mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-07 08:56:17 +08:00
506 lines
14 KiB
C
506 lines
14 KiB
C
/* ====================================================================
|
|
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
*
|
|
* 3. All advertising materials mentioning features or use of this
|
|
* software must display the following acknowledgment:
|
|
* "This product includes software developed by the GmSSL Project.
|
|
* (http://gmssl.org/)"
|
|
*
|
|
* 4. The name "GmSSL Project" must not be used to endorse or promote
|
|
* products derived from this software without prior written
|
|
* permission. For written permission, please contact
|
|
* guanzhi1980@gmail.com.
|
|
*
|
|
* 5. Products derived from this software may not be called "GmSSL"
|
|
* nor may "GmSSL" appear in their names without prior written
|
|
* permission of the GmSSL Project.
|
|
*
|
|
* 6. Redistributions of any form whatsoever must retain the following
|
|
* acknowledgment:
|
|
* "This product includes software developed by the GmSSL Project
|
|
* (http://gmssl.org/)"
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
|
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
|
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
* ====================================================================
|
|
*/
|
|
/*
|
|
* SDF API is a cryptographic API for PCI-E cards defined in standard
|
|
* GM/T 0018-2012: Interface Specifications of Cryptography Device Application
|
|
*
|
|
* Note: this header file follows the specification of GM/T 0018-2012. As we
|
|
* know, some vendors provide header files with some differences, especially
|
|
* the definations of data structures. So be sure to check the file provided by
|
|
* vendors and compare with this one.
|
|
*
|
|
* The implementations of SDF API from different vendors might have different
|
|
* behaviors on the same function. The comments in this file will show
|
|
* information and warnings on these issues. If the application developer use
|
|
* the GmSSL implementation, see `crypto/gmapi/sdf_lcl.h` for more information.
|
|
*/
|
|
|
|
#ifndef HEADER_SDF_H
|
|
#define HEADER_SDF_H
|
|
|
|
#include <openssl/opensslconf.h>
|
|
#ifndef OPENSSL_NO_SDF
|
|
|
|
#include <stdio.h>
|
|
#include <openssl/sgd.h>
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#pragma pack(1)
|
|
typedef struct DeviceInfo_st {
|
|
unsigned char IssuerName[40];
|
|
unsigned char DeviceName[16];
|
|
unsigned char DeviceSerial[16]; /* 8-char date +
|
|
* 3-char batch num +
|
|
* 5-char serial num
|
|
*/
|
|
unsigned int DeviceVersion;
|
|
unsigned int StandardVersion;
|
|
unsigned int AsymAlgAbility[2]; /* AsymAlgAbility[0] = algors
|
|
* AsymAlgAbility[1] = modulus lens
|
|
*/
|
|
unsigned int SymAlgAbility;
|
|
unsigned int HashAlgAbility;
|
|
unsigned int BufferSize;
|
|
} DEVICEINFO;
|
|
|
|
typedef struct RSArefPublicKey_st {
|
|
unsigned int bits;
|
|
unsigned char m[RSAref_MAX_LEN];
|
|
unsigned char e[RSAref_MAX_LEN];
|
|
} RSArefPublicKey;
|
|
|
|
typedef struct RSArefPrivateKey_st {
|
|
unsigned int bits;
|
|
unsigned char m[RSAref_MAX_LEN];
|
|
unsigned char e[RSAref_MAX_LEN];
|
|
unsigned char d[RSAref_MAX_LEN];
|
|
unsigned char prime[2][RSAref_MAX_PLEN];
|
|
unsigned char pexp[2][RSAref_MAX_PLEN];
|
|
unsigned char coef[RSAref_MAX_PLEN];
|
|
} RSArefPrivateKey;
|
|
|
|
typedef struct ECCrefPublicKey_st {
|
|
unsigned int bits;
|
|
unsigned char x[ECCref_MAX_LEN];
|
|
unsigned char y[ECCref_MAX_LEN];
|
|
} ECCrefPublicKey;
|
|
|
|
typedef struct ECCrefPrivateKey_st {
|
|
unsigned int bits;
|
|
