/local/openssl";
-my $prefix = "/usr/local";
+my $dir = "/usr/local/ssl";
+my $prefix = "/usr/local/ssl";
 
 my $openssl = $ENV{OPENSSL} || "openssl";
 my $pwd;