abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-29 09:13:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

SKF Wrapper

Browse Source
This commit is contained in:
Zhi Guan
2016-05-29 00:22:33 +02:00
parent 0cf9126a7d
commit ee4384daeb
142 changed files with 9469 additions and 6750 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
crypto/cpk/Makefile
View File

@@ -76,3 +76,90 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
cpk_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
cpk_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
cpk_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
cpk_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
cpk_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/ecies.h
cpk_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
cpk_asn1.o: ../../include/openssl/kdf.h ../../include/openssl/lhash.h
cpk_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
cpk_asn1.o: ../../include/openssl/opensslconf.h
cpk_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cpk_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
cpk_asn1.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
cpk_asn1.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
cpk_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cpk_asn1.o: ../../include/openssl/x509_vfy.h cpk.h cpk_asn1.c
cpk_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
cpk_err.o: ../../include/openssl/buffer.h ../../include/openssl/cpk.h
cpk_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
cpk_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
cpk_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/ecies.h
cpk_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
cpk_err.o: ../../include/openssl/kdf.h ../../include/openssl/lhash.h
cpk_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
cpk_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
cpk_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
cpk_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
cpk_err.o: ../../include/openssl/sm2.h ../../include/openssl/sm3.h
cpk_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cpk_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
cpk_err.o: cpk_err.c
cpk_kap.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
cpk_kap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
cpk_kap.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
cpk_kap.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
cpk_kap.o: ../../include/openssl/ecies.h ../../include/openssl/err.h
cpk_kap.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
cpk_kap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
cpk_kap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
cpk_kap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cpk_kap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
cpk_kap.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
cpk_kap.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
cpk_kap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cpk_kap.o: ../../include/openssl/x509_vfy.h cpk.h cpk_kap.c
cpk_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
cpk_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
cpk_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
cpk_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
cpk_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/ecies.h
cpk_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
cpk_lib.o: ../../include/openssl/kdf.h ../../include/openssl/lhash.h
cpk_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
cpk_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
cpk_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
cpk_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
cpk_lib.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
cpk_lib.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
cpk_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cpk_lib.o: ../../include/openssl/x509_vfy.h cpk.h cpk_lib.c
cpk_map.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
cpk_map.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
cpk_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
cpk_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
cpk_map.o: ../../include/openssl/ecies.h ../../include/openssl/err.h
cpk_map.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
cpk_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
cpk_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
cpk_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cpk_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
cpk_map.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
cpk_map.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
cpk_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cpk_map.o: ../../include/openssl/x509_vfy.h cpk.h cpk_map.c
cpk_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
cpk_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
cpk_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
cpk_prn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
cpk_prn.o: ../../include/openssl/ecies.h ../../include/openssl/err.h
cpk_prn.o: ../../include/openssl/evp.h ../../include/openssl/kdf.h
cpk_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
cpk_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
cpk_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
cpk_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
cpk_prn.o: ../../include/openssl/sha.h ../../include/openssl/sm2.h
cpk_prn.o: ../../include/openssl/sm3.h ../../include/openssl/stack.h
cpk_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
cpk_prn.o: ../../include/openssl/x509_vfy.h cpk.h cpk_prn.c

532
crypto/cpk/cpk.h
View File

@@ -61,152 +61,38 @@
extern "C" {
#endif
#define CPK_LIB_VERSION "0.9"
#define CPK_MAX_ID_LENGTH 64
/**
* @struct CPK_MASTER_SECRET
* @brief The in-memory structure to represent a cpk master secret.
*/
typedef struct cpk_master_secret_st {
long version; /**< The version of the master secret.*/
X509_NAME *id; /**< The id of the master secret.*/
X509_ALGOR *pkey_algor; /**< The public key algorithm used in the master secret.*/
X509_ALGOR *map_algor; /**< The map algorithm used in the master secret.*/
ASN1_OCTET_STRING *secret_factors; /**< The secret factors of the master secret.*/
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *secret_factors;
} CPK_MASTER_SECRET;
/**
* @def
* @brief Declare 4 basic ASN1 functions of CPK_MASTER_SECRET and a pointer
* to an ASN1_ITEM with detail information of the fields of
* CPK_MASTER_SECRET in it.
*
* The macro would generate following 4 function declarations and 1 pointer:\n
* CPK_MASTER_SECRET *CPK_MASTER_SECRET_new(void): alloc a new instance of CPK_MASTER_SECRET.\n
* void CPK_MASTER_SECRET_free(CPK_MASTER_SECRET* a): free the instance a.\n
* CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET(CPK_MASTER_SECRET **a, const unsigned char **in, long len):
* convert the CPK_MASTER_SECRET instance from the DER format to the internal format.\n
* int i2d_CPK_MASTER_SECRET(CPK_MASTER_SECRET *a, unsigned char* out): convert an CPK_MASTER_SECRET
* to the DER format.\n
* ASN1_ITEM* CPK_MASTER_SECRET_it: a pointer to a instance of ASN1_ITEM struct which contains
* information on the conversion between DER and internal.\n
*/
DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET)
/**
* @struct CPK_PUBLIC_PARAMS
* @brief The in-memory structure to represent a set of cpk public parameters.
*/
typedef struct cpk_public_params_st {
long version; /**< The version of the public parameters.*/
X509_NAME *id; /**< The id of the public parameters.*/
X509_ALGOR *pkey_algor; /**< The public key algorithm used in the public parameters.*/
X509_ALGOR *map_algor; /**< The map algorithm used in the public parameters.*/
ASN1_OCTET_STRING *public_factors;/**< The public factors of the public parameters.*/
long version;
X509_NAME *id;
X509_ALGOR *pkey_algor;
X509_ALGOR *map_algor;
ASN1_OCTET_STRING *public_factors;
} CPK_PUBLIC_PARAMS;
/**
* @brief Declare 4 basic ASN1 functions of CPK_PUBLIC_PARAMS and a pointer to an ASN1_ITEM
* with detail information of the fields of CPK_PUBLIC_PARAMS in it.
*
* The macro would generate following 4 function declarations and 1 pointer:\n
* CPK_PUBLIC_PARAMS *CPK_PUBLIC_PARAMS_new(void): alloc a new instance of CPK_PUBLIC_PARAMS.\n
* void CPK_PUBLIC_PARAMS_free(CPK_PUBLIC_PARAMS* a): free the instance a.\n
* CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS(CPK_PUBLIC_PARAMS **a, const unsigned char **in, long len):
* convert the CPK_PUBLIC_PARAMS instance from the DER format to the internal format.\n
* int i2d_CPK_PUBLIC_PARAMS(CPK_PUBLIC_PARAMS *a, unsigned char* out): convert a CPK_PUBLIC_PARAMS
* to the DER format.\n
* ASN1_ITEM* CPK_PUBLIC_PARAMS_it: a pointer to a instance of ASN1_ITEM struct which contains
* information on the conversion between DER and internal.\n
*/
DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS)
/**
* @brief Get a new default map algorithm.
