abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

add gmapi

Browse Source
This commit is contained in:
Zhi Guan
2017-02-15 15:53:30 +08:00
parent 065259f710
commit c04b2060af
18 changed files with 2919 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Configure
View File

@@ -311,7 +311,7 @@ $config{sdirs} = [
"buffer", "bio", "stack", "lhash", "rand", "err",
"evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui",
"cms", "ts", "srp", "cmac", "ct", "async", "kdf",
"sm3", "sms4", "kdf2", "ecies", "ffx", "sm2", "paillier", "cpk", "otp"
"sm3", "sms4", "kdf2", "ecies", "ffx", "sm2", "paillier", "cpk", "otp", "gmapi"
];
# Known TLS and DTLS protocols

2
crypto/err/err.c
View File

@@ -64,6 +64,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_PAILLIER, 0, 0), "PAILLIER routines"},
{ERR_PACK(ERR_LIB_CPK, 0, 0), "CPK routines"},
{ERR_PACK(ERR_LIB_OTP, 0, 0), "OTP routines"},
{ERR_PACK(ERR_LIB_GMAPI, 0, 0), "GMAPI routines"},
{0, NULL},
};
@@ -113,6 +114,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_PAILLIER_LIB, "PAILLIER lib"},
{ERR_R_CPK_LIB, "CPK lib"},
{ERR_R_OTP_LIB, "OTP lib"},
{ERR_R_GMAPI_LIB, "GMAPI lib"},
{ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
{ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},

5
crypto/err/err_all.c
View File

@@ -43,6 +43,8 @@
#include <openssl/ffx.h>
#include <openssl/paillier.h>
#include <openssl/cpk.h>
#include <openssl/otp.h>
#include <openssl/gmapi.h>
int err_load_crypto_strings_int(void)
{
@@ -120,6 +122,9 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_OTP
ERR_load_OTP_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_GMAPI
ERR_load_GMAPI_strings() == 0 ||
# endif
#endif
ERR_load_KDF_strings() == 0)
return 0;

1
crypto/err/openssl.ec
View File

@@ -40,6 +40,7 @@ L FFX include/openssl/ffx.h crypto/ffx/ffx_err.c
L PAILLIER include/openssl/paillier.h crypto/paillier/pai_err.c
L CPK include/openssl/cpk.h crypto/cpk/cpk_err.c
L OTP include/openssl/otp.h crypto/otp/otp_err.c
L GMAPI include/openssl/gmapi.h crypto/gmapi/gmapi_err.c
# additional header files to be scanned for function names
L NONE crypto/x509/x509_vfy.h NONE

3
crypto/gmapi/build.info Normal file
View File

@@ -0,0 +1,3 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=gmapi_err.c gmapi_sgd.c \
gmapi_sdf_ec.c gmapi_sdf_rsa.c gmapi_skf_ec.c gmapi_skf_rsa.c

252
crypto/gmapi/gmapi_err.c Normal file
View File

@@ -0,0 +1,252 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/gmapi.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_GMAPI,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_GMAPI,0,reason)
static ERR_STRING_DATA GMAPI_str_functs[] = {
{ERR_FUNC(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE),
"ECDSA_SIG_get_ECCSignature"},
{ERR_FUNC(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB),
"ECDSA_SIG_get_ECCSIGNATUREBLOB"},
{ERR_FUNC(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE),
"ECDSA_SIG_new_from_ECCSignature"},
{ERR_FUNC(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB),
"ECDSA_SIG_new_from_ECCSIGNATUREBLOB"},
{ERR_FUNC(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE),
"ECDSA_SIG_set_ECCSignature"},
{ERR_FUNC(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB),
"ECDSA_SIG_set_ECCSIGNATUREBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB),
"EC_KEY_get_ECCPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB),
"EC_KEY_get_ECCPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY),
"EC_KEY_get_ECCrefPrivateKey"},
{ERR_FUNC(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY),
"EC_KEY_get_ECCrefPublicKey"},
{ERR_FUNC(GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB),
"EC_KEY_new_from_ECCPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB),
"EC_KEY_new_from_ECCPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY),
"EC_KEY_new_from_ECCrefPrivateKey"},
{ERR_FUNC(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY),
"EC_KEY_new_from_ECCrefPublicKey"},
{ERR_FUNC(GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB),
"EC_KEY_set_ECCPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB),
"EC_KEY_set_ECCPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY),
"EC_KEY_set_ECCrefPrivateKey"},
{ERR_FUNC(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY),
"EC_KEY_set_ECCrefPublicKey"},
{ERR_FUNC(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB),
"RSA_get_RSAPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB), "RSA_get_RSAPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY), "RSA_get_RSArefPrivateKey"},
{ERR_FUNC(GMAPI_F_RSA_GET_RSAREFPUBLICKEY), "RSA_get_RSArefPublicKey"},
{ERR_FUNC(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB),
"RSA_new_from_RSAPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB),
"RSA_new_from_RSAPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY),
"RSA_new_from_RSArefPrivateKey"},
{ERR_FUNC(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY),
"RSA_new_from_RSArefPublicKey"},
{ERR_FUNC(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB),
"RSA_set_RSAPRIVATEKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB), "RSA_set_RSAPUBLICKEYBLOB"},
{ERR_FUNC(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY), "RSA_set_RSArefPrivateKey"},
{ERR_FUNC(GMAPI_F_RSA_SET_RSAREFPUBLICKEY), "RSA_set_RSArefPublicKey"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_CREATEBASE64OBJ),
"SAF_Base64_CreateBase64Obj"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_DECODE), "SAF_Base64_Decode"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_DECODEFINAL), "SAF_Base64_DecodeFinal"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_DECODEUPDATE), "SAF_Base64_DecodeUpdate"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODE), "SAF_Base64_Encode"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODEFINAL), "SAF_Base64_EncodeFinal"},
{ERR_FUNC(GMAPI_F_SAF_BASE64_ENCODEUPDATE), "SAF_Base64_EncodeUpdate"},
{ERR_FUNC(GMAPI_F_SAF_CREATESYMMKEYOBJ), "SAF_CreateSymmKeyObj"},
{ERR_FUNC(GMAPI_F_SAF_ECCPUBLICKEYENC), "SAF_EccPublicKeyEnc"},
{ERR_FUNC(GMAPI_F_SAF_ECCPUBLICKEYENCBYCERT),
"SAF_EccPublicKeyEncByCert"},
{ERR_FUNC(GMAPI_F_SAF_ECCSIGN), "SAF_EccSign"},
{ERR_FUNC(GMAPI_F_SAF_ECCVERIFYSIGN), "SAF_EccVerifySign"},
{ERR_FUNC(GMAPI_F_SAF_ECCVERIFYSIGNBYCERT), "SAF_EccVerifySignByCert"},
{ERR_FUNC(GMAPI_F_SAF_GENECCKEYPAIR), "SAF_GenEccKeyPair"},
{ERR_FUNC(GMAPI_F_SAF_GENERATEAGREEMENTDATAWITHECC),
"SAF_GenerateAgreementDataWithECC"},
{ERR_FUNC(GMAPI_F_SAF_GENERATEKEYWITHECC), "SAF_GenerateKeyWithECC"},
{ERR_FUNC(GMAPI_F_SAF_GETECCPUBLICKEY), "SAF_GetEccPublicKey"},
{ERR_FUNC(GMAPI_F_SAF_MACFINAL), "SAF_MacFinal"},
{ERR_FUNC(GMAPI_F_SAF_MACUPDATE), "SAF_MacUpdate"},
{ERR_FUNC(GMAPI_F_SAF_PKCS7_DECODEDIGESTEDDATA),
"SAF_Pkcs7_DecodeDigestedData"},
{ERR_FUNC(GMAPI_F_SAF_PKCS7_ENCODEDIGESTEDDATA),
"SAF_Pkcs7_EncodeDigestedData"},
{ERR_FUNC(GMAPI_F_SAF_SYMMDECRYPTUPDATE), "SAF_SymmDecryptUpdate"},
{ERR_FUNC(GMAPI_F_SAF_SYMMENCRYPTUPDATE), "SAF_SymmEncryptUpdate"},
{ERR_FUNC(GMAPI_F_SKF_CLOSEHANDLE), "SKF_CloseHandle"},
{ERR_FUNC(GMAPI_F_SKF_DECRYPT), "SKF_Decrypt"},
{ERR_FUNC(GMAPI_F_SKF_DECRYPTFINAL), "SKF_DecryptFinal"},
{ERR_FUNC(GMAPI_F_SKF_DECRYPTINIT), "SKF_DecryptInit"},
