/* * Copyright 2014-2021 The GmSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include "sdf.h" #include "sdf_int.h" #include "sdf_sansec.h" #define SDFerr(a,b) typedef struct { unsigned int std_id; unsigned int vendor_id; } SDF_ALGOR_PAIR; static SDF_ALGOR_PAIR sansec_ciphers[] = { { SGD_SM1, SANSEC_SM1 }, { SGD_SM1_ECB, SANSEC_SM1_ECB }, { SGD_SM1_CBC, SANSEC_SM1_CBC }, { SGD_SM1_CFB, SANSEC_SM1_CFB }, { SGD_SM1_OFB, SANSEC_SM1_OFB }, { SGD_SM1_MAC, SANSEC_SM1_MAC }, { SGD_SM4, SANSEC_SM4 }, { SGD_SM4_ECB, SANSEC_SM4_ECB }, { SGD_SM4_CBC, SANSEC_SM4_CBC }, { SGD_SM4_CFB, SANSEC_SM4_CFB }, { SGD_SM4_OFB, SANSEC_SM4_OFB }, { SGD_SM4_MAC, SANSEC_SM4_MAC }, { SGD_SSF33, SANSEC_SSF33 }, { SGD_SSF33_ECB, SANSEC_SSF33_ECB }, { SGD_SSF33_CBC, SANSEC_SSF33_CBC }, { SGD_SSF33_CFB, SANSEC_SSF33_CFB }, { SGD_SSF33_OFB, SANSEC_SSF33_OFB }, { SGD_SSF33_MAC, SANSEC_SSF33_MAC }, { 0, SANSEC_AES }, { 0, SANSEC_AES_ECB }, { 0, SANSEC_AES_CBC }, { 0, SANSEC_AES_CFB }, { 0, SANSEC_AES_OFB }, { 0, SANSEC_AES_MAC }, { 0, SANSEC_DES }, { 0, SANSEC_DES_ECB }, { 0, SANSEC_DES_CBC }, { 0, SANSEC_DES_CFB }, { 0, SANSEC_DES_OFB }, { 0, SANSEC_DES_MAC }, { 0, SANSEC_3DES }, { 0, SANSEC_3DES_ECB }, { 0, SANSEC_3DES_CBC }, { 0, SANSEC_3DES_CFB }, { 0, SANSEC_3DES_OFB }, { 0, SANSEC_3DES_MAC }, }; static unsigned int sansec_cipher_vendor2std(unsigned int vendor_id) { size_t i; for (i = 0; i < sizeof(sansec_ciphers)/sizeof(sansec_ciphers[0]); i++) { if (vendor_id == sansec_ciphers[i].vendor_id) { return sansec_ciphers[i].std_id; } } return 0; } static unsigned int sansec_cipher_std2vendor(unsigned int std_id) { size_t i; for (i = 0; i < sizeof(sansec_ciphers)/sizeof(sansec_ciphers[0]); i++) { if (std_id == sansec_ciphers[i].std_id) { return sansec_ciphers[i].vendor_id; } } return 0; } static unsigned int sansec_cipher_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; size_t i; for (i = 0; i < sizeof(sansec_ciphers)/sizeof(sansec_ciphers[0]); i++) { if (vendor_cap & sansec_ciphers[i].vendor_id) { std_cap |= sansec_ciphers[i].std_id; } } return std_cap; } static SDF_ALGOR_PAIR sansec_digests[] = { { SGD_SM3, SANSEC_SM3 }, { SGD_SHA1, SANSEC_SHA1 }, { SGD_SHA256, SANSEC_SHA256 }, { 0, SANSEC_SHA512 }, { 0, SANSEC_SHA384 }, { 0, SANSEC_SHA224 }, { 0, SANSEC_MD5 }, }; static unsigned int sansec_digest_vendor2std(unsigned int vendor_id) { size_t i; for (i = 0; i < sizeof(sansec_digests)/sizeof(sansec_digests[0]); i++) { if (vendor_id == sansec_digests[i].vendor_id) { return sansec_digests[i].std_id; } } return 0; } static unsigned int sansec_digest_std2vendor(unsigned int std_id) { size_t i; for (i = 0; i < sizeof(sansec_digests)/sizeof(sansec_digests[0]); i++) { if (std_id == sansec_digests[i].std_id) { return sansec_digests[i].vendor_id; } } return 0; } static unsigned int sansec_digest_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; size_t i; for (i = 0; i < sizeof(sansec_digests)/sizeof(sansec_digests[0]); i++) { if (vendor_cap & sansec_digests[i].vendor_id) { std_cap |= sansec_digests[i].std_id; } } return std_cap; } static SDF_ALGOR_PAIR sansec_pkeys[] = { { SGD_RSA,SANSEC_RSA }, { SGD_RSA_SIGN,SANSEC_RSA_SIGN }, { SGD_RSA_ENC,SANSEC_RSA_ENC }, { SGD_SM2,SANSEC_SM2 }, { SGD_SM2_1,SANSEC_SM2_1 }, { SGD_SM2_2,SANSEC_SM2_2 }, { SGD_SM2_3,SANSEC_SM2_3 }, }; static unsigned int sansec_pkey_vendor2std(unsigned int vendor_id) { size_t i; for (i = 0; i < sizeof(sansec_pkeys)/sizeof(sansec_pkeys[0]); i++) { if (vendor_id == sansec_pkeys[i].vendor_id) { return sansec_pkeys[i].std_id; } } return 0; } static unsigned int sansec_pkey_std2vendor(unsigned int std_id) { size_t i; for (i = 0; i < sizeof(sansec_pkeys)/sizeof(sansec_pkeys[0]); i++) { if (std_id == sansec_pkeys[i].std_id) { return sansec_pkeys[i].vendor_id; } } return 0; } static unsigned int sansec_pkey_cap(unsigned int vendor_cap) { unsigned int std_cap = 0; size_t i; for (i = 0; i < sizeof(sansec_pkeys)/sizeof(sansec_pkeys[0]); i++) { if (vendor_cap & sansec_pkeys[i].vendor_id) { std_cap |= sansec_pkeys[i].std_id; } } return std_cap; } static int sansec_encode_ecccipher(const ECCCipher *ec, void *vendor) { int ret; SANSEC_ECCCipher *sansec = vendor; ret = sizeof(SANSEC_ECCCipher); if (ec->L > sizeof(sansec->C)) { SDFerr(SDF_F_SANSEC_ENCODE_ECCCIPHER, SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH); return 0; } if (vendor) { sansec->clength = ec->L; memcpy(sansec->x, ec->x, sizeof(ec->x)); memcpy(sansec->y, ec->y, sizeof(ec->y)); memcpy(sansec->M, ec->M, sizeof(ec->M)); memset(sansec->M + sizeof(ec->M), 0, sizeof(sansec->M) - sizeof(ec->M)); memcpy(sansec->C, ec->C, ec->L); memset(sansec->C + ec->L, 0, sizeof(sansec->C) - ec->L); } return ret; } static int sansec_decode_ecccipher(ECCCipher *ec, const void *vendor) { int ret; const SANSEC_ECCCipher *sansec = vendor; ret = sizeof(ECCCipher) -1 + sansec->clength; if (sansec->clength > sizeof(sansec->C)) { SDFerr(SDF_F_SANSEC_DECODE_ECCCIPHER, SDF_R_INVALID_SANSEC_ECCCIPHER_LENGTH); return 0; } if (ec) { memcpy(ec->x, sansec->x, sizeof(ec->x)); memcpy(ec->y, sansec->y, sizeof(ec->y)); memcpy(ec->M, sansec->M, sizeof(ec->M)); ec->L = sansec->clength; memcpy(ec->C, sansec->C, sansec->clength); } return ret; } /* static SDF_ERR_REASON sansec_errors[] = { { SANSEC_BASE, SDF_R_SANSEC_BASE }, { SANSEC_INVALID_USER, SDF_R_SANSEC_INVALID_USER }, { SANSEC_INVALID_AUTHENCODE, SDF_R_SANSEC_INVALID_AUTHENCODE }, { SANSEC_PROTOCOL_VERSION_ERROR, SDF_R_SANSEC_PROTOCOL_VERSION_ERROR }, { SANSEC_INVALID_COMMAND, SDF_R_SANSEC_INVALID_COMMAND }, { SANSEC_INVALID_PARAMETERS, SDF_R_SANSEC_INVALID_PARAMETERS }, { SANSEC_FILE_ALREADY_EXIST, SDF_R_SANSEC_FILE_ALREADY_EXIST }, { SANSEC_SYNC_ERROR, SDF_R_SANSEC_SYNC_ERROR }, { SANSEC_SYNC_LOGIN_ERROR, SDF_R_SANSEC_SYNC_LOGIN_ERROR }, { SANSEC_SOCKET_TIMEOUT, SDF_R_SANSEC_SOCKET_TIMEOUT }, { SANSEC_CONNECT_ERROR, SDF_R_SANSEC_CONNECT_ERROR }, { SANSEC_SET_SOCKET_OPTION_ERROR, SDF_R_SANSEC_SET_SOCKET_OPTION_ERROR }, { SANSEC_SOCKET_SEND_ERROR, SDF_R_SANSEC_SOCKET_SEND_ERROR }, { SANSEC_SOCKET_RECV_ERROR, SDF_R_SANSEC_SOCKET_RECV_ERROR }, { SANSEC_SOCKET_RECV_0, SDF_R_SANSEC_SOCKET_RECV_0 }, { SANSEC_SEM_TIMEOUT, SDF_R_SANSEC_SEM_TIMEOUT }, { SANSEC_NO_AVAILABLE_HSM, SDF_R_SANSEC_NO_AVAILABLE_HSM }, { SANSEC_NO_AVAILABLE_CSM, SDF_R_SANSEC_NO_AVAILABLE_CSM }, { SANSEC_CONFIG_ERROR, SDF_R_SANSEC_CONFIG_ERROR }, { SANSEC_CARD_BASE, SDF_R_SANSEC_CARD_BASE }, { SANSEC_CARD_UNKNOW_ERROR, SDF_R_SANSEC_CARD_UNKNOW_ERROR }, { SANSEC_CARD_NOT_SUPPORTED, SDF_R_SANSEC_CARD_NOT_SUPPORTED }, { SANSEC_CARD_COMMMUCATION_FAILED, SDF_R_SANSEC_CARD_COMMMUCATION_FAILED }, { SANSEC_CARD_HARDWARE_FAILURE, SDF_R_SANSEC_CARD_HARDWARE_FAILURE }, { SANSEC_CARD_OPEN_DEVICE_FAILED, SDF_R_SANSEC_CARD_OPEN_DEVICE_FAILED }, { SANSEC_CARD_OPEN_SESSION_FAILED, SDF_R_SANSEC_CARD_OPEN_SESSION_FAILED }, { SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED, SDF_R_SANSEC_CARD_PRIVATE_KEY_ACCESS_DENYED }, { SANSEC_CARD_KEY_NOT_EXIST, SDF_R_SANSEC_CARD_KEY_NOT_EXIST }, { SANSEC_CARD_ALGOR_NOT_SUPPORTED, SDF_R_SANSEC_CARD_ALGOR_NOT_SUPPORTED }, { SANSEC_CARD_ALG_MODE_NOT_SUPPORTED, SDF_R_SANSEC_CARD_ALG_MODE_NOT_SUPPORTED }, { SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR, SDF_R_SANSEC_CARD_PUBLIC_KEY_OPERATION_ERROR }, { SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR, SDF_R_SANSEC_CARD_PRIVATE_KEY_OPERATION_ERROR }, { SANSEC_CARD_SIGN_ERROR, SDF_R_SANSEC_CARD_SIGN_ERROR }, { SANSEC_CARD_VERIFY_ERROR, SDF_R_SANSEC_CARD_VERIFY_ERROR }, { SANSEC_CARD_SYMMETRIC_ALGOR_ERROR, SDF_R_SANSEC_CARD_SYMMETRIC_ALGOR_ERROR }, { SANSEC_CARD_STEP_ERROR, SDF_R_SANSEC_CARD_STEP_ERROR }, { SANSEC_CARD_FILE_SIZE_ERROR, SDF_R_SANSEC_CARD_FILE_SIZE_ERROR }, { SANSEC_CARD_FILE_NOT_EXIST, SDF_R_SANSEC_CARD_FILE_NOT_EXIST }, { SANSEC_CARD_FILE_OFFSET_ERROR, SDF_R_SANSEC_CARD_FILE_OFFSET_ERROR }, { SANSEC_CARD_KEY_TYPE_ERROR, SDF_R_SANSEC_CARD_KEY_TYPE_ERROR }, { SANSEC_CARD_KEY_ERROR, SDF_R_SANSEC_CARD_KEY_ERROR }, { SANSEC_CARD_BUFFER_TOO_SMALL, SDF_R_SANSEC_CARD_BUFFER_TOO_SMALL }, { SANSEC_CARD_DATA_PADDING_ERROR, SDF_R_SANSEC_CARD_DATA_PADDING_ERROR }, { SANSEC_CARD_DATA_SIZE, SDF_R_SANSEC_CARD_DATA_SIZE }, { SANSEC_CARD_CRYPTO_NOT_INITED, SDF_R_SANSEC_CARD_CRYPTO_NOT_INITED }, { SANSEC_CARD_MANAGEMENT_DENYED, SDF_R_SANSEC_CARD_MANAGEMENT_DENYED }, { SANSEC_CARD_OPERATION_DENYED, SDF_R_SANSEC_CARD_OPERATION_DENYED }, { SANSEC_CARD_DEVICE_STATUS_ERROR, SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR }, { SANSEC_CARD_LOGIN_ERROR, SDF_R_SANSEC_CARD_LOGIN_ERROR }, { SANSEC_CARD_USERID_ERROR, SDF_R_SANSEC_CARD_USERID_ERROR }, { SANSEC_CARD_PARAMENT_ERROR, SDF_R_SANSEC_CARD_PARAMENT_ERROR }, { SANSEC_CARD_MANAGEMENT_DENYED_05, SDF_R_SANSEC_CARD_MANAGEMENT_DENYED_05 }, { SANSEC_CARD_OPERATION_DENYED_05, SDF_R_SANSEC_CARD_OPERATION_DENYED_05 }, { SANSEC_CARD_DEVICE_STATUS_ERROR_05, SDF_R_SANSEC_CARD_DEVICE_STATUS_ERROR_05 }, { SANSEC_CARD_LOGIN_ERROR_05, SDF_R_SANSEC_CARD_LOGIN_ERROR_05 }, { SANSEC_CARD_USERID_ERROR_05, SDF_R_SANSEC_CARD_USERID_ERROR_05 }, { SANSEC_CARD_PARAMENT_ERROR_05, SDF_R_SANSEC_CARD_PARAMENT_ERROR_05 }, { SANSEC_CARD_READER_BASE, SDF_R_SANSEC_CARD_READER_BASE }, { SANSEC_CARD_READER_PIN_ERROR, SDF_R_SANSEC_CARD_READER_PIN_ERROR }, { SANSEC_CARD_READER_NO_CARD, SDF_R_SANSEC_CARD_READER_NO_CARD }, { SANSEC_CARD_READER_CARD_INSERT, SDF_R_SANSEC_CARD_READER_CARD_INSERT }, { SANSEC_CARD_READER_CARD_INSERT_TYPE, SDF_R_SANSEC_CARD_READER_CARD_INSERT_TYPE }, }; */ static unsigned long sansec_get_error_reason(int err) { /* size_t i = 0; for (i = 0; i < OSSL_NELEM(sansec_errors); i++) { if (err == sansec_errors[i].err) { return sansec_errors[i].reason; } } */ return 0; } SDF_VENDOR sdf_sansec = { "sansec", sansec_cipher_vendor2std, sansec_cipher_std2vendor, sansec_cipher_cap, sansec_digest_vendor2std, sansec_digest_std2vendor, sansec_digest_cap, sansec_pkey_vendor2std, sansec_pkey_std2vendor, sansec_pkey_cap, sansec_encode_ecccipher, sansec_decode_ecccipher, sansec_get_error_reason, };