Update SM2 Extensions

Arrange source files

tests/sm2_blindtest.c

@@ -0,0 +1,100 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_blind.h>
+#include <gmssl/error.h>
+
+
+static int test_sm2_blind_sign(void)
+{
+	int r = -1;
+
+	// signer
+	SM2_KEY key;
+	SM2_Fn k;
+	uint8_t commit[65];
+	size_t commitlen;
+
+	// caller
+	SM2_KEY public_key;
+	SM2_BLIND_SIGN_CTX sign_ctx;
+	uint8_t msg[128] = {0};
+	uint8_t blinded_sig_s[32];
+	uint8_t blinded_sig_r[32];
+	uint8_t sig[128];
+	size_t siglen;
+
+	// verifier
+	SM2_SIGN_CTX verify_ctx;
+
+
+	// signer
+	if (sm2_key_generate(&key) != 1
+		|| sm2_key_set_public_key(&public_key, &key.public_key) != 1) {
+		error_print();
+		goto end;
+	}
+	if (sm2_blind_sign_commit(k, commit, &commitlen) != 1) {
+		error_print();
+		return -1;
+	}
+	format_bytes(stderr, 0, 0, "signer: commitment", commit, commitlen);
+
+	// caller
+	if (sm2_blind_sign_init(&sign_ctx, &public_key,
+		SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
+		|| sm2_blind_sign_update(&sign_ctx, msg, 32) != 1
+		|| sm2_blind_sign_update(&sign_ctx, msg + 32, 32) != 1
+		|| sm2_blind_sign_update(&sign_ctx, msg + 64, 64) != 1
+		|| sm2_blind_sign_finish(&sign_ctx, commit, commitlen, blinded_sig_r) != 1) {
+		error_print();
+		goto end;
+	}
+	format_bytes(stderr, 0, 0, "caller: blinded_sig_r", blinded_sig_r, sizeof(blinded_sig_r));
+
+	// signer
+	if (sm2_blind_sign(&key, k, blinded_sig_r, blinded_sig_s) != 1) {
+		error_print();
+		goto end;
+	}
+	format_bytes(stderr, 0, 0, "signer: blinded_sig_s", blinded_sig_s, sizeof(blinded_sig_s));
+
+	// caller
+	if (sm2_blind_sign_unblind(&sign_ctx, blinded_sig_s, sig, &siglen) != 1) {
+		error_print();
+		goto end;
+	}
+	format_bytes(stderr, 0, 0, "caller: unblinded_sig", sig, siglen);
+
+	// verifier
+	if (sm2_verify_init(&verify_ctx, &public_key,
+		SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
+		|| sm2_verify_update(&verify_ctx, msg, sizeof(msg)) != 1
+		|| (r = sm2_verify_finish(&verify_ctx, sig, siglen)) < 0) {
+		error_print();
+		goto end;
+	}
+	format_print(stderr, 0, 0, "verifier: %s\n", r == 1 ? "success" : "failure");
+
+end:
+	gmssl_secure_clear(&key, sizeof(key));
+	gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx));
+	return r;
+}
+
+int main(void)
+{
+	if (test_sm2_blind_sign() != 1) { error_print(); return -1; }
+	return 0;
+}

tests/sm2_committest.c

@@ -0,0 +1,59 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_commit.h>
+#include <gmssl/error.h>
+
+
+static int test_sm2_commit(void)
+{
+	uint8_t x[32];
+	uint8_t xvec[8][32];
+	uint8_t r[32];
+	uint8_t commit[65];
+	size_t commitlen;
+	int ret;
+
+	rand_bytes(x, sizeof(x));
+	format_bytes(stderr, 0, 0, "secret", x, sizeof(x));
+
+	sm2_commit_generate(x, r, commit, &commitlen);
+	format_bytes(stderr, 0, 0, "random", r, sizeof(r));
+	format_bytes(stderr, 0, 0, "commitment", commit, commitlen);
+
+	ret = sm2_commit_open(x, r, commit, commitlen);
+	printf("open commitment: %s\n", ret == 1 ? "success" : "failure");
+
+
+	sm2_commit_vector_generate(&x, 1, r, commit, &commitlen);
+	format_bytes(stderr, 0, 0, "random", r, sizeof(r));
+	format_bytes(stderr, 0, 0, "commitment", commit, commitlen);
+
+	ret = sm2_commit_vector_open(&x, 1, r, commit, commitlen);
+	printf("open commitment: %s\n", ret == 1 ? "success" : "failure");
+
+
+	rand_bytes(xvec[0], sizeof(xvec));
+	sm2_commit_vector_generate(xvec, 8, r, commit, &commitlen);
+	ret = sm2_commit_vector_open(xvec, 8, r, commit, commitlen);
+	printf("open commitment: %s\n", ret == 1 ? "success" : "failure");
+
+	return 1;
+}
+
+int main(void)
+{
+	if (test_sm2_commit() != 1) { error_print(); return -1; }
+	return 0;
+}

tests/sm2_elgamaltest.c

@@ -0,0 +1,22 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_elgamal.h>
+#include <gmssl/error.h>
+
+
+int main(void)
+{
+	return 0;
+}

tests/sm2_key_sharetest.c

@@ -0,0 +1,96 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_key_share.h>
+#include <gmssl/mem.h>
+#include <gmssl/error.h>
+
+
+static int test_sm2_key_share_args(size_t k, size_t n)
+{
+	SM2_KEY key;
+	SM2_KEY key_;
+	SM2_KEY_SHARE shares[SM2_KEY_MAX_SHARES];
+
+	if (sm2_key_generate(&key) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_key_split(&key, k, n, shares) != 1) {
+		error_print();
+		return -1;
+	}
+
+	// recover from 0 .. k
+	if (sm2_key_recover(&key_, shares, k) != 1) {
+		error_print();
+		return -1;
+	}
+	if (memcmp(&key_, &key, sizeof(SM2_KEY)) != 0) {
+		error_print();
+		return -1;
+	}
+
+	// recover from n-k .. n
+	memset(&key_, 0, sizeof(key_));
+	if (sm2_key_recover(&key_, shares + n - k, k) != 1) {
+		error_print();
+		return -1;
+	}
+	if (memcmp(&key_, &key, sizeof(SM2_KEY)) != 0) {
+		error_print();
+		return -1;
+	}
+	return 1;
+}
+
+static int test_sm2_key_share(void)
+{
+	if (test_sm2_key_share_args(1, 1) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(1, 3) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(2, 3) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(3, 5) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(4, 5) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(5, 5) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(11, 12) != 1) { error_print(); return -1; }
+	if (test_sm2_key_share_args(12, 12) != 1) { error_print(); return -1; }
+	return 1;
+}
+
+static int test_sm2_key_share_file(void)
+{
+	SM2_KEY key;
+	SM2_KEY_SHARE shares[SM2_KEY_MAX_SHARES];
+
+	if (sm2_key_generate(&key) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_key_split(&key, 2, 3, shares) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_key_share_encrypt_to_file(&shares[0], "123456", "sm2key") != 1
+		|| sm2_key_share_encrypt_to_file(&shares[1], "123456", "sm2key") != 1
+		|| sm2_key_share_encrypt_to_file(&shares[2], "123456", "sm2key") != 1) {
+		error_print();
+		return -1;
+	}
+	return 1;
+}
+
+int main(void)
+{
+	return 0;
+}

tests/sm2_recovertest.c

@@ -0,0 +1,44 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_recover.h>
+#include <gmssl/error.h>
+
+
+static int test_sm2_signature_to_public_key_points(void)
+{
+	SM2_KEY key;
+	uint8_t dgst[32] = {1,2,3,4};
+	SM2_SIGNATURE sig;
+	SM2_POINT points[4];
+	size_t points_cnt, i;
+
+	sm2_key_generate(&key);
+	sm2_do_sign(&key, dgst, &sig);
+	sm2_signature_to_public_key_points(&sig, dgst, points, &points_cnt);
+
+	for (i = 0; i < points_cnt; i++) {
+		int vr;
+		sm2_point_print(stderr, 0, 0, "point", &points[i]);
+		vr = sm2_do_verify((SM2_KEY *)&points[1], dgst, &sig);
+		printf("verify = %d\n", vr);
+	}
+	return 1;
+}
+
+int main(void)
+{
+	if (test_sm2_signature_to_public_key_points() != 1) { error_print(); return -1; }
+	return 0;
+}

tests/sm2_ringtest.c

@@ -0,0 +1,174 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <gmssl/sm2.h>
+#include <gmssl/sm2_ring.h>
+#include <gmssl/error.h>
+
+
+static int test_sm2_ring_do_sign(void)
+{
+	SM2_KEY sign_key;
+	SM2_POINT public_keys[5];
+	size_t public_keys_count = sizeof(public_keys)/sizeof(public_keys[0]);
+	size_t sign_index, i;
+	uint8_t dgst[32];
+	uint8_t r[32];
+	uint8_t s[sizeof(public_keys)/sizeof(public_keys[0])][32];
+
+	for (sign_index = 0; sign_index < 5; sign_index++) {
+
+		for (i = 0; i < public_keys_count; i++) {
+			SM2_KEY key;
+			sm2_key_generate(&key);
+			memcpy(&public_keys[i], &(key.public_key), sizeof(SM2_POINT));
+
+			if (i == sign_index) {
+				memcpy(&sign_key, &key, sizeof(SM2_KEY));
+			}
+		}
+		if (sm2_ring_do_sign(&sign_key, public_keys, public_keys_count, dgst, r, s) != 1) {
+			error_print();
+			return -1;
+		}
+		if (sm2_ring_do_verify(public_keys, public_keys_count, dgst, r, s) != 1) {
+			error_print();
+			return -1;
+		}
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+static int test_sm2_ring_sign(void)
+{
+	SM2_KEY sign_key;
+	SM2_POINT public_keys[5];
+	size_t public_keys_count = sizeof(public_keys)/sizeof(public_keys[0]);
+	size_t sign_index = 2, i;
+	uint8_t dgst[32];
+	uint8_t sig[9 + (2 + 33) * (1 + sizeof(public_keys)/sizeof(public_keys[0]))];
+	size_t siglen = 0;
+
+	for (i = 0; i < public_keys_count; i++) {
+		SM2_KEY key;
+		sm2_key_generate(&key);
+		memcpy(&public_keys[i], &(key.public_key), sizeof(SM2_POINT));
+
+		if (i == sign_index) {
+			memcpy(&sign_key, &key, sizeof(SM2_KEY));
+		}
+	}
+	if (sm2_ring_sign(&sign_key, public_keys, public_keys_count, dgst, sig, &siglen) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_ring_verify(public_keys, 5, dgst, sig, siglen) != 1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+static int test_sm2_ring_sign_crosscheck(void)
+{
+	SM2_KEY sign_key;
+	SM2_POINT public_key;
+	uint8_t dgst[32];
+	uint8_t sig[SM2_MAX_SIGNATURE_SIZE];
+	size_t siglen = 0;
+
+	sm2_key_generate(&sign_key);
+	public_key = sign_key.public_key;
+
+	if (sm2_ring_sign(&sign_key, &public_key, 1, dgst, sig, &siglen) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_ring_verify(&public_key, 1, dgst, sig, siglen) != 1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+static int test_sm2_ring_sign_update(void)
+{
+	SM2_KEY keys[5];
+	SM2_RING_SIGN_CTX sign_ctx;
+	SM2_RING_SIGN_CTX verify_ctx;
+	size_t public_keys_count = sizeof(keys)/sizeof(keys[0]);
+	char *id = "Alice";
+	uint8_t msg[128] = {0};
+	uint8_t sig[9 + (2 + 33) * (1 + sizeof(keys)/sizeof(keys[0]))];
+	size_t siglen = 0;
+	size_t i;
+
+	for (i = 0; i < public_keys_count; i++) {
+		sm2_key_generate(&keys[i]);
+	}
+
+	if (sm2_ring_sign_init(&sign_ctx, &keys[0], id, strlen(id)) != 1) {
+		error_print();
+		return -1;
+	}
+	for (i = 1; i < public_keys_count; i++) {
+		if (sm2_ring_sign_add_signer(&sign_ctx, &keys[i]) != 1) {
+			error_print();
+			return -1;
+		}
+	}
+	if (sm2_ring_sign_update(&sign_ctx, msg, 32) != 1
+		|| sm2_ring_sign_update(&sign_ctx, msg + 32, 32) != 1
+		|| sm2_ring_sign_update(&sign_ctx, msg + 64, 64) != 1
+		|| sm2_ring_sign_finish(&sign_ctx, sig, &siglen) != 1) {
+		error_print();
+		return -1;
+	}
+
+	if (sm2_ring_verify_init(&verify_ctx, id, strlen(id)) != 1) {
+		error_print();
+		return -1;
+	}
+	for (i = 0; i < public_keys_count; i++) {
+		if (sm2_ring_verify_add_signer(&verify_ctx, &keys[i]) != 1) {
+			error_print();
+			return -1;
+		}
+	}
+	if (sm2_ring_verify_update(&verify_ctx, msg, sizeof(msg)) != 1) {
+		error_print();
+		return -1;
+	}
+	if (sm2_ring_verify_finish(&verify_ctx, sig, siglen) != 1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
+int main(void)
+{
+	if (test_sm2_ring_do_sign() != 1) { error_print(); return -1; }
+	if (test_sm2_ring_sign() != 1) { error_print(); return -1; }
+	if (test_sm2_ring_sign_crosscheck() != 1) { error_print(); return -1; }
+	if (test_sm2_ring_sign_update() != 1) { error_print(); return -1; }
+	return 0;
+}