Index: yc_crypt.lib
===================================================================
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Index: yc_sm2.h
===================================================================
--- /YC3121_SDK/fw/crypt/yc_sm2.h	(revision 635)
+++ /YC3121_SDK/fw/crypt/yc_sm2.h	(working copy)
@@ -9,7 +9,8 @@
 #include "yc_trng.h"
 
 #define SM2_FLOW_CONTROL
-
+//#define SM2_DEBUG
+#define BCTC
 
 #define SM2_KEY_BITS 		257
 #define SM2_KEY_BYTES		((SM2_KEY_BITS + 7) / 8)
@@ -69,7 +70,7 @@
   * @retval RET_ECC_KEY_GEN_SUCCESS or RET_SM2_KEY_GEN_ERROR
   */
 uint32_t SM2_Genkey(SM2_PrivateKeyTypeDef *key, const SM2_EllipseParaTypeDef *para, 
-                    rng_callback f_rng, void *p_rng);
+                    rng_callback f_rng, void *p_rng, uint8_t config);
 
 //uint32_t SM2_Kdf(uint8_t *K, uint32_t klen, const uint8_t *Z, uint32_t zlen);
 /**
@@ -112,7 +113,7 @@
 uint32_t SM2_Enc(uint8_t *output, uint32_t *olen,
                  uint8_t *input, uint32_t ilen,
                  SM2_PublicKeyTypeDef *key,  SM2_EllipseParaTypeDef *para,
-                 rng_callback f_rng, void *p_rng);
+                 rng_callback f_rng, void *p_rng,uint8_t config);
 
 /**
   * @method	SM2_Dec
@@ -130,7 +131,7 @@
 uint32_t SM2_Dec(uint8_t *output, uint32_t *olen,
                  uint8_t *input, uint32_t ilen,
                  SM2_PrivateKeyTypeDef *key,  SM2_EllipseParaTypeDef *para,
-                 rng_callback f_rng, void *p_rng);
+                 rng_callback f_rng, void *p_rng,uint8_t config);
 
 //uint32_t SM2_digital_sign(SM2_SignTypeDef *sign, uint8_t Za[32],
 //							uint8_t *msg, uint32_t mlen,
Index: yc_sm2.c
===================================================================
--- /YC3121_SDK/fw/crypt/yc_sm2.c	(revision 635)
+++ /YC3121_SDK/fw/crypt/yc_sm2.c	(working copy)
@@ -2,68 +2,73 @@
 #include "../sdk/yc_rand.h"
 #include "yc_calc.h"
 
-
-//�������ƣ�KDF
-//�������ܣ�����SM2�ӽ����㷨�е���Կ��������kdf
-//���������cdata      -���ڼ�������ݴ���������ֵ��
-//        zlen    -���ݳ���
-//        klen     -��Ҫ�����õ��ij���
-//���������retdata    -����󷵻ص����ݣ�������ֵ��,����ռ�����Ϊ��Ҫkeylen
-//����ֵ�� RET_SM2_KDF_SUCCESS��ʾ�ɹ���RET_SM2_KDF_FAILURE ��ʾʧ��
+//#define SM2_DEBUG
+//函数名称：my_KDF
+//函数功能：实现国密SM2加解密算法中的密钥派生函数kdf
+//输入参数： Z      -用于计算的数据串（二进制值）
+//          zlen   -内容长度
+//          klen   -需要派生得到的长度
+//输出参数： K      -计算后返回的内容（二进制值）,分配空间至少为需要keylen
+//返回值：RET_SM2_KDF_SUCCESS表示成功，RET_SM2_KDF_FAILURE表示失败
 uint32_t SM2_KDF(uint8_t *K, uint32_t klen,  uint8_t *Z, uint32_t zlen)
-//uint32_t SM2_Kdf(  uint8_t * K,uint32_t klen,uint8_t * Z, uint32_t zlen)
 {
-    int nRet = -1;
-    
-    uint8_t pRet_t[SM2_KEY_BYTES<<1]={0},pData_t[30]={0};
-    uint8_t *pRet = pRet_t;
-    uint8_t *pData = pData_t ;
-    
-//    memset(pRet,  0, klen);
-//    memset(pData, 0, zlen+4);
-
-    uint8_t cdgst[32]={0}; //ժҪ
-    uint8_t cCnt[4] = {0}; //���������ڴ��ʾֵ
-    int nCnt  = 1;  //������
-    int nDgst = 32; //ժҪ����
-
-    int nTimes = (klen+31)/32; //��Ҫ����Ĵ���
-    int i=0;
-    memcpy(pData, Z, zlen);
-    for(i=0; i<nTimes; i++)
+    uint8_t cdgst[32]={0}; //摘要
+    uint8_t cCnt[4] = {0}; //计数器的内存表示值
+    int nCnt  = 1;  //计数器
+    int nDgst = 32;//摘要长度
+
+    int nTimes = (klen+31)/32; //需要计算的次数
+    int i = 0;
+	int j = 0;
+
+    for(i=0; i<nTimes; i++,nCnt ++)
     {
-        //cCnt
         {
             cCnt[0] =  (nCnt>>24) & 0xFF;
             cCnt[1] =  (nCnt>>16) & 0xFF;
             cCnt[2] =  (nCnt>> 8) & 0xFF;
             cCnt[3] =  (nCnt    ) & 0xFF;
         }
-        memcpy(pData+zlen, cCnt, 4);
-        if(SM3(cdgst, pData, zlen+4) != RET_SM3_SUCCESS)
-   	    return RET_SM2_KDF_FAILURE;
+		for(j = 0; j < zlen; j++)
+		{
+			SM3_BYTE(NULL, Z[j],j,0);
+		}
+		for(j = 0; j < 3; j++)
+		{
+			SM3_BYTE(NULL, cCnt[j],zlen+j,0);
+		}
+		SM3_BYTE(cdgst, cCnt[3],zlen+3,1);
 
-        if(i == nTimes-1) //���һ�μ��㣬����keylen/32�Ƿ���������ȡժҪ��ֵ
+		if(K == NULL)
+		{
+			return RET_SM2_KDF_FAILURE;
+		}
+        if(i == nTimes-1)//最后一次计算，根据keylen/32是否整除，截取摘要的值
         {
             if(klen%32 != 0)
             {
                 nDgst = klen%32;
             }
         }
-        memcpy(pRet+32*i, cdgst, nDgst);
-
-        i++;  //
-        nCnt ++;  //
+		memcpy(K+32*i,cdgst,nDgst);
     }
 
-    if(K != NULL)
-    {
-        memcpy(K, pRet, klen);
-    }
+	j = 0;
+	for(i = 0; i < klen; i++)
+	{
+		if(0 == K[i])
+		{
+			j++;
+		}
+	}
+
+	if(j == klen)
+	{
+		return RET_SM2_KDF_FAILURE;
+	}
     return RET_SM2_KDF_SUCCESS;
 }
 
-
 static uint32_t init_para(ecc_para *para_t,uint32_t *p_c,uint32_t *n_c,uint32_t *n1_c,SM2_EllipseParaTypeDef *para,uint32_t config,uint32_t a_type)
 {
 	uint32_t i,ret;
@@ -251,9 +256,9 @@
 	}
 	for(i = 0;i < IDalen/8; i++)
 	{
-		SM3_BYTE(NULL, IDa[IDalen/8 - 1 - i],index++,0);
+		SM3_BYTE(NULL, IDa[i],index++,0);
 		#ifdef SM2_DEBUG
-			MyPrintf("%02x ",IDa[IDalen/8 - 1 - i]);
+			MyPrintf("%02x ",IDa[i]);
 		#endif
 	}
 	#ifdef SM2_DEBUG
@@ -1026,68 +1031,84 @@
 }
 
 
-
 uint32_t SM2_Enc(uint8_t *output, uint32_t *olen,
 					 uint8_t *input, uint32_t ilen,
 					 SM2_PublicKeyTypeDef *key,  SM2_EllipseParaTypeDef *para,
-					rng_callback f_rng, void *p_rng)
+					rng_callback f_rng, void *p_rng,uint8_t config)
 {
 	uint32_t i,ret;
-	uint32_t k[8]={0x49DD7B4F,0x18E5388D,0x5546D490,0x8AFA1742,0x3D957514,0x5B92FD6C,0x6ECFC2B9,0x4C62EEFD};
+
+	uint32_t k[9]={0x49DD7B4F,0x18E5388D,0x5546D490,0x8AFA1742,0x3D957514,0x5B92FD6C,0x6ECFC2B9,0x4C62EEFD};
+
 	uint32_t a_x[8]={0},a_y[8]={0};
-	ecc_security security_t;
 	ecc_point_a a_temp;
+	uint32_t key_bytes_len = 0;
+
+	ecc_security security_t;
 	SM2_PointTypeDef c1,pb;
 	ecc_point_a c1_p,pb_p,key_p;
 	ecc_para para_t;
 	uint32_t c2[5]={0};
 	uint8_t data_temp[84]={0};
-	uint32_t p_c[8]={0},n_c[8]={0};
-	
+	uint32_t p_c[9]={0},n_c[9]={0},n1_c[9]={0};
 	uint32_t rand[4]={0};
-	
-	security_t.mask=INT_MASK_CLOSE;
-	security_t.verify=EC_PARA_VERIFY_CLOSE;
-	para_t.p = para->p;
-	para_t.a = para->a;
-	para_t.b = para->b;
-	para_t.g.x = para->g.x;
-	para_t.g.y = para->g.y;
-	para_t.n = para->n;
-	
-	para_t.p_c = p_c;
-	para_t.n_c = n_c;
-	
-	para_t.len_bits = SM2_KEY_BITS;
-	para_t.len_words = SM2_KEY_WORDS;
-	para_t.a_type = !ECC_A_IS_NEGATIVE_3;
-	para_t.field = ECC_PRIME;
-
-	ecc_config(&para_t,ECC_P256);
-//	calc_const_c(para_def->p_c, para_def->p,para_def->len_words);
-//	calc_const_q(&para_def->p_q, para_def->p);
-	calc_const_c(para_t.n_c, para_t.n,para_t.len_words);
-	calc_const_q(&para_t.n_q, para_t.n);
+
+	// security_t.mask=INT_MASK_CLOSE;
+	// security_t.verify=EC_PARA_VERIFY_CLOSE;
+	security_t.mask=INT_MASK_OPEN;
+	security_t.verify=EC_PARA_VERIFY_OPEN;
+	// para_t.p = para->p;
+	// para_t.a = para->a;
+	// para_t.b = para->b;
+	// para_t.g.x = para->g.x;
+	// para_t.g.y = para->g.y;
+	// para_t.n = para->n;
+
+	// para_t.p_c = p_c;
+	// para_t.n_c = n_c;
+
+	// para_t.len_bits = SM2_KEY_BITS;
+	// para_t.len_words = SM2_KEY_WORDS;
+	// para_t.a_type = !ECC_A_IS_NEGATIVE_3;
+	// para_t.field = ECC_PRIME;
+
+	// ecc_config(&para_t,ECC_B257);
+	// calc_const_c(para_t.n_c, para_t.n,para_t.len_words);
+	// calc_const_q(&para_t.n_q, para_t.n);
+
+	init_para(&para_t, p_c, n_c, n1_c, para, ECC_P256,  !ECC_A_IS_NEGATIVE_3);
+
+#ifdef BCTC
+		for (i=0;i<9;i++)
+		{
+			k[i] = sm2_rand_val[i];
+		}
+#else
+		for (i=0;i<8;i++)
+		{
+			k[i] = GetTRNGData();
+		}
+#endif
 
 #ifdef SM2_DEBUG
 	MyPrintf("para_t:\n");
 	MyPrintf("para_t.p:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.p[i]);	MyPrintf("\n");
 	MyPrintf("para_def.a:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.a[i]);	MyPrintf("\n");
 	MyPrintf("para_def.b:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.b[i]);	MyPrintf("\n");
 	MyPrintf("para_def.g.x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.g.x[i]);	MyPrintf("\n");
 	MyPrintf("para_def.g.y:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.g.y[i]);	MyPrintf("\n");
 	MyPrintf("para_def.n:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.n[i]);	MyPrintf("\n");
 
 	MyPrintf("para_def.p_c:\n");
@@ -1095,13 +1116,16 @@
 		MyPrintf("%08x ",para_t.p_c[i]);	MyPrintf("\n");
 	MyPrintf("para_def.p_q:\n");
 	for(i=0;i<1;i++)
-		MyPrintf("%08x ",para_t.p_q);	MyPrintf("\n");		
+		MyPrintf("%08x ",para_t.p_q);	MyPrintf("\n");
 	MyPrintf("para_def.n_c:\n");
 	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.n_c[i]);	MyPrintf("\n");
 	MyPrintf("para_def.n_q:\n");
 	for(i=0;i<1;i++)
 		MyPrintf("%08x ",para_t.n_q);	MyPrintf("\n");
+	MyPrintf("K:\n");
+	for(i=0;i<9;i++)
+		MyPrintf("%08x ",k[i]);	MyPrintf("\n");
 #endif
 
 	c1_p.x= c1.x;
@@ -1114,10 +1138,10 @@
  	MyPrintf("\n ecc_pmul_calc:%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);	
 	MyPrintf("c1:\n");
 	MyPrintf("x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",c1.x[i]);	MyPrintf("\n");
 	MyPrintf("y:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",c1.y[i]);	MyPrintf("\n");
 #endif
 	pb_p.x = pb.x;
@@ -1127,126 +1151,169 @@
 	ret = ecc_pmul(&pb_p,&key_p, k,&para_t,&security_t,NULL,0);
 	if(ret != RET_ECC_POINT_SUCCESS)
 		return RET_SM2_ENC_FAILURE;
-
+#ifdef SM2_DEBUG
+ 	MyPrintf("\n ecc_pmul_calc:%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);
+	MyPrintf("x2:\n");
 	for(i=0;i<para_t.len_words;i++)
-	{
-		data_temp[i<<2] = pb.x[para_t.len_words-i-1]>>24;
-		data_temp[(i<<2)+1] = pb.x[para_t.len_words-i-1]>>16;
-		data_temp[(i<<2)+2] = pb.x[para_t.len_words-i-1]>>8;
-		data_temp[(i<<2)+3] = pb.x[para_t.len_words-i-1];
-		data_temp[(i+para_t.len_words<<2)] = pb.y[para_t.len_words-i-1]>>24;
-		data_temp[(i+para_t.len_words<<2)+1] = pb.y[para_t.len_words-i-1]>>16;
-		data_temp[(i+para_t.len_words<<2)+2] = pb.y[para_t.len_words-i-1]>>8;
-		data_temp[(i+para_t.len_words<<2)+3] = pb.y[para_t.len_words-i-1];
-	}
-	ret = SM2_KDF( (uint8_t *)c2 ,32,data_temp, 64);
+		MyPrintf("%08x ",pb.x[i]);	MyPrintf("\n");
+	MyPrintf("y2:\n");
+	for(i=0;i<para_t.len_words;i++)
+		MyPrintf("%08x ",pb.y[i]);	MyPrintf("\n");
+#endif
+	key_bytes_len = (para_t.len_bits + 7)/8;
+	mem_rollcpy_r_char(data_temp,                (uint8_t *)pb.x,key_bytes_len,GetTRNGData());
+	mem_rollcpy_r_char(data_temp + key_bytes_len,(uint8_t *)pb.y,key_bytes_len,GetTRNGData());
+
+    ret = SM2_KDF(&output[key_bytes_len*2+1],ilen,data_temp,key_bytes_len*2);
 #ifdef SM2_DEBUG
- 	MyPrintf("\n ecc_pmul_calc:%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);	
+ 	MyPrintf("\n SM2 KDF :%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);
 	MyPrintf("t:\n");
-	for(i=0;i<5;i++)
-		MyPrintf("%08x ",c2[i]);	MyPrintf("\n");
+	for(i=0;i<ilen;i++)
+		MyPrintf("%02x ",output[i + key_bytes_len*2+1]);	MyPrintf("\n");
+#endif
+
+	for(i=0;i<ilen;i++)
+		output[i+key_bytes_len*2+1] = input[i] ^ (output[i+key_bytes_len*2+1]) ;//c2 len
+
+#ifdef SM2_DEBUG
 	MyPrintf("input:\n");
-	for(i=0;i<19;i++)
+	for(i=0;i<ilen;i++)
 		MyPrintf("%02x ",input[i]);	MyPrintf("\n");
+	MyPrintf("c2:\n");
+	for(i=0;i<ilen;i++)
+		MyPrintf("%02x ",output[i+key_bytes_len*2+1]);	MyPrintf("\n");
 #endif
-	for(i=0;i<19;i++)
-		output[i+64+1] = input[i] ^ ((uint8_t *)c2)[i] ;//c2 len 19byte
+	//x2
 #ifdef SM2_DEBUG
-	MyPrintf("c2:\n");
-	for(i=0;i<19;i++)
-		MyPrintf("%02x ",  ((uint8_t *)c2)[i]);	MyPrintf("\n");
-#endif		
-	for(i=0;i<para_t.len_words;i++)
-	{
-		data_temp[i<<2] = pb.x[para_t.len_words-i-1]>>24;
-		data_temp[(i<<2)+1] = pb.x[para_t.len_words-i-1]>>16;
-		data_temp[(i<<2)+2] = pb.x[para_t.len_words-i-1]>>8;
-		data_temp[(i<<2)+3] = pb.x[para_t.len_words-i-1];
-		data_temp[19+(i+para_t.len_words<<2)] = pb.y[para_t.len_words-i-1]>>24;
-		data_temp[19+(i+para_t.len_words<<2)+1] = pb.y[para_t.len_words-i-1]>>16;
-		data_temp[19+(i+para_t.len_words<<2)+2] = pb.y[para_t.len_words-i-1]>>8;
-		data_temp[19+(i+para_t.len_words<<2)+3] = pb.y[para_t.len_words-i-1];
+	MyPrintf("pb.x:\n");
+#endif
+	for(i = 0;i<key_bytes_len;i++)
+	{
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",*((uint8_t *)(pb.x)+key_bytes_len-i-1));
+		#endif
+		SM3_BYTE(NULL,*((uint8_t *)(pb.x)+key_bytes_len-i-1),i,0);
 	}
-	memcpy(data_temp+(para_t.len_words<<2),input,19);	
-#ifdef SM2_DEBUG	
-	MyPrintf("data_temp:\n");
-	for(i=0;i<84;i++)
-		MyPrintf("%02x ",((uint8_t *)data_temp)[i]);	MyPrintf("\n");	
-#endif	
-	SM3(output+64+1+19,data_temp,83);  //c3 len 32byte
+	//Message
 #ifdef SM2_DEBUG
-	MyPrintf("c3:\n");
+	MyPrintf("\n message:\n");
+#endif
+	for(i = 0;i < ilen;i++)
+	{
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",input[i]);
+		#endif
+		SM3_BYTE(NULL,input[i],key_bytes_len + i,0);
+	}
+
+	//Y2
+#ifdef SM2_DEBUG
+	MyPrintf("\n pb.y:\n");
+#endif
+	for(i = 0; i < key_bytes_len; i++)
+	{
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",*((uint8_t *)(pb.y)+key_bytes_len-i-1));
+		#endif
+		if(i == key_bytes_len - 1)
+		{
+			SM3_BYTE(output+key_bytes_len*2+1+ilen,*((uint8_t *)(pb.y)+key_bytes_len-i-1),key_bytes_len + ilen + i,1);
+		}
+		else
+		{
+			SM3_BYTE(NULL,*((uint8_t *)(pb.y)+key_bytes_len-i-1),key_bytes_len + ilen + i,0);
+		}
+	}
+#ifdef SM2_DEBUG
+	MyPrintf("\n c3:\n");
 	for(i=0;i<32;i++)
-		MyPrintf("%02x ",output[i+64+19]);	MyPrintf("\n");	
+		MyPrintf("%02x ",output[i+key_bytes_len*2+1+ilen]);	MyPrintf("\n");
 #endif
+
 	output[0] = 0x04;		//c1 len65
-	memcpy(output+1,c1.x,SM2_KEY_BYTES); 
-	memcpy(output+33,c1.y,SM2_KEY_BYTES);
-	*olen = 32 +(SM2_KEY_BYTES<<1) + 19  +1;
-	
+	mem_rollcpy_r_char(output+1,              c1.x,key_bytes_len, GetTRNGData());
+	mem_rollcpy_r_char(output+1+key_bytes_len,c1.y,key_bytes_len, GetTRNGData());
+	*olen = 1 + key_bytes_len * 2 + ilen + 32;
 	return RET_SM2_ENC_SUCCESS;
 
+CALC_SM2_ENC_FAILURE:
+	memset(output,0,1 + key_bytes_len * 2 + ilen + 32);
+	return RET_SM2_ENC_FAILURE;
 }
 
 
 uint32_t SM2_Dec(uint8_t *output, uint32_t *olen,
 					 uint8_t *input, uint32_t ilen,
 					 SM2_PrivateKeyTypeDef *key,  SM2_EllipseParaTypeDef *para,
-					rng_callback f_rng, void *p_rng)
+					rng_callback f_rng, void *p_rng,uint8_t config)
 {
 	uint32_t i,ret;
-	uint32_t k[8]={0};
+	uint32_t k[9]={0};
 	uint8_t data_temp[84]={0};
 	uint32_t c2[5]={0} ,u[8]={0},c3[8]={0};
-	
+	uint32_t key_bytes_len = 0;
 	ecc_para para_t;
 	SM2_PointTypeDef c1,pb;
-	ecc_point_a c1_p,pb_p;	
-		
-	uint32_t p_c[8]={0},n_c[8]={0};
-	ecc_security security_t;	
+	ecc_point_a c1_p,pb_p;
+
+	uint32_t p_c[9]={0},n_c[9]={0},n1_c[9]={0};
+	ecc_security security_t;
 	security_t.mask=INT_MASK_CLOSE;
 	security_t.verify=EC_PARA_VERIFY_CLOSE;
 
-	para_t.p = para->p;
-	para_t.a = para->a;
-	para_t.b = para->b;
-	para_t.g.x = para->g.x;
-	para_t.g.y = para->g.y;
-	para_t.n = para->n;
-	
-	para_t.p_c = p_c;
-	para_t.n_c = n_c;
-	
-	para_t.len_bits = SM2_KEY_BITS;
-	para_t.len_words = SM2_KEY_WORDS;
-	para_t.a_type = !ECC_A_IS_NEGATIVE_3;
-	para_t.field = ECC_PRIME;
-
-	ecc_config(&para_t,ECC_P256);
-//	calc_const_c(para_def->p_c, para_def->p,para_def->len_words);
-//	calc_const_q(&para_def->p_q, para_def->p);
-	calc_const_c(para_t.n_c, para_t.n,para_t.len_words);
-	calc_const_q(&para_t.n_q, para_t.n);
-#ifdef SM2_DEBUG	
+	// para_t.p = para->p;
+	// para_t.a = para->a;
+	// para_t.b = para->b;
+	// para_t.g.x = para->g.x;
+	// para_t.g.y = para->g.y;
+	// para_t.n = para->n;
+
+	// para_t.p_c = p_c;
+	// para_t.n_c = n_c;
+
+	// para_t.len_bits = SM2_KEY_BITS;
+	// para_t.len_words = SM2_KEY_WORDS;
+	// para_t.a_type = !ECC_A_IS_NEGATIVE_3;
+	// para_t.field = ECC_PRIME;
+
+	// ecc_config(&para_t,ECC_B257);
+	// calc_const_c(para_t.n_c, para_t.n,para_t.len_words);
+	// calc_const_q(&para_t.n_q, para_t.n);
+
+	init_para(&para_t, p_c, n_c, n1_c, para, ECC_P256,  !ECC_A_IS_NEGATIVE_3);
+
+	key_bytes_len = (para_t.len_bits + 7)/8;
+	ilen = ilen - 1 - key_bytes_len * 2 - 32;
+#ifdef BCTC
+		for (i=0;i<9;i++)
+		{
+			k[i] = sm2_rand_val[i];
+		}
+#else
+		for (i=0;i<8;i++)
+		{
+			k[i] = GetTRNGData();
+		}
+#endif
+#ifdef SM2_DEBUG
 	MyPrintf("para_t:\n");
 	MyPrintf("para_t.p:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.p[i]);	MyPrintf("\n");
 	MyPrintf("para_def.a:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.a[i]);	MyPrintf("\n");
 	MyPrintf("para_def.b:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.b[i]);	MyPrintf("\n");
 	MyPrintf("para_def.g.x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.g.x[i]);	MyPrintf("\n");
 	MyPrintf("para_def.g.y:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.g.y[i]);	MyPrintf("\n");
 	MyPrintf("para_def.n:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.n[i]);	MyPrintf("\n");
 
 	MyPrintf("para_def.p_c:\n");
@@ -1254,7 +1321,7 @@
 		MyPrintf("%08x ",para_t.p_c[i]);	MyPrintf("\n");
 	MyPrintf("para_def.p_q:\n");
 	for(i=0;i<1;i++)
-		MyPrintf("%08x ",para_t.p_q);	MyPrintf("\n");		
+		MyPrintf("%08x ",para_t.p_q);	MyPrintf("\n");
 	MyPrintf("para_def.n_c:\n");
 	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",para_t.n_c[i]);	MyPrintf("\n");
@@ -1264,23 +1331,26 @@
 #endif
 	pb_p.x= pb.x;
 	pb_p.y= pb.y;
-	
+
 	c1_p.x= c1.x;
 	c1_p.y= c1.y;
-	memcpy((uint8_t *)(c1_p.x),input+1,SM2_KEY_BYTES);
-	memcpy((uint8_t *)(c1_p.y),input+33,SM2_KEY_BYTES);
-	
+
+	mem_set((c1_p.x),0x00000000,9);
+	mem_set((c1_p.y),0x00000000,9);
+	mem_rollcpy_r_char((uint8_t *)(c1_p.x),input + 1,                key_bytes_len, GetTRNGData());
+	mem_rollcpy_r_char((uint8_t *)(c1_p.y),input + 1 + key_bytes_len,key_bytes_len, GetTRNGData());
+
 #ifdef SM2_DEBUG
 	MyPrintf("c1:\n");
 	MyPrintf("x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",c1.x[i]);	MyPrintf("\n");
 	MyPrintf("y:\n");
-	for(i=0;i<8;i++)
-		MyPrintf("%08x ",c1.y[i]);	MyPrintf("\n");		
+	for(i=0;i<para_t.len_words;i++)
+		MyPrintf("%08x ",c1.y[i]);	MyPrintf("\n");
 	MyPrintf("db:\n");
 	MyPrintf("x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",key->d[i]);	MyPrintf("\n");
 #endif
 
