diff --git a/.clang-format b/.clang-format new file mode 100644 index 0000000..4965f6a --- /dev/null +++ b/.clang-format @@ -0,0 +1,73 @@ +# Generated from CLion C/C++ Code Style settings +BinPackParameters: false +BasedOnStyle: LLVM +AccessModifierOffset: -4 +AlignAfterOpenBracket: Align +AlignConsecutiveAssignments: None +AlignOperands: DontAlign +AllowAllArgumentsOnNextLine: false +AllowAllConstructorInitializersOnNextLine: false +AllowAllParametersOfDeclarationOnNextLine: false +AllowShortBlocksOnASingleLine: Always +AllowShortCaseLabelsOnASingleLine: false +AllowShortFunctionsOnASingleLine: All +AllowShortIfStatementsOnASingleLine: true +AllowShortLambdasOnASingleLine: All +AllowShortLoopsOnASingleLine: true +AlwaysBreakTemplateDeclarations: Yes +# 函数和返回类型分两行,方便阅读 +AlwaysBreakAfterReturnType: TopLevelDefinitions +BreakBeforeBraces: Custom +BraceWrapping: + AfterCaseLabel: false + AfterClass: false + AfterControlStatement: Never + AfterEnum: false + AfterFunction: true + AfterNamespace: false + AfterUnion: false + BeforeCatch: false + BeforeElse: false + IndentBraces: false + SplitEmptyFunction: false + SplitEmptyRecord: true +BreakBeforeBinaryOperators: NonAssignment +BreakBeforeTernaryOperators: true +BreakConstructorInitializers: BeforeColon +ConstructorInitializerAllOnOneLineOrOnePerLine: true +BreakInheritanceList: BeforeColon +ColumnLimit: 120 +CompactNamespaces: false +ContinuationIndentWidth: 4 +EmptyLineBeforeAccessModifier: LogicalBlock +SeparateDefinitionBlocks: Always +IndentCaseLabels: false +IndentPPDirectives: None +IndentWidth: 4 +KeepEmptyLinesAtTheStartOfBlocks: true +MaxEmptyLinesToKeep: 1 +NamespaceIndentation: None +ObjCSpaceAfterProperty: false +ObjCSpaceBeforeProtocolList: false +PointerAlignment: Right +ReflowComments: false +SortIncludes: CaseSensitive +SpaceAfterCStyleCast: true +SpaceAfterLogicalNot: false +SpaceAfterTemplateKeyword: false +SpaceBeforeAssignmentOperators: true +SpaceBeforeCpp11BracedList: false +SpaceBeforeCtorInitializerColon: true +SpaceBeforeInheritanceColon: true +SpaceBeforeParens: ControlStatements +SpaceBeforeRangeBasedForLoopColon: true +SpaceInEmptyParentheses: false +SpacesBeforeTrailingComments: 0 +SpacesInAngles: false +SpacesInCStyleCastParentheses: false +SpacesInContainerLiterals: false +SpacesInParentheses: false +SpacesInSquareBrackets: false +TabWidth: 4 +UseTab: Never +PenaltyIndentedWhitespace: 1 diff --git a/.gitignore b/.gitignore index 922b8cf..fae467c 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,6 @@ release/ *.len *.pcap +.cache +out/ +compile_commands.json diff --git a/CMakeLists.txt b/CMakeLists.txt index 76efd0f..27ea99c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,27 +1,30 @@ cmake_minimum_required(VERSION 3.9) -project(SecMedia VERSION 0.0.1 DESCRIPTION "Security Media Package") +project( + SecMedia + VERSION 0.0.1 + DESCRIPTION "Security Media Package") set(CMAKE_CXX_STANDARD 11) if(${CMAKE_BUILD_TYPE} MATCHES "Release") - message(STATUS "Release版本") - set(BuildType "Release") - add_definitions(-DNDEBUG) + message(STATUS "Release版本") + set(BuildType "Release") + add_definitions(-DNDEBUG) elseif(${CMAKE_BUILD_TYPE} MATCHES "MinSizeRel") - message(STATUS "MinSizeRel版本") - set(BuildType "MinSizeRel") + message(STATUS "MinSizeRel版本") + set(BuildType "MinSizeRel") else() - set(BuildType "Debug") - message(STATUS "Debug版本") - add_definitions(-DDEBUG_LOG) - add_definitions(-DNDEBUG) - add_definitions(-DDUMP_FILE) + set(BuildType "Debug") + message(STATUS "Debug版本") + add_definitions(-DDEBUG_LOG) + add_definitions(-DNDEBUG) + add_definitions(-DDUMP_FILE) endif() -#加载自定义模块 +# 加载自定义模块 add_definitions(-DSIGN_ENABLE) set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_CURRENT_SOURCE_DIR}/cmake") -SET(LIBRARY_OUTPUT_PATH ${CMAKE_CURRENT_SOURCE_DIR}/release/lib/${BuildType}) -SET(EXECUTABLE_OUTPUT_PATH ${CMAKE_CURRENT_SOURCE_DIR}/release/out) +set(LIBRARY_OUTPUT_PATH ${CMAKE_CURRENT_SOURCE_DIR}/release/lib/${BuildType}) +set(EXECUTABLE_OUTPUT_PATH ${CMAKE_CURRENT_SOURCE_DIR}/release/out) set(CMAKE_C_VISIBILITY_PRESET hidden) set(CMAKE_CXX_VISIBILITY_PRESET hidden) @@ -29,13 +32,13 @@ set(CMAKE_CXX_VISIBILITY_PRESET hidden) # set(CMAKE_CXX_FLAGS$ "${CMAKE_CXX_FLAGS} -fvisibility = hidden") set(SecMedia_Root ${CMAKE_CURRENT_SOURCE_DIR}/src) add_compile_options(-fPIC) -# add_compile_options(-fvisibility=hidden) -# add_compile_options(-std=c++11) -#add_compile_options(-mcpu=cortex-a7 -mfloat-abi=softfp -mfpu=neon-vfpv4 -mno-unaligned-access -fno-aggressive-loop-optimizations -Wcast-align) +# add_compile_options(-fvisibility=hidden) add_compile_options(-std=c++11) +# add_compile_options(-mcpu=cortex-a7 -mfloat-abi=softfp -mfpu=neon-vfpv4 +# -mno-unaligned-access -fno-aggressive-loop-optimizations -Wcast-align) include(GNUInstallDirs) include(GenerateExportHeader) -#media-server ps dec enc +# media-server ps dec enc set(MediaServer_Root ${SecMedia_Root}/3rdpart/media-server) include_directories(${MediaServer_Root}/librtp/include) include_directories(${MediaServer_Root}/libmpeg/include) @@ -48,16 +51,14 @@ aux_source_directory(${MediaServer_Root}/librtp/source src_rtp) aux_source_directory(${MediaServer_Root}/librtp/payload src_rtp) add_library(rtp STATIC ${src_rtp}) - - include_directories(${SecMedia_Root}/SVAC/src/svac_src) -#添加svac解密 +# 添加svac解密 aux_source_directory(${SecMedia_Root}/SVAC/src/sm2sm3 src_DEC) aux_source_directory(${SecMedia_Root}/SVAC/src/svac_src src_DEC) add_library(SVAC_DEC STATIC ${src_DEC}) -#添加svac加密 -#include_directories(${DEC_ENC_Algorithm}/SVAC/svac_enc) -#file(GLOB src_DEC_ENC ${DEC_ENC_Algorithm}/SVAC/svac_enc/*/*.c ${DEC_ENC_Algorithm}/SVAC/svac_enc/*/*.h) +# 添加svac加密 include_directories(${DEC_ENC_Algorithm}/SVAC/svac_enc) file(GLOB +# src_DEC_ENC ${DEC_ENC_Algorithm}/SVAC/svac_enc/*/*.c +# ${DEC_ENC_Algorithm}/SVAC/svac_enc/*/*.h) aux_source_directory(${SecMedia_Root}/SVAC/src/sm2sm3_enc src_ENC) aux_source_directory(${SecMedia_Root}/SVAC/src/svac_src src_ENC) add_library(SVAC_ENC STATIC ${src_ENC}) @@ -65,17 +66,25 @@ add_library(SVAC_ENC STATIC ${src_ENC}) list(APPEND LINK_LIB_SVAC_LIST SVAC_DEC) list(APPEND LINK_LIB_SVAC_LIST SVAC_ENC) -#添加密码卡库 -# add_definitions(-DENABLE_HARDWARE_SIGN) -# list(APPEND LINK_LIB_SVAC_LIST sm.so) +# 添加密码卡库 add_definitions(-DENABLE_HARDWARE_SIGN) list(APPEND LINK_LIB_SVAC_LIST +# sm.so) include_directories(include src) # add_definitions(-DGENERATE_EXPORT) -#file(GLOB SecMedia_src_list ${SecMedia_Root}/SVAC/./*.c ${SecMedia_Root}/SVAC/./*.h) -file(GLOB SecMedia_src_list ${SecMedia_Root}/*/*.cpp ${SecMedia_Root}/*/*.h ${SecMedia_Root}/*/*.c ${SecMedia_Root}/*/*/*.cpp ${SecMedia_Root}/*/*/*.h ${SecMedia_Root}/*/*/*.c) -file(GLOB SecMedia_api_list ${CMAKE_CURRENT_SOURCE_DIR}/include/common.h ) +# file(GLOB SecMedia_src_list ${SecMedia_Root}/SVAC/./*.c +# ${SecMedia_Root}/SVAC/./*.h) +file( + GLOB + SecMedia_src_list + ${SecMedia_Root}/*/*.cpp + ${SecMedia_Root}/*/*.h + ${SecMedia_Root}/*/*.c + ${SecMedia_Root}/*/*/*.cpp + ${SecMedia_Root}/*/*/*.h + ${SecMedia_Root}/*/*/*.c) +file(GLOB SecMedia_api_list ${CMAKE_CURRENT_SOURCE_DIR}/include/common.h) # # target_compile_options(${PROJECT_NAME} PRIVATE -fvisibility=hidden) # list(APPEND LINK_LIB_LIST ${LINK_LIB_SVAC_LIST}) @@ -85,43 +94,33 @@ add_library(${PROJECT_NAME} SHARED ${SecMedia_src_list}) target_link_libraries(${PROJECT_NAME} ${LINK_LIB_SVAC_LIST} rtp) target_include_directories(${PROJECT_NAME} PRIVATE ${SecMedia_Root}/.) -# set_target_properties(${PROJECT_NAME} PROPERTIES -# VERSION ${PROJECT_VERSION} -# SOVERSION 1 -# PUBLIC_HEADER ${SecMedia_api_list} -# ) - # CXX_VISIBILITY_PRESET hidden - # CMAKE_C_FLAGS hidden) +# set_target_properties(${PROJECT_NAME} PROPERTIES VERSION ${PROJECT_VERSION} +# SOVERSION 1 PUBLIC_HEADER ${SecMedia_api_list} ) +# CXX_VISIBILITY_PRESET hidden CMAKE_C_FLAGS hidden) -list(APPEND LINK_LIB_LIST ${PROJECT_NAME}) +list(APPEND LINK_LIB_LIST ${PROJECT_NAME}) list(APPEND LINK_LIB_LIST pthread) -#查找jemalloc是否安装 +# 查找jemalloc是否安装 find_package(JEMALLOC QUIET) if(JEMALLOC_FOUND) - message(STATUS "found library:\"${JEMALLOC_LIBRARIES}\"") - include_directories(${JEMALLOC_INCLUDE_DIR}) - list(APPEND LINK_LIB_LIST ${JEMALLOC_LIBRARIES}) + message(STATUS "found library:\"${JEMALLOC_LIBRARIES}\"") + include_directories(${JEMALLOC_INCLUDE_DIR}) + list(APPEND LINK_LIB_LIST ${JEMALLOC_LIBRARIES}) else() - message(WARNING "JEMALLOC not found") + message(WARNING "JEMALLOC not found") endif() +# set(LINK_LIB_LIST ) MESSAGE(STATUS ${SecMedia_api_list}) +# configure_file(SecMedia.pc.in SecMedia.pc @ONLY) -#set(LINK_LIB_LIST ) -#MESSAGE(STATUS ${SecMedia_api_list}) -#configure_file(SecMedia.pc.in SecMedia.pc @ONLY) - -# install(TARGETS ${PROJECT_NAME} -# LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} -# PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) -# install(FILES ${CMAKE_BINARY_DIR}/${PROJECT_NAME}.pc -# DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/pkgconfig) - - - - +# install(TARGETS ${PROJECT_NAME} LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} +# PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) install(FILES +# ${CMAKE_BINARY_DIR}/${PROJECT_NAME}.pc DESTINATION +# ${CMAKE_INSTALL_DATAROOTDIR}/pkgconfig) add_subdirectory(test) add_subdirectory(PcapSender) add_subdirectory(PcapRawSender) -add_subdirectory(SecSetGen) \ No newline at end of file +add_subdirectory(SecSetGen) + diff --git a/PcapRawSender/CMakeLists.txt b/PcapRawSender/CMakeLists.txt index d36f4dc..2a03d90 100644 --- a/PcapRawSender/CMakeLists.txt +++ b/PcapRawSender/CMakeLists.txt @@ -1,16 +1,19 @@ include_directories(../include) file(GLOB sender_src_list ./*.cpp ./*.h ../include/*.h) -MESSAGE(STATUS ${sender_src_list}) +message(STATUS ${sender_src_list}) find_package(PcapPlusPlus CONFIG REQUIRED) -find_package(DPDK REQUIRED) +# find_package(DPDK REQUIRED) message(STATUS "Using Pcap++ ${PcapPlusPlus_VERSION}") message(STATUS "Include dir: ${PcapPlusPlus_INCLUDE_DIR}") - add_executable(PcapRawSender ${sender_src_list}) -target_link_libraries(PcapRawSender PUBLIC ${LINK_LIB_LIST} PUBLIC PcapPlusPlus::Pcap++ PUBLIC DPDK::DPDK) +target_link_libraries( + PcapRawSender + PUBLIC ${LINK_LIB_LIST} + PUBLIC PcapPlusPlus::Pcap++ + # PUBLIC DPDK::DPDK +) # target_link_libraries(PcapSender PUBLIC PcapPlusPlus::Pcap++) - diff --git a/PcapSender/CMakeLists.txt b/PcapSender/CMakeLists.txt index cd857ee..28d3865 100644 --- a/PcapSender/CMakeLists.txt +++ b/PcapSender/CMakeLists.txt @@ -1,16 +1,18 @@ include_directories(../include) file(GLOB sender_src_list ./*.cpp ./*.h ../include/*.h) -MESSAGE(STATUS ${sender_src_list}) +message(STATUS ${sender_src_list}) find_package(PcapPlusPlus CONFIG REQUIRED) -find_package(DPDK REQUIRED) +# find_package(DPDK REQUIRED) message(STATUS "Using Pcap++ ${PcapPlusPlus_VERSION}") message(STATUS "Include dir: ${PcapPlusPlus_INCLUDE_DIR}") - add_executable(PcapSender ${sender_src_list}) -target_link_libraries(PcapSender PUBLIC ${LINK_LIB_LIST} PUBLIC PcapPlusPlus::Pcap++ PUBLIC DPDK::DPDK) +target_link_libraries( + PcapSender + PUBLIC ${LINK_LIB_LIST} + PUBLIC PcapPlusPlus::Pcap++ # PUBLIC DPDK::DPDK +) # target_link_libraries(PcapSender PUBLIC PcapPlusPlus::Pcap++) - diff --git a/src/GB28181/L2SecurityStream.h b/src/GB28181/L2SecurityStream.h index 6b2da7c..e8fdc17 100644 --- a/src/GB28181/L2SecurityStream.h +++ b/src/GB28181/L2SecurityStream.h @@ -1,67 +1,74 @@ #ifndef L2_SECURITY_STREAM_H #define L2_SECURITY_STREAM_H -#include +#include "HuaWei/HWcommon.h" +#include "HuaWei/HWsec.h" +#include "HuaWei/HWsign.h" +#include "HuaWei/RTP.h" +#include "RtpDecoder.h" +#include #include #include #include +#include #include -#include -#include "HuaWei/HWcommon.h" -#include "HuaWei/RTP.h" -#include "HuaWei/HWsign.h" -#include "HuaWei/HWsec.h" -#include "RtpDecoder.h" -class L2SecurityStream -{ +class L2SecurityStream { public: - explicit L2SecurityStream(sec_set_info* set_info); - ~L2SecurityStream(){ - _thread_exit=1; - _keyframe_seq=-2; + explicit L2SecurityStream(sec_set_info *set_info); + + virtual ~L2SecurityStream() + { + _thread_exit = 1; + _keyframe_seq = -2; _sign_start.notify_all(); usleep(10000); }; + void ThreadSign(); - virtual int RtpInput(const uint8_t* data,uint16_t len, void *param=nullptr)=0; - virtual int RtpOutput(char * buf, uint32_t * len, uint16_t* sei_tail_pos, uint16_t* extra_len, void ** param); + virtual int RtpInput(const uint8_t *data, uint16_t len, void *param = nullptr) = 0; + virtual int RtpOutput(char *buf, uint32_t *len, uint16_t *sei_tail_pos, uint16_t *extra_len, void **param); + protected: - uint8_t * gen_sec_sei(uint8_t *ptr); - void addSignData(const char * data, uint32_t len,uint32_t dts,int codectype ){ - ver_set.total_hash_data_len=len; - ver_set.head_frame_dts=dts; - ver_set.head_frame_type=codectype; - ver_set.end_flag=0x80; + uint8_t *gen_sec_sei(uint8_t *ptr); + + void addSignData(const char *data, uint32_t len, uint32_t dts, int codectype) + { + ver_set.total_hash_data_len = len; + ver_set.head_frame_dts = dts; + ver_set.head_frame_type = codectype; + ver_set.end_flag = 0x80; { std::lock_guard lock(_sign_process_mtx); } - _start_sign=true; - _keyframe_seq=-2; - _keyframe_complete=true; - _keyframe_DATA.assign(data,len); + _start_sign = true; + _keyframe_seq = -2; + _keyframe_complete = true; + _keyframe_DATA.assign(data, len); _sign_start.notify_one(); - INFOL("_sign_start.notify_one() dts:%u\n",dts); + INFOL("_sign_start.notify_one() dts:%u\n", dts); // _on_sign_flag=false; // { - + // _on_sign.wait(lock,[&]{ return _on_sign_flag; }); // } usleep(1000); // sleep(1); }; + private: - const char _class_name[17]="L2SecurityStream"; - std::array _sign_thread_list; + const char _class_name[17] = "L2SecurityStream"; + std::array _sign_thread_list; // std::thread * _sign_thread; protected: CodecId _code_id; - uint32_t _all_in=0; - uint32_t _all_out=0; - bool _keyframe_complete=false; + uint32_t _all_in = 0; + uint32_t _all_out = 0; + bool _keyframe_complete = false; uint16_t _sei_race_len; HWsec_queue _package_queue; + public: uint8_t _sei_race_buf[4096]; uint8_t *_sei_buf_ptr; @@ -78,70 +85,74 @@ public: std::mutex _sign_process_mtx; // std::condition_variable _on_sign; // bool _on_sign_flag=true; - bool _start_sign=false; + bool _start_sign = false; }; - -class L2UdpStream: public L2SecurityStream -{ +class L2UdpStream : public L2SecurityStream { protected: - uint16_t _seq_increment=0; + uint16_t _seq_increment = 0; RtpDecoder _rtp_decoder; + private: - uint16_t _prv_seq=0; + uint16_t _prv_seq = 0; + public: - L2UdpStream(sec_set_info* set_info):L2SecurityStream(set_info){ - _rtp_decoder.setOnDecode([&](const uint8_t *packet, int bytes, uint32_t timestamp, int flags){ - on_rtp_out(packet,bytes,timestamp,flags); + L2UdpStream(sec_set_info *set_info) : L2SecurityStream(set_info) + { + _rtp_decoder.setOnDecode([&](const uint8_t *packet, int bytes, uint32_t timestamp, int flags) { + on_rtp_out(packet, bytes, timestamp, flags); }); }; - int RtpInput(const uint8_t* data,uint16_t len, void *param=nullptr)override ; - virtual void on_rtp_out(const uint8_t *packet, int bytes, uint32_t timestamp, int flags)=0; + + int RtpInput(const uint8_t *data, uint16_t len, void *param = nullptr) override; + virtual void on_rtp_out(const uint8_t *packet, int bytes, uint32_t timestamp, int flags) = 0; protected: + virtual void rtp_post_process(const RTPcell::Ptr &rtp_cell) = 0; - virtual void rtp_post_process(const RTPcell::Ptr &rtp_cell)=0; - uint8_t * addRTPheader(const RTPcell::Ptr &rtp_cell,uint8_t * buf_ptr,uint16_t buf_remain_len){ - if (rtp_cell->_prefix>buf_remain_len) return nullptr; - memcpy(buf_ptr,rtp_cell->_buffer,rtp_cell->_prefix); //copy previous rtp header - _seq_increment%=UINT16_MAX; + uint8_t *addRTPheader(const RTPcell::Ptr &rtp_cell, uint8_t *buf_ptr, uint16_t buf_remain_len) + { + if (rtp_cell->_prefix > buf_remain_len) return nullptr; + memcpy(buf_ptr, rtp_cell->_buffer, + rtp_cell->_prefix);// copy previous rtp header + _seq_increment %= UINT16_MAX; _seq_increment++; - uint16_t seq=((uint32_t)_seq_increment+rtp_cell->seq)%((uint32_t)UINT16_MAX+1); + uint16_t seq = ((uint32_t) _seq_increment + rtp_cell->seq) % ((uint32_t) UINT16_MAX + 1); - // if( (uint32_t)(_prv_seq+1)%(uint32_t)(UINT16_MAX+1) == seq || _prv_seq==0){ + // if( (uint32_t)(_prv_seq+1)%(uint32_t)(UINT16_MAX+1) == seq || + // _prv_seq==0){ // _prv_seq=seq; // }else{ // _prv_seq=seq; // ERROL("OUTPUT Disorder rtp Seq: %u+1 != %u \n",_prv_seq,seq); // } - if(seqseq){ - _seq_increment=0; - } + if (seq < rtp_cell->seq) { _seq_increment = 0; } // DEBUGL("increase seq:%u inc:%u\n",seq,_seq_increment); - seq=htons(seq); - memcpy(buf_ptr+rtp_cell->_tcp_prefix+2,(uint8_t*)&seq,2); // change sequence - return buf_ptr+rtp_cell->_prefix; + seq = htons(seq); + memcpy(buf_ptr + rtp_cell->_tcp_prefix + 2, (uint8_t *) &seq, + 2);// change sequence + return buf_ptr + rtp_cell->_prefix; } + private: - void incrementRTPseq(const RTPcell::Ptr &rtp_cell) { - uint16_t seq=((uint32_t)_seq_increment+(uint32_t)rtp_cell->seq)%((uint32_t)UINT16_MAX+1); - // DEBUGL("modify seq:%u old:%u inc:%u\n",seq,rtp_cell->seq,_seq_increment); - // if( (uint32_t)(_prv_seq+1)%(uint32_t)(UINT16_MAX+1) == seq || _prv_seq==0){ - // _prv_seq=seq; - // }else{ - // _prv_seq=seq; - // ERROL("OUTPUT Disorder rtp Seq: %u+1 != %u \n",_prv_seq,seq); - // } - if(rtp_cell->_RTPpkg_ptr){ - seq=htons(seq); - rtp_cell->_RTPpkg_ptr->modifyData(rtp_cell->_RTPpkg_head_pos+rtp_cell->_tcp_prefix+2,(uint8_t*)&seq,2); - } - + void incrementRTPseq(const RTPcell::Ptr &rtp_cell) + { + uint16_t seq = ((uint32_t) _seq_increment + (uint32_t) rtp_cell->seq) % ((uint32_t) UINT16_MAX + 1); + // DEBUGL("modify seq:%u old:%u inc:%u\n",seq,rtp_cell->seq,_seq_increment); + // if( (uint32_t)(_prv_seq+1)%(uint32_t)(UINT16_MAX+1) == seq || + // _prv_seq==0){ + // _prv_seq=seq; + // }else{ + // _prv_seq=seq; + // ERROL("OUTPUT Disorder rtp Seq: %u+1 != %u \n",_prv_seq,seq); + // } + if (rtp_cell->_RTPpkg_ptr) { + seq = htons(seq); + rtp_cell->_RTPpkg_ptr->modifyData( + rtp_cell->_RTPpkg_head_pos + rtp_cell->_tcp_prefix + 2, (uint8_t *) &seq, 2); + } } - }; - - -#endif \ No newline at end of file +#endif diff --git a/src/GB28181/RtpDecoder.h b/src/GB28181/RtpDecoder.h index e017ab6..3a82c17 100644 --- a/src/GB28181/RtpDecoder.h +++ b/src/GB28181/RtpDecoder.h @@ -1,34 +1,35 @@ #ifndef RTP_DECODER_H #define RTP_DECODER_H -#include #include "HuaWei/HWcommon.h" +#include +#include class RtpDecoder { public: typedef function on_decode_t; + public: - RtpDecoder(){ + RtpDecoder() { }; ~RtpDecoder(); void decodeRtp(const void *data, int bytes); - void setOnDecode(on_decode_t cb){ - _on_decoded=cb; - }; + + void setOnDecode(on_decode_t cb) { _on_decoded = cb; }; + private: - void onDecode(const uint8_t *packet, int bytes, uint32_t timestamp, int flags){ - if(_on_decoded){ - _on_decoded(packet,bytes,timestamp,flags); - } + void onDecode(const uint8_t *packet, int bytes, uint32_t timestamp, int flags) + { + if (_on_decoded) { _on_decoded(packet, bytes, timestamp, flags); } } + private: void *_rtp_decoder = nullptr; std::vector _buffer; - string _codec="MP2P"; + std::string _codec = "MP2P"; uint8_t _rtp_type; on_decode_t _on_decoded; }; #endif - diff --git a/src/GB28181/StreamCodec.cpp b/src/GB28181/StreamCodec.cpp index dfebea5..bdba07e 100644 --- a/src/GB28181/StreamCodec.cpp +++ b/src/GB28181/StreamCodec.cpp @@ -1,12 +1,15 @@ #include "StreamCodec.h" #include -void stream_split(const char *ptr, int len, int prefix, const std::function &cb) { + +void +stream_split(const char *ptr, int len, int prefix, const std::function &cb) +{ auto start = ptr + prefix; auto end = ptr + len; int next_prefix; while (true) { //auto next_start = memfind(start, end - start, "\x00\x00\x01", 3); - auto next_start =(char*)memmem(start, end - start-3,"\x00\x00\x01",3 ); + auto next_start = (char *) memmem(start, end - start - 3, "\x00\x00\x01", 3); if (next_start) { //找到下一帧 if (*(next_start - 1) == 0x00) { @@ -31,13 +34,20 @@ void stream_split(const char *ptr, int len, int prefix, const std::function &cb) { +bool +stream_split_nd(const char *ptr, + int len, + int prefix, + const uint8_t *needle, + const uint8_t size, + const std::function &cb) +{ auto start = ptr + prefix; auto end = ptr + len; int next_prefix; while (true) { //auto next_start = memfind(start, end - start, "\x00\x00\x01", 3); - auto next_start =(char*)memmem(start, end - start-size,needle,size ); + auto next_start = (char *) memmem(start, end - start - size, needle, size); if (next_start) { //找到下一帧 if (*(next_start - 1) == 0x00) { @@ -49,7 +59,7 @@ bool stream_split_nd(const char *ptr, int len, int prefix, const uint8_t* needle next_prefix = 3; } //记得加上本帧prefix长度 - if(cb(start - prefix, next_start - start + prefix, prefix)) return true; + if (cb(start - prefix, next_start - start + prefix, prefix)) return true; //搜索下一帧末尾的起始位置 start = next_start + next_prefix; //记录下一帧的prefix长度 @@ -60,12 +70,13 @@ bool stream_split_nd(const char *ptr, int len, int prefix, const uint8_t* needle cb(start - prefix, end - start + prefix, prefix); break; } + return false; } -int prefixSize(const char *ptr, int len){ - if (len < 4) { - return 0; - } +int +prefixSize(const char *ptr, int len) +{ + if (len < 4) { return 0; } if (ptr[0] != 0x00 || ptr[1] != 0x00) { //不是0x00 00开头 diff --git a/src/GB28181/StreamCodec.h b/src/GB28181/StreamCodec.h index c19c36d..d1ab719 100644 --- a/src/GB28181/StreamCodec.h +++ b/src/GB28181/StreamCodec.h @@ -1,11 +1,17 @@ #ifndef STREAM_CODEC_H #define STREAM_CODEC_H +#include #include void stream_split(const char *ptr, int len, int prefix, const std::function &cb); int prefixSize(const char *ptr, int len); -bool stream_split_nd(const char *ptr, int len, int prefix, const uint8_t* needle,const uint8_t size, const std::function &cb) ; +bool stream_split_nd(const char *ptr, + int len, + int prefix, + const uint8_t *needle, + const uint8_t size, + const std::function &cb); -#endif \ No newline at end of file +#endif diff --git a/src/HuaWei/HWverify.cpp b/src/HuaWei/HWverify.cpp index 85d2c1e..4f5bbf1 100644 --- a/src/HuaWei/HWverify.cpp +++ b/src/HuaWei/HWverify.cpp @@ -1,296 +1,293 @@ #include +#include -#include "common.h" #include "HWcommon.h" #include "HuaWei/HWsign.h" +#include "common.h" #include "DecEnc/NALUdecode.h" #include "DecEnc/base64.h" - -void clear_all(HWsign* HWSign_hd){ +void +clear_all(HWsign *HWSign_hd) +{ HWSign_hd->buff->clear(); HWSign_hd->rtp_buff->clear(); DEBUGL("clear verify set!!!!!!!!!! \n"); } -inline void find_sign_sei(HWsign* HWSign_hd,uint16_t seq,const char * buf, const uint32_t len){ - char * ptr; - const uint8_t uuid[] = { 0x86,0xb1 ,0x16 ,0x6e ,0xad ,0xef ,0x67 ,0x3f ,0x70 ,0xbc ,0xe7 ,0xc7 ,0xe6 ,0x95 ,0xc6 ,0x09 }; +inline void +find_sign_sei(HWsign *HWSign_hd, uint16_t seq, const char *buf, const uint32_t len) +{ + char *ptr; + const uint8_t uuid[] = { + 0x86, 0xb1, 0x16, 0x6e, 0xad, 0xef, 0x67, 0x3f, 0x70, 0xbc, 0xe7, 0xc7, 0xe6, 0x95, 0xc6, 0x09}; char sign_drace[1024]; - auto next_start =(char*)memmem(buf, len,uuid,sizeof(uuid)); - if(next_start){ - if(!