Merge pull request #35 from LiTianjue/ssl-dev

添加gitignore 文件，修改sm2test测试程序加解密错误
2026-05-07 00:46:17 +08:00 · 2016-09-02 13:25:14 +02:00
parent 29ece9c060 bbe0e55a74
commit c9877bde1b
4 changed files with 197 additions and 474 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,178 @@
 # Ignore editor artefacts
 /.dir-locals.el
 # Top level excludes
 /Makefile.orig
 /MINFO
 /TABLE
 /*.a
 /*.pc
 /rehash.time
 /inc.*
 /makefile.*
 /out.*
 /tmp.*
 /configdata.pm
 # *all* Makefiles
 Makefile
 # Links under apps
 /apps/CA.pl
 /apps/tsget
 /apps/tsget.pl
 /apps/md4.c
 # Auto generated headers
 /crypto/buildinf.h
 /crypto/include/internal/*_conf.h
 /openssl/include/opensslconf.h
 /util/domd
 # Executables
 /apps/openssl
 /test/sha256t
 /test/sha512t
 /test/gost2814789t
 /test/ssltest_old
 /test/*test
 /test/fips_aesavs
 /test/fips_desmovs
 /test/fips_dhvs
 /test/fips_drbgvs
 /test/fips_dssvs
 /test/fips_ecdhvs
 /test/fips_ecdsavs
 /test/fips_rngvs
 /test/fips_test_suite
 /test/ssltest_old
 /test/x509aux
 /test/v3ext
 # Certain files that get created by tests on the fly
 /test/*.ss
 /test/*.srl
 /test/.rnd
 /test/test*.pem
 /test/newkey.pem
 /test/*.log
 /test/buildtest_*
 # Fuzz stuff.
 # Anything without an extension is an executable on Unix, so we keep files
 # with extensions.  And we keep the corpora subddir versioned as well.
 # Anything more generic with extensions that should be ignored will be taken
 # care of by general ignores for those extensions (*.o, *.obj, *.exe, ...)
 /fuzz/*
 !/fuzz/README*
 !/fuzz/corpora
 !/fuzz/*.*
 # Misc auto generated files
 /include/openssl/opensslconf.h
 /tools/c_rehash
 /tools/c_rehash.pl
 /tags
 /TAGS
 /crypto.map
 /ssl.map
 # Windows (legacy)
 /tmp32
 /tmp32.dbg
 /tmp32dll
 /tmp32dll.dbg
 /out32
 /out32.dbg
 /out32dll
 /out32dll.dbg
 /inc32
 /MINFO
 /ms/.rnd
 /ms/bcb.mak
 /ms/libeay32.def
 /ms/nt.mak
 /ms/ntdll.mak
 /ms/ssleay32.def
 /ms/version32.rc
 # Files created on other branches that are not held in git, and are not
 # needed on this branch
 /include/openssl/asn1_mac.h
 /include/openssl/des_old.h
 /include/openssl/fips.h
 /include/openssl/fips_rand.h
 /include/openssl/krb5_asn.h
 /include/openssl/kssl.h
 /include/openssl/pq_compat.h
 /include/openssl/ssl23.h
 /include/openssl/tmdiff.h
 /include/openssl/ui_compat.h
 /test/fips_aesavs.c
 /test/fips_desmovs.c
 /test/fips_dsatest.c
 /test/fips_dssvs.c
 /test/fips_hmactest.c
 /test/fips_randtest.c
 /test/fips_rngvs.c
 /test/fips_rsagtest.c
 /test/fips_rsastest.c
 /test/fips_rsavtest.c
 /test/fips_shatest.c
 /test/fips_test_suite.c
 /test/shatest.c
 ##### Generic patterns
 # Auto generated assembly language source files
 *.s
 !/crypto/*/asm/*.s
 /crypto/arm*.S
 /crypto/*/*.S
 *.asm
 !/crypto/*/asm/*.asm
 # Object files
 *.o
 *.obj
 # editor artefacts
 *.swp
 .#*
 \#*#
 *~
 # Certificate symbolic links
 *.0
 # All kinds of executables
 *.so
 *.so.*
 *.dylib
 *.dylib.*
 *.dll