*
* @return Returns a pointer to a new instance of the default map algorithm of the type X509_ALGOR.
*/
X509_ALGOR *CPK_MAP_new_default();
/**
* @brief Check if the given map algorithm is valid.
*
* @param[in] algor The pointer to the algorithm to check.
* @return Returns 1 if the given algorithm is valid.
*/
X509_ALGOR *CPK_MAP_new_default(void);
int CPK_MAP_is_valid(const X509_ALGOR *algor);
/**
* @brief Get the number of factors of the given algorithm.
*
* @param[in] algor The pointer to the algorithm.
* @return Returns the number of factors of the algorithm.
*/
int CPK_MAP_num_factors(const X509_ALGOR *algor);
/**
* @brief Get the number of indexes of the given algorithm.
*
* @param[in] algor The pointer to the algorithm.
* @return Returns the number of indexes of the algorithm.
*/
int CPK_MAP_num_indexes(const X509_ALGOR *algor);
/**
* @brief Convert the string to the index vector.
*
* @param[in] algor The pointer to the algorithm to do the map function.
* @param[in] str The pointer to a string in the memory, ended by '\0'.
* @param[out] index The pointer to a array which will receive the index.
* @return Returns 1 on success.
*/
int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index);
/**
* @brief Print the parameters of the map algortihm.
*
* @param[out] out A IO abstraction to receive the output stream.
* @param[in] indent The amount of the indentation in the output stream.
* @param[in] flags The flag set to control the ouput.
* @return Returns 1 on success.
*/
int CPK_MAP_print(BIO *out, X509_ALGOR *map, int indent, unsigned long flags);
/**
* @brief Create a master secret with the given domain id, public key algorithm and map algorithm.
*
* @param[in] domain_id The domain identifier of the master secret.
* @param[in] pkey The pointer to the public key algorithm of the master secret.
* @param[in] map_algor The pointer to the map algorithm of the master secret.
* @return Returns a poniter to the created master secret on success, or NULL on failure.
*/
CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, EVP_PKEY *pkey, X509_ALGOR *map_algor);
/**
* @brief Extract the public parameters from the master secret.
*
* @param[in] master The master secret to extract from.
* @return Returns the pointer to the extracted public parameters on success, or NULL on failure.
*/
CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master);
/**
* @brief Extract the private key of a given identifier from the master secret.
*
* @param[in] master The master secret to extract from.
* @param[in] id The identifier which is used to maps to the private key.
* @return Returns the pointer to the extracted private key on success, or NULL on failure.
*/
EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id);
/**
* @brief Extract the public key of a given identifier from the public parameters.
*
* @param[in] params The public parameters to extract from.
* @param[in] id The identifier which is used to maps to the public key.
* @return Returns the pointer to the extracted public key EVP_PKEY on success, or NULL on failure.
*/
EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id);
@@ -216,374 +102,74 @@ int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params,
char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size);
char *CPK_PUBLIC_PARAMS_get_name(CPK_PUBLIC_PARAMS *params);
/**
* @brief Generate the message digest of the given master secret with the given parameters.
*
* This function takes the secret_factors field of the given parameter of CPK_MASTER_SECRET as
* the input and the parameter type of EVP_MD as the message digest
* algorithm to compute the message digest, and put the result in the parameter md, the length
* of the result in the paramter len.
* @param[in] master The master secret to compute the digest.
* @param[in] type The message digest algorithm to use to comput the digest.
* @param[out] md The buffer to receive the result of the computation of message digest.
* @param[out] len If len is not null, the variable it point to will be assigned the length of
* the message digest.
* @return Returns 1 on success, 0 on failure.
*/
int CPK_MASTER_SECRET_digest(CPK_MASTER_SECRET *master, const EVP_MD *type, unsigned char *md, unsigned int *len);
/**
* @brief Generate the message digest of the given public parameters with the given parameters.
*
* This function takes the secret_factors field of the given parameter of CPK_PUBLIC_PARAMS as
* the input and the parameter type of EVP_MD as the message digest
* algorithm to compute the message digest, and put the result in the parameter md, the length
* of the result in the paramter len.
* @param[in] params The public parameters to compute the digest.
* @param[in] type The message digest algorithm to use to comput the digest.
* @param[out] md The buffer to receive the result of the computation of message digest.
* @param[out] len If len is not null, the variable it point to will be assigned the length of
* the message digest.
* @return Returns 1 on success, 0 on failure.
*/
int CPK_PUBLIC_PARAMS_digest(CPK_PUBLIC_PARAMS *params, const EVP_MD *type, unsigned char *md, unsigned int *len);
/**
* @brief Print the master secret to a BIO, including the version, the domain uri, the public
* algorithm and the map algorithm.
*
* @param[out] out A IO abstraction to receive the output stream.
* @param[in] master The CPK_MASTER_SECRET instance to print.
* @param[in] indent The amount of the indentation.
* @param[in] flags The flag set to control the ouput.
* @return Returns 1 on success, 0 on failure.
*/
int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master, int indent, unsigned long flags);
/**
* @brief Print the public parameters to a BIO.
*
* @param[out] out A IO abstraction to receive the output stream.
* @param[in] params The CPK_PUBLIC_PARAMS instance to print.
* @param[in] indent The amount of the indentation.
* @param[in] flags The flag set to control the ouput.
* @return Returns 1 on success, 0 on failure.
*/
int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params, int indent, unsigned long flags);
/**
* @brief Validate the public parameters with the given master secret.
*
* @param[in] master The master secret used for the validation.
* @param[in] params The public parameters to validate.
* @return Returns 1 if the public parameter is valid, returns 0 otherwise.
*/
int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *params);
/**
* @brief Validate the private key with the given public parameters.
*
* @param[in] params The public parameter used for the validation.
* @param[in] id the identifier of the private key owner.
* @param[in] pkey pkey The private key to validate.
* @return Returns 1 if the private key is valid, returns a integer less or equal than 0 otherwise.
*/
int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, const char *id, const EVP_PKEY *pkey);
/**
* @brief Convert the master secret in DER format in the IO abstraction to an instance of CPK_MASTER_SECRET.
*
* @param[in] bp A pointer to the IO abstraction which ocntaints the master secret in DER format.
* @param[out] master A pointer to receive the pointer to the converted master secret of the type CPK_MASTER_SECRET.
* @return Returns the pointer to the converted master secret of the type CPK_MASTER_SECRET on success,
* or null on failure.
*/
CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master);
/**
* @brief Convert the master key from CPK_MASTER_SECRET to a byte stream in DER format, and write
* the stream to an IO abstraction.
