1 /*
2 * Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the License); you may
5 * not use this file except in compliance with the License.
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 */
9
10
11 #include <stdio.h>
12 #include <string.h>
13 #include <stdlib.h>
14 #include <gmssl/sm3.h>
15 #include <gmssl/sm4.h>
16 #include <gmssl/sm9.h>
17 #include <gmssl/mem.h>
18 #include <gmssl/oid.h>
19 #include <gmssl/rand.h>
20 #include <gmssl/asn1.h>
21 #include <gmssl/pkcs8.h>
22 #include <gmssl/pbkdf2.h>
23 #include <gmssl/error.h>
24
25
26 // generate h1 in [1, n-1]
sm9_hash1(sm9_bn_t h1,const char * id,size_t idlen,uint8_t hid)27 int sm9_hash1(sm9_bn_t h1, const char *id, size_t idlen, uint8_t hid)
28 {
29 SM3_CTX ctx;
30 uint8_t prefix[1] = { SM9_HASH1_PREFIX };
31 uint8_t ct1[4] = {0x00, 0x00, 0x00, 0x01};
32 uint8_t ct2[4] = {0x00, 0x00, 0x00, 0x02};
33 uint8_t Ha[64];
34
35 sm3_init(&ctx);
36 sm3_update(&ctx, prefix, sizeof(prefix));
37 sm3_update(&ctx, (uint8_t *)id, idlen);
38 sm3_update(&ctx, &hid, 1);
39 sm3_update(&ctx, ct1, sizeof(ct1));
40 sm3_finish(&ctx, Ha);
41
42 sm3_init(&ctx);
43 sm3_update(&ctx, prefix, sizeof(prefix));
44 sm3_update(&ctx, (uint8_t *)id, idlen);
45 sm3_update(&ctx, &hid, 1);
46 sm3_update(&ctx, ct2, sizeof(ct2));
47 sm3_finish(&ctx, Ha + 32);
48
49 sm9_fn_from_hash(h1, Ha);
50 return 1;
51 }
52
sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY * msk,uint8_t ** out,size_t * outlen)53 int sm9_sign_master_key_to_der(const SM9_SIGN_MASTER_KEY *msk, uint8_t **out, size_t *outlen)
54 {
55 uint8_t ks[32];
56 uint8_t Ppubs[1 + 32 * 4];
57 size_t len = 0;
58
59 sm9_fn_to_bytes(msk->ks, ks);
60 sm9_twist_point_to_uncompressed_octets(&msk->Ppubs, Ppubs);
61
62 if (asn1_integer_to_der(ks, sizeof(ks), NULL, &len) != 1
63 || asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), NULL, &len) != 1
64 || asn1_sequence_header_to_der(len, out, outlen) != 1
65 || asn1_integer_to_der(ks, sizeof(ks), out, outlen) != 1
66 || asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), out, outlen) != 1) {
67 gmssl_secure_clear(ks, sizeof(ks));
68 error_print();
69 return -1;
70 }
71 gmssl_secure_clear(ks, sizeof(ks));
72 return 1;
73 }
74
sm9_sign_master_key_from_der(SM9_SIGN_MASTER_KEY * msk,const uint8_t ** in,size_t * inlen)75 int sm9_sign_master_key_from_der(SM9_SIGN_MASTER_KEY *msk, const uint8_t **in, size_t *inlen)
76 {
77 int ret;
78 const uint8_t *d;
79 size_t dlen;
80 const uint8_t *ks;
81 size_t kslen;
82 const uint8_t *Ppubs;
83 size_t Ppubslen;
84
85 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
86 if (ret < 0) error_print();
87 return ret;
88 }
89 if (asn1_integer_from_der(&ks, &kslen, &d, &dlen) != 1
90 || asn1_bit_octets_from_der(&Ppubs, &Ppubslen, &d, &dlen) != 1
91 || asn1_check(kslen == 32) != 1
92 || asn1_check(Ppubslen == 1 + 32 * 4) != 1
93 || asn1_length_is_zero(dlen) != 1) {
94 error_print();
95 return -1;
96 }
97 memset(msk, 0, sizeof(*msk));
98 if (sm9_fn_from_bytes(msk->ks, ks) != 1
99 || sm9_twist_point_from_uncompressed_octets(&msk->Ppubs, Ppubs) != 1) {
100 error_print();
101 return -1;
102 }
103 return 1;
104 }
105
sm9_sign_master_public_key_to_der(const SM9_SIGN_MASTER_KEY * mpk,uint8_t ** out,size_t * outlen)106 int sm9_sign_master_public_key_to_der(const SM9_SIGN_MASTER_KEY *mpk, uint8_t **out, size_t *outlen)
107 {
108 uint8_t Ppubs[1 + 32 * 4];
109 size_t len = 0;
110
111 sm9_twist_point_to_uncompressed_octets(&mpk->Ppubs, Ppubs);
112 if (asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), NULL, &len) != 1
113 || asn1_sequence_header_to_der(len, out, outlen) != 1
114 || asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), out, outlen) != 1) {
115 error_print();
116 return -1;
117 }
118 return 1;
119 }
120
sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY * mpk,const uint8_t ** in,size_t * inlen)121 int sm9_sign_master_public_key_from_der(SM9_SIGN_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen)
122 {
123 int ret;
124 const uint8_t *d;
125 size_t dlen;
126 const uint8_t *Ppubs;
127 size_t Ppubslen;
128
129 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
130 if (ret < 0) error_print();
131 return ret;
132 }
133 if (asn1_bit_octets_from_der(&Ppubs, &Ppubslen, &d, &dlen) != 1
134 || asn1_check(Ppubslen == 1 + 32 * 4) != 1
135 || asn1_length_is_zero(dlen) != 1) {
136 error_print();
137 return -1;
138 }
139 memset(mpk, 0, sizeof(*mpk));
140 if (sm9_twist_point_from_uncompressed_octets(&mpk->Ppubs, Ppubs) != 1) {
141 error_print();
142 return -1;
143 }
144 return 1;
145 }
146
sm9_sign_key_to_der(const SM9_SIGN_KEY * key,uint8_t ** out,size_t * outlen)147 int sm9_sign_key_to_der(const SM9_SIGN_KEY *key, uint8_t **out, size_t *outlen)
148 {
149 uint8_t ds[65];
150 uint8_t Ppubs[129];
151 size_t len = 0;
152
