abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-13 08:23:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Zhi Guan
2017-04-14 15:31:35 +08:00
parent 7fa961cd6f
commit eb21e9d572
76 changed files with 3249 additions and 2961 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Configure
View File

@@ -472,11 +472,14 @@ our %disabled = ( # "what" => "comment"
"zlib" => "default",
"zlib-dynamic" => "default",
"zuc" => "default",
"sm9" => "default",
"bfibe" => "default",
"bb1ibe" => "default",
"saf" => "default",
"sof" => "default",
#"sm9" => "default",
#"bfibe" => "default",
#"bb1ibe" => "default",
#"gmapi" => "default",
#"saf" => "default",
#"sdf" => "default",
#"skf" => "default",
#"sof" => "default",
"serpent" => "default",
# "speck" => "default",
);

20
apps/progs.h
View File

@@ -182,10 +182,12 @@ static FUNCTION functions[] = {
{ FT_general, "otp", otp_main, otp_options },
#endif
{ FT_general, "passwd", passwd_main, passwd_options },
#ifndef OPENSSL_NO_DES
#ifndef OPENSSL_NO_PKCS12
{ FT_general, "pkcs12", pkcs12_main, pkcs12_options },
#endif
#ifndef OPENSSL_NO_PKCS7
{ FT_general, "pkcs7", pkcs7_main, pkcs7_options },
#endif
{ FT_general, "pkcs8", pkcs8_main, pkcs8_options },
{ FT_general, "pkey", pkey_main, pkey_options },
{ FT_general, "pkeyparam", pkeyparam_main, pkeyparam_options },
@@ -194,7 +196,9 @@ static FUNCTION functions[] = {
{ FT_general, "rand", rand_main, rand_options },
{ FT_general, "rehash", rehash_main, rehash_options },
{ FT_general, "req", req_main, req_options },
#ifndef OPENSSL_NO_RSA
{ FT_general, "rsa", rsa_main, rsa_options },
#endif
#ifndef OPENSSL_NO_RSA
{ FT_general, "rsautl", rsautl_main, rsautl_options },
#endif
@@ -229,7 +233,9 @@ static FUNCTION functions[] = {
#ifndef OPENSSL_NO_MD4
{ FT_md, "md4", dgst_main},
#endif
#ifndef OPENSSL_NO_MD5
{ FT_md, "md5", dgst_main},
#endif
#ifndef OPENSSL_NO_GOST
{ FT_md, "gost", dgst_main},
#endif
@@ -265,12 +271,24 @@ static FUNCTION functions[] = {
#ifndef OPENSSL_NO_SMS4
{ FT_cipher, "sms4-cfb", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-128-cbc", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-128-ecb", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-192-cbc", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-192-ecb", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-256-cbc", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-256-ecb", enc_main, enc_options },
#endif
#ifndef OPENSSL_NO_CAMELLIA
{ FT_cipher, "camellia-128-cbc", enc_main, enc_options },
#endif

13
crypto/asn1/a_octet.c
View File

@@ -27,3 +27,16 @@ int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d,
{
return ASN1_STRING_set(x, d, len);
}
#ifndef OPENSSL_NO_SM2
int ASN1_OCTET_STRING_is_zero(const ASN1_OCTET_STRING *a)
{
int i;
for (i = 0; i < a->length; i++) {
if (a->data[i] != 0) {
return 0;
}
}
return 1;
}
#endif

1
crypto/bn/bn_err.c
View File

@@ -51,6 +51,7 @@ static ERR_STRING_DATA BN_str_functs[] = {
{ERR_FUNC(BN_F_BN_GFP2_CMP), "BN_GFP2_cmp"},
{ERR_FUNC(BN_F_BN_GFP2_COPY), "BN_GFP2_copy"},
{ERR_FUNC(BN_F_BN_GFP2_DIV_BN), "BN_GFP2_div_bn"},
{ERR_FUNC(BN_F_BN_GFP2_EQU), "BN_GFP2_equ"},
{ERR_FUNC(BN_F_BN_GFP2_INV), "BN_GFP2_inv"},
{ERR_FUNC(BN_F_BN_GFP2_IS_ZERO), "BN_GFP2_is_zero"},
{ERR_FUNC(BN_F_BN_GFP2_MUL), "BN_GFP2_mul"},

2
crypto/cpk/cpk_asn1.c
View File

@@ -50,6 +50,7 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
ASN1_SEQUENCE(CPK_MASTER_SECRET) = {
ASN1_SIMPLE(CPK_MASTER_SECRET, version, LONG),
@@ -91,4 +92,3 @@ int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params)
{
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}

1
crypto/cpk/cpk_kap.c
View File

@@ -51,6 +51,7 @@
#include <openssl/ecdh.h>
#include <openssl/objects.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params,
void *out, size_t outlen, const char *id, EVP_PKEY *priv_key,

94
crypto/ecies/ecies_gmssl.c → crypto/cpk/cpk_lcl.h Normal file → Executable file
View File

@@ -1,5 +1,5 @@
/* ====================================================================
* Copyright (c) 2007 - 2017 The GmSSL Project. All rights reserved.
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -47,82 +47,24 @@
* ====================================================================
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/rand.h>
#include <openssl/ecies.h>
static int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type)
{
return 0;
}
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/ossl_typ.h>
int gmssl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
ECIES_CIPHERTEXT_VALUE *cv = NULL;
ECIES_PARAMS params;
if (!ECIES_PARAMS_init_with_type(&params, type)) {
return 0;
}
struct cpk_master_secret_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *secret_factors;
};
RAND_seed(in, inlen);
if (!(cv = ECIES_do_encrypt(&params, in, inlen, ec_key))) {
*outlen = 0;
return 0;
}
*outlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, &out);
ECIES_CIPHERTEXT_VALUE_free(cv);
return 1;
}
int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
ECIES_CIPHERTEXT_VALUE *cv = NULL;
ECIES_PARAMS params;
const unsigned char *cp = in;
unsigned char *der = NULL;
int derlen = -1;
int ret = -1;
if (!ECIES_PARAMS_init_with_type(&params, type)) {
return -1;
}
if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &cp, inlen))) {
return -1;
}
derlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, &der);
if (derlen != inlen || memcmp(in, der, derlen) != 0) {
goto end;
}
ret = ECIES_do_decrypt(&params, cv, out, outlen, ec_key);
end:
OPENSSL_clear_free(der, derlen);
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}
ECIES_CIPHERTEXT_VALUE *gmssl_ecies_do_encrypt(int type, const unsigned char *in,
size_t inlen, EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_do_encrypt(&param, in, inlen, ec_key);
}
int gmssl_ecies_do_decrypt(int type, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_do_decrypt(&param, in, out, outlen, ec_key);
}
struct cpk_public_params_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *public_factors;
};

339
crypto/cpk/cpk_lib.c
View File

@@ -61,13 +61,10 @@
#include <openssl/cpk.h>
#include "../dsa/dsa_locl.h"
#include "../x509/x509_lcl.h"
#include "cpk_lcl.h"
#define ASN1_STRING_data(a) ((a)->data)
static DSA *X509_ALGOR_get1_DSA(X509_ALGOR *algor);
static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param);
static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id);
static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id);
static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor);
static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param);
@@ -244,14 +241,6 @@ CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *ma
}
switch (pkey_type) {
case EVP_PKEY_DSA:
if (!extract_dsa_params(master, param)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_CPK_LIB);
goto err;
}
break;
case EVP_PKEY_EC:
if (!extract_ec_params(master, param)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
@@ -285,21 +274,7 @@ EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(
pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm);
if (pkey_type == EVP_PKEY_DSA) {
DSA *dsa;
if (!(dsa = extract_dsa_priv_key(master, id))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_CPK_LIB);
goto err;
}
if (!EVP_PKEY_assign_DSA(pkey, dsa)) {
DSA_free(dsa);
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_EVP_LIB);
goto err;
}
} else if (pkey_type == EVP_PKEY_EC) {
if (pkey_type == EVP_PKEY_EC) {
EC_KEY *ec_key;
if (!(ec_key = extract_ec_priv_key(master, id))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
@@ -341,21 +316,8 @@ EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param,
pkey_type = OBJ_obj2nid(param->pkey_algor->algorithm);
if (pkey_type == EVP_PKEY_DSA) {
DSA *dsa = NULL;
if (!(dsa = extract_dsa_pub_key(param, id))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_CPK_LIB);
goto err;
}
if (!EVP_PKEY_assign_DSA(pkey, dsa)) {
DSA_free(dsa);
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_EVP_LIB);
goto err;
}
} else if (pkey_type == EVP_PKEY_EC) {
if (pkey_type == EVP_PKEY_EC) {
EC_KEY *ec_key = NULL;
if (!(ec_key = extract_ec_pub_key(param, id))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
@@ -477,237 +439,6 @@ err:
return ret;
}
/*
* static functions
*/
#if 0
// FIXME: check DSA and EC_KEY
static int X509_ALGOR_cmp(X509_ALGOR *a, X509_ALGOR *b)
{
int pkey_type = OBJ_obj2nid(a->algorithm);
if (pkey_type != EVP_PKEY_DSA || pkey_type != EVP_PKEY_EC)
return 1;
if (a->algorithm != b->algorithm)
return -1;
return 0;
}
#endif
static DSA *X509_ALGOR_get1_DSA(X509_ALGOR *algor)
{
DSA *dsa = NULL;
int ptype;
const void *pval;
ASN1_OCTET_STRING *pstr;
const unsigned char *p;
X509_ALGOR_get0(NULL, &ptype, &pval, algor);
if (ptype != V_ASN1_SEQUENCE) {
CPKerr(CPK_F_X509_ALGOR_GET1_DSA, CPK_R_BAD_DATA);
return NULL;
}
pstr = (ASN1_OCTET_STRING *)pval;
p = pstr->data;
if (!(dsa = d2i_DSAparams(NULL, &p, pstr->length))) {
CPKerr(CPK_F_X509_ALGOR_GET1_DSA, ERR_R_DSA_LIB);
return NULL;
}
return dsa;
}
static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param)
{
int ret = 0;
DSA *dsa = NULL;
BIGNUM *pri = BN_new();
BIGNUM *pub = BN_new();
BN_CTX *ctx = BN_CTX_new();
int i, pri_size, pub_size, num_factors;
const unsigned char *pri_ptr;
unsigned char *pub_ptr;
if (!pri || !pub || !ctx) {
goto err;
}
if (!(dsa = (DSA *)X509_ALGOR_get1_DSA(master->pkey_algor))) {
goto err;
}
pri_size = BN_num_bytes(dsa->q);
pub_size = BN_num_bytes(dsa->p);
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
goto err;
}
if (ASN1_STRING_length(master->secret_factors) != pri_size * num_factors) {
goto err;
}
ASN1_STRING_free(param->public_factors);
if (!ASN1_STRING_set(param->public_factors, NULL, pub_size * num_factors)) {
goto err;
}
pri_ptr = ASN1_STRING_data(master->secret_factors);
pub_ptr = ASN1_STRING_data(param->public_factors);
memset(pub_ptr, 0, ASN1_STRING_length(param->public_factors));
for (i = 0; i < num_factors; i++) {
if (!BN_bin2bn(pri_ptr, pri_size, pri)) {
goto err;
}
if (BN_is_zero(pri) || BN_cmp(pri, dsa->q) >= 0) {
goto err;
}
if (!BN_mod_exp(pub, dsa->g, pri, dsa->p, ctx)) {
goto err;
}
if (!BN_bn2bin(pub, pub_ptr + pub_size - BN_num_bytes(pub))) {
goto err;
}
pri_ptr += pri_size;
pub_ptr += pub_size;
}
ret = 1;
err:
if (dsa) DSA_free(dsa);
if (pri) BN_free(pri);
if (pub) BN_free(pub);
if (ctx) BN_CTX_free(ctx);
return ret;
}
static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id)
{
int e = 1;
DSA *dsa = NULL;
BIGNUM *bn = BN_new();
BN_CTX *ctx = BN_CTX_new();
const unsigned char *p;
int *index = NULL;
int i, num_indexes, bn_size;
if (!bn || !ctx) {
goto err;
}
if (!(dsa = X509_ALGOR_get1_DSA(master->pkey_algor))) {
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) {
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
goto err;
}
if (!CPK_MAP_str2index(master->map_algor, id, index)) {
goto err;
}
if (!dsa->priv_key) {
if (!(dsa->priv_key = BN_new())) {
goto err;
}
}
BN_zero(dsa->priv_key);
bn_size = BN_num_bytes(dsa->q);
for (i = 0; i < num_indexes; i++) {
p = ASN1_STRING_data(master->secret_factors) + bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, dsa->q) >= 0) {
goto err;
}
if (!BN_mod_add(dsa->priv_key, dsa->priv_key, bn, dsa->q, ctx)) {
goto err;
}
}
if (!(dsa->pub_key))
if (!(dsa->pub_key = BN_new())) {
goto err;
}
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
goto err;
}
e = 0;
err:
if (e && dsa) {
DSA_free(dsa);
dsa = NULL;
}
if (bn) BN_free(bn);
if (ctx) BN_CTX_free(ctx);
if (index) OPENSSL_free(index);
return dsa;
}
static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
{
int e = 1;
DSA *dsa = NULL;
BIGNUM *bn = BN_new();
BN_CTX *ctx = BN_CTX_new();
const unsigned char *p;
int *index = NULL;
int i, num_indexes, bn_size;
if (!bn || !ctx) {
goto err;
}
if (!(dsa = X509_ALGOR_get1_DSA(param->pkey_algor))) {
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) {
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
goto err;
}
if (!CPK_MAP_str2index(param->map_algor, id, index)) {
goto err;
}
if (!dsa->pub_key) {
if (!(dsa->pub_key = BN_new())) {
goto err;
}
}
BN_zero(dsa->pub_key);
bn_size = BN_num_bytes(dsa->p);
for (i = 0; i < num_indexes; i++) {
p = ASN1_STRING_data(param->public_factors) + bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, dsa->p) >= 0) {
goto err;
}
if (!BN_mod_add(dsa->pub_key, dsa->pub_key, bn, dsa->p, ctx)) {
goto err;
}
}
e = 0;
err:
if (e && dsa) {
DSA_free(dsa);
dsa = NULL;
}
if (bn) BN_free(bn);
if (ctx) BN_CTX_free(ctx);
if (index) OPENSSL_free(index);
return dsa;
}
static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
{
@@ -715,9 +446,9 @@ static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
int ptype;
const void *pval;
const unsigned char *p;
X509_ALGOR_get0(NULL, &ptype, &pval, algor);
if (ptype == V_ASN1_SEQUENCE) {
ASN1_OCTET_STRING *pstr = (ASN1_OCTET_STRING *)pval;
p = pstr->data;
@@ -725,14 +456,14 @@ static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB);
return NULL;
}
} else if (ptype == V_ASN1_OBJECT) {
ASN1_OBJECT *poid = (ASN1_OBJECT *)pval;
EC_GROUP *group;
if (!(ec_key = EC_KEY_new())) {
if (!(ec_key = EC_KEY_new())) {
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
}
if (!(group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid)))) {
EC_KEY_free(ec_key);
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB);
@@ -746,12 +477,12 @@ static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor)
return NULL;
}
EC_GROUP_free(group);
} else {
CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, CPK_R_BAD_DATA);
return NULL;
}
return ec_key;
return ec_key;
}
static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param)
@@ -766,11 +497,11 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
int i, bn_size, pt_size, num_factors;
const unsigned char *bn_ptr;
unsigned char *pt_ptr;
if (!bn || !order || !ctx) {
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
goto err;
}
@@ -780,7 +511,7 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
}
bn_size = BN_num_bytes(order);
pt_size = bn_size + 1;
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
goto err;
}
@@ -790,13 +521,13 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
if (!ASN1_STRING_set(param->public_factors, NULL, pt_size * num_factors)) {
goto err;
}
bn_ptr = ASN1_STRING_data(master->secret_factors);
pt_ptr = ASN1_STRING_data(param->public_factors);
memset(pt_ptr, 0, ASN1_STRING_length(param->public_factors));
if (!(pt = EC_POINT_new(ec_group))) {
goto err;
goto err;
}
for (i = 0; i < num_factors; i++) {
if (!BN_bin2bn(bn_ptr, bn_size, bn)) {
@@ -808,17 +539,17 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
if (!EC_POINT_mul(ec_group, pt, bn, NULL, NULL, ctx)) {
goto err;
}
if (!EC_POINT_point2oct(ec_group, pt,
if (!EC_POINT_point2oct(ec_group, pt,
POINT_CONVERSION_COMPRESSED, pt_ptr, pt_size, ctx)) {
goto err;
}
bn_ptr += bn_size;
pt_ptr += pt_size;
}
ret = 1;
err:
err:
if (ec_key) EC_KEY_free(ec_key);
if (bn) BN_free(bn);
if (order) BN_free(order);
@@ -827,8 +558,6 @@ err:
return ret;
}
static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
{
int e = 1;
@@ -842,11 +571,11 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
int *index = NULL;
int i, num_indexes, bn_size;
if (!priv_key || !bn || !order || !ctx) {
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
goto err;
}
@@ -860,17 +589,17 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
goto err;
}
}
if (!CPK_MAP_str2index(master->map_algor, id, index)) {
goto err;
}
BN_zero(priv_key);
if (!(EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, ctx))) {
goto err;
}
bn_size = BN_num_bytes(order);
for (i = 0; i < num_indexes; i++) {
const unsigned char *p =
ASN1_STRING_data(master->secret_factors) +
@@ -897,7 +626,7 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
goto err;
}
e = 0;
err:
if (e && ec_key) {
EC_KEY_free(ec_key);
@@ -924,12 +653,12 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
BN_CTX *ctx = BN_CTX_new();
int *index = NULL;
int i, bn_size, pt_size, num_indexes, num_factors;
if (!(ec_key = X509_ALGOR_get1_EC_KEY(param->pkey_algor))) {
goto err;
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(pub_key = EC_POINT_new(ec_group))) {
goto err;
}
@@ -953,7 +682,7 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
goto err;
}
}
if (!CPK_MAP_str2index(param->map_algor, id, index)) {
goto err;
}
@@ -962,9 +691,9 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
goto err;
}
for (i = 0; i < num_indexes; i++) {
const unsigned char *p =
ASN1_STRING_data(param->public_factors) +
pt_size * index[i];
const unsigned char *p =
ASN1_STRING_data(param->public_factors) +
pt_size * index[i];
if (!EC_POINT_oct2point(ec_group, pt, p, pt_size, ctx)) {
goto err;
@@ -990,5 +719,3 @@ err:
if (index) OPENSSL_free(index);
return ec_key;
}

2
crypto/cpk/cpk_map.c
View File

@@ -52,6 +52,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
X509_ALGOR *CPK_MAP_new_default()
{
@@ -175,4 +176,3 @@ err:
if (bn) BN_free(bn);
return ret;
}

1
crypto/cpk/cpk_prn.c
View File

@@ -50,6 +50,7 @@
#include <string.h>
#include <openssl/bio.h>
#include <openssl/cpk.h>
#include "cpk_lcl.h"
int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master,
int indent, unsigned long flags)

12
crypto/ec/ec_err.c
View File

@@ -45,6 +45,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
{ERR_FUNC(EC_F_ECIES_PARAMS_GET_MAC), "ECIES_PARAMS_get_mac"},
{ERR_FUNC(EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED),
"ECIES_PARAMS_init_with_recommended"},
{ERR_FUNC(EC_F_ECIES_PARAMS_INIT_WITH_TYPE),
"ECIES_PARAMS_init_with_type"},
{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "eckey_param2type"},
{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "eckey_param_decode"},
{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "eckey_priv_decode"},
@@ -244,8 +246,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
{ERR_FUNC(EC_F_SM2_DECRYPT), "SM2_decrypt"},
{ERR_FUNC(EC_F_SM2_DO_DECRYPT), "SM2_do_decrypt"},
{ERR_FUNC(EC_F_SM2_DO_ENCRYPT), "SM2_do_encrypt"},
{ERR_FUNC(EC_F_SM2_DO_SIGN), "sm2_do_sign"},
{ERR_FUNC(EC_F_SM2_DO_VERIFY), "sm2_do_verify"},
{ERR_FUNC(EC_F_SM2_DO_SIGN), "SM2_do_sign"},
{ERR_FUNC(EC_F_SM2_DO_VERIFY), "SM2_do_verify"},
{ERR_FUNC(EC_F_SM2_ENCRYPT), "SM2_encrypt"},
{ERR_FUNC(EC_F_SM2_ENC_PARAMS_DUP), "SM2_ENC_PARAMS_dup"},
{ERR_FUNC(EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED),
@@ -257,7 +259,7 @@ static ERR_STRING_DATA EC_str_functs[] = {
{ERR_FUNC(EC_F_SM2_KAP_CTX_INIT), "SM2_KAP_CTX_init"},
{ERR_FUNC(EC_F_SM2_KAP_FINAL_CHECK), "SM2_KAP_final_check"},
{ERR_FUNC(EC_F_SM2_KAP_PREPARE), "SM2_KAP_prepare"},
{ERR_FUNC(EC_F_SM2_SIGN_SETUP), "sm2_sign_setup"},
{ERR_FUNC(EC_F_SM2_SIGN_SETUP), "SM2_sign_setup"},
{ERR_FUNC(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK),
"type1curve_eval_line_textbook"},
{ERR_FUNC(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK),
@@ -299,6 +301,7 @@ static ERR_STRING_DATA EC_str_reasons[] = {
{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
"ec group new by name failure"},
{ERR_REASON(EC_R_ENCRYPT_FAILED), "encrypt failed"},
{ERR_REASON(EC_R_ENCRYPT_FAILURE), "encrypt failure"},
{ERR_REASON(EC_R_ERROR), "error"},
{ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
{ERR_REASON(EC_R_GEN_MAC_FAILED), "gen mac failed"},
@@ -326,13 +329,16 @@ static ERR_STRING_DATA EC_str_reasons[] = {
{ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
{ERR_REASON(EC_R_INVALID_ECIES_CIPHERTEXT), "invalid ecies ciphertext"},
{ERR_REASON(EC_R_INVALID_ECIES_PARAMETERS), "invalid ecies parameters"},
{ERR_REASON(EC_R_INVALID_ECIES_PARAMS), "invalid ecies params"},
{ERR_REASON(EC_R_INVALID_EC_KEY), "invalid ec key"},
{ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
{ERR_REASON(EC_R_INVALID_ENC_PARAM), "invalid enc param"},
{ERR_REASON(EC_R_INVALID_ENC_TYPE), "invalid enc type"},
{ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
{ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
{ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
{ERR_REASON(EC_R_INVALID_ID_LENGTH), "invalid id length"},
{ERR_REASON(EC_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(EC_R_INVALID_KDF_MD), "invalid kdf md"},
{ERR_REASON(EC_R_INVALID_KEY), "invalid key"},
{ERR_REASON(EC_R_INVALID_MD), "invalid md"},

8
crypto/ec/ec_kmeth.c
View File

@@ -28,10 +28,10 @@ static const EC_KEY_METHOD openssl_ec_key_method = {
ossl_ecdsa_verify,
ossl_ecdsa_verify_sig,
#ifndef OPENSSL_NO_SM2
gmssl_ecies_encrypt,
gmssl_ecies_do_encrypt,
gmssl_ecies_decrypt,
gmssl_ecies_do_decrypt,
ECIES_encrypt,
NULL,
ECIES_decrypt,
NULL,
#endif
};

106
crypto/ec/ec_pmeth.c
View File

@@ -41,13 +41,9 @@ typedef struct {
size_t kdf_outlen;
#ifndef OPENSSL_NO_SM2
int sign_type;
int exch_type;
int enc_type;
int dh_type;
union {
void *ptr;
ECIES_PARAMS *ecies;
SM2_ENC_PARAMS *sm2;
} enc_param;
int enc_param;
#endif
} EC_PKEY_CTX;
@@ -63,9 +59,9 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE;
#ifndef OPENSSL_NO_SM2
dctx->sign_type = NID_secg_scheme;
dctx->exch_type = NID_secg_scheme;
dctx->enc_type = NID_secg_scheme;
dctx->dh_type = NID_secg_scheme;
dctx->enc_param.ptr = NULL;
dctx->enc_param = NID_undef;
#endif
ctx->data = dctx;
return 1;
@@ -102,23 +98,9 @@ static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
dctx->kdf_ukmlen = sctx->kdf_ukmlen;
#ifndef OPENSSL_NO_SM2
dctx->sign_type = sctx->sign_type;
dctx->exch_type = sctx->exch_type;
dctx->enc_type = sctx->enc_type;
dctx->dh_type = sctx->dh_type;
if (sctx->enc_param.ptr) {
if (sctx->enc_type == NID_secg_scheme) {
dctx->enc_param.ecies = ECIES_PARAMS_dup(sctx->enc_param.ecies);
if (!dctx->enc_param.ecies) {
return 0;
}
} else if (sctx->enc_type == NID_sm_scheme) {
dctx->enc_param.sm2 = SM2_ENC_PARAMS_dup(sctx->enc_param.sm2);
if (!dctx->enc_param.sm2) {
return 0;
}
} else {
return 0;
}
}
dctx->enc_param = sctx->enc_param;
#endif
return 1;
}
@@ -130,18 +112,6 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
EC_GROUP_free(dctx->gen_group);
EC_KEY_free(dctx->co_key);
OPENSSL_free(dctx->kdf_ukm);
#ifndef OPENSSL_NO_SM2
if (dctx->enc_param.ptr) {
if (dctx->enc_type == NID_secg_scheme) {
ECIES_PARAMS_free(dctx->enc_param.ecies);
} else if (dctx->enc_type == NID_sm_scheme) {
SM2_ENC_PARAMS_free(dctx->enc_param.sm2);
} else {
/* this should not happen */
OPENSSL_free(dctx->enc_param.ptr);
}
}
#endif
OPENSSL_free(dctx);
}
}
@@ -214,33 +184,17 @@ static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
switch (dctx->enc_type) {
case NID_sm_scheme:
if (dctx->enc_param.sm2) {
if (!SM2_encrypt(dctx->enc_param.sm2, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_FAILED);
return 0;
}
} else {
if (!SM2_encrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_WITH_RECOMMENDED_FAILED);
return 0;
}
if (!SM2_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_FAILED);
return 0;
}
break;
case NID_secg_scheme:
if (dctx->enc_param.ecies) {
if (!ECIES_encrypt(dctx->enc_param.ecies, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_FAILED);
return 0;
}
} else {
if (!ECIES_encrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_WITH_RECOMMENDED_FAILED);
return 0;
}
if (!ECIES_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_FAILED);
return 0;
}
break;
default:
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_INVALID_ENC_TYPE);
return 0;
@@ -257,30 +211,15 @@ static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
switch (dctx->enc_type) {
case NID_sm_scheme:
if (dctx->enc_param.sm2) {
if (!SM2_decrypt(dctx->enc_param.sm2, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_FAILED);
return 0;
}
} else {
if (!SM2_decrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_WITH_RECOMMENDED_FAILED);
return 0;
}
if (!SM2_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_FAILED);
return 0;
}
break;
case NID_secg_scheme:
if (dctx->enc_param.ecies) {
if (!ECIES_decrypt(dctx->enc_param.ecies, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_FAILED);
return 0;
}
} else {
if (!ECIES_decrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_WITH_RECOMMENDED_FAILED);
return 0;
}
if (!ECIES_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_FAILED);
return 0;
}
break;
@@ -325,7 +264,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
outlen = *keylen;
#ifndef OPENSSL_NO_SM2
if (dctx->dh_type == NID_sm_scheme)
if (dctx->exch_type == NID_sm_scheme)
ret = SM2_compute_key(key, outlen, pubkey, eckey, 0);
else
#endif
@@ -465,14 +404,14 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_EC_DH_TYPE:
if (p1 == -2)
return dctx->dh_type;
return dctx->exch_type;
if (p1 != NID_secg_scheme && p1 != NID_sm_scheme)
return -2;
dctx->dh_type = p1;
dctx->exch_type = p1;
return 1;
case EVP_PKEY_CTRL_GET_EC_DH_TYPE:
*(int *)p2 = dctx->dh_type;
*(int *)p2 = dctx->exch_type;
return 1;
#endif
@@ -556,6 +495,7 @@ static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
}
return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
#ifndef OPENSSL_NO_SM2
} else if (!strcmp(type, "signer")) {
} else if (!strcmp(type, "ec_sign_algor")) {
int sign_type;
if (!strcmp(value, "ecdsa"))

118
crypto/ec2/bn_gfp2.c
View File

@@ -121,18 +121,6 @@ int BN_GFP2_copy(BN_GFP2 *r, const BN_GFP2 *a)
return 1;
}
int BN_GFP2_zero(BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_ZERO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_zero(a->a0);
BN_zero(a->a1);
return 1;
}
int BN_GFP2_one(BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
@@ -145,6 +133,18 @@ int BN_GFP2_one(BN_GFP2 *a)
return 1;
}
int BN_GFP2_zero(BN_GFP2 *a)
{
if (!a || !a->a0 || !a->a1) {
BNerr(BN_F_BN_GFP2_ZERO, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_zero(a->a0);
BN_zero(a->a1);
return 1;
}
/* return 1 on success, so dont use !BN_GFP2_is_zero() to check return value */
int BN_GFP2_is_zero(const BN_GFP2 *a)
{
@@ -156,26 +156,16 @@ int BN_GFP2_is_zero(const BN_GFP2 *a)
return (BN_is_zero(a->a0) && BN_is_zero(a->a1));
}
/*
* can we compare values on F_p^2 ?
*/
int BN_GFP2_cmp(const BN_GFP2 *a, const BN_GFP2 *b)
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b)
{
if (!a || !b || !a->a0 || !a->a1 || !b->a0 || !b->a1) {
BNerr(BN_F_BN_GFP2_CMP, ERR_R_PASSED_NULL_PARAMETER);
return -1;
BNerr(BN_F_BN_GFP2_EQU, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
return ((BN_cmp(a->a0, b->a0) == 0) && (BN_cmp(a->a1, b->a1) == 0));
}
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b)
{
//FIXME
return 0;
}
int BN_GFP2_add(BN_GFP2 *r, const BN_GFP2 *a, const BN_GFP2 *b,
const BIGNUM *p, BN_CTX *ctx)
{
@@ -416,6 +406,45 @@ end:
return ret;
}
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *a;
if (!(a = BN_CTX_get(ctx))) {
goto end;
}
BN_one(a);
if (!BN_lshift(a, a, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_rshift(gfp2->a1, bn, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_mod(gfp2->a0, bn, a, ctx)) {
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
/* return (a0 + a1 << 2^n), n = log_2(p), n % 8 == 0 */
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx)
{
if (!BN_lshift(bn, gfp2->a1, BN_num_bytes(p) * 8)) {
return 0;
}
if (!BN_add(bn, bn, gfp2->a0)) {
return 0;
}
return 1;
}
int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
int order, const BIGNUM *p, BN_CTX *ctx)
{
@@ -462,42 +491,3 @@ int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
*outlen = len;
return 1;
}
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *a;
if (!(a = BN_CTX_get(ctx))) {
goto end;
}
BN_one(a);
if (!BN_lshift(a, a, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_rshift(gfp2->a1, bn, BN_num_bytes(p)*8)) {
goto end;
}
if (!BN_mod(gfp2->a0, bn, a, ctx)) {
goto end;
}
ret = 1;
end:
BN_CTX_end(ctx);
return ret;
}
/* return (a0 + a1 << 2^n), n = log_2(p), n % 8 == 0 */
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx)
{
if (!BN_lshift(bn, gfp2->a1, BN_num_bytes(p) * 8)) {
return 0;
}
if (!BN_add(bn, bn, gfp2->a0)) {
return 0;
}
return 1;
}

30
crypto/ec2/bn_hash.c
View File

@@ -135,33 +135,3 @@ end:
OPENSSL_free(buf);
return ret;
}
#if 0
int main(void)
{
char *s = "This ASCII string without null-terminator";
BIGNUM *bn = NULL;
BIGNUM *ret = NULL;
BIGNUM *range = NULL;
BN_hex2bn(&range, "ffffffffffffffffffffefffffffffffffffffff");
BN_hex2bn(&bn, "79317c1610c1fc018e9c53d89d59c108cd518608");
if (!BN_hash2bn(&ret, s, strlen(s), EVP_sha1(), range)) {
printf("BN_hash2bn() function failed\n");
return 0;
}
if (!ret) {
printf("shit\n");
}
printf("%s\n", BN_bn2hex(ret));
if (BN_cmp(ret, bn) != 0) {
printf("BN_hash2bn() test failed\n");
return 0;
}
printf("BN_hash2bn() test passed\n");
return 1;
}
#endif

46
crypto/ec2/bn_solinas.c
View File

@@ -60,6 +60,16 @@
* use it for fast check of solinas
*/
#define BN_SOLINAS_192V1 0
#define BN_SOLINAS_192V2 1
#define BN_SOLINAS_224V1 2
#define BN_SOLINAS_256V1 3
#define BN_SOLINAS_384V1 4
#define BN_SOLINAS_512V1 5
#define BN_SOLINAS_512V2 6
#define BN_SOLINAS_1024V1 7
#define BN_SOLINAS_1024V2 8
static BN_SOLINAS BN_solinas_table[] = {
{ 192, 16, -1, -1 },
{ 192, 64, -1, -1 },
@@ -92,7 +102,6 @@ static BN_SOLINAS BN_solinas_table[] = {
* 0xfffffffffbfffffffffffffffffffffffff
*/
int BN_bn2solinas(const BIGNUM *bn, BN_SOLINAS *solinas)
{
int ret = 0;
@@ -115,6 +124,7 @@ int BN_bn2solinas(const BIGNUM *bn, BN_SOLINAS *solinas)
}
solinas->c = BN_is_bit_set(bn, 1) ? 1 : -1;
if (BN_is_bit_set(bn, nbits - 1)) {
solinas->s = -1;
solinas->a = nbits;
@@ -133,10 +143,16 @@ end:
int BN_solinas2bn(const BN_SOLINAS *solinas, BIGNUM *bn)
{
int ret = 0;
#if 0
BIGNUM *tmp = NULL;
if (b <= 0 || a <= b || (s != 1 && s != -1) ||
(c != 1 && c != -1)) {
if (!solinas || !bn) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_MALLOC_FAILURE);
return 0;
}
if (solinas->b <= 0 || solinas->a <= solinas->b
|| (solinas->s != 1 && solinas->s != -1)
|| (solinas->c != 1 && solinas->c != -1)) {
BNerr(BN_F_BN_SOLINAS2BN, BN_R_INVALID_SOLINAS_PARAMETERS);
return 0;
}
@@ -148,36 +164,38 @@ int BN_solinas2bn(const BN_SOLINAS *solinas, BIGNUM *bn)
BN_one(tmp);
if (!BN_lshift(solinas, tmp, a)) {
if (!BN_lshift(bn, tmp, solinas->a)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_lshift(tmp, tmp, b)) {
if (!BN_lshift(tmp, tmp, solinas->b)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (!BN_add_word(tmp, c)) {
if (!BN_add_word(tmp, solinas->c)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
if (s > 0) {
if (!BN_add(solinas, solinas, tmp)) {
if (solinas->s > 0) {
if (!BN_add(bn, bn, tmp)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
} else {
if (!BN_sub(solinas, solinas, tmp)) {
if (!BN_sub(bn, bn, tmp)) {
BNerr(BN_F_BN_SOLINAS2BN, ERR_R_BN_LIB);
goto end;
}
}
/* check if solinas is a prime */
/* check if it is a prime */
ret = 1;
end:
BN_free(tmp);
#endif
return ret;
}
@@ -191,3 +209,7 @@ int BN_is_solinas(const BIGNUM *a)
return 0;
}
BN_SOLINAS *BN_get_solinas(int index)
{
return NULL;
}

