mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-07 08:56:17 +08:00
sm2
This commit is contained in:
Zhi Guan
File diff suppressed because it is too large
Load Diff
BIN
crypto/ecies/a.out
Executable file
BIN
crypto/ecies/a.out
Executable file
Binary file not shown.
@@ -49,8 +49,9 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
#include "kdf.h"
|
||||
|
||||
|
||||
@@ -62,85 +63,89 @@
|
||||
#define cpu_to_be32(v) ((cpu_to_be16(v) << 16) | cpu_to_be16(v >> 16))
|
||||
#endif
|
||||
|
||||
static void *x963_kdf(const EVP_MD *md, const void *share, size_t sharelen,
|
||||
void *key, size_t keylen)
|
||||
static void *x963_kdf(const EVP_MD *md, const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
EVP_MD_CTX ctx;
|
||||
unsigned int counter = 1; //FIXME: uint32_t
|
||||
unsigned int counter_be;
|
||||
uint32_t counter = 1;
|
||||
uint32_t counter_be;
|
||||
unsigned char dgst[EVP_MAX_MD_SIZE];
|
||||
unsigned int dgstlen;
|
||||
int rlen = (int)keylen;
|
||||
unsigned char *out = key;
|
||||
size_t rlen = *outlen;
|
||||
size_t len;
|
||||
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
|
||||
//FIXME: it might be wrong
|
||||
while (rlen > 0) {
|
||||
counter_be = cpu_to_be32(counter);
|
||||
counter++;
|
||||
|
||||
EVP_DigestInit(&ctx, md);
|
||||
EVP_DigestUpdate(&ctx, share, sharelen);
|
||||
EVP_DigestUpdate(&ctx, (const void *)&counter_be, 4);
|
||||
EVP_DigestUpdate(&ctx, in, inlen);
|
||||
EVP_DigestUpdate(&ctx, &counter_be, sizeof(counter_be));
|
||||
EVP_DigestFinal(&ctx, dgst, &dgstlen);
|
||||
|
||||
memcpy(out, dgst, (int)dgstlen > rlen ? rlen : dgstlen);
|
||||
rlen -= dgstlen;
|
||||
out += dgstlen;
|
||||
len = dgstlen <= rlen ? dgstlen : rlen;
|
||||
memcpy(out, dgst, len);
|
||||
rlen -= len;
|
||||
out += len;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_cleanup(&ctx);
|
||||
return key;
|
||||
return out;
|
||||
}
|
||||
|
||||
static void *x963_md5kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_md5kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_md5(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_md5(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_rmd160kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_rmd160kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_ripemd160(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_ripemd160(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_sha1kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sha1kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sha1(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sha1(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_sha224kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sha224kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sha224(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sha224(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_sha256kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sha256kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sha256(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sha256(), in, inlen, out, *outlen);
|
||||
}
|
||||
|
||||
static void *x963_sha384kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sha384kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sha384(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sha384(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_sha512kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sha512kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sha512(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sha512(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
static void *x963_sm3kdf(const void *share, size_t sharelen,
|
||||
void *key, size_t *keylen)
|
||||