 *.dll.*
 *.exe
 *.pyc
 *.exp
 *.lib
 *.pdb
 *.ilk
 *.def
 *.rc
 *.res
 # Misc generated stuff
 Makefile.save
 /crypto/**/lib
 /engines/**/lib
 /ssl/**/lib
 *.bak
 cscope.*
 *.d
 # add by LiTianjue for GmSSL
 # auto create by Configure
 crypto/opensslconf.h
 tool/c_rehash
 # exec file
 apps/gmssl
--- a/crypto/opensslconf.h
+++ b/crypto/opensslconf.h
@@ -1,261 +0,0 @@
 /* opensslconf.h */
 /* WARNING: Generated automatically from opensslconf.h.in by Configure. */
 #ifdef  __cplusplus
 extern "C" {
 #endif
 /* OpenSSL was configured with the following options: */
 #ifndef OPENSSL_SYSNAME_MACOSX
 # define OPENSSL_SYSNAME_MACOSX
 #endif
 #ifndef OPENSSL_DOING_MAKEDEPEND
 #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
 # define OPENSSL_NO_EC_NISTP_64_GCC_128
 #endif
 #ifndef OPENSSL_NO_GMP
 # define OPENSSL_NO_GMP
 #endif
 #ifndef OPENSSL_NO_JPAKE
 # define OPENSSL_NO_JPAKE
 #endif
 #ifndef OPENSSL_NO_KRB5
 # define OPENSSL_NO_KRB5
 #endif
 #ifndef OPENSSL_NO_LIBUNBOUND
 # define OPENSSL_NO_LIBUNBOUND
 #endif
 #ifndef OPENSSL_NO_MD2
 # define OPENSSL_NO_MD2
 #endif
 #ifndef OPENSSL_NO_RC5
 # define OPENSSL_NO_RC5
 #endif
 #ifndef OPENSSL_NO_RFC3779
 # define OPENSSL_NO_RFC3779
 #endif
 #ifndef OPENSSL_NO_SCTP
 # define OPENSSL_NO_SCTP
 #endif
 #ifndef OPENSSL_NO_SSL_TRACE
 # define OPENSSL_NO_SSL_TRACE
 #endif
 #ifndef OPENSSL_NO_STORE
 # define OPENSSL_NO_STORE
 #endif
 #ifndef OPENSSL_NO_UNIT_TEST
 # define OPENSSL_NO_UNIT_TEST
 #endif
 #endif /* OPENSSL_DOING_MAKEDEPEND */
 #ifndef OPENSSL_THREADS
 # define OPENSSL_THREADS
 #endif
 #ifndef OPENSSL_NO_DYNAMIC_ENGINE
 # define OPENSSL_NO_DYNAMIC_ENGINE
 #endif
 /* The OPENSSL_NO_* macros are also defined as NO_* if the application
   asks for it.  This is a transient feature that is provided for those
   who haven't had the time to do the appropriate changes in their
   applications.  */
 #ifdef OPENSSL_ALGORITHM_DEFINES
 # if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
 #  define NO_EC_NISTP_64_GCC_128
 # endif
 # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
 #  define NO_GMP
 # endif
 # if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
 #  define NO_JPAKE
 # endif
 # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
 #  define NO_KRB5
 # endif
 # if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
 #  define NO_LIBUNBOUND
 # endif
 # if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
 #  define NO_MD2
 # endif
 # if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
 #  define NO_RC5
 # endif
 # if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
 #  define NO_RFC3779
 # endif
 # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
 #  define NO_SCTP
 # endif
 # if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
 #  define NO_SSL_TRACE
 # endif
 # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