2
crypto/ec2/build.info
View File

@@ -1,3 +1,3 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=bn_gfp2.c bn_solinas.c bn_hash.c \
fppoint.c ec_expoint.c ec_hash.c ec_type1.c
fppoint.c ec_hash.c ec_type1.c

30
crypto/ec2/ec_type1.c
View File

@@ -51,8 +51,10 @@
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn_gfp2.h>
EC_GROUP *EC_GROUP_generate_type1curve(const BIGNUM *order, BN_CTX *bn_ctx)
{
ECerr(EC_F_EC_GROUP_GENERATE_TYPE1CURVE, 0);
@@ -781,3 +783,31 @@ int EC_type1curve_tate_ratio(const EC_GROUP *group, BN_GFP2 *r,
return 0;
}
typedef struct {
int security_bits;
int n_bits;
int p_bits;
int q_bits;
} TYPE1CURVE_SEC;
static TYPE1CURVE_SEC sec_tbl[] = {
/* k |n| |p| |q| */
{ 80, 1024, 512, 160},
{112, 2048, 1024, 224},
{128, 3072, 1536, 256},
{192, 7680, 3840, 384},
{256, 15360, 7680, 512}
};
const EVP_MD *TYPE1CURVE_nbits_to_md(int nbits)
{
switch (nbits) {
case 1024: return EVP_sha1();
case 2048: return EVP_sha224();
case 3072: return EVP_sha256();
case 7680: return EVP_sha384();
case 15360: return EVP_sha512();
}
return NULL;
}

2
crypto/ecies/build.info
View File

@@ -1,2 +1,2 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=ecies_asn1.c ecies_lib.c ecies_gmssl.c
SOURCE[../../libcrypto]=ecies_asn1.c ecies_lib.c

1
crypto/ecies/ecies_asn1.c
View File

@@ -57,6 +57,7 @@
#include <openssl/obj_mac.h>
#include <openssl/kdf2.h>
#include <openssl/ecies.h>
#include "ecies_lcl.h"
/*
* From SEC 1, Version 1.9 Draft, 2008

6
crypto/ecies/ecies_lcl.h
View File

@@ -50,6 +50,12 @@
#include <string.h>
#include <openssl/ecies.h>
struct ecies_ciphertext_value_st {
ASN1_OCTET_STRING *ephem_point;
ASN1_OCTET_STRING *ciphertext;
ASN1_OCTET_STRING *mactag;
};
int gmssl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,

126
crypto/ecies/ecies_lib.c
View File

@@ -60,9 +60,40 @@
#include <openssl/kdf2.h>
#include <openssl/ecies.h>
#include "internal/o_str.h"
#include "ecies_lcl.h"
#define ECIES_ENC_RANDOM_IV 1
int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type)
{
if (!params) {
ECerr(EC_F_ECIES_PARAMS_INIT_WITH_TYPE, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
switch (type) {
case NID_ecies_with_x9_63_sha1_xor_hmac:
params->kdf_nid = NID_x9_63_kdf;
params->kdf_md = EVP_sha1();
params->enc_nid = NID_xor_in_ecies;
params->mac_nid = NID_hmac_full_ecies;
params->hmac_md = EVP_sha1();
break;
case NID_ecies_with_x9_63_sha256_xor_hmac:
params->kdf_nid = NID_x9_63_kdf;
params->kdf_md = EVP_sha256();
params->enc_nid = NID_xor_in_ecies;
params->mac_nid = NID_hmac_full_ecies;
params->hmac_md = EVP_sha256();
break;
default:
ECerr(EC_F_ECIES_PARAMS_INIT_WITH_TYPE, EC_R_INVALID_ECIES_PARAMS);
return 0;
}
return 1;
}
int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
{
if (!param) {
@@ -80,37 +111,6 @@ int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
return 1;
}
ECIES_PARAMS *ECIES_PARAMS_new(void)
{
ECIES_PARAMS *ret = NULL;
if (!(ret = OPENSSL_malloc(sizeof(*ret)))) {
return NULL;
}
ECIES_PARAMS_init_with_recommended(ret);
return ret;
}
ECIES_PARAMS *ECIES_PARAMS_dup(const ECIES_PARAMS *param)
{
ECIES_PARAMS *ret = NULL;
if (!(ret = OPENSSL_zalloc(sizeof(*ret)))) {
return NULL;
}
/* check param */
memcpy(ret, param, sizeof(*param));
return ret;
}
void ECIES_PARAMS_free(ECIES_PARAMS *param)
{
OPENSSL_free(param);
}
KDF_FUNC ECIES_PARAMS_get_kdf(const ECIES_PARAMS *param)
{
if (!param || !param->kdf_md) {
@@ -650,16 +650,22 @@ end:
return ret;
}
int ECIES_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
int ECIES_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
ECIES_PARAMS param;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
unsigned char *p = out;
int len;
if (!(cv = ECIES_do_encrypt(param, in, inlen, ec_key))) {
if (!ECIES_PARAMS_init_with_type(&param, type)) {
ECerr(EC_F_ECIES_ENCRYPT, EC_R_INVALID_ENC_PARAM);
return 0;
}
RAND_seed(in, inlen);
if (!(cv = ECIES_do_encrypt(&param, in, inlen, ec_key))) {
ECerr(EC_F_ECIES_ENCRYPT, EC_R_ENCRYPT_FAILED);
return 0;
}
@@ -694,22 +700,40 @@ end:
return ret;
}
int ECIES_decrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
int ECIES_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
ECIES_PARAMS param;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
const unsigned char *p = in;
if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &p, (long)inlen))) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILED);
if (!in) {
ECerr(EC_F_ECIES_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!ECIES_do_decrypt(param, cv, out, outlen, ec_key)) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILED);
if (inlen <= 0 || inlen > INT_MAX) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_INPUT_LENGTH);
return 0;
}
if (!ECIES_PARAMS_init_with_type(&param, type)) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ENC_PARAM);
return 0;
}
if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &in, (long)inlen))) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ECIES_CIPHERTEXT);
return 0;
}
if (inlen != i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL)) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ECIES_CIPHERTEXT);
goto end;
}
if (!ECIES_do_decrypt(&param, cv, out, outlen, ec_key)) {
ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILURE);
goto end;
}
@@ -718,21 +742,3 @@ end:
ECIES_CIPHERTEXT_VALUE_free(cv);
return ret;
}
int ECIES_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_encrypt(&param, in, inlen, out, outlen, ec_key);
}
int ECIES_decrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
ECIES_PARAMS param;
ECIES_PARAMS_init_with_recommended(&param);
return ECIES_decrypt(&param, in, inlen, out, outlen, ec_key);
}

2
crypto/err/err.c
View File

@@ -67,6 +67,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_GMAPI, 0, 0), "GMAPI routines"},
{ERR_PACK(ERR_LIB_BFIBE, 0, 0), "BFIBE routines"},
{ERR_PACK(ERR_LIB_BB1IBE, 0, 0), "BB1IBE routines"},
{ERR_PACK(ERR_LIB_SM2, 0, 0), "SM2 routines"},
{ERR_PACK(ERR_LIB_SM9, 0, 0), "SM9 routines"},
{ERR_PACK(ERR_LIB_SAF, 0, 0), "SAF routines"},
{ERR_PACK(ERR_LIB_SDF, 0, 0), "SDF routines"},
@@ -124,6 +125,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_GMAPI_LIB, "GMAPI lib"},
{ERR_R_BFIBE_LIB, "BFIBE lib"},
{ERR_R_BB1IBE_LIB, "BB1IBE lib"},
{ERR_R_SM2_LIB, "SM2 lib"},
{ERR_R_SM9_LIB, "SM9 lib"},
{ERR_R_SAF_LIB, "SAF lib"},
{ERR_R_SDF_LIB, "SDF lib"},

4
crypto/err/err_all.c
View File

@@ -47,6 +47,7 @@
#include <openssl/gmapi.h>
#include <openssl/bfibe.h>
#include <openssl/bb1ibe.h>
#include <openssl/sm2.h>
#include <openssl/sm9.h>
#include <openssl/gmsaf.h>
#include <openssl/gmsdf.h>
@@ -138,6 +139,9 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_BB1IBE
ERR_load_BB1IBE_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_SM2
ERR_load_SM2_strings() == 0 ||
# endif
# ifndef OPENSSL_NO_SM9
ERR_load_SM9_strings() == 0 ||
# endif

1
crypto/err/openssl.ec
View File

@@ -43,6 +43,7 @@ L OTP include/openssl/otp.h crypto/otp/otp_err.c
L GMAPI include/openssl/gmapi.h crypto/gmapi/gmapi_err.c
L BFIBE include/openssl/bfibe.h crypto/bfibe/bfibe_err.c
L BB1IBE include/openssl/bb1ibe.h crypto/bb1ibe/bb1ibe_err.c
L SM2 include/openssl/sm2.h crypto/sm2/sm2_err.c
L SM9 include/openssl/sm9.h crypto/sm9/sm9_err.c
L SAF include/openssl/gmsaf.h crypto/saf/saf_err.c
L SDF include/openssl/gmsdf.h crypto/sdf/sdf_err.c

11
crypto/evp/digest.c
View File

@@ -145,7 +145,16 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return ctx->update(ctx, data, count);
#ifndef OPENSSL_NO_SM2
if (!ctx->is_updated && ctx->pctx && ctx->pctx->pre_update) {
if (!ctx->update(ctx, ctx->pctx->pre_update,
ctx->pctx->pre_update_len)) {
return 0;
}
}
ctx->is_updated = 1;
#endif
return ctx->update(ctx, data, count);
}
/* The caller can assume that this removes any secret data from the context */

1
crypto/evp/evp_locl.h
View File

@@ -19,6 +19,7 @@ struct evp_md_ctx_st {
EVP_PKEY_CTX *pctx;
/* Update function: usually copied from EVP_MD */
int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
int is_updated;
} /* EVP_MD_CTX */ ;
struct evp_cipher_ctx_st {

18
crypto/evp/m_sha1.c
View File

@@ -10,13 +10,15 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_SHA1
#ifndef OPENSSL_NO_SHA
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
#include "internal/evp_int.h"
# include <openssl/evp.h>
# include <openssl/objects.h>
# include <openssl/sha.h>
# ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
# endif
# include "internal/evp_int.h"
static int init(EVP_MD_CTX *ctx)
{
@@ -112,6 +114,7 @@ const EVP_MD *EVP_sha1(void)
return (&sha1_md);
}
# ifndef OPENSSL_NO_SHA256
static int init224(EVP_MD_CTX *ctx)
{
return SHA224_Init(EVP_MD_CTX_md_data(ctx));
@@ -174,7 +177,9 @@ const EVP_MD *EVP_sha256(void)
{
return (&sha256_md);
}
# endif
# ifndef OPENSSL_NO_SHA512
static int init384(EVP_MD_CTX *ctx)
{
return SHA384_Init(EVP_MD_CTX_md_data(ctx));
@@ -233,4 +238,5 @@ const EVP_MD *EVP_sha512(void)
{
return (&sha512_md);
}
# endif
#endif

8
crypto/evp/m_sm3.c
View File

@@ -48,14 +48,14 @@
*/
#include <stdio.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/objects.h>
#include "internal/cryptlib.h"
#include "internal/evp_int.h"
#ifndef OPENSSL_NO_SM3
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/objects.h>
# include <openssl/sm3.h>
# include "internal/evp_int.h"
static int init(EVP_MD_CTX *ctx)
{

83
crypto/evp/p_dec.c
View File

@@ -1,3 +1,51 @@
/* ====================================================================
* Copyright (c) 2014 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
@@ -13,24 +61,37 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/sm2.h>
int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
EVP_PKEY *priv)
{
int ret = -1;
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t siz;
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_id(priv) != EVP_PKEY_RSA) {
if (EVP_PKEY_id(priv) == EVP_PKEY_RSA) {
if ((ret = RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv), RSA_PKCS1_PADDING)) < 0) {
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, ERR_R_RSA_LIB);
return 0;
}
}
#endif
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}
ret =
RSA_private_decrypt(ekl, ek, key, EVP_PKEY_get0_RSA(priv),
RSA_PKCS1_PADDING);
err:
#ifndef OPENSSL_NO_SM2
if (!(ctx = EVP_PKEY_CTX_new(priv, NULL))
|| !EVP_PKEY_decrypt_init(ctx)
|| !EVP_PKEY_CTX_set_ec_enc_type(ctx, NID_sm_scheme)
|| !EVP_PKEY_decrypt(ctx, key, &siz, ek, ekl)) {
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, ERR_R_EVP_LIB);
goto end;
}
ret = (int)siz;
#endif
return (ret);
end:
EVP_PKEY_CTX_free(ctx);
return (ret);
}

1
crypto/evp/p_enc.c
View File

@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/sm2.h>
int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in,
int inlen, EVP_PKEY *pkey)

14
crypto/gmapi/gmapi_err.c
View File

@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -139,6 +139,18 @@ static ERR_STRING_DATA GMAPI_str_functs[] = {
{ERR_FUNC(GMAPI_F_SKF_MACINIT), "SKF_MacInit"},
{ERR_FUNC(GMAPI_F_SKF_MACUPDATE), "SKF_MacUpdate"},
{ERR_FUNC(GMAPI_F_SKF_SETSYMMKEY), "SKF_SetSymmKey"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER),
"SM2CiphertextValue_get_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB),
"SM2CiphertextValue_get_ECCCIPHERBLOB"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER),
"SM2CiphertextValue_new_from_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB),
"SM2CiphertextValue_new_from_ECCCIPHERBLOB"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER),
"SM2CiphertextValue_set_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB),
"SM2CiphertextValue_set_ECCCIPHERBLOB"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER),
"SM2_CIPHERTEXT_VALUE_get_ECCCipher"},
{ERR_FUNC(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB),

89
crypto/gmapi/gmapi_sdf_ec.c
View File

@@ -288,40 +288,39 @@ int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref)
return 1;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(
const ECCCipher *ref)
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCipher(const ECCCipher *ref)
{
SM2_CIPHERTEXT_VALUE *ret = NULL;
SM2_CIPHERTEXT_VALUE *cv = NULL;
SM2CiphertextValue *ret = NULL;
SM2CiphertextValue *cv = NULL;
EC_GROUP *group = NULL;
/* check arguments */
if (!ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (ref->L > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_INVALID_CIPHETEXT_LENGTH);
return NULL;
}
/* ECCCipher => SM2_CIPHERTEXT_VALUE */
/* ECCCipher => SM2CiphertextValue */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
if (!(cv = SM2_CIPHERTEXT_VALUE_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
if (!(cv = SM2CiphertextValue_new(group))) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_set_ECCCipher(cv, ref)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER,
if (!SM2CiphertextValue_set_ECCCipher(cv, ref)) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER,
GMAPI_R_INVALID_SM2_CIPHERTEXT);
goto end;
}
@@ -331,7 +330,7 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(
end:
EC_GROUP_free(group);
SM2_CIPHERTEXT_VALUE_free(cv);
SM2CiphertextValue_free(cv);
return ret;
}
@@ -344,7 +343,7 @@ end:
* implementations, developers have to check the encoding of the vendor's
* library to make sure the encoding/decoding is correct
*/
int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
int SM2CiphertextValue_set_ECCCipher(SM2CiphertextValue *cv,
const ECCCipher *ref)
{
int ret = 0;
@@ -356,20 +355,20 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
/* check arguments */
if (!cv || !ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
/* variables */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
/* this will never happen with GmSSL's sdf.h */
if (EC_GROUP_get_degree(group) > ECCref_MAX_BITS) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
@@ -377,7 +376,7 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
/* malloc */
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
@@ -385,36 +384,37 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
/* ECCCipher ==> SM2_CIPHERTEXT_VALUE */
if (!BN_bin2bn(ref->x, ECCref_MAX_LEN, x)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
/* ECCCipher ==> SM2CiphertextValue */
if (!BN_bin2bn(ref->x, ECCref_MAX_LEN, cv->xCoordinate)) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!BN_bin2bn(ref->y, ECCref_MAX_LEN, y)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
if (!BN_bin2bn(ref->y, ECCref_MAX_LEN, cv->yCoordinate)) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!cv->ephem_point) {
if (!(cv->ephem_point = EC_POINT_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
}
@@ -423,14 +423,14 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv,
memcpy(cv->mactag, ref->M, 32);
if (ref->L <= 0 || ref->L > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
cv->ciphertext_size = (size_t)ref->L;
if (!(cv->ciphertext = OPENSSL_realloc(cv->ciphertext, (size_t)ref->L))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER,
GMAPI_R_MALLOC_FAILED);
goto end;
}
@@ -459,7 +459,7 @@ end:
* use the vendor's header file. Then the errors can be found by the
* compiler.
*/
int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
int SM2CiphertextValue_get_ECCCipher(const SM2CiphertextValue *cv,
ECCCipher *ref)
{
int ret = 0;
@@ -470,7 +470,7 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
/* check arguments */
if (!cv || !ref) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
@@ -480,19 +480,19 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
* ciphertext
*/
if (ref->L < cv->ciphertext_size) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
GMAPI_R_BUFFER_TOO_SMALL);
return 0;
}
/* malloc */
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
return 0;
}
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER, ERR_R_BN_LIB);
goto end;
}
@@ -500,53 +500,53 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
x = BN_CTX_get(bn_ctx);
y = BN_CTX_get(bn_ctx);
if (!x || !y) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
ERR_R_MALLOC_FAILURE);
goto end;
}
/* SM2_CIPHERTEXT_VALUE ==> ECCCipher */
/* SM2CiphertextValue ==> ECCCipher */
memset(ref, 0, sizeof(*ref));
/* encode ephem point `ECCCipher->x`, `ECCCipher->y` */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
ERR_R_EC_LIB);
goto end;
}
}
/*
* check compatible of SM2_CIPHERTEXT_VALUE with EC_GROUP
* check compatible of SM2CiphertextValue with EC_GROUP
* In gmapi we only do simple checks, i.e. length of coordinates.
* We assume that more checks, such as x, y in the range of [1, p]
* and other semantic checks should be done by the `sm2` module.
*/
if (BN_num_bits(x) > EC_GROUP_get_degree(group) ||
BN_num_bits(y) > EC_GROUP_get_degree(group)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_POINT);
goto end;
}
if (!BN_bn2bin(x, ref->x + ECCref_MAX_LEN - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, ref->y + ECCref_MAX_LEN - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
ERR_R_BN_LIB);
goto end;
}
/* encode mac `ECCCipher->M[32]` */
if (cv->mactag_size != 32) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_MAC);
goto end;
}
@@ -554,7 +554,7 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv,
/* encode ciphertext `ECCCipher->L`, `ECCCipher->C[]` */
if (cv->ciphertext_size <= 0 || cv->ciphertext_size > INT_MAX) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
@@ -693,4 +693,3 @@ int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref)
return 1;
}

15
crypto/gmapi/gmapi_sdf_ec.d.tmp Normal file
View File

@@ -0,0 +1,15 @@
crypto/gmapi/gmapi_sdf_ec.o: crypto/gmapi/gmapi_sdf_ec.c \
include/openssl/ec.h include/openssl/opensslconf.h \
include/openssl/asn1.h include/openssl/e_os2.h include/openssl/bio.h \
include/openssl/crypto.h include/openssl/stack.h \
include/openssl/safestack.h include/openssl/opensslv.h \
include/openssl/ossl_typ.h include/openssl/symhacks.h \
include/openssl/bn.h include/openssl/err.h include/openssl/lhash.h \
include/openssl/sdf.h include/openssl/sgd.h include/openssl/gmapi.h \
include/openssl/sm2.h include/openssl/evp.h include/openssl/objects.h \
include/openssl/obj_mac.h include/openssl/kdf2.h include/openssl/kdf.h \
include/openssl/x509.h include/openssl/buffer.h \
include/openssl/paillier.h include/openssl/rsa.h include/openssl/dsa.h \
include/openssl/dh.h include/openssl/sha.h include/openssl/x509_vfy.h \
include/openssl/pkcs7.h include/openssl/ecies.h include/openssl/sm3.h \
include/openssl/saf.h include/openssl/skf.h include/openssl/sof.h

58
crypto/gmapi/gmapi_skf_ec.c
View File

@@ -250,27 +250,27 @@ end:
return ret;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCIPHERBLOB(
const ECCCIPHERBLOB *blob)
{
int ok = 0;
SM2_CIPHERTEXT_VALUE *ret = NULL;
SM2CiphertextValue *ret = NULL;
EC_GROUP *group = NULL;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB,
ERR_R_EC_LIB);
goto end;
}
if (!(ret = SM2_CIPHERTEXT_VALUE_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
if (!(ret = SM2CiphertextValue_new(group))) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB,
GMAPI_R_MALLOC_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHERBLOB,
if (!SM2CiphertextValue_set_ECCCIPHERBLOB(ret, blob)) {
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB,
GMAPI_R_INVALID_EC_PUBLIC_KEY);
goto end;
}
@@ -279,14 +279,14 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(
end:
if (!ok) {
SM2_CIPHERTEXT_VALUE_free(ret);
SM2CiphertextValue_free(ret);
ret = NULL;
}
EC_GROUP_free(group);
return ret;
}
int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv,
int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv,
const ECCCIPHERBLOB *blob)
{
int ret = 0;
@@ -297,45 +297,45 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv,
int nbytes;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB,
ERR_R_EC_LIB);
return 0;
}
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (nbytes > ECC_MAX_XCOORDINATE_BITS_LEN/8) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB,
GMAPI_R_INVALID_KEY_LENGTH);
goto end;
}
if (!(x = BN_bin2bn(blob->XCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!(y = BN_bin2bn(blob->YCoordinate, nbytes, NULL))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!(bn_ctx = BN_CTX_new())) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!cv->ephem_point) {
if (!(cv->ephem_point = EC_POINT_new(group))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
@@ -344,12 +344,12 @@ int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv,
cv->mactag_size = 32;
if ((cv->ciphertext_size = blob->CipherLen) <= 0) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}
if (!(cv->ciphertext = OPENSSL_realloc(cv->ciphertext, blob->CipherLen))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_SET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB,
GMAPI_R_MALLOC_FAILED);
goto end;
}
@@ -365,7 +365,7 @@ end:
return ret;
}
int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv,
int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv,
ECCCIPHERBLOB *blob)
{
int ret = 0;
@@ -375,7 +375,7 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv,
BN_CTX *bn_ctx = NULL;
if (!(group = EC_GROUP_new_by_curve_name(NID_sm2p256v1))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
return 0;
}
@@ -383,45 +383,45 @@ int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv,
y = BN_new();
bn_ctx = BN_CTX_new();
if (!x || !y || !bn_ctx) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, cv->ephem_point, x, y, bn_ctx)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_EC_LIB);
goto end;
}
}
if ((BN_num_bytes(x) > 256/8) || (BN_num_bytes(y) > 256/8)) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_POINT);
goto end;
}
if (!BN_bn2bin(x, blob->XCoordinate + 256/8 - BN_num_bytes(x))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (!BN_bn2bin(y, blob->YCoordinate + 256/8 - BN_num_bytes(y))) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB, ERR_R_BN_LIB);
goto end;
}
if (cv->mactag_size != 32) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_MAC);
goto end;
}
memcpy(blob->HASH, cv->mactag, cv->mactag_size);
if (cv->ciphertext_size <= 0) {
GMAPIerr(GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB,
GMAPIerr(GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB,
GMAPI_R_INVALID_CIPHERTEXT_LENGTH);
goto end;
}

4
crypto/include/internal/evp_int.h
View File

@@ -27,6 +27,10 @@ struct evp_pkey_ctx_st {
/* implementation specific keygen data */
int *keygen_info;
int keygen_info_count;
#ifndef OPENSSL_NO_SM2
unsigned char *pre_update;
size_t pre_update_len;
#endif
} /* EVP_PKEY_CTX */ ;
#define EVP_PKEY_FLAG_DYNAMIC 1