static void *x963_sm3kdf(const void *in, size_t inlen,
|
||||
void *out, size_t *outlen)
|
||||
{
|
||||
return x963_kdf(EVP_sm3(), share, sharelen, key, *keylen);
|
||||
return x963_kdf(EVP_sm3(), in, inlen, out, outlen);
|
||||
}
|
||||
|
||||
//FIXME: whirlpool
|
||||
|
||||
KDF_FUNC KDF_get_x9_63(const EVP_MD *md)
|
||||
{
|
||||
if (md == EVP_md5())
|
||||
|
||||
23
crypto/ecies/kdftest.c
Normal file
23
crypto/ecies/kdftest.c
Normal file
@@ -0,0 +1,23 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/kdf.h>
|
||||
#include <openssl/rand.h>
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
KDF_FUNC kdf = KDF_get_x9_63(EVP_sm3());
|
||||
unsigned char buf[1024];
|
||||
unsigned char key[128];
|
||||
size_t keylen = 12;
|
||||
int i;
|
||||
|
||||
memset(buf, 0x32, sizeof(buf));
|
||||
kdf(buf, sizeof(buf), key, &keylen);
|
||||
|
||||
for (i = 0; i < keylen; i++) {
|
||||
printf("%02x", key[i]);
|
||||
}
|
||||
printf("\n");
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -198,6 +198,7 @@ typedef struct err_state_st {
|
||||
# define ERR_LIB_HMAC 48
|
||||
# define ERR_LIB_JPAKE 49
|
||||
# define ERR_LIB_ECIES 50
|
||||
# define ERR_LIB_SM2 51
|
||||
|
||||
# define ERR_LIB_USER 128
|
||||
|
||||
@@ -235,6 +236,7 @@ typedef struct err_state_st {
|
||||
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
|
||||
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
|
||||
# define ECIESerr(f,r) ERR_PUT_error(ERR_LIB_ECIES,(f),(r),__FILE__,__LINE__)
|
||||
# define SM2err(f, r) ERR_PUT_error(ERR_LIB_SM2,(f),(r),__FILE__,__LINE__)
|
||||
|
||||
/*
|
||||
* Borland C seems too stupid to be able to shift and do longs in the
|
||||
@@ -291,7 +293,8 @@ typedef struct err_state_st {
|
||||
# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
|
||||
# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
|
||||
# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
|
||||
# define ERR_R_ECIES_LIB ERR_LIB_ECIES/* 50 */
|
||||
# define ERR_R_ECIES_LIB ERR_LIB_ECIES/* 50 */
|
||||
# define ERR_R_SM2_LIB ERR_LIB_SM2/* 51 */
|
||||
|
||||
# define ERR_R_NESTED_ASN1_ERROR 58
|
||||
# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
|
||||
|
||||
BIN
crypto/sm2/a.out
Executable file
BIN
crypto/sm2/a.out
Executable file
Binary file not shown.
@@ -80,83 +80,75 @@ typedef struct sm2_ciphertext_value_st {
|
||||
} SM2_CIPHERTEXT_VALUE;
|
||||
|
||||
|
||||
typedef ECDSA_SIG SM2_SIG;
|
||||
|
||||
|
||||
char *SM2_get_id(EC_KEY *ec_key);
|
||||
int SM2_set_id(EC_KEY *ec_key, const char *id);
|
||||
|
||||
|
||||
int SM2_compute_id_digest(unsigned char *dgst, unsigned int *dgstlen,
|
||||
const EVP_MD *md, const void *id, size_t idlen, EC_KEY *ec_key);
|
||||
|
||||
int SM2_compute_za(unsigned char *za, const EVP_MD *md,
|
||||
const void *id, size_t idlen, EC_KEY *ec_key);
|
||||
|
||||
int SM2_compute_digest(unsigned char *dgst, unsigned int *dgstlen,
|
||||
const EVP_MD *za_md, const void *id, size_t idlen, EC_KEY *ec_key,
|
||||
const EVP_MD *msg_md, const void *msg, size_t msglen);
|
||||
|
||||
int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
|
||||
point_conversion_form_t point_form, size_t mlen,
|
||||
const EVP_MD *mac_md);
|
||||
|
||||
void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv);
|
||||
|
||||
int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
|
||||
const EC_GROUP *ec_group, point_conversion_form_t point_form,
|
||||
unsigned char *buf, size_t *buflen);
|
||||
|
||||
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
|
||||
point_conversion_form_t point_form, const EVP_MD *mac_md,
|
||||
const unsigned char *buf, size_t buflen);
|
||||
|
||||
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const SM2_CIPHERTEXT_VALUE *cv,
