Merge pull request #4 from guanzhi/master

update from master

Configurations/unix-Makefile.tmpl

@@ -632,7 +632,7 @@ install_man_docs:
 	@\
 	OUTSUFFIX='.$${SEC}$(MANSUFFIX)'; \
 	OUTTOP="$(DESTDIR)$(MANDIR)"; \
-	GENERATE='pod2man --name=$$NAME --section=$$SEC --center=OpenSSL --release=$(VERSION)'; \
+	GENERATE='pod2man --name=$$NAME --section=$$SEC --center=GmSSL --release=$(VERSION)'; \
 	$(PROCESS_PODS)
 
 uninstall_man_docs:

Configure

@@ -314,7 +314,7 @@ $config{sdirs} = [
     "cms", "ts", "srp", "cmac", "ct", "async", "kdf",
     "sm3", "base58", "sms4", "zuc", "serpent", "speck", "kdf2", "ffx", "otp",
     "ecies", "sm2", "cpk", "paillier", "ec2", "sm9", "bfibe", "bb1ibe",
-    "gmapi", "skf", "sdf", "saf", "sof",
+    "gmapi", "skf", "sdf", "saf", "sof", "ecrs"
     ];
 
 # Known TLS and DTLS protocols
@@ -417,6 +417,7 @@ my @disablables = (
     "ecies",
     "ffx",
     "sm2",
+    "ecrs",
     "paillier",
     "cpk",
     "otp",
@@ -503,6 +504,7 @@ my @disable_cascades = (
     "dtls"		=> [ @dtls ],
 
     "sm3"               => [ "sm2" ],
+    "sdf"               => [ "saf" ],
     "saf"		=> [ "sof" ],
 
     # SSL 3.0, (D)TLS 1.0 and TLS 1.1 require MD5 and SHA

apps/sm2.c

@@ -69,6 +69,7 @@ NON_EMPTY_TRANSLATION_UNIT
 # include <openssl/pem.h>
 # include <openssl/sm2.h>
 # include <openssl/objects.h>
+# include "../crypto/ec/ec_lcl.h"
 # include "apps.h"
 
 static OPT_PAIR conv_forms[] = {
@@ -129,7 +130,7 @@ int sm2_main(int argc, char **argv)
     ENGINE *e = NULL;
     EC_KEY *eckey = NULL;
     const EC_GROUP *group;
-    const EVP_CIPHER *enc = NULL;
+    const EVP_CIPHER *enc = EVP_sms4_cbc();
     point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
     char *infile = NULL, *outfile = NULL, *prog;
     char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
@@ -292,6 +293,10 @@ int sm2_main(int argc, char **argv)
             unsigned char buf[256] = {0};
             unsigned char *key = NULL;
             long keylen;
+            if (!(eckey = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
             if (BIO_read(in, buf, sizeof(buf) - 1) <= 0) {
                 ERR_print_errors(bio_err);
                 OPENSSL_cleanse(buf, sizeof(buf));
@@ -304,16 +309,25 @@ int sm2_main(int argc, char **argv)
             }
             OPENSSL_cleanse(buf, sizeof(buf));
             if (keylen != 32) {
-                BIO_printf(bio_err, "invalid private key in hex format\n");
+                BIO_printf(bio_err, "Invalid private key in hex format\n");
+		BIO_printf(bio_err, "Key length is %ld, not 32 byte\n", keylen);
                 OPENSSL_cleanse(key, keylen);
                 goto end;
             }
-            if (!EC_KEY_oct2key(eckey, key, sizeof(key), NULL)) {
+            if (!EC_KEY_oct2priv(eckey, key, keylen)) {
                 ERR_print_errors(bio_err);
                 OPENSSL_cleanse(key, keylen);
                 goto end;
             }
             OPENSSL_cleanse(key, keylen);
+
+            if (eckey->group->meth->keygenpub == NULL
+                || eckey->group->meth->keygenpub(eckey) == 0) {
+                BIO_printf(bio_err, "Generate public key from private key failed\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+
         } else if (informat == FORMAT_ENGINE) {
             EVP_PKEY *pkey;
             if (pubin)
@@ -378,6 +392,24 @@ int sm2_main(int argc, char **argv)
         }
     }
 
