abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-29 01:03:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

update gm apis

Browse Source
This commit is contained in:
Zhi Guan
2017-02-19 23:41:47 +08:00
parent d7aca8255f
commit 90a001b539
52 changed files with 5370 additions and 7038 deletions
Download Patch File Download Diff File Expand all files Collapse all files

235
crypto/skf/skf_dgst.c
View File

@@ -1,235 +0,0 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/gmskf.h>
#include "skf_lcl.h"
ULONG DEVAPI SKF_DigestInit(DEVHANDLE hDev,
ULONG ulAlgID,
ECCPUBLICKEYBLOB *pPubKey,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phHash)
{
ULONG ret = SAR_FAIL;
const EVP_MD *md;
EVP_MD_CTX *mdctx = NULL;
EC_KEY *ec_key = NULL;
SKF_HANDLE *hHash;
switch (ulAlgID) {
case SGD_SM3:
md = EVP_sm3();
break;
case SGD_SHA1:
md = EVP_sha1();
break;
case SGD_SHA256:
md = EVP_sha256();
break;
default:
SKFerr(SKF_F_SKF_DIGESTINIT, SKF_R_INVALID_ALGID);
return SAR_INVALIDPARAMERR;
}
if (!(mdctx = EVP_MD_CTX_create())) {
SKFerr(SKF_F_SKF_DIGESTINIT, SKF_R_MALLOC_FAILED);
return SAR_FAIL;
}
if (!EVP_DigestInit_ex(mdctx, md, NULL)) {
SKFerr(SKF_F_SKF_DIGESTINIT, ERR_R_EVP_LIB);
goto end;
}
if (pPubKey) {
if (!(ec_key = EC_KEY_new_from_ECCPUBLICKEYBLOB(pPubKey))) {
SKFerr(SKF_F_SKF_DIGESTINIT, SKF_R_INVALID_BLOB);
ret = SAR_INVALIDPARAMERR;
goto end;
}
/*
//FIXME
if (pbID) {
if (ulIDLen <= 0 || ulIDLen > SM2_MAX_ID_LENGTH) {
SKFerr(SKF_F_SKF_DIGESTINIT, SKF_R_INVALID_ID_LENGTH);
ret = SAR_INVALIDPARAMERR;
goto end;
}
OPENSSL_assert(strlen((char *)pbID) == ulIDLen);
if (!SM2_set_id(ec_key, (char *)pbID)) {
SKFerr(SKF_F_SKF_DIGESTINIT, ERR_R_SM2_LIB);
ret = SAR_FAIL;
goto end;
}
}
dgstlen = sizeof(dgst);
if (!SM2_compute_id_digest(md, dgst, &dgstlen, ec_key)) {
SKFerr(SKF_F_SKF_DIGESTINIT, ERR_R_SM2_LIB);
goto end;
}
if (!EVP_DigestUpdate(mdctx, dgst, dgstlen)) {
goto end;
}
*/
} else {
if (pbID) {
SKFerr(SKF_F_SKF_DIGESTINIT, SKF_R_NO_PUBLIC_KEY);
ret = SAR_INVALIDPARAMERR;
goto end;
}
}
if (!(hHash = OPENSSL_malloc(sizeof(*hHash)))) {
SKFerr(SKF_F_SKF_DIGESTINIT, ERR_R_MALLOC_FAILURE);
goto end;
}
memset(hHash, 0, sizeof(*hHash));
hHash->magic = SKF_HANDLE_MAGIC;
hHash->type = SKF_HASH_HANDLE;
hHash->u.md_ctx = mdctx;
mdctx = NULL;
*phHash = hHash;
ret = SAR_OK;
end:
EVP_MD_CTX_destroy(mdctx);
EC_KEY_free(ec_key);
return ret;
}
ULONG DEVAPI SKF_DigestUpdate(HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen)
{
EVP_MD_CTX *md_ctx;
if (!(md_ctx = SKF_HANDLE_get_md_ctx(hHash))) {
SKFerr(SKF_F_SKF_DIGESTUPDATE, SKF_R_INVALID_HASH_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!pbData) {
SKFerr(SKF_F_SKF_DIGESTUPDATE, SKF_R_INVALID_ARGUMENTS);
return SAR_INVALIDPARAMERR;
}
if (ulDataLen == 0) {
return SAR_OK;
}
if (!EVP_DigestUpdate(md_ctx, pbData, ulDataLen)) {
SKFerr(SKF_F_SKF_DIGESTUPDATE, ERR_R_EVP_LIB);
return SAR_FAIL;
}
return SAR_OK;
}
ULONG DEVAPI SKF_DigestFinal(HANDLE hHash,
BYTE *pHashData,
ULONG *pulHashLen)
{
EVP_MD_CTX *mdctx;
if (!(mdctx = SKF_HANDLE_get_md_ctx(hHash))) {
SKFerr(SKF_F_SKF_DIGESTFINAL, SKF_R_INVALID_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!pulHashLen) {
SKFerr(SKF_F_SKF_DIGESTFINAL, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (!EVP_DigestFinal_ex(mdctx, pHashData, pulHashLen)) {
SKFerr(SKF_F_SKF_DIGESTFINAL, ERR_R_EVP_LIB);
return SAR_FAIL;
}
EVP_MD_CTX_destroy(mdctx);
((SKF_HANDLE *)hHash)->u.md_ctx = NULL;
return SAR_OK;
}
ULONG DEVAPI SKF_Digest(HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbHashData,
ULONG *pulHashLen)
{
ULONG rv;
if ((rv = SKF_DigestUpdate(hHash, pbData, ulDataLen)) != SAR_OK) {
SKFerr(SKF_F_SKF_DIGEST, ERR_R_GMAPI_LIB);
return rv;
}
if ((rv = SKF_DigestFinal(hHash, pbHashData, pulHashLen)) != SAR_OK) {
SKFerr(SKF_F_SKF_DIGEST, ERR_R_GMAPI_LIB);
return rv;
}
return SAR_OK;
}

