abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update AEAD

Browse Source
This commit is contained in:
Zhi Guan
2023-02-14 18:56:03 +08:00
parent acd50a83d0
commit a9f76d8f62
6 changed files with 449 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
tools/sm4.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -15,12 +15,49 @@
#include <gmssl/mem.h>
#include <gmssl/sm4.h>
#include <gmssl/hex.h>
#include <gmssl/aead.h>
#include <gmssl/error.h>
#define SM4_MODE_CBC 1
#define SM4_MODE_CTR 2
#define SM4_MODE_GCM 3
#define SM4_MODE_CBC_SM3_HMAC 4
#define SM4_MODE_CTR_SM3_HMAC 5
static const char *options = "{-cbc|-ctr} {-encrypt|-decrypt} -key hex -iv hex [-in file] [-out file]";
static const char *usage = "(-cbc|-ctr|-gcm|-cbc_sm3_hmac|-ctr_sm3_hmac) {-encrypt|-decrypt} -key hex -iv hex [-in file] [-out file]";
static const char *options =
"Options\n"
"\n"
" Modes\n"
"\n"
" -cbc CBC mode with padding, need 16-byte key and 16-byte iv\n"
" -ctr CTR mode, need 16-byte key and 16-byte iv\n"
" -gcm GCM mode, need 16-byte key and any iv length\n"
" -cbc_sm3_hmac CBC mode with padding and HMAC-SM3 (encrypt-then-mac), need 48-byte key and 16-byte iv\n"
" -ctr_sm3_hmac CTR mode with HMAC-SM3 (entrypt-then-mac), need 48-byte key and 16-byte iv\n"
"\n"
" -encrypt Encrypt\n"
" -decrypt Decrypt\n"
" -key hex Symmetric key in HEX format\n"
" -iv hex IV in HEX format\n"
" -in file | stdin Input data\n"
" -out file | stdout Output data\n"
"\n"
"Examples"
"\n"
" echo \"hello\" | gmssl sm4 -gcm -encrypt -key 11223344556677881122334455667788 -iv 112233445566778811223344 -out ciphertext.bin\n"
" gmssl sm4 -gcm -decrypt -key 11223344556677881122334455667788 -iv 112233445566778811223344 -in ciphertext.bin\n"
"\n"
" echo \"hello\" | gmssl sm4 -cbc_sm3_hmac -encrypt \\\n"
" -key 112233445566778811223344556677881122334455667788112233445566778811223344556677881122334455667788 \\\n"
" -iv 11223344556677881122334455667788 -out ciphertext.bin\n"
" gmssl sm4 -cbc_sm3_hmac -decrypt \\\n"
" -key 112233445566778811223344556677881122334455667788112233445566778811223344556677881122334455667788 \\\n"
" -iv 11223344556677881122334455667788 -in ciphertext.bin\n"
"\n";
int sm4_main(int argc, char **argv)
{
@@ -30,16 +67,22 @@ int sm4_main(int argc, char **argv)
char *ivhex = NULL;
char *infile = NULL;
char *outfile = NULL;
uint8_t key[16];
uint8_t iv[16];
uint8_t key[48];
uint8_t iv[SM4_GCM_MAX_IV_SIZE];
size_t keylen = sizeof(key);
size_t ivlen = sizeof(iv);
FILE *infp = stdin;
FILE *outfp = stdout;
int mode = 0;
int enc = -1;
SM4_CBC_CTX cbc_ctx;
SM4_CTR_CTX ctr_ctx;
int rv;
union {
SM4_CBC_CTX cbc;
SM4_CTR_CTX ctr;
SM4_CBC_SM3_HMAC_CTX cbc_sm3_hmac;
SM4_CTR_SM3_HMAC_CTX ctr_sm3_hmac;
SM4_GCM_CTX gcm;
} sm4_ctx;
uint8_t inbuf[4096];
size_t inlen;
uint8_t outbuf[4196];
@@ -49,35 +92,36 @@ int sm4_main(int argc, char **argv)
argv++;
if (argc < 1) {
fprintf(stderr, "usage: %s %s\n", prog, options);
fprintf(stderr, "usage: %s %s\n", prog, usage);
return 1;
}
while (argc > 0) {
if (!strcmp(*argv, "-help")) {
printf("usage: %s %s\n", prog, options);
printf("usage: %s %s\n", prog, usage);
printf("%s\n", options);
ret = 0;
goto end;
} else if (!strcmp(*argv, "-key")) {
if (--argc < 1) goto bad;
keyhex = *(++argv);
if (strlen(keyhex) != sizeof(key) * 2) {
if (strlen(keyhex) > sizeof(key) * 2) {
fprintf(stderr, "%s: invalid key length\n", prog);
goto end;
}
if (hex_to_bytes(keyhex, strlen(keyhex), key, &keylen) != 1) {