(next_start-2 > buf && *(next_start-2)==0x05)) return; - auto remain_len=(len-(next_start-buf)); - remain_len=del_racing_code((uint8_t *)sign_drace,(uint8_t *)next_start,remain_len); - uint8_t sign_set_len=*(next_start-1); - if(remain_len buf && *(next_start - 2) == 0x05)) return; + auto remain_len = (len - (next_start - buf)); + remain_len = del_racing_code((uint8_t *) sign_drace, (uint8_t *) next_start, remain_len); + uint8_t sign_set_len = *(next_start - 1); + if (remain_len < sign_set_len) return; + ptr = sign_drace + 16 + 1 + 4 + 16; // ptr=sign_drace +16 +1 +4 +16; //+ uuid + security_byte + vkek +vek - HWSign_hd->I_len= *(ptr++)<<24 | *(ptr++)<<16 | *(ptr++)<<8 | *(ptr++); - HWSign_hd->sei_len=*(ptr++); - if(ptr+HWSign_hd->sei_len>buf+len) { - HWSign_hd->sei_len=0; + HWSign_hd->I_len = *(ptr++) << 24 | *(ptr++) << 16 | *(ptr++) << 8 | *(ptr++); + HWSign_hd->sei_len = *(ptr++); + if (ptr + HWSign_hd->sei_len > buf + len) { + HWSign_hd->sei_len = 0; return; } - memcpy(HWSign_hd->sei_rtp_head,ptr,HWSign_hd->sei_len); + memcpy(HWSign_hd->sei_rtp_head, ptr, HWSign_hd->sei_len); } return; - } -int verify_data(HWsign* HWSign_hd){ - if(HWSign_hd->buff->empty()) return -2; - if(HWSign_hd->sei_len==0) return -2; - if(HWSign_hd->I_len!=HWSign_hd->buff->size()) return -2; +int +verify_data(HWsign *HWSign_hd) +{ + if (HWSign_hd->buff->empty()) return -2; + if (HWSign_hd->sei_len == 0) return -2; + if (HWSign_hd->I_len != HWSign_hd->buff->size()) return -2; uint8_t sha[128]; - - sm3_update(HWSign_hd->sm3_hd,(uint8_t*)HWSign_hd->buff->data(),HWSign_hd->I_len); - sm3_final(HWSign_hd->sm3_hd,sha); + + sm3_update(HWSign_hd->sm3_hd, (uint8_t *) HWSign_hd->buff->data(), HWSign_hd->I_len); + sm3_final(HWSign_hd->sm3_hd, sha); DEBUGL("\n&&&&&&&& sign: hash &&&&&&&&&&&&&&&&&&&&&&&&"); - print_data2((char*)sha,32,32); + print_data2((char *) sha, 32, 32); DEBUGL("\n&&&&&&&& sign: sign &&&&&&&&&&&&&&&&&&&&&&&&"); - print_data2((char*)HWSign_hd->sei_rtp_head,HWSign_hd->sei_len,HWSign_hd->sei_len); + print_data2((char *) HWSign_hd->sei_rtp_head, HWSign_hd->sei_len, HWSign_hd->sei_len); - - if(do_sm2_verify((char*)HWSign_hd->sm2_hd->pubkey,(char*)sha,32,(char*)HWSign_hd->sei_rtp_head)==0) return 1; - else return -1; + if (do_sm2_verify((char *) HWSign_hd->sm2_hd->pubkey, (char *) sha, 32, (char *) HWSign_hd->sei_rtp_head) == 0) + return 1; + else + return -1; } -void * HWVerify_init() +void * +HWVerify_init() { - HWsign* HWSign_hd= new HWsign(); - HWSign_hd->I_seq=-1; - HWSign_hd->in=0; - HWSign_hd->out=0; - HWSign_hd->seq_accu=0; - HWSign_hd->stamp=0; - HWSign_hd->buff_offest=0; - HWSign_hd->track_type=CodecInvalid; - HWSign_hd->sm3_hd=new sm3_ctx(); - HWSign_hd->sm2_hd=new SM2Config(); - HWSign_hd->buff=new string(); - HWSign_hd->rtp_buff = new list,void *>>(); - HWSign_hd->buff_que =new ThreadsafeQueue,void *>>(); + HWsign *HWSign_hd = new HWsign(); + HWSign_hd->I_seq = -1; + HWSign_hd->in = 0; + HWSign_hd->out = 0; + HWSign_hd->seq_accu = 0; + HWSign_hd->stamp = 0; + HWSign_hd->buff_offest = 0; + HWSign_hd->track_type = CodecInvalid; + HWSign_hd->sm3_hd = new sm3_ctx(); + HWSign_hd->sm2_hd = new SM2Config(); + HWSign_hd->buff = new string(); + HWSign_hd->rtp_buff = new list, void *>>(); + HWSign_hd->buff_que = new ThreadsafeQueue, void *>>(); // HWSign_hd->rtp_cb=rtp_callback; - HWSign_hd->rtp_cb=nullptr; + HWSign_hd->rtp_cb = nullptr; sm3_init(HWSign_hd->sm3_hd); - SM2Config sm2fig={ - 32, - 64, - { - 0x24,0x88,0xc8,0xdc,0x7f,0xd7,0xe0,0x91,0x30,0x1b,0x5c,0x58,0x2f,0xe7,0x44,0x7d, - 0x2f,0x43,0xe4,0xee,0xc8,0x7d,0xc0,0xfb,0xa4,0xb8,0x7d,0x4b,0x8a,0x69,0x7c,0x4e - }, - { - 0xaa,0xb1,0x3f,0xd7,0x66,0xe2,0x75,0x97,0xc0,0x03,0xe6,0xe4,0x1d,0x77,0x54,0x78, - 0xc8,0x29,0xb2,0x0b,0x9e,0xd1,0xff,0xa3,0x6a,0x6f,0xd2,0x7f,0xd6,0x2d,0xaa,0x3f, - 0xc9,0x24,0xec,0x6c,0x96,0x0a,0x7b,0x73,0xf6,0xe6,0xfc,0xda,0x3a,0x08,0xfd,0x92, - 0xfc,0x00,0x08,0x97,0x78,0x2c,0x71,0x6b,0xe1,0x26,0xf5,0x1e,0xba,0x31,0xf5,0xb2, - } - }; - HWSign_hd->sm2_hd->prikey_size=32; - HWSign_hd->sm2_hd->pubkey_size=64; - memcpy(HWSign_hd->sm2_hd->prikey,sm2fig.prikey,sizeof(sm2fig.prikey)); - memcpy(HWSign_hd->sm2_hd->pubkey,sm2fig.pubkey,sizeof(sm2fig.pubkey)); - return (void*)HWSign_hd; + SM2Config sm2fig = { + 32, + 64, + {0x24, 0x88, 0xc8, 0xdc, 0x7f, 0xd7, 0xe0, 0x91, 0x30, 0x1b, 0x5c, 0x58, 0x2f, 0xe7, 0x44, 0x7d, + 0x2f, 0x43, 0xe4, 0xee, 0xc8, 0x7d, 0xc0, 0xfb, 0xa4, 0xb8, 0x7d, 0x4b, 0x8a, 0x69, 0x7c, 0x4e}, + { + 0xaa, 0xb1, 0x3f, 0xd7, 0x66, 0xe2, 0x75, 0x97, 0xc0, 0x03, 0xe6, 0xe4, 0x1d, 0x77, 0x54, 0x78, + 0xc8, 0x29, 0xb2, 0x0b, 0x9e, 0xd1, 0xff, 0xa3, 0x6a, 0x6f, 0xd2, 0x7f, 0xd6, 0x2d, 0xaa, 0x3f, + 0xc9, 0x24, 0xec, 0x6c, 0x96, 0x0a, 0x7b, 0x73, 0xf6, 0xe6, 0xfc, 0xda, 0x3a, 0x08, 0xfd, 0x92, + 0xfc, 0x00, 0x08, 0x97, 0x78, 0x2c, 0x71, 0x6b, 0xe1, 0x26, 0xf5, 0x1e, 0xba, 0x31, 0xf5, 0xb2, + }}; + HWSign_hd->sm2_hd->prikey_size = 32; + HWSign_hd->sm2_hd->pubkey_size = 64; + memcpy(HWSign_hd->sm2_hd->prikey, sm2fig.prikey, sizeof(sm2fig.prikey)); + memcpy(HWSign_hd->sm2_hd->pubkey, sm2fig.pubkey, sizeof(sm2fig.pubkey)); + return (void *) HWSign_hd; } -void HWVerify_release(void* Handle) +void +HWVerify_release(void *Handle) { - HWsign* HWSign_hd=(HWsign*) Handle; + HWsign *HWSign_hd = (HWsign *) Handle; delete HWSign_hd->sm3_hd; delete HWSign_hd->sm2_hd; delete HWSign_hd->buff; delete HWSign_hd->rtp_buff; - HWSign_hd->rtp_cb=nullptr; + HWSign_hd->rtp_cb = nullptr; } -int HWVerify_rtp_264(HWsign* HWSign_hd, const char * buf, const uint32_t len,int tcp, void * param){ +int +HWVerify_rtp_264(HWsign *HWSign_hd, const char *buf, const uint32_t len, int tcp, void *param) +{ uint8_t offset; - if (tcp) offset=16; - else offset=12; + if (tcp) + offset = 16; + else + offset = 12; - const char * rtp=buf+offset; - int length = len- offset; + const char *rtp = buf + offset; + int length = len - offset; int nal_type = *rtp & 0x1F; int nal_suffix = *rtp & (~0x1F); - - uint16_t now_seq= get_sequence(buf,tcp); - DEBUGL("\n###### input ##########################"); - print_rtp2(buf,len,offset); - if (nal_type == 5 || nal_type == 7 || nal_type == 8 ) { + uint16_t now_seq = get_sequence(buf, tcp); + DEBUGL("\n###### input ##########################"); + print_rtp2(buf, len, offset); + + if (nal_type == 5 || nal_type == 7 || nal_type == 8) { return 0; } + + switch (nal_type) { + case 6: { + DEBUGL("SEI!!!!!!!!!! package\n"); + find_sign_sei(HWSign_hd, now_seq, rtp, length); return 0; } + case 28: { + FU fu; + MakeFU((uint8_t) rtp[1], fu); - switch (nal_type){ - case 6:{ - DEBUGL("SEI!!!!!!!!!! package\n"); - find_sign_sei(HWSign_hd,now_seq,rtp,length); + if (fu.type != 5) { return 0; } + if (fu.S) {//第一个rtp包 + if (!HWSign_hd->buff->empty()) { + WRNGL("Warning!!!!!!!!!! missing package\n"); + clear_all(HWSign_hd); + } + DEBUGL("!!!!!!!!!! I head\n"); + HWSign_hd->I_seq = now_seq; + HWSign_hd->buff->assign(rtp + 2, length - 2); return 0; } - case 28:{ - FU fu; - MakeFU((uint8_t)rtp[1], fu); - if (fu.type!=5) - { + if (HWSign_hd->I_seq >= 0) { + HWSign_hd->buff->append(rtp + 2, length - 2); + + if (!fu.E) {//中间rtp包 return 0; } - if (fu.S) { //第一个rtp包 - if(!HWSign_hd->buff->empty()){ - WRNGL("Warning!!!!!!!!!! missing package\n"); - clear_all(HWSign_hd); - } - DEBUGL("!!!!!!!!!! I head\n"); - HWSign_hd->I_seq=now_seq; - HWSign_hd->buff->assign(rtp+2,length-2); - return 0; - } - - if(HWSign_hd->I_seq>=0){ - HWSign_hd->buff->append(rtp+2,length-2); - - if (!fu.E) { //中间rtp包 - return 0; - } - ///verify here!!!!!!!!!!!!!!!! - int vef_ret=-2; - if(HWSign_hd->I_len==HWSign_hd->buff->size()){ - vef_ret=verify_data(HWSign_hd); - } - clear_all(HWSign_hd); - HWSign_hd->sei_len=0; - HWSign_hd->I_seq=-1; - return vef_ret; - }else{ - return 0; - } - - - } - default:{ + ///verify here!!!!!!!!!!!!!!!! + int vef_ret = -2; + if (HWSign_hd->I_len == HWSign_hd->buff->size()) { vef_ret = verify_data(HWSign_hd); } + clear_all(HWSign_hd); + HWSign_hd->sei_len = 0; + HWSign_hd->I_seq = -1; + return vef_ret; + } else { return 0; } } + default: { + return 0; + } + } } - -int HWVerify_rtp_265(HWsign* HWSign_hd, const char * buf, const uint32_t len,int tcp, void * param){ +int +HWVerify_rtp_265(HWsign *HWSign_hd, const char *buf, const uint32_t len, int tcp, void *param) +{ uint8_t offset; - if (tcp) offset=16; - else offset=12; + if (tcp) + offset = 16; + else + offset = 12; - const char * rtp=buf+offset; - int length = len- offset; + const char *rtp = buf + offset; + int length = len - offset; int nal_type = H265_TYPE(*rtp); // int nal_suffix = *rtp & (~0x1F); - - uint16_t now_seq= get_sequence(buf,tcp); - DEBUGL("\n###### input ########################## nal: %d ", nal_type); - print_rtp2(buf,len,offset); - switch (nal_type){ - case H265Nal::NAL_SEI_PREFIX:{ - DEBUGL("SEI!!!!!!!!!! package\n"); - if(len<1300){ - memcpy(HWSign_hd->sei_rtp_head,buf,len); - HWSign_hd->sei_len=len; - HWSign_hd->sei_param=param; + uint16_t now_seq = get_sequence(buf, tcp); + DEBUGL("\n###### input ########################## nal: %d ", nal_type); + print_rtp2(buf, len, offset); + + switch (nal_type) { + case H265Nal::NAL_SEI_PREFIX: { + DEBUGL("SEI!!!!!!!!!! package\n"); + if (len < 1300) { + memcpy(HWSign_hd->sei_rtp_head, buf, len); + HWSign_hd->sei_len = len; + HWSign_hd->sei_param = param; + } + return 0; + } + case 49: { + FU fu; + Make265FU((uint8_t) rtp[2], fu); + + if (!(fu.type >= H265Nal::NAL_IDR_W_RADL && fu.type <= H265Nal::NAL_IDR_N_LP)) { return 0; } + if (fu.S) {//第一个rtp包 + if (!HWSign_hd->buff->empty()) { + WRNGL("Warning!!!!!!!!!! missing package\n"); + + clear_all(HWSign_hd); } + DEBUGL("!!!!!!!!!! I head\n"); + HWSign_hd->I_seq = now_seq; + HWSign_hd->buff->assign(rtp + 3, length - 3); return 0; } - case 49:{ - FU fu; - Make265FU((uint8_t)rtp[2], fu); - if (!(fu.type>=H265Nal::NAL_IDR_W_RADL && fu.type<=H265Nal::NAL_IDR_N_LP)) - { - return 0; - } - if (fu.S) { //第一个rtp包 - if(!HWSign_hd->buff->empty()){ - WRNGL("Warning!!!!!!!!!! missing package\n"); - - clear_all(HWSign_hd); - } - DEBUGL("!!!!!!!!!! I head\n"); - HWSign_hd->I_seq=now_seq; - HWSign_hd->buff->assign(rtp+3,length-3); + if (HWSign_hd->I_seq >= 0) { + + HWSign_hd->buff->append(rtp + 3, length - 3); + if (!fu.E) {//中间rtp包 return 0; } + int vef_ret = -2; - if(HWSign_hd->I_seq>=0){ - - HWSign_hd->buff->append(rtp+3,length-3); - if (!fu.E) { //中间rtp包 - return 0; - } - int vef_ret=-2; - - clear_all(HWSign_hd); - HWSign_hd->I_seq=-1; - return vef_ret; - }else{ - return 0; - } - - - } - default:{ + clear_all(HWSign_hd); + HWSign_hd->I_seq = -1; + return vef_ret; + } else { return 0; } } + default: { + return 0; + } + } } -int HWVerify_rtp_input(void* Handle, const char * buf, const uint32_t len,int tcp, void * param){ - int ret=-2; - HWsign* HWSign_hd=(HWsign*) Handle; - if(!HWSign_hd || !HWSign_hd->sm3_hd || !HWSign_hd->sm2_hd || !HWSign_hd->buff) { - throw runtime_error("HWSign_rtp initial error"); +int +HWVerify_rtp_input(void *Handle, const char *buf, const uint32_t len, int tcp, void *param) +{ + int ret = -2; + HWsign *HWSign_hd = (HWsign *) Handle; + if (!HWSign_hd || !HWSign_hd->sm3_hd || !HWSign_hd->sm2_hd || !HWSign_hd->buff) { + throw std::runtime_error("HWSign_rtp initial error"); return -3; } HWSign_hd->in++; - DEBUGL("verify input: in %d que %ld out %d \n",HWSign_hd->in,HWSign_hd->buff_que->size(),HWSign_hd->out); - tcp=0; - HWSign_hd->tcp=tcp; + DEBUGL("verify input: in %d que %ld out %d \n", HWSign_hd->in, HWSign_hd->buff_que->size(), HWSign_hd->out); + tcp = 0; + HWSign_hd->tcp = tcp; uint8_t offset; - if (tcp) offset=16; - else offset=12; - if (len<=offset) { - return -3; - } + if (tcp) + offset = 16; + else + offset = 12; + if (len <= offset) { return -3; } - uint8_t payload_type=buf[1]& 0x7f; + uint8_t payload_type = buf[1] & 0x7f; - switch (payload_type) - { - case 99: //h264 - if (HWSign_hd->track_type!=CodecId::CodecH264) - { - HWSign_hd->track_type=CodecId::CodecH264; + switch (payload_type) { + case 99://h264 + if (HWSign_hd->track_type != CodecId::CodecH264) { + HWSign_hd->track_type = CodecId::CodecH264; DEBUGL("Track type is changed to H.264"); } - ret=HWVerify_rtp_264(HWSign_hd,buf,len,tcp,param); + ret = HWVerify_rtp_264(HWSign_hd, buf, len, tcp, param); break; - case 103 ... 108: //h265 - if (HWSign_hd->track_type!=CodecId::CodecH265) - { - HWSign_hd->track_type=CodecId::CodecH265; + case 103 ... 108://h265 + if (HWSign_hd->track_type != CodecId::CodecH265) { + HWSign_hd->track_type = CodecId::CodecH265; DEBUGL("Track type is changed to H.265"); } - ret=HWVerify_rtp_265(HWSign_hd,buf,len,tcp,param); + ret = HWVerify_rtp_265(HWSign_hd, buf, len, tcp, param); break; - case 0 ... 95: // standard type + case 0 ... 95:// standard type return 0; break; default: return 0; - WRNGL("Error !!!!!!!!!! Unsupport track type: %u \n",payload_type); + WRNGL("Error !!!!!!!!!! Unsupport track type: %u \n", payload_type); break; } - return ret; -} \ No newline at end of file +} diff --git a/src/SVAC/src/sm2sm3/sm2.c b/src/SVAC/src/sm2sm3/sm2.c index 8bbe99d..958e61e 100644 --- a/src/SVAC/src/sm2sm3/sm2.c +++ b/src/SVAC/src/sm2sm3/sm2.c @@ -1,215 +1,199 @@ -#include -#include -#include "typedef.h" +#include "sm2.h" #include "big.h" #include "ecc.h" -#include "sm2.h" #include "sm3.h" +#include "typedef.h" +#include +#include static struct ecc_curve sm2_curve = { - ECC_MAX_DIGITS, - { - { - 0x715A4589334C74C7ull, 0x8FE30BBFF2660BE1ull, - 0x5F9904466A39C994ull, 0x32C4AE2C1F198119ull - }, - { - 0x02DF32E52139F0A0ull, 0xD0A9877CC62A4740ull, - 0x59BDCEE36B692153ull, 0xBC3736A2F4F6779Cull - }, - }, - { - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0x53BBF40939D54123ull, 0x7203DF6B21C6052Bull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0x0000000000000001ull, 0x0000000000000000ull, - 0x0000000000000000ull, 0x0000000000000000ull, - }, - { - 0xFFFFFFFFFFFFFFFCull, 0xFFFFFFFF00000000ull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0xDDBCBD414D940E93ull, 0xF39789F515AB8F92ull, - 0x4D5A9E4BCF6509A7ull, 0x28E9FA9E9D9F5E34ull - }, + ECC_MAX_DIGITS, + { + {0x715A4589334C74C7ull, 0x8FE30BBFF2660BE1ull, 0x5F9904466A39C994ull, 0x32C4AE2C1F198119ull}, + {0x02DF32E52139F0A0ull, 0xD0A9877CC62A4740ull, 0x59BDCEE36B692153ull, 0xBC3736A2F4F6779Cull}, + }, + {0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + {0x53BBF40939D54123ull, 0x7203DF6B21C6052Bull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + { + 0x0000000000000001ull, + 0x0000000000000000ull, + 0x0000000000000000ull, + 0x0000000000000000ull, + }, + {0xFFFFFFFFFFFFFFFCull, 0xFFFFFFFF00000000ull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + {0xDDBCBD414D940E93ull, 0xF39789F515AB8F92ull, 0x4D5A9E4BCF6509A7ull, 0x28E9FA9E9D9F5E34ull}, }; -void sm2_w(u64 *result, u64 *x) +void +sm2_w(u64 *result, u64 *x) { - result[0] = x[0]; - result[1] = x[1]; - result[1] |= 0x80; - result[2] = 0; - result[3] = 0; + result[0] = x[0]; + result[1] = x[1]; + result[1] |= 0x80; + result[2] = 0; + result[3] = 0; } -void sm3_kdf(u8 *Z ,u32 zlen, u8 *K, u32 klen) +void +sm3_kdf(u8 *Z, u32 zlen, u8 *K, u32 klen) { - u32 ct = 0x00000001; - u8 ct_char[32]; - u8 *hash = K ; - u32 i, t; - struct sm3_ctx md[1]; + u32 ct = 0x00000001; + u8 ct_char[32]; + u8 *hash = K; + u32 i, t; + struct sm3_ctx md[1]; - t = klen/ECC_NUMWORD; - //s4: K=Ha1||Ha2||... - for (i = 0; i < t; i++) { - //s2: Hai=Hv(Z||ct) - sm3_init(md); - sm3_update(md, Z, zlen); - put_unaligned_be32(ct, ct_char); - sm3_update(md, ct_char, 4); - sm3_final(md, hash); - hash += 32; - ct++; - } + t = klen / ECC_NUMWORD; + //s4: K=Ha1||Ha2||... + for (i = 0; i < t; i++) { + //s2: Hai=Hv(Z||ct) + sm3_init(md); + sm3_update(md, Z, zlen); + put_unaligned_be32(ct, ct_char); + sm3_update(md, ct_char, 4); + sm3_final(md, hash); + hash += 32; + ct++; + } - t = klen%ECC_NUMBITS; - if (t) { - sm3_init(md); - sm3_update(md, Z, zlen); - put_unaligned_be32(ct, ct_char); - sm3_update(md, ct_char, 4); - sm3_final(md, ct_char); - memcpy(hash, ct_char, t); - } + t = klen % ECC_NUMBITS; + if (t) { + sm3_init(md); + sm3_update(md, Z, zlen); + put_unaligned_be32(ct, ct_char); + sm3_update(md, ct_char, 4); + sm3_final(md, ct_char); + memcpy(hash, ct_char, t); + } } -void sm3_z(u8 *id, u32 idlen, ecc_point *pub, u8 *hash) +void +sm3_z(u8 *id, u32 idlen, ecc_point *pub, u8 *hash) { - u8 a[ECC_NUMWORD]; - u8 b[ECC_NUMWORD]; - u8 x[ECC_NUMWORD]; - u8 y[ECC_NUMWORD]; - u8 idlen_char[2]; - struct sm3_ctx md[1]; + u8 a[ECC_NUMWORD]; + u8 b[ECC_NUMWORD]; + u8 x[ECC_NUMWORD]; + u8 y[ECC_NUMWORD]; + u8 idlen_char[2]; + struct sm3_ctx md[1]; - put_unaligned_be16(idlen<<3, idlen_char); + put_unaligned_be16(idlen << 3, idlen_char); - ecc_bytes2native((u64*)a, sm2_curve.a, sm2_curve.ndigits); - ecc_bytes2native((u64*)b, sm2_curve.b, sm2_curve.ndigits); - ecc_bytes2native((u64*)x, sm2_curve.g.x, sm2_curve.ndigits); - ecc_bytes2native((u64*)y, sm2_curve.g.y, sm2_curve.ndigits); + ecc_bytes2native((u64 *) a, sm2_curve.a, sm2_curve.ndigits); + ecc_bytes2native((u64 *) b, sm2_curve.b, sm2_curve.ndigits); + ecc_bytes2native((u64 *) x, sm2_curve.g.x, sm2_curve.ndigits); + ecc_bytes2native((u64 *) y, sm2_curve.g.y, sm2_curve.ndigits); - sm3_init(md); - sm3_update(md, idlen_char, 2); - sm3_update(md, id, idlen); - sm3_update(md, a, ECC_NUMWORD); - sm3_update(md, b, ECC_NUMWORD); - sm3_update(md, x, ECC_NUMWORD); - sm3_update(md, y, ECC_NUMWORD); - sm3_update(md, (u8*)pub->x, ECC_NUMWORD); - sm3_update(md, (u8*)pub->y, ECC_NUMWORD); - sm3_final(md, hash); + sm3_init(md); + sm3_update(md, idlen_char, 2); + sm3_update(md, id, idlen); + sm3_update(md, a, ECC_NUMWORD); + sm3_update(md, b, ECC_NUMWORD); + sm3_update(md, x, ECC_NUMWORD); + sm3_update(md, y, ECC_NUMWORD); + sm3_update(md, (u8 *) pub->x, ECC_NUMWORD); + sm3_update(md, (u8 *) pub->y, ECC_NUMWORD); + sm3_final(md, hash); - return; + return; } -int sm2_valid_public_key(ecc_point *publicKey) +int +sm2_valid_public_key(ecc_point *publicKey) { - u64 na[ECC_MAX_DIGITS] = {3}; /* a mod p = (-3) mod p */ - u64 tmp1[ECC_MAX_DIGITS]; - u64 tmp2[ECC_MAX_DIGITS]; + u64 na[ECC_MAX_DIGITS] = {3}; /* a mod p = (-3) mod p */ + u64 tmp1[ECC_MAX_DIGITS]; + u64 tmp2[ECC_MAX_DIGITS]; - if (ecc_point_is_zero(&sm2_curve, publicKey)) - return 1; + if (ecc_point_is_zero(&sm2_curve, publicKey)) return 1; - if (vli_cmp(sm2_curve.p, publicKey->x, sm2_curve.ndigits) != 1 - || vli_cmp(sm2_curve.p, publicKey->y, sm2_curve.ndigits) != 1) - return 1; + if (vli_cmp(sm2_curve.p, publicKey->x, sm2_curve.ndigits) != 1 + || vli_cmp(sm2_curve.p, publicKey->y, sm2_curve.ndigits) != 1) + return 1; - /* tmp1 = y^2 */ - vli_mod_square_fast(tmp1, publicKey->y, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^2 */ - vli_mod_square_fast(tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^2 + a = x^2 - 3 */ - vli_mod_sub(tmp2, tmp2, na, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^3 + ax */ - vli_mod_mult_fast(tmp2, tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^3 + ax + b */ - vli_mod_add(tmp2, tmp2, sm2_curve.b, sm2_curve.p, sm2_curve.ndigits); + /* tmp1 = y^2 */ + vli_mod_square_fast(tmp1, publicKey->y, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^2 */ + vli_mod_square_fast(tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^2 + a = x^2 - 3 */ + vli_mod_sub(tmp2, tmp2, na, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^3 + ax */ + vli_mod_mult_fast(tmp2, tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^3 + ax + b */ + vli_mod_add(tmp2, tmp2, sm2_curve.b, sm2_curve.p, sm2_curve.ndigits); - /* Make sure that y^2 == x^3 + ax + b */ - if (vli_cmp(tmp1, tmp2, sm2_curve.ndigits) != 0) - return 1; + /* Make sure that y^2 == x^3 + ax + b */ + if (vli_cmp(tmp1, tmp2, sm2_curve.ndigits) != 0) return 1; - return 0; + return 0; } -int sm2_verify(ecc_point *pubkey, u8 *hash_, u8 *r_, u8 *s_) +int +sm2_verify(ecc_point *pubkey, u8 *hash_, u8 *r_, u8 *s_) { - ecc_point result; - ecc_point pub[1]; - u64 t[ECC_MAX_DIGITS]; - u64 r[ECC_MAX_DIGITS]; - u64 s[ECC_MAX_DIGITS]; - u64 hash[ECC_MAX_DIGITS]; + ecc_point result; + ecc_point pub[1]; + u64 t[ECC_MAX_DIGITS]; + u64 r[ECC_MAX_DIGITS]; + u64 s[ECC_MAX_DIGITS]; + u64 hash[ECC_MAX_DIGITS]; - ecc_bytes2native(pub->x, pubkey->x, sm2_curve.ndigits); - ecc_bytes2native(pub->y, pubkey->y, sm2_curve.ndigits); - ecc_bytes2native(r, r_, sm2_curve.ndigits); - ecc_bytes2native(s, s_, sm2_curve.ndigits); - ecc_bytes2native(hash, hash_, sm2_curve.ndigits); + ecc_bytes2native(pub->x, pubkey->x, sm2_curve.ndigits); + ecc_bytes2native(pub->y, pubkey->y, sm2_curve.ndigits); + ecc_bytes2native(r, r_, sm2_curve.ndigits); + ecc_bytes2native(s, s_, sm2_curve.ndigits); + ecc_bytes2native(hash, hash_, sm2_curve.ndigits); - if (vli_is_zero(r, sm2_curve.ndigits) || vli_is_zero(s, sm2_curve.ndigits)) { - /* r, s must not be 0. */ - return -1; - } + if (vli_is_zero(r, sm2_curve.ndigits) || vli_is_zero(s, sm2_curve.ndigits)) { + /* r, s must not be 0. */ + return -1; + } - if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1 - || vli_cmp(sm2_curve.n, s, sm2_curve.ndigits) != 1) { - /* r, s must be < n. */ - return -1; - } + if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1 || vli_cmp(sm2_curve.n, s, sm2_curve.ndigits) != 1) { + /* r, s must be < n. */ + return -1; + } - vli_mod_add(t, r, s, sm2_curve.n, sm2_curve.ndigits); // r + s - if (t == 0) - return -1; + vli_mod_add(t, r, s, sm2_curve.n, sm2_curve.ndigits);// r + s + if (t == 0) return -1; - ecc_point_mult2(&sm2_curve, &result, &sm2_curve.g, pub, s, t); + ecc_point_mult2(&sm2_curve, &result, &sm2_curve.g, pub, s, t); - /* v = x1 + e (mod n) */ - vli_mod_add(result.x, result.x, hash, sm2_curve.n, sm2_curve.ndigits); + /* v = x1 + e (mod n) */ + vli_mod_add(result.x, result.x, hash, sm2_curve.n, sm2_curve.ndigits); - if(vli_cmp(sm2_curve.n, result.x, sm2_curve.ndigits) != 1) { - vli_sub(result.x, result.x, sm2_curve.n, sm2_curve.ndigits); - } + if (vli_cmp(sm2_curve.n, result.x, sm2_curve.ndigits) != 1) { + vli_sub(result.x, result.x, sm2_curve.n, sm2_curve.ndigits); + } - /* Accept only if v == r. */ - return vli_cmp(result.x, r, sm2_curve.ndigits); + /* Accept only if v == r. */ + return vli_cmp(result.x, r, sm2_curve.ndigits); } -int do_sm2_verify(char *pubkey, char *data_addr, int data_len, char *sign_addr) +int +do_sm2_verify(char *pubkey, char *data_addr, int data_len, char *sign_addr) { - int ret = -1; - struct sm3_ctx sm3_ctx; - unsigned char ios_hash[32]; - u8 ios_Z[ECC_NUMWORD]; - ecc_point ios_pub; - unsigned char sign_data[64]; + int ret = -1; + struct sm3_ctx sm3_ctx; + unsigned char ios_hash[32]; + u8 ios_Z[ECC_NUMWORD]; + ecc_point ios_pub; + unsigned char sign_data[64]; - memcpy(&ios_pub, pubkey, 64); + memcpy(&ios_pub, pubkey, 64); - ret = sm3_init(&sm3_ctx); - sm3_z((u8 *)"1234567812345678", 16, &ios_pub, ios_Z); - sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); - sm3_update(&sm3_ctx, data_addr, data_len); - sm3_final(&sm3_ctx, ios_hash); - memcpy(sign_data, sign_addr, 64); + ret = sm3_init(&sm3_ctx); + sm3_z((u8 *) "1234567812345678", 16, &ios_pub, ios_Z); + sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); + sm3_update(&sm3_ctx, (const u8 *) data_addr, data_len); + sm3_final(&sm3_ctx, ios_hash); + memcpy(sign_data, sign_addr, 64); - ret = sm2_verify(pubkey, ios_hash, sign_data, sign_data + 32); - if (ret) - { - //printf("verify err ret = %d\n", ret); - return -1; - } + ret = sm2_verify((ecc_point *) pubkey, ios_hash, sign_data, sign_data + 32); + if (ret) { + //printf("verify err ret = %d\n", ret); + return -1; + } - return 0; + return 0; } - diff --git a/src/SVAC/src/sm2sm3/sm4.c b/src/SVAC/src/sm2sm3/sm4.c index 4bf8350..a2948aa 100644 --- a/src/SVAC/src/sm2sm3/sm4.c +++ b/src/SVAC/src/sm2sm3/sm4.c @@ -1,116 +1,95 @@ #include +#include -#define SM4_KEY_SCHEDULE 32 +#define SM4_KEY_SCHEDULE 32 typedef struct SM4_KEY_st { unsigned int rk[SM4_KEY_SCHEDULE]; } SM4_KEY; -typedef void (*block128_f) (const unsigned char in[16], - unsigned char out[16], const void *key); +typedef void (*block128_f)(const unsigned char in[16], unsigned char out[16], const void *key); static const unsigned char SM4_S[256] = { - 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, - 0x28, 0xFB, 0x2C, 0x05, 0x2B, 0x67, 0x9A, 0x76, 0x2A, 0xBE, 0x04, 0xC3, - 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, 0x9C, 0x42, 0x50, 0xF4, - 0x91, 0xEF, 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, - 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, 0xDF, 0x94, 0xFA, - 0x75, 0x8F, 0x3F, 0xA6, 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, - 0x83, 0x59, 0x3C, 0x19, 0xE6, 0x85, 0x4F, 0xA8, 0x68, 0x6B, 0x81, 0xB2, - 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, 0x35, - 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, - 0x01, 0x21, 0x78, 0x87, 0xD4, 0x00, 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, - 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, 0xEA, 0xBF, 0x8A, 0xD2, - 0x40, 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, - 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, 0xAD, 0x93, 0x32, 0x30, - 0xF5, 0x8C, 0xB1, 0xE3, 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, - 0xC0, 0x29, 0x23, 0xAB, 0x0D, 0x53, 0x4E, 0x6F, 0xD5, 0xDB, 0x37, 0x45, - 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, 0x5B, 0x51, - 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, - 0x1F, 0x10, 0x5A, 0xD8, 0x0A, 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, - 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, 0x89, 0x69, 0x97, 0x4A, - 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, - 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, 0x20, 0x79, 0xEE, 0x5F, 0x3E, - 0xD7, 0xCB, 0x39, 0x48 -}; + 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, 0x28, 0xFB, 0x2C, 0x05, 0x2B, 0x67, 0x9A, + 0x76, 0x2A, 0xBE, 0x04, 0xC3, 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, 0x9C, 0x42, 0x50, 0xF4, 0x91, 0xEF, + 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, + 0xDF, 0x94, 0xFA, 0x75, 0x8F, 0x3F, 0xA6, 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, 0x83, 0x59, 0x3C, 0x19, + 0xE6, 0x85, 0x4F, 0xA8, 0x68, 0x6B, 0x81, 0xB2, 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, + 0x35, 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, 0x01, 0x21, 0x78, 0x87, 0xD4, 0x00, + 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, 0xEA, 0xBF, 0x8A, 0xD2, 0x40, + 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, + 0xAD, 0x93, 0x32, 0x30, 0xF5, 0x8C, 0xB1, 0xE3, 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, 0xC0, 0x29, 0x23, + 0xAB, 0x0D, 0x53, 0x4E, 0x6F, 0xD5, 0xDB, 0x37, 0x45, 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, + 0x5B, 0x51, 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, 0x1F, 0x10, 0x5A, 0xD8, 0x0A, + 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, 0x89, 0x69, 0x97, 0x4A, + 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, + 0x20, 0x79, 0xEE, 0x5F, 0x3E, 0xD7, 0xCB, 0x39, 0x48}; /* * SM4_SBOX_T[j] == L(SM4_SBOX[j]). */ static const unsigned int SM4_SBOX_T[256] = { - 0x8ED55B5B, 0xD0924242, 0x4DEAA7A7, 0x06FDFBFB, 0xFCCF3333, 0x65E28787, - 0xC93DF4F4, 0x6BB5DEDE, 0x4E165858, 0x6EB4DADA, 0x44145050, 0xCAC10B0B, - 0x8828A0A0, 0x17F8EFEF, 0x9C2CB0B0, 0x11051414, 0x872BACAC, 0xFB669D9D, - 0xF2986A6A, 0xAE77D9D9, 0x822AA8A8, 0x46BCFAFA, 0x14041010, 0xCFC00F0F, - 0x02A8AAAA, 0x54451111, 0x5F134C4C, 0xBE269898, 0x6D482525, 0x9E841A1A, - 0x1E061818, 0xFD9B6666, 0xEC9E7272, 0x4A430909, 0x10514141, 0x24F7D3D3, - 0xD5934646, 0x53ECBFBF, 0xF89A6262, 0x927BE9E9, 0xFF33CCCC, 0x04555151, - 0x270B2C2C, 0x4F420D0D, 0x59EEB7B7, 0xF3CC3F3F, 0x1CAEB2B2, 0xEA638989, - 0x74E79393, 0x7FB1CECE, 0x6C1C7070, 0x0DABA6A6, 0xEDCA2727, 0x28082020, - 0x48EBA3A3, 0xC1975656, 0x80820202, 0xA3DC7F7F, 0xC4965252, 0x12F9EBEB, - 0xA174D5D5, 0xB38D3E3E, 0xC33FFCFC, 0x3EA49A9A, 0x5B461D1D, 0x1B071C1C, - 0x3BA59E9E, 0x0CFFF3F3, 0x3FF0CFCF, 0xBF72CDCD, 0x4B175C5C, 0x52B8EAEA, - 0x8F810E0E, 0x3D586565, 0xCC3CF0F0, 0x7D196464, 0x7EE59B9B, 0x91871616, - 0x734E3D3D, 0x08AAA2A2, 0xC869A1A1, 0xC76AADAD, 0x85830606, 0x7AB0CACA, - 0xB570C5C5, 0xF4659191, 0xB2D96B6B, 0xA7892E2E, 0x18FBE3E3, 0x47E8AFAF, - 0x330F3C3C, 0x674A2D2D, 0xB071C1C1, 0x0E575959, 0xE99F7676, 0xE135D4D4, - 0x661E7878, 0xB4249090, 0x360E3838, 0x265F7979, 0xEF628D8D, 0x38596161, - 0x95D24747, 0x2AA08A8A, 0xB1259494, 0xAA228888, 0x8C7DF1F1, 0xD73BECEC, - 0x05010404, 0xA5218484, 0x9879E1E1, 0x9B851E1E, 0x84D75353, 0x00000000, - 0x5E471919, 0x0B565D5D, 0xE39D7E7E, 0x9FD04F4F, 0xBB279C9C, 0x1A534949, - 0x7C4D3131, 0xEE36D8D8, 0x0A020808, 0x7BE49F9F, 0x20A28282, 0xD4C71313, - 0xE8CB2323, 0xE69C7A7A, 0x42E9ABAB, 0x43BDFEFE, 0xA2882A2A, 0x9AD14B4B, - 0x40410101, 0xDBC41F1F, 0xD838E0E0, 0x61B7D6D6, 0x2FA18E8E, 0x2BF4DFDF, - 0x3AF1CBCB, 0xF6CD3B3B, 0x1DFAE7E7, 0xE5608585, 0x41155454, 0x25A38686, - 0x60E38383, 0x16ACBABA, 0x295C7575, 0x34A69292, 0xF7996E6E, 0xE434D0D0, - 0x721A6868, 0x01545555, 0x19AFB6B6, 0xDF914E4E, 0xFA32C8C8, 0xF030C0C0, - 0x21F6D7D7, 0xBC8E3232, 0x75B3C6C6, 0x6FE08F8F, 0x691D7474, 0x2EF5DBDB, - 0x6AE18B8B, 0x962EB8B8, 0x8A800A0A, 0xFE679999, 0xE2C92B2B, 0xE0618181, - 0xC0C30303, 0x8D29A4A4, 0xAF238C8C, 0x07A9AEAE, 0x390D3434, 0x1F524D4D, - 0x764F3939, 0xD36EBDBD, 0x81D65757, 0xB7D86F6F, 0xEB37DCDC, 0x51441515, - 0xA6DD7B7B, 0x09FEF7F7, 0xB68C3A3A, 0x932FBCBC, 0x0F030C0C, 0x03FCFFFF, - 0xC26BA9A9, 0xBA73C9C9, 0xD96CB5B5, 0xDC6DB1B1, 0x375A6D6D, 0x15504545, - 0xB98F3636, 0x771B6C6C, 0x13ADBEBE, 0xDA904A4A, 0x57B9EEEE, 0xA9DE7777, - 0x4CBEF2F2, 0x837EFDFD, 0x55114444, 0xBDDA6767, 0x2C5D7171, 0x45400505, - 0x631F7C7C, 0x50104040, 0x325B6969, 0xB8DB6363, 0x220A2828, 0xC5C20707, - 0xF531C4C4, 0xA88A2222, 0x31A79696, 0xF9CE3737, 0x977AEDED, 0x49BFF6F6, - 0x992DB4B4, 0xA475D1D1, 0x90D34343, 0x5A124848, 0x58BAE2E2, 0x71E69797, - 0x64B6D2D2, 0x70B2C2C2, 0xAD8B2626, 0xCD68A5A5, 0xCB955E5E, 0x624B2929, - 0x3C0C3030, 0xCE945A5A, 0xAB76DDDD, 0x867FF9F9, 0xF1649595, 0x5DBBE6E6, - 0x35F2C7C7, 0x2D092424, 0xD1C61717, 0xD66FB9B9, 0xDEC51B1B, 0x94861212, - 0x78186060, 0x30F3C3C3, 0x897CF5F5, 0x5CEFB3B3, 0xD23AE8E8, 0xACDF7373, - 0x794C3535, 0xA0208080, 0x9D78E5E5, 0x56EDBBBB, 0x235E7D7D, 0xC63EF8F8, - 0x8BD45F5F, 0xE7C82F2F, 0xDD39E4E4, 0x68492121 }; + 0x8ED55B5B, 0xD0924242, 0x4DEAA7A7, 0x06FDFBFB, 0xFCCF3333, 0x65E28787, 0xC93DF4F4, 0x6BB5DEDE, 0x4E165858, + 0x6EB4DADA, 0x44145050, 0xCAC10B0B, 0x8828A0A0, 0x17F8EFEF, 0x9C2CB0B0, 0x11051414, 0x872BACAC, 0xFB669D9D, + 0xF2986A6A, 0xAE77D9D9, 0x822AA8A8, 0x46BCFAFA, 0x14041010, 0xCFC00F0F, 0x02A8AAAA, 0x54451111, 0x5F134C4C, + 0xBE269898, 0x6D482525, 0x9E841A1A, 0x1E061818, 0xFD9B6666, 0xEC9E7272, 0x4A430909, 0x10514141, 0x24F7D3D3, + 0xD5934646, 0x53ECBFBF, 0xF89A6262, 0x927BE9E9, 0xFF33CCCC, 0x04555151, 0x270B2C2C, 0x4F420D0D, 0x59EEB7B7, + 0xF3CC3F3F, 0x1CAEB2B2, 0xEA638989, 0x74E79393, 0x7FB1CECE, 0x6C1C7070, 0x0DABA6A6, 0xEDCA2727, 0x28082020, + 0x48EBA3A3, 0xC1975656, 0x80820202, 0xA3DC7F7F, 0xC4965252, 0x12F9EBEB, 0xA174D5D5, 0xB38D3E3E, 0xC33FFCFC, + 0x3EA49A9A, 0x5B461D1D, 0x1B071C1C, 0x3BA59E9E, 0x0CFFF3F3, 0x3FF0CFCF, 0xBF72CDCD, 0x4B175C5C, 0x52B8EAEA, + 0x8F810E0E, 0x3D586565, 0xCC3CF0F0, 0x7D196464, 0x7EE59B9B, 0x91871616, 0x734E3D3D, 0x08AAA2A2, 0xC869A1A1, + 0xC76AADAD, 0x85830606, 0x7AB0CACA, 0xB570C5C5, 0xF4659191, 0xB2D96B6B, 0xA7892E2E, 0x18FBE3E3, 0x47E8AFAF, + 0x330F3C3C, 0x674A2D2D, 0xB071C1C1, 0x0E575959, 0xE99F7676, 0xE135D4D4, 0x661E7878, 0xB4249090, 0x360E3838, + 0x265F7979, 0xEF628D8D, 0x38596161, 0x95D24747, 0x2AA08A8A, 0xB1259494, 0xAA228888, 0x8C7DF1F1, 0xD73BECEC, + 0x05010404, 0xA5218484, 0x9879E1E1, 0x9B851E1E, 0x84D75353, 0x00000000, 0x5E471919, 0x0B565D5D, 0xE39D7E7E, + 0x9FD04F4F, 0xBB279C9C, 0x1A534949, 0x7C4D3131, 0xEE36D8D8, 0x0A020808, 0x7BE49F9F, 0x20A28282, 0xD4C71313, + 0xE8CB2323, 0xE69C7A7A, 0x42E9ABAB, 0x43BDFEFE, 0xA2882A2A, 0x9AD14B4B, 0x40410101, 0xDBC41F1F, 0xD838E0E0, + 0x61B7D6D6, 0x2FA18E8E, 0x2BF4DFDF, 0x3AF1CBCB, 0xF6CD3B3B, 0x1DFAE7E7, 0xE5608585, 0x41155454, 0x25A38686, + 0x60E38383, 0x16ACBABA, 0x295C7575, 0x34A69292, 0xF7996E6E, 0xE434D0D0, 0x721A6868, 0x01545555, 0x19AFB6B6, + 0xDF914E4E, 0xFA32C8C8, 0xF030C0C0, 0x21F6D7D7, 0xBC8E3232, 0x75B3C6C6, 0x6FE08F8F, 0x691D7474, 0x2EF5DBDB, + 0x6AE18B8B, 0x962EB8B8, 0x8A800A0A, 0xFE679999, 0xE2C92B2B, 0xE0618181, 0xC0C30303, 0x8D29A4A4, 0xAF238C8C, + 0x07A9AEAE, 0x390D3434, 0x1F524D4D, 0x764F3939, 0xD36EBDBD, 0x81D65757, 0xB7D86F6F, 0xEB37DCDC, 0x51441515, + 0xA6DD7B7B, 0x09FEF7F7, 0xB68C3A3A, 0x932FBCBC, 0x0F030C0C, 0x03FCFFFF, 0xC26BA9A9, 0xBA73C9C9, 0xD96CB5B5, + 0xDC6DB1B1, 0x375A6D6D, 0x15504545, 0xB98F3636, 0x771B6C6C, 0x13ADBEBE, 0xDA904A4A, 0x57B9EEEE, 0xA9DE7777, + 0x4CBEF2F2, 0x837EFDFD, 0x55114444, 0xBDDA6767, 0x2C5D7171, 0x45400505, 0x631F7C7C, 0x50104040, 0x325B6969, + 0xB8DB6363, 0x220A2828, 0xC5C20707, 0xF531C4C4, 0xA88A2222, 0x31A79696, 0xF9CE3737, 0x977AEDED, 0x49BFF6F6, + 0x992DB4B4, 0xA475D1D1, 0x90D34343, 0x5A124848, 0x58BAE2E2, 0x71E69797, 0x64B6D2D2, 0x70B2C2C2, 0xAD8B2626, + 0xCD68A5A5, 0xCB955E5E, 0x624B2929, 0x3C0C3030, 0xCE945A5A, 0xAB76DDDD, 0x867FF9F9, 0xF1649595, 0x5DBBE6E6, + 0x35F2C7C7, 0x2D092424, 0xD1C61717, 0xD66FB9B9, 0xDEC51B1B, 0x94861212, 0x78186060, 0x30F3C3C3, 0x897CF5F5, + 0x5CEFB3B3, 0xD23AE8E8, 0xACDF7373, 0x794C3535, 0xA0208080, 0x9D78E5E5, 0x56EDBBBB, 0x235E7D7D, 0xC63EF8F8, + 0x8BD45F5F, 0xE7C82F2F, 0xDD39E4E4, 0x68492121}; -static unsigned int rotl(unsigned int a, unsigned char n) +static unsigned int +rotl(unsigned int a, unsigned char n) { return (a << n) | (a >> (32 - n)); } -static unsigned int load_u32_be(const unsigned char *b, unsigned int n) +static unsigned int +load_u32_be(const unsigned char *b, unsigned int n) { - return ((unsigned int)b[4 * n] << 24) | - ((unsigned int)b[4 * n + 1] << 16) | - ((unsigned int)b[4 * n + 2] << 8) | - ((unsigned int)b[4 * n + 3]); + return ((unsigned int) b[4 * n] << 24) | ((unsigned int) b[4 * n + 1] << 16) | ((unsigned int) b[4 * n + 2] << 8) + | ((unsigned int) b[4 * n + 3]); } -static void store_u32_be(unsigned int v, unsigned char *b) +static void +store_u32_be(unsigned int v, unsigned char *b) { - b[0] = (unsigned char)(v >> 24); - b[1] = (unsigned char)(v >> 16); - b[2] = (unsigned char)(v >> 8); - b[3] = (unsigned char)(v); + b[0] = (unsigned char) (v >> 24); + b[1] = (unsigned char) (v >> 16); + b[2] = (unsigned char) (v >> 8); + b[3] = (unsigned char) (v); } -static unsigned int SM4_T_slow(unsigned int X) +static unsigned int +SM4_T_slow(unsigned int X) { unsigned int t = 0; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 24)]) << 24; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 16)]) << 16; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 8)]) << 8; - t |= SM4_S[(unsigned char)X]; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 24)]) << 24; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 16)]) << 16; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 8)]) << 8; + t |= SM4_S[(unsigned char) X]; /* * L linear transform @@ -118,35 +97,29 @@ static unsigned int SM4_T_slow(unsigned int X) return t ^ rotl(t, 2) ^ rotl(t, 10) ^ rotl(t, 18) ^ rotl(t, 24); } -static unsigned int SM4_T(unsigned int X) +static unsigned int +SM4_T(unsigned int X) { - return SM4_SBOX_T[(unsigned char)(X >> 24)] ^ - rotl(SM4_SBOX_T[(unsigned char)(X >> 16)], 24) ^ - rotl(SM4_SBOX_T[(unsigned char)(X >> 8)], 16) ^ - rotl(SM4_SBOX_T[(unsigned char)X], 8); + return SM4_SBOX_T[(unsigned char) (X >> 24)] ^ rotl(SM4_SBOX_T[(unsigned char) (X >> 16)], 24) + ^ rotl(SM4_SBOX_T[(unsigned char) (X >> 8)], 16) ^ rotl(SM4_SBOX_T[(unsigned char) X], 8); } -static int SM4_set_key(const unsigned char *key, SM4_KEY *ks) +static int +SM4_set_key(const unsigned char *key, SM4_KEY *ks) { /* * Family Key */ - static const unsigned int FK[4] = - { 0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc }; + static const unsigned int FK[4] = {0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc}; /* * Constant Key */ static const unsigned int CK[32] = { - 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, - 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, - 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, - 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, - 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, - 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, - 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, - 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279 - }; + 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, + 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, + 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, + 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279}; unsigned int K[4]; int i; @@ -160,10 +133,10 @@ static int SM4_set_key(const unsigned char *key, SM4_KEY *ks) unsigned int X = K[(i + 1) % 4] ^ K[(i + 2) % 4] ^ K[(i + 3) % 4] ^ CK[i]; unsigned int t = 0; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 24)]) << 24; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 16)]) << 16; - t |= ((unsigned int)SM4_S[(unsigned char)(X >> 8)]) << 8; - t |= SM4_S[(unsigned char)X]; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 24)]) << 24; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 16)]) << 16; + t |= ((unsigned int) SM4_S[(unsigned char) (X >> 8)]) << 8; + t |= SM4_S[(unsigned char) X]; t = t ^ rotl(t, 13) ^ rotl(t, 23); K[i % 4] ^= t; @@ -173,15 +146,16 @@ static int SM4_set_key(const unsigned char *key, SM4_KEY *ks) return 1; } -#define SM4_RNDS(k0, k1, k2, k3, F) \ - do { \ - B0 ^= F(B1 ^ B2 ^ B3 ^ ks->rk[k0]); \ - B1 ^= F(B0 ^ B2 ^ B3 ^ ks->rk[k1]); \ - B2 ^= F(B0 ^ B1 ^ B3 ^ ks->rk[k2]); \ - B3 ^= F(B0 ^ B1 ^ B2 ^ ks->rk[k3]); \ - } while(0) +#define SM4_RNDS(k0, k1, k2, k3, F) \ + do { \ + B0 ^= F(B1 ^ B2 ^ B3 ^ ks->rk[k0]); \ + B1 ^= F(B0 ^ B2 ^ B3 ^ ks->rk[k1]); \ + B2 ^= F(B0 ^ B1 ^ B3 ^ ks->rk[k2]); \ + B3 ^= F(B0 ^ B1 ^ B2 ^ ks->rk[k3]); \ + } while (0) -static void SM4_encrypt(const unsigned char *in, unsigned char *out, const SM4_KEY *ks) +static void +SM4_encrypt(const unsigned char *in, unsigned char *out, const SM4_KEY *ks) { unsigned int B0 = load_u32_be(in, 0); unsigned int B1 = load_u32_be(in, 1); @@ -192,9 +166,9 @@ static void SM4_encrypt(const unsigned char *in, unsigned char *out, const SM4_K * Uses byte-wise sbox in the first and last rounds to provide some * protection from cache based side channels. */ - SM4_RNDS( 0, 1, 2, 3, SM4_T_slow); - SM4_RNDS( 4, 5, 6, 7, SM4_T); - SM4_RNDS( 8, 9, 10, 11, SM4_T); + SM4_RNDS(0, 1, 2, 3, SM4_T_slow); + SM4_RNDS(4, 5, 6, 7, SM4_T); + SM4_RNDS(8, 9, 10, 11, SM4_T); SM4_RNDS(12, 13, 14, 15, SM4_T); SM4_RNDS(16, 17, 18, 19, SM4_T); SM4_RNDS(20, 21, 22, 23, SM4_T); @@ -207,7 +181,8 @@ static void SM4_encrypt(const unsigned char *in, unsigned char *out, const SM4_K store_u32_be(B0, out + 12); } -static void SM4_decrypt(const unsigned char *in, unsigned char *out, const SM4_KEY *ks) +static void +SM4_decrypt(const unsigned char *in, unsigned char *out, const SM4_KEY *ks) { unsigned int B0 = load_u32_be(in, 0); unsigned int B1 = load_u32_be(in, 1); @@ -219,9 +194,9 @@ static void SM4_decrypt(const unsigned char *in, unsigned char *out, const SM4_K SM4_RNDS(23, 22, 21, 20, SM4_T); SM4_RNDS(19, 18, 17, 16, SM4_T); SM4_RNDS(15, 14, 13, 12, SM4_T); - SM4_RNDS(11, 10, 9, 8, SM4_T); - SM4_RNDS( 7, 6, 5, 4, SM4_T); - SM4_RNDS( 3, 2, 1, 0, SM4_T_slow); + SM4_RNDS(11, 10, 9, 8, SM4_T); + SM4_RNDS(7, 6, 5, 4, SM4_T); + SM4_RNDS(3, 2, 1, 0, SM4_T_slow); store_u32_be(B3, out); store_u32_be(B2, out + 4); @@ -229,9 +204,14 @@ static void SM4_decrypt(const unsigned char *in, unsigned char *out, const SM4_K store_u32_be(B0, out + 12); } -static void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, block128_f block) +static void +CRYPTO_ofb128_encrypt(const unsigned char *in, + unsigned char *out, + size_t len, + const void *key, + unsigned char ivec[16], + int *num, + block128_f block) { unsigned int n; size_t l = 0; @@ -239,9 +219,7 @@ static void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, n = *num; while (l < len) { - if (n == 0) { - (*block) (ivec, ivec, key); - } + if (n == 0) { (*block)(ivec, ivec, key); } out[l] = in[l] ^ ivec[n]; ++l; n = (n + 1) % 16; @@ -250,41 +228,43 @@ static void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, *num = n; } -static int sm4_init_key(const unsigned char *key, SM4_KEY *ks) +static int +sm4_init_key(const unsigned char *key, SM4_KEY *ks) { SM4_set_key(key, ks); return 1; } -static void sm4_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const SM4_KEY *key, - unsigned char *ivec) +static void +sm4_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length, const SM4_KEY *key, unsigned char *ivec) { - int num = 0; + int num = 0; - CRYPTO_ofb128_encrypt(in, out, length, key, ivec, &num, (block128_f)SM4_encrypt); + CRYPTO_ofb128_encrypt(in, out, length, key, ivec, &num, (block128_f) SM4_encrypt); } -void do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv) +void +do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv) { - SM4_KEY ks; - char ivec[16]; + SM4_KEY ks; + char ivec[16]; - memset(&ks, 0, sizeof(SM4_KEY)); - memcpy(ivec, iv, 16); - sm4_init_key(key, &ks); - sm4_ofb128_encrypt(in_buff, out_buff, in_len, &ks, ivec); - *out_len = in_len; + memset(&ks, 0, sizeof(SM4_KEY)); + memcpy(ivec, iv, 16); + sm4_init_key(key, &ks); + sm4_ofb128_encrypt(in_buff, out_buff, in_len, &ks, ivec); + *out_len = in_len; } -void do_sm4_ecb_decrypt(const char *in_buff, char *out_buff, const char *key) +void +do_sm4_ecb_decrypt(const char *in_buff, char *out_buff, const char *key) { - SM4_KEY ks; + SM4_KEY ks; - memset(&ks, 0, sizeof(SM4_KEY)); - sm4_init_key(key, &ks); - SM4_decrypt(in_buff, out_buff, &ks); + memset(&ks, 0, sizeof(SM4_KEY)); + sm4_init_key(key, &ks); + SM4_decrypt(in_buff, out_buff, &ks); } #if 0 diff --git a/src/SVAC/src/sm2sm3/svac_dec.c b/src/SVAC/src/sm2sm3/svac_dec.c index 2945908..c6d8cfc 100644 --- a/src/SVAC/src/sm2sm3/svac_dec.c +++ b/src/SVAC/src/sm2sm3/svac_dec.c @@ -1,986 +1,916 @@ +#include "svac_dec.h" +#include "sm2.h" +#include "sm3.h" +#include #include #include -#include -#include "svac_dec.h" -#include "sm3.h" -#include "sm2.h" #define PRINT_ERR printf #define PRINT_INFO printf -#define MAGIC_VALUE 0x1234abcd +#define MAGIC_VALUE 0x1234abcd -#define NALU_MAX_NUM 100 +#define NALU_MAX_NUM 100 -#define