Add sdfencrypt command

guanzhi · Jun 9, 2024 · 9784bbc · 9784bbc
1 parent 368f2e5
commit 9784bbc
Show file tree

Hide file tree

Showing 6 changed files with 763 additions and 10 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -552,7 +552,7 @@ if (ENABLE_SDF)
 		src/sdf/sdf_meth.c
 		src/sdf/sdf_ext.c
 		src/sdf/sdf_sansec.c)
-	list(APPEND tools tools/sdfinfo.c tools/sdfdigest.c tools/sdfexport.c tools/sdfsign.c tools/sdftest.c)
+	list(APPEND tools tools/sdfinfo.c tools/sdfdigest.c tools/sdfexport.c tools/sdfsign.c tools/sdfencrypt.c tools/sdftest.c)
 endif()
 
 

diff --git a/include/gmssl/sdf.h b/include/gmssl/sdf.h
@@ -14,6 +14,7 @@
 #include <string.h>
 #include <stdint.h>
 #include <gmssl/sm2.h>
+#include <gmssl/sm4.h>
 
 
 #ifdef __cplusplus
@@ -32,6 +33,18 @@ typedef struct {
 	void *session;
 } SDF_DIGEST_CTX;
 
+typedef struct {
+	void *session;
+	void *handle;
+} SDF_KEY;
+
+typedef struct {
+	SDF_KEY key;
+	uint8_t iv[SM4_BLOCK_SIZE];
+	uint8_t block[SM4_BLOCK_SIZE];
+	size_t block_nbytes;
+} SDF_CBC_CTX;
+
 typedef struct {
 	SM2_Z256_POINT public_key;
 	void *session;
@@ -44,6 +57,9 @@ typedef struct {
 	SDF_SIGN_KEY key;
 } SDF_SIGN_CTX;
 
+
+
+
 int sdf_load_library(const char *so_path, const char *vendor);
 int sdf_open_device(SDF_DEVICE *dev);
 int sdf_print_device_info(FILE *fp, int fmt, int ind, const char *lable, SDF_DEVICE *dev);
@@ -52,7 +68,17 @@ int sdf_digest_update(SDF_DIGEST_CTX *ctx, const uint8_t *data, size_t datalen);
 int sdf_digest_finish(SDF_DIGEST_CTX *ctx, uint8_t dgst[SM3_DIGEST_SIZE]);
 int sdf_digest_reset(SDF_DIGEST_CTX *ctx);
 void sdf_digest_cleanup(SDF_DIGEST_CTX *ctx);
+int sdf_generate_key(SDF_DEVICE *dev, SDF_KEY *key, const SM2_KEY *sm2_key, uint8_t *wrappedkey, size_t *wrappedkey_len);
+int sdf_import_key(SDF_DEVICE *dev, unsigned int key_index, const char *pass, const uint8_t *wrappedkey, size_t wrappedkey_len, SDF_KEY *key);
+int sdf_cbc_encrypt_init(SDF_CBC_CTX *ctx, const SDF_KEY *key, const uint8_t iv[16]);
+int sdf_cbc_encrypt_update(SDF_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
+int sdf_cbc_encrypt_finish(SDF_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
+int sdf_cbc_decrypt_init(SDF_CBC_CTX *ctx, const SDF_KEY *key, const uint8_t iv[16]);
+int sdf_cbc_decrypt_update(SDF_CBC_CTX *ctx, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
+int sdf_cbc_decrypt_finish(SDF_CBC_CTX *ctx, uint8_t *out, size_t *outlen);
+int sdf_destroy_key(SDF_KEY *key);
 int sdf_export_sign_public_key(SDF_DEVICE *dev, int key_index, SM2_KEY *public_key);
+int sdf_export_encrypt_public_key(SDF_DEVICE *dev, int key_index, SM2_KEY *public_key);
 int sdf_load_sign_key(SDF_DEVICE *dev, SDF_SIGN_KEY *key, int key_index, const char *pass);
 int sdf_sign(SDF_SIGN_KEY *key, const uint8_t dgst[32], uint8_t *sig, size_t *siglen);
 int sdf_sign_init(SDF_SIGN_CTX *ctx, const SDF_SIGN_KEY *key, const char *id, size_t idlen);