Adjust SM3 SM4 API

Remove sm3_digest. Use more _gmssl_export

src/digest.c

@@ -118,7 +118,7 @@ const DIGEST *digest_from_name(const char *name)
 	return NULL;
 }
 
-static int sm3_digest_init(DIGEST_CTX *ctx)
+static int _sm3_digest_init(DIGEST_CTX *ctx)
 {
 	if (!ctx) {
 		error_print();
@@ -128,7 +128,7 @@ static int sm3_digest_init(DIGEST_CTX *ctx)
 	return 1;
 }
 
-static int sm3_digest_update(DIGEST_CTX *ctx, const uint8_t *in, size_t inlen)
+static int _sm3_digest_update(DIGEST_CTX *ctx, const uint8_t *in, size_t inlen)
 {
 	if (!ctx || (!in && inlen != 0)) {
 		error_print();
@@ -138,7 +138,7 @@ static int sm3_digest_update(DIGEST_CTX *ctx, const uint8_t *in, size_t inlen)
 	return 1;
 }
 
-static int sm3_digest_finish(DIGEST_CTX *ctx, uint8_t *dgst)
+static int _sm3_digest_finish(DIGEST_CTX *ctx, uint8_t *dgst)
 {
 	if (!ctx || !dgst) {
 		error_print();
@@ -153,9 +153,9 @@ static const DIGEST sm3_digest_object = {
 	SM3_DIGEST_SIZE,
 	SM3_BLOCK_SIZE,
 	sizeof(SM3_CTX),
-	sm3_digest_init,
-	sm3_digest_update,
-	sm3_digest_finish,
+	_sm3_digest_init,
+	_sm3_digest_update,
+	_sm3_digest_finish,
 };
 
 const DIGEST *DIGEST_sm3(void)

src/sm2_key.c

@@ -525,8 +525,15 @@ int sm2_public_key_equ(const SM2_KEY *sm2_key, const SM2_KEY *pub_key)
 int sm2_public_key_digest(const SM2_KEY *sm2_key, uint8_t dgst[32])
 {
 	uint8_t bits[65];
-	sm2_z256_point_to_uncompressed_octets(&sm2_key->public_key, bits);
-	sm3_digest(bits, sizeof(bits), dgst);
+	SM3_CTX sm3_ctx;
+
+	if (sm2_z256_point_to_uncompressed_octets(&sm2_key->public_key, bits) != 1) {
+		error_print();
+		return -1;
+	}
+	sm3_init(&sm3_ctx);
+	sm3_update(&sm3_ctx, bits, sizeof(bits));
+	sm3_finish(&sm3_ctx, dgst);
 	return 1;
 }
 

src/sm2_z256.c

@@ -1693,7 +1693,10 @@ int sm2_z256_point_from_hash(SM2_Z256_POINT *R, const uint8_t *data, size_t data
 
 	do {
 		// x = sm3(data) mod p
-		sm3_digest(data, datalen, dgst);
+		SM3_CTX sm3_ctx;
+		sm3_init(&sm3_ctx);
+		sm3_update(&sm3_ctx, data, datalen);
+		sm3_finish(&sm3_ctx, dgst);
 
 		sm2_z256_from_bytes(x, dgst);
 		if (sm2_z256_cmp(x, SM2_Z256_P) >= 0) {

src/sm3.c

@@ -203,6 +203,7 @@ void sm3_finish(SM3_CTX *ctx, uint8_t *digest)
 	}
 }
 
+/*
 void sm3_digest(const uint8_t *msg, size_t msglen,
 	uint8_t dgst[SM3_DIGEST_SIZE])
 {
@@ -212,3 +213,4 @@ void sm3_digest(const uint8_t *msg, size_t msglen,
 	sm3_finish(&ctx, dgst);
 	memset(&ctx, 0, sizeof(ctx));
 }
+*/

src/sm3_digest.c

@@ -9,7 +9,7 @@
 
 
 #include <string.h>
-#include <gmssl/sm3_digest.h>
+#include <gmssl/sm3.h>
 #include <gmssl/error.h>
 
 

src/sm3_kdf.c

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
@@ -56,15 +56,3 @@ void sm3_kdf_finish(SM3_KDF_CTX *ctx, uint8_t *out)
 	memset(&sm3_ctx, 0, sizeof(SM3_CTX));
 	memset(dgst, 0, sizeof(dgst));
 }
-
-#if 0
-// add until v3.2.0
-void sm3_kdf(const uint8_t *in, size_t inlen, size_t outlen, uint8_t *out)
-{
-	SM3_KDF_CTX ctx;
-	sm3_kdf_init(&ctx, outlen);
-	sm3_kdf_update(&ctx, in, inlen);
-	sm3_kdf_finish(&ctx, out);
-	memset(&ctx, 0, sizeof(ctx));
-}
-#endif

