abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

SM4/CTR

Browse Source
This commit is contained in:
Zhi Guan
2016-04-18 13:41:56 +02:00
parent 37ac6cd45a
commit da6bb109b4
27 changed files with 1494 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/sm3/byteorder.h → crypto/byteorder.h
View File

@@ -1,5 +1,5 @@
#ifndef ZCRYPT_BYTEORDER_H
#define ZCRYPT_BYTEORDER_H
#ifndef HEADER_BYTEORDER_H
#define HEADER_BYTEORDER_H
#ifdef CPU_BIGENDIAN
@@ -11,6 +11,11 @@
#else
#define cpu_to_le16(v) (v)
#define cpu_to_le32(v) (v)
#define le16_to_cpu(v) (v)
#define le32_to_cpu(v) (v)
#define cpu_to_be16(v) (((v)<< 8) | ((v)>>8))
#define cpu_to_be32(v) (((v)>>24) | (((v)>>8)&0xff00) | (((v)<<8)&0xff0000) | ((v)<<24))
#define be16_to_cpu(v) cpu_to_be16(v)

14
crypto/ec/ec.h
View File

@@ -1223,13 +1223,13 @@ void ERR_load_EC_strings(void);
# define EC_F_PKEY_EC_PARAMGEN 219
# define EC_F_PKEY_EC_SIGN 218
#ifndef OPENSSL_NO_GMSSL
#define EC_F_PKEY_EC_ENCRYPT 300
#define EC_F_PKEY_EC_DECRYPT 301
#define EC_F_PKEY_SM2_SIGN 302
#define EC_F_PKEY_SM2_ENCRYPT 303
#define EC_F_PKEY_SM2_DECRYPT 304
#endif
# ifndef OPENSSL_NO_GMSSL
# define EC_F_PKEY_EC_ENCRYPT 300
# define EC_F_PKEY_EC_DECRYPT 301
# define EC_F_PKEY_SM2_SIGN 302
# define EC_F_PKEY_SM2_ENCRYPT 303
# define EC_F_PKEY_SM2_DECRYPT 304
# endif
/* Reason codes. */
# define EC_R_ASN1_ERROR 115

3
crypto/engine/eng_all.c
View File

@@ -113,6 +113,9 @@ void ENGINE_load_builtin_engines(void)
# ifndef OPENSSL_NO_GOST
ENGINE_load_gost();
# endif
# ifndef OPENSSL_NO_SKF
//ENGINE_load_skf();
# endif
# ifndef OPENSSL_NO_GMP
ENGINE_load_gmp();
# endif

3
crypto/engine/engine.h
View File

@@ -411,6 +411,9 @@ void ENGINE_load_gmp(void);
# ifndef OPENSSL_NO_GOST
void ENGINE_load_gost(void);
# endif
# ifndef OPENSSL_NO_SKF
void ENGINE_load_skf(void);
# endif
# endif
void ENGINE_load_cryptodev(void);
void ENGINE_load_rdrand(void);

15
crypto/evp/c_allc.c
View File

@@ -164,12 +164,15 @@ void OpenSSL_add_all_ciphers(void)
#endif
#ifndef OPENSSL_NO_SMS4
EVP_add_cipher(EVP_sms4_ecb());
EVP_add_cipher(EVP_sms4_cbc());
EVP_add_cipher(EVP_sms4_ofb());
EVP_add_cipher(EVP_sms4_cfb128());
EVP_add_cipher_alias(SN_sms4_cbc,"SMS4");
EVP_add_cipher_alias(SN_sms4_cbc,"sms4");
EVP_add_cipher(EVP_sms4_ecb());
EVP_add_cipher(EVP_sms4_cbc());
EVP_add_cipher(EVP_sms4_cfb());
EVP_add_cipher(EVP_sms4_cfb1());
EVP_add_cipher(EVP_sms4_cfb8());
EVP_add_cipher(EVP_sms4_ofb());
EVP_add_cipher(EVP_sms4_ctr());
EVP_add_cipher_alias(SN_sms4_cbc,"SMS4");
EVP_add_cipher_alias(SN_sms4_cbc,"sms4");
#endif
#ifndef OPENSSL_NO_ZUC