153 sm9_point_to_uncompressed_octets(&key->ds, ds);
154 sm9_twist_point_to_uncompressed_octets(&key->Ppubs, Ppubs);
155
156 if (asn1_bit_octets_to_der(ds, sizeof(ds), NULL, &len) != 1
157 || asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), NULL, &len) != 1
158 || asn1_sequence_header_to_der(len, out, outlen) != 1
159 || asn1_bit_octets_to_der(ds, sizeof(ds), out, outlen) != 1
160 || asn1_bit_octets_to_der(Ppubs, sizeof(Ppubs), out, outlen) != 1) {
161 gmssl_secure_clear(ds, sizeof(ds));
162 error_print();
163 return -1;
164 }
165 gmssl_secure_clear(ds, sizeof(ds));
166 return 1;
167 }
168
sm9_sign_key_from_der(SM9_SIGN_KEY * key,const uint8_t ** in,size_t * inlen)169 int sm9_sign_key_from_der(SM9_SIGN_KEY *key, const uint8_t **in, size_t *inlen)
170 {
171 int ret;
172 const uint8_t *d;
173 size_t dlen;
174 const uint8_t *ds;
175 size_t dslen;
176 const uint8_t *Ppubs;
177 size_t Ppubslen;
178
179 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
180 if (ret < 0) error_print();
181 return ret;
182 }
183 if (asn1_bit_octets_from_der(&ds, &dslen, &d, &dlen) != 1
184 || asn1_bit_octets_from_der(&Ppubs, &Ppubslen, &d, &dlen) != 1
185 || asn1_check(dslen == 65) != 1
186 || asn1_check(Ppubslen == 129) != 1
187 || asn1_length_is_zero(dlen) != 1) {
188 error_print();
189 return -1;
190 }
191 memset(key, 0, sizeof(*key));
192 if (sm9_point_from_uncompressed_octets(&key->ds, ds) != 1
193 || sm9_twist_point_from_uncompressed_octets(&key->Ppubs, Ppubs) != 1) {
194 error_print();
195 return -1;
196 }
197 return 1;
198 }
199
sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY * msk,uint8_t ** out,size_t * outlen)200 int sm9_enc_master_key_to_der(const SM9_ENC_MASTER_KEY *msk, uint8_t **out, size_t *outlen)
201 {
202 uint8_t ke[32];
203 uint8_t Ppube[1 + 32 * 2];
204 size_t len = 0;
205
206 sm9_fn_to_bytes(msk->ke, ke);
207 sm9_point_to_uncompressed_octets(&msk->Ppube, Ppube);
208
209 if (asn1_integer_to_der(ke, sizeof(ke), NULL, &len) != 1
210 || asn1_bit_octets_to_der(Ppube, sizeof(Ppube), NULL, &len) != 1
211 || asn1_sequence_header_to_der(len, out, outlen) != 1
212 || asn1_integer_to_der(ke, sizeof(ke), out, outlen) != 1
213 || asn1_bit_octets_to_der(Ppube, sizeof(Ppube), out, outlen) != 1) {
214 gmssl_secure_clear(ke, sizeof(ke));
215 error_print();
216 return -1;
217 }
218 gmssl_secure_clear(ke, sizeof(ke));
219 return 1;
220 }
221
sm9_enc_master_key_from_der(SM9_ENC_MASTER_KEY * msk,const uint8_t ** in,size_t * inlen)222 int sm9_enc_master_key_from_der(SM9_ENC_MASTER_KEY *msk, const uint8_t **in, size_t *inlen)
223 {
224 int ret;
225 const uint8_t *d;
226 size_t dlen;
227 const uint8_t *ke;
228 size_t kelen;
229 const uint8_t *Ppube;
230 size_t Ppubelen;
231
232 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
233 if (ret < 0) error_print();
234 return ret;
235 }
236 if (asn1_integer_from_der(&ke, &kelen, &d, &dlen) != 1
237 || asn1_bit_octets_from_der(&Ppube, &Ppubelen, &d, &dlen) != 1
238 || asn1_check(kelen == 32) != 1
239 || asn1_check(Ppubelen == 1 + 32 * 2) != 1
240 || asn1_length_is_zero(dlen) != 1) {
241 error_print();
242 return -1;
243 }
244 memset(msk, 0, sizeof(*msk));
245 if (sm9_fn_from_bytes(msk->ke, ke) != 1
246 || sm9_point_from_uncompressed_octets(&msk->Ppube, Ppube) != 1) {
247 error_print();
248 return -1;
249 }
250 return 1;
251 }
252
sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY * mpk,uint8_t ** out,size_t * outlen)253 int sm9_enc_master_public_key_to_der(const SM9_ENC_MASTER_KEY *mpk, uint8_t **out, size_t *outlen)
254 {
255 uint8_t Ppube[1 + 32 * 2];
256 size_t len = 0;
257
258 sm9_point_to_uncompressed_octets(&mpk->Ppube, Ppube);
259
260 if (asn1_bit_octets_to_der(Ppube, sizeof(Ppube), NULL, &len) != 1
261 || asn1_sequence_header_to_der(len, out, outlen) != 1
262 || asn1_bit_octets_to_der(Ppube, sizeof(Ppube), out, outlen) != 1) {
263 error_print();
264 return -1;
265 }
266 return 1;
267 }
268
sm9_enc_master_public_key_from_der(SM9_ENC_MASTER_KEY * mpk,const uint8_t ** in,size_t * inlen)269 int sm9_enc_master_public_key_from_der(SM9_ENC_MASTER_KEY *mpk, const uint8_t **in, size_t *inlen)
270 {
271 int ret;
272 const uint8_t *d;
273 size_t dlen;
274 const uint8_t *Ppube;
275 size_t Ppubelen;
276
277 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
278 if (ret < 0) error_print();
279 return ret;
280 }
281 if (asn1_bit_octets_from_der(&Ppube, &Ppubelen, &d, &dlen) != 1
282 || asn1_check(Ppubelen == 1 + 32 * 2) != 1
283 || asn1_length_is_zero(dlen) != 1) {
284 error_print();
285 return -1;
286 }
287 memset(mpk, 0, sizeof(*mpk));
288 if (sm9_point_from_uncompressed_octets(&mpk->Ppube, Ppube) != 1) {
289 error_print();
290 return -1;
291 }
292 return 1;
293 }
294
sm9_enc_key_to_der(const SM9_ENC_KEY * key,uint8_t ** out,size_t * outlen)295 int sm9_enc_key_to_der(const SM9_ENC_KEY *key, uint8_t **out, size_t *outlen)