fprintf(stderr, "%s: invalid HEX digits\n", prog);
fprintf(stderr, "%s: invalid key hex digits\n", prog);
goto end;
}
} else if (!strcmp(*argv, "-iv")) {
if (--argc < 1) goto bad;
ivhex = *(++argv);
if (strlen(ivhex) != sizeof(iv) * 2) {
fprintf(stderr, "%s: invalid IV length\n", prog);
if (strlen(ivhex) > sizeof(iv) * 2) {
fprintf(stderr, "%s: IV length too long\n", prog);
goto end;
}
if (hex_to_bytes(ivhex, strlen(ivhex), iv, &ivlen) != 1) {
fprintf(stderr, "%s: invalid HEX digits\n", prog);
fprintf(stderr, "%s: invalid IV hex digits\n", prog);
goto end;
}
} else if (!strcmp(*argv, "-encrypt")) {
@@ -90,6 +134,15 @@ int sm4_main(int argc, char **argv)
} else if (!strcmp(*argv, "-ctr")) {
if (mode) goto bad;
mode = SM4_MODE_CTR;
} else if (!strcmp(*argv, "-cbc_sm3_hmac")) {
if (mode) goto bad;
mode = SM4_MODE_CBC_SM3_HMAC;
} else if (!strcmp(*argv, "-ctr_sm3_hmac")) {
if (mode) goto bad;
mode = SM4_MODE_CTR_SM3_HMAC;
} else if (!strcmp(*argv, "-gcm")) {
if (mode) goto bad;
mode = SM4_MODE_GCM;
} else if (!strcmp(*argv, "-in")) {
if (--argc < 1) goto bad;
infile = *(++argv);
@@ -105,10 +158,10 @@ int sm4_main(int argc, char **argv)
goto end;
}
} else {
fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
fprintf(stderr, "%s: illegal option `%s`\n", prog, *argv);
goto end;
bad:
fprintf(stderr, "%s: '%s' option value missing\n", prog, *argv);
fprintf(stderr, "%s: `%s` option value missing\n", prog, *argv);
goto end;
}
@@ -117,27 +170,56 @@ bad:
}
if (!mode) {
fprintf(stderr, "%s: mode not assigned, -cbc or -ctr option required\n", prog);
fprintf(stderr, "%s: mode not assigned, `-cbc`, `-ctr`, `-gcm`, `-cbc_sm3_hmac` or `-ctr_sm3_hmac` required\n", prog);
goto end;
}
if (!keyhex) {
fprintf(stderr, "%s: option '-key' missing\n", prog);
fprintf(stderr, "%s: option `-key` missing\n", prog);
goto end;
}
if (!ivhex) {
fprintf(stderr, "%s: option '-iv' missing\n", prog);
fprintf(stderr, "%s: option `-iv` missing\n", prog);
goto end;
}
switch (mode) {
case SM4_MODE_CTR:
case SM4_MODE_CBC:
case SM4_MODE_GCM:
if (keylen != 16) {
fprintf(stderr, "%s: invalid key length, should be 32 hex digits\n", prog);
goto end;
}
break;
case SM4_MODE_CBC_SM3_HMAC:
case SM4_MODE_CTR_SM3_HMAC:
if (keylen != 48) {
fprintf(stderr, "%s: invalid key length, should be 96 hex digits\n", prog);
goto end;
}
break;
}
switch (mode) {
case SM4_MODE_CTR:
case SM4_MODE_CBC:
case SM4_MODE_CBC_SM3_HMAC:
case SM4_MODE_CTR_SM3_HMAC:
if (ivlen != 16) {
fprintf(stderr, "%s: invalid IV length, should be 32 hex digits\n", prog);
goto end;
}
break;
}
if (mode == SM4_MODE_CTR) {
if (sm4_ctr_encrypt_init(&ctr_ctx, key, iv) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
if (sm4_ctr_encrypt_init(&sm4_ctx.ctr, key, iv) != 1) {
error_print();
goto end;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) > 0) {
if (sm4_ctr_encrypt_update(&ctr_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
if (sm4_ctr_encrypt_update(&sm4_ctx.ctr, inbuf, inlen, outbuf, &outlen) != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
@@ -145,8 +227,8 @@ bad:
goto end;
}
}
if (sm4_ctr_encrypt_finish(&ctr_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
if (sm4_ctr_encrypt_finish(&sm4_ctx.ctr, outbuf, &outlen) != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
@@ -164,13 +246,26 @@ bad:
}
if (enc) {
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_encrypt_init(&sm4_ctx.cbc, key, iv); break;