*
* @param[out] bp A pointer to the IO abstraction which receives the stream.
* @param[in] master A pointer to the master key of the type CPK_MASTER_SECRET.
* @return Returns the size of the output stream on success, of an integer less or equal than 0
* indicating an error.
*/
int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master);
/**
* @brief Convert the public parameters in DER format in the IO abstraction to an instance of CPK_PUBLIC_PARAMS.
*
* @param[in] bp A pointer to the IO abstraction which ocntaints the public parameters in DER format.
* @param[out] params A pointer to receive the pointer to the converted public parameters of the type CPK_PUBLIC_PARAMS.
* @return Returns the pointer to the converted public parameters of the type CPK_PUBLIC_PARAMS on success,
* or null on failure.
*/
CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params);
/**
* @brief Convert the public parameters from CPK_PUBLIC_PARAMS to a byte stream in DER format,
* and write the stream to an IO abstraction.
*
* @param[out] bp A pointer to the IO abstraction which receives the stream.
* @param[in] master A pointer to the public parameters of the type CPK_PUBLIC_PARAMS.
* @return Returns the size of the output stream on success, of an integer less or equal than 0
* indicating an error.
*/
int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params);
/* BEGIN ERROR CODES */
/*
* SignerInfo ::= SEQUENCE {
* version INTEGER {1},
* signer IssuerAndSerialNumber,
* digestAlgor DigestAlgorithmIdentifier,
* signedAttrs [0] IMPLICIT Attributes OPTIONAL,
* signingAlgor SigningAlgorithmIdentifier,
* signature OCTET STRING {{ECDSASigValue}},
* unsignedAttrs [1] IMPLICIT Attributes OPTIONAL
* }
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
typedef struct cpk_signer_info_st {
long version;
X509_NAME *signer;
X509_ALGOR *digest_algor;
STACK_OF(X509_ATTRIBUTE) *signed_attr;
X509_ALGOR *sign_algor;
ASN1_OCTET_STRING *signature;
STACK_OF(X509_ATTRIBTE) *unsigned_attr;
EVP_PKEY *_privkey; /* private member */
} CPK_SIGNER_INFO;
DECLARE_STACK_OF(CPK_SIGNER_INFO)
DECLARE_ASN1_SET_OF(CPK_SIGNER_INFO)
DECLARE_ASN1_FUNCTIONS(CPK_SIGNER_INFO)
int CPK_SIGNER_INFO_set(CPK_SIGNER_INFO *si, const EVP_MD *sign_alg, const EVP_PKEY *sign_key);
int CPK_SIGNER_INFO_add_attr(CPK_SIGNER_INFO *si, int nid, int atrtype, void *value);
int CPK_SIGNER_INFO_add_signed_attr(CPK_SIGNER_INFO *si, int nid, int atrtype, void *value);
int CPK_SIGNER_INFO_add_signed_time(CPK_SIGNER_INFO *si);
int CPK_SIGNER_INFO_add_signed_digest(CPK_SIGNER_INFO *si, const EVP_MD_CTX *ctx);
ASN1_TYPE *CPK_SIGNER_INFO_get_attr(CPK_SIGNER_INFO *si, int nid);
ASN1_TYPE *CPK_SIGNER_INFO_get_signed_attr(CPK_SIGNER_INFO *si, int nid);
ASN1_UTCTIME *CPK_SIGNER_INFO_get_signed_time(CPK_SIGNER_INFO *si);
int CPK_SIGNER_INFO_do_sign(CPK_SIGNER_INFO *si, EVP_MD_CTX *md_ctx);
int CPK_SIGNER_INFO_do_verify(const CPK_SIGNER_INFO *si, EVP_MD_CTX *ctx, const CPK_PUBLIC_PARAMS *params);
/*
* RecipientInfo ::= SEQUENCE {
* version INTEGER {0},
* recipient IssuerAndSerialNumber,
* keyEncryptionAlgor EncryptionAlgorithmIdentifier,
* encryptedKey OCTET STRING
* }
* RecipientInfos ::= SET OF RecipientInfo
*/
typedef struct cpk_recip_info_st {
long version;
X509_NAME *recipient;
X509_ALGOR *enc_algor;
ASN1_OCTET_STRING *enc_data;
/* private */
EVP_PKEY *_pubkey;
} CPK_RECIP_INFO;
DECLARE_STACK_OF(CPK_RECIP_INFO)
DECLARE_ASN1_SET_OF(CPK_RECIP_INFO)
DECLARE_ASN1_FUNCTIONS(CPK_RECIP_INFO)
int CPK_RECIP_INFO_set(CPK_RECIP_INFO *ri, const X509_NAME *recipient, const ECIES_PARAMS *ecies);
int CPK_RECIP_INFO_do_encrypt(CPK_RECIP_INFO *ri, const unsigned char *in, size_t inlen);
int CPK_RECIP_INFO_do_decrypt(CPK_RECIP_INFO *ri, const EVP_PKEY *pkey, unsigned char *out, size_t *outlen);
/*
* SingerInfos ::= SET OF SignerInfo
*
* SignedData ::= SEQUENCE {
* version INTEGER,
* digestAlgors DigestAlgorithmIdentifiers,
* contentInfo ContentInfo,
* signerInfos SignerInfos,
* }
*/
typedef struct cpk_signed_st {
long version;
STACK_OF(X509_ALGOR) *digest_algors;
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(CPK_SIGINFO) *signer_infos;
struct CPK_CMS_st *contents;
} CPK_SIGNED;
DECLARE_ASN1_FUNCTIONS(CPK_SIGNED)
typedef struct cpk_enc_content_st {
ASN1_OBJECT *content_type;
X509_ALGOR *enc_algor;
ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
/* private */
const EVP_CIPHER *cipher;
} CPK_ENC_CONTENT;
DECLARE_ASN1_FUNCTIONS(CPK_ENC_CONTENT)
typedef struct cpk_envelope_st {
long version;
STACK_OF(CPK_RECIP_INFO) *recip_infos;
CPK_ENC_CONTENT *enc_data;
} CPK_ENVELOPE;
DECLARE_ASN1_FUNCTIONS(CPK_ENVELOPE)
typedef struct cpk_sign_envelope_st {
long version;
STACK_OF(X509_ALGOR) *digest_algors;
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(CPK_SIGNER_INFO) *signer_infos;
CPK_ENC_CONTENT *enc_data;
STACK_OF(CPK_RECIP_INFO) *recip_infos;
} CPK_SIGN_ENVELOPE;
DECLARE_ASN1_FUNCTIONS(CPK_SIGN_ENVELOPE)
typedef struct cpk_cms_st {
int state; /* used during processing */
int detached;
ASN1_OBJECT *type;
union {
char *ptr;
/* NID_pkcs7_data */
ASN1_OCTET_STRING *data;
/* NID_pkcs7_signed */
CPK_SIGNED *sign;
/* NID_pkcs7_enveloped */
CPK_ENVELOPE *enveloped;
/* NID_pkcs7_signedAndEnveloped */
CPK_SIGN_ENVELOPE *signed_and_enveloped;
/* Anything else */
ASN1_TYPE *other;
} d;
} CPK_CMS;
DECLARE_STACK_OF(CPK_CMS)
DECLARE_ASN1_SET_OF(CPK_CMS)
DECLARE_PKCS12_STACK_OF(CPK_CMS)
DECLARE_ASN1_FUNCTIONS(CPK_CMS)
DECLARE_ASN1_ITEM(CPK_CMS_ATTR_SIGN)
DECLARE_ASN1_ITEM(CPK_CMS_ATTR_VERIFY)
DECLARE_ASN1_NDEF_FUNCTION(CPK_CMS)
#define CPK_CMS_OP_SET_DETACHED_SIGNATURE 1
#define CPK_CMS_OP_GET_DETACHED_SIGNATURE 2
#define CPK_CMS_get_signed_attributes(si) ((si)->auth_attr)
#define CPK_CMS_get_attributes(si) ((si)->unauth_attr)
