diff --git a/CMakeLists.txt b/CMakeLists.txt index 1d394d16..d05a6971 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -552,7 +552,7 @@ if (ENABLE_SDF) src/sdf/sdf_meth.c src/sdf/sdf_ext.c src/sdf/sdf_sansec.c) - list(APPEND tools tools/sdfinfo.c tools/sdfdigest.c tools/sdfexport.c tools/sdfsign.c tools/sdfencrypt.c tools/sdftest.c) + list(APPEND tools tools/sdfinfo.c tools/sdfdigest.c tools/sdfexport.c tools/sdfsign.c tools/sdfencrypt.c tools/sdfdecrypt.c tools/sdftest.c) endif() diff --git a/include/gmssl/sdf.h b/include/gmssl/sdf.h index 9967b84f..5ccce4ae 100644 --- a/include/gmssl/sdf.h +++ b/include/gmssl/sdf.h @@ -85,6 +85,7 @@ int sdf_sign_init(SDF_SIGN_CTX *ctx, const SDF_SIGN_KEY *key, const char *id, si int sdf_sign_update(SDF_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int sdf_sign_finish(SDF_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen); int sdf_sign_reset(SDF_SIGN_CTX *ctx); +int sdf_sm2_decrypt(const SDF_SIGN_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sdf_release_sign_key(SDF_SIGN_KEY *key); int sdf_close_device(SDF_DEVICE *dev); void sdf_unload_library(void); diff --git a/src/sdf/sdf.c b/src/sdf/sdf.c index a91382a8..73de3b57 100755 --- a/src/sdf/sdf.c +++ b/src/sdf/sdf.c @@ -19,20 +19,25 @@ #include "sdf_ext.h" -static int SDF_ECCrefPublicKey_to_SM2_Z256_POINT(const ECCrefPublicKey *ref, SM2_Z256_POINT *z256_point) -{ - static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - SM2_POINT point; +static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - if (ref->bits != 256) { - error_print(); - return -1; - } - if (memcmp(ref->x, zeros, sizeof(zeros)) != 0) { - error_print(); - return -1; - } - if (memcmp(ref->y, zeros, sizeof(zeros)) != 0) { +static void ECCrefPublicKey_from_SM2_Z256_POINT(ECCrefPublicKey *ref, const SM2_Z256_POINT *z256_point) +{ + SM2_POINT point; + sm2_z256_point_to_bytes(z256_point, (uint8_t *)&point); + ref->bits = 256; + memcpy(ref->x, zeros, sizeof(zeros)); + memcpy(ref->x + sizeof(zeros), point.x, 32); + memcpy(ref->y, zeros, sizeof(zeros)); + memcpy(ref->y + sizeof(zeros), point.y, 32); +} + +static int ECCrefPublicKey_to_SM2_Z256_POINT(const ECCrefPublicKey *ref, SM2_Z256_POINT *z256_point) +{ + SM2_POINT point; + if (ref->bits != 256 + || memcmp(ref->x, zeros, sizeof(zeros)) != 0 + || memcmp(ref->y, zeros, sizeof(zeros)) != 0) { error_print(); return -1; } @@ -42,26 +47,60 @@ static int SDF_ECCrefPublicKey_to_SM2_Z256_POINT(const ECCrefPublicKey *ref, SM2 error_print(); return -1; } - return SDR_OK; + return 1; } -static int SDF_ECCSignature_to_SM2_SIGNATURE(const ECCSignature *ref, SM2_SIGNATURE *sig) +static void ECCSignature_from_SM2_SIGNATURE(ECCSignature *ref, const SM2_SIGNATURE *sig) { - static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; + memcpy(ref->r, zeros, sizeof(zeros)); + memcpy(ref->r + sizeof(zeros), sig->r, 32); + memcpy(ref->s, zeros, sizeof(zeros)); + memcpy(ref->s + sizeof(zeros), sig->s, 32); +} - if (memcmp(ref->r, zeros, sizeof(zeros)) != 0) { - error_print(); - return -1; - } - if (memcmp(ref->s, zeros, sizeof(zeros)) != 0) { +static int ECCSignature_to_SM2_SIGNATURE(const ECCSignature *ref, SM2_SIGNATURE *sig) +{ + if (memcmp(ref->r, zeros, sizeof(zeros)) != 0 + || memcmp(ref->s, zeros, sizeof(zeros)) != 0) { error_print(); return -1; } memcpy(sig->r, ref->r + sizeof(zeros), 32); memcpy(sig->s, ref->s + sizeof(zeros), 32); - return SDR_OK; + return 1; } +static void ECCCipher_from_SM2_CIPHERTEXT(ECCCipher *eccCipher, const SM2_CIPHERTEXT *ciphertext) +{ + memcpy(eccCipher->x, zeros, sizeof(zeros)); + memcpy(eccCipher->x + sizeof(zeros), ciphertext->point.x, 32); + memcpy(eccCipher->y, zeros, sizeof(zeros)); + memcpy(eccCipher->y + sizeof(zeros), ciphertext->point.y, 32); + memcpy(eccCipher->M, ciphertext->hash, 32); + memcpy(eccCipher->C, ciphertext->ciphertext, ciphertext->ciphertext_size); + eccCipher->L = ciphertext->ciphertext_size; +} + +static int ECCCipher_to_SM2_CIPHERTEXT(const ECCCipher *eccCipher, SM2_CIPHERTEXT *ciphertext) +{ + static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; + if (eccCipher->L > SM2_MAX_PLAINTEXT_SIZE + || memcmp(eccCipher->x, zeros, sizeof(zeros)) != 0 + || memcmp(eccCipher->y, zeros, sizeof(zeros)) != 0) { + error_print(); + return -1; + } + memcpy(ciphertext->point.x, eccCipher->x + sizeof(zeros), 32); + memcpy(ciphertext->point.y, eccCipher->y + sizeof(zeros), 32); + memcpy(ciphertext->hash, eccCipher->M, 32); + memcpy(ciphertext->ciphertext, eccCipher->C, eccCipher->L); + ciphertext->ciphertext_size = eccCipher->L; + return 1; +} + + + + int sdf_load_library(const char *so_path, const char *vendor) { if (SDF_LoadLibrary((char *)so_path, (char *)vendor) != SDR_OK) { @@ -348,8 +387,6 @@ int sdf_generate_key(SDF_DEVICE *dev, SDF_KEY *key, void *hKey; ECCrefPublicKey eccPublicKey; ECCCipher eccCipher; - const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - SM2_POINT point; SM2_CIPHERTEXT ciphertext; int ret; @@ -366,13 +403,8 @@ int sdf_generate_key(SDF_DEVICE *dev, SDF_KEY *key, return 1; } - // SM2_KEY => ECCrefPublicKey - sm2_z256_point_to_bytes(&sm2_key->public_key, (uint8_t *)&point); - eccPublicKey.bits = 256; - memset(eccPublicKey.x, 0, sizeof(zeros)); - memcpy(eccPublicKey.x + sizeof(zeros), point.x, 32); - memset(eccPublicKey.y, 0, sizeof(zeros)); - memcpy(eccPublicKey.y + sizeof(zeros), point.y, 32); + // ECCrefPublicKey <= SM2_KEY + ECCrefPublicKey_from_SM2_Z256_POINT(&eccPublicKey, &sm2_key->public_key); // SDF_GenerateKeyWithEPK_ECC if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK) { @@ -385,22 +417,13 @@ int sdf_generate_key(SDF_DEVICE *dev, SDF_KEY *key, return -1; } - // ECCCipher => SM2_CIPHERTEXT - if (eccCipher.L > SM2_MAX_PLAINTEXT_SIZE - || memcmp(eccCipher.x, zeros, sizeof(zeros)) != 0 - || memcmp(eccCipher.y, zeros, sizeof(zeros)) != 0) { + // ECCCipher => SM2_CIPHERTEXT => DER + if (ECCCipher_to_SM2_CIPHERTEXT(&eccCipher, &ciphertext) != 1) { (void)SDF_DestroyKey(hSession, hKey); (void)SDF_CloseSession(hSession); error_print(); return -1; } - memcpy(ciphertext.point.x, eccCipher.x + sizeof(zeros), 32); - memcpy(ciphertext.point.y, eccCipher.y + sizeof(zeros), 32); - memcpy(ciphertext.hash, eccCipher.M, 32); - memcpy(ciphertext.ciphertext, eccCipher.C, eccCipher.L); - ciphertext.ciphertext_size = eccCipher.L; - - // SM2_CIPHERTEXT => DER *wrappedkey_len = 0; if (sm2_ciphertext_to_der(&ciphertext, &wrappedkey, wrappedkey_len) != 1) { (void)SDF_DestroyKey(hSession, hKey); @@ -439,10 +462,7 @@ int sdf_import_key(SDF_DEVICE *dev, unsigned int key_index, const char *pass, void *hSession; void *hKey; ECCCipher eccCipher; - const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - SM2_POINT point; SM2_CIPHERTEXT ciphertext; - int ret; if (!dev || !pass || !wrappedkey || !wrappedkey_len) { error_print(); @@ -464,12 +484,7 @@ int sdf_import_key(SDF_DEVICE *dev, unsigned int key_index, const char *pass, } // ECCCipher <= SM2_CIPHERTEXT - memset(eccCipher.x, 0, sizeof(zeros)); - memcpy(eccCipher.x + sizeof(zeros), ciphertext.point.x, 32); - memset(eccCipher.y, 