diff --git a/crypto/cpk/cpk_lcl.h b/crypto/cpk/cpk_lcl.h index 68398c76..b3c36f0b 100755 --- a/crypto/cpk/cpk_lcl.h +++ b/crypto/cpk/cpk_lcl.h @@ -52,6 +52,7 @@ #include #include +#define CPK_VERSION 2 struct cpk_master_secret_st { long version; diff --git a/crypto/cpk/cpk_lib.c b/crypto/cpk/cpk_lib.c index 6ccb7021..dc7078a9 100755 --- a/crypto/cpk/cpk_lib.c +++ b/crypto/cpk/cpk_lib.c @@ -1,5 +1,5 @@ /* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * Copyright (c) 2007 - 2018 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -68,148 +68,136 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id); static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id); -CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int pkey_nid, int map_nid) +CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int curve, int map) { - int e = 1; + CPK_MASTER_SECRET *ret = NULL; CPK_MASTER_SECRET *master = NULL; - BIGNUM *bn = NULL; - BIGNUM *order = NULL; - X509_PUBKEY *pubkey = NULL; - X509_ALGOR *pkey_algor; - int pkey_type; - int i, bn_size, num_factors; - unsigned char *bn_ptr; + EC_KEY *ec_key = NULL; EVP_PKEY *pkey = NULL; - X509_ALGOR *map_algor = NULL; - - if (!domain_id) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - if (strlen(domain_id) <= 0 || strlen(domain_id) > CPK_MAX_ID_LENGTH) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_ID_LENGTH); - return NULL; - } - - /* pkey type and domain parameters is required - * EC:curve - * SM9:curve ... - * - * so we do not check pkey_nid - */ - - //FIXME: merge into ec routine - EC_KEY *ec = EC_KEY_new_by_curve_name(NID_sm2p256v1); - EC_KEY_generate_key(ec); - pkey = EVP_PKEY_new(); - EVP_PKEY_set1_EC_KEY(pkey, ec); - //FIXME: free ec - map_algor = CPK_MAP_new(map_nid); - - pkey_type = EVP_PKEY_id(pkey); - if (pkey_type == EVP_PKEY_EC) { - const EC_GROUP *ec_group; - if (!(order = BN_new())) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto err; - } - ec_group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0(pkey)); - if (!EC_GROUP_get_order(ec_group, order, NULL)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto err; - } - OPENSSL_assert(EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0(pkey)) != NULL); - } else { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_PKEY_TYPE); - goto err; - } + X509_PUBKEY *pubkey = NULL; + const BIGNUM *order; + int order_bytes; + int num_factors; + unsigned char *secret_buf = NULL; + size_t secret_len; + unsigned char *p; + BIGNUM *bn = NULL; + int i; + /* check domain_id */ if (!(master = CPK_MASTER_SECRET_new())) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto err; + goto end; + } + + /* set version */ + master->version = CPK_VERSION; + + /* set domain_id */ + if (!domain_id) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_PASSED_NULL_PARAMETER); + goto end; + } + + if (strlen(domain_id) <= 0 || strlen(domain_id) > CPK_MAX_ID_LENGTH) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_ID_LENGTH); + goto end; } - master->version = 1; if (!X509_NAME_add_entry_by_NID(master->id, NID_organizationName, MBSTRING_UTF8, (unsigned char *)domain_id, -1, -1, 0)) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto err; + goto end; } - /* - * convert EVP_PKEY to X509_ALGOR through X509_PUBKEY_set - * X509_ALGOR_set0() is another choice but require more code - */ - // FIXME: X509_PUBKEY require pkey has a public key - if (!X509_PUBKEY_set(&pubkey, pkey)) { + /* set pkey algor */ + if (!(ec_key = EC_KEY_new_by_curve_name(curve))) { + //CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_CURVE); + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); + goto end; + } + + if (!(pkey = EVP_PKEY_new()) + || !EVP_PKEY_set1_EC_KEY(pkey, ec_key)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_EVP_LIB); + goto end; + } + if (!(pubkey = X509_PUBKEY_new()) + || !X509_PUBKEY_set(&pubkey, pkey) + || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &master->pkey_algor, pubkey)) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto err; + goto end; } - X509_PUBKEY_get0_param(NULL, NULL, NULL, &pkey_algor, pubkey); - X509_ALGOR_free(master->pkey_algor); - if (!(master->pkey_algor = X509_ALGOR_dup(pkey_algor))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto err; + /* get order and order_bytes */ + if (!(order = EC_GROUP_get0_order(EC_KEY_get0_group(ec_key))) + || !(order_bytes = BN_num_bytes(order))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); + goto end; } - //FIXME: check the validity of CPK_MAP + /* set map algor */ X509_ALGOR_free(master->map_algor); - if (!(master->map_algor = X509_ALGOR_dup(map_algor))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto err; - } - if ((num_factors = CPK_MAP_num_factors(map_algor)) <= 0) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_MAP_ALGOR); - goto err; + if (!