938
crypto/skf/skf_dummy.c Normal file
View File

@@ -0,0 +1,938 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/skf.h>
static char *hDeviceHandle = "hDeviceHandle";
static char *hApplication = "hApplication";
static char *hContainer = "hContainer";
static char *hAgreementHandle = "AgreementHandle";
static char *hKeyHandle = "KeyHandle";
static char *hHashHandle = "HashHandle";
static char *hMacHandle = "MacHandle";
ULONG DEVAPI SKF_WaitForDevEvent(
LPSTR szDevName,
ULONG *pulDevNameLen,
ULONG *pulEvent)
{
return SAR_OK;
}
ULONG DEVAPI SKF_CancelWaitForDevEvent(
void)
{
return SAR_OK;
}
ULONG DEVAPI SKF_EnumDev(BOOL bPresent,
LPSTR szNameList,
ULONG *pulSize)
{
char *dev_list = "dev1\0dev2\0";
if (!szNameList || !pulSize) {
return SAR_INVALIDPARAMERR;
}
strcpy((char *)szNameList, dev_list);
*pulSize = sizeof(dev_list);
return SAR_OK;
}
ULONG DEVAPI SKF_ConnectDev(
LPSTR szName,
DEVHANDLE *phDev)
{
if (!phDev) {
return SAR_INVALIDPARAMERR;
}
*phDev = hDeviceHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_DisConnectDev(
DEVHANDLE hDev)
{
return SAR_OK;
}
ULONG DEVAPI SKF_GetDevState(
LPSTR szDevName,
ULONG *pulDevState)
{
*pulDevState = 0;
return SAR_OK;
}
ULONG DEVAPI SKF_SetLabel(
DEVHANDLE hDev,
LPSTR szLabel)
{
return SAR_OK;
}
ULONG DEVAPI SKF_GetDevInfo(
DEVHANDLE hDev,
DEVINFO *pDevInfo)
{
return SAR_OK;
}
ULONG DEVAPI SKF_LockDev(
DEVHANDLE hDev,
ULONG ulTimeOut)
{
return SAR_OK;
}
ULONG DEVAPI SKF_UnlockDev(
DEVHANDLE hDev)
{
return SAR_OK;
}
ULONG DEVAPI SKF_Transmit(
DEVHANDLE hDev,
BYTE *pbCommand,
ULONG ulCommandLen,
BYTE *pbData,
ULONG *pulDataLen)
{
if (!pbData || !pulDataLen) {
return SAR_INVALIDPARAMERR;
}
memcpy(pbData, pbCommand, ulCommandLen);
*pulDataLen = ulCommandLen;
return SAR_OK;
}
ULONG DEVAPI SKF_ChangeDevAuthKey(
DEVHANDLE hDev,
BYTE *pbKeyValue,
ULONG ulKeyLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_DevAuth(
DEVHANDLE hDev,
BYTE *pbAuthData,
ULONG ulLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ChangePIN(
HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szOldPin,
LPSTR szNewPin,
ULONG *pulRetryCount)
{
if (!pulRetryCount) {
return SAR_INVALIDPARAMERR;
}
*pulRetryCount = 100;
return SAR_OK;
}
LONG DEVAPI SKF_GetPINInfo(
HAPPLICATION hApplication,
ULONG ulPINType,
ULONG *pulMaxRetryCount,
ULONG *pulRemainRetryCount,
BOOL *pbDefaultPin)
{
if (!pulMaxRetryCount || !pulRemainRetryCount || !pbDefaultPin) {
return SAR_INVALIDPARAMERR;
}
*pulMaxRetryCount = 100;
*pulRemainRetryCount = 100;
*pbDefaultPin = 0;
return SAR_OK;
}
ULONG DEVAPI SKF_VerifyPIN(
HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szPIN,
ULONG *pulRetryCount)
{
if (!pulRetryCount) {
return SAR_INVALIDPARAMERR;
}
*pulRetryCount = 100;
return SAR_OK;
}
ULONG DEVAPI SKF_UnblockPIN(
HAPPLICATION hApplication,
LPSTR szAdminPIN,
LPSTR szNewUserPIN,
ULONG *pulRetryCount)
{
if (!pulRetryCount) {
return SAR_INVALIDPARAMERR;
}
*pulRetryCount = 100;
return SAR_OK;
}
ULONG DEVAPI SKF_ClearSecureState(
HAPPLICATION hApplication)
{
return SAR_OK;
}
ULONG DEVAPI SKF_CreateApplication(
DEVHANDLE hDev,
LPSTR szAppName,
LPSTR szAdminPin,
DWORD dwAdminPinRetryCount,
LPSTR szUserPin,
DWORD dwUserPinRetryCount,
DWORD dwCreateFileRights,
HAPPLICATION *phApplication)
{
if (!phApplication) {
return SAR_INVALIDPARAMERR;
}
*phApplication = hApplication;
return SAR_OK;
}
ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev,
LPSTR szAppName,
ULONG *pulSize)
{
char *app_list = "app1\0app2\0";
if (!szAppName || !pulSize) {
return SAR_INVALIDPARAMERR;
}
strcpy((char *)szAppName, app_list);
*pulSize = strlen(app_list);
return SAR_OK;
}
ULONG DEVAPI SKF_DeleteApplication(
DEVHANDLE hDev,
LPSTR szAppName)
{
return SAR_OK;
}
ULONG DEVAPI SKF_OpenApplication(
DEVHANDLE hDev,
LPSTR szAppName,
HAPPLICATION *phApplication)
{
if (!phApplication) {
return SAR_INVALIDPARAMERR;
}
*phApplication = hApplication;
return SAR_OK;
}
ULONG DEVAPI SKF_CloseApplication(
HAPPLICATION hApplication)
{
return SAR_OK;
}
ULONG DEVAPI SKF_CreateFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulFileSize,
ULONG ulReadRights,
ULONG ulWriteRights)
{
return SAR_OK;
}
ULONG DEVAPI SKF_DeleteFile(
HAPPLICATION hApplication,
LPSTR szFileName)
{
return SAR_OK;
}
ULONG DEVAPI SKF_EnumFiles(
HAPPLICATION hApplication,
LPSTR szFileList,
ULONG *pulSize)
{
char *file_list = "file1.txt\0file2.txt\0";
if (!pulSize) {
return SAR_INVALIDPARAMERR;
}
strcpy((char *)szFileList, file_list);
*pulSize = strlen(file_list);
return SAR_OK;
}
ULONG DEVAPI SKF_GetFileInfo(
HAPPLICATION hApplication,
LPSTR szFileName,
FILEATTRIBUTE *pFileInfo)
{
if (!pFileInfo) {
return SAR_INVALIDPARAMERR;
}
//TODO: set pFileInfo;
return SAR_OK;
}
ULONG DEVAPI SKF_ReadFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
ULONG ulSize,
BYTE *pbOutData,
ULONG *pulOutLen)
{
if (!pbOutData || !pulOutLen) {
return SAR_INVALIDPARAMERR;
}
*pulOutLen = ulSize;
return SAR_OK;
}
ULONG DEVAPI SKF_WriteFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
BYTE *pbData,
ULONG ulSize)
{
return SAR_OK;
}
ULONG DEVAPI SKF_CreateContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer)
{
if (!phContainer) {
return SAR_INVALIDPARAMERR;
}
*phContainer = hContainer;
return SAR_OK;
}
ULONG DEVAPI SKF_DeleteContainer(
HAPPLICATION hApplication,
LPSTR szContainerName)
{
return SAR_OK;
}
ULONG DEVAPI SKF_EnumContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
ULONG *pulSize)
{
char *cont_list = "container1\0container2\0";
if (!szContainerName || !pulSize) {
return SAR_INVALIDPARAMERR;
}
strcpy((char *)szContainerName, cont_list);
*pulSize = strlen(cont_list);
return SAR_OK;
}
ULONG DEVAPI SKF_OpenContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer)
{
if (!phContainer) {
return SAR_INVALIDPARAMERR;
}
*phContainer = hContainer;
return SAR_OK;
}
ULONG DEVAPI SKF_CloseContainer(
HCONTAINER hContainer)
{
return SAR_OK;
}
ULONG DEVAPI SKF_GetContainerType(
HCONTAINER hContainer,
ULONG *pulContainerType)
{
if (!pulContainerType) {
return SAR_INVALIDPARAMERR;
}
*pulContainerType = 0;
return SAR_OK;
}
ULONG DEVAPI SKF_ImportCertificate(
HCONTAINER hContainer,
BOOL bExportSignKey,
BYTE *pbCert,
ULONG ulCertLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ExportCertificate(
HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbCert,
ULONG *pulCertLen)
{
if (!pbCert || !pulCertLen) {
return SAR_INVALIDPARAMERR;
}
memset(pbCert, 'c', 512);
*pulCertLen = 512;
return SAR_OK;
}
ULONG DEVAPI SKF_ExportPublicKey(
HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbBlob,
ULONG *pulBlobLen)
{
if (!pbBlob || !pulBlobLen) {
return SAR_INVALIDPARAMERR;
}
*pulBlobLen = 1024;
return SAR_OK;
}
ULONG DEVAPI SKF_GenRandom(
DEVHANDLE hDev,
BYTE *pbRandom,
ULONG ulRandomLen)
{
if (!pbRandom) {
return SAR_INVALIDPARAMERR;
}
memset(pbRandom, 'r', ulRandomLen);
return SAR_OK;
}
ULONG DEVAPI SKF_GenExtRSAKey(
DEVHANDLE hDev,
ULONG ulBitsLen,
RSAPRIVATEKEYBLOB *pBlob)
{
if (!pBlob) {
return SAR_INVALIDPARAMERR;
}
return SAR_OK;
}
ULONG DEVAPI SKF_GenRSAKeyPair(
HCONTAINER hContainer,
ULONG ulBitsLen,
RSAPUBLICKEYBLOB *pBlob)
{
if (!pBlob) {
return SAR_INVALIDPARAMERR;
}
return SAR_OK;
}
ULONG DEVAPI SKF_ImportRSAKeyPair(
HCONTAINER hContainer,
ULONG ulSymAlgId,
BYTE *pbWrappedKey,
ULONG ulWrappedKeyLen,
BYTE *pbEncryptedData,
ULONG ulEncryptedDataLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_RSASignData(
HCONTAINER hContainer,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG *pulSignLen)
{
if (!pbSignature || !pulSignLen) {
return SAR_INVALIDPARAMERR;
}
*pulSignLen = 256;
return SAR_OK;
}
ULONG DEVAPI SKF_RSAVerify(
DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG ulSignLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_RSAExportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
RSAPUBLICKEYBLOB *pPubKey,
BYTE *pbData,
ULONG *pulDataLen,
HANDLE *phSessionKey);
ULONG DEVAPI SKF_ExtRSAPubKeyOperation(
DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen)
{
if (!pbOutput || !pulOutputLen) {
return SAR_INVALIDPARAMERR;
}
*pulOutputLen = 256;
return SAR_OK;
}
ULONG DEVAPI SKF_ExtRSAPriKeyOperation(
DEVHANDLE hDev,
RSAPRIVATEKEYBLOB *pRSAPriKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen)
{
if (!pbOutput || !pulOutputLen) {
return SAR_INVALIDPARAMERR;
}
*pulOutputLen = 256;
return SAR_OK;
}
ULONG DEVAPI SKF_GenECCKeyPair(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pBlob)
{
if (!pBlob) {
return SAR_INVALIDPARAMERR;
}
return SAR_OK;
}
ULONG DEVAPI SKF_ImportECCKeyPair(
HCONTAINER hContainer,
ENVELOPEDKEYBLOB *pEnvelopedKeyBlob)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ECCSignData(
HCONTAINER hContainer,
BYTE *pbDigest,
ULONG ulDigestLen,
ECCSIGNATUREBLOB *pSignature)
{
if (!pSignature) {
return SAR_INVALIDPARAMERR;
}
return SAR_OK;
}
ULONG DEVAPI SKF_ECCVerify(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ECCExportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pPubKey,
ECCCIPHERBLOB *pData,
HANDLE *phSessionKey)
{
if (!phSessionKey) {
return SAR_INVALIDPARAMERR;
}
*phSessionKey = hKeyHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_ExtECCEncrypt(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbPlainText,
ULONG ulPlainTextLen,
ECCCIPHERBLOB *pCipherText)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ExtECCDecrypt(
DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
ECCCIPHERBLOB *pCipherText,
BYTE *pbPlainText,
ULONG *pulPlainTextLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_ExtECCSign(
DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
if (!pSignature) {
return SAR_INVALIDPARAMERR;
}
return SAR_OK;
}
ULONG DEVAPI SKF_ExtECCVerify(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
return SAR_OK;
}
ULONG DEVAPI SKF_GenerateAgreementDataWithECC(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phAgreementHandle)
{
if (!phAgreementHandle) {
return SAR_INVALIDPARAMERR;
}
*phAgreementHandle = hAgreementHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC(
HANDLE hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob,
ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
BYTE *pbSponsorID,
ULONG ulSponsorIDLen,
HANDLE *phKeyHandle)
{
if (!phKeyHandle) {
return SAR_INVALIDPARAMERR;
}
*phKeyHandle = hKeyHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_GenerateKeyWithECC(
HANDLE hAgreementHandle,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phKeyHandle)
{
if (!phKeyHandle) {
return SAR_INVALIDPARAMERR;
}
*phKeyHandle = hKeyHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_ImportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
BYTE *pbWrapedData,
ULONG ulWrapedLen,
HANDLE *phKey)
{
if (!phKey) {
return SAR_INVALIDPARAMERR;
}
*phKey = hKeyHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_SetSymmKey(
DEVHANDLE hDev,
BYTE *pbKey,
ULONG ulAlgID,
HANDLE *phKey)
{
if (!phKey) {
return SAR_INVALIDPARAMERR;
}
*phKey = hKeyHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_EncryptInit(
HANDLE hKey,
BLOCKCIPHERPARAM EncryptParam)
{
return SAR_OK;
}
ULONG DEVAPI SKF_Encrypt(
HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen)
{
if (!pbData || !pbEncryptedData || !pulEncryptedLen) {
return SAR_INVALIDPARAMERR;
}
memcpy(pbEncryptedData, pbData, ulDataLen);
*pulEncryptedLen = ulDataLen;
return SAR_OK;
}
ULONG DEVAPI SKF_EncryptUpdate(
HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen)
{
if (!pbData || !pbEncryptedData || !pulEncryptedLen) {
return SAR_INVALIDPARAMERR;
}
memcpy(pbEncryptedData, pbData, ulDataLen);
*pulEncryptedLen = ulDataLen;
return SAR_OK;
}
ULONG DEVAPI SKF_EncryptFinal(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG *pulEncryptedDataLen)
{
if (!pbEncryptedData || !pulEncryptedDataLen) {
return SAR_INVALIDPARAMERR;
}
*pulEncryptedDataLen = 0;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptInit(
HANDLE hKey,
BLOCKCIPHERPARAM DecryptParam)
{
return SAR_OK;
}
ULONG DEVAPI SKF_Decrypt(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen)
{
if (!pbEncryptedData || !pbData || !pulDataLen) {
return SAR_INVALIDPARAMERR;
}
memcpy(pbData, pbEncryptedData, ulEncryptedLen);
*pulDataLen = ulEncryptedLen;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptUpdate(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen)
{
if (!pbEncryptedData || !pbData || !pulDataLen) {
return SAR_INVALIDPARAMERR;
}
memcpy(pbData, pbEncryptedData, ulEncryptedLen);
*pulDataLen = ulEncryptedLen;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptFinal(
HANDLE hKey,
BYTE *pbDecryptedData,
ULONG *pulDecryptedDataLen)
{
if (!pulDecryptedDataLen) {
return SAR_INVALIDPARAMERR;
}
*pulDecryptedDataLen = 0;
return SAR_OK;
}
ULONG DEVAPI SKF_DigestInit(
DEVHANDLE hDev,
ULONG ulAlgID,
ECCPUBLICKEYBLOB *pPubKey,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phHash)
{
if (!phHash) {
return SAR_INVALIDPARAMERR;
}
*phHash = hHashHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_Digest(
HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbHashData,
ULONG *pulHashLen)
{
if (!pbHashData || !pulHashLen) {
return SAR_INVALIDPARAMERR;
}
memset(pbHashData, 'h', 32);
*pulHashLen = 32;
return SAR_OK;
}
ULONG DEVAPI SKF_DigestUpdate(
HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_DigestFinal(
HANDLE hHash,
BYTE *pbHashData,
ULONG *pulHashLen)
{
if (!pbHashData || !pulHashLen) {
return SAR_INVALIDPARAMERR;
}
memset(pbHashData, 'h', 32);
*pulHashLen = 32;
return SAR_OK;
}
ULONG DEVAPI SKF_MacInit(
HANDLE hKey,
BLOCKCIPHERPARAM *pMacParam,
HANDLE *phMac)
{
if (!phMac) {
return SAR_INVALIDPARAMERR;
}
*phMac = hMacHandle;
return SAR_OK;
}
ULONG DEVAPI SKF_Mac(
HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbMacData,
ULONG *pulMacLen)
{
if (!pbMacData || !pulMacLen) {
return SAR_INVALIDPARAMERR;
}
memset(pbMacData, 'm', 32);
*pulMacLen = 32;
return SAR_OK;
}
ULONG DEVAPI SKF_MacUpdate(
HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_MacFinal(
HANDLE hMac,
BYTE *pbMacData,
ULONG *pulMacDataLen)
{
if (!pbMacData || !pulMacDataLen) {
return SAR_INVALIDPARAMERR;
}
memset(pbMacData, 'm', 32);
*pulMacDataLen = 32;
return SAR_OK;
}
ULONG DEVAPI SKF_CloseHandle(
HANDLE hHandle)
{
return SAR_OK;
}

