feat add libserver-sm.so

This commit is contained in:
tqcq 2024-12-23 15:29:38 +08:00
parent c856e44fb9
commit 4f753bc49c
12 changed files with 929 additions and 1790 deletions

View File

@ -2,117 +2,110 @@
#define __AWSM_H__
// PIN<49>û<EFBFBD><C3BB><EFBFBD><EFBFBD><EFBFBD>
#define ADMIN_TYPE 0
#define USER_TYPE 1
#define ADMIN_TYPE 0
#define USER_TYPE 1
#define ECCPRIVATEKEYBITLENGTH 256
#define ECCPRIVATEKEYLENGTH 32
//<EFBFBD><EFBFBD><EFBFBD>־
// SM1
#define SGD_SM1_ECB 0x00000101
#define SGD_SM1_CBC 0x00000102
#define SGD_SM1_CFB 0x00000104
#define SGD_SM1_OFB 0x00000108
#define SGD_SM1_MAC 0x00000110
// <EFBFBD><EFBFBD><EFBFBD>־
// SM1
#define SGD_SM1_ECB 0x00000101
#define SGD_SM1_CBC 0x00000102
#define SGD_SM1_CFB 0x00000104
#define SGD_SM1_OFB 0x00000108
#define SGD_SM1_MAC 0x00000110
// SM4
#define SGD_SMS4_ECB 0x00000401
#define SGD_SMS4_CBC 0x00000402
#define SGD_SMS4_CFB 0x00000404
#define SGD_SMS4_OFB 0x00000408
#define SGD_SMS4_ECB 0x00000401
#define SGD_SMS4_CBC 0x00000402
#define SGD_SMS4_CFB 0x00000404
#define SGD_SMS4_OFB 0x00000408
// AES
#define SGD_AES128_ECB 0x00000801
#define SGD_AES128_CBC 0x00000802
#define SGD_AES128_CFB 0x00000804
#define SGD_AES128_OFB 0x00000808
#define SGD_AES128_ECB 0x00000801
#define SGD_AES128_CBC 0x00000802
#define SGD_AES128_CFB 0x00000804
#define SGD_AES128_OFB 0x00000808
#define SGD_AES192_ECB 0x00000811
#define SGD_AES192_CBC 0x00000812
#define SGD_AES192_CFB 0x00000814
#define SGD_AES192_OFB 0x00000818
#define SGD_AES192_ECB 0x00000811
#define SGD_AES192_CBC 0x00000812
#define SGD_AES192_CFB 0x00000814
#define SGD_AES192_OFB 0x00000818
#define SGD_AES256_ECB 0x00000821
#define SGD_AES256_CBC 0x00000822
#define SGD_AES256_CFB 0x00000824
#define SGD_AES256_OFB 0x00000828
#define SGD_AES256_ECB 0x00000821
#define SGD_AES256_CBC 0x00000822
#define SGD_AES256_CFB 0x00000824
#define SGD_AES256_OFB 0x00000828
// DES
#define SGD_DES_ECB 0x00001001
#define SGD_DES_CBC 0x00001002
#define SGD_DES_CFB 0x00001004
#define SGD_DES_OFB 0x00001008
#define SGD_DES_ECB 0x00001001
#define SGD_DES_CBC 0x00001002
#define SGD_DES_CFB 0x00001004
#define SGD_DES_OFB 0x00001008
// 3DES_2KEY
#define SGD_D3DES_ECB 0x00001011
#define SGD_D3DES_CBC 0x00001012
#define SGD_D3DES_CFB 0x00001014
#define SGD_D3DES_OFB 0x00001018
#define SGD_D3DES_ECB 0x00001011
#define SGD_D3DES_CBC 0x00001012
#define SGD_D3DES_CFB 0x00001014
#define SGD_D3DES_OFB 0x00001018
// 3DES_3KEY
#define SGD_T3DES_ECB 0x00001021
#define SGD_T3DES_CBC 0x00001022
#define SGD_T3DES_CFB 0x00001024
#define SGD_T3DES_OFB 0x00001028
#define SGD_T3DES_ECB 0x00001021
#define SGD_T3DES_CBC 0x00001022
#define SGD_T3DES_CFB 0x00001024
#define SGD_T3DES_OFB 0x00001028
//<EFBFBD>ǶԳ<EFBFBD>
#define SGD_RSA 0x00010000
#define SGD_SM2_1 0x00020100 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD>
#define SGD_SM2_2 0x00020200 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><D4BF><EFBFBD><EFBFBD>Э<EFBFBD><D0AD>
#define SGD_SM2_3 0x00020400 // <20><>Բ<EFBFBD><D4B2><EFBFBD>߼<EFBFBD><DFBC><EFBFBD><EFBFBD>
// <EFBFBD>ǶԳ<EFBFBD>
#define SGD_RSA 0x00010000
#define SGD_SM2_1 0x00020100 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD>
#define SGD_SM2_2 0x00020200 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><D4BF><EFBFBD><EFBFBD>Э<EFBFBD><D0AD>
#define SGD_SM2_3 0x00020400 // <20><>Բ<EFBFBD><D4B2><EFBFBD>߼<EFBFBD><DFBC><EFBFBD><EFBFBD>
//<EFBFBD>Ӵ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>־
#define SGD_SM3 0x00000001
#define SGD_SHA1 0x00000002
#define SGD_SHA256 0x00000004
// <EFBFBD>Ӵ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>־
#define SGD_SM3 0x00000001
#define SGD_SHA1 0x00000002
#define SGD_SHA256 0x00000004
#define SKF_USE_ENCDEC 0x01 //<2F><><EFBFBD>ڼ<EFBFBD><DABC>ܽ<EFBFBD><DCBD><EFBFBD>
#define SKF_USE_SIGVER 0x02 //<2F><><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>֤
#define SKF_USE_ENCDEC 0x01 // <20><><EFBFBD>ڼ<EFBFBD><DABC>ܽ<EFBFBD><DCBD><EFBFBD>
#define SKF_USE_SIGVER 0x02 // <20><><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>֤
/**
* @enum
*/
enum PerformanceAlgMode
{
P_AlG_ECB,
P_AlG_CBC,
P_AlG_CFB,
P_AlG_OFB
};
*/
enum PerformanceAlgMode { P_AlG_ECB, P_AlG_CBC, P_AlG_CFB, P_AlG_OFB };
enum EccKeyPairType
{
CryptKey,
SignatureKey
};
enum EccKeyPairType { CryptKey, SignatureKey };
/**
* @brief
*
*
* @return int 0
*/
int Device_Init();
/**
* @brief
*
*
* @param IP IP
* @return int 0
*/
int Device_Init_IP(unsigned char *IP);
// int Unlock_Application_PIN(unsigned char *AdminPin, unsigned char *NewUserPIN, unsigned int *RetryCount);
// int Unlock_Application_PIN(unsigned char *AdminPin, unsigned char
// *NewUserPIN, unsigned int *RetryCount);
// int Change_Application_PIN(unsigned char *Old, unsigned char *New, unsigned int *RetryCount);
// int Change_Application_PIN(unsigned char *Old, unsigned char *New, unsigned
// int *RetryCount);
// int Verify_Application_PIN(unsigned char *PIN, unsigned int *RetryCount);
int Generate_Hash_Init(unsigned char *EccPublickey);
int Generate_Hash_Init(void *ctx, unsigned char *EccPublickey);
int Generate_Hash_Update(unsigned char *Source_Data, unsigned int SourceDataLen);
int Generate_Hash_Update(void *ctx, unsigned char *Source_Data,
unsigned int SourceDataLen);
int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen);
int Generate_Hash_Final(void *ctx, unsigned char *HashData,
unsigned int *HashDataLen);
/**
* @brief
*
*
* @param SourceData
* @param SourceDataLen
* @param HashData
@ -121,11 +114,13 @@ int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen);
* @param HashType SGD_SM3
* @return int 0
*/
int Generate_Hash(unsigned char *SourceData, unsigned int SourceDataLen, unsigned char *HashData, unsigned int *HashDataLen, unsigned char *EccPublickey, unsigned int HashType);
int Generate_Hash(unsigned char *SourceData, unsigned int SourceDataLen,
unsigned char *HashData, unsigned int *HashDataLen,
unsigned char *EccPublickey, unsigned int HashType);
/**
* @brief
*
*
* @param ucRandom
* @param ulRandomLen
* @return int 0
@ -134,18 +129,21 @@ int Generate_Rand(unsigned char *ucRandom, unsigned int ulRandomLen);
/**
* @brief
*
*
* @param SignData
* @param SignDataLen
* @param EccSignBlobData
* @param EccSignBlobDatalen
* @return int 0
*/
int Generate_SignData_IntPrikey(unsigned char *SignData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int *EccSignBlobDatalen);
int Generate_SignData_IntPrikey(unsigned char *SignData,
unsigned int SignDataLen,
unsigned char *EccSignBlobData,
