OpenCoverage

sm2_crypt.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/sm2/sm2_crypt.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.-
3 * Copyright 2017 Ribose Inc. All Rights Reserved.-
4 * Ported from Ribose contributions from Botan.-
5 *-
6 * Licensed under the OpenSSL license (the "License"). You may not use-
7 * this file except in compliance with the License. You can obtain a copy-
8 * in the file LICENSE in the source distribution or at-
9 * https://www.openssl.org/source/license.html-
10 */-
11-
12#include "internal/sm2.h"-
13#include "internal/sm2err.h"-
14#include <openssl/err.h>-
15#include <openssl/evp.h>-
16#include <openssl/bn.h>-
17#include <openssl/asn1.h>-
18#include <openssl/asn1t.h>-
19#include <string.h>-
20-
21typedef struct SM2_Ciphertext_st SM2_Ciphertext;-
22DECLARE_ASN1_FUNCTIONS(SM2_Ciphertext)-
23-
24struct SM2_Ciphertext_st {-
25 BIGNUM *C1x;-
26 BIGNUM *C1y;-
27 ASN1_OCTET_STRING *C3;-
28 ASN1_OCTET_STRING *C2;-
29};-
30-
31ASN1_SEQUENCE(SM2_Ciphertext) = {-
32 ASN1_SIMPLE(SM2_Ciphertext, C1x, BIGNUM),-
33 ASN1_SIMPLE(SM2_Ciphertext, C1y, BIGNUM),-
34 ASN1_SIMPLE(SM2_Ciphertext, C3, ASN1_OCTET_STRING),-
35 ASN1_SIMPLE(SM2_Ciphertext, C2, ASN1_OCTET_STRING),-
36} ASN1_SEQUENCE_END(SM2_Ciphertext)-
37-
38IMPLEMENT_ASN1_FUNCTIONS(SM2_Ciphertext)
executed 4 times by 2 tests: end of block
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
executed 4 times by 2 tests: return (SM2_Ciphertext *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(SM2_Ciphertext_it)));
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
executed 3 times by 2 tests: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(SM2_Ciphertext_it)));
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
never executed: return (SM2_Ciphertext *)ASN1_item_new((&(SM2_Ciphertext_it)));
0-4
39-
40static size_t ec_field_size(const EC_GROUP *group)-
41{-
42 /* Is there some simpler way to do this? */-
43 BIGNUM *p = BN_new();-
44 BIGNUM *a = BN_new();-
45 BIGNUM *b = BN_new();-
46 size_t field_size = 0;-
47-
48 if (p == NULL || a == NULL || b == NULL)
p == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 12 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
a == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 12 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
b == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 12 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-12
49 goto done;
never executed: goto done;
0
50-
51 if (!EC_GROUP_get_curve(group, p, a, b, NULL))
!EC_GROUP_get_... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 12 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-12
52 goto done;
never executed: goto done;
0
53 field_size = (BN_num_bits(p) + 7) / 8;-
54-
55 done:
code before this statement executed 12 times by 2 tests: done:
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
12
56 BN_free(p);-
57 BN_free(a);-
58 BN_free(b);-
59-
60 return field_size;
executed 12 times by 2 tests: return field_size;
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
12
61}-
62-
63int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,-
64 size_t *pt_size)-
65{-
66 const size_t field_size = ec_field_size(EC_KEY_get0_group(key));-
67 const int md_size = EVP_MD_size(digest);-
68 size_t overhead;-
69-
70 if (md_size < 0) {
md_size < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
71 SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_DIGEST);-
72 return 0;
never executed: return 0;
0
73 }-
74 if (field_size == 0) {
field_size == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
75 SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_FIELD);-
76 return 0;
never executed: return 0;
0
77 }-
78-
79 overhead = 10 + 2 * field_size + (size_t)md_size;-
80 if (msg_len <= overhead) {
msg_len <= overheadDescription
