packages/nss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!86 Optimize support of sm2,sm3

Browse Source 
From: @HuaxinLuGitee 
Reviewed-by: @zcfsite 
Signed-off-by: @zcfsite
This commit is contained in:
openeuler-ci-bot 2022-10-28 03:48:56 +00:00 committed by Gitee
commit 85771f0d1a
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
5 changed files with 1416 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

179
Feature-nss-add-implement-of-SM2-signature-algorithm.patch Normal file
View File

@ -0,0 +1,179 @@
From 76754353988703719623717de9d1252434b69507 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Sun, 2 Oct 2022 19:05:00 +0800
Subject: [PATCH 3/4] nss add implement of SM2 signature algorithm
Co-authored-by: godcansee <liu332084460@foxmail.com>
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
---
lib/freebl/sm2.c | 134 +++++++++++++++++++++++++++++++++++++++++++++++
lib/freebl/sm2.h | 16 ++++++
2 files changed, 150 insertions(+)
create mode 100644 lib/freebl/sm2.c
create mode 100644 lib/freebl/sm2.h
diff --git a/lib/freebl/sm2.c b/lib/freebl/sm2.c
new file mode 100644
index 0000000..f80b8ca
--- /dev/null
+++ b/lib/freebl/sm2.c
@@ -0,0 +1,134 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "blapi.h"
+#include "blapii.h"
+#include "prerr.h"
+#include "secerr.h"
+#include "secmpi.h"
+#include "secitem.h"
+#include "ecl.h"
+
+SECStatus
+SM2_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature,
+ const SECItem *digest, const unsigned char *kb, const int kblen)
+{
+ SECStatus rv = SECFailure;
+ mp_int e, k, x1, y1, r, n, dA, tmp, s;
+ mp_err err = MP_OKAY;
+ ECParams *ecParams;
+ ECGroup *group;
+ SECItem kGpoint = { siBuffer, NULL, 0 };
+ mp_size olen;
+
+ if (!key || !signature || !signature->data || !digest || !kb || (kblen < 0)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return SECFailure;
+ }
+
+ ecParams = &(key->ecParams);
+ olen = ecParams->order.len;
+ if (signature->len < 2 * olen) {
+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
+ return SECFailure;
+ }
+
+ CHECK_MPI_OK(mp_init(&e));
+ CHECK_MPI_OK(mp_init(&k));
+ CHECK_MPI_OK(mp_init(&x1));
+ CHECK_MPI_OK(mp_init(&y1));
+ CHECK_MPI_OK(mp_init(&r));
+ CHECK_MPI_OK(mp_init(&n));
+ CHECK_MPI_OK(mp_init(&dA));
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_init(&s));
+ CHECK_MPI_OK(mp_init(&tmp));
+ CHECK_MPI_OK(mp_init(&s));
+
+ SECITEM_TO_MPINT(key->privateValue, &dA);
+ SECITEM_TO_MPINT(*digest, &e);
+ SECITEM_TO_MPINT(ecParams->order, &n);
+
+ CHECK_MPI_OK(mp_read_unsigned_octets(&k, kb, kblen));
+
+ /* Make sure k is in the interval [1, n-1] */
+ if ((mp_cmp_z(&k) <= 0) || (mp_cmp(&k, &n) >= 0)) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /* (x1, y1) = [k]G */
+ group = ECGroup_fromName(ecParams->name);
+ if (!group)
+ goto cleanup;
+
+ kGpoint.len = EC_GetPointSize(ecParams);
+ kGpoint.data = PORT_Alloc(kGpoint.len);
+ if (kGpoint.data == NULL)
+ goto cleanup;
+
+ CHECK_MPI_OK(ECPoints_mul(group, &k, NULL, NULL, NULL, &x1, &y1));
+
+ /* r = (e + x1) mod n */
+ CHECK_MPI_OK(mp_addmod(&e, &x1, &n, &r));
+
+ /* r != 0 */
+ if (mp_cmp_z(&r) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /* r + k != n */
+ CHECK_MPI_OK(mp_add(&r, &k, &tmp));
+ if (mp_cmp(&tmp, &n) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ /* s = ((d + 1)^-1 * (k - r * dA)) mod n */
+ CHECK_MPI_OK(mp_add_d(&dA, 1, &tmp));
+ CHECK_MPI_OK(mp_mod (&tmp, &n, &s));
+ CHECK_MPI_OK(mp_invmod (&s, &n, &s));
+ CHECK_MPI_OK(mp_mulmod (&r, &dA, &n, &tmp));
+ CHECK_MPI_OK(mp_submod (&k, &tmp, &n, &tmp));
+ CHECK_MPI_OK(mp_mulmod (&s, &tmp, &n, &s));
+
+ /* s != 0 */
+ if (mp_cmp_z(&s) == 0) {
+ PORT_SetError(SEC_ERROR_NEED_RANDOM);
+ goto cleanup;
+ }
+
+ CHECK_MPI_OK(mp_to_fixlen_octets(&r, signature->data, olen));
+ CHECK_MPI_OK(mp_to_fixlen_octets(&s, signature->data + olen, olen));
+
+ signature->len = 2 * olen;
+ rv = SECSuccess;
+ err = MP_OKAY;
+
+cleanup:
+ mp_clear(&e);
+ mp_clear(&k);
+ mp_clear(&x1);
+ mp_clear(&y1);
+ mp_clear(&r);
+ mp_clear(&n);
+ mp_clear(&dA);
+ mp_clear(&tmp);
+ mp_clear(&s);
+
+ if (kGpoint.data)
+ PORT_ZFree(kGpoint.data, kGpoint.len);
+
+ if (err) {
+ MP_TO_SEC_ERROR(err);
+ rv = SECFailure;
+ }
+
+ return rv;
+}
diff --git a/lib/freebl/sm2.h b/lib/freebl/sm2.h
new file mode 100644
index 0000000..0e2072c
--- /dev/null
+++ b/lib/freebl/sm2.h
@@ -0,0 +1,16 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SM2_H_
+#define _SM2_H_
+
+
+#include <blapit.h>
+
+SECStatus
+SM2_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature,
+ const SECItem *digest, const unsigned char *kb, const int kblen);
+
+#endif
+
--
2.33.0

321
Feature-nss-add-implement-of-SM3-digest-algorithm.patch Normal file
View File

@ -0,0 +1,321 @@
From c4222d2434eb877fc077cdb338ac22ab6779f412 Mon Sep 17 00:00:00 2001
From: godcansee <liu332084460@foxmail.com>
Date: Tue, 27 Sep 2022 19:55:55 +0800
Subject: [PATCH 1/4] nss add implement of SM3 digest algorithm
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