296 {
297 uint8_t de[129];
298 uint8_t Ppube[65];
299 size_t len = 0;
300
301 sm9_twist_point_to_uncompressed_octets(&key->de, de);
302 sm9_point_to_uncompressed_octets(&key->Ppube, Ppube);
303
304 if (asn1_bit_octets_to_der(de, sizeof(de), NULL, &len) != 1
305 || asn1_bit_octets_to_der(Ppube, sizeof(Ppube), NULL, &len) != 1
306 || asn1_sequence_header_to_der(len, out, outlen) != 1
307 || asn1_bit_octets_to_der(de, sizeof(de), out, outlen) != 1
308 || asn1_bit_octets_to_der(Ppube, sizeof(Ppube), out, outlen) != 1) {
309 gmssl_secure_clear(de, sizeof(de));
310 error_print();
311 return -1;
312 }
313 gmssl_secure_clear(de, sizeof(de));
314 return 1;
315 }
316
sm9_enc_key_from_der(SM9_ENC_KEY * key,const uint8_t ** in,size_t * inlen)317 int sm9_enc_key_from_der(SM9_ENC_KEY *key, const uint8_t **in, size_t *inlen)
318 {
319 int ret;
320 const uint8_t *d;
321 size_t dlen;
322 const uint8_t *de;
323 size_t delen;
324 const uint8_t *Ppube;
325 size_t Ppubelen;
326
327 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
328 if (ret < 0) error_print();
329 return ret;
330 }
331 if (asn1_bit_octets_from_der(&de, &delen, &d, &dlen) != 1
332 || asn1_bit_octets_from_der(&Ppube, &Ppubelen, &d, &dlen) != 1
333 || asn1_check(delen == 129) != 1
334 || asn1_check(Ppubelen == 65) != 1
335 || asn1_length_is_zero(dlen) != 1) {
336 error_print();
337 return -1;
338 }
339 memset(key, 0, sizeof(*key));
340 if (sm9_twist_point_from_uncompressed_octets(&key->de, de) != 1
341 || sm9_point_from_uncompressed_octets(&key->Ppube, Ppube) != 1) {
342 error_print();
343 return -1;
344 }
345 return 1;
346 }
347
sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY * msk)348 int sm9_sign_master_key_generate(SM9_SIGN_MASTER_KEY *msk)
349 {
350 if (!msk) {
351 error_print();
352 return -1;
353 }
354 // k = rand(1, n-1)
355 if (sm9_fn_rand(msk->ks) != 1) {
356 error_print();
357 return -1;
358 }
359 // Ppubs = k * P2 in E'(F_p^2)
360 sm9_twist_point_mul_generator(&msk->Ppubs, msk->ks);
361 return 1;
362 }
363
sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY * msk)364 int sm9_enc_master_key_generate(SM9_ENC_MASTER_KEY *msk)
365 {
366 // k = rand(1, n-1)
367 if (sm9_fn_rand(msk->ke) != 1) {
368 error_print();
369 return -1;
370 }
371 // Ppube = ke * P1 in E(F_p)
372 sm9_point_mul_generator(&msk->Ppube, msk->ke);
373 return 1;
374 }
375
sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY * msk,const char * id,size_t idlen,SM9_SIGN_KEY * key)376 int sm9_sign_master_key_extract_key(SM9_SIGN_MASTER_KEY *msk, const char *id, size_t idlen, SM9_SIGN_KEY *key)
377 {
378 sm9_fn_t t;
379
380 // t1 = H1(ID || hid, N) + ks
381 sm9_hash1(t, id, idlen, SM9_HID_SIGN);
382 sm9_fn_add(t, t, msk->ks);
383 if (sm9_fn_is_zero(t)) {
384 // 这是一个严重问题,意味着整个msk都需要作废了
385 error_print();
386 return -1;
387 }
388
389 // t2 = ks * t1^-1
390 sm9_fn_inv(t, t);
391 sm9_fn_mul(t, t, msk->ks);
392
393 // ds = t2 * P1
394 sm9_point_mul_generator(&key->ds, t);
395 key->Ppubs = msk->Ppubs;
396
397 return 1;
398 }
399
sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY * msk,const char * id,size_t idlen,SM9_ENC_KEY * key)400 int sm9_enc_master_key_extract_key(SM9_ENC_MASTER_KEY *msk, const char *id, size_t idlen,
401 SM9_ENC_KEY *key)
402 {
403 sm9_fn_t t;
404
405 // t1 = H1(ID || hid, N) + ke
406 sm9_hash1(t, id, idlen, SM9_HID_ENC);
407 sm9_fn_add(t, t, msk->ke);
408 if (sm9_fn_is_zero(t)) {
409 error_print();
410 return -1;
411 }
412
413 // t2 = ke * t1^-1
414 sm9_fn_inv(t, t);
415 sm9_fn_mul(t, t, msk->ke);
416
417 // de = t2 * P2
418 sm9_twist_point_mul_generator(&key->de, t);
419 key->Ppube = msk->Ppube;
420
421 return 1;
422 }
423
424
425 #define OID_SM9 oid_sm_algors,302
426 static uint32_t oid_sm9[] = { OID_SM9 };
427 static uint32_t oid_sm9sign[] = { OID_SM9,1 };
428 static uint32_t oid_sm9keyagreement[] = { OID_SM9,2 };
429 static uint32_t oid_sm9encrypt[] = { OID_SM9,3 };
430
431 static const ASN1_OID_INFO sm9_oids[] = {
432 { OID_sm9, "sm9", oid_sm9, sizeof(oid_sm9)/sizeof(int) },
433 { OID_sm9sign, "sm9sign", oid_sm9sign, sizeof(oid_sm9sign)/sizeof(int) },
434 { OID_sm9keyagreement, "sm9keyagreement", oid_sm9keyagreement, sizeof(oid_sm9keyagreement)/sizeof(int) },
435 { OID_sm9encrypt, "sm9encrypt", oid_sm9encrypt, sizeof(oid_sm9encrypt)/sizeof(int) },
436 };
437
438 static const int sm9_oids_count = sizeof(sm9_oids)/sizeof(sm9_oids[0]);
439
440
sm9_oid_name(int oid)441 const char *sm9_oid_name(int oid)
442 {
443 const ASN1_OID_INFO *info;
444 if (!(info = asn1_oid_info_from_oid(sm9_oids, sm9_oids_count, oid))) {
445 error_print();
446 return NULL;
447 }
448 return info->name;
449 }
450
sm9_oid_from_name(const char * name)451 int sm9_oid_from_name(const char *name)
452 {
453 const ASN1_OID_INFO *info;
454 if (!(info = asn1_oid_info_from_name(sm9_oids, sm9_oids_count, name))) {
455 error_print();
456 return OID_undef;
457 }
458 return info->oid;
459 }
460
sm9_oid_to_der(int oid,uint8_t ** out,size_t * outlen)461 int sm9_oid_to_der(int oid, uint8_t **out, size_t *outlen)
462 {
463 const ASN1_OID_INFO *info;
464 if (oid == -1) {
465 // TODO: 检查其他的oid_to_der是否支持这个default == -1 的特性
466 return 0;
467 }
468 if (!(info = asn1_oid_info_from_oid(sm9_oids, sm9_oids_count, oid))) {
469 error_print();
470 return -1;
471 }
472 if (asn1_object_identifier_to_der(info->nodes, info->nodes_cnt, out, outlen) != 1) {
473 error_print();
474 return -1;
475 }
476 return 1;
477 }
478
sm9_oid_from_der(int * oid,const uint8_t ** in,size_t * inlen)479 int sm9_oid_from_der(int *oid, const uint8_t **in, size_t *inlen)
480 {
481 int ret;
482 const ASN1_OID_INFO *info;
483
484 if ((ret = asn1_oid_info_from_der(&info, sm9_oids, sm9_oids_count, in, inlen)) != 1) {
485 if (ret < 0) error_print();
486 else *oid = -1;
487 return ret;
488 }
489 *oid = info->oid;
490 return 1;
491 }
492
sm9_algor_to_der(int alg,int params,uint8_t ** out,size_t * outlen)493 int sm9_algor_to_der(int alg, int params, uint8_t **out, size_t *outlen)
494 {
495 size_t len = 0;
496 if (sm9_oid_to_der(alg, NULL, &len) != 1
497 || sm9_oid_to_der(params, NULL, &len) < 0
498 || asn1_sequence_header_to_der(len, out, outlen) != 1
499 || sm9_oid_to_der(alg, out, outlen) != 1
500 || sm9_oid_to_der(params, out, outlen) < 0) {
501 error_print();
502 return -1;
503 }
504 return 1;
505 }
506
sm9_algor_from_der(int * alg,int * params,const uint8_t ** in,size_t * inlen)507 int sm9_algor_from_der(int *alg, int *params, const uint8_t **in, size_t *inlen)
508 {
509 int ret;
510 const uint8_t *d;
511 size_t dlen;
512
513 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
514 if (ret < 0) error_print();
515 return ret;
516 }
517 if (sm9_oid_from_der(alg, &d, &dlen) != 1
518 || sm9_oid_from_der(params, &d, &dlen) < 0
519 || asn1_length_is_zero(dlen) != 1) {
520 error_print();
521 return -1;
522 }
523 return 1;
524 }
525
sm9_private_key_info_to_der(int alg,int params,const uint8_t * prikey,size_t prikey_len,uint8_t ** out,size_t * outlen)526 static int sm9_private_key_info_to_der(int alg, int params, const uint8_t *prikey, size_t prikey_len,
527 uint8_t **out, size_t *outlen)
528 {
529 size_t len = 0;
530 if (prikey_len > SM9_MAX_PRIVATE_KEY_SIZE) {
531 error_print();
532 return -1;
533 }
534 if (asn1_int_to_der(PKCS8_private_key_info_version, NULL, &len) != 1
535 || sm9_algor_to_der(alg, params, NULL, &len) != 1
536 || asn1_octet_string_to_der(prikey, prikey_len, NULL, &len) != 1
537 || asn1_sequence_header_to_der(len, out, outlen) != 1
538 || asn1_int_to_der(PKCS8_private_key_info_version, out, outlen) != 1
539 || sm9_algor_to_der(alg, params, out, outlen) != 1
540 || asn1_octet_string_to_der(prikey, prikey_len, out, outlen) != 1) {
541 error_print();
542 return -1;
543 }
544 //printf("alg %s params %s prikey_len %zu: SM9_PRIVATE_KEY_INFO_SIZE %zu\n", sm9_oid_name(alg), sm9_oid_name(params), prikey_len, *outlen);
545 return 1;
546 }
547
sm9_private_key_info_from_der(int * alg,int * params,const uint8_t ** prikey,size_t * prikey_len,const uint8_t ** in,size_t * inlen)548 static int sm9_private_key_info_from_der(int *alg, int *params, const uint8_t **prikey, size_t *prikey_len,
549 const uint8_t **in, size_t *inlen)
550 {
551 int ret;
552 const uint8_t *d;
553 size_t dlen;
554 int ver;
555
556 if ((ret = asn1_sequence_from_der(&d, &dlen, in, inlen)) != 1) {
557 if (ret < 0) error_print();
558 else error_print();
559 return ret;
560 }
561 if (asn1_int_from_der(&ver, &d, &dlen) != 1
562 || sm9_algor_from_der(alg, params, &d, &dlen) != 1
563 || asn1_octet_string_from_der(prikey, prikey_len, &d, &dlen) != 1
564 || asn1_length_is_zero(dlen) != 1) {
565 error_print();
566 return -1;
567 }
568 if (ver != PKCS8_private_key_info_version) {
569 error_print();
570 return -1;
571 }
572 if (*prikey_len > SM9_MAX_PRIVATE_KEY_SIZE) {
573 error_print();
574 return -1;
575 }
576 return 1;
577 }
578
sm9_private_key_info_encrypt_to_der(int alg,int params,const uint8_t * prikey,size_t prikey_len,const char * pass,uint8_t ** out,size_t * outlen)579 static int sm9_private_key_info_encrypt_to_der(int alg, int params, const uint8_t *prikey, size_t prikey_len,
580 const char *pass, uint8_t **out, size_t *outlen)
581 {
582 int ret = -1;
583 uint8_t pkey_info[SM9_MAX_PRIVATE_KEY_INFO_SIZE];
584 uint8_t *p = pkey_info;
585 size_t pkey_info_len = 0;
586 uint8_t salt[16];
587 int iter = 65536;
588 uint8_t iv[16];
589 uint8_t key[16];
590 SM4_KEY sm4_key;
591 uint8_t enced_pkey_info[sizeof(pkey_info) + 16]; // cbc-padding of pkey_info
592 size_t enced_pkey_info_len;
593
