diff --git a/CMakeLists.txt b/CMakeLists.txt index baf0003f..549df128 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,6 +1,7 @@ cmake_minimum_required(VERSION 2.8.11) project(GmSSL) +set(CMAKE_MACOSX_RPATH 1) SET(EXECUTABLE_OUTPUT_PATH ${PROJECT_BINARY_DIR}/bin) SET(LIBRARY_OUTPUT_PATH ${PROJECT_BINARY_DIR}/lib) diff --git a/include/gmssl/aes.h b/include/gmssl/aes.h index 2529f927..2c9a2650 100644 --- a/include/gmssl/aes.h +++ b/include/gmssl/aes.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/asn1.h b/include/gmssl/asn1.h index 6e87b166..163e8ee7 100644 --- a/include/gmssl/asn1.h +++ b/include/gmssl/asn1.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -268,6 +268,8 @@ int asn1_sequence_of_get_next_item(const ASN1_SEQUENCE_OF *a, const uint8_t **ne int asn1_sequence_of_get_count(const ASN1_SEQUENCE_OF *a, size_t *count); +int asn1_check(int expr); + #if __cplusplus } diff --git a/include/gmssl/base64.h b/include/gmssl/base64.h index ae94ef93..ec45d08a 100644 --- a/include/gmssl/base64.h +++ b/include/gmssl/base64.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/block_cipher.h b/include/gmssl/block_cipher.h index f5df99a6..a357b9c8 100644 --- a/include/gmssl/block_cipher.h +++ b/include/gmssl/block_cipher.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/chacha20.h b/include/gmssl/chacha20.h index a8a04250..24ebba81 100644 --- a/include/gmssl/chacha20.h +++ b/include/gmssl/chacha20.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/cms.h b/include/gmssl/cms.h index c164660d..412c1439 100755 --- a/include/gmssl/cms.h +++ b/include/gmssl/cms.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -47,88 +47,6 @@ */ -/* - - - -ContentInfo ::= SEQUENCE { - contentType OBJECT IDENTIFIER, - content [0] EXPLICIT ANY OPTIONAL -} - - -data 1.2.156.10197.6.1.4.2.1 - - - - - -data ::= OCTET STRING - -SignedData ::= SEQUENCE { - version INTEGER (1), - digestAlgorithms SET OF AlgorithmIdentifier, - contentInfo ContentInfo, - certificates [0] IMPLICIT SET OF Certificate OPTIONAL, - crls [1] IMPLICIT SET OF CertificateRevocationList OPTIONAL, - signerInfos SET OF SignerInfo -} - -SignerInfo ::= SEQUENCE { - version INTEGER (1), - issuerAndSerialNumber IssuerAndSerialNumber, - digestAlgorithm AlgorithmIdentifier, - authenticatedAttributes [0] IMPLICIT SET OF Attribute OPTINOAL, - digestEncryptionAlgorithm AlgorithmIdentifier, - encryptedDigest OCTET STRING, - unauthenticatedAttributes [1] IMPLICIT SET OF Attribute OPTINOAL, -} - -EnvelopedData ::= SEQUENCE { - version INTEGER (1), - recipientInfos SET OF RecipientInfo, - encryptedContentInfo EncryptedContentInfo -} - -EncryptedContentInfo ::= SEQUENCE { - contentType OBJECT IDENTIFIER, - contentEncryptionAlgorithm AlgorithmIdentifier, - encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL, - sharedInfo1 [1] IMPLICIT OCTET STRING OPTIONAL, - sharedInfo2 [2] IMPLICIT OCTET STRING OPTIONAL, -} - -RecipientInfo ::= SEQUENCE { - version INTEGER (1), - issuerAndSerialNumber IssuerAndSerialNumber, - keyEncryptionAlgorithm AlgorithmIdentifier, - encryptedKey OCTET STRING -} - -SignedAndEnvelopedData ::= SEQUENCE { - version INTEGER (1), - recipientInfos SET OF RecipientInfo, - digestAlgorithms SET OF AlgorithmIdentifier, - encryptedContentInfo EncryptedContentInfo, - certificates [0] IMPLICIT SET OF Certificate OPTIONAL, - crls [1] IMPLICIT SET OF CertificateRevocationList OPTIONAL, - signerInfos SET OF SignerInfo -} - -EncryptedData ::= SEQUENCE { - version INTEGER (1), - encryptedContentInfo EncryptedContentInfo -} - -KeyAgreementInfo ::= SEQUENCE { - version INTEGER (1), - tempPublicKeyR SM2PublicKey, - userCertificate Certificate, - userID OCTET STRING -} -*/ - - #ifndef GMSSL_CMS_H #define GMSSL_CMS_H @@ -149,8 +67,6 @@ enum { CMS_version = 1, }; - - typedef enum { CMS_data = 1, CMS_signed_data = 2, @@ -163,11 +79,7 @@ typedef enum { -/* -IssuerAndSerialNumber ::= SEQUENCE { - issuer Name, - serialNumber INTEGER } -*/ + int cms_issuer_and_serial_number_from_certificate(const X509_NAME **issuer, const uint8_t **serial_number, size_t *serial_number_len, const X509_CERTIFICATE *cert); @@ -211,9 +123,9 @@ int cms_signer_info_to_der(const X509_NAME *issuer, int cms_signer_info_from_der(X509_NAME *issuer, const uint8_t **serial_number, size_t *serial_number_len, - int *digest_algor, uint32_t *nodes, size_t *nodes_count, + int *digest_algor, const uint8_t **authed_attrs, size_t *authed_attrs_len, - int *sign_algor, uint32_t *sign_algor_nodes, size_t *sign_algor_nodes_count, + int *sign_algor, const uint8_t **enced_digest, size_t *enced_digest_len, const uint8_t **unauthed_attrs, size_t *unauthed_attrs_len, const uint8_t **in, size_t *inlen); @@ -267,7 +179,26 @@ int cms_sign(const SM2_KEY *sign_keys, const uint8_t **crls, size_t *crls_lens, size_t crls_count, uint8_t *content_info, size_t *content_info_len); +int cms_encrypt(const uint8_t key[16], const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen); +int cms_decrypt(const uint8_t key[16], const uint8_t *in, size_t inlen, + int *content_type, uint8_t *out, size_t *outlen, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len); + +int cms_enced_content_info_to_der(int enc_algor, const uint8_t *enc_iv, size_t enc_iv_len, + int content_type, const uint8_t *enced_content, size_t enced_content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen); + +int cms_enced_content_info_from_der(int *content_type, + int *enc_algor, const uint8_t **enc_iv, size_t *enc_iv_len, + const uint8_t **enced_content, size_t *enced_content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen); #ifdef __cplusplus diff --git a/include/gmssl/crl.h b/include/gmssl/crl.h index 3951c492..43044202 100644 --- a/include/gmssl/crl.h +++ b/include/gmssl/crl.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/des.h b/include/gmssl/des.h index 78647cde..f879d64e 100644 --- a/include/gmssl/des.h +++ b/include/gmssl/des.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/digest.h b/include/gmssl/digest.h index 7887a63c..9633dedf 100644 --- a/include/gmssl/digest.h +++ b/include/gmssl/digest.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/error.h b/include/gmssl/error.h index e119a48a..c4ec5f09 100644 --- a/include/gmssl/error.h +++ b/include/gmssl/error.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/gcm.h b/include/gmssl/gcm.h index 10e372e3..ce7035ad 100644 --- a/include/gmssl/gcm.h +++ b/include/gmssl/gcm.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/gf128.h b/include/gmssl/gf128.h index dd17ed83..a795619e 100644 --- a/include/gmssl/gf128.h +++ b/include/gmssl/gf128.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/hash_drbg.h b/include/gmssl/hash_drbg.h index c539bacc..7f110110 100644 --- a/include/gmssl/hash_drbg.h +++ b/include/gmssl/hash_drbg.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/hex.h b/include/gmssl/hex.h index a0214097..466019a7 100644 --- a/include/gmssl/hex.h +++ b/include/gmssl/hex.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/hkdf.h b/include/gmssl/hkdf.h index 8c0f2396..85c0dddf 100644 --- a/include/gmssl/hkdf.h +++ b/include/gmssl/hkdf.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/hmac.h b/include/gmssl/hmac.h index ee34c1e9..62511e85 100644 --- a/include/gmssl/hmac.h +++ b/include/gmssl/hmac.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/md5.h b/include/gmssl/md5.h index ed1a4388..e388690c 100755 --- a/include/gmssl/md5.h +++ b/include/gmssl/md5.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/oid.h b/include/gmssl/oid.h index c1d60453..8b3390da 100644 --- a/include/gmssl/oid.h +++ b/include/gmssl/oid.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * OCSPSigning * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/pbkdf2.h b/include/gmssl/pbkdf2.h index 25564385..01a17443 100644 --- a/include/gmssl/pbkdf2.h +++ b/include/gmssl/pbkdf2.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/pem.h b/include/gmssl/pem.h index 4506ccc1..940f0f32 100644 --- a/include/gmssl/pem.h +++ b/include/gmssl/pem.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/pkcs8.h b/include/gmssl/pkcs8.h index 0613a13a..07b56a91 100644 --- a/include/gmssl/pkcs8.h +++ b/include/gmssl/pkcs8.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/rand.h b/include/gmssl/rand.h index d88c2ecf..8a27f3dd 100644 --- a/include/gmssl/rand.h +++ b/include/gmssl/rand.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/rc4.h b/include/gmssl/rc4.h index c646b0fb..5bffb479 100644 --- a/include/gmssl/rc4.h +++ b/include/gmssl/rc4.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sha1.h b/include/gmssl/sha1.h index b0ea1aee..9dab2470 100755 --- a/include/gmssl/sha1.h +++ b/include/gmssl/sha1.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sha2.h b/include/gmssl/sha2.h index 00040c7b..eb2ecfb3 100755 --- a/include/gmssl/sha2.h +++ b/include/gmssl/sha2.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sha3.h b/include/gmssl/sha3.h index b6dd4a0d..0497aec6 100644 --- a/include/gmssl/sha3.h +++ b/include/gmssl/sha3.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sm2.h b/include/gmssl/sm2.h index 71527150..e8df7f92 100644 --- a/include/gmssl/sm2.h +++ b/include/gmssl/sm2.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sm3.h b/include/gmssl/sm3.h index fc69010c..aa2b3dca 100755 --- a/include/gmssl/sm3.h +++ b/include/gmssl/sm3.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sm4.h b/include/gmssl/sm4.h index 0153a209..833d46cf 100644 --- a/include/gmssl/sm4.h +++ b/include/gmssl/sm4.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/sm9.h b/include/gmssl/sm9.h index 8e69070b..c4a3fd2b 100644 --- a/include/gmssl/sm9.h +++ b/include/gmssl/sm9.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2016 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/tls.h b/include/gmssl/tls.h index 3d3ca8ea..5e63bf49 100644 --- a/include/gmssl/tls.h +++ b/include/gmssl/tls.