Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | #include "internal/sm2.h" | - |
13 | #include "internal/sm2err.h" | - |
14 | #include <openssl/err.h> | - |
15 | #include <openssl/evp.h> | - |
16 | #include <openssl/bn.h> | - |
17 | #include <openssl/asn1.h> | - |
18 | #include <openssl/asn1t.h> | - |
19 | #include <string.h> | - |
20 | | - |
21 | typedef struct SM2_Ciphertext_st SM2_Ciphertext; | - |
22 | DECLARE_ASN1_FUNCTIONS(SM2_Ciphertext) | - |
23 | | - |
24 | struct SM2_Ciphertext_st { | - |
25 | BIGNUM *C1x; | - |
26 | BIGNUM *C1y; | - |
27 | ASN1_OCTET_STRING *C3; | - |
28 | ASN1_OCTET_STRING *C2; | - |
29 | }; | - |
30 | | - |
31 | ASN1_SEQUENCE(SM2_Ciphertext) = { | - |
32 | ASN1_SIMPLE(SM2_Ciphertext, C1x, BIGNUM), | - |
33 | ASN1_SIMPLE(SM2_Ciphertext, C1y, BIGNUM), | - |
34 | ASN1_SIMPLE(SM2_Ciphertext, C3, ASN1_OCTET_STRING), | - |
35 | ASN1_SIMPLE(SM2_Ciphertext, C2, ASN1_OCTET_STRING), | - |
36 | } ASN1_SEQUENCE_END(SM2_Ciphertext) | - |
37 | | - |
38 | IMPLEMENT_ASN1_FUNCTIONS(SM2_Ciphertext)executed 4 times by 2 tests: end of block Executed by:- libcrypto.so.1.1
- sm2_internal_test
executed 4 times by 2 tests: return (SM2_Ciphertext *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(SM2_Ciphertext_it))); Executed by:- libcrypto.so.1.1
- sm2_internal_test
executed 3 times by 2 tests: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(SM2_Ciphertext_it))); Executed by:- libcrypto.so.1.1
- sm2_internal_test
never executed: return (SM2_Ciphertext *)ASN1_item_new((&(SM2_Ciphertext_it))); | 0-4 |
39 | | - |
40 | static size_t ec_field_size(const EC_GROUP *group) | - |
41 | { | - |
42 | | - |
43 | BIGNUM *p = BN_new(); | - |
44 | BIGNUM *a = BN_new(); | - |
45 | BIGNUM *b = BN_new(); | - |
46 | size_t field_size = 0; | - |
47 | | - |
48 | if (p == NULL || a == NULL || b == NULL)TRUE | never evaluated | FALSE | evaluated 12 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 12 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 12 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-12 |
49 | goto done; never executed: goto done; | 0 |
50 | | - |
51 | if (!EC_GROUP_get_curve(group, p, a, b, NULL))TRUE | never evaluated | FALSE | evaluated 12 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-12 |
52 | goto done; never executed: goto done; | 0 |
53 | field_size = (BN_num_bits(p) + 7) / 8; | - |
54 | | - |
55 | done:code before this statement executed 12 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 12 |
56 | BN_free(p); | - |
57 | BN_free(a); | - |
58 | BN_free(b); | - |
59 | | - |
60 | return field_size;executed 12 times by 2 tests: return field_size; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 12 |
61 | } | - |
62 | | - |
63 | int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, | - |
64 | size_t *pt_size) | - |
65 | { | - |
66 | const size_t field_size = ec_field_size(EC_KEY_get0_group(key)); | - |
67 | const int md_size = EVP_MD_size(digest); | - |
68 | size_t overhead; | - |
69 | | - |
70 | if (md_size < 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
71 | SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST); | - |
72 | return 0; never executed: return 0; | 0 |
73 | } | - |
74 | if (field_size == 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
75 | SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD); | - |
76 | return 0; never executed: return 0; | 0 |
77 | } | - |
78 | | - |
79 | overhead = 10 + 2 * field_size + (size_t)md_size; | - |
80 | if (msg_len <= overhead) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
81 | SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING); | - |
82 | return 0; never executed: return 0; | 0 |
83 | } | - |
84 | | - |
85 | *pt_size = msg_len - overhead; | - |
86 | return 1;executed 3 times by 2 tests: return 1; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
87 | } | - |
88 | | - |
89 | int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, | - |
90 | size_t *ct_size) | - |
91 | { | - |
92 | const size_t field_size = ec_field_size(EC_KEY_get0_group(key)); | - |
93 | const int md_size = EVP_MD_size(digest); | - |
94 | size_t sz; | - |
95 | | - |
96 | if (field_size == 0 || md_size < 0)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
97 | return 0; never executed: return 0; | 0 |
98 | | - |
99 | | - |
100 | sz = 2 * ASN1_object_size(0, field_size + 1, V_ASN1_INTEGER) | - |
101 | + ASN1_object_size(0, md_size, V_ASN1_OCTET_STRING) | - |
102 | + ASN1_object_size(0, msg_len, V_ASN1_OCTET_STRING); | - |
103 | | - |
104 | *ct_size = ASN1_object_size(1, sz, V_ASN1_SEQUENCE); | - |