|
||||
int indent, unsigned long flags);
|
||||
|
||||
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
|
||||
const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags);
|
||||
SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
|
||||
|
||||
int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
const SM2_CIPHERTEXT_VALUE *cv, unsigned char *out, size_t *outlen,
|
||||
EC_KEY *ec_key);
|
||||
|
||||
int SM2_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
point_conversion_form_t point_form, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
|
||||
|
||||
int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
point_conversion_form_t point_form, const unsigned char *in,
|
||||
size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key);
|
||||
|
||||
ECDSA_SIG *SM2_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
EC_KEY *ec_key);
|
||||
|
||||
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
|
||||
const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
|
||||
|
||||
int SM2_do_verify(const unsigned char *dgst, int dgstlen,
|
||||
const ECDSA_SIG *sig, EC_KEY *ec_key);
|
||||
|
||||
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
|
||||
|
||||
int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||
|
||||
#define SM2_signature_size(ec_key) ECDSA_size(ec_key)
|
||||
|
||||
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
|
||||
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
|
||||
const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
|
||||
ECDSA_SIG *SM2_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
EC_KEY *ec_key);
|
||||
int SM2_do_verify(const unsigned char *dgst, int dgstlen,
|
||||
const ECDSA_SIG *sig, EC_KEY *ec_key);
|
||||
int SM2_sign_ex(int type, const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen,
|
||||
const BIGNUM *k, const BIGNUM *x, EC_KEY *ec_key);
|
||||
int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||
int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
|
||||
const unsigned char *sig, int siglen, EC_KEY *ec_key);
|
||||
|
||||
|
||||
void ERR_load_SM2_strings(void);
|
||||
|
||||
/* Error codes for the ECIES functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define SM2_F_SM2_DO_ENCRYPT 100
|
||||
#define SM2_F_SM2_DO_DECRYPT 101
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_FREE 102
|
||||
#define SM2_F_SM2_SET_ID 100
|
||||
#define SM2_F_SM2_GET_ID 101
|
||||
#define SM2_F_SM2_COMPUTE_ID_DIGEST 102
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_SIZE 103
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_FREE 104
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_ENCODE 105
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_DECODE 106
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_PRINT 107
|
||||
#define SM2_F_SM2_DO_ENCRYPT 108
|
||||
#define SM2_F_SM2_DO_DECRYPT 109
|
||||
#define SM2_F_SM2_ENCRYPT 110
|
||||
#define SM2_F_SM2_DECRYPT 111
|
||||
#define SM2_SIGNATURE_SIZE 112
|
||||
#define SM2_SIGN_SETUP 113
|
||||
#define SM2_DO_SIGN_EX 114
|
||||
#define SM2_DO_SIGN 115
|
||||
#define SM2_DO_VERIFY 116
|
||||
#define SM2_SIGN_EX 117
|
||||
#define SM2_SIGN 118
|
||||
#define SM2_VERIFY 119
|
||||
|
||||
/* Reason codes. */
|
||||
#define SM2_R_BAD_DATA 100
|
||||
|
||||
@@ -187,10 +187,40 @@ end:
|
||||
return ret;
|
||||
}
|
||||
|
||||
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const SM2_CIPHERTEXT_VALUE *cv,
|
||||
int indent, unsigned long flags)
|
||||
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
|
||||
const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags)
|
||||
{
|
||||
OPENSSL_assert(0);
|
||||
int ret = 0;
|
||||
char *hex = NULL;
|
||||
BN_CTX *ctx = BN_CTX_new();
|