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/include/gmssl/x509.h b/include/gmssl/x509.h index 361b0bf9..f3c86ae4 100644 --- a/include/gmssl/x509.h +++ b/include/gmssl/x509.h @@ -168,23 +168,35 @@ AlgorithmIdentifier ::= SEQUENCE { 当 algorithm 为 ECDSA/SM2 时,parameters 为空 当 algorithm 为 RSA 时,parameters 为 ASN1_NULL 对象 */ -int x509_signature_algor_to_der(int oid, uint8_t **out, size_t *outlen); -int x509_signature_algor_from_der(int *oid, const uint8_t **in, size_t *inlen); +int x509_signature_algor_to_der(int algor, uint8_t **out, size_t *outlen); -const char *x509_digest_algor_name(int oid); +int x509_signature_algor_from_der( + int *algor, uint32_t algor_nodes[32], size_t *algor_nodes_count, + const uint8_t **in, size_t *inlen); + +const char *x509_digest_algor_name(int algor); int x509_digest_algor_to_der(int oid, uint8_t **out, size_t *outlen); int x509_digest_algor_from_der(int *oid, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen); + +const char *x509_encryption_algor_name(int algor); + int x509_encryption_algor_to_der(int cipher, const uint8_t *iv, size_t ivlen, uint8_t **out, size_t *outlen); -int x509_encryption_algor_from_der(int *cipher, + + + +int x509_encryption_algor_from_der( + int *algor, uint32_t algor_nodes[32], size_t *algor_nodes_count, const uint8_t **iv, size_t *ivlen, const uint8_t **in, size_t *inlen); + int x509_public_key_encryption_algor_to_der(int algor, uint8_t **out, size_t *outlen); + int x509_public_key_encryption_algor_from_der(int *algor, uint32_t *nodes, size_t *nodes_count, - const uint8_t *params, size_t *params_len, + const uint8_t **params, size_t *params_len, const uint8_t **in, size_t *inlen); diff --git a/include/gmssl/zuc.h b/include/gmssl/zuc.h index 4ed5a0b2..49b325cd 100755 --- a/include/gmssl/zuc.h +++ b/include/gmssl/zuc.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/aes.c b/src/aes.c index 1611f42a..31bfd866 100644 --- a/src/aes.c +++ b/src/aes.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/aes_modes.c b/src/aes_modes.c index ca132573..70d805a2 100644 --- a/src/aes_modes.c +++ b/src/aes_modes.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/asn1.c b/src/asn1.c index 6941eb3e..970d3437 100644 --- a/src/asn1.c +++ b/src/asn1.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -1032,3 +1032,11 @@ int asn1_sequence_of_get_count(const ASN1_SEQUENCE_OF *a, size_t *count) } return 1; } + +int asn1_check(int expr) +{ + if (expr) + return 1; + error_print(); + return -1; +} diff --git a/src/base64.c b/src/base64.c index 48a4796b..c7ed60ce 100644 --- a/src/base64.c +++ b/src/base64.c @@ -1,4 +1,4 @@ -/* +/* * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use diff --git a/src/block_cipher.c b/src/block_cipher.c index cf67485f..042d61de 100644 --- a/src/block_cipher.c +++ b/src/block_cipher.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/chacha20.c b/src/chacha20.c index 21b523ad..5b3cccce 100644 --- a/src/chacha20.c +++ b/src/chacha20.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/cms.c b/src/cms.c index 7f76911b..fc0fa00a 100644 --- a/src/cms.c +++ b/src/cms.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -56,9 +56,461 @@ #include #include #include +#include #include +/* +data ::= OCTET STRING +*/ + + + +int cms_data_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + const uint8_t *data; + size_t datalen; + + if (asn1_octet_string_from_der(&data, &datalen, &a, &alen) != 1) { + error_print(); + return -1; + } + format_bytes(fp, format, indent, "data : ", data, datalen); + if (alen > 0) { + error_print(); + return -1; + } + return 1; +} + + + +/* +EncryptedContentInfo ::= SEQUENCE { + contentType OBJECT IDENTIFIER, + contentEncryptionAlgorithm AlgorithmIdentifier, + encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL, + sharedInfo1 [1] IMPLICIT OCTET STRING OPTIONAL, + sharedInfo2 [2] IMPLICIT OCTET STRING OPTIONAL, +} +*/ + +int cms_enced_content_info_to_der(int enc_algor, const uint8_t *enc_iv, size_t enc_iv_len, + int content_type, const uint8_t *enced_content, size_t enced_content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + + if (cms_content_type_to_der(content_type, NULL, &len) != 1 + || x509_encryption_algor_to_der(enc_algor, enc_iv, enc_iv_len, NULL, &len) != 1 + || asn1_implicit_octet_string_to_der(0, enced_content, enced_content_len, NULL, &len) < 0 + || asn1_implicit_octet_string_to_der(1, shared_info1, shared_info1_len, NULL, &len) < 0 + || asn1_implicit_octet_string_to_der(2, shared_info2, shared_info2_len, NULL, &len) < 0) { + error_print(); + return -1; + } + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || cms_content_type_to_der(content_type, out, outlen) != 1 + || x509_encryption_algor_to_der(enc_algor, enc_iv, enc_iv_len, out, outlen) != 1 + || asn1_implicit_octet_string_to_der(0, enced_content, enced_content_len, out, outlen) < 0 + || asn1_implicit_octet_string_to_der(1, shared_info1, shared_info1_len, out, outlen) < 0 + || asn1_implicit_octet_string_to_der(2, shared_info2, shared_info2_len, out, outlen) < 0) { + error_print(); + return -1; + } + return 1; +} + +int cms_enced_content_info_from_der(int *content_type, + int *enc_algor, const uint8_t **enc_iv, size_t *enc_iv_len, + const uint8_t **enced_content, size_t *enced_content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + uint32_t nodes[32]; + size_t nodes_count; + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (cms_content_type_from_der(content_type, &data, &datalen) != 1 + || x509_encryption_algor_from_der(enc_algor, nodes, &nodes_count, enc_iv, enc_iv_len, &data, &datalen) != 1 + || asn1_implicit_octet_string_from_der(0, enced_content, enced_content_len, &data, &datalen) < 0 + || asn1_implicit_octet_string_from_der(1, shared_info1, shared_info1_len, &data, &datalen) < 0 + || asn1_implicit_octet_string_from_der(1, shared_info2, shared_info2_len, &data, &datalen) < 0 + || asn1_check(datalen == 0) != 1) { + error_print(); + return -1; + } + return 1; +} + +int cms_enced_content_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + int ret; + int content_type = 0; + int enc_algor = 0; + const uint8_t *enc_iv = NULL; + const uint8_t *enced_content = NULL; + const uint8_t *shared_info1 = NULL; + const uint8_t *shared_info2 = NULL; + size_t enc_iv_len = 0; + size_t enced_content_len = 0; + size_t shared_info1_len = 0; + size_t shared_info2_len = 0; + + format_print(fp, format, indent, "EncryptedContentInfo:\n"); + indent += 4; + + if ((ret = cms_enced_content_info_from_der(&content_type, + &enc_algor, &enc_iv, &enc_iv_len, + &enced_content, &enced_content_len, + &shared_info1, &shared_info1_len, + &shared_info2, &shared_info2_len, + &a, &alen)) != 1) { + error_print(); + } + + format_print(fp, format, indent, "contentType: %s\n", cms_content_type_name(content_type)); + format_print(fp, format, indent, "contentEncryptionAlgorithm: %s\n", x509_encryption_algor_name(enc_algor)); + format_bytes(fp, format, indent + 4, "iv: ", enc_iv, enc_iv_len); + format_bytes(fp, format, indent, "encryptedContent: ", enced_content, enced_content_len); + format_bytes(fp, format, indent, "sharedInfo1: ", shared_info1, shared_info1_len); + format_bytes(fp, format, indent, "sharedInfo2: ", shared_info2, shared_info2_len); + return ret; +} + +int cms_enced_content_info_encrypt_to_der(const SM4_KEY *sm4_key, const uint8_t iv[16], + int content_type, const uint8_t *content, size_t content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ + uint8_t enced_content[content_len + 256]; + size_t enced_content_len; + + error_print_msg("*outlen = %zu\n", *outlen); + + if (sm4_cbc_padding_encrypt(sm4_key, iv, content, content_len, + enced_content, &enced_content_len) != 1) { + error_print(); + return -1; + } + error_print_msg("content_len = %zu, out = %zu\n", content_len, enced_content_len); + + if (cms_enced_content_info_to_der(OID_sm4_cbc, iv, 16, + content_type, enced_content, enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + out, outlen) != 1) { + error_print(); + return -1; + } + error_print_msg("*outlen = %zu\n\n", *outlen); + return 1; +} + +int cms_enced_content_info_decrypt_from_der(const SM4_KEY *key, + int *content_type, uint8_t *content, size_t *content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + int enc_algor; + const uint8_t *enc_iv; + size_t enc_iv_len; + const uint8_t *enced_content; + size_t enced_content_len; + + if ((ret = cms_enced_content_info_from_der(content_type, + &enc_algor, &enc_iv, &enc_iv_len, + &enced_content, &enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (sm4_cbc_padding_decrypt(key, enc_iv, enced_content, enced_content_len, + content, content_len) != 1) { + error_print(); + return -1; + } + return 1; +} + + + +/* +EncryptedData ::= SEQUENCE { + version INTEGER (1), + encryptedContentInfo EncryptedContentInfo ::= SEQUENCE { + contentType OBJECT IDENTIFIER, + contentEncryptionAlgorithm AlgorithmIdentifier, // 包含IV + encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL, + sharedInfo1 [1] IMPLICIT OCTET STRING OPTIONAL, + sharedInfo2 [2] IMPLICIT OCTET STRING OPTIONAL, +} +*/ + +int cms_encrypted_data_to_der(int enc_algor, const uint8_t *enc_iv, size_t enc_iv_len, + int content_type, const uint8_t *enced_content, size_t enced_content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || cms_enced_content_info_to_der(enc_algor, enc_iv, enc_iv_len, + content_type, enced_content, enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + NULL, &len) != 1) { + error_print(); + return -1; + } + error_print_msg("len = %zu\n", len); + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || cms_enced_content_info_to_der(enc_algor, enc_iv, enc_iv_len, + content_type, enced_content, enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + out, outlen) != 1) { + error_print(); + return -1; + } + return 1; +} + +int cms_encrypted_data_decrypt_from_der(const SM4_KEY *key, + int *content_type, uint8_t *content, size_t *content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + int version; + + format_bytes(stderr, 0, 0, "in = ", *in, *inlen); + error_print_msg("len =%zu\n", *inlen); + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (asn1_int_from_der(&version, &data, &datalen) != 1 + || version != CMS_version) { + error_print(); + return -1; + } + + if (cms_enced_content_info_decrypt_from_der(key, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + &data, &datalen) != 1 + || datalen) { + error_print(); + return -1; + } + return 1; +} + +int cms_encrypted_data_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + const uint8_t *data; + size_t datalen; + int version; + const uint8_t *enced_content_info; + size_t enced_content_info_len; + const uint8_t *p; + size_t len; + + if (asn1_sequence_from_der(&data, &datalen, &a, &alen) != 1) { + error_print(); + return -1; + } + + format_print(fp, format, indent, "EncryptedData\n"); + indent += 4; + + if (asn1_int_from_der(&version, &data, &datalen) != 1) { + error_print(); + return -1; + } + format_print(fp, format, indent, "Version : %d\n", version); + + enced_content_info = data; + if (asn1_sequence_from_der(&p, &len, &data, &datalen) != 1) { + error_print(); + return -1; + } + enced_content_info_len = data - enced_content_info; + if (cms_enced_content_info_print(fp, enced_content_info, enced_content_info_len, + format, indent) != 1) { + error_print(); + return -1; + } + + if (datalen) { + error_print(); + format_print(fp, format, indent, "ErrorLeft %zu bytes\n", datalen); + } + if (alen) { + error_print(); + format_print(fp, format, indent, "ErrorLeft %zu bytes\n", alen); + } + + return 1; +} + + +int cms_encrypted_data_from_der(int *content_type, + int *enc_algor, const uint8_t **enc_iv, size_t *enc_iv_len, + const uint8_t **enced_content, size_t *enced_content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + int version; + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (asn1_int_from_der(&version, &data, &datalen) != 1 + || cms_enced_content_info_from_der(content_type, + enc_algor, enc_iv, enc_iv_len, + enced_content, enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + &data, &datalen) != 1 + || asn1_check(datalen == 0) != 1) { + error_print(); + return -1; + } + if (version != CMS_version) { + error_print(); + return -1; + } + return 1; +} + +int cms_encrypted_data_encrypt_to_der(const SM4_KEY *sm4_key, const uint8_t iv[16], + int content_type, const uint8_t *content, size_t content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + + error_print_msg("outlen = %zu\n", *outlen); + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || cms_enced_content_info_encrypt_to_der(sm4_key, iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + NULL, &len) != 1) { + error_print(); + return -1; + } + error_print_msg("len = %zu\n", len); + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || cms_enced_content_info_encrypt_to_der(sm4_key, iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + out, outlen) != 1) { + error_print(); + return -1; + } + error_print_msg("outlen = %zu\n\n", *outlen); + return 1; +} + + +/* +KeyAgreementInfo ::= SEQUENCE { + version INTEGER (1), + tempPublicKeyR SM2PublicKey, + userCertificate Certificate, + userID OCTET STRING +} +*/ + +int cms_key_agreement_info_from_der(SM2_KEY *pub_key, X509_CERTIFICATE *cert, + const uint8_t **user_id, size_t *user_id_len, const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + int version; + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (asn1_int_from_der(&version, &data, &datalen) != 1 + || sm2_public_key_info_from_der(pub_key, &data, &datalen) != 1 + || x509_certificate_from_der(cert, &data, &datalen) != 1 + || asn1_octet_string_from_der(user_id, user_id_len, &data, &datalen) != 1 + || datalen > 0) { + error_print(); + return -1; + } + return 1; +} + +int cms_key_agreement_info_to_der(const SM2_KEY *pub_key, const X509_CERTIFICATE *cert, + const uint8_t *user_id, size_t user_id_len, uint8_t **out, size_t *outlen) +{ + size_t len = 0; + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || sm2_public_key_info_to_der(pub_key, NULL, &len) != 1 + || x509_certificate_to_der(cert, NULL, &len) != 1 + || asn1_octet_string_to_der(user_id, user_id_len, NULL, &len) != 1) { + error_print(); + return -1; + } + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || sm2_public_key_info_to_der(pub_key, out, outlen) != 1 + || x509_certificate_to_der(cert, out, outlen) != 1 + || asn1_octet_string_to_der(user_id, user_id_len, out, outlen) != 1) { + error_print(); + return -1; + } + return 1; +} + + + +/* +IssuerAndSerialNumber ::= SEQUENCE { + isser Name, + serialNumber INTEGER +} +*/ + + int cms_issuer_and_serial_number_from_certificate(const X509_NAME **issuer, const uint8_t **serial_number, size_t *serial_number_len, const X509_CERTIFICATE *cert) @@ -147,7 +599,377 @@ bad: return -1; } -static const uint32_t SM2_cms_oid[] = {1,2,156,10197,6,1,4,2}; + + +/* +RecipientInfo ::= SEQUENCE { + version INTEGER (1), + issuerAndSerialNumber IssuerAndSerialNumber, + keyEncryptionAlgorithm AlgorithmIdentifier, + encryptedKey OCTET STRING +} +*/ + +int cms_recipient_info_to_der(const X509_NAME *issuer, + const uint8_t *serial_number, size_t serial_number_len, + const uint8_t *enced_key, size_t enced_key_len, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || cms_issuer_and_serial_number_to_der(issuer, serial_number, serial_number_len, NULL, &len) != 1 + || x509_public_key_encryption_algor_to_der(OID_sm2encrypt, NULL, &len) != 1 + || asn1_octet_string_to_der(enced_key, enced_key_len, NULL, &len) != 1) { + error_print(); + return -1; + } + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || cms_issuer_and_serial_number_to_der(issuer, serial_number, serial_number_len, out, outlen) != 1 + || x509_public_key_encryption_algor_to_der(OID_sm2encrypt, out, outlen) != 1 + || asn1_octet_string_to_der(enced_key, enced_key_len, out, outlen) != 1) { + error_print(); + return -1; + } + return 1; +} + +int cms_recipient_info_from_der(X509_NAME *issuer, + const uint8_t **serial_number, size_t *serial_number_len, + const uint8_t **enced_key, size_t *enced_key_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + int version; + int pke_algor; + uint32_t pke_algor_nodes[32]; + size_t pke_algor_nodes_count; + const uint8_t *iv; + size_t ivlen; + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (asn1_int_from_der(&version, &data, &datalen) != 1 + || cms_issuer_and_serial_number_from_der(issuer, serial_number, serial_number_len, &data, &datalen) != 1 + || x509_public_key_encryption_algor_from_der(&pke_algor, pke_algor_nodes, &pke_algor_nodes_count, &iv, &ivlen, &data, &datalen) != 1 + || asn1_octet_string_from_der(enced_key, enced_key_len, &data, &datalen) != 1 + || datalen) { + error_print(); + return -1; + } + if (version != CMS_version) { + error_print(); + return -1; + } + + return -1; +} + +int cms_recipient_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + return -1; +} + +int cms_recipient_info_encrypt_to_der(const SM2_KEY *sm2_key, + const X509_NAME *issuer, const uint8_t *serial_number, size_t serial_number_len, + const uint8_t *key, size_t keylen, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + uint8_t buf[keylen + 256]; + size_t buflen; + + sm2_encrypt(sm2_key, key, keylen, buf, &buflen); + + cms_recipient_info_to_der(issuer, serial_number, serial_number_len, + buf, buflen, out, outlen); + + return 1; +} + +int cms_recipient_info_decrypt_from_der(const SM2_KEY *sm2_key, + X509_NAME *issuer, const uint8_t **serial_number, size_t *serial_number_len, + uint8_t *key, size_t *keylen, + const uint8_t **in, size_t *inlen) +{ + /* + if (cms_recipient_info_from_der(issuer, serial_number, serial_number_len, + &enced_key, &enced_key_len, &rcpt_info, &rcpt_info_len) != 1 + || rcpt_info_len) { + error_print(); + return -1; + } + + sm2_decrypt(sm2_key, enced_key, enced_key_len, key, keylen); + */ + return -1; +} + + +/* +EnvelopedData ::= SEQUENCE { + version INTEGER (1), + recipientInfos SET OF RecipientInfo, + encryptedContentInfo EncryptedContentInfo +} +*/ + +// 这个函数几乎是没有用的,因为我们用一个整体的函数去调用这个功能 +int cms_enveloped_data_to_der(const uint8_t *rcpt_infos, size_t rcpt_infos_len, + int content_type, + int enc_algor, + const uint8_t *enc_iv, size_t enc_iv_len, + const uint8_t *enced_content, size_t enced_content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + const uint8_t **out, size_t *outlen) +{ + return -1; +} + +int cms_enveloped_data_from_der(const uint8_t **rcpt_infos, size_t *rcpt_infos_len, + int *content_type, + int *enc_algor, const uint8_t **enc_iv, size_t *enc_iv_len, + const uint8_t **enced_content, size_t *enced_content_len, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len, + const uint8_t **in, size_t *inlen) +{ + int ret; + const uint8_t *data; + size_t datalen; + int version; + + if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { + if (ret < 0) error_print(); + return ret; + } + if (asn1_int_from_der(&version, &data, &datalen) != 1 + || asn1_set_from_der(rcpt_infos, rcpt_infos_len, &data, &datalen) != 1 + || cms_enced_content_info_from_der(content_type, + enc_algor, enc_iv, enc_iv_len, + enced_content, enced_content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + &data, &datalen) != 1 + || asn1_check(datalen == 0) != 1) { + error_print(); + return -1; + } + return 1; +} + +int cms_enveloped_data_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + + const uint8_t *rcpt_infos; + size_t rcpt_infos_len; + int content_type; + int enc_algor; + const uint8_t *enc_iv; + const uint8_t *enced_content; + const uint8_t *shared_info1; + const uint8_t *shared_info2; + size_t enc_iv_len, enced_content_len, shared_info1_len, shared_info2_len; + + + if (cms_enveloped_data_from_der(&rcpt_infos, &rcpt_infos_len, + &content_type, &enc_algor, &enc_iv, &enc_iv_len, + &enced_content, &enced_content_len, + &shared_info1, &shared_info1_len, + &shared_info2, &shared_info2_len, + &a, &alen) != 1) { + error_print(); + return -1; + } + + // 这意味着我们在对应 + + + return -1; +} + +int cms_enveloped_data_encrypt_to_der(const X509_CERTIFICATE *rcpt_certs, size_t rcpt_count, + int content_type, const uint8_t *content, size_t content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ + size_t len = 0; + SM4_KEY sm4_key; + uint8_t enc_key[16]; + uint8_t enc_iv[16]; + uint8_t enced_key[rcpt_count][256 + 16]; + size_t enced_key_len[rcpt_count]; + uint8_t enced_content_info[content_len + 512]; + size_t enced_content_info_len; + size_t i; + + const SM2_KEY *sm2_key; + + size_t rcpt_infos_len = 0; + + rand_bytes(enc_key, 16); + rand_bytes(enc_iv, 16); + + for (i = 0; i < rcpt_count; i++) { + // = x509_certificate_get_public_key(rcpt_certs[i]); + sm2_encrypt(sm2_key, enc_key, 16, enced_key[i], &enced_key_len[i]); + } + + for (i = 0; i < rcpt_count; i++) { + // 这个应该改为cms_recipient_info_from_x509 + /* + x509_certificate_get_recipient_info(rcpt_cert, + &issuer, + &serial_number, &serial_number_len, + &sm2_key); + + */ + /* + cms_recipient_info_encrypt_to_der(issuer, + serial_number, serial_number_len, + enced_key, enced_key_len, + NULL, &rcpt_infos_len); + */ + } + + + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || asn1_set_to_der(NULL, rcpt_infos_len, NULL, &len) != 1 + || cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + NULL, &len) != 1) { + error_print(); + return -1; + } + + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || asn1_set_header_to_der(rcpt_infos_len, out, outlen) != 1) { + error_print(); + return -1; + } + + const X509_NAME *issuer; + const uint8_t *serial_number; + size_t serial_number_len; + + for (i = 0; i < rcpt_count; i++) { + if (cms_recipient_info_encrypt_to_der(sm2_key, issuer, + serial_number, serial_number_len, + enc_key, sizeof(enc_key), out, outlen) != 1) { + error_print(); + return -1; + } + } + + if (cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + out, outlen) != 1) { + error_print(); + return -1; + } + + return 1; +} + +int cms_enveloped_data_decrypt_from_der(const SM2_KEY *sm2_key, const X509_CERTIFICATE *cert, + const uint8_t *enveloped_data, size_t enveloped_data_len, + int *content_type, uint8_t *content, size_t *content_len) +{ +/* + const uint8_t *rcpt_infos; + size_t rcpt_infos_len; + int enc_algor; + uint32_t enc_algor_nodes[32]; + size_t enc_algor_nodes_count; + const uint8_t *enced_content; + size_t enced_content_len; + const uint8_t *shared_info1; + size_t shared_info1_len; + const uint8_t *shared_info2; + size_t shared_info2_len; + uint8_t enc_key[64]; + size_t enc_key_len; + + const uint8_t *enc_iv; + size_t enc_iv_len; + + if (cms_enveloped_data_from_der(&rcpt_infos, &rcpt_infos_len, + content_type, &enc_algor, enc_algor_nodes, &enc_algor_nodes_count, + &enc_iv, &enc_iv_len, + &enced_content, &enced_content_len, &shared_info1, &shared_info1_len, + &shared_info2, &shared_info2_len, &enveloped_data, &enveloped_data_len) != 1 + || enced_content_info_len > 0) { + error_print(); + return -1; + } + if (enc_algor != OID_sm4_cbc) { + error_print(); + return -1; + } + if (!enc_iv || enc_iv_len != 16) { + error_print(); + return -1; + } + + while (rcpt_infos_len) { + X509_NAME issuer; + const uint8_t *serial_number; + size_t serial_number_len; + const uint8_t *enced_key; + size_t enced_key_len; + + if (cms_recipient_info_from_der(&issuer, &serial_number, &serial_number_len + &enced_key, &enced_key_len, &rcpt_infos, &rcpt_infos_len) != 1) { + error_print(); + return -1; + } + if (cms_issuer_and_serial_number_match_certificate(&issuer, + serial_number, serial_number_len, cert) != 1) { + break; + } + if (sm2_decrypt(sm2_key, enced_key, enced_key_len, enc_key, &enc_key_len) != 1) { + error_print(); + return -1; + } + } + + sm4_set_decrypt_key(&sm4_key, enc_key); + if (sm4_cbc_paddnig_decrypt(&sm4_key, enc_iv, enced_content, enced_content_len, + content, content_len) != 1) { + error_print(); + return -1; + } +*/ + return -1; +} + + +// 注意,由于SignedData中包含ContentInfo,因此需要提前给出ContentInfo的基本编解码 + +/* +ContentType OIDs + */ + +static const uint32_t OID_cms_data[] = {1,2,156,10197,6,1,4,2,1}; +static const uint32_t OID_cms_signed_data[] = {1,2,156,10197,6,1,4,2,2}; +static const uint32_t OID_cms_enveloped_data[] = {1,2,156,10197,6,1,4,2,3}; +static const uint32_t OID_cms_signed_and_enveloped_data[] = {1,2,156,10197,6,1,4,2,4}; +static const uint32_t OID_cms_encrypted_data[] = {1,2,156,10197,6,1,4,2,5}; +static const uint32_t OID_cms_key_agreement_info[] = {1,2,156,10197,6,1,4,2,6}; + const char *cms_content_type_name(int type) { @@ -209,6 +1031,14 @@ int cms_content_type_from_der(int *type, const uint8_t **in, size_t *inlen) return 1; } + +/* +ContentInfo ::= SEQUENCE { + contentType OBJECT IDENTIFIER, + content [0] EXPLICIT ANY OPTIONAL +} +*/ + int cms_content_info_to_der(int content_type, const uint8_t *content, size_t content_len, uint8_t **out, size_t *outlen) { @@ -245,68 +1075,18 @@ int cms_content_info_from_der(int *content_type, const uint8_t **content, size_t return 1; } -int cms_content_info_set_data(uint8_t *content_info, size_t *content_info_len, - const uint8_t *data, size_t datalen) -{ - size_t len = 0; - size_t content_len = 0; - *content_info_len = 0; - if (cms_content_type_to_der(CMS_data, NULL, &len) != 1 - || asn1_octet_string_to_der(data, datalen, NULL, &content_len) != 1 - || asn1_explicit_to_der(0, NULL, content_len, NULL, &len) != 1 - || asn1_sequence_header_to_der(len, &content_info, content_info_len) != 1 - || cms_content_type_to_der(CMS_data, &content_info, content_info_len) != 1 - || asn1_explicit_header_to_der(0, content_len, &content_info, content_info_len) != 1 - || asn1_octet_string_to_der(data, datalen, &content_info, content_info_len) != 1) { - error_print(); - return -1; - } - return 1; -} - -int cms_content_info_get_data(const uint8_t *content_info, size_t content_info_len, - const uint8_t **data, size_t *datalen) -{ - int ret; - const uint8_t *p; - size_t len; - int content_type; - const uint8_t *content; - size_t content_len; - - if (asn1_sequence_from_der(&p, &len, &content_info, &content_info_len) != 1 - || content_info_len > 0) { - error_print(); - return ret; - } - if (cms_content_type_from_der(&content_type, &p, &len) != 1 - || asn1_explicit_from_der(0, &content, &content_len, &p, &len) != 1 - || len > 0 - || asn1_octet_string_from_der(data, datalen, &content, &content_len) != 1 - || content_len > 0) { - error_print(); - return -1; - } - return 1; -} - -int cms_data_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) -{ - const uint8_t *data; - size_t datalen; - - if (asn1_octet_string_from_der(&data, &datalen, &a, &alen) != 1) { - error_print(); - return -1; - } - format_bytes(fp, format, indent, "data : ", data, datalen); - if (alen > 0) { - error_print(); - return -1; - } - return 1; +/* +SignerInfo ::= SEQUENCE { + version INTEGER (1), + issuerAndSerialNumber IssuerAndSerialNumber, + digestAlgorithm AlgorithmIdentifier, + authenticatedAttributes [0] IMPLICIT SET OF Attribute OPTINOAL, + digestEncryptionAlgorithm AlgorithmIdentifier, + encryptedDigest OCTET STRING, + unauthenticatedAttributes [1] IMPLICIT SET OF Attribute OPTINOAL, } +*/ int cms_signer_info_to_der( const X509_NAME *issuer, @@ -357,9 +1137,9 @@ int cms_signer_info_to_der( int cms_signer_info_from_der(X509_NAME *issuer, const uint8_t **serial_number, size_t *serial_number_len, - int *digest_algor, uint32_t *nodes, size_t *nodes_count, + int *digest_algor, const uint8_t **authed_attrs, size_t *authed_attrs_len, - int *sign_algor, uint32_t *sign_algor_nodes, size_t *sign_algor_nodes_count, + int *sign_algor, const uint8_t **enced_digest, size_t *enced_digest_len, const uint8_t **unauthed_attrs, size_t *unauthed_attrs_len, const uint8_t **in, size_t *inlen) @@ -368,6 +1148,8 @@ int cms_signer_info_from_der(X509_NAME *issuer, const uint8_t *data; size_t datalen; int version; + uint32_t nodes[32]; + size_t nodes_count; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { if (ret < 0) error_print(); @@ -375,9 +1157,9 @@ int cms_signer_info_from_der(X509_NAME *issuer, } if (asn1_int_from_der(&version, &data, &datalen) != 1 || cms_issuer_and_serial_number_from_der(issuer, serial_number, serial_number_len, &data, &datalen) != 1 - || x509_digest_algor_from_der(digest_algor, nodes, nodes_count, &data, &datalen) != 1 + || x509_digest_algor_from_der(digest_algor, nodes, &nodes_count, &data, &datalen) != 1 || asn1_implicit_set_from_der(0, authed_attrs, authed_attrs_len, &data, &datalen) < 0 - || x509_signature_algor_from_der(sign_algor, /*sign_algor_nodes, &sign_algor_nodes_count,*/ &data, &datalen) != 1 + || x509_signature_algor_from_der(sign_algor, nodes, &nodes_count, &data, &datalen) != 1 || asn1_octet_string_from_der(enced_digest, enced_digest_len, &data, &datalen) != 1 || asn1_implicit_set_from_der(1, unauthed_attrs, unauthed_attrs_len, &data, &datalen) < 0 || datalen) { @@ -462,9 +1244,9 @@ int cms_signer_info_verify_from_der( size_t sig_len; if (cms_signer_info_from_der(issuer, serial_number, serial_number_len, - digest_algor, digest_algor_nodes, digest_algor_nodes_count, + digest_algor, authed_attrs, authed_attrs_len, - sign_algor, sign_algor_nodes, sign_algor_nodes_count, + sign_algor, &sig, &sig_len, unauthed_attrs, unauthed_attrs_len, in, inlen) != 1) { @@ -498,6 +1280,17 @@ int cms_signer_info_verify_from_der( return ret; } +/* +SignedData ::= SEQUENCE { + version INTEGER (1), + digestAlgorithms SET OF AlgorithmIdentifier, + contentInfo ContentInfo, + certificates [0] IMPLICIT SET OF Certificate OPTIONAL, + crls [1] IMPLICIT SET OF CertificateRevocationList OPTIONAL, + signerInfos SET OF SignerInfo +} +*/ + int cms_signed_data_to_der( const int *digest_algors, const size_t digest_algors_count, const int content_type, const uint8_t *content, const size_t content_len, @@ -795,6 +1588,229 @@ int cms_signed_data_verify_from_der(const uint8_t *signed_data, size_t signed_da return -1; } + + + +/* + + +SignedAndEnvelopedData ::= SEQUENCE { + version INTEGER (1), + recipientInfos SET OF RecipientInfo, + digestAlgorithms SET OF AlgorithmIdentifier, + encryptedContentInfo EncryptedContentInfo, + certificates [0] IMPLICIT SET OF Certificate OPTIONAL, + crls [1] IMPLICIT SET OF CertificateRevocationList OPTIONAL, + signerInfos SET OF SignerInfo +} + */ + + +int cms_signed_and_enveloped_data_to_der(void) +{ + return -1; +} + +int cms_signed_and_enveloped_data_from_der(void) +{ + return -1; +} + +int cms_signed_and_enveloped_data_print(void) +{ + return -1; +} + +int cms_signed_and_enveloped_data_sign_encrypt_to_der( + const int *digest_algors, const size_t digset_algors_count, + const X509_CERTIFICATE *sign_certs, size_t sign_count, + const uint8_t **crls, const size_t *crls_lens, const size_t crls_count, + const uint8_t **signer_infos, size_t *signer_infos_lens, size_t signer_infos_count, + const X509_CERTIFICATE *rcpt_certs, size_t rcpt_count, + int content_type, const uint8_t *content, size_t content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t **out, size_t *outlen) +{ +/* + size_t len = 0; + SM4_KEY sm4_key; + uint8_t enc_key[16]; + uint8_t enc_iv[16]; + uint8_t enced_key[rcpt_count][256 + 16]; + uint8_t enced_content_info[content_len + 512]; + size_t enced_content_info_len; + + rand_bytes(enc_key, 16); + rand_bytes(enc_iv, 16); + + size_t i; + for (i = 0; i < rcpt_count; i++) { + const SM2_KEY *sm2_key = x509_certificate_get_public_key(rcpt_certs[i]); + sm2_encrypt(sm2_key, enc_key, 16, enced_key[i], enced_key_len[i]); + } + + for (i = 0; i < rcpt_count; i++) { + x509_certificate_get_recipient_info(rcpt_cert, + &issuer, + &serial_number, &serial_number_len, + &sm2_key); + + cms_recipient_info_encrypt_to_der(issuer, + serial_number, serial_number_len, + enced_key, enced_key_len, + NULL, &rcpt_infos_len); + } + + if (asn1_int_to_der(CMS_version, NULL, &len) != 1 + || asn1_set_to_der(NULL, rcpt_infos_len, NULL, &len) != 1 + || cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + NULL, &len) != 1) { + error_print(); + return -1; + } + + if (asn1_sequence_header_to_der(len, out, outlen) != 1 + || asn1_int_to_der(CMS_version, out, outlen) != 1 + || asn1_set_header_to_der(rcpt_infos_len, out, outlen) != 1) { + error_print(); + return -1; + } + for (i = 0; i < rcpt_count; i++) { + if (cms_recipient_info_encrypt_to_der(&sm2_key, issuer, + serial_number, serial_number_len, + enc_key, sizeof(enc_key), out, outlen) != 1) { + error_print(); + return -1; + } + } + if (cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, + content_type, content, content_len, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + out, &outlen) != 1) { + error_print(); + return -1; + } +*/ + return 1; +} + +int cms_signed_and_enveloped_data_decrypt_verify_from_der() +{ + return -1; +} + + + +int cms_content_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) +{ + int ret; + int oid; + const uint8_t *data; + size_t datalen; + uint32_t nodes[32]; + size_t nodes_count; + const uint8_t *content; + size_t content_len; + + format_print(fp, format, indent, "ContentInfo:\n"); + indent += 4; + if ((ret = asn1_sequence_from_der(&data, &datalen, &a, &alen)) != 1) { + error_print(); + return -1; + } + + if (cms_content_type_from_der(&oid, &data, &datalen) != 1) goto bad; + format_print(fp, format, indent, "Type : %s\n", cms_content_type_name(oid)); + if (asn1_explicit_from_der(0, &content, &content_len, &data, &datalen) != 1) goto bad; + + switch (oid) { + case CMS_data: return cms_data_print(fp, content, content_len, format, indent); + case CMS_signed_data: return cms_signed_data_print(fp, content, content_len, format, indent); + case CMS_enveloped_data: break; + case CMS_signed_and_enveloped_data: break; + case CMS_encrypted_data: return cms_encrypted_data_print(fp, content, content_len, format, indent); + case CMS_key_agreement_info: + break; + } + return 1; + +bad: + error_print(); + return -1; +} + +// 下面的函数生成的都是ContentInfo + + +// EncryptedData +int cms_encrypt(const uint8_t key[16], const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen) +{ + SM4_KEY sm4_key; + uint8_t iv[16]; + int content_type = CMS_data; + + sm4_set_encrypt_key(&sm4_key, key); + rand_bytes(iv, sizeof(iv)); + + if (cms_encrypted_data_encrypt_to_der(&sm4_key, iv, + content_type, in, inlen, NULL, 0, NULL, 0, + &out, outlen) != 1) { + error_print(); + return -1; + } + + return 1; +} + +int cms_decrypt(const uint8_t key[16], const uint8_t *in, size_t inlen, + int *content_type, uint8_t *out, size_t *outlen, + const uint8_t **shared_info1, size_t *shared_info1_len, + const uint8_t **shared_info2, size_t *shared_info2_len) +{ + SM4_KEY sm4_key; + + sm4_set_decrypt_key(&sm4_key, key); + if (cms_encrypted_data_decrypt_from_der(&sm4_key, + content_type, out, outlen, + shared_info1, shared_info1_len, + shared_info2, shared_info2_len, + &in, &inlen) != 1) { + error_print(); + return -1; + } + if (inlen) { + error_print(); + return 0; + } + return 1; +} + + +// EnvelopedData +int cms_seal(const X509_CERTIFICATE *rcpt_certs, size_t rcpt_count, + int content_type, const uint8_t *content, size_t content_len, + const uint8_t *shared_info1, size_t shared_info1_len, + const uint8_t *shared_info2, size_t shared_info2_len, + uint8_t *out, size_t *outlen) +{ + return -1; +} + +int cms_open(const SM2_KEY *sm2_key, const X509_CERTIFICATE *cert, + const uint8_t *enveloped_data, size_t enveloped_data_len, + int *content_type, uint8_t *content, size_t *content_len) +{ + return -1; +} + + +// SignedData int cms_sign(const SM2_KEY *sign_keys, const X509_CERTIFICATE *sign_certs, size_t sign_count, int content_type, const uint8_t *content, size_t content_len, @@ -824,543 +1840,34 @@ int cms_sign(const SM2_KEY *sign_keys, return 1; } - int cms_verify(int *content_type, const uint8_t **content, size_t *content_len, const uint8_t *content_info, size_t content_info_len) { return -1; } -int cms_content_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) -{ - int ret; - int oid; - const uint8_t *data; - size_t datalen; - uint32_t nodes[32]; - size_t nodes_count; - const uint8_t *content; - size_t content_len; - - format_print(fp, format, indent, "ContentInfo:\n"); - indent += 4; - if ((ret = asn1_sequence_from_der(&data, &datalen, &a, &alen)) != 1) { - error_print(); - return -1; - } - - if (cms_content_type_from_der(&oid, &data, &datalen) != 1) goto bad; - format_print(fp, format, indent, "Type : %s\n", cms_content_type_name(oid)); - if (asn1_explicit_from_der(0, &content, &content_len, &data, &datalen) != 1) goto bad; - - switch (oid) { - case CMS_data: return cms_data_print(fp, content, content_len, format, indent); - case CMS_signed_data: return cms_signed_data_print(fp, content, content_len, format, indent); - case CMS_enveloped_data: - case CMS_signed_and_enveloped_data: - case CMS_encrypted_data: - case CMS_key_agreement_info: - break; - } - return 1; - -bad: - error_print(); - return -1; -} - - - -#if 0 - -int cms_recipient_info_to_der(const X509_NAME *issuer, - const uint8_t *serial_number, size_t serial_number_len, - const uint8_t *enced_key, size_t enced_key_len, - uint8_t **out, size_t *outlen) -{ - size_t len = 0; - - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || cms_issuer_and_serial_number_to_der(issuer, serial_number, serial_number_len, NULL, &len) != 1 - || x509_key_encryption_algor_to_der(OID_sm2encrypt, NULL, &len) != 1 - || asn1_octet_string_to_der(enced_key, enced_key_len, NULL, &len) != 1) { - error_print(); - return -1; - } - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, &outlen) != 1 - || cms_issuer_and_serial_number_to_der(issuer, serial_number, serial_number_len, out, &outlen) != 1 - || x509_key_encryption_algor_to_der(OID_sm2encrypt, out, &outlen) != 1 - || asn1_octet_string_to_der(enced_key, enced_key_len, out, &outlen) != 1) { - error_print(); - return -1; - } - return 1; -} - -int cms_recipient_info_from_der(X509_NAME *issuer, - const uint8_t **serial_number, size_t *serial_number_len, - const uint8_t **enced_key, size_t *enced_key_len, - const uint8_t **in, size_t *inlen) -{ - int ret; - const uint8_t *data; - size_t datalen; - - if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { - if (ret < 0) error_print(); - return ret; - } - if (asn1_int_from_der(&version, &data, &datalen) != 1 - || cms_issuer_and_serial_number_from_der(issuer, serial_number, serial_number_len, &data, &datalen) != 1 - || x509_public_key_algor_from_der(kenc_algor, enc_algor_nodes, enc_algor_nodes, &data, &datalen) != 1 - || asn1_octet_string_from(enced_key, enced_key_len, &data, &datalen) != 1 - || datalen) { - error_print(); - return -1; - } - if (version != CMS_version) { - error_print(); - return -1; - } - - return -1; -} - -int cms_recipient_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) -{ - return -1; -} - -int sm2_recipient_info_encrypt_to_der(const SM2_KEY *sm2_key, - const X509_NAME *issuer, const uint8_t *serial_number, size_t serial_number_len, - const uint8_t *key, size_t keylen, - uint8_t *rcpt_info, size_t *rcpt_info_len) -{ - size_t len = 0; - uint8_t buf[keylen + 256]; - size_t buflen; - - sm2_encrypt(sm2_key, key, keylen, buf, &buflen); - - *rcpt_info_len = 0; - cms_recipient_info_to_der(issuer, serial_number, serial_number_len, - buf, buflen, &rcpt_info, rcpt_info_len); - - return 1; -} - -int sm2_recipient_info_decrypt_from_der(const SM2_KEY *sm2_key, - X509_NAME *issuer, const uint8_t **serial_number, size_t *serial_number_len, - uint8_t *key, size_t *keylen, - const uint8_t **in, size_t *inlen) -{ - if (cms_recipient_info_from_der(issuer, serial_number, serial_number_len, - &enced_key, &enced_key_len, &rcpt_info, &rcpt_info_len) != 1 - || rcpt_info_len) { - error_print(); - return -1; - } - - sm2_decrypt(sm2_key, enced_key, enced_key_len, key, keylen); - return -1; -} -#endif - - -int cms_enced_content_info_to_der(int enc_algor, const uint8_t *enc_iv, size_t enc_iv_len, - int content_type, const uint8_t *enced_content, size_t enced_content_len, - const uint8_t *shared_info1, size_t shared_info1_len, - const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t **out, size_t *outlen) -{ - size_t len = 0; - - if (cms_content_type_to_der(content_type, NULL, &len) != 1 - || x509_encryption_algor_to_der(enc_algor, enc_iv, enc_iv_len, NULL, &len) != 1 - || asn1_implicit_octet_string_to_der(0, enced_content, enced_content_len, NULL, &len) < 0 - || asn1_implicit_octet_string_to_der(1, shared_info1, shared_info1_len, NULL, &len) < 0 - || asn1_implicit_octet_string_to_der(2, shared_info2, shared_info2_len, NULL, &len) < 0) { - error_print(); - return -1; - } - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || cms_content_type_to_der(content_type, out, outlen) != 1 - || x509_encryption_algor_to_der(enc_algor, enc_iv, enc_iv_len, out, outlen) != 1 - || asn1_implicit_octet_string_to_der(0, enced_content, enced_content_len, out, outlen) < 0 - || asn1_implicit_octet_string_to_der(1, shared_info1, shared_info1_len, out, outlen) < 0 - || asn1_implicit_octet_string_to_der(2, shared_info2, shared_info2_len, out, outlen) < 0) { - error_print(); - return -1; - } - return 1; -} - -int cms_enced_content_info_from_der(int *content_type, - int *enc_algor, const uint8_t **enc_iv, size_t *enc_iv_len, - const uint8_t **enced_content, size_t *enced_content_len, - const uint8_t **shared_info1, size_t *shared_info1_len, - const uint8_t **shared_info2, size_t *shared_info2_len, - const uint8_t **in, size_t *inlen) -{ - int ret; - const uint8_t *data; - size_t datalen; - - if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { - if (ret < 0) error_print(); - return ret; - } - if (cms_content_type_from_der(content_type, &data, &datalen) != 1 - || x509_encryption_algor_from_der(enc_algor, enc_iv, enc_iv_len, &data, &datalen) != 1 - || asn1_implicit_octet_string_from_der(0, enced_content, enced_content_len, &data, &datalen) < 0 - || asn1_implicit_octet_string_from_der(1, shared_info1, shared_info1_len, &data, &datalen) < 0 - || asn1_implicit_octet_string_from_der(1, shared_info2, shared_info2_len, &data, &datalen) < 0 - || datalen) { - error_print(); - return -1; - } - return 1; -} - -int cms_enced_content_info_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) -{ - return -1; -} - -int cms_enced_content_info_encrypt_to_der(const SM4_KEY *sm4_key, const uint8_t iv[16], - int content_type, const uint8_t *content, size_t content_len, - const uint8_t *shared_info1, size_t shared_info1_len, - const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t **out, size_t *outlen) -{ - uint8_t enced_content[content_len + 256]; - size_t enced_content_len; - - if (sm4_cbc_padding_encrypt(sm4_key, iv, content, content_len, - enced_content, &enced_content_len) != 1) { - error_print(); - return -1; - } - if (cms_enced_content_info_to_der(OID_sm4_cbc, iv, 16, - content_type, enced_content, enced_content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - out, outlen) != 1) { - error_print(); - return -1; - } - return 1; -} - -int cms_enced_content_info_decrypt_from_der(const SM4_KEY *sm4_key, - const uint8_t *enced_content_info, size_t