unsigned char K[ECCref_MAX_LEN];
|
|
} ECCrefPrivateKey;
|
|
|
|
typedef struct ECCCipher_st {
|
|
unsigned char x[ECCref_MAX_LEN];
|
|
unsigned char y[ECCref_MAX_LEN];
|
|
unsigned char M[32];
|
|
unsigned int L;
|
|
unsigned char C[1];
|
|
} ECCCipher;
|
|
|
|
typedef struct ECCSignature_st {
|
|
unsigned char r[ECCref_MAX_LEN];
|
|
unsigned char s[ECCref_MAX_LEN];
|
|
} ECCSignature;
|
|
|
|
typedef struct SDF_ENVELOPEDKEYBLOB {
|
|
unsigned long Version;
|
|
unsigned long ulSymmAlgID;
|
|
ECCCipher ECCCipehrBlob;
|
|
ECCrefPublicKey PubKey;
|
|
unsigned char cbEncryptedPrivKey[64];
|
|
} EnvelopedKeyBlob, *PEnvelopedKeyBlob;
|
|
#pragma pack()
|
|
|
|
int SDF_OpenDevice(
|
|
void **phDeviceHandle);
|
|
|
|
int SDF_CloseDevice(
|
|
void *hDeviceHandle);
|
|
|
|
int SDF_OpenSession(
|
|
void *hDeviceHandle,
|
|
void **phSessionHandle);
|
|
|
|
int SDF_CloseSession(
|
|
void *hSessionHandle);
|
|
|
|
int SDF_GetDeviceInfo(
|
|
void *hSessionHandle,
|
|
DEVICEINFO *pstDeviceInfo);
|
|
|
|
int SDF_GenerateRandom(
|
|
void *hSessionHandle,
|
|
unsigned int uiLength,
|
|
unsigned char *pucRandom);
|
|
|
|
int SDF_GetPrivateKeyAccessRight(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
unsigned char *pucPassword,
|
|
unsigned int uiPwdLength);
|
|
|
|
int SDF_ReleasePrivateKeyAccessRight(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex);
|
|
|
|
int SDF_ExportSignPublicKey_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
RSArefPublicKey *pucPublicKey);
|
|
|
|
int SDF_ExportEncPublicKey_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
RSArefPublicKey *pucPublicKey);
|
|
|
|
int SDF_GenerateKeyPair_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyBits,
|
|
RSArefPublicKey *pucPublicKey,
|
|
RSArefPrivateKey *pucPrivateKey);
|
|
|
|
int SDF_GenerateKeyWithIPK_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiIPKIndex,
|
|
unsigned int uiKeyBits,
|
|
unsigned char *pucKey,
|
|
unsigned int *puiKeyLength,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_GenerateKeyWithEPK_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyBits,
|
|
RSArefPublicKey *pucPublicKey,
|
|
unsigned char *pucKey,
|
|
unsigned int *puiKeyLength,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_ImportKeyWithISK_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
unsigned char *pucKey,
|
|
unsigned int uiKeyLength,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_ExchangeDigitEnvelopeBaseOnRSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
RSArefPublicKey *pucPublicKey,
|
|
unsigned char *pucDEInput,
|
|
unsigned int uiDELength,
|
|
unsigned char *pucDEOutput,
|
|
unsigned int *puiDELength);
|
|
|
|
int SDF_ExportSignPublicKey_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
ECCrefPublicKey *pucPublicKey);
|
|
|
|
int SDF_ExportEncPublicKey_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
ECCrefPublicKey *pucPublicKey);
|
|
|
|
int SDF_GenerateKeyPair_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiAlgID,
|
|
unsigned int uiKeyBits,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
ECCrefPrivateKey *pucPrivateKey);
|
|
|
|
int SDF_GenerateKeyWithIPK_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiIPKIndex,
|
|
unsigned int uiKeyBits,
|
|
ECCCipher *pucKey,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_GenerateKeyWithEPK_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyBits,
|
|
unsigned int uiAlgID,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
ECCCipher *pucKey,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_ImportKeyWithISK_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