||||
int i;
|
||||
|
||||
if (!ctx) {
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(hex = EC_POINT_point2hex(ec_group, cv->ephem_point,
|
||||
POINT_CONVERSION_UNCOMPRESSED, ctx))) {
|
||||
goto end;
|
||||
}
|
||||
|
||||
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.ephem_point: %s\n", hex);
|
||||
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.ciphertext : ");
|
||||
for (i = 0; i < cv->ciphertext_size; i++) {
|
||||
BIO_printf(out, "%02X", cv->ciphertext[i]);
|
||||
}
|
||||
BIO_printf(out, "\n");
|
||||
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.mactag :");
|
||||
for (i = 0; i < cv->mactag_size; i++) {
|
||||
BIO_printf(out, "%02X", cv->mactag[i]);
|
||||
}
|
||||
BIO_printf(out, "\n");
|
||||
|
||||
ret = 1;
|
||||
|
||||
end:
|
||||
OPENSSL_free(hex);
|
||||
BN_CTX_free(ctx);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -286,10 +316,12 @@ SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
|
||||
OPENSSL_assert(nbytes == BN_num_bytes(n));
|
||||
|
||||
#if 0
|
||||
/* check sm2 curve and md is 256 bits */
|
||||
OPENSSL_assert(nbytes == 32);
|
||||
OPENSSL_assert(EVP_MD_size(kdf_md) == 32);
|
||||
OPENSSL_assert(EVP_MD_size(mac_md) == 32);
|
||||
#endif
|
||||
|
||||
do
|
||||
{
|
||||
@@ -321,9 +353,10 @@ SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
}
|
||||
OPENSSL_assert(len == nbytes * 2 + 1);
|
||||
|
||||
/* A5: t = KDF(x2 || y2, klen) */
|
||||
kdf(buf - 1, len - 1, cv->ciphertext, &cv->ciphertext_size);
|
||||
|
||||
/* A5: t = KDF(x2 || y2, klen) */
|
||||
kdf(buf + 1, len - 1, cv->ciphertext, &cv->ciphertext_size);
|
||||
|
||||
|
||||
for (i = 0; i < cv->ciphertext_size; i++) {
|
||||
if (cv->ciphertext[i]) {
|
||||
break;
|
||||
@@ -396,7 +429,7 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
if (!out) {
|
||||
*outlen = inlen - len;
|
||||
return 1;
|
||||
} else if (outlen < inlen - len) {
|
||||
} else if (*outlen < inlen - len) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -433,6 +466,9 @@ int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
size_t size;
|
||||
int i;
|
||||
|
||||
OPENSSL_assert(kdf_md && mac_md && cv && ec_key);
|
||||
OPENSSL_assert(cv->ephem_point && cv->ciphertext);
|
||||
|
||||
if (!ec_group || !pri_key) {
|
||||
goto end;
|
||||
}
|
||||
@@ -468,10 +504,12 @@ int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
|
||||
OPENSSL_assert(nbytes == BN_num_bytes(n));
|
||||
|
||||
#if 0
|
||||
/* check sm2 curve and md is 256 bits */
|
||||
OPENSSL_assert(nbytes == 32);
|
||||
OPENSSL_assert(EVP_MD_size(kdf_md) == 32);
|
||||
OPENSSL_assert(EVP_MD_size(mac_md) == 32);
|
||||
#endif
|
||||
|
||||
/* B2: check [h]C1 != O */
|
||||
if (!EC_POINT_mul(ec_group, point, NULL, cv->ephem_point, h, bn_ctx)) {
|
||||
@@ -489,15 +527,19 @@ int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
|
||||
POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), bn_ctx))) {
|
||||
goto end;
|
||||
}
|
||||
OPENSSL_assert(size == 1 + nbytes * 2);
|
||||
|
||||
/* B4: compute t = KDF(x2 || y2, clen) */
|
||||
kdf(buf - 1, size - 1, out, outlen);
|
||||
|
||||
*outlen = cv->ciphertext_size; //FIXME: duplicated code
|
||||
kdf(buf + 1, size - 1, out, outlen);
|
||||
|
||||
|
||||
/* B5: compute M = C2 xor t */
|
||||
for (i = 0; i < cv->ciphertext_size; i++) {
|
||||
out[i] ^= cv->ciphertext[i];
|
||||
}
|
||||
*outlen = cv->ciphertext_size;
|
||||
|
||||
/* B6: check Hash(x2 || M || y2) == C3 */
|
||||
if (!EVP_DigestInit_ex(md_ctx, mac_md, NULL)) {
|
||||
|
||||
@@ -59,26 +59,77 @@
|
||||
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECIES,func,0)
|
||||
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECIES,0,reason)
|
||||
|
||||
|
||||
#define SM2_F_SM2_SET_ID 100