 #  define NO_STORE
 # endif
 # if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
 #  define NO_UNIT_TEST
 # endif
 #endif
 #define OPENSSL_CPUID_OBJ
 /* crypto/opensslconf.h.in */
 /* Generate 80386 code? */
 #undef I386_ONLY
 #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define ENGINESDIR "/usr/local/lib/engines"
 #define OPENSSLDIR "/usr/local/openssl"
 #endif
 #endif
 #undef OPENSSL_UNISTD
 #define OPENSSL_UNISTD <unistd.h>
 #undef OPENSSL_EXPORT_VAR_AS_FUNCTION
 #if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
 #define IDEA_INT unsigned int
 #endif
 #if defined(HEADER_MD2_H) && !defined(MD2_INT)
 #define MD2_INT unsigned int
 #endif
 #if defined(HEADER_RC2_H) && !defined(RC2_INT)
 /* I need to put in a mod for the alpha - eay */
 #define RC2_INT unsigned int
 #endif
 #if defined(HEADER_RC4_H)
 #if !defined(RC4_INT)
 /* using int types make the structure larger but make the code faster
 * on most boxes I have tested - up to %20 faster. */
 /*
 * I don't know what does "most" mean, but declaring "int" is a must on:
 * - Intel P6 because partial register stalls are very expensive;
 * - elder Alpha because it lacks byte load/store instructions;
 */
 #define RC4_INT unsigned int
 #endif
 #if !defined(RC4_CHUNK)
 /*
 * This enables code handling data aligned at natural CPU word
 * boundary. See crypto/rc4/rc4_enc.c for further details.
 */
 #define RC4_CHUNK unsigned long
 #endif
 #endif
 #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
 /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
 * %20 speed up (longs are 8 bytes, int's are 4). */
 #ifndef DES_LONG
 #define DES_LONG unsigned int
 #endif
 #endif
 #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
 #define CONFIG_HEADER_BN_H
 #undef BN_LLONG
 /* Should we define BN_DIV2W here? */
 /* Only one for the following should be defined */
 #define SIXTY_FOUR_BIT_LONG
 #undef SIXTY_FOUR_BIT
 #undef THIRTY_TWO_BIT
 #endif
 #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
 #define CONFIG_HEADER_RC4_LOCL_H
 /* if this is defined data[i] is used instead of *data, this is a %20
 * speedup on x86 */
 #undef RC4_INDEX
 #endif
 #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
 #define CONFIG_HEADER_BF_LOCL_H
 #undef BF_PTR
 #endif /* HEADER_BF_LOCL_H */
 #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
 #define CONFIG_HEADER_DES_LOCL_H
 #ifndef DES_DEFAULT_OPTIONS
 /* the following is tweaked from a config script, that is why it is a
 * protected undef/define */
 #ifndef DES_PTR
 #undef DES_PTR
 #endif
 /* This helps C compiler generate the correct code for multiple functional
 * units.  It reduces register dependancies at the expense of 2 more
 * registers */
 #ifndef DES_RISC1
 #undef DES_RISC1
 #endif
 #ifndef DES_RISC2
 #undef DES_RISC2
 #endif
 #if defined(DES_RISC1) && defined(DES_RISC2)
 #error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif
 /* Unroll the inner loop, this sometimes helps, sometimes hinders.
