From e9d61cb1f47b4b3c27888e193eba773667b68f0f Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Sat, 13 Apr 2024 18:41:19 +0800 Subject: [PATCH] Remove unused macros Remove fp_ fn_ macros can reduce the API size. Another reason is that some macros such as fp_equ, fn_equ, can not return correct result on `a` and `a + modulus` --- include/gmssl/sm9.h | 512 --------------------------------------- include/gmssl/sm9_z256.h | 47 +--- src/sm9_z256_key.c | 14 +- src/sm9_z256_lib.c | 6 +- tests/sm9test.c | 6 +- 5 files changed, 23 insertions(+), 562 deletions(-) delete mode 100644 include/gmssl/sm9.h diff --git a/include/gmssl/sm9.h b/include/gmssl/sm9.h deleted file mode 100644 index 3c808e52..00000000 --- a/include/gmssl/sm9.h +++ /dev/null @@ -1,512 +0,0 @@ -/* - * Copyright 2014-2023 The GmSSL Project. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the License); you may - * not use this file except in compliance with the License. - * - * http://www.apache.org/licenses/LICENSE-2.0 - */ - - -#include -#include -#include -#include -#include -#include - - -#ifndef GMSSL_SM9_H -#define GMSSL_SM9_H - -#ifdef __cplusplus -extern "C" { -#endif - - -#define SM9_HEX_SEP '\n' - -typedef uint64_t sm9_bn_t[8]; - -#define sm9_bn_init(r) sm9_bn_set_zero(r) -#define sm9_bn_clean(r) sm9_bn_set_zero(r) - -void sm9_bn_set_zero(sm9_bn_t r); -void sm9_bn_set_one(sm9_bn_t r); -int sm9_bn_is_zero(const sm9_bn_t a); -int sm9_bn_is_one(const sm9_bn_t a); -void sm9_bn_set_word(sm9_bn_t r, uint32_t a); -void sm9_bn_copy(sm9_bn_t r, const sm9_bn_t a); -int sm9_bn_rand_range(sm9_bn_t r, const sm9_bn_t range); -int sm9_bn_equ(const sm9_bn_t a, const sm9_bn_t b); -int sm9_bn_cmp(const sm9_bn_t a, const sm9_bn_t b); -void sm9_bn_add(sm9_bn_t r, const sm9_bn_t a, const sm9_bn_t b); -void sm9_bn_sub(sm9_bn_t ret, const sm9_bn_t a, const sm9_bn_t b); -void sm9_bn_to_bits(const sm9_bn_t a, char bits[256]); -void sm9_bn_to_bytes(const sm9_bn_t a, uint8_t out[32]); -void sm9_bn_from_bytes(sm9_bn_t r, const uint8_t in[32]); -void sm9_bn_to_hex(const sm9_bn_t a, char hex[64]); -int sm9_bn_from_hex(sm9_bn_t r, const char hex[64]); -int sm9_bn_print(FILE *fp, int fmt, int ind, const char *label, const sm9_bn_t a); -void sm9_print_bn(const char *prefix, const sm9_bn_t a); // 标准打印格式 - - -typedef sm9_bn_t sm9_fp_t; -extern const sm9_fp_t SM9_P; -extern const sm9_fp_t SM9_N; - -#define sm9_fp_init(r) sm9_fp_set_zero(r) -#define sm9_fp_clean(f) sm9_fp_set_zero(r) -#define sm9_fp_set_zero(r) sm9_bn_set_zero(r) -#define sm9_fp_set_one(r) sm9_bn_set_one(r) -#define sm9_fp_copy(r,a) sm9_bn_copy((r),(a)) -#define sm9_fp_rand(r) sm9_bn_rand_range((r), SM9_P) -#define sm9_fp_is_zero(a) sm9_bn_is_zero(a) -#define sm9_fp_is_one(a) sm9_bn_is_one(a) -#define sm9_fp_equ(a,b) sm9_bn_equ((a),(b)) -#define sm9_fp_to_bytes(a,buf) sm9_bn_to_bytes((a),(buf)) -#define sm9_fp_to_hex(a,s) sm9_bn_to_hex((a),(s)) -#define sm9_fp_print(fp,fmt,ind,label,a) sm9_bn_print(fp,fmt,ind,label,a) - -void sm9_fp_add(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b); -void sm9_fp_sub(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b); -void sm9_fp_dbl(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_tri(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_neg(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_mul(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b); -void sm9_fp_sqr(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_pow(sm9_fp_t r, const sm9_fp_t a, const sm9_bn_t e); -void sm9_fp_inv(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_div2(sm9_fp_t r, const sm9_fp_t a); -int sm9_fp_from_bytes(sm9_fp_t r, const uint8_t buf[32]); -int sm9_fp_from_hex(sm9_fp_t r, const char hex[64]); - -void sm9_fp_to_mont(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_from_mont(sm9_fp_t r, const sm9_fp_t a); -void sm9_fp_mul_mont(sm9_fp_t r, const sm9_fp_t a, const sm9_fp_t b); - -typedef sm9_bn_t sm9_fn_t; - -#define sm9_fn_init(r) sm9_fn_set_zero(r) -#define sm9_fn_clean(f) sm9_fn_set_zero(r) -#define sm9_fn_set_zero(r) sm9_bn_set_zero(r) -#define sm9_fn_set_one(r) sm9_bn_set_one(r) -#define sm9_fn_copy(r,a) sm9_bn_copy((r),(a)) -#define sm9_fn_rand(r) sm9_bn_rand_range((r), SM9_N) -#define sm9_fn_is_zero(a) sm9_bn_is_zero(a) -#define sm9_fn_is_one(a) sm9_bn_is_one(a) -#define