0, sizeof(zeros)); - memcpy(eccCipher.y + sizeof(zeros), ciphertext.point.y, 32); - memcpy(eccCipher.C, ciphertext.ciphertext, ciphertext.ciphertext_size); - eccCipher.L = ciphertext.ciphertext_size; + ECCCipher_from_SM2_CIPHERTEXT(&eccCipher, &ciphertext); // SDF_ImportKeyWithISK_ECC if (SDF_OpenSession(dev->handle, &hSession) != SDR_OK) { @@ -688,7 +703,7 @@ int sdf_export_sign_public_key(SDF_DEVICE *dev, int key_index, SM2_KEY *sm2_key) (void)SDF_CloseSession(hSession); memset(sm2_key, 0, sizeof(SM2_KEY)); - if (SDF_ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &sm2_key->public_key) != SDR_OK) { + if (ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &sm2_key->public_key) != 1) { error_print(); return -1; } @@ -717,13 +732,14 @@ int sdf_export_encrypt_public_key(SDF_DEVICE *dev, int key_index, SM2_KEY *sm2_k (void)SDF_CloseSession(hSession); memset(sm2_key, 0, sizeof(SM2_KEY)); - if (SDF_ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &sm2_key->public_key) != SDR_OK) { + if (ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &sm2_key->public_key) != 1) { error_print(); return -1; } return 1; } +// 这个要改为load_key int sdf_load_sign_key(SDF_DEVICE *dev, SDF_SIGN_KEY *key, int key_index, const char *pass) { void *hSession = NULL; @@ -753,7 +769,7 @@ int sdf_load_sign_key(SDF_DEVICE *dev, SDF_SIGN_KEY *key, int key_index, const c return -1; } - if (SDF_ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &key->public_key) != SDR_OK) { + if (ECCrefPublicKey_to_SM2_Z256_POINT(&eccPublicKey, &key->public_key) != 1) { error_print(); return -1; } @@ -775,7 +791,7 @@ int sdf_sign(SDF_SIGN_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *si error_print(); return -1; } - if (SDF_ECCSignature_to_SM2_SIGNATURE(&ecc_sig, &sm2_sig) != SDR_OK) { + if (ECCSignature_to_SM2_SIGNATURE(&ecc_sig, &sm2_sig) != 1) { error_print(); return -1; } @@ -787,6 +803,45 @@ int sdf_sign(SDF_SIGN_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *si return 1; } +int sdf_sm2_decrypt(const SDF_SIGN_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen) +{ + ECCCipher eccCipher; + SM2_CIPHERTEXT ciphertext; + unsigned int uiLength = 0; + + if (!key || !in || !outlen) { + error_print(); + return -1; + } + if (!key->session || key->index < 0) { + error_print(); + return -1; + } + if (!out) { + *outlen = SM2_MAX_PLAINTEXT_SIZE; + return 1; + } + + if (sm2_ciphertext_from_der(&ciphertext, &in, &inlen) != 1) { + error_print(); + return -1; + } + if (inlen != 0) { + error_print(); + return -1; + } + + ECCCipher_from_SM2_CIPHERTEXT(&eccCipher, &ciphertext); + + if (SDF_InternalDecrypt_ECC(key->session, key->index, SGD_SM2_3, &eccCipher, out, &uiLength) != SDR_OK) { + error_print(); + return -1; + } + + *outlen = uiLength; + return 1; +} + int sdf_sign_init(SDF_SIGN_CTX *ctx, const SDF_SIGN_KEY *key, const char *id, size_t idlen) { if (!ctx || !key) { diff --git a/tools/gmssl.c b/tools/gmssl.c index 60bdeab7..65efbb4c 100644 --- a/tools/gmssl.c +++ b/tools/gmssl.c @@ -71,6 +71,7 @@ extern int sdfdigest_main(int argc, char **argv); extern int sdfexport_main(int argc, char **argv); extern int sdfsign_main(int argc, char **argv); extern int sdfencrypt_main(int argc, char **argv); +extern int sdfdecrypt_main(int argc, char **argv); extern int sdftest_main(int argc, char **argv); #endif #ifdef ENABLE_SKF @@ -135,6 +136,7 @@ static const char *options = " sdfexport Export SM2 signing public key from SDF device\n" " sdfsign Generate SM2 signature with SDF internal private key\n" " sdfencrypt