171
crypto/objects/obj_dat.h
View File

@@ -10,7 +10,7 @@
*/
/* Serialized OID's */
static const unsigned char so[7486] = {
static const unsigned char so[7733] = {
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
@@ -1053,9 +1053,40 @@ static const unsigned char so[7486] = {
0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x01,0x01,0x01, /* [ 7452] OBJ_cpk_sha1_map */
0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x01,0x01,0x02, /* [ 7463] OBJ_cpk_sha256_map */
0x2B,0x06,0x01,0x04,0x01,0x83,0x83,0x0D,0x01,0x01,0x03, /* [ 7474] OBJ_cpk_sm3_map */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x01, /* [ 7485] OBJ_sm2encrypt_with_sm3 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x02, /* [ 7496] OBJ_sm2encrypt_with_sha1 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x03, /* [ 7507] OBJ_sm2encrypt_with_sha224 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x04, /* [ 7518] OBJ_sm2encrypt_with_sha256 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x05, /* [ 7529] OBJ_sm2encrypt_with_sha384 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x06, /* [ 7540] OBJ_sm2encrypt_with_sha512 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x07, /* [ 7551] OBJ_sm2encrypt_with_rmd160 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x08, /* [ 7562] OBJ_sm2encrypt_with_whirlpool */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x09, /* [ 7573] OBJ_sm2encrypt_with_blake2b512 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x0A, /* [ 7584] OBJ_sm2encrypt_with_blake2s256 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D,0x03,0x02,0x0B, /* [ 7595] OBJ_sm2encrypt_with_md5 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x84,0x08, /* [ 7606] OBJ_sm2sign_with_whirlpool */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x84,0x09, /* [ 7614] OBJ_sm2sign_with_blake2b512 */
0x2A,0x81,0x1C,0xCF,0x55,0x01,0x84,0x0A, /* [ 7622] OBJ_sm2sign_with_blake2s256 */
0x2B,0x81,0x04,0x01,0x08,0x01, /* [ 7630] OBJ_ecies_with_x9_63_sha1_xor_hmac */
0x2B,0x81,0x04,0x01,0x08,0x02, /* [ 7636] OBJ_ecies_with_x9_63_sha256_xor_hmac */
0x2B,0x81,0x04,0x01,0x08,0x03, /* [ 7642] OBJ_ecies_with_x9_63_sha512_xor_hmac */
0x2B,0x81,0x04,0x01,0x08,0x04, /* [ 7648] OBJ_ecies_with_x9_63_sha1_aes128_cbc_hmac */
0x2B,0x81,0x04,0x01,0x08,0x05, /* [ 7654] OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac */
0x2B,0x81,0x04,0x01,0x08,0x06, /* [ 7660] OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac */
0x2B,0x81,0x04,0x01,0x08,0x07, /* [ 7666] OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac */
0x2B,0x81,0x04,0x01,0x08,0x08, /* [ 7672] OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac */
0x2B,0x81,0x04,0x01,0x08,0x09, /* [ 7678] OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac_half */
0x2B,0x81,0x04,0x01,0x08,0x0A, /* [ 7684] OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac_half */
0x2B,0x81,0x04,0x01,0x08,0x0B, /* [ 7690] OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac_half */
0x2B,0x81,0x04,0x01,0x08,0x0C, /* [ 7696] OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac_half */
0x2B,0x81,0x04,0x01,0x08,0x0D, /* [ 7702] OBJ_ecies_with_x9_63_sha1_aes128_cbc_cmac */
0x2B,0x81,0x04,0x01,0x08,0x0E, /* [ 7708] OBJ_ecies_with_x9_63_sha256_aes128_cbc_cmac */
0x2B,0x81,0x04,0x01,0x08,0x0F, /* [ 7714] OBJ_ecies_with_x9_63_sha512_aes256_cbc_cmac */
0x2B,0x81,0x04,0x01,0x08,0x10, /* [ 7720] OBJ_ecies_with_x9_63_sha256_aes128_ctr_cmac */
0x2B,0x81,0x04,0x01,0x08,0x11, /* [ 7726] OBJ_ecies_with_x9_63_sha512_aes256_ctr_cmac */
};
#define NUM_NID 1155
#define NUM_NID 1188
static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"UNDEF", "undefined", NID_undef},
{"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2212,9 +2243,42 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"cpk-sha1-map", "cpk-sha1-map", NID_cpk_sha1_map, 11, &so[7452]},
{"cpk-sha256-map", "cpk-sha256-map", NID_cpk_sha256_map, 11, &so[7463]},
{"cpk-sm3-map", "cpk-sm3-map", NID_cpk_sm3_map, 11, &so[7474]},
{"sm2encrypt-with-sm3", "sm2encrypt-with-sm3", NID_sm2encrypt_with_sm3, 11, &so[7485]},
{"sm2encrypt-with-sha1", "sm2encrypt-with-sha1", NID_sm2encrypt_with_sha1, 11, &so[7496]},
{"sm2encrypt-with-sha224", "sm2encrypt-with-sha224", NID_sm2encrypt_with_sha224, 11, &so[7507]},
{"sm2encrypt-with-sha256", "sm2encrypt-with-sha256", NID_sm2encrypt_with_sha256, 11, &so[7518]},
{"sm2encrypt-with-sha384", "sm2encrypt-with-sha384", NID_sm2encrypt_with_sha384, 11, &so[7529]},
{"sm2encrypt-with-sha512", "sm2encrypt-with-sha512", NID_sm2encrypt_with_sha512, 11, &so[7540]},
{"sm2encrypt-with-rmd160", "sm2encrypt-with-rmd160", NID_sm2encrypt_with_rmd160, 11, &so[7551]},
{"sm2encrypt-with-whirlpool", "sm2encrypt-with-whirlpool", NID_sm2encrypt_with_whirlpool, 11, &so[7562]},
{"sm2encrypt-with-blake2b512", "sm2encrypt-with-blake2b512", NID_sm2encrypt_with_blake2b512, 11, &so[7573]},
{"sm2encrypt-with-blake2s256", "sm2encrypt-with-blake2s256", NID_sm2encrypt_with_blake2s256, 11, &so[7584]},
{"sm2encrypt-with-md5", "sm2encrypt-with-md5", NID_sm2encrypt_with_md5, 11, &so[7595]},
{"SM2Sign-with-Whirlpool", "sm2sign-with-whirlpool", NID_sm2sign_with_whirlpool, 8, &so[7606]},
{"SM2Sign-with-Blake2b512", "sm2sign-with-blake2b512", NID_sm2sign_with_blake2b512, 8, &so[7614]},
{"SM2Sign-with-Blake2s256", "sm2sign-with-blake2s256", NID_sm2sign_with_blake2s256, 8, &so[7622]},
{"ecies-with-x9-63-sha1-xor-hmac", "ecies-with-x9-63-sha1-xor-hmac", NID_ecies_with_x9_63_sha1_xor_hmac, 6, &so[7630]},
{"ecies-with-x9-63-sha256-xor-hmac", "ecies-with-x9-63-sha256-xor-hmac", NID_ecies_with_x9_63_sha256_xor_hmac, 6, &so[7636]},
{"ecies-with-x9-63-sha512-xor-hmac", "ecies-with-x9-63-sha512-xor-hmac", NID_ecies_with_x9_63_sha512_xor_hmac, 6, &so[7642]},
{"ecies-with-x9-63-sha1-aes128-cbc-hmac", "ecies-with-x9-63-sha1-aes128-cbc-hmac", NID_ecies_with_x9_63_sha1_aes128_cbc_hmac, 6, &so[7648]},
{"ecies-with-x9-63-sha256-aes128-cbc-hmac", "ecies-with-x9-63-sha256-aes128-cbc-hmac", NID_ecies_with_x9_63_sha256_aes128_cbc_hmac, 6, &so[7654]},
{"ecies-with-x9-63-sha512-aes256-cbc-hmac", "ecies-with-x9-63-sha512-aes256-cbc-hmac", NID_ecies_with_x9_63_sha512_aes256_cbc_hmac, 6, &so[7660]},
{"ecies-with-x9-63-sha256-aes128-ctr-hmac", "ecies-with-x9-63-sha256-aes128-ctr-hmac", NID_ecies_with_x9_63_sha256_aes128_ctr_hmac, 6, &so[7666]},
{"ecies-with-x9-63-sha512-aes256-ctr-hmac", "ecies-with-x9-63-sha512-aes256-ctr-hmac", NID_ecies_with_x9_63_sha512_aes256_ctr_hmac, 6, &so[7672]},
{"ecies-with-x9-63-sha256-aes128-cbc-hmac-half", "ecies-with-x9-63-sha256-aes128-cbc-hmac-half", NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half, 6, &so[7678]},
{"ecies-with-x9-63-sha512-aes256-cbc-hmac-half", "ecies-with-x9-63-sha512-aes256-cbc-hmac-half", NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half, 6, &so[7684]},
{"ecies-with-x9-63-sha256-aes128-ctr-hmac-half", "ecies-with-x9-63-sha256-aes128-ctr-hmac-half", NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half, 6, &so[7690]},
{"ecies-with-x9-63-sha512-aes256-ctr-hmac-half", "ecies-with-x9-63-sha512-aes256-ctr-hmac-half", NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half, 6, &so[7696]},
{"ecies-with-x9-63-sha1-aes128-cbc-cmac", "ecies-with-x9-63-sha1-aes128-cbc-cmac", NID_ecies_with_x9_63_sha1_aes128_cbc_cmac, 6, &so[7702]},
{"ecies-with-x9-63-sha256-aes128-cbc-cmac", "ecies-with-x9-63-sha256-aes128-cbc-cmac", NID_ecies_with_x9_63_sha256_aes128_cbc_cmac, 6, &so[7708]},
{"ecies-with-x9-63-sha512-aes256-cbc-cmac", "ecies-with-x9-63-sha512-aes256-cbc-cmac", NID_ecies_with_x9_63_sha512_aes256_cbc_cmac, 6, &so[7714]},
{"ecies-with-x9-63-sha256-aes128-ctr-cmac", "ecies-with-x9-63-sha256-aes128-ctr-cmac", NID_ecies_with_x9_63_sha256_aes128_ctr_cmac, 6, &so[7720]},
{"ecies-with-x9-63-sha512-aes256-ctr-cmac", "ecies-with-x9-63-sha512-aes256-ctr-cmac", NID_ecies_with_x9_63_sha512_aes256_ctr_cmac, 6, &so[7726]},
{"KxSM2", "kx-sm2", NID_kx_sm2},
{"AuthSM2", "auth-sm2", NID_auth_sm2},
};
#define NUM_SN 1144
#define NUM_SN 1177
static const unsigned int sn_objs[NUM_SN] = {
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
@@ -2256,6 +2320,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1053, /* "AuthNULL" */
1048, /* "AuthPSK" */
1046, /* "AuthRSA" */
1187, /* "AuthSM2" */
1052, /* "AuthSRP" */
91, /* "BF-CBC" */
93, /* "BF-CFB" */
@@ -2358,6 +2423,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1043, /* "KxPSK" */
1037, /* "KxRSA" */
1042, /* "KxRSA_PSK" */
1186, /* "KxSM2" */
1044, /* "KxSRP" */
15, /* "L" */
856, /* "LocalKeySet" */
@@ -2443,6 +2509,8 @@ static const unsigned int sn_objs[NUM_SN] = {
1095, /* "SM1-CFB8" */
1090, /* "SM1-ECB" */
1092, /* "SM1-OFB" */
1167, /* "SM2Sign-with-Blake2b512" */
1168, /* "SM2Sign-with-Blake2s256" */
1134, /* "SM2Sign-with-RMD160" */
1129, /* "SM2Sign-with-SHA1" */
1132, /* "SM2Sign-with-SHA224" */
@@ -2450,6 +2518,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1133, /* "SM2Sign-with-SHA384" */
1131, /* "SM2Sign-with-SHA511" */
1128, /* "SM2Sign-with-SM3" */
1166, /* "SM2Sign-with-Whirlpool" */
1126, /* "SM3" */
1115, /* "SM5" */
1087, /* "SM6-CBC" */
@@ -2644,6 +2713,23 @@ static const unsigned int sn_objs[NUM_SN] = {
792, /* "ecdsa-with-Specified" */
1063, /* "ecies-recommendedParameters" */
1064, /* "ecies-specifiedParameters" */
1181, /* "ecies-with-x9-63-sha1-aes128-cbc-cmac" */
1172, /* "ecies-with-x9-63-sha1-aes128-cbc-hmac" */
1169, /* "ecies-with-x9-63-sha1-xor-hmac" */
1182, /* "ecies-with-x9-63-sha256-aes128-cbc-cmac" */
1173, /* "ecies-with-x9-63-sha256-aes128-cbc-hmac" */
1177, /* "ecies-with-x9-63-sha256-aes128-cbc-hmac-half" */
1184, /* "ecies-with-x9-63-sha256-aes128-ctr-cmac" */
1175, /* "ecies-with-x9-63-sha256-aes128-ctr-hmac" */
1179, /* "ecies-with-x9-63-sha256-aes128-ctr-hmac-half" */
1170, /* "ecies-with-x9-63-sha256-xor-hmac" */
1183, /* "ecies-with-x9-63-sha512-aes256-cbc-cmac" */
1174, /* "ecies-with-x9-63-sha512-aes256-cbc-hmac" */
1178, /* "ecies-with-x9-63-sha512-aes256-cbc-hmac-half" */
1185, /* "ecies-with-x9-63-sha512-aes256-ctr-cmac" */
1176, /* "ecies-with-x9-63-sha512-aes256-ctr-hmac" */
1180, /* "ecies-with-x9-63-sha512-aes256-ctr-hmac-half" */
1171, /* "ecies-with-x9-63-sha512-xor-hmac" */
48, /* "emailAddress" */
132, /* "emailProtection" */
885, /* "enhancedSearchGuide" */
@@ -3294,6 +3380,17 @@ static const unsigned int sn_objs[NUM_SN] = {
1119, /* "sm2encrypt" */
1120, /* "sm2encrypt-recommendedParameters" */
1121, /* "sm2encrypt-specifiedParameters" */
1163, /* "sm2encrypt-with-blake2b512" */
1164, /* "sm2encrypt-with-blake2s256" */
1165, /* "sm2encrypt-with-md5" */
1161, /* "sm2encrypt-with-rmd160" */
1156, /* "sm2encrypt-with-sha1" */
1157, /* "sm2encrypt-with-sha224" */
1158, /* "sm2encrypt-with-sha256" */
1159, /* "sm2encrypt-with-sha384" */
1160, /* "sm2encrypt-with-sha512" */
1155, /* "sm2encrypt-with-sm3" */
1162, /* "sm2encrypt-with-whirlpool" */
1149, /* "sm2exchange" */
1116, /* "sm2p256v1" */
1117, /* "sm2sign" */
@@ -3362,7 +3459,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1069, /* "xor-in-ecies" */
};
#define NUM_LN 1144
#define NUM_LN 1177
static const unsigned int ln_objs[NUM_LN] = {
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
@@ -3600,6 +3697,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1053, /* "auth-null" */
1048, /* "auth-psk" */
1046, /* "auth-rsa" */
1187, /* "auth-sm2" */
1052, /* "auth-srp" */
882, /* "authorityRevocationList" */
1138, /* "bb1" */
@@ -3783,6 +3881,23 @@ static const unsigned int ln_objs[NUM_LN] = {
792, /* "ecdsa-with-Specified" */
1063, /* "ecies-recommendedParameters" */
1064, /* "ecies-specifiedParameters" */
1181, /* "ecies-with-x9-63-sha1-aes128-cbc-cmac" */
1172, /* "ecies-with-x9-63-sha1-aes128-cbc-hmac" */
1169, /* "ecies-with-x9-63-sha1-xor-hmac" */
1182, /* "ecies-with-x9-63-sha256-aes128-cbc-cmac" */
1173, /* "ecies-with-x9-63-sha256-aes128-cbc-hmac" */
1177, /* "ecies-with-x9-63-sha256-aes128-cbc-hmac-half" */
1184, /* "ecies-with-x9-63-sha256-aes128-ctr-cmac" */
1175, /* "ecies-with-x9-63-sha256-aes128-ctr-hmac" */
1179, /* "ecies-with-x9-63-sha256-aes128-ctr-hmac-half" */
1170, /* "ecies-with-x9-63-sha256-xor-hmac" */
1183, /* "ecies-with-x9-63-sha512-aes256-cbc-cmac" */
1174, /* "ecies-with-x9-63-sha512-aes256-cbc-hmac" */
1178, /* "ecies-with-x9-63-sha512-aes256-cbc-hmac-half" */
1185, /* "ecies-with-x9-63-sha512-aes256-ctr-cmac" */
1176, /* "ecies-with-x9-63-sha512-aes256-ctr-hmac" */
1180, /* "ecies-with-x9-63-sha512-aes256-ctr-hmac-half" */
1171, /* "ecies-with-x9-63-sha512-xor-hmac" */
48, /* "emailAddress" */
632, /* "encrypted track 2" */
885, /* "enhancedSearchGuide" */
@@ -4092,6 +4207,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1043, /* "kx-psk" */
1037, /* "kx-rsa" */
1042, /* "kx-rsa-psk" */
1186, /* "kx-sm2" */
1044, /* "kx-srp" */
477, /* "lastModifiedBy" */
476, /* "lastModifiedTime" */
@@ -4413,9 +4529,22 @@ static const unsigned int ln_objs[NUM_LN] = {
1119, /* "sm2encrypt" */
1120, /* "sm2encrypt-recommendedParameters" */
1121, /* "sm2encrypt-specifiedParameters" */
1163, /* "sm2encrypt-with-blake2b512" */
1164, /* "sm2encrypt-with-blake2s256" */
1165, /* "sm2encrypt-with-md5" */
1161, /* "sm2encrypt-with-rmd160" */
1156, /* "sm2encrypt-with-sha1" */
1157, /* "sm2encrypt-with-sha224" */
1158, /* "sm2encrypt-with-sha256" */
1159, /* "sm2encrypt-with-sha384" */
1160, /* "sm2encrypt-with-sha512" */
1155, /* "sm2encrypt-with-sm3" */
1162, /* "sm2encrypt-with-whirlpool" */
1149, /* "sm2exchange" */
1116, /* "sm2p256v1" */
1117, /* "sm2sign" */
1167, /* "sm2sign-with-blake2b512" */
1168, /* "sm2sign-with-blake2s256" */
1134, /* "sm2sign-with-rmd160" */
1129, /* "sm2sign-with-sha1" */
1132, /* "sm2sign-with-sha224" */
@@ -4423,6 +4552,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1133, /* "sm2sign-with-sha384" */
1131, /* "sm2sign-with-sha512" */
1128, /* "sm2sign-with-sm3" */
1166, /* "sm2sign-with-whirlpool" */
1126, /* "sm3" */
1115, /* "sm5" */
1087, /* "sm6-cbc" */
@@ -4510,7 +4640,7 @@ static const unsigned int ln_objs[NUM_LN] = {
1136, /* "zuc" */
};
#define NUM_OBJ 1048
#define NUM_OBJ 1079
static const unsigned int obj_objs[NUM_OBJ] = {
0, /* OBJ_undef 0 */
181, /* OBJ_iso 1 */
@@ -4858,6 +4988,23 @@ static const unsigned int obj_objs[NUM_OBJ] = {
505, /* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
506, /* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
119, /* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
1169, /* OBJ_ecies_with_x9_63_sha1_xor_hmac 1 3 132 1 8 1 */
1170, /* OBJ_ecies_with_x9_63_sha256_xor_hmac 1 3 132 1 8 2 */
1171, /* OBJ_ecies_with_x9_63_sha512_xor_hmac 1 3 132 1 8 3 */
1172, /* OBJ_ecies_with_x9_63_sha1_aes128_cbc_hmac 1 3 132 1 8 4 */
1173, /* OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac 1 3 132 1 8 5 */
1174, /* OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac 1 3 132 1 8 6 */
1175, /* OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac 1 3 132 1 8 7 */
1176, /* OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac 1 3 132 1 8 8 */
1177, /* OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac_half 1 3 132 1 8 9 */
1178, /* OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac_half 1 3 132 1 8 10 */
1179, /* OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac_half 1 3 132 1 8 11 */
1180, /* OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac_half 1 3 132 1 8 12 */
1181, /* OBJ_ecies_with_x9_63_sha1_aes128_cbc_cmac 1 3 132 1 8 13 */
1182, /* OBJ_ecies_with_x9_63_sha256_aes128_cbc_cmac 1 3 132 1 8 14 */
1183, /* OBJ_ecies_with_x9_63_sha512_aes256_cbc_cmac 1 3 132 1 8 15 */
1184, /* OBJ_ecies_with_x9_63_sha256_aes128_ctr_cmac 1 3 132 1 8 16 */
1185, /* OBJ_ecies_with_x9_63_sha512_aes256_ctr_cmac 1 3 132 1 8 17 */
937, /* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
938, /* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
939, /* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
@@ -5019,6 +5166,9 @@ static const unsigned int obj_objs[NUM_OBJ] = {
1132, /* OBJ_sm2sign_with_sha224 1 2 156 10197 1 505 */
1133, /* OBJ_sm2sign_with_sha384 1 2 156 10197 1 506 */
1134, /* OBJ_sm2sign_with_rmd160 1 2 156 10197 1 507 */
1166, /* OBJ_sm2sign_with_whirlpool 1 2 156 10197 1 520 */
1167, /* OBJ_sm2sign_with_blake2b512 1 2 156 10197 1 521 */
1168, /* OBJ_sm2sign_with_blake2s256 1 2 156 10197 1 522 */
1136, /* OBJ_zuc 1 2 156 10197 1 800 */
776, /* OBJ_seed_ecb 1 2 410 200004 1 3 */
777, /* OBJ_seed_cbc 1 2 410 200004 1 4 */
@@ -5471,6 +5621,17 @@ static const unsigned int obj_objs[NUM_OBJ] = {
952, /* OBJ_ct_precert_poison 1 3 6 1 4 1 11129 2 4 3 */
953, /* OBJ_ct_precert_signer 1 3 6 1 4 1 11129 2 4 4 */
954, /* OBJ_ct_cert_scts 1 3 6 1 4 1 11129 2 4 5 */
1155, /* OBJ_sm2encrypt_with_sm3 1 2 156 10197 1 301 3 2 1 */
1156, /* OBJ_sm2encrypt_with_sha1 1 2 156 10197 1 301 3 2 2 */
1157, /* OBJ_sm2encrypt_with_sha224 1 2 156 10197 1 301 3 2 3 */
1158, /* OBJ_sm2encrypt_with_sha256 1 2 156 10197 1 301 3 2 4 */
1159, /* OBJ_sm2encrypt_with_sha384 1 2 156 10197 1 301 3 2 5 */
1160, /* OBJ_sm2encrypt_with_sha512 1 2 156 10197 1 301 3 2 6 */
1161, /* OBJ_sm2encrypt_with_rmd160 1 2 156 10197 1 301 3 2 7 */
1162, /* OBJ_sm2encrypt_with_whirlpool 1 2 156 10197 1 301 3 2 8 */
1163, /* OBJ_sm2encrypt_with_blake2b512 1 2 156 10197 1 301 3 2 9 */
1164, /* OBJ_sm2encrypt_with_blake2s256 1 2 156 10197 1 301 3 2 10 */
1165, /* OBJ_sm2encrypt_with_md5 1 2 156 10197 1 301 3 2 11 */
751, /* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
752, /* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
753, /* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */

33
crypto/objects/obj_mac.num
View File

@@ -1152,3 +1152,36 @@ cpk_map 1151
cpk_sha1_map 1152
cpk_sha256_map 1153
cpk_sm3_map 1154
sm2encrypt_with_sm3 1155
sm2encrypt_with_sha1 1156
sm2encrypt_with_sha224 1157
sm2encrypt_with_sha256 1158
sm2encrypt_with_sha384 1159
sm2encrypt_with_sha512 1160
sm2encrypt_with_rmd160 1161
sm2encrypt_with_whirlpool 1162
sm2encrypt_with_blake2b512 1163
sm2encrypt_with_blake2s256 1164
sm2encrypt_with_md5 1165
sm2sign_with_whirlpool 1166
sm2sign_with_blake2b512 1167
sm2sign_with_blake2s256 1168
ecies_with_x9_63_sha1_xor_hmac 1169
ecies_with_x9_63_sha256_xor_hmac 1170
ecies_with_x9_63_sha512_xor_hmac 1171
ecies_with_x9_63_sha1_aes128_cbc_hmac 1172
ecies_with_x9_63_sha256_aes128_cbc_hmac 1173
ecies_with_x9_63_sha512_aes256_cbc_hmac 1174
ecies_with_x9_63_sha256_aes128_ctr_hmac 1175
ecies_with_x9_63_sha512_aes256_ctr_hmac 1176
ecies_with_x9_63_sha256_aes128_cbc_hmac_half 1177
ecies_with_x9_63_sha512_aes256_cbc_hmac_half 1178
ecies_with_x9_63_sha256_aes128_ctr_hmac_half 1179
ecies_with_x9_63_sha512_aes256_ctr_hmac_half 1180
ecies_with_x9_63_sha1_aes128_cbc_cmac 1181
ecies_with_x9_63_sha256_aes128_cbc_cmac 1182
ecies_with_x9_63_sha512_aes256_cbc_cmac 1183
ecies_with_x9_63_sha256_aes128_ctr_cmac 1184
ecies_with_x9_63_sha512_aes256_ctr_cmac 1185
kx_sm2 1186
auth_sm2 1187

40
crypto/objects/objects.txt
View File

@@ -1476,6 +1476,7 @@ id-pkinit 5 : pkInitKDC : Signing KDC Response
: KxPSK : kx-psk
: KxSRP : kx-srp
: KxGOST : kx-gost
: KxSM2 : kx-sm2
# NIDs for cipher authentication
: AuthRSA : auth-rsa
@@ -1486,6 +1487,7 @@ id-pkinit 5 : pkInitKDC : Signing KDC Response
: AuthGOST12 : auth-gost12
: AuthSRP : auth-srp
: AuthNULL : auth-null
: AuthSM2 : auth-sm2
# GmSSL SECG ECIES OID
secg-scheme 7 : ecies-recommendedParameters
@@ -1508,6 +1510,26 @@ secg-scheme 24 0 : cmac-aes128-ecies
secg-scheme 24 1 : cmac-aes192-ecies
secg-scheme 24 2 : cmac-aes256-ecies
ecies-specifiedParameters 1 : ecies-with-x9-63-sha1-xor-hmac
ecies-specifiedParameters 2 : ecies-with-x9-63-sha256-xor-hmac
ecies-specifiedParameters 3 : ecies-with-x9-63-sha512-xor-hmac
ecies-specifiedParameters 4 : ecies-with-x9-63-sha1-aes128-cbc-hmac
ecies-specifiedParameters 5 : ecies-with-x9-63-sha256-aes128-cbc-hmac
ecies-specifiedParameters 6 : ecies-with-x9-63-sha512-aes256-cbc-hmac
ecies-specifiedParameters 7 : ecies-with-x9-63-sha256-aes128-ctr-hmac
ecies-specifiedParameters 8 : ecies-with-x9-63-sha512-aes256-ctr-hmac
ecies-specifiedParameters 9 : ecies-with-x9-63-sha256-aes128-cbc-hmac-half
ecies-specifiedParameters 10 : ecies-with-x9-63-sha512-aes256-cbc-hmac-half
ecies-specifiedParameters 11 : ecies-with-x9-63-sha256-aes128-ctr-hmac-half
ecies-specifiedParameters 12 : ecies-with-x9-63-sha512-aes256-ctr-hmac-half
ecies-specifiedParameters 13 : ecies-with-x9-63-sha1-aes128-cbc-cmac
ecies-specifiedParameters 14 : ecies-with-x9-63-sha256-aes128-cbc-cmac
ecies-specifiedParameters 15 : ecies-with-x9-63-sha512-aes256-cbc-cmac
ecies-specifiedParameters 16 : ecies-with-x9-63-sha256-aes128-ctr-cmac
ecies-specifiedParameters 17 : ecies-with-x9-63-sha512-aes256-ctr-cmac
# GmSSL SM OID
member-body 156 : ISO-CN : ISO CN Member Body
ISO-CN 10197 : oscca
@@ -1564,8 +1586,21 @@ sm-scheme 301 : sm2p256v1
sm-scheme 301 1 : sm2sign
sm-scheme 301 2 : sm2exchange
sm-scheme 301 3 : sm2encrypt
sm-scheme 301 101 : wapip192v1
sm2encrypt 1 : sm2encrypt-recommendedParameters
sm2encrypt 2 : sm2encrypt-specifiedParameters
sm2encrypt 2 1 : sm2encrypt-with-sm3
sm2encrypt 2 2 : sm2encrypt-with-sha1
sm2encrypt 2 3 : sm2encrypt-with-sha224
sm2encrypt 2 4 : sm2encrypt-with-sha256
sm2encrypt 2 5 : sm2encrypt-with-sha384
sm2encrypt 2 6 : sm2encrypt-with-sha512
sm2encrypt 2 7 : sm2encrypt-with-rmd160
sm2encrypt 2 8 : sm2encrypt-with-whirlpool
sm2encrypt 2 9 : sm2encrypt-with-blake2b512
sm2encrypt 2 10 : sm2encrypt-with-blake2s256
sm2encrypt 2 11 : sm2encrypt-with-md5
sm-scheme 302 : id-sm9PublicKey
sm-scheme 302 1 : sm9sign
@@ -1574,6 +1609,7 @@ sm-scheme 302 3 : sm9encrypt
sm-scheme 401 : SM3 : sm3
sm-scheme 401 2 : HMAC-SM3 : hmac-sm3
sm-scheme 501 : SM2Sign-with-SM3 : sm2sign-with-sm3
sm-scheme 502 : SM2Sign-with-SHA1 : sm2sign-with-sha1
sm-scheme 503 : SM2Sign-with-SHA256 : sm2sign-with-sha256
@@ -1581,8 +1617,10 @@ sm-scheme 504 : SM2Sign-with-SHA511 : sm2sign-with-sha512
sm-scheme 505 : SM2Sign-with-SHA224 : sm2sign-with-sha224
sm-scheme 506 : SM2Sign-with-SHA384 : sm2sign-with-sha384
sm-scheme 507 : SM2Sign-with-RMD160 : sm2sign-with-rmd160
sm-scheme 520 : SM2Sign-with-Whirlpool : sm2sign-with-whirlpool
sm-scheme 521 : SM2Sign-with-Blake2b512 : sm2sign-with-blake2b512
sm-scheme 522 : SM2Sign-with-Blake2s256 : sm2sign-with-blake2s256
sm-scheme 301 101 : wapip192v1
# GmSSL ZUC OID
sm-scheme 800 : ZUC : zuc

4
crypto/sm2/build.info
View File

@@ -1,3 +1,3 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=sm2_asn1.c sm2_id.c sm2_sign.c sm2_enc.c sm2_kap.c \
sm2_kmeth.c
SOURCE[../../libcrypto]=sm2_err.c sm2_asn1.c sm2_id.c sm2_sign.c sm2_enc.c \
sm2_exch.c sm2_kmeth.c

139
crypto/sm2/sm2_asn1.c
View File

@@ -55,147 +55,14 @@
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include "sm2_lcl.h"
typedef struct SM2CiphertextValue_st {
ASN1_INTEGER *xCoordinate;
ASN1_INTEGER *yCoordinate;
ASN1_OCTET_STRING *hash;
ASN1_OCTET_STRING *ciphertext;
} SM2CiphertextValue;
ASN1_SEQUENCE(SM2CiphertextValue) = {
ASN1_SIMPLE(SM2CiphertextValue, xCoordinate, ASN1_INTEGER),
ASN1_SIMPLE(SM2CiphertextValue, yCoordinate, ASN1_INTEGER),
ASN1_SIMPLE(SM2CiphertextValue, xCoordinate, BIGNUM),
ASN1_SIMPLE(SM2CiphertextValue, yCoordinate, BIGNUM),
ASN1_SIMPLE(SM2CiphertextValue, hash, ASN1_OCTET_STRING),
ASN1_SIMPLE(SM2CiphertextValue, ciphertext, ASN1_OCTET_STRING),
} ASN1_SEQUENCE_END(SM2CiphertextValue)
IMPLEMENT_ASN1_FUNCTIONS(SM2CiphertextValue)
IMPLEMENT_ASN1_DUP_FUNCTION(SM2CiphertextValue)
int i2d_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group, const SM2_CIPHERTEXT_VALUE *c,
unsigned char **out)
{
int ret = 0;
SM2CiphertextValue *asn1 = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BN_CTX *bn_ctx = NULL;
asn1 = SM2CiphertextValue_new();
x = BN_new();
y = BN_new();
bn_ctx = BN_CTX_new();
if (!asn1 || !x || !y || !bn_ctx) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_MALLOC_FAILURE);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, c->ephem_point, x, y, bn_ctx)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, c->ephem_point, x, y, bn_ctx)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_EC_LIB);
goto end;
}
}
if (!BN_to_ASN1_INTEGER(x, asn1->xCoordinate)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_BN_LIB);
goto end;
}
if (!BN_to_ASN1_INTEGER(y, asn1->yCoordinate)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_BN_LIB);
goto end;
}
if (!ASN1_OCTET_STRING_set(asn1->hash, c->mactag, c->mactag_size)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_ASN1_LIB);
goto end;
}
if (!ASN1_OCTET_STRING_set(asn1->ciphertext, c->ciphertext, c->ciphertext_size)) {
ECerr(EC_F_I2D_SM2_CIPHERTEXT_VALUE, ERR_R_ASN1_LIB);
goto end;
}
ret = 1;
end:
SM2CiphertextValue_free(asn1);
BN_free(x);
BN_free(y);
BN_CTX_free(bn_ctx);
return ret;
}
SM2_CIPHERTEXT_VALUE *d2i_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
SM2_CIPHERTEXT_VALUE **c, const unsigned char **in, long len)
{
int e = 1;
SM2_CIPHERTEXT_VALUE *ret = NULL;
SM2CiphertextValue *asn1 = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BN_CTX *bn_ctx = NULL;
if (!(asn1 = d2i_SM2CiphertextValue(NULL, in, len))) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!(x = ASN1_INTEGER_to_BN(asn1->xCoordinate, NULL))) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_BN_LIB);
goto end;
}
if (!(y = ASN1_INTEGER_to_BN(asn1->yCoordinate, NULL))) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_BN_LIB);
goto end;
}
ret = SM2_CIPHERTEXT_VALUE_new(group);
bn_ctx = BN_CTX_new();
if (!ret || !bn_ctx) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_MALLOC_FAILURE);
goto end;
}
/* (x, y) */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, ret->ephem_point, x, y, bn_ctx)) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_set_affine_coordinates_GF2m(group, ret->ephem_point, x, y, bn_ctx)) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_EC_LIB);
goto end;
}
}
/* hash */
ret->mactag_size = asn1->hash->length;
memcpy(ret->mactag, asn1->hash->data, asn1->hash->length);
/* ciphertext */
ret->ciphertext_size = asn1->ciphertext->length;
if (!(ret->ciphertext = OPENSSL_malloc(ret->ciphertext_size))) {
ECerr(EC_F_D2I_SM2_CIPHERTEXT_VALUE, ERR_R_MALLOC_FAILURE);
goto end;
}
memcpy(ret->ciphertext, asn1->ciphertext->data, asn1->ciphertext->length);
e = 0;
end:
SM2CiphertextValue_free(asn1);
BN_free(x);
BN_free(y);
BN_CTX_free(bn_ctx);
if (e && ret) {
SM2_CIPHERTEXT_VALUE_free(ret);
ret = NULL;
}
return ret;
}