594 if (sm9_private_key_info_to_der(alg, params, prikey, prikey_len, &p, &pkey_info_len) != 1
595 || rand_bytes(salt, sizeof(salt)) != 1
596 || rand_bytes(iv, sizeof(iv)) != 1
597 || pbkdf2_hmac_sm3_genkey(pass, strlen(pass), salt, sizeof(salt), iter, sizeof(key), key) != 1) {
598 error_print();
599 goto end;
600 }
601 sm4_set_encrypt_key(&sm4_key, key);
602 if (sm4_cbc_padding_encrypt(&sm4_key, iv, pkey_info, pkey_info_len, enced_pkey_info, &enced_pkey_info_len) != 1
603 || pkcs8_enced_private_key_info_to_der(salt, sizeof(salt), iter, sizeof(key),
604 OID_hmac_sm3, OID_sm4_cbc, iv, sizeof(iv),
605 enced_pkey_info, enced_pkey_info_len, out, outlen) != 1) {
606 error_print();
607 goto end;
608 }
609 //printf("SM9_ENCED_PRIVATE_KEY_INFO_SIZE %zu\n", *outlen);
610 ret = 1;
611 end:
612 gmssl_secure_clear(pkey_info, sizeof(pkey_info));
613 gmssl_secure_clear(salt, sizeof(salt));
614 gmssl_secure_clear(iv, sizeof(iv));
615 gmssl_secure_clear(key, sizeof(key));
616 return ret;
617 }
618
sm9_private_key_info_decrypt_from_der(int * alg,int * params,uint8_t * prikey,size_t * prikey_len,const char * pass,const uint8_t ** in,size_t * inlen)619 static int sm9_private_key_info_decrypt_from_der(int *alg, int *params, uint8_t *prikey, size_t *prikey_len,
620 const char *pass, const uint8_t **in, size_t *inlen)
621 {
622 int ret = -1;
623 const uint8_t *salt;
624 size_t saltlen;
625 int iter;
626 int keylen;
627 int prf;
628 int cipher;
629 const uint8_t *iv;
630 size_t ivlen;
631 uint8_t key[16];
632 SM4_KEY sm4_key;
633 const uint8_t *enced_pkey_info;
634 size_t enced_pkey_info_len;
635 uint8_t pkey_info[SM9_MAX_PRIVATE_KEY_INFO_SIZE];
636 const uint8_t *cp = pkey_info;
637 size_t pkey_info_len;
638 const uint8_t *cp_prikey;
639
640 if (pkcs8_enced_private_key_info_from_der(&salt, &saltlen, &iter, &keylen, &prf,
641 &cipher, &iv, &ivlen, &enced_pkey_info, &enced_pkey_info_len, in, inlen) != 1
642 || asn1_check(keylen == -1 || keylen == 16) != 1
643 || asn1_check(prf == - 1 || prf == OID_hmac_sm3) != 1
644 || asn1_check(cipher == OID_sm4_cbc) != 1
645 || asn1_check(ivlen == 16) != 1
646 || asn1_length_le(enced_pkey_info_len, sizeof(pkey_info)) != 1) {
647 error_print();
648 return -1;
649 }
650 if (pbkdf2_genkey(DIGEST_sm3(), pass, strlen(pass), salt, saltlen, iter, sizeof(key), key) != 1) {
651 error_print();
652 goto end;
653 }
654 sm4_set_decrypt_key(&sm4_key, key);
655 if (sm4_cbc_padding_decrypt(&sm4_key, iv, enced_pkey_info, enced_pkey_info_len,
656 pkey_info, &pkey_info_len) != 1
657 || sm9_private_key_info_from_der(alg, params, &cp_prikey, prikey_len, // 注意这里的是const uint8_t *,必须拷贝到外面
658 &cp, &pkey_info_len) != 1
659 || asn1_length_is_zero(pkey_info_len) != 1) {
660 error_print();
661 goto end;
662 }
663 memcpy(prikey, cp_prikey, *prikey_len);
664 ret = 1;
665 end:
666 gmssl_secure_clear(&sm4_key, sizeof(sm4_key));
667 gmssl_secure_clear(key, sizeof(key));
668 gmssl_secure_clear(pkey_info, sizeof(pkey_info));
669 return ret;
670 }
671
672
673
sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY * msk,const char * pass,uint8_t ** out,size_t * outlen)674 int sm9_sign_master_key_info_encrypt_to_der(const SM9_SIGN_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen)
675 {
676 uint8_t buf[SM9_SIGN_MASTER_KEY_MAX_SIZE];
677 uint8_t *p = buf;
678 size_t len = 0;
679
680 if (sm9_sign_master_key_to_der(msk, &p, &len) != 1
681 || sm9_private_key_info_encrypt_to_der(OID_sm9, OID_sm9sign, buf, len, pass, out, outlen) != 1) {
682 error_print();
683 return -1;
684 }
685 return 1;
686 }
687
688
sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY * msk,const char * pass,const uint8_t ** in,size_t * inlen)689 int sm9_sign_master_key_info_decrypt_from_der(SM9_SIGN_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen)
690 {
691 int ret = -1;
692 int alg, params;
693 uint8_t prikey[SM9_MAX_PRIVATE_KEY_SIZE];
694 size_t prikey_len;
695 const uint8_t *cp = prikey;
696
697 if (sm9_private_key_info_decrypt_from_der(&alg, ¶ms, prikey, &prikey_len, pass, in, inlen) != 1) {
698 error_print();
699 goto end;
700 }
701 if (alg != OID_sm9) {
702 error_print();
703 goto end;
704 }
705 if (params != OID_sm9sign) {
706 error_print();
707 goto end;
708 }
709 if (sm9_sign_master_key_from_der(msk, &cp, &prikey_len) != 1
710 || asn1_length_is_zero(prikey_len) != 1) {
711 error_print();
712 goto end;
713 }
714 ret = 1;
715 end:
716 gmssl_secure_clear(prikey, sizeof(prikey));
717 return ret;
718 }
719
sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY * msk,const char * pass,FILE * fp)720 int sm9_sign_master_key_info_encrypt_to_pem(const SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp)
721 {
722 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
723 uint8_t *p = buf;
724 size_t len = 0;
725
