abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-14 12:26:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Zhi Guan
2017-04-14 15:31:35 +08:00
parent 7fa961cd6f
commit eb21e9d572
76 changed files with 3249 additions and 2961 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/openssl/asn1.h
View File

@@ -597,6 +597,9 @@ int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
int len);
#ifndef OPENSSL_NO_SM2
int ASN1_OCTET_STRING_is_zero(const ASN1_OCTET_STRING *a);
#endif
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)

1
include/openssl/bn.h
View File

@@ -534,6 +534,7 @@ int ERR_load_BN_strings(void);
# define BN_F_BN_GFP2_CMP 149
# define BN_F_BN_GFP2_COPY 150
# define BN_F_BN_GFP2_DIV_BN 151
# define BN_F_BN_GFP2_EQU 162
# define BN_F_BN_GFP2_INV 152
# define BN_F_BN_GFP2_IS_ZERO 153
# define BN_F_BN_GFP2_MUL 154

10
include/openssl/bn_gfp2.h
View File

@@ -63,7 +63,9 @@ typedef struct {
} BN_GFP2;
BN_GFP2 *BN_GFP2_new(void);
void BN_GFP2_free(BN_GFP2 *a);
int BN_GFP2_copy(BN_GFP2 *r, const BN_GFP2 *a);
int BN_GFP2_one(BN_GFP2 *a);
int BN_GFP2_zero(BN_GFP2 *a);
int BN_GFP2_is_zero(const BN_GFP2 *a);
int BN_GFP2_equ(const BN_GFP2 *a, const BN_GFP2 *b);
@@ -79,15 +81,8 @@ int BN_GF2P_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *
int BN_GFP2_sub_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_mul_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_div_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
void BN_GFP2_free(BN_GFP2 *a);
int BN_GFP2_add_bn(BN_GFP2 *r, const BN_GFP2 *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx);
int BN_bn2gfp2(const BIGNUM *bn, BN_GFP2 *gfp2, const BIGNUM *p, BN_CTX *ctx);
int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx);
/*
* Canonical a = a0 + a1 * i
* If order is 0 then output a0, a1, else output a1, a0, |a0| = |a1| = |p|.
@@ -95,7 +90,6 @@ int BN_gfp22bn(const BN_GFP2 *gfp2, BIGNUM *bn, const BIGNUM *p, BN_CTX *ctx);
int BN_GFP2_canonical(const BN_GFP2 *a, unsigned char *out, size_t *outlen,
int order, const BIGNUM *p, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif

21
include/openssl/cpk.h
View File

@@ -74,28 +74,21 @@ int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index);
int CPK_MAP_print(BIO *out, X509_ALGOR *map, int indent, unsigned long flags);
typedef struct cpk_master_secret_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *secret_factors;
} CPK_MASTER_SECRET;
typedef struct cpk_master_secret_st CPK_MASTER_SECRET;
DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET)
typedef struct cpk_public_params_st {
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *public_factors;
} CPK_PUBLIC_PARAMS;
typedef struct cpk_public_params_st CPK_PUBLIC_PARAMS;
DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS)
//CPK_MASTER_SECERT *CPK_MASTER_SECRET_new(const char *domain, const EC_GROUP *group, int map_algor);
CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, EVP_PKEY *pkey, X509_ALGOR *map_algor);
CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master);
EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id);
EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id);
int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params,
void *out, size_t outlen, const char *id, EVP_PKEY *priv_key,
void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen));

46
include/openssl/ec.h
View File

@@ -1342,39 +1342,6 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
# ifndef OPENSSL_NO_SM2
# define EVP_PKEY_CTX_set_ec_sign_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_sign_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set_ec_enc_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_enc_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set_ec_dh_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, type, NULL)
# define EVP_PKEY_CTX_get_ec_dh_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, -2, NULL);
# endif
# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
@@ -1390,14 +1357,6 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
# define EVP_PKEY_ECDH_KDF_NONE 1
# define EVP_PKEY_ECDH_KDF_X9_62 2
# ifndef OPENSSL_NO_SM2
# define EVP_PKEY_CTRL_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 11)
# define EVP_PKEY_CTRL_GET_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 12)
# define EVP_PKEY_CTRL_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 13)
# define EVP_PKEY_CTRL_GET_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 14)
# define EVP_PKEY_CTRL_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 15)
# define EVP_PKEY_CTRL_GET_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 16)
# endif
/* BEGIN ERROR CODES */
/*
@@ -1435,6 +1394,7 @@ int ERR_load_EC_strings(void);
# define EC_F_ECIES_PARAMS_GET_KDF 276
# define EC_F_ECIES_PARAMS_GET_MAC 277
# define EC_F_ECIES_PARAMS_INIT_WITH_RECOMMENDED 278
# define EC_F_ECIES_PARAMS_INIT_WITH_TYPE 320
# define EC_F_ECKEY_PARAM2TYPE 223
# define EC_F_ECKEY_PARAM_DECODE 212
# define EC_F_ECKEY_PRIV_DECODE 213
@@ -1632,6 +1592,7 @@ int ERR_load_EC_strings(void);
# define EC_R_ECIES_VERIFY_MAC_FAILURE 167
# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
# define EC_R_ENCRYPT_FAILED 168
# define EC_R_ENCRYPT_FAILURE 206
# define EC_R_ERROR 174
# define EC_R_FIELD_TOO_LARGE 143
# define EC_R_GEN_MAC_FAILED 169
@@ -1654,13 +1615,16 @@ int ERR_load_EC_strings(void);
# define EC_R_INVALID_DIGEST_TYPE 138
# define EC_R_INVALID_ECIES_CIPHERTEXT 171
# define EC_R_INVALID_ECIES_PARAMETERS 172
# define EC_R_INVALID_ECIES_PARAMS 207
# define EC_R_INVALID_EC_KEY 180
# define EC_R_INVALID_ENCODING 102
# define EC_R_INVALID_ENC_PARAM 208
# define EC_R_INVALID_ENC_TYPE 200
# define EC_R_INVALID_FIELD 103
# define EC_R_INVALID_FORM 104
# define EC_R_INVALID_GROUP_ORDER 122
# define EC_R_INVALID_ID_LENGTH 181
# define EC_R_INVALID_INPUT_LENGTH 209
# define EC_R_INVALID_KDF_MD 182
# define EC_R_INVALID_KEY 116
# define EC_R_INVALID_MD 205

