abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-29 01:03:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove CPK module

Browse Source
This commit is contained in:
Zhi Guan
2019-06-13 18:22:44 +08:00
parent bdd3d75e89
commit c0984b6436
18 changed files with 4 additions and 1734 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/cpk/build.info
View File

@@ -1,2 +0,0 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=cpk_asn1.c cpk_err.c cpk_lib.c cpk_map.c cpk_prn.c

94
crypto/cpk/cpk_asn1.c
View File

@@ -1,94 +0,0 @@
/* ====================================================================
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
ASN1_SEQUENCE(CPK_MASTER_SECRET) = {
ASN1_SIMPLE(CPK_MASTER_SECRET, version, LONG),
ASN1_SIMPLE(CPK_MASTER_SECRET, id, X509_NAME),
ASN1_SIMPLE(CPK_MASTER_SECRET, pkey_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_MASTER_SECRET, map_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_MASTER_SECRET, secret_factors, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(CPK_MASTER_SECRET)
IMPLEMENT_ASN1_FUNCTIONS(CPK_MASTER_SECRET)
IMPLEMENT_ASN1_DUP_FUNCTION(CPK_MASTER_SECRET)
ASN1_SEQUENCE(CPK_PUBLIC_PARAMS) = {
ASN1_SIMPLE(CPK_PUBLIC_PARAMS, version, LONG),
ASN1_SIMPLE(CPK_PUBLIC_PARAMS, id, X509_NAME),
ASN1_SIMPLE(CPK_PUBLIC_PARAMS, pkey_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_PUBLIC_PARAMS, map_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_PUBLIC_PARAMS, public_factors, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(CPK_PUBLIC_PARAMS)
IMPLEMENT_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS)
IMPLEMENT_ASN1_DUP_FUNCTION(CPK_PUBLIC_PARAMS)
CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master);
}
int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master)
{
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master);
}
CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params)
{
return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}
int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params)
{
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}

77
crypto/cpk/cpk_err.c
View File

@@ -1,77 +0,0 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/cpk.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason)
static ERR_STRING_DATA CPK_str_functs[] = {
{ERR_FUNC(CPK_F_CPK_MAP_GET_MD), "CPK_MAP_get_md"},
{ERR_FUNC(CPK_F_CPK_MAP_IS_VALID), "CPK_MAP_is_valid"},
{ERR_FUNC(CPK_F_CPK_MAP_NEW), "CPK_MAP_new"},
{ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_MAP_new_default"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_FACTORS), "CPK_MAP_num_factors"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_INDEXES), "CPK_MAP_num_indexes"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_SUBSET), "CPK_MAP_num_subset"},
{ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_MAP_str2index"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY),
"CPK_MASTER_SECRET_extract_private_key"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS),
"CPK_MASTER_SECRET_extract_public_params"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_PRINT), "CPK_MASTER_SECRET_print"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS),
"CPK_MASTER_SECRET_validate_public_params"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY),
"CPK_PUBLIC_PARAMS_compute_share_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY),
"CPK_PUBLIC_PARAMS_extract_public_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_PRINT), "CPK_PUBLIC_PARAMS_print"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY),
"CPK_PUBLIC_PARAMS_validate_private_key"},
{ERR_FUNC(CPK_F_EXTRACT_EC_PARAMS), "extract_ec_params"},
{ERR_FUNC(CPK_F_EXTRACT_EC_PRIV_KEY), "extract_ec_priv_key"},
{ERR_FUNC(CPK_F_EXTRACT_EC_PUB_KEY), "extract_ec_pub_key"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_EC_KEY"},
{0, NULL}
};
static ERR_STRING_DATA CPK_str_reasons[] = {
{ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"},
{ERR_REASON(CPK_R_BAD_ARGUMENTS), "bad arguments"},
{ERR_REASON(CPK_R_BAD_DATA), "bad data"},
{ERR_REASON(CPK_R_INVALID_ALGORITHM), "invalid algorithm"},
{ERR_REASON(CPK_R_INVALID_ARGUMENT), "invalid argument"},
{ERR_REASON(CPK_R_INVALID_CURVE), "invalid curve"},
{ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid id length"},
{ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algor"},
{ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid pkey type"},
{0, NULL}
};
#endif
int ERR_load_CPK_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) {
ERR_load_strings(0, CPK_str_functs);
ERR_load_strings(0, CPK_str_reasons);
}
#endif
return 1;
}