726 if (sm9_sign_master_key_info_encrypt_to_der(msk, pass, &p, &len) != 1) {
727 error_print();
728 return -1;
729 }
730 if (pem_write(fp, PEM_SM9_SIGN_MASTER_KEY, buf, len) != 1) {
731 error_print();
732 return -1;
733 }
734 return 1;
735 }
736
sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY * msk,const char * pass,FILE * fp)737 int sm9_sign_master_key_info_decrypt_from_pem(SM9_SIGN_MASTER_KEY *msk, const char *pass, FILE *fp)
738 {
739 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
740 const uint8_t *cp = buf;
741 size_t len;
742
743 if (pem_read(fp, PEM_SM9_SIGN_MASTER_KEY, buf, &len, sizeof(buf)) != 1
744 || sm9_sign_master_key_info_decrypt_from_der(msk, pass, &cp, &len) != 1
745 || asn1_length_is_zero(len) != 1) {
746 error_print();
747 return -1;
748 }
749 return 1;
750 }
751
sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY * mpk,FILE * fp)752 int sm9_sign_master_public_key_to_pem(const SM9_SIGN_MASTER_KEY *mpk, FILE *fp)
753 {
754 uint8_t buf[SM9_SIGN_MASTER_PUBLIC_KEY_SIZE];
755 uint8_t *p = buf;
756 size_t len = 0;
757
758 if (sm9_sign_master_public_key_to_der(mpk, &p, &len) != 1) {
759 error_print();
760 return -1;
761 }
762 if (pem_write(fp, PEM_SM9_SIGN_MASTER_PUBLIC_KEY, buf, len) != 1) {
763 error_print();
764 return -1;
765 }
766 return 1;
767 }
768
sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY * mpk,FILE * fp)769 int sm9_sign_master_public_key_from_pem(SM9_SIGN_MASTER_KEY *mpk, FILE *fp)
770 {
771 uint8_t buf[512];
772 const uint8_t *cp = buf;
773 size_t len;
774
775 if (pem_read(fp, PEM_SM9_SIGN_MASTER_PUBLIC_KEY, buf, &len, sizeof(buf)) != 1
776 || sm9_sign_master_public_key_from_der(mpk, &cp, &len) != 1
777 || asn1_length_is_zero(len) != 1) {
778 error_print();
779 return -1;
780 }
781 return 1;
782 }
783
sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY * key,const char * pass,uint8_t ** out,size_t * outlen)784 int sm9_sign_key_info_encrypt_to_der(const SM9_SIGN_KEY *key, const char *pass, uint8_t **out, size_t *outlen)
785 {
786 uint8_t buf[SM9_SIGN_KEY_SIZE];
787 uint8_t *p = buf;
788 size_t len = 0;
789
790 if (sm9_sign_key_to_der(key, &p, &len) != 1
791 || sm9_private_key_info_encrypt_to_der(OID_sm9sign, -1, buf, len, pass, out, outlen) != 1) {
792 error_print();
793 return -1;
794 }
795 return 1;
796 }
797
sm9_sign_key_info_decrypt_from_der(SM9_SIGN_KEY * key,const char * pass,const uint8_t ** in,size_t * inlen)798 int sm9_sign_key_info_decrypt_from_der(SM9_SIGN_KEY *key, const char *pass, const uint8_t **in, size_t *inlen)
799 {
800 int ret = -1;
801 int alg, params;
802 uint8_t prikey[512];
803 size_t prikey_len;
804 const uint8_t *cp = prikey;
805
806 if (sm9_private_key_info_decrypt_from_der(&alg, ¶ms, prikey, &prikey_len, pass, in, inlen) != 1) {
807 error_print();
808 goto end;
809 }
810 if (alg != OID_sm9sign) {
811 error_print();
812 goto end;
813 }
814 if (params != -1) {
815 error_print();
816 goto end;
817 }
818 if (sm9_sign_key_from_der(key, &cp, &prikey_len) != 1
819 || asn1_length_is_zero(prikey_len) != 1) {
820 error_print();
821 goto end;
822 }
823 ret = 1;
824 end:
825 gmssl_secure_clear(prikey, sizeof(prikey));
826 return ret;
827 }
828
sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY * key,const char * pass,FILE * fp)829 int sm9_sign_key_info_encrypt_to_pem(const SM9_SIGN_KEY *key, const char *pass, FILE *fp)
830 {
831 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
832 uint8_t *p = buf;
833 size_t len = 0;
834
835 if (sm9_sign_key_info_encrypt_to_der(key, pass, &p, &len) != 1) {
836 error_print();
837 return -1;
838 }
839 if (pem_write(fp, PEM_SM9_SIGN_PRIVATE_KEY, buf, len) != 1) {
840 error_print();
841 return -1;
842 }
843 return 1;
844 }
845
sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY * key,const char * pass,FILE * fp)846 int sm9_sign_key_info_decrypt_from_pem(SM9_SIGN_KEY *key, const char *pass, FILE *fp)
847 {
848 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
849 const uint8_t *cp = buf;
850 size_t len;
851
852 if (pem_read(fp, PEM_SM9_SIGN_PRIVATE_KEY, buf, &len, sizeof(buf)) != 1
853 || sm9_sign_key_info_decrypt_from_der(key, pass, &cp, &len) != 1
854 || asn1_length_is_zero(len) != 1) {
855 error_print();
856 return -1;
857 }
858 return 1;
859 }
860
sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY * msk,const char * pass,uint8_t ** out,size_t * outlen)861 int sm9_enc_master_key_info_encrypt_to_der(const SM9_ENC_MASTER_KEY *msk, const char *pass, uint8_t **out, size_t *outlen)
862 {
863 uint8_t buf[256];
864 uint8_t *p = buf;
865 size_t len = 0;
866
867 if (sm9_enc_master_key_to_der(msk, &p, &len) != 1
868 || sm9_private_key_info_encrypt_to_der(OID_sm9, OID_sm9encrypt, buf, len, pass, out, outlen) != 1) {
869 error_print();
870 return -1;
871 }
872 return 1;
873 }
874
