From c0984b643618b901bcc58860d9e05258e00a4690 Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Thu, 13 Jun 2019 18:22:44 +0800 Subject: [PATCH] Remove CPK module --- Configure | 6 +- apps/progs.h | 2 - crypto/cpk/build.info | 2 - crypto/cpk/cpk_asn1.c | 94 ----- crypto/cpk/cpk_err.c | 77 ---- crypto/cpk/cpk_lcl.h | 79 ---- crypto/cpk/cpk_lib.c | 738 ------------------------------------- crypto/cpk/cpk_map.c | 219 ----------- crypto/cpk/cpk_prn.c | 144 -------- crypto/err/err.c | 2 - crypto/err/err_all.c | 6 - crypto/err/openssl.ec | 1 - include/openssl/cpk.h | 151 -------- include/openssl/err.h | 3 - test/build.info | 6 +- test/cpktest.c | 193 ---------- test/recipes/15-test_cpk.t | 12 - util/mkdef.pl | 3 +- 18 files changed, 4 insertions(+), 1734 deletions(-) delete mode 100644 crypto/cpk/build.info delete mode 100755 crypto/cpk/cpk_asn1.c delete mode 100644 crypto/cpk/cpk_err.c delete mode 100755 crypto/cpk/cpk_lcl.h delete mode 100755 crypto/cpk/cpk_lib.c delete mode 100755 crypto/cpk/cpk_map.c delete mode 100644 crypto/cpk/cpk_prn.c delete mode 100755 include/openssl/cpk.h delete mode 100644 test/cpktest.c delete mode 100644 test/recipes/15-test_cpk.t diff --git a/Configure b/Configure index e1816951..fc952529 100755 --- a/Configure +++ b/Configure @@ -313,7 +313,7 @@ $config{sdirs} = [ "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "sm3", "base58", "sms4", "zuc", "serpent", "speck", "kdf2", "ffx", "otp", - "ecies", "sm2", "cpk", "paillier", "ec2", "sm9", "bfibe", "bb1ibe", + "ecies", "sm2", "paillier", "ec2", "sm9", "bfibe", "bb1ibe", "gmapi", "skf", "sdf", "saf", "sof" ]; @@ -418,7 +418,6 @@ my @disablables = ( "ffx", "sm2", "paillier", - "cpk", "otp", "gmapi", "ec2", @@ -481,7 +480,6 @@ our %disabled = ( # "what" => "comment" "skfeng" => "default", "sdfeng" => "default", "gmieng" => "default", - "cpk" => "default", "speck" => "default", ); @@ -507,7 +505,7 @@ my @disable_cascades = ( # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA "md5" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine" ], # current pkcs12 rfc only define sha1/des bag - "sha" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine", "rsa", "dh", "dsa", "ocsp", "ct", "srp", "ts", "ec2", "cpk" ], + "sha" => [ "ssl", "tls1", "tls1_1", "dtls1", "engine", "rsa", "dh", "dsa", "ocsp", "ct", "srp", "ts", "ec2"], "aes" => [ "engine" ], "ec2" => [ "sm9", "bfibe", "bb1ibe" ], diff --git a/apps/progs.h b/apps/progs.h index d81bfc38..141d33d2 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -158,9 +158,7 @@ static FUNCTION functions[] = { #ifndef OPENSSL_NO_CMS { FT_general, "cms", cms_main, cms_options }, #endif -#ifndef OPENSSL_NO_CPK { FT_general, "cpk", cpk_main, cpk_options }, -#endif { FT_general, "crl", crl_main, crl_options }, { FT_general, "crl2pkcs7", crl2pkcs7_main, crl2pkcs7_options }, { FT_general, "dgst", dgst_main, dgst_options }, diff --git a/crypto/cpk/build.info b/crypto/cpk/build.info deleted file mode 100644 index 78694fe5..00000000 --- a/crypto/cpk/build.info +++ /dev/null @@ -1,2 +0,0 @@ -LIBS=../../libcrypto -SOURCE[../../libcrypto]=cpk_asn1.c cpk_err.c cpk_lib.c cpk_map.c cpk_prn.c diff --git a/crypto/cpk/cpk_asn1.c b/crypto/cpk/cpk_asn1.c deleted file mode 100755 index 18887729..00000000 --- a/crypto/cpk/cpk_asn1.c +++ /dev/null @@ -1,94 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include "cpk_lcl.h" - -ASN1_SEQUENCE(CPK_MASTER_SECRET) = { - ASN1_SIMPLE(CPK_MASTER_SECRET, version, LONG), - ASN1_SIMPLE(CPK_MASTER_SECRET, id, X509_NAME), - ASN1_SIMPLE(CPK_MASTER_SECRET, pkey_algor, X509_ALGOR), - ASN1_SIMPLE(CPK_MASTER_SECRET, map_algor, X509_ALGOR), - ASN1_SIMPLE(CPK_MASTER_SECRET, secret_factors, ASN1_OCTET_STRING) -} ASN1_SEQUENCE_END(CPK_MASTER_SECRET) -IMPLEMENT_ASN1_FUNCTIONS(CPK_MASTER_SECRET) -IMPLEMENT_ASN1_DUP_FUNCTION(CPK_MASTER_SECRET) - -ASN1_SEQUENCE(CPK_PUBLIC_PARAMS) = { - ASN1_SIMPLE(CPK_PUBLIC_PARAMS, version, LONG), - ASN1_SIMPLE(CPK_PUBLIC_PARAMS, id, X509_NAME), - ASN1_SIMPLE(CPK_PUBLIC_PARAMS, pkey_algor, X509_ALGOR), - ASN1_SIMPLE(CPK_PUBLIC_PARAMS, map_algor, X509_ALGOR), - ASN1_SIMPLE(CPK_PUBLIC_PARAMS, public_factors, ASN1_OCTET_STRING) -} ASN1_SEQUENCE_END(CPK_PUBLIC_PARAMS) -IMPLEMENT_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS) -IMPLEMENT_ASN1_DUP_FUNCTION(CPK_PUBLIC_PARAMS) - - -CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master) -{ - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master); -} - -int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master) -{ - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master); -} - -CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params) -{ - return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); -} - -int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params) -{ - return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); -} diff --git a/crypto/cpk/cpk_err.c b/crypto/cpk/cpk_err.c deleted file mode 100644 index 16682204..00000000 --- a/crypto/cpk/cpk_err.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0) -# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason) - -static ERR_STRING_DATA CPK_str_functs[] = { - {ERR_FUNC(CPK_F_CPK_MAP_GET_MD), "CPK_MAP_get_md"}, - {ERR_FUNC(CPK_F_CPK_MAP_IS_VALID), "CPK_MAP_is_valid"}, - {ERR_FUNC(CPK_F_CPK_MAP_NEW), "CPK_MAP_new"}, - {ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_MAP_new_default"}, - {ERR_FUNC(CPK_F_CPK_MAP_NUM_FACTORS), "CPK_MAP_num_factors"}, - {ERR_FUNC(CPK_F_CPK_MAP_NUM_INDEXES), "CPK_MAP_num_indexes"}, - {ERR_FUNC(CPK_F_CPK_MAP_NUM_SUBSET), "CPK_MAP_num_subset"}, - {ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_MAP_str2index"}, - {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"}, - {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY), - "CPK_MASTER_SECRET_extract_private_key"}, - {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS), - "CPK_MASTER_SECRET_extract_public_params"}, - {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_PRINT), "CPK_MASTER_SECRET_print"}, - {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS), - "CPK_MASTER_SECRET_validate_public_params"}, - {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY), - "CPK_PUBLIC_PARAMS_compute_share_key"}, - {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY), - "CPK_PUBLIC_PARAMS_extract_public_key"}, - {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_PRINT), "CPK_PUBLIC_PARAMS_print"}, - {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY), - "CPK_PUBLIC_PARAMS_validate_private_key"}, - {ERR_FUNC(CPK_F_EXTRACT_EC_PARAMS), "extract_ec_params"}, - {ERR_FUNC(CPK_F_EXTRACT_EC_PRIV_KEY), "extract_ec_priv_key"}, - {ERR_FUNC(CPK_F_EXTRACT_EC_PUB_KEY), "extract_ec_pub_key"}, - {ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_EC_KEY"}, - {0, NULL} -}; - -static ERR_STRING_DATA CPK_str_reasons[] = { - {ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"}, - {ERR_REASON(CPK_R_BAD_ARGUMENTS), "bad arguments"}, - {ERR_REASON(CPK_R_BAD_DATA), "bad data"}, - {ERR_REASON(CPK_R_INVALID_ALGORITHM), "invalid algorithm"}, - {ERR_REASON(CPK_R_INVALID_ARGUMENT), "invalid argument"}, - {ERR_REASON(CPK_R_INVALID_CURVE), "invalid curve"}, - {ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid id length"}, - {ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algor"}, - {ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid pkey type"}, - {0, NULL} -}; - -#endif - -int ERR_load_CPK_strings(void) -{ -#ifndef OPENSSL_NO_ERR - - if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) { - ERR_load_strings(0, CPK_str_functs); - ERR_load_strings(0, CPK_str_reasons); - } -#endif - return 1; -} diff --git a/crypto/cpk/cpk_lcl.h b/crypto/cpk/cpk_lcl.h deleted file mode 100755 index b3c36f0b..00000000 --- a/crypto/cpk/cpk_lcl.h +++ /dev/null @@ -1,79 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include -#include -#include - -#define CPK_VERSION 2 - -struct cpk_master_secret_st { - long version; - X509_NAME *id; - X509_ALGOR *pkey_algor; - X509_ALGOR *map_algor; - ASN1_OCTET_STRING *secret_factors; -}; - -struct cpk_public_params_st { - long version; - X509_NAME *id; - X509_ALGOR *pkey_algor; - X509_ALGOR *map_algor; - ASN1_OCTET_STRING *public_factors; -}; - -X509_ALGOR *CPK_MAP_new(int type); -X509_ALGOR * CPK_MAP_new_default(void); -int CPK_MAP_is_valid(const X509_ALGOR *algor); -int CPK_MAP_num_factors(const X509_ALGOR *algor); -int CPK_MAP_num_indexes(const X509_ALGOR *algor); -int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index); - diff --git a/crypto/cpk/cpk_lib.c b/crypto/cpk/cpk_lib.c deleted file mode 100755 index dc7078a9..00000000 --- a/crypto/cpk/cpk_lib.c +++ /dev/null @@ -1,738 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2018 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "../x509/x509_lcl.h" -#include "cpk_lcl.h" - -static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor); -static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param); -static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id); -static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id); - - -CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int curve, int map) -{ - CPK_MASTER_SECRET *ret = NULL; - CPK_MASTER_SECRET *master = NULL; - EC_KEY *ec_key = NULL; - EVP_PKEY *pkey = NULL; - X509_PUBKEY *pubkey = NULL; - const BIGNUM *order; - int order_bytes; - int num_factors; - unsigned char *secret_buf = NULL; - size_t secret_len; - unsigned char *p; - BIGNUM *bn = NULL; - int i; - - /* check domain_id */ - if (!(master = CPK_MASTER_SECRET_new())) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto end; - } - - /* set version */ - master->version = CPK_VERSION; - - /* set domain_id */ - if (!domain_id) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_PASSED_NULL_PARAMETER); - goto end; - } - - if (strlen(domain_id) <= 0 || strlen(domain_id) > CPK_MAX_ID_LENGTH) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_ID_LENGTH); - goto end; - } - - if (!X509_NAME_add_entry_by_NID(master->id, NID_organizationName, - MBSTRING_UTF8, (unsigned char *)domain_id, -1, -1, 0)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto end; - } - - /* set pkey algor */ - if (!(ec_key = EC_KEY_new_by_curve_name(curve))) { - //CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_CURVE); - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); - goto end; - } - - if (!(pkey = EVP_PKEY_new()) - || !EVP_PKEY_set1_EC_KEY(pkey, ec_key)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_EVP_LIB); - goto end; - } - if (!(pubkey = X509_PUBKEY_new()) - || !X509_PUBKEY_set(&pubkey, pkey) - || !X509_PUBKEY_get0_param(NULL, NULL, NULL, &master->pkey_algor, pubkey)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); - goto end; - } - - /* get order and order_bytes */ - if (!(order = EC_GROUP_get0_order(EC_KEY_get0_group(ec_key))) - || !(order_bytes = BN_num_bytes(order))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); - goto end; - } - - /* set map algor */ - X509_ALGOR_free(master->map_algor); - if (!(master->map_algor = CPK_MAP_new(map))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB); - goto end; - } - - /* get num_factors */ - if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_MAP_ALGOR); - goto end; - } - - /* set random secret_factors */ - secret_len = order_bytes * num_factors; - if (!(secret_buf = OPENSSL_zalloc(secret_len))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto end; - } - p = secret_buf; - - if (!(bn = BN_new())) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); - goto end; - } - for (i = 0; i < num_factors; i++) { - do { - if (!BN_rand_range(bn, order)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, - ERR_R_BN_LIB); - goto end; - } - } while (BN_is_zero(bn)); - - if (!BN_bn2bin(bn, p + order_bytes - BN_num_bytes(bn))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_BN_LIB); - goto end; - } - p += order_bytes; - } - - if (!ASN1_STRING_set(master->secret_factors, secret_buf, secret_len)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_ASN1_LIB); - goto end; - } - - ret = master; - master = NULL; - -end: - CPK_MASTER_SECRET_free(master); - EC_KEY_free(ec_key); - EVP_PKEY_free(pkey); - X509_PUBKEY_free(pubkey); - OPENSSL_clear_free(secret_buf, secret_len); - BN_free(bn); - return ret; -} - -CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master) -{ - CPK_PUBLIC_PARAMS *ret = NULL; - CPK_PUBLIC_PARAMS *param = NULL; - int pkey_type; - - OPENSSL_assert(master->pkey_algor->algorithm); - - pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm); - - - if (!(param = CPK_PUBLIC_PARAMS_new())) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, - ERR_R_MALLOC_FAILURE); - goto err; - } - - param->version = master->version; - - X509_NAME_free(param->id); - if (!(param->id = X509_NAME_dup(master->id))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, - ERR_R_MALLOC_FAILURE); - goto err; - } - - X509_ALGOR_free(param->pkey_algor); - if (!(param->pkey_algor = X509_ALGOR_dup(master->pkey_algor))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, - ERR_R_MALLOC_FAILURE); - goto err; - } - - X509_ALGOR_free(param->map_algor); - if (!(param->map_algor = X509_ALGOR_dup(master->map_algor))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, - ERR_R_MALLOC_FAILURE); - goto err; - } - - - switch (pkey_type) { - case EVP_PKEY_EC: - if (!extract_ec_params(master, param)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, - ERR_R_CPK_LIB); - goto err; - } - break; - - default: - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_INVALID_PKEY_TYPE); - goto err; - } - - ret = param; - param = NULL; - -err: - CPK_PUBLIC_PARAMS_free(param); - return ret; -} - -EVP_PKEY *CPK_MASTER_SECRET_extract_private_key( - CPK_MASTER_SECRET *master, const char *id) -{ - EVP_PKEY *ret = NULL; - EVP_PKEY *pkey = NULL; - int pkey_type; - - if (!(pkey = EVP_PKEY_new())) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm); - - if (pkey_type == EVP_PKEY_EC) { - EC_KEY *ec_key; - if (!(ec_key = extract_ec_priv_key(master, id))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, - ERR_R_CPK_LIB); - goto err; - } - if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) { - EC_KEY_free(ec_key); - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, - ERR_R_EVP_LIB); - goto err; - } - - } else { - CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, - CPK_R_INVALID_PKEY_TYPE); - goto err; - } - - ret = pkey; - pkey = NULL; - -err: - EVP_PKEY_free(pkey); - return ret; -} - -EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param, - const char *id) -{ - EVP_PKEY *ret = NULL; - EVP_PKEY *pkey = NULL; - int pkey_type; - - if (!(pkey = EVP_PKEY_new())) { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - pkey_type = OBJ_obj2nid(param->pkey_algor->algorithm); - - - if (pkey_type == EVP_PKEY_EC) { - EC_KEY *ec_key = NULL; - if (!(ec_key = extract_ec_pub_key(param, id))) { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, - ERR_R_CPK_LIB); - goto err; - } - if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) { - EC_KEY_free(ec_key); - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, - ERR_R_EVP_LIB); - goto err; - } - - } else { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, - CPK_R_INVALID_PKEY_TYPE); - goto err; - } - - ret = pkey; - pkey = NULL; - -err: - EVP_PKEY_free(pkey); - return ret; -} - -char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size) -{ - return X509_NAME_oneline(master->id, buf, size); -} - -char *CPK_PUBLIC_PARAMS_get_name(CPK_PUBLIC_PARAMS *params, char *buf, int size) -{ - return X509_NAME_oneline(params->id, buf, size); -} - -int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master, - CPK_PUBLIC_PARAMS *params) -{ - int ret = 0; - CPK_PUBLIC_PARAMS *tmp = NULL; - - if (!(tmp = CPK_MASTER_SECRET_extract_public_params(master))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (tmp->version != params->version) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (X509_NAME_cmp(tmp->id, params->id)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - - /* - * two ASN_OBJECT * with different address may have same NID - * thus we can not check with: - * tmp->pkey_algor->algorithm != params->pkey_algor->algorithm - */ - if (OBJ_obj2nid(tmp->pkey_algor->algorithm) != - OBJ_obj2nid(params->pkey_algor->algorithm)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - // FIXME: pkey_algor->parameters - if (OBJ_obj2nid(tmp->map_algor->algorithm) != - OBJ_obj2nid(params->map_algor->algorithm)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (ASN1_STRING_cmp(tmp->public_factors, params->public_factors)) { - CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - - ret = 1; -err: - CPK_PUBLIC_PARAMS_free(tmp); - return ret; -} - -int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, - const char *id, const EVP_PKEY *priv_key) -{ - int ret = -3; - EVP_PKEY *pub_key = NULL; - - if (!(pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id))) { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY, - ERR_R_EVP_LIB); - goto err; - } - ret = EVP_PKEY_cmp(pub_key, priv_key); -err: - EVP_PKEY_free(pub_key); - return ret; -} - - -static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor) -{ - EC_KEY *ec_key = NULL; - int ptype; - const void *pval; - const unsigned char *p; - - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype == V_ASN1_SEQUENCE) { - ASN1_OCTET_STRING *pstr = (ASN1_OCTET_STRING *)pval; - p = pstr->data; - if (!(ec_key = d2i_ECParameters(NULL, &p, pstr->length))) { - CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); - return NULL; - } - - } else if (ptype == V_ASN1_OBJECT) { - ASN1_OBJECT *poid = (ASN1_OBJECT *)pval; - EC_GROUP *group; - if (!(ec_key = EC_KEY_new())) { - CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_MALLOC_FAILURE); - return NULL; - } - if (!(group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid)))) { - EC_KEY_free(ec_key); - CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); - return NULL; - } - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - if (!EC_KEY_set_group(ec_key, group)) { - EC_GROUP_free(group); - EC_KEY_free(ec_key); - CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); - return NULL; - } - EC_GROUP_free(group); - - } else { - CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, CPK_R_BAD_DATA); - return NULL; - } - return ec_key; -} - -static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param) -{ - int ret = 0; - EC_KEY *ec_key = NULL; - const EC_GROUP *ec_group; - BIGNUM *bn = BN_new(); - BIGNUM *order = BN_new(); - BN_CTX *ctx = BN_CTX_new(); - EC_POINT *pt = NULL; - int i, bn_size, pt_size, num_factors; - const unsigned char *bn_ptr; - unsigned char *pt_ptr; - - if (!bn || !order || !ctx) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - - if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - ec_group = EC_KEY_get0_group(ec_key); - if (!(EC_GROUP_get_order(ec_group, order, ctx))) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - bn_size = BN_num_bytes(order); - pt_size = bn_size + 1; - - if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (ASN1_STRING_length(master->secret_factors) != bn_size * num_factors) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (!ASN1_STRING_set(param->public_factors, NULL, pt_size * num_factors)) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - - bn_ptr = ASN1_STRING_get0_data(master->secret_factors); - pt_ptr = ASN1_STRING_get0_data(param->public_factors); - memset(pt_ptr, 0, ASN1_STRING_length(param->public_factors)); - - if (!(pt = EC_POINT_new(ec_group))) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - for (i = 0; i < num_factors; i++) { - if (!BN_bin2bn(bn_ptr, bn_size, bn)) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - if (!EC_POINT_mul(ec_group, pt, bn, NULL, NULL, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - - if (!EC_POINT_point2oct(ec_group, pt, - POINT_CONVERSION_COMPRESSED, pt_ptr, pt_size, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB); - goto err; - } - bn_ptr += bn_size; - pt_ptr += pt_size; - } - - ret = 1; -err: - EC_KEY_free(ec_key); - BN_free(bn); - BN_free(order); - BN_CTX_free(ctx); - EC_POINT_free(pt); - return ret; -} - -static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id) -{ - EC_KEY *ret = NULL; - EC_KEY *ec_key = NULL; - const EC_GROUP *ec_group; - EC_POINT *pub_key = NULL; - BIGNUM *priv_key = BN_new(); - BIGNUM *order = BN_new(); - BIGNUM *bn = BN_new(); - BN_CTX *ctx = BN_CTX_new(); - int *index = NULL; - int i, num_indexes, bn_size; - - - if (!priv_key || !bn || !order || !ctx) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - - if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - ec_group = EC_KEY_get0_group(ec_key); - if (!(pub_key = EC_POINT_new(ec_group))) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - - if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!CPK_MAP_str2index(master->map_algor, id, index)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - - BN_zero(priv_key); - if (!(EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, ctx))) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - bn_size = BN_num_bytes(order); - - for (i = 0; i < num_indexes; i++) { - const unsigned char *p = - ASN1_STRING_get0_data(master->secret_factors) + - bn_size * index[i]; - - if (!BN_bin2bn(p, bn_size, bn)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!BN_mod_add(priv_key, priv_key, bn, order, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - } - if (!EC_KEY_set_private_key(ec_key, priv_key)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - - if (!EC_POINT_mul(ec_group, pub_key, priv_key, NULL, NULL, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!EC_KEY_set_public_key(ec_key, pub_key)) { - CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB); - goto err; - } - - ret = ec_key; - ec_key = NULL; - -err: - EC_KEY_free(ec_key); - BN_free(priv_key); - EC_POINT_free(pub_key); - BN_free(order); - BN_free(bn); - BN_CTX_free(ctx); - OPENSSL_free(index); - return ret; -} - -static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id) -{ - EC_KEY *ret = NULL; - EC_KEY *ec_key = NULL; - const EC_GROUP *ec_group; - EC_POINT *pub_key = NULL; - EC_POINT *pt = NULL; - BIGNUM *order = BN_new(); - BIGNUM *bn = BN_new(); - BN_CTX *ctx = BN_CTX_new(); - int *index = NULL; - int i, bn_size, pt_size, num_indexes, num_factors; - - if (!(ec_key = X509_ALGOR_get1_EC_KEY(param->pkey_algor))) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - ec_group = EC_KEY_get0_group(ec_key); - - if (!(pub_key = EC_POINT_new(ec_group))) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!(pt = EC_POINT_new(ec_group))) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!EC_GROUP_get_order(ec_group, order, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - bn_size = BN_num_bytes(order); - pt_size = bn_size + 1; - - if ((num_factors = CPK_MAP_num_factors(param->map_algor)) <= 0) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - if (ASN1_STRING_length(param->public_factors) != pt_size * num_factors) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - - if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - if (!CPK_MAP_str2index(param->map_algor, id, index)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - - if (!EC_POINT_set_to_infinity(ec_group, pub_key)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - for (i = 0; i < num_indexes; i++) { - const unsigned char *p = - ASN1_STRING_get0_data(param->public_factors) + - pt_size * index[i]; - - if (!EC_POINT_oct2point(ec_group, pt, p, pt_size, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - - if (!EC_POINT_add(ec_group, pub_key, pub_key, pt, ctx)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - } - - if (!EC_KEY_set_public_key(ec_key, pub_key)) { - CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB); - goto err; - } - - ret = ec_key; - ec_key = NULL; - -err: - EC_KEY_free(ec_key); - EC_POINT_free(pub_key); - BN_free(order); - BN_free(bn); - BN_CTX_free(ctx); - OPENSSL_free(index); - return ret; -} diff --git a/crypto/cpk/cpk_map.c b/crypto/cpk/cpk_map.c deleted file mode 100755 index e9a240e7..00000000 --- a/crypto/cpk/cpk_map.c +++ /dev/null @@ -1,219 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include "cpk_lcl.h" -#include "../../e_os.h" - -/* Currently we only support fixed 32 indexes - * this means EC_POINT_add() called 32 times */ -#define CPK_NUM_INDEXES 32 - -typedef struct { - int map_nid; - int md_nid; -} CPK_MAP_TABLE; - -static CPK_MAP_TABLE map_table[] = { - {NID_cpk_map_sm3, NID_sm3}, - {NID_cpk_map_sha1, NID_sha1}, - {NID_cpk_map_sha256, NID_sha256}, - {NID_cpk_map_sha384, NID_sha384}, - {NID_cpk_map_sha512, NID_sha512} -}; - -static const EVP_MD *cpk_map2md(int type) -{ - int i; - for (i = 0; i < OSSL_NELEM(map_table); i++) { - if (map_table[i].map_nid == type) { - return EVP_get_digestbynid(map_table[i].md_nid); - } - } - return NULL; -} - -static const EVP_MD *CPK_MAP_get_md(const X509_ALGOR *algor) -{ - const EVP_MD *md; - if (!algor->algorithm) { - CPKerr(CPK_F_CPK_MAP_GET_MD, CPK_R_INVALID_ARGUMENT); - return NULL; - } - if (!(md = cpk_map2md(OBJ_obj2nid(algor->algorithm)))) { - CPKerr(CPK_F_CPK_MAP_GET_MD, ERR_R_CPK_LIB); - return NULL; - } - return md; -} - -X509_ALGOR *CPK_MAP_new(int type) -{ - X509_ALGOR *ret = NULL; - X509_ALGOR *algor = NULL; - - if (!cpk_map2md(type)) { - CPKerr(CPK_F_CPK_MAP_NEW, CPK_R_INVALID_MAP_ALGOR); - return NULL; - } - if (!(algor = X509_ALGOR_new())) { - CPKerr(CPK_F_CPK_MAP_NEW, ERR_R_X509_LIB); - goto end; - } - if (!X509_ALGOR_set0(algor, OBJ_nid2obj(type), V_ASN1_UNDEF, NULL)) { - CPKerr(CPK_F_CPK_MAP_NEW, ERR_R_X509_LIB); - goto end; - } - - ret = algor; - algor = NULL; - -end: - X509_ALGOR_free(algor); - return ret; -} - -X509_ALGOR *CPK_MAP_new_default(void) -{ - return CPK_MAP_new(NID_cpk_map_sha1); -} - -int CPK_MAP_is_valid(const X509_ALGOR *algor) -{ - return CPK_MAP_get_md(algor) != NULL; -} - -int CPK_MAP_num_indexes(const X509_ALGOR *algor) -{ - if (!CPK_MAP_is_valid(algor)) { - CPKerr(CPK_F_CPK_MAP_NUM_INDEXES, CPK_R_INVALID_MAP_ALGOR); - return 0; - } - /* current only use fixed num_indexes */ - return CPK_NUM_INDEXES; -} - -int CPK_MAP_num_subset(const X509_ALGOR *algor) -{ - const EVP_MD *md; - if (!(md = CPK_MAP_get_md(algor))) { - CPKerr(CPK_F_CPK_MAP_NUM_SUBSET, ERR_R_CPK_LIB); - return 0; - } - return 1 << ((EVP_MD_size(md) * 8) / CPK_MAP_num_indexes(algor)); -} - -int CPK_MAP_num_factors(const X509_ALGOR *algor) -{ - int num_indexes; - int num_subset; - if (!(num_indexes = CPK_MAP_num_indexes(algor))) { - CPKerr(CPK_F_CPK_MAP_NUM_FACTORS, ERR_R_CPK_LIB); - return 0; - } - if (!(num_subset = CPK_MAP_num_subset(algor))) { - CPKerr(CPK_F_CPK_MAP_NUM_FACTORS, ERR_R_CPK_LIB); - return 0; - } - return num_indexes * num_subset; -} - -int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index) -{ - int ret = 0; - const EVP_MD *md; - unsigned char dgst[EVP_MAX_MD_SIZE]; - unsigned int dgstlen; - BIGNUM *bn = NULL; - int i; - int num_indexes, num_subset; - - OPENSSL_assert(algor); - OPENSSL_assert(algor->algorithm); - OPENSSL_assert(str); - OPENSSL_assert(strlen(str) > 0); - - if (!(md = CPK_MAP_get_md(algor)) - || !(num_indexes = CPK_MAP_num_indexes(algor)) - || !(num_subset = CPK_MAP_num_subset(algor))) { - CPKerr(CPK_F_CPK_MAP_STR2INDEX, CPK_R_INVALID_MAP_ALGOR); - return 0; - } - - if (!index) { - return CPK_MAP_num_indexes(algor); - } - - if (!EVP_Digest(str, strlen(str), dgst, &dgstlen, md, NULL)) { - CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_EVP_LIB); - return 0; - } - if (!(bn = BN_new())) { - CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_MALLOC_FAILURE); - goto end; - } - if (!BN_bin2bn(dgst, dgstlen, bn)) { - CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_BN_LIB); - goto end; - } - - for (i = 0; i < num_indexes; i++) { - int r = BN_mod_word(bn, num_subset); - BN_div_word(bn, num_subset); - index[i] = num_subset * i + r; - } - - ret = num_indexes; -end: - BN_free(bn); - return ret; -} diff --git a/crypto/cpk/cpk_prn.c b/crypto/cpk/cpk_prn.c deleted file mode 100644 index 901c7baf..00000000 --- a/crypto/cpk/cpk_prn.c +++ /dev/null @@ -1,144 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include "cpk_lcl.h" - -int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master, - int indent, unsigned long flags) -{ - char name[1024] = {0}; - int num_factors; - const unsigned char *p; - int i, len; - - if (!X509_NAME_oneline(master->id, name, sizeof(name))) { - CPKerr(CPK_F_CPK_MASTER_SECRET_PRINT, ERR_R_CPK_LIB); - return 0; - } - - BIO_printf(out, "CPK_MASTER_SECRET\n"); - BIO_printf(out, " Version : %ld\n", master->version); - BIO_printf(out, " Domain-ID : %s\n", name); - BIO_printf(out, " Public-Key-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(master->pkey_algor->algorithm))); - BIO_printf(out, " Map-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(master->map_algor->algorithm))); - BIO_printf(out, " Secret-Factors :\n"); - - if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); - return 0; - } - p = ASN1_STRING_get0_data(master->secret_factors); - - len = ASN1_STRING_length(master->secret_factors)/num_factors; - if (ASN1_STRING_length(master->secret_factors) % num_factors) { - CPKerr(CPK_F_CPK_MASTER_SECRET_PRINT, ERR_R_CPK_LIB); - return 0; - } - - for (i = 0; i < num_factors; i++) { - int j; - printf(" %-8d ", i); - for (j = 0; j < len; j++) { - BIO_printf(out, "%02X", p[j]); - } - printf("\n"); - p += len; - } - - return 1; -} - -int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params, - int indent, unsigned long flags) -{ - char name[1024] = {0}; - int num_factors; - const unsigned char *p; - int len, i; - - if (!X509_NAME_oneline(params->id, name, sizeof(name))) { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_PRINT, ERR_R_CPK_LIB); - return 0; - } - - BIO_printf(out, "CPK_PUBLIC_PARAMS\n"); - BIO_printf(out, " Version : %ld\n", params->version); - BIO_printf(out, " Domain-ID : %s\n", name); - BIO_printf(out, " Public-Key-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(params->pkey_algor->algorithm))); - BIO_printf(out, " Map-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(params->map_algor->algorithm))); - BIO_printf(out, " Secret-Factors :\n"); - - if ((num_factors = CPK_MAP_num_factors(params->map_algor)) <= 0) { - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); - return 0; - } - p = ASN1_STRING_get0_data(params->public_factors); - - len = ASN1_STRING_length(params->public_factors)/num_factors; - if (ASN1_STRING_length(params->public_factors) % num_factors) { - CPKerr(CPK_F_CPK_PUBLIC_PARAMS_PRINT, ERR_R_CPK_LIB); - return 0; - } - - for (i = 0; i < num_factors; i++) { - int j; - printf(" %-8d ", i); - for (j = 0; j < len; j++) { - BIO_printf(out, "%02X", p[j]); - } - printf("\n"); - p += len; - } - - return 1; -} diff --git a/crypto/err/err.c b/crypto/err/err.c index b94aef52..d5c6984b 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -62,7 +62,6 @@ static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_KDF2, 0, 0), "KDF2 routines"}, {ERR_PACK(ERR_LIB_FFX, 0, 0), "FFX routines"}, {ERR_PACK(ERR_LIB_PAILLIER, 0, 0), "PAILLIER routines"}, - {ERR_PACK(ERR_LIB_CPK, 0, 0), "CPK routines"}, {ERR_PACK(ERR_LIB_OTP, 0, 0), "OTP routines"}, {ERR_PACK(ERR_LIB_GMAPI, 0, 0), "GMAPI routines"}, {ERR_PACK(ERR_LIB_BFIBE, 0, 0), "BFIBE routines"}, @@ -119,7 +118,6 @@ static ERR_STRING_DATA ERR_str_reasons[] = { {ERR_R_KDF2_LIB, "KDF2 lib"}, {ERR_R_FFX_LIB, "FFX lib"}, {ERR_R_PAILLIER_LIB, "PAILLIER lib"}, - {ERR_R_CPK_LIB, "CPK lib"}, {ERR_R_OTP_LIB, "OTP lib"}, {ERR_R_GMAPI_LIB, "GMAPI lib"}, {ERR_R_BFIBE_LIB, "BFIBE lib"}, diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index a8fdf6d7..ca122740 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -72,9 +72,6 @@ #ifndef OPENSSL_NO_PAILLIER # include #endif -#ifndef OPENSSL_NO_CPK -# include -#endif #ifndef OPENSSL_NO_OTP # include #endif @@ -176,9 +173,6 @@ int err_load_crypto_strings_int(void) # ifndef OPENSSL_NO_PAILLIER ERR_load_PAILLIER_strings() == 0 || # endif -# ifndef OPENSSL_NO_CPK - ERR_load_CPK_strings() == 0 || -# endif # ifndef OPENSSL_NO_OTP ERR_load_OTP_strings() == 0 || # endif diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index f3062101..68d1ef1a 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -38,7 +38,6 @@ L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c L KDF2 include/openssl/kdf2.h crypto/kdf2/kdf2_err.c L FFX include/openssl/ffx.h crypto/ffx/ffx_err.c L PAILLIER include/openssl/paillier.h crypto/paillier/pai_err.c -L CPK include/openssl/cpk.h crypto/cpk/cpk_err.c L OTP include/openssl/otp.h crypto/otp/otp_err.c L GMAPI include/openssl/gmapi.h crypto/gmapi/gmapi_err.c L BFIBE include/openssl/bfibe.h crypto/bfibe/bfibe_err.c diff --git a/include/openssl/cpk.h b/include/openssl/cpk.h deleted file mode 100755 index d5eb5a6d..00000000 --- a/include/openssl/cpk.h +++ /dev/null @@ -1,151 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ -/* - * CPK (Combined Public Key) is an identity-based cryptographic scheme - * with bound security. - */ - -#ifndef HEADER_CPK_H -#define HEADER_CPK_H - -#include -#ifndef OPENSSL_NO_CPK - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define CPK_MAX_ID_LENGTH 64 - -typedef struct cpk_master_secret_st CPK_MASTER_SECRET; -DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET) - -typedef struct cpk_public_params_st CPK_PUBLIC_PARAMS; -DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS) - -/* - * rows cols factors - * NID_cpk_map_sha1 32 32 1024 - * NID_cpk_map_sm3 32 256 8192 - * NID_cpk_map_sha256 32 256 8192 - * NID_cpk_map_sha384 32 4096 131072 - * NID_cpk_map_sha512 32 65536 2097152 - */ -CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int curve, int map); -CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master); -EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id); -EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id); - -char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size); -char *CPK_PUBLIC_PARAMS_get_name(CPK_PUBLIC_PARAMS *params, char *buf, int size); -int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master, int indent, unsigned long flags); -int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params, int indent, unsigned long flags); -int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *params); -int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, const char *id, const EVP_PKEY *pkey); - -CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master); -int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master); -CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params); -int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params); - - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -int ERR_load_CPK_strings(void); - -/* Error codes for the CPK functions. */ - -/* Function codes. */ -# define CPK_F_CPK_MAP_GET_MD 116 -# define CPK_F_CPK_MAP_IS_VALID 114 -# define CPK_F_CPK_MAP_NEW 111 -# define CPK_F_CPK_MAP_NEW_DEFAULT 100 -# define CPK_F_CPK_MAP_NUM_FACTORS 112 -# define CPK_F_CPK_MAP_NUM_INDEXES 113 -# define CPK_F_CPK_MAP_NUM_SUBSET 115 -# define CPK_F_CPK_MAP_STR2INDEX 101 -# define CPK_F_CPK_MASTER_SECRET_CREATE 102 -# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY 103 -# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS 104 -# define CPK_F_CPK_MASTER_SECRET_PRINT 109 -# define CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS 117 -# define CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY 105 -# define CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY 106 -# define CPK_F_CPK_PUBLIC_PARAMS_PRINT 110 -# define CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY 107 -# define CPK_F_EXTRACT_EC_PARAMS 118 -# define CPK_F_EXTRACT_EC_PRIV_KEY 119 -# define CPK_F_EXTRACT_EC_PUB_KEY 120 -# define CPK_F_X509_ALGOR_GET1_EC_KEY 108 - -/* Reason codes. */ -# define CPK_R_BAD_ARGUMENT 100 -# define CPK_R_BAD_ARGUMENTS 105 -# define CPK_R_BAD_DATA 101 -# define CPK_R_INVALID_ALGORITHM 106 -# define CPK_R_INVALID_ARGUMENT 107 -# define CPK_R_INVALID_CURVE 108 -# define CPK_R_INVALID_ID_LENGTH 102 -# define CPK_R_INVALID_MAP_ALGOR 103 -# define CPK_R_INVALID_PKEY_TYPE 104 - -# ifdef __cplusplus -} -# endif -# endif -#endif diff --git a/include/openssl/err.h b/include/openssl/err.h index 69ce241b..681c44c2 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -96,7 +96,6 @@ typedef struct err_state_st { # define ERR_LIB_KDF2 53 # define ERR_LIB_FFX 54 # define ERR_LIB_PAILLIER 55 -# define ERR_LIB_CPK 56 # define ERR_LIB_OTP 57 # define ERR_LIB_GMAPI 58 # define ERR_LIB_BFIBE 59 @@ -147,7 +146,6 @@ typedef struct err_state_st { # define KDF2err(f,r) ERR_PUT_error(ERR_LIB_KDF2,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define FFXerr(f,r) ERR_PUT_error(ERR_LIB_FFX,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define PAILLIERerr(f,r) ERR_PUT_error(ERR_LIB_PAILLIER,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -# define CPKerr(f,r) ERR_PUT_error(ERR_LIB_CPK,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define OTPerr(f,r) ERR_PUT_error(ERR_LIB_OTP,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define GMAPIerr(f,r) ERR_PUT_error(ERR_LIB_GMAPI,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define BFIBEerr(f,r) ERR_PUT_error(ERR_LIB_BFIBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE) @@ -207,7 +205,6 @@ typedef struct err_state_st { # define ERR_R_KDF2_LIB ERR_LIB_KDF2/* 53 */ # define ERR_R_FFX_LIB ERR_LIB_FFX/* 54 */ # define ERR_R_PAILLIER_LIB ERR_LIB_PAILLIER/* 55 */ -# define ERR_R_CPK_LIB ERR_LIB_CPK/* 56 */ # define ERR_R_OTP_LIB ERR_LIB_OTP/* 57 */ # define ERR_R_GMAPI_LIB ERR_LIB_GMAPI/* 58 */ # define ERR_R_BFIBE_LIB ERR_LIB_BFIBE/* 59 */ diff --git a/test/build.info b/test/build.info index a1c8b953..30e21848 100644 --- a/test/build.info +++ b/test/build.info @@ -18,7 +18,7 @@ IF[{- !$disabled{tests} -}] ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ sm3test sms4test kdf2test eciestest ffxtest sm2test \ - pailliertest cpktest otptest gmapitest ec2test \ + pailliertest otptest gmapitest ec2test \ bfibetest bb1ibetest sm9test \ sdftest skftest zuctest \ serpenttest specktest base58test @@ -316,10 +316,6 @@ IF[{- !$disabled{tests} -}] INCLUDE[pailliertest]=../include DEPEND[pailliertest]=../libcrypto - SOURCE[cpktest]=cpktest.c - INCLUDE[cpktest]=../include - DEPEND[cpktest]=../libcrypto - SOURCE[otptest]=otptest.c INCLUDE[otptest]=../include DEPEND[otptest]=../libcrypto diff --git a/test/cpktest.c b/test/cpktest.c deleted file mode 100644 index 8350cc75..00000000 --- a/test/cpktest.c +++ /dev/null @@ -1,193 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the GmSSL Project. - * (http://gmssl.org/)" - * - * 4. The name "GmSSL Project" must not be used to endorse or promote - * products derived from this software without prior written - * permission. For written permission, please contact - * guanzhi1980@gmail.com. - * - * 5. Products derived from this software may not be called "GmSSL" - * nor may "GmSSL" appear in their names without prior written - * permission of the GmSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the GmSSL Project - * (http://gmssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include "../e_os.h" - -#ifdef OPENSSL_NO_CPK -int main(int argc, char **argv) -{ - printf("NO CPK support\n"); - return 0; -} -#else -# include -# include -# include -# include -# include -# include -# include - - -const char *id_short = "id"; -const char *id_long = - "123456789022345678903234567890423456789052345678906234567890" - "123456789022345678903234567890423456789052345678906234567890"; - - -int EVP_PKEY_print_fp(const EVP_PKEY *pkey, FILE *fp) -{ - ASN1_PCTX *ctx = ASN1_PCTX_new(); - BIO *bio = BIO_new_fp(fp, BIO_NOCLOSE); - - EVP_PKEY_print_params(bio, pkey, 0, ctx); - EVP_PKEY_print_public(bio, pkey, 0, ctx); - EVP_PKEY_print_private(bio, pkey, 0, NULL); - - return 0; -} - -int main(int argc, char **argv) -{ - int r, i; - KDF_FUNC kdf = NULL; - EC_KEY *ec_key = NULL; - EVP_PKEY *pkey = NULL; - EVP_PKEY *pub_key = NULL; - EVP_PKEY *priv_key = NULL; - X509_ALGOR *map = NULL; - CPK_MASTER_SECRET *master = NULL; - CPK_PUBLIC_PARAMS *params = NULL; - BIO *bio_out = NULL; - unsigned char *buf = NULL; - unsigned char *p; - const unsigned char *cp; - int len; - - return 0; - - /* prepare cpk setup parameters */ - if (!(ec_key = EC_KEY_new_by_curve_name(OBJ_sn2nid("prime192v1")))) { - goto end; - } - EC_GROUP_set_asn1_flag((EC_GROUP *)EC_KEY_get0_group(ec_key), OPENSSL_EC_NAMED_CURVE); - r = EC_KEY_generate_key(ec_key); - - - - - - pkey = EVP_PKEY_new(); - r = EVP_PKEY_set1_EC_KEY(pkey, ec_key); - map = CPK_MAP_new_default(); - - - //EVP_PKEY_print_fp(pkey, stdout); - - /* generate master_secret and public_params */ - master = CPK_MASTER_SECRET_create("domainid", pkey, map); - - bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); - - r = CPK_MASTER_SECRET_print(bio_out, master, 0, 0); - - EVP_PKEY_free(pkey); - pkey = NULL; - pkey = CPK_MASTER_SECRET_extract_private_key(master, "id"); - EVP_PKEY_free(pkey); - //pkey = CPK_MASTER_SECRET_extract_private_key(master, NULL); - //assert(pkey == NULL); - pkey = CPK_MASTER_SECRET_extract_private_key(master, id_long); - EVP_PKEY_print_fp(pkey, stdout); - params = CPK_MASTER_SECRET_extract_public_params(master); - r = CPK_PUBLIC_PARAMS_print(bio_out, params, 0, 0); - printf("\n"); - - printf("test CPK_PUBLIC_PARAMS_extract_public_key()\n"); - pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id_short); - EVP_PKEY_free(pub_key); - - pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id_long); - printf("Public Key of '%s':\n", id_long); - EVP_PKEY_print_fp(pkey, stdout); - printf("\n"); - - r = CPK_MASTER_SECRET_validate_public_params(master, params); - if (priv_key) EVP_PKEY_free(priv_key); - priv_key = CPK_MASTER_SECRET_extract_private_key(master, "identity"); - r = CPK_PUBLIC_PARAMS_validate_private_key(params, "identity", priv_key); - r = CPK_PUBLIC_PARAMS_validate_private_key(params, "id", priv_key); - - /* der encoding and decoding */ - len = i2d_CPK_MASTER_SECRET(master, NULL); - if (buf != NULL) OPENSSL_free(buf); - buf = OPENSSL_malloc(len); - p = buf; - len = i2d_CPK_MASTER_SECRET(master, &p); - - cp = buf; - if (master) CPK_MASTER_SECRET_free(master); - master = NULL; - master = d2i_CPK_MASTER_SECRET(NULL, &cp, len); - r = CPK_MASTER_SECRET_validate_public_params(master, params); - - kdf = KDF_get_x9_63(EVP_sha1()); - - if (priv_key != NULL) EVP_PKEY_free(priv_key); - priv_key = CPK_MASTER_SECRET_extract_private_key(master, "Alice"); - - if (buf != NULL) OPENSSL_free(buf); - buf = OPENSSL_malloc(1024); - r = CPK_PUBLIC_PARAMS_compute_share_key(params, buf, 64, "Bob", priv_key, kdf); - for (i = 0; i < 64; i++) printf("%02x", buf[i]); printf("\n"); - - if (priv_key != NULL) - EVP_PKEY_free(priv_key); - priv_key = CPK_MASTER_SECRET_extract_private_key(master, "Bob"); - r = CPK_PUBLIC_PARAMS_compute_share_key(params, buf, 64, "Alice", priv_key, kdf); - for (i = 0; i < 64; i++) printf("%02x", buf[i]); printf("\n"); - -end: - printf("ok\n"); - return 0; -} -#endif diff --git a/test/recipes/15-test_cpk.t b/test/recipes/15-test_cpk.t deleted file mode 100644 index 8ef242f4..00000000 --- a/test/recipes/15-test_cpk.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_cpk", "cpktest", "cpk"); diff --git a/util/mkdef.pl b/util/mkdef.pl index 595850dc..ba63551e 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -133,7 +133,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", # APPLINK (win build feature?) "APPLINK", # GmSSL - "SM3", "SMS4", "KDF2", "ECIES", "FFX", "SM2", "PAILLIER", "CPK", "OTP", "GMAPI", "EC2", + "SM3", "SMS4", "KDF2", "ECIES", "FFX", "SM2", "PAILLIER", "OTP", "GMAPI", "EC2", "BFIBE", "BB1IBE", "SM9", "SDF", "SKF", "ZUC", "SERPENT", "SPECK", "BASE58", "GMTLS", "GMTLS_METHOD", "CA", "MACRO", "ASYNC" ); @@ -317,7 +317,6 @@ $crypto.=" include/openssl/bfibe.h"; $crypto.=" include/openssl/bn_gfp2.h"; $crypto.=" include/openssl/bn_hash.h"; $crypto.=" include/openssl/bn_solinas.h"; -$crypto.=" include/openssl/cpk.h"; $crypto.=" include/openssl/ec_hash.h"; $crypto.=" include/openssl/ec_type1.h"; $crypto.=" include/openssl/ecies.h";