unsigned int *EccSignBlobDatalen);
/**
* @brief
*
*
* @param EccPrikey
* @param SignData
* @param SignDataLen
@ -153,11 +151,15 @@ int Generate_SignData_IntPrikey(unsigned char *SignData, unsigned int SignDataLe
* @param EccSignBlobDataLen
* @return int 0
*/
int Generate_SignData_ExtPrikey(unsigned char *EccPrikey, unsigned char *SignData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int *EccSignBlobDataLen);
int Generate_SignData_ExtPrikey(unsigned char *EccPrikey,
unsigned char *SignData,
unsigned int SignDataLen,
unsigned char *EccSignBlobData,
unsigned int *EccSignBlobDataLen);
/**
* @brief
*
*
* @param EccPublickey
* @param SignatureData
* @param SignDataLen
@ -165,11 +167,15 @@ int Generate_SignData_ExtPrikey(unsigned char *EccPrikey, unsigned char *SignDat
* @param EccSignBlobDataLen
* @return int 0
*/
int Verify_SignData_ExtPubkey(unsigned char *EccPublickey, unsigned char *SignatureData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int EccSignBlobDataLen);
int Verify_SignData_ExtPubkey(unsigned char *EccPublickey,
unsigned char *SignatureData,
unsigned int SignDataLen,
unsigned char *EccSignBlobData,
unsigned int EccSignBlobDataLen);
/**
* @brief
*
*
* @param EPublickey
* @param InData
* @param InDataLen
@ -177,11 +183,14 @@ int Verify_SignData_ExtPubkey(unsigned char *EccPublickey, unsigned char *Signat
* @param ECCCIPPHERDataLen
* @return int 0
*/
int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData, unsigned int InDataLen, unsigned char *ECCCIPPHERData, unsigned int *ECCCIPPHERDataLen);
int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData,
unsigned int InDataLen,
unsigned char *ECCCIPPHERData,
unsigned int *ECCCIPPHERDataLen);
/**
* @brief
*
*
* @param EPrikey
* @param ECCCIPPHERData
* @param ECCCIPPHERDataLen
@ -189,33 +198,41 @@ int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData, un
* @param OutDataLen
* @return int 0
*/
int SM2_3_Decrypt_ExtPrikey(unsigned char *EPrikey, unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM2_3_Decrypt_ExtPrikey(unsigned char *EPrikey,
unsigned char *ECCCIPPHERData,
unsigned int ECCCIPPHERDataLen,
unsigned char *OutData, unsigned int *OutDataLen);
/**
* @brief
*
*
* @param ECCCIPPHERData
* @param ECCCIPPHERDataLen
* @param OutData
* @param OutDataLen
* @return int 0
*/
int SM2_3_Decrypt_IntPrikey(unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM2_3_Decrypt_IntPrikey(unsigned char *ECCCIPPHERData,
unsigned int ECCCIPPHERDataLen,
unsigned char *OutData, unsigned int *OutDataLen);
/**
* @brief
*
*
* @param ECCCIPPHERData
* @param ECCCIPPHERDataLen
* @param OutData
* @param OutDataLen
* @return int 0
*/
int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData,
unsigned int ECCCIPPHERDataLen,
unsigned char *OutData,
unsigned int *OutDataLen);
/**
* @brief SM1加密
*
*
* @param AlgMode enum PerformanceAlgMode
* @param pIv IV
* @param Key Key
@ -226,13 +243,14 @@ int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData, unsigned int ECC
* @param OutDataLen
* @return int 0
*/
int SM1_Encrypt(
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM1_Encrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
unsigned int KeyLen, unsigned char *InData,
unsigned int InDataLen, unsigned char *OutData,
unsigned int *OutDataLen);
/**
* @brief SM1解密
*
*
* @param AlgMode enum PerformanceAlgMode
* @param pIv IV
* @param Key Key
@ -243,13 +261,14 @@ int SM1_Encrypt(
* @param OutDataLen
* @return int 0
*/
int SM1_Decrypt(
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM1_Decrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
unsigned int KeyLen, unsigned char *InData,
unsigned int InDataLen, unsigned char *OutData,
unsigned int *OutDataLen);
/**
* @brief SM4加密
*
*
* @param AlgMode enum PerformanceAlgMode
* @param pIv IV
* @param Key Key
@ -260,13 +279,14 @@ int SM1_Decrypt(
* @param OutDataLen
* @return int 0
*/
int SM4_Encrypt(
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM4_Encrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
unsigned int KeyLen, unsigned char *InData,
unsigned int InDataLen, unsigned char *OutData,
unsigned int *OutDataLen);
/**
* @brief SM4解密
*
*
* @param AlgMode enum PerformanceAlgMode
* @param pIv IV
* @param Key Key
@ -277,20 +297,21 @@ int SM4_Encrypt(
* @param OutDataLen
* @return int 0
*/
int SM4_Decrypt(
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
int SM4_Decrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
unsigned int KeyLen, unsigned char *InData,
unsigned int InDataLen, unsigned char *OutData,
unsigned int *OutDataLen);
/**
* @brief
*
*
* @return int 0
*/
int Generate_ECCKeyPair();
/**
* @brief
*
*
* @param KeyPairtype enum EccKeyPairType
* @param publickey
* @return int 0
@ -299,49 +320,53 @@ int Export_publickey(unsigned int KeyPairtype, unsigned char *publickey);
/**
* @brief
*
*
* @param KeyPairtype enum EccKeyPairType
* @param Privatkey
* @param Publickey
* @return int 0
*/
int Import_ECCKeyPair(unsigned int KeyPairtype, unsigned char *Privatkey, unsigned char *Publickey);
int Import_ECCKeyPair(unsigned int KeyPairtype, unsigned char *Privatkey,
unsigned char *Publickey);
// int Import_ECCKeyPair_Ciphertext(unsigned char *KeyPairCiphertext, unsigned int KeyPairCiphertextLen);
// int Import_ECCKeyPair_Ciphertext(unsigned char *KeyPairCiphertext, unsigned
// int KeyPairCiphertextLen);
/**
* @brief
*
*
* @param CerType
* @param InData
* @param InDataLen
* @return int 0
*/
int Import_Certificate(unsigned int CerType, char *InData, unsigned int InDataLen);
int Import_Certificate(unsigned int CerType, char *InData,
unsigned int InDataLen);
/**
* @brief
*
*
* @param CerType
* @param OutData
* @param OutDataLen
* @return int 0
*/
int Export_Certificate(unsigned int CerType, char *OutData, unsigned int *OutDataLen);
int Export_Certificate(unsigned int CerType, char *OutData,
unsigned int *OutDataLen);
/**
* @brief
*
*
* @param FileName
* @param InData
* @param InDataLen
* @return int 0
*/
int ImportFile(char* FileName, char *InData, int InDataLen);
int ImportFile(char *FileName, char *InData, int InDataLen);
/**
* @brief
*
*
* @param FileName
* @param OutData
* @param OutDataLen
@ -351,7 +376,7 @@ int ExportFile(char *FileName, char *OutData, int *OutDataLen);
/**
* @brief HWCode
*
*
* @param HwCode HWCode缓冲区
* @return int 0
*/
@ -359,7 +384,7 @@ int Get_Hwcode(unsigned char *HwCode);
/**
* @brief
*
*
* @param DevInfo
* @return int 0
*/
@ -369,7 +394,7 @@ int Get_DevInfo(unsigned char *DevInfo);
/**
* @brief
*
*
*/
void Close_Device();