sm9_enc_master_key_info_decrypt_from_der(SM9_ENC_MASTER_KEY * msk,const char * pass,const uint8_t ** in,size_t * inlen)875 int sm9_enc_master_key_info_decrypt_from_der(SM9_ENC_MASTER_KEY *msk, const char *pass, const uint8_t **in, size_t *inlen)
876 {
877 int ret = -1;
878 int alg, params;
879 uint8_t prikey[512];
880 size_t prikey_len;
881 const uint8_t *cp = prikey;
882
883 if (sm9_private_key_info_decrypt_from_der(&alg, ¶ms, prikey, &prikey_len, pass, in, inlen) != 1) {
884 error_print();
885 goto end;
886 }
887 if (alg != OID_sm9) {
888 error_print();
889 goto end;
890 }
891 if (params != OID_sm9encrypt) {
892 error_print();
893 goto end;
894 }
895 if (sm9_enc_master_key_from_der(msk, &cp, &prikey_len) != 1
896 || asn1_length_is_zero(prikey_len) != 1) {
897 error_print();
898 goto end;
899 }
900 ret = 1;
901 end:
902 gmssl_secure_clear(prikey, sizeof(prikey));
903 return 1;
904 }
905
sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY * msk,const char * pass,FILE * fp)906 int sm9_enc_master_key_info_encrypt_to_pem(const SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp)
907 {
908 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
909 uint8_t *p = buf;
910 size_t len = 0;
911
912 if (sm9_enc_master_key_info_encrypt_to_der(msk, pass, &p, &len) != 1) {
913 error_print();
914 return -1;
915 }
916 if (pem_write(fp, PEM_SM9_ENC_MASTER_KEY, buf, len) != 1) {
917 error_print();
918 return -1;
919 }
920 return 1;
921 }
922
sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY * msk,const char * pass,FILE * fp)923 int sm9_enc_master_key_info_decrypt_from_pem(SM9_ENC_MASTER_KEY *msk, const char *pass, FILE *fp)
924 {
925 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
926 const uint8_t *cp = buf;
927 size_t len;
928
929 if (pem_read(fp, PEM_SM9_ENC_MASTER_KEY, buf, &len, sizeof(buf)) != 1
930 || sm9_enc_master_key_info_decrypt_from_der(msk, pass, &cp, &len) != 1
931 || asn1_length_is_zero(len) != 1) {
932 error_print();
933 return -1;
934 }
935 return 1;
936 }
937
sm9_enc_master_public_key_to_pem(const SM9_ENC_MASTER_KEY * mpk,FILE * fp)938 int sm9_enc_master_public_key_to_pem(const SM9_ENC_MASTER_KEY *mpk, FILE *fp)
939 {
940 uint8_t buf[1024];
941 uint8_t *p = buf;
942 size_t len = 0;
943
944 if (sm9_enc_master_public_key_to_der(mpk, &p, &len) != 1) {
945 error_print();
946 return -1;
947 }
948 if (pem_write(fp, PEM_SM9_ENC_MASTER_PUBLIC_KEY, buf, len) != 1) {
949 error_print();
950 return -1;
951 }
952 return 1;
953 }
954
sm9_enc_master_public_key_from_pem(SM9_ENC_MASTER_KEY * mpk,FILE * fp)955 int sm9_enc_master_public_key_from_pem(SM9_ENC_MASTER_KEY *mpk, FILE *fp)
956 {
957 uint8_t buf[512];
958 const uint8_t *cp = buf;
959 size_t len;
960
961 if (pem_read(fp, PEM_SM9_ENC_MASTER_PUBLIC_KEY, buf, &len, sizeof(buf)) != 1
962 || sm9_enc_master_public_key_from_der(mpk, &cp, &len) != 1
963 || asn1_length_is_zero(len) != 1) {
964 error_print();
965 return -1;
966 }
967 return 1;
968 }
969
sm9_enc_key_info_encrypt_to_der(const SM9_ENC_KEY * key,const char * pass,uint8_t ** out,size_t * outlen)970 int sm9_enc_key_info_encrypt_to_der(const SM9_ENC_KEY *key, const char *pass, uint8_t **out, size_t *outlen)
971 {
972 uint8_t buf[1024];
973 uint8_t *p = buf;
974 size_t len = 0;
975
976 if (sm9_enc_key_to_der(key, &p, &len) != 1
977 || sm9_private_key_info_encrypt_to_der(OID_sm9encrypt, -1, buf, len, pass, out, outlen) != 1) {
978 error_print();
979 return -1;
980 }
981 return 1;
982 }
983
sm9_enc_key_info_decrypt_from_der(SM9_ENC_KEY * key,const char * pass,const uint8_t ** in,size_t * inlen)984 int sm9_enc_key_info_decrypt_from_der(SM9_ENC_KEY *key, const char *pass, const uint8_t **in, size_t *inlen)
985 {
986 int ret = -1;
987 int alg, params;
988 uint8_t prikey[512];
989 size_t prikey_len;
990 const uint8_t *cp = prikey;
991
992 if (sm9_private_key_info_decrypt_from_der(&alg, ¶ms, prikey, &prikey_len, pass, in, inlen) != 1) {
993 error_print();
994 goto end;
995 }
996 if (alg != OID_sm9encrypt) {
997 error_print();
998 goto end;
999 }
1000 if (params != -1) {
1001 error_print();
1002 goto end;
1003 }
1004 if (sm9_enc_key_from_der(key, &cp, &prikey_len) != 1
1005 || asn1_length_is_zero(prikey_len) != 1) {
1006 error_print();
1007 goto end;
1008 }
1009 ret = 1;
1010 end:
1011 gmssl_secure_clear(prikey, sizeof(prikey));
1012 return ret;
1013 }
1014
sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY * key,const char * pass,FILE * fp)1015 int sm9_enc_key_info_encrypt_to_pem(const SM9_ENC_KEY *key, const char *pass, FILE *fp)
1016 {
1017 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
1018 uint8_t *p = buf;
1019 size_t len = 0;
1020
1021 if (sm9_enc_key_info_encrypt_to_der(key, pass, &p, &len) != 1) {
1022 error_print();
1023 return -1;
1024 }
1025 if (pem_write(fp, PEM_SM9_ENC_PRIVATE_KEY, buf, len) != 1) {