|
||||
#define SM2_F_SM2_GET_ID 101
|
||||
#define SM2_F_SM2_COMPUTE_ID_DIGEST 102
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_SIZE 103
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_FREE 104
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_ENCODE 105
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_DECODE 106
|
||||
#define SM2_F_SM2_CIPHERTEXT_VALUE_PRINT 107
|
||||
#define SM2_F_SM2_DO_ENCRYPT 108
|
||||
#define SM2_F_SM2_DO_DECRYPT 109
|
||||
#define SM2_F_SM2_ENCRYPT 110
|
||||
#define SM2_F_SM2_DECRYPT 111
|
||||
#define SM2_SIGNATURE_SIZE 112
|
||||
#define SM2_SIGN_SETUP 113
|
||||
#define SM2_DO_SIGN_EX 114
|
||||
#define SM2_DO_SIGN 115
|
||||
#define SM2_DO_VERIFY 116
|
||||
#define SM2_SIGN_EX 117
|
||||
#define SM2_SIGN 118
|
||||
#define SM2_VERIFY 119
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
static ERR_STRING_DATA SM2_str_functs[] = {
|
||||
/*
|
||||
{ERR_FUNC(ECIES_F_ECIES_DO_ENCRYPT), "ECIES_do_encrypt"},
|
||||
{ERR_FUNC(ECIES_F_ECIES_DO_DECRYPT), "ECIES_do_decrypt"},
|
||||
*/
|
||||
{ERR_FUNC(SM2_F_SM2_SET_ID), "SM2_SET_ID"},
|
||||
{ERR_FUNC(SM2_F_SM2_GET_ID), "SM2_F_SM2_GET_ID"},
|
||||
{ERR_FUNC(SM2_F_SM2_COMPUTE_ID_DIGEST), "SM2_compute_id_digest"},
|
||||
{ERR_FUNC(SM2_F_SM2_CIPHERTEXT_VALUE_SIZE), "SM2_CIPHERTEXT_VALUE_size"},
|
||||
{ERR_FUNC(SM2_F_SM2_CIPHERTEXT_VALUE_FREE), "SM2_CIPHERTEXT_VALUE_free"},
|
||||
{ERR_FUNC(SM2_F_SM2_CIPHERTEXT_VALUE_ENCODE), "SM2_CIPHERTEXT_VALUE_encode"},
|
||||
{ERR_FUNC(SM2_F_SM2_CIPHERTEXT_VALUE_DECODE), "SM2_CIPHERTEXT_VALUE_decode"},
|
||||
{ERR_FUNC(SM2_F_SM2_CIPHERTEXT_VALUE_PRINT), "SM2_CIPHERTEXT_VALUE_print"},
|
||||
{ERR_FUNC(SM2_F_SM2_DO_ENCRYPT), "SM2_do_encrypt"},
|
||||
{ERR_FUNC(SM2_F_SM2_DO_DECRYPT), "SM2_do_decrypt"},
|
||||
{ERR_FUNC(SM2_F_SM2_ENCRYPT), "SM2_encrypt"},
|
||||
{ERR_FUNC(SM2_F_SM2_DECRYPT), "SM2_decrypt"},
|
||||
{ERR_FUNC(SM2_SIGNATURE_SIZE), "SM2_signature_size"},
|
||||
{ERR_FUNC(SM2_SIGN_SETUP), "SM2_sign_setup"},
|
||||
{ERR_FUNC(SM2_DO_SIGN_EX), "SM2_do_sign_ex"},
|
||||
{ERR_FUNC(SM2_DO_SIGN), "SM2_do_sign"},
|
||||
{ERR_FUNC(SM2_DO_VERIFY), "SM2_do_verify"},
|
||||
{ERR_FUNC(SM2_SIGN_EX), "SM2_sign_ex"},
|
||||
{ERR_FUNC(SM2_SIGN), "SM2_sign"},
|
||||
{ERR_FUNC(SM2_VERIFY), "SM2_verify"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
static ERR_STRING_DATA SM2_str_reasons[] = {
|
||||
/*
|
||||
{ERR_REASON(ECIES_R_BAD_DATA), "bad data"},
|
||||
{ERR_REASON(ECIES_R_UNKNOWN_CIPHER_TYPE),"unknown cipher type"},
|
||||
{ERR_REASON(ECIES_R_ENCRYPT_FAILED), "encrypt failed"},
|
||||
{ERR_REASON(ECIES_R_DECRYPT_FAILED), "decrypt failed"},
|
||||
{ERR_REASON(ECIES_R_UNKNOWN_MAC_TYPE), "unknown MAC type"},
|
||||
{ERR_REASON(ECIES_R_GEN_MAC_FAILED), "MAC generation failed"},
|
||||
{ERR_REASON(ECIES_R_VERIFY_MAC_FAILED), "MAC verification failed"},
|
||||
{ERR_REASON(ECIES_R_ECDH_FAILED), "ECDH failed"},
|
||||
{ERR_REASON(ECIES_R_BUFFER_TOO_SMALL), "buffer too small"},
|
||||
*/
|
||||
{ERR_REASON(SM2_R_BAD_DATA), "bad data"},
|
||||
{ERR_REASON(SM2_R_UNKNOWN_CIPHER_TYPE),"unknown cipher type"},
|
||||
{ERR_REASON(SM2_R_ENCRYPT_FAILED), "encrypt failed"},
|
||||
{ERR_REASON(SM2_R_DECRYPT_FAILED), "decrypt failed"},
|
||||
{ERR_REASON(SM2_R_UNKNOWN_MAC_TYPE), "unknown MAC type"},
|
||||
{ERR_REASON(SM2_R_GEN_MAC_FAILED), "MAC generation failed"},
|
||||
{ERR_REASON(SM2_R_VERIFY_MAC_FAILED), "MAC verification failed"},
|
||||
{ERR_REASON(SM2_R_ECDH_FAILED), "ECDH failed"},
|
||||
{ERR_REASON(SM2_R_BUFFER_TOO_SMALL), "buffer too small"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
|
||||
@@ -1,194 +1,78 @@
|
||||
/* crypto/sm2/sm2test.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the GmSSL Project.
|
||||
* (http://gmssl.org/)"
|
||||
*
|
||||
* 4. The name "GmSSL Project" must not be used to endorse or promote
|
||||
* products derived from this software without prior written
|
||||
* permission. For written permission, please contact
|
||||
* guanzhi1980@gmail.com.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "GmSSL"
|
||||
* nor may "GmSSL" appear in their names without prior written
|
||||
* permission of the GmSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the GmSSL Project
|
||||
* (http://gmssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/sm2.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/ec.h>
|
||||
#include <openssl/ecdsa.h>
|
||||
#include "sm2.h"
|
||||
#include "sm3.h"
|
||||
|
||||
void SM2PKE_test3()
|
||||
static int test_sm2_sign(void)
|
||||
{
|
||||
/* test3 params */
|
||||
const char *p = "8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3";
|
||||
const char *a = "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498";
|
||||
const char *b = "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A";
|
||||
const char *xG = "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D";
|
||||
const char *yG = "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2";
|
||||
const char *n = "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7";
|
||||
const char *dB = "1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0";
|
||||
const char *xB = "435B39CCA8F3B508C1488AFC67BE491A0F7BA07E581A0E4849A5CF70628A7E0A";
|
||||
const char *yB = "75DDBA78F15FEECB4C7895E2C1CDF5FE01DEBB2CDBADF45399CCF77BBA076A42";
|
||||
|
||||
BIGNUM *bn_p = BN_new();
|
||||
BN_hex2bn(&bn_p, p);
|
||||
BIGNUM *bn_a = BN_new();
|
||||
BN_hex2bn(&bn_a, a);
|
||||
BIGNUM *bn_b = BN_new();
|
||||
BN_hex2bn(&bn_b, b);
|
||||
BIGNUM *bn_xG = BN_new();
|
||||
BN_hex2bn(&bn_xG, xG);
|
||||
BIGNUM *bn_yG = BN_new();
|
||||
BN_hex2bn(&bn_yG, yG);
|
||||
BIGNUM *bn_n = BN_new();
|
||||
BN_hex2bn(&bn_n, n);
|
||||
BIGNUM *bn_dB = BN_new();
|
||||
BN_hex2bn(&bn_dB, dB);
|
||||
BIGNUM *bn_xB = BN_new();
|
||||
BN_hex2bn(&bn_xB, xB);
|
||||
BIGNUM *bn_yB = BN_new();
|
||||
BN_hex2bn(&bn_yB, yB);
|
||||
|
||||
BN_CTX *bn_ctx = BN_CTX_new();
|
||||
EC_GROUP *ec_group = EC_GROUP_new(EC_GFp_mont_method());
|
||||
EC_GROUP_set_curve_GFp(ec_group, bn_p, bn_a, bn_b, bn_ctx);
|
||||
|
||||
EC_POINT *G = EC_POINT_new(ec_group);
|
||||
EC_POINT_set_affine_coordinates_GFp(ec_group, G, bn_xG, bn_yG, bn_ctx);
|
||||
BIGNUM *bn_h = BN_new(); /* cofactor h = #E(Fp) / n */
|
||||
BN_div(bn_h, NULL, bn_p, bn_n, bn_ctx);
|
||||
EC_GROUP_set_generator(ec_group, G, bn_n, bn_h);
|
||||
|
||||
EC_POINT *PB = EC_POINT_new(ec_group);
|
||||
EC_POINT_set_affine_coordinates_GFp(ec_group, PB, bn_xB, bn_yB, bn_ctx);
|
||||
EC_KEY *ec_key_B = EC_KEY_new();
|
||||
EC_KEY_set_group(ec_key_B, ec_group);
|
||||
EC_KEY_set_private_key(ec_key_B, bn_dB);
|
||||
EC_KEY_set_public_key(ec_key_B, PB);
|
||||
|
||||
BN_free(bn_p);
|
||||
BN_free(bn_a);
|
||||
BN_free(bn_b);
|
||||
BN_free(bn_n);
|
||||
BN_free(bn_xG);
|
||||
BN_free(bn_yG);
|
||||
BN_free(bn_dB);
|
||||
BN_free(bn_xB);
|
||||
BN_free(bn_yB);
|
||||
BN_free(bn_h);
|
||||
BN_CTX_free(bn_ctx);
|
||||
EC_POINT_free(G);
|
||||
EC_POINT_free(PB);
|
||||
EC_GROUP_free(ec_group);
|
||||
|
||||
char *M = "encryption standard";
|
||||