472
crypto/evp/e_seed.s Normal file
View File

@@ -0,0 +1,472 @@
.section __TEXT,__text,regular,pure_instructions
.macosx_version_min 10, 10
.globl _EVP_seed_cbc
.align 4, 0x90
_EVP_seed_cbc: ## @EVP_seed_cbc
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp0:
.cfi_def_cfa_offset 16
Ltmp1:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp2:
.cfi_def_cfa_register %rbp
leaq _seed_cbc(%rip), %rax
popq %rbp
retq
.cfi_endproc
.globl _EVP_seed_cfb128
.align 4, 0x90
_EVP_seed_cfb128: ## @EVP_seed_cfb128
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp3:
.cfi_def_cfa_offset 16
Ltmp4:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp5:
.cfi_def_cfa_register %rbp
leaq _seed_cfb128(%rip), %rax
popq %rbp
retq
.cfi_endproc
.globl _EVP_seed_ofb
.align 4, 0x90
_EVP_seed_ofb: ## @EVP_seed_ofb
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp6:
.cfi_def_cfa_offset 16
Ltmp7:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp8:
.cfi_def_cfa_register %rbp
leaq _seed_ofb(%rip), %rax
popq %rbp
retq
.cfi_endproc
.globl _EVP_seed_ecb
.align 4, 0x90
_EVP_seed_ecb: ## @EVP_seed_ecb
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp9:
.cfi_def_cfa_offset 16
Ltmp10:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp11:
.cfi_def_cfa_register %rbp
leaq _seed_ecb(%rip), %rax
popq %rbp
retq
.cfi_endproc
.align 4, 0x90
_seed_init_key: ## @seed_init_key
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp12:
.cfi_def_cfa_offset 16
Ltmp13:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp14:
.cfi_def_cfa_register %rbp
subq $32, %rsp
movq %rdi, -8(%rbp)
movq %rsi, -16(%rbp)
movq %rdx, -24(%rbp)
movl %ecx, -28(%rbp)
movq -16(%rbp), %rdi
movq -8(%rbp), %rdx
movq 120(%rdx), %rdx
movq %rdx, %rsi
callq _SEED_set_key
movl $1, %eax
addq $32, %rsp
popq %rbp
retq
.cfi_endproc
.align 4, 0x90
_seed_cbc_cipher: ## @seed_cbc_cipher
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp15:
.cfi_def_cfa_offset 16
Ltmp16:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp17:
.cfi_def_cfa_register %rbp
subq $48, %rsp
movq %rdi, -8(%rbp)
movq %rsi, -16(%rbp)
movq %rdx, -24(%rbp)
movq %rcx, -32(%rbp)
LBB5_1: ## =>This Inner Loop Header: Depth=1
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
cmpq %rax, -32(%rbp)
jb LBB5_3
## BB#2: ## in Loop: Header=BB5_1 Depth=1
movabsq $4611686018427387904, %rdx ## imm = 0x4000000000000000
movq -24(%rbp), %rdi
movq -16(%rbp), %rsi
movq -8(%rbp), %rax
movq 120(%rax), %rax
movq -8(%rbp), %rcx
addq $40, %rcx
movq -8(%rbp), %r8
movl 16(%r8), %r9d
movq %rcx, -40(%rbp) ## 8-byte Spill
movq %rax, %rcx
movq -40(%rbp), %r8 ## 8-byte Reload
callq _SEED_cbc_encrypt
movq -32(%rbp), %rax
movabsq $4611686018427387904, %rcx ## imm = 0x4000000000000000
subq %rcx, %rax
movq %rax, -32(%rbp)
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
addq -24(%rbp), %rax
movq %rax, -24(%rbp)
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
addq -16(%rbp), %rax
movq %rax, -16(%rbp)
jmp LBB5_1
LBB5_3:
cmpq $0, -32(%rbp)
je LBB5_5
## BB#4:
movq -24(%rbp), %rdi
movq -16(%rbp), %rsi
movq -32(%rbp), %rdx
movq -8(%rbp), %rax
movq 120(%rax), %rax
movq -8(%rbp), %rcx
addq $40, %rcx
movq -8(%rbp), %r8
movl 16(%r8), %r9d
movq %rcx, -48(%rbp) ## 8-byte Spill
movq %rax, %rcx
movq -48(%rbp), %r8 ## 8-byte Reload
callq _SEED_cbc_encrypt
LBB5_5:
movl $1, %eax
addq $48, %rsp
popq %rbp
retq
.cfi_endproc
.align 4, 0x90
_seed_cfb128_cipher: ## @seed_cfb128_cipher
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp18:
.cfi_def_cfa_offset 16
Ltmp19:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp20:
.cfi_def_cfa_register %rbp
subq $80, %rsp
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
movq %rdi, -8(%rbp)
movq %rsi, -16(%rbp)
movq %rdx, -24(%rbp)
movq %rcx, -32(%rbp)
movq %rax, -40(%rbp)
movq -32(%rbp), %rax
cmpq -40(%rbp), %rax
jae LBB6_2
## BB#1:
movq -32(%rbp), %rax
movq %rax, -40(%rbp)
LBB6_2:
jmp LBB6_3
LBB6_3: ## =>This Inner Loop Header: Depth=1
xorl %eax, %eax
movb %al, %cl
cmpq $0, -32(%rbp)
movb %cl, -41(%rbp) ## 1-byte Spill
je LBB6_5
## BB#4: ## in Loop: Header=BB6_3 Depth=1
movq -32(%rbp), %rax
cmpq -40(%rbp), %rax
setae %cl
movb %cl, -41(%rbp) ## 1-byte Spill
LBB6_5: ## in Loop: Header=BB6_3 Depth=1
movb -41(%rbp), %al ## 1-byte Reload
testb $1, %al
jne LBB6_6
jmp LBB6_9
LBB6_6: ## in Loop: Header=BB6_3 Depth=1
movq -24(%rbp), %rdi
movq -16(%rbp), %rsi
movq -32(%rbp), %rdx
movq -8(%rbp), %rax
movq 120(%rax), %rax
movq -8(%rbp), %rcx
addq $40, %rcx
movq -8(%rbp), %r8
addq $88, %r8
movq -8(%rbp), %r9
movl 16(%r9), %r10d
movq %rcx, -56(%rbp) ## 8-byte Spill
movq %rax, %rcx
movq -56(%rbp), %rax ## 8-byte Reload
movq %r8, -64(%rbp) ## 8-byte Spill
movq %rax, %r8
movq -64(%rbp), %r9 ## 8-byte Reload
movl %r10d, (%rsp)
callq _SEED_cfb128_encrypt
movq -40(%rbp), %rax
movq -32(%rbp), %rcx
subq %rax, %rcx
movq %rcx, -32(%rbp)
movq -40(%rbp), %rax
addq -24(%rbp), %rax
movq %rax, -24(%rbp)
movq -40(%rbp), %rax
addq -16(%rbp), %rax
movq %rax, -16(%rbp)
movq -32(%rbp), %rax
cmpq -40(%rbp), %rax
jae LBB6_8
## BB#7: ## in Loop: Header=BB6_3 Depth=1
movq -32(%rbp), %rax
movq %rax, -40(%rbp)
LBB6_8: ## in Loop: Header=BB6_3 Depth=1
jmp LBB6_3
LBB6_9:
movl $1, %eax
addq $80, %rsp
popq %rbp
retq
.cfi_endproc
.align 4, 0x90
_seed_ofb_cipher: ## @seed_ofb_cipher
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp21:
.cfi_def_cfa_offset 16
Ltmp22:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp23:
.cfi_def_cfa_register %rbp
subq $64, %rsp
movq %rdi, -8(%rbp)
movq %rsi, -16(%rbp)
movq %rdx, -24(%rbp)
movq %rcx, -32(%rbp)
LBB7_1: ## =>This Inner Loop Header: Depth=1
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
cmpq %rax, -32(%rbp)
jb LBB7_3
## BB#2: ## in Loop: Header=BB7_1 Depth=1
movabsq $4611686018427387904, %rdx ## imm = 0x4000000000000000
movq -24(%rbp), %rdi
movq -16(%rbp), %rsi
movq -8(%rbp), %rax
movq 120(%rax), %rax
movq -8(%rbp), %rcx
addq $40, %rcx
movq -8(%rbp), %r8
addq $88, %r8
movq %rcx, -40(%rbp) ## 8-byte Spill
movq %rax, %rcx
movq -40(%rbp), %rax ## 8-byte Reload
movq %r8, -48(%rbp) ## 8-byte Spill
movq %rax, %r8
movq -48(%rbp), %r9 ## 8-byte Reload
callq _SEED_ofb128_encrypt
movq -32(%rbp), %rax
movabsq $4611686018427387904, %rcx ## imm = 0x4000000000000000
subq %rcx, %rax
movq %rax, -32(%rbp)
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
addq -24(%rbp), %rax
movq %rax, -24(%rbp)
movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000
addq -16(%rbp), %rax
movq %rax, -16(%rbp)
jmp LBB7_1
LBB7_3:
cmpq $0, -32(%rbp)
je LBB7_5
## BB#4:
movq -24(%rbp), %rdi
movq -16(%rbp), %rsi
movq -32(%rbp), %rdx
movq -8(%rbp), %rax
movq 120(%rax), %rax
movq -8(%rbp), %rcx
addq $40, %rcx
movq -8(%rbp), %r8
addq $88, %r8
movq %rcx, -56(%rbp) ## 8-byte Spill
movq %rax, %rcx
movq -56(%rbp), %rax ## 8-byte Reload
movq %r8, -64(%rbp) ## 8-byte Spill
movq %rax, %r8
movq -64(%rbp), %r9 ## 8-byte Reload
callq _SEED_ofb128_encrypt
LBB7_5:
movl $1, %eax
addq $64, %rsp
popq %rbp
retq
.cfi_endproc
.align 4, 0x90
_seed_ecb_cipher: ## @seed_ecb_cipher
.cfi_startproc
## BB#0:
pushq %rbp
Ltmp24:
.cfi_def_cfa_offset 16
Ltmp25:
.cfi_offset %rbp, -16
movq %rsp, %rbp
Ltmp26:
.cfi_def_cfa_register %rbp
subq $64, %rsp
movq %rdi, -16(%rbp)
movq %rsi, -24(%rbp)
movq %rdx, -32(%rbp)
movq %rcx, -40(%rbp)
movq -16(%rbp), %rcx
movq (%rcx), %rcx
movslq 4(%rcx), %rcx
movq %rcx, -56(%rbp)
movq -40(%rbp), %rcx
cmpq -56(%rbp), %rcx
jae LBB8_2
## BB#1:
movl $1, -4(%rbp)
jmp LBB8_7
LBB8_2:
movq -56(%rbp), %rax
movq -40(%rbp), %rcx
subq %rax, %rcx
movq %rcx, -40(%rbp)
movq $0, -48(%rbp)
LBB8_3: ## =>This Inner Loop Header: Depth=1
movq -48(%rbp), %rax
cmpq -40(%rbp), %rax
ja LBB8_6
## BB#4: ## in Loop: Header=BB8_3 Depth=1
movq -32(%rbp), %rax
addq -48(%rbp), %rax
movq -24(%rbp), %rcx
addq -48(%rbp), %rcx
movq -16(%rbp), %rdx
movq 120(%rdx), %rdx
movq -16(%rbp), %rsi
movl 16(%rsi), %edi
movl %edi, -60(%rbp) ## 4-byte Spill
movq %rax, %rdi
movq %rcx, %rsi
movl -60(%rbp), %ecx ## 4-byte Reload
callq _SEED_ecb_encrypt
## BB#5: ## in Loop: Header=BB8_3 Depth=1
movq -56(%rbp), %rax
addq -48(%rbp), %rax
movq %rax, -48(%rbp)
jmp LBB8_3
LBB8_6:
movl $1, -4(%rbp)
LBB8_7:
movl -4(%rbp), %eax
addq $64, %rsp
popq %rbp
retq
.cfi_endproc
.section __DATA,__const
.align 3 ## @seed_cbc
_seed_cbc:
.long 777 ## 0x309
.long 16 ## 0x10
.long 16 ## 0x10
.long 16 ## 0x10
.quad 2 ## 0x2
.quad _seed_init_key
.quad _seed_cbc_cipher
.quad 0
.long 128 ## 0x80
.space 4
.quad 0
.quad 0
.quad 0
.quad 0
.align 3 ## @seed_cfb128
_seed_cfb128:
.long 779 ## 0x30b
.long 1 ## 0x1
.long 16 ## 0x10
.long 16 ## 0x10
.quad 3 ## 0x3
.quad _seed_init_key
.quad _seed_cfb128_cipher
.quad 0
.long 128 ## 0x80
.space 4
.quad 0
.quad 0
.quad 0
.quad 0
.align 3 ## @seed_ofb
_seed_ofb:
.long 778 ## 0x30a
.long 1 ## 0x1
.long 16 ## 0x10
.long 16 ## 0x10
.quad 4 ## 0x4
.quad _seed_init_key
.quad _seed_ofb_cipher
.quad 0
.long 128 ## 0x80
.space 4
.quad 0
.quad 0
.quad 0
.quad 0
.align 3 ## @seed_ecb
_seed_ecb:
.long 776 ## 0x308
.long 16 ## 0x10
.long 16 ## 0x10
.long 0 ## 0x0
.quad 1 ## 0x1
.quad _seed_init_key
.quad _seed_ecb_cipher
.quad 0
.long 128 ## 0x80
.space 4
.quad 0
.quad 0
.quad 0
.quad 0
.subsections_via_symbols