case SM4_MODE_GCM: rv = sm4_gcm_encrypt_init(&sm4_ctx.gcm, key, keylen, iv, ivlen, NULL, 0, GHASH_SIZE); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_init(&sm4_ctx.cbc_sm3_hmac, key, keylen, iv, ivlen, NULL, 0); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_init(&sm4_ctx.ctr_sm3_hmac, key, keylen, iv, ivlen, NULL, 0); break;
}
if (rv != 1) {
error_print();
goto end;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) > 0) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_encrypt_update(&sm4_ctx.cbc, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_GCM: rv = sm4_gcm_encrypt_update(&sm4_ctx.gcm, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_update(&sm4_ctx.cbc_sm3_hmac, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_update(&sm4_ctx.ctr_sm3_hmac, inbuf, inlen, outbuf, &outlen); break;
}
if (rv != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
@@ -178,8 +273,15 @@ bad:
goto end;
}
}
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_encrypt_finish(&sm4_ctx.cbc, outbuf, &outlen); break;
case SM4_MODE_GCM: rv = sm4_gcm_encrypt_finish(&sm4_ctx.gcm, outbuf, &outlen); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_encrypt_finish(&sm4_ctx.cbc_sm3_hmac, outbuf, &outlen); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_encrypt_finish(&sm4_ctx.ctr_sm3_hmac, outbuf, &outlen); break;
}
if (rv != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
@@ -188,22 +290,43 @@ bad:
}
} else {
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_decrypt_init(&sm4_ctx.cbc, key, iv); break;
case SM4_MODE_GCM: rv = sm4_gcm_decrypt_init(&sm4_ctx.gcm, key, keylen, iv, ivlen, NULL, 0, GHASH_SIZE); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_init(&sm4_ctx.cbc_sm3_hmac, key, keylen, iv, ivlen, NULL, 0); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_init(&sm4_ctx.ctr_sm3_hmac, key, keylen, iv, ivlen, NULL, 0); break;
}
if (rv != 1) {
error_print();
goto end;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) > 0) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_decrypt_update(&sm4_ctx.cbc, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_GCM: rv = sm4_gcm_decrypt_update(&sm4_ctx.gcm, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_update(&sm4_ctx.cbc_sm3_hmac, inbuf, inlen, outbuf, &outlen); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_update(&sm4_ctx.ctr_sm3_hmac, inbuf, inlen, outbuf, &outlen); break;
}
if (rv != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
fprintf(stderr, "%s: output failure : %s\n", prog, strerror(errno));
goto end;
}
}
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: inner error\n", prog);
switch (mode) {
case SM4_MODE_CBC: rv = sm4_cbc_decrypt_finish(&sm4_ctx.cbc, outbuf, &outlen); break;
case SM4_MODE_GCM: rv = sm4_gcm_decrypt_finish(&sm4_ctx.gcm, outbuf, &outlen); break;
case SM4_MODE_CBC_SM3_HMAC: rv = sm4_cbc_sm3_hmac_decrypt_finish(&sm4_ctx.cbc_sm3_hmac, outbuf, &outlen); break;
case SM4_MODE_CTR_SM3_HMAC: rv = sm4_ctr_sm3_hmac_decrypt_finish(&sm4_ctx.ctr_sm3_hmac, outbuf, &outlen); break;
}
if (rv != 1) {
error_print();
goto end;
}
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
@@ -214,8 +337,7 @@ bad:
ret = 0;
end:
gmssl_secure_clear(&cbc_ctx, sizeof(cbc_ctx));
gmssl_secure_clear(&ctr_ctx, sizeof(ctr_ctx));
gmssl_secure_clear(&sm4_ctx, sizeof(sm4_ctx));
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(iv, sizeof(iv));
gmssl_secure_clear(inbuf, sizeof(inbuf));