---
lib/freebl/sm3.c | 274 +++++++++++++++++++++++++++++++++++++++++++++++
lib/freebl/sm3.h | 19 ++++
2 files changed, 293 insertions(+)
create mode 100644 lib/freebl/sm3.c
create mode 100644 lib/freebl/sm3.h
diff --git a/lib/freebl/sm3.c b/lib/freebl/sm3.c
new file mode 100644
index 0000000..27751ff
--- /dev/null
+++ b/lib/freebl/sm3.c
@@ -0,0 +1,274 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifdef FREEBL_NO_DEPEND
+#include "stubs.h"
+#endif
+
+#include "prerr.h"
+#include "prtypes.h"
+#include "prlong.h"
+#include "secport.h"
+#include "secerr.h"
+#include "blapi.h"
+#include "sm3.h"
+
+#define ROTATE(a,n) (((a) << (n)) | (((a) & 0xffffffff) >> (32 - (n))))
+
+#define FF0(X,Y,Z) (X ^ Y ^ Z)
+#define GG0(X,Y,Z) (X ^ Y ^ Z)
+
+#define FF16(X,Y,Z) ((X & Y) | (X & Z) | (Y & Z))
+#define GG16(X,Y,Z) ((X & Y) | ((~X) & Z))
+
+#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23))
+
+#define Get_32(l, c) ((l) = (PRUint32)(((*((PRUint8*)(c))) << 24) | \
+ ((*((PRUint8*)(c) + 1)) << 16) | \
+ ((*((PRUint8*)(c) + 2)) << 8) | \
+ ((*((PRUint8*)(c) + 3)))))
+
+#define Put_32(p, N) ((*((PRUint8*)(p))) = (PRUint8)((N) >> 24), \
+ (*((PRUint8*)(p) + 1)) = (PRUint8)((N) >> 16), \
+ (*((PRUint8*)(p) + 2)) = (PRUint8)((N) >> 8), \
+ (*((PRUint8*)(p) + 3)) = (PRUint8)(N))
+
+void processOfSM3(SM3Context *ctx, const unsigned char *p) {
+ int j;
+ PRUint32 W[68];
+ PRUint32 A, B, C, D, E, F, G, H;
+ PRUint32 SS1, SS2, TT1, TT2;
+
+ A = ctx->A;
+ B = ctx->B;
+ C = ctx->C;
+ D = ctx->D;
+ E = ctx->E;
+ F = ctx->F;
+ G = ctx->G;
+ H = ctx->H;
+
+ for (j = 0; j < 16; j++)
+ Get_32(W[j], p + 4 * j);
+
+ for (j = 16; j <= 67; j++)
+ W[j] = P1(W[j - 16] ^ W[j - 9] ^ ROTATE(W[j - 3], 15)) ^ ROTATE(W[j - 13], 7) ^ W[j - 6];
+
+ for (j = 0; j < 16; j++) {
+ SS1 = ROTATE(A, 12);
+ SS1 = SS1 + E;
+ SS1 = SS1 + ROTATE(0x79cc4519UL, j);
+ SS1 = ROTATE(SS1, 7);
+ SS2 = SS1 ^ ROTATE(A, 12);
+ TT1 = FF0(A, B, C) + D;
+ TT1 = TT1 + SS2;
+ TT1 = TT1 + (W[j] ^ W[j + 4]);
+ TT2 = GG0(E, F, G) + H;
+ TT2 = TT2 + SS1;
+ TT2 = TT2 + W[j];
+ D = C;
+ C = ROTATE(B, 9);
+ B = A;
+ A = TT1;
+ H = G;
+ G = ROTATE(F, 19);
+ F = E;
+ E = TT2 ^ ROTATE(TT2, 9) ^ ROTATE(TT2, 17);
+ }
+
+ for (j = 16; j < 64; j++) {
+ SS1 = ROTATE(A, 12);
+ SS1 = SS1 + E;
+ SS1 = SS1 + ROTATE(0x7a879d8aUL, j & 0x1f);
+ SS1 = ROTATE(SS1, 7);
+ SS2 = SS1 ^ ROTATE(A, 12);
+ TT1 = FF16(A, B, C) + D;
+ TT1 = TT1 + SS2;
+ TT1 = TT1 + (W[j] ^ W[j + 4]);
+ TT2 = GG16(E, F, G) + H;
+ TT2 = TT2 + SS1;
+ TT2 = TT2 + W[j];
+ D = C;
+ C = ROTATE(B, 9);
+ B = A;
+ A = TT1;
+ H = G;
+ G = ROTATE(F, 19);
+ F = E;
+ E = TT2 ^ ROTATE(TT2, 9) ^ ROTATE(TT2, 17);
+ }
+
+ ctx->A ^= A;
+ ctx->B ^= B;
+ ctx->C ^= C;
+ ctx->D ^= D;
+ ctx->E ^= E;
+ ctx->F ^= F;
+ ctx->G ^= G;
+ ctx->H ^= H;
+}
+
+SM3Context *
+SM3_NewContext(void)
+{
+ SM3Context *ctx = PORT_New(SM3Context);
+ return ctx;
+}
+
+void
+SM3_DestroyContext(SM3Context *ctx, PRBool freeit)
+{
+ memset(ctx, 0, sizeof *ctx);
+ if (freeit) {
+ PORT_Free(ctx);
+ }
+}
+
+void
+SM3_Begin(SM3Context *ctx)
+{
+ memset(ctx, 0, sizeof(SM3Context));
+ ctx->A = 0x7380166fUL;
+ ctx->B = 0x4914b2b9UL;
+ ctx->C = 0x172442d7UL;
+ ctx->D = 0xda8a0600UL;
+ ctx->E = 0xa96f30bcUL;
+ ctx->F = 0x163138aaUL;
+ ctx->G = 0xe38dee4dUL;
+ ctx->H = 0xb0fb0e4eUL;
+}
+
+void
+SM3_Update(SM3Context *ctx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ PRUint32 l, n, rest;
+ PRUint8 *p;
+
+ l = (ctx->Nl + (inputLen << 3)) & 0xffffffff;
+ if (l < ctx->Nl)
+ ctx->Nh++;
+
+ ctx->Nl = l;
+ ctx->Nh += (inputLen >> 29);
+ p = ctx->data;
+ n = ctx->num;
+
+ rest = 64 - n;
+ if (n) {
+ if (inputLen >= rest) {
+ memcpy(p + n, input, rest);
+ input += rest;
+ inputLen -= rest;
+ ctx->num = 0;
+ processOfSM3(ctx, p);
+ memset(p, 0, 64);
+ } else {
+ memcpy(p + n, input, inputLen);
+ ctx->num += inputLen;
+ return;
+ }
+ }
+
+ while (inputLen >= 64) {
+ processOfSM3(ctx, input);
+ input += 64;
+ inputLen -= 64;
+ }
+
+ if (inputLen) {
+ ctx->num = inputLen;
+ memcpy(ctx->data, input, inputLen);
+ }
+}
+
+void
+SM3_End(SM3Context *ctx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ PRUint32 n = ctx->num;
+
+ if (maxDigestLen < SM3_LENGTH) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ return;
+ }
+
+ ctx->data[n] = 0x80;
+
+ if (n >= 56) {
+ memset(ctx->data + n + 1, 0, 64 - n - 1);
+ processOfSM3(ctx, ctx->data);
+ memset(ctx->data, 0, 64);
+ }
+
+ Put_32(&ctx->data[56], ctx->Nh);
+ Put_32(&ctx->data[60], ctx->Nl);
+ processOfSM3(ctx, ctx->data);
+
+ Put_32(digest, ctx->A);
+ Put_32(digest + 4, ctx->B);
+ Put_32(digest + 8, ctx->C);
+ Put_32(digest + 12, ctx->D);
+ Put_32(digest + 16, ctx->E);
+ Put_32(digest + 20, ctx->F);
+ Put_32(digest + 24, ctx->G);
+ Put_32(digest + 28, ctx->H);
+
+ if (digestLen)
+ *digestLen = SM3_LENGTH;
+}
+
+SECStatus
+SM3_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length)
+{
+ SM3Context ctx;
+ unsigned int outLen;
+
+ SM3_Begin(&ctx);
+ SM3_Update(&ctx, src, src_length);
