mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-23 00:36:28 +08:00
update
This commit is contained in:
Zhi Guan
@@ -45,6 +45,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
|
||||
{ERR_FUNC(EC_F_ECIES_PARAMS_GET_MAC), "ECIES_PARAMS_get_mac"},
|
||||
{ERR_FUNC(EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED),
|
||||
"ECIES_PARAMS_init_with_recommended"},
|
||||
{ERR_FUNC(EC_F_ECIES_PARAMS_INIT_WITH_TYPE),
|
||||
"ECIES_PARAMS_init_with_type"},
|
||||
{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "eckey_param2type"},
|
||||
{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "eckey_param_decode"},
|
||||
{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "eckey_priv_decode"},
|
||||
@@ -244,8 +246,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
|
||||
{ERR_FUNC(EC_F_SM2_DECRYPT), "SM2_decrypt"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_DECRYPT), "SM2_do_decrypt"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_ENCRYPT), "SM2_do_encrypt"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_SIGN), "sm2_do_sign"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_VERIFY), "sm2_do_verify"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_SIGN), "SM2_do_sign"},
|
||||
{ERR_FUNC(EC_F_SM2_DO_VERIFY), "SM2_do_verify"},
|
||||
{ERR_FUNC(EC_F_SM2_ENCRYPT), "SM2_encrypt"},
|
||||
{ERR_FUNC(EC_F_SM2_ENC_PARAMS_DUP), "SM2_ENC_PARAMS_dup"},
|
||||
{ERR_FUNC(EC_F_SM2_ENC_PARAMS_INIT_WITH_RECOMMENDED),
|
||||
@@ -257,7 +259,7 @@ static ERR_STRING_DATA EC_str_functs[] = {
|
||||
{ERR_FUNC(EC_F_SM2_KAP_CTX_INIT), "SM2_KAP_CTX_init"},
|
||||
{ERR_FUNC(EC_F_SM2_KAP_FINAL_CHECK), "SM2_KAP_final_check"},
|
||||
{ERR_FUNC(EC_F_SM2_KAP_PREPARE), "SM2_KAP_prepare"},
|
||||
{ERR_FUNC(EC_F_SM2_SIGN_SETUP), "sm2_sign_setup"},
|
||||
{ERR_FUNC(EC_F_SM2_SIGN_SETUP), "SM2_sign_setup"},
|
||||
{ERR_FUNC(EC_F_TYPE1CURVE_EVAL_LINE_TEXTBOOK),
|
||||
"type1curve_eval_line_textbook"},
|
||||
{ERR_FUNC(EC_F_TYPE1CURVE_EVAL_MILLER_TEXTBOOK),
|
||||
@@ -299,6 +301,7 @@ static ERR_STRING_DATA EC_str_reasons[] = {
|
||||
{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
|
||||
"ec group new by name failure"},
|
||||
{ERR_REASON(EC_R_ENCRYPT_FAILED), "encrypt failed"},
|
||||
{ERR_REASON(EC_R_ENCRYPT_FAILURE), "encrypt failure"},
|
||||
{ERR_REASON(EC_R_ERROR), "error"},
|
||||
{ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
|
||||
{ERR_REASON(EC_R_GEN_MAC_FAILED), "gen mac failed"},
|
||||
@@ -326,13 +329,16 @@ static ERR_STRING_DATA EC_str_reasons[] = {
|
||||
{ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
|
||||
{ERR_REASON(EC_R_INVALID_ECIES_CIPHERTEXT), "invalid ecies ciphertext"},
|
||||
{ERR_REASON(EC_R_INVALID_ECIES_PARAMETERS), "invalid ecies parameters"},
|
||||
{ERR_REASON(EC_R_INVALID_ECIES_PARAMS), "invalid ecies params"},
|
||||
{ERR_REASON(EC_R_INVALID_EC_KEY), "invalid ec key"},
|
||||
{ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
|
||||
{ERR_REASON(EC_R_INVALID_ENC_PARAM), "invalid enc param"},
|
||||
{ERR_REASON(EC_R_INVALID_ENC_TYPE), "invalid enc type"},
|
||||
{ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
|
||||
{ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
|
||||
{ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
|
||||
{ERR_REASON(EC_R_INVALID_ID_LENGTH), "invalid id length"},
|
||||
{ERR_REASON(EC_R_INVALID_INPUT_LENGTH), "invalid input length"},
|
||||
{ERR_REASON(EC_R_INVALID_KDF_MD), "invalid kdf md"},
|
||||
{ERR_REASON(EC_R_INVALID_KEY), "invalid key"},
|
||||
{ERR_REASON(EC_R_INVALID_MD), "invalid md"},
|
||||
|
||||
@@ -28,10 +28,10 @@ static const EC_KEY_METHOD openssl_ec_key_method = {
|
||||
ossl_ecdsa_verify,
|
||||
ossl_ecdsa_verify_sig,
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
gmssl_ecies_encrypt,
|
||||
gmssl_ecies_do_encrypt,
|
||||
gmssl_ecies_decrypt,
|
||||
gmssl_ecies_do_decrypt,
|
||||
ECIES_encrypt,
|
||||
NULL,
|
||||
ECIES_decrypt,
|
||||
NULL,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
@@ -41,13 +41,9 @@ typedef struct {
|
||||
size_t kdf_outlen;
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
int sign_type;
|
||||
int exch_type;
|
||||
int enc_type;
|
||||
int dh_type;
|
||||
union {
|
||||
void *ptr;
|
||||
ECIES_PARAMS *ecies;
|
||||
SM2_ENC_PARAMS *sm2;
|
||||
} enc_param;
|
||||
int enc_param;
|
||||
#endif
|
||||
} EC_PKEY_CTX;
|
||||
|
||||
@@ -63,9 +59,9 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
|
||||
dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE;
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
dctx->sign_type = NID_secg_scheme;
|
||||
dctx->exch_type = NID_secg_scheme;
|
||||
dctx->enc_type = NID_secg_scheme;
|
||||
dctx->dh_type = NID_secg_scheme;
|
||||
dctx->enc_param.ptr = NULL;
|
||||
dctx->enc_param = NID_undef;
|
||||
#endif
|
||||
ctx->data = dctx;
|
||||
return 1;
|
||||
@@ -102,23 +98,9 @@ static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
|
||||
dctx->kdf_ukmlen = sctx->kdf_ukmlen;
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
dctx->sign_type = sctx->sign_type;
|
||||
dctx->exch_type = sctx->exch_type;
|
||||
dctx->enc_type = sctx->enc_type;
|
||||
dctx->dh_type = sctx->dh_type;
|
||||
if (sctx->enc_param.ptr) {
|
||||
if (sctx->enc_type == NID_secg_scheme) {
|
||||
dctx->enc_param.ecies = ECIES_PARAMS_dup(sctx->enc_param.ecies);
|
||||
if (!dctx->enc_param.ecies) {
|
||||
return 0;
|
||||
}
|
||||
} else if (sctx->enc_type == NID_sm_scheme) {
|
||||
dctx->enc_param.sm2 = SM2_ENC_PARAMS_dup(sctx->enc_param.sm2);
|
||||
if (!dctx->enc_param.sm2) {
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
dctx->enc_param = sctx->enc_param;
|
||||
#endif
|
||||
return 1;
|
||||
}
|
||||
@@ -130,18 +112,6 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
|
||||
EC_GROUP_free(dctx->gen_group);
|
||||
EC_KEY_free(dctx->co_key);
|
||||
OPENSSL_free(dctx->kdf_ukm);
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
if (dctx->enc_param.ptr) {
|
||||
if (dctx->enc_type == NID_secg_scheme) {
|
||||
ECIES_PARAMS_free(dctx->enc_param.ecies);
|
||||
} else if (dctx->enc_type == NID_sm_scheme) {
|
||||
SM2_ENC_PARAMS_free(dctx->enc_param.sm2);
|
||||
} else {
|
||||
/* this should not happen */
|
||||
OPENSSL_free(dctx->enc_param.ptr);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
OPENSSL_free(dctx);
|
||||
}
|
||||
}
|
||||
@@ -214,33 +184,17 @@ static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
|
||||
|
||||
