mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-06 16:36:16 +08:00
Update Public API
This commit is contained in:
Zhi Guan
12
demos/sm9demo.sh
Executable file
12
demos/sm9demo.sh
Executable file
@@ -0,0 +1,12 @@
|
||||
#!/bin/bash
|
||||
|
||||
gmssl sm9setup -alg sm9sign -pass 1234 -out sign_msk.pem -pubout sign_mpk.pem
|
||||
gmssl sm9keygen -alg sm9sign -in sign_msk.pem -inpass 1234 -id alice -out alice.pem -outpass 1234
|
||||
echo hello | gmssl sm9sign -key alice.pem -pass 1234 -out hello.sig
|
||||
echo hello | gmssl sm9verify -pubmaster sign_mpk.pem -id alice -sig hello.sig
|
||||
|
||||
gmssl sm9setup -alg sm9encrypt -pass 1234 -out enc_msk.pem -pubout enc_mpk.pem
|
||||
gmssl sm9keygen -alg sm9encrypt -in enc_msk.pem -inpass 1234 -id bob -out bob.pem -outpass 1234
|
||||
echo hello | ./gmssl sm9encrypt -pubmaster enc_mpk.pem -id bob -out hello.der
|
||||
gmssl sm9decrypt -key bob.pem -pass 1234 -id bob -in hello.der
|
||||
|
||||
@@ -57,6 +57,20 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
BASE64 Public API
|
||||
|
||||
BASE64_CTX
|
||||
base64_encode_init
|
||||
base64_encode_update
|
||||
base64_encode_finish
|
||||
base64_decode_init
|
||||
base64_decode_update
|
||||
base64_decode_finish
|
||||
|
||||
*/
|
||||
|
||||
|
||||
typedef struct {
|
||||
/* number saved in a partial encode/decode */
|
||||
int num;
|
||||
|
||||
@@ -57,6 +57,12 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
Rand Public API
|
||||
|
||||
rand_bytes
|
||||
|
||||
*/
|
||||
|
||||
int rand_bytes(uint8_t *buf, size_t buflen);
|
||||
|
||||
|
||||
@@ -58,6 +58,23 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
SDF Public API
|
||||
|
||||
sdf_load_library
|
||||
sdf_unload_library
|
||||
|
||||
SDF_DEVICE
|
||||
sdf_open_device
|
||||
sdf_close_device
|
||||
sdf_print_device_info
|
||||
sdf_rand_bytes
|
||||
sdf_load_sign_key
|
||||
|
||||
SDF_KEY
|
||||
sdf_sign
|
||||
sdf_release_key
|
||||
*/
|
||||
|
||||
typedef struct {
|
||||
void *handle;
|
||||
|
||||
@@ -60,6 +60,42 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
SKF Public API
|
||||
|
||||
skf_load_library
|
||||
skf_unload_library
|
||||
skf_list_devices
|
||||
skf_print_device_info
|
||||
|
||||
SKF_DEVICE
|
||||
skf_open_device
|
||||
skf_close_deivce
|
||||
skf_set_label
|
||||
skf_change_authkey
|
||||
skf_list_apps
|
||||
skf_create_app
|
||||
skf_delete_app
|
||||
skf_change_app_admin_pin
|
||||
skf_change_app_user_pin
|
||||
skf_unblock_user_pin
|
||||
skf_list_objects
|
||||
skf_import_object
|
||||
skf_export_object
|
||||
skf_delete_object
|
||||
skf_list_containers
|
||||
skf_create_container
|
||||
skf_delete_container
|
||||
skf_import_sign_cert
|
||||
skf_export_sign_cert
|
||||
skf_rand_bytes
|
||||
skf_load_sign_key
|
||||
|
||||
SKF_KEY
|
||||
skf_sign
|
||||
skf_release_key
|
||||
*/
|
||||
|
||||
typedef struct {
|
||||
void *handle;
|
||||
char manufacturer[65];
|
||||
|
||||
@@ -60,7 +60,40 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
// 比较重要的是哪些是公开接口,公开接口应该做完整的参数检查
|
||||
/*
|
||||
SM2 Public API
|
||||
|
||||
SM2_DEFAULT_ID
|
||||
SM2_MAX_ID_LENGTH
|
||||
SM2_MAX_SIGNATURE_SIZE
|
||||
SM2_MAX_PLAINTEXT_SIZE
|
||||
SM2_MAX_CIPHERTEXT_SIZE
|
||||
|
||||
SM2_KEY
|
||||
sm2_key_generate
|
||||
sm2_private_key_info_encrypt_to_der
|
||||
sm2_private_key_info_decrypt_from_der
|
||||
sm2_private_key_info_encrypt_to_pem
|
||||
sm2_private_key_info_decrypt_from_pem
|
||||
sm2_public_key_info_to_der
|
||||
sm2_public_key_info_from_der
|
||||
sm2_public_key_info_to_pem
|
||||
sm2_public_key_info_from_pem
|
||||
|
||||
sm2_sign
|
||||
sm2_verify
|
||||
sm2_encrypt
|
||||
sm2_decrypt
|
||||
sm2_ecdh
|
||||
|
||||
SM2_SIGN_CTX
|
||||
sm2_sign_init
|
||||
sm2_sign_update
|
||||
sm2_sign_finish
|
||||
sm2_verify_init
|
||||
sm2_verify_update
|
||||
sm2_verify_finish
|
||||
*/
|
||||
|
||||
typedef uint64_t SM2_BN[8];
|
||||
|
||||
@@ -212,6 +245,7 @@ typedef struct {
|
||||
uint8_t private_key[32];
|
||||
} SM2_KEY;
|
||||
|
||||
|
||||
int sm2_key_generate(SM2_KEY *key);
|
||||
int sm2_key_set_private_key(SM2_KEY *key, const uint8_t private_key[32]); // 自动生成公钥
|
||||
int sm2_key_set_public_key(SM2_KEY *key, const SM2_POINT *public_key); // 自动清空私钥,不要和set_private_key同时用
|
||||
|
||||
@@ -56,6 +56,25 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
SM3 Public API
|
||||
|
||||
SM3_DIGEST_SIZE
|
||||
SM3_HMAC_SIZE
|
||||
|
||||
SM3_CTX
|
||||
sm3_init
|
||||
sm3_update
|
||||
sm3_finish
|
||||
|
||||
SM3_HMAC_CTX
|
||||
sm3_hmac_init
|
||||
sm3_hmac_update
|
||||
sm3_hmac_finish
|
||||
|
||||
sm3_digest
|
||||
sm3_hmac
|
||||
*/
|
||||
|
||||
#define SM3_IS_BIG_ENDIAN 1
|
||||
|
||||
|
||||
@@ -57,6 +57,29 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
SM4 Public API
|
||||
|
||||
SM4_KEY_SIZE
|
||||
SM4_BLOCK_SIZE
|
||||
|
||||
SM4_CBC_CTX
|
||||
sm4_cbc_encrypt_init
|
||||
sm4_cbc_encrypt_update
|
||||
sm4_cbc_encrypt_finish
|
||||
sm4_cbc_decrypt_init
|
||||
sm4_cbc_decrypt_update
|
||||
sm4_cbc_decrypt_finish
|
||||
|
||||
SM4_CTR_CTX
|
||||
sm4_ctr_encrypt_init
|
||||
sm4_ctr_encrypt_update
|
||||
sm4_ctr_encrypt_finish
|
||||
sm4_ctr_decrypt_init
|
||||
sm4_ctr_decrypt_update
|
||||
sm4_ctr_decrypt_finish
|
||||
*/
|
||||
|
||||
#define SM4_KEY_SIZE (16)
|
||||
#define SM4_BLOCK_SIZE (16)
|
||||
#define SM4_NUM_ROUNDS (32)
|
||||
@@ -106,8 +129,6 @@ int sm4_gcm_decrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
|
||||
const uint8_t *tag, size_t taglen, uint8_t *out);
|
||||
|
||||
|
||||
// Public API
|
||||
|
||||
typedef struct {
|
||||
SM4_KEY sm4_key;
|
||||
uint8_t iv[SM4_BLOCK_SIZE];
|
||||
@@ -115,11 +136,11 @@ typedef struct {
|
||||
size_t block_nbytes;
|
||||
} SM4_CBC_CTX;
|
||||
|
||||
int sm4_cbc_encrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_BLOCK_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
|
||||
int sm4_cbc_encrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
|
||||
int sm4_cbc_encrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
int sm4_cbc_encrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
|
||||
|
||||
int sm4_cbc_decrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_BLOCK_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
|
||||
int sm4_cbc_decrypt_init(SM4_CBC_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t iv[SM4_BLOCK_SIZE]);
|
||||
int sm4_cbc_decrypt_update(SM4_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
int sm4_cbc_decrypt_finish(SM4_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
|
||||
|
||||
@@ -131,7 +152,7 @@ typedef struct {
|
||||
size_t block_nbytes;
|
||||
} SM4_CTR_CTX;
|
||||
|
||||
int sm4_ctr_encrypt_init(SM4_CTR_CTX *ctx, const uint8_t key[SM4_BLOCK_SIZE], const uint8_t ctr[SM4_BLOCK_SIZE]);
|
||||
int sm4_ctr_encrypt_init(SM4_CTR_CTX *ctx, const uint8_t key[SM4_KEY_SIZE], const uint8_t ctr[SM4_BLOCK_SIZE]);
|
||||
int sm4_ctr_encrypt_update(SM4_CTR_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
int sm4_ctr_encrypt_finish(SM4_CTR_CTX *ctx, uint8_t *out, size_t *outlen);
|
||||
|
||||
|
||||
@@ -51,6 +51,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <stdint.h>
|
||||
#include <gmssl/sm3.h>
|
||||
#include <gmssl/sm2.h>
|
||||
|
||||
|
||||
#ifndef GMSSL_SM9_H
|
||||
@@ -60,99 +61,171 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
SM9 Public API
|
||||
|
||||
SM9_SIGNATURE_SIZE
|
||||
SM9_MAX_PLAINTEXT_SIZE
|
||||
SM9_MAX_CIPHERTEXT_SIZE
|
||||
|
||||
SM9_SIGN_MASTER_KEY
|
||||
sm9_sign_master_key_generate
|
||||
sm9_sign_master_key_extract_key
|
||||
sm9_sign_master_key_info_encrypt_to_der
|
||||
sm9_sign_master_key_info_decrypt_from_der
|
||||
sm9_sign_master_key_info_encrypt_to_pem
|
||||
sm9_sign_master_key_info_decrypt_from_pem
|
||||
sm9_sign_master_public_key_to_der
|
||||
sm9_sign_master_public_key_from_der
|
||||
sm9_sign_master_public_key_to_pem
|
||||
sm9_sign_master_public_key_from_pem
|
||||
|
||||
SM9_SIGN_KEY
|
||||
sm9_sign_key_info_encrypt_to_der
|
||||
sm9_sign_key_info_decrypt_from_der
|
||||
sm9_sign_key_info_encrypt_to_pem
|
||||
sm9_sign_key_info_decrypt_from_pem
|
||||
|
||||
SM9_SIGN_CTX
|
||||
sm9_sign_init
|
||||
sm9_sign_update
|
||||
sm9_sign_finish
|
||||
sm9_verify_init
|
||||
sm9_verify_update
|
||||
sm9_verify_finish
|
||||
|
||||
SM9_ENC_MASTER_KEY
|
||||
sm9_enc_master_key_generate
|
||||
sm9_enc_master_key_extract_key
|
||||
sm9_enc_master_key_info_encrypt_to_der
|
||||
sm9_enc_master_key_info_decrypt_from_der
|
||||
sm9_enc_master_key_info_encrypt_to_pem
|
||||
sm9_enc_master_key_info_decrypt_from_pem
|
||||
sm9_enc_master_public_key_to_der
|
||||
sm9_enc_master_public_key_from_der
|
||||
sm9_enc_master_public_key_to_pem
|
||||
sm9_enc_master_public_key_from_pem
|
||||
|
||||
SM9_ENC_KEY
|
||||
sm9_enc_key_info_encrypt_to_der
|
||||
sm9_enc_key_info_decrypt_from_der
|
||||
sm9_enc_key_info_encrypt_to_pem
|
||||
sm9_enc_key_info_decrypt_from_pem
|
||||
|
||||
sm9_encrypt
|
||||
sm9_decrypt
|
||||
*/
|
||||
|
||||
#define SM9_HEX_SEP '\n'
|
||||
|
||||
typedef uint64_t sm9_bn_t[8];
|
||||
typedef sm9_bn_t sm9_fp_t;
|
||||
typedef sm9_bn_t sm9_fn_t;
|
||||
typedef uint64_t sm9_barrett_bn_t[9];
|
||||
typedef sm9_fp_t sm9_fp2_t[2];
|
||||
typedef sm9_fp2_t sm9_fp4_t[2];
|
||||
typedef sm9_fp4_t sm9_fp12_t[3];
|
||||
|
||||
typedef struct {
|
||||
sm9_fp_t X;
|
||||
sm9_fp_t Y;
|
||||
sm9_fp_t Z;
|
||||
} sm9_point_t;
|
||||
|
||||
typedef struct {
|
||||
sm9_fp2_t X;
|
||||
sm9_fp2_t Y;
|
||||
sm9_fp2_t Z;
|
||||
} sm9_twist_point_t;
|
||||
|
||||
|
||||
// FIXME: 公开的参数值应该是序列化之后的
|
||||
extern const sm9_bn_t SM9_ZERO;
|
||||
extern const sm9_bn_t SM9_ONE;
|
||||
extern const sm9_bn_t SM9_P;
|
||||
extern const sm9_bn_t SM9_N;
|
||||
extern const sm9_point_t *SM9_P1;
|
||||
extern const sm9_twist_point_t *SM9_P2;
|
||||
extern const sm9_twist_point_t *SM9_Ppubs;
|
||||
|
||||
#define sm9_bn_init(r) sm9_bn_set_zero(r)
|
||||
#define sm9_bn_clean(r) sm9_bn_set_zero(r)
|
||||
#define sm9_bn_set_zero(r) sm9_bn_copy((r), SM9_ZERO)
|
||||
#define sm9_bn_set_one(r) sm9_bn_copy((r), SM9_ONE)
|
||||
#define sm9_bn_is_zero(a) (sm9_bn_cmp((a), SM9_ZERO) == 0)
|
||||
#define sm9_bn_is_one(a) (sm9_bn_cmp((a), SM9_ONE) == 0)
|
||||
|
||||
#define sm9_bn_init(r) memset((r),0,sizeof(sm9_bn_t))
|
||||
#define sm9_bn_clean(r) memset((r),0,sizeof(sm9_bn_t))
|
||||
#define sm9_bn_set_zero(r) memset((r),0,sizeof(sm9_bn_t))
|
||||
#define sm9_bn_set_one(r) memcpy((r),&SM9_ONE,sizeof(sm9_bn_t))
|
||||
#define sm9_bn_copy(r,a) memcpy((r),(a),sizeof(sm9_bn_t))
|
||||
#define sm9_bn_is_zero(a) (memcmp((a),&SM9_ZERO, sizeof(sm9_bn_t)) == 0)
|
||||
#define sm9_bn_is_one(a) (memcmp((a),&SM9_ONE, sizeof(sm9_bn_t)) == 0)
|
||||
|
||||
void sm9_bn_to_bytes(const sm9_bn_t a, uint8_t out[32]);
|
||||
void sm9_bn_from_bytes(sm9_bn_t r, const uint8_t in[32]);
|
||||
int sm9_bn_from_hex(sm9_bn_t r, const char hex[65]);
|
||||
void sm9_bn_to_hex(const sm9_bn_t a, char hex[65]);
|
||||
void sm9_print_bn(const char *prefix, const sm9_bn_t a);
|
||||
void sm9_bn_to_bits(const sm9_bn_t a, char bits[256]);
|
||||
|
||||
int sm9_bn_cmp(const sm9_bn_t a, const sm9_bn_t b);
|
||||
int sm9_bn_equ_hex(const sm9_bn_t a, const char *hex);
|
||||
void sm9_bn_set_word(sm9_bn_t r, uint32_t a);
|
||||
void sm9_bn_copy(sm9_bn_t r, const sm9_bn_t a);
|
||||
int sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range);
|
||||
int sm9_bn_equ(const sm9_bn_t a, const sm9_bn_t b);
|
||||
int sm9_bn_cmp(const sm9_bn_t a, const sm9_bn_t b);
|
||||
void sm9_bn_add(sm9_bn_t r, const sm9_bn_t a, const sm9_bn_t b);
|
||||
void sm9_bn_sub(sm9_bn_t ret, const sm9_bn_t a, const sm9_bn_t b);
|
||||
void sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range);
|
||||
void sm9_bn_to_bits(const sm9_bn_t a, char bits[256]);
|
||||
void sm9_bn_to_bytes(const sm9_bn_t a, uint8_t out[32]);
|
||||
void sm9_bn_from_bytes(sm9_bn_t r, const uint8_t in[32]);
|
||||
void sm9_bn_to_hex(const sm9_bn_t a, char hex[64]);
|
||||
int sm9_bn_from_hex(sm9_bn_t r, const char hex[64]);
|
||||
int sm9_bn_print(FILE *fp, int fmt, int ind, const char *label, const sm9_bn_t a);
|
||||
void sm9_print_bn(const char *prefix, const sm9_bn_t a); // 标准打印格式
|
||||
|
||||
#define sm9_fp_init(a) sm9_bn_init(a)
|
||||
#define sm9_fp_clean(a) sm9_bn_clean(a)
|
||||
|
||||
typedef sm9_bn_t sm9_fp_t;
|
||||
|
||||
#define sm9_fp_init(r) sm9_fp_set_zero(r)
|
||||
#define sm9_fp_clean(f) sm9_fp_set_zero(r)
|
||||
#define sm9_fp_set_zero(r) sm9_bn_set_zero(r)
|
||||
#define sm9_fp_set_one(r) sm9_bn_set_one(r)
|
||||
#define sm9_fp_copy(r,a) sm9_bn_copy((r),(a))
|
||||
#define sm9_fp_rand(r) sm9_bn_rand_range((r), SM9_P)
|
||||
#define sm9_fp_is_zero(a) sm9_bn_is_zero(a)
|
||||
#define sm9_fp_is_one(a) sm9_bn_is_one(a)
|
||||
#define sm9_fp_set_zero(a) sm9_bn_set_zero(a)
|
||||
#define sm9_fp_set_one(a) sm9_bn_set_one(a)
|
||||
#define sm9_fp_from_hex(a,s) sm9_bn_from_hex((a),(s))
|
||||
#define sm9_fp_equ(a,b) sm9_bn_equ((a),(b))
|
||||
#define sm9_fp_to_bytes(a,buf) sm9_bn_to_bytes((a),(buf))
|
||||
#define sm9_fp_to_hex(a,s) sm9_bn_to_hex((a),(s))
|
||||
#define sm9_fp_copy(r,a) sm9_bn_copy((r),(a))
|
||||
#define sm9_fp_print(fp,fmt,ind,label,a) sm9_bn_print(fp,fmt,ind,label,a)
|
||||
|
||||
int sm9_fp_equ(const sm9_fp_t a, const sm9_fp_t b);
|
||||
void sm9_fp_add(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b);
|
||||
void sm9_fp_sub(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b);
|
||||
void sm9_fp_dbl(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_tri(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_div2(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_neg(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_mul(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b);
|
||||
void sm9_fp_sqr(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_pow(sm9_fp_t r, const sm9_fp_t a, const sm9_bn_t e);
|
||||
void sm9_fp_inv(sm9_fp_t r, const sm9_fp_t a);
|
||||
void sm9_fp_div2(sm9_fp_t r, const sm9_fp_t a);
|
||||
int sm9_fp_from_bytes(sm9_fp_t r, const uint8_t buf[32]);
|
||||
int sm9_fp_from_hex(sm9_fp_t r, const char hex[64]);
|
||||
|
||||
int sm9_barrett_bn_cmp(const sm9_barrett_bn_t a, const sm9_barrett_bn_t b);
|
||||
|
||||
typedef sm9_bn_t sm9_fn_t;
|
||||
|
||||
#define sm9_fn_init(r) sm9_fn_set_zero(r)
|
||||
#define sm9_fn_clean(f) sm9_fn_set_zero(r)
|
||||
#define sm9_fn_set_zero(r) sm9_bn_set_zero(r)
|
||||
#define sm9_fn_set_one(r) sm9_bn_set_one(r)
|
||||
#define sm9_fn_copy(r,a) sm9_bn_copy((r),(a))
|
||||
#define sm9_fn_rand(r) sm9_bn_rand_range((r), SM9_N)
|
||||
#define sm9_fn_is_zero(a) sm9_bn_is_zero(a)
|
||||
#define sm9_fn_is_one(a) sm9_bn_is_one(a)
|
||||
#define sm9_fn_equ(a,b) sm9_bn_equ((a),(b))
|
||||
#define sm9_fn_to_bytes(a,out) sm9_bn_to_bytes((a),(out))
|
||||
#define sm9_fn_to_hex(a,s) sm9_bn_to_hex((a),(s))
|
||||
#define sm9_fn_print(fp,fmt,ind,label,a) sm9_bn_print(fp,fmt,ind,label,a)
|
||||
|
||||
void sm9_fn_add(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_sub(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_mul(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_pow(sm9_fn_t r, const sm9_fn_t a, const sm9_bn_t e);
|
||||
void sm9_fn_inv(sm9_fn_t r, const sm9_fn_t a);
|
||||
void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40]);
|
||||
int sm9_fn_from_bytes(sm9_fn_t a, const uint8_t in[32]);
|
||||
int sm9_fn_from_hex(sm9_fn_t r, const char hex[64]);
|
||||
|
||||
|
||||
typedef uint64_t sm9_barrett_bn_t[9];
|
||||
|
||||
int sm9_barrett_bn_cmp(const sm9_barrett_bn_t a, const sm9_barrett_bn_t b);
|
||||
void sm9_barrett_bn_add(sm9_barrett_bn_t r, const sm9_barrett_bn_t a, const sm9_barrett_bn_t b);
|
||||
void sm9_barrett_bn_sub(sm9_barrett_bn_t ret, const sm9_barrett_bn_t a, const sm9_barrett_bn_t b);
|
||||
|
||||
#define sm9_fp2_init(a) memset((a), 0, sizeof(sm9_fp2_t))
|
||||
#define sm9_fp2_clean(a) memset((a), 0, sizeof(sm9_fp2_t))
|
||||
#define sm9_fp2_is_zero(a) (memcmp((a), &SM9_FP2_ZERO, sizeof(sm9_fp2_t)) == 0)
|
||||
#define sm9_fp2_is_one(a) (memcmp((a), &SM9_FP2_ONE, sizeof(sm9_fp2_t)) == 0)
|
||||
#define sm9_fp2_copy(r,a) memcpy((r), (a), sizeof(sm9_fp2_t))
|
||||
#define sm9_fp2_equ(a,b) (memcmp((a),(b),sizeof(sm9_fp2_t)) == 0)
|
||||
|
||||
void sm9_fp2_from_hex(sm9_fp2_t r, const char hex[65 * 2]);
|
||||
void sm9_fp2_to_hex(const sm9_fp2_t a, char hex[65 * 2]);
|
||||
void sm9_fp2_print(const char *prefix, const sm9_fp2_t a);
|
||||
#define sm9_fp2_set_zero(a) memset((a), 0, sizeof(sm9_fp2_t))
|
||||
#define sm9_fp2_set_one(a) memcpy((a), &SM9_FP2_ONE, sizeof(sm9_fp2_t))