79
crypto/cpk/cpk_lcl.h
View File

@@ -1,79 +0,0 @@
/* ====================================================================
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/ossl_typ.h>
#define CPK_VERSION 2
struct cpk_master_secret_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *secret_factors;
};
struct cpk_public_params_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *public_factors;
};
X509_ALGOR *CPK_MAP_new(int type);
X509_ALGOR * CPK_MAP_new_default(void);
int CPK_MAP_is_valid(const X509_ALGOR *algor);
int CPK_MAP_num_factors(const X509_ALGOR *algor);
int CPK_MAP_num_indexes(const X509_ALGOR *algor);
int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index);

738
crypto/cpk/cpk_lib.c
View File

@@ -1,738 +0,0 @@
/* ====================================================================
* Copyright (c) 2007 - 2018 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <assert.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
#include <openssl/ecdsa.h>
#include <openssl/objects.h>
#include <openssl/cpk.h>
#include "../x509/x509_lcl.h"
#include "cpk_lcl.h"
static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor);
static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param);
static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id);
static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id);
CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, int curve, int map)
{
CPK_MASTER_SECRET *ret = NULL;
CPK_MASTER_SECRET *master = NULL;
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
X509_PUBKEY *pubkey = NULL;
const BIGNUM *order;
int order_bytes;
int num_factors;
unsigned char *secret_buf = NULL;
size_t secret_len;
unsigned char *p;
BIGNUM *bn = NULL;
int i;
/* check domain_id */
if (!(master = CPK_MASTER_SECRET_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE);
goto end;
}
/* set version */
master->version = CPK_VERSION;
/* set domain_id */
if (!domain_id) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
if (strlen(domain_id) <= 0 || strlen(domain_id) > CPK_MAX_ID_LENGTH) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_ID_LENGTH);
goto end;
}
if (!X509_NAME_add_entry_by_NID(master->id, NID_organizationName,
MBSTRING_UTF8, (unsigned char *)domain_id, -1, -1, 0)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB);
goto end;
}
/* set pkey algor */
if (!(ec_key = EC_KEY_new_by_curve_name(curve))) {
//CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_CURVE);
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB);
goto end;
}
if (!(pkey = EVP_PKEY_new())
|| !EVP_PKEY_set1_EC_KEY(pkey, ec_key)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_EVP_LIB);
goto end;
}
if (!(pubkey = X509_PUBKEY_new())
|| !X509_PUBKEY_set(&pubkey, pkey)
|| !X509_PUBKEY_get0_param(NULL, NULL, NULL, &master->pkey_algor, pubkey)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB);
goto end;
}
/* get order and order_bytes */
if (!(order = EC_GROUP_get0_order(EC_KEY_get0_group(ec_key)))
|| !(order_bytes = BN_num_bytes(order))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB);
goto end;
}
/* set map algor */
X509_ALGOR_free(master->map_algor);
if (!(master->map_algor = CPK_MAP_new(map))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_CPK_LIB);
goto end;
}
/* get num_factors */
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_MAP_ALGOR);
goto end;
}
/* set random secret_factors */
secret_len = order_bytes * num_factors;
if (!(secret_buf = OPENSSL_zalloc(secret_len))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE);
goto end;
}
p = secret_buf;
if (!(bn = BN_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE);
goto end;
}
for (i = 0; i < num_factors; i++) {
do {
if (!BN_rand_range(bn, order)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE,
ERR_R_BN_LIB);
goto end;
}
} while (BN_is_zero(bn));
if (!BN_bn2bin(bn, p + order_bytes - BN_num_bytes(bn))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_BN_LIB);
goto end;
}
p += order_bytes;
}
if (!ASN1_STRING_set(master->secret_factors, secret_buf, secret_len)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_ASN1_LIB);
goto end;
}
ret = master;
master = NULL;
end:
CPK_MASTER_SECRET_free(master);
EC_KEY_free(ec_key);
EVP_PKEY_free(pkey);
X509_PUBKEY_free(pubkey);
OPENSSL_clear_free(secret_buf, secret_len);
BN_free(bn);
return ret;
}
CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master)
{
CPK_PUBLIC_PARAMS *ret = NULL;
CPK_PUBLIC_PARAMS *param = NULL;
int pkey_type;
OPENSSL_assert(master->pkey_algor->algorithm);
pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm);
if (!(param = CPK_PUBLIC_PARAMS_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
param->version = master->version;
X509_NAME_free(param->id);
if (!(param->id = X509_NAME_dup(master->id))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
X509_ALGOR_free(param->pkey_algor);
if (!(param->pkey_algor = X509_ALGOR_dup(master->pkey_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
X509_ALGOR_free(param->map_algor);
if (!(param->map_algor = X509_ALGOR_dup(master->map_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
switch (pkey_type) {
case EVP_PKEY_EC:
if (!extract_ec_params(master, param)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_CPK_LIB);
goto err;
}
break;
default:
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_INVALID_PKEY_TYPE);
goto err;
}
ret = param;
param = NULL;
err:
CPK_PUBLIC_PARAMS_free(param);
return ret;
}
EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(
CPK_MASTER_SECRET *master, const char *id)
{
EVP_PKEY *ret = NULL;
EVP_PKEY *pkey = NULL;
int pkey_type;
if (!(pkey = EVP_PKEY_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm);
if (pkey_type == EVP_PKEY_EC) {
EC_KEY *ec_key;
if (!(ec_key = extract_ec_priv_key(master, id))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_CPK_LIB);
goto err;
}
if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) {
EC_KEY_free(ec_key);
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_EVP_LIB);
goto err;
}
} else {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_PKEY_TYPE);
goto err;
}
ret = pkey;
pkey = NULL;
err:
EVP_PKEY_free(pkey);
return ret;
}
EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param,
const char *id)
{
EVP_PKEY *ret = NULL;
EVP_PKEY *pkey = NULL;
int pkey_type;
if (!(pkey = EVP_PKEY_new())) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
pkey_type = OBJ_obj2nid(param->pkey_algor->algorithm);
if (pkey_type == EVP_PKEY_EC) {
EC_KEY *ec_key = NULL;
if (!(ec_key = extract_ec_pub_key(param, id))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_CPK_LIB);
goto err;
}
if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) {
EC_KEY_free(ec_key);
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_EVP_LIB);
goto err;
}
} else {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_PKEY_TYPE);
goto err;
}
ret = pkey;
pkey = NULL;
err:
EVP_PKEY_free(pkey);
return ret;
}
char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size)
{
return X509_NAME_oneline(master->id, buf, size);
}
char *CPK_PUBLIC_PARAMS_get_name(CPK_PUBLIC_PARAMS *params, char *buf, int size)
{
return X509_NAME_oneline(params->id, buf, size);
}