191
crypto/evp/e_sms4.c
View File

@@ -1,14 +1,66 @@
/* crypto/evp/e_sms4.c */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "cryptlib.h"
#ifndef OPENSSL_NO_SMS4
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/crypto.h>
#include "evp_locl.h"
#include "modes_lcl.h"
#include <openssl/sms4.h>
#define SMS4_IV_LENGTH SMS4_BLOCK_SIZE
typedef struct {
@@ -37,16 +89,96 @@ IMPLEMENT_BLOCK_CIPHER(sms4, ks, sms4, EVP_SMS4_KEY, NID_sms4,
SMS4_BLOCK_SIZE, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, 128, 0,
sms4_init_key, NULL, NULL, NULL, NULL)
#if 0
static int sms4_ctr_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out,
const unsigned char *in, size_t inlen)
# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
static int sms4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_SMS4_KEY *sms4_key = (EVP_SMS4_KEY *)ctx->cipher_data;
if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
CRYPTO_cfb128_1_encrypt(in, out, len, &sms4_key->ks,
ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt);
return 1;
}
while (len >= MAXBITCHUNK) {
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &sms4_key->ks,
ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt);
len -= MAXBITCHUNK;
}
if (len) {
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &sms4_key->ks,
ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt);
}
return 1;
}
const EVP_CIPHER sms4_cfb1 = {
NID_sms4_cfb1,
SMS4_BLOCK_SIZE,
SMS4_KEY_LENGTH,
SMS4_IV_LENGTH,
EVP_CIPH_CTR_MODE,
sms4_init_key,
sms4_cfb1_cipher,
NULL, /* cleanup() */
sizeof(EVP_SMS4_KEY),
NULL, /* set_asn1_parameters() */
NULL, /* get_asn1_parameters() */
NULL, /* ctrl() */
NULL /* app_data */
};
const EVP_CIPHER *EVP_sms4_cfb1(void)
{
return &sms4_cfb1;
}
static int sms4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
EVP_SMS4_KEY *sms4_key = (EVP_SMS4_KEY *)ctx->cipher_data;
CRYPTO_cfb128_8_encrypt(in, out, len, &sms4_key->ks,
ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt);
return 1;
}
const EVP_CIPHER sms4_cfb8 = {
NID_sms4_cfb8,
SMS4_BLOCK_SIZE,
SMS4_KEY_LENGTH,
SMS4_IV_LENGTH,
EVP_CIPH_CTR_MODE,
sms4_init_key,
sms4_cfb8_cipher,
NULL,
sizeof(EVP_SMS4_KEY),
NULL,
NULL,
NULL,
NULL,
};
const EVP_CIPHER *EVP_sms4_cfb8(void)
{
return &sms4_cfb8;
}
static int sms4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
unsigned int num = ctx->num;
EVP_SMS4_KEY *sms4 = (EVP_SMS4_KEY *)ctx->cipher_data;
CRYPTO_ctr128_encrypt_ctr32(in, out, inlen, &sms4->ks, ctx->iv, ctx->buf,
&num, sms4_ctr_encrypt);
CRYPTO_ctr128_encrypt_ctr32(in, out, len, &sms4->ks, ctx->iv, ctx->buf,
&num, sms4_ctr128_encrypt);
ctx->num = (size_t)num;
return 1;
@@ -57,11 +189,11 @@ const EVP_CIPHER sms4_ctr = {
SMS4_BLOCK_SIZE,
SMS4_KEY_LENGTH,
SMS4_IV_LENGTH,
0,
EVP_CIPH_CTR_MODE,
sms4_init_key,
sms4_ctr_cipher,
NULL, /* cleanup() */
sizeof(EVP_SMS4_CTX),
sizeof(EVP_SMS4_KEY),
NULL, /* set_asn1_parameters() */
NULL, /* get_asn1_parameters() */
NULL, /* ctrl() */
@@ -73,40 +205,7 @@ const EVP_CIPHER *EVP_sms4_ctr(void)
return &sms4_ctr;
}
static int sms4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
int mode;
mode = ctx->cipher->flags & EVP_CIPH_MODE;
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) {
ret = sms4_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
sms4->block = (block128_f)sms4_decrypt;
sms4->stream.cbc = (mode == EVP_CIPH_CBC_MODE ?
(cbc128_f)sms4_cbc_encrypt : NULL);
} else {
ret = sms4_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
sms4->block = (block128_f)sms4_encrypt;
if (mode == EVP_CIPH_CBC_MODE) {
sms4->stream.cbc = (cbc128_f)sms4_cbc_encrypt;
} else if (mode == EVP_CIPH_CTR_MODE) {
sms4->stream.ctr = (ctr128_f)sms4_ctr32_encrypt_blocks;
} else {
sms4->stream.cbc = NULL;
}
}
if (ret < 0) {
return 0;
}
return 1;
}
#if 0
typedef struct {
sms4_key_t ks;
@@ -121,9 +220,6 @@ typedef struct {
} EVP_SMS4_GCM_CTX;
static int sms4_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
@@ -145,11 +241,6 @@ static int sms4_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
}
typedef struct {
union {
double align;

0
crypto/evp/e_sms4_cbc_hmac_sm3.c Normal file
View File

9
crypto/evp/evp.h
View File

@@ -847,8 +847,11 @@ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
#ifndef OPENSSL_NO_SMS4
const EVP_CIPHER *EVP_sms4_ecb(void);
const EVP_CIPHER *EVP_sms4_cbc(void);
const EVP_CIPHER *EVP_sms4_cfb1(void);
const EVP_CIPHER *EVP_sms4_cfb8(void);
const EVP_CIPHER *EVP_sms4_cfb128(void);
const EVP_CIPHER *EVP_sms4_ofb128(void);
#define EVP_sms4_cfb EVP_sms4_cfb128
const EVP_CIPHER *EVP_sms4_ofb(void);
const EVP_CIPHER *EVP_sms4_ctr(void);
const EVP_CIPHER *EVP_sms4_ccm(void);
const EVP_CIPHER *EVP_sms4_gcm(void);
@@ -856,8 +859,8 @@ const EVP_CIPHER *EVP_sms4_xts(void);
const EVP_CIPHER *EVP_sms4_wrap(void);
#define EVP_sm4_ecb EVP_sms4_ecb
#define EVP_sm4_cbc EVP_sms4_cbc
#define EVP_sm4_cfb128 EVP_sms4_cfb128
#define EVP_sm4_ofb128 EVP_sms4_ofb128
#define EVP_sm4_cfb EVP_sms4_cfb
#define EVP_sm4_ofb EVP_sms4_ofb
#endif
#ifndef OPENSSL_NO_ZUC
const EVP_CIPHER *EVP_zuc(void);

51
crypto/evp/m_sm3.c
View File

@@ -1,3 +1,54 @@
/* crypto/sms4/sms4.h */
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <stdio.h>
#include "cryptlib.h"

