mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-07 17:06:25 +08:00
Update SM9 encrypt
This commit is contained in:
Zhi Guan
@@ -52,8 +52,19 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/sm2.h>
|
||||
#include <openssl/sm9.h>
|
||||
#include <openssl/hmac.h>
|
||||
#include "sm9_lcl.h"
|
||||
|
||||
/*
|
||||
int SM9_do_wrap_key(const EVP_MD *kdf_md
|
||||
unsigned char *key, size_t keylen, EC_POINT *C,
|
||||
SM9PublicKey *pk);
|
||||
|
||||
int SM9_do_unwrap_key(const EVP_MD *kdf_md,
|
||||
unsigned char *key, size_t keylen, const EC_POINT *C,
|
||||
SM9PublicKey *pk);
|
||||
*/
|
||||
|
||||
int SM9_unwrap_key(int type,
|
||||
unsigned char *key, size_t keylen,
|
||||
const unsigned char *enced_key, size_t enced_len,
|
||||
@@ -330,7 +341,80 @@ int SM9_encrypt(int type,
|
||||
unsigned char *out, size_t *outlen,
|
||||
SM9PublicParameters *mpk, const char *id, size_t idlen)
|
||||
{
|
||||
return 0;
|
||||
int ret = 0;
|
||||
SM9Ciphertext *sm9cipher = NULL;
|
||||
int kdf;
|
||||
const EVP_MD *md;
|
||||
unsigned char *key = NULL;
|
||||
size_t keylen;
|
||||
unsigned char C1[1 + 64];
|
||||
size_t C1_len;
|
||||
unsigned char mac[EVP_MAX_MD_SIZE];
|
||||
unsigned int maclen = sizeof(mac);
|
||||
int len, i;
|
||||
|
||||
/* parse type */
|
||||
switch (type) {
|
||||
case NID_sm9encrypt_with_sm3_xor:
|
||||
kdf = NID_sm9kdf_with_sm3;
|
||||
md = EVP_sm3();
|
||||
break;
|
||||
/*
|
||||
case NID_sm9encrypt_with_sha256_xor:
|
||||
kdf = NID_sm9kdf_with_sha256;
|
||||
md = EVP_sha256();
|
||||
break;
|
||||
*/
|
||||
case NID_sm9encrypt_with_sm3_sms4_cbc:
|
||||
case NID_sm9encrypt_with_sm3_sms4_ctr:
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
|
||||
keylen = inlen + EVP_MD_size(md);
|
||||
|
||||
/* malloc */
|
||||
if (!(sm9cipher = SM9Ciphertext_new())
|
||||
|| !(key = OPENSSL_malloc(keylen))) {
|
||||
SM9err(SM9_F_SM9_ENCRYPT, ERR_R_MALLOC_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* C1 */
|
||||
if (!SM9_wrap_key(kdf, key, keylen, C1, &C1_len, mpk, id, idlen)) {
|
||||
SM9err(SM9_F_SM9_ENCRYPT, ERR_R_SM9_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* C2 = M xor K1 */
|
||||
for (i = 0; i < inlen; i++) {
|
||||
key[i] ^= in[i];
|
||||
}
|
||||
|
||||
/* C3 = MAC(K2, C2) */
|
||||
HMAC(md, key + inlen, EVP_MD_size(md), key, inlen, mac, &maclen);
|
||||
|
||||
/* compose SM9Ciphertext */
|
||||
if (!ASN1_STRING_set(sm9cipher->pointC1, C1, C1_len)
|
||||
|| !ASN1_STRING_set(sm9cipher->c2, key, inlen)
|
||||
|| !ASN1_STRING_set(sm9cipher->c3, mac, maclen)) {
|
||||
SM9err(SM9_F_SM9_ENCRYPT, ERR_R_SM9_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* encode sm9 ciphertext */
|
||||
if ((len = i2d_SM9Ciphertext(sm9cipher, &out)) <= 0) {
|
||||
SM9err(SM9_F_SM9_ENCRYPT, ERR_R_SM9_LIB);
|
||||
goto end;
|
||||
}
|
||||
*outlen = len;
|
||||
|
||||
ret = 1;
|
||||
|
||||
end:
|
||||
OPENSSL_free(sm9cipher);
|
||||
OPENSSL_clear_free(key, keylen);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int SM9_decrypt(int type,
|
||||
@@ -340,18 +424,3 @@ int SM9_decrypt(int type,
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
SM9Ciphertext *SM9_do_encrypt(const SM9EncParameters *encparams,
|
||||
const unsigned char *in, size_t inlen,
|
||||
SM9PublicKey *pk)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
int SM9_do_decrypt(const SM9EncParameters *encparams,
|
||||
const SM9Ciphertext *in,
|
||||
unsigned char *out, size_t *outlen,
|
||||
SM9PrivateKey *sk)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -41,9 +41,9 @@ extern "C" {
|
||||
*/
|
||||
# define OPENSSL_VERSION_NUMBER 0x1010004fL
|
||||
# ifdef OPENSSL_FIPS
|
||||
# define OPENSSL_VERSION_TEXT "GmSSL 2.3.4 - OpenSSL 1.1.0d-fips 5 Oct 2018"
|
||||
# define OPENSSL_VERSION_TEXT "GmSSL 2.3.4 - OpenSSL 1.1.0d-fips 6 Oct 2018"
|
||||
# else
|
||||
# define OPENSSL_VERSION_TEXT "GmSSL 2.3.4 - OpenSSL 1.1.0d 5 Oct 2018"
|
||||
# define OPENSSL_VERSION_TEXT "GmSSL 2.3.4 - OpenSSL 1.1.0d 6 Oct 2018"
|
||||
# endif
|
||||
|
||||
/*-
|
||||
|
||||
@@ -126,7 +126,6 @@ int SM9_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine);
|
||||
#define SM9_VerifyUpdate(ctx,d,l) EVP_DigestUpdate(ctx,d,l)
|
||||
int SM9_VerifyFinal(EVP_MD_CTX *ctx, const SM9Signature *sig, SM9PublicKey *pk);
|
||||
|
||||
|
||||
int SM9_wrap_key(int type, /* NID_sm9kdf_with_sm3 */
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *enced_key, size_t *enced_len,
|
||||
@@ -137,17 +136,7 @@ int SM9_unwrap_key(int type,
|
||||
const unsigned char *enced_key, size_t enced_len,
|
||||
SM9PrivateKey *sk);
|
||||
|
||||
|
||||
|
||||
typedef struct {
|
||||
const EVP_MD *kdf_md;
|
||||
const EVP_CIPHER *enc_cipher;
|
||||
const EVP_CIPHER *cmac_cipher;
|
||||
const EVP_CIPHER *cbcmac_cipher;
|
||||
const EVP_MD *hmac_md;
|
||||
} SM9EncParameters;
|
||||
|
||||
int SM9_encrypt(int type,
|
||||
int SM9_encrypt(int type, /* NID_sm9encrypt_with_sm3_xor */
|
||||
const unsigned char *in, size_t inlen,
|
||||
unsigned char *out, size_t *outlen,
|
||||
SM9PublicParameters *mpk, const char *id, size_t idlen);
|
||||
@@ -157,15 +146,6 @@ int SM9_decrypt(int type,
|
||||
unsigned char *out, size_t *outlen,
|
||||
SM9PrivateKey *sk);
|
||||
|
||||
SM9Ciphertext *SM9_do_encrypt(const SM9EncParameters *encparams,
|
||||
const unsigned char *in, size_t inlen,
|
||||
SM9PublicKey *pk);
|
||||
|
||||
int SM9_do_decrypt(const SM9EncParameters *encparams,
|
||||
const SM9Ciphertext *in,
|
||||
unsigned char *out, size_t *outlen,
|
||||
SM9PrivateKey *sk);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(SM9MasterSecret)
|
||||
DECLARE_ASN1_FUNCTIONS(SM9PublicParameters)
|
||||
DECLARE_ASN1_FUNCTIONS(SM9PrivateKey)
|
||||
|
||||
Reference in New Issue
Block a user