abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 08:56:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

update gmapi

Browse Source
This commit is contained in:
Zhi Guan
2017-02-26 16:37:23 +08:00
parent c4cb37250f
commit df18c19abc
21 changed files with 1657 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/objects/objects.txt
View File

@@ -1611,5 +1611,3 @@ ibcs1 3 4 : r-ate-pairing
sm-scheme 1000 : cpk
sm-scheme 1001 : paillier

1
crypto/saf/saf_app.c
View File

@@ -98,6 +98,7 @@ int SAF_Finalize(
if (app->engine) {
ENGINE_finish(app->engine);
ENGINE_free(app->engine);
}
OPENSSL_free(app);

302
crypto/saf/saf_cert.c
View File

@@ -54,7 +54,7 @@
#include <openssl/conf.h>
#include <openssl/gmsaf.h>
#include "saf_lcl.h"
#include "../../apps/apps.h"
/* 7.2.2 */
int SAF_AddTrustedRootCaCertificate(
@@ -62,7 +62,42 @@ int SAF_AddTrustedRootCaCertificate(
unsigned char *pucCertificate,
unsigned int uiCertificateLen)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
X509 *x509 = NULL;
BIO *bio = NULL;
if (!hAppHandle || !pucCertificate) {
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (uiCertificateLen <= 0 || uiCertificateLen > INT_MAX) {
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, SAF_R_INVALID_INPUT_LENGTH);
return SAR_IndataLenErr;
}
if (!(bio = BIO_new_file(app->rootcacerts, "a"))) {
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_BIO_LIB);
goto end;
}
if (!(x509 = d2i_X509(NULL, &pucCertificate, uiCertificateLen))) {
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!PEM_write_bio_X509(bio, x509)) {
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_PEM_LIB);
goto end;
}
ret = SAR_Ok;
end:
X509_free(x509);
BIO_free(bio);
return ret;
}
/* 7.2.3 */
@@ -70,8 +105,26 @@ int SAF_GetRootCaCertificateCount(
void *hAppHandle,
unsigned int *puiCount)
{
*puiCount = 0;
return SAR_Ok;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
if (!hAppHandle || !puiCount) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATECOUNT, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL, "root ca certificates")) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATECOUNT, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
*puiCount = sk_X509_num(certs);
ret = SAR_Ok;
end:
sk_X509_free(certs);
return ret;
}
/* 7.2.4 */
@@ -81,7 +134,44 @@ int SAF_GetRootCaCertificate(
unsigned char *pucCertificate,
unsigned int *puiCertificateLen)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
X509 *x509;
int len;
if (!hAppHandle || !pucCertificate || !puiCertificateLen) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL,
"root ca certificates")) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!(x509 = sk_X509_value(certs, uiIndex))) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_INVALID_INDEX);
goto end;
}
if (*puiCertificateLen < i2d_X509(x509, NULL)) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_BUFFER_TOO_SMALL);
ret = SAR_IndataLenErr;
goto end;
}
if ((len = i2d_X509(x509, pucCertificate)) <= 0) {
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, ERR_R_X509_LIB);
goto end;
}
*puiCertificateLen = len;
ret = SAR_Ok;
end:
sk_X509_free(certs);
return ret;
}
/* 7.2.5 */
@@ -89,16 +179,91 @@ int SAF_RemoveRootCaCertificate(
void *hAppHandle,
unsigned int uiIndex)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
X509 *x509 = NULL;
BIO *bio = NULL;
int i, err = 0;
if (!hAppHandle) {
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL, "root ca certificates")) {
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!(bio = BIO_new_file(app->rootcacerts, "w"))) {
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_BIO_LIB);
goto end;
}
if (!(x509 = sk_X509_delete(certs, uiIndex))) {
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, SAF_R_INVALID_INDEX);
goto end;
}
for (i = 0; i < sk_X509_num(certs); i++) {
if (!PEM_write_bio_X509(bio, sk_X509_value(certs, i))) {
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_PEM_LIB);
err++;
}
}
ret = SAR_Ok;
end:
X509_free(x509);
sk_X509_free(certs);
BIO_free(bio);
return ret;
}
/* 7.2.6 */
int SAF_AddCaCertificate(
void *hAppHandle,
unsigned char *pucCertificate,
unsigned int *puiCertificateLen)
unsigned int uiCertificateLen)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
X509 *x509 = NULL;
BIO *bio = NULL;
if (!hAppHandle || !pucCertificate) {