(master->map_algor = CPK_MAP_new(map))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); + goto end; } - /* - * create secret factors, for both DSA and EC, - * the private keys are both big integers, - */ - bn_size = BN_num_bytes(order); - if (!ASN1_STRING_set(master->secret_factors, NULL, bn_size * num_factors)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_ASN1_LIB); - goto err; + /* get num_factors */ + if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_MAP_ALGOR); + goto end; } - bn_ptr = master->secret_factors->data; - memset(bn_ptr, 0, ASN1_STRING_length(master->secret_factors)); + + /* set random secret_factors */ + secret_len = order_bytes * num_factors; + if (!(secret_buf = OPENSSL_zalloc(secret_len))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); + goto end; + } + p = secret_buf; if (!(bn = BN_new())) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto err; + goto end; } for (i = 0; i < num_factors; i++) { do { if (!BN_rand_range(bn, order)) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_BN_LIB); - goto err; + goto end; } } while (BN_is_zero(bn)); - if (!BN_bn2bin(bn, bn_ptr + bn_size - BN_num_bytes(bn))) { + if (!BN_bn2bin(bn, p + order_bytes - BN_num_bytes(bn))) { CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_BN_LIB); - goto err; + goto end; } - bn_ptr += bn_size; + p += order_bytes; } - e = 0; -err: - if (e && master) { - CPK_MASTER_SECRET_free(master); - master = NULL; + if (!ASN1_STRING_set(master->secret_factors, secret_buf, secret_len)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_ASN1_LIB); + goto end; } + + ret = master; + master = NULL; + +end: + CPK_MASTER_SECRET_free(master); + EC_KEY_free(ec_key); + EVP_PKEY_free(pkey); X509_PUBKEY_free(pubkey); - if (order && pkey_type == EVP_PKEY_EC) BN_free(order); - if (bn) BN_free(bn); - return master; + OPENSSL_clear_free(secret_buf, secret_len); + BN_free(bn); + return ret; } CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master) { + CPK_PUBLIC_PARAMS *ret = NULL; CPK_PUBLIC_PARAMS *param = NULL; int pkey_type; @@ -261,16 +249,19 @@ CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *ma CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_INVALID_PKEY_TYPE); goto err; } - return param; + + ret = param; + param = NULL; err: - if (param) CPK_PUBLIC_PARAMS_free(param); - return NULL; + CPK_PUBLIC_PARAMS_free(param); + return ret; } EVP_PKEY *CPK_MASTER_SECRET_extract_private_key( CPK_MASTER_SECRET *master, const char *id) { + EVP_PKEY *ret = NULL; EVP_PKEY *pkey = NULL; int pkey_type; @@ -302,16 +293,18 @@ EVP_PKEY *CPK_MASTER_SECRET_extract_private_key( goto err; } - return pkey; + ret = pkey; + pkey = NULL; err: - if (pkey) EVP_PKEY_free(pkey); - return NULL; + EVP_PKEY_free(pkey); + return ret; } EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param, const char *id) { + EVP_PKEY *ret = NULL; EVP_PKEY *pkey = NULL; int pkey_type; @@ -344,11 +337,12 @@ EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param, goto err; } - return pkey; + ret = pkey; + pkey = NULL; err: - if (pkey) EVP_PKEY_free(pkey); - return NULL; + EVP_PKEY_free(pkey); + return ret; } char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size) @@ -420,7 +414,7 @@ int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, } ret = EVP_PKEY_cmp(pub_key, priv_key); err: - if (pub_key) EVP_PKEY_free(pub_key); + EVP_PKEY_free(pub_key); return ret; } @@ -546,17 +540,17 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param ret = 1; err: - if (ec_key) EC_KEY_free(ec_key); - if (bn) BN_free(bn); - if (order) BN_free(order); - if (ctx) BN_CTX_free(ctx); - if (pt) EC_POINT_free(pt); + EC_KEY_free(ec_key); + BN_free(bn); + BN_free(order); + BN_CTX_free(ctx); + EC_POINT_free(pt); return ret; } static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id) { - int e = 1; + EC_KEY *ret = NULL; EC_KEY *ec_key = NULL; const EC_GROUP *ec_group; EC_POINT *pub_key = NULL; @@ -634,25 +628,24 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id) CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); goto err; } - e = 0; + + ret = ec_key; + ec_key = NULL; err: - if (e && ec_key) { - EC_KEY_free(ec_key); - ec_key = NULL; - } - if (priv_key) BN_free(priv_key); - if (pub_key) EC_POINT_free(pub_key); - if (order) BN_free(order); - if (bn) BN_free(bn); - if (ctx) BN_CTX_free(ctx); - if (index) OPENSSL_free(index); - return ec_key; + EC_KEY_free(ec_key); + BN_free(priv_key); + EC_POINT_free(pub_key); + BN_free(order); + BN_free(bn); + BN_CTX_free(ctx); + OPENSSL_free(index); + return ret; } static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id) { - int e = 1; + EC_KEY *ret = NULL; EC_KEY *ec_key = NULL; const EC_GROUP *ec_group; EC_POINT *pub_key = NULL; @@ -730,16 +723,16 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id) CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); goto err; } - e = 0; + + ret = ec_key; + ec_key = NULL; + err: - if (e && ec_key) { - EC_KEY_free(ec_key); - ec_key = NULL; - } - if (pub_key) EC_POINT_free(pub_key); - if (order) BN_free(order); - if (bn) BN_free(bn); - if (ctx) BN_CTX_free(ctx); - if (index) OPENSSL_free(index); - return ec_key; + EC_KEY_free(ec_key); + EC_POINT_free(pub_key); + BN_free(order); + BN_free(bn); + BN_CTX_free(ctx); + OPENSSL_free(index); + return ret; } diff --git a/demos/cpk/cpk-setup.c b/demos/cpk/cpk-setup.c index 02ec2dd6..a0863127 100644 --- a/demos/cpk/cpk-setup.c +++ b/demos/cpk/cpk-setup.c @@ -71,7 +71,7 @@ int main(int argc, char **argv) return 0; } - if (!(msk = CPK_MASTER_SECRET_create("codesign", 0, NID_cpk_map_sha1)) + if (!(msk = CPK_MASTER_SECRET_create("codesign", NID_sm2p256v1, NID_cpk_map_sha1)) || !(mpk = CPK_MASTER_SECRET_extract_public_params(msk))) { ERR_print_errors_fp(stderr); goto end; diff --git a/demos/fpe/Makefile b/demos/fpe/Makefile new file mode 100644 index 00000000..17a147d1 --- /dev/null +++ b/demos/fpe/Makefile @@ -0,0 +1,12 @@ +all: + gcc fpe-encrypt.c -L /usr/local/lib -lcrypto -o fpe-encrypt + gcc fpe-decrypt.c -L /usr/local/lib -lcrypto -o fpe-decrypt + +test: + ./fpe-encrypt 0123456789012345 secretkey tweak001 + ./fpe-decrypt 6492610187935136 secretkey tweak001 + +clean: + rm -fr a.out + rm -fr fpe-encrypt + rm -fr fpe-decrypt diff --git a/demos/fpe/fpe-decrypt.c b/demos/fpe/fpe-decrypt.c new file mode 100644 index 00000000..7357eb15 --- /dev/null +++ b/demos/fpe/fpe-decrypt.c @@ -0,0 +1,110 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Alert: + * This is a only a demo of the FFX format-preserving encryption algorithm, + * the encryption key should not be read from command line argumnents, and + * the key and tweak should be binary (full 8-bit per char). + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + char *prog = basename(argv[0]); + FFX_CTX *ctx = NULL; + unsigned char key[32] = {0}; + char out[FFX_MAX_DIGITS + 1] = {0}; + + if (argc != 4) { + printf("usage: %s \n", prog); + return -1; + } + if (strlen(argv[1]) < FFX_MIN_DIGITS || strlen(argv[1]) > FFX_MAX_DIGITS) { + fprintf(stderr, "%s: invalid digits length, should be %d to %d\n", + prog, FFX_MIN_DIGITS, FFX_MAX_DIGITS); + return -1; + } + if (strlen(argv[2]) < FFX_MIN_TWEAKLEN || strlen(argv[2]) > FFX_MAX_TWEAKLEN) { + fprintf(stderr, "%s: invalid tweak length, should be %d to %d\n", + prog, FFX_MIN_TWEAKLEN, FFX_MAX_TWEAKLEN); + return -1; + } + strncpy((char *)key, argv[2], sizeof(key)); + + if (!(ctx = FFX_CTX_new())) { + ERR_print_errors_fp(stderr); + goto end; + } + + if (!FFX_init(ctx, EVP_sms4_ecb(), key, 0)) { + ERR_print_errors_fp(stderr); + goto end; + } + if (!FFX_decrypt(ctx, argv[1], out, strlen(argv[1]), + (unsigned char *)argv[3], strlen(argv[3]))) { + ERR_print_errors_fp(stderr); + goto end; + } + printf("%s\n", out); + + ret = 0; + +end: + FFX_CTX_free(ctx); + return ret; +} diff --git a/demos/fpe/fpe-encrypt.c b/demos/fpe/fpe-encrypt.c new file mode 100644 index 00000000..44d8bdbd --- /dev/null +++ b/demos/fpe/fpe-encrypt.c @@ -0,0 +1,110 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Alert: + * This is a only a demo of the FFX format-preserving encryption algorithm, + * the encryption key should not be read from command line argumnents, and + * the key and tweak should be binary (full 8-bit per char). + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + char *prog = basename(argv[0]); + FFX_CTX *ctx = NULL; + unsigned char key[32] = {0}; + char out[FFX_MAX_DIGITS + 1] = {0}; + + if (argc != 4) { + printf("usage: %s \n", prog); + return -1; + } + if (strlen(argv[1]) < FFX_MIN_DIGITS || strlen(argv[1]) > FFX_MAX_DIGITS) { + fprintf(stderr, "%s: invalid digits length, should be %d to %d\n", + prog, FFX_MIN_DIGITS, FFX_MAX_DIGITS); + return -1; + } + if (strlen(argv[2]) < FFX_MIN_TWEAKLEN || strlen(argv[2]) > FFX_MAX_TWEAKLEN) { + fprintf(stderr, "%s: invalid tweak length, should be %d to %d\n", + prog, FFX_MIN_TWEAKLEN, FFX_MAX_TWEAKLEN); + return -1; + } + strncpy((char *)key, argv[2], sizeof(key)); + + if (!(ctx = FFX_CTX_new())) { + ERR_print_errors_fp(stderr); + goto end; + } + + if (!FFX_init(ctx, EVP_sms4_ecb(), key, 0)) { + ERR_print_errors_fp(stderr); + goto end; + } + if (!FFX_encrypt(ctx, argv[1], out, strlen(argv[1]), + (unsigned char *)argv[3], strlen(argv[3]))) { + ERR_print_errors_fp(stderr); + goto end; + } + printf("%s\n", out); + + ret = 0; + +end: + FFX_CTX_free(ctx); + return ret; +} diff --git a/demos/otp/otp-setup.c b/demos/otp/otp-setup.c new file mode 100644 index 00000000..2e4db93b --- /dev/null +++ b/demos/otp/otp-setup.c @@ -0,0 +1,37 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + BIO *bio = NULL; + unsigned char key[32]; + + if (!RAND_bytes(key, sizeof(key))) { + ERR_print_errors_fp(stderr); + return -1; + } + + if (!