diff --git a/Configure b/Configure index d99eed7f..24b8d0ad 100755 --- a/Configure +++ b/Configure @@ -1,4 +1,3 @@ -: eval 'exec perl -S $0 ${1+"$@"}' if $running_under_some_shell; ## diff --git a/Makefile b/Makefile index 2dc588ce..08d8fa61 100644 --- a/Makefile +++ b/Makefile @@ -67,9 +67,9 @@ EX_LIBS= EXE_EXT= ARFLAGS= AR= ar $(ARFLAGS) r -RANLIB= /opt/local/bin/ranlib +RANLIB= /usr/bin/ranlib NM= nm -PERL= /opt/local/bin/perl5 +PERL= /usr/bin/perl TAR= tar TARFLAGS= --no-recursion MAKEDEPPROG=makedepend diff --git a/Makefile.bak b/Makefile.bak index af528047..2dc588ce 100644 --- a/Makefile.bak +++ b/Makefile.bak @@ -151,7 +151,7 @@ SDIRS= \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ cms pqueue ts srp cmac \ - sm3 sms4 zuc cpk + sm3 sms4 zuc cpk ecies sm2 # keep in mind that the above list is adjusted by ./Configure # according to no-xxx arguments... diff --git a/apps/CA.pl b/apps/CA.pl index 0a610ec9..a3965ece 100644 --- a/apps/CA.pl +++ b/apps/CA.pl @@ -1,4 +1,4 @@ -#!/opt/local/bin/perl5 +#!/usr/bin/perl # # CA - wrapper around ca to make it easier to use ... basically ca requires # some setup stuff to be done before you can use it and this makes diff --git a/apps/dgst.c b/apps/dgst.c index 95e5fa3f..97696037 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -399,8 +399,11 @@ int MAIN(int argc, char **argv) if (hmac_key) { sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl, (unsigned char *)hmac_key, -1); - if (!sigkey) + if (!sigkey) { + ERR_print_errors_fp(stderr); + fprintf(stderr, "error %s %d\n", __FILE__, __LINE__); goto end; + } } if (sigkey) { diff --git a/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA31.cer b/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA31.cer new file mode 100755 index 00000000..d393a173 --- /dev/null +++ b/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA31.cer @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICpjCCAkqgAwIBAgIFEAAAABIwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xNTA5MjcwMTU1MTFaFw0z +NTA3MDQwMTU1MTFaMFwxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5h +bmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGzAZBgNVBAMMEkNGQ0EgQUNT +IFNNMiBPQ0EzMTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABCcSwBTmaKLmtQAw +ObvZD+SklpbAPTfxs1qNJCS9X3Fm6UsdXpuaWH+5GXI1y60fLRxI2bncwhROqoxX +RNx84TGjgfowgfcwHwYDVR0jBBgwFoAU5I7d1KPntg/uHSeWzXXcJSVyad0wDwYD +VR0TAQH/BAUwAwEB/zCBkwYDVR0fBIGLMIGIMFWgU6BRpE8wTTELMAkGA1UEBhMC +Q04xEzARBgNVBAoMCkNGQ0EgQ1MgQ0ExDDAKBgNVBAsMA0NSTDEMMAoGA1UECwwD +U00yMQ0wCwYDVQQDDARjcmwxMC+gLaArhilodHRwOi8vY3JsLmNmY2EuY29tLmNu +L2NzcmNhL1NNMi9jcmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFAjY +0SbESH2c7KyY6fF/YrmAzqlFMAwGCCqBHM9VAYN1BQADSAAwRQIhANrobDS529tG +CQn3BsgNr77fqBdx61d+UYYjkbHt8P87AiAPP7uJTXHJSH8/uey+IGqvRdEwxySA +92szUYtFBCnVtw== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA32.cer b/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA32.cer new file mode 100755 index 00000000..1dc0c0ea --- /dev/null +++ b/certs/sm2/cfca/CFCA_CS_CA/CFCA_ACS_SM2_OCA32.cer @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICpjCCAkqgAwIBAgIFEAAAABQwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xNTA5MjcwMzA4MTNaFw0z +NTA3MDQwMzA4MTNaMFwxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5h +bmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGzAZBgNVBAMMEkNGQ0EgQUNT +IFNNMiBPQ0EzMjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABEXMCRgtWeQylXBp +CRQifD2OALShS0iO8YA19suuv8K68xyAF2NlyoGFApl1NphUX5wV5Fhxg8I5xiaW +uvmKUhCjgfowgfcwHwYDVR0jBBgwFoAU5I7d1KPntg/uHSeWzXXcJSVyad0wDwYD +VR0TAQH/BAUwAwEB/zCBkwYDVR0fBIGLMIGIMFWgU6BRpE8wTTELMAkGA1UEBhMC +Q04xEzARBgNVBAoMCkNGQ0EgQ1MgQ0ExDDAKBgNVBAsMA0NSTDEMMAoGA1UECwwD +U00yMQ0wCwYDVQQDDARjcmwxMC+gLaArhilodHRwOi8vY3JsLmNmY2EuY29tLmNu +L2NzcmNhL1NNMi9jcmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLmn +Np8R14TIZPlsdNgrNDDIMa4MMAwGCCqBHM9VAYN1BQADSAAwRQIhANDkPHUmYmM5 +4Dbq3yPmCRW8uvfw2+YFMgI6NM+nuCQFAiBqW19Uwxh0XkA6Mpv9/BROaMVpasSG +yNuftcm7GAYDYA== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_CA.cer b/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_CA.cer new file mode 100755 index 00000000..420ce248 --- /dev/null +++ b/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_CA.cer @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIICAzCCAaegAwIBAgIEFy9CWTAMBggqgRzPVQGDdQUAMFgxCzAJBgNVBAYTAkNO +MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkxFzAVBgNVBAMMDkNGQ0EgQ1MgU00yIENBMB4XDTEyMDgzMTAyMDY1OVoXDTQy +MDgyNDAyMDY1OVowWDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu +Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEXMBUGA1UEAwwOQ0ZDQSBDUyBT +TTIgQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATuRh26wmtyKNMz+Pmneo3a +Sme+BCjRon8SvAxZBgLSuIxNUewq4kNujeb1I4A0yg7xNcjuOgXglAoQv+Tc+P0V +o10wWzAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD +AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU5I7d1KPntg/uHSeWzXXcJSVyad0w +DAYIKoEcz1UBg3UFAANIADBFAiBhP/rmIvles3RK1FfcmmEeS9RZdu+5lCzxF0nk +cof2QAIhAPVRpqOuceEQHsR77FBe/DgVPqF6lOyoZs0TzTDHrN8c +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_OCA11.cer b/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_OCA11.cer new file mode 100755 index 00000000..c6f26b54 --- /dev/null +++ b/certs/sm2/cfca/CFCA_CS_CA/CFCA_CS_SM2_OCA11.cer @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICbDCCAg+gAwIBAgIFEAAAAAcwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xMjA4MzEwMzAyMTRaFw0z +MTA1MTUwMzAyMTRaMFsxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5h +bmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGjAYBgNVBAMMEUNGQ0EgQ1Mg +U00yIE9DQTExMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEpw5G3rTlXtErnIzZ +pT7uQJgjc+s1Y+yoe63tBP9p8/7EXlaymC4aZVCen2+MG+kgGN/xVcGIRAHpyeZv +LpAWa6OBwDCBvTAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNV +HRMEBTADAQH/MGAGA1UdHwRZMFcwVaBToFGkTzBNMQswCQYDVQQGEwJDTjETMBEG +A1UECgwKQ0ZDQSBDUyBDQTEMMAoGA1UECwwDQ1JMMQwwCgYDVQQLDANTTTIxDTAL +BgNVBAMMBGNybDEwCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBRCyiGJj6I6nUsUGD2k +zOhQiHDiETAMBggqgRzPVQGDdQUAA0kAMEYCIQC4JV+4pRCsVeocC6mlPl37JK8o +9vcOfdEH0jnKVJHZ0wIhAND4BNV18JxupYfQPWRiIgFyPiP/3PSFliaeWZ/p4y9q +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_CS_CA/CFCA_SM2_OCA1.cer b/certs/sm2/cfca/CFCA_CS_CA/CFCA_SM2_OCA1.cer new file mode 100755 index 00000000..11e8771c --- /dev/null +++ b/certs/sm2/cfca/CFCA_CS_CA/CFCA_SM2_OCA1.cer @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICNTCCAdmgAwIBAgIFEAAAAAgwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xMzAxMjQwODQ2NDBaFw0z +MzAxMTkwODQ2NDBaMCUxCzAJBgNVBAYTAkNOMRYwFAYDVQQKDA1DRkNBIFNNMiBP +Q0ExMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEfJqQoo0+JoyCRy0msS2Ym076 +8nV1pSLuK9utS1ij38obWDymq0oMRRwUzDMEQI19Cajo3JUoGFxOvsA+YWu3XKOB +wDCBvTAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD +AQH/MGAGA1UdHwRZMFcwVaBToFGkTzBNMQswCQYDVQQGEwJDTjETMBEGA1UECgwK +Q0ZDQSBDUyBDQTEMMAoGA1UECwwDQ1JMMQwwCgYDVQQLDANTTTIxDTALBgNVBAMM +BGNybDEwCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBRck1ggWiRzVhAbZFAQ7OmnygdB +ETAMBggqgRzPVQGDdQUAA0gAMEUCIBVscoZJhUy4eToK4C//LjvhjKK2qpBFac/h +Pr6yYTLzAiEAiyqrqsGUU5vGkDo5bEpmF1EbnY8xovsM9vCx98yBrVM= +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_CodeSign_OCA.cer b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_CodeSign_OCA.cer new file mode 100755 index 00000000..69ec3056 --- /dev/null +++ b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_CodeSign_OCA.cer @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC2zCCAn+gAwIBAgIKdGm7tu3kr2cqwzAMBggqgRzPVQGDdQUAMFoxCzAJBgNV +BAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkxGTAXBgNVBAMMEENGQ0EgRVYgU00yIFJPT1QwHhcNMTUwNjE4MDc1 +NTQ0WhcNMjkxMjI0MDc1NTQ0WjBiMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hp +bmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDDBhD +RkNBIEVWIFNNMiBDb2RlU2lnbiBPQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNC +AASVAscZ90LqvQFIB3GU5oYmVCUlMjkmafBZAeorEFW2Z2H2JtxsYDrKZanjJ+Vz +mcWasWQAeIXBuUX8BZ/9ENhbo4IBITCCAR0wOAYIKwYBBQUHAQEELDAqMCgGCCsG +AQUFBzABhhxodHRwOi8vb2NzcC5jZmNhLmNvbS5jbi9vY3NwMB8GA1UdIwQYMBaA +FF8ciSlCteYUuulul+5AamjKPZS4MA8GA1UdEwEB/wQFMAMBAf8wRAYDVR0gBD0w +OzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2ZjYS5jb20uY24v +dXMvdXMtMTIuaHRtMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuY2ZjYS5j +b20uY24vZXZyY2EvU00yL2NybDEuY3JsMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E +FgQUUwDJNPHhE9h2hJ/sP46PL2rSb+owDAYIKoEcz1UBg3UFAANIADBFAiEApiwB +84xUMoNzDN04jwRqTGmChwV/EBOftKpQTZl8y2ECIFsbEI6/j+eWWv66Gd/tbogS +26CEEQ4I/Kb99m3wbXxI +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_OCA.cer b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_OCA.cer new file mode 100755 index 00000000..467a4cbc --- /dev/null +++ b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_OCA.cer @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIICzTCCAnKgAwIBAgIGAIgmba9KMAwGCCqBHM9VAYN1BQAwWjELMAkGA1UEBhMC +Q04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhv +cml0eTEZMBcGA1UEAwwQQ0ZDQSBFViBTTTIgUk9PVDAeFw0xMjA4MDgwNTU2Mjda +Fw0yOTEyMjkwNTU2MjdaMFkxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBG +aW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGDAWBgNVBAMMD0NGQ0Eg +RVYgU00yIE9DQTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABG6sjKVpVukkQpY1 +nokr6wmp44hwkVnzmdXvuBbq/VtwB/8V+awkIfpz4THaSjPGzSGh+hwFcka0NCFK +TQ7y8rqjggEhMIIBHTA4BggrBgEFBQcBAQQsMCowKAYIKwYBBQUHMAGGHGh0dHA6 +Ly9vY3NwLmNmY2EuY29tLmNuL29jc3AwHwYDVR0jBBgwFoAUXxyJKUK15hS66W6X +7kBqaMo9lLgwDwYDVR0TAQH/BAUwAwEB/zBEBgNVHSAEPTA7MDkGBFUdIAAwMTAv +BggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xMi5odG0w +OgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5jZmNhLmNvbS5jbi9ldnJjYS9T +TTIvY3JsMS5jcmwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTDJFfnVXuTdN3s +yIha7AIm0b8vWTAMBggqgRzPVQGDdQUAA0cAMEQCIBgrKO75mE5lfONElZZzkAWh +eb0R0ai6/J7nj7SCZ3jJAiAE2dKJIv9ROkN17bhZpXsVrOtyYULW7YzQePqnNN58 +MA== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_ROOT.cer b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_ROOT.cer new file mode 100755 index 00000000..a19490b4 --- /dev/null +++ b/certs/sm2/cfca/CFCA_EV_CA/CFCA_EV_SM2_ROOT.cer @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICDTCCAbGgAwIBAgIEHPP3OTAMBggqgRzPVQGDdQUAMFoxCzAJBgNVBAYTAkNO +MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkxGTAXBgNVBAMMEENGQ0EgRVYgU00yIFJPT1QwHhcNMTIwODA4MDMwNjMwWhcN +MjkxMjMxMDMwNjMwWjBaMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmlu +YW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRkwFwYDVQQDDBBDRkNBIEVW +IFNNMiBST09UMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE/9xokvYPq1PPsvqh +wzc1OvhRJyqfm+FeefW522OMUJeSqmaYRcwAaEC1IH03etyYEOD4R4HQG+ovJr4z +PLZzUqNjMGEwHwYDVR0jBBgwFoAUXxyJKUK15hS66W6X7kBqaMo9lLgwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFF8ciSlCteYUuulu +l+5AamjKPZS4MAwGCCqBHM9VAYN1BQADSAAwRQIgbE/XnzWMMQItSfz/LH6CyNz1 +OxFwvI6WcgcqGGUdCiMCIQDRFwF7M4Cvo7KqGMNuSiByFNUX9PJYXByjxqPart9U +tw== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_CodeSign_OCA.cer b/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_CodeSign_OCA.cer new file mode 100755 index 00000000..1f8621c6 --- /dev/null +++ b/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_CodeSign_OCA.cer @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAp+gAwIBAgILAMks7Ca6PkbKeqwwDAYIKoEcz1UBg3UFADBaMQswCQYD +VQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24g +QXV0aG9yaXR5MRkwFwYDVQQDDBBDRkNBIEVWIFNNMiBST09UMB4XDTE1MDMyNTAy +MzEyMFoXDTI5MTIyNTAyMzEyMFowYjELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0No +aW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEhMB8GA1UEAwwY +Q0ZDQSBPViBTTTIgQ29kZVNpZ24gT0NBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0D +QgAEEMCjauSAaWcu6Rhmc2XsHI/Yu7VTl+h2OjyN1t5IPCPvItz8cH6InpleIJA9 +IFCnNKP92+X8pT3dx08d8mJpVaOCAUAwggE8MDgGCCsGAQUFBwEBBCwwKjAoBggr +BgEFBQcwAYYcaHR0cDovL29jc3AuY2ZjYS5jb20uY24vb2NzcDAfBgNVHSMEGDAW +gBRfHIkpQrXmFLrpbpfuQGpoyj2UuDAPBgNVHRMBAf8EBTADAQH/MEQGA1UdIAQ9 +MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmNmY2EuY29tLmNu +L3VzL3VzLTEyLmh0bTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmNmY2Eu +Y29tLmNuL2V2cmNhL1NNMi9jcmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFHuE0Yz05iLHWOL7A7G6GJ6Ou75sMB0GA1UdJQQWMBQGCCsGAQUFBwMDBggr +BgEFBQcDCDAMBggqgRzPVQGDdQUAA0cAMEQCIBYasfKMtKS5YT50sA5g/IFCm5/h +vXB2Xyd9AvThXVOpAiBpII9rFxG7C3PG25Sz8kbHnU6/Y/tsMDcHqBtui+Mi9A== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_OCA.cer b/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_OCA.cer new file mode 100755 index 00000000..f000e3ab --- /dev/null +++ b/certs/sm2/cfca/CFCA_EV_CA/CFCA_OV_SM2_OCA.cer @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+zCCAp+gAwIBAgIKIlo/eXS9YiO/8zAMBggqgRzPVQGDdQUAMFoxCzAJBgNV +BAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkxGTAXBgNVBAMMEENGQ0EgRVYgU00yIFJPT1QwHhcNMTUwMzI1MDE1 +OTEwWhcNMjkxMjI1MDE1OTEwWjBZMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hp +bmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRgwFgYDVQQDDA9D +RkNBIE9WIFNNMiBPQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATqUKthTiLn +j+S5Hx72rbeMTBjWVm2/POU5I4ObEV5DYzyHm7H7CBTuqCJkFlWyk47liEeh3r7w +CGvYik58NBfJo4IBSjCCAUYwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxo +dHRwOi8vb2NzcC5jZmNhLmNvbS5jbi9vY3NwMB8GA1UdIwQYMBaAFF8ciSlCteYU +uulul+5AamjKPZS4MA8GA1UdEwEB/wQFMAMBAf8wRAYDVR0gBD0wOzA5BgRVHSAA +MDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2ZjYS5jb20uY24vdXMvdXMtMTIu +aHRtMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuY2ZjYS5jb20uY24vZXZy +Y2EvU00yL2NybDEuY3JsMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGf1XZnVQ +09Bza7eb6eswRRjE5u0wJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMEBggr +BgEFBQcDATAMBggqgRzPVQGDdQUAA0gAMEUCIQDgyEdSEjRxdVslruZgYEYJjr4F +rrUuiiVAVEeY9AssNwIgTb09750KOrUiSyX7tR83mYKppjsewNZ1MLwfQRPtpJg= +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_CA.cer b/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_CA.cer new file mode 100755 index 00000000..ed6219ab --- /dev/null +++ b/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_CA.cer @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIICCjCCAa2gAwIBAgIEGCa1dTAMBggqgRzPVQGDdQUAMFgxCzAJBgNVBAYTAkNO +MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkxFzAVBgNVBAMMDkNGQ0EgR1QgU00yIENBMB4XDTEyMDgyMTA3MjgwOVoXDTQy +MDgyMTA3MjgwOVowWDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu +Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEXMBUGA1UEAwwOQ0ZDQSBHVCBT +TTIgQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATUsjvLXGBLcKuvM97InNIl +/wXS0iripBCzAhXEqnUVdbuVKgbyqK0AyK1PXkLHpXYYkxo+JMX7ZpYpEtiE2QKe +o2MwYTAfBgNVHSMEGDAWgBQLMV20swd1R3ZtmHivBc6r+qoUNjAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUCzFdtLMHdUd2bZh4rwXO +q/qqFDYwDAYIKoEcz1UBg3UFAANJADBGAiEA+gRtWm6oZnq8RmId5ADn7x9ZKx0S +5e/MTwZAdNZVpy0CIQC0xpUW8abWOCSZrchTWPlfo7TvNVempkbYsuM9Pz4Y9w== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_OCA21.cer b/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_OCA21.cer