feat add libserver-sm.so
This commit is contained in:
parent
c856e44fb9
commit
4f753bc49c
@ -2,117 +2,110 @@
|
||||
#define __AWSM_H__
|
||||
|
||||
// PIN<49>û<EFBFBD><C3BB><EFBFBD><EFBFBD><EFBFBD>
|
||||
#define ADMIN_TYPE 0
|
||||
#define USER_TYPE 1
|
||||
#define ADMIN_TYPE 0
|
||||
#define USER_TYPE 1
|
||||
|
||||
#define ECCPRIVATEKEYBITLENGTH 256
|
||||
#define ECCPRIVATEKEYLENGTH 32
|
||||
|
||||
//<EFBFBD>㷨<EFBFBD><EFBFBD>־
|
||||
// SM1
|
||||
#define SGD_SM1_ECB 0x00000101
|
||||
#define SGD_SM1_CBC 0x00000102
|
||||
#define SGD_SM1_CFB 0x00000104
|
||||
#define SGD_SM1_OFB 0x00000108
|
||||
#define SGD_SM1_MAC 0x00000110
|
||||
// <EFBFBD>㷨<EFBFBD><EFBFBD>־
|
||||
// SM1
|
||||
#define SGD_SM1_ECB 0x00000101
|
||||
#define SGD_SM1_CBC 0x00000102
|
||||
#define SGD_SM1_CFB 0x00000104
|
||||
#define SGD_SM1_OFB 0x00000108
|
||||
#define SGD_SM1_MAC 0x00000110
|
||||
// SM4
|
||||
#define SGD_SMS4_ECB 0x00000401
|
||||
#define SGD_SMS4_CBC 0x00000402
|
||||
#define SGD_SMS4_CFB 0x00000404
|
||||
#define SGD_SMS4_OFB 0x00000408
|
||||
#define SGD_SMS4_ECB 0x00000401
|
||||
#define SGD_SMS4_CBC 0x00000402
|
||||
#define SGD_SMS4_CFB 0x00000404
|
||||
#define SGD_SMS4_OFB 0x00000408
|
||||
// AES
|
||||
#define SGD_AES128_ECB 0x00000801
|
||||
#define SGD_AES128_CBC 0x00000802
|
||||
#define SGD_AES128_CFB 0x00000804
|
||||
#define SGD_AES128_OFB 0x00000808
|
||||
#define SGD_AES128_ECB 0x00000801
|
||||
#define SGD_AES128_CBC 0x00000802
|
||||
#define SGD_AES128_CFB 0x00000804
|
||||
#define SGD_AES128_OFB 0x00000808
|
||||
|
||||
#define SGD_AES192_ECB 0x00000811
|
||||
#define SGD_AES192_CBC 0x00000812
|
||||
#define SGD_AES192_CFB 0x00000814
|
||||
#define SGD_AES192_OFB 0x00000818
|
||||
#define SGD_AES192_ECB 0x00000811
|
||||
#define SGD_AES192_CBC 0x00000812
|
||||
#define SGD_AES192_CFB 0x00000814
|
||||
#define SGD_AES192_OFB 0x00000818
|
||||
|
||||
#define SGD_AES256_ECB 0x00000821
|
||||
#define SGD_AES256_CBC 0x00000822
|
||||
#define SGD_AES256_CFB 0x00000824
|
||||
#define SGD_AES256_OFB 0x00000828
|
||||
#define SGD_AES256_ECB 0x00000821
|
||||
#define SGD_AES256_CBC 0x00000822
|
||||
#define SGD_AES256_CFB 0x00000824
|
||||
#define SGD_AES256_OFB 0x00000828
|
||||
// DES
|
||||
#define SGD_DES_ECB 0x00001001
|
||||
#define SGD_DES_CBC 0x00001002
|
||||
#define SGD_DES_CFB 0x00001004
|
||||
#define SGD_DES_OFB 0x00001008
|
||||
#define SGD_DES_ECB 0x00001001
|
||||
#define SGD_DES_CBC 0x00001002
|
||||
#define SGD_DES_CFB 0x00001004
|
||||
#define SGD_DES_OFB 0x00001008
|
||||
// 3DES_2KEY
|
||||
#define SGD_D3DES_ECB 0x00001011
|
||||
#define SGD_D3DES_CBC 0x00001012
|
||||
#define SGD_D3DES_CFB 0x00001014
|
||||
#define SGD_D3DES_OFB 0x00001018
|
||||
#define SGD_D3DES_ECB 0x00001011
|
||||
#define SGD_D3DES_CBC 0x00001012
|
||||
#define SGD_D3DES_CFB 0x00001014
|
||||
#define SGD_D3DES_OFB 0x00001018
|
||||
// 3DES_3KEY
|
||||
#define SGD_T3DES_ECB 0x00001021
|
||||
#define SGD_T3DES_CBC 0x00001022
|
||||
#define SGD_T3DES_CFB 0x00001024
|
||||
#define SGD_T3DES_OFB 0x00001028
|
||||
#define SGD_T3DES_ECB 0x00001021
|
||||
#define SGD_T3DES_CBC 0x00001022
|
||||
#define SGD_T3DES_CFB 0x00001024
|
||||
#define SGD_T3DES_OFB 0x00001028
|
||||
|
||||
//<EFBFBD>ǶԳ<EFBFBD>
|
||||
#define SGD_RSA 0x00010000
|
||||
#define SGD_SM2_1 0x00020100 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD>㷨
|
||||
#define SGD_SM2_2 0x00020200 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><D4BF><EFBFBD><EFBFBD>Э<EFBFBD><D0AD>
|
||||
#define SGD_SM2_3 0x00020400 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><DFBC><EFBFBD><EFBFBD>㷨
|
||||
// <EFBFBD>ǶԳ<EFBFBD>
|
||||
#define SGD_RSA 0x00010000
|
||||
#define SGD_SM2_1 0x00020100 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD>㷨
|
||||
#define SGD_SM2_2 0x00020200 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><D4BF><EFBFBD><EFBFBD>Э<EFBFBD><D0AD>
|
||||
#define SGD_SM2_3 0x00020400 // <20><>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><DFBC><EFBFBD><EFBFBD>㷨
|
||||
|
||||
//<EFBFBD>Ӵ<EFBFBD><EFBFBD>㷨<EFBFBD><EFBFBD>־
|
||||
#define SGD_SM3 0x00000001
|
||||
#define SGD_SHA1 0x00000002
|
||||
#define SGD_SHA256 0x00000004
|
||||
// <EFBFBD>Ӵ<EFBFBD><EFBFBD>㷨<EFBFBD><EFBFBD>־
|
||||
#define SGD_SM3 0x00000001
|
||||
#define SGD_SHA1 0x00000002
|
||||
#define SGD_SHA256 0x00000004
|
||||
|
||||
|
||||
#define SKF_USE_ENCDEC 0x01 //<2F><><EFBFBD>ڼ<EFBFBD><DABC>ܽ<EFBFBD><DCBD><EFBFBD>
|
||||
#define SKF_USE_SIGVER 0x02 //<2F><><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>֤
|
||||
#define SKF_USE_ENCDEC 0x01 // <20><><EFBFBD>ڼ<EFBFBD><DABC>ܽ<EFBFBD><DCBD><EFBFBD>
|
||||
#define SKF_USE_SIGVER 0x02 // <20><><EFBFBD><EFBFBD>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>֤
|
||||
|
||||
/**
|
||||
* @enum 对称加密算法模式
|
||||
*/
|
||||
enum PerformanceAlgMode
|
||||
{
|
||||
P_AlG_ECB,
|
||||
P_AlG_CBC,
|
||||
P_AlG_CFB,
|
||||
P_AlG_OFB
|
||||
};
|
||||
*/
|
||||
enum PerformanceAlgMode { P_AlG_ECB, P_AlG_CBC, P_AlG_CFB, P_AlG_OFB };
|
||||
|
||||
enum EccKeyPairType
|
||||
{
|
||||
CryptKey,
|
||||
SignatureKey
|
||||
};
|
||||
enum EccKeyPairType { CryptKey, SignatureKey };
|
||||
|
||||
/**
|
||||
* @brief 设备初始化
|
||||
*
|
||||
*
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Device_Init();
|
||||
|
||||
/**
|
||||
* @brief 设备初始化
|
||||
*
|
||||
*
|
||||
* @param IP 服务器IP
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Device_Init_IP(unsigned char *IP);
|
||||
|
||||
// int Unlock_Application_PIN(unsigned char *AdminPin, unsigned char *NewUserPIN, unsigned int *RetryCount);
|
||||
// int Unlock_Application_PIN(unsigned char *AdminPin, unsigned char
|
||||
// *NewUserPIN, unsigned int *RetryCount);
|
||||
|
||||
// int Change_Application_PIN(unsigned char *Old, unsigned char *New, unsigned int *RetryCount);
|
||||
// int Change_Application_PIN(unsigned char *Old, unsigned char *New, unsigned
|
||||
// int *RetryCount);
|
||||
|
||||
// int Verify_Application_PIN(unsigned char *PIN, unsigned int *RetryCount);
|
||||
|
||||
int Generate_Hash_Init(unsigned char *EccPublickey);
|
||||
int Generate_Hash_Init(void *ctx, unsigned char *EccPublickey);
|
||||
|
||||
int Generate_Hash_Update(unsigned char *Source_Data, unsigned int SourceDataLen);
|
||||
int Generate_Hash_Update(void *ctx, unsigned char *Source_Data,
|
||||
unsigned int SourceDataLen);
|
||||
|
||||
int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen);
|
||||
int Generate_Hash_Final(void *ctx, unsigned char *HashData,
|
||||
unsigned int *HashDataLen);
|
||||
|
||||
/**
|
||||
* @brief 生成哈希
|
||||
*
|
||||
*
|
||||
* @param SourceData 待哈希源数据
|
||||
* @param SourceDataLen 待哈希源数据长度
|
||||
* @param HashData 哈希数据缓冲区
|
||||
@ -121,11 +114,13 @@ int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen);
|
||||
* @param HashType 哈希类型 SGD_SM3
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Generate_Hash(unsigned char *SourceData, unsigned int SourceDataLen, unsigned char *HashData, unsigned int *HashDataLen, unsigned char *EccPublickey, unsigned int HashType);
|
||||
int Generate_Hash(unsigned char *SourceData, unsigned int SourceDataLen,
|
||||
unsigned char *HashData, unsigned int *HashDataLen,
|
||||
unsigned char *EccPublickey, unsigned int HashType);
|
||||
|
||||
/**
|
||||
* @brief 生成随机数
|
||||
*
|
||||
*
|
||||
* @param ucRandom 生成随机数缓冲区
|
||||
* @param ulRandomLen 生成随机数缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
@ -134,18 +129,21 @@ int Generate_Rand(unsigned char *ucRandom, unsigned int ulRandomLen);
|
||||
|
||||
/**
|
||||
* @brief 内部私钥签名
|
||||
*
|
||||
*
|
||||
* @param SignData 待签名源数据
|
||||
* @param SignDataLen 待签名源数据长度
|
||||
* @param EccSignBlobData 签名数据缓冲区
|
||||
* @param EccSignBlobDatalen 签名数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Generate_SignData_IntPrikey(unsigned char *SignData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int *EccSignBlobDatalen);