{ERR_FUNC(GMAPI_F_SKF_DECRYPTUPDATE), "SKF_DecryptUpdate"},
{ERR_FUNC(GMAPI_F_SKF_DIGEST), "SKF_Digest"},
{ERR_FUNC(GMAPI_F_SKF_DIGESTFINAL), "SKF_DigestFinal"},
{ERR_FUNC(GMAPI_F_SKF_DIGESTINIT), "SKF_DigestInit"},
{ERR_FUNC(GMAPI_F_SKF_DIGESTUPDATE), "SKF_DigestUpdate"},
{ERR_FUNC(GMAPI_F_SKF_ENCRYPT), "SKF_Encrypt"},
{ERR_FUNC(GMAPI_F_SKF_ENCRYPTFINAL), "SKF_EncryptFinal"},
{ERR_FUNC(GMAPI_F_SKF_ENCRYPTINIT), "SKF_EncryptInit"},
{ERR_FUNC(GMAPI_F_SKF_ENCRYPTUPDATE), "SKF_EncryptUpdate"},
{ERR_FUNC(GMAPI_F_SKF_EXTECCDECRYPT), "SKF_ExtECCDecrypt"},
{ERR_FUNC(GMAPI_F_SKF_EXTECCENCRYPT), "SKF_ExtECCEncrypt"},
{ERR_FUNC(GMAPI_F_SKF_EXTECCSIGN), "SKF_ExtECCSign"},
{ERR_FUNC(GMAPI_F_SKF_EXTECCVERIFY), "SKF_ExtECCVerify"},
{ERR_FUNC(GMAPI_F_SKF_EXTRSAPRIKEYOPERATION),
"SKF_ExtRSAPriKeyOperation"},
{ERR_FUNC(GMAPI_F_SKF_EXTRSAPUBKEYOPERATION),
"SKF_ExtRSAPubKeyOperation"},
{ERR_FUNC(GMAPI_F_SKF_GENEXTECCKEYPAIR), "SKF_GenExtECCKeyPair"},
{ERR_FUNC(GMAPI_F_SKF_GENEXTRSAKEY), "SKF_GenExtRSAKey"},
{ERR_FUNC(GMAPI_F_SKF_GENRANDOM), "SKF_GenRandom"},
{ERR_FUNC(GMAPI_F_SKF_GETDEVINFO), "SKF_GetDevInfo"},
{ERR_FUNC(GMAPI_F_SKF_GETDEVSTATE), "SKF_GetDevState"},
{ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CBCMAC_CTX),
"SKF_HANDLE_get_cbcmac_ctx"},
{ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CIPHER), "SKF_HANDLE_get_cipher"},
{ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_CIPHER_CTX),
"SKF_HANDLE_get_cipher_ctx"},
{ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_KEY), "SKF_HANDLE_get_key"},
{ERR_FUNC(GMAPI_F_SKF_HANDLE_GET_MD_CTX), "SKF_HANDLE_get_md_ctx"},
{ERR_FUNC(GMAPI_F_SKF_MAC), "SKF_Mac"},
{ERR_FUNC(GMAPI_F_SKF_MACFINAL), "SKF_MacFinal"},
{ERR_FUNC(GMAPI_F_SKF_MACINIT), "SKF_MacInit"},
{ERR_FUNC(GMAPI_F_SKF_MACUPDATE), "SKF_MacUpdate"},
{ERR_FUNC(GMAPI_F_SKF_SETSYMMKEY), "SKF_SetSymmKey"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER),
"SM2_CIPHERTEXT_VALUE_get_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB),
"SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER),
"SM2_CIPHERTEXT_VALUE_new_from_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB),
"SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER),
"SM2_CIPHERTEXT_VALUE_set_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB),
"SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB"},
{0, NULL}
};
static ERR_STRING_DATA GMAPI_str_reasons[] = {
{ERR_REASON(GMAPI_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(GMAPI_R_CBCMAC_FAILURE), "cbcmac failure"},
{ERR_REASON(GMAPI_R_CTX_NOT_CREATED), "ctx not created"},
{ERR_REASON(GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED),
"decode ec private key failed"},
{ERR_REASON(GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED),
"decode ec public key failed"},
{ERR_REASON(GMAPI_R_DECRYPT_FAILED), "decrypt failed"},
{ERR_REASON(GMAPI_R_ENCODE_CIPHERTEXT_FAILED),
"encode ciphertext failed"},
{ERR_REASON(GMAPI_R_ENCODE_FAILED), "encode failed"},
{ERR_REASON(GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED),
"encode rsa public key failed"},
{ERR_REASON(GMAPI_R_ENCODE_SIGNATURE_FAILED), "encode signature failed"},
{ERR_REASON(GMAPI_R_ENCRYPT_FAILED), "encrypt failed"},
{ERR_REASON(GMAPI_R_FAIL), "fail"},
{ERR_REASON(GMAPI_R_GEN_RANDOM), "gen random"},
{ERR_REASON(GMAPI_R_GEN_RSA_FAILED), "gen rsa failed"},
{ERR_REASON(GMAPI_R_GET_PRIVATE_KEY_FAILED), "get private key failed"},
{ERR_REASON(GMAPI_R_GET_PUBLIC_KEY_FAILED), "get public key failed"},
{ERR_REASON(GMAPI_R_INT_OVERFLOW), "int overflow"},
{ERR_REASON(GMAPI_R_INVALID_ALGID), "invalid algid"},
{ERR_REASON(GMAPI_R_INVALID_ALGOR), "invalid algor"},
{ERR_REASON(GMAPI_R_INVALID_ARGUMENTS), "invalid arguments"},
{ERR_REASON(GMAPI_R_INVALID_BIGNUM_LENGTH), "invalid bignum length"},
{ERR_REASON(GMAPI_R_INVALID_BLOB), "invalid blob"},
{ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT), "invalid ciphertext"},
{ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_LENGTH),
"invalid ciphertext length"},
{ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_MAC), "invalid ciphertext mac"},
{ERR_REASON(GMAPI_R_INVALID_CIPHERTEXT_POINT),
"invalid ciphertext point"},
{ERR_REASON(GMAPI_R_INVALID_CIPHER_CTX_HANDLE),
"invalid cipher ctx handle"},
{ERR_REASON(GMAPI_R_INVALID_CIPHETEXT_LENGTH),
"invalid ciphetext length"},
{ERR_REASON(GMAPI_R_INVALID_CONTEXT), "invalid context"},
{ERR_REASON(GMAPI_R_INVALID_DIGEST_ALGOR), "invalid digest algor"},
{ERR_REASON(GMAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
{ERR_REASON(GMAPI_R_INVALID_ECC_PRIVATE_KEY), "invalid ecc private key"},
{ERR_REASON(GMAPI_R_INVALID_ECC_PUBLIC_KEY), "invalid ecc public key"},
{ERR_REASON(GMAPI_R_INVALID_EC_KEY), "invalid ec key"},
{ERR_REASON(GMAPI_R_INVALID_EC_PRIVATE_KEY), "invalid ec private key"},
{ERR_REASON(GMAPI_R_INVALID_EC_PUBLIC_KEY), "invalid ec public key"},
{ERR_REASON(GMAPI_R_INVALID_FEED_BIT_LENGTH), "invalid feed bit length"},
{ERR_REASON(GMAPI_R_INVALID_HANDLE), "invalid handle"},
{ERR_REASON(GMAPI_R_INVALID_HANDLE_ALGOR), "invalid handle algor"},
{ERR_REASON(GMAPI_R_INVALID_HANDLE_MAGIC), "invalid handle magic"},
{ERR_REASON(GMAPI_R_INVALID_HANDLE_TYPE), "invalid handle type"},
{ERR_REASON(GMAPI_R_INVALID_HASH_HANDLE), "invalid hash handle"},
{ERR_REASON(GMAPI_R_INVALID_ID_LENGTH), "invalid id length"},
{ERR_REASON(GMAPI_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(GMAPI_R_INVALID_IV_LENGTH), "invalid iv length"},
{ERR_REASON(GMAPI_R_INVALID_KEY_HANDLE), "invalid key handle"},
{ERR_REASON(GMAPI_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(GMAPI_R_INVALID_KEY_USAGE), "invalid key usage"},
{ERR_REASON(GMAPI_R_INVALID_LENGTH), "invalid length"},
{ERR_REASON(GMAPI_R_INVALID_MAC_HANDLE), "invalid mac handle"},
{ERR_REASON(GMAPI_R_INVALID_PLAINTEXT_LENGTH),
"invalid plaintext length"},
{ERR_REASON(GMAPI_R_INVALID_PRIVATE_KEY), "invalid private key"},
{ERR_REASON(GMAPI_R_INVALID_PUBLIC_KEY), "invalid public key"},
{ERR_REASON(GMAPI_R_INVALID_RANDOM_LENGTH), "invalid random length"},
{ERR_REASON(GMAPI_R_INVALID_RSA_KEY_LENGTH), "invalid rsa key length"},
{ERR_REASON(GMAPI_R_INVALID_RSA_PRIVATE_KEY), "invalid rsa private key"},
{ERR_REASON(GMAPI_R_INVALID_RSA_PUBLIC_KEY), "invalid rsa public key"},
{ERR_REASON(GMAPI_R_INVALID_SIGNATURE), "invalid signature"},
{ERR_REASON(GMAPI_R_INVALID_SM2_CIPHERTEXT), "invalid sm2 ciphertext"},
{ERR_REASON(GMAPI_R_INVALID_SM2_SIGNATURE), "invalid sm2 signature"},
{ERR_REASON(GMAPI_R_MAC_FAILURE), "mac failure"},
{ERR_REASON(GMAPI_R_MALLOC_FAILED), "malloc failed"},
{ERR_REASON(GMAPI_R_NOT_CONVERTABLE), "not convertable"},
{ERR_REASON(GMAPI_R_NO_PUBLIC_KEY), "no public key"},
{ERR_REASON(GMAPI_R_NULL_ARGUMENT), "null argument"},
{ERR_REASON(GMAPI_R_OPERATION_NOT_INITIALIZED),
"operation not initialized"},
{ERR_REASON(GMAPI_R_SAF_ERROR), "saf error"},
{ERR_REASON(GMAPI_R_SIGN_FAILED), "sign failed"},
{ERR_REASON(GMAPI_R_VERIFY_NOT_PASS), "verify not pass"},
{0, NULL}
};
#endif
int ERR_load_GMAPI_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(GMAPI_str_functs[0].error) == NULL) {
ERR_load_strings(0, GMAPI_str_functs);
ERR_load_strings(0, GMAPI_str_reasons);
}
#endif
return 1;
}