866
crypto/sm2/sm2_enc.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved.
* Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -46,551 +46,280 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <assert.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/rand.h>
#include <openssl/kdf.h>
#include "internal/o_str.h"
#include "sm2_lcl.h"
SM2_ENC_PARAMS *SM2_ENC_PARAMS_new(void)
SM2CiphertextValue *SM2_do_encrypt(const EVP_MD *md,
const unsigned char *in, size_t inlen, EC_KEY *ec_key)
{
SM2_ENC_PARAMS *ret = NULL;
if (!(ret = OPENSSL_zalloc(sizeof(*ret)))) {
ECerr(EC_F_SM2_ENC_PARAMS_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
SM2_ENC_PARAMS_init_with_recommended(ret);
return ret;
}
SM2_ENC_PARAMS *SM2_ENC_PARAMS_dup(const SM2_ENC_PARAMS *param)
{
SM2_ENC_PARAMS *ret = NULL;
if (!param) {
ECerr(EC_F_SM2_ENC_PARAMS_DUP, EC_R_NULL_ARGUMENT);
return NULL;
}
if (!(ret = OPENSSL_memdup(param, sizeof(*param)))) {
ECerr(EC_F_SM2_ENC_PARAMS_DUP, ERR_R_MALLOC_FAILURE);
return NULL;
}
return ret;
}
int SM2_ENC_PARAMS_init_with_recommended(SM2_ENC_PARAMS *params)
{
if (!params) {
ECerr(EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED,
EC_R_NULL_ARGUMENT);
return 0;
}
params->kdf_md = EVP_sm3();
params->mac_md = EVP_sm3();
params->point_form = POINT_CONVERSION_UNCOMPRESSED;
return 1;
}
void SM2_ENC_PARAMS_free(SM2_ENC_PARAMS *param)
{
OPENSSL_free(param);
}
int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *group,
const SM2_ENC_PARAMS *params, size_t mlen)
{
int ret = 0;
EC_KEY *ec_key = NULL;
size_t len = 0;
if (!(ec_key = EC_KEY_new())) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_SIZE, ERR_R_EC_LIB);
goto end;
}
if (!EC_KEY_set_group(ec_key, group)) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_SIZE, ERR_R_EC_LIB);
goto end;
}
if (!EC_KEY_generate_key(ec_key)) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_SIZE, ERR_R_EC_LIB);
goto end;
}
len += EC_POINT_point2oct(group, EC_KEY_get0_public_key(ec_key),
params->point_form, NULL, 0, NULL);
len += mlen;
len += EVP_MD_size(params->mac_md);
ret = (int)len;
end:
EC_KEY_free(ec_key);
return ret;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new(const EC_GROUP *group)
{
SM2_CIPHERTEXT_VALUE *cv;
if (!(cv = OPENSSL_malloc(sizeof(*cv)))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_NEW, EC_R_MALLOC_FAILED);
return NULL;
}
memset(cv, 0, sizeof(*cv));
if (!(cv->ephem_point = EC_POINT_new(group))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_NEW, EC_R_POINT_NEW_FAILED);
OPENSSL_free(cv);
return NULL;
}
return cv;
}
void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv)
{
if (cv->ephem_point) EC_POINT_free(cv->ephem_point);
if (cv->ciphertext) OPENSSL_free(cv->ciphertext);
memset(cv, 0, sizeof(*cv));
OPENSSL_free(cv);
}
int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
unsigned char *buf, size_t *buflen)
{
int ret = 0;
BN_CTX *bn_ctx = BN_CTX_new();
size_t ptlen, cvlen;
OPENSSL_assert(cv);
OPENSSL_assert(ec_group);
OPENSSL_assert(buf);
OPENSSL_assert(cv->ephem_point);
if (!bn_ctx) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_ENCODE, ERR_R_BN_LIB);
return 0;
}
if (!(ptlen = EC_POINT_point2oct(ec_group, cv->ephem_point,
params->point_form, NULL, 0, bn_ctx))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_ENCODE, EC_R_POINT2OCT_FAILED);
goto end;
}
cvlen = ptlen + cv->ciphertext_size + cv->mactag_size;
if (!buf) {
*buflen = cvlen;
ret = 1;
goto end;
} else if (*buflen < cvlen) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_ENCODE, EC_R_BUFFER_TOO_SMALL);
goto end;
}
if (!(ptlen = EC_POINT_point2oct(ec_group, cv->ephem_point,
params->point_form, buf, *buflen, bn_ctx))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_ENCODE, EC_R_POINT2OCT_FAILED);
goto end;
}
buf += ptlen;
memcpy(buf, cv->ciphertext, cv->ciphertext_size);
buf += cv->ciphertext_size;
if (cv->mactag_size > 0) {
memcpy(buf, cv->mactag, cv->mactag_size);
}
*buflen = cvlen;
ret = 1;
end:
if (bn_ctx) BN_CTX_free(bn_ctx);
return ret;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(
const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
const unsigned char *buf, size_t buflen)
{
int ok = 0;
SM2_CIPHERTEXT_VALUE *ret = NULL;
BN_CTX *bn_ctx = BN_CTX_new();
int ptlen;
int fixlen;
if (!bn_ctx) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, ERR_R_BN_LIB);
return NULL;
}
if (!(fixlen = SM2_CIPHERTEXT_VALUE_size(ec_group, params, 0))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, EC_R_GET_CIPHERTEXT_SIZE_FAILED);
goto end;
}
if (buflen <= (size_t)fixlen) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, EC_R_BUFFER_TOO_SMALL);
goto end;
}
if (!(ret = OPENSSL_malloc(sizeof(SM2_CIPHERTEXT_VALUE)))) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, EC_R_MALLOC_FAILED);
goto end;
}
ret->ephem_point = EC_POINT_new(ec_group);
ret->ciphertext_size = buflen - fixlen;
ret->ciphertext = OPENSSL_malloc(ret->ciphertext_size);
if (!ret->ephem_point || !ret->ciphertext) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, EC_R_INNOR_ERROR);
goto end;
}
#if 0
//FIXME
ptlen = fixlen - SM2_ENC_PARAMS_mactag_size(params);
#endif
ptlen = (int)fixlen; //FIXME
if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, ptlen, bn_ctx)) {
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_DECODE, EC_R_OCT2POINT_FAILED);
goto end;
}
memcpy(ret->ciphertext, buf + ptlen, ret->ciphertext_size);
//FIXME
//ret->mactag_size = SM2_ENC_PARAMS_mactag_size(params);
if (ret->mactag_size > 0) {
memcpy(ret->mactag, buf + buflen - ret->mactag_size, ret->mactag_size);
}
ok = 1;
end:
if (!ok && ret) {
SM2_CIPHERTEXT_VALUE_free(ret);
ret = NULL;
}
if (bn_ctx) BN_CTX_free(bn_ctx);
return ret;
}
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags)
{
int ret = 0;
char *hex = NULL;
BN_CTX *ctx = BN_CTX_new();
size_t i;
if (!ctx) {
goto end;
}
if (!(hex = EC_POINT_point2hex(ec_group, cv->ephem_point,
POINT_CONVERSION_UNCOMPRESSED, ctx))) {
goto end;
}
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.ephem_point: %s\n", hex);
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.ciphertext : ");
for (i = 0; i < cv->ciphertext_size; i++) {
BIO_printf(out, "%02X", cv->ciphertext[i]);
}
BIO_printf(out, "\n");
BIO_printf(out, "SM2_CIPHERTEXT_VALUE.mactag :");
for (i = 0; i < cv->mactag_size; i++) {
BIO_printf(out, "%02X", cv->mactag[i]);
}
BIO_printf(out, "\n");
ret = 1;
end:
OPENSSL_free(hex);
BN_CTX_free(ctx);
return 0;
}
int SM2_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key)
{
int ret = 0;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
SM2_CIPHERTEXT_VALUE *cv = NULL;
int len;
if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, params, inlen))) {
ECerr(EC_F_SM2_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!out) {
*outlen = (size_t)len;
return 1;
} else if (*outlen < (size_t)len) {
ECerr(EC_F_SM2_ENCRYPT, EC_R_BUFFER_TOO_SMALL);
return 0;
}
if (!(cv = SM2_do_encrypt(params, in, inlen, ec_key))) {
ECerr(EC_F_SM2_ENCRYPT, EC_R_ENCRYPT_FAILED);
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_encode(cv, ec_group, params, out, outlen)) {
ECerr(EC_F_SM2_ENCRYPT, EC_R_CIPHERTEXT_ENCODE_FAILED);
goto end;
}
ret = 1;
end:
if (cv) SM2_CIPHERTEXT_VALUE_free(cv);
return ret;
}
SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
EC_KEY *ec_key)
{
int ok = 0;
SM2_CIPHERTEXT_VALUE *cv = NULL;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
const EC_POINT *pub_key = EC_KEY_get0_public_key(ec_key);
KDF_FUNC kdf = KDF_get_x9_63(params->kdf_md);
EC_POINT *point = NULL;
SM2CiphertextValue *ret = NULL;
SM2CiphertextValue *cv = NULL;
const EC_GROUP *group;
const EC_POINT *pub_key;
KDF_FUNC kdf;
EC_POINT *ephem_point = NULL;
EC_POINT *share_point = NULL;
BIGNUM *n = NULL;
BIGNUM *h = NULL;
BIGNUM *k = NULL;
BN_CTX *bn_ctx = NULL;
EVP_MD_CTX *md_ctx = NULL;
unsigned char buf[(OPENSSL_ECC_MAX_FIELD_BITS + 7)/4 + 1];
int nbytes;
unsigned char dgst[EVP_MAX_MD_SIZE];
unsigned int dgstlen;
int mactag_size;
size_t len;
size_t i;
unsigned int hashlen;
if (!ec_group || !pub_key) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_INVALID_EC_KEY);
goto end;
/* check arguments */
if (!md || !in || !ec_key) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!kdf) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_GET_KDF_FAILED);
if (inlen < SM2_MIN_PLAINTEXT_LENGTH || inlen > SM2_MAX_PLAINTEXT_LENGTH) {
SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_PLAINTEXT_LENGTH);
return 0;
}
if (!(kdf = KDF_get_x9_63(md))) {
SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_DIGEST_ALGOR);
return 0;
}
if (!(group = EC_KEY_get0_group(ec_key))
|| !(pub_key = EC_KEY_get0_public_key(ec_key))) {
SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_EC_KEY);
return 0;
}
/* malloc */
if (!(cv = SM2CiphertextValue_new())
|| !(ephem_point = EC_POINT_new(group))
|| !(share_point = EC_POINT_new(group))
|| !(n = BN_new())
|| !(h = BN_new())
|| !(k = BN_new())
|| !(bn_ctx = BN_CTX_new())
|| !(md_ctx = EVP_MD_CTX_new())) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
/* init ciphertext_value */
if (!(cv = OPENSSL_malloc(sizeof(SM2_CIPHERTEXT_VALUE)))) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_MALLOC_FAILED);
goto end;
}
memset(cv, 0, sizeof(*cv));
cv->ephem_point = EC_POINT_new(ec_group);
cv->ciphertext = OPENSSL_malloc(inlen);
cv->ciphertext_size = inlen;
if (!cv->ephem_point || !cv->ciphertext) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
point = EC_POINT_new(ec_group);
n = BN_new();
h = BN_new();
k = BN_new();
bn_ctx = BN_CTX_new();
md_ctx = EVP_MD_CTX_create();
if (!point || !n || !h || !k || !bn_ctx || !md_ctx) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
if (!ASN1_OCTET_STRING_set(cv->ciphertext, NULL, (int)inlen)
|| !ASN1_OCTET_STRING_set(cv->hash, NULL, EVP_MD_size(md))) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_ASN1_LIB);
goto end;
}
/* init ec domain parameters */
if (!EC_GROUP_get_order(ec_group, n, bn_ctx)) {
if (!EC_GROUP_get_order(group, n, bn_ctx)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!EC_GROUP_get_cofactor(ec_group, h, bn_ctx)) {
if (!EC_GROUP_get_cofactor(group, h, bn_ctx)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
nbytes = (EC_GROUP_get_degree(group) + 7) / 8;
/* check [h]P_B != O */
if (!EC_POINT_mul(group, share_point, NULL, pub_key, h, bn_ctx)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
if (EC_POINT_is_at_infinity(group, share_point)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_INVALID_PUBLIC_KEY);
goto end;
}
do
{
/* A1: rand k in [1, n-1] */
size_t size;
/* rand k in [1, n-1] */
do {
BN_rand_range(k, n);
} while (BN_is_zero(k));
/* A2: C1 = [k]G = (x1, y1) */
if (!EC_POINT_mul(ec_group, cv->ephem_point, k, NULL, NULL, bn_ctx)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
/* compute ephem_point [k]G = (x1, y1) */
if (!EC_POINT_mul(group, ephem_point, k, NULL, NULL, bn_ctx)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
/* A3: check [h]P_B != O */
if (!EC_POINT_mul(ec_group, point, NULL, pub_key, h, bn_ctx)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (EC_POINT_is_at_infinity(ec_group, point)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
/* compute ECDH share_point [k]P_B = (x2, y2) */
if (!EC_POINT_mul(group, share_point, NULL, pub_key, k, bn_ctx)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
/* A4: compute ECDH [k]P_B = (x2, y2) */
if (!EC_POINT_mul(ec_group, point, NULL, pub_key, k, bn_ctx)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!(len = EC_POINT_point2oct(ec_group, point,
/* compute t = KDF(x2 || y2, klen) */
if (!(len = EC_POINT_point2oct(group, share_point,
POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), bn_ctx))) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
OPENSSL_assert(len == nbytes * 2 + 1);
/* A5: t = KDF(x2 || y2, klen) */
kdf(buf + 1, len - 1, cv->ciphertext, &cv->ciphertext_size);
for (i = 0; i < cv->ciphertext_size; i++) {
if (cv->ciphertext[i]) {
break;
}
}
if (i == cv->ciphertext_size) {
continue;
size = cv->ciphertext->length;
kdf(buf + 1, len - 1, cv->ciphertext->data, &size);
if (size != inlen) {
SM2err(SM2_F_SM2_DO_ENCRYPT, SM2_R_KDF_FAILURE);
goto end;
}
break;
/* ASN1_OCTET_STRING_is_zero in asn1.h and a_octet.c */
} while (ASN1_OCTET_STRING_is_zero(cv->ciphertext));
} while (1);
/* set x/yCoordinates as (x1, y1) */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, ephem_point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, ephem_point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EC_LIB);
goto end;
}
}
/* A6: C2 = M xor t */
/* ciphertext = t xor in */
for (i = 0; i < inlen; i++) {
cv->ciphertext[i] ^= in[i];
cv->ciphertext->data[i] ^= in[i];
}
mactag_size = EVP_MD_size(params->mac_md);
if (mactag_size) {
/* A7: C3 = Hash(x2 || M || y2) */
if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, in, inlen)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestFinal_ex(md_ctx, dgst, &dgstlen)) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
/* GmSSL specific: reduce mactag size */
if (mactag_size > dgstlen) {
ECerr(EC_F_SM2_DO_ENCRYPT, EC_R_ERROR);
goto end;
}
cv->mactag_size = mactag_size;
memcpy(cv->mactag, dgst, cv->mactag_size);
}
ok = 1;
end:
if (!ok && cv) {
SM2_CIPHERTEXT_VALUE_free(cv);
cv = NULL;
}
if (point) EC_POINT_free(point);
if (n) BN_free(n);
if (h) BN_free(h);
if (k) BN_free(k);
if (bn_ctx) BN_CTX_free(bn_ctx);
if (md_ctx) EVP_MD_CTX_destroy(md_ctx);
return cv;
}
int SM2_decrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key)
{
int ret = 0;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
SM2_CIPHERTEXT_VALUE *cv = NULL;
int len;
if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, params, 0))) {
ECerr(EC_F_SM2_DECRYPT, EC_R_ERROR);
/* generate hash = Hash(x2 || M || y2) */
hashlen = cv->hash->length;
if (!EVP_DigestInit_ex(md_ctx, md, NULL)
|| !EVP_DigestUpdate(md_ctx, buf + 1, nbytes)
|| !EVP_DigestUpdate(md_ctx, in, inlen)
|| !EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)
|| !EVP_DigestFinal_ex(md_ctx, cv->hash->data, &hashlen)) {
SM2err(SM2_F_SM2_DO_ENCRYPT, ERR_R_EVP_LIB);
goto end;
}
if (inlen <= len) {
ECerr(EC_F_SM2_DECRYPT, EC_R_ERROR);
ret = cv;
cv = NULL;
end:
SM2CiphertextValue_free(cv);
EC_POINT_free(share_point);
EC_POINT_free(ephem_point);
BN_free(n);
BN_free(h);
BN_clear_free(k);
BN_CTX_free(bn_ctx);
EVP_MD_CTX_free(md_ctx);
return ret;
}
int SM2_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
SM2CiphertextValue *cv = NULL;
const EVP_MD *md;
int len;
if (!(md = EVP_get_digestbynid(type))) {
SM2err(SM2_F_SM2_ENCRYPT, SM2_R_INVALID_DIGEST_ALGOR);
return 0;
}
if (!(cv = SM2_do_encrypt(md, in, inlen, ec_key))) {
SM2err(SM2_F_SM2_ENCRYPT, SM2_R_ENCRYPT_FAILURE);
goto end;
}
if (!out) {
*outlen = inlen - len;
return 1;
} else if (*outlen < inlen - len) {
ECerr(EC_F_SM2_DECRYPT, EC_R_ERROR);
*outlen = i2d_SM2CiphertextValue(cv, NULL);
ret = 1;
} else if (*outlen < i2d_SM2CiphertextValue(cv, NULL)) {
SM2err(SM2_F_SM2_ENCRYPT, SM2_R_BUFFER_TOO_SMALL);
ret = 0;
} else {
len = i2d_SM2CiphertextValue(cv, &out);
*outlen = len;
ret = 1;
}
end:
SM2CiphertextValue_free(cv);
return ret;
}
int SM2_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
SM2CiphertextValue *cv = NULL;
const EVP_MD *md;
if (!in) {
SM2err(SM2_F_SM2_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!(cv = SM2_CIPHERTEXT_VALUE_decode(ec_group, params, in, inlen))) {
ECerr(EC_F_SM2_DECRYPT, EC_R_ERROR);
if (inlen <= 0 || inlen > INT_MAX) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_INPUT_LENGTH);
return 0;
}
if (!out) {
*outlen = inlen;
return 1;
} else if (*outlen < inlen) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
return 0;
}
if (!(md = EVP_get_digestbynid(type))) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_DIGEST_ALGOR);
return 0;
}
if (!(cv = d2i_SM2CiphertextValue(NULL, &in, (long)inlen))) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
return 0;
}
if (inlen != i2d_SM2CiphertextValue(cv, NULL)) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
goto end;
}
if (!SM2_do_decrypt(params, cv, out, outlen, ec_key)) {
ECerr(EC_F_SM2_DECRYPT, EC_R_ERROR);
if (!SM2_do_decrypt(md, cv, out, outlen, ec_key)) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_DECRYPT_FAILURE);
goto end;
}
ret = 1;
end:
if (cv) SM2_CIPHERTEXT_VALUE_free(cv);
SM2CiphertextValue_free(cv);
return ret;
}
int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
const SM2_CIPHERTEXT_VALUE *cv,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key)
int SM2_do_decrypt(const EVP_MD *md, const SM2CiphertextValue *cv,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
const BIGNUM *pri_key = EC_KEY_get0_private_key(ec_key);
KDF_FUNC kdf = KDF_get_x9_63(params->kdf_md);
const EC_GROUP *group;
const BIGNUM *pri_key;
KDF_FUNC kdf;
EC_POINT *point = NULL;
BIGNUM *n = NULL;
BIGNUM *h = NULL;
@@ -598,121 +327,136 @@ int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
EVP_MD_CTX *md_ctx = NULL;
unsigned char buf[(OPENSSL_ECC_MAX_FIELD_BITS + 7)/4 + 1];
unsigned char mac[EVP_MAX_MD_SIZE];
unsigned int maclen;
int mactag_size;
int nbytes;
size_t size;
int i;
unsigned int maclen = sizeof(mac);
int nbytes, len, i;
if (!ec_group || !pri_key) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
/* check arguments */
if (!md || !cv || !outlen || !ec_key) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (!kdf) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
if (!(kdf = KDF_get_x9_63(md))) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_DIGEST_ALGOR);
return 0;
}
if (!cv->xCoordinate || !cv->yCoordinate || !cv->hash || !cv->ciphertext) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
return 0;
}
if (cv->hash->length != EVP_MD_size(md)) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
return 0;
}
if (cv->ciphertext->length < SM2_MIN_PLAINTEXT_LENGTH
|| cv->ciphertext->length > SM2_MAX_PLAINTEXT_LENGTH) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
return 0;
}
if (!(group = EC_KEY_get0_group(ec_key))
|| !(pri_key = EC_KEY_get0_private_key(ec_key))) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_EC_KEY);
return 0;
}
if (!out) {
*outlen = cv->ciphertext_size;
*outlen = cv->ciphertext->length;
return 1;
}
if (*outlen < cv->ciphertext_size) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
if (*outlen < cv->ciphertext->length) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
return 0;
}
/* init vars */
point = EC_POINT_new(ec_group);
/* malloc */
point = EC_POINT_new(group);
n = BN_new();
h = BN_new();
bn_ctx = BN_CTX_new();
md_ctx = EVP_MD_CTX_create();
md_ctx = EVP_MD_CTX_new();
if (!point || !n || !h || !bn_ctx || !md_ctx) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_MALLOC_FAILURE);
goto end;
}
/* init ec domain parameters */
if (!EC_GROUP_get_order(ec_group, n, bn_ctx)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (!EC_GROUP_get_cofactor(ec_group, h, bn_ctx)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
nbytes = (EC_GROUP_get_degree(ec_group) + 7) / 8;
/* B2: check [h]C1 != O */
if (!EC_POINT_mul(ec_group, point, NULL, cv->ephem_point, h, bn_ctx)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (EC_POINT_is_at_infinity(ec_group, point)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
if (!EC_GROUP_get_order(group, n, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
/* B3: compute ECDH [d]C1 = (x2, y2) */
if (!EC_POINT_mul(ec_group, point, NULL, cv->ephem_point, pri_key, bn_ctx)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
if (!EC_GROUP_get_cofactor(group, h, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (!(size = EC_POINT_point2oct(ec_group, point,
nbytes = (EC_GROUP_get_degree(group) + 7) / 8;
/* get x/yCoordinates as C1 = (x1, y1) */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
goto end;
}
} else {
if (!EC_POINT_set_affine_coordinates_GF2m(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
goto end;
}
}
/* check [h]C1 != O */
if (!EC_POINT_mul(group, point, NULL, point, h, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (EC_POINT_is_at_infinity(group, point)) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
goto end;
}
/* compute ECDH [d]C1 = (x2, y2) */
if (!EC_POINT_mul(group, point, NULL, point, pri_key, bn_ctx)) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
if (!(len = EC_POINT_point2oct(group, point,
POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), bn_ctx))) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EC_LIB);
goto end;
}
OPENSSL_assert(size == 1 + nbytes * 2);
/* B4: compute t = KDF(x2 || y2, clen) */
*outlen = cv->ciphertext_size; //FIXME: duplicated code
kdf(buf + 1, size - 1, out, outlen);
/* compute t = KDF(x2 || y2, clen) */
*outlen = cv->ciphertext->length;
kdf(buf + 1, len - 1, out, outlen);
/* B5: compute M = C2 xor t */
for (i = 0; i < cv->ciphertext_size; i++) {
out[i] ^= cv->ciphertext[i];
/* compute M = C2 xor t */
for (i = 0; i < cv->ciphertext->length; i++) {
out[i] ^= cv->ciphertext->data[i];
}
*outlen = cv->ciphertext_size;
mactag_size = EVP_MD_size(params->mac_md);
if (mactag_size) {
/* check hash == Hash(x2 || M || y2) */
if (!EVP_DigestInit_ex(md_ctx, md, NULL)
|| !EVP_DigestUpdate(md_ctx, buf + 1, nbytes)
|| !EVP_DigestUpdate(md_ctx, out, *outlen)
|| !EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)
|| !EVP_DigestFinal_ex(md_ctx, mac, &maclen)) {
SM2err(SM2_F_SM2_DO_DECRYPT, ERR_R_EVP_LIB);
goto end;
}
/* B6: check Hash(x2 || M || y2) == C3 */
if (!EVP_DigestInit_ex(md_ctx, params->mac_md, NULL)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, buf + 1, nbytes)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, out, *outlen)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, buf + 1 + nbytes, nbytes)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (!EVP_DigestFinal_ex(md_ctx, mac, &maclen)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
/* GmSSL specific */
if (mactag_size > (int)maclen) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (cv->mactag_size != mactag_size ||
OPENSSL_memcmp(mac, cv->mactag, cv->mactag_size)) {
ECerr(EC_F_SM2_DO_DECRYPT, EC_R_ERROR);
goto end;
}
if (OPENSSL_memcmp(cv->hash->data, mac, maclen) != 0) {
SM2err(SM2_F_SM2_DO_DECRYPT, SM2_R_INVALID_CIPHERTEXT);
goto end;
}
ret = 1;
@@ -721,24 +465,6 @@ end:
BN_free(n);
BN_free(h);
BN_CTX_free(bn_ctx);
EVP_MD_CTX_destroy(md_ctx);
EVP_MD_CTX_free(md_ctx);
return ret;
}
int SM2_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
SM2_ENC_PARAMS params;
SM2_ENC_PARAMS_init_with_recommended(&params);
return SM2_encrypt(&params, in, inlen, out, outlen, ec_key);
}
int SM2_decrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key)
{
SM2_ENC_PARAMS params;
SM2_ENC_PARAMS_init_with_recommended(&params);
return SM2_decrypt(&params, in, inlen, out, outlen, ec_key);
}

65
crypto/sm2/sm2_err.c Normal file
View File

@@ -0,0 +1,65 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/sm2.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SM2,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SM2,0,reason)
static ERR_STRING_DATA SM2_str_functs[] = {
{ERR_FUNC(SM2_F_I2O_SM2CIPHERTEXTVALUE), "i2o_SM2CiphertextValue"},
{ERR_FUNC(SM2_F_O2I_SM2CIPHERTEXTVALUE), "o2i_SM2CiphertextValue"},
{ERR_FUNC(SM2_F_SM2_DECRYPT), "SM2_decrypt"},
{ERR_FUNC(SM2_F_SM2_DO_DECRYPT), "SM2_do_decrypt"},
{ERR_FUNC(SM2_F_SM2_DO_ENCRYPT), "SM2_do_encrypt"},
{ERR_FUNC(SM2_F_SM2_DO_SIGN), "SM2_do_sign"},
{ERR_FUNC(SM2_F_SM2_DO_VERIFY), "SM2_do_verify"},
{ERR_FUNC(SM2_F_SM2_ENCRYPT), "SM2_encrypt"},
{ERR_FUNC(SM2_F_SM2_SIGN_SETUP), "SM2_sign_setup"},
{0, NULL}
};
static ERR_STRING_DATA SM2_str_reasons[] = {
{ERR_REASON(SM2_R_BAD_SIGNATURE), "bad signature"},
{ERR_REASON(SM2_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(SM2_R_DECRYPT_FAILURE), "decrypt failure"},
{ERR_REASON(SM2_R_ENCRYPT_FAILURE), "encrypt failure"},
{ERR_REASON(SM2_R_INVALID_CIPHERTEXT), "invalid ciphertext"},
{ERR_REASON(SM2_R_INVALID_DIGEST_ALGOR), "invalid digest algor"},
{ERR_REASON(SM2_R_INVALID_EC_KEY), "invalid ec key"},
{ERR_REASON(SM2_R_INVALID_INPUT_LENGTH), "invalid input length"},
{ERR_REASON(SM2_R_INVALID_PLAINTEXT_LENGTH), "invalid plaintext length"},
{ERR_REASON(SM2_R_INVALID_PUBLIC_KEY), "invalid public key"},
{ERR_REASON(SM2_R_KDF_FAILURE), "kdf failure"},
{ERR_REASON(SM2_R_MISSING_PARAMETERS), "missing parameters"},
{ERR_REASON(SM2_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
{ERR_REASON(SM2_R_RANDOM_NUMBER_GENERATION_FAILED),
"random number generation failed"},
{0, NULL}
};
#endif
int ERR_load_SM2_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(SM2_str_functs[0].error) == NULL) {
ERR_load_strings(0, SM2_str_functs);
ERR_load_strings(0, SM2_str_reasons);
}
#endif
return 1;
}

584
crypto/sm2/sm2_exch.c Normal file
View File

@@ -0,0 +1,584 @@
/* ====================================================================
* Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <string.h>
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/kdf.h>
#include "sm2_lcl.h"
int SM2_KAP_CTX_init(SM2_KAP_CTX *ctx,
EC_KEY *ec_key, const char *id, size_t idlen,
EC_KEY *remote_pubkey, const char *rid, size_t ridlen,
int is_initiator, int do_checksum)
{
int ret = 0;
int w;
size_t len;
if (!ctx || !ec_key || !remote_pubkey) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
memset(ctx, 0, sizeof(*ctx));
ctx->id_dgst_md = EVP_sm3();
ctx->kdf_md = EVP_sm3();
ctx->checksum_md = EVP_sm3();
ctx->point_form = SM2_DEFAULT_POINT_CONVERSION_FORM;
if (!(ctx->kdf = KDF_get_x9_63(ctx->kdf_md))) {
ECerr(EC_F_SM2_KAP_CTX_INIT, EC_R_INVALID_KDF_MD);
goto end;
}
ctx->is_initiator = is_initiator;
ctx->do_checksum = do_checksum;
if (EC_GROUP_cmp(EC_KEY_get0_group(ec_key),
EC_KEY_get0_group(remote_pubkey), NULL) != 0) {
ECerr(EC_F_SM2_KAP_CTX_INIT, 0);
goto end;
}
len = ctx->id_dgstlen;
if (!SM2_compute_id_digest(ctx->id_dgst_md, id, idlen,
ctx->id_dgst, &len, ec_key)) {
ECerr(EC_F_SM2_KAP_CTX_INIT, 0);
goto end;
}
ctx->id_dgstlen = len;
if (!(ctx->ec_key = EC_KEY_dup(ec_key))) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_EC_LIB);
goto end;
}
len = ctx->remote_id_dgstlen;
if (!SM2_compute_id_digest(ctx->id_dgst_md, rid, ridlen,
ctx->remote_id_dgst, &len, remote_pubkey)) {
ECerr(EC_F_SM2_KAP_CTX_INIT, 0);
goto end;
}
ctx->remote_id_dgstlen = len;
if (!(ctx->remote_pubkey = EC_KEY_dup(remote_pubkey))) {
ECerr(EC_F_SM2_KAP_CTX_INIT, 0);
goto end;
}
ctx->group = EC_KEY_get0_group(ec_key);
ctx->bn_ctx = BN_CTX_new();
ctx->order = BN_new();
ctx->two_pow_w = BN_new();
ctx->t = BN_new();
if (!ctx->bn_ctx || !ctx->order || !ctx->two_pow_w || !ctx->t) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_BN_LIB);
goto end;
}
if (!EC_GROUP_get_order(EC_KEY_get0_group(ec_key), ctx->order, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_EC_LIB);
goto end;
}
w = (BN_num_bits(ctx->order) + 1)/2 - 1;
if (!BN_one(ctx->two_pow_w)) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_BN_LIB);
goto end;
}
if (!BN_lshift(ctx->two_pow_w, ctx->two_pow_w, w)) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_BN_LIB);
goto end;
}
if (!(ctx->point = EC_POINT_new(ctx->group))) {
ECerr(EC_F_SM2_KAP_CTX_INIT, ERR_R_EC_LIB);
goto end;
}
ret = 1;
end:
if (!ret) SM2_KAP_CTX_cleanup(ctx);
return ret;
}
void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx)
{
if (ctx) {
EC_KEY_free(ctx->ec_key);
EC_KEY_free(ctx->remote_pubkey);
BN_CTX_free(ctx->bn_ctx);
BN_free(ctx->two_pow_w);
BN_free(ctx->order);
EC_POINT_free(ctx->point);
BN_free(ctx->t);
memset(ctx, 0, sizeof(*ctx));
}
}
/* FIXME: ephem_point_len should be both input and output */
int SM2_KAP_prepare(SM2_KAP_CTX *ctx, unsigned char *ephem_point,
size_t *ephem_point_len)
{
int ret = 0;
const BIGNUM *prikey;
BIGNUM *h = NULL;
BIGNUM *r = NULL;
BIGNUM *x = NULL;
if (!(prikey = EC_KEY_get0_private_key(ctx->ec_key))) {
ECerr(EC_F_SM2_KAP_PREPARE, EC_R_SM2_KAP_NOT_INITED);
return 0;
}
h = BN_new();
r = BN_new();
x = BN_new();
if (!h || !r || !x) {
ECerr(EC_F_SM2_KAP_PREPARE, 0);
goto end;
}
/*
* r = rand(1, n)
* R = rG = (x, y)
*/
do {
if (!BN_rand_range(r, ctx->order)) {
ECerr(EC_F_SM2_KAP_PREPARE, EC_R_RANDOM_NUMBER_GENERATION_FAILED);
goto end;
}
} while (BN_is_zero(r));
if (!EC_POINT_mul(ctx->group, ctx->point, r, NULL, NULL, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_EC_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ctx->group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ctx->group, ctx->point, x, NULL, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(ctx->group, ctx->point, x, NULL, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_EC_LIB);
goto end;
}
}
/*
* w = ceil(keybits / 2) - 1
* x = 2^w + (x and (2^w - 1)) = 2^w + (x mod 2^w)
* t = (d + x * r) mod n
* t = (h * t) mod n
*/
if (!ctx->t) {
ECerr(EC_F_SM2_KAP_PREPARE, EC_R_SM2_KAP_NOT_INITED);
goto end;
}
if (!BN_nnmod(x, x, ctx->two_pow_w, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_BN_LIB);
goto end;
}
if (!BN_add(x, x, ctx->two_pow_w)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(ctx->t, x, r, ctx->order, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_add(ctx->t, ctx->t, prikey, ctx->order, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_BN_LIB);
goto end;
}
if (!EC_GROUP_get_cofactor(ctx->group, h, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_EC_LIB);
goto end;
}
if (!BN_mul(ctx->t, ctx->t, h, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_PREPARE, ERR_R_BN_LIB);
goto end;
}
/* encode R = (x, y) for output and local buffer */
// FIXME: ret is size_t and ret is the output length
ret = EC_POINT_point2oct(ctx->group, ctx->point, ctx->point_form,
ephem_point, *ephem_point_len, ctx->bn_ctx);
memcpy(ctx->pt_buf, ephem_point, ret);
*ephem_point_len = ret;
ret = 1;
end:
if (h) BN_free(h);
if (r) BN_free(r);
if (x) BN_free(x);
return ret;
}
int SM2_KAP_compute_key(SM2_KAP_CTX *ctx, const unsigned char *remote_point,
size_t remote_point_len, unsigned char *key, size_t keylen,
unsigned char *checksum, size_t *checksumlen)
{
int ret = 0;
EVP_MD_CTX *md_ctx = NULL;
BIGNUM *x = NULL;
unsigned char share_pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4 + EVP_MAX_MD_SIZE * 2 + 100];
unsigned char remote_pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4 + 111];
unsigned char dgst[EVP_MAX_MD_SIZE];
unsigned int dgstlen;
unsigned int len, bnlen;
size_t klen = keylen;
md_ctx = EVP_MD_CTX_new();
x = BN_new();
if (!md_ctx || !x) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
/*
* decode point R = (x, y), encode (x, y)
* x = 2^w + (x and (2^w - 1)) = 2^w + (x mod 2^w), w = ceil(keybits / 2) - 1
* U = ht * (P + x * R)
* check U != O
*/
if (!EC_POINT_oct2point(ctx->group, ctx->point,
remote_point, remote_point_len, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
if (!(len = EC_POINT_point2oct(ctx->group, ctx->point, POINT_CONVERSION_UNCOMPRESSED,
remote_pt_buf, sizeof(remote_pt_buf), ctx->bn_ctx))) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ctx->group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ctx->group, ctx->point, x, NULL, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(ctx->group, ctx->point, x, NULL, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EC_LIB);
goto end;
}
}
/* x = 2^w + (x and (2^w - 1)) = 2^w + (x mod 2^w) */
if (!BN_nnmod(x, x, ctx->two_pow_w, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_BN_LIB);
goto end;
}
if (!BN_add(x, x, ctx->two_pow_w)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_BN_LIB);
goto end;
}
/*
if (!BN_mod_mul(x, x, ctx->t, ctx->order, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_BN_LIB);
goto end;
}
*/
/* U = ht * (P + x * R), check U != O */
if (!EC_POINT_mul(ctx->group, ctx->point, NULL, ctx->point, x, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_add(ctx->group, ctx->point, ctx->point,
EC_KEY_get0_public_key(ctx->remote_pubkey), ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EC_LIB);
goto end;
}
if (!EC_POINT_mul(ctx->group, ctx->point, NULL, ctx->point, ctx->t, ctx->bn_ctx)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EC_LIB);
goto end;
}
if (EC_POINT_is_at_infinity(ctx->group, ctx->point)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
/* encode U, append with ZA, ZB */
if (!(len = EC_POINT_point2oct(ctx->group, ctx->point, POINT_CONVERSION_UNCOMPRESSED,
share_pt_buf, sizeof(share_pt_buf), ctx->bn_ctx))) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
if (ctx->is_initiator) {
memcpy(share_pt_buf + len, ctx->id_dgst, ctx->id_dgstlen);
len += ctx->id_dgstlen;
memcpy(share_pt_buf + len, ctx->remote_id_dgst, ctx->remote_id_dgstlen);
len += ctx->remote_id_dgstlen;
} else {
memcpy(share_pt_buf + len, ctx->remote_id_dgst, ctx->remote_id_dgstlen);
len += ctx->remote_id_dgstlen;
memcpy(share_pt_buf + len, ctx->id_dgst, ctx->id_dgstlen);
len += ctx->id_dgstlen;
}
/* key = KDF(xu, yu, ZA, ZB) */
if (!ctx->kdf(share_pt_buf + 1, len - 1, key, &klen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, 0);
goto end;
}
if (ctx->do_checksum) {
/* generate checksum S1 or SB start with 0x02
* S1 = SB = Hash(0x02, yu, Hash(xu, ZA, ZB, x1, y1, x2, y2))
*/
if (!EVP_DigestInit_ex(md_ctx, ctx->checksum_md, NULL)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
bnlen = BN_num_bytes(ctx->order);
if (!EVP_DigestUpdate(md_ctx, share_pt_buf + 1, bnlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (ctx->is_initiator) {
/* update ZA,ZB,x1,y1,x2,y2 */
if (!EVP_DigestUpdate(md_ctx, ctx->id_dgst, ctx->id_dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, ctx->remote_id_dgst, ctx->remote_id_dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, ctx->pt_buf + 1, bnlen * 2)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, remote_pt_buf + 1, bnlen * 2)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
} else {
if (!EVP_DigestUpdate(md_ctx, ctx->remote_id_dgst, ctx->remote_id_dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, ctx->id_dgst, ctx->id_dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, remote_pt_buf + 1, bnlen * 2)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, ctx->pt_buf + 1, bnlen * 2)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
}
if (!EVP_DigestFinal_ex(md_ctx, dgst, &dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
/* now dgst == H(xu,ZA,ZB,x1,y1,x2,y2)
*/
/* S1 = SB = Hash(0x02, yu, dgst) */
if (!EVP_DigestInit_ex(md_ctx, ctx->checksum_md, NULL)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, "\x02", 1)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, share_pt_buf + 1 + bnlen, bnlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, dgst, dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
/* output S1 to local buffer or SB to output */
if (ctx->is_initiator) {
if (!EVP_DigestFinal_ex(md_ctx, ctx->checksum, &len)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
} else {
if (!EVP_DigestFinal_ex(md_ctx, checksum, &len)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
*checksumlen = len;
}
/* generate checksum SA or S2 start with 0x03
* SA = S2 = Hash(0x03, yu, dgst)
*/
if (!EVP_DigestInit_ex(md_ctx, ctx->checksum_md, NULL)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, "\x03", 1)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, share_pt_buf + 1 + bnlen, bnlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (!EVP_DigestUpdate(md_ctx, dgst, dgstlen)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
if (ctx->is_initiator) {
if (!EVP_DigestFinal_ex(md_ctx, checksum, &len)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
*checksumlen = len;
} else {
if (!EVP_DigestFinal_ex(md_ctx, ctx->checksum, &len)) {
ECerr(EC_F_SM2_KAP_COMPUTE_KEY, ERR_R_EVP_LIB);
goto end;
}
}
}
ret = 1;
end:
EVP_MD_CTX_free(md_ctx);
BN_free(x);
return ret;
}
int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum,
size_t checksumlen)
{
if (ctx->do_checksum) {
if (checksumlen != EVP_MD_size(ctx->checksum_md)) {
ECerr(EC_F_SM2_KAP_FINAL_CHECK, EC_R_INVALID_SM2_KAP_CHECKSUM_LENGTH);
return 0;
}
if (memcmp(ctx->checksum, checksum, checksumlen)) {
ECerr(EC_F_SM2_KAP_FINAL_CHECK, EC_R_INVALID_SM2_KAP_CHECKSUM_VALUE);
return 0;
}
}
return 1;
}
int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *ec_key, KDF_FUNC kdf_f)
{
return 0;
}

3
crypto/sm2/sm2_id.c
View File

@@ -59,6 +59,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
#include "sm2_lcl.h"
#define EC_MAX_NBYTES ((OPENSSL_ECC_MAX_FIELD_BITS + 7)/8)
@@ -211,7 +212,7 @@ int SM2_compute_id_digest(const EVP_MD *md, const char *id, size_t idlen,
}
#ifndef OPENSSL_NO_STRICT_GM
if (EVP_MD_size(md) != SM2_ID_DIGEST_LENGTH) {
if (EVP_MD_size(md) != SM2_DEFAULT_ID_DIGEST_LENGTH) {
ECerr(EC_F_SM2_COMPUTE_ID_DIGEST, EC_R_INVALID_DIGEST_ALGOR);
return 0;
}

2
crypto/sm2/sm2_kap.c
View File

@@ -52,6 +52,8 @@
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/kdf.h>
#include "sm2_lcl.h"
int SM2_KAP_CTX_init(SM2_KAP_CTX *ctx,
EC_KEY *ec_key, const char *id, size_t idlen,

131
crypto/sm2/sm2_kmeth.c
View File

@@ -58,138 +58,22 @@
#define SM2_KMETH_FLAGS 0
int SM2_ENC_PARAMS_set_type(SM2_ENC_PARAMS *params, int type)
{
const EVP_MD *md;
if (!(md = EVP_get_digestbynid(type))) {
ECerr(EC_F_SM2_ENC_PARAMS_SET_TYPE, EC_R_INVALID_DIGEST_TYPE);
return 0;
}
params->kdf_md = md;
params->mac_md = md;
params->point_form = SM2_DEFAULT_POINT_CONVERSION_FORM;
return 1;
}
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECIES_CIPHERTEXT_VALUE(
const ECIES_CIPHERTEXT_VALUE *in)
{
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECIES_CIPHERTEXT_VALUE,
ERR_R_EC_LIB);
return NULL;
}
int SM2_CIPHERTEXT_VALUE_set_ECIES_CIPHERTEXT_VALUE(SM2_CIPHERTEXT_VALUE *sm2,
const ECIES_CIPHERTEXT_VALUE *in)
{
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_SET_ECIES_CIPHERTEXT_VALUE,
ERR_R_EC_LIB);
return 0;
}
int SM2_CIPHERTEXT_VALUE_get_ECIES_CIPHERTEXT_VALUE(
const SM2_CIPHERTEXT_VALUE *sm2, ECIES_CIPHERTEXT_VALUE *out)
{
ECerr(EC_F_SM2_CIPHERTEXT_VALUE_GET_ECIES_CIPHERTEXT_VALUE,
ERR_R_EC_LIB);
return 0;
}
static int sm2_compute_key(unsigned char **Pout, size_t *poutlen,
const EC_POINT *pub_key, const EC_KEY *ec_key)
{
return 0;
}
static int sm2_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
SM2_ENC_PARAMS param;
if (!SM2_ENC_PARAMS_set_type(&param, type)) {
return 0;
}
return SM2_encrypt(&param, in, inlen, out, outlen, ec_key);
}
ECIES_CIPHERTEXT_VALUE *sm2_do_encrypt(int type, const unsigned char *in,
size_t inlen, EC_KEY *ec_key)
{
ECIES_CIPHERTEXT_VALUE *ret = NULL;
ECIES_CIPHERTEXT_VALUE *ecies = NULL;
SM2_CIPHERTEXT_VALUE *sm2 = NULL;
SM2_ENC_PARAMS param;
if (!(ecies = ECIES_CIPHERTEXT_VALUE_new())) {
goto end;
}
if (!SM2_ENC_PARAMS_set_type(&param, type)) {
goto end;
}
if (!(sm2 = SM2_do_encrypt(&param, in, inlen, ec_key))) {
goto end;
}
if (!SM2_CIPHERTEXT_VALUE_get_ECIES_CIPHERTEXT_VALUE(sm2, ecies)) {
goto end;
}
ret = ecies;
ecies = NULL;
end:
ECIES_CIPHERTEXT_VALUE_free(ecies);
SM2_CIPHERTEXT_VALUE_free(sm2);
return ret;
}
int sm2_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
SM2_ENC_PARAMS param;
if (!SM2_ENC_PARAMS_set_type(&param, type)) {
return 0;
}
return SM2_decrypt(&param, in, inlen, out, outlen, ec_key);
}
int sm2_do_decrypt(int type, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
SM2_CIPHERTEXT_VALUE *sm2 = NULL;
SM2_ENC_PARAMS param;
if (!SM2_ENC_PARAMS_set_type(&param, type)) {
goto end;
}
// we might require type/param
if (!(sm2 = SM2_CIPHERTEXT_VALUE_new_from_ECIES_CIPHERTEXT_VALUE(in))) {
goto end;
}
if (!SM2_do_decrypt(&param, sm2, out, outlen, ec_key)) {
goto end;
}
ret = 1;
end:
SM2_CIPHERTEXT_VALUE_free(sm2);
return ret;
}
static const EC_KEY_METHOD gmssl_ec_key_method = {
"GmSSL EC_KEY method",
EC_KEY_METHOD_SM2,
0,0,0,0,0,0,
ossl_ec_key_gen,
sm2_compute_key,
SM2_sign,
NULL,
SM2_sign_ex,
SM2_sign_setup,
SM2_do_sign,
SM2_do_sign_ex,
SM2_verify,
SM2_do_verify,
sm2_encrypt,
sm2_do_encrypt,
sm2_decrypt,
sm2_do_decrypt,
SM2_encrypt,
NULL,
SM2_decrypt,
NULL,
};
const EC_KEY_METHOD *EC_KEY_GmSSL(void)
@@ -206,7 +90,6 @@ int EC_KEY_METHOD_type(const EC_KEY_METHOD *meth)
}
}
void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth,
int (*encrypt)(int type,
const unsigned char *in,

