Tongsuo-Project · zhsnew · Nov 13, 2024 · Nov 13, 2024 · Nov 15, 2024
diff --git a/Configure b/Configure
@@ -488,6 +488,7 @@ my @disablables = (
     "sm2_threshold",
     "sm3",
     "sm4",
+    "wbsm4",
     "zuc",
     "sock",
     "srp",
@@ -614,6 +615,7 @@ our %disabled = ( # "what"         => "comment"
                   "atf_slibce"          => "default",
                   "sdf-lib"             => "default",
                   "sdf-lib-dynamic"     => "default",
+                  "wbsm4"               => "default",
                 );
 
 # Note: => pair form used for aesthetics, not to truly make a hash table
@@ -688,6 +690,7 @@ my @disable_cascades = (
     "tests"             => [ "external-tests" ],
     "comp"              => [ "zlib" ],
     "sm3"               => [ "sm2" ],
+    "sm4"               => [ "wbsm4" ],
     sub { !$disabled{"unit-test"} } => [ "heartbeats" ],
 
     sub { !$disabled{"msan"} } => [ "asm" ],

diff --git a/apps/enc.c b/apps/enc.c
@@ -44,6 +44,9 @@ typedef enum OPTION_choice {
     OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V,
     OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A,
     OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE,
+#ifndef OPENSSL_NO_WBSM4
+    OPT_KBINARY,
+#endif
     OPT_UPPER_S, OPT_IV, OPT_MD, OPT_ITER, OPT_PBKDF2, OPT_CIPHER,
     OPT_R_ENUM, OPT_PROV_ENUM
 } OPTION_CHOICE;
@@ -67,6 +70,9 @@ const OPTIONS enc_options[] = {
     {"in", OPT_IN, '<', "Input file"},
     {"k", OPT_K, 's', "Passphrase"},
     {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
+#ifndef OPENSSL_NO_WBSM4
+    {"kbinary", OPT_KBINARY, '<', "Read raw key from file"},
+#endif
 
     OPT_SECTION("Output"),
     {"out", OPT_OUT, '>', "Output file"},
@@ -132,6 +138,10 @@ int enc_main(int argc, char **argv)
     int do_zlib = 0;
     BIO *bzl = NULL;
 #endif
+#ifndef OPENSSL_NO_WBSM4
+    unsigned char *rawkey = NULL;
+    int rawkeylen = 0;
+#endif
 
     /* first check the command name */
     if (strcmp(argv[0], "base64") == 0)
@@ -250,6 +260,16 @@ int enc_main(int argc, char **argv)
             }
             str = buf;
             break;
+#ifndef OPENSSL_NO_WBSM4
+        case OPT_KBINARY:
+            in = bio_open_default(opt_arg(), 'r', FORMAT_BINARY);
+            if (in == NULL)
+                goto opthelp;    
+            rawkeylen = bio_to_mem(&rawkey, 1024 * 1024 * 40, in);
+            if (rawkeylen <= 0)
+                goto opthelp;
+            break;
+#endif
         case OPT_UPPER_K:
             hkey = opt_arg();
             break;
@@ -345,6 +365,16 @@ int enc_main(int argc, char **argv)
         str = pass;
     }
 
+#ifndef OPENSSL_NO_WBSM4
+    if (rawkey != NULL) {
+        if (cipher != NULL && rawkeylen != EVP_CIPHER_key_length(cipher)) {
+            BIO_printf(bio_err, "invalid raw key length: %d, need: %d\n",
+                      rawkeylen, EVP_CIPHER_key_length(cipher));
+            goto end;
+        }
+    }
+    else
+#endif
     if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
         if (1) {
 #ifndef OPENSSL_NO_UI_CONSOLE
@@ -565,6 +595,17 @@ int enc_main(int argc, char **argv)
         if (nopad)
             EVP_CIPHER_CTX_set_padding(ctx, 0);
 