35
include/openssl/ecies.h
View File

@@ -46,11 +46,6 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* Ellitpic Curve Integrated Encryption Scheme (ECIES)
* see http://www.secg.org/sec1-v2.pdf (section 5)
* SEC1: Elliptic Curve Cryptography version 2.0
*/
#ifndef HEADER_ECIES_H
#define HEADER_ECIES_H
@@ -61,6 +56,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/kdf2.h>
#include <openssl/objects.h>
#ifdef __cplusplus
extern "C" {
@@ -71,6 +67,11 @@ ECIESAlgorithmSet ALGORITHM ::= {
{OID ecies-recommendedParameters} |
{OID ecies-specifiedParameters PARMS ECIESParameters},
... -- Future combinations may be added
{OID ecies-with-x9-63-sha1-aes128-cbc-hmac}
{OID ecies-with-x9-63-sha256-aes128-cbc-hmac}
{OID ecies-with-x9-63-sha256-aes192-cbc-hmac}
{OID ecies-with-x9-63-sha512-aes256-cbc-hmac}
{OID ecies-with-x9-63-sha256-xor-hmac}
}
*/
@@ -119,6 +120,7 @@ typedef struct ecies_params_st {
ECIES_PARAMS *ECIES_PARAMS_new(void);
int ECIES_PARAMS_init_with_recommended(ECIES_PARAMS *param);
int ECIES_PARAMS_init_with_type(ECIES_PARAMS *param, int type);
ECIES_PARAMS *ECIES_PARAMS_dup(const ECIES_PARAMS *param);
KDF_FUNC ECIES_PARAMS_get_kdf(const ECIES_PARAMS *param);
int ECIES_PARAMS_get_enc(const ECIES_PARAMS *param, size_t inlen,
@@ -132,13 +134,7 @@ int i2d_ECIESParameters(const ECIES_PARAMS *param, unsigned char **out);
ECIES_PARAMS *d2i_ECIESParameters(ECIES_PARAMS **param,
const unsigned char **in, long len);
typedef struct ecies_ciphertext_value_st {
ASN1_OCTET_STRING *ephem_point;
ASN1_OCTET_STRING *ciphertext;
ASN1_OCTET_STRING *mactag;
} ECIES_CIPHERTEXT_VALUE;
typedef struct ecies_ciphertext_value_st ECIES_CIPHERTEXT_VALUE;
DECLARE_ASN1_FUNCTIONS(ECIES_CIPHERTEXT_VALUE)
@@ -146,17 +142,14 @@ ECIES_CIPHERTEXT_VALUE *ECIES_do_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int ECIES_do_decrypt(const ECIES_PARAMS *param, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_encrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
int ECIES_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_decrypt(const ECIES_PARAMS *param,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int ECIES_decrypt_with_recommended(const unsigned char *in, size_t inlen,
int ECIES_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
#define ECIES_encrypt_with_recommended(in,inlen,out,outlen,ec_key) \
ECIES_encrypt(NID_ecies_with_x9_63_sha256_xor_hmac,in,inlen,out,outlen,ec_key)
#define ECIES_decrypt_with_recommended(in,inlen,out,outlen,ec_key) \
ECIES_decrypt(NID_ecies_with_x9_63_sha256_xor_hmac,in,inlen,out,outlen,ec_key)
#ifdef __cplusplus

3
include/openssl/err.h
View File

@@ -101,6 +101,7 @@ typedef struct err_state_st {
# define ERR_LIB_GMAPI 58
# define ERR_LIB_BFIBE 59
# define ERR_LIB_BB1IBE 60
# define ERR_LIB_SM2 66
# define ERR_LIB_SM9 61
# define ERR_LIB_SAF 62
# define ERR_LIB_SDF 63
@@ -152,6 +153,7 @@ typedef struct err_state_st {
# define GMAPIerr(f,r) ERR_PUT_error(ERR_LIB_GMAPI,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BFIBEerr(f,r) ERR_PUT_error(ERR_LIB_BFIBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define BB1IBEerr(f,r) ERR_PUT_error(ERR_LIB_BB1IBE,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM2err(f,r) ERR_PUT_error(ERR_LIB_SM2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SM9err(f,r) ERR_PUT_error(ERR_LIB_SM9,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SAFerr(f,r) ERR_PUT_error(ERR_LIB_SAF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
# define SDFerr(f,r) ERR_PUT_error(ERR_LIB_SDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
@@ -212,6 +214,7 @@ typedef struct err_state_st {
# define ERR_R_GMAPI_LIB ERR_LIB_GMAPI/* 58 */
# define ERR_R_BFIBE_LIB ERR_LIB_BFIBE/* 59 */
# define ERR_R_BB1IBE_LIB ERR_LIB_BB1IBE/* 60 */
# define ERR_R_SM2_LIB ERR_LIB_SM2/* 66 */
# define ERR_R_SM9_LIB ERR_LIB_SM9/* 61 */
# define ERR_R_SAF_LIB ERR_LIB_SAF/* 62 */
# define ERR_R_SDF_LIB ERR_LIB_SDF/* 63 */