272
crypto/skf/skf_ec.c
View File

@@ -1,272 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/gmskf.h>
#include "skf_lcl.h"
ULONG DEVAPI SKF_GenExtECCKeyPair(DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *priKey,
ECCPUBLICKEYBLOB *pubKey)
{
ULONG ret = SAR_FAIL;
EC_KEY *ec_key = NULL;
if(!(ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
SKFerr(SKF_F_SKF_GENEXTECCKEYPAIR, ERR_R_EC_LIB);
return SAR_FAIL;
}
if (!EC_KEY_get_ECCPRIVATEKEYBLOB(ec_key, priKey)) {
SKFerr(SKF_F_SKF_GENEXTECCKEYPAIR, SKF_R_GET_PRIVATE_KEY_FAILED);
goto end;
}
if (!EC_KEY_get_ECCPUBLICKEYBLOB(ec_key, pubKey)) {
SKFerr(SKF_F_SKF_GENEXTECCKEYPAIR, SKF_R_GET_PUBLIC_KEY_FAILED);
goto end;
}
ret = SAR_OK;
end:
EC_KEY_free(ec_key);
return ret;
}
ULONG DEVAPI SKF_ExtECCSign(DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
ULONG ret = SAR_FAIL;
EC_KEY *ec_key = NULL;
ECDSA_SIG *sig = NULL;
if (!pECCPriKeyBlob || !pbData || !pSignature) {
SKFerr(SKF_F_SKF_EXTECCSIGN, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (ulDataLen != SM3_DIGEST_LENGTH) {
SKFerr(SKF_F_SKF_EXTECCSIGN, SKF_R_INVALID_DIGEST_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!(ec_key = EC_KEY_new_from_ECCPRIVATEKEYBLOB(pECCPriKeyBlob))) {
SKFerr(SKF_F_SKF_EXTECCSIGN, SKF_R_INVALID_ECC_PRIVATE_KEY);
goto end;
}
if (!(sig = SM2_do_sign(pbData, (int)ulDataLen, ec_key))) {
SKFerr(SKF_F_SKF_EXTECCSIGN, SKF_R_SIGN_FAILED);
goto end;
}
if (!ECDSA_SIG_get_ECCSIGNATUREBLOB(sig, pSignature)) {
SKFerr(SKF_F_SKF_EXTECCSIGN, SKF_R_ENCODE_SIGNATURE_FAILED);
goto end;
}
ret = SAR_OK;
end:
EC_KEY_free(ec_key);
ECDSA_SIG_free(sig);
return ret;
}
ULONG DEVAPI SKF_ExtECCVerify(DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
ULONG ret = SAR_FAIL;
EC_KEY *ec_key = NULL;
ECDSA_SIG *sig = NULL;
if (!pECCPubKeyBlob || !pbData || pSignature) {
SKFerr(SKF_F_SKF_EXTECCVERIFY, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (ulDataLen != SM3_DIGEST_LENGTH) {
SKFerr(SKF_F_SKF_EXTECCVERIFY, SKF_R_INVALID_DIGEST_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!(ec_key = EC_KEY_new_from_ECCPUBLICKEYBLOB(pECCPubKeyBlob))) {
SKFerr(SKF_F_SKF_EXTECCVERIFY, SKF_R_INVALID_ECC_PUBLIC_KEY);
goto end;
}
if (!(sig = ECDSA_SIG_new_from_ECCSIGNATUREBLOB(pSignature))) {
SKFerr(SKF_F_SKF_EXTECCVERIFY, SKF_R_INVALID_SIGNATURE);
goto end;
}
if (1 != SM2_do_verify(pbData, (int)ulDataLen, sig, ec_key)) {
SKFerr(SKF_F_SKF_EXTECCVERIFY, SKF_R_VERIFY_NOT_PASS);
goto end;
}
ret = SAR_OK;
end:
EC_KEY_free(ec_key);
ECDSA_SIG_free(sig);
return ret;
}
ULONG DEVAPI SKF_ECCVerify(DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
return SKF_ExtECCVerify(hDev, pECCPubKeyBlob, pbData, ulDataLen, pSignature);
}
ULONG DEVAPI SKF_ExtECCEncrypt(DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbPlainText,
ULONG ulPlainTextLen,
ECCCIPHERBLOB *pCipherText)
{
ULONG ret = SAR_FAIL;
EC_KEY *ec_key = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
SM2_ENC_PARAMS params;
if (!pECCPubKeyBlob || !pbPlainText || !pCipherText) {
SKFerr(SKF_F_SKF_EXTECCENCRYPT, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (ulPlainTextLen <= 0) {
SKFerr(SKF_F_SKF_EXTECCENCRYPT, SKF_R_INVALID_PLAINTEXT_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!(ec_key = EC_KEY_new_from_ECCPUBLICKEYBLOB(pECCPubKeyBlob))) {
SKFerr(SKF_F_SKF_EXTECCENCRYPT, SKF_R_INVALID_EC_PUBLIC_KEY);
goto end;
}
SM2_ENC_PARAMS_init_with_recommended(&params);
if (!(cv = SM2_do_encrypt(&params, pbPlainText, ulPlainTextLen, ec_key))) {
SKFerr(SKF_F_SKF_EXTECCENCRYPT, SKF_R_ENCRYPT_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(cv, pCipherText)) {
SKFerr(SKF_F_SKF_EXTECCENCRYPT, SKF_R_ENCODE_CIPHERTEXT_FAILED);
goto end;
}
ret = SAR_OK;
end:
EC_KEY_free(ec_key);
SM2_CIPHERTEXT_VALUE_free(cv);
return ret;
}
ULONG DEVAPI SKF_ExtECCDecrypt(DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
ECCCIPHERBLOB *pCipherText,
BYTE *pbPlainText,
ULONG *pulPlainTextLen)
{
ULONG ret = SAR_FAIL;
EC_KEY *ec_key = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
SM2_ENC_PARAMS params;
size_t len;
if (!pECCPriKeyBlob || !pCipherText || !pulPlainTextLen) {
SKFerr(SKF_F_SKF_EXTECCDECRYPT, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (pCipherText->CipherLen <= 0) {
SKFerr(SKF_F_SKF_EXTECCDECRYPT, SKF_R_INVALID_CIPHERTEXT_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!pbPlainText) {
*pulPlainTextLen = pCipherText->CipherLen;
return SAR_OK;
}
if (!(ec_key = EC_KEY_new_from_ECCPRIVATEKEYBLOB(pECCPriKeyBlob))) {
SKFerr(SKF_F_SKF_EXTECCDECRYPT, SKF_R_INVALID_EC_PRIVATE_KEY);
goto end;
}
if (!(cv = SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(pCipherText))) {
SKFerr(SKF_F_SKF_EXTECCDECRYPT, SKF_R_INVALID_CIPHERTEXT);
goto end;
}
SM2_ENC_PARAMS_init_with_recommended(&params);
len = *pulPlainTextLen; //FIXME: check length?
if (!SM2_do_decrypt(&params, cv, pbPlainText, &len, ec_key)) {
SKFerr(SKF_F_SKF_EXTECCDECRYPT, SKF_R_DECRYPT_FAILED);
goto end;
}
*pulPlainTextLen = (ULONG)len;
ret = SAR_OK;
end:
EC_KEY_free(ec_key);
SM2_CIPHERTEXT_VALUE_free(cv);
return ret;
}