sm9_fn_equ(a,b) sm9_bn_equ((a),(b)) -#define sm9_fn_to_bytes(a,out) sm9_bn_to_bytes((a),(out)) -#define sm9_fn_to_hex(a,s) sm9_bn_to_hex((a),(s)) -#define sm9_fn_print(fp,fmt,ind,label,a) sm9_bn_print(fp,fmt,ind,label,a) - -void sm9_fn_add(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b); -void sm9_fn_sub(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b); -void sm9_fn_mul(sm9_fn_t r, const sm9_fn_t a, const sm9_fn_t b); -void sm9_fn_pow(sm9_fn_t r, const sm9_fn_t a, const sm9_bn_t e); -void sm9_fn_inv(sm9_fn_t r, const sm9_fn_t a); -void sm9_fn_from_hash(sm9_fn_t h, const uint8_t Ha[40]); -int sm9_fn_from_bytes(sm9_fn_t a, const uint8_t in[32]); -int sm9_fn_from_hex(sm9_fn_t r, const char hex[64]); - - -typedef uint64_t sm9_barrett_bn_t[9]; - -int sm9_barrett_bn_cmp(const sm9_barrett_bn_t a, const sm9_barrett_bn_t b); -void sm9_barrett_bn_add(sm9_barrett_bn_t r, const sm9_barrett_bn_t a, const sm9_barrett_bn_t b); -void sm9_barrett_bn_sub(sm9_barrett_bn_t ret, const sm9_barrett_bn_t a, const sm9_barrett_bn_t b); - - -typedef sm9_fp_t sm9_fp2_t[2]; -extern const sm9_fp2_t SM9_FP2_ZERO; -extern const sm9_fp2_t SM9_FP2_ONE; -extern const sm9_fp2_t SM9_FP2_U; - -#define sm9_fp2_init(a) sm9_fp2_set_zero(a) -#define sm9_fp2_clean(a) sm9_fp2_set_zero(a) -#define sm9_fp2_set_zero(a) sm9_fp2_copy((a), SM9_FP2_ZERO) -#define sm9_fp2_set_one(a) sm9_fp2_copy((a), SM9_FP2_ONE) -#define sm9_fp2_set_u(a) sm9_fp2_copy((a), SM9_FP2_U) -#define sm9_fp2_is_zero(a) sm9_fp2_equ((a), SM9_FP2_ZERO) -#define sm9_fp2_is_one(a) sm9_fp2_equ((a), SM9_FP2_ONE) - -void sm9_fp2_set_fp(sm9_fp2_t r, const sm9_fp_t a); -void sm9_fp2_set(sm9_fp2_t r, const sm9_fp_t a0, const sm9_fp_t a1); -void sm9_fp2_copy(sm9_fp2_t r, const sm9_fp2_t a); -int sm9_fp2_rand(sm9_fp2_t r); -int sm9_fp2_equ(const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_add(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_dbl(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_tri(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_sub(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_neg(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_mul(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_mul_u(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_mul_fp(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp_t k); -void sm9_fp2_sqr(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_sqr_u(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_inv(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_div(sm9_fp2_t r, const sm9_fp2_t a, const sm9_fp2_t b); -void sm9_fp2_div2(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_to_hex(const sm9_fp2_t a, char hex[129]); -int sm9_fp2_from_hex(sm9_fp2_t r, const char hex[129]); -int sm9_fp2_print(FILE *fp, int fmt, int ind, const char *label, const sm9_fp2_t a); - - -typedef sm9_fp2_t sm9_fp4_t[2]; -extern const sm9_fp4_t SM9_FP4_ZERO; -extern const sm9_fp4_t SM9_FP4_ONE; -extern const sm9_fp4_t SM9_FP4_U; -extern const sm9_fp4_t SM9_FP4_V; - -#define sm9_fp4_init(a) sm9_fp4_set_zero(a) -#define sm9_fp4_clean(a) sm9_fp4_set_zero(a) -#define sm9_fp4_set_zero(a) sm9_fp4_copy((a), SM9_FP4_ZERO) -#define sm9_fp4_set_one(a) sm9_fp4_copy((a), SM9_FP4_ONE) -#define sm9_fp4_is_zero(a) sm9_fp4_equ((a), SM9_FP4_ZERO) -#define sm9_fp4_is_one(a) sm9_fp4_equ((a), SM9_FP4_ONE) - -void sm9_fp4_set_u(sm9_fp4_t r); -void sm9_fp4_set_v(sm9_fp4_t r); -void sm9_fp4_set_fp(sm9_fp4_t r, const sm9_fp_t a); -void sm9_fp4_set_fp2(sm9_fp4_t r, const sm9_fp2_t a); -void sm9_fp4_set(sm9_fp4_t r, const sm9_fp2_t a0, const sm9_fp2_t a1); -void sm9_fp4_copy(sm9_fp4_t r, const sm9_fp4_t a); -int sm9_fp4_rand(sm9_fp4_t r); -int sm9_fp4_equ(const sm9_fp4_t a, const sm9_fp4_t b); -void sm9_fp4_add(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b); -void sm9_fp4_dbl(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_sub(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b); -void sm9_fp4_neg(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_mul(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b); -void sm9_fp4_mul_fp(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp_t k); -void sm9_fp4_mul_fp2(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp2_t b0); -void sm9_fp4_mul_v(sm9_fp4_t r, const sm9_fp4_t a, const sm9_fp4_t b); -void