diff --git a/crypto/sm3/byteorder.h b/crypto/byteorder.h similarity index 69% rename from crypto/sm3/byteorder.h rename to crypto/byteorder.h index 3b994b77..c03d2c00 100644 --- a/crypto/sm3/byteorder.h +++ b/crypto/byteorder.h @@ -1,5 +1,5 @@ -#ifndef ZCRYPT_BYTEORDER_H -#define ZCRYPT_BYTEORDER_H +#ifndef HEADER_BYTEORDER_H +#define HEADER_BYTEORDER_H #ifdef CPU_BIGENDIAN @@ -11,6 +11,11 @@ #else +#define cpu_to_le16(v) (v) +#define cpu_to_le32(v) (v) +#define le16_to_cpu(v) (v) +#define le32_to_cpu(v) (v) + #define cpu_to_be16(v) (((v)<< 8) | ((v)>>8)) #define cpu_to_be32(v) (((v)>>24) | (((v)>>8)&0xff00) | (((v)<<8)&0xff0000) | ((v)<<24)) #define be16_to_cpu(v) cpu_to_be16(v) diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index d7947529..1c19bf22 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -1223,13 +1223,13 @@ void ERR_load_EC_strings(void); # define EC_F_PKEY_EC_PARAMGEN 219 # define EC_F_PKEY_EC_SIGN 218 -#ifndef OPENSSL_NO_GMSSL -#define EC_F_PKEY_EC_ENCRYPT 300 -#define EC_F_PKEY_EC_DECRYPT 301 -#define EC_F_PKEY_SM2_SIGN 302 -#define EC_F_PKEY_SM2_ENCRYPT 303 -#define EC_F_PKEY_SM2_DECRYPT 304 -#endif +# ifndef OPENSSL_NO_GMSSL +# define EC_F_PKEY_EC_ENCRYPT 300 +# define EC_F_PKEY_EC_DECRYPT 301 +# define EC_F_PKEY_SM2_SIGN 302 +# define EC_F_PKEY_SM2_ENCRYPT 303 +# define EC_F_PKEY_SM2_DECRYPT 304 +# endif /* Reason codes. */ # define EC_R_ASN1_ERROR 115 diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index 195a3a95..308a7140 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -113,6 +113,9 @@ void ENGINE_load_builtin_engines(void) # ifndef OPENSSL_NO_GOST ENGINE_load_gost(); # endif +# ifndef OPENSSL_NO_SKF + //ENGINE_load_skf(); +# endif # ifndef OPENSSL_NO_GMP ENGINE_load_gmp(); # endif diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index bd7b5914..1eb10ea3 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -411,6 +411,9 @@ void ENGINE_load_gmp(void); # ifndef OPENSSL_NO_GOST void ENGINE_load_gost(void); # endif +# ifndef OPENSSL_NO_SKF +void ENGINE_load_skf(void); +# endif # endif void ENGINE_load_cryptodev(void); void ENGINE_load_rdrand(void); diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index ff9a56df..ed8c9013 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -164,12 +164,15 @@ void OpenSSL_add_all_ciphers(void) #endif #ifndef OPENSSL_NO_SMS4 - EVP_add_cipher(EVP_sms4_ecb()); - EVP_add_cipher(EVP_sms4_cbc()); - EVP_add_cipher(EVP_sms4_ofb()); - EVP_add_cipher(EVP_sms4_cfb128()); - EVP_add_cipher_alias(SN_sms4_cbc,"SMS4"); - EVP_add_cipher_alias(SN_sms4_cbc,"sms4"); + EVP_add_cipher(EVP_sms4_ecb()); + EVP_add_cipher(EVP_sms4_cbc()); + EVP_add_cipher(EVP_sms4_cfb()); + EVP_add_cipher(EVP_sms4_cfb1()); + EVP_add_cipher(EVP_sms4_cfb8()); + EVP_add_cipher(EVP_sms4_ofb()); + EVP_add_cipher(EVP_sms4_ctr()); + EVP_add_cipher_alias(SN_sms4_cbc,"SMS4"); + EVP_add_cipher_alias(SN_sms4_cbc,"sms4"); #endif #ifndef OPENSSL_NO_ZUC diff --git a/crypto/evp/e_seed.s b/crypto/evp/e_seed.s new file mode 100644 index 00000000..20091896 --- /dev/null +++ b/crypto/evp/e_seed.s @@ -0,0 +1,472 @@ + .section __TEXT,__text,regular,pure_instructions + .macosx_version_min 10, 10 + .globl _EVP_seed_cbc + .align 4, 0x90 +_EVP_seed_cbc: ## @EVP_seed_cbc + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp0: + .cfi_def_cfa_offset 16 +Ltmp1: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp2: + .cfi_def_cfa_register %rbp + leaq _seed_cbc(%rip), %rax + popq %rbp + retq + .cfi_endproc + + .globl _EVP_seed_cfb128 + .align 4, 0x90 +_EVP_seed_cfb128: ## @EVP_seed_cfb128 + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp3: + .cfi_def_cfa_offset 16 +Ltmp4: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp5: + .cfi_def_cfa_register %rbp + leaq _seed_cfb128(%rip), %rax + popq %rbp + retq + .cfi_endproc + + .globl _EVP_seed_ofb + .align 4, 0x90 +_EVP_seed_ofb: ## @EVP_seed_ofb + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp6: + .cfi_def_cfa_offset 16 +Ltmp7: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp8: + .cfi_def_cfa_register %rbp + leaq _seed_ofb(%rip), %rax + popq %rbp + retq + .cfi_endproc + + .globl _EVP_seed_ecb + .align 4, 0x90 +_EVP_seed_ecb: ## @EVP_seed_ecb + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp9: + .cfi_def_cfa_offset 16 +Ltmp10: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp11: + .cfi_def_cfa_register %rbp + leaq _seed_ecb(%rip), %rax + popq %rbp + retq + .cfi_endproc + + .align 4, 0x90 +_seed_init_key: ## @seed_init_key + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp12: + .cfi_def_cfa_offset 16 +Ltmp13: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp14: + .cfi_def_cfa_register %rbp + subq $32, %rsp + movq %rdi, -8(%rbp) + movq %rsi, -16(%rbp) + movq %rdx, -24(%rbp) + movl %ecx, -28(%rbp) + movq -16(%rbp), %rdi + movq -8(%rbp), %rdx + movq 120(%rdx), %rdx + movq %rdx, %rsi + callq _SEED_set_key + movl $1, %eax + addq $32, %rsp + popq %rbp + retq + .cfi_endproc + + .align 4, 0x90 +_seed_cbc_cipher: ## @seed_cbc_cipher + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp15: + .cfi_def_cfa_offset 16 +Ltmp16: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp17: + .cfi_def_cfa_register %rbp + subq $48, %rsp + movq %rdi, -8(%rbp) + movq %rsi, -16(%rbp) + movq %rdx, -24(%rbp) + movq %rcx, -32(%rbp) +LBB5_1: ## =>This Inner Loop Header: Depth=1 + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + cmpq %rax, -32(%rbp) + jb LBB5_3 +## BB#2: ## in Loop: Header=BB5_1 Depth=1 + movabsq $4611686018427387904, %rdx ## imm = 0x4000000000000000 + movq -24(%rbp), %rdi + movq -16(%rbp), %rsi + movq -8(%rbp), %rax + movq 120(%rax), %rax + movq -8(%rbp), %rcx + addq $40, %rcx + movq -8(%rbp), %r8 + movl 16(%r8), %r9d + movq %rcx, -40(%rbp) ## 8-byte Spill + movq %rax, %rcx + movq -40(%rbp), %r8 ## 8-byte Reload + callq _SEED_cbc_encrypt + movq -32(%rbp), %rax + movabsq $4611686018427387904, %rcx ## imm = 0x4000000000000000 + subq %rcx, %rax + movq %rax, -32(%rbp) + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + addq -24(%rbp), %rax + movq %rax, -24(%rbp) + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + addq -16(%rbp), %rax + movq %rax, -16(%rbp) + jmp LBB5_1 +LBB5_3: + cmpq $0, -32(%rbp) + je LBB5_5 +## BB#4: + movq -24(%rbp), %rdi + movq -16(%rbp), %rsi + movq -32(%rbp), %rdx + movq -8(%rbp), %rax + movq 120(%rax), %rax + movq -8(%rbp), %rcx + addq $40, %rcx + movq -8(%rbp), %r8 + movl 16(%r8), %r9d + movq %rcx, -48(%rbp) ## 8-byte Spill + movq %rax, %rcx + movq -48(%rbp), %r8 ## 8-byte Reload + callq _SEED_cbc_encrypt +LBB5_5: + movl $1, %eax + addq $48, %rsp + popq %rbp + retq + .cfi_endproc + + .align 4, 0x90 +_seed_cfb128_cipher: ## @seed_cfb128_cipher + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp18: + .cfi_def_cfa_offset 16 +Ltmp19: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp20: + .cfi_def_cfa_register %rbp + subq $80, %rsp + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + movq %rdi, -8(%rbp) + movq %rsi, -16(%rbp) + movq %rdx, -24(%rbp) + movq %rcx, -32(%rbp) + movq %rax, -40(%rbp) + movq -32(%rbp), %rax + cmpq -40(%rbp), %rax + jae LBB6_2 +## BB#1: + movq -32(%rbp), %rax + movq %rax, -40(%rbp) +LBB6_2: + jmp LBB6_3 +LBB6_3: ## =>This Inner Loop Header: Depth=1 + xorl %eax, %eax + movb %al, %cl + cmpq $0, -32(%rbp) + movb %cl, -41(%rbp) ## 1-byte Spill + je LBB6_5 +## BB#4: ## in Loop: Header=BB6_3 Depth=1 + movq -32(%rbp), %rax + cmpq -40(%rbp), %rax + setae %cl + movb %cl, -41(%rbp) ## 1-byte Spill +LBB6_5: ## in Loop: Header=BB6_3 Depth=1 + movb -41(%rbp), %al ## 1-byte Reload + testb $1, %al + jne LBB6_6 + jmp LBB6_9 +LBB6_6: ## in Loop: Header=BB6_3 Depth=1 + movq -24(%rbp), %rdi + movq -16(%rbp), %rsi + movq -32(%rbp), %rdx + movq -8(%rbp), %rax + movq 120(%rax), %rax + movq -8(%rbp), %rcx + addq $40, %rcx + movq -8(%rbp), %r8 + addq $88, %r8 + movq -8(%rbp), %r9 + movl 16(%r9), %r10d + movq %rcx, -56(%rbp) ## 8-byte Spill + movq %rax, %rcx + movq -56(%rbp), %rax ## 8-byte Reload + movq %r8, -64(%rbp) ## 8-byte Spill + movq %rax, %r8 + movq -64(%rbp), %r9 ## 8-byte Reload + movl %r10d, (%rsp) + callq _SEED_cfb128_encrypt + movq -40(%rbp), %rax + movq -32(%rbp), %rcx + subq %rax, %rcx + movq %rcx, -32(%rbp) + movq -40(%rbp), %rax + addq -24(%rbp), %rax + movq %rax, -24(%rbp) + movq -40(%rbp), %rax + addq -16(%rbp), %rax + movq %rax, -16(%rbp) + movq -32(%rbp), %rax + cmpq -40(%rbp), %rax + jae LBB6_8 +## BB#7: ## in Loop: Header=BB6_3 Depth=1 + movq -32(%rbp), %rax + movq %rax, -40(%rbp) +LBB6_8: ## in Loop: Header=BB6_3 Depth=1 + jmp LBB6_3 +LBB6_9: + movl $1, %eax + addq $80, %rsp + popq %rbp + retq + .cfi_endproc + + .align 4, 0x90 +_seed_ofb_cipher: ## @seed_ofb_cipher + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp21: + .cfi_def_cfa_offset 16 +Ltmp22: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp23: + .cfi_def_cfa_register %rbp + subq $64, %rsp + movq %rdi, -8(%rbp) + movq %rsi, -16(%rbp) + movq %rdx, -24(%rbp) + movq %rcx, -32(%rbp) +LBB7_1: ## =>This Inner Loop Header: Depth=1 + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + cmpq %rax, -32(%rbp) + jb LBB7_3 +## BB#2: ## in Loop: Header=BB7_1 Depth=1 + movabsq $4611686018427387904, %rdx ## imm = 0x4000000000000000 + movq -24(%rbp), %rdi + movq -16(%rbp), %rsi + movq -8(%rbp), %rax + movq 120(%rax), %rax + movq -8(%rbp), %rcx + addq $40, %rcx + movq -8(%rbp), %r8 + addq $88, %r8 + movq %rcx, -40(%rbp) ## 8-byte Spill + movq %rax, %rcx + movq -40(%rbp), %rax ## 8-byte Reload + movq %r8, -48(%rbp) ## 8-byte Spill + movq %rax, %r8 + movq -48(%rbp), %r9 ## 8-byte Reload + callq _SEED_ofb128_encrypt + movq -32(%rbp), %rax + movabsq $4611686018427387904, %rcx ## imm = 0x4000000000000000 + subq %rcx, %rax + movq %rax, -32(%rbp) + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + addq -24(%rbp), %rax + movq %rax, -24(%rbp) + movabsq $4611686018427387904, %rax ## imm = 0x4000000000000000 + addq -16(%rbp), %rax + movq %rax, -16(%rbp) + jmp LBB7_1 +LBB7_3: + cmpq $0, -32(%rbp) + je LBB7_5 +## BB#4: + movq -24(%rbp), %rdi + movq -16(%rbp), %rsi + movq -32(%rbp), %rdx + movq -8(%rbp), %rax + movq 120(%rax), %rax + movq -8(%rbp), %rcx + addq $40, %rcx + movq -8(%rbp), %r8 + addq $88, %r8 + movq %rcx, -56(%rbp) ## 8-byte Spill + movq %rax, %rcx + movq -56(%rbp), %rax ## 8-byte Reload + movq %r8, -64(%rbp) ## 8-byte Spill + movq %rax, %r8 + movq -64(%rbp), %r9 ## 8-byte Reload + callq _SEED_ofb128_encrypt +LBB7_5: + movl $1, %eax + addq $64, %rsp + popq %rbp + retq + .cfi_endproc + + .align 4, 0x90 +_seed_ecb_cipher: ## @seed_ecb_cipher + .cfi_startproc +## BB#0: + pushq %rbp +Ltmp24: + .cfi_def_cfa_offset 16 +Ltmp25: + .cfi_offset %rbp, -16 + movq %rsp, %rbp +Ltmp26: + .cfi_def_cfa_register %rbp + subq $64, %rsp + movq %rdi, -16(%rbp) + movq %rsi, -24(%rbp) + movq %rdx, -32(%rbp) + movq %rcx, -40(%rbp) + movq -16(%rbp), %rcx + movq (%rcx), %rcx + movslq 4(%rcx), %rcx + movq %rcx, -56(%rbp) + movq -40(%rbp), %rcx + cmpq -56(%rbp), %rcx + jae LBB8_2 +## BB#1: + movl $1, -4(%rbp) + jmp LBB8_7 +LBB8_2: + movq -56(%rbp), %rax + movq -40(%rbp), %rcx + subq %rax, %rcx + movq %rcx, -40(%rbp) + movq $0, -48(%rbp) +LBB8_3: ## =>This Inner Loop Header: Depth=1 + movq -48(%rbp), %rax + cmpq -40(%rbp), %rax + ja LBB8_6 +## BB#4: ## in Loop: Header=BB8_3 Depth=1 + movq -32(%rbp), %rax + addq -48(%rbp), %rax + movq -24(%rbp), %rcx + addq -48(%rbp), %rcx + movq -16(%rbp), %rdx + movq 120(%rdx), %rdx + movq -16(%rbp), %rsi + movl 16(%rsi), %edi + movl %edi, -60(%rbp) ## 4-byte Spill + movq %rax, %rdi + movq %rcx, %rsi + movl -60(%rbp), %ecx ## 4-byte Reload + callq _SEED_ecb_encrypt +## BB#5: ## in Loop: Header=BB8_3 Depth=1 + movq -56(%rbp), %rax + addq -48(%rbp), %rax + movq %rax, -48(%rbp) + jmp LBB8_3 +LBB8_6: + movl $1, -4(%rbp) +LBB8_7: + movl -4(%rbp), %eax + addq $64, %rsp + popq %rbp + retq + .cfi_endproc + + .section __DATA,__const + .align 3 ## @seed_cbc +_seed_cbc: + .long 777 ## 0x309 + .long 16 ## 0x10 + .long 16 ## 0x10 + .long 16 ## 0x10 + .quad 2 ## 0x2 + .quad _seed_init_key + .quad _seed_cbc_cipher + .quad 0 + .long 128 ## 0x80 + .space 4 + .quad 0 + .quad 0 + .quad 0 + .quad 0 + + .align 3 ## @seed_cfb128 +_seed_cfb128: + .long 779 ## 0x30b + .long 1 ## 0x1 + .long 16 ## 0x10 + .long 16 ## 0x10 + .quad 3 ## 0x3 + .quad _seed_init_key + .quad _seed_cfb128_cipher + .quad 0 + .long 128 ## 0x80 + .space 4 + .quad 0 + .quad 0 + .quad 0 + .quad 0 + + .align 3 ## @seed_ofb +_seed_ofb: + .long 778 ## 0x30a + .long 1 ## 0x1 + .long 16 ## 0x10 + .long 16 ## 0x10 + .quad 4 ## 0x4 + .quad _seed_init_key + .quad _seed_ofb_cipher + .quad 0 + .long 128 ## 0x80 + .space 4 + .quad 0 + .quad 0 + .quad 0 + .quad 0 + + .align 3 ## @seed_ecb +_seed_ecb: + .long 776 ## 0x308 + .long 16 ## 0x10 + .long 16 ## 0x10 + .long 0 ## 0x0 + .quad 1 ## 0x1 + .quad _seed_init_key + .quad _seed_ecb_cipher + .quad 0 + .long 128 ## 0x80 + .space 4 + .quad 0 + .quad 0 + .quad 0 + .quad 0 + + +.subsections_via_symbols diff --git a/crypto/evp/e_sms4.c b/crypto/evp/e_sms4.c index 0df98a7f..d1f0bad1 100644 --- a/crypto/evp/e_sms4.c +++ b/crypto/evp/e_sms4.c @@ -1,14 +1,66 @@ /* crypto/evp/e_sms4.c */ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + + #include #include "cryptlib.h" #ifndef OPENSSL_NO_SMS4 #include #include +#include #include "evp_locl.h" +#include "modes_lcl.h" #include - #define SMS4_IV_LENGTH SMS4_BLOCK_SIZE typedef struct { @@ -37,16 +89,96 @@ IMPLEMENT_BLOCK_CIPHER(sms4, ks, sms4, EVP_SMS4_KEY, NID_sms4, SMS4_BLOCK_SIZE, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, 128, 0, sms4_init_key, NULL, NULL, NULL, NULL) -#if 0 -static int sms4_ctr_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, - const unsigned char *in, size_t inlen) +# define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) + +static int sms4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + EVP_SMS4_KEY *sms4_key = (EVP_SMS4_KEY *)ctx->cipher_data; + + if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) { + CRYPTO_cfb128_1_encrypt(in, out, len, &sms4_key->ks, + ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt); + return 1; + } + + while (len >= MAXBITCHUNK) { + CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &sms4_key->ks, + ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt); + len -= MAXBITCHUNK; + } + + if (len) { + CRYPTO_cfb128_1_encrypt(in, out, len * 8, &sms4_key->ks, + ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt); + } + + return 1; +} + +const EVP_CIPHER sms4_cfb1 = { + NID_sms4_cfb1, + SMS4_BLOCK_SIZE, + SMS4_KEY_LENGTH, + SMS4_IV_LENGTH, + EVP_CIPH_CTR_MODE, + sms4_init_key, + sms4_cfb1_cipher, + NULL, /* cleanup() */ + sizeof(EVP_SMS4_KEY), + NULL, /* set_asn1_parameters() */ + NULL, /* get_asn1_parameters() */ + NULL, /* ctrl() */ + NULL /* app_data */ +}; + +const EVP_CIPHER *EVP_sms4_cfb1(void) +{ + return &sms4_cfb1; +} + +static int sms4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + EVP_SMS4_KEY *sms4_key = (EVP_SMS4_KEY *)ctx->cipher_data; + + CRYPTO_cfb128_8_encrypt(in, out, len, &sms4_key->ks, + ctx->iv, &ctx->num, ctx->encrypt, (block128_f)sms4_encrypt); + + return 1; +} + + +const EVP_CIPHER sms4_cfb8 = { + NID_sms4_cfb8, + SMS4_BLOCK_SIZE, + SMS4_KEY_LENGTH, + SMS4_IV_LENGTH, + EVP_CIPH_CTR_MODE, + sms4_init_key, + sms4_cfb8_cipher, + NULL, + sizeof(EVP_SMS4_KEY), + NULL, + NULL, + NULL, + NULL, +}; + +const EVP_CIPHER *EVP_sms4_cfb8(void) +{ + return &sms4_cfb8; +} + +static int sms4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) { unsigned int num = ctx->num; EVP_SMS4_KEY *sms4 = (EVP_SMS4_KEY *)ctx->cipher_data; - CRYPTO_ctr128_encrypt_ctr32(in, out, inlen, &sms4->ks, ctx->iv, ctx->buf, - &num, sms4_ctr_encrypt); + CRYPTO_ctr128_encrypt_ctr32(in, out, len, &sms4->ks, ctx->iv, ctx->buf, + &num, sms4_ctr128_encrypt); ctx->num = (size_t)num; return 1; @@ -57,11 +189,11 @@ const EVP_CIPHER sms4_ctr = { SMS4_BLOCK_SIZE, SMS4_KEY_LENGTH, SMS4_IV_LENGTH, - 0, + EVP_CIPH_CTR_MODE, sms4_init_key, sms4_ctr_cipher, NULL, /* cleanup() */ - sizeof(EVP_SMS4_CTX), + sizeof(EVP_SMS4_KEY), NULL, /* set_asn1_parameters() */ NULL, /* get_asn1_parameters() */ NULL, /* ctrl() */ @@ -73,40 +205,7 @@ const EVP_CIPHER *EVP_sms4_ctr(void) return &sms4_ctr; } -static int sms4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - - int mode; - - mode = ctx->cipher->flags & EVP_CIPH_MODE; - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) { - ret = sms4_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data); - sms4->block = (block128_f)sms4_decrypt; - sms4->stream.cbc = (mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)sms4_cbc_encrypt : NULL); - } else { - ret = sms4_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data); - sms4->block = (block128_f)sms4_encrypt; - - if (mode == EVP_CIPH_CBC_MODE) { - sms4->stream.cbc = (cbc128_f)sms4_cbc_encrypt; - } else if (mode == EVP_CIPH_CTR_MODE) { - sms4->stream.ctr = (ctr128_f)sms4_ctr32_encrypt_blocks; - } else { - sms4->stream.cbc = NULL; - } - } - - if (ret < 0) { - return 0; - } - - return 1; -} - - - +#if 0 typedef struct { sms4_key_t ks; @@ -121,9 +220,6 @@ typedef struct { } EVP_SMS4_GCM_CTX; - - - static int sms4_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) { @@ -145,11 +241,6 @@ static int sms4_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) } - - - - - typedef struct { union { double align; diff --git a/crypto/evp/e_sms4_cbc_hmac_sm3.c b/crypto/evp/e_sms4_cbc_hmac_sm3.c new file mode 100644 index 00000000..e69de29b diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 5701ec11..3608f567 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -847,8 +847,11 @@ const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); #ifndef OPENSSL_NO_SMS4 const EVP_CIPHER *EVP_sms4_ecb(void); const EVP_CIPHER *EVP_sms4_cbc(void); +const EVP_CIPHER *EVP_sms4_cfb1(void); +const EVP_CIPHER *EVP_sms4_cfb8(void); const EVP_CIPHER *EVP_sms4_cfb128(void); -const EVP_CIPHER *EVP_sms4_ofb128(void); +#define EVP_sms4_cfb EVP_sms4_cfb128 +const EVP_CIPHER *EVP_sms4_ofb(void); const EVP_CIPHER *EVP_sms4_ctr(void); const EVP_CIPHER *EVP_sms4_ccm(void); const EVP_CIPHER *EVP_sms4_gcm(void); @@ -856,8 +859,8 @@ const EVP_CIPHER *EVP_sms4_xts(void); const EVP_CIPHER *EVP_sms4_wrap(void); #define EVP_sm4_ecb EVP_sms4_ecb #define EVP_sm4_cbc EVP_sms4_cbc -#define EVP_sm4_cfb128 EVP_sms4_cfb128 -#define EVP_sm4_ofb128 EVP_sms4_ofb128 +#define EVP_sm4_cfb EVP_sms4_cfb +#define EVP_sm4_ofb EVP_sms4_ofb #endif #ifndef OPENSSL_NO_ZUC const EVP_CIPHER *EVP_zuc(void); diff --git a/crypto/evp/m_sm3.c b/crypto/evp/m_sm3.c index 5b335ebc..d388b6c7 100644 --- a/crypto/evp/m_sm3.c +++ b/crypto/evp/m_sm3.c @@ -1,3 +1,54 @@ +/* crypto/sms4/sms4.h */ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + #include #include "cryptlib.h" diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index bfed1dba..46a95b63 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1031 -#define NUM_SN 1009 -#define NUM_LN 1009 -#define NUM_OBJ 947 +#define NUM_NID 1033 +#define NUM_SN 1011 +#define NUM_LN 1011 +#define NUM_OBJ 949 -static const unsigned char lvalues[6667]={ +static const unsigned char lvalues[6683]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1003,12 +1003,14 @@ static const unsigned char lvalues[6667]={ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x01, /* [6594] OBJ_ssf33_ecb */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x02, /* [6602] OBJ_ssf33_cbc */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x03, /* [6610] OBJ_ssf33_ofb128 */ -0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x04, /* [6618] OBJ_ssf33_cfb128 */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x67,0x04, /* [6618] OBJ_ssf33_cfb128 */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2E, /* [6626] OBJ_id_sm9PublicKey */ -0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x05, /* [6634] OBJ_sms4_ctr */ -0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x06, /* [6642] OBJ_sms4_gcm */ -0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x07, /* [6650] OBJ_sms4_ccm */ -0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x08, /* [6658] OBJ_sms4_xts */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x07, /* [6634] OBJ_sms4_ctr */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x08, /* [6642] OBJ_sms4_gcm */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x09, /* [6650] OBJ_sms4_ccm */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x0A, /* [6658] OBJ_sms4_xts */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x05, /* [6666] OBJ_sms4_cfb1 */ +0x2A,0x81,0x1C,0xCF,0x55,0x01,0x68,0x06, /* [6674] OBJ_sms4_cfb8 */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2663,6 +2665,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"SMS4-CCM","sms4-ccm",NID_sms4_ccm,8,&(lvalues[6650]),0}, {"SMS4-XTS","sms4-xts",NID_sms4_xts,8,&(lvalues[6658]),0}, {"SM1-CFB","sm1-cfb",NID_sm1_cfb,0,NULL,0}, +{"SMS4-CFB1","sms4-cfb1",NID_sms4_cfb1,8,&(lvalues[6666]),0}, +{"SMS4-CFB8","sms4-cfb8",NID_sms4_cfb8,8,&(lvalues[6674]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2869,6 +2873,8 @@ static const unsigned int sn_objs[NUM_SN]={ 978, /* "SMS4-CBC" */ 1028, /* "SMS4-CCM" */ 982, /* "SMS4-CFB" */ +1031, /* "SMS4-CFB1" */ +1032, /* "SMS4-CFB8" */ 1026, /* "SMS4-CTR" */ 977, /* "SMS4-ECB" */ 1027, /* "SMS4-GCM" */ @@ -4631,6 +4637,8 @@ static const unsigned int ln_objs[NUM_LN]={ 978, /* "sms4-cbc" */ 1028, /* "sms4-ccm" */ 982, /* "sms4-cfb" */ +1031, /* "sms4-cfb1" */ +1032, /* "sms4-cfb8" */ 1026, /* "sms4-ctr" */ 977, /* "sms4-ecb" */ 1027, /* "sms4-gcm" */ @@ -5134,15 +5142,17 @@ static const unsigned int obj_objs[NUM_OBJ]={ 1020, /* OBJ_ssf33_ecb 1 2 156 10197 1 103 1 */ 1021, /* OBJ_ssf33_cbc 1 2 156 10197 1 103 2 */ 1022, /* OBJ_ssf33_ofb128 1 2 156 10197 1 103 3 */ +1023, /* OBJ_ssf33_cfb128 1 2 156 10197 1 103 4 */ 977, /* OBJ_sms4_ecb 1 2 156 10197 1 104 1 */ 978, /* OBJ_sms4_cbc 1 2 156 10197 1 104 2 */ 981, /* OBJ_sms4_ofb128 1 2 156 10197 1 104 3 */ 982, /* OBJ_sms4_cfb128 1 2 156 10197 1 104 4 */ -1023, /* OBJ_ssf33_cfb128 1 2 156 10197 1 104 4 */ -1026, /* OBJ_sms4_ctr 1 2 156 10197 1 104 5 */ -1027, /* OBJ_sms4_gcm 1 2 156 10197 1 104 6 */ -1028, /* OBJ_sms4_ccm 1 2 156 10197 1 104 7 */ -1029, /* OBJ_sms4_xts 1 2 156 10197 1 104 8 */ +1031, /* OBJ_sms4_cfb1 1 2 156 10197 1 104 5 */ +1032, /* OBJ_sms4_cfb8 1 2 156 10197 1 104 6 */ +1026, /* OBJ_sms4_ctr 1 2 156 10197 1 104 7 */ +1027, /* OBJ_sms4_gcm 1 2 156 10197 1 104 8 */ +1028, /* OBJ_sms4_ccm 1 2 156 10197 1 104 9 */ +1029, /* OBJ_sms4_xts 1 2 156 10197 1 104 10 */ 1006, /* OBJ_sm5 1 2 156 10197 1 201 */ 958, /* OBJ_sm2p256v1 1 2 156 10197 1 301 */ 1025, /* OBJ_id_sm9PublicKey 1 2 156 10197 1 302 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 801e5679..9abbde4b 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -4336,7 +4336,7 @@ #define SN_ssf33_cfb128 "SSF33-CFB" #define LN_ssf33_cfb128 "ssf33-cfb" #define NID_ssf33_cfb128 1023 -#define OBJ_ssf33_cfb128 OBJ_sm,104L,4L +#define OBJ_ssf33_cfb128 OBJ_sm,103L,4L #define SN_sms4_ecb "SMS4-ECB" #define LN_sms4_ecb "sms4-ecb" @@ -4358,25 +4358,35 @@ #define NID_sms4_cfb128 982 #define OBJ_sms4_cfb128 OBJ_sm,104L,4L +#define SN_sms4_cfb1 "SMS4-CFB1" +#define LN_sms4_cfb1 "sms4-cfb1" +#define NID_sms4_cfb1 1031 +#define OBJ_sms4_cfb1 OBJ_sm,104L,5L + +#define SN_sms4_cfb8 "SMS4-CFB8" +#define LN_sms4_cfb8 "sms4-cfb8" +#define NID_sms4_cfb8 1032 +#define OBJ_sms4_cfb8 OBJ_sm,104L,6L + #define SN_sms4_ctr "SMS4-CTR" #define LN_sms4_ctr "sms4-ctr" #define NID_sms4_ctr 1026 -#define OBJ_sms4_ctr OBJ_sm,104L,5L +#define OBJ_sms4_ctr OBJ_sm,104L,7L #define SN_sms4_gcm "SMS4-GCM" #define LN_sms4_gcm "sms4-gcm" #define NID_sms4_gcm 1027 -#define OBJ_sms4_gcm OBJ_sm,104L,6L +#define OBJ_sms4_gcm OBJ_sm,104L,8L #define SN_sms4_ccm "SMS4-CCM" #define LN_sms4_ccm "sms4-ccm" #define NID_sms4_ccm 1028 -#define OBJ_sms4_ccm OBJ_sm,104L,7L +#define OBJ_sms4_ccm OBJ_sm,104L,9L #define SN_sms4_xts "SMS4-XTS" #define LN_sms4_xts "sms4-xts" #define NID_sms4_xts 1029 -#define OBJ_sms4_xts OBJ_sm,104L,8L +#define OBJ_sms4_xts OBJ_sm,104L,10L #define NID_sm7 1004 #define OBJ_sm7 OBJ_sm,105L diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 4744b141..ccc88805 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1028,3 +1028,5 @@ sms4_gcm 1027 sms4_ccm 1028 sms4_xts 1029 sm1_cfb 1030 +sms4_cfb1 1031 +sms4_cfb8 1032 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 0e7c024a..4d761977 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1395,7 +1395,7 @@ sm 103 2 : SSF33-CBC : ssf33-cbc !Cname ssf33-ofb128 sm 103 3 : SSF33-OFB : ssf33-ofb !Cname ssf33-cfb128 -sm 104 4 : SSF33-CFB : ssf33-cfb +sm 103 4 : SSF33-CFB : ssf33-cfb sm 104 1 : SMS4-ECB : sms4-ecb sm 104 2 : SMS4-CBC : sms4-cbc @@ -1403,10 +1403,12 @@ sm 104 2 : SMS4-CBC : sms4-cbc sm 104 3 : SMS4-OFB : sms4-ofb !Cname sms4-cfb128 sm 104 4 : SMS4-CFB : sms4-cfb -sm 104 5 : SMS4-CTR : sms4-ctr -sm 104 6 : SMS4-GCM : sms4-gcm -sm 104 7 : SMS4-CCM : sms4-ccm -sm 104 8 : SMS4-XTS : sms4-xts +sm 104 5 : SMS4-CFB1 : sms4-cfb1 +sm 104 6 : SMS4-CFB8 : sms4-cfb8 +sm 104 7 : SMS4-CTR : sms4-ctr +sm 104 8 : SMS4-GCM : sms4-gcm +sm 104 9 : SMS4-CCM : sms4-ccm +sm 104 10 : SMS4-XTS : sms4-xts !Alias sm7 sm 105 diff --git a/crypto/sm2/sm2_locl.h b/crypto/sm2/sm2_locl.h new file mode 100644 index 00000000..3680c412 --- /dev/null +++ b/crypto/sm2/sm2_locl.h @@ -0,0 +1,82 @@ +/* crypto/sm2/sm2_locl.h */ +/* ==================================================================== + * Copyright (c) 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + + +#ifndef HEADER_SM2_LOCL_H +#define HEADER_SM2_LOCL_H + + +#ifdef __cplusplus +extern "C" { +#endif + + +struct sm2sign_method { + const char *name; + SM2_SIG *(*sm2_do_sign)(const unsigned char *dgst, int dgstlen); + int (*sm2_sign_setup)(void); + int (*sm2_do_verify)(void); + int flag; + void *app_data; +}; + + + + + + + + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/crypto/sm2/sm2test.c b/crypto/sm2/sm2test.c index ce1a212a..51ad6c18 100644 --- a/crypto/sm2/sm2test.c +++ b/crypto/sm2/sm2test.c @@ -1,7 +1,3 @@ -/* - * cc -Wall -I ../../include/ sm2test.c ../../libcrypto.a - */ - #include #include #include @@ -9,7 +5,7 @@ #include #include -static int test_sm2_sign(void) +static void test_sm2_sign(void) { int rv; EC_KEY *ec_key = NULL; @@ -39,10 +35,9 @@ static int test_sm2_sign(void) ECDSA_SIG_free(sig); printf("%s() success\n", __FUNCTION__); - return 0; } -static int test_sm2_enc(void) +static void test_sm2_enc(void) { int rv; EC_KEY *ec_key = NULL; @@ -85,10 +80,9 @@ static int test_sm2_enc(void) printf("decrypted plaintext: %s\n", ptbuf); */ printf("%s() success\n", __FUNCTION__); - return 0; } -static int test_sm2_kap(void) +static void test_sm2_kap(void) { int rv = 0; @@ -137,7 +131,248 @@ static int test_sm2_kap(void) rv = SM2_KAP_final_check(&ctx2); OPENSSL_assert(rv == 1); +} +int main(int argc, char **argv) +{ + int rv; + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + const EVP_PKEY_METHOD *pmeth; + const EVP_PKEY_ASN1_METHOD *ameth; + BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE); + + ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); + OPENSSL_assert(ec_key); + + rv = EC_KEY_generate_key(ec_key); + OPENSSL_assert(rv == 1); + + pkey = EVP_PKEY_new(); + OPENSSL_assert(pkey); + + pmeth = EVP_PKEY_meth_find(EVP_PKEY_SM2); + OPENSSL_assert(pmeth); + + ameth = EVP_PKEY_asn1_find(NULL, EVP_PKEY_SM2); + OPENSSL_assert(ameth); + + rv = EVP_PKEY_set1_SM2(pkey, ec_key); + OPENSSL_assert(rv == 1); + + printf("pkey type : %d\n", EVP_PKEY_type(pkey->type)); + printf("pkey id : %d\n", EVP_PKEY_id(pkey)); + printf("pkey base id : %d\n", EVP_PKEY_base_id(pkey)); + printf("pkey bits : %d\n", EVP_PKEY_bits(pkey)); + + rv = EVP_PKEY_print_public(bio, pkey, 0, NULL); + OPENSSL_assert(rv == 1); + + rv = EVP_PKEY_print_private(bio, pkey, 0, NULL); + OPENSSL_assert(rv == 1); + + rv = EVP_PKEY_print_params(bio, pkey, 0, NULL); + OPENSSL_assert(rv == 1); + + printf("%s() success!\n", __FUNCTION__); + return 0; +} + + +int test_sm2_evp_digestsign(void) +{ + int rv; + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pk_ctx = NULL; + EVP_MD_CTX *md_ctx = NULL; + const *EVP_MD *md = EVP_sm3(); + char *msg1 = "Hello "; + char *msg2 = "World!"; + unsigned char sig[512]; + size_t siglen = sizeof(sig); + + + /* init EVP_PKEY */ + + ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); + OPENSSL_assert(ec_key); + + rv = EC_KEY_generate_key(ec_key); + OPENSSL_assert(rv == 1); + + pkey = EVP_PKEY_new(); + OPENSSL_assert(pkey != NULL); + + rv = EVP_PKEY_set1_SM2(pkey, ec_key); + OPENSSL_assert(rv == 1); + + /* test EVP_DigestSignInit/Update/Final */ + + md_ctx = EVP_MD_CTX_create(); + OPENSSL_assert(md_ctx != NULL); + + rv = EVP_DigestSignInit(md_ctx, &pk_ctx, md, NULL, pkey); + if (rv != 1) + ERR_print_errors_fp(stderr); + OPENSSL_assert(rv == 1); + OPENSSL_assert(pkctx != NULL); + + rv = EVP_DigestSignUpdate(md_ctx, msg1, strlen(msg1)); + OPENSSL_assert(rv == 1); + + rv = EVP_DigestSignUpdate(md_ctx, msg2, strlen(msg2)); + OPENSSL_assert(rv == 1); + + rv = EVP_DigestSignFinal(md_ctx, sig, &siglen); + OPENSSL_assert(rv == 1); + + EC_KEY_free(ec_key); + EVP_PKEY_free(pkey); + EVP_PKEY_CTX_free(pk_ctx); + EVP_MD_CTX_destroy(md_ctx); + + printf("%s() success!\n", __FUNCTION__); + return 0; +} + +int sm2_test_evp_pkey_encrypt(void) +{ + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *ctx = NULL; + char *msg = "Hello world!"; + unsigned char ptbuf[256]; + unsigned char ctbuf[256]; + size_t ptlen, ctlen, i; + + /* Generate SM2 EVP_PKEY */ + ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); + pkey = EVP_PKEY_new(); + EC_KEY_generate_key(ec_key); + EVP_PKEY_set1_SM2(pkey, ec_key); + + ctx = EVP_PKEY_CTX_new(pkey, NULL); + + /* Encrypt */ + EVP_PKEY_encrypt_init(ctx); + ctlen = sizeof(ctbuf); + bzero(ctbuf, ctlen); + EVP_PKEY_encrypt(ctx, ctbuf, &ctlen, (unsigned char *)msg, strlen(msg) + 1); + + printf("encrypted message (%zu bytes) : ", ctlen); + for (i = 0; i < ctlen; i++) { + printf("%02x", ctbuf[i]); + } + printf("\n"); + + /* Decrypt */ + EVP_PKEY_decrypt_init(ctx); + ptlen = sizeof(ptbuf); + bzero(ptbuf, ptlen); + if (!EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen)) { + fprintf(stderr, "sm2 decrypt failed.