404
crypto/skf/skf_enc.c
View File

@@ -1,404 +0,0 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/sms4.h>
#include <openssl/gmskf.h>
#include "skf_lcl.h"
#define PADDING_TYPE_NO_PADDING 0
#define PADDING_TYPE_PKCS5 1
/*
229 typedef struct Struct_BLOCKCIPHERPARAM {
230 BYTE IV[MAX_IV_LEN];
231 ULONG IVLen;
232 ULONG PaddingType;
233 ULONG FeedBitLen;
234 } BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM;
*/
int SKF_nid_to_encparams(int nid, ULONG *algID, BLOCKCIPHERPARAM *params)
{
ULONG ulAlgID = 0;
switch (nid) {
case NID_ssf33_ecb:
ulAlgID = SGD_SSF33_ECB;
break;
case NID_ssf33_cbc:
ulAlgID = SGD_SSF33_CBC;
break;
case NID_ssf33_cfb1:
case NID_ssf33_cfb8:
case NID_ssf33_cfb128:
ulAlgID = SGD_SSF33_CFB;
break;
case NID_ssf33_ofb128:
ulAlgID = SGD_SSF33_OFB;
break;
case NID_sm1_ecb:
ulAlgID = SGD_SM1_ECB;
break;
case NID_sm1_cbc:
ulAlgID = SGD_SM1_CBC;
break;
case NID_sm1_cfb1:
case NID_sm1_cfb8:
case NID_sm1_cfb128:
ulAlgID = SGD_SM1_CFB;
break;
case NID_sm1_ofb128:
ulAlgID = SGD_SM1_OFB;
break;
case NID_sms4_ecb:
ulAlgID = SGD_SM4_ECB;
break;
case NID_sms4_cbc:
ulAlgID = SGD_SM4_CBC;
break;
case NID_sms4_cfb1:
case NID_sms4_cfb8:
case NID_sms4_cfb128:
ulAlgID = SGD_SM4_CFB;
break;
case NID_sms4_ofb128:
ulAlgID = SGD_SM4_OFB;
break;
default:
return 0;
}
*algID = ulAlgID;
switch (nid) {
case NID_sm1_cfb1:
case NID_sms4_cfb1:
case NID_ssf33_cfb1:
params->FeedBitLen = 1;
break;
case NID_sm1_cfb8:
case NID_sms4_cfb8:
case NID_ssf33_cfb8:
params->FeedBitLen = 8;
break;
case NID_sm1_cfb128:
case NID_sms4_cfb128:
case NID_ssf33_cfb128:
params->FeedBitLen = 128;
break;
default:
params->FeedBitLen = 0;
}
switch (nid) {
case NID_sm1_cbc:
case NID_sms4_cbc:
case NID_ssf33_cbc:
params->PaddingType = SKF_PKCS5_PADDING;
break;
default:
params->PaddingType = SKF_NO_PADDING;
}
return 1;
}
ULONG DEVAPI SKF_EncryptInit(HANDLE hKey,
BLOCKCIPHERPARAM encryptParam)
{
ULONG ret = SAR_FAIL;
BLOCKCIPHERPARAM *encparam = &encryptParam;
EVP_CIPHER_CTX *ctx = NULL;
const EVP_CIPHER *cipher;
unsigned char *key;
unsigned char *iv;
if (!(cipher = SKF_HANDLE_get_cipher(hKey, encparam))) {
SKFerr(SKF_F_SKF_ENCRYPTINIT, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!(key = SKF_HANDLE_get_key(hKey))) {
SKFerr(SKF_F_SKF_ENCRYPTINIT, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (encparam->IVLen != SMS4_IV_LENGTH) {
SKFerr(SKF_F_SKF_ENCRYPTINIT, SKF_R_INVALID_IV_LENGTH);
return SAR_INVALIDPARAMERR;
}
iv = encparam->IV;
if (!(ctx = EVP_CIPHER_CTX_new())) {
SKFerr(SKF_F_SKF_ENCRYPTINIT, ERR_R_EVP_LIB);
return SAR_INVALIDPARAMERR;
}
if (!EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) {
SKFerr(SKF_F_SKF_ENCRYPTINIT, ERR_R_EVP_LIB);
goto end;
}
((SKF_HANDLE *)hKey)->type = SKF_CIPHER_HANDLE;
((SKF_HANDLE *)hKey)->u.cipher_ctx = ctx;
ctx = NULL;
ret = SAR_OK;
end:
EVP_CIPHER_CTX_free(ctx);
return ret;
}
ULONG DEVAPI SKF_EncryptUpdate(HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen)
{
EVP_CIPHER_CTX *ctx;
int inlen, outlen;
if (!(ctx = SKF_HANDLE_get_cipher_ctx(hKey))) {
SKFerr(SKF_F_SKF_ENCRYPTUPDATE, SKF_R_INVALID_CIPHER_CTX_HANDLE);
return SAR_INVALIDPARAMERR;
}
//FIXME: check INT_MAX
inlen = ulDataLen;
outlen = *pulEncryptedLen;
if (!EVP_EncryptUpdate(ctx, pbEncryptedData, &outlen, pbData, inlen)) {
SKFerr(SKF_F_SKF_ENCRYPTUPDATE, ERR_R_EVP_LIB);
return SAR_FAIL;
}
*pulEncryptedLen = outlen;
return SAR_OK;
}
ULONG DEVAPI SKF_EncryptFinal(HANDLE hKey,
BYTE *pbEncryptedData,
ULONG *pulEncryptedDataLen)
{
EVP_CIPHER_CTX *ctx;
int outlen;
if (!(ctx = SKF_HANDLE_get_cipher_ctx(hKey))) {
SKFerr(SKF_F_SKF_ENCRYPTFINAL, SKF_R_INVALID_CIPHER_CTX_HANDLE);
return SAR_INVALIDPARAMERR;
}
outlen = *pulEncryptedDataLen;
if (!EVP_EncryptFinal(ctx, pbEncryptedData, &outlen)) {
SKFerr(SKF_F_SKF_ENCRYPTFINAL, ERR_R_EVP_LIB);
return SAR_FAIL;
}
*pulEncryptedDataLen = outlen;
EVP_CIPHER_CTX_free(ctx);
((SKF_HANDLE *)hKey)->u.cipher_ctx = NULL;
((SKF_HANDLE *)hKey)->type = SKF_KEY_HANDLE;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptInit(HANDLE hKey,
BLOCKCIPHERPARAM DecryptParam)
{
ULONG ret = SAR_FAIL;
BLOCKCIPHERPARAM *param = &DecryptParam;
EVP_CIPHER_CTX *ctx = NULL;
const EVP_CIPHER *cipher;
unsigned char *key;
unsigned char *iv;
if (!(cipher = SKF_HANDLE_get_cipher(hKey, param))) {
SKFerr(SKF_F_SKF_DECRYPTINIT, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!(key = SKF_HANDLE_get_key(hKey))) {
SKFerr(SKF_F_SKF_DECRYPTINIT, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (param->IVLen != SMS4_IV_LENGTH) {
SKFerr(SKF_F_SKF_DECRYPTINIT, SKF_R_INVALID_IV_LENGTH);
ret = SAR_INVALIDPARAMERR;
goto end;
}
iv = param->IV;
if (!(ctx = EVP_CIPHER_CTX_new())) {
SKFerr(SKF_F_SKF_DECRYPTINIT, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv)) {
SKFerr(SKF_F_SKF_DECRYPTINIT, ERR_R_EVP_LIB);
goto end;
}
((SKF_HANDLE *)hKey)->type = SKF_CIPHER_HANDLE;
((SKF_HANDLE *)hKey)->u.cipher_ctx = ctx;
ctx = NULL;
ret = SAR_OK;
end:
EVP_CIPHER_CTX_free(ctx);
return ret;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptUpdate(HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen)
{
EVP_CIPHER_CTX *ctx;
int inlen, outlen;
if (!(ctx = SKF_HANDLE_get_cipher_ctx(hKey))) {
SKFerr(SKF_F_SKF_DECRYPTUPDATE, SKF_R_INVALID_CIPHER_CTX_HANDLE);
return SAR_INVALIDPARAMERR;
}
//FIXME: check INT_MAX
inlen = ulEncryptedLen;
outlen = *pulDataLen;
if (!EVP_DecryptUpdate(ctx, pbData, &outlen, pbEncryptedData, inlen)) {
SKFerr(SKF_F_SKF_DECRYPTUPDATE, ERR_R_EVP_LIB);
return SAR_FAIL;
}
*pulDataLen = outlen;
return SAR_OK;
}
ULONG DEVAPI SKF_DecryptFinal(HANDLE hKey,
BYTE *pbDecryptedData,
ULONG *pulDecryptedDataLen)
{
EVP_CIPHER_CTX *ctx;
int len;
if (!(ctx = SKF_HANDLE_get_cipher_ctx(hKey))) {
SKFerr(SKF_F_SKF_DECRYPTFINAL, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!EVP_DecryptFinal(ctx, pbDecryptedData, &len)) {
return SAR_FAIL;
}
*pulDecryptedDataLen = len;
EVP_CIPHER_CTX_free(ctx);
((SKF_HANDLE *)hKey)->u.cipher_ctx = NULL;
((SKF_HANDLE *)hKey)->type = SKF_KEY_HANDLE;
return SAR_OK;
}
ULONG DEVAPI SKF_Encrypt(HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen)
{
ULONG rv;
BYTE *p;
ULONG len;
p = pbEncryptedData;
len = *pulEncryptedLen;
if ((rv = SKF_EncryptUpdate(hKey, pbData, ulDataLen, p, &len)) != SAR_OK) {
SKFerr(SKF_F_SKF_ENCRYPT, ERR_R_GMAPI_LIB);
return rv;
}
p += len;
len = *pulEncryptedLen - len;
if ((rv = SKF_EncryptFinal(hKey, p, &len)) != SAR_OK) {
SKFerr(SKF_F_SKF_ENCRYPT, ERR_R_GMAPI_LIB);
return rv;
}
*pulEncryptedLen = p + len - pbEncryptedData;
return SAR_OK;
}
ULONG DEVAPI SKF_Decrypt(HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen)
{
ULONG rv;
BYTE *p;
ULONG len;
p = pbData;
len = *pulDataLen;
if ((rv = SKF_DecryptUpdate(hKey, pbEncryptedData, ulEncryptedLen, p, &len)) != SAR_OK) {
SKFerr(SKF_F_SKF_DECRYPT, ERR_R_GMAPI_LIB);
return rv;
}
p += len;
len = *pulDataLen - len;
if ((rv = SKF_DecryptFinal(hKey, p, &len)) != SAR_OK) {
SKFerr(SKF_F_SKF_DECRYPT, ERR_R_GMAPI_LIB);
return rv;
}
*pulDataLen = p + len - pbData;
return SAR_OK;
}