40
crypto/objects/obj_dat.h
View File

@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
#define NUM_NID 1031
#define NUM_SN 1009
#define NUM_LN 1009
#define NUM_OBJ 947
#define NUM_NID 1033
#define NUM_SN 1011
#define NUM_LN 1011
#define NUM_OBJ 949
static const unsigned char lvalues[6667]={
static const unsigned char lvalues[6683]={
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
@@ -1003,12 +1003,14 @@ static const unsigned char lvalues[6667]={
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x01, /* [6594] OBJ_ssf33_ecb */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x02, /* [6602] OBJ_ssf33_cbc */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x03, /* [6610] OBJ_ssf33_ofb128 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x04, /* [6618] OBJ_ssf33_cfb128 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x04, /* [6618] OBJ_ssf33_cfb128 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2E, /* [6626] OBJ_id_sm9PublicKey */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x05, /* [6634] OBJ_sms4_ctr */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x06, /* [6642] OBJ_sms4_gcm */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x07, /* [6650] OBJ_sms4_ccm */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x08, /* [6658] OBJ_sms4_xts */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x07, /* [6634] OBJ_sms4_ctr */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x08, /* [6642] OBJ_sms4_gcm */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x09, /* [6650] OBJ_sms4_ccm */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x0A, /* [6658] OBJ_sms4_xts */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x05, /* [6666] OBJ_sms4_cfb1 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x06, /* [6674] OBJ_sms4_cfb8 */
};
static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2663,6 +2665,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"SMS4-CCM","sms4-ccm",NID_sms4_ccm,8,&(lvalues[6650]),0},
{"SMS4-XTS","sms4-xts",NID_sms4_xts,8,&(lvalues[6658]),0},
{"SM1-CFB","sm1-cfb",NID_sm1_cfb,0,NULL,0},
{"SMS4-CFB1","sms4-cfb1",NID_sms4_cfb1,8,&(lvalues[6666]),0},
{"SMS4-CFB8","sms4-cfb8",NID_sms4_cfb8,8,&(lvalues[6674]),0},
};
static const unsigned int sn_objs[NUM_SN]={
@@ -2869,6 +2873,8 @@ static const unsigned int sn_objs[NUM_SN]={
978, /* "SMS4-CBC" */
1028, /* "SMS4-CCM" */
982, /* "SMS4-CFB" */
1031, /* "SMS4-CFB1" */
1032, /* "SMS4-CFB8" */
1026, /* "SMS4-CTR" */
977, /* "SMS4-ECB" */
1027, /* "SMS4-GCM" */
@@ -4631,6 +4637,8 @@ static const unsigned int ln_objs[NUM_LN]={
978, /* "sms4-cbc" */
1028, /* "sms4-ccm" */
982, /* "sms4-cfb" */
1031, /* "sms4-cfb1" */
1032, /* "sms4-cfb8" */
1026, /* "sms4-ctr" */
977, /* "sms4-ecb" */
1027, /* "sms4-gcm" */
@@ -5134,15 +5142,17 @@ static const unsigned int obj_objs[NUM_OBJ]={
1020, /* OBJ_ssf33_ecb 1 2 156 10197 1 103 1 */
1021, /* OBJ_ssf33_cbc 1 2 156 10197 1 103 2 */
1022, /* OBJ_ssf33_ofb128 1 2 156 10197 1 103 3 */
1023, /* OBJ_ssf33_cfb128 1 2 156 10197 1 103 4 */
977, /* OBJ_sms4_ecb 1 2 156 10197 1 104 1 */
978, /* OBJ_sms4_cbc 1 2 156 10197 1 104 2 */
981, /* OBJ_sms4_ofb128 1 2 156 10197 1 104 3 */
982, /* OBJ_sms4_cfb128 1 2 156 10197 1 104 4 */
1023, /* OBJ_ssf33_cfb128 1 2 156 10197 1 104 4 */
1026, /* OBJ_sms4_ctr 1 2 156 10197 1 104 5 */
1027, /* OBJ_sms4_gcm 1 2 156 10197 1 104 6 */
1028, /* OBJ_sms4_ccm 1 2 156 10197 1 104 7 */
1029, /* OBJ_sms4_xts 1 2 156 10197 1 104 8 */
1031, /* OBJ_sms4_cfb1 1 2 156 10197 1 104 5 */
1032, /* OBJ_sms4_cfb8 1 2 156 10197 1 104 6 */
1026, /* OBJ_sms4_ctr 1 2 156 10197 1 104 7 */
1027, /* OBJ_sms4_gcm 1 2 156 10197 1 104 8 */
1028, /* OBJ_sms4_ccm 1 2 156 10197 1 104 9 */
1029, /* OBJ_sms4_xts 1 2 156 10197 1 104 10 */
1006, /* OBJ_sm5 1 2 156 10197 1 201 */
958, /* OBJ_sm2p256v1 1 2 156 10197 1 301 */
1025, /* OBJ_id_sm9PublicKey 1 2 156 10197 1 302 */

20
crypto/objects/obj_mac.h
View File

@@ -4336,7 +4336,7 @@
#define SN_ssf33_cfb128 "SSF33-CFB"
#define LN_ssf33_cfb128 "ssf33-cfb"
#define NID_ssf33_cfb128 1023
#define OBJ_ssf33_cfb128 OBJ_sm,104L,4L
#define OBJ_ssf33_cfb128 OBJ_sm,103L,4L
#define SN_sms4_ecb "SMS4-ECB"
#define LN_sms4_ecb "sms4-ecb"
@@ -4358,25 +4358,35 @@
#define NID_sms4_cfb128 982
#define OBJ_sms4_cfb128 OBJ_sm,104L,4L
#define SN_sms4_cfb1 "SMS4-CFB1"
#define LN_sms4_cfb1 "sms4-cfb1"
#define NID_sms4_cfb1 1031
#define OBJ_sms4_cfb1 OBJ_sm,104L,5L
#define SN_sms4_cfb8 "SMS4-CFB8"
#define LN_sms4_cfb8 "sms4-cfb8"
#define NID_sms4_cfb8 1032
#define OBJ_sms4_cfb8 OBJ_sm,104L,6L
#define SN_sms4_ctr "SMS4-CTR"
#define LN_sms4_ctr "sms4-ctr"
#define NID_sms4_ctr 1026
#define OBJ_sms4_ctr OBJ_sm,104L,5L
#define OBJ_sms4_ctr OBJ_sm,104L,7L
#define SN_sms4_gcm "SMS4-GCM"
#define LN_sms4_gcm "sms4-gcm"
#define NID_sms4_gcm 1027
#define OBJ_sms4_gcm OBJ_sm,104L,6L
#define OBJ_sms4_gcm OBJ_sm,104L,8L
#define SN_sms4_ccm "SMS4-CCM"
#define LN_sms4_ccm "sms4-ccm"
#define NID_sms4_ccm 1028
#define OBJ_sms4_ccm OBJ_sm,104L,7L
#define OBJ_sms4_ccm OBJ_sm,104L,9L
#define SN_sms4_xts "SMS4-XTS"
#define LN_sms4_xts "sms4-xts"
#define NID_sms4_xts 1029
#define OBJ_sms4_xts OBJ_sm,104L,8L
#define OBJ_sms4_xts OBJ_sm,104L,10L
#define NID_sm7 1004
#define OBJ_sm7 OBJ_sm,105L

2
crypto/objects/obj_mac.num
View File

@@ -1028,3 +1028,5 @@ sms4_gcm 1027
sms4_ccm 1028
sms4_xts 1029
sm1_cfb 1030
sms4_cfb1 1031
sms4_cfb8 1032

12
crypto/objects/objects.txt
View File

@@ -1395,7 +1395,7 @@ sm 103 2 : SSF33-CBC : ssf33-cbc
!Cname ssf33-ofb128
sm 103 3 : SSF33-OFB : ssf33-ofb
!Cname ssf33-cfb128
sm 104 4 : SSF33-CFB : ssf33-cfb
sm 103 4 : SSF33-CFB : ssf33-cfb
sm 104 1 : SMS4-ECB : sms4-ecb
sm 104 2 : SMS4-CBC : sms4-cbc
@@ -1403,10 +1403,12 @@ sm 104 2 : SMS4-CBC : sms4-cbc
sm 104 3 : SMS4-OFB : sms4-ofb
!Cname sms4-cfb128
sm 104 4 : SMS4-CFB : sms4-cfb
sm 104 5 : SMS4-CTR : sms4-ctr
sm 104 6 : SMS4-GCM : sms4-gcm
sm 104 7 : SMS4-CCM : sms4-ccm
sm 104 8 : SMS4-XTS : sms4-xts
sm 104 5 : SMS4-CFB1 : sms4-cfb1
sm 104 6 : SMS4-CFB8 : sms4-cfb8
sm 104 7 : SMS4-CTR : sms4-ctr
sm 104 8 : SMS4-GCM : sms4-gcm
sm 104 9 : SMS4-CCM : sms4-ccm
sm 104 10 : SMS4-XTS : sms4-xts
!Alias sm7 sm 105

82
crypto/sm2/sm2_locl.h Normal file
View File

@@ -0,0 +1,82 @@
/* crypto/sm2/sm2_locl.h */
/* ====================================================================
* Copyright (c) 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_SM2_LOCL_H
#define HEADER_SM2_LOCL_H
#ifdef __cplusplus
extern "C" {
#endif
struct sm2sign_method {
const char *name;
SM2_SIG *(*sm2_do_sign)(const unsigned char *dgst, int dgstlen);
int (*sm2_sign_setup)(void);
int (*sm2_do_verify)(void);
int flag;
void *app_data;
};
#ifdef __cplusplus
}
#endif
#endif

254
crypto/sm2/sm2test.c
View File

@@ -1,7 +1,3 @@
/*
* cc -Wall -I ../../include/ sm2test.c ../../libcrypto.a
*/
#include <stdio.h>
#include <string.h>
#include <strings.h>
@@ -9,7 +5,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
static int test_sm2_sign(void)
static void test_sm2_sign(void)
{
int rv;
EC_KEY *ec_key = NULL;
@@ -39,10 +35,9 @@ static int test_sm2_sign(void)
ECDSA_SIG_free(sig);
printf("%s() success\n", __FUNCTION__);
return 0;
}
static int test_sm2_enc(void)
static void test_sm2_enc(void)
{
int rv;
EC_KEY *ec_key = NULL;
@@ -85,10 +80,9 @@ static int test_sm2_enc(void)
printf("decrypted plaintext: %s\n", ptbuf);
*/
printf("%s() success\n", __FUNCTION__);
return 0;
}
static int test_sm2_kap(void)
static void test_sm2_kap(void)
{
int rv = 0;
@@ -137,7 +131,248 @@ static int test_sm2_kap(void)
rv = SM2_KAP_final_check(&ctx2);
OPENSSL_assert(rv == 1);
}
int main(int argc, char **argv)
{
int rv;
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
const EVP_PKEY_METHOD *pmeth;
const EVP_PKEY_ASN1_METHOD *ameth;
BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
OPENSSL_assert(ec_key);
rv = EC_KEY_generate_key(ec_key);
OPENSSL_assert(rv == 1);
pkey = EVP_PKEY_new();
OPENSSL_assert(pkey);
pmeth = EVP_PKEY_meth_find(EVP_PKEY_SM2);
OPENSSL_assert(pmeth);
ameth = EVP_PKEY_asn1_find(NULL, EVP_PKEY_SM2);
OPENSSL_assert(ameth);
rv = EVP_PKEY_set1_SM2(pkey, ec_key);
OPENSSL_assert(rv == 1);
printf("pkey type : %d\n", EVP_PKEY_type(pkey->type));
printf("pkey id : %d\n", EVP_PKEY_id(pkey));
printf("pkey base id : %d\n", EVP_PKEY_base_id(pkey));
printf("pkey bits : %d\n", EVP_PKEY_bits(pkey));
rv = EVP_PKEY_print_public(bio, pkey, 0, NULL);
OPENSSL_assert(rv == 1);
rv = EVP_PKEY_print_private(bio, pkey, 0, NULL);
OPENSSL_assert(rv == 1);
rv = EVP_PKEY_print_params(bio, pkey, 0, NULL);
OPENSSL_assert(rv == 1);
printf("%s() success!\n", __FUNCTION__);
return 0;
}
int test_sm2_evp_digestsign(void)
{
int rv;
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pk_ctx = NULL;
EVP_MD_CTX *md_ctx = NULL;
const *EVP_MD *md = EVP_sm3();
char *msg1 = "Hello ";
char *msg2 = "World!";
unsigned char sig[512];
size_t siglen = sizeof(sig);
/* init EVP_PKEY */
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
OPENSSL_assert(ec_key);
rv = EC_KEY_generate_key(ec_key);
OPENSSL_assert(rv == 1);
pkey = EVP_PKEY_new();
OPENSSL_assert(pkey != NULL);
rv = EVP_PKEY_set1_SM2(pkey, ec_key);
OPENSSL_assert(rv == 1);
/* test EVP_DigestSignInit/Update/Final */
md_ctx = EVP_MD_CTX_create();
OPENSSL_assert(md_ctx != NULL);
rv = EVP_DigestSignInit(md_ctx, &pk_ctx, md, NULL, pkey);
if (rv != 1)
ERR_print_errors_fp(stderr);
OPENSSL_assert(rv == 1);
OPENSSL_assert(pkctx != NULL);
rv = EVP_DigestSignUpdate(md_ctx, msg1, strlen(msg1));
OPENSSL_assert(rv == 1);
rv = EVP_DigestSignUpdate(md_ctx, msg2, strlen(msg2));
OPENSSL_assert(rv == 1);
rv = EVP_DigestSignFinal(md_ctx, sig, &siglen);
OPENSSL_assert(rv == 1);
EC_KEY_free(ec_key);
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(pk_ctx);
EVP_MD_CTX_destroy(md_ctx);
printf("%s() success!\n", __FUNCTION__);
return 0;
}
int sm2_test_evp_pkey_encrypt(void)
{
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *msg = "Hello world!";
unsigned char ptbuf[256];
unsigned char ctbuf[256];
size_t ptlen, ctlen, i;
/* Generate SM2 EVP_PKEY */
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
pkey = EVP_PKEY_new();
EC_KEY_generate_key(ec_key);
EVP_PKEY_set1_SM2(pkey, ec_key);
ctx = EVP_PKEY_CTX_new(pkey, NULL);
/* Encrypt */
EVP_PKEY_encrypt_init(ctx);
ctlen = sizeof(ctbuf);
bzero(ctbuf, ctlen);
EVP_PKEY_encrypt(ctx, ctbuf, &ctlen, (unsigned char *)msg, strlen(msg) + 1);
printf("encrypted message (%zu bytes) : ", ctlen);
for (i = 0; i < ctlen; i++) {
printf("%02x", ctbuf[i]);
}
printf("\n");
/* Decrypt */
EVP_PKEY_decrypt_init(ctx);
ptlen = sizeof(ptbuf);
bzero(ptbuf, ptlen);
if (!EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen)) {
fprintf(stderr, "sm2 decrypt failed.\n");
}
printf("decrypted message : %s\n", ptbuf);
EVP_PKEY_free(pkey);
EC_KEY_free(ec_key);
EVP_PKEY_CTX_free(ctx);
return 0;
}
EVP_PKEY *pkey_new_ec()
{
int rv;
ECIES_PARAMS param;
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
OPENSSL_assert(ec_key);
rv = EC_KEY_generate_key(ec_key);
OPENSSL_assert(rv == 1);
param.mac_nid = NID_hmac_full_ecies;
param.kdf_md = EVP_sha1();
param.sym_cipher = EVP_aes_128_cbc();
param.mac_md = EVP_sha1();
rv = ECIES_set_parameters(ec_key, &param);
ERR_print_errors_fp(stderr);
OPENSSL_assert(rv == 1);
OPENSSL_assert(ECIES_get_parameters(ec_key) != NULL);
pkey = EVP_PKEY_new();
OPENSSL_assert(pkey);
const EVP_PKEY_ASN1_METHOD *ameth = EVP_PKEY_asn1_find(NULL, EVP_PKEY_SM2);
OPENSSL_assert(ameth);
rv = EVP_PKEY_set1_SM2(pkey, ec_key);
ERR_print_errors_fp(stderr);
OPENSSL_assert(rv == 1);
return pkey;
}
int test_sm2_pkey_seal(void)
{
int rv;
EVP_PKEY *pkey[2];
int num_pkeys = sizeof(pkey)/sizeof(pkey[0]);
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_sms4_cbc();
unsigned char iv[16];
unsigned char ek[2][256];
int eklen[sizeof(pkey)/sizeof(pkey[0])];
char *msg1 = "Hello ";
char *msg2 = "World!";
unsigned char ctbuf[256];
unsigned char ptbuf[256];
unsigned char *p;
int len, ctlen;
int i;
for (i = 0; i < num_pkeys; i++) {
pkey[i] = pkey_new_ec();
}
EVP_CIPHER_CTX_init(&ctx);
RAND_bytes(iv, sizeof(iv));
/* EVP_SealInit/Update/Final() */
rv = EVP_SealInit(&ctx, cipher, ek, eklen, iv, pkey, num_pkeys);
OPENSSL_assert(rv == num_pkeys);
p = ctbuf;
rv = EVP_SealUpdate(&ctx, p, &len, (unsigned char *)msg1, strlen(msg1));
OPENSSL_assert(rv == 1);
p += len;
rv = EVP_SealUpdate(&ctx, p, &len, (unsigned char *)msg2, strlen(msg2));
OPENSSL_assert(rv == 1);
p += len;
rv = EVP_SealFinal(&ctx, p, &len);
OPENSSL_assert(rv == 1);
p += len;
ctlen = p - ctbuf;
/* EVP_OpenInit/Update/Final() */
// TODO
printf("%s() success!\n", __FUNCTION__);
return 0;
}
@@ -148,3 +383,4 @@ int main(int argc, char **argv)
return 0;
}