ECCCipher *pucKey,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_GenerateAgreementDataWithECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
unsigned int uiKeyBits,
|
|
unsigned char *pucSponsorID,
|
|
unsigned int uiSponsorIDLength,
|
|
ECCrefPublicKey *pucSponsorPublicKey,
|
|
ECCrefPublicKey *pucSponsorTmpPublicKey,
|
|
void **phAgreementHandle);
|
|
|
|
int SDF_GenerateKeyWithECC(
|
|
void *hSessionHandle,
|
|
unsigned char *pucResponseID,
|
|
unsigned int uiResponseIDLength,
|
|
ECCrefPublicKey *pucResponsePublicKey,
|
|
ECCrefPublicKey *pucResponseTmpPublicKey,
|
|
void *hAgreementHandle,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_GenerateAgreementDataAndKeyWithECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
unsigned int uiKeyBits,
|
|
unsigned char *pucResponseID,
|
|
unsigned int uiResponseIDLength,
|
|
unsigned char *pucSponsorID,
|
|
unsigned int uiSponsorIDLength,
|
|
ECCrefPublicKey *pucSponsorPublicKey,
|
|
ECCrefPublicKey *pucSponsorTmpPublicKey,
|
|
ECCrefPublicKey *pucResponsePublicKey,
|
|
ECCrefPublicKey *pucResponseTmpPublicKey,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_ExchangeDigitEnvelopeBaseOnECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
unsigned int uiAlgID,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
ECCCipher *pucEncDataIn,
|
|
ECCCipher *pucEncDataOut);
|
|
|
|
int SDF_GenerateKeyWithKEK(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyBits,
|
|
unsigned int uiAlgID,
|
|
unsigned int uiKEKIndex,
|
|
unsigned char *pucKey,
|
|
unsigned int *puiKeyLength,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_ImportKeyWithKEK(
|
|
void *hSessionHandle,
|
|
unsigned int uiAlgID,
|
|
unsigned int uiKEKIndex,
|
|
unsigned char *pucKey,
|
|
unsigned int uiKeyLength,
|
|
void **phKeyHandle);
|
|
|
|
int SDF_DestroyKey(
|
|
void *hSessionHandle,
|
|
void *hKeyHandle);
|
|
|
|
int SDF_ExternalPublicKeyOperation_RSA(
|
|
void *hSessionHandle,
|
|
RSArefPublicKey *pucPublicKey,
|
|
unsigned char *pucDataInput,
|
|
unsigned int uiInputLength,
|
|
unsigned char *pucDataOutput,
|
|
unsigned int *puiOutputLength);
|
|
|
|
int SDF_InternalPublicKeyOperation_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
unsigned char *pucDataInput,
|
|
unsigned int uiInputLength,
|
|
unsigned char *pucDataOutput,
|
|
unsigned int *puiOutputLength);
|
|
|
|
int SDF_InternalPrivateKeyOperation_RSA(
|
|
void *hSessionHandle,
|
|
unsigned int uiKeyIndex,
|
|
unsigned char *pucDataInput,
|
|
unsigned int uiInputLength,
|
|
unsigned char *pucDataOutput,
|
|
unsigned int *puiOutputLength);
|
|
|
|
int SDF_ExternalVerify_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiAlgID,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
unsigned char *pucDataInput,
|
|
unsigned int uiInputLength,
|
|
ECCSignature *pucSignature);
|
|
|
|
int SDF_InternalSign_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
ECCSignature *pucSignature);
|
|
|
|
int SDF_InternalVerify_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiIPKIndex,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
ECCSignature *pucSignature);
|
|
|
|
int SDF_ExternalEncrypt_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiAlgID,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
ECCCipher *pucEncData);
|
|
|
|
int SDF_InternalEncrypt_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiIPKIndex,
|
|
unsigned int uiAlgID,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
ECCCipher *pucEncData);
|
|
|
|
int SDF_InternalDecrypt_ECC(
|
|
void *hSessionHandle,
|
|