18
include/openssl/gmapi.h
View File

@@ -91,9 +91,9 @@ int EC_KEY_set_ECCrefPublicKey(EC_KEY *ec_key, const ECCrefPublicKey *ref);
int EC_KEY_set_ECCrefPrivateKey(EC_KEY *ec_key, const ECCrefPrivateKey *ref);
int EC_KEY_get_ECCrefPublicKey(EC_KEY *ec_key, ECCrefPublicKey *ref);
int EC_KEY_get_ECCrefPrivateKey(EC_KEY *ec_key, ECCrefPrivateKey *ref);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCipher(const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_set_ECCCipher(SM2_CIPHERTEXT_VALUE *cv, const ECCCipher *ref);
int SM2_CIPHERTEXT_VALUE_get_ECCCipher(const SM2_CIPHERTEXT_VALUE *cv, ECCCipher *ref);
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCipher(const ECCCipher *ref);
int SM2CiphertextValue_set_ECCCipher(SM2CiphertextValue *cv, const ECCCipher *ref);
int SM2CiphertextValue_get_ECCCipher(const SM2CiphertextValue *cv, ECCCipher *ref);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSignature(const ECCSignature *ref);
int ECDSA_SIG_set_ECCSignature(ECDSA_SIG *sig, const ECCSignature *ref);
int ECDSA_SIG_get_ECCSignature(const ECDSA_SIG *sig, ECCSignature *ref);
@@ -111,9 +111,9 @@ int EC_KEY_set_ECCPUBLICKEYBLOB(EC_KEY *ec_key, const ECCPUBLICKEYBLOB *blob);
int EC_KEY_get_ECCPUBLICKEYBLOB(EC_KEY *ec_key, ECCPUBLICKEYBLOB *blob);
int EC_KEY_set_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, const ECCPRIVATEKEYBLOB *blob);
int EC_KEY_get_ECCPRIVATEKEYBLOB(EC_KEY *ec_key, ECCPRIVATEKEYBLOB *blob);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_set_ECCCIPHERBLOB(SM2_CIPHERTEXT_VALUE *cv, const ECCCIPHERBLOB *blob);
int SM2_CIPHERTEXT_VALUE_get_ECCCIPHERBLOB(const SM2_CIPHERTEXT_VALUE *cv, ECCCIPHERBLOB *blob);
SM2CiphertextValue *SM2CiphertextValue_new_from_ECCCIPHERBLOB(const ECCCIPHERBLOB *blob);
int SM2CiphertextValue_set_ECCCIPHERBLOB(SM2CiphertextValue *cv, const ECCCIPHERBLOB *blob);
int SM2CiphertextValue_get_ECCCIPHERBLOB(const SM2CiphertextValue *cv, ECCCIPHERBLOB *blob);
ECDSA_SIG *ECDSA_SIG_new_from_ECCSIGNATUREBLOB(const ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_get_ECCSIGNATUREBLOB(const ECDSA_SIG *sig, ECCSIGNATUREBLOB *blob);
int ECDSA_SIG_set_ECCSIGNATUREBLOB(ECDSA_SIG *sig, const ECCSIGNATUREBLOB *blob);
@@ -217,6 +217,12 @@ int ERR_load_GMAPI_strings(void);
# define GMAPI_F_SKF_MACINIT 184
# define GMAPI_F_SKF_MACUPDATE 185
# define GMAPI_F_SKF_SETSYMMKEY 186
# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHER 193
# define GMAPI_F_SM2CIPHERTEXTVALUE_GET_ECCCIPHERBLOB 194
# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHER 195
# define GMAPI_F_SM2CIPHERTEXTVALUE_NEW_FROM_ECCCIPHERBLOB 196
# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHER 197
# define GMAPI_F_SM2CIPHERTEXTVALUE_SET_ECCCIPHERBLOB 198
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHER 187
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_GET_ECCCIPHERBLOB 188
# define GMAPI_F_SM2_CIPHERTEXT_VALUE_NEW_FROM_ECCCIPHER 189