#define CPK_CMS_type_is_signed(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
#define CPK_CMS_type_is_enveloped(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
#define CPK_CMS_type_is_signedAndEnveloped(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
#define CPK_CMS_type_is_data(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_data)
#define CPK_CMS_set_detached(p,v) \
CPK_CMS_ctrl(p,CPK_CMS_OP_SET_DETACHED_SIGNATURE,v,NULL)
#define CPK_CMS_get_detached(p) \
CPK_CMS_ctrl(p,CPK_CMS_OP_GET_DETACHED_SIGNATURE,0,NULL)
#define CPK_CMS_is_detached(p7) \
(CPK_CMS_type_is_signed(p7) && CPK_CMS_get_detached(p7))
long CPK_CMS_ctrl(CPK_CMS *p7, int cmd, long larg, char *parg);
int CPK_CMS_set_type(CPK_CMS *p7, int type);
int CPK_CMS_set_cipher(CPK_CMS *p7, const EVP_CIPHER *cipher);
int CPK_CMS_set_content(CPK_CMS *p7, CPK_CMS *p7_data);
int CPK_CMS_content_new(CPK_CMS *p7, int type);
int CPK_CMS_add_signer(CPK_CMS *p7, const EVP_MD *sign_alg, const EVP_PKEY *sign_key);
int CPK_CMS_add_recipient(CPK_CMS *p7, const X509_NAME *id, const ECIES_PARAMS *params);
BIO *CPK_CMS_dataInit(CPK_CMS *p7, BIO *bio);
BIO *CPK_CMS_dataDecode(CPK_CMS *p7, BIO *in_bio, const EVP_PKEY *keyinfo);
int CPK_CMS_dataUpdate(CPK_CMS *p7, BIO *bio, const unsigned char *data, int len);
int CPK_CMS_dataFinal(CPK_CMS *p7, BIO *bio);
STACK_OF(CPK_SIGNER_INFO) *CPK_CMS_get_signer_infos(CPK_CMS *p7);
int CPK_CMS_dataVerify(CPK_PUBLIC_PARAMS *params, BIO *bio, CPK_CMS *p7, CPK_SIGNER_INFO *si);
/* ERR function (should in openssl/err.h) begin */
#define ERR_LIB_CPK 130
#define ERR_R_CPK_LIB ERR_LIB_CPK
#define CPKerr(f,r) ERR_PUT_error(ERR_LIB_CPK,(f),(r),__FILE__,__LINE__)
/* end */
void ERR_load_CPK_strings(void);
/**
* @defgroup error_cpk Definations to handle errors of cpk runtime.
* @{
*/
/* Error codes for the ECIES functions. */
/* Error codes for the CPK functions. */
/* Function codes. */
#define CPK_F_CPK_MASTER_SECRET_CREATE 100
#define CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS 101
#define CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY 102
#define CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY 103
#define CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY 116
#define CPK_F_CPK_MASTER_SECRET_DIGEST 104
#define CPK_F_CPK_PUBLIC_PARAMS_DIGEST 105
#define CPK_F_CPK_MASTER_SECRET_PRINT 106
#define CPK_F_CPK_PUBLIC_PARAMS_PRINT 107
#define CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS 108
#define CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY 109
#define CPK_F_CPK_MAP_NEW_DEFAULT 110
#define CPK_F_CPK_MAP_NUM_FACTORS 111
#define CPK_F_CPK_MAP_NUM_INDEXES 112
#define CPK_F_CPK_MAP_STR2INDEX 113
#define CPK_F_X509_ALGOR_GET1_EC_KEY 114
#define CPK_F_X509_ALGOR_GET1_DSA 115
# define CPK_F_CPK_MAP_NEW_DEFAULT 100
# define CPK_F_CPK_MAP_NUM_FACTORS 101
# define CPK_F_CPK_MAP_NUM_INDEXES 102
# define CPK_F_CPK_MAP_STR2INDEX 103
# define CPK_F_CPK_MASTER_SECRET_CREATE 104
# define CPK_F_CPK_MASTER_SECRET_DIGEST 105
# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY 106
# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS 107
# define CPK_F_CPK_MASTER_SECRET_PRINT 108
# define CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS 109
# define CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY 110
# define CPK_F_CPK_PUBLIC_PARAMS_DIGEST 111
# define CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY 112
# define CPK_F_CPK_PUBLIC_PARAMS_PRINT 113
# define CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY 114
# define CPK_F_X509_ALGOR_GET1_DSA 115
# define CPK_F_X509_ALGOR_GET1_EC_KEY 116
/* Reason codes. */
#define CPK_R_BAD_ARGUMENT 100
#define CPK_R_UNKNOWN_DIGEST_TYPE 101
#define CPK_R_UNKNOWN_CIPHER_TYPE 102
#define CPK_R_UNKNOWN_MAP_TYPE 103
#define CPK_R_UNKNOWN_CURVE 104
#define CPK_R_STACK_ERROR 105
#define CPK_R_DERIVE_KEY_FAILED 106
#define CPK_R_ECIES_ENCRYPT_FAILED 107
#define CPK_R_ECIES_DECRYPT_FAILED 108
#define CPK_R_DER_DECODE_FAILED 109
#define CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE 110
#define CPK_R_SET_SIGNER 111
#define CPK_R_SET_RECIP_INFO 112
#define CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST 113
#define CPK_R_BAD_DATA 114
#define CPK_R_MAP_FAILED 115
#define CPK_R_ADD_SIGNING_TIME 116
#define CPK_R_VERIFY_FAILED 117
#define CPK_R_UNKNOWN_ECDH_TYPE 118
#define CPK_R_DIGEST_FAILED 119
#define CPK_R_WITHOUT_DECRYPT_KEY 120
#define CPK_R_UNKNOWN_PKCS7_TYPE 121
#define CPK_R_INVALID_ID_LENGTH 122
#define CPK_R_INVALID_PKEY_TYPE 123
#define CPK_R_INVALID_MAP_ALGOR 124
#define CPK_R_PKEY_TYPE_NOT_MATCH 125
# define CPK_R_ADD_SIGNING_TIME 100
# define CPK_R_BAD_ARGUMENT 101
# define CPK_R_BAD_DATA 102
# define CPK_R_DERIVE_KEY_FAILED 103
# define CPK_R_DER_DECODE_FAILED 104
# define CPK_R_DIGEST_FAILED 105
# define CPK_R_ECIES_DECRYPT_FAILED 106
# define CPK_R_ECIES_ENCRYPT_FAILED 107
# define CPK_R_INVALID_ID_LENGTH 108
# define CPK_R_INVALID_MAP_ALGOR 109
# define CPK_R_INVALID_PKEY_TYPE 110
# define CPK_R_MAP_FAILED 111
# define CPK_R_PKEY_TYPE_NOT_MATCH 112
# define CPK_R_SET_RECIP_INFO 113
# define CPK_R_SET_SIGNER 114
# define CPK_R_STACK_ERROR 115
# define CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST 116
# define CPK_R_UNKNOWN_CIPHER_TYPE 117
# define CPK_R_UNKNOWN_CURVE 118
# define CPK_R_UNKNOWN_DIGEST_TYPE 119
# define CPK_R_UNKNOWN_ECDH_TYPE 120
# define CPK_R_UNKNOWN_MAP_TYPE 121
# define CPK_R_UNKNOWN_PKCS7_TYPE 122
# define CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE 123
# define CPK_R_VERIFY_FAILED 124
# define CPK_R_WITHOUT_DECRYPT_KEY 125
/**
* @}
*/
#ifdef __cplusplus
}
#endif

84
crypto/cpk/cpk_asn1.c
View File

@@ -89,87 +89,3 @@ int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params) {