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (uiCertificateLen <= 0 || uiCertificateLen > INT_MAX) {
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, SAF_R_INVALID_INPUT_LENGTH);
return SAR_IndataLenErr;
}
if (!(bio = BIO_new_file(app->cacerts, "a"))) {
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_BIO_LIB);
goto end;
}
if (!(x509 = d2i_X509(NULL, &pucCertificate, uiCertificateLen))) {
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!PEM_write_bio_X509(bio, x509)) {
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_PEM_LIB);
goto end;
}
ret = SAR_Ok;
end:
X509_free(x509);
BIO_free(bio);
return ret;
}
/* 7.2.7 */
@@ -106,7 +271,26 @@ int SAF_GetCaCertificateCount(
void *hAppHandle,
unsigned int *puiCount)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
if (!hAppHandle || !puiCount) {
SAFerr(SAF_F_SAF_GETCACERTIFICATECOUNT, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
SAFerr(SAF_F_SAF_GETCACERTIFICATECOUNT, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
*puiCount = sk_X509_num(certs);
ret = SAR_Ok;
end:
sk_X509_free(certs);
return ret;
}
/* 7.2.8 */
@@ -116,7 +300,43 @@ int SAF_GetCaCertificate(
unsigned char *pucCertificate,
unsigned int *puiCertificateLen)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
X509 *x509;
int len;
if (!hAppHandle || !pucCertificate || !puiCertificateLen) {
SAFerr(SAF_F_SAF_GETCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!(x509 = sk_X509_value(certs, uiIndex))) {
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_INVALID_INDEX);
goto end;
}
if (*puiCertificateLen < i2d_X509(x509, NULL)) {
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_BUFFER_TOO_SMALL);
ret = SAR_IndataLenErr;
goto end;
}
if ((len = i2d_X509(x509, pucCertificate)) <= 0) {
SAFerr(SAF_F_SAF_GETCACERTIFICATE, ERR_R_X509_LIB);
goto end;
}
*puiCertificateLen = len;
ret = SAR_Ok;
end:
sk_X509_free(certs);
return ret;
}
/* 7.2.9 */
@@ -124,7 +344,47 @@ int SAF_RemoveCaCertificate(
void *hAppHandle,
unsigned int uiIndex)
{
return SAR_NotSupportYetErr;
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
STACK_OF(X509) *certs = NULL;
X509 *x509 = NULL;
BIO *bio = NULL;
int i, err = 0;
if (!hAppHandle) {
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
goto end;
}
if (!(bio = BIO_new_file(app->rootcacerts, "w"))) {
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_BIO_LIB);
goto end;
}
if (!(x509 = sk_X509_delete(certs, uiIndex))) {
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, SAF_R_INVALID_INDEX);
goto end;
}
for (i = 0; i < sk_X509_num(certs); i++) {
if (!PEM_write_bio_X509(bio, sk_X509_value(certs, i))) {
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_PEM_LIB);
err++;
}
}
ret = SAR_Ok;
end:
X509_free(x509);
sk_X509_free(certs);
BIO_free(bio);
return ret;
}
/* 7.2.10 */
@@ -133,6 +393,8 @@ int SAF_AddCrl(
unsigned char *pucDerCrl,
unsigned int uiDerCrlLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -142,6 +404,8 @@ int SAF_VerifyCertificate(
unsigned char *pucUsrCertificate,
unsigned int uiUsrCertificateLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -153,6 +417,8 @@ int SAF_VerifyCertificateByCrl(
unsigned char *pucDerCrl,
unsigned int uiDerCrlLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -179,6 +445,8 @@ int SAF_GetCertFromLdap(
unsigned char *pucOutCert,
unsigned int *puiOutCertLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -204,6 +472,8 @@ int SAF_GetCertificateInfo(
unsigned char *pucInfo,
unsigned int *puiInfoLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -218,6 +488,8 @@ int SAF_GetExtTypeInfo(
unsigned char *pucInfo,
unsigned int *puiInfoLen)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -226,6 +498,8 @@ int SAF_EnumCertificates(
void *hAppHandle,
SGD_USR_CERT_ENUMLIST *usrCerts)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -234,6 +508,8 @@ int SAF_EnumKeyContainerInfo(
void *hAppHandle,
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -242,6 +518,8 @@ int SAF_EnumCertificatesFree(
void *hAppHandle,
SGD_USR_CERT_ENUMLIST *usrCerts)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}
@@ -250,5 +528,7 @@ int SAF_EnumKeyContainerInfoFree(
void *hAppHandle,
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo)
{
int ret = SAR_UnknownErr;
SAF_APP *app = (SAF_APP *)hAppHandle;
return SAR_NotSupportYetErr;
}