104
include/openssl/gmtls.h Normal file
View File

@@ -0,0 +1,104 @@
#ifndef HEADER_GMTLS_H
#define HEADER_GMTLS_H
#ifdef __cplusplus
extern "C" {
#endif
/* version */
# define GMTLS_VERSION 0x0101
# define GMTLS_VERSION_MAJOR 0x01
# define GMTLS_VERSOIN_MINOR 0x01
/* SSLVPN ciphersuites from GM/T 0024-2014 Table 2 */
# define GMTLS_CK_ECDHE_SM1_SM3 0x0300E001
# define GMTLS_CK_ECC_SM1_SM3 0x0300E003
# define GMTLS_CK_IBSDH_SM1_SM3 0x0300E005
# define GMTLS_CK_IBC_SM1_SM3 0x0300E007
# define GMTLS_CK_RSA_SM1_SM3 0x0300E009
# define GMTLS_CK_RSA_SM1_SHA1 0x0300E00A
# define GMTLS_CK_ECDHE_SM4_SM3 0x0300E011
# define GMTLS_CK_ECC_SM4_SM3 0x0300E013
# define GMTLS_CK_IBSDH_SM4_SM3 0x0300E015
# define GMTLS_CK_IBC_SM4_SM3 0x0300E017
# define GMTLS_CK_RSA_SM4_SM3 0x0300E019
# define GMTLS_CK_RSA_SM4_SHA1 0x0300E01A
/* PSK ciphersuites with NULL cipher */
# define GMTLS_CK_PSK_WITH_NULL_SM3
# define GMTLS_CK_DHE_PSK_WITH_NULL_SM3 0x0300F104
# define GMTLS_CK_RSA_PSK_WITH_NULL_SM3 0x0300F108
# define GMTLS_CK_SM2_PSK_WITH_NULL_SM3 0x0300F108
# define GMTLS_CK_ECDHE_PSK_WITH_NULL_SM3 0x0300F108
/* PSK ciphersuits with SMS4 */
# define GMTLS_CK_PSK_WITH_SMS4_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SMS4_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SMS4_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SMS4_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SMS4_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SMS4_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SMS4_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SMS4_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SMS4_CCM_SM3 0x0300F10B
# define GMTLS_CK_ECC_PSK_WITH_SMS4_CBC_SM3 0x0300F109
# define GMTLS_CK_ECC_PSK_WITH_SMS4_GCM_SM3 0x0300F10A
# define GMTLS_CK_ECC_PSK_WITH_SMS4_CCM_SM3 0x0300F10B
# define GMTLS_CK_PSK_WITH_SM1_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SM1_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SM1_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SM1_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SM1_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SM1_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SM1_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SM1_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SM1_CCM_SM3 0x0300F10B
# define GMTLS_CK_PSK_WITH_SSF33_CBC_SM3 0x0300F101
# define GMTLS_CK_PSK_WITH_SSF33_GCM_SM3 0x0300F102
# define GMTLS_CK_PSK_WITH_SSF33_CCM_SM3 0x0300F103
# define GMTLS_CK_DHE_PSK_WITH_SSF33_CBC_SM3 0x0300F105
# define GMTLS_CK_DHE_PSK_WITH_SSF33_GCM_SM3 0x0300F106
# define GMTLS_CK_DHE_PSK_WITH_SSF33_CCM_SM3 0x0300F107
# define GMTLS_CK_RSA_PSK_WITH_SSF33_CBC_SM3 0x0300F109
# define GMTLS_CK_RSA_PSK_WITH_SSF33_GCM_SM3 0x0300F10A
# define GMTLS_CK_RSA_PSK_WITH_SSF33_CCM_SM3 0x0300F10B
/* SRP ciphersuites */
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CBC_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_GCM_SM3
# define GMTLS_CK_SRP_SM3_WITH_SMS4_CCM_SM3
# define TLS_CT_SM2_SIGN 240
# define TLS_CT_SM2_FIXED_ECDH 241
/* from GM/T 0024-2014 Table 1 */
#define GMTLS_AD_UNSUPPORTED_SITE2SITE 200 /* fatal */
#define GMTLS_AD_NO_AREA 201
#define GMTLS_AD_UNSUPPORTED_AREATYPE 202
#define GMTLS_AD_BAD_IBCPARAM 203 /* fatal */
#define GMTLS_AD_UNSUPPORTED_IBCPARAM 204 /* fatal */
#define GMTLS_AD_IDENTITY_NEED 205 /* fatal */
/* SSL_MAX_DIGEST in ssl_locl.h should be update */
#define GM1_PRF_SM3 (SSL_HANDSHAKE_MAC_SM3 << TLS1_PRF_DGST_SHIFT)
#ifdef __cplusplus
}
#endif
#endif

