From d9ea57a8c0a10c982ce4348f94396de64e93c56e Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Wed, 22 Feb 2017 18:22:47 +0800 Subject: [PATCH] update sm2 --- crypto/ec/ec_kmeth.c | 71 ---------------------------- crypto/sm2/sm2_kmeth.c | 104 ++++++++++++++++++++++++++++++++++++++++- crypto/sm2/sm2_lcl.h | 5 ++ include/openssl/ec.h | 52 --------------------- include/openssl/sm2.h | 59 ++++++++++++++++++++++- 5 files changed, 165 insertions(+), 126 deletions(-) create mode 100644 crypto/sm2/sm2_lcl.h diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 0579d94c..7c6d0d93 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -322,74 +322,3 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth, *pverify_sig = meth->verify_sig; } -#ifndef OPENSSL_NO_SM2 -void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth, - int (*encrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - ECIES_CIPHERTEXT_VALUE *(*do_encrypt)(int type, - const unsigned char *in, - size_t inlen, - EC_KEY *ec_key)) -{ - meth->encrypt = encrypt; - meth->do_encrypt = do_encrypt; -} - -void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, - int (*decrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - int (do_decrypt)(int type, - const ECIES_CIPHERTEXT_VALUE *in, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key)) -{ - meth->decrypt = decrypt; - meth->do_decrypt = do_decrypt; -} - -void EC_KEY_METHOD_get_encrypt(EC_KEY_METHOD *meth, - int (**pencrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - ECIES_CIPHERTEXT_VALUE *(**pdo_encrypt)(int type, - const unsigned char *in, - size_t inlen, - EC_KEY *ec_key)) -{ - if (pencrypt != NULL) - *pencrypt = meth->encrypt; - if (pdo_encrypt != NULL) - *pdo_encrypt = meth->do_encrypt; -} - -void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, - int (**pdecrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - int (*pdo_decrypt)(int type, - const ECIES_CIPHERTEXT_VALUE *in, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key)) -{ - if (pdecrypt != NULL) - *pdecrypt = meth->decrypt; - if (pdo_decrypt != NULL) - *pdo_decrypt = meth->do_decrypt; -} -#endif diff --git a/crypto/sm2/sm2_kmeth.c b/crypto/sm2/sm2_kmeth.c index a54d98f2..b05fa22e 100644 --- a/crypto/sm2/sm2_kmeth.c +++ b/crypto/sm2/sm2_kmeth.c @@ -53,9 +53,13 @@ #include #include #include "../ec/ec_lcl.h" +#include "sm2_lcl.h" #define SM2_KMETH_FLAGS 0 + +extern EC_KEY_METHOD *default_ec_key_meth; + int SM2_ENC_PARAMS_set_type(SM2_ENC_PARAMS *params, int type) { // FIXME: @@ -169,7 +173,7 @@ end: static const EC_KEY_METHOD gmssl_ec_key_method = { "GmSSL EC_KEY method", - 0, + EC_KEY_METHOD_SM2, 0,0,0,0,0,0, ossl_ec_key_gen, sm2_compute_key, @@ -186,6 +190,102 @@ static const EC_KEY_METHOD gmssl_ec_key_method = { const EC_KEY_METHOD *EC_KEY_GmSSL(void) { - return &gmssl_ec_key_method; + return &gmssl_ec_key_method; } +const EC_KEY_METHOD *EC_KEY_get_default_secg_method(void) +{ + return EC_KEY_OpenSSL(); +} + +const EC_KEY_METHOD *EC_KEY_get_default_sm_method(void) +{ + return EC_KEY_GmSSL(); +} + +void EC_KEY_set_default_secg_method(const EC_KEY_METHOD *meth) +{ + if (meth == NULL) + default_ec_key_meth = EC_KEY_OpenSSL(); + else + default_ec_key_meth = meth; + +} + +void EC_KEY_set_default_sm_method(const EC_KEY_METHOD *meth) +{ + if (meth == NULL) + default_ec_key_meth = EC_KEY_GmSSL(); + else + default_ec_key_meth = meth; +} + +void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth, + int (*encrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + ECIES_CIPHERTEXT_VALUE *(*do_encrypt)(int type, + const unsigned char *in, + size_t inlen, + EC_KEY *ec_key)) +{ + meth->encrypt = encrypt; + meth->do_encrypt = do_encrypt; +} + +void EC_KEY_METHOD_set_decrypt(EC_KEY_METHOD *meth, + int (*decrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + int (do_decrypt)(int type, + const ECIES_CIPHERTEXT_VALUE *in, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key)) +{ + meth->decrypt = decrypt; + meth->do_decrypt = do_decrypt; +} + +void EC_KEY_METHOD_get_encrypt(EC_KEY_METHOD *meth, + int (**pencrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + ECIES_CIPHERTEXT_VALUE *(**pdo_encrypt)(int type, + const unsigned char *in, + size_t inlen, + EC_KEY *ec_key)) +{ + if (pencrypt != NULL) + *pencrypt = meth->encrypt; + if (pdo_encrypt != NULL) + *pdo_encrypt = meth->do_encrypt; +} + +void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, + int (**pdecrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + int (**pdo_decrypt)(int type, + const ECIES_CIPHERTEXT_VALUE *in, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key)) +{ + if (pdecrypt != NULL) + *pdecrypt = meth->decrypt; + if (pdo_decrypt != NULL) + *pdo_decrypt = meth->do_decrypt; +} diff --git a/crypto/sm2/sm2_lcl.h b/crypto/sm2/sm2_lcl.h new file mode 100644 index 00000000..0f3ffa24 --- /dev/null +++ b/crypto/sm2/sm2_lcl.h @@ -0,0 +1,5 @@ + + +#define EC_KEY_METHOD_SM2 0x02 + + diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 5582d6c8..782106dc 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -1272,58 +1272,6 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth, const ECDSA_SIG *sig, EC_KEY *eckey)); -# ifndef OPENSSL_NO_SM2 -void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth, - int (*encrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - ECIES_CIPHERTEXT_VALUE *(*do_encrypt)(int type, - const unsigned char *in, - size_t inlen, - EC_KEY *ec_key)); - -void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, - int (*decrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - int (do_decrypt)(int type, - const ECIES_CIPHERTEXT_VALUE *in, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key)); - -void EC_KEY_METHOD_get_encrypt(EC_KEY_METHOD *meth, - int (**pencrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - ECIES_CIPHERTEXT_VALUE *(**pdo_encrypt)(int type, - const unsigned char *in, - size_t inlen, - EC_KEY *ec_key)); - -void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, - int (**pdecrypt)(int type, - const unsigned char *in, - size_t inlen, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key), - int (*pdo_decrypt)(int type, - const ECIES_CIPHERTEXT_VALUE *in, - unsigned char *out, - size_t *outlen, - EC_KEY *ec_key)); -# endif - # define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x) # ifndef __cplusplus diff --git a/include/openssl/sm2.h b/include/openssl/sm2.h index fcd28c72..b2750a5e 100755 --- a/include/openssl/sm2.h +++ b/include/openssl/sm2.h @@ -56,7 +56,7 @@ #include #include #include -#include +#include #include #ifdef __cplusplus @@ -220,6 +220,63 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum, void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx); +const EC_KEY_METHOD *EC_KEY_GmSSL(void); +const EC_KEY_METHOD *EC_KEY_get_default_secg_method(void); +const EC_KEY_METHOD *EC_KEY_get_default_sm_method(void); +void EC_KEY_set_default_secg_method(const EC_KEY_METHOD *meth); +void EC_KEY_set_default_sm_method(const EC_KEY_METHOD *meth); + + +void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth, + int (*encrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + ECIES_CIPHERTEXT_VALUE *(*do_encrypt)(int type, + const unsigned char *in, + size_t inlen, + EC_KEY *ec_key)); + +void EC_KEY_METHOD_set_decrypt(EC_KEY_METHOD *meth, + int (*decrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + int (do_decrypt)(int type, + const ECIES_CIPHERTEXT_VALUE *in, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key)); + +void EC_KEY_METHOD_get_encrypt(EC_KEY_METHOD *meth, + int (**pencrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + ECIES_CIPHERTEXT_VALUE *(**pdo_encrypt)(int type, + const unsigned char *in, + size_t inlen, + EC_KEY *ec_key)); + +void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth, + int (**pdecrypt)(int type, + const unsigned char *in, + size_t inlen, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key), + int (**pdo_decrypt)(int type, + const ECIES_CIPHERTEXT_VALUE *in, + unsigned char *out, + size_t *outlen, + EC_KEY *ec_key)); + #ifdef __cplusplus } #endif