\n"); + } + + printf("decrypted message : %s\n", ptbuf); + + EVP_PKEY_free(pkey); + EC_KEY_free(ec_key); + EVP_PKEY_CTX_free(ctx); + return 0; +} + +EVP_PKEY *pkey_new_ec() +{ + int rv; + ECIES_PARAMS param; + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + + ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); + OPENSSL_assert(ec_key); + rv = EC_KEY_generate_key(ec_key); + OPENSSL_assert(rv == 1); + + param.mac_nid = NID_hmac_full_ecies; + param.kdf_md = EVP_sha1(); + param.sym_cipher = EVP_aes_128_cbc(); + param.mac_md = EVP_sha1(); + rv = ECIES_set_parameters(ec_key, ¶m); + ERR_print_errors_fp(stderr); + OPENSSL_assert(rv == 1); + OPENSSL_assert(ECIES_get_parameters(ec_key) != NULL); + + pkey = EVP_PKEY_new(); + OPENSSL_assert(pkey); + + const EVP_PKEY_ASN1_METHOD *ameth = EVP_PKEY_asn1_find(NULL, EVP_PKEY_SM2); + OPENSSL_assert(ameth); + + rv = EVP_PKEY_set1_SM2(pkey, ec_key); + ERR_print_errors_fp(stderr); + OPENSSL_assert(rv == 1); + + return pkey; +} + +int test_sm2_pkey_seal(void) +{ + int rv; + EVP_PKEY *pkey[2]; + int num_pkeys = sizeof(pkey)/sizeof(pkey[0]); + EVP_CIPHER_CTX ctx; + const EVP_CIPHER *cipher = EVP_sms4_cbc(); + unsigned char iv[16]; + unsigned char ek[2][256]; + int eklen[sizeof(pkey)/sizeof(pkey[0])]; + char *msg1 = "Hello "; + char *msg2 = "World!"; + unsigned char ctbuf[256]; + unsigned char ptbuf[256]; + unsigned char *p; + int len, ctlen; + int i; + + for (i = 0; i < num_pkeys; i++) { + pkey[i] = pkey_new_ec(); + } + + EVP_CIPHER_CTX_init(&ctx); + + RAND_bytes(iv, sizeof(iv)); + + + /* EVP_SealInit/Update/Final() */ + + rv = EVP_SealInit(&ctx, cipher, ek, eklen, iv, pkey, num_pkeys); + OPENSSL_assert(rv == num_pkeys); + + p = ctbuf; + + rv = EVP_SealUpdate(&ctx, p, &len, (unsigned char *)msg1, strlen(msg1)); + OPENSSL_assert(rv == 1); + + p += len; + + rv = EVP_SealUpdate(&ctx, p, &len, (unsigned char *)msg2, strlen(msg2)); + OPENSSL_assert(rv == 1); + + p += len; + + rv = EVP_SealFinal(&ctx, p, &len); + OPENSSL_assert(rv == 1); + + p += len; + + ctlen = p - ctbuf; + + + /* EVP_OpenInit/Update/Final() */ + // TODO + + + printf("%s() success!\n", __FUNCTION__); return 0; } @@ -148,3 +383,4 @@ int main(int argc, char **argv) return 0; } + diff --git a/crypto/sm3/Makefile b/crypto/sm3/Makefile index bc40ed44..7ae1bfc0 100644 --- a/crypto/sm3/Makefile +++ b/crypto/sm3/Makefile @@ -79,5 +79,5 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -sm3.o: sm3.c sm3.h byteorder.h -sm3test.o: sm3test.c sm3.h byteorder.h +sm3.o: sm3.c sm3.h ../byteorder.h +sm3test.o: sm3test.c sm3.h ../byteorder.h diff --git a/crypto/sm3/sm3.c b/crypto/sm3/sm3.c index 2b2377f1..9c337029 100644 --- a/crypto/sm3/sm3.c +++ b/crypto/sm3/sm3.c @@ -51,7 +51,7 @@ #include "sm3.h" -#include "byteorder.h" +#include "../byteorder.h" #include diff --git a/crypto/sms4/Makefile b/crypto/sms4/Makefile index fc043417..c1312beb 100644 --- a/crypto/sms4/Makefile +++ b/crypto/sms4/Makefile @@ -17,8 +17,8 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC=sms4_cbc.c sms4_cfb.c sms4_ecb.c sms4_ofb.c sms4.c -LIBOBJ=sms4_cbc.o sms4_cfb.o sms4_ecb.o sms4_ofb.o sms4.o +LIBSRC=sms4_cbc.c sms4_cfb.c sms4_ecb.c sms4_ofb.c sms4_ctr.c sms4_wrap.c sms4.c +LIBOBJ=sms4_cbc.o sms4_cfb.o sms4_ecb.o sms4_ofb.o sms4_ctr.o sms4_wrap.o sms4.o SRC= $(LIBSRC) diff --git a/crypto/sms4/sms4_ctr.c b/crypto/sms4/sms4_ctr.c index e87bbf74..8fb262b1 100644 --- a/crypto/sms4/sms4_ctr.c +++ b/crypto/sms4/sms4_ctr.c @@ -57,7 +57,7 @@ void sms4_ctr128_encrypt(const unsigned char *in, unsigned char *out, size_t len, const sms4_key_t *key, unsigned char *iv, unsigned char ecount_buf[SMS4_BLOCK_SIZE], unsigned int *num) { - /* this should be replaced with a parallelized version */ + /* TODO: this should be replaced with a parallelized version */ CRYPTO_ctr128_encrypt(in, out, len, key, iv, ecount_buf, num, (block128_f)sms4_encrypt); } diff --git a/crypto/sms4/sms4_wrap.c b/crypto/sms4/sms4_wrap.c index fd609067..62cb69f3 100644 --- a/crypto/sms4/sms4_wrap.c +++ b/crypto/sms4/sms4_wrap.c @@ -63,6 +63,6 @@ int sms4_wrap_key(sms4_key_t *key, const unsigned char *iv, int sms4_unwrap_key(sms4_key_t *key, const unsigned char *iv, unsigned char *out, const unsigned char *in, unsigned int inlen) { - return CRYPTO_128_unwrap(key, iv, out, in, inlen, (block128_f)sms4_decrypt); + return CRYPTO_128_unwrap(key, iv, out, in, inlen, (block128_f)sms4_encrypt); } diff --git a/crypto/zuc/zuc.c b/crypto/zuc/zuc.c index af44139e..5c10b6fe 100755 --- a/crypto/zuc/zuc.c +++ b/crypto/zuc/zuc.c @@ -1,7 +1,7 @@ +#include "../byteorder.h" #include "zuc.h" - static uint8_t S0[256] = { 0x3e,0x72,0x5b,0x47,0xca,0xe0,0x00,0x33,0x04,0xd1,0x54,0x98,0x09,0xb9,0x6d,0xcb, 0x7b,0x1b,0xf9,0x32,0xaf,0x9d,0x6a,0xa5,0xb8,0x2d,0xfc,0x1d,0x08,0x53,0x03,0x90, @@ -52,6 +52,7 @@ static inline uint32_t AddM(uint32_t a, uint32_t b) } #define MulByPow2(x, k) ((((x) << k) | ((x) >> (31 - k))) & 0x7FFFFFFF) + static void LFSRWithInitialisationMode(ZUC_KEY *key, uint32_t u) { uint32_t f, v; @@ -171,7 +172,6 @@ void ZUC_set_key(ZUC_KEY *key, const unsigned char *k, const unsigned char *iv) { uint32_t w, nCount; - /* expand key */ key->LFSR_S0 = MAKEU31(k[0], EK_d[0], iv[0]); key->LFSR_S1 = MAKEU31(k[1], EK_d[1], iv[1]); key->LFSR_S2 = MAKEU31(k[2], EK_d[2], iv[2]); @@ -189,48 +189,46 @@ void ZUC_set_key(ZUC_KEY *key, const unsigned char *k, const unsigned char *iv) key->LFSR_S14 = MAKEU31(k[14], EK_d[14], iv[14]); key->LFSR_S15 = MAKEU31(k[15], EK_d[15], iv[15]); - /* set F_R1 and F_R2 to zero */ key->F_R1 = 0; key->F_R2 = 0; nCount = 32; - while (nCount > 0) - { + + while (nCount > 0) { BitReorganization(key); w = F(key); LFSRWithInitialisationMode(key, w >> 1); nCount--; } - /* set buffer */ - key->buflen = 0; + BitReorganization(key); + F(key); + LFSRWithWorkMode(key); + } void ZUC_encrypt(ZUC_KEY *key, size_t inlen, const unsigned char *in, unsigned char *out) { -#if 0 - int i; + uint32_t word; - if (key->buflen) { - int len = inlen < 4 - key->buflen ? inlen : 4 - key->buflen; - memcpy(key->buf + key->buflen, in, len); - inlen -= len; - - if (key->buflen == 4) { - } - } - if (inlen < 4) { +/* + while (key->buf_index < 4 && inlen > 0) { + *out++ = *in++ ^ key->buf[key->buf_index++]; + inlen--; } - BitReorganization(key); - F(key); /* discard the output of F */ - LFSRWithWorkMode(key); - - for (i = 0; i < KeystreamLen; i ++) - { + while (inlen >= 4) { BitReorganization(key); - pKeystream[i] = F(key) ^ key->BRC_X3; + word = le32_to_cpu((uint32_t *)in); + word ^= F(key) ^ key->BRC_X3; + *((uint32_t *)out) = cpu_to_le32(word); LFSRWithWorkMode(key); + inlen -= 4; } -#endif + + while (inlen-- > 0) { + *out++ = *in++ ^ *buf++; + key->buflen--; + } +*/ } diff --git a/crypto/zuc/zuc.h b/crypto/zuc/zuc.h index c1b5469e..7e00a85f 100755 --- a/crypto/zuc/zuc.h +++ b/crypto/zuc/zuc.h @@ -39,7 +39,7 @@ typedef struct { /* word buffer */ unsigned char buf[4]; - int buflen; + int buf_index; } ZUC_KEY; diff --git a/engines/e_skf.c b/engines/e_skf.c index 8c5e44eb..07a4b9b2 100644 --- a/engines/e_skf.c +++ b/engines/e_skf.c @@ -11,7 +11,7 @@ #include #include #include -#include "skf.h" +#include "skf/skf.h" #include "e_skf_err.h" static DEVHANDLE skf_dev_handle = NULL; @@ -19,11 +19,29 @@ static HAPPLICATION skf_app_handle = NULL; static HCONTAINER skf_container_handle = NULL; +static int skf_init(ENGINE *e); +static int skf_finish(ENGINE *e); +static int skf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); +static int skf_destroy(ENGINE *e); + + +/* + +1. + + + +*/ + +#define SKF_CMD_LIST_DEVS ENGINE_CMD_BASE + + + + static int skf_init(ENGINE *e) { ULONG rv; ULONG len; -/* BOOL bPresent = TRUE; CHAR *devNameList = NULL; LPSTR devName; @@ -41,13 +59,14 @@ static int skf_init(ENGINE *e) ULONG containerType; if ((rv = SKF_EnumDev(bPresent, NULL, &len)) != SAR_OK) { - return -1; + SKFerr(SKF_F_SKF_INIT, skf_err2openssl(rv)); + goto end; } if (!