OpenSSL 1.1.1 新特性: 全面支持国密SM2/SM3/SM4加密算法

​

​​OpenSSL项目​​最近6个月添加了许多新特性, 包括对中国SM2/SM3/SM4算法的支持:

• SM2椭圆曲线: ​​https:///openssl/openssl/pull/4793​​
• SM3哈希摘要: ​​https:///openssl/openssl/pull/4616​​
• SM4对称加密: ​​https:///openssl/openssl/pull/4552​​

参考: 中国国家密码管理局制定的商业密码算法标准

• 《GM/T 0006-2012 密码应用标识规范》定义国密算法OID标识
• 《GB/T 32907-2016 SM4分组密码算法》(原GM/T 0002-2012)
• 《GB/T 329??-2016 SM2椭圆曲线公钥密码算法》(原GM/T 0003-2012)
• 《GB/T 32905-2016 SM3密码杂凑算法》(原GM/T 0004-2012)

下载源码

• ​​https://www.openssl.org/source/openssl-1.1.1-pre4.tar.gz​​
• ​​https://www.openssl.org/source/openssl-1.1.1-pre5.tar.gz​​

解压缩

2.  
   
   tar xzvf openssl-1.1.1-pre4.tar.gz
3.  
   
   tar xzvf openssl-1.1.1-pre5.tar.gz

编译步骤

2.  
   
   cd openssl-1.1.1-pre5
3.  
   
   ./config
4.  
   
   make

本地安装(可选步骤)

sudo make install

配置LD_LIBRARY_PATH并检查openssl可执行程序版本号

2.  
   
   $ export LD_LIBRARY_PATH=`pwd`
3.  
    
4.  
   
   $ ./apps/openssl version
5.  
   
   OpenSSL 1.1.1-pre5 (beta) 17 Apr 2018

检查 SM3 哈希校验和

2.  
   
   $ echo -n "abc" | ./apps/openssl dgst -SM3
3.  
   
   (stdin)= 66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0

检查椭圆曲线是否包含SM2

2.  
   
   $ ./apps/openssl ecparam -list_curves | grep SM2
3.  
   
   SM2 : SM2 curve over a 256 bit prime field

检查对称算法

2.  
   
   ./apps/openssl enc -ciphers
3.  
   
   -sm4
4.  
   
   -sm4-cbc
5.  
   
   -sm4-cfb
6.  
   
   -sm4-ctr
7.  
   
   -sm4-ecb
8.  
   
   -sm4-ofb

???

2. 测试SM4-ECB电子密码本模式, 选取AES-128-ECB作为参考
   ​​https:///liuqun/openssl-sm4-demo/​​
5.  
   
   /** 文件名: https:///liuqun/openssl-sm4-demo/blob/cmake/src/main.c */
6.  
   
   #include <stddef.h>
7.  
   
   #include <stdio.h>
8.  
   
   #include <stdlib.h>
9.  
   
   #include <string.h>
10.  
    
    #include "openssl/err.h"
11.  
    
    #include "openssl/evp.h"
12.  
     
13.  
    
    /* Before OpenSSL 1.1.1-pre1, we did not have EVP_sm4_ecb() */
14.  
    
    #if defined(OPENSSL_VERSION_NUMBER) \
15.  
    
    && OPENSSL_VERSION_NUMBER < 0x10101001L
16.  
    
    static const EVP_CIPHER *(*EVP_sm4_ecb)()=EVP_aes_128_ecb;
17.  
    
    #endif
18.  
     
19.  
    
    typedef struct {
20.  
    
    const unsigned char *in_data;
21.  
    
    size_t in_data_len;
22.  
    
    int in_data_is_already_padded;
23.  
    
    const unsigned char *in_ivec;
24.  
    
    const unsigned char *in_key;
25.  
    
    size_t in_key_len;
26.  
    
    } test_case_t;
27.  
     
28.  
     
29.  
    
    void test_encrypt_with_cipher(const test_case_t *in, const EVP_CIPHER *cipher)
30.  
    
    {
31.  
    
    unsigned char *out_buf = NULL;
32.  
    
    int out_len;
33.  
    
    int out_padding_len;
34.  
    
    EVP_CIPHER_CTX *ctx;
35.  
     
36.  
    
    ctx = EVP_CIPHER_CTX_new();
37.  
    
    EVP_EncryptInit_ex(ctx, cipher, NULL, in->in_key, in->in_ivec);
38.  
     
39.  
    
    if (in->in_data_is_already_padded)
40.  
    
    {
41.  
    
    /* Check whether the input data is already padded.
42.  
    
    And its length must be an integral multiple of the cipher's block size. */
43.  
    
    const size_t bs = EVP_CIPHER_block_size(cipher);
44.  
    
    if (in->in_data_len % bs != 0)
45.  
    
    {
46.  
    
    printf("ERROR-1: data length=%d which is not added yet; block size=%d\n", (int) in->in_data_len, (int) bs);
47.  
    
    /* Warning: Remember to do some clean-ups */
48.  
    
    EVP_CIPHER_CTX_free(ctx);
49.  
    
    return;
50.  
    
    }
51.  
    
    /* Disable the implicit PKCS#7 padding defined in EVP_CIPHER */
52.  
    
    EVP_CIPHER_CTX_set_padding(ctx, 0);
53.  
    
    }
54.  
     
55.  
    
    out_buf = (unsigned char *) malloc(((in->in_data_len>>4)+1) << 4);
56.  
    
    out_len = 0;
57.  
    
    EVP_EncryptUpdate(ctx, out_buf, &out_len, in->in_data, in->in_data_len);
58.  
    
    if (1)
59.  
    
    {
60.  
    
    printf("Debug: out_len=%d\n", out_len);
61.  
    
    }
62.  
     
63.  
    
    out_padding_len = 0;
64.  
    
    EVP_EncryptFinal_ex(ctx, out_buf+out_len, &out_padding_len);
65.  
    
    if (1)
66.  
    
    {
67.  
    
    printf("Debug: out_padding_len=%d\n", out_padding_len);
68.  
    
    }
69.  
     
70.  
    
    EVP_CIPHER_CTX_free(ctx);
71.  
    
    if (1)
72.  
    
    {
73.  
    
    int i;
74.  
    
    int len;
75.  
    
    len = out_len + out_padding_len;
76.  
    
    for (i=0; i<len; i++)
77.  
    
    {
78.  
    
    printf("%02x ", out_buf[i]);
79.  
    
    }
80.  
    
    printf("\n");
81.  
    
    }
82.  
     
83.  
    
    if (out_buf)
84.  
    
    {
85.  
    
    free(out_buf);
86.  
    
    out_buf = NULL;
87.  
    
    }
88.  
    
    }
89.  
     
90.  
    
    void main()
91.  
    
    {
92.  
    
    int have_sm4 = (OPENSSL_VERSION_NUMBER >= 0x10101001L);
93.  
    
    int have_aes = 1;
94.  
    
    const unsigned char data[]=
95.  
    
    {
96.  
    
    0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
97.  
    
    0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
98.  
    
    };
99.  
    
    unsigned char ivec[EVP_MAX_IV_LENGTH]; ///< IV 向量
100.  
     
     const unsigned char key1[16] = ///< key_data, 密钥内容, 至少16字节
101.  
     
     {
102.  
     
     0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
103.  
     
     0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
104.  
     
     };
105.  
     
     test_case_t tc;
106.  
      
107.  
     
     tc.in_data = data;
108.  
     
     tc.in_data_len = sizeof(data);
109.  
     
     tc.in_data_is_already_padded = (tc.in_data_len % 16)==0; // Hard coded 16 as the cipher's block size
110.  
     
     tc.in_key = key1;
111.  
     
     tc.in_key_len = sizeof(key1);
112.  
     
     memset(ivec, 0x00, EVP_MAX_IV_LENGTH);
113.  
     
     tc.in_ivec = ivec;
114.  
      
115.  
     
     #if defined(OPENSSL_NO_SM4)
116.  
     
     have_sm4 = 0;
117.  
     
     #endif
118.  
     
     if (have_sm4)
119.  
     
     {
120.  
     
     printf("[1]\n");
121.  
     
     printf("Debug: EVP_sm4_ecb() test\n");
122.  
     
     test_encrypt_with_cipher(&tc, EVP_sm4_ecb());
123.  
     
     }
124.  
     
     #if defined(OPENSSL_NO_AES)
125.  
     
     have_aes = 0;
126.  
     
     #endif
127.  
     
     if (have_aes)
128.  
     
     {
129.  
     
     printf("[2]\n");
130.  
     
     printf("Debug: EVP_aes_128_ecb() test\n");
131.  
     
     test_encrypt_with_cipher(&tc, EVP_aes_128_ecb());
132.  
     
     }
133.  
     
     }
136.  
     
     假定当前是把main.c放在 openssl-1.1.1-pre5/文件夹内
137.  
     
     gcc -Iinclude -c main.c
138.  
     
     gcc main.o libcrypto.so -o a.out
139.  
      
140.  
     
     export LD_LIBRARY_PATH=`pwd`
141.  
     
     ldd a.out
142.  
      
143.  
     
     ./a.out

9.1. GM/T OIDs
9.1.1. SCA OID Prefix
All SM4 GM/T OIDs belong under the "1.2.156.10197" OID prefix,
registered by the Chinese Cryptography Standardization Technology
Committee ("CCSTC"), a committee under the SCA. Its components are
described below in ASN.1 notation.