696
crypto/gmapi/gmapi_sdf_ec.c Normal file
View File

@@ -0,0 +1,696 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* put these functions under name `gmapi`, even if in the future the SDF
* implementation is organized into a standalone sub-library, we still need
* some convert functions between native types and the SDF types. So we can
* mix this with SDF engine without relying on the `sdf` sub-library
*
* Attension: as the functions in this file can be seen as the native
* functions of GmSSL/OpenSSL, so the return values of these functions will
* follow the convention of OpenSSL, return 1 for success and 0 for error.
* This is different from SAF/SDF/SKF where return 0 means success.
*/
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/sdf.h>
#include <openssl/gmapi.h>
#include <openssl/objects.h>
EC_KEY *EC_KEY_new_from_ECCrefPublicKey(const ECCrefPublicKey *ref)
{
EC_KEY *ret;
if (!(ret = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY, ERR_R_EC_LIB);
return NULL;
}
if (!EC_KEY_set_ECCrefPublicKey(ret, ref)) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY,
GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED);
EC_KEY_free(ret);
return NULL;
}
return ret;
}
int EC_KEY_set_ECCrefPublicKey(EC_KEY *ec_key, const ECCrefPublicKey *ref)
{
int ret = 0;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
int nbytes;
/* check arguments */
if (!ec_key || !ref) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ref->bits != EC_GROUP_get_degree(EC_KEY_get0_group(ec_key))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY,
GMAPI_R_INVALID_KEY_LENGTH);
return 0;
}
/* ECCrefPublicKey ==> EC_KEY */
nbytes = (ref->bits + 7)/8;
if (!(x = BN_bin2bn(ref->x, nbytes, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
if (!(y = BN_bin2bn(ref->y, nbytes, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
if (!EC_KEY_set_public_key_affine_coordinates(ec_key, x, y)) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY,
GMAPI_R_INVALID_PUBLIC_KEY);
goto end;
}
ret = 1;
end:
BN_free(x);
BN_free(y);
return ret;
}
int EC_KEY_get_ECCrefPublicKey(EC_KEY *ec_key, ECCrefPublicKey *ref)
{
int ret = 0;
BN_CTX *bn_ctx = NULL;
const EC_GROUP *group = EC_KEY_get0_group(ec_key);
const EC_POINT *point = EC_KEY_get0_public_key(ec_key);
BIGNUM *x;
BIGNUM *y;
/* check arguments */
if (!ec_key || !ref) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* prepare */
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
BN_CTX_start(bn_ctx);
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
if (EC_GROUP_get_degree(group) > ECCref_MAX_BITS) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_EC_LIB);
goto end;
}
}
/* EC_KEY ==> ECCrefPublicKey */
memset(ref, 0, sizeof(*ref));
ref->bits = EC_GROUP_get_degree(group);
if (!BN_bn2bin(x, ref->x + ECCref_MAX_LEN - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, ref->y + ECCref_MAX_LEN - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
return ret;
}
EC_KEY *EC_KEY_new_from_ECCrefPrivateKey(const ECCrefPrivateKey *ref)
{
EC_KEY *ret;
if (!(ret = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY, ERR_R_EC_LIB);
return NULL;
}
if (!EC_KEY_set_ECCrefPrivateKey(ret, ref)) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY,
GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED);
EC_KEY_free(ret);
return NULL;
}
return ret;
}
int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref)
{
int ret = 0;
BIGNUM *d = NULL;
if (!ec_key || !ref) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ref->bits != EC_GROUP_get_degree(EC_KEY_get0_group(ec_key))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
if (!(d = BN_bin2bn(ref->K, ECCref_MAX_LEN, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY, ERR_R_BN_LIB);
goto end;
}
if (!EC_KEY_set_private_key(ec_key, d)) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY,
GMAPI_R_INVALID_PRIVATE_KEY);
goto end;
}
ret = 1;
end:
BN_clear_free(d);
return ret;
}
int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref)
{
const EC_GROUP *group;
const BIGNUM *sk;
int nbytes;
/* check arguments */
if (!ec_key || !ref) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
group = EC_KEY_get0_group(ec_key);
sk = EC_KEY_get0_private_key(ec_key);
if (!group || !sk) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY,
GMAPI_R_INVALID_EC_PRIVATE_KEY);
return 0;
}
if (EC_GROUP_get_degree(group) > ECCref_MAX_BITS) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY,
GMAPI_R_INVALID_KEY_LENGTH);
return 0;
}
/* EC_KEY ==> ECCrefPrivateKey */
memset(ref, 0, sizeof(*ref));
ref->bits = EC_GROUP_get_degree(group);
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (!BN_bn2bin(sk, ref->K + nbytes - BN_num_bytes(sk))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY, ERR_R_BN_LIB);
return 0;
}
return 1;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(
const ECCCipher *ref)
{
SM2_CIPHERTEXT_VALUE *ret = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
EC_GROUP *group = NULL;
/* check arguments */
if (!ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (ref->L > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_INVALID_CIPHETEXT_LENGTH);
return NULL;
}
/* ECCCipher => SM2_CIPHERTEXT_VALUE */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
if (!(cv = SM2_CIPHERTEXT_VALUE_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_set_ECCCipher(cv, ref)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_INVALID_SM2_CIPHERTEXT);
goto end;
}
ret = cv;
cv = NULL;
end:
EC_GROUP_free(group);
SM2_CIPHERTEXT_VALUE_free(cv);
return ret;
}
/*
* Different vendors might have different encoding of field elements when
* the buffer is larger than requirment. We assume the encoding to be
* big-endian, which means that there will be prefix zeros in the buffer
* before the field element. Another popular encoding is to use the suffix
* zeros. When the gmapi wrapper is working with vendor's SDF
* implementations, developers have to check the encoding of the vendor's
* library to make sure the encoding/decoding is correct
*/
int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
const ECCCipher *ref)
{
int ret = 0;
BN_CTX *bn_ctx = NULL;
EC_GROUP *group = NULL;
BIGNUM *x;
BIGNUM *y;
int nbytes;
/* check arguments */
if (!cv || !ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* variables */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
/* this will never happen with GmSSL's sdf.h */
if (EC_GROUP_get_degree(group) > ECCref_MAX_BITS) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
/* malloc */
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
BN_CTX_start(bn_ctx);
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
/* ECCCipher ==> SM2_CIPHERTEXT_VALUE */
if (!BN_bin2bn(ref->x, ECCref_MAX_LEN, x)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!BN_bin2bn(ref->y, ECCref_MAX_LEN, y)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!cv->ephem_point) {
if (!(cv->ephem_point = EC_POINT_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
}
cv->mactag_size = 32;
memcpy(cv->mactag, ref->M, 32);
if (ref->L <= 0 || ref->L > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
cv->ciphertext_size = (size_t)ref->L;
if (!(cv->ciphertext = OPENSSL_realloc(cv->ciphertext, (size_t)ref->L))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPI_R_MALLOC_FAILED);
goto end;
}
memcpy(cv->ciphertext, ref->C, (size_t)ref->L);
/* set return value */
ret = 0;
end:
EC_GROUP_free(group);
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
return ret;
}
/* The caller need to prepare buffer larger than `sizeof(ECCipher)` to hold
* the result. Some vendors might change the define of `ECCCipher->C[1]` to
* larger buffer, such as `ECCCipher->C[ECC_CIPHER_MAX_LEN]`, but our
* implementation will not know this. So always init `ECCCipher->L` to the
* buffer size for ciphertext.
* Some vendors might even change the definition of `ECCCipher`, then there
* will be compiling errors when compiled with the vendor's header file. So
* when you will use a vendor's SDF library, do not use `openssl/sdf.h`, but
* use the vendor's header file. Then the errors can be found by the
* compiler.
*/
int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
ECCCipher *ref)
{
int ret = 0;
BN_CTX *bn_ctx = NULL;
EC_GROUP *group = NULL;
BIGNUM *x;
BIGNUM *y;
/* check arguments */
if (!cv || !ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* as the `ECCCipher->C[1]` default size is too small, we have to
* check `ECCCipher->L` to make sure caller has initialized this
* structure and prepared enough buffer to hold variable length
* ciphertext
*/
if (ref->L < cv->ciphertext_size) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPI_R_BUFFER_TOO_SMALL);
return 0;
}
/* malloc */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
return 0;
}
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_BN_LIB);
goto end;
}
BN_CTX_start(bn_ctx);
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
/* SM2_CIPHERTEXT_VALUE ==> ECCCipher */
memset(ref, 0, sizeof(*ref));
/* encode ephem point `ECCCipher->x`, `ECCCipher->y` */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
}
/*
* check compatible of SM2_CIPHERTEXT_VALUE with EC_GROUP
* In gmapi we only do simple checks, i.e. length of coordinates.
* We assume that more checks, such as x, y in the range of [1, p]
* and other semantic checks should be done by the `sm2` module.
*/
if (BN_num_bits(x) > EC_GROUP_get_degree(group) ||
BN_num_bits(y) > EC_GROUP_get_degree(group)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_POINT);
goto end;
}
if (!BN_bn2bin(x, ref->x + ECCref_MAX_LEN - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, ref->y + ECCref_MAX_LEN - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
/* encode mac `ECCCipher->M[32]` */
if (cv->mactag_size != 32) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_MAC);
goto end;
}
memcpy(ref->M, cv->mactag, cv->mactag_size);
/* encode ciphertext `ECCCipher->L`, `ECCCipher->C[]` */
if (cv->ciphertext_size <= 0 || cv->ciphertext_size > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
ref->L = (unsigned int)cv->ciphertext_size;
memcpy(ref->C, cv->ciphertext, cv->ciphertext_size);
/* set return value */
ret = 1;
end:
if (bn_ctx) {
BN_CTX_end(bn_ctx);
}
BN_CTX_free(bn_ctx);
EC_GROUP_free(group);
return ret;
}
ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref)
{
ECDSA_SIG *ret = NULL;
ECDSA_SIG *sig = NULL;
/* check arguments */
if (!ref) {
GMAPIerr(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE,
ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
/* generate and convert */
if (!(sig = ECDSA_SIG_new())) {
GMAPIerr(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE,
GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!ECDSA_SIG_set_ECCSignature(sig, ref)) {
GMAPIerr(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE,
GMAPI_R_INVALID_SIGNATURE);
goto end;
}
/* set return value */
ret = sig;
sig = NULL;
end:
ECDSA_SIG_free(sig);
return ret;
}
int ECDSA_SIG_set_ECCSignature(ECDSA_SIG *sig, const ECCSignature *ref)
{
int ret = 0;
BIGNUM *r = NULL;
BIGNUM *s = NULL;
/* check arguments */
if (!sig || !ref) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* ECCSignature ==> ECDSA_SIG */
if (!(r = BN_bin2bn(ref->r, ECCref_MAX_LEN, NULL))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE, ERR_R_BN_LIB);
goto end;
}
if (!(s = BN_bin2bn(ref->s, ECCref_MAX_LEN, NULL))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE, ERR_R_BN_LIB);
goto end;
}
/* when using `sm2p256v1`, we need to check (s, r) length correct */
if (BN_num_bytes(r) != 256/8 || BN_num_bytes(s) != 256/8) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE,
GMAPI_R_INVALID_SM2_SIGNATURE);
goto end;
}
/* set return value
* `ECDSA_SIG_set0` should make sure that if failed, do not accept
* the value of (r, s), or there will be double-free
*/
if (!ECDSA_SIG_set0(sig, r, s)) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE,
ERR_R_EC_LIB);
goto end;
}
r = NULL;
s = NULL;
ret = 1;
end:
BN_free(r);
BN_free(s);
return ret;
}
int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref)
{
/* (r, s) are pointed to (sig->r, sig->s), so dont free (r, s) */
const BIGNUM *r = NULL;
const BIGNUM *s = NULL;
/* check arguments */
if (!sig || !ref) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* check ECDSA_SIG
* `ECDSA_SIG_get0() return void
*/
ECDSA_SIG_get0(sig, &r, &s);
if (BN_num_bytes(r) > ECCref_MAX_LEN ||
BN_num_bytes(s) > ECCref_MAX_LEN) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE,
GMAPI_R_NOT_CONVERTABLE);
return 0;
}
/* ECDSA_SIG ==> ECCSignature */
memset(ref, 0, sizeof(*ref));
if (!BN_bn2bin(r, ref->r + ECCref_MAX_LEN - BN_num_bytes(r))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE, ERR_R_BN_LIB);
return 0;
}
if (!BN_bn2bin(s, ref->s + ECCref_MAX_LEN - BN_num_bytes(s))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE, ERR_R_BN_LIB);
return 0;
}
return 1;
}