141
include/openssl/obj_mac.h
View File

@@ -4548,6 +4548,10 @@
#define LN_kx_gost "kx-gost"
#define NID_kx_gost 1045
#define SN_kx_sm2 "KxSM2"
#define LN_kx_sm2 "kx-sm2"
#define NID_kx_sm2 1186
#define SN_auth_rsa "AuthRSA"
#define LN_auth_rsa "auth-rsa"
#define NID_auth_rsa 1046
@@ -4580,6 +4584,10 @@
#define LN_auth_null "auth-null"
#define NID_auth_null 1053
#define SN_auth_sm2 "AuthSM2"
#define LN_auth_sm2 "auth-sm2"
#define NID_auth_sm2 1187
#define SN_ecies_recommendedParameters "ecies-recommendedParameters"
#define NID_ecies_recommendedParameters 1063
#define OBJ_ecies_recommendedParameters OBJ_secg_scheme,7L
@@ -4656,6 +4664,74 @@
#define NID_cmac_aes256_ecies 1081
#define OBJ_cmac_aes256_ecies OBJ_secg_scheme,24L,2L
#define SN_ecies_with_x9_63_sha1_xor_hmac "ecies-with-x9-63-sha1-xor-hmac"
#define NID_ecies_with_x9_63_sha1_xor_hmac 1169
#define OBJ_ecies_with_x9_63_sha1_xor_hmac OBJ_ecies_specifiedParameters,1L
#define SN_ecies_with_x9_63_sha256_xor_hmac "ecies-with-x9-63-sha256-xor-hmac"
#define NID_ecies_with_x9_63_sha256_xor_hmac 1170
#define OBJ_ecies_with_x9_63_sha256_xor_hmac OBJ_ecies_specifiedParameters,2L
#define SN_ecies_with_x9_63_sha512_xor_hmac "ecies-with-x9-63-sha512-xor-hmac"
#define NID_ecies_with_x9_63_sha512_xor_hmac 1171
#define OBJ_ecies_with_x9_63_sha512_xor_hmac OBJ_ecies_specifiedParameters,3L
#define SN_ecies_with_x9_63_sha1_aes128_cbc_hmac "ecies-with-x9-63-sha1-aes128-cbc-hmac"
#define NID_ecies_with_x9_63_sha1_aes128_cbc_hmac 1172
#define OBJ_ecies_with_x9_63_sha1_aes128_cbc_hmac OBJ_ecies_specifiedParameters,4L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_hmac "ecies-with-x9-63-sha256-aes128-cbc-hmac"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_hmac 1173
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac OBJ_ecies_specifiedParameters,5L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_hmac "ecies-with-x9-63-sha512-aes256-cbc-hmac"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_hmac 1174
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac OBJ_ecies_specifiedParameters,6L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_hmac "ecies-with-x9-63-sha256-aes128-ctr-hmac"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_hmac 1175
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac OBJ_ecies_specifiedParameters,7L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_hmac "ecies-with-x9-63-sha512-aes256-ctr-hmac"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_hmac 1176
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac OBJ_ecies_specifiedParameters,8L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_hmac_half "ecies-with-x9-63-sha256-aes128-cbc-hmac-half"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_hmac_half 1177
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_hmac_half OBJ_ecies_specifiedParameters,9L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_hmac_half "ecies-with-x9-63-sha512-aes256-cbc-hmac-half"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_hmac_half 1178
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_hmac_half OBJ_ecies_specifiedParameters,10L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_hmac_half "ecies-with-x9-63-sha256-aes128-ctr-hmac-half"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_hmac_half 1179
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_hmac_half OBJ_ecies_specifiedParameters,11L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_hmac_half "ecies-with-x9-63-sha512-aes256-ctr-hmac-half"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_hmac_half 1180
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_hmac_half OBJ_ecies_specifiedParameters,12L
#define SN_ecies_with_x9_63_sha1_aes128_cbc_cmac "ecies-with-x9-63-sha1-aes128-cbc-cmac"
#define NID_ecies_with_x9_63_sha1_aes128_cbc_cmac 1181
#define OBJ_ecies_with_x9_63_sha1_aes128_cbc_cmac OBJ_ecies_specifiedParameters,13L
#define SN_ecies_with_x9_63_sha256_aes128_cbc_cmac "ecies-with-x9-63-sha256-aes128-cbc-cmac"
#define NID_ecies_with_x9_63_sha256_aes128_cbc_cmac 1182
#define OBJ_ecies_with_x9_63_sha256_aes128_cbc_cmac OBJ_ecies_specifiedParameters,14L
#define SN_ecies_with_x9_63_sha512_aes256_cbc_cmac "ecies-with-x9-63-sha512-aes256-cbc-cmac"
#define NID_ecies_with_x9_63_sha512_aes256_cbc_cmac 1183
#define OBJ_ecies_with_x9_63_sha512_aes256_cbc_cmac OBJ_ecies_specifiedParameters,15L
#define SN_ecies_with_x9_63_sha256_aes128_ctr_cmac "ecies-with-x9-63-sha256-aes128-ctr-cmac"
#define NID_ecies_with_x9_63_sha256_aes128_ctr_cmac 1184
#define OBJ_ecies_with_x9_63_sha256_aes128_ctr_cmac OBJ_ecies_specifiedParameters,16L
#define SN_ecies_with_x9_63_sha512_aes256_ctr_cmac "ecies-with-x9-63-sha512-aes256-ctr-cmac"
#define NID_ecies_with_x9_63_sha512_aes256_ctr_cmac 1185
#define OBJ_ecies_with_x9_63_sha512_aes256_ctr_cmac OBJ_ecies_specifiedParameters,17L
#define SN_ISO_CN "ISO-CN"
#define LN_ISO_CN "ISO CN Member Body"
#define NID_ISO_CN 1083
@@ -4839,6 +4915,10 @@
#define NID_sm2encrypt 1119
#define OBJ_sm2encrypt OBJ_sm_scheme,301L,3L
#define SN_wapip192v1 "wapip192v1"
#define NID_wapip192v1 1135
#define OBJ_wapip192v1 OBJ_sm_scheme,301L,101L
#define SN_sm2encrypt_recommendedParameters "sm2encrypt-recommendedParameters"
#define NID_sm2encrypt_recommendedParameters 1120
#define OBJ_sm2encrypt_recommendedParameters OBJ_sm2encrypt,1L
@@ -4847,6 +4927,50 @@
#define NID_sm2encrypt_specifiedParameters 1121
#define OBJ_sm2encrypt_specifiedParameters OBJ_sm2encrypt,2L
#define SN_sm2encrypt_with_sm3 "sm2encrypt-with-sm3"
#define NID_sm2encrypt_with_sm3 1155
#define OBJ_sm2encrypt_with_sm3 OBJ_sm2encrypt,2L,1L
#define SN_sm2encrypt_with_sha1 "sm2encrypt-with-sha1"
#define NID_sm2encrypt_with_sha1 1156
#define OBJ_sm2encrypt_with_sha1 OBJ_sm2encrypt,2L,2L
#define SN_sm2encrypt_with_sha224 "sm2encrypt-with-sha224"
#define NID_sm2encrypt_with_sha224 1157
#define OBJ_sm2encrypt_with_sha224 OBJ_sm2encrypt,2L,3L
#define SN_sm2encrypt_with_sha256 "sm2encrypt-with-sha256"
#define NID_sm2encrypt_with_sha256 1158
#define OBJ_sm2encrypt_with_sha256 OBJ_sm2encrypt,2L,4L
#define SN_sm2encrypt_with_sha384 "sm2encrypt-with-sha384"
#define NID_sm2encrypt_with_sha384 1159
#define OBJ_sm2encrypt_with_sha384 OBJ_sm2encrypt,2L,5L
#define SN_sm2encrypt_with_sha512 "sm2encrypt-with-sha512"
#define NID_sm2encrypt_with_sha512 1160
#define OBJ_sm2encrypt_with_sha512 OBJ_sm2encrypt,2L,6L
#define SN_sm2encrypt_with_rmd160 "sm2encrypt-with-rmd160"
#define NID_sm2encrypt_with_rmd160 1161
#define OBJ_sm2encrypt_with_rmd160 OBJ_sm2encrypt,2L,7L
#define SN_sm2encrypt_with_whirlpool "sm2encrypt-with-whirlpool"
#define NID_sm2encrypt_with_whirlpool 1162
#define OBJ_sm2encrypt_with_whirlpool OBJ_sm2encrypt,2L,8L
#define SN_sm2encrypt_with_blake2b512 "sm2encrypt-with-blake2b512"
#define NID_sm2encrypt_with_blake2b512 1163
#define OBJ_sm2encrypt_with_blake2b512 OBJ_sm2encrypt,2L,9L
#define SN_sm2encrypt_with_blake2s256 "sm2encrypt-with-blake2s256"
#define NID_sm2encrypt_with_blake2s256 1164
#define OBJ_sm2encrypt_with_blake2s256 OBJ_sm2encrypt,2L,10L
#define SN_sm2encrypt_with_md5 "sm2encrypt-with-md5"
#define NID_sm2encrypt_with_md5 1165
#define OBJ_sm2encrypt_with_md5 OBJ_sm2encrypt,2L,11L
#define SN_id_sm9PublicKey "id-sm9PublicKey"
#define NID_id_sm9PublicKey 1122
#define OBJ_id_sm9PublicKey OBJ_sm_scheme,302L
@@ -4908,9 +5032,20 @@
#define NID_sm2sign_with_rmd160 1134
#define OBJ_sm2sign_with_rmd160 OBJ_sm_scheme,507L
#define SN_wapip192v1 "wapip192v1"
#define NID_wapip192v1 1135
#define OBJ_wapip192v1 OBJ_sm_scheme,301L,101L
#define SN_sm2sign_with_whirlpool "SM2Sign-with-Whirlpool"
#define LN_sm2sign_with_whirlpool "sm2sign-with-whirlpool"
#define NID_sm2sign_with_whirlpool 1166
#define OBJ_sm2sign_with_whirlpool OBJ_sm_scheme,520L
#define SN_sm2sign_with_blake2b512 "SM2Sign-with-Blake2b512"
#define LN_sm2sign_with_blake2b512 "sm2sign-with-blake2b512"
#define NID_sm2sign_with_blake2b512 1167
#define OBJ_sm2sign_with_blake2b512 OBJ_sm_scheme,521L
#define SN_sm2sign_with_blake2s256 "SM2Sign-with-Blake2s256"
#define LN_sm2sign_with_blake2s256 "sm2sign-with-blake2s256"
#define NID_sm2sign_with_blake2s256 1168
#define OBJ_sm2sign_with_blake2s256 OBJ_sm_scheme,522L
#define SN_zuc "ZUC"
#define LN_zuc "zuc"

