├── examples ├── rand.php ├── consts.php ├── sm3.php ├── sm3_hmac.php ├── sm3_pbkdf2.php ├── zuc.php ├── sm4.php ├── sm4_cbc.php ├── sm4_ctr.php ├── sm4_gcm.php ├── sm9_sign.php ├── sm9_enc.php ├── sm2.php └── cert.php ├── config.w32 ├── tests ├── rand.phpt ├── sm3.phpt ├── sm3_pbkdf2.phpt ├── sm3_hmac.phpt ├── sm4.phpt ├── zuc.phpt ├── sm4_cbc.phpt ├── sm4_ctr.phpt ├── sm4_gcm.phpt ├── consts.phpt ├── sm2.phpt ├── sm9_sign.phpt ├── sm9_enc.phpt └── cert.phpt ├── .gitignore ├── .github └── ci.yml ├── php_gmssl.h ├── LICENSE ├── config.m4 ├── README.md └── gmssl.c /examples/rand.php: -------------------------------------------------------------------------------- 1 | 5 | -------------------------------------------------------------------------------- /examples/consts.php: -------------------------------------------------------------------------------- 1 | 5 | -------------------------------------------------------------------------------- /examples/sm3.php: -------------------------------------------------------------------------------- 1 | 7 | -------------------------------------------------------------------------------- /config.w32: -------------------------------------------------------------------------------- 1 | ARG_ENABLE('gmssl', 'gmssl support', 'no'); 2 | 3 | if (PHP_GMSSL != 'no') { 4 | AC_DEFINE('HAVE_GMSSL', 1, 'gmssl support enabled'); 5 | 6 | EXTENSION('gmssl', 'gmssl.c', null, '/DZEND_ENABLE_STATIC_TSRMLS_CACHE=1'); 7 | } 8 | -------------------------------------------------------------------------------- /tests/rand.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 13 | --EXPECT-- 14 | int(32) 15 | -------------------------------------------------------------------------------- /tests/sm3.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 13 | --EXPECT-- 14 | 66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0 15 | -------------------------------------------------------------------------------- /tests/sm3_pbkdf2.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 13 | --EXPECT-- 14 | 244c631e1ae30ebf1c58d31a2988daf0 15 | -------------------------------------------------------------------------------- /tests/sm3_hmac.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 13 | --EXPECT-- 14 | 0a69401a75c5d471f5166465eec89e6a65198ae885c1fdc061556254d91c1080 15 | -------------------------------------------------------------------------------- /examples/sm3_hmac.php: -------------------------------------------------------------------------------- 1 | 14 | -------------------------------------------------------------------------------- /tests/sm4.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 17 | --EXPECT-- 18 | 0 19 | -------------------------------------------------------------------------------- /examples/sm3_pbkdf2.php: -------------------------------------------------------------------------------- 1 | 17 | -------------------------------------------------------------------------------- /tests/zuc.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 18 | --EXPECT-- 19 | 0 20 | -------------------------------------------------------------------------------- /tests/sm4_cbc.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 18 | --EXPECT-- 19 | 0 20 | -------------------------------------------------------------------------------- /tests/sm4_ctr.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 18 | --EXPECT-- 19 | 0 20 | -------------------------------------------------------------------------------- /tests/sm4_gcm.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 19 | --EXPECT-- 20 | 0 21 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.lo 2 | *.la 3 | *.swp 4 | .DS_Store 5 | .libs 6 | acinclude.m4 7 | aclocal.m4 8 | autom4te.cache 9 | build 10 | config.guess 11 | config.h 12 | config.h.in 13 | config.log 14 | config.nice 15 | config.status 16 | config.sub 17 | configure 18 | configure.ac 19 | configure.in 20 | include 21 | install-sh 22 | libtool 23 | ltmain.sh 24 | Makefile 25 | Makefile.fragments 26 | Makefile.global 27 | Makefile.objects 28 | missing 29 | mkinstalldirs 30 | modules 31 | run-tests.php 32 | tests/*/*.diff 33 | tests/*/*.out 34 | tests/*/*.php 35 | tests/*/*.exp 36 | tests/*/*.log 37 | tests/*/*.sh 38 | *.pem 39 | *.txt 40 | *.dep 41 | -------------------------------------------------------------------------------- /examples/zuc.php: -------------------------------------------------------------------------------- 1 | 19 | -------------------------------------------------------------------------------- /examples/sm4.php: -------------------------------------------------------------------------------- 1 | 15 | -------------------------------------------------------------------------------- /examples/sm4_cbc.php: -------------------------------------------------------------------------------- 1 | 19 | -------------------------------------------------------------------------------- /examples/sm4_ctr.php: -------------------------------------------------------------------------------- 1 | 19 | -------------------------------------------------------------------------------- /tests/consts.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 25 | --EXPECT-- 26 | 32 27 | 16 28 | 16 29 | 16 30 | 1 31 | 64 32 | 12 33 | 16 34 | 1234567812345678 35 | 255 36 | 255 37 | 16 38 | 16 39 | -------------------------------------------------------------------------------- /.github/ci.yml: -------------------------------------------------------------------------------- 1 | name: Build and Test 2 | on: [push, pull_request] 3 | jobs: 4 | moderate-modern: 5 | name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }} 6 | runs-on: ${{ matrix.operating-system }} 7 | strategy: 8 | matrix: 9 | operating-system: ['ubuntu-latest'] 10 | php-versions: ['7.3', '7.4', '8.0', '8.1'] 11 | steps: 12 | - name: Checkout 13 | uses: actions/checkout@v2 14 | 15 | - name: Setup PHP 16 | uses: shivammathur/setup-php@v2 17 | with: 18 | php-version: ${{ matrix.php-versions }} 19 | extensions: mbstring, intl 20 | ini-values: error_reporting=-1, display_errors=On 21 | coverage: none 22 | - name: phpize 23 | run: phpize 24 | - name: configure 25 | run: configure 26 | - name: make 27 | run: make 28 | - name: test 29 | run: make test 30 | -------------------------------------------------------------------------------- /tests/sm2.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 28 | --EXPECT-- 29 | 1 30 | 0 31 | -------------------------------------------------------------------------------- /examples/sm4_gcm.php: -------------------------------------------------------------------------------- 1 | 26 | -------------------------------------------------------------------------------- /tests/sm9_sign.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 28 | --EXPECT-- 29 | 1 30 | -------------------------------------------------------------------------------- /tests/sm9_enc.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 29 | --EXPECT-- 30 | 0 31 | -------------------------------------------------------------------------------- /tests/cert.phpt: -------------------------------------------------------------------------------- 1 | --TEST-- 2 | Check if gmssl is loaded 3 | --SKIPIF-- 4 | 9 | --FILE-- 10 | 33 | --EXPECT-- 34 | 69e2fec0170ac67b 35 | 1 36 | -------------------------------------------------------------------------------- /examples/sm9_sign.php: -------------------------------------------------------------------------------- 1 | 37 | -------------------------------------------------------------------------------- /examples/sm9_enc.php: -------------------------------------------------------------------------------- 1 | 37 | -------------------------------------------------------------------------------- /examples/sm2.php: -------------------------------------------------------------------------------- 1 | 40 | -------------------------------------------------------------------------------- /php_gmssl.h: -------------------------------------------------------------------------------- 1 | /* 2 | +----------------------------------------------------------------------+ 3 | | PHP Version 7 | 4 | +----------------------------------------------------------------------+ 5 | | Copyright (c) The PHP Group | 6 | +----------------------------------------------------------------------+ 7 | | This source file is subject to version 3.01 of the PHP license, | 8 | | that is bundled with this package in the file LICENSE, and is | 9 | | available through the world-wide-web at the following url: | 10 | | http://www.php.net/license/3_01.txt | 11 | | If you did not receive a copy of the PHP license and are unable to | 12 | | obtain it through the world-wide-web, please send a note to | 13 | | license@php.net so we can mail you a copy immediately. | 14 | +----------------------------------------------------------------------+ 15 | | Authors: Zhi Guan | 16 | +----------------------------------------------------------------------+ 17 | */ 18 | 19 | #ifndef PHP_GMSSL_H 20 | #define PHP_GMSSL_H 21 | 22 | extern zend_module_entry gmssl_module_entry; 23 | #define phpext_gmssl_ptr &gmssl_module_entry 24 | 25 | #define PHP_GMSSL_VERSION "1.1.0" 26 | 27 | #if defined(ZTS) && defined(COMPILE_DL_GMSSL) 28 | ZEND_TSRMLS_CACHE_EXTERN() 29 | #endif 30 | 31 | #endif /* PHP_GMSSL_H */ 32 | -------------------------------------------------------------------------------- /examples/cert.php: -------------------------------------------------------------------------------- 1 | $value) { 29 | print("\t$type : "); 30 | if ($type == "raw_data") { 31 | print(bin2hex($value)."\n"); 32 | } else { 33 | print($value."\n"); 34 | } 35 | } 36 | 37 | $subject = gmssl_cert_get_subject($cert); 38 | print("Subject\n"); 39 | foreach ($subject as $type=>$value) { 40 | print("\t$type : "); 41 | if ($type == "raw_data") { 42 | print(bin2hex($value)."\n"); 43 | } else { 44 | print($value."\n"); 45 | } 46 | } 47 | 48 | $validity = gmssl_cert_get_validity($cert); 49 | print("Validity\n"); 50 | foreach ($validity as $type=>$value) { 51 | print("\t$type : ".date("Y-m-d H:i:s e", $value)."\n"); 52 | } 53 | 54 | $public_key = gmssl_cert_get_subject_public_key($cert); 55 | $public_key_file = "sm2pub_from_cert.pem"; 56 | gmssl_sm2_public_key_info_to_pem($public_key, $public_key_file); 57 | print(file_get_contents($public_key_file)); 58 | print("\n"); 59 | 60 | $verify_ret = gmssl_cert_verify_by_ca_cert($cert, $cert, GMSSL_SM2_DEFAULT_ID); 61 | print("verify result : $verify_ret\n"); 62 | ?> 63 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------- 2 | The PHP License, version 3.01 3 | Copyright (c) 1999 - 2021 The PHP Group. All rights reserved. 4 | -------------------------------------------------------------------- 5 | 6 | Redistribution and use in source and binary forms, with or without 7 | modification, is permitted provided that the following conditions 8 | are met: 9 | 10 | 1. Redistributions of source code must retain the above copyright 11 | notice, this list of conditions and the following disclaimer. 12 | 13 | 2. Redistributions in binary form must reproduce the above copyright 14 | notice, this list of conditions and the following disclaimer in 15 | the documentation and/or other materials provided with the 16 | distribution. 17 | 18 | 3. The name "PHP" must not be used to endorse or promote products 19 | derived from this software without prior written permission. For 20 | written permission, please contact group@php.net. 21 | 22 | 4. Products derived from this software may not be called "PHP", nor 23 | may "PHP" appear in their name, without prior written permission 24 | from group@php.net. You may indicate that your software works in 25 | conjunction with PHP by saying "Foo for PHP" instead of calling 26 | it "PHP Foo" or "phpfoo" 27 | 28 | 5. The PHP Group may publish revised and/or new versions of the 29 | license from time to time. Each version will be given a 30 | distinguishing version number. 31 | Once covered code has been published under a particular version 32 | of the license, you may always continue to use it under the terms 33 | of that version. You may also choose to use such covered code 34 | under the terms of any subsequent version of the license 35 | published by the PHP Group. No one other than the PHP Group has 36 | the right to modify the terms applicable to covered code created 37 | under this License. 38 | 39 | 6. Redistributions of any form whatsoever must retain the following 40 | acknowledgment: 41 | "This product includes PHP software, freely available from 42 | ". 43 | 44 | THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND 45 | ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 46 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 47 | PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP 48 | DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 49 | INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 50 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 51 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 53 | STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 54 | ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 55 | OF THE POSSIBILITY OF SUCH DAMAGE. 56 | 57 | -------------------------------------------------------------------- 58 | 59 | This software consists of voluntary contributions made by many 60 | individuals on behalf of the PHP Group. 61 | 62 | The PHP Group can be contacted via Email at group@php.net. 63 | 64 | For more information on the PHP Group and the PHP project, 65 | please see . 66 | 67 | PHP includes the Zend Engine, freely available at 68 | . 69 | -------------------------------------------------------------------------------- /config.m4: -------------------------------------------------------------------------------- 1 | dnl config.m4 for extension gmssl 2 | 3 | dnl Comments in this file start with the string 'dnl'. 4 | dnl Remove where necessary. 5 | 6 | dnl If your extension references something external, use 'with': 7 | 8 | dnl PHP_ARG_WITH([gmssl], 9 | dnl [for gmssl support], 10 | dnl [AS_HELP_STRING([--with-gmssl], 11 | dnl [Include gmssl support])]) 12 | 13 | dnl Otherwise use 'enable': 14 | 15 | PHP_ARG_ENABLE([gmssl], 16 | [whether to enable gmssl support], 17 | [AS_HELP_STRING([--enable-gmssl], 18 | [Enable gmssl support])], 19 | [no]) 20 | 21 | if test "$PHP_GMSSL" != "no"; then 22 | dnl Write more examples of tests here... 23 | 24 | dnl Remove this code block if the library does not support pkg-config. 25 | dnl PKG_CHECK_MODULES([LIBFOO], [foo]) 26 | dnl PHP_EVAL_INCLINE($LIBFOO_CFLAGS) 27 | dnl PHP_EVAL_LIBLINE($LIBFOO_LIBS, GMSSL_SHARED_LIBADD) 28 | 29 | dnl If you need to check for a particular library version using PKG_CHECK_MODULES, 30 | dnl you can use comparison operators. For example: 31 | dnl PKG_CHECK_MODULES([LIBFOO], [foo >= 1.2.3]) 32 | dnl PKG_CHECK_MODULES([LIBFOO], [foo < 3.4]) 33 | dnl PKG_CHECK_MODULES([LIBFOO], [foo = 1.2.3]) 34 | 35 | dnl Remove this code block if the library supports pkg-config. 36 | dnl --with-gmssl -> check with-path 37 | dnl SEARCH_PATH="/usr/local /usr" # you might want to change this 38 | dnl SEARCH_FOR="/include/gmssl.h" # you most likely want to change this 39 | dnl if test -r $PHP_GMSSL/$SEARCH_FOR; then # path given as parameter 40 | dnl GMSSL_DIR=$PHP_GMSSL 41 | dnl else # search default path list 42 | dnl AC_MSG_CHECKING([for gmssl files in default path]) 43 | dnl for i in $SEARCH_PATH ; do 44 | dnl if test -r $i/$SEARCH_FOR; then 45 | dnl GMSSL_DIR=$i 46 | dnl AC_MSG_RESULT(found in $i) 47 | dnl fi 48 | dnl done 49 | dnl fi 50 | dnl 51 | dnl if test -z "$GMSSL_DIR"; then 52 | dnl AC_MSG_RESULT([not found]) 53 | dnl AC_MSG_ERROR([Please reinstall the gmssl distribution]) 54 | dnl fi 55 | 56 | dnl Remove this code block if the library supports pkg-config. 57 | dnl --with-gmssl -> add include path 58 | dnl PHP_ADD_INCLUDE($GMSSL_DIR/include) 59 | 60 | dnl Remove this code block if the library supports pkg-config. 61 | dnl --with-gmssl -> check for lib and symbol presence 62 | dnl LIBNAME=GMSSL # you may want to change this 63 | dnl LIBSYMBOL=GMSSL # you most likely want to change this 64 | 65 | dnl If you need to check for a particular library function (e.g. a conditional 66 | dnl or version-dependent feature) and you are using pkg-config: 67 | dnl PHP_CHECK_LIBRARY($LIBNAME, $LIBSYMBOL, 68 | dnl [ 69 | dnl AC_DEFINE(HAVE_GMSSL_FEATURE, 1, [ ]) 70 | dnl ],[ 71 | dnl AC_MSG_ERROR([FEATURE not supported by your gmssl library.]) 72 | dnl ], [ 73 | dnl $LIBFOO_LIBS 74 | dnl ]) 75 | 76 | dnl If you need to check for a particular library function (e.g. a conditional 77 | dnl or version-dependent feature) and you are not using pkg-config: 78 | PHP_CHECK_LIBRARY(gmssl, gmssl_version_str, 79 | [ 80 | PHP_ADD_LIBRARY_WITH_PATH(gmssl, , GMSSL_SHARED_LIBADD) 81 | AC_DEFINE(HAVE_GMSSL_FEATURE, 1, [ ]) 82 | ],[ 83 | AC_MSG_ERROR([FEATURE not supported by your gmssl library.]) 84 | ],[ 85 | -L$GMSSL_DIR/$PHP_LIBDIR -lm 86 | ]) 87 | 88 | PHP_SUBST(GMSSL_SHARED_LIBADD) 89 | 90 | dnl In case of no dependencies 91 | AC_DEFINE(HAVE_GMSSL, 1, [ Have gmssl support ]) 92 | 93 | PHP_NEW_EXTENSION(gmssl, gmssl.c, $ext_shared) 94 | fi 95 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GmSSL-PHP 2 | 3 | ## Introduction 4 | 5 | The PHP GmSSL extension is the binding to the GmSSL C library, which provides functions of Chinese SM2, SM3, SM4, SM9, ZUC crypto algorithms. 6 | 7 | ## Download 8 | 9 | * GitHub repo of this project https://github.com/GmSSL/GmSSL-PHP 10 | * Latest source code [GmSSL-PHP-main.zip](https://github.com/GmSSL/GmSSL-PHP/archive/refs/heads/main.zip) 11 | 12 | ## Installation 13 | 14 | To compile and install the GmSSL PHP extension, you need to install the GmSSL library (version >= 3.1.0). See the GmSSL INSTALL.md for more details. 15 | 16 | ```bash 17 | $ cd GmSSL-PHP-master 18 | $ phpize 19 | $ ./configure 20 | $ make 21 | $ sudo make install 22 | ``` 23 | 24 | The GmSSL PHP extension need to be enabled in the `php.ini`. 25 | 26 | ``` 27 | $ sudo vim `php-config --ini-path`/php.ini 28 | ``` 29 | 30 | Search "Dynamic Extensions" and dd a new line `extension=gmssl` at the end of this section. 31 | 32 | You can print the constant value `GMSSL_PHP_VERSION` to see if the GmSSL extension is correctly installed. 33 | 34 | ```php 35 | 38 | ``` 39 | 40 | ```bash 41 | php gmssl.php 42 | ``` 43 | 44 | ## Quick Start 45 | 46 | You can start GmSSL extension with the following simple examples of SM3, SM4 and SM2 crypto algorithms. 47 | 48 | ### SM3 Examples 49 | 50 | SM3 is a cryptographic hash function with 256-bit output hash value. 51 | Compute the SM3 digest of the string "abc". 52 | 53 | ```php 54 | 58 | ``` 59 | 60 | ### SM4 Examples 61 | 62 | SM4 is a block cipher with 128-bit key length and 128-bit block size. 63 | Use SM4 to encrypt a block of message (16 bytes). 64 | 65 | ```php 66 | 75 | ``` 76 | 77 | The `gmssl_sm4_encrypt` and `gmssl_sm4_decrypt` functions export low-level API of SM4 block cipher. 78 | For the encryption of typical message, You can use SM4 with some encryption modes, such as CBC, CTR and GCM mode. 79 | The GCM mode is the recommended mode for non-expert users. 80 | 81 | ```php 82 | 94 | ``` 95 | 96 | ### SM2 Examples 97 | 98 | SM2 is the ellptic curve cryptogrphy standard of China. The standard includes the SM2 signature algorithm, the SM2 public key encryption algorithm and the recommended 256-bit SM2 domain parameters. 99 | Here is the example of SM2 key generation, signature generation/verification, and the SM2 public key encryption/decryption. 100 | 101 | ```php 102 | 116 | ``` 117 | 118 | 119 | ## GmSSL PHP API 120 | 121 | ### Predefined Constants 122 | 123 | * **GMSSL_PHP_VERSION**(string) 124 | * **GMSSL_LIBRARAY_VERSION** (string) 125 | * **GMSSL_SM3_DIGEST_SIZE** (int) 126 | * **GMSSL_SM3_HMAC_SIZE** (int) 127 | * **GMSSL_SM3_HMAC_MIN_KEY_SIZE** (int) 128 | * **GMSSL_SM4_KEY_SIZE** (int) 129 | * **GMSSL_SM4_BLOCK_SIZE** (int) 130 | * **GMSSL_SM4_CBC_IV_SIZE** (int) 131 | * **GMSSL_SM4_CTR_IV_SIZE** (int) 132 | * **GMSSL_SM4_GCM_MIN_IV_SIZE** (int) 133 | * **GMSSL_SM4_GCM_MAX_IV_SIZE** (int) 134 | * **GMSSL_SM4_GCM_DEFAULT_IV_SIZE** (int) 135 | * **GMSSL_SM4_GCM_MAX_TAG_SIZE** (int) 136 | * **GMSSL_SM2_DEFAULT_ID** (string) 137 | * **GMSSL_SM2_MAX_PLAINTEXT_SIZE** (int) 138 | * **GMSSL_SM9_MAX_PLAINTEXT_SIZE** (int) 139 | * **GMSSL_ZUC_KEY_SIZE** (int) 140 | * **GMSSL_ZUC_IV_SIZE** (int) 141 | 142 | ### Functions 143 | 144 | * [gmssl_rand_bytes](#gmssl_rand_bytes) - Generate cryptographic secure random bytes 145 | * [gmssl_sm3](#gmssl_sm3) - Calculate the SM3 digest of a message 146 | * [gmssl_sm3_hmac](#gmssl_sm3_hmac) - Calculate the HMAC-SM3 MAC tag of a message 147 | * [gmssl_sm3_pbkdf2](#gmssl_sm3_pbkdf2) - Extract key material from a password by using KBKDF2-HMAC-SM3 148 | * [gmssl_sm4_encrypt](#gmssl_sm4_encrypt) - Encrypt a block of message using SM4 cipher. 149 | * [gmssl_sm4_decrypt](#gmssl_sm4_decrypt) - Decrypt a block of ciphertext using SM4 cipher. 150 | * [gmssl_sm4_cbc_encrypt](#gmssl_sm4_cbc_encrypt) - Encrypt message using SM4-CBC mode (with padding) 151 | * [gmssl_sm4_cbc_decrypt](#gmssl_sm4_cbc_decrypt) - Decrypt SM4-CBC (with padding) ciphertext 152 | * [gmssl_sm4_ctr_encrypt](#gmssl_sm4_ctr_encrypt) - Encrypt/decrypt message with SM4-CTR mode 153 | * [gmssl_sm4_gcm_encrypt](#gmssl_sm4_gcm_encrypt) - Encrypt message using SM4-GCM mode 154 | * [gmssl_sm4_gcm_decrypt](#gmssl_sm4_gcm_decrypt) - Decrypt SM4-GCM ciphertext 155 | * [gmssl_zuc_encrypt](#gmssl_zuc_encrypt) - Encrypt/decrypt message using ZUC stream cipher 156 | * [gmssl_sm2_key_generate](#gmssl_sm2_key_generate) - Generate SM2 Keypair 157 | * [gmssl_sm2_compute_z](#gmssl_sm2_compute_z) - Compute SM2 Z value from public key and ID. 158 | * [gmssl_sm2_private_key_info_encrypt_to_pem](#gmssl_sm2_private_key_info_encrypt_to_pem) - Export SM2 private key to password encrypted PEM file 159 | * [gmssl_sm2_private_key_info_decrypt_from_pem](#gmssl_sm2_private_key_info_decrypt_from_pem) - Import SM2 private key from password encrypted PEM file 160 | * [gmssl_sm2_public_key_info_to_pem](#gmssl_sm2_public_key_info_to_pem) - Export SM2 public key to PEM file 161 | * [gmssl_sm2_public_key_info_from_pem](#gmssl_sm2_public_key_info_from_pem) - Import SM2 public key from PEM file 162 | * [gmssl_sm2_sign](#gmssl_sm2_sign) - Sign message (not digest) and generate SM2 signature 163 | * [gmssl_sm2_verify](#gmssl_sm2_verify) - Verify SM2 signature 164 | * [gmssl_sm2_encrypt](#gmssl_sm2_encrypt) - Encrypt short secret message with SM2 public key 165 | * [gmssl_sm2_decrypt](#gmssl_sm2_decrypt) - Decrypt SM2 ciphertext with SM2 private key 166 | * [gmssl_sm9_sign_master_key_generate](#gmssl_sm9_sign_master_key_generate) - Generate SM9 signing master key 167 | * [gmssl_sm9_sign_master_key_extract_key](#gmssl_sm9_sign_master_key_extract_key) - Extract the signing private key from SM9 master key with signer's ID 168 | * [gmssl_sm9_sign_master_key_info_encrypt_to_pem](#gmssl_sm9_sign_master_key_info_encrypt_to_pem) - Export SM9 signing master key to encrypted PEM file 169 | * [gmssl_sm9_sign_master_key_info_decrypt_from_pem](#gmssl_sm9_sign_master_key_info_decrypt_from_pem) - Import SM9 signing master key from encrypted PEM file 170 | * [gmssl_sm9_sign_master_public_key_to_pem](#gmssl_sm9_sign_master_public_key_to_pem) - Export SM9 signing master public key to file 171 | * [gmssl_sm9_sign_master_public_key_from_pem](#gmssl_sm9_sign_master_public_key_from_pem) - Import SM9 signing master public key from file 172 | * [gmssl_sm9_sign_key_info_encrypt_to_pem](#gmssl_sm9_sign_key_info_encrypt_to_pem) - Export user's SM9 signing key to encrypted PEM file 173 | * [gmssl_sm9_sign_key_info_decrypt_from_pem](#gmssl_sm9_sign_key_info_decrypt_from_pem) - Import user's SM9 signing key from encrypted PEM file 174 | * [gmssl_sm9_sign](#gmssl_sm9_sign) - Sign message with user's SM9 signing key 175 | * [gmssl_sm9_verify](#gmssl_sm9_verify) - Verify SM9 signature of message with signer's ID 176 | * [gmssl_sm9_enc_master_key_generate](#gmssl_sm9_enc_master_key_generate) - Generate SM9 encryption master key 177 | * [gmssl_sm9_enc_master_key_extract_key](#gmssl_sm9_enc_master_key_extract_key) - Extract the encryption private key from SM9 master key with user's ID 178 | * [gmssl_sm9_enc_master_key_info_encrypt_to_pem](#gmssl_sm9_enc_master_key_info_encrypt_to_pem) - Export SM9 encryption master key to encrypted PEM file 179 | * [gmssl_sm9_enc_master_key_info_decrypt_from_pem](#gmssl_sm9_enc_master_key_info_decrypt_from_pem) - Import SM9 encryption master key from encrypted PEM file 180 | * [gmssl_sm9_enc_master_public_key_to_pem](#gmssl_sm9_enc_master_public_key_to_pem) - Export SM9 encryption master public key to file 181 | * [gmssl_sm9_enc_master_public_key_from_pem](#gmssl_sm9_enc_master_public_key_from_pem) - Import SM9 encryption master public key from file 182 | * [gmssl_sm9_enc_key_info_encrypt_to_pem](#gmssl_sm9_enc_key_info_encrypt_to_pem) - Export user's SM9 encryption key to encrypted PEM file 183 | * [gmssl_sm9_enc_key_info_decrypt_from_pem](#gmssl_sm9_enc_key_info_decrypt_from_pem) - Import user's SM9 encryption key from encrypted PEM file 184 | * [gmssl_sm9_encrypt](#gmssl_sm9_encrypt) - Encrypt short message with recipient's ID 185 | * [gmssl_sm9_decrypt](#gmssl_sm9_decrypt) - Decrypt SM9 ciphertext with user's SM9 private key 186 | * [gmssl_cert_from_pem](#gmssl_cert_from_pem) - Import X.509 certificate from PEM file 187 | * [gmssl_cert_print](#gmssl_cert_print) - Print details of a X.509 certificate 188 | * [gmssl_cert_get_serial_number](#gmssl_cert_get_serial_number) - Get the SerialNumber field of a certificate. 189 | * [gmssl_cert_get_issuer](#gmssl_cert_get_issuer) - Get the Issuer field of a certificate 190 | * [gmssl_cert_get_validity](#gmssl_cert_get_validity) - Get the Validity field of a certificate 191 | * [gmssl_cert_get_subject](#gmssl_cert_get_subject) - Get the Subject field of a certificate 192 | * [gmssl_cert_get_subject_public_key](#gmssl_cert_get_subject_public_key) - Get the subject public key of a SM2 certificate. 193 | * [gmssl_cert_verify_by_ca_cert](#gmssl_cert_verify_by_ca_cert) - Verify a SM2 certificate by a CA certificate. 194 | 195 | 196 | ### **gmssl_rand_bytes** 197 | 198 | Generate cryptographic secure random bytes. 199 | 200 | ```php 201 | gmssl_rand_bytes(int $length): string 202 | ``` 203 | 204 | * Parameters 205 | * length - Number of bytes of the required random string. Must be a positive integer and should not be too long (such as over 1 MB). 206 | * Return Values - Return a string of generated random binary raw data. 207 | * Errors/Exceptions - Throws an Exception on failure. 208 | 209 | ### **gmssl_sm3** 210 | 211 | Calculate the SM3 digest of a message. 212 | 213 | ```php 214 | gmssl_sm3(string $message): string 215 | ``` 216 | 217 | * Parameters 218 | * message - String of the to be digested message. 219 | * Return Values - Return a string of the bytes. The length of string should be GMSSL_SM3_DIGEST_SIZE. 220 | 221 | ### **gmssl_sm3_hmac** 222 | 223 | Calculate the HMAC-SM3 MAC tag of a messag. 224 | 225 | ```php 226 | gmssl_sm3_hmac( 227 | string $key, 228 | string $message 229 | ): string 230 | ``` 231 | 232 | * Parameters 233 | * key - a string of the binary raw key. The length should be at least GMSSL_SM3_HMAC_MIN_KEY_SIZE. 234 | * message - the message to be signed. 235 | * Return Values - return a string of the MAC tag raw data. The length of string should be GMSSL_SM3_HMAC_SIZE. 236 | * Errors/Exceptions - throws an Exception on failure. 237 | 238 | ### **gmssl_sm3_pbkdf2** 239 | 240 | Extract key material from a password by using KBKDF2-HMAC-SM3 241 | 242 | ```php 243 | gmssl_sm3_pbkdf2( 244 | string $password, 245 | string $salt, 246 | int $iter, 247 | string $outlen 248 | ): string 249 | ``` 250 | 251 | * Parameters 252 | * password - Password from which the extracted key is generated. 253 | * salt - Unexpected salt of at least 8 bytes long for binary string, or longer for text string. 254 | * iter - The number of iterations to slow down brute force attacks. The numbers over 8000 are recommended. 255 | * outlen - Length of the output key. 256 | * Return Values - Returns raw binary string or NULL on failure. 257 | * Errors/Exceptions - throws an Exception on failure. 258 | 259 | ### **gmssl_sm4_encrypt** 260 | 261 | Encrypt a block of message (16-bytes) using SM4 block cipher. 262 | 263 | ```php 264 | gmssl_sm4_encrypt( 265 | string $key, 266 | string $data_block 267 | ): string 268 | ``` 269 | 270 | * Parameters 271 | * key - The encryption key string. The length should be GMSSL_SM4_KEY_SIZE (16). 272 | * data_block - To be encrypted message block. The length should be GMSSL_SM4_BLOCK_SIZE (16). 273 | * Return Values - The encrypted ciphertext block with length GMSSL_SM4_BLOCK_SIZE (16). 274 | * Errors/Exceptions - Throw exceptions on invalid **key** length or **data_block** length. 275 | 276 | ### **gmssl_sm4_decrypt** 277 | 278 | Decrypt a block of message (16-bytes) using SM4 block cipher. 279 | 280 | ```php 281 | gmssl_sm4_decrypt( 282 | string $key, 283 | string $cipher_block 284 | ): string 285 | ``` 286 | 287 | * Parameters 288 | * key - The decryption key string. The length should be GMSSL_SM4_KEY_SIZE (16). 289 | * cipher_block - To be decrypted ciphertext block. The length should be GMSSL_SM4_BLOCK_SIZE (16). 290 | * Return Values - The encrypted ciphertext block with length GMSSL_SM4_BLOCK_SIZE (16). 291 | * Errors/Exceptions - Throw exceptions on invalid **key** length or **cipher_block** length. 292 | 293 | ### **gmssl_sm4_cbc_encrypt** 294 | 295 | Encrypt message using SM4-CBC mode (with padding) 296 | 297 | ```php 298 | gmssl_sm4_cbc_encrypt( 299 | string $key, 300 | string $iv, 301 | string $data 302 | ): string 303 | ``` 304 | 305 | * Parameters 306 | * key - The encryption key. The length should be GMSSL_SM4_KEY_SIZE (16). 307 | * iv - Unpredictable random Initial Vector (IV), length should be GMSSL_SM4_BLOCK_SIZE (16). 308 | * data - To be encrypted plaintext string of any length. 309 | * Return Values - Raw binary ciphertext, length always be multiple of GMSSL_SM4_BLOCK_SIZE. 310 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 311 | 312 | ### gmssl_sm4_cbc_decrypt 313 | 314 | Decrypt SM4-CBC (with padding) ciphertext 315 | 316 | ```php 317 | gmssl_sm4_cbc_decrypt( 318 | string $key, 319 | string $iv, 320 | string $ciphertext 321 | ): string 322 | ``` 323 | 324 | * Parameters 325 | * key - The decryption key. The length should be GMSSL_SM4_KEY_SIZE (16). 326 | * iv - Initial Vector (IV), length should be GMSSL_SM4_BLOCK_SIZE (16). 327 | * data - To be decrypted plaintext, length should be multiple of GMSSL_SM4_BLOCK_SIZE. 328 | * Return Values - Decrypted plaintext. 329 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 330 | 331 | ### gmssl_sm4_ctr_encrypt 332 | 333 | Encrypt/decrypt message with SM4-CTR mode. 334 | The encryption and decryption is the same in CTR mode. So there is no **gmssl_sm4_ctr_decrypt**. 335 | 336 | ```php 337 | gmssl_sm4_ctr_encrypt( 338 | string $key, 339 | string $iv, 340 | string $data 341 | ): string 342 | ``` 343 | 344 | * Parameters 345 | * key - The encryption key. The length should be GMSSL_SM4_KEY_SIZE (16). 346 | * iv - Unpredictable random Initial Vector (IV), length should be GMSSL_SM4_BLOCK_SIZE (16). 347 | * data - The plaintext or ciphertext of any length. 348 | * Return Values - Encrypt/decrypt result. 349 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 350 | 351 | ### **gmssl_sm4_gcm_encrypt** 352 | 353 | Encrypt message using SM4-GCM mode 354 | 355 | ```php 356 | gmssl_sm4_gcm_encrypt( 357 | string $key, 358 | string $iv, 359 | string $aad, 360 | int $taglen, 361 | string $data 362 | ): string 363 | ``` 364 | 365 | * Parameters 366 | * key - The encryption key. The length should be GMSSL_SM4_KEY_SIZE (16). 367 | * iv - Initial Vector (IV), length should be between GMSSL_SM4_GCM_MIN_IV_SIZE and GMSSL_SM4_GCM_MAX_IV_SIZE. Use GMSSL_SM4_GCM_DEFAULT_IV_SIZE is recommened. 368 | * aad - AAD (Associated Authenticated Data) is the authenticated-only message (not encrypted). 369 | * taglen - Length of generated MAC tag. 370 | * data - To be encrypted plaintext of any length. 371 | * Return Values - The output GCM ciphertext. 372 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 373 | 374 | 375 | ### **gmssl_sm4_gcm_decrypt** 376 | 377 | Decrypt SM4-GCM ciphertext 378 | 379 | ```php 380 | gmssl_sm4_gcm_decrypt( 381 | string $key, 382 | string $iv, 383 | string $aad, 384 | int $taglen, 385 | string $ciphertext 386 | ): string 387 | ``` 388 | 389 | * Parameters 390 | * key - The decryption key. The length should be GMSSL_SM4_KEY_SIZE (16). 391 | * iv - Initial Vector (IV), use the same value in gmssl_sm4_gcm_encrypt 392 | * aad - AAD (Associated Authenticated Data) is the authenticated-only message (not encrypted). 393 | * taglen - Length of the MAC tag at the last of ciphertext. 394 | * data - To be encrypted plaintext of any length. 395 | * Return Values - The output GCM ciphertext. 396 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 397 | 398 | 399 | ### **gmssl_zuc_encrypt** 400 | 401 | Encrypt/decrypt message using ZUC stream cipher 402 | 403 | ```php 404 | gmssl_zuc_encrypt( 405 | string $key, 406 | string $iv, 407 | string $data 408 | ): string 409 | ``` 410 | 411 | * Parameters 412 | * key - The encryption key. The length should be GMSSL_ZUC_KEY_SIZE (16). 413 | * iv - Unpredictable random Initial Vector (IV), length should be GMSSL_ZUC_IV_SIZE (16). 414 | * data - The plaintext or ciphertext of any length. 415 | * Return Values - Encrypt/decrypt result. 416 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 417 | 418 | 419 | ### **gmssl_sm2_key_generate** 420 | 421 | Generate SM2 Keypair 422 | 423 | ```php 424 | gmssl_sm2_key_generate(): string 425 | ``` 426 | 427 | * Parameters - None 428 | * Return Values - SM2 private key (the same as SM2 key pair). The return string is 96 bytes. The first 64 bytes are the RAW public key. The last 32 bytes are the raw private key. 429 | * Errors/Exceptions - Throw exceptions on GmSSL library inner errors. 430 | 431 | ### **gmssl_sm2_compute_z** 432 | 433 | Compute SM2 Z value from SM2 public key and user's identity. 434 | 435 | ```php 436 | gmssl_sm2_compute_z( 437 | string $public_key, 438 | string $id 439 | ): string 440 | ``` 441 | 442 | * Parameters 443 | * public_key - SM2 public key. Typically SM2 public key is imported by calling `gmssl_sm2_public_key_info_from_pem`. But SM2 private key is also acceptable for this function. 444 | * id - User's identity string. If no explicit identity scheme is specified, the default value GMSSL_SM2_DEFAULT_ID should be used. 445 | * Return Values - The output Z value, a string of 32-byte raw data. 446 | * Errors/Exceptions - Throw exceptions on invalid input or GmSSL library inner errors. 447 | 448 | ### **gmssl_sm2_private_key_info_encrypt_to_pem** 449 | 450 | Export SM2 private key to password encrypted PEM file 451 | 452 | ```php 453 | gmssl_sm2_private_key_info_encrypt_to_pem( 454 | string $keypair, 455 | string $file, 456 | string $passphrase 457 | ): bool 458 | ``` 459 | 460 | * Parameters 461 | * keypair - SM2 private key, should be 96-byte string generated from `gmssl_sm2_key_generate`. 462 | * file - The output PEM file path. 463 | * passphrase - The passphrase/password to encrypt the private key. 464 | * Return Values: **true** on success or **false** on failure. 465 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 466 | 467 | ### **gmssl_sm2_private_key_info_decrypt_from_pem** 468 | 469 | Import SM2 private key from password encrypted PEM file 470 | 471 | ```php 472 | gmssl_sm2_private_key_info_decrypt_from_pem( 473 | string $file, 474 | string $passphrase 475 | ): string 476 | ``` 477 | 478 | * Parameters 479 | * file - The password encrypted SM2 private key PEM file. 480 | * passphrase - The passphrase/password to decrypt the private key. 481 | * Return Values: SM2 private key, inner format is same as the output of `gmssl_sm2_key_generate`. 482 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 483 | 484 | ### **gmssl_sm2_public_key_info_to_pem** 485 | 486 | Export SM2 public key to PEM file. 487 | 488 | ```php 489 | gmssl_sm2_public_key_info_to_pem( 490 | string $public_key, 491 | string $file, 492 | ): bool 493 | ``` 494 | 495 | * Parameters 496 | * public_key - The SM2 public key to be exported. SM2 private key as input is also accepted and only the public key will be exported. 497 | * file - The output PEM file path. 498 | * Return Values: **true** on success or **false** on failure. 499 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 500 | 501 | ### **gmssl_sm2_public_key_info_from_pem** 502 | 503 | Import SM2 public key from PEM file. 504 | 505 | ```php 506 | gmssl_sm2_public_key_info_from_pem( 507 | string $file, 508 | ): string 509 | ``` 510 | 511 | * Parameters 512 | * file - The public key PEM file. 513 | * Return Values: SM2 public key, a 96-byte string with the last 32-byte private key all zeros. 514 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 515 | 516 | ### **gmssl_sm2_sign** 517 | 518 | Sign message (not digest) and generate SM2 signature 519 | 520 | ```php 521 | gmssl_sm2_sign( 522 | string $keypair, 523 | string $id, 524 | string $message 525 | ): string 526 | ``` 527 | 528 | * Parameters 529 | * keypair - Signer's SM2 private key, typically from `gmssl_sm2_key_generate`. 530 | * id - Signer's identity string. If no explicit identity scheme is specified, the default value GMSSL_SM2_DEFAULT_ID should be used. 531 | * messsage - To be signed message of any length. 532 | * Return Values - The generated SM2 signature in DER encoding, the raw data bytes start with a `0x30` and the typical signature length is 70, 71 or 72 bytes. 533 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 534 | 535 | ### **gmssl_sm2_verify** 536 | 537 | `gmssl_sm2_verify` - Verify SM2 signature 538 | 539 | ```php 540 | gmssl_sm2_verify( 541 | string $public_key, 542 | string $id, 543 | string $message, 544 | string $signature 545 | ): bool 546 | ``` 547 | 548 | * Parameters 549 | * public_key - Signer's SM2 public key, typically from `gmssl_sm2_public_key_info_from_pem` or `gmssl_cert_get_subject_public_key`. 550 | * id - Signer's identity string. If no explicit identity scheme is specified, the default value GMSSL_SM2_DEFAULT_ID should be used. 551 | * messsage - The signed message. 552 | * signature - The SM2 signature in DER-encoding. 553 | * Return Values - **ture** or **false**. 554 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 555 | 556 | 557 | ### **gmssl_sm2_encrypt** 558 | 559 | Encrypt short secret message with SM2 public key. 560 | 561 | ```php 562 | gmssl_sm2_encrypt( 563 | string $public_key, 564 | string $data 565 | ): string 566 | ``` 567 | 568 | * Parameters 569 | * public_key - Receiver's SM2 public key, typically from `gmssl_sm2_public_key_info_from_pem` or `gmssl_cert_get_subject_public_key`. 570 | * data - To be encrypted plaintext. SM2 encryption should be used to protect key materials. The length should not longer than GMSSL_SM2_MAX_PLAINTEXT_SIZE. 571 | * Return Values - Ciphertext. 572 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 573 | 574 | 575 | ### **gmssl_sm2_decrypt** 576 | 577 | Decrypt SM2 ciphertext with SM2 private key 578 | 579 | ```php 580 | gmssl_sm2_decrypt( 581 | string $keypair, 582 | string $ciphertext 583 | ): string 584 | ``` 585 | 586 | * Parameters 587 | * keypair - Receiver's SM2 private key 588 | * data - Ciphertext. 589 | * Return Values - Plaintext. 590 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 591 | 592 | 593 | ### **gmssl_sm9_sign_master_key_generate** 594 | 595 | Generate SM9 signing master key 596 | 597 | ```php 598 | gmssl_sm9_sign_master_key_generate(): string 599 | ``` 600 | 601 | * Parameters - None 602 | * Return Values - SM9 signing master key. 603 | * Errors/Exceptions - Throw exceptions on GmSSL library inner errors. 604 | 605 | ### **gmssl_sm9_sign_master_key_extract_key** 606 | 607 | Extract the signing private key from SM9 master key with signer's ID 608 | 609 | ```php 610 | gmssl_sm9_sign_master_key_extract_key( 611 | string $master_key, 612 | string $id 613 | ): string 614 | ``` 615 | 616 | * Parameters 617 | * master_key - SM9 signing master key. 618 | * id - User's identity 619 | * Return Values - User's sm9 signing private key extracted from the master key correponding to the given **id** 620 | * Errors/Exceptions - Throw exceptions on invalid parameters or GmSSL library inner errors. 621 | 622 | ### **gmssl_sm9_sign_master_key_info_encrypt_to_pem** 623 | 624 | Export SM9 signing master key to encrypted PEM file 625 | 626 | ```php 627 | gmssl_sm9_sign_master_key_info_encrypt_to_pem( 628 | string $master_key, 629 | string $file, 630 | string $passphrase 631 | ): bool 632 | ``` 633 | 634 | * Parameters 635 | * master_key - SM9 signing master key 636 | * file - The output PEM file path. 637 | * passphrase - The passphrase/password to encrypt the private key. 638 | * Return Values: **true** on success or **false** on failure. 639 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 640 | 641 | 642 | ### **gmssl_sm9_sign_master_key_info_decrypt_from_pem** 643 | 644 | Import SM9 signing master key from encrypted PEM file 645 | 646 | ```php 647 | gmssl_sm9_sign_master_key_info_decrypt_from_pem( 648 | string $file, 649 | string $passphrase 650 | ): string 651 | ``` 652 | 653 | * Parameters 654 | * file - The input password encrypted SM9 signing master key PEM file path. 655 | * passphrase - The passphrase/password to decrypt the PEM file. 656 | * Return Values: SM9 signing master key 657 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 658 | 659 | 660 | ### **gmssl_sm9_sign_master_public_key_to_pem** 661 | 662 | Export SM9 signing master public key to file 663 | 664 | ```php 665 | gmssl_sm9_sign_master_public_key_to_pem( 666 | string $master_key, 667 | string $file, 668 | ): bool 669 | ``` 670 | 671 | * Parameters 672 | * master_key - SM9 signing master key or master public key 673 | * file - The output SM9 signing master public key PEM file path. 674 | * Return Values: **true** on success or **false** on failure. 675 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 676 | 677 | ### **gmssl_sm9_sign_master_public_key_from_pem** 678 | 679 | Import SM9 signing master public key from file 680 | 681 | ```php 682 | gmssl_sm9_sign_master_public_key_from_pem( 683 | string $file 684 | ): string 685 | ``` 686 | 687 | * Parameters 688 | * file - The SM9 signing master public key PEM file. 689 | * Return Values: SM9 signing master public key. 690 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 691 | 692 | ### **gmssl_sm9_sign_key_info_encrypt_to_pem** 693 | 694 | Export user's SM9 signing key to encrypted PEM file 695 | 696 | ```php 697 | gmssl_sm9_sign_key_info_encrypt_to_pem( 698 | string $sign_key, 699 | string $file, 700 | string $passphrase 701 | ): bool 702 | ``` 703 | 704 | * Parameters 705 | * sign_key - SM9 signing private key 706 | * file - The output PEM file path. 707 | * passphrase - The passphrase/password to encrypt the private key. 708 | * Return Values: **true** on success or **false** on failure. 709 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 710 | 711 | 712 | ### **gmssl_sm9_sign_key_info_decrypt_from_pem** 713 | 714 | Import user's SM9 signing key from encrypted PEM file 715 | 716 | ```php 717 | gmssl_sm9_sign_key_info_decrypt_from_pem( 718 | string $file, 719 | string $passphrase 720 | ): string 721 | ``` 722 | 723 | * Parameters 724 | * file - The input password encrypted SM9 signing private key PEM file path. 725 | * passphrase - The passphrase/password to decrypt the PEM file. 726 | * Return Values: SM9 signing private key 727 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 728 | 729 | ### **gmssl_sm9_sign** 730 | 731 | Sign message with user's SM9 signing key 732 | 733 | ```php 734 | gmssl_sm9_sign( 735 | string $sign_key, 736 | string $message 737 | ): string 738 | ``` 739 | 740 | * Parameters 741 | * sign_key - Signer's SM9 private key. 742 | * messsage - To be signed message of any length. 743 | * Return Values - The generated SM9 signature in DER encoding, the raw data bytes start with a `0x30` byte. 744 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 745 | 746 | ### **gmssl_sm9_verify** 747 | 748 | 749 | Verify SM9 signature of message with signer's ID 750 | 751 | ```php 752 | gmssl_sm9_verify( 753 | string $master_public_key, 754 | string $id, 755 | string $message, 756 | string $signature 757 | ): bool 758 | ``` 759 | 760 | * Parameters 761 | * master_public_key - SM9 signing master public key. 762 | * id - Signer's identity string. 763 | * messsage - Signed message of any length. 764 | * signature - SM9 signature. 765 | * Return Values - **ture** or **false**. 766 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 767 | 768 | ### **gmssl_sm9_enc_master_key_generate** 769 | 770 | Generate SM9 encryption master key 771 | 772 | ```php 773 | gmssl_sm9_enc_master_key_generate(): string 774 | ``` 775 | 776 | * Parameters - None 777 | * Return Values - SM9 signing master key. 778 | * Errors/Exceptions - Throw exceptions on GmSSL library inner errors. 779 | 780 | 781 | ### **gmssl_sm9_enc_master_key_extract_key** 782 | 783 | Extract the encryption private key from SM9 master key with user's ID 784 | 785 | ```php 786 | gmssl_sm9_enc_master_key_extract_key( 787 | string $master_key, 788 | string $id 789 | ): string 790 | ``` 791 | 792 | * Parameters 793 | * master_key - SM9 encryption master key. 794 | * id - User's identity 795 | * Return Values - User's sm9 encryption private key extracted from the master key correponding to the given **id** 796 | * Errors/Exceptions - Throw exceptions on invalid parameters or GmSSL library inner errors. 797 | 798 | 799 | ###**gmssl_sm9_enc_master_key_info_encrypt_to_pem** 800 | 801 | Export SM9 encryption master key to encrypted PEM file 802 | 803 | ```php 804 | gmssl_sm9_enc_master_key_info_encrypt_to_pem( 805 | string $master_key, 806 | string $file, 807 | string $passphrase 808 | ): bool 809 | ``` 810 | 811 | * Parameters 812 | * master_key - SM9 encryption master key 813 | * file - The output PEM file path. 814 | * passphrase - The passphrase/password to encrypt the private key. 815 | * Return Values: **true** on success or **false** on failure. 816 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 817 | 818 | 819 | ### **gmssl_sm9_enc_master_key_info_decrypt_from_pem** 820 | 821 | Import SM9 encryption master key from encrypted PEM file 822 | 823 | ```php 824 | gmssl_sm9_enc_master_key_info_decrypt_from_pem( 825 | string $file, 826 | string $passphrase 827 | ): string 828 | ``` 829 | 830 | * Parameters 831 | * file - The input password encrypted SM9 encryption master key PEM file path. 832 | * passphrase - The passphrase/password to decrypt the PEM file. 833 | * Return Values: SM9 encryption master key 834 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 835 | 836 | ### **gmssl_sm9_enc_master_public_key_to_pem** 837 | 838 | Export SM9 encryption master public key to file 839 | 840 | ```php 841 | gmssl_sm9_enc_master_public_key_to_pem( 842 | string $master_key, 843 | string $file, 844 | ): bool 845 | ``` 846 | 847 | * Parameters 848 | * master_key - SM9 encryption master key or master public key 849 | * file - The output SM9 encryption master public key PEM file path. 850 | * Return Values: **true** on success or **false** on failure. 851 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 852 | 853 | ### **gmssl_sm9_enc_master_public_key_from_pem** 854 | 855 | Import SM9 encryption master public key from file 856 | 857 | ```php 858 | gmssl_sm9_enc_master_public_key_from_pem( 859 | string $file 860 | ): string 861 | ``` 862 | 863 | * Parameters 864 | * file - The SM9 encryption master public key PEM file. 865 | * Return Values: SM9 encryption master public key. 866 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 867 | 868 | ### **gmssl_sm9_enc_key_info_encrypt_to_pem** 869 | 870 | Export user's SM9 encryption key to encrypted PEM file 871 | 872 | ```php 873 | gmssl_sm9_enc_key_info_encrypt_to_pem( 874 | string $enc_key, 875 | string $file, 876 | string $passphrase 877 | ): bool 878 | ``` 879 | 880 | * Parameters 881 | * enc_key - SM9 encryption private key 882 | * file - The output PEM file path. 883 | * passphrase - The passphrase/password to encrypt the private key. 884 | * Return Values: **true** on success or **false** on failure. 885 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 886 | 887 | 888 | ### **gmssl_sm9_enc_key_info_decrypt_from_pem** 889 | 890 | Import user's SM9 encryption key from encrypted PEM file 891 | 892 | ```php 893 | gmssl_sm9_enc_key_info_decrypt_from_pem( 894 | string $file, 895 | string $passphrase 896 | ): string 897 | ``` 898 | 899 | * Parameters 900 | * file - The input password encrypted SM9 encryption private key PEM file path. 901 | * passphrase - The passphrase/password to decrypt the PEM file. 902 | * Return Values: SM9 encryption private key 903 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 904 | 905 | ### **gmssl_sm9_encrypt** 906 | 907 | Encrypt short message with recipient's ID 908 | 909 | ```php 910 | gmssl_sm9_encrypt( 911 | string $master_public_key, 912 | string $id, 913 | string $data 914 | ): string 915 | ``` 916 | 917 | * Parameters 918 | * master_public_key - SM9 encryption master public key. 919 | * data - To be encrypted plaintext. SM9 encryption should be used to protect key materials. The length should not longer than GMSSL_SM9_MAX_PLAINTEXT_SIZE. 920 | * Return Values - Ciphertext. 921 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 922 | 923 | ### **gmssl_sm9_decrypt** 924 | 925 | Decrypt SM9 ciphertext with user's SM9 private key 926 | 927 | ```php 928 | gmssl_sm9_decrypt( 929 | string $enc_key, 930 | string $id, 931 | string $ciphertext 932 | ): string 933 | ``` 934 | 935 | * Parameters 936 | * enc_key - Receiver's SM9 encryption/decryption private key 937 | * id - Receiver's identity 938 | * ciphertext - SM9 Ciphertext. 939 | * Return Values - Plaintext. 940 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 941 | 942 | ### **gmssl_cert_from_pem** 943 | 944 | Import X.509 certificate from PEM file. 945 | 946 | ```php 947 | gmssl_cert_from_pem(string $path): string 948 | ``` 949 | 950 | * Parameters 951 | * path - Certificate file path, the certificate should be a SM2 certficate in PEM format. 952 | * Return Values - SM2 certificate. The raw data of the return value is the DER-encoding bytes of the certificate. 953 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 954 | 955 | ### **gmssl_cert_print** 956 | 957 | Print details of a X.509 certificate. 958 | 959 | ```php 960 | gmssl_cert_print( 961 | string $cert, 962 | string $label 963 | ): bool 964 | ``` 965 | 966 | * Parameters 967 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 968 | * label - Label string that will be printed at the first line of the output. 969 | * Return Values - **true** or **false** 970 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 971 | 972 | ### **gmssl_cert_get_serial_number** 973 | 974 | Get the SerialNumber field of a X.509 certificate. 975 | 976 | ```php 977 | gmssl_cert_get_serial_number(string $cert): string 978 | ``` 979 | 980 | * Parameters 981 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 982 | * Return Values - SerialNumber field raw data (bytes). 983 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 984 | 985 | ### **gmssl_cert_get_issuer** 986 | 987 | Get the Issuer field of a X.509 certificate. 988 | 989 | ```php 990 | gmssl_cert_get_issuer(string $cert): array 991 | ``` 992 | 993 | * Parameters 994 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 995 | * Return Values - Issuer field as an array. The element with key `raw_data` is the DER-encoding of the X.509 DN value (without Tag and Length). 996 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 997 | 998 | ### **gmssl_cert_get_validity** 999 | 1000 | Get the Validity field of a X.509 certificate. 1001 | 1002 | ```php 1003 | gmssl_cert_get_validity(string $cert): array 1004 | ``` 1005 | 1006 | * Parameters 1007 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 1008 | * Return Values - Validity field of the certificate as an array. The return array has two elements with key `notBefore` and `notAfter`, the value is an `int` value of the timestamp. 1009 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 1010 | 1011 | ### **gmssl_cert_get_subject** 1012 | 1013 | Get the Subject field of a X.509 certificate. 1014 | 1015 | ```php 1016 | gmssl_cert_get_subject(string $cert): array 1017 | ``` 1018 | 1019 | * Parameters 1020 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 1021 | * Return Values - Subject field as an array. The element with key `raw_data` is the DER-encoding of the X.509 DN value (without Tag and Length). 1022 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 1023 | 1024 | ### **gmssl_cert_get_subject_public_key** 1025 | 1026 | Get the SM2 public key from the SubjectPublicKeyInfo field of a X.509 certificate. 1027 | 1028 | ```php 1029 | gmssl_cert_get_subject_public_key(string $cert): string 1030 | ``` 1031 | 1032 | * Parameters 1033 | * cert - SM2 certificate, typically from `gmssl_cert_from_pem`. 1034 | * Return Values - SM2 public key from the SubjectPublicKeyInfo field of the certificate. The return value format is the same as output of the `sm2_public_key_info_from_pem`. 1035 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 1036 | 1037 | ### **gmssl_cert_verify_by_ca_cert** 1038 | 1039 | Verify a X.509 certificate by a CA certificate. 1040 | 1041 | ```php 1042 | gmssl_cert_verify_by_ca_cert( 1043 | string $cert, 1044 | string $cacert, 1045 | string $sm2_id 1046 | ): bool 1047 | ``` 1048 | 1049 | * Parameters 1050 | * cert - The verified SM2 certificate, to be verified if it is signed (issued) by the **cacert**. 1051 | * cacert - The CA's SM2 certificate. The Issuer field of **cert** should be the same as the Subject field of the **cacert**. 1052 | * sm2_id - The CA's signing SM2 ID, is not specified, GMSSL_SM2_DEFAULT_ID should be used. 1053 | * Return Values - **true** or **false** 1054 | * Errors/Exceptions - Throw exceptions on invalid parameters and GmSSL library inner errors. 