122
crypto/skf/skf_err.c
View File

@@ -1,122 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/gmskf.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SKF,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SKF,0,reason)
static ERR_STRING_DATA SKF_str_functs[] = {
{ERR_FUNC(SKF_F_SKF_CLOSEHANDLE), "SKF_CloseHandle"},
{ERR_FUNC(SKF_F_SKF_DECRYPT), "SKF_Decrypt"},
{ERR_FUNC(SKF_F_SKF_DECRYPTFINAL), "SKF_DecryptFinal"},
{ERR_FUNC(SKF_F_SKF_DECRYPTINIT), "SKF_DecryptInit"},
{ERR_FUNC(SKF_F_SKF_DECRYPTUPDATE), "SKF_DecryptUpdate"},
{ERR_FUNC(SKF_F_SKF_DIGEST), "SKF_Digest"},
{ERR_FUNC(SKF_F_SKF_DIGESTFINAL), "SKF_DigestFinal"},
{ERR_FUNC(SKF_F_SKF_DIGESTINIT), "SKF_DigestInit"},
{ERR_FUNC(SKF_F_SKF_DIGESTUPDATE), "SKF_DigestUpdate"},
{ERR_FUNC(SKF_F_SKF_ENCRYPT), "SKF_Encrypt"},
{ERR_FUNC(SKF_F_SKF_ENCRYPTFINAL), "SKF_EncryptFinal"},
{ERR_FUNC(SKF_F_SKF_ENCRYPTINIT), "SKF_EncryptInit"},
{ERR_FUNC(SKF_F_SKF_ENCRYPTUPDATE), "SKF_EncryptUpdate"},
{ERR_FUNC(SKF_F_SKF_EXTECCDECRYPT), "SKF_ExtECCDecrypt"},
{ERR_FUNC(SKF_F_SKF_EXTECCENCRYPT), "SKF_ExtECCEncrypt"},
{ERR_FUNC(SKF_F_SKF_EXTECCSIGN), "SKF_ExtECCSign"},
{ERR_FUNC(SKF_F_SKF_EXTECCVERIFY), "SKF_ExtECCVerify"},
{ERR_FUNC(SKF_F_SKF_EXTRSAPRIKEYOPERATION), "SKF_ExtRSAPriKeyOperation"},
{ERR_FUNC(SKF_F_SKF_EXTRSAPUBKEYOPERATION), "SKF_ExtRSAPubKeyOperation"},
{ERR_FUNC(SKF_F_SKF_GENEXTECCKEYPAIR), "SKF_GenExtECCKeyPair"},
{ERR_FUNC(SKF_F_SKF_GENEXTRSAKEY), "SKF_GenExtRSAKey"},
{ERR_FUNC(SKF_F_SKF_GENRANDOM), "SKF_GenRandom"},
{ERR_FUNC(SKF_F_SKF_GETDEVINFO), "SKF_GetDevInfo"},
{ERR_FUNC(SKF_F_SKF_GETDEVSTATE), "SKF_GetDevState"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_CBCMAC_CTX), "SKF_HANDLE_get_cbcmac_ctx"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_CIPHER), "SKF_HANDLE_get_cipher"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_CIPHER_CTX), "SKF_HANDLE_get_cipher_ctx"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_CMAC_CTX), "SKF_HANDLE_get_cmac_ctx"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_KEY), "SKF_HANDLE_get_key"},
{ERR_FUNC(SKF_F_SKF_HANDLE_GET_MD_CTX), "SKF_HANDLE_get_md_ctx"},
{ERR_FUNC(SKF_F_SKF_MAC), "SKF_Mac"},
{ERR_FUNC(SKF_F_SKF_MACFINAL), "SKF_MacFinal"},
{ERR_FUNC(SKF_F_SKF_MACINIT), "SKF_MacInit"},
{ERR_FUNC(SKF_F_SKF_MACUPDATE), "SKF_MacUpdate"},
{ERR_FUNC(SKF_F_SKF_SETSYMMKEY), "SKF_SetSymmKey"},
{0, NULL}
};
static ERR_STRING_DATA SKF_str_reasons[] = {
{ERR_REASON(SKF_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(SKF_R_CTX_NOT_CREATED), "ctx not created"},
{ERR_REASON(SKF_R_DECRYPT_FAILED), "decrypt failed"},
{ERR_REASON(SKF_R_ENCODE_CIPHERTEXT_FAILED), "encode ciphertext failed"},
{ERR_REASON(SKF_R_ENCODE_FAILED), "encode failed"},
{ERR_REASON(SKF_R_ENCODE_SIGNATURE_FAILED), "encode signature failed"},
{ERR_REASON(SKF_R_ENCRYPT_FAILED), "encrypt failed"},
{ERR_REASON(SKF_R_FAIL), "fail"},
{ERR_REASON(SKF_R_GEN_RSA_FAILED), "gen rsa failed"},
{ERR_REASON(SKF_R_GET_PRIVATE_KEY_FAILED), "get private key failed"},
{ERR_REASON(SKF_R_GET_PUBLIC_KEY_FAILED), "get public key failed"},
{ERR_REASON(SKF_R_INVALID_ALGID), "invalid algid"},
{ERR_REASON(SKF_R_INVALID_ALGOR), "invalid algor"},
{ERR_REASON(SKF_R_INVALID_ARGUMENTS), "invalid arguments"},
{ERR_REASON(SKF_R_INVALID_BLOB), "invalid blob"},
{ERR_REASON(SKF_R_INVALID_CIPHERTEXT), "invalid ciphertext"},
{ERR_REASON(SKF_R_INVALID_CIPHERTEXT_LENGTH),
"invalid ciphertext length"},
{ERR_REASON(SKF_R_INVALID_CIPHER_CTX_HANDLE),
"invalid cipher ctx handle"},
{ERR_REASON(SKF_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
{ERR_REASON(SKF_R_INVALID_ECC_PRIVATE_KEY), "invalid ecc private key"},
{ERR_REASON(SKF_R_INVALID_ECC_PUBLIC_KEY), "invalid ecc public key"},
{ERR_REASON(SKF_R_INVALID_EC_PRIVATE_KEY), "invalid ec private key"},
{ERR_REASON(SKF_R_INVALID_EC_PUBLIC_KEY), "invalid ec public key"},
{ERR_REASON(SKF_R_INVALID_FEED_BIT_LENGTH), "invalid feed bit length"},
{ERR_REASON(SKF_R_INVALID_HANDLE), "invalid handle"},
{ERR_REASON(SKF_R_INVALID_HANDLE_ALGOR), "invalid handle algor"},
{ERR_REASON(SKF_R_INVALID_HANDLE_MAGIC), "invalid handle magic"},
{ERR_REASON(SKF_R_INVALID_HANDLE_TYPE), "invalid handle type"},
{ERR_REASON(SKF_R_INVALID_HASH_HANDLE), "invalid hash handle"},
{ERR_REASON(SKF_R_INVALID_ID_LENGTH), "invalid id length"},
{ERR_REASON(SKF_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(SKF_R_INVALID_IV_LENGTH), "invalid iv length"},
{ERR_REASON(SKF_R_INVALID_KEY_HANDLE), "invalid key handle"},
{ERR_REASON(SKF_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(SKF_R_INVALID_MAC_HANDLE), "invalid mac handle"},
{ERR_REASON(SKF_R_INVALID_PLAINTEXT_LENGTH), "invalid plaintext length"},
{ERR_REASON(SKF_R_INVALID_RANDOM_LENGTH), "invalid random length"},
{ERR_REASON(SKF_R_INVALID_RSA_PUBLIC_KEY), "invalid rsa public key"},
{ERR_REASON(SKF_R_INVALID_SIGNATURE), "invalid signature"},
{ERR_REASON(SKF_R_MALLOC_FAILED), "malloc failed"},
{ERR_REASON(SKF_R_NO_PUBLIC_KEY), "no public key"},
{ERR_REASON(SKF_R_NULL_ARGUMENT), "null argument"},
{ERR_REASON(SKF_R_SIGN_FAILED), "sign failed"},
{ERR_REASON(SKF_R_VERIFY_NOT_PASS), "verify not pass"},
{0, NULL}
};
#endif
int ERR_load_SKF_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(SKF_str_functs[0].error) == NULL) {
ERR_load_strings(0, SKF_str_functs);
ERR_load_strings(0, SKF_str_reasons);
}
#endif
return 1;
}

248
crypto/skf/skf_handle.c
View File

@@ -1,248 +0,0 @@
/* crypto/gmapi/skf_handle.c */
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/gmskf.h>
#include <openssl/gmapi.h>
#include "skf_lcl.h"
unsigned char *SKF_HANDLE_get_key(HANDLE hKey)
{
SKF_HANDLE *handle;
if (!(handle = (SKF_HANDLE *)hKey)) {
SKFerr(SKF_F_SKF_HANDLE_GET_KEY, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (handle->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_HANDLE_GET_KEY, SKF_R_INVALID_HANDLE_MAGIC);
return NULL;
}
if (handle->type < SKF_KEY_HANDLE) {
SKFerr(SKF_F_SKF_HANDLE_GET_KEY, SKF_R_INVALID_HANDLE_TYPE);
return NULL;
}
switch (handle->algid) {
case SGD_SM4_ECB:
case SGD_SM4_CBC:
case SGD_SM4_CFB:
case SGD_SM4_OFB:
case SGD_SM4_MAC:
break;
default:
SKFerr(SKF_F_SKF_HANDLE_GET_KEY, SKF_R_INVALID_ALGOR);
return NULL;
}
if (!handle->keylen) {
SKFerr(SKF_F_SKF_HANDLE_GET_KEY, SKF_R_INVALID_KEY_HANDLE);
return NULL;
}
return handle->key;
}
const EVP_CIPHER *SKF_HANDLE_get_cipher(HANDLE hKey, BLOCKCIPHERPARAM *param)
{
SKF_HANDLE *handle = (SKF_HANDLE *)hKey;
if (!SKF_HANDLE_get_key(hKey)) {
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER, SKF_R_INVALID_KEY_HANDLE);
return NULL;
}
switch (handle->algid) {
case SGD_SM4_ECB:
return EVP_sms4_ecb();
case SGD_SM4_CBC:
return EVP_sms4_cbc();
case SGD_SM4_OFB:
return EVP_sms4_ofb();
case SGD_SM4_CFB:
switch (param->FeedBitLen) {
case 1: return EVP_sms4_cfb1();
case 8: return EVP_sms4_cfb8();
case 128: return EVP_sms4_cfb128();
}
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER, SKF_R_INVALID_FEED_BIT_LENGTH);
return NULL;
}
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER, SKF_R_INVALID_HANDLE_ALGOR);
return NULL;
}
EVP_MD_CTX *SKF_HANDLE_get_md_ctx(HANDLE hHash)
{
EVP_MD_CTX *ret;
SKF_HANDLE *handle;
if (!(handle = (SKF_HANDLE *)hHash)) {
SKFerr(SKF_F_SKF_HANDLE_GET_MD_CTX, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (handle->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_HANDLE_GET_MD_CTX, SKF_R_INVALID_HANDLE_MAGIC);
return NULL;
}
if (handle->type != SKF_HASH_HANDLE) {
SKFerr(SKF_F_SKF_HANDLE_GET_MD_CTX, SKF_R_INVALID_HANDLE_TYPE);
return NULL;
}
if (!(ret = handle->u.md_ctx)) {
SKFerr(SKF_F_SKF_HANDLE_GET_MD_CTX, SKF_R_CTX_NOT_CREATED);
return NULL;
}
return ret;
}
CMAC_CTX *SKF_HANDLE_get_cmac_ctx(HANDLE hMac)
{
CMAC_CTX *ret;
SKF_HANDLE *handle;
if (!(handle = (SKF_HANDLE *)hMac)) {
SKFerr(SKF_F_SKF_HANDLE_GET_CMAC_CTX, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (handle->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_HANDLE_GET_CMAC_CTX, SKF_R_INVALID_HANDLE_MAGIC);
return NULL;
}
if (handle->type != SKF_MAC_HANDLE) {
SKFerr(SKF_F_SKF_HANDLE_GET_CMAC_CTX, SKF_R_INVALID_HANDLE_TYPE);
return NULL;
}
if (!(ret = handle->u.cbcmac_ctx)) {
SKFerr(SKF_F_SKF_HANDLE_GET_CMAC_CTX, SKF_R_CTX_NOT_CREATED);
return NULL;
}
return ret;
}
EVP_CIPHER_CTX *SKF_HANDLE_get_cipher_ctx(HANDLE hKey)
{
EVP_CIPHER_CTX *ret;
SKF_HANDLE *handle;
if (!(handle = (SKF_HANDLE *)hKey)) {
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER_CTX, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (handle->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER_CTX, SKF_R_INVALID_HANDLE_MAGIC);
return NULL;
}
if (handle->type != SKF_CIPHER_HANDLE) {
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER_CTX, SKF_R_INVALID_HANDLE_TYPE);
return NULL;
}
if (!(ret = handle->u.cipher_ctx)) {
SKFerr(SKF_F_SKF_HANDLE_GET_CIPHER_CTX, SKF_R_CTX_NOT_CREATED);
return NULL;
}
return ret;
}
int SKF_HANDLE_free(HANDLE handle)
{
return 0;
}
HANDLE SKF_HANDLE_new(int type)
{
return NULL;
}
ULONG DEVAPI SKF_CloseHandle(HANDLE hHandle)
{
SKF_HANDLE *handle;
return SAR_OK; //FIXME:
if (!(handle = (SKF_HANDLE *)hHandle)) {
return SAR_OK;
}
if (handle->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_CLOSEHANDLE, SKF_R_INVALID_HANDLE_MAGIC);
return SAR_INVALIDPARAMERR;
}
switch (handle->type) {
case SKF_KEY_HANDLE:
OPENSSL_cleanse(handle->key, EVP_MAX_KEY_LENGTH);
// FIXME: we need to make sure there are no pending operation
if (handle->u.cipher_ctx) {
EVP_CIPHER_CTX_cleanup(handle->u.cipher_ctx);
}
break;
case SKF_MAC_HANDLE:
CMAC_CTX_cleanup(handle->u.cbcmac_ctx);
break;
case SKF_HASH_HANDLE:
EVP_MD_CTX_cleanup(handle->u.md_ctx);
break;
default:
SKFerr(SKF_F_SKF_CLOSEHANDLE, SKF_R_INVALID_HANDLE_TYPE);
return SAR_INVALIDPARAMERR;
}
/* now we remove this handle from list */
return SAR_OK;
}