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
81 SM2err(SM2_F_SM2_PLAINTEXT_SIZE, SM2_R_INVALID_ENCODING);-
82 return 0;
never executed: return 0;
0
83 }-
84-
85 *pt_size = msg_len - overhead;-
86 return 1;
executed 3 times by 2 tests: return 1;
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
3
87}-
88-
89int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,-
90 size_t *ct_size)-
91{-
92 const size_t field_size = ec_field_size(EC_KEY_get0_group(key));-
93 const int md_size = EVP_MD_size(digest);-
94 size_t sz;-
95-
96 if (field_size == 0 || md_size < 0)
field_size == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sm2_internal_test
md_size < 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sm2_internal_test
0-2
97 return 0;
never executed: return 0;
0
98-
99 /* Integer and string are simple type; set constructed = 0, means primitive and definite length encoding. */-
100 sz = 2 * ASN1_object_size(0, field_size + 1, V_ASN1_INTEGER)-
101 + ASN1_object_size(0, md_size, V_ASN1_OCTET_STRING)-
102 + ASN1_object_size(0, msg_len, V_ASN1_OCTET_STRING);-
103 /* Sequence is structured type; set constructed = 1, means constructed and definite length encoding. */-
104 *ct_size = ASN1_object_size(1, sz, V_ASN1_SEQUENCE);-
105-
106 return 1;
executed 2 times by 1 test: return 1;
Executed by:
  • sm2_internal_test
2
107}-
108-
109int sm2_encrypt(const EC_KEY *key,-
110 const EVP_MD *digest,-
111 const uint8_t *msg,-
112 size_t msg_len, uint8_t *ciphertext_buf, size_t *ciphertext_len)-
113{-
114 int rc = 0, ciphertext_leni;-
115 size_t i;-
116 BN_CTX *ctx = NULL;-
117 BIGNUM *k = NULL;-
118 BIGNUM *x1 = NULL;-
119 BIGNUM *y1 = NULL;-
120 BIGNUM *x2 = NULL;-
121 BIGNUM *y2 = NULL;-
122 EVP_MD_CTX *hash = EVP_MD_CTX_new();-
123 struct SM2_Ciphertext_st ctext_struct;-
124 const EC_GROUP *group = EC_KEY_get0_group(key);-
125 const BIGNUM *order = EC_GROUP_get0_order(group);-
126 const EC_POINT *P = EC_KEY_get0_public_key(key);-
127 EC_POINT *kG = NULL;-
128 EC_POINT *kP = NULL;-
129 uint8_t *msg_mask = NULL;-
130 uint8_t *x2y2 = NULL;-
131 uint8_t *C3 = NULL;-
132 size_t field_size;-
133 const int C3_size = EVP_MD_size(digest);-
134-
135 /* NULL these before any "goto done" */-
136 ctext_struct.C2 = NULL;-
137 ctext_struct.C3 = NULL;-
138-
139 if (hash == NULL || C3_size <= 0) {
hash == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
C3_size <= 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
140 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
141 goto done;
never executed: goto done;
0
142 }-
143-
144 field_size = ec_field_size(group);-
145 if (field_size == 0) {
field_size == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
146 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
147 goto done;
never executed: goto done;
0
148 }-
149-
150 kG = EC_POINT_new(group);-
151 kP = EC_POINT_new(group);-
152 ctx = BN_CTX_new();-
153 if (kG == NULL || kP == NULL || ctx == NULL) {
kG == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
kP == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
154 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE);-
155 goto done;
never executed: goto done;
0
156 }-
157-
158 BN_CTX_start(ctx);-
159 k = BN_CTX_get(ctx);-
160 x1 = BN_CTX_get(ctx);-
161 x2 = BN_CTX_get(ctx);-
162 y1 = BN_CTX_get(ctx);-
163 y2 = BN_CTX_get(ctx);-
164-
165 if (y2 == NULL) {
y2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
166 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_BN_LIB);-
167 goto done;
never executed: goto done;
0
168 }-
169-
170 x2y2 = OPENSSL_zalloc(2 * field_size);-
171 C3 = OPENSSL_zalloc(C3_size);-
172-
173 if (x2y2 == NULL || C3 == NULL) {
x2y2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
C3 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
174 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE);-
175 goto done;