4
crypto/sm3/Makefile
View File

@@ -79,5 +79,5 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
sm3.o: sm3.c sm3.h byteorder.h
sm3test.o: sm3test.c sm3.h byteorder.h
sm3.o: sm3.c sm3.h ../byteorder.h
sm3test.o: sm3test.c sm3.h ../byteorder.h

2
crypto/sm3/sm3.c
View File

@@ -51,7 +51,7 @@
#include "sm3.h"
#include "byteorder.h"
#include "../byteorder.h"
#include <string.h>

4
crypto/sms4/Makefile
View File

@@ -17,8 +17,8 @@ TEST=
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC=sms4_cbc.c sms4_cfb.c sms4_ecb.c sms4_ofb.c sms4.c
LIBOBJ=sms4_cbc.o sms4_cfb.o sms4_ecb.o sms4_ofb.o sms4.o
LIBSRC=sms4_cbc.c sms4_cfb.c sms4_ecb.c sms4_ofb.c sms4_ctr.c sms4_wrap.c sms4.c
LIBOBJ=sms4_cbc.o sms4_cfb.o sms4_ecb.o sms4_ofb.o sms4_ctr.o sms4_wrap.o sms4.o
SRC= $(LIBSRC)

2
crypto/sms4/sms4_ctr.c
View File

@@ -57,7 +57,7 @@ void sms4_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const sms4_key_t *key, unsigned char *iv,
unsigned char ecount_buf[SMS4_BLOCK_SIZE], unsigned int *num)
{
/* this should be replaced with a parallelized version */
/* TODO: this should be replaced with a parallelized version */
CRYPTO_ctr128_encrypt(in, out, len, key, iv, ecount_buf, num, (block128_f)sms4_encrypt);
}

2
crypto/sms4/sms4_wrap.c
View File

@@ -63,6 +63,6 @@ int sms4_wrap_key(sms4_key_t *key, const unsigned char *iv,
int sms4_unwrap_key(sms4_key_t *key, const unsigned char *iv,
unsigned char *out, const unsigned char *in, unsigned int inlen)
{
return CRYPTO_128_unwrap(key, iv, out, in, inlen, (block128_f)sms4_decrypt);
return CRYPTO_128_unwrap(key, iv, out, in, inlen, (block128_f)sms4_encrypt);
}

50
crypto/zuc/zuc.c
View File

@@ -1,7 +1,7 @@
#include "../byteorder.h"
#include "zuc.h"
static uint8_t S0[256] = {
0x3e,0x72,0x5b,0x47,0xca,0xe0,0x00,0x33,0x04,0xd1,0x54,0x98,0x09,0xb9,0x6d,0xcb,
0x7b,0x1b,0xf9,0x32,0xaf,0x9d,0x6a,0xa5,0xb8,0x2d,0xfc,0x1d,0x08,0x53,0x03,0x90,
@@ -52,6 +52,7 @@ static inline uint32_t AddM(uint32_t a, uint32_t b)
}
#define MulByPow2(x, k) ((((x) << k) | ((x) >> (31 - k))) & 0x7FFFFFFF)
static void LFSRWithInitialisationMode(ZUC_KEY *key, uint32_t u)
{
uint32_t f, v;
@@ -171,7 +172,6 @@ void ZUC_set_key(ZUC_KEY *key, const unsigned char *k, const unsigned char *iv)
{
uint32_t w, nCount;
/* expand key */
key->LFSR_S0 = MAKEU31(k[0], EK_d[0], iv[0]);
key->LFSR_S1 = MAKEU31(k[1], EK_d[1], iv[1]);
key->LFSR_S2 = MAKEU31(k[2], EK_d[2], iv[2]);
@@ -189,48 +189,46 @@ void ZUC_set_key(ZUC_KEY *key, const unsigned char *k, const unsigned char *iv)
key->LFSR_S14 = MAKEU31(k[14], EK_d[14], iv[14]);
key->LFSR_S15 = MAKEU31(k[15], EK_d[15], iv[15]);
/* set F_R1 and F_R2 to zero */
key->F_R1 = 0;
key->F_R2 = 0;
nCount = 32;
while (nCount > 0)
{
while (nCount > 0) {
BitReorganization(key);
w = F(key);
LFSRWithInitialisationMode(key, w >> 1);
nCount--;
}
/* set buffer */
key->buflen = 0;
BitReorganization(key);
F(key);
LFSRWithWorkMode(key);
}
void ZUC_encrypt(ZUC_KEY *key, size_t inlen, const unsigned char *in, unsigned char *out)
{
#if 0
int i;
uint32_t word;
if (key->buflen) {
int len = inlen < 4 - key->buflen ? inlen : 4 - key->buflen;
memcpy(key->buf + key->buflen, in, len);
inlen -= len;
if (key->buflen == 4) {
}
}
if (inlen < 4) {
/*
while (key->buf_index < 4 && inlen > 0) {
*out++ = *in++ ^ key->buf[key->buf_index++];
inlen--;
}
BitReorganization(key);
F(key); /* discard the output of F */
LFSRWithWorkMode(key);
for (i = 0; i < KeystreamLen; i ++)
{
while (inlen >= 4) {
BitReorganization(key);
pKeystream[i] = F(key) ^ key->BRC_X3;
word = le32_to_cpu((uint32_t *)in);
word ^= F(key) ^ key->BRC_X3;
*((uint32_t *)out) = cpu_to_le32(word);
LFSRWithWorkMode(key);
inlen -= 4;
}
#endif
while (inlen-- > 0) {
*out++ = *in++ ^ *buf++;
key->buflen--;
}
*/
}

2
crypto/zuc/zuc.h
View File

@@ -39,7 +39,7 @@ typedef struct {
/* word buffer */
unsigned char buf[4];
int buflen;
int buf_index;
} ZUC_KEY;

