const 发布的文章

“const”

SM3是中华人民共和国政府采用的一种密码散列函数标准,前身为SCH4杂凑算法,由国家密码管理局于2010年12月17日发布,相关标准为“GM/T 0004-2012 《SM3密码杂凑算法》”。2016年,成为中国国家密码标准(GB/T 32905-2016)。
在商用密码体系中,SM3主要用于数字签名及验证、消息认证码生成及验证、随机数生成等,其算法公开,安全性及效率与SHA-256相当。
SM3签名算法收录于ISO/IEC 10118-3:2018《信息安全技术杂凑函数第3部分:专用杂凑函数》
代码:

package main

/*
#cgo CFLAGS: -I ./include
#cgo LDFLAGS: -L ./lib -lcrypto -ldl
#include <stdlib.h>
#include <openssl/evp.h>
*/
import "C"

import (
    "fmt"
    "os"
    "unsafe"
)

func main() {
    strdigestname := "sm3"
    fmt.Printf("go OpenSSL cgo %s demo/example.\n", strdigestname)
    strdata := "https://const.net.cn/"
    digestname := []byte(strdigestname)
    md := C.EVP_get_digestbyname((*C.char)(unsafe.Pointer(&digestname[0])))
    if md == nil {
        fmt.Printf("Unknown message digest %s\n", strdigestname)
        os.Exit(1)
    }
    md_value := make([]byte, 128)
    md_len := 0
    data := []byte(strdata)
    mdctx := C.EVP_MD_CTX_new()
    C.EVP_DigestInit(mdctx, md)
    C.EVP_DigestUpdate(mdctx, unsafe.Pointer(&data[0]), C.size_t(len(data)))
    C.EVP_DigestFinal_ex(mdctx, (*C.uchar)(unsafe.Pointer(&md_value[0])), (*C.uint)(unsafe.Pointer(&md_len)))
    C.EVP_MD_CTX_free(mdctx)

    fmt.Printf("message digest=%x %s message digest len=%d\n", md_value[0:md_len], strdigestname, md_len)
}

输出:

go run .
go OpenSSL cgo sm3 demo/example.
message digest=bc028f836a92dced100b500f087d4223201ff2f60ef0bb76e84e9a5a6f9be74a sm3 message digest len=32
echo -n "https://const.net.cn/" |openssl dgst -sm3
(stdin)= bc028f836a92dced100b500f087d4223201ff2f60ef0bb76e84e9a5a6f9be74a

ssl3-md5其实还是md5。。。

openssl list -digest-algorithms

输出:

RSA-MD4 => MD4
RSA-MD5 => MD5
RSA-RIPEMD160 => RIPEMD160
RSA-SHA1 => SHA1
RSA-SHA1-2 => RSA-SHA1
RSA-SHA224 => SHA224
RSA-SHA256 => SHA256
RSA-SHA3-224 => SHA3-224
RSA-SHA3-256 => SHA3-256
RSA-SHA3-384 => SHA3-384
RSA-SHA3-512 => SHA3-512
RSA-SHA384 => SHA384
RSA-SHA512 => SHA512
RSA-SHA512/224 => SHA512-224
RSA-SHA512/256 => SHA512-256
RSA-SM3 => SM3
BLAKE2b512
BLAKE2s256
id-rsassa-pkcs1-v1_5-with-sha3-224 => SHA3-224
id-rsassa-pkcs1-v1_5-with-sha3-256 => SHA3-256
id-rsassa-pkcs1-v1_5-with-sha3-384 => SHA3-384
id-rsassa-pkcs1-v1_5-with-sha3-512 => SHA3-512
MD4
md4WithRSAEncryption => MD4
MD5
MD5-SHA1
md5WithRSAEncryption => MD5
ripemd => RIPEMD160
RIPEMD160
ripemd160WithRSA => RIPEMD160
rmd160 => RIPEMD160
SHA1
sha1WithRSAEncryption => SHA1
SHA224
sha224WithRSAEncryption => SHA224
SHA256
sha256WithRSAEncryption => SHA256
SHA3-224
SHA3-256
SHA3-384
SHA3-512
SHA384
sha384WithRSAEncryption => SHA384
SHA512
SHA512-224
sha512-224WithRSAEncryption => SHA512-224
SHA512-256
sha512-256WithRSAEncryption => SHA512-256
sha512WithRSAEncryption => SHA512
SHAKE128
SHAKE256
SM3
sm3WithRSAEncryption => SM3
ssl3-md5 => MD5
ssl3-sha1 => SHA1
whirlpool

代码:

package main

/*
#cgo CFLAGS: -I ./include
#cgo LDFLAGS: -L ./lib -lcrypto -ldl
#include <stdlib.h>
#include <openssl/evp.h>
*/
import "C"

import (
    "fmt"
    "os"
    "unsafe"
)

func main() {
    strdigestname := "ssl3-md5"
    fmt.Printf("go OpenSSL cgo %s demo/example.\n", strdigestname)
    strdata := "https://const.net.cn/"
    digestname := []byte(strdigestname)
    md := C.EVP_get_digestbyname((*C.char)(unsafe.Pointer(&digestname[0])))
    if md == nil {
        fmt.Printf("Unknown message digest %s\n", strdigestname)
        os.Exit(1)
    }
    md_value := make([]byte, 128)
    md_len := 0
    data := []byte(strdata)
    mdctx := C.EVP_MD_CTX_new()
    C.EVP_DigestInit(mdctx, md)
    C.EVP_DigestUpdate(mdctx, unsafe.Pointer(&data[0]), C.size_t(len(data)))
    C.EVP_DigestFinal_ex(mdctx, (*C.uchar)(unsafe.Pointer(&md_value[0])), (*C.uint)(unsafe.Pointer(&md_len)))
    C.EVP_MD_CTX_free(mdctx)

    fmt.Printf("message digest=%x %s message digest len=%d\n", md_value[0:md_len], strdigestname, md_len)
}

输出:

go run .
go OpenSSL cgo ssl3-md5 demo/example.
message digest=4b655b565c09136dd867a7e523371391 ssl3-md5 message digest len=16
echo -n "https://const.net.cn/" |openssl dgst -ssl3-md5
(stdin)= 4b655b565c09136dd867a7e523371391
echo -n "https://const.net.cn/" |openssl dgst -md5
(stdin)= 4b655b565c09136dd867a7e523371391

ssl3-sha1其实还是sha1。。。

代码:

package main

/*
#cgo CFLAGS: -I ./include
#cgo LDFLAGS: -L ./lib -lcrypto -ldl
#include <stdlib.h>
#include <openssl/evp.h>
*/
import "C"

import (
    "fmt"
    "os"
    "unsafe"
)

func main() {
    strdigestname := "ssl3-sha1"
    fmt.Printf("go OpenSSL cgo %s demo/example.\n", strdigestname)
    strdata := "https://const.net.cn/"
    digestname := []byte(strdigestname)
    md := C.EVP_get_digestbyname((*C.char)(unsafe.Pointer(&digestname[0])))
    if md == nil {
        fmt.Printf("Unknown message digest %s\n", strdigestname)
        os.Exit(1)
    }
    md_value := make([]byte, 128)
    md_len := 0
    data := []byte(strdata)
    mdctx := C.EVP_MD_CTX_new()
    C.EVP_DigestInit(mdctx, md)
    C.EVP_DigestUpdate(mdctx, unsafe.Pointer(&data[0]), C.size_t(len(data)))
    C.EVP_DigestFinal_ex(mdctx, (*C.uchar)(unsafe.Pointer(&md_value[0])), (*C.uint)(unsafe.Pointer(&md_len)))
    C.EVP_MD_CTX_free(mdctx)

    fmt.Printf("message digest=%x %s message digest len=%d\n", md_value[0:md_len], strdigestname, md_len)
}

输出:

go run .
go OpenSSL cgo ssl3-sha1 demo/example.
message digest=405036731104eeb5fae59f5f600f8b4771d93ac5 ssl3-sha1 message digest len=20
echo -n "https://const.net.cn/" |openssl dgst -ssl3-sha1
(stdin)= 405036731104eeb5fae59f5f600f8b4771d93ac5
echo -n "https://const.net.cn/" |openssl dgst -sha1
(stdin)= 405036731104eeb5fae59f5f600f8b4771d93ac5

In computer science and cryptography, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function. It was designed by Vincent Rijmen (co-creator of the Advanced Encryption Standard) and Paulo S. L. M. Barreto, who first described it in 2000.

