diff --git a/CMakeLists.txt b/CMakeLists.txt index b48a3d6a..b07e72a3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -93,6 +93,7 @@ set(tools tools/gmssl.c tools/version.c tools/sm4.c + tools/sm4_ctr.c tools/sm3.c tools/sm3hmac.c tools/sm3xmss_keygen.c @@ -324,6 +325,14 @@ if (ENABLE_SM3_SSE) list(INSERT src ${sm3_index} src/sm3_sse.c) endif() +option(ENABLE_SM3_ARM_NEON "Enable SM3 Arm Neon implementation (10% faster on Apple M2)" OFF) +if (ENABLE_SM3_ARM_NEON) + message(STATUS "ENABLE_SM3_ARM_NEON is ON") + list(FIND src src/sm3.c index) + list(REMOVE_AT src ${index}) + list(INSERT src ${index} src/sm3_arm_neon.c) +endif() + if (ENABLE_SM4_TBOX) message(STATUS "ENABLE_SM4_TBOX is ON") list(FIND src src/sm4.c sm4_index) diff --git a/tools/gmssl.c b/tools/gmssl.c index b5243f83..3405def3 100644 --- a/tools/gmssl.c +++ b/tools/gmssl.c @@ -36,6 +36,7 @@ extern int sm3_main(int argc, char **argv); extern int sm3hmac_main(int argc, char **argv); extern int sm3xmss_keygen_main(int argc, char **argv); extern int sm4_main(int argc, char **argv); +extern int sm4_ctr_main(int argc, char **argv); extern int zuc_main(int argc, char **argv); extern int sm9setup_main(int argc, char **argv); extern int sm9keygen_main(int argc, char **argv); @@ -78,6 +79,7 @@ static const char *options = " sm3hmac Generate SM3 HMAC tag\n" " sm3xmss_keygen Generate SM3-XMSS keypair\n" " sm4 Encrypt or decrypt with SM4\n" + " sm4_ctr Encrypt or decrypt with SM4 CTR\n" " zuc Encrypt or decrypt with ZUC\n" " sm9setup Generate SM9 master secret\n" " sm9keygen Generate SM9 private key\n" @@ -182,6 +184,8 @@ int main(int argc, char **argv) return sm3xmss_keygen_main(argc, argv); } else if (!strcmp(*argv, "sm4")) { return sm4_main(argc, argv); + } else if (!strcmp(*argv, "sm4_ctr")) { + return sm4_ctr_main(argc, argv); } else if (!strcmp(*argv, "zuc")) { return zuc_main(argc, argv); } else if (!strcmp(*argv, "sm9setup")) { diff --git a/tools/sm4_ctr.c b/tools/sm4_ctr.c new file mode 100755 index 00000000..9027bd3b --- /dev/null +++ b/tools/sm4_ctr.c @@ -0,0 +1,171 @@ +/* + * Copyright 2014-2024 The GmSSL Project. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the License); you may + * not use this file except in compliance with the License. + * + * http://www.apache.org/licenses/LICENSE-2.0 + */ + + +#include +#include +#include +#include +#include +#include +#include +#include + + +static const char *usage = "-key hex -iv hex [-in file] [-out file]"; + +static const char *options = +"Options\n" +"\n" +" -encrypt Encrypt\n" +" -decrypt Decrypt\n" +" -key hex Symmetric key in HEX format\n" +" -iv hex IV in HEX format\n" +" -in file | stdin Input data\n" +" -out file | stdout Output data\n" +"\n" +"Examples" +"\n" +" echo \"hello\" | gmssl sm4_ctr -key 11223344556677881122334455667788 -iv 112233445566778811223344 -out ciphertext.bin\n" +"\n"; + +int sm4_ctr_main(int argc, char **argv) +{ + int ret = 1; + char *prog = argv[0]; + char *keyhex = NULL; + char *ivhex = NULL; + char *infile = NULL; + char *outfile = NULL; + + uint8_t key[16]; + size_t keylen; + uint8_t iv[16]; + size_t ivlen; + FILE *infp = stdin; + FILE *outfp = stdout; + + SM4_CTR_CTX ctx; + uint8_t inbuf[4096]; + size_t inlen; + uint8_t outbuf[4096]; // should sizeof(outbuf) > sizeof(inbuf) ? + size_t outlen; + + argc--; + argv++; + + if (argc < 1) { + fprintf(stderr, "usage: %s %s\n", prog, usage); + return 1; + } + + while (argc > 0) { + if (!strcmp(*argv, "-help")) { + printf("usage: gmssl %s %s\n", prog, usage); + printf("%s\n", options); + ret = 0; + goto end; + } else if (!strcmp(*argv, "-key")) { + if (--argc < 1) goto bad; + keyhex = *(++argv); + if (strlen(keyhex) != sizeof(key) * 2) { + fprintf(stderr, "%s: invalid key length\n", prog); + goto end; + } + if (hex_to_bytes(keyhex, strlen(keyhex), key, &keylen) != 1) { + fprintf(stderr, "%s: invalid key hex digits\n", prog); + goto end; + } + } else if (!strcmp(*argv, "-iv")) { + if (--argc < 1) goto bad; + ivhex = *(++argv); + if (strlen(ivhex) != sizeof(iv) * 2) { + fprintf(stderr, "%s: invalid IV length\n", prog); + goto end; + } + if (hex_to_bytes(ivhex, strlen(ivhex), iv, &ivlen) != 1) { + fprintf(stderr, "%s: invalid IV hex digits\n", prog); + goto end; + } + } else if (!strcmp(*argv, "-encrypt")) { + // ignore this option + } else if (!strcmp(*argv, "-decrypt")) { + // ignore this option + } else if (!strcmp(*argv, "-in")) { + if (--argc < 1) goto bad; + infile = *(++argv); + if (!(infp = fopen(infile, "rb"))) { + fprintf(stderr, "%s: open '%s' failure : %s\n", prog, infile, strerror(errno)); + goto end; + } + } else if (!strcmp(*argv, "-out")) { + if (--argc < 1) goto bad; + outfile = *(++argv); + if (!(outfp = fopen(outfile, "wb"))) { + fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno)); + goto end; + } + } else { + fprintf(stderr, "%s: illegal option `%s`\n", prog, *argv); + goto end; +bad: + fprintf(stderr, "%s: `%s` option value missing\n", prog, *argv); + goto end; + } + + argc--; + argv++; + } + + if (!keyhex) { + fprintf(stderr, "%s: option `-key` missing\n", prog); + goto end; + } + if (!ivhex) { + fprintf(stderr, "%s: option `-iv` missing\n", prog); + goto end; + } + + if (sm4_ctr_encrypt_init(&ctx, key, iv) != 1) { + error_print(); + goto end; + } + + while ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) > 0) { + if (sm4_ctr_encrypt_update(&ctx, inbuf, inlen, outbuf, &outlen) != 1) { + error_print(); + goto end; + } + if (fwrite(outbuf, 1, outlen, outfp) != outlen) { + fprintf(stderr, "%s: output failure : %s\n", prog, strerror(errno)); + goto end; + } + } + + if (sm4_ctr_encrypt_finish(&ctx, outbuf, &outlen) != 1) { + error_print(); + goto end; + } + if (fwrite(outbuf, 1, outlen, outfp) != outlen) { + fprintf(stderr, "%s: output failure : %s\n", prog, strerror(errno)); + goto end; + } + + ret = 0; + +end: + gmssl_secure_clear(key, sizeof(key)); + gmssl_secure_clear(iv, sizeof(iv)); + if (infile && infp) fclose(infp); + if (outfile && outfp) fclose(outfp); + gmssl_secure_clear(&ctx, sizeof(ctx)); + gmssl_secure_clear(inbuf, sizeof(inbuf)); + gmssl_secure_clear(outbuf, sizeof(outbuf)); + return ret; +}