diff --git a/CMakeLists.txt b/CMakeLists.txt index a8b33304..b664ba37 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -865,7 +865,7 @@ endif() # set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_VENDOR "GmSSL develop team") -set(CPACK_PACKAGE_VERSION "3.3.0-dev.1150") +set(CPACK_PACKAGE_VERSION "3.3.0-dev.1151") set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_NSIS_MODIFY_PATH ON) include(CPack) diff --git a/cmake/tool_cert.cmake b/cmake/tool_cert.cmake index 43f2e841..0c36f4d3 100644 --- a/cmake/tool_cert.cmake +++ b/cmake/tool_cert.cmake @@ -51,14 +51,26 @@ function(gmssl_generate_key alg key_file export_file) endif() endfunction() +function(gmssl_x509_sig_alg alg out_var) + if(alg STREQUAL SM2) + set(${out_var} sm2sign-with-sm3 PARENT_SCOPE) + elseif(alg STREQUAL P256) + set(${out_var} ecdsa-with-sha256 PARENT_SCOPE) + else() + message(FATAL_ERROR "unknown key algorithm: ${alg}") + endif() +endfunction() + function(gmssl_generate_root_ca alg prefix common_name) gmssl_generate_key(${alg} "${prefix}_key.pem" "${prefix}_key.exp") + gmssl_x509_sig_alg(${alg} sig_alg) gmssl_run(bin/gmssl certgen ${GMSSL_TEST_SUBJECT} -CN "${common_name}" -days 3650 -key "${prefix}_key.pem" -pass ${GMSSL_TEST_PASS} + -sig_alg ${sig_alg} -out "${prefix}_cert.pem" -key_usage keyCertSign -key_usage cRLSign @@ -68,11 +80,13 @@ endfunction() function(gmssl_generate_ca alg prefix common_name issuer_cert issuer_key path_len) gmssl_generate_key(${alg} "${prefix}_key.pem" "${prefix}_key.exp") + gmssl_x509_sig_alg(${alg} sig_alg) gmssl_run(bin/gmssl reqgen ${GMSSL_TEST_SUBJECT} -CN "${common_name}" -key "${prefix}_key.pem" -pass ${GMSSL_TEST_PASS} + -sig_alg ${sig_alg} -out "${prefix}_req.pem") gmssl_read_generated_pem("${prefix}_req.pem" "-----BEGIN CERTIFICATE REQUEST-----") gmssl_run(bin/gmssl reqsign @@ -84,6 +98,7 @@ function(gmssl_generate_ca alg prefix common_name issuer_cert issuer_key path_le -cacert "${issuer_cert}" -key "${issuer_key}" -pass ${GMSSL_TEST_PASS} + -sig_alg ${sig_alg} -out "${prefix}_cert.pem" -ca) gmssl_read_generated_pem("${prefix}_cert.pem" "-----BEGIN CERTIFICATE-----") @@ -96,11 +111,13 @@ function(gmssl_generate_end_entity alg prefix common_name issuer_cert issuer_key set(export_file "") endif() gmssl_generate_key(${alg} "${prefix}_key.pem" "${export_file}") + gmssl_x509_sig_alg(${alg} sig_alg) gmssl_run(bin/gmssl reqgen ${GMSSL_TEST_SUBJECT} -CN "${common_name}" -key "${prefix}_key.pem" -pass ${GMSSL_TEST_PASS} + -sig_alg ${sig_alg} -out "${prefix}_req.pem") gmssl_read_generated_pem("${prefix}_req.pem" "-----BEGIN CERTIFICATE REQUEST-----") @@ -111,6 +128,7 @@ function(gmssl_generate_end_entity alg prefix common_name issuer_cert issuer_key -cacert "${issuer_cert}" -key "${issuer_key}" -pass ${GMSSL_TEST_PASS} + -sig_alg ${sig_alg} -out "${prefix}_cert.pem") if(ext_key_usage) list(APPEND sign_args -ext_key_usage ${ext_key_usage}) diff --git a/cmake/tool_crl.cmake b/cmake/tool_crl.cmake index c5f0714e..32f34e9f 100644 --- a/cmake/tool_crl.cmake +++ b/cmake/tool_crl.cmake @@ -12,6 +12,7 @@ gmssl_run(crlgen -cacert sm2_tls_server_ca2_cert.pem -key sm2_tls_server_ca2_key.pem -pass P@ssw0rd + -sig_alg sm2sign-with-sm3 -next_update 20270101000000Z -gen_authority_key_id -crl_num 1 diff --git a/cmake/tool_ocsp.cmake b/cmake/tool_ocsp.cmake index 32f670ea..a41fbe9f 100644 --- a/cmake/tool_ocsp.cmake +++ b/cmake/tool_ocsp.cmake @@ -17,6 +17,7 @@ gmssl_run(ocspsign -signer sm2_ocsp_responder_cert.pem -key sm2_ocsp_responder_key.pem -pass P@ssw0rd + -sig_alg sm2sign-with-sm3 -status good -certs sm2_ocsp_responder_cert.pem -out tool_ocsp_resp.der diff --git a/include/gmssl/ecdsa.h b/include/gmssl/ecdsa.h index e93a821d..80d5af5e 100644 --- a/include/gmssl/ecdsa.h +++ b/include/gmssl/ecdsa.h @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include @@ -47,16 +47,17 @@ int ecdsa_verify(const SECP256R1_KEY *key, const uint8_t dgst[32], const uint8_t typedef struct { - SHA256_CTX sha256_ctx; + DIGEST_CTX digest_ctx; SECP256R1_KEY key; ECDSA_SIGNATURE sig; } ECDSA_SIGN_CTX; -int ecdsa_sign_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key); +int ecdsa_sign_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const DIGEST *digest); int ecdsa_sign_update(ECDSA_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int ecdsa_sign_finish(ECDSA_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen); int ecdsa_sign_finish_fixlen(ECDSA_SIGN_CTX *ctx, size_t siglen, uint8_t *sig); -int ecdsa_verify_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const uint8_t *sig, size_t siglen); +int ecdsa_verify_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const DIGEST *digest, + const uint8_t *sig, size_t siglen); int ecdsa_verify_update(ECDSA_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int ecdsa_verify_finish(ECDSA_SIGN_CTX *ctx); diff --git a/include/gmssl/ocsp.h b/include/gmssl/ocsp.h index cee8727b..5a0a06d8 100644 --- a/include/gmssl/ocsp.h +++ b/include/gmssl/ocsp.h @@ -268,6 +268,7 @@ typedef struct { size_t issuer_cert_len; int responder_id_type; + int signature_algor; time_t produced_at; time_t next_update; int revocation_reason; @@ -289,6 +290,7 @@ int ocsp_sign_init(OCSP_SIGN_CTX *ctx, const uint8_t *issuer_cert, size_t issuer_cert_len); int ocsp_sign_set_responder_id_type(OCSP_SIGN_CTX *ctx, int responder_id_type); +int ocsp_sign_set_signature_algor(OCSP_SIGN_CTX *ctx, int signature_algor); int ocsp_sign_set_produced_at(OCSP_SIGN_CTX *ctx, time_t produced_at); int ocsp_sign_set_next_update(OCSP_SIGN_CTX *ctx, time_t next_update); int ocsp_sign_set_revocation_reason(OCSP_SIGN_CTX *ctx, int revocation_reason); diff --git a/include/gmssl/version.h b/include/gmssl/version.h index ec9c500d..b191af8e 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -18,7 +18,7 @@ extern "C" { #define GMSSL_VERSION_NUM 30300 -#define GMSSL_VERSION_STR "GmSSL 3.3.0-dev.1150" +#define GMSSL_VERSION_STR "GmSSL 3.3.0-dev.1151" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/include/gmssl/x509_key.h b/include/gmssl/x509_key.h index 0032e810..f48afaf1 100644 --- a/include/gmssl/x509_key.h +++ b/include/gmssl/x509_key.h @@ -252,8 +252,8 @@ typedef struct { OID_xmssmt_hashsig OID_sphincs_hashsig */ -int x509_key_get_sign_algor(const X509_KEY *key, int *algor); -int x509_key_get_signature_size(const X509_KEY *key, size_t *siglen); +int x509_key_supports_sign_algor(const X509_KEY *key, int sign_algor); +int x509_key_get_signature_size(const X509_KEY *key, int sign_algor, size_t *siglen); /* x509_sign_init @@ -272,12 +272,12 @@ int x509_key_get_signature_size(const X509_KEY *key, size_t *siglen); OID_sphincs_hashsig:OID_undef OID_sphincs_hashsig u8 rand[16] 16 randomized signature NULL 0 deterministic signature */ -int x509_sign_init(X509_SIGN_CTX *ctx, X509_KEY *key, const void *args, size_t argslen); +int x509_sign_init(X509_SIGN_CTX *ctx, X509_KEY *key, int sign_algor, const void *args, size_t argslen); int x509_sign_set_signature_size(X509_SIGN_CTX *ctx, size_t siglen); int x509_sign_update(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int x509_sign_finish(X509_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen); int x509_sign(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen, uint8_t *sig, size_t *siglen); -int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, const void *args, size_t argslen, +int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, int sign_algor, const void *args, size_t argslen, const uint8_t *sig, size_t siglen); int x509_verify_update(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen); int x509_verify_finish(X509_SIGN_CTX *ctx); diff --git a/src/ecdsa.c b/src/ecdsa.c index 9ed40a5e..0b7fd6d4 100644 --- a/src/ecdsa.c +++ b/src/ecdsa.