QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-07 06:59:41 +00:00
Code Issues Projects Releases Wiki Activity

Add SM2 key management

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
This commit is contained in:
Paul Yang 2020-07-26 23:25:49 +08:00 committed by Matt Caswell
parent 6b1428ac12
commit 7ee511d093
7 changed files with 295 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
crypto/ec/ec_key.c
View File

@ -260,10 +260,12 @@ static int ec_generate_key(EC_KEY *eckey, int pairwise_test)
{ {
int ok = 0; int ok = 0;
BIGNUM *priv_key = NULL; BIGNUM *priv_key = NULL;
const BIGNUM *order = NULL; const BIGNUM *tmp = NULL;
BIGNUM *order = NULL;
EC_POINT *pub_key = NULL; EC_POINT *pub_key = NULL;
const EC_GROUP *group = eckey->group; const EC_GROUP *group = eckey->group;
BN_CTX *ctx = BN_CTX_secure_new_ex(eckey->libctx); BN_CTX *ctx = BN_CTX_secure_new_ex(eckey->libctx);
int sm2 = EC_KEY_get_flags(eckey) & EC_FLAG_SM2_RANGE ? 1 : 0;
if (ctx == NULL) if (ctx == NULL)
goto err; goto err;
@ -281,8 +283,8 @@ static int ec_generate_key(EC_KEY *eckey, int pairwise_test)
* stated in the security policy. * stated in the security policy.
*/ */
order = EC_GROUP_get0_order(group); tmp = EC_GROUP_get0_order(group);
if (order == NULL) if (tmp == NULL)
goto err; goto err;
/* /*
@ -293,6 +295,18 @@ static int ec_generate_key(EC_KEY *eckey, int pairwise_test)
* 1 + rand[0..n-2] would effect the way that tests feed dummy entropy into * 1 + rand[0..n-2] would effect the way that tests feed dummy entropy into
* rand so the simpler backward compatible method has been used here. * rand so the simpler backward compatible method has been used here.
*/ */
/* range of SM2 private key is [1, n-1) */
if (sm2) {
order = BN_new();
if (order == NULL || !BN_sub(order, tmp, BN_value_one()))
goto err;
} else {
order = BN_dup(tmp);
if (order == NULL)
goto err;
}
do do
if (!BN_priv_rand_range_ex(priv_key, order, ctx)) if (!BN_priv_rand_range_ex(priv_key, order, ctx))
goto err; goto err;
@ -340,6 +354,7 @@ err:
EC_POINT_free(pub_key); EC_POINT_free(pub_key);
BN_clear_free(priv_key); BN_clear_free(priv_key);
BN_CTX_free(ctx); BN_CTX_free(ctx);
BN_free(order);
return ok; return ok;
} }

4
crypto/evp/pmeth_gn.c
View File

@ -20,10 +20,6 @@
#include "crypto/evp.h" #include "crypto/evp.h"
#include "evp_local.h" #include "evp_local.h"
#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_EC)
# define TMP_SM2_HACK
#endif
/* TODO(3.0) remove when provider SM2 key generation is implemented */ /* TODO(3.0) remove when provider SM2 key generation is implemented */
#ifdef TMP_SM2_HACK #ifdef TMP_SM2_HACK
# include <openssl/ec.h> # include <openssl/ec.h>

1
include/openssl/ec.h
View File

@ -874,6 +874,7 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
# define EC_FLAG_NON_FIPS_ALLOW 0x1 # define EC_FLAG_NON_FIPS_ALLOW 0x1
# define EC_FLAG_FIPS_CHECKED 0x2 # define EC_FLAG_FIPS_CHECKED 0x2
# define EC_FLAG_COFACTOR_ECDH 0x1000 # define EC_FLAG_COFACTOR_ECDH 0x1000
# define EC_FLAG_SM2_RANGE 0x4
/** /**
* Creates a new EC_KEY object. * Creates a new EC_KEY object.

