mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-06-16 18:03:39 +08:00
Update version to 2.4.0
Since this version SM9 is offically supported.
This commit is contained in:
Zhi Guan
@@ -74,7 +74,7 @@ int SM9_generate_key_exchange(unsigned char *R, size_t *Rlen,
|
||||
BN_CTX *bn_ctx = NULL;
|
||||
BIGNUM *h = NULL;
|
||||
const EVP_MD *md;
|
||||
int point_form = POINT_CONVERSION_COMPRESSED;
|
||||
int point_form = POINT_CONVERSION_UNCOMPRESSED;
|
||||
const BIGNUM *p = SM9_get0_prime();
|
||||
const BIGNUM *n = SM9_get0_order();
|
||||
fp12_t g;
|
||||
@@ -155,12 +155,12 @@ end:
|
||||
EC_GROUP_free(group);
|
||||
EC_POINT_free(Ppube);
|
||||
EC_POINT_free(Q);
|
||||
BN_free(h);
|
||||
fp12_cleanup(g);
|
||||
if (bn_ctx) {
|
||||
BN_CTX_end(bn_ctx);
|
||||
}
|
||||
BN_CTX_free(bn_ctx);
|
||||
BN_free(h);
|
||||
fp12_cleanup(g);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -193,6 +193,17 @@ int SM9_compute_share_key_A(int type,
|
||||
unsigned char dgst[EVP_MAX_MD_SIZE];
|
||||
unsigned int dgstlen;
|
||||
|
||||
switch (type) {
|
||||
case NID_sm9kdf_with_sm3:
|
||||
md = EVP_sm3();
|
||||
break;
|
||||
case NID_sm9kdf_with_sha256:
|
||||
md = EVP_sha256();
|
||||
break;
|
||||
default:
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* get IDA */
|
||||
IDA = ASN1_STRING_get0_data(skA->identity);
|
||||
IDAlen = ASN1_STRING_length(skA->identity);
|
||||
@@ -232,7 +243,7 @@ int SM9_compute_share_key_A(int type,
|
||||
}
|
||||
|
||||
/* g3' = (g2')^r_A */
|
||||
if (!fp12_pow(g, g, rA, p, bn_ctx) || fp12_to_bin(g, buf + 384)) {
|
||||
if (!fp12_pow(g, g, rA, p, bn_ctx) || !fp12_to_bin(g, buf + 384)) {
|
||||
SM9err(SM9_F_SM9_COMPUTE_SHARE_KEY_A, ERR_R_SM9_LIB);
|
||||
goto end;
|
||||
}
|
||||
@@ -284,6 +295,7 @@ int SM9_compute_share_key_A(int type,
|
||||
|| !EVP_DigestUpdate(md_ctx, RB + 1, 64)
|
||||
|| !EVP_DigestUpdate(md_ctx, g1, 384)
|
||||
|| !EVP_DigestUpdate(md_ctx, buf, sizeof(buf))
|
||||
|| !EVP_DigestUpdate(md_ctx, counter, 4)
|
||||
|| !EVP_DigestFinal_ex(md_ctx, key, &len)) {
|
||||
SM9err(SM9_F_SM9_COMPUTE_SHARE_KEY_A, ERR_R_EVP_LIB);
|
||||
goto end;
|
||||
@@ -355,6 +367,17 @@ int SM9_compute_share_key_B(int type,
|
||||
unsigned char key[EVP_MAX_MD_SIZE];
|
||||
unsigned int len;
|
||||
|
||||
switch (type) {
|
||||
case NID_sm9kdf_with_sm3:
|
||||
md = EVP_sm3();
|
||||
break;
|
||||
case NID_sm9kdf_with_sha256:
|
||||
md = EVP_sha256();
|
||||
break;
|
||||
default:
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* get IDB */
|
||||
IDB = ASN1_STRING_get0_data(skB->identity);
|
||||