代码:

package main

/*
#cgo CFLAGS: -I ./include
#cgo LDFLAGS: -L ./lib -lcrypto -ldl
#include <stdlib.h>
#include <openssl/evp.h>
*/
import "C"

import (
    "fmt"
    "os"
    "unsafe"
)

func main() {
    strdigestname := "whirlpool"
    fmt.Printf("go OpenSSL cgo %s demo/example.\n", strdigestname)
    strdata := "https://const.net.cn/"
    digestname := []byte(strdigestname)
    md := C.EVP_get_digestbyname((*C.char)(unsafe.Pointer(&digestname[0])))
    if md == nil {
        fmt.Printf("Unknown message digest %s\n", strdigestname)
        os.Exit(1)
    }
    md_value := make([]byte, 128)
    md_len := 0
    data := []byte(strdata)
    mdctx := C.EVP_MD_CTX_new()
    C.EVP_DigestInit(mdctx, md)
    C.EVP_DigestUpdate(mdctx, unsafe.Pointer(&data[0]), C.size_t(len(data)))
    C.EVP_DigestFinal_ex(mdctx, (*C.uchar)(unsafe.Pointer(&md_value[0])), (*C.uint)(unsafe.Pointer(&md_len)))
    C.EVP_MD_CTX_free(mdctx)

    fmt.Printf("message digest=%x %s message digest len=%d\n", md_value[0:md_len], strdigestname, md_len)
}

输出:

go run .
go OpenSSL cgo whirlpool demo/example.
message digest=3b547fd3dc3ba2d24e90cb8c7f3c3a3c2350f9f040b8d18f6da0733c0e047f16017427bcccad6928a4851e8bb302707ac30bb2cdce0c995e3353ea3efbeda621 whirlpool message digest len=64
echo -n "https://const.net.cn/" |openssl dgst -whirlpool
(stdin)= 3b547fd3dc3ba2d24e90cb8c7f3c3a3c2350f9f040b8d18f6da0733c0e047f16017427bcccad6928a4851e8bb302707ac30bb2cdce0c995e3353ea3efbeda621

在使用openssl list 发现了gost

openssl list -digest-commands
blake2b512        blake2s256        gost              md4               
md5               rmd160            sha1              sha224            
sha256            sha3-224          sha3-256          sha3-384          
sha3-512          sha384            sha512            sha512-224        
sha512-256        shake128          shake256          sm3       

测试结果:

echo "" | openssl sha256
(stdin)= 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
echo "" | openssl gost
(stdin)= 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
echo "https://const.net.cn/" | openssl gost
(stdin)= d1865af543db74fbaae644002ebf838b4ff22b09fd9b8452813736dc1239964b
echo "https://const.net.cn/" | openssl sha256
(stdin)= d1865af543db74fbaae644002ebf838b4ff22b09fd9b8452813736dc1239964b

发现gost hash算法与sha256一样。。。
GOST R 34.11-2012是新的俄罗斯哈希函数标准。从2013年1月开始,GOST R 34.11-2012哈希函数已成为新的俄罗斯联邦标准哈希函数,取代了旧的GOST R 34.11-97。GOST R散列函数可以将最多2 512位的任何消息压缩为256位和512位,分别称为GOST R-256和GOST R-512。

在OpenSSL的obj_mac.h中

#define SN_id_GostR3411_2012_256                "md_gost12_256"
#define LN_id_GostR3411_2012_256                "GOST R 34.11-2012 with 256 bit hash"
#define NID_id_GostR3411_2012_256               982
#define OBJ_id_GostR3411_2012_256               OBJ_id_tc26_digest,2L

#define SN_id_GostR3411_2012_512                "md_gost12_512"
#define LN_id_GostR3411_2012_512                "GOST R 34.11-2012 with 512 bit hash"
#define NID_id_GostR3411_2012_512               983
#define OBJ_id_GostR3411_2012_512               OBJ_id_tc26_digest,3L