209
crypto/gmapi/gmapi_sdf_rsa.c Normal file
View File

@@ -0,0 +1,209 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* convert RSA between native and SDF types, never include skf.h */
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/gmapi.h>
#include <openssl/rsa.h>
#include <openssl/sdf.h>
#include "../rsa/rsa_locl.h" //FIXME
RSA *RSA_new_from_RSArefPublicKey(const RSArefPublicKey *ref)
{
RSA *ret;
if (!(ret = RSA_new())) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY, ERR_R_RSA_LIB);
return NULL;
}
if (!RSA_set_RSArefPublicKey(ret, ref)) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
RSA_free(ret);
return NULL;
}
return ret;
}
int RSA_set_RSArefPublicKey(RSA *rsa, const RSArefPublicKey *ref)
{
if (!rsa || !ref) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((ref->bits < 1024) || (ref->bits > RSAref_MAX_LEN*8) ||
(ref->bits % 8 != 0)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_KEY_LENGTH);
return 0;
}
if (!(rsa->n = BN_bin2bn(ref->m, ref->bits/8, rsa->n))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
if (!(rsa->e = BN_bin2bn(ref->e, RSAref_MAX_LEN, rsa->e))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
if (!RSA_check_key(rsa)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
return 1;
}
int RSA_get_RSArefPublicKey(RSA *rsa, RSArefPublicKey *ref)
{
int nbytes;
if (!rsa || !ref) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!rsa->n || !rsa->e) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
nbytes = BN_num_bytes(rsa->n);
if (!BN_bn2bin(rsa->n, ref->m) || !BN_bn2bin(rsa->e,
ref->e + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e))) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPUBLICKEY,
GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED);
return 0;
}
return 1;
}
RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref)
{
RSA *ret;
if (!(ret = RSA_new())) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY, ERR_R_RSA_LIB);
return NULL;
}
if (!RSA_set_RSArefPrivateKey(ret, ref)) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
RSA_free(ret);
return NULL;
}
return ret;
}
int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref)
{
int nbytes;
if (!rsa || !ref) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((ref->bits < 1024) || (ref->bits > RSAref_MAX_LEN*8) ||
(ref->bits % 8 != 0) || (ref->bits % 16 != 0)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY,
GMAPI_R_INVALID_KEY_LENGTH);
return 0;
}
nbytes = ref->bits/8;
if (!(rsa->n = BN_bin2bn(ref->m, nbytes, rsa->n)) ||
!(rsa->e = BN_bin2bn(ref->e, MAX_RSA_EXPONENT_LEN, rsa->e)) ||
!(rsa->d = BN_bin2bn(ref->d, nbytes, rsa->d)) ||
!(rsa->p = BN_bin2bn(ref->prime[0], nbytes/2, rsa->p)) ||
!(rsa->q = BN_bin2bn(ref->prime[1], nbytes/2, rsa->q)) ||
!(rsa->dmp1 = BN_bin2bn(ref->pexp[0], nbytes/2, rsa->dmp1)) ||
!(rsa->dmq1 = BN_bin2bn(ref->pexp[1], nbytes/2, rsa->dmq1)) ||
!(rsa->iqmp = BN_bin2bn(ref->coef, nbytes/2, rsa->iqmp))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAREFPRIVATEKEY,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
return 1;
}
int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref)
{
int nbytes;
if (!rsa || !ref) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q ||
!rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
memset(ref, 0, sizeof(*ref));
ref->bits = BN_num_bits(rsa->n);
nbytes = BN_num_bytes(rsa->n);
if (!BN_bn2bin(rsa->n, ref->m) ||
!BN_bn2bin(rsa->e, ref->e + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e)) ||
!BN_bn2bin(rsa->d, ref->d + nbytes - BN_num_bytes(rsa->d)) ||
!BN_bn2bin(rsa->p, &(ref->prime[0]) + nbytes/2 - BN_num_bytes(rsa->p)) ||
!BN_bn2bin(rsa->q, &(ref->prime[1]) + nbytes/2 - BN_num_bytes(rsa->q)) ||
!BN_bn2bin(rsa->dmp1, &(ref->pexp[0]) + nbytes/2 - BN_num_bytes(rsa->dmp1)) ||
!BN_bn2bin(rsa->dmq1, &(ref->pexp[1]) + nbytes/2 - BN_num_bytes(rsa->dmq1)) ||
!BN_bn2bin(rsa->iqmp, ref->coef + nbytes/2 - BN_num_bytes(rsa->iqmp))) {
GMAPIerr(GMAPI_F_RSA_GET_RSAREFPRIVATEKEY,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
return 1;
}

118
crypto/gmapi/gmapi_sgd.c Normal file
View File

@@ -0,0 +1,118 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/sgd.h>
const EVP_MD *EVP_get_digestbysgd(int sgd)
{
switch (sgd) {
case SGD_SM3:
return EVP_sm3();
case SGD_SHA1:
return EVP_sha1();
case SGD_SHA256:
return EVP_sha256();
}
return NULL;
}
const EVP_CIPHER *EVP_get_cipherbysgd(int sgd)
{
switch (sgd) {
case SGD_SM4_ECB:
return EVP_sms4_ecb();
case SGD_SM4_CBC:
return EVP_sms4_cbc();
case SGD_SM4_CFB:
return EVP_sms4_cfb();
case SGD_SM4_OFB:
return EVP_sms4_ofb();
#define OPENSSL_NO_ZUC
#ifndef OPENSSL_NO_ZUC
case SGD_ZUC:
return EVP_zuc();
case SGD_ZUC_EEA3:
return EVP_zuc_eea3();
#endif
}
return NULL;
}
/*
int load_engine(void)
{
ENGINE *e;
ENGINE_load_builtin_engines(0);
ENGINE_register_all_complete();
}
*/
const char *GMAPI_keyusage2str(int usage)
{
return NULL;
}
int GMAPI_sgd2ciphernid(int sgd)
{
return 0;
}
int GMAPI_sgd2mdnid(int sgd)
{
return 0;
}

492
crypto/gmapi/gmapi_skf_ec.c Normal file
View File

@@ -0,0 +1,492 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>
#include <openssl/ec.h>
#include <openssl/gmapi.h>
#include <openssl/skf.h>
#include "../ec/ec_lcl.h"
EC_KEY *EC_KEY_new_from_ECCPUBLICKEYBLOB(const ECCPUBLICKEYBLOB *blob)
{
EC_KEY *ret;
if (!(ret = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB, ERR_R_EC_LIB);
return NULL;
}
if (!EC_KEY_set_ECCPUBLICKEYBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB,
GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED);
EC_KEY_free(ret);
return NULL;
}
return ret;
}
int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob)
{
int ret = 0;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
int nbytes;
if (blob->BitLen != EC_GROUP_get_degree(EC_KEY_get0_group(ec_key))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, GMAPI_R_INVALID_KEY_LENGTH);
return 0;
}
nbytes = (blob->BitLen + 7)/8;
if (!(x = BN_bin2bn(blob->XCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB);
goto end;
}
if (!(y = BN_bin2bn(blob->YCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB);
goto end;
}
if (!EC_KEY_set_public_key_affine_coordinates(ec_key, x, y)) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB, GMAPI_R_INVALID_PUBLIC_KEY);
goto end;
}
ret = 1;
end:
BN_free(x);
BN_free(y);
return ret;
}
int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob)
{
int ret = 0;
int nbytes;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BN_CTX *bn_ctx = NULL;
const EC_GROUP *group = EC_KEY_get0_group(ec_key);
const EC_POINT *point = EC_KEY_get0_public_key(ec_key);
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (nbytes > ECC_MAX_MODULUS_BITS_LEN/8) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
x = BN_new();
y = BN_new();
bn_ctx = BN_CTX_new();
if (!x || !y || !bn_ctx) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_EC_LIB);
goto end;
}
}
memset(blob, 0, sizeof(*blob));
blob->BitLen = EC_GROUP_get_degree(group);
if (!BN_bn2bin(x, blob->XCoordinate + nbytes - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, blob->YCoordinate + nbytes - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_free(x);
BN_free(y);
BN_CTX_free(bn_ctx);
return ret;
}
EC_KEY *EC_KEY_new_from_ECCPRIVATEKEYBLOB(const ECCPRIVATEKEYBLOB *blob)
{
EC_KEY *ret;
if (!(ret = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB, ERR_R_EC_LIB);
return NULL;
}
if (!EC_KEY_set_ECCPRIVATEKEYBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB,
GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED);
EC_KEY_free(ret);
return NULL;
}
return ret;
}
int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob)
{
int ret = 0;
BIGNUM *d = NULL;
int nbytes;
//FIXME: is this right?
if (blob->BitLen != EC_GROUP_get_degree(EC_KEY_get0_group(ec_key))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB, GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
nbytes = (blob->BitLen + 7)/8;
if (!(d = BN_bin2bn(blob->PrivateKey, nbytes, NULL))) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB, ERR_R_BN_LIB);
goto end;
}
if (!EC_KEY_set_private_key(ec_key, d)) {
GMAPIerr(GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB, GMAPI_R_INVALID_PRIVATE_KEY);
goto end;
}
ret = 1;
end:
BN_clear_free(d);
return ret;
}
int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob)
{
int ret = 0;
BIGNUM *order = NULL;
const BIGNUM *d;
int nbytes;
if (!(order = BN_new())) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, NULL)) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, ERR_R_EC_LIB);
goto end;
}
nbytes = BN_num_bytes(order);
if (nbytes > ECC_MAX_MODULUS_BITS_LEN/8) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
if (!(d = EC_KEY_get0_private_key(ec_key))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, GMAPI_R_INVALID_EC_KEY);
goto end;
}
if (!BN_bn2bin(d, blob->PrivateKey + nbytes - BN_num_bytes(d))) {
GMAPIerr(GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB, ERR_R_BN_LIB);
goto end;
}
ret = 1;
end:
BN_free(order);
return ret;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(
const ECCCIPHERBLOB *blob)
{
int ok = 0;
SM2_CIPHERTEXT_VALUE *ret = NULL;
EC_GROUP *group = NULL;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
ERR_R_EC_LIB);
goto end;
}
if (!(ret = SM2_CIPHERTEXT_VALUE_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
GMAPI_R_INVALID_EC_PUBLIC_KEY);
goto end;
}
ok = 1;
end:
if (!ok) {
SM2_CIPHERTEXT_VALUE_free(ret);
ret = NULL;
}
EC_GROUP_free(group);
return ret;
}
int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv,
const ECCCIPHERBLOB *blob)
{
int ret = 0;
EC_GROUP *group = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BN_CTX *bn_ctx = NULL;
int nbytes;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
ERR_R_EC_LIB);
return 0;
}
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (nbytes > ECC_MAX_XCOORDINATE_BITS_LEN/8) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
if (!(x = BN_bin2bn(blob->XCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!(y = BN_bin2bn(blob->YCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!cv->ephem_point) {
if (!(cv->ephem_point = EC_POINT_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
memcpy(cv->mactag, blob->HASH, 32);
cv->mactag_size = 32;
if ((cv->ciphertext_size = blob->CipherLen) <= 0) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
if (!(cv->ciphertext = OPENSSL_realloc(cv->ciphertext, blob->CipherLen))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPI_R_MALLOC_FAILED);
goto end;
}
memcpy(cv->ciphertext, blob->Cipher, blob->CipherLen);
ret = 0;
end:
EC_GROUP_free(group);
BN_free(x);
BN_free(y);
BN_CTX_free(bn_ctx);
return ret;
}
int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv,
ECCCIPHERBLOB *blob)
{
int ret = 0;
EC_GROUP *group = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BN_CTX *bn_ctx = NULL;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
return 0;
}
x = BN_new();
y = BN_new();
bn_ctx = BN_CTX_new();
if (!x || !y || !bn_ctx) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
if ((BN_num_bytes(x) > 256/8) || (BN_num_bytes(y) > 256/8)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_POINT);
goto end;
}
if (!BN_bn2bin(x, blob->XCoordinate + 256/8 - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, blob->YCoordinate + 256/8 - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (cv->mactag_size != 32) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_MAC);
goto end;
}
memcpy(blob->HASH, cv->mactag, cv->mactag_size);
if (cv->ciphertext_size <= 0) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
memcpy(blob->Cipher, cv->ciphertext, cv->ciphertext_size);
ret = 1;
end:
EC_GROUP_free(group);
BN_free(x);
BN_free(y);
BN_CTX_free(bn_ctx);
return ret;
}
ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob)
{
ECDSA_SIG *ret = NULL;
if (!(ret = ECDSA_SIG_new())) {
GMAPIerr(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB,
GMAPI_R_MALLOC_FAILED);
return NULL;
}
if (!ECDSA_SIG_set_ECCSIGNATUREBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB,
GMAPI_R_INVALID_SIGNATURE);
ECDSA_SIG_free(ret);
return NULL;
}
return ret;
}
int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob)
{
if (!(sig->r = BN_bin2bn(blob->r, 256/8, sig->r))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB, ERR_R_BN_LIB);
return SAR_FAIL;
}
if (!(sig->s = BN_bin2bn(blob->s, 256/8, sig->s))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB, ERR_R_BN_LIB);
return SAR_FAIL;
}
return SAR_OK;
}
int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob)
{
if ((BN_num_bytes(sig->r) > 256/8) || (BN_num_bytes(sig->s) > 256/8)) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, GMAPI_R_INVALID_BIGNUM_LENGTH);
return SAR_FAIL;
}
if (!BN_bn2bin(sig->r, blob->r + 256/8 - BN_num_bytes(sig->r))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, ERR_R_BN_LIB);
return SAR_FAIL;
}
if (!BN_bn2bin(sig->s, blob->s + 256/8 - BN_num_bytes(sig->s))) {
GMAPIerr(GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB, ERR_R_BN_LIB);
return SAR_FAIL;
}
return SAR_OK;
}