|
||||
typedef sm9_fp_t sm9_fp2_t[2];
|
||||
extern const sm9_fp2_t SM9_FP2_ZERO;
|
||||
extern const sm9_fp2_t SM9_FP2_ONE;
|
||||
extern const sm9_fp2_t SM9_FP2_U;
|
||||
|
||||
#define sm9_fp2_init(a) sm9_fp2_set_zero(a)
|
||||
#define sm9_fp2_clean(a) sm9_fp2_set_zero(a)
|
||||
#define sm9_fp2_set_zero(a) sm9_fp2_copy((a), SM9_FP2_ZERO)
|
||||
#define sm9_fp2_set_one(a) sm9_fp2_copy((a), SM9_FP2_ONE)
|
||||
#define sm9_fp2_set_u(a) sm9_fp2_copy((a), SM9_FP2_U)
|
||||
#define sm9_fp2_is_zero(a) sm9_fp2_equ((a), SM9_FP2_ZERO)
|
||||
#define sm9_fp2_is_one(a) sm9_fp2_equ((a), SM9_FP2_ONE)
|
||||
|
||||
void sm9_fp2_set_fp(sm9_fp2_t r, const sm9_fp_t a);
|
||||
#define sm9_fp2_set_u(a) memcpy((a), &SM9_FP2_U, sizeof(sm9_fp2_t))
|
||||
void sm9_fp2_set(sm9_fp2_t r, const sm9_fp_t a0, const sm9_fp_t a1);
|
||||
|
||||
void sm9_fp2_copy(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
int sm9_fp2_rand(sm9_fp2_t r);
|
||||
int sm9_fp2_equ(const sm9_fp2_t a, const sm9_fp2_t b);
|
||||
void sm9_fp2_add(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b);
|
||||
void sm9_fp2_dbl(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
void sm9_fp2_tri(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
@@ -166,24 +239,32 @@ void sm9_fp2_sqr_u(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
void sm9_fp2_inv(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
void sm9_fp2_div(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b);
|
||||
void sm9_fp2_div2(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
void sm9_fp2_to_hex(const sm9_fp2_t a, char hex[129]);
|
||||
int sm9_fp2_from_hex(sm9_fp2_t r, const char hex[129]);
|
||||
int sm9_fp2_print(FILE *fp, int fmt, int ind, const char *label, const sm9_fp2_t a);
|
||||
|
||||
#define sm9_fp4_init(r) memcpy((r), &SM9_FP4_ZERO, sizeof(sm9_fp4_t))
|
||||
#define sm9_fp4_clean(r) memcpy((r), &SM9_FP4_ZERO, sizeof(sm9_fp4_t))
|
||||
#define sm9_fp4_set_zero(r) memcpy((r), &SM9_FP4_ZERO, sizeof(sm9_fp4_t))
|
||||
#define sm9_fp4_set_one(r) memcpy((r), &SM9_FP4_ONE, sizeof(sm9_fp4_t))
|
||||
#define sm9_fp4_is_zero(a) (memcmp((a), &SM9_FP4_ZERO, sizeof(sm9_fp4_t)) == 0)
|
||||
#define sm9_fp4_is_one(a) (memcmp((a), &SM9_FP4_ONE, sizeof(sm9_fp4_t)) == 0)
|
||||
#define sm9_fp4_equ(a,b) (memcmp((a), (b), sizeof(sm9_fp4_t)) == 0)
|
||||
#define sm9_fp4_copy(r,a) memcpy((r), (a), sizeof(sm9_fp4_t))
|
||||
|
||||
void sm9_fp4_from_hex(sm9_fp4_t r, const char hex[65 * 4]);
|
||||
void sm9_fp4_to_hex(const sm9_fp4_t a, char hex[65 * 4]);
|
||||
typedef sm9_fp2_t sm9_fp4_t[2];
|
||||
extern const sm9_fp4_t SM9_FP4_ZERO;
|
||||
extern const sm9_fp4_t SM9_FP4_ONE;
|
||||
extern const sm9_fp4_t SM9_FP4_U;
|
||||
extern const sm9_fp4_t SM9_FP4_V;
|
||||
|
||||
#define sm9_fp4_init(a) sm9_fp4_set_zero(a)
|
||||
#define sm9_fp4_clean(a) sm9_fp4_set_zero(a)
|
||||
#define sm9_fp4_set_zero(a) sm9_fp4_copy((a), SM9_FP4_ZERO)
|
||||
#define sm9_fp4_set_one(a) sm9_fp4_copy((a), SM9_FP4_ONE)
|
||||
#define sm9_fp4_is_zero(a) sm9_fp4_equ((a), SM9_FP4_ZERO)
|
||||
#define sm9_fp4_is_one(a) sm9_fp4_equ((a), SM9_FP4_ONE)
|
||||
|
||||
void sm9_fp4_set_u(sm9_fp4_t r);
|
||||
void sm9_fp4_set_v(sm9_fp4_t r);
|
||||
void sm9_fp4_set_fp(sm9_fp4_t r, const sm9_fp_t a);
|
||||
void sm9_fp4_set_fp2(sm9_fp4_t r, const sm9_fp2_t a);
|
||||
void sm9_fp4_set(sm9_fp4_t r, const sm9_fp2_t a0, const sm9_fp2_t a1);
|
||||
void sm9_fp4_set_u(sm9_fp4_t r);
|
||||
void sm9_fp4_set_v(sm9_fp4_t r);
|
||||
|
||||
void sm9_fp4_copy(sm9_fp4_t r, const sm9_fp4_t a);
|
||||
int sm9_fp4_rand(sm9_fp4_t r);
|
||||
int sm9_fp4_equ(const sm9_fp4_t a, const sm9_fp4_t b);
|
||||
void sm9_fp4_add(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b);
|
||||
void sm9_fp4_dbl(sm9_fp4_t r, const sm9_fp4_t a);
|
||||
void sm9_fp4_sub(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b);
|
||||
@@ -195,28 +276,32 @@ void sm9_fp4_mul_v(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b);
|
||||
void sm9_fp4_sqr(sm9_fp4_t r, const sm9_fp4_t a);
|
||||
void sm9_fp4_sqr_v(sm9_fp4_t r, const sm9_fp4_t a);
|
||||
void sm9_fp4_inv(sm9_fp4_t r, const sm9_fp4_t a);
|
||||
void sm9_fp4_to_bytes(const sm9_fp4_t a, uint8_t buf[128]);
|
||||
int sm9_fp4_from_bytes(sm9_fp4_t r, const uint8_t buf[128]);
|
||||
void sm9_fp4_to_hex(const sm9_fp4_t a, char hex[259]);
|
||||
int sm9_fp4_from_hex(sm9_fp4_t r, const char hex[259]);
|
||||
|
||||
#define sm9_fp12_init(r) memset((r), 0, sizeof(sm9_fp12_t))
|
||||
#define sm9_fp12_clean(r) memset((r), 0, sizeof(sm9_fp12_t))
|
||||
#define sm9_fp12_set_zero(r) memset((r), 0, sizeof(sm9_fp12_t))
|
||||
#define sm9_fp12_copy(r, a) memcpy((r), (a), sizeof(sm9_fp12_t))
|
||||
|
||||
typedef sm9_fp4_t sm9_fp12_t[3];
|
||||
|
||||
#define sm9_fp12_init(r) sm9_fp12_set_zero(a)
|
||||
#define sm9_fp12_clean(r) sm9_fp12_set_zero(a)
|
||||
|
||||
void sm9_fp12_set_zero(sm9_fp12_t r);
|
||||
void sm9_fp12_set_one(sm9_fp12_t r);
|
||||
int sm9_fp12_is_one(const sm9_fp12_t a);
|
||||
int sm9_fp12_is_zero(const sm9_fp12_t a);
|
||||
void sm9_fp12_from_hex(sm9_fp12_t r, const char hex[65 * 12]);
|
||||
void sm9_fp12_to_hex(const sm9_fp12_t a, char hex[65 * 12]);
|
||||
void sm9_fp12_print(const char *prefix, const sm9_fp12_t a);
|
||||
void sm9_fp12_set(sm9_fp12_t r, const sm9_fp4_t a0, const sm9_fp4_t a1, const sm9_fp4_t a2);
|
||||
void sm9_fp12_set_fp(sm9_fp12_t r, const sm9_fp_t a);
|
||||
void sm9_fp12_set_fp2(sm9_fp12_t r, const sm9_fp2_t a);
|
||||
void sm9_fp12_set_fp4(sm9_fp12_t r, const sm9_fp4_t a);
|
||||
void sm9_fp12_set_u(sm9_fp12_t r);
|
||||
void sm9_fp12_set_v(sm9_fp12_t r);
|
||||
void sm9_fp12_set_w(sm9_fp12_t r);
|
||||
void sm9_fp12_set_w_sqr(sm9_fp12_t r);
|
||||
|
||||
int sm9_fp12_equ(const sm9_fp12_t a, const sm9_fp12_t b);
|
||||
void sm9_fp12_set_fp(sm9_fp12_t r, const sm9_fp_t a);
|
||||
void sm9_fp12_set_fp2(sm9_fp12_t r, const sm9_fp2_t a);
|
||||
void sm9_fp12_set_fp4(sm9_fp12_t r, const sm9_fp4_t a);
|
||||
void sm9_fp12_set(sm9_fp12_t r, const sm9_fp4_t a0, const sm9_fp4_t a1, const sm9_fp4_t a2);
|
||||
void sm9_fp12_copy(sm9_fp12_t r, const sm9_fp12_t a);
|
||||
int sm9_fp12_rand(sm9_fp12_t r);
|
||||
int sm9_fp12_is_one(const sm9_fp12_t a);
|
||||
int sm9_fp12_is_zero(const sm9_fp12_t a);
|
||||
int sm9_fp12_equ(const sm9_fp12_t a, const sm9_fp12_t b);
|
||||
void sm9_fp12_add(sm9_fp12_t r, const sm9_fp12_t a, const sm9_fp12_t b);
|
||||
void sm9_fp12_dbl(sm9_fp12_t r, const sm9_fp12_t a);
|
||||
void sm9_fp12_tri(sm9_fp12_t r, const sm9_fp12_t a);
|
||||
@@ -226,6 +311,12 @@ void sm9_fp12_mul(sm9_fp12_t r, const sm9_fp12_t a, const sm9_fp12_t b);
|
||||
void sm9_fp12_sqr(sm9_fp12_t r, const sm9_fp12_t a);
|
||||
void sm9_fp12_inv(sm9_fp12_t r, const sm9_fp12_t a);
|
||||
void sm9_fp12_pow(sm9_fp12_t r, const sm9_fp12_t a, const sm9_bn_t k);
|
||||
void sm9_fp12_to_bytes(const sm9_fp12_t a, uint8_t buf[32 * 12]);
|
||||
int sm9_fp12_from_bytes(sm9_fp12_t r, const uint8_t in[32 * 12]);
|
||||
void sm9_fp12_to_hex(const sm9_fp12_t a, char hex[65 * 12]);
|
||||
int sm9_fp12_from_hex(sm9_fp12_t r, const char hex[65 * 12]); // 这个明显是不对的
|
||||
void sm9_fp12_print(const char *prefix, const sm9_fp12_t a);
|
||||
|
||||
|
||||
void sm9_fp2_conjugate(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
void sm9_fp2_frobenius(sm9_fp2_t r, const sm9_fp2_t a);
|
||||
@@ -238,51 +329,76 @@ void sm9_fp12_frobenius2(sm9_fp12_t r, const sm9_fp12_t x);
|
||||
void sm9_fp12_frobenius3(sm9_fp12_t r, const sm9_fp12_t x);
|
||||
void sm9_fp12_frobenius6(sm9_fp12_t r, const sm9_fp12_t x);
|
||||
|
||||
void sm9_point_init(sm9_point_t *R);
|
||||
void sm9_point_from_hex(sm9_point_t *R, const char hex[65 * 2]);
|
||||
#define sm9_point_copy(R, P) memcpy((R), (P), sizeof(sm9_point_t))
|
||||
int sm9_point_is_at_infinity(const sm9_point_t *P);
|
||||
void sm9_point_set_infinity(sm9_point_t *R);
|
||||
void sm9_point_get_xy(const sm9_point_t *P, sm9_fp_t x, sm9_fp_t y);
|
||||
|
||||
int sm9_point_equ(const sm9_point_t *P, const sm9_point_t *Q);
|
||||
int sm9_point_is_on_curve(const sm9_point_t *P);
|
||||
void sm9_point_dbl(sm9_point_t *R, const sm9_point_t *P);
|
||||
void sm9_point_add(sm9_point_t *R, const sm9_point_t *P, const sm9_point_t *Q);
|
||||
void sm9_point_neg(sm9_point_t *R, const sm9_point_t *P);
|
||||
void sm9_point_sub(sm9_point_t *R, const sm9_point_t *P, const sm9_point_t *Q);
|
||||
void sm9_point_mul(sm9_point_t *R, const sm9_bn_t k, const sm9_point_t *P);
|
||||
void sm9_point_mul_generator(sm9_point_t *R, const sm9_bn_t k);
|
||||
typedef struct {
|
||||
sm9_fp_t X;
|
||||
sm9_fp_t Y;
|
||||
sm9_fp_t Z;
|
||||
} SM9_POINT;
|
||||
extern const SM9_POINT *SM9_P1;
|
||||
|
||||
void sm9_twist_point_from_hex(sm9_twist_point_t *R, const char hex[65 * 4]);
|
||||
#define sm9_twist_point_copy(R, P) memcpy((R), (P), sizeof(sm9_twist_point_t))
|
||||
int sm9_twist_point_is_at_infinity(const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_set_infinity(sm9_twist_point_t *R);
|
||||
void sm9_twist_point_get_xy(const sm9_twist_point_t *P, sm9_fp2_t x, sm9_fp2_t y);
|
||||
#define sm9_point_init(R) sm9_point_set_infinity(R)
|
||||
#define sm9_point_clean(R) sm9_point_set_infinity(R)
|
||||
|
||||
int sm9_twist_point_equ(const sm9_twist_point_t *P, const sm9_twist_point_t *Q);
|
||||
int sm9_twist_point_is_on_curve(const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_neg(sm9_twist_point_t *R, const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_dbl(sm9_twist_point_t *R, const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_add(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q);
|
||||
void sm9_twist_point_sub(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q);
|
||||
void sm9_twist_point_add_full(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q);
|
||||
void sm9_twist_point_mul(sm9_twist_point_t *R, const sm9_bn_t k, const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_mul_generator(sm9_twist_point_t *R, const sm9_bn_t k);
|
||||
void sm9_point_set_infinity(SM9_POINT *R);
|
||||
void sm9_point_copy(SM9_POINT *R, const SM9_POINT *P);
|
||||
void sm9_point_get_xy(const SM9_POINT *P, sm9_fp_t x, sm9_fp_t y);
|
||||
int sm9_point_is_at_infinity(const SM9_POINT *P);
|
||||
int sm9_point_equ(const SM9_POINT *P, const SM9_POINT *Q);
|
||||
int sm9_point_is_on_curve(const SM9_POINT *P);
|
||||
void sm9_point_dbl(SM9_POINT *R, const SM9_POINT *P);
|
||||
void sm9_point_add(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q);
|
||||
void sm9_point_neg(SM9_POINT *R, const SM9_POINT *P);
|
||||
void sm9_point_sub(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q);
|
||||
void sm9_point_mul(SM9_POINT *R, const sm9_bn_t k, const SM9_POINT *P);
|
||||
void sm9_point_mul_generator(SM9_POINT *R, const sm9_bn_t k);
|
||||
void sm9_point_from_hex(SM9_POINT *R, const char hex[65 * 2]);
|
||||
int sm9_point_to_uncompressed_octets(const SM9_POINT *P, uint8_t octets[65]);
|
||||
int sm9_point_from_uncompressed_octets(SM9_POINT *P, const uint8_t octets[65]);
|
||||
int sm9_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_POINT *P);
|
||||
|
||||
void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t *P, const sm9_point_t *Q);
|
||||
void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t *T, const sm9_twist_point_t *P, const sm9_point_t *Q);
|
||||
|
||||
void sm9_twist_point_pi1(sm9_twist_point_t *R, const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_pi2(sm9_twist_point_t *R, const sm9_twist_point_t *P);
|
||||
void sm9_twist_point_neg_pi2(sm9_twist_point_t *R, const sm9_twist_point_t *P);
|
||||
typedef struct {
|
||||
sm9_fp2_t X;
|
||||
sm9_fp2_t Y;
|
||||
sm9_fp2_t Z;
|
||||
} SM9_TWIST_POINT;
|
||||
|
||||
extern const SM9_TWIST_POINT *SM9_P2;
|
||||
extern const SM9_TWIST_POINT *SM9_Ppubs;
|
||||
|
||||
#define sm9_twist_point_copy(R, P) memcpy((R), (P), sizeof(SM9_TWIST_POINT))
|
||||
|
||||
int sm9_twist_point_to_uncompressed_octets(const SM9_TWIST_POINT *P, uint8_t octets[129]);
|
||||
int sm9_twist_point_from_uncompressed_octets(SM9_TWIST_POINT *P, const uint8_t octets[129]);
|
||||
|
||||
|
||||
void sm9_twist_point_from_hex(SM9_TWIST_POINT *R, const char hex[65 * 4]);
|
||||
int sm9_twist_point_is_at_infinity(const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_set_infinity(SM9_TWIST_POINT *R);
|
||||
void sm9_twist_point_get_xy(const SM9_TWIST_POINT *P, sm9_fp2_t x, sm9_fp2_t y);
|
||||
|
||||
int sm9_twist_point_equ(const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q);
|
||||
int sm9_twist_point_is_on_curve(const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_neg(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_dbl(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_add(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q);
|
||||
void sm9_twist_point_sub(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q);
|
||||
void sm9_twist_point_add_full(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q);
|
||||
void sm9_twist_point_mul(SM9_TWIST_POINT *R, const sm9_bn_t k, const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_mul_generator(SM9_TWIST_POINT *R, const sm9_bn_t k);
|
||||
int sm9_twist_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_TWIST_POINT *P);
|
||||
|
||||
|
||||
|
||||
void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *P, const SM9_POINT *Q);
|
||||
void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *T, const SM9_TWIST_POINT *P, const SM9_POINT *Q);
|
||||
void sm9_twist_point_pi1(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P);
|
||||
void sm9_twist_point_neg_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P);
|
||||
void sm9_final_exponent_hard_part(sm9_fp12_t r, const sm9_fp12_t f);
|
||||
void sm9_final_exponent(sm9_fp12_t r, const sm9_fp12_t f);
|
||||
void sm9_pairing(sm9_fp12_t r, const sm9_twist_point_t *Q, const sm9_point_t *P);
|
||||
|
||||
|
||||
|
||||
void sm9_pairing(sm9_fp12_t r, const SM9_TWIST_POINT *Q, const SM9_POINT *P);
|
||||
|
||||
|
||||
/* private key extract algorithms */
|
||||
@@ -290,263 +406,11 @@ void sm9_pairing(sm9_fp12_t r, const sm9_twist_point_t *Q, const sm9_point_t *P)
|
||||
#define SM9_HID_EXCH 0x02
|
||||
#define SM9_HID_ENC 0x03
|
||||
|
||||
#define SM9_HASH1 0x01
|
||||
#define SM9_HASH2 0x02
|
||||
|
||||
void sm9_fn_add(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_sub(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_mul(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_pow(sm9_fn_t r, const sm9_fn_t a, const sm9_bn_t e);
|
||||
void sm9_fn_inv(sm9_fn_t r, const sm9_fn_t a);
|
||||
int sm9_fn_is_zero(const sm9_fn_t a);
|
||||
int sm9_fn_equ(const sm9_fn_t a, const sm9_fn_t b);
|
||||
void sm9_fn_rand(sm9_fn_t r);
|
||||
void sm9_fp12_to_bytes(const sm9_fp12_t a, uint8_t buf[32 * 12]);
|
||||
|
||||
void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40]);
|
||||
#define SM9_HASH1_PREFIX 0x01
|
||||
#define SM9_HASH2_PREFIX 0x02
|
||||
|
||||
int sm9_hash1(sm9_bn_t h1, const char *id, size_t idlen, uint8_t hid);
|
||||
|
||||
int sm9_point_to_bytes(const sm9_point_t *P, uint8_t out[32 * 2]);
|
||||
int sm9_point_from_bytes(sm9_point_t *P, const uint8_t in[32 * 2]);
|
||||
int sm9_twist_point_to_bytes(const sm9_twist_point_t *P, uint8_t out[32 * 2]);
|
||||
int sm9_twist_point_from_bytes(sm9_twist_point_t *P, const uint8_t in[32 * 2]);
|
||||
|
||||
void sm9_fn_to_bytes(const sm9_fn_t a, uint8_t out[32]);
|
||||
int sm9_fn_from_bytes(sm9_fn_t a, const uint8_t in[32]);
|
||||
int sm9_point_to_uncompressed_octets(const sm9_point_t *P, uint8_t octets[65]);
|
||||
int sm9_point_from_uncompressed_octets(sm9_point_t *P, const uint8_t octets[65]);
|
||||
int sm9_twist_point_to_uncompressed_octets(const sm9_twist_point_t *P, uint8_t octets[129]);
|
||||
int sm9_twist_point_from_uncompressed_octets(sm9_twist_point_t *P, const uint8_t octets[129]);
|
||||
|
||||
|
||||
// set the same value as sm2
|
||||
#define SM9_MAX_ID_BITS 65535
|
||||
#define SM9_MAX_ID_SIZE (SM9_MAX_ID_BITS/8)
|
||||
|
||||
typedef struct {
|
||||
uint8_t x[32];
|
||||
uint8_t y[32];
|
||||
} SM9_POINT;
|
||||
|
||||
typedef struct {
|
||||
uint8_t x[64];
|
||||
uint8_t y[64];
|
||||
} SM9_TWIST_POINT;
|
||||
|
||||
|
||||
/*
|
||||
SM9私钥如何存储:
|
||||
|
||||
可以用PrivateKeyInfo, EncryptedPrivateKeyInfo 来存储SM9的主密钥
|
||||
这需要SM9签名、加密等方案的OID,并且需要区分主密钥和用户私钥
|
||||
否则无法通过AlgorithmIdentifier来区分
|
||||
|
||||
SM9的主密钥和EC密钥类型很像,都是一个大整数和一个曲线点。
|
||||
但是SM9的主密钥存在KeyUsage这个特性,签名和加密的格式并不一样。
|
||||
是否将其整合在一个ASN.1对象中呢?
|
||||
|
||||
主密钥、用户密钥、签名、加密,这用一个OID来区分还是2个OID来区分?
