The branch master has been updated via c2ee608a234340aa735f894f8d84ead0ce58286e (commit) from d8f6c533cfcbcad350c9cfb2c112eb9f938ba83c (commit)
- Log ----------------------------------------------------------------- commit c2ee608a234340aa735f894f8d84ead0ce58286e Author: Tianjia Zhang <tianjia.zh...@linux.alibaba.com> Date: Wed Sep 1 16:54:15 2021 +0800 providers: Add SM4 GCM implementation The GCM mode of the SM4 algorithm is specifieded by RFC8998. Signed-off-by: Tianjia Zhang <tianjia.zh...@linux.alibaba.com> Reviewed-by: Paul Yang <kaishen...@antfin.com> Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16491) ----------------------------------------------------------------------- Summary of changes: providers/defltprov.c | 2 + providers/implementations/ciphers/build.info | 4 +- providers/implementations/ciphers/cipher_sm4_ccm.c | 39 ++++++++++++++++++++ .../{cipher_aria_ccm.h => cipher_sm4_ccm.h} | 14 +++---- .../{cipher_aria_ccm_hw.c => cipher_sm4_ccm_hw.c} | 25 +++++++------ providers/implementations/ciphers/cipher_sm4_gcm.c | 40 ++++++++++++++++++++ .../{cipher_aria_gcm.h => cipher_sm4_gcm.h} | 12 +++--- .../implementations/ciphers/cipher_sm4_gcm_hw.c | 43 ++++++++++++++++++++++ .../implementations/include/prov/implementations.h | 2 + providers/implementations/include/prov/names.h | 2 + test/recipes/30-test_evp_data/evpciph_sm4.txt | 20 ++++++++++ 11 files changed, 177 insertions(+), 26 deletions(-) create mode 100644 providers/implementations/ciphers/cipher_sm4_ccm.c copy providers/implementations/ciphers/{cipher_aria_ccm.h => cipher_sm4_ccm.h} (58%) copy providers/implementations/ciphers/{cipher_aria_ccm_hw.c => cipher_sm4_ccm_hw.c} (50%) create mode 100644 providers/implementations/ciphers/cipher_sm4_gcm.c copy providers/implementations/ciphers/{cipher_aria_gcm.h => cipher_sm4_gcm.h} (65%) create mode 100644 providers/implementations/ciphers/cipher_sm4_gcm_hw.c diff --git a/providers/defltprov.c b/providers/defltprov.c index e6c0b24658..ed4573cb8d 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -289,6 +289,8 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = { ALG(PROV_NAMES_DES_EDE_CFB, ossl_tdes_ede2_cfb_functions), #endif /* OPENSSL_NO_DES */ #ifndef OPENSSL_NO_SM4 + ALG(PROV_NAMES_SM4_GCM, ossl_sm4128gcm_functions), + ALG(PROV_NAMES_SM4_CCM, ossl_sm4128ccm_functions), ALG(PROV_NAMES_SM4_ECB, ossl_sm4128ecb_functions), ALG(PROV_NAMES_SM4_CBC, ossl_sm4128cbc_functions), ALG(PROV_NAMES_SM4_CTR, ossl_sm4128ctr_functions), diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info index e4c5f4f051..b5d9d4f6c1 100644 --- a/providers/implementations/ciphers/build.info +++ b/providers/implementations/ciphers/build.info @@ -105,7 +105,9 @@ ENDIF IF[{- !$disabled{sm4} -}] SOURCE[$SM4_GOAL]=\ - cipher_sm4.c cipher_sm4_hw.c + cipher_sm4.c cipher_sm4_hw.c \ + cipher_sm4_gcm.c cipher_sm4_gcm_hw.c \ + cipher_sm4_ccm.c cipher_sm4_ccm_hw.c ENDIF IF[{- !$disabled{ocb} -}] diff --git a/providers/implementations/ciphers/cipher_sm4_ccm.c b/providers/implementations/ciphers/cipher_sm4_ccm.c new file mode 100644 index 0000000000..f0295a5ca2 --- /dev/null +++ b/providers/implementations/ciphers/cipher_sm4_ccm.c @@ -0,0 +1,39 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Dispatch functions for SM4 CCM mode */ + +#include "cipher_sm4_ccm.h" +#include "prov/implementations.h" +#include "prov/providercommon.h" + +static OSSL_FUNC_cipher_freectx_fn sm4_ccm_freectx; + +static void *sm4_ccm_newctx(void *provctx, size_t keybits) +{ + PROV_SM4_CCM_CTX *ctx; + + if (!ossl_prov_is_running()) + return NULL; + + ctx = OPENSSL_zalloc(sizeof(*ctx)); + if (ctx != NULL) + ossl_ccm_initctx(&ctx->base, keybits, ossl_prov_sm4_hw_ccm(keybits)); + return ctx; +} + +static void sm4_ccm_freectx(void *vctx) +{ + PROV_SM4_CCM_CTX *ctx = (PROV_SM4_CCM_CTX *)vctx; + + OPENSSL_clear_free(ctx, sizeof(*ctx)); +} + +/* sm4128ccm functions */ +IMPLEMENT_aead_cipher(sm4, ccm, CCM, AEAD_FLAGS, 128, 8, 96); diff --git a/providers/implementations/ciphers/cipher_aria_ccm.h b/providers/implementations/ciphers/cipher_sm4_ccm.h similarity index 58% copy from providers/implementations/ciphers/cipher_aria_ccm.h copy to providers/implementations/ciphers/cipher_sm4_ccm.h index 558da4973f..189e71e9e4 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm.h +++ b/providers/implementations/ciphers/cipher_sm4_ccm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,16 +7,16 @@ * https://www.openssl.org/source/license.html */ -#include "crypto/aria.h" +#include "crypto/sm4.h" #include "prov/ciphercommon.h" #include "prov/ciphercommon_ccm.h" -typedef struct prov_aria_ccm_ctx_st { +typedef struct prov_sm4_ccm_ctx_st { PROV_CCM_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; - ARIA_KEY ks; - } ks; /* ARIA key schedule to use */ -} PROV_ARIA_CCM_CTX; + SM4_KEY ks; + } ks; /* SM4 key schedule to use */ +} PROV_SM4_CCM_CTX; -const PROV_CCM_HW *ossl_prov_aria_hw_ccm(size_t keylen); +const PROV_CCM_HW *ossl_prov_sm4_hw_ccm(size_t keylen); diff --git a/providers/implementations/ciphers/cipher_aria_ccm_hw.c b/providers/implementations/ciphers/cipher_sm4_ccm_hw.c similarity index 50% copy from providers/implementations/ciphers/cipher_aria_ccm_hw.c copy to providers/implementations/ciphers/cipher_sm4_ccm_hw.c index e56ec8fb08..791daf3e46 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm_hw.c +++ b/providers/implementations/ciphers/cipher_sm4_ccm_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,33 +8,34 @@ */ /*- - * Generic support for ARIA CCM. + * Generic support for SM4 CCM. */ -#include "cipher_aria_ccm.h" +#include "cipher_sm4_ccm.h" -static int ccm_aria_initkey(PROV_CCM_CTX *ctx, - const unsigned char *key, size_t keylen) +static int ccm_sm4_initkey(PROV_CCM_CTX *ctx, + const unsigned char *key, size_t keylen) { - PROV_ARIA_CCM_CTX *actx = (PROV_ARIA_CCM_CTX *)ctx; + PROV_SM4_CCM_CTX *actx = (PROV_SM4_CCM_CTX *)ctx; - ossl_aria_set_encrypt_key(key, keylen * 8, &actx->ks.ks); + ossl_sm4_set_key(key, &actx->ks.ks); CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ks.ks, - (block128_f)ossl_aria_encrypt); + (block128_f)ossl_sm4_encrypt); ctx->str = NULL; ctx->key_set = 1; return 1; } -static const PROV_CCM_HW ccm_aria = { - ccm_aria_initkey, +static const PROV_CCM_HW ccm_sm4 = { + ccm_sm4_initkey, ossl_ccm_generic_setiv, ossl_ccm_generic_setaad, ossl_ccm_generic_auth_encrypt, ossl_ccm_generic_auth_decrypt, ossl_ccm_generic_gettag }; -const PROV_CCM_HW *ossl_prov_aria_hw_ccm(size_t keybits) + +const PROV_CCM_HW *ossl_prov_sm4_hw_ccm(size_t keybits) { - return &ccm_aria; + return &ccm_sm4; } diff --git a/providers/implementations/ciphers/cipher_sm4_gcm.c b/providers/implementations/ciphers/cipher_sm4_gcm.c new file mode 100644 index 0000000000..7a936f00ee --- /dev/null +++ b/providers/implementations/ciphers/cipher_sm4_gcm.c @@ -0,0 +1,40 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Dispatch functions for SM4 GCM mode */ + +#include "cipher_sm4_gcm.h" +#include "prov/implementations.h" +#include "prov/providercommon.h" + +static OSSL_FUNC_cipher_freectx_fn sm4_gcm_freectx; + +static void *sm4_gcm_newctx(void *provctx, size_t keybits) +{ + PROV_SM4_GCM_CTX *ctx; + + if (!ossl_prov_is_running()) + return NULL; + + ctx = OPENSSL_zalloc(sizeof(*ctx)); + if (ctx != NULL) + ossl_gcm_initctx(provctx, &ctx->base, keybits, + ossl_prov_sm4_hw_gcm(keybits)); + return ctx; +} + +static void sm4_gcm_freectx(void *vctx) +{ + PROV_SM4_GCM_CTX *ctx = (PROV_SM4_GCM_CTX *)vctx; + + OPENSSL_clear_free(ctx, sizeof(*ctx)); +} + +/* ossl_sm4128gcm_functions */ +IMPLEMENT_aead_cipher(sm4, gcm, GCM, AEAD_FLAGS, 128, 8, 96); diff --git a/providers/implementations/ciphers/cipher_aria_gcm.h b/providers/implementations/ciphers/cipher_sm4_gcm.h similarity index 65% copy from providers/implementations/ciphers/cipher_aria_gcm.h copy to providers/implementations/ciphers/cipher_sm4_gcm.h index 6251e8322f..2b6b5f3ece 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm.h +++ b/providers/implementations/ciphers/cipher_sm4_gcm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,16 +7,16 @@ * https://www.openssl.org/source/license.html */ -#include "crypto/aria.h" +#include "crypto/sm4.h" #include "prov/ciphercommon.h" #include "prov/ciphercommon_gcm.h" -typedef struct prov_aria_gcm_ctx_st { +typedef struct prov_sm4_gcm_ctx_st { PROV_GCM_CTX base; /* must be first entry in struct */ union { OSSL_UNION_ALIGN; - ARIA_KEY ks; + SM4_KEY ks; } ks; -} PROV_ARIA_GCM_CTX; +} PROV_SM4_GCM_CTX; -const PROV_GCM_HW *ossl_prov_aria_hw_gcm(size_t keybits); +const PROV_GCM_HW *ossl_prov_sm4_hw_gcm(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_sm4_gcm_hw.c b/providers/implementations/ciphers/cipher_sm4_gcm_hw.c new file mode 100644 index 0000000000..6bcd1ec406 --- /dev/null +++ b/providers/implementations/ciphers/cipher_sm4_gcm_hw.c @@ -0,0 +1,43 @@ +/* + * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/*- + * Generic support for SM4 GCM. + */ + +#include "cipher_sm4_gcm.h" + +static int sm4_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key, + size_t keylen) +{ + PROV_SM4_GCM_CTX *actx = (PROV_SM4_GCM_CTX *)ctx; + SM4_KEY *ks = &actx->ks.ks; + + ctx->ks = ks; + ossl_sm4_set_key(key, ks); + CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)ossl_sm4_encrypt); + ctx->ctr = (ctr128_f)NULL; + ctx->key_set = 1; + + return 1; +} + +static const PROV_GCM_HW sm4_gcm = { + sm4_gcm_initkey, + ossl_gcm_setiv, + ossl_gcm_aad_update, + ossl_gcm_cipher_update, + ossl_gcm_cipher_final, + ossl_gcm_one_shot +}; + +const PROV_GCM_HW *ossl_prov_sm4_hw_gcm(size_t keybits) +{ + return &sm4_gcm; +} diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 66817fa104..cb1b7925c5 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -177,6 +177,8 @@ extern const OSSL_DISPATCH ossl_seed128ofb128_functions[]; extern const OSSL_DISPATCH ossl_seed128cfb128_functions[]; #endif /* OPENSSL_NO_SEED */ #ifndef OPENSSL_NO_SM4 +extern const OSSL_DISPATCH ossl_sm4128gcm_functions[]; +extern const OSSL_DISPATCH ossl_sm4128ccm_functions[]; extern const OSSL_DISPATCH ossl_sm4128ecb_functions[]; extern const OSSL_DISPATCH ossl_sm4128cbc_functions[]; extern const OSSL_DISPATCH ossl_sm4128ctr_functions[]; diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index 62aa7bd725..97cbae70f1 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -162,6 +162,8 @@ #define PROV_NAMES_SM4_CTR "SM4-CTR:1.2.156.10197.1.104.7" #define PROV_NAMES_SM4_OFB "SM4-OFB:SM4-OFB128:1.2.156.10197.1.104.3" #define PROV_NAMES_SM4_CFB "SM4-CFB:SM4-CFB128:1.2.156.10197.1.104.4" +#define PROV_NAMES_SM4_GCM "SM4-GCM:1.2.156.10197.1.104.8" +#define PROV_NAMES_SM4_CCM "SM4-CCM:1.2.156.10197.1.104.9" #define PROV_NAMES_ChaCha20 "ChaCha20" #define PROV_NAMES_ChaCha20_Poly1305 "ChaCha20-Poly1305" #define PROV_NAMES_CAST5_ECB "CAST5-ECB" diff --git a/test/recipes/30-test_evp_data/evpciph_sm4.txt b/test/recipes/30-test_evp_data/evpciph_sm4.txt index ec8a45bd3f..9fb16ca15c 100644 --- a/test/recipes/30-test_evp_data/evpciph_sm4.txt +++ b/test/recipes/30-test_evp_data/evpciph_sm4.txt @@ -36,3 +36,23 @@ Key = 0123456789ABCDEFFEDCBA9876543210 IV = 0123456789ABCDEFFEDCBA9876543210 Plaintext = AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCCDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEFFFFFFFFFFFFFFFFEEEEEEEEEEEEEEEEAAAAAAAAAAAAAAAA Ciphertext = C2B4759E78AC3CF43D0852F4E8D5F9FD7256E8A5FCB65A350EE00630912E44492A0B17E1B85B060D0FBA612D8A95831638B361FD5FFACD942F081485A83CA35D + +Title = SM4 GCM test vectors from RFC8998 + +Cipher = SM4-GCM +Key = 0123456789abcdeffedcba9876543210 +IV = 00001234567800000000abcd +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 83de3541e4c2b58177e065a9bf7b62ec +Plaintext = aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbccccccccccccccccddddddddddddddddeeeeeeeeeeeeeeeeffffffffffffffffeeeeeeeeeeeeeeeeaaaaaaaaaaaaaaaa +Ciphertext = 17f399f08c67d5ee19d0dc9969c4bb7d5fd46fd3756489069157b282bb200735d82710ca5c22f0ccfa7cbf93d496ac15a56834cbcf98c397b4024a2691233b8d + +Title = SM4 CCM test vectors from RFC8998 + +Cipher = SM4-CCM +Key = 0123456789abcdeffedcba9876543210 +IV = 00001234567800000000abcd +AAD = feedfacedeadbeeffeedfacedeadbeefabaddad2 +Tag = 16842d4fa186f56ab33256971fa110f4 +Plaintext = aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbccccccccccccccccddddddddddddddddeeeeeeeeeeeeeeeeffffffffffffffffeeeeeeeeeeeeeeeeaaaaaaaaaaaaaaaa +Ciphertext = 48af93501fa62adbcd414cce6034d895dda1bf8f132f042098661572e7483094fd12e518ce062c98acee28d95df4416bed31a2f04476c18bb40c84a74b97dc5b