diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e8419e1a9..a28165c6d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -138,7 +138,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: config - run: ./config --strict-warnings enable-asan enable-ubsan enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd enable-ntls enable-delegated-credential enable-cert-compression && perl configdata.pm --dump + run: ./config --strict-warnings enable-asan enable-ubsan enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd enable-ntls enable-delegated-credential enable-cert-compression enable-export-sm4 && perl configdata.pm --dump - name: make run: make -s -j4 - name: make test diff --git a/Configure b/Configure index a0a3ad4d0..4b4c68bd4 100755 --- a/Configure +++ b/Configure @@ -367,6 +367,7 @@ my @disablables = ( "crypto-mdebug", "crypto-mdebug-backtrace", "ct", + "export-sm4", "ntls", "compatible-gm-ver", "deprecated", @@ -509,6 +510,7 @@ our %disabled = ( # "what" => "comment" "dycert-ocsp" => "default", "delegated-credential" => "default", "cert-compression" => "default", + "export-sm4" => "default", ); # Note: => pair form used for aesthetics, not to truly make a hash table diff --git a/include/crypto/sm4.h b/include/crypto/sm4.h index f9b8ca12e..e2d8efeb2 100644 --- a/include/crypto/sm4.h +++ b/include/crypto/sm4.h @@ -19,11 +19,15 @@ # error SM4 is disabled. # endif -# define SM4_ENCRYPT 1 -# define SM4_DECRYPT 0 +# ifndef OPENSSL_NO_EXPORT_SM4 +# include +# else -# define SM4_BLOCK_SIZE 16 -# define SM4_KEY_SCHEDULE 32 +# define SM4_ENCRYPT 1 +# define SM4_DECRYPT 0 + +# define SM4_BLOCK_SIZE 16 +# define SM4_KEY_SCHEDULE 32 typedef struct SM4_KEY_st { uint32_t rk[SM4_KEY_SCHEDULE]; @@ -33,6 +37,9 @@ int SM4_set_key(const uint8_t *key, SM4_KEY *ks); void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); +void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); +# endif + /* * Use sm4 affine transformation to aes-ni * @@ -64,8 +71,6 @@ void SM4_encrypt_affine_ni(const uint8_t *in, uint8_t *out, # endif # endif -void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); - void sm4_ctr128_encrypt_blocks (const unsigned char *in, unsigned char *out,size_t blocks, const void *key, const unsigned char ivec[16]); diff --git a/include/openssl/sm4.h b/include/openssl/sm4.h new file mode 100644 index 000000000..25b8bc183 --- /dev/null +++ b/include/openssl/sm4.h @@ -0,0 +1,39 @@ +/* + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM4_H +# define HEADER_SM4_H + +# if !defined(OPENSSL_NO_SM4) && !defined(OPENSSL_NO_EXPORT_SM4) +# include +# include + +# ifdef __cplusplus +extern "C" { +# endif + +# define SM4_ENCRYPT 1 +# define SM4_DECRYPT 0 + +# define SM4_BLOCK_SIZE 16 +# define SM4_KEY_SCHEDULE 32 + +typedef struct SM4_KEY_st { + uint32_t rk[SM4_KEY_SCHEDULE]; +} SM4_KEY; + +int SM4_set_key(const uint8_t *key, SM4_KEY *ks); + +void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); +void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); + +# ifdef __cplusplus +} +# endif +# endif + +#endif diff --git a/util/libcrypto.num b/util/libcrypto.num index 97cd35e79..11ab2daa6 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4668,3 +4668,6 @@ SM3_Init 6614 1_1_1h EXIST::FUNCTION:SM3 SM3_Update 6615 1_1_1h EXIST::FUNCTION:SM3 SM3_Final 6616 1_1_1h EXIST::FUNCTION:SM3 SM3_Transform 6617 1_1_1h EXIST::FUNCTION:SM3 +SM4_encrypt 6618 1_1_1h EXIST::FUNCTION:EXPORT_SM4,SM4 +SM4_decrypt 6619 1_1_1h EXIST::FUNCTION:EXPORT_SM4,SM4 +SM4_set_key 6620 1_1_1h EXIST::FUNCTION:EXPORT_SM4,SM4