new file mode 100755 index 00000000..40911e0e --- /dev/null +++ b/certs/sm2/cfca/CFCA_GT_CA/CFCA_GT_SM2_OCA21.cer @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIICzTCCAnGgAwIBAgIFJ2+0TY0wDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD +TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y +aXR5MRcwFQYDVQQDDA5DRkNBIEdUIFNNMiBDQTAeFw0xMjA4MjIwNjQwMTVaFw0y +NjA2MDcwNjQwMTVaMFsxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5h +bmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGjAYBgNVBAMMEUNGQ0EgR1Qg +U00yIE9DQTIxMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEfaibBP1o0v170Qpg +u1aQkJUdYHLRwGMUrgRqFMKdo77NcRd0wgeMKJoGsbj1cMgbEwym1a3yVWxCFIdF +qsvqr6OCASEwggEdMDgGCCsGAQUFBwEBBCwwKjAoBggrBgEFBQcwAYYcaHR0cDov +L29jc3AuY2ZjYS5jb20uY24vb2NzcDAfBgNVHSMEGDAWgBQLMV20swd1R3ZtmHiv +Bc6r+qoUNjAPBgNVHRMBAf8EBTADAQH/MEQGA1UdIAQ9MDswOQYEVR0gADAxMC8G +CCsGAQUFBwIBFiNodHRwOi8vd3d3LmNmY2EuY29tLmNuL3VzL3VzLTExLmh0bTA6 +BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmNmY2EuY29tLmNuL2d0cmNhL1NN +Mi9jcmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHoMMruCEb6vwLoi +f+zs1mMotJZcMAwGCCqBHM9VAYN1BQADSAAwRQIgCdmrD+anYnDYj2HropD69xUM +V4056zQmyMFQs70tt1wCIQDqoB4gCWsNqX4RMTAOixu8iW0dMPOvVxOa3OG6YCGc +OQ== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_GT_CA/CFCA_SM2_OCA2.cer b/certs/sm2/cfca/CFCA_GT_CA/CFCA_SM2_OCA2.cer new file mode 100755 index 00000000..9189c6f9 --- /dev/null +++ b/certs/sm2/cfca/CFCA_GT_CA/CFCA_SM2_OCA2.cer @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICyjCCAm6gAwIBAgIGANzXPP3NMAwGCCqBHM9VAYN1BQAwWDELMAkGA1UEBhMC +Q04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhv +cml0eTEXMBUGA1UEAwwOQ0ZDQSBHVCBTTTIgQ0EwHhcNMTIwODIxMDgxNDAwWhcN +MzIwODE1MDgxNDAwWjBXMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmlu +YW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDDA1DRkNBIFNN +MiBPQ0EyMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEGXr6gER9MZyIYCEjJsnu +Cgr184BN4C0sREvozP2sH8Wm/MpWUu6c57wrcP7nltIejtlVstpfIZLglMKe1stI +/aOCASEwggEdMDgGCCsGAQUFBwEBBCwwKjAoBggrBgEFBQcwAYYcaHR0cDovL29j +c3AuY2ZjYS5jb20uY24vb2NzcDAfBgNVHSMEGDAWgBQLMV20swd1R3ZtmHivBc6r ++qoUNjAPBgNVHRMBAf8EBTADAQH/MEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsG +AQUFBwIBFiNodHRwOi8vd3d3LmNmY2EuY29tLmNuL3VzL3VzLTExLmh0bTA6BgNV +HR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmNmY2EuY29tLmNuL2d0cmNhL1NNMi9j +cmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFC/GO2moh1P8jpo7VOKY +h6stfzzMMAwGCCqBHM9VAYN1BQADSAAwRQIgScGxUWNpVWFnlTW/ZzyOV9lo8X+s +r34NCDIkt56MdGMCIQCA35bCfKocBXESU8m+4oMHEBG4pVREiX4OSuHFkCrBjw== +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_CA.cer b/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_CA.cer new file mode 100755 index 00000000..f335f27f --- /dev/null +++ b/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_CA.cer @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICITCCAcagAwIBAgIRAMzG1U6Sx4IJ9UY/NQPg/ZkwDAYIKoEcz1UBg3UFADBe +MQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5MR0wGwYDVQQDDBRDRkNBIElkZW50aXR5IFNNMiBDQTAe +Fw0xNTA2MzAwMTIwMTdaFw00MDA2MzAwMTIwMTdaMF4xCzAJBgNVBAYTAkNOMTAw +LgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx +HTAbBgNVBAMMFENGQ0EgSWRlbnRpdHkgU00yIENBMFkwEwYHKoZIzj0CAQYIKoEc +z1UBgi0DQgAEGB9rH6TUrhuQPHc2dU97rQTzrh3RLthL4e1FXunGUSQHKpwLfGAz +T395rYXaN22vxsXlxeOBrBZX2FEaKOXabKNjMGEwHwYDVR0jBBgwFoAU+J9NN1YS +mFlV9N+0CodJrBhtdXQwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw +HQYDVR0OBBYEFPifTTdWEphZVfTftAqHSawYbXV0MAwGCCqBHM9VAYN1BQADRwAw +RAIgDBfiC4ybZgCXQPp06dKH6T4sRD5jwwXg/PAaNZw0azoCIB76hpLY4f1/m8Gx +cR89TirsEVs9q2ZPMlFOGrBLrJVl +-----END CERTIFICATE----- diff --git a/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_OCA.cer b/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_OCA.cer new file mode 100755 index 00000000..33a6bf95 --- /dev/null +++ b/certs/sm2/cfca/CFCA_IDENTITY_CA/CFCA_Identity_SM2_OCA.cer @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFTCCArmgAwIBAgIQIMzG2fVGPzUD4P2VTpLHiTAMBggqgRzPVQGDdQUAMF4x +CzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkxHTAbBgNVBAMMFENGQ0EgSWRlbnRpdHkgU00yIENBMB4X +DTE1MDYzMDA2MDcxOVoXDTI5MTIyODA2MDcxOVowXzELMAkGA1UEBhMCQ04xMDAu +BgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEe +MBwGA1UEAwwVQ0ZDQSBJZGVudGl0eSBTTTIgT0NBMFkwEwYHKoZIzj0CAQYIKoEc +z1UBgi0DQgAEeegQeYmllC/DE70yo+xxIqpVOwWQivEv9TsVjFhbX5PzVmTTyy5H +VnBY3DFMxPzTAd+u8hP96546X8CXTiv2iqOCAVQwggFQMDMGCCsGAQUFBwEBBCcw +JTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2ZjYS5jb20uY24wHwYDVR0jBBgw +FoAU+J9NN1YSmFlV9N+0CodJrBhtdXQwDwYDVR0TAQH/BAUwAwEB/zBEBgNVHSAE +PTA7MDkGBFUdIAAwMTAvBggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5j +bi91cy91cy0xNy5odG0wPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5jZmNh +LmNvbS5jbi9JZGVudGl0eUNBL1NNMi9jcmwxLmNybDAOBgNVHQ8BAf8EBAMCAQYw +HQYDVR0OBBYEFOh1bKRORLGMYjroqmT/kYLRl9V2MDEGA1UdJQQqMCgGCCsGAQUF +BwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMIMAwGCCqBHM9VAYN1BQAD +SAAwRQIgYNtyVWtGhTtv8Wmn3kL+et9gRPZ/F8hKVNyfZcs34IYCIQCtFIaIqTcf +eKnbhOA8bV969KdywC4Iy+BVE0xYK9wtcw== +-----END CERTIFICATE----- diff --git a/certs/sm2/gjzsl-sm2/cfca_gj_cs_sm2.p7b b/certs/sm2/gjzsl-sm2/cfca_gj_cs_sm2.p7b new file mode 100644 index 00000000..03d15b49 --- /dev/null +++ b/certs/sm2/gjzsl-sm2/cfca_gj_cs_sm2.p7b @@ -0,0 +1 @@ +MIIEkQYJKoZIhvcNAQcCoIIEgjCCBH4CAQExADALBgkqhkiG9w0BBwGgggRmMIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQGEwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQwMzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEMPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRTV7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5YtiW/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZMxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xIpDoiVhsLwjCCAqswggJQoAMCAQICEB9dBAaIFQ66lXsbUniBK8IwDAYIKoEcz1UBg3UFADAuMQswCQYDVQQGEwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xNTA3MTAwMzI4NDNaFw0zNTA3MDUwMzI4NDNaMFgxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFzAVBgNVBAMMDkNGQ0EgQ1MgU00yIENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE7kYdusJrcijTM/j5p3qN2kpnvgQo0aJ/ErwMWQYC0riMTVHsKuJDbo3m9SOANMoO8TXI7joF4JQKEL/k3Pj9FaOCASIwggEeMB8GA1UdIwQYMBaAFEwysZfZMxvEpgXBxuWLYlvwl3ZYMA8GA1UdEwEB/wQFMAMBAf8wgboGA1UdHwSBsjCBrzBBoD+gPaQ7MDkxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoGA1UECwwDQVJMMQwwCgYDVQQDDANhcmwwKqAooCaGJGh0dHA6Ly93d3cucm9vdGNhLmdvdi5jbi9hcmwvYXJsLmNybDA+oDygOoY4bGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjozODkvQ049YXJsLE9VPUFSTCxPPU5SQ0FDLEM9Q04wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBggqgRzPVQGDdQUAA0cAMEQCIHG9duf1OfjEBn//4Nyg4RWRwvGXXZuFd4N8hUbwzzc6AiA1HBq5HQ/geEyFDPw4b0Lml5KH5t9q06GXj5L8VhjKLjEA \ No newline at end of file diff --git a/certs/sm2/gjzsl-sm2/oca11sm2.cer b/certs/sm2/gjzsl-sm2/oca11sm2.cer new file mode 100644 index 00000000..b7638a32 Binary files /dev/null and b/certs/sm2/gjzsl-sm2/oca11sm2.cer differ diff --git a/certs/sm2/gjzsl-sm2/oca1sm2.cer b/certs/sm2/gjzsl-sm2/oca1sm2.cer new file mode 100644 index 00000000..942b74f1 Binary files /dev/null and b/certs/sm2/gjzsl-sm2/oca1sm2.cer differ diff --git a/crypto/cbcmac/cbcmac.h b/crypto/cbcmac/cbcmac.h index e4dbbe6a..d45ef0ab 100644 --- a/crypto/cbcmac/cbcmac.h +++ b/crypto/cbcmac/cbcmac.h @@ -58,6 +58,7 @@ extern "C" { #endif +typedef struct CBCMAC_CTX_st CBCMAC_CTX; CBCMAC_CTX *CBCMAC_CTX_new(void); void CBCMAC_CTX_cleanup(CBCMAC_CTX *ctx); diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index ed8c9013..06e56d88 