+#ifndef OPENSSL_NO_WBSM4
+        if (rawkey) {
+            if (!EVP_CipherInit_ex(ctx, NULL, NULL, rawkey, iv, enc)) {
+                BIO_printf(bio_err, "Error setting cipher %s\n",
+                           EVP_CIPHER_get0_name(cipher));
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+        else
+#endif
         if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
             BIO_printf(bio_err, "Error setting cipher %s\n",
                        EVP_CIPHER_get0_name(cipher));
@@ -584,6 +625,17 @@ int enc_main(int argc, char **argv)
                     printf("%02X", salt[i]);
                 printf("\n");
             }
+#ifndef OPENSSL_NO_WBSM4
+            if (rawkey) {
+                printf("key=");
+                for (i = 0; i < EVP_CIPHER_get_key_length(cipher) && i < 32; i++)
+                    printf("%02X", rawkey[i]);
+                if (EVP_CIPHER_get_key_length(cipher) > 32)
+                    printf("(...%d)", EVP_CIPHER_get_key_length(cipher));
+                printf("\n");
+            }
+            else
+#endif
             if (EVP_CIPHER_get_key_length(cipher) > 0) {
                 printf("key=");
                 for (i = 0; i < EVP_CIPHER_get_key_length(cipher); i++)
@@ -638,6 +690,9 @@ int enc_main(int argc, char **argv)
     EVP_CIPHER_free(cipher);
 #ifdef ZLIB
     BIO_free(bzl);
+#endif
+#ifndef OPENSSL_NO_WBSM4
+    OPENSSL_free(rawkey);
 #endif
     release_engine(e);
     OPENSSL_free(pass);

diff --git a/apps/kdf.c b/apps/kdf.c
@@ -170,6 +170,11 @@ int kdf_main(int argc, char **argv)
     if (out == NULL)
         goto err;
 
+#ifndef OPENSSL_NO_WBSM4
+    if (OPENSSL_strcasecmp(argv[0], "wbsm4kdf") == 0)
+        dkm_len = EVP_KDF_CTX_get_kdf_size(ctx);
+#endif
+
     if (dkm_len <= 0) {
         BIO_printf(bio_err, "Invalid derived key length.\n");
         goto err;

diff --git a/apps/speed.c b/apps/speed.c
@@ -323,6 +323,9 @@ enum {
     D_CBC_RC5,
     D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
     D_EVP, D_GHASH, D_RAND, D_EVP_CMAC, D_SM3, D_CBC_SM4, D_ECB_SM4,
+    D_CBC_WBSM4_XIAOLAI, D_ECB_WBSM4_XIAOLAI,
+    D_CBC_WBSM4_BAIWU, D_ECB_WBSM4_BAIWU,
+    D_CBC_WBSM4_WSISE, D_ECB_WBSM4_WSISE,
     D_EEA3_128_ZUC, D_EIA3_128_ZUC, D_SM2_ENCRYPT, D_SM2_DECRYPT,
     D_SM2_THRESHOLD_DECRYPT, ALGOR_NUM
 };
@@ -334,6 +337,9 @@ static const char *names[ALGOR_NUM] = {
     "rc5-cbc",
     "aes-128-cbc", "aes-192-cbc", "aes-256-cbc",
     "evp", "ghash", "rand", "cmac", "sm3", "sm4-cbc", "sm4-ecb",
+    "wbsm4-xiaolai-cbc", "wbsm4-xiaolai-ecb",
+    "wbsm4-baiwu-cbc", "wbsm4-baiwu-ecb",
+    "wbsm4-wsise-cbc", "wbsm4-wsise-ecb",
     "zuc-128-eea3", "zuc-128-eia3", "sm2-encrypt", "sm2-decrypt", "sm2-thr-dec",
 };
 