never executed: goto done;
0
176 }-
177-
178 memset(ciphertext_buf, 0, *ciphertext_len);-
179-
180 if (!BN_priv_rand_range(k, order)) {
!BN_priv_rand_range(k, order)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
181 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
182 goto done;
never executed: goto done;
0
183 }-
184-
185 if (!EC_POINT_mul(group, kG, k, NULL, NULL, ctx)
!EC_POINT_mul(...id *)0) , ctx)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
186 || !EC_POINT_get_affine_coordinates(group, kG, x1, y1, ctx)
!EC_POINT_get_..., x1, y1, ctx)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
187 || !EC_POINT_mul(group, kP, NULL, P, k, ctx)
!EC_POINT_mul(...) , P, k, ctx)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
188 || !EC_POINT_get_affine_coordinates(group, kP, x2, y2, ctx)) {
!EC_POINT_get_..., x2, y2, ctx)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
189 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EC_LIB);-
190 goto done;
never executed: goto done;
0
191 }-
192-
193 if (BN_bn2binpad(x2, x2y2, field_size) < 0
BN_bn2binpad(x...ield_size) < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
194 || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0) {
BN_bn2binpad(y...ield_size) < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
195 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
196 goto done;
never executed: goto done;
0
197 }-
198-
199 msg_mask = OPENSSL_zalloc(msg_len);-
200 if (msg_mask == NULL) {
msg_mask == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
201 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE);-
202 goto done;
never executed: goto done;
0
203 }-
204-
205 /* X9.63 with no salt happens to match the KDF used in SM2 */-
206 if (!ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
!ECDH_KDF_X9_6...) , 0, digest)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
207 digest)) {
!ECDH_KDF_X9_6...) , 0, digest)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
208 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB);-
209 goto done;
never executed: goto done;
0
210 }-
211-
212 for (i = 0; i != msg_len; ++i)
i != msg_lenDescription
TRUEevaluated 42 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
3-42
213 msg_mask[i] ^= msg[i];
executed 42 times by 2 tests: msg_mask[i] ^= msg[i];
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
42
214-
215 if (EVP_DigestInit(hash, digest) == 0
EVP_DigestInit..., digest) == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
216 || EVP_DigestUpdate(hash, x2y2, field_size) == 0
EVP_DigestUpda...eld_size) == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
217 || EVP_DigestUpdate(hash, msg, msg_len) == 0
EVP_DigestUpda... msg_len) == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
218 || EVP_DigestUpdate(hash, x2y2 + field_size, field_size) == 0
EVP_DigestUpda...eld_size) == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
219 || EVP_DigestFinal(hash, C3, NULL) == 0) {
EVP_DigestFina...id *)0) ) == 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
220 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB);-
221 goto done;
never executed: goto done;
0
222 }-
223-
224 ctext_struct.C1x = x1;-
225 ctext_struct.C1y = y1;-
226 ctext_struct.C3 = ASN1_OCTET_STRING_new();-
227 ctext_struct.C2 = ASN1_OCTET_STRING_new();-
228-
229 if (ctext_struct.C3 == NULL || ctext_struct.C2 == NULL) {
ctext_struct.C3 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
ctext_struct.C2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
230 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_MALLOC_FAILURE);-
231 goto done;
never executed: goto done;
0
232 }-
233 if (!ASN1_OCTET_STRING_set(ctext_struct.C3, C3, C3_size)
!ASN1_OCTET_ST..., C3, C3_size)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
234 || !ASN1_OCTET_STRING_set(ctext_struct.C2, msg_mask, msg_len)) {