214
crypto/gmapi/gmapi_skf_rsa.c Normal file
View File

@@ -0,0 +1,214 @@
/* ====================================================================
* Copyright (c) 2015-2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/skf.h>
#include <openssl/gmapi.h>
#include "../rsa/rsa_locl.h"
/* Wrapper functions */
RSA *RSA_new_from_RSAPUBLICKEYBLOB(const RSAPUBLICKEYBLOB *blob)
{
RSA *ret;
if (!(ret = RSA_new())) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB, ERR_R_RSA_LIB);
return NULL;
}
if (!RSA_set_RSAPUBLICKEYBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
RSA_free(ret);
return NULL;
}
return ret;
}
RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob)
{
RSA *ret;
if (!(ret = RSA_new())) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB, ERR_R_RSA_LIB);
return NULL;
}
if (!RSA_set_RSAPRIVATEKEYBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
RSA_free(ret);
return NULL;
}
return ret;
}
int RSA_set_RSAPUBLICKEYBLOB(RSA *rsa, const RSAPUBLICKEYBLOB *blob)
{
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if ((blob->BitLen < 1024) || (blob->BitLen > MAX_RSA_MODULUS_LEN*8) ||
(blob->BitLen / 8 != 0)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_KEY_LENGTH);
return 0;
}
if (!(rsa->n = BN_bin2bn(blob->Modulus, blob->BitLen/8, rsa->n))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
if (!(rsa->e = BN_bin2bn(blob->PublicExponent, MAX_RSA_EXPONENT_LEN,
rsa->e))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
if (!RSA_check_key(rsa)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
return 1;
}
int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob)
{
int nbytes;
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!rsa->n || !rsa->e) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
nbytes = BN_num_bytes(rsa->n);
if (!BN_bn2bin(rsa->n, blob->Modulus) || !BN_bn2bin(rsa->e,
blob->PublicExponent + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e))) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED);
return 0;
}
return 1;
}
int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob)
{
int nbytes;
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (blob->AlgID != SGD_RSA) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_ALGOR);
return 0;
}
if ((blob->BitLen < 1024) || (blob->BitLen > MAX_RSA_MODULUS_LEN*8) ||
(blob->BitLen % 8 != 0) || (blob->BitLen % 16 != 0)) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_KEY_LENGTH);
return 0;
}
nbytes = blob->BitLen/8;
if (!(rsa->n = BN_bin2bn(blob->Modulus, nbytes, rsa->n)) ||
!(rsa->e = BN_bin2bn(blob->PublicExponent, MAX_RSA_EXPONENT_LEN, rsa->e)) ||
!(rsa->d = BN_bin2bn(blob->PrivateExponent, nbytes, rsa->d)) ||
!(rsa->p = BN_bin2bn(blob->Prime1, nbytes/2, rsa->p)) ||
!(rsa->q = BN_bin2bn(blob->Prime2, nbytes/2, rsa->q)) ||
!(rsa->dmp1 = BN_bin2bn(blob->Prime1Exponent, nbytes/2, rsa->dmp1)) ||
!(rsa->dmq1 = BN_bin2bn(blob->Prime2Exponent, nbytes/2, rsa->dmq1)) ||
!(rsa->iqmp = BN_bin2bn(blob->Coefficient, nbytes/2, rsa->iqmp))) {
GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
return 1;
}
int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob)
{
int nbytes;
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q ||
!rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
memset(blob, 0, sizeof(*blob));
blob->AlgID = SGD_RSA;
blob->BitLen = BN_num_bits(rsa->n);
nbytes = BN_num_bytes(rsa->n);
if (!BN_bn2bin(rsa->n, blob->Modulus) ||
!BN_bn2bin(rsa->e, blob->PublicExponent + MAX_RSA_EXPONENT_LEN - BN_num_bytes(rsa->e)) ||
!BN_bn2bin(rsa->d, blob->PrivateExponent + nbytes - BN_num_bytes(rsa->d)) ||
!BN_bn2bin(rsa->p, blob->Prime1 + nbytes/2 - BN_num_bytes(rsa->p)) ||
!BN_bn2bin(rsa->q, blob->Prime2 + nbytes/2 - BN_num_bytes(rsa->q)) ||
!BN_bn2bin(rsa->dmp1, blob->Prime1Exponent + nbytes/2 - BN_num_bytes(rsa->dmp1)) ||
!BN_bn2bin(rsa->dmq1, blob->Prime2Exponent + nbytes/2 - BN_num_bytes(rsa->dmq1)) ||
!BN_bn2bin(rsa->iqmp, blob->Coefficient + nbytes/2 - BN_num_bytes(rsa->iqmp))) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
return 1;
}

3
include/openssl/err.h
View File

@@ -98,6 +98,7 @@ typedef struct err_state_st {
# define ERR_LIB_PAILLIER 55
# define ERR_LIB_CPK 56
# define ERR_LIB_OTP 57
# define ERR_LIB_GMAPI 58
# define ERR_LIB_USER 128
@@ -141,6 +142,7 @@ typedef struct err_state_st {
# define PAILLIERerr(f,r) ERR_PUT_error(ERR_LIB_PAILLIER,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define CPKerr(f,r) ERR_PUT_error(ERR_LIB_CPK,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define OTPerr(f,r) ERR_PUT_error(ERR_LIB_OTP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define GMAPIerr(f,r) ERR_PUT_error(ERR_LIB_GMAPI,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define ERR_PACK(l,f,r) ( \
(((unsigned int)(l) & 0x0FF) << 24L) | \
@@ -193,6 +195,7 @@ typedef struct err_state_st {
# define ERR_R_PAILLIER_LIB ERR_LIB_PAILLIER/* 55 */
# define ERR_R_CPK_LIB ERR_LIB_CPK/* 56 */
# define ERR_R_OTP_LIB ERR_LIB_OTP/* 57 */
# define ERR_R_GMAPI_LIB ERR_LIB_GMAPI/* 58 */
# define ERR_R_NESTED_ASN1_ERROR 58
# define ERR_R_MISSING_ASN1_EOS 63