View File

@ -106,7 +106,18 @@ static void ReConnect() {
Device_Init();
}
int Generate_Hash_Init(unsigned char *EccPublickey) {
static void *HashCtxCreate() {
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
uint64_t *ctx = (uint64_t *)malloc(sizeof(uint64_t));
return ctx;
}
static void HashCtxDestroy(void *ctx) {
if (ctx) {
free(ctx);
}
}
int Generate_Hash_Init(void *ctx, unsigned char *EccPublickey) {
int rv = 0;
int iSendBufLen = 0;
@ -114,6 +125,13 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
pZMQBuf_s psZMQBuf = NULL;
AWSM__HashInit *Result = NULL;
do {
ctx = HashCtxCreate();
if (!ctx) {
fprintf(stderr, "HashCtxCreate failed.\n");
rv = -1;
break;
}
AWSM__HashInit HashInit = AWSM__HASH_INIT__INIT;
if (EccPublickey) {
@ -145,6 +163,7 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
rv = Result->returnvalue;
if (rv)
break;
*(uint64_t *)ctx = Result->messageid;
} while (0);
if (psZMQBuf)
@ -153,12 +172,16 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
awsm__hash_init__free_unpacked(Result, NULL);
if (pcSendBuf)
free(pcSendBuf);
if (rv && ctx) {
HashCtxDestroy(ctx);
}
return rv;
}
int Generate_Hash_Update(unsigned char *SourceData,
int Generate_Hash_Update(void *ctx, unsigned char *SourceData,
unsigned int SourceDataLen) {
uint64_t id = *(uint64_t *)ctx;
int rv = 0;
int iSendBufLen = 0;
@ -168,6 +191,7 @@ int Generate_Hash_Update(unsigned char *SourceData,
do {
AWSM__HashUpdate HashUpdate = AWSM__HASH_UPDATE__INIT;
HashUpdate.messageid = id;
HashUpdate.sourcedata.len = SourceDataLen;
HashUpdate.sourcedata.data = SourceData;
@ -207,7 +231,9 @@ int Generate_Hash_Update(unsigned char *SourceData,
return rv;
}
int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen) {
int Generate_Hash_Final(void *ctx, unsigned char *HashData,
unsigned int *HashDataLen) {
uint64_t id = *(uint64_t *)ctx;
int rv = 0;
int iSendBufLen = 0;
@ -217,6 +243,7 @@ int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen) {
do {
AWSM__HashFinal HashFinal = AWSM__HASH_FINAL__INIT;
HashFinal.messageid = id;
HashFinal.hashdata.len = 0;
HashFinal.hashdata.data = NULL;
HashFinal.hashdatalen = *HashDataLen;

View File

@ -1,26 +1,23 @@
CMAKE_MINIMUM_REQUIRED(VERSION 3.10)
PROJECT(AWSMServer)
cmake_minimum_required(VERSION 3.10)
project(AWSMServer)
AUX_SOURCE_DIRECTORY(${PROJECT_SOURCE_DIR}/src src_list)
aux_source_directory(${PROJECT_SOURCE_DIR}/src src_list)
aux_source_directory(${PROJECT_SOURCE_DIR}/src/sm2sm3_enc src_list)
ADD_EXECUTABLE(${PROJECT_NAME} ${src_list} ${PROJECT_SOURCE_DIR}/AWSMServer.c)
add_executable(${PROJECT_NAME} ${src_list} ${PROJECT_SOURCE_DIR}/AWSMServer.c)
TARGET_INCLUDE_DIRECTORIES(${PROJECT_NAME}
PRIVATE
${PROJECT_SOURCE_DIR}/include)
target_include_directories(${PROJECT_NAME}
PRIVATE ${PROJECT_SOURCE_DIR}/include)
TARGET_LINK_DIRECTORIES(${PROJECT_NAME}
PRIVATE
${CMAKE_SOURCE_DIR}/lib
)
target_link_directories(${PROJECT_NAME} PRIVATE ${CMAKE_SOURCE_DIR}/lib)
TARGET_LINK_LIBRARIES(${PROJECT_NAME}
PUBLIC
pthread
m
server-sm
stdc++
VSConfig
VSClock
ZMQLayout
AWSMProtobuf)
target_link_libraries(
${PROJECT_NAME}
PUBLIC pthread
m
server-sm
stdc++
VSConfig
VSClock
ZMQLayout
AWSMProtobuf)

View File

@ -3,11 +3,10 @@
#include "AWSM.pb-c.h"
typedef struct AWSMProtobuf_S
{
char *pcBuf;
int iBufLen;
}AWSMProtobuf_s, *pAWSMProtobuf_s;
typedef struct AWSMProtobuf_S {
char *pcBuf;
int iBufLen;
} AWSMProtobuf_s, *pAWSMProtobuf_s;
void AWSMProtobufDestroy(pAWSMProtobuf_s);
@ -27,19 +26,26 @@ pAWSMProtobuf_s CallHash(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallRand(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSignatureByIntPrikey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSignatureByIntPrikey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSignatureByExtPrikey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSignatureByExtPrikey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallVerifySignature(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallVerifySignature(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSM2EncryptByExtPubKey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSM2EncryptByExtPubKey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByExtPrikey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByExtPrikey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByIntPrikey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByIntPrikey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByIntCryptPrikey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSM2DecryptByIntCryptPrikey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallSM1Encrypt(const char *pcProtoBuf, const int iProtoBufLen);
@ -49,15 +55,20 @@ pAWSMProtobuf_s CallSM4Encrypt(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallSM4Decrypt(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallGenerateECCKeyPair(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallGenerateECCKeyPair(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallExportPubkey(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallExportPubkey(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallImportKeyPair(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallImportKeyPair(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallImportCertificate(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallImportCertificate(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallExportCertificate(const char *pcProtoBuf, const int iProtoBufLen);
pAWSMProtobuf_s CallExportCertificate(const char *pcProtoBuf,
const int iProtoBufLen);
pAWSMProtobuf_s CallImportFile(const char *pcProtoBuf, const int iProtoBufLen);