!ASN1_OCTET_ST...mask, msg_len)Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
235 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
236 goto done;
never executed: goto done;
0
237 }-
238-
239 ciphertext_leni = i2d_SM2_Ciphertext(&ctext_struct, &ciphertext_buf);-
240 /* Ensure cast to size_t is safe */-
241 if (ciphertext_leni < 0) {
ciphertext_leni < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-3
242 SM2err(SM2_F_SM2_ENCRYPT, ERR_R_INTERNAL_ERROR);-
243 goto done;
never executed: goto done;
0
244 }-
245 *ciphertext_len = (size_t)ciphertext_leni;-
246-
247 rc = 1;-
248-
249 done:
code before this statement executed 3 times by 2 tests: done:
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
3
250 ASN1_OCTET_STRING_free(ctext_struct.C2);-
251 ASN1_OCTET_STRING_free(ctext_struct.C3);-
252 OPENSSL_free(msg_mask);-
253 OPENSSL_free(x2y2);-
254 OPENSSL_free(C3);-
255 EVP_MD_CTX_free(hash);-
256 BN_CTX_free(ctx);-
257 EC_POINT_free(kG);-
258 EC_POINT_free(kP);-
259 return rc;
executed 3 times by 2 tests: return rc;
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
3
260}-
261-
262int sm2_decrypt(const EC_KEY *key,-
263 const EVP_MD *digest,-
264 const uint8_t *ciphertext,-
265 size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len)-
266{-
267 int rc = 0;-
268 int i;-
269 BN_CTX *ctx = NULL;-
270 const EC_GROUP *group = EC_KEY_get0_group(key);-
271 EC_POINT *C1 = NULL;-
272 struct SM2_Ciphertext_st *sm2_ctext = NULL;-
273 BIGNUM *x2 = NULL;-
274 BIGNUM *y2 = NULL;-
275 uint8_t *x2y2 = NULL;-
276 uint8_t *computed_C3 = NULL;-
277 const size_t field_size = ec_field_size(group);-
278 const int hash_size = EVP_MD_size(digest);-
279 uint8_t *msg_mask = NULL;-
280 const uint8_t *C2 = NULL;-
281 const uint8_t *C3 = NULL;-
282 int msg_len = 0;-
283 EVP_MD_CTX *hash = NULL;-
284-
285 if (field_size == 0 || hash_size <= 0)
field_size == 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
hash_size <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
286 goto done;
never executed: goto done;
0
287-
288 memset(ptext_buf, 0xFF, *ptext_len);-
289-
290 sm2_ctext = d2i_SM2_Ciphertext(NULL, &ciphertext, ciphertext_len);-
291-
292 if (sm2_ctext == NULL) {
sm2_ctext == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
293 SM2err(SM2_F_SM2_DECRYPT, SM2_R_ASN1_ERROR);-
294 goto done;
never executed: goto done;
0
295 }-
296-
297 if (sm2_ctext->C3->length != hash_size) {
sm2_ctext->C3-...h != hash_sizeDescription
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
298 SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_ENCODING);-
299 goto done;
never executed: goto done;
0
300 }-
301-
302 C2 = sm2_ctext->C2->data;-
303 C3 = sm2_ctext->C3->data;-
304 msg_len = sm2_ctext->C2->length;-
305-
306 ctx = BN_CTX_new();-
307 if (ctx == NULL) {
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
308 SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE);-
309 goto done;
never executed: goto done;
0
310 }-
311-
312 BN_CTX_start(ctx);-
313 x2 = BN_CTX_get(ctx);-
314 y2 = BN_CTX_get(ctx);-
315-
316 if (y2 == NULL) {
y2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
317 SM2err(SM2_F_SM2_DECRYPT, ERR_R_BN_LIB);-
318 goto done;
never executed: goto done;
0
319 }-
320-
321 msg_mask = OPENSSL_zalloc(msg_len);-
322 x2y2 = OPENSSL_zalloc(2 * field_size);-
323 computed_C3 = OPENSSL_zalloc(hash_size);-
324-
325 if (msg_mask == NULL || x2y2 == NULL || computed_C3 == NULL) {
msg_mask == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
x2y2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
computed_C3 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
326 SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE);-
327 goto done;
never executed: goto done;
0
328 }-
329-
330 C1 = EC_POINT_new(group);-
331 if (C1 == NULL) {