299
include/openssl/gmapi.h Normal file
View File

@@ -0,0 +1,299 @@
/* ====================================================================
* Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Converting types between native types and GM API types
*/
#ifndef HEADER_GMAPI_H
#define HEADER_GMAPI_H
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/sgd.h>
#include <openssl/saf.h>
#include <openssl/sdf.h>
#include <openssl/skf.h>
#include <openssl/sof.h>
#ifdef __cplusplus
extern "C" {
#endif
const char *GMAPI_keyusage2str(int usage);
int GMAPI_sgd2ciphernid(int sgd);
int GMAPI_sgd2mdnid(int sgd);
/* SGD <==> EVP */
const EVP_MD *EVP_get_digestbysgd(int sgd);
const EVP_CIPHER *EVP_get_cipherbysgd(int sgd);
/* SDF types <==> Native types */
RSA *RSA_new_from_RSArefPublicKey(const RSArefPublicKey *ref);
RSA *RSA_new_from_RSArefPrivateKey(const RSArefPrivateKey *ref);
int RSA_set_RSArefPublicKey(RSA *rsa, const RSArefPublicKey *ref);
int RSA_set_RSArefPrivateKey(RSA *rsa, const RSArefPrivateKey *ref);
int RSA_get_RSArefPublicKey(RSA *rsa, RSArefPublicKey *ref);
int RSA_get_RSArefPrivateKey(RSA *rsa, RSArefPrivateKey *ref);
EC_KEY *EC_KEY_new_from_ECCrefPublicKey(const ECCrefPublicKey *ref);
EC_KEY *EC_KEY_new_from_ECCrefPrivateKey(const ECCrefPrivateKey *ref);
int EC_KEY_set_ECCrefPublicKey(EC_KEY *ec_key, const ECCrefPublicKey *ref);
int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref);
int EC_KEY_get_ECCrefPublicKey(EC_KEY *ec_key, ECCrefPublicKey *ref);
int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv, const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv, ECCCipher *ref);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref);
int ECDSA_SIG_set_ECCSignature(ECDSA_SIG *sig, const ECCSignature *ref);
int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref);
/* SKF types <==> Native types */
RSA *RSA_new_from_RSAPUBLICKEYBLOB(const RSAPUBLICKEYBLOB *blob);
RSA *RSA_new_from_RSAPRIVATEKEYBLOB(const RSAPRIVATEKEYBLOB *blob);
int RSA_set_RSAPUBLICKEYBLOB(RSA *rsa, const RSAPUBLICKEYBLOB *blob);
int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob);
int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob);
int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob);
EC_KEY *EC_KEY_new_from_ECCPUBLICKEYBLOB(const ECCPUBLICKEYBLOB *blob);
EC_KEY *EC_KEY_new_from_ECCPRIVATEKEYBLOB(const ECCPRIVATEKEYBLOB *blob);
int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob);
int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob);
int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob);
int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv, const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv, ECCCIPHERBLOB *blob);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob);
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_GMAPI_strings(void);
/* Error codes for the GMAPI functions. */
/* Function codes. */
# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATURE 100
# define GMAPI_F_ECDSA_SIG_GET_ECCSIGNATUREBLOB 101
# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATURE 102
# define GMAPI_F_ECDSA_SIG_NEW_FROM_ECCSIGNATUREBLOB 103
# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATURE 104
# define GMAPI_F_ECDSA_SIG_SET_ECCSIGNATUREBLOB 105
# define GMAPI_F_EC_KEY_GET_ECCPRIVATEKEYBLOB 106
# define GMAPI_F_EC_KEY_GET_ECCPUBLICKEYBLOB 107
# define GMAPI_F_EC_KEY_GET_ECCREFPRIVATEKEY 108
# define GMAPI_F_EC_KEY_GET_ECCREFPUBLICKEY 109
# define GMAPI_F_EC_KEY_NEW_FROM_ECCPRIVATEKEYBLOB 110
# define GMAPI_F_EC_KEY_NEW_FROM_ECCPUBLICKEYBLOB 111
# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPRIVATEKEY 112
# define GMAPI_F_EC_KEY_NEW_FROM_ECCREFPUBLICKEY 113
# define GMAPI_F_EC_KEY_SET_ECCPRIVATEKEYBLOB 114
# define GMAPI_F_EC_KEY_SET_ECCPUBLICKEYBLOB 115
# define GMAPI_F_EC_KEY_SET_ECCREFPRIVATEKEY 116
# define GMAPI_F_EC_KEY_SET_ECCREFPUBLICKEY 117
# define GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB 118
# define GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB 119
# define GMAPI_F_RSA_GET_RSAREFPRIVATEKEY 120
# define GMAPI_F_RSA_GET_RSAREFPUBLICKEY 121
# define GMAPI_F_RSA_NEW_FROM_RSAPRIVATEKEYBLOB 122
# define GMAPI_F_RSA_NEW_FROM_RSAPUBLICKEYBLOB 123
# define GMAPI_F_RSA_NEW_FROM_RSAREFPRIVATEKEY 124
# define GMAPI_F_RSA_NEW_FROM_RSAREFPUBLICKEY 125
# define GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB 126
# define GMAPI_F_RSA_SET_RSAPUBLICKEYBLOB 127
# define GMAPI_F_RSA_SET_RSAREFPRIVATEKEY 128
# define GMAPI_F_RSA_SET_RSAREFPUBLICKEY 129
# define GMAPI_F_SAF_BASE64_CREATEBASE64OBJ 130
# define GMAPI_F_SAF_BASE64_DECODE 131
# define GMAPI_F_SAF_BASE64_DECODEFINAL 132
# define GMAPI_F_SAF_BASE64_DECODEUPDATE 133
# define GMAPI_F_SAF_BASE64_ENCODE 134
# define GMAPI_F_SAF_BASE64_ENCODEFINAL 135
# define GMAPI_F_SAF_BASE64_ENCODEUPDATE 136
# define GMAPI_F_SAF_CREATESYMMKEYOBJ 137
# define GMAPI_F_SAF_ECCPUBLICKEYENC 138
# define GMAPI_F_SAF_ECCPUBLICKEYENCBYCERT 139
# define GMAPI_F_SAF_ECCSIGN 140
# define GMAPI_F_SAF_ECCVERIFYSIGN 141
# define GMAPI_F_SAF_ECCVERIFYSIGNBYCERT 142
# define GMAPI_F_SAF_GENECCKEYPAIR 143
# define GMAPI_F_SAF_GENERATEAGREEMENTDATAWITHECC 144
# define GMAPI_F_SAF_GENERATEKEYWITHECC 145
# define GMAPI_F_SAF_GETECCPUBLICKEY 146
# define GMAPI_F_SAF_MACFINAL 147
# define GMAPI_F_SAF_MACUPDATE 148
# define GMAPI_F_SAF_PKCS7_DECODEDIGESTEDDATA 149
# define GMAPI_F_SAF_PKCS7_ENCODEDIGESTEDDATA 150
# define GMAPI_F_SAF_SYMMDECRYPTUPDATE 151
# define GMAPI_F_SAF_SYMMENCRYPTUPDATE 152
# define GMAPI_F_SKF_CLOSEHANDLE 153
# define GMAPI_F_SKF_DECRYPT 154
# define GMAPI_F_SKF_DECRYPTFINAL 155
# define GMAPI_F_SKF_DECRYPTINIT 156
# define GMAPI_F_SKF_DECRYPTUPDATE 157
# define GMAPI_F_SKF_DIGEST 158
# define GMAPI_F_SKF_DIGESTFINAL 159
# define GMAPI_F_SKF_DIGESTINIT 160
# define GMAPI_F_SKF_DIGESTUPDATE 161
# define GMAPI_F_SKF_ENCRYPT 162
# define GMAPI_F_SKF_ENCRYPTFINAL 163
# define GMAPI_F_SKF_ENCRYPTINIT 164
# define GMAPI_F_SKF_ENCRYPTUPDATE 165
# define GMAPI_F_SKF_EXTECCDECRYPT 166
# define GMAPI_F_SKF_EXTECCENCRYPT 167
# define GMAPI_F_SKF_EXTECCSIGN 168
# define GMAPI_F_SKF_EXTECCVERIFY 169
# define GMAPI_F_SKF_EXTRSAPRIKEYOPERATION 170
# define GMAPI_F_SKF_EXTRSAPUBKEYOPERATION 171
# define GMAPI_F_SKF_GENEXTECCKEYPAIR 172
# define GMAPI_F_SKF_GENEXTRSAKEY 173
# define GMAPI_F_SKF_GENRANDOM 174
# define GMAPI_F_SKF_GETDEVINFO 175
# define GMAPI_F_SKF_GETDEVSTATE 176
# define GMAPI_F_SKF_HANDLE_GET_CBCMAC_CTX 177
# define GMAPI_F_SKF_HANDLE_GET_CIPHER 178
# define GMAPI_F_SKF_HANDLE_GET_CIPHER_CTX 179
# define GMAPI_F_SKF_HANDLE_GET_KEY 180
# define GMAPI_F_SKF_HANDLE_GET_MD_CTX 181
# define GMAPI_F_SKF_MAC 182
# define GMAPI_F_SKF_MACFINAL 183
# define GMAPI_F_SKF_MACINIT 184
# define GMAPI_F_SKF_MACUPDATE 185
# define GMAPI_F_SKF_SETSYMMKEY 186
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER 187
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB 188
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER 189
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB 190
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER 191
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB 192
/* Reason codes. */
# define GMAPI_R_BUFFER_TOO_SMALL 100
# define GMAPI_R_CBCMAC_FAILURE 101
# define GMAPI_R_CTX_NOT_CREATED 102
# define GMAPI_R_DECODE_EC_PRIVATE_KEY_FAILED 103
# define GMAPI_R_DECODE_EC_PUBLIC_KEY_FAILED 104
# define GMAPI_R_DECRYPT_FAILED 105
# define GMAPI_R_ENCODE_CIPHERTEXT_FAILED 106
# define GMAPI_R_ENCODE_FAILED 107
# define GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED 108
# define GMAPI_R_ENCODE_SIGNATURE_FAILED 109
# define GMAPI_R_ENCRYPT_FAILED 110
# define GMAPI_R_FAIL 111
# define GMAPI_R_GEN_RANDOM 112
# define GMAPI_R_GEN_RSA_FAILED 113
# define GMAPI_R_GET_PRIVATE_KEY_FAILED 114
# define GMAPI_R_GET_PUBLIC_KEY_FAILED 115
# define GMAPI_R_INT_OVERFLOW 116
# define GMAPI_R_INVALID_ALGID 117
# define GMAPI_R_INVALID_ALGOR 118
# define GMAPI_R_INVALID_ARGUMENTS 119
# define GMAPI_R_INVALID_BIGNUM_LENGTH 120
# define GMAPI_R_INVALID_BLOB 121
# define GMAPI_R_INVALID_CIPHERTEXT 122
# define GMAPI_R_INVALID_CIPHERTEXT_LENGTH 123
# define GMAPI_R_INVALID_CIPHERTEXT_MAC 124
# define GMAPI_R_INVALID_CIPHERTEXT_POINT 125
# define GMAPI_R_INVALID_CIPHER_CTX_HANDLE 126
# define GMAPI_R_INVALID_CIPHETEXT_LENGTH 127
# define GMAPI_R_INVALID_CONTEXT 128
# define GMAPI_R_INVALID_DIGEST_ALGOR 129
# define GMAPI_R_INVALID_DIGEST_LENGTH 130
# define GMAPI_R_INVALID_ECC_PRIVATE_KEY 131
# define GMAPI_R_INVALID_ECC_PUBLIC_KEY 132
# define GMAPI_R_INVALID_EC_KEY 133
# define GMAPI_R_INVALID_EC_PRIVATE_KEY 134
# define GMAPI_R_INVALID_EC_PUBLIC_KEY 135
# define GMAPI_R_INVALID_FEED_BIT_LENGTH 136
# define GMAPI_R_INVALID_HANDLE 137
# define GMAPI_R_INVALID_HANDLE_ALGOR 138
# define GMAPI_R_INVALID_HANDLE_MAGIC 139
# define GMAPI_R_INVALID_HANDLE_TYPE 140
# define GMAPI_R_INVALID_HASH_HANDLE 141
# define GMAPI_R_INVALID_ID_LENGTH 142
# define GMAPI_R_INVALID_INPUT_LENGTH 143
# define GMAPI_R_INVALID_IV_LENGTH 144
# define GMAPI_R_INVALID_KEY_HANDLE 145
# define GMAPI_R_INVALID_KEY_LENGTH 146
# define GMAPI_R_INVALID_KEY_USAGE 147
# define GMAPI_R_INVALID_LENGTH 148
# define GMAPI_R_INVALID_MAC_HANDLE 149
# define GMAPI_R_INVALID_PLAINTEXT_LENGTH 150
# define GMAPI_R_INVALID_PRIVATE_KEY 151
# define GMAPI_R_INVALID_PUBLIC_KEY 152
# define GMAPI_R_INVALID_RANDOM_LENGTH 153
# define GMAPI_R_INVALID_RSA_KEY_LENGTH 154
# define GMAPI_R_INVALID_RSA_PRIVATE_KEY 155
# define GMAPI_R_INVALID_RSA_PUBLIC_KEY 156
# define GMAPI_R_INVALID_SIGNATURE 157
# define GMAPI_R_INVALID_SM2_CIPHERTEXT 158
# define GMAPI_R_INVALID_SM2_SIGNATURE 159
# define GMAPI_R_MAC_FAILURE 160
# define GMAPI_R_MALLOC_FAILED 161
# define GMAPI_R_NOT_CONVERTABLE 162
# define GMAPI_R_NO_PUBLIC_KEY 163
# define GMAPI_R_NULL_ARGUMENT 164
# define GMAPI_R_OPERATION_NOT_INITIALIZED 165
# define GMAPI_R_SAF_ERROR 166
# define GMAPI_R_SIGN_FAILED 167
# define GMAPI_R_VERIFY_NOT_PASS 168
# ifdef __cplusplus
}
# endif
#endif

315
include/openssl/sgd.h Normal file
View File

@@ -0,0 +1,315 @@
/* ====================================================================
* Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* this header file is based on the standard GM/T 0006-2012
* Cryptographic Application Identifier Criterion Specification
*/
#ifndef HEADER_SGD_H
#define HEADER_SGD_H
#include <stdint.h>
/* block cipher modes */
#define SGD_ECB 0x01
#define SGD_CBC 0x02
#define SGD_CFB 0x04
#define SGD_OFB 0x08
#define SGD_MAC 0x10
/* stream cipher modes */
#define SGD_EEA3 0x01
#define SGD_EIA3 0x02
/* ciphers */
#define SGD_SM1 0x00000100
#define SGD_SSF33 0x00000200
#define SGD_SM4 0x00000400
#define SGD_ZUC 0x00000800
/* ciphers with modes */
#define SGD_SM1_ECB (SGD_SM1|SGD_ECB)
#define SGD_SM1_CBC (SGD_SM1|SGD_CBC)
#define SGD_SM1_CFB (SGD_SM1|SGD_CFB)
#define SGD_SM1_OFB (SGD_SM1|SGD_OFB)
#define SGD_SM1_MAC (SGD_SM1|SGD_MAC)
#define SGD_SSF33_ECB (SGD_SSF33|SGD_ECB)
#define SGD_SSF33_CBC (SGD_SSF33|SGD_CBC)
#define SGD_SSF33_CFB (SGD_SSF33|SGD_CFB)
#define SGD_SSF33_OFB (SGD_SSF33|SGD_OFB)
#define SGD_SSF33_MAC (SGD_SSF33|SGD_MAC)
#define SGD_SM4_ECB (SGD_SM4|SGD_ECB)
#define SGD_SM4_CBC (SGD_SM4|SGD_CBC)
#define SGD_SM4_CFB (SGD_SM4|SGD_CFB)
#define SGD_SM4_OFB (SGD_SM4|SGD_OFB)
#define SGD_SM4_MAC (SGD_SM4|SGD_MAC)
#define SGD_ZUC_EEA3 (SGD_ZUC|SGD_EEA3)
#define SGD_ZUC_EIA3 (SGD_ZUC|SGD_EIA3)
/* public key usage */
#define SGD_PK_SIGN 0x0100
#define SGD_PK_DH 0x0200
#define SGD_PK_ENC 0x0400
/* public key types */
#define SGD_RSA 0x00010000
#define SGD_RSA_SIGN (SGD_RSA|SGD_PK_SIGN)
#define SGD_RSA_ENC (SGD_RSA|SGD_PK_ENC)
#define SGD_SM2 0x00020000
#define SGD_SM2_1 (SGD_SM2|SGD_PK_SIGN)
#define SGD_SM2_2 (SGD_SM2|SGD_PK_DH)
#define SGD_SM2_3 (SGD_SM2|SGD_PK_ENC)
/* hash */
#define SGD_SM3 0x00000001
#define SGD_SHA1 0x00000002
#define SGD_SHA256 0x00000004
#define SGD_HASH_FROM 0x00000008
#define SGD_HASH_TO 0x000000FF
/* signatue schemes */
#define SGD_SM3_RSA (SGD_SM3|SGD_RSA)
#define SGD_SHA1_RSA (SGD_SHA1|SGD_RSA)
#define SGD_SHA256_RSA (SGD_SHA256|SGD_RSA)
#define SGD_SM3_SM2 (SGD_SM3|SGD_SM2)
#define SGD_SIG_FROM 0x00040000
#define SGD_SIG_TO 0x800000FF
/* data types */
typedef char SGD_CHAR;
typedef char SGD_INT8;
typedef int16_t SGD_INT16;
typedef int32_t SGD_INT32;
typedef int64_t SGD_INT64;
typedef unsigned char SGD_UCHAR;
typedef uint8_t SGD_UINT8;
typedef uint16_t SGD_UINT16;
typedef uint32_t SGD_UINT32;
typedef uint64_t SGD_UINT64;
typedef uint32_t SGD_RV;
typedef void * SGD_OBJ;
typedef int32_t SGD_BOOL;
#define SGD_TRUE 0x00000001
#define SGD_FALSE 0x00000000
#define SGD_KEY_INDEX 0x00000101
#define SGD_SECRET_KEY 0x00000102
#define SGD_PUBLIC_KEY_SIGN 0x00000103
#define SGD_PUBLIC_KEY_ENCRYPT 0x00000104
#define SGD_PRIVATE_KEY_SIGN 0x00000105
#define SGD_PRIVATE_KEY_ENCRYPT 0x00000106
#define SGD_KEY_COMPONENT 0x00000107
#define SGD_PASSWORD 0x00000108
#define SGD_PUBLIC_KEY_CERT 0x00000109
#define SGD_ATTRIBUTE_CERT 0x1000010A
#define SGD_SIGNATURE_DATA 0x10000111
#define SGD_ENVELOPE_DATA 0x10000112
#define SGD_RANDOM_DATA 0x10000113
#define SGD_PLAIN_DATA 0x10000114
#define SGD_CIPHER_DATA 0x10000115
#define SGD_DIGEST_DATA 0x10000116
#define SGD_USER_DATA 0x10000117
/* certificate */
#define SGD_CERT_VERSION 0x00000001
#define SGD_CERT_SERIAL 0x00000002
#define SGD_CERT_ISSUER 0x00000005
#define SGD_CERT_VALID_TIME 0x00000006
#define SGD_CERT_SUBJECT 0x00000007
#define SGD_CERT_DER_PUBLIC_KEY 0x00000008
#define SGD_CERT_DER_EXTENSIONS 0x00000009
#define SGD_EXT_AUTHORITYKEYIDENTIFIER_INFO 0x00000011
#define SGD_EXT_SUBJECTKEYIDENTIFIER_INFO 0x00000012
#define SGD_EXT_KEYUSAGE_INFO 0x00000013
#define SGD_EXT_PRIVATEKEYUSAGEPERIOD_INFO 0x00000014
#define SGD_EXT_CERTIFICATEPOLICIES_INFO 0x00000015
#define SGD_EXT_POLICYMAPPINGS_INFO 0x00000016
#define SGD_EXT_BASICCONSTRAINTS_INFO 0x00000017
#define SGD_EXT_POLICYCONSTRAINTS_INFO 0x00000018
#define SGD_EXT_EXTKEYUSAGE_INFO 0x00000019
#define SGD_EXT_CRLDISTRIBUTIONPOINTS_INFO 0x0000001A
#define SGD_EXT_NETSCAPE_CERT_TYPE_INFO 0x0000001B
#define SGD_EXT_SELFDEFINED_EXTENSION_INFO 0x0000001C
#define SGD_CERT_ISSUER_CN 0x00000021
#define SGD_CERT_ISSUER_O 0x00000022
#define SGD_CERT_ISSUER_OU 0x00000023
#define SGD_CERT_SUBJECT_CN 0x00000031
#define SGD_CERT_SUBJECT_O 0x00000032
#define SGD_CERT_SUBJECT_OU 0x00000033
#define SGD_CERT_SUBJECT_EMAIL 0x00000034
#define SGD_CERT_NOTBEFORE_TIME 0x00000035
#define SGD_CERT_NOTAFTER_TIME 0x00000036
/* timestamp info */
#define SGD_TIME_OF_STAMP 0x00000201
#define SGD_CN_OF_TSSIGNER 0x00000202 /* Common Name of TS Signer */
#define SGD_ORININAL_DATA 0x00000203
#define SGD_CERT_OF_TSSSERVER 0x00000204
#define SGD_GERTCHAIN_OF_TSSERVER 0x00000205
#define SGD_SOURCE_OF_TIME 0x00000206
#define SGD_TIME_PRECISION 0x00000207
#define SGD_RESPONSE_TYPE 0x00000208
#define SGD_SUBJECT_COUNTRY_OF_TSSIGNER 0x00000209
#define SGD_SUBJECT_ORGNIZATION_OF_TSSIGNER 0x0000020A
#define SGD_SUJECT_CITY_OF_TSSIGNER 0x0000020B
#define SGD_SUBJECT_EMAIL_OF_TSSIGNER 0x0000020C
/* single sign-on */
#define SGD_SP_ID 0x00000001
#define SGD_SP_USER_ID 0x00000002
#define SGD_IDP_ID 0x00000003
#define SGD_IDP_USER_ID 0x00000004
/* data encoding */
#define SGD_ENCODING_RAW 0x00000000
#define SGD_ENCODING_DER 0x01000000
#define SGD_ENCODING_BASE64 0x02000000
#define SGD_ENCODING_PEM 0x03000000
#define SGD_ENCODING_TXT 0x04000000
/* APIs */
#define SGD_PROTOCOL_CSP 1 /* Microsoft CryptoAPI */
#define SGD_PROTOCOL_PKCS11 2 /* PKCS#11 */
#define SGD_PROTOCOL_SDS 3 /* SDF API */
#define SGD_PROTOCOL_UKEY 4 /* SKF API */
#define SGD_PROTOCOL_CNG 5 /* Microsoft CryptoAPI Next Gen */
#define SGD_PROTOCOL_GCS 6 /* */
/* certificate validation */
#define SGD_CRL_VERIFY 1
#define SGD_OCSP_VEIFY 2
/* role */
#define SGD_ROLE_SUPER_MANAGER 0x00000001
#define SGD_ROLE_MANAGER 0x00000002
#define SGD_ROLE_AUDIT_MANAGER 0x00000003
#define SGD_ROLE_AUDITOR 0x00000004
#define SGD_ROLE_OPERATOR 0x00000005
#define SGD_ROLE_USER 0x00000006
/* user operations */
#define SGD_OPERATION_SIGNIN 0x00000001
#define SGD_OPERATION_SIGNOUT 0x00000002
#define SGD_OPERATION_CREATE 0x00000003
#define SGD_OPERATION_DELETE 0x00000004
#define SGD_OPERATION_MODIFY 0x00000005
#define SGD_OPERATION_CHG_PWD 0x00000006
#define SGD_OPERATION_AUTHORIZATION 0x00000007
/* user operation results */
#define SGD_OPERATION_SUCCESS 0x00000000
/* key types */
#define SGD_MAIN_KEY 0x00000101
#define SGD_DEVICE_KEYS 0x00000102
#define SGD_USER_KEYS 0x00000103
#define SGD_KEY 0x00000104
#define SGD_SESSION_KEY 0x00000105
#define SGD_PRIKEY_PASSWD 0x00000106
#define SGD_COMPARTITION_KEY 0x00000107
/* key operations */
#define SGD_KEY_GENERATION 0x00000101
#define SGD_KEY_DISPENSE 0x00000102
#define SGD_KEY_IMPORT 0x00000103
#define SGD_KEY_EXPORT 0x00000104
#define SGD_KEY_DIVISION 0x00000105
#define SGD_KEY_COMPOSE 0x00000106
#define SGD_KEY_RENEWAL 0x00000107
#define SGD_KEY_BACKUP 0x00000108
#define SGD_KEY_RESTORE 0x00000109
#define SGD_KEY_DESTORY 0x0000010A
/* system operations */
#define SGD_SYSTEM_INIT 0x00000201
#define SGD_SYSTEM_START 0x00000202
#define SGD_SYSTEM_SHUT 0x00000203
#define SGD_SYSTEM_RESTART 0x00000204
#define SGD_SYSTEM_QUERY 0x00000205
#define SGD_SYSTEM_BACKUP 0x00000206
#define SGD_SYSTEM_RESTORE 0x00000207
/* device info */
#define SGD_DEVICE_SORT 0x00000201
#define SGD_DEVICE_TYPE 0x00000202
#define SGD_DEVICE_NAME 0x00000203
#define SGD_DEVICE_MANUFACTURER 0x00000204
#define SGD_DEVICE_HARDWARE_VERSION 0x00000205
#define SGD_DEVICE_SOFTWARE_VERSION 0x00000206
#define SGD_DEVICE_STANDARD_VERSION 0x00000207
#define SGD_DEVICE_SERIAL_NUMBER 0x00000208
#define SGD_DEVICE_SUPPORT_SYMM_ALG 0x00000209
#define SGD_DEVICE_SUPPORT_PKEY_ALG 0x0000020A
#define SGD_DEVICE_SUPPORT_HASH_ALG 0x0000020B
#define SGD_DEVICE_SUPPORT_STORAGE_SPACE 0x0000020C
#define SGD_DEVICE_SUPPORT_FREE_SPACE 0x0000020D
#define SGD_DEVICE_RUNTIME 0x0000020E
#define SGD_DEVICE_USED_TIMES 0x0000020F
#define SGD_DEVICE_LOCATION 0x00000210
#define SGD_DEVICE_DESCRIPTION 0x00000211
#define SGD_DEVICE_MANAGER_INFO 0x00000212
#define SGD_DEVICE_MAX_DATA_SIZE 0x00000213
/* device types */
#define SGD_DEVICE_SORT_SJ 0x02000000 /* Server */
#define SGD_DEVICE_SORT_SK 0x03000000 /* PCI-E Card */
#define SGD_DEVICE_SORT_SM 0x04000000 /* USB-Key and SmartCard */
/* device functionality */
#define SGD_DEVICE_SORT_FE 0x00000100 /* encryption */
#define SGD_DEVICE_SORT_FA 0x00000200 /* authentication */
#define SGD_DEVICE_SORT_FM 0x00000300 /* key management */
/* device status */
#define SGD_STATUS_INIT 0x00000201
#define SGD_STATUS_READY 0x00000202
#define SGD_STATUS_EXCEPTION 0x00000203
#endif

6
test/build.info
View File

@@ -18,7 +18,7 @@ IF[{- !$disabled{tests} -}]
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
sm3test sms4test kdf2test eciestest ffxtest sm2test \
pailliertest cpktest otptest
pailliertest cpktest otptest gmapitest
SOURCE[aborttest]=aborttest.c
INCLUDE[aborttest]=../include
@@ -321,6 +321,10 @@ IF[{- !$disabled{tests} -}]
INCLUDE[otptest]=../include
DEPEND[otptest]=../libcrypto
SOURCE[gmapitest]=gmapitest.c
INCLUDE[gmapitest]=../include
DEPEND[gmapitest]=../libcrypto
IF[{- !$disabled{shared} -}]
PROGRAMS_NO_INST=shlibloadtest
SOURCE[shlibloadtest]=shlibloadtest.c

291
test/gmapitest.c Normal file
View File

@@ -0,0 +1,291 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* we need some testing data for signature and ciphertext
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "../e_os.h"
#ifdef OPENSSL_NO_GMAPI
int main(int argc, char **argv)
{
printf("NO GMAPI support\n");
return 0;
}
#else
# include <openssl/evp.h>
# include <openssl/gmapi.h>
static int test_sgd(int verbose)
{
int usage[] = {
SGD_PK_SIGN,
SGD_PK_DH,
SGD_PK_ENC,
};
int cipher[] = {
SGD_SM1_ECB,
SGD_SM1_CBC,
SGD_SM1_CFB,
SGD_SM1_OFB,
SGD_SSF33_ECB,
SGD_SSF33_CBC,
SGD_SSF33_CFB,
SGD_SSF33_OFB,
SGD_SM4_ECB,
SGD_SM4_CBC,
SGD_SM4_CFB,
SGD_SM4_OFB,
SGD_ZUC_EEA3,
};
int md[] = {
SGD_SM3,
SGD_SHA1,
SGD_SHA256,
};
int i;
for (i = 0; i < OSSL_NELEM(usage); i++) {
if (!GMAPI_keyusage2str(usage[i])) {
return 0;
}
}
for (i = 0; i < OSSL_NELEM(cipher); i++) {
if (GMAPI_sgd2ciphernid(cipher[i]) == NID_undef) {
return 0;
}
}
for (i = 0; i < OSSL_NELEM(md); i++) {
if (GMAPI_sgd2mdnid(md[i]) == NID_undef) {
return 0;
}
}
return 1;
}
static int test_sdf_rsa(int verbose)
{
int ret = 0;
unsigned char pkbuf[] = {
0x01, 0x02,
};
unsigned char skbuf[] = {
0x01, 0x02,
};
RSArefPublicKey *pkref = (RSArefPublicKey *)pkbuf;
RSArefPrivateKey *skref = (RSArefPrivateKey *)skbuf;
RSA *pk = NULL;
RSA *sk = NULL;
if (!(pk = RSA_new_from_RSArefPublicKey(pkref))
|| !RSA_set_RSArefPublicKey(pk, pkref)
|| !RSA_get_RSArefPublicKey(pk, pkref)
|| !(sk = RSA_new_from_RSArefPrivateKey(skref))
|| !RSA_set_RSArefPrivateKey(sk, skref)
|| !RSA_get_RSArefPrivateKey(sk, skref)) {
goto end;
}
ret = 1;
end:
RSA_free(pk);
RSA_free(sk);
return ret;
}
static int test_sdf_ec(int verbose)
{
int ret = 0;
unsigned char pkbuf[] = {
0x01, 0x02,
};
unsigned char skbuf[] = {
0x01, 0x02,
};
unsigned char cvbuf[] = {
0x01, 0x02,
};
unsigned char sigbuf[] = {
0x01, 0x02,
};
ECCrefPublicKey *pkref = (ECCrefPublicKey *)pkbuf;
ECCrefPrivateKey *skref = (ECCrefPrivateKey *)skbuf;
ECCCipher *cvref = (ECCCipher *)cvbuf;
ECCSignature *sigref = (ECCSignature *)sigbuf;
EC_KEY *pk = NULL;
EC_KEY *sk = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
ECDSA_SIG *sig = NULL;
if (!(pk = EC_KEY_new_from_ECCrefPublicKey(pkref))
|| !EC_KEY_set_ECCrefPublicKey(pk, pkref)
|| !EC_KEY_get_ECCrefPublicKey(pk, pkref)
|| !(sk = EC_KEY_new_from_ECCrefPrivateKey(skref))
|| !EC_KEY_set_ECCrefPrivateKey(sk, skref)
|| !EC_KEY_get_ECCrefPrivateKey(sk, skref)
|| !(cv = SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(cvref))
|| !SM2_CIPHERTEXT_VALUE_set_ECCCipher(cv, cvref)
|| !SM2_CIPHERTEXT_VALUE_get_ECCCipher(cv, cvref)
|| !(sig = ECDSA_SIG_new_from_ECCSignature(sigref))
|| !ECDSA_SIG_set_ECCSignature(sig, sigref)
|| !ECDSA_SIG_get_ECCSignature(sig, sigref)) {
goto end;
}
ret = 1;
end:
EC_KEY_free(pk);
EC_KEY_free(sk);
SM2_CIPHERTEXT_VALUE_free(cv);
ECDSA_SIG_free(sig);
return ret;
}
static int test_skf_rsa(int verbose)
{
int ret = 0;
unsigned char pkbuf[] = {
0x01, 0x02,
};
unsigned char skbuf[] = {
0x01, 0x02,
};
RSAPUBLICKEYBLOB *pkref = (RSAPUBLICKEYBLOB *)pkbuf;
RSArefPrivateKey *skref = (RSArefPrivateKey *)skbuf;
RSA *pk = NULL;
RSA *sk = NULL;
if (!(pk = RSA_new_from_RSAPUBLICKEYBLOB(pkref))
|| !RSA_set_RSAPUBLICKEYBLOB(pk, pkref)
|| !RSA_get_RSAPUBLICKEYBLOB(pk, pkref)
|| !(sk = RSA_new_from_RSArefPrivateKey(skref))
|| !RSA_set_RSArefPrivateKey(sk, skref)
|| !RSA_get_RSArefPrivateKey(sk, skref)) {
goto end;
}
ret = 1;
end:
RSA_free(pk);
RSA_free(sk);
return ret;
}
static int test_skf_ec(int verbose)
{
int ret = 0;
unsigned char pkbuf[] = {
0x01, 0x02,
};
unsigned char skbuf[] = {
0x01, 0x02,
};
unsigned char cvbuf[] = {
0x01, 0x02,
};
unsigned char sigbuf[] = {
0x01, 0x02,
};
ECCPUBLICKEYBLOB *pkref = (ECCPUBLICKEYBLOB *)pkbuf;
ECCPRIVATEKEYBLOB *skref = (ECCPRIVATEKEYBLOB *)skbuf;
ECCCIPHERBLOB *cvref = (ECCCIPHERBLOB *)cvbuf;
ECCSIGNATUREBLOB *sigref = (ECCSIGNATUREBLOB *)sigbuf;
EC_KEY *pk = NULL;
EC_KEY *sk = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
ECDSA_SIG *sig = NULL;
if (!(pk = EC_KEY_new_from_ECCPUBLICKEYBLOB(pkref))
|| !EC_KEY_set_ECCPUBLICKEYBLOB(pk, pkref)
|| !EC_KEY_get_ECCPUBLICKEYBLOB(pk, pkref)
|| !(sk = EC_KEY_new_from_ECCPRIVATEKEYBLOB(skref))
|| !EC_KEY_set_ECCPRIVATEKEYBLOB(sk, skref)
|| !EC_KEY_get_ECCPRIVATEKEYBLOB(sk, skref)
|| !(cv = SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(cvref))
|| !SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(cv, cvref)
|| !SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(cv, cvref)
|| !(sig = ECDSA_SIG_new_from_ECCSIGNATUREBLOB(sigref))
|| !ECDSA_SIG_set_ECCSIGNATUREBLOB(sig, sigref)
|| !ECDSA_SIG_get_ECCSIGNATUREBLOB(sig, sigref)) {
goto end;
}
ret = 1;
end:
EC_KEY_free(pk);
EC_KEY_free(sk);
SM2_CIPHERTEXT_VALUE_free(cv);
ECDSA_SIG_free(sig);
return ret;
}
int main(int argc, char **argv)
{
int verbose = 1;
if (!test_sgd(verbose)
|| !test_sdf_ec(verbose)
|| !test_sdf_rsa(verbose)
|| !test_skf_ec(verbose)
|| !test_skf_rsa(verbose)) {
printf("test failed\n");
return 1;
} else {
printf("test ok\n");
return 0;
}
}
#endif

12
test/recipes/30-test_gmapi.t Normal file
View File

@@ -0,0 +1,12 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use OpenSSL::Test::Simple;
simple_test("test_gmapi", "gmapitest", "gmapi");

2
util/mkdef.pl
View File

@@ -132,7 +132,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CMAC",
# APPLINK (win build feature?)
"APPLINK",
"SM3", "SMS4", "KDF2", "ECIES", "FFX", "PAILLIER", "CPK", "OTP"
"SM3", "SMS4", "KDF2", "ECIES", "FFX", "PAILLIER", "CPK", "OTP", "GMAPI"
);
my %disabled_algorithms;