104
crypto/sm2/sm2_lcl.h
View File

@@ -1,5 +1,107 @@
/*
* Copyright (c) 2015 - 2017 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#define EC_KEY_METHOD_SM2 0x02
#define SM2_DEFAULT_POINT_CONVERSION_FORM POINT_CONVERSION_UNCOMPRESSED
#define SM2_MAX_PKEY_DATA_LENGTH ((EC_MAX_NBYTES + 1) * 6)
int SM2_get_public_key_data(EC_KEY *ec_key, unsigned char *out, size_t *outlen);
int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md,
const unsigned char *msg, size_t msglen, const char *id, size_t idlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
struct SM2CiphertextValue_st {
BIGNUM *xCoordinate;
BIGNUM *yCoordinate;
ASN1_OCTET_STRING *hash;
ASN1_OCTET_STRING *ciphertext;
};
struct sm2_kap_ctx_st {
const EVP_MD *id_dgst_md;
const EVP_MD *kdf_md;
const EVP_MD *checksum_md;
point_conversion_form_t point_form;
KDF_FUNC kdf;
int is_initiator;
int do_checksum;
EC_KEY *ec_key;
unsigned char id_dgst[EVP_MAX_MD_SIZE];
unsigned int id_dgstlen;
EC_KEY *remote_pubkey;
unsigned char remote_id_dgst[EVP_MAX_MD_SIZE];
unsigned int remote_id_dgstlen;
const EC_GROUP *group;
BN_CTX *bn_ctx;
BIGNUM *order;
BIGNUM *two_pow_w;
BIGNUM *t;
EC_POINT *point;
unsigned char pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4];
unsigned char checksum[EVP_MAX_MD_SIZE];
};
int i2o_SM2CiphertextValue(const EC_GROUP *group, const SM2CiphertextValue *cv,
unsigned char **pout);
SM2CiphertextValue *o2i_SM2CiphertextValue(const EC_GROUP *group,
SM2CiphertextValue **cv, const unsigned char **pin, long len);

311
crypto/sm2/sm2_oct.c Normal file
View File

@@ -0,0 +1,311 @@
/* ====================================================================
* Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <string.h>
#include <openssl/ec.h>
#include <openssl/sm2.h>
#include <openssl/err.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/obj_mac.h>
#include "sm2_lcl.h"
int i2o_SM2CiphertextValue(const EC_GROUP *group, const SM2CiphertextValue *cv,
unsigned char **pout)
{
int ret = 0, outlen = 0, nbytes;
EC_POINT *point = NULL;
BN_CTX *bn_ctx = NULL;
unsigned char *buf;
unsigned char *p;
if (!group || !cv || !pout) {
SM2err(SM2_F_I2O_SM2CIPHERTEXTVALUE,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (!cv->xCoordinate || BN_num_bytes(cv->xCoordinate) > nbytes
|| !cv->yCoordinate || BN_num_bytes(cv->BN_num_bytes) > nbytes
|| ASN1_STRING_length(cv->hash) <= 0
|| ASN1_STRING_length(cv->hash) > EVP_MAX_MD_SIZE
|| ASN1_STRING_length(cv->ciphertext) <= 0) {
SM2err(SM2_F_I2O_SM2CIPHERTEXTVALUE, SM2_R_INVALID_CIPHERTEXT);
return 0;
}
/* prepare buffer */
if (*pout) {
p = *pout;
} else {
size_t buflen = 1 + nbytes * 2
+ ASN1_STRING_length(cv->ciphertext)
+ ASN1_STRING_length(cv->hash);
if (!(buf = OPENSSL_malloc(buflen))) {
SM2err(SM2_F_I2O_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
return 0;
}
p = buf;
}
/* encode x, y */
if (!(point = EC_POINT_new(group)) || !(bn_ctx = BN_CTX_new())) {
SM2err(SM2_F_I2O_SM2CIPHERTEXTVALUE, ERR_R_MALLOC_FAILURE);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_set_affine_coordinates_GFp(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
goto end;
}
} else {
if (!EC_POINT_set_affine_coordinates_GF2m(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
goto end;
}
}
if (!(siz = EC_POINT_point2oct(group, point,
POINT_CONVERSION_UNCOMPRESSED, p, 1 + 2 * nbytes, bn_ctx))) {
SM2err(SM2_F_I2O_SM2CIPHERTEXTVALUE, ERR_R_EC_LIB);
goto end;
}
OPENSSL_assert(siz == 1 + 2 * nbytes);
p += siz;
outlen += siz;
/* encode ciphertext */
memcpy(p, ASN1_STRING_get0_data(cv->ciphertext),
ASN1_STRING_length(cv->ciphertext));
p += ASN1_STRING_length(cv->ciphertext);
outlen += siz;
/* encode hash */
memcpy(out, ASN1_STRING_get0_data(cv->hash),
ASN1_STRING_length(cv->hash));
p += ASN1_STRING_length(cv->hash);
outlen += siz;
/* output */
if (*pout) {
*pout = p;
} else {
*pout = buf;
buf = NULL;
}
ret = outlen;
end:
EC_POINT_free(point);
BN_CTX_free(bn_ctx);
return ret;
}
SM2CiphertextValue *o2i_SM2CiphertextValue(const EC_GROUP *group,
const EVP_MD *md, SM2CiphertextValue **pout,
const unsigned char **pin, long len)
{
SM2CiphertextValue *ret = NULL;
SM2CiphertextValue *cv = NULL;
BN_CTX *bn_ctx = NULL;
unsigned char *p;
if (!group || !pin) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
nbytes = (EC_GROUP_get_degree(group) + 7)/8;
if (len <= 1 + nbytes * 2 + EVP_MD_size(md)) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
SM2_R_INVALID_CIPHERTEXT);
return NULL;
}
if (pout && *pout) {
cv = *pout;
} else {
if (!(cv = SM2CiphertextValue_new())) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
}
if (!(point = EC_POINT_new(group))
|| !(bn_ctx = BN_CTX_new(bn_ctx))) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
p = *pin;
/* set (x, y) */
if (!EC_POINT_oct2point(group, point, p, 1 + nbytes * 2, bn_ctx)) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
SM2_R_INVALID_CIPHERTEXT);
goto end;
}
p += 1 + nbytes * 2;
len -= 1 + nbytes * 2;
if (!cv->xCoordinate) {
if (!(cv->xCoordinate = BN_new())) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
}
if (!cv->yCoordinate) {
if (!(cv->yCoordinate = BN_new())) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE, ERR_R_EC_LIB);
goto end;
}
} else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, point,
cv->xCoordinate, cv->yCoordinate, bn_ctx)) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE, ERR_R_EC_LIB);
goto end;
}
}
/* set ciphertext */
if (!cv->ciphertext) {
if (!(cv->ciphertext = ASN1_OCTET_STRING_new())) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
}
if (!ASN1_OCTET_STRING_set(cv->ciphertext, p, len - EVP_MD_size(md))) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE, ERR_R_ASN1_LIB);
goto end;
}
p += len - EVP_MD_size(md);
/* set hash */
if (!cv->hash) {
if (!(cv->hash = ASN1_OCTET_STRING_new())) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE,
ERR_R_MALLOC_FAILURE);
goto end;
}
}
if (!ASN1_OCTET_STRING_set(cv->hash, p, EVP_MD_size(md))) {
SM2err(SM2_F_O2I_SM2CIPHERTEXTVALUE, ERR_R_ASN1_LIB);
goto end;
}
p += EVP_MD_size(md);
/* set result */
*pin = p;
ret = cv;
end:
SM2CiphertextValue_free(cv);
EC_POINT_free(point);
BN_CTX_free(bn_ctx);
return ret;
}
int SM2_encrypt(const EVP_MD *md, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
int ret = 0;
SM2CiphertextValue *cv = NULL;
if (!(cv = SM2_do_encrypt(md, in, inlen, ec_key))) {
goto end;
}
if (!out) {
len = i2o_SM2CiphertextValue(cv, NULL);
*outlen = len;
return 1;
}
if (!(i2o_SM2CiphertextValue(cv, &out))) {
goto end;
}
return 0;
}
int SM2_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key)
{
SM2CiphertextValue *cv = NULL;
}

92
crypto/sm2/sm2_sign.c
View File

@@ -69,13 +69,13 @@ static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **
EC_POINT *point = NULL;
if (ec_key == NULL || (ec_group = EC_KEY_get0_group(ec_key)) == NULL) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ctx_in == NULL) {
if ((ctx = BN_CTX_new()) == NULL) {
ECerr(EC_F_SM2_SIGN_SETUP,ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
return 0;
}
}
@@ -87,17 +87,17 @@ static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **
x = BN_new();
order = BN_new();
if (!k || !x || !order) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
goto end;
}
if ((point = EC_POINT_new(ec_group)) == NULL) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
goto end;
}
@@ -105,8 +105,8 @@ static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **
/* get random k */
do {
if (!BN_rand_range(k, order)) {
ECerr(EC_F_SM2_SIGN_SETUP,
EC_R_RANDOM_NUMBER_GENERATION_FAILED);
SM2err(SM2_F_SM2_SIGN_SETUP,
SM2_R_RANDOM_NUMBER_GENERATION_FAILED);
goto end;
}
@@ -114,24 +114,24 @@ static int sm2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx_in, BIGNUM **kp, BIGNUM **
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(ec_group, point, k, NULL, NULL, ctx)) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, x, NULL, ctx)) {
ECerr(EC_F_SM2_SIGN_SETUP,ERR_R_EC_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
goto end;
}
} else /* NID_X9_62_characteristic_two_field */ {
if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, x, NULL, ctx)) {
ECerr(EC_F_SM2_SIGN_SETUP,ERR_R_EC_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_EC_LIB);
goto end;
}
}
if (!BN_nnmod(x, x, order, ctx)) {
ECerr(EC_F_SM2_SIGN_SETUP, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_SIGN_SETUP, ERR_R_BN_LIB);
goto end;
}
@@ -178,12 +178,12 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
ec_group = EC_KEY_get0_group(ec_key);
priv_key = EC_KEY_get0_private_key(ec_key);
if (!ec_group || !priv_key) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (!(ret = ECDSA_SIG_new())) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
return NULL;
}
ret->r = BN_new();
@@ -193,11 +193,11 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
e = BN_new();
bn = BN_new();
if (!ret->r || !ret->s || !ctx || !order || !e || !bn) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_EC_LIB);
goto end;
}
@@ -209,13 +209,13 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
}
#endif
if (!BN_bin2bn(dgst, dgstlen, e)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
#if 0
if ((8 * dgstlen > i) && !BN_rshift(e, e, 8 - (i & 0x7))) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
#endif
@@ -224,33 +224,33 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
/* use or compute k and (kG).x */
if (!in_k || !in_x) {
if (!sm2_sign_setup(ec_key, ctx, &k, &ret->r)) {
ECerr(EC_F_SM2_DO_SIGN,ERR_R_ECDSA_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_ECDSA_LIB);
goto end;
}
ck = k;
} else {
ck = in_k;
if (!BN_copy(ret->r, in_x)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto end;
}
}
/* r = e + x (mod n) */
if (!BN_mod_add(ret->r, ret->r, e, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_add(bn, ret->r, ck, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
/* check r != 0 && r + k != n */
if (BN_is_zero(ret->r) || BN_is_zero(bn)) {
if (in_k && in_x) {
ECerr(EC_F_SM2_DO_SIGN, EC_R_NEED_NEW_SETUP_VALUES);
SM2err(SM2_F_SM2_DO_SIGN, SM2_R_NEED_NEW_SETUP_VALUES);
goto end;
} else
continue;
@@ -258,36 +258,36 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
/* s = ((1 + d)^-1 * (k - rd)) mod n */
if (!BN_one(bn)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_add(ret->s, priv_key, bn, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_inverse(ret->s, ret->s, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(bn, ret->r, priv_key, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_sub(bn, ck, bn, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (!BN_mod_mul(ret->s, ret->s, bn, order, ctx)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
/* check s != 0 */
if (BN_is_zero(ret->s)) {
if (in_k && in_x) {
ECerr(EC_F_SM2_DO_SIGN, EC_R_NEED_NEW_SETUP_VALUES);
SM2err(SM2_F_SM2_DO_SIGN, SM2_R_NEED_NEW_SETUP_VALUES);
goto end;
}
} else {
@@ -298,13 +298,13 @@ static ECDSA_SIG *sm2_do_sign(const unsigned char *dgst, int dgstlen,
#if 0
if (!BN_rshift1(bn, order)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
if (BN_cmp(ret->r, bn) <= 0) {
if (!BN_sub(ret->r, order, ret->r)
|| !BN_sub(ret->s, order, ret->s)) {
ECerr(EC_F_SM2_DO_SIGN, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_SIGN, ERR_R_BN_LIB);
goto end;
}
}
@@ -344,7 +344,7 @@ int sm2_do_verify(const unsigned char *dgst, int dgstlen,
!(ec_group = EC_KEY_get0_group(ec_key)) ||
!(pub_key = EC_KEY_get0_public_key(ec_key))) {
ECerr(EC_F_SM2_DO_VERIFY, EC_R_MISSING_PARAMETERS);
SM2err(SM2_F_SM2_DO_VERIFY, SM2_R_MISSING_PARAMETERS);
return -1;
}
@@ -353,21 +353,21 @@ int sm2_do_verify(const unsigned char *dgst, int dgstlen,
e = BN_new();
t = BN_new();
if (!ctx || !order || !e || !t) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
#if 0
if (!BN_rshift1(t, order)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
if (BN_cmp(sig->r, t) <= 0) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB); //FIXME: error code
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB); //FIXME: error code
goto end;
}
#endif
@@ -380,14 +380,14 @@ int sm2_do_verify(const unsigned char *dgst, int dgstlen,
BN_is_negative(sig->s) ||
BN_ucmp(sig->s, order) >= 0) {
ECerr(EC_F_SM2_DO_VERIFY, EC_R_BAD_SIGNATURE);
SM2err(SM2_F_SM2_DO_VERIFY, SM2_R_BAD_SIGNATURE);
ret = 0;
goto end;
}
/* check t = r + s != 0 */
if (!BN_mod_add(t, sig->r, sig->s, order, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
if (BN_is_zero(t)) {
@@ -403,44 +403,44 @@ int sm2_do_verify(const unsigned char *dgst, int dgstlen,
}
#endif
if (!BN_bin2bn(dgst, dgstlen, e)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
#if 0
if ((8 * dgstlen > i) && !BN_rshift(e, e, 8 - (i & 0x7))) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
#endif
/* compute (x, y) = sG + tP, P is pub_key */
if (!(point = EC_POINT_new(ec_group))) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_MALLOC_FAILURE);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto end;
}
if (!EC_POINT_mul(ec_group, point, sig->s, pub_key, t, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(ec_group)) == NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(ec_group, point, t, NULL, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
} else /* NID_X9_62_characteristic_two_field */ {
if (!EC_POINT_get_affine_coordinates_GF2m(ec_group, point, t, NULL, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_EC_LIB);
goto end;
}
}
if (!BN_nnmod(t, t, order, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
/* check (sG + tP).x + e == sig.r */
if (!BN_mod_add(t, t, e, order, ctx)) {
ECerr(EC_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
SM2err(SM2_F_SM2_DO_VERIFY, ERR_R_BN_LIB);
goto end;
}
if (BN_ucmp(t, sig->r) == 0) {

3
include/openssl/asn1.h
View File

@@ -597,6 +597,9 @@ int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
int len);
#ifndef OPENSSL_NO_SM2
int ASN1_OCTET_STRING_is_zero(const ASN1_OCTET_STRING *a);
#endif
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)

1
include/openssl/bn.h
View File

@@ -534,6 +534,7 @@ int ERR_load_BN_strings(void);
# define BN_F_BN_GFP2_CMP 149
# define BN_F_BN_GFP2_COPY 150
# define BN_F_BN_GFP2_DIV_BN 151
# define BN_F_BN_GFP2_EQU 162
# define BN_F_BN_GFP2_INV 152
# define BN_F_BN_GFP2_IS_ZERO 153
# define BN_F_BN_GFP2_MUL 154

10
include/openssl/bn_gfp2.h
View File

@@ -63,7 +63,9 @@ typedef struct {
} BN_GFP2;
BN_GFP2 *BN_GFP2_new(void);
void BN_GFP2_free(BN_GFP2 *a);
int BN_GFP2_copy(BN_GFP2 *r, const BN_GFP2 *a);
int BN_GFP2_one(BN_GFP2 *a);
int BN_GFP2_zero(BN_GFP2 *a);
int BN_GFP2_is_zero(const BN_GFP2 *a);
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b);
@@ -79,15 +81,8 @@ int BN_GF2P_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *
int BN_GFP2_sub_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_mul_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_div_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
void BN_GFP2_free(BN_GFP2 *a);
int BN_GFP2_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx);
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx);
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx);
/*
* Canonical a = a0 + a1 * i
* If order is 0 then output a0, a1, else output a1, a0, |a0| = |a1| = |p|.
@@ -95,7 +90,6 @@ int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
int order, const BIGNUM *p, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif

21
include/openssl/cpk.h
View File

@@ -74,28 +74,21 @@ int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index);
int CPK_MAP_print(BIO *out, X509_ALGOR *map, int indent, unsigned long flags);
typedef struct cpk_master_secret_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *secret_factors;
} CPK_MASTER_SECRET;
typedef struct cpk_master_secret_st CPK_MASTER_SECRET;
DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET)
typedef struct cpk_public_params_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *public_factors;
} CPK_PUBLIC_PARAMS;
typedef struct cpk_public_params_st CPK_PUBLIC_PARAMS;
DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS)
//CPK_MASTER_SECERT *CPK_MASTER_SECRET_new(const char *domain, const EC_GROUP *group, int map_algor);
CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, EVP_PKEY *pkey, X509_ALGOR *map_algor);
CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master);
EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id);
EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id);
int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params,
void *out, size_t outlen, const char *id, EVP_PKEY *priv_key,
void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen));

46
include/openssl/ec.h
View File

@@ -1342,39 +1342,6 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
# ifndef OPENSSL_NO_SM2
# define EVP_PKEY_CTX_set_ec_sign_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_sign_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set_ec_enc_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_enc_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set_ec_dh_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_dh_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, -2, NULL);
# endif
# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
@@ -1390,14 +1357,6 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
# define EVP_PKEY_ECDH_KDF_NONE 1
# define EVP_PKEY_ECDH_KDF_X9_62 2
# ifndef OPENSSL_NO_SM2
# define EVP_PKEY_CTRL_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 11)
# define EVP_PKEY_CTRL_GET_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 12)
# define EVP_PKEY_CTRL_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 13)
# define EVP_PKEY_CTRL_GET_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 14)
# define EVP_PKEY_CTRL_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 15)
# define EVP_PKEY_CTRL_GET_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 16)
# endif
/* BEGIN ERROR CODES */
/*
@@ -1435,6 +1394,7 @@ int ERR_load_EC_strings(void);
# define EC_F_ECIES_PARAMS_GET_KDF 276
# define EC_F_ECIES_PARAMS_GET_MAC 277
# define EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED 278
# define EC_F_ECIES_PARAMS_INIT_WITH_TYPE 320
# define EC_F_ECKEY_PARAM2TYPE 223
# define EC_F_ECKEY_PARAM_DECODE 212
# define EC_F_ECKEY_PRIV_DECODE 213
@@ -1632,6 +1592,7 @@ int ERR_load_EC_strings(void);
# define EC_R_ECIES_VERIFY_MAC_FAILURE 167
# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
# define EC_R_ENCRYPT_FAILED 168
# define EC_R_ENCRYPT_FAILURE 206
# define EC_R_ERROR 174
# define EC_R_FIELD_TOO_LARGE 143
# define EC_R_GEN_MAC_FAILED 169
@@ -1654,13 +1615,16 @@ int ERR_load_EC_strings(void);
# define EC_R_INVALID_DIGEST_TYPE 138
# define EC_R_INVALID_ECIES_CIPHERTEXT 171
# define EC_R_INVALID_ECIES_PARAMETERS 172
# define EC_R_INVALID_ECIES_PARAMS 207
# define EC_R_INVALID_EC_KEY 180
# define EC_R_INVALID_ENCODING 102
# define EC_R_INVALID_ENC_PARAM 208
# define EC_R_INVALID_ENC_TYPE 200
# define EC_R_INVALID_FIELD 103
# define EC_R_INVALID_FORM 104
# define EC_R_INVALID_GROUP_ORDER 122
# define EC_R_INVALID_ID_LENGTH 181
# define EC_R_INVALID_INPUT_LENGTH 209
# define EC_R_INVALID_KDF_MD 182
# define EC_R_INVALID_KEY 116
# define EC_R_INVALID_MD 205

35
include/openssl/ecies.h
View File

@@ -46,11 +46,6 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Ellitpic Curve Integrated Encryption Scheme (ECIES)
* see http://www.secg.org/sec1-v2.pdf (section 5)
* SEC1: Elliptic Curve Cryptography version 2.0
*/
#ifndef HEADER_ECIES_H
#define HEADER_ECIES_H
@@ -61,6 +56,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/kdf2.h>
#include <openssl/objects.h>
#ifdef __cplusplus
extern "C" {
@@ -71,6 +67,11 @@ ECIESAlgorithmSet ALGORITHM ::= {
{OID ecies-recommendedParameters} |
{OID ecies-specifiedParameters PARMS ECIESParameters},
... -- Future combinations may be added
{OID ecies-with-x9-63-sha1-aes128-cbc-hmac}
{OID ecies-with-x9-63-sha256-aes128-cbc-hmac}
{OID ecies-with-x9-63-sha256-aes192-cbc-hmac}
{OID ecies-with-x9-63-sha512-aes256-cbc-hmac}
{OID ecies-with-x9-63-sha256-xor-hmac}
}
*/
@@ -119,6 +120,7 @@ typedef struct ecies_params_st {
ECIES_PARAMS *ECIES_PARAMS_new(void);
int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param);
int ECIES_PARAMS_init_with_type(ECIES_PARAMS *param, int type);
ECIES_PARAMS *ECIES_PARAMS_dup(const ECIES_PARAMS *param);
KDF_FUNC ECIES_PARAMS_get_kdf(const ECIES_PARAMS *param);
int ECIES_PARAMS_get_enc(const ECIES_PARAMS *param, size_t inlen,
@@ -132,13 +134,7 @@ int i2d_ECIESParameters(const ECIES_PARAMS *param, unsigned char **out);
ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param,
const unsigned char **in, long len);
typedef struct ecies_ciphertext_value_st {
ASN1_OCTET_STRING *ephem_point;
ASN1_OCTET_STRING *ciphertext;
ASN1_OCTET_STRING *mactag;
} ECIES_CIPHERTEXT_VALUE;
typedef struct ecies_ciphertext_value_st ECIES_CIPHERTEXT_VALUE;
DECLARE_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE)
@@ -146,17 +142,14 @@ ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int ECIES_do_decrypt(const ECIES_PARAMS *param, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
int ECIES_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_decrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_decrypt_with_recommended(const unsigned char *in, size_t inlen,
int ECIES_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
#define ECIES_encrypt_with_recommended(in,inlen,out,outlen,ec_key) \
ECIES_encrypt(NID_ecies_with_x9_63_sha256_xor_hmac,in,inlen,out,outlen,ec_key)
#define ECIES_decrypt_with_recommended(in,inlen,out,outlen,ec_key) \
ECIES_decrypt(NID_ecies_with_x9_63_sha256_xor_hmac,in,inlen,out,outlen,ec_key)
#ifdef __cplusplus

3
include/openssl/err.h
View File

@@ -101,6 +101,7 @@ typedef struct err_state_st {
# define ERR_LIB_GMAPI 58
# define ERR_LIB_BFIBE 59
# define ERR_LIB_BB1IBE 60
# define ERR_LIB_SM2 66
# define ERR_LIB_SM9 61
# define ERR_LIB_SAF 62
# define ERR_LIB_SDF 63
@@ -152,6 +153,7 @@ typedef struct err_state_st {
# define GMAPIerr(f,r) ERR_PUT_error(ERR_LIB_GMAPI,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BFIBEerr(f,r) ERR_PUT_error(ERR_LIB_BFIBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BB1IBEerr(f,r) ERR_PUT_error(ERR_LIB_BB1IBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM2err(f,r) ERR_PUT_error(ERR_LIB_SM2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM9err(f,r) ERR_PUT_error(ERR_LIB_SM9,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SAFerr(f,r) ERR_PUT_error(ERR_LIB_SAF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SDFerr(f,r) ERR_PUT_error(ERR_LIB_SDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
@@ -212,6 +214,7 @@ typedef struct err_state_st {
# define ERR_R_GMAPI_LIB ERR_LIB_GMAPI/* 58 */
# define ERR_R_BFIBE_LIB ERR_LIB_BFIBE/* 59 */
# define ERR_R_BB1IBE_LIB ERR_LIB_BB1IBE/* 60 */
# define ERR_R_SM2_LIB ERR_LIB_SM2/* 66 */
# define ERR_R_SM9_LIB ERR_LIB_SM9/* 61 */
# define ERR_R_SAF_LIB ERR_LIB_SAF/* 62 */
# define ERR_R_SDF_LIB ERR_LIB_SDF/* 63 */

18
include/openssl/gmapi.h
View File

@@ -91,9 +91,9 @@ int EC_KEY_set_ECCrefPublicKey(EC_KEY *ec_key, const ECCrefPublicKey *ref);
int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref);
int EC_KEY_get_ECCrefPublicKey(EC_KEY *ec_key, ECCrefPublicKey *ref);
int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv, const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv, ECCCipher *ref);
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCipher(const ECCCipher *ref);
int SM2CiphertextValue_set_ECCCipher(SM2CiphertextValue *cv, const ECCCipher *ref);
int SM2CiphertextValue_get_ECCCipher(const SM2CiphertextValue *cv, ECCCipher *ref);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref);
int ECDSA_SIG_set_ECCSignature(ECDSA_SIG *sig, const ECCSignature *ref);
int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref);
@@ -111,9 +111,9 @@ int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob);
int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob);
int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob);
int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv, const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv, ECCCIPHERBLOB *blob);
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob);
int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv, const ECCCIPHERBLOB *blob);
int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, ECCCIPHERBLOB *blob);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob);
@@ -217,6 +217,12 @@ int ERR_load_GMAPI_strings(void);
# define GMAPI_F_SKF_MACINIT 184
# define GMAPI_F_SKF_MACUPDATE 185
# define GMAPI_F_SKF_SETSYMMKEY 186
# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER 193
# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB 194
# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER 195
# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB 196
# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER 197
# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB 198
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER 187
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB 188
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER 189

104
include/openssl/gmtls.h Normal file
View File

@@ -0,0 +1,104 @@
#ifndef HEADER_GMTLS_H
#define HEADER_GMTLS_H
#ifdef __cplusplus
extern "C" {
#endif
/* version */
# define GMTLS_VERSION 0x0101
# define GMTLS_VERSION_MAJOR 0x01
# define GMTLS_VERSOIN_MINOR 0x01
/* SSLVPN ciphersuites from GM/T 0024-2014 Table 2 */
# define GMTLS_CK_ECDHE_SM1_SM3 0x0300E001
# define GMTLS_CK_ECC_SM1_SM3 0x0300E003
# define GMTLS_CK_IBSDH_SM1_SM3 0x0300E005
# define GMTLS_CK_IBC_SM1_SM3 0x0300E007
# define GMTLS_CK_RSA_SM1_SM3 0x0300E009
# define GMTLS_CK_RSA_SM1_SHA1 0x0300E00A
# define GMTLS_CK_ECDHE_SM4_SM3 0x0300E011
# define GMTLS_CK_ECC_SM4_SM3 0x0300E013
# define GMTLS_CK_IBSDH_SM4_SM3 0x0300E015
# define GMTLS_CK_IBC_SM4_SM3 0x0300E017
# define GMTLS_CK_RSA_SM4_SM3 0x0300E019
# define GMTLS_CK_RSA_SM4_SHA1 0x0300E01A
/* PSK ciphersuites with NULL cipher */
# define GMTLS_CK_PSK_WITH_NULL_SM3
# define GMTLS_CK_DHE_PSK_WITH_NULL_SM3 0x0300F104
# define GMTLS_CK_RSA_PSK_WITH_NULL_SM3 0x0300F108
# define GMTLS_CK_SM2_PSK_WITH_NULL_SM3 0x0300F108
# define GMTLS_CK_ECDHE_PSK_WITH_NULL_SM3 0x0300F108
/* PSK ciphersuits with SMS4 */
# define GMTLS_CK_PSK_WITH_SMS4_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SMS4_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SMS4_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SMS4_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SMS4_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SMS4_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SMS4_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SMS4_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SMS4_CCM_SM3 0x0300F10B
# define GMTLS_CK_ECC_PSK_WITH_SMS4_CBC_SM3 0x0300F109
# define GMTLS_CK_ECC_PSK_WITH_SMS4_GCM_SM3 0x0300F10A
# define GMTLS_CK_ECC_PSK_WITH_SMS4_CCM_SM3 0x0300F10B
# define GMTLS_CK_PSK_WITH_SM1_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SM1_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SM1_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SM1_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SM1_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SM1_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SM1_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SM1_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SM1_CCM_SM3 0x0300F10B
# define GMTLS_CK_PSK_WITH_SSF33_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SSF33_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SSF33_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SSF33_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SSF33_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SSF33_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SSF33_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SSF33_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SSF33_CCM_SM3 0x0300F10B
/* SRP ciphersuites */
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CCM_SM3
# define TLS_CT_SM2_SIGN 240
# define TLS_CT_SM2_FIXED_ECDH 241
/* from GM/T 0024-2014 Table 1 */
#define GMTLS_AD_UNSUPPORTED_SITE2SITE 200 /* fatal */
#define GMTLS_AD_NO_AREA 201
#define GMTLS_AD_UNSUPPORTED_AREATYPE 202
#define GMTLS_AD_BAD_IBCPARAM 203 /* fatal */
#define GMTLS_AD_UNSUPPORTED_IBCPARAM 204 /* fatal */
#define GMTLS_AD_IDENTITY_NEED 205 /* fatal */
/* SSL_MAX_DIGEST in ssl_locl.h should be update */
#define GM1_PRF_SM3 (SSL_HANDSHAKE_MAC_SM3 << TLS1_PRF_DGST_SHIFT)
#ifdef __cplusplus
}
#endif
#endif

141
include/openssl/obj_mac.h
View File

@@ -4548,6 +4548,10 @@
#define LN_kx_gost "kx-gost"
#define NID_kx_gost 1045
#define SN_kx_sm2 "KxSM2"
#define LN_kx_sm2 "kx-sm2"
#define NID_kx_sm2 1186
#define SN_auth_rsa "AuthRSA"
#define LN_auth_rsa "auth-rsa"
#define NID_auth_rsa 1046
@@ -4580,6 +4584,10 @@
#define LN_auth_null "auth-null"
#define NID_auth_null 1053
#define SN_auth_sm2 "AuthSM2"
#define LN_auth_sm2 "auth-sm2"
#define NID_auth_sm2 1187
#define SN_ecies_recommendedParameters "ecies-recommendedParameters"
#define NID_ecies_recommendedParameters 1063
#define OBJ_ecies_recommendedParameters OBJ_secg_scheme,7L
@@ -4656,6 +4664,74 @@
#define NID_cmac_aes256_ecies 1081
#define OBJ_cmac_aes256_ecies OBJ_secg_scheme,24L,2L
#define SN_ecies_with_x9_63_sha1_xor_hmac "ecies-with-x9-63-sha1-xor-hmac"
#define NID_ecies_with_x9_63_sha1_xor_hmac 1169
#define OBJ_ecies_with_x9_63_sha1_xor_hmac OBJ_ecies_specifiedParameters,1L
#define SN_ecies_with_x9_63_sha256_xor_hmac "ecies-with-x9-63-sha256-xor-hmac"
#define NID_ecies_with_x9_63_sha256_xor_hmac 1170
#define OBJ_ecies_with_x9_63_sha256_xor_hmac OBJ_ecies_specifiedParameters,2L
#define SN_ecies_with_x9_63_sha512_xor_hmac "ecies-with-x9-63-sha512-xor-hmac"
#define NID_ecies_with_x9_63_sha512_xor_hmac 1171
#define OBJ_ecies_with_x9_63_sha512_xor_hmac OBJ_ecies_specifiedParameters,3L
#define SN_ecies_with_x9_63_sha1_aes128_cbc_hmac "ecies-with-x9-63-sha1-aes128-cbc-hmac"
#define NID_ecies_with_x9_63_sha1_aes128_cbc_hmac 1172
#define OBJ_ecies_with_x9_63_sha1_aes128_cbc_hmac OBJ_ecies_specifiedParameters,4L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_hmac "ecies-with-x9-63-sha256-aes128-cbc-hmac"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_hmac 1173
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac OBJ_ecies_specifiedParameters,5L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_hmac "ecies-with-x9-63-sha512-aes256-cbc-hmac"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_hmac 1174
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac OBJ_ecies_specifiedParameters,6L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_hmac "ecies-with-x9-63-sha256-aes128-ctr-hmac"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_hmac 1175
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac OBJ_ecies_specifiedParameters,7L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_hmac "ecies-with-x9-63-sha512-aes256-ctr-hmac"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_hmac 1176
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac OBJ_ecies_specifiedParameters,8L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_hmac_half "ecies-with-x9-63-sha256-aes128-cbc-hmac-half"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half 1177
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac_half OBJ_ecies_specifiedParameters,9L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_hmac_half "ecies-with-x9-63-sha512-aes256-cbc-hmac-half"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half 1178
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac_half OBJ_ecies_specifiedParameters,10L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_hmac_half "ecies-with-x9-63-sha256-aes128-ctr-hmac-half"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half 1179
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac_half OBJ_ecies_specifiedParameters,11L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_hmac_half "ecies-with-x9-63-sha512-aes256-ctr-hmac-half"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half 1180
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac_half OBJ_ecies_specifiedParameters,12L
#define SN_ecies_with_x9_63_sha1_aes128_cbc_cmac "ecies-with-x9-63-sha1-aes128-cbc-cmac"
#define NID_ecies_with_x9_63_sha1_aes128_cbc_cmac 1181
#define OBJ_ecies_with_x9_63_sha1_aes128_cbc_cmac OBJ_ecies_specifiedParameters,13L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_cmac "ecies-with-x9-63-sha256-aes128-cbc-cmac"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_cmac 1182
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_cmac OBJ_ecies_specifiedParameters,14L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_cmac "ecies-with-x9-63-sha512-aes256-cbc-cmac"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_cmac 1183
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_cmac OBJ_ecies_specifiedParameters,15L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_cmac "ecies-with-x9-63-sha256-aes128-ctr-cmac"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_cmac 1184
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_cmac OBJ_ecies_specifiedParameters,16L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_cmac "ecies-with-x9-63-sha512-aes256-ctr-cmac"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_cmac 1185
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_cmac OBJ_ecies_specifiedParameters,17L
#define SN_ISO_CN "ISO-CN"
#define LN_ISO_CN "ISO CN Member Body"
#define NID_ISO_CN 1083
@@ -4839,6 +4915,10 @@
#define NID_sm2encrypt 1119
#define OBJ_sm2encrypt OBJ_sm_scheme,301L,3L
#define SN_wapip192v1 "wapip192v1"
#define NID_wapip192v1 1135
#define OBJ_wapip192v1 OBJ_sm_scheme,301L,101L
#define SN_sm2encrypt_recommendedParameters "sm2encrypt-recommendedParameters"
#define NID_sm2encrypt_recommendedParameters 1120
#define OBJ_sm2encrypt_recommendedParameters OBJ_sm2encrypt,1L
@@ -4847,6 +4927,50 @@
#define NID_sm2encrypt_specifiedParameters 1121
#define OBJ_sm2encrypt_specifiedParameters OBJ_sm2encrypt,2L
#define SN_sm2encrypt_with_sm3 "sm2encrypt-with-sm3"
#define NID_sm2encrypt_with_sm3 1155
#define OBJ_sm2encrypt_with_sm3 OBJ_sm2encrypt,2L,1L
#define SN_sm2encrypt_with_sha1 "sm2encrypt-with-sha1"
#define NID_sm2encrypt_with_sha1 1156
#define OBJ_sm2encrypt_with_sha1 OBJ_sm2encrypt,2L,2L
#define SN_sm2encrypt_with_sha224 "sm2encrypt-with-sha224"
#define NID_sm2encrypt_with_sha224 1157
#define OBJ_sm2encrypt_with_sha224 OBJ_sm2encrypt,2L,3L
#define SN_sm2encrypt_with_sha256 "sm2encrypt-with-sha256"
#define NID_sm2encrypt_with_sha256 1158
#define OBJ_sm2encrypt_with_sha256 OBJ_sm2encrypt,2L,4L
#define SN_sm2encrypt_with_sha384 "sm2encrypt-with-sha384"
#define NID_sm2encrypt_with_sha384 1159
#define OBJ_sm2encrypt_with_sha384 OBJ_sm2encrypt,2L,5L
#define SN_sm2encrypt_with_sha512 "sm2encrypt-with-sha512"
#define NID_sm2encrypt_with_sha512 1160
#define OBJ_sm2encrypt_with_sha512 OBJ_sm2encrypt,2L,6L
#define SN_sm2encrypt_with_rmd160 "sm2encrypt-with-rmd160"
#define NID_sm2encrypt_with_rmd160 1161
#define OBJ_sm2encrypt_with_rmd160 OBJ_sm2encrypt,2L,7L
#define SN_sm2encrypt_with_whirlpool "sm2encrypt-with-whirlpool"
#define NID_sm2encrypt_with_whirlpool 1162
#define OBJ_sm2encrypt_with_whirlpool OBJ_sm2encrypt,2L,8L
#define SN_sm2encrypt_with_blake2b512 "sm2encrypt-with-blake2b512"
#define NID_sm2encrypt_with_blake2b512 1163
#define OBJ_sm2encrypt_with_blake2b512 OBJ_sm2encrypt,2L,9L
#define SN_sm2encrypt_with_blake2s256 "sm2encrypt-with-blake2s256"
#define NID_sm2encrypt_with_blake2s256 1164
#define OBJ_sm2encrypt_with_blake2s256 OBJ_sm2encrypt,2L,10L
#define SN_sm2encrypt_with_md5 "sm2encrypt-with-md5"
#define NID_sm2encrypt_with_md5 1165
#define OBJ_sm2encrypt_with_md5 OBJ_sm2encrypt,2L,11L
#define SN_id_sm9PublicKey "id-sm9PublicKey"
#define NID_id_sm9PublicKey 1122
#define OBJ_id_sm9PublicKey OBJ_sm_scheme,302L
@@ -4908,9 +5032,20 @@
#define NID_sm2sign_with_rmd160 1134
#define OBJ_sm2sign_with_rmd160 OBJ_sm_scheme,507L
#define SN_wapip192v1 "wapip192v1"
#define NID_wapip192v1 1135
#define OBJ_wapip192v1 OBJ_sm_scheme,301L,101L
#define SN_sm2sign_with_whirlpool "SM2Sign-with-Whirlpool"
#define LN_sm2sign_with_whirlpool "sm2sign-with-whirlpool"
#define NID_sm2sign_with_whirlpool 1166
#define OBJ_sm2sign_with_whirlpool OBJ_sm_scheme,520L
#define SN_sm2sign_with_blake2b512 "SM2Sign-with-Blake2b512"
#define LN_sm2sign_with_blake2b512 "sm2sign-with-blake2b512"
#define NID_sm2sign_with_blake2b512 1167
#define OBJ_sm2sign_with_blake2b512 OBJ_sm_scheme,521L
#define SN_sm2sign_with_blake2s256 "SM2Sign-with-Blake2s256"
#define LN_sm2sign_with_blake2s256 "sm2sign-with-blake2s256"
#define NID_sm2sign_with_blake2s256 1168
#define OBJ_sm2sign_with_blake2s256 OBJ_sm_scheme,522L
#define SN_zuc "ZUC"
#define LN_zuc "zuc"