View File

@ -7,7 +7,7 @@
#include "AWSKF.h"
#include "map.h"
#include "sm2sm3_enc/sm2.h"
// #include "sm2sm3_enc/sm2.h"
#include "sm2sm3_enc/sm3.h"
static pthread_mutex_t tLocker = PTHREAD_MUTEX_INITIALIZER;
@ -20,14 +20,30 @@ static pthread_mutex_t hash_map_lock = PTHREAD_MUTEX_INITIALIZER;
#define TryLockMap() pthread_mutex_trylock(&tLocker)
#define UnlockMap() pthread_mutex_unlock(&tLocker)
#define INVALID_MESSAGE_ID 0
static uint64_t hash_message_id = 1;
map hash_map_ref = NULL;
struct HashRequest {
struct sm3_ctx ctx;
uint8_t pubkey[128];
size_t data_len;
uint8_t *data_ptr;
};
struct HashRequest *HashRequestCreate() {
struct HashRequest *ptr =
(struct HashRequest *)malloc(sizeof(struct HashRequest));
if (!ptr) {
return NULL;
}
memset(ptr->pubkey, 0, sizeof(ptr->pubkey));
sm3_init(&ptr->ctx);
return ptr;
}
void HashRequestDestroy(struct HashRequest *ptr) {
if (!ptr) {
return;
}
free(ptr);
}
static pAWSKF_f pfAWSKF = NULL;
static pAWSKF_s psAWSKF = NULL;
@ -102,8 +118,15 @@ pAWSMProtobuf_s CallHashInit(const char *pcProtoBuf, const int iProtoBufLen) {
int rv = 0;
pAWSMProtobuf_s psReturn = NULL;
AWSM__HashInit *HashInitIN = NULL;
struct HashRequest *request = NULL;
do {
do {
request = HashRequestCreate();
if (!request) {
rv = -1;
break;
}
HashInitIN = awsm__hash_init__unpack(NULL, iProtoBufLen, pcProtoBuf);
if (!HashInitIN) {
rv = -1;
@ -119,8 +142,6 @@ rv = pfAWSKF->GenerateHashInit(psAWSKF, HashInitIN->eccpublickey.data);
if (rv)
Unlock();
*/
LockMap();
UnlockMap();
} while (0);
AWSM__HashInit HashInitOUT = AWSM__HASH_INIT__INIT;
@ -128,6 +149,18 @@ if (rv)
HashInitOUT.eccpublickey.len = HashInitIN->eccpublickey.len;
HashInitOUT.returnvalue = rv;
if (rv == 0) {
LockMap();
HashInitOUT.messageid = hash_message_id++;
map_set_by_uint64(hash_map_ref, HashInitOUT.messageid, request);
UnlockMap();
} else {
HashInitOUT.messageid = INVALID_MESSAGE_ID;
if (request) {
HashRequestDestroy(request);
}
}
ToAWProtobuf(hash_init, psReturn, HashInitOUT);
} while (0);
if (HashInitIN)
@ -150,12 +183,26 @@ pAWSMProtobuf_s CallHashUpdate(const char *pcProtoBuf, const int iProtoBufLen) {
rv = -1;
break;
}
LockMap();
if (!map_contains_by_uint64(hash_map_ref, HashUpdateIN->messageid)) {
UnlockMap();
rv = -1;
break;
} else {
struct HashRequest *request = (struct HashRequest *)map_get_by_uint64(
hash_map_ref, HashUpdateIN->messageid);
sm3_update(&request->ctx, HashUpdateIN->sourcedata.data,
HashUpdateIN->sourcedatalen);
UnlockMap();
}
rv = pfAWSKF->GenerateHashUpdate(psAWSKF, HashUpdateIN->sourcedata.data,
HashUpdateIN->sourcedatalen);
// rv = pfAWSKF->GenerateHashUpdate(psAWSKF,
// HashUpdateIN->sourcedata.data,
// HashUpdateIN->sourcedatalen);
} while (0);
AWSM__HashUpdate HashUpdateOUT = AWSM__HASH_UPDATE__INIT;
HashUpdateOUT.messageid = HashUpdateIN->messageid;
HashUpdateOUT.sourcedata.data = HashUpdateIN->sourcedata.data;
HashUpdateOUT.sourcedata.len = HashUpdateIN->sourcedata.len;
HashUpdateOUT.sourcedatalen = HashUpdateIN->sourcedatalen;
@ -186,7 +233,21 @@ pAWSMProtobuf_s CallHashFinal(const char *pcProtoBuf, const int iProtoBufLen) {
break;
}
rv = pfAWSKF->GenerateHashFinal(psAWSKF, pcHashData, &iHashDataLen);
LockMap();
if (!map_contains_by_uint64(hash_map_ref, HashFinalIN->messageid)) {
UnlockMap();
rv = -1;
break;
} else {
struct HashRequest *request =
(struct HashRequest *)map_remove_by_uint64(hash_map_ref,
HashFinalIN->messageid);
UnlockMap();
sm3_final(&request->ctx, pcHashData);
HashRequestDestroy(request);
iHashDataLen = 32;
}
// rv = pfAWSKF->GenerateHashFinal(psAWSKF, pcHashData, &iHashDataLen);
} while (0);
AWSM__HashFinal HashFinalOUT = AWSM__HASH_FINAL__INIT;

View File

@ -1,5 +1,6 @@
#include "map.h"
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -84,6 +85,11 @@ bool map_contains(const map m, const char *key) {
}
return false;
}
bool map_contains_by_uint64(const map m, uint64_t key) {
char buf[20];
sprintf(buf, "%lu", key);
return map_contains(m, buf);
}
/**
* Set the value for a given key within a map.
@ -115,6 +121,11 @@ void map_set(map m, const char *key, void *value) {
m->elems[b] = new;
m->size += 1;
}
void map_set_by_uint64(map m, uint64_t key, void *value) {
char buf[20];
sprintf(buf, "%lu", key);
map_set(m, buf, value);
}
/**
* Retrieve the value for a given key in a map.
@ -135,6 +146,11 @@ void *map_get(const map m, const char *key) {
assert(key_found);
exit(1);
}
void *map_get_by_uint64(const map m, uint64_t key) {
char buf[20];
sprintf(buf, "%lu", key);
return map_get(m, buf);
}
/**
* Remove a key and its value from a map.
@ -165,6 +181,11 @@ void *map_remove(map m, const char *key) {
assert(key_found);
exit(1);
}
void *map_remove_by_uint64(map m, uint64_t key) {
char buf[20];
sprintf(buf, "%lu", key);
return map_remove(m, buf);
}
/**
* Get the "first" key (arbitrarily ordered) in a map. If the map is empty,

View File

@ -2,6 +2,7 @@
#define __MAP_H
#include <stdbool.h>
#include <stdint.h>
/**
* Hash map implementation for C.
@ -42,6 +43,7 @@ int map_size(const map m);
* Keys are case-sensitive.
*/
bool map_contains(const map m, const char *key);
bool map_contains_by_uint64(const map m, uint64_t key);
/**
* Set the value for a given key within a map.
@ -50,6 +52,7 @@ bool map_contains(const map m, const char *key);
* new value will replace the old one.
*/
void map_set(map m, const char *key, void *value);
void map_set_by_uint64(map m, uint64_t key, void *value);
/**
* Retrieve the value for a given key in a map.
@ -57,6 +60,7 @@ void map_set(map m, const char *key, void *value);
* Crashes if the map does not contain the given key.
*/
void *map_get(const map m, const char *key);
void *map_get_by_uint64(const map m, uint64_t key);
/**
* Remove a key and return its value from a map.
@ -64,6 +68,7 @@ void *map_get(const map m, const char *key);
* Crashes if the map does not already contain the key.
*/
void *map_remove(map m, const char *key);
void *map_remove_by_uint64(map m, uint64_t key);
/**
* Iterate over a map's keys.