24
crypto/saf/saf_err.c
View File

@@ -19,6 +19,9 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SAF,0,reason)
static ERR_STRING_DATA SAF_str_functs[] = {
{ERR_FUNC(SAF_F_SAF_ADDCACERTIFICATE), "SAF_AddCaCertificate"},
{ERR_FUNC(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE),
"SAF_AddTrustedRootCaCertificate"},
{ERR_FUNC(SAF_F_SAF_BASE64_CREATEBASE64OBJ),
"SAF_Base64_CreateBase64Obj"},
{ERR_FUNC(SAF_F_SAF_BASE64_DECODE), "SAF_Base64_Decode"},
@@ -28,7 +31,9 @@ static ERR_STRING_DATA SAF_str_functs[] = {
{ERR_FUNC(SAF_F_SAF_BASE64_ENCODEFINAL), "SAF_Base64_EncodeFinal"},
{ERR_FUNC(SAF_F_SAF_BASE64_ENCODEUPDATE), "SAF_Base64_EncodeUpdate"},
{ERR_FUNC(SAF_F_SAF_CHANGEPIN), "SAF_ChangePin"},
{ERR_FUNC(SAF_F_SAF_CREATEHASHOBJ), "SAF_CreateHashObj"},
{ERR_FUNC(SAF_F_SAF_CREATESYMMKEYOBJ), "SAF_CreateSymmKeyObj"},
{ERR_FUNC(SAF_F_SAF_DESTROYHASHOBJ), "SAF_DestroyHashObj"},
{ERR_FUNC(SAF_F_SAF_ECCPUBLICKEYENC), "SAF_EccPublicKeyEnc"},
{ERR_FUNC(SAF_F_SAF_ECCPUBLICKEYENCBYCERT), "SAF_EccPublicKeyEncByCert"},
{ERR_FUNC(SAF_F_SAF_ECCSIGN), "SAF_EccSign"},
@@ -38,23 +43,35 @@ static ERR_STRING_DATA SAF_str_functs[] = {
{ERR_FUNC(SAF_F_SAF_GENERATEKEYWITHEPK), "SAF_GenerateKeyWithEPK"},
{ERR_FUNC(SAF_F_SAF_GENRANDOM), "SAF_GenRandom"},
{ERR_FUNC(SAF_F_SAF_GENRSAKEYPAIR), "SAF_GenRsaKeyPair"},
{ERR_FUNC(SAF_F_SAF_GETCACERTIFICATE), "SAF_GetCaCertificate"},
{ERR_FUNC(SAF_F_SAF_GETCACERTIFICATECOUNT), "SAF_GetCaCertificateCount"},
{ERR_FUNC(SAF_F_SAF_GETECCPUBLICKEY), "SAF_GetEccPublicKey"},
{ERR_FUNC(SAF_F_SAF_GETROOTCACERTIFICATE), "SAF_GetRootCaCertificate"},
{ERR_FUNC(SAF_F_SAF_GETROOTCACERTIFICATECOUNT),
"SAF_GetRootCaCertificateCount"},
{ERR_FUNC(SAF_F_SAF_GETRSAPUBLICKEY), "SAF_GetRsaPublicKey"},
{ERR_FUNC(SAF_F_SAF_GETVERSION), "SAF_GetVersion"},
{ERR_FUNC(SAF_F_SAF_IMPORTENCEDKEY), "SAF_ImportEncedKey"},
{ERR_FUNC(SAF_F_SAF_HASH), "SAF_Hash"},
{ERR_FUNC(SAF_F_SAF_HASHFINAL), "SAF_HashFinal"},
{ERR_FUNC(SAF_F_SAF_HASHUPDATE), "SAF_HashUpdate"},
{ERR_FUNC(SAF_F_SAF_INITIALIZE), "SAF_Initialize"},
{ERR_FUNC(SAF_F_SAF_KEY_NEW), "SAF_KEY_new"},
{ERR_FUNC(SAF_F_SAF_LOGIN), "SAF_Login"},