 * Very mucy CPU dependant */
 #ifndef DES_UNROLL
 #define DES_UNROLL
 #endif
 /* These default values were supplied by
 * Peter Gutman <pgut001@cs.auckland.ac.nz>
 * They are only used if nothing else has been defined */
 #if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
 /* Special defines which change the way the code is built depending on the
   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
   even newer MIPS CPU's, but at the moment one size fits all for
   optimization options.  Older Sparc's work better with only UNROLL, but
   there's no way to tell at compile time what it is you're running on */
 #if defined( sun )		/* Newer Sparc's */
 #  define DES_PTR
 #  define DES_RISC1
 #  define DES_UNROLL
 #elif defined( __ultrix )	/* Older MIPS */
 #  define DES_PTR
 #  define DES_RISC2
 #  define DES_UNROLL
 #elif defined( __osf1__ )	/* Alpha */
 #  define DES_PTR
 #  define DES_RISC2
 #elif defined ( _AIX )		/* RS6000 */
  /* Unknown */
 #elif defined( __hpux )		/* HP-PA */
  /* Unknown */
 #elif defined( __aux )		/* 68K */
  /* Unknown */
 #elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
 #  define DES_UNROLL
 #elif defined( __sgi )		/* Newer MIPS */
 #  define DES_PTR
 #  define DES_RISC2
 #  define DES_UNROLL
 #elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
 #  define DES_PTR
 #  define DES_RISC1
 #  define DES_UNROLL
 #endif /* Systems-specific speed defines */
 #endif
 #endif /* DES_DEFAULT_OPTIONS */
 #endif /* HEADER_DES_LOCL_H */
 #ifdef  __cplusplus
 }
 #endif
--- a/crypto/sm2/sm2test.c
+++ b/crypto/sm2/sm2test.c
@@ -5,7 +5,7 @@
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/engine.h>
-#include "./sm2.h"
+#include <openssl/sm2.h>
 RAND_METHOD fake_rand;
 const RAND_METHOD *old_rand;
@@ -336,7 +336,15 @@ int test_sm2_enc(const EC_GROUP *group,
 	}
 	buflen = sizeof(buf);
-	if (!SM2_encrypt_with_recommended(buf, &buflen,
+	if (!SM2_encrypt_with_recommended(NULL, &buflen,
 		(const unsigned char *)M, strlen(M), ec_key)) {
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 	if(buflen > sizeof(buf)){
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}else if (!SM2_encrypt_with_recommended(buf, &buflen,
 		(const unsigned char *)M, strlen(M), ec_key)) {
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
@@ -354,7 +362,15 @@ int test_sm2_enc(const EC_GROUP *group,
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
-	if (!SM2_decrypt_with_recommended(msg, &msglen, buf, buflen, ec_key)) {
+	
 	if (!SM2_decrypt_with_recommended(NULL, &msglen, buf, buflen, ec_key)) {
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 	if(msglen > sizeof(msg)){
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	} else if (!SM2_decrypt_with_recommended(msg, &msglen, buf, buflen, ec_key)) {
 		fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
--- a/tools/c_rehash
+++ b/tools/c_rehash
@@ -1,210 +0,0 @@
 #!/usr/bin/perl
 # Perl c_rehash script, scan all files in a directory
 # and add symbolic links to their hash values.
 my $dir = "/usr/local/openssl";
 my $prefix = "/usr/local";
 my $openssl = $ENV{OPENSSL} || "openssl";
 my $pwd;
 my $x509hash = "-subject_hash";
 my $crlhash = "-hash";
 my $verbose = 0;
 my $symlink_exists=eval {symlink("",""); 1};
 my $removelinks = 1;
 ##  Parse flags.
 while ( $ARGV[0] =~ /^-/ ) {
    my $flag = shift @ARGV;
    last if ( $flag eq '--');
    if ( $flag eq '-old') {
 	    $x509hash = "-subject_hash_old";
 	    $crlhash = "-hash_old";
    } elsif ( $flag eq '-h') {
 	    help();
    } elsif ( $flag eq '-n' ) {
 	    $removelinks = 0;
    } elsif ( $flag eq '-v' ) {
 	    $verbose++;
    }
    else {
 	    print STDERR "Usage error; try -help.\n";
 	    exit 1;
    }
 }
 sub help {
 	print "Usage: c_rehash [-old] [-h] [-v] [dirs...]\n";
 	print "   -old use old-style digest\n";
 	print "   -h print this help text\n";
 	print "   -v print files removed and linked\n";
 	exit 0;
 }
 eval "require Cwd";
 if (defined(&Cwd::getcwd)) {
 	$pwd=Cwd::getcwd();
 } else {
 	$pwd=`pwd`;
 	chomp($pwd);