return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params);
}
#if 0
/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
ASN1_ADB_TEMPLATE(cpkcmsdefault) = ASN1_EXP_OPT(CPK_CMS, d.other, ASN1_ANY, 0);
ASN1_ADB(CPK_CMS) = {
ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(CPK_CMS, d.data, ASN1_OCTET_STRING_NDEF, 0)),
ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(CPK_CMS, d.sign, CPK_SIGNED, 0)),
ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(CPK_CMS, d.enveloped, CPK_ENVELOPE, 0)),
ADB_ENTRY(NID_pkcs7_signedAndEnveloped,
ASN1_NDEF_EXP_OPT(CPK_CMS, d.signed_and_enveloped, CPK_SIGN_ENVELOPE, 0)),
} ASN1_ADB_END(CPK_CMS, 0, type, 0, &cpkcmsdefault_tt, NULL);
ASN1_NDEF_SEQUENCE(CPK_CMS) = {
ASN1_SIMPLE(CPK_CMS, type, ASN1_OBJECT),
ASN1_ADB_OBJECT(CPK_CMS)
}ASN1_NDEF_SEQUENCE_END(CPK_CMS)
IMPLEMENT_ASN1_FUNCTIONS(CPK_CMS)
IMPLEMENT_ASN1_NDEF_FUNCTION(CPK_CMS)
IMPLEMENT_ASN1_DUP_FUNCTION(CPK_CMS)
ASN1_NDEF_SEQUENCE(CPK_SIGNED) = {
ASN1_SIMPLE(CPK_SIGNED, version, LONG),
ASN1_SET_OF(CPK_SIGNED, digest_algors, X509_ALGOR),
ASN1_SIMPLE(CPK_SIGNED, contents, CPK_CMS),
ASN1_IMP_SEQUENCE_OF_OPT(CPK_SIGNED, cert, X509, 0),
ASN1_IMP_SET_OF_OPT(CPK_SIGNED, crl, X509_CRL, 1),
ASN1_SET_OF(CPK_SIGNED, signer_infos, CPK_SIGNER_INFO)
} ASN1_NDEF_SEQUENCE_END(CPK_SIGNED)
IMPLEMENT_ASN1_FUNCTIONS(CPK_SIGNED)
ASN1_SEQUENCE(CPK_SIGNER_INFO) = {
ASN1_SIMPLE(CPK_SIGNER_INFO, version, LONG),
ASN1_SIMPLE(CPK_SIGNER_INFO, signer, X509_NAME),
ASN1_SIMPLE(CPK_SIGNER_INFO, digest_algor, X509_ALGOR),
ASN1_IMP_SEQUENCE_OF_OPT(CPK_SIGNER_INFO, signed_attr, X509_ATTRIBUTE, 0),
ASN1_SIMPLE(CPK_SIGNER_INFO, sign_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_SIGNER_INFO, signature, ASN1_OCTET_STRING),
ASN1_IMP_SET_OF_OPT(CPK_SIGNER_INFO, unsigned_attr, X509_ATTRIBUTE, 1)
} ASN1_SEQUENCE_END(CPK_SIGNER_INFO)
IMPLEMENT_ASN1_FUNCTIONS(CPK_SIGNER_INFO)
IMPLEMENT_ASN1_DUP_FUNCTION(CPK_SIGNER_INFO)
ASN1_NDEF_SEQUENCE(CPK_ENVELOPE) = {
ASN1_SIMPLE(CPK_ENVELOPE, version, LONG),
ASN1_SET_OF(CPK_ENVELOPE, recip_infos, CPK_RECIP_INFO),
ASN1_SIMPLE(CPK_ENVELOPE, enc_data, CPK_ENC_CONTENT)
} ASN1_NDEF_SEQUENCE_END(CPK_ENVELOPE)
IMPLEMENT_ASN1_FUNCTIONS(CPK_ENVELOPE)
ASN1_SEQUENCE(CPK_RECIP_INFO) = {
ASN1_SIMPLE(CPK_RECIP_INFO, version, LONG),
ASN1_SIMPLE(CPK_RECIP_INFO, recipient, X509_NAME),
ASN1_SIMPLE(CPK_RECIP_INFO, enc_algor, X509_ALGOR),
ASN1_SIMPLE(CPK_RECIP_INFO, enc_data, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(CPK_RECIP_INFO)
IMPLEMENT_ASN1_FUNCTIONS(CPK_RECIP_INFO)
IMPLEMENT_ASN1_DUP_FUNCTION(CPK_RECIP_INFO)
ASN1_NDEF_SEQUENCE(CPK_ENC_CONTENT) = {
ASN1_SIMPLE(CPK_ENC_CONTENT, content_type, ASN1_OBJECT),
ASN1_SIMPLE(CPK_ENC_CONTENT, enc_algor, X509_ALGOR),
ASN1_IMP_OPT(CPK_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
} ASN1_NDEF_SEQUENCE_END(CPK_ENC_CONTENT)
IMPLEMENT_ASN1_FUNCTIONS(CPK_ENC_CONTENT)
ASN1_NDEF_SEQUENCE(CPK_SIGN_ENVELOPE) = {
ASN1_SIMPLE(CPK_SIGN_ENVELOPE, version, LONG),
ASN1_SET_OF(CPK_SIGN_ENVELOPE, recip_infos, CPK_RECIP_INFO),
ASN1_SET_OF(CPK_SIGN_ENVELOPE, digest_algors, X509_ALGOR),
ASN1_SIMPLE(CPK_SIGN_ENVELOPE, enc_data, CPK_ENC_CONTENT),
ASN1_IMP_SET_OF_OPT(CPK_SIGN_ENVELOPE, cert, X509, 0),
ASN1_IMP_SET_OF_OPT(CPK_SIGN_ENVELOPE, crl, X509_CRL, 1),
ASN1_SET_OF(CPK_SIGN_ENVELOPE, signer_infos, CPK_SIGNER_INFO)
} ASN1_NDEF_SEQUENCE_END(CPK_SIGN_ENVELOPE)
IMPLEMENT_ASN1_FUNCTIONS(CPK_SIGN_ENVELOPE)
#endif

158
crypto/cpk/cpk_err.c
View File

@@ -1,6 +1,6 @@
/* crypto/cpk/cpk_err.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -16,27 +16,27 @@
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
@@ -47,68 +47,85 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "cpk.h"
#include <openssl/cpk.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason)
# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0)
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason)
static ERR_STRING_DATA CPK_str_functs[] =
{
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS), "CPK_MASTER_SECRET_extract_public_params"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY), "CPK_MASTER_SECRET_extract_private_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY), "CPK_PUBLIC_PARAMS_extract_public_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY), "CPK_PUBLIC_PARAMS_compute_share_key"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_DIGEST), "CPK_F_CPK_MASTER_SECRET_digest"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_DIGEST), "CPK_F_CPK_PUBLIC_PARAMS_digest"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_PRINT), "CPK_F_CPK_MASTER_SECRET_print"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_PRINT), "CPK_F_CPK_PUBLIC_PARAMS_print"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS), "CPK_F_CPK_MASTER_SECRET_validate_public_params"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY), "CPK_F_CPK_PUBLIC_PARAMS_validate_private_key"},
{ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_F_CPK_MAP_new_default"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_FACTORS), "CPK_F_CPK_MAP_num_factors"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_INDEXES), "CPK_F_CPK_MAP_num_indexes"},
{ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_F_CPK_MAP_STR2INDEX"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_ec_key"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_DSA), "X509_ALGOR_get1_dsa"},
{0, NULL}
static ERR_STRING_DATA CPK_str_functs[] = {
{ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_MAP_new_default"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_FACTORS), "CPK_MAP_num_factors"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_INDEXES), "CPK_MAP_num_indexes"},
{ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_MAP_str2index"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_DIGEST), "CPK_MASTER_SECRET_digest"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY),
"CPK_MASTER_SECRET_extract_private_key"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS),
"CPK_MASTER_SECRET_extract_public_params"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_PRINT), "CPK_MASTER_SECRET_print"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS),
"CPK_MASTER_SECRET_validate_public_params"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY),
"CPK_PUBLIC_PARAMS_compute_share_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_DIGEST), "CPK_PUBLIC_PARAMS_digest"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY),
"CPK_PUBLIC_PARAMS_extract_public_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_PRINT), "CPK_PUBLIC_PARAMS_print"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY),
"CPK_PUBLIC_PARAMS_validate_private_key"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_DSA), "X509_ALGOR_GET1_DSA"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_GET1_EC_KEY"},
{0, NULL}
};
static ERR_STRING_DATA CPK_str_reasons[] =
{
{ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"},
{ERR_REASON(CPK_R_UNKNOWN_DIGEST_TYPE), "unknown digest algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_CIPHER_TYPE), "unknown cipher algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_MAP_TYPE), "unknown cpk map algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_CURVE), "unknown elliptic curve"},
{ERR_REASON(CPK_R_STACK_ERROR), "stack error"},
{ERR_REASON(CPK_R_DERIVE_KEY_FAILED), "derive key failed"},
{ERR_REASON(CPK_R_ECIES_ENCRYPT_FAILED), "ecies encryption failed"},
{ERR_REASON(CPK_R_ECIES_DECRYPT_FAILED), "ecies decryption failed"},
{ERR_REASON(CPK_R_DER_DECODE_FAILED), "DER decode failed"},
{ERR_REASON(CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE),"CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE"},
{ERR_REASON(CPK_R_SET_SIGNER), "CPK_R_SET_SIGNER"},
{ERR_REASON(CPK_R_SET_RECIP_INFO), "CPK_R_SET_RECIP_INFO"},
{ERR_REASON(CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST"},
{ERR_REASON(CPK_R_BAD_DATA), "bad data"},
{ERR_REASON(CPK_R_MAP_FAILED), "CPK_R_MAP_FAILED"},
{ERR_REASON(CPK_R_ADD_SIGNING_TIME), "CPK_R_ADD_SIGNING_TIME"},
{ERR_REASON(CPK_R_VERIFY_FAILED), "CPK_R_VERIFY_FAILED"},
{ERR_REASON(CPK_R_UNKNOWN_ECDH_TYPE), "CPK_R_UNKNOWN_ECDH_TYPE"},
{ERR_REASON(CPK_R_DIGEST_FAILED), "CPK_R_DIGEST_FAILED"},
{ERR_REASON(CPK_R_WITHOUT_DECRYPT_KEY), "CPK_R_WITHOUT_DECRYPT_KEY"},
{ERR_REASON(CPK_R_UNKNOWN_PKCS7_TYPE), "CPK_R_UNKNOWN_PKCS7_TYPE"},
{ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid identity length"},
{ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid public key type"},
{ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algorithm"},
{ERR_REASON(CPK_R_PKEY_TYPE_NOT_MATCH), "public key type not match"},
{0, NULL}
static ERR_STRING_DATA CPK_str_reasons[] = {
{ERR_REASON(CPK_R_ADD_SIGNING_TIME), "add signing time"},
{ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"},
{ERR_REASON(CPK_R_BAD_DATA), "bad data"},
{ERR_REASON(CPK_R_DERIVE_KEY_FAILED), "derive key failed"},
{ERR_REASON(CPK_R_DER_DECODE_FAILED), "der decode failed"},
{ERR_REASON(CPK_R_DIGEST_FAILED), "digest failed"},
{ERR_REASON(CPK_R_ECIES_DECRYPT_FAILED), "ecies decrypt failed"},
{ERR_REASON(CPK_R_ECIES_ENCRYPT_FAILED), "ecies encrypt failed"},
{ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid id length"},
{ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algor"},
{ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid pkey type"},
{ERR_REASON(CPK_R_MAP_FAILED), "map failed"},
{ERR_REASON(CPK_R_PKEY_TYPE_NOT_MATCH), "pkey type not match"},
{ERR_REASON(CPK_R_SET_RECIP_INFO), "set recip info"},
{ERR_REASON(CPK_R_SET_SIGNER), "set signer"},
{ERR_REASON(CPK_R_STACK_ERROR), "stack error"},
{ERR_REASON(CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST),
"unable to find message digest"},
{ERR_REASON(CPK_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
{ERR_REASON(CPK_R_UNKNOWN_CURVE), "unknown curve"},
{ERR_REASON(CPK_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
{ERR_REASON(CPK_R_UNKNOWN_ECDH_TYPE), "unknown ecdh type"},
{ERR_REASON(CPK_R_UNKNOWN_MAP_TYPE), "unknown map type"},
{ERR_REASON(CPK_R_UNKNOWN_PKCS7_TYPE), "unknown pkcs7 type"},
{ERR_REASON(CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE),
"unsupported pkcs7 content type"},
{ERR_REASON(CPK_R_VERIFY_FAILED), "verify failed"},
{ERR_REASON(CPK_R_WITHOUT_DECRYPT_KEY), "without decrypt key"},
{0, NULL}
};
#endif
@@ -117,10 +134,9 @@ void ERR_load_CPK_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) {
ERR_load_strings(0, CPK_str_functs);
ERR_load_strings(0, CPK_str_reasons);
}
if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) {
ERR_load_strings(0, CPK_str_functs);
ERR_load_strings(0, CPK_str_reasons);
}
#endif
}

126
crypto/cpk/cpk_err2.c Normal file
View File

@@ -0,0 +1,126 @@
/* crypto/cpk/cpk_err.c */
/* ====================================================================
* Copyright (c) 2007 - 2015 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/err.h>
#include "cpk.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason)
static ERR_STRING_DATA CPK_str_functs[] =
{
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS), "CPK_MASTER_SECRET_extract_public_params"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY), "CPK_MASTER_SECRET_extract_private_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY), "CPK_PUBLIC_PARAMS_extract_public_key"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY), "CPK_PUBLIC_PARAMS_compute_share_key"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_DIGEST), "CPK_F_CPK_MASTER_SECRET_digest"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_DIGEST), "CPK_F_CPK_PUBLIC_PARAMS_digest"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_PRINT), "CPK_F_CPK_MASTER_SECRET_print"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_PRINT), "CPK_F_CPK_PUBLIC_PARAMS_print"},