236
include/openssl/sm2.h
View File

@@ -66,100 +66,18 @@ extern "C" {
#define SM2_MAX_ID_BITS 65535
#define SM2_MAX_ID_LENGTH (SM2_MAX_ID_BITS/8)
#define SM2_DEFAULT_ID_GMT09 "1234567812345678"
#define SM2_DEFAULT_ID_GMSSL "anonym@gmssl.org"
#define SM2_DEFAULT_ID SM2_DEFAULT_ID_GMSSL
#define SM2_DEFAULT_ID_LENGTH (sizeof(SM2_DEFAULT_ID) - 1)
#define SM2_DEFAULT_ID_BITS (SM2_DEFAULT_ID_LENGTH * 8)
#define SM2_ID_DIGEST_LENGTH SM3_DIGEST_LENGTH
#define SM2_DEFAULT_POINT_CONVERSION_FORM POINT_CONVERSION_UNCOMPRESSED
#define SM2_MAX_PKEY_DATA_LENGTH ((EC_MAX_NBYTES + 1) * 6)
int SM2_get_public_key_data(EC_KEY *ec_key, unsigned char *out, size_t *outlen);
#define SM2_DEFAULT_ID_DIGEST_LENGTH SM3_DIGEST_LENGTH
/* compute identity digest Z */
int SM2_compute_id_digest(const EVP_MD *md, const char *id, size_t idlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
/*
* Generate GM/T 0003.2-2012 message digest for SM2 signature scheme.
* Return dgst = msg_md( id_md(id, ec_key) || msg )
*/
int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md,
const unsigned char *msg, size_t msglen, const char *id, size_t idlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
typedef struct sm2_enc_params_st {
const EVP_MD *kdf_md;
const EVP_MD *mac_md;
point_conversion_form_t point_form;
} SM2_ENC_PARAMS;
/* SM2_ENC_PARAMS_dup() is used by ec_pmeth.c,
* so the SM2_ENC_PARAMS_new() and SM2_ENC_PARAMS_free() is also provided
*/
SM2_ENC_PARAMS *SM2_ENC_PARAMS_new(void);
SM2_ENC_PARAMS *SM2_ENC_PARAMS_dup(const SM2_ENC_PARAMS *param);
void SM2_ENC_PARAMS_free(SM2_ENC_PARAMS *param);
int SM2_ENC_PARAMS_init_with_recommended(SM2_ENC_PARAMS *param);
typedef struct sm2_ciphertext_value_st {
EC_POINT *ephem_point;
unsigned char *ciphertext;
size_t ciphertext_size;
unsigned char mactag[EVP_MAX_MD_SIZE];
unsigned int mactag_size;
} SM2_CIPHERTEXT_VALUE;
int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
const SM2_ENC_PARAMS *params, size_t mlen);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new(const EC_GROUP *group);
void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv);
int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
unsigned char *buf, size_t *buflen);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
const SM2_ENC_PARAMS *params, const unsigned char *buf, size_t buflen);
int i2d_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
const SM2_CIPHERTEXT_VALUE *c, unsigned char **out);
SM2_CIPHERTEXT_VALUE *d2i_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
SM2_CIPHERTEXT_VALUE **c, const unsigned char **in, long len);
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags);
SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
const SM2_CIPHERTEXT_VALUE *in, unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_decrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_decrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
/* SM2 digital signature */
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
@@ -175,39 +93,34 @@ int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *ec_key);
/* SM2 Public Key Encryption */
#define SM2_MIN_PLAINTEXT_LENGTH 0
#define SM2_MAX_PLAINTEXT_LENGTH 1024
typedef struct SM2CiphertextValue_st SM2CiphertextValue;
DECLARE_ASN1_FUNCTIONS(SM2CiphertextValue)
SM2CiphertextValue *SM2_do_encrypt(const EVP_MD *md,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int SM2_do_decrypt(const EVP_MD *md, const SM2CiphertextValue *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
#define SM2_encrypt_with_recommended(in,inlen,out,outlen,ec_key) \
SM2_encrypt(NID_sm3,in,inlen,out,outlen,ec_key)
#define SM2_decrypt_with_recommended(in,inlen,out,outlen,ec_key) \
SM2_decrypt(NID_sm3,in,inlen,out,outlen,ec_key)
/* SM2 Key Exchange */
typedef struct sm2_kap_ctx_st SM2_KAP_CTX;
int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *ec_key, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
typedef struct sm2_kap_ctx_st {
const EVP_MD *id_dgst_md;
const EVP_MD *kdf_md;
const EVP_MD *checksum_md;
point_conversion_form_t point_form;
KDF_FUNC kdf;
int is_initiator;
int do_checksum;
EC_KEY *ec_key;
unsigned char id_dgst[EVP_MAX_MD_SIZE];
unsigned int id_dgstlen;
EC_KEY *remote_pubkey;
unsigned char remote_id_dgst[EVP_MAX_MD_SIZE];
unsigned int remote_id_dgstlen;
const EC_GROUP *group;
BN_CTX *bn_ctx;
BIGNUM *order;
BIGNUM *two_pow_w;
BIGNUM *t;
EC_POINT *point;
unsigned char pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4];
unsigned char checksum[EVP_MAX_MD_SIZE];
} SM2_KAP_CTX;
int SM2_KAP_CTX_init(SM2_KAP_CTX *ctx,
EC_KEY *ec_key, const char *id, size_t idlen,
EC_KEY *remote_pubkey, const char *rid, size_t ridlen,
@@ -221,12 +134,11 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum,
size_t checksumlen);
void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx);
/* EC_KEY_METHOD */
const EC_KEY_METHOD *EC_KEY_GmSSL(void);
void EC_KEY_set_default_secg_method(void);
void EC_KEY_set_default_sm_method(void);
int EC_KEY_METHOD_type(const EC_KEY_METHOD *meth);
void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth,
@@ -253,7 +165,93 @@ void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth,
int (**pdo_decrypt)(int type, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key));
#ifdef __cplusplus
#define EVP_PKEY_CTX_set_ec_sign_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_sign_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, -2, NULL)
#define EVP_PKEY_CTX_set_ec_enc_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_enc_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, -2, NULL)
#define EVP_PKEY_CTX_set_ec_dh_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_dh_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, -2, NULL);
#define EVP_PKEY_CTX_set_sm2_id(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \
EVP_PKEY_OP_DERIVE, type, NULL)
#define EVP_PKEY_CTRL_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 11)
#define EVP_PKEY_CTRL_GET_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 12)
#define EVP_PKEY_CTRL_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 13)
#define EVP_PKEY_CTRL_GET_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 14)
#define EVP_PKEY_CTRL_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 15)
#define EVP_PKEY_CTRL_GET_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 16)
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_SM2_strings(void);
/* Error codes for the SM2 functions. */
/* Function codes. */
# define SM2_F_I2O_SM2CIPHERTEXTVALUE 107
# define SM2_F_O2I_SM2CIPHERTEXTVALUE 108
# define SM2_F_SM2_DECRYPT 100
# define SM2_F_SM2_DO_DECRYPT 101
# define SM2_F_SM2_DO_ENCRYPT 102
# define SM2_F_SM2_DO_SIGN 104
# define SM2_F_SM2_DO_VERIFY 105
# define SM2_F_SM2_ENCRYPT 103
# define SM2_F_SM2_SIGN_SETUP 106
/* Reason codes. */
# define SM2_R_BAD_SIGNATURE 110
# define SM2_R_BUFFER_TOO_SMALL 100
# define SM2_R_DECRYPT_FAILURE 101
# define SM2_R_ENCRYPT_FAILURE 102
# define SM2_R_INVALID_CIPHERTEXT 103
# define SM2_R_INVALID_DIGEST_ALGOR 104
# define SM2_R_INVALID_EC_KEY 105
# define SM2_R_INVALID_INPUT_LENGTH 106
# define SM2_R_INVALID_PLAINTEXT_LENGTH 107
# define SM2_R_INVALID_PUBLIC_KEY 108
# define SM2_R_KDF_FAILURE 109
# define SM2_R_MISSING_PARAMETERS 111
# define SM2_R_NEED_NEW_SETUP_VALUES 112
# define SM2_R_RANDOM_NUMBER_GENERATION_FAILED 113
# ifdef __cplusplus
}
#endif
# endif
#endif

14
include/openssl/ssl.h
View File

@@ -111,6 +111,8 @@ extern "C" {
# define SSL_TXT_kDHEPSK "kDHEPSK"
# define SSL_TXT_kGOST "kGOST"
# define SSL_TXT_kSRP "kSRP"
# define SSL_TXT_kSM2 "kSM2"
# define SSL_TXT_kSM2PSK "kSM2PSK"
# define SSL_TXT_aRSA "aRSA"
# define SSL_TXT_aDSS "aDSS"
@@ -123,6 +125,7 @@ extern "C" {
# define SSL_TXT_aGOST12 "aGOST12"
# define SSL_TXT_aGOST "aGOST"
# define SSL_TXT_aSRP "aSRP"
# define SSL_TXT_aSM2 "aSM2"
# define SSL_TXT_DSS "DSS"
# define SSL_TXT_DH "DH"
@@ -156,8 +159,12 @@ extern "C" {
# define SSL_TXT_CHACHA20 "CHACHA20"
# define SSL_TXT_GOST "GOST89"
# define SSL_TXT_SMS4 "SMS4"
# define SSL_TXT_SMS4_GCM "SMS4GCM"
# define SSL_TXT_SMS4_CCM "SMS4CCM"
# define SSL_TXT_SMS4GCM "SMS4GCM"
# define SSL_TXT_SMS4CCM "SMS4CCM"
# define SSL_TXT_SMS4CCM8 "SMS4CCM8"
# define SSL_TXT_ZUC "ZUC"
# define SSL_TXT_SM1 "SM1"
# define SSL_TXT_SSF33 "SSF33"
# define SSL_TXT_MD5 "MD5"
# define SSL_TXT_SHA1 "SHA1"
@@ -174,7 +181,7 @@ extern "C" {
# define SSL_TXT_TLSV1 "TLSv1"
# define SSL_TXT_TLSV1_1 "TLSv1.1"
# define SSL_TXT_TLSV1_2 "TLSv1.2"
# define SSL_TXT_GMSV1_1 "GMSv1.1"
# define SSL_TXT_GMTLSV1_1 "GMTLSv1.1"
# define SSL_TXT_ALL "ALL"
@@ -817,6 +824,7 @@ __owur int SSL_extension_supported(unsigned int ext_type);
# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
# include <openssl/dtls1.h> /* Datagram TLS */
# include <openssl/srtp.h> /* Support for the use_srtp extension */
# include <openssl/gmtls.h>
#ifdef __cplusplus
extern "C" {

266
ssl/methods_gmtls.c Normal file
View File

@@ -0,0 +1,266 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <openssl/objects.h>
#include "ssl_locl.h"
/*-
* TLS/SSLv3 methods
*/
IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_2_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
tlsv1_1_method,
ossl_statem_accept,
ossl_statem_connect, TLSv1_1_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
tlsv1_method,
ossl_statem_accept, ossl_statem_connect, TLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(sslv3_method, ossl_statem_accept, ossl_statem_connect)
#endif
/*-
* TLS/SSLv3 server methods
*/
IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_2_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
tlsv1_1_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_1_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
tlsv1_server_method,
ossl_statem_accept,
ssl_undefined_function, TLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(sslv3_server_method,
ossl_statem_accept, ssl_undefined_function)
#endif
/*-
* TLS/SSLv3 client methods
*/
IMPLEMENT_tls_meth_func(TLS_ANY_VERSION, 0, 0,
TLS_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_2_enc_data)
#ifndef OPENSSL_NO_TLS1_2_METHOD
IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2,
tlsv1_2_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_2_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_1_METHOD
IMPLEMENT_tls_meth_func(TLS1_1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1_1,
tlsv1_1_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_1_enc_data)
#endif
#ifndef OPENSSL_NO_TLS1_METHOD
IMPLEMENT_tls_meth_func(TLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_TLSv1,
tlsv1_client_method,
ssl_undefined_function,
ossl_statem_connect, TLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
IMPLEMENT_ssl3_meth_func(sslv3_client_method,
ssl_undefined_function, ossl_statem_connect)
#endif
/*-
* DTLS methods
*/
#ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
dtlsv1_method,
ossl_statem_accept,
ossl_statem_connect, DTLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
dtlsv1_2_method,
ossl_statem_accept,
ossl_statem_connect, DTLSv1_2_enc_data)
#endif
IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0,
DTLS_method,
ossl_statem_accept,
ossl_statem_connect, DTLSv1_2_enc_data)
/*-
* DTLS server methods
*/
#ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
dtlsv1_server_method,
ossl_statem_accept,
ssl_undefined_function, DTLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
dtlsv1_2_server_method,
ossl_statem_accept,
ssl_undefined_function, DTLSv1_2_enc_data)
#endif
IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0,
DTLS_server_method,
ossl_statem_accept,
ssl_undefined_function, DTLSv1_2_enc_data)
/*-
* DTLS client methods
*/
#ifndef OPENSSL_NO_DTLS1_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
dtlsv1_client_method,
ssl_undefined_function,
ossl_statem_connect, DTLSv1_enc_data)
IMPLEMENT_dtls1_meth_func(DTLS1_BAD_VER, SSL_METHOD_NO_SUITEB, SSL_OP_NO_DTLSv1,
dtls_bad_ver_client_method,
ssl_undefined_function,
ossl_statem_connect, DTLSv1_enc_data)
#endif
#ifndef OPENSSL_NO_DTLS1_2_METHOD
IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION, 0, SSL_OP_NO_DTLSv1_2,
dtlsv1_2_client_method,
ssl_undefined_function,
ossl_statem_connect, DTLSv1_2_enc_data)
#endif
IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION, 0, 0,
DTLS_client_method,
ssl_undefined_function,
ossl_statem_connect, DTLSv1_2_enc_data)
#if OPENSSL_API_COMPAT < 0x10100000L
# ifndef OPENSSL_NO_TLS1_2_METHOD
const SSL_METHOD *TLSv1_2_method(void)
{
return tlsv1_2_method();
}
const SSL_METHOD *TLSv1_2_server_method(void)
{
return tlsv1_2_server_method();
}
const SSL_METHOD *TLSv1_2_client_method(void)
{
return tlsv1_2_client_method();
}
# endif
# ifndef OPENSSL_NO_TLS1_1_METHOD
const SSL_METHOD *TLSv1_1_method(void)
{
return tlsv1_1_method();
}
const SSL_METHOD *TLSv1_1_server_method(void)
{
return tlsv1_1_server_method();
}
const SSL_METHOD *TLSv1_1_client_method(void)
{
return tlsv1_1_client_method();
}
# endif
# ifndef OPENSSL_NO_TLS1_METHOD
const SSL_METHOD *TLSv1_method(void)
{
return tlsv1_method();
}
const SSL_METHOD *TLSv1_server_method(void)
{
return tlsv1_server_method();
}
const SSL_METHOD *TLSv1_client_method(void)
{
return tlsv1_client_method();
}
# endif
# ifndef OPENSSL_NO_SSL3_METHOD
const SSL_METHOD *SSLv3_method(void)
{
return sslv3_method();
}
const SSL_METHOD *SSLv3_server_method(void)
{
return sslv3_server_method();
}
const SSL_METHOD *SSLv3_client_method(void)
{
return sslv3_client_method();
}
# endif
# ifndef OPENSSL_NO_DTLS1_2_METHOD
const SSL_METHOD *DTLSv1_2_method(void)
{
return dtlsv1_2_method();
}
const SSL_METHOD *DTLSv1_2_server_method(void)
{
return dtlsv1_2_server_method();
}
const SSL_METHOD *DTLSv1_2_client_method(void)
{
return dtlsv1_2_client_method();
}
# endif
# ifndef OPENSSL_NO_DTLS1_METHOD
const SSL_METHOD *DTLSv1_method(void)
{
return dtlsv1_method();
}
const SSL_METHOD *DTLSv1_server_method(void)
{
return dtlsv1_server_method();
}
const SSL_METHOD *DTLSv1_client_method(void)
{
return dtlsv1_client_method();
}
# endif
#endif

77
ssl/ssl_ciph.c
View File

@@ -68,7 +68,15 @@
#define SSL_ENC_AES256CCM8_IDX 17
#define SSL_ENC_GOST8912_IDX 18
#define SSL_ENC_CHACHA_IDX 19
#define SSL_ENC_NUM_IDX 20
#define SSL_ENC_SMS4_IDX 20
#define SSL_ENC_SMS4GCM_IDX 21
#define SSL_ENC_SMS4CCM_IDX 22
#define SSL_ENC_SMS4CCM8_IDX 23
#define SSL_ENC_ZUC_IDX 24
#define SSL_ENC_SM1_IDX 25
#define SSL_ENC_SSF33_IDX 26
#define SSL_ENC_NUM_IDX 27
/* NB: make sure indices in these tables match values above */
@@ -97,13 +105,20 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
{SSL_AES256CCM, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM_IDX 15 */
{SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */
{SSL_AES256CCM8, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM8_IDX 17 */
{SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX */
{SSL_CHACHA20POLY1305, NID_chacha20_poly1305},
{SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX 18 */
{SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, /* SSL_ENC_CHACHA_IDX 19 */
{SSL_SMS4, NID_sms4_cbc}, /* SSL_ENC_SMS4_IDX 20 */
{SSL_SMS4GCM, NID_sms4_gcm}, /* SSL_ENC_SMS4GCM_IDX 21 */
{SSL_SMS4CCM, NID_sms4_ccm}, /* SSL_ENC_SMS4CCM_IDX 22 */
{SSL_SMS4CCM8, NID_sms4_ccm}, /* SSL_ENC_SMS4CCM8_IDX 23 */
{SSL_ZUC, NID_zuc}, /* SSL_ENC_ZUC_IDX 24 */
{SSL_SM1, NID_sm1_cbc}, /* SSL_ENC_SM1_IDX 25 */
{SSL_SSF33, NID_ssf33_cbc}, /* SSL_ENC_SSF33_IDX 26 */
};
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
NULL, NULL
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
};
#define SSL_COMP_NULL_IDX 0
@@ -136,11 +151,13 @@ static const ssl_cipher_table ssl_cipher_table_mac[SSL_MD_NUM_IDX] = {
{SSL_GOST12_512, NID_id_GostR3411_2012_512}, /* SSL_MD_GOST12_512_IDX 8 */
{0, NID_md5_sha1}, /* SSL_MD_MD5_SHA1_IDX 9 */
{0, NID_sha224}, /* SSL_MD_SHA224_IDX 10 */
{0, NID_sha512} /* SSL_MD_SHA512_IDX 11 */
{0, NID_sha512}, /* SSL_MD_SHA512_IDX 11 */
{SSL_SM3, NID_sm3}, /* SSL_MD_SM3_IDX 12 */
};
static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
NULL
};
/* *INDENT-OFF* */
@@ -153,7 +170,8 @@ static const ssl_cipher_table ssl_cipher_table_kx[] = {
{SSL_kRSAPSK, NID_kx_rsa_psk},
{SSL_kPSK, NID_kx_psk},
{SSL_kSRP, NID_kx_srp},
{SSL_kGOST, NID_kx_gost}
{SSL_kGOST, NID_kx_gost},
{SSL_kSM2, NID_kx_sm2},
};
static const ssl_cipher_table ssl_cipher_table_auth[] = {
@@ -164,7 +182,8 @@ static const ssl_cipher_table ssl_cipher_table_auth[] = {
{SSL_aGOST01, NID_auth_gost01},
{SSL_aGOST12, NID_auth_gost12},
{SSL_aSRP, NID_auth_srp},
{SSL_aNULL, NID_auth_null}
{SSL_aNULL, NID_auth_null},
{SSL_aSM2, NID_auth_sm2},
};
/* *INDENT-ON* */
@@ -195,6 +214,8 @@ static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
/* GOST2012_512 */
EVP_PKEY_HMAC,
/* SM3 */
EVP_PKEY_HMAC,
};
static int ssl_mac_secret_size[SSL_MD_NUM_IDX];
@@ -404,9 +425,10 @@ void ssl_load_ciphers(void)
}
}
/* Make sure we can access MD5 and SHA1 */
OPENSSL_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL);
OPENSSL_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL);
disabled_mkey_mask = 0;
disabled_auth_mask = 0;
@@ -423,6 +445,9 @@ void ssl_load_ciphers(void)
#ifdef OPENSSL_NO_EC
disabled_mkey_mask |= SSL_kECDHEPSK;
disabled_auth_mask |= SSL_aECDSA;
# ifdef OPENSSL_NO_GMTLS
/* do something */
# endif
#endif
#ifdef OPENSSL_NO_PSK
disabled_mkey_mask |= SSL_PSK;
@@ -1573,6 +1598,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_kGOST:
kx = "GOST";
break;
case SSL_kSM2:
kx = "SM2";
break;
default:
kx = "unknown";
}
@@ -1603,6 +1631,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case (SSL_aGOST12 | SSL_aGOST01):
au = "GOST12";
break;
case SSL_aSM2:
au = "SM2";
break;
default:
au = "unknown";
break;
@@ -1667,6 +1698,27 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_CHACHA20POLY1305:
enc = "CHACHA20/POLY1305(256)";
break;
case SSL_SMS4:
enc = "SMS4(128)";
break;
case SSL_SMS4GCM:
enc = "SMS4GCM(128)";
break;
case SSL_SMS4CCM:
enc = "SMS4CCM(128)";
break;
case SSL_SMS4CCM8:
enc = "SMS4CCM8(128)";
break;
case SSL_ZUC:
enc = "ZUC(128)";
break;
case SSL_SM1:
enc = "SM1(128)";
break;
case SSL_SSF33:
enc = "SSF33(128)";
break;
default:
enc = "unknown";
break;
@@ -1699,6 +1751,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
case SSL_GOST12_512:
mac = "GOST2012";
break;
case SSL_SM3:
mac = "SM3";
break;
default:
mac = "unknown";
break;
@@ -1714,7 +1769,7 @@ const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
if (c == NULL)
return "(NONE)";
/*
/*
* Backwards-compatibility crutch. In almost all contexts we report TLS
* 1.0 as "TLSv1", but for ciphers we report "TLSv1.0".
*/
@@ -1903,6 +1958,8 @@ int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
return SSL_PKEY_GOST_EC;
else if (alg_a & SSL_aGOST01)
return SSL_PKEY_GOST01;
else if (alg_a & SSL_aSM2)
return SSL_PKEY_ECC;
return -1;
}

26
ssl/ssl_locl.h
View File

@@ -223,10 +223,12 @@
# define SSL_kRSAPSK 0x00000040U
# define SSL_kECDHEPSK 0x00000080U
# define SSL_kDHEPSK 0x00000100U
# define SSL_kSM2 0x00000200U
# define SSL_kSM2PSK 0x00000400U
/* all PSK */
# define SSL_PSK (SSL_kPSK | SSL_kRSAPSK | SSL_kECDHEPSK | SSL_kDHEPSK)
# define SSL_PSK (SSL_kPSK | SSL_kRSAPSK | SSL_kECDHEPSK | SSL_kDHEPSK | SSL_kSM2PSK)
/* Bits for algorithm_auth (server authentication) */
/* RSA auth */
@@ -245,6 +247,8 @@
# define SSL_aSRP 0x00000040U
/* GOST R 34.10-2012 signature auth */
# define SSL_aGOST12 0x00000080U
/* SM2 */
# define SSL_aSM2 0x00000100U
/* Bits for algorithm_enc (symmetric encryption) */
# define SSL_DES 0x00000001U
@@ -267,19 +271,27 @@
# define SSL_AES256CCM8 0x00020000U
# define SSL_eGOST2814789CNT12 0x00040000U
# define SSL_CHACHA20POLY1305 0x00080000U
# define SSL_SMS4 0x00100000U
# define SSL_SMS4GCM 0x00200000U
# define SSL_SMS4CCM 0x00400000U
# define SSL_SMS4CCM8 0x00800000U
# define SSL_ZUC 0x01000000U
# define SSL_SM1 0x02000000U
# define SSL_SSF33 0x04000000U
# define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM)
# define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8)
# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM)
# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
# define SSL_CHACHA20 (SSL_CHACHA20POLY1305)
# define SSL_SMS4ALL (SSL_SMS4 | SSL_SMS4GCM | SSL_SMS4CCM | SSL_SMS4CCM8)
/* Bits for algorithm_mac (symmetric authentication) */
# define SSL_MD5 0x00000001U
# define SSL_SHA1 0x00000002U
# define SSL_GOST94 0x00000004U
# define SSL_GOST89MAC 0x00000008U
# define SSL_GOST94 0x00000004U
# define SSL_GOST89MAC 0x00000008U
# define SSL_SHA256 0x00000010U
# define SSL_SHA384 0x00000020U
/* Not a real MAC, just an indication it is part of cipher */
@@ -287,6 +299,7 @@
# define SSL_GOST12_256 0x00000080U
# define SSL_GOST89MAC12 0x00000100U
# define SSL_GOST12_512 0x00000200U
# define SSL_SM3 0x00000400U
/*
* When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make
@@ -305,7 +318,8 @@
# define SSL_MD_MD5_SHA1_IDX 9
# define SSL_MD_SHA224_IDX 10
# define SSL_MD_SHA512_IDX 11
# define SSL_MAX_DIGEST 12
# define SSL_MD_SM3_IDX 12
# define SSL_MAX_DIGEST 13
/* Bits for algorithm2 (handshake digests and other extra flags) */
@@ -317,7 +331,8 @@
# define SSL_HANDSHAKE_MAC_GOST94 SSL_MD_GOST94_IDX
# define SSL_HANDSHAKE_MAC_GOST12_256 SSL_MD_GOST12_256_IDX
# define SSL_HANDSHAKE_MAC_GOST12_512 SSL_MD_GOST12_512_IDX
# define SSL_HANDSHAKE_MAC_DEFAULT SSL_HANDSHAKE_MAC_MD5_SHA1
# define SSL_HANDSHAKE_MAC_SM3 SSL_MD_SM3_IDX
# define SSL_HANDSHAKE_MAC_DEFAULT SSL_HANDSHAKE_MAC_MD5_SHA1
/* Bits 8-15 bits are PRF */
# define TLS1_PRF_DGST_SHIFT 8
@@ -327,6 +342,7 @@
# define TLS1_PRF_GOST94 (SSL_MD_GOST94_IDX << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF_GOST12_256 (SSL_MD_GOST12_256_IDX << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF_GOST12_512 (SSL_MD_GOST12_512_IDX << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF_SM3 (SSL_MD_SM3_IDX << TLS1_PRF_DGST_SHIFT)
# define TLS1_PRF (SSL_MD_MD5_SHA1_IDX << TLS1_PRF_DGST_SHIFT)
/*

1
ssl/statem/statem_gmtls.c Normal file
View File

@@ -0,0 +1 @@

14
ssl/statem/statem_lib.c
View File

@@ -639,6 +639,13 @@ typedef struct {
#endif
static const version_info tls_version_table[] = {
/*
#ifndef OPENSSL_NO_GMTLS
{GMTLS_VERSION, gmtls_client_method, gmtls_server_method},
#else
{GMTLS_VERSION, NULL, NULL},
#endif
*/
#ifndef OPENSSL_NO_TLS1_2
{TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method},
#else
@@ -667,6 +674,13 @@ static const version_info tls_version_table[] = {
#endif
static const version_info dtls_version_table[] = {
/*
#ifndef OPENSSL_NO_GMTLS
{GMTLS_VERSION, gmdtls_client_method, gmdtls_server_method},
#else
{GMTLS_VERSION, NULL, NULL},
#endif
*/
#ifndef OPENSSL_NO_DTLS1_2
{DTLS1_2_VERSION, dtlsv1_2_client_method, dtlsv1_2_server_method},
#else

59
crypto/ec2/ec_expoint.c → test/bnhashtest.c
View File

@@ -46,45 +46,36 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* this file is to implement elliptic curve operations over extension
* fields
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/bn.h>
typedef struct {
int security_bits;
int n_bits;
int p_bits;
int q_bits;
} PAIRING_SEC;
static PAIRING_SEC sec_tbl[] = {
/* k |n| |p| |q| */
{ 80, 1024, 512, 160},
{112, 2048, 1024, 224},
{128, 3072, 1536, 256},
{192, 7680, 3840, 384},
{256, 15360, 7680, 512}
};
const EVP_MD *PAIRING_nbits_to_md(int nbits)
int main(void)
{
switch (nbits) {
case 1024: return EVP_sha1();
case 2048: return EVP_sha224();
case 3072: return EVP_sha256();
case 7680: return EVP_sha384();
case 15360: return EVP_sha512();
}
return NULL;
}
char *s = "This ASCII string without null-terminator";
BIGNUM *bn = NULL;
BIGNUM *ret = NULL;
BIGNUM *range = NULL;
BN_hex2bn(&range, "ffffffffffffffffffffefffffffffffffffffff");
BN_hex2bn(&bn, "79317c1610c1fc018e9c53d89d59c108cd518608");
if (!BN_hash2bn(&ret, s, strlen(s), EVP_sha1(), range)) {
printf("BN_hash2bn() function failed\n");
return 0;
}
if (!ret) {
printf("shit\n");
}
printf("%s\n", BN_bn2hex(ret));
if (BN_cmp(ret, bn) != 0) {
printf("BN_hash2bn() test failed\n");
return 0;
}
printf("BN_hash2bn() test passed\n");
return 1;
}

6
test/build.info
View File

@@ -17,7 +17,7 @@ IF[{- !$disabled{tests} -}]
dtlsv1listentest ct_test threadstest afalgtest d2i_test \
ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
sm3test sms4test kdf2test eciestest ffxtest sm2test \
sm3test sms4test kdf2test eciestest ffxtest sm2test sm2evptest \
pailliertest cpktest otptest gmapitest ec2test \
bfibetest bb1ibetest sm9test \
saftest sdftest skftest softest zuctest \
@@ -312,6 +312,10 @@ IF[{- !$disabled{tests} -}]
INCLUDE[sm2test]=../include
DEPEND[sm2test]=../libcrypto
SOURCE[sm2evptest]=sm2evptest.c
INCLUDE[sm2evptest]=../include
DEPEND[sm2evptest]=../libcrypto
SOURCE[pailliertest]=pailliertest.c
INCLUDE[pailliertest]=../include
DEPEND[pailliertest]=../libcrypto