16
crypto/skf/skf_handle.d.tmp
View File

@@ -1,16 +0,0 @@
crypto/skf/skf_handle.o: crypto/skf/skf_handle.c include/openssl/gmskf.h \
include/openssl/sgd.h include/openssl/skf.h include/openssl/gmapi.h \
include/openssl/ec.h include/openssl/opensslconf.h \
include/openssl/asn1.h include/openssl/e_os2.h include/openssl/bio.h \
include/openssl/crypto.h include/openssl/stack.h \
include/openssl/safestack.h include/openssl/opensslv.h \
include/openssl/ossl_typ.h include/openssl/symhacks.h \
include/openssl/bn.h include/openssl/sm2.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/evp.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/kdf2.h include/openssl/kdf.h include/openssl/x509.h \
include/openssl/buffer.h include/openssl/rsa.h include/openssl/dsa.h \
include/openssl/dh.h include/openssl/sha.h include/openssl/x509_vfy.h \
include/openssl/pkcs7.h include/openssl/ecdsa.h include/openssl/sm3.h \
include/openssl/saf.h include/openssl/sdf.h include/openssl/sof.h \
crypto/skf/skf_lcl.h include/openssl/cmac.h

107
crypto/skf/skf_lcl.h
View File

@@ -1,107 +0,0 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_GMAPI_LCL_H
#define HEADER_GMAPI_LCL_H
#include <openssl/evp.h>
#include <openssl/cmac.h>
#ifdef __cplusplus
extern "C" {
#endif
#define SKF_HANDLE_MAGIC 0x31323334
#define SKF_HASH_HANDLE 1
#define SKF_MAC_HANDLE 2
#define SKF_KEY_HANDLE 10
#define SKF_CIPHER_HANDLE 11
typedef struct {
CMAC_CTX *ctx;
int inited;
} SAF_MAC_CTX;
typedef struct {
CMAC_CTX *cbcmac_ctx;
EVP_CIPHER_CTX *cipher_ctx;
unsigned char *key;
unsigned int keylen;
const EVP_CIPHER *cipher;
} SAF_KEY_HANDLE;
struct SKF_HANDLE {
unsigned int magic;
int type;
int algid;
unsigned int keylen;
unsigned char key[EVP_MAX_KEY_LENGTH];
union {
EVP_MD_CTX *md_ctx;
CMAC_CTX *cbcmac_ctx;
EVP_CIPHER_CTX *cipher_ctx;
} u;
struct SKF_HANDLE *next;
struct SKF_HANDLE *prev;
};
typedef struct SKF_HANDLE SKF_HANDLE;
EVP_MD_CTX *SKF_HANDLE_get_md_ctx(HANDLE hHash);
CMAC_CTX *SKF_HANDLE_get_cbcmac_ctx(HANDLE hMac);
const EVP_CIPHER *SKF_HANDLE_get_cipher(HANDLE hKey, BLOCKCIPHERPARAM *param);
EVP_CIPHER_CTX *SKF_HANDLE_get_cipher_ctx(HANDLE hKey);
unsigned char *SKF_HANDLE_get_key(HANDLE hKey);
#ifdef __cplusplus
}
#endif
#endif

1280
crypto/skf/skf_lib.c Normal file
View File

File diff suppressed because it is too large Load Diff

180
crypto/skf/skf_mac.c
View File

@@ -1,180 +0,0 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/sms4.h>
#include <openssl/cmac.h>
#include <openssl/gmskf.h>
#include "skf_lcl.h"
ULONG DEVAPI SKF_MacInit(HANDLE hKey,
BLOCKCIPHERPARAM *pMacParam,
HANDLE *phMac)
{
SKF_HANDLE *key;
SKF_HANDLE *hMac = NULL;
const EVP_CIPHER *cipher;
if (!(key = (SKF_HANDLE *)hKey)) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
//TODO: check pMacParam
if (key->magic != SKF_HANDLE_MAGIC) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_INVALID_HANDLE_MAGIC);
return SAR_INVALIDPARAMERR;
}
if (key->type < SKF_KEY_HANDLE) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_INVALID_KEY_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (key->algid != SGD_SM4_MAC) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_INVALID_ALGOR);
return SAR_INVALIDPARAMERR;
}
cipher = EVP_sms4_ecb();
if (key->keylen < SMS4_KEY_LENGTH) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_INVALID_KEY_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!(hMac = OPENSSL_malloc(sizeof(*hMac)))) {
SKFerr(SKF_F_SKF_MACINIT, SKF_R_FAIL);
return SAR_FAIL;
}
hMac->magic = SKF_HANDLE_MAGIC;
hMac->type = SKF_MAC_HANDLE;
hMac->algid = key->algid;
if (!(hMac->u.cbcmac_ctx = CMAC_CTX_new())) {
SKFerr(SKF_F_SKF_MACINIT, ERR_R_GMAPI_LIB);
goto end;
}
if (!CMAC_Init(hMac->u.cbcmac_ctx, key->key, key->keylen, cipher, NULL)) {
SKFerr(SKF_F_SKF_MACINIT, ERR_R_GMAPI_LIB);
return SAR_FAIL;
}
*phMac = hMac;
end:
return SAR_OK;
}
ULONG DEVAPI SKF_MacUpdate(HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen)
{
CMAC_CTX *ctx;
if (!(ctx = SKF_HANDLE_get_cbcmac_ctx(hMac))) {
SKFerr(SKF_F_SKF_MACUPDATE, SKF_R_INVALID_MAC_HANDLE);
return SAR_INVALIDPARAMERR;
}
if (!CMAC_Update(ctx, pbData, ulDataLen)) {
SKFerr(SKF_F_SKF_MACUPDATE, ERR_R_GMAPI_LIB);
return SAR_FAIL;
}
return SAR_OK;
}
ULONG DEVAPI SKF_MacFinal(HANDLE hMac,
BYTE *pbMacData,
ULONG *pulMacDataLen)
{
CMAC_CTX *ctx;
size_t size;
if (!(ctx = SKF_HANDLE_get_cbcmac_ctx(hMac))) {
SKFerr(SKF_F_SKF_MACFINAL, SKF_R_INVALID_MAC_HANDLE);
return SAR_INVALIDPARAMERR;
}
size = *pulMacDataLen;
if (!CMAC_Final(ctx, pbMacData, &size)) {
SKFerr(SKF_F_SKF_MACFINAL, ERR_R_GMAPI_LIB);
return SAR_FAIL;
}
*pulMacDataLen = (ULONG)size;
return SAR_OK;
}
ULONG DEVAPI SKF_Mac(HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbMacData,
ULONG *pulMacLen)
{
ULONG rv;
if ((rv = SKF_MacUpdate(hMac, pbData, ulDataLen)) != SAR_OK) {
SKFerr(SKF_F_SKF_MAC, ERR_R_GMAPI_LIB);
return rv;
}
if ((rv = SKF_MacFinal(hMac, pbMacData, pulMacLen)) != SAR_OK) {
SKFerr(SKF_F_SKF_MAC, ERR_R_GMAPI_LIB);
return rv;
}
return SAR_OK;
}