+    if (genzid) {
+        unsigned char z[64];
+        size_t zlen = sizeof(z);
+        if (!id) {
+            id = SM2_DEFAULT_ID;
+            BIO_printf(bio_err, "use default identity '%s'\n", id);
+        }
+        if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen, eckey)) {
+            goto end;
+        }
+        BIO_printf(out, "id: %s\n", id);
+        BIO_puts(out, "Z:\n");
+	ASN1_buf_print(out, z, zlen, 4);
+
+
+        BIO_printf(out, "\n");
+    }
+
     if (noout) {
         ret = 0;
         goto end;
@@ -400,26 +432,12 @@ int sm2_main(int argc, char **argv)
             i = PEM_write_bio_EC_PUBKEY(out, eckey);
         else {
             assert(private);
+            //FIXME: use PKCS#8				
             i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
                                            NULL, 0, NULL, passout);
+
         }
     }
-    if (genzid) {
-        unsigned char z[64];
-        size_t zlen = sizeof(z);
-        if (!id) {
-            id = SM2_DEFAULT_ID;
-            BIO_printf(bio_err, "use default identity '%s'\n", id);
-        }
-        if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen, eckey)) {
-            goto end;
-        }
-        BIO_printf(out, "Z = ");
-        for (i = 0; i < zlen; i++) {
-            BIO_printf(out, "%02X", z[i]);
-        }
-        BIO_printf(out, "\n");
-    }
 
     if (!i) {
         BIO_printf(bio_err, "unable to write private key\n");

apps/sm2utl.c

@@ -288,6 +288,17 @@ int sm2utl_main(int argc, char **argv)
 		goto end;
 	}
 
+	switch (op) {
+	case OP_DGST:
+	case OP_SIGN:
+	case OP_VERIFY:
+		if (!id) {
+			BIO_printf(bio_err, "Option '-id' required\n");
+			goto end;
+		}
+		break;
+	}
+
 	switch (op) {
 	case OP_DGST:
 		return sm2utl_sign(md, in, out, id, e, ec_key, 0);
@@ -330,7 +341,7 @@ static int sm2utl_sign(const EVP_MD *md, BIO *in, BIO *out, const char *id,
 		ERR_print_errors(bio_err);
 		goto end;
 	}
-	while ((len = BIO_read(in, buf, sizeof(buf))) <= 0) {
+	while ((len = BIO_read(in, buf, sizeof(buf))) > 0) {
 		if (!EVP_DigestUpdate(md_ctx, buf, len)) {
 			ERR_print_errors(bio_err);
 			goto end;
@@ -386,7 +397,7 @@ static int sm2utl_verify(const EVP_MD *md, BIO *in, BIO *out, BIO *sig,
 		ERR_print_errors(bio_err);
 		goto end;
 	}
-	while ((len = BIO_read(in, buf, sizeof(buf))) <= 0) {
+	while ((len = BIO_read(in, buf, sizeof(buf))) > 0) {
 		if (!EVP_DigestUpdate(md_ctx, buf, len)) {
 			ERR_print_errors(bio_err);
 			goto end;
@@ -420,6 +431,9 @@ static int sm2utl_encrypt(const EVP_MD *md, BIO *in, BIO *out, EC_KEY *ec_key)
 	int len;
 
 	if (!(len = bio_to_mem(&buf, SM2_MAX_PLAINTEXT_LENGTH, in))) {
+		ERR_print_errors(bio_err);
+		BIO_printf(bio_err, "Error reading plaintext\n");
+		goto end;
 	}
 	if (!(cval = SM2_do_encrypt(md, buf, len, ec_key))
 		|| i2d_SM2CiphertextValue_bio(out, cval) <= 0) {

crypto/ec/build.info

@@ -6,7 +6,7 @@ SOURCE[../../libcrypto]=\
         ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
         ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c ecdh_kdf.c \
         ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c ecx_meth.c \
-        {- $target{ec_asm_src} -}
+        {- $target{ec_asm_src} -} ecahe.c
 
 GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(LIB_CFLAGS) $(PROCESSOR)
 

crypto/ec/ec_ameth.c

@@ -1,3 +1,51 @@
+/* ====================================================================
+ * Copyright (c) 2016 - 2019 The GmSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the GmSSL Project.
+ *    (http://gmssl.org/)"
+ *
+ * 4. The name "GmSSL Project" must not be used to endorse or promote
+ *    products derived from this software without prior written
+ *    permission. For written permission, please contact
+ *    guanzhi1980@gmail.com.
+ *
+ * 5. Products derived from this software may not be called "GmSSL"
+ *    nor may "GmSSL" appear in their names without prior written
+ *    permission of the GmSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the GmSSL Project
+ *    (http://gmssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
 /*
  * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
@@ -472,6 +520,19 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
             X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
         }
         return 1;
+
+#ifndef OPENSSL_NO_SM2
+    case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+        if (arg1 == 0) {
+            X509_ALGOR *alg = NULL;
+            PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
+            if (alg) {
+                X509_ALGOR_set0(alg, OBJ_nid2obj(NID_sm2encrypt_with_sm3), V_ASN1_NULL, 0);
+            }
+        }
+        return 1;
+#endif
+
 #ifndef OPENSSL_NO_CMS
     case ASN1_PKEY_CTRL_CMS_SIGN:
         if (arg1 == 0) {

crypto/ec/ec_err.c

@@ -25,6 +25,9 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
     {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
     {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "do_EC_KEY_print"},
+    {ERR_FUNC(EC_F_ECAHE_CIPHERTEXT_SIZE), "ECAHE_ciphertext_size"},
+    {ERR_FUNC(EC_F_ECAHE_DECRYPT), "ECAHE_decrypt"},
+    {ERR_FUNC(EC_F_ECAHE_ENCRYPT), "ECAHE_encrypt"},
     {ERR_FUNC(EC_F_ECDH_CMS_DECRYPT), "ecdh_cms_decrypt"},
     {ERR_FUNC(EC_F_ECDH_CMS_SET_SHARED_INFO), "ecdh_cms_set_shared_info"},
     {ERR_FUNC(EC_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
@@ -169,6 +172,7 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
     {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
     {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
+    {ERR_FUNC(EC_F_EC_KEY_MERGE), "EC_KEY_merge"},
     {ERR_FUNC(EC_F_EC_KEY_NEW_METHOD), "EC_KEY_new_method"},
     {ERR_FUNC(EC_F_EC_KEY_OCT2PRIV), "EC_KEY_oct2priv"},
     {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
@@ -178,6 +182,7 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_EC_KEY_SIMPLE_CHECK_KEY), "ec_key_simple_check_key"},
     {ERR_FUNC(EC_F_EC_KEY_SIMPLE_OCT2PRIV), "ec_key_simple_oct2priv"},
     {ERR_FUNC(EC_F_EC_KEY_SIMPLE_PRIV2OCT), "ec_key_simple_priv2oct"},
+    {ERR_FUNC(EC_F_EC_KEY_SPLIT), "EC_KEY_split"},
     {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
     {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
     {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
@@ -329,6 +334,7 @@ static ERR_STRING_DATA EC_str_reasons[] = {
      "invalid sm2 kap checksum length"},
     {ERR_REASON(EC_R_INVALID_SM2_KAP_CHECKSUM_VALUE),
      "invalid sm2 kap checksum value"},
+    {ERR_REASON(EC_R_INVALID_SPLIT_PARAMETER), "invalid split parameter"},
     {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
     {ERR_REASON(EC_R_INVALID_TYPE1CURVE), "invalid type1curve"},
     {ERR_REASON(EC_R_INVALID_TYPE1_CURVE), "invalid type1 curve"},