{ERR_FUNC(SAF_F_SAF_LOGOUT), "SAF_Logout"},
{ERR_FUNC(SAF_F_SAF_MACFINAL), "SAF_MacFinal"},
{ERR_FUNC(SAF_F_SAF_MACUPDATE), "SAF_MacUpdate"},
{ERR_FUNC(SAF_F_SAF_PKCS7_ENCODEENVELOPEDDATA),
"SAF_Pkcs7_EncodeEnvelopedData"},
{ERR_FUNC(SAF_F_SAF_REMOVECACERTIFICATE), "SAF_RemoveCaCertificate"},
{ERR_FUNC(SAF_F_SAF_REMOVEROOTCACERTIFICATE),
"SAF_RemoveRootCaCertificate"},
{ERR_FUNC(SAF_F_SAF_RSASIGN), "SAF_RsaSign"},
{ERR_FUNC(SAF_F_SAF_RSAVERIFYSIGN), "SAF_RsaVerifySign"},
{ERR_FUNC(SAF_F_SAF_SYMMDECRYPTFINAL), "SAF_SymmDecryptFinal"},
{ERR_FUNC(SAF_F_SAF_SYMMDECRYPTUPDATE), "SAF_SymmDecryptUpdate"},
{ERR_FUNC(SAF_F_SAF_SYMMENCRYPTFINAL), "SAF_SymmEncryptFinal"},
{ERR_FUNC(SAF_F_SAF_SYMMENCRYPTUPDATE), "SAF_SymmEncryptUpdate"},
{ERR_FUNC(SAF_F_SAF_SYMMKEYOBJ_DUP), "SAF_SYMMKEYOBJ_dup"},
{ERR_FUNC(SAF_F_SAF_VERIFYSIGNBYCERT), "SAF_VerifySignByCert"},
{0, NULL}
};
@@ -65,18 +82,19 @@ static ERR_STRING_DATA SAF_str_reasons[] = {
{ERR_REASON(SAF_R_DECRYPT_NOT_INITIALIZED), "decrypt not initialized"},
{ERR_REASON(SAF_R_ENCRYPT_KEY_FAILURE), "encrypt key failure"},
{ERR_REASON(SAF_R_ENCRYPT_NOT_INITIALIED), "encrypt not initialied"},
{ERR_REASON(SAF_R_GEN_RANDOM), "gen random"},
{ERR_REASON(SAF_R_GEN_RANDOM_FAILURE), "gen random failure"},
{ERR_REASON(SAF_R_INT_OVERFLOW), "int overflow"},
{ERR_REASON(SAF_R_INVALID_ALGOR), "invalid algor"},
{ERR_REASON(SAF_R_INVALID_CERTIFICATE), "invalid certificate"},
{ERR_REASON(SAF_R_INVALID_CONTEXT), "invalid context"},
{ERR_REASON(SAF_R_INVALID_HANDLE), "invalid handle"},
{ERR_REASON(SAF_R_INVALID_INDEX), "invalid index"},
{ERR_REASON(SAF_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(SAF_R_INVALID_KEY_HANDLE), "invalid key handle"},
{ERR_REASON(SAF_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_REASON(SAF_R_INVALID_KEY_USAGE), "invalid key usage"},
{ERR_REASON(SAF_R_INVALID_LENGTH), "invalid length"},
{ERR_REASON(SAF_R_INVALID_PUBLIC_KEY), "invalid public key"},
{ERR_REASON(SAF_R_LOAD_CERTS_FAILURE), "load certs failure"},
{ERR_REASON(SAF_R_MAC_FAILURE), "mac failure"},
{ERR_REASON(SAF_R_NOT_SUPPORTED), "not supported"},
{ERR_REASON(SAF_R_OPERATION_NOT_INITIALIZED),