1055 | 1056 | 1057 | 1058 | 1059 | 1060 | 1061 | 1062 | 1063 | 1064 | 1065 | 1066 | 1067 | 1068 | -------------------------------------------------------------------------------- /gmssl.c: -------------------------------------------------------------------------------- 1 | /* 2 | +----------------------------------------------------------------------+ 3 | | PHP Version 7 | 4 | +----------------------------------------------------------------------+ 5 | | Copyright (c) The PHP Group | 6 | +----------------------------------------------------------------------+ 7 | | This source file is subject to version 3.01 of the PHP license, | 8 | | that is bundled with this package in the file LICENSE, and is | 9 | | available through the world-wide-web at the following url: | 10 | | http://www.php.net/license/3_01.txt | 11 | | If you did not receive a copy of the PHP license and are unable to | 12 | | obtain it through the world-wide-web, please send a note to | 13 | | license@php.net so we can mail you a copy immediately. | 14 | +----------------------------------------------------------------------+ 15 | | Authors: Zhi Guan | 16 | +----------------------------------------------------------------------+ 17 | */ 18 | 19 | #ifdef HAVE_CONFIG_H 20 | # include "config.h" 21 | #endif 22 | 23 | #include "php.h" 24 | #include "ext/standard/info.h" 25 | #include "php_gmssl.h" 26 | #include "zend_exceptions.h" 27 | 28 | #include 29 | #include 30 | #include 31 | #include 32 | #include 33 | #include 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | 41 | 42 | PHP_MINIT_FUNCTION(gmssl) 43 | { 44 | REGISTER_STRING_CONSTANT("GMSSL_PHP_VERSION", PHP_GMSSL_VERSION, CONST_CS | CONST_PERSISTENT); 45 | REGISTER_STRING_CONSTANT("GMSSL_LIBRARY_VERSION", (char *)gmssl_version_str(), CONST_CS | CONST_PERSISTENT); 46 | REGISTER_LONG_CONSTANT("GMSSL_SM3_DIGEST_SIZE", SM3_DIGEST_SIZE, CONST_CS | CONST_PERSISTENT); 47 | REGISTER_LONG_CONSTANT("GMSSL_SM3_HMAC_SIZE", SM3_HMAC_SIZE, CONST_CS | CONST_PERSISTENT); 48 | REGISTER_LONG_CONSTANT("GMSSL_SM3_HMAC_MIN_KEY_SIZE", 16, CONST_CS | CONST_PERSISTENT); 49 | REGISTER_LONG_CONSTANT("GMSSL_SM4_KEY_SIZE", SM4_KEY_SIZE, CONST_CS | CONST_PERSISTENT); 50 | REGISTER_LONG_CONSTANT("GMSSL_SM4_BLOCK_SIZE", SM4_BLOCK_SIZE, CONST_CS | CONST_PERSISTENT); 51 | REGISTER_LONG_CONSTANT("GMSSL_SM4_CBC_IV_SIZE", SM4_BLOCK_SIZE, CONST_CS | CONST_PERSISTENT); 52 | REGISTER_LONG_CONSTANT("GMSSL_SM4_CTR_IV_SIZE", SM4_BLOCK_SIZE, CONST_CS | CONST_PERSISTENT); 53 | REGISTER_LONG_CONSTANT("GMSSL_SM4_GCM_MIN_IV_SIZE", SM4_GCM_MIN_IV_SIZE, CONST_CS | CONST_PERSISTENT); 54 | REGISTER_LONG_CONSTANT("GMSSL_SM4_GCM_MAX_IV_SIZE", SM4_GCM_MAX_IV_SIZE, CONST_CS | CONST_PERSISTENT); 55 | REGISTER_LONG_CONSTANT("GMSSL_SM4_GCM_DEFAULT_IV_SIZE", SM4_GCM_DEFAULT_IV_SIZE, CONST_CS | CONST_PERSISTENT); 56 | REGISTER_LONG_CONSTANT("GMSSL_SM4_GCM_MAX_TAG_SIZE", SM4_GCM_MAX_TAG_SIZE, CONST_CS | CONST_PERSISTENT); 57 | REGISTER_STRING_CONSTANT("GMSSL_SM2_DEFAULT_ID", SM2_DEFAULT_ID, CONST_CS | CONST_PERSISTENT); 58 | REGISTER_LONG_CONSTANT("GMSSL_SM2_MAX_PLAINTEXT_SIZE", SM2_MAX_PLAINTEXT_SIZE, CONST_CS | CONST_PERSISTENT); 59 | REGISTER_LONG_CONSTANT("GMSSL_SM9_MAX_PLAINTEXT_SIZE", SM9_MAX_PLAINTEXT_SIZE, CONST_CS | CONST_PERSISTENT); 60 | REGISTER_LONG_CONSTANT("GMSSL_ZUC_KEY_SIZE", ZUC_KEY_SIZE, CONST_CS | CONST_PERSISTENT); 61 | REGISTER_LONG_CONSTANT("GMSSL_ZUC_IV_SIZE", ZUC_IV_SIZE, CONST_CS | CONST_PERSISTENT); 62 | return SUCCESS; 63 | } 64 | 65 | PHP_FUNCTION(gmssl_rand_bytes) 66 | { 67 | zend_long size; 68 | zend_string *bytes; 69 | 70 | ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_THROW, 1, 1) 71 | Z_PARAM_LONG(size) 72 | ZEND_PARSE_PARAMETERS_END(); 73 | 74 | if (size < 1) { 75 | zend_throw_exception(zend_ce_error, "Length must be greater than 0", 0); 76 | return; 77 | } 78 | 79 | bytes = zend_string_alloc(size, 0); 80 | 81 | if (rand_bytes((uint8_t *)ZSTR_VAL(bytes), size) != 1) { 82 | zend_string_efree(bytes); 83 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 84 | return; 85 | } 86 | 87 | ZSTR_VAL(bytes)[size] = 0; 88 | 89 | RETURN_STR(bytes); 90 | } 91 | 92 | PHP_FUNCTION(gmssl_sm3) 93 | { 94 | zend_string *msg; 95 | uint8_t dgst[SM3_DIGEST_SIZE]; 96 | 97 | ZEND_PARSE_PARAMETERS_START(1, 1) 98 | Z_PARAM_STR(msg) 99 | ZEND_PARSE_PARAMETERS_END(); 100 | 101 | sm3_digest((uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg), dgst); 102 | 103 | RETURN_STRINGL((char *)dgst, sizeof(dgst)); 104 | } 105 | 106 | PHP_FUNCTION(gmssl_sm3_hmac) 107 | { 108 | zend_string *key; 109 | zend_string *msg; 110 | uint8_t hmac[SM3_HMAC_SIZE]; 111 | 112 | ZEND_PARSE_PARAMETERS_START(2, 2) 113 | Z_PARAM_STR(key) 114 | Z_PARAM_STR(msg) 115 | ZEND_PARSE_PARAMETERS_END(); 116 | 117 | if (ZSTR_LEN(key) < 16) { 118 | zend_throw_exception(zend_ce_error, "Key length must be at least 16", 0); 119 | return; 120 | } 121 | 122 | sm3_hmac((uint8_t *)ZSTR_VAL(key), ZSTR_LEN(key), (uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg), hmac); 123 | 124 | RETURN_STRINGL((char *)hmac, sizeof(hmac)); 125 | } 126 | 127 | PHP_FUNCTION(gmssl_sm3_pbkdf2) 128 | { 129 | zend_string *out; 130 | zend_string *pass; 131 | zend_string *salt; 132 | zend_long iter; 133 | zend_long outlen; 134 | 135 | ZEND_PARSE_PARAMETERS_START(4, 4) 136 | Z_PARAM_STR(pass) 137 | Z_PARAM_STR(salt) 138 | Z_PARAM_LONG(iter) 139 | Z_PARAM_LONG(outlen) 140 | ZEND_PARSE_PARAMETERS_END(); 141 | 142 | out = zend_string_alloc(outlen, 0); 143 | 144 | if (pbkdf2_hmac_sm3_genkey(ZSTR_VAL(pass), ZSTR_LEN(pass), (uint8_t *)ZSTR_VAL(salt), ZSTR_LEN(salt), 145 | iter, outlen, (uint8_t *)ZSTR_VAL(out)) != 1) { 146 | zend_string_efree(out); 147 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 148 | return; 149 | } 150 | 151 | ZSTR_LEN(out) = outlen; 152 | ZSTR_VAL(out)[outlen] = 0; 153 | 154 | RETURN_NEW_STR(out); 155 | } 156 | 157 | PHP_FUNCTION(gmssl_sm4_encrypt) 158 | { 159 | SM4_KEY sm4_key; 160 | zend_string *key; 161 | zend_string *in; 162 | zend_string *out; 163 | 164 | ZEND_PARSE_PARAMETERS_START(2, 2) 165 | Z_PARAM_STR(key) 166 | Z_PARAM_STR(in) 167 | ZEND_PARSE_PARAMETERS_END(); 168 | 169 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 170 | zend_throw_exception(zend_ce_error, "SM4 key length must be 16", 0); 171 | return; 172 | } 173 | if (ZSTR_LEN(in) != SM4_BLOCK_SIZE) { 174 | zend_throw_exception(zend_ce_error, "SM4 block size is 16", 0); 175 | return; 176 | } 177 | 178 | out = zend_string_alloc(SM4_BLOCK_SIZE, 0); 179 | 180 | sm4_set_encrypt_key(&sm4_key, (uint8_t *)ZSTR_VAL(key)); 181 | 182 | sm4_encrypt(&sm4_key, (uint8_t *)ZSTR_VAL(in), (uint8_t *)ZSTR_VAL(out)); 183 | 184 | ZSTR_VAL(out)[SM4_BLOCK_SIZE] = 0; 185 | 186 | RETURN_NEW_STR(out); 187 | } 188 | 189 | PHP_FUNCTION(gmssl_sm4_decrypt) 190 | { 191 | SM4_KEY sm4_key; 192 | zend_string *key; 193 | zend_string *in; 194 | zend_string *out; 195 | 196 | ZEND_PARSE_PARAMETERS_START(2, 2) 197 | Z_PARAM_STR(key) 198 | Z_PARAM_STR(in) 199 | ZEND_PARSE_PARAMETERS_END(); 200 | 201 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 202 | zend_throw_exception(zend_ce_error, "SM4 key length must be 16", 0); 203 | return; 204 | } 205 | if (ZSTR_LEN(in) != SM4_BLOCK_SIZE) { 206 | zend_throw_exception(zend_ce_error, "SM4 block size is 16", 0); 207 | return; 208 | } 209 | 210 | out = zend_string_alloc(SM4_BLOCK_SIZE, 0); 211 | 212 | sm4_set_decrypt_key(&sm4_key, (uint8_t *)ZSTR_VAL(key)); 213 | 214 | sm4_encrypt(&sm4_key, (uint8_t *)ZSTR_VAL(in), (uint8_t *)ZSTR_VAL(out)); 215 | 216 | ZSTR_VAL(out)[SM4_BLOCK_SIZE] = 0; 217 | 218 | RETURN_NEW_STR(out); 219 | } 220 | 221 | PHP_FUNCTION(gmssl_sm4_cbc_encrypt) 222 | { 223 | SM4_KEY sm4_key; 224 | zend_string *key; 225 | zend_string *iv; 226 | zend_string *in; 227 | zend_string *out; 228 | size_t outlen; 229 | 230 | ZEND_PARSE_PARAMETERS_START(3, 3) 231 | Z_PARAM_STR(key) 232 | Z_PARAM_STR(iv) 233 | Z_PARAM_STR(in) 234 | ZEND_PARSE_PARAMETERS_END(); 235 | 236 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 237 | zend_throw_exception(zend_ce_error, "SM4-CBC key length must be 16", 0); 238 | return; 239 | } 240 | 241 | if (ZSTR_LEN(iv) != SM4_BLOCK_SIZE) { 242 | zend_throw_exception(zend_ce_error, "SM4-CBC IV length must be at 16", 0); 243 | return; 244 | } 245 | 246 | out = zend_string_alloc(ZSTR_LEN(in) + SM4_BLOCK_SIZE - ZSTR_LEN(in) % SM4_BLOCK_SIZE, 0); 247 | 248 | sm4_set_encrypt_key(&sm4_key, (uint8_t *)ZSTR_VAL(key)); 249 | 250 | if (sm4_cbc_padding_encrypt(&sm4_key, (uint8_t *)ZSTR_VAL(iv), 251 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 252 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 253 | gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); 254 | zend_string_efree(out); 255 | zend_throw_exception(zend_ce_exception, "ligmssl inner error", 0); 256 | return; 257 | } 258 | gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); 259 | 260 | ZSTR_VAL(out)[outlen] = 0; 261 | 262 | RETURN_NEW_STR(out); 263 | } 264 | 265 | PHP_FUNCTION(gmssl_sm4_cbc_decrypt) 266 | { 267 | SM4_KEY sm4_key; 268 | zend_string *key; 269 | zend_string *iv; 270 | zend_string *in; 271 | zend_string *out; 272 | size_t outlen; 273 | 274 | ZEND_PARSE_PARAMETERS_START(3, 3) 275 | Z_PARAM_STR(key) 276 | Z_PARAM_STR(iv) 277 | Z_PARAM_STR(in) 278 | ZEND_PARSE_PARAMETERS_END(); 279 | 280 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 281 | zend_throw_exception(zend_ce_error, "SM4-CBC key length must be 16", 0); 282 | return; 283 | } 284 | 285 | if (ZSTR_LEN(iv) != SM4_BLOCK_SIZE) { 286 | zend_throw_exception(zend_ce_error, "SM4-CBC IV length must be at 16", 0); 287 | return; 288 | } 289 | 290 | out = zend_string_alloc(ZSTR_LEN(in), 0); 291 | 292 | sm4_set_decrypt_key(&sm4_key, (uint8_t *)ZSTR_VAL(key)); 293 | 294 | if (sm4_cbc_padding_decrypt(&sm4_key, (uint8_t *)ZSTR_VAL(iv), 295 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 296 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 297 | 298 | gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); 299 | zend_string_efree(out); 300 | zend_throw_exception(zend_ce_exception, "decryption failure", 0); 301 | return; 302 | } 303 | gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); 304 | 305 | ZSTR_LEN(out) = outlen; 306 | ZSTR_VAL(out)[outlen] = 0; 307 | 308 | RETURN_NEW_STR(out); 309 | } 310 | 311 | PHP_FUNCTION(gmssl_sm4_ctr_encrypt) 312 | { 313 | SM4_KEY sm4_key; 314 | uint8_t ctr[16]; 315 | zend_string *key; 316 | zend_string *iv; 317 | zend_string *in; 318 | zend_string *out; 319 | 320 | ZEND_PARSE_PARAMETERS_START(3, 3) 321 | Z_PARAM_STR(key) 322 | Z_PARAM_STR(iv) 323 | Z_PARAM_STR(in) 324 | ZEND_PARSE_PARAMETERS_END(); 325 | 326 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 327 | zend_throw_exception(zend_ce_error, "SM4-CBC key length must be 16", 0); 328 | return; 329 | } 330 | 331 | if (ZSTR_LEN(iv) != SM4_BLOCK_SIZE) { 332 | zend_throw_exception(zend_ce_error, "SM4-CBC IV length must be at 16", 0); 333 | return; 334 | } 335 | 336 | out = zend_string_alloc(ZSTR_LEN(in), 0); 337 | 338 | sm4_set_encrypt_key(&sm4_key, (uint8_t *)ZSTR_VAL(key)); 339 | memcpy(ctr, ZSTR_VAL(iv), ZSTR_LEN(iv)); 340 | 341 | sm4_ctr_encrypt(&sm4_key, ctr, (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), (uint8_t *)ZSTR_VAL(out)); 342 | 343 | gmssl_secure_clear(&sm4_key, sizeof(sm4_key)); 344 | 345 | ZSTR_VAL(out)[ZSTR_LEN(in)] = 0; 346 | 347 | RETURN_NEW_STR(out); 348 | } 349 | 350 | PHP_FUNCTION(gmssl_sm4_gcm_encrypt) 351 | { 352 | SM4_GCM_CTX gcm_ctx; 353 | zend_string *key; 354 | zend_string *iv; 355 | zend_string *aad; 356 | zend_string *in; 357 | zend_long taglen; 358 | zend_string *out; 359 | size_t outlen, left; 360 | 361 | ZEND_PARSE_PARAMETERS_START(5, 5) 362 | Z_PARAM_STR(key) 363 | Z_PARAM_STR(iv) 364 | Z_PARAM_STR(aad) 365 | Z_PARAM_LONG(taglen) 366 | Z_PARAM_STR(in) 367 | ZEND_PARSE_PARAMETERS_END(); 368 | 369 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 370 | zend_throw_exception(zend_ce_error, "SM4-GCM key length must be 16", 0); 371 | return; 372 | } 373 | 374 | if (ZSTR_LEN(iv) < SM4_GCM_MIN_IV_SIZE 375 | || ZSTR_LEN(iv) > SM4_GCM_MAX_IV_SIZE) { 376 | zend_throw_exception(zend_ce_error, "SM4-GCM IV length invalid", 0); 377 | return; 378 | } 379 | 380 | if (taglen > SM4_GCM_MAX_TAG_SIZE) { 381 | zend_throw_exception(zend_ce_error, "SM4-GCM Tag size length should <= 16", 0); 382 | return; 383 | } 384 | 385 | out = zend_string_alloc(ZSTR_LEN(in) + SM4_GCM_MAX_TAG_SIZE, 0); 386 | 387 | if (sm4_gcm_encrypt_init(&gcm_ctx, 388 | (uint8_t *)ZSTR_VAL(key), ZSTR_LEN(key), 389 | (uint8_t *)ZSTR_VAL(iv), ZSTR_LEN(iv), 390 | (uint8_t *)ZSTR_VAL(aad), ZSTR_LEN(aad), 391 | (size_t)taglen) != 1 392 | ||sm4_gcm_encrypt_update(&gcm_ctx, 393 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 394 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1 395 | ||sm4_gcm_encrypt_finish(&gcm_ctx, 396 | (uint8_t *)ZSTR_VAL(out) + outlen, &left) != 1) { 397 | 398 | gmssl_secure_clear(&gcm_ctx, sizeof(gcm_ctx)); 399 | zend_string_efree(out); 400 | zend_throw_exception(zend_ce_exception, "encryption failure", 0); 401 | return; 402 | } 403 | gmssl_secure_clear(&gcm_ctx, sizeof(gcm_ctx)); 404 | 405 | ZSTR_LEN(out) = outlen + left; 406 | ZSTR_VAL(out)[ZSTR_LEN(out)] = 0; 407 | 408 | RETURN_NEW_STR(out); 409 | } 410 | 411 | PHP_FUNCTION(gmssl_sm4_gcm_decrypt) 412 | { 413 | SM4_GCM_CTX gcm_ctx; 414 | zend_string *key; 415 | zend_string *iv; 416 | zend_string *aad; 417 | zend_string *in; 418 | zend_long taglen; 419 | zend_string *out; 420 | size_t outlen, left; 421 | 422 | ZEND_PARSE_PARAMETERS_START(5, 5) 423 | Z_PARAM_STR(key) 424 | Z_PARAM_STR(iv) 425 | Z_PARAM_STR(aad) 426 | Z_PARAM_LONG(taglen) 427 | Z_PARAM_STR(in) 428 | ZEND_PARSE_PARAMETERS_END(); 429 | 430 | if (ZSTR_LEN(key) != SM4_KEY_SIZE) { 431 | zend_throw_exception(zend_ce_error, "SM4-GCM key length must be 16", 0); 432 | return; 433 | } 434 | 435 | if (ZSTR_LEN(iv) < SM4_GCM_MIN_IV_SIZE 436 | || ZSTR_LEN(iv) > SM4_GCM_MAX_IV_SIZE) { 437 | zend_throw_exception(zend_ce_error, "SM4-GCM IV length invalid", 0); 438 | return; 439 | } 440 | 441 | if (taglen > SM4_GCM_MAX_TAG_SIZE) { 442 | zend_throw_exception(zend_ce_error, "SM4-GCM Tag size should <= 16", 0); 443 | return; 444 | } 445 | 446 | out = zend_string_alloc(ZSTR_LEN(in), 0); 447 | 448 | if (sm4_gcm_decrypt_init(&gcm_ctx, 449 | (uint8_t *)ZSTR_VAL(key), ZSTR_LEN(key), 450 | (uint8_t *)ZSTR_VAL(iv), ZSTR_LEN(iv), 451 | (uint8_t *)ZSTR_VAL(aad), ZSTR_LEN(aad), 452 | (size_t)taglen) != 1 453 | || sm4_gcm_decrypt_update(&gcm_ctx, 454 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 455 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1 456 | || sm4_gcm_decrypt_finish(&gcm_ctx, 457 | (uint8_t *)ZSTR_VAL(out) + outlen, &left) != 1) { 458 | gmssl_secure_clear(&gcm_ctx, sizeof(gcm_ctx)); 459 | zend_string_efree(out); 460 | zend_throw_exception(zend_ce_exception, "encryption failure", 0); 461 | return; 462 | } 463 | gmssl_secure_clear(&gcm_ctx, sizeof(gcm_ctx)); 464 | 465 | ZSTR_LEN(out) = outlen + left; 466 | ZSTR_VAL(out)[ZSTR_LEN(out)] = 0; 467 | 468 | RETURN_NEW_STR(out); 469 | } 470 | 471 | PHP_FUNCTION(gmssl_zuc_encrypt) 472 | { 473 | ZUC_STATE zuc_state; 474 | zend_string *key; 475 | zend_string *iv; 476 | zend_string *in; 477 | zend_string *out; 478 | 479 | ZEND_PARSE_PARAMETERS_START(3, 3) 480 | Z_PARAM_STR(key) 481 | Z_PARAM_STR(iv) 482 | Z_PARAM_STR(in) 483 | ZEND_PARSE_PARAMETERS_END(); 484 | 485 | if (ZSTR_LEN(key) != ZUC_KEY_SIZE) { 486 | zend_throw_exception(zend_ce_error, "ZUC key length must be 16", 0); 487 | return; 488 | } 489 | 490 | if (ZSTR_LEN(iv) != ZUC_IV_SIZE) { 491 | zend_throw_exception(zend_ce_error, "ZUC IV length must be at 16", 0); 492 | return; 493 | } 494 | 495 | out = zend_string_alloc(ZSTR_LEN(in), 0); 496 | 497 | zuc_init(&zuc_state, (uint8_t *)ZSTR_VAL(key), (uint8_t *)ZSTR_VAL(iv)); 498 | zuc_encrypt(&zuc_state, (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), (uint8_t *)ZSTR_VAL(out)); 499 | gmssl_secure_clear(&zuc_state, sizeof(zuc_state)); 500 | 501 | ZSTR_VAL(out)[ZSTR_LEN(in)] = 0; 502 | 503 | RETURN_NEW_STR(out); 504 | } 505 | 506 | PHP_FUNCTION(gmssl_sm2_key_generate) 507 | { 508 | zend_string *ret; 509 | 510 | ZEND_PARSE_PARAMETERS_NONE(); 511 | 512 | ret = zend_string_alloc(sizeof(SM2_KEY), 0); 513 | 514 | if (sm2_key_generate((SM2_KEY *)ZSTR_VAL(ret)) != 1) { 515 | zend_string_efree(ret); 516 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 517 | return; 518 | } 519 | 520 | ZSTR_VAL(ret)[sizeof(SM2_KEY)] = 0; 521 | 522 | RETURN_NEW_STR(ret); 523 | } 524 | 525 | PHP_FUNCTION(gmssl_sm2_compute_z) 526 | { 527 | zend_string *ret; 528 | zend_string *sm2_pub; 529 | zend_string *id; 530 | 531 | ZEND_PARSE_PARAMETERS_START(2, 2) 532 | Z_PARAM_STR(sm2_pub) 533 | Z_PARAM_STR(id) 534 | ZEND_PARSE_PARAMETERS_END(); 535 | 536 | if (ZSTR_LEN(sm2_pub) != sizeof(SM2_KEY)) { 537 | zend_throw_exception(zend_ce_exception, "invalid SM2 private key size", 0); 538 | return; 539 | } 540 | 541 | ret = zend_string_alloc(SM3_DIGEST_SIZE, 0); 542 | 543 | if (sm2_compute_z((uint8_t *)ZSTR_VAL(ret), &((SM2_KEY *)ZSTR_VAL(sm2_pub))->public_key, ZSTR_VAL(id), ZSTR_LEN(id)) != 1) { 544 | zend_string_efree(ret); 545 | zend_throw_exception(zend_ce_error, "libgmssl inner error", 0); 546 | return; 547 | } 548 | 549 | RETURN_NEW_STR(ret); 550 | } 551 | 552 | PHP_FUNCTION(gmssl_sm2_private_key_info_encrypt_to_pem) 553 | { 554 | zend_string *keypair; 555 | zend_string *file; 556 | zend_string *pass; 557 | FILE *fp; 558 | 559 | ZEND_PARSE_PARAMETERS_START(3, 3) 560 | Z_PARAM_STR(keypair) 561 | Z_PARAM_STR(file) 562 | Z_PARAM_STR(pass) 563 | ZEND_PARSE_PARAMETERS_END(); 564 | 565 | if (ZSTR_LEN(keypair) != sizeof(SM2_KEY)) { 566 | zend_throw_exception(zend_ce_exception, "invalid SM2 private key size", 0); 567 | RETURN_FALSE; 568 | } 569 | 570 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 571 | zend_throw_exception(zend_ce_exception, "open file error", 0); 572 | RETURN_FALSE; 573 | } 574 | 575 | if (sm2_private_key_info_encrypt_to_pem((SM2_KEY *)ZSTR_VAL(keypair), ZSTR_VAL(pass), fp) != 1) { 576 | fclose(fp); 577 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 578 | RETURN_FALSE; 579 | } 580 | fclose(fp); 581 | 582 | RETURN_TRUE; 583 | } 584 | 585 | PHP_FUNCTION(gmssl_sm2_private_key_info_decrypt_from_pem) 586 | { 587 | zend_string *ret; 588 | zend_string *file; 589 | zend_string *pass; 590 | FILE *fp; 591 | 592 | ZEND_PARSE_PARAMETERS_START(2, 2) 593 | Z_PARAM_STR(file) 594 | Z_PARAM_STR(pass) 595 | ZEND_PARSE_PARAMETERS_END(); 596 | 597 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 598 | zend_throw_exception(zend_ce_exception, "open file error", 0); 599 | return; 600 | } 601 | 602 | ret = zend_string_alloc(sizeof(SM2_KEY), 0); 603 | 604 | if (sm2_private_key_info_decrypt_from_pem((SM2_KEY *)ZSTR_VAL(ret), ZSTR_VAL(pass), fp) != 1) { 605 | zend_string_efree(ret); 606 | fclose(fp); 607 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 608 | return; 609 | } 610 | fclose(fp); 611 | 612 | ZSTR_VAL(ret)[sizeof(SM2_KEY)] = 0; 613 | 614 | RETURN_NEW_STR(ret); 615 | } 616 | 617 | PHP_FUNCTION(gmssl_sm2_public_key_info_to_pem) 618 | { 619 | zend_string *keypair; 620 | zend_string *file; 621 | FILE *fp; 622 | 623 | ZEND_PARSE_PARAMETERS_START(2, 2) 624 | Z_PARAM_STR(keypair) 625 | Z_PARAM_STR(file) 626 | ZEND_PARSE_PARAMETERS_END(); 627 | 628 | if (ZSTR_LEN(keypair) != sizeof(SM2_KEY)) { 629 | zend_throw_exception(zend_ce_exception, "invalid SM2 public key size", 0); 630 | RETURN_FALSE; 631 | } 632 | 633 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 634 | zend_throw_exception(zend_ce_exception, "open file error", 0); 635 | RETURN_FALSE; 636 | } 637 | 638 | if (sm2_public_key_info_to_pem((SM2_KEY *)ZSTR_VAL(keypair), fp) != 1) { 639 | fclose(fp); 640 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 641 | RETURN_FALSE; 642 | } 643 | fclose(fp); 644 | 645 | RETURN_TRUE; 646 | } 647 | 648 | PHP_FUNCTION(gmssl_sm2_public_key_info_from_pem) 649 | { 650 | zend_string *ret; 651 | zend_string *file; 652 | FILE *fp; 653 | 654 | ZEND_PARSE_PARAMETERS_START(1, 1) 655 | Z_PARAM_STR(file) 656 | ZEND_PARSE_PARAMETERS_END(); 657 | 658 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 659 | zend_throw_exception(zend_ce_exception, "open file error", 0); 660 | return; 661 | } 662 | 663 | ret = zend_string_alloc(sizeof(SM2_KEY), 0); 664 | 665 | if (sm2_public_key_info_from_pem((SM2_KEY *)ZSTR_VAL(ret), fp) != 1) { 666 | zend_string_efree(ret); 667 | fclose(fp); 668 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 669 | return; 670 | } 671 | fclose(fp); 672 | 673 | ZSTR_VAL(ret)[sizeof(SM2_KEY)] = 0; 674 | 675 | RETURN_NEW_STR(ret); 676 | } 677 | 678 | PHP_FUNCTION(gmssl_sm2_sign) 679 | { 680 | SM2_SIGN_CTX sign_ctx; 681 | size_t siglen; 682 | zend_string *ret; 683 | zend_string *keypair; 684 | zend_string *id; 685 | zend_string *msg; 686 | 687 | ZEND_PARSE_PARAMETERS_START(3, 3) 688 | Z_PARAM_STR(keypair) 689 | Z_PARAM_STR(id) 690 | Z_PARAM_STR(msg) 691 | ZEND_PARSE_PARAMETERS_END(); 692 | 693 | if (ZSTR_LEN(keypair) != sizeof(SM2_KEY)) { 694 | zend_throw_exception(zend_ce_exception, "invalid SM2 private key size", 0); 695 | return; 696 | } 697 | 698 | ret = zend_string_alloc(SM2_MAX_SIGNATURE_SIZE, 0); 699 | 700 | if (sm2_sign_init(&sign_ctx, (SM2_KEY *)ZSTR_VAL(keypair), ZSTR_VAL(id), ZSTR_LEN(id)) != 1 701 | || sm2_sign_update(&sign_ctx, (uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg)) != 1 702 | || sm2_sign_finish(&sign_ctx, (uint8_t *)ZSTR_VAL(ret), &siglen) != 1) { 703 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 704 | zend_string_efree(ret); 705 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 706 | return; 707 | } 708 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 709 | 710 | ZSTR_LEN(ret) = siglen; 711 | ZSTR_VAL(ret)[siglen] = 0; 712 | 713 | RETURN_NEW_STR(ret); 714 | } 715 | 716 | PHP_FUNCTION(gmssl_sm2_verify) 717 | { 718 | SM2_SIGN_CTX sign_ctx; 719 | zend_string *pubkey; 720 | zend_string *id; 721 | zend_string *msg; 722 | zend_string *sig; 723 | int ret; 724 | 725 | ZEND_PARSE_PARAMETERS_START(4, 4) 726 | Z_PARAM_STR(pubkey) 727 | Z_PARAM_STR(id) 728 | Z_PARAM_STR(msg) 729 | Z_PARAM_STR(sig) 730 | ZEND_PARSE_PARAMETERS_END(); 731 | 732 | if (ZSTR_LEN(pubkey) != sizeof(SM2_KEY)) { 733 | zend_throw_exception(zend_ce_exception, "invalid SM2 public key size", 0); 734 | return; 735 | } 736 | 737 | if (sm2_verify_init(&sign_ctx, (SM2_KEY *)ZSTR_VAL(pubkey), ZSTR_VAL(id), ZSTR_LEN(id)) != 1 738 | || sm2_verify_update(&sign_ctx, (uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg)) != 1 739 | || (ret = sm2_verify_finish(&sign_ctx, (uint8_t *)ZSTR_VAL(sig), ZSTR_LEN(sig))) < 0) { 740 | 741 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 742 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 743 | RETURN_FALSE; 744 | } 745 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 746 | 747 | if (ret == 1) { 748 | RETURN_TRUE; 749 | } else { 750 | RETURN_FALSE; 751 | } 752 | } 753 | 754 | PHP_FUNCTION(gmssl_sm2_encrypt) 755 | { 756 | zend_string *pubkey; 757 | zend_string *in; 758 | zend_string *out; 759 | size_t outlen; 760 | 761 | ZEND_PARSE_PARAMETERS_START(2, 2) 762 | Z_PARAM_STR(pubkey) 763 | Z_PARAM_STR(in) 764 | ZEND_PARSE_PARAMETERS_END(); 765 | 766 | if (ZSTR_LEN(pubkey) != sizeof(SM2_KEY)) { 767 | zend_throw_exception(zend_ce_exception, "invalid SM2 public key size", 0); 768 | return; 769 | } 770 | 771 | out = zend_string_alloc(SM2_MAX_CIPHERTEXT_SIZE, 0); 772 | 773 | if (sm2_encrypt((SM2_KEY *)ZSTR_VAL(pubkey), (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 774 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 775 | zend_string_efree(out); 776 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 777 | return; 778 | } 779 | 780 | ZSTR_LEN(out) = outlen; 781 | ZSTR_VAL(out)[outlen] = 0; 782 | 783 | RETURN_NEW_STR(out); 784 | } 785 | 786 | PHP_FUNCTION(gmssl_sm2_decrypt) 787 | { 788 | zend_string *keypair; 789 | zend_string *in; 790 | zend_string *out; 791 | size_t outlen; 792 | 793 | ZEND_PARSE_PARAMETERS_START(2, 2) 794 | Z_PARAM_STR(keypair) 795 | Z_PARAM_STR(in) 796 | ZEND_PARSE_PARAMETERS_END(); 797 | 798 | if (ZSTR_LEN(keypair) != sizeof(SM2_KEY)) { 799 | zend_throw_exception(zend_ce_exception, "invalid SM2 private key size", 0); 800 | return; 801 | } 802 | 803 | out = zend_string_alloc(SM2_MAX_PLAINTEXT_SIZE, 0); 804 | 805 | if (sm2_decrypt((SM2_KEY *)ZSTR_VAL(keypair), (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), 806 | (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 807 | zend_string_efree(out); 808 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 809 | return; 810 | } 811 | 812 | ZSTR_LEN(out) = outlen; 813 | ZSTR_VAL(out)[outlen] = 0; 814 | 815 | RETURN_NEW_STR(out); 816 | } 817 | 818 | PHP_FUNCTION(gmssl_sm9_sign_master_key_generate) 819 | { 820 | zend_string *ret; 821 | 822 | ZEND_PARSE_PARAMETERS_NONE(); 823 | 824 | ret = zend_string_alloc(sizeof(SM9_SIGN_MASTER_KEY), 0); 825 | 826 | if (sm9_sign_master_key_generate((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(ret)) != 1) { 827 | zend_string_efree(ret); 828 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 829 | return; 830 | } 831 | 832 | ZSTR_VAL(ret)[sizeof(SM9_SIGN_MASTER_KEY)] = 0; 833 | 834 | RETURN_NEW_STR(ret); 835 | } 836 | 837 | PHP_FUNCTION(gmssl_sm9_sign_master_key_extract_key) 838 | { 839 | zend_string *master_key; 840 | zend_string *id; 841 | zend_string *ret; 842 | 843 | ZEND_PARSE_PARAMETERS_START(2, 2) 844 | Z_PARAM_STR(master_key) 845 | Z_PARAM_STR(id) 846 | ZEND_PARSE_PARAMETERS_END(); 847 | 848 | if (ZSTR_LEN(master_key) != sizeof(SM9_SIGN_MASTER_KEY)) { 849 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_MASTER_KEY", 0); 850 | return; 851 | } 852 | 853 | ret = zend_string_alloc(sizeof(SM9_SIGN_KEY), 0); 854 | 855 | if (sm9_sign_master_key_extract_key((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(master_key), 856 | ZSTR_VAL(id), ZSTR_LEN(id), (SM9_SIGN_KEY *)ZSTR_VAL(ret)) != 1) { 857 | zend_string_efree(ret); 858 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 859 | return; 860 | } 861 | 862 | ZSTR_VAL(ret)[sizeof(SM9_SIGN_KEY)] = 0; 863 | 864 | RETURN_NEW_STR(ret); 865 | } 866 | 867 | PHP_FUNCTION(gmssl_sm9_sign_master_key_info_encrypt_to_pem) 868 | { 869 | zend_string *master_key; 870 | zend_string *file; 871 | zend_string *pass; 872 | FILE *fp; 873 | 874 | ZEND_PARSE_PARAMETERS_START(3, 3) 875 | Z_PARAM_STR(master_key) 876 | Z_PARAM_STR(file) 877 | Z_PARAM_STR(pass) 878 | ZEND_PARSE_PARAMETERS_END(); 879 | 880 | if (ZSTR_LEN(master_key) != sizeof(SM9_SIGN_MASTER_KEY)) { 881 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_MASTER_KEY", 0); 882 | return; 883 | } 884 | 885 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 886 | zend_throw_exception(zend_ce_exception, "open file error", 0); 887 | RETURN_FALSE; 888 | } 889 | 890 | if (sm9_sign_master_key_info_encrypt_to_pem((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(master_key), ZSTR_VAL(pass), fp) != 1) { 891 | fclose(fp); 892 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 893 | RETURN_FALSE; 894 | } 895 | fclose(fp); 896 | 897 | RETURN_TRUE; 898 | } 899 | 900 | PHP_FUNCTION(gmssl_sm9_sign_master_key_info_decrypt_from_pem) 901 | { 902 | zend_string *ret; 903 | zend_string *file; 904 | zend_string *pass; 905 | FILE *fp; 906 | 907 | ZEND_PARSE_PARAMETERS_START(2, 2) 908 | Z_PARAM_STR(file) 909 | Z_PARAM_STR(pass) 910 | ZEND_PARSE_PARAMETERS_END(); 911 | 912 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 913 | zend_throw_exception(zend_ce_exception, "open file error", 0); 914 | return; 915 | } 916 | 917 | ret = zend_string_alloc(sizeof(SM9_SIGN_MASTER_KEY), 0); 918 | 919 | if (sm9_sign_master_key_info_decrypt_from_pem((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(ret), ZSTR_VAL(pass), fp) != 1) { 920 | zend_string_efree(ret); 921 | fclose(fp); 922 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 923 | return; 924 | } 925 | fclose(fp); 926 | 927 | ZSTR_VAL(ret)[sizeof(SM9_SIGN_MASTER_KEY)] = 0; 928 | 929 | RETURN_NEW_STR(ret); 930 | } 931 | 932 | PHP_FUNCTION(gmssl_sm9_sign_master_public_key_to_pem) 933 | { 934 | zend_string *master_pubkey; 935 | zend_string *file; 936 | FILE *fp; 937 | 938 | ZEND_PARSE_PARAMETERS_START(2, 2) 939 | Z_PARAM_STR(master_pubkey) 940 | Z_PARAM_STR(file) 941 | ZEND_PARSE_PARAMETERS_END(); 942 | 943 | if (ZSTR_LEN(master_pubkey) != sizeof(SM9_SIGN_MASTER_KEY)) { 944 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_MASTER_KEY", 0); 945 | return; 946 | } 947 | 948 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 949 | zend_throw_exception(zend_ce_exception, "open file error", 0); 950 | RETURN_FALSE; 951 | } 952 | 953 | if (sm9_sign_master_public_key_to_pem((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(master_pubkey), fp) != 1) { 954 | fclose(fp); 955 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 956 | RETURN_FALSE; 957 | } 958 | fclose(fp); 959 | 960 | RETURN_TRUE; 961 | } 962 | 963 | PHP_FUNCTION(gmssl_sm9_sign_master_public_key_from_pem) 964 | { 965 | zend_string *ret; 966 | zend_string *file; 967 | FILE *fp; 968 | 969 | ZEND_PARSE_PARAMETERS_START(1, 1) 970 | Z_PARAM_STR(file) 971 | ZEND_PARSE_PARAMETERS_END(); 972 | 973 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 974 | zend_throw_exception(zend_ce_exception, "open file error", 0); 975 | return; 976 | } 977 | 978 | ret = zend_string_alloc(sizeof(SM9_SIGN_MASTER_KEY), 0); 979 | 980 | if (sm9_sign_master_public_key_from_pem((SM9_SIGN_MASTER_KEY *)ZSTR_VAL(ret), fp) != 1) { 981 | zend_string_efree(ret); 982 | fclose(fp); 983 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 984 | return; 985 | } 986 | fclose(fp); 987 | 988 | ZSTR_VAL(ret)[sizeof(SM9_SIGN_MASTER_KEY)] = 0; 989 | 990 | RETURN_NEW_STR(ret); 991 | } 992 | 993 | 994 | PHP_FUNCTION(gmssl_sm9_sign_key_info_encrypt_to_pem) 995 | { 996 | zend_string *pri_key; 997 | zend_string *file; 998 | zend_string *pass; 999 | FILE *fp; 1000 | 1001 | ZEND_PARSE_PARAMETERS_START(3, 3) 1002 | Z_PARAM_STR(pri_key) 1003 | Z_PARAM_STR(file) 1004 | Z_PARAM_STR(pass) 1005 | ZEND_PARSE_PARAMETERS_END(); 1006 | 1007 | if (ZSTR_LEN(pri_key) != sizeof(SM9_SIGN_KEY)) { 1008 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_KEY", 0); 1009 | return; 1010 | } 1011 | 1012 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 1013 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1014 | RETURN_FALSE; 1015 | } 1016 | 1017 | if (sm9_sign_key_info_encrypt_to_pem((SM9_SIGN_KEY *)ZSTR_VAL(pri_key), ZSTR_VAL(pass), fp) != 1) { 1018 | fclose(fp); 1019 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1020 | RETURN_FALSE; 1021 | } 1022 | fclose(fp); 1023 | 1024 | RETURN_TRUE; 1025 | } 1026 | 1027 | PHP_FUNCTION(gmssl_sm9_sign_key_info_decrypt_from_pem) 1028 | { 1029 | zend_string *ret; 1030 | zend_string *file; 1031 | zend_string *pass; 1032 | FILE *fp; 1033 | 1034 | ZEND_PARSE_PARAMETERS_START(2, 2) 1035 | Z_PARAM_STR(file) 1036 | Z_PARAM_STR(pass) 1037 | ZEND_PARSE_PARAMETERS_END(); 1038 | 1039 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 1040 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1041 | return; 1042 | } 1043 | 1044 | ret = zend_string_alloc(sizeof(SM9_SIGN_KEY), 0); 1045 | 1046 | if (sm9_sign_key_info_decrypt_from_pem((SM9_SIGN_KEY *)ZSTR_VAL(ret), ZSTR_VAL(pass), fp) != 1) { 1047 | zend_string_efree(ret); 1048 | fclose(fp); 1049 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1050 | return; 1051 | } 1052 | fclose(fp); 1053 | 1054 | ZSTR_VAL(ret)[sizeof(SM9_SIGN_KEY)] = 0; 1055 | 1056 | RETURN_NEW_STR(ret); 1057 | } 1058 | 1059 | PHP_FUNCTION(gmssl_sm9_sign) 1060 | { 1061 | SM9_SIGN_CTX sign_ctx; 1062 | size_t siglen; 1063 | zend_string *sign_key; 1064 | zend_string *msg; 1065 | zend_string *ret; 1066 | 1067 | ZEND_PARSE_PARAMETERS_START(2, 2) 1068 | Z_PARAM_STR(sign_key) 1069 | Z_PARAM_STR(msg) 1070 | ZEND_PARSE_PARAMETERS_END(); 1071 | 1072 | if (ZSTR_LEN(sign_key) != sizeof(SM9_SIGN_KEY)) { 1073 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_KEY", 0); 1074 | return; 1075 | } 1076 | 1077 | ret = zend_string_alloc(SM9_SIGNATURE_SIZE, 0); 1078 | 1079 | if (sm9_sign_init(&sign_ctx) != 1 1080 | || sm9_sign_update(&sign_ctx, (uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg)) != 1 1081 | || sm9_sign_finish(&sign_ctx, (SM9_SIGN_KEY *)ZSTR_VAL(sign_key), (uint8_t *)ZSTR_VAL(ret), &siglen) != 1) { 1082 | 1083 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 1084 | zend_string_efree(ret); 1085 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1086 | return; 1087 | } 1088 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 1089 | 1090 | ZSTR_LEN(ret) = siglen; 1091 | ZSTR_VAL(ret)[siglen] = 0; 1092 | 1093 | RETURN_NEW_STR(ret); 1094 | } 1095 | 1096 | PHP_FUNCTION(gmssl_sm9_verify) 1097 | { 1098 | SM9_SIGN_CTX sign_ctx; 1099 | zend_string *master_key; 1100 | zend_string *id; 1101 | zend_string *msg; 1102 | zend_string *sig; 1103 | int ret; 1104 | 1105 | ZEND_PARSE_PARAMETERS_START(4, 4) 1106 | Z_PARAM_STR(master_key) 1107 | Z_PARAM_STR(id) 1108 | Z_PARAM_STR(msg) 1109 | Z_PARAM_STR(sig) 1110 | ZEND_PARSE_PARAMETERS_END(); 1111 | 1112 | if (ZSTR_LEN(master_key) != sizeof(SM9_SIGN_MASTER_KEY)) { 1113 | zend_throw_exception(zend_ce_error, "invalid SM9_SIGN_MASTER_KEY", 0); 1114 | return; 1115 | } 1116 | 1117 | if (sm9_verify_init(&sign_ctx) != 1 1118 | || sm9_verify_update(&sign_ctx, (uint8_t *)ZSTR_VAL(msg), ZSTR_LEN(msg)) != 1 1119 | || (ret = sm9_verify_finish(&sign_ctx, (uint8_t *)ZSTR_VAL(sig), ZSTR_LEN(sig), 1120 | (SM9_SIGN_MASTER_KEY *)ZSTR_VAL(master_key), ZSTR_VAL(id), ZSTR_LEN(id))) < 0) { 1121 | 1122 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 1123 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1124 | RETURN_FALSE; 1125 | } 1126 | gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); 1127 | 1128 | if (ret == 1) { 1129 | RETURN_TRUE; 1130 | } else { 1131 | RETURN_FALSE; 1132 | } 1133 | } 1134 | 1135 | PHP_FUNCTION(gmssl_sm9_enc_master_key_generate) 1136 | { 1137 | zend_string *ret; 1138 | 1139 | ZEND_PARSE_PARAMETERS_NONE(); 1140 | 1141 | ret = zend_string_alloc(sizeof(SM9_ENC_MASTER_KEY), 0); 1142 | 1143 | if (sm9_enc_master_key_generate((SM9_ENC_MASTER_KEY *)ZSTR_VAL(ret)) != 1) { 1144 | zend_string_efree(ret); 1145 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1146 | return; 1147 | } 1148 | 1149 | ZSTR_VAL(ret)[sizeof(SM9_ENC_MASTER_KEY)] = 0; 1150 | 1151 | RETURN_NEW_STR(ret); 1152 | } 1153 | 1154 | PHP_FUNCTION(gmssl_sm9_enc_master_key_extract_key) 1155 | { 1156 | zend_string *master_key; 1157 | zend_string *id; 1158 | zend_string *ret; 1159 | 1160 | ZEND_PARSE_PARAMETERS_START(2, 2) 1161 | Z_PARAM_STR(master_key) 1162 | Z_PARAM_STR(id) 1163 | ZEND_PARSE_PARAMETERS_END(); 1164 | 1165 | if (ZSTR_LEN(master_key) != sizeof(SM9_ENC_MASTER_KEY)) { 1166 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_MASTER_KEY", 0); 1167 | return; 1168 | } 1169 | 1170 | ret = zend_string_alloc(sizeof(SM9_ENC_KEY), 0); 1171 | 1172 | if (sm9_enc_master_key_extract_key((SM9_ENC_MASTER_KEY *)ZSTR_VAL(master_key), 1173 | ZSTR_VAL(id), ZSTR_LEN(id), (SM9_ENC_KEY *)ZSTR_VAL(ret)) != 1) { 1174 | zend_string_efree(ret); 1175 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1176 | return; 1177 | } 1178 | 1179 | ZSTR_VAL(ret)[sizeof(SM9_ENC_KEY)] = 0; 1180 | 1181 | RETURN_NEW_STR(ret); 1182 | } 1183 | 1184 | PHP_FUNCTION(gmssl_sm9_enc_master_key_info_encrypt_to_pem) 1185 | { 1186 | zend_string *master_key; 1187 | zend_string *file; 1188 | zend_string *pass; 1189 | FILE *fp; 1190 | 1191 | ZEND_PARSE_PARAMETERS_START(3, 3) 1192 | Z_PARAM_STR(master_key) 1193 | Z_PARAM_STR(file) 1194 | Z_PARAM_STR(pass) 1195 | ZEND_PARSE_PARAMETERS_END(); 1196 | 1197 | if (ZSTR_LEN(master_key) != sizeof(SM9_ENC_MASTER_KEY)) { 1198 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_MASTER_KEY", 0); 1199 | return; 1200 | } 1201 | 1202 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 1203 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1204 | RETURN_FALSE; 1205 | } 1206 | 1207 | if (sm9_enc_master_key_info_encrypt_to_pem((SM9_ENC_MASTER_KEY *)ZSTR_VAL(master_key), ZSTR_VAL(pass), fp) != 1) { 1208 | fclose(fp); 1209 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1210 | RETURN_FALSE; 1211 | } 1212 | fclose(fp); 1213 | 1214 | RETURN_TRUE; 1215 | } 1216 | 1217 | PHP_FUNCTION(gmssl_sm9_enc_master_key_info_decrypt_from_pem) 1218 | { 1219 | zend_string *ret; 1220 | zend_string *file; 1221 | zend_string *pass; 1222 | FILE *fp; 1223 | 1224 | ZEND_PARSE_PARAMETERS_START(2, 2) 1225 | Z_PARAM_STR(file) 1226 | Z_PARAM_STR(pass) 1227 | ZEND_PARSE_PARAMETERS_END(); 1228 | 1229 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 1230 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1231 | return; 1232 | } 1233 | 1234 | ret = zend_string_alloc(sizeof(SM9_ENC_MASTER_KEY), 0); 1235 | 1236 | if (sm9_enc_master_key_info_decrypt_from_pem((SM9_ENC_MASTER_KEY *)ZSTR_VAL(ret), ZSTR_VAL(pass), fp) != 1) { 1237 | zend_string_efree(ret); 1238 | fclose(fp); 1239 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1240 | return; 1241 | } 1242 | fclose(fp); 1243 | 1244 | ZSTR_VAL(ret)[sizeof(SM9_ENC_MASTER_KEY)] = 0; 1245 | 1246 | RETURN_NEW_STR(ret); 1247 | } 1248 | 1249 | PHP_FUNCTION(gmssl_sm9_enc_master_public_key_to_pem) 1250 | { 1251 | zend_string *master_pubkey; 1252 | zend_string *file; 1253 | FILE *fp; 1254 | 1255 | ZEND_PARSE_PARAMETERS_START(2, 2) 1256 | Z_PARAM_STR(master_pubkey) 1257 | Z_PARAM_STR(file) 1258 | ZEND_PARSE_PARAMETERS_END(); 1259 | 1260 | if (ZSTR_LEN(master_pubkey) != sizeof(SM9_ENC_MASTER_KEY)) { 1261 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_MASTER_KEY", 0); 1262 | return; 1263 | } 1264 | 1265 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 1266 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1267 | RETURN_FALSE; 1268 | } 1269 | 1270 | if (sm9_enc_master_public_key_to_pem((SM9_ENC_MASTER_KEY *)ZSTR_VAL(master_pubkey), fp) != 1) { 1271 | fclose(fp); 1272 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1273 | RETURN_FALSE; 1274 | } 1275 | fclose(fp); 1276 | 1277 | RETURN_TRUE; 1278 | } 1279 | 1280 | PHP_FUNCTION(gmssl_sm9_enc_master_public_key_from_pem) 1281 | { 1282 | zend_string *ret; 1283 | zend_string *file; 1284 | FILE *fp; 1285 | 1286 | ZEND_PARSE_PARAMETERS_START(1, 1) 1287 | Z_PARAM_STR(file) 1288 | ZEND_PARSE_PARAMETERS_END(); 1289 | 1290 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 1291 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1292 | return; 1293 | } 1294 | 1295 | ret = zend_string_alloc(sizeof(SM9_ENC_MASTER_KEY), 0); 1296 | 1297 | if (sm9_enc_master_public_key_from_pem((SM9_ENC_MASTER_KEY *)ZSTR_VAL(ret), fp) != 1) { 1298 | zend_string_efree(ret); 1299 | fclose(fp); 1300 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1301 | return; 1302 | } 1303 | fclose(fp); 1304 | 1305 | ZSTR_VAL(ret)[sizeof(SM9_ENC_MASTER_KEY)] = 0; 1306 | 1307 | RETURN_NEW_STR(ret); 1308 | } 1309 | 1310 | PHP_FUNCTION(gmssl_sm9_enc_key_info_encrypt_to_pem) 1311 | { 1312 | zend_string *pri_key; 1313 | zend_string *file; 1314 | zend_string *pass; 1315 | FILE *fp; 1316 | 1317 | ZEND_PARSE_PARAMETERS_START(3, 3) 1318 | Z_PARAM_STR(pri_key) 1319 | Z_PARAM_STR(file) 1320 | Z_PARAM_STR(pass) 1321 | ZEND_PARSE_PARAMETERS_END(); 1322 | 1323 | if (ZSTR_LEN(pri_key) != sizeof(SM9_ENC_KEY)) { 1324 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_KEY", 0); 1325 | return; 1326 | } 1327 | 1328 | if (!(fp = fopen(ZSTR_VAL(file), "wb"))) { 1329 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1330 | RETURN_FALSE; 1331 | } 1332 | 1333 | if (sm9_enc_key_info_encrypt_to_pem((SM9_ENC_KEY *)ZSTR_VAL(pri_key), ZSTR_VAL(pass), fp) != 1) { 1334 | fclose(fp); 1335 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1336 | RETURN_FALSE; 1337 | } 1338 | fclose(fp); 1339 | 1340 | RETURN_TRUE; 1341 | } 1342 | 1343 | PHP_FUNCTION(gmssl_sm9_enc_key_info_decrypt_from_pem) 1344 | { 1345 | zend_string *ret; 1346 | zend_string *file; 1347 | zend_string *pass; 1348 | FILE *fp; 1349 | 1350 | ZEND_PARSE_PARAMETERS_START(2, 2) 1351 | Z_PARAM_STR(file) 1352 | Z_PARAM_STR(pass) 1353 | ZEND_PARSE_PARAMETERS_END(); 1354 | 1355 | if (!(fp = fopen(ZSTR_VAL(file), "rb"))) { 1356 | zend_throw_exception(zend_ce_exception, "open file error", 0); 1357 | return; 1358 | } 1359 | 1360 | ret = zend_string_alloc(sizeof(SM9_ENC_KEY), 0); 1361 | 1362 | if (sm9_enc_key_info_decrypt_from_pem((SM9_ENC_KEY *)ZSTR_VAL(ret), ZSTR_VAL(pass), fp) != 1) { 1363 | zend_string_efree(ret); 1364 | fclose(fp); 1365 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1366 | return; 1367 | } 1368 | fclose(fp); 1369 | 1370 | ZSTR_VAL(ret)[sizeof(SM9_ENC_KEY)] = 0; 1371 | 1372 | RETURN_NEW_STR(ret); 1373 | } 1374 | 1375 | PHP_FUNCTION(gmssl_sm9_encrypt) 1376 | { 1377 | zend_string *master_pubkey; 1378 | zend_string *id; 1379 | zend_string *in; 1380 | zend_string *out; 1381 | size_t outlen; 1382 | 1383 | ZEND_PARSE_PARAMETERS_START(3, 3) 1384 | Z_PARAM_STR(master_pubkey) 1385 | Z_PARAM_STR(id) 1386 | Z_PARAM_STR(in) 1387 | ZEND_PARSE_PARAMETERS_END(); 1388 | 1389 | if (ZSTR_LEN(master_pubkey) != sizeof(SM9_ENC_MASTER_KEY)) { 1390 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_MASTER_KEY", 0); 1391 | return; 1392 | } 1393 | 1394 | out = zend_string_alloc(SM9_MAX_CIPHERTEXT_SIZE, 0); 1395 | 1396 | if (sm9_encrypt((SM9_ENC_MASTER_KEY *)ZSTR_VAL(master_pubkey), ZSTR_VAL(id), ZSTR_LEN(id), 1397 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 1398 | zend_string_efree(out); 1399 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1400 | return; 1401 | } 1402 | 1403 | ZSTR_LEN(out) = outlen; 1404 | ZSTR_VAL(out)[outlen] = 0; 1405 | 1406 | RETURN_NEW_STR(out); 1407 | } 1408 | 1409 | PHP_FUNCTION(gmssl_sm9_decrypt) 1410 | { 1411 | zend_string *pri_key; 1412 | zend_string *id; 1413 | zend_string *in; 1414 | zend_string *out; 1415 | size_t outlen; 1416 | 1417 | ZEND_PARSE_PARAMETERS_START(3, 3) 1418 | Z_PARAM_STR(pri_key) 1419 | Z_PARAM_STR(id) 1420 | Z_PARAM_STR(in) 1421 | ZEND_PARSE_PARAMETERS_END(); 1422 | 1423 | if (ZSTR_LEN(pri_key) != sizeof(SM9_ENC_KEY)) { 1424 | zend_throw_exception(zend_ce_error, "invalid SM9_ENC_KEY", 0); 1425 | return; 1426 | } 1427 | 1428 | out = zend_string_alloc(SM9_MAX_PLAINTEXT_SIZE, 0); 1429 | 1430 | if (sm9_decrypt((SM9_ENC_KEY *)ZSTR_VAL(pri_key), ZSTR_VAL(id), ZSTR_LEN(id), 1431 | (uint8_t *)ZSTR_VAL(in), ZSTR_LEN(in), (uint8_t *)ZSTR_VAL(out), &outlen) != 1) { 1432 | zend_string_efree(out); 1433 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1434 | return; 1435 | } 1436 | 1437 | ZSTR_LEN(out) = outlen; 1438 | ZSTR_VAL(out)[outlen] = 0; 1439 | 1440 | RETURN_NEW_STR(out); 1441 | } 1442 | 1443 | PHP_FUNCTION(gmssl_cert_from_pem) 1444 | { 1445 | zend_string *ret; 1446 | zend_string *file; 1447 | uint8_t *cert = NULL; 1448 | size_t certlen; 1449 | 1450 | ZEND_PARSE_PARAMETERS_START(1, 1) 1451 | Z_PARAM_STR(file) 1452 | ZEND_PARSE_PARAMETERS_END(); 1453 | 1454 | if (x509_cert_new_from_file(&cert, &certlen, ZSTR_VAL(file)) != 1) { 1455 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1456 | return; 1457 | } 1458 | 1459 | ret = zend_string_alloc(certlen, 0); 1460 | 1461 | memcpy(ZSTR_VAL(ret), cert, certlen); 1462 | ZSTR_VAL(ret)[certlen] = 0; 1463 | 1464 | RETURN_NEW_STR(ret); 1465 | } 1466 | 1467 | PHP_FUNCTION(gmssl_cert_print) 1468 | { 1469 | zend_string *cert; 1470 | zend_string *label; 1471 | 1472 | ZEND_PARSE_PARAMETERS_START(2, 2) 1473 | Z_PARAM_STR(cert) 1474 | Z_PARAM_STR(label) 1475 | ZEND_PARSE_PARAMETERS_END(); 1476 | 1477 | x509_cert_print(stdout, 0, 0, ZSTR_VAL(label), (uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert)); 1478 | 1479 | RETURN_TRUE; 1480 | } 1481 | 1482 | PHP_FUNCTION(gmssl_cert_get_serial_number) 1483 | { 1484 | zend_string *ret; 1485 | zend_string *cert; 1486 | const uint8_t *serial; 1487 | size_t serial_len; 1488 | 1489 | ZEND_PARSE_PARAMETERS_START(1, 1) 1490 | Z_PARAM_STR(cert) 1491 | ZEND_PARSE_PARAMETERS_END(); 1492 | 1493 | if (x509_cert_get_issuer_and_serial_number((uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), NULL, 0, &serial, &serial_len) != 1) { 1494 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1495 | return; 1496 | } 1497 | 1498 | ret = zend_string_alloc(serial_len, 0); 1499 | 1500 | memcpy(ZSTR_VAL(ret), serial, serial_len); 1501 | ZSTR_VAL(ret)[serial_len] = 0; 1502 | 1503 | RETURN_NEW_STR(ret); 1504 | } 1505 | 1506 | static int gmssl_parse_attr_type_and_value(zval *arr, const uint8_t *d, size_t dlen) 1507 | { 1508 | int oid, tag; 1509 | const uint8_t *val; 1510 | size_t vlen; 1511 | 1512 | if (x509_name_type_from_der(&oid, &d, &dlen) != 1) { 1513 | error_print(); 1514 | return -1; 1515 | } 1516 | if (oid == OID_email_address) { 1517 | if (asn1_ia5_string_from_der((const char **)&val, &vlen, &d, &dlen) != 1) { 1518 | error_print(); 1519 | return -1; 1520 | } 1521 | } else { 1522 | if (x509_directory_name_from_der(&tag, &val, &vlen, &d, &dlen) != 1) { 1523 | error_print(); 1524 | return -1; 1525 | } 1526 | } 1527 | add_assoc_stringl(arr, x509_name_type_name(oid), (char *)val, vlen); 1528 | 1529 | if (asn1_length_is_zero(dlen) != 1) { 1530 | error_print(); 1531 | return -1; 1532 | } 1533 | 1534 | return 1; 1535 | } 1536 | 1537 | static int gmssl_parse_rdn(zval *arr, const uint8_t *d, size_t dlen) 1538 | { 1539 | const uint8_t *p; 1540 | size_t len; 1541 | 1542 | while (dlen) { 1543 | if (asn1_sequence_from_der(&p, &len, &d, &dlen) != 1) { 1544 | error_print(); 1545 | return -1; 1546 | } 1547 | if (gmssl_parse_attr_type_and_value(arr, p, len) != 1) { 1548 | error_print(); 1549 | return -1; 1550 | } 1551 | } 1552 | return 1; 1553 | } 1554 | 1555 | static int gmssl_parse_name(zval *arr, const uint8_t *d, size_t dlen) 1556 | { 1557 | const uint8_t *p; 1558 | size_t len; 1559 | 1560 | while (dlen) { 1561 | if (asn1_set_from_der(&p, &len, &d, &dlen) != 1) { 1562 | error_print(); 1563 | return -1; 1564 | } 1565 | if (gmssl_parse_rdn(arr, p, len) != 1) { 1566 | error_print(); 1567 | return -1; 1568 | } 1569 | } 1570 | return 1; 1571 | } 1572 | 1573 | PHP_FUNCTION(gmssl_cert_get_issuer) 1574 | { 1575 | zend_string *cert; 1576 | const uint8_t *issuer; 1577 | size_t issuer_len; 1578 | 1579 | ZEND_PARSE_PARAMETERS_START(1, 1) 1580 | Z_PARAM_STR(cert) 1581 | ZEND_PARSE_PARAMETERS_END(); 1582 | 1583 | if (x509_cert_get_issuer((uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), &issuer, &issuer_len) != 1) { 1584 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1585 | return; 1586 | } 1587 | 1588 | array_init(return_value); 1589 | add_assoc_stringl(return_value, "raw_data", (char *)issuer, issuer_len); 1590 | 1591 | if (gmssl_parse_name(return_value, issuer, issuer_len) != 1) { 1592 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1593 | return; 1594 | } 1595 | } 1596 | 1597 | PHP_FUNCTION(gmssl_cert_get_validity) 1598 | { 1599 | zend_string *cert; 1600 | time_t not_before; 1601 | time_t not_after; 1602 | 1603 | ZEND_PARSE_PARAMETERS_START(1, 1) 1604 | Z_PARAM_STR(cert) 1605 | ZEND_PARSE_PARAMETERS_END(); 1606 | 1607 | if (x509_cert_get_details((uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), 1608 | NULL, 1609 | NULL, NULL, 1610 | NULL, 1611 | NULL, NULL, 1612 | ¬_before, ¬_after, 1613 | NULL, NULL, 1614 | NULL, 1615 | NULL, NULL, 1616 | NULL, NULL, 1617 | NULL, NULL, 1618 | NULL, 1619 | NULL, NULL) != 1) { 1620 | } 1621 | 1622 | array_init(return_value); 1623 | add_assoc_long(return_value, "notBefore", not_before); 1624 | add_assoc_long(return_value, "notAfter", not_after); 1625 | } 1626 | 1627 | PHP_FUNCTION(gmssl_cert_get_subject) 1628 | { 1629 | zend_string *cert; 1630 | const uint8_t *subject; 1631 | size_t subject_len; 1632 | 1633 | ZEND_PARSE_PARAMETERS_START(1, 1) 1634 | Z_PARAM_STR(cert) 1635 | ZEND_PARSE_PARAMETERS_END(); 1636 | 1637 | if (x509_cert_get_subject((uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), &subject, &subject_len) != 1) { 1638 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1639 | return; 1640 | } 1641 | 1642 | array_init(return_value); 1643 | add_assoc_stringl(return_value, "raw_data", (char *)subject, subject_len); 1644 | 1645 | if (gmssl_parse_name(return_value, subject, subject_len) != 1) { 1646 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1647 | return; 1648 | } 1649 | } 1650 | 1651 | PHP_FUNCTION(gmssl_cert_get_subject_public_key) 1652 | { 1653 | zend_string *ret; 1654 | zend_string *cert; 1655 | 1656 | ZEND_PARSE_PARAMETERS_START(1, 1) 1657 | Z_PARAM_STR(cert) 1658 | ZEND_PARSE_PARAMETERS_END(); 1659 | 1660 | ret = zend_string_alloc(sizeof(SM2_KEY), 0); 1661 | 1662 | if (x509_cert_get_subject_public_key((uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), (SM2_KEY *)ZSTR_VAL(ret)) != 1) { 1663 | zend_string_efree(ret); 1664 | zend_throw_exception(zend_ce_exception, "libgmssl inner error", 0); 1665 | return; 1666 | } 1667 | 1668 | ZSTR_VAL(ret)[sizeof(SM2_KEY)] = 0; 1669 | 1670 | RETURN_NEW_STR(ret); 1671 | } 1672 | 1673 | PHP_FUNCTION(gmssl_cert_verify_by_ca_cert) 1674 | { 1675 | zend_string *cert; 1676 | zend_string *cacert; 1677 | zend_string *sm2_id; 1678 | 1679 | ZEND_PARSE_PARAMETERS_START(3, 3) 1680 | Z_PARAM_STR(cert) 1681 | Z_PARAM_STR(cacert) 1682 | Z_PARAM_STR(sm2_id) 1683 | ZEND_PARSE_PARAMETERS_END(); 1684 | 1685 | if (x509_cert_verify_by_ca_cert( 1686 | (uint8_t *)ZSTR_VAL(cert), ZSTR_LEN(cert), 1687 | (uint8_t *)ZSTR_VAL(cacert), ZSTR_LEN(cacert), 1688 | ZSTR_VAL(sm2_id), ZSTR_LEN(sm2_id)) != 1) { 1689 | zend_throw_exception(zend_ce_error, "cert verify failure", 0); 1690 | RETURN_FALSE; 1691 | } 1692 | 1693 | RETURN_TRUE; 1694 | } 1695 | 1696 | 1697 | PHP_RINIT_FUNCTION(gmssl) 1698 | { 1699 | #if defined(ZTS) && defined(COMPILE_DL_GMSSL) 1700 | ZEND_TSRMLS_CACHE_UPDATE(); 1701 | #endif 1702 | 1703 | return SUCCESS; 1704 | } 1705 | 1706 | PHP_MINFO_FUNCTION(gmssl) 1707 | { 1708 | php_info_print_table_start(); 1709 | php_info_print_table_header(2, "gmssl support", "enabled"); 1710 | php_info_print_table_row(2, "gmssl library version", gmssl_version_str()); 1711 | php_info_print_table_end(); 1712 | } 1713 | 1714 | 1715 | 1716 | ZEND_BEGIN_ARG_INFO(arginfo_none, 0) 1717 | ZEND_END_ARG_INFO() 1718 | 1719 | ZEND_BEGIN_ARG_INFO(arginfo_size, 0) 1720 | ZEND_ARG_INFO(0, size) 1721 | ZEND_END_ARG_INFO() 1722 | 1723 | ZEND_BEGIN_ARG_INFO(arginfo_in, 0) 1724 | ZEND_ARG_INFO(0,in) 1725 | ZEND_END_ARG_INFO() 1726 | 1727 | ZEND_BEGIN_ARG_INFO(arginfo_key_in, 0) 1728 | ZEND_ARG_INFO(0, key) 1729 | ZEND_ARG_INFO(0, in) 1730 | ZEND_END_ARG_INFO() 1731 | 1732 | ZEND_BEGIN_ARG_INFO(arginfo_pass_salt_iter_outlen, 0) 1733 | ZEND_ARG_INFO(0, pass) 1734 | ZEND_ARG_INFO(0, salt) 1735 | ZEND_ARG_INFO(0, iter) 1736 | ZEND_ARG_INFO(0, outlen) 1737 | ZEND_END_ARG_INFO() 1738 | 1739 | ZEND_BEGIN_ARG_INFO(arginfo_key_iv_in, 0) 1740 | ZEND_ARG_INFO(0, key) 1741 | ZEND_ARG_INFO(0, iv) 1742 | ZEND_ARG_INFO(0, in) 1743 | ZEND_END_ARG_INFO() 1744 | 1745 | ZEND_BEGIN_ARG_INFO(arginfo_key_iv_aad_taglen_in, 0) 1746 | ZEND_ARG_INFO(0, key) 1747 | ZEND_ARG_INFO(0, iv) 1748 | ZEND_ARG_INFO(0, aad) 1749 | ZEND_ARG_INFO(0, taglen) 1750 | ZEND_ARG_INFO(0, in) 1751 | ZEND_END_ARG_INFO() 1752 | 1753 | ZEND_BEGIN_ARG_INFO(arginfo_keypair_file_pass, 0) 1754 | ZEND_ARG_INFO(0, keypair) 1755 | ZEND_ARG_INFO(0, file) 1756 | ZEND_ARG_INFO(0, pass) 1757 | ZEND_END_ARG_INFO() 1758 | 1759 | ZEND_BEGIN_ARG_INFO(arginfo_file_pass, 0) 1760 | ZEND_ARG_INFO(0, file) 1761 | ZEND_ARG_INFO(0, pass) 1762 | ZEND_END_ARG_INFO() 1763 | 1764 | ZEND_BEGIN_ARG_INFO(arginfo_keypair_file, 0) 1765 | ZEND_ARG_INFO(0, keypair) 1766 | ZEND_ARG_INFO(0, file) 1767 | ZEND_END_ARG_INFO() 1768 | 1769 | ZEND_BEGIN_ARG_INFO(arginfo_file, 0) 1770 | ZEND_ARG_INFO(0, file) 1771 | ZEND_END_ARG_INFO() 1772 | 1773 | ZEND_BEGIN_ARG_INFO(arginfo_keypair_id_msg, 0) 1774 | ZEND_ARG_INFO(0, keypair) 1775 | ZEND_ARG_INFO(0, id) 1776 | ZEND_ARG_INFO(0, msg) 1777 | ZEND_END_ARG_INFO() 1778 | 1779 | ZEND_BEGIN_ARG_INFO(arginfo_pubkey_id_msg_sig, 0) 1780 | ZEND_ARG_INFO(0, pubkey) 1781 | ZEND_ARG_INFO(0, id) 1782 | ZEND_ARG_INFO(0, msg) 1783 | ZEND_ARG_INFO(0, sig) 1784 | ZEND_END_ARG_INFO() 1785 | 1786 | ZEND_BEGIN_ARG_INFO(arginfo_pubkey_in, 0) 1787 | ZEND_ARG_INFO(0, pubkey) 1788 | ZEND_ARG_INFO(0, in) 1789 | ZEND_END_ARG_INFO() 1790 | 1791 | ZEND_BEGIN_ARG_INFO(arginfo_keypair_in, 0) 1792 | ZEND_ARG_INFO(0, keypair) 1793 | ZEND_ARG_INFO(0, in) 1794 | ZEND_END_ARG_INFO() 1795 | 1796 | ZEND_BEGIN_ARG_INFO(arginfo_keypair_id, 0) 1797 | ZEND_ARG_INFO(0, keypair) 1798 | ZEND_ARG_INFO(0, id) 1799 | ZEND_END_ARG_INFO() 1800 | 1801 | ZEND_BEGIN_ARG_INFO(arginfo_cert, 0) 1802 | ZEND_ARG_INFO(0, cert) 1803 | ZEND_END_ARG_INFO() 1804 | 1805 | ZEND_BEGIN_ARG_INFO(arginfo_cert_label, 0) 1806 | ZEND_ARG_INFO(0, cert) 1807 | ZEND_ARG_INFO(0, label) 1808 | ZEND_END_ARG_INFO() 1809 | 1810 | ZEND_BEGIN_ARG_INFO(arginfo_cert_cacert_id, 0) 1811 | ZEND_ARG_INFO(0, cert) 1812 | ZEND_ARG_INFO(0, cacert) 1813 | ZEND_ARG_INFO(0, id) 1814 | ZEND_END_ARG_INFO() 1815 | 1816 | 1817 | static const zend_function_entry gmssl_functions[] = { 1818 | PHP_FE(gmssl_rand_bytes, arginfo_size) 1819 | PHP_FE(gmssl_sm3, arginfo_in) 1820 | PHP_FE(gmssl_sm3_hmac, arginfo_key_in) 1821 | PHP_FE(gmssl_sm3_pbkdf2, arginfo_pass_salt_iter_outlen) 1822 | PHP_FE(gmssl_sm4_encrypt, arginfo_key_in) 1823 | PHP_FE(gmssl_sm4_decrypt, arginfo_key_in) 1824 | PHP_FE(gmssl_sm4_cbc_encrypt, arginfo_key_iv_in) 1825 | PHP_FE(gmssl_sm4_cbc_decrypt, arginfo_key_iv_in) 1826 | PHP_FE(gmssl_sm4_ctr_encrypt, arginfo_key_iv_in) 1827 | PHP_FE(gmssl_sm4_gcm_encrypt, arginfo_key_iv_aad_taglen_in) 1828 | PHP_FE(gmssl_sm4_gcm_decrypt, arginfo_key_iv_aad_taglen_in) 1829 | PHP_FE(gmssl_zuc_encrypt, arginfo_key_iv_in) 1830 | PHP_FE(gmssl_sm2_key_generate, arginfo_none) 1831 | PHP_FE(gmssl_sm2_compute_z, arginfo_keypair_id) 1832 | PHP_FE(gmssl_sm2_private_key_info_encrypt_to_pem, arginfo_keypair_file_pass) 1833 | PHP_FE(gmssl_sm2_private_key_info_decrypt_from_pem, arginfo_file_pass) 1834 | PHP_FE(gmssl_sm2_public_key_info_to_pem, arginfo_keypair_file) 1835 | PHP_FE(gmssl_sm2_public_key_info_from_pem, arginfo_file) 1836 | PHP_FE(gmssl_sm2_sign, arginfo_keypair_id_msg) 1837 | PHP_FE(gmssl_sm2_verify, arginfo_pubkey_id_msg_sig) 1838 | PHP_FE(gmssl_sm2_encrypt, arginfo_pubkey_in) 1839 | PHP_FE(gmssl_sm2_decrypt, arginfo_keypair_in) 1840 | PHP_FE(gmssl_sm9_sign_master_key_generate, arginfo_none) 1841 | PHP_FE(gmssl_sm9_sign_master_key_extract_key, arginfo_keypair_id) 1842 | PHP_FE(gmssl_sm9_sign_master_key_info_encrypt_to_pem, arginfo_keypair_file_pass) 1843 | PHP_FE(gmssl_sm9_sign_master_key_info_decrypt_from_pem, arginfo_file_pass) 1844 | PHP_FE(gmssl_sm9_sign_master_public_key_to_pem, arginfo_keypair_file) 1845 | PHP_FE(gmssl_sm9_sign_master_public_key_from_pem, arginfo_file) 1846 | PHP_FE(gmssl_sm9_sign_key_info_encrypt_to_pem, arginfo_keypair_file_pass) 1847 | PHP_FE(gmssl_sm9_sign_key_info_decrypt_from_pem, arginfo_file_pass) 1848 | PHP_FE(gmssl_sm9_sign, arginfo_keypair_in) 1849 | PHP_FE(gmssl_sm9_verify, arginfo_pubkey_id_msg_sig) 1850 | PHP_FE(gmssl_sm9_enc_master_key_generate, arginfo_none) 1851 | PHP_FE(gmssl_sm9_enc_master_key_extract_key, arginfo_keypair_id) 1852 | PHP_FE(gmssl_sm9_enc_master_key_info_encrypt_to_pem, arginfo_keypair_file_pass) 1853 | PHP_FE(gmssl_sm9_enc_master_key_info_decrypt_from_pem, arginfo_file_pass) 1854 | PHP_FE(gmssl_sm9_enc_master_public_key_to_pem, arginfo_keypair_file) 1855 | PHP_FE(gmssl_sm9_enc_master_public_key_from_pem, arginfo_file) 1856 | PHP_FE(gmssl_sm9_enc_key_info_encrypt_to_pem, arginfo_keypair_file_pass) 1857 | PHP_FE(gmssl_sm9_enc_key_info_decrypt_from_pem, arginfo_file_pass) 1858 | PHP_FE(gmssl_sm9_encrypt, arginfo_keypair_id_msg) 1859 | PHP_FE(gmssl_sm9_decrypt, arginfo_keypair_id_msg) 1860 | PHP_FE(gmssl_cert_from_pem, arginfo_file) 1861 | PHP_FE(gmssl_cert_print, arginfo_cert_label) 1862 | PHP_FE(gmssl_cert_get_serial_number, arginfo_cert) 1863 | PHP_FE(gmssl_cert_get_issuer, arginfo_cert) 1864 | PHP_FE(gmssl_cert_get_validity, arginfo_cert) 1865 | PHP_FE(gmssl_cert_get_subject, arginfo_cert) 1866 | PHP_FE(gmssl_cert_get_subject_public_key, arginfo_cert) 1867 | PHP_FE(gmssl_cert_verify_by_ca_cert, arginfo_cert_cacert_id) 1868 | PHP_FE_END 1869 | }; 1870 | 1871 | zend_module_entry gmssl_module_entry = { 1872 | STANDARD_MODULE_HEADER, 1873 | "gmssl", /* Extension name */ 1874 | gmssl_functions, /* zend_function_entry */ 1875 | PHP_MINIT(gmssl), /* PHP_MINIT - Module initialization */ 1876 | NULL, /* PHP_MSHUTDOWN - Module shutdown */ 1877 | PHP_RINIT(gmssl), /* PHP_RINIT - Request initialization */ 1878 | NULL, /* PHP_RSHUTDOWN - Request shutdown */ 1879 | PHP_MINFO(gmssl), /* PHP_MINFO - Module info */ 1880 | PHP_GMSSL_VERSION, /* Version */ 1881 | STANDARD_MODULE_PROPERTIES 1882 | }; 1883 | 1884 | 1885 | 1886 | #ifdef COMPILE_DL_GMSSL 1887 | # ifdef ZTS 1888 | ZEND_TSRMLS_CACHE_DEFINE() 1889 | # endif 1890 | ZEND_GET_MODULE(gmssl) 1891 | #endif 1892 | --------------------------------------------------------------------------------