int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master,
CPK_PUBLIC_PARAMS *params)
{
int ret = 0;
CPK_PUBLIC_PARAMS *tmp = NULL;
if (!(tmp = CPK_MASTER_SECRET_extract_public_params(master))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (tmp->version != params->version) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (X509_NAME_cmp(tmp->id, params->id)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
/*
* two ASN_OBJECT * with different address may have same NID
* thus we can not check with:
* tmp->pkey_algor->algorithm != params->pkey_algor->algorithm
*/
if (OBJ_obj2nid(tmp->pkey_algor->algorithm) !=
OBJ_obj2nid(params->pkey_algor->algorithm)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
// FIXME: pkey_algor->parameters
if (OBJ_obj2nid(tmp->map_algor->algorithm) !=
OBJ_obj2nid(params->map_algor->algorithm)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (ASN1_STRING_cmp(tmp->public_factors, params->public_factors)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
ret = 1;
err:
CPK_PUBLIC_PARAMS_free(tmp);
return ret;
}
int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params,
const char *id, const EVP_PKEY *priv_key)
{
int ret = -3;
EVP_PKEY *pub_key = NULL;
if (!(pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY,
ERR_R_EVP_LIB);
goto err;
}
ret = EVP_PKEY_cmp(pub_key, priv_key);
err:
EVP_PKEY_free(pub_key);
return ret;
}
static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
{
EC_KEY *ec_key = NULL;
int ptype;
const void *pval;
const unsigned char *p;
X509_ALGOR_get0(NULL, &ptype, &pval, algor);
if (ptype == V_ASN1_SEQUENCE) {
ASN1_OCTET_STRING *pstr = (ASN1_OCTET_STRING *)pval;
p = pstr->data;
if (!(ec_key = d2i_ECParameters(NULL, &p, pstr->length))) {
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB);
return NULL;
}
} else if (ptype == V_ASN1_OBJECT) {
ASN1_OBJECT *poid = (ASN1_OBJECT *)pval;
EC_GROUP *group;
if (!(ec_key = EC_KEY_new())) {
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (!(group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid)))) {
EC_KEY_free(ec_key);
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB);
return NULL;
}
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
if (!EC_KEY_set_group(ec_key, group)) {
EC_GROUP_free(group);
EC_KEY_free(ec_key);
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB);
return NULL;
}
EC_GROUP_free(group);
} else {
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, CPK_R_BAD_DATA);
return NULL;
}
return ec_key;
}
static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param)
{
int ret = 0;
EC_KEY *ec_key = NULL;
const EC_GROUP *ec_group;
BIGNUM *bn = BN_new();
BIGNUM *order = BN_new();
BN_CTX *ctx = BN_CTX_new();
EC_POINT *pt = NULL;
int i, bn_size, pt_size, num_factors;
const unsigned char *bn_ptr;
unsigned char *pt_ptr;
if (!bn || !order || !ctx) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(EC_GROUP_get_order(ec_group, order, ctx))) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
pt_size = bn_size + 1;
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (ASN1_STRING_length(master->secret_factors) != bn_size * num_factors) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (!ASN1_STRING_set(param->public_factors, NULL, pt_size * num_factors)) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
bn_ptr = ASN1_STRING_get0_data(master->secret_factors);
pt_ptr = ASN1_STRING_get0_data(param->public_factors);
memset(pt_ptr, 0, ASN1_STRING_length(param->public_factors));
if (!(pt = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
for (i = 0; i < num_factors; i++) {
if (!BN_bin2bn(bn_ptr, bn_size, bn)) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (!EC_POINT_mul(ec_group, pt, bn, NULL, NULL, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
if (!EC_POINT_point2oct(ec_group, pt,
POINT_CONVERSION_COMPRESSED, pt_ptr, pt_size, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PARAMS, ERR_R_CPK_LIB);
goto err;
}
bn_ptr += bn_size;
pt_ptr += pt_size;
}
ret = 1;
err:
EC_KEY_free(ec_key);
BN_free(bn);
BN_free(order);
BN_CTX_free(ctx);
EC_POINT_free(pt);
return ret;
}
static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
{
EC_KEY *ret = NULL;
EC_KEY *ec_key = NULL;
const EC_GROUP *ec_group;
EC_POINT *pub_key = NULL;
BIGNUM *priv_key = BN_new();
BIGNUM *order = BN_new();
BIGNUM *bn = BN_new();
BN_CTX *ctx = BN_CTX_new();
int *index = NULL;
int i, num_indexes, bn_size;
if (!priv_key || !bn || !order || !ctx) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(pub_key = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!CPK_MAP_str2index(master->map_algor, id, index)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
BN_zero(priv_key);
if (!(EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, ctx))) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
for (i = 0; i < num_indexes; i++) {
const unsigned char *p =
ASN1_STRING_get0_data(master->secret_factors) +
bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!BN_mod_add(priv_key, priv_key, bn, order, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
}
if (!EC_KEY_set_private_key(ec_key, priv_key)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!EC_POINT_mul(ec_group, pub_key, priv_key, NULL, NULL, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!EC_KEY_set_public_key(ec_key, pub_key)) {
CPKerr(CPK_F_EXTRACT_EC_PRIV_KEY, ERR_R_CPK_LIB);
goto err;
}
ret = ec_key;
ec_key = NULL;
err:
EC_KEY_free(ec_key);
BN_free(priv_key);
EC_POINT_free(pub_key);
BN_free(order);
BN_free(bn);
BN_CTX_free(ctx);
OPENSSL_free(index);
return ret;
}
static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
{
EC_KEY *ret = NULL;
EC_KEY *ec_key = NULL;
const EC_GROUP *ec_group;
EC_POINT *pub_key = NULL;
EC_POINT *pt = NULL;
BIGNUM *order = BN_new();
BIGNUM *bn = BN_new();
BN_CTX *ctx = BN_CTX_new();
int *index = NULL;
int i, bn_size, pt_size, num_indexes, num_factors;
if (!(ec_key = X509_ALGOR_get1_EC_KEY(param->pkey_algor))) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(pub_key = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!(pt = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
pt_size = bn_size + 1;
if ((num_factors = CPK_MAP_num_factors(param->map_algor)) <= 0) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (ASN1_STRING_length(param->public_factors) != pt_size * num_factors) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!CPK_MAP_str2index(param->map_algor, id, index)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!EC_POINT_set_to_infinity(ec_group, pub_key)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
for (i = 0; i < num_indexes; i++) {
const unsigned char *p =
ASN1_STRING_get0_data(param->public_factors) +
pt_size * index[i];
if (!EC_POINT_oct2point(ec_group, pt, p, pt_size, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
if (!EC_POINT_add(ec_group, pub_key, pub_key, pt, ctx)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
}
if (!EC_KEY_set_public_key(ec_key, pub_key)) {
CPKerr(CPK_F_EXTRACT_EC_PUB_KEY, ERR_R_CPK_LIB);
goto err;
}
ret = ec_key;
ec_key = NULL;
err:
EC_KEY_free(ec_key);
EC_POINT_free(pub_key);
BN_free(order);
BN_free(bn);
BN_CTX_free(ctx);
OPENSSL_free(index);
return ret;
}