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -171,6 +171,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_sms4_cfb8()); EVP_add_cipher(EVP_sms4_ofb()); EVP_add_cipher(EVP_sms4_ctr()); + EVP_add_cipher(EVP_sms4_wrap()); EVP_add_cipher_alias(SN_sms4_cbc,"SMS4"); EVP_add_cipher_alias(SN_sms4_cbc,"sms4"); #endif diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 158bcdbb..fefb25ba 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) type = ctx->digest; } #endif - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (ctx->digest != type) { if (ctx->digest && ctx->digest->ctx_size) OPENSSL_free(ctx->md_data); @@ -219,7 +219,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; ctx->md_data = OPENSSL_malloc(type->ctx_size); - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (ctx->md_data == NULL) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE); return 0; @@ -231,7 +231,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) #endif if (ctx->pctx) { int r; - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); if (r <= 0 && (r != -2)) @@ -248,7 +248,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) return 0; } #endif - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); return ctx->digest->init(ctx); } diff --git a/crypto/evp/e_sms4.c b/crypto/evp/e_sms4.c index d1f0bad1..548d11f2 100644 --- a/crypto/evp/e_sms4.c +++ b/crypto/evp/e_sms4.c @@ -178,7 +178,7 @@ static int sms4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, EVP_SMS4_KEY *sms4 = (EVP_SMS4_KEY *)ctx->cipher_data; CRYPTO_ctr128_encrypt_ctr32(in, out, len, &sms4->ks, ctx->iv, ctx->buf, - &num, sms4_ctr128_encrypt); + &num, (ctr128_f)sms4_encrypt); ctx->num = (size_t)num; return 1; @@ -240,6 +240,7 @@ static int sms4_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) } +#endif typedef struct { union { @@ -253,28 +254,81 @@ typedef struct { static int sms4_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { + EVP_SMS4_WRAP_CTX *sms4_wrap = ctx->cipher_data; + + if (!iv && !key) + return 1; + + if (key) { + if (ctx->encrypt) { + sms4_set_encrypt_key(&sms4_wrap->ks.ks, key); + } else { + sms4_set_decrypt_key(&sms4_wrap->ks.ks, key); + } + + if (!iv) { + sms4_wrap->iv = NULL; + } + } + + if (iv) { + memcpy(ctx->iv, iv, 8); + sms4_wrap->iv = ctx->iv; + } + return -1; } static int sms4_wrap_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inlen) { - return -1; + EVP_SMS4_WRAP_CTX *sms4_wrap = ctx->cipher_data; + size_t rv; + + if (!in) { + return 0; + } + + if (inlen % 8) { + return -1; + } + + if (ctx->encrypt && inlen < 8) + return -1; + + if (!ctx->encrypt && inlen < 8) + return -1; + + if (!out) { + if (ctx->encrypt) + return inlen + 8; + else return inlen - 8; + } + + if (ctx->encrypt) + rv = CRYPTO_128_wrap(&sms4_wrap->ks.ks, sms4_wrap->iv, + out, in, inlen, (block128_f)sms4_encrypt); + else rv = CRYPTO_128_unwrap(&sms4_wrap->ks.ks, sms4_wrap->iv, + out, in, inlen, (block128_f)sms4_encrypt); + + return rv ? (int)rv : -1; } -#define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ +#define SMS4_WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) +#define SMS4_WRAP_BLOCK_SIZE 8 +#define SMS4_WRAP_IV_LENGTH 8 const EVP_CIPHER sms4_wrap = { NID_sms4_wrap, SMS4_WRAP_BLOCK_SIZE, SMS4_KEY_LENGTH, SMS4_WRAP_IV_LENGTH, - WRAP_FLAGS, + SMS4_WRAP_FLAGS, sms4_wrap_init_key, sms4_wrap_do_cipher, NULL, /* cleanup() */ @@ -290,6 +344,5 @@ const EVP_CIPHER *EVP_sms4_wrap(void) return &sms4_wrap; } -#endif #endif diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 3608f567..4fa52df9 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -657,13 +657,6 @@ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -#ifndef OPENSSL_NO_GMSSL -int EVP_Encrypt_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outlen, - const unsigned char *in, int inlen); -int EVP_Decrypt_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outlen, - const unsigned char *in, int inlen); -#endif - int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, EVP_PKEY *pkey); diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 13acb8f1..9a428446 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -87,7 +87,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } } - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (ver) { if (ctx->pctx->pmeth->verifyctx_init) { @@ -104,16 +104,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0) return 0; } - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0) return 0; - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (pctx) *pctx = ctx->pctx; - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) return 1; - fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + //fprintf(stderr, "%s %d\n", __FILE__, __LINE__); if (!EVP_DigestInit_ex(ctx, type, e)) return 0; return 1; diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c index 59f81342..629046ee 100644 --- a/crypto/evp/pmeth_gn.c +++ b/crypto/evp/pmeth_gn.c @@ -198,16 +198,25 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, EVP_PKEY_CTX *mac_ctx = NULL; EVP_PKEY *mac_key = NULL; mac_ctx = EVP_PKEY_CTX_new_id(type, e); - if (!mac_ctx) + if (!mac_ctx) { + if (e) fprintf(stderr, "engine is not null\n"); + fprintf(stderr, "error %s %d\n", __FILE__, __LINE__); return NULL; - if (EVP_PKEY_keygen_init(mac_ctx) <= 0) + } + if (EVP_PKEY_keygen_init(mac_ctx) <= 0) { + fprintf(stderr, "error %s %d\n", __FILE__, __LINE__); goto merr; + } if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_SET_MAC_KEY, - keylen, (void *)key) <= 0) + keylen, (void *)key) <= 0) { + fprintf(stderr, "error %s %d\n", __FILE__, __LINE__); goto merr; - if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) + } + if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) { + fprintf(stderr, "error %s %d\n", __FILE__, __LINE__); goto merr; + } merr: if (mac_ctx) EVP_PKEY_CTX_free(mac_ctx); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 3839fbf0..d11a46c4 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -119,15 +119,30 @@ const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type) tmp.pkey_id = type; if (app_pkey_methods) { int idx; + + //fprintf(stderr, "check %s %d\n", __FILE__, __LINE__); idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp); if (idx >= 0) return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx); + //fprintf(stderr, "check %s %d\n", __FILE__, __LINE__); } + //fprintf(stderr, "%s %d: t->pkey_id = %d\n", __FILE__, __LINE__, t->pkey_id); + int i; + for (i = 0; i < sizeof(standard_methods) / sizeof(EVP_PKEY_METHOD *); i++) { + if (type == standard_methods[i]->pkey_id) { + return standard_methods[i]; + } + } +/* ret = OBJ_bsearch_pmeth(&t, standard_methods, sizeof(standard_methods) / sizeof(EVP_PKEY_METHOD *)); - if (!ret || !*ret) + +*/ + if (!ret || !