236
include/openssl/sm2.h
View File

@@ -66,100 +66,18 @@ extern "C" {
#define SM2_MAX_ID_BITS 65535
#define SM2_MAX_ID_LENGTH (SM2_MAX_ID_BITS/8)
#define SM2_DEFAULT_ID_GMT09 "1234567812345678"
#define SM2_DEFAULT_ID_GMSSL "anonym@gmssl.org"
#define SM2_DEFAULT_ID SM2_DEFAULT_ID_GMSSL
#define SM2_DEFAULT_ID_LENGTH (sizeof(SM2_DEFAULT_ID) - 1)
#define SM2_DEFAULT_ID_BITS (SM2_DEFAULT_ID_LENGTH * 8)
#define SM2_ID_DIGEST_LENGTH SM3_DIGEST_LENGTH
#define SM2_DEFAULT_POINT_CONVERSION_FORM POINT_CONVERSION_UNCOMPRESSED
#define SM2_MAX_PKEY_DATA_LENGTH ((EC_MAX_NBYTES + 1) * 6)
int SM2_get_public_key_data(EC_KEY *ec_key, unsigned char *out, size_t *outlen);
#define SM2_DEFAULT_ID_DIGEST_LENGTH SM3_DIGEST_LENGTH
/* compute identity digest Z */
int SM2_compute_id_digest(const EVP_MD *md, const char *id, size_t idlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
/*
* Generate GM/T 0003.2-2012 message digest for SM2 signature scheme.
* Return dgst = msg_md( id_md(id, ec_key) || msg )
*/
int SM2_compute_message_digest(const EVP_MD *id_md, const EVP_MD *msg_md,
const unsigned char *msg, size_t msglen, const char *id, size_t idlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
typedef struct sm2_enc_params_st {
const EVP_MD *kdf_md;
const EVP_MD *mac_md;
point_conversion_form_t point_form;
} SM2_ENC_PARAMS;
/* SM2_ENC_PARAMS_dup() is used by ec_pmeth.c,
* so the SM2_ENC_PARAMS_new() and SM2_ENC_PARAMS_free() is also provided
*/
SM2_ENC_PARAMS *SM2_ENC_PARAMS_new(void);
SM2_ENC_PARAMS *SM2_ENC_PARAMS_dup(const SM2_ENC_PARAMS *param);
void SM2_ENC_PARAMS_free(SM2_ENC_PARAMS *param);
int SM2_ENC_PARAMS_init_with_recommended(SM2_ENC_PARAMS *param);
typedef struct sm2_ciphertext_value_st {
EC_POINT *ephem_point;
unsigned char *ciphertext;
size_t ciphertext_size;
unsigned char mactag[EVP_MAX_MD_SIZE];
unsigned int mactag_size;
} SM2_CIPHERTEXT_VALUE;
int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
const SM2_ENC_PARAMS *params, size_t mlen);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_new(const EC_GROUP *group);
void SM2_CIPHERTEXT_VALUE_free(SM2_CIPHERTEXT_VALUE *cv);
int SM2_CIPHERTEXT_VALUE_encode(const SM2_CIPHERTEXT_VALUE *cv,
const EC_GROUP *ec_group, const SM2_ENC_PARAMS *params,
unsigned char *buf, size_t *buflen);
SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
const SM2_ENC_PARAMS *params, const unsigned char *buf, size_t buflen);
int i2d_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
const SM2_CIPHERTEXT_VALUE *c, unsigned char **out);
SM2_CIPHERTEXT_VALUE *d2i_SM2_CIPHERTEXT_VALUE(const EC_GROUP *group,
SM2_CIPHERTEXT_VALUE **c, const unsigned char **in, long len);
int SM2_CIPHERTEXT_VALUE_print(BIO *out, const EC_GROUP *ec_group,
const SM2_CIPHERTEXT_VALUE *cv, int indent, unsigned long flags);
SM2_CIPHERTEXT_VALUE *SM2_do_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int SM2_do_decrypt(const SM2_ENC_PARAMS *params,
const SM2_CIPHERTEXT_VALUE *in, unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_encrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_decrypt(const SM2_ENC_PARAMS *params,
const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen,
EC_KEY *ec_key);
int SM2_encrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_decrypt_with_recommended(const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
/* SM2 digital signature */
int SM2_sign_setup(EC_KEY *ec_key, BN_CTX *ctx, BIGNUM **a, BIGNUM **b);
ECDSA_SIG *SM2_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *a, const BIGNUM *b, EC_KEY *ec_key);
@@ -175,39 +93,34 @@ int SM2_sign(int type, const unsigned char *dgst, int dgstlen,
int SM2_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *ec_key);
/* SM2 Public Key Encryption */
#define SM2_MIN_PLAINTEXT_LENGTH 0
#define SM2_MAX_PLAINTEXT_LENGTH 1024
typedef struct SM2CiphertextValue_st SM2CiphertextValue;
DECLARE_ASN1_FUNCTIONS(SM2CiphertextValue)
SM2CiphertextValue *SM2_do_encrypt(const EVP_MD *md,
const unsigned char *in, size_t inlen, EC_KEY *ec_key);
int SM2_do_decrypt(const EVP_MD *md, const SM2CiphertextValue *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_encrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
