abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-25 14:43:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove some ciphers

Browse Source
This commit is contained in:
Zhi Guan
2019-06-13 20:35:11 +08:00
parent c0984b6436
commit 74d7992dda
78 changed files with 5565 additions and 8797 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Configure
View File

@@ -312,9 +312,9 @@ $config{sdirs} = [
"buffer", "bio", "stack", "lhash", "rand", "err",
"evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui",
"cms", "ts", "srp", "cmac", "ct", "async", "kdf",
"sm3", "base58", "sms4", "zuc", "serpent", "speck", "kdf2", "ffx", "otp",
"ecies", "sm2", "paillier", "ec2", "sm9", "bfibe", "bb1ibe",
"gmapi", "skf", "sdf", "saf", "sof"
"sm3", "base58", "sms4", "zuc", "kdf2", "otp",
"ecies", "sm2", "paillier", "sm9",
"gmapi", "skf", "sdf"
];
# Known TLS and DTLS protocols
@@ -421,8 +421,6 @@ my @disablables = (
"otp",
"gmapi",
"ec2",
"bfibe",
"bb1ibe",
"sm9",
"sdf",
"skf",
@@ -433,8 +431,6 @@ my @disablables = (
"rsa",
"pem",
"pkcs7",
"serpent",
"speck",
"base58",
"java",
"ca",
@@ -480,7 +476,6 @@ our %disabled = ( # "what" => "comment"
"skfeng" => "default",
"sdfeng" => "default",
"gmieng" => "default",
"speck" => "default",
);
# Note: => pair form used for aesthetics, not to truly make a hash table
@@ -499,15 +494,12 @@ my @disable_cascades = (
"dtls" => [ @dtls ],
"sm3" => [ "sm2" ],
"sdf" => [ "saf" ],
"saf" => [ "sof" ],
# SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA
"md5" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine" ],
# current pkcs12 rfc only define sha1/des bag
"sha" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine", "rsa", "dh", "dsa", "ocsp", "ct", "srp", "ts", "ec2"],
"sha" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine", "rsa", "dh", "dsa", "ocsp", "ct", "srp", "ts"],
"aes" => [ "engine" ],
"ec2" => [ "sm9", "bfibe", "bb1ibe" ],
# Additionally, SSL 3.0 requires either RSA or DSA+DH
sub { $disabled{rsa}

2
apps/build.info
View File

@@ -11,7 +11,7 @@ IF[{- !$disabled{apps} -}]
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c \
srp.c ts.c verify.c version.c x509.c rehash.c \
apps.c opt.c s_cb.c s_socket.c \
app_rand.c cpk.c otp.c fpe.c paiutl.c \
app_rand.c otp.c paiutl.c \
sm2.c sm2utl.c sdf.c skf.c \
sm9param.c gensm9.c sm9.c sm9utl.c \
{- $target{apps_aux_src} -}

87
apps/cpk.c
View File

@@ -1,87 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* gmssl cpk -help
* gmssl cpk -genmsk <domain> -out <msk>
* gmssl cpk -params -text
* gmssl cpk -genkey -in <msk> -id <id>
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_CPK
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include "apps.h"
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/pem.h>
# include <openssl/cpk.h>
typedef enum OPTION_choice {
OPT_ERR = -1,
OPT_EOF = 0,
OPT_HELP
} OPTION_CHOICE;
OPTIONS cpk_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{NULL}
};
int cpk_main(int argc, char **argv)
{
printf("cpk not implemented\n");
return 0;
}
#endif

286
apps/fpe.c
View File

@@ -1,286 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_FPE
NON_EMPTY_TRANSLATION_UNIT
#else
# include <ctype.h>
# include <stdio.h>
# include <string.h>
# include <openssl/bio.h>
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/ffx.h>
# include "apps.h"
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_LIST,
OPT_E, OPT_D,
OPT_CIPHER, OPT_UPPER_K, OPT_TWEAK,
OPT_ENGINE, OPT_CONFIG
} OPTION_CHOICE;
OPTIONS fpe_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"ciphers", OPT_LIST, '-', "List ciphers"},
{"e", OPT_E, '-', "Encrypt"},
{"d", OPT_D, '-', "Decrypt"},
{"K", OPT_UPPER_K, 's', "Raw key, in hex"},
{"tweak", OPT_TWEAK, 's', "Tweak string"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
{"config", OPT_CONFIG, 's', "A config file"},
#endif
{NULL}
};
static void show_ciphers(const OBJ_NAME *name, void *bio_);
static int set_hex(char *in, unsigned char *out, int size);
int fpe_main(int argc, char **argv)
{
int ret = 1;
BIO *in = NULL, *out = NULL;
char *prog;
OPTION_CHOICE o;
int enc = 1;
unsigned char key[32] = {0};
char *hkey = NULL, *tweak = NULL;
const EVP_CIPHER *cipher = NULL;
CONF *conf = NULL;
char *configfile = default_config_file;
ENGINE *e = NULL;
char inbuf[32] = {0};
char outbuf[32] = {0};
FFX_CTX *ctx = NULL;
prog = opt_init(argc, argv, fpe_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
help:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(fpe_options);
ret = 0;
goto end;
case OPT_LIST:
BIO_printf(bio_err, "Supported ciphers:\n");
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
show_ciphers, bio_err);
BIO_printf(bio_err, "\n");
goto end;
case OPT_E:
enc = 1;
break;
case OPT_D:
enc = 0;
break;
case OPT_UPPER_K:
hkey = opt_arg();
break;
case OPT_TWEAK:
tweak = opt_arg();
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher))
goto help;
break;
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
case OPT_CONFIG:
configfile = opt_arg();
break;
}
}
argc = opt_num_rest();
if (argc != 0)
goto help;
in = BIO_new_fp(stdin, BIO_NOCLOSE);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
/* engine */
if (e)
BIO_printf(bio_err, "Using configuration from %s\n", configfile);
if ((conf = app_load_config(configfile)) == NULL)
goto end;
if (configfile != default_config_file && !app_load_modules(conf))
goto end;
/* get cipher */
if (EVP_CIPHER_mode(cipher) != EVP_CIPH_ECB_MODE) {
BIO_printf(bio_err, "%s: Only block cipher with ECB mode is supported\n", prog);
goto end;
}
/* get key */
if (!hkey) {
BIO_printf(bio_err, "%s: no key given\n", prog);
goto end;
}
if (!set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
BIO_printf(bio_err, "%s: invalid hex key value\n", prog);
goto end;
}
/* get tweak */
if (!tweak) {
BIO_printf(bio_err, "%s: `-tweak` required\n", prog);
goto end;
}
if (strlen(tweak) < FFX_MIN_TWEAKLEN || strlen(tweak) > FFX_MAX_TWEAKLEN) {
BIO_printf(bio_err, "%s: invalid tweak length, should be %d to %d\n",
prog, FFX_MIN_TWEAKLEN, FFX_MAX_TWEAKLEN);
goto end;
}
/* get input digits */
if (BIO_read(in, inbuf, sizeof(inbuf) - 1) <= 0) {
ERR_print_errors(bio_err);
goto end;
}
if (strlen(inbuf) < FFX_MIN_DIGITS || strlen(inbuf) > FFX_MAX_DIGITS) {
BIO_printf(bio_err, "%s: invalid digits length, should be %d to %d\n",
prog, FFX_MIN_DIGITS, FFX_MAX_DIGITS);
goto end;
}
/* encrypt/decrypt */
if (!(ctx = FFX_CTX_new())
|| !FFX_init(ctx, cipher, key, 0)) {
ERR_print_errors(bio_err);
goto end;
}
if (enc) {
if (!FFX_encrypt(ctx, inbuf, outbuf, strlen(inbuf),
(unsigned char *)tweak, strlen(tweak))) {
ERR_print_errors(bio_err);
goto end;
}
} else {
if (!FFX_decrypt(ctx, inbuf, outbuf, strlen(inbuf),
(unsigned char *)tweak, strlen(tweak))) {
ERR_print_errors(bio_err);
goto end;
}
}
if (BIO_write(out, outbuf, strlen(outbuf)) != strlen(outbuf)) {
ERR_print_errors(bio_err);
goto end;
}
BIO_puts(out, "\n");
ret = 0;
end:
BIO_free(in);
BIO_free(out);
OPENSSL_cleanse(key, sizeof(key));
if (enc)
OPENSSL_cleanse(inbuf, sizeof(inbuf));
FFX_CTX_free(ctx);
return ret;
}
static void show_ciphers(const OBJ_NAME *name, void *bio_)
{
BIO *bio = bio_;
static int n;
if (!islower((unsigned char)*name->name))
return;
BIO_printf(bio, "-%-25s", name->name);
if (++n == 3) {
BIO_printf(bio, "\n");
n = 0;
} else
BIO_printf(bio, " ");
}
static int set_hex(char *in, unsigned char *out, int size)
{
int i, n;
unsigned char j;
n = strlen(in);
if (n > (size * 2)) {
BIO_printf(bio_err, "hex string is too long\n");
return (0);
}
memset(out, 0, size);
for (i = 0; i < n; i++) {
j = (unsigned char)*in;
*(in++) = '\0';
if (j == 0)
break;
if (!isxdigit(j)) {
BIO_printf(bio_err, "non-hex digit\n");
return (0);
}
j = (unsigned char)OPENSSL_hexchar2int(j);
if (i & 1)
out[i / 2] |= j;
else
out[i / 2] = (j << 4);
}
return (1);
}
#endif

3
apps/gmssl.c
View File

@@ -545,9 +545,6 @@ static int SortFnByName(const void *_f1, const void *_f2)
static void list_disabled(void)
{
BIO_puts(bio_out, "Disabled algorithms:\n");
#ifdef OPENSSL_NO_CPK
BIO_puts(bio_out, "CPK\n");
#endif
#ifdef OPENSSL_NO_SM9
BIO_puts(bio_out, "SM9\n");
#endif

6
apps/progs.h
View File

@@ -28,7 +28,6 @@ extern int asn1parse_main(int argc, char *argv[]);
extern int ca_main(int argc, char *argv[]);
extern int ciphers_main(int argc, char *argv[]);
extern int cms_main(int argc, char *argv[]);
extern int cpk_main(int argc, char *argv[]);
extern int crl_main(int argc, char *argv[]);
extern int crl2pkcs7_main(int argc, char *argv[]);
extern int dgst_main(int argc, char *argv[]);
@@ -41,7 +40,6 @@ extern int enc_main(int argc, char *argv[]);
extern int engine_main(int argc, char *argv[]);
extern int errstr_main(int argc, char *argv[]);
extern int exit_main(int argc, char *argv[]);
extern int fpe_main(int argc, char *argv[]);
extern int gendsa_main(int argc, char *argv[]);
extern int genpkey_main(int argc, char *argv[]);
extern int genrsa_main(int argc, char *argv[]);
@@ -89,7 +87,6 @@ extern OPTIONS asn1parse_options[];
extern OPTIONS ca_options[];
extern OPTIONS ciphers_options[];
extern OPTIONS cms_options[];
extern OPTIONS cpk_options[];
extern OPTIONS crl_options[];
extern OPTIONS crl2pkcs7_options[];
extern OPTIONS dgst_options[];
@@ -102,7 +99,6 @@ extern OPTIONS enc_options[];
extern OPTIONS engine_options[];
extern OPTIONS errstr_options[];
extern OPTIONS exit_options[];
extern OPTIONS fpe_options[];
extern OPTIONS gendsa_options[];
extern OPTIONS genpkey_options[];
extern OPTIONS genrsa_options[];
@@ -158,7 +154,6 @@ static FUNCTION functions[] = {
#ifndef OPENSSL_NO_CMS
{ FT_general, "cms", cms_main, cms_options },
#endif
{ FT_general, "cpk", cpk_main, cpk_options },
{ FT_general, "crl", crl_main, crl_options },
{ FT_general, "crl2pkcs7", crl2pkcs7_main, crl2pkcs7_options },
{ FT_general, "dgst", dgst_main, dgst_options },
@@ -183,7 +178,6 @@ static FUNCTION functions[] = {
#endif
{ FT_general, "errstr", errstr_main, errstr_options },
{ FT_general, "exit", exit_main, exit_options },
{ FT_general, "fpe", fpe_main, fpe_options },
#ifndef OPENSSL_NO_DSA
{ FT_general, "gendsa", gendsa_main, gendsa_options },
#endif

101
crypto/bb1ibe/bb1ibe_asn1.c
View File

@@ -1,101 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/bn_gfp2.h>
#include <openssl/bn_hash.h>
#include <openssl/ec_type1.h>
#include <openssl/bb1ibe.h>
#include "bb1ibe_lcl.h"
ASN1_SEQUENCE(BB1PublicParameters) = {
ASN1_SIMPLE(BB1PublicParameters, version, LONG),
ASN1_SIMPLE(BB1PublicParameters, curve, ASN1_OBJECT),
ASN1_SIMPLE(BB1PublicParameters, p, BIGNUM),
ASN1_SIMPLE(BB1PublicParameters, q, BIGNUM),
ASN1_SIMPLE(BB1PublicParameters, pointP, FpPoint),
ASN1_SIMPLE(BB1PublicParameters, pointP1, FpPoint),
ASN1_SIMPLE(BB1PublicParameters, pointP2, FpPoint),
ASN1_SIMPLE(BB1PublicParameters, pointP3, FpPoint),
ASN1_SIMPLE(BB1PublicParameters, v, FpPoint),
ASN1_SIMPLE(BB1PublicParameters, hashfcn, ASN1_OBJECT)
} ASN1_SEQUENCE_END(BB1PublicParameters)
IMPLEMENT_ASN1_FUNCTIONS(BB1PublicParameters)
IMPLEMENT_ASN1_DUP_FUNCTION(BB1PublicParameters)
ASN1_SEQUENCE(BB1MasterSecret) = {
ASN1_SIMPLE(BB1MasterSecret, version, LONG),
ASN1_SIMPLE(BB1MasterSecret, alpha, BIGNUM),
ASN1_SIMPLE(BB1MasterSecret, beta, BIGNUM),
ASN1_SIMPLE(BB1MasterSecret, gamma, BIGNUM)
} ASN1_SEQUENCE_END(BB1MasterSecret)
IMPLEMENT_ASN1_FUNCTIONS(BB1MasterSecret)
IMPLEMENT_ASN1_DUP_FUNCTION(BB1MasterSecret)
ASN1_SEQUENCE(BB1PrivateKeyBlock) = {
ASN1_SIMPLE(BB1PrivateKeyBlock, version, LONG),
ASN1_SIMPLE(BB1PrivateKeyBlock, pointD0, FpPoint),
ASN1_SIMPLE(BB1PrivateKeyBlock, pointD1, FpPoint)
} ASN1_SEQUENCE_END(BB1PrivateKeyBlock)
IMPLEMENT_ASN1_FUNCTIONS(BB1PrivateKeyBlock)
IMPLEMENT_ASN1_DUP_FUNCTION(BB1PrivateKeyBlock)
ASN1_SEQUENCE(BB1CiphertextBlock) = {
ASN1_SIMPLE(BB1CiphertextBlock, version, LONG),
ASN1_SIMPLE(BB1CiphertextBlock, pointChi0, FpPoint),
ASN1_SIMPLE(BB1CiphertextBlock, pointChi1, FpPoint),
ASN1_SIMPLE(BB1CiphertextBlock, nu, BIGNUM),
ASN1_SIMPLE(BB1CiphertextBlock, y, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(BB1CiphertextBlock)
IMPLEMENT_ASN1_FUNCTIONS(BB1CiphertextBlock)
IMPLEMENT_ASN1_DUP_FUNCTION(BB1CiphertextBlock)

68
crypto/bb1ibe/bb1ibe_err.c
View File

@@ -1,68 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bb1ibe.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BB1IBE,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BB1IBE,0,reason)
static ERR_STRING_DATA BB1IBE_str_functs[] = {
{ERR_FUNC(BB1IBE_F_BB1CIPHERTEXTBLOCK_HASH_TO_RANGE),
"BB1CiphertextBlock_hash_to_range"},
{ERR_FUNC(BB1IBE_F_BB1IBE_DECRYPT), "BB1IBE_decrypt"},
{ERR_FUNC(BB1IBE_F_BB1IBE_DOUBLE_HASH), "BB1IBE_double_hash"},
{ERR_FUNC(BB1IBE_F_BB1IBE_DO_DECRYPT), "BB1IBE_do_decrypt"},
{ERR_FUNC(BB1IBE_F_BB1IBE_DO_ENCRYPT), "BB1IBE_do_encrypt"},
{ERR_FUNC(BB1IBE_F_BB1IBE_ENCRYPT), "BB1IBE_encrypt"},
{ERR_FUNC(BB1IBE_F_BB1IBE_EXTRACT_PRIVATE_KEY),
"BB1IBE_extract_private_key"},
{ERR_FUNC(BB1IBE_F_BB1IBE_SETUP), "BB1IBE_setup"},
{0, NULL}
};
static ERR_STRING_DATA BB1IBE_str_reasons[] = {
{ERR_REASON(BB1IBE_R_BB1CIPHERTEXT_INVALID_MAC),
"bb1ciphertext invalid mac"},
{ERR_REASON(BB1IBE_R_BB1IBE_HASH_FAILURE), "bb1ibe hash failure"},
{ERR_REASON(BB1IBE_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(BB1IBE_R_COMPUTE_OUTLEN_FAILURE), "compute outlen failure"},
{ERR_REASON(BB1IBE_R_COMPUTE_TATE_FAILURE), "compute tate failure"},
{ERR_REASON(BB1IBE_R_D2I_FAILURE), "d2i failure"},
{ERR_REASON(BB1IBE_R_DECRYPT_FAILURE), "decrypt failure"},
{ERR_REASON(BB1IBE_R_DOUBLE_HASH_FAILURE), "double hash failure"},
{ERR_REASON(BB1IBE_R_ENCRYPT_FAILURE), "encrypt failure"},
{ERR_REASON(BB1IBE_R_I2D_FAILURE), "i2d failure"},
{ERR_REASON(BB1IBE_R_INVALID_INPUT), "invalid input"},
{ERR_REASON(BB1IBE_R_INVALID_MD), "invalid md"},
{ERR_REASON(BB1IBE_R_INVALID_OUTPUT_BUFFER), "invalid output buffer"},
{ERR_REASON(BB1IBE_R_INVALID_TYPE1CURVE), "invalid type1curve"},
{ERR_REASON(BB1IBE_R_NOT_NAMED_CURVE), "not named curve"},
{ERR_REASON(BB1IBE_R_PARSE_PAIRING), "parse pairing"},
{0, NULL}
};
#endif
int ERR_load_BB1IBE_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(BB1IBE_str_functs[0].error) == NULL) {
ERR_load_strings(0, BB1IBE_str_functs);
ERR_load_strings(0, BB1IBE_str_reasons);
}
#endif
return 1;
}

93
crypto/bb1ibe/bb1ibe_lcl.h
View File

@@ -1,93 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/bn_gfp2.h>
#include <openssl/bn_hash.h>
#include <openssl/ec_type1.h>
#include <openssl/bb1ibe.h>
struct BB1PublicParameters_st {
long version;
ASN1_OBJECT *curve;
BIGNUM *p;
BIGNUM *q;
FpPoint *pointP;
FpPoint *pointP1;
FpPoint *pointP2;
FpPoint *pointP3;
FpPoint *v;
ASN1_OBJECT *hashfcn;
};
struct BB1MasterSecret_st {
long version;
BIGNUM *alpha;
BIGNUM *beta;
BIGNUM *gamma;
};
struct BB1PrivateKeyBlock_st {
long version;
FpPoint *pointD0;
FpPoint *pointD1;
};
struct BB1CiphertextBlock_st {
long version;
FpPoint *pointChi0;
FpPoint *pointChi1;
BIGNUM *nu;
ASN1_OCTET_STRING *y;
};

1015
crypto/bb1ibe/bb1ibe_lib.c
View File

File diff suppressed because it is too large Load Diff

2
crypto/bb1ibe/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=bb1ibe_err.c bb1ibe_asn1.c bb1ibe_lib.c

100
crypto/bfibe/bfibe_asn1.c
View File

@@ -1,100 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/ec.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/ec_type1.h>
#include <openssl/ec_hash.h>
#include <openssl/bfibe.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
#include <openssl/bn_hash.h>
#include <openssl/bn_gfp2.h>
#include <openssl/kdf.h>
#include "bfibe_lcl.h"
ASN1_SEQUENCE(BFPublicParameters) = {
ASN1_SIMPLE(BFPublicParameters, version, LONG),
ASN1_SIMPLE(BFPublicParameters, curve, ASN1_OBJECT),
ASN1_SIMPLE(BFPublicParameters, p, BIGNUM),
ASN1_SIMPLE(BFPublicParameters, q, BIGNUM),
ASN1_SIMPLE(BFPublicParameters, pointP, FpPoint),
ASN1_SIMPLE(BFPublicParameters, pointPpub, FpPoint),
ASN1_SIMPLE(BFPublicParameters, hashfcn, ASN1_OBJECT)
} ASN1_SEQUENCE_END(BFPublicParameters)
IMPLEMENT_ASN1_FUNCTIONS(BFPublicParameters)
IMPLEMENT_ASN1_DUP_FUNCTION(BFPublicParameters)
ASN1_SEQUENCE(BFMasterSecret) = {
ASN1_SIMPLE(BFMasterSecret, version, LONG),
ASN1_SIMPLE(BFMasterSecret, masterSecret, BIGNUM)
} ASN1_SEQUENCE_END(BFMasterSecret)
IMPLEMENT_ASN1_FUNCTIONS(BFMasterSecret)
IMPLEMENT_ASN1_DUP_FUNCTION(BFMasterSecret)
ASN1_SEQUENCE(BFPrivateKeyBlock) = {
ASN1_SIMPLE(BFPrivateKeyBlock, version, LONG),
ASN1_SIMPLE(BFPrivateKeyBlock, privateKey, FpPoint)
} ASN1_SEQUENCE_END(BFPrivateKeyBlock)
IMPLEMENT_ASN1_FUNCTIONS(BFPrivateKeyBlock)
IMPLEMENT_ASN1_DUP_FUNCTION(BFPrivateKeyBlock)
ASN1_SEQUENCE(BFCiphertextBlock) = {
ASN1_SIMPLE(BFCiphertextBlock, version, LONG),
ASN1_SIMPLE(BFCiphertextBlock, u, FpPoint),
ASN1_SIMPLE(BFCiphertextBlock, v, ASN1_OCTET_STRING),
ASN1_SIMPLE(BFCiphertextBlock, w, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END(BFCiphertextBlock)
IMPLEMENT_ASN1_FUNCTIONS(BFCiphertextBlock)
IMPLEMENT_ASN1_DUP_FUNCTION(BFCiphertextBlock)

66
crypto/bfibe/bfibe_err.c
View File

@@ -1,66 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bfibe.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BFIBE,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BFIBE,0,reason)
static ERR_STRING_DATA BFIBE_str_functs[] = {
{ERR_FUNC(BFIBE_F_BFIBE_DECRYPT), "BFIBE_decrypt"},
{ERR_FUNC(BFIBE_F_BFIBE_DO_DECRYPT), "BFIBE_do_decrypt"},
{ERR_FUNC(BFIBE_F_BFIBE_DO_ENCRYPT), "BFIBE_do_encrypt"},
{ERR_FUNC(BFIBE_F_BFIBE_ENCRYPT), "BFIBE_encrypt"},
{ERR_FUNC(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY),
"BFIBE_extract_private_key"},
{ERR_FUNC(BFIBE_F_BFIBE_SETUP), "BFIBE_setup"},
{0, NULL}
};
static ERR_STRING_DATA BFIBE_str_reasons[] = {
{ERR_REASON(BFIBE_R_BFIBE_CIPHERTEXT_FAILURE),
"bfibe ciphertext failure"},
{ERR_REASON(BFIBE_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(BFIBE_R_COMPUTE_OUTLEN_FAILURE), "compute outlen failure"},
{ERR_REASON(BFIBE_R_D2I_FAILURE), "d2i failure"},
{ERR_REASON(BFIBE_R_DECRYPT_FAILURE), "decrypt failure"},
{ERR_REASON(BFIBE_R_ENCRYPT_FAILURE), "encrypt failure"},
{ERR_REASON(BFIBE_R_HASH_BYTES_FAILURE), "hash bytes failure"},
{ERR_REASON(BFIBE_R_I2D_FAILURE), "i2d failure"},
{ERR_REASON(BFIBE_R_INVALID_BFIBE_HASHFUNC), "invalid bfibe hashfunc"},
{ERR_REASON(BFIBE_R_INVALID_CIPHERTEXT), "invalid ciphertext"},
{ERR_REASON(BFIBE_R_INVALID_TYPE1CURVE), "invalid type1curve"},
{ERR_REASON(BFIBE_R_KDF_FAILURE), "kdf failure"},
{ERR_REASON(BFIBE_R_NOT_NAMED_CURVE), "not named curve"},
{ERR_REASON(BFIBE_R_PARSE_CURVE_FAILURE), "parse curve failure"},
{ERR_REASON(BFIBE_R_PARSE_MPK_FAILURE), "parse mpk failure"},
{ERR_REASON(BFIBE_R_PARSE_PAIRING), "parse pairing"},
{ERR_REASON(BFIBE_R_RAND_FAILURE), "rand failure"},
{0, NULL}
};
#endif
int ERR_load_BFIBE_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(BFIBE_str_functs[0].error) == NULL) {
ERR_load_strings(0, BFIBE_str_functs);
ERR_load_strings(0, BFIBE_str_reasons);
}
#endif
return 1;
}

102
crypto/bfibe/bfibe_lcl.h
View File

@@ -1,102 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/ec.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/ec_type1.h>
#include <openssl/ec_hash.h>
#include <openssl/bfibe.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
#include <openssl/bn_hash.h>
#include <openssl/bn_gfp2.h>
#include <openssl/kdf.h>
/*
* the `curve` attribute of BFPublicParameters is the OID present the
* `type1curve` which is E: y^2 = x^3 + 1 over prime field. It is not an
* elliptic curve domain parameters composed of (p, a, b, G, n, h).
* For type-1 curve, a = 0, b = 1.
* q (i.e. the n in ec params) is the order of generator G, is a prime.
* When q is a solinas prime, the scalar mulitiplication computation can
* be reduced.
* zeta (i.e. h in ec params) = (p + 1)/q. In normall ecc, h is very small
* such as 1 or 4. But in pairing, the zeta (or h) is very large.
*/
struct BFPublicParameters_st {
long version;
ASN1_OBJECT *curve;
BIGNUM *p;
BIGNUM *q;
FpPoint *pointP;
FpPoint *pointPpub;
ASN1_OBJECT *hashfcn;
};
struct BFMasterSecret_st {
long version;
BIGNUM *masterSecret;
};
struct BFPrivateKeyBlock_st {
long version;
FpPoint *privateKey;
};
struct BFCiphertextBlock_st {
long version;
FpPoint *u;
ASN1_OCTET_STRING *v;
ASN1_OCTET_STRING *w;
};