2
providers/defltprov.c
View File

@ -413,6 +413,8 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = {
#endif #endif
#ifndef OPENSSL_NO_CMAC #ifndef OPENSSL_NO_CMAC
{ "CMAC", "provider=default", cmac_legacy_keymgmt_functions }, { "CMAC", "provider=default", cmac_legacy_keymgmt_functions },
#ifndef OPENSSL_NO_SM2
{ "SM2", "provider=default", sm2_keymgmt_functions },
#endif #endif
{ NULL, NULL, NULL } { NULL, NULL, NULL }
}; };

3
providers/implementations/include/prov/implementations.h
View File

@ -280,6 +280,9 @@ extern const OSSL_DISPATCH ec_keymgmt_functions[];
extern const OSSL_DISPATCH kdf_keymgmt_functions[]; extern const OSSL_DISPATCH kdf_keymgmt_functions[];
extern const OSSL_DISPATCH mac_legacy_keymgmt_functions[]; extern const OSSL_DISPATCH mac_legacy_keymgmt_functions[];
extern const OSSL_DISPATCH cmac_legacy_keymgmt_functions[]; extern const OSSL_DISPATCH cmac_legacy_keymgmt_functions[];
#ifndef OPENSSL_NO_SM2
extern const OSSL_DISPATCH sm2_keymgmt_functions[];
#endif
/* Key Exchange */ /* Key Exchange */
extern const OSSL_DISPATCH dh_keyexch_functions[]; extern const OSSL_DISPATCH dh_keyexch_functions[];