VKEK_CACHE_NUM 300 -#define HASH_CACHE_NUM 512 +#define VKEK_CACHE_NUM 300 +#define HASH_CACHE_NUM 512 -#define SM4_OFB 0 -#define SM1_OFB 1 -#define SM4_ECB 2 -#define SM3_HASH 3 -#define SM2_SIGN 4 +#define SM4_OFB 0 +#define SM1_OFB 1 +#define SM4_ECB 2 +#define SM3_HASH 3 +#define SM2_SIGN 4 /* svac2.0 p45 */ -#define SVAC_NO_IDR_SLICE 1 -#define SVAC_IDR_SLICE 2 -#define SVAC_NO_IDR_SLICE_EXT 3 -#define SVAC_IDR_SLICE_EXT 4 -#define SVAC_SUR_SLICE 5 -#define SVAC_SEI_SLICE 6 -#define SVAC_SPS_SLICE 7 -#define SVAC_PPS_SLICE 8 -#define SVAC_SEC_SLICE 9 -#define SVAC_AUTH_SLICE 10 +#define SVAC_NO_IDR_SLICE 1 +#define SVAC_IDR_SLICE 2 +#define SVAC_NO_IDR_SLICE_EXT 3 +#define SVAC_IDR_SLICE_EXT 4 +#define SVAC_SUR_SLICE 5 +#define SVAC_SEI_SLICE 6 +#define SVAC_SPS_SLICE 7 +#define SVAC_PPS_SLICE 8 +#define SVAC_SEC_SLICE 9 +#define SVAC_AUTH_SLICE 10 -struct nalu_data -{ - char *addr; - int len; - int encryption_idc; - int authentication_idc; - int type; - int need_add_racing_code; +struct nalu_data { + char *addr; + int len; + int encryption_idc; + int authentication_idc; + int type; + int need_add_racing_code; }; -struct vkek_info -{ - char vkek[16]; - char version[32]; +struct vkek_info { + char vkek[16]; + char version[32]; }; -struct sec_param -{ - /* ��ȫ���������� */ - int encrypt_flag; //�Ƿ���� - int encrypt_type; //�����㷨 - int auth_flag; //�Ƿ�ǩ�� - int auth_type; //ǩ���㷨 - int hash_type; //ɢ���㷨 - int vek_flag; //�Ƿ����evek - int vek_encrypt_type; //vek�����㷨 - char evek[32]; //evek - int vek_len; //vek���� - char vkek_version[128]; //vkek version - int version_len; //vkek version���� - int iv_flag; //�Ƿ����iv - char iv[32]; //iv - int iv_len; //iv���� - int only_IDR; // sign only for idr - int hash_period; // sign period frame - char camera_id[20]; //����id - char camera_idc[19]; //֤��id +struct sec_param { + /* ��ȫ���������� */ + int encrypt_flag; //�Ƿ���� + int encrypt_type; //�����㷨 + int auth_flag; //�Ƿ�ǩ�� + int auth_type; //ǩ���㷨 + int hash_type; //ɢ���㷨 + int vek_flag; //�Ƿ����evek + int vek_encrypt_type; //vek�����㷨 + char evek[32]; //evek + int vek_len; //vek���� + char vkek_version[128];//vkek version + int version_len; //vkek version���� + int iv_flag; //�Ƿ����iv + char iv[32]; //iv + int iv_len; //iv���� + int only_IDR; // sign only for idr + int hash_period; // sign period frame + char camera_id[20]; //����id + char camera_idc[19]; //֤��id }; -struct hash_cache -{ - /* һ��gop���256֡ */ - char hash[32]; - int frame_num; +struct hash_cache { + /* һ��gop���256֡ */ + char hash[32]; + int frame_num; }; -struct svac_dec_handle -{ - int magic; +struct svac_dec_handle { + int magic; - /* sm2 ��Կ */ - char sm2_pubkey[64]; - /* sm2 ��Կ�Ƿ����� */ - int sm_pubkey_flag; + /* sm2 ��Կ */ + char sm2_pubkey[64]; + /* sm2 ��Կ�Ƿ����� */ + int sm_pubkey_flag; - char vek[16]; - char iv[16]; + char vek[16]; + char iv[16]; - /* process tmp data */ - struct nalu_data nalu[NALU_MAX_NUM]; - int nalu_num; - int frame_num; + /* process tmp data */ + struct nalu_data nalu[NALU_MAX_NUM]; + int nalu_num; + int frame_num; - int sign_frame_num; - char sign[128]; - int sign_len; + int sign_frame_num; + char sign[128]; + int sign_len; - /* current frame is IDR frame */ - int idr_flag; - /* current frame ���� sec nalu */ - int sec_nalu_flag; - /* current frame ���� auth nalu */ - int auth_nalu_flag; + /* current frame is IDR frame */ + int idr_flag; + /* current frame ���� sec nalu */ + int sec_nalu_flag; + /* current frame ���� auth nalu */ + int auth_nalu_flag; - /* ��ǰʹ�õİ�ȫ���� */ - struct sec_param curr_param; - /* ���յ��İ�ȫ���� */ - struct sec_param new_param; - /* ��ȫ�������±�ʶ���µ�GOP��ʼ���� */ - int sec_param_update_flag; + /* ��ǰʹ�õİ�ȫ���� */ + struct sec_param curr_param; + /* ���յ��İ�ȫ���� */ + struct sec_param new_param; + /* ��ȫ�������±�ʶ���µ�GOP��ʼ���� */ + int sec_param_update_flag; - int vkek_start; - struct vkek_info vkek_list[VKEK_CACHE_NUM]; - int find_vkek_flag; + int vkek_start; + struct vkek_info vkek_list[VKEK_CACHE_NUM]; + int find_vkek_flag; - char idr_hash[32]; - struct hash_cache cache[HASH_CACHE_NUM]; - int cache_idx; // 0 ~ HASH_CACHE_NUM - 1 + char idr_hash[32]; + struct hash_cache cache[HASH_CACHE_NUM]; + int cache_idx;// 0 ~ HASH_CACHE_NUM - 1 - PFSECURITYPARAMCB callback; - void *context; + PFSECURITYPARAMCB callback; + void *context; }; -#define CHECK_HANDLE(h) \ - do \ - { \ - if (!h || h->magic != MAGIC_VALUE) \ - { \ - PRINT_ERR("handle is error!\n"); \ - return -1; \ - } \ - } while (0) +#define CHECK_HANDLE(h) \ + do { \ + if (!h || h->magic != MAGIC_VALUE) { \ + PRINT_ERR("handle is error!\n"); \ + return -1; \ + } \ + } while (0) +int do_base64_decode(unsigned char *dst, int *dlen, unsigned char *src, int slen); +void do_sm4_ecb_decrypt(const char *in_buff, char *out_buff, const char *key); /* ��ָ����ַƫ��Ϊoffset����read ָ�����ȱ��ص����� */ -static int read_bits(char *data, int read_len, char *addr, int offset) +static int +read_bits(char *data, int read_len, char *addr, int offset) { - int offset_in_bytes = offset & 7; - int offset_of_bytes = offset / 8; + int offset_in_bytes = offset & 7; + int offset_of_bytes = offset / 8; - /* if need read twice */ - if (offset_in_bytes && offset_in_bytes + read_len > 8) - { - int second_read_len = offset_in_bytes + read_len - 8; + /* if need read twice */ + if (offset_in_bytes && offset_in_bytes + read_len > 8) { + int second_read_len = offset_in_bytes + read_len - 8; - *data = 0; - *data = (addr[offset_of_bytes] & ((1 << (8 - offset_in_bytes)) - 1)) << second_read_len; - *data |= (addr[offset_of_bytes + 1] >> (8 - second_read_len)) & ((1 << second_read_len) - 1); - } - else - { - *data = ((1 << read_len) - 1) & (addr[offset_of_bytes] >> (8 - read_len - offset_in_bytes)); - } + *data = 0; + *data = (addr[offset_of_bytes] & ((1 << (8 - offset_in_bytes)) - 1)) << second_read_len; + *data |= (addr[offset_of_bytes + 1] >> (8 - second_read_len)) & ((1 << second_read_len) - 1); + } else { + *data = ((1 << read_len) - 1) & (addr[offset_of_bytes] >> (8 - read_len - offset_in_bytes)); + } - return offset + read_len; + return offset + read_len; } -static int read_long_data_bits(int *data, int read_len, char *addr, int offset) +static int +read_long_data_bits(int *data, int read_len, char *addr, int offset) { - char tmp; - int ret_offset = 0; + char tmp; + int ret_offset = 0; - if (read_len <= 8) - { - read_len = read_bits(&tmp, read_len, addr, offset); - *data = tmp; - } - else - { - int i; - int loop; - unsigned int first_read_len = read_len & 7; + if (read_len <= 8) { + read_len = read_bits(&tmp, read_len, addr, offset); + *data = tmp; + } else { + int i; + int loop; + unsigned int first_read_len = read_len & 7; - /* ����һ�ֽڵĵ�first_read_len����*/ - if (first_read_len) - { - offset = read_bits(&tmp, first_read_len, addr, offset); - *data = tmp << (read_len - first_read_len); - } + /* ����һ�ֽڵĵ�first_read_len����*/ + if (first_read_len) { + offset = read_bits(&tmp, first_read_len, addr, offset); + *data = tmp << (read_len - first_read_len); + } - loop = (read_len - first_read_len) / 8; - ret_offset = offset; + loop = (read_len - first_read_len) / 8; + ret_offset = offset; - for (i = 0; i < loop; i++) - { - ret_offset = read_bits(&tmp, 8, addr, ret_offset); - *data |= tmp << (read_len - first_read_len - 8 - 8 * i); - } - } + for (i = 0; i < loop; i++) { + ret_offset = read_bits(&tmp, 8, addr, ret_offset); + *data |= tmp << (read_len - first_read_len - 8 - 8 * i); + } + } - return ret_offset; + return ret_offset; } -static int read_string_bits(char *p, int read_len, char *addr, int offset) +static int +read_string_bits(char *p, int read_len, char *addr, int offset) { - int i = 0; - int len = 0; + int i = 0; + int len = 0; - while (len < read_len) - { - if (read_len - len > 8) - { - offset = read_bits(p + i, 8, addr, offset); - len += 8; - } - else - { - offset = read_bits(p + i, read_len - len, addr, offset); - len += read_len - len; - } + while (len < read_len) { + if (read_len - len > 8) { + offset = read_bits(p + i, 8, addr, offset); + len += 8; + } else { + offset = read_bits(p + i, read_len - len, addr, offset); + len += read_len - len; + } - i++; - } + i++; + } - return offset; + return offset; } /* if find a nal, return the next address; if it's the end, return NULL */ -static char *findNal(char *buf, int *frame_len, char **nal_start, int *nal_len) +static char * +findNal(char *buf, int *frame_len, char **nal_start, int *nal_len) { - int i; - char *start = NULL; - int len = 0; + int i; + char *start = NULL; + int len = 0; - *nal_start = NULL; - *nal_len = 0; + *nal_start = NULL; + *nal_len = 0; - /* parsing each NALU */ - for (i = 0; i < (int)(*frame_len - 3);i++) - { - if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) - { - /* not the first loop */ - if (start) - { - len = buf + i - start; - *nal_start = start; - *nal_len = len; - *frame_len -= i; - return buf + i; - } - start = buf + i; - } - } + /* parsing each NALU */ + for (i = 0; i < (int) (*frame_len - 3); i++) { + if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) { + /* not the first loop */ + if (start) { + len = buf + i - start; + *nal_start = start; + *nal_len = len; + *frame_len -= i; + return buf + i; + } + start = buf + i; + } + } - if (start) - len = buf + *frame_len - start; + if (start) len = buf + *frame_len - start; - *nal_start = start; - *nal_len = len; - *frame_len = 0; + *nal_start = start; + *nal_len = len; + *frame_len = 0; - return NULL; + return NULL; } -static int svac_parse_nalu(struct svac_dec_handle *h, char *frame_data, int frame_len) +static int +svac_parse_nalu(struct svac_dec_handle *h, char *frame_data, int frame_len) { - char *ptr, *start = NULL; - int nal_len, frame_len_left = frame_len; + char *ptr, *start = NULL; + int nal_len, frame_len_left = frame_len; - ptr = frame_data; + ptr = frame_data; - do - { - start = NULL; - nal_len = 0; - ptr = findNal(ptr, &frame_len_left, &start, &nal_len); - if (start) - { - memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data)); + do { + start = NULL; + nal_len = 0; + ptr = findNal(ptr, &frame_len_left, &start, &nal_len); + if (start) { + memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data)); - h->nalu[h->nalu_num].addr = start; - h->nalu[h->nalu_num].len = nal_len; - h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0; //svac2.0 p21 - h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21 - h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21 + h->nalu[h->nalu_num].addr = start; + h->nalu[h->nalu_num].len = nal_len; + h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0;//svac2.0 p21 + h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21 + h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21 - if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type) - h->idr_flag = 1; - else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type) - h->sec_nalu_flag = 1; - else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type) - h->auth_nalu_flag = 1; - else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) - { - /* pps�ĵ�һ���ֽ���֡�� svac2.0 p23 */ - h->frame_num = (unsigned char)start[5]; - //PRINT_INFO("frame %d\n", h->frame_num); - } + if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type) + h->idr_flag = 1; + else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type) + h->sec_nalu_flag = 1; + else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type) + h->auth_nalu_flag = 1; + else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) { + /* pps�ĵ�һ���ֽ���֡�� svac2.0 p23 */ + h->frame_num = (unsigned char) start[5]; + //PRINT_INFO("frame %d\n", h->frame_num); + } - h->nalu_num++; - } - } while (frame_len_left); + h->nalu_num++; + } + } while (frame_len_left); - return 0; + return 0; } /* ���� svac �ľ����� */ -static int do_add_racing_Code(char *ptr, int *len, int offset) +static int +do_add_racing_Code(char *ptr, int *len, int offset) { - int i, find = 0, start = offset; - unsigned int inlen = *len; + int i, find = 0, start = offset; + unsigned int inlen = *len; - for (i = start; i < inlen - 2; i++) - { - if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) - { - find = 1; - break; - } - } + for (i = start; i < inlen - 2; i++) { + if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) { + find = 1; + break; + } + } - if (find) - { - unsigned int code_num = 0, zero_count = 0; - unsigned int allocnum = (int)((float)inlen*1.6); - char* tmp=NULL; - if (allocnum < 2048) allocnum=2048; - tmp = (char *)malloc(allocnum); + if (find) { + unsigned int code_num = 0, zero_count = 0; + unsigned int allocnum = (int) ((float) inlen * 1.6); + char *tmp = NULL; + if (allocnum < 2048) allocnum = 2048; + tmp = (char *) malloc(allocnum); - memcpy(tmp, ptr, start); - for (i = start; i < inlen; i++) - { - if (zero_count == 2 && !(ptr[i] & 0xfc)) - { - tmp[i + code_num] = 3; - code_num++; - i--; - zero_count = 0; - continue; - } + memcpy(tmp, ptr, start); + for (i = start; i < inlen; i++) { + if (zero_count == 2 && !(ptr[i] & 0xfc)) { + tmp[i + code_num] = 3; + code_num++; + i--; + zero_count = 0; + continue; + } - if (ptr[i] == 0) - zero_count++; - else - zero_count = 0; - if (i + code_num>=allocnum) - { - code_num = allocnum - i-1; - printf("svac adding racing code exceed alloced memory len!"); - break; - } - tmp[i + code_num] = ptr[i]; - } - memcpy(ptr, tmp, inlen + code_num); - *len = inlen + code_num; - //PRINT_INFO("code_num %d\n", code_num); - free(tmp); - } + if (ptr[i] == 0) + zero_count++; + else + zero_count = 0; + if (i + code_num >= allocnum) { + code_num = allocnum - i - 1; + printf("svac adding racing code exceed alloced memory len!"); + break; + } + tmp[i + code_num] = ptr[i]; + } + memcpy(ptr, tmp, inlen + code_num); + *len = inlen + code_num; + //PRINT_INFO("code_num %d\n", code_num); + free(tmp); + } - return find; + return find; } - /* ȥ�� svac �ľ����� */ -static int do_remove_racing_code(char *ptr, int *len, int offset) +static int +do_remove_racing_code(char *ptr, int *len, int offset) { - int i, find = 0, start; - unsigned int inlen; + int i, find = 0, start; + unsigned int inlen; - inlen = *len; - start = offset; + inlen = *len; + start = offset; - for (i = start; i < inlen - 2; i++) - { - if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) - { - find = 1; - break; - } - } + for (i = start; i < inlen - 2; i++) { + if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) { + find = 1; + break; + } + } - if (find) - { - unsigned int code_num = 0, zero_count = 0; + if (find) { + unsigned int code_num = 0, zero_count = 0; - for (i = start; i < inlen; i++) - { - if (zero_count == 2 && ptr[i] == 3) - { - code_num++; - zero_count = 0; - continue; - } + for (i = start; i < inlen; i++) { + if (zero_count == 2 && ptr[i] == 3) { + code_num++; + zero_count = 0; + continue; + } - if (ptr[i] == 0) - zero_count++; - else - zero_count = 0; - ptr[i - code_num] = ptr[i]; - } - *len = inlen - code_num; - } + if (ptr[i] == 0) + zero_count++; + else + zero_count = 0; + ptr[i - code_num] = ptr[i]; + } + *len = inlen - code_num; + } - return find; + return find; } /* ������ȫ������nalu */ -static int do_parse_security_nalu(struct svac_dec_handle *h, char *start, int len, int offset_bytes) +static int +do_parse_security_nalu(struct svac_dec_handle *h, char *start, int len, int offset_bytes) { - char tmp; - struct sec_param *param = &h->new_param; - int offset = offset_bytes * 8; + char tmp; + struct sec_param *param = &h->new_param; + int offset = offset_bytes * 8; - //hexdump("sec", start, len); - memset(param, 0, sizeof(struct sec_param)); + //hexdump("sec", start, len); + memset(param, 0, sizeof(struct sec_param)); - /* read encryption_flag */ - offset = read_bits(&tmp, 1, start, offset); - param->encrypt_flag = tmp; - /* read authentication_flag */ - offset = read_bits(&tmp, 1, start, offset); - param->auth_flag = tmp; + /* read encryption_flag */ + offset = read_bits(&tmp, 1, start, offset); + param->encrypt_flag = tmp; + /* read authentication_flag */ + offset = read_bits(&tmp, 1, start, offset); + param->auth_flag = tmp; - if (param->encrypt_flag) - { - /* read encrypt_type */ - offset = read_bits(&tmp, 4, start, offset); - if (tmp == 0) - param->encrypt_type = SM1_OFB; - else - param->encrypt_type = SM4_OFB; + if (param->encrypt_flag) { + /* read encrypt_type */ + offset = read_bits(&tmp, 4, start, offset); + if (tmp == 0) + param->encrypt_type = SM1_OFB; + else + param->encrypt_type = SM4_OFB; - /* read vek_flag */ - offset = read_bits(&tmp, 1, start, offset); - param->vek_flag = tmp; - /* read iv_flag */ - offset = read_bits(&tmp, 1, start, offset); - param->iv_flag = tmp; + /* read vek_flag */ + offset = read_bits(&tmp, 1, start, offset); + param->vek_flag = tmp; + /* read iv_flag */ + offset = read_bits(&tmp, 1, start, offset); + param->iv_flag = tmp; - if (param->vek_flag) - { - /* read vek_encryption_type */ - offset = read_bits(&tmp, 4, start, offset); - param->vek_encrypt_type = SM4_ECB; + if (param->vek_flag) { + /* read vek_encryption_type */ + offset = read_bits(&tmp, 4, start, offset); + param->vek_encrypt_type = SM4_ECB; - /* read evek_length_minus1 */ - offset = read_bits(&tmp, 8, start, offset); - param->vek_len = tmp + 1; - /* read evek */ - offset = read_string_bits(param->evek, param->vek_len * 8, start, offset); + /* read evek_length_minus1 */ + offset = read_bits(&tmp, 8, start, offset); + param->vek_len = tmp + 1; + /* read evek */ + offset = read_string_bits(param->evek, param->vek_len * 8, start, offset); - /* read vkek_verion_length_minus1 */ - offset = read_bits(&tmp, 8, start, offset); - param->version_len = tmp + 1; - /* read vkek_version */ - memset(param->vkek_version, 0, sizeof(param->vkek_version)); - offset = read_string_bits(param->vkek_version, param->version_len * 8, start, offset); + /* read vkek_verion_length_minus1 */ + offset = read_bits(&tmp, 8, start, offset); + param->version_len = tmp + 1; + /* read vkek_version */ + memset(param->vkek_version, 0, sizeof(param->vkek_version)); + offset = read_string_bits(param->vkek_version, param->version_len * 8, start, offset); - /* ����΢vkek bug */ - if (param->version_len > 32) - { - param->version_len = 19; - memset(param->vkek_version + 19, 0, sizeof(param->vkek_version) - 19); - } - } + /* ����΢vkek bug */ + if (param->version_len > 32) { + param->version_len = 19; + memset(param->vkek_version + 19, 0, sizeof(param->vkek_version) - 19); + } + } - if (param->iv_flag) - { - /* read iv_length_minus1 */ - offset = read_bits(&tmp, 8, start, offset); - param->iv_len = tmp + 1; - /* read iv */ - offset = read_string_bits(param->iv, param->iv_len * 8, start, offset); - } - } + if (param->iv_flag) { + /* read iv_length_minus1 */ + offset = read_bits(&tmp, 8, start, offset); + param->iv_len = tmp + 1; + /* read iv */ + offset = read_string_bits(param->iv, param->iv_len * 8, start, offset); + } + } - if (param->auth_flag) - { - /* read hash_type */ - offset = read_bits(&tmp, 2, start, offset); - param->hash_type = SM3_HASH; - /* read hash_discard_p_pictures */ - offset = read_bits(&tmp, 1, start, offset); - param->only_IDR = tmp ? 1 : 0; - /* read signature_type */ - offset = read_bits(&tmp, 2, start, offset); - param->auth_type = SM2_SIGN; - /* read successive_hash_pictures_minus1 */ - offset = read_bits(&tmp, 8, start, offset); - param->hash_period = tmp + 1; - /* read camera_idc */ - offset = read_string_bits(param->camera_idc, 152, start, offset); - //PRINT_INFO("IDR %d period %d\n", param->only_IDR, param->hash_period); - } + if (param->auth_flag) { + /* read hash_type */ + offset = read_bits(&tmp, 2, start, offset); + param->hash_type = SM3_HASH; + /* read hash_discard_p_pictures */ + offset = read_bits(&tmp, 1, start, offset); + param->only_IDR = tmp ? 1 : 0; + /* read signature_type */ + offset = read_bits(&tmp, 2, start, offset); + param->auth_type = SM2_SIGN; + /* read successive_hash_pictures_minus1 */ + offset = read_bits(&tmp, 8, start, offset); + param->hash_period = tmp + 1; + /* read camera_idc */ + offset = read_string_bits(param->camera_idc, 152, start, offset); + //PRINT_INFO("IDR %d period %d\n", param->only_IDR, param->hash_period); + } - if (param->vek_flag || param->auth_flag) - offset = read_string_bits(param->camera_id, 160, start, offset); + if (param->vek_flag || param->auth_flag) offset = read_string_bits(param->camera_id, 160, start, offset); - return 0; + return 0; } /* ������ȫ��������nalu */ -static int parse_security_nalu(struct svac_dec_handle *h) +static int +parse_security_nalu(struct svac_dec_handle *h) { - int i; + int i; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].type == SVAC_SEC_SLICE) - { - do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); - h->nalu[i].need_add_racing_code = 1; + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].type == SVAC_SEC_SLICE) { + do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); + h->nalu[i].need_add_racing_code = 1; - do_parse_security_nalu(h, h->nalu[i].addr, h->nalu[i].len, 5); + do_parse_security_nalu(h, h->nalu[i].addr, h->nalu[i].len, 5); - /* �µ�gop ��Ҫ���°�ȫ�������ϵı�ʶ */ - h->sec_param_update_flag = 1; + /* �µ�gop ��Ҫ���°�ȫ�������ϵı�ʶ */ + h->sec_param_update_flag = 1; - return 0; - } - } + return 0; + } + } - PRINT_ERR("Not find security nalu!\n"); + PRINT_ERR("Not find security nalu!