(bio = BIO_new_file(".otp_secret", "w"))) { + ERR_print_errors_fp(stderr); + return -1; + } + + if (BIO_write(bio, key, sizeof(key)) != sizeof(key)) { + ERR_print_errors_fp(stderr); + BIO_free(bio); + return -1; + } + + printf("generate OTP seed in '.otp_secret'\n"); + + BIO_free(bio); + OPENSSL_cleanse(key, sizeof(key)); + + return 0; +} diff --git a/demos/otp/otp.c b/demos/otp/otp.c new file mode 100644 index 00000000..9809d16f --- /dev/null +++ b/demos/otp/otp.c @@ -0,0 +1,43 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + char *prog = basename(argv[0]); + BIO *bio = NULL; + OTP_PARAMS params; + unsigned char key[32] = {0}; + unsigned char event[] = "this is a fixed value"; + unsigned int otp; + + params.type = NID_sm3; + params.te = 1; + params.option = NULL; + params.option_size = 0; + params.otp_digits = 6; + + if (!(bio = BIO_new_file(".otp_secret", "r"))) { + ERR_print_errors_fp(stderr); + return -1; + } + if (BIO_read(bio, key, sizeof(key)) != sizeof(key)) { + ERR_print_errors_fp(stderr); + BIO_free(bio); + return -1; + } + BIO_free(bio); + + if (!OTP_generate(¶ms, event, sizeof(event), &otp, key, sizeof(key))) { + ERR_print_errors_fp(stderr); + return -1; + } + + printf("%06u\n", otp); + return 0; +} diff --git a/demos/sdf/Makefile b/demos/sdf/Makefile new file mode 100644 index 00000000..0a146124 --- /dev/null +++ b/demos/sdf/Makefile @@ -0,0 +1,10 @@ +all: + gcc sdf.c libsdf.so -o sdf + gcc sdf.c -DUSE_GMAPI -L /usr/local/lib -lcrypto -o sdf-gmapi + +test: + ./sdf-gmapi + +clean: + rm -fr sdf + rm -fr sdf-gmaip diff --git a/demos/sdf/sdf.c b/demos/sdf/sdf.c new file mode 100644 index 00000000..33b86a0d --- /dev/null +++ b/demos/sdf/sdf.c @@ -0,0 +1,87 @@ +#include +#include +#include +#include +#ifdef USE_GMAPI +# include +# include +# include +#else +/* + * We need vendor's SDF dynamic library and headers, for example when using + * Sansec PCI-E SDF card, make the following link: + * `ln -s /path/to/sansec/lib/linux/x86_64/libswsds.so.4.6.2.0_x64 libsdf.so` + * `ln -s /path/to/sansec/include/swsds.h sdf.h` + */ +# include "sdf.h" +#endif + + +int main(int argc, char **argv) +{ + int ret = -1; + char *prog = basename(argv[0]); + int rv; + void *hDev = NULL; + void *hSession = NULL; + DEVICEINFO devInfo; + +#ifdef USE_GMAPI + if (argc != 2) { + printf("usage: %s \n", prog); + return -1; + } + + if ((rv = SDF_LoadLibrary(argv[1], NULL)) != SDR_OK) { + ERR_print_errors_fp(stderr); + return -1; + } +#endif + + if ((rv = SDF_OpenDevice(&hDev)) != SDR_OK) { + fprintf(stderr, "%s: SDF_OpenDevice() return %08X", prog, rv); + goto end; + } + + if ((rv = SDF_OpenSession(hDev, &hSession)) != SDR_OK) { + fprintf(stderr, "%s: SDF_OpenSession() return %08X", prog, rv); + goto end; + } + + if ((rv = SDF_GetDeviceInfo(hSession, &devInfo)) != SDR_OK) { + fprintf(stderr, "%s: SDF_GetDeviceInfo() return %08X", prog, rv); + goto end; + } + +#ifdef USE_GMAPI + if ((rv = SDF_PrintDeviceInfo(&devInfo)) != SDR_OK) { + ERR_print_errors_fp(stderr); + goto end; + } +#endif + + if ((rv = SDF_CloseSession(hSession)) != SDR_OK) { + fprintf(stderr, "%s: SDF_CloseSession() return %08X", prog, rv); + goto end; + } + + if ((rv = SDF_CloseDevice(hDev)) != SDR_OK) { + fprintf(stderr, "%s: SDF_CloseDevice() return %08X", prog, rv); + goto end; + } + + ret = 0; + +end: +#ifdef USE_GMAPI + if (rv != SDR_OK) { + char *errstr; + SDF_GetErrorString(rv, &errstr); + fprintf(stderr, "%s: %s\n", prog, errstr); + ERR_print_errors_fp(stderr); + } + + SDF_UnloadLibrary(); +#endif + return ret; +} diff --git a/demos/skf/Makefile b/demos/skf/Makefile new file mode 100644 index 00000000..83be1dd9 --- /dev/null +++ b/demos/skf/Makefile @@ -0,0 +1,11 @@ +all: + #gcc skf.c libskf.so -o skf + gcc skf.c -DUSE_GMAPI -lcrypto -o skf-gmapi + +test: + #./skf + ./skf-gmapi + +clean: + rm -fr skf + rm -fr skf-gmapi diff --git a/demos/skf/skf.c b/demos/skf/skf.c new file mode 100644 index 00000000..ca4c903c --- /dev/null +++ b/demos/skf/skf.c @@ -0,0 +1,88 @@ +#include +#include +#include +#include +/* + * When USE_GMAPI, the code need to load vendor's SKF dynamic library through + * the GmSSL SKF framework, and the error string can be printed through the ERR + * module. + */ +#ifdef USE_GMAPI +# include +# include +# include +#else +/* + * Else the code can be directly linked with vendor's static or dynamic SKF + * library, and the code also need the vendor's SKF header files. + */ +# include "skf.h" +#endif + +int main(int argc, char **argv) +{ + int ret = -1; + char *prog = basename(argv[0]); + ULONG rv; + LPSTR nameList = NULL; + ULONG ulSize; + DEVHANDLE hDev; + DEVINFO devInfo; + +#ifdef USE_GMAPI + if (argc != 2) { + printf("usage: %s \n", prog); + return -1; + } + + if ((rv = SKF_LoadLibrary((LPSTR)argv[1], NULL)) != SAR_OK) { + ERR_print_errors_fp(stderr); + return -1; + } +#endif + + if ((rv = SKF_EnumDev(TRUE, NULL, &ulSize)) != SAR_OK) { + fprintf(stderr, "%s: SKF_EnumDev() return %u\n", prog, rv); + goto end; + } + + if (!