105 | | - |
106 | return 1;executed 2 times by 1 test: return 1; | 2 |
107 | } | - |
108 | | - |
109 | int sm2_encrypt(const EC_KEY *key, | - |
110 | const EVP_MD *digest, | - |
111 | const uint8_t *msg, | - |
112 | size_t msg_len, uint8_t *ciphertext_buf, size_t *ciphertext_len) | - |
113 | { | - |
114 | int rc = 0, ciphertext_leni; | - |
115 | size_t i; | - |
116 | BN_CTX *ctx = NULL; | - |
117 | BIGNUM *k = NULL; | - |
118 | BIGNUM *x1 = NULL; | - |
119 | BIGNUM *y1 = NULL; | - |
120 | BIGNUM *x2 = NULL; | - |
121 | BIGNUM *y2 = NULL; | - |
122 | EVP_MD_CTX *hash = EVP_MD_CTX_new(); | - |
123 | struct SM2_Ciphertext_st ctext_struct; | - |
124 | const EC_GROUP *group = EC_KEY_get0_group(key); | - |
125 | const BIGNUM *order = EC_GROUP_get0_order(group); | - |
126 | const EC_POINT *P = EC_KEY_get0_public_key(key); | - |
127 | EC_POINT *kG = NULL; | - |
128 | EC_POINT *kP = NULL; | - |
129 | uint8_t *msg_mask = NULL; | - |
130 | uint8_t *x2y2 = NULL; | - |
131 | uint8_t *C3 = NULL; | - |
132 | size_t field_size; | - |
133 | const int C3_size = EVP_MD_size(digest); | - |
134 | | - |
135 | | - |
136 | ctext_struct.C2 = NULL; | - |
137 | ctext_struct.C3 = NULL; | - |
138 | | - |
139 | if (hash == NULL || C3_size <= 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
140 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
141 | goto done; never executed: goto done; | 0 |
142 | } | - |
143 | | - |
144 | field_size = ec_field_size(group); | - |
145 | if (field_size == 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
146 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
147 | goto done; never executed: goto done; | 0 |
148 | } | - |
149 | | - |
150 | kG = EC_POINT_new(group); | - |
151 | kP = EC_POINT_new(group); | - |
152 | ctx = BN_CTX_new(); | - |
153 | if (kG == NULL || kP == NULL || ctx == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
154 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE); | - |
155 | goto done; never executed: goto done; | 0 |
156 | } | - |
157 | | - |
158 | BN_CTX_start(ctx); | - |
159 | k = BN_CTX_get(ctx); | - |
160 | x1 = BN_CTX_get(ctx); | - |
161 | x2 = BN_CTX_get(ctx); | - |
162 | y1 = BN_CTX_get(ctx); | - |
163 | y2 = BN_CTX_get(ctx); | - |
164 | | - |
165 | if (y2 == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
166 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_BN_LIB); | - |
167 | goto done; never executed: goto done; | 0 |
168 | } | - |
169 | | - |
170 | x2y2 = OPENSSL_zalloc(2 * field_size); | - |
171 | C3 = OPENSSL_zalloc(C3_size); | - |
172 | | - |
173 | if (x2y2 == NULL || C3 == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
174 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE); | - |
175 | goto done; never executed: goto done; | 0 |
176 | } | - |
177 | | - |
178 | memset(ciphertext_buf, 0, *ciphertext_len); | - |
179 | | - |
180 | if (!BN_priv_rand_range(k, order)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
181 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
182 | goto done; never executed: goto done; | 0 |
183 | } | - |
184 | | - |
185 | if (!EC_POINT_mul(group, kG, k, NULL, NULL, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
186 | || !EC_POINT_get_affine_coordinates(group, kG, x1, y1, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
187 | || !EC_POINT_mul(group, kP, NULL, P, k, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
188 | || !EC_POINT_get_affine_coordinates(group, kP, x2, y2, ctx)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
189 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EC_LIB); | - |
190 | goto done; never executed: goto done; | 0 |
191 | } | - |
192 | | - |
193 | if (BN_bn2binpad(x2, x2y2, field_size) < 0TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
194 | || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
195 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
196 | goto done; never executed: goto done; | 0 |
197 | } | - |
198 | | - |
199 | msg_mask = OPENSSL_zalloc(msg_len); | - |
200 | if (msg_mask == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
201 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE); | - |
202 | goto done; never executed: goto done; | 0 |
203 | } | - |
204 | | - |
205 | | - |
206 | if (!ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
207 | digest)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
208 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB); | - |
209 | goto done; never executed: goto done; | 0 |
210 | } | - |
211 | | - |
212 | for (i = 0; i != msg_len; ++i)TRUE | evaluated 42 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
| FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 3-42 |
213 | msg_mask[i] ^= msg[i];executed 42 times by 2 tests: msg_mask[i] ^= msg[i]; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 42 |
214 | | - |
215 | if (EVP_DigestInit(hash, digest) == 0TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
216 | || EVP_DigestUpdate(hash, x2y2, field_size) == 0TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
217 | || EVP_DigestUpdate(hash, msg, msg_len) == 0TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
218 | || EVP_DigestUpdate(hash, x2y2 + field_size, field_size) == 0TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
219 | || EVP_DigestFinal(hash, C3, NULL) == 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
220 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB); | - |
221 | goto done; never executed: goto done; | 0 |
222 | } | - |
223 | | - |
224 | ctext_struct.C1x = x1; | - |
225 | ctext_struct.C1y = y1; | - |
226 | ctext_struct.C3 = ASN1_OCTET_STRING_new(); | - |
227 | ctext_struct.C2 = ASN1_OCTET_STRING_new(); | - |
228 | | - |
229 | if (ctext_struct.C3 == NULL || ctext_struct.C2 == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
230 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE); | - |
231 | goto done; never executed: goto done; | 0 |
232 | } | - |
233 | if (!ASN1_OCTET_STRING_set(ctext_struct.C3, C3, C3_size)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
234 | || !ASN1_OCTET_STRING_set(ctext_struct.C2, msg_mask, msg_len)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
235 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
236 | goto done; never executed: goto done; | 0 |
237 | } | - |
238 | | - |
239 | ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, &ciphertext_buf); | - |
240 | | - |
241 | if (ciphertext_leni < 0) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
242 | SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR); | - |
243 | goto done; never executed: goto done; | 0 |
244 | } | - |
245 | *ciphertext_len = (size_t)ciphertext_leni; | - |
246 | | - |
247 | rc = 1; | - |
248 | | - |
249 | done:code before this statement executed 3 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
250 | ASN1_OCTET_STRING_free(ctext_struct.C2); | - |
251 | ASN1_OCTET_STRING_free(ctext_struct.C3); | - |
252 | OPENSSL_free(msg_mask); | - |
253 | OPENSSL_free(x2y2); | - |
254 | OPENSSL_free(C3); | - |
255 | EVP_MD_CTX_free(hash); | - |
256 | BN_CTX_free(ctx); | - |
257 | EC_POINT_free(kG); | - |
258 | EC_POINT_free(kP); | - |
259 | return rc;executed 3 times by 2 tests: return rc; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
260 | } | - |
261 | | - |
262 | int sm2_decrypt(const EC_KEY *key, | - |
263 | const EVP_MD *digest, | - |
264 | const uint8_t *ciphertext, | - |
265 | size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len) | - |
266 | { | - |
267 | int rc = 0; | - |
268 | int i; | - |
269 | BN_CTX *ctx = NULL; | - |
270 | const EC_GROUP *group = EC_KEY_get0_group(key); | - |
271 | EC_POINT *C1 = NULL; | - |
272 | struct SM2_Ciphertext_st *sm2_ctext = NULL; | - |
273 | BIGNUM *x2 = NULL; | - |
274 | BIGNUM *y2 = NULL; | - |
275 | uint8_t *x2y2 = NULL; | - |
276 | uint8_t *computed_C3 = NULL; | - |
277 | const size_t field_size = ec_field_size(group); | - |
278 | const int hash_size = EVP_MD_size(digest); | - |
279 | uint8_t *msg_mask = NULL; | - |
280 | const uint8_t *C2 = NULL; | - |
281 | const uint8_t *C3 = NULL; | - |
282 | int msg_len = 0; | - |
283 | EVP_MD_CTX *hash = NULL; | - |
284 | | - |
285 | if (field_size == 0 || hash_size <= 0)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
286 | goto done; never executed: goto done; | 0 |
287 | | - |
288 | memset(ptext_buf, 0xFF, *ptext_len); | - |
289 | | - |
290 | sm2_ctext = d2i_SM2_Ciphertext(NULL, &ciphertext, ciphertext_len); | - |
291 | | - |
292 | if (sm2_ctext == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
293 | SM2err(SM2_F_SM2_DECRYPT, SM2_R_ASN1_ERROR); | - |
294 | goto done; never executed: goto done; | 0 |
295 | } | - |
296 | | - |
297 | if (sm2_ctext->C3->length != hash_size) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
298 | SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_ENCODING); | - |
299 | goto done; never executed: goto done; | 0 |
300 | } | - |
301 | | - |
302 | C2 = sm2_ctext->C2->data; | - |
303 | C3 = sm2_ctext->C3->data; | - |
304 | msg_len = sm2_ctext->C2->length; | - |
305 | | - |
306 | ctx = BN_CTX_new(); | - |
307 | if (ctx == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
308 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE); | - |
309 | goto done; never executed: goto done; | 0 |
310 | } | - |
311 | | - |
312 | BN_CTX_start(ctx); | - |
313 | x2 = BN_CTX_get(ctx); | - |
314 | y2 = BN_CTX_get(ctx); | - |
315 | | - |
316 | if (y2 == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
317 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_BN_LIB); | - |
318 | goto done; never executed: goto done; | 0 |
319 | } | - |
320 | | - |
321 | msg_mask = OPENSSL_zalloc(msg_len); | - |
322 | x2y2 = OPENSSL_zalloc(2 * field_size); | - |
323 | computed_C3 = OPENSSL_zalloc(hash_size); | - |
324 | | - |
325 | if (msg_mask == NULL || x2y2 == NULL || computed_C3 == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
326 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE); | - |
327 | goto done; never executed: goto done; | 0 |
328 | } | - |
329 | | - |
330 | C1 = EC_POINT_new(group); | - |
331 | if (C1 == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
332 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE); | - |
333 | goto done; never executed: goto done; | 0 |
334 | } | - |
335 | | - |
336 | if (!EC_POINT_set_affine_coordinates(group, C1, sm2_ctext->C1x,TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
337 | sm2_ctext->C1y, ctx)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
338 | || !EC_POINT_mul(group, C1, NULL, C1, EC_KEY_get0_private_key(key),TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
339 | ctx)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
340 | || !EC_POINT_get_affine_coordinates(group, C1, x2, y2, ctx)) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
341 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_EC_LIB); | - |
342 | goto done; never executed: goto done; | 0 |
343 | } | - |
344 | | - |
345 | if (BN_bn2binpad(x2, x2y2, field_size) < 0TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
346 | || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
347 | || !ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
348 | digest)) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
349 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_INTERNAL_ERROR); | - |
350 | goto done; never executed: goto done; | 0 |
351 | } | - |
352 | | - |
353 | for (i = 0; i != msg_len; ++i)TRUE | evaluated 76 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
| FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 4-76 |
354 | ptext_buf[i] = C2[i] ^ msg_mask[i];executed 76 times by 2 tests: ptext_buf[i] = C2[i] ^ msg_mask[i]; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 76 |
355 | | - |
356 | hash = EVP_MD_CTX_new(); | - |
357 | if (hash == NULL) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
358 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE); | - |
359 | goto done; never executed: goto done; | 0 |
360 | } | - |
361 | | - |
362 | if (!EVP_DigestInit(hash, digest)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
363 | || !EVP_DigestUpdate(hash, x2y2, field_size)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
364 | || !EVP_DigestUpdate(hash, ptext_buf, msg_len)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
365 | || !EVP_DigestUpdate(hash, x2y2 + field_size, field_size)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
366 | || !EVP_DigestFinal(hash, computed_C3, NULL)) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
367 | SM2err(SM2_F_SM2_DECRYPT, ERR_R_EVP_LIB); | - |
368 | goto done; never executed: goto done; | 0 |
369 | } | - |
370 | | - |
371 | if (CRYPTO_memcmp(computed_C3, C3, hash_size) != 0) {TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
372 | SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_DIGEST); | - |
373 | goto done; never executed: goto done; | 0 |
374 | } | - |
375 | | - |
376 | rc = 1; | - |
377 | *ptext_len = msg_len; | - |
378 | | - |
379 | done:code before this statement executed 4 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 4 |
380 | if (rc == 0)TRUE | never evaluated | FALSE | evaluated 4 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-4 |
381 | memset(ptext_buf, 0, *ptext_len); never executed: memset(ptext_buf, 0, *ptext_len); | 0 |
382 | | - |
383 | OPENSSL_free(msg_mask); | - |
384 | OPENSSL_free(x2y2); | - |
385 | OPENSSL_free(computed_C3); | - |
386 | EC_POINT_free(C1); | - |
387 | BN_CTX_free(ctx); | - |
388 | SM2_Ciphertext_free(sm2_ctext); | - |
389 | EVP_MD_CTX_free(hash); | - |
390 | | - |
391 | return rc;executed 4 times by 2 tests: return rc; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 4 |
392 | } | - |
| | |