141
crypto/saf/saf_hash.c
View File

@@ -52,6 +52,7 @@
#include <stdlib.h>
#include <openssl/evp.h>
#include <openssl/gmsaf.h>
#include <openssl/gmapi.h>
#include "saf_lcl.h"
/* 7.3.12 */
@@ -60,31 +61,84 @@ int SAF_CreateHashObj(void **phHashObj,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pucID,
unsigned int ulIDLen)
unsigned int uiIDLen)
{
int ret = SAR_UnknownErr;
const EVP_MD *md;
EVP_MD_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
if (!phHashObj) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (!(md = EVP_get_digestbysgd(uiAlgoType))) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, SAF_R_INVALID_ALGOR);
return SAR_AlgoTypeErr;
}
if (!(ctx = EVP_MD_CTX_new())) {
return 0;
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EVP_DigestInit(ctx, md)) {
return 0;
/* limitation of the SAF hashing:
* can not specify an engine, only use the default implementation
*/
if (!EVP_DigestInit_ex(ctx, md, NULL)) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_EVP_LIB);
goto end;
}
if (pucPublicKey) {
unsigned char dgst[EVP_MAX_MD_SIZE];
size_t dgstlen = sizeof(dgst);
if (!pucID) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_PASSED_NULL_PARAMETER);
ret = SAR_IndataErr;
goto end;
}
if (uiIDLen <= 0 || uiIDLen > SM2_MAX_ID_LENGTH
|| strlen((char *)pucID) != uiIDLen
|| uiPublicKeyLen <= 0 || uiPublicKeyLen > INT_MAX) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, SAF_R_INVALID_INPUT_LENGTH);
ret = SAR_IndataLenErr;
goto end;
}
if (!(pkey = d2i_PUBKEY(NULL, (const unsigned char **)&pucPublicKey, (long)uiPublicKeyLen))
|| EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, SAF_R_INVALID_PUBLIC_KEY);
ret = SAR_IndataErr;
goto end;
}
if (!SM2_compute_id_digest(md, (char *)pucID, uiIDLen, dgst, &dgstlen,
EVP_PKEY_get0_EC_KEY(pkey))) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_EC_LIB);
goto end;
}
if (!EVP_DigestUpdate(ctx, dgst, dgstlen)) {
SAFerr(SAF_F_SAF_CREATEHASHOBJ, ERR_R_EVP_LIB);
goto end;
}
}
*phHashObj = ctx;
ctx = NULL;
ret = SAR_Ok;
end:
if (ret != SAR_Ok) {
EVP_MD_CTX_free(ctx);
*phHashObj = NULL;
}
EVP_MD_CTX_free(ctx);
EVP_PKEY_free(pkey);
return ret;
}
@@ -92,6 +146,10 @@ end:
int SAF_DestroyHashObj(
void *phHashObj)
{
if (!phHashObj) {
SAFerr(SAF_F_SAF_DESTROYHASHOBJ, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
EVP_MD_CTX_free((EVP_MD_CTX *)phHashObj);
return SAR_Ok;
}
@@ -102,9 +160,21 @@ int SAF_HashUpdate(
const unsigned char *pucInData,
unsigned int uiInDataLen)
{
if (!EVP_DigestUpdate((EVP_MD_CTX *)phHashObj, pucInData, (size_t)uiInDataLen)) {
if (!phHashObj || pucInData) {
SAFerr(SAF_F_SAF_HASHUPDATE, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (uiInDataLen <= 0 || uiInDataLen > INT_MAX) {
SAFerr(SAF_F_SAF_HASHUPDATE, SAF_R_INVALID_INPUT_LENGTH);
return SAR_IndataLenErr;
}
if (!EVP_DigestUpdate((EVP_MD_CTX *)phHashObj, pucInData, uiInDataLen)) {
SAFerr(SAF_F_SAF_HASHUPDATE, ERR_R_EVP_LIB);
return SAR_HashErr;
}
return SAR_Ok;
}
@@ -113,9 +183,21 @@ int SAF_HashFinal(void *phHashObj,
unsigned char *pucOutData,
unsigned int *uiOutDataLen)
{
if (!EVP_DigestFinal((EVP_MD_CTX *)phHashObj, pucOutData, uiOutDataLen)) {
if (!phHashObj || !pucOutData || !uiOutDataLen) {
SAFerr(SAF_F_SAF_HASHFINAL, ERR_R_PASSED_NULL_PARAMETER);
return SAR_IndataErr;
}
if (*uiOutDataLen < EVP_MAX_MD_SIZE) {
SAFerr(SAF_F_SAF_HASHFINAL, SAF_R_BUFFER_TOO_SMALL);
return SAR_IndataLenErr;
}
if (!EVP_DigestFinal_ex((EVP_MD_CTX *)phHashObj, pucOutData, uiOutDataLen)) {
SAFerr(SAF_F_SAF_HASHFINAL, ERR_R_EVP_LIB);
return SAR_HashErr;
}
return SAR_Ok;
}
@@ -127,21 +209,50 @@ int SAF_Hash(
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pubID,
unsigned int ulIDLen,
unsigned int uiIDLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen)
{
const EVP_MD *md;
size_t siz;
int ret;
void *hHashObj = NULL;
if (!(md = EVP_get_digestbysgd(uiAlgoType))) {
return SAR_AlgoTypeErr;
if ((ret = SAF_CreateHashObj(
&hHashObj,
uiAlgoType,
pucPublicKey,
uiPublicKeyLen,
pubID,
uiIDLen)) != SAR_Ok) {
SAFerr(SAF_F_SAF_HASH, ERR_R_SAF_LIB);
return ret;
}
siz = (size_t)uiInDataLen;
if (!EVP_Digest(pucInData, siz, pucOutData, puiOutDataLen, md, NULL)) {
return SAR_HashErr;
if ((ret = SAF_HashUpdate(
hHashObj,
pucInData,
uiInDataLen)) != SAR_Ok) {
SAFerr(SAF_F_SAF_HASH, ERR_R_SAF_LIB);
goto err;
}
if ((ret = SAF_HashFinal(
hHashObj,
pucOutData,
puiOutDataLen)) != SAR_Ok) {
SAFerr(SAF_F_SAF_HASH, ERR_R_SAF_LIB);
goto err;
}
if ((ret = SAF_DestroyHashObj(
hHashObj)) != SAR_Ok) {
SAFerr(SAF_F_SAF_HASH, ERR_R_SAF_LIB);
return ret;
}
return SAR_Ok;
err:
/* keep the first error */
(void)SAF_DestroyHashObj(hHashObj);
return ret;
}