C1 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
332 SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE);-
333 goto done;
never executed: goto done;
0
334 }-
335-
336 if (!EC_POINT_set_affine_coordinates(group, C1, sm2_ctext->C1x,
!EC_POINT_set_...ext->C1y, ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
337 sm2_ctext->C1y, ctx)
!EC_POINT_set_...ext->C1y, ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
338 || !EC_POINT_mul(group, C1, NULL, C1, EC_KEY_get0_private_key(key),
!EC_POINT_mul(...key(key), ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
339 ctx)
!EC_POINT_mul(...key(key), ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
340 || !EC_POINT_get_affine_coordinates(group, C1, x2, y2, ctx)) {
!EC_POINT_get_..., x2, y2, ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
341 SM2err(SM2_F_SM2_DECRYPT, ERR_R_EC_LIB);-
342 goto done;
never executed: goto done;
0
343 }-
344-
345 if (BN_bn2binpad(x2, x2y2, field_size) < 0
BN_bn2binpad(x...ield_size) < 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
346 || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0
BN_bn2binpad(y...ield_size) < 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
347 || !ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
!ECDH_KDF_X9_6...) , 0, digest)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
348 digest)) {
!ECDH_KDF_X9_6...) , 0, digest)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
349 SM2err(SM2_F_SM2_DECRYPT, ERR_R_INTERNAL_ERROR);-
350 goto done;
never executed: goto done;
0
351 }-
352-
353 for (i = 0; i != msg_len; ++i)
i != msg_lenDescription
TRUEevaluated 76 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
4-76
354 ptext_buf[i] = C2[i] ^ msg_mask[i];
executed 76 times by 2 tests: ptext_buf[i] = C2[i] ^ msg_mask[i];
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
76
355-
356 hash = EVP_MD_CTX_new();-
357 if (hash == NULL) {
hash == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
358 SM2err(SM2_F_SM2_DECRYPT, ERR_R_MALLOC_FAILURE);-
359 goto done;
never executed: goto done;
0
360 }-
361-
362 if (!EVP_DigestInit(hash, digest)
!EVP_DigestInit(hash, digest)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
363 || !EVP_DigestUpdate(hash, x2y2, field_size)
!EVP_DigestUpd...2, field_size)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
364 || !EVP_DigestUpdate(hash, ptext_buf, msg_len)
!EVP_DigestUpd..._buf, msg_len)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
365 || !EVP_DigestUpdate(hash, x2y2 + field_size, field_size)
!EVP_DigestUpd...e, field_size)Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
366 || !EVP_DigestFinal(hash, computed_C3, NULL)) {
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
367 SM2err(SM2_F_SM2_DECRYPT, ERR_R_EVP_LIB);-
368 goto done;
never executed: goto done;
0
369 }-
370-
371 if (CRYPTO_memcmp(computed_C3, C3, hash_size) != 0) {
CRYPTO_memcmp(...ash_size) != 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
372 SM2err(SM2_F_SM2_DECRYPT, SM2_R_INVALID_DIGEST);-
373 goto done;
never executed: goto done;
0
374 }-
375-
376 rc = 1;-
377 *ptext_len = msg_len;-
378-
379 done:
code before this statement executed 4 times by 2 tests: done:
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
4
380 if (rc == 0)
rc == 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 2 tests
Evaluated by:
  • libcrypto.so.1.1
  • sm2_internal_test
0-4
381 memset(ptext_buf, 0, *ptext_len);
never executed: memset(ptext_buf, 0, *ptext_len);
0
382-
383 OPENSSL_free(msg_mask);-
384 OPENSSL_free(x2y2);-
385 OPENSSL_free(computed_C3);-
386 EC_POINT_free(C1);-
387 BN_CTX_free(ctx);-
388 SM2_Ciphertext_free(sm2_ctext);-
389 EVP_MD_CTX_free(hash);-
390-
391 return rc;
executed 4 times by 2 tests: return rc;
Executed by:
  • libcrypto.so.1.1
  • sm2_internal_test
4
392}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2