(nameList = malloc(ulSize))) { + goto end; + } + + if ((rv = SKF_EnumDev(TRUE, nameList, &ulSize)) != SAR_OK) { + fprintf(stderr, "%s: SKF_EnumDev() return %u\n", prog, rv); + goto end; + } + + if ((rv = SKF_ConnectDev(nameList, &hDev)) != SAR_OK) { + fprintf(stderr, "%s: SKF_EnumDev() return %u\n", prog, rv); + goto end; + } + + if ((rv = SKF_GetDevInfo(hDev, &devInfo)) != SAR_OK) { + fprintf(stderr, "%s: SKF_EnumDev() return %u\n", prog, rv); + goto end; + } + +#ifdef USE_GMAPI + if ((rv = SKF_PrintDevInfo(&devInfo)) != SAR_OK) { + ERR_print_errors_fp(stderr); + goto end; + } +#endif + + if ((rv = SKF_DisConnectDev(hDev)) != SAR_OK) { + fprintf(stderr, "%s: SKF_EnumDev() return %u\n", prog, rv); + goto end; + } + + ret = 0; + +end: +#ifdef USE_GMAPI + SKF_UnloadLibrary(); +#endif + free(nameList); + return ret; +} diff --git a/demos/sm1/build.info b/demos/sm1/build.info new file mode 100644 index 00000000..5dc848fa --- /dev/null +++ b/demos/sm1/build.info @@ -0,0 +1,2 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=sm1.c sm1_ecb.c sm1_cbc.c sm1_cfb.c sm1_ofb.c diff --git a/demos/sm1/e_sm1.c b/demos/sm1/e_sm1.c new file mode 100644 index 00000000..738bf1d4 --- /dev/null +++ b/demos/sm1/e_sm1.c @@ -0,0 +1,89 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + /* + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#include +#include +#include +#include +#include "evp_locl.h" +# include "internal/evp_int.h" +#include "../modes/modes_lcl.h" + + +typedef struct { + SM1_KEY ks; +} EVP_SM1_KEY; + +static int sm1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + if (enc) { + ret = SM1_set_encrypt_key( + &EVP_C_DATA(EVP_SM1_KEY, ctx)->ks, key); + } else { + ret = SM1_set_decrypt_key( + &EVP_C_DATA(EVP_SM1_KEY, ctx)->ks, key); + } + return ret; +} + +IMPLEMENT_BLOCK_CIPHER(sm1, ks, SM1, EVP_SM1_KEY, NID_sm1, + 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1, + sm1_init_key, 0, 0, 0, 0) + diff --git a/demos/sm1/sm1.c b/demos/sm1/sm1.c new file mode 100644 index 00000000..e07c9deb --- /dev/null +++ b/demos/sm1/sm1.c @@ -0,0 +1,78 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +/* + * As currently we dont have implementations, all these functions will + * return error. Maybe in the future there will be some hardware based + * implementations. For example, some of the code is compiled and running + * inside a crypto device, then there might be implementation. + */ +/* + * we need to generate some runtime alerts when these functions are called. + */ + +int SM1_set_encrypt_key(SM1_KEY *key, const unsigned char *user_key) +{ + return 0; +} + +int SM1_set_decrypt_key(SM1_KEY *key, const unsigned char *user_key) +{ + return 0; +} + +int SM1_encrypt(const unsigned char *in, unsigned char *out, SM1_KEY *key) +{ + return 0; +} + +int SM1_decrypt(const unsigned char *in, unsigned char *out, SM1_KEY *key) +{ + return 0; +} diff --git a/demos/sm1/sm1.h b/demos/sm1/sm1.h new file mode 100644 index 00000000..c3898895 --- /dev/null +++ b/demos/sm1/sm1.h @@ -0,0 +1,66 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#ifndef HEADER_SM1_H +#define HEADER_SM1_H + +#define SM1_KEY_LENGTH 16 +#define SM1_BLOCK_SIZE 16 +#define SM1_IV_LENGTH (SM1_BLOCK_SIZE) + +typedef struct sm1_key_st { + unsigned int rk[64]; +} SM1_KEY; + +int SM1_set_encrypt_key(SM1_KEY *key, const unsigned char *user_key); +int SM1_set_decrypt_key(SM1_KEY *key, const unsigned char *user_key); +int SM1_encrypt(const unsigned char *in, unsigned char *out, SM1_KEY *key); +int SM1_decrypt(const unsigned char *in, unsigned char *out, SM1_KEY *key); + +#endif diff --git a/demos/sm1/sm1_cbc.c b/demos/sm1/sm1_cbc.c new file mode 100644 index 00000000..fb89964d --- /dev/null +++ b/demos/sm1/sm1_cbc.c @@ -0,0 +1,72 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SM1_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SM1_KEY *key, + unsigned char ivec[SM1_BLOCK_SIZE], int enc) +{ + if (enc) { + CRYPTO_cbc128_encrypt(in, out, inlen, key, ivec, + (block128_f)SM1_encrypt); + } else { + CRYPTO_cbc128_decrypt(in, out, inlen, key, ivec, + (block128_f)SM1_decrypt); + } +} diff --git a/demos/sm1/sm1_cfb.c b/demos/sm1/sm1_cfb.c new file mode 100644 index 00000000..ceef0143 --- /dev/null +++ b/demos/sm1/sm1_cfb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SM1_cfb128_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SM1_KEY *key, + unsigned char ivec[SM1_BLOCK_SIZE], int *num, int enc) +{ + CRYPTO_cfb128_encrypt(in, out, inlen, key, ivec, num, enc, + (block128_f)SM1_encrypt); +} + diff --git a/demos/sm1/sm1_ecb.c b/demos/sm1/sm1_ecb.c new file mode 100644 index 00000000..38fb1a3a --- /dev/null +++ b/demos/sm1/sm1_ecb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +void SM1_ecb_encrypt(const unsigned char *in, unsigned char *out, + const SM1_KEY *key, int enc) +{ + if (enc) { + SM1_encrypt(in, out, key); + } else { + SM1_decrypt(in, out, key); + } +} diff --git a/demos/sm1/sm1_ofb.c b/demos/sm1/sm1_ofb.c new file mode 100644 index 00000000..778741d4 --- /dev/null +++ b/demos/sm1/sm1_ofb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SM1_ofb128_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SM1_KEY *key, + unsigned char ivec[SM1_BLOCK_SIZE], int *num) +{ + CRYPTO_ofb128_encrypt(in, out, inlen, key, ivec, num, + (block128_f)SM1_encrypt); +} + diff --git a/demos/sm2/Makefile b/demos/sm2/Makefile new file mode 100644 index 00000000..e70f6954 --- /dev/null +++ b/demos/sm2/Makefile @@ -0,0 +1,15 @@ +all: + gcc keygen.c -L /usr/local/lib -lcrypto -o keygen + gcc keygen.c -DENCRYPT_KEY -DNO_PROMPT -L /usr/local/lib -lcrypto -o keygen-enc + gcc keygen.c -DENCRYPT_KEY -L /usr/local/lib -lcrypto -o keygen-enc-prompt + +test: + ./keygen + ./keygen-enc + ./keygen-enc-prompt + +clean: + rm -fr a.out + rm -fr keygen + rm -fr keygen-enc + rm -fr keygen-enc-prompt diff --git a/demos/sm2/keygen.c b/demos/sm2/keygen.c new file mode 100644 index 00000000..3d78af81 --- /dev/null +++ b/demos/sm2/keygen.c @@ -0,0 +1,106 @@ + +/* + * This demo shows how to: + * - generate SM2 private + * - encrypt SM2 private key with SM4 + * - output public/private key in PEM format + * - generate the SM2 Z value from public key + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + char *prog = basename(argv[0]); + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + const EVP_CIPHER *cipher = NULL; + char *pass = NULL; + char *id = "12345678"; + unsigned char z[64]; + size_t zlen = sizeof(z); + int i; + + if (argc > 2) { + printf("usage: %s \n", prog); + return -1; + } + if (argc == 2) { + id = argv[1]; + } + + /* generate sm2 private key using EC_KEY API */ + if (!(ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1))) { + ERR_print_errors_fp(stderr); + goto end; + } + + if (!EC_KEY_generate_key(ec_key)) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* assign EC_KEY to EVP_PKEY */ + if (!(pkey = EVP_PKEY_new())) { + ERR_print_errors_fp(stderr); + goto end; + } + + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) { + ERR_print_errors_fp(stderr); + goto end; + } + ec_key = NULL; /* free-ed by EVP_PKEY */ + +#ifdef ENCRYPT_KEY + /* generate PKCS #8 EncryptedPrivateKeyInfo with SM4 + * else unencrypted PKCS #8 PrivateKeyInfo is generated. + */ + cipher = EVP_sms4_cbc(); +# ifdef NO_PROMPT + /* else user need to input password from prompt */ + pass = "P@ssw0rd"; +# endif +#endif + /* generate PKCS #8 in PEM format */ + if (!PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0, 0, pass)) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* generate public key in pem format */ + if (!PEM_write_EC_PUBKEY(stdout, EVP_PKEY_get0_EC_KEY(pkey))) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* generate Z value in HEX */ + if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen, + EVP_PKEY_get0_EC_KEY(pkey))) { + ERR_print_errors_fp(stderr); + goto end; + } + printf("Z = "); + for (i = 0; i < zlen; i++) { + printf("%02X", z[i]); + } + printf("\n"); + + ret = 0; + +end: + EC_KEY_free(ec_key); + EVP_PKEY_free(pkey); + return ret; +} diff --git a/demos/sm3/Makefile b/demos/sm3/Makefile new file mode 100644 index 00000000..0ddf5a8b --- /dev/null +++ b/demos/sm3/Makefile @@ -0,0 +1,14 @@ +all: + gcc sm3.c -L /usr/local/lib -lcrypto -o sm3 + gcc sm3evp.c -L /usr/local/lib -lcrypto -o sm3evp + gcc sm3hmac.c -L /usr/local/lib -lcrypto -o sm3hmac + +test: + echo "hello" | ./sm3 + echo "hello" | ./sm3evp + echo "hello" | ./sm3hmac + +clean: + rm -fr sm3 + rm -fr sm3evp + rm -fr sm3hmac diff --git a/demos/sm3/sm3.c b/demos/sm3/sm3.c new file mode 100755 index 00000000..c1489216 --- /dev/null +++ b/demos/sm3/sm3.c @@ -0,0 +1,92 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * This SM3 demo use the native sm3_init/update/final APIs + */ + +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + sm3_ctx_t ctx; + unsigned char dgst[SM3_DIGEST_LENGTH]; + unsigned char buf[4096]; + ssize_t len; + int i; + + if (argc > 1) { + printf("usage: %s < file\n", basename(argv[0])); + return -1; + } + + /* init sm3 context */ + sm3_init(&ctx); + + /* increamental update data to be hashed */ + while ((len = read(STDIN_FILENO, buf, sizeof(buf))) > 0) { + sm3_update(&ctx, buf, len); + } + + /* get hash value */ + sm3_final(&ctx, dgst); + + /* print hash in hex */ + for (i = 0; i < sizeof(dgst); i++) { + printf("%02X", dgst[i]); + } + printf("\n"); + + return 0; +} diff --git a/demos/sm3/sm3evp.c b/demos/sm3/sm3evp.c new file mode 100755 index 00000000..c0fe8dc4 --- /dev/null +++ b/demos/sm3/sm3evp.c @@ -0,0 +1,120 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * This SM3 demo use the abstract EVP API + */ + +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + FILE *fp = stdin; + unsigned char buf[1024]; + size_t len; + const EVP_MD *md = EVP_sm3(); + EVP_MD_CTX *mdctx = NULL; + unsigned char dgst[EVP_MAX_MD_SIZE]; + unsigned int dgstlen, i; + + /* hash a file when argv[1] exist, or from stdin */ + if (argc == 2) { + if (!