|
||||
int Generate_SignData_IntPrikey(unsigned char *SignData,
|
||||
unsigned int SignDataLen,
|
||||
unsigned char *EccSignBlobData,
|
||||
unsigned int *EccSignBlobDatalen);
|
||||
|
||||
/**
|
||||
* @brief 外部私钥签名
|
||||
*
|
||||
*
|
||||
* @param EccPrikey 外部私钥明文数据
|
||||
* @param SignData 待签名源数据
|
||||
* @param SignDataLen 待签名源数据长度
|
||||
@ -153,11 +151,15 @@ int Generate_SignData_IntPrikey(unsigned char *SignData, unsigned int SignDataLe
|
||||
* @param EccSignBlobDataLen 生成签名数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Generate_SignData_ExtPrikey(unsigned char *EccPrikey, unsigned char *SignData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int *EccSignBlobDataLen);
|
||||
int Generate_SignData_ExtPrikey(unsigned char *EccPrikey,
|
||||
unsigned char *SignData,
|
||||
unsigned int SignDataLen,
|
||||
unsigned char *EccSignBlobData,
|
||||
unsigned int *EccSignBlobDataLen);
|
||||
|
||||
/**
|
||||
* @brief 外部公钥验签
|
||||
*
|
||||
*
|
||||
* @param EccPublickey 公钥明文数据
|
||||
* @param SignatureData 签名源数据
|
||||
* @param SignDataLen 签名源数据长度
|
||||
@ -165,11 +167,15 @@ int Generate_SignData_ExtPrikey(unsigned char *EccPrikey, unsigned char *SignDat
|
||||
* @param EccSignBlobDataLen 签名数据长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Verify_SignData_ExtPubkey(unsigned char *EccPublickey, unsigned char *SignatureData, unsigned int SignDataLen, unsigned char *EccSignBlobData, unsigned int EccSignBlobDataLen);
|
||||
int Verify_SignData_ExtPubkey(unsigned char *EccPublickey,
|
||||
unsigned char *SignatureData,
|
||||
unsigned int SignDataLen,
|
||||
unsigned char *EccSignBlobData,
|
||||
unsigned int EccSignBlobDataLen);
|
||||
|
||||
/**
|
||||
* @brief 外部公钥加密
|
||||
*
|
||||
*
|
||||
* @param EPublickey 公钥明文数据
|
||||
* @param InData 待加密源数据
|
||||
* @param InDataLen 待加密源数据长度
|
||||
@ -177,11 +183,14 @@ int Verify_SignData_ExtPubkey(unsigned char *EccPublickey, unsigned char *Signat
|
||||
* @param ECCCIPPHERDataLen 加密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData, unsigned int InDataLen, unsigned char *ECCCIPPHERData, unsigned int *ECCCIPPHERDataLen);
|
||||
int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData,
|
||||
unsigned int InDataLen,
|
||||
unsigned char *ECCCIPPHERData,
|
||||
unsigned int *ECCCIPPHERDataLen);
|
||||
|
||||
/**
|
||||
* @brief 外部私钥解密
|
||||
*
|
||||
*
|
||||
* @param EPrikey 私钥明文数据
|
||||
* @param ECCCIPPHERData 待解密数据
|
||||
* @param ECCCIPPHERDataLen 待解密数据长度
|
||||
@ -189,33 +198,41 @@ int SM2_3_Encrypt_ExtPubkey(unsigned char *EPublickey, unsigned char *InData, un
|
||||
* @param OutDataLen 解密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM2_3_Decrypt_ExtPrikey(unsigned char *EPrikey, unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM2_3_Decrypt_ExtPrikey(unsigned char *EPrikey,
|
||||
unsigned char *ECCCIPPHERData,
|
||||
unsigned int ECCCIPPHERDataLen,
|
||||
unsigned char *OutData, unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief 内部签名私钥解密
|
||||
*
|
||||
*
|
||||
* @param ECCCIPPHERData 待解密数据
|
||||
* @param ECCCIPPHERDataLen 待解密数据长度
|
||||
* @param OutData 解密数据缓冲区
|
||||
* @param OutDataLen 解密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM2_3_Decrypt_IntPrikey(unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM2_3_Decrypt_IntPrikey(unsigned char *ECCCIPPHERData,
|
||||
unsigned int ECCCIPPHERDataLen,
|
||||
unsigned char *OutData, unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief 内部加密私钥解密
|
||||
*
|
||||
*
|
||||
* @param ECCCIPPHERData 待解密数据
|
||||
* @param ECCCIPPHERDataLen 待解密数据长度
|
||||
* @param OutData 解密数据缓冲区
|
||||
* @param OutDataLen 解密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData, unsigned int ECCCIPPHERDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData,
|
||||
unsigned int ECCCIPPHERDataLen,
|
||||
unsigned char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief SM1加密
|
||||
*
|
||||
*
|
||||
* @param AlgMode 算法类型 enum PerformanceAlgMode
|
||||
* @param pIv IV
|
||||
* @param Key Key
|
||||
@ -226,13 +243,14 @@ int SM2_3_Decrypt_IntCryptPrikey(unsigned char *ECCCIPPHERData, unsigned int ECC
|
||||
* @param OutDataLen 加密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM1_Encrypt(
|
||||
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
|
||||
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM1_Encrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
|
||||
unsigned int KeyLen, unsigned char *InData,
|
||||
unsigned int InDataLen, unsigned char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief SM1解密
|
||||
*
|
||||
*
|
||||
* @param AlgMode 算法类型 enum PerformanceAlgMode
|
||||
* @param pIv IV
|
||||
* @param Key Key
|
||||
@ -243,13 +261,14 @@ int SM1_Encrypt(
|
||||
* @param OutDataLen 解密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM1_Decrypt(
|
||||
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
|
||||
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM1_Decrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
|
||||
unsigned int KeyLen, unsigned char *InData,
|
||||
unsigned int InDataLen, unsigned char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief SM4加密
|
||||
*
|
||||
*
|
||||
* @param AlgMode 算法类型 enum PerformanceAlgMode
|
||||
* @param pIv IV
|
||||
* @param Key Key
|
||||
@ -260,13 +279,14 @@ int SM1_Decrypt(
|
||||
* @param OutDataLen 加密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM4_Encrypt(
|
||||
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
|
||||
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM4_Encrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
|
||||
unsigned int KeyLen, unsigned char *InData,
|
||||
unsigned int InDataLen, unsigned char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief SM4解密
|
||||
*
|
||||
*
|
||||
* @param AlgMode 算法类型 enum PerformanceAlgMode
|
||||
* @param pIv IV
|
||||
* @param Key Key
|
||||
@ -277,20 +297,21 @@ int SM4_Encrypt(
|
||||
* @param OutDataLen 解密数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int SM4_Decrypt(
|
||||
const int AlgMode, unsigned char *pIv, unsigned char *Key, unsigned int KeyLen,
|
||||
unsigned char *InData, unsigned int InDataLen, unsigned char *OutData, unsigned int *OutDataLen);
|
||||
int SM4_Decrypt(const int AlgMode, unsigned char *pIv, unsigned char *Key,
|
||||
unsigned int KeyLen, unsigned char *InData,
|
||||
unsigned int InDataLen, unsigned char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief 内部生成新加密公私钥对
|
||||
*
|
||||
*
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Generate_ECCKeyPair();
|
||||
|
||||
/**
|
||||
* @brief 导出公钥
|
||||
*
|
||||
*
|
||||
* @param KeyPairtype 公钥类型 enum EccKeyPairType
|
||||
* @param publickey 公钥明文数据缓冲区
|
||||
* @return int 0成功,其他失败
|
||||
@ -299,49 +320,53 @@ int Export_publickey(unsigned int KeyPairtype, unsigned char *publickey);
|
||||
|
||||
/**
|
||||
* @brief 导入公钥
|
||||
*
|
||||
*
|
||||
* @param KeyPairtype 公钥类型 enum EccKeyPairType
|
||||
* @param Privatkey 私钥明文数据
|
||||
* @param Publickey 公钥明文数据
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Import_ECCKeyPair(unsigned int KeyPairtype, unsigned char *Privatkey, unsigned char *Publickey);
|
||||
int Import_ECCKeyPair(unsigned int KeyPairtype, unsigned char *Privatkey,
|
||||
unsigned char *Publickey);
|
||||
|
||||
// int Import_ECCKeyPair_Ciphertext(unsigned char *KeyPairCiphertext, unsigned int KeyPairCiphertextLen);
|
||||
// int Import_ECCKeyPair_Ciphertext(unsigned char *KeyPairCiphertext, unsigned
|
||||
// int KeyPairCiphertextLen);
|
||||
|
||||
/**
|
||||
* @brief 文件导入证书
|
||||
*
|
||||
*
|
||||
* @param CerType 证书类型
|
||||
* @param InData 待导入数据
|
||||
* @param InDataLen 待导入数据长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Import_Certificate(unsigned int CerType, char *InData, unsigned int InDataLen);
|
||||
int Import_Certificate(unsigned int CerType, char *InData,
|
||||
unsigned int InDataLen);
|
||||
|
||||