+ SM3_End(&ctx, dest, &outLen, SM3_LENGTH);
+ memset(&ctx, 0, sizeof ctx);
+
+ return SECSuccess;
+}
+
+SECStatus
+SM3_Hash(unsigned char *dest, const char *src)
+{
+ return SM3_HashBuf(dest, (const unsigned char *)src, PORT_Strlen(src));
+}
+
+void
+SM3_TraceState(SM3Context *ctx)
+{
+}
+
+unsigned int
+SM3_FlattenSize(SM3Context *ctx)
+{
+ return sizeof *ctx;
+}
+
+SECStatus
+SM3_Flatten(SM3Context *ctx, unsigned char *space)
+{
+ PORT_Memcpy(space, ctx, sizeof *ctx);
+ return SECSuccess;
+}
+
+SM3Context *
+SM3_Resurrect(unsigned char *space, void *arg)
+{
+ SM3Context *ctx = SM3_NewContext();
+ if (ctx)
+ PORT_Memcpy(ctx, space, sizeof *ctx);
+ return ctx;
+}
+
+void
+SM3_Clone(SM3Context *dest, SM3Context *src)
+{
+ memcpy(dest, src, sizeof *dest);
+}
diff --git a/lib/freebl/sm3.h b/lib/freebl/sm3.h
new file mode 100644
index 0000000..83d787f
--- /dev/null
+++ b/lib/freebl/sm3.h
@@ -0,0 +1,19 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SM3_H_
+#define _SM3_H_
+
+#include "prtypes.h"
+
+struct SM3ContextStr {
+ PRUint32 A, B, C, D, E, F, G, H;
+ PRUint32 Nl, Nh;
+ PRUint8 data[64];
+ PRUint32 num;
+};
+
+typedef struct SM3ContextStr SM3Context;
+
+#endif /* _SM3_H_ */
--
2.33.0

338
Feature-nss-support-SM2-signature-algorithm.patch Normal file
View File

@ -0,0 +1,338 @@
From 95151bc198fb304ebaea229be32ad6c207f41887 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Tue, 27 Sep 2022 20:14:27 +0800
Subject: [PATCH 4/4] nss support SM2 signature algorithm
Co-authored-by: godcansee <liu332084460@foxmail.com>
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
---
lib/cryptohi/cryptohi.h | 2 ++
lib/cryptohi/seckey.c | 3 +++
lib/cryptohi/secsign.c | 43 +++++++++++++++++++++++++++++++++++++
lib/cryptohi/secvfy.c | 5 +++++
lib/freebl/ec.c | 5 ++++-
lib/freebl/ecdecode.c | 5 ++++-
lib/freebl/ecl/ecl-curve.h | 33 ++++++++++++++++++++++++++++
lib/freebl/ecl/ecl-exp.h | 1 +
lib/freebl/freebl_base.gypi | 1 +
lib/freebl/manifest.mn | 2 ++
lib/nss/nss.def | 6 ++++++
lib/util/pkcs11n.h | 2 ++
lib/util/secoid.c | 4 ++++
lib/util/secoidt.h | 2 ++
14 files changed, 112 insertions(+), 2 deletions(-)
diff --git a/lib/cryptohi/cryptohi.h b/lib/cryptohi/cryptohi.h
index 7b66f0b..4f99ef9 100644
--- a/lib/cryptohi/cryptohi.h
+++ b/lib/cryptohi/cryptohi.h
@@ -420,6 +420,8 @@ extern SECStatus VFY_VerifyDataWithAlgorithmID(const unsigned char *buf,
const SECAlgorithmID *algid, SECOidTag *hash,
void *wincx);
+SECStatus SEC_CreateSM2Digest(unsigned char *z, SECItem *pub);
+
SEC_END_PROTOS
#endif /* _CRYPTOHI_H_ */
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
index fa13bc3..4bcd43e 100644
--- a/lib/cryptohi/seckey.c
+++ b/lib/cryptohi/seckey.c
@@ -520,6 +520,7 @@ seckey_GetKeyType(SECOidTag tag)
keyType = dhKey;
break;
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ case SEC_OID_SM2:
keyType = ecKey;
break;
/* accommodate applications that hand us a signature type when they
@@ -776,6 +777,7 @@ SECKEY_ECParamsToKeySize(const SECItem *encodedParams)
case SEC_OID_SECG_EC_SECP256K1:
case SEC_OID_ANSIX962_EC_PRIME256V1:
+ case SEC_OID_SM2:
return 256;
case SEC_OID_ANSIX962_EC_C2PNB272W1:
@@ -924,6 +926,7 @@ SECKEY_ECParamsToBasePointOrderLen(const SECItem *encodedParams)
case SEC_OID_SECG_EC_SECP256K1:
case SEC_OID_ANSIX962_EC_PRIME256V1:
+ case SEC_OID_SM2:
return 256;
case SEC_OID_ANSIX962_EC_C2PNB272W1:
diff --git a/lib/cryptohi/secsign.c b/lib/cryptohi/secsign.c
index c46b2b1..90be1d1 100644
--- a/lib/cryptohi/secsign.c
+++ b/lib/cryptohi/secsign.c
@@ -861,3 +861,46 @@ SEC_CreateSignatureAlgorithmParameters(PLArenaPool *arena,
return result;
}
}
+
+// TODO
+const unsigned char zin_default[] = {
+ 0x00, 0x80, // id length
+ 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, // default id: 1234567812345678
+ 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, // sm2 a
+ 0x28, 0xe9, 0xfa, 0x9e, 0x9d, 0x9f, 0x5e, 0x34, 0x4d, 0x5a, 0x9e, 0x4b,
+ 0xcf, 0x65, 0x09, 0xa7, 0xf3, 0x97, 0x89, 0xf5, 0x15, 0xab, 0x8f, 0x92,
+ 0xdd, 0xbc, 0xbd, 0x41, 0x4d, 0x94, 0x0e, 0x93, // sm2 b
+ 0x32, 0xc4, 0xae, 0x2c, 0x1f, 0x19, 0x81, 0x19, 0x5f, 0x99, 0x04, 0x46,
+ 0x6a, 0x39, 0xc9, 0x94, 0x8f, 0xe3, 0x0b, 0xbf, 0xf2, 0x66, 0x0b, 0xe1,
+ 0x71, 0x5a, 0x45, 0x89, 0x33, 0x4c, 0x74, 0xc7, // sm2 x
+ 0xbc, 0x37, 0x36, 0xa2, 0xf4, 0xf6, 0x77, 0x9c, 0x59, 0xbd, 0xce, 0xe3,
+ 0x6b, 0x69, 0x21, 0x53, 0xd0, 0xa9, 0x87, 0x7c, 0xc6, 0x2a, 0x47, 0x40,
+ 0x02, 0xdf, 0x32, 0xe5, 0x21, 0x39, 0xf0, 0xa0 // sm2 y
+};
+
+SECStatus SEC_CreateSM2Digest(unsigned char *z, SECItem *pub)
+{
+ unsigned int len;
+ PK11Context *ctx;
+
+ if (!z || !pub || pub->len != 65)
+ return SECFailure;
+
+ ctx = PK11_CreateDigestContext(SEC_OID_SM3);
+ if (!ctx)
+ return SECFailure;
+
+ if (PK11_DigestBegin(ctx) != SECSuccess ||
+ PK11_DigestOp(ctx, zin_default, sizeof(zin_default)) != SECSuccess ||
+ PK11_DigestOp(ctx, pub->data + 1, 64) != SECSuccess ||
+ PK11_DigestFinal(ctx, z, &len, SM3_LENGTH)) {
+ PK11_DestroyContext(ctx, PR_TRUE);
+ return SECFailure;