(fp = fopen(argv[1], "r"))) { + fprintf(stderr, "open file %s failed\n", argv[1]); + return -1; + } + } + + /* get the SM3 EVP_MD object by name */ + if (!(md = EVP_get_digestbyname("sm3"))) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* create message digest (MD) context */ + if (!(mdctx = EVP_MD_CTX_new())) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* set digest method, i.e. sm3 */ + if (!EVP_DigestInit(mdctx, md)) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* update data to be digested */ + while ((len = fread(buf, 1, sizeof(buf), fp))) { + if (!EVP_DigestUpdate(mdctx, buf, len)) { + ERR_print_errors_fp(stderr); + goto end; + } + } + + /* get the digest/hash value */ + if (!EVP_DigestFinal(mdctx, dgst, &dgstlen)) { + ERR_print_errors_fp(stderr); + goto end; + } + + for (i = 0; i < dgstlen; i++) { + printf("%02X", dgst[i]); + } + printf("\n"); + ret = 0; + +end: + fclose(fp); + EVP_MD_CTX_free(mdctx); + return ret; +} diff --git a/demos/sm3/sm3hmac.c b/demos/sm3/sm3hmac.c new file mode 100755 index 00000000..f6558265 --- /dev/null +++ b/demos/sm3/sm3hmac.c @@ -0,0 +1,126 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + FILE *fp = stdin; + unsigned char key[32]; + unsigned char buf[1024]; + int len; + const EVP_MD *md; + HMAC_CTX *hmctx; + unsigned char mac[EVP_MAX_MD_SIZE]; + unsigned int maclen, i; + + if (argc == 2) { + if (!(fp = fopen(argv[1], "r"))) { + fprintf(stderr, "open file %s failed\n", argv[1]); + return -1; + } + } + + /* random generate HMAC key */ + if (!RAND_bytes(key, sizeof(key))) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* create HMAC context */ + if (!(hmctx = HMAC_CTX_new())) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* get the sm3 EVP object */ + if (!(md = EVP_get_digestbyname("sm3"))) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* init HMAC hash algorithm (sm3) and key */ + if (!HMAC_Init_ex(hmctx, key, sizeof(key), md, NULL)) { + ERR_print_errors_fp(stderr); + goto end; + } + + /* update data to be MACed */ + while ((len = fread(buf, 1, sizeof(buf), fp))) { + if (!HMAC_Update(hmctx, buf, len)) { + ERR_print_errors_fp(stderr); + goto end; + } + } + + /* get the final HMAC tag */ + if (!HMAC_Final(hmctx, mac, &maclen)) { + ERR_print_errors_fp(stderr); + goto end; + } + + for (i = 0; i < maclen; i++) { + printf("%02x", mac[i]); + } + printf("\n"); + ret = 0; + +end: + fclose(fp); + HMAC_CTX_free(hmctx); + return ret; +} + diff --git a/demos/sm4/Makefile b/demos/sm4/Makefile new file mode 100644 index 00000000..2833f370 --- /dev/null +++ b/demos/sm4/Makefile @@ -0,0 +1,11 @@ +all: + gcc sms4.c -L /usr/local/lib -lcrypto -o sms4 + gcc sms4.c -DUSE_RANDOM -L /usr/local/lib -lcrypto -o sms4rnd + +test: + ./sms4 + ./sms4rnd + +clean: + rm -fr sms4 + rm -fr sms4rnd diff --git a/demos/sm4/sms4.c b/demos/sm4/sms4.c new file mode 100755 index 00000000..19e1a87d --- /dev/null +++ b/demos/sm4/sms4.c @@ -0,0 +1,116 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * This sm4 demo use the native sm3_init/update/final APIs + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +int main(int argc, char **argv) +{ + sms4_key_t sms4; + unsigned char key[SMS4_KEY_LENGTH] = {0}; + unsigned char block[SMS4_BLOCK_SIZE] = {0}; + int i; + +#if USE_RANDOM + if (!RAND_bytes(key, sizeof(key)) + || !RAND_bytes(block, sizeof(block))) { + ERR_print_errors_fp(stderr); + return -1; + } +#endif + + printf("key = "); + for (i = 0; i < sizeof(key); i++) { + printf("%02X", key[i]); + } + printf("\n"); + + printf("plaintext block = "); + for (i = 0; i < sizeof(block); i++) { + printf("%02X", block[i]); + } + printf("\n"); + + /* expand key for encryption */ + sms4_set_encrypt_key(&sms4, key); + + /* encrypt a block */ + sms4_encrypt(block, block, &sms4); + + printf("ciphertext block = "); + for (i = 0; i < sizeof(block); i++) { + printf("%02X", block[i]); + } + printf("\n"); + + /* expand key for decryption */ + sms4_set_decrypt_key(&sms4, key); + + /* decrypt a block */ + sms4_decrypt(block, block, &sms4); + + printf("decrypted block = "); + for (i = 0; i < sizeof(block); i++) { + printf("%02X", block[i]); + } + printf("\n"); + + return 0; +} diff --git a/demos/ssf33/build.info b/demos/ssf33/build.info new file mode 100644 index 00000000..cccfa69b --- /dev/null +++ b/demos/ssf33/build.info @@ -0,0 +1,2 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=ssf33.c ssf33_ecb.c ssf33_cbc.c ssf33_cfb.c ssf33_ofb.c diff --git a/demos/ssf33/e_ssf33.c b/demos/ssf33/e_ssf33.c new file mode 100644 index 00000000..ead75313 --- /dev/null +++ b/demos/ssf33/e_ssf33.c @@ -0,0 +1,89 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + /* + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#include +#include +#include +#include +#include "evp_locl.h" +# include "internal/evp_int.h" +#include "../modes/modes_lcl.h" + + +typedef struct { + SSF33_KEY ks; +} EVP_SSF33_KEY; + +static int ssf33_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + if (enc) { + ret = SSF33_set_encrypt_key( + &EVP_C_DATA(EVP_SSF33_KEY, ctx)->ks, key); + } else { + ret = SSF33_set_decrypt_key( + &EVP_C_DATA(EVP_SSF33_KEY, ctx)->ks, key); + } + return ret; +} + +IMPLEMENT_BLOCK_CIPHER(ssf33, ks, SSF33, EVP_SSF33_KEY, NID_ssf33, + 16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1, + ssf33_init_key, 0, 0, 0, 0) + diff --git a/demos/ssf33/ssf33.c b/demos/ssf33/ssf33.c new file mode 100644 index 00000000..b73061fd --- /dev/null +++ b/demos/ssf33/ssf33.c @@ -0,0 +1,80 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include + +/* + * As currently we dont have implementations, all these functions will + * return error. Maybe in the future there will be some hardware based + * implementations. For example, some of the code is compiled and running + * inside a crypto device, then there might be implementation. + */ +/* + * we need to generate some runtime alerts when these functions are called. + */ + +int SSF33_set_encrypt_key(SSF33_KEY *key, const unsigned char *user_key) +{ + return 0; +} + +int SSF33_set_decrypt_key(SSF33_KEY *key, const unsigned char *user_key) +{ + return 0; +} + +int SSF33_encrypt(const unsigned char *in, unsigned char *out, SSF33_KEY *key) +{ + return 0; +} + +int SSF33_decrypt(const unsigned char *in, unsigned char *out, SSF33_KEY *key) +{ + return 0; +} diff --git a/demos/ssf33/ssf33.h b/demos/ssf33/ssf33.h new file mode 100644 index 00000000..6a107228 --- /dev/null +++ b/demos/ssf33/ssf33.h @@ -0,0 +1,67 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#ifndef HEADER_SSF33_H +#define HEADER_SSF33_H + +#define SSF33_KEY_LENGTH 16 +#define SSF33_BLOCK_SIZE 16 +#define SSF33_IV_LENGTH (SSF33_BLOCK_SIZE) + + +typedef struct ssf33_key_st { + unsigned int rk[64]; +} SSF33_KEY; + +int SSF33_set_encrypt_key(SSF33_KEY *key, const unsigned char *user_key); +int SSF33_set_decrypt_key(SSF33_KEY *key, const unsigned char *user_key); +int SSF33_encrypt(const unsigned char *in, unsigned char *out, SSF33_KEY *key); +int SSF33_decrypt(const unsigned char *in, unsigned char *out, SSF33_KEY *key); + +#endif diff --git a/demos/ssf33/ssf33_cbc.c b/demos/ssf33/ssf33_cbc.c new file mode 100644 index 00000000..c9372d30 --- /dev/null +++ b/demos/ssf33/ssf33_cbc.c @@ -0,0 +1,73 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SSF33_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SSF33_KEY *key, + unsigned char ivec[SSF33_BLOCK_SIZE], int enc) +{ + if (enc) { + CRYPTO_cbc128_encrypt(in, out, inlen, key, ivec, + (block128_f)SSF33_encrypt); + } else { + CRYPTO_cbc128_decrypt(in, out, inlen, key, ivec, + (block128_f)SSF33_decrypt); + } +} + diff --git a/demos/ssf33/ssf33_cfb.c b/demos/ssf33/ssf33_cfb.c new file mode 100644 index 00000000..e8146b2f --- /dev/null +++ b/demos/ssf33/ssf33_cfb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SSF33_cfb128_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SSF33_KEY *key, + unsigned char ivec[SSF33_BLOCK_SIZE], int *num, int enc) +{ + CRYPTO_cfb128_encrypt(in, out, inlen, key, ivec, num, enc, + (block128_f)SSF33_encrypt); +} + diff --git a/demos/ssf33/ssf33_ecb.c b/demos/ssf33/ssf33_ecb.c new file mode 100644 index 00000000..12d45b5b --- /dev/null +++ b/demos/ssf33/ssf33_ecb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +void SSF33_ecb_encrypt(const unsigned char *in, unsigned char *out, + const SSF33_KEY *key, int enc) +{ + if (enc) { + SSF33_encrypt(in, out, key); + } else { + SSF33_decrypt(in, out, key); + } +} diff --git a/demos/ssf33/ssf33_ofb.c b/demos/ssf33/ssf33_ofb.c new file mode 100644 index 00000000..ead7fecd --- /dev/null +++ b/demos/ssf33/ssf33_ofb.c @@ -0,0 +1,68 @@ +/* ==================================================================== + * Copyright (c) 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include + +void SSF33_ofb128_encrypt(const unsigned char *in, unsigned char *out, + size_t inlen, const SSF33_KEY *key, + unsigned char ivec[SSF33_BLOCK_SIZE], int *num) +{ + CRYPTO_ofb128_encrypt(in, out, inlen, key, ivec, num, + (block128_f)SSF33_encrypt); +} + diff --git a/include/openssl/cpk.h b/include/openssl/cpk.h index d61be7d5..ac12e499 100755 --- a/include/openssl/cpk.h +++ b/include/openssl/cpk.h @@ -74,7 +74,15 @@ DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET) typedef struct cpk_public_params_st CPK_PUBLIC_PARAMS; DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS) -CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int pkey_type, int map_algor); +/* + * rows cols factors + * NID_cpk_map_sha1 32 32 1024 + * NID_cpk_map_sm3 32 256 8192 + * NID_cpk_map_sha256 32 256 8192 + * NID_cpk_map_sha384 32 4096 131072 + * NID_cpk_map_sha512 32 65536 2097152 + */ +CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int curve, int map); CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master); EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id); EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id);