257
providers/implementations/keymgmt/ec_kmgmt.c
View File

@ -27,6 +27,7 @@
#include "prov/providercommonerr.h" #include "prov/providercommonerr.h"
#include "prov/provider_ctx.h" #include "prov/provider_ctx.h"
#include "internal/param_build_set.h" #include "internal/param_build_set.h"
#include "crypto/sm2.h"
static OSSL_FUNC_keymgmt_new_fn ec_newdata; static OSSL_FUNC_keymgmt_new_fn ec_newdata;
static OSSL_FUNC_keymgmt_gen_init_fn ec_gen_init; static OSSL_FUNC_keymgmt_gen_init_fn ec_gen_init;
@ -49,10 +50,19 @@ static OSSL_FUNC_keymgmt_import_types_fn ec_import_types;
static OSSL_FUNC_keymgmt_export_fn ec_export; static OSSL_FUNC_keymgmt_export_fn ec_export;
static OSSL_FUNC_keymgmt_export_types_fn ec_export_types; static OSSL_FUNC_keymgmt_export_types_fn ec_export_types;
static OSSL_FUNC_keymgmt_query_operation_name_fn ec_query_operation_name; static OSSL_FUNC_keymgmt_query_operation_name_fn ec_query_operation_name;
#ifndef OPENSSL_NO_SM2
static OSSL_FUNC_keymgmt_gen_fn sm2_gen;
static OSSL_FUNC_keymgmt_get_params_fn sm2_get_params;
static OSSL_FUNC_keymgmt_gettable_params_fn sm2_gettable_params;
static OSSL_FUNC_keymgmt_settable_params_fn sm2_settable_params;
static OSSL_FUNC_keymgmt_import_fn sm2_import;
static OSSL_FUNC_keymgmt_query_operation_name_fn sm2_query_operation_name;
#endif
#define EC_DEFAULT_MD "SHA256" #define EC_DEFAULT_MD "SHA256"
#define EC_POSSIBLE_SELECTIONS \ #define EC_POSSIBLE_SELECTIONS \
(OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS)
#define SM2_DEFAULT_MD "SM3"
static static
const char *ec_query_operation_name(int operation_id) const char *ec_query_operation_name(int operation_id)
@ -66,6 +76,53 @@ const char *ec_query_operation_name(int operation_id)
return NULL; return NULL;
} }
#ifndef OPENSSL_NO_SM2
static
const char *sm2_query_operation_name(int operation_id)
{
switch (operation_id) {
case OSSL_OP_SIGNATURE:
return "SM2";
}
return NULL;
}
#endif
static ossl_inline
int domparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl,
OSSL_PARAM params[])
{
const EC_GROUP *ecg;
int curve_nid;
if (ec == NULL)
return 0;
ecg = EC_KEY_get0_group(ec);
if (ecg == NULL)
return 0;
curve_nid = EC_GROUP_get_curve_name(ecg);
if (curve_nid == NID_undef) {
/* TODO(3.0): should we support explicit parameters curves? */
return 0;
} else {
/* named curve */
const char *curve_name = NULL;
if ((curve_name = ec_curve_nid2name(curve_nid)) == NULL)
return 0;
if (!ossl_param_build_set_utf8_string(tmpl, params,
OSSL_PKEY_PARAM_GROUP_NAME,
curve_name))
return 0;
}
return 1;
}
/* /*
* Callers of key_to_params MUST make sure that domparams_to_params is also * Callers of key_to_params MUST make sure that domparams_to_params is also
* called! * called!
@ -283,6 +340,7 @@ static
int ec_import(void *keydata, int selection, const OSSL_PARAM params[]) int ec_import(void *keydata, int selection, const OSSL_PARAM params[])
{ {
EC_KEY *ec = keydata; EC_KEY *ec = keydata;
const EC_GROUP *ecg = NULL;
int ok = 1; int ok = 1;
if (!ossl_prov_is_running() || ec == NULL) if (!ossl_prov_is_running() || ec == NULL)
@ -309,6 +367,7 @@ int ec_import(void *keydata, int selection, const OSSL_PARAM params[])
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
ok = ok && ec_group_fromdata(ec, params); ok = ok && ec_group_fromdata(ec, params);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
int include_private = int include_private =
selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
@ -321,6 +380,61 @@ int ec_import(void *keydata, int selection, const OSSL_PARAM params[])
return ok; return ok;
} }
#ifndef OPENSSL_NO_SM2
static
int sm2_import(void *keydata, int selection, const OSSL_PARAM params[])
{
EC_KEY *ec = keydata;
const EC_GROUP *ecg = NULL;
int ok = 1;
if (ec == NULL)
return 0;
/*
* In this implementation, we can export/import only keydata in the
* following combinations:
* - domain parameters only
* - public key with associated domain parameters (+optional other params)
* - private key with associated public key and domain parameters
* (+optional other params)
*
* This means:
* - domain parameters must always be requested
* - private key must be requested alongside public key
* - other parameters must be requested only alongside a key
*/
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0)
return 0;
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0
&& (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) == 0)
return 0;
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0
&& (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0)
return 0;
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
ok = ok && ec_key_domparams_fromdata(ec, params);
/* import the keys or domparams only on SM2 Curve */
if ((ecg = EC_KEY_get0_group(ec)) == NULL
|| EC_GROUP_get_curve_name(ecg) != NID_sm2) {
return 0;
}
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
int include_private =
selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0;
ok = ok && ec_key_fromdata(ec, params, include_private);
}
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
ok = ok && ec_key_otherparams_fromdata(ec, params);
return ok;
}
#endif
static static
int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
void *cbarg) void *cbarg)
@ -679,6 +793,87 @@ int ec_set_params(void *key, const OSSL_PARAM params[])
return ec_key_otherparams_fromdata(eck, params); return ec_key_otherparams_fromdata(eck, params);
} }
#ifndef OPENSSL_NO_SM2
static
int sm2_get_params(void *key, OSSL_PARAM params[])
{
int ret;
EC_KEY *eck = key;
const EC_GROUP *ecg = NULL;
OSSL_PARAM *p;
unsigned char *pub_key = NULL;
ecg = EC_KEY_get0_group(eck);
if (ecg == NULL)
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
&& !OSSL_PARAM_set_int(p, ECDSA_size(eck)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
&& !OSSL_PARAM_set_int(p, EC_GROUP_order_bits(ecg)))
return 0;
/* XXX:
* I dropped the support of OSSL_PKEY_PARAM_SECURITY_BITS since
* I didn't find definition of SM2 security bits so far. This could
* be supported if the definition is clear in the future.
*/
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
&& !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key));
if (ctx == NULL)
return 0;
p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key),
EC_KEY_get0_public_key(key),
POINT_CONVERSION_UNCOMPRESSED,
p->data, p->return_size, ctx);
BN_CTX_free(ctx);
if (p->return_size == 0)
return 0;
}
ret = domparams_to_params(eck, NULL, params)
&& key_to_params(eck, NULL, params, 1, &pub_key);
OPENSSL_free(pub_key);
return ret;
}
static const OSSL_PARAM sm2_known_gettable_params[] = {
OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
EC_IMEXPORTABLE_DOM_PARAMETERS,
EC_IMEXPORTABLE_PUBLIC_KEY,
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_Y, NULL, 0),
EC_IMEXPORTABLE_PRIVATE_KEY,
OSSL_PARAM_END
};
static
const OSSL_PARAM *sm2_gettable_params(void)
{
return sm2_known_gettable_params;
}
static const OSSL_PARAM sm2_known_settable_params[] = {
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
OSSL_PARAM_END
};
static
const OSSL_PARAM *sm2_settable_params(void)
{
return sm2_known_settable_params;
}
#endif
static static
int ec_validate(void *keydata, int selection) int ec_validate(void *keydata, int selection)
{ {
@ -975,6 +1170,39 @@ err:
return NULL; return NULL;
} }
#ifndef OPENSSL_NO_SM2
/*
* The callback arguments (osslcb & cbarg) are not used by EC_KEY generation
*/
static void *sm2_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
{
struct ec_gen_ctx *gctx = genctx;
EC_KEY *ec = NULL;
int ret = 1;
if (gctx == NULL
|| (ec = EC_KEY_new_with_libctx(gctx->libctx, NULL)) == NULL)
return NULL;
/* We must always assign a group, no matter what */
ret = ec_gen_assign_group(ec, gctx->gen_group);
/* Whether you want it or not, you get a keypair, not just one half */
if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
/*
* For SM2, we need a new flag to indicate the 'generate' function
* to use a new range
*/
EC_KEY_set_flags(ec, EC_FLAG_SM2_RANGE);
ret = ret && EC_KEY_generate_key(ec);
}
if (ret)
return ec;
return NULL;
}
#endif
static void ec_gen_cleanup(void *genctx) static void ec_gen_cleanup(void *genctx)
{ {
struct ec_gen_ctx *gctx = genctx; struct ec_gen_ctx *gctx = genctx;
@ -1037,3 +1265,32 @@ const OSSL_DISPATCH ec_keymgmt_functions[] = {
(void (*)(void))ec_query_operation_name }, (void (*)(void))ec_query_operation_name },
{ 0, NULL } { 0, NULL }
}; };
#ifndef OPENSSL_NO_SM2
const OSSL_DISPATCH sm2_keymgmt_functions[] = {
{ OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))ec_newdata },
{ OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))ec_gen_init },
{ OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE,
(void (*)(void))ec_gen_set_template },
{ OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))ec_gen_set_params },
{ OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
(void (*)(void))ec_gen_settable_params },
{ OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))sm2_gen },
{ OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ec_gen_cleanup },
{ OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ec_freedata },
{ OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))sm2_get_params },
{ OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))sm2_gettable_params },
{ OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))ec_set_params },
{ OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))sm2_settable_params },
{ OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ec_has },
{ OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ec_match },
{ OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))ec_validate },
{ OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))sm2_import },
{ OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))ec_import_types },
{ OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ec_export },
{ OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))ec_export_types },
{ OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME,
(void (*)(void))sm2_query_operation_name },
{ 0, NULL }
};
#endif

14
test/ecdsatest.c
View File

@ -237,6 +237,20 @@ static int test_builtin(int n, int as)
return 1; return 1;
} }
/*
* skip SM2 curve if 'as' is equal to EVP_PKEY_EC or, skip all curves
* except SM2 curve if 'as' is equal to EVP_PKEY_SM2
*/
if (nid == NID_sm2 && as == EVP_PKEY_EC) {
TEST_info("skipped: EC key type unsupported for curve %s",
OBJ_nid2sn(nid));
return 1;
} else if (nid != NID_sm2 && as == EVP_PKEY_SM2) {
TEST_info("skipped: SM2 key type unsupported for curve %s",
OBJ_nid2sn(nid));
return 1;
}
TEST_info("testing ECDSA for curve %s as %s key type", OBJ_nid2sn(nid), TEST_info("testing ECDSA for curve %s as %s key type", OBJ_nid2sn(nid),
as == EVP_PKEY_EC ? "EC" : "SM2"); as == EVP_PKEY_EC ? "EC" : "SM2");