sm9_fp4_sqr(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_sqr_v(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_inv(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_to_bytes(const sm9_fp4_t a, uint8_t buf[128]); -int sm9_fp4_from_bytes(sm9_fp4_t r, const uint8_t buf[128]); -void sm9_fp4_to_hex(const sm9_fp4_t a, char hex[259]); -int sm9_fp4_from_hex(sm9_fp4_t r, const char hex[259]); - - -typedef sm9_fp4_t sm9_fp12_t[3]; - -#define sm9_fp12_init(r) sm9_fp12_set_zero(a) -#define sm9_fp12_clean(r) sm9_fp12_set_zero(a) - -void sm9_fp12_set_zero(sm9_fp12_t r); -void sm9_fp12_set_one(sm9_fp12_t r); -void sm9_fp12_set_u(sm9_fp12_t r); -void sm9_fp12_set_v(sm9_fp12_t r); -void sm9_fp12_set_w(sm9_fp12_t r); -void sm9_fp12_set_w_sqr(sm9_fp12_t r); -void sm9_fp12_set_fp(sm9_fp12_t r, const sm9_fp_t a); -void sm9_fp12_set_fp2(sm9_fp12_t r, const sm9_fp2_t a); -void sm9_fp12_set_fp4(sm9_fp12_t r, const sm9_fp4_t a); -void sm9_fp12_set(sm9_fp12_t r, const sm9_fp4_t a0, const sm9_fp4_t a1, const sm9_fp4_t a2); -void sm9_fp12_copy(sm9_fp12_t r, const sm9_fp12_t a); -int sm9_fp12_rand(sm9_fp12_t r); -int sm9_fp12_is_one(const sm9_fp12_t a); -int sm9_fp12_is_zero(const sm9_fp12_t a); -int sm9_fp12_equ(const sm9_fp12_t a, const sm9_fp12_t b); -void sm9_fp12_add(sm9_fp12_t r, const sm9_fp12_t a, const sm9_fp12_t b); -void sm9_fp12_dbl(sm9_fp12_t r, const sm9_fp12_t a); -void sm9_fp12_tri(sm9_fp12_t r, const sm9_fp12_t a); -void sm9_fp12_sub(sm9_fp12_t r, const sm9_fp12_t a, const sm9_fp12_t b); -void sm9_fp12_neg(sm9_fp12_t r, const sm9_fp12_t a); -void sm9_fp12_mul(sm9_fp12_t r, const sm9_fp12_t a, const sm9_fp12_t b); -void sm9_fp12_sqr(sm9_fp12_t r, const sm9_fp12_t a); -void sm9_fp12_inv(sm9_fp12_t r, const sm9_fp12_t a); -void sm9_fp12_pow(sm9_fp12_t r, const sm9_fp12_t a, const sm9_bn_t k); -void sm9_fp12_to_bytes(const sm9_fp12_t a, uint8_t buf[32 * 12]); -int sm9_fp12_from_bytes(sm9_fp12_t r, const uint8_t in[32 * 12]); -void sm9_fp12_to_hex(const sm9_fp12_t a, char hex[65 * 12]); -int sm9_fp12_from_hex(sm9_fp12_t r, const char hex[65 * 12]); // 这个明显是不对的 -void sm9_fp12_print(const char *prefix, const sm9_fp12_t a); - - -void sm9_fp2_conjugate(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp2_frobenius(sm9_fp2_t r, const sm9_fp2_t a); -void sm9_fp4_frobenius(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_conjugate(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_frobenius2(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp4_frobenius3(sm9_fp4_t r, const sm9_fp4_t a); -void sm9_fp12_frobenius(sm9_fp12_t r, const sm9_fp12_t x); -void sm9_fp12_frobenius2(sm9_fp12_t r, const sm9_fp12_t x); -void sm9_fp12_frobenius3(sm9_fp12_t r, const sm9_fp12_t x); -void sm9_fp12_frobenius6(sm9_fp12_t r, const sm9_fp12_t x); - - -typedef struct { - sm9_fp_t X; - sm9_fp_t Y; - sm9_fp_t Z; -} SM9_POINT; - -#define sm9_point_init(R) sm9_point_set_infinity(R) -#define sm9_point_clean(R) sm9_point_set_infinity(R) - -void sm9_point_set_infinity(SM9_POINT *R); -void sm9_point_copy(SM9_POINT *R, const SM9_POINT *P); -void sm9_point_get_xy(const SM9_POINT *P, sm9_fp_t x, sm9_fp_t y); -int sm9_point_is_at_infinity(const SM9_POINT *P); -int sm9_point_equ(const SM9_POINT *P, const SM9_POINT *Q); -int sm9_point_is_on_curve(const SM9_POINT *P); -void sm9_point_dbl(SM9_POINT *R, const SM9_POINT *P); -void sm9_point_add(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q); -void sm9_point_neg(SM9_POINT *R, const SM9_POINT *P); -void sm9_point_sub(SM9_POINT *R, const SM9_POINT *P, const SM9_POINT *Q); -void sm9_point_mul(SM9_POINT *R, const sm9_bn_t k, const SM9_POINT *P); -void sm9_point_mul_generator(SM9_POINT *R, const sm9_bn_t k); -void sm9_point_from_hex(SM9_POINT *R, const char hex[65 * 2]); -int sm9_point_to_uncompressed_octets(const SM9_POINT *P, uint8_t octets[65]); -int sm9_point_from_uncompressed_octets(SM9_POINT *P, const uint8_t octets[65]); -int sm9_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_POINT *P); - - -typedef struct { - sm9_fp2_t X; - sm9_fp2_t Y; - sm9_fp2_t Z; -} SM9_TWIST_POINT; - -#define sm9_twist_point_copy(R, P) memcpy((R), (P), sizeof(SM9_TWIST_POINT)) - -int sm9_twist_point_to_uncompressed_octets(const SM9_TWIST_POINT *P, uint8_t octets[129]); -int sm9_twist_point_from_uncompressed_octets(SM9_TWIST_POINT *P, const uint8_t octets[129]); - - -void