\n"); - return -1; + return -1; } /* ������֤��Ԫnalu */ -static int do_parse_auth_nalu(struct svac_dec_handle *h, char *start, int len, int offset_bytes, struct auth_info *info) +static int +do_parse_auth_nalu(struct svac_dec_handle *h, char *start, int len, int offset_bytes, struct auth_info *info) { - int ret; - char tmp; - int offset = offset_bytes * 8; - char sign_b64[512]; - int sign_b64_len; - int i; + int ret; + char tmp; + int offset = offset_bytes * 8; + char sign_b64[512]; + int sign_b64_len; + int i; - /* read frame_num */ - offset = read_bits(&tmp, 8, start, offset); - h->sign_frame_num = tmp; + /* read frame_num */ + offset = read_bits(&tmp, 8, start, offset); + h->sign_frame_num = tmp; - /* read authentication_data_length_minus1 */ - offset = read_bits(&tmp, 8, start, offset); - sign_b64_len = tmp + 1; + /* read authentication_data_length_minus1 */ + offset = read_bits(&tmp, 8, start, offset); + sign_b64_len = tmp + 1; - /* read authentication_data */ - for (i = 0; i < sign_b64_len; i++) - offset = read_bits(&sign_b64[i], 8, start, offset); + /* read authentication_data */ + for (i = 0; i < sign_b64_len; i++) offset = read_bits(&sign_b64[i], 8, start, offset); - h->sign_len = sizeof(h->sign); - ret = do_base64_decode(h->sign, &h->sign_len, sign_b64, sign_b64_len); - if (ret) - { - PRINT_ERR("do_base64_decode failed! ret %d\n", ret); - return -1; - } + h->sign_len = sizeof(h->sign); + ret = do_base64_decode(h->sign, &h->sign_len, sign_b64, sign_b64_len); + if (ret) { + PRINT_ERR("do_base64_decode failed! ret %d\n", ret); + return -1; + } - info->do_auth = 1; + info->do_auth = 1; - if (h->curr_param.only_IDR) - { - ret = do_sm2_verify(h->sm2_pubkey, h->idr_hash, 32, h->sign); - info->auth_result = ret == -1 ? 0 : 1; - } - else - { - int j; - char fin_hash[32]; - struct sm3_ctx ctx; - struct hash_cache *cache; + if (h->curr_param.only_IDR) { + ret = do_sm2_verify(h->sm2_pubkey, h->idr_hash, 32, h->sign); + info->auth_result = ret == -1 ? 0 : 1; + } else { + int j; + char fin_hash[32]; + struct sm3_ctx ctx; + struct hash_cache *cache; - i = h->cache_idx; + i = h->cache_idx; - for (j = 0; j < HASH_CACHE_NUM; j++) - { - cache = &h->cache[i]; - if (cache->frame_num == h->sign_frame_num) - { - //PRINT_INFO("find! %d\n", h->sign_frame_num); - break; - } - i--; - if (i < 0) - i += HASH_CACHE_NUM; - } + for (j = 0; j < HASH_CACHE_NUM; j++) { + cache = &h->cache[i]; + if (cache->frame_num == h->sign_frame_num) { + //PRINT_INFO("find! %d\n", h->sign_frame_num); + break; + } + i--; + if (i < 0) i += HASH_CACHE_NUM; + } - i = i - h->curr_param.hash_period + 1; - if (i < 0) - i += HASH_CACHE_NUM; + i = i - h->curr_param.hash_period + 1; + if (i < 0) i += HASH_CACHE_NUM; - cache = &h->cache[i]; - memcpy(fin_hash, cache->hash, 32); - if (h->sign_frame_num == 1) - goto verify; + cache = &h->cache[i]; + memcpy(fin_hash, cache->hash, 32); + if (h->sign_frame_num == 1) goto verify; - for (j = 1; j < h->curr_param.hash_period; j++) - { - sm3_init(&ctx); - sm3_update(&ctx, fin_hash, 32); - //hexdump("hash0", fin_hash, 32); - i++; - if (i >= HASH_CACHE_NUM) - i -= HASH_CACHE_NUM; + for (j = 1; j < h->curr_param.hash_period; j++) { + sm3_init(&ctx); + sm3_update(&ctx, fin_hash, 32); + //hexdump("hash0", fin_hash, 32); + i++; + if (i >= HASH_CACHE_NUM) i -= HASH_CACHE_NUM; - cache = &h->cache[i]; - //hexdump("hash1", cache->hash, 32); - sm3_update(&ctx, cache->hash, 32); - sm3_final(&ctx, fin_hash); - } - -verify: - //hexdump("sign", fin_hash, 32); - ret = do_sm2_verify(h->sm2_pubkey, fin_hash, 32, h->sign); - info->auth_result = ret == -1 ? 0 : 1; - } + cache = &h->cache[i]; + //hexdump("hash1", cache->hash, 32); + sm3_update(&ctx, cache->hash, 32); + sm3_final(&ctx, fin_hash); + } - return 0; + verify: + //hexdump("sign", fin_hash, 32); + ret = do_sm2_verify(h->sm2_pubkey, fin_hash, 32, h->sign); + info->auth_result = ret == -1 ? 0 : 1; + } + + return 0; } - /* ������֤��Ԫnalu */ -static int parse_svac_auth_nal(struct svac_dec_handle *h, struct auth_info *info) +static int +parse_svac_auth_nal(struct svac_dec_handle *h, struct auth_info *info) { - int i; + int i; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].type == SVAC_AUTH_SLICE) - { - do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); - h->nalu[i].need_add_racing_code = 1; + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].type == SVAC_AUTH_SLICE) { + do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); + h->nalu[i].need_add_racing_code = 1; - do_parse_auth_nalu(h, h->nalu[i].addr, h->nalu[i].len, 5, info); + do_parse_auth_nalu(h, h->nalu[i].addr, h->nalu[i].len, 5, info); - return 0; - } - } + return 0; + } + } - PRINT_ERR("Not find auth nalu!\n"); + PRINT_ERR("Not find auth nalu!\n"); - return -1; + return -1; } -static int dec_vek(struct svac_dec_handle *h) +static int +dec_vek(struct svac_dec_handle *h) { - int j; + int j; - h->find_vkek_flag = 0; + h->find_vkek_flag = 0; - for (j = 0; j < VKEK_CACHE_NUM; j++) - { - //PRINT_INFO("list %d version %s\n", j, h->vkek_list[j].version); - if (!memcmp(h->vkek_list[j].version, h->curr_param.vkek_version, h->curr_param.version_len)) - { - h->find_vkek_flag = 1; - do_sm4_ecb_decrypt(h->curr_param.evek, h->vek, h->vkek_list[j].vkek); - return 0; - } - } + for (j = 0; j < VKEK_CACHE_NUM; j++) { + //PRINT_INFO("list %d version %s\n", j, h->vkek_list[j].version); + if (!memcmp(h->vkek_list[j].version, h->curr_param.vkek_version, h->curr_param.version_len)) { + h->find_vkek_flag = 1; + do_sm4_ecb_decrypt(h->curr_param.evek, h->vek, h->vkek_list[j].vkek); + return 0; + } + } - PRINT_ERR("Not find vkek version %s len %d\n", h->curr_param.vkek_version, h->curr_param.version_len); - for (j = 0; j < VKEK_CACHE_NUM; j++) - PRINT_INFO("list %d version %s\n", j, h->vkek_list[j].version); + PRINT_ERR("Not find vkek version %s len %d\n", h->curr_param.vkek_version, h->curr_param.version_len); + for (j = 0; j < VKEK_CACHE_NUM; j++) PRINT_INFO("list %d version %s\n", j, h->vkek_list[j].version); - - return -1; + return -1; } -static int update_new_sec_param(struct svac_dec_handle *h) +static int +update_new_sec_param(struct svac_dec_handle *h) { - memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param)); - h->sec_param_update_flag = 0; + memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param)); + h->sec_param_update_flag = 0; - if (h->curr_param.encrypt_flag) - { - if (h->curr_param.vek_flag) - dec_vek(h); + if (h->curr_param.encrypt_flag) { + if (h->curr_param.vek_flag) dec_vek(h); - if (h->curr_param.iv_flag) - memcpy(h->iv, h->curr_param.iv, 16); - } - return 0; + if (h->curr_param.iv_flag) memcpy(h->iv, h->curr_param.iv, 16); + } + return 0; } -static int calc_nalu_hash(struct svac_dec_handle *h) +static int +calc_nalu_hash(struct svac_dec_handle *h) { - int i; - struct sm3_ctx ctx; - char hash[32]; - struct hash_cache *cache; + int i; + struct sm3_ctx ctx; + char hash[32]; + struct hash_cache *cache; - if (!h->curr_param.auth_flag) - return 0; + if (!h->curr_param.auth_flag) return 0; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].authentication_idc) - break; - } + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].authentication_idc) break; + } - /* û��ǩ����nalu */ - if (i >= h->nalu_num) - return 0; + /* û��ǩ����nalu */ + if (i >= h->nalu_num) return 0; - memset(hash, 0, sizeof(hash)); - sm3_init(&ctx); + memset(hash, 0, sizeof(hash)); + sm3_init(&ctx); - for (i = 0; i < h->nalu_num; i++) - { - if (!h->nalu[i].authentication_idc) - continue; + for (i = 0; i < h->nalu_num; i++) { + if (!h->nalu[i].authentication_idc) continue; - sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4); - } + sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4); + } - sm3_final(&ctx, hash); + sm3_final(&ctx, hash); - if (!h->frame_num) - memcpy(h->idr_hash, hash, 32); + if (!h->frame_num) memcpy(h->idr_hash, hash, 32); - cache = &h->cache[h->cache_idx]; - memcpy(cache->hash, hash, 32); - cache->frame_num = h->frame_num; - h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM; + cache = &h->cache[h->cache_idx]; + memcpy(cache->hash, hash, 32); + cache->frame_num = h->frame_num; + h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM; - return 0; + return 0; } void do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv); -static int do_dec_and_copy(int encrypt_type, const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv) +static int +do_dec_and_copy(int encrypt_type, + const char *in_buff, + int in_len, + char *out_buff, + int *out_len, + const char *key, + const char *iv) { - if (encrypt_type == SM4_OFB) - { - do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv); - } - else if (encrypt_type == SM1_OFB) - { - PRINT_ERR("unsupport SM1 now!\n"); - return -1; - } + if (encrypt_type == SM4_OFB) { + do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv); + } else if (encrypt_type == SM1_OFB) { + PRINT_ERR("unsupport SM1 now!\n"); + return -1; + } - return 0; + return 0; } -static int make_dec_frame(struct svac_dec_handle *h, char *out_buff, int *out_len) +static int +make_dec_frame(struct svac_dec_handle *h, char *out_buff, int *out_len) { - int i; - int out_offset = 0; - int out_nalu_len; - int ret; + int i; + int out_offset = 0; + int out_nalu_len; + int ret; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].type == SVAC_SEC_SLICE || h->nalu[i].type == SVAC_AUTH_SLICE) - continue; + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].type == SVAC_SEC_SLICE || h->nalu[i].type == SVAC_AUTH_SLICE) continue; - /* ���naluû�м��� ��ֱ����� */ - if (!h->nalu[i].encryption_idc) - { - memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len); - /* �������ǩ����ʶ */ - out_buff[out_offset + 4] &= 0xfc; - out_nalu_len = h->nalu[i].len; - if (h->nalu[i].need_add_racing_code) - do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); - out_offset += out_nalu_len; - } - else - { - int dec_len; - int out_len; + /* ���naluû�м��� ��ֱ����� */ + if (!h->nalu[i].encryption_idc) { + memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len); + /* �������ǩ����ʶ */ + out_buff[out_offset + 4] &= 0xfc; + out_nalu_len = h->nalu[i].len; + if (h->nalu[i].need_add_racing_code) do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); + out_offset += out_nalu_len; + } else { + int dec_len; + int out_len; - if (!h->find_vkek_flag) - { - PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version); - return -1; - } + if (!h->find_vkek_flag) { + PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version); + return -1; + } - //PRINT_INFO("before nalu[i].len %d\n", h->nalu[i].len); + //PRINT_INFO("before nalu[i].len %d\n", h->nalu[i].len); - if (!h->nalu[i].need_add_racing_code) - { - do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); - h->nalu[i].need_add_racing_code = 1; - } + if (!h->nalu[i].need_add_racing_code) { + do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); + h->nalu[i].need_add_racing_code = 1; + } - memcpy(out_buff + out_offset, h->nalu[i].addr, 5); - dec_len = h->nalu[i].len - 1 - 5; + memcpy(out_buff + out_offset, h->nalu[i].addr, 5); + dec_len = h->nalu[i].len - 1 - 5; - /* ������ */ - ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, dec_len, out_buff + out_offset + 5, &out_len, h->vek, h->iv); - if (ret) - return -1; + /* ������ */ + ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, dec_len, out_buff + out_offset + 5, + &out_len, h->vek, h->iv); + if (ret) return -1; - memcpy(out_buff + out_offset + dec_len + 5, h->nalu[i].addr + 5 + dec_len, 1); + memcpy(out_buff + out_offset + dec_len + 5, h->nalu[i].addr + 5 + dec_len, 1); - /* �������ǩ����ʶ */ - out_buff[out_offset + 4] &= 0xfc; - out_nalu_len = h->nalu[i].len; - //PRINT_INFO("before add racing %d\n", out_nalu_len); + /* �������ǩ����ʶ */ + out_buff[out_offset + 4] &= 0xfc; + out_nalu_len = h->nalu[i].len; + //PRINT_INFO("before add racing %d\n", out_nalu_len); - do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); - out_offset += out_nalu_len; - } - //PRINT_INFO("out_nalu_len %d\n", out_nalu_len); - } + do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); + out_offset += out_nalu_len; + } + //PRINT_INFO("out_nalu_len %d\n", out_nalu_len); + } - *out_len = out_offset; + *out_len = out_offset; - return 0; + return 0; } -static int make_bypass_frame(struct svac_dec_handle *h, char *out_buff, int *out_len) +static int +make_bypass_frame(struct svac_dec_handle *h, char *out_buff, int *out_len) { - int i; + int i; - *out_len = 0; + *out_len = 0; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].type == SVAC_SEC_SLICE) - continue; - memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len); - *out_len += h->nalu[i].len; - } + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].type == SVAC_SEC_SLICE) continue; + memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len); + *out_len += h->nalu[i].len; + } - return 0; + return 0; } -void *SvacDecCreate(void) +void * +SvacDecCreate(void) { - int i; - struct svac_dec_handle *h; + int i; + struct svac_dec_handle *h; - h = (struct svac_dec_handle *)malloc(sizeof(struct svac_dec_handle)); - if (!h) - return NULL; + h = (struct svac_dec_handle *) malloc(sizeof(struct svac_dec_handle)); + if (!h) return NULL; - memset(h, 0, sizeof(struct svac_dec_handle)); - h->magic = MAGIC_VALUE; + memset(h, 0, sizeof(struct svac_dec_handle)); + h->magic = MAGIC_VALUE; - for (i = 0; i < HASH_CACHE_NUM; i++) - h->cache[i].frame_num = -1; + for (i = 0; i < HASH_CACHE_NUM; i++) h->cache[i].frame_num = -1; - return (void *)h; + return (void *) h; } -int SvacDecSetVkek(void *handle, char *vkek, char *version, int verion_len) +int +SvacDecSetVkek(void *handle, char *vkek, char *version, int verion_len) { - struct svac_dec_handle *h = (struct svac_dec_handle *)handle; - int i = h->vkek_start, j; + struct svac_dec_handle *h = (struct svac_dec_handle *) handle; + int i = h->vkek_start, j; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!vkek || !version) - return -1; + if (!vkek || !version) return -1; - for (j = 0; j < VKEK_CACHE_NUM; j++) - if (!memcmp(h->vkek_list[j].version, version, verion_len)) - { - memcpy(h->vkek_list[j].vkek, vkek, 16); - memset(h->vkek_list[j].version, 0, sizeof(h->vkek_list[j].version)); - memcpy(h->vkek_list[j].version, version, verion_len); - return 0; - } + for (j = 0; j < VKEK_CACHE_NUM; j++) + if (!memcmp(h->vkek_list[j].version, version, verion_len)) { + memcpy(h->vkek_list[j].vkek, vkek, 16); + memset(h->vkek_list[j].version, 0, sizeof(h->vkek_list[j].version)); + memcpy(h->vkek_list[j].version, version, verion_len); + return 0; + } - PRINT_INFO("add new vkek %s\n", version); + PRINT_INFO("add new vkek %s\n", version); - memcpy(h->vkek_list[i].vkek, vkek, 16); - memset(h->vkek_list[i].version, 0, sizeof(h->vkek_list[i].version)); - memcpy(h->vkek_list[i].version, version, verion_len); - i = (i + 1) % VKEK_CACHE_NUM; - h->vkek_start = i; + memcpy(h->vkek_list[i].vkek, vkek, 16); + memset(h->vkek_list[i].version, 0, sizeof(h->vkek_list[i].version)); + memcpy(h->vkek_list[i].version, version, verion_len); + i = (i + 1) % VKEK_CACHE_NUM; + h->vkek_start = i; - return 0; + return 0; } -int SvacDecSetPubkey(void *handle, char *pubkey) +int +SvacDecSetPubkey(void *handle, char *pubkey) { - struct svac_dec_handle *h = (struct svac_dec_handle *)handle; + struct svac_dec_handle *h = (struct svac_dec_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!pubkey) - return -1; + if (!pubkey) return -1; - /* save sm2 pubkey*/ - memcpy(h->sm2_pubkey, pubkey, 64); - /* set sm2 pubkey flag */ - h->sm_pubkey_flag = 1; + /* save sm2 pubkey*/ + memcpy(h->sm2_pubkey, pubkey, 64); + /* set sm2 pubkey flag */ + h->sm_pubkey_flag = 1; - return 0; + return 0; } -int SvacDecParamCallBack(void *handle, PFSECURITYPARAMCB callback, void *context) +int +SvacDecParamCallBack(void *handle, PFSECURITYPARAMCB callback, void *context) { - struct svac_dec_handle *h = (struct svac_dec_handle *)handle; + struct svac_dec_handle *h = (struct svac_dec_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - h->callback = callback; - h->context = context; + h->callback = callback; + h->context = context; - return 0; + return 0; } -int svac_dec_process(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len, struct auth_info *info) +int +svac_dec_process(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len, struct auth_info *info) { - struct svac_dec_handle *h = (struct svac_dec_handle *)handle; + struct svac_dec_handle *h = (struct svac_dec_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!in_buff || !out_buff || !out_len) - return -1; + if (!in_buff || !out_buff || !out_len) return -1; - h->nalu_num = 0; - h->idr_flag = 0; - h->sec_nalu_flag = 0; - h->auth_nalu_flag = 0; + h->nalu_num = 0; + h->idr_flag = 0; + h->sec_nalu_flag = 0; + h->auth_nalu_flag = 0; - svac_parse_nalu(h, in_buff, in_len); - //PRINT_INFO("find nalu_num %d\n", h->nalu_num); + svac_parse_nalu(h, in_buff, in_len); + //PRINT_INFO("find nalu_num %d\n", h->nalu_num); - if (!h->nalu_num) - { - PRINT_ERR("Not find nalu start code!\n"); - return -1; - } + if (!h->nalu_num) { + PRINT_ERR("Not find nalu start code!\n"); + return -1; + } - /* ������ȫ����NALU */ - if (h->sec_nalu_flag && parse_security_nalu(h)) - { - PRINT_ERR("parse security nalu failed!\n"); - return -1; - } + /* ������ȫ����NALU */ + if (h->sec_nalu_flag && parse_security_nalu(h)) { + PRINT_ERR("parse security nalu failed!\n"); + return -1; + } - if (h->idr_flag) - { - struct sec_info param; + if (h->idr_flag) { + struct sec_info param; - memset(¶m, 0, sizeof(param)); + memset(¶m, 0, sizeof(param)); - /* �µ�GOP�� ���°�ȫ���� & vkek */ - if (h->sec_param_update_flag) - { - update_new_sec_param(h); - param.encrypt_flag = h->curr_param.encrypt_flag; - param.auth_flag = h->curr_param.auth_flag; - param.hash_only_IDR = h->curr_param.only_IDR; - param.hash_period = h->curr_param.hash_period; - } + /* �µ�GOP�� ���°�ȫ���� & vkek */ + if (h->sec_param_update_flag) { + update_new_sec_param(h); + param.encrypt_flag = h->curr_param.encrypt_flag; + param.auth_flag = h->curr_param.auth_flag; + param.hash_only_IDR = h->curr_param.only_IDR; + param.hash_period = h->curr_param.hash_period; + } - if (h->callback) - h->callback(¶m, h->context); - } + if (h->callback) h->callback(¶m, h->context); + } - /* �����a������ bypass */ - if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) - return make_bypass_frame(h, out_buff, out_len); + /* �����a������ bypass */ + if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) return make_bypass_frame(h, out_buff, out_len); - /* ����hash */ - calc_nalu_hash(h); + /* ����hash */ + calc_nalu_hash(h); - if (info) - info->do_auth = 0; + if (info) info->do_auth = 0; - if (h->auth_nalu_flag && info) - parse_svac_auth_nal(h, info); + if (h->auth_nalu_flag && info) parse_svac_auth_nal(h, info); - /* ƴ��������� ������ */ - make_dec_frame(h, out_buff, out_len); + /* ƴ��������� ������ */ + make_dec_frame(h, out_buff, out_len); - return 0; + return 0; } -int SvacDecProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len, struct auth_info *info) +int +SvacDecProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len, struct auth_info *info) { - return svac_dec_process(handle, in_buff, in_len, out_buff, out_len, info); + return svac_dec_process(handle, in_buff, in_len, out_buff, out_len, info); } -int SvacDecRelease(void *handle) +int +SvacDecRelease(void *handle) { - struct svac_dec_handle *h = (struct svac_dec_handle *)handle; + struct svac_dec_handle *h = (struct svac_dec_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - free(h); + free(h); - return 0; + return 0; } diff --git a/src/SVAC/src/sm2sm3_enc/sm2.c b/src/SVAC/src/sm2sm3_enc/sm2.c index 2625425..27c05b4 100644 --- a/src/SVAC/src/sm2sm3_enc/sm2.c +++ b/src/SVAC/src/sm2sm3_enc/sm2.c @@ -1,7 +1,7 @@ -#include -#include -#include #include +#include +#include +#include #include "big.h" #include "ecc.h" @@ -9,517 +9,529 @@ #include "sm3.h" struct ecc_curve sm2_curve = { - ECC_MAX_DIGITS, - { - { - 0x715A4589334C74C7ull, 0x8FE30BBFF2660BE1ull, - 0x5F9904466A39C994ull, 0x32C4AE2C1F198119ull - }, - { - 0x02DF32E52139F0A0ull, 0xD0A9877CC62A4740ull, - 0x59BDCEE36B692153ull, 0xBC3736A2F4F6779Cull - }, - }, - { - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0x53BBF40939D54123ull, 0x7203DF6B21C6052Bull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0x0000000000000001ull, 0x0000000000000000ull, - 0x0000000000000000ull, 0x0000000000000000ull, - }, - { - 0xFFFFFFFFFFFFFFFCull, 0xFFFFFFFF00000000ull, - 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull - }, - { - 0xDDBCBD414D940E93ull, 0xF39789F515AB8F92ull, - 0x4D5A9E4BCF6509A7ull, 0x28E9FA9E9D9F5E34ull - }, + ECC_MAX_DIGITS, + { + {0x715A4589334C74C7ull, 0x8FE30BBFF2660BE1ull, 0x5F9904466A39C994ull, 0x32C4AE2C1F198119ull}, + {0x02DF32E52139F0A0ull, 0xD0A9877CC62A4740ull, 0x59BDCEE36B692153ull, 0xBC3736A2F4F6779Cull}, + }, + {0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFF00000000ull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + {0x53BBF40939D54123ull, 0x7203DF6B21C6052Bull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + { + 0x0000000000000001ull, + 0x0000000000000000ull, + 0x0000000000000000ull, + 0x0000000000000000ull, + }, + {0xFFFFFFFFFFFFFFFCull, 0xFFFFFFFF00000000ull, 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFEFFFFFFFFull}, + {0xDDBCBD414D940E93ull, 0xF39789F515AB8F92ull, 0x4D5A9E4BCF6509A7ull, 0x28E9FA9E9D9F5E34ull}, }; -static void sm2_w(u64 *result, u64 *x) +static void +sm2_w(u64 *result, u64 *x) { - result[0] = x[0]; - result[1] = x[1]; - result[1] |= 0x80; - result[2] = 0; - result[3] = 0; + result[0] = x[0]; + result[1] = x[1]; + result[1] |= 0x80; + result[2] = 0; + result[3] = 0; } -static void sm3_kdf(u8 *Z ,u32 zlen, u8 *K, u32 klen) +static void +sm3_kdf(u8 *Z, u32 zlen, u8 *K, u32 klen) { - u32 ct = 0x00000001; - u8 ct_char[32]; - u8 *hash = K ; - u32 i, t; - struct sm3_ctx md[1]; + u32 ct = 0x00000001; + u8 ct_char[32]; + u8 *hash = K; + u32 i, t; + struct sm3_ctx md[1]; - t = klen/ECC_NUMWORD; - //s4: K=Ha1||Ha2||... - for (i = 0; i < t; i++) { - //s2: Hai=Hv(Z||ct) - sm3_init(md); - sm3_update(md, Z, zlen); - put_unaligned_be32(ct, ct_char); - sm3_update(md, ct_char, 4); - sm3_final(md, hash); - hash += 