some bug fix

crypto/ecies/ecies_lib.c

@@ -703,10 +703,8 @@ int ECIES_encrypt(int type, const unsigned char *in, size_t inlen,
 		*outlen = (size_t)len;
 		ret = 1;
 		goto end;
-	}
-
-	if (*outlen < len) {
-		ECerr(EC_F_ECIES_ENCRYPT, EC_R_ENCRYPT_FAILED);
+	} else if (*outlen < len) {
+		ECerr(EC_F_ECIES_ENCRYPT, EC_R_BUFFER_TOO_SMALL);
 		*outlen = (size_t)len;
 		goto end;
 	}

crypto/evp/evp_pbe.c

@@ -68,14 +68,14 @@ static const EVP_PBE_CTL builtin_pbe[] = {
     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
     {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
-#ifndef OPENSSL_NO_SM3
-    {EVP_PBE_TYPE_PRF, NID_hmac_sm3, -1, NID_sm3, 0},
-#endif
     {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
     {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_256, -1,
      NID_id_GostR3411_2012_256, 0},
     {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1,
      NID_id_GostR3411_2012_512, 0},
+#ifndef OPENSSL_NO_SM3
+    {EVP_PBE_TYPE_PRF, NID_hmac_sm3, -1, NID_sm3, 0},
+#endif
     {EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
 #ifndef OPENSSL_NO_SCRYPT
     {EVP_PBE_TYPE_KDF, NID_id_scrypt, -1, -1, PKCS5_v2_scrypt_keyivgen}

crypto/objects/obj_dat.h

@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7886] = {
+static const unsigned char so[7915] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1101,9 +1101,12 @@ static const unsigned char so[7886] = {
     0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x01,0x01,0x04,  /* [ 7854] OBJ_cpk_map_sha384 */
     0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x01,0x01,0x05,  /* [ 7865] OBJ_cpk_map_sha512 */
     0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x15,  /* [ 7876] OBJ_paillier */
+    0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2F,0x07,  /* [ 7885] OBJ_sm9hash2 */
+    0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2F,0x07,0x01,  /* [ 7894] OBJ_sm9hash2_with_sm3 */
+    0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2F,0x07,0x02,  /* [ 7904] OBJ_sm9hash2_with_sha256 */
 };
 
-#define NUM_NID 1209
+#define NUM_NID 1212
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2314,9 +2317,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"cpk-map-sha384", "cpk-map-sha384", NID_cpk_map_sha384, 11, &so[7854]},
     {"cpk-map-sha512", "cpk-map-sha512", NID_cpk_map_sha512, 11, &so[7865]},
     {"paillier", "paillier", NID_paillier, 9, &so[7876]},
+    {"sm9hash2", "sm9hash2", NID_sm9hash2, 9, &so[7885]},
+    {"sm9hash2-with-sm3", "sm9hash2-with-sm3", NID_sm9hash2_with_sm3, 10, &so[7894]},
+    {"sm9hash2-with-sha256", "sm9hash2-with-sha256", NID_sm9hash2_with_sha256, 10, &so[7904]},
 };
 
-#define NUM_SN 1199
+#define NUM_SN 1202
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -3450,6 +3456,9 @@ static const unsigned int sn_objs[NUM_SN] = {
     1172,    /* "sm9hash1" */
     1182,    /* "sm9hash1-with-sha256" */
     1181,    /* "sm9hash1-with-sm3" */
+    1209,    /* "sm9hash2" */
+    1211,    /* "sm9hash2-with-sha256" */
+    1210,    /* "sm9hash2-with-sm3" */
     1173,    /* "sm9kdf" */
     1184,    /* "sm9kdf-with-sha256" */
     1183,    /* "sm9kdf-with-sm3" */
@@ -3519,7 +3528,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1187,    /* "zuc-128eia3" */
 };
 