/**
|
||||
* @brief 文件导出证书
|
||||
*
|
||||
*
|
||||
* @param CerType 证书类型
|
||||
* @param OutData 导出数据缓冲区
|
||||
* @param OutDataLen 导出数据缓冲区长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int Export_Certificate(unsigned int CerType, char *OutData, unsigned int *OutDataLen);
|
||||
int Export_Certificate(unsigned int CerType, char *OutData,
|
||||
unsigned int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief 导入文件
|
||||
*
|
||||
*
|
||||
* @param FileName 文件名
|
||||
* @param InData 待导入数据
|
||||
* @param InDataLen 待导入数据长度
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
int ImportFile(char* FileName, char *InData, int InDataLen);
|
||||
int ImportFile(char *FileName, char *InData, int InDataLen);
|
||||
|
||||
/**
|
||||
* @brief 文件导出
|
||||
*
|
||||
*
|
||||
* @param FileName 文件名
|
||||
* @param OutData 导出数据缓冲区
|
||||
* @param OutDataLen 导出数据缓冲区长度
|
||||
@ -351,7 +376,7 @@ int ExportFile(char *FileName, char *OutData, int *OutDataLen);
|
||||
|
||||
/**
|
||||
* @brief 获取HWCode
|
||||
*
|
||||
*
|
||||
* @param HwCode HWCode缓冲区
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
@ -359,7 +384,7 @@ int Get_Hwcode(unsigned char *HwCode);
|
||||
|
||||
/**
|
||||
* @brief 获取设备信息
|
||||
*
|
||||
*
|
||||
* @param DevInfo 设备信息缓冲区
|
||||
* @return int 0成功,其他失败
|
||||
*/
|
||||
@ -369,7 +394,7 @@ int Get_DevInfo(unsigned char *DevInfo);
|
||||
|
||||
/**
|
||||
* @brief 关闭设备
|
||||
*
|
||||
*
|
||||
*/
|
||||
void Close_Device();
|
||||
|
||||
|
@ -106,7 +106,18 @@ static void ReConnect() {
|
||||
Device_Init();
|
||||
}
|
||||
|
||||
int Generate_Hash_Init(unsigned char *EccPublickey) {
|
||||
static void *HashCtxCreate() {
|
||||
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
|
||||
uint64_t *ctx = (uint64_t *)malloc(sizeof(uint64_t));
|
||||
return ctx;
|
||||
}
|
||||
static void HashCtxDestroy(void *ctx) {
|
||||
if (ctx) {
|
||||
free(ctx);
|
||||
}
|
||||
}
|
||||
|
||||
int Generate_Hash_Init(void *ctx, unsigned char *EccPublickey) {
|
||||
int rv = 0;
|
||||
|
||||
int iSendBufLen = 0;
|
||||
@ -114,6 +125,13 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
|
||||
pZMQBuf_s psZMQBuf = NULL;
|
||||
AWSM__HashInit *Result = NULL;
|
||||
do {
|
||||
ctx = HashCtxCreate();
|
||||
if (!ctx) {
|
||||
fprintf(stderr, "HashCtxCreate failed.\n");
|
||||
rv = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
AWSM__HashInit HashInit = AWSM__HASH_INIT__INIT;
|
||||
|
||||
if (EccPublickey) {
|
||||
@ -145,6 +163,7 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
|
||||
rv = Result->returnvalue;
|
||||
if (rv)
|
||||
break;
|
||||
*(uint64_t *)ctx = Result->messageid;
|
||||
|
||||
} while (0);
|
||||
if (psZMQBuf)
|
||||
@ -153,12 +172,16 @@ int Generate_Hash_Init(unsigned char *EccPublickey) {
|
||||
awsm__hash_init__free_unpacked(Result, NULL);
|
||||
if (pcSendBuf)
|
||||
free(pcSendBuf);
|
||||
if (rv && ctx) {
|
||||
HashCtxDestroy(ctx);
|
||||
}
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
int Generate_Hash_Update(unsigned char *SourceData,
|
||||
int Generate_Hash_Update(void *ctx, unsigned char *SourceData,
|
||||
unsigned int SourceDataLen) {
|
||||
uint64_t id = *(uint64_t *)ctx;
|
||||
int rv = 0;
|
||||
|
||||
int iSendBufLen = 0;
|
||||
@ -168,6 +191,7 @@ int Generate_Hash_Update(unsigned char *SourceData,
|
||||
do {
|
||||
AWSM__HashUpdate HashUpdate = AWSM__HASH_UPDATE__INIT;
|
||||
|
||||
HashUpdate.messageid = id;
|
||||
HashUpdate.sourcedata.len = SourceDataLen;
|
||||
HashUpdate.sourcedata.data = SourceData;
|
||||
|
||||
@ -207,7 +231,9 @@ int Generate_Hash_Update(unsigned char *SourceData,
|
||||
return rv;
|
||||
}
|
||||
|
||||
int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen) {
|
||||
int Generate_Hash_Final(void *ctx, unsigned char *HashData,
|
||||
unsigned int *HashDataLen) {
|
||||
uint64_t id = *(uint64_t *)ctx;
|
||||
int rv = 0;
|
||||
|
||||
int iSendBufLen = 0;
|
||||
@ -217,6 +243,7 @@ int Generate_Hash_Final(unsigned char *HashData, unsigned int *HashDataLen) {
|
||||
do {
|
||||
AWSM__HashFinal HashFinal = AWSM__HASH_FINAL__INIT;
|
||||
|
||||
HashFinal.messageid = id;
|
||||
HashFinal.hashdata.len = 0;
|
||||
HashFinal.hashdata.data = NULL;
|
||||
HashFinal.hashdatalen = *HashDataLen;
|
||||
|
@ -1,26 +1,23 @@
|
||||
CMAKE_MINIMUM_REQUIRED(VERSION 3.10)
|
||||
PROJECT(AWSMServer)
|
||||
cmake_minimum_required(VERSION 3.10)
|
||||
project(AWSMServer)
|
||||
|
||||
AUX_SOURCE_DIRECTORY(${PROJECT_SOURCE_DIR}/src src_list)
|
||||
aux_source_directory(${PROJECT_SOURCE_DIR}/src src_list)
|
||||
aux_source_directory(${PROJECT_SOURCE_DIR}/src/sm2sm3_enc src_list)
|
||||
|
||||
ADD_EXECUTABLE(${PROJECT_NAME} ${src_list} ${PROJECT_SOURCE_DIR}/AWSMServer.c)
|
||||
add_executable(${PROJECT_NAME} ${src_list} ${PROJECT_SOURCE_DIR}/AWSMServer.c)
|
||||
|
||||
TARGET_INCLUDE_DIRECTORIES(${PROJECT_NAME}
|
||||
PRIVATE
|
||||
${PROJECT_SOURCE_DIR}/include)
|
||||
target_include_directories(${PROJECT_NAME}
|
||||
PRIVATE ${PROJECT_SOURCE_DIR}/include)
|
||||
|
||||
TARGET_LINK_DIRECTORIES(${PROJECT_NAME}
|
||||
PRIVATE
|
||||
${CMAKE_SOURCE_DIR}/lib
|
||||
)
|
||||
target_link_directories(${PROJECT_NAME} PRIVATE ${CMAKE_SOURCE_DIR}/lib)
|
||||
|
||||
TARGET_LINK_LIBRARIES(${PROJECT_NAME}
|
||||
PUBLIC
|
||||
pthread
|
||||
m
|
||||
server-sm
|
||||
stdc++
|
||||
VSConfig
|
||||
VSClock
|
||||
ZMQLayout
|
||||
AWSMProtobuf)
|
||||
target_link_libraries(
|
||||
${PROJECT_NAME}
|
||||
PUBLIC pthread
|
||||
m
|
||||
server-sm
|
||||
stdc++
|
||||
VSConfig
|
||||
VSClock
|
||||
ZMQLayout
|
||||
AWSMProtobuf)
|
||||
|
@ -3,11 +3,10 @@
|
||||
|
||||
#include "AWSM.pb-c.h"
|
||||
|
||||
typedef struct AWSMProtobuf_S
|
||||
{
|
||||
char *pcBuf;
|
||||
int iBufLen;
|
||||
}AWSMProtobuf_s, *pAWSMProtobuf_s;
|
||||
typedef struct AWSMProtobuf_S {
|
||||
char *pcBuf;
|
||||
int iBufLen;
|
||||
} AWSMProtobuf_s, *pAWSMProtobuf_s;
|
||||
|
||||
void AWSMProtobufDestroy(pAWSMProtobuf_s);
|
||||
|
||||
@ -27,19 +26,26 @@ pAWSMProtobuf_s CallHash(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallRand(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSignatureByIntPrikey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSignatureByIntPrikey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSignatureByExtPrikey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSignatureByExtPrikey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallVerifySignature(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallVerifySignature(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM2EncryptByExtPubKey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSM2EncryptByExtPubKey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM2DecryptByExtPrikey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSM2DecryptByExtPrikey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM2DecryptByIntPrikey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSM2DecryptByIntPrikey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM2DecryptByIntCryptPrikey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallSM2DecryptByIntCryptPrikey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM1Encrypt(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
@ -49,15 +55,20 @@ pAWSMProtobuf_s CallSM4Encrypt(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallSM4Decrypt(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallGenerateECCKeyPair(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallGenerateECCKeyPair(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallExportPubkey(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallExportPubkey(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallImportKeyPair(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallImportKeyPair(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallImportCertificate(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallImportCertificate(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallExportCertificate(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