char *ctest = "04245C26FB68B1DDDDB12C4B6BF9F2B6D5FE60A383B0D18D1C4144ABF17F6252"
|
||||
"E776CB9264C2A7E88E52B19903FDC47378F605E36811F5C07423A24B84400F01"
|
||||
"B8650053A89B41C418B0C3AAD00D886C002864679C3D7360C30156FAB7C80A02"
|
||||
"76712DA9D8094A634B766D3A285E07480653426D";
|
||||
BIGNUM *ct = BN_new();
|
||||
BN_hex2bn(&ct, ctest);
|
||||
unsigned char ct2bin[116];
|
||||
BN_bn2bin(ct, ct2bin);
|
||||
BN_free(ct);
|
||||
|
||||
int mlen = strlen(M);
|
||||
int c1len = PRIME_SIZE / 8 * 2 + 1;
|
||||
int clen = c1len + mlen + HASH_V / 8;
|
||||
|
||||
unsigned char *C = malloc(sizeof(unsigned char) * clen);
|
||||
sm2_pke_encrypt(C, M, mlen, ec_key_B);
|
||||
if (memcmp(C, ct2bin, clen) == 0)
|
||||
printf("sm2_pke_encrypt passed.\n");
|
||||
else
|
||||
printf("sm2_pke_encrypt failed.\n");
|
||||
free(C);
|
||||
|
||||
int m1len = clen - c1len - HASH_V / 8;
|
||||
unsigned char *M1bin = malloc(sizeof(unsigned char) * m1len);
|
||||
sm2_pke_decrypt((char *)ct2bin, M1bin, m1len, ec_key_B);
|
||||
if (memcmp(M1bin, M, m1len) == 0)
|
||||
printf("sm2_pke_decrypt passed.\n");
|
||||
else
|
||||
printf("sm2_pke_decrypt failed.\n");
|
||||
free(M1bin);
|
||||
|
||||
EC_KEY_free(ec_key_B);
|
||||
}
|
||||
|
||||
int main()
|
||||
{
|
||||
SM2PKE_test3();
|
||||
return 0;
|
||||
}
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <openssl/ec.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/ecdsa.h>
|
||||
#include <openssl/objects.h>
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
int ok;
|
||||
EC_KEY *ec_key;
|
||||
ECDSA_SIG *sig;
|
||||
int rv;
|
||||
EC_KEY *ec_key = NULL;
|
||||
unsigned char dgst[32];
|
||||
ECDSA_SIG *sig = NULL;
|
||||
unsigned char sigbuf[128];
|
||||
unsigned int siglen;
|
||||
|
||||
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
|
||||
OPENSSL_assert(ec_key);
|
||||
rv = EC_KEY_generate_key(ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
|
||||
ok = EC_KEY_generate_key(ec_key);
|
||||
OPENSSL_assert(ok);
|
||||
RAND_bytes(dgst, sizeof(dgst));
|
||||
|
||||
sig = SM2_do_sign(dgst, (int)sizeof(dgst), ec_key);
|
||||
OPENSSL_assert(sig);
|
||||
rv = SM2_do_verify(dgst, (int)sizeof(dgst), sig, ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
|
||||
sig = ECDSA_do_sign(dgst, 32, ec_key);
|
||||
ok = ECDSA_do_verify(dgst, 32, sig, ec_key);
|
||||
rv = SM2_sign(0, dgst, sizeof(dgst), sigbuf, &siglen, ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
rv = SM2_verify(0, dgst, sizeof(dgst), sigbuf, siglen, ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
|
||||
printf("ok = %d\n", ok);
|
||||
EC_KEY_free(ec_key);
|
||||
ECDSA_SIG_free(sig);
|
||||
|
||||
printf("%s() success\n", __FUNCTION__);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int test_sm2_enc(void)
|
||||
{
|
||||
int rv;
|
||||
EC_KEY *ec_key = NULL;
|
||||
char *msg = "Hello world!";
|
||||
SM2_CIPHERTEXT_VALUE *cv = NULL;
|
||||
unsigned char ctbuf[512];
|
||||
unsigned char ptbuf[512];
|
||||
size_t len;
|
||||
|
||||
|
||||
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
|
||||
OPENSSL_assert(ec_key);
|
||||
rv = EC_KEY_generate_key(ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
|
||||
cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), msg, (size_t)strlen(msg), ec_key);
|
||||
OPENSSL_assert(cv);
|
||||
|
||||
{
|
||||
BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
|
||||
SM2_CIPHERTEXT_VALUE_print(bio, EC_KEY_get0_group(ec_key), cv, 0, 0);
|
||||
}
|
||||
|
||||
len = sizeof(ptbuf);
|
||||
rv = SM2_do_decrypt(EVP_sm3(), EVP_sm3(), cv, ptbuf, &len, ec_key);
|
||||
OPENSSL_assert(rv == 1);
|
||||
|
||||
printf("%s() success\n", __FUNCTION__);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
test_sm2_sign();
|
||||
test_sm2_enc();
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -243,7 +243,6 @@ void sms4_encrypt(const unsigned char *in, unsigned char *out, sms4_key_t *key)
|
||||
{
|
||||
uint32_t *rk = key->rk;
|
||||
uint32_t X0, X1, X2, X3, X4;
|
||||
int i;
|
||||
|
||||
X0 = GETU32(in );
|
||||
X1 = GETU32(in + 4);
|
||||
|
||||
@@ -73,18 +73,18 @@ typedef struct {
|
||||
void sms4_set_encrypt_key(sms4_key_t *key, const unsigned char *user_key);
|
||||
void sms4_set_decrypt_key(sms4_key_t *key, const unsigned char *user_key);
|
||||
void sms4_encrypt(const unsigned char *in, unsigned char *out, sms4_key_t *key);
|
||||
void sms4_ecb_encrypt(const unsigned char *in, unsigned char *out, const sms4_key_t *key, int encrypt);
|
||||
void sms4_ecb_encrypt(const unsigned char *in, unsigned char *out, sms4_key_t *key, int enc);
|
||||
|
||||
|
||||
void sms4_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
|
||||
const sms4_key_t *key, unsigned char *ivec, int encrypt);
|
||||
sms4_key_t *key, unsigned char *ivec, int encrypt);
|
||||
void sms4_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const sms4_key_t *key,
|
||||
size_t length, sms4_key_t *key,
|
||||
unsigned char *ivec, int *num, int encrypt);
|
||||
void sms4_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const sms4_key_t *key,
|
||||
unsigned char ivec[SMS4_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
int *num);
|
||||
|
||||
#define sms4_decrypt(in,out,key) sms4_encrypt(in,out,key)
|
||||
|
||||
|
||||
@@ -56,7 +56,7 @@
|
||||
#include "sms4.h"
|
||||
|
||||
void sms4_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const sms4_key_t *key,
|
||||
size_t len, sms4_key_t *key,
|
||||
unsigned char *ivec, int encrypt)
|
||||
{
|
||||
if(encrypt)
|
||||
|
||||
@@ -68,7 +68,7 @@
|
||||
|
||||
|
||||
void sms4_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const sms4_key_t *key,
|
||||
size_t length, sms4_key_t *key,
|
||||
unsigned char *ivec, int *num, int encrypt) {
|
||||
CRYPTO_cfb128_encrypt(in,out,length,key,ivec,num,encrypt,(block128_f)sms4_encrypt);
|
||||
}
|
||||
|
||||
@@ -56,7 +56,7 @@
|
||||
#include "sms4.h"
|
||||
#include <assert.h>
|
||||
|
||||
void sms4_ecb_encrypt(const unsigned char *in, unsigned char *out, const sms4_key_t *key, int encrypt) {
|
||||
void sms4_ecb_encrypt(const unsigned char *in, unsigned char *out, sms4_key_t *key, int encrypt) {
|
||||
assert(in && out && key);
|
||||
if(encrypt)
|
||||
sms4_encrypt(in, out, key);
|
||||
|
||||
@@ -62,11 +62,13 @@
|
||||
#endif
|
||||
#include <assert.h>
|
||||
|
||||
|
||||
void sms4_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const sms4_key_t *key,
|
||||
unsigned char ivec[SMS4_BLOCK_SIZE],
|
||||
unsigned int *num) {
|
||||
int *num)
|
||||
{
|
||||
CRYPTO_ofb128_encrypt(in,out,length,key,ivec,num,(block128_f)sms4_encrypt);
|
||||
}
|
||||
//cprefix##_ofb##cbits##_encrypt
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user