32; - ct++; - } + t = klen / ECC_NUMWORD; + //s4: K=Ha1||Ha2||... + for (i = 0; i < t; i++) { + //s2: Hai=Hv(Z||ct) + sm3_init(md); + sm3_update(md, Z, zlen); + put_unaligned_be32(ct, ct_char); + sm3_update(md, ct_char, 4); + sm3_final(md, hash); + hash += 32; + ct++; + } - t = klen%ECC_NUMBITS; - if (t) { - sm3_init(md); - sm3_update(md, Z, zlen); - put_unaligned_be32(ct, ct_char); - sm3_update(md, ct_char, 4); - sm3_final(md, ct_char); - memcpy(hash, ct_char, t); - } + t = klen % ECC_NUMBITS; + if (t) { + sm3_init(md); + sm3_update(md, Z, zlen); + put_unaligned_be32(ct, ct_char); + sm3_update(md, ct_char, 4); + sm3_final(md, ct_char); + memcpy(hash, ct_char, t); + } } -static void sm3_z(u8 *id, u32 idlen, ecc_point *pub, u8 *hash) +static void +sm3_z(u8 *id, u32 idlen, ecc_point *pub, u8 *hash) { - u8 a[ECC_NUMWORD]; - u8 b[ECC_NUMWORD]; - u8 x[ECC_NUMWORD]; - u8 y[ECC_NUMWORD]; - u8 idlen_char[2]; - struct sm3_ctx md[1]; + u8 a[ECC_NUMWORD]; + u8 b[ECC_NUMWORD]; + u8 x[ECC_NUMWORD]; + u8 y[ECC_NUMWORD]; + u8 idlen_char[2]; + struct sm3_ctx md[1]; - put_unaligned_be16(idlen<<3, idlen_char); + put_unaligned_be16(idlen << 3, idlen_char); - ecc_bytes2native((u64*)a, sm2_curve.a, sm2_curve.ndigits); - ecc_bytes2native((u64*)b, sm2_curve.b, sm2_curve.ndigits); - ecc_bytes2native((u64*)x, sm2_curve.g.x, sm2_curve.ndigits); - ecc_bytes2native((u64*)y, sm2_curve.g.y, sm2_curve.ndigits); + ecc_bytes2native((u64 *) a, sm2_curve.a, sm2_curve.ndigits); + ecc_bytes2native((u64 *) b, sm2_curve.b, sm2_curve.ndigits); + ecc_bytes2native((u64 *) x, sm2_curve.g.x, sm2_curve.ndigits); + ecc_bytes2native((u64 *) y, sm2_curve.g.y, sm2_curve.ndigits); - sm3_init(md); - sm3_update(md, idlen_char, 2); - sm3_update(md, id, idlen); - sm3_update(md, a, ECC_NUMWORD); - sm3_update(md, b, ECC_NUMWORD); - sm3_update(md, x, ECC_NUMWORD); - sm3_update(md, y, ECC_NUMWORD); - sm3_update(md, (u8*)pub->x, ECC_NUMWORD); - sm3_update(md, (u8*)pub->y, ECC_NUMWORD); - sm3_final(md, hash); + sm3_init(md); + sm3_update(md, idlen_char, 2); + sm3_update(md, id, idlen); + sm3_update(md, a, ECC_NUMWORD); + sm3_update(md, b, ECC_NUMWORD); + sm3_update(md, x, ECC_NUMWORD); + sm3_update(md, y, ECC_NUMWORD); + sm3_update(md, (u8 *) pub->x, ECC_NUMWORD); + sm3_update(md, (u8 *) pub->y, ECC_NUMWORD); + sm3_final(md, hash); - return; + return; } -static int sm2_valid_public_key(ecc_point *publicKey) +static int +sm2_valid_public_key(ecc_point *publicKey) { - u64 na[ECC_MAX_DIGITS] = {3}; /* a mod p = (-3) mod p */ - u64 tmp1[ECC_MAX_DIGITS]; - u64 tmp2[ECC_MAX_DIGITS]; + u64 na[ECC_MAX_DIGITS] = {3}; /* a mod p = (-3) mod p */ + u64 tmp1[ECC_MAX_DIGITS]; + u64 tmp2[ECC_MAX_DIGITS]; - if (ecc_point_is_zero(&sm2_curve, publicKey)) - return 1; + if (ecc_point_is_zero(&sm2_curve, publicKey)) return 1; - if (vli_cmp(sm2_curve.p, publicKey->x, sm2_curve.ndigits) != 1 - || vli_cmp(sm2_curve.p, publicKey->y, sm2_curve.ndigits) != 1) - return 1; + if (vli_cmp(sm2_curve.p, publicKey->x, sm2_curve.ndigits) != 1 + || vli_cmp(sm2_curve.p, publicKey->y, sm2_curve.ndigits) != 1) + return 1; - /* tmp1 = y^2 */ - vli_mod_square_fast(tmp1, publicKey->y, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^2 */ - vli_mod_square_fast(tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^2 + a = x^2 - 3 */ - vli_mod_sub(tmp2, tmp2, na, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^3 + ax */ - vli_mod_mult_fast(tmp2, tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); - /* tmp2 = x^3 + ax + b */ - vli_mod_add(tmp2, tmp2, sm2_curve.b, sm2_curve.p, sm2_curve.ndigits); + /* tmp1 = y^2 */ + vli_mod_square_fast(tmp1, publicKey->y, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^2 */ + vli_mod_square_fast(tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^2 + a = x^2 - 3 */ + vli_mod_sub(tmp2, tmp2, na, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^3 + ax */ + vli_mod_mult_fast(tmp2, tmp2, publicKey->x, sm2_curve.p, sm2_curve.ndigits); + /* tmp2 = x^3 + ax + b */ + vli_mod_add(tmp2, tmp2, sm2_curve.b, sm2_curve.p, sm2_curve.ndigits); - /* Make sure that y^2 == x^3 + ax + b */ - if (vli_cmp(tmp1, tmp2, sm2_curve.ndigits) != 0) - return 1; + /* Make sure that y^2 == x^3 + ax + b */ + if (vli_cmp(tmp1, tmp2, sm2_curve.ndigits) != 0) return 1; - return 0; + return 0; } -int sm2_make_prikey(u8 *prikey) +int +sm2_make_prikey(u8 *prikey) { - ecc_point pub[1]; - u64 pri[ECC_MAX_DIGITS]; - int i = 10; + ecc_point pub[1]; + u64 pri[ECC_MAX_DIGITS]; + int i = 10; - do { - vli_get_random((u8*)pri, ECC_NUMWORD); - if(vli_cmp(sm2_curve.n, pri, sm2_curve.ndigits) != 1) { - vli_sub(pri, pri, sm2_curve.n, sm2_curve.ndigits); - } + do { + vli_get_random((u8 *) pri, ECC_NUMWORD); + if (vli_cmp(sm2_curve.n, pri, sm2_curve.ndigits) != 1) { vli_sub(pri, pri, sm2_curve.n, sm2_curve.ndigits); } - /* The private key cannot be 0 (mod p). */ - if(!vli_is_zero(pri, sm2_curve.ndigits)) { - ecc_native2bytes(prikey, pri, sm2_curve.ndigits); - return 0; - } - } while(i--); + /* The private key cannot be 0 (mod p). */ + if (!vli_is_zero(pri, sm2_curve.ndigits)) { + ecc_native2bytes(prikey, pri, sm2_curve.ndigits); + return 0; + } + } while (i--); - return -1; + return -1; } -int sm2_make_pubkey(u8 *prikey, ecc_point *pubkey) +int +sm2_make_pubkey(u8 *prikey, ecc_point *pubkey) { - ecc_point pub[1]; - u64 pri[ECC_MAX_DIGITS]; + ecc_point pub[1]; + u64 pri[ECC_MAX_DIGITS]; - ecc_bytes2native(pri, prikey, sm2_curve.ndigits); - ecc_point_mult(&sm2_curve, pub, &sm2_curve.g, pri, NULL); - ecc_native2bytes(pubkey->x, pub->x, sm2_curve.ndigits); - ecc_native2bytes(pubkey->y, pub->y, sm2_curve.ndigits); + ecc_bytes2native(pri, prikey, sm2_curve.ndigits); + ecc_point_mult(&sm2_curve, pub, &sm2_curve.g, pri, NULL); + ecc_native2bytes(pubkey->x, pub->x, sm2_curve.ndigits); + ecc_native2bytes(pubkey->y, pub->y, sm2_curve.ndigits); - return 0; + return 0; } -int sm2_make_keypair(u8 *prikey, ecc_point *pubkey) +int +sm2_make_keypair(u8 *prikey, ecc_point *pubkey) { - sm2_make_prikey(prikey); - sm2_make_pubkey(prikey, pubkey); - return 0; + sm2_make_prikey(prikey); + sm2_make_pubkey(prikey, pubkey); + return 0; } -int sm2_point_mult(ecc_point *G, u8 *k, ecc_point *P) +int +sm2_point_mult(ecc_point *G, u8 *k, ecc_point *P) { - int rc = 0; + int rc = 0; - ecc_point G_[1]; - ecc_point P_[1]; - u64 k_[ECC_MAX_DIGITS]; + ecc_point G_[1]; + ecc_point P_[1]; + u64 k_[ECC_MAX_DIGITS]; - ecc_bytes2native(k_, k, sm2_curve.ndigits); - ecc_bytes2native(G_->x, G->x, sm2_curve.ndigits); - ecc_bytes2native(G_->y, G->y, sm2_curve.ndigits); + ecc_bytes2native(k_, k, sm2_curve.ndigits); + ecc_bytes2native(G_->x, G->x, sm2_curve.ndigits); + ecc_bytes2native(G_->y, G->y, sm2_curve.ndigits); - ecc_point_mult(&sm2_curve, P_, G_, k_, NULL); + ecc_point_mult(&sm2_curve, P_, G_, k_, NULL); - ecc_native2bytes(P->x, P_->x, sm2_curve.ndigits); - ecc_native2bytes(P->y, P_->y, sm2_curve.ndigits); + ecc_native2bytes(P->x, P_->x, sm2_curve.ndigits); + ecc_native2bytes(P->y, P_->y, sm2_curve.ndigits); - return rc; + return rc; } -int sm2_sign(u8 *r_, u8 *s_, u8 *prikey, u8 *hash_) +int +sm2_sign(u8 *r_, u8 *s_, u8 *prikey, u8 *hash_) { - u64 k[ECC_MAX_DIGITS]; - u64 one[ECC_MAX_DIGITS] = {1}; - u64 random[ECC_MAX_DIGITS]; - u64 pri[ECC_MAX_DIGITS]; - u64 hash[ECC_MAX_DIGITS]; - u64 r[ECC_MAX_DIGITS]; - u64 s[ECC_MAX_DIGITS]; + u64 k[ECC_MAX_DIGITS]; + u64 one[ECC_MAX_DIGITS] = {1}; + u64 random[ECC_MAX_DIGITS]; + u64 pri[ECC_MAX_DIGITS]; + u64 hash[ECC_MAX_DIGITS]; + u64 r[ECC_MAX_DIGITS]; + u64 s[ECC_MAX_DIGITS]; - ecc_point p; + ecc_point p; - ecc_bytes2native(pri, prikey, sm2_curve.ndigits); - ecc_bytes2native(hash, hash_, sm2_curve.ndigits); + ecc_bytes2native(pri, prikey, sm2_curve.ndigits); + ecc_bytes2native(hash, hash_, sm2_curve.ndigits); - vli_get_random((u8*)random, ECC_NUMWORD); - if (vli_is_zero(random, sm2_curve.ndigits)) { - /* The random number must not be 0. */ - return -1; - } + vli_get_random((u8 *) random, ECC_NUMWORD); + if (vli_is_zero(random, sm2_curve.ndigits)) { + /* The random number must not be 0. */ + return -1; + } - vli_set(k, random, sm2_curve.ndigits); - if (vli_cmp(sm2_curve.n, k, sm2_curve.ndigits) != 1) { - vli_sub(k, k, sm2_curve.n, sm2_curve.ndigits); - } + vli_set(k, random, sm2_curve.ndigits); + if (vli_cmp(sm2_curve.n, k, sm2_curve.ndigits) != 1) { vli_sub(k, k, sm2_curve.n, sm2_curve.ndigits); } - /* tmp = k * G */ - ecc_point_mult(&sm2_curve, &p, &sm2_curve.g, k, NULL); + /* tmp = k * G */ + ecc_point_mult(&sm2_curve, &p, &sm2_curve.g, k, NULL); - /* r = x1 + e (mod n) */ - vli_mod_add(r, p.x, hash, sm2_curve.n, sm2_curve.ndigits); - if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1) { - vli_sub(r, r, sm2_curve.n, sm2_curve.ndigits); - } + /* r = x1 + e (mod n) */ + vli_mod_add(r, p.x, hash, sm2_curve.n, sm2_curve.ndigits); + if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1) { vli_sub(r, r, sm2_curve.n, sm2_curve.ndigits); } - if (vli_is_zero(r, sm2_curve.ndigits)) { - /* If r == 0, fail (need a different random number). */ - return -1; - } + if (vli_is_zero(r, sm2_curve.ndigits)) { + /* If r == 0, fail (need a different random number). */ + return -1; + } - /* s = r*d */ - vli_mod_mult(s, r, pri, sm2_curve.n, sm2_curve.ndigits); - /* k-r*d */ - vli_mod_sub(s, k, s, sm2_curve.n, sm2_curve.ndigits); - /* 1+d */ - vli_mod_add(pri, pri, one, sm2_curve.n, sm2_curve.ndigits); - /* (1+d)' */ - vli_mod_inv(pri, pri, sm2_curve.n, sm2_curve.ndigits); - /* (1+d)'*(k-r*d) */ - vli_mod_mult(s, pri, s, sm2_curve.n, sm2_curve.ndigits); + /* s = r*d */ + vli_mod_mult(s, r, pri, sm2_curve.n, sm2_curve.ndigits); + /* k-r*d */ + vli_mod_sub(s, k, s, sm2_curve.n, sm2_curve.ndigits); + /* 1+d */ + vli_mod_add(pri, pri, one, sm2_curve.n, sm2_curve.ndigits); + /* (1+d)' */ + vli_mod_inv(pri, pri, sm2_curve.n, sm2_curve.ndigits); + /* (1+d)'*(k-r*d) */ + vli_mod_mult(s, pri, s, sm2_curve.n, sm2_curve.ndigits); - ecc_native2bytes(r_, r, sm2_curve.ndigits); - ecc_native2bytes(s_, s, sm2_curve.ndigits); + ecc_native2bytes(r_, r, sm2_curve.ndigits); + ecc_native2bytes(s_, s, sm2_curve.ndigits); - return 0; + return 0; } -static int sm2_verify(ecc_point *pubkey, u8 *hash_, u8 *r_, u8 *s_) +static int +sm2_verify(ecc_point *pubkey, u8 *hash_, u8 *r_, u8 *s_) { - ecc_point result; - ecc_point pub[1]; - u64 t[ECC_MAX_DIGITS]; - u64 r[ECC_MAX_DIGITS]; - u64 s[ECC_MAX_DIGITS]; - u64 hash[ECC_MAX_DIGITS]; + ecc_point result; + ecc_point pub[1]; + u64 t[ECC_MAX_DIGITS]; + u64 r[ECC_MAX_DIGITS]; + u64 s[ECC_MAX_DIGITS]; + u64 hash[ECC_MAX_DIGITS]; - ecc_bytes2native(pub->x, pubkey->x, sm2_curve.ndigits); - ecc_bytes2native(pub->y, pubkey->y, sm2_curve.ndigits); - ecc_bytes2native(r, r_, sm2_curve.ndigits); - ecc_bytes2native(s, s_, sm2_curve.ndigits); - ecc_bytes2native(hash, hash_, sm2_curve.ndigits); + ecc_bytes2native(pub->x, pubkey->x, sm2_curve.ndigits); + ecc_bytes2native(pub->y, pubkey->y, sm2_curve.ndigits); + ecc_bytes2native(r, r_, sm2_curve.ndigits); + ecc_bytes2native(s, s_, sm2_curve.ndigits); + ecc_bytes2native(hash, hash_, sm2_curve.ndigits); - if (vli_is_zero(r, sm2_curve.ndigits) || vli_is_zero(s, sm2_curve.ndigits)) { - /* r, s must not be 0. */ - return -1; - } + if (vli_is_zero(r, sm2_curve.ndigits) || vli_is_zero(s, sm2_curve.ndigits)) { + /* r, s must not be 0. */ + return -1; + } - if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1 - || vli_cmp(sm2_curve.n, s, sm2_curve.ndigits) != 1) { - /* r, s must be < n. */ - return -1; - } + if (vli_cmp(sm2_curve.n, r, sm2_curve.ndigits) != 1 || vli_cmp(sm2_curve.n, s, sm2_curve.ndigits) != 1) { + /* r, s must be < n. */ + return -1; + } - vli_mod_add(t, r, s, sm2_curve.n, sm2_curve.ndigits); // r + s - if (t == 0) - return -1; + vli_mod_add(t, r, s, sm2_curve.n, sm2_curve.ndigits);// r + s + if (t == 0) return -1; - ecc_point_mult2(&sm2_curve, &result, &sm2_curve.g, pub, s, t); + ecc_point_mult2(&sm2_curve, &result, &sm2_curve.g, pub, s, t); - /* v = x1 + e (mod n) */ - vli_mod_add(result.x, result.x, hash, sm2_curve.n, sm2_curve.ndigits); + /* v = x1 + e (mod n) */ + vli_mod_add(result.x, result.x, hash, sm2_curve.n, sm2_curve.ndigits); - if(vli_cmp(sm2_curve.n, result.x, sm2_curve.ndigits) != 1) { - vli_sub(result.x, result.x, sm2_curve.n, sm2_curve.ndigits); - } + if (vli_cmp(sm2_curve.n, result.x, sm2_curve.ndigits) != 1) { + vli_sub(result.x, result.x, sm2_curve.n, sm2_curve.ndigits); + } - /* Accept only if v == r. */ - return vli_cmp(result.x, r, sm2_curve.ndigits); + /* Accept only if v == r. */ + return vli_cmp(result.x, r, sm2_curve.ndigits); } -int sm2_shared_point(u8* selfPriKey, u8* selfTempPriKey, ecc_point* selfTempPubKey, - ecc_point *otherPubKey, ecc_point* otherTempPubKey, ecc_point *key) +int +sm2_shared_point(u8 *selfPriKey, + u8 *selfTempPriKey, + ecc_point *selfTempPubKey, + ecc_point *otherPubKey, + ecc_point *otherTempPubKey, + ecc_point *key) { - ecc_point selfTempPub; - ecc_point otherTempPub; - ecc_point otherPub; - ecc_point U[1]; + ecc_point selfTempPub; + ecc_point otherTempPub; + ecc_point otherPub; + ecc_point U[1]; - u64 selfTempPri[ECC_MAX_DIGITS]; - u64 selfPri[ECC_MAX_DIGITS]; - u64 temp1[ECC_MAX_DIGITS]; - u64 temp2[ECC_MAX_DIGITS]; - u64 tA[ECC_MAX_DIGITS]; + u64 selfTempPri[ECC_MAX_DIGITS]; + u64 selfPri[ECC_MAX_DIGITS]; + u64 temp1[ECC_MAX_DIGITS]; + u64 temp2[ECC_MAX_DIGITS]; + u64 tA[ECC_MAX_DIGITS]; - ecc_bytes2native(selfTempPri, selfTempPriKey, sm2_curve.ndigits); - ecc_bytes2native(selfPri, selfPriKey, sm2_curve.ndigits); - ecc_bytes2native(selfTempPub.x, selfTempPubKey->x, sm2_curve.ndigits); - ecc_bytes2native(selfTempPub.y, selfTempPubKey->y, sm2_curve.ndigits); - ecc_bytes2native(otherTempPub.x, otherTempPubKey->x, sm2_curve.ndigits); - ecc_bytes2native(otherTempPub.y, otherTempPubKey->y, sm2_curve.ndigits); - ecc_bytes2native(otherPub.x, otherPubKey->x, sm2_curve.ndigits); - ecc_bytes2native(otherPub.y, otherPubKey->y, sm2_curve.ndigits); + ecc_bytes2native(selfTempPri, selfTempPriKey, sm2_curve.ndigits); + ecc_bytes2native(selfPri, selfPriKey, sm2_curve.ndigits); + ecc_bytes2native(selfTempPub.x, selfTempPubKey->x, sm2_curve.ndigits); + ecc_bytes2native(selfTempPub.y, selfTempPubKey->y, sm2_curve.ndigits); + ecc_bytes2native(otherTempPub.x, otherTempPubKey->x, sm2_curve.ndigits); + ecc_bytes2native(otherTempPub.y, otherTempPubKey->y, sm2_curve.ndigits); + ecc_bytes2native(otherPub.x, otherPubKey->x, sm2_curve.ndigits); + ecc_bytes2native(otherPub.y, otherPubKey->y, sm2_curve.ndigits); - /***********x1_=2^w+x2 & (2^w-1)*************/ - sm2_w(temp1, selfTempPub.x); - /***********tA=(dA+x1_*rA)mod n *************/ - vli_mod_mult(temp1, selfTempPri, temp1, sm2_curve.n, sm2_curve.ndigits); - vli_mod_add(tA, selfPri, temp1, sm2_curve.n, sm2_curve.ndigits); - /***********x2_=2^w+x2 & (2^w-1)*************/ - if(sm2_valid_public_key(&otherTempPub) != 0) - return -1; - sm2_w(temp2, otherTempPub.x); - /**************U=[h*tA](PB+[x2_]RB)**********/ - /* U=[x2_]RB */ - ecc_point_mult(&sm2_curve, U, &otherTempPub, temp2, NULL); - /*U=PB+U*/ - ecc_point_add(&sm2_curve, U, &otherPub, U); - /*tA=tA*h */ - vli_mod_mult(tA, tA, sm2_curve.h, sm2_curve.n, sm2_curve.ndigits); - ecc_point_mult(&sm2_curve, U, U,tA, NULL); + /***********x1_=2^w+x2 & (2^w-1)*************/ + sm2_w(temp1, selfTempPub.x); + /***********tA=(dA+x1_*rA)mod n *************/ + vli_mod_mult(temp1, selfTempPri, temp1, sm2_curve.n, sm2_curve.ndigits); + vli_mod_add(tA, selfPri, temp1, sm2_curve.n, sm2_curve.ndigits); + /***********x2_=2^w+x2 & (2^w-1)*************/ + if (sm2_valid_public_key(&otherTempPub) != 0) return -1; + sm2_w(temp2, otherTempPub.x); + /**************U=[h*tA](PB+[x2_]RB)**********/ + /* U=[x2_]RB */ + ecc_point_mult(&sm2_curve, U, &otherTempPub, temp2, NULL); + /*U=PB+U*/ + ecc_point_add(&sm2_curve, U, &otherPub, U); + /*tA=tA*h */ + vli_mod_mult(tA, tA, sm2_curve.h, sm2_curve.n, sm2_curve.ndigits); + ecc_point_mult(&sm2_curve, U, U, tA, NULL); - ecc_native2bytes(key->x, U->x, sm2_curve.ndigits); - ecc_native2bytes(key->y, U->y, sm2_curve.ndigits); - return 0; + ecc_native2bytes(key->x, U->x, sm2_curve.ndigits); + ecc_native2bytes(key->y, U->y, sm2_curve.ndigits); + return 0; } -int sm2_shared_key(ecc_point *point, u8 *ZA, u8 *ZB, u32 keyLen, u8 *key) +int +sm2_shared_key(ecc_point *point, u8 *ZA, u8 *ZB, u32 keyLen, u8 *key) { - u8 Z[ECC_NUMWORD*4]; - memcpy(Z, point->x, ECC_NUMWORD); - memcpy(Z + ECC_NUMWORD, point->y, ECC_NUMWORD); - memcpy(Z + ECC_NUMWORD*2, ZA, ECC_NUMWORD); - memcpy(Z + ECC_NUMWORD*3, ZB, ECC_NUMWORD); - sm3_kdf(Z, ECC_NUMWORD*4, key, keyLen); - return 0; + u8 Z[ECC_NUMWORD * 4]; + memcpy(Z, point->x, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD, point->y, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 2, ZA, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 3, ZB, ECC_NUMWORD); + sm3_kdf(Z, ECC_NUMWORD * 4, key, keyLen); + return 0; } /****hash = Hash(Ux||ZA||ZB||x1||y1||x2||y2)****/ -int ECC_Key_ex_hash1(u8* x, ecc_point *RA, ecc_point* RB, u8 ZA[],u8 ZB[],u8 *hash) +int +ECC_Key_ex_hash1(u8 *x, ecc_point *RA, ecc_point *RB, u8 ZA[], u8 ZB[], u8 *hash) { - struct sm3_ctx md[1]; + struct sm3_ctx md[1]; - sm3_init(md); - sm3_update(md, x, ECC_NUMWORD); - sm3_update(md, ZA, ECC_NUMWORD); - sm3_update(md, ZB, ECC_NUMWORD); - sm3_update(md, (u8*)RA->x, ECC_NUMWORD); - sm3_update(md, (u8*)RA->y, ECC_NUMWORD); - sm3_update(md, (u8*)RB->x, ECC_NUMWORD); - sm3_update(md, (u8*)RB->y, ECC_NUMWORD); - sm3_final(md, (u8*)hash); + sm3_init(md); + sm3_update(md, x, ECC_NUMWORD); + sm3_update(md, ZA, ECC_NUMWORD); + sm3_update(md, ZB, ECC_NUMWORD); + sm3_update(md, (u8 *) RA->x, ECC_NUMWORD); + sm3_update(md, (u8 *) RA->y, ECC_NUMWORD); + sm3_update(md, (u8 *) RB->x, ECC_NUMWORD); + sm3_update(md, (u8 *) RB->y, ECC_NUMWORD); + sm3_final(md, (u8 *) hash); - return 0; + return 0; } /****SA = Hash(temp||Uy||Hash)****/ -int ECC_Key_ex_hash2(u8 temp, u8* y,u8 *hash, u8* SA) +int +ECC_Key_ex_hash2(u8 temp, u8 *y, u8 *hash, u8 *SA) { - struct sm3_ctx md[1]; + struct sm3_ctx md[1]; - sm3_init(md); - sm3_update(md, &temp,1); - sm3_update(md, y,ECC_NUMWORD); - sm3_update(md, hash,ECC_NUMWORD); - sm3_final(md, SA); + sm3_init(md); + sm3_update(md, &temp, 1); + sm3_update(md, y, ECC_NUMWORD); + sm3_update(md, hash, ECC_NUMWORD); + sm3_final(md, SA); - return 0; + return 0; } -int ECC_KeyEx_Init_I(u8 *pri, ecc_point *pub) +int +ECC_KeyEx_Init_I(u8 *pri, ecc_point *pub) { - return sm2_make_pubkey(pri, pub); + return sm2_make_pubkey(pri, pub); } -int ECC_KeyEx_Re_I(u8 *rb, u8 *dB, ecc_point *RA, ecc_point *PA, u8* ZA, u8 *ZB, u8 *K, u32 klen, ecc_point *RB, ecc_point *V, u8* SB) +int +ECC_KeyEx_Re_I(u8 *rb, + u8 *dB, + ecc_point *RA, + ecc_point *PA, + u8 *ZA, + u8 *ZB, + u8 *K, + u32 klen, + ecc_point *RB, + ecc_point *V, + u8 *SB) { - u8 Z[ECC_NUMWORD*2 + ECC_NUMBITS/4]={0}; - u8 hash[ECC_NUMWORD],S1[ECC_NUMWORD]; - u8 temp=0x02; + u8 Z[ECC_NUMWORD * 2 + ECC_NUMBITS / 4] = {0}; + u8 hash[ECC_NUMWORD], S1[ECC_NUMWORD]; + u8 temp = 0x02; - //--------B2: RB=[rb]G=(x2,y2)-------- - sm2_make_pubkey(rb, RB); - /********************************************/ - sm2_shared_point(dB, rb, RB, PA, RA, V); - //------------B7:KB=KDF(VX,VY,ZA,ZB,KLEN)---------- - memcpy(Z, V->x, ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD, (u8*)V->y, ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD*2, ZA,ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD*3, ZB,ECC_NUMWORD); - sm3_kdf(Z,ECC_NUMWORD*4, K, klen); - //---------------B8:(optional) SB=hash(0x02||Vy||HASH(Vx||ZA||ZB||x1||y1||x2||y2)------------- - ECC_Key_ex_hash1((u8*)V->x, RA, RB, ZA, ZB, hash); - ECC_Key_ex_hash2(temp, (u8*)V->y, hash, SB); + //--------B2: RB=[rb]G=(x2,y2)-------- + sm2_make_pubkey(rb, RB); + /********************************************/ + sm2_shared_point(dB, rb, RB, PA, RA, V); + //------------B7:KB=KDF(VX,VY,ZA,ZB,KLEN)---------- + memcpy(Z, V->x, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD, (u8 *) V->y, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 2, ZA, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 3, ZB, ECC_NUMWORD); + sm3_kdf(Z, ECC_NUMWORD * 4, K, klen); + //---------------B8:(optional) SB=hash(0x02||Vy||HASH(Vx||ZA||ZB||x1||y1||x2||y2)------------- + ECC_Key_ex_hash1((u8 *) V->x, RA, RB, ZA, ZB, hash); + ECC_Key_ex_hash2(temp, (u8 *) V->y, hash, SB); - return 0; + return 0; } -int ECC_KeyEx_Init_II(u8* ra, u8* dA, ecc_point* RA, ecc_point* RB, ecc_point* PB, u8 - ZA[],u8 ZB[],u8 SB[],u8 K[], u32 klen,u8 SA[]) +int +ECC_KeyEx_Init_II(u8 *ra, + u8 *dA, + ecc_point *RA, + ecc_point *RB, + ecc_point *PB, + u8 ZA[], + u8 ZB[], + u8 SB[], + u8 K[], + u32 klen, + u8 SA[]) { - u8 Z[ECC_NUMWORD*2 + ECC_NUMWORD*2]={0}; - u8 hash[ECC_NUMWORD],S1[ECC_NUMWORD]; - u8 temp[2]={0x02,0x03}; - ecc_point U[1]; + u8 Z[ECC_NUMWORD * 2 + ECC_NUMWORD * 2] = {0}; + u8 hash[ECC_NUMWORD], S1[ECC_NUMWORD]; + u8 temp[2] = {0x02, 0x03}; + ecc_point U[1]; - /********************************************/ - sm2_shared_point(dA, ra, RA, PB, RB, U); - /************KA=KDF(UX,UY,ZA,ZB,KLEN)**********/ - memcpy(Z, U->x,ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD, U->y,ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD*2,ZA,ECC_NUMWORD); - memcpy(Z+ECC_NUMWORD*2 +ECC_NUMWORD ,ZB,ECC_NUMWORD); - sm3_kdf(Z,ECC_NUMWORD*2+ECC_NUMWORD*2, K, klen); - /****S1 = Hash(0x02||Uy||Hash(Ux||ZA||ZB||x1||y1||x2||y2))****/ - ECC_Key_ex_hash1((u8*)U->x, RA, RB, ZA, ZB, hash); - ECC_Key_ex_hash2(temp[0], (u8*)U->y, hash, S1); - /*test S1=SB?*/ - if( memcmp(S1,SB,ECC_NUMWORD)!