|
||||
|
||||
|
||||
PrivateKeyInfo ::= SEQUENCE {
|
||||
version Version { v1(0) },
|
||||
privateKeyAlgorithm AlgorithmIdentifier,
|
||||
privateKey OCTET STRING, -- DER-encoding of ECPrivateKey
|
||||
attributes [0] IMPLICIT SET OF Attribute OPTIONAL }
|
||||
|
||||
这里privateKeyAlgorithm只有一个值,因此必须为上述提供4个不同OID
|
||||
|
||||
主公钥其实是无所谓的,
|
||||
|
||||
SM9 OIDs from GM/T 0006-2012
|
||||
|
||||
1.2.156.10197.1.302 sm9
|
||||
1.2.156.10197.1.302.1 sm9sign
|
||||
1.2.156.10197.1.302.2 sm9keyagreement
|
||||
1.2.156.10197.1.302.3 sm9encrypt
|
||||
|
||||
*/
|
||||
|
||||
#define PEM_SM9_SIGN_MASTER_KEY "ENCRYPTED SM9 SIGN MASTER KEY"
|
||||
#define PEM_SM9_SIGN_MASTER_PUBLIC_KEY "SM9 SIGN MASTER PUBLIC KEY"
|
||||
#define PEM_SM9_SIGN_PRIVATE_KEY "ENCRYPTED SM9 SIGN PRIVATE KEY"
|
||||
#define PEM_SM9_ENC_MASTER_KEY "ENCRYPTED SM9 ENC MASTER KEY"
|
||||
#define PEM_SM9_ENC_MASTER_PUBLIC_KEY "SM9 ENC MASTER PUBLIC KEY"
|
||||
#define PEM_SM9_ENC_PRIVATE_KEY "ENCRYPTED SM9 ENC PRIVATE KEY"
|
||||
|
||||
|
||||
/*
|
||||
SM9SignMasterKey ::= SEQUENCE {
|
||||
ks INTEGER,
|
||||
Ppubs BIT STRING, -- uncompressed octets of twisted point
|
||||
}
|
||||
*/
|
||||
typedef struct {
|
||||
sm9_twist_point_t Ppubs; // Ppubs = ks * P2
|
||||
sm9_fn_t ks;
|
||||
} SM9_SIGN_MASTER_KEY;
|
||||
|
||||
// algorthm,parameters = sm9,sm9sign
|
||||
int sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY *msk, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_key_from_der(SM9_SIGN_MASTER_KEY *msk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
|
||||
/*
|
||||
SM9SignMasterPublicKey ::= SEQUENCE {
|
||||
Ppubs BIT STRING, -- uncompressed octets of twisted point
|
||||
}
|
||||
*/
|
||||
int sm9_sign_master_public_key_to_der(const SM9_SIGN_MASTER_KEY *mpk, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY *mpk, FILE *fp);
|
||||
|
||||
|
||||
/*
|
||||
SM9SignPrivateKey ::= SEQUENCE {
|
||||
ds BIT STRING, -- uncompressed octets of ECPoint
|
||||
Ppubs BIT STRING -- uncompressed octets of twisted point
|
||||
}
|
||||
|
||||
SM9的用户私钥和椭圆曲线的就没有任何关系了。
|
||||
*/
|
||||
typedef struct {
|
||||
sm9_twist_point_t Ppubs;
|
||||
sm9_point_t ds;
|
||||
} SM9_SIGN_KEY;
|
||||
|
||||
// algorithm,parameters = sm9sign,<null>
|
||||
int sm9_sign_key_to_der(const SM9_SIGN_KEY *key, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_key_from_der(SM9_SIGN_KEY *key, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY *key, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_key_info_decrypt_from_der(SM9_SIGN_KEY *key, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE *fp);
|
||||
|
||||
int sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY *master);
|
||||
int sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY *master, const char *id, size_t idlen, SM9_SIGN_KEY *key);
|
||||
|
||||
|
||||
/*
|
||||
from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification
|
||||
SM9Signature ::= SEQUENCE {
|
||||
h OCTET STRING,
|
||||
S BIT STRING, -- uncompressed octets of ECPoint }
|
||||
*/
|
||||
typedef struct {
|
||||
sm9_fn_t h;
|
||||
sm9_point_t S;
|
||||
} SM9_SIGNATURE;
|
||||
|
||||
int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *sig);
|
||||
int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const SM3_CTX *sm3_ctx, const SM9_SIGNATURE *sig);
|
||||
|
||||
#define SM9_MAX_SIGNATURE_SIZE 512 // TODO: calcalate this size
|
||||
int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen);
|
||||
int sm9_signature_from_der(SM9_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
|
||||
|
||||
|
||||
typedef struct {
|
||||
SM3_CTX sm3_ctx;
|
||||
} SM9_SIGN_CTX;
|
||||
|
||||
int sm9_sign_init(SM9_SIGN_CTX *ctx);
|
||||
int sm9_sign_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
|
||||
int sm9_sign_finish(SM9_SIGN_CTX *ctx, const SM9_SIGN_KEY *key, uint8_t *sig, size_t *siglen);
|
||||
|
||||
int sm9_verify_init(SM9_SIGN_CTX *ctx);
|
||||
int sm9_verify_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
|
||||
int sm9_verify_finish(SM9_SIGN_CTX *ctx, const uint8_t *sig, size_t siglen,
|
||||
const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen);
|
||||
|
||||
typedef struct {
|
||||
sm9_point_t Ppube; // Ppube = ke * P1
|
||||
sm9_fn_t ke;
|
||||
} SM9_ENC_MASTER_KEY;
|
||||
|
||||
// algorithm,parameters = sm9,sm9encrypt
|
||||
int sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY *msk, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_key_from_der(SM9_ENC_MASTER_KEY *msk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_key_info_decrypt_from_der(SM9_ENC_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
|
||||
int sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY *mpk, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_public_key_from_der(SM9_ENC_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_public_key_to_pem(const SM9_ENC_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_enc_master_public_key_from_pem(SM9_ENC_MASTER_KEY *mpk, FILE *fp);
|
||||
|
||||
/*
|
||||
SM9EncPrivateKey ::= SEQUENCE {
|
||||
de BIT STRING, -- uncompressed octets of twisted point
|
||||
Ppube BIT STRING -- uncompressed octets of ECPoint
|
||||
}
|
||||
*/
|
||||
typedef struct {
|
||||
sm9_point_t Ppube;
|
||||
sm9_twist_point_t de;
|
||||
} SM9_ENC_KEY;
|
||||
|
||||
// algorithm,parameters = sm9encrypt,<null>
|
||||
int sm9_enc_key_to_der(const SM9_ENC_KEY *key, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_key_from_der(SM9_ENC_KEY *key, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_key_info_encrypt_to_der(const SM9_ENC_KEY *key, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_key_info_decrypt_from_der(SM9_ENC_KEY *key, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *fp);
|
||||
|
||||
int sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY *master);
|
||||
int sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY *master, const char *id, size_t idlen, SM9_ENC_KEY *key);
|
||||
|
||||
/*
|
||||
from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification
|
||||
SM9Cipher ::= SEQUENCE {
|
||||
EnType INTEGER, -- 0 for XOR
|
||||
C1 BIT STRING, -- uncompressed octets of ECPoint
|
||||
C3 OCTET STRING, -- 32 bytes HMAC-SM3 tag
|
||||
CipherText OCTET STRING,
|
||||
}
|
||||
*/
|
||||
int sm9_ciphertext_to_der(const sm9_point_t *C1, const uint8_t *c2, size_t c2len,
|
||||
const uint8_t c3[SM3_HMAC_SIZE], uint8_t **out, size_t *outlen);
|
||||
int sm9_ciphertext_from_der(sm9_point_t *C1, const uint8_t **c2, size_t *c2len,
|
||||
const uint8_t *c3[SM3_HMAC_SIZE], const uint8_t **in, size_t *inlen);
|
||||
|
||||
#define SM9_MAX_PLAINTEXT_SIZE 512 // FIXME
|
||||
#define SM9_MAX_CIPHERTEXT_SIZE 512 // FIXME
|
||||
|
||||
|
||||
int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, size_t klen, uint8_t *kbuf, sm9_point_t *C);
|
||||
int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const sm9_point_t *C, size_t klen, uint8_t *kbuf);
|
||||
|
||||
int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, sm9_point_t *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE]);
|
||||
int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const sm9_point_t *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE], uint8_t *out);
|
||||
int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
int sm9_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
|
||||
|
||||
int sm9_fn_print(FILE *fp, int fmt, int ind, const char *label, const sm9_fn_t a);
|
||||
int sm9_point_print(FILE *fp, int fmt, int ind, const char *label, const sm9_point_t *P);
|
||||
int sm9_twist_point_print(FILE *fp, int fmt, int ind, const char *label, const sm9_twist_point_t *P);
|
||||
|
||||
int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *msk);
|
||||
int sm9_sign_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *mpk);
|
||||
int sm9_sign_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_KEY *key);
|
||||
int sm9_enc_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *msk);
|
||||
int sm9_enc_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *mpk);
|
||||
int sm9_enc_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_KEY *key);
|
||||
int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
|
||||
int sm9_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen);
|
||||
|
||||
const char *sm9_oid_name(int oid);
|
||||
int sm9_oid_from_name(const char *name);
|
||||
@@ -556,8 +420,188 @@ int sm9_algor_to_der(int alg, int params, uint8_t **out, size_t *outlen);
|
||||
int sm9_algor_from_der(int *alg, int *params, const uint8_t **in, size_t *inlen);
|
||||
|
||||
|
||||
#define PEM_SM9_SIGN_MASTER_KEY "ENCRYPTED SM9 SIGN MASTER KEY"
|
||||
#define PEM_SM9_SIGN_MASTER_PUBLIC_KEY "SM9 SIGN MASTER PUBLIC KEY"
|
||||
#define PEM_SM9_SIGN_PRIVATE_KEY "ENCRYPTED SM9 SIGN PRIVATE KEY"
|
||||
#define PEM_SM9_ENC_MASTER_KEY "ENCRYPTED SM9 ENC MASTER KEY"
|
||||
#define PEM_SM9_ENC_MASTER_PUBLIC_KEY "SM9 ENC MASTER PUBLIC KEY"
|
||||
#define PEM_SM9_ENC_PRIVATE_KEY "ENCRYPTED SM9 ENC PRIVATE KEY"
|
||||
|
||||
# ifdef __cplusplus
|
||||
|
||||
#define SM9_MAX_ID_SIZE (SM2_MAX_ID_SIZE)
|
||||
|
||||
/*
|
||||
SM9SignMasterKey ::= SEQUENCE {
|
||||
ks INTEGER,
|
||||
Ppubs BIT STRING -- uncompressed octets of twisted point }
|
||||
|
||||
SM9SignMasterPublicKey ::= SEQUENCE {
|
||||
Ppubs BIT STRING -- uncompressed octets of twisted point }
|
||||
|
||||
SM9SignPrivateKey ::= SEQUENCE {
|
||||
ds BIT STRING, -- uncompressed octets of ECPoint
|
||||
Ppubs BIT STRING -- uncompressed octets of twisted point }
|
||||
*/
|
||||
typedef struct {
|
||||
SM9_TWIST_POINT Ppubs; // Ppubs = ks * P2
|
||||
sm9_fn_t ks;
|
||||
} SM9_SIGN_MASTER_KEY;
|
||||
|
||||
typedef struct {
|
||||
SM9_TWIST_POINT Ppubs;
|
||||
SM9_POINT ds;
|
||||
} SM9_SIGN_KEY;
|
||||
|
||||
int sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY *master);
|
||||
int sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY *master, const char *id, size_t idlen, SM9_SIGN_KEY *key);
|
||||
|
||||
// algorthm,parameters = sm9,sm9sign
|
||||
#define SM9_SIGN_MASTER_KEY_MAX_SIZE 171
|
||||
int sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY *msk, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_key_from_der(SM9_SIGN_MASTER_KEY *msk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *msk);
|
||||
|
||||
#define SM9_SIGN_MASTER_PUBLIC_KEY_SIZE 136
|
||||
int sm9_sign_master_public_key_to_der(const SM9_SIGN_MASTER_KEY *mpk, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_sign_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *mpk);
|
||||
|
||||
// algorithm,parameters = sm9sign,<null>
|
||||
#define SM9_SIGN_KEY_SIZE 204
|
||||
int sm9_sign_key_to_der(const SM9_SIGN_KEY *key, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_key_from_der(SM9_SIGN_KEY *key, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY *key, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_sign_key_info_decrypt_from_der(SM9_SIGN_KEY *key, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_sign_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_KEY *key);
|
||||
|
||||
/*
|
||||
from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification
|
||||
SM9Signature ::= SEQUENCE {
|
||||
h OCTET STRING,
|
||||
S BIT STRING -- uncompressed octets of ECPoint }
|
||||
*/
|
||||
typedef struct {
|
||||
sm9_fn_t h;
|
||||
SM9_POINT S;
|
||||
} SM9_SIGNATURE;
|
||||
|
||||
int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *sig);
|
||||
int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen, const SM3_CTX *sm3_ctx, const SM9_SIGNATURE *sig);
|
||||
|
||||
#define SM9_SIGNATURE_SIZE 104
|
||||
int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen);
|
||||
int sm9_signature_from_der(SM9_SIGNATURE *sig, const uint8_t **in, size_t *inlen);
|
||||
int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen);
|
||||
|
||||
typedef struct {
|
||||
SM3_CTX sm3_ctx;
|
||||
} SM9_SIGN_CTX;
|
||||
|
||||
int sm9_sign_init(SM9_SIGN_CTX *ctx);
|
||||
int sm9_sign_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
|
||||
int sm9_sign_finish(SM9_SIGN_CTX *ctx, const SM9_SIGN_KEY *key, uint8_t *sig, size_t *siglen);
|
||||
int sm9_verify_init(SM9_SIGN_CTX *ctx);
|
||||
int sm9_verify_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen);
|
||||
int sm9_verify_finish(SM9_SIGN_CTX *ctx, const uint8_t *sig, size_t siglen,
|
||||
const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen);
|
||||
|
||||
|
||||
/*
|
||||
SM9EncMasterKey ::= SEQUENCE {
|
||||
de INTEGER,
|
||||
Ppube BIT STRING -- uncompressed octets of ECPoint }
|
||||
|
||||
SM9EncMasterPublicKey ::= SEQUENCE {
|
||||
Ppube BIT STRING -- uncompressed octets of ECPoint }
|
||||
|
||||
SM9EncPrivateKey ::= SEQUENCE {
|
||||
de BIT STRING, -- uncompressed octets of twisted point
|
||||
Ppube BIT STRING -- uncompressed octets of ECPoint }
|
||||
*/
|
||||
|
||||
typedef struct {
|
||||
SM9_POINT Ppube; // Ppube = ke * P1
|
||||
sm9_fn_t ke;
|
||||
} SM9_ENC_MASTER_KEY;
|
||||
|
||||
typedef struct {
|
||||
SM9_POINT Ppube;
|
||||
SM9_TWIST_POINT de;
|
||||
} SM9_ENC_KEY;
|
||||
|
||||
int sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY *master);
|
||||
int sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY *master, const char *id, size_t idlen, SM9_ENC_KEY *key);
|
||||
|
||||
// algorithm,parameters = sm9,sm9encrypt
|
||||
#define SM9_ENC_MASTER_KEY_MAX_SIZE 105
|
||||
int sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY *msk, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_key_from_der(SM9_ENC_MASTER_KEY *msk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_key_info_decrypt_from_der(SM9_ENC_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp);
|
||||
int sm9_enc_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *msk);
|
||||
|
||||
#define SM9_ENC_MASTER_PUBLIC_KEY_SIZE 70
|
||||
int sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY *mpk, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_master_public_key_from_der(SM9_ENC_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_master_public_key_to_pem(const SM9_ENC_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_enc_master_public_key_from_pem(SM9_ENC_MASTER_KEY *mpk, FILE *fp);
|
||||
int sm9_enc_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *mpk);
|
||||
|
||||
// algorithm,parameters = sm9encrypt,<null>
|
||||
#define SM9_ENC_KEY_SIZE 204
|
||||
int sm9_enc_key_to_der(const SM9_ENC_KEY *key, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_key_from_der(SM9_ENC_KEY *key, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_key_info_encrypt_to_der(const SM9_ENC_KEY *key, const char *pass, uint8_t **out, size_t *outlen);
|
||||
int sm9_enc_key_info_decrypt_from_der(SM9_ENC_KEY *key, const char *pass, const uint8_t **in, size_t *inlen);
|
||||
int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *fp);
|
||||
int sm9_enc_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_KEY *key);
|
||||
|
||||
#define SM9_MAX_PRIVATE_KEY_SIZE (SM9_SIGN_KEY_SIZE) // MAX(SIGN_MASTER_KEY, SIGN_KEY, ENC_MASTER_KEY, ENC_KEY)
|
||||
#define SM9_MAX_PRIVATE_KEY_INFO_SIZE 512
|
||||
#define SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE 1024
|
||||
|
||||
/*
|
||||
from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification
|
||||
SM9Cipher ::= SEQUENCE {
|
||||
EnType INTEGER, -- 0 for XOR
|
||||
C1 BIT STRING, -- uncompressed octets of ECPoint
|
||||
C3 OCTET STRING, -- 32 bytes HMAC-SM3 tag
|
||||
CipherText OCTET STRING }
|
||||
*/
|
||||
|
||||
int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, size_t klen, uint8_t *kbuf, SM9_POINT *C);
|
||||
int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const SM9_POINT *C, size_t klen, uint8_t *kbuf);
|
||||
int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, SM9_POINT *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE]);
|
||||
int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const SM9_POINT *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE], uint8_t *out);
|
||||
|
||||
#define SM9_MAX_PLAINTEXT_SIZE 255
|
||||
#define SM9_MAX_CIPHERTEXT_SIZE 367 // calculated in test_sm9_ciphertext()
|
||||
int sm9_ciphertext_to_der(const SM9_POINT *C1, const uint8_t *c2, size_t c2len,
|
||||
const uint8_t c3[SM3_HMAC_SIZE], uint8_t **out, size_t *outlen);
|
||||
int sm9_ciphertext_from_der(SM9_POINT *C1, const uint8_t **c2, size_t *c2len,
|
||||
const uint8_t *c3[SM3_HMAC_SIZE], const uint8_t **in, size_t *inlen);
|
||||
int sm9_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen);
|
||||
int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
int sm9_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
|
||||
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
@@ -54,6 +54,13 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
Version Public API
|
||||
|
||||
gmssl_version_num
|
||||
gmssl_version_str
|
||||
*/
|
||||
|
||||
#define GMSSL_VERSION_NUM 30000
|
||||
#define GMSSL_VERSION_STR "GmSSL 3.0.0 Alpha"
|
||||
|
||||
|
||||
@@ -62,6 +62,37 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
X509 Public API
|
||||
|
||||
x509_name_add_rdn
|
||||
x509_name_add_country_name
|
||||
x509_name_add_state_or_province_name
|
||||
x509_name_add_locality_name
|
||||
x509_name_add_organization_name
|
||||
x509_name_add_organizational_unit_name
|
||||
x509_name_add_common_name
|
||||
x509_name_add_domain_component
|
||||
x509_name_to_der
|
||||
x509_name_from_der
|
||||
x509_name_print
|
||||
x509_name_get_printable
|
||||
x509_name_get_value_by_type
|
||||
x509_name_get_common_name
|
||||
|
||||
x509_cert_sign
|
||||
x509_cert_verify
|
||||
x509_cert_verify_by_ca_cert
|
||||
x509_cert_get_issuer_and_serial_number
|
||||
x509_cert_get_issuer
|
||||
x509_cert_get_subject
|
||||
x509_cert_get_subject_public_key
|
||||
x509_cert_to_der
|
||||
x509_cert_from_der
|
||||
x509_cert_to_pem
|
||||
x509_cert_from_pem
|
||||
x509_cert_print
|
||||
*/
|
||||
|
||||
enum X509_Version {
|
||||
X509_version_v1 = 0,
|
||||
@@ -331,6 +362,7 @@ int x509_certs_get_cert_by_issuer_and_serial_number(
|
||||
int x509_certs_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -55,6 +55,14 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
X509 CRL Public API
|
||||
|
||||
|
||||
*/
|
||||
|
||||
|
||||
|
||||
/*
|
||||
CRLReason ::= ENUMERATED
|
||||
*/
|
||||
|
||||
@@ -63,6 +63,17 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
X509 REQ Public API
|
||||
|
||||
x509_req_sign
|
||||
x509_req_verify
|
||||
x509_req_get_details
|
||||
x509_req_print
|
||||
x509_req_to_pem
|
||||
x509_req_from_pem
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
from RFC 2986
|
||||
|
||||