121
crypto/saf/saf_keyhandle.c
View File

@@ -51,6 +51,7 @@
#include <openssl/evp.h>
#include <openssl/gmsaf.h>
#include <openssl/gmapi.h>
#include <openssl/crypto.h>
#include "saf_lcl.h"
/* 7.3.31 */
@@ -82,26 +83,6 @@ int SAF_GenerateKeyWithEPK(
return SAR_IndataLenErr;
}
/*
65 typedef struct {
66 SAF_APP *app;
67 unsigned char *pucContainerName;
68 unsigned int uiContainerLen;
69 unsigned char *pucIV;
70 unsigned int uiIVLen;
71 unsigned int uiEncOrDec;
72 unsigned int uiCryptoAlgID;
73 } SAF_SYMMKEYOBJ;
74
75 typedef struct {
76 SAF_SYMMKEYOBJ *hSymmKeyObj;
77 unsigned char key[64];
78 int keylen;
79 EVP_CIPHER_CTX *cipher_ctx;
80 CMAC_CTX *cmac_ctx;
81 } SAF_KEY;
*/
outlen = (size_t)*puiSymmKeyLen;
if (!(cipher = EVP_get_cipherbysgd(obj->uiCryptoAlgID))
|| !RAND_bytes(keybuf, EVP_CIPHER_key_length(cipher))
@@ -128,6 +109,87 @@ end:
return ret;
}
/*
65 typedef struct {
66 SAF_APP *app;
67 unsigned char *pucContainerName;
68 unsigned int uiContainerLen;
69 unsigned char *pucIV;
70 unsigned int uiIVLen;
71 unsigned int uiEncOrDec;
72 unsigned int uiCryptoAlgID;
73 } SAF_SYMMKEYOBJ;
74
75 typedef struct {
76 SAF_SYMMKEYOBJ *hSymmKeyObj;
77 unsigned char key[64];
78 int keylen;
79 EVP_CIPHER_CTX *cipher_ctx;
80 CMAC_CTX *cmac_ctx;
81 } SAF_KEY;
*/
SAF_KEY *SAF_KEY_new(const SAF_SYMMKEYOBJ *hSymmKeyObj)
{
SAF_KEY *ret = NULL;
SAF_KEY *key = NULL;
if (!(key = OPENSSL_zalloc(sizeof(*key)))
|| !(key->hSymmKeyObj = SAF_SYMMKEYOBJ_dup(hSymmKeyObj))) {
SAFerr(SAF_F_SAF_KEY_NEW, ERR_R_MALLOC_FAILURE);
goto end;
}
ret = key;
key = NULL;
end:
SAF_KEY_free(key);
return ret;
}
void SAF_KEY_free(SAF_KEY *key)
{
if (key) {
SAF_SYMMKEYOBJ_free(key->hSymmKeyObj);
}
OPENSSL_clear_free(key, sizeof(*key));
}
SAF_SYMMKEYOBJ *SAF_SYMMKEYOBJ_dup(const SAF_SYMMKEYOBJ *a)
{
SAF_SYMMKEYOBJ *ret = NULL;
SAF_SYMMKEYOBJ *obj = NULL;
if (!(obj = OPENSSL_zalloc(sizeof(*obj)))
|| !(obj->pucContainerName = OPENSSL_memdup(a->pucContainerName, a->uiContainerLen))
|| !(obj->pucIV = OPENSSL_memdup(a->pucIV, a->uiIVLen))) {
SAFerr(SAF_F_SAF_SYMMKEYOBJ_DUP, ERR_R_MALLOC_FAILURE);
goto end;
}
obj->uiContainerLen = a->uiContainerLen;
obj->uiIVLen = a->uiIVLen;
obj->uiEncOrDec = a->uiEncOrDec;
obj->uiCryptoAlgID = a->uiCryptoAlgID;
ret = obj;
obj = NULL;
end:
SAF_SYMMKEYOBJ_free(obj);
return ret;
}
void SAF_SYMMKEYOBJ_free(SAF_SYMMKEYOBJ *obj)
{
if (obj) {
OPENSSL_free(obj->pucContainerName);
OPENSSL_free(obj->pucIV);
OPENSSL_free(obj);
}
}
/* 7.3.32 */
int SAF_ImportEncedKey(
void *hSymmKeyObj,
@@ -135,8 +197,23 @@ int SAF_ImportEncedKey(
unsigned int uiSymmKeyLen,
void **phKeyHandle)
{
SAFerr(SAF_F_SAF_IMPORTENCEDKEY, SAF_R_NOT_SUPPORTED);
return SAR_NotSupportYetErr;
SAF_KEY *hkey = NULL;
SAF_SYMMKEYOBJ *hobj = (SAF_SYMMKEYOBJ *)hSymmKeyObj;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = NULL;
char key_id[1024];
snprintf(key_id, sizeof(key_id), "%s.enc", hobj->pucContainerName);
if (!(pkey = ENGINE_load_private_key(hobj->app->engine, key_id, NULL, NULL))
|| !(pctx = EVP_PKEY_CTX_new(pkey, hobj->app->engine))
|| EVP_PKEY_decrypt_init(pctx) <= 0
|| EVP_PKEY_decrypt(pctx, hkey->key, &hkey->keylen, pucSymmKey, uiSymmKeyLen) <= 0) {
goto end;
}
end:
return 0;
}
/* 7.3.37 */

5
crypto/saf/saf_lcl.h
View File

@@ -55,6 +55,8 @@
typedef struct saf_app_st {
ENGINE *engine;
char *rootcacerts;
char *cacerts;
} SAF_APP;
typedef struct {
@@ -80,5 +82,8 @@ typedef struct {
CMAC_CTX *cmac_ctx;
} SAF_KEY;
SAF_KEY *SAF_KEY_new(const SAF_SYMMKEYOBJ *obj);
void SAF_KEY_free(SAF_KEY *key);
SAF_SYMMKEYOBJ *SAF_SYMMKEYOBJ_dup(const SAF_SYMMKEYOBJ *a);
void SAF_SYMMKEYOBJ_free(SAF_SYMMKEYOBJ *a);

2
crypto/sdf/sdf_meth.c
View File

@@ -56,8 +56,6 @@ SDF_METHOD *SDF_METHOD_load_library(const char *so_path)
SDF_METHOD *ret = NULL;
SDF_METHOD *sdf = NULL;
DSO *dso = NULL;
void *func;
int i;
if (!(dso = DSO_load(NULL, so_path, NULL, 0))) {
goto end;

1
crypto/skf/skf_lib.c
View File

@@ -67,6 +67,7 @@ ULONG SKF_LoadLibrary(const char *so_path)
ULONG SKF_UnloadLibrary(void)
{
skf_method = NULL;
return 0;
}