int SM2_decrypt(int type, const unsigned char *in, size_t inlen,
unsigned char *out, size_t *outlen, EC_KEY *ec_key);
#define SM2_encrypt_with_recommended(in,inlen,out,outlen,ec_key) \
SM2_encrypt(NID_sm3,in,inlen,out,outlen,ec_key)
#define SM2_decrypt_with_recommended(in,inlen,out,outlen,ec_key) \
SM2_decrypt(NID_sm3,in,inlen,out,outlen,ec_key)
/* SM2 Key Exchange */
typedef struct sm2_kap_ctx_st SM2_KAP_CTX;
int SM2_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *ec_key, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
typedef struct sm2_kap_ctx_st {
const EVP_MD *id_dgst_md;
const EVP_MD *kdf_md;
const EVP_MD *checksum_md;
point_conversion_form_t point_form;
KDF_FUNC kdf;
int is_initiator;
int do_checksum;
EC_KEY *ec_key;
unsigned char id_dgst[EVP_MAX_MD_SIZE];
unsigned int id_dgstlen;
EC_KEY *remote_pubkey;
unsigned char remote_id_dgst[EVP_MAX_MD_SIZE];
unsigned int remote_id_dgstlen;
const EC_GROUP *group;
BN_CTX *bn_ctx;
BIGNUM *order;
BIGNUM *two_pow_w;
BIGNUM *t;
EC_POINT *point;
unsigned char pt_buf[1 + (OPENSSL_ECC_MAX_FIELD_BITS+7)/4];
unsigned char checksum[EVP_MAX_MD_SIZE];
} SM2_KAP_CTX;
int SM2_KAP_CTX_init(SM2_KAP_CTX *ctx,
EC_KEY *ec_key, const char *id, size_t idlen,
EC_KEY *remote_pubkey, const char *rid, size_t ridlen,
@@ -221,12 +134,11 @@ int SM2_KAP_final_check(SM2_KAP_CTX *ctx, const unsigned char *checksum,
size_t checksumlen);
void SM2_KAP_CTX_cleanup(SM2_KAP_CTX *ctx);
/* EC_KEY_METHOD */
const EC_KEY_METHOD *EC_KEY_GmSSL(void);
void EC_KEY_set_default_secg_method(void);
void EC_KEY_set_default_sm_method(void);
int EC_KEY_METHOD_type(const EC_KEY_METHOD *meth);
void EC_KEY_METHOD_set_encrypt(EC_KEY_METHOD *meth,
@@ -253,7 +165,93 @@ void EC_KEY_METHOD_get_decrypt(EC_KEY_METHOD *meth,
int (**pdo_decrypt)(int type, const ECIES_CIPHERTEXT_VALUE *in,
unsigned char *out, size_t *outlen, EC_KEY *ec_key));
#ifdef __cplusplus
#define EVP_PKEY_CTX_set_ec_sign_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_sign_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX, \
EVP_PKEY_CTRL_EC_SIGN_TYPE, -2, NULL)
#define EVP_PKEY_CTX_set_ec_enc_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_enc_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_ENCRYPT|EVP_PKEY_OP_DECRYPT, \
EVP_PKEY_CTRL_EC_ENC_TYPE, -2, NULL)
#define EVP_PKEY_CTX_set_ec_dh_type(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, type, NULL)
#define EVP_PKEY_CTX_get_ec_dh_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_DH_TYPE, -2, NULL);
#define EVP_PKEY_CTX_set_sm2_id(ctx, type) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_SIGN|EVP_PKEY_OP_SIGNCTX| \
EVP_PKEY_OP_VERIFY|EVP_PKEY_OP_VERIFYCTX| \
EVP_PKEY_OP_DERIVE, type, NULL)
#define EVP_PKEY_CTRL_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 11)
#define EVP_PKEY_CTRL_GET_EC_SIGN_TYPE (EVP_PKEY_ALG_CTRL + 12)
#define EVP_PKEY_CTRL_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 13)
#define EVP_PKEY_CTRL_GET_EC_ENC_TYPE (EVP_PKEY_ALG_CTRL + 14)
#define EVP_PKEY_CTRL_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 15)
#define EVP_PKEY_CTRL_GET_EC_DH_TYPE (EVP_PKEY_ALG_CTRL + 16)
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
int ERR_load_SM2_strings(void);
/* Error codes for the SM2 functions. */
/* Function codes. */
# define SM2_F_I2O_SM2CIPHERTEXTVALUE 107
# define SM2_F_O2I_SM2CIPHERTEXTVALUE 108
# define SM2_F_SM2_DECRYPT 100
# define SM2_F_SM2_DO_DECRYPT 101
# define SM2_F_SM2_DO_ENCRYPT 102
# define SM2_F_SM2_DO_SIGN 104
# define SM2_F_SM2_DO_VERIFY 105
# define SM2_F_SM2_ENCRYPT 103
# define SM2_F_SM2_SIGN_SETUP 106
/* Reason codes. */
# define SM2_R_BAD_SIGNATURE 110
# define SM2_R_BUFFER_TOO_SMALL 100
# define SM2_R_DECRYPT_FAILURE 101
# define SM2_R_ENCRYPT_FAILURE 102
# define SM2_R_INVALID_CIPHERTEXT 103
# define SM2_R_INVALID_DIGEST_ALGOR 104
# define SM2_R_INVALID_EC_KEY 105
# define SM2_R_INVALID_INPUT_LENGTH 106
# define SM2_R_INVALID_PLAINTEXT_LENGTH 107
# define SM2_R_INVALID_PUBLIC_KEY 108
# define SM2_R_KDF_FAILURE 109
# define SM2_R_MISSING_PARAMETERS 111
# define SM2_R_NEED_NEW_SETUP_VALUES 112
# define SM2_R_RANDOM_NUMBER_GENERATION_FAILED 113
# ifdef __cplusplus
}
#endif
# endif
#endif