{ERR_FUNC(CPK_F_CPK_MASTER_SECRET_VALIDATE_PUBLIC_PARAMS), "CPK_F_CPK_MASTER_SECRET_validate_public_params"},
{ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY), "CPK_F_CPK_PUBLIC_PARAMS_validate_private_key"},
{ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_F_CPK_MAP_new_default"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_FACTORS), "CPK_F_CPK_MAP_num_factors"},
{ERR_FUNC(CPK_F_CPK_MAP_NUM_INDEXES), "CPK_F_CPK_MAP_num_indexes"},
{ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_F_CPK_MAP_STR2INDEX"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_ec_key"},
{ERR_FUNC(CPK_F_X509_ALGOR_GET1_DSA), "X509_ALGOR_get1_dsa"},
{0, NULL}
};
static ERR_STRING_DATA CPK_str_reasons[] =
{
{ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"},
{ERR_REASON(CPK_R_UNKNOWN_DIGEST_TYPE), "unknown digest algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_CIPHER_TYPE), "unknown cipher algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_MAP_TYPE), "unknown cpk map algorithm"},
{ERR_REASON(CPK_R_UNKNOWN_CURVE), "unknown elliptic curve"},
{ERR_REASON(CPK_R_STACK_ERROR), "stack error"},
{ERR_REASON(CPK_R_DERIVE_KEY_FAILED), "derive key failed"},
{ERR_REASON(CPK_R_ECIES_ENCRYPT_FAILED), "ecies encryption failed"},
{ERR_REASON(CPK_R_ECIES_DECRYPT_FAILED), "ecies decryption failed"},
{ERR_REASON(CPK_R_DER_DECODE_FAILED), "DER decode failed"},
{ERR_REASON(CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE),"CPK_R_UNSUPPORTED_PKCS7_CONTENT_TYPE"},
{ERR_REASON(CPK_R_SET_SIGNER), "CPK_R_SET_SIGNER"},
{ERR_REASON(CPK_R_SET_RECIP_INFO), "CPK_R_SET_RECIP_INFO"},
{ERR_REASON(CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST),"CPK_R_UNABLE_TO_FIND_MESSAGE_DIGEST"},
{ERR_REASON(CPK_R_BAD_DATA), "bad data"},
{ERR_REASON(CPK_R_MAP_FAILED), "CPK_R_MAP_FAILED"},
{ERR_REASON(CPK_R_ADD_SIGNING_TIME), "CPK_R_ADD_SIGNING_TIME"},
{ERR_REASON(CPK_R_VERIFY_FAILED), "CPK_R_VERIFY_FAILED"},
{ERR_REASON(CPK_R_UNKNOWN_ECDH_TYPE), "CPK_R_UNKNOWN_ECDH_TYPE"},
{ERR_REASON(CPK_R_DIGEST_FAILED), "CPK_R_DIGEST_FAILED"},
{ERR_REASON(CPK_R_WITHOUT_DECRYPT_KEY), "CPK_R_WITHOUT_DECRYPT_KEY"},
{ERR_REASON(CPK_R_UNKNOWN_PKCS7_TYPE), "CPK_R_UNKNOWN_PKCS7_TYPE"},
{ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid identity length"},
{ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid public key type"},
{ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algorithm"},
{ERR_REASON(CPK_R_PKEY_TYPE_NOT_MATCH), "public key type not match"},
{0, NULL}
};
#endif
void ERR_load_CPK_strings(void)
{
#ifndef OPENSSL_NO_ERR
if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) {
ERR_load_strings(0, CPK_str_functs);
ERR_load_strings(0, CPK_str_reasons);
}
#endif
}

121
crypto/cpk/cpk_lib.c
View File

@@ -250,7 +250,7 @@ CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *ma
break;
default:
CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_PKEY_TYPE);
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_INVALID_PKEY_TYPE);
goto err;
}
return param;
@@ -562,34 +562,24 @@ static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *para
unsigned char *pub_ptr;
if (!pri || !pub || !ctx) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(dsa = (DSA *)X509_ALGOR_get1_DSA(master->pkey_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_BAD_DATA);
goto err;
}
pri_size = BN_num_bytes(dsa->q);
pub_size = BN_num_bytes(dsa->p);
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (M_ASN1_STRING_length(master->secret_factors) != pri_size * num_factors) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_BAD_DATA);
goto err;
}
ASN1_STRING_free(param->public_factors);
if (!ASN1_STRING_set(param->public_factors, NULL, pub_size * num_factors)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -600,24 +590,16 @@ static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *para
for (i = 0; i < num_factors; i++) {
if (!BN_bin2bn(pri_ptr, pri_size, pri)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(pri) || BN_cmp(pri, dsa->q) >= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_BAD_DATA);
goto err;
}
if (!BN_mod_exp(pub, dsa->g, pri, dsa->p, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_BN_LIB);
goto err;
}
if (!BN_bn2bin(pub, pub_ptr + pub_size - BN_num_bytes(pub))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_BN_LIB);
goto err;
}
@@ -646,35 +628,23 @@ static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id)
if (!bn || !ctx) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(dsa = X509_ALGOR_get1_DSA(master->pkey_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_BAD_DATA);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!CPK_MAP_str2index(master->map_algor, id, index)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!dsa->priv_key) {
if (!(dsa->priv_key = BN_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
}
@@ -684,30 +654,21 @@ static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id)
for (i = 0; i < num_indexes; i++) {
p = M_ASN1_STRING_data(master->secret_factors) + bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, dsa->q) >= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_BAD_DATA);
goto err;
}
if (!BN_mod_add(dsa->priv_key, dsa->priv_key, bn, dsa->q, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_X509_LIB);
goto err;
}
}
if (!(dsa->pub_key))
if (!(dsa->pub_key = BN_new())) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, ERR_R_BN_LIB);