src/sm4_ctr_sm3_hmac.c

@@ -83,7 +83,7 @@ int sm4_ctr_sm3_hmac_decrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
 		return -1;
 	}
 	memset(ctx, 0, sizeof(*ctx));
-	if (sm4_ctr_decrypt_init(&ctx->enc_ctx, key, iv) != 1) {
+	if (sm4_ctr_encrypt_init(&ctx->enc_ctx, key, iv) != 1) {
 		error_print();
 		return -1;
 	}
@@ -124,7 +124,7 @@ int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, const uint8_t *in
 	if (inlen <= SM3_HMAC_SIZE) {
 		uint8_t tmp[SM3_HMAC_SIZE];
 		sm3_hmac_update(&ctx->mac_ctx, ctx->mac, inlen);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) {
 			error_print();
 			return -1;
 		}
@@ -134,7 +134,7 @@ int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, const uint8_t *in
 		memcpy(ctx->mac, tmp, SM3_HMAC_SIZE);
 	} else {
 		sm3_hmac_update(&ctx->mac_ctx, ctx->mac, SM3_HMAC_SIZE);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, ctx->mac, SM3_HMAC_SIZE, out, outlen) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, SM3_HMAC_SIZE, out, outlen) != 1) {
 			error_print();
 			return -1;
 		}
@@ -142,7 +142,7 @@ int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx, const uint8_t *in
 
 		inlen -= SM3_HMAC_SIZE;
 		sm3_hmac_update(&ctx->mac_ctx, in, inlen);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) {
 			error_print();
 			return -1;
 		}
@@ -165,7 +165,7 @@ int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, uint8_t *out, siz
 		return -1;
 	}
 	sm3_hmac_finish(&ctx->mac_ctx, mac);
-	if (sm4_ctr_decrypt_finish(&ctx->enc_ctx, out, outlen) != 1) {
+	if (sm4_ctr_encrypt_finish(&ctx->enc_ctx, out, outlen) != 1) {
 		error_print();
 		return -1;
 	}

src/sm4_gcm.c

@@ -217,7 +217,7 @@ int sm4_gcm_decrypt_update(SM4_GCM_CTX *ctx, const uint8_t *in, size_t inlen, ui
 	if (inlen <= ctx->taglen) {
 		uint8_t tmp[GHASH_SIZE];
 		ghash_update(&ctx->mac_ctx, ctx->mac, inlen);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, inlen, out, outlen) != 1) {
 			error_print();
 			return -1;
 		}
@@ -227,7 +227,7 @@ int sm4_gcm_decrypt_update(SM4_GCM_CTX *ctx, const uint8_t *in, size_t inlen, ui
 		memcpy(ctx->mac, tmp, GHASH_SIZE);
 	} else {
 		ghash_update(&ctx->mac_ctx, ctx->mac, ctx->taglen);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, ctx->mac, ctx->taglen, out, outlen) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, ctx->mac, ctx->taglen, out, outlen) != 1) {
 			error_print();
 			return -1;
 		}
@@ -235,7 +235,7 @@ int sm4_gcm_decrypt_update(SM4_GCM_CTX *ctx, const uint8_t *in, size_t inlen, ui
 
 		inlen -= ctx->taglen;
 		ghash_update(&ctx->mac_ctx, in, inlen);
-		if (sm4_ctr_decrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) {
+		if (sm4_ctr_encrypt_update(&ctx->enc_ctx, in, inlen, out, &len) != 1) {
 			error_print();
 			return -1;
 		}
@@ -258,7 +258,7 @@ int sm4_gcm_decrypt_finish(SM4_GCM_CTX *ctx, uint8_t *out, size_t *outlen)
 		return -1;
 	}
 	ghash_finish(&ctx->mac_ctx, mac);
-	if (sm4_ctr_decrypt_finish(&ctx->enc_ctx, out, outlen) != 1) {
+	if (sm4_ctr_encrypt_finish(&ctx->enc_ctx, out, outlen) != 1) {
 		error_print();
 		return -1;
 	}

src/x509_ext.c

@@ -350,16 +350,17 @@ int x509_exts_add_authority_key_identifier(uint8_t *exts, size_t *extslen, size_
 int x509_exts_add_default_authority_key_identifier(uint8_t *exts, size_t *extslen, size_t maxlen,
 	const SM2_KEY *public_key)
 {
-	uint8_t buf[65];
 	uint8_t id[32];
 	int critical = -1;
 
 	if (!public_key) {
 		return 0;
 	}
-	sm2_z256_point_to_uncompressed_octets(&public_key->public_key, buf);
-	sm3_digest(buf, sizeof(buf), id);
 
+	if (sm2_public_key_digest(public_key, id) != 1) {
+		error_print();
+		return -1;
+	}
 	if (x509_exts_add_authority_key_identifier(exts, extslen, maxlen, critical,
 		id, sizeof(id), NULL, 0, NULL, 0) != 1) {
 		error_print();
@@ -400,15 +401,16 @@ int x509_exts_add_subject_key_identifier(uint8_t *exts, size_t *extslen, size_t
 int x509_exts_add_subject_key_identifier_ex(uint8_t *exts, size_t *extslen, size_t maxlen,
 	int critical, const SM2_KEY *subject_key)
 {
-	uint8_t buf[65];
 	uint8_t id[32];
 
 	if (!subject_key) {
 		return 0;
 	}
-	sm2_z256_point_to_uncompressed_octets(&subject_key->public_key, buf);
-	sm3_digest(buf, sizeof(buf), id);
 
+	if (sm2_public_key_digest(subject_key, id) != 1) {
+		error_print();
+		return -1;
+	}
 	if (x509_exts_add_subject_key_identifier(exts, extslen, maxlen, critical, id, 32) != 1) {
 		error_print();
 		return -1;