*ret) { + //fprintf(stderr, "check %s %d\n", __FILE__, __LINE__); return NULL; + } return *ret; } @@ -136,8 +151,10 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) EVP_PKEY_CTX *ret; const EVP_PKEY_METHOD *pmeth; if (id == -1) { - if (!pkey || !pkey->ameth) + if (!pkey || !pkey->ameth) { + fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__); return NULL; + } id = pkey->ameth->pkey_id; } #ifndef OPENSSL_NO_ENGINE @@ -159,7 +176,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) if (e) pmeth = ENGINE_get_pkey_meth(e, id); - else + else #endif pmeth = EVP_PKEY_meth_find(id); diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 46a95b63..b7326dda 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1033 -#define NUM_SN 1011 -#define NUM_LN 1011 -#define NUM_OBJ 949 +#define NUM_NID 1034 +#define NUM_SN 1012 +#define NUM_LN 1012 +#define NUM_OBJ 950 -static const unsigned char lvalues[6683]={ +static const unsigned char lvalues[6691]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1011,6 +1011,7 @@ static const unsigned char lvalues[6683]={ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x0A, /* [6658] OBJ_sms4_xts */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x05, /* [6666] OBJ_sms4_cfb1 */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x06, /* [6674] OBJ_sms4_cfb8 */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x0B, /* [6682] OBJ_sms4_wrap */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2667,6 +2668,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"SM1-CFB","sm1-cfb",NID_sm1_cfb,0,NULL,0}, {"SMS4-CFB1","sms4-cfb1",NID_sms4_cfb1,8,&(lvalues[6666]),0}, {"SMS4-CFB8","sms4-cfb8",NID_sms4_cfb8,8,&(lvalues[6674]),0}, +{"SMS4-WRAP","sms4-wrap",NID_sms4_wrap,8,&(lvalues[6682]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2879,6 +2881,7 @@ static const unsigned int sn_objs[NUM_SN]={ 977, /* "SMS4-ECB" */ 1027, /* "SMS4-GCM" */ 981, /* "SMS4-OFB" */ +1033, /* "SMS4-WRAP" */ 1029, /* "SMS4-XTS" */ 100, /* "SN" */ 1021, /* "SSF33-CBC" */ @@ -4643,6 +4646,7 @@ static const unsigned int ln_objs[NUM_LN]={ 977, /* "sms4-ecb" */ 1027, /* "sms4-gcm" */ 981, /* "sms4-ofb" */ +1033, /* "sms4-wrap" */ 1029, /* "sms4-xts" */ 1021, /* "ssf33-cbc" */ 1023, /* "ssf33-cfb" */ @@ -5153,6 +5157,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 1027, /* OBJ_sms4_gcm 1 2 156 10197 1 104 8 */ 1028, /* OBJ_sms4_ccm 1 2 156 10197 1 104 9 */ 1029, /* OBJ_sms4_xts 1 2 156 10197 1 104 10 */ +1033, /* OBJ_sms4_wrap 1 2 156 10197 1 104 11 */ 1006, /* OBJ_sm5 1 2 156 10197 1 201 */ 958, /* OBJ_sm2p256v1 1 2 156 10197 1 301 */ 1025, /* OBJ_id_sm9PublicKey 1 2 156 10197 1 302 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 9abbde4b..2f22861f 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -4388,6 +4388,11 @@ #define NID_sms4_xts 1029 #define OBJ_sms4_xts OBJ_sm,104L,10L +#define SN_sms4_wrap "SMS4-WRAP" +#define LN_sms4_wrap "sms4-wrap" +#define NID_sms4_wrap 1033 +#define OBJ_sms4_wrap OBJ_sm,104L,11L + #define NID_sm7 1004 #define OBJ_sm7 OBJ_sm,105L diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index ccc88805..f8e5ecb6 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1030,3 +1030,4 @@ sms4_xts 1029 sm1_cfb 1030 sms4_cfb1 1031 sms4_cfb8 1032 +sms4_wrap 1033 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 4d761977..eb31a10e 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1409,7 +1409,7 @@ sm 104 7 : SMS4-CTR : sms4-ctr sm 104 8 : SMS4-GCM : sms4-gcm sm 104 9 : SMS4-CCM : sms4-ccm sm 104 10 : SMS4-XTS : sms4-xts - +sm 104 11 : SMS4-WRAP : sms4-wrap !Alias sm7 sm 105 diff --git a/crypto/opensslv.h b/crypto/opensslv.h index c06b13ac..c3782300 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -34,7 +34,7 @@ extern "C" { # ifdef OPENSSL_FIPS # define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2d-fips 9 Jul 2015" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2d 9 Jul 2015" +# define OPENSSL_VERSION_TEXT "GmSSL 1.2.1" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/sm1/sm1test.c b/crypto/sm1/sm1test.c new file mode 100644 index 00000000..0b3adc5c --- /dev/null +++ b/crypto/sm1/sm1test.c @@ -0,0 +1,54 @@ +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + const char *engine_id = "SKF"; + ENGINE *engine = NULL; + const EVP_CIPHER *cipher; + EVP_CIPHER_CTX ctx; + unsigned char key[16]; + unsigned char iv[16]; + const char *msg1 = "hello world"; + const char *msg2 = "12345678"; + unsigned char buf[128]; + int len; + + ENGINE_load_builtin_engines(); + engine = ENGINE_by_id(engine_id); + + OPENSSL_assert(engine != NULL); + + rv = ENGINE_init(engine); + OPENSSL_assert(rv == 1); + + cipher = ENGINE_get_cipher(engine, NID_sm1_cbc); + + EVP_CIPHER_CTX_init(&ctx); + + rv = RAND_bytes(key, (int)sizeof(key)); + rv = RAND_bytes(iv, (int)sizeof(iv)); + + rv = EVP_EncryptInit_ex(&ctx, cipher, engine, key, iv); + + p = buf; + rv = EVP_EncryptUpdate(&ctx, p, &len, (unsigned char *)msg1, (int)strlen(msg1)); + + p += len; + rv = EVP_EncryptUpdate(&ctx, p, &len, (unsigned char *)msg2, (int)strlen(msg2)); + + p += len; + rv = EVP_EncryptFinal_ex(&ctx, p, &len); + + p += len; + + + EVP_CIPHER_CTX_cleanup(&ctx); + ENGINE_finish(engine); + ENGINE_free(engine); + + return 0; +} + diff --git a/crypto/sm2/sm2_asn1.c b/crypto/sm2/sm2_asn1.c index b2baef22..5c775fa7 100644 --- a/crypto/sm2/sm2_asn1.c +++ b/crypto/sm2/sm2_asn1.c @@ -35,3 +35,7 @@ */ + + + + diff --git a/crypto/sm2/sm2_locl.h b/crypto/sm2/sm2_locl.h index 3680c412..6eddf662 100644 --- a/crypto/sm2/sm2_locl.h +++ b/crypto/sm2/sm2_locl.h @@ -69,12 +69,6 @@ struct sm2sign_method { }; - - - - - - #ifdef __cplusplus } #endif diff --git a/crypto/sm2/sm2test.c b/crypto/sm2/sm2test.c index 51ad6c18..45aedff5 100644 --- a/crypto/sm2/sm2test.c +++ b/crypto/sm2/sm2test.c @@ -5,6 +5,393 @@ #include #include + +/* + +GFp192 + +p BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F +a BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985 +b 1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1 +x 4AD5F7048DE709AD51236DE65E4D4B482C836DC6E4106640 +y 02BB3A02D4AAADACAE24817A4CA3A1B014B5270432DB27D2 +n BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677 +h 1 + +GFp256 + +p 8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3 +a 787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498 +b 63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A +x 421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D +y 0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2 +n 8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7 +h 1 + +GF2m193 f(x) = x^193 + x^15 + 1 + +f 2000000000000000000000000000000000000000000008001 +a 0 +b 002FE22037B624DBEBC4C618E13FD998B1A18E1EE0D05C46FB +x 00D78D47E85C93644071BC1C212CF994E4D21293AAD8060A84 +y 00615B9E98A31B7B2FDDEEECB76B5D875586293725F9D2FC0C +n 80000000000000000000000043E9885C46BF45D8C5EBF3A1 + +GF2m257 f(x) = x^257 + x^12 + 1 + +f 20000000000000000000000000000000000000000000000000000000000001001 +a 0 +b 00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B +x 00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD +y 013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E +n 7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D + +Signature on GFp256 + +M message digest +d 128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263 +Z F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A +e B524F552CD82B8B028476E005C377FB19A87E6FC682D48BB5D42E3D9B9EFFE76 +k 6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F +r 40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1 +s 6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7 + +Signature on GF2m257 + +M message digest +d 771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931 +Z 26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5 +e AD673CBDA311417129A9EAA5F9AB1AA1633AD47718A84DFD46C17C6FA0AA3B12 +k 36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6 +r 6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B +s 3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556 + +Key Agreement on GFp256 + +A ALICE123@YAHOO.COM +LA 0090 +B BILL456@YAHOO.COM +LB 0088 + +dA 6FCBA2EF9AE0AB902BC3BDE3FF915D44BA4CC78F88E2F8E7F8996D3B8CCEEDEE +dB 5E35D7D3F3C54DBAC72E61819E730B019A84208CA3A35E4C2E353DFCCB2A3B53 +ZA E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31 +ZB 