157
crypto/skf/skf_meth.c Normal file
View File

@@ -0,0 +1,157 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/err.h>
#include "internal/dso.h"
#include "internal/sdf_meth.h"
SKF_METHOD *SKF_METHOD_load_library(const char *so_path)
{
SKF_METHOD *ret = NULL;
SKF_METHOD *skf = NULL;
DSO *dso = NULL;
void *func;
int i;
if (!(dso = DSO_load(NULL, so_path, NULL, 0))) {
goto end;
}
if (!(skf = OPENSSL_zalloc(sizeof(*skf)))) {
goto end;
}
skf->SKF_WaitForDevEvent = (SKF_WaitForDevEvent_FuncPtr)DSO_bind_func(dso, "SKF_WaitForDevEvent");
skf->SKF_CancelWaitForDevEvent = (SKF_CancelWaitForDevEvent_FuncPtr)DSO_bind_func(dso, "SKF_CancelWaitForDevEvent");
skf->SKF_EnumDev = (SKF_EnumDev_FuncPtr)DSO_bind_func(dso, "SKF_EnumDev");
skf->SKF_ConnectDev = (SKF_ConnectDev_FuncPtr)DSO_bind_func(dso, "SKF_ConnectDev");
skf->SKF_DisConnectDev = (SKF_DisConnectDev_FuncPtr)DSO_bind_func(dso, "SKF_DisConnectDev");
skf->SKF_GetDevState = (SKF_GetDevState_FuncPtr)DSO_bind_func(dso, "SKF_GetDevState");
skf->SKF_SetLabel = (SKF_SetLabel_FuncPtr)DSO_bind_func(dso, "SKF_SetLabel");
skf->SKF_GetDevInfo = (SKF_GetDevInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetDevInfo");
skf->SKF_LockDev = (SKF_LockDev_FuncPtr)DSO_bind_func(dso, "SKF_LockDev");
skf->SKF_UnlockDev = (SKF_UnlockDev_FuncPtr)DSO_bind_func(dso, "SKF_UnlockDev");
skf->SKF_Transmit = (SKF_Transmit_FuncPtr)DSO_bind_func(dso, "SKF_Transmit");
skf->SKF_ChangeDevAuthKey = (SKF_ChangeDevAuthKey_FuncPtr)DSO_bind_func(dso, "SKF_ChangeDevAuthKey");
skf->SKF_DevAuth = (SKF_DevAuth_FuncPtr)DSO_bind_func(dso, "SKF_DevAuth");
skf->SKF_ChangePIN = (SKF_ChangePIN_FuncPtr)DSO_bind_func(dso, "SKF_ChangePIN");
skf->SKF_GetPINInfo = (SKF_GetPINInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetPINInfo");
skf->SKF_VerifyPIN = (SKF_VerifyPIN_FuncPtr)DSO_bind_func(dso, "SKF_VerifyPIN");
skf->SKF_UnblockPIN = (SKF_UnblockPIN_FuncPtr)DSO_bind_func(dso, "SKF_UnblockPIN");
skf->SKF_ClearSecureState = (SKF_ClearSecureState_FuncPtr)DSO_bind_func(dso, "SKF_ClearSecureState");
skf->SKF_CreateApplication = (SKF_CreateApplication_FuncPtr)DSO_bind_func(dso, "SKF_CreateApplication");
skf->SKF_EnumApplication = (SKF_EnumApplication_FuncPtr)DSO_bind_func(dso, "SKF_EnumApplication");
skf->SKF_DeleteApplication = (SKF_DeleteApplication_FuncPtr)DSO_bind_func(dso, "SKF_DeleteApplication");
skf->SKF_OpenApplication = (SKF_OpenApplication_FuncPtr)DSO_bind_func(dso, "SKF_OpenApplication");
skf->SKF_CloseApplication = (SKF_CloseApplication_FuncPtr)DSO_bind_func(dso, "SKF_CloseApplication");
skf->SKF_CreateFile = (SKF_CreateFile_FuncPtr)DSO_bind_func(dso, "SKF_CreateFile");
skf->SKF_DeleteFile = (SKF_DeleteFile_FuncPtr)DSO_bind_func(dso, "SKF_DeleteFile");
skf->SKF_EnumFiles = (SKF_EnumFiles_FuncPtr)DSO_bind_func(dso, "SKF_EnumFiles");
skf->SKF_GetFileInfo = (SKF_GetFileInfo_FuncPtr)DSO_bind_func(dso, "SKF_GetFileInfo");
skf->SKF_ReadFile = (SKF_ReadFile_FuncPtr)DSO_bind_func(dso, "SKF_ReadFile");
skf->SKF_WriteFile = (SKF_WriteFile_FuncPtr)DSO_bind_func(dso, "SKF_WriteFile");
skf->SKF_CreateContainer = (SKF_CreateContainer_FuncPtr)DSO_bind_func(dso, "SKF_CreateContainer");
skf->SKF_DeleteContainer = (SKF_DeleteContainer_FuncPtr)DSO_bind_func(dso, "SKF_DeleteContainer");
skf->SKF_EnumContainer = (SKF_EnumContainer_FuncPtr)DSO_bind_func(dso, "SKF_EnumContainer");
skf->SKF_OpenContainer = (SKF_OpenContainer_FuncPtr)DSO_bind_func(dso, "SKF_OpenContainer");
skf->SKF_CloseContainer = (SKF_CloseContainer_FuncPtr)DSO_bind_func(dso, "SKF_CloseContainer");
skf->SKF_GetContainerType = (SKF_GetContainerType_FuncPtr)DSO_bind_func(dso, "SKF_GetContainerType");
skf->SKF_ImportCertificate = (SKF_ImportCertificate_FuncPtr)DSO_bind_func(dso, "SKF_ImportCertificate");
skf->SKF_ExportCertificate = (SKF_ExportCertificate_FuncPtr)DSO_bind_func(dso, "SKF_ExportCertificate");
skf->SKF_ExportPublicKey = (SKF_ExportPublicKey_FuncPtr)DSO_bind_func(dso, "SKF_ExportPublicKey");
skf->SKF_GenRandom = (SKF_GenRandom_FuncPtr)DSO_bind_func(dso, "SKF_GenRandom");
skf->SKF_GenExtRSAKey = (SKF_GenExtRSAKey_FuncPtr)DSO_bind_func(dso, "SKF_GenExtRSAKey");
skf->SKF_GenRSAKeyPair = (SKF_GenRSAKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_GenRSAKeyPair");
skf->SKF_ImportRSAKeyPair = (SKF_ImportRSAKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_ImportRSAKeyPair");
skf->SKF_RSASignData = (SKF_RSASignData_FuncPtr)DSO_bind_func(dso, "SKF_RSASignData");
skf->SKF_RSAVerify = (SKF_RSAVerify_FuncPtr)DSO_bind_func(dso, "SKF_RSAVerify");
skf->SKF_RSAExportSessionKey = (SKF_RSAExportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_RSAExportSessionKey");
skf->SKF_ExtRSAPubKeyOperation = (SKF_ExtRSAPubKeyOperation_FuncPtr)DSO_bind_func(dso, "SKF_ExtRSAPubKeyOperation");
skf->SKF_ExtRSAPriKeyOperation = (SKF_ExtRSAPriKeyOperation_FuncPtr)DSO_bind_func(dso, "SKF_ExtRSAPriKeyOperation");
skf->SKF_GenECCKeyPair = (SKF_GenECCKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_GenECCKeyPair");
skf->SKF_ImportECCKeyPair = (SKF_ImportECCKeyPair_FuncPtr)DSO_bind_func(dso, "SKF_ImportECCKeyPair");
skf->SKF_ECCSignData = (SKF_ECCSignData_FuncPtr)DSO_bind_func(dso, "SKF_ECCSignData");
skf->SKF_ECCVerify = (SKF_ECCVerify_FuncPtr)DSO_bind_func(dso, "SKF_ECCVerify");
skf->SKF_ECCExportSessionKey = (SKF_ECCExportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_ECCExportSessionKey");
skf->SKF_ExtECCEncrypt = (SKF_ExtECCEncrypt_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCEncrypt");
skf->SKF_ExtECCDecrypt = (SKF_ExtECCDecrypt_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCDecrypt");
skf->SKF_ExtECCSign = (SKF_ExtECCSign_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCSign");
skf->SKF_ExtECCVerify = (SKF_ExtECCVerify_FuncPtr)DSO_bind_func(dso, "SKF_ExtECCVerify");
skf->SKF_GenerateAgreementDataWithECC = (SKF_GenerateAgreementDataWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateAgreementDataWithECC");
skf->SKF_GenerateAgreementDataAndKeyWithECC = (SKF_GenerateAgreementDataAndKeyWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateAgreementDataAndKeyWithECC");
skf->SKF_GenerateKeyWithECC = (SKF_GenerateKeyWithECC_FuncPtr)DSO_bind_func(dso, "SKF_GenerateKeyWithECC");
skf->SKF_ImportSessionKey = (SKF_ImportSessionKey_FuncPtr)DSO_bind_func(dso, "SKF_ImportSessionKey");
skf->SKF_SetSymmKey = (SKF_SetSymmKey_FuncPtr)DSO_bind_func(dso, "SKF_SetSymmKey");
skf->SKF_EncryptInit = (SKF_EncryptInit_FuncPtr)DSO_bind_func(dso, "SKF_EncryptInit");
skf->SKF_Encrypt = (SKF_Encrypt_FuncPtr)DSO_bind_func(dso, "SKF_Encrypt");
skf->SKF_EncryptUpdate = (SKF_EncryptUpdate_FuncPtr)DSO_bind_func(dso, "SKF_EncryptUpdate");
skf->SKF_EncryptFinal = (SKF_EncryptFinal_FuncPtr)DSO_bind_func(dso, "SKF_EncryptFinal");
skf->SKF_DecryptInit = (SKF_DecryptInit_FuncPtr)DSO_bind_func(dso, "SKF_DecryptInit");
skf->SKF_Decrypt = (SKF_Decrypt_FuncPtr)DSO_bind_func(dso, "SKF_Decrypt");
skf->SKF_DecryptUpdate = (SKF_DecryptUpdate_FuncPtr)DSO_bind_func(dso, "SKF_DecryptUpdate");
skf->SKF_DecryptFinal = (SKF_DecryptFinal_FuncPtr)DSO_bind_func(dso, "SKF_DecryptFinal");
skf->SKF_DigestInit = (SKF_DigestInit_FuncPtr)DSO_bind_func(dso, "SKF_DigestInit");
skf->SKF_Digest = (SKF_Digest_FuncPtr)DSO_bind_func(dso, "SKF_Digest");
skf->SKF_DigestUpdate = (SKF_DigestUpdate_FuncPtr)DSO_bind_func(dso, "SKF_DigestUpdate");
skf->SKF_DigestFinal = (SKF_DigestFinal_FuncPtr)DSO_bind_func(dso, "SKF_DigestFinal");
skf->SKF_MacInit = (SKF_MacInit_FuncPtr)DSO_bind_func(dso, "SKF_MacInit");
skf->SKF_Mac = (SKF_Mac_FuncPtr)DSO_bind_func(dso, "SKF_Mac");
skf->SKF_MacUpdate = (SKF_MacUpdate_FuncPtr)DSO_bind_func(dso, "SKF_MacUpdate");
skf->SKF_MacFinal = (SKF_MacFinal_FuncPtr)DSO_bind_func(dso, "SKF_MacFinal");
skf->SKF_CloseHandle = (SKF_CloseHandle_FuncPtr)DSO_bind_func(dso, "SKF_CloseHandle");
ret = skf;
skf = NULL;
end:
OPENSSL_free(skf);
DSO_free(dso);
return ret;
}

84
crypto/skf/skf_rand.c
View File

@@ -1,84 +0,0 @@
/* crypto/skf/skf_rand.c */
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/gmskf.h>
#include <openssl/gmapi.h>
#include "skf_lcl.h"
#define SKF_DEV_AUTH_RANDOM_LENGTH 16
#define SKF_MAX_RANDOM_LENGTH (1024*1024*1024)
//FIXME: INT_MAX
ULONG DEVAPI SKF_GenRandom(DEVHANDLE hDev,
BYTE *pbRandom,
ULONG ulRandomLen)
{
if (!pbRandom) {
SKFerr(SKF_F_SKF_GENRANDOM, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (ulRandomLen > SKF_MAX_RANDOM_LENGTH) {
SKFerr(SKF_F_SKF_GENRANDOM, SKF_R_INVALID_RANDOM_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!RAND_bytes(pbRandom, ulRandomLen)) {
SKFerr(SKF_F_SKF_GENRANDOM, ERR_R_GMAPI_LIB);
return SAR_GENRANDERR;
}
return SAR_OK;
}