SM2/SM4-CBC hybrid encryption with SDF device\n" + " sdfdecrypt SM2/SM4-CBC hybrid decryption with SDF device\n" " sdftest Test vendor's SDF library and device\n" #endif #ifdef ENABLE_SKF @@ -295,6 +297,8 @@ int main(int argc, char **argv) return sdfsign_main(argc, argv); } else if (!strcmp(*argv, "sdfencrypt")) { return sdfencrypt_main(argc, argv); + } else if (!strcmp(*argv, "sdfdecrypt")) { + return sdfdecrypt_main(argc, argv); } else if (!strcmp(*argv, "sdftest")) { return sdftest_main(argc, argv); #endif diff --git a/tools/sdfdecrypt.c b/tools/sdfdecrypt.c new file mode 100755 index 00000000..96fc7b33 --- /dev/null +++ b/tools/sdfdecrypt.c @@ -0,0 +1,226 @@ +/* + * Copyright 2014-2024 The GmSSL Project. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * + * http://www.apache.org/licenses/LICENSE-2.0 + */ + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +static const char *usage = "-lib so_path -key num -pass str [-in file] [-out file]"; + +static const char *options = +"\n" +"Options\n" +"\n" +" -lib so_path Vendor's SDF dynamic library\n" +" -key num Decryption private key index number\n" +" -pass str Password to get the private key access right\n" +" -in file | stdin Input data\n" +" -out file | stdout Output data\n" +"\n" +"Examples\n" +"\n" +" $ gmssl sdfexport -encrypt -key 1 -lib libsoftsdf.so -out sm2encpub.pem\n" +" $ echo 'Secret message' | gmssl sdfencrypt -lib libsoftsdf.so -pubkey sm2encpub.pem -out sdf_ciphertext.bin\n" +" $ gmssl sdfdecrypt -lib libsoftsdf.so -key 1 -pass P@ssw0rd -in sdf_ciphertext.bin\n" +"\n"; + +int sdfdecrypt_main(int argc, char **argv) +{ + int ret = 1; + char *prog = argv[0]; + char *lib = NULL; + int key_index = -1; + char *pass = NULL; + char *infile = NULL; + char *outfile = NULL; + FILE *infp = stdin; + FILE *outfp = stdout; + + uint8_t iv[16]; + uint8_t buf[4096]; + size_t inlen; + size_t outlen; + SDF_DEVICE dev; + SDF_KEY key; + SDF_CBC_CTX ctx; + const uint8_t *p; + SM2_CIPHERTEXT ciphertext; + uint8_t *wrappedkey; + size_t wrappedkey_len; + + memset(&dev, 0, sizeof(dev)); + memset(&key, 0, sizeof(key)); + memset(&ctx, 0, sizeof(ctx)); + + argc--; + argv++; + + if (argc < 1) { + fprintf(stderr, "usage: gmssl %s %s\n", prog, usage); + return 1; + } + + while (argc > 0) { + if (!strcmp(*argv, "-help")) { + printf("usage: gmssl %s %s\n", prog, usage); + printf("%s\n", options); + ret = 0; + goto end; + goto end; + } else if (!strcmp(*argv, "-lib")) { + if (--argc < 1) goto bad; + lib = *(++argv); + } else if (!strcmp(*argv, "-key")) { + if (--argc < 1) goto bad; + key_index = atoi(*(++argv)); + if (key_index < 0) { + fprintf(stderr, "gmssl %s: illegal key index %d\n", prog, key_index); + goto end; + } + } else if (!strcmp(*argv, "-pass")) { + if (--argc < 1) goto bad; + pass = *(++argv); + } else if (!strcmp(*argv, "-in")) { + if (--argc < 1) goto bad; + infile = *(++argv); + if (!(infp = fopen(infile, "rb"))) { + fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno)); + goto end; + } + } else if (!strcmp(*argv, "-out")) { + if (--argc < 1) goto bad; + outfile = *(++argv); + if (!