View File

@ -1,900 +0,0 @@
#include <assert.h>
#include <malloc.h>
#include <stdio.h>
#include <string.h>
// #include "svac_enc.h"
#include "sm2.h"
#include "sm3.h"
#define PRINT_ERR printf
#define PRINT_INFO printf
#define MAGIC_VALUE 0x12121111
#define NALU_MAX_NUM 100
#define VKEK_CACHE_NUM 30
#define HASH_CACHE_NUM 512
#define SM4_OFB 0
#define SM1_OFB 1
#define SM4_ECB 2
#define SM3_HASH 3
#define SM2_SIGN 4
/* svac2.0 p45 */
#define SVAC_NO_IDR_SLICE 1
#define SVAC_IDR_SLICE 2
#define SVAC_NO_IDR_SLICE_EXT 3
#define SVAC_IDR_SLICE_EXT 4
#define SVAC_SUR_SLICE 5
#define SVAC_SEI_SLICE 6
#define SVAC_SPS_SLICE 7
#define SVAC_PPS_SLICE 8
#define SVAC_SEC_SLICE 9
#define SVAC_AUTH_SLICE 10
struct nalu_data {
char *addr;
char *out_addr;
int len;
int out_len;
int encryption_idc;
int authentication_idc;
int type;
int need_add_racing_code;
};
struct vkek_info {
char vkek[16];
char version[32];
};
struct sec_param {
/* <20><>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> */
int encrypt_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>
int encrypt_type; //<2F><><EFBFBD><EFBFBD><EFBFBD>
int auth_flag; //<2F>Ƿ<EFBFBD>ǩ<EFBFBD><C7A9>
int auth_type; //ǩ<><C7A9><EFBFBD>
int hash_type; //ɢ<><C9A2><EFBFBD>
int vek_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>evek
int vek_encrypt_type; //vek<65><6B><EFBFBD><EFBFBD><EFBFBD>
char evek[32]; //evek
int vek_len; //vek<65><6B><EFBFBD><EFBFBD>
char vkek_version[128];//vkek version
int version_len; //vkek version<6F><6E><EFBFBD><EFBFBD>
int iv_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>iv
char iv[32]; //iv
int iv_len; //iv<69><76><EFBFBD><EFBFBD>
int only_IDR; // sign only for idr
int hash_period; // sign period frame
};
struct hash_cache {
/* һ<><D2BB>gop<6F><70><EFBFBD>256֡ */
char hash[32];
int frame_num;
};
struct svac_handle {
int magic;
/* sm2 <20><>Կ */
char sm2_pubkey[64];
/* sm2 <20><>Կ<EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD> */
int sm_pubkey_flag;
char sm2_prikey[32];
int sm_prikey_flag;
char vek[16];
char iv[16];
/* process tmp data */
struct nalu_data nalu[NALU_MAX_NUM];
int nalu_num;
int frame_num;
int sign_frame_num;
char sign[128];
int sign_len;
/* current frame is IDR frame */
int idr_flag;
/* current frame <20><><EFBFBD><EFBFBD> sec nalu */
int sec_nalu_flag;
/* current frame <20><><EFBFBD><EFBFBD> auth nalu */
int auth_nalu_flag;
/* <20><>ǰʹ<C7B0>õİ<C3B5>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD> */
struct sec_param curr_param;
/* <20><><EFBFBD>յ<EFBFBD><D5B5>İ<EFBFBD>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD> */
struct sec_param new_param;
/* <20><>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>±<EFBFBD>ʶ<EFBFBD><CAB6><EFBFBD>µ<EFBFBD>GOP<4F><50>ʼ<EFBFBD><CABC><EFBFBD><EFBFBD> */
int sec_param_update_flag;
int vkek_start;
struct vkek_info vkek_list[VKEK_CACHE_NUM];
int find_vkek_flag;
char idr_hash[32];
struct hash_cache cache[HASH_CACHE_NUM];
int cache_idx;// 0 ~ HASH_CACHE_NUM - 1
char camera_id[64]; //<2F><><EFBFBD><EFBFBD>id
char camera_idc[19];//֤<><D6A4>id
};
#define CHECK_HANDLE(h) \
do { \
if (!h || h->magic != MAGIC_VALUE) { \
PRINT_ERR("handle is error!\n"); \
return -1; \
} \
} while (0)
void hexdump(char *title, const unsigned char *s, int l);
int do_sm2_sign(char *prikey, char *pubkey, char *data_addr, int data_len, char *sign_addr);
int do_base64_encode(unsigned char *dst, int *dlen, unsigned char *src, int slen);
static unsigned int
write_bits(unsigned char data, unsigned int write_len, unsigned char *addr, unsigned int offset)
{
unsigned int offset_in_bytes = offset & 7;
unsigned int offset_of_bytes = offset / 8;
/* if need write twice */
if (offset_in_bytes && offset_in_bytes + write_len > 8) {
unsigned int second_write_len = offset_in_bytes + write_len - 8;
/* clean the bits which will been writen */
addr[offset_of_bytes] &= ~((1 << (8 - offset_in_bytes)) - 1);
/* write the first byte */
addr[offset_of_bytes] |= (data & ((1 << write_len) - 1)) >> second_write_len;
/* write the second byte */
addr[offset_of_bytes + 1] &= ((1 << (8 - second_write_len)) - 1);
addr[offset_of_bytes + 1] |= (data & ((1 << second_write_len) - 1)) << (8 - second_write_len);
} else {
data &= ((1 << write_len) - 1);
addr[offset_of_bytes] &= ~(((1 << write_len) - 1) << (8 - write_len - offset_in_bytes));
addr[offset_of_bytes] |= data << (8 - write_len - offset_in_bytes);
}
return offset + write_len;
}
static unsigned int
write_long_data_bits(unsigned int data, unsigned int write_len, unsigned char *addr, unsigned int offset)
{
unsigned int ret_offset = 0;
if (write_len <= 8)
ret_offset = write_bits((unsigned char) data, write_len, addr, offset);
else {
int i;
int loop;
unsigned int first_write_len = write_len & 7;
/* <20><><EFBFBD><EFBFBD>һ<EFBFBD>ֽڵĵ<DAB5>first_write_len<65><6E><EFBFBD><EFBFBD>*/
if (first_write_len)
offset =
write_bits((unsigned char) ((data >> (write_len - first_write_len)) & ((1 << first_write_len) - 1)),
first_write_len, addr, offset);
loop = (write_len - first_write_len) / 8;
ret_offset = offset;
for (i = 0; i < loop; i++)
ret_offset = write_bits((unsigned char) ((data >> ((loop - i - 1) * 8)) & 0xff), 8, addr, ret_offset);
}
return ret_offset;
}
static unsigned int
write_string_bits(unsigned char *p, unsigned int write_len, unsigned char *addr, unsigned int offset)
{
int i = 0;
unsigned int len = 0;
while (len < write_len) {
if (write_len - len > 8) {
offset = write_bits(p[i], 8, addr, offset);
len += 8;
} else {
offset = write_bits(p[i], write_len - len, addr, offset);
len += write_len - len;
}
i++;
}
return offset;
}
/* if find a nal, return the next address; if it's the end, return NULL */
static char *
findNal(char *buf, int *frame_len, char **nal_start, int *nal_len)
{
int i;
char *start = NULL;
int len = 0;
*nal_start = NULL;
*nal_len = 0;
/* parsing each NALU */
for (i = 0; i < (int) (*frame_len - 3); i++) {
if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) {
/* not the first loop */
if (start) {
len = buf + i - start;
*nal_start = start;
*nal_len = len;
*frame_len -= i;
return buf + i;
}
start = buf + i;
}
}
if (start) len = buf + *frame_len - start;
*nal_start = start;
*nal_len = len;
*frame_len = 0;
return NULL;
}
static int
svac_parse_nalu(struct svac_handle *h, char *frame_data, int frame_len)
{
char *ptr, *start = NULL;
int nal_len, frame_len_left = frame_len;
ptr = frame_data;
do {
start = NULL;
nal_len = 0;
ptr = findNal(ptr, &frame_len_left, &start, &nal_len);
if (start) {
memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data));
h->nalu[h->nalu_num].addr = start;
h->nalu[h->nalu_num].len = nal_len;
h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0;//svac2.0 p21
h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21