219
crypto/cpk/cpk_map.c
View File

@@ -1,219 +0,0 @@
/* ====================================================================
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
#include "../../e_os.h"
/* Currently we only support fixed 32 indexes
* this means EC_POINT_add() called 32 times */
#define CPK_NUM_INDEXES 32
typedef struct {
int map_nid;
int md_nid;
} CPK_MAP_TABLE;
static CPK_MAP_TABLE map_table[] = {
{NID_cpk_map_sm3, NID_sm3},
{NID_cpk_map_sha1, NID_sha1},
{NID_cpk_map_sha256, NID_sha256},
{NID_cpk_map_sha384, NID_sha384},
{NID_cpk_map_sha512, NID_sha512}
};
static const EVP_MD *cpk_map2md(int type)
{
int i;
for (i = 0; i < OSSL_NELEM(map_table); i++) {
if (map_table[i].map_nid == type) {
return EVP_get_digestbynid(map_table[i].md_nid);
}
}
return NULL;
}
static const EVP_MD *CPK_MAP_get_md(const X509_ALGOR *algor)
{
const EVP_MD *md;
if (!algor->algorithm) {
CPKerr(CPK_F_CPK_MAP_GET_MD, CPK_R_INVALID_ARGUMENT);
return NULL;
}
if (!(md = cpk_map2md(OBJ_obj2nid(algor->algorithm)))) {
CPKerr(CPK_F_CPK_MAP_GET_MD, ERR_R_CPK_LIB);
return NULL;
}
return md;
}
X509_ALGOR *CPK_MAP_new(int type)
{
X509_ALGOR *ret = NULL;
X509_ALGOR *algor = NULL;
if (!cpk_map2md(type)) {
CPKerr(CPK_F_CPK_MAP_NEW, CPK_R_INVALID_MAP_ALGOR);
return NULL;
}
if (!(algor = X509_ALGOR_new())) {
CPKerr(CPK_F_CPK_MAP_NEW, ERR_R_X509_LIB);
goto end;
}
if (!X509_ALGOR_set0(algor, OBJ_nid2obj(type), V_ASN1_UNDEF, NULL)) {
CPKerr(CPK_F_CPK_MAP_NEW, ERR_R_X509_LIB);
goto end;
}
ret = algor;
algor = NULL;
end:
X509_ALGOR_free(algor);
return ret;
}
X509_ALGOR *CPK_MAP_new_default(void)
{
return CPK_MAP_new(NID_cpk_map_sha1);
}
int CPK_MAP_is_valid(const X509_ALGOR *algor)
{
return CPK_MAP_get_md(algor) != NULL;
}
int CPK_MAP_num_indexes(const X509_ALGOR *algor)
{
if (!CPK_MAP_is_valid(algor)) {
CPKerr(CPK_F_CPK_MAP_NUM_INDEXES, CPK_R_INVALID_MAP_ALGOR);
return 0;
}
/* current only use fixed num_indexes */
return CPK_NUM_INDEXES;
}
int CPK_MAP_num_subset(const X509_ALGOR *algor)
{
const EVP_MD *md;
if (!(md = CPK_MAP_get_md(algor))) {
CPKerr(CPK_F_CPK_MAP_NUM_SUBSET, ERR_R_CPK_LIB);
return 0;
}
return 1 << ((EVP_MD_size(md) * 8) / CPK_MAP_num_indexes(algor));
}
int CPK_MAP_num_factors(const X509_ALGOR *algor)
{
int num_indexes;
int num_subset;
if (!(num_indexes = CPK_MAP_num_indexes(algor))) {
CPKerr(CPK_F_CPK_MAP_NUM_FACTORS, ERR_R_CPK_LIB);
return 0;
}
if (!(num_subset = CPK_MAP_num_subset(algor))) {
CPKerr(CPK_F_CPK_MAP_NUM_FACTORS, ERR_R_CPK_LIB);
return 0;
}
return num_indexes * num_subset;
}
int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index)
{
int ret = 0;
const EVP_MD *md;
unsigned char dgst[EVP_MAX_MD_SIZE];
unsigned int dgstlen;
BIGNUM *bn = NULL;
int i;
int num_indexes, num_subset;
OPENSSL_assert(algor);
OPENSSL_assert(algor->algorithm);
OPENSSL_assert(str);
OPENSSL_assert(strlen(str) > 0);
if (!(md = CPK_MAP_get_md(algor))
|| !(num_indexes = CPK_MAP_num_indexes(algor))
|| !(num_subset = CPK_MAP_num_subset(algor))) {
CPKerr(CPK_F_CPK_MAP_STR2INDEX, CPK_R_INVALID_MAP_ALGOR);
return 0;
}
if (!index) {
return CPK_MAP_num_indexes(algor);
}
if (!EVP_Digest(str, strlen(str), dgst, &dgstlen, md, NULL)) {
CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_EVP_LIB);
return 0;
}
if (!(bn = BN_new())) {
CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!BN_bin2bn(dgst, dgstlen, bn)) {
CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_BN_LIB);
goto end;
}
for (i = 0; i < num_indexes; i++) {
int r = BN_mod_word(bn, num_subset);
BN_div_word(bn, num_subset);
index[i] = num_subset * i + r;
}
ret = num_indexes;
end:
BN_free(bn);
return ret;
}