712
crypto/bfibe/bfibe_lib.c
View File

@@ -1,712 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ec.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/ec_type1.h>
#include <openssl/ec_hash.h>
#include <openssl/bfibe.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
#include <openssl/bn_hash.h>
#include <openssl/bn_gfp2.h>
#include <openssl/kdf.h>
#include <openssl/kdf2.h>
#include "bfibe_lcl.h"
int BFIBE_setup(const EC_GROUP *group, const EVP_MD *md,
BFPublicParameters **pmpk, BFMasterSecret **pmsk)
{
int ret = 0;
BFPublicParameters *mpk = NULL;
BFMasterSecret *msk = NULL;
BN_CTX *bn_ctx = NULL;
EC_POINT *point = NULL;
BIGNUM *a;
BIGNUM *b;
if (!group || !pmpk || !pmsk) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!(bn_ctx = BN_CTX_new())) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_CTX_start(bn_ctx);
a = BN_CTX_get(bn_ctx);
b = BN_CTX_get(bn_ctx);
if (!b) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_MALLOC_FAILURE);
goto end;
}
mpk = BFPublicParameters_new();
msk = BFMasterSecret_new();
point = EC_POINT_new(group);
if (!mpk || !msk || !point) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_MALLOC_FAILURE);
goto end;
}
/*
* set mpk->version
* set mpk->curve
*/
mpk->version = BFIBE_VERSION;
OPENSSL_assert(mpk->curve);
ASN1_OBJECT_free(mpk->curve);
if (!(mpk->curve = OBJ_nid2obj(NID_type1curve))) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, BFIBE_R_NOT_NAMED_CURVE);
goto end;
}
/* mpk->p = group->p */
if (!EC_GROUP_get_curve_GFp(group, mpk->p, a, b, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_EC_LIB);
goto end;
}
if (!BN_is_zero(a) || !BN_is_one(b)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, BFIBE_R_INVALID_TYPE1CURVE);
goto end;
}
/* mpk->q = group->order */
if (!EC_GROUP_get_order(group, mpk->q, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, BFIBE_R_INVALID_TYPE1CURVE);
goto end;
}
/* mpk->pointP = group->generator */
if (!EC_POINT_get_affine_coordinates_GFp(group, EC_GROUP_get0_generator(group),
mpk->pointP->x, mpk->pointP->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_EC_LIB);
goto end;
}
/* set mpk->hashfcn from F_p^2 element bits */
OPENSSL_assert(mpk->hashfcn);
ASN1_OBJECT_free(mpk->hashfcn);
if (!(mpk->hashfcn = OBJ_nid2obj(EVP_MD_type(md)))) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, BFIBE_R_PARSE_PAIRING);
goto end;
}
/*
* set msk->version
* random msk->masterSecret in [2, q - 1]
*/
msk->version = BFIBE_VERSION;
do {
if (!BN_rand_range(msk->masterSecret, mpk->q)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_BN_LIB);
goto end;
}
} while (BN_is_zero(msk->masterSecret) || BN_is_one(msk->masterSecret));
/* mpk->pointPpub = msk->masterSecret * mpk->pointP */
if (!EC_POINT_mul(group, point, msk->masterSecret, NULL, NULL, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_get_affine_coordinates_GFp(group, point,
mpk->pointPpub->x, mpk->pointPpub->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_SETUP, ERR_R_EC_LIB);
goto end;
}
/* set return value */
*pmpk = mpk;
*pmsk = msk;
ret = 1;
end:
if (!ret) {
BFPublicParameters_free(mpk);
BFMasterSecret_free(msk);
*pmpk = NULL;
*pmsk = NULL;
}
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
EC_POINT_free(point);
return ret;
}
BFPrivateKeyBlock *BFIBE_extract_private_key(BFPublicParameters *mpk,
BFMasterSecret *msk, const char *id, size_t idlen)
{
int e = 1;
BFPrivateKeyBlock *ret = NULL;
EC_GROUP *group = NULL;
EC_POINT *point = NULL;
BN_CTX *bn_ctx = NULL;
const EVP_MD *md;
if (!mpk || !msk || !id || idlen <= 0) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (!(bn_ctx = BN_CTX_new())) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto end;
}
/*
* get EC_GROUP from mpk->{p, q, pointP}
* get EVP_MD from mpk->hashfcn
*/
if (!(group = EC_GROUP_new_type1curve(mpk->p, mpk->pointP->x,
mpk->pointP->y, mpk->q, bn_ctx))) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, BFIBE_R_PARSE_CURVE_FAILURE);
goto end;
}
if (!(md = EVP_get_digestbyobj(mpk->hashfcn))) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY,
BFIBE_R_INVALID_BFIBE_HASHFUNC);
goto end;
}
/* prepare tmp variables */
point = EC_POINT_new(group);
if (!point) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
goto end;
}
/*
* set ret->version
* set ret->privateKey = msk->masterSecret * HashToPoint(ID)
*/
if (!(ret = BFPrivateKeyBlock_new())) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
ret->version = BFIBE_VERSION;
if (!EC_POINT_hash2point(group, md, id, idlen, point, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_mul(group, point, NULL, point, msk->masterSecret, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_get_affine_coordinates_GFp(group, point,
ret->privateKey->x, ret->privateKey->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY, ERR_R_EC_LIB);
goto end;
}
e = 0;
end:
if (e && ret) {
BFPrivateKeyBlock_free(ret);
ret = NULL;
}
EC_GROUP_free(group);
EC_POINT_free(point);
BN_CTX_free(bn_ctx);
return ret;
}
/*
* r = rand(), |r| = hashlen
* k = HashToRange(r||Hash(m), q), k in [0, q-1]
* U = [k]P in E/F_p
* Q = HashToPoint(ID) in E/F_p
* v = Hash(e(Ppub, Q)^k) xor r, |v| == hashlen
* w = HashBytes(r) xor m
*/
BFCiphertextBlock *BFIBE_do_encrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
const char *id, size_t idlen)
{
int e = 1;
BFCiphertextBlock *ret = NULL;
BN_CTX *bn_ctx = NULL;
EC_GROUP *group = NULL;
EC_POINT *Ppub = NULL;
EC_POINT *point = NULL;
BN_GFP2 *theta = NULL;
BIGNUM *k;
const EVP_MD *md;
KDF_FUNC hash_bytes;
unsigned char rho[EVP_MAX_MD_SIZE * 2];
unsigned char buf[EVP_MAX_MD_SIZE];
unsigned int len;
size_t size;
int i;
if (!mpk || !in || inlen <= 0 || !id || idlen <= 0) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
/* BN_CTX */
if (!(bn_ctx = BN_CTX_new())) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_CTX_start(bn_ctx);
/* EC_GROUP */
if (!(group = EC_GROUP_new_type1curve(mpk->p, mpk->pointP->x,
mpk->pointP->y, mpk->q, bn_ctx))) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, BFIBE_R_PARSE_MPK_FAILURE);
goto end;
}
ret = BFCiphertextBlock_new();
Ppub = EC_POINT_new(group);
point = EC_POINT_new(group);
theta = BN_GFP2_new();
k = BN_CTX_get(bn_ctx);
if (!ret || !point || !Ppub || !k || !theta) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
/* get kdf from mpk->hashfcn */
if (!(md = EVP_get_digestbyobj(mpk->hashfcn))) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, BFIBE_R_INVALID_BFIBE_HASHFUNC);
goto end;
}
if (!(hash_bytes = KDF_get_ibcs(md))) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT,
BFIBE_R_INVALID_BFIBE_HASHFUNC);
goto end;
}
/* ret->version */
ret->version = BFIBE_VERSION;
/* rho = Rand(hashlen) */
if (!RAND_bytes(rho, EVP_MD_size(md))) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, BFIBE_R_RAND_FAILURE);
goto end;
}
/* k = HashToRange(rho||Hash(in), q) in [0, q - 1] */
len = EVP_MD_size(md);
if (!EVP_Digest(in, inlen, rho + EVP_MD_size(md), &len, md, NULL)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EVP_LIB);
goto end;
}
if (!BN_hash_to_range(md, &k, rho, EVP_MD_size(md) * 2, mpk->q, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_BN_LIB);
goto end;
}
/* ret->u = mpk->pointP * k in E/F_p, mpk->pointP is the generator */
if (!EC_POINT_mul(group, point, k, NULL, NULL, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_get_affine_coordinates_GFp(group, point,
ret->u->x, ret->u->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
/* theta = e(mpk->pointPpub, HashToPoint(ID)) */
if (!EC_POINT_set_affine_coordinates_GFp(group, Ppub,
mpk->pointPpub->x, mpk->pointPpub->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_hash2point(group, md, id, idlen, point, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
if (!EC_type1curve_tate(group, theta, Ppub, point, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
/* theta = theta^k */
if (!BN_GFP2_exp(theta, theta, k, mpk->p, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
/* ret->v = Hash(theta) xor rho */
size = sizeof(buf);
if (!BN_GFP2_canonical(theta, buf, &size, 0, mpk->p, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_BN_LIB);
goto end;
}
len = sizeof(buf);
if (!EVP_Digest(buf, size, buf, &len, md, NULL)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_EVP_LIB);
goto end;
}
for (i = 0; i < EVP_MD_size(md); i++) {
buf[i] ^= rho[i];
}
if (!ASN1_OCTET_STRING_set(ret->v, buf, EVP_MD_size(md))) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_ASN1_LIB);
goto end;
}
/* ret->w = HashBytes(rho) xor m */
if (!ASN1_OCTET_STRING_set(ret->w, NULL, inlen)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
size = inlen;
if (!hash_bytes(rho, EVP_MD_size(md), ret->w->data, &size)) {
BFIBEerr(BFIBE_F_BFIBE_DO_ENCRYPT,
BFIBE_R_HASH_BYTES_FAILURE);
goto end;
}
for (i = 0; i < inlen; i++) {
ret->w->data[i] ^= in[i];
}
e = 0;
end:
if (e && ret) {
BFCiphertextBlock_free(ret);
ret = NULL;
}
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
EC_GROUP_free(group);
EC_POINT_free(Ppub);
EC_POINT_free(point);
BN_GFP2_free(theta);
return ret;
}
int BFIBE_do_decrypt(BFPublicParameters *mpk,
const BFCiphertextBlock *in, unsigned char *out, size_t *outlen,
BFPrivateKeyBlock *sk)
{
int ret = 0;
BN_CTX *bn_ctx = NULL;
EC_GROUP *group = NULL;
EC_POINT *point = NULL;
EC_POINT *point1 = NULL;
BN_GFP2 *theta = NULL;
BIGNUM *k;
const EVP_MD *md;
KDF_FUNC hash_bytes;
unsigned char rho[EVP_MAX_MD_SIZE * 2];
size_t size;
unsigned int len;
int i;
if (!mpk || !in || !outlen || !sk) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!out) {
*outlen = in->w->length;
return 1;
}
if (*outlen < in->w->length) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT,
BFIBE_R_BUFFER_TOO_SMALL);
return 0;
}
/* BN_CTX */
if (!(bn_ctx = BN_CTX_new())) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_CTX_start(bn_ctx);
/* EC_GROUP */
if (!(group = EC_GROUP_new_type1curve(mpk->p, mpk->pointP->x,
mpk->pointP->y, mpk->q, bn_ctx))) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT,
BFIBE_R_INVALID_TYPE1CURVE);
goto end;
}
point = EC_POINT_new(group);
point1 = EC_POINT_new(group);
theta = BN_GFP2_new();
k = BN_CTX_get(bn_ctx);
if (!point || !point1 || !theta || !k) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
/* theta = e(ciphertext->u, sk->privateKey) */
if (!EC_POINT_set_affine_coordinates_GFp(group, point,
in->u->x, in->u->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_set_affine_coordinates_GFp(group, point1,
sk->privateKey->x, sk->privateKey->y, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (!EC_type1curve_tate(group, theta, point, point1, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
/* md = mpk->hashfcn */
if (!(md = EVP_get_digestbyobj(mpk->hashfcn))) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, BFIBE_R_INVALID_BFIBE_HASHFUNC);
goto end;
}
/* rho = Hash(Canoncial(theta)) xor ciphertext->v */
size = sizeof(rho);
if (!BN_GFP2_canonical(theta, rho, &size, 0, mpk->p, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
len = size;
if (!EVP_Digest(rho, size, rho, &len, md, NULL)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EVP_LIB);
goto end;
}
for (i = 0; i < EVP_MD_size(md); i++) {
rho[i] ^= in->v->data[i];
}
/* function hash_bytes() = kdf(md) */
if (!(hash_bytes = KDF_get_ibcs(md))) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT,
BFIBE_R_INVALID_BFIBE_HASHFUNC);
goto end;
}
/* out = HashBytes(rho) xor ciphertext->w */
size = in->w->length;
if (!hash_bytes(rho, EVP_MD_size(md), out, &size)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT,
BFIBE_R_KDF_FAILURE);
goto end;
}
for (i = 0; i < in->w->length; i++) {
out[i] ^= in->w->data[i];
}
/* k = HashToRange(rho || Hash(out)) in [0, mpk->q) */
len = EVP_MD_size(md);
if (!EVP_Digest(out, in->w->length, rho + EVP_MD_size(md), &len, md, NULL)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EVP_LIB);
goto end;
}
if (!BN_hash_to_range(md, &k, rho, EVP_MD_size(md) * 2, mpk->q, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_BN_LIB);
goto end;
}
/* Verify that in->u == mpk->pointP * k */
if (!EC_POINT_mul(group, point, k, NULL, NULL, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (1 != EC_POINT_cmp_fppoint(group, point, in->u, bn_ctx)) {
BFIBEerr(BFIBE_F_BFIBE_DO_DECRYPT, BFIBE_R_BFIBE_CIPHERTEXT_FAILURE);
goto end;
}
*outlen = in->w->length;
ret = 1;
end:
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
EC_GROUP_free(group);
EC_POINT_free(point);
EC_POINT_free(point1);
BN_GFP2_free(theta);
return ret;
}
/* estimation of the max length of DER encoded ciphertext */
static int BFCiphertextBlock_size(BFPublicParameters *mpk,
size_t inlen, size_t *outlen)
{
size_t len = 0;
len += (OPENSSL_ECC_MAX_FIELD_BITS/8) * 2;
len += inlen;
len += EVP_MAX_MD_SIZE;
len += 128; /* caused by version and DER encoding */
*outlen = len;
return 1;
}
int BFIBE_encrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
const char *id, size_t idlen)
{
int ret = 0;
BFCiphertextBlock *c = NULL;
unsigned char *p;
size_t len;
if (!mpk || !in || inlen <= 0 || !outlen || !id || idlen <= 0) {
BFIBEerr(BFIBE_F_BFIBE_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BFCiphertextBlock_size(mpk, inlen, &len)) {
BFIBEerr(BFIBE_F_BFIBE_ENCRYPT, BFIBE_R_COMPUTE_OUTLEN_FAILURE);
return 0;
}
if (!out) {
*outlen = len;
return 1;
}
if (*outlen < len) {
BFIBEerr(BFIBE_F_BFIBE_ENCRYPT, BFIBE_R_BUFFER_TOO_SMALL);
return 0;
}
if (!(c = BFIBE_do_encrypt(mpk, in, inlen, id, idlen))) {
BFIBEerr(BFIBE_F_BFIBE_ENCRYPT, BFIBE_R_ENCRYPT_FAILURE);
goto end;
}
p = out;
if (!i2d_BFCiphertextBlock(c, &p)) {
BFIBEerr(BFIBE_F_BFIBE_ENCRYPT, BFIBE_R_I2D_FAILURE);
goto end;
}
len = p - out;
*outlen = len;
ret = 1;
end:
BFCiphertextBlock_free(c);
return ret;
}
int BFIBE_decrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
BFPrivateKeyBlock *sk)
{
int ret = 0;
BFCiphertextBlock *c = NULL;
const unsigned char *p;
if (!mpk || !in || inlen <= 0 || !outlen || !sk) {
BFIBEerr(BFIBE_F_BFIBE_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!out) {
*outlen = inlen;
return 1;
}
if (*outlen < inlen) {
BFIBEerr(BFIBE_F_BFIBE_DECRYPT, BFIBE_R_BUFFER_TOO_SMALL);
return 0;
}
p = in;
if (!(c = d2i_BFCiphertextBlock(NULL, &p, inlen))) {
BFIBEerr(BFIBE_F_BFIBE_DECRYPT, BFIBE_R_D2I_FAILURE);
goto end;
}
/* check no remaining ciphertext */
if (p - in != inlen) {
BFIBEerr(BFIBE_F_BFIBE_DECRYPT, BFIBE_R_INVALID_CIPHERTEXT);
goto end;
}
if (!BFIBE_do_decrypt(mpk, c, out, outlen, sk)) {
BFIBEerr(BFIBE_F_BFIBE_DECRYPT, BFIBE_R_DECRYPT_FAILURE);
goto end;
}
ret = 1;
end:
BFCiphertextBlock_free(c);
return ret;
}

2
crypto/bfibe/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=bfibe_err.c bfibe_asn1.c bfibe_lib.c

2
crypto/ec/build.info
View File

@@ -6,7 +6,7 @@ SOURCE[../../libcrypto]=\
ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c ecdh_kdf.c \
ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c ecx_meth.c \
{- $target{ec_asm_src} -} ecahe.c
{- $target{ec_asm_src} -}
GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)

456
crypto/ec/ecahe.c
View File

@@ -1,456 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/ecahe.h>
struct ECAHE_CIPHERTEXT_st {
EC_POINT *A;
EC_POINT *B;
};
ASN1_SEQUENCE(ECAHE_CIPHERTEXT) = {
ASN1_SIMPLE(ECAHE_CIPHERTEXT, A, ASN1_OCTET_STRING),
ASN1_SIMPLE(ECAHE_CIPHERTEXT, B, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(ECAHE_CIPHERTEXT)
IMPLEMENT_ASN1_FUNCTIONS(ECAHE_CIPHERTEXT)
IMPLEMENT_ASN1_DUP_FUNCTION(ECAHE_CIPHERTEXT)
#define EC_MAX_PLAINTEXT (65536)
int ECAHE_ciphertext_size(EC_KEY *pk)
{
ECerr(EC_F_ECAHE_CIPHERTEXT_SIZE, ERR_R_EC_LIB);
return 0;
}
int ECAHE_encrypt(unsigned char *out, size_t *outlen, const BIGNUM *in, EC_KEY *pk)
{
ECerr(EC_F_ECAHE_ENCRYPT, ERR_R_EC_LIB);
return 0;
}
int ECAHE_decrypt(unsigned long *out, const unsigned char *in, size_t inlen, EC_KEY *sk)
{
ECerr(EC_F_ECAHE_DECRYPT, ERR_R_EC_LIB);
return 0;
}
int ECAHE_do_encrypt(ECAHE_CIPHERTEXT *c, const BIGNUM *m, EC_KEY *pk)
{
int ret = -1;
const EC_GROUP *group;
const EC_POINT *point;
BIGNUM *order = NULL;
BN_CTX *ctx = NULL;
BIGNUM *r = NULL;
OPENSSL_assert(c);
OPENSSL_assert(m);
OPENSSL_assert(pk);
if (!(group = EC_KEY_get0_group(pk))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(order = BN_new())) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(ctx = BN_CTX_new())) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!EC_GROUP_get_order(group, order, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(r = BN_new())) {
ERR_print_errors_fp(stderr);
goto end;
}
do {
if (!BN_rand_range(r, order)) {
ERR_print_errors_fp(stderr);
goto end;
}
} while (BN_is_zero(r));
if (c->A == NULL) {
if (!(c->A = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
goto end;
}
}
/* c->A = [r]G */
if (!EC_POINT_mul(group, c->A, r, NULL, NULL, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
if (c->B == NULL) {
if (!(c->B = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
goto end;
}
}
if (!(point = EC_KEY_get0_public_key(pk))) {
ERR_print_errors_fp(stderr);
goto end;
}
{
//EC_POINT *T = EC_POINT_new(group);
//EC_POINT_mul(group, T, m, NULL, NULL, ctx);
//printf("[m]G = %s\n", EC_POINT_point2hex(group, T, EC_PUBKEY_FORMAT, ctx));
}
/* c->b = [m]G + [r]P */
if (!EC_POINT_mul(group, c->B, m, point, r, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
ret = 0;
end:
if (r) BN_free(r);
if (order) BN_free(order);
if (ctx) BN_CTX_free(ctx);
return ret;
}
/* A == [r]G
* B == [m]G + [r]P == [m]G + [rd]G
* B - [d]A == B - [rd]G == [m]G
*/
int ECAHE_do_decrypt(BIGNUM *m, const ECAHE_CIPHERTEXT *c, EC_KEY *sk)
{
int ret = -1;
const EC_GROUP *group;
const EC_POINT *G;
const BIGNUM *d;
BN_CTX *ctx = NULL;
BIGNUM *order = NULL;
EC_POINT *point = NULL;
EC_POINT *point2 = NULL;
unsigned int i;
OPENSSL_assert(m);
OPENSSL_assert(c && c->A && c->B);
OPENSSL_assert(sk);
if (!(group = EC_KEY_get0_group(sk))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(G = EC_GROUP_get0_generator(group))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(d = EC_KEY_get0_private_key(sk))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(ctx = BN_CTX_new())) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(order = BN_new())) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!EC_GROUP_get_order(group, order, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(point = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!BN_one(order)) {
ERR_print_errors_fp(stderr);
goto end;
}
/* point = [d]A = [rd]G */
if (!EC_POINT_mul(group, point, NULL, c->A, d, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
/* point = -[rd]G */
if (!EC_POINT_invert(group, point, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
/* point = B - [rd]G = [m]G + [rd]G - [rd]G = [m]G */
if (!EC_POINT_add(group, point, point, c->B, ctx)) {
ERR_print_errors_fp(stderr);
goto end;
}
{
//printf("[m]G = %s\n", EC_POINT_point2hex(group, point, EC_PUBKEY_FORMAT, ctx));
}
if (!(point2 = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!EC_POINT_set_to_infinity(group, point2)) {
ERR_print_errors_fp(stderr);
goto end;
}
for (i = 0; i < EC_MAX_PLAINTEXT; i++) {
//printf("%03d ", i);
//printf(" %s\n", EC_POINT_point2hex(group, point, EC_PUBKEY_FORMAT, ctx));
//printf(" %s\n", EC_POINT_point2hex(group, point2, EC_PUBKEY_FORMAT, ctx));
if (EC_POINT_cmp(group, point, point2, ctx) == 0) {
if (!BN_set_word(m, i)) {
ERR_print_errors_fp(stderr);
goto end;
}
//printf("SUCCESS: %d\n", i+1);
ret = 0;
goto end;
}
EC_POINT_add(group, point2, point2, EC_GROUP_get0_generator(group), ctx);
}
end:
if (ctx) BN_CTX_free(ctx);
if (order) BN_free(order);
if (point) EC_POINT_free(point);
if (point2) EC_POINT_free(point2);
return ret;
}
int ECAHE_ciphertext_add(ECAHE_CIPHERTEXT *r,
const ECAHE_CIPHERTEXT *a, const ECAHE_CIPHERTEXT *b,
EC_KEY *pk)
{
const EC_GROUP *group = EC_KEY_get0_group(pk);
BN_CTX *ctx = NULL;
if (!(group = EC_KEY_get0_group(pk))) {
ERR_print_errors_fp(stderr);
return -1;
}
OPENSSL_assert(a->A);
OPENSSL_assert(b->A);
OPENSSL_assert(a->B);
OPENSSL_assert(b->B);
if (r->A == NULL) {
if (!(r->A = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
return -1;
}
}
if (r->B == NULL) {
if (!(r->B = EC_POINT_new(group))) {
ERR_print_errors_fp(stderr);
return -1;
}
}
if (!(ctx = BN_CTX_new())) {
ERR_print_errors_fp(stderr);
return -1;
}
if (!EC_POINT_add(group, r->A, a->A, b->A, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
if (!EC_POINT_add(group, r->B, a->B, b->B, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
BN_CTX_free(ctx);
return 0;
}
int ECAHE_ciphertext_sub(ECAHE_CIPHERTEXT *r,
const ECAHE_CIPHERTEXT *a, const ECAHE_CIPHERTEXT *b,
EC_KEY *pk)
{
const EC_GROUP *group = EC_KEY_get0_group(pk);
BN_CTX *ctx = NULL;
if (!(group = EC_KEY_get0_group(pk))) {
ERR_print_errors_fp(stderr);
return -1;
}
OPENSSL_assert(a->A);
OPENSSL_assert(b->A);
OPENSSL_assert(a->B);
OPENSSL_assert(b->B);
if (ECAHE_ciphertext_neg(r, b, pk) < 0) {
fprintf(stderr, "%s (%s %d): ec_ciphertext_neg failed\n",
__FUNCTION__, __FILE__, __LINE__);
return -1;
}
if (!(ctx = BN_CTX_new())) {
ERR_print_errors_fp(stderr);
return -1;
}
if (!EC_POINT_add(group, r->A, r->A, a->A, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
if (!EC_POINT_add(group, r->B, r->B, a->B, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
BN_CTX_free(ctx);
return 0;
}
int ECAHE_ciphertext_neg(ECAHE_CIPHERTEXT *r, const ECAHE_CIPHERTEXT *a,
EC_KEY *pk)
{
const EC_GROUP *group;
BN_CTX *ctx = NULL;
OPENSSL_assert(r && a && pk);
OPENSSL_assert(a->A);
OPENSSL_assert(a->B);
if (!(group = EC_KEY_get0_group(pk))) {
ERR_print_errors_fp(stderr);
return -1;
}
if (r->A)
EC_POINT_free(r->A);
if (!(r->A = EC_POINT_dup(a->A, group))) {
ERR_print_errors_fp(stderr);
return -1;
}
if (r->B)
EC_POINT_free(r->B);
if (!(r->B = EC_POINT_dup(a->B, group))) {
ERR_print_errors_fp(stderr);
return -1;
}
if (!(ctx = BN_CTX_new())) {
ERR_print_errors_fp(stderr);
return -1;
}
if (!EC_POINT_invert(group, r->A, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
if (!EC_POINT_invert(group, r->B, ctx)) {
ERR_print_errors_fp(stderr);
BN_CTX_free(ctx);
return -1;
}
BN_CTX_free(ctx);
return 0;
}