h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21
if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type)
h->idr_flag = 1;
else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type)
h->sec_nalu_flag = 1;
else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type)
h->auth_nalu_flag = 1;
else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) {
/* pps<70>ĵ<EFBFBD>һ<EFBFBD><D2BB><EFBFBD>ֽ<EFBFBD><D6BD><EFBFBD>֡<EFBFBD><D6A1> svac2.0 p23 */
h->frame_num = (unsigned char) start[5];
//PRINT_INFO("frame %d\n", h->frame_num);
}
//printf("nalu %d len %d type %d auth_idc %d enc_idc %d\n", h->nalu_num, nal_len, h->nalu[h->nalu_num].type, h->nalu[h->nalu_num].authentication_idc, h->nalu[h->nalu_num].encryption_idc);
h->nalu_num++;
}
} while (frame_len_left);
return 0;
}
/* <20><><EFBFBD><EFBFBD> svac <20>ľ<EFBFBD><C4BE><EFBFBD><EFBFBD><EFBFBD> */
static int
do_add_racing_Code(char *ptr, int *len, int offset)
{
int i, find = 0, start = offset;
unsigned int inlen = *len;
for (i = start; i < inlen - 2; i++) {
if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) {
find = 1;
break;
}
}
if (find) {
unsigned int code_num = 0, zero_count = 0;
char *tmp = (char *) malloc(*len + 4096 * 5);
memcpy(tmp, ptr, start);
for (i = start; i < inlen; i++) {
if (zero_count == 2 && !(ptr[i] & 0xfc)) {
tmp[i + code_num] = 3;
code_num++;
i--;
zero_count = 0;
continue;
}
if (ptr[i] == 0)
zero_count++;
else
zero_count = 0;
tmp[i + code_num] = ptr[i];
}
memcpy(ptr, tmp, inlen + code_num);
*len = inlen + code_num;
//PRINT_INFO("code_num %d\n", code_num);
free(tmp);
}
return find;
}
/* ȥ<><C8A5> svac <20>ľ<EFBFBD><C4BE><EFBFBD><EFBFBD><EFBFBD> */
static int
do_remove_racing_code(char *ptr, int *len, int offset)
{
int i, find = 0, start;
unsigned int inlen;
inlen = *len;
start = offset;
for (i = start; i < inlen - 2; i++) {
if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) {
find = 1;
break;
}
}
if (find) {
unsigned int code_num = 0, zero_count = 0;
for (i = start; i < inlen; i++) {
if (zero_count == 2 && ptr[i] == 3) {
code_num++;
zero_count = 0;
continue;
}
if (ptr[i] == 0)
zero_count++;
else
zero_count = 0;
ptr[i - code_num] = ptr[i];
}
*len = inlen - code_num;
}
return find;
}
void do_sm4_ecb_encrypt(const char *in_buff, char *out_buff, const char *key);
static int
enc_vek(struct svac_handle *h)
{
do_sm4_ecb_encrypt(h->vek, h->curr_param.evek, h->vkek_list[0].vkek);
h->curr_param.vek_len = 16;
return 0;
}
static int
calc_nalu_hash(struct svac_handle *h)
{
int i;
struct sm3_ctx ctx;
char hash[32];
struct hash_cache *cache;
if (!h->curr_param.auth_flag) return 0;
for (i = 0; i < h->nalu_num; i++) {
if (h->nalu[i].authentication_idc) break;
}
/* û<><C3BB>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>nalu */
if (i >= h->nalu_num) return 0;
memset(hash, 0, sizeof(hash));
sm3_init(&ctx);
for (i = 0; i < h->nalu_num; i++) {
if (!h->nalu[i].authentication_idc) continue;
sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4);
//printf("calc_nalu_hash nalu %d len %d\n", i, h->nalu[i].len - 4);
}
sm3_final(&ctx, hash);
if (!h->frame_num) memcpy(h->idr_hash, hash, 32);
cache = &h->cache[h->cache_idx];
memcpy(cache->hash, hash, 32);
cache->frame_num = h->frame_num;
h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM;
return 0;
}
void do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv);
static int
do_dec_and_copy(int encrypt_type,
const char *in_buff,
int in_len,
char *out_buff,
int *out_len,
const char *key,
const char *iv)
{
if (encrypt_type == SM4_OFB) {
do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv);
} else if (encrypt_type == SM1_OFB) {
PRINT_ERR("unsupport SM1 now!\n");
return -1;
}
return 0;
}
static int
make_bypass_frame(struct svac_handle *h, char *out_buff, int *out_len)
{
int i;
*out_len = 0;
for (i = 0; i < h->nalu_num; i++) {
if (h->nalu[i].type == SVAC_SEC_SLICE) continue;
memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len);
*out_len += h->nalu[i].len;
}
return 0;
}
static int
update_new_enc_param(struct svac_handle *h)
{
memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param));
//printf("h->new_param.enc %d\n", h->new_param.encrypt_flag);
h->sec_param_update_flag = 0;
if (h->curr_param.encrypt_flag) {
char vek[16];
char iv[16];
vli_get_random(vek, 16);
vli_get_random(iv, 16);
memcpy(h->vek, vek, 16);
memcpy(h->iv, iv, 16);
enc_vek(h);
}
return 0;
}
void *
SvacEncCreate(void)
{
int i;
struct svac_handle *h;
h = (struct svac_handle *) malloc(sizeof(struct svac_handle));
if (!h) return NULL;
memset(h, 0, sizeof(struct svac_handle));
h->magic = MAGIC_VALUE;
for (i = 0; i < HASH_CACHE_NUM; i++) h->cache[i].frame_num = -1;
return (void *) h;
}
int
SvacEncSetVkek(void *handle, char *vkek, char *version, int verion_len)
{
struct svac_handle *h = (struct svac_handle *) handle;
CHECK_HANDLE(h);
if (!vkek || !version) return -1;
memcpy(h->vkek_list[0].vkek, vkek, 16);
memset(h->vkek_list[0].version, 0, sizeof(h->vkek_list[0].version));
memcpy(h->vkek_list[0].version, version, verion_len);
h->find_vkek_flag = 1;
return 0;
}
int
SvacEncSetKeyPair(void *handle, char *sm2_prikey, char *sm2_pubkey)
{
struct svac_handle *h = (struct svac_handle *) handle;
CHECK_HANDLE(h);
if (!sm2_prikey || !sm2_pubkey) return -1;
hexdump("sm2_prikey", sm2_prikey, 32);
hexdump("sm2_pubkey", sm2_pubkey, 64);
memcpy(h->sm2_prikey, sm2_prikey, 32);
memcpy(h->sm2_pubkey, sm2_pubkey, 64);
h->sm_prikey_flag = 1;
return 0;
}
int
SvacEncSetIpcId(void *handle, char *id)
{
struct svac_handle *h = (struct svac_handle *) handle;
CHECK_HANDLE(h);
memset(h->camera_id, 0, sizeof(h->camera_id));
memcpy(h->camera_id, id, strlen(id));
return 0;
}
int
SvacEncSetCertId(void *handle, char *cert_id)
{
struct svac_handle *h = (struct svac_handle *) handle;
int serial_len = 0;
CHECK_HANDLE(h);
if (!cert_id) return -1;
serial_len = strlen(cert_id);
if (serial_len > 19) serial_len = 19;
memset(h->camera_idc, 0, sizeof(h->camera_idc));
memcpy(h->camera_idc + 19 - serial_len, cert_id, serial_len);
return 0;
}
int
SvacEncSetLevel(void *handle, char level)
{
struct svac_handle *h = (struct svac_handle *) handle;
h->new_param.encrypt_flag = 0;
h->new_param.encrypt_type = SM4_OFB;
h->new_param.auth_flag = 0;
h->new_param.auth_type = SM2_SIGN;
h->new_param.hash_type = SM3_HASH;
h->new_param.only_IDR = 1;
h->new_param.hash_period = 0;
if (level == 'b' || level == 'B') {
h->new_param.auth_flag = 1;
} else if (level == 'c' || level == 'C') {
h->new_param.encrypt_flag = 1;
h->new_param.auth_flag = 1;
}
h->sec_param_update_flag = 1;
return 0;
}
static int
write_security_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len)
{
unsigned int offset = 0;
unsigned int l = *len;
/* write encryption_flag */
offset = write_bits(h->curr_param.encrypt_flag, 1, ptr + l, offset);
/* write authentication_flag */
offset = write_bits(h->curr_param.auth_flag, 1, ptr + l, offset);
if (h->curr_param.encrypt_flag) {
unsigned char tmp;
/* write encryption_type */
if (h->curr_param.encrypt_type == SM1_OFB)
tmp = 0;
else
tmp = 1;
offset = write_bits(tmp, 4, ptr + l, offset);
/* write vek_flag */
offset = write_bits(1, 1, ptr + l, offset);
/* write iv_flag */
offset = write_bits(1, 1, ptr + l, offset);
if (1) {
/* write vek_encryption_type */
tmp = 1;
offset = write_bits(tmp, 4, ptr + l, offset);
/* write evek_length_minus1 */
offset = write_bits(h->curr_param.vek_len - 1, 8, ptr + l, offset);
/* write evek */
offset = write_string_bits(h->curr_param.evek, h->curr_param.vek_len * 8, ptr + l, offset);
/* write vkek_verion_length_minus1 */
offset = write_bits(strlen(h->vkek_list[0].version) - 1, 8, ptr + l, offset);
/* write vkek_version */
offset = write_string_bits(h->vkek_list[0].version, strlen(h->vkek_list[0].version) * 8, ptr + l, offset);
}
if (1) {
/* write iv_length_minus1 */
offset = write_bits(16 - 1, 8, ptr + l, offset);
/* write iv */
offset = write_string_bits(h->iv, 16 * 8, ptr + l, offset);
}
}
if (h->curr_param.auth_flag) {
offset = write_bits(0, 2, ptr + l, offset);
offset = write_bits(h->curr_param.only_IDR, 1, ptr + l, offset);
offset = write_bits(0, 2, ptr + l, offset);
offset = write_bits(h->curr_param.hash_period - 1, 8, ptr + l, offset);
offset = write_string_bits(h->camera_idc, 152, ptr + l, offset);
}
if (h->curr_param.encrypt_flag || h->curr_param.auth_flag)
offset = write_string_bits(h->camera_id, 160, ptr + l, offset);
offset = write_bits(1, 1, ptr + l, offset);
if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset);
assert(!(offset & 7));
l += offset / 8;
*len = l;
return 0;
}
static int
create_security_nalu(struct svac_handle *h, char *ptr, int *len)
{
unsigned int save_len = 0;
unsigned int l = *len;
ptr[l] = 0x00;
l++;
ptr[l] = 0x00;
l++;
ptr[l] = 0x00;
l++;
ptr[l] = 0x01;
l++;
ptr[l] = SVAC_SEC_SLICE << 2 | 0xc0;
l++;
write_security_nalu_data(h, ptr, &l);
*len = l;
do_add_racing_Code(ptr, &l, save_len + 4 + 1);
*len = l;
return 0;
}
static int
write_auth_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len)
{
unsigned int offset = 0;
unsigned int l = *len;
int i;
/* write frame_num */
offset = write_bits(h->sign_frame_num, 8, ptr + l, offset);
/* write authentication_data_length_minus1 */
offset = write_bits((unsigned int) (h->sign_len - 1), 8, ptr + l, offset);
/* write authentication_data */
for (i = 0; i < (int) h->sign_len; i++) offset = write_bits(h->sign[i], 8, ptr + l, offset);
/* write rbsp_trailing_bits() */
offset = write_bits(1, 1, ptr + l, offset);
if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset);
l += offset / 8;
*len = l;
return 0;
}
static int
create_auth_nalu(struct svac_handle *h, char *ptr, int *len)
{
unsigned int save_len;
unsigned int l = *len;
save_len = l;
//printf("======= %s ==========\n", __FUNCTION__);
ptr[l] = 0x00;
l++;
ptr[l] = 0x00;
l++;
ptr[l] = 0x00;
l++;
ptr[l] = 0x01;
l++;
ptr[l] = SVAC_AUTH_SLICE << 2 | 0xc0;
l++;
write_auth_nalu_data(h, ptr, &l);
*len = l;
do_add_racing_Code(ptr, &l, save_len + 4 + 1);
*len = l;
return 0;
}
static int
make_enc_frame(struct svac_handle *h, char *out_buff, int *out_data_len)
{
int i;
int out_offset = 0;
int out_nalu_len;
int ret;
*out_data_len = 0;
if (h->idr_flag) { create_security_nalu(h, out_buff, &out_offset); }
for (i = 0; i < h->nalu_num; i++) {
if (((h->nalu[i].type != SVAC_IDR_SLICE) && (h->nalu[i].type != SVAC_NO_IDR_SLICE))
|| (!h->curr_param.encrypt_flag)) {
memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len);
h->nalu[i].out_addr = out_buff + out_offset;
//out_buff[out_offset + 4] &= 0xfc;
out_nalu_len = h->nalu[i].len;
if (h->nalu[i].need_add_racing_code) do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5);
out_offset += out_nalu_len;
h->nalu[i].out_len = out_nalu_len;
} else {
int enc_len;
int out_len;
if (!h->find_vkek_flag) {
PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version);
return -1;
}
if (!h->nalu[i].need_add_racing_code) {
do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5);
h->nalu[i].need_add_racing_code = 1;
}
memcpy(out_buff + out_offset, h->nalu[i].addr, 5);
enc_len = h->nalu[i].len - 1 - 5;
h->nalu[i].out_addr = out_buff + out_offset;
ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, enc_len, out_buff + out_offset + 5,
&out_len, h->vek, h->iv);
if (ret) return -1;
memcpy(out_buff + out_offset + enc_len + 5, h->nalu[i].addr + 5 + enc_len, 1);
out_buff[out_offset + 4] |= 0x2;
out_nalu_len = h->nalu[i].len;
do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5);
out_offset += out_nalu_len;
h->nalu[i].out_len = out_nalu_len;
}
//PRINT_INFO("out_nalu_len %d out_offset %d\n", out_nalu_len, out_offset);
}
*out_data_len += out_offset;
return 0;
}
static int
calc_frame_hash(struct svac_handle *h, char *out_buff, int *out_data_len)
{
int i;
struct sm3_ctx ctx;
sm3_init(&ctx);
for (i = 0; i < h->nalu_num; i++) {
if ((h->nalu[i].type == SVAC_IDR_SLICE) || (h->nalu[i].type == SVAC_NO_IDR_SLICE)) {
h->nalu[i].out_addr[4] |= 1;
sm3_update(&ctx, h->nalu[i].out_addr + 4, h->nalu[i].out_len - 4);
//printf("calc_frame_hash nalu %d len %d\n", i, h->nalu[i].out_len - 4);
}
}
sm3_final(&ctx, h->idr_hash);
return 0;
}
static int
calc_idr_sign_data(struct svac_handle *h)
{
char sign[64];
int sign_len = 64;
do_sm2_sign(h->sm2_prikey, h->sm2_pubkey, h->idr_hash, 32, sign);
h->sign_len = 64;
h->sign_len = sizeof(h->sign);
do_base64_encode(h->sign, &h->sign_len, sign, sign_len);
return 0;
}
static int
make_auth_nal(struct svac_handle *h, char *out_buff, int *out_data_len)
{
if (!h->curr_param.auth_flag) return 0;
if (h->curr_param.only_IDR && h->idr_flag) {
calc_frame_hash(h, out_buff, out_data_len);
calc_idr_sign_data(h);
create_auth_nalu(h, out_buff, out_data_len);
}
return 0;
}
int
SvacEncProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len)
{
struct svac_handle *h = (struct svac_handle *) handle;
CHECK_HANDLE(h);
if (!in_buff || !out_buff || !out_len) return -1;
h->nalu_num = 0;
h->idr_flag = 0;
h->sec_nalu_flag = 0;
h->auth_nalu_flag = 0;
svac_parse_nalu(h, in_buff, in_len);
if (!h->nalu_num) {
PRINT_ERR("Not find nalu start code!\n");
return -1;
}
if (h->idr_flag && h->sec_param_update_flag) update_new_enc_param(h);
/* <20><><EFBFBD><EFBFBD><EFBFBD>a<EFBFBD><61><EFBFBD><EFBFBD><EFBFBD><EFBFBD> bypass */
if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) return make_bypass_frame(h, out_buff, out_len);
make_enc_frame(h, out_buff, out_len);
make_auth_nal(h, out_buff, out_len);
return 0;
}
int
SvacEncRelease(void *handle)
{
struct svac_handle *h = (struct svac_handle *) handle;
CHECK_HANDLE(h);
free(h);
return 0;
}