sm9_twist_point_from_hex(SM9_TWIST_POINT *R, const char hex[65 * 4]); -int sm9_twist_point_is_at_infinity(const SM9_TWIST_POINT *P); -void sm9_twist_point_set_infinity(SM9_TWIST_POINT *R); -void sm9_twist_point_get_xy(const SM9_TWIST_POINT *P, sm9_fp2_t x, sm9_fp2_t y); - -int sm9_twist_point_equ(const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q); -int sm9_twist_point_is_on_curve(const SM9_TWIST_POINT *P); -void sm9_twist_point_neg(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P); -void sm9_twist_point_dbl(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P); -void sm9_twist_point_add(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q); -void sm9_twist_point_sub(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q); -void sm9_twist_point_add_full(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P, const SM9_TWIST_POINT *Q); -void sm9_twist_point_mul(SM9_TWIST_POINT *R, const sm9_bn_t k, const SM9_TWIST_POINT *P); -void sm9_twist_point_mul_generator(SM9_TWIST_POINT *R, const sm9_bn_t k); -int sm9_twist_point_print(FILE *fp, int fmt, int ind, const char *label, const SM9_TWIST_POINT *P); - - - -void sm9_eval_g_tangent(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *P, const SM9_POINT *Q); -void sm9_eval_g_line(sm9_fp12_t num, sm9_fp12_t den, const SM9_TWIST_POINT *T, const SM9_TWIST_POINT *P, const SM9_POINT *Q); -void sm9_twist_point_pi1(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P); -void sm9_twist_point_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P); -void sm9_twist_point_neg_pi2(SM9_TWIST_POINT *R, const SM9_TWIST_POINT *P); -void sm9_final_exponent_hard_part(sm9_fp12_t r, const sm9_fp12_t f); -void sm9_final_exponent(sm9_fp12_t r, const sm9_fp12_t f); -void sm9_pairing(sm9_fp12_t r, const SM9_TWIST_POINT *Q, const SM9_POINT *P); - - -/* private key extract algorithms */ -#define SM9_HID_SIGN 0x01 -#define SM9_HID_EXCH 0x02 -#define SM9_HID_ENC 0x03 - -#define SM9_HASH1_PREFIX 0x01 -#define SM9_HASH2_PREFIX 0x02 - -int sm9_hash1(sm9_bn_t h1, const char *id, size_t idlen, uint8_t hid); - - -const char *sm9_oid_name(int oid); -int sm9_oid_from_name(const char *name); -int sm9_oid_to_der(int oid, uint8_t **out, size_t *outlen); -int sm9_oid_from_der(int *oid, const uint8_t **in, size_t *inlen); -int sm9_algor_to_der(int alg, int params, uint8_t **out, size_t *outlen); -int sm9_algor_from_der(int *alg, int *params, const uint8_t **in, size_t *inlen); - - -#define PEM_SM9_SIGN_MASTER_KEY "ENCRYPTED SM9 SIGN MASTER KEY" -#define PEM_SM9_SIGN_MASTER_PUBLIC_KEY "SM9 SIGN MASTER PUBLIC KEY" -#define PEM_SM9_SIGN_PRIVATE_KEY "ENCRYPTED SM9 SIGN PRIVATE KEY" -#define PEM_SM9_ENC_MASTER_KEY "ENCRYPTED SM9 ENC MASTER KEY" -#define PEM_SM9_ENC_MASTER_PUBLIC_KEY "SM9 ENC MASTER PUBLIC KEY" -#define PEM_SM9_ENC_PRIVATE_KEY "ENCRYPTED SM9 ENC PRIVATE KEY" - - -#define SM9_MAX_ID_SIZE (SM2_MAX_ID_SIZE) - -/* -SM9SignMasterKey ::= SEQUENCE { - ks INTEGER, - Ppubs BIT STRING -- uncompressed octets of twisted point } - -SM9SignMasterPublicKey ::= SEQUENCE { - Ppubs BIT STRING -- uncompressed octets of twisted point } - -SM9SignPrivateKey ::= SEQUENCE { - ds BIT STRING, -- uncompressed octets of ECPoint - Ppubs BIT STRING -- uncompressed octets of twisted point } -*/ -typedef struct { - SM9_TWIST_POINT Ppubs; // Ppubs = ks * P2 - sm9_fn_t ks; -} SM9_SIGN_MASTER_KEY; - -typedef struct { - SM9_TWIST_POINT Ppubs; - SM9_POINT ds; -} SM9_SIGN_KEY; - -int sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY *master); -int sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY *master, const char *id, size_t idlen, SM9_SIGN_KEY *key); - -// algorthm,parameters = sm9,sm9sign -#define SM9_SIGN_MASTER_KEY_MAX_SIZE 171 -int sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY *msk, uint8_t **out, size_t *outlen); -int sm9_sign_master_key_from_der(SM9_SIGN_MASTER_KEY *msk, const uint8_t **in, size_t *inlen); -int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen); -int sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen); -int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp); -int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp); -int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *msk); - -#define SM9_SIGN_MASTER_PUBLIC_KEY_SIZE 136 -int sm9_sign_master_public_key_to_der(const SM9_SIGN_MASTER_KEY *mpk, uint8_t **out, size_t *outlen); -int sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen); -int sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY *mpk, FILE *fp); -int sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY *mpk, FILE *fp); -int sm9_sign_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *mpk); - -// algorithm,parameters = sm9sign, -#define SM9_SIGN_KEY_SIZE 204 -int sm9_sign_key_to_der(const SM9_SIGN_KEY *key, uint8_t **out, size_t *outlen); -int sm9_sign_key_from_der(SM9_SIGN_KEY *key, const uint8_t **in, size_t *inlen); -int sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY *key, const char *pass, uint8_t **out, size_t *outlen); -int sm9_sign_key_info_decrypt_from_der(SM9_SIGN_KEY *key, const char *pass, const uint8_t **in, size_t *inlen); -int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass, FILE *fp); -int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE *fp); -int sm9_sign_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_KEY *key); - -/* -from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification -SM9Signature ::= SEQUENCE { - h OCTET STRING, - S BIT STRING -- uncompressed octets of ECPoint } -*/ -typedef struct { - sm9_fn_t h; - SM9_POINT S; -} SM9_SIGNATURE; - -int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE *sig); -int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen, const SM3_CTX *sm3_ctx, const SM9_SIGNATURE *sig); - -#define SM9_SIGNATURE_SIZE 104 -int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen); -int sm9_signature_from_der(SM9_SIGNATURE *sig, const uint8_t **in, size_t *inlen); -int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen); - -typedef struct { - SM3_CTX sm3_ctx; -} SM9_SIGN_CTX; - -int sm9_sign_init(SM9_SIGN_CTX *ctx); -int sm9_sign_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); -int sm9_sign_finish(SM9_SIGN_CTX *ctx, const SM9_SIGN_KEY *key, uint8_t *sig, size_t *siglen); -int sm9_verify_init(SM9_SIGN_CTX *ctx); -int sm9_verify_update(SM9_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); -int sm9_verify_finish(SM9_SIGN_CTX *ctx, const uint8_t *sig, size_t siglen, - const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen); - - -/* -SM9EncMasterKey ::= SEQUENCE { - de INTEGER, - Ppube BIT STRING -- uncompressed octets of ECPoint } - -SM9EncMasterPublicKey ::= SEQUENCE { - Ppube BIT STRING -- uncompressed octets of ECPoint } - -SM9EncPrivateKey ::= SEQUENCE { - de BIT STRING, -- uncompressed octets of twisted point - Ppube BIT STRING -- uncompressed octets of ECPoint } -*/ - -typedef struct { - SM9_POINT Ppube; // Ppube = ke * P1 - sm9_fn_t ke; -} SM9_ENC_MASTER_KEY; - -typedef struct { - SM9_POINT Ppube; - SM9_TWIST_POINT de; -} SM9_ENC_KEY; - -int sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY *master); -int sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY *master, const char *id, size_t idlen, SM9_ENC_KEY *key); - -// algorithm,parameters = sm9,sm9encrypt -#define SM9_ENC_MASTER_KEY_MAX_SIZE 105 -int sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY *msk, uint8_t **out, size_t *outlen); -int sm9_enc_master_key_from_der(SM9_ENC_MASTER_KEY *msk, const uint8_t **in, size_t *inlen); -int sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen); -int sm9_enc_master_key_info_decrypt_from_der(SM9_ENC_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen); -int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp); -int sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp); -int sm9_enc_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *msk); - -#define SM9_ENC_MASTER_PUBLIC_KEY_SIZE 70 -int sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY *mpk, uint8_t **out, size_t *outlen); -int sm9_enc_master_public_key_from_der(SM9_ENC_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen); -int sm9_enc_master_public_key_to_pem(const SM9_ENC_MASTER_KEY *mpk, FILE *fp); -int sm9_enc_master_public_key_from_pem(SM9_ENC_MASTER_KEY *mpk, FILE *fp); -int sm9_enc_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *mpk); - -// algorithm,parameters = sm9encrypt, -#define SM9_ENC_KEY_SIZE 204 -int sm9_enc_key_to_der(const SM9_ENC_KEY *key, uint8_t **out, size_t *outlen); -int sm9_enc_key_from_der(SM9_ENC_KEY *key, const uint8_t **in, size_t *inlen); -int sm9_enc_key_info_encrypt_to_der(const SM9_ENC_KEY *key, const char *pass, uint8_t **out, size_t *outlen); -int sm9_enc_key_info_decrypt_from_der(SM9_ENC_KEY *key, const char *pass, const uint8_t **in, size_t *inlen); -int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FILE *fp); -int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *fp); -int sm9_enc_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_KEY *key); - -#define SM9_MAX_PRIVATE_KEY_SIZE (SM9_SIGN_KEY_SIZE) // MAX(SIGN_MASTER_KEY, SIGN_KEY, ENC_MASTER_KEY, ENC_KEY) -#define SM9_MAX_PRIVATE_KEY_INFO_SIZE 512 -#define SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE 1024 - -/* -from GM/T 0080-2020 SM9 Cryptographic Alagorithm Application Specification -SM9Cipher ::= SEQUENCE { - EnType INTEGER, -- 0 for XOR - C1 BIT STRING, -- uncompressed octets of ECPoint - C3 OCTET STRING, -- 32 bytes HMAC-SM3 tag - CipherText OCTET STRING } -*/ - -int sm9_kem_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, size_t klen, uint8_t *kbuf, SM9_POINT *C); -int sm9_kem_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, const SM9_POINT *C, size_t klen, uint8_t *kbuf); -int sm9_do_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, - const uint8_t *in, size_t inlen, SM9_POINT *C1, uint8_t *c2, uint8_t c3[SM3_HMAC_SIZE]); -int sm9_do_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, - const SM9_POINT *C1, const uint8_t *c2, size_t c2len, const uint8_t c3[SM3_HMAC_SIZE], uint8_t *out); - -#define SM9_MAX_PLAINTEXT_SIZE 255 -#define SM9_MAX_CIPHERTEXT_SIZE 367 // calculated in test_sm9_ciphertext() -int sm9_ciphertext_to_der(const SM9_POINT *C1, const uint8_t *c2, size_t c2len, - const uint8_t c3[SM3_HMAC_SIZE], uint8_t **out, size_t *outlen); -int sm9_ciphertext_from_der(SM9_POINT *C1, const uint8_t **c2, size_t *c2len, - const uint8_t **c3, const uint8_t **in, size_t *inlen); -int sm9_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen); -int sm9_encrypt(const SM9_ENC_MASTER_KEY *mpk, const char *id, size_t idlen, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm9_decrypt(const SM9_ENC_KEY *key, const char *id, size_t idlen, - const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); - - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/include/gmssl/sm9_z256.h b/include/gmssl/sm9_z256.h index 1e7a640c..4b74cc33 100644 --- a/include/gmssl/sm9_z256.h +++ b/include/gmssl/sm9_z256.h @@ -23,12 +23,10 @@ extern "C" { #endif -typedef uint64_t sm9_z256_t[4]; +typedef uint64_t sm9_z256_t[4]; #define SM9_Z256_HEX_SEP '\n' -#define sm9_z256_init(r) sm9_z256_set_zero(r) -#define sm9_z256_clean(r) sm9_z256_set_zero(r) void sm9_z256_to_bits(const sm9_z256_t a, char bits[256]); int sm9_z256_rand_range(sm9_z256_t r, const sm9_z256_t range); @@ -39,7 +37,6 @@ void sm9_z256_copy_conditional(sm9_z256_t dst, const sm9_z256_t src, uint64_t mo void sm9_z256_set_zero(sm9_z256_t r); int sm9_z256_cmp(const sm9_z256_t a, const sm9_z256_t b); void sm9_z256_mul(uint64_t r[8], const sm9_z256_t a, const sm9_z256_t b); -void sm9_z256_mul_low(uint64_t r[4], const sm9_z256_t a, const sm9_z256_t b); int sm9_z256_from_hex(sm9_z256_t r, const char *hex); void sm9_z256_to_hex(const sm9_z256_t r, char hex[64]); int sm9_z256_equ_hex(const sm9_z256_t a, const char *hex); @@ -50,29 +47,20 @@ uint64_t sm9_z256_equ(const sm9_z256_t a, const sm9_z256_t b); uint64_t sm9_z256_is_zero(const sm9_z256_t a); uint64_t sm9_z256_add(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); uint64_t sm9_z256_sub(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); -uint64_t sm9_z512_add(uint64_t r[8], const uint64_t a[8], const uint64_t b[8]); extern const sm9_z256_t SM9_Z256_P; extern const sm9_z256_t SM9_Z256_N; -#define sm9_z256_fp_copy(r,a) sm9_z256_copy((r),(a)) -#define sm9_z256_fp_rand(r) sm9_z256_rand_range((r), SM9_Z256_P) -#define sm9_z256_fp_equ(a,b) sm9_z256_equ((a),(b)) -#define sm9_z256_fp_is_zero(a) sm9_z256_is_zero(a) -#define sm9_z256_fp_set_zero(a) sm9_z256_set_zero(a) - void sm9_z256_fp_add(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); void sm9_z256_fp_sub(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); void sm9_z256_fp_dbl(sm9_z256_t r, const sm9_z256_t a); void sm9_z256_fp_tri(sm9_z256_t r, const sm9_z256_t a); void sm9_z256_fp_div2(sm9_z256_t r, const sm9_z256_t a); void sm9_z256_fp_neg(sm9_z256_t r, const sm9_z256_t a); -#define