pAWSMProtobuf_s CallExportCertificate(const char *pcProtoBuf,
|
||||
const int iProtoBufLen);
|
||||
|
||||
pAWSMProtobuf_s CallImportFile(const char *pcProtoBuf, const int iProtoBufLen);
|
||||
|
||||
|
@ -7,7 +7,7 @@
|
||||
|
||||
#include "AWSKF.h"
|
||||
#include "map.h"
|
||||
#include "sm2sm3_enc/sm2.h"
|
||||
// #include "sm2sm3_enc/sm2.h"
|
||||
#include "sm2sm3_enc/sm3.h"
|
||||
|
||||
static pthread_mutex_t tLocker = PTHREAD_MUTEX_INITIALIZER;
|
||||
@ -20,14 +20,30 @@ static pthread_mutex_t hash_map_lock = PTHREAD_MUTEX_INITIALIZER;
|
||||
#define TryLockMap() pthread_mutex_trylock(&tLocker)
|
||||
#define UnlockMap() pthread_mutex_unlock(&tLocker)
|
||||
|
||||
#define INVALID_MESSAGE_ID 0
|
||||
static uint64_t hash_message_id = 1;
|
||||
map hash_map_ref = NULL;
|
||||
struct HashRequest {
|
||||
struct sm3_ctx ctx;
|
||||
uint8_t pubkey[128];
|
||||
|
||||
size_t data_len;
|
||||
uint8_t *data_ptr;
|
||||
};
|
||||
struct HashRequest *HashRequestCreate() {
|
||||
struct HashRequest *ptr =
|
||||
(struct HashRequest *)malloc(sizeof(struct HashRequest));
|
||||
if (!ptr) {
|
||||
return NULL;
|
||||
}
|
||||
memset(ptr->pubkey, 0, sizeof(ptr->pubkey));
|
||||
sm3_init(&ptr->ctx);
|
||||
return ptr;
|
||||
}
|
||||
|
||||
void HashRequestDestroy(struct HashRequest *ptr) {
|
||||
if (!ptr) {
|
||||
return;
|
||||
}
|
||||
free(ptr);
|
||||
}
|
||||
|
||||
static pAWSKF_f pfAWSKF = NULL;
|
||||
static pAWSKF_s psAWSKF = NULL;
|
||||
@ -102,8 +118,15 @@ pAWSMProtobuf_s CallHashInit(const char *pcProtoBuf, const int iProtoBufLen) {
|
||||
int rv = 0;
|
||||
pAWSMProtobuf_s psReturn = NULL;
|
||||
AWSM__HashInit *HashInitIN = NULL;
|
||||
struct HashRequest *request = NULL;
|
||||
do {
|
||||
do {
|
||||
request = HashRequestCreate();
|
||||
if (!request) {
|
||||
rv = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
HashInitIN = awsm__hash_init__unpack(NULL, iProtoBufLen, pcProtoBuf);
|
||||
if (!HashInitIN) {
|
||||
rv = -1;
|
||||
@ -119,8 +142,6 @@ rv = pfAWSKF->GenerateHashInit(psAWSKF, HashInitIN->eccpublickey.data);
|
||||
if (rv)
|
||||
Unlock();
|
||||
*/
|
||||
LockMap();
|
||||
UnlockMap();
|
||||
} while (0);
|
||||
|
||||
AWSM__HashInit HashInitOUT = AWSM__HASH_INIT__INIT;
|
||||
@ -128,6 +149,18 @@ if (rv)
|
||||
HashInitOUT.eccpublickey.len = HashInitIN->eccpublickey.len;
|
||||
HashInitOUT.returnvalue = rv;
|
||||
|
||||
if (rv == 0) {
|
||||
LockMap();
|
||||
HashInitOUT.messageid = hash_message_id++;
|
||||
map_set_by_uint64(hash_map_ref, HashInitOUT.messageid, request);
|
||||
UnlockMap();
|
||||
} else {
|
||||
HashInitOUT.messageid = INVALID_MESSAGE_ID;
|
||||
if (request) {
|
||||
HashRequestDestroy(request);
|
||||
}
|
||||
}
|
||||
|
||||
ToAWProtobuf(hash_init, psReturn, HashInitOUT);
|
||||
} while (0);
|
||||
if (HashInitIN)
|
||||
@ -150,12 +183,26 @@ pAWSMProtobuf_s CallHashUpdate(const char *pcProtoBuf, const int iProtoBufLen) {
|
||||
rv = -1;
|
||||
break;
|
||||
}
|
||||
LockMap();
|
||||
if (!map_contains_by_uint64(hash_map_ref, HashUpdateIN->messageid)) {
|
||||
UnlockMap();
|
||||
rv = -1;
|
||||
break;
|
||||
} else {
|
||||
struct HashRequest *request = (struct HashRequest *)map_get_by_uint64(
|
||||
hash_map_ref, HashUpdateIN->messageid);
|
||||
sm3_update(&request->ctx, HashUpdateIN->sourcedata.data,
|
||||
HashUpdateIN->sourcedatalen);
|
||||
UnlockMap();
|
||||
}
|
||||
|
||||
rv = pfAWSKF->GenerateHashUpdate(psAWSKF, HashUpdateIN->sourcedata.data,
|
||||
HashUpdateIN->sourcedatalen);
|
||||
// rv = pfAWSKF->GenerateHashUpdate(psAWSKF,
|
||||
// HashUpdateIN->sourcedata.data,
|
||||
// HashUpdateIN->sourcedatalen);
|
||||
} while (0);
|
||||
|
||||
AWSM__HashUpdate HashUpdateOUT = AWSM__HASH_UPDATE__INIT;
|
||||
HashUpdateOUT.messageid = HashUpdateIN->messageid;
|
||||
HashUpdateOUT.sourcedata.data = HashUpdateIN->sourcedata.data;
|
||||
HashUpdateOUT.sourcedata.len = HashUpdateIN->sourcedata.len;
|
||||
HashUpdateOUT.sourcedatalen = HashUpdateIN->sourcedatalen;
|
||||
@ -186,7 +233,21 @@ pAWSMProtobuf_s CallHashFinal(const char *pcProtoBuf, const int iProtoBufLen) {
|
||||
break;
|
||||
}
|
||||
|
||||
rv = pfAWSKF->GenerateHashFinal(psAWSKF, pcHashData, &iHashDataLen);
|
||||
LockMap();
|
||||
if (!map_contains_by_uint64(hash_map_ref, HashFinalIN->messageid)) {
|
||||
UnlockMap();
|
||||
rv = -1;
|
||||
break;
|
||||
} else {
|
||||
struct HashRequest *request =
|
||||
(struct HashRequest *)map_remove_by_uint64(hash_map_ref,
|
||||
HashFinalIN->messageid);
|
||||
UnlockMap();
|
||||
sm3_final(&request->ctx, pcHashData);
|
||||
HashRequestDestroy(request);
|
||||
iHashDataLen = 32;
|
||||
}
|
||||
// rv = pfAWSKF->GenerateHashFinal(psAWSKF, pcHashData, &iHashDataLen);
|
||||
} while (0);
|
||||
|
||||
AWSM__HashFinal HashFinalOUT = AWSM__HASH_FINAL__INIT;
|
||||
|
@ -1,5 +1,6 @@
|
||||
#include "map.h"
|
||||
#include <assert.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -84,6 +85,11 @@ bool map_contains(const map m, const char *key) {
|
||||
}
|
||||
return false;
|
||||
}
|
||||
bool map_contains_by_uint64(const map m, uint64_t key) {
|
||||
char buf[20];
|
||||
sprintf(buf, "%lu", key);
|
||||
return map_contains(m, buf);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the value for a given key within a map.
|
||||
@ -115,6 +121,11 @@ void map_set(map m, const char *key, void *value) {
|
||||
m->elems[b] = new;
|
||||
m->size += 1;
|
||||
}
|
||||
void map_set_by_uint64(map m, uint64_t key, void *value) {
|
||||
char buf[20];
|
||||
sprintf(buf, "%lu", key);
|
||||
map_set(m, buf, value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the value for a given key in a map.
|
||||
@ -135,6 +146,11 @@ void *map_get(const map m, const char *key) {
|
||||
assert(key_found);
|
||||
exit(1);
|
||||
}
|
||||
void *map_get_by_uint64(const map m, uint64_t key) {
|
||||
char buf[20];
|
||||
sprintf(buf, "%lu", key);
|
||||
return map_get(m, buf);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove a key and its value from a map.
|
||||
@ -165,6 +181,11 @@ void *map_remove(map m, const char *key) {
|
||||
assert(key_found);
|
||||
exit(1);
|
||||
}
|
||||
void *map_remove_by_uint64(map m, uint64_t key) {
|
||||
char buf[20];
|
||||
sprintf(buf, "%lu", key);
|
||||
return map_remove(m, buf);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the "first" key (arbitrarily ordered) in a map. If the map is empty,
|
||||
|
@ -2,6 +2,7 @@
|
||||
#define __MAP_H
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
|
||||
/**
|
||||
* Hash map implementation for C.
|
||||
@ -42,6 +43,7 @@ int map_size(const map m);
|
||||
* Keys are case-sensitive.
|
||||
*/
|
||||
bool map_contains(const map m, const char *key);
|
||||
bool map_contains_by_uint64(const map m, uint64_t key);
|
||||
|
||||
/**
|
||||
* Set the value for a given key within a map.
|
||||
@ -50,6 +52,7 @@ bool map_contains(const map m, const char *key);
|
||||
* new value will replace the old one.
|
||||
*/
|
||||
void map_set(map m, const char *key, void *value);
|
||||
void map_set_by_uint64(map m, uint64_t key, void *value);
|
||||
|
||||
/**
|
||||
* Retrieve the value for a given key in a map.
|
||||
@ -57,6 +60,7 @@ void map_set(map m, const char *key, void *value);
|
||||
* Crashes if the map does not contain the given key.
|
||||
*/
|
||||
void *map_get(const map m, const char *key);
|
||||
void *map_get_by_uint64(const map m, uint64_t key);
|
||||
|
||||
/**
|
||||
* Remove a key and return its value from a map.
|
||||
@ -64,6 +68,7 @@ void *map_get(const map m, const char *key);
|
||||
* Crashes if the map does not already contain the key.
|
||||
*/
|
||||
void *map_remove(map m, const char *key);
|
||||
void *map_remove_by_uint64(map m, uint64_t key);
|
||||
|
||||
/**
|
||||
* Iterate over a map's keys.