=0) - return -1; - /*SA = Hash(0x03||yU||Hash(xU||ZA||ZB||x1||y1||x2||y2)) */ - ECC_Key_ex_hash2(temp[1], (u8*)U->y, hash, SA); + /********************************************/ + sm2_shared_point(dA, ra, RA, PB, RB, U); + /************KA=KDF(UX,UY,ZA,ZB,KLEN)**********/ + memcpy(Z, U->x, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD, U->y, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 2, ZA, ECC_NUMWORD); + memcpy(Z + ECC_NUMWORD * 2 + ECC_NUMWORD, ZB, ECC_NUMWORD); + sm3_kdf(Z, ECC_NUMWORD * 2 + ECC_NUMWORD * 2, K, klen); + /****S1 = Hash(0x02||Uy||Hash(Ux||ZA||ZB||x1||y1||x2||y2))****/ + ECC_Key_ex_hash1((u8 *) U->x, RA, RB, ZA, ZB, hash); + ECC_Key_ex_hash2(temp[0], (u8 *) U->y, hash, S1); + /*test S1=SB?*/ + if (memcmp(S1, SB, ECC_NUMWORD) != 0) return -1; + /*SA = Hash(0x03||yU||Hash(xU||ZA||ZB||x1||y1||x2||y2)) */ + ECC_Key_ex_hash2(temp[1], (u8 *) U->y, hash, SA); - return 0; + return 0; } -int ECC_KeyEx_Re_II(ecc_point *V, ecc_point *RA, ecc_point *RB, u8 ZA[], u8 ZB[], u8 SA[]) +int +ECC_KeyEx_Re_II(ecc_point *V, ecc_point *RA, ecc_point *RB, u8 ZA[], u8 ZB[], u8 SA[]) { - u8 hash[ECC_NUMWORD]; - u8 S2[ECC_NUMWORD]; - u8 temp=0x03; + u8 hash[ECC_NUMWORD]; + u8 S2[ECC_NUMWORD]; + u8 temp = 0x03; - /*S2 = Hash(0x03||Vy||Hash(Vx||ZA||ZB||x1||y1||x2||y2))*/ - ECC_Key_ex_hash1((u8*)V->x, RA, RB, ZA, ZB, hash); - ECC_Key_ex_hash2(temp, (u8*)V->y, hash, S2); + /*S2 = Hash(0x03||Vy||Hash(Vx||ZA||ZB||x1||y1||x2||y2))*/ + ECC_Key_ex_hash1((u8 *) V->x, RA, RB, ZA, ZB, hash); + ECC_Key_ex_hash2(temp, (u8 *) V->y, hash, S2); - if( memcmp(S2,SA,ECC_NUMWORD)!=0) - return -1; + if (memcmp(S2, SA, ECC_NUMWORD) != 0) return -1; - return 0; + return 0; } -static int do_sm2_verify(char *pubkey, char *data_addr, int data_len, char *sign_addr) +static int +do_sm2_verify(char *pubkey, char *data_addr, int data_len, char *sign_addr) { - int ret = -1; - struct sm3_ctx sm3_ctx; - unsigned char ios_hash[32]; - u8 ios_Z[ECC_NUMWORD]; - ecc_point ios_pub; - unsigned char sign_data[64]; + int ret = -1; + struct sm3_ctx sm3_ctx; + unsigned char ios_hash[32]; + u8 ios_Z[ECC_NUMWORD]; + ecc_point ios_pub; + unsigned char sign_data[64]; - memcpy(&ios_pub, pubkey, 64); + memcpy(&ios_pub, pubkey, 64); - ret = sm3_init(&sm3_ctx); - sm3_z((u8 *)"1234567812345678", 16, &ios_pub, ios_Z); - sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); - sm3_update(&sm3_ctx, data_addr, data_len); - sm3_final(&sm3_ctx, ios_hash); - memcpy(sign_data, sign_addr, 64); + ret = sm3_init(&sm3_ctx); + sm3_z((u8 *) "1234567812345678", 16, &ios_pub, ios_Z); + sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); + sm3_update(&sm3_ctx, (const u8 *) data_addr, data_len); + sm3_final(&sm3_ctx, ios_hash); + memcpy(sign_data, sign_addr, 64); - ret = sm2_verify(pubkey, ios_hash, sign_data, sign_data + 32); - if (ret) - { - printf("verify err ret = %d\n", ret); - return -1; - } + ret = sm2_verify((ecc_point *) pubkey, ios_hash, sign_data, sign_data + 32); + if (ret) { + printf("verify err ret = %d\n", ret); + return -1; + } - return 0; + return 0; } -int do_sm2_sign(char *prikey, char *pubkey, char *data_addr, int data_len, char *sign_addr) +int +do_sm2_sign(char *prikey, char *pubkey, char *data_addr, int data_len, char *sign_addr) { - int ret = -1; - struct sm3_ctx sm3_ctx; - unsigned char ios_hash[32]; - u8 ios_Z[ECC_NUMWORD]; - ecc_point ios_pub; - unsigned char sign_data[64]; + int ret = -1; + struct sm3_ctx sm3_ctx; + unsigned char ios_hash[32]; + u8 ios_Z[ECC_NUMWORD]; + ecc_point ios_pub; + unsigned char sign_data[64]; - memcpy(&ios_pub, pubkey, 64); + memcpy(&ios_pub, pubkey, 64); - ret = sm3_init(&sm3_ctx); - sm3_z((u8 *)"1234567812345678", 16, &ios_pub, ios_Z); - sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); - sm3_update(&sm3_ctx, data_addr, data_len); - sm3_final(&sm3_ctx, ios_hash); - //hexdump("hash", ios_hash, 32); + ret = sm3_init(&sm3_ctx); + sm3_z((u8 *) "1234567812345678", 16, &ios_pub, ios_Z); + sm3_update(&sm3_ctx, ios_Z, ECC_NUMWORD); + sm3_update(&sm3_ctx, data_addr, data_len); + sm3_final(&sm3_ctx, ios_hash); + //hexdump("hash", ios_hash, 32); - ret = sm2_sign(sign_data, sign_data + 32, prikey, ios_hash); - if (ret) - { - printf("sign err ret = %d\n", ret); - return -1; - } - memcpy(sign_addr, sign_data, 64); + ret = sm2_sign(sign_data, sign_data + 32, prikey, ios_hash); + if (ret) { + printf("sign err ret = %d\n", ret); + return -1; + } + memcpy(sign_addr, sign_data, 64); - return 0; + return 0; } diff --git a/src/SVAC/src/sm2sm3_enc/svac_enc.c b/src/SVAC/src/sm2sm3_enc/svac_enc.c index 8214106..206d454 100644 --- a/src/SVAC/src/sm2sm3_enc/svac_enc.c +++ b/src/SVAC/src/sm2sm3_enc/svac_enc.c @@ -1,942 +1,900 @@ +#include +#include #include #include -#include -#include // #include "svac_enc.h" -#include "sm3.h" #include "sm2.h" +#include "sm3.h" #define PRINT_ERR printf #define PRINT_INFO printf -#define MAGIC_VALUE 0x12121111 +#define MAGIC_VALUE 0x12121111 -#define NALU_MAX_NUM 100 +#define NALU_MAX_NUM 100 -#define VKEK_CACHE_NUM 30 -#define HASH_CACHE_NUM 512 +#define VKEK_CACHE_NUM 30 +#define HASH_CACHE_NUM 512 -#define SM4_OFB 0 -#define SM1_OFB 1 -#define SM4_ECB 2 -#define SM3_HASH 3 -#define SM2_SIGN 4 +#define SM4_OFB 0 +#define SM1_OFB 1 +#define SM4_ECB 2 +#define SM3_HASH 3 +#define SM2_SIGN 4 /* svac2.0 p45 */ -#define SVAC_NO_IDR_SLICE 1 -#define SVAC_IDR_SLICE 2 -#define SVAC_NO_IDR_SLICE_EXT 3 -#define SVAC_IDR_SLICE_EXT 4 -#define SVAC_SUR_SLICE 5 -#define SVAC_SEI_SLICE 6 -#define SVAC_SPS_SLICE 7 -#define SVAC_PPS_SLICE 8 -#define SVAC_SEC_SLICE 9 -#define SVAC_AUTH_SLICE 10 +#define SVAC_NO_IDR_SLICE 1 +#define SVAC_IDR_SLICE 2 +#define SVAC_NO_IDR_SLICE_EXT 3 +#define SVAC_IDR_SLICE_EXT 4 +#define SVAC_SUR_SLICE 5 +#define SVAC_SEI_SLICE 6 +#define SVAC_SPS_SLICE 7 +#define SVAC_PPS_SLICE 8 +#define SVAC_SEC_SLICE 9 +#define SVAC_AUTH_SLICE 10 -struct nalu_data -{ - char *addr; - char *out_addr; - int len; - int out_len; - int encryption_idc; - int authentication_idc; - int type; - int need_add_racing_code; +struct nalu_data { + char *addr; + char *out_addr; + int len; + int out_len; + int encryption_idc; + int authentication_idc; + int type; + int need_add_racing_code; }; -struct vkek_info -{ - char vkek[16]; - char version[32]; +struct vkek_info { + char vkek[16]; + char version[32]; }; -struct sec_param -{ - /* ��ȫ���������� */ - int encrypt_flag; //�Ƿ���� - int encrypt_type; //�����㷨 - int auth_flag; //�Ƿ�ǩ�� - int auth_type; //ǩ���㷨 - int hash_type; //ɢ���㷨 - int vek_flag; //�Ƿ����evek - int vek_encrypt_type; //vek�����㷨 - char evek[32]; //evek - int vek_len; //vek���� - char vkek_version[128]; //vkek version - int version_len; //vkek version���� - int iv_flag; //�Ƿ����iv - char iv[32]; //iv - int iv_len; //iv���� - int only_IDR; // sign only for idr - int hash_period; // sign period frame +struct sec_param { + /* ��ȫ���������� */ + int encrypt_flag; //�Ƿ���� + int encrypt_type; //�����㷨 + int auth_flag; //�Ƿ�ǩ�� + int auth_type; //ǩ���㷨 + int hash_type; //ɢ���㷨 + int vek_flag; //�Ƿ����evek + int vek_encrypt_type; //vek�����㷨 + char evek[32]; //evek + int vek_len; //vek���� + char vkek_version[128];//vkek version + int version_len; //vkek version���� + int iv_flag; //�Ƿ����iv + char iv[32]; //iv + int iv_len; //iv���� + int only_IDR; // sign only for idr + int hash_period; // sign period frame }; -struct hash_cache -{ - /* һ��gop���256֡ */ - char hash[32]; - int frame_num; +struct hash_cache { + /* һ��gop���256֡ */ + char hash[32]; + int frame_num; }; -struct svac_handle -{ - int magic; +struct svac_handle { + int magic; - /* sm2 ��Կ */ - char sm2_pubkey[64]; - /* sm2 ��Կ�Ƿ����� */ - int sm_pubkey_flag; + /* sm2 ��Կ */ + char sm2_pubkey[64]; + /* sm2 ��Կ�Ƿ����� */ + int sm_pubkey_flag; - char sm2_prikey[32]; - int sm_prikey_flag; + char sm2_prikey[32]; + int sm_prikey_flag; + char vek[16]; + char iv[16]; - char vek[16]; - char iv[16]; + /* process tmp data */ + struct nalu_data nalu[NALU_MAX_NUM]; + int nalu_num; + int frame_num; - /* process tmp data */ - struct nalu_data nalu[NALU_MAX_NUM]; - int nalu_num; - int frame_num; + int sign_frame_num; + char sign[128]; + int sign_len; - int sign_frame_num; - char sign[128]; - int sign_len; + /* current frame is IDR frame */ + int idr_flag; + /* current frame ���� sec nalu */ + int sec_nalu_flag; + /* current frame ���� auth nalu */ + int auth_nalu_flag; - /* current frame is IDR frame */ - int idr_flag; - /* current frame ���� sec nalu */ - int sec_nalu_flag; - /* current frame ���� auth nalu */ - int auth_nalu_flag; + /* ��ǰʹ�õİ�ȫ���� */ + struct sec_param curr_param; + /* ���յ��İ�ȫ���� */ + struct sec_param new_param; + /* ��ȫ�������±�ʶ���µ�GOP��ʼ���� */ + int sec_param_update_flag; - /* ��ǰʹ�õİ�ȫ���� */ - struct sec_param curr_param; - /* ���յ��İ�ȫ���� */ - struct sec_param new_param; - /* ��ȫ�������±�ʶ���µ�GOP��ʼ���� */ - int sec_param_update_flag; + int vkek_start; + struct vkek_info vkek_list[VKEK_CACHE_NUM]; + int find_vkek_flag; - int vkek_start; - struct vkek_info vkek_list[VKEK_CACHE_NUM]; - int find_vkek_flag; + char idr_hash[32]; + struct hash_cache cache[HASH_CACHE_NUM]; + int cache_idx;// 0 ~ HASH_CACHE_NUM - 1 - char idr_hash[32]; - struct hash_cache cache[HASH_CACHE_NUM]; - int cache_idx; // 0 ~ HASH_CACHE_NUM - 1 - - char camera_id[64]; //����id - char camera_idc[19]; //֤��id + char camera_id[64]; //����id + char camera_idc[19];//֤��id }; -#define CHECK_HANDLE(h) \ - do \ - { \ - if (!h || h->magic != MAGIC_VALUE) \ - { \ - PRINT_ERR("handle is error!\n"); \ - return -1; \ - } \ - } while (0) +#define CHECK_HANDLE(h) \ + do { \ + if (!h || h->magic != MAGIC_VALUE) { \ + PRINT_ERR("handle is error!\n"); \ + return -1; \ + } \ + } while (0) -static unsigned int write_bits(unsigned char data, unsigned int write_len, unsigned char *addr, unsigned int offset) +void hexdump(char *title, const unsigned char *s, int l); +int do_sm2_sign(char *prikey, char *pubkey, char *data_addr, int data_len, char *sign_addr); +int do_base64_encode(unsigned char *dst, int *dlen, unsigned char *src, int slen); + +static unsigned int +write_bits(unsigned char data, unsigned int write_len, unsigned char *addr, unsigned int offset) { - unsigned int offset_in_bytes = offset & 7; - unsigned int offset_of_bytes = offset / 8; + unsigned int offset_in_bytes = offset & 7; + unsigned int offset_of_bytes = offset / 8; - /* if need write twice */ - if (offset_in_bytes && offset_in_bytes + write_len > 8) - { - unsigned int second_write_len = offset_in_bytes + write_len - 8; + /* if need write twice */ + if (offset_in_bytes && offset_in_bytes + write_len > 8) { + unsigned int second_write_len = offset_in_bytes + write_len - 8; - /* clean the bits which will been writen */ - addr[offset_of_bytes] &= ~((1 << (8 - offset_in_bytes)) - 1); - /* write the first byte */ - addr[offset_of_bytes] |= (data & ((1 << write_len) - 1)) >> second_write_len; - /* write the second byte */ - addr[offset_of_bytes + 1] &= ((1 << (8 - second_write_len)) - 1); - addr[offset_of_bytes + 1] |= (data & ((1 << second_write_len) - 1)) << (8 - second_write_len); - } - else - { - data &= ((1 << write_len) - 1); - addr[offset_of_bytes] &= ~(((1 << write_len) - 1) << (8 - write_len - offset_in_bytes)); - addr[offset_of_bytes] |= data << (8 - write_len - offset_in_bytes); - } + /* clean the bits which will been writen */ + addr[offset_of_bytes] &= ~((1 << (8 - offset_in_bytes)) - 1); + /* write the first byte */ + addr[offset_of_bytes] |= (data & ((1 << write_len) - 1)) >> second_write_len; + /* write the second byte */ + addr[offset_of_bytes + 1] &= ((1 << (8 - second_write_len)) - 1); + addr[offset_of_bytes + 1] |= (data & ((1 << second_write_len) - 1)) << (8 - second_write_len); + } else { + data &= ((1 << write_len) - 1); + addr[offset_of_bytes] &= ~(((1 << write_len) - 1) << (8 - write_len - offset_in_bytes)); + addr[offset_of_bytes] |= data << (8 - write_len - offset_in_bytes); + } - return offset + write_len; + return offset + write_len; } -static unsigned int write_long_data_bits(unsigned int data, unsigned int write_len, unsigned char *addr, unsigned int offset) +static unsigned int +write_long_data_bits(unsigned int data, unsigned int write_len, unsigned char *addr, unsigned int offset) { - unsigned int ret_offset = 0; + unsigned int ret_offset = 0; - if (write_len <= 8) - ret_offset = write_bits((unsigned char)data, write_len, addr, offset); - else - { - int i; - int loop; - unsigned int first_write_len = write_len & 7; + if (write_len <= 8) + ret_offset = write_bits((unsigned char) data, write_len, addr, offset); + else { + int i; + int loop; + unsigned int first_write_len = write_len & 7; - /* ����һ�ֽڵĵ�first_write_len����*/ - if (first_write_len) - offset = write_bits((unsigned char)((data >> (write_len - first_write_len)) & ((1 <> (write_len - first_write_len)) & ((1 << first_write_len) - 1)), + first_write_len, addr, offset); - loop = (write_len - first_write_len) / 8; - ret_offset = offset; + loop = (write_len - first_write_len) / 8; + ret_offset = offset; - for (i = 0; i < loop; i++) - ret_offset = write_bits((unsigned char)((data >> ((loop - i - 1) * 8)) & 0xff), 8, addr, ret_offset); - } + for (i = 0; i < loop; i++) + ret_offset = write_bits((unsigned char) ((data >> ((loop - i - 1) * 8)) & 0xff), 8, addr, ret_offset); + } - return ret_offset; + return ret_offset; } -static unsigned int write_string_bits(unsigned char *p, unsigned int write_len, unsigned char *addr, unsigned int offset) +static unsigned int +write_string_bits(unsigned char *p, unsigned int write_len, unsigned char *addr, unsigned int offset) { - int i = 0; - unsigned int len = 0; + int i = 0; + unsigned int len = 0; - while (len < write_len) - { - if (write_len - len > 8) - { - offset = write_bits(p[i], 8, addr, offset); - len += 8; - } - else - { - offset = write_bits(p[i], write_len - len, addr, offset); - len += write_len - len; - } + while (len < write_len) { + if (write_len - len > 8) { + offset = write_bits(p[i], 8, addr, offset); + len += 8; + } else { + offset = write_bits(p[i], write_len - len, addr, offset); + len += write_len - len; + } - i++; - } + i++; + } - return offset; + return offset; } - /* if find a nal, return the next address; if it's the end, return NULL */ -static char *findNal(char *buf, int *frame_len, char **nal_start, int *nal_len) +static char * +findNal(char *buf, int *frame_len, char **nal_start, int *nal_len) { - int i; - char *start = NULL; - int len = 0; + int i; + char *start = NULL; + int len = 0; - *nal_start = NULL; - *nal_len = 0; + *nal_start = NULL; + *nal_len = 0; - /* parsing each NALU */ - for (i = 0; i < (int)(*frame_len - 3);i++) - { - if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) - { - /* not the first loop */ - if (start) - { - len = buf + i - start; - *nal_start = start; - *nal_len = len; - *frame_len -= i; - return buf + i; - } - start = buf + i; - } - } + /* parsing each NALU */ + for (i = 0; i < (int) (*frame_len - 3); i++) { + if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) { + /* not the first loop */ + if (start) { + len = buf + i - start; + *nal_start = start; + *nal_len = len; + *frame_len -= i; + return buf + i; + } + start = buf + i; + } + } - if (start) - len = buf + *frame_len - start; + if (start) len = buf + *frame_len - start; - *nal_start = start; - *nal_len = len; - *frame_len = 0; + *nal_start = start; + *nal_len = len; + *frame_len = 0; - return NULL; + return NULL; } -static int svac_parse_nalu(struct svac_handle *h, char *frame_data, int frame_len) +static int +svac_parse_nalu(struct svac_handle *h, char *frame_data, int frame_len) { - char *ptr, *start = NULL; - int nal_len, frame_len_left = frame_len; + char *ptr, *start = NULL; + int nal_len, frame_len_left = frame_len; - ptr = frame_data; + ptr = frame_data; - do - { - start = NULL; - nal_len = 0; - ptr = findNal(ptr, &frame_len_left, &start, &nal_len); - if (start) - { - memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data)); + do { + start = NULL; + nal_len = 0; + ptr = findNal(ptr, &frame_len_left, &start, &nal_len); + if (start) { + memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data)); - h->nalu[h->nalu_num].addr = start; - h->nalu[h->nalu_num].len = nal_len; - h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0; //svac2.0 p21 - h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21 - h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21 + h->nalu[h->nalu_num].addr = start; + h->nalu[h->nalu_num].len = nal_len; + h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0;//svac2.0 p21 + h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21 + h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21 - if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type) - h->idr_flag = 1; - else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type) - h->sec_nalu_flag = 1; - else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type) - h->auth_nalu_flag = 1; - else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) - { - /* pps�ĵ�һ���ֽ���֡�� svac2.0 p23 */ - h->frame_num = (unsigned char)start[5]; - //PRINT_INFO("frame %d\n", h->frame_num); - } + if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type) + h->idr_flag = 1; + else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type) + h->sec_nalu_flag = 1; + else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type) + h->auth_nalu_flag = 1; + else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) { + /* pps�ĵ�һ���ֽ���֡�� svac2.0 p23 */ + h->frame_num = (unsigned char) start[5]; + //PRINT_INFO("frame %d\n", h->frame_num); + } - //printf("nalu %d len %d type %d auth_idc %d enc_idc %d\n", h->nalu_num, nal_len, h->nalu[h->nalu_num].type, h->nalu[h->nalu_num].authentication_idc, h->nalu[h->nalu_num].encryption_idc); + //printf("nalu %d len %d type %d auth_idc %d enc_idc %d\n", h->nalu_num, nal_len, h->nalu[h->nalu_num].type, h->nalu[h->nalu_num].authentication_idc, h->nalu[h->nalu_num].encryption_idc); - h->nalu_num++; - } - } while (frame_len_left); + h->nalu_num++; + } + } while (frame_len_left); - return 0; + return 0; } /* ���� svac �ľ����� */ -static int do_add_racing_Code(char *ptr, int *len, int offset) +static int +do_add_racing_Code(char *ptr, int *len, int offset) { - int i, find = 0, start = offset; - unsigned int inlen = *len; + int i, find = 0, start = offset; + unsigned int inlen = *len; - for (i = start; i < inlen - 2; i++) - { - if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) - { - find = 1; - break; - } - } + for (i = start; i < inlen - 2; i++) { + if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) { + find = 1; + break; + } + } - if (find) - { - unsigned int code_num = 0, zero_count = 0; - char *tmp = (char *)malloc(*len + 4096*5); + if (find) { + unsigned int code_num = 0, zero_count = 0; + char *tmp = (char *) malloc(*len + 4096 * 5); - memcpy(tmp, ptr, start); + memcpy(tmp, ptr, start); - for (i = start; i < inlen; i++) - { - if (zero_count == 2 && !(ptr[i] & 0xfc)) - { - tmp[i + code_num] = 3; - code_num++; - i--; - zero_count = 0; - continue; - } + for (i = start; i < inlen; i++) { + if (zero_count == 2 && !(ptr[i] & 0xfc)) { + tmp[i + code_num] = 3; + code_num++; + i--; + zero_count = 0; + continue; + } - if (ptr[i] == 0) - zero_count++; - else - zero_count = 0; - tmp[i + code_num] = ptr[i]; - } + if (ptr[i] == 0) + zero_count++; + else + zero_count = 0; + tmp[i + code_num] = ptr[i]; + } - memcpy(ptr, tmp, inlen + code_num); - *len = inlen + code_num; - //PRINT_INFO("code_num %d\n", code_num); - free(tmp); - } + memcpy(ptr, tmp, inlen + code_num); + *len = inlen + code_num; + //PRINT_INFO("code_num %d\n", code_num); + free(tmp); + } - return find; + return find; } - /* ȥ�� svac �ľ����� */ -static int do_remove_racing_code(char *ptr, int *len, int offset) +static int +do_remove_racing_code(char *ptr, int *len, int offset) { - int i, find = 0, start; - unsigned int inlen; + int i, find = 0, start; + unsigned int inlen; - inlen = *len; - start = offset; + inlen = *len; + start = offset; - for (i = start; i < inlen - 2; i++) - { - if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) - { - find = 1; - break; - } - } + for (i = start; i < inlen - 2; i++) { + if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) { + find = 1; + break; + } + } - if (find) - { - unsigned int code_num = 0, zero_count = 0; + if (find) { + unsigned int code_num = 0, zero_count = 0; - for (i = start; i < inlen; i++) - { - if (zero_count == 2 && ptr[i] == 3) - { - code_num++; - zero_count = 0; - continue; - } + for (i = start; i < inlen; i++) { + if (zero_count == 2 && ptr[i] == 3) { + code_num++; + zero_count = 0; + continue; + } - if (ptr[i] == 0) - zero_count++; - else - zero_count = 0; - ptr[i - code_num] = ptr[i]; - } - *len = inlen - code_num; - } + if (ptr[i] == 0) + zero_count++; + else + zero_count = 0; + ptr[i - code_num] = ptr[i]; + } + *len = inlen - code_num; + } - return find; + return find; } -static int enc_vek(struct svac_handle *h) -{ - do_sm4_ecb_encrypt(h->vek, h->curr_param.evek, h->vkek_list[0].vkek); - h->curr_param.vek_len = 16; +void do_sm4_ecb_encrypt(const char *in_buff, char *out_buff, const char *key); - return 0; +static int +enc_vek(struct svac_handle *h) +{ + do_sm4_ecb_encrypt(h->vek, h->curr_param.evek, h->vkek_list[0].vkek); + h->curr_param.vek_len = 16; + + return 0; } -static int calc_nalu_hash(struct svac_handle *h) +static int +calc_nalu_hash(struct svac_handle *h) { - int i; - struct sm3_ctx ctx; - char hash[32]; - struct hash_cache *cache; + int i; + struct sm3_ctx ctx; + char hash[32]; + struct hash_cache *cache; - if (!h->curr_param.auth_flag) - return 0; + if (!h->curr_param.auth_flag) return 0; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].authentication_idc) - break; - } + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].authentication_idc) break; + } - /* û��ǩ����nalu */ - if (i >= h->nalu_num) - return 0; + /* û��ǩ����nalu */ + if (i >= h->nalu_num) return 0; - memset(hash, 0, sizeof(hash)); - sm3_init(&ctx); + memset(hash, 0, sizeof(hash)); + sm3_init(&ctx); - for (i = 0; i < h->nalu_num; i++) - { - if (!h->nalu[i].authentication_idc) - continue; + for (i = 0; i < h->nalu_num; i++) { + if (!h->nalu[i].authentication_idc) continue; - sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4); - //printf("calc_nalu_hash nalu %d len %d\n", i, h->nalu[i].len - 4); - } + sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4); + //printf("calc_nalu_hash nalu %d len %d\n", i, h->nalu[i].len - 4); + } - sm3_final(&ctx, hash); + sm3_final(&ctx, hash); - if (!h->frame_num) - memcpy(h->idr_hash, hash, 32); + if (!h->frame_num) memcpy(h->idr_hash, hash, 32); - cache = &h->cache[h->cache_idx]; - memcpy(cache->hash, hash, 32); - cache->frame_num = h->frame_num; - h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM; + cache = &h->cache[h->cache_idx]; + memcpy(cache->hash, hash, 32); + cache->frame_num = h->frame_num; + h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM; - return 0; + return 0; } void do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv); -static int do_dec_and_copy(int encrypt_type, const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv) +static int +do_dec_and_copy(int encrypt_type, + const char *in_buff, + int in_len, + char *out_buff, + int *out_len, + const char *key, + const char *iv) { - if (encrypt_type == SM4_OFB) - { - do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv); - } - else if (encrypt_type == SM1_OFB) - { - PRINT_ERR("unsupport SM1 now!