IDBlen = ASN1_STRING_length(skB->identity);
|
||||
@@ -394,7 +417,7 @@ int SM9_compute_share_key_B(int type,
|
||||
}
|
||||
|
||||
/* g3 = (g1)^r_B */
|
||||
if (!fp12_pow(g, g, rB, p, bn_ctx) || fp12_to_bin(g, g3)) {
|
||||
if (!fp12_pow(g, g, rB, p, bn_ctx) || !fp12_to_bin(g, g3)) {
|
||||
SM9err(SM9_F_SM9_COMPUTE_SHARE_KEY_B, ERR_R_SM9_LIB);
|
||||
goto end;
|
||||
}
|
||||
@@ -409,6 +432,7 @@ int SM9_compute_share_key_B(int type,
|
||||
|| !EVP_DigestUpdate(md_ctx, g1, 384)
|
||||
|| !EVP_DigestUpdate(md_ctx, g2, 384)
|
||||
|| !EVP_DigestUpdate(md_ctx, g3, 384)
|
||||
|| !EVP_DigestUpdate(md_ctx, counter, 4)
|
||||
|| !EVP_DigestFinal_ex(md_ctx, key, &len)) {
|
||||
SM9err(SM9_F_SM9_COMPUTE_SHARE_KEY_B, ERR_R_EVP_LIB);
|
||||
goto end;
|
||||
|
||||
@@ -101,7 +101,7 @@ int SM9_hash1(const EVP_MD *md, BIGNUM **r, const char *id, size_t idlen,
|
||||
}
|
||||
|
||||
if (!EVP_DigestInit_ex(ctx1, md, NULL)
|
||||
|| !EVP_DigestUpdate(ctx1, prefix, sizeof(prefix))
|
||||
|| !EVP_DigestUpdate(ctx1, prefix, sizeof(prefix))
|
||||
|| !EVP_DigestUpdate(ctx1, id, idlen)
|
||||
|| !EVP_DigestUpdate(ctx1, &hid, 1)
|
||||
|| !EVP_MD_CTX_copy(ctx2, ctx1)
|
||||
@@ -249,10 +249,9 @@ SM9PrivateKey *SM9_extract_private_key(SM9MasterSecret *msk,
|
||||
EC_GROUP_free(group);
|
||||
EC_POINT_free(ds);
|
||||
|
||||
} else if (scheme == NID_sm9encrypt) {
|
||||
|
||||
} else {
|
||||
point_t de;
|
||||
|
||||
|
||||
/* de = t2 * P2 */
|
||||
if (!point_init(&de, ctx)
|
||||
|| !point_mul_generator(&de, t, p, ctx)
|
||||
@@ -262,6 +261,7 @@ SM9PrivateKey *SM9_extract_private_key(SM9MasterSecret *msk,
|
||||
}
|
||||
|
||||
point_cleanup(&de);
|
||||
|
||||
}
|
||||
|
||||
ASN1_OBJECT_free(sk->pairing);
|
||||
|
||||
@@ -53,6 +53,15 @@
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/sm9.h>
|
||||
|
||||
/* private key extract algorithms */
|
||||
#define SM9_HID_SIGN 0x01
|
||||
#define SM9_HID_EXCH 0x02
|
||||
#define SM9_HID_ENC 0x03
|
||||
|
||||
#define SM9_HASH1 0x01
|
||||
#define SM9_HASH2 0x02
|
||||
|
||||
|
||||
/* Curve ID */
|
||||
/* non-supersingular curve over Fp */
|
||||
#define SM9_CID_TYPE0CURVE 0x10
|
||||
|
||||
@@ -133,7 +133,7 @@ SM9MasterSecret *SM9_generate_master_secret(int pairing, int scheme, int hash1)
|
||||
|| !point_mul_generator(&Ppubs, msk->masterSecret, p, ctx)
|
||||
|| !point_to_octets(&Ppubs, buf, ctx)) {
|
||||
SM9err(SM9_F_SM9_GENERATE_MASTER_SECRET, SM9_R_TWIST_CURVE_ERROR);
|
||||
point_cleanup(&Ppubs);
|
||||
point_cleanup(&Ppubs);
|
||||
goto end;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user