下載源碼, 編譯, 以及驗證步驟

下載源碼

解壓縮

tar xzvf openssl-1.1.1-pre4.tar.gz
tar xzvf openssl-1.1.1-pre5.tar.gz

編譯步驟

cd openssl -1.1.1-pre5
./config
make

本地安裝(可選步驟)

sudo make install

配置LD_LIBRARY_PATH並檢查openssl可執行程序版本號

$ export LD_LIBRARY_PATH= `pwd`
$ ./apps/openssl version
OpenSSL 1.1.1-pre5 (beta) 17 Apr 2018

檢查 SM3 哈希校驗和

$ echo -n "abc" | ./apps/openssl dgst -SM3
(stdin)= 66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0

檢查橢圓曲線是否包含SM2

$ ./apps/openssl ecparam -list_curves | grep SM2
SM2 : SM2 curve over a 256 bit prime field

檢查對稱算法

./apps/openssl enc -ciphers
-sm4
-sm4-cbc
-sm4-cfb
-sm4-ctr
-sm4-ecb
-sm4-ofb

查找SM4對稱加密API接口文檔

???

SM4-自測試數據

測試SM4-ECB電子密碼本模式, 選取AES-128-ECB作為參考
https://github.com/liuqun/openssl-sm4-demo/

/** 文件名: https://github.com/liuqun/openssl-sm4-demo/blob/cmake/src/main.c */
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "openssl/err.h"
#include "openssl/evp.h"
/* Before OpenSSL 1.1.1-pre1, we did not have EVP_sm4_ecb() */
#if defined(OPENSSL_VERSION_NUMBER) \
&& OPENSSL_VERSION_NUMBER < 0x10101001L
static const EVP_CIPHER *(*EVP_sm4_ecb)()=EVP_aes_128_ecb;
#endif
typedef struct {
const unsigned char *in_data;
size_t in_data_len;
int in_data_is_already_padded;
const unsigned char *in_ivec;
const unsigned char *in_key;
size_t in_key_len;
} test_case_t;
void test_encrypt_with_cipher(const test_case_t *in, const EVP_CIPHER *cipher)
{
unsigned char *out_buf = NULL;
int out_len;
int out_padding_len;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_EncryptInit_ex(ctx, cipher, NULL, in->in_key, in->in_ivec);
if (in->in_data_is_already_padded)
{
/* Check whether the input data is already padded.
And its length must be an integral multiple of the cipher's block size. */
const size_t bs = EVP_CIPHER_block_size(cipher);
if (in->in_data_len % bs != 0)
{
printf("ERROR-1: data length=%d which is not added yet; block size=%d\n", (int) in->in_data_len, (int) bs);
/* Warning: Remember to do some clean-ups */
EVP_CIPHER_CTX_free(ctx);
return;
}
/* Disable the implicit PKCS#7 padding defined in EVP_CIPHER */
EVP_CIPHER_CTX_set_padding(ctx, 0);
}
out_buf = ( unsigned char *) malloc(((in->in_data_len>>4)+1) << 4);
out_len = 0;
EVP_EncryptUpdate(ctx, out_buf, &out_len, in->in_data, in->in_data_len);
if (1)
{
printf("Debug: out_len=%d\n", out_len);
}
out_padding_len = 0;
EVP_EncryptFinal_ex(ctx, out_buf+out_len, &out_padding_len);
if (1)
{
printf("Debug: out_padding_len=%d\n", out_padding_len);
}
EVP_CIPHER_CTX_free(ctx);
if (1)
{
int i;
int len;
len = out_len + out_padding_len;
for (i=0; i<len; i++)
{
printf("%02x ", out_buf[i]);
}
printf("\n");
}
if (out_buf)
{
free(out_buf);
out_buf = NULL;
}
}
void main()
{
int have_sm4 = (OPENSSL_VERSION_NUMBER >= 0x10101001L);
int have_aes = 1;
const unsigned char data[]=
{
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
};
unsigned char ivec[EVP_MAX_IV_LENGTH]; ///< IV 向量
const unsigned char key1[16] = ///< key_data, 密鑰內容, 至少16字節
{
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
};
test_case_t tc;
tc.in_data = data;
tc.in_data_len = sizeof(data);
tc.in_data_is_already_padded = (tc.in_data_len % 16)==0; // Hard coded 16 as the cipher's block size
tc.in_key = key1;
tc.in_key_len = sizeof(key1);
memset(ivec, 0x00, EVP_MAX_IV_LENGTH);
tc.in_ivec = ivec;
#if defined(OPENSSL_NO_SM4)
have_sm4 = 0;
#endif
if (have_sm4)
{
printf("[1]\n");
printf("Debug: EVP_sm4_ecb() test\n");
test_encrypt_with_cipher(&tc, EVP_sm4_ecb());
}
#if defined(OPENSSL_NO_AES)
have_aes = 0;
#endif
if (have_aes)
{
printf("[2]\n");
printf("Debug: EVP_aes_128_ecb() test\n");
test_encrypt_with_cipher(&tc, EVP_aes_128_ecb());
}
}

假定當前是把main.c放在 openssl- 1.1.1-pre5/文件夾內
gcc -Iinclude -c main.c
gcc main.o libcrypto.so -o a. out
export LD_LIBRARY_PATH=`pwd`
ldd a. out
./a. out

9.1. GM/T OIDs
9.1.1. SCA OID Prefix
All SM4 GM/T OIDs belong under the "1.2.156.10197" OID prefix,
registered by the Chinese Cryptography Standardization Technology
Committee ("CCSTC"), a committee under the SCA. Its components are
described below in ASN.1 notation.

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 國密算法說明SM2、SM3、SM4 關於國密算法 SM1，SM2，SM3，SM4 的筆記關於國密算法 SM1，SM2，SM3，SM4 的筆記關於國密算法 SM1，SM2，SM3，SM4 的筆記國密算法概述 SM1、SM2、SM3、SM4、SM7、SM9、ZUC 國密gmssl介紹（SM2、SM3、SM4算法）一個支持國密SM2/SM3/SM4/SM9/ZUC/SSL的密碼工具箱 java-信息安全（二十）國密算法 SM1，SM2，SM3，SM4 java 國密算法sm2、sm3 sm2,sm3,sm4國密算法的純c語言版本，使用於任何嵌入式平台