(outfp = fopen(outfile, "wb"))) { + fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno)); + goto end; + } + } else { + fprintf(stderr, "gmssl %s: illegal option `%s`\n", prog, *argv); + goto end; +bad: + fprintf(stderr, "gmssl %s: `%s` option value missing\n", prog, *argv); + goto end; + } + + argc--; + argv++; + } + + // load library and open device + if (!lib) { + fprintf(stderr, "gmssl %s: '-lib' option required\n", prog); + goto end; + } + if (sdf_load_library(lib, NULL) != 1) { + fprintf(stderr, "gmssl %s: load library failure\n", prog); + goto end; + } + if (sdf_open_device(&dev) != 1) { + fprintf(stderr, "gmssl %s: open device failure\n", prog); + goto end; + } + + if (key_index < 0) { + fprintf(stderr, "gmssl %s: '-key' option required\n", prog); + goto end; + } + if (!pass) { + fprintf(stderr, "gmssl %s: '-pass' option required\n", prog); + goto end; + } + + // read DER(SM2_CIPHERTEXT) and following bytes + if ((inlen = fread(buf, 1, sizeof(buf), infp)) <= 0) { + fprintf(stderr, "gmssl %s: read failure : %s\n", prog, strerror(errno)); + goto end; + } + wrappedkey_len = inlen; + + p = buf; + if (sm2_ciphertext_from_der(&ciphertext, &p, &inlen) != 1) { + error_print(); + goto end; + } + wrappedkey_len -= inlen; + + sm2_ciphertext_print(stderr, 0, 0, "Ciphertext", buf, wrappedkey_len); + + + // read IV + if (inlen >= 16) { + memcpy(iv, p, 16); + p += 16; + inlen -= 16; + } else { + memcpy(iv, p, inlen); + if (fread(iv + inlen, 1, 16 - inlen, infp) != 16 - inlen) { + error_print(); + goto end; + } + inlen = 0; + } + + // import key + if (sdf_import_key(&dev, key_index, pass, buf, wrappedkey_len, &key) != 1) { + error_print(); + return -1; + } + + // encrypt and output ciphertext + if (sdf_cbc_decrypt_init(&ctx, &key, iv) != 1) { + error_print(); + goto end; + } + if (inlen) { + if (sdf_cbc_decrypt_update(&ctx, p, inlen, buf, &outlen) != 1) { + error_print(); + goto end; + } + } + while ((inlen = fread(buf, 1, sizeof(buf), infp)) > 0) { + if (sdf_cbc_decrypt_update(&ctx, buf, inlen, buf, &outlen) != 1) { + error_print(); + goto end; + } + if (fwrite(buf, 1, outlen, outfp) != outlen) { + fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); + goto end; + } + } + if (sdf_cbc_decrypt_finish(&ctx, buf, &outlen) != 1) { + error_print(); + goto end; + } + if (fwrite(buf, 1, outlen, outfp) != outlen) { + fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno)); + goto end; + } + + ret = 0; + +end: + (void)sdf_destroy_key(&key); + (void)sdf_close_device(&dev); + (void)sdf_unload_library(); + gmssl_secure_clear(iv, sizeof(iv)); + gmssl_secure_clear(&ctx, sizeof(ctx)); + if (infile && infp) fclose(infp); + if (outfile && outfp) fclose(outfp); + return ret; +} diff --git a/tools/sdfencrypt.c b/tools/sdfencrypt.c index db867296..c1d24113 100755 --- a/tools/sdfencrypt.c +++ b/tools/sdfencrypt.c @@ -35,9 +35,8 @@ static const char *options = "\n" "Examples\n" "\n" -" $ TEXT=`gmssl rand -outlen 20 -hex`\n" " $ gmssl sdfexport -encrypt -key 1 -lib libsoftsdf.so -out sm2encpub.pem\n" -" $ echo -n $TEXT | gmssl sdfencrypt -lib libsoftsdf.so -pubkey sm2encpub.pem -out sdf_ciphertext.bin\n" +" $ echo 'Secret message' | gmssl sdfencrypt -lib libsoftsdf.so -pubkey sm2encpub.pem -out sdf_ciphertext.bin\n" " $ gmssl sdfdecrypt -lib libsoftsdf.so -key 1 -pass P@ssw0rd -in sdf_ciphertext.bin\n" "\n"; diff --git a/tools/sdfsign.c b/tools/sdfsign.c index 6fbaedef..c4ca4626 100644 --- a/tools/sdfsign.c +++ b/tools/sdfsign.c @@ -74,16 +74,6 @@ int sdfsign_main(int argc, char **argv) } else if (!strcmp(*argv, "-lib")) { if (--argc < 1) goto bad; lib = *(++argv); - } else if (!strcmp(*argv, "-key")) { - if (--argc < 1) goto bad; - key_index = atoi(*(++argv)); - if (key_index < 0) { - fprintf(stderr, "gmssl %s: illegal key index %d\n", prog, key_index); - goto end; - } - } else if (!strcmp(*argv, "-pass")) { - if (--argc < 1) goto bad; - pass = *(++argv); } else if (!strcmp(*argv, "-id")) { if (--argc < 1) goto bad; id = *(++argv);