69
test/p
View File

@@ -1,69 +0,0 @@
#! /usr/bin/env perl
# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
use warnings;
use File::Spec::Functions qw/catfile/;
use File::Copy;
use File::Compare qw/compare_text/;
use File::Basename;
use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_enc");
# We do it this way, because setup() may have moved us around,
# so the directory portion of $0 might not be correct any more.
# However, the name hasn't changed.
my $testsrc = srctop_file("test","recipes",basename($0));
my $test = catfile(".", "p");
my $cmd = "gmssl";
my @ciphers =
map { s/^\s+//; s/\s+$//; split /\s+/ }
run(app([$cmd, "list", "-cipher-commands"]), capture => 1);
plan tests => 1 + (scalar @ciphers)*2;
my $init = ok(copy($testsrc,$test));
if (!$init) {
diag("Trying to copy $testsrc to $test : $!");
}
SKIP: {
skip "Not initialized, skipping...", 11 unless $init;
foreach my $c (@ciphers) {
my %variant = ("$c" => [],
"$c base64" => [ "-a" ]);
foreach my $t (sort keys %variant) {
my $cipherfile = "$test.$c.cipher";
my $clearfile = "$test.$c.clear";
my @e = ( "$c", "-bufsize", "113", @{$variant{$t}}, "-e", "-k", "test" );
my @d = ( "$c", "-bufsize", "157", @{$variant{$t}}, "-d", "-k", "test" );
if ($c eq "cat") {
$cipherfile = "$test.cipher";
$clearfile = "$test.clear";
@e = ( "enc", @{$variant{$t}}, "-e" );
@d = ( "enc", @{$variant{$t}}, "-d" );
}
ok(run(app([$cmd, @e, "-in", $test, "-out", $cipherfile]))
&& run(app([$cmd, @d, "-in", $cipherfile, "-out", $clearfile]))
&& compare_text($test,$clearfile) == 0, $t);
unlink $cipherfile, $clearfile;
}
}
}
unlink $test;

2
test/recipes/15-test_sm2.t
View File

@@ -10,4 +10,4 @@
use OpenSSL::Test::Simple;
simple_test("test_sm2", "sm2test", "sm2");
#simple_test("test_sm2evp", "sm2evptest", "sm2");
simple_test("test_sm2evp", "sm2evptest", "sm2");

844
test/sm2evptest.c
View File

@@ -49,678 +49,26 @@
#include <stdio.h>
#include <string.h>
#include <openssl/ec.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/engine.h>
#include <openssl/sm2.h>
#include <stdlib.h>
RAND_METHOD fake_rand;
const RAND_METHOD *old_rand;
#include "../e_os.h"
static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
static const char *rnd_number = NULL;
int fbytes(unsigned char *buf, int num)
#ifdef OPENSSL_NO_SM2
int main(int argc, char **argv)
{
int ret = 0;
BIGNUM *bn = NULL;
if (!BN_hex2bn(&bn, rnd_number)) {
goto end;
}
if (BN_num_bytes(bn) > num) {
goto end;
}
memset(buf, 0, num);
if (!BN_bn2bin(bn, buf + num - BN_num_bytes(bn))) {
goto end;
}
ret = 1;
end:
BN_free(bn);
return ret;
printf("No SM2 support\n");
return 0;
}
#else
int change_rand(const char *hex)
{
if (!(old_rand = RAND_get_rand_method())) {
return 0;
}
# include <openssl/ec.h>
# include <openssl/bn.h>
# include <openssl/evp.h>
# include <openssl/rand.h>
# include <openssl/engine.h>
# include <openssl/sm2.h>
fake_rand.seed = old_rand->seed;
fake_rand.cleanup = old_rand->cleanup;
fake_rand.add = old_rand->add;
fake_rand.status = old_rand->status;
fake_rand.bytes = fbytes;
fake_rand.pseudorand = old_rand->bytes;
if (!RAND_set_rand_method(&fake_rand)) {
return 0;
}
rnd_number = hex;
return 1;
}
int restore_rand(void)
{
rnd_number = NULL;
if (!RAND_set_rand_method(old_rand))
return 0;
else return 1;
}
int hexequbin(const char *hex, const unsigned char *bin, size_t binlen)
{
int ret = 0;
char *buf = NULL;
int i = 0;
size_t buflen = binlen * 2 + 1;
if (binlen * 2 != strlen(hex)) {
return 0;
}
if (!(buf = malloc(binlen * 2 + 1))) {
return 0;
}
for (i = 0; i < binlen; i++) {
sprintf(buf + i*2, "%02X", bin[i]);
}
buf[buflen - 1] = 0;
if (memcmp(hex, buf, binlen * 2) == 0) {
ret = 1;
}
free(buf);
return ret;
}
EC_GROUP *new_ec_group(int is_prime_field,
const char *p_hex, const char *a_hex, const char *b_hex,
const char *x_hex, const char *y_hex, const char *n_hex, const char *h_hex)
{
int ok = 0;
EC_GROUP *group = NULL;
BN_CTX *ctx = NULL;
BIGNUM *p = NULL;
BIGNUM *a = NULL;
BIGNUM *b = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
BIGNUM *n = NULL;
BIGNUM *h = NULL;
EC_POINT *G = NULL;
point_conversion_form_t form = SM2_DEFAULT_POINT_CONVERSION_FORM;
int flag = 0;
if (!(ctx = BN_CTX_new())) {
goto err;
}
if (!BN_hex2bn(&p, p_hex) ||
!BN_hex2bn(&a, a_hex) ||
!BN_hex2bn(&b, b_hex) ||
!BN_hex2bn(&x, x_hex) ||
!BN_hex2bn(&y, y_hex) ||
!BN_hex2bn(&n, n_hex) ||
!BN_hex2bn(&h, h_hex)) {
goto err;
}
if (is_prime_field) {
if (!(group = EC_GROUP_new_curve_GFp(p, a, b, ctx))) {
goto err;
}
if (!(G = EC_POINT_new(group))) {
goto err;
}
if (!EC_POINT_set_affine_coordinates_GFp(group, G, x, y, ctx)) {
goto err;
}
} else {
if (!(group = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) {
goto err;
}
if (!(G = EC_POINT_new(group))) {
goto err;
}
if (!EC_POINT_set_affine_coordinates_GF2m(group, G, x, y, ctx)) {
goto err;
}
}
if (!EC_GROUP_set_generator(group, G, n, h)) {
goto err;
}
EC_GROUP_set_asn1_flag(group, flag);
EC_GROUP_set_point_conversion_form(group, form);
ok = 1;
err:
BN_CTX_free(ctx);
BN_free(p);
BN_free(a);
BN_free(b);
BN_free(x);
BN_free(y);
BN_free(n);
BN_free(h);
EC_POINT_free(G);
if (!ok && group) {
ERR_print_errors_fp(stderr);
EC_GROUP_free(group);
group = NULL;
}
return group;
}
EC_KEY *new_ec_key(const EC_GROUP *group,
const char *sk, const char *xP, const char *yP,
const char *id, const EVP_MD *id_md)
{
int ok = 0;
EC_KEY *ec_key = NULL;
BIGNUM *d = NULL;
BIGNUM *x = NULL;
BIGNUM *y = NULL;
OPENSSL_assert(group);
OPENSSL_assert(xP);
OPENSSL_assert(yP);
if (!(ec_key = EC_KEY_new())) {
goto end;
}
if (!EC_KEY_set_group(ec_key, group)) {
goto end;
}
if (sk) {
if (!BN_hex2bn(&d, sk)) {
goto end;
}
if (!EC_KEY_set_private_key(ec_key, d)) {
goto end;
}
}
if (xP && yP) {
if (!BN_hex2bn(&x, xP)) {
goto end;
}
if (!BN_hex2bn(&y, yP)) {
goto end;
}
if (!EC_KEY_set_public_key_affine_coordinates(ec_key, x, y)) {
goto end;
}
}
if (id) {
if (!SM2_set_id(ec_key, id, id_md)) {
goto end;
}
}
ok = 1;
end:
if (d) BN_free(d);
if (x) BN_free(x);
if (y) BN_free(y);
if (!ok && ec_key) {
ERR_print_errors_fp(stderr);
EC_KEY_free(ec_key);
ec_key = NULL;
}
return ec_key;
}
int test_sm2_sign(const EC_GROUP *group,
const char *sk, const char *xP, const char *yP,
const char *id, const char *Z,
const char *M, const char *e,
const char *k, const char *r, const char *s)
{
int ret = 0;
const EVP_MD *id_md = EVP_sm3();
const EVP_MD *msg_md = EVP_sm3();
int type = NID_undef;
unsigned char dgst[EVP_MAX_MD_SIZE];
size_t dgstlen;
unsigned char sig[256];
unsigned int siglen;
const unsigned char *p;
EC_KEY *ec_key = NULL;
EC_KEY *pubkey = NULL;
ECDSA_SIG *sm2sig = NULL;
BIGNUM *rr = NULL;
BIGNUM *ss = NULL;
change_rand(k);
if (!(ec_key = new_ec_key(group, sk, xP, yP, id, id_md))) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
dgstlen = sizeof(dgst);
if (!SM2_get_id_digest(ec_key, dgst, &dgstlen)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
if (!hexequbin(Z, dgst, dgstlen)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
dgstlen = sizeof(dgst);
if (!SM2_compute_message_digest(dgst, &dgstlen,
id_md, id, ec_key, msg_md, M, strlen(M))) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
if (!hexequbin(e, dgst, dgstlen)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
/* sign */
if (!SM2_sign(type, dgst, dgstlen, sig, &siglen, ec_key)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
p = sig;
if (!(sm2sig = d2i_ECDSA_SIG(NULL, &p, siglen))) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
if (!BN_hex2bn(&rr, r) || !BN_hex2bn(&ss, s)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
if (BN_cmp(sm2sig->r, rr) || BN_cmp(sm2sig->s, ss)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
/* verify */
if (!(pubkey = new_ec_key(group, NULL, xP, yP, id, id_md))) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
if (SM2_verify(type, dgst, dgstlen, sig, siglen, pubkey) != SM2_VERIFY_SUCCESS) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
ret = 1;
err:
restore_rand();
if (ec_key) EC_KEY_free(ec_key);
if (pubkey) EC_KEY_free(pubkey);
if (sm2sig) ECDSA_SIG_free(sm2sig);
if (rr) BN_free(rr);
if (ss) BN_free(ss);
return ret;
}
int test_sm2_enc(const EC_GROUP *group,
const char *d, const char *xP, const char *yP,
const char *M,
const char *k, const char *C)
{
int ret = 0;
EC_KEY *ec_key = NULL;
const EVP_MD *kdf_md = EVP_sm3();
const EVP_MD *mac_md = EVP_sm3();
point_conversion_form_t point_form = POINT_CONVERSION_UNCOMPRESSED;
unsigned char msg[128];
unsigned char buf[sizeof(msg) + 128];
size_t msglen, buflen;
change_rand(k);
if (!(ec_key = new_ec_key(group, NULL, xP, yP, NULL, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
buflen = sizeof(buf);
if (!SM2_encrypt_with_recommended(buf, &buflen,
(const unsigned char *)M, strlen(M), ec_key)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!hexequbin(C, buf, buflen)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
printf("shit\n");
goto end;
}
EC_KEY_free(ec_key);
if (!(ec_key = new_ec_key(group, d, xP, yP, NULL, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!SM2_decrypt_with_recommended(msg, &msglen, buf, buflen, ec_key)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (msglen != strlen(M) || memcmp(msg, M, strlen(M))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
ret = 1;
end:
ERR_print_errors_fp(stderr);
restore_rand();
EC_KEY_free(ec_key);
return ret;
}
int test_sm2_kap(const EC_GROUP *group,
const char *A, const char *dA, const char *xA, const char *yA, const char *ZA,
const char *B, const char *dB, const char *xB, const char *yB, const char *ZB,
const char *rA, const char *rB, const char *KAB, const char *S1, const char *S2)
{
int ret = 0;
const EVP_MD *id_md = EVP_sm3();
EC_KEY *eckeyA = NULL;
EC_KEY *eckeyB = NULL;
EC_KEY *pubkeyA = NULL;
EC_KEY *pubkeyB = NULL;
SM2_KAP_CTX ctxA;
SM2_KAP_CTX ctxB;
unsigned char za[EVP_MAX_MD_SIZE];
unsigned char zb[EVP_MAX_MD_SIZE];
size_t zalen, zblen;
unsigned char RA[256];
unsigned char RB[256];
size_t RAlen = sizeof(RA);
size_t RBlen = sizeof(RB);
unsigned char kab[64];
unsigned char kba[64];
size_t kablen = strlen(KAB)/2;
size_t kbalen = strlen(KAB)/2;
unsigned char s1[64];
unsigned char s2[64];
size_t s1len, s2len;
memset(&ctxA, 0, sizeof(ctxA));
memset(&ctxB, 0, sizeof(ctxB));
eckeyA = new_ec_key(group, dA, xA, yA, A, id_md);
eckeyB = new_ec_key(group, dB, xB, yB, B, id_md);
pubkeyA = new_ec_key(group, NULL, xA, yA, A, id_md);
pubkeyB = new_ec_key(group, NULL, xB, yB, B, id_md);
if (!eckeyA || !eckeyB || !pubkeyA || !pubkeyB) {
goto end;
}
zalen = sizeof(za);
if (!SM2_get_id_digest(eckeyA, za, &zalen)) {
goto end;
}
zblen = sizeof(zb);
if (!SM2_get_id_digest(eckeyB, zb, &zblen)) {
goto end;
}
if (!hexequbin(ZA, za, zalen)) {
fprintf(stderr, "error (%s %d): ZA != value in test vector !!!\n", __FILE__, __LINE__);
goto end;
}
if (!hexequbin(ZB, zb, zblen)) {
goto end;
}
if (!SM2_KAP_CTX_init(&ctxA, eckeyA, pubkeyB, 1, 1)) {
goto end;
}
if (!SM2_KAP_CTX_init(&ctxB, eckeyB, pubkeyA, 0, 1)) {
goto end;
}
change_rand(rA);
if (!SM2_KAP_prepare(&ctxA, RA, &RAlen)) {
goto end;
}
restore_rand();
change_rand(rB);
if (!SM2_KAP_prepare(&ctxB, RB, &RBlen)) {
goto end;
}
restore_rand();
if (!SM2_KAP_compute_key(&ctxA, RB, RBlen, kab, kablen, s1, &s1len)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!SM2_KAP_compute_key(&ctxB, RA, RAlen, kba, kbalen, s2, &s2len)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!SM2_KAP_final_check(&ctxA, s2, s2len)) {
goto end;
}
if (!SM2_KAP_final_check(&ctxB, s1, s1len)) {
goto end;
}
ret = 1;
end:
EC_KEY_free(eckeyA);
EC_KEY_free(eckeyB);
EC_KEY_free(pubkeyA);
EC_KEY_free(pubkeyB);
SM2_KAP_CTX_cleanup(&ctxA);
SM2_KAP_CTX_cleanup(&ctxB);
return ret;
}
int test_sm2_test_vector()
{
int ret = 0;
EC_GROUP *sm2p192test = NULL;
EC_GROUP *sm2p256test = NULL;
EC_GROUP *sm2b193test = NULL;
EC_GROUP *sm2b257test = NULL;
sm2p192test = new_ec_group(1,
"BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F",
"BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985",
"1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1",
"4AD5F7048DE709AD51236DE65E4D4B482C836DC6E4106640",
"02BB3A02D4AAADACAE24817A4CA3A1B014B5270432DB27D2",
"BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677",
"1");
sm2p256test = new_ec_group(1,
"8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3",
"787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498",
"63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A",
"421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D",
"0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2",
"8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7",
"1");
sm2b193test = new_ec_group(0,
"2000000000000000000000000000000000000000000008001",
"0",
"002FE22037B624DBEBC4C618E13FD998B1A18E1EE0D05C46FB",
"00D78D47E85C93644071BC1C212CF994E4D21293AAD8060A84",
"00615B9E98A31B7B2FDDEEECB76B5D875586293725F9D2FC0C",
"80000000000000000000000043E9885C46BF45D8C5EBF3A1",
"1");
sm2b257test = new_ec_group(0,
"20000000000000000000000000000000000000000000000000000000000001001",
"0",
"00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B",
"00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD",
"013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E",
"7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D",
"4");
if (!sm2p192test || !sm2p256test || !sm2b193test || !sm2b257test) {
goto end;
}
if (!test_sm2_sign(
sm2p256test,
"128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263",
"0AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A",
"7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857",
"ALICE123@YAHOO.COM",
"F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A",
"message digest",
"B524F552CD82B8B028476E005C377FB19A87E6FC682D48BB5D42E3D9B9EFFE76",
"6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F",
"40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1",
"6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7")) {
printf("sm2 sign p256 failed\n");
goto end;
} else {
printf("sm2 sign p256 passed\n");
}
if (!test_sm2_sign(
sm2b257test,
"771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931",
"0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B2",
"01686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612",
"ALICE123@YAHOO.COM",
"26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5",
"message digest",
"AD673CBDA311417129A9EAA5F9AB1AA1633AD47718A84DFD46C17C6FA0AA3B12",
"36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6",
"6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B",
"3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556")) {
printf("sm2 sign b257 failed\n");
goto end;
} else {
printf("sm2 sign b257 passed\n");
}
if (!test_sm2_enc(
sm2p256test,
"1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
"435B39CCA8F3B508C1488AFC67BE491A0F7BA07E581A0E4849A5CF70628A7E0A",
"75DDBA78F15FEECB4C7895E2C1CDF5FE01DEBB2CDBADF45399CCF77BBA076A42",
"encryption standard",
"4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F",
"04"
"245C26FB68B1DDDDB12C4B6BF9F2B6D5FE60A383B0D18D1C4144ABF17F6252E7"
"76CB9264C2A7E88E52B19903FDC47378F605E36811F5C07423A24B84400F01B8"
"650053A89B41C418B0C3AAD00D886C00286467"
"9C3D7360C30156FAB7C80A0276712DA9D8094A634B766D3A285E07480653426D")) {
printf("sm2 enc p256 failed\n");
goto end;
} else {
printf("sm2 enc p256 passed\n");
}
if (!test_sm2_enc(
sm2b257test,
"56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB",
"00A67941E6DE8A61805F7BCFF0985BB3BED986F1C297E4D8880D82B821C624EE57",
"0193ED5A6707B5908781B860841085F52EEFA7FE329A5C811843533A874D027271",
"encryption standard",
"6D3B497153E3E92524E5C122682DBDC8705062E20B917A5F8FCDB8EE4C66663D",
"04"
"019D236DDB305009AD52C51BB932709BD534D476FBB7B0DF9542A8A4D890A3F2E1"
"00B23B938DC0A94D1DF8F42CF45D2D6601BF638C3D7DE75A29F02AFB7E45E91771"
"FD55AC6213C2A8A040E4CAB5B26A9CFCDA7373"
"73A48625D3758FA37B3EAB80E9CFCABA665E3199EA15A1FA8189D96F579125E4")) {
printf("sm2 enc b257 failed\n");
goto end;
} else {
printf("sm2 enc b257 passed\n");
}
if (!test_sm2_kap(
sm2p256test,
"ALICE123@YAHOO.COM",
"6FCBA2EF9AE0AB902BC3BDE3FF915D44BA4CC78F88E2F8E7F8996D3B8CCEEDEE",
"3099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE1655",
"3DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B",
"E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31",
"BILL456@YAHOO.COM",
"5E35D7D3F3C54DBAC72E61819E730B019A84208CA3A35E4C2E353DFCCB2A3B53",
"245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F43",
"53C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C",
"6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67",
"83A2C9C8B96E5AF70BD480B472409A9A327257F1EBB73F5B073354B248668563",
"33FE21940342161C55619C4A0C060293D543C80AF19748CE176D83477DE71C80",
"55B0AC62A6B927BA23703832C853DED4",
"284C8F198F141B502E81250F1581C7E9EEB4CA6990F9E02DF388B45471F5BC5C",
"23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A")) {
printf("sm2 kap p256 failed\n");
goto end;
} else {
printf("sm2 kap p256 passed\n");
}
#if 0
/* ZA will not pass! */
if (!test_sm2_kap(
sm2b257test,
"ALICE123@YAHOO.COM",
"4813903D254F2C20A94BC5704238496954BB5279F861952EF2C5298E84D2CEAA",
"008E3BDB2E11F9193388F1F901CCC857BF49CFC065FB38B9069CAAE6D5AFC3592F",
"004555122AAC0075F42E0A8BBD2C0665C789120DF19D77B4E3EE4712F598040415",
"ECF0080215977B2E5D6D61B98A99442F03E8803DC39E349F8DCA5621A9ACDF2B",
"BILL456@YAHOO.COM",
"08F41BAE0922F47C212803FE681AD52B9BF28A35E1CD0EC273A2CF813E8FD1DC",
"0034297DD83AB14D5B393B6712F32B2F2E938D4690B095424B89DA880C52D4A7D9",
"0199BBF11AC95A0EA34BBD00CA50B93EC24ACB68335D20BA5DCFE3B33BDBD2B62D",
"557BAD30 E183559A EEC3B2256E1C7C11F870D22B165D015ACF9465B09B87B527",
"54A3D6673FF3A6BD6B02EBB164C2A3AF6D4A4906229D9BFCE68CC366A2E64BA4",
"1F21933387BEF781D0A8F7FD708C5AE0A56EE3F423DBC2FE5BDF6F068C53F7AD",
"4E587E5C66634F22D973A7D98BF8BE23",
"4EB47D28AD3906D6244D01E0F6AEC73B0B51DE1574C13798184E4833DBAE295A",
"588AA67064F24DC27CCAA1FAB7E27DFF811D500AD7EF2FB8F69DDF48CC0FECB7")) {
printf("sm2 kap b257 failed\n");
goto end;
} else {
printf("sm2 kap b257 passed\n");
}
#endif
ret = 1;
end:
EC_GROUP_free(sm2p192test);
EC_GROUP_free(sm2p256test);
EC_GROUP_free(sm2b193test);
EC_GROUP_free(sm2b257test);
return ret;
}
EVP_PKEY *genpkey(int curve_nid, BIO *out, int verbose)
static EVP_PKEY *genpkey(int curve_nid, BIO *out, int verbose)
{
int ok = 0;
EVP_PKEY *ret = NULL;
@@ -761,7 +109,7 @@ end:
return ret;
}
int test_evp_pkey_sign(EVP_PKEY *pkey, int do_sm2, int verbose)
static int test_evp_pkey_sign(EVP_PKEY *pkey, int do_sm2, int verbose)
{
int ret = 0;
EVP_PKEY_CTX *pkctx = NULL;
@@ -784,7 +132,7 @@ int test_evp_pkey_sign(EVP_PKEY *pkey, int do_sm2, int verbose)
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -811,12 +159,12 @@ int test_evp_pkey_sign(EVP_PKEY *pkey, int do_sm2, int verbose)
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (EVP_PKEY_verify(pkctx, sig, siglen, dgst, dgstlen) != SM2_VERIFY_SUCCESS) {
if (1 != EVP_PKEY_verify(pkctx, sig, siglen, dgst, dgstlen)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -831,7 +179,7 @@ end:
return ret;
}
int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose)
static int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose)
{
int ret = 0;
EVP_PKEY_CTX *pkctx = NULL;
@@ -842,8 +190,6 @@ int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose)
size_t cbuflen = sizeof(cbuf);
unsigned char mbuf[512];
size_t mbuflen = sizeof(mbuf);
int len;
unsigned int ulen;
if (!(pkctx = EVP_PKEY_CTX_new(pkey, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
@@ -857,7 +203,7 @@ int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose)
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_enc_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -882,7 +228,7 @@ int test_evp_pkey_encrypt(EVP_PKEY *pkey, int do_sm2, int verbose)
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_enc_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -909,15 +255,13 @@ end:
return ret;
}
int test_evp_pkey_encrypt_old(EVP_PKEY *pkey, int verbose)
static int test_evp_pkey_encrypt_old(EVP_PKEY *pkey, int verbose)
{
int ret = 0;
unsigned char msg[] = "hello world this is the message";
size_t msglen = sizeof(msg);
unsigned char cbuf[512];
size_t cbuflen = sizeof(cbuf);
unsigned char mbuf[512];
size_t mbuflen = sizeof(mbuf);
int len;
@@ -955,7 +299,7 @@ end:
return ret;
}
int test_evp_sign(EVP_PKEY *pkey, const EVP_MD *md, int verbose)
static int test_evp_sign(EVP_PKEY *pkey, const EVP_MD *md, int verbose)
{
int ret = 0;
EVP_MD_CTX *mdctx = NULL;
@@ -963,7 +307,6 @@ int test_evp_sign(EVP_PKEY *pkey, const EVP_MD *md, int verbose)
size_t msglen = sizeof(msg);
unsigned char sig[256];
unsigned int siglen = (unsigned int)sizeof(sig);
unsigned int i;
if (!(mdctx = EVP_MD_CTX_create())) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
@@ -1004,7 +347,7 @@ int test_evp_sign(EVP_PKEY *pkey, const EVP_MD *md, int verbose)
goto end;
}
if (EVP_VerifyFinal(mdctx, sig, siglen, pkey) != SM2_VERIFY_SUCCESS) {
if (1 != EVP_VerifyFinal(mdctx, sig, siglen, pkey)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -1020,7 +363,7 @@ end:
return ret;
}
int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbose)
static int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbose)
{
int ret = 0;
EVP_MD_CTX *mdctx = NULL;
@@ -1031,8 +374,10 @@ int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbos
unsigned char sig[256];
size_t siglen = (unsigned int)sizeof(sig);
unsigned char z[EVP_MAX_MD_SIZE];
if (!(mdctx = EVP_MD_CTX_create())) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
@@ -1042,11 +387,17 @@ int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbos
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/*
if (!EVP_PKEY_CTX_set_pre_update(pkctx, z, 32)) {
goto end;
}
*/
if (!EVP_DigestSignUpdate(mdctx, msg, msglen)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
@@ -1065,11 +416,17 @@ int test_evp_digestsign(EVP_PKEY *pkey, int do_sm2, const EVP_MD *md, int verbos
goto end;
}
if (!EVP_PKEY_CTX_set_ec_scheme(pkctx, type)) {
if (!EVP_PKEY_CTX_set_ec_sign_type(pkctx, type)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/*
if (!EVP_PKEY_CTX_set_pre_update(pkctx, z, 32)) {
goto end;
}
*/
if (!EVP_DigestVerifyUpdate(mdctx, msg, msglen)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
@@ -1093,7 +450,7 @@ end:
#define NUM_PKEYS 3
#define MAX_PKEY_SIZE 1024
int test_evp_seal(int curve_id, const EVP_CIPHER *cipher, BIO *out, int verbose)
static int test_evp_seal(int curve_id, const EVP_CIPHER *cipher, BIO *out, int verbose)
{
int ret = 0;
EVP_PKEY *pkey[NUM_PKEYS] = {0};
@@ -1216,16 +573,15 @@ end:
return ret;
}
int test_sm2_evp(int verbose)
int main(int argc, char **argv)
{
int ret = 0;
int err = 0;
int verbose = 2;
EVP_PKEY *pkey = NULL;
BIO *out = NULL;
int curve_id = NID_sm2p256v1;
const EVP_MD *md = EVP_sm3();
const EVP_CIPHER *cipher = EVP_sms4_cbc();
ERR_load_crypto_strings();
BIO *out = NULL;
out = BIO_new_fp(stderr, BIO_NOCLOSE);
@@ -1234,103 +590,17 @@ int test_sm2_evp(int verbose)
goto end;
}
/* test sm2sign */
if (!test_evp_pkey_sign(pkey, 1, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test ecdsa */
if (!test_evp_pkey_sign(pkey, 0, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test sm2encrypt */
if (!test_evp_pkey_encrypt(pkey, 1, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test ecies */
if (!test_evp_pkey_encrypt(pkey, 0, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test ec default encrypt */
if (!test_evp_pkey_encrypt_old(pkey, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test ec default sign */
if (!test_evp_sign(pkey, md, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
/* test seal/open */
if (!test_evp_seal(curve_id, cipher, out, verbose)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
ret = 1;
if (!test_evp_pkey_sign(pkey, 1, verbose)) err++;
if (!test_evp_pkey_sign(pkey, 0, verbose)) err++;
if (!test_evp_pkey_encrypt(pkey, 1, verbose)) err++;
if (!test_evp_pkey_encrypt(pkey, 0, verbose)) err++;
if (!test_evp_pkey_encrypt_old(pkey, verbose)) err++;
if (!test_evp_sign(pkey, md, verbose)) err++;
if (!test_evp_seal(curve_id, cipher, out, verbose)) err++;
if (!test_evp_digestsign(pkey, 1, md, verbose)) err++;
end:
if (ret != 1) {
ERR_print_errors_fp(stderr);
}
EVP_PKEY_free(pkey);
return ret;
EXIT(err);
}
int main(int argc, char **argv)
{
int ret = -1;
BIO *out = NULL;
out = BIO_new_fp(stdout, BIO_NOCLOSE);
/*
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
} else {
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
*/
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof(rnd_seed));
if (!test_sm2_test_vector()) {
goto err;
}
if (!test_sm2_evp(1)) {
goto err;
}
ret =0;
err:
if (ret)
BIO_printf(out, "\nSM2 test failed\n");
else BIO_printf(out, "\nSM2 test passed\n");
if (ret)
ERR_print_errors(out);
//CRYPTO_cleanup_all_ex_data();
//ERR_remove_thread_state(NULL);
//ERR_free_strings();
//CRYPTO_mem_leaks(out);
//BIO_free(out);
return ret;
}
#endif