@@ -59,6 +59,31 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
ZUC Public API
|
||||
|
||||
ZUC_KEY_SIZE
|
||||
ZUC_IV_SIZE
|
||||
ZUC_MAC_SIZE
|
||||
|
||||
ZUC_CTX
|
||||
zuc_encrypt_init
|
||||
zuc_encrypt_update
|
||||
zuc_encrypt_finish
|
||||
zuc_decrypt_init
|
||||
zuc_decrypt_update
|
||||
zuc_decrypt_finish
|
||||
|
||||
ZUC_MAC_CTX
|
||||
zuc_mac_init
|
||||
zuc_mac_update
|
||||
zuc_mac_finish
|
||||
|
||||
zuc_eea_encrypt
|
||||
zuc_eia_generate_mac
|
||||
*/
|
||||
|
||||
|
||||
# define ZUC_KEY_SIZE 16
|
||||
# define ZUC_IV_SIZE 16
|
||||
# define ZUC_MAC_SIZE 4
|
||||
@@ -132,7 +157,7 @@ typedef struct ZUC256_MAC_CTX_st {
|
||||
void zuc256_mac_init(ZUC256_MAC_CTX *ctx, const uint8_t key[ZUC256_KEY_SIZE],
|
||||
const uint8_t iv[ZUC256_IV_SIZE], int macbits);
|
||||
void zuc256_mac_update(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t len);
|
||||
void zuc256_mac_finish(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t nbits, uint8_t *mac);
|
||||
void zuc256_mac_finish(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t nbits, uint8_t mac[ZUC_MAC_SIZE]);
|
||||
|
||||
|
||||
// Public API
|
||||
|
||||
@@ -746,9 +746,6 @@ int asn1_oid_info_from_der_ex(const ASN1_OID_INFO **info, uint32_t *nodes, size_
|
||||
|
||||
if ((ret = asn1_object_identifier_from_der(nodes, nodes_cnt, in, inlen)) != 1) {
|
||||
if (ret < 0) error_print();
|
||||
if (ret == 0) {
|
||||
error_print();
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
*info = NULL;
|
||||
|
||||
@@ -119,9 +119,6 @@ int sm4_cbc_padding_decrypt(const SM4_KEY *key, const uint8_t iv[16],
|
||||
}
|
||||
sm4_cbc_decrypt(key, iv, in + inlen - 16, 1, block);
|
||||
|
||||
format_bytes(stderr, 0, 0, "last_decrypted_block", block, 16);
|
||||
|
||||
|
||||
padding = block[15];
|
||||
if (padding < 1 || padding > 16) {
|
||||
error_print();
|
||||
|
||||
458
src/sm9_alg.c
458
src/sm9_alg.c
@@ -52,14 +52,16 @@
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
#include <gmssl/hex.h>
|
||||
#include <gmssl/mem.h>
|
||||
#include <gmssl/sm9.h>
|
||||
#include <gmssl/error.h>
|
||||
#include <gmssl/endian.h>
|
||||
|
||||
|
||||
const sm9_bn_t SM9_ZERO = {0,0,0,0,0,0,0,0};
|
||||
const sm9_bn_t SM9_ONE = {1,0,0,0,0,0,0,0};
|
||||
const sm9_bn_t SM9_TWO = {2,0,0,0,0,0,0,0};
|
||||
const sm9_bn_t SM9_FIVE = {5,0,0,0,0,0,0,0};
|
||||
const sm9_bn_t SM9_ZERO = {0,0,0,0,0,0,0,0};
|
||||
const sm9_bn_t SM9_ONE = {1,0,0,0,0,0,0,0};
|
||||
static const sm9_bn_t SM9_TWO = {2,0,0,0,0,0,0,0};
|
||||
static const sm9_bn_t SM9_FIVE = {5,0,0,0,0,0,0,0};
|
||||
|
||||
|
||||
// p = b640000002a3a6f1d603ab4ff58ec74521f2934b1a7aeedbe56f9b27e351457d
|
||||
@@ -67,22 +69,22 @@ const sm9_bn_t SM9_FIVE = {5,0,0,0,0,0,0,0};
|
||||
// mu_p = 2^512 // p = 167980e0beb5759a655f73aebdcd1312af2665f6d1e36081c71188f90d5c22146
|
||||
// mu_n = 2^512 // n
|
||||
const sm9_bn_t SM9_P = {0xe351457d, 0xe56f9b27, 0x1a7aeedb, 0x21f2934b, 0xf58ec745, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
const sm9_bn_t SM9_P_MINUS_ONE = {0xe351457c, 0xe56f9b27, 0x1a7aeedb, 0x21f2934b, 0xf58ec745, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
const sm9_bn_t SM9_N = {0xd69ecf25, 0xe56ee19c, 0x18ea8bee, 0x49f2934b, 0xf58ec744, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
const sm9_bn_t SM9_N_MINUS_ONE = {0xd69ecf24, 0xe56ee19c, 0x18ea8bee, 0x49f2934b, 0xf58ec744, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
const sm9_barrett_bn_t SM9_MU_P = {0xd5c22146, 0x71188f90, 0x1e36081c, 0xf2665f6d, 0xdcd1312a, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
const sm9_barrett_bn_t SM9_MU_N = {0xdfc97c2f, 0x74df4fd4, 0xc9c073b0, 0x9c95d85e, 0xdcd1312c, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
const sm9_barrett_bn_t SM9_MU_N_MINUS_ONE = {0xdfc97c31, 0x74df4fd4, 0xc9c073b0, 0x9c95d85e, 0xdcd1312c, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
static const sm9_bn_t SM9_P_MINUS_ONE = {0xe351457c, 0xe56f9b27, 0x1a7aeedb, 0x21f2934b, 0xf58ec745, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
static const sm9_bn_t SM9_N_MINUS_ONE = {0xd69ecf24, 0xe56ee19c, 0x18ea8bee, 0x49f2934b, 0xf58ec744, 0xd603ab4f, 0x02a3a6f1, 0xb6400000};
|
||||
static const sm9_barrett_bn_t SM9_MU_P = {0xd5c22146, 0x71188f90, 0x1e36081c, 0xf2665f6d, 0xdcd1312a, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
static const sm9_barrett_bn_t SM9_MU_N = {0xdfc97c2f, 0x74df4fd4, 0xc9c073b0, 0x9c95d85e, 0xdcd1312c, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
static const sm9_barrett_bn_t SM9_MU_N_MINUS_ONE = {0xdfc97c31, 0x74df4fd4, 0xc9c073b0, 0x9c95d85e, 0xdcd1312c, 0x55f73aeb, 0xeb5759a6, 0x67980e0b, 0x00000001};
|
||||
|
||||
|
||||
// P1.X 0x93DE051D62BF718FF5ED0704487D01D6E1E4086909DC3280E8C4E4817C66DDDD
|
||||
// P1.Y 0x21FE8DDA4F21E607631065125C395BBC1C1C00CBFA6024350C464CD70A3EA616
|
||||
const sm9_point_t _SM9_P1 = {
|
||||
const SM9_POINT _SM9_P1 = {
|
||||
{0x7c66dddd, 0xe8c4e481, 0x09dc3280, 0xe1e40869, 0x487d01d6, 0xf5ed0704, 0x62bf718f, 0x93de051d},
|
||||
{0x0a3ea616, 0x0c464cd7, 0xfa602435, 0x1c1c00cb, 0x5c395bbc, 0x63106512, 0x4f21e607, 0x21fe8dda},
|
||||
{1,0,0,0,0,0,0,0}
|
||||
};
|
||||
const sm9_point_t *SM9_P1 = &_SM9_P1;
|
||||
const SM9_POINT *SM9_P1 = &_SM9_P1;
|
||||
|
||||
|
||||
/*
|
||||
@@ -92,24 +94,24 @@ const sm9_point_t *SM9_P1 = &_SM9_P1;
|
||||
0x17509b092e845c1266ba0d262cbee6ed0736a96fa347c8bd856dc76b84ebeb96n],
|
||||
Z : [1n, 0n],
|
||||
*/
|
||||
const sm9_twist_point_t _SM9_P2 = {
|
||||
const SM9_TWIST_POINT _SM9_P2 = {
|
||||
{{0xAF82D65B, 0xF9B7213B, 0xD19C17AB, 0xEE265948, 0xD34EC120, 0xD2AAB97F, 0x92130B08, 0x37227552},
|
||||
{0xD8806141, 0x54806C11, 0x0F5E93C4, 0xF1DD2C19, 0xB441A01F, 0x597B6027, 0x78640C98, 0x85AEF3D0}},
|
||||
{{0xC999A7C7, 0x6215BBA5, 0xA71A0811, 0x47EFBA98, 0x3D278FF2, 0x5F317015, 0x19BE3DA6, 0xA7CF28D5},
|
||||
{0x84EBEB96, 0x856DC76B, 0xA347C8BD, 0x0736A96F, 0x2CBEE6ED, 0x66BA0D26, 0x2E845C12, 0x17509B09}},
|
||||
{{1,0,0,0,0,0,0,0}, {0,0,0,0,0,0,0,0}},
|
||||
};
|
||||
const sm9_twist_point_t *SM9_P2 = &_SM9_P2;
|
||||
const SM9_TWIST_POINT *SM9_P2 = &_SM9_P2;
|
||||
|
||||
|
||||
const sm9_twist_point_t _SM9_Ppubs = {
|
||||
const SM9_TWIST_POINT _SM9_Ppubs = {
|
||||
{{0x96EA5E32, 0x8F14D656, 0x386A92DD, 0x414D2177, 0x24A3B573, 0x6CE843ED, 0x152D1F78, 0x29DBA116},
|
||||
{0x1B94C408, 0x0AB1B679, 0x5E392CFB, 0x1CE0711C, 0x41B56501, 0xE48AFF4B, 0x3084F733, 0x9F64080B}},
|
||||
{{0xB4E3216D, 0x0E75C05F, 0x5CDFF073, 0x1006E85F, 0xB7A46F74, 0x1A7CE027, 0xDDA532DA, 0x41E00A53},
|
||||
{0xD0EF1C25, 0xE89E1408, 0x1A77F335, 0xAD3E2FDB, 0x47E3A0CB, 0xB57329F4, 0xABEA0112, 0x69850938}},
|
||||
{{1,0,0,0,0,0,0,0}, {0,0,0,0,0,0,0,0}},
|
||||
};
|
||||
const sm9_twist_point_t *SM9_Ppubs = &_SM9_Ppubs;
|
||||
const SM9_TWIST_POINT *SM9_Ppubs = &_SM9_Ppubs;
|
||||
|
||||
|
||||
void sm9_bn_to_bytes(const sm9_bn_t a, uint8_t out[32])
|
||||
@@ -130,7 +132,7 @@ void sm9_bn_from_bytes(sm9_bn_t r, const uint8_t in[32])
|
||||
}
|
||||
}
|
||||
|
||||
int sm9_bn_from_hex(sm9_bn_t r, const char hex[65])
|
||||
int sm9_bn_from_hex(sm9_bn_t r, const char hex[64])
|
||||
{
|
||||
uint8_t buf[32];
|
||||
size_t len;
|
||||
@@ -138,22 +140,21 @@ int sm9_bn_from_hex(sm9_bn_t r, const char hex[65])
|
||||
return -1;
|
||||
}
|
||||
sm9_bn_from_bytes(r, buf);
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_bn_to_hex(const sm9_bn_t a, char hex[65])
|
||||
void sm9_bn_to_hex(const sm9_bn_t a, char hex[64])
|
||||
{
|
||||
int i;
|
||||
for (i = 7; i >= 0; i--) {
|
||||
(void)sprintf(hex + 8*(7-i), "%08x", (uint32_t)a[i]);
|
||||
//hex += 8;
|
||||
}
|
||||
hex[64] = 0;
|
||||
}
|
||||
|
||||
void sm9_print_bn(const char *prefix, const sm9_bn_t a)
|
||||
{
|
||||
char hex[65];
|
||||
char hex[65] = {0};
|
||||
sm9_bn_to_hex(a, hex);
|
||||
printf("%s\n%s\n", prefix, hex);
|
||||
}
|
||||
@@ -182,11 +183,12 @@ int sm9_bn_cmp(const sm9_bn_t a, const sm9_bn_t b)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sm9_bn_equ_hex(const sm9_bn_t a, const char *hex)
|
||||
|
||||
|
||||
|
||||
void sm9_bn_copy(sm9_bn_t r, const sm9_bn_t a)
|
||||
{
|
||||
sm9_bn_t b;
|
||||
sm9_bn_from_hex(b, hex);
|
||||
return (sm9_bn_cmp(a, b) == 0);
|
||||
memcpy(r, a, sizeof(sm9_bn_t));
|
||||
}
|
||||
|
||||
void sm9_bn_set_word(sm9_bn_t r, uint32_t a)
|
||||
@@ -221,7 +223,7 @@ void sm9_bn_sub(sm9_bn_t ret, const sm9_bn_t a, const sm9_bn_t b)
|
||||
sm9_bn_copy(ret, r);
|
||||
}
|
||||
|
||||
void sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range)
|
||||
int sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range)
|
||||
{
|
||||
FILE *fp;
|
||||
uint8_t buf[256];
|
||||
@@ -232,9 +234,10 @@ void sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range)
|
||||
sm9_bn_from_bytes(r, buf);
|
||||
} while (sm9_bn_cmp(r, range) >= 0);
|
||||
fclose(fp);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_fp_equ(const sm9_fp_t a, const sm9_fp_t b)
|
||||
int sm9_bn_equ(const sm9_bn_t a, const sm9_bn_t b)
|
||||
{
|
||||
int i;
|
||||
for (i = 0; i < 8; i++) {
|
||||
@@ -296,6 +299,14 @@ void sm9_fp_neg(sm9_fp_t r, const sm9_fp_t a)
|
||||
}
|
||||
}
|
||||
|
||||
int sm9_bn_print(FILE *fp, int fmt, int ind, const char *label, const sm9_bn_t a)
|
||||
{
|
||||
uint8_t buf[32];
|
||||
sm9_bn_to_bytes(a, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_barrett_bn_cmp(const sm9_barrett_bn_t a, const sm9_barrett_bn_t b)
|
||||
{
|
||||
int i;
|
||||
@@ -455,31 +466,94 @@ void sm9_fp_inv(sm9_fp_t r, const sm9_fp_t a)
|
||||
sm9_fp_pow(r, a, e);
|
||||
}
|
||||
|
||||
const sm9_fp2_t SM9_FP2_ZERO = {{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}};
|
||||
const sm9_fp2_t SM9_FP2_ONE = {{1,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}};
|
||||
const sm9_fp2_t SM9_FP2_U = {{0,0,0,0,0,0,0,0},{1,0,0,0,0,0,0,0}};
|
||||
const sm9_fp2_t SM9_FP2_5U = {{0,0,0,0,0,0,0,0},{5,0,0,0,0,0,0,0}};
|
||||
|
||||
void sm9_fp2_from_hex(sm9_fp2_t r, const char hex[65 * 2])
|
||||
int sm9_fp_from_bytes(sm9_fp_t r, const uint8_t buf[32])
|
||||
{
|
||||
sm9_fp_from_hex(r[1], hex);
|
||||
sm9_fp_from_hex(r[0], hex + 65);
|
||||
sm9_bn_from_bytes(r, buf);
|
||||
if (sm9_bn_cmp(r, SM9_P) >= 0) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp2_to_hex(const sm9_fp2_t a, char hex[65 * 2])
|
||||
int sm9_fp_from_hex(sm9_fp_t r, const char hex[64])
|
||||
{
|
||||
if (sm9_bn_from_hex(r, hex) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (sm9_bn_cmp(r, SM9_P) >= 0) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
const sm9_fp2_t SM9_FP2_ZERO = {{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}};
|
||||
const sm9_fp2_t SM9_FP2_ONE = {{1,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}};
|
||||
const sm9_fp2_t SM9_FP2_U = {{0,0,0,0,0,0,0,0},{1,0,0,0,0,0,0,0}};
|
||||
static const sm9_fp2_t SM9_FP2_5U = {{0,0,0,0,0,0,0,0},{5,0,0,0,0,0,0,0}};
|
||||
|
||||
int sm9_fp2_equ(const sm9_fp2_t a, const sm9_fp2_t b)
|
||||
{
|
||||
return (gmssl_secure_memcmp(a, b, sizeof(sm9_fp2_t)) == 0);
|
||||
}
|
||||
|
||||
void sm9_fp2_copy(sm9_fp2_t r, const sm9_fp2_t a)
|
||||
{
|
||||
memcpy(r, a, sizeof(sm9_fp2_t));
|
||||
}
|
||||
|
||||
int sm9_fp2_rand(sm9_fp2_t r)
|
||||
{
|
||||
if (sm9_fp_rand(r[0]) != 1
|
||||
|| sm9_fp_rand(r[1]) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp2_to_bytes(const sm9_fp2_t a, uint8_t buf[64])
|
||||
{
|
||||
sm9_fp_to_bytes(a[1], buf);
|
||||
sm9_fp_to_bytes(a[0], buf + 32);
|
||||
}
|
||||
|
||||
int sm9_fp2_from_bytes(sm9_fp2_t r, const uint8_t buf[64])
|
||||
{
|
||||
if (sm9_fp_from_bytes(r[1], buf) != 1
|
||||
|| sm9_fp_from_bytes(r[0], buf + 32) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_fp2_from_hex(sm9_fp2_t r, const char hex[129])
|
||||
{
|
||||
if (sm9_fp_from_hex(r[1], hex) != 1
|
||||
|| sm9_fp_from_hex(r[0], hex + 65) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
/*
|
||||
if (hex[64] != SM9_HEX_SEP) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
*/
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp2_to_hex(const sm9_fp2_t a, char hex[129])
|
||||
{
|
||||
sm9_fp_to_hex(a[1], hex);
|
||||
hex[64] = '\n';
|
||||
hex[64] = SM9_HEX_SEP;
|
||||
sm9_fp_to_hex(a[0], hex + 65);
|
||||
}
|
||||
|
||||
void sm9_fp2_print(const char *prefix, const sm9_fp2_t a)
|
||||
{
|
||||
char hex[65 * 2];
|
||||
sm9_fp2_to_hex(a, hex);
|
||||
printf("%s\n%s\n", prefix, hex);
|
||||
}
|
||||
|
||||
void sm9_fp2_set_fp(sm9_fp2_t r, const sm9_fp_t a)
|
||||
{
|
||||
sm9_fp_copy(r[0], a);
|
||||
@@ -655,22 +729,69 @@ void sm9_fp2_div2(sm9_fp2_t r, const sm9_fp2_t a)
|
||||
sm9_fp_div2(r[1], a[1]);
|
||||
}
|
||||
|
||||
int sm9_fp2_print(FILE *fp, int fmt, int ind, const char *label, const sm9_fp2_t a)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
const sm9_fp4_t SM9_FP4_ZERO = {{{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}, {{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}};
|
||||
const sm9_fp4_t SM9_FP4_ONE = {{{1,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}, {{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}};
|
||||
const sm9_fp4_t SM9_FP4_U = {{{0,0,0,0,0,0,0,0},{1,0,0,0,0,0,0,0}}, {{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}};
|
||||
const sm9_fp4_t SM9_FP4_V = {{{0,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}, {{1,0,0,0,0,0,0,0},{0,0,0,0,0,0,0,0}}};
|
||||
|
||||
void sm9_fp4_from_hex(sm9_fp4_t r, const char hex[65 * 4])
|
||||
int sm9_fp4_equ(const sm9_fp4_t a, const sm9_fp4_t b)
|
||||
{
|
||||
sm9_fp2_from_hex(r[1], hex);
|
||||
sm9_fp2_from_hex(r[0], hex + 65 * 2);
|
||||
return (gmssl_secure_memcmp(a, b, sizeof(sm9_fp4_t)) == 0);
|
||||
}
|
||||
|
||||
void sm9_fp4_to_hex(const sm9_fp4_t a, char hex[65 * 4])
|
||||
int sm9_fp4_rand(sm9_fp4_t r)
|
||||
{
|
||||
if (sm9_fp2_rand(r[1]) != 1
|
||||
|| sm9_fp2_rand(r[0]) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp4_copy(sm9_fp4_t r, const sm9_fp4_t a)
|
||||
{
|
||||
memcpy(r, a, sizeof(sm9_fp4_t));
|
||||
}
|
||||
|
||||
void sm9_fp4_to_bytes(const sm9_fp4_t a, uint8_t buf[128])
|
||||
{
|
||||
sm9_fp2_to_bytes(a[1], buf);
|
||||
sm9_fp2_to_bytes(a[0], buf + 64);
|
||||
}
|
||||
|
||||
int sm9_fp4_from_bytes(sm9_fp4_t r, const uint8_t buf[128])
|
||||
{
|
||||
if (sm9_fp2_from_bytes(r[1], buf) != 1
|
||||
|| sm9_fp2_from_bytes(r[0], buf + 64) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_fp4_from_hex(sm9_fp4_t r, const char hex[65 * 4])
|
||||
{
|
||||
if (sm9_fp2_from_hex(r[1], hex) != 1
|
||||
|| hex[129] != SM9_HEX_SEP
|
||||
|| sm9_fp2_from_hex(r[0], hex + 130) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp4_to_hex(const sm9_fp4_t a, char hex[259])
|
||||
{
|
||||
sm9_fp2_to_hex(a[1], hex);
|
||||
hex[65 + 64] = '\n';
|
||||
sm9_fp2_to_hex(a[0], hex + 65 * 2);
|
||||
hex[129] = SM9_HEX_SEP;
|
||||
sm9_fp2_to_hex(a[0], hex + 130);
|
||||
}
|
||||
|
||||
void sm9_fp4_set_fp(sm9_fp4_t r, const sm9_fp_t a)
|
||||
@@ -691,14 +812,6 @@ void sm9_fp4_set(sm9_fp4_t r, const sm9_fp2_t a0, const sm9_fp2_t a1)
|
||||
sm9_fp2_copy(r[1], a1);
|
||||
}
|
||||
|
||||
/*
|
||||
void sm9_fp4_set_one(sm9_fp4_t r)
|
||||
{
|
||||
sm9_fp2_set_one(r[0]);
|
||||
sm9_fp2_set_zero(r[1]);
|
||||
}
|
||||
*/
|
||||
|
||||
void sm9_fp4_set_u(sm9_fp4_t r)
|
||||
{
|
||||
sm9_fp2_set_u(r[0]);
|
||||
@@ -826,6 +939,31 @@ void sm9_fp4_inv(sm9_fp4_t r, const sm9_fp4_t a)
|
||||
sm9_fp2_copy(r[1], r1);
|
||||
}
|
||||
|
||||
void sm9_fp12_copy(sm9_fp12_t r, const sm9_fp12_t a)
|
||||
{
|
||||
sm9_fp4_copy(r[0], a[0]);
|
||||
sm9_fp4_copy(r[1], a[1]);
|
||||
sm9_fp4_copy(r[2], a[2]);
|
||||
}
|
||||
|
||||
int sm9_fp12_rand(sm9_fp12_t r)
|
||||
{
|
||||
if (sm9_fp4_rand(r[0]) != 1
|
||||
|| sm9_fp4_rand(r[1]) != 1
|
||||
|| sm9_fp4_rand(r[2]) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp12_set_zero(sm9_fp12_t r)
|
||||
{
|
||||
sm9_fp4_set_zero(r[0]);
|
||||
sm9_fp4_set_zero(r[1]);
|
||||
sm9_fp4_set_zero(r[2]);
|
||||
}
|
||||
|
||||
void sm9_fp12_set_one(sm9_fp12_t r)
|
||||
{
|
||||
sm9_fp4_set_one(r[0]);
|
||||
@@ -847,19 +985,25 @@ int sm9_fp12_is_zero(const sm9_fp12_t a)
|
||||
&& sm9_fp4_is_zero(a[2]);
|
||||
}
|
||||
|
||||
void sm9_fp12_from_hex(sm9_fp12_t r, const char hex[65 * 12])
|
||||
int sm9_fp12_from_hex(sm9_fp12_t r, const char hex[65 * 12 - 1])
|
||||
{
|
||||
sm9_fp4_from_hex(r[2], hex);
|
||||
sm9_fp4_from_hex(r[1], hex + 65 * 4);
|
||||
sm9_fp4_from_hex(r[0], hex + 65 * 8);
|
||||
if (sm9_fp4_from_hex(r[2], hex) != 1
|
||||
|| hex[65 * 4 - 1] != SM9_HEX_SEP
|
||||
|| sm9_fp4_from_hex(r[1], hex + 65 * 4) != 1
|
||||
|| hex[65 * 4 - 1] != SM9_HEX_SEP
|
||||
|| sm9_fp4_from_hex(r[0], hex + 65 * 8) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_fp12_to_hex(const sm9_fp12_t a, char hex[65 * 12])
|
||||
void sm9_fp12_to_hex(const sm9_fp12_t a, char hex[65 * 12 - 1])
|
||||
{
|
||||
sm9_fp4_to_hex(a[2], hex);
|
||||
hex[65 * 4 - 1] = '\n';
|
||||
hex[65 * 4 - 1] = SM9_HEX_SEP;
|
||||
sm9_fp4_to_hex(a[1], hex + 65 * 4);
|
||||
hex[65 * 8 - 1] = '\n';
|
||||
hex[65 * 8 - 1] = SM9_HEX_SEP;
|
||||
sm9_fp4_to_hex(a[0], hex + 65 * 8);
|
||||
}
|
||||
|
||||
@@ -1109,12 +1253,12 @@ void sm9_fp2_frobenius(sm9_fp2_t r, const sm9_fp2_t a)
|
||||
// alpha3 = 0x6c648de5dc0a3f2cf55acc93ee0baf159f9d411806dc5177f5b21fd3da24d011
|
||||
// alpha4 = 0xf300000002a3a6f2780272354f8b78f4d5fc11967be65333
|
||||
// alpha5 = 0x2d40a38cf6983351711e5f99520347cc57d778a9f8ff4c8a4c949c7fa2a96686
|
||||
const sm9_fp2_t SM9_BETA = {{0xda24d011, 0xf5b21fd3, 0x06dc5177, 0x9f9d4118, 0xee0baf15, 0xf55acc93, 0xdc0a3f2c, 0x6c648de5}, {0}};
|
||||
const sm9_fp_t SM9_ALPHA1 = {0x377b698b, 0xa91d8354, 0x0ddd04ed, 0x47c5c86e, 0x9c086749, 0x843c6cfa, 0xe5720bdb, 0x3f23ea58};
|
||||
const sm9_fp_t SM9_ALPHA2 = {0x7be65334, 0xd5fc1196, 0x4f8b78f4, 0x78027235, 0x02a3a6f2, 0xf3000000, 0x0, 0x0 };
|
||||
const sm9_fp_t SM9_ALPHA3 = {0xda24d011, 0xf5b21fd3, 0x06dc5177, 0x9f9d4118, 0xee0baf15, 0xf55acc93, 0xdc0a3f2c, 0x6c648de5};
|
||||
const sm9_fp_t SM9_ALPHA4 = {0x7be65333, 0xd5fc1196, 0x4f8b78f4, 0x78027235, 0x02a3a6f2, 0xf3000000, 0x0, 0x0 };
|
||||
const sm9_fp_t SM9_ALPHA5 = {0xa2a96686, 0x4c949c7f, 0xf8ff4c8a, 0x57d778a9, 0x520347cc, 0x711e5f99, 0xf6983351, 0x2d40a38c};
|
||||
static const sm9_fp2_t SM9_BETA = {{0xda24d011, 0xf5b21fd3, 0x06dc5177, 0x9f9d4118, 0xee0baf15, 0xf55acc93, 0xdc0a3f2c, 0x6c648de5}, {0}};
|
||||
static const sm9_fp_t SM9_ALPHA1 = {0x377b698b, 0xa91d8354, 0x0ddd04ed, 0x47c5c86e, 0x9c086749, 0x843c6cfa, 0xe5720bdb, 0x3f23ea58};
|
||||
static const sm9_fp_t SM9_ALPHA2 = {0x7be65334, 0xd5fc1196, 0x4f8b78f4, 0x78027235, 0x02a3a6f2, 0xf3000000, 0x0, 0x0 };
|
||||
static const sm9_fp_t SM9_ALPHA3 = {0xda24d011, 0xf5b21fd3, 0x06dc5177, 0x9f9d4118, 0xee0baf15, 0xf55acc93, 0xdc0a3f2c, 0x6c648de5};