222
crypto/skf/skf_rsa.c
View File

@@ -1,222 +0,0 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/gmskf.h>
#include <openssl/gmapi.h>
#include "../rsa/rsa_locl.h"
ULONG DEVAPI SKF_GenExtRSAKey(DEVHANDLE hDev,
ULONG ulBitsLen,
RSAPRIVATEKEYBLOB *pBlob)
{
ULONG ret = SAR_FAIL;
RSA *rsa = NULL;
if ((ulBitsLen > MAX_RSA_MODULUS_LEN * 8) || (ulBitsLen < 1024) ||
(ulBitsLen % 8 != 0)) {
SKFerr(SKF_F_SKF_GENEXTRSAKEY, SKF_R_INVALID_KEY_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!pBlob) {
SKFerr(SKF_F_SKF_GENEXTRSAKEY, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (!(rsa = RSA_new())) {
SKFerr(SKF_F_SKF_GENEXTRSAKEY, SKF_R_MALLOC_FAILED);
return SAR_FAIL;
}
if (!RSA_generate_key_ex(rsa, ulBitsLen, NULL, NULL)) {
SKFerr(SKF_F_SKF_GENEXTRSAKEY, SKF_R_GEN_RSA_FAILED);
goto end;
}
if (!RSA_get_RSAPRIVATEKEYBLOB(rsa, pBlob)) {
SKFerr(SKF_F_SKF_GENEXTRSAKEY, SKF_R_ENCODE_FAILED);
goto end;
}
ret = SAR_OK;
end:
RSA_free(rsa);
return ret;
}
ULONG DEVAPI SKF_ExtRSAPubKeyOperation(DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen)
{
ULONG ret = SAR_FAIL;
RSA *rsa = NULL;
int inlen, outlen;
if (!pRSAPubKeyBlob || !pbInput || !pulOutputLen) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (pRSAPubKeyBlob->AlgID != SGD_RSA) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_INVALID_ALGOR);
return SAR_INVALIDPARAMERR;
}
if (pRSAPubKeyBlob->BitLen % 8) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_INVALID_KEY_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (ulInputLen * 8 != pRSAPubKeyBlob->BitLen) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_INVALID_INPUT_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!pbOutput) {
*pulOutputLen = pRSAPubKeyBlob->BitLen / 8;
return SAR_OK;
}
if (*pulOutputLen < pRSAPubKeyBlob->BitLen / 8) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_BUFFER_TOO_SMALL);
return SAR_BUFFER_TOO_SMALL;
}
if (!(rsa = RSA_new_from_RSAPUBLICKEYBLOB(pRSAPubKeyBlob))) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, SKF_R_INVALID_RSA_PUBLIC_KEY);
goto end;
}
inlen = (int)ulInputLen;
if ((outlen = RSA_public_encrypt(inlen, pbInput, pbOutput, rsa, RSA_NO_PADDING)) < 0) {
SKFerr(SKF_F_SKF_EXTRSAPUBKEYOPERATION, ERR_R_RSA_LIB);
goto end;
}
*pulOutputLen = outlen;
ret = SAR_OK;
end:
RSA_free(rsa);
return ret;
}
ULONG DEVAPI SKF_ExtRSAPriKeyOperation(DEVHANDLE hDev,
RSAPRIVATEKEYBLOB *pRSAPriKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen)
{
ULONG ret = SAR_FAIL;
RSA *rsa = NULL;
int inlen, outlen;
if (!pRSAPriKeyBlob || !pbInput || !pulOutputLen) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_NULL_ARGUMENT);
return SAR_INVALIDPARAMERR;
}
if (pRSAPriKeyBlob->AlgID != SGD_RSA) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_INVALID_ALGOR);
return SAR_INVALIDPARAMERR;
}
if (pRSAPriKeyBlob->BitLen % 8) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_INVALID_KEY_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (ulInputLen * 8 != pRSAPriKeyBlob->BitLen) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_INVALID_INPUT_LENGTH);
return SAR_INVALIDPARAMERR;
}
if (!pbOutput) {
*pulOutputLen = pRSAPriKeyBlob->BitLen / 8;
return SAR_OK;
}
if (*pulOutputLen < pRSAPriKeyBlob->BitLen / 8) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_BUFFER_TOO_SMALL);
return SAR_BUFFER_TOO_SMALL;
}
if (!(rsa = RSA_new_from_RSAPRIVATEKEYBLOB(pRSAPriKeyBlob))) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, SKF_R_INVALID_RSA_PUBLIC_KEY);
goto end;
}
inlen = (int)ulInputLen;
if ((outlen = RSA_private_decrypt(inlen, pbInput, pbOutput, rsa, RSA_NO_PADDING)) < 0) {
SKFerr(SKF_F_SKF_EXTRSAPRIKEYOPERATION, ERR_R_RSA_LIB);
goto end;
}
*pulOutputLen = outlen;
ret = SAR_OK;
end:
RSA_free(rsa);
return ret;
}
ULONG DEVAPI SKF_RSAVerify(DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG ulSignLen)
{
return SAR_FAIL;
}

98
crypto/skf/skf_sesskey.c
View File

@@ -1,98 +0,0 @@
/* crypto/skf/skf_sesskey.c */
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/sms4.h>
#include <openssl/evp.h>
#include <openssl/gmskf.h>
#include <openssl/gmapi.h>
#include "skf_lcl.h"
#define PADDING_TYPE_NO_PADDING 0
#define PADDING_TYPE_PKCS5 1
ULONG DEVAPI SKF_SetSymmKey(DEVHANDLE hDev,
BYTE *pbKey,
ULONG ulAlgID,
HANDLE *phKey)
{
SKF_HANDLE *hKey = NULL;
if (!(hKey = OPENSSL_malloc(sizeof(*hKey)))) {
SKFerr(SKF_F_SKF_SETSYMMKEY, SKF_R_MALLOC_FAILED);
return SAR_FAIL;
}
memset(hKey, 0, sizeof(*hKey));
hKey->magic = SKF_HANDLE_MAGIC;
hKey->type = SKF_KEY_HANDLE;
switch (ulAlgID) {
case SGD_SM4_ECB:
case SGD_SM4_CBC:
case SGD_SM4_CFB:
case SGD_SM4_OFB:
case SGD_SM4_MAC:
hKey->algid = ulAlgID;
hKey->keylen = SMS4_KEY_LENGTH;
break;
default:
SKFerr(SKF_F_SKF_SETSYMMKEY, SKF_R_INVALID_ALGOR);
return SAR_INVALIDPARAMERR;
}
memcpy(hKey->key, pbKey, hKey->keylen);
*phKey = hKey;
return SAR_OK;
}

394
crypto/skf/skf_token.c
View File

@@ -1,394 +0,0 @@
/* crypto/skf/skf_app.c */
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/skf.h>
ULONG DEVAPI SKF_WaitForDevEvent(LPSTR szDevName,
ULONG *pulDevNameLen,
ULONG *pulEvent)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_CancelWaitForDevEvent(void)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_SetLabel(DEVHANDLE hDev,
LPSTR szLabel)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_LockDev(DEVHANDLE hDev,
ULONG ulTimeOut)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_UnlockDev(DEVHANDLE hDev)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_Transmit(DEVHANDLE hDev,
BYTE* pbCommand,
ULONG ulCommandLen,
BYTE* pbData,
ULONG* pulDataLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ChangeDevAuthKey(DEVHANDLE hDev,
BYTE *pbKeyValue,
ULONG ulKeyLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_DevAuth(DEVHANDLE hDev,
BYTE *pbAuthData,
ULONG ulLen)
{
return SAR_OK;
}
ULONG DEVAPI SKF_CreateApplication(DEVHANDLE hDev,
LPSTR szAppName,
LPSTR szAdminPin,
DWORD dwAdminPinRetryCount,
LPSTR szUserPin,
DWORD dwUserPinRetryCount,
DWORD dwCreateFileRights,
HAPPLICATION *phApplication)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev,
LPSTR szAppName,
ULONG *pulSize)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_DeleteApplication(DEVHANDLE hDev,
LPSTR szAppName)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_OpenApplication(DEVHANDLE hDev,
LPSTR szAppName,
HAPPLICATION *phApplication)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_CloseApplication(HAPPLICATION hApplication)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szOldPin,
LPSTR szNewPin,
ULONG *pulRetryCount)
{
return SAR_NOTSUPPORTYETERR;
}
LONG DEVAPI SKF_GetPINInfo(HAPPLICATION hApplication,
ULONG ulPINType,
ULONG *pulMaxRetryCount,
ULONG *pulRemainRetryCount,
BOOL *pbDefaultPin)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_VerifyPIN(HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szPIN,
ULONG *pulRetryCount)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_UnblockPIN(HAPPLICATION hApplication,
LPSTR szAdminPIN,
LPSTR szNewUserPIN,
ULONG *pulRetryCount)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ClearSecureState(HAPPLICATION hApplication)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_CreateContainer(HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_DeleteContainer(HAPPLICATION hApplication,
LPSTR szContainerName)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_EnumContainer(HAPPLICATION hApplication,
LPSTR szContainerName,
ULONG *pulSize)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_OpenContainer(HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_CloseContainer(HCONTAINER hContainer)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GetContainerType(HCONTAINER hContainer,
ULONG *pulContainerType)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ImportCertificate(HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbCert,
ULONG ulCertLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ExportCertificate(HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbCert,
ULONG *pulCertLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_CreateFile(HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulFileSize,
ULONG ulReadRights,
ULONG ulWriteRights)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_EnumFiles(HAPPLICATION hApplication,
LPSTR szFileList,
ULONG *pulSize)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GetFileInfo(HAPPLICATION hApplication,
LPSTR szFileName,
FILEATTRIBUTE *pFileInfo)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ReadFile(HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
ULONG ulSize,
BYTE *pbOutData,
ULONG *pulOutLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_WriteFile(HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
BYTE *pbData,
ULONG ulSize)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_DeleteFile(HAPPLICATION hApplication,
LPSTR szFileName)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GenECCKeyPair(HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pBlob)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ImportECCKeyPair(HCONTAINER hContainer,
ENVELOPEDKEYBLOB *pEnvelopedKeyBlob)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ECCSignData(HCONTAINER hContainer,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GenerateAgreementDataWithECC(HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phAgreementHandle)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC(HANDLE hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob,
ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
BYTE *pbSponsorID,
ULONG ulSponsorIDLen,
HANDLE *phKeyHandle)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GenerateKeyWithECC(HANDLE hAgreementHandle,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phKeyHandle)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_GenRSAKeyPair(HCONTAINER hContainer,
ULONG ulBitsLen,
RSAPUBLICKEYBLOB *pBlob)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ImportRSAKeyPair(HCONTAINER hContainer,
ULONG ulSymAlgId,
BYTE *pbWrappedKey,
ULONG ulWrappedKeyLen,
BYTE *pbEncryptedData,
ULONG ulEncryptedDataLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_RSASignData(HCONTAINER hContainer,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG *pulSignLen)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ImportSessionKey(HCONTAINER hContainer,
ULONG ulAlgId,
BYTE *pbWrapedData,
ULONG ulWrapedLen,
HANDLE *phKey)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_RSAExportSessionKey(HCONTAINER hContainer,
ULONG ulAlgId,
RSAPUBLICKEYBLOB *pPubKey,
BYTE *pbData,
ULONG *pulDataLen,
HANDLE *phSessionKey)
{
return SAR_NOTSUPPORTYETERR;
}
ULONG DEVAPI SKF_ECCExportSessionKey(HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pPubKey,
ECCCIPHERBLOB *pData,
HANDLE *phSessionKey)
{
return SAR_NOTSUPPORTYETERR;
}