\n"); - return -1; - } + if (encrypt_type == SM4_OFB) { + do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv); + } else if (encrypt_type == SM1_OFB) { + PRINT_ERR("unsupport SM1 now!\n"); + return -1; + } - return 0; + return 0; } -static int make_bypass_frame(struct svac_handle *h, char *out_buff, int *out_len) +static int +make_bypass_frame(struct svac_handle *h, char *out_buff, int *out_len) { - int i; + int i; - *out_len = 0; + *out_len = 0; - for (i = 0; i < h->nalu_num; i++) - { - if (h->nalu[i].type == SVAC_SEC_SLICE) - continue; - memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len); - *out_len += h->nalu[i].len; - } + for (i = 0; i < h->nalu_num; i++) { + if (h->nalu[i].type == SVAC_SEC_SLICE) continue; + memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len); + *out_len += h->nalu[i].len; + } - return 0; + return 0; } -static int update_new_enc_param(struct svac_handle *h) +static int +update_new_enc_param(struct svac_handle *h) { - memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param)); - //printf("h->new_param.enc %d\n", h->new_param.encrypt_flag); - h->sec_param_update_flag = 0; + memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param)); + //printf("h->new_param.enc %d\n", h->new_param.encrypt_flag); + h->sec_param_update_flag = 0; - if (h->curr_param.encrypt_flag) - { - char vek[16]; - char iv[16]; + if (h->curr_param.encrypt_flag) { + char vek[16]; + char iv[16]; - vli_get_random(vek, 16); - vli_get_random(iv, 16); + vli_get_random(vek, 16); + vli_get_random(iv, 16); - memcpy(h->vek, vek, 16); - memcpy(h->iv, iv, 16); - enc_vek(h); - } + memcpy(h->vek, vek, 16); + memcpy(h->iv, iv, 16); + enc_vek(h); + } - return 0; + return 0; } -void *SvacEncCreate(void) +void * +SvacEncCreate(void) { - int i; - struct svac_handle *h; + int i; + struct svac_handle *h; - h = (struct svac_handle *)malloc(sizeof(struct svac_handle)); - if (!h) - return NULL; + h = (struct svac_handle *) malloc(sizeof(struct svac_handle)); + if (!h) return NULL; - memset(h, 0, sizeof(struct svac_handle)); - h->magic = MAGIC_VALUE; + memset(h, 0, sizeof(struct svac_handle)); + h->magic = MAGIC_VALUE; - for (i = 0; i < HASH_CACHE_NUM; i++) - h->cache[i].frame_num = -1; + for (i = 0; i < HASH_CACHE_NUM; i++) h->cache[i].frame_num = -1; - return (void *)h; + return (void *) h; } -int SvacEncSetVkek(void *handle, char *vkek, char *version, int verion_len) +int +SvacEncSetVkek(void *handle, char *vkek, char *version, int verion_len) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!vkek || !version) - return -1; + if (!vkek || !version) return -1; - memcpy(h->vkek_list[0].vkek, vkek, 16); - memset(h->vkek_list[0].version, 0, sizeof(h->vkek_list[0].version)); - memcpy(h->vkek_list[0].version, version, verion_len); - h->find_vkek_flag = 1; + memcpy(h->vkek_list[0].vkek, vkek, 16); + memset(h->vkek_list[0].version, 0, sizeof(h->vkek_list[0].version)); + memcpy(h->vkek_list[0].version, version, verion_len); + h->find_vkek_flag = 1; - return 0; + return 0; } -int SvacEncSetKeyPair(void *handle, char *sm2_prikey, char *sm2_pubkey) +int +SvacEncSetKeyPair(void *handle, char *sm2_prikey, char *sm2_pubkey) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!sm2_prikey || !sm2_pubkey) - return -1; + if (!sm2_prikey || !sm2_pubkey) return -1; - hexdump("sm2_prikey", sm2_prikey, 32); - hexdump("sm2_pubkey", sm2_pubkey, 64); + hexdump("sm2_prikey", sm2_prikey, 32); + hexdump("sm2_pubkey", sm2_pubkey, 64); - memcpy(h->sm2_prikey, sm2_prikey, 32); - memcpy(h->sm2_pubkey, sm2_pubkey, 64); - h->sm_prikey_flag = 1; + memcpy(h->sm2_prikey, sm2_prikey, 32); + memcpy(h->sm2_pubkey, sm2_pubkey, 64); + h->sm_prikey_flag = 1; - return 0; + return 0; } -int SvacEncSetIpcId(void *handle, char *id) +int +SvacEncSetIpcId(void *handle, char *id) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - memset(h->camera_id, 0, sizeof(h->camera_id)); - memcpy(h->camera_id, id, strlen(id)); - + memset(h->camera_id, 0, sizeof(h->camera_id)); + memcpy(h->camera_id, id, strlen(id)); - return 0; + return 0; } -int SvacEncSetCertId(void *handle, char *cert_id) +int +SvacEncSetCertId(void *handle, char *cert_id) { - struct svac_handle *h = (struct svac_handle *)handle; - int serial_len = 0; + struct svac_handle *h = (struct svac_handle *) handle; + int serial_len = 0; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!cert_id) - return -1; + if (!cert_id) return -1; - serial_len = strlen(cert_id); - if (serial_len > 19) - serial_len = 19; + serial_len = strlen(cert_id); + if (serial_len > 19) serial_len = 19; - memset(h->camera_idc, 0, sizeof(h->camera_idc)); - memcpy(h->camera_idc + 19 - serial_len, cert_id, serial_len); - + memset(h->camera_idc, 0, sizeof(h->camera_idc)); + memcpy(h->camera_idc + 19 - serial_len, cert_id, serial_len); - return 0; + return 0; } -int SvacEncSetLevel(void *handle, char level) +int +SvacEncSetLevel(void *handle, char level) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - h->new_param.encrypt_flag = 0; - h->new_param.encrypt_type = SM4_OFB; - h->new_param.auth_flag = 0; - h->new_param.auth_type = SM2_SIGN; - h->new_param.hash_type = SM3_HASH; - h->new_param.only_IDR = 1; - h->new_param.hash_period = 0; + h->new_param.encrypt_flag = 0; + h->new_param.encrypt_type = SM4_OFB; + h->new_param.auth_flag = 0; + h->new_param.auth_type = SM2_SIGN; + h->new_param.hash_type = SM3_HASH; + h->new_param.only_IDR = 1; + h->new_param.hash_period = 0; - if (level == 'b' || level == 'B') - { - h->new_param.auth_flag = 1; - } - else if (level == 'c' || level == 'C') - { - h->new_param.encrypt_flag = 1; - h->new_param.auth_flag = 1; - } + if (level == 'b' || level == 'B') { + h->new_param.auth_flag = 1; + } else if (level == 'c' || level == 'C') { + h->new_param.encrypt_flag = 1; + h->new_param.auth_flag = 1; + } - h->sec_param_update_flag = 1; + h->sec_param_update_flag = 1; - return 0; + return 0; } -static int write_security_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len) +static int +write_security_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len) { - unsigned int offset = 0; - unsigned int l = *len; + unsigned int offset = 0; + unsigned int l = *len; - /* write encryption_flag */ - offset = write_bits(h->curr_param.encrypt_flag, 1, ptr + l, offset); - /* write authentication_flag */ - offset = write_bits(h->curr_param.auth_flag, 1, ptr + l, offset); + /* write encryption_flag */ + offset = write_bits(h->curr_param.encrypt_flag, 1, ptr + l, offset); + /* write authentication_flag */ + offset = write_bits(h->curr_param.auth_flag, 1, ptr + l, offset); - if (h->curr_param.encrypt_flag) - { - unsigned char tmp; + if (h->curr_param.encrypt_flag) { + unsigned char tmp; - /* write encryption_type */ - if (h->curr_param.encrypt_type == SM1_OFB) - tmp = 0; - else - tmp = 1; + /* write encryption_type */ + if (h->curr_param.encrypt_type == SM1_OFB) + tmp = 0; + else + tmp = 1; - offset = write_bits(tmp, 4, ptr + l, offset); - /* write vek_flag */ - offset = write_bits(1, 1, ptr + l, offset); - /* write iv_flag */ - offset = write_bits(1, 1, ptr + l, offset); + offset = write_bits(tmp, 4, ptr + l, offset); + /* write vek_flag */ + offset = write_bits(1, 1, ptr + l, offset); + /* write iv_flag */ + offset = write_bits(1, 1, ptr + l, offset); - if (1) - { - /* write vek_encryption_type */ - tmp = 1; - offset = write_bits(tmp, 4, ptr + l, offset); - /* write evek_length_minus1 */ - offset = write_bits(h->curr_param.vek_len - 1, 8, ptr + l, offset); - /* write evek */ - offset = write_string_bits(h->curr_param.evek, h->curr_param.vek_len * 8, ptr + l, offset); - /* write vkek_verion_length_minus1 */ - offset = write_bits(strlen(h->vkek_list[0].version) - 1, 8, ptr + l, offset); - /* write vkek_version */ - offset = write_string_bits(h->vkek_list[0].version, strlen(h->vkek_list[0].version) * 8, ptr + l, offset); - } + if (1) { + /* write vek_encryption_type */ + tmp = 1; + offset = write_bits(tmp, 4, ptr + l, offset); + /* write evek_length_minus1 */ + offset = write_bits(h->curr_param.vek_len - 1, 8, ptr + l, offset); + /* write evek */ + offset = write_string_bits(h->curr_param.evek, h->curr_param.vek_len * 8, ptr + l, offset); + /* write vkek_verion_length_minus1 */ + offset = write_bits(strlen(h->vkek_list[0].version) - 1, 8, ptr + l, offset); + /* write vkek_version */ + offset = write_string_bits(h->vkek_list[0].version, strlen(h->vkek_list[0].version) * 8, ptr + l, offset); + } - if (1) - { - /* write iv_length_minus1 */ - offset = write_bits(16 - 1, 8, ptr + l, offset); - /* write iv */ - offset = write_string_bits(h->iv, 16 * 8, ptr + l, offset); - } - } + if (1) { + /* write iv_length_minus1 */ + offset = write_bits(16 - 1, 8, ptr + l, offset); + /* write iv */ + offset = write_string_bits(h->iv, 16 * 8, ptr + l, offset); + } + } - if (h->curr_param.auth_flag) - { - offset = write_bits(0, 2, ptr + l, offset); - offset = write_bits(h->curr_param.only_IDR, 1, ptr + l, offset); - offset = write_bits(0, 2, ptr + l, offset); - offset = write_bits(h->curr_param.hash_period - 1, 8, ptr + l, offset); - offset = write_string_bits(h->camera_idc, 152, ptr + l, offset); - } + if (h->curr_param.auth_flag) { + offset = write_bits(0, 2, ptr + l, offset); + offset = write_bits(h->curr_param.only_IDR, 1, ptr + l, offset); + offset = write_bits(0, 2, ptr + l, offset); + offset = write_bits(h->curr_param.hash_period - 1, 8, ptr + l, offset); + offset = write_string_bits(h->camera_idc, 152, ptr + l, offset); + } - if (h->curr_param.encrypt_flag || h->curr_param.auth_flag) - offset = write_string_bits(h->camera_id, 160, ptr + l, offset); + if (h->curr_param.encrypt_flag || h->curr_param.auth_flag) + offset = write_string_bits(h->camera_id, 160, ptr + l, offset); - offset = write_bits(1, 1, ptr + l, offset); - if (offset & 7) - offset = write_bits(0, 8 - (offset & 7), ptr + l, offset); + offset = write_bits(1, 1, ptr + l, offset); + if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset); - assert(!(offset & 7)); - l += offset / 8; + assert(!(offset & 7)); + l += offset / 8; - *len = l; + *len = l; - return 0; + return 0; } -static int create_security_nalu(struct svac_handle *h, char *ptr, int *len) +static int +create_security_nalu(struct svac_handle *h, char *ptr, int *len) { - unsigned int save_len = 0; - unsigned int l = *len; + unsigned int save_len = 0; + unsigned int l = *len; - ptr[l] = 0x00; - l++; - ptr[l] = 0x00; - l++; - ptr[l] = 0x00; - l++; - ptr[l] = 0x01; - l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x01; + l++; - ptr[l] = SVAC_SEC_SLICE << 2 | 0xc0; - l++; - write_security_nalu_data(h, ptr, &l); - *len = l; + ptr[l] = SVAC_SEC_SLICE << 2 | 0xc0; + l++; + write_security_nalu_data(h, ptr, &l); + *len = l; - do_add_racing_Code(ptr, &l, save_len + 4 + 1); - *len = l; + do_add_racing_Code(ptr, &l, save_len + 4 + 1); + *len = l; - return 0; + return 0; } -static int write_auth_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len) +static int +write_auth_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len) { - unsigned int offset = 0; - unsigned int l = *len; - int i; + unsigned int offset = 0; + unsigned int l = *len; + int i; - /* write frame_num */ - offset = write_bits(h->sign_frame_num, 8, ptr + l, offset); - /* write authentication_data_length_minus1 */ - offset = write_bits((unsigned int)(h->sign_len - 1), 8, ptr + l, offset); - /* write authentication_data */ - for (i = 0; i < (int)h->sign_len; i++) - offset = write_bits(h->sign[i], 8, ptr + l, offset); + /* write frame_num */ + offset = write_bits(h->sign_frame_num, 8, ptr + l, offset); + /* write authentication_data_length_minus1 */ + offset = write_bits((unsigned int) (h->sign_len - 1), 8, ptr + l, offset); + /* write authentication_data */ + for (i = 0; i < (int) h->sign_len; i++) offset = write_bits(h->sign[i], 8, ptr + l, offset); - /* write rbsp_trailing_bits() */ - offset = write_bits(1, 1, ptr + l, offset); - if (offset & 7) - offset = write_bits(0, 8 - (offset & 7), ptr + l, offset); + /* write rbsp_trailing_bits() */ + offset = write_bits(1, 1, ptr + l, offset); + if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset); - l += offset / 8; - *len = l; + l += offset / 8; + *len = l; - return 0; + return 0; } -static int create_auth_nalu(struct svac_handle *h, char *ptr, int *len) +static int +create_auth_nalu(struct svac_handle *h, char *ptr, int *len) { - unsigned int save_len; - unsigned int l = *len; + unsigned int save_len; + unsigned int l = *len; - save_len = l; - //printf("======= %s ==========\n", __FUNCTION__); + save_len = l; + //printf("======= %s ==========\n", __FUNCTION__); - ptr[l] = 0x00; - l++; - ptr[l] = 0x00; - l++; - ptr[l] = 0x00; - l++; - ptr[l] = 0x01; - l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x00; + l++; + ptr[l] = 0x01; + l++; - ptr[l] = SVAC_AUTH_SLICE << 2 | 0xc0; - l++; - write_auth_nalu_data(h, ptr, &l); - *len = l; + ptr[l] = SVAC_AUTH_SLICE << 2 | 0xc0; + l++; + write_auth_nalu_data(h, ptr, &l); + *len = l; - do_add_racing_Code(ptr, &l, save_len + 4 + 1); - *len = l; + do_add_racing_Code(ptr, &l, save_len + 4 + 1); + *len = l; - return 0; + return 0; } -static int make_enc_frame(struct svac_handle *h, char *out_buff, int *out_data_len) +static int +make_enc_frame(struct svac_handle *h, char *out_buff, int *out_data_len) { - int i; - int out_offset = 0; - int out_nalu_len; - int ret; + int i; + int out_offset = 0; + int out_nalu_len; + int ret; - *out_data_len = 0; + *out_data_len = 0; - if (h->idr_flag) - { - create_security_nalu(h, out_buff, &out_offset); - } + if (h->idr_flag) { create_security_nalu(h, out_buff, &out_offset); } - for (i = 0; i < h->nalu_num; i++) - { - if (((h->nalu[i].type != SVAC_IDR_SLICE) && (h->nalu[i].type != SVAC_NO_IDR_SLICE)) || \ - (!h->curr_param.encrypt_flag)) - { - memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len); - h->nalu[i].out_addr = out_buff + out_offset; + for (i = 0; i < h->nalu_num; i++) { + if (((h->nalu[i].type != SVAC_IDR_SLICE) && (h->nalu[i].type != SVAC_NO_IDR_SLICE)) + || (!h->curr_param.encrypt_flag)) { + memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len); + h->nalu[i].out_addr = out_buff + out_offset; - //out_buff[out_offset + 4] &= 0xfc; - out_nalu_len = h->nalu[i].len; - if (h->nalu[i].need_add_racing_code) - do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); - out_offset += out_nalu_len; + //out_buff[out_offset + 4] &= 0xfc; + out_nalu_len = h->nalu[i].len; + if (h->nalu[i].need_add_racing_code) do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); + out_offset += out_nalu_len; - h->nalu[i].out_len = out_nalu_len; - } - else - { - int enc_len; - int out_len; + h->nalu[i].out_len = out_nalu_len; + } else { + int enc_len; + int out_len; - if (!h->find_vkek_flag) - { - PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version); - return -1; - } + if (!h->find_vkek_flag) { + PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version); + return -1; + } - if (!h->nalu[i].need_add_racing_code) - { - do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); - h->nalu[i].need_add_racing_code = 1; - } + if (!h->nalu[i].need_add_racing_code) { + do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5); + h->nalu[i].need_add_racing_code = 1; + } - memcpy(out_buff + out_offset, h->nalu[i].addr, 5); - enc_len = h->nalu[i].len - 1 - 5; - h->nalu[i].out_addr = out_buff + out_offset; + memcpy(out_buff + out_offset, h->nalu[i].addr, 5); + enc_len = h->nalu[i].len - 1 - 5; + h->nalu[i].out_addr = out_buff + out_offset; - ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, enc_len, out_buff + out_offset + 5, &out_len, h->vek, h->iv); - if (ret) - return -1; + ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, enc_len, out_buff + out_offset + 5, + &out_len, h->vek, h->iv); + if (ret) return -1; - memcpy(out_buff + out_offset + enc_len + 5, h->nalu[i].addr + 5 + enc_len, 1); + memcpy(out_buff + out_offset + enc_len + 5, h->nalu[i].addr + 5 + enc_len, 1); - out_buff[out_offset + 4] |= 0x2; - out_nalu_len = h->nalu[i].len; + out_buff[out_offset + 4] |= 0x2; + out_nalu_len = h->nalu[i].len; - do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); - out_offset += out_nalu_len; - h->nalu[i].out_len = out_nalu_len; - } - //PRINT_INFO("out_nalu_len %d out_offset %d\n", out_nalu_len, out_offset); - } + do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5); + out_offset += out_nalu_len; + h->nalu[i].out_len = out_nalu_len; + } + //PRINT_INFO("out_nalu_len %d out_offset %d\n", out_nalu_len, out_offset); + } - *out_data_len += out_offset; + *out_data_len += out_offset; - return 0; + return 0; } -static int calc_frame_hash(struct svac_handle *h, char *out_buff, int *out_data_len) +static int +calc_frame_hash(struct svac_handle *h, char *out_buff, int *out_data_len) { - int i; - struct sm3_ctx ctx; + int i; + struct sm3_ctx ctx; - sm3_init(&ctx); + sm3_init(&ctx); - for (i = 0; i < h->nalu_num; i++) - { - if ((h->nalu[i].type == SVAC_IDR_SLICE) || (h->nalu[i].type == SVAC_NO_IDR_SLICE)) - { - h->nalu[i].out_addr[4] |= 1; - sm3_update(&ctx, h->nalu[i].out_addr + 4, h->nalu[i].out_len - 4); - //printf("calc_frame_hash nalu %d len %d\n", i, h->nalu[i].out_len - 4); - } - } + for (i = 0; i < h->nalu_num; i++) { + if ((h->nalu[i].type == SVAC_IDR_SLICE) || (h->nalu[i].type == SVAC_NO_IDR_SLICE)) { + h->nalu[i].out_addr[4] |= 1; + sm3_update(&ctx, h->nalu[i].out_addr + 4, h->nalu[i].out_len - 4); + //printf("calc_frame_hash nalu %d len %d\n", i, h->nalu[i].out_len - 4); + } + } - sm3_final(&ctx, h->idr_hash); + sm3_final(&ctx, h->idr_hash); - return 0; + return 0; } -static int calc_idr_sign_data(struct svac_handle *h) +static int +calc_idr_sign_data(struct svac_handle *h) { - char sign[64]; - int sign_len = 64; + char sign[64]; + int sign_len = 64; - do_sm2_sign(h->sm2_prikey, h->sm2_pubkey, h->idr_hash, 32, sign); - h->sign_len = 64; + do_sm2_sign(h->sm2_prikey, h->sm2_pubkey, h->idr_hash, 32, sign); + h->sign_len = 64; - h->sign_len = sizeof(h->sign); - do_base64_encode(h->sign, &h->sign_len, sign, sign_len); + h->sign_len = sizeof(h->sign); + do_base64_encode(h->sign, &h->sign_len, sign, sign_len); - return 0; + return 0; } -static int make_auth_nal(struct svac_handle *h, char *out_buff, int *out_data_len) +static int +make_auth_nal(struct svac_handle *h, char *out_buff, int *out_data_len) { - if (!h->curr_param.auth_flag) - return 0; + if (!h->curr_param.auth_flag) return 0; - if (h->curr_param.only_IDR && h->idr_flag) - { - calc_frame_hash(h, out_buff, out_data_len); - calc_idr_sign_data(h); - create_auth_nalu(h, out_buff, out_data_len); - } + if (h->curr_param.only_IDR && h->idr_flag) { + calc_frame_hash(h, out_buff, out_data_len); + calc_idr_sign_data(h); + create_auth_nalu(h, out_buff, out_data_len); + } - return 0; + return 0; } -int SvacEncProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len) +int +SvacEncProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - if (!in_buff || !out_buff || !out_len) - return -1; + if (!in_buff || !out_buff || !out_len) return -1; - h->nalu_num = 0; - h->idr_flag = 0; - h->sec_nalu_flag = 0; - h->auth_nalu_flag = 0; + h->nalu_num = 0; + h->idr_flag = 0; + h->sec_nalu_flag = 0; + h->auth_nalu_flag = 0; - svac_parse_nalu(h, in_buff, in_len); + svac_parse_nalu(h, in_buff, in_len); - if (!h->nalu_num) - { - PRINT_ERR("Not find nalu start code!\n"); - return -1; - } + if (!h->nalu_num) { + PRINT_ERR("Not find nalu start code!\n"); + return -1; + } - if (h->idr_flag && h->sec_param_update_flag) - update_new_enc_param(h); + if (h->idr_flag && h->sec_param_update_flag) update_new_enc_param(h); - /* �����a������ bypass */ - if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) - return make_bypass_frame(h, out_buff, out_len); + /* �����a������ bypass */ + if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) return make_bypass_frame(h, out_buff, out_len); - make_enc_frame(h, out_buff, out_len); - make_auth_nal(h, out_buff, out_len); + make_enc_frame(h, out_buff, out_len); + make_auth_nal(h, out_buff, out_len); - return 0; + return 0; } -int SvacEncRelease(void *handle) +int +SvacEncRelease(void *handle) { - struct svac_handle *h = (struct svac_handle *)handle; + struct svac_handle *h = (struct svac_handle *) handle; - CHECK_HANDLE(h); + CHECK_HANDLE(h); - free(h); + free(h); - return 0; + return 0; }