Add sm4 ciphers to default provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9935)

6 files changed, 138 insertions, 0 deletions

diff --git a/providers/common/include/internal/provider_algs.h b/providers/common/include/internal/provider_algs.h
index d69b9cd4b8..aeb7c430a0 100644
--- a/providers/common/include/internal/provider_algs.h
+++ b/providers/common/include/internal/provider_algs.h
@@ -140,6 +140,13 @@ extern const OSSL_DISPATCH seed128cbc_functions[];
 extern const OSSL_DISPATCH seed128ofb128_functions[];
 extern const OSSL_DISPATCH seed128cfb128_functions[];
 #endif /* OPENSSL_NO_SEED */
+#ifndef OPENSSL_NO_SM4
+extern const OSSL_DISPATCH sm4128ecb_functions[];
+extern const OSSL_DISPATCH sm4128cbc_functions[];
+extern const OSSL_DISPATCH sm4128ctr_functions[];
+extern const OSSL_DISPATCH sm4128ofb128_functions[];
+extern const OSSL_DISPATCH sm4128cfb128_functions[];
+#endif /* OPENSSL_NO_SM4 */
 
 extern const OSSL_DISPATCH tdes_ede3_ecb_functions[];
 extern const OSSL_DISPATCH tdes_ede3_cbc_functions[];
diff --git a/providers/default/ciphers/build.info b/providers/default/ciphers/build.info
index 66ef9df68a..8f2bbae28d 100644
--- a/providers/default/ciphers/build.info
+++ b/providers/default/ciphers/build.info
@@ -39,4 +39,9 @@ IF[{- !$disabled{seed} -}]
       cipher_seed.c cipher_seed_hw.c
 ENDIF
 
+IF[{- !$disabled{sm4} -}]
+  SOURCE[../../../libcrypto]=\
+      cipher_sm4.c cipher_sm4_hw.c
+ENDIF
+
 INCLUDE[../../../libcrypto]=. ../../../crypto
diff --git a/providers/default/ciphers/cipher_sm4.c b/providers/default/ciphers/cipher_sm4.c
new file mode 100644
index 0000000000..8b7c3761ca
--- /dev/null
+++ b/providers/default/ciphers/cipher_sm4.c
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Dispatch functions for cast cipher modes ecb, cbc, ofb, cfb */
+
+#include "cipher_sm4.h"
+#include "internal/provider_algs.h"
+
+/* TODO (3.0) Figure out what flags to pass */
+#define SM4_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1
+
+static OSSL_OP_cipher_freectx_fn sm4_freectx;
+static OSSL_OP_cipher_dupctx_fn sm4_dupctx;
+
+static void sm4_freectx(void *vctx)
+{
+    PROV_SM4_CTX *ctx = (PROV_SM4_CTX *)vctx;
+
+    OPENSSL_clear_free(ctx,  sizeof(*ctx));
+}
+
+static void *sm4_dupctx(void *ctx)
+{
+    PROV_SM4_CTX *in = (PROV_SM4_CTX *)ctx;
+    PROV_SM4_CTX *ret = OPENSSL_malloc(sizeof(*ret));
+
+    if (ret == NULL) {
+        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    *ret = *in;
+
+    return ret;
+}
+
+/* sm4128ecb_functions */
+IMPLEMENT_generic_cipher(sm4, SM4, ecb, ECB, SM4_FLAGS, 128, 128, 0, block)
+/* sm4128cbc_functions */
+IMPLEMENT_generic_cipher(sm4, SM4, cbc, CBC, SM4_FLAGS, 128, 128, 128, block)
+/* sm4128ctr_functions */
+IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, SM4_FLAGS, 128, 8, 128, stream)
+/* sm4128ofb128_functions */
+IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, SM4_FLAGS, 128, 8, 128, stream)
+/* sm4128cfb128_functions */
+IMPLEMENT_generic_cipher(sm4, SM4, cfb128,  CFB, SM4_FLAGS, 128, 8, 128, stream)
diff --git a/providers/default/ciphers/cipher_sm4.h b/providers/default/ciphers/cipher_sm4.h
new file mode 100644
index 0000000000..842c218f30
--- /dev/null
+++ b/providers/default/ciphers/cipher_sm4.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/ciphers/ciphercommon.h"
+#include "internal/sm4.h"
+
+typedef struct prov_cast_ctx_st {
+    PROV_CIPHER_CTX base;      /* Must be first */
+    union {
+        OSSL_UNION_ALIGN;
+        SM4_KEY ks;
+    } ks;
+} PROV_SM4_CTX;
+
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_cbc(size_t keybits);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_ecb(size_t keybits);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_ctr(size_t keybits);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_ofb128(size_t keybits);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_cfb128(size_t keybits);
diff --git a/providers/default/ciphers/cipher_sm4_hw.c b/providers/default/ciphers/cipher_sm4_hw.c
new file mode 100644
index 0000000000..9ecaf0b997
--- /dev/null
+++ b/providers/default/ciphers/cipher_sm4_hw.c
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_sm4.h"
+
+static int cipher_hw_sm4_initkey(PROV_CIPHER_CTX *ctx,
+                                 const unsigned char *key, size_t keylen)
+{
+    PROV_SM4_CTX *sctx =  (PROV_SM4_CTX *)ctx;
+    SM4_KEY *ks = &sctx->ks.ks;
+
+    SM4_set_key(key, ks);
+    ctx->ks = ks;
+    if (ctx->enc
+            || (ctx->mode != EVP_CIPH_ECB_MODE
+                && ctx->mode != EVP_CIPH_CBC_MODE))
+        ctx->block = (block128_f)SM4_encrypt;
+    else
+        ctx->block = (block128_f)SM4_decrypt;
+    return 1;
+}
+
+# define PROV_CIPHER_HW_sm4_mode(mode)                                         \
+static const PROV_CIPHER_HW sm4_##mode = {                                     \
+    cipher_hw_sm4_initkey,                                                     \
+    cipher_hw_chunked_##mode                                                   \
+};                                                                             \
+const PROV_CIPHER_HW *PROV_CIPHER_HW_sm4_##mode(size_t keybits)                \
+{                                                                              \
+    return &sm4_##mode;                                                        \
+}
+
+PROV_CIPHER_HW_sm4_mode(cbc)
+PROV_CIPHER_HW_sm4_mode(ecb)
+PROV_CIPHER_HW_sm4_mode(ofb128)
+PROV_CIPHER_HW_sm4_mode(cfb128)
+PROV_CIPHER_HW_sm4_mode(ctr)
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 71169161e8..845f0c11c0 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -213,6 +213,13 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
     { "SEED-OFB", "default=yes", seed128ofb128_functions },
     { "SEED-CFB", "default=yes", seed128cfb128_functions },
 #endif /* OPENSSL_NO_SEED */
+#ifndef OPENSSL_NO_SM4
+    { "SM4-ECB", "default=yes", sm4128ecb_functions },
+    { "SM4-CBC", "default=yes", sm4128cbc_functions },
+    { "SM4-CTR", "default=yes", sm4128ctr_functions },
+    { "SM4-OFB", "default=yes", sm4128ofb128_functions },
+    { "SM4-CFB", "default=yes", sm4128cfb128_functions },
+#endif /* OPENSSL_NO_SM4 */
     { NULL, NULL, NULL }
 };