+ }
+
+ PK11_DestroyContext(ctx, PR_TRUE);
+ return SECSuccess;
+}
diff --git a/lib/cryptohi/secvfy.c b/lib/cryptohi/secvfy.c
index 1754584..1d75bdf 100644
--- a/lib/cryptohi/secvfy.c
+++ b/lib/cryptohi/secvfy.c
@@ -288,6 +288,8 @@ sec_GetEncAlgFromSigAlg(SECOidTag sigAlg)
case SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST:
case SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST:
return SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ case SEC_OID_SM2_WITH_SM3:
+ return SEC_OID_SM2;
/* we don't implement MD4 hashes */
case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
default:
@@ -430,6 +432,9 @@ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
return SECFailure;
}
break;
+ case SEC_OID_SM2_WITH_SM3:
+ *hashalg = SEC_OID_SM3;
+ break;
/* we don't implement MD4 hashes */
case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
default:
diff --git a/lib/freebl/ec.c b/lib/freebl/ec.c
index 73a625a..bf2aea7 100644
--- a/lib/freebl/ec.c
+++ b/lib/freebl/ec.c
@@ -15,6 +15,7 @@
#include "mplogic.h"
#include "ec.h"
#include "ecl.h"
+#include "sm2.h"
static const ECMethod kMethods[] = {
{ ECCurve25519,
@@ -907,7 +908,9 @@ ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest)
goto cleanup;
/* Generate ECDSA signature with the specified k value */
- rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len);
+ rv = key->ecParams.name == ECCurve_sm2p256v1 ?
+ SM2_SignDigestWithSeed(key, signature, digest, kBytes, len) :
+ ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len);
cleanup:
if (kBytes) {
diff --git a/lib/freebl/ecdecode.c b/lib/freebl/ecdecode.c
index 652ad42..4c090d2 100644
--- a/lib/freebl/ecdecode.c
+++ b/lib/freebl/ecdecode.c
@@ -179,7 +179,10 @@ EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams,
CHECK_SEC_OK(gf_populate_params_bytes(ECCurve25519, ec_field_plain,
params));
break;
-
+ case SEC_OID_SM2:
+ /* Populate params for Curve SM2 */
+ CHECK_SEC_OK(gf_populate_params_bytes(ECCurve_sm2p256v1, ec_field_plain,
+ params));
default:
break;
};
diff --git a/lib/freebl/ecl/ecl-curve.h b/lib/freebl/ecl/ecl-curve.h
index fc8003f..e64fe4d 100644
--- a/lib/freebl/ecl/ecl-curve.h
+++ b/lib/freebl/ecl/ecl-curve.h
@@ -206,6 +206,38 @@ static const ECCurveBytes ecCurve_25519 = {
KU_KEY_AGREEMENT
};
+static const PRUint8 sm2_irr[32] =
+ { 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+static const PRUint8 sm2_a[32] =
+ { 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc };
+static const PRUint8 sm2_b[32] =
+ { 0x28, 0xe9, 0xfa, 0x9e, 0x9d, 0x9f, 0x5e, 0x34, 0x4d, 0x5a, 0x9e, 0x4b,
+ 0xcf, 0x65, 0x09, 0xa7, 0xf3, 0x97, 0x89, 0xf5, 0x15, 0xab, 0x8f, 0x92,
+ 0xdd, 0xbc, 0xbd, 0x41, 0x4d, 0x94, 0x0e, 0x93 };
+static const PRUint8 sm2_x[32] =
+ { 0x32, 0xc4, 0xae, 0x2c, 0x1f, 0x19, 0x81, 0x19, 0x5f, 0x99, 0x04, 0x46,
+ 0x6a, 0x39, 0xc9, 0x94, 0x8f, 0xe3, 0x0b, 0xbf, 0xf2, 0x66, 0x0b, 0xe1,
+ 0x71, 0x5a, 0x45, 0x89, 0x33, 0x4c, 0x74, 0xc7 };
+static const PRUint8 sm2_y[32] =
+ { 0xbc, 0x37, 0x36, 0xa2, 0xf4, 0xf6, 0x77, 0x9c, 0x59, 0xbd, 0xce, 0xe3,
+ 0x6b, 0x69, 0x21, 0x53, 0xd0, 0xa9, 0x87, 0x7c, 0xc6, 0x2a, 0x47, 0x40,
+ 0x02, 0xdf, 0x32, 0xe5, 0x21, 0x39, 0xf0, 0xa0 };
+static const PRUint8 sm2_order[32] =
+ { 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0x72, 0x03, 0xdf, 0x6b, 0x21, 0xc6, 0x05, 0x2b,
+ 0x53, 0xbb, 0xf4, 0x09, 0x39, 0xd5, 0x41, 0x23 };
+
+static const ECCurveBytes ecCurve_sm2p256v1 = {
+ "sm2p256v1", ECField_GFp, 256,
+ sm2_irr, sm2_a, sm2_b, sm2_x, sm2_y, sm2_order, NULL,
+ 8, 128, 66, 32, // TODO
+ KU_KEY_AGREEMENT
+};
+
/* mapping between ECCurveName enum and pointers to ECCurveParams */
static const ECCurveBytes *ecCurve_map[] = {
NULL, /* ECCurve_noName */
@@ -267,6 +299,7 @@ static const ECCurveBytes *ecCurve_map[] = {
NULL, /* ECCurve_WTLS_8 */
NULL, /* ECCurve_WTLS_9 */
&ecCurve_25519, /* ECCurve25519 */
+ &ecCurve_sm2p256v1, /* ECCurve_sm2p256v1 */
NULL /* ECCurve_pastLastCurve */
};
diff --git a/lib/freebl/ecl/ecl-exp.h b/lib/freebl/ecl/ecl-exp.h
index 44adb8a..d071fc9 100644
--- a/lib/freebl/ecl/ecl-exp.h
+++ b/lib/freebl/ecl/ecl-exp.h
@@ -132,6 +132,7 @@ typedef enum {
/* ECCurve_WTLS_12 == ECCurve_NIST_P224 */
ECCurve25519,
+ ECCurve_sm2p256v1,
ECCurve_pastLastCurve
} ECCurveName;
diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi
index 85a569f..253ce8d 100644
--- a/lib/freebl/freebl_base.gypi
+++ b/lib/freebl/freebl_base.gypi
@@ -59,6 +59,7 @@
'sha_fast.c',
'shvfy.c',
'sm3.c',
+ 'sm2.c',
'sysrand.c',
'tlsprfalg.c',
],
diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn
index fd3218d..2dbf7c9 100644
--- a/lib/freebl/manifest.mn
+++ b/lib/freebl/manifest.mn
@@ -158,6 +158,7 @@ CSRCS = \
$(LOWHASH_SRCS) \
$(EXTRA_SRCS) \
sm3.c \
+ sm2.c \
$(NULL)
ifndef NSS_DISABLE_DEPRECATED_SEED
@@ -188,6 +189,7 @@ ALL_HDRS = \
vis_proto.h \
seed.h \
sm3.h \
+ sm2.h \
$(NULL)
diff --git a/lib/nss/nss.def b/lib/nss/nss.def
index e87395b..2bc4965 100644
--- a/lib/nss/nss.def
+++ b/lib/nss/nss.def
@@ -1238,3 +1238,9 @@ PK11_SlotGetLastFIPSStatus;
;+ local:
;+ *;
;+};
+;+NSS_openEuler {
+;+ global:
+SEC_CreateSM2Digest;
+;+ local:
+;+ *;
+;+};
diff --git a/lib/util/pkcs11n.h b/lib/util/pkcs11n.h
index 9bb704c..f195077 100644
--- a/lib/util/pkcs11n.h
+++ b/lib/util/pkcs11n.h
@@ -252,6 +252,8 @@
/* SM algorithm (to be proposed to PKCS #11) */
#define CKM_NSS_SM3 (CKM_NSS + 45)
+#define CKM_NSS_SM2 (CKM_NSS + 46)
+#define CKM_NSS_SM2_WITH_SM3 (CKM_NSS + 47)
/*
diff --git a/lib/util/secoid.c b/lib/util/secoid.c
index 3091d99..f5f2b12 100644
--- a/lib/util/secoid.c
+++ b/lib/util/secoid.c
@@ -606,6 +606,8 @@ CONST_OID curve25519[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01
* 1.2.156.197.1.401
*/
CONST_OID sm3[] = { 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x11 };
+CONST_OID sm2[] = { 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D };
+CONST_OID sm2_with_sm3[] = { 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75 };
#define OI(x) \
{ \
@@ -1801,6 +1803,8 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
"IPsec User",
CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
OD(sm3, SEC_OID_SM3, "SM3", CKM_NSS_SM3, INVALID_CERT_EXTENSION),
+ OD(sm2, SEC_OID_SM2, "SM2", CKM_NSS_SM2, INVALID_CERT_EXTENSION),
+ OD(sm2_with_sm3, SEC_OID_SM2_WITH_SM3, "SM2_WITH_SM3", CKM_NSS_SM2_WITH_SM3, INVALID_CERT_EXTENSION),
};
/* PRIVATE EXTENDED SECOID Table
diff --git a/lib/util/secoidt.h b/lib/util/secoidt.h
index 984b7fb..fe49661 100644
--- a/lib/util/secoidt.h
+++ b/lib/util/secoidt.h
@@ -503,6 +503,8 @@ typedef enum {
SEC_OID_EXT_KEY_USAGE_IPSEC_USER = 363,
SEC_OID_SM3 = 364,
+ SEC_OID_SM2 = 365,
+ SEC_OID_SM2_WITH_SM3 = 366,
SEC_OID_TOTAL
} SECOidTag;
--
2.33.0

564
Feature-nss-support-SM3-digest-algorithm.patch Normal file
View File

@ -0,0 +1,564 @@
From 5cf8e813cd5c765f09e368f0b5f2dbd4e4c430b1 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Sat, 20 Aug 2022 00:49:51 +0800
Subject: [PATCH 2/4] nss support SM3 digest algorithm
Co-authored-by: godcansee <liu332084460@foxmail.com>
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
---
lib/cryptohi/sechash.c | 19 ++++++++
lib/freebl/blapi.h | 18 ++++++++
lib/freebl/blapit.h | 4 ++
lib/freebl/freebl_base.gypi | 1 +
lib/freebl/ldvector.c | 13 +++++-
lib/freebl/loader.c | 91 +++++++++++++++++++++++++++++++++++++
lib/freebl/loader.h | 14 ++++++
lib/freebl/manifest.mn | 2 +
lib/freebl/rawhash.c | 12 +++++
lib/pk11wrap/pk11pars.c | 2 +
lib/pk11wrap/pk11slot.c | 11 ++++-
lib/pk11wrap/secmod.h | 1 +
lib/softoken/pkcs11.c | 1 +
lib/softoken/pkcs11c.c | 2 +
lib/util/hasht.h | 2 +
lib/util/pkcs11n.h | 4 ++
lib/util/secoid.c | 6 +++
lib/util/secoidt.h | 2 +
lib/util/utilmodt.h | 1 +
lib/util/utilpars.c | 1 +
lib/util/utilparst.h | 2 +-
21 files changed, 205 insertions(+), 4 deletions(-)
diff --git a/lib/cryptohi/sechash.c b/lib/cryptohi/sechash.c
index 474fdff..7c4cdbf 100644
--- a/lib/cryptohi/sechash.c
+++ b/lib/cryptohi/sechash.c
@@ -85,6 +85,12 @@ sha512_NewContext(void)
return (void *)PK11_CreateDigestContext(SEC_OID_SHA512);
}
+static void *
+sm3_NewContext(void)
+{
+ return (void *)PK11_CreateDigestContext(SEC_OID_SM3);
+}
+
const SECHashObject SECHashObjects[] = {
{ 0,
(void *(*)(void))null_hash_new_context,
@@ -166,6 +172,16 @@ const SECHashObject SECHashObjects[] = {
PK11_DigestFinal,
SHA224_BLOCK_LENGTH,
HASH_AlgSHA224 },
+ { SM3_LENGTH,
+ (void *(*)(void))sm3_NewContext,
+ (void *(*)(void *))PK11_CloneContext,
+ (void (*)(void *, PRBool))PK11_DestroyContext,
+ (void (*)(void *))PK11_DigestBegin,
+ (void (*)(void *, const unsigned char *, unsigned int))PK11_DigestOp,
+ (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
+ PK11_DigestFinal,
+ SM3_BLOCK_LENGTH,
+ HASH_AlgSM3 },
};
const SECHashObject *
@@ -201,6 +217,9 @@ HASH_GetHashTypeByOidTag(SECOidTag hashOid)
case SEC_OID_SHA512:
ht = HASH_AlgSHA512;
break;
+ case SEC_OID_SM3:
+ ht = HASH_AlgSM3;
+ break;
default:
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
break;
diff --git a/lib/freebl/blapi.h b/lib/freebl/blapi.h
index 94fd802..d53c196 100644
--- a/lib/freebl/blapi.h
+++ b/lib/freebl/blapi.h
@@ -1484,6 +1484,24 @@ extern SECStatus SHA384_Flatten(SHA384Context *cx, unsigned char *space);
extern SHA384Context *SHA384_Resurrect(unsigned char *space, void *arg);
extern void SHA384_Clone(SHA384Context *dest, SHA384Context *src);
+/******************************************/
+
+extern SM3Context *SM3_NewContext(void);
+extern void SM3_DestroyContext(SM3Context *cx, PRBool freeit);
+extern void SM3_Begin(SM3Context *cx);
+extern void SM3_Update(SM3Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+extern void SM3_End(SM3Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+extern SECStatus SM3_HashBuf(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+extern SECStatus SM3_Hash(unsigned char *dest, const char *src);
+extern void SM3_TraceState(SM3Context *cx);
+extern unsigned int SM3_FlattenSize(SM3Context *cx);