@@ -362,6 +368,19 @@ static const OPT_PAIR doit_choices[] = {
     {"sm4", D_CBC_SM4},
     {"sm4-ecb", D_ECB_SM4},
 #endif
+#ifndef OPENSSL_NO_WBSM4
+    {"wbsm4-xiaolai-cbc", D_CBC_WBSM4_XIAOLAI},
+    {"wbsm4-xiaolai", D_CBC_WBSM4_XIAOLAI},
+    {"wbsm4-xiaolai-ecb", D_ECB_WBSM4_XIAOLAI},
+
+    {"wbsm4-baiwu-cbc", D_CBC_WBSM4_BAIWU},
+    {"wbsm4-baiwu", D_CBC_WBSM4_BAIWU},
+    {"wbsm4-baiwu-ecb", D_ECB_WBSM4_BAIWU},
+
+    {"wbsm4-wsise-cbc", D_CBC_WBSM4_WSISE},
+    {"wbsm4-wsise", D_CBC_WBSM4_WSISE},
+    {"wbsm4-wsise-ecb", D_ECB_WBSM4_WSISE},
+#endif
 #ifndef OPENSSL_NO_ZUC
     {"zuc-128-eea3", D_EEA3_128_ZUC},
     {"zuc-128-eia3", D_EIA3_128_ZUC},
@@ -3109,6 +3128,113 @@ int speed_main(int argc, char **argv)
         }
     }
 #endif
+#ifndef OPENSSL_NO_WBSM4
+    for (k = 0; k < 2; k++) {
+        algindex = D_CBC_WBSM4_XIAOLAI + k;
+        if (doit[algindex]) {
+            int st = 1;
+
+            const EVP_CIPHER *cipher = EVP_get_cipherbyname("WBSM4-XIAOLAI");
+            if (cipher == NULL)
+                continue;
+
+            keylen = EVP_CIPHER_key_length(cipher);
+            unsigned char *local_key = (unsigned char *)OPENSSL_malloc(keylen);
+            if (local_key == NULL)
+                continue;
+            RAND_bytes(local_key, keylen);
+
+            for (i = 0; st && i < loopargs_len; i++) {
+                loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
+                                                      local_key, keylen);
+                st = loopargs[i].ctx != NULL;
+            }
+            OPENSSL_free(local_key);
+
+            for (testnum = 0; st && testnum < size_num; testnum++) {
+                print_message(names[algindex], c[algindex][testnum],
+                            lengths[testnum], seconds.sym);
+                Time_F(START);
+                count =
+                    run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
+                d = Time_F(STOP);
+                print_result(algindex, testnum, count, d);
+            }
+            for (i = 0; i < loopargs_len; i++)
+                EVP_CIPHER_CTX_free(loopargs[i].ctx);
+        }
+    }
+    for (k = 0; k < 2; k++) {
+        algindex = D_CBC_WBSM4_BAIWU + k;
+        if (doit[algindex]) {
+            int st = 1;
+
+            const EVP_CIPHER *cipher = EVP_get_cipherbyname("WBSM4-BAIWU");
+            if (cipher == NULL)
+                continue;
+
+            keylen = EVP_CIPHER_key_length(cipher);
+            unsigned char *local_key = (unsigned char *)OPENSSL_malloc(keylen);
+            if (local_key == NULL)
+                continue;
+            RAND_bytes(local_key, keylen);
+
+            for (i = 0; st && i < loopargs_len; i++) {
+                loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
+                                                      local_key, keylen);
+                st = loopargs[i].ctx != NULL;
+            }
+            OPENSSL_free(local_key);
+
+            for (testnum = 0; st && testnum < size_num; testnum++) {
+                print_message(names[algindex], c[algindex][testnum],
+                            lengths[testnum], seconds.sym);
+                Time_F(START);
+                count =
+                    run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
+                d = Time_F(STOP);
+                print_result(algindex, testnum, count, d);
+            }
+            for (i = 0; i < loopargs_len; i++)
+                EVP_CIPHER_CTX_free(loopargs[i].ctx);
+        }
+    }
+    for (k = 0; k < 2; k++) {
+        algindex = D_CBC_WBSM4_WSISE + k;
+        if (doit[algindex]) {
+            int st = 1;
+
+            const EVP_CIPHER *cipher = EVP_get_cipherbyname("WBSM4-WSISE");
+            if (cipher == NULL)
+                continue;
+
+            keylen = EVP_CIPHER_key_length(cipher);
+            unsigned char *local_key = (unsigned char *)OPENSSL_malloc(keylen);
+            if (local_key == NULL)
+                continue;
+            RAND_bytes(local_key, keylen);
+
+            for (i = 0; st && i < loopargs_len; i++) {
+                loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
+                                                      local_key, keylen);
+                st = loopargs[i].ctx != NULL;
+            }
+            OPENSSL_free(local_key);
+
+            for (testnum = 0; st && testnum < size_num; testnum++) {
+                print_message(names[algindex], c[algindex][testnum],
+                            lengths[testnum], seconds.sym);
+                Time_F(START);
+                count =
+                    run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
+                d = Time_F(STOP);
+                print_result(algindex, testnum, count, d);
+            }
+            for (i = 0; i < loopargs_len; i++)
+                EVP_CIPHER_CTX_free(loopargs[i].ctx);
+        }
+    }
+#endif
 