BIN
lib-gnueabihf/libserver-sm.so Executable file

Binary file not shown.

File diff suppressed because it is too large Load Diff

View File

@ -1132,7 +1132,7 @@ void awsm__get_dev_info__free_unpacked
assert(message->base.descriptor == &awsm__get_dev_info__descriptor);
protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator);
}
static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[2] =
static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[3] =
{
{
"EccPublickey",
@ -1158,15 +1158,29 @@ static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[2] =
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
{
"MessageID",
20,
PROTOBUF_C_LABEL_NONE,
PROTOBUF_C_TYPE_UINT64,
0, /* quantifier_offset */
offsetof(AWSM__HashInit, messageid),
NULL,
NULL,
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
};
static const unsigned awsm__hash_init__field_indices_by_name[] = {
0, /* field[0] = EccPublickey */
2, /* field[2] = MessageID */
1, /* field[1] = ReturnValue */
};
static const ProtobufCIntRange awsm__hash_init__number_ranges[1 + 1] =
static const ProtobufCIntRange awsm__hash_init__number_ranges[2 + 1] =
{
{ 1, 0 },
{ 0, 2 }
{ 20, 2 },
{ 0, 3 }
};
const ProtobufCMessageDescriptor awsm__hash_init__descriptor =
{
@ -1176,14 +1190,14 @@ const ProtobufCMessageDescriptor awsm__hash_init__descriptor =
"AWSM__HashInit",
"AWSM",
sizeof(AWSM__HashInit),
2,
3,
awsm__hash_init__field_descriptors,
awsm__hash_init__field_indices_by_name,
1, awsm__hash_init__number_ranges,
2, awsm__hash_init__number_ranges,
(ProtobufCMessageInit) awsm__hash_init__init,
NULL,NULL,NULL /* reserved[123] */
};
static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[3] =
static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[4] =
{
{
"SourceData",
@ -1221,16 +1235,30 @@ static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[3] =
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
{
"MessageID",
20,
PROTOBUF_C_LABEL_NONE,
PROTOBUF_C_TYPE_UINT64,
0, /* quantifier_offset */
offsetof(AWSM__HashUpdate, messageid),
NULL,
NULL,
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
};
static const unsigned awsm__hash_update__field_indices_by_name[] = {
3, /* field[3] = MessageID */
2, /* field[2] = ReturnValue */
0, /* field[0] = SourceData */
1, /* field[1] = SourceDataLen */
};
static const ProtobufCIntRange awsm__hash_update__number_ranges[1 + 1] =
static const ProtobufCIntRange awsm__hash_update__number_ranges[2 + 1] =
{
{ 1, 0 },
{ 0, 3 }
{ 20, 3 },
{ 0, 4 }
};
const ProtobufCMessageDescriptor awsm__hash_update__descriptor =
{
@ -1240,14 +1268,14 @@ const ProtobufCMessageDescriptor awsm__hash_update__descriptor =
"AWSM__HashUpdate",
"AWSM",
sizeof(AWSM__HashUpdate),
3,
4,
awsm__hash_update__field_descriptors,
awsm__hash_update__field_indices_by_name,
1, awsm__hash_update__number_ranges,
2, awsm__hash_update__number_ranges,
(ProtobufCMessageInit) awsm__hash_update__init,
NULL,NULL,NULL /* reserved[123] */
};
static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[3] =
static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[4] =
{
{
"HashData",
@ -1285,16 +1313,30 @@ static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[3] =
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
{
"MessageID",
20,
PROTOBUF_C_LABEL_NONE,
PROTOBUF_C_TYPE_UINT64,
0, /* quantifier_offset */
offsetof(AWSM__HashFinal, messageid),
NULL,
NULL,
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
};
static const unsigned awsm__hash_final__field_indices_by_name[] = {
0, /* field[0] = HashData */
1, /* field[1] = HashDataLen */
3, /* field[3] = MessageID */
2, /* field[2] = ReturnValue */
};
static const ProtobufCIntRange awsm__hash_final__number_ranges[1 + 1] =
static const ProtobufCIntRange awsm__hash_final__number_ranges[2 + 1] =
{
{ 1, 0 },
{ 0, 3 }
{ 20, 3 },
{ 0, 4 }
};
const ProtobufCMessageDescriptor awsm__hash_final__descriptor =
{
@ -1304,14 +1346,14 @@ const ProtobufCMessageDescriptor awsm__hash_final__descriptor =
"AWSM__HashFinal",
"AWSM",
sizeof(AWSM__HashFinal),
3,
4,
awsm__hash_final__field_descriptors,
awsm__hash_final__field_indices_by_name,
1, awsm__hash_final__number_ranges,
2, awsm__hash_final__number_ranges,
(ProtobufCMessageInit) awsm__hash_final__init,
NULL,NULL,NULL /* reserved[123] */
};
static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[6] =
static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[7] =
{
{
"SourceData",
@ -1385,19 +1427,33 @@ static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[6] =
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
{
"MessageID",
20,
PROTOBUF_C_LABEL_NONE,
PROTOBUF_C_TYPE_UINT64,
0, /* quantifier_offset */
offsetof(AWSM__Hash, messageid),
NULL,
NULL,
0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */
},
};
static const unsigned awsm__hash__field_indices_by_name[] = {
4, /* field[4] = EccPublickey */
2, /* field[2] = HashData */
3, /* field[3] = HashDataLen */
6, /* field[6] = MessageID */
5, /* field[5] = ReturnValue */
0, /* field[0] = SourceData */
1, /* field[1] = SourceDataLen */
};
static const ProtobufCIntRange awsm__hash__number_ranges[1 + 1] =
static const ProtobufCIntRange awsm__hash__number_ranges[2 + 1] =
{
{ 1, 0 },
{ 0, 6 }
{ 20, 6 },
{ 0, 7 }
};
const ProtobufCMessageDescriptor awsm__hash__descriptor =
{
@ -1407,10 +1463,10 @@ const ProtobufCMessageDescriptor awsm__hash__descriptor =
"AWSM__Hash",
"AWSM",
sizeof(AWSM__Hash),
6,
7,
awsm__hash__field_descriptors,
awsm__hash__field_indices_by_name,
1, awsm__hash__number_ranges,
2, awsm__hash__number_ranges,
(ProtobufCMessageInit) awsm__hash__init,
NULL,NULL,NULL /* reserved[123] */
};