+extern SECStatus SM3_Flatten(SM3Context *cx, unsigned char *space);
+extern SM3Context *SM3_Resurrect(unsigned char *space, void *arg);
+extern void SM3_Clone(SM3Context *dest, SM3Context *src);
+
/****************************************
* implement TLS 1.0 Pseudo Random Function (PRF) and TLS P_hash function
*/
diff --git a/lib/freebl/blapit.h b/lib/freebl/blapit.h
index 0054e17..2d400ec 100644
--- a/lib/freebl/blapit.h
+++ b/lib/freebl/blapit.h
@@ -98,6 +98,7 @@ typedef int __BLAPI_DEPRECATED __attribute__((deprecated));
#define SHA384_LENGTH 48 /* bytes */
#define SHA512_LENGTH 64 /* bytes */
#define BLAKE2B512_LENGTH 64 /* Bytes */
+#define SM3_LENGTH 32 /* bytes */
#define HASH_LENGTH_MAX SHA512_LENGTH
/*
@@ -112,6 +113,7 @@ typedef int __BLAPI_DEPRECATED __attribute__((deprecated));
#define SHA384_BLOCK_LENGTH 128 /* bytes */
#define SHA512_BLOCK_LENGTH 128 /* bytes */
#define BLAKE2B_BLOCK_LENGTH 128 /* Bytes */
+#define SM3_BLOCK_LENGTH 64 /* bytes */
#define HASH_BLOCK_LENGTH_MAX SHA512_BLOCK_LENGTH
#define AES_BLOCK_SIZE 16 /* bytes */
@@ -243,6 +245,7 @@ struct MD5ContextStr;
struct SHA1ContextStr;
struct SHA256ContextStr;
struct SHA512ContextStr;
+struct SM3ContextStr;
struct AESKeyWrapContextStr;
struct SEEDContextStr;
struct ChaCha20ContextStr;
@@ -264,6 +267,7 @@ typedef struct SHA256ContextStr SHA224Context;
typedef struct SHA512ContextStr SHA512Context;
/* SHA384Context is really a SHA512ContextStr. This is not a mistake. */
typedef struct SHA512ContextStr SHA384Context;
+typedef struct SM3ContextStr SM3Context;
typedef struct AESKeyWrapContextStr AESKeyWrapContext;
typedef struct SEEDContextStr SEEDContext;
typedef struct ChaCha20ContextStr ChaCha20Context;
diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi
index afbffac..85a569f 100644
--- a/lib/freebl/freebl_base.gypi
+++ b/lib/freebl/freebl_base.gypi
@@ -58,6 +58,7 @@
'rsapkcs.c',
'sha_fast.c',
'shvfy.c',
+ 'sm3.c',
'sysrand.c',
'tlsprfalg.c',
],
diff --git a/lib/freebl/ldvector.c b/lib/freebl/ldvector.c
index ac3b862..67bb001 100644
--- a/lib/freebl/ldvector.c
+++ b/lib/freebl/ldvector.c
@@ -376,9 +376,20 @@ static const struct FREEBLVectorStr vector =
/* End of version 3.024 */
ChaCha20_InitContext,
ChaCha20_CreateContext,
- ChaCha20_DestroyContext
+ ChaCha20_DestroyContext,
/* End of version 3.025 */
+ SM3_NewContext,
+ SM3_DestroyContext,
+ SM3_Begin,
+ SM3_Update,
+ SM3_End,
+ SM3_HashBuf,
+ SM3_Hash,
+ SM3_TraceState,
+ SM3_FlattenSize,
+ SM3_Flatten,
+ SM3_Resurrect
};
const FREEBLVector*
diff --git a/lib/freebl/loader.c b/lib/freebl/loader.c
index 692a883..dc3a37e 100644
--- a/lib/freebl/loader.c
+++ b/lib/freebl/loader.c
@@ -2446,3 +2446,94 @@ CMAC_Destroy(CMACContext *ctx, PRBool free_it)
return;
(vector->p_CMAC_Destroy)(ctx, free_it);
}
+
+SECStatus
+SM3_Hash(unsigned char *dest, const char *src)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SM3_Hash)(dest, src);
+}
+
+SECStatus
+SM3_HashBuf(unsigned char *dest, const unsigned char *src, PRUint32 src_length)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SM3_HashBuf)(dest, src, src_length);
+}
+
+SM3Context *
+SM3_NewContext(void)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SM3_NewContext)();
+}
+
+void
+SM3_DestroyContext(SM3Context *cx, PRBool freeit)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SM3_DestroyContext)(cx, freeit);
+}
+
+void
+SM3_Begin(SM3Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SM3_Begin)(cx);
+}
+
+void
+SM3_Update(SM3Context *cx, const unsigned char *input,
+ unsigned int inputLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SM3_Update)(cx, input, inputLen);
+}
+
+void
+SM3_End(SM3Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SM3_End)(cx, digest, digestLen, maxDigestLen);
+}
+
+void
+SM3_TraceState(SM3Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return;
+ (vector->p_SM3_TraceState)(cx);
+}
+
+unsigned int
+SM3_FlattenSize(SM3Context *cx)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return 0;
+ return (vector->p_SM3_FlattenSize)(cx);
+}
+
+SECStatus
+SM3_Flatten(SM3Context *cx, unsigned char *space)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return SECFailure;
+ return (vector->p_SM3_Flatten)(cx, space);
+}
+
+SM3Context *
+SM3_Resurrect(unsigned char *space, void *arg)
+{
+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+ return NULL;
+ return (vector->p_SM3_Resurrect)(space, arg);
+}
+
diff --git a/lib/freebl/loader.h b/lib/freebl/loader.h
index eb3046d..f67595e 100644
--- a/lib/freebl/loader.h
+++ b/lib/freebl/loader.h
@@ -831,6 +831,20 @@ struct FREEBLVectorStr {
void (*p_ChaCha20_DestroyContext)(ChaCha20Context *ctx, PRBool freeit);
/* Version 3.025 came to here */
+ SM3Context *(*p_SM3_NewContext)(void);
+ void (*p_SM3_DestroyContext)(SM3Context *cx, PRBool freeit);
+ void (*p_SM3_Begin)(SM3Context *cx);
+ void (*p_SM3_Update)(SM3Context *cx, const unsigned char *input,
+ unsigned int inputLen);
+ void (*p_SM3_End)(SM3Context *cx, unsigned char *digest,
+ unsigned int *digestLen, unsigned int maxDigestLen);
+ SECStatus (*p_SM3_HashBuf)(unsigned char *dest, const unsigned char *src,
+ PRUint32 src_length);
+ SECStatus (*p_SM3_Hash)(unsigned char *dest, const char *src);
+ void (*p_SM3_TraceState)(SM3Context *cx);
+ unsigned int (*p_SM3_FlattenSize)(SM3Context *cx);
+ SECStatus (*p_SM3_Flatten)(SM3Context *cx, unsigned char *space);
+ SM3Context *(*p_SM3_Resurrect)(unsigned char *space, void *arg);
/* Add new function pointers at the end of this struct and bump
* FREEBL_VERSION at the beginning of this file. */
diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn
index 9dac210..fd3218d 100644
--- a/lib/freebl/manifest.mn
+++ b/lib/freebl/manifest.mn
@@ -157,6 +157,7 @@ CSRCS = \
$(STUBS_SRCS) \
$(LOWHASH_SRCS) \
$(EXTRA_SRCS) \
+ sm3.c \
$(NULL)
ifndef NSS_DISABLE_DEPRECATED_SEED
@@ -186,6 +187,7 @@ ALL_HDRS = \
shsign.h \
vis_proto.h \
seed.h \
+ sm3.h \
$(NULL)
diff --git a/lib/freebl/rawhash.c b/lib/freebl/rawhash.c
index 551727b..c74cbbc 100644
--- a/lib/freebl/rawhash.c
+++ b/lib/freebl/rawhash.c
@@ -141,6 +141,18 @@ const SECHashObject SECRawHashObjects[] = {
HASH_AlgSHA224,
(void (*)(void *, unsigned char *, unsigned int *,
unsigned int))SHA224_EndRaw },
+ { SM3_LENGTH,
+ (void *(*)(void))SM3_NewContext,
+ (void *(*)(void *))null_hash_clone_context,
+ (void (*)(void *, PRBool))SM3_DestroyContext,
+ (void (*)(void *))SM3_Begin,
+ (void (*)(void *, const unsigned char *, unsigned int))SM3_Update,
+ (void (*)(void *, unsigned char *, unsigned int *,
+ unsigned int))SM3_End,
+ SM3_BLOCK_LENGTH,
+ HASH_AlgSM3,
+ NULL /* end_raw */
+ },
};
const SECHashObject *
diff --git a/lib/pk11wrap/pk11pars.c b/lib/pk11wrap/pk11pars.c
index 23e5af3..c127309 100644
--- a/lib/pk11wrap/pk11pars.c
+++ b/lib/pk11wrap/pk11pars.c
@@ -338,6 +338,8 @@ static const oidValDef hashOptList[] = {
{ CIPHER_NAME("SHA384"), SEC_OID_SHA384,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
{ CIPHER_NAME("SHA512"), SEC_OID_SHA512,
+ NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE },
+ { CIPHER_NAME("SM3"), SEC_OID_SM3,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SIGNATURE }
};
diff --git a/lib/pk11wrap/pk11slot.c b/lib/pk11wrap/pk11slot.c
index c320019..41a326b 100644
--- a/lib/pk11wrap/pk11slot.c
+++ b/lib/pk11wrap/pk11slot.c
@@ -51,6 +51,7 @@ const PK11DefaultArrayEntry PK11_DefaultArray[] = {
{ "SHA512", SECMOD_SHA512_FLAG, CKM_SHA512 },
{ "MD5", SECMOD_MD5_FLAG, CKM_MD5 },
{ "MD2", SECMOD_MD2_FLAG, CKM_MD2 },
+ { "SM3", SECMOD_SM3_FLAG, CKM_NSS_SM3 },
{ "SSL", SECMOD_SSL_FLAG, CKM_SSL3_PRE_MASTER_KEY_GEN },
{ "TLS", SECMOD_TLS_FLAG, CKM_TLS_MASTER_KEY_DERIVE },
{ "SKIPJACK", SECMOD_FORTEZZA_FLAG, CKM_SKIPJACK_CBC64 },
@@ -93,7 +94,8 @@ static PK11SlotList
pk11_tlsSlotList,
pk11_randomSlotList,
pk11_sha256SlotList,
- pk11_sha512SlotList; /* slots do SHA512 and SHA384 */
+ pk11_sha512SlotList, /* slots do SHA512 and SHA384 */
+ pk11_sm3SlotList;
/************************************************************
* Generic Slot List and Slot List element manipulations
@@ -838,6 +840,7 @@ PK11_InitSlotLists(void)
pk11_InitSlotListStatic(&pk11_randomSlotList);
pk11_InitSlotListStatic(&pk11_sha256SlotList);
pk11_InitSlotListStatic(&pk11_sha512SlotList);
+ pk11_InitSlotListStatic(&pk11_sm3SlotList);
return SECSuccess;
}
@@ -864,6 +867,7 @@ PK11_DestroySlotLists(void)
pk11_FreeSlotListStatic(&pk11_randomSlotList);
pk11_FreeSlotListStatic(&pk11_sha256SlotList);
pk11_FreeSlotListStatic(&pk11_sha512SlotList);
+ pk11_FreeSlotListStatic(&pk11_sm3SlotList);
return;
}
@@ -911,6 +915,8 @@ PK11_GetSlotList(CK_MECHANISM_TYPE type)
return &pk11_md5SlotList;
case CKM_MD2:
return &pk11_md2SlotList;
+ case CKM_NSS_SM3:
+ return &pk11_sm3SlotList;
case CKM_RC2_ECB:
case CKM_RC2_CBC:
return &pk11_rc2SlotList;
@@ -2362,7 +2368,8 @@ PK11_GetBestSlotMultipleWithAttributes(CK_MECHANISM_TYPE *type,
(type[i] != CKM_SHA384) &&
(type[i] != CKM_SHA512) &&
(type[i] != CKM_MD5) &&
- (type[i] != CKM_MD2)) {
+ (type[i] != CKM_MD2) &&
+ (type[i] != CKM_NSS_SM3)) {
listNeedLogin = PR_TRUE;
break;
}
diff --git a/lib/pk11wrap/secmod.h b/lib/pk11wrap/secmod.h
index fcc7707..dbc58e8 100644
--- a/lib/pk11wrap/secmod.h
+++ b/lib/pk11wrap/secmod.h
@@ -29,6 +29,7 @@
#define PUBLIC_MECH_CAMELLIA_FLAG 0x00010000ul
#define PUBLIC_MECH_SEED_FLAG 0x00020000ul
#define PUBLIC_MECH_ECC_FLAG 0x00040000ul
+#define PUBLIC_MECH_SM3_FLAG 0x00080000ul
#define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
#define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c
index 3f49333..323b2e2 100644
--- a/lib/softoken/pkcs11.c
+++ b/lib/softoken/pkcs11.c
@@ -452,6 +452,7 @@ static const struct mechanismList mechanisms[] = {
{ CKM_NSS_TLS_PRF_GENERAL_SHA256,
{ 0, 512, CKF_SN_VR },
PR_FALSE },
+ { CKM_NSS_SM3, { 0, 0, CKF_DIGEST }, PR_FALSE },
/* ------------------------- HKDF Operations -------------------------- */
{ CKM_HKDF_DERIVE, { 1, 255 * 64, CKF_DERIVE }, PR_TRUE },
{ CKM_HKDF_DATA, { 1, 255 * 64, CKF_DERIVE }, PR_TRUE },
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
index 201a0c7..813f4d7 100644
--- a/lib/softoken/pkcs11c.c
+++ b/lib/softoken/pkcs11c.c
@@ -1939,6 +1939,8 @@ NSC_DigestInit(CK_SESSION_HANDLE hSession,
INIT_MECH(SHA256)
INIT_MECH(SHA384)
INIT_MECH(SHA512)
+#define CKM_SM3 CKM_NSS_SM3
+ INIT_MECH(SM3)
default:
crv = CKR_MECHANISM_INVALID;
diff --git a/lib/util/hasht.h b/lib/util/hasht.h
index 536d34c..556c6ba 100644
--- a/lib/util/hasht.h
+++ b/lib/util/hasht.h
@@ -24,6 +24,7 @@ typedef enum {
HASH_AlgSHA384 = 5,
HASH_AlgSHA512 = 6,
HASH_AlgSHA224 = 7,
+ HASH_AlgSM3 = 8,
HASH_AlgTOTAL
} HASH_HashType;
@@ -37,6 +38,7 @@ typedef enum {
#define SHA256_LENGTH 32
#define SHA384_LENGTH 48
#define SHA512_LENGTH 64
+#define SM3_LENGTH 32
#define HASH_LENGTH_MAX SHA512_LENGTH
/*
diff --git a/lib/util/pkcs11n.h b/lib/util/pkcs11n.h
index 9a8126a..9bb704c 100644
--- a/lib/util/pkcs11n.h
+++ b/lib/util/pkcs11n.h
@@ -250,6 +250,10 @@
#define CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA (CKM_NSS + 43)
#define CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA (CKM_NSS + 44)
+/* SM algorithm (to be proposed to PKCS #11) */
+#define CKM_NSS_SM3 (CKM_NSS + 45)
+
+
/*
* HISTORICAL:
* Do not attempt to use these. They are only used by NSS's internal
diff --git a/lib/util/secoid.c b/lib/util/secoid.c
index b10f859..3091d99 100644
--- a/lib/util/secoid.c
+++ b/lib/util/secoid.c
@@ -602,6 +602,11 @@ CONST_OID evIncorporationCountry[] = { EV_NAME_ATTRIBUTE, 3 };
*/
CONST_OID curve25519[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01 };
+/* https://datatracker.ietf.org/doc/html/draft-oscca-cfrg-sm3-02
+ * 1.2.156.197.1.401
+ */
+CONST_OID sm3[] = { 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x11 };
+
#define OI(x) \
{ \
siDEROID, (unsigned char *)x, sizeof x \
@@ -1795,6 +1800,7 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
SEC_OID_EXT_KEY_USAGE_IPSEC_USER,
"IPsec User",
CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(sm3, SEC_OID_SM3, "SM3", CKM_NSS_SM3, INVALID_CERT_EXTENSION),
};
/* PRIVATE EXTENDED SECOID Table
diff --git a/lib/util/secoidt.h b/lib/util/secoidt.h
index 2b7eb21..984b7fb 100644
--- a/lib/util/secoidt.h
+++ b/lib/util/secoidt.h
@@ -502,6 +502,8 @@ typedef enum {
SEC_OID_EXT_KEY_USAGE_IPSEC_TUNNEL = 362,
SEC_OID_EXT_KEY_USAGE_IPSEC_USER = 363,
+ SEC_OID_SM3 = 364,
+
SEC_OID_TOTAL
} SECOidTag;
diff --git a/lib/util/utilmodt.h b/lib/util/utilmodt.h
index e1555f3..cc927dd 100644
--- a/lib/util/utilmodt.h
+++ b/lib/util/utilmodt.h
@@ -28,6 +28,7 @@
#define SECMOD_CAMELLIA_FLAG 0x00010000L /* = PUBLIC_MECH_CAMELLIA_FLAG */
#define SECMOD_SEED_FLAG 0x00020000L
#define SECMOD_ECC_FLAG 0x00040000L
+#define SECMOD_SM3_FLAG 0x00080000L
/* reserved bit for future, do not use */
#define SECMOD_RESERVED_FLAG 0X08000000L
#define SECMOD_FRIENDLY_FLAG 0x10000000L
diff --git a/lib/util/utilpars.c b/lib/util/utilpars.c
index c248aa6..56ede24 100644
--- a/lib/util/utilpars.c
+++ b/lib/util/utilpars.c
@@ -607,6 +607,7 @@ static struct nssutilArgSlotFlagTable nssutil_argSlotFlagTable[] = {
NSSUTIL_ARG_ENTRY(AES, SECMOD_AES_FLAG),
NSSUTIL_ARG_ENTRY(Camellia, SECMOD_CAMELLIA_FLAG),
NSSUTIL_ARG_ENTRY(SEED, SECMOD_SEED_FLAG),
+ NSSUTIL_ARG_ENTRY(SM3, SECMOD_SM3_FLAG),
NSSUTIL_ARG_ENTRY(PublicCerts, SECMOD_FRIENDLY_FLAG),
NSSUTIL_ARG_ENTRY(RANDOM, SECMOD_RANDOM_FLAG),
NSSUTIL_ARG_ENTRY(Disable, SECMOD_DISABLE_FLAG),
diff --git a/lib/util/utilparst.h b/lib/util/utilparst.h
index 5dda090..7a4c9f7 100644
--- a/lib/util/utilparst.h
+++ b/lib/util/utilparst.h
@@ -43,7 +43,7 @@
#define NSSUTIL_DEFAULT_INTERNAL_INIT3 \
" askpw=any timeout=30})\""
#define NSSUTIL_DEFAULT_SFTKN_FLAGS \
- "slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]"
+ "slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512,SM3]"
#define NSSUTIL_DEFAULT_CIPHER_ORDER 0
#define NSSUTIL_DEFAULT_TRUST_ORDER 50
--
2.33.0

15
nss.spec
View File

@ -14,7 +14,7 @@
Summary: Network Security Services
Name: nss
Version: %{nss_version}
Release: 3
Release: 4
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Provides: nss-system-init
@ -43,6 +43,12 @@ Patch0: nss-539183.patch
Patch6000: backport-CVE-2021-43527.patch
# Feature: support sm2 and sm3
Patch9000: Feature-nss-add-implement-of-SM3-digest-algorithm.patch
Patch9001: Feature-nss-add-implement-of-SM2-signature-algorithm.patch
Patch9002: Feature-nss-support-SM3-digest-algorithm.patch
Patch9003: Feature-nss-support-SM2-signature-algorithm.patch
%description
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
@ -127,6 +133,10 @@ Help document for NSS
%patch0 -p0 -b .539183
pushd nss
%patch6000 -p1
%patch9000 -p1
%patch9001 -p1
%patch9002 -p1
%patch9003 -p1
popd
%build
@ -549,6 +559,9 @@ update-crypto-policies &>/dev/null||:
%doc %{_mandir}/man*
%changelog
* Thu Oct 27 2022 luhuaxin <luhuaxin1@huawei.com> - 3.72.0-4
- optimize support for sm2,sm3
* Thu Aug 04 2022 renhongxun <renhongxun@h-partners.com> - 3.72.0-3
- remove nss-help from Requires of nss and nss-util