149
crypto/sms4/sms4_enc_avx2.c Normal file
View File

@@ -0,0 +1,149 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <immintrin.h>
#include <openssl/sms4.h>
#include "sms4_lcl.h"
static __m256i mask_ffff;
static __m256i vindex_0s;
static __m256i vindex_4i;
static __m256i vindex_swap;
static __m256i vindex_read;
void sms4_avx2_encrypt_init(sms4_key_t *key)
{
mask_ffff = _mm256_set1_epi32(0xffff);
vindex_0s = _mm256_set1_epi32(0);
vindex_4i = _mm256_setr_epi32(0,4,8,12,16,20,24,28);
vindex_read = _mm256_setr_epi32(0,8,16,24,1,9,17,25);
vindex_swap = _mm256_setr_epi8(
3,2,1,0,7,6,5,4,11,10,9,8,15,14,13,12,
3,2,1,0,7,6,5,4,11,10,9,8,15,14,13,12
);
sms4_init_sbox32();
}
#define GET_BLKS(x0, x1, x2, x3, in) \
t0 = _mm256_i32gather_epi32((int *)(in+4*0), vindex_4i, 4); \
t1 = _mm256_i32gather_epi32((int *)(in+4*1), vindex_4i, 4); \
t2 = _mm256_i32gather_epi32((int *)(in+4*2), vindex_4i, 4); \
t3 = _mm256_i32gather_epi32((int *)(in+4*3), vindex_4i, 4); \
x0 = _mm256_shuffle_epi8(t0, vindex_swap); \
x1 = _mm256_shuffle_epi8(t1, vindex_swap); \
x2 = _mm256_shuffle_epi8(t2, vindex_swap); \
x3 = _mm256_shuffle_epi8(t3, vindex_swap)
#define PUT_BLKS(out, x0, x1, x2, x3) \
t0 = _mm256_shuffle_epi8(x0, vindex_swap); \
t1 = _mm256_shuffle_epi8(x1, vindex_swap); \
t2 = _mm256_shuffle_epi8(x2, vindex_swap); \
t3 = _mm256_shuffle_epi8(x3, vindex_swap); \
_mm256_storeu_si256((__m256i *)(out+32*0), t0); \
_mm256_storeu_si256((__m256i *)(out+32*1), t1); \
_mm256_storeu_si256((__m256i *)(out+32*2), t2); \
_mm256_storeu_si256((__m256i *)(out+32*3), t3); \
x0 = _mm256_i32gather_epi32((int *)(in+32*0), vindex_read, 4); \
x1 = _mm256_i32gather_epi32((int *)(in+32*1), vindex_read, 4); \
x2 = _mm256_i32gather_epi32((int *)(in+32*2), vindex_read, 4); \
x3 = _mm256_i32gather_epi32((int *)(in+32*3), vindex_read, 4); \
_mm256_storeu_si256((__m256i *)(out+2*0), x0); \
_mm256_storeu_si256((__m256i *)(out+2*1), x1); \
_mm256_storeu_si256((__m256i *)(out+2*2), x2); \
_mm256_storeu_si256((__m256i *)(out+2*3), x3)
#define S(x0, t0, t1, t2) \
t0 = _mm256_and_si256(x0, mask_ffff); \
t1 = _mm256_i32gather_epi32(SBOX32L, t0, 4); \
t0 = _mm256_srli_epi32(x0, 16); \
t2 = _mm256_i32gather_epi32(SBOX32H, t0, 4); \
x0 = _mm256_xor_si256(t1, t2)
#define ROT(r0, x0, i, t0, t1) \
t0 = _mm256_slli_epi32(x0, i); \
t1 = _mm256_srli_epi32(x0,32-i); \
r0 = _mm256_xor_si256(t0, t1)
#define L(x0, t0, t1, t2, t3, t4) \
ROT(t0, x0, 2, t2, t3); \
ROT(t1, x0, 10, t2, t3); \
t4 = _mm256_xor_si256(t0, t1); \
ROT(t0, x0, 18, t2, t3); \
ROT(t1, x0, 24, t2, t3); \
t3 = _mm256_xor_si256(t0, t1); \
t2 = _mm256_xor_si256(x0, t3); \
x0 = _mm256_xor_si256(t2, t4)
#define ROUND(x0, x1, x2, x3, x4, i) \
t0 = _mm256_i32gather_epi32(rk+i, vindex_0s, 4); \
t1 = _mm256_xor_si256(x1, x2); \
t2 = _mm256_xor_si256(x3, t0); \
t0 = _mm256_xor_si256(t1, t2); \
S(t0, x4, t1, t2); \
L(t0, x4, t1, t2, t3, t4); \
x4 = _mm256_xor_si256(x0, t0);
void sms4_avx2_encrypt_8blocks(const unsigned char *in, unsigned char *out, const sms4_key_t *key)
{
const int *rk = (int *)key->rk;
__m256i x0, x1, x2, x3, x4;
__m256i t0, t1, t2, t3, t4;
GET_BLKS(x0, x1, x2, x3, in);
ROUNDS(x0, x1, x2, x3, x4);
PUT_BLKS(out, x0, x4, x3, x2);
}
void sms4_avx2_encrypt_16blocks(const unsigned char *in, unsigned char *out, const sms4_key_t *key)
{
sms4_encrypt_8blocks(key, in, out);
sms4_encrypt_8blocks(key, in + 16*8, out + 16*8);
}