 }
 # DOS/Win32 or Unix delimiter?  Prefix our installdir, then search.
 my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
 $ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
 if(! -x $openssl) {
 	my $found = 0;
 	foreach (split /$path_delim/, $ENV{PATH}) {
 		if(-x "$_/$openssl") {
 			$found = 1;
 			$openssl = "$_/$openssl";
 			last;
 		}	
 	}
 	if($found == 0) {
 		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
 		exit 0;
 	}
 }
 if(@ARGV) {
 	@dirlist = @ARGV;
 } elsif($ENV{SSL_CERT_DIR}) {
 	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
 } else {
 	$dirlist[0] = "$dir/certs";
 }
 if (-d $dirlist[0]) {
 	chdir $dirlist[0];
 	$openssl="$pwd/$openssl" if (!-x $openssl);
 	chdir $pwd;
 }
 foreach (@dirlist) {
 	if(-d $_ and -w $_) {
 		hash_dir($_);
 	}
 }
 sub hash_dir {
 	my %hashlist;
 	print "Doing $_[0]\n";
 	chdir $_[0];
 	opendir(DIR, ".");
 	my @flist = readdir(DIR);
 	closedir DIR;
 	if ( $removelinks ) {
 		# Delete any existing symbolic links
 		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
 			if(-l $_) {
 				unlink $_;
 				print "unlink $_" if $verbose;
 			}
 		}
 	}
 	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
 		# Check to see if certificates and/or CRLs present.
 		my ($cert, $crl) = check_file($fname);
 		if(!$cert && !$crl) {
 			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
 			next;
 		}
 		link_hash_cert($fname) if($cert);
 		link_hash_crl($fname) if($crl);
 	}
 }
 sub check_file {
 	my ($is_cert, $is_crl) = (0,0);
 	my $fname = $_[0];
 	open IN, $fname;
 	while(<IN>) {
 		if(/^-----BEGIN (.*)-----/) {
 			my $hdr = $1;
 			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
 				$is_cert = 1;
 				last if($is_crl);
 			} elsif($hdr eq "X509 CRL") {
 				$is_crl = 1;
 				last if($is_cert);
 			}
 		}
 	}
 	close IN;
 	return ($is_cert, $is_crl);
 }
 # Link a certificate to its subject name hash value, each hash is of
 # the form <hash>.<n> where n is an integer. If the hash value already exists
 # then we need to up the value of n, unless its a duplicate in which
 # case we skip the link. We check for duplicates by comparing the
 # certificate fingerprints
 sub link_hash_cert {
 		my $fname = $_[0];
 		$fname =~ s/'/'\\''/g;
 		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;
 		$fprint =~ tr/://d;
 		my $suffix = 0;
 		# Search for an unused hash filename
 		while(exists $hashlist{"$hash.$suffix"}) {
 			# Hash matches: if fingerprint matches its a duplicate cert
 			if($hashlist{"$hash.$suffix"} eq $fprint) {
 				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
 				return;
 			}
 			$suffix++;
 		}
 		$hash .= ".$suffix";
 		if ($symlink_exists) {
 			symlink $fname, $hash;
 			print "link $fname -> $hash\n" if $verbose;
 		} else {
 			open IN,"<$fname" or die "can't open $fname for read";
 			open OUT,">$hash" or die "can't open $hash for write";
 			print OUT <IN>;	# does the job for small text files
 			close OUT;
 			close IN;
 			print "copy $fname -> $hash\n" if $verbose;
 		}
 		$hashlist{$hash} = $fprint;
 }
 # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
 sub link_hash_crl {
 		my $fname = $_[0];
 		$fname =~ s/'/'\\''/g;
 		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;
 		$fprint =~ tr/://d;
 		my $suffix = 0;
 		# Search for an unused hash filename
 		while(exists $hashlist{"$hash.r$suffix"}) {
 			# Hash matches: if fingerprint matches its a duplicate cert
 			if($hashlist{"$hash.r$suffix"} eq $fprint) {
 				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
 				return;
 			}
 			$suffix++;
 		}
 		$hash .= ".r$suffix";
 		if ($symlink_exists) {
 			symlink $fname, $hash;
 			print "link $fname -> $hash\n" if $verbose;
 		} else {
 			system ("cp", $fname, $hash);
 			print "cp $fname -> $hash\n" if $verbose;
 		}
 		$hashlist{$hash} = $fprint;
 }