311
engines/e_skf.c
View File

@@ -11,7 +11,7 @@
#include <openssl/sm3.h>
#include <openssl/sms4.h>
#include <openssl/sm9.h>
#include "skf.h"
#include "skf/skf.h"
#include "e_skf_err.h"
static DEVHANDLE skf_dev_handle = NULL;
@@ -19,11 +19,29 @@ static HAPPLICATION skf_app_handle = NULL;
static HCONTAINER skf_container_handle = NULL;
static int skf_init(ENGINE *e);
static int skf_finish(ENGINE *e);
static int skf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
static int skf_destroy(ENGINE *e);
/*
1.
*/
#define SKF_CMD_LIST_DEVS ENGINE_CMD_BASE
static int skf_init(ENGINE *e)
{
ULONG rv;
ULONG len;
/*
BOOL bPresent = TRUE;
CHAR *devNameList = NULL;
LPSTR devName;
@@ -41,13 +59,14 @@ static int skf_init(ENGINE *e)
ULONG containerType;
if ((rv = SKF_EnumDev(bPresent, NULL, &len)) != SAR_OK) {
return -1;
SKFerr(SKF_F_SKF_INIT, skf_err2openssl(rv));
goto end;
}
if (!(devNameList = OPENSSL_malloc(len))) {
return -1;
goto end;
}
if ((rv = SKF_EnumDev(bPresent, devNameList, &len)) != SAR_OK) {
return -1;
goto end;
}
if (devNameList[0] = 0) {
return -1;
@@ -85,7 +104,6 @@ static int skf_init(ENGINE *e)
for (p = containerNameList; p; p += strlen(p)) {
// check container type
}
*/
return 0;
}
@@ -94,101 +112,154 @@ static int skf_finish(ENGINE *e)
return 0;
}
#if 0
void ENGINE_load_skf(void)
{
}
static int skf_bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, SKF_ENGINE_ID) ||
!ENGINE_set_name(e, SKF_ENGINE_NAME) ||
!ENGINE_set_init_function(e, skf_init) ||
!ENGINE_set_ciphers(e, skf_ciphers) ||
!ENGINE_set_RSA(e, SKF_get_rsa_method()) ||
!ENGINE_set_SM2(e, SKF_get_sm2_method()) ||
!ENGINE_set_RAND(e, skf_rand)) {
return 0;
}
return 1;
}
static ENGINE *ENGINE_skf(void)
{
ENGINE *eng = ENGINE_new();
if (!eng) {
return NULL;
}
if (!skf_bind_helper(eng)) {
ENGINE_free(eng);
return NULL;
}
return eng;
}
static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid)
{
if (!cipher) {
*nid = skf_cipher_nids;
return skf_num_cipher_nids;
}
switch (nid) {
case NID_ssf33_ecb:
*cipher = &skf_ssf33_ecb;
break;
default:
*cipher = NULL;
return 0;
}
return 1;
}
#endif
typedef struct {
HANDLE hKey;
} EVP_SKF_KEY;
#define SSF33_IV_LENGTH SSF33_BLOCK_SIZE
#define SM1_IV_LENGTH SM1_BLOCK_SIZE
#define SMS4_IV_LENGTH SMS4_BLOCK_SIZE
static int skf_ssf33_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
static int skf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
DEVHANDLE hDev = skf_dev_handle;
BYTE *pbKey = key;
ULONG ulAlgID = SGD_SSF33_ECB;
HANDLE *phKey;
EVP_SKF_KEY *dat = (EVP_SKF_KEY *)ctx->cipher_data;
ULONG ulAlgID;
if ((rv = SKF_SetSymmKey(hDev, pbKey, ulAlgID, (HANDLE *)ctx->cipher_data)) != SAR_OK) {
SKFerr(SKF_F_SKF_SSF33_INIT_KEY, 0);
switch (EVP_CIPHER_CTX_nid(ctx)) {
case NID_ssf33_ecb:
ulAlgID = SGD_SSF33_ECB;
break;
case NID_ssf33_cbc:
ulAlgID = SGD_SSF33_CBC;
break;
case NID_ssf33_cfb128:
ulAlgID = SGD_SSF33_CFB;
break;
case NID_ssf33_ofb128:
ulAlgID = SGD_SSF33_OFB;
break;
case NID_sm1_ecb:
ulAlgID = SGD_SM1_ECB;
break;
case NID_sm1_cbc:
ulAlgID = SGD_SM1_CBC;
break;
case NID_sm1_cfb128:
ulAlgID = SGD_SM1_CFB;
break;
case NID_sm1_ofb128:
ulAlgID = SGD_SM1_OFB;
break;
case NID_sms4_ecb:
ulAlgID = SGD_SM4_ECB;
break;
case NID_sms4_cbc:
ulAlgID = SGD_SM4_CBC;
break;
case NID_sms4_cfb128:
ulAlgID = SGD_SM4_CFB;
break;
case NID_sms4_ofb128:
ulAlgID = SGD_SM4_OFB;
break;
default:
OPENSSL_assert(0);
return 0;
}
if ((rv = SKF_SetSymmKey(skf_dev_handle, (BYTE *)key, ulAlgID,
&(dat->hKey))) != SAR_OK) {
SKFerr(SKF_F_SKF_INIT_KEY, 0);
return 0;
}
return 1;
}
static const EVP_CIPHER skf_ssf33_ecb = {
NID_ssf33_ecb,
SSF33_BLOCK_SIZE,
SSF33_KEY_LENGTH,
SSF33_IV_LENGTH,
0,
skf_ssf33_init_key,
skf_ssf33_ecb_cipher,
NULL,
sizeof(EVP_SMS4_CTX),
NULL,
NULL,
NULL,
NULL,
};
static int skf_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
ULONG rv;
EVP_SKF_KEY *dat = (EVP_SKF_KEY *)ctx->cipher_data;
BLOCKCIPHERPARAM param;
ULONG ulDataLen, ulEncryptedLen;
BYTE block[MAX_IV_LEN] = {0};
int i;
memcpy(&(param.IV), ctx->iv, ctx->cipher->block_size);
param.IVLen = ctx->cipher->block_size;
param.PaddingType = SKF_NO_PADDING;
param.FeedBitLen = 0;
if (ctx->encrypt) {
if ((rv = SKF_EncryptInit(dat->hKey, &param)) != SAR_OK) {
return 0;
}
} else {
if ((rv = SKF_DecryptInit(dat->hKey, &param)) != SAR_OK) {
return 0;
}
}
ulDataLen = len - len % ctx->cipher->block_size;
if (ctx->encrypt) {
if ((rv = SKF_EncryptUpdate(hKey, in, ulDataLen,
(BYTE *)out, &ulEncryptedLen)) != SAR_OK) {
return 0;
}
} else {
if ((rv = SKF_DecryptUpdate(hKey, in, ulDataLen,
(BYTE *)out, &ulEncryptedLen)) != SAR_OK) {
return 0;
}
}
in += ulDataLen;
out += ulEncryptedLen;
memcpy(block, in, len - ulDataLen);
if (ctx->encrypt) {
if ((rv = SKF_EncryptUpdate(hKey, block, ctx->cipher->block_size,
out, &ulEncryptedLen)) != SAR_OK) {
return 0;
}
} else {
}
return 1;
}
#define BLOCK_CIPHER_generic(cipher,mode,MODE) \
static const EVP_CIPHER skf_##cipher##_##mode = { \
NID_##cipher##_##mode, \
16,16,16, \
EVP_CIPH_##MODE##_MODE, \
skf_init_key, \
skf_cipher, \
NULL, \
sizeof(EVP_SKF_KEY), \
NULL,NULL,NULL,NULL };
BLOCK_CIPHER_generic(ssf33,ecb,ECB)
BLOCK_CIPHER_generic(ssf33,cbc,CBC)
BLOCK_CIPHER_generic(ssf33,cfb,CFB)
BLOCK_CIPHER_generic(ssf33,ofb,OFB)
BLOCK_CIPHER_generic(sm1,ecb,ECB)
BLOCK_CIPHER_generic(sm1,cbc,CBC)
BLOCK_CIPHER_generic(sm1,cfb,CFB)
BLOCK_CIPHER_generic(sm1,ofb,OFB)
BLOCK_CIPHER_generic(sm4,ecb,ECB)
BLOCK_CIPHER_generic(sm4,cbc,CBC)
BLOCK_CIPHER_generic(sm4,cfb,CFB)
BLOCK_CIPHER_generic(sm4,ofb,OFB)
static int skf_cipher_nids[] = {
NID_ssf33_ecb,
@@ -206,7 +277,6 @@ static int skf_cipher_nids[] = {
};
static int skf_num_ciphers = sizeof(skf_cipher_nids)/sizeof(skf_cipher_nids[0]);
static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
{
if (!cipher) {
@@ -263,19 +333,12 @@ static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, i
return 1;
}
int skf_err2openssl(ULONG rv)
{
return 0;
}
/* RAND_METHOD */
int skf_rand_bytes(unsigned char *buf, int num)
{
ULONG rv;
if ((rv = SKF_GenRandom(skf_dev_handle, buf, num)) != SAR_OK) {
if ((rv = SKF_GenRandom(skf_dev_handle, buf, (ULONG)num)) != SAR_OK) {
SKFerr(SKF_F_SKF_RAND_BYTES, skf_err2openssl(rv));
return 0;
}
@@ -292,7 +355,6 @@ static RAND_METHOD skf_rand = {
NULL,
};
/* EVP_MD */
static int skf_sm3_init(EVP_MD_CTX *ctx)
{
@@ -380,7 +442,54 @@ static int skf_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int n
return 1;
}
/* Dynamic ENGINE */
static RSA_METHOD skf_rsa = {
"SKF RSA method",
skf_rsa_pub_enc,
NULL,
NULL,
skf_rsa_priv_dec,
NULL,
NULL,
NULL,
NULL,
RSA_FLAG_SIGN_VER,
NULL,
skf_rsa_sign,
skf_rsa_verify,
NULL
};
#ifdef OPENSSL_NO_DYNAMIC_ENGINE
static ENGINE *engine_skf(void)
{
ENGINE *ret = ENGINE_new();
if (!ret) {
return NULL;
}
if (!bind_helper(ret)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
void ENGINE_load_4758cca(void)
{
ENGINE *e_skf = engine_skf();
if (!e_skf) {
return;
}
ENGINE_add(e_skf);
ENGINE_free(e_skf);
ERR_clear_error();
}
#endif
static const char *engine_skf_id = "SKF";
static const char *engine_skf_name = "SKF API Hardware Engine";
@@ -394,7 +503,7 @@ static int bind(ENGINE *e, const char *id)
if (!ENGINE_set_id(e, engine_skf_id) ||
!ENGINE_set_name(e, engine_skf_name) ||
!ENGINE_set_digests(e, skf_digests) ||
//!ENGINE_set_ciphers(e, skf_ciphers) ||
!ENGINE_set_ciphers(e, skf_ciphers) ||
!ENGINE_set_RAND(e, &skf_random)) {
return 0;
}