goto err;
}
e = 0;
@@ -735,35 +696,23 @@ static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
if (!bn || !ctx) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(dsa = X509_ALGOR_get1_DSA(param->pkey_algor))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_BAD_DATA);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!CPK_MAP_str2index(param->map_algor, id, index)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!dsa->pub_key) {
if (!(dsa->pub_key = BN_new())) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
}
@@ -773,18 +722,12 @@ static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
for (i = 0; i < num_indexes; i++) {
p = M_ASN1_STRING_data(param->public_factors) + bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, dsa->p) >= 0) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_BAD_DATA);
goto err;
}
if (!BN_mod_add(dsa->pub_key, dsa->pub_key, bn, dsa->p, ctx)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_X509_LIB);
goto err;
}
}
@@ -860,35 +803,26 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
unsigned char *pt_ptr;
if (!bn || !order || !ctx) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_BAD_DATA);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(EC_GROUP_get_order(ec_group, order, ctx))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, ERR_R_EC_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
pt_size = bn_size + 1;
if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (M_ASN1_STRING_length(master->secret_factors) != bn_size * num_factors) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_BAD_DATA);
goto err;
}
if (!ASN1_STRING_set(param->public_factors, NULL, pt_size * num_factors)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -897,30 +831,21 @@ static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param
memset(pt_ptr, 0, M_ASN1_STRING_length(param->public_factors));
if (!(pt = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, ERR_R_X509_LIB);
goto err;
}
for (i = 0; i < num_factors; i++) {
if (!BN_bin2bn(bn_ptr, bn_size, bn)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
CPK_R_BAD_DATA);
goto err;
}
if (!EC_POINT_mul(ec_group, pt, bn, NULL, NULL, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_EC_LIB);
goto err;
}
if (!EC_POINT_point2oct(ec_group, pt,
POINT_CONVERSION_COMPRESSED, pt_ptr, pt_size, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS,
ERR_R_EC_LIB);
goto err;
}
bn_ptr += bn_size;
@@ -954,41 +879,29 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
if (!priv_key || !bn || !order || !ctx) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, ERR_R_CPK_LIB);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(pub_key = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_MALLOC_FAILURE);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!CPK_MAP_str2index(master->map_algor, id, index)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
BN_zero(priv_key);
if (!(EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, ctx))) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, ERR_R_EC_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
@@ -999,33 +912,23 @@ static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id)
bn_size * index[i];
if (!BN_bin2bn(p, bn_size, bn)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
CPK_R_BAD_DATA);
goto err;
}
if (!BN_mod_add(priv_key, priv_key, bn, order, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, ERR_R_BN_LIB);
goto err;
}
}
if (!EC_KEY_set_private_key(ec_key, priv_key)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_EC_LIB);
goto err;
}
if (!EC_POINT_mul(ec_group, pub_key, priv_key, NULL, NULL, ctx)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_EC_LIB);
goto err;
}
if (!EC_KEY_set_public_key(ec_key, pub_key)) {
CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY,
ERR_R_EC_LIB);
goto err;
}
e = 0;
@@ -1058,55 +961,39 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
int i, bn_size, pt_size, num_indexes, num_factors;
if (!(ec_key = X509_ALGOR_get1_EC_KEY(param->pkey_algor))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_CPK_LIB);
goto err;
}
ec_group = EC_KEY_get0_group(ec_key);
if (!(pub_key = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, ERR_R_EC_LIB);
goto err;
}
if (!(pt = EC_POINT_new(ec_group))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, ERR_R_EC_LIB);
goto err;
}
if (!EC_GROUP_get_order(ec_group, order, ctx)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, ERR_R_EC_LIB);
goto err;
}
bn_size = BN_num_bytes(order);
pt_size = bn_size + 1;
if ((num_factors = CPK_MAP_num_factors(param->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_CPK_LIB);
goto err;
}
if (M_ASN1_STRING_length(param->public_factors) != pt_size * num_factors) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_BAD_DATA);
goto err;
}
if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!CPK_MAP_str2index(param->map_algor, id, index)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_INVALID_MAP_ALGOR);
goto err;
}
if (!EC_POINT_set_to_infinity(ec_group, pub_key)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, ERR_R_EC_LIB);
goto err;
}
for (i = 0; i < num_indexes; i++) {
@@ -1115,20 +1002,14 @@ static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id)
pt_size * index[i];
if (!EC_POINT_oct2point(ec_group, pt, p, pt_size, ctx)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
CPK_R_BAD_DATA);
goto err;
}
if (!EC_POINT_add(ec_group, pub_key, pub_key, pt, ctx)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_EC_LIB);
goto err;
}
}
if (!EC_KEY_set_public_key(ec_key, pub_key)) {
CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY,
ERR_R_EC_LIB);
goto err;
}
e = 0;