(devNameList = OPENSSL_malloc(len))) { - return -1; + goto end; } if ((rv = SKF_EnumDev(bPresent, devNameList, &len)) != SAR_OK) { - return -1; + goto end; } if (devNameList[0] = 0) { return -1; @@ -85,7 +104,6 @@ static int skf_init(ENGINE *e) for (p = containerNameList; p; p += strlen(p)) { // check container type } -*/ return 0; } @@ -94,101 +112,154 @@ static int skf_finish(ENGINE *e) return 0; } -#if 0 -void ENGINE_load_skf(void) -{ -} -static int skf_bind_helper(ENGINE *e) -{ - if (!ENGINE_set_id(e, SKF_ENGINE_ID) || - !ENGINE_set_name(e, SKF_ENGINE_NAME) || - !ENGINE_set_init_function(e, skf_init) || - !ENGINE_set_ciphers(e, skf_ciphers) || - !ENGINE_set_RSA(e, SKF_get_rsa_method()) || - !ENGINE_set_SM2(e, SKF_get_sm2_method()) || - !ENGINE_set_RAND(e, skf_rand)) { - return 0; - } - - return 1; -} - -static ENGINE *ENGINE_skf(void) -{ - ENGINE *eng = ENGINE_new(); - - if (!eng) { - return NULL; - } - - if (!skf_bind_helper(eng)) { - ENGINE_free(eng); - return NULL; - } - - return eng; -} - -static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) -{ - if (!cipher) { - *nid = skf_cipher_nids; - return skf_num_cipher_nids; - } - - switch (nid) { - case NID_ssf33_ecb: - *cipher = &skf_ssf33_ecb; - break; - default: - *cipher = NULL; - return 0; - } - - return 1; -} - -#endif +typedef struct { + HANDLE hKey; +} EVP_SKF_KEY; -#define SSF33_IV_LENGTH SSF33_BLOCK_SIZE -#define SM1_IV_LENGTH SM1_BLOCK_SIZE -#define SMS4_IV_LENGTH SMS4_BLOCK_SIZE - - -static int skf_ssf33_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, +static int skf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - DEVHANDLE hDev = skf_dev_handle; - BYTE *pbKey = key; - ULONG ulAlgID = SGD_SSF33_ECB; - HANDLE *phKey; + EVP_SKF_KEY *dat = (EVP_SKF_KEY *)ctx->cipher_data; + ULONG ulAlgID; - if ((rv = SKF_SetSymmKey(hDev, pbKey, ulAlgID, (HANDLE *)ctx->cipher_data)) != SAR_OK) { - SKFerr(SKF_F_SKF_SSF33_INIT_KEY, 0); + switch (EVP_CIPHER_CTX_nid(ctx)) { + case NID_ssf33_ecb: + ulAlgID = SGD_SSF33_ECB; + break; + case NID_ssf33_cbc: + ulAlgID = SGD_SSF33_CBC; + break; + case NID_ssf33_cfb128: + ulAlgID = SGD_SSF33_CFB; + break; + case NID_ssf33_ofb128: + ulAlgID = SGD_SSF33_OFB; + break; + + case NID_sm1_ecb: + ulAlgID = SGD_SM1_ECB; + break; + case NID_sm1_cbc: + ulAlgID = SGD_SM1_CBC; + break; + case NID_sm1_cfb128: + ulAlgID = SGD_SM1_CFB; + break; + case NID_sm1_ofb128: + ulAlgID = SGD_SM1_OFB; + break; + + case NID_sms4_ecb: + ulAlgID = SGD_SM4_ECB; + break; + case NID_sms4_cbc: + ulAlgID = SGD_SM4_CBC; + break; + case NID_sms4_cfb128: + ulAlgID = SGD_SM4_CFB; + break; + case NID_sms4_ofb128: + ulAlgID = SGD_SM4_OFB; + break; + + default: + OPENSSL_assert(0); + return 0; + } + + if ((rv = SKF_SetSymmKey(skf_dev_handle, (BYTE *)key, ulAlgID, + &(dat->hKey))) != SAR_OK) { + SKFerr(SKF_F_SKF_INIT_KEY, 0); return 0; } return 1; } -static const EVP_CIPHER skf_ssf33_ecb = { - NID_ssf33_ecb, - SSF33_BLOCK_SIZE, - SSF33_KEY_LENGTH, - SSF33_IV_LENGTH, - 0, - skf_ssf33_init_key, - skf_ssf33_ecb_cipher, - NULL, - sizeof(EVP_SMS4_CTX), - NULL, - NULL, - NULL, - NULL, -}; +static int skf_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + ULONG rv; + EVP_SKF_KEY *dat = (EVP_SKF_KEY *)ctx->cipher_data; + BLOCKCIPHERPARAM param; + ULONG ulDataLen, ulEncryptedLen; + BYTE block[MAX_IV_LEN] = {0}; + int i; + + memcpy(&(param.IV), ctx->iv, ctx->cipher->block_size); + param.IVLen = ctx->cipher->block_size; + param.PaddingType = SKF_NO_PADDING; + param.FeedBitLen = 0; + + if (ctx->encrypt) { + if ((rv = SKF_EncryptInit(dat->hKey, ¶m)) != SAR_OK) { + return 0; + } + } else { + if ((rv = SKF_DecryptInit(dat->hKey, ¶m)) != SAR_OK) { + return 0; + } + } + + ulDataLen = len - len % ctx->cipher->block_size; + + if (ctx->encrypt) { + if ((rv = SKF_EncryptUpdate(hKey, in, ulDataLen, + (BYTE *)out, &ulEncryptedLen)) != SAR_OK) { + return 0; + } + } else { + if ((rv = SKF_DecryptUpdate(hKey, in, ulDataLen, + (BYTE *)out, &ulEncryptedLen)) != SAR_OK) { + return 0; + } + } + + in += ulDataLen; + out += ulEncryptedLen; + + memcpy(block, in, len - ulDataLen); + + if (ctx->encrypt) { + if ((rv = SKF_EncryptUpdate(hKey, block, ctx->cipher->block_size, + out, &ulEncryptedLen)) != SAR_OK) { + return 0; + } + } else { + + } + + return 1; +} + + +#define BLOCK_CIPHER_generic(cipher,mode,MODE) \ +static const EVP_CIPHER skf_##cipher##_##mode = { \ + NID_##cipher##_##mode, \ + 16,16,16, \ + EVP_CIPH_##MODE##_MODE, \ + skf_init_key, \ + skf_cipher, \ + NULL, \ + sizeof(EVP_SKF_KEY), \ + NULL,NULL,NULL,NULL }; + + +BLOCK_CIPHER_generic(ssf33,ecb,ECB) +BLOCK_CIPHER_generic(ssf33,cbc,CBC) +BLOCK_CIPHER_generic(ssf33,cfb,CFB) +BLOCK_CIPHER_generic(ssf33,ofb,OFB) +BLOCK_CIPHER_generic(sm1,ecb,ECB) +BLOCK_CIPHER_generic(sm1,cbc,CBC) +BLOCK_CIPHER_generic(sm1,cfb,CFB) +BLOCK_CIPHER_generic(sm1,ofb,OFB) +BLOCK_CIPHER_generic(sm4,ecb,ECB) +BLOCK_CIPHER_generic(sm4,cbc,CBC) +BLOCK_CIPHER_generic(sm4,cfb,CFB) +BLOCK_CIPHER_generic(sm4,ofb,OFB) + static int skf_cipher_nids[] = { NID_ssf33_ecb, @@ -206,7 +277,6 @@ static int skf_cipher_nids[] = { }; static int skf_num_ciphers = sizeof(skf_cipher_nids)/sizeof(skf_cipher_nids[0]); - static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { if (!cipher) { @@ -263,19 +333,12 @@ static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, i return 1; } -int skf_err2openssl(ULONG rv) -{ - return 0; -} - - -/* RAND_METHOD */ int skf_rand_bytes(unsigned char *buf, int num) { ULONG rv; - if ((rv = SKF_GenRandom(skf_dev_handle, buf, num)) != SAR_OK) { + if ((rv = SKF_GenRandom(skf_dev_handle, buf, (ULONG)num)) != SAR_OK) { SKFerr(SKF_F_SKF_RAND_BYTES, skf_err2openssl(rv)); return 0; } @@ -292,7 +355,6 @@ static RAND_METHOD skf_rand = { NULL, }; -/* EVP_MD */ static int skf_sm3_init(EVP_MD_CTX *ctx) { @@ -380,7 +442,54 @@ static int skf_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int n return 1; } -/* Dynamic ENGINE */ + +static RSA_METHOD skf_rsa = { + "SKF RSA method", + skf_rsa_pub_enc, + NULL, + NULL, + skf_rsa_priv_dec, + NULL, + NULL, + NULL, + NULL, + RSA_FLAG_SIGN_VER, + NULL, + skf_rsa_sign, + skf_rsa_verify, + NULL +}; + + + +#ifdef OPENSSL_NO_DYNAMIC_ENGINE +static ENGINE *engine_skf(void) +{ + ENGINE *ret = ENGINE_new(); + if (!ret) { + return NULL; + } + + if (!bind_helper(ret)) { + ENGINE_free(ret); + return NULL; + } + + return ret; +} + +void ENGINE_load_4758cca(void) +{ + ENGINE *e_skf = engine_skf(); + if (!e_skf) { + return; + } + + ENGINE_add(e_skf); + ENGINE_free(e_skf); + ERR_clear_error(); +} +#endif static const char *engine_skf_id = "SKF"; static const char *engine_skf_name = "SKF API Hardware Engine"; @@ -394,7 +503,7 @@ static int bind(ENGINE *e, const char *id) if (!ENGINE_set_id(e, engine_skf_id) || !ENGINE_set_name(e, engine_skf_name) || !ENGINE_set_digests(e, skf_digests) || - //!ENGINE_set_ciphers(e, skf_ciphers) || + !ENGINE_set_ciphers(e, skf_ciphers) || !ENGINE_set_RAND(e, &skf_random)) { return 0; } diff --git a/engines/e_skf_err.c b/engines/e_skf_err.c index a67c536e..07c9f7d1 100644 --- a/engines/e_skf_err.c +++ b/engines/e_skf_err.c @@ -1,4 +1,85 @@ -#include "smapi_err.h" +#include "skf/skf.h" + + + + + + + +static ERR_STRING_DATA SKF_str_functs[] = { + {ERR_FUNC(SKF_F_SKF_INIT_KEY), "SKF_INIT_KEY"}, + {ERR_FUNC(SKF_F_SKF_CIPHER), "SKF_CIPHER"}, + {ERR_FUNC(SKF_F_SKF_INIT), "SKF_INIT"}, + {ERR_FUNC(SKF_F_SKF_CTRL), "SKF_CTRL"}, + {ERR_FUNC(SKF_F_SKF_FINISH), "SKF_FINISH"}, + {0, NULL} +}; + +static ERR_STRING_DATA SKF_str_reasons[] = { + {ERR_REASON(SKF_F_OK), ok"}, + {0, NULL} +}; + + +int skf_err2openssl(int err) +{ + switch (err) { + case SAR_OK: + return SKF_R_SAR_OK; + case SAR_FAIL: + return SKF_R_SAR_FAIL; + case SAR_UNKNOWNERR: + case SAR_NOTSUPPORTYETERR: + case SAR_FILEERR: + case SAR_INVALIDHANDLEERR: + case SAR_INVALIDPARAMERR: + case SAR_READFILEERR: + case SAR_WRITEFILEERR: + case SAR_NAMELENERR: + case SAR_KEYUSAGEERR: + case SAR_MODULUSLENERR: + case SAR_NOTINITIALIZEERR: + case SAR_OBJERR: + case SAR_MEMORYERR: + case SAR_TIMEOUTERR: + case SAR_INDATALENERR + case SAR_INDATAERR + case SAR_GENRANDERR + case SAR_HASHOBJERR + case SAR_HASHERR + case SAR_GENRSAKEYERR + case SAR_RSAMODULUSLENERR + case SAR_CSPIMPRTPUBKEYERR + case SAR_RSAENCERR + case SAR_RSADECERR + case SAR_HASHNOTEQUALERR + case SAR_KEYNOTFOUNTERR + case SAR_CERTNOTFOUNTERR + case SAR_NOTEXPORTERR + case SAR_DECRYPTPADERR + case SAR_MACLENERR + case SAR_BUFFER_TOO_SMALL + case SAR_KEYINFOTYPEERR + case SAR_NOT_EVENTERR + case SAR_DEVICE_REMOVED + case SAR_PIN_INCORRECT + case SAR_PIN_LOCKED + case SAR_PIN_INVALID + case SAR_PIN_LEN_RANGE + case SAR_USER_ALREADY_LOGGED_IN + case SAR_USER_PIN_NOT_INITIALIZED + case SAR_USER_TYPE_INVALID + case SAR_APPLICATION_NAME_INVALID + case SAR_APPLICATION_EXISTS + case SAR_USER_NOT_LOGGED_IN + case SAR_APPLICATION_NOT_EXISTS + case SAR_FILE_ALREADY_EXIST + case SAR_NO_ROOM + case SAR_FILE_NOT_EXIST +} + + + typedef struct { int err_no; @@ -56,24 +137,10 @@ typedef struct { { SAR_FILE_NOT_EXIST, "File not exist" } }; -typedef struct { - uint32_t alg_id; - char *alg_name; -} smapi_algid[] = { - { SGD_RSA, "RSA" }, - { SGD_RSA | SGD_SHA1, "RSA-with-SHA1" }, -}; LPSTR DEVAPI SKF_GetErrorString(ULONG ulError) { - /* - * TODO: check smapi_errstr[] and return the error string - * if error number not exist, return NULL; - */ return NULL; } -LPSTR DEVAPI SKF_GetAlgorString(ULONG ulAlgId) -{ - return NULL; -} + diff --git a/engines/skf/skf.h b/engines/skf/skf.h index c0d39e32..4b95b5ab 100644 --- a/engines/skf/skf.h +++ b/engines/skf/skf.h @@ -1,3 +1,54 @@ +/* ==================================================================== + * Copyright (c) 2014 - 2015 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + + #ifndef HEADER_SKF_H #define HEADER_SKF_H @@ -171,6 +222,9 @@ typedef struct Struct_ECCSIGNATUREBLOB { BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8]; } ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB; +#define SKF_NO_PADDING 0 +#define SKF_PKCS5_PADDING 1 + typedef struct Struct_BLOCKCIPHERPARAM { BYTE IV[MAX_IV_LEN]; ULONG IVLen; @@ -225,7 +279,11 @@ ULONG DEVAPI SKF_ChangeDevAuthKey(DEVHANDLE hDev, ULONG DEVAPI SKF_DevAuth(DEVHANDLE hDev, BYTE *pbAuthData, ULONG ulLen); -ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication, ULONG ulPINType, LPSTR szOldPin, LPSTR szNewPin, ULONG *pulRetryCount); +ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szOldPin, + LPSTR szNewPin, + ULONG *pulRetryCount); LONG DEVAPI SKF_GetPINInfo(HAPPLICATION hApplication, ULONG ulPINType, ULONG *pulMaxRetryCount, diff --git a/ssl/gm_srvr.c b/ssl/gm_srvr.c index d3c3de19..c28ba303 100644 --- a/ssl/gm_srvr.c +++ b/ssl/gm_srvr.c @@ -74,6 +74,40 @@ IMPLEMENT_gmssl_meth_func(GMSSL1_1_VERSION, GMSSLv1_1_server_method, int gm1_send_server_certificate(SSL *s) { - return 0; + + CERT_PKEY *cpk; + + if (s->state == SSL3_ST_SW_CERT_A) { + cpk = ssl_get_server_send_pkey(s); + if (cpk == NULL) { + /* VRS: allow null cert if auth == KRB5 */ + if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) || + (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, + ERR_R_INTERNAL_ERROR); + s->state = SSL_ST_ERR; + return (0); + } + } + + if (!ssl3_output_cert_chain(s, cpk)) { + SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR); + s->state = SSL_ST_ERR; + return (0); + } + s->state = SSL3_ST_SW_CERT_B; + } + + /* SSL3_ST_SW_CERT_B */ + return ssl_do_write(s); } +/* + +s3_srvr.c:s3_send_server_certificate + ssl_get_server_send_pkey + ssl3_output_cert_chain + ssl_add_cert_chain + ssl_set_handshake_header + ssl_do_write +*/