unsigned int uiISKIndex,
|
|
unsigned int uiAlgID,
|
|
ECCCipher *pucEncData,
|
|
unsigned char *pucData,
|
|
unsigned int *uiDataLength);
|
|
|
|
int SDF_Encrypt(
|
|
void *hSessionHandle,
|
|
void *hKeyHandle,
|
|
unsigned int uiAlgID,
|
|
unsigned char *pucIV,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
unsigned char *pucEncData,
|
|
unsigned int *puiEncDataLength);
|
|
|
|
int SDF_Decrypt(
|
|
void *hSessionHandle,
|
|
void *hKeyHandle,
|
|
unsigned int uiAlgID,
|
|
unsigned char *pucIV,
|
|
unsigned char *pucEncData,
|
|
unsigned int uiEncDataLength,
|
|
unsigned char *pucData,
|
|
unsigned int *puiDataLength);
|
|
|
|
int SDF_CalculateMAC(
|
|
void *hSessionHandle,
|
|
void *hKeyHandle,
|
|
unsigned int uiAlgID,
|
|
unsigned char *pucIV,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength,
|
|
unsigned char *pucMAC,
|
|
unsigned int *puiMACLength);
|
|
|
|
int SDF_HashInit(
|
|
void *hSessionHandle,
|
|
unsigned int uiAlgID,
|
|
ECCrefPublicKey *pucPublicKey,
|
|
unsigned char *pucID,
|
|
unsigned int uiIDLength);
|
|
|
|
int SDF_HashUpdate(
|
|
void *hSessionHandle,
|
|
unsigned char *pucData,
|
|
unsigned int uiDataLength);
|
|
|
|
int SDF_HashFinal(void *hSessionHandle,
|
|
unsigned char *pucHash,
|
|
unsigned int *puiHashLength);
|
|
|
|
int SDF_CreateFile(
|
|
void *hSessionHandle,
|
|
unsigned char *pucFileName,
|
|
unsigned int uiNameLen, /* max 128-byte */
|
|
unsigned int uiFileSize);
|
|
|
|
int SDF_ReadFile(
|
|
void *hSessionHandle,
|
|
unsigned char *pucFileName,
|
|
unsigned int uiNameLen,
|
|
unsigned int uiOffset,
|
|
unsigned int *puiReadLength,
|
|
unsigned char *pucBuffer);
|
|
|
|
int SDF_WriteFile(
|
|
void *hSessionHandle,
|
|
unsigned char *pucFileName,
|
|
unsigned int uiNameLen,
|
|
unsigned int uiOffset,
|
|
unsigned int uiWriteLength,
|
|
unsigned char *pucBuffer);
|
|
|
|
int SDF_DeleteFile(
|
|
void *hSessionHandle,
|
|
unsigned char *pucFileName,
|
|
unsigned int uiNameLen);
|
|
|
|
#define SDR_OK 0x0
|
|
#define SDR_BASE 0x01000000
|
|
#define SDR_UNKNOWERR (SDR_BASE + 0x00000001)
|
|
#define SDR_NOTSUPPORT (SDR_BASE + 0x00000002)
|
|
#define SDR_COMMFAIL (SDR_BASE + 0x00000003)
|
|
#define SDR_HARDFAIL (SDR_BASE + 0x00000004)
|
|
#define SDR_OPENDEVICE (SDR_BASE + 0x00000005)
|
|
#define SDR_OPENSESSION (SDR_BASE + 0x00000006)
|
|
#define SDR_PARDENY (SDR_BASE + 0x00000007)
|
|
#define SDR_KEYNOTEXIST (SDR_BASE + 0x00000008)
|
|
#define SDR_ALGNOTSUPPORT (SDR_BASE + 0x00000009)
|
|
#define SDR_ALGMODNOTSUPPORT (SDR_BASE + 0x0000000A)
|
|
#define SDR_PKOPERR (SDR_BASE + 0x0000000B)
|
|
#define SDR_SKOPERR (SDR_BASE + 0x0000000C)
|
|
#define SDR_SIGNERR (SDR_BASE + 0x0000000D)
|
|
#define SDR_VERIFYERR (SDR_BASE + 0x0000000E)
|
|
#define SDR_SYMOPERR (SDR_BASE + 0x0000000F)
|
|
#define SDR_STEPERR (SDR_BASE + 0x00000010)
|
|
#define SDR_FILESIZEERR (SDR_BASE + 0x00000011)
|
|
#define SDR_FILENOEXIST (SDR_BASE + 0x00000012)
|
|
#define SDR_FILEOFSERR (SDR_BASE + 0x00000013)
|
|
#define SDR_KEYTYPEERR (SDR_BASE + 0x00000014)
|
|
#define SDR_KEYERR (SDR_BASE + 0x00000015)
|
|
#define SDR_ENCDATAERR (SDR_BASE + 0x00000016)
|
|
#define SDR_RANDERR (SDR_BASE + 0x00000017)
|
|
#define SDR_PRKRERR (SDR_BASE + 0x00000018)
|
|
#define SDR_MACERR (SDR_BASE + 0x00000019)
|
|
#define SDR_FILEEXSITS (SDR_BASE + 0x0000001A)
|
|
#define SDR_FILEWERR (SDR_BASE + 0x0000001B)
|
|
#define SDR_NOBUFFER (SDR_BASE + 0x0000001C)
|
|
#define SDR_INARGERR (SDR_BASE + 0x0000001D)
|
|
#define SDR_OUTARGERR (SDR_BASE + 0x0000001E)
|
|
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
#endif
|
|
#endif
|