switch (dctx->enc_type) {
|
||||
case NID_sm_scheme:
|
||||
if (dctx->enc_param.sm2) {
|
||||
if (!SM2_encrypt(dctx->enc_param.sm2, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
if (!SM2_encrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_WITH_RECOMMENDED_FAILED);
|
||||
return 0;
|
||||
}
|
||||
if (!SM2_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_SM2_ENCRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
|
||||
case NID_secg_scheme:
|
||||
if (dctx->enc_param.ecies) {
|
||||
if (!ECIES_encrypt(dctx->enc_param.ecies, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
if (!ECIES_encrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_WITH_RECOMMENDED_FAILED);
|
||||
return 0;
|
||||
}
|
||||
if (!ECIES_encrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_ECIES_ENCRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
ECerr(EC_F_PKEY_EC_ENCRYPT, EC_R_INVALID_ENC_TYPE);
|
||||
return 0;
|
||||
@@ -257,30 +211,15 @@ static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
|
||||
|
||||
switch (dctx->enc_type) {
|
||||
case NID_sm_scheme:
|
||||
if (dctx->enc_param.sm2) {
|
||||
if (!SM2_decrypt(dctx->enc_param.sm2, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
if (!SM2_decrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_WITH_RECOMMENDED_FAILED);
|
||||
return 0;
|
||||
}
|
||||
if (!SM2_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_SM2_DECRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
|
||||
case NID_secg_scheme:
|
||||
if (dctx->enc_param.ecies) {
|
||||
if (!ECIES_decrypt(dctx->enc_param.ecies, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
if (!ECIES_decrypt_with_recommended(in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_WITH_RECOMMENDED_FAILED);
|
||||
return 0;
|
||||
}
|
||||
if (!ECIES_decrypt(dctx->enc_param, in, inlen, out, outlen, ec_key)) {
|
||||
ECerr(EC_F_PKEY_EC_DECRYPT, EC_R_ECIES_DECRYPT_FAILED);
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
|
||||
@@ -325,7 +264,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
|
||||
outlen = *keylen;
|
||||
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
if (dctx->dh_type == NID_sm_scheme)
|
||||
if (dctx->exch_type == NID_sm_scheme)
|
||||
ret = SM2_compute_key(key, outlen, pubkey, eckey, 0);
|
||||
else
|
||||
#endif
|
||||
@@ -465,14 +404,14 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
|
||||
|
||||
case EVP_PKEY_CTRL_EC_DH_TYPE:
|
||||
if (p1 == -2)
|
||||
return dctx->dh_type;
|
||||
return dctx->exch_type;
|
||||
if (p1 != NID_secg_scheme && p1 != NID_sm_scheme)
|
||||
return -2;
|
||||
dctx->dh_type = p1;
|
||||
dctx->exch_type = p1;
|
||||
return 1;
|
||||
|
||||
case EVP_PKEY_CTRL_GET_EC_DH_TYPE:
|
||||
*(int *)p2 = dctx->dh_type;
|
||||
*(int *)p2 = dctx->exch_type;
|
||||
return 1;
|
||||
#endif
|
||||
|
||||
@@ -556,6 +495,7 @@ static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
|
||||
}
|
||||
return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
|
||||
#ifndef OPENSSL_NO_SM2
|
||||
} else if (!strcmp(type, "signer")) {
|
||||
} else if (!strcmp(type, "ec_sign_algor")) {
|
||||
int sign_type;
|
||||
if (!strcmp(value, "ecdsa"))
|
||||
|
||||
Reference in New Issue
Block a user