-#define NUM_LN 1199
+#define NUM_LN 1202
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -4636,6 +4645,9 @@ static const unsigned int ln_objs[NUM_LN] = {
     1172,    /* "sm9hash1" */
     1182,    /* "sm9hash1-with-sha256" */
     1181,    /* "sm9hash1-with-sm3" */
+    1209,    /* "sm9hash2" */
+    1211,    /* "sm9hash2-with-sha256" */
+    1210,    /* "sm9hash2-with-sm3" */
     1173,    /* "sm9kdf" */
     1184,    /* "sm9kdf-with-sha256" */
     1183,    /* "sm9kdf-with-sm3" */
@@ -4722,7 +4734,7 @@ static const unsigned int ln_objs[NUM_LN] = {
     1187,    /* "zuc-128eia3" */
 };
 
-#define NUM_OBJ 1096
+#define NUM_OBJ 1099
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5467,6 +5479,7 @@ static const unsigned int obj_objs[NUM_OBJ] = {
     1172,    /* OBJ_sm9hash1                     1 2 156 10197 1 302 4 */
     1173,    /* OBJ_sm9kdf                       1 2 156 10197 1 302 5 */
     1174,    /* OBJ_id_sm9MasterSecret           1 2 156 10197 1 302 6 */
+    1209,    /* OBJ_sm9hash2                     1 2 156 10197 1 303 7 */
     1149,    /* OBJ_hmac_sm3                     1 2 156 10197 1 401 2 */
     1186,    /* OBJ_zuc_128eea3                  1 2 156 10197 1 800 1 */
     1187,    /* OBJ_zuc_128eia3                  1 2 156 10197 1 800 2 */
@@ -5685,6 +5698,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
     1183,    /* OBJ_sm9kdf_with_sm3              1 2 156 10197 1 302 5 1 */
     1184,    /* OBJ_sm9kdf_with_sha256           1 2 156 10197 1 302 5 2 */
     1175,    /* OBJ_sm9bn256v1                   1 2 156 10197 1 302 6 1 */
+    1210,    /* OBJ_sm9hash2_with_sm3            1 2 156 10197 1 303 7 1 */
+    1211,    /* OBJ_sm9hash2_with_sha256         1 2 156 10197 1 303 7 2 */
      189,    /* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
      190,    /* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
      191,    /* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */

crypto/objects/obj_mac.num

@@ -1206,3 +1206,6 @@ cpk_map_sm3		1205
 cpk_map_sha384		1206
 cpk_map_sha512		1207
 paillier		1208
+sm9hash2		1209
+sm9hash2_with_sm3		1210
+sm9hash2_with_sha256		1211

crypto/objects/objects.txt

@@ -1630,6 +1630,7 @@ sm-scheme 302 1		: sm9sign
 sm-scheme 302 2		: sm9keyagreement
 sm-scheme 302 3		: sm9encrypt
 sm-scheme 302 4		: sm9hash1
+sm-scheme 303 7		: sm9hash2
 sm-scheme 302 5		: sm9kdf
 sm-scheme 302 6		: id-sm9MasterSecret
 sm-scheme 302 6	1 	: sm9bn256v1
@@ -1640,6 +1641,8 @@ sm9encrypt 2		: sm9encrypt-with-sm3-sms4-cbc
 sm9encrypt 3		: sm9encrypt-with-sm3-sms4-ctr
 sm9hash1 1		: sm9hash1-with-sm3
 sm9hash1 2		: sm9hash1-with-sha256
+sm9hash2 1		: sm9hash2-with-sm3
+sm9hash2 2		: sm9hash2-with-sha256
 sm9kdf 1		: sm9kdf-with-sm3
 sm9kdf 2		: sm9kdf-with-sha256
 

crypto/sm2/sm2_asn1.c

@@ -67,9 +67,10 @@ ASN1_SEQUENCE(SM2CiphertextValue) = {
 IMPLEMENT_ASN1_FUNCTIONS(SM2CiphertextValue)
 IMPLEMENT_ASN1_DUP_FUNCTION(SM2CiphertextValue)
 
-int SM2CiphertextValue_size(const EC_GROUP *group, size_t inlen)
+int SM2_ciphertext_size(const EC_KEY *ec_key, size_t inlen)
 {
 	int ret;
+	const EC_GROUP *group = NULL;
 	ASN1_OCTET_STRING s;
 	int len = 0, i;
 
@@ -78,6 +79,10 @@ int SM2CiphertextValue_size(const EC_GROUP *group, size_t inlen)
 		return 0;
 	}
 
+	if (ec_key) {
+		group = EC_KEY_get0_group(ec_key);
+	}
+
 	if (group) {
 		ASN1_INTEGER a;
 		unsigned char buf[4] = {0xff};

crypto/sm2/sm2_enc.c

@@ -84,7 +84,7 @@ SM2CiphertextValue *SM2_do_encrypt(const EVP_MD *md,
 		return 0;
 	}
 
-	if (inlen < SM2_MIN_PLAINTEXT_LENGTH || inlen > SM2_MAX_PLAINTEXT_LENGTH) {
+	if (inlen <= 0 || inlen > SM2_MAX_PLAINTEXT_LENGTH) {
 		SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_PLAINTEXT_LENGTH);
 		return 0;
 	}
@@ -230,24 +230,47 @@ end:
 int SM2_encrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
+	int ret = 0;
 	const EVP_MD *md;
-	SM2CiphertextValue *cv;
+	SM2CiphertextValue *cv = NULL;
+	int clen;
 
+	// check type 					
 	if (!(md = EVP_get_digestbynid(type))) {
 		SM2err(SM2_F_SM2_ENCRYPT, SM2_R_INVALID_DIGEST_ALGOR);
-		*outlen = 0;
+		return 0;
+	}
+
+	if (!(clen = SM2_ciphertext_size(ec_key, inlen))) {
+		SM2err(SM2_F_SM2_ENCRYPT, ERR_R_SM2_LIB);
+		return 0;
+	}
+	if (!out) {
+		*outlen = clen;
+		return 1;
+	} else if (*outlen < clen) {
+		SM2err(SM2_F_SM2_ENCRYPT, SM2_R_BUFFER_TOO_SMALL);
 		return 0;
 	}
 
 	RAND_seed(in, inlen);
 	if (!(cv = SM2_do_encrypt(md, in, inlen, ec_key))) {
+		SM2err(SM2_F_SM2_ENCRYPT, ERR_R_SM2_LIB);
 		*outlen = 0;
 		return 0;
 	}
 
-	*outlen = i2d_SM2CiphertextValue(cv, &out);
+	if ((clen = i2d_SM2CiphertextValue(cv, &out)) <= 0) {
+		SM2err(SM2_F_SM2_ENCRYPT, ERR_R_SM2_LIB);
+		goto end;
+	}
+
+	*outlen = clen;
+	ret = 1;
+
+end:
 	SM2CiphertextValue_free(cv);
-	return 1;
+	return ret;
 }
 
 int SM2_decrypt(int type, const unsigned char *in, size_t inlen,
@@ -353,7 +376,7 @@ int SM2_do_decrypt(const EVP_MD *md, const SM2CiphertextValue *cv,
 		return 0;
 	}
 
-	if (cv->ciphertext->length < SM2_MIN_PLAINTEXT_LENGTH
+	if (cv->ciphertext->length <= 0
 		|| cv->ciphertext->length > SM2_MAX_PLAINTEXT_LENGTH) {
 		SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
 		return 0;

crypto/sm2/sm2_lcl.h

@@ -52,6 +52,10 @@
 
 #define SM2_MAX_PKEY_DATA_LENGTH		((EC_MAX_NBYTES + 1) * 6)
 
+#define SM2_MAX_PLAINTEXT_LENGTH		65535
+#define SM2_MAX_CIPHERTEXT_LENGTH		(SM2_MAX_PLAINTEXT_LENGTH + 2048)
+
+
 int SM2_get_public_key_data(EC_KEY *ec_key, unsigned char *out, size_t *outlen);
 
 struct SM2CiphertextValue_st {
@@ -92,5 +96,5 @@ struct sm2_kap_ctx_st {
 
 };
 