|
||||
static const sm9_fp_t SM9_ALPHA4 = {0x7be65333, 0xd5fc1196, 0x4f8b78f4, 0x78027235, 0x02a3a6f2, 0xf3000000, 0x0, 0x0 };
|
||||
static const sm9_fp_t SM9_ALPHA5 = {0xa2a96686, 0x4c949c7f, 0xf8ff4c8a, 0x57d778a9, 0x520347cc, 0x711e5f99, 0xf6983351, 0x2d40a38c};
|
||||
|
||||
|
||||
void sm9_fp4_frobenius(sm9_fp4_t r, const sm9_fp4_t a)
|
||||
@@ -1235,31 +1379,30 @@ void sm9_fp12_frobenius6(sm9_fp12_t r, const sm9_fp12_t x)
|
||||
}
|
||||
|
||||
|
||||
void sm9_point_init(sm9_point_t *R)
|
||||
{
|
||||
sm9_fp_set_zero(R->X);
|
||||
sm9_fp_set_zero(R->Y);
|
||||
sm9_fp_set_one(R->Z);
|
||||
}
|
||||
|
||||
void sm9_point_from_hex(sm9_point_t *R, const char hex[65 * 2])
|
||||
void sm9_point_from_hex(SM9_POINT *R, const char hex[65 * 2])
|
||||
{
|
||||
sm9_bn_from_hex(R->X, hex);
|
||||
sm9_bn_from_hex(R->Y, hex + 65);
|
||||
sm9_bn_set_one(R->Z);
|
||||
}
|
||||
|
||||
int sm9_point_is_at_infinity(const sm9_point_t *P) {
|
||||
int sm9_point_is_at_infinity(const SM9_POINT *P) {
|
||||
return sm9_fp_is_zero(P->Z);
|
||||
}
|
||||
|
||||
void sm9_point_set_infinity(sm9_point_t *R) {
|
||||
void sm9_point_set_infinity(SM9_POINT *R) {
|
||||
sm9_fp_set_one(R->X);
|
||||
sm9_fp_set_one(R->Y);
|
||||
sm9_fp_set_zero(R->Z);
|
||||
}
|
||||
|
||||
void sm9_point_get_xy(const sm9_point_t *P, sm9_fp_t x, sm9_fp_t y)
|
||||
void sm9_point_copy(SM9_POINT *R, const SM9_POINT *P)
|
||||
{
|
||||
*R = *P;
|
||||
}
|
||||
|
||||
void sm9_point_get_xy(const SM9_POINT *P, sm9_fp_t x, sm9_fp_t y)
|
||||
{
|
||||
sm9_fp_t z_inv;
|
||||
|
||||
@@ -1279,7 +1422,7 @@ void sm9_point_get_xy(const sm9_point_t *P, sm9_fp_t x, sm9_fp_t y)
|
||||
sm9_fp_mul(y, y, z_inv);
|
||||
}
|
||||
|
||||
int sm9_point_equ(const sm9_point_t *P, const sm9_point_t *Q)
|
||||
int sm9_point_equ(const SM9_POINT *P, const SM9_POINT *Q)
|
||||
{
|
||||
sm9_fp_t t1, t2, t3, t4;
|
||||
sm9_fp_sqr(t1, P->Z);
|
||||
@@ -1296,7 +1439,7 @@ int sm9_point_equ(const sm9_point_t *P, const sm9_point_t *Q)
|
||||
return sm9_fp_equ(t3, t4);
|
||||
}
|
||||
|
||||
int sm9_point_is_on_curve(const sm9_point_t *P)
|
||||
int sm9_point_is_on_curve(const SM9_POINT *P)
|
||||
{
|
||||
sm9_fp_t t0, t1, t2;
|
||||
if (sm9_fp_is_one(P->Z)) {
|
||||
@@ -1314,10 +1457,14 @@ int sm9_point_is_on_curve(const sm9_point_t *P)
|
||||
sm9_fp_add(t1, t0, t1);
|
||||
sm9_fp_sqr(t0, P->Y);
|
||||
}
|
||||
return sm9_fp_equ(t0, t1);
|
||||
if (sm9_fp_equ(t0, t1) != 1) {
|
||||
error_print();
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_point_dbl(sm9_point_t *R, const sm9_point_t *P)
|
||||
void sm9_point_dbl(SM9_POINT *R, const SM9_POINT *P)
|
||||
{
|
||||
const uint64_t *X1 = P->X;
|
||||
const uint64_t *Y1 = P->Y;
|
||||
@@ -1349,7 +1496,7 @@ void sm9_point_dbl(sm9_point_t *R, const sm9_point_t *P)
|
||||
sm9_fp_copy(R->Z, Z3);
|
||||
}
|
||||
|
||||
void sm9_point_add(sm9_point_t *R, const sm9_point_t *P, const sm9_point_t *Q)
|
||||
void sm9_point_add(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q)
|
||||
{
|
||||
sm9_fp_t x;
|
||||
sm9_fp_t y;
|
||||
@@ -1406,24 +1553,24 @@ void sm9_point_add(sm9_point_t *R, const sm9_point_t *P, const sm9_point_t *Q)
|
||||
sm9_fp_copy(R->Z, Z3);
|
||||
}
|
||||
|
||||
void sm9_point_neg(sm9_point_t *R, const sm9_point_t *P)
|
||||
void sm9_point_neg(SM9_POINT *R, const SM9_POINT *P)
|
||||
{
|
||||
sm9_fp_copy(R->X, P->X);
|
||||
sm9_fp_neg(R->Y, P->Y);
|
||||
sm9_fp_copy(R->Z, P->Z);
|
||||
}
|
||||
|
||||
void sm9_point_sub(sm9_point_t *R, const sm9_point_t *P, const sm9_point_t *Q)
|
||||
void sm9_point_sub(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q)
|
||||
{
|
||||
sm9_point_t _T, *T = &_T;
|
||||
SM9_POINT _T, *T = &_T;
|
||||
sm9_point_neg(T, Q);
|
||||
sm9_point_add(R, P, T);
|
||||
}
|
||||
|
||||
void sm9_point_mul(sm9_point_t *R, const sm9_bn_t k, const sm9_point_t *P)
|
||||
void sm9_point_mul(SM9_POINT *R, const sm9_bn_t k, const SM9_POINT *P)
|
||||
{
|
||||
char kbits[257];
|
||||
sm9_point_t _Q, *Q = &_Q;
|
||||
SM9_POINT _Q, *Q = &_Q;
|
||||
int i;
|
||||
|
||||
sm9_bn_to_bits(k, kbits);
|
||||
@@ -1437,32 +1584,48 @@ void sm9_point_mul(sm9_point_t *R, const sm9_bn_t k, const sm9_point_t *P)
|
||||
sm9_point_copy(R, Q);
|
||||
}
|
||||
|
||||
void sm9_point_mul_generator(sm9_point_t *R, const sm9_bn_t k)
|
||||
void sm9_point_mul_generator(SM9_POINT *R, const sm9_bn_t k)
|
||||
{
|
||||
sm9_point_mul(R, k, SM9_P1);
|
||||
}
|
||||
|
||||
|
||||
void sm9_twist_point_from_hex(sm9_twist_point_t *R, const char hex[65 * 4])
|
||||
int sm9_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_POINT *P)
|
||||
{
|
||||
uint8_t buf[65];
|
||||
sm9_point_to_uncompressed_octets(P, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_twist_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
uint8_t buf[129];
|
||||
sm9_twist_point_to_uncompressed_octets(P, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
void sm9_twist_point_from_hex(SM9_TWIST_POINT *R, const char hex[65 * 4])
|
||||
{
|
||||
sm9_fp2_from_hex(R->X, hex);
|
||||
sm9_fp2_from_hex(R->Y, hex + 65 * 2);
|
||||
sm9_fp2_set_one(R->Z);
|
||||
}
|
||||
|
||||
int sm9_twist_point_is_at_infinity(const sm9_twist_point_t *P)
|
||||
int sm9_twist_point_is_at_infinity(const SM9_TWIST_POINT *P)
|
||||
{
|
||||
return sm9_fp2_is_zero(P->Z);
|
||||
}
|
||||
|
||||
void sm9_twist_point_set_infinity(sm9_twist_point_t *R)
|
||||
void sm9_twist_point_set_infinity(SM9_TWIST_POINT *R)
|
||||
{
|
||||
sm9_fp2_set_one(R->X);
|
||||
sm9_fp2_set_one(R->Y);
|
||||
sm9_fp2_set_zero(R->Z);
|
||||
}
|
||||
|
||||
void sm9_twist_point_get_xy(const sm9_twist_point_t *P, sm9_fp2_t x, sm9_fp2_t y)
|
||||
void sm9_twist_point_get_xy(const SM9_TWIST_POINT *P, sm9_fp2_t x, sm9_fp2_t y)
|
||||
{
|
||||
sm9_fp2_t z_inv;
|
||||
|
||||
@@ -1483,7 +1646,7 @@ void sm9_twist_point_get_xy(const sm9_twist_point_t *P, sm9_fp2_t x, sm9_fp2_t y
|
||||
}
|
||||
|
||||
|
||||
int sm9_twist_point_equ(const sm9_twist_point_t *P, const sm9_twist_point_t *Q)
|
||||
int sm9_twist_point_equ(const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q)
|
||||
{
|
||||
sm9_fp2_t t1, t2, t3, t4;
|
||||
|
||||
@@ -1501,7 +1664,7 @@ int sm9_twist_point_equ(const sm9_twist_point_t *P, const sm9_twist_point_t *Q)
|
||||
return sm9_fp2_equ(t3, t4);
|
||||
}
|
||||
|
||||
int sm9_twist_point_is_on_curve(const sm9_twist_point_t *P)
|
||||
int sm9_twist_point_is_on_curve(const SM9_TWIST_POINT *P)
|
||||
{
|
||||
sm9_fp2_t t0, t1, t2;
|
||||
|
||||
@@ -1525,14 +1688,14 @@ int sm9_twist_point_is_on_curve(const sm9_twist_point_t *P)
|
||||
return sm9_fp2_equ(t0, t1);
|
||||
}
|
||||
|
||||
void sm9_twist_point_neg(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_neg(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
sm9_fp2_copy(R->X, P->X);
|
||||
sm9_fp2_neg(R->Y, P->Y);
|
||||
sm9_fp2_copy(R->Z, P->Z);
|
||||
}
|
||||
|
||||
void sm9_twist_point_dbl(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_dbl(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
const sm9_fp_t *X1 = P->X;
|
||||
const sm9_fp_t *Y1 = P->Y;
|
||||
@@ -1563,7 +1726,7 @@ void sm9_twist_point_dbl(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
sm9_fp2_copy(R->Z, Z3);
|
||||
}
|
||||
|
||||
void sm9_twist_point_add(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q)
|
||||
void sm9_twist_point_add(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q)
|
||||
{
|
||||
const sm9_fp_t *X1 = P->X;
|
||||
const sm9_fp_t *Y1 = P->Y;
|
||||
@@ -1614,14 +1777,14 @@ void sm9_twist_point_add(sm9_twist_point_t *R, const sm9_twist_point_t *P, const
|
||||
sm9_fp2_copy(R->Z, Z3);
|
||||
}
|
||||
|
||||
void sm9_twist_point_sub(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q)
|
||||
void sm9_twist_point_sub(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q)
|
||||
{
|
||||
sm9_twist_point_t _T, *T = &_T;
|
||||
SM9_TWIST_POINT _T, *T = &_T;
|
||||
sm9_twist_point_neg(T, Q);
|
||||
sm9_twist_point_add_full(R, P, T);
|
||||
}
|
||||
|
||||
void sm9_twist_point_add_full(sm9_twist_point_t *R, const sm9_twist_point_t *P, const sm9_twist_point_t *Q)
|
||||
void sm9_twist_point_add_full(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q)
|
||||
{
|
||||
const sm9_fp_t *X1 = P->X;
|
||||
const sm9_fp_t *Y1 = P->Y;
|
||||
@@ -1678,9 +1841,9 @@ void sm9_twist_point_add_full(sm9_twist_point_t *R, const sm9_twist_point_t *P,
|
||||
sm9_fp2_copy(R->Z, T7);
|
||||
}
|
||||
|
||||
void sm9_twist_point_mul(sm9_twist_point_t *R, const sm9_bn_t k, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_mul(SM9_TWIST_POINT *R, const sm9_bn_t k, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
sm9_twist_point_t _Q, *Q = &_Q;
|
||||
SM9_TWIST_POINT _Q, *Q = &_Q;
|
||||
char kbits[256];
|
||||
int i;
|
||||
|
||||
@@ -1695,12 +1858,12 @@ void sm9_twist_point_mul(sm9_twist_point_t *R, const sm9_bn_t k, const sm9_twist
|
||||
sm9_twist_point_copy(R, Q);
|
||||
}
|
||||
|
||||
void sm9_twist_point_mul_generator(sm9_twist_point_t *R, const sm9_bn_t k)
|
||||
void sm9_twist_point_mul_generator(SM9_TWIST_POINT *R, const sm9_bn_t k)
|
||||
{
|
||||
sm9_twist_point_mul(R, k, SM9_P2);
|
||||
}
|
||||
|
||||
void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t *P, const sm9_point_t *Q)
|
||||
void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *P, const SM9_POINT *Q)
|
||||
{
|
||||
sm9_fp_t x;
|
||||
sm9_fp_t y;
|
||||
@@ -1745,7 +1908,7 @@ void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t
|
||||
sm9_fp2_sub(a0, t0, t1);
|
||||
}
|
||||
|
||||
void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t *T, const sm9_twist_point_t *P, const sm9_point_t *Q)
|
||||
void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *T, const SM9_TWIST_POINT *P, const SM9_POINT *Q)
|
||||
{
|
||||
sm9_fp_t x;
|
||||
sm9_fp_t y;
|
||||
@@ -1798,7 +1961,7 @@ void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const sm9_twist_point_t *T,
|
||||
sm9_fp2_copy(a1, T2);
|
||||
}
|
||||
|
||||
void sm9_twist_point_pi1(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_pi1(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
//const c = 0x3f23ea58e5720bdb843c6cfa9c08674947c5c86e0ddd04eda91d8354377b698bn;
|
||||
const sm9_fp_t c = {
|
||||
@@ -1812,7 +1975,7 @@ void sm9_twist_point_pi1(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
|
||||
}
|
||||
|
||||
void sm9_twist_point_pi2(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
//c = 0xf300000002a3a6f2780272354f8b78f4d5fc11967be65334
|
||||
const sm9_fp_t c = {
|
||||
@@ -1824,7 +1987,7 @@ void sm9_twist_point_pi2(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
sm9_fp2_mul_fp(R->Z, P->Z, c);
|
||||
}
|
||||
|
||||
void sm9_twist_point_neg_pi2(sm9_twist_point_t *R, const sm9_twist_point_t *P)
|
||||
void sm9_twist_point_neg_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P)
|
||||
{
|
||||
// c = 0xf300000002a3a6f2780272354f8b78f4d5fc11967be65334
|
||||
const sm9_fp_t c = {
|
||||
@@ -1888,12 +2051,12 @@ void sm9_final_exponent(sm9_fp12_t r, const sm9_fp12_t f)
|
||||
sm9_fp12_copy(r, t0);
|
||||
}
|
||||
|
||||
void sm9_pairing(sm9_fp12_t r, const sm9_twist_point_t *Q, const sm9_point_t *P) {
|
||||
void sm9_pairing(sm9_fp12_t r, const SM9_TWIST_POINT *Q, const SM9_POINT *P) {
|
||||
const char *abits = "00100000000000000000000000000000000000010000101011101100100111110";
|
||||
|
||||
sm9_twist_point_t _T, *T = &_T;
|
||||
sm9_twist_point_t _Q1, *Q1 = &_Q1;
|
||||
sm9_twist_point_t _Q2, *Q2 = &_Q2;
|
||||
SM9_TWIST_POINT _T, *T = &_T;
|
||||
SM9_TWIST_POINT _Q1, *Q1 = &_Q1;
|
||||
SM9_TWIST_POINT _Q2, *Q2 = &_Q2;
|
||||
|
||||
sm9_fp12_t f_num;
|
||||
sm9_fp12_t f_den;
|
||||
@@ -2074,24 +2237,6 @@ void sm9_fn_inv(sm9_fn_t r, const sm9_fn_t a)
|
||||
sm9_fn_pow(r, a, e);
|
||||
}
|
||||
|
||||
int sm9_fn_is_zero(const sm9_fn_t a)
|
||||
{
|
||||
return sm9_bn_is_zero(a);
|
||||
}
|
||||
void sm9_fn_rand(sm9_fn_t r)
|
||||
{
|
||||
sm9_bn_rand_range(r, SM9_N);
|
||||
}
|
||||
|
||||
int sm9_fn_equ(const sm9_fn_t a, const sm9_fn_t b)
|
||||
{
|
||||
int i;
|
||||
for (i = 0; i < 8; i++) {
|
||||
if (a[i] != b[i])
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
// for H1() and H2()
|
||||
// h = (Ha mod (n-1)) + 1; h in [1, n-1], n is the curve order, Ha is 40 bytes from hash
|
||||
@@ -2101,7 +2246,7 @@ void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40])
|
||||
sm9_barrett_bn_t zh, zl, q;
|
||||
uint64_t w;
|
||||
int i, j;
|
||||
|
||||
|
||||
/* s = Ha -> int */
|
||||
for (int i = 0; i < 10; i++) {
|
||||
for (int j = 0; j < 4; j++) {
|
||||
@@ -2160,7 +2305,7 @@ void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40])
|
||||
sm9_barrett_bn_sub(q, c, q);
|
||||
sm9_barrett_bn_add(zl, q, zl);
|
||||
}
|
||||
|
||||
|
||||
for (i = 0; i < 8; i++) {
|
||||
h[i] = zl[i];
|
||||
}
|
||||
@@ -2175,24 +2320,6 @@ void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40])
|
||||
sm9_fn_add(h, h, SM9_ONE);
|
||||
}
|
||||
|
||||
void sm9_fp2_from_bytes(sm9_fp2_t r, const uint8_t in[32 * 2])
|
||||
{
|
||||
sm9_bn_from_bytes(r[1], in);
|
||||
sm9_bn_from_bytes(r[0], in + 32);
|
||||
}
|
||||
|
||||
void sm9_fp2_to_bytes(const sm9_fp2_t a, uint8_t buf[32 * 2])
|
||||
{
|
||||
sm9_bn_to_bytes(a[1], buf);
|
||||
sm9_bn_to_bytes(a[0], buf + 32);
|
||||
}
|
||||
|
||||
void sm9_fp4_to_bytes(const sm9_fp4_t a, uint8_t buf[32 * 4])
|
||||
{
|
||||
sm9_fp2_to_bytes(a[1], buf);
|
||||
sm9_fp2_to_bytes(a[0], buf + 32 * 2);
|
||||
}
|
||||
|
||||
void sm9_fp12_to_bytes(const sm9_fp12_t a, uint8_t buf[32 * 12])
|
||||
{
|
||||
sm9_fp4_to_bytes(a[2], buf);
|
||||
@@ -2200,19 +2327,13 @@ void sm9_fp12_to_bytes(const sm9_fp12_t a, uint8_t buf[32 * 12])
|
||||
sm9_fp4_to_bytes(a[0], buf + 32 * 8);
|
||||
}
|
||||
|
||||
void sm9_fn_to_bytes(const sm9_fn_t a, uint8_t out[32])
|
||||
{
|
||||
sm9_bn_to_bytes(a, out);
|
||||
return;
|
||||
}
|
||||
|
||||
int sm9_fn_from_bytes(sm9_fn_t a, const uint8_t in[32])
|
||||
{
|
||||
sm9_bn_from_bytes(a, in);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_point_to_uncompressed_octets(const sm9_point_t *P, uint8_t octets[65])
|
||||
int sm9_point_to_uncompressed_octets(const SM9_POINT *P, uint8_t octets[65])
|
||||
{
|
||||
sm9_fp_t x;
|
||||
sm9_fp_t y;
|
||||
@@ -2223,17 +2344,24 @@ int sm9_point_to_uncompressed_octets(const sm9_point_t *P, uint8_t octets[65])
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_point_from_uncompressed_octets(sm9_point_t *P, const uint8_t octets[65])
|
||||
int sm9_point_from_uncompressed_octets(SM9_POINT *P, const uint8_t octets[65])
|
||||
{
|
||||
assert(octets[0] == 0x04);
|
||||
if (octets[0] != 0x04) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
memset(P, 0, sizeof(*P));
|
||||
sm9_bn_from_bytes(P->X, octets + 1);
|
||||
sm9_bn_from_bytes(P->Y, octets + 32 + 1);
|
||||
sm9_fp_set_one(P->Z);
|
||||
if (!sm9_point_is_on_curve(P)) return -1;
|
||||
if (!sm9_point_is_on_curve(P)) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_twist_point_to_uncompressed_octets(const sm9_twist_point_t *P, uint8_t octets[129])
|
||||
int sm9_twist_point_to_uncompressed_octets(const SM9_TWIST_POINT *P, uint8_t octets[129])
|
||||
{
|
||||
octets[0] = 0x04;
|
||||
sm9_fp2_t x;
|
||||
@@ -2244,7 +2372,7 @@ int sm9_twist_point_to_uncompressed_octets(const sm9_twist_point_t *P, uint8_t o
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_twist_point_from_uncompressed_octets(sm9_twist_point_t *P, const uint8_t octets[129])
|
||||
int sm9_twist_point_from_uncompressed_octets(SM9_TWIST_POINT *P, const uint8_t octets[129])
|
||||
{
|
||||
assert(octets[0] == 0x04);
|
||||
sm9_fp2_from_bytes(P->X, octets + 1);
|
||||
|
||||
104
src/sm9_key.c
104
src/sm9_key.c
@@ -1,4 +1,4 @@
|
||||
/*
|
||||
/*
|
||||
* Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
@@ -65,7 +65,7 @@
|
||||
int sm9_hash1(sm9_bn_t h1, const char *id, size_t idlen, uint8_t hid)
|
||||
{
|
||||
SM3_CTX ctx;
|
||||
uint8_t prefix[1] = {0x01};
|
||||
uint8_t prefix[1] = { SM9_HASH1_PREFIX };
|
||||
uint8_t ct1[4] = {0x00, 0x00, 0x00, 0x01};
|
||||
uint8_t ct2[4] = {0x00, 0x00, 0x00, 0x02};
|
||||
uint8_t Ha[64];
|
||||
@@ -184,12 +184,13 @@ int sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY *mpk, const uint8_t
|
||||
|
||||
int sm9_sign_key_to_der(const SM9_SIGN_KEY *key, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
uint8_t ds[32];
|
||||
uint8_t ds[65];
|
||||
uint8_t Ppubs[129];
|
||||
size_t len = 0;
|
||||
|
||||
sm9_point_to_uncompressed_octets(&key->ds, ds);
|
||||
sm9_twist_point_to_uncompressed_octets(&key->Ppubs, Ppubs);
|
||||
|
||||
if (asn1_bit_octets_to_der(ds, sizeof(ds), NULL, &len) != 1
|
||||
|| asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), NULL, &len) != 1
|
||||
|| asn1_sequence_header_to_der(len, out, outlen) != 1
|
||||
@@ -293,6 +294,7 @@ int sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY *mpk, uint8_t **ou
|
||||
size_t len = 0;
|
||||
|
||||
sm9_point_to_uncompressed_octets(&mpk->Ppube, Ppube);
|
||||
|
||||
if (asn1_bit_octets_to_der(Ppube, sizeof(Ppube), NULL, &len) != 1
|
||||
|| asn1_sequence_header_to_der(len, out, outlen) != 1
|
||||
|| asn1_bit_octets_to_der(Ppube, sizeof(Ppube), out, outlen) != 1) {
|
||||
@@ -336,6 +338,7 @@ int sm9_enc_key_to_der(const SM9_ENC_KEY *key, uint8_t **out, size_t *outlen)
|
||||
|
||||
sm9_twist_point_to_uncompressed_octets(&key->de, de);
|
||||
sm9_point_to_uncompressed_octets(&key->Ppube, Ppube);
|
||||
|
||||
if (asn1_bit_octets_to_der(de, sizeof(de), NULL, &len) != 1
|
||||
|| asn1_bit_octets_to_der(Ppube, sizeof(Ppube), NULL, &len) != 1
|
||||
|| asn1_sequence_header_to_der(len, out, outlen) != 1
|
||||
@@ -382,23 +385,29 @@ int sm9_enc_key_from_der(SM9_ENC_KEY *key, const uint8_t **in, size_t *inlen)
|
||||
|
||||
int sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY *msk)
|
||||
{
|
||||
if (!msk) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
// k = rand(1, n-1)
|
||||
sm9_fn_rand(msk->ks);
|
||||
|
||||
if (sm9_fn_rand(msk->ks) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
// Ppubs = k * P2 in E'(F_p^2)
|
||||
sm9_twist_point_mul_generator(&msk->Ppubs, msk->ks);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY *msk)
|
||||
{
|
||||
// k = rand(1, n-1)
|
||||
sm9_fn_rand(msk->ke);
|
||||
|
||||
if (sm9_fn_rand(msk->ke) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
// Ppube = ke * P1 in E(F_p)
|
||||
sm9_point_mul_generator(&msk->Ppube, msk->ke);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -490,6 +499,10 @@ int sm9_oid_from_name(const char *name)
|
||||
int sm9_oid_to_der(int oid, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
const ASN1_OID_INFO *info;
|
||||
if (oid == -1) {
|
||||
// TODO: 检查其他的oid_to_der是否支持这个default == -1 的特性
|
||||
return 0;
|
||||
}
|
||||
if (!(info = asn1_oid_info_from_oid(sm9_oids, sm9_oids_count, oid))) {
|
||||
error_print();
|
||||
return -1;
|
||||
@@ -552,6 +565,10 @@ static int sm9_private_key_info_to_der(int alg, int params, const uint8_t *prike
|
||||
uint8_t **out, size_t *outlen)
|
||||
{
|
||||
size_t len = 0;
|
||||
if (prikey_len > SM9_MAX_PRIVATE_KEY_SIZE) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (asn1_int_to_der(PKCS8_private_key_info_version, NULL, &len) != 1
|
||||
|| sm9_algor_to_der(alg, params, NULL, &len) != 1
|
||||
|| asn1_octet_string_to_der(prikey, prikey_len, NULL, &len) != 1
|
||||
@@ -562,6 +579,7 @@ static int sm9_private_key_info_to_der(int alg, int params, const uint8_t *prike
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
//printf("alg %s params %s prikey_len %zu: SM9_PRIVATE_KEY_INFO_SIZE %zu\n", sm9_oid_name(alg), sm9_oid_name(params), prikey_len, *outlen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -575,6 +593,7 @@ static int sm9_private_key_info_from_der(int *alg, int *params, const uint8_t **
|
||||
|
||||
if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
|
||||
if (ret < 0) error_print();
|
||||
else error_print();
|
||||
return ret;
|
||||
}
|
||||
if (asn1_int_from_der(&ver, &d, &dlen) != 1
|
||||
@@ -588,6 +607,10 @@ static int sm9_private_key_info_from_der(int *alg, int *params, const uint8_t **
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (*prikey_len > SM9_MAX_PRIVATE_KEY_SIZE) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -595,7 +618,7 @@ static int sm9_private_key_info_encrypt_to_der(int alg, int params, const uint8_
|
||||
const char *pass, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
int ret = -1;
|
||||
uint8_t pkey_info[1024];
|
||||
uint8_t pkey_info[SM9_MAX_PRIVATE_KEY_INFO_SIZE];
|
||||
uint8_t *p = pkey_info;
|
||||
size_t pkey_info_len = 0;
|
||||
uint8_t salt[16];
|
||||
@@ -603,7 +626,7 @@ static int sm9_private_key_info_encrypt_to_der(int alg, int params, const uint8_
|
||||
uint8_t iv[16];
|
||||
uint8_t key[16];
|
||||
SM4_KEY sm4_key;
|
||||
uint8_t enced_pkey_info[2480];
|
||||
uint8_t enced_pkey_info[sizeof(pkey_info) + 16]; // cbc-padding of pkey_info
|
||||
size_t enced_pkey_info_len;
|
||||
|
||||
if (sm9_private_key_info_to_der(alg, params, prikey, prikey_len, &p, &pkey_info_len) != 1
|
||||
@@ -621,6 +644,7 @@ static int sm9_private_key_info_encrypt_to_der(int alg, int params, const uint8_
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
//printf("SM9_ENCED_PRIVATE_KEY_INFO_SIZE %zu\n", *outlen);
|
||||
ret = 1;
|
||||
end:
|
||||
gmssl_secure_clear(pkey_info, sizeof(pkey_info));
|
||||
@@ -630,7 +654,6 @@ end:
|
||||
return ret;
|
||||
}
|
||||
|
||||
// 这里私钥我们必须要提供一个buffer
|
||||
static int sm9_private_key_info_decrypt_from_der(int *alg, int *params, uint8_t *prikey, size_t *prikey_len,
|
||||
const char *pass, const uint8_t **in, size_t *inlen)
|
||||
{
|
||||
@@ -647,7 +670,7 @@ static int sm9_private_key_info_decrypt_from_der(int *alg, int *params, uint8_t
|
||||
SM4_KEY sm4_key;
|
||||
const uint8_t *enced_pkey_info;
|
||||
size_t enced_pkey_info_len;
|
||||
uint8_t pkey_info[256]; // 这是一个比较大的缓冲空间
|
||||
uint8_t pkey_info[SM9_MAX_PRIVATE_KEY_INFO_SIZE];
|
||||
const uint8_t *cp = pkey_info;
|
||||
size_t pkey_info_len;
|
||||
const uint8_t *cp_prikey;
|
||||
@@ -684,9 +707,11 @@ end:
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
|
||||
int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_SIGN_MASTER_KEY_MAX_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -698,11 +723,12 @@ int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, cons
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen)
|
||||
{
|
||||
int ret = -1;
|
||||
int alg, params;
|
||||
uint8_t prikey[512];
|
||||
uint8_t prikey[SM9_MAX_PRIVATE_KEY_SIZE];
|
||||
size_t prikey_len;
|
||||
const uint8_t *cp = prikey;
|
||||
|
||||
@@ -731,7 +757,7 @@ end:
|
||||
|
||||
int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -748,7 +774,7 @@ int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, cons
|
||||
|
||||
int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
const uint8_t *cp = buf;
|
||||
size_t len;
|
||||
|
||||
@@ -763,7 +789,7 @@ int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const ch
|
||||
|
||||
int sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY *mpk, FILE *fp)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_SIGN_MASTER_PUBLIC_KEY_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -795,7 +821,7 @@ int sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY *mpk, FILE *fp)
|
||||
|
||||
int sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY *key, const char *pass, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_SIGN_KEY_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -840,7 +866,7 @@ end:
|
||||
|
||||
int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -857,7 +883,7 @@ int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass,
|
||||
|
||||
int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
const uint8_t *cp = buf;
|
||||
size_t len;
|
||||
|
||||
@@ -872,7 +898,7 @@ int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE
|
||||
|
||||
int sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[256];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -917,7 +943,7 @@ end:
|
||||
|
||||
int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -934,7 +960,7 @@ int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const
|
||||
|
||||
int sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
const uint8_t *cp = buf;
|
||||
size_t len;
|
||||
|
||||
@@ -1026,7 +1052,7 @@ end:
|
||||
|
||||
int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[1024];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
@@ -1043,7 +1069,7 @@ int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FI
|
||||
|
||||
int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *fp)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
|
||||
const uint8_t *cp = buf;
|
||||
size_t len;
|
||||
|
||||
@@ -1056,30 +1082,6 @@ int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_fn_print(FILE *fp, int fmt, int ind, const char *label, const sm9_fn_t a)
|
||||
{
|
||||
uint8_t buf[32];
|
||||
sm9_fn_to_bytes(a, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_point_print(FILE *fp, int fmt, int ind, const char *label, const sm9_point_t *P)
|
||||
{
|
||||
uint8_t buf[65];
|
||||
sm9_point_to_uncompressed_octets(P, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_twist_point_print(FILE *fp, int fmt, int ind, const char *label, const sm9_twist_point_t *P)
|
||||
{
|
||||
uint8_t buf[129];
|
||||
sm9_twist_point_to_uncompressed_octets(P, buf);
|
||||
format_bytes(fp, fmt, ind, label, buf, sizeof(buf));
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *msk)
|
||||
{
|
||||
format_print(fp, fmt, ind, "%s\n", label);
|
||||
@@ -1132,7 +1134,6 @@ int sm9_enc_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_E
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen)
|
||||
{
|
||||
const uint8_t *d;
|
||||
@@ -1146,7 +1147,6 @@ int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uin
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
format_print(fp, fmt, ind, "%s\n", label);
|
||||
ind += 4;
|
||||
if (asn1_octet_string_from_der(&p, &len, &d, &dlen) != 1) goto err;
|
||||
|
||||
@@ -57,8 +57,6 @@
|
||||
#include <gmssl/error.h>
|
||||
|
||||
|
||||
|
||||
|
||||
int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen)
|
||||
{
|
||||
uint8_t hbuf[32];
|
||||
@@ -68,10 +66,10 @@ int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen
|
||||
sm9_fn_to_bytes(sig->h, hbuf);
|
||||
sm9_point_to_uncompressed_octets(&sig->S, Sbuf);
|
||||
|
||||
if (asn1_integer_to_der(hbuf, sizeof(hbuf), NULL, &len) != 1
|
||||
if (asn1_octet_string_to_der(hbuf, sizeof(hbuf), NULL, &len) != 1
|
||||
|| asn1_bit_octets_to_der(Sbuf, sizeof(Sbuf), NULL, &len) != 1
|
||||
|| asn1_sequence_header_to_der(len, out, outlen) != 1
|
||||
|| asn1_integer_to_der(hbuf, sizeof(hbuf), out, outlen) != 1
|
||||
|| asn1_octet_string_to_der(hbuf, sizeof(hbuf), out, outlen) != 1
|
||||
|| asn1_bit_octets_to_der(Sbuf, sizeof(Sbuf), out, outlen) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
@@ -93,7 +91,7 @@ int sm9_signature_from_der(SM9_SIGNATURE *sig, const uint8_t **in, size_t *inlen
|
||||
if (ret < 0) error_print();
|
||||
return ret;
|
||||
}
|
||||
if (asn1_integer_from_der(&h, &hlen, &d, &dlen) != 1
|
||||
if (asn1_octet_string_from_der(&h, &hlen, &d, &dlen) != 1
|
||||
|| asn1_bit_octets_from_der(&S, &Slen, &d, &dlen) != 1
|
||||
|| asn1_check(hlen == 32) != 1
|
||||
|| asn1_check(Slen == 65) != 1
|
||||
@@ -111,7 +109,7 @@ int sm9_signature_from_der(SM9_SIGNATURE *sig, const uint8_t **in, size_t *inlen
|
||||
|
||||
int sm9_sign_init(SM9_SIGN_CTX *ctx)
|
||||
{
|
||||
const uint8_t prefix[1] = {0x02};
|
||||
const uint8_t prefix[1] = { SM9_HASH2_PREFIX };
|
||||
sm3_init(&ctx->sm3_ctx);
|
||||
sm3_update(&ctx->sm3_ctx, prefix, sizeof(prefix));
|
||||
return 1;
|
||||
@@ -139,8 +137,6 @@ int sm9_sign_finish(SM9_SIGN_CTX *ctx, const SM9_SIGN_KEY *key, uint8_t *sig, si
|
||||
return 1;
|
||||
}
|
||||
|
||||
#define hex_r "00033C8616B06704813203DFD00965022ED15975C662337AED648835DC4B1CBE"
|
||||
|
||||
int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *sig)
|
||||
{
|
||||
sm9_fn_t r;
|
||||
@@ -157,8 +153,11 @@ int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *
|
||||
|
||||
do {
|
||||
// A2: rand r in [1, N-1]
|
||||
sm9_fn_rand(r);
|
||||
//sm9_bn_from_hex(r, hex_r);
|
||||
if (sm9_fn_rand(r) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
//sm9_fn_from_hex(r, "00033C8616B06704813203DFD00965022ED15975C662337AED648835DC4B1CBE"); // for testing
|
||||
|
||||
// A3: w = g^r
|
||||
sm9_fp12_pow(g, g, r);
|
||||
@@ -192,7 +191,7 @@ int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *
|
||||
|
||||
int sm9_verify_init(SM9_SIGN_CTX *ctx)
|
||||
{
|
||||
const uint8_t prefix[1] = {0x02};
|
||||
const uint8_t prefix[1] = { SM9_HASH2_PREFIX };
|
||||
sm3_init(&ctx->sm3_ctx);
|
||||
sm3_update(&ctx->sm3_ctx, prefix, sizeof(prefix));
|
||||
return 1;
|
||||
@@ -232,7 +231,7 @@ int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
sm9_fp12_t t;
|
||||
sm9_fp12_t u;
|
||||
sm9_fp12_t w;
|
||||
sm9_twist_point_t P;
|
||||
SM9_TWIST_POINT P;
|
||||
uint8_t wbuf[32 * 12];
|
||||
SM3_CTX ctx = *sm3_ctx;
|
||||
SM3_CTX tmp_ctx;
|
||||
@@ -280,7 +279,7 @@ int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
}
|
||||
|
||||
int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
size_t klen, uint8_t *kbuf, sm9_point_t *C)
|
||||
size_t klen, uint8_t *kbuf, SM9_POINT *C)
|
||||
{
|
||||
sm9_fn_t r;
|
||||
sm9_fp12_t w;
|
||||
@@ -295,7 +294,10 @@ int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
|
||||
do {
|
||||
// A2: rand r in [1, N-1]
|
||||
sm9_fn_rand(r);
|
||||
if (sm9_fn_rand(r) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
// A3: C1 = r * Q
|
||||
sm9_point_mul(C, r, C);
|
||||
@@ -326,7 +328,7 @@ int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const sm9_point_t *C,
|
||||
int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const SM9_POINT *C,
|
||||
size_t klen, uint8_t *kbuf)
|
||||
{
|
||||
sm9_fp12_t w;
|
||||
@@ -348,7 +350,7 @@ int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const
|
||||
sm3_kdf_update(&kdf_ctx, (uint8_t *)id, idlen);
|
||||
sm3_kdf_finish(&kdf_ctx, kbuf);
|
||||
|
||||
if (mem_is_zero(kbuf, klen) != 1) {
|
||||
if (mem_is_zero(kbuf, klen)) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
@@ -363,26 +365,32 @@ int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const
|
||||
|
||||
int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen,
|
||||
sm9_point_t *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE])
|
||||
SM9_POINT *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE])
|
||||
{
|
||||
uint8_t K[inlen + 32];
|
||||
|
||||
sm9_kem_encrypt(mpk, id, idlen, sizeof(K), K, C1);
|
||||
if (sm9_kem_encrypt(mpk, id, idlen, sizeof(K), K, C1) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
gmssl_memxor(c2, K, in, inlen);
|
||||
sm3_hmac(K + inlen, 32, c2, inlen, c3);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const sm9_point_t *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE],
|
||||
const SM9_POINT *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE],
|
||||
uint8_t *out)
|
||||
{
|
||||
uint8_t k[c2len + SM3_HMAC_SIZE];
|
||||
uint8_t mac[SM3_HMAC_SIZE];
|
||||
|
||||
sm9_kem_decrypt(key, id, idlen, C1, sizeof(k), k);
|
||||
if (sm9_kem_decrypt(key, id, idlen, C1, sizeof(k), k) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
sm3_hmac(k + c2len, SM3_HMAC_SIZE, c2, c2len, mac);
|
||||
|
||||
if (gmssl_secure_memcmp(c3, mac, sizeof(mac)) != 0) {
|
||||
error_print();
|
||||
return -1;
|
||||
@@ -405,14 +413,17 @@ SM9Cipher ::= SEQUENCE {
|
||||
CipherText OCTET STRING,
|
||||
}
|
||||
*/
|
||||
int sm9_ciphertext_to_der(const sm9_point_t *C1, const uint8_t *c2, size_t c2len,
|
||||
int sm9_ciphertext_to_der(const SM9_POINT *C1, const uint8_t *c2, size_t c2len,
|
||||
const uint8_t c3[SM3_HMAC_SIZE], uint8_t **out, size_t *outlen)
|
||||
{
|
||||
int en_type = SM9_ENC_TYPE_XOR;
|
||||
uint8_t c1[65];
|
||||
size_t len = 0;
|
||||
|
||||
sm9_point_to_uncompressed_octets(C1, c1);
|
||||
if (sm9_point_to_uncompressed_octets(C1, c1) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (asn1_int_to_der(en_type, NULL, &len) != 1
|
||||
|| asn1_bit_octets_to_der(c1, sizeof(c1), NULL, &len) != 1
|
||||
|| asn1_octet_string_to_der(c3, SM3_HMAC_SIZE, NULL, &len) != 1
|
||||
@@ -428,9 +439,8 @@ int sm9_ciphertext_to_der(const sm9_point_t *C1, const uint8_t *c2, size_t c2len
|
||||
return 1;
|
||||
}
|
||||
|
||||
int sm9_ciphertext_from_der(
|
||||
sm9_point_t *C1, const uint8_t **c2, size_t *c2len, const uint8_t **c3,
|
||||
const uint8_t **in, size_t *inlen)
|
||||
int sm9_ciphertext_from_der(SM9_POINT *C1, const uint8_t **c2, size_t *c2len,
|
||||
const uint8_t **c3, const uint8_t **in, size_t *inlen)
|
||||
{
|
||||
int ret;
|
||||
const uint8_t *d;
|
||||
@@ -474,7 +484,7 @@ int sm9_ciphertext_from_der(
|
||||
int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen)
|
||||
{
|
||||
sm9_point_t C1;
|
||||
SM9_POINT C1;
|
||||
uint8_t c2[inlen];
|
||||
uint8_t c3[SM3_HMAC_SIZE];
|
||||
|
||||
@@ -493,7 +503,7 @@ int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen,
|
||||
int sm9_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen)
|
||||
{
|
||||
sm9_point_t C1;
|
||||
SM9_POINT C1;
|
||||
const uint8_t *c2;
|
||||
size_t c2len;
|
||||
const uint8_t *c3;
|
||||
@@ -503,8 +513,8 @@ int sm9_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen,
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
*outlen = c2len;
|
||||
if (!out) {
|
||||
*outlen = c2len;
|
||||
return 1;
|
||||
}
|
||||
if (sm9_do_decrypt(key, id, idlen, &C1, c2, c2len, c3, out) != 1) {
|
||||
|
||||
475
tests/sm9test.c
475
tests/sm9test.c
@@ -54,6 +54,14 @@
|
||||
#include <gmssl/rand.h>
|
||||
|
||||
|
||||
static int sm9_bn_equ_hex(const sm9_bn_t a, const char *hex)
|
||||
{
|
||||
sm9_bn_t b;
|
||||
sm9_bn_from_hex(b, hex);
|
||||
return (sm9_bn_cmp(a, b) == 0);
|
||||
}
|
||||
|
||||
|
||||
#define hex_iv "123456789abcdef00fedcba987654321123456789abcdef00fedcba987654321"
|
||||
#define hex_fp_add "114efe24536598809df494ff7657484edff1812d51c3955b7d869149aa123d31"
|
||||
#define hex_fp_sub "43cee97c9abed9be3efe7ffffc9d30abe1d643b9b27ea351460aabb2239d3fd4"
|
||||
@@ -72,13 +80,13 @@ int test_sm9_fp() {
|
||||
sm9_fp_t y;
|
||||
sm9_fp_t r;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_bn_copy(x, SM9_P2->X[1]);
|
||||
sm9_bn_copy(y, SM9_Ppubs->Y[0]);
|
||||
|
||||
|
||||
sm9_fp_t iv = {0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678, 0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678};
|
||||
sm9_bn_from_hex(r, hex_iv); if (sm9_bn_cmp(r, iv) != 0) goto err; ++j;
|
||||
|
||||
|
||||
sm9_fp_add(r, x, y); if (!sm9_bn_equ_hex(r, hex_fp_add)) goto err; ++j;
|
||||
sm9_fp_sub(r, x, y); if (!sm9_bn_equ_hex(r, hex_fp_sub)) goto err; ++j;
|
||||
sm9_fp_sub(r, y, x); if (!sm9_bn_equ_hex(r, hex_fp_nsub)) goto err; ++j;
|
||||
@@ -90,11 +98,11 @@ int test_sm9_fp() {
|
||||
sm9_fp_sqr(r, x); if (!sm9_bn_equ_hex(r, hex_fp_sqr)) goto err; ++j;
|
||||
sm9_fp_pow(r, x, y); if (!sm9_bn_equ_hex(r, hex_fp_pow)) goto err; ++j;
|
||||
sm9_fp_inv(r, x); if (!sm9_bn_equ_hex(r, hex_fp_inv)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
printf("%s test %d failed\n", __FUNCTION__, j);
|
||||
printf("%s() test %d failed\n", __FUNCTION__, j);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
@@ -113,10 +121,10 @@ int test_sm9_fn() {
|
||||
sm9_fn_t y;
|
||||
sm9_fn_t r;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_bn_from_hex(x, hex_x);
|
||||
sm9_bn_from_hex(y, hex_y);
|
||||
|
||||
|
||||
sm9_fn_t iv = {0, 0, 0, 0, 0, 0, 0, 0}; if (!sm9_fn_is_zero(iv)) goto err; ++j;
|
||||
sm9_fn_add(r, x, y); if (!sm9_bn_equ_hex(r, hex_fn_add)) goto err; ++j;
|
||||
sm9_fn_sub(r, x, y); if (!sm9_bn_equ_hex(r, hex_fn_sub)) goto err; ++j;
|
||||
@@ -124,7 +132,7 @@ int test_sm9_fn() {
|
||||
sm9_fn_mul(r, x, y); if (!sm9_bn_equ_hex(r, hex_fn_mul)) goto err; ++j;
|
||||
sm9_fn_pow(r, x, y); if (!sm9_bn_equ_hex(r, hex_fn_pow)) goto err; ++j;
|
||||
sm9_fn_inv(r, x); if (!sm9_bn_equ_hex(r, hex_fn_inv)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -155,15 +163,15 @@ int test_sm9_fp2() {
|
||||
sm9_fp2_t s;
|
||||
sm9_fp_t k;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_fp2_copy(x, SM9_P2->Y);
|
||||
sm9_fp2_copy(y, SM9_Ppubs->X);
|
||||
sm9_bn_from_hex(k, hex_iv);
|
||||
|
||||
|
||||
sm9_fp2_t iv2 = {{0xc9bb073c, 0xf1fdd299, 0xd14f49a9, 0xd632457d, 0x664a2b72, 0x6e492768, 0x4e243d80, 0xa3965402},
|
||||
{0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678, 0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678}};
|
||||
sm9_fp2_from_hex(r, hex_iv2); if (!sm9_fp2_equ(r, iv2)) goto err; ++j;
|
||||
|
||||
|
||||
sm9_fp2_add(r, x, y); sm9_fp2_from_hex(s, hex_fp2_add); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
sm9_fp2_dbl(r, x); sm9_fp2_from_hex(s, hex_fp2_dbl); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
sm9_fp2_tri(r, x); sm9_fp2_from_hex(s, hex_fp2_tri); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
@@ -177,7 +185,7 @@ int test_sm9_fp2() {
|
||||
sm9_fp2_inv(r, x); sm9_fp2_from_hex(s, hex_fp2_inv); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
sm9_fp2_div(r, x, y); sm9_fp2_from_hex(s, hex_fp2_div); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
sm9_fp2_div2(r, x); sm9_fp2_from_hex(s, hex_fp2_div2); if (!sm9_fp2_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -186,38 +194,46 @@ err:
|
||||
return -1;
|
||||
}
|
||||
|
||||
#define hex_iv4 "123456789abcdef00fedcba987654321123456789abcdef00fedcba987654321\
|
||||
-a39654024e243d806e492768664a2b72d632457dd14f49a9f1fdd299c9bb073c\
|
||||
-123456789abcdef00fedcba987654321123456789abcdef00fedcba987654321\
|
||||
-a39654024e243d806e492768664a2b72d632457dd14f49a9f1fdd299c9bb073c"
|
||||
#define hex_fp4_mul "11d8f3dc2c4a7cd3ff4d557d86871210cff65187190711430b2d898affd61cda\
|
||||
-960ee85c0aaacd6cc805053293a4955245ba973c9972b6767d0c68450a905ee7\
|
||||
-ac9891b21d82827f6ccc2cd8524179b833239019c0b66cad89d7d8735ee03782\
|
||||
-8f456b1cee442d189d01fc42fff7fd8481173dae8dc547d85c01a843005a063e"
|
||||
#define hex_fp4_mul_fp "413b76fe8748ab9130dc2907a55c15da925b496395c2cd82d6311863a4d9cfa8\
|
||||
-5cc754d5318f3ed489db7e53f94f3878a527053693983f4d4a61b30f6ea74984\
|
||||
-6769891769934201aa8d6de63cc012ec2b722d7b0ad9c9039246a3eea6f3d479\
|
||||
-408d33e58a4d3bfaf1d84a7ddad4e4026ca41f2aaa179611d9894584baed89d0"
|
||||
#define hex_fp4_mul_fp2 "242956015bdff53db568b970d64a7de56a0506309e1309b283317134dd52d53e\
|
||||
-5333c472d44677df131eeb1180badb3e1e9f88ba58190d16a92d95f939efb2c3\
|
||||
-0ccdaa76a6876ff69de6792161b614ca720bfcee2d5521533fbb28179ec0e31e\
|
||||
-2a2d6b832e919c313920f2e13e822795e2ceda8c0d8f4abe78220e4e00aeb6fd"
|
||||
#define hex_fp4_mul_v "ac9891b21d82827f6ccc2cd8524179b833239019c0b66cad89d7d8735ee03782\
|
||||
-8f456b1cee442d189d01fc42fff7fd8481173dae8dc547d85c01a843005a063e\
|
||||
-960ee85c0aaacd6cc805053293a4955245ba973c9972b6767d0c68450a905ee7\
|
||||
-928e1847aa0ead49d7690054e880a3238205f03ce86ccc55cf148811e3a50bc9"
|
||||
#define hex_fp4_sqr "8d3bc7848d4ad61017a7cb4efc280103bfe558e240c46c5765f1a4e2ec2e8c54\
|
||||
-2f0f2ef9dd3979c7018b67837ba6e73938ba88ae66a101aaa0cf27ee449835ec\
|
||||
-93838cbf9e5be34562c5bc031e27357d206f783837a6a921cbf4829292b69441\
|
||||
-3681ecc58b68ffc15af31c5b1f1e10e1f3c60bdabb329c0dc7ffb2cc3925f005"
|
||||
#define hex_fp4_sqr_v "93838cbf9e5be34562c5bc031e27357d206f783837a6a921cbf4829292b69441\
|
||||
-3681ecc58b68ffc15af31c5b1f1e10e1f3c60bdabb329c0dc7ffb2cc3925f005\
|
||||
-2f0f2ef9dd3979c7018b67837ba6e73938ba88ae66a101aaa0cf27ee449835ec\
|
||||
-520870f6eab1a1c37cb7c001f2cd8c82c41a74d1b36d0508fefbec89ee457252"
|
||||
#define hex_fp4_inv "1ec69309f84c5ad450750826fc804b72fb89fb48474222ba05be08bb1765f1d6\
|
||||
-3f16de331f77f510a3ec06e79319e3be5b3777471f79cd53404652b485133e99\
|
||||
-1cbf7f3bb04e2389184eade12de2752711cbff452363d2dfaf2bfef40618cebc\
|
||||
-3a70e829b83dc311970bc8d3e3e652f88a1ecd49b4672aa18c1c613c9a97d86f"
|
||||
#define hex_iv4 \
|
||||
"123456789abcdef00fedcba987654321123456789abcdef00fedcba987654321\n" \
|
||||
"a39654024e243d806e492768664a2b72d632457dd14f49a9f1fdd299c9bb073c\n" \
|
||||
"123456789abcdef00fedcba987654321123456789abcdef00fedcba987654321\n" \
|
||||
"a39654024e243d806e492768664a2b72d632457dd14f49a9f1fdd299c9bb073c"
|
||||
#define hex_fp4_mul \
|
||||
"11d8f3dc2c4a7cd3ff4d557d86871210cff65187190711430b2d898affd61cda\n" \
|
||||
"960ee85c0aaacd6cc805053293a4955245ba973c9972b6767d0c68450a905ee7\n" \
|
||||
"ac9891b21d82827f6ccc2cd8524179b833239019c0b66cad89d7d8735ee03782\n" \
|
||||
"8f456b1cee442d189d01fc42fff7fd8481173dae8dc547d85c01a843005a063e"
|
||||
#define hex_fp4_mul_fp \
|
||||
"413b76fe8748ab9130dc2907a55c15da925b496395c2cd82d6311863a4d9cfa8\n" \
|
||||
"5cc754d5318f3ed489db7e53f94f3878a527053693983f4d4a61b30f6ea74984\n" \
|
||||
"6769891769934201aa8d6de63cc012ec2b722d7b0ad9c9039246a3eea6f3d479\n" \
|
||||
"408d33e58a4d3bfaf1d84a7ddad4e4026ca41f2aaa179611d9894584baed89d0"
|
||||
#define hex_fp4_mul_fp2 \
|
||||
"242956015bdff53db568b970d64a7de56a0506309e1309b283317134dd52d53e\n" \
|
||||
"5333c472d44677df131eeb1180badb3e1e9f88ba58190d16a92d95f939efb2c3\n" \
|
||||
"0ccdaa76a6876ff69de6792161b614ca720bfcee2d5521533fbb28179ec0e31e\n" \
|
||||
"2a2d6b832e919c313920f2e13e822795e2ceda8c0d8f4abe78220e4e00aeb6fd"
|
||||
#define hex_fp4_mul_v \
|
||||
"ac9891b21d82827f6ccc2cd8524179b833239019c0b66cad89d7d8735ee03782\n" \
|
||||
"8f456b1cee442d189d01fc42fff7fd8481173dae8dc547d85c01a843005a063e\n" \
|
||||
"960ee85c0aaacd6cc805053293a4955245ba973c9972b6767d0c68450a905ee7\n" \
|
||||
"928e1847aa0ead49d7690054e880a3238205f03ce86ccc55cf148811e3a50bc9"
|
||||
#define hex_fp4_sqr \
|
||||
"8d3bc7848d4ad61017a7cb4efc280103bfe558e240c46c5765f1a4e2ec2e8c54\n" \
|
||||
"2f0f2ef9dd3979c7018b67837ba6e73938ba88ae66a101aaa0cf27ee449835ec\n" \
|
||||
"93838cbf9e5be34562c5bc031e27357d206f783837a6a921cbf4829292b69441\n" \
|
||||
"3681ecc58b68ffc15af31c5b1f1e10e1f3c60bdabb329c0dc7ffb2cc3925f005"
|
||||
#define hex_fp4_sqr_v \
|
||||
"93838cbf9e5be34562c5bc031e27357d206f783837a6a921cbf4829292b69441\n" \
|
||||
"3681ecc58b68ffc15af31c5b1f1e10e1f3c60bdabb329c0dc7ffb2cc3925f005\n" \
|
||||
"2f0f2ef9dd3979c7018b67837ba6e73938ba88ae66a101aaa0cf27ee449835ec\n" \
|
||||
"520870f6eab1a1c37cb7c001f2cd8c82c41a74d1b36d0508fefbec89ee457252"
|
||||
#define hex_fp4_inv \
|
||||
"1ec69309f84c5ad450750826fc804b72fb89fb48474222ba05be08bb1765f1d6\n" \
|
||||
"3f16de331f77f510a3ec06e79319e3be5b3777471f79cd53404652b485133e99\n" \
|
||||
"1cbf7f3bb04e2389184eade12de2752711cbff452363d2dfaf2bfef40618cebc\n" \
|
||||
"3a70e829b83dc311970bc8d3e3e652f88a1ecd49b4672aa18c1c613c9a97d86f"
|
||||
|
||||
int test_sm9_fp4() {
|
||||
sm9_fp4_t x;
|
||||
@@ -227,20 +243,20 @@ int test_sm9_fp4() {
|
||||
sm9_fp2_t q;
|
||||
sm9_fp_t k;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_fp2_from_hex(x[0], hex_fp2_mul_fp);
|
||||
sm9_fp2_from_hex(x[1], hex_fp2_sqr);
|
||||
sm9_fp2_from_hex(y[0], hex_fp2_add);
|
||||
sm9_fp2_from_hex(y[1], hex_fp2_tri);
|
||||
sm9_bn_from_hex(k, hex_iv);
|
||||
sm9_fp2_copy(q, SM9_Ppubs->X);
|
||||
|
||||
|
||||
sm9_fp4_t iv4 = {{{0xc9bb073c, 0xf1fdd299, 0xd14f49a9, 0xd632457d, 0x664a2b72, 0x6e492768, 0x4e243d80, 0xa3965402},
|
||||
{0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678, 0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678}},
|
||||
{{0xc9bb073c, 0xf1fdd299, 0xd14f49a9, 0xd632457d, 0x664a2b72, 0x6e492768, 0x4e243d80, 0xa3965402},
|
||||
{0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678, 0x87654321, 0x0fedcba9, 0x9abcdef0, 0x12345678}}};
|
||||
sm9_fp4_from_hex(r, hex_iv4); if (!sm9_fp4_equ(r, iv4)) goto err; ++j;
|
||||
|
||||
|
||||
sm9_fp4_mul(r, x, y); sm9_fp4_from_hex(s, hex_fp4_mul); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
sm9_fp4_mul_fp(r, x, k); sm9_fp4_from_hex(s, hex_fp4_mul_fp); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
sm9_fp4_mul_fp2(r, x, q); sm9_fp4_from_hex(s, hex_fp4_mul_fp2); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
@@ -248,7 +264,7 @@ int test_sm9_fp4() {
|
||||
sm9_fp4_sqr(r, x); sm9_fp4_from_hex(s, hex_fp4_sqr); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
sm9_fp4_sqr_v(r, x); sm9_fp4_from_hex(s, hex_fp4_sqr_v); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
sm9_fp4_inv(r, x); sm9_fp4_from_hex(s, hex_fp4_inv); if (!sm9_fp4_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -257,54 +273,58 @@ err:
|
||||
return -1;
|
||||
}
|
||||
|
||||
#define hex_fp12_mul "058d43459faee14ba2b6a69ff2d8c3ad933a1253e1764dedf5419b144a2ab82b\
|
||||
-20ef84805ba02ef92a48fb2ae8086e566a644ab0639249f175268f18d8091ad4\
|
||||
-83cc3be54a699ae24d8f920c87baa395befb424a6dcad1dcdfc2a006765ef8d5\
|
||||
-1d705169165d9c2386c3bc673df3fa84975afa955a7be27f1b362000a96b8c2c\
|
||||
-22b910d826f02961ff0fed439beb1e91f45193f87c2cdd9562da539290846ace\
|
||||
-2c618991ae82d35063cfed629ff7d930b8070ba07d0652ba092f046e133e3491\
|
||||
-137bc78a9aa182330bd71fb8859314422dd36f5e3c1f6fd36d6c9685fc39419f\
|
||||
-8d83e7380abe10a2f3677864c2dbbcdad7ae5434e92043a2da3b71f3f9cedd8c\
|
||||
-850c0562ac08996c05d22ea466cf4b1fa7a7064d4653b5fa725d623254bf7125\
|
||||
-6dc41016b3ab9b44a4841aa8037e3b4d331cc7c8313abee0c5111a9be5915e90\
|
||||
-6d1a15e5b765c4b139bf5c6c4a87214c269b26fb709ff5de885c053f405cf626\
|
||||
-8d4d853489a4a5d809fa77e35627a5351651b926f001e1ee46e95808f9001d24"
|
||||
#define hex_fp12_sqr "3592cba3482fb39756b2ed1d3d756685caa005bd5e8288bc92841d29276aa321\
|
||||
-8e3a49919e6de83b1ab1a5bb9eb993c3bbd68e8d305aed5c0b88cef0ef41c47f\
|
||||
-3d3d9cc8e07619efd21745f6938a26f7cb0a83ad4aa3a9d066e18ad99833e3ac\
|
||||
-25195ec7af551c42d7d37a0b120607d4adba6b9377299688b92a8393f3b8c20f\
|
||||
-76f676d5d2cb8d1a2cc237fc78c8d544bef1cd560e654236f502aed0d8c9148c\
|
||||
-6cde174a5e9d117175a4a163f041b65f868dffa05b5f3474f729b87f92493f2c\
|
||||
-667a86d73e8f88a81306f7f0cd28789a55bf7e9cbe155fc6abb300ad027d8801\
|
||||
-a49a66d48ec2ef72a9929413a40e316a8aee1d6236a1db8c56496524f1c23f11\
|
||||
-1684bc9679aaba4afe35ec8c0852e438f41e15ab37620d9661018f90fe7415f1\
|
||||
-8d37fb8b7edf942885b3009cf7e295bea89444d34091fc57380c778395b7c4e4\
|
||||
-278b9d9ea61b6b2758e758ed9a64034576b520e65a9d276a0c82f079501a226e\
|
||||
-01a333fa4177601de7cd8ed49ea4906f30e23988dcb7cde173da48499fce3ee5"
|
||||
#define hex_fp12_inv "47ae900b90945e31afde7fe09f0b69640c468a1648ee52070584a5d13af22bb9\
|
||||
-8f273655182c3a9f184dc30421161ecdd50655c36a9266c7df1016e410f34102\
|
||||
-a26e789013203804b5f8f1c5a51dd3fb50176d41108b235d6e66712721060252\
|
||||
-090aaed5cb83068a0376c6eaca210007744d00c8b4ce53279a67cc069cc519e7\
|
||||
-80ab89aa446df59ffe2f29cdb917b760d740ceb634c731b93bf1661aa5868b54\
|
||||
-1e13ab51b3198619cc0016599562ed4d266d1481d0d273d3f97cffe5f8e0dd21\
|
||||
-5aeb8ed89aafc971a857b8d02f3e3c37ef15ba0e3220e3a7c13c9da8af0c393b\
|
||||
-518c338b1430e3129c2555650e5d5634d89513f694ba3a5f2aeb444c540f125a\
|
||||
-aba8c5682695f3feee64772d0e49b432c96470e7d663098e9c271a91d4fc991a\
|
||||
-0ed800dabe29af5fb41a41cc49fd4084deb02442e8e66f88186607f46395e533\
|
||||
-a31b642cd5453c7bb16c82bc67bd3b66fa4db58b8e9aa45f9b579860f18d402c\
|
||||
-798b84002e95753e3b07027a8d68b0a7ab2ac40328fc7ca3ea40780b3428dbc1"
|
||||
#define hex_fp12_pow "43291d68970ec9c00ed4616b8fa4b2b332c15a6e4ed833a4b1d68db20a06896c\
|
||||
-48f861508cb878a1f1f806a486f3aa6889571bd5fb1010d73933550d219afd14\
|
||||
-34b20766a4cc466efe1ee0d48206d683890494aec331d5b345e9a9adb5c5845a\
|
||||
-0e3edea737b3db1083b776eb48e7bfaa4256a8d37d7ab13a370d7682daaf794d\
|
||||
-9808adfd960da7837736fca5acb13a84d56962a21af424e48c0aa52c77dfd157\
|
||||
-a8aa94ea4f3026eed8fa99ab9a793468db12bb7256c50570e72e375f981861a1\
|
||||
-3fd308b4cdcec640fa4f17aac455b2f3daed3fb86a850b47c301c3941dbd6c4c\
|
||||
-11b99f09fa20368e840c3d76e706939e4a3e8367165bb802de43acc83ae622d5\
|
||||
-a5e97a50168650cae7b02b4c2511eeb194cd5ea5ff02a0284abd5961b46d47e4\
|
||||
-b52a91d96353ef501bdbe6424ea26414faeeb930b9e618c2882a85d1fdeea3d0\
|
||||
-6c78632b7dbbbdbf347a3f5fd6935a9f9b425125b7ac106e3586a7fbee3f2f20\
|
||||
-6b35df1d1153684f1363fce020088a797802e18959df4f006bc5d7f4a632e9f9"
|
||||
#define hex_fp12_mul \
|
||||
"058d43459faee14ba2b6a69ff2d8c3ad933a1253e1764dedf5419b144a2ab82b\n" \
|
||||
"20ef84805ba02ef92a48fb2ae8086e566a644ab0639249f175268f18d8091ad4\n" \
|
||||
"83cc3be54a699ae24d8f920c87baa395befb424a6dcad1dcdfc2a006765ef8d5\n" \
|
||||
"1d705169165d9c2386c3bc673df3fa84975afa955a7be27f1b362000a96b8c2c\n" \
|
||||
"22b910d826f02961ff0fed439beb1e91f45193f87c2cdd9562da539290846ace\n" \
|
||||
"2c618991ae82d35063cfed629ff7d930b8070ba07d0652ba092f046e133e3491\n" \
|
||||
"137bc78a9aa182330bd71fb8859314422dd36f5e3c1f6fd36d6c9685fc39419f\n" \
|
||||
"8d83e7380abe10a2f3677864c2dbbcdad7ae5434e92043a2da3b71f3f9cedd8c\n" \
|
||||
"850c0562ac08996c05d22ea466cf4b1fa7a7064d4653b5fa725d623254bf7125\n" \
|
||||
"6dc41016b3ab9b44a4841aa8037e3b4d331cc7c8313abee0c5111a9be5915e90\n" \
|
||||
"6d1a15e5b765c4b139bf5c6c4a87214c269b26fb709ff5de885c053f405cf626\n" \
|
||||
"8d4d853489a4a5d809fa77e35627a5351651b926f001e1ee46e95808f9001d24"
|
||||
#define hex_fp12_sqr \
|
||||
"3592cba3482fb39756b2ed1d3d756685caa005bd5e8288bc92841d29276aa321\n" \
|
||||
"8e3a49919e6de83b1ab1a5bb9eb993c3bbd68e8d305aed5c0b88cef0ef41c47f\n" \
|
||||
"3d3d9cc8e07619efd21745f6938a26f7cb0a83ad4aa3a9d066e18ad99833e3ac\n" \
|
||||
"25195ec7af551c42d7d37a0b120607d4adba6b9377299688b92a8393f3b8c20f\n" \
|
||||
"76f676d5d2cb8d1a2cc237fc78c8d544bef1cd560e654236f502aed0d8c9148c\n" \
|
||||
"6cde174a5e9d117175a4a163f041b65f868dffa05b5f3474f729b87f92493f2c\n" \
|
||||
"667a86d73e8f88a81306f7f0cd28789a55bf7e9cbe155fc6abb300ad027d8801\n" \
|
||||
"a49a66d48ec2ef72a9929413a40e316a8aee1d6236a1db8c56496524f1c23f11\n" \
|
||||
"1684bc9679aaba4afe35ec8c0852e438f41e15ab37620d9661018f90fe7415f1\n" \
|
||||
"8d37fb8b7edf942885b3009cf7e295bea89444d34091fc57380c778395b7c4e4\n" \
|
||||
"278b9d9ea61b6b2758e758ed9a64034576b520e65a9d276a0c82f079501a226e\n" \
|
||||
"01a333fa4177601de7cd8ed49ea4906f30e23988dcb7cde173da48499fce3ee5"
|
||||
#define hex_fp12_inv \
|
||||
"47ae900b90945e31afde7fe09f0b69640c468a1648ee52070584a5d13af22bb9\n" \
|
||||
"8f273655182c3a9f184dc30421161ecdd50655c36a9266c7df1016e410f34102\n" \
|
||||
"a26e789013203804b5f8f1c5a51dd3fb50176d41108b235d6e66712721060252\n" \
|
||||
"090aaed5cb83068a0376c6eaca210007744d00c8b4ce53279a67cc069cc519e7\n" \
|
||||
"80ab89aa446df59ffe2f29cdb917b760d740ceb634c731b93bf1661aa5868b54\n" \
|
||||
"1e13ab51b3198619cc0016599562ed4d266d1481d0d273d3f97cffe5f8e0dd21\n" \
|
||||
"5aeb8ed89aafc971a857b8d02f3e3c37ef15ba0e3220e3a7c13c9da8af0c393b\n" \
|
||||
"518c338b1430e3129c2555650e5d5634d89513f694ba3a5f2aeb444c540f125a\n" \
|
||||
"aba8c5682695f3feee64772d0e49b432c96470e7d663098e9c271a91d4fc991a\n" \
|
||||
"0ed800dabe29af5fb41a41cc49fd4084deb02442e8e66f88186607f46395e533\n" \
|
||||
"a31b642cd5453c7bb16c82bc67bd3b66fa4db58b8e9aa45f9b579860f18d402c\n" \
|
||||
"798b84002e95753e3b07027a8d68b0a7ab2ac40328fc7ca3ea40780b3428dbc1"
|
||||
#define hex_fp12_pow \
|
||||
"43291d68970ec9c00ed4616b8fa4b2b332c15a6e4ed833a4b1d68db20a06896c\n" \
|
||||
"48f861508cb878a1f1f806a486f3aa6889571bd5fb1010d73933550d219afd14\n" \
|
||||
"34b20766a4cc466efe1ee0d48206d683890494aec331d5b345e9a9adb5c5845a\n" \
|
||||
"0e3edea737b3db1083b776eb48e7bfaa4256a8d37d7ab13a370d7682daaf794d\n" \
|
||||
"9808adfd960da7837736fca5acb13a84d56962a21af424e48c0aa52c77dfd157\n" \
|
||||
"a8aa94ea4f3026eed8fa99ab9a793468db12bb7256c50570e72e375f981861a1\n" \
|
||||
"3fd308b4cdcec640fa4f17aac455b2f3daed3fb86a850b47c301c3941dbd6c4c\n" \
|
||||
"11b99f09fa20368e840c3d76e706939e4a3e8367165bb802de43acc83ae622d5\n" \
|
||||
"a5e97a50168650cae7b02b4c2511eeb194cd5ea5ff02a0284abd5961b46d47e4\n" \
|
||||
"b52a91d96353ef501bdbe6424ea26414faeeb930b9e618c2882a85d1fdeea3d0\n" \
|
||||
"6c78632b7dbbbdbf347a3f5fd6935a9f9b425125b7ac106e3586a7fbee3f2f20\n" \
|
||||
"6b35df1d1153684f1363fce020088a797802e18959df4f006bc5d7f4a632e9f9"
|
||||
|
||||
int test_sm9_fp12() {
|
||||
sm9_fp12_t x;
|
||||
@@ -313,7 +333,7 @@ int test_sm9_fp12() {
|
||||
sm9_fp12_t s;
|
||||
sm9_bn_t k;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_fp4_from_hex(x[0], hex_fp4_mul);
|
||||
sm9_fp4_from_hex(x[1], hex_fp4_mul_fp);
|
||||
sm9_fp4_from_hex(x[2], hex_fp4_mul_fp2);
|
||||
@@ -321,12 +341,12 @@ int test_sm9_fp12() {
|
||||
sm9_fp4_from_hex(y[1], hex_fp4_sqr);
|
||||
sm9_fp4_from_hex(y[2], hex_fp4_inv);
|
||||
sm9_bn_from_hex(k, hex_iv);
|
||||
|
||||
|
||||
sm9_fp12_mul(r, x, y); sm9_fp12_from_hex(s, hex_fp12_mul); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
sm9_fp12_sqr(r, x); sm9_fp12_from_hex(s, hex_fp12_sqr); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
sm9_fp12_inv(r, x); sm9_fp12_from_hex(s, hex_fp12_inv); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
sm9_fp12_pow(r, x, k); sm9_fp12_from_hex(s, hex_fp12_pow); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -345,15 +365,16 @@ err:
|
||||
#define hex_point_mul_g "7cf689748f3714490d7a19eae0e7bfad0e0182498b7bcd8a6998dfd00f59be51-4e2e98d190e9d775e0caa943196bfb066d9c30818b2d768fb5299e7135830a6f"
|
||||
|
||||
int test_sm9_point() {
|
||||
sm9_point_t p;
|
||||
sm9_point_t q;
|
||||
sm9_point_t r;
|
||||
sm9_point_t s;
|
||||
SM9_POINT p;
|
||||
SM9_POINT q;
|
||||
SM9_POINT r;
|
||||
SM9_POINT s;
|
||||
sm9_bn_t k;
|
||||
int j = 1;
|
||||
|
||||
uint8_t buf[65];
|
||||
|
||||
sm9_bn_from_hex(k, hex_iv);
|
||||
|
||||
|
||||
sm9_point_from_hex(&p, hex_point1); if (!sm9_point_is_on_curve(&p)) goto err; ++j;
|
||||
sm9_point_from_hex(&q, hex_point2); if (!sm9_point_is_on_curve(&q)) goto err; ++j;
|
||||
sm9_point_dbl(&r, &p); sm9_point_from_hex(&s, hex_point_dbl); if (!sm9_point_equ(&r, &s)) goto err; ++j;
|
||||
@@ -362,7 +383,18 @@ int test_sm9_point() {
|
||||
sm9_point_sub(&r, &p, &q); sm9_point_from_hex(&s, hex_point_sub); if (!sm9_point_equ(&r, &s)) goto err; ++j;
|
||||
sm9_point_mul(&r, k, &p); sm9_point_from_hex(&s, hex_point_mul); if (!sm9_point_equ(&r, &s)) goto err; ++j;
|
||||
sm9_point_mul_generator(&r, k); sm9_point_from_hex(&s, hex_point_mul_g); if (!sm9_point_equ(&r, &s)) goto err; ++j;
|
||||
|
||||
|
||||
sm9_point_to_uncompressed_octets(&p, buf);
|
||||
sm9_point_from_uncompressed_octets(&q, buf);
|
||||
if (!sm9_point_equ(&p, &q)) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -371,49 +403,57 @@ err:
|
||||
return -1;
|
||||
}
|
||||
|
||||
#define hex_tpoint1 "83f6a65d85d51ec72eacf19bc38384e0369eb22a134a725a0191faa6e4f192ef\
|
||||
-9a79bfd491ef1cb32d9b57f7d0590ccff6b1cfe63dd15c0823d692fafbe96dbc\
|
||||
-9ed11c499291db0454d738555af0ce8a1df960056ee7425a6bf296eae60a5037\
|
||||
-849d4434eb7113fc9fb3809b51d54064fa2f20503423d256bc044905b1eba3fb"
|
||||
#define hex_tpoint2 "a36232a9713f69157b7cdceef54aa0237b3ba0642a80dbb597af8935aea2c130\
|
||||
-624b19114e49f00281e2aee1f1b9d4f0a081a135868f8bbdb7b7a7b7da5fd6bc\
|
||||
-77966917ec1c5a294dd836c34691ab5e891f8c9f017443902c0a73ec54d449d8\
|
||||
-1be45454b6fa085a53744b22fd398238e400c3e031c8796e59e1bd6222048af0"
|
||||
#define hex_tpoint_neg "83f6a65d85d51ec72eacf19bc38384e0369eb22a134a725a0191faa6e4f192ef\
|
||||
-9a79bfd491ef1cb32d9b57f7d0590ccff6b1cfe63dd15c0823d692fafbe96dbc\
|
||||
-176ee3b67011cbed812c72fa9a9df8bb03f93345ab93ac81797d043cfd46f546\
|
||||
-31a2bbcb173292f536502ab4a3b986e027c372fae6571c85296b52223165a182"
|
||||
#define hex_tpoint_dbl "73cbced58a8e76ef5235b480050a74e906e4d27185bd85d7ebdcd43ad24475fd\
|
||||
-58400f0eb23000d814f5b5d0706749a72909795b7b04f26d6d58b2cf478ad9c9\
|
||||
-19b460e09ac9ddbb380d6441e078a47bfcaa7d4c3d60b3a6c0d05f896472dc3c\
|
||||
-1d69f785f47d6f25cb901b131612c37edc5e89ee9ba2dac8c401ced40e340a39"
|
||||
#define hex_tpoint_add "5f443752a19e368f404b89abae20a386d2b534c424b93ededdbfd04d4c569e6b\
|
||||
-a411bbd84ee92a6ee53e5ca9cb81bacc192c6ba406f6fdcb2b04d0ab9c42ae44\
|
||||
-6a3dadfcaac134e8353dd3abf37d487b206ca28dfab1e0a9376649df748f1605\
|
||||
-4fa25e5e6100a023d4923df385dd236749c6a7f8e68db55e0bd1e2263fc04d28"
|
||||
#define hex_tpoint_sub "3cbbf5fcc6c11a3579036e617bbf0b2861c53979f01e37f59fc4a10d991ccde7\
|
||||
-1e9c3c99524c7867c9dbc4f52fdc938cf5aa4a980d3905cc91a5b91331235290\
|
||||
-44027c5d814bab73ad93d14b564303aab153ad7355bcfbf8a8bed7cb577e7fd8\
|
||||
-47a4037d1d6f6d2014aa04292fa91cf07b1f4331a85d4b66a6e048226ddfc43e"
|
||||
#define hex_tpoint_mul "5d704de3261290dbba39dbd14e6bc416025240fd1ed65ec982efed685ae41e8b\
|
||||
-705c9ca4b5ef465c4e5db80ca4880627a6d9d6bcefd4756496baba9d5eaa3304\
|
||||
-4e96eb3543aabf1e9a65cae24177b9d13b0f7fae9472145ba7ae2b14bb447aef\
|
||||
-5d7ba50d7eac49a00b18fee2069afd3cc9719993fa78271e66b7a3efed46ac8b"
|
||||
#define hex_tpoint_mulg "920ef6fb3a2acff52aa0c004c18feca149dfd33d98086f8f402ea9e0de303c49\
|
||||
-1f97dd359f2b065d63e0987f5bea2f3dc865c2cc112d7d161b46b83451716fd8\
|
||||
-614881d4d05fef3173a4990465876c5200f58c5015e13354b23ae401c20c4aef\
|
||||
-18a22e02b7d395a49f0646a79438e79cd37c32f163fe8923c13d56bab668e8a7"
|
||||
#define hex_tpoint1 \
|
||||
"83f6a65d85d51ec72eacf19bc38384e0369eb22a134a725a0191faa6e4f192ef\n" \
|
||||
"9a79bfd491ef1cb32d9b57f7d0590ccff6b1cfe63dd15c0823d692fafbe96dbc\n" \
|
||||
"9ed11c499291db0454d738555af0ce8a1df960056ee7425a6bf296eae60a5037\n" \
|
||||
"849d4434eb7113fc9fb3809b51d54064fa2f20503423d256bc044905b1eba3fb"
|
||||
#define hex_tpoint2 \
|
||||
"a36232a9713f69157b7cdceef54aa0237b3ba0642a80dbb597af8935aea2c130\n" \
|
||||
"624b19114e49f00281e2aee1f1b9d4f0a081a135868f8bbdb7b7a7b7da5fd6bc\n" \
|
||||
"77966917ec1c5a294dd836c34691ab5e891f8c9f017443902c0a73ec54d449d8\n" \
|
||||
"1be45454b6fa085a53744b22fd398238e400c3e031c8796e59e1bd6222048af0"
|
||||
#define hex_tpoint_neg \
|
||||
"83f6a65d85d51ec72eacf19bc38384e0369eb22a134a725a0191faa6e4f192ef\n" \
|
||||
"9a79bfd491ef1cb32d9b57f7d0590ccff6b1cfe63dd15c0823d692fafbe96dbc\n" \
|
||||
"176ee3b67011cbed812c72fa9a9df8bb03f93345ab93ac81797d043cfd46f546\n" \
|
||||
"31a2bbcb173292f536502ab4a3b986e027c372fae6571c85296b52223165a182"
|
||||
#define hex_tpoint_dbl \
|
||||
"73cbced58a8e76ef5235b480050a74e906e4d27185bd85d7ebdcd43ad24475fd\n" \
|
||||
"58400f0eb23000d814f5b5d0706749a72909795b7b04f26d6d58b2cf478ad9c9\n" \
|
||||
"19b460e09ac9ddbb380d6441e078a47bfcaa7d4c3d60b3a6c0d05f896472dc3c\n" \
|
||||
"1d69f785f47d6f25cb901b131612c37edc5e89ee9ba2dac8c401ced40e340a39"
|
||||
#define hex_tpoint_add \
|
||||
"5f443752a19e368f404b89abae20a386d2b534c424b93ededdbfd04d4c569e6b\n" \
|
||||
"a411bbd84ee92a6ee53e5ca9cb81bacc192c6ba406f6fdcb2b04d0ab9c42ae44\n" \
|
||||
"6a3dadfcaac134e8353dd3abf37d487b206ca28dfab1e0a9376649df748f1605\n" \
|
||||
"4fa25e5e6100a023d4923df385dd236749c6a7f8e68db55e0bd1e2263fc04d28"
|
||||
#define hex_tpoint_sub \
|
||||
"3cbbf5fcc6c11a3579036e617bbf0b2861c53979f01e37f59fc4a10d991ccde7\n" \
|
||||
"1e9c3c99524c7867c9dbc4f52fdc938cf5aa4a980d3905cc91a5b91331235290\n" \
|
||||
"44027c5d814bab73ad93d14b564303aab153ad7355bcfbf8a8bed7cb577e7fd8\n" \
|
||||
"47a4037d1d6f6d2014aa04292fa91cf07b1f4331a85d4b66a6e048226ddfc43e"
|
||||
#define hex_tpoint_mul \
|
||||
"5d704de3261290dbba39dbd14e6bc416025240fd1ed65ec982efed685ae41e8b\n" \
|
||||
"705c9ca4b5ef465c4e5db80ca4880627a6d9d6bcefd4756496baba9d5eaa3304\n" \
|
||||
"4e96eb3543aabf1e9a65cae24177b9d13b0f7fae9472145ba7ae2b14bb447aef\n" \
|
||||
"5d7ba50d7eac49a00b18fee2069afd3cc9719993fa78271e66b7a3efed46ac8b"
|
||||
#define hex_tpoint_mulg \
|
||||
"920ef6fb3a2acff52aa0c004c18feca149dfd33d98086f8f402ea9e0de303c49\n" \
|
||||
"1f97dd359f2b065d63e0987f5bea2f3dc865c2cc112d7d161b46b83451716fd8\n" \
|
||||
"614881d4d05fef3173a4990465876c5200f58c5015e13354b23ae401c20c4aef\n" \
|
||||
"18a22e02b7d395a49f0646a79438e79cd37c32f163fe8923c13d56bab668e8a7"
|
||||
|
||||
int test_sm9_twist_point() {
|
||||
sm9_twist_point_t p;
|
||||
sm9_twist_point_t q;
|
||||
sm9_twist_point_t r;
|
||||
sm9_twist_point_t s;
|
||||
SM9_TWIST_POINT p;
|
||||
SM9_TWIST_POINT q;
|
||||
SM9_TWIST_POINT r;
|
||||
SM9_TWIST_POINT s;
|
||||
sm9_bn_t k;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_bn_from_hex(k, hex_iv);
|
||||
|
||||
|
||||
sm9_twist_point_from_hex(&p, hex_tpoint1); if (!sm9_twist_point_is_on_curve(&p)) goto err; ++j;
|
||||
sm9_twist_point_from_hex(&q, hex_tpoint2); if (!sm9_twist_point_is_on_curve(&q)) goto err; ++j;
|
||||
sm9_twist_point_neg(&r, &p); sm9_twist_point_from_hex(&s, hex_tpoint_neg); if (!sm9_twist_point_equ(&r, &s)) goto err; ++j;
|
||||
@@ -423,7 +463,7 @@ int test_sm9_twist_point() {
|
||||
sm9_twist_point_sub(&r, &p, &q); sm9_twist_point_from_hex(&s, hex_tpoint_sub); if (!sm9_twist_point_equ(&r, &s)) goto err; ++j;
|
||||
sm9_twist_point_mul(&r, k, &p); sm9_twist_point_from_hex(&s, hex_tpoint_mul); if (!sm9_twist_point_equ(&r, &s)) goto err; ++j;
|
||||
sm9_twist_point_mul_generator(&r, k); sm9_twist_point_from_hex(&s, hex_tpoint_mulg); if (!sm9_twist_point_equ(&r, &s)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -432,68 +472,79 @@ err:
|
||||
return -1;
|
||||
}
|
||||
|
||||
#define hex_pairing1 "4e378fb5561cd0668f906b731ac58fee25738edf09cadc7a29c0abc0177aea6d\
|
||||
-28b3404a61908f5d6198815c99af1990c8af38655930058c28c21bb539ce0000\
|
||||
-38bffe40a22d529a0c66124b2c308dac9229912656f62b4facfced408e02380f\
|
||||
-a01f2c8bee81769609462c69c96aa923fd863e209d3ce26dd889b55e2e3873db\
|
||||
-67e0e0c2eed7a6993dce28fe9aa2ef56834307860839677f96685f2b44d0911f\
|
||||
-5a1ae172102efd95df7338dbc577c66d8d6c15e0a0158c7507228efb078f42a6\
|
||||
-1604a3fcfa9783e667ce9fcb1062c2a5c6685c316dda62de0548baa6ba30038b\
|
||||
-93634f44fa13af76169f3cc8fbea880adaff8475d5fd28a75deb83c44362b439\
|
||||
-b3129a75d31d17194675a1bc56947920898fbf390a5bf5d931ce6cbb3340f66d\
|
||||
-4c744e69c4a2e1c8ed72f796d151a17ce2325b943260fc460b9f73cb57c9014b\
|
||||
-84b87422330d7936eaba1109fa5a7a7181ee16f2438b0aeb2f38fd5f7554e57a\
|
||||
-aab9f06a4eeba4323a7833db202e4e35639d93fa3305af73f0f071d7d284fcfb"
|
||||
#define hex_pairing1 \
|
||||
"4e378fb5561cd0668f906b731ac58fee25738edf09cadc7a29c0abc0177aea6d\n" \
|
||||
"28b3404a61908f5d6198815c99af1990c8af38655930058c28c21bb539ce0000\n" \
|
||||
"38bffe40a22d529a0c66124b2c308dac9229912656f62b4facfced408e02380f\n" \
|
||||
"a01f2c8bee81769609462c69c96aa923fd863e209d3ce26dd889b55e2e3873db\n" \
|
||||
"67e0e0c2eed7a6993dce28fe9aa2ef56834307860839677f96685f2b44d0911f\n" \
|
||||
"5a1ae172102efd95df7338dbc577c66d8d6c15e0a0158c7507228efb078f42a6\n" \
|
||||
"1604a3fcfa9783e667ce9fcb1062c2a5c6685c316dda62de0548baa6ba30038b\n" \
|
||||
"93634f44fa13af76169f3cc8fbea880adaff8475d5fd28a75deb83c44362b439\n" \
|
||||
"b3129a75d31d17194675a1bc56947920898fbf390a5bf5d931ce6cbb3340f66d\n" \
|
||||
"4c744e69c4a2e1c8ed72f796d151a17ce2325b943260fc460b9f73cb57c9014b\n" \
|
||||
"84b87422330d7936eaba1109fa5a7a7181ee16f2438b0aeb2f38fd5f7554e57a\n" \
|
||||
"aab9f06a4eeba4323a7833db202e4e35639d93fa3305af73f0f071d7d284fcfb"
|
||||
|
||||
#define hex_RA "7CBA5B19069EE66AA79D490413D11846B9BA76DD22567F809CF23B6D964BB265-A9760C99CB6F706343FED05637085864958D6C90902ABA7D405FBEDF7B781599"
|
||||
#define hex_deB "74CCC3AC9C383C60AF083972B96D05C75F12C8907D128A17ADAFBAB8C5A4ACF7\
|
||||
-01092FF4DE89362670C21711B6DBE52DCD5F8E40C6654B3DECE573C2AB3D29B2\
|
||||
-44B0294AA04290E1524FF3E3DA8CFD432BB64DE3A8040B5B88D1B5FC86A4EBC1\
|
||||
-8CFC48FB4FF37F1E27727464F3C34E2153861AD08E972D1625FC1A7BD18D5539"
|
||||
#define hex_pairing2 "28542FB6954C84BE6A5F2988A31CB6817BA0781966FA83D9673A9577D3C0C134\
|
||||
-5E27C19FC02ED9AE37F5BB7BE9C03C2B87DE027539CCF03E6B7D36DE4AB45CD1\
|
||||
-A1ABFCD30C57DB0F1A838E3A8F2BF823479C978BD137230506EA6249C891049E\
|
||||
-3497477913AB89F5E2960F382B1B5C8EE09DE0FA498BA95C4409D630D343DA40\
|
||||
-4FEC93472DA33A4DB6599095C0CF895E3A7B993EE5E4EBE3B9AB7D7D5FF2A3D1\
|
||||
-647BA154C3E8E185DFC33657C1F128D480F3F7E3F16801208029E19434C733BB\
|
||||
-73F21693C66FC23724DB26380C526223C705DAF6BA18B763A68623C86A632B05\
|
||||
-0F63A071A6D62EA45B59A1942DFF5335D1A232C9C5664FAD5D6AF54C11418B0D\
|
||||
-8C8E9D8D905780D50E779067F2C4B1C8F83A8B59D735BB52AF35F56730BDE5AC\
|
||||
-861CCD9978617267CE4AD9789F77739E62F2E57B48C2FF26D2E90A79A1D86B93\
|
||||
-9B1CA08F64712E33AEDA3F44BD6CB633E0F722211E344D73EC9BBEBC92142765\
|
||||
-6BA584CE742A2A3AB41C15D3EF94EDEB8EF74A2BDCDAAECC09ABA567981F6437"
|
||||
#define hex_RA \
|
||||
"7CBA5B19069EE66AA79D490413D11846B9BA76DD22567F809CF23B6D964BB265\n" \
|
||||
"A9760C99CB6F706343FED05637085864958D6C90902ABA7D405FBEDF7B781599"
|
||||
#define hex_deB \
|
||||
"74CCC3AC9C383C60AF083972B96D05C75F12C8907D128A17ADAFBAB8C5A4ACF7\n" \
|
||||
"01092FF4DE89362670C21711B6DBE52DCD5F8E40C6654B3DECE573C2AB3D29B2\n" \
|
||||
"44B0294AA04290E1524FF3E3DA8CFD432BB64DE3A8040B5B88D1B5FC86A4EBC1\n" \
|
||||
"8CFC48FB4FF37F1E27727464F3C34E2153861AD08E972D1625FC1A7BD18D5539"
|
||||
|
||||
#define hex_Ppube "9174542668E8F14AB273C0945C3690C66E5DD09678B86F734C4350567ED06283-54E598C6BF749A3DACC9FFFEDD9DB6866C50457CFC7AA2A4AD65C3168FF74210"
|
||||
#define hex_pairing2 \
|
||||
"28542FB6954C84BE6A5F2988A31CB6817BA0781966FA83D9673A9577D3C0C134\n" \
|
||||
"5E27C19FC02ED9AE37F5BB7BE9C03C2B87DE027539CCF03E6B7D36DE4AB45CD1\n" \
|
||||
"A1ABFCD30C57DB0F1A838E3A8F2BF823479C978BD137230506EA6249C891049E\n" \
|
||||
"3497477913AB89F5E2960F382B1B5C8EE09DE0FA498BA95C4409D630D343DA40\n" \
|
||||
"4FEC93472DA33A4DB6599095C0CF895E3A7B993EE5E4EBE3B9AB7D7D5FF2A3D1\n" \
|
||||
"647BA154C3E8E185DFC33657C1F128D480F3F7E3F16801208029E19434C733BB\n" \
|
||||
"73F21693C66FC23724DB26380C526223C705DAF6BA18B763A68623C86A632B05\n" \
|
||||
"0F63A071A6D62EA45B59A1942DFF5335D1A232C9C5664FAD5D6AF54C11418B0D\n" \
|
||||
"8C8E9D8D905780D50E779067F2C4B1C8F83A8B59D735BB52AF35F56730BDE5AC\n" \
|
||||
"861CCD9978617267CE4AD9789F77739E62F2E57B48C2FF26D2E90A79A1D86B93\n" \
|
||||
"9B1CA08F64712E33AEDA3F44BD6CB633E0F722211E344D73EC9BBEBC92142765\n" \
|
||||
"6BA584CE742A2A3AB41C15D3EF94EDEB8EF74A2BDCDAAECC09ABA567981F6437"
|
||||
|
||||
|
||||
#define hex_Ppube \
|
||||
"9174542668E8F14AB273C0945C3690C66E5DD09678B86F734C4350567ED06283\n" \
|
||||
"54E598C6BF749A3DACC9FFFEDD9DB6866C50457CFC7AA2A4AD65C3168FF74210"
|
||||
#define rB "00018B98C44BEF9F8537FB7D071B2C928B3BC65BD3D69E1EEE213564905634FE"
|
||||
#define hex_pairing3 "1052D6E9D13E381909DFF7B2B41E13C987D0A9068423B769480DACCE6A06F492\
|
||||
-5FFEB92AD870F97DC0893114DA22A44DBC9E7A8B6CA31A0CF0467265A1FB48C7\
|
||||
-2C5C3B37E4F2FF83DB33D98C0317BCBBBBF4AC6DF6B89ECA58268B280045E612\
|
||||
-6CED9E2D7C9CD3D5AD630DEFAB0B831506218037EE0F861CF9B43C78434AEC38\
|
||||
-0AE7BF3E1AEC0CB67A03440906C7DFB3BCD4B6EEEBB7E371F0094AD4A816088D\
|
||||
-98DBC791D0671CACA12236CDF8F39E15AEB96FAEB39606D5B04AC581746A663D\
|
||||
-00DD2B7416BAA91172E89D5309D834F78C1E31B4483BB97185931BAD7BE1B9B5\
|
||||
-7EBAC0349F8544469E60C32F6075FB0468A68147FF013537DF792FFCE024F857\
|
||||
-10CC2B561A62B62DA36AEFD60850714F49170FD94A0010C6D4B651B64F3A3A5E\
|
||||
-58C9687BEDDCD9E4FEDAB16B884D1FE6DFA117B2AB821F74E0BF7ACDA2269859\
|
||||
-2A430968F16086061904CE201847934B11CA0F9E9528F5A9D0CE8F015C9AEA79\
|
||||
-934FDDA6D3AB48C8571CE2354B79742AA498CB8CDDE6BD1FA5946345A1A652F6"
|
||||
#define hex_pairing3 \
|
||||
"1052D6E9D13E381909DFF7B2B41E13C987D0A9068423B769480DACCE6A06F492\n" \
|
||||
"5FFEB92AD870F97DC0893114DA22A44DBC9E7A8B6CA31A0CF0467265A1FB48C7\n" \
|
||||
"2C5C3B37E4F2FF83DB33D98C0317BCBBBBF4AC6DF6B89ECA58268B280045E612\n" \
|
||||
"6CED9E2D7C9CD3D5AD630DEFAB0B831506218037EE0F861CF9B43C78434AEC38\n" \
|
||||
"0AE7BF3E1AEC0CB67A03440906C7DFB3BCD4B6EEEBB7E371F0094AD4A816088D\n" \
|
||||
"98DBC791D0671CACA12236CDF8F39E15AEB96FAEB39606D5B04AC581746A663D\n" \
|
||||
"00DD2B7416BAA91172E89D5309D834F78C1E31B4483BB97185931BAD7BE1B9B5\n" \
|
||||
"7EBAC0349F8544469E60C32F6075FB0468A68147FF013537DF792FFCE024F857\n" \
|
||||
"10CC2B561A62B62DA36AEFD60850714F49170FD94A0010C6D4B651B64F3A3A5E\n" \
|
||||
"58C9687BEDDCD9E4FEDAB16B884D1FE6DFA117B2AB821F74E0BF7ACDA2269859\n" \
|
||||
"2A430968F16086061904CE201847934B11CA0F9E9528F5A9D0CE8F015C9AEA79\n" \
|
||||
"934FDDA6D3AB48C8571CE2354B79742AA498CB8CDDE6BD1FA5946345A1A652F6"
|
||||
|
||||
|
||||
int test_sm9_pairing() {
|
||||
sm9_twist_point_t p;
|
||||
sm9_point_t q;
|
||||
SM9_TWIST_POINT p;
|
||||
SM9_POINT q;
|
||||
sm9_fp12_t r;
|
||||
sm9_fp12_t s;
|
||||
sm9_bn_t k;
|
||||
int j = 1;
|
||||
|
||||
|
||||
sm9_pairing(r, SM9_Ppubs, SM9_P1); sm9_fp12_from_hex(s, hex_pairing1); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
sm9_twist_point_from_hex(&p, hex_deB); sm9_point_from_hex(&q, hex_RA);
|
||||
sm9_pairing(r, &p, &q); sm9_fp12_from_hex(s, hex_pairing2); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
sm9_bn_from_hex(k, rB); sm9_point_from_hex(&q, hex_Ppube);
|
||||
sm9_pairing(r, SM9_P2, &q); sm9_fp12_pow(r, r, k); sm9_fp12_from_hex(s, hex_pairing3); if (!sm9_fp12_equ(r, s)) goto err; ++j;
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
err:
|
||||
@@ -509,11 +560,11 @@ int test_sm9_sign() {
|
||||
SM9_SIGN_CTX ctx;
|
||||
SM9_SIGN_KEY key;
|
||||
SM9_SIGN_MASTER_KEY mpk;
|
||||
sm9_point_t ds;
|
||||
SM9_POINT ds;
|
||||
uint8_t sig[1000] = {0};
|
||||
size_t siglen = 0;
|
||||
int j = 1;
|
||||
|
||||
|
||||
uint8_t data[20] = {0x43, 0x68, 0x69, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x49, 0x42, 0x53, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x72, 0x64};
|
||||
uint8_t IDA[5] = {0x41, 0x6C, 0x69, 0x63, 0x65};
|
||||
|
||||
@@ -538,19 +589,40 @@ err:
|
||||
}
|
||||
|
||||
#define hex_ke "0001EDEE3778F441F8DEA3D9FA0ACC4E07EE36C93F9A08618AF4AD85CEDE1C22"
|
||||
#define hex_de "94736ACD2C8C8796CC4785E938301A139A059D3537B6414140B2D31EECF41683\
|
||||
-115BAE85F5D8BC6C3DBD9E5342979ACCCF3C2F4F28420B1CB4F8C0B59A19B158\
|
||||
-7AA5E47570DA7600CD760A0CF7BEAF71C447F3844753FE74FA7BA92CA7D3B55F\
|
||||
-27538A62E7F7BFB51DCE08704796D94C9D56734F119EA44732B50E31CDEB75C1"
|
||||
|
||||
#define hex_de \
|
||||
"94736ACD2C8C8796CC4785E938301A139A059D3537B6414140B2D31EECF41683\n" \
|
||||
"115BAE85F5D8BC6C3DBD9E5342979ACCCF3C2F4F28420B1CB4F8C0B59A19B158\n" \
|
||||
"7AA5E47570DA7600CD760A0CF7BEAF71C447F3844753FE74FA7BA92CA7D3B55F\n" \
|
||||
"27538A62E7F7BFB51DCE08704796D94C9D56734F119EA44732B50E31CDEB75C1"
|
||||
|
||||
int test_sm9_ciphertext()
|
||||
{
|
||||
SM9_POINT C1;
|
||||
uint8_t c2[SM9_MAX_PLAINTEXT_SIZE];
|
||||
uint8_t c3[SM3_HMAC_SIZE];
|
||||
uint8_t buf[1024];
|
||||
uint8_t *p = buf;
|
||||
size_t len = 0;
|
||||
|
||||
sm9_point_copy(&C1, SM9_P1);
|
||||
if (sm9_ciphertext_to_der(&C1, c2, sizeof(c2), c3, &p, &len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
//printf("SM9_MAX_CIPHERTEXT_SIZE %zu\n", len);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int test_sm9_encrypt() {
|
||||
SM9_ENC_MASTER_KEY msk;
|
||||
SM9_ENC_KEY key;
|
||||
sm9_twist_point_t de;
|
||||
SM9_TWIST_POINT de;
|
||||
uint8_t out[1000] = {0};
|
||||
size_t outlen = 0;
|
||||
int j = 1;
|
||||
|
||||
|
||||
uint8_t data[20] = {0x43, 0x68, 0x69, 0x6E, 0x65, 0x73, 0x65, 0x20, 0x49, 0x42, 0x53, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x72, 0x64};
|
||||
uint8_t dec[20] = {0};
|
||||
size_t declen = 20;
|
||||
@@ -582,6 +654,7 @@ int main(void) {
|
||||
if (test_sm9_twist_point() != 1) goto err;
|
||||
if (test_sm9_pairing() != 1) goto err;
|
||||
if (test_sm9_sign() != 1) goto err;
|
||||
if (test_sm9_ciphertext() != 1) goto err;
|
||||
if (test_sm9_encrypt() != 1) goto err;
|
||||
|
||||
printf("%s all tests passed\n", __FILE__);
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
/*
|
||||
/*
|
||||
* Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -101,7 +101,7 @@ int sm9decrypt_main(int argc, char **argv)
|
||||
} else if (!strcmp(*argv, "-in")) {
|
||||
if (--argc < 1) goto bad;
|
||||
infile = *(++argv);
|
||||
if (!(infp = fopen(outfile, "r"))) {
|
||||
if (!(infp = fopen(infile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -118,10 +118,14 @@ bad:
|
||||
argv++;
|
||||
}
|
||||
|
||||
if (!mpkfile || !id) {
|
||||
if (!mpkfp || !id) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
if (sm9_enc_master_public_key_from_pem(&mpk, mpkfp) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) <= 0) {
|
||||
error_print();
|
||||
goto end;
|
||||
@@ -138,5 +142,6 @@ bad:
|
||||
end:
|
||||
if (infile && infp) fclose(infp);
|
||||
if (outfile && outfp) fclose(outfp);
|
||||
if (mpkfp) fclose(mpkfp);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -72,7 +72,7 @@ int sm9sign_main(int argc, char **argv)
|
||||
SM9_SIGN_CTX ctx;
|
||||
uint8_t buf[4096];
|
||||
ssize_t len;
|
||||
uint8_t sig[SM9_MAX_SIGNATURE_SIZE];
|
||||
uint8_t sig[SM9_SIGNATURE_SIZE];
|
||||
size_t siglen;
|
||||
|
||||
argc--;
|
||||
@@ -90,14 +90,14 @@ int sm9sign_main(int argc, char **argv)
|
||||
} else if (!strcmp(*argv, "-in")) {
|
||||
if (--argc < 1) goto bad;
|
||||
infile = *(++argv);
|
||||
if (!(infp = fopen(infile, "w"))) {
|
||||
if (!(infp = fopen(infile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-key")) {
|
||||
if (--argc < 1) goto bad;
|
||||
keyfile = *(++argv);
|
||||
if (!(keyfp = fopen(keyfile, "w"))) {
|
||||
if (!(keyfp = fopen(keyfile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
@@ -145,6 +145,14 @@ bad:
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (siglen != fwrite(sig, 1, siglen, outfp)) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
|
||||
|
||||
|
||||
ret = 0;
|
||||
|
||||
end:
|
||||
|
||||
@@ -70,7 +70,7 @@ int sm9verify_main(int argc, char **argv)
|
||||
SM9_SIGN_CTX ctx;
|
||||
uint8_t buf[4096];
|
||||
ssize_t len;
|
||||
uint8_t sig[SM9_MAX_SIGNATURE_SIZE];
|
||||
uint8_t sig[SM9_SIGNATURE_SIZE];
|
||||
ssize_t siglen;
|
||||
|
||||
argc--;
|
||||
@@ -88,14 +88,14 @@ int sm9verify_main(int argc, char **argv)
|
||||
} else if (!strcmp(*argv, "-in")) {
|
||||
if (--argc < 1) goto bad;
|
||||
infile = *(++argv);
|
||||
if (!(infp = fopen(infile, "w"))) {
|
||||
if (!(infp = fopen(infile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-pubmaster")) {
|
||||
if (--argc < 1) goto bad;
|
||||
mpkfile = *(++argv);
|
||||
if (!(mpkfp = fopen(mpkfile, "w"))) {
|
||||
if (!(mpkfp = fopen(mpkfile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
@@ -105,7 +105,7 @@ int sm9verify_main(int argc, char **argv)
|
||||
} else if (!strcmp(*argv, "-sig")) {
|
||||
if (--argc < 1) goto bad;
|
||||
sigfile = *(++argv);
|
||||
if (!(sigfp = fopen(sigfile, "w"))) {
|
||||
if (!(sigfp = fopen(sigfile, "r"))) {
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
@@ -148,6 +148,7 @@ bad:
|
||||
error_print();
|
||||
goto end;
|
||||
}
|
||||
printf("%s %s\n", prog, ret ? "success" : "failure");
|
||||
|
||||
end:
|
||||
if (infile && infp) fclose(infp);
|
||||
|
||||
Reference in New Issue
Block a user