6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67 +rA 83A2C9C8B96E5AF70BD480B472409A9A327257F1EBB73F5B073354B248668563 +x1 6CB5633816F4DD560B1DEC458310CBCC6856C09505324A6D23150C408F162BF0 +y1 0D6FCF62F1036C0A1B6DACCF57399223A65F7D7BF2D9637E5BBBEB857961BF1A +rB 33FE21940342161C55619C4A0C060293D543C80AF19748CE176D83477DE71C80 +x2 1799B2A2C778295300D9A2325C686129B8F2B5337B3DCF4514E8BBC19D900EE5 +y2 54C9288C82733EFDF7808AE7F27D0E732F7C73A7D9AC98B7D8740A91D0DB3CF4 +x1' E856C09505324A6D23150C408F162BF0 +x2' B8F2B5337B3DCF4514E8BBC19D900EE5 +tB 2B2E11CBF03641FC3D939262FC0B652A70ACAA25B5369AD38B375C0265490C9F + + +Encrypt on GFp256 + +M encryption standard +d 1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0 +k 4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F +C1 0464D20D27D0632957F8028C1E024F6B02EDF23102A566C932AE8BD613A8E865FE58D225ECA784AE300A81A2D48281A828E1CEDF11C4219099840265375077BF78 +C2 650053A89B41C418B0C3AAD00D886C00286467 +C3 9C3D7360C30156FAB7C80A0276712DA9D8094A634B766D3A285E07480653426D + +Encrypt on GF2m257 + +M encryption standard +d 56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB +k 6D3B497153E3E92524E5C122682DBDC8705062E20B917A5F8FCDB8EE4C66663D +C1 040083E628CF701EE3141E8873FE55936ADF24963F5DC9C6480566C80F8A1D8CC51B01524C647F0C0412DEFD468BDA3AE0E5A80FCC8F5C990FEE11602929232DCD9F36 +C2 FD55AC6213C2A8A040E4CAB5B26A9CFCDA7373FCDA7373 +C3 73A48625D3758FA37B3EAB80E9CFCABA665E3199EA15A1FA8189D96F579125E4 + +*/ + +RAND_METHOD fake_rand; +const RAND_METHOD *old_rand; + +int fbytes(unsigned char *buf, int num) +{ + int ret; + BIGNUM *tmp = NULL; + + if (fbytes_counter >= 8) + return 0; + + if (!(tmp = BN_new())) { + return 0; + } + + if (!BN_hex2bn(&tmp, numbers[fbytes_counter])) { + BN_free(tmp); + return 0; + } + + fbytes_counter++; + + + if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf)) + ret = 0; + else + ret = 1; + + if (tmp) + BN_free(tmp); + + return ret; +} + +int change_rand(void) +{ + if (!(old_rand = RAND_get_rand_method())) { + return 0; + } + + fake_rand.seed = old_rand->seed; + fake_rand.cleanup = old_rand->cleanup; + fake_rand.add = old_rand->add; + fake_rand.status = old_rand->status; + fake_rand.bytes = fbytes; + fake_rand.pseudorand = old_rand->bytes; + + if (!RAND_set_rand_method(&fake_rand)) { + return 0; + } + + return 1; +} + +int restore_rand(void) +{ + if (!RAND_set_rand_method(rand)) + return 0; + else + return 1; +} + + +EC_GROUP *new_ec_group(int is_prime_field, + const char *p_hex, const char *a_hex, const char *b_hex, + const char *x_hex, const char *y_hex, const char *n_hex, const char *h_hex) +{ + int e = 1; + EC_GROUP *ec_group = NULL; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL; + BIGNUM *a = NULL; + BIGNUM *b = NULL; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + BIGNUM *n = NULL; + BIGNUM *h = NULL; + EC_POINT *G = NULL; + point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; + int flag = 0; + + if (!(ctx = BN_CTX_new())) { + ERR_print_errors_fp(stderr); + goto err; + } + + // FIXME + if (!(ec_group = EC_GROUP_new(EC_GFp_mont_method()))) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!BN_hex2bn(&p, p_hex) || + !BN_hex2bn(&a, a_hex) || + !BN_hex2bn(&b, b_hex) || + !BN_hex2bn(&x, x_hex) || + !BN_hex2bn(&y, y_hex) || + !BN_hex2bn(&n, n_hex) || + !BN_hex2bn(&h, h_hex)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (is_prime_curve) { + if (!EC_GROUP_set_curve_GFp(ec_group, p, a, b, ctx)) { + ERR_print_errors_fp(stderr); + goto err; + } + if (!EC_POINT_set_affine_coordinates_GFp(ec_group, G, x, y, ctx)) { + ERR_print_errors_fp(stderr); + goto err; + } + + } else { + if (!EC_GROUP_set_curve_GF2m(ec_group, p, a, b, ctx)) { + ERR_print_errors_fp(stderr); + goto err; + } + if (!EC_POINT_set_affine_coordinates_GF2m(ec_group, G, x, y, ctx)) { + ERR_print_errors_fp(stderr); + goto err; + } + } + + if (!(G = EC_POINT_new(ec_group))) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!EC_GROUP_set_generator(ec_group, G, n, h)) { + ERR_print_errors_fp(stderr); + goto err; + } + + EC_GROUP_set_asn1_flag(ec_group, flag); + EC_GROUP_set_point_conversion_form(ec_group, form); + + e = 0; +err: + if (ctx) BN_CTX_free(ctx); + if (p) BN_free(p); + if (a) BN_free(a); + if (b) BN_free(b); + if (x) BN_free(x); + if (y) BN_free(y); + if (n) BN_free(n); + if (h) BN_free(h); + if (G) EC_POINT_free(G); + if (e && ec_group) { + EC_GROUP_free(ec_group); + ec_group = NULL; + } + return ec_group; +} + +EC_KEY *new_ec_key(const EC_GROUP *group, const char *sk, const char *id, + const char *xP, const char *yP) +{ + EC_KEY *ec_key = NULL; + BIGNUM *x = NULL; + BIGNUM *y = NULL; + + + if (sk) { + if (!BN_hex2bn(&d, sk)) { + ERR_print_errors_fp(stderr); + goto err; + } + } + + if (id) { + if (!SM2_set_id(ec_key, id)) { + ERR_print_errors_fp(stderr); + goto err; + } + } + + + if (xP && yP) { + if (!BN_hex2bn(&x, xP)) { + ERR_print_errors_fp(stderr); + goto err; + } + if (!BN_hex2bn(&y, yP)) { + } + + if (!EC_KEY_set_public_key()) { + } + } + + + +err: + + return ec_key; +} + + +static int test_sm2_id(void) +{ + int ret = 0; + EC_GROUP *group = NULL; + EC_KEY *ec_key = NULL; + BIGNUM *bn = NULL; + const char *id[] = { + "ALICE123@YAHOO.COM", + "ALICE123@YAHOO.COM", + "ALICE123@YAHOO.COM", + "BILL456@YAHOO.COM"}; + const char *sk[] = { + "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", + "771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931", + "6FCBA2EF9AE0AB902BC3BDE3FF915D44BA4CC78F88E2F8E7F8996D3B8CCEEDEE", + "5E35D7D3F3C54DBAC72E61819E730B019A84208CA3A35E4C2E353DFCCB2A3B53"}; + const char *Z[] = { + "F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A", + "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5", + "E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31", + "6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67"}; + unsigned char dgst[EVP_MAX_MD_SIZE]; + unsigned char buf[sizeof(dgst) * 2]; + unsigned int len; + int i, j; + + + if (!(group = new_GFp256test())) { + goto err; + } + + if (!(ec_key = EC_KEY_new())) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!EC_KEY_set_group(ec_key, group)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!(bn = BN_new())) { + ERR_print_errors_fp(stderr); + goto err; + } + + for (i = 0; i < sizeof(id)/sizeof(id[0]); i++) { + + if (!SM2_set_id(ec_key, id[i])) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!BN_hex2bn(&bn, sk[i])) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!EC_KEY_set_private_key(ec_key, bn)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!SM2_compute_id_digest(dgst, &dgstlen, EVP_sm3(), ec_key)) { + ERR_print_errors_fp(stderr); + goto err; + } + + for (j = 0; j < SM3_DIGEST_LENGTH; j++) { + sprintf(&(buf[j * 2]), "%02X", dgst[j]); + } + + if (memcpy(Z[i], buf, strlen(Z[i])) != 0) { + goto err; + } + } + + ret = 1; + +err: + EC_GROUP_free(group); + EC_KEY_free(ec_key); + BN_free(bn); + return ret; +} + static void test_sm2_sign(void) { int rv; @@ -19,7 +406,7 @@ static void test_sm2_sign(void) rv = EC_KEY_generate_key(ec_key); OPENSSL_assert(rv == 1); - RAND_bytes(dgst, sizeof(dgst)); + RAND_pseudo_bytes(dgst, sizeof(dgst)); sig = SM2_do_sign(dgst, (int)sizeof(dgst), ec_key); OPENSSL_assert(sig); @@ -33,10 +420,247 @@ static void test_sm2_sign(void) EC_KEY_free(ec_key); ECDSA_SIG_free(sig); - - printf("%s() success\n", __FUNCTION__); } + char *msg = "message digest"; + char *id = "ALICE123@YAHOO.COM"; + char *sk = "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263"; + char *e = "B524F552CD82B8B028476E005C377FB19A87E6FC682D48BB5D42E3D9B9EFFE76"; + char *k = "6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F"; + char *r = "40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1"; + char *s = "6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7"; + + +int test_sm2_sign(const EC_GROUP *group, const char *msg, const char *id, + const char *sk, const char *e, const char *s) +{ + int ret = 0; + EC_GROUP *group = NULL; + unsigned char idgst[32]; + + EVP_MD_CTX md_ctx; + + if (!