99
engines/e_skf_err.c
View File

@@ -1,4 +1,85 @@
#include "smapi_err.h"
#include "skf/skf.h"
static ERR_STRING_DATA SKF_str_functs[] = {
{ERR_FUNC(SKF_F_SKF_INIT_KEY), "SKF_INIT_KEY"},
{ERR_FUNC(SKF_F_SKF_CIPHER), "SKF_CIPHER"},
{ERR_FUNC(SKF_F_SKF_INIT), "SKF_INIT"},
{ERR_FUNC(SKF_F_SKF_CTRL), "SKF_CTRL"},
{ERR_FUNC(SKF_F_SKF_FINISH), "SKF_FINISH"},
{0, NULL}
};
static ERR_STRING_DATA SKF_str_reasons[] = {
{ERR_REASON(SKF_F_OK), ok"},
{0, NULL}
};
int skf_err2openssl(int err)
{
switch (err) {
case SAR_OK:
return SKF_R_SAR_OK;
case SAR_FAIL:
return SKF_R_SAR_FAIL;
case SAR_UNKNOWNERR:
case SAR_NOTSUPPORTYETERR:
case SAR_FILEERR:
case SAR_INVALIDHANDLEERR:
case SAR_INVALIDPARAMERR:
case SAR_READFILEERR:
case SAR_WRITEFILEERR:
case SAR_NAMELENERR:
case SAR_KEYUSAGEERR:
case SAR_MODULUSLENERR:
case SAR_NOTINITIALIZEERR:
case SAR_OBJERR:
case SAR_MEMORYERR:
case SAR_TIMEOUTERR:
case SAR_INDATALENERR
case SAR_INDATAERR
case SAR_GENRANDERR
case SAR_HASHOBJERR
case SAR_HASHERR
case SAR_GENRSAKEYERR
case SAR_RSAMODULUSLENERR
case SAR_CSPIMPRTPUBKEYERR
case SAR_RSAENCERR
case SAR_RSADECERR
case SAR_HASHNOTEQUALERR
case SAR_KEYNOTFOUNTERR
case SAR_CERTNOTFOUNTERR
case SAR_NOTEXPORTERR
case SAR_DECRYPTPADERR
case SAR_MACLENERR
case SAR_BUFFER_TOO_SMALL
case SAR_KEYINFOTYPEERR
case SAR_NOT_EVENTERR
case SAR_DEVICE_REMOVED
case SAR_PIN_INCORRECT
case SAR_PIN_LOCKED
case SAR_PIN_INVALID
case SAR_PIN_LEN_RANGE
case SAR_USER_ALREADY_LOGGED_IN
case SAR_USER_PIN_NOT_INITIALIZED
case SAR_USER_TYPE_INVALID
case SAR_APPLICATION_NAME_INVALID
case SAR_APPLICATION_EXISTS
case SAR_USER_NOT_LOGGED_IN
case SAR_APPLICATION_NOT_EXISTS
case SAR_FILE_ALREADY_EXIST
case SAR_NO_ROOM
case SAR_FILE_NOT_EXIST
}
typedef struct {
int err_no;
@@ -56,24 +137,10 @@ typedef struct {
{ SAR_FILE_NOT_EXIST, "File not exist" }
};
typedef struct {
uint32_t alg_id;
char *alg_name;
} smapi_algid[] = {
{ SGD_RSA, "RSA" },
{ SGD_RSA | SGD_SHA1, "RSA-with-SHA1" },
};
LPSTR DEVAPI SKF_GetErrorString(ULONG ulError)
{
/*
* TODO: check smapi_errstr[] and return the error string
* if error number not exist, return NULL;
*/
return NULL;
}
LPSTR DEVAPI SKF_GetAlgorString(ULONG ulAlgId)
{
return NULL;
}

60
engines/skf/skf.h
View File

@@ -1,3 +1,54 @@
/* ====================================================================
* Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_SKF_H
#define HEADER_SKF_H
@@ -171,6 +222,9 @@ typedef struct Struct_ECCSIGNATUREBLOB {
BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8];
} ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB;
#define SKF_NO_PADDING 0
#define SKF_PKCS5_PADDING 1
typedef struct Struct_BLOCKCIPHERPARAM {
BYTE IV[MAX_IV_LEN];
ULONG IVLen;
@@ -225,7 +279,11 @@ ULONG DEVAPI SKF_ChangeDevAuthKey(DEVHANDLE hDev,
ULONG DEVAPI SKF_DevAuth(DEVHANDLE hDev,
BYTE *pbAuthData,
ULONG ulLen);
ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication, ULONG ulPINType, LPSTR szOldPin, LPSTR szNewPin, ULONG *pulRetryCount);
ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szOldPin,
LPSTR szNewPin,
ULONG *pulRetryCount);
LONG DEVAPI SKF_GetPINInfo(HAPPLICATION hApplication,
ULONG ulPINType,
ULONG *pulMaxRetryCount,

36
ssl/gm_srvr.c
View File

@@ -74,6 +74,40 @@ IMPLEMENT_gmssl_meth_func(GMSSL1_1_VERSION, GMSSLv1_1_server_method,
int gm1_send_server_certificate(SSL *s)
{
return 0;
CERT_PKEY *cpk;
if (s->state == SSL3_ST_SW_CERT_A) {
cpk = ssl_get_server_send_pkey(s);
if (cpk == NULL) {
/* VRS: allow null cert if auth == KRB5 */
if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return (0);
}
}
if (!ssl3_output_cert_chain(s, cpk)) {
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
s->state = SSL_ST_ERR;
return (0);
}
s->state = SSL3_ST_SW_CERT_B;
}
/* SSL3_ST_SW_CERT_B */
return ssl_do_write(s);
}
/*
s3_srvr.c:s3_send_server_certificate
ssl_get_server_send_pkey
ssl3_output_cert_chain
ssl_add_cert_chain
ssl_set_handshake_header
ssl_do_write
*/