update

crypto/ecies/build.info

@@ -1,2 +1,2 @@
 LIBS=../../libcrypto
-SOURCE[../../libcrypto]=ecies_asn1.c ecies_lib.c ecies_gmssl.c
+SOURCE[../../libcrypto]=ecies_asn1.c ecies_lib.c

crypto/ecies/ecies_asn1.c

@@ -57,6 +57,7 @@
 #include <openssl/obj_mac.h>
 #include <openssl/kdf2.h>
 #include <openssl/ecies.h>
+#include "ecies_lcl.h"
 
 /*
  * From SEC 1, Version 1.9 Draft, 2008

crypto/ecies/ecies_gmssl.c

@@ -1,128 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2007 - 2017 The GmSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the GmSSL Project.
- *    (http://gmssl.org/)"
- *
- * 4. The name "GmSSL Project" must not be used to endorse or promote
- *    products derived from this software without prior written
- *    permission. For written permission, please contact
- *    guanzhi1980@gmail.com.
- *
- * 5. Products derived from this software may not be called "GmSSL"
- *    nor may "GmSSL" appear in their names without prior written
- *    permission of the GmSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the GmSSL Project
- *    (http://gmssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/rand.h>
-#include <openssl/ecies.h>
-
-static int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type)
-{
-			
-	return 0;
-}
-
-int gmssl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
-	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
-{
-	ECIES_CIPHERTEXT_VALUE *cv = NULL;
-	ECIES_PARAMS params;
-
-	if (!ECIES_PARAMS_init_with_type(&params, type)) {
-		return 0;
-	}
-
-	RAND_seed(in, inlen);
-	if (!(cv = ECIES_do_encrypt(&params, in, inlen, ec_key))) {
-		*outlen = 0;
-		return 0;
-	}
-
-	*outlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, &out);
-	ECIES_CIPHERTEXT_VALUE_free(cv);
-	return 1;
-}
-
-int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,
-	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
-{
-	ECIES_CIPHERTEXT_VALUE *cv = NULL;
-	ECIES_PARAMS params;
-	const unsigned char *cp = in;
-	unsigned char *der = NULL;
-	int derlen = -1;
-	int ret = -1;
-
-	if (!ECIES_PARAMS_init_with_type(&params, type)) {
-		return -1;
-	}
-
-	if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &cp, inlen))) {
-		return -1;
-	}
-
-	derlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, &der);
-	if (derlen != inlen || memcmp(in, der, derlen) != 0) {
-		goto end;
-	}
-
-	ret = ECIES_do_decrypt(&params, cv, out, outlen, ec_key);
-
-end:
-	OPENSSL_clear_free(der, derlen);
-	ECIES_CIPHERTEXT_VALUE_free(cv);
-	return ret;
-}
-
-ECIES_CIPHERTEXT_VALUE *gmssl_ecies_do_encrypt(int type, const unsigned char *in,
-                                              size_t inlen, EC_KEY *ec_key)
-{
-	ECIES_PARAMS param;
-	ECIES_PARAMS_init_with_recommended(&param);
-	return ECIES_do_encrypt(&param, in, inlen, ec_key);
-}
-
-int gmssl_ecies_do_decrypt(int type, const ECIES_CIPHERTEXT_VALUE *in,
-	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
-{
-	ECIES_PARAMS param;
-	ECIES_PARAMS_init_with_recommended(&param);
-	return ECIES_do_decrypt(&param, in, out, outlen, ec_key);
-}

crypto/ecies/ecies_lcl.h

@@ -50,6 +50,12 @@
 #include <string.h>
 #include <openssl/ecies.h>
 
+struct ecies_ciphertext_value_st {
+	ASN1_OCTET_STRING *ephem_point;
+	ASN1_OCTET_STRING *ciphertext;
+	ASN1_OCTET_STRING *mactag;
+};
+
 int gmssl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
 int gmssl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,

crypto/ecies/ecies_lib.c

@@ -60,9 +60,40 @@
 #include <openssl/kdf2.h>
 #include <openssl/ecies.h>
 #include "internal/o_str.h"
+#include "ecies_lcl.h"
 
 #define ECIES_ENC_RANDOM_IV	1
 
+int ECIES_PARAMS_init_with_type(ECIES_PARAMS *params, int type)
+{
+	if (!params) {
+		ECerr(EC_F_ECIES_PARAMS_INIT_WITH_TYPE, ERR_R_PASSED_NULL_PARAMETER);
+		return 0;
+	}
+
+	switch (type) {
+	case NID_ecies_with_x9_63_sha1_xor_hmac:
+		params->kdf_nid = NID_x9_63_kdf;
+		params->kdf_md = EVP_sha1();
+		params->enc_nid = NID_xor_in_ecies;
+		params->mac_nid = NID_hmac_full_ecies;
+		params->hmac_md = EVP_sha1();
+		break;
+	case NID_ecies_with_x9_63_sha256_xor_hmac:
+		params->kdf_nid = NID_x9_63_kdf;
+		params->kdf_md = EVP_sha256();
+		params->enc_nid = NID_xor_in_ecies;
+		params->mac_nid = NID_hmac_full_ecies;
+		params->hmac_md = EVP_sha256();
+		break;
+	default:
+		ECerr(EC_F_ECIES_PARAMS_INIT_WITH_TYPE, EC_R_INVALID_ECIES_PARAMS);
+		return 0;
+	}
+
+	return 1;
+}
+
 int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
 {
 	if (!param) {
@@ -80,37 +111,6 @@ int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param)
 	return 1;
 }
 