159
crypto/sms4/sms4_enc_knc.c Normal file
View File

@@ -0,0 +1,159 @@
/* ====================================================================
* Copyright (c) 2014 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdint.h>
#include <zmmintrin.h>
#include <openssl/sms4.h>
#include "sms4_lcl.h"
static __m512i mask_ff00;
static __m512i mask_ffff;
static __m512i mask_ff0000;
static __m512i vindex_0s;
static __m512i vindex_4i;
void sms4_knc_encrypt_init(sms4_key_t *key)
{
uint64_t value[sizeof(__m512i)/sizeof(uint64_t)];
int *p = (int *)value;
for (i = 0; i < 16; i++)
p[i] = 0xff00;
mask_ff00 = _mm512_load_epi32(value);
for (i = 0; i < 16; i++)
p[i] = 0xffff;
mask_ffff = _mm512_load_epi32(value);
for (i = 0; i < 16; i++)
p[i] = 0xff0000;
mask_ff0000 = _mm512_load_epi32(value);
for (i = 0; i < 16; i++)
p[i] = 0;
vindex_0s = _mm512_load_epi32(value);
for (i = 0; i < 16; i++)
p[i] = 4 * i;
vindex_4i = _mm512_load_epi32(value);
sms4_init_sbox32();
}
#define SWAP32(x) \
t0 = _mm512_slli_epi32(x, 24); \
t1 = _mm512_srli_epi32(x, 24); \
t2 = _mm512_or_epi32(t0, t1); \
t0 = _mm512_slli_epi32(x, 8); \
t1 = _mm512_and_epi32(t0, mask_ff0000); \
t0 = _mm512_or_epi32(t2, t1); \
t1 = _mm512_srli_epi32(x, 8); \
t2 = _mm512_and_epi32(t1, mask_ff00); \
x = _mm512_or_epi32(t0, t2)
#define GET_BLKS(x0, x1, x2, x3, in) \
x0 = _mm512_i32gather_epi32(vindex_4i, in+4*0, 4); \
x1 = _mm512_i32gather_epi32(vindex_4i, in+4*1, 4); \
x2 = _mm512_i32gather_epi32(vindex_4i, in+4*2, 4); \
x3 = _mm512_i32gather_epi32(vindex_4i, in+4*3, 4); \
SWAP32(x0); SWAP32(x1); SWAP32(x2); SWAP32(x3)
#define PUT_BLKS(out, x0, x1, x2, x3) \
SWAP32(x0); SWAP32(x1); SWAP32(x2); SWAP32(x3); \
_mm512_i32scatter_epi32(out+4*0, vindex_4i, x0, 4); \
_mm512_i32scatter_epi32(out+4*1, vindex_4i, x1, 4); \
_mm512_i32scatter_epi32(out+4*2, vindex_4i, x2, 4); \
_mm512_i32scatter_epi32(out+4*3, vindex_4i, x3, 4)
#define S(x0, t0, t1, t2) \
t0 = _mm512_and_epi32(x0, mask_ffff); \
t1 = _mm512_i32gather_epi32(t0, SBOX32L, 4); \
t0 = _mm512_srli_epi32(x0, 16); \
t2 = _mm512_i32gather_epi32(t0, SBOX32H, 4); \
x0 = _mm512_xor_epi32(t1, t2)
#define ROT(r0, x0, i, t0, t1) \
t0 = _mm512_slli_epi32(x0, i); \
t1 = _mm512_srli_epi32(x0, 32-i); \
r0 = _mm512_xor_epi32(t0, t1)
#define L(x0, t0, t1, t2, t3, t4) \
ROT(t0, x0, 2, t2, t3); \
ROT(t1, x0, 10, t2, t3); \
t4 = _mm512_xor_epi32(t0, t1); \
ROT(t0, x0, 18, t2, t3); \
ROT(t1, x0, 24, t2, t3); \
t3 = _mm512_xor_epi32(t0, t1); \
t2 = _mm512_xor_epi32(x0, t3); \
x0 = _mm512_xor_epi32(t2, t4)
#define ROUND(x0, x1, x2, x3, x4, i) \
t0 = _mm512_i32gather_epi32(vindex_0s, rk+i*4, 4); \
t1 = _mm512_xor_epi32(x1, x2); \
t2 = _mm512_xor_epi32(x3, t0); \
t0 = _mm512_xor_epi32(t1, t2); \
S(t0, x4, t1, t2); \
L(t0, x4, t1, t2, t3, t4); \
x4 = _mm512_xor_epi32(x0, t0)
void sms4_knc_encrypt_16blocks(sms4_key_t *key, const unsigned char *in, unsigned char *out)
{
int *rk = (int *)key->rk;
__m512i x0, x1, x2, x3, x4;
__m512i t0, t1, t2, t3, t4;
GET_BLKS(x0, x1, x2, x3, in);
ROUNDS(x0, x1, x2, x3, x4, ROUND);
PUT_BLKS(out, x2, x3, x4, x0);
}