|
||||
|
@ -1,900 +0,0 @@
|
||||
#include <assert.h>
|
||||
#include <malloc.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
// #include "svac_enc.h"
|
||||
#include "sm2.h"
|
||||
#include "sm3.h"
|
||||
|
||||
#define PRINT_ERR printf
|
||||
#define PRINT_INFO printf
|
||||
|
||||
#define MAGIC_VALUE 0x12121111
|
||||
|
||||
#define NALU_MAX_NUM 100
|
||||
|
||||
#define VKEK_CACHE_NUM 30
|
||||
#define HASH_CACHE_NUM 512
|
||||
|
||||
#define SM4_OFB 0
|
||||
#define SM1_OFB 1
|
||||
#define SM4_ECB 2
|
||||
#define SM3_HASH 3
|
||||
#define SM2_SIGN 4
|
||||
|
||||
/* svac2.0 p45 */
|
||||
#define SVAC_NO_IDR_SLICE 1
|
||||
#define SVAC_IDR_SLICE 2
|
||||
#define SVAC_NO_IDR_SLICE_EXT 3
|
||||
#define SVAC_IDR_SLICE_EXT 4
|
||||
#define SVAC_SUR_SLICE 5
|
||||
#define SVAC_SEI_SLICE 6
|
||||
#define SVAC_SPS_SLICE 7
|
||||
#define SVAC_PPS_SLICE 8
|
||||
#define SVAC_SEC_SLICE 9
|
||||
#define SVAC_AUTH_SLICE 10
|
||||
|
||||
struct nalu_data {
|
||||
char *addr;
|
||||
char *out_addr;
|
||||
int len;
|
||||
int out_len;
|
||||
int encryption_idc;
|
||||
int authentication_idc;
|
||||
int type;
|
||||
int need_add_racing_code;
|
||||
};
|
||||
|
||||
struct vkek_info {
|
||||
char vkek[16];
|
||||
char version[32];
|
||||
};
|
||||
|
||||
struct sec_param {
|
||||
/* <20><>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> */
|
||||
int encrypt_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>
|
||||
int encrypt_type; //<2F><><EFBFBD><EFBFBD><EFBFBD>㷨
|
||||
int auth_flag; //<2F>Ƿ<EFBFBD>ǩ<EFBFBD><C7A9>
|
||||
int auth_type; //ǩ<><C7A9><EFBFBD>㷨
|
||||
int hash_type; //ɢ<><C9A2><EFBFBD>㷨
|
||||
int vek_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>evek
|
||||
int vek_encrypt_type; //vek<65><6B><EFBFBD><EFBFBD><EFBFBD>㷨
|
||||
char evek[32]; //evek
|
||||
int vek_len; //vek<65><6B><EFBFBD><EFBFBD>
|
||||
char vkek_version[128];//vkek version
|
||||
int version_len; //vkek version<6F><6E><EFBFBD><EFBFBD>
|
||||
int iv_flag; //<2F>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>iv
|
||||
char iv[32]; //iv
|
||||
int iv_len; //iv<69><76><EFBFBD><EFBFBD>
|
||||
int only_IDR; // sign only for idr
|
||||
int hash_period; // sign period frame
|
||||
};
|
||||
|
||||
struct hash_cache {
|
||||
/* һ<><D2BB>gop<6F><70><EFBFBD>256֡ */
|
||||
char hash[32];
|
||||
int frame_num;
|
||||
};
|
||||
|
||||
struct svac_handle {
|
||||
int magic;
|
||||
|
||||
/* sm2 <20><>Կ */
|
||||
char sm2_pubkey[64];
|
||||
/* sm2 <20><>Կ<EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD> */
|
||||
int sm_pubkey_flag;
|
||||
|
||||
char sm2_prikey[32];
|
||||
int sm_prikey_flag;
|
||||
|
||||
char vek[16];
|
||||
char iv[16];
|
||||
|
||||
/* process tmp data */
|
||||
struct nalu_data nalu[NALU_MAX_NUM];
|
||||
int nalu_num;
|
||||
int frame_num;
|
||||
|
||||
int sign_frame_num;
|
||||
char sign[128];
|
||||
int sign_len;
|
||||
|
||||
/* current frame is IDR frame */
|
||||
int idr_flag;
|
||||
/* current frame <20><><EFBFBD><EFBFBD> sec nalu */
|
||||
int sec_nalu_flag;
|
||||
/* current frame <20><><EFBFBD><EFBFBD> auth nalu */
|
||||
int auth_nalu_flag;
|
||||
|
||||
/* <20><>ǰʹ<C7B0>õİ<C3B5>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD> */
|
||||
struct sec_param curr_param;
|
||||
/* <20><><EFBFBD>յ<EFBFBD><D5B5>İ<EFBFBD>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD> */
|
||||
struct sec_param new_param;
|
||||
/* <20><>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>±<EFBFBD>ʶ<EFBFBD><CAB6><EFBFBD>µ<EFBFBD>GOP<4F><50>ʼ<EFBFBD><CABC><EFBFBD><EFBFBD> */
|
||||
int sec_param_update_flag;
|
||||
|
||||
int vkek_start;
|
||||
struct vkek_info vkek_list[VKEK_CACHE_NUM];
|
||||
int find_vkek_flag;
|
||||
|
||||
char idr_hash[32];
|
||||
struct hash_cache cache[HASH_CACHE_NUM];
|
||||
int cache_idx;// 0 ~ HASH_CACHE_NUM - 1
|
||||
|
||||
char camera_id[64]; //<2F><><EFBFBD><EFBFBD>id
|
||||
char camera_idc[19];//֤<><D6A4>id
|
||||
};
|
||||
|
||||
#define CHECK_HANDLE(h) \
|
||||
do { \
|
||||
if (!h || h->magic != MAGIC_VALUE) { \
|
||||
PRINT_ERR("handle is error!\n"); \
|
||||
return -1; \
|
||||
} \
|
||||
} while (0)
|
||||
|
||||
void hexdump(char *title, const unsigned char *s, int l);
|
||||
int do_sm2_sign(char *prikey, char *pubkey, char *data_addr, int data_len, char *sign_addr);
|
||||
int do_base64_encode(unsigned char *dst, int *dlen, unsigned char *src, int slen);
|
||||
|
||||
static unsigned int
|
||||
write_bits(unsigned char data, unsigned int write_len, unsigned char *addr, unsigned int offset)
|
||||
{
|
||||
unsigned int offset_in_bytes = offset & 7;
|
||||
unsigned int offset_of_bytes = offset / 8;
|
||||
|
||||
/* if need write twice */
|
||||
if (offset_in_bytes && offset_in_bytes + write_len > 8) {
|
||||
unsigned int second_write_len = offset_in_bytes + write_len - 8;
|
||||
|
||||
/* clean the bits which will been writen */
|
||||
addr[offset_of_bytes] &= ~((1 << (8 - offset_in_bytes)) - 1);
|
||||
/* write the first byte */
|
||||
addr[offset_of_bytes] |= (data & ((1 << write_len) - 1)) >> second_write_len;
|
||||
/* write the second byte */
|
||||
addr[offset_of_bytes + 1] &= ((1 << (8 - second_write_len)) - 1);
|
||||
addr[offset_of_bytes + 1] |= (data & ((1 << second_write_len) - 1)) << (8 - second_write_len);
|
||||
} else {
|
||||
data &= ((1 << write_len) - 1);
|
||||
addr[offset_of_bytes] &= ~(((1 << write_len) - 1) << (8 - write_len - offset_in_bytes));
|
||||
addr[offset_of_bytes] |= data << (8 - write_len - offset_in_bytes);
|
||||
}
|
||||
|
||||
return offset + write_len;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
write_long_data_bits(unsigned int data, unsigned int write_len, unsigned char *addr, unsigned int offset)
|
||||
{
|
||||
unsigned int ret_offset = 0;
|
||||
|
||||
if (write_len <= 8)
|
||||
ret_offset = write_bits((unsigned char) data, write_len, addr, offset);
|
||||
else {
|
||||
int i;
|
||||
int loop;
|
||||
unsigned int first_write_len = write_len & 7;
|
||||
|
||||
/* <20><><EFBFBD><EFBFBD>һ<EFBFBD>ֽڵĵ<DAB5>first_write_len<65><6E><EFBFBD><EFBFBD>*/
|
||||
if (first_write_len)
|
||||
offset =
|
||||
write_bits((unsigned char) ((data >> (write_len - first_write_len)) & ((1 << first_write_len) - 1)),
|
||||
first_write_len, addr, offset);
|
||||
|
||||
loop = (write_len - first_write_len) / 8;
|
||||
ret_offset = offset;
|
||||
|
||||
for (i = 0; i < loop; i++)
|
||||
ret_offset = write_bits((unsigned char) ((data >> ((loop - i - 1) * 8)) & 0xff), 8, addr, ret_offset);
|
||||
}
|
||||
|
||||
return ret_offset;
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
write_string_bits(unsigned char *p, unsigned int write_len, unsigned char *addr, unsigned int offset)
|
||||
{
|
||||
int i = 0;
|
||||
unsigned int len = 0;
|
||||
|
||||
while (len < write_len) {
|
||||
if (write_len - len > 8) {
|
||||
offset = write_bits(p[i], 8, addr, offset);
|
||||
len += 8;
|
||||
} else {
|
||||
offset = write_bits(p[i], write_len - len, addr, offset);
|
||||
len += write_len - len;
|
||||
}
|
||||
|
||||
i++;
|
||||
}
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
||||
/* if find a nal, return the next address; if it's the end, return NULL */
|
||||
static char *
|
||||
findNal(char *buf, int *frame_len, char **nal_start, int *nal_len)
|
||||
{
|
||||
int i;
|
||||
char *start = NULL;
|
||||
int len = 0;
|
||||
|
||||
*nal_start = NULL;
|
||||
*nal_len = 0;
|
||||
|
||||
/* parsing each NALU */
|
||||
for (i = 0; i < (int) (*frame_len - 3); i++) {
|
||||
if (buf[i] == 0x00 && buf[i + 1] == 0x00 && buf[i + 2] == 0x00 && buf[i + 3] == 0x01) {
|
||||
/* not the first loop */
|
||||
if (start) {
|
||||
len = buf + i - start;
|
||||
*nal_start = start;
|
||||
*nal_len = len;
|
||||
*frame_len -= i;
|
||||
return buf + i;
|
||||
}
|
||||
start = buf + i;
|
||||
}
|
||||
}
|
||||
|
||||
if (start) len = buf + *frame_len - start;
|
||||
|
||||
*nal_start = start;
|
||||
*nal_len = len;
|
||||
*frame_len = 0;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static int
|
||||
svac_parse_nalu(struct svac_handle *h, char *frame_data, int frame_len)
|
||||
{
|
||||
char *ptr, *start = NULL;
|
||||
int nal_len, frame_len_left = frame_len;
|
||||
|
||||
ptr = frame_data;
|
||||
|
||||
do {
|
||||
start = NULL;
|
||||
nal_len = 0;
|
||||
ptr = findNal(ptr, &frame_len_left, &start, &nal_len);
|
||||
if (start) {
|
||||
memset(&h->nalu[h->nalu_num], 0, sizeof(struct nalu_data));
|
||||
|
||||
h->nalu[h->nalu_num].addr = start;
|
||||
h->nalu[h->nalu_num].len = nal_len;
|
||||
h->nalu[h->nalu_num].encryption_idc = start[4] & 0x2 ? 1 : 0;//svac2.0 p21
|
||||
h->nalu[h->nalu_num].authentication_idc = start[4] & 0x1; //svac2.0 p21
|
||||
h->nalu[h->nalu_num].type = (start[4] >> 2) & 0xf; //svac2.0 p21
|
||||
|
||||
if (SVAC_IDR_SLICE == h->nalu[h->nalu_num].type)
|
||||
h->idr_flag = 1;
|
||||
else if (SVAC_SEC_SLICE == h->nalu[h->nalu_num].type)
|
||||
h->sec_nalu_flag = 1;
|
||||
else if (SVAC_AUTH_SLICE == h->nalu[h->nalu_num].type)
|
||||
h->auth_nalu_flag = 1;
|
||||
else if (SVAC_PPS_SLICE == h->nalu[h->nalu_num].type) {
|
||||
/* pps<70>ĵ<EFBFBD>һ<EFBFBD><D2BB><EFBFBD>ֽ<EFBFBD><D6BD><EFBFBD>֡<EFBFBD><D6A1> svac2.0 p23 */
|
||||
h->frame_num = (unsigned char) start[5];
|
||||
//PRINT_INFO("frame %d\n", h->frame_num);
|
||||
}
|
||||
|
||||
//printf("nalu %d len %d type %d auth_idc %d enc_idc %d\n", h->nalu_num, nal_len, h->nalu[h->nalu_num].type, h->nalu[h->nalu_num].authentication_idc, h->nalu[h->nalu_num].encryption_idc);
|
||||
|
||||
h->nalu_num++;
|
||||
}
|
||||
} while (frame_len_left);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* <20><><EFBFBD><EFBFBD> svac <20>ľ<EFBFBD><C4BE><EFBFBD><EFBFBD><EFBFBD> */
|
||||
static int
|
||||
do_add_racing_Code(char *ptr, int *len, int offset)
|
||||
{
|
||||
int i, find = 0, start = offset;
|
||||
unsigned int inlen = *len;
|
||||
|
||||
for (i = start; i < inlen - 2; i++) {
|
||||
if (ptr[i] == 0 && ptr[i + 1] == 0 && !(ptr[i + 2] & 0xfc)) {
|
||||
find = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (find) {
|
||||
unsigned int code_num = 0, zero_count = 0;
|
||||
char *tmp = (char *) malloc(*len + 4096 * 5);
|
||||
|
||||
memcpy(tmp, ptr, start);
|
||||
|
||||
for (i = start; i < inlen; i++) {
|
||||
if (zero_count == 2 && !(ptr[i] & 0xfc)) {
|
||||
tmp[i + code_num] = 3;
|
||||
code_num++;
|
||||
i--;
|
||||
zero_count = 0;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (ptr[i] == 0)
|
||||
zero_count++;
|
||||
else
|
||||
zero_count = 0;
|
||||
tmp[i + code_num] = ptr[i];
|
||||
}
|
||||
|
||||
memcpy(ptr, tmp, inlen + code_num);
|
||||
*len = inlen + code_num;
|
||||
//PRINT_INFO("code_num %d\n", code_num);
|
||||
free(tmp);
|
||||
}
|
||||
|
||||
return find;
|
||||
}
|
||||
|
||||
/* ȥ<><C8A5> svac <20>ľ<EFBFBD><C4BE><EFBFBD><EFBFBD><EFBFBD> */
|
||||
static int
|
||||
do_remove_racing_code(char *ptr, int *len, int offset)
|
||||
{
|
||||
int i, find = 0, start;
|
||||
unsigned int inlen;
|
||||
|
||||
inlen = *len;
|
||||
start = offset;
|
||||
|
||||
for (i = start; i < inlen - 2; i++) {
|
||||
if (ptr[i] == 0 && ptr[i + 1] == 0 && ptr[i + 2] == 0x3) {
|
||||
find = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (find) {
|
||||
unsigned int code_num = 0, zero_count = 0;
|
||||
|
||||
for (i = start; i < inlen; i++) {
|
||||
if (zero_count == 2 && ptr[i] == 3) {
|
||||
code_num++;
|
||||
zero_count = 0;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (ptr[i] == 0)
|
||||
zero_count++;
|
||||
else
|
||||
zero_count = 0;
|
||||
ptr[i - code_num] = ptr[i];
|
||||
}
|
||||
*len = inlen - code_num;
|
||||
}
|
||||
|
||||
return find;
|
||||
}
|
||||
|
||||
void do_sm4_ecb_encrypt(const char *in_buff, char *out_buff, const char *key);
|
||||
|
||||
static int
|
||||
enc_vek(struct svac_handle *h)
|
||||
{
|
||||
do_sm4_ecb_encrypt(h->vek, h->curr_param.evek, h->vkek_list[0].vkek);
|
||||
h->curr_param.vek_len = 16;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
calc_nalu_hash(struct svac_handle *h)
|
||||
{
|
||||
int i;
|
||||
struct sm3_ctx ctx;
|
||||
char hash[32];
|
||||
struct hash_cache *cache;
|
||||
|
||||
if (!h->curr_param.auth_flag) return 0;
|
||||
|
||||
for (i = 0; i < h->nalu_num; i++) {
|
||||
if (h->nalu[i].authentication_idc) break;
|
||||
}
|
||||
|
||||
/* û<><C3BB>ǩ<EFBFBD><C7A9><EFBFBD><EFBFBD>nalu */
|
||||
if (i >= h->nalu_num) return 0;
|
||||
|
||||
memset(hash, 0, sizeof(hash));
|
||||
sm3_init(&ctx);
|
||||
|
||||
for (i = 0; i < h->nalu_num; i++) {
|
||||
if (!h->nalu[i].authentication_idc) continue;
|
||||
|
||||
sm3_update(&ctx, h->nalu[i].addr + 4, h->nalu[i].len - 4);
|
||||
//printf("calc_nalu_hash nalu %d len %d\n", i, h->nalu[i].len - 4);
|
||||
}
|
||||
|
||||
sm3_final(&ctx, hash);
|
||||
|
||||
if (!h->frame_num) memcpy(h->idr_hash, hash, 32);
|
||||
|
||||
cache = &h->cache[h->cache_idx];
|
||||
memcpy(cache->hash, hash, 32);
|
||||
cache->frame_num = h->frame_num;
|
||||
h->cache_idx = (h->cache_idx + 1) % HASH_CACHE_NUM;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void do_sm4_ofb_encrypt(const char *in_buff, int in_len, char *out_buff, int *out_len, const char *key, const char *iv);
|
||||
|
||||
static int
|
||||
do_dec_and_copy(int encrypt_type,
|
||||
const char *in_buff,
|
||||
int in_len,
|
||||
char *out_buff,
|
||||
int *out_len,
|
||||
const char *key,
|
||||
const char *iv)
|
||||
{
|
||||
if (encrypt_type == SM4_OFB) {
|
||||
do_sm4_ofb_encrypt(in_buff, in_len, out_buff, out_len, key, iv);
|
||||
} else if (encrypt_type == SM1_OFB) {
|
||||
PRINT_ERR("unsupport SM1 now!\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
make_bypass_frame(struct svac_handle *h, char *out_buff, int *out_len)
|
||||
{
|
||||
int i;
|
||||
|
||||
*out_len = 0;
|
||||
|
||||
for (i = 0; i < h->nalu_num; i++) {
|
||||
if (h->nalu[i].type == SVAC_SEC_SLICE) continue;
|
||||
memcpy(out_buff + *out_len, h->nalu[i].addr, h->nalu[i].len);
|
||||
*out_len += h->nalu[i].len;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
update_new_enc_param(struct svac_handle *h)
|
||||
{
|
||||
memcpy(&h->curr_param, &h->new_param, sizeof(struct sec_param));
|
||||
//printf("h->new_param.enc %d\n", h->new_param.encrypt_flag);
|
||||
h->sec_param_update_flag = 0;
|
||||
|
||||
if (h->curr_param.encrypt_flag) {
|
||||
char vek[16];
|
||||
char iv[16];
|
||||
|
||||
vli_get_random(vek, 16);
|
||||
vli_get_random(iv, 16);
|
||||
|
||||
memcpy(h->vek, vek, 16);
|
||||
memcpy(h->iv, iv, 16);
|
||||
enc_vek(h);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void *
|
||||
SvacEncCreate(void)
|
||||
{
|
||||
int i;
|
||||
struct svac_handle *h;
|
||||
|
||||
h = (struct svac_handle *) malloc(sizeof(struct svac_handle));
|
||||
if (!h) return NULL;
|
||||
|
||||
memset(h, 0, sizeof(struct svac_handle));
|
||||
h->magic = MAGIC_VALUE;
|
||||
|
||||
for (i = 0; i < HASH_CACHE_NUM; i++) h->cache[i].frame_num = -1;
|
||||
|
||||
return (void *) h;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncSetVkek(void *handle, char *vkek, char *version, int verion_len)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
if (!vkek || !version) return -1;
|
||||
|
||||
memcpy(h->vkek_list[0].vkek, vkek, 16);
|
||||
memset(h->vkek_list[0].version, 0, sizeof(h->vkek_list[0].version));
|
||||
memcpy(h->vkek_list[0].version, version, verion_len);
|
||||
h->find_vkek_flag = 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncSetKeyPair(void *handle, char *sm2_prikey, char *sm2_pubkey)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
if (!sm2_prikey || !sm2_pubkey) return -1;
|
||||
|
||||
hexdump("sm2_prikey", sm2_prikey, 32);
|
||||
hexdump("sm2_pubkey", sm2_pubkey, 64);
|
||||
|
||||
memcpy(h->sm2_prikey, sm2_prikey, 32);
|
||||
memcpy(h->sm2_pubkey, sm2_pubkey, 64);
|
||||
h->sm_prikey_flag = 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncSetIpcId(void *handle, char *id)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
memset(h->camera_id, 0, sizeof(h->camera_id));
|
||||
memcpy(h->camera_id, id, strlen(id));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncSetCertId(void *handle, char *cert_id)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
int serial_len = 0;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
if (!cert_id) return -1;
|
||||
|
||||
serial_len = strlen(cert_id);
|
||||
if (serial_len > 19) serial_len = 19;
|
||||
|
||||
memset(h->camera_idc, 0, sizeof(h->camera_idc));
|
||||
memcpy(h->camera_idc + 19 - serial_len, cert_id, serial_len);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncSetLevel(void *handle, char level)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
h->new_param.encrypt_flag = 0;
|
||||
h->new_param.encrypt_type = SM4_OFB;
|
||||
h->new_param.auth_flag = 0;
|
||||
h->new_param.auth_type = SM2_SIGN;
|
||||
h->new_param.hash_type = SM3_HASH;
|
||||
h->new_param.only_IDR = 1;
|
||||
h->new_param.hash_period = 0;
|
||||
|
||||
if (level == 'b' || level == 'B') {
|
||||
h->new_param.auth_flag = 1;
|
||||
} else if (level == 'c' || level == 'C') {
|
||||
h->new_param.encrypt_flag = 1;
|
||||
h->new_param.auth_flag = 1;
|
||||
}
|
||||
|
||||
h->sec_param_update_flag = 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
write_security_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len)
|
||||
{
|
||||
unsigned int offset = 0;
|
||||
unsigned int l = *len;
|
||||
|
||||
/* write encryption_flag */
|
||||
offset = write_bits(h->curr_param.encrypt_flag, 1, ptr + l, offset);
|
||||
/* write authentication_flag */
|
||||
offset = write_bits(h->curr_param.auth_flag, 1, ptr + l, offset);
|
||||
|
||||
if (h->curr_param.encrypt_flag) {
|
||||
unsigned char tmp;
|
||||
|
||||
/* write encryption_type */
|
||||
if (h->curr_param.encrypt_type == SM1_OFB)
|
||||
tmp = 0;
|
||||
else
|
||||
tmp = 1;
|
||||
|
||||
offset = write_bits(tmp, 4, ptr + l, offset);
|
||||
/* write vek_flag */
|
||||
offset = write_bits(1, 1, ptr + l, offset);
|
||||
/* write iv_flag */
|
||||
offset = write_bits(1, 1, ptr + l, offset);
|
||||
|
||||
if (1) {
|
||||
/* write vek_encryption_type */
|
||||
tmp = 1;
|
||||
offset = write_bits(tmp, 4, ptr + l, offset);
|
||||
/* write evek_length_minus1 */
|
||||
offset = write_bits(h->curr_param.vek_len - 1, 8, ptr + l, offset);
|
||||
/* write evek */
|
||||
offset = write_string_bits(h->curr_param.evek, h->curr_param.vek_len * 8, ptr + l, offset);
|
||||
/* write vkek_verion_length_minus1 */
|
||||
offset = write_bits(strlen(h->vkek_list[0].version) - 1, 8, ptr + l, offset);
|
||||
/* write vkek_version */
|
||||
offset = write_string_bits(h->vkek_list[0].version, strlen(h->vkek_list[0].version) * 8, ptr + l, offset);
|
||||
}
|
||||
|
||||
if (1) {
|
||||
/* write iv_length_minus1 */
|
||||
offset = write_bits(16 - 1, 8, ptr + l, offset);
|
||||
/* write iv */
|
||||
offset = write_string_bits(h->iv, 16 * 8, ptr + l, offset);
|
||||
}
|
||||
}
|
||||
|
||||
if (h->curr_param.auth_flag) {
|
||||
offset = write_bits(0, 2, ptr + l, offset);
|
||||
offset = write_bits(h->curr_param.only_IDR, 1, ptr + l, offset);
|
||||
offset = write_bits(0, 2, ptr + l, offset);
|
||||
offset = write_bits(h->curr_param.hash_period - 1, 8, ptr + l, offset);
|
||||
offset = write_string_bits(h->camera_idc, 152, ptr + l, offset);
|
||||
}
|
||||
|
||||
if (h->curr_param.encrypt_flag || h->curr_param.auth_flag)
|
||||
offset = write_string_bits(h->camera_id, 160, ptr + l, offset);
|
||||
|
||||
offset = write_bits(1, 1, ptr + l, offset);
|
||||
if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset);
|
||||
|
||||
assert(!(offset & 7));
|
||||
l += offset / 8;
|
||||
|
||||
*len = l;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
create_security_nalu(struct svac_handle *h, char *ptr, int *len)
|
||||
{
|
||||
unsigned int save_len = 0;
|
||||
unsigned int l = *len;
|
||||
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x01;
|
||||
l++;
|
||||
|
||||
ptr[l] = SVAC_SEC_SLICE << 2 | 0xc0;
|
||||
l++;
|
||||
write_security_nalu_data(h, ptr, &l);
|
||||
*len = l;
|
||||
|
||||
do_add_racing_Code(ptr, &l, save_len + 4 + 1);
|
||||
*len = l;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
write_auth_nalu_data(struct svac_handle *h, unsigned char *ptr, unsigned int *len)
|
||||
{
|
||||
unsigned int offset = 0;
|
||||
unsigned int l = *len;
|
||||
int i;
|
||||
|
||||
/* write frame_num */
|
||||
offset = write_bits(h->sign_frame_num, 8, ptr + l, offset);
|
||||
/* write authentication_data_length_minus1 */
|
||||
offset = write_bits((unsigned int) (h->sign_len - 1), 8, ptr + l, offset);
|
||||
/* write authentication_data */
|
||||
for (i = 0; i < (int) h->sign_len; i++) offset = write_bits(h->sign[i], 8, ptr + l, offset);
|
||||
|
||||
/* write rbsp_trailing_bits() */
|
||||
offset = write_bits(1, 1, ptr + l, offset);
|
||||
if (offset & 7) offset = write_bits(0, 8 - (offset & 7), ptr + l, offset);
|
||||
|
||||
l += offset / 8;
|
||||
*len = l;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
create_auth_nalu(struct svac_handle *h, char *ptr, int *len)
|
||||
{
|
||||
unsigned int save_len;
|
||||
unsigned int l = *len;
|
||||
|
||||
save_len = l;
|
||||
//printf("======= %s ==========\n", __FUNCTION__);
|
||||
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x00;
|
||||
l++;
|
||||
ptr[l] = 0x01;
|
||||
l++;
|
||||
|
||||
ptr[l] = SVAC_AUTH_SLICE << 2 | 0xc0;
|
||||
l++;
|
||||
write_auth_nalu_data(h, ptr, &l);
|
||||
*len = l;
|
||||
|
||||
do_add_racing_Code(ptr, &l, save_len + 4 + 1);
|
||||
*len = l;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
make_enc_frame(struct svac_handle *h, char *out_buff, int *out_data_len)
|
||||
{
|
||||
int i;
|
||||
int out_offset = 0;
|
||||
int out_nalu_len;
|
||||
int ret;
|
||||
|
||||
*out_data_len = 0;
|
||||
|
||||
if (h->idr_flag) { create_security_nalu(h, out_buff, &out_offset); }
|
||||
|
||||
for (i = 0; i < h->nalu_num; i++) {
|
||||
if (((h->nalu[i].type != SVAC_IDR_SLICE) && (h->nalu[i].type != SVAC_NO_IDR_SLICE))
|
||||
|| (!h->curr_param.encrypt_flag)) {
|
||||
memcpy(out_buff + out_offset, h->nalu[i].addr, h->nalu[i].len);
|
||||
h->nalu[i].out_addr = out_buff + out_offset;
|
||||
|
||||
//out_buff[out_offset + 4] &= 0xfc;
|
||||
out_nalu_len = h->nalu[i].len;
|
||||
if (h->nalu[i].need_add_racing_code) do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5);
|
||||
out_offset += out_nalu_len;
|
||||
|
||||
h->nalu[i].out_len = out_nalu_len;
|
||||
} else {
|
||||
int enc_len;
|
||||
int out_len;
|
||||
|
||||
if (!h->find_vkek_flag) {
|
||||
PRINT_ERR("Not find vkek [%s]! skip dec frame!\n", h->curr_param.vkek_version);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!h->nalu[i].need_add_racing_code) {
|
||||
do_remove_racing_code(h->nalu[i].addr, &h->nalu[i].len, 5);
|
||||
h->nalu[i].need_add_racing_code = 1;
|
||||
}
|
||||
|
||||
memcpy(out_buff + out_offset, h->nalu[i].addr, 5);
|
||||
enc_len = h->nalu[i].len - 1 - 5;
|
||||
h->nalu[i].out_addr = out_buff + out_offset;
|
||||
|
||||
ret = do_dec_and_copy(h->curr_param.encrypt_type, h->nalu[i].addr + 5, enc_len, out_buff + out_offset + 5,
|
||||
&out_len, h->vek, h->iv);
|
||||
if (ret) return -1;
|
||||
|
||||
memcpy(out_buff + out_offset + enc_len + 5, h->nalu[i].addr + 5 + enc_len, 1);
|
||||
|
||||
out_buff[out_offset + 4] |= 0x2;
|
||||
out_nalu_len = h->nalu[i].len;
|
||||
|
||||
do_add_racing_Code(out_buff + out_offset, &out_nalu_len, 5);
|
||||
out_offset += out_nalu_len;
|
||||
h->nalu[i].out_len = out_nalu_len;
|
||||
}
|
||||
//PRINT_INFO("out_nalu_len %d out_offset %d\n", out_nalu_len, out_offset);
|
||||
}
|
||||
|
||||
*out_data_len += out_offset;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
calc_frame_hash(struct svac_handle *h, char *out_buff, int *out_data_len)
|
||||
{
|
||||
int i;
|
||||
struct sm3_ctx ctx;
|
||||
|
||||
sm3_init(&ctx);
|
||||
|
||||
for (i = 0; i < h->nalu_num; i++) {
|
||||
if ((h->nalu[i].type == SVAC_IDR_SLICE) || (h->nalu[i].type == SVAC_NO_IDR_SLICE)) {
|
||||
h->nalu[i].out_addr[4] |= 1;
|
||||
sm3_update(&ctx, h->nalu[i].out_addr + 4, h->nalu[i].out_len - 4);
|
||||
//printf("calc_frame_hash nalu %d len %d\n", i, h->nalu[i].out_len - 4);
|
||||
}
|
||||
}
|
||||
|
||||
sm3_final(&ctx, h->idr_hash);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
calc_idr_sign_data(struct svac_handle *h)
|
||||
{
|
||||
char sign[64];
|
||||
int sign_len = 64;
|
||||
|
||||
do_sm2_sign(h->sm2_prikey, h->sm2_pubkey, h->idr_hash, 32, sign);
|
||||
h->sign_len = 64;
|
||||
|
||||
h->sign_len = sizeof(h->sign);
|
||||
do_base64_encode(h->sign, &h->sign_len, sign, sign_len);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
make_auth_nal(struct svac_handle *h, char *out_buff, int *out_data_len)
|
||||
{
|
||||
if (!h->curr_param.auth_flag) return 0;
|
||||
|
||||
if (h->curr_param.only_IDR && h->idr_flag) {
|
||||
calc_frame_hash(h, out_buff, out_data_len);
|
||||
calc_idr_sign_data(h);
|
||||
create_auth_nalu(h, out_buff, out_data_len);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncProcess(void *handle, char *in_buff, int in_len, char *out_buff, int *out_len)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
if (!in_buff || !out_buff || !out_len) return -1;
|
||||
|
||||
h->nalu_num = 0;
|
||||
h->idr_flag = 0;
|
||||
h->sec_nalu_flag = 0;
|
||||
h->auth_nalu_flag = 0;
|
||||
|
||||
svac_parse_nalu(h, in_buff, in_len);
|
||||
|
||||
if (!h->nalu_num) {
|
||||
PRINT_ERR("Not find nalu start code!\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (h->idr_flag && h->sec_param_update_flag) update_new_enc_param(h);
|
||||
|
||||
/* <20><><EFBFBD><EFBFBD><EFBFBD>a<EFBFBD><61><EFBFBD><EFBFBD><EFBFBD><EFBFBD> bypass */
|
||||
if (!h->curr_param.auth_flag && !h->curr_param.encrypt_flag) return make_bypass_frame(h, out_buff, out_len);
|
||||
|
||||
make_enc_frame(h, out_buff, out_len);
|
||||
make_auth_nal(h, out_buff, out_len);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
SvacEncRelease(void *handle)
|
||||
{
|
||||
struct svac_handle *h = (struct svac_handle *) handle;
|
||||
|
||||
CHECK_HANDLE(h);
|
||||
|
||||
free(h);
|
||||
|
||||
return 0;
|
||||
}
|
BIN
lib-gnueabihf/libserver-sm.so
Executable file
BIN
lib-gnueabihf/libserver-sm.so
Executable file
Binary file not shown.