sm9_z256_fp_mul(r,a,b) sm9_z256_fp_mont_mul(r,a,b) void sm9_z256_fp_mont_mul(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); void sm9_z256_fp_to_mont(sm9_z256_t r, const sm9_z256_t a); void sm9_z256_fp_from_mont(sm9_z256_t r, const sm9_z256_t a); -#define sm9_z256_fp_sqr(r,a) sm9_z256_fp_mont_sqr(r,a) void sm9_z256_fp_mont_sqr(sm9_z256_t r, const sm9_z256_t a); void sm9_z256_fp_pow(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t e); void sm9_z256_fp_inv(sm9_z256_t r, const sm9_z256_t a); @@ -80,20 +68,11 @@ int sm9_z256_fp_from_bytes(sm9_z256_t r, const uint8_t buf[32]); void sm9_z256_fp_to_bytes(const sm9_z256_t r, uint8_t out[32]); int sm9_z256_fp_from_hex(sm9_z256_t r, const char hex[64]); void sm9_z256_fp_to_hex(const sm9_z256_t r, char hex[64]); +int sm9_z256_fp_rand(sm9_z256_t r); -#define sm9_z256_fn_init(r) sm9_z256_set_zero(r) -#define sm9_z256_fn_clean(r) sm9_z256_set_zero(r) -#define sm9_z256_fn_set_zero(r) sm9_z256_set_zero(r) -#define sm9_z256_fn_set_one(r) sm9_z256_set_one(r) -#define sm9_z256_fn_copy(r,a) sm9_z256_copy((r),(a)) -#define sm9_z256_fn_rand(r) sm9_z256_rand_range((r), SM9_Z256_N) -#define sm9_z256_fn_is_zero(a) sm9_z256_is_zero(a) -#define sm9_z256_fn_is_one(a) sm9_z256_is_one(a) -#define sm9_z256_fn_equ(a,b) sm9_z256_equ((a),(b)) -#define sm9_z256_fn_to_bytes(a,out) sm9_z256_to_bytes((a),(out)) -#define sm9_z256_fn_to_hex(a,s) sm9_z256_to_hex((a),(s)) -#define sm9_z256_fn_print(fp,fmt,ind,label,a) sm9_z256_print(fp,fmt,ind,label,a) + +int sm9_z256_fn_rand(sm9_z256_t r); void sm9_z256_fn_add(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); void sm9_z256_fn_sub(sm9_z256_t r, const sm9_z256_t a, const sm9_z256_t b); @@ -107,13 +86,11 @@ int sm9_z256_fn_from_bytes(sm9_z256_t a, const uint8_t in[32]); typedef sm9_z256_t sm9_z256_fp2[2]; extern const sm9_z256_fp2 SM9_FP2_ZERO; -#define sm9_z256_fp2_init(a) sm9_z256_fp2_set_zero(a) -#define sm9_z256_fp2_clean(a) sm9_z256_fp2_set_zero(a) -#define sm9_z256_fp2_set_zero(a) sm9_z256_fp2_copy((a), SM9_Z256_FP2_ZERO) -#define sm9_z256_fp2_is_zero(a) sm9_z256_fp2_equ((a), SM9_Z256_FP2_ZERO) void sm9_z256_fp2_set_one(sm9_z256_fp2 r); -int sm9_z256_fp2_is_one(const sm9_z256_fp2 r); +void sm9_z256_fp2_set_zero(sm9_z256_fp2 r); +int sm9_z256_fp2_is_one(const sm9_z256_fp2 a); +int sm9_z256_fp2_is_zero(const sm9_z256_fp2 a); int sm9_z256_fp2_equ(const sm9_z256_fp2 a, const sm9_z256_fp2 b); void sm9_z256_fp2_copy(sm9_z256_fp2 r, const sm9_z256_fp2 a); int sm9_z256_fp2_rand(sm9_z256_fp2 r); @@ -143,8 +120,7 @@ extern const sm9_z256_fp4 SM9_FP4_ONE; extern const sm9_z256_fp4 SM9_FP4_U; extern const sm9_z256_fp4 SM9_FP4_V; -#define sm9_z256_fp4_is_zero(a) sm9_z256_fp4_equ((a), SM9_Z256_FP4_ZERO) - +int sm9_z256_fp4_is_zero(const sm9_z256_fp4 a); int sm9_z256_fp4_equ(const sm9_z256_fp4 a, const sm9_z256_fp4 b); int sm9_z256_fp4_rand(sm9_z256_fp4 r); void sm9_z256_fp4_copy(sm9_z256_fp4 r, const sm9_z256_fp4 a); @@ -167,10 +143,9 @@ void sm9_z256_fp4_sqr_v(sm9_z256_fp4 r, const sm9_z256_fp4 a); void sm9_z256_fp4_inv(sm9_z256_fp4 r, const sm9_z256_fp4 a); -typedef sm9_z256_fp4 sm9_z256_fp12[3]; -#define sm9_fp12_init(r) sm9_fp12_set_zero(r) -#define sm9_fp12_clean(r) sm9_fp12_set_zero(r) + +typedef sm9_z256_fp4 sm9_z256_fp12[3]; void sm9_z256_fp12_copy(sm9_z256_fp12 r, const sm9_z256_fp12 a); int sm9_z256_fp12_rand(sm9_z256_fp12 r); @@ -211,8 +186,6 @@ typedef struct { sm9_z256_t Z; } SM9_Z256_POINT; -#define sm9_point_init(R) sm9_point_set_infinity(R) -#define sm9_point_clean(R) sm9_point_set_infinity(R) void sm9_z256_point_from_hex(SM9_Z256_POINT *R, const char hex[65 * 2]); int sm9_z256_point_is_at_infinity(const SM9_Z256_POINT *P); diff --git a/src/sm9_z256_key.c b/src/sm9_z256_key.c index a5a20959..eb7213a0 100644 --- a/src/sm9_z256_key.c +++ b/src/sm9_z256_key.c @@ -59,7 +59,7 @@ int sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY *msk, uint8_t **out, si uint8_t Ppubs[1 + 32 * 4]; size_t len = 0; - sm9_z256_fn_to_bytes(msk->ks, ks); + sm9_z256_to_bytes(msk->ks, ks); sm9_z256_twist_point_to_uncompressed_octets(&msk->Ppubs, Ppubs); if (asn1_integer_to_der(ks, sizeof(ks), NULL, &len) != 1 @@ -206,7 +206,7 @@ int sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY *msk, uint8_t **out, size uint8_t Ppube[1 + 32 * 2]; size_t len = 