 #ifndef OPENSSL_NO_ZUC
     if (doit[D_EEA3_128_ZUC]) {

diff --git a/crypto/evp/build.info b/crypto/evp/build.info
@@ -8,6 +8,7 @@ SOURCE[../../libcrypto]=$COMMON\
         encode.c evp_key.c evp_cnf.c \
         e_des.c e_des3.c \
         e_rc4.c e_aes.c names.c e_sm4.c \
+        e_wbsm4_xiaolai.c e_wbsm4_baiwu.c e_wbsm4_wsise.c \
         e_xcbc_d.c e_rc5.c m_null.c \
         p_seal.c p_sign.c p_verify.c p_legacy.c \
         bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \

diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
@@ -73,6 +73,38 @@ void openssl_add_all_ciphers_int(void)
     EVP_add_cipher(EVP_sm4_ccm());
 #endif
 
+#ifndef OPENSSL_NO_WBSM4
+    EVP_add_cipher(EVP_wbsm4_xiaolai_ecb());
+    EVP_add_cipher(EVP_wbsm4_xiaolai_cbc());
+    EVP_add_cipher(EVP_wbsm4_xiaolai_cfb());
+    EVP_add_cipher(EVP_wbsm4_xiaolai_ofb());
+    EVP_add_cipher(EVP_wbsm4_xiaolai_ctr());
+    EVP_add_cipher_alias(SN_wbsm4_xiaolai_cbc, "WBSM4-XIAOLAI");
+    EVP_add_cipher_alias(SN_wbsm4_xiaolai_cbc, "wbsm4-xiaolai");
+    EVP_add_cipher(EVP_wbsm4_xiaolai_gcm());
+    EVP_add_cipher(EVP_wbsm4_xiaolai_ccm());
+
+    EVP_add_cipher(EVP_wbsm4_baiwu_ecb());
+    EVP_add_cipher(EVP_wbsm4_baiwu_cbc());
+    EVP_add_cipher(EVP_wbsm4_baiwu_cfb());
+    EVP_add_cipher(EVP_wbsm4_baiwu_ofb());
+    EVP_add_cipher(EVP_wbsm4_baiwu_ctr());
+    EVP_add_cipher_alias(SN_wbsm4_baiwu_cbc, "WBSM4-BAIWU");
+    EVP_add_cipher_alias(SN_wbsm4_baiwu_cbc, "wbsm4-baiwu");
+    EVP_add_cipher(EVP_wbsm4_baiwu_gcm());
+    EVP_add_cipher(EVP_wbsm4_baiwu_ccm());
+
+    EVP_add_cipher(EVP_wbsm4_wsise_ecb());
+    EVP_add_cipher(EVP_wbsm4_wsise_cbc());
+    EVP_add_cipher(EVP_wbsm4_wsise_cfb());
+    EVP_add_cipher(EVP_wbsm4_wsise_ofb());
+    EVP_add_cipher(EVP_wbsm4_wsise_ctr());
+    EVP_add_cipher_alias(SN_wbsm4_wsise_cbc, "WBSM4-WSISE");
+    EVP_add_cipher_alias(SN_wbsm4_wsise_cbc, "wbsm4-wsise");
+    EVP_add_cipher(EVP_wbsm4_wsise_gcm());
+    EVP_add_cipher(EVP_wbsm4_wsise_ccm());
+#endif
+
 #ifndef OPENSSL_NO_RC5
     EVP_add_cipher(EVP_rc5_32_12_16_ecb());
     EVP_add_cipher(EVP_rc5_32_12_16_cfb());