File diff suppressed because it is too large
Load Diff
@ -1132,7 +1132,7 @@ void awsm__get_dev_info__free_unpacked
|
||||
assert(message->base.descriptor == &awsm__get_dev_info__descriptor);
|
||||
protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator);
|
||||
}
|
||||
static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[2] =
|
||||
static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[3] =
|
||||
{
|
||||
{
|
||||
"EccPublickey",
|
||||
@ -1158,15 +1158,29 @@ static const ProtobufCFieldDescriptor awsm__hash_init__field_descriptors[2] =
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
{
|
||||
"MessageID",
|
||||
20,
|
||||
PROTOBUF_C_LABEL_NONE,
|
||||
PROTOBUF_C_TYPE_UINT64,
|
||||
0, /* quantifier_offset */
|
||||
offsetof(AWSM__HashInit, messageid),
|
||||
NULL,
|
||||
NULL,
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
};
|
||||
static const unsigned awsm__hash_init__field_indices_by_name[] = {
|
||||
0, /* field[0] = EccPublickey */
|
||||
2, /* field[2] = MessageID */
|
||||
1, /* field[1] = ReturnValue */
|
||||
};
|
||||
static const ProtobufCIntRange awsm__hash_init__number_ranges[1 + 1] =
|
||||
static const ProtobufCIntRange awsm__hash_init__number_ranges[2 + 1] =
|
||||
{
|
||||
{ 1, 0 },
|
||||
{ 0, 2 }
|
||||
{ 20, 2 },
|
||||
{ 0, 3 }
|
||||
};
|
||||
const ProtobufCMessageDescriptor awsm__hash_init__descriptor =
|
||||
{
|
||||
@ -1176,14 +1190,14 @@ const ProtobufCMessageDescriptor awsm__hash_init__descriptor =
|
||||
"AWSM__HashInit",
|
||||
"AWSM",
|
||||
sizeof(AWSM__HashInit),
|
||||
2,
|
||||
3,
|
||||
awsm__hash_init__field_descriptors,
|
||||
awsm__hash_init__field_indices_by_name,
|
||||
1, awsm__hash_init__number_ranges,
|
||||
2, awsm__hash_init__number_ranges,
|
||||
(ProtobufCMessageInit) awsm__hash_init__init,
|
||||
NULL,NULL,NULL /* reserved[123] */
|
||||
};
|
||||
static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[3] =
|
||||
static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[4] =
|
||||
{
|
||||
{
|
||||
"SourceData",
|
||||
@ -1221,16 +1235,30 @@ static const ProtobufCFieldDescriptor awsm__hash_update__field_descriptors[3] =
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
{
|
||||
"MessageID",
|
||||
20,
|
||||
PROTOBUF_C_LABEL_NONE,
|
||||
PROTOBUF_C_TYPE_UINT64,
|
||||
0, /* quantifier_offset */
|
||||
offsetof(AWSM__HashUpdate, messageid),
|
||||
NULL,
|
||||
NULL,
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
};
|
||||
static const unsigned awsm__hash_update__field_indices_by_name[] = {
|
||||
3, /* field[3] = MessageID */
|
||||
2, /* field[2] = ReturnValue */
|
||||
0, /* field[0] = SourceData */
|
||||
1, /* field[1] = SourceDataLen */
|
||||
};
|
||||
static const ProtobufCIntRange awsm__hash_update__number_ranges[1 + 1] =
|
||||
static const ProtobufCIntRange awsm__hash_update__number_ranges[2 + 1] =
|
||||
{
|
||||
{ 1, 0 },
|
||||
{ 0, 3 }
|
||||
{ 20, 3 },
|
||||
{ 0, 4 }
|
||||
};
|
||||
const ProtobufCMessageDescriptor awsm__hash_update__descriptor =
|
||||
{
|
||||
@ -1240,14 +1268,14 @@ const ProtobufCMessageDescriptor awsm__hash_update__descriptor =
|
||||
"AWSM__HashUpdate",
|
||||
"AWSM",
|
||||
sizeof(AWSM__HashUpdate),
|
||||
3,
|
||||
4,
|
||||
awsm__hash_update__field_descriptors,
|
||||
awsm__hash_update__field_indices_by_name,
|
||||
1, awsm__hash_update__number_ranges,
|
||||
2, awsm__hash_update__number_ranges,
|
||||
(ProtobufCMessageInit) awsm__hash_update__init,
|
||||
NULL,NULL,NULL /* reserved[123] */
|
||||
};
|
||||
static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[3] =
|
||||
static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[4] =
|
||||
{
|
||||
{
|
||||
"HashData",
|
||||
@ -1285,16 +1313,30 @@ static const ProtobufCFieldDescriptor awsm__hash_final__field_descriptors[3] =
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
{
|
||||
"MessageID",
|
||||
20,
|
||||
PROTOBUF_C_LABEL_NONE,
|
||||
PROTOBUF_C_TYPE_UINT64,
|
||||
0, /* quantifier_offset */
|
||||
offsetof(AWSM__HashFinal, messageid),
|
||||
NULL,
|
||||
NULL,
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
};
|
||||
static const unsigned awsm__hash_final__field_indices_by_name[] = {
|
||||
0, /* field[0] = HashData */
|
||||
1, /* field[1] = HashDataLen */
|
||||
3, /* field[3] = MessageID */
|
||||
2, /* field[2] = ReturnValue */
|
||||
};
|
||||
static const ProtobufCIntRange awsm__hash_final__number_ranges[1 + 1] =
|
||||
static const ProtobufCIntRange awsm__hash_final__number_ranges[2 + 1] =
|
||||
{
|
||||
{ 1, 0 },
|
||||
{ 0, 3 }
|
||||
{ 20, 3 },
|
||||
{ 0, 4 }
|
||||
};
|
||||
const ProtobufCMessageDescriptor awsm__hash_final__descriptor =
|
||||
{
|
||||
@ -1304,14 +1346,14 @@ const ProtobufCMessageDescriptor awsm__hash_final__descriptor =
|
||||
"AWSM__HashFinal",
|
||||
"AWSM",
|
||||
sizeof(AWSM__HashFinal),
|
||||
3,
|
||||
4,
|
||||
awsm__hash_final__field_descriptors,
|
||||
awsm__hash_final__field_indices_by_name,
|
||||
1, awsm__hash_final__number_ranges,
|
||||
2, awsm__hash_final__number_ranges,
|
||||
(ProtobufCMessageInit) awsm__hash_final__init,
|
||||
NULL,NULL,NULL /* reserved[123] */
|
||||
};
|
||||
static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[6] =
|
||||
static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[7] =
|
||||
{
|
||||
{
|
||||
"SourceData",
|
||||
@ -1385,19 +1427,33 @@ static const ProtobufCFieldDescriptor awsm__hash__field_descriptors[6] =
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
{
|
||||
"MessageID",
|
||||
20,
|
||||
PROTOBUF_C_LABEL_NONE,
|
||||
PROTOBUF_C_TYPE_UINT64,
|
||||
0, /* quantifier_offset */
|
||||
offsetof(AWSM__Hash, messageid),
|
||||
NULL,
|
||||
NULL,
|
||||
0, /* flags */
|
||||
0,NULL,NULL /* reserved1,reserved2, etc */
|
||||
},
|
||||
};
|
||||
static const unsigned awsm__hash__field_indices_by_name[] = {
|
||||
4, /* field[4] = EccPublickey */
|
||||
2, /* field[2] = HashData */
|
||||
3, /* field[3] = HashDataLen */
|
||||
6, /* field[6] = MessageID */
|
||||
5, /* field[5] = ReturnValue */
|
||||
0, /* field[0] = SourceData */
|
||||
1, /* field[1] = SourceDataLen */
|
||||
};
|
||||
static const ProtobufCIntRange awsm__hash__number_ranges[1 + 1] =
|
||||
static const ProtobufCIntRange awsm__hash__number_ranges[2 + 1] =
|
||||
{
|
||||
{ 1, 0 },
|
||||
{ 0, 6 }
|
||||
{ 20, 6 },
|
||||
{ 0, 7 }
|
||||
};
|
||||
const ProtobufCMessageDescriptor awsm__hash__descriptor =
|
||||
{
|
||||
@ -1407,10 +1463,10 @@ const ProtobufCMessageDescriptor awsm__hash__descriptor =
|
||||
"AWSM__Hash",
|
||||
"AWSM",
|
||||
sizeof(AWSM__Hash),
|
||||
6,
|
||||
7,
|
||||
awsm__hash__field_descriptors,
|
||||
awsm__hash__field_indices_by_name,
|
||||
1, awsm__hash__number_ranges,
|
||||
2, awsm__hash__number_ranges,
|
||||
(ProtobufCMessageInit) awsm__hash__init,
|
||||
NULL,NULL,NULL /* reserved[123] */
|
||||
};
|
||||
|
Loading…
x
Reference in New Issue
Block a user