245
test/sm2test.c
View File

@@ -65,6 +65,9 @@ int main(int argc, char **argv)
# include <openssl/rand.h>
# include <openssl/engine.h>
# include <openssl/sm2.h>
# include "../crypto/sm2/sm2_lcl.h"
# define VERBOSE 1
RAND_METHOD fake_rand;
const RAND_METHOD *old_rand;
@@ -73,7 +76,7 @@ static const char rnd_seed[] =
"string to make the random number generator think it has entropy";
static const char *rnd_number = NULL;
int fbytes(unsigned char *buf, int num)
static int fbytes(unsigned char *buf, int num)
{
int ret = 0;
BIGNUM *bn = NULL;
@@ -94,7 +97,7 @@ end:
return ret;
}
int change_rand(const char *hex)
static int change_rand(const char *hex)
{
if (!(old_rand = RAND_get_rand_method())) {
return 0;
@@ -115,7 +118,7 @@ int change_rand(const char *hex)
return 1;
}
int restore_rand(void)
static int restore_rand(void)
{
rnd_number = NULL;
if (!RAND_set_rand_method(old_rand))
@@ -123,7 +126,7 @@ int restore_rand(void)
else return 1;
}
int hexequbin(const char *hex, const unsigned char *bin, size_t binlen)
static int hexequbin(const char *hex, const unsigned char *bin, size_t binlen)
{
int ret = 0;
char *buf = NULL;
@@ -150,7 +153,7 @@ int hexequbin(const char *hex, const unsigned char *bin, size_t binlen)
return ret;
}
EC_GROUP *new_ec_group(int is_prime_field,
static EC_GROUP *new_ec_group(int is_prime_field,
const char *p_hex, const char *a_hex, const char *b_hex,
const char *x_hex, const char *y_hex, const char *n_hex, const char *h_hex)
{
@@ -231,7 +234,7 @@ err:
return group;
}
EC_KEY *new_ec_key(const EC_GROUP *group,
static EC_KEY *new_ec_key(const EC_GROUP *group,
const char *sk, const char *xP, const char *yP,
const char *id, const EVP_MD *id_md)
{
@@ -294,13 +297,14 @@ end:
return ec_key;
}
int test_sm2_sign(const EC_GROUP *group,
static int test_sm2_sign(const EC_GROUP *group,
const char *sk, const char *xP, const char *yP,
const char *id, const char *Z,
const char *M, const char *e,
const char *k, const char *r, const char *s)
{
int ret = 0;
int verbose = VERBOSE;
const EVP_MD *id_md = EVP_sm3();
const EVP_MD *msg_md = EVP_sm3();
int type = NID_undef;
@@ -323,16 +327,23 @@ int test_sm2_sign(const EC_GROUP *group,
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
EC_KEY_print_fp(stdout, ec_key, 4);
if (verbose > 1) {
EC_KEY_print_fp(stdout, ec_key, 4);
}
dgstlen = sizeof(dgst);
if (!SM2_compute_id_digest(id_md, id, strlen(id), dgst, &dgstlen, ec_key)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
printf("id=%s\n", id);
printf("zid(xx):"); for (int j = 0; j < dgstlen; j++) { printf("%02x", dgst[j]); } printf("\n");
if (verbose > 1) {
printf("id=%s\n", id);
printf("zid(xx):");
for (int j = 0; j < dgstlen; j++) { printf("%02x", dgst[j]); } printf("\n");
}
if (!hexequbin(Z, dgst, dgstlen)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
@@ -386,7 +397,7 @@ int test_sm2_sign(const EC_GROUP *group,
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
}
fprintf(stderr, " -> %d\n", __LINE__);
if (1 != SM2_verify(type, dgst, dgstlen, sig, siglen, pubkey)) {
fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
goto err;
@@ -403,57 +414,57 @@ err:
return ret;
}
int test_sm2_enc(const EC_GROUP *group,
static int test_sm2_enc(const EC_GROUP *group, const EVP_MD *md,
const char *d, const char *xP, const char *yP,
const char *M,
const char *k, const char *C)
const char *M, const char *k, const char *C)
{
int ret = 0;
EC_KEY *ec_key = NULL;
const EVP_MD *kdf_md = EVP_sm3();
const EVP_MD *mac_md = EVP_sm3();
point_conversion_form_t point_form = POINT_CONVERSION_UNCOMPRESSED;
unsigned char msg[128];
unsigned char buf[sizeof(msg) + 128];
EC_KEY *pub_key = NULL;
EC_KEY *pri_key = NULL;
SM2CiphertextValue *cv = NULL;
unsigned char mbuf[128];
unsigned char cbuf[sizeof(mbuf) + 256];
unsigned char *tbuf = NULL;
size_t msglen, buflen;
unsigned char *p = buf;
unsigned char *testcbuf;
long testbuflen;
if (!(pub_key = new_ec_key(group, NULL, xP, yP, NULL, NULL))) {
goto end;
}
/* test encrypt */
change_rand(k);
if (!(ec_key = new_ec_key(group, NULL, xP, yP, NULL, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
if (!(cv = SM2_do_encrypt(md, (unsigned char *)M, strlen(M), pub_key))) {
goto end;
}
buflen = sizeof(buf);
if (!SM2_encrypt_with_recommended(
(const unsigned char *)M, strlen(M),
buf, &buflen,
ec_key)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
p = cbuf;
if ((clen = i2o_SM2CiphertextValue(group, cv, &p)) <= 0) {
goto end;
}
if (!(tbuf = OPENSSL_hexstr2buf(C, &tlen))) {
EXIT(1);
}
if (!hexequbin(C, buf, buflen)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
printf("shit\n");
if (tlen != clen || memcmp(tbuf, cbuf, clen) != 0) {
goto end;
}
EC_KEY_free(ec_key);
if (!(ec_key = new_ec_key(group, d, xP, yP, NULL, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
/* test decrypt */
if (!(pri_key = new_ec_key(group, d, xP, yP, NULL, NULL))) {
goto end;
}
if (!SM2_decrypt_with_recommended(
buf, buflen,
msg, &msglen,
ec_key)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
mlen = sizeof(mbuf);
if (!SM2_do_decrypt(md, cv, mbuf, &mlen, pri_key)) {
goto end;
}
if (msglen != strlen(M) || memcmp(msg, M, strlen(M))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
if (mlen != strlen(M) || memcmp(mbuf, M, strlen(M))) {
goto end;
}
@@ -463,10 +474,11 @@ end:
ERR_print_errors_fp(stderr);
restore_rand();
EC_KEY_free(ec_key);
EC_KEY_free(pub_key);
return ret;
}
int test_sm2_kap(const EC_GROUP *group,
static int test_sm2_kap(const EC_GROUP *group,
const char *A, const char *dA, const char *xA, const char *yA, const char *ZA,
const char *B, const char *dB, const char *xB, const char *yB, const char *ZB,
const char *rA, const char *rB, const char *KAB, const char *S1, const char *S2)
@@ -479,9 +491,6 @@ int test_sm2_kap(const EC_GROUP *group,
EC_KEY *pubkeyB = NULL;
SM2_KAP_CTX ctxA;
SM2_KAP_CTX ctxB;
unsigned char za[EVP_MAX_MD_SIZE];
unsigned char zb[EVP_MAX_MD_SIZE];
size_t zalen, zblen;
unsigned char RA[256];
unsigned char RB[256];
size_t RAlen = sizeof(RA);
@@ -497,7 +506,6 @@ int test_sm2_kap(const EC_GROUP *group,
memset(&ctxA, 0, sizeof(ctxA));
memset(&ctxB, 0, sizeof(ctxB));
eckeyA = new_ec_key(group, dA, xA, yA, A, id_md);
eckeyB = new_ec_key(group, dB, xB, yB, B, id_md);
pubkeyA = new_ec_key(group, NULL, xA, yA, A, id_md);
@@ -506,30 +514,10 @@ int test_sm2_kap(const EC_GROUP *group,
goto end;
}
/*
zalen = sizeof(za);
if (!SM2_get_id_digest(eckeyA, za, &zalen)) {
if (!SM2_KAP_CTX_init(&ctxA, eckeyA, A, strlen(A), pubkeyB, B, strlen(B), 1, 1)) {
goto end;
}
zblen = sizeof(zb);
if (!SM2_get_id_digest(eckeyB, zb, &zblen)) {
goto end;
}
*/
if (!hexequbin(ZA, za, zalen)) {
fprintf(stderr, "error (%s %d): ZA != value in test vector !!!\n", __FILE__, __LINE__);
goto end;
}
if (!hexequbin(ZB, zb, zblen)) {
goto end;
}
if (!SM2_KAP_CTX_init(&ctxA, eckeyA, ZA, strlen(ZA), pubkeyB, ZB, strlen(ZB), 1, 1)) {
goto end;
}
if (!SM2_KAP_CTX_init(&ctxB, eckeyB, ZB, strlen(ZB), pubkeyA, ZA, strlen(ZA), 0, 1)) {
if (!SM2_KAP_CTX_init(&ctxB, eckeyB, B, strlen(B), pubkeyA, A, strlen(A), 0, 1)) {
goto end;
}
@@ -545,13 +533,11 @@ int test_sm2_kap(const EC_GROUP *group,
}
restore_rand();
if (!SM2_KAP_compute_key(&ctxA, RB, RBlen, kab, kablen, s1, &s1len)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!SM2_KAP_compute_key(&ctxB, RA, RAlen, kba, kbalen, s2, &s2len)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
@@ -576,14 +562,16 @@ end:
return ret;
}
int test_sm2_test_vector()
int main(int argc, char **argv)
{
int ret = 0;
int err = 0;
EC_GROUP *sm2p192test = NULL;
EC_GROUP *sm2p256test = NULL;
EC_GROUP *sm2b193test = NULL;
EC_GROUP *sm2b257test = NULL;
RAND_seed(rnd_seed, sizeof(rnd_seed));
sm2p192test = new_ec_group(1,
"BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F",
"BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985",
@@ -621,6 +609,7 @@ int test_sm2_test_vector()
"4");
if (!sm2p192test || !sm2p256test || !sm2b193test || !sm2b257test) {
err++;
goto end;
}
@@ -637,7 +626,7 @@ int test_sm2_test_vector()
"40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1",
"6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7")) {
printf("sm2 sign p256 failed\n");
goto end;
err++;
} else {
printf("sm2 sign p256 passed\n");
}
@@ -656,13 +645,13 @@ int test_sm2_test_vector()
"6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B",
"3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556")) {
printf("sm2 sign b257 failed\n");
goto end;
err++;
} else {
printf("sm2 sign b257 passed\n");
}
if (!test_sm2_enc(
sm2p256test,
sm2p256test, EVP_sm3(),
"1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
"435B39CCA8F3B508C1488AFC67BE491A0F7BA07E581A0E4849A5CF70628A7E0A",
"75DDBA78F15FEECB4C7895E2C1CDF5FE01DEBB2CDBADF45399CCF77BBA076A42",
@@ -674,13 +663,13 @@ int test_sm2_test_vector()
"650053A89B41C418B0C3AAD00D886C00286467"
"9C3D7360C30156FAB7C80A0276712DA9D8094A634B766D3A285E07480653426D")) {
printf("sm2 enc p256 failed\n");
goto end;
err++;
} else {
printf("sm2 enc p256 passed\n");
}
if (!test_sm2_enc(
sm2b257test,
sm2b257test, EVP_sm3(),
"56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB",
"00A67941E6DE8A61805F7BCFF0985BB3BED986F1C297E4D8880D82B821C624EE57",
"0193ED5A6707B5908781B860841085F52EEFA7FE329A5C811843533A874D027271",
@@ -692,7 +681,7 @@ int test_sm2_test_vector()
"FD55AC6213C2A8A040E4CAB5B26A9CFCDA7373"
"73A48625D3758FA37B3EAB80E9CFCABA665E3199EA15A1FA8189D96F579125E4")) {
printf("sm2 enc b257 failed\n");
goto end;
err++;
} else {
printf("sm2 enc b257 passed\n");
}
@@ -715,12 +704,11 @@ int test_sm2_test_vector()
"284C8F198F141B502E81250F1581C7E9EEB4CA6990F9E02DF388B45471F5BC5C",
"23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A")) {
printf("sm2 kap p256 failed\n");
goto end;
err++;
} else {
printf("sm2 kap p256 passed\n");
}
#if 0
/* ZA will not pass! */
if (!test_sm2_kap(
sm2b257test,
@@ -740,107 +728,16 @@ int test_sm2_test_vector()
"4EB47D28AD3906D6244D01E0F6AEC73B0B51DE1574C13798184E4833DBAE295A",
"588AA67064F24DC27CCAA1FAB7E27DFF811D500AD7EF2FB8F69DDF48CC0FECB7")) {
printf("sm2 kap b257 failed\n");
goto end;
err++;
} else {
printf("sm2 kap b257 passed\n");
}
#endif
ret = 1;
end:
EC_GROUP_free(sm2p192test);
EC_GROUP_free(sm2p256test);
EC_GROUP_free(sm2b193test);
EC_GROUP_free(sm2b257test);
return ret;
}
EVP_PKEY *genpkey(int curve_nid, BIO *out, int verbose)
{
int ok = 0;
EVP_PKEY *ret = NULL;
EVP_PKEY_CTX *pkctx = NULL;
if (!(pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!EVP_PKEY_keygen_init(pkctx)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkctx, curve_nid)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (!EVP_PKEY_keygen(pkctx, &ret)) {
fprintf(stderr, "error: %s %d\n", __FILE__, __LINE__);
goto end;
}
if (verbose > 1) {
EVP_PKEY_print_private(out, ret, 4, NULL);
BIO_printf(out, "\n");
}
ok = 1;
end:
if (!ok && ret) {
EVP_PKEY_free(ret);
ret = NULL;
}
EVP_PKEY_CTX_free(pkctx);
return ret;
}
int main(int argc, char **argv)
{
int ret = -1;
BIO *out = NULL;
out = BIO_new_fp(stdout, BIO_NOCLOSE);
/*
if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
} else {
CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
*/
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof(rnd_seed));
if (!test_sm2_test_vector()) {
goto err;
}
ret =0;
err:
if (ret)
BIO_printf(out, "\nSM2 test failed\n");
else BIO_printf(out, "\nSM2 test passed\n");
if (ret)
ERR_print_errors(out);
//CRYPTO_cleanup_all_ex_data();
//ERR_remove_thread_state(NULL);
//ERR_free_strings();
//CRYPTO_mem_leaks(out);
//BIO_free(out);
return ret;
EXIT(err);
}
#endif

16
test/sm2test.d.tmp Normal file
View File

@@ -0,0 +1,16 @@
test/sm2test.o: test/sm2test.c test/../e_os.h \
include/openssl/opensslconf.h include/openssl/e_os2.h \
include/openssl/bn.h include/openssl/ossl_typ.h \
include/openssl/crypto.h include/openssl/stack.h \
include/openssl/safestack.h include/openssl/opensslv.h \
include/openssl/symhacks.h include/openssl/ec.h include/openssl/asn1.h \
include/openssl/bio.h include/openssl/evp.h include/openssl/objects.h \
include/openssl/obj_mac.h include/openssl/rand.h \
include/openssl/engine.h include/openssl/rsa.h include/openssl/dsa.h \
include/openssl/dh.h include/openssl/ui.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/x509.h \
include/openssl/buffer.h include/openssl/paillier.h \
include/openssl/sha.h include/openssl/x509_vfy.h \
include/openssl/pkcs7.h include/openssl/sm2.h include/openssl/kdf2.h \
include/openssl/kdf.h include/openssl/ecies.h include/openssl/sm3.h \
test/../crypto/sm2/sm2_lcl.h

1
test/sm3test.c
View File

@@ -222,6 +222,7 @@ int main(int argc, char **argv)
if (memcmp(dgstbuf, dgst, dgstlen) != 0) {
printf("error calculating SM3 on %s\n", testhex[i]);
printf("got %s instead of %s\n", p, dgsthex[i]);
err++;
} else {
printf("test %d ok\n", i+1);
}

125
util/libcrypto.num
View File

@@ -3549,7 +3549,7 @@ OPENSSL_strlcat 3501 1_1_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_new 3502 1_1_0 EXIST::FUNCTION:
BIO_ADDR_rawport 3503 1_1_0 EXIST::FUNCTION:SOCK
BUF_MEM_grow_clean 3504 1_1_0 EXIST::FUNCTION:
X509_NAME_print_ex_fp 3505 1_1_0 EXIST::FUNCTION:STDIO
X509_NAME_print_ex_fp 3505 1_1_0 NOEXIST::FUNCTION:
X509_check_host 3506 1_1_0 EXIST::FUNCTION:
PEM_read_ECPKParameters 3507 1_1_0 EXIST::FUNCTION:EC,STDIO
X509_ATTRIBUTE_get0_data 3508 1_1_0 EXIST::FUNCTION:
@@ -4228,9 +4228,9 @@ EVP_sms4_gcm 4194 1_1_0d EXIST::FUNCTION:SMS4
EVP_sms4_ocb 4195 1_1_0d EXIST::FUNCTION:SMS4
EVP_sms4_ccm 4196 1_1_0d EXIST::FUNCTION:SMS4
EVP_sms4_wrap_pad 4197 1_1_0d EXIST::FUNCTION:SMS4
SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB 4198 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB 4198 1_1_0d NOEXIST::FUNCTION:
BFPrivateKeyBlock_new 4199 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_init_with_recommended 4200 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_init_with_recommended 4200 1_1_0d NOEXIST::FUNCTION:
BFMasterSecret_it 4201 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
BFMasterSecret_it 4201 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
SAF_Pkcs7_EncodeData 4202 1_1_0d EXIST::FUNCTION:
@@ -4247,7 +4247,7 @@ sms4_ctr128_encrypt 4212 1_1_0d EXIST::FUNCTION:
ECDSA_SIG_new_from_ECCSIGNATUREBLOB 4213 1_1_0d EXIST::FUNCTION:
SAF_GetCaCertificate 4214 1_1_0d EXIST::FUNCTION:
EC_KEY_new_from_ECCPUBLICKEYBLOB 4215 1_1_0d EXIST::FUNCTION:
SM2_decrypt_with_recommended 4216 1_1_0d EXIST::FUNCTION:
SM2_decrypt_with_recommended 4216 1_1_0d NOEXIST::FUNCTION:
CPK_MASTER_SECRET_print 4217 1_1_0d EXIST::FUNCTION:
ECIES_do_decrypt 4218 1_1_0d EXIST::FUNCTION:
FFX_decrypt 4219 1_1_0d EXIST::FUNCTION:
@@ -4265,8 +4265,8 @@ i2d_BFPublicParameters 4229 1_1_0d EXIST::FUNCTION:
sms4_unwrap_key 4230 1_1_0d EXIST::FUNCTION:
sms4_set_encrypt_key 4231 1_1_0d EXIST::FUNCTION:
SKF_RSAVerify 4232 1_1_0d EXIST::FUNCTION:
PAILLIER_PUBLIC_KEY_it 4233 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PAILLIER_PUBLIC_KEY_it 4233 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
PAILLIER_PUBLIC_KEY_it 4233 1_1_0d NOEXIST::FUNCTION:
PAILLIER_PUBLIC_KEY_it 4233 1_1_0d NOEXIST::FUNCTION:
sms4_avx2_encrypt_8blocks 4234 1_1_0d EXIST::FUNCTION:
SKF_Transmit 4235 1_1_0d EXIST::FUNCTION:
SM9Signature_it 4236 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -4321,10 +4321,10 @@ d2i_SM9Signature 4282 1_1_0d EXIST::FUNCTION:
SAF_ImportEncedKey 4283 1_1_0d EXIST::FUNCTION:
SKF_GenerateAgreementDataAndKeyWithECC 4284 1_1_0d EXIST::FUNCTION:
SDF_InternalPublicKeyOperation_RSA 4285 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_new 4286 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_new 4286 1_1_0d NOEXIST::FUNCTION:
SKF_PrintDeviceInfo 4287 1_1_0d EXIST::FUNCTION:
EC_GROUP_get_type1curve_eta 4288 1_1_0d EXIST::FUNCTION:
d2i_PAILLIER_PUBLIC_KEY 4289 1_1_0d EXIST::FUNCTION:
d2i_PAILLIER_PUBLIC_KEY 4289 1_1_0d NOEXIST::FUNCTION:
SM9PrivateKey_new 4290 1_1_0d EXIST::FUNCTION:
sm3_hmac 4291 1_1_0d EXIST::FUNCTION:
SOF_GetPinRetryCount 4292 1_1_0d EXIST::FUNCTION:
@@ -4346,7 +4346,7 @@ BN_bn2solinas 4306 1_1_0d EXIST::FUNCTION:
SKF_DecryptInit 4307 1_1_0d EXIST::FUNCTION:
SKF_Encrypt 4308 1_1_0d EXIST::FUNCTION:
SAF_GenerateAgreementDataAdnKeyWithECC 4309 1_1_0d EXIST::FUNCTION:
ECIES_decrypt_with_recommended 4310 1_1_0d EXIST::FUNCTION:
ECIES_decrypt_with_recommended 4310 1_1_0d NOEXIST::FUNCTION:
BB1IBE_extract_private_key 4311 1_1_0d EXIST::FUNCTION:
SAF_Base64_DestroyBase64Obj 4312 1_1_0d EXIST::FUNCTION:
SDF_HashFinal 4313 1_1_0d EXIST::FUNCTION:
@@ -4378,7 +4378,7 @@ SOF_VerifySignedMessage 4338 1_1_0d EXIST::FUNCTION:
EC_KEY_METHOD_set_encrypt 4339 1_1_0d EXIST::FUNCTION:
SAF_SM2_DecodeEnvelopedData 4340 1_1_0d EXIST::FUNCTION:
SDF_HashUpdate 4341 1_1_0d EXIST::FUNCTION:
i2d_PAILLIER_PUBLIC_KEY 4342 1_1_0d EXIST::FUNCTION:
i2d_PAILLIER_PUBLIC_KEY 4342 1_1_0d NOEXIST::FUNCTION:
EC_GROUP_new_type1curve 4343 1_1_0d EXIST::FUNCTION:
BN_GFP2_copy 4344 1_1_0d EXIST::FUNCTION:
sms4_encrypt_8blocks 4345 1_1_0d EXIST::FUNCTION:
@@ -4419,13 +4419,13 @@ SM2_sign_ex 4379 1_1_0d EXIST::FUNCTION:
SOF_GetCertTrustListAltNames 4380 1_1_0d EXIST::FUNCTION:
RSA_set_RSAPUBLICKEYBLOB 4381 1_1_0d EXIST::FUNCTION:
PAILLIER_decrypt 4382 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_set_ECCCipher 4383 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_set_ECCCipher 4383 1_1_0d NOEXIST::FUNCTION:
SKF_CreateApplication 4384 1_1_0d EXIST::FUNCTION:
sms4_cbc_encrypt 4385 1_1_0d EXIST::FUNCTION:
SDF_ExportSignPublicKey_ECC 4386 1_1_0d EXIST::FUNCTION:
ECIES_CIPHERTEXT_VALUE_it 4387 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ECIES_CIPHERTEXT_VALUE_it 4387 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
SM2_ENC_PARAMS_free 4388 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_free 4388 1_1_0d NOEXIST::FUNCTION:
SKF_GenerateAgreementDataWithECC 4389 1_1_0d EXIST::FUNCTION:
BFIBE_encrypt 4390 1_1_0d EXIST::FUNCTION:
SDF_PrintECCSignature 4391 1_1_0d EXIST::FUNCTION:
@@ -4454,7 +4454,7 @@ SDF_GenerateKeyWithIPK_RSA 4412 1_1_0d EXIST::FUNCTION:
SAF_GetCaCertificateCount 4413 1_1_0d EXIST::FUNCTION:
SM2_do_decrypt 4414 1_1_0d EXIST::FUNCTION:
CPK_MASTER_SECRET_digest 4415 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_new 4416 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_new 4416 1_1_0d NOEXIST::FUNCTION:
d2i_BFCiphertextBlock 4417 1_1_0d EXIST::FUNCTION:
SKF_ImportCertificate 4418 1_1_0d EXIST::FUNCTION:
PAILLIER_ciphertext_add 4419 1_1_0d EXIST::FUNCTION:
@@ -4463,7 +4463,7 @@ eia3_init 4421 1_1_0d EXIST::FUNCTION:
SM9Ciphertext_it 4422 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
SM9Ciphertext_it 4422 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
eea3_init 4423 1_1_0d EXIST::FUNCTION:
i2d_SM2_CIPHERTEXT_VALUE 4424 1_1_0d EXIST::FUNCTION:
i2d_SM2_CIPHERTEXT_VALUE 4424 1_1_0d NOEXIST::FUNCTION:
i2d_BFCiphertextBlock 4425 1_1_0d EXIST::FUNCTION:
SAF_Pkcs7_EncodeSignedData 4426 1_1_0d EXIST::FUNCTION:
BB1MasterSecret_new 4427 1_1_0d EXIST::FUNCTION:
@@ -4489,7 +4489,7 @@ SOF_DecryptFile 4445 1_1_0d EXIST::FUNCTION:
PAILLIER_new 4446 1_1_0d EXIST::FUNCTION:
RSA_get_RSArefPrivateKey 4447 1_1_0d EXIST::FUNCTION:
SKF_GetFileInfo 4448 1_1_0d EXIST::FUNCTION:
d2i_SM2_CIPHERTEXT_VALUE 4449 1_1_0d EXIST::FUNCTION:
d2i_SM2_CIPHERTEXT_VALUE 4449 1_1_0d NOEXIST::FUNCTION:
GMAPI_sgd2mdnid 4450 1_1_0d EXIST::FUNCTION:
SKF_LockDev 4451 1_1_0d EXIST::FUNCTION:
d2i_ECIESParameters 4452 1_1_0d EXIST::FUNCTION:
@@ -4531,7 +4531,7 @@ FpPoint_new 4487 1_1_0d EXIST::FUNCTION:
SM2_KAP_CTX_cleanup 4488 1_1_0d EXIST::FUNCTION:
sm3_compress 4489 1_1_0d EXIST::FUNCTION:
OTP_generate 4490 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_print 4491 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_print 4491 1_1_0d NOEXIST::FUNCTION:
PAILLIER_ciphertext_scalar_mul 4492 1_1_0d EXIST::FUNCTION:
SAF_Logout 4493 1_1_0d EXIST::FUNCTION:
SAF_GetRootCaCertificate 4494 1_1_0d EXIST::FUNCTION:
@@ -4571,7 +4571,7 @@ SKF_DecryptFinal 4527 1_1_0d EXIST::FUNCTION:
SM9_sign 4528 1_1_0d EXIST::FUNCTION:
sms4_ofb128_encrypt 4529 1_1_0d EXIST::FUNCTION:
SKF_PrintECCPublicKey 4530 1_1_0d EXIST::FUNCTION:
SM2_encrypt_with_recommended 4531 1_1_0d EXIST::FUNCTION:
SM2_encrypt_with_recommended 4531 1_1_0d NOEXIST::FUNCTION:
SDF_DestroyKey 4532 1_1_0d EXIST::FUNCTION:
BN_GF2P_add_bn 4533 1_1_0d EXIST::FUNCTION:
i2d_ECIES_CIPHERTEXT_VALUE 4534 1_1_0d EXIST::FUNCTION:
@@ -4580,7 +4580,7 @@ EC_KEY_get_ECCPRIVATEKEYBLOB 4536 1_1_0d EXIST::FUNCTION:
SAF_CreateSymmKeyObj 4537 1_1_0d EXIST::FUNCTION:
SM2_KAP_compute_key 4538 1_1_0d EXIST::FUNCTION:
i2d_BB1CiphertextBlock 4539 1_1_0d EXIST::FUNCTION:
ECIES_encrypt_with_recommended 4540 1_1_0d EXIST::FUNCTION:
ECIES_encrypt_with_recommended 4540 1_1_0d NOEXIST::FUNCTION:
FFX_compute_luhn 4541 1_1_0d EXIST::FUNCTION:
EC_GROUP_generate_typ1curve 4542 1_1_0d EXIST::FUNCTION:
SOF_SignData 4543 1_1_0d EXIST::FUNCTION:
@@ -4594,7 +4594,7 @@ SAF_EnumCertificates 4550 1_1_0d EXIST::FUNCTION:
SKF_OpenApplication 4551 1_1_0d EXIST::FUNCTION:
CPK_PUBLIC_PARAMS_it 4552 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
CPK_PUBLIC_PARAMS_it 4552 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
SM2_CIPHERTEXT_VALUE_encode 4553 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_encode 4553 1_1_0d NOEXIST::FUNCTION:
SKF_SetSymmKey 4554 1_1_0d EXIST::FUNCTION:
BN_GFP2_mul_bn 4555 1_1_0d EXIST::FUNCTION:
SDF_ExternalVerify_ECC 4556 1_1_0d EXIST::FUNCTION:
@@ -4614,7 +4614,7 @@ i2d_SM9MasterSecret 4569 1_1_0d EXIST::FUNCTION:
FFX_encrypt 4570 1_1_0d EXIST::FUNCTION:
CPK_MAP_is_valid 4571 1_1_0d EXIST::FUNCTION:
SAF_EnumCertificatesFree 4572 1_1_0d EXIST::FUNCTION:
d2i_PAILLIER_PRIVATE_KEY 4573 1_1_0d EXIST::FUNCTION:
d2i_PAILLIER_PRIVATE_KEY 4573 1_1_0d NOEXIST::FUNCTION:
SDF_PrintDeviceInfo 4574 1_1_0d EXIST::FUNCTION:
RSA_new_from_RSArefPrivateKey 4575 1_1_0d EXIST::FUNCTION:
KDF_get_nist_concatenation 4576 1_1_0d EXIST::FUNCTION:
@@ -4675,7 +4675,7 @@ SAF_Base64_Encode 4629 1_1_0d EXIST::FUNCTION:
BN_GFP2_canonical 4630 1_1_0d EXIST::FUNCTION:
SKF_ImportECCKeyPair 4631 1_1_0d EXIST::FUNCTION:
SKF_GetErrorString 4632 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_decode 4633 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_decode 4633 1_1_0d NOEXIST::FUNCTION:
SM9_do_decrypt 4634 1_1_0d EXIST::FUNCTION:
eea3 4635 1_1_0d EXIST::FUNCTION:
ERR_load_SOF_strings 4636 1_1_0d EXIST::FUNCTION:
@@ -4688,13 +4688,13 @@ d2i_CPK_PUBLIC_PARAMS_bio 4642 1_1_0d EXIST::FUNCTION:
BB1CiphertextBlock_it 4643 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
BB1CiphertextBlock_it 4643 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
sms4_ecb_encrypt 4644 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_get_ECCCipher 4645 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_get_ECCCipher 4645 1_1_0d NOEXIST::FUNCTION:
ERR_load_PAILLIER_strings 4646 1_1_0d EXIST::FUNCTION:
SDF_GenerateKeyPair_RSA 4647 1_1_0d EXIST::FUNCTION:
i2d_CPK_PUBLIC_PARAMS_bio 4648 1_1_0d EXIST::FUNCTION:
SOF_EncryptFile 4649 1_1_0d EXIST::FUNCTION:
PAILLIER_PRIVATE_KEY_it 4650 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PAILLIER_PRIVATE_KEY_it 4650 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
PAILLIER_PRIVATE_KEY_it 4650 1_1_0d NOEXIST::FUNCTION:
PAILLIER_PRIVATE_KEY_it 4650 1_1_0d NOEXIST::FUNCTION:
ERR_load_BFIBE_strings 4651 1_1_0d EXIST::FUNCTION:
SKF_EncryptInit 4652 1_1_0d EXIST::FUNCTION:
EC_KEY_set_ECCrefPublicKey 4653 1_1_0d EXIST::FUNCTION:
@@ -4711,7 +4711,7 @@ SKF_UnlockDev 4662 1_1_0d EXIST::FUNCTION:
BN_is_solinas 4663 1_1_0d EXIST::FUNCTION:
ECIES_PARAMS_free 4664 1_1_0d EXIST::FUNCTION:
SAF_HashUpdate 4665 1_1_0d EXIST::FUNCTION:
SM2_compute_message_digest 4666 1_1_0d EXIST::FUNCTION:
SM2_compute_message_digest 4666 1_1_0d NOEXIST::FUNCTION:
SOF_GetServerCertificate 4667 1_1_0d EXIST::FUNCTION:
CPK_MASTER_SECRET_it 4668 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
CPK_MASTER_SECRET_it 4668 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -4756,7 +4756,7 @@ SDF_HashInit 4705 1_1_0d EXIST::FUNCTION:
SM2_KAP_prepare 4706 1_1_0d EXIST::FUNCTION:
SAF_VerifyCertificateByCrl 4707 1_1_0d EXIST::FUNCTION:
ECDSA_SIG_get_ECCSIGNATUREBLOB 4708 1_1_0d EXIST::FUNCTION:
i2d_PAILLIER_PRIVATE_KEY 4709 1_1_0d EXIST::FUNCTION:
i2d_PAILLIER_PRIVATE_KEY 4709 1_1_0d NOEXIST::FUNCTION:
SDF_OpenDevice 4710 1_1_0d EXIST::FUNCTION:
SKF_GetContainerType 4711 1_1_0d EXIST::FUNCTION:
PAILLIER_generate_key 4712 1_1_0d EXIST::FUNCTION:
@@ -4764,7 +4764,7 @@ eia3_final 4713 1_1_0d EXIST::FUNCTION:
RSA_get_RSAPUBLICKEYBLOB 4714 1_1_0d EXIST::FUNCTION:
SM2_KAP_final_check 4715 1_1_0d EXIST::FUNCTION:
EC_type1curve_tate 4716 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_dup 4717 1_1_0d EXIST::FUNCTION:
SM2_ENC_PARAMS_dup 4717 1_1_0d NOEXIST::FUNCTION:
SOF_SetSignMethod 4718 1_1_0d EXIST::FUNCTION:
sms4_ede_decrypt 4719 1_1_0d EXIST::FUNCTION:
SKF_VerifyPIN 4720 1_1_0d EXIST::FUNCTION:
@@ -4775,17 +4775,17 @@ SOF_GetTimeStampInfo 4724 1_1_0d EXIST::FUNCTION:
zuc_ctx_init 4725 1_1_0d EXIST::FUNCTION:
SOF_ChangePassWd 4726 1_1_0d EXIST::FUNCTION:
SDF_ImportKeyWithISK_RSA 4727 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_free 4728 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_free 4728 1_1_0d NOEXIST::FUNCTION:
SKF_PrintECCSignature 4729 1_1_0d EXIST::FUNCTION:
SM2_sign 4730 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB 4731 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB 4731 1_1_0d NOEXIST::FUNCTION:
BFMasterSecret_free 4732 1_1_0d EXIST::FUNCTION:
SOF_GetSignMethod 4733 1_1_0d EXIST::FUNCTION:
SAF_SM2_EncodeSignedAndEnvelopedData 4734 1_1_0d EXIST::FUNCTION:
SOF_VerifySignedMessageDetach 4735 1_1_0d EXIST::FUNCTION:
BN_GFP2_inv 4736 1_1_0d EXIST::FUNCTION:
SDF_GenerateKeyPair_ECC 4737 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_new_from_ECCCipher 4738 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_new_from_ECCCipher 4738 1_1_0d NOEXIST::FUNCTION:
SM9_encrypt 4739 1_1_0d EXIST::FUNCTION:
SAF_EccVerifySignByCert 4740 1_1_0d EXIST::FUNCTION:
EC_KEY_set_default_sm_method 4741 1_1_0d EXIST::FUNCTION:
@@ -4821,18 +4821,18 @@ SKF_UnblockPIN 4770 1_1_0d EXIST::FUNCTION:
KDF_get_tls_kdf 4771 1_1_0d EXIST::FUNCTION:
BFPublicParameters_it 4772 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
BFPublicParameters_it 4772 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
SM2_CIPHERTEXT_VALUE_size 4773 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_size 4773 1_1_0d NOEXIST::FUNCTION:
SM9PublicParameters_new 4774 1_1_0d EXIST::FUNCTION:
RSA_new_from_RSAPRIVATEKEYBLOB 4775 1_1_0d EXIST::FUNCTION:
d2i_FpPoint 4776 1_1_0d EXIST::FUNCTION:
d2i_BB1CiphertextBlock 4777 1_1_0d EXIST::FUNCTION:
sms4_wrap_key 4778 1_1_0d EXIST::FUNCTION:
i2d_BFPrivateKeyBlock 4779 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB 4780 1_1_0d EXIST::FUNCTION:
SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB 4780 1_1_0d NOEXIST::FUNCTION:
EC_GROUP_get_type1curve_zeta 4781 1_1_0d EXIST::FUNCTION:
SKF_PrintRSAPublicKey 4782 1_1_0d EXIST::FUNCTION:
EC_KEY_new_from_ECCPRIVATEKEYBLOB 4783 1_1_0d EXIST::FUNCTION:
SM2_get_public_key_data 4784 1_1_0d EXIST::FUNCTION:
SM2_get_public_key_data 4784 1_1_0d NOEXIST::FUNCTION:
SAF_SM2_DecodeSignedData 4785 1_1_0d EXIST::FUNCTION:
BB1PublicParameters_it 4786 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
BB1PublicParameters_it 4786 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -4871,4 +4871,61 @@ SM2_do_sign_ex 4818 1_1_0d EXIST::FUNCTION:
SOF_CreateTimeStampRequest 4819 1_1_0d EXIST::FUNCTION:
BN_GF2P_add 4820 1_1_0d EXIST::FUNCTION:
SM2_compute_key 4821 1_1_0d EXIST::FUNCTION:
BN_GFP2_add_bn 4822 1_1_0d EXIST::FUNCTION:
BN_GFP2_add_bn 4822 1_1_0d NOEXIST::FUNCTION:
SAF_EccVerifySignFile 4823 1_1_0d EXIST::FUNCTION:
SAF_EccSignFile 4824 1_1_0d EXIST::FUNCTION:
d2i_PaillierPublicKey 4825 1_1_0d EXIST::FUNCTION:
EVP_PKEY_get0_PAILLIER 4826 1_1_0d EXIST::FUNCTION:PAILLIER
PEM_write_bio_PAILLIER_PUBKEY 4827 1_1_0d EXIST::FUNCTION:PAILLIER
PEM_write_PAILLIERPublicKey 4828 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
EVP_PKEY_set1_PAILLIER 4829 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PaillierPrivateKey 4830 1_1_0d EXIST::FUNCTION:
PEM_write_bio_PAILLIERPrivateKey 4831 1_1_0d EXIST::FUNCTION:PAILLIER
EVP_PKEY_get1_PAILLIER 4832 1_1_0d EXIST::FUNCTION:PAILLIER
PEM_read_bio_PAILLIER_PUBKEY 4833 1_1_0d EXIST::FUNCTION:PAILLIER
d2i_PaillierPrivateKey 4834 1_1_0d EXIST::FUNCTION:
PEM_write_PAILLIERPrivateKey 4835 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
PEM_read_PAILLIERPrivateKey 4836 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
PEM_write_PAILLIER_PUBKEY 4837 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
PaillierPrivateKey_it 4838 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PaillierPrivateKey_it 4838 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
i2d_PaillierPublicKey 4839 1_1_0d EXIST::FUNCTION:
PEM_read_bio_PAILLIERPublicKey 4840 1_1_0d EXIST::FUNCTION:PAILLIER
PaillierPublicKey_it 4841 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
PaillierPublicKey_it 4841 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
PEM_read_PAILLIER_PUBKEY 4842 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
PEM_read_bio_PAILLIERPrivateKey 4843 1_1_0d EXIST::FUNCTION:PAILLIER
PEM_write_bio_PAILLIERPublicKey 4844 1_1_0d EXIST::FUNCTION:PAILLIER
PEM_read_PAILLIERPublicKey 4845 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
PAILLIER_up_ref 4846 1_1_0d EXIST::FUNCTION:
i2d_PAILLIER_PUBKEY 4847 1_1_0d EXIST::FUNCTION:PAILLIER
d2i_PaillierPublicKey_fp 4848 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
d2i_PaillierPrivateKey_bio 4849 1_1_0d EXIST::FUNCTION:PAILLIER
d2i_PAILLIER_PUBKEY 4850 1_1_0d EXIST::FUNCTION:PAILLIER
d2i_PaillierPrivateKey_fp 4851 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
d2i_PaillierPublicKey_bio 4852 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PaillierPublicKey_bio 4853 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PaillierPublicKey_fp 4854 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
d2i_PAILLIER_PUBKEY_fp 4855 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
i2d_PaillierPrivateKey_bio 4856 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PAILLIER_PUBKEY_fp 4857 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
d2i_PAILLIER_PUBKEY_bio 4858 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PAILLIER_PUBKEY_bio 4859 1_1_0d EXIST::FUNCTION:PAILLIER
i2d_PaillierPrivateKey_fp 4860 1_1_0d EXIST::FUNCTION:PAILLIER,STDIO
X509_NAMpaillierE_print_ex_fp 4861 1_1_0d EXIST::FUNCTION:STDIO
ERR_load_SM2_strings 4862 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_it 4863 1_1_0d EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
SM2CiphertextValue_it 4863 1_1_0d EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
i2d_SM2CiphertextValue 4864 1_1_0d EXIST::FUNCTION:
d2i_SM2CiphertextValue 4865 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_new 4866 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_free 4867 1_1_0d EXIST::FUNCTION:
ASN1_OCTET_STRING_is_zero 4868 1_1_0d EXIST::FUNCTION:SM2
SM2CiphertextValue_get_ECCCipher 4869 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_set_ECCCIPHERBLOB 4870 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_new_from_ECCCIPHERBLOB 4871 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_new_from_ECCCipher 4872 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_set_ECCCipher 4873 1_1_0d EXIST::FUNCTION:
SM2CiphertextValue_get_ECCCIPHERBLOB 4874 1_1_0d EXIST::FUNCTION:
ECIES_PARAMS_init_with_type 4875 1_1_0d EXIST::FUNCTION:
BN_GFP2_one 4876 1_1_0d EXIST::FUNCTION: