Re-organize SM4/GCM related source files

CMakeLists.txt

@@ -49,7 +49,6 @@ set(src
 	src/pbkdf2.c
 	src/gf128.c
 	src/ghash.c
-	src/gcm.c
 	src/sm4_cbc_sm3_hmac.c
 	src/sm4_ctr_sm3_hmac.c
 	src/pkcs8.c
@@ -137,6 +136,7 @@ set(tools
 set(tests
 	sm4
 	sm3
+	sm4_sm3_hmac
 #	sm2
 	sm2_z256
 	sm2_sign
@@ -151,8 +151,7 @@ set(tests
 	hkdf
 	pbkdf2
 	gf128
-	gcm
-	aead
+	ghash
 	pkcs8
 	ec
 	asn1

include/gmssl/ghash.h

@@ -25,7 +25,6 @@ extern "C" {
 #define GHASH_SIZE		(16)
 
 
-
 void ghash(const uint8_t h[16], const uint8_t *aad, size_t aadlen,
 	const uint8_t *c, size_t clen, uint8_t out[16]);
 

include/gmssl/aead.h → include/gmssl/sm4_cbc_sm3_hmac.h

@@ -1,20 +1,19 @@
 /*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
  *
  *  http://www.apache.org/licenses/LICENSE-2.0
  */
 
-#ifndef GMSSL_AEAD_H
-#define GMSSL_AEAD_H
+#ifndef GMSSL_SM4_CBC_SM3_HMAC_H
+#define GMSSL_SM4_CBC_SM3_HMAC_H
 
 #include <string.h>
 #include <stdint.h>
-#include <gmssl/sm3.h>
 #include <gmssl/sm4.h>
-#include <gmssl/gcm.h>
+#include <gmssl/sm3.h>
 #include <gmssl/api.h>
 
 #ifdef __cplusplus
@@ -48,35 +47,6 @@ _gmssl_export int sm4_cbc_sm3_hmac_decrypt_finish(SM4_CBC_SM3_HMAC_CTX *ctx,
 	uint8_t *out, size_t *outlen);
 
 
-typedef struct {
-	SM4_CTR_CTX enc_ctx;
-	SM3_HMAC_CTX mac_ctx;
-	uint8_t mac[SM3_HMAC_SIZE];
-	size_t maclen;
-} SM4_CTR_SM3_HMAC_CTX;
-
-#define SM4_CTR_SM3_HMAC_KEY_SIZE 48
-#define SM4_CTR_SM3_HMAC_IV_SIZE  16
-
-_gmssl_export int sm4_ctr_sm3_hmac_encrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
-	const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen,
-	const uint8_t *aad, size_t aadlen);
-_gmssl_export int sm4_ctr_sm3_hmac_encrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx,
-	const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
-_gmssl_export int sm4_ctr_sm3_hmac_encrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx,
-	uint8_t *out, size_t *outlen);
-_gmssl_export int sm4_ctr_sm3_hmac_decrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
-	const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen,
-	const uint8_t *aad, size_t aadlen);
-_gmssl_export int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx,
-	const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
-_gmssl_export int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx,
-	uint8_t *out, size_t *outlen);
-
-
-
-
-
 #ifdef __cplusplus
 }
 #endif

include/gmssl/sm4_ctr_sm3_hmac.h

@@ -0,0 +1,53 @@
+/*
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+#ifndef GMSSL_SM4_CTR_SM3_HMAC_H
+#define GMSSL_SM4_CTR_SM3_HMAC_H
+
+#include <string.h>
+#include <stdint.h>
+#include <gmssl/sm4.h>
+#include <gmssl/sm3.h>
+#include <gmssl/api.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct {
+	SM4_CTR_CTX enc_ctx;
+	SM3_HMAC_CTX mac_ctx;
+	uint8_t mac[SM3_HMAC_SIZE];
+	size_t maclen;
+} SM4_CTR_SM3_HMAC_CTX;
+
+#define SM4_CTR_SM3_HMAC_KEY_SIZE 48
+#define SM4_CTR_SM3_HMAC_IV_SIZE  16
+
+_gmssl_export int sm4_ctr_sm3_hmac_encrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
+	const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen,
+	const uint8_t *aad, size_t aadlen);
+_gmssl_export int sm4_ctr_sm3_hmac_encrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx,
+	const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
+_gmssl_export int sm4_ctr_sm3_hmac_encrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx,
+	uint8_t *out, size_t *outlen);
+_gmssl_export int sm4_ctr_sm3_hmac_decrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
+	const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen,
+	const uint8_t *aad, size_t aadlen);
+_gmssl_export int sm4_ctr_sm3_hmac_decrypt_update(SM4_CTR_SM3_HMAC_CTX *ctx,
+	const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen);
+_gmssl_export int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx,
+	uint8_t *out, size_t *outlen);
+
+
+#ifdef __cplusplus
+}
+#endif
+#endif

src/gf128.c

@@ -111,7 +111,6 @@ void gf128_mul(gf128_t r, const gf128_t a, const gf128_t b)
 	uint64_t r1 = 0;
 	int i;
 
-
 	for (i = 0; i < 64; i++) {
 		if (r1 & mask) {
 			r1 = r1 << 1 | r0 >> 63;

src/ghash.c

@@ -13,9 +13,7 @@
 #include <stdlib.h>
 #include <assert.h>
 #include <gmssl/mem.h>
-#include <gmssl/gf128.h>
 #include <gmssl/ghash.h>
-#include <gmssl/oid.h>
 #include <gmssl/error.h>
 #include <gmssl/endian.h>
 
@@ -79,11 +77,10 @@ void ghash(const uint8_t h[16], const uint8_t *aad, size_t aadlen, const uint8_t
 	}
 
 	gf128_add(X, X, L);
-	gf128_mul(H, H, X);
+	gf128_mul(H, X, H); // clear secrets in H
 	gf128_to_bytes(H, out);
 }
 
-
 void ghash_init(GHASH_CTX *ctx, const uint8_t h[16], const uint8_t *aad, size_t aadlen)
 {
 	gf128_t A;

src/sm4_cbc_sm3_hmac.c

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
@@ -11,9 +11,8 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#include <gmssl/sm4.h>
+#include <gmssl/sm4_cbc_sm3_hmac.h>
 #include <gmssl/mem.h>
-#include <gmssl/aead.h>
 #include <gmssl/error.h>
 
 

src/sm4_ctr_sm3_hmac.c

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
@@ -11,13 +11,11 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#include <gmssl/sm4.h>
+#include <gmssl/sm4_ctr_sm3_hmac.h>
 #include <gmssl/mem.h>
-#include <gmssl/aead.h>
 #include <gmssl/error.h>
 
 
-
 int sm4_ctr_sm3_hmac_encrypt_init(SM4_CTR_SM3_HMAC_CTX *ctx,
 	const uint8_t *key, size_t keylen, const uint8_t *iv, size_t ivlen,
 	const uint8_t *aad, size_t aadlen)
@@ -179,13 +177,3 @@ int sm4_ctr_sm3_hmac_decrypt_finish(SM4_CTR_SM3_HMAC_CTX *ctx, uint8_t *out, siz
 	ctx->maclen = 0;
 	return 1;
 }
-
-static void ctr_incr(uint8_t a[16])
-{
-	int i;
-	for (i = 15; i >= 0; i--) {
-		a[i]++;
-		if (a[i]) break;
-	}
-}
-

src/tls13.c

@@ -22,7 +22,6 @@
 #include <gmssl/pem.h>
 #include <gmssl/tls.h>
 #include <gmssl/digest.h>
-#include <gmssl/gcm.h>
 #include <gmssl/hmac.h>
 #include <gmssl/hkdf.h>
 #include <gmssl/mem.h>
@@ -45,6 +44,53 @@ static int tls13_client_hello_exts[] = {
 	TLS_extension_padding,
 };
 
+// FIXME: remove block_cipher.h
+int gcm_encrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen,
+	const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
+	uint8_t *out, size_t taglen, uint8_t *tag)
+{
+	if (key->cipher == BLOCK_CIPHER_sm4()) {
+		if (sm4_gcm_encrypt(&(key->u.sm4_key), iv, ivlen, aad, aadlen,  in, inlen, out, taglen, tag) != 1) {
+			error_print();
+			return -1;
+		}
+#ifdef ENABLE_AES
+	} else if (key->cipher == BLOCK_CIPHER_aes128()) {
+		if (aes_gcm_encrypt(&(key->u.aes_key), iv, ivlen, aad, aadlen,  in, inlen, out, taglen, tag) != 1) {
+			error_print();
+			return -1;
+		}
+#endif
+	} else {
+		error_print();
+		return -1;
+	}
+	return 1;
+}
+
+int gcm_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t *iv, size_t ivlen,
+	const uint8_t *aad, size_t aadlen, const uint8_t *in, size_t inlen,
+	const uint8_t *tag, size_t taglen, uint8_t *out)
+{
+	if (key->cipher == BLOCK_CIPHER_sm4()) {
+		if (sm4_gcm_decrypt(&(key->u.sm4_key), iv, ivlen, aad, aadlen,  in, inlen, tag, taglen, out) != 1) {
+			error_print();
+			return -1;
+		}
+#ifdef ENABLE_AES
+	} else if (key->cipher == BLOCK_CIPHER_aes128()) {
+		if (aes_gcm_decrypt(&(key->u.aes_key), iv, ivlen, aad, aadlen,  in, inlen, tag, taglen, out) != 1) {
+			error_print();
+			return -1;
+		}
+#endif
+	} else {
+		error_print();
+		return -1;
+	}
+	return 1;
+}
+
 
 /*
 struct {

tests/gcmtest.c → tests/ghashtest.c

@@ -1,5 +1,5 @@
 /*
- *  Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
+ *  Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
  *
  *  Licensed under the Apache License, Version 2.0 (the License); you may
  *  not use this file except in compliance with the License.
@@ -11,10 +11,9 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#include <gmssl/gcm.h>
+#include <gmssl/ghash.h>
 #include <gmssl/hex.h>
 #include <gmssl/rand.h>
-#include <gmssl/block_cipher.h>
 #include <gmssl/error.h>
 
 
@@ -115,6 +114,7 @@ int test_ghash(void)
 	return 1;
 }
 
+#if 0
 int test_gcm(void)
 {
 	BLOCK_CIPHER_KEY block_key;
@@ -178,15 +178,12 @@ int test_gcm(void)
 	printf("%s() ok\n", __FUNCTION__);
 	return 1;
 }
-
-
-
+#endif
 
 
 int main(int argc, char **argv)
 {
 	if (test_ghash() != 1) goto err;
-	if (test_gcm() != 1) goto err;
 	printf("%s all tests passed\n", __FILE__);
 	return 0;
 err: