diff --git a/CMakeLists.txt b/CMakeLists.txt index 1c6b067..544fbb0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,7 +1,7 @@ cmake_minimum_required(VERSION 3.10) project(softsdf C) -set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC -Wall") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC -Wall -g") set(SOFTSDF_SRC softsdf.c) set(SOFTSDFINIT_SRC softsdfinit.c) diff --git a/sdf.h b/sdf.h index f83b818..b8293b8 100644 --- a/sdf.h +++ b/sdf.h @@ -103,6 +103,76 @@ typedef struct SDF_ENVELOPEDKEYBLOB { ECCrefPublicKey PubKey; unsigned char cbEncryptedPrivKey[64]; } EnvelopedKeyBlob, *PEnvelopedKeyBlob; + + + +typedef struct SM9refMasterPrivateKey_st +{ + unsigned int bits; + unsigned char s[SM9ref_MAX_LEN]; +} SM9MasterPrivateKey; + +typedef struct SM9refSignMasterPublicKey_st{ + unsigned int bits; + unsigned char xa[SM9ref_MAX_LEN]; + unsigned char xb[SM9ref_MAX_LEN]; + unsigned char ya[SM9ref_MAX_LEN]; + unsigned char yb[SM9ref_MAX_LEN]; +} SM9SignMasterPublicKey; + +typedef struct SM9refEncMasterPublicKey_st{ + unsigned int bits; + unsigned char x[SM9ref_MAX_LEN]; + unsigned char y[SM9ref_MAX_LEN]; +} SM9EncMasterPublicKey; + +typedef struct SM9refSignUserPrivateKey_st +{ + unsigned int bits; + unsigned char x[SM9ref_MAX_LEN]; + unsigned char y[SM9ref_MAX_LEN]; +}SM9SignUserPrivateKey; + +typedef struct SM9refEncUserPrivateKey_st +{ + unsigned int bits; + unsigned char xa[SM9ref_MAX_LEN]; + unsigned char xb[SM9ref_MAX_LEN]; + unsigned char ya[SM9ref_MAX_LEN]; + unsigned char yb[SM9ref_MAX_LEN]; +}SM9EncUserPrivateKey; + +typedef struct SM9refCipher_st +{ + unsigned int EncType; + unsigned char x[SM9ref_MAX_LEN]; + unsigned char y[SM9ref_MAX_LEN]; + char h[32]; + unsigned int L; + unsigned char C[]; +}SM9Cipher; +typedef struct SM9refSignature_st{ + unsigned char h[SM9ref_MAX_LEN]; + unsigned char x[SM9ref_MAX_LEN]; + unsigned char y[SM9ref_MAX_LEN]; +} SM9Signature; + +typedef struct SM9refKeyPackage_st{ + unsigned char x[SM9ref_MAX_LEN]; + unsigned char y[SM9ref_MAX_LEN]; +} SM9KeyPackage; +typedef struct SM9refEncEnvelopedKey_st{ + unsigned int version; + unsigned int ulSymmAlgID; + unsigned int bits; + unsigned char encryptedPriKey[SM9ref_MAX_LEN * 4]; + SM9EncMasterPublicKey encMastPubKey; + SM9EncMasterPublicKey tempMastPubKey; + unsigned int userIDLen; + unsigned char userID[256]; + unsigned int keyLen; + SM9KeyPackage keyPackage; +} SM9EncEnveploedKey; #pragma pack() int SDF_OpenDevice( @@ -147,12 +217,6 @@ int SDF_ExportEncPublicKey_RSA( unsigned int uiKeyIndex, RSArefPublicKey *pucPublicKey); -int SDF_GenerateKeyPair_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - RSArefPrivateKey *pucPrivateKey); - int SDF_GenerateKeyWithIPK_RSA( void *hSessionHandle, unsigned int uiIPKIndex, @@ -176,15 +240,6 @@ int SDF_ImportKeyWithISK_RSA( unsigned int uiKeyLength, void **phKeyHandle); -int SDF_ExchangeDigitEnvelopeBaseOnRSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDEInput, - unsigned int uiDELength, - unsigned char *pucDEOutput, - unsigned int *puiDELength); - int SDF_ExportSignPublicKey_ECC( void *hSessionHandle, unsigned int uiKeyIndex, @@ -195,13 +250,6 @@ int SDF_ExportEncPublicKey_ECC( unsigned int uiKeyIndex, ECCrefPublicKey *pucPublicKey); -int SDF_GenerateKeyPair_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKeyBits, - ECCrefPublicKey *pucPublicKey, - ECCrefPrivateKey *pucPrivateKey); - int SDF_GenerateKeyWithIPK_ECC( void *hSessionHandle, unsigned int uiIPKIndex, @@ -256,13 +304,13 @@ int SDF_GenerateAgreementDataAndKeyWithECC( ECCrefPublicKey *pucResponseTmpPublicKey, void **phKeyHandle); -int SDF_ExchangeDigitEnvelopeBaseOnECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucEncDataIn, - ECCCipher *pucEncDataOut); +// int SDF_ExchangeDigitEnvelopeBaseOnECC( +// void *hSessionHandle, +// unsigned int uiKeyIndex, +// unsigned int uiAlgID, +// ECCrefPublicKey *pucPublicKey, +// ECCCipher *pucEncDataIn, +// ECCCipher *pucEncDataOut); int SDF_GenerateKeyWithKEK( void *hSessionHandle, @@ -339,51 +387,200 @@ int SDF_ExternalEncrypt_ECC( unsigned int uiDataLength, ECCCipher *pucEncData); -int SDF_InternalEncrypt_ECC( +// int SDF_InternalEncrypt_ECC( +// void *hSessionHandle, +// unsigned int uiIPKIndex, +// unsigned int uiAlgID, +// unsigned char *pucData, +// unsigned int uiDataLength, +// ECCCipher *pucEncData); + +// int SDF_InternalDecrypt_ECC( +// void *hSessionHandle, +// unsigned int uiISKIndex, +// unsigned int uiAlgID, +// ECCCipher *pucEncData, +// unsigned char *pucData, +// unsigned int *uiDataLength); + +int SDF_Encrypt( void *hSessionHandle, - unsigned int uiIPKIndex, + void *hKeyHandle, unsigned int uiAlgID, + unsigned char *pucIV, unsigned char *pucData, unsigned int uiDataLength, - ECCCipher *pucEncData); + unsigned char *pucEncData, + unsigned int *puiEncDataLength); -int SDF_InternalDecrypt_ECC( +int SDF_Decrypt( void *hSessionHandle, - unsigned int uiISKIndex, + void *hKeyHandle, unsigned int uiAlgID, - ECCCipher *pucEncData, + unsigned char *pucIV, + unsigned char *pucEncData, + unsigned int uiEncDataLength, unsigned char *pucData, - unsigned int *uiDataLength); + unsigned int *puiDataLength); -int SDF_Encrypt( +int SDF_CalculateMAC( void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, unsigned char *pucData, unsigned int uiDataLength, + unsigned char *pucMAC, + unsigned int *puiMACLength); + +int SDF_AuthEnc( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength); + +int SDF_AuthDec( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength); + +int SDF_EncryptInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned int uiIVLength); + +int SDF_EncryptUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength, unsigned char *pucEncData, unsigned int *puiEncDataLength); -int SDF_Decrypt( +int SDF_EncryptFinal( + void *hSessionHandle, + unsigned char *pucLastEncData, + unsigned int *puiLastEncDataLength); + +int SDF_DecryptInit( void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, + unsigned int uiIVLength); + +int SDF_DecryptUpdate( + void *hSessionHandle, unsigned char *pucEncData, unsigned int uiEncDataLength, unsigned char *pucData, unsigned int *puiDataLength); -int SDF_CalculateMAC( +int SDF_DecryptFinal( + void *hSessionHandle, + unsigned char *pucLastData, + unsigned int *puiLastDataLength); + +int SDF_CalculateMACInit( void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, + unsigned int uiIVLength); + +int SDF_CalculateMACUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength); + +int SDF_CalculateMACFinal( + void *hSessionHandle, + unsigned char *pucMac, + unsigned int *puiMacLength); + +int SDF_AuthEncInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned int uiDataLength); + +int SDF_AuthEncUpdate( + void *hSessionHandle, unsigned char *pucData, unsigned int uiDataLength, - unsigned char *pucMAC, - unsigned int *puiMACLength); + unsigned char *pucEncData, + unsigned int *puiEncDataLength); + +int SDF_AuthEncFinal( + void *hSessionHandle, + unsigned char *pucLastEncData, + unsigned int *puiLastEncDataLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength); + +int SDF_AuthDecInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucAuthData, + unsigned int uiAuthDataLength, + unsigned int uiDataLength); + +int SDF_AuthDecUpdate( + void *hSessionHandle, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength +); + +int SDF_AuthDecFinal( + void *hSessionHandle, + unsigned char *pucLastData, + unsigned int *puiLastDataLength); + +int SDF_HMACInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID); + +int SDF_HMACUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength +); + +int SDF_HMACFinal( + void *hSessionHandle, + unsigned char *pucHMac, + unsigned int *puiHMacLength); int SDF_HashInit( void *hSessionHandle, @@ -428,7 +625,78 @@ int SDF_DeleteFile( unsigned char *pucFileName, unsigned int uiNameLen); -#define SDR_OK 0x0 +int SDF_GenerateKeyPair_RSA( + unsigned int uiKeyBits, + RSArefPublicKey *pucPublicKey, + RSArefPrivateKey *pucPrivateKey); + +int SDF_GenerateKeyPair_ECC( + unsigned int uiAlgID, + unsigned int uiKeyBits, + ECCrefPublicKey *pucPublicKey, + ECCrefPrivateKey *pucPrivateKey); + +int SDF_ExternalSign_SM9( + SM9SignMasterPublicKey *pSignMasterPublicKey, + SM9SignUserPrivateKey *pSignUserPrivateKey, + unsigned char *pucData, + unsigned int uiDataLength, + SM9Signature *pSignature); + +int SDF_ExternalDecrypt_SM9( + SM9EncUserPrivateKey *pEncUserPrivateKey, + unsigned char *pucUserID, + unsigned int uiUserIDLen, + unsigned char *pucIV, + unsigned char *pucData, + unsigned int uiDataLength, + SM9Cipher *pEncData); + +int SDF_ExternalKeyEncrypt( + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength); + +int SDF_ExternalKeyDecrypt( + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength); + +int SDF_ExternalKeyEncryptInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength); + +int SDF_ExternalKeyDecryptInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength); + +int SDF_ExternalKeyHMACInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength); + +#define SDR_OK 0x0 #define SDR_BASE 0x01000000 #define SDR_UNKNOWERR (SDR_BASE + 0x00000001) #define SDR_NOTSUPPORT (SDR_BASE + 0x00000002) diff --git a/sgd.h b/sgd.h index 6656178..89f7c53 100644 --- a/sgd.h +++ b/sgd.h @@ -363,6 +363,8 @@ typedef HANDLE HCONTAINER; #endif #define ECCref_MAX_LEN ((ECCref_MAX_BITS+7) / 8) +#define SM9ref_MAX_BITS 256 +#define SM9ref_MAX_LEN ((SM9ref_MAX_BITS + 7) / 8) /* SAF */ #define SGD_MAX_COUNT 64 diff --git a/softsdf.c b/softsdf.c index d10e36d..f63003c 100644 --- a/softsdf.c +++ b/softsdf.c @@ -23,14 +23,17 @@ #define SDR_GMSSLERR (SDR_BASE + 0x00000100) -static const uint8_t zeros[ECCref_MAX_LEN - 32] = {0}; - - #define SOFTSDF_MAX_KEY_SIZE 64 - +#define HASH_STATE_NONE 0 +#define HASH_STATE_INIT 1 +#define HASH_STATE_UPDATE 2 +#define HASH_STATE_FINAL 3 struct SOFTSDF_KEY { uint8_t key[SOFTSDF_MAX_KEY_SIZE]; size_t key_size; + SM4_KEY sm4_enc_key; + SM4_KEY sm4_dec_key; + int sm4_key_cached; struct SOFTSDF_KEY *next; }; @@ -49,6 +52,7 @@ struct SOFTSDF_SESSION { SOFTSDF_CONTAINER *container_list; SOFTSDF_KEY *key_list; SM3_CTX sm3_ctx; + int hash_state; struct SOFTSDF_SESSION *next; }; typedef struct SOFTSDF_SESSION SOFTSDF_SESSION; @@ -497,15 +501,15 @@ int SDF_ExportEncPublicKey_RSA( return SDR_NOTSUPPORT; } -int SDF_GenerateKeyPair_RSA( - void *hSessionHandle, - unsigned int uiKeyBits, - RSArefPublicKey *pucPublicKey, - RSArefPrivateKey *pucPrivateKey) -{ - error_print(); - return SDR_NOTSUPPORT; -} +// int SDF_GenerateKeyPair_RSA( +// void *hSessionHandle, +// unsigned int uiKeyBits, +// RSArefPublicKey *pucPublicKey, +// RSArefPrivateKey *pucPrivateKey) +// { +// error_print(); +// return SDR_NOTSUPPORT; +// } int SDF_GenerateKeyWithIPK_RSA( void *hSessionHandle, @@ -542,18 +546,18 @@ int SDF_ImportKeyWithISK_RSA( return SDR_NOTSUPPORT; } -int SDF_ExchangeDigitEnvelopeBaseOnRSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - RSArefPublicKey *pucPublicKey, - unsigned char *pucDEInput, - unsigned int uiDELength, - unsigned char *pucDEOutput, - unsigned int *puiDELength) -{ - error_print(); - return SDR_NOTSUPPORT; -} +// int SDF_ExchangeDigitEnvelopeBaseOnRSA( +// void *hSessionHandle, +// unsigned int uiKeyIndex, +// RSArefPublicKey *pucPublicKey, +// unsigned char *pucDEInput, +// unsigned int uiDELength, +// unsigned char *pucDEOutput, +// unsigned int *puiDELength) +// { +// error_print(); +// return SDR_NOTSUPPORT; +// } int SDF_ExportSignPublicKey_ECC( void *hSessionHandle, @@ -671,72 +675,72 @@ int SDF_ExportEncPublicKey_ECC( return SDR_OK; } -int SDF_GenerateKeyPair_ECC( - void *hSessionHandle, - unsigned int uiAlgID, - unsigned int uiKeyBits, - ECCrefPublicKey *pucPublicKey, - ECCrefPrivateKey *pucPrivateKey) -{ - SOFTSDF_SESSION *session; - SM2_KEY sm2_key; - SM2_POINT public_key; - uint8_t private_key[32]; - - if (deviceHandle == NULL) { - error_print(); - return SDR_STEPERR; - } - - if (hSessionHandle == NULL) { - error_puts("Invalid session handle"); - return SDR_INARGERR; - } - session = deviceHandle->session_list; - while (session != NULL && session != hSessionHandle) { - session = session->next; - } - if (session == NULL) { - error_print(); - return SDR_INARGERR; - } - - if (uiAlgID != SGD_SM2_1 && uiAlgID != SGD_SM2_3) { - error_print(); - return SDR_INARGERR; - } - - if (uiKeyBits != 256) { - error_print(); - return SDR_INARGERR; - } - - if (pucPublicKey == NULL || pucPrivateKey == NULL) { - error_print(); - return SDR_INARGERR; - } - - if (sm2_key_generate(&sm2_key) != 1) { - error_print(); - return SDR_GMSSLERR; - } - - sm2_z256_to_bytes(sm2_key.private_key, private_key); - sm2_z256_point_to_bytes(&sm2_key.public_key, (uint8_t *)&public_key); - - memset(pucPublicKey, 0, sizeof(*pucPublicKey)); - pucPublicKey->bits = 256; - memcpy(pucPublicKey->x + ECCref_MAX_LEN - 32, public_key.x, 32); - memcpy(pucPublicKey->y + ECCref_MAX_LEN - 32, public_key.y, 32); - - memset(pucPrivateKey, 0, sizeof(*pucPrivateKey)); - pucPrivateKey->bits = 256; - memcpy(pucPrivateKey->K + ECCref_MAX_LEN - 32, private_key, 32); - - memset(&sm2_key, 0, sizeof(sm2_key)); - memset(private_key, 0, sizeof(private_key)); - return SDR_OK; -} +// int SDF_GenerateKeyPair_ECC( +// void *hSessionHandle, +// unsigned int uiAlgID, +// unsigned int uiKeyBits, +// ECCrefPublicKey *pucPublicKey, +// ECCrefPrivateKey *pucPrivateKey) +// { +// SOFTSDF_SESSION *session; +// SM2_KEY sm2_key; +// SM2_POINT public_key; +// uint8_t private_key[32]; + +// if (deviceHandle == NULL) { +// error_print(); +// return SDR_STEPERR; +// } + +// if (hSessionHandle == NULL) { +// error_puts("Invalid session handle"); +// return SDR_INARGERR; +// } +// session = deviceHandle->session_list; +// while (session != NULL && session != hSessionHandle) { +// session = session->next; +// } +// if (session == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// if (uiAlgID != SGD_SM2_1 && uiAlgID != SGD_SM2_3) { +// error_print(); +// return SDR_INARGERR; +// } + +// if (uiKeyBits != 256) { +// error_print(); +// return SDR_INARGERR; +// } + +// if (pucPublicKey == NULL || pucPrivateKey == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// if (sm2_key_generate(&sm2_key) != 1) { +// error_print(); +// return SDR_GMSSLERR; +// } + +// sm2_z256_to_bytes(sm2_key.private_key, private_key); +// sm2_z256_point_to_bytes(&sm2_key.public_key, (uint8_t *)&public_key); + +// memset(pucPublicKey, 0, sizeof(*pucPublicKey)); +// pucPublicKey->bits = 256; +// memcpy(pucPublicKey->x + ECCref_MAX_LEN - 32, public_key.x, 32); +// memcpy(pucPublicKey->y + ECCref_MAX_LEN - 32, public_key.y, 32); + +// memset(pucPrivateKey, 0, sizeof(*pucPrivateKey)); +// pucPrivateKey->bits = 256; +// memcpy(pucPrivateKey->K + ECCref_MAX_LEN - 32, private_key, 32); + +// memset(&sm2_key, 0, sizeof(sm2_key)); +// memset(private_key, 0, sizeof(private_key)); +// return SDR_OK; +// } int SDF_GenerateKeyWithIPK_ECC( void *hSessionHandle, @@ -811,6 +815,15 @@ int SDF_GenerateKeyWithIPK_ECC( return SDR_GMSSLERR; } key->key_size = uiKeyBits/8; + if (key->key_size == SM4_KEY_SIZE) { + sm4_set_encrypt_key(&key->sm4_enc_key, key->key); + sm4_set_decrypt_key(&key->sm4_dec_key, key->key); + key->sm4_key_cached = 1; + } else { + key->sm4_key_cached = 0; + error_print(); + return SDR_KEYERR; + } // encrypt key with container if (sm2_do_encrypt(&sm2_key, key->key, key->key_size, &ctxt) != 1) { @@ -914,6 +927,15 @@ int SDF_GenerateKeyWithEPK_ECC( return SDR_GMSSLERR; } key->key_size = uiKeyBits/8; + if (key->key_size == SM4_KEY_SIZE) { + sm4_set_encrypt_key(&key->sm4_enc_key, key->key); + sm4_set_decrypt_key(&key->sm4_dec_key, key->key); + key->sm4_key_cached = 1; + } else { + key->sm4_key_cached = 0; + error_print(); + return SDR_KEYERR; + } // encrypt key with external public key if (sm2_do_encrypt(&sm2_key, key->key, key->key_size, &ctxt) != 1) { @@ -1084,17 +1106,17 @@ int SDF_GenerateAgreementDataAndKeyWithECC( return SDR_NOTSUPPORT; } -int SDF_ExchangeDigitEnvelopeBaseOnECC( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned int uiAlgID, - ECCrefPublicKey *pucPublicKey, - ECCCipher *pucEncDataIn, - ECCCipher *pucEncDataOut) -{ - error_print(); - return SDR_NOTSUPPORT; -} +// int SDF_ExchangeDigitEnvelopeBaseOnECC( +// void *hSessionHandle, +// unsigned int uiKeyIndex, +// unsigned int uiAlgID, +// ECCrefPublicKey *pucPublicKey, +// ECCCipher *pucEncDataIn, +// ECCCipher *pucEncDataOut) +// { +// error_print(); +// return SDR_NOTSUPPORT; +// } // XXX: `SDF_GenerateKeyWithKEK` use CBC-Padding, so the `pucKey` can not be decrypted by `SDF_Decrypt` int SDF_GenerateKeyWithKEK( @@ -1116,7 +1138,8 @@ int SDF_GenerateKeyWithKEK( size_t enced_len; SOFTSDF_KEY *key; - if (deviceHandle == NULL) { + if (deviceHandle == NULL) + { error_print(); return SDR_STEPERR; } @@ -1143,7 +1166,6 @@ int SDF_GenerateKeyWithKEK( error_print(); return SDR_INARGERR; } - // load KEK file with index snprintf(filename, FILENAME_MAX_LEN, "kek-%u.key", uiKEKIndex); file = fopen(filename, "rb"); @@ -1152,7 +1174,6 @@ int SDF_GenerateKeyWithKEK( error_print(); return SDR_KEYNOTEXIST; } - size_t rlen; if ((rlen = fread(kek, 1, sizeof(kek), file)) != sizeof(kek)) { @@ -1174,7 +1195,6 @@ int SDF_GenerateKeyWithKEK( error_print(); return SDR_INARGERR; } - // generate key key = (SOFTSDF_KEY *)malloc(sizeof(SOFTSDF_KEY)); if (key == NULL) { @@ -1192,6 +1212,16 @@ int SDF_GenerateKeyWithKEK( } key->key_size = uiKeyBits/8; + if (key->key_size == SM4_KEY_SIZE) { + sm4_set_encrypt_key(&key->sm4_enc_key, key->key); + sm4_set_decrypt_key(&key->sm4_dec_key, key->key); + key->sm4_key_cached = 1; + } else { + key->sm4_key_cached = 0; + error_print(); + return SDR_KEYERR; + } + if (rand_bytes(key->key, key->key_size) != 1) { error_print(); free(key); @@ -1390,10 +1420,9 @@ int SDF_ExternalPublicKeyOperation_RSA( error_print(); return SDR_NOTSUPPORT; } - -int SDF_ExternalPrivateKeyOperation_RSA( +int SDF_InternalPublicKeyOperation_RSA( void *hSessionHandle, - RSArefPrivateKey *pucPrivateKey, + unsigned int uiKeyIndex, unsigned char *pucDataInput, unsigned int uiInputLength, unsigned char *pucDataOutput, @@ -1765,8 +1794,8 @@ int SDF_Encrypt( SOFTSDF_SESSION *session; SOFTSDF_KEY *key; SM4_KEY sm4_key; - - if (deviceHandle == NULL) { + if (deviceHandle == NULL) + { error_print(); return SDR_STEPERR; } @@ -1788,6 +1817,7 @@ int SDF_Encrypt( error_print(); return SDR_INARGERR; } + key = session->key_list; while (key != NULL && key != (SOFTSDF_KEY *)hKeyHandle) { key = key->next; @@ -1810,8 +1840,8 @@ int SDF_Encrypt( error_print(); return SDR_INARGERR; } - - switch (uiAlgID) { + switch (uiAlgID) + { case SGD_SM4_CBC: if (pucIV == NULL) { error_print(); @@ -1859,11 +1889,14 @@ int SDF_Encrypt( } // TODO: cache `SM4_KEY` in `SOFTSDF_KEY`, reduce cost of calling `sm4_set_encrypt_key` - sm4_set_encrypt_key(&sm4_key, key->key); + if (!key->sm4_key_cached){ + sm4_set_encrypt_key(&sm4_key, key->key); + key->sm4_key_cached = 1; + } switch (uiAlgID) { case SGD_SM4_CBC: - sm4_cbc_encrypt_blocks(&sm4_key, pucIV, pucData, uiDataLength/16, pucEncData); + sm4_cbc_encrypt_blocks(&sm4_key, pucIV, pucData, uiDataLength/16, pucEncData); break; #if ENALBE_SM4_ECB case SGD_SM4_ECB: @@ -1997,27 +2030,27 @@ int SDF_Decrypt( } // TODO: cache `SM4_KEY` in `SOFTSDF_KEY`, reduce cost of calling `sm4_set_encrypt_key` - +if(key->sm4_key_cached){ switch (uiAlgID) { case SGD_SM4_CBC: - sm4_set_decrypt_key(&sm4_key, key->key); + // sm4_set_decrypt_key(&sm4_key, key->key); sm4_cbc_decrypt_blocks(&sm4_key, pucIV, pucEncData, uiEncDataLength/16, pucData); break; #if ENABLE_SM4_ECB case SGD_SM4_ECB: - sm4_set_decrypt_key(&sm4_key, key->key); + // sm4_set_decrypt_key(&sm4_key, key->key); sm4_encrypt_blocks(&sm4_key, pucEncData, uiEncDataLength/16, pucData); break; #endif #if ENABLE_SM4_CFB case SGD_SM4_CFB: - sm4_set_encrypt_key(&sm4_key, key->key); + // sm4_set_encrypt_key(&sm4_key, key->key); sm4_cfb_decrypt(&sm4_key, SM4_CFB_128, pucIV, pucEncData, uiEncDataLength, pucData); break; #endif #if ENABLE_SM4_OFB case SGD_SM4_OFB: - sm4_set_encrypt_key(&sm4_key, key->key); + // sm4_set_encrypt_key(&sm4_key, key->key); sm4_ofb_encrypt(&sm4_key, pucIV, pucEncData, uiEncDataLength, pucData); break; #endif @@ -2026,6 +2059,11 @@ int SDF_Decrypt( error_print(); return SDR_INARGERR; } +}else{ + error_print(); + // not cached + return SDR_STEPERR; +} gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); @@ -2137,7 +2175,235 @@ int SDF_CalculateMAC( return SDR_OK; } +int SDF_AuthEnc( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthDec( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_EncryptInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned int uiIVLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_EncryptUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_EncryptFinal( + void *hSessionHandle, + unsigned char *pucLastEncData, + unsigned int *puiLastEncDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_DecryptInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned int uiIVLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_DecryptUpdate( + void *hSessionHandle, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_DecryptFinal( + void *hSessionHandle, + unsigned char *pucLastData, + unsigned int *puiLastDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_CalculateMACInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucIV, + unsigned int uiIVLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_CalculateMACUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_CalculateMACFinal( + void *hSessionHandle, + unsigned char *pucMac, + unsigned int *puiMacLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthEncInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned int uiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthEncUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthEncFinal( + void *hSessionHandle, + unsigned char *pucLastEncData, + unsigned int *puiLastEncDataLength, + unsigned char *pucAuthData, + unsigned int *puiAuthDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthDecInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID, + unsigned char *pucStartVar, + unsigned int uiStartVarLength, + unsigned char *pucAad, + unsigned int uiAadLength, + unsigned char *pucAuthData, + unsigned int uiAuthDataLength, + unsigned int uiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthDecUpdate( + void *hSessionHandle, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength + +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_AuthDecFinal( + void *hSessionHandle, + unsigned char *pucLastData, + unsigned int *puiLastDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_HMACInit( + void *hSessionHandle, + void *hKeyHandle, + unsigned int uiAlgID +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_HMACUpdate( + void *hSessionHandle, + unsigned char *pucData, + unsigned int uiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_HMACFinal( + void *hSessionHandle, + unsigned char *pucHMac, + unsigned int *puiHMacLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} int SDF_HashInit( void *hSessionHandle, unsigned int uiAlgID, @@ -2170,10 +2436,14 @@ int SDF_HashInit( return SDR_INARGERR; } - // FIXME: check step or return SDR_STEPERR; + if(session->hash_state != HASH_STATE_NONE && session->hash_state != HASH_STATE_FINAL) + { + return SDR_STEPERR; + } sm3_init(&session->sm3_ctx); - - if (pucPublicKey != NULL) { + session->hash_state = HASH_STATE_INIT; + if (pucPublicKey != NULL) + { SM2_POINT point; SM2_Z256_POINT public_key; @@ -2231,8 +2501,12 @@ int SDF_HashUpdate( error_print(); return SDR_INARGERR; } - + if (session->hash_state != HASH_STATE_INIT && session->hash_state != HASH_STATE_UPDATE) { + error_print(); + return SDR_STEPERR; + } sm3_update(&session->sm3_ctx, pucData, uiDataLength); + session->hash_state = HASH_STATE_UPDATE; return SDR_OK; } @@ -2265,8 +2539,12 @@ int SDF_HashFinal(void *hSessionHandle, error_print(); return SDR_INARGERR; } - + if (session->hash_state != HASH_STATE_UPDATE) { + error_print(); + return SDR_STEPERR; + } sm3_finish(&session->sm3_ctx, pucHash); + session->hash_state = HASH_STATE_FINAL; *puiHashLength = SM3_DIGEST_SIZE; return SDR_OK; @@ -2547,187 +2825,354 @@ int SDF_DeleteFile( return SDR_OK; } +// SDF_InternalEncrypt_ECC 和 SDF_InternalDecrypt_ECC 的功能在GM/T 0018-2023中 +// 被SDF_Encrypt和SDF_Decrypt取代 + +// int SDF_InternalEncrypt_ECC( +// void *hSessionHandle, +// unsigned int uiIPKIndex, +// unsigned int uiAlgID, +// unsigned char *pucData, +// unsigned int uiDataLength, +// ECCCipher *pucEncData) +// { +// SOFTSDF_SESSION *session; +// char filename[FILENAME_MAX_LEN]; +// FILE *file = NULL; +// SM2_KEY sm2_key; +// SM2_CIPHERTEXT ciphertext; + +// if (deviceHandle == NULL) { +// error_print(); +// return SDR_STEPERR; +// } + +// if (!hSessionHandle) { +// error_print(); +// return SDR_INARGERR; +// } +// session = deviceHandle->session_list; +// while (session != NULL && session != hSessionHandle) { +// session = session->next; +// } +// if (session == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// // load public key by uiISKIndex +// snprintf(filename, FILENAME_MAX_LEN, "sm2encpub-%u.pem", uiIPKIndex); +// file = fopen(filename, "rb"); +// if (file == NULL) { +// error_print(); +// return SDR_KEYNOTEXIST; +// } +// if (sm2_public_key_info_from_pem(&sm2_key, file) != 1) { +// error_print(); +// fclose(file); +// return SDR_KEYNOTEXIST; +// } +// fclose(file); + +// // check uiAlgID +// if (uiAlgID != SGD_SM2_3) { +// error_print(); +// return SDR_ALGNOTSUPPORT; +// } + +// if (pucData == NULL) { +// error_print(); +// return SDR_INARGERR; +// } +// if (uiDataLength > SM2_MAX_PLAINTEXT_SIZE) { +// error_print(); +// return SDR_INARGERR; +// } +// if (pucEncData == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// // encrypt +// if (sm2_do_encrypt(&sm2_key, pucData, uiDataLength, &ciphertext) != 1) { +// error_print(); +// return SDR_PKOPERR; +// } +// memset(pucEncData->x, 0, ECCref_MAX_LEN - 32); +// memcpy(pucEncData->x + ECCref_MAX_LEN - 32, ciphertext.point.x, 32); +// memset(pucEncData->y, 0, ECCref_MAX_LEN - 32); +// memcpy(pucEncData->y + ECCref_MAX_LEN - 32, ciphertext.point.y, 32); +// memcpy(pucEncData->M, ciphertext.hash, 32); +// memcpy(pucEncData->C, ciphertext.ciphertext, ciphertext.ciphertext_size); +// pucEncData->L = (unsigned int)ciphertext.ciphertext_size; + +// return SDR_OK; +// } + +// int SDF_InternalDecrypt_ECC( +// void *hSessionHandle, +// unsigned int uiISKIndex, +// unsigned int uiAlgID, +// ECCCipher *pucEncData, +// unsigned char *pucData, +// unsigned int *puiDataLength) +// { +// SOFTSDF_SESSION *session; +// SOFTSDF_CONTAINER *container; +// SM2_CIPHERTEXT ciphertext; +// size_t plaintext_len; + +// if (deviceHandle == NULL) { +// error_print(); +// return SDR_STEPERR; +// } + +// if (!hSessionHandle) { +// error_print(); +// return SDR_INARGERR; +// } +// session = deviceHandle->session_list; +// while (session != NULL && session != hSessionHandle) { +// session = session->next; +// } +// if (session == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// // load public key by uiISKIndex +// container = session->container_list; +// while (container != NULL && container->key_index != uiISKIndex) { +// container = container->next; +// } +// if (container == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// // check uiAlgID +// if (uiAlgID != SGD_SM2_3) { +// error_print(); +// return SDR_ALGNOTSUPPORT; +// } + +// // check ciphertext +// if (pucEncData == NULL) { +// error_print(); +// return SDR_INARGERR; +// } +// if (pucEncData->L > SM2_MAX_PLAINTEXT_SIZE) { +// error_print(); +// return SDR_INARGERR; +// } + +// // convert ECCCipher to SM2_CIPHERTEXT +// if (memcmp(pucEncData->x, zeros, ECCref_MAX_LEN - 32) != 0) { +// error_print(); +// return SDR_INARGERR; +// } +// if (memcmp(pucEncData->y, zeros, ECCref_MAX_LEN - 32) != 0) { +// error_print(); +// return SDR_INARGERR; +// } +// memcpy(ciphertext.point.x, pucEncData->x + ECCref_MAX_LEN - 32, 32); +// memcpy(ciphertext.point.y, pucEncData->y + ECCref_MAX_LEN - 32, 32); +// memcpy(ciphertext.hash, pucEncData->M, 32); +// memcpy(ciphertext.ciphertext, pucEncData->C, pucEncData->L); +// ciphertext.ciphertext_size = pucEncData->L; + +// if (puiDataLength == NULL) { +// error_print(); +// return SDR_INARGERR; +// } + +// if (pucData == NULL) { +// *puiDataLength = pucEncData->L; +// return SDR_OK; +// } + +// if (sm2_do_decrypt(&container->enc_key, &ciphertext, pucData, &plaintext_len) != 1) { +// error_print(); +// return SDR_PKOPERR; +// } + +// *puiDataLength = (unsigned int)plaintext_len; +// return SDR_OK; +// } -int SDF_InternalEncrypt_ECC( - void *hSessionHandle, - unsigned int uiIPKIndex, - unsigned int uiAlgID, - unsigned char *pucData, - unsigned int uiDataLength, - ECCCipher *pucEncData) +int SDF_GenerateKeyPair_RSA( + unsigned int uiKeyBits, + RSArefPublicKey *pucPublicKey, + RSArefPrivateKey *pucPrivateKey +) { - SOFTSDF_SESSION *session; - char filename[FILENAME_MAX_LEN]; - FILE *file = NULL; - SM2_KEY sm2_key; - SM2_CIPHERTEXT ciphertext; - - if (deviceHandle == NULL) { - error_print(); - return SDR_STEPERR; - } - - if (!hSessionHandle) { - error_print(); - return SDR_INARGERR; - } - session = deviceHandle->session_list; - while (session != NULL && session != hSessionHandle) { - session = session->next; - } - if (session == NULL) { - error_print(); - return SDR_INARGERR; - } - - // load public key by uiISKIndex - snprintf(filename, FILENAME_MAX_LEN, "sm2encpub-%u.pem", uiIPKIndex); - file = fopen(filename, "rb"); - if (file == NULL) { - error_print(); - return SDR_KEYNOTEXIST; - } - if (sm2_public_key_info_from_pem(&sm2_key, file) != 1) { - error_print(); - fclose(file); - return SDR_KEYNOTEXIST; - } - fclose(file); - - // check uiAlgID - if (uiAlgID != SGD_SM2_3) { - error_print(); - return SDR_ALGNOTSUPPORT; - } - - if (pucData == NULL) { - error_print(); - return SDR_INARGERR; - } - if (uiDataLength > SM2_MAX_PLAINTEXT_SIZE) { - error_print(); - return SDR_INARGERR; - } - if (pucEncData == NULL) { - error_print(); - return SDR_INARGERR; - } - - // encrypt - if (sm2_do_encrypt(&sm2_key, pucData, uiDataLength, &ciphertext) != 1) { - error_print(); - return SDR_PKOPERR; - } - memset(pucEncData->x, 0, ECCref_MAX_LEN - 32); - memcpy(pucEncData->x + ECCref_MAX_LEN - 32, ciphertext.point.x, 32); - memset(pucEncData->y, 0, ECCref_MAX_LEN - 32); - memcpy(pucEncData->y + ECCref_MAX_LEN - 32, ciphertext.point.y, 32); - memcpy(pucEncData->M, ciphertext.hash, 32); - memcpy(pucEncData->C, ciphertext.ciphertext, ciphertext.ciphertext_size); - pucEncData->L = (unsigned int)ciphertext.ciphertext_size; - - return SDR_OK; + error_print(); + return SDR_NOTSUPPORT; } - -int SDF_InternalDecrypt_ECC( - void *hSessionHandle, - unsigned int uiISKIndex, +int SDF_GenerateKeyPair_ECC( unsigned int uiAlgID, - ECCCipher *pucEncData, - unsigned char *pucData, - unsigned int *puiDataLength) + unsigned int uiKeyBits, + ECCrefPublicKey *pucPublicKey, + ECCrefPrivateKey *pucPrivateKey) { - SOFTSDF_SESSION *session; - SOFTSDF_CONTAINER *container; - SM2_CIPHERTEXT ciphertext; - size_t plaintext_len; - if (deviceHandle == NULL) { - error_print(); - return SDR_STEPERR; - } + SM2_KEY sm2_key; + SM2_POINT public_key; + uint8_t private_key[32]; - if (!hSessionHandle) { - error_print(); - return SDR_INARGERR; - } - session = deviceHandle->session_list; - while (session != NULL && session != hSessionHandle) { - session = session->next; - } - if (session == NULL) { + if (uiAlgID != SGD_SM2_1 && uiAlgID != SGD_SM2_3) { error_print(); return SDR_INARGERR; } - // load public key by uiISKIndex - container = session->container_list; - while (container != NULL && container->key_index != uiISKIndex) { - container = container->next; - } - if (container == NULL) { + if (uiKeyBits != 256) { error_print(); return SDR_INARGERR; } - // check uiAlgID - if (uiAlgID != SGD_SM2_3) { - error_print(); - return SDR_ALGNOTSUPPORT; - } - - // check ciphertext - if (pucEncData == NULL) { - error_print(); - return SDR_INARGERR; - } - if (pucEncData->L > SM2_MAX_PLAINTEXT_SIZE) { + if (pucPublicKey == NULL || pucPrivateKey == NULL) { error_print(); return SDR_INARGERR; } - // convert ECCCipher to SM2_CIPHERTEXT - if (memcmp(pucEncData->x, zeros, ECCref_MAX_LEN - 32) != 0) { - error_print(); - return SDR_INARGERR; - } - if (memcmp(pucEncData->y, zeros, ECCref_MAX_LEN - 32) != 0) { + if (sm2_key_generate(&sm2_key) != 1) { error_print(); - return SDR_INARGERR; + return SDR_GMSSLERR; } - memcpy(ciphertext.point.x, pucEncData->x + ECCref_MAX_LEN - 32, 32); - memcpy(ciphertext.point.y, pucEncData->y + ECCref_MAX_LEN - 32, 32); - memcpy(ciphertext.hash, pucEncData->M, 32); - memcpy(ciphertext.ciphertext, pucEncData->C, pucEncData->L); - ciphertext.ciphertext_size = pucEncData->L; - if (puiDataLength == NULL) { - error_print(); - return SDR_INARGERR; - } + sm2_z256_to_bytes(sm2_key.private_key, private_key); + sm2_z256_point_to_bytes(&sm2_key.public_key, (uint8_t *)&public_key); - if (pucData == NULL) { - *puiDataLength = pucEncData->L; - return SDR_OK; - } + memset(pucPublicKey, 0, sizeof(*pucPublicKey)); + pucPublicKey->bits = 256; + memcpy(pucPublicKey->x + ECCref_MAX_LEN - 32, public_key.x, 32); + memcpy(pucPublicKey->y + ECCref_MAX_LEN - 32, public_key.y, 32); - if (sm2_do_decrypt(&container->enc_key, &ciphertext, pucData, &plaintext_len) != 1) { - error_print(); - return SDR_PKOPERR; - } + memset(pucPrivateKey, 0, sizeof(*pucPrivateKey)); + pucPrivateKey->bits = 256; + memcpy(pucPrivateKey->K + ECCref_MAX_LEN - 32, private_key, 32); - *puiDataLength = (unsigned int)plaintext_len; + memset(&sm2_key, 0, sizeof(sm2_key)); + memset(private_key, 0, sizeof(private_key)); return SDR_OK; } - -int SDF_InternalPublicKeyOperation_RSA( - void *hSessionHandle, - unsigned int uiKeyIndex, - unsigned char *pucDataInput, +int SDF_ExternalPrivateKeyOperation_RSA( + RSArefPrivateKey *pucPrivateKey, + unsigned char *pucDatainput, unsigned int uiInputLength, unsigned char *pucDataOutput, - unsigned int *puiOutputLength) + unsigned int *puiOutputLength +){ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalSign_ECC( + unsigned int uiAlgID, + ECCrefPrivateKey *pucPrivateKey, + unsigned char *pucDataInput, + unsigned int uiInputLength, + ECCSignature *pucSignature +) { error_print(); return SDR_NOTSUPPORT; } +int SDF_ExternalDecrypt_ECC( + unsigned int uiAlgID, + ECCrefPrivateKey *pucPrivateKey, + ECCCipher *pucEncData, + unsigned char *pucData, + unsigned int *uiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalSign_SM9( + SM9SignMasterPublicKey *pSignMasterPublicKey, + SM9SignUserPrivateKey *pSignUserPrivateKey, + unsigned char *pucData, + unsigned int uiDataLength, + SM9Signature *pSignature +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalDecrypt_SM9( + SM9EncUserPrivateKey *pEncUserPrivateKey, + unsigned char *pucUserID, + unsigned int uiUserIDLen, + unsigned char *pucIV, + unsigned char *pucData, + unsigned int uiDataLength, + SM9Cipher *pEncData +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalKeyEncrypt( + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength, + unsigned char *pucData, + unsigned int uiDataLength, + unsigned char *pucEncData, + unsigned int *puiEncDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalKeyDecrypt( + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength, + unsigned char *pucEncData, + unsigned int uiEncDataLength, + unsigned char *pucData, + unsigned int *puiDataLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalKeyEncryptInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalKeyDecryptInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength, + unsigned char *pucIV, + unsigned int uiIVLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} +int SDF_ExternalKeyHMACInit( + void *hSessionHandle, + unsigned int uiAlgID, + unsigned char *pucKey, + unsigned int uiKeyLength +) +{ + error_print(); + return SDR_NOTSUPPORT; +} \ No newline at end of file diff --git a/softsdf.exp b/softsdf.exp index 76dc303..3d126a5 100644 --- a/softsdf.exp +++ b/softsdf.exp @@ -1,47 +1,73 @@ -_SDF_OpenDevice -_SDF_CloseDevice -_SDF_OpenSession -_SDF_CloseSession -_SDF_GetDeviceInfo -_SDF_GenerateRandom -_SDF_GetPrivateKeyAccessRight -_SDF_ReleasePrivateKeyAccessRight -_SDF_ExportSignPublicKey_RSA -_SDF_ExportEncPublicKey_RSA -_SDF_GenerateKeyPair_RSA -_SDF_GenerateKeyWithIPK_RSA -_SDF_GenerateKeyWithEPK_RSA -_SDF_ImportKeyWithISK_RSA -_SDF_ExchangeDigitEnvelopeBaseOnRSA -_SDF_ExportSignPublicKey_ECC -_SDF_ExportEncPublicKey_ECC -_SDF_GenerateKeyPair_ECC -_SDF_GenerateKeyWithIPK_ECC -_SDF_GenerateKeyWithEPK_ECC -_SDF_ImportKeyWithISK_ECC -_SDF_GenerateAgreementDataWithECC -_SDF_GenerateKeyWithECC -_SDF_GenerateAgreementDataAndKeyWithECC -_SDF_ExchangeDigitEnvelopeBaseOnECC -_SDF_GenerateKeyWithKEK -_SDF_ImportKeyWithKEK -_SDF_DestroyKey -_SDF_ExternalPublicKeyOperation_RSA -_SDF_InternalPublicKeyOperation_RSA -_SDF_InternalPrivateKeyOperation_RSA -_SDF_ExternalVerify_ECC -_SDF_InternalSign_ECC -_SDF_InternalVerify_ECC -_SDF_ExternalEncrypt_ECC -_SDF_InternalEncrypt_ECC -_SDF_InternalDecrypt_ECC -_SDF_Encrypt -_SDF_Decrypt -_SDF_CalculateMAC -_SDF_HashInit -_SDF_HashUpdate -_SDF_HashFinal -_SDF_CreateFile -_SDF_ReadFile -_SDF_WriteFile -_SDF_DeleteFile +_SDF_OpenDevice +_SDF_CloseDevice +_SDF_OpenSession +_SDF_CloseSession +_SDF_GetDeviceInfo +_SDF_GenerateRandom +_SDF_GetPrivateKeyAccessRight +_SDF_ReleasePrivateKeyAccessRight +_SDF_ExportSignPublicKey_RSA +_SDF_ExportEncPublicKey_RSA +_SDF_GenerateKeyWithIPK_RSA +_SDF_GenerateKeyWithEPK_RSA +_SDF_ImportKeyWithISK_RSA +_SDF_ExportSignPublicKey_ECC +_SDF_ExportEncPublicKey_ECC +_SDF_GenerateKeyWithIPK_ECC +_SDF_GenerateKeyWithEPK_ECC +_SDF_ImportKeyWithISK_ECC +_SDF_GenerateAgreementDataWithECC +_SDF_GenerateKeyWithECC +_SDF_GenerateAgreementDataAndKeyWithECC +_SDF_GenerateKeyWithKEK +_SDF_ImportKeyWithKEK +_SDF_DestroyKey +_SDF_ExternalPublicKeyOperation_RSA +_SDF_InternalPublicKeyOperation_RSA +_SDF_InternalPrivateKeyOperation_RSA +_SDF_ExternalVerify_ECC +_SDF_InternalSign_ECC +_SDF_InternalVerify_ECC +_SDF_ExternalEncrypt_ECC +_SDF_Encrypt +_SDF_Decrypt +_SDF_CalculateMAC +_SDF_AuthEnc +_SDF_AuthDec +_SDF_EncryptInit +_SDF_EncryptUpdate +_SDF_EncryptFinal +_SDF_DecryptInit +_SDF_DecryptUpdate +_SDF_DecryptFinal +_SDF_CalculateMACInit +_SDF_CalculateMACUpdate +_SDF_CalculateMACFinal +_SDF_AuthEncInit +_SDF_AuthEncUpdate +_SDF_AuthEncFinal +_SDF_AuthDecInit +_SDF_AuthDecUpdate +_SDF_AuthDecFinal +_SDF_HMACInit +_SDF_HMACUpdate +_SDF_HMACFinal +_SDF_HashInit +_SDF_HashUpdate +_SDF_HashFinal +_SDF_CreateFile +_SDF_ReadFile +_SDF_WriteFile +_SDF_DeleteFile +_SDF_GenerateKeyPair_RSA +_SDF_GenerateKeyPair_ECC +_SDF_ExternalPrivateKeyOperation_RSA +_SDF_ExternalSign_ECC +_SDF_ExternalDecrypt_ECC +_SDF_ExternalSign_SM9 +_SDF_ExternalDecrypt_SM9 +_SDF_ExternalKeyEncrypt +_SDF_ExternalKeyDecrypt +_SDF_ExternalKeyEncryptInit +_SDF_ExternalKeyDecryptInit +_SDF_ExternalKeyHMACInit \ No newline at end of file diff --git a/softsdf.lds b/softsdf.lds index 29bc652..61834e3 100644 --- a/softsdf.lds +++ b/softsdf.lds @@ -1,51 +1,77 @@ { global: - SDF_OpenDevice; - SDF_CloseDevice; - SDF_OpenSession; - SDF_CloseSession; - SDF_GetDeviceInfo; - SDF_GenerateRandom; - SDF_GetPrivateKeyAccessRight; - SDF_ReleasePrivateKeyAccessRight; - SDF_ExportSignPublicKey_RSA; - SDF_ExportEncPublicKey_RSA; - SDF_GenerateKeyPair_RSA; - SDF_GenerateKeyWithIPK_RSA; - SDF_GenerateKeyWithEPK_RSA; - SDF_ImportKeyWithISK_RSA; - SDF_ExchangeDigitEnvelopeBaseOnRSA; - SDF_ExportSignPublicKey_ECC; - SDF_ExportEncPublicKey_ECC; - SDF_GenerateKeyPair_ECC; - SDF_GenerateKeyWithIPK_ECC; - SDF_GenerateKeyWithEPK_ECC; - SDF_ImportKeyWithISK_ECC; - SDF_GenerateAgreementDataWithECC; - SDF_GenerateKeyWithECC; - SDF_GenerateAgreementDataAndKeyWithECC; - SDF_ExchangeDigitEnvelopeBaseOnECC; - SDF_GenerateKeyWithKEK; - SDF_ImportKeyWithKEK; - SDF_DestroyKey; - SDF_ExternalPublicKeyOperation_RSA; - SDF_InternalPublicKeyOperation_RSA; - SDF_InternalPrivateKeyOperation_RSA; - SDF_ExternalVerify_ECC; - SDF_InternalSign_ECC; - SDF_InternalVerify_ECC; - SDF_ExternalEncrypt_ECC; - SDF_InternalEncrypt_ECC; - SDF_InternalDecrypt_ECC; - SDF_Encrypt; - SDF_Decrypt; - SDF_CalculateMAC; - SDF_HashInit; - SDF_HashUpdate; - SDF_HashFinal; - SDF_CreateFile; - SDF_ReadFile; - SDF_WriteFile; - SDF_DeleteFile; + SDF_OpenDevice; + SDF_CloseDevice; + SDF_OpenSession; + SDF_CloseSession; + SDF_GetDeviceInfo; + SDF_GenerateRandom; + SDF_GetPrivateKeyAccessRight; + SDF_ReleasePrivateKeyAccessRight; + SDF_ExportSignPublicKey_RSA; + SDF_ExportEncPublicKey_RSA; + SDF_GenerateKeyWithIPK_RSA; + SDF_GenerateKeyWithEPK_RSA; + SDF_ImportKeyWithISK_RSA; + SDF_ExportSignPublicKey_ECC; + SDF_ExportEncPublicKey_ECC; + SDF_GenerateKeyWithIPK_ECC; + SDF_GenerateKeyWithEPK_ECC; + SDF_ImportKeyWithISK_ECC; + SDF_GenerateAgreementDataWithECC; + SDF_GenerateKeyWithECC; + SDF_GenerateAgreementDataAndKeyWithECC; + SDF_GenerateKeyWithKEK; + SDF_ImportKeyWithKEK; + SDF_DestroyKey; + SDF_ExternalPublicKeyOperation_RSA; + SDF_InternalPublicKeyOperation_RSA; + SDF_InternalPrivateKeyOperation_RSA; + SDF_ExternalVerify_ECC; + SDF_InternalSign_ECC; + SDF_InternalVerify_ECC; + SDF_ExternalEncrypt_ECC; + SDF_Encrypt; + SDF_Decrypt; + SDF_CalculateMAC; + SDF_AuthEnc; + SDF_AuthDec; + SDF_EncryptInit; + SDF_EncryptUpdate; + SDF_EncryptFinal; + SDF_DecryptInit; + SDF_DecryptUpdate; + SDF_DecryptFinal; + SDF_CalculateMACInit; + SDF_CalculateMACUpdate; + SDF_CalculateMACFinal; + SDF_AuthEncInit; + SDF_AuthEncUpdate; + SDF_AuthEncFinal; + SDF_AuthDecInit; + SDF_AuthDecUpdate; + SDF_AuthDecFinal; + SDF_HMACInit; + SDF_HMACUpdate; + SDF_HMACFinal; + SDF_HashInit; + SDF_HashUpdate; + SDF_HashFinal; + SDF_CreateFile; + SDF_ReadFile; + SDF_WriteFile; + SDF_DeleteFile; + SDF_GenerateKeyPair_RSA; + SDF_GenerateKeyPair_ECC; + SDF_ExternalPrivateKeyOperation_RSA; + SDF_ExternalSign_ECC; + SDF_ExternalDecrypt_ECC; + SDF_ExternalSign_SM9; + SDF_ExternalDecrypt_SM9; + SDF_ExternalKeyEncrypt; + SDF_ExternalKeyDecrypt; + SDF_ExternalKeyEncryptInit; + SDF_ExternalKeyDecryptInit; + SDF_ExternalKeyHMACInit; local: *; -}; +}; \ No newline at end of file