1026 error_print();
1027 return -1;
1028 }
1029 return 1;
1030 }
1031
sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY * key,const char * pass,FILE * fp)1032 int sm9_enc_key_info_decrypt_from_pem(SM9_ENC_KEY *key, const char *pass, FILE *fp)
1033 {
1034 uint8_t buf[SM9_MAX_ENCED_PRIVATE_KEY_INFO_SIZE];
1035 const uint8_t *cp = buf;
1036 size_t len;
1037
1038 if (pem_read(fp, PEM_SM9_ENC_PRIVATE_KEY, buf, &len, sizeof(buf)) != 1
1039 || sm9_enc_key_info_decrypt_from_der(key, pass, &cp, &len) != 1
1040 || asn1_length_is_zero(len) != 1) {
1041 error_print();
1042 return -1;
1043 }
1044 return 1;
1045 }
1046
sm9_sign_master_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_SIGN_MASTER_KEY * msk)1047 int sm9_sign_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *msk)
1048 {
1049 format_print(fp, fmt, ind, "%s\n", label);
1050 ind += 4;
1051 sm9_fn_print(fp, fmt, ind, "ks", msk->ks);
1052 sm9_twist_point_print(fp, fmt, ind, "Ppubs", &msk->Ppubs);
1053 return 1;
1054 }
1055
sm9_sign_master_public_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_SIGN_MASTER_KEY * mpk)1056 int sm9_sign_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_MASTER_KEY *mpk)
1057 {
1058 format_print(fp, fmt, ind, "%s\n", label);
1059 ind += 4;
1060 sm9_twist_point_print(fp, fmt, ind, "Ppubs", &mpk->Ppubs);
1061 return 1;
1062 }
1063
sm9_sign_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_SIGN_KEY * key)1064 int sm9_sign_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_SIGN_KEY *key)
1065 {
1066 format_print(fp, fmt, ind, "%s\n", label);
1067 ind += 4;
1068 sm9_point_print(fp, fmt, ind, "ds", &key->ds);
1069 sm9_twist_point_print(fp, fmt, ind, "Ppubs", &key->Ppubs);
1070 return 1;
1071 }
1072
sm9_enc_master_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_ENC_MASTER_KEY * msk)1073 int sm9_enc_master_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *msk)
1074 {
1075 format_print(fp, fmt, ind, "%s\n", label);
1076 ind += 4;
1077 sm9_fn_print(fp, fmt, ind, "ke", msk->ke);
1078 sm9_point_print(fp, fmt, ind, "Ppube", &msk->Ppube);
1079 return 1;
1080 }
1081
sm9_enc_master_public_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_ENC_MASTER_KEY * mpk)1082 int sm9_enc_master_public_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_MASTER_KEY *mpk)
1083 {
1084 format_print(fp, fmt, ind, "%s\n", label);
1085 ind += 4;
1086 sm9_point_print(fp, fmt, ind, "Ppube", &mpk->Ppube);
1087 return 1;
1088 }
1089
sm9_enc_key_print(FILE * fp,int fmt,int ind,const char * label,const SM9_ENC_KEY * key)1090 int sm9_enc_key_print(FILE *fp, int fmt, int ind, const char *label, const SM9_ENC_KEY *key)
1091 {
1092 format_print(fp, fmt, ind, "%s\n", label);
1093 ind += 4;
1094 sm9_twist_point_print(fp, fmt, ind, "de", &key->de);
1095 sm9_point_print(fp, fmt, ind, "Ppube", &key->Ppube);
1096 return 1;
1097 }
1098
sm9_signature_print(FILE * fp,int fmt,int ind,const char * label,const uint8_t * sig,size_t siglen)1099 int sm9_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen)
1100 {
1101 const uint8_t *d;
1102 size_t dlen;
1103 const uint8_t *p;
1104 size_t len;
1105
1106 if (asn1_sequence_from_der(&d, &dlen, &sig, &siglen) != 1
1107 || asn1_length_is_zero(siglen) != 1) {
1108 error_print();
1109 return -1;
1110 }
1111
1112 format_print(fp, fmt, ind, "%s\n", label);
1113 ind += 4;
1114 if (asn1_octet_string_from_der(&p, &len, &d, &dlen) != 1) goto err;
1115 format_bytes(fp, fmt, ind, "h", p, len);
1116 if (asn1_bit_octets_from_der(&p, &len, &d, &dlen) != 1) goto err;
1117 format_bytes(fp, fmt, ind, "S", p, len);
1118 if (asn1_length_is_zero(dlen) != 1) goto err;
1119 return 1;
1120 err:
1121 error_print();
1122 return -1;
1123 }
1124
sm9_ciphertext_print(FILE * fp,int fmt,int ind,const char * label,const uint8_t * a,size_t alen)1125 int sm9_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen)
1126 {
1127 const uint8_t *d;
1128 size_t dlen;
1129 int val;
1130 const uint8_t *p;
1131 size_t len;
1132
1133 if (asn1_sequence_from_der(&d, &dlen, &a, &alen) != 1
1134 || asn1_length_is_zero(alen) != 1) {
1135 error_print();
1136 return -1;
1137 }
1138 format_print(fp, fmt, ind, "%s\n", label);
1139 ind += 4;
1140
1141 if (asn1_int_from_der(&val, &d, &dlen) != 1) goto err;
1142 format_print(fp, fmt, ind, "EnType: %d\n", val);
1143 if (asn1_bit_octets_from_der(&p, &len, &d, &dlen) != 1) goto err;
1144 format_bytes(fp, fmt, ind, "C1", p, len);
1145 if (asn1_octet_string_from_der(&p, &len, &d, &dlen) != 1) goto err;
1146 format_bytes(fp, fmt, ind, "C3", p, len);
1147 if (asn1_octet_string_from_der(&p, &len, &d, &dlen) != 1) goto err;
1148 format_bytes(fp, fmt, ind, "CipherText", p, len);
1149 if (asn1_length_is_zero(dlen) != 1) goto err;
1150 return 1;
1151 err:
1152 error_print();
1153 return -1;
1154 }
1155