0; - sm9_z256_fn_to_bytes(msk->ke, ke); + sm9_z256_to_bytes(msk->ke, ke); sm9_z256_point_to_uncompressed_octets(&msk->Ppube, Ppube); if (asn1_integer_to_der(ke, sizeof(ke), NULL, &len) != 1 @@ -383,7 +383,7 @@ int sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY *msk, const char *id, si // t1 = H1(ID || hid, N) + ks sm9_z256_hash1(t, id, idlen, SM9_HID_SIGN); sm9_z256_fn_add(t, t, msk->ks); - if (sm9_z256_fn_is_zero(t)) { + if (sm9_z256_is_zero(t)) { // 这是一个严重问题,意味着整个msk都需要作废了 error_print(); return -1; @@ -408,7 +408,7 @@ int sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY *msk, const char *id, size // t1 = H1(ID || hid, N) + ke sm9_z256_hash1(t, id, idlen, SM9_HID_ENC); sm9_z256_fn_add(t, t, msk->ke); - if (sm9_z256_fn_is_zero(t)) { + if (sm9_z256_is_zero(t)) { error_print(); return -1; } @@ -432,7 +432,7 @@ int sm9_exch_master_key_extract_key(SM9_EXCH_MASTER_KEY *msk, const char *id, si // t1 = H1(ID || hid, N) + ke sm9_z256_hash1(t, id, idlen, SM9_HID_EXCH); sm9_z256_fn_add(t, t, msk->ke); - if (sm9_z256_fn_is_zero(t)) { + if (sm9_z256_is_zero(t)) { error_print(); return -1; } @@ -1075,7 +1075,7 @@ int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, con { format_print(fp, fmt, ind, "%s\n", label); ind += 4; - sm9_z256_fn_print(fp, fmt, ind, "ks", msk->ks); + sm9_z256_print(fp, fmt, ind, "ks", msk->ks); sm9_z256_twist_point_print(fp, fmt, ind, "Ppubs", &msk->Ppubs); return 1; } @@ -1101,7 +1101,7 @@ int sm9_enc_master_key_print(FILE *fp, int fmt, int ind, const char *label, cons { format_print(fp, fmt, ind, "%s\n", label); ind += 4; - sm9_z256_fn_print(fp, fmt, ind, "ke", msk->ke); + sm9_z256_print(fp, fmt, ind, "ke", msk->ke); sm9_z256_point_print(fp, fmt, ind, "Ppube", &msk->Ppube); return 1; } diff --git a/src/sm9_z256_lib.c b/src/sm9_z256_lib.c index 207b6737..3014d642 100644 --- a/src/sm9_z256_lib.c +++ b/src/sm9_z256_lib.c @@ -31,7 +31,7 @@ int sm9_signature_to_der(const SM9_SIGNATURE *sig, uint8_t **out, size_t *outlen uint8_t Sbuf[65]; size_t len = 0; - sm9_z256_fn_to_bytes(sig->h, hbuf); + sm9_z256_to_bytes(sig->h, hbuf); sm9_z256_point_to_uncompressed_octets(&sig->S, Sbuf); if (asn1_octet_string_to_der(hbuf, sizeof(hbuf), NULL, &len) != 1 @@ -145,7 +145,7 @@ int sm9_do_sign(const SM9_SIGN_KEY *key, const SM3_CTX *sm3_ctx, SM9_SIGNATURE * // A5: l = (r - h) mod N, if l = 0, goto A2 sm9_z256_fn_sub(r, r, sig->h); - } while (sm9_z256_fn_is_zero(r)); + } while (sm9_z256_is_zero(r)); // A6: S = l * dsA sm9_z256_point_mul(&sig->S, r, &key->ds); @@ -241,7 +241,7 @@ int sm9_do_verify(const SM9_SIGN_MASTER_KEY *mpk, const char *id, size_t idlen, sm3_update(&tmp_ctx, ct2, sizeof(ct2)); sm3_finish(&tmp_ctx, Ha + 32); sm9_z256_fn_from_hash(h2, Ha); - if (sm9_z256_fn_equ(h2, sig->h) != 1) { + if (sm9_z256_equ(h2, sig->h) != 1) { return 0; } diff --git a/tests/sm9test.c b/tests/sm9test.c index 39e4aff1..d8f2bd4f 100644 --- a/tests/sm9test.c +++ b/tests/sm9test.c @@ -67,8 +67,8 @@ int test_sm9_z256_fp() { sm9_z256_fp_tri(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_tri)) goto err; ++j; sm9_z256_fp_div2(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_div2)) goto err; ++j; sm9_z256_fp_neg(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_neg)) goto err; ++j; - sm9_z256_fp_mul(r, x, y); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_mul)) goto err; ++j; - sm9_z256_fp_sqr(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_sqr)) goto err; ++j; + sm9_z256_fp_mont_mul(r, x, y); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_mul)) goto err; ++j; + sm9_z256_fp_mont_sqr(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_sqr)) goto err; ++j; sm9_z256_fp_from_mont(y, y); sm9_z256_fp_pow(r, x, y); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_pow)) goto err; ++j; sm9_z256_fp_inv(r, x); sm9_z256_fp_from_mont(r, r); if (!sm9_z256_equ_hex(r, hex_fp_inv)) goto err; ++j; @@ -99,7 +99,7 @@ int test_sm9_z256_fn() { sm9_z256_from_hex(x, hex_x); sm9_z256_from_hex(y, hex_y); - sm9_z256_t iv = {0, 0, 0, 0}; if (!sm9_z256_fn_is_zero(iv)) goto err; ++j; + sm9_z256_t iv = {0, 0, 0, 0}; if (!sm9_z256_is_zero(iv)) goto err; ++j; sm9_z256_fn_add(r, x, y); if (!sm9_z256_equ_hex(r, hex_fn_add)) goto err; ++j; sm9_z256_fn_sub(r, x, y); if (!sm9_z256_equ_hex(r, hex_fn_sub)) goto err; ++j; sm9_z256_fn_sub(r, y, x); if (!sm9_z256_equ_hex(r, hex_fn_nsub)) goto err; ++j;