@@ -1291,67 +1361,169 @@
 	MyPrintf("\n ecc_pmul_calc:%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);	
 	MyPrintf("pb:\n");
 	MyPrintf("x:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",pb.x[i]);	MyPrintf("\n");
 	MyPrintf("y:\n");
-	for(i=0;i<8;i++)
+	for(i=0;i<para_t.len_words;i++)
 		MyPrintf("%08x ",pb.y[i]);	MyPrintf("\n");
 #endif
-	for(i=0;i<para_t.len_words;i++)
-	{
-		data_temp[i<<2] = pb.x[para_t.len_words-i-1]>>24;
-		data_temp[(i<<2)+1] = pb.x[para_t.len_words-i-1]>>16;
-		data_temp[(i<<2)+2] = pb.x[para_t.len_words-i-1]>>8;
-		data_temp[(i<<2)+3] = pb.x[para_t.len_words-i-1];
-		data_temp[(i+para_t.len_words<<2)] = pb.y[para_t.len_words-i-1]>>24;
-		data_temp[(i+para_t.len_words<<2)+1] = pb.y[para_t.len_words-i-1]>>16;
-		data_temp[(i+para_t.len_words<<2)+2] = pb.y[para_t.len_words-i-1]>>8;
-		data_temp[(i+para_t.len_words<<2)+3] = pb.y[para_t.len_words-i-1];
-	}
-	
-	ret = SM2_KDF( (uint8_t *)c2 ,32,data_temp, 64);
-#ifdef SM2_DEBUG	
+	mem_rollcpy_r_char(data_temp,                (uint8_t *)pb.x,key_bytes_len,GetTRNGData());
+	mem_rollcpy_r_char(data_temp + key_bytes_len,(uint8_t *)pb.y,key_bytes_len,GetTRNGData());
+	ret = SM2_KDF(output ,ilen,data_temp, key_bytes_len * 2);
+#ifdef SM2_DEBUG
  	MyPrintf("\n ecc_pmul_calc:%c%c%c%c\n",ret,ret>>8,ret>>16,ret>>24);	
-	MyPrintf("y:\n");
-	for(i=0;i<5;i++)
-		MyPrintf("%08x ",c2[i]);	MyPrintf("\n");
+	MyPrintf("t:\n");
+	for(i=0;i<ilen;i++)
+		MyPrintf("%02x ",  output[i]);	MyPrintf("\n");
 #endif
-	for(i=0;i<19;i++)
-		output[i] = input[i+65] ^ ((uint8_t *)c2)[i] ;
+	for(i=0;i<ilen;i++)
+		output[i] = input[i+1+key_bytes_len*2] ^ output[i];
+
 #ifdef SM2_DEBUG
 	MyPrintf("output:\n");
-	for(i=0;i<19;i++)
+	for(i=0;i<ilen;i++)
 		MyPrintf("%02x ",output[i]);	MyPrintf("\n");
 #endif
-	for(i=0;i<para_t.len_words;i++)
+	//x2
+#ifdef SM2_DEBUG
+	MyPrintf("pb.x:\n");
+#endif
+	for(i = 0;i<key_bytes_len;i++)
 	{
-		data_temp[i<<2] = pb.x[para_t.len_words-i-1]>>24;
-		data_temp[(i<<2)+1] = pb.x[para_t.len_words-i-1]>>16;
-		data_temp[(i<<2)+2] = pb.x[para_t.len_words-i-1]>>8;
-		data_temp[(i<<2)+3] = pb.x[para_t.len_words-i-1];
-		data_temp[19+(i+para_t.len_words<<2)] = pb.y[para_t.len_words-i-1]>>24;
-		data_temp[19+(i+para_t.len_words<<2)+1] = pb.y[para_t.len_words-i-1]>>16;
-		data_temp[19+(i+para_t.len_words<<2)+2] = pb.y[para_t.len_words-i-1]>>8;
-		data_temp[19+(i+para_t.len_words<<2)+3] = pb.y[para_t.len_words-i-1];
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",*((uint8_t *)(pb.x)+key_bytes_len-i-1));
+		#endif
+		SM3_BYTE(NULL,*((uint8_t *)(pb.x)+key_bytes_len-i-1),i,0);
 	}
-	memcpy(data_temp+(para_t.len_words<<2),output,19);	
-	
-	SM3((uint8_t *)u,data_temp,83);  //c3 len 32byte
+	//Message
 #ifdef SM2_DEBUG
-	MyPrintf("u:\n");
-	for(i=0;i<8;i++)
-		MyPrintf("%02x ",u[i]);	MyPrintf("\n");	
+	MyPrintf("\n message:\n");
+#endif
+	for(i = 0;i < ilen;i++)
+	{
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",input[i]);
+		#endif
+		SM3_BYTE(NULL,output[i],key_bytes_len + i,0);
+	}
+
+	//Y2
+#ifdef SM2_DEBUG
+	MyPrintf("\n pb.y:\n");
 #endif
-	memcpy((uint8_t *)c3,input+64+1+19,32);	
+	for(i = 0; i < key_bytes_len; i++)
+	{
+		#ifdef SM2_DEBUG
+			MyPrintf("%02x ",*((uint8_t *)(pb.y)+key_bytes_len-i-1));
+		#endif
+		if(i == key_bytes_len - 1)
+		{
+			SM3_BYTE((uint8_t *)u,*((uint8_t *)(pb.y)+key_bytes_len-i-1),key_bytes_len + ilen + i,1);
+		}
+		else
+		{
+			SM3_BYTE(NULL,*((uint8_t *)(pb.y)+key_bytes_len-i-1),key_bytes_len + ilen + i,0);
+		}
+	}
+#ifdef SM2_DEBUG
+	MyPrintf("\n u:\n");
+	for(i=0;i<32;i++)
+		MyPrintf("%02x ",((uint8_t*)u)[i]);	MyPrintf("\n");
+#endif
+
+	memcpy((uint8_t *)c3,input + key_bytes_len * 2  + 1 + ilen,32);
 #ifdef SM2_DEBUG
 	MyPrintf("c3:\n");
-	for(i=0;i<8;i++)
-		MyPrintf("%02x ",c3[i]);	MyPrintf("\n");	
-#endif	
-	if (EQUAL != mem_cmp((volatile unsigned int *)(c3),(volatile unsigned int *)u ,8) )
+	for(i=0;i<32;i++)
+		MyPrintf("%02x ",((uint8_t*)c3)[i]);	MyPrintf("\n");
+#endif
+	if (EQUAL != mem_cmp((volatile unsigned int *)(c3),(volatile unsigned int *)u ,8))
+	{
 		return RET_SM2_DEC_FAILURE;
+	}
 	else
+	{
+		*olen = ilen;
 		return RET_SM2_DEC_SUCCESS;
+	}
+}
+
+/**
+  * @method	SM2_Genkey
+  * @brief	SM2 密钥生成函数，用于生成 SM2 密钥
+  * @param	key   : SM2 私钥（输出参数）
+  * @param	para  : 椭圆曲线参数（输入参数）
+  * @param	f_rng : 随机数函数（输入参数）
+  * @param	p_rng : 随机数函数参数（输入参数）
+  * @retval RET_ECC_KEY_GEN_SUCCESS or RET_SM2_KEY_GEN_ERROR
+  */
+uint32_t SM2_Genkey(SM2_PrivateKeyTypeDef *key, const SM2_EllipseParaTypeDef *para,
+                    rng_callback f_rng, void *p_rng, uint8_t config)
+{
+		uint32_t i = 0;
+		uint32_t rand_key[9]={0};
+		ecc_para para_t;
+		uint32_t p_c[9]={0},n_c[9]={0},n1_c[9]={0};
+		uint32_t value = 0;
+		ecc_point_a e;
+
+		ecc_security security_t;
+		security_t.mask=INT_MASK_CLOSE;
+		security_t.verify=EC_PARA_VERIFY_CLOSE;
+
+		#ifdef BCTC
+				for (i=0;i<9;i++)
+				{
+					rand_key[i] = sm2_rand_val[i];
+				}
+		#else
+				(*f_rng)((uint8_t *)rand_key ,33,p_rng);
+		#endif
+
+		init_para(&para_t, p_c, n_c, n1_c, para, config,!ECC_A_IS_NEGATIVE_3);
+
+		#ifdef SM2_DEBUG
+			MyPrintf("rand_key:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",rand_key[i]);	MyPrintf("\n");
+		#endif
+
+		calc_div(NULL,key->d,rand_key,para_t.n,para_t.len_words,para_t.len_words);//d=random%n
+//		if (para_t.field==ECC_PRIME)
+//			key->d[para_t.len_words-1] |= 0x80000000;                           //密钥最高位置1
+//		else
+//			key->d[para_t.len_words-1] |= 1<<((para_t.len_bits & 0x1f)-1);
+
+		e.x= key->e.x;
+		e.y= key->e.y;
+		value = ecc_pmul(&e, &(para_t.g), key->d, &para_t, &security_t, NULL,0);
+
+		#ifdef SM2_DEBUG
+			MyPrintf("para_def.g.x:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",para_t.g.x[i]);	MyPrintf("\n");
+			MyPrintf("para_def.g.y:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",para_t.g.y[i]);	MyPrintf("\n");
+
+			MyPrintf("d:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",key->d[i]);	MyPrintf("\n");
+			MyPrintf("e.x:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",key->e.x[i]);	MyPrintf("\n");
+			MyPrintf("e.y:\n");
+			for(i=0;i<para_t.len_words;i++)
+				MyPrintf("%08x ",key->e.y[i]);	MyPrintf("\n");
+		#endif
+
+		if (value!=RET_ECC_POINT_SUCCESS)
+			return value;
+
+
+		return 	RET_ECC_KEY_GENERATION_SUCCESS;
+
+
 }