enced_content_info_len, - int *content_type, uint8_t *content, size_t *content_len, - const uint8_t **shared_info1, size_t *shared_info1_len, - const uint8_t **shared_info2, size_t *shared_info2_len) -{ - int enc_algor; - uint32_t enc_algor_nodes[32]; - size_t enc_algor_nodes_count; - const uint8_t *enc_iv; - size_t enc_iv_len; - const uint8_t *enced_content; - size_t enced_content_len; - - if (cms_enced_content_info_from_der(content_type, - &enc_algor, &enc_iv, &enc_iv_len, - &enced_content, &enced_content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - &enced_content_info, &enced_content_info_len) != 1 - || enced_content_info_len) { - error_print(); - return -1; - } - if (sm4_cbc_padding_decrypt(sm4_key, enc_iv, enced_content, enced_content_len, - content, content_len) != 1) { - error_print(); - return -1; - } - return 1; -} - - - -#if 0 -int cms_enveloped_data_from_der(const uint8_t **rcpt_infos, size_t *rcpt_infos_len, - int *content_type, - int *enc_algor, uint32_t *enc_algor_nodes, size_t *enc_algor_nodes_count, - const uint8_t **enc_iv, size_t *enc_iv_len, - const uint8_t **enced_content, size_t *enced_content_len, - const uint8_t **shared_info1, size_t *shared_info1_len, - const uint8_t **shared_info2, size_t *shared_info2_len, - const uint8_t **in, size_t *inlen) -{ - int ret; - const uint8_t *data; - size_t datalen; - - if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { - if (ret < 0) error_print(); - return ret; - } - if (asn1_int_from_der(&version, &data, &datalen) != 1 - || asn1_set_from_der(rcpt_infos, rcpt_infos_len, &data, &datalen) != 1 - || asn1_type_from_der(enced_content_info, enced_content_info_len, &data, &datalen) != 1 //FIXME: - || datalen > 0) { - error_print(); - return -1; - } - return 1; -} - -int cms_enveloped_data_print(FILE *fp, const uint8_t *a, size_t alen, int format, int indent) -{ - return -1; -} - -int cms_enveloped_data_encrypt_to_der(const X509_CERTIFICATE *rcpt_certs, size_t rcpt_count, - int content_type, const uint8_t *content, size_t content_len, - const uint8_t *shared_info1, size_t shared_info1_len, - const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t *enveloped_data, size_t *enveloped_data_len) -{ - size_t len = 0; - SM4_KEY sm4_key; - uint8_t enc_key[16]; - uint8_t enc_iv[16]; - uint8_t enced_key[rcpt_count][256 + 16]; - uint8_t enced_content_info[content_len + 512]; - size_t enced_content_info_len; - - rand_bytes(enc_key, 16); - rand_bytes(enc_iv, 16); - - for (i = 0; i < rcpt_count; i++) { - const SM2_KEY *sm2_key = x509_certificate_get_public_key(rcpt_certs[i]); - sm2_encrypt(sm2_key, enc_key, 16, enced_key[i], enced_key_len[i]); - } - - for (i = 0; i < rcpt_count; i++) { - x509_certificate_get_recipient_info(rcpt_cert, - &issuer, - &serial_number, &serial_number_len, - &sm2_key); - - cms_recipient_info_encrypt_to_der(issuer, - serial_number, serial_number_len, - enced_key, enced_key_len, - NULL, &rcpt_infos_len); - } - - - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || asn1_set_to_der(NULL, rcpt_infos_len, NULL, &len) != 1 - || cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - NULL, &len) != 1) { - error_print(); - return -1; - } - - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, outlen) != 1 - || asn1_set_header_to_der(rcpt_infos_len, out, outlen) != 1) { - error_print(); - return -1; - } - for (i = 0; i < rcpt_count; i++) { - if (cms_recipient_info_encrypt_to_der(&sm2_key, issuer, - serial_number, serial_number_len, - enc_key, sizeof(enc_key), out, outlen) != 1) { - error_print(); - return -1; - } - } - if (cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - out, &outlen) != 1) { - error_print(); - return -1; - } - - return 1; -} - -int cms_enveloped_data_decrypt_from_der(const SM2_KEY *sm2_key, const X509_CERTIFICATE *cert, - const uint8_t *enveloped_data, size_t enveloped_data_len, - int *content_type, uint8_t *content, size_t *content_len) -{ - const uint8_t *rcpt_infos; - size_t rcpt_infos_len; - int enc_algor; - uint32_t enc_algor_nodes[32]; - size_t enc_algor_nodes_count; - const uint8_t *enced_content; - size_t enced_content_len; - const uint8_t *shared_info1; - size_t shared_info1_len; - const uint8_t *shared_info2; - size_t shared_info2_len; - uint8_t enc_key[64]; - size_t enc_key_len; - - if (cms_enveloped_data_from_der(&rcpt_infos, &rcpt_infos_len, - content_type, &enc_algor, enc_algor_nodes, &enc_algor_nodes_count, - &enc_iv, &enc_iv_len, - &enced_content, &enced_content_len, &shared_info1, &shared_info1_len, - &shared_info2, &shared_info2_len, &enveloped_data, &enveloped_data_len) != 1 - || enced_content_info_len > 0) { - error_print(); - return -1; - } - if (enc_algor != OID_sm4_cbc) { - error_print(); - return -1; - } - if (!enc_iv || enc_iv_len != 16) { - error_print(); - return -1; - } - - while (rcpt_infos_len) { - X509_NAME issuer; - const uint8_t *serial_number; - size_t serial_number_len; - const uint8_t *enced_key; - size_t enced_key_len; - - if (cms_recipient_info_from_der(&issuer, &serial_number, &serial_number_len - &enced_key, &enced_key_len, &rcpt_infos, &rcpt_infos_len) != 1) { - error_print(); - return -1; - } - if (cms_issuer_and_serial_number_match_certificate(&issuer, - serial_number, serial_number_len, cert) != 1) { - break; - } - if (sm2_decrypt(sm2_key, enced_key, enced_key_len, enc_key, &enc_key_len) != 1) { - error_print(); - return -1; - } - } - - sm4_set_decrypt_key(&sm4_key, enc_key); - if (sm4_cbc_paddnig_decrypt(&sm4_key, enc_iv, enced_content, enced_content_len, - content, content_len) != 1) { - error_print(); - return -1; - } - - return -1; -} - -int cms_signed_and_enveloped_data_to_der(void) -{ - return -1; -} - -int cms_signed_and_enveloped_data_from_der(void) -{ - return -1; -} - -int cms_signed_and_enveloped_data_print(void) -{ - return -1; -} - -int cms_signed_and_enveloped_data_sign_encrypt_to_der( - const int *digest_algors, const size_t digset_algors_count, - const X509_CERTIFICATE *sign_certs, size_t sign_count, - const uint8_t **crls, const size_t *crls_lens, const size_t crls_count, - const uint8_t **signer_infos, size_t *signer_infos_lens, size_t signer_infos_count, +// SignedAndEnvelopedData +int cms_sign_and_seal( + const SM2_KEY *sign_keys, const X509_CERTIFICATE *sign_certs, size_t sign_count, + const uint8_t *crls, const size_t *crls_lens, const size_t crls_count, const X509_CERTIFICATE *rcpt_certs, size_t rcpt_count, int content_type, const uint8_t *content, size_t content_len, const uint8_t *shared_info1, size_t shared_info1_len, const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t **out, size_t *outlen) + uint8_t *out, size_t *outlen) { - - size_t len = 0; - SM4_KEY sm4_key; - uint8_t enc_key[16]; - uint8_t enc_iv[16]; - uint8_t enced_key[rcpt_count][256 + 16]; - uint8_t enced_content_info[content_len + 512]; - size_t enced_content_info_len; - - rand_bytes(enc_key, 16); - rand_bytes(enc_iv, 16); - - for (i = 0; i < rcpt_count; i++) { - const SM2_KEY *sm2_key = x509_certificate_get_public_key(rcpt_certs[i]); - sm2_encrypt(sm2_key, enc_key, 16, enced_key[i], enced_key_len[i]); - } - - for (i = 0; i < rcpt_count; i++) { - x509_certificate_get_recipient_info(rcpt_cert, - &issuer, - &serial_number, &serial_number_len, - &sm2_key); - - cms_recipient_info_encrypt_to_der(issuer, - serial_number, serial_number_len, - enced_key, enced_key_len, - NULL, &rcpt_infos_len); - } - - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || asn1_set_to_der(NULL, rcpt_infos_len, NULL, &len) != 1 - || cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - NULL, &len) != 1) { - error_print(); - return -1; - } - - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, outlen) != 1 - || asn1_set_header_to_der(rcpt_infos_len, out, outlen) != 1) { - error_print(); - return -1; - } - for (i = 0; i < rcpt_count; i++) { - if (cms_recipient_info_encrypt_to_der(&sm2_key, issuer, - serial_number, serial_number_len, - enc_key, sizeof(enc_key), out, outlen) != 1) { - error_print(); - return -1; - } - } - if (cms_enced_content_info_encrypt_to_der(&sm4_key, enc_iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - out, &outlen) != 1) { - error_print(); - return -1; - } - - return 1; + return -1; } -int cms_signed_and_enveloped_data_decrypt_verify_from_der() +int cms_open_and_verify() { return -1; } @@ -1371,7 +1878,6 @@ int cms_signed_and_enveloped_data_decrypt_verify_from_der() -#endif @@ -1379,144 +1885,4 @@ int cms_signed_and_enveloped_data_decrypt_verify_from_der() -int cms_enced_data_to_der(int enc_algor, const uint8_t *enc_iv, size_t enc_iv_len, - int content_type, const uint8_t *enced_content, size_t enced_content_len, - const uint8_t *shared_info1, size_t shared_info1_len, - const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t **out, size_t *outlen) -{ - size_t len = 0; - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || cms_enced_content_info_to_der(enc_algor, enc_iv, enc_iv_len, - content_type, enced_content, enced_content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - NULL, &len) != 1) { - error_print(); - return -1; - } - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, outlen) != 1 - || cms_enced_content_info_to_der(enc_algor, enc_iv, enc_iv_len, - content_type, enced_content, enced_content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - out, outlen) != 1) { - error_print(); - return -1; - } - return 1; -} - - -int cms_enced_data_from_der(int *content_type, - int *enc_algor, uint32_t *enc_algor_nodes, size_t *enc_algor_nodes_count, - const uint8_t **enc_iv, size_t *enc_iv_len, - const uint8_t **enced_content, size_t *enced_content_len, - const uint8_t **shared_info1, size_t *shared_info1_len, - const uint8_t **shared_info2, size_t *shared_info2_len, - const uint8_t **in, size_t *inlen) -{ - int ret; - const uint8_t *data; - size_t datalen; - int version; - - if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { - if (ret < 0) error_print(); - return ret; - } - if (asn1_int_from_der(&version, &data, &datalen) != 1 - || cms_enced_content_info_from_der(content_type, - enc_algor, enc_iv, enc_iv_len, - enced_content, enced_content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - &data, &datalen) != 1 - || datalen > 0) { - error_print(); - return -1; - } - if (version != CMS_version) { - error_print(); - return -1; - } - return 1; -} - -int cms_encrypted_data_encrypt_to_der(const SM4_KEY *sm4_key, const uint8_t iv[16], - int content_type, const uint8_t *content, size_t content_len, - const uint8_t *shared_info1, size_t shared_info1_len, - const uint8_t *shared_info2, size_t shared_info2_len, - uint8_t **out, size_t *outlen) -{ - size_t len = 0; - - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || cms_enced_content_info_encrypt_to_der(sm4_key, iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - NULL, &len) != 1) { - error_print(); - return -1; - } - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, outlen) != 1 - || cms_enced_content_info_encrypt_to_der(sm4_key, iv, - content_type, content, content_len, - shared_info1, shared_info1_len, - shared_info2, shared_info2_len, - out, outlen) != 1) { - error_print(); - return -1; - } - return 1; -} - -int cms_key_agreement_info_to_der(const SM2_KEY *pub_key, const X509_CERTIFICATE *cert, - const uint8_t *user_id, size_t user_id_len, uint8_t **out, size_t *outlen) -{ - size_t len = 0; - - if (asn1_int_to_der(CMS_version, NULL, &len) != 1 - || sm2_public_key_info_to_der(pub_key, NULL, &len) != 1 - || x509_certificate_to_der(cert, NULL, &len) != 1 - || asn1_octet_string_to_der(user_id, user_id_len, NULL, &len) != 1) { - error_print(); - return -1; - } - if (asn1_sequence_header_to_der(len, out, outlen) != 1 - || asn1_int_to_der(CMS_version, out, outlen) != 1 - || sm2_public_key_info_to_der(pub_key, out, outlen) != 1 - || x509_certificate_to_der(cert, out, outlen) != 1 - || asn1_octet_string_to_der(user_id, user_id_len, out, outlen) != 1) { - error_print(); - return -1; - } - return 1; -} - -int cms_key_agreement_info_from_der(SM2_KEY *pub_key, X509_CERTIFICATE *cert, - const uint8_t **user_id, size_t *user_id_len, const uint8_t **in, size_t *inlen) -{ - int ret; - const uint8_t *data; - size_t datalen; - int version; - - if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { - if (ret < 0) error_print(); - return ret; - } - if (asn1_int_from_der(&version, &data, &datalen) != 1 - || sm2_public_key_info_from_der(pub_key, &data, &datalen) != 1 - || x509_certificate_from_der(cert, &data, &datalen) != 1 - || asn1_octet_string_from_der(user_id, user_id_len, &data, &datalen) != 1 - || datalen > 0) { - error_print(); - return -1; - } - return 1; -} diff --git a/src/debug.c b/src/debug.c index ebafd7ac..e4b672c8 100644 --- a/src/debug.c +++ b/src/debug.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/des.c b/src/des.c index 1d07bcfd..98df6f43 100644 --- a/src/des.c +++ b/src/des.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/digest.c b/src/digest.c index a4c9004f..2f550360 100644 --- a/src/digest.c +++ b/src/digest.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/endian.h b/src/endian.h index 506003f1..590dccfc 100644 --- a/src/endian.h +++ b/src/endian.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/gcm.c b/src/gcm.c index 6a5bf8b5..0fba87d1 100644 --- a/src/gcm.c +++ b/src/gcm.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/gf128.c b/src/gf128.c index ee7e3ac9..1b77f92f 100644 --- a/src/gf128.c +++ b/src/gf128.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/hash_drbg.c b/src/hash_drbg.c index 26977843..e559b1ae 100644 --- a/src/hash_drbg.c +++ b/src/hash_drbg.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/hex.c b/src/hex.c index 5bcadb97..ea59bd06 100644 --- a/src/hex.c +++ b/src/hex.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/hkdf.c b/src/hkdf.c index 83f4fd4c..6a851e7f 100644 --- a/src/hkdf.c +++ b/src/hkdf.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/hmac.c b/src/hmac.c index 3fd064cd..ff5c727a 100644 --- a/src/hmac.c +++ b/src/hmac.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/md5.c b/src/md5.c index 0f44fbf6..fcab99e4 100755 --- a/src/md5.c +++ b/src/md5.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/mem.h b/src/mem.h index c3b5cb61..0b210440 100644 --- a/src/mem.h +++ b/src/mem.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/oid.c b/src/oid.c index d9560e01..4bf59bf4 100644 --- a/src/oid.c +++ b/src/oid.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/pbkdf2.c b/src/pbkdf2.c index eeadf196..f6f6efd3 100644 --- a/src/pbkdf2.c +++ b/src/pbkdf2.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/pem.c b/src/pem.c index 9d7594da..233dba75 100644 --- a/src/pem.c +++ b/src/pem.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/pkcs8.c b/src/pkcs8.c index 3f5669c2..c3c19380 100644 --- a/src/pkcs8.c +++ b/src/pkcs8.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/rand.c b/src/rand.c index 0e5d5525..ec07306d 100644 --- a/src/rand.c +++ b/src/rand.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/rc4.c b/src/rc4.c index 1d647ab1..9ebee294 100644 --- a/src/rc4.c +++ b/src/rc4.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sha1.c b/src/sha1.c index 0dbe89d8..1514eaf1 100755 --- a/src/sha1.c +++ b/src/sha1.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sha256.c b/src/sha256.c index 8a194d13..37fc9fd3 100755 --- a/src/sha256.c +++ b/src/sha256.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sha512.c b/src/sha512.c index 706f7497..e278cfc3 100755 --- a/src/sha512.c +++ b/src/sha512.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm2_algo.c b/src/sm2_algo.c index 93eec4b8..62e50288 100644 --- a/src/sm2_algo.c +++ b/src/sm2_algo.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm2_asn1.c b/src/sm2_asn1.c index 2984a2ef..59bbbbea 100644 --- a/src/sm2_asn1.c +++ b/src/sm2_asn1.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm2_lib.c b/src/sm2_lib.c index ab12cbcf..fd5b2c66 100644 --- a/src/sm2_lib.c +++ b/src/sm2_lib.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm2_prn.c b/src/sm2_prn.c index 0b258c44..e52cdf93 100644 --- a/src/sm2_prn.c +++ b/src/sm2_prn.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm3.c b/src/sm3.c index adfa651a..b279d777 100755 --- a/src/sm3.c +++ b/src/sm3.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm3_hmac.c b/src/sm3_hmac.c index d4d91894..96bb0c67 100644 --- a/src/sm3_hmac.c +++ b/src/sm3_hmac.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm4_common.c b/src/sm4_common.c index c397bbca..1254736d 100644 --- a/src/sm4_common.c +++ b/src/sm4_common.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm4_enc.c b/src/sm4_enc.c index d399be13..0efb53ac 100644 --- a/src/sm4_enc.c +++ b/src/sm4_enc.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm4_lcl.h b/src/sm4_lcl.h index ee78508d..7f03a735 100644 --- a/src/sm4_lcl.h +++ b/src/sm4_lcl.h @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2019 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm4_modes.c b/src/sm4_modes.c index 35c2400d..ce37d258 100644 --- a/src/sm4_modes.c +++ b/src/sm4_modes.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm4_setkey.c b/src/sm4_setkey.c index 2c2bf029..a8757cdb 100644 --- a/src/sm4_setkey.c +++ b/src/sm4_setkey.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2019 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm9_keygen.c b/src/sm9_keygen.c index 510ee1f0..0dbe5a9f 100644 --- a/src/sm9_keygen.c +++ b/src/sm9_keygen.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm9_math.c b/src/sm9_math.c index 92600f77..8cd0390b 100644 --- a/src/sm9_math.c +++ b/src/sm9_math.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/sm9_sign.c b/src/sm9_sign.c index fd74f766..34f10e96 100644 --- a/src/sm9_sign.c +++ b/src/sm9_sign.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/tlcp.c b/src/tlcp.c index 4eacfe43..960d88f0 100644 --- a/src/tlcp.c +++ b/src/tlcp.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/tls.c b/src/tls.c index c470e3a2..94235c65 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/tls12.c b/src/tls12.c index fdd25bca..155f372d 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/tls13.c b/src/tls13.c index 5fa05401..9f7d464a 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/tls_trace.c b/src/tls_trace.c index 93b62eab..3fefb66f 100644 --- a/src/tls_trace.c +++ b/src/tls_trace.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/x509_algor.c b/src/x509_algor.c index 95e7f3aa..2bd7a65e 100644 --- a/src/x509_algor.c +++ b/src/x509_algor.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -156,34 +156,41 @@ int x509_encryption_algor_to_der(int cipher, const uint8_t *iv, size_t ivlen, return 1; } -int x509_encryption_algor_from_der(int *cipher, +const char *x509_encryption_algor_name(int algor) +{ + switch (algor) { + case OID_sm4_cbc: return "sm4-cbc"; + } + return NULL; +} + + +int x509_encryption_algor_from_der(int *algor, uint32_t nodes[32], size_t *nodes_count, const uint8_t **iv, size_t *ivlen, const uint8_t **in, size_t *inlen) { int ret; const uint8_t *data; size_t datalen; - uint32_t nodes[32]; - size_t nodes_count; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { if (ret < 0) error_print(); return ret; } - if (asn1_object_identifier_from_der(cipher, nodes, &nodes_count, &data, &datalen) != 1 + if (asn1_object_identifier_from_der(algor, nodes, nodes_count, &data, &datalen) != 1 || asn1_octet_string_from_der(iv, ivlen, &data, &datalen) != 1 || datalen > 0) { error_print(); return -1; } - if (*cipher == OID_undef) { - if (nodes_count == sm4_cbc_nodes_count + if (*algor == OID_undef) { + if (*nodes_count == sm4_cbc_nodes_count && memcmp(nodes, sm4_cbc_nodes, sizeof(sm4_cbc_nodes)) == 0) { - *cipher = OID_sm4_cbc; + *algor = OID_sm4_cbc; } else { size_t i; error_puts("unknown cipher oid :"); - for (i = 0; i < nodes_count; i++) { + for (i = 0; i < *nodes_count; i++) { fprintf(stderr, " %d", nodes[i]); } fprintf(stderr, "\n"); @@ -252,19 +259,18 @@ int x509_signature_algor_to_der(int oid, uint8_t **out, size_t *outlen) return 1; } -int x509_signature_algor_from_der(int *oid, const uint8_t **in, size_t *inlen) +int x509_signature_algor_from_der(int *algor, uint32_t nodes[32], size_t nodes_count, + const uint8_t **in, size_t *inlen) { int ret; const uint8_t *data; size_t datalen; - uint32_t nodes[32]; - size_t nodes_count; int has_null_obj; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { return ret; } - if (asn1_object_identifier_from_der(oid, nodes, &nodes_count, &data, &datalen) != 1) { + if (asn1_object_identifier_from_der(algor, nodes, &nodes_count, &data, &datalen) != 1) { error_print(); return -1; } @@ -278,7 +284,7 @@ int x509_signature_algor_from_der(int *oid, const uint8_t **in, size_t *inlen) return -1; } - switch (*oid) { + switch (*algor) { //case OID_ecdsa_with_sha1: //case OID_ecdsa_with_sha224 //case OID_ecdsa_with_sha256: @@ -327,7 +333,7 @@ int x509_public_key_encryption_algor_to_der(int algor, uint8_t **out, size_t *ou } int x509_public_key_encryption_algor_from_der(int *algor, uint32_t *nodes, size_t *nodes_count, - const uint8_t *params, size_t *params_len, + const uint8_t **params, size_t *params_len, const uint8_t **in, size_t *inlen) { int ret; @@ -345,17 +351,3 @@ int x509_public_key_encryption_algor_from_der(int *algor, uint32_t *nodes, size_ // FIXME: 我们需要一个读取完整obj的函数 return 1; } - - - - - - - - - - - - - - diff --git a/src/x509_asn1.c b/src/x509_asn1.c index 7a96e921..7cb6fbeb 100644 --- a/src/x509_asn1.c +++ b/src/x509_asn1.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -998,6 +998,8 @@ int x509_tbs_certificate_from_der(X509_TBS_CERTIFICATE *a, const uint8_t **in, s const uint8_t *serial_number; const uint8_t *issuer_unique_id = NULL; const uint8_t *subject_unique_id = NULL; + uint32_t nodes[32]; + size_t nodes_count; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { if (ret < 0) error_print(); @@ -1005,7 +1007,7 @@ int x509_tbs_certificate_from_der(X509_TBS_CERTIFICATE *a, const uint8_t **in, s } if (x509_version_from_der(&a->version, &data, &datalen) != 1 || asn1_integer_from_der(&serial_number, &a->serial_number_len, &data, &datalen) != 1 - || x509_signature_algor_from_der(&a->signature_algor, &data, &datalen) != 1 + || x509_signature_algor_from_der(&a->signature_algor, nodes, &nodes_count, &data, &datalen) != 1 || x509_name_from_der(&a->issuer, &data, &datalen) != 1 || x509_validity_from_der(&a->validity, &data, &datalen) != 1 || x509_name_from_der(&a->subject, &data, &datalen) != 1 @@ -1077,6 +1079,8 @@ int x509_certificate_from_der(X509_CERTIFICATE *a, const uint8_t **in, size_t *i size_t datalen; const uint8_t *sig; size_t sig_nbits; + uint32_t nodes[32]; + size_t nodes_count; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { if (ret < 0) error_print(); @@ -1084,7 +1088,7 @@ int x509_certificate_from_der(X509_CERTIFICATE *a, const uint8_t **in, size_t *i } memset(a, 0, sizeof(X509_CERTIFICATE)); if (x509_tbs_certificate_from_der(&a->tbs_certificate, &data, &datalen) != 1 - || x509_signature_algor_from_der(&a->signature_algor, &data, &datalen) != 1 + || x509_signature_algor_from_der(&a->signature_algor, nodes, &nodes_count, &data, &datalen) != 1 || asn1_bit_string_from_der(&sig, &sig_nbits, &data, &datalen) != 1 || datalen > 0) { error_print(); @@ -1263,13 +1267,15 @@ int x509_cert_request_from_der(X509_CERT_REQUEST *a, const uint8_t **in, size_t size_t datalen; const uint8_t *sig; size_t siglen; + uint32_t nodes[32]; + size_t nodes_count; if ((ret = asn1_sequence_from_der(&data, &datalen, in, inlen)) != 1) { if (ret < 0) error_print(); return ret; } if (x509_cert_request_info_from_der(&a->req_info, &data, &datalen) != 1 - || x509_signature_algor_from_der(&a->signature_algor, &data, &datalen) != 1 + || x509_signature_algor_from_der(&a->signature_algor, nodes, &nodes_count, &data, &datalen) != 1 || x509_signature_copy_from_der(128, a->signature, &a->signature_len, &data, &datalen) != 1 || datalen > 0) { error_print(); diff --git a/src/x509_crl.c b/src/x509_crl.c index 7df0902f..eb01a803 100644 --- a/src/x509_crl.c +++ b/src/x509_crl.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/x509_ext.c b/src/x509_ext.c index 67608533..a50f93e9 100644 --- a/src/x509_ext.c +++ b/src/x509_ext.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/x509_lib.c b/src/x509_lib.c index 18b43482..c4f31883 100644 --- a/src/x509_lib.c +++ b/src/x509_lib.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/zuc_core.c b/src/zuc_core.c index a763fcee..068760c9 100644 --- a/src/zuc_core.c +++ b/src/zuc_core.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2015 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/zuc_eea.c b/src/zuc_eea.c index 9677639b..089f1d90 100644 --- a/src/zuc_eea.c +++ b/src/zuc_eea.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/src/zuc_eia.c b/src/zuc_eia.c index a17bb279..73226957 100644 --- a/src/zuc_eia.c +++ b/src/zuc_eia.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2015 - 2019 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tests/cmstest.c b/tests/cmstest.c index 9680a8a3..9342ae07 100644 --- a/tests/cmstest.c +++ b/tests/cmstest.c @@ -53,6 +53,7 @@ #include #include #include +#include #include static int test_cms_data(void) @@ -99,9 +100,85 @@ static int test_cms_sign(void) } +static int test_cms_enced_content_info(void) +{ + uint8_t buf[512]; + uint8_t *p = buf; + const uint8_t *cp = buf; + size_t len = 0; + uint8_t iv[16]; + uint8_t enced_content[30]; + + if (cms_enced_content_info_to_der(OID_sm4_cbc, iv, sizeof(iv), + CMS_data, enced_content, sizeof(enced_content), + NULL, 0, + NULL, 0, + &p, &len) != 1) { + error_print(); + return -1; + } + + int content_type; + int enc_algor; + const uint8_t *enc_iv; + size_t enc_iv_len; + const uint8_t *penced_content; + size_t enced_content_len; + const uint8_t *shared_info1, *shared_info2; + size_t shared_info1_len, shared_info2_len; + + if (cms_enced_content_info_from_der(&content_type, + &enc_algor, &enc_iv, &enc_iv_len, + &penced_content, &enced_content_len, + &shared_info1, &shared_info1_len, + &shared_info2, &shared_info2_len, + &cp, &len) != 1) { + error_print(); + return -1; + } + + + + return 1; +} + + +static int test_cms_encrypt(void) +{ + uint8_t key[16]; + uint8_t msg[] = "Hello world!"; + uint8_t cbuf[512]; + uint8_t mbuf[512]; + size_t clen, mlen; + int content_type = 0; + const uint8_t *shared_info1 = NULL; + const uint8_t *shared_info2 = NULL; + size_t shared_info1_len, shared_info2_len; + + if (cms_encrypt(key, msg, sizeof(msg), cbuf, &clen) != 1) { + error_print(); + return -1; + } + + format_bytes(stderr, 0, 0, "EncryptedData\n", cbuf, clen); + + + if (cms_decrypt(key, cbuf, clen, &content_type, mbuf, &mlen, + &shared_info1, &shared_info1_len, + &shared_info2, &shared_info2_len) != 1) { + error_print(); + return -1; + } + + return 1; +} + int main(void) { - test_cms_data(); - test_cms_sign(); + // 很可能x509_algor.c中有错误! + test_cms_enced_content_info(); + //test_cms_encrypt(); + //test_cms_data(); + //test_cms_sign(); return 0; } diff --git a/tests/x509test.c b/tests/x509test.c index 5951fa1e..6b30968a 100644 --- a/tests/x509test.c +++ b/tests/x509test.c @@ -125,6 +125,8 @@ static int test_x509_signature_algor(int oid) int err = 0; int tests[] = {OID_sm2sign_with_sm3, OID_rsasign_with_sm3}; int val; + uint32_t nodes[32]; + size_t nodes_count; uint8_t buf[128]; const uint8_t *cp = buf; uint8_t *p = buf; @@ -145,7 +147,7 @@ static int test_x509_signature_algor(int oid) printf("\n"); } for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - if (x509_signature_algor_from_der(&val, &cp, &len) != 1) { + if (x509_signature_algor_from_der(&val, nodes, &nodes_count, &cp, &len) != 1) { error_print(); err++; goto end; diff --git a/tools/certgen.c b/tools/certgen.c index 8cb705a6..51a8d47e 100644 --- a/tools/certgen.c +++ b/tools/certgen.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/certverify.c b/tools/certverify.c index fd04a3fa..55ad4e74 100644 --- a/tools/certverify.c +++ b/tools/certverify.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/certview.c b/tools/certview.c index fe163abe..1e0dba56 100644 --- a/tools/certview.c +++ b/tools/certview.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/digest.c b/tools/digest.c index 5582775a..c2127e83 100644 --- a/tools/digest.c +++ b/tools/digest.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/hmac.c b/tools/hmac.c index 441b76da..f4e51a6c 100644 --- a/tools/hmac.c +++ b/tools/hmac.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/oid.c b/tools/oid.c index 01daadcb..a8bfd0f4 100644 --- a/tools/oid.c +++ b/tools/oid.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/pkcs8gen.c b/tools/pkcs8gen.c index 80841f27..a1727aed 100644 --- a/tools/pkcs8gen.c +++ b/tools/pkcs8gen.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/reqgen.c b/tools/reqgen.c index f098eab6..ce3f424d 100644 --- a/tools/reqgen.c +++ b/tools/reqgen.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/reqsign.c b/tools/reqsign.c index 1073966d..9b43793e 100644 --- a/tools/reqsign.c +++ b/tools/reqsign.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2decrypt.c b/tools/sm2decrypt.c index 974311d0..b582aeec 100644 --- a/tools/sm2decrypt.c +++ b/tools/sm2decrypt.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2encrypt.c b/tools/sm2encrypt.c index 3ddb541f..afa33df4 100644 --- a/tools/sm2encrypt.c +++ b/tools/sm2encrypt.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2gen.c b/tools/sm2gen.c index 147c3ce0..ee5513a7 100644 --- a/tools/sm2gen.c +++ b/tools/sm2gen.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2pub.c b/tools/sm2pub.c index 6a99aaf9..e4166758 100644 --- a/tools/sm2pub.c +++ b/tools/sm2pub.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2sign.c b/tools/sm2sign.c index 5824a04e..73edce84 100644 --- a/tools/sm2sign.c +++ b/tools/sm2sign.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2verify.c b/tools/sm2verify.c index 3fb8b5f2..e3fe41f4 100644 --- a/tools/sm2verify.c +++ b/tools/sm2verify.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm2view.c b/tools/sm2view.c index fa136442..48f25d98 100644 --- a/tools/sm2view.c +++ b/tools/sm2view.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm3sum.c b/tools/sm3sum.c index 27fd8d56..d038df2b 100644 --- a/tools/sm3sum.c +++ b/tools/sm3sum.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/sm4speed.c b/tools/sm4speed.c index 6ac9e976..935e596d 100644 --- a/tools/sm4speed.c +++ b/tools/sm4speed.c @@ -1,4 +1,4 @@ -/* ==================================================================== +/* ==================================================================== * Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tlcp_client.c b/tools/tlcp_client.c index eb328446..fb18660d 100644 --- a/tools/tlcp_client.c +++ b/tools/tlcp_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tlcp_server.c b/tools/tlcp_server.c index 59cbbd58..94ba1355 100644 --- a/tools/tlcp_server.c +++ b/tools/tlcp_server.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tls12_client.c b/tools/tls12_client.c index 0399dea4..6a850c4a 100644 --- a/tools/tls12_client.c +++ b/tools/tls12_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tls12_server.c b/tools/tls12_server.c index c170be88..0fcdb704 100644 --- a/tools/tls12_server.c +++ b/tools/tls12_server.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tls13_client.c b/tools/tls13_client.c index 4e02f165..6dea4d88 100644 --- a/tools/tls13_client.c +++ b/tools/tls13_client.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/tools/tls13_server.c b/tools/tls13_server.c index 07adf034..7c9877e0 100644 --- a/tools/tls13_server.c +++ b/tools/tls13_server.c @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without