14
include/openssl/ssl.h
View File

@@ -111,6 +111,8 @@ extern "C" {
# define SSL_TXT_kDHEPSK "kDHEPSK"
# define SSL_TXT_kGOST "kGOST"
# define SSL_TXT_kSRP "kSRP"
# define SSL_TXT_kSM2 "kSM2"
# define SSL_TXT_kSM2PSK "kSM2PSK"
# define SSL_TXT_aRSA "aRSA"
# define SSL_TXT_aDSS "aDSS"
@@ -123,6 +125,7 @@ extern "C" {
# define SSL_TXT_aGOST12 "aGOST12"
# define SSL_TXT_aGOST "aGOST"
# define SSL_TXT_aSRP "aSRP"
# define SSL_TXT_aSM2 "aSM2"
# define SSL_TXT_DSS "DSS"
# define SSL_TXT_DH "DH"
@@ -156,8 +159,12 @@ extern "C" {
# define SSL_TXT_CHACHA20 "CHACHA20"
# define SSL_TXT_GOST "GOST89"
# define SSL_TXT_SMS4 "SMS4"
# define SSL_TXT_SMS4_GCM "SMS4GCM"
# define SSL_TXT_SMS4_CCM "SMS4CCM"
# define SSL_TXT_SMS4GCM "SMS4GCM"
# define SSL_TXT_SMS4CCM "SMS4CCM"
# define SSL_TXT_SMS4CCM8 "SMS4CCM8"
# define SSL_TXT_ZUC "ZUC"
# define SSL_TXT_SM1 "SM1"
# define SSL_TXT_SSF33 "SSF33"
# define SSL_TXT_MD5 "MD5"
# define SSL_TXT_SHA1 "SHA1"
@@ -174,7 +181,7 @@ extern "C" {
# define SSL_TXT_TLSV1 "TLSv1"
# define SSL_TXT_TLSV1_1 "TLSv1.1"
# define SSL_TXT_TLSV1_2 "TLSv1.2"
# define SSL_TXT_GMSV1_1 "GMSv1.1"
# define SSL_TXT_GMTLSV1_1 "GMTLSv1.1"
# define SSL_TXT_ALL "ALL"
@@ -817,6 +824,7 @@ __owur int SSL_extension_supported(unsigned int ext_type);
# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
# include <openssl/dtls1.h> /* Datagram TLS */
# include <openssl/srtp.h> /* Support for the use_srtp extension */
# include <openssl/gmtls.h>
#ifdef __cplusplus
extern "C" {