490
crypto/ec2/bn_gfp2.c
View File

@@ -1,490 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* this file implement complex number over prime field
* a = a0 + a1 * i, i^2 == -1
* most of the routines should be replaced by macros
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn_gfp2.h>
/*
* to make it simple, currently both a0 and a1 will be inited
*/
BN_GFP2 *BN_GFP2_new(void)
{
int e = 1;
BN_GFP2 *ret = NULL;
if (!(ret = OPENSSL_malloc(sizeof(BN_GFP2)))) {
BNerr(BN_F_BN_GFP2_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
ret->a0 = BN_new();
ret->a1 = BN_new();
if (!ret->a0 || !ret->a1) {
BNerr(BN_F_BN_GFP2_NEW, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_zero(ret->a0);
BN_zero(ret->a1);
e = 0;
end:
if (e && ret) {
BN_GFP2_free(ret);
ret = NULL;
}
return ret;
}
void BN_GFP2_free(BN_GFP2 *a)
{
if (a) {
BN_free(a->a0);
BN_free(a->a1);
OPENSSL_free(a);
}
}
int BN_GFP2_copy(BN_GFP2 *r, const BN_GFP2 *a)
{
if (!r || !r->a0 || !r->a1 || !a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_COPY, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BN_copy(r->a0, a->a0)) {
BNerr(BN_F_BN_GFP2_COPY, ERR_R_BN_LIB);
return 0;
}
if (!BN_copy(r->a1, a->a1)) {
BNerr(BN_F_BN_GFP2_COPY, ERR_R_BN_LIB);
return 0;
}
return 1;
}
int BN_GFP2_one(BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_ONE, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_one(a->a0);
BN_zero(a->a1);
return 1;
}
int BN_GFP2_zero(BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_ZERO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_zero(a->a0);
BN_zero(a->a1);
return 1;
}
/* return 1 on success, so dont use !BN_GFP2_is_zero() to check return value */
int BN_GFP2_is_zero(const BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_IS_ZERO, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
return (BN_is_zero(a->a0) && BN_is_zero(a->a1));
}
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b)
{
if (!a || !b || !a->a0 || !a->a1 || !b->a0 || !b->a1) {
BNerr(BN_F_BN_GFP2_EQU, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
return ((BN_cmp(a->a0, b->a0) == 0) && (BN_cmp(a->a1, b->a1) == 0));
}
int BN_GFP2_add(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b,
const BIGNUM *p, BN_CTX *ctx)
{
if (!a || !b || !a->a0 || !a->a1 || !b->a0 || !b->a1 || !p || !ctx) {
BNerr(BN_F_BN_GFP2_ADD, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BN_mod_add(r->a0, a->a0, b->a0, p, ctx)) {
BNerr(BN_F_BN_GFP2_ADD, ERR_R_BN_LIB);
return 0;
}
if (!BN_mod_add(r->a1, a->a1, b->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_ADD, ERR_R_BN_LIB);
return 0;
}
return 1;
}
int BN_GFP2_sub(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b,
const BIGNUM *p, BN_CTX *ctx)
{
if (!a || !b || !a->a0 || !a->a1 || !b->a0 || !b->a1 || !p || !ctx) {
BNerr(BN_F_BN_GFP2_SUB, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BN_mod_sub(r->a0, a->a0, b->a0, p, ctx)) {
BNerr(BN_F_BN_GFP2_SUB, ERR_R_BN_LIB);
return 0;
}
if (!BN_mod_sub(r->a1, a->a1, b->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_SUB, ERR_R_BN_LIB);
return 0;
}
return 1;
}
/*
* (a0 + a1 * i) * (b0 + b1 * i)
* = a0 * b0 + a1 * b1 * i^2 + (a0 * b1 + a1 * b0) * i
* = (a0 * b0 - a1 * b1) + (a0 * b1 + a1 * b0) * i
*/
int BN_GFP2_mul(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b,
const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *t = NULL;
BN_CTX_start(ctx);
if (!(t = BN_CTX_get(ctx))) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
/* r->a0 = a->a0 * b->a0 - a->a1 * b->a1 (mod p) */
if (!BN_mod_mul(r->a0, a->a0, b->a0, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(t, a->a1, b->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_sub(r->a0, r->a0, t, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
/* r->a1 = a->a0 * b->a1 + a->a1 * b->a0 (mod p) */
if (!BN_mod_mul(r->a1, a->a0, b->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(t, a->a1, b->a0, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_add(r->a1, r->a1, t, p, ctx)) {
BNerr(BN_F_BN_GFP2_MUL, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
int BN_GFP2_sqr(BN_GFP2 *r, const BN_GFP2 *a,
const BIGNUM *p, BN_CTX *ctx)
{
return BN_GFP2_mul(r, a, a, p, ctx);
}
/*
* (a0 + a1 * i) * (a0 - a1 * i)
* = a0^2 - a1^2 * i^2
* = a0^2 + a1^2
* ==> (a0 + a1 * i) * (a0 - a1 * i) * (a0^2 + a1^2)^-1 == 1
* ==> (a0 + a1 * i)^-1 == (a0 - a1 * i) * (a0^2 + a1^2)^-1
*/
int BN_GFP2_inv(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *t = NULL;
BN_CTX_start(ctx);
if (!(t = BN_CTX_get(ctx))) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
/* t = (a0^2 + a1^2)^-1 */
if (!BN_mod_sqr(r->a0, a->a0, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_sqr(r->a1, a->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(t, r->a0, r->a1, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_inverse(t, t, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
/* r0 = a0^ t (mod p) */
if (!BN_mod_mul(r->a0, a->a0, t, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
/* r1 = p - a1^t (mod p) */
if (!BN_mod_mul(r->a1, a->a1, t, p, ctx)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
if (!BN_sub(r->a1, p, r->a1)) {
BNerr(BN_F_BN_GFP2_INV, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
int BN_GFP2_div(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b, const BIGNUM *p, BN_CTX *ctx)
{
if (!BN_GFP2_inv(r, b, p, ctx)) {
return 0;
}
if (!BN_GFP2_mul(r, a, r, p, ctx)) {
return 0;
}
return 1;
}
/* need a fast implementation. check if k is solinas */
int BN_GFP2_exp(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *k, const BIGNUM *p,
BN_CTX *ctx)
{
return 0;
}
int BN_GFP2_set_bn(BN_GFP2 *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
if (!r || !a || !p) {
BNerr(BN_F_BN_GFP2_SET_BN, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BN_copy(r->a0, a)) {
BNerr(BN_F_BN_GFP2_SET_BN, ERR_R_BN_LIB);
return 0;
}
BN_zero(r->a1);
return 1;
}
int BN_GFP2_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx)
{
return BN_mod_add(r->a0, a->a0, b, p, ctx);
}
int BN_GFP2_sub_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx)
{
return BN_mod_sub(r->a0, a->a0, b, p, ctx);
}
int BN_GFP2_mul_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx)
{
return BN_mod_mul(r->a0, a->a0, b, p, ctx);
}
int BN_GFP2_div_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *binv;
if (!(binv = BN_CTX_get(ctx))) {
BNerr(BN_F_BN_GFP2_DIV_BN, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!BN_mod_inverse(binv, b, p, ctx)) {
BNerr(BN_F_BN_GFP2_DIV_BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(r->a0, a->a0, binv, p, ctx)) {
BNerr(BN_F_BN_GFP2_DIV_BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(r->a1, a->a1, binv, p, ctx)) {
BNerr(BN_F_BN_GFP2_DIV_BN, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *a;
if (!(a = BN_CTX_get(ctx))) {
goto end;
}
BN_one(a);
if (!BN_lshift(a, a, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_rshift(gfp2->a1, bn, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_mod(gfp2->a0, bn, a, ctx)) {
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
/* return (a0 + a1 << 2^n), n = log_2(p), n % 8 == 0 */
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx)
{
if (!BN_lshift(bn, gfp2->a1, BN_num_bytes(p) * 8)) {
return 0;
}
if (!BN_add(bn, bn, gfp2->a0)) {
return 0;
}
return 1;
}
int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
int order, const BIGNUM *p, BN_CTX *ctx)
{
size_t len;
if (!a || !a->a0 || !a->a1 || !outlen || !p) {
BNerr(BN_F_BN_GFP2_CANONICAL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
len = BN_num_bytes(p) * 2;
if (!out) {
*outlen = len;
return 1;
}
if (*outlen < len) {
BNerr(BN_F_BN_GFP2_CANONICAL, BN_R_BUFFER_TOO_SMALL);
return 0;
}
memset(out, 0, len);
if (order == 0) {
/* low order first output (a0, a1) */
if (!BN_bn2bin(a->a0, out + len/2 - BN_num_bytes(a->a0))) {
BNerr(BN_F_BN_GFP2_CANONICAL, ERR_R_BN_LIB);
return 0;
}
if (!BN_bn2bin(a->a1, out + len - BN_num_bytes(a->a1))) {
BNerr(BN_F_BN_GFP2_CANONICAL, ERR_R_BN_LIB);
return 0;
}
} else {
/* high order first output (a1, a0) */
if (!BN_bn2bin(a->a1, out + len/2 - BN_num_bytes(a->a1))) {
BNerr(BN_F_BN_GFP2_CANONICAL, ERR_R_BN_LIB);
return 0;
}
if (!BN_bn2bin(a->a0, out + len - BN_num_bytes(a->a0))) {
BNerr(BN_F_BN_GFP2_CANONICAL, ERR_R_BN_LIB);
return 0;
}
}
*outlen = len;
return 1;
}

137
crypto/ec2/bn_hash.c
View File

@@ -1,137 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
#include "../bn/bn_lcl.h"
int BN_hash_to_range(const EVP_MD *md, BIGNUM **bn,
const void *s, size_t slen, const BIGNUM *range, BN_CTX *bn_ctx)
{
int ret = 0;
BIGNUM *r = NULL;
BIGNUM *a = NULL;
unsigned char *buf = NULL;
size_t buflen, mdlen;
int nbytes, rounds, i;
if (!s || slen <= 0 || !md || !range) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!(*bn)) {
if (!(r = BN_new())) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
return 0;
}
} else {
r = *bn;
BN_zero(r);
}
mdlen = EVP_MD_size(md);
buflen = mdlen + slen;
if (!(buf = OPENSSL_malloc(buflen))) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
goto end;
}
memset(buf, 0, mdlen);
memcpy(buf + mdlen, s, slen);
a = BN_new();
if (!a) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
goto end;
}
nbytes = BN_num_bytes(range);
rounds = (nbytes + mdlen - 1)/mdlen;
if (!bn_expand(r, rounds * mdlen * 8)) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
for (i = 0; i < rounds; i++) {
if (!EVP_Digest(buf, buflen, buf, (unsigned int *)&mdlen, md, NULL)) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_EVP_LIB);
goto end;
}
if (!BN_bin2bn(buf, mdlen, a)) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
if (!BN_lshift(r, r, mdlen * 8)) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
if (!BN_uadd(r, r, a)) {
goto end;
}
}
if (!BN_mod(r, r, range, bn_ctx)) {
BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
*bn = r;
ret = 1;
end:
if (!ret && !(*bn)) {
BN_free(r);
}
BN_free(a);
OPENSSL_free(buf);
return ret;
}

218
crypto/ec2/bn_solinas.c
View File

@@ -1,218 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/bn_solinas.h>
#include "../bn/bn_lcl.h"
/*
* generate the solinas prime tables,
* use it for fast check of solinas
*/
#define BN_SOLINAS_192V1 0
#define BN_SOLINAS_192V2 1
#define BN_SOLINAS_224V1 2
#define BN_SOLINAS_256V1 3
#define BN_SOLINAS_384V1 4
#define BN_SOLINAS_512V1 5
#define BN_SOLINAS_512V2 6
#define BN_SOLINAS_1024V1 7
#define BN_SOLINAS_1024V2 8
#if 0
//remove warnings
static BN_SOLINAS BN_solinas_table[] = {
{ 192, 16, -1, -1 },
{ 192, 64, -1, -1 },
{ 224, 96, -1, 1 },
{ 256, 168, -1, 1 },
{ 384, 80, -1, 1 },
{ 512, 32, -1, 1 },
{ 512, 32, -1, -1 },
{ 1024, 424, -1, -1 },
{ 1024, 856, -1, 1 },
};
#endif
/*
* solinas = 2^a + s * 2^b + c, where s, c in {1, -1}
* solinas looks like:
* 2^a + 2^b + 1 = 10000100001
* 2^a - 2^b + 1 = 1111100001
* 2^a + 2^b - 1 = 10000011111
* 2^a - 2^b - 1 = 1111011111
* so:
* n = len(bits(solinas))
* c = bits(solinas)[1] == 0 ? 1 : -1
* s = bits(solinas)[n-2] == 0 ? 1 : -1
* a = bits(solinas)[n-2] == 0 ? n-1 : n-2
* b = len(bits(solinas - 2^a - s*2^b - c)) - 1
*
* examples:
* 0xfffffffffffffffffffffffffffbffff
* 0xffffffffffffffffffffffeffffffffffff
* 0xfffffffffbfffffffffffffffffffffffff
*/
int BN_bn2solinas(const BIGNUM *bn, BN_SOLINAS *solinas)
{
int ret = 0;
BIGNUM *tmp = NULL;
int nbits;
int i;
if (!solinas || !bn) {
BNerr(BN_F_BN_BN2SOLINAS, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!BN_copy(tmp, bn)) {
goto end;
}
if ((nbits = BN_num_bits(bn) - 1) < 1) {
BNerr(BN_F_BN_BN2SOLINAS, BN_R_INVALID_SOLINAS);
goto end;
}
solinas->c = BN_is_bit_set(bn, 1) ? 1 : -1;
if (BN_is_bit_set(bn, nbits - 1)) {
solinas->s = -1;
solinas->a = nbits;
} else {
solinas->s = 1;
solinas->a = nbits - 1;
}
for (i = 1; i < nbits; i++) {
}
end:
return ret;
}
int BN_solinas2bn(const BN_SOLINAS *solinas, BIGNUM *bn)
{
int ret = 0;
BIGNUM *tmp = NULL;
if (!solinas || !bn) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_MALLOC_FAILURE);
return 0;
}
if (solinas->b <= 0 || solinas->a <= solinas->b
|| (solinas->s != 1 && solinas->s != -1)
|| (solinas->c != 1 && solinas->c != -1)) {
BNerr(BN_F_BN_SOLINAS2BN, BN_R_INVALID_SOLINAS_PARAMETERS);
return 0;
}
if (!(tmp = BN_new())) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_one(tmp);
if (!BN_lshift(bn, tmp, solinas->a)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_lshift(tmp, tmp, solinas->b)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_add_word(tmp, solinas->c)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (solinas->s > 0) {
if (!BN_add(bn, bn, tmp)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
} else {
if (!BN_sub(bn, bn, tmp)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
}
/* check if it is a prime */
ret = 1;
end:
BN_free(tmp);
return ret;
}
int BN_generate_solinas(BIGNUM *ret, BN_SOLINAS *solinas, BN_GENCB *cb)
{
return 0;
}
int BN_is_solinas(const BIGNUM *a)
{
return 0;
}
BN_SOLINAS *BN_get_solinas(int index)
{
return NULL;
}

3
crypto/ec2/build.info
View File

@@ -1,3 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=bn_gfp2.c bn_solinas.c bn_hash.c \
fppoint.c ec_hash.c ec_type1.c

181
crypto/ec2/ec_hash.c
View File

@@ -1,181 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/bn_hash.h>
/* currently the EC_POINT_hash2point only support type1curve! */
int EC_POINT_hash2point(const EC_GROUP *group, const EVP_MD *md,
const char *s, size_t slen, EC_POINT *point, BN_CTX *bn_ctx)
{
int ret = 0;
BIGNUM *p = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BIGNUM *k = NULL;
BIGNUM *q = NULL;
if (!group || !md || !point || !s || slen <= 0 || !bn_ctx) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != NID_X9_62_prime_field) {
ECerr(EC_F_EC_POINT_HASH2POINT, EC_R_INVALID_CURVE);
return 0;
}
p = BN_new();
x = BN_new();
y = BN_new();
k = BN_new();
q = BN_new();
if (!p || !x || !y || !k || !q) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_curve_GFp(group, p, x, y, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_EC_LIB);
goto end;
}
/* check group is type-1 curve */
if (!BN_is_zero(x) || !BN_is_one(y) || BN_mod_word(p, 12) != 11) {
ECerr(EC_F_EC_POINT_HASH2POINT, EC_R_INVALID_CURVE);
goto end;
}
/* get order */
if (!EC_GROUP_get_order(group, q, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_EC_LIB);
goto end;
}
/* y = HashToRange(s) in [0, p - 1] */
if (!BN_hash_to_range(md, &y, s, slen, p, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
/* x = (y + 1) * (y - 1) mod p */
if (!BN_copy(x, y)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_copy(k, y)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_add_word(x, 1)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_sub_word(k, 1)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(x, x, k, p, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
/* k = (p^2 - 1)/3 */
if (!BN_lshift1(k, p)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_sub_word(k, 1)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_div_word(k, 3)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
/* compute x and point = (x, y) */
if (!BN_mod_exp(x, x, k, p, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_EC_LIB);
goto end;
}
/* compute [(p + 1)/q] * point */
if (!BN_add_word(p, 1)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!BN_div(k, NULL, p, q, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_BN_LIB);
goto end;
}
if (!EC_POINT_mul(group, point, NULL, point, k, bn_ctx)) {
ECerr(EC_F_EC_POINT_HASH2POINT, ERR_R_EC_LIB);
goto end;
}
ret = 1;
end:
BN_free(p);
BN_free(x);
BN_free(y);
BN_free(k);
BN_free(q);
return ret;
}

817
crypto/ec2/ec_type1.c
View File

@@ -1,817 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn_gfp2.h>
EC_GROUP *EC_GROUP_generate_type1curve(const BIGNUM *order, BN_CTX *bn_ctx)
{
ECerr(EC_F_EC_GROUP_GENERATE_TYPE1CURVE, 0);
return 0;
}
EC_GROUP *EC_GROUP_new_type1curve_ex(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, const unsigned char *point, size_t pointlen,
const BIGNUM *order, const BIGNUM *cofactor, BN_CTX *bn_ctx)
{
return NULL;
}
EC_GROUP *EC_GROUP_new_type1curve(const BIGNUM *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *order, BN_CTX *bn_ctx)
{
int e = 1;
EC_GROUP *ret = NULL;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
EC_POINT *point = NULL;
if (!p || !x || !y || !order) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
/* check p = 11 (mod 12) */
if (BN_mod_word(p, 12) != 11) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, EC_R_INVALID_TYPE1CURVE);
return NULL;
}
BN_CTX_start(bn_ctx);
a = BN_CTX_get(bn_ctx);
b = BN_CTX_get(bn_ctx);
if (!a || !b) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_MALLOC_FAILURE);
goto end;
}
BN_zero(a);
BN_one(b);
if (!(ret = EC_GROUP_new_curve_GFp(p, a, b, bn_ctx))) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, EC_R_INVALID_TYPE1CURVE);
goto end;
}
/* prepare generator point from (x, y) */
if (!(point = EC_POINT_new(ret))) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_POINT_set_affine_coordinates_GFp(ret, point, x, y, bn_ctx)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, EC_R_INVALID_TYPE1CURVE);
goto end;
}
/*
* calculate cofactor h = (p + 1)/n
* check n|(p + 1) where n is the order
*/
if (!BN_copy(a, p)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_BN_LIB);
goto end;
}
if (!BN_add_word(a, 1)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_BN_LIB);
goto end;
}
/* check (p + 1)%n == 0 */
if (!BN_div(a, b, a, order, bn_ctx)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, ERR_R_BN_LIB);
goto end;
}
if (!BN_is_zero(b)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, EC_R_INVLID_TYPE1CURVE);
goto end;
}
/* set order and cofactor */
if (!EC_GROUP_set_generator(ret, point, order, a)) {
ECerr(EC_F_EC_GROUP_NEW_TYPE1CURVE, EC_R_INVALID_TYPE1CURVE);
goto end;
}
e = 0;
end:
if (e && ret) {
EC_GROUP_free(ret);
ret = NULL;
}
BN_CTX_end(bn_ctx);
EC_POINT_free(point);
return ret;
}
int EC_GROUP_is_type1curve(const EC_GROUP *group, BN_CTX *bn_ctx)
{
ECerr(EC_F_EC_GROUP_IS_TYPE1CURVE, 0);
return 0;
}
/*
* zeta = F_p((p-1)/2) + ((F_p(3)^((p + 1)/4))/2) * i, in F_p^2
* which is used in phi() mapping in tate pairing over type1 curve
*/
BN_GFP2 *EC_GROUP_get_type1curve_zeta(const EC_GROUP *group, BN_CTX *bn_ctx)
{
int e = 1;
BN_GFP2 *ret = NULL;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
BIGNUM *p = NULL;
if (!group || !bn_ctx) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
BN_CTX_start(bn_ctx);
ret = BN_GFP2_new();
a = BN_CTX_get(bn_ctx);
b = BN_CTX_get(bn_ctx);
p = BN_CTX_get(bn_ctx);
if (!ret || !a || !b || !p) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_MALLOC_FAILURE);
goto end;
}
/* get curve p, a, b and check it is type1 curve
* p is prime at least 512 bits, a == 0 and b == 1
*/
if (!EC_GROUP_get_curve_GFp(group, a, b, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_EC_LIB);
goto end;
}
if (!BN_is_zero(a) || !BN_is_one(b)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
if (BN_num_bits(p) < 512) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
/*
* set ret->a0 = (p - 1)/2
*/
if (!BN_copy(ret->a0, p)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!BN_sub_word(ret->a0, 1)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_EC_LIB);
goto end;
}
/* BN_div_word() return remainder, while (p - 1)%2 == 0 */
if (BN_div_word(ret->a0, 2)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
/*
* ret->a1 = (p + 1)/4, (ret->a1 + 1)%4 == 0
*/
if (!BN_copy(ret->a1, p)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_add_word(ret->a1, 1)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
if (BN_div_word(ret->a1, 4)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
/*
* re-use a as 3
* ret->a1 = 3^(ret->a1) mod p = 3^((p + 1)/4) mod p
*/
if (!BN_set_word(a, 3)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_exp(ret->a1, a, ret->a1, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
/*
* re-use b as 1/2 mod p
* ret->a1 = ret->a1 / 2 mod p = (3^((p + 1)/4)) mod p
*/
if (!BN_set_word(b, 2)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_inverse(b, b, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(ret->a1, ret->a1, b, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ZETA, ERR_R_BN_LIB);
goto end;
}
e = 0;
end:
if (e && ret) {
BN_GFP2_free(ret);
ret = NULL;
}
BN_CTX_end(bn_ctx);
return ret;
}
/*
* eta = (p^2 - 1)/n
* which is used in the final modular exponentiation of tate pairing over
* type1 curve
*/
BIGNUM *EC_GROUP_get_type1curve_eta(const EC_GROUP *group, BN_CTX *bn_ctx)
{
int e = 1;
BIGNUM *ret = NULL;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
BIGNUM *p = NULL;
if (!group || !bn_ctx) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
BN_CTX_start(bn_ctx);
ret = BN_new();
a = BN_CTX_get(bn_ctx);
b = BN_CTX_get(bn_ctx);
p = BN_CTX_get(bn_ctx);
if (!ret || !a || !b || !p) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_MALLOC_FAILURE);
goto end;
}
/* get curve p, a, b and check it is type1 curve
* p is prime at least 512 bits, a == 0 and b == 1
*/
if (!EC_GROUP_get_curve_GFp(group, a, b, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_EC_LIB);
goto end;
}
if (!BN_is_zero(a) || !BN_is_one(b)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
if (BN_num_bits(p) < 512) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, EC_R_INVALID_TYPE1_CURVE);
goto end;
}
/* get curve order n, re-use a for order n */
if (!EC_GROUP_get_order(group, a, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_EC_LIB);
goto end;
}
/*
* eta = (p^2 - 1)/n,
*/
if (!BN_sqr(ret, p, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_sub_word(ret, 1)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_BN_LIB);
goto end;
}
if (!BN_div(ret, NULL, ret, a, bn_ctx)) {
ECerr(EC_F_EC_GROUP_GET_TYPE1CURVE_ETA, ERR_R_BN_LIB);
goto end;
}
e = 1;
end:
if (e && ret) {
BN_free(ret);
ret = NULL;
}
BN_CTX_end(bn_ctx);
return ret;
}
/* phi: (x, y) => (zeta * x, y) */
static int type1curve_phi(const EC_GROUP *group, const EC_POINT *point,
BN_GFP2 *x, BN_GFP2 *y, const BIGNUM *p, BN_CTX *bn_ctx)
{
int ret = 0;
BN_GFP2 *zeta = NULL;
BIGNUM *xP;
BIGNUM *yP;
if (!group || !point || !x || !y || !p || !bn_ctx) {
ECerr(EC_F_TYPE1CURVE_PHI,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_CTX_start(bn_ctx);
xP = BN_CTX_get(bn_ctx);
yP = BN_CTX_get(bn_ctx);
if (!xP || !yP) {
ECerr(EC_F_TYPE1CURVE_PHI, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!(zeta = EC_GROUP_get_type1curve_zeta(group, bn_ctx))) {
ECerr(EC_F_TYPE1CURVE_PHI,
EC_R_GET_TYPE1CURVE_ZETA_FAILURE);
goto end;
}
if (!EC_POINT_get_affine_coordinates_GFp(group, point, xP, yP, bn_ctx))
{
ECerr(EC_F_TYPE1CURVE_PHI, ERR_R_EC_LIB);
goto end;
}
/* return x = zeta * point->x */
if (!BN_GFP2_mul_bn(x, zeta, xP, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_PHI, ERR_R_BN_LIB);
goto end;
}
/* return y = point->y */
if (!BN_GFP2_set_bn(y, yP, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_PHI, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_CTX_end(bn_ctx);
BN_GFP2_free(zeta);
return ret;
}
/*
* eval the function defined by the line through point T and P,
* with value Q = (xQ, yQ)
*/
static int type1curve_eval_line_textbook(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *T, const EC_POINT *P, const BN_GFP2 *xQ, const BN_GFP2
*yQ,
BN_CTX *bn_ctx)
{
int ret = 0;
BN_GFP2 *num = NULL;
BN_GFP2 *den = NULL;
BIGNUM *p;
BIGNUM *xT;
BIGNUM *yT;
BIGNUM *xP;
BIGNUM *yP;
BIGNUM *bn;
BIGNUM *slope;
if (!group || !r || !T || !P || !xQ || !yQ || !bn_ctx) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_CTX_start(bn_ctx);
p = BN_CTX_get(bn_ctx);
xT = BN_CTX_get(bn_ctx);
yT = BN_CTX_get(bn_ctx);
xP = BN_CTX_get(bn_ctx);
yP = BN_CTX_get(bn_ctx);
bn = BN_CTX_get(bn_ctx);
slope = BN_CTX_get(bn_ctx);
num = BN_GFP2_new();
den = BN_GFP2_new();
if (!p || !xT || !yT || !xP || !yP || !bn || !slope || !num || !den) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_MALLOC_FAILURE);
goto end;
}
/* get prime field p */
if (!EC_GROUP_get_curve_GFp(group, p, xT, yT, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
/* get T and P */
if (!EC_POINT_get_affine_coordinates_GFp(group, T, xT, yT, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_get_affine_coordinates_GFp(group, P, xP, yP, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
#if 0
/* if T == P, slope = (3 * x_T^2 + a)/(2 * y_T) */
if (T == P || (BN_cmp(xT, xP) == 0 && BN_cmp(yT, yP) == 0)) {
if (!BN_mod_sqr(bn, xT, p, bn_ctx)) {
goto end;
}
if (!BN_mod_add(slope, bn, bn, p, bn_ctx)) {
goto end;
}
if (!BN_mod_add(slope, slope, bn, p, bn_ctx)) {
goto end;
}
if (!BN_mod_add(den, yT, yT, p, bn_ctx)) {
goto end;
}
if (!BN_mod_inverse(den, den, p, bn_ctx)) {
goto end;
}
if (!BN_mod_mul(slope, slope, den, p, bn_ctx)) {
goto end;
}
}
/*
* if xT == xP and yT + yP == 0, return xQ - xT
*/
if (BN_cmp(xT, xP) == 0) {
BIGNUM *t;
if (!(t = BN_CTX_get(bn_ctx))) {
goto end;
}
if (!BN_mod_add(t, yT, yP, p, ctx)) {
goto end;
}
if (BN_is_zero(t)) {
if (!BN_GFP2_sub_bn(r, xQ, xT, p, bn_ctx)) {
goto end;
}
}
}
/*
* if T == P, slope = (3 * x_T^2 + a)/(2 * y_T)
* else slope = (y_T - y_P)/(x_T - x_P)
*/
if (!BN_mod_sub(num, yT, yP, p, bn_ctx)) {
goto end;
}
if (!BN_mod_sub(den, xT, xP, p, bn_ctx)) {
goto end;
}
if (!BN_mod_inverse(den, den, p, bn_ctx)) {
goto end;
}
if (!BN_mod_mul(slope, num, den, p, bn_ctx)) {
goto end;
}
#endif
/*
* num = (yQ - ((xQ - xT) * slope)) - yT
* den = xQ + (xT + (xP - slope^2))
* return num/den
*/
if (!BN_GFP2_sub_bn(num, xQ, xT, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_GFP2_mul_bn(num, num, slope, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_GFP2_sub(num, yQ, num, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_GFP2_sub_bn(num, num, yT, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_sqr(bn, slope, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_sub(bn, xP, bn, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_add(bn, xT, bn, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
if (!BN_GFP2_add_bn(den, xQ, bn, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
#if 0
//warning
if (!BN_GFP2_div(ret, num, den, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
#endif
ret = 1;
end:
BN_CTX_end(bn_ctx);
BN_GFP2_free(num);
BN_GFP2_free(den);
return ret;
}
static int type1curve_eval_miller_textbook(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *P, const BN_GFP2 *xQ, const BN_GFP2 *yQ,
const BIGNUM *p, BN_CTX *bn_ctx)
{
int ret = 0;
BN_GFP2 *f = NULL;
BN_GFP2 *g = NULL;
EC_POINT *T = NULL;
BIGNUM *n;
int nbits;
int i;
if (!group || !r || !P || !xQ || !yQ || !p || !bn_ctx) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_CTX_start(bn_ctx);
n = BN_CTX_get(bn_ctx);
f = BN_GFP2_new();
g = BN_GFP2_new();
T = EC_POINT_new(group);
if (!n || !f || !g || !T) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_order(group, n, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
nbits = BN_num_bits(n);
/* miller loop */
for (i = nbits - 2; i >= 0; i--) {
/* f = f^2 */
if (!BN_GFP2_sqr(f, f, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
/* compute g_{T,T}(Q) */
if (!type1curve_eval_line_textbook(group, g, T, T, xQ, yQ,
bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
/* f = f * g */
if (!BN_GFP2_mul(f, f, g, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
/* T = 2T */
if (!EC_POINT_dbl(group, T, T, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
if (BN_is_bit_set(n, i)) {
/* g = g_{T,P}(Q) */
if (!type1curve_eval_line_textbook(group, g, T, P, xQ,
yQ, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
/* f = f * g */
if (!BN_GFP2_mul(f, f, g, p, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_BN_LIB);
goto end;
}
/* T = T + P */
if (!EC_POINT_add(group, T, T, P, bn_ctx)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK,
ERR_R_EC_LIB);
goto end;
}
}
}
/* set return value */
if (!BN_GFP2_copy(r, f)) {
ECerr(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_CTX_end(bn_ctx);
BN_GFP2_free(f);
BN_GFP2_free(g);
EC_POINT_free(T);
return ret;
}
int EC_type1curve_tate(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *P, const EC_POINT *Q, BN_CTX *bn_ctx)
{
int ret = 0;
BN_GFP2 *xQ = NULL;
BN_GFP2 *yQ = NULL;
BIGNUM *eta = NULL;
BIGNUM *p;
BIGNUM *a;
BIGNUM *b;
if (!group || !ret || !P || !Q || !bn_ctx) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_CTX_start(bn_ctx);
xQ = BN_GFP2_new();
yQ = BN_GFP2_new();
p = BN_CTX_get(bn_ctx);
a = BN_CTX_get(bn_ctx);
b = BN_CTX_get(bn_ctx);
if (!xQ || !yQ || !p || !a || !b) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_curve_GFp(group, p, a, b, bn_ctx)) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, EC_R_INVALID_TYPE1CURVE);
goto end;
}
/* (xQ, yQ) = phi(Q) */
if (!type1curve_phi(group, Q, xQ, yQ, p, bn_ctx)) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, ERR_R_EC_LIB);
goto end;
}
/* compute e(P, phi(Q)) */
if (!type1curve_eval_miller_textbook(group, r, P, xQ, yQ, p, bn_ctx)) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, ERR_R_EC_LIB);
goto end;
}
/* compute e(P, phi(Q))^eta, eta = (p^2 - 1)/q */
if (!(eta = EC_GROUP_get_type1curve_eta(group, bn_ctx))) {
ECerr(EC_F_EC_TYPE1CURVE_TATE, EC_R_INVALID_TYPE1CURVE);
goto end;
}
ret = 1;
end:
BN_GFP2_free(xQ);
BN_GFP2_free(yQ);
BN_CTX_end(bn_ctx);
BN_free(eta);
return ret;
}
int EC_type1curve_tate_ratio(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *P1, const EC_POINT *Q1,
const EC_POINT *P2, const EC_POINT *Q2,
BN_CTX *bn_ctx)
{
return 0;
}
#if 0
typedef struct {
int security_bits;
int n_bits;
int p_bits;
int q_bits;
} TYPE1CURVE_SEC;
static TYPE1CURVE_SEC sec_tbl[] = {
/* k |n| |p| |q| */
{ 80, 1024, 512, 160},
{112, 2048, 1024, 224},
{128, 3072, 1536, 256},
{192, 7680, 3840, 384},
{256, 15360, 7680, 512}
};
#endif
const EVP_MD *TYPE1CURVE_nbits_to_md(int nbits)
{
switch (nbits) {
case 1024: return EVP_sha1();
case 2048: return EVP_sha224();
case 3072: return EVP_sha256();
case 7680: return EVP_sha384();
case 15360: return EVP_sha512();
}
return NULL;
}

114
crypto/ec2/fppoint.c
View File

@@ -1,114 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* this file is to implement elliptic curve operations over extension
* fields
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/fppoint.h>
ASN1_SEQUENCE(FpPoint) = {
ASN1_SIMPLE(FpPoint, x, BIGNUM),
ASN1_SIMPLE(FpPoint, y, BIGNUM)
} ASN1_SEQUENCE_END(FpPoint)
IMPLEMENT_ASN1_FUNCTIONS(FpPoint)
IMPLEMENT_ASN1_DUP_FUNCTION(FpPoint)
int EC_POINT_cmp_fppoint(const EC_GROUP *group, const EC_POINT *a, const FpPoint *b,
BN_CTX *bn_ctx)
{
int ret = -1;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
if (!group || !a || !b || !bn_ctx) {
ECerr(EC_F_EC_POINT_CMP_FPPOINT, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
BN_CTX_start(bn_ctx);
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
ECerr(EC_F_EC_POINT_CMP_FPPOINT, ERR_R_BN_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, a, x, y, bn_ctx)) {
ECerr(EC_F_EC_POINT_CMP_FPPOINT, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x, y, bn_ctx)) {
ECerr(EC_F_EC_POINT_CMP_FPPOINT, ERR_R_EC_LIB);
goto end;
}
}
if (BN_cmp(x, b->x) == 0 && BN_cmp(y, b->y) == 0) {
ret = 0;
} else {
ret = 1;
}
end:
BN_CTX_end(bn_ctx);
return ret;
}

24
crypto/ec2/pairing_lcl.h
View File

@@ -1,24 +0,0 @@
typedef struct pairing_parameters_st {
long version;
ASN1_OBJECT *cid;
ASN1_INTEGER *p;
ASN1_INTEGER *a;
ASN1_INTEGER *b;
ASN1_OBJECT *beta;
ASN1_INTEGER *cofactor;
ASN1_INTEGER *order;
ASN1_INTEGER *embedded_degree;
ASN1_OCTET_STRING *G1;
ASN1_OCTET_STRING *G2;
ASN1_TYPE *eid;
ASN1_INTEGER *d1;
ASN1_INTEGER *d2;
ANS1_OBJECT *phi;
}

6
crypto/err/err.c
View File

@@ -60,12 +60,9 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_ASYNC, 0, 0), "ASYNC routines"},
{ERR_PACK(ERR_LIB_KDF, 0, 0), "KDF routines"},
{ERR_PACK(ERR_LIB_KDF2, 0, 0), "KDF2 routines"},
{ERR_PACK(ERR_LIB_FFX, 0, 0), "FFX routines"},
{ERR_PACK(ERR_LIB_PAILLIER, 0, 0), "PAILLIER routines"},
{ERR_PACK(ERR_LIB_OTP, 0, 0), "OTP routines"},
{ERR_PACK(ERR_LIB_GMAPI, 0, 0), "GMAPI routines"},
{ERR_PACK(ERR_LIB_BFIBE, 0, 0), "BFIBE routines"},
{ERR_PACK(ERR_LIB_BB1IBE, 0, 0), "BB1IBE routines"},
{ERR_PACK(ERR_LIB_SM2, 0, 0), "SM2 routines"},
{ERR_PACK(ERR_LIB_SM9, 0, 0), "SM9 routines"},
{ERR_PACK(ERR_LIB_SDF, 0, 0), "SDF routines"},
@@ -116,12 +113,9 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_ENGINE_LIB, "ENGINE lib"},
{ERR_R_ECDSA_LIB, "ECDSA lib"},
{ERR_R_KDF2_LIB, "KDF2 lib"},
{ERR_R_FFX_LIB, "FFX lib"},
{ERR_R_PAILLIER_LIB, "PAILLIER lib"},
{ERR_R_OTP_LIB, "OTP lib"},
{ERR_R_GMAPI_LIB, "GMAPI lib"},
{ERR_R_BFIBE_LIB, "BFIBE lib"},
{ERR_R_BB1IBE_LIB, "BB1IBE lib"},
{ERR_R_SM2_LIB, "SM2 lib"},
{ERR_R_SM9_LIB, "SM9 lib"},
{ERR_R_SDF_LIB, "SDF lib"},

18
crypto/err/err_all.c
View File

@@ -66,9 +66,6 @@
#endif
#include <openssl/kdf.h>
#include <openssl/kdf2.h>
#ifndef OPENSSL_NO_FFX
# include <openssl/ffx.h>
#endif
#ifndef OPENSSL_NO_PAILLIER
# include <openssl/paillier.h>
#endif
@@ -78,12 +75,6 @@
#ifndef OPENSSL_NO_GMAPI
# include <openssl/gmapi.h>
#endif
#ifndef OPENSSL_NO_BFIBE
# include <openssl/bfibe.h>
#endif
#ifndef OPENSSL_NO_BB1IBE
# include <openssl/bb1ibe.h>
#endif
#ifndef OPENSSL_NO_SM2
# include <openssl/sm2.h>
#endif
@@ -167,9 +158,6 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_KDF2
ERR_load_KDF2_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_FFX
ERR_load_FFX_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_PAILLIER
ERR_load_PAILLIER_strings() == 0 ||
# endif
@@ -179,12 +167,6 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_GMAPI
ERR_load_GMAPI_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_BFIBE
ERR_load_BFIBE_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_BB1IBE
ERR_load_BB1IBE_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_SM2
ERR_load_SM2_strings() == 0 ||
# endif

3
crypto/err/openssl.ec
View File

@@ -36,12 +36,9 @@ L CT include/openssl/ct.h crypto/ct/ct_err.c
L ASYNC include/openssl/async.h crypto/async/async_err.c
L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c
L KDF2 include/openssl/kdf2.h crypto/kdf2/kdf2_err.c
L FFX include/openssl/ffx.h crypto/ffx/ffx_err.c
L PAILLIER include/openssl/paillier.h crypto/paillier/pai_err.c
L OTP include/openssl/otp.h crypto/otp/otp_err.c
L GMAPI include/openssl/gmapi.h crypto/gmapi/gmapi_err.c
L BFIBE include/openssl/bfibe.h crypto/bfibe/bfibe_err.c
L BB1IBE include/openssl/bb1ibe.h crypto/bb1ibe/bb1ibe_err.c
L SM2 include/openssl/sm2.h crypto/sm2/sm2_err.c
L SM9 include/openssl/sm9.h crypto/sm9/sm9_err.c
L SDF include/openssl/gmsdf.h crypto/sdf/sdf_err.c

2
crypto/ffx/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=ffx.c ffx_err.c

351
crypto/ffx/ffx.c
View File

@@ -1,351 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <ctype.h>
#include <string.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/ffx.h>
#include <openssl/e_os2.h>
#include "../modes/modes_lcl.h"
static uint32_t modulo[] = {
1,
10,
100,
1000,
10000,
100000,
1000000,
10000000,
100000000,
1000000000,
1000000000,
};
struct FFX_CTX_st {
EVP_CIPHER_CTX *cctx;
int flag;
};
FFX_CTX *FFX_CTX_new(void)
{
FFX_CTX *ret = NULL;
ret = OPENSSL_zalloc(sizeof(*ret));
return ret;
}
void FFX_CTX_free(FFX_CTX *ctx)
{
if (ctx) {
EVP_CIPHER_CTX_free(ctx->cctx);
}
OPENSSL_free(ctx);
}
int FFX_init(FFX_CTX *ctx, const EVP_CIPHER *cipher, const unsigned char *key,
int flag)
{
int ret = 0;
EVP_CIPHER_CTX *cctx = NULL;
if (!ctx || !cipher || !key) {
FFXerr(FFX_F_FFX_INIT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (EVP_CIPHER_mode(cipher) != EVP_CIPH_ECB_MODE) {
FFXerr(FFX_F_FFX_INIT, FFX_R_INVALID_CIPHER_MODE);
return 0;
}
if (EVP_CIPHER_block_size(cipher) != 16) {
FFXerr(FFX_F_FFX_INIT, FFX_R_INVALID_BLOCK_SIZE);
return 0;
}
if (!ctx->cctx) {
if (!(cctx = EVP_CIPHER_CTX_new())) {
FFXerr(FFX_F_FFX_INIT, ERR_R_MALLOC_FAILURE);
goto end;
}
ctx->cctx = cctx;
cctx = NULL;
}
ctx->flag = flag;
if (!EVP_EncryptInit_ex(ctx->cctx, cipher, NULL, key, NULL)) {
FFXerr(FFX_F_FFX_INIT, FFX_R_ENCRYPT_INIT_FAILURE);
goto end;
}
ret = 1;
end:
EVP_CIPHER_CTX_free(cctx);
return ret;
}
int FFX_encrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
unsigned char *tweak, size_t tweaklen)
{
int llen, rlen;
uint32_t lval, rval;
unsigned char pblock[16] = {
0x01, 0x02, 0x01, 0x0a, 0x00, 0x00, 0x0a, 0xff,
0xff, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00};
unsigned char qblock[16];
char lbuf[FFX_MAX_DIGITS/2 + 2];
uint64_t yval;
size_t i;
if (!ctx || !in || !out || !tweak) {
FFXerr(FFX_F_FFX_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (iolen < FFX_MIN_DIGITS || iolen > FFX_MAX_DIGITS) {
FFXerr(FFX_F_FFX_ENCRYPT, FFX_R_INVALID_INPUT_LENGTH);
return 0;
}
for (i = 0; i < iolen; i++) {
if (!isdigit(in[i])) {
FFXerr(FFX_F_FFX_ENCRYPT, FFX_R_INVALID_INPUT_DIGIT);
return 0;
}
}
llen = iolen / 2;
rlen = iolen - llen;
if (tweaklen < FFX_MIN_TWEAKLEN || tweaklen > FFX_MAX_TWEAKLEN) {
FFXerr(FFX_F_FFX_ENCRYPT, FFX_R_INVALID_TWEAK_LENGTH);
return 0;
}
memcpy(lbuf, in, llen);
lbuf[llen] = 0;
lval = atoi(lbuf);
rval = atoi(in + llen);
pblock[7] = llen & 0xff;
pblock[8] = iolen & 0xff;
pblock[12] = tweaklen & 0xff;
if (!EVP_Cipher(ctx->cctx, pblock, pblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_ENCRYPT, ERR_R_EVP_LIB);
return 0;
}
memset(qblock, 0, sizeof(qblock));
memcpy(qblock, tweak, tweaklen);
for (i = 0; i < FFX_NUM_ROUNDS; i += 2) {
unsigned char rblock[16];
size_t j;
qblock[11] = i & 0xff;
memcpy(qblock + 12, &rval, sizeof(rval));
for (j = 0; j < sizeof(rblock); j++) {
rblock[j] = pblock[j] ^ qblock[j];
}
if (!EVP_Cipher(ctx->cctx, rblock, rblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_ENCRYPT, ERR_R_EVP_LIB);
return 0;
}
yval = *((uint64_t *)rblock) % modulo[llen];
lval = (lval + yval) % modulo[llen];
qblock[11] = (i + 1) & 0xff;
memcpy(qblock + 12, &lval, sizeof(lval));
for (j = 0; j < sizeof(rblock); j++) {
rblock[j] = pblock[j] ^ qblock[j];
}
if (!EVP_Cipher(ctx->cctx, rblock, rblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_ENCRYPT, ERR_R_EVP_LIB);
return 0;
}
yval = *((uint64_t *)rblock) % modulo[rlen];
rval = (rval + yval) % modulo[rlen];
}
memset(out, '0', iolen);
sprintf(lbuf, "%d", rval);
memcpy(out + rlen - strlen(lbuf), lbuf, strlen(lbuf));
sprintf(lbuf, "%d", lval);
strcpy(out + iolen - strlen(lbuf), lbuf);
return 1;
}
int FFX_decrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
unsigned char *tweak, size_t tweaklen)
{
int llen, rlen;
uint32_t lval, rval;
unsigned char pblock[16] = {
0x01, 0x02, 0x01, 0x0a, 0x00, 0x00, 0x0a, 0xff,
0xff, 0x00, 0x00, 0x00, 0xff, 0x00, 0x00, 0x00};
unsigned char qblock[16];
char lbuf[FFX_MAX_DIGITS/2 + 2];
uint64_t yval;
size_t i;
if (!ctx || !in || !out || !tweak) {
FFXerr(FFX_F_FFX_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (iolen < FFX_MIN_DIGITS || iolen > FFX_MAX_DIGITS) {
FFXerr(FFX_F_FFX_DECRYPT, FFX_R_INVALID_INPUT_LENGTH);
return 0;
}
for (i = 0; i < iolen; i++) {
if (!isdigit(in[i])) {
FFXerr(FFX_F_FFX_DECRYPT, FFX_R_INVALID_INPUT_DIGIT);
return 0;
}
}
rlen = iolen / 2;
llen = iolen - rlen;
if (tweaklen < FFX_MIN_TWEAKLEN || tweaklen > FFX_MAX_TWEAKLEN) {
FFXerr(FFX_F_FFX_DECRYPT, FFX_R_INVALID_TWEAK_LENGTH);
return 0;
}
memcpy(lbuf, in, llen);
lbuf[llen] = 0;
lval = atoi(lbuf);
rval = atoi(in + llen);
pblock[7] = rlen & 0xff;
pblock[8] = iolen & 0xff;
pblock[12] = tweaklen & 0xff;
if (!EVP_Cipher(ctx->cctx, pblock, pblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_DECRYPT, ERR_R_EVP_LIB);
return 0;
}
memset(qblock, 0, sizeof(qblock));
memcpy(qblock, tweak, tweaklen);
for (i = FFX_NUM_ROUNDS - 1; i > 0; i -= 2) {
unsigned char rblock[16];
size_t j;
qblock[11] = i & 0xff;
memcpy(qblock + 12, &rval, sizeof(rval));
for (j = 0; j < sizeof(rblock); j++) {
rblock[j] = pblock[j] ^ qblock[j];
}
if (!EVP_Cipher(ctx->cctx, rblock, rblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_DECRYPT, ERR_R_EVP_LIB);
return 0;
}
yval = *((uint64_t *)rblock) % modulo[llen];
lval = (lval >= yval) ? (lval - yval) : lval + modulo[llen] - yval;
qblock[11] = (i - 1) & 0xff;
memcpy(qblock + 12, &lval, sizeof(lval));
for (j = 0; j < sizeof(rblock); j++) {
rblock[j] = pblock[j] ^ qblock[j];
}
if (!EVP_Cipher(ctx->cctx, rblock, rblock,
EVP_CIPHER_CTX_block_size(ctx->cctx))) {
FFXerr(FFX_F_FFX_DECRYPT, ERR_R_EVP_LIB);
return 0;
}
yval = *((uint64_t *)rblock) % modulo[rlen];
rval = (rval >= yval) ? (rval - yval) : rval + modulo[rlen] - yval;
}
memset(out, '0', iolen);
sprintf(lbuf, "%d", rval);
memcpy(out + rlen - strlen(lbuf), lbuf, strlen(lbuf));
sprintf(lbuf, "%d", lval);
strcpy(out + iolen - strlen(lbuf), lbuf);
return 1;
}
static int luhn_table[10] = {0, 2, 4, 6, 8, 1, 3, 5, 7, 9};
int FFX_compute_luhn(const char *in, size_t inlen)
{
int r = 0;
int i;
for (i = inlen - 1; i >= 0; i--) {
int a;
if (!isdigit(in[i])) {
return -2;
}
a = in[i] - '0';
if (i % 2 != inlen % 2)
a = luhn_table[a];
r += a;
}
r = ((r * 9) % 10) + '0';
return r;
}

50
crypto/ffx/ffx_err.c
View File

@@ -1,50 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ffx.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FFX,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FFX,0,reason)
static ERR_STRING_DATA FFX_str_functs[] = {
{ERR_FUNC(FFX_F_FFX_DECRYPT), "FFX_decrypt"},
{ERR_FUNC(FFX_F_FFX_ENCRYPT), "FFX_encrypt"},
{ERR_FUNC(FFX_F_FFX_INIT), "FFX_init"},
{0, NULL}
};
static ERR_STRING_DATA FFX_str_reasons[] = {
{ERR_REASON(FFX_R_ENCRYPT_INIT_FAILURE), "encrypt init failure"},
{ERR_REASON(FFX_R_INVALID_BLOCK_SIZE), "invalid block size"},
{ERR_REASON(FFX_R_INVALID_CIPHER_MODE), "invalid cipher mode"},
{ERR_REASON(FFX_R_INVALID_INPUT_DIGIT), "invalid input digit"},
{ERR_REASON(FFX_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(FFX_R_INVALID_TWEAK_LENGTH), "invalid tweak length"},
{0, NULL}
};
#endif
int ERR_load_FFX_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(FFX_str_functs[0].error) == NULL) {
ERR_load_strings(0, FFX_str_functs);
ERR_load_strings(0, FFX_str_reasons);
}
#endif
return 1;
}

3
crypto/include/internal/evp_int.h
View File

@@ -383,9 +383,6 @@ struct evp_pkey_st {
# ifndef OPENSSL_NO_SM9 /* SM9 */
struct SM9_MASTER_KEY_st *sm9_master;
struct SM9_KEY_st *sm9;
# endif
# ifndef OPENSSL_NO_CPK /* CPK */
struct CPK_MASTER_SECERT *cpk;
# endif
} pkey;
int save_parameters;

2
crypto/serpent/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=serpent.c

308
crypto/serpent/serpent.c
View File

@@ -1,308 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/**
Copyright © 2015 Odzhan
Copyright © 2008 Daniel Otte
All Rights Reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY AUTHORS "AS IS" AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE. */
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/serpent.h>
#include "serpent_locl.h"
static void serpent_whiten(serpent_blk *dst, serpent_key_t *src, int idx) {
uint8_t i;
serpent_blk *p = (serpent_blk*)&src->x[idx];
for (i = 0; i<SERPENT_BLOCK_SIZE / 4; i++) {
dst->w[i] ^= p->w[i];
}
}
static void permute(serpent_blk *out, serpent_blk *in, int type)
{
uint8_t cy;
uint8_t n, m;
for (n = 0; n<SERPENT_BLOCK_SIZE / 4; n++) {
out->w[n] = 0;
}
if (type == SERPENT_IP)
{
for (n = 0; n<16; n++) {
for (m = 0; m<8; m++) {
cy = in->w[m % 4] & 1;
in->w[m % 4] >>= 1;
out->b[n] = (cy << 7) | (out->b[n] >> 1);
}
}
}
else {
for (n = 0; n<4; n++) {
for (m = 0; m<32; m++) {
cy = in->w[n] & 1;
in->w[n] >>= 1;
out->w[m % 4] = (cy << 31) | (out->w[m % 4] >> 1);
}
}
}
}
#define HI_NIBBLE(b) (((b) >> 4) & 0x0F)
#define LO_NIBBLE(b) ((b) & 0x0F)
static uint32_t serpent_gen_w(uint32_t *b, uint32_t i) {
uint32_t ret;
ret = b[0] ^ b[3] ^ b[5] ^ b[7] ^ GOLDEN_RATIO ^ i;
return ROTL32(ret, 11);
}
static void serpent_subbytes(serpent_blk *blk, uint32_t box_idx, int type)
{
serpent_blk tmp_blk, sb;
uint8_t *sbp;
uint8_t i, t;
uint8_t sbox[8][8] =
{ { 0x83, 0x1F, 0x6A, 0xB5, 0xDE, 0x24, 0x07, 0xC9 },
{ 0xCF, 0x72, 0x09, 0xA5, 0xB1, 0x8E, 0xD6, 0x43 },
{ 0x68, 0x97, 0xC3, 0xFA, 0x1D, 0x4E, 0xB0, 0x25 },
{ 0xF0, 0x8B, 0x9C, 0x36, 0x1D, 0x42, 0x7A, 0xE5 },
{ 0xF1, 0x38, 0x0C, 0x6B, 0x52, 0xA4, 0xE9, 0xD7 },
{ 0x5F, 0xB2, 0xA4, 0xC9, 0x30, 0x8E, 0x6D, 0x17 },
{ 0x27, 0x5C, 0x48, 0xB6, 0x9E, 0xF1, 0x3D, 0x0A },
{ 0xD1, 0x0F, 0x8E, 0xB2, 0x47, 0xAC, 0x39, 0x65 }
};
uint8_t sbox_inv[8][8] =
{ { 0x3D, 0x0B, 0x6A, 0xC5, 0xE1, 0x74, 0x9F, 0x28 },
{ 0x85, 0xE2, 0x6F, 0x3C, 0x4B, 0x97, 0xD1, 0x0A },
{ 0x9C, 0x4F, 0xEB, 0x21, 0x30, 0xD6, 0x85, 0x7A },
{ 0x90, 0x7A, 0xEB, 0xD6, 0x53, 0x2C, 0x84, 0x1F },
{ 0x05, 0x38, 0x9A, 0xE7, 0xC2, 0x6B, 0xF4, 0x1D },
{ 0xF8, 0x92, 0x14, 0xED, 0x6B, 0x35, 0xC7, 0x0A },
{ 0xAF, 0xD1, 0x35, 0x06, 0x94, 0x7E, 0xC2, 0xB8 },
{ 0x03, 0xD6, 0xE9, 0x8F, 0xC5, 0x7B, 0x1A, 0x24 }
};
box_idx &= 7;
if (type == SERPENT_ENCRYPT) {
sbp = (uint8_t*)&sbox[box_idx][0];
}
else {
sbp = (uint8_t*)&sbox_inv[box_idx][0];
}
for (i = 0; i<16; i += 2) {
t = sbp[i / 2];
sb.b[i + 0] = LO_NIBBLE(t);
sb.b[i + 1] = HI_NIBBLE(t);
}
permute(&tmp_blk, blk, SERPENT_IP);
for (i = 0; i<SERPENT_BLOCK_SIZE; i++) {
t = tmp_blk.b[i];
tmp_blk.b[i] = (sb.b[HI_NIBBLE(t)] << 4) | sb.b[LO_NIBBLE(t)];
}
permute(blk, &tmp_blk, SERPENT_FP);
}
static void serpent_lt(serpent_blk* x, int enc)
{
uint32_t x0, x1, x2, x3;
/* load */
x0 = x->w[0];
x1 = x->w[1];
x2 = x->w[2];
x3 = x->w[3];
if (enc == SERPENT_DECRYPT) {
x2 = ROTL32(x2, 10);
x0 = ROTR32(x0, 5);
x2 ^= x3 ^ (x1 << 7);
x0 ^= x1 ^ x3;
x3 = ROTR32(x3, 7);
x1 = ROTR32(x1, 1);
x3 ^= x2 ^ (x0 << 3);
x1 ^= x0 ^ x2;
x2 = ROTR32(x2, 3);
x0 = ROTR32(x0, 13);
}
else {
x0 = ROTL32(x0, 13);
x2 = ROTL32(x2, 3);
x1 ^= x0 ^ x2;
x3 ^= x2 ^ (x0 << 3);
x1 = ROTL32(x1, 1);
x3 = ROTL32(x3, 7);
x0 ^= x1 ^ x3;
x2 ^= x3 ^ (x1 << 7);
x0 = ROTL32(x0, 5);
x2 = ROTR32(x2, 10);
}
x->w[0] = x0;
x->w[1] = x1;
x->w[2] = x2;
x->w[3] = x3;
}
void serpent_set_encrypt_key(serpent_key_t *key, const unsigned char *user_key)
{
union {
uint8_t b[32];
uint32_t w[8];
} s_ws;
uint32_t i, j;
/* copy key input to local buffer */
memcpy(&s_ws.b[0], user_key, SERPENT_KEY256);
/* expand the key */
for (i = 0; i <= SERPENT_ROUNDS; i++) {
for (j = 0; j<4; j++) {
key->x[i][j] = serpent_gen_w(s_ws.w, i * 4 + j);
memmove(&s_ws.b, &s_ws.b[4], 7 * 4);
s_ws.w[7] = key->x[i][j];
}
serpent_subbytes((serpent_blk*)&key->x[i], 3 - i, SERPENT_ENCRYPT);
}
}
void serpent_set_decrypt_key(serpent_key_t *key, const unsigned char *user_key)
{
union {
uint8_t b[32];
uint32_t w[8];
} s_ws;
uint32_t i, j;
/* copy key input to local buffer */
memcpy(&s_ws.b[0], user_key, SERPENT_KEY256);
/* expand the key */
for (i = 0; i <= SERPENT_ROUNDS; i++) {
for (j = 0; j<4; j++) {
key->x[i][j] = serpent_gen_w(s_ws.w, i * 4 + j);
memmove(&s_ws.b, &s_ws.b[4], 7 * 4);
s_ws.w[7] = key->x[i][j];
}
serpent_subbytes((serpent_blk*)&key->x[i], 3 - i, SERPENT_ENCRYPT);
}
}
void serpent_encrypt(const void *in, void *out, serpent_key_t *key)
{
int8_t i;
serpent_blk *_out = out;
memcpy(out, in, SERPENT_BLOCK_SIZE);
i = 0;
for (;;) {
/* xor with subkey */
serpent_whiten(_out, key, i);
/* apply sbox */
serpent_subbytes(_out, i, SERPENT_ENCRYPT);
if (++i == SERPENT_ROUNDS)
break;
/* linear transformation */
serpent_lt(_out, SERPENT_ENCRYPT);
}
serpent_whiten(_out, key, i);
}
void serpent_decrypt(const void *in, void *out, serpent_key_t *key)
{
int8_t i;
serpent_blk *_out = out;
memcpy(out, in, SERPENT_BLOCK_SIZE);
i = SERPENT_ROUNDS;
serpent_whiten(_out, key, i);
for (;;) {
--i;
/* apply sbox */
serpent_subbytes(_out, i, SERPENT_DECRYPT);
/* xor with subkey */
serpent_whiten(_out, key, i);
if (i == 0)
break;
/* linear transformation */
serpent_lt(_out, SERPENT_DECRYPT);
}
}

112
crypto/serpent/serpent_locl.h
View File

@@ -1,112 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/**
Copyright © 2015 Odzhan
Copyright © 2008 Daniel Otte
All Rights Reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY AUTHORS "AS IS" AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE. */
#include <openssl/opensslconf.h>
#include <openssl/e_os2.h>
#include <openssl/serpent.h>
#ifdef INTRINSICS
#define memcpy(x,y,z) __movsb(x,y,z)
#define memmove(x,y,z) __movsb(x,y,z)
#define memset(x,y,z) __stosb(x,y,z)
#define ROTL32(x,r) _rotl(x,r)
#define ROTR32(x,r) _rotr(x,r)
#else
#define U8V(v) ((uint8_t)(v) & 0xFFU)
#define U16V(v) ((uint16_t)(v) & 0xFFFFU)
#define U32V(v) ((uint32_t)(v) & 0xFFFFFFFFUL)
#define U64V(v) ((uint64_t)(v) & 0xFFFFFFFFFFFFFFFFULL)
#define ROTL8(v, n) \
(U8V((v) << (n)) | ((v) >> (8 - (n))))
#define ROTL16(v, n) \
(U16V((v) << (n)) | ((v) >> (16 - (n))))
#define ROTL32(v, n) \
(U32V((v) << (n)) | ((v) >> (32 - (n))))
#define ROTL64(v, n) \
(U64V((v) << (n)) | ((v) >> (64 - (n))))
#define ROTR8(v, n) ROTL8(v, 8 - (n))
#define ROTR16(v, n) ROTL16(v, 16 - (n))
#define ROTR32(v, n) ROTL32(v, 32 - (n))
#define ROTR64(v, n) ROTL64(v, 64 - (n))
#endif
#define GOLDEN_RATIO 0x9e3779b9l

1
crypto/sm3/asm/sm3-586.pl
View File

@@ -1 +0,0 @@
#! /usr/bin/env perl

288
crypto/sm3/asm/sm3-x86_64.pl
View File

@@ -1 +1,289 @@
#! /usr/bin/env perl
$flavour = shift;
$output = shift;
if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
$avx = ($1>=2.19) + ($1>=2.22);
}
if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
`nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
$avx = ($1>=2.09) + ($1>=2.10);
}
if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./) {
$avx = ($1>=10) + ($1>=11);
}
if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
$avx=1 if ($avx);
open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
$func="sm3_block_data_order";
$TABLE="K256";
$SZ=4;
@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
"%r8d","%r9d","%r10d","%r11d");
($T1,$a0,$a1,$a2,$a3)=("%r12d","%r13d","%r14d","%r15d","%edi");
@Sigma0=( 2,13,22);
@Sigma1=( 6,11,25);
@sigma0=( 7,18, 3);
@sigma1=(17,19,10);
$rounds=64;
$ctx="%rdi"; # 1st arg, zapped by $a3
$inp="%rsi"; # 2nd arg
$Tbl="%rbp";
$_ctx="16*$SZ+0*8(%rsp)";
$_inp="16*$SZ+1*8(%rsp)";
$_end="16*$SZ+2*8(%rsp)";
$_rsp="16*$SZ+3*8(%rsp)";
$framesz="16*$SZ+4*8";
sub ROUND_00_15()
{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
my $STRIDE=$SZ;
$STRIDE += 16 if ($i%(16/$SZ)==(16/$SZ-1));
$code.=<<___;
ror \$`$Sigma1[2]-$Sigma1[1]`,$a0
mov $f,$a2
xor $e,$a0
ror \$`$Sigma0[2]-$Sigma0[1]`,$a1
xor $g,$a2 # f^g
mov $T1,`$SZ*($i&0xf)`(%rsp)
xor $a,$a1
and $e,$a2 # (f^g)&e
ror \$`$Sigma1[1]-$Sigma1[0]`,$a0
add $h,$T1 # T1+=h
xor $g,$a2 # Ch(e,f,g)=((f^g)&e)^g
ror \$`$Sigma0[1]-$Sigma0[0]`,$a1
xor $e,$a0
add $a2,$T1 # T1+=Ch(e,f,g)
mov $a,$a2
add ($Tbl),$T1 # T1+=K[round]
xor $a,$a1
xor $b,$a2 # a^b, b^c in next round
ror \$$Sigma1[0],$a0 # Sigma1(e)
mov $b,$h
and $a2,$a3
ror \$$Sigma0[0],$a1 # Sigma0(a)
add $a0,$T1 # T1+=Sigma1(e)
xor $a3,$h # h=Maj(a,b,c)=Ch(a^b,c,b)
add $T1,$d # d+=T1
add $T1,$h # h+=T1
lea $STRIDE($Tbl),$Tbl # round++
___
$code.=<<___ if ($i<15);
add $a1,$h # h+=Sigma0(a)
___
($a2,$a3) = ($a3,$a2);
}
sub ROUND_16_XX()
{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
$code.=<<___;
mov `$SZ*(($i+1)&0xf)`(%rsp),$a0
mov `$SZ*(($i+14)&0xf)`(%rsp),$a2
mov $a0,$T1
ror \$`$sigma0[1]-$sigma0[0]`,$a0
add $a1,$a # modulo-scheduled h+=Sigma0(a)
mov $a2,$a1
ror \$`$sigma1[1]-$sigma1[0]`,$a2
xor $T1,$a0
shr \$$sigma0[2],$T1
ror \$$sigma0[0],$a0
xor $a1,$a2
shr \$$sigma1[2],$a1
ror \$$sigma1[0],$a2
xor $a0,$T1 # sigma0(X[(i+1)&0xf])
xor $a1,$a2 # sigma1(X[(i+14)&0xf])
add `$SZ*(($i+9)&0xf)`(%rsp),$T1
add `$SZ*($i&0xf)`(%rsp),$T1
mov $e,$a0
add $a2,$T1
mov $a,$a1
___
&ROUND_00_15(@_);
}
$code=<<___;
.text
.extern OPENSSL_ia32cap_P
.globl $func
.type $func,\@function,3
.align 16
$func:
___
$code.=<<___;
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
mov %rsp,%r11 # copy %rsp
shl \$4,%rdx # num*16
sub \$$framesz,%rsp
lea ($inp,%rdx,$SZ),%rdx # inp+num*16*$SZ
and \$-64,%rsp # align stack frame
mov $ctx,$_ctx # save ctx, 1st arg
mov $inp,$_inp # save inp, 2nd arh
mov %rdx,$_end # save end pointer, "3rd" arg
mov %r11,$_rsp # save copy of %rsp
.Lprologue:
mov $SZ*0($ctx),$A
mov $SZ*1($ctx),$B
mov $SZ*2($ctx),$C
mov $SZ*3($ctx),$D
mov $SZ*4($ctx),$E
mov $SZ*5($ctx),$F
mov $SZ*6($ctx),$G
mov $SZ*7($ctx),$H
jmp .Lloop
.align 16
.Lloop:
mov $B,$a3
lea $TABLE(%rip),$Tbl
xor $C,$a3 # magic
___
for($i=0;$i<16;$i++) {
$code.=" mov $SZ*$i($inp),$T1\n";
$code.=" mov @ROT[4],$a0\n";
$code.=" mov @ROT[0],$a1\n";
$code.=" bswap $T1\n";
&ROUND_00_15($i,@ROT);
unshift(@ROT,pop(@ROT));
}
$code.=<<___;
jmp .Lrounds_16_xx
.align 16
.Lrounds_16_xx:
___
for(;$i<32;$i++) {
&ROUND_16_XX($i,@ROT);
unshift(@ROT,pop(@ROT));
}
$code.=<<___;
cmpb \$0,`$SZ-1`($Tbl)
jnz .Lrounds_16_xx
mov $_ctx,$ctx
add $a1,$A # modulo-scheduled h+=Sigma0(a)
lea 16*$SZ($inp),$inp
add $SZ*0($ctx),$A
add $SZ*1($ctx),$B
add $SZ*2($ctx),$C
add $SZ*3($ctx),$D
add $SZ*4($ctx),$E
add $SZ*5($ctx),$F
add $SZ*6($ctx),$G
add $SZ*7($ctx),$H
cmp $_end,$inp
mov $A,$SZ*0($ctx)
mov $B,$SZ*1($ctx)
mov $C,$SZ*2($ctx)
mov $D,$SZ*3($ctx)
mov $E,$SZ*4($ctx)
mov $F,$SZ*5($ctx)
mov $G,$SZ*6($ctx)
mov $H,$SZ*7($ctx)
jb .Lloop
mov $_rsp,%rsi
mov (%rsi),%r15
mov 8(%rsi),%r14
mov 16(%rsi),%r13
mov 24(%rsi),%r12
mov 32(%rsi),%rbp
mov 40(%rsi),%rbx
lea 48(%rsi),%rsp
.Lepilogue:
ret
.size $func,.-$func
___
$code.=<<___;
.align 64
.type $TABLE,\@object
$TABLE:
.long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
.long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
.long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
.long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
.long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
.long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
.long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
.long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
.long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
.long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
.long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
.long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
.long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
.long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
.long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
.long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
.long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
.long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
.long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
.long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
.long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
.long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
.long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
.long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
.long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
.long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
.long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
.long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
.long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
.long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
.long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
.long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
.long 0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
.long 0x03020100,0x0b0a0908,0xffffffff,0xffffffff
.long 0x03020100,0x0b0a0908,0xffffffff,0xffffffff
.long 0xffffffff,0xffffffff,0x03020100,0x0b0a0908
.long 0xffffffff,0xffffffff,0x03020100,0x0b0a0908
___
close STDOUT;

13
crypto/sm3/build.info
View File

@@ -1,2 +1,13 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=sm3.c sm3_hmac.c
SOURCE[../../libcrypto]=\
sm3.c {- $target{sm3_asm_src} -}
GENERATE[sm3-x86_64.s]=asm/sm3-x86_64.pl $(PERLASM_SCHEME)
BEGINRAW[Makefile(unix)]
##### SM3 assembler implementations
# GNU make "catch all"
{- $builddir -}/sm3-%.S: {- $sourcedir -}/asm/sm3-%.pl
CC="$(CC)" $(PERL) $< $(PERLASM_SCHEME) $@
ENDRAW[Makefile(unix)]

2
crypto/sm9/sm9_keygen.c
View File

@@ -50,8 +50,6 @@
#include <string.h>
#include <openssl/err.h>
#include <openssl/sm9.h>
#include <openssl/ec_type1.h>
#include <openssl/bn_hash.h>
#include "sm9_lcl.h"

86
crypto/sm9/sm9_lib.c
View File

@@ -51,9 +51,11 @@
#include <openssl/err.h>
#include <openssl/sm9.h>
#include <openssl/crypto.h>
#include <openssl/bn_hash.h>
#include "../bn/bn_lcl.h"
#include "sm9_lcl.h"
static int BN_hash_to_range(const EVP_MD *md, BIGNUM **bn,
const void *s, size_t slen, const BIGNUM *range, BN_CTX *bn_ctx);
#if 0
typedef struct {
@@ -231,3 +233,85 @@ int sm9_check_sign_scheme(int nid)
{
return 1;
}
int BN_hash_to_range(const EVP_MD *md, BIGNUM **bn,
const void *s, size_t slen, const BIGNUM *range, BN_CTX *bn_ctx)
{
int ret = 0;
BIGNUM *r = NULL;
BIGNUM *a = NULL;
unsigned char *buf = NULL;
size_t buflen, mdlen;
int nbytes, rounds, i;
if (!s || slen <= 0 || !md || !range) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!(*bn)) {
if (!(r = BN_new())) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
return 0;
}
} else {
r = *bn;
BN_zero(r);
}
mdlen = EVP_MD_size(md);
buflen = mdlen + slen;
if (!(buf = OPENSSL_malloc(buflen))) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
goto end;
}
memset(buf, 0, mdlen);
memcpy(buf + mdlen, s, slen);
a = BN_new();
if (!a) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_MALLOC_FAILURE);
goto end;
}
nbytes = BN_num_bytes(range);
rounds = (nbytes + mdlen - 1)/mdlen;
if (!bn_expand(r, rounds * mdlen * 8)) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
for (i = 0; i < rounds; i++) {
if (!EVP_Digest(buf, buflen, buf, (unsigned int *)&mdlen, md, NULL)) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_EVP_LIB);
goto end;
}
if (!BN_bin2bn(buf, mdlen, a)) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
if (!BN_lshift(r, r, mdlen * 8)) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
if (!BN_uadd(r, r, a)) {
goto end;
}
}
if (!BN_mod(r, r, range, bn_ctx)) {
//BNerr(BN_F_BN_HASH_TO_RANGE, ERR_R_BN_LIB);
goto end;
}
*bn = r;
ret = 1;
end:
if (!ret && !(*bn)) {
BN_free(r);
}
BN_free(a);
OPENSSL_free(buf);
return ret;
}

2
crypto/sm9/sm9_sign.c
View File

@@ -51,8 +51,6 @@
#include <openssl/err.h>
#include <openssl/sm9.h>
#include <openssl/ec.h>
#include <openssl/ec_type1.h>
#include <openssl/bn_gfp2.h>
#include "sm9_lcl.h"

2
crypto/speck/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=speck.c

198
crypto/speck/speck.c
View File

@@ -1,198 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/speck.h>
#include "speck_lcl.h"
void speck_set_encrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[SPECK_ROUNDS16])
{
SPECK_TYPE16 i, b = K[0];
SPECK_TYPE16 a[SPECK_KEY_LEN16 - 1];
for (i = 0; i < (SPECK_KEY_LEN16 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS16 - 1; i++) {
R16(a[i % (SPECK_KEY_LEN16 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_set_decrypt_key16(SPECK_TYPE16 const K[SPECK_KEY_LEN16], SPECK_TYPE16 S[SPECK_ROUNDS16])
{
SPECK_TYPE16 i, b = K[0];
SPECK_TYPE16 a[SPECK_KEY_LEN16 - 1];
for (i = 0; i < (SPECK_KEY_LEN16 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS16 - 1; i++) {
R16(a[i % (SPECK_KEY_LEN16 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_encrypt16(SPECK_TYPE16 const pt[2], SPECK_TYPE16 ct[2], SPECK_TYPE16 const K[SPECK_ROUNDS16])
{
SPECK_TYPE16 i;
ct[0] = pt[0]; ct[1] = pt[1];
for (i = 0; i < SPECK_ROUNDS16; i++){
R16(ct[1], ct[0], K[i]);
}
}
void speck_decrypt16(SPECK_TYPE16 const ct[2], SPECK_TYPE16 pt[2], SPECK_TYPE16 const K[SPECK_ROUNDS16])
{
SPECK_TYPE16 i;
pt[0] = ct[0]; pt[1] = ct[1];
for (i = 0; i < SPECK_ROUNDS16; i++){
RR16(pt[1], pt[0], K[(SPECK_ROUNDS16 - 1) - i]);
}
}
void speck_set_encrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[SPECK_ROUNDS32])
{
SPECK_TYPE32 i, b = K[0];
SPECK_TYPE32 a[SPECK_KEY_LEN32 - 1];
for (i = 0; i < (SPECK_KEY_LEN32 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS32 - 1; i++) {
R32(a[i % (SPECK_KEY_LEN32 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_set_decrypt_key32(SPECK_TYPE32 const K[SPECK_KEY_LEN32], SPECK_TYPE32 S[SPECK_ROUNDS32])
{
SPECK_TYPE32 i, b = K[0];
SPECK_TYPE32 a[SPECK_KEY_LEN32 - 1];
for (i = 0; i < (SPECK_KEY_LEN32 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS32 - 1; i++) {
R32(a[i % (SPECK_KEY_LEN32 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_encrypt32(SPECK_TYPE32 const pt[2], SPECK_TYPE32 ct[2], SPECK_TYPE32 const K[SPECK_ROUNDS32])
{
SPECK_TYPE32 i;
ct[0] = pt[0]; ct[1] = pt[1];
for (i = 0; i < SPECK_ROUNDS32; i++){
R32(ct[1], ct[0], K[i]);
}
}
void speck_decrypt32(SPECK_TYPE32 const ct[2], SPECK_TYPE32 pt[2], SPECK_TYPE32 const K[SPECK_ROUNDS32])
{
SPECK_TYPE32 i;
pt[0] = ct[0]; pt[1] = ct[1];
for (i = 0; i < SPECK_ROUNDS32; i++){
RR32(pt[1], pt[0], K[(SPECK_ROUNDS32 - 1) - i]);
}
}
void speck_set_encrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[SPECK_ROUNDS64])
{
SPECK_TYPE64 i, b = K[0];
SPECK_TYPE64 a[SPECK_KEY_LEN64 - 1];
for (i = 0; i < (SPECK_KEY_LEN64 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS64 - 1; i++) {
R64(a[i % (SPECK_KEY_LEN64 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_set_decrypt_key64(SPECK_TYPE64 const K[SPECK_KEY_LEN64], SPECK_TYPE64 S[SPECK_ROUNDS64])
{
SPECK_TYPE64 i, b = K[0];
SPECK_TYPE64 a[SPECK_KEY_LEN64 - 1];
for (i = 0; i < (SPECK_KEY_LEN64 - 1); i++)
{
a[i] = K[i + 1];
}
S[0] = b;
for (i = 0; i < SPECK_ROUNDS64 - 1; i++) {
R64(a[i % (SPECK_KEY_LEN64 - 1)], b, i);
S[i + 1] = b;
}
}
void speck_encrypt64(SPECK_TYPE64 const pt[2], SPECK_TYPE64 ct[2], SPECK_TYPE64 const K[SPECK_ROUNDS64])
{
SPECK_TYPE64 i;
ct[0] = pt[0]; ct[1] = pt[1];
for (i = 0; i < SPECK_ROUNDS64; i++){
R64(ct[1], ct[0], K[i]);
}
}
void speck_decrypt64(SPECK_TYPE64 const ct[2], SPECK_TYPE64 pt[2], SPECK_TYPE64 const K[SPECK_ROUNDS64])
{
SPECK_TYPE64 i;
pt[0] = ct[0]; pt[1] = ct[1];
for (i = 0; i < SPECK_ROUNDS64; i++){
RR64(pt[1], pt[0], K[(SPECK_ROUNDS64 - 1) - i]);
}
}

74
crypto/speck/speck_lcl.h
View File

@@ -1,74 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_SPECK_LCL_H
#define HEADER_SPECK_LCL_H
#define SPECK_TYPE16 uint16_t
#define SPECK_TYPE32 uint32_t
#define SPECK_TYPE64 uint64_t
#define ROR16(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE16) * 8) - r)))
#define ROL16(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE16) * 8) - r)))
#define ROR32(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE32) * 8) - r)))
#define ROL32(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE32) * 8) - r)))
#define ROR64(x, r) ((x >> r) | (x << ((sizeof(SPECK_TYPE64) * 8) - r)))
#define ROL64(x, r) ((x << r) | (x >> ((sizeof(SPECK_TYPE64) * 8) - r)))
#define R16(x, y, k) (x = ROR16(x, 7), x += y, x ^= k, y = ROL16(y, 2), y ^= x)
#define RR16(x, y, k) (y ^= x, y = ROR16(y, 2), x ^= k, x -= y, x = ROL16(x, 7))
#define R32(x, y, k) (x = ROR32(x, 8), x += y, x ^= k, y = ROL32(y, 3), y ^= x)
#define RR32(x, y, k) (y ^= x, y = ROR32(y, 3), x ^= k, x -= y, x = ROL32(x, 8))
#define R64(x, y, k) (x = ROR64(x, 8), x += y, x ^= k, y = ROL64(y, 3), y ^= x)
#define RR64(x, y, k) (y ^= x, y = ROR64(y, 3), x ^= k, x -= y, x = ROL64(x, 8))
#endif

7
doc/gmssl/deterministic-sm2.md Normal file
View File

@@ -0,0 +1,7 @@
# Deterministic SM2 Signature Algorithm
Like ECDSA, the SM2 signature algorithm need a cryptographicall
secure source of randomness. This requirement makes the algorithm is
warnable when the signature is generate.
Produced siganture remains fully compatible

148
include/openssl/bb1ibe.h
View File

@@ -1,148 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Boneh-Boyen Identity-Based Encryption (BB1-IBE)
* see [RFC 5091](https://tools.ietf.org/html/rfc5091)
* Identity-Based Cryptography Standard (IBCS) #1:
* Supersingular Curve Implementations of the BF and BB1 Cryptosystems
*/
#ifndef HEADER_BB1IBE_H
#define HEADER_BB1IBE_H
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_BB1IBE
#include <string.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/fppoint.h>
#define BB1IBE_VERSION 2
#ifdef __cplusplus
extern "C" {
#endif
typedef struct BB1PublicParameters_st BB1PublicParameters;
typedef struct BB1MasterSecret_st BB1MasterSecret;
typedef struct BB1PrivateKeyBlock_st BB1PrivateKeyBlock;
typedef struct BB1CiphertextBlock_st BB1CiphertextBlock;
int BB1IBE_setup(const EC_GROUP *group, const EVP_MD *md,
BB1PublicParameters **mpk, BB1MasterSecret **msk);
BB1PrivateKeyBlock *BB1IBE_extract_private_key(BB1PublicParameters *mpk,
BB1MasterSecret *msk, const char *id, size_t idlen);
BB1CiphertextBlock *BB1IBE_do_encrypt(BB1PublicParameters *mpk,
const unsigned char *in, size_t inlen,
const char *id, size_t idlen);
int BB1IBE_do_decrypt(BB1PublicParameters *mpk,
const BB1CiphertextBlock *in, unsigned char *out, size_t *outlen,
BB1PrivateKeyBlock *sk);
int BB1IBE_encrypt(BB1PublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
const char *id, size_t idlen);
int BB1IBE_decrypt(BB1PublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
BB1PrivateKeyBlock *sk);
DECLARE_ASN1_FUNCTIONS(BB1MasterSecret)
DECLARE_ASN1_FUNCTIONS(BB1PublicParameters)
DECLARE_ASN1_FUNCTIONS(BB1PrivateKeyBlock)
DECLARE_ASN1_FUNCTIONS(BB1CiphertextBlock)
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_BB1IBE_strings(void);
/* Error codes for the BB1IBE functions. */
/* Function codes. */
# define BB1IBE_F_BB1CIPHERTEXTBLOCK_HASH_TO_RANGE 100
# define BB1IBE_F_BB1IBE_DECRYPT 101
# define BB1IBE_F_BB1IBE_DOUBLE_HASH 102
# define BB1IBE_F_BB1IBE_DO_DECRYPT 103
# define BB1IBE_F_BB1IBE_DO_ENCRYPT 104
# define BB1IBE_F_BB1IBE_ENCRYPT 105
# define BB1IBE_F_BB1IBE_EXTRACT_PRIVATE_KEY 106
# define BB1IBE_F_BB1IBE_SETUP 107
/* Reason codes. */
# define BB1IBE_R_BB1CIPHERTEXT_INVALID_MAC 100
# define BB1IBE_R_BB1IBE_HASH_FAILURE 101
# define BB1IBE_R_BUFFER_TOO_SMALL 102
# define BB1IBE_R_COMPUTE_OUTLEN_FAILURE 103
# define BB1IBE_R_COMPUTE_TATE_FAILURE 104
# define BB1IBE_R_D2I_FAILURE 105
# define BB1IBE_R_DECRYPT_FAILURE 106
# define BB1IBE_R_DOUBLE_HASH_FAILURE 107
# define BB1IBE_R_ENCRYPT_FAILURE 108
# define BB1IBE_R_I2D_FAILURE 109
# define BB1IBE_R_INVALID_INPUT 110
# define BB1IBE_R_INVALID_MD 111
# define BB1IBE_R_INVALID_OUTPUT_BUFFER 112
# define BB1IBE_R_INVALID_TYPE1CURVE 113
# define BB1IBE_R_NOT_NAMED_CURVE 114
# define BB1IBE_R_PARSE_PAIRING 115
# ifdef __cplusplus
}
# endif
#endif
#endif

146
include/openssl/bfibe.h
View File

@@ -1,146 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Boneh-Franklin Identity-Based Encryption (BF-IBE)
* see [RFC 5091](https://tools.ietf.org/html/rfc5091)
* Identity-Based Cryptography Standard (IBCS) #1:
* Supersingular Curve Implementations of the BF and BB1 Cryptosystems
*/
#ifndef HEADER_BFIBE_H
#define HEADER_BFIBE_H
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_BFIBE
#include <string.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/fppoint.h>
#define BFIBE_VERSION 2
#ifdef __cplusplus
extern "C" {
#endif
typedef struct BFPublicParameters_st BFPublicParameters;
typedef struct BFMasterSecret_st BFMasterSecret;
typedef struct BFPrivateKeyBlock_st BFPrivateKeyBlock;
typedef struct BFCiphertextBlock_st BFCiphertextBlock;
int BFIBE_setup(const EC_GROUP *group, const EVP_MD *md,
BFPublicParameters **mpk, BFMasterSecret **msk);
BFPrivateKeyBlock *BFIBE_extract_private_key(BFPublicParameters *mpk,
BFMasterSecret *msk, const char *id, size_t idlen);
BFCiphertextBlock *BFIBE_do_encrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
const char *id, size_t idlen);
int BFIBE_do_decrypt(BFPublicParameters *mpk,
const BFCiphertextBlock *in,
unsigned char *out, size_t *outlen,
BFPrivateKeyBlock *sk);
int BFIBE_encrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
const char *id, size_t idlen);
int BFIBE_decrypt(BFPublicParameters *mpk,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
BFPrivateKeyBlock *sk);
DECLARE_ASN1_FUNCTIONS(BFPublicParameters)
DECLARE_ASN1_FUNCTIONS(BFMasterSecret)
DECLARE_ASN1_FUNCTIONS(BFPrivateKeyBlock)
DECLARE_ASN1_FUNCTIONS(BFCiphertextBlock)
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_BFIBE_strings(void);
/* Error codes for the BFIBE functions. */
/* Function codes. */
# define BFIBE_F_BFIBE_DECRYPT 100
# define BFIBE_F_BFIBE_DO_DECRYPT 101
# define BFIBE_F_BFIBE_DO_ENCRYPT 102
# define BFIBE_F_BFIBE_ENCRYPT 103
# define BFIBE_F_BFIBE_EXTRACT_PRIVATE_KEY 104
# define BFIBE_F_BFIBE_SETUP 105
/* Reason codes. */
# define BFIBE_R_BFIBE_CIPHERTEXT_FAILURE 100
# define BFIBE_R_BUFFER_TOO_SMALL 101
# define BFIBE_R_COMPUTE_OUTLEN_FAILURE 102
# define BFIBE_R_D2I_FAILURE 103
# define BFIBE_R_DECRYPT_FAILURE 104
# define BFIBE_R_ENCRYPT_FAILURE 105
# define BFIBE_R_HASH_BYTES_FAILURE 106
# define BFIBE_R_I2D_FAILURE 107
# define BFIBE_R_INVALID_BFIBE_HASHFUNC 108
# define BFIBE_R_INVALID_CIPHERTEXT 109
# define BFIBE_R_INVALID_TYPE1CURVE 110
# define BFIBE_R_KDF_FAILURE 111
# define BFIBE_R_NOT_NAMED_CURVE 112
# define BFIBE_R_PARSE_CURVE_FAILURE 113
# define BFIBE_R_PARSE_MPK_FAILURE 114
# define BFIBE_R_PARSE_PAIRING 115
# define BFIBE_R_RAND_FAILURE 116
# ifdef __cplusplus
}
# endif
#endif
#endif

96
include/openssl/bn_gfp2.h
View File

@@ -1,96 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_BN_GFP2_H
#define HEADER_BN_GFP2_H
#include <openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
/* element a in GF(p^2), where a = a0 + a1 * i, i^2 == -1 */
typedef struct {
BIGNUM *a0;
BIGNUM *a1;
} BN_GFP2;
BN_GFP2 *BN_GFP2_new(void);
void BN_GFP2_free(BN_GFP2 *a);
int BN_GFP2_copy(BN_GFP2 *r, const BN_GFP2 *a);
int BN_GFP2_one(BN_GFP2 *a);
int BN_GFP2_zero(BN_GFP2 *a);
int BN_GFP2_is_zero(const BN_GFP2 *a);
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b);
int BN_GFP2_add(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_sub(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_mul(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_sqr(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_inv(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_div(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_exp(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *k, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_set_bn(BN_GFP2 *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p,BN_CTX *ctx);
int BN_GFP2_sub_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_mul_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_div_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx);
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx);
/*
* Canonical a = a0 + a1 * i
* If order is 0 then output a0, a1, else output a1, a0, |a0| = |a1| = |p|.
*/
int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
int order, const BIGNUM *p, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif
#endif

68
include/openssl/bn_hash.h
View File

@@ -1,68 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_BN_HASH_H
#define HEADER_BN_HASH_H
#include <openssl/bn.h>
#include <openssl/evp.h>
#ifdef __cplusplus
extern "C" {
#endif
/* hash input bytes to bignum in range [0, p - 1] */
int BN_hash_to_range(const EVP_MD *md,
BIGNUM **bn, const void *in, size_t inlen,
const BIGNUM *p, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif
#endif

94
include/openssl/bn_solinas.h
View File

@@ -1,94 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Solinas Prime (prime number with low weight)
*/
#ifndef HEADER_BN_SOLINAS_H
#define HEADER_BN_SOLINAS_H
#include <openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
/* solinas prime = 2^a + s * 2^b + c */
typedef struct {
int a;
int b;
int s;
int c;
} BN_SOLINAS;
int BN_bn2solinas(const BIGNUM *bn, BN_SOLINAS *solinas);
int BN_solinas2bn(const BN_SOLINAS *solinas, BIGNUM *bn);
int BN_is_solinas(const BIGNUM *bn);
/*
* the following Solinas primes are from
* "Solinas primes of small weight for fixed sizes"
* https://eprint.iacr.org/2010/058.pdf
*
* 2^192 - 2^16 - 1
* 2^192 - 2^64 - 1
* 2^224 - 2^96 + 1
* 2^256 - 2^168 + 1
* 2^384 - 2^80 + 1
* 2^512 - 2^32 + 1
* 2^512 - 2^32 - 1
* 2^1024 - 2^424 - 1
* 2^1024 - 2^856 + 1
*/
#ifdef __cplusplus
}
#endif
#endif

67
include/openssl/ec_hash.h
View File

@@ -1,67 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_EC_HASH_H
#define HEADER_EC_HASH_H
#include <openssl/bn.h>
#include <openssl/ec.h>
#ifdef __cplusplus
extern "C" {
#endif
/* hash string s to elliptic curve point */
int EC_POINT_hash2point(const EC_GROUP *group, const EVP_MD *md,
const char *s, size_t slen, EC_POINT *point, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif
#endif

99
include/openssl/ec_type1.h
View File

@@ -1,99 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* type1curve is supersingular curve E: y^2 = x^3 + 1 (mod p) over prime field.
* p = 11 (mod 12)
* a = 0
* b = 1
* G = (x, y)
* n is the order of (x, y)
* h = (p + 1)/n
*/
#ifndef HEADER_EC_TYPE1_H
#define HEADER_EC_TYPE1_H
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/bn_gfp2.h>
#ifdef __cplusplus
extern "C" {
#endif
EC_GROUP *EC_GROUP_new_type1curve(const BIGNUM *p, const BIGNUM *x,
const BIGNUM *y, const BIGNUM *order, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_type1curve_ex(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, const unsigned char *point, size_t pointlen,
const BIGNUM *order, const BIGNUM *cofactor, BN_CTX *bn_ctx);
int EC_GROUP_is_type1curve(const EC_GROUP *group, BN_CTX *ctx);
BN_GFP2 *EC_GROUP_get_type1curve_zeta(const EC_GROUP *group, BN_CTX *ctx);
BIGNUM *EC_GROUP_get_type1curve_eta(const EC_GROUP *group, BN_CTX *ctx);
/* compute tate pairing e(P, Q) over type1curve */
int EC_type1curve_tate(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *P, const EC_POINT *Q, BN_CTX *ctx);
/* compute tate pairing ratio e(P1, Q1)/e(P2, Q2) over type1curve*/
int EC_type1curve_tate_ratio(const EC_GROUP *group, BN_GFP2 *r,
const EC_POINT *P1, const EC_POINT *Q1, const EC_POINT *P2,
const EC_POINT *Q2, BN_CTX *bn_ctx);
#ifdef __cplusplus
}
#endif
#endif

74
include/openssl/ecahe.h
View File

@@ -1,74 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 - 2019 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_ECAHE_H
#define HEADER_ECAHE_H
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct ECAHE_CIPHERTEXT_st ECAHE_CIPHERTEXT;
DECLARE_ASN1_FUNCTIONS(ECAHE_CIPHERTEXT)
int ECAHE_do_encrypt(ECAHE_CIPHERTEXT *c, const BIGNUM *m, EC_KEY *pk);
int ECAHE_do_decrypt(BIGNUM *m, const ECAHE_CIPHERTEXT *c, EC_KEY *sk);
int ECAHE_ciphertext_add(ECAHE_CIPHERTEXT *r, const ECAHE_CIPHERTEXT *a, const ECAHE_CIPHERTEXT *b, EC_KEY *pk);
int ECAHE_ciphertext_sub(ECAHE_CIPHERTEXT *r, const ECAHE_CIPHERTEXT *a, const ECAHE_CIPHERTEXT *b, EC_KEY *pk);
int ECAHE_ciphertext_neg(ECAHE_CIPHERTEXT *r, const ECAHE_CIPHERTEXT *a, EC_KEY *pk);
#ifdef __cplusplus
}
#endif
#endif

9
include/openssl/err.h
View File

@@ -94,12 +94,9 @@ typedef struct err_state_st {
# define ERR_LIB_ASYNC 51
# define ERR_LIB_KDF 52
# define ERR_LIB_KDF2 53
# define ERR_LIB_FFX 54
# define ERR_LIB_PAILLIER 55
# define ERR_LIB_OTP 57
# define ERR_LIB_GMAPI 58
# define ERR_LIB_BFIBE 59
# define ERR_LIB_BB1IBE 60
# define ERR_LIB_SM9 61
# define ERR_LIB_SDF 63
# define ERR_LIB_SKF 64
@@ -144,12 +141,9 @@ typedef struct err_state_st {
# define ASYNCerr(f,r) ERR_PUT_error(ERR_LIB_ASYNC,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define KDFerr(f,r) ERR_PUT_error(ERR_LIB_KDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define KDF2err(f,r) ERR_PUT_error(ERR_LIB_KDF2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define FFXerr(f,r) ERR_PUT_error(ERR_LIB_FFX,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define PAILLIERerr(f,r) ERR_PUT_error(ERR_LIB_PAILLIER,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define OTPerr(f,r) ERR_PUT_error(ERR_LIB_OTP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define GMAPIerr(f,r) ERR_PUT_error(ERR_LIB_GMAPI,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BFIBEerr(f,r) ERR_PUT_error(ERR_LIB_BFIBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BB1IBEerr(f,r) ERR_PUT_error(ERR_LIB_BB1IBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM2err(f,r) ERR_PUT_error(ERR_LIB_SM2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM9err(f,r) ERR_PUT_error(ERR_LIB_SM9,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SDFerr(f,r) ERR_PUT_error(ERR_LIB_SDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
@@ -203,12 +197,9 @@ typedef struct err_state_st {
# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
# define ERR_R_KDF2_LIB ERR_LIB_KDF2/* 53 */
# define ERR_R_FFX_LIB ERR_LIB_FFX/* 54 */
# define ERR_R_PAILLIER_LIB ERR_LIB_PAILLIER/* 55 */
# define ERR_R_OTP_LIB ERR_LIB_OTP/* 57 */
# define ERR_R_GMAPI_LIB ERR_LIB_GMAPI/* 58 */
# define ERR_R_BFIBE_LIB ERR_LIB_BFIBE/* 59 */
# define ERR_R_BB1IBE_LIB ERR_LIB_BB1IBE/* 60 */
# define ERR_R_SM2_LIB ERR_LIB_SM2/* 66 */
# define ERR_R_SM9_LIB ERR_LIB_SM9/* 61 */
# define ERR_R_SDF_LIB ERR_LIB_SDF/* 63 */

117
include/openssl/ffx.h
View File

@@ -1,117 +0,0 @@
/* ====================================================================
* Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_FFX_H
#define HEADER_FFX_H
#include <string.h>
#include <openssl/evp.h>
#define FFX_MIN_DIGITS 6
#define FFX_MAX_DIGITS 18
#define FFX_MIN_TWEAKLEN 4
#define FFX_MAX_TWEAKLEN 11
#define FFX_NUM_ROUNDS 10
#define FFX_TYPE_BINARY 0x04
#define FFX_TYPE_KEYWORD 0x05
#define FFX_TYPE_PASSWORD 0x08
#define FFX_TYPE_TEXT 0x09
#define FFX_TYPE_INTEGER 0x0a
#define FFX_TYPE_DIGITS 0x00
#define FFX_TYPE_CELLPHONE 0x01
#define FFX_TYPE_BANKCARD 0x02
#define FFX_TYPE_IDCARD 0x03
#ifdef __cplusplus
extern "C" {
#endif
typedef struct FFX_CTX_st FFX_CTX;
FFX_CTX *FFX_CTX_new(void);
void FFX_CTX_free(FFX_CTX *ctx);
int FFX_init(FFX_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, int flag);
int FFX_encrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
unsigned char *tweak, size_t tweaklen);
int FFX_decrypt(FFX_CTX *ctx, const char *in, char *out, size_t iolen,
unsigned char *tweak, size_t tweaklen);
int FFX_compute_luhn(const char *in, size_t inlen);
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_FFX_strings(void);
/* Error codes for the FFX functions. */
/* Function codes. */
# define FFX_F_FFX_DECRYPT 100
# define FFX_F_FFX_ENCRYPT 101
# define FFX_F_FFX_INIT 102
/* Reason codes. */
# define FFX_R_ENCRYPT_INIT_FAILURE 100
# define FFX_R_INVALID_BLOCK_SIZE 101
# define FFX_R_INVALID_CIPHER_MODE 102
# define FFX_R_INVALID_INPUT_DIGIT 103
# define FFX_R_INVALID_INPUT_LENGTH 104
# define FFX_R_INVALID_TWEAK_LENGTH 105
# ifdef __cplusplus
}
# endif
#endif

77
include/openssl/fppoint.h
View File

@@ -1,77 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* FpPoint is the affine coordinates presentation of point over E/F_p
* this data struct is used by pairing schemes over type1 curve
*/
#ifndef HEADER_FPPOINT_H
#define HEADER_FPPOINT_H
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/bn_gfp2.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct fppoint_st {
BIGNUM *x;
BIGNUM *y;
} FpPoint;
DECLARE_ASN1_FUNCTIONS(FpPoint)
int EC_POINT_cmp_fppoint(const EC_GROUP *group,
const EC_POINT *point, const FpPoint *fppoint, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif
#endif

119
include/openssl/serpent.h
View File

@@ -1,119 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/**
Copyright © 2015 Odzhan
Copyright © 2008 Daniel Otte
All Rights Reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY AUTHORS "AS IS" AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE. */
#ifndef HEADER_SERPENT_H
#define HEADER_SERPENT_H
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SERPENT
#include <openssl/e_os2.h>
#define SERPENT_ROUNDS 32
#define SERPENT_BLOCK_SIZE 16
#define SERPENT_KEY256 32
#define SERPENT_ENCRYPT 0
#define SERPENT_DECRYPT 1
#define SERPENT_IP 0
#define SERPENT_FP 1
typedef union _serpent_blk_t {
uint8_t b[SERPENT_BLOCK_SIZE];
uint32_t w[SERPENT_BLOCK_SIZE / 4];
uint64_t q[SERPENT_BLOCK_SIZE / 2];
} serpent_blk;
typedef uint32_t serpent_subkey_t[4];
typedef struct {
serpent_subkey_t x[SERPENT_ROUNDS + 1];
} serpent_key_t;
#ifdef __cplusplus
extern "C" {
#endif
void serpent_set_encrypt_key(serpent_key_t *key, const unsigned char *user_key);
void serpent_set_decrypt_key(serpent_key_t *key, const unsigned char *user_key);
void serpent_encrypt(const void *in, void *out, serpent_key_t *key);
void serpent_decrypt(const void *in, void *out, serpent_key_t *key);
#ifdef __cplusplus
}
#endif
#endif
#endif

170
include/openssl/sof.h
View File

@@ -1,170 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_SOF_H
#define HEADER_SOF_H
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SOF
#include <openssl/sgd.h>
typedef char * SOF_BSTR;
typedef long SOF_LONG;
typedef short SOF_SHORT;
typedef SOF_LONG SOF_BOOL;
#ifdef __cplusplus
extern "C" {
#endif
SOF_BSTR SOF_GetVersion(void);
SOF_LONG SOF_SetSignMethod(SOF_LONG SignMethod);
SOF_LONG SOF_GetSignMethod(void);
SOF_LONG SOF_SetEncryptMethod(SOF_LONG EncryptMethod);
SOF_LONG SOF_GetEncryptMethod(void);
SOF_BSTR SOF_GetUserList(void);
SOF_BSTR SOF_ExportUserCert(SOF_BSTR ContainerName);
SOF_BOOL SOF_Login(SOF_BSTR ContainerName, SOF_BSTR PassWd);
SOF_LONG SOF_GetPinRetryCount(SOF_BSTR ContainerName);
SOF_BOOL SOF_ChangePassWd(SOF_BSTR ContainerName, SOF_BSTR OldPassWd, SOF_BSTR NewPassWd);
SOF_BSTR SOF_ExportExchangeUserCert(SOF_BSTR ContainerName);
SOF_BSTR SOF_GetCertInfo(SOF_BSTR Base64EncodeCert, SOF_SHORT Type);
SOF_BSTR SOF_GetCertInfoByOid(SOF_BSTR Base64EncodeCert, SOF_BSTR Oid);
SOF_BSTR SOF_GetDeviceInfo(SOF_BSTR ContainerName, SOF_LONG Type);
SOF_LONG SOF_ValidateCert(SOF_BSTR Base64EncodeCert);
SOF_BSTR SOF_SignData(SOF_BSTR ContainerName, SOF_BSTR InData);
SOF_BOOL SOF_VerifySignedData(SOF_BSTR Base64EncodeCert, SOF_BSTR InData, SOF_BSTR SignValue);
SOF_BSTR SOF_SignFile(SOF_BSTR ContainerName, SOF_BSTR InFile);
SOF_BOOL SOF_VerifySignedFile(SOF_BSTR Base64EncodeCert, SOF_BSTR InFile, SOF_BSTR SignValue);
SOF_BSTR SOF_EncryptData(SOF_BSTR Base64EncodeCert, SOF_BSTR InData);
SOF_BSTR SOF_DecryptData(SOF_BSTR ContainerName, SOF_BSTR InData);
SOF_BOOL SOF_EncryptFile(SOF_BSTR Base64EncodeCert, SOF_BSTR InFile, SOF_BSTR OutFile);
SOF_BOOL SOF_DecryptFile(SOF_BSTR ContainerName, SOF_BSTR InFile, SOF_BSTR OutFile);
SOF_BSTR SOF_SignMessage(SOF_SHORT flag, SOF_BSTR ContainerName, SOF_BSTR InData);
SOF_BOOL SOF_VerifySignedMessage(SOF_BSTR MessageData, SOF_BSTR InData);
SOF_BSTR SOF_GetInfoFromSignedMessage(SOF_BSTR SignedMessage, SOF_SHORT Type);
SOF_BSTR SOF_SignDataXML(SOF_BSTR ContainerName, SOF_BSTR InData);
SOF_BOOL SOF_VerifySignedDataXML(SOF_BSTR InData);
SOF_BSTR SOF_GetXMLSignatureInfo(SOF_BSTR XMLSignedData, SOF_SHORT Type);
SOF_BSTR SOF_GenRandom(SOF_SHORT RandomLen);
SOF_LONG SOF_GetLastError(void);
SOF_LONG SOF_SetCertTrustList(SOF_BSTR CTLAltName, SOF_BSTR CTLContent, SOF_SHORT CTLContentLen);
SOF_BSTR SOF_GetCertTrustListAltNames(void);
SOF_BSTR SOF_GetCertTrustList(SOF_BSTR CTLAltName);
SOF_LONG SOF_DelCertTrustList(SOF_BSTR CTLAltName);
SOF_LONG SOF_InitCertAppPolicy(SOF_BSTR PolicyName);
SOF_BSTR SOF_GetServerCertificate(SOF_SHORT CertUsage);
SOF_BSTR SOF_SignMessageDetach(SOF_BSTR InData);
SOF_LONG SOF_VerifySignedMessageDetach(SOF_BSTR InData, SOF_BSTR SignedMessage);
SOF_BSTR SOF_CreateTimeStampRequest(SOF_BSTR InData);
SOF_BSTR SOF_CreateTimeStampResponse(SOF_BSTR TimeStampRequest);
SOF_LONG SOF_VerifyTimeStamp(SOF_BSTR InData, SOF_BSTR tsResponseData);
SOF_BSTR SOF_GetTimeStampInfo(SOF_BSTR tsResponseData, SOF_SHORT type);
#define SOR_OK 0x00000000
#define SOR_UnknownErr 0x0B000001
#define SOR_NotSupportYetErr 0x0B000002
#define SOR_FileErr 0x0B000003
#define SOR_ProviderTypeErr 0x0B000004
#define SOR_LoadProviderErr 0x0B000005
#define SOR_LoadDevMngApiErr 0x0B000006
#define SOR_AlgoTypeErr 0x0B000007
#define SOR_NameLenErr 0x0B000008
#define SOR_KeyUsageErr 0x0B000009
#define SOR_ModulusLenErr 0x0B000010
#define SOR_NotInitializeErr 0x0B000011
#define SOR_ObjErr 0x0B000012
#define SOR_MemoryErr 0x0B000100
#define SOR_TimeoutErr 0x0B000101
#define SOR_IndataLenErr 0x0B000200
#define SOR_IndataErr 0x0B000201
#define SOR_GenRandErr 0x0B000300
#define SOR_HashObjErr 0x0B000301
#define SOR_HashErr 0x0B000302
#define SOR_GenRsaKeyErr 0x0B000303
#define SOR_RsaModulusLenErr 0x0B000304
#define SOR_CspImprtPubKeyErr 0x0B000305
#define SOR_RsaEncErr 0x0B000306
#define SOR_RsaDecErr 0x0B000307
#define SOR_HashNotEqualErr 0x0B000308
#define SOR_KeyNotFountErr 0x0B000309
#define SOR_CertNotFountErr 0x0B000310
#define SOR_NotExportErr 0x0B000311
#define SOR_VerifyPolicyErr 0x0B000312
#define SOR_DecryptPadErr 0x0B000400
#define SOR_MacLenErr 0x0B000401
#define SOR_KeyInfoTypeErr 0x0B000402
#define SOR_NullPointerErr 0x0B000403
#define SOR_AppNotFoundErr 0x0B000404
#define SOR_CertEncodeErr 0x0B000405
#define SOR_CertInvalidErr 0x0B000406
#define SOR_CertHasExpiredErr 0x0B000407
#define SOR_CertRevokedErr 0x0B000408
#define SOR_SignDataErr 0x0B000409
#define SOR_VerifySignDataErr 0x0B000410
#define SOR_ReadFileErr 0x0B000411
#define SOR_WriteFileErr 0x0B000412
#define SOR_SecretSegmentErr 0x0B000413
#define SOR_SecretRecoverErr 0x0B000414
#define SOR_EncryptDataErr 0x0B000415
#define SOR_DecryptDataErr 0x0B000416
#define SOR_PKCS7EncodeErr 0x0B000417
#define SOR_XMLEncodeErr 0x0B000418
#define SOR_ParameterNotSupportErr 0x0B000419
#define SOR_CTLNotFound 0x0B000420
#define SOR_AppNotFound 0x0B000421
#ifdef __cplusplus
}
#endif
#endif
#endif

91
include/openssl/speck.h
View File

@@ -1,91 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_SPECK_H
#define HEADER_SPECK_H
#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_SPECK
#define SPECK_ROUNDS16 22
#define SPECK_KEY_LEN16 4
#define SPECK_ROUNDS32 27
#define SPECK_KEY_LEN32 4
#define SPECK_ROUNDS64 34
#define SPECK_KEY_LEN64 4
#include <string.h>
#include <sys/types.h>
#include <openssl/e_os2.h>
#ifdef __cplusplus
extern "C" {
#endif
void speck_set_encrypt_key16(const uint16_t user[SPECK_KEY_LEN16], uint16_t key[SPECK_ROUNDS16]);
void speck_set_decrypt_key16(uint16_t const user[SPECK_KEY_LEN16], uint16_t key[SPECK_ROUNDS16]);
void speck_encrypt16(const uint16_t pt[2], uint16_t ct[2], const uint16_t K[SPECK_ROUNDS16]);
void speck_decrypt16(const uint16_t ct[2], uint16_t pt[2], const uint16_t K[SPECK_ROUNDS16]);
void speck_set_encrypt_key32(const uint32_t user[SPECK_KEY_LEN32], uint32_t key[SPECK_ROUNDS32]);
void speck_set_decrypt_key32(const uint32_t user[SPECK_KEY_LEN32], uint32_t key[SPECK_ROUNDS32]);
void speck_encrypt32(const uint32_t pt[2], uint32_t ct[2], const uint32_t K[SPECK_ROUNDS32]);
void speck_decrypt32(const uint32_t ct[2], uint32_t pt[2], const uint32_t K[SPECK_ROUNDS32]);
void speck_set_encrypt_key64(const uint64_t user[SPECK_KEY_LEN64], uint64_t key[SPECK_ROUNDS64]);
void speck_set_decrypt_key64(const uint64_t user[SPECK_KEY_LEN64], uint64_t key[SPECK_ROUNDS64]);
void speck_encrypt64(const uint64_t pt[2], uint64_t ct[2], const uint64_t K[SPECK_ROUNDS64]);
void speck_decrypt64(const uint64_t ct[2], uint64_t pt[2], const uint64_t K[SPECK_ROUNDS64]);
#ifdef __cplusplus
}
#endif
#endif
#endif

134
test/bb1ibetest.c
View File

@@ -1,134 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_BB1IBE
int main(int argc, char **argv)
{
printf("NO BB1IBE support\n");
return 0;
}
#else
# include <openssl/evp.h>
# include <openssl/bb1ibe.h>
int main(int argc, char **argv)
{
int err = 1;
int curve_id = NID_sm2p256v1;//FIXME
const EVP_MD *md = EVP_sm3();
char *id = "guanzhi1980@gmail.com";
char *in = "message to be signed or encrypted";
EC_GROUP *group = NULL;
BB1PublicParameters *mpk = NULL;
BB1MasterSecret *msk = NULL;
BB1PrivateKeyBlock *sk = NULL;
unsigned char *c = NULL;
unsigned char *m = NULL;
size_t clen, mlen;
/* setup */
if (!(group = EC_GROUP_new_by_curve_name(curve_id))) {
goto end;
}
if (!BB1IBE_setup(group, md, &mpk, &msk)) {
goto end;
}
/* keygen */
if (!(sk = BB1IBE_extract_private_key(mpk, msk, id, strlen(id)))) {
goto end;
}
/* encrypt */
clen = 0;
if (!BB1IBE_encrypt(mpk, (unsigned char *)in, strlen(in),
NULL, &clen, id, strlen(id))) {
goto end;
}
if (!(c = OPENSSL_zalloc(clen))) {
goto end;
}
if (!BB1IBE_encrypt(mpk, (unsigned char *)in, strlen(in),
c, &clen, id, strlen(id))) {
goto end;
}
/* decrypt */
mlen = 0;
if (!BB1IBE_decrypt(mpk, c, clen, NULL, &mlen, sk)) {
goto end;
}
if (!(m = OPENSSL_zalloc(mlen))) {
goto end;
}
if (!BB1IBE_decrypt(mpk, c, clen, m, &mlen, sk)) {
goto end;
}
if (strlen(in) != mlen || memcmp(in, m, mlen) != 0) {
goto end;
}
err = 0;
end:
EC_GROUP_free(group);
BB1PublicParameters_free(mpk);
BB1MasterSecret_free(msk);
BB1PrivateKeyBlock_free(sk);
OPENSSL_free(c);
OPENSSL_free(m);
//FIXME:
//return err;
return 0;
}
#endif

133
test/bfibetest.c
View File

@@ -1,133 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_BFIBE
int main(int argc, char **argv)
{
printf("NO BFIBE support\n");
return 0;
}
#else
# include <openssl/evp.h>
# include <openssl/bfibe.h>
int main(int argc, char **argv)
{
int err = 1;
int curve_id = NID_sm2p256v1;
const EVP_MD *md = EVP_sm3();
char *id = "guanzhi1980@gmail.com";
char *in = "message to be signed or encrypted";
EC_GROUP *group = NULL;
BFPublicParameters *mpk = NULL;
BFMasterSecret *msk = NULL;
BFPrivateKeyBlock *sk = NULL;
unsigned char *c = NULL;
unsigned char *m = NULL;
size_t clen, mlen;
/* setup */
if (!(group = EC_GROUP_new_by_curve_name(curve_id))) {
goto end;
}
if (!BFIBE_setup(group, md, &mpk, &msk)) {
goto end;
}
/* keygen */
if (!(sk = BFIBE_extract_private_key(mpk, msk, id, strlen(id)))) {
goto end;
}
/* encrypt */
clen = 0;
if (!BFIBE_encrypt(mpk, (unsigned char *)in, strlen(in),
NULL, &clen, id, strlen(id))) {
goto end;
}
if (!(c = OPENSSL_zalloc(clen))) {
goto end;
}
if (!BFIBE_encrypt(mpk, (unsigned char *)in, strlen(in),
c, &clen, id, strlen(id))) {
goto end;
}
/* decrypt */
mlen = 0;
if (!BFIBE_decrypt(mpk, c, clen, NULL, &mlen, sk)) {
goto end;
}
if (!(m = OPENSSL_zalloc(mlen))) {
goto end;
}
if (!BFIBE_decrypt(mpk, c, clen, m, &mlen, sk)) {
goto end;
}
if (strlen(in) != mlen || memcmp(in, m, mlen) != 0) {
goto end;
}
err = 0;
end:
EC_GROUP_free(group);
BFPublicParameters_free(mpk);
BFMasterSecret_free(msk);
BFPrivateKeyBlock_free(sk);
OPENSSL_free(c);
OPENSSL_free(m);
//FIXME: return err;
return 0;
}
#endif

31
test/build.info
View File

@@ -17,11 +17,10 @@ IF[{- !$disabled{tests} -}]
dtlsv1listentest ct_test threadstest afalgtest d2i_test \
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
sm3test sms4test kdf2test eciestest ffxtest sm2test \
pailliertest otptest gmapitest ec2test \
bfibetest bb1ibetest sm9test \
sm2test sm3test sms4test kdf2test eciestest \
pailliertest otptest gmapitest sm9test \
sdftest skftest zuctest \
serpenttest specktest base58test
base58test
SOURCE[aborttest]=aborttest.c
INCLUDE[aborttest]=../include
@@ -304,10 +303,6 @@ IF[{- !$disabled{tests} -}]
INCLUDE[eciestest]=../include
DEPEND[eciestest]=../libcrypto
SOURCE[ffxtest]=ffxtest.c
INCLUDE[ffxtest]=../include
DEPEND[ffxtest]=../libcrypto
SOURCE[sm2test]=sm2test.c
INCLUDE[sm2test]=../include
DEPEND[sm2test]=../libcrypto
@@ -324,18 +319,6 @@ IF[{- !$disabled{tests} -}]
INCLUDE[gmapitest]=../include
DEPEND[gmapitest]=../libcrypto
SOURCE[ec2test]=ec2test.c
INCLUDE[ec2test]=../include
DEPEND[ec2test]=../libcrypto
SOURCE[bfibetest]=bfibetest.c
INCLUDE[bfibetest]=../include
DEPEND[bfibetest]=../libcrypto
SOURCE[bb1ibetest]=bb1ibetest.c
INCLUDE[bb1ibetest]=../include
DEPEND[bb1ibetest]=../libcrypto
SOURCE[sm9test]=sm9test.c
INCLUDE[sm9test]=../include
DEPEND[sm9test]=../libcrypto
@@ -352,14 +335,6 @@ IF[{- !$disabled{tests} -}]
INCLUDE[zuctest]=../include
DEPEND[zuctest]=../libcrypto
SOURCE[serpenttest]=serpenttest.c
INCLUDE[serpenttest]=../include
DEPEND[serpenttest]=../libcrypto
SOURCE[specktest]=specktest.c
INCLUDE[specktest]=../include
DEPEND[specktest]=../libcrypto
SOURCE[base58test]=base58test.c
INCLUDE[base58test]=../include
DEPEND[base58test]=../libcrypto

69
test/ec2test.c
View File

@@ -1,69 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_EC2
int main(int argc, char **argv)
{
printf("NO EC2 (EC Extensions) support\n");
return 0;
}
#else
# include <openssl/evp.h>
int main(int argc, char **argv)
{
int err = 0;
return err;
}
#endif

163
test/ffxtest.c
View File

@@ -1,163 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_FFX
int main(int argc, char **argv)
{
printf("No FFX support\n");
return 0;
}
#else
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/ffx.h>
static int test_ffx(int verbose)
{
int ret = 0;
FFX_CTX *ctx = NULL;
char *in = "99999999999999999";
const EVP_CIPHER *cipher[] = {
EVP_sms4_ecb(),
EVP_aes_128_ecb(),
EVP_aes_256_ecb(),
};
unsigned char key[32] = {0};
unsigned char tweak[8] = {
0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38
};
char buf1[100];
char buf2[100];
int i;
if (!(ctx = FFX_CTX_new())) {
ERR_print_errors_fp(stderr);
return 0;
}
for (i = 0; i < OSSL_NELEM(cipher); i++) {
memset(buf1, 0, sizeof(buf1));
memset(buf2, 0, sizeof(buf2));
if (!FFX_init(ctx, cipher[i], key, 0)) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!FFX_encrypt(ctx, in, buf1, strlen(in), tweak, sizeof(tweak))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!FFX_decrypt(ctx, buf1, buf2, strlen(in), tweak, sizeof(tweak))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (strcmp(in, buf2) != 0) {
printf("error ffx-%s\n", EVP_CIPHER_name(cipher[i]));
printf("encrypt/decrypt not match\n");
} else {
printf("test %d ok\n", i + 1);
}
if (verbose) {
printf("ffx-%s-encrypt(\"%s\") = \"%s\"\n",
EVP_CIPHER_name(cipher[i]), in, buf1);
}
}
ret = 1;
end:
FFX_CTX_free(ctx);
return ret;
}
char *digits[] = {
"7992739871",
};
int luhn_checksums[] = {
'3',
};
int test_luhn(int verbose)
{
int i;
int checksum;
for (i = 0; i < OSSL_NELEM(digits); i++) {
checksum = FFX_compute_luhn(digits[i], strlen(digits[i]));
if (checksum != luhn_checksums[i]) {
printf("error calculating Luhn checksum on %s\n", digits[i]);
printf("got %c instead of %c\n", checksum, luhn_checksums[i]);
} else {
printf("test %d ok\n", i+1);
}
}
return 1;
}
int main(int argc, char **argv)
{
int err = 0;
if (!test_ffx(1)) {
err = 1;
}
if (!test_luhn(1)) {
err = 1;
}
return err;
}
#endif

12
test/recipes/05-test_serpent.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_serpent", "serpenttest", "serpent");

12
test/recipes/05-test_speck.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_speck", "specktest", "speck");

12
test/recipes/15-test_bb1ibe.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_bb1ibe", "bb1ibetest", "bb1ibe");

12
test/recipes/15-test_bfibe.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_bfibe", "bfibetest", "bfibe");

12
test/recipes/15-test_ec2.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_ec2", "ec2test", "ec2");

12
test/recipes/30-test_ffx.t
View File

@@ -1,12 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_ffx", "ffxtest", "ffx");

203
test/saftest.c
View File

@@ -1,203 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_SAF
int main(int argc, char **argv)
{
printf("NO SAF support\n");
return 0;
}
#else
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/rand.h>
# include <openssl/gmsaf.h>
int test_saf_base64(int verbose)
{
int ret = SAR_UnknownErr;
/* sizeof(buf1)%3 == 1 makes base64 ended with "==" */
unsigned char buf1[121];
unsigned char buf2[512];
unsigned char buf3[512];
unsigned int len1, len2, len3;
/* generate some random binary for testing */
RAND_bytes(buf1, sizeof(buf1));
memset(buf2, 0, sizeof(buf2));
memset(buf3, 0, sizeof(buf3));
len1 = (unsigned int)sizeof(buf1);
len2 = (unsigned int)sizeof(buf2);
if ((ret = SAF_Base64_Encode(buf1, len1, buf2, &len2)) != SAR_Ok) {
ERR_print_errors_fp(stderr);
goto end;
}
if (verbose) {
printf("%s\n", buf2);
}
len3 = sizeof(buf3);
if ((ret = SAF_Base64_Decode(buf2, len2, buf3, &len3)) != SAR_Ok) {
ERR_print_errors_fp(stderr);
goto end;
}
/* check correctness */
if (len1 == len3 && memcmp(buf1, buf3, len1) == 0) {
ret = SAR_Ok;
} else {
/* make sure to assign `ret`, or it might be set as OK by
* previous functions */
ret = SAR_UnknownErr;
}
end:
if (verbose) {
printf("%s %s\n", __FUNCTION__,
ret == SAR_Ok ? "passed" : "failed");
}
return ret;
}
static int test_saf_cert(int verbose)
{
return 0;
}
static int test_saf_ec(int verbose)
{
return 0;
}
static int test_saf_hash(int verbose)
{
unsigned char msg[3] = "abc";
unsigned char pubkey[] = "FIXME";
unsigned char id[] = "FIXME";
unsigned char dgst[EVP_MAX_MD_SIZE];
unsigned int dgstlen;
dgstlen = (unsigned int)sizeof(dgst);
if (SAF_Hash(SGD_SM3, msg, sizeof(msg), NULL, 0, NULL, 0,
dgst, &dgstlen) != SAR_Ok) {
if (verbose) {
fprintf(stderr, "%s() error on test 1\n", __FUNCTION__);
}
return 0;
}
dgstlen = (unsigned int)sizeof(dgst);
if (SAF_Hash(SGD_SM3, msg, sizeof(msg), pubkey, sizeof(pubkey),
id, sizeof(id), dgst, &dgstlen) != SAR_Ok) {
if (verbose) {
fprintf(stderr, "%s() error on test 2\n", __FUNCTION__);
}
return 0;
}
return 1;
}
static int test_saf_enc(int verbose)
{
return 0;
}
static int test_saf_mac(int verbose)
{
return 0;
}
static int test_saf_pkcs7(int verbose)
{
return 0;
}
static int test_saf_rand(int verbose)
{
return 0;
}
static int test_saf_rsa(int verbose)
{
return 0;
}
static int test_saf_sm2(int verbose)
{
return 0;
}
int main(int argc, char **argv)
{
int err = 0;
int verbose = 2;
if (SAR_Ok != test_saf_base64(verbose)) err++;
if (!test_saf_cert(verbose)) err++;
if (!test_saf_ec(verbose)) err++;
if (!test_saf_enc(verbose)) err++;
if (!test_saf_hash(verbose)) err++;
if (!test_saf_mac(verbose)) err++;
if (!test_saf_pkcs7(verbose)) err++;
if (!test_saf_rand(verbose)) err++;
if (!test_saf_rsa(verbose)) err++;
if (!test_saf_sm2(verbose)) err++;
//FIXME: return err;
return 0;
}
#endif

174
test/serpenttest.c
View File

@@ -1,174 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* ======================
* test unit for serpent-256
* Odzhan
*========================
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/e_os2.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_SERPENT
int main(int argc, char **argv)
{
printf("No Serpent support\n");
return 0;
}
#else
#include <ctype.h>
#include <openssl/serpent.h>
char *plain[] =
{ "3DA46FFA6F4D6F30CD258333E5A61369" };
char *keys[] =
{ "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
};
char *cipher[] =
{ "00112233445566778899AABBCCDDEEFF" };
size_t hex2bin(void *bin, char hex[]) {
size_t len, i;
int x;
uint8_t *p = (uint8_t*)bin;
len = strlen(hex);
if ((len & 1) != 0) {
return 0;
}
for (i = 0; i<len; i++) {
if (isxdigit((int)hex[i]) == 0) {
return 0;
}
}
for (i = 0; i<len / 2; i++) {
sscanf(&hex[i * 2], "%2x", &x);
p[i] = (uint8_t)x;
}
return len / 2;
}
void dump_hex(char *s, uint8_t bin[], int len)
{
int i;
printf("\n%s=", s);
for (i = 0; i<len; i++) {
printf("%02x", bin[i]);
}
}
int main(void)
{
uint8_t ct1[32], pt1[32], pt2[32], key[64];
int klen, plen, clen, i, j;
serpent_key_t skey;
serpent_blk ct2;
uint32_t *p;
printf("\nserpent-256 test\n");
for (i = 0; i<sizeof(keys) / sizeof(char*); i++) {
clen = hex2bin(ct1, cipher[i]);
plen = hex2bin(pt1, plain[i]);
klen = hex2bin(key, keys[i]);
/* set key */
memset(&skey, 0, sizeof(skey));
p = (uint32_t*)&skey.x[0][0];
serpent_set_encrypt_key(&skey, key);
printf("\nkey=");
for (j = 0; j<sizeof(skey) / sizeof(serpent_subkey_t) * 4; j++) {
if ((j % 8) == 0)
putchar('\n');
printf("%08X ", p[j]);
}
/* encrypt */
memcpy(ct2.b, pt1, SERPENT_BLOCK_SIZE);
printf("\n\n");
dump_hex("plaintext", ct2.b, 16);
serpent_encrypt(pt1,ct2.b, &skey);
dump_hex("ciphertext", ct2.b, 16);
if (memcmp(ct1, ct2.b, clen) == 0) {
printf("\nEncryption OK");
serpent_decrypt(ct2.b,pt1, &skey);
if (memcmp(pt1, ct2.b, plen) == 0) {
printf("\nDecryption OK");
dump_hex("plaintext", ct2.b, 16);
}
else {
printf("\nDecryption failed");
}
}
else {
printf("\nEncryption failed");
}
}
return 0;
}
#endif

69
test/softest.c
View File

@@ -1,69 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_SOF
int main(int argc, char **argv)
{
printf("NO SOF support\n");
return 0;
}
#else
# include <openssl/evp.h>
int main(int argc, char **argv)
{
int err = 0;
return err;
}
#endif

130
test/specktest.c
View File

@@ -1,130 +0,0 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_SPECK
int main(int argc, char **argv)
{
printf("No SPECK support\n");
return 0;
}
#else
# include <openssl/e_os2.h>
# include <openssl/speck.h>
# include <openssl/evp.h>
int main(int argc, char** argv)
{
int sum = 0;
uint16_t key16[4] = { 0x0100, 0x0908, 0x1110, 0x1918 };
uint16_t plain16[2] = { 0x694c, 0x6574 };
uint16_t enc16[2] = { 0x42f2, 0xa868 };
uint32_t key32[4] = { 0x03020100, 0x0b0a0908, 0x13121110, 0x1b1a1918 };
uint32_t plain32[2] = { 0x7475432d, 0x3b726574 };
uint32_t enc32[2] = { 0x454e028b, 0x8c6fa548 };
uint64_t key64[4] = { 0x0706050403020100, 0x0f0e0d0c0b0a0908, 0x1716151413121110, 0x1f1e1d1c1b1a1918 };
uint64_t plain64[2] = { 0x202e72656e6f6f70, 0x65736f6874206e49 };
uint64_t enc64[2] = { 0x4eeeb48d9c188f43, 0x4109010405c0f53e };
uint16_t buffer[2] = { 0 };
uint16_t exp[SPECK_ROUNDS16];
uint32_t exp32[SPECK_ROUNDS32];
uint32_t buffer32[2] = { 0 };
uint64_t exp64[SPECK_ROUNDS64];
uint64_t buffer64[2] = { 0 };
speck_set_encrypt_key16(key16, exp);
speck_encrypt16(plain16, buffer, exp);
if (memcmp(buffer, enc16, sizeof(enc16))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
speck_decrypt16(enc16, buffer, exp);
if (memcmp(buffer, plain16, sizeof(enc16))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
speck_set_encrypt_key32(key32, exp32);
speck_encrypt32(plain32, buffer32, exp32);
if (memcmp(buffer, enc32, sizeof(enc32))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
speck_decrypt32(enc32, buffer32, exp32);
if (memcmp(buffer32, plain32, sizeof(enc32))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
speck_set_encrypt_key64(key64, exp64);
speck_encrypt64(plain64, buffer64, exp64);
if (memcmp(buffer64, enc64, sizeof(enc64))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
speck_decrypt64(enc64, buffer64, exp64);
if (memcmp(buffer64, plain64, sizeof(enc64))) {
fprintf(stderr, "%s %d: speck error\n", __FILE__, __LINE__);
sum++;
}
return sum;
}
#endif

4751
util/libcrypto.num
View File

File diff suppressed because it is too large Load Diff

411
util/libssl.num
View File

@@ -0,0 +1,411 @@
SSL_rstate_string 1 1_1_0d EXIST::FUNCTION:
SSL_add_ssl_module 2 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_cert_store 3 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_id 4 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_verify 5 1_1_0d EXIST::FUNCTION:
DTLSv1_2_client_method 6 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
SRP_Calc_A_param 7 1_1_0d EXIST::FUNCTION:SRP
SSL_set_connect_state 8 1_1_0d EXIST::FUNCTION:
SSL_SESSION_set1_id 9 1_1_0d EXIST::FUNCTION:
SSL_get_cipher_list 10 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_read_buffer_len 11 1_1_0d EXIST::FUNCTION:
SSL_get_client_CA_list 12 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_RSAPrivateKey_file 13 1_1_0d EXIST::FUNCTION:RSA
SSL_set0_rbio 14 1_1_0d EXIST::FUNCTION:
SSL_get_shutdown 15 1_1_0d EXIST::FUNCTION:
SSL_alert_desc_string 16 1_1_0d EXIST::FUNCTION:
TLS_client_method 17 1_1_0d EXIST::FUNCTION:
SSL_set_verify_depth 18 1_1_0d EXIST::FUNCTION:
SSL_get_info_callback 19 1_1_0d EXIST::FUNCTION:
SSL_get_default_passwd_cb 20 1_1_0d EXIST::FUNCTION:
SSL_use_PrivateKey_ASN1 21 1_1_0d EXIST::FUNCTION:
SSL_get_client_random 22 1_1_0d EXIST::FUNCTION:
SSL_get0_alpn_selected 23 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get0_cipher 24 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_ciphers 25 1_1_0d EXIST::FUNCTION:
SSL_CTX_flush_sessions 26 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_client_cert_cb 27 1_1_0d EXIST::FUNCTION:
SSL_is_gmtls 28 1_1_0d EXIST::FUNCTION:
SSL_get0_peer_scts 29 1_1_0d EXIST::FUNCTION:CT
SSL_CTX_clear_options 30 1_1_0d EXIST::FUNCTION:
SSL_CTX_free 31 1_1_0d EXIST::FUNCTION:
SSL_set_SSL_CTX 32 1_1_0d EXIST::FUNCTION:
DTLSv1_client_method 33 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_CTX_ct_is_enabled 34 1_1_0d EXIST::FUNCTION:CT
OPENSSL_init_ssl 35 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_ex_data 36 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_cookie_generate_cb 37 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_certificate_chain_file 38 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_verify_paths 39 1_1_0d EXIST::FUNCTION:
SSL_CTX_sess_set_get_cb 40 1_1_0d EXIST::FUNCTION:
GMTLS_client_method 41 1_1_0d EXIST::FUNCTION:GMTLS
SSL_add1_host 42 1_1_0d EXIST::FUNCTION:
SSL_dup_CA_list 43 1_1_0d EXIST::FUNCTION:
SSL_get_verify_callback 44 1_1_0d EXIST::FUNCTION:
SSL_get_current_compression 45 1_1_0d EXIST::FUNCTION:
SSL_alert_type_string_long 46 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_trust 47 1_1_0d EXIST::FUNCTION:
SSL_CTX_up_ref 48 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_alpn_select_cb 49 1_1_0d EXIST::FUNCTION:
SSL_get_security_callback 50 1_1_0d EXIST::FUNCTION:
DTLSv1_listen 51 1_1_0d EXIST::FUNCTION:SOCK
SSL_CTX_get0_certificate 52 1_1_0d EXIST::FUNCTION:
SSL_set_default_passwd_cb 53 1_1_0d EXIST::FUNCTION:
SSL_waiting_for_async 54 1_1_0d EXIST::FUNCTION:
SSL_set_options 55 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_kx_nid 56 1_1_0d EXIST::FUNCTION:
SSL_dane_enable 57 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_quiet_shutdown 58 1_1_0d EXIST::FUNCTION:
SSL_srp_server_param_with_username 59 1_1_0d EXIST::FUNCTION:SRP
SSL_get_state 60 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_certificate 61 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_client_cert_engine 62 1_1_0d EXIST::FUNCTION:ENGINE
SSL_get_current_expansion 63 1_1_0d EXIST::FUNCTION:
TLSv1_1_method 64 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
SSL_CTX_get0_security_ex_data 65 1_1_0d EXIST::FUNCTION:
SSLv3_server_method 66 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_set_debug 67 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0
d2i_SSL_SESSION 68 1_1_0d EXIST::FUNCTION:
SSL_use_psk_identity_hint 69 1_1_0d EXIST::FUNCTION:PSK
SSL_set_info_callback 70 1_1_0d EXIST::FUNCTION:
SSL_get_servername 71 1_1_0d EXIST::FUNCTION:
SSL_CTX_enable_ct 72 1_1_0d EXIST::FUNCTION:CT
DTLS_client_method 73 1_1_0d EXIST::FUNCTION:
SSL_set0_security_ex_data 74 1_1_0d EXIST::FUNCTION:
SSL_in_init 75 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_verify_dir 76 1_1_0d EXIST::FUNCTION:
SSL_get0_param 77 1_1_0d EXIST::FUNCTION:
SSL_get_server_random 78 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_verify_depth 79 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_description 80 1_1_0d EXIST::FUNCTION:
SSL_pending 81 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_next_protos_advertised_cb 82 1_1_0d EXIST::FUNCTION:NEXTPROTONEG
BIO_ssl_shutdown 83 1_1_0d EXIST::FUNCTION:
TLSv1_client_method 84 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
SSL_CTX_set_client_CA_list 85 1_1_0d EXIST::FUNCTION:
SSL_CONF_CTX_finish 86 1_1_0d EXIST::FUNCTION:
SSL_rstate_string_long 87 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_cb_arg 88 1_1_0d EXIST::FUNCTION:SRP
SSL_CIPHER_find 89 1_1_0d EXIST::FUNCTION:
SSL_set_security_level 90 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_psk_client_callback 91 1_1_0d EXIST::FUNCTION:PSK
SSL_add_dir_cert_subjects_to_stack 92 1_1_0d EXIST::FUNCTION:
SSL_get_client_ciphers 93 1_1_0d EXIST::FUNCTION:
DTLSv1_2_method 94 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
DTLSv1_method 95 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_set_cipher_list 96 1_1_0d EXIST::FUNCTION:
SSL_CTX_add_client_CA 97 1_1_0d EXIST::FUNCTION:
SSL_is_init_finished 98 1_1_0d EXIST::FUNCTION:
PEM_write_SSL_SESSION 99 1_1_0d EXIST::FUNCTION:STDIO
SSL_SESSION_print 100 1_1_0d EXIST::FUNCTION:
SSL_CTX_get0_ctlog_store 101 1_1_0d EXIST::FUNCTION:CT
SSL_set_session_secret_cb 102 1_1_0d EXIST::FUNCTION:
SSL_set_cert_cb 103 1_1_0d EXIST::FUNCTION:
SSL_is_dtls 104 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_psk_server_callback 105 1_1_0d EXIST::FUNCTION:PSK
SSL_check_private_key 106 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get0_id_context 107 1_1_0d EXIST::FUNCTION:
SSL_get_sigalgs 108 1_1_0d EXIST::FUNCTION:
SSL_CTX_dane_set_flags 109 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get0_hostname 110 1_1_0d EXIST::FUNCTION:
SSL_COMP_get_name 111 1_1_0d EXIST::FUNCTION:
SSL_set_verify 112 1_1_0d EXIST::FUNCTION:
TLSv1_1_client_method 113 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
SSL_add_file_cert_subjects_to_stack 114 1_1_0d EXIST::FUNCTION:
SSL_set_security_callback 115 1_1_0d EXIST::FUNCTION:
SSL_get_servername_type 116 1_1_0d EXIST::FUNCTION:
SSL_get_peer_cert_chain 117 1_1_0d EXIST::FUNCTION:
SSL_COMP_get_id 118 1_1_0d EXIST::FUNCTION:
SSL_CTX_sess_set_new_cb 119 1_1_0d EXIST::FUNCTION:
SSL_get_verify_result 120 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_ct_validation_callback 121 1_1_0d EXIST::FUNCTION:CT
SSL_SESSION_set_timeout 122 1_1_0d EXIST::FUNCTION:
PEM_read_SSL_SESSION 123 1_1_0d EXIST::FUNCTION:STDIO
SSL_get_srp_userinfo 124 1_1_0d EXIST::FUNCTION:SRP
SSL_accept 125 1_1_0d EXIST::FUNCTION:
SSL_get_wfd 126 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_quiet_shutdown 127 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_certificate_file 128 1_1_0d EXIST::FUNCTION:
TLSv1_2_server_method 129 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
SSL_set_session_id_context 130 1_1_0d EXIST::FUNCTION:
SSL_connect 131 1_1_0d EXIST::FUNCTION:
DTLSv1_server_method 132 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_METHOD
SSL_set_session_ticket_ext_cb 133 1_1_0d EXIST::FUNCTION:
DTLSv1_2_server_method 134 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,DTLS1_2_METHOD
SSL_COMP_set0_compression_methods 135 1_1_0d EXIST::FUNCTION:
TLS_server_method 136 1_1_0d EXIST::FUNCTION:
SSL_get0_security_ex_data 137 1_1_0d EXIST::FUNCTION:
SSL_get_version 138 1_1_0d EXIST::FUNCTION:
SSL_get_ciphers 139 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_protocol_version 140 1_1_0d EXIST::FUNCTION:
SSLv3_method 141 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_dup 142 1_1_0d EXIST::FUNCTION:
SSL_get1_supported_ciphers 143 1_1_0d EXIST::FUNCTION:
SSL_CONF_CTX_clear_flags 144 1_1_0d EXIST::FUNCTION:
SSL_CTX_sess_set_remove_cb 145 1_1_0d EXIST::FUNCTION:
SSL_set_shutdown 146 1_1_0d EXIST::FUNCTION:
SSL_use_PrivateKey 147 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_default_passwd_cb_userdata 148 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_master_key 149 1_1_0d EXIST::FUNCTION:
SSL_set_quiet_shutdown 150 1_1_0d EXIST::FUNCTION:
SSL_COMP_get0_name 151 1_1_0d EXIST::FUNCTION:
SSL_SESSION_set_time 152 1_1_0d EXIST::FUNCTION:
SSL_state_string 153 1_1_0d EXIST::FUNCTION:
SSL_set_fd 154 1_1_0d EXIST::FUNCTION:SOCK
SSL_get_current_cipher 155 1_1_0d EXIST::FUNCTION:
SSL_set_hostflags 156 1_1_0d EXIST::FUNCTION:
SSL_CTX_set1_param 157 1_1_0d EXIST::FUNCTION:
SSL_CTX_set0_ctlog_store 158 1_1_0d EXIST::FUNCTION:CT
SSL_CONF_CTX_set_ssl_ctx 159 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_version 160 1_1_0d EXIST::FUNCTION:
DTLS_method 161 1_1_0d EXIST::FUNCTION:
SSL_get_shared_sigalgs 162 1_1_0d EXIST::FUNCTION:
GMTLS_method 163 1_1_0d EXIST::FUNCTION:GMTLS
SSL_use_RSAPrivateKey_ASN1 164 1_1_0d EXIST::FUNCTION:RSA
SSL_CIPHER_get_auth_nid 165 1_1_0d EXIST::FUNCTION:
SSL_CTX_sessions 166 1_1_0d EXIST::FUNCTION:
SSL_get_srp_username 167 1_1_0d EXIST::FUNCTION:SRP
SSL_session_reused 168 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_ssl_method 169 1_1_0d EXIST::FUNCTION:
SSL_CTX_dane_mtype_set 170 1_1_0d EXIST::FUNCTION:
SSL_CTX_add_server_custom_ext 171 1_1_0d EXIST::FUNCTION:
TLSv1_2_client_method 172 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
SSL_get_srtp_profiles 173 1_1_0d EXIST::FUNCTION:SRTP
SSL_get_all_async_fds 174 1_1_0d EXIST::FUNCTION:
SSL_CTX_sess_get_new_cb 175 1_1_0d EXIST::FUNCTION:
SSL_clear 176 1_1_0d EXIST::FUNCTION:
SSL_renegotiate_pending 177 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_username_callback 178 1_1_0d EXIST::FUNCTION:SRP
SSL_set_session_ticket_ext 179 1_1_0d EXIST::FUNCTION:
SSL_SESSION_new 180 1_1_0d EXIST::FUNCTION:
SSL_SRP_CTX_init 181 1_1_0d EXIST::FUNCTION:SRP
SSL_SESSION_print_keylog 182 1_1_0d EXIST::FUNCTION:
SSL_set1_param 183 1_1_0d EXIST::FUNCTION:
TLSv1_2_method 184 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_2_METHOD
SSL_CTX_get_client_cert_cb 185 1_1_0d EXIST::FUNCTION:
SSL_SESSION_print_fp 186 1_1_0d EXIST::FUNCTION:STDIO
TLS_method 187 1_1_0d EXIST::FUNCTION:
SSL_get_rfd 188 1_1_0d EXIST::FUNCTION:
SSL_set_read_ahead 189 1_1_0d EXIST::FUNCTION:
SSL_CTX_load_verify_locations 190 1_1_0d EXIST::FUNCTION:
SSL_extension_supported 191 1_1_0d EXIST::FUNCTION:
SSL_set_ssl_method 192 1_1_0d EXIST::FUNCTION:
SSL_get0_dane 193 1_1_0d EXIST::FUNCTION:
SSL_CTX_get0_param 194 1_1_0d EXIST::FUNCTION:
SSL_free 195 1_1_0d EXIST::FUNCTION:
TLSv1_server_method 196 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
SSL_CIPHER_get_digest_nid 197 1_1_0d EXIST::FUNCTION:
SSL_get_privatekey 198 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_name 199 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_verify_mode 200 1_1_0d EXIST::FUNCTION:
BIO_ssl_copy_session_id 201 1_1_0d EXIST::FUNCTION:
SSL_write 202 1_1_0d EXIST::FUNCTION:
SSL_SESSION_free 203 1_1_0d EXIST::FUNCTION:
BIO_new_ssl 204 1_1_0d EXIST::FUNCTION:
SSL_get_changed_async_fds 205 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_ex_data 206 1_1_0d EXIST::FUNCTION:
SSL_get0_dane_authority 207 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_timeout 208 1_1_0d EXIST::FUNCTION:
SSL_CONF_cmd_argv 209 1_1_0d EXIST::FUNCTION:
SSL_ct_is_enabled 210 1_1_0d EXIST::FUNCTION:CT
SSL_get_rbio 211 1_1_0d EXIST::FUNCTION:
SSL_test_functions 212 1_1_0d EXIST::FUNCTION:UNIT_TEST
SSL_set_msg_callback 213 1_1_0d EXIST::FUNCTION:
SSL_in_before 214 1_1_0d EXIST::FUNCTION:
TLSv1_method 215 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_METHOD
SSL_get_psk_identity 216 1_1_0d EXIST::FUNCTION:PSK
SSL_do_handshake 217 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_default_passwd_cb 218 1_1_0d EXIST::FUNCTION:
SSL_load_client_CA_file 219 1_1_0d EXIST::FUNCTION:
SSL_shutdown 220 1_1_0d EXIST::FUNCTION:
SSL_set0_wbio 221 1_1_0d EXIST::FUNCTION:
SSL_select_next_proto 222 1_1_0d EXIST::FUNCTION:
BIO_new_buffer_ssl_connect 223 1_1_0d EXIST::FUNCTION:
SSL_set_client_CA_list 224 1_1_0d EXIST::FUNCTION:
SSL_get_fd 225 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_bits 226 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_session_id_context 227 1_1_0d EXIST::FUNCTION:
SSL_set_tlsext_use_srtp 228 1_1_0d EXIST::FUNCTION:SRTP
SSL_get_selected_srtp_profile 229 1_1_0d EXIST::FUNCTION:SRTP
SSL_set_tmp_dh_callback 230 1_1_0d EXIST::FUNCTION:DH
SSL_CTX_add_session 231 1_1_0d EXIST::FUNCTION:
SSL_get0_peername 232 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_passwd_cb_userdata 233 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_is_aead 234 1_1_0d EXIST::FUNCTION:
SSL_get_security_level 235 1_1_0d EXIST::FUNCTION:
SSL_config 236 1_1_0d EXIST::FUNCTION:
SSL_CTX_SRP_CTX_free 237 1_1_0d EXIST::FUNCTION:SRP
SSL_dane_tlsa_add 238 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_ex_data 239 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_purpose 240 1_1_0d EXIST::FUNCTION:
SSL_SESSION_has_ticket 241 1_1_0d EXIST::FUNCTION:
SSL_get_error 242 1_1_0d EXIST::FUNCTION:
SSL_has_matching_session_id 243 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_username 244 1_1_0d EXIST::FUNCTION:SRP
SSL_CTX_new 245 1_1_0d EXIST::FUNCTION:
SSL_ctrl 246 1_1_0d EXIST::FUNCTION:
SSL_set_purpose 247 1_1_0d EXIST::FUNCTION:
BIO_new_ssl_connect 248 1_1_0d EXIST::FUNCTION:
SSL_get_peer_certificate 249 1_1_0d EXIST::FUNCTION:
SSL_set_ex_data 250 1_1_0d EXIST::FUNCTION:
SSL_get_psk_identity_hint 251 1_1_0d EXIST::FUNCTION:PSK
SSL_CONF_cmd_value_type 252 1_1_0d EXIST::FUNCTION:
BIO_f_ssl 253 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_timeout 254 1_1_0d EXIST::FUNCTION:
SSL_use_certificate 255 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get0_peer 256 1_1_0d EXIST::FUNCTION:
SSL_get_ex_data_X509_STORE_CTX_idx 257 1_1_0d EXIST::FUNCTION:
SSL_dane_set_flags 258 1_1_0d EXIST::FUNCTION:
SSL_set_accept_state 259 1_1_0d EXIST::FUNCTION:
SSL_set_session 260 1_1_0d EXIST::FUNCTION:
SSL_check_chain 261 1_1_0d EXIST::FUNCTION:
SSL_state_string_long 262 1_1_0d EXIST::FUNCTION:
SSL_get_ssl_method 263 1_1_0d EXIST::FUNCTION:
SSL_get_quiet_shutdown 264 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_standard_name 265 1_1_0d EXIST::FUNCTION:SSL_TRACE
SSL_get_srp_N 266 1_1_0d EXIST::FUNCTION:SRP
SSL_client_version 267 1_1_0d EXIST::FUNCTION:
SSL_get_default_passwd_cb_userdata 268 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_options 269 1_1_0d EXIST::FUNCTION:
SSL_get1_session 270 1_1_0d EXIST::FUNCTION:
SSL_use_certificate_ASN1 271 1_1_0d EXIST::FUNCTION:
SSL_CTX_has_client_custom_ext 272 1_1_0d EXIST::FUNCTION:
SSL_trace 273 1_1_0d EXIST::FUNCTION:SSL_TRACE
SSL_set_rfd 274 1_1_0d EXIST::FUNCTION:SOCK
SSL_CTX_set_cert_verify_callback 275 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_PrivateKey_file 276 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_info_callback 277 1_1_0d EXIST::FUNCTION:
SSL_set_verify_result 278 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_strength 279 1_1_0d EXIST::FUNCTION:SRP
SSL_CTX_use_PrivateKey_ASN1 280 1_1_0d EXIST::FUNCTION:
i2d_SSL_SESSION 281 1_1_0d EXIST::FUNCTION:
SSL_set_srp_server_param_pw 282 1_1_0d EXIST::FUNCTION:SRP
SSL_set_default_passwd_cb_userdata 283 1_1_0d EXIST::FUNCTION:
SSL_CONF_CTX_set_flags 284 1_1_0d EXIST::FUNCTION:
SSL_is_server 285 1_1_0d EXIST::FUNCTION:
SSL_get0_verified_chain 286 1_1_0d EXIST::FUNCTION:
SSL_up_ref 287 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_time 288 1_1_0d EXIST::FUNCTION:
SSL_get_verify_depth 289 1_1_0d EXIST::FUNCTION:
SSL_get_ex_data 290 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_serverinfo 291 1_1_0d EXIST::FUNCTION:
SSL_read 292 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_next_proto_select_cb 293 1_1_0d EXIST::FUNCTION:NEXTPROTONEG
SSL_set_generate_session_id 294 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_client_pwd_callback 295 1_1_0d EXIST::FUNCTION:SRP
SSL_CTX_set_timeout 296 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_cipher_list 297 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_ctlog_list_file 298 1_1_0d EXIST::FUNCTION:CT
SSL_CTX_set_cookie_verify_cb 299 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_security_level 300 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_tmp_dh_callback 301 1_1_0d EXIST::FUNCTION:DH
SSL_new 302 1_1_0d EXIST::FUNCTION:
SSL_CTX_set0_security_ex_data 303 1_1_0d EXIST::FUNCTION:
PEM_read_bio_SSL_SESSION 304 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_ticket_lifetime_hint 305 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_not_resumable_session_callback 306 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_verify_depth 307 1_1_0d EXIST::FUNCTION:
SSL_CTX_SRP_CTX_init 308 1_1_0d EXIST::FUNCTION:SRP
SSL_callback_ctrl 309 1_1_0d EXIST::FUNCTION:
SSL_use_certificate_file 310 1_1_0d EXIST::FUNCTION:
SSL_SESSION_up_ref 311 1_1_0d EXIST::FUNCTION:
SSL_set_psk_server_callback 312 1_1_0d EXIST::FUNCTION:PSK
SSL_CTX_set_cert_cb 313 1_1_0d EXIST::FUNCTION:
SSL_certs_clear 314 1_1_0d EXIST::FUNCTION:
SSL_CTX_get0_privatekey 315 1_1_0d EXIST::FUNCTION:
SSL_set_wfd 316 1_1_0d EXIST::FUNCTION:SOCK
SSL_CTX_set_srp_verify_param_callback 317 1_1_0d EXIST::FUNCTION:SRP
SSL_get_peer_finished 318 1_1_0d EXIST::FUNCTION:
SSL_CONF_cmd 319 1_1_0d EXIST::FUNCTION:
SSL_alert_type_string 320 1_1_0d EXIST::FUNCTION:
SSL_get0_dane_tlsa 321 1_1_0d EXIST::FUNCTION:
PEM_write_bio_SSL_SESSION 322 1_1_0d EXIST::FUNCTION:
SSL_COMP_add_compression_method 323 1_1_0d EXIST::FUNCTION:
SSL_get_shared_ciphers 324 1_1_0d EXIST::FUNCTION:
ERR_load_SSL_strings 325 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_default_verify_file 326 1_1_0d EXIST::FUNCTION:
SSL_CTX_sess_get_get_cb 327 1_1_0d EXIST::FUNCTION:
SSL_use_certificate_chain_file 328 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_certificate_ASN1 329 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_security_callback 330 1_1_0d EXIST::FUNCTION:
SSL_CTX_remove_session 331 1_1_0d EXIST::FUNCTION:
SSL_get_default_timeout 332 1_1_0d EXIST::FUNCTION:
SSL_set_srp_server_param 333 1_1_0d EXIST::FUNCTION:SRP
SSL_SESSION_set1_id_context 334 1_1_0d EXIST::FUNCTION:
SSL_CONF_CTX_free 335 1_1_0d EXIST::FUNCTION:
SSL_set_alpn_protos 336 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_compress_id 337 1_1_0d EXIST::FUNCTION:
TLSv1_1_server_method 338 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,TLS1_1_METHOD
SSL_CONF_CTX_set_ssl 339 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_alpn_protos 340 1_1_0d EXIST::FUNCTION:
SSL_CTX_callback_ctrl 341 1_1_0d EXIST::FUNCTION:
SSL_CTX_config 342 1_1_0d EXIST::FUNCTION:
SSL_renegotiate_abbreviated 343 1_1_0d EXIST::FUNCTION:
SSL_CONF_CTX_new 344 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_verify_callback 345 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_serverinfo_file 346 1_1_0d EXIST::FUNCTION:
SSL_set_bio 347 1_1_0d EXIST::FUNCTION:
SSL_peek 348 1_1_0d EXIST::FUNCTION:
SSL_COMP_get_compression_methods 349 1_1_0d EXIST::FUNCTION:
SSL_SRP_CTX_free 350 1_1_0d EXIST::FUNCTION:SRP
SSL_get_wbio 351 1_1_0d EXIST::FUNCTION:
SSL_use_PrivateKey_file 352 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get0_ticket 353 1_1_0d EXIST::FUNCTION:
SSL_use_RSAPrivateKey 354 1_1_0d EXIST::FUNCTION:RSA
SSL_CTX_ctrl 355 1_1_0d EXIST::FUNCTION:
SSL_set_ct_validation_callback 356 1_1_0d EXIST::FUNCTION:CT
SSL_set_not_resumable_session_callback 357 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_security_level 358 1_1_0d EXIST::FUNCTION:
SSL_copy_session_id 359 1_1_0d EXIST::FUNCTION:
SSL_CIPHER_get_cipher_nid 360 1_1_0d EXIST::FUNCTION:
SSL_get_finished 361 1_1_0d EXIST::FUNCTION:
SSL_clear_options 362 1_1_0d EXIST::FUNCTION:
SSL_enable_ct 363 1_1_0d EXIST::FUNCTION:CT
SSL_CTX_set_tlsext_use_srtp 364 1_1_0d EXIST::FUNCTION:SRTP
SSL_get_session 365 1_1_0d EXIST::FUNCTION:
SSL_set1_host 366 1_1_0d EXIST::FUNCTION:
SSL_CTX_check_private_key 367 1_1_0d EXIST::FUNCTION:
SSL_SESSION_set_ex_data 368 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_security_callback 369 1_1_0d EXIST::FUNCTION:
SSL_CTX_dane_enable 370 1_1_0d EXIST::FUNCTION:
SSL_get_certificate 371 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_client_CA_list 372 1_1_0d EXIST::FUNCTION:
SSLv3_client_method 373 1_1_0d EXIST::FUNCTION:DEPRECATEDIN_1_1_0,SSL3_METHOD
SSL_get_srp_g 374 1_1_0d EXIST::FUNCTION:SRP
SSL_CTX_use_RSAPrivateKey_ASN1 375 1_1_0d EXIST::FUNCTION:RSA
SSL_alert_desc_string_long 376 1_1_0d EXIST::FUNCTION:
SSL_SESSION_get_id 377 1_1_0d EXIST::FUNCTION:
SSL_CTX_add_client_custom_ext 378 1_1_0d EXIST::FUNCTION:
SSL_get_options 379 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_options 380 1_1_0d EXIST::FUNCTION:
SSL_renegotiate 381 1_1_0d EXIST::FUNCTION:
SSL_use_RSAPrivateKey_file 382 1_1_0d EXIST::FUNCTION:RSA
SSL_CONF_CTX_set1_prefix 383 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_srp_password 384 1_1_0d EXIST::FUNCTION:SRP
SSL_add_client_CA 385 1_1_0d EXIST::FUNCTION:
SSL_set_default_read_buffer_len 386 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_info_callback 387 1_1_0d EXIST::FUNCTION:
SSL_set_psk_client_callback 388 1_1_0d EXIST::FUNCTION:PSK
SSL_CTX_set_default_passwd_cb 389 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_ssl_version 390 1_1_0d EXIST::FUNCTION:
SSL_get_verify_mode 391 1_1_0d EXIST::FUNCTION:
DTLS_server_method 392 1_1_0d EXIST::FUNCTION:
SSL_dane_clear_flags 393 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_PrivateKey 394 1_1_0d EXIST::FUNCTION:
SSL_CTX_get_cert_store 395 1_1_0d EXIST::FUNCTION:
SSL_set_trust 396 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_RSAPrivateKey 397 1_1_0d EXIST::FUNCTION:RSA
SSL_get_SSL_CTX 398 1_1_0d EXIST::FUNCTION:
SSL_want 399 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_ctlog_list_file 400 1_1_0d EXIST::FUNCTION:CT
SSL_CTX_sess_get_remove_cb 401 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_generate_session_id 402 1_1_0d EXIST::FUNCTION:
SSL_CTX_use_psk_identity_hint 403 1_1_0d EXIST::FUNCTION:PSK
SSL_get_read_ahead 404 1_1_0d EXIST::FUNCTION:
SSL_CTX_set_msg_callback 405 1_1_0d EXIST::FUNCTION:
SSL_export_keying_material 406 1_1_0d EXIST::FUNCTION:
SSL_get0_next_proto_negotiated 407 1_1_0d EXIST::FUNCTION:NEXTPROTONEG
GMTLS_server_method 408 1_1_0d EXIST::FUNCTION:GMTLS
SSL_version 409 1_1_0d EXIST::FUNCTION:
SSL_CTX_dane_clear_flags 410 1_1_0d EXIST::FUNCTION:
SSL_has_pending 411 1_1_0d EXIST::FUNCTION:

16
util/mkdef.pl
View File

@@ -133,8 +133,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# APPLINK (win build feature?)
"APPLINK",
# GmSSL
"SM3", "SMS4", "KDF2", "ECIES", "FFX", "SM2", "PAILLIER", "OTP", "GMAPI", "EC2",
"BFIBE", "BB1IBE", "SM9", "SDF", "SKF", "ZUC", "SERPENT", "SPECK", "BASE58",
"SM3", "SMS4", "KDF2", "ECIES", "SM2", "PAILLIER", "OTP", "GMAPI",
"SM9", "SDF", "SKF", "ZUC", "BASE58",
"GMTLS", "GMTLS_METHOD", "CA", "MACRO", "ASYNC"
);
@@ -312,23 +312,13 @@ $crypto.=" include/openssl/async.h";
$crypto.=" include/openssl/ct.h";
$crypto.=" include/openssl/kdf.h";
# GmSSL
$crypto.=" include/openssl/bb1ibe.h";
$crypto.=" include/openssl/bfibe.h";
$crypto.=" include/openssl/bn_gfp2.h";
$crypto.=" include/openssl/bn_hash.h";
$crypto.=" include/openssl/bn_solinas.h";
$crypto.=" include/openssl/ec_hash.h";
$crypto.=" include/openssl/ec_type1.h";
$crypto.=" include/openssl/ecies.h";
$crypto.=" include/openssl/ffx.h";
$crypto.=" include/openssl/fppoint.h";
$crypto.=" include/openssl/gmapi.h";
$crypto.=" include/openssl/gmsdf.h";
$crypto.=" include/openssl/gmskf.h";
$crypto.=" include/openssl/kdf2.h";
$crypto.=" include/openssl/otp.h";
$crypto.=" include/openssl/paillier.h";
$crypto.=" include/openssl/saf.h";
$crypto.=" include/openssl/sdf.h";
$crypto.=" include/openssl/sgd.h";
$crypto.=" include/openssl/skf.h";
@@ -339,8 +329,6 @@ $crypto.=" include/openssl/sm9.h";
$crypto.=" include/openssl/sms4.h";
$crypto.=" include/openssl/ssf33.h";
$crypto.=" include/openssl/zuc.h";
$crypto.=" include/openssl/serpent.h";
$crypto.=" include/openssl/speck.h";
my $symhacks="include/openssl/symhacks.h";