-
+int SM2_ciphertext_size(const EC_KEY *ec_key, size_t inlen);
 

crypto/sm9/sm9_prn.c

@@ -1,151 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2016 The GmSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the GmSSL Project.
- *    (http://gmssl.org/)"
- *
- * 4. The name "GmSSL Project" must not be used to endorse or promote
- *    products derived from this software without prior written
- *    permission. For written permission, please contact
- *    guanzhi1980@gmail.com.
- *
- * 5. Products derived from this software may not be called "GmSSL"
- *    nor may "GmSSL" appear in their names without prior written
- *    permission of the GmSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the GmSSL Project
- *    (http://gmssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-#include <openssl/err.h>
-#include <openssl/sm9.h>
-#include <openssl/bn_hash.h>
-#include "sm9_lcl.h"
-
-int SM9PrivateKey_get_gmtls_public_key(SM9PublicParameters *mpk,
-	SM9PrivateKey *sk, unsigned char pub_key[1024])
-{
-	return 0;
-}
-
-int SM9PublicKey_get_gmtls_encoded(SM9PublicParameters *mpk,
-	SM9PublicKey *pk, unsigned char encoded[1024])
-{
-	return 0;
-}
-
-
-int SM9_hash2(const EVP_MD *md, BIGNUM **r,
-	const unsigned char *data, size_t datalen,
-	const unsigned char *elem, size_t elemlen,
-	const BIGNUM *range, BN_CTX *ctx)
-{
-	unsigned char *buf;
-
-	if (!(buf = OPENSSL_malloc(datalen + elemlen))) {
-		return 0;
-	}
-	memcpy(buf, data, datalen);
-	memcpy(buf + datalen, elem, elemlen);
-
-	if (!BN_hash_to_range(md, r, buf, datalen + elemlen, range, ctx)) {
-		OPENSSL_free(buf);
-		return 0;
-	}
-
-	OPENSSL_free(buf);
-	return 1;
-}
-
-int SM9_DigestInit(EVP_MD_CTX *ctx, unsigned char prefix,
-	const EVP_MD *md, ENGINE *impl)
-{
-	if (!EVP_DigestInit_ex(ctx, md, impl)
-		|| !EVP_DigestUpdate(ctx, &prefix, 1)) {
-		ERR_print_errors_fp(stderr);
-		return 0;
-	}
-	return 1;
-}
-
-//FIXME: implement this !!!
-int SM9MasterSecret_up_ref(SM9MasterSecret *msk)
-{
-	return 1;
-}
-
-int SM9PublicParameters_up_ref(SM9PublicParameters *mpk)
-{
-	return 1;
-}
-
-int SM9PrivateKey_up_ref(SM9PrivateKey *sk)
-{
-	return 1;
-}
-
-int SM9PublicKey_up_ref(SM9PublicKey *pk)
-{
-	return 1;
-}
-
-#if 0
-int SM9_DigestFinal(EVP_MD_CTX *ctx1, BIGNUM *h, const BIGNUM *n_1)
-{
-	int ret = 0;
-	EVP_MD_CTX *ctx2 = NULL;
-	const unsigned char ct1[4] = {0x00, 0x00, 0x00, 0x01};
-	const unsigned char ct2[4] = {0x00, 0x00, 0x00, 0x02};
-	unsigned char Ha[EVP_MAX_MD_SIZE * 2];
-	unsigned int len = 0;
-
-	if (!(ctx2 = EVP_MD_CTX_new())
-		|| !EVP_MD_CTX_copy(ctx2, ctx1)
-		|| !EVP_DigestUpdate(ctx1, ct1, sizeof(ct))
-		|| !EVP_DigestUpdate(ctx2, ct2, sizeof(ct2))
-		|| !EVP_DigestFinal_ex(ctx1, Ha, &len)
-		|| !EVP_DigestFinal_ex(ctx2, Ha + len, &len)
-		|| !BN_bin2bn(Ha, 40, h)
-		|| !BN_mod(h, h, n_1, bn_ctx)
-		|| !BN_add_word(h, 1)) {
-		ERR_print_errors_fp(stderr);
-		goto end;
-	}
-
-	ret = 1;
-end:
-	EVP_MD_CTX_free(ctx2);
-	return ret;
-}
-#endif