(group = new_GFp256test())) { + goto err; + } + + if (!(ec_key = EC_KEY_new())) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!EC_KEY_set_group(ec_key, group)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!BN_hex2bn(&bn, sk)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!EC_KEY_set_private_key(ec_key, bn)) { + ERR_print_errors_fp(stderr); + goto err; + } + + if (!SM2_set_id(ec_key, id)) { + ERR_print_errors_fp(stderr); + goto err; + } + + + + EVP_MD_CTX_init(&md_ctx); + + + EVP_DigestInit(&md_ctx, iddgst, sizeof(iddgst)); + + EVP_DigestInit(&md_ctx, msg, strlen(msg)); + + EVP_DigestFinal(&md_ctx, msgdgst, &len); + + + hexequbin(Z, msgdgst, len); + + + sig = SM2_do_sign(); + + + hex = BN_bin2hex(sig->r); + + if (strcmp(r, hex)) { + } + + hex = BN_bin2hex(sig->s); + + if (strcmp(s, hex)) { + } + + + SM2_do_verify(); + + + + return 0; +} + + + +int test_sm2_sign_GF2m257(void) +{ + int ret = 0; + char *msg = "message digest"; + char *d = "771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931"; + char *Z = "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5"; + char *e = "AD673CBDA311417129A9EAA5F9AB1AA1633AD47718A84DFD46C17C6FA0AA3B12"; + char *k = "36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6"; + char *r = "6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B"; + char *s = "3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556"; + + return ret; +} + +int hexequbin(const char *hex, const unsigned char *bin, size_t binlen) +{ + char *buf = NULL; + if (binlen * 2 != strlen(hex)) { + return 0; + } + + buf = OPENSSL_malloc(binlen * 2); + + for (i = 0; i < binlen; i++) { + sprintf(buf + i*2, "%02X", bin[i]); + } + + if (memcmp(hex, buf, binlen * 2) != 0) { + return 0; + } else { + return 1; + } +} + +EC_KEY *new_ec_key(const EC_GROUP *group, const char *hex) +{ +} + +int test_sm2_enc(const EC_GROUP *group, const char *msg, const char *sk, + const char *c1, const char *c2, const char *c3) +{ + int ret = 0; + EC_KEY *ec_key = NULL; + SM2_CIPHERTEXT_VALUE *cv = NULL; + + + cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), (unsigned char *)msg, (size_t)strlen(msg), ec_key); + + + EC_POINT_point2oct(cv->ephem_point); + + + if (!hexequbin(C2, cv->ciphertext, cv->ciphertext_size)) { + return 0; + } + + if (!hexequbin(C3, cv->mactag, cv->mactag_size)) { + return 0; + } + + return ret; +} + + +int test_sm2() +{ + EC_GROUP *sm2p192test = NULL; + EC_GROUP *sm2p256test = NULL; + EC_GROUP *sm2b193test = NULL; + EC_GROUP *sm2b257test = NULL; + + sm2p192test = new_ec_group(1, + "BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F", + "BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985", + "1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1", + "4AD5F7048DE709AD51236DE65E4D4B482C836DC6E4106640", + "02BB3A02D4AAADACAE24817A4CA3A1B014B5270432DB27D2", + "BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677", + "1"); + + sm2p256test = new_ec_group(1, + "8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", + "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", + "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", + "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", + "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", + "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", + "1"); + + sm2b193test = new_ec_group(0, + "2000000000000000000000000000000000000000000008001", + "0", + "002FE22037B624DBEBC4C618E13FD998B1A18E1EE0D05C46FB", + "00D78D47E85C93644071BC1C212CF994E4D21293AAD8060A84", + "00615B9E98A31B7B2FDDEEECB76B5D875586293725F9D2FC0C", + "80000000000000000000000043E9885C46BF45D8C5EBF3A1", + "1"); + + sm2b257test = new_ec_group(0, + "20000000000000000000000000000000000000000000000000000000000001001", + "0", + "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", + "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", + "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", + "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", + "1"); + + + test_sm2_sign( + sm2p256test, + "message digest", + "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", + "F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A", + "B524F552CD82B8B028476E005C377FB19A87E6FC682D48BB5D42E3D9B9EFFE76", + "6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F", + "40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1", + "6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7"); + + test_sm2_sign( + sm2b257test, + "message digest", + "771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931", + "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5", + "AD673CBDA311417129A9EAA5F9AB1AA1633AD47718A84DFD46C17C6FA0AA3B12", + "36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6", + "6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B", + "3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556"); + + test_sm2_enc( + sm2p256test, + "encryption standard", + "1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0", + "4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", + "04" + "64D20D27D0632957F8028C1E024F6B02EDF23102A566C932AE8BD613A8E865FE" + "58D225ECA784AE300A81A2D48281A828E1CEDF11C4219099840265375077BF78", + "650053A89B41C418B0C3AAD00D886C00286467", + "9C3D7360C30156FAB7C80A0276712DA9D8094A634B766D3A285E07480653426D"); + + test_sm2_enc( + sm2b257test, + "encryption standard", + "56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB", + "6D3B497153E3E92524E5C122682DBDC8705062E20B917A5F8FCDB8EE4C66663D", + "04" + "0083E628CF701EE3141E8873FE55936ADF24963F5DC9C6480566C80F8A1D8CC51B" + "01524C647F0C0412DEFD468BDA3AE0E5A80FCC8F5C990FEE11602929232DCD9F36", + "FD55AC6213C2A8A040E4CAB5B26A9CFCDA7373FCDA7373", + "73A48625D3758FA37B3EAB80E9CFCABA665E3199EA15A1FA8189D96F579125E4"); + + return 0; +} + + static void test_sm2_enc(void) { int rv; @@ -250,6 +874,7 @@ int sm2_test_evp_pkey_encrypt(void) ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); pkey = EVP_PKEY_new(); EC_KEY_generate_key(ec_key); + EVP_PKEY_set1_SM2(pkey, ec_key); ctx = EVP_PKEY_CTX_new(pkey, NULL); @@ -376,6 +1001,7 @@ int test_sm2_pkey_seal(void) return 0; } + int main(int argc, char **argv) { test_sm2_sign(); diff --git a/crypto/sm3/sm3test.c b/crypto/sm3/sm3test.c index 89302aee..5e021b44 100644 --- a/crypto/sm3/sm3test.c +++ b/crypto/sm3/sm3test.c @@ -1,65 +1,122 @@ -//gcc -o test sm3_test.c -L/usr/local/ssl/lib -I/usr/local/ssl/include -lcrypto +/* crypto/sm3/sm3test.c */ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ #include -#include -#include -static size_t hash[8] = {0}; +#include +#include -void out_hex(size_t *list1) -{ - size_t i = 0; - for (i = 0; i < 8; i++) - { - printf("%08x ", list1[i]); - } - printf("\r\n"); -} +#include "../e_os.h" +#ifdef OPENSSL_NO_SM3 int main(int argc, char *argv[]) { - EVP_MD_CTX mdctx; - const EVP_MD *md; - char mess1[] = "abc"; - char mess2[] = "abc"; - unsigned char md_value[EVP_MAX_MD_SIZE]; - int md_len, i; - //使EVP_Digest系列函数支持所有有效的信息摘要算法 - OpenSSL_add_all_digests(); - - argv[1] = "sm3"; - - if(!argv[1]) { - printf("Usage: mdtest digestname\n"); - exit(1); - } - //根据输入的信息摘要函数的名字得到相应的EVP_MD算法结构 - md = EVP_get_digestbyname(argv[1]); - //md = EVP_sm3(); - - if(!md) { - printf("Unknown message digest %s\n", argv[1]); - exit(1); - } - //初始化信息摘要结构mdctx,这在调用EVP_DigestInit_ex函数的时候是必须的。 - EVP_MD_CTX_init(&mdctx); - //使用md的算法结构设置mdctx结构,impl为NULL,即使用缺省实现的算法(openssl本身提供的信息摘要算法) - EVP_DigestInit_ex(&mdctx, md, NULL); - //开始真正进行信息摘要运算,可以多次调用该函数,处理更多的数据,这里只调用了两次 - EVP_DigestUpdate(&mdctx, mess1, strlen(mess1)); - //EVP_DigestUpdate(&mdctx, mess2, strlen(mess2)); - //完成信息摘要计算过程,将完成的摘要信息存储在md_value里面,长度信息存储在md_len里面 - EVP_DigestFinal_ex(&mdctx, md_value, &md_len); - //使用该函数释放mdctx占用的资源,如果使用_ex系列函数,这是必须调用的。 - EVP_MD_CTX_cleanup(&mdctx); - - printf("Digest is: "); - for(i = 0; i < md_len; i++) printf("%02x", md_value[i]); - printf("\n"); - - //SM3("abc",3,hash); - //out_hex(hash); - - system("pause"); - return 0; + printf("No SM3 support\n"); + return (0); +} +#else +# include +# include + +static char *test[] = { + //"", + "abc", + "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd", + NULL, +}; + +static char *ret[] = { + "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0", + "debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732", +}; + +static char *pt(unsigned char *md); +int main(int argc, char *argv[]) +{ + int i, err = 0; + char **P, **R; + char *p; + unsigned char md[SM3_DIGEST_LENGTH]; + + P = test; + R = ret; + i = 1; + while (*P != NULL) { + EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_sm3(), NULL); + p = pt(md); + if (strcmp(p, (char *)*R) != 0) { + printf("error calculating SM3 on '%s'\n", *P); + printf("got %s instead of %s\n", p, *R); + err++; + } else + printf("test %d ok\n", i); + i++; + R++; + P++; + } + +# ifdef OPENSSL_SYS_NETWARE + if (err) + printf("ERROR: %d\n", err); +# endif + EXIT(err); + return (0); } +static char *pt(unsigned char *md) +{ + int i; + static char buf[80]; //FIXME: 80? + + for (i = 0; i < SM3_DIGEST_LENGTH; i++) + sprintf(&(buf[i * 2]), "%02x", md[i]); + return (buf); +} +#endif diff --git a/crypto/zuc/zuc.c b/crypto/zuc/zuc.c index 5c10b6fe..de8e237a 100755 --- a/crypto/zuc/zuc.c +++ b/crypto/zuc/zuc.c @@ -1,4 +1,5 @@ -#include "../byteorder.h" +#include +#include "../modes/modes_lcl.h" #include "zuc.h" @@ -209,26 +210,39 @@ void ZUC_set_key(ZUC_KEY *key, const unsigned char *k, const unsigned char *iv) void ZUC_encrypt(ZUC_KEY *key, size_t inlen, const unsigned char *in, unsigned char *out) { uint32_t word; + int n = key->buf_index; -/* - while (key->buf_index < 4 && inlen > 0) { - *out++ = *in++ ^ key->buf[key->buf_index++]; + assert(n < 4); + + while (n && inlen) { + *(out++) = *(in++) ^ key->buf[n]; + n = (n + 1) % 4; inlen--; } - + while (inlen >= 4) { BitReorganization(key); - word = le32_to_cpu((uint32_t *)in); + word = GETU32(in); word ^= F(key) ^ key->BRC_X3; - *((uint32_t *)out) = cpu_to_le32(word); + PUTU32(out, word); LFSRWithWorkMode(key); inlen -= 4; + in += 4; + out += 4; } - while (inlen-- > 0) { - *out++ = *in++ ^ *buf++; - key->buflen--; + if (inlen) { + BitReorganization(key); + word = F(key) ^ key->BRC_X3; + LFSRWithWorkMode(key); + PUTU32(key->buf, word); + while (inlen-- > 0) { + out[n] = in[n] ^ key->buf[n]; + n++; + } } -*/ + + key->buf_index = n; + return; } diff --git a/demos/gmssl.sh b/demos/gmssl/gmssl.sh similarity index 100% rename from demos/gmssl.sh rename to demos/gmssl/gmssl.sh diff --git a/demos/gmssl/sm3.c b/demos/gmssl/sm3.c new file mode 100644 index 00000000..116ee430 --- /dev/null +++ b/demos/gmssl/sm3.c @@ -0,0 +1,109 @@ +/* demo/gmssl/sm3.c */ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + FILE *fp = stdin; + unsigned char buf[1024]; + size_t len; + const EVP_MD *md; + EVP_MD_CTX mdctx; + unsigned char dgst[EVP_MAX_MD_SIZE]; + unsigned int dgstlen, i; + + if (argc == 2) { + if (!(fp = fopen(argv[1], "r"))) { + fprintf(stderr, "open file %s failed\n", argv[1]); + return -1; + } + } + + OpenSSL_add_all_digests(); + if (!(md = EVP_get_digestbyname("sm3"))) { + ERR_print_errors_fp(stderr); + goto end; + } + + if (!EVP_DigestInit(&mdctx, md)) { + ERR_print_errors_fp(stderr); + goto end; + } + + while ((len = fread(buf, 1, sizeof(buf), fp))) { + if (!EVP_DigestUpdate(&mdctx, buf, len)) { + ERR_print_errors_fp(stderr); + goto end; + } + } + + if (!EVP_DigestFinal(&mdctx, dgst, &dgstlen)) { + ERR_print_errors_fp(stderr); + goto end; + } + + for (i = 0; i < dgstlen; i++) { + printf("%02x", dgst[i]); + } + printf("\n"); + ret = 0; + +end: + fclose(fp); + EVP_cleanup(); + return ret; +} + diff --git a/demos/gmssl/sm3hmac.c b/demos/gmssl/sm3hmac.c new file mode 100644 index 00000000..fa467b29 --- /dev/null +++ b/demos/gmssl/sm3hmac.c @@ -0,0 +1,108 @@ +/* demo/gmssl/sm3hmac.c */ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include +#include +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + int ret = -1; + FILE *fp = stdin; + unsigned char key[32]; + unsigned char buf[1024]; + int len; + const EVP_MD *md; + HMAC_CTX hmctx; + unsigned char mac[EVP_MAX_MD_SIZE]; + unsigned int maclen, i; + + if (argc == 2) { + if (!(fp = fopen(argv[1], "r"))) { + fprintf(stderr, "open file %s failed\n", argv[1]); + return -1; + } + } + + HMAC_CTX_init(&hmctx); + + RAND_bytes(key, sizeof(key)); + + OpenSSL_add_all_digests(); + if (!(md = EVP_get_digestbyname("sm3"))) { + ERR_print_errors_fp(stderr); + goto end; + } + + HMAC_Init_ex(&hmctx, key, sizeof(key), md, NULL); + + while ((len = fread(buf, 1, sizeof(buf), fp))) { + HMAC_Update(&hmctx, buf, len); + } + + HMAC_Final(&hmctx, mac, &maclen); + + for (i = 0; i < maclen; i++) { + printf("%02x", mac[i]); + } + printf("\n"); + ret = 0; + +end: + fclose(fp); + HMAC_CTX_cleanup(&hmctx); + EVP_cleanup(); + return ret; +} + diff --git a/engines/e_skf.c b/engines/e_skf.c index 07a4b9b2..5b8bc3f1 100644 --- a/engines/e_skf.c +++ b/engines/e_skf.c @@ -25,14 +25,6 @@ static int skf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); static int skf_destroy(ENGINE *e); -/* - -1. - - - -*/ - #define SKF_CMD_LIST_DEVS ENGINE_CMD_BASE @@ -264,14 +256,20 @@ BLOCK_CIPHER_generic(sm4,ofb,OFB) static int skf_cipher_nids[] = { NID_ssf33_ecb, NID_ssf33_cbc, + NID_ssf33_cfb1, + NID_ssf33_cfb8, NID_ssf33_cfb128, NID_ssf33_ofb128, NID_sm1_ecb, NID_sm1_cbc, + NID_sm1_cfb1, + NID_sm1_cfb8, NID_sm1_cfb128, NID_sm1_ofb128, NID_sms4_ecb, NID_sms4_cbc, + NID_sms4_cfb1, + NID_sms4_cfb8, NID_sms4_cfb128, NID_sms4_ofb128, }; diff --git a/engines/skf/skftest.c b/engines/skf/skftest.c index c9ea8b43..2361e441 100644 --- a/engines/skf/skftest.c +++ b/engines/skf/skftest.c @@ -59,10 +59,30 @@ int main(int argc, char **argv) printf(" MaxECCBuffer : %ld\n", devInfo.MaxECCBufferSize); printf(" MaxBuffer : %ld\n", devInfo.MaxBufferSize); - rv = SKF_DevAuth(hDev, authData, sizeof(authData)); + + + ULONG ulAuthAlgId = devInfo.DevAuthAlgId; + unsigned char pbAuthKey[16] = {0}; + + + /* get the DevAuth challenge from GenRandom API + * encrypt challenge with DevAuthKey + */ + rv = SKF_GenRandom(hDev, authRandom, sizeof(authRandom)); + + + rv = SKF_EncryptInit(hKey, param); + + rv = SKF_Encrypt(hKey, authRandom, 16, authResponse, &ulAuthLen); + + + rv = SKF_DevAuth(hDev, authData, authDataLen); assert(rv == SAR_OK); + /* + */ + len = sizeof(appNameList); rv = SKF_EnumApplication(hDev, appNameList, &len); assert(rv == SAR_OK); diff --git a/tools/c_rehash b/tools/c_rehash index 89947c37..27a6921d 100644 --- a/tools/c_rehash +++ b/tools/c_rehash @@ -1,4 +1,4 @@ -#!/opt/local/bin/perl5 +#!/usr/bin/perl # Perl c_rehash script, scan all files in a directory # and add symbolic links to their hash values.