-ECIES_PARAMS *ECIES_PARAMS_new(void)
-{
-	ECIES_PARAMS *ret = NULL;
-
-	if (!(ret = OPENSSL_malloc(sizeof(*ret)))) {
-		return NULL;
-	}
-
-	ECIES_PARAMS_init_with_recommended(ret);
-	return ret;
-}
-
-ECIES_PARAMS *ECIES_PARAMS_dup(const ECIES_PARAMS *param)
-{
-	ECIES_PARAMS *ret = NULL;
-
-	if (!(ret = OPENSSL_zalloc(sizeof(*ret)))) {
-		return NULL;
-	}
-
-	/* check param */
-
-	memcpy(ret, param, sizeof(*param));
-	return ret;
-}
-
-void ECIES_PARAMS_free(ECIES_PARAMS *param)
-{
-	OPENSSL_free(param);
-}
-
 KDF_FUNC ECIES_PARAMS_get_kdf(const ECIES_PARAMS *param)
 {
 	if (!param || !param->kdf_md) {
@@ -650,16 +650,22 @@ end:
 	return ret;
 }
 
-int ECIES_encrypt(const ECIES_PARAMS *param,
-	const unsigned char *in, size_t inlen,
+int ECIES_encrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	int ret = 0;
+	ECIES_PARAMS param;
 	ECIES_CIPHERTEXT_VALUE *cv = NULL;
 	unsigned char *p = out;
 	int len;
 
-	if (!(cv = ECIES_do_encrypt(param, in, inlen, ec_key))) {
+	if (!ECIES_PARAMS_init_with_type(&param, type)) {
+		ECerr(EC_F_ECIES_ENCRYPT, EC_R_INVALID_ENC_PARAM);
+		return 0;
+	}
+
+	RAND_seed(in, inlen);
+	if (!(cv = ECIES_do_encrypt(&param, in, inlen, ec_key))) {
 		ECerr(EC_F_ECIES_ENCRYPT, EC_R_ENCRYPT_FAILED);
 		return 0;
 	}
@@ -694,22 +700,40 @@ end:
 	return ret;
 }
 
-
-int ECIES_decrypt(const ECIES_PARAMS *param,
-	const unsigned char *in, size_t inlen,
+int ECIES_decrypt(int type, const unsigned char *in, size_t inlen,
 	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	int ret = 0;
+	ECIES_PARAMS param;
 	ECIES_CIPHERTEXT_VALUE *cv = NULL;
-	const unsigned char *p = in;
 
-	if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &p, (long)inlen))) {
-		ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILED);
+	if (!in) {
+		ECerr(EC_F_ECIES_DECRYPT, ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
 
-	if (!ECIES_do_decrypt(param, cv, out, outlen, ec_key)) {
-		ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILED);
+	if (inlen <= 0 || inlen > INT_MAX) {
+		ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_INPUT_LENGTH);
+		return 0;
+	}
+
+	if (!ECIES_PARAMS_init_with_type(&param, type)) {
+		ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ENC_PARAM);
+		return 0;
+	}
+
+	if (!(cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &in, (long)inlen))) {
+		ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ECIES_CIPHERTEXT);
+		return 0;
+	}
+
+	if (inlen != i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL)) {
+		ECerr(EC_F_ECIES_DECRYPT, EC_R_INVALID_ECIES_CIPHERTEXT);
+		goto end;
+	}
+
+	if (!ECIES_do_decrypt(&param, cv, out, outlen, ec_key)) {
+		ECerr(EC_F_ECIES_DECRYPT, EC_R_ENCRYPT_FAILURE);
 		goto end;
 	}
 
@@ -718,21 +742,3 @@ end:
 	ECIES_CIPHERTEXT_VALUE_free(cv);
 	return ret;
 }
-
-
-int ECIES_encrypt_with_recommended(const unsigned char *in, size_t inlen,
-	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
-{
-	ECIES_PARAMS param;
-	ECIES_PARAMS_init_with_recommended(&param);
-	return ECIES_encrypt(&param, in, inlen, out, outlen, ec_key);
-}
-
-int ECIES_decrypt_with_recommended(const unsigned char *in, size_t inlen,
-	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
-{
-	ECIES_PARAMS param;
-	ECIES_PARAMS_init_with_recommended(&param);
-	return ECIES_decrypt(&param, in, inlen, out, outlen, ec_key);
-}
-