144
crypto/cpk/cpk_prn.c
View File

@@ -1,144 +0,0 @@
/* ====================================================================
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/bio.h>
#include <openssl/cpk.h>
#include <openssl/objects.h>
#include "cpk_lcl.h"
int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master,
int indent, unsigned long flags)
{
char name[1024] = {0};
int num_factors;
const unsigned char *p;
int i, len;
if (!X509_NAME_oneline(master->id, name, sizeof(name))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_PRINT, ERR_R_CPK_LIB);
return 0;
}
BIO_printf(out, "CPK_MASTER_SECRET\n");
BIO_printf(out, " Version : %ld\n", master->version);
BIO_printf(out, " Domain-ID : %s\n", name);
BIO_printf(out, " Public-Key-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(master->pkey_algor->algorithm)));
BIO_printf(out, " Map-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(master->map_algor->algorithm)));
BIO_printf(out, " Secret-Factors :\n");
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
return 0;
}
p = ASN1_STRING_get0_data(master->secret_factors);
len = ASN1_STRING_length(master->secret_factors)/num_factors;
if (ASN1_STRING_length(master->secret_factors) % num_factors) {
CPKerr(CPK_F_CPK_MASTER_SECRET_PRINT, ERR_R_CPK_LIB);
return 0;
}
for (i = 0; i < num_factors; i++) {
int j;
printf(" %-8d ", i);
for (j = 0; j < len; j++) {
BIO_printf(out, "%02X", p[j]);
}
printf("\n");
p += len;
}
return 1;
}
int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params,
int indent, unsigned long flags)
{
char name[1024] = {0};
int num_factors;
const unsigned char *p;
int len, i;
if (!X509_NAME_oneline(params->id, name, sizeof(name))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_PRINT, ERR_R_CPK_LIB);
return 0;
}
BIO_printf(out, "CPK_PUBLIC_PARAMS\n");
BIO_printf(out, " Version : %ld\n", params->version);
BIO_printf(out, " Domain-ID : %s\n", name);
BIO_printf(out, " Public-Key-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(params->pkey_algor->algorithm)));
BIO_printf(out, " Map-Algor : %s\n", OBJ_nid2sn(OBJ_obj2nid(params->map_algor->algorithm)));
BIO_printf(out, " Secret-Factors :\n");
if ((num_factors = CPK_MAP_num_factors(params->map_algor)) <= 0) {
fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
return 0;
}
p = ASN1_STRING_get0_data(params->public_factors);
len = ASN1_STRING_length(params->public_factors)/num_factors;
if (ASN1_STRING_length(params->public_factors) % num_factors) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_PRINT, ERR_R_CPK_LIB);
return 0;
}
for (i = 0; i < num_factors; i++) {
int j;
printf(" %-8d ", i);
for (j = 0; j < len; j++) {
BIO_printf(out, "%02X", p[j]);
}
printf("\n");
p += len;
}
return 1;
}

2
crypto/err/err.c
View File

@@ -62,7 +62,6 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_KDF2, 0, 0), "KDF2 routines"},
{ERR_PACK(ERR_LIB_FFX, 0, 0), "FFX routines"},
{ERR_PACK(ERR_LIB_PAILLIER, 0, 0), "PAILLIER routines"},
{ERR_PACK(ERR_LIB_CPK, 0, 0), "CPK routines"},
{ERR_PACK(ERR_LIB_OTP, 0, 0), "OTP routines"},
{ERR_PACK(ERR_LIB_GMAPI, 0, 0), "GMAPI routines"},
{ERR_PACK(ERR_LIB_BFIBE, 0, 0), "BFIBE routines"},
@@ -119,7 +118,6 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_KDF2_LIB, "KDF2 lib"},
{ERR_R_FFX_LIB, "FFX lib"},
{ERR_R_PAILLIER_LIB, "PAILLIER lib"},
{ERR_R_CPK_LIB, "CPK lib"},
{ERR_R_OTP_LIB, "OTP lib"},
{ERR_R_GMAPI_LIB, "GMAPI lib"},
{ERR_R_BFIBE_LIB, "BFIBE lib"},

6
crypto/err/err_all.c
View File

@@ -72,9 +72,6 @@
#ifndef OPENSSL_NO_PAILLIER
# include <openssl/paillier.h>
#endif
#ifndef OPENSSL_NO_CPK
# include <openssl/cpk.h>
#endif
#ifndef OPENSSL_NO_OTP
# include <openssl/otp.h>
#endif
@@ -176,9 +173,6 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_PAILLIER
ERR_load_PAILLIER_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_CPK
ERR_load_CPK_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_OTP
ERR_load_OTP_strings() == 0 ||
# endif

1
crypto/err/openssl.ec
View File

@@ -38,7 +38,6 @@ L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c
L KDF2 include/openssl/kdf2.h crypto/kdf2/kdf2_err.c
L FFX include/openssl/ffx.h crypto/ffx/ffx_err.c
L PAILLIER include/openssl/paillier.h crypto/paillier/pai_err.c
L CPK include/openssl/cpk.h crypto/cpk/cpk_err.c
L OTP include/openssl/otp.h crypto/otp/otp_err.c
L GMAPI include/openssl/gmapi.h crypto/gmapi/gmapi_err.c
L BFIBE include/openssl/bfibe.h crypto/bfibe/bfibe_err.c