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include @@ -261,17 +261,23 @@ int ecdsa_verify(const SECP256R1_KEY *key, const uint8_t dgst[32], const uint8_t return ret; } -int ecdsa_sign_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key) +int ecdsa_sign_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const DIGEST *digest) { if (!ctx || !key) { error_print(); return -1; } + if (!digest) { + digest = DIGEST_sha256(); + } memset(ctx, 0, sizeof(ECDSA_SIGN_CTX)); ctx->key = *key; - sha256_init(&ctx->sha256_ctx); + if (digest_init(&ctx->digest_ctx, digest) != 1) { + error_print(); + return -1; + } return 1; } @@ -282,22 +288,28 @@ int ecdsa_sign_update(ECDSA_SIGN_CTX *ctx, const uint8_t *data, size_t datalen) error_print(); return -1; } - if (data && datalen) { - sha256_update(&ctx->sha256_ctx, data, datalen); + if (digest_update(&ctx->digest_ctx, data, datalen) != 1) { + error_print(); + return -1; } return 1; } int ecdsa_sign_finish(ECDSA_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen) { - uint8_t dgst[32]; + uint8_t dgst[DIGEST_MAX_SIZE]; + size_t dgstlen; if (!ctx || !sig || !siglen) { error_print(); return -1; } - sha256_finish(&ctx->sha256_ctx, dgst); + if (digest_finish(&ctx->digest_ctx, dgst, &dgstlen) != 1 + || dgstlen < 32) { + error_print(); + return -1; + } if (ecdsa_sign(&ctx->key, dgst, sig, siglen) != 1) { error_print(); @@ -308,14 +320,19 @@ int ecdsa_sign_finish(ECDSA_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen) int ecdsa_sign_finish_fixlen(ECDSA_SIGN_CTX *ctx, size_t siglen, uint8_t *sig) { - uint8_t dgst[32]; + uint8_t dgst[DIGEST_MAX_SIZE]; + size_t dgstlen; if (!ctx || !sig || !siglen) { error_print(); return -1; } - sha256_finish(&ctx->sha256_ctx, dgst); + if (digest_finish(&ctx->digest_ctx, dgst, &dgstlen) != 1 + || dgstlen < 32) { + error_print(); + return -1; + } if (ecdsa_sign_fixlen(&ctx->key, dgst, siglen, sig) != 1) { error_print(); @@ -329,7 +346,8 @@ int ecdsa_sign_finish_fixlen(ECDSA_SIGN_CTX *ctx, size_t siglen, uint8_t *sig) -int ecdsa_verify_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const uint8_t *sig, size_t siglen) +int ecdsa_verify_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const DIGEST *digest, + const uint8_t *sig, size_t siglen) { if (!ctx || !key || !sig || !siglen) { error_print(); @@ -347,7 +365,13 @@ int ecdsa_verify_init(ECDSA_SIGN_CTX *ctx, const SECP256R1_KEY *key, const uint8 ctx->key = *key; - sha256_init(&ctx->sha256_ctx); + if (!digest) { + digest = DIGEST_sha256(); + } + if (digest_init(&ctx->digest_ctx, digest) != 1) { + error_print(); + return -1; + } return 1; } @@ -359,8 +383,9 @@ int ecdsa_verify_update(ECDSA_SIGN_CTX *ctx, const uint8_t *data, size_t datalen error_print(); return -1; } - if (data && datalen) { - sha256_update(&ctx->sha256_ctx, data, datalen); + if (digest_update(&ctx->digest_ctx, data, datalen) != 1) { + error_print(); + return -1; } return 1; } @@ -368,7 +393,8 @@ int ecdsa_verify_update(ECDSA_SIGN_CTX *ctx, const uint8_t *data, size_t datalen int ecdsa_verify_finish(ECDSA_SIGN_CTX *ctx) { - uint8_t dgst[32]; + uint8_t dgst[DIGEST_MAX_SIZE]; + size_t dgstlen; int ret; if (!ctx) { @@ -376,7 +402,11 @@ int ecdsa_verify_finish(ECDSA_SIGN_CTX *ctx) return -1; } - sha256_finish(&ctx->sha256_ctx, dgst); + if (digest_finish(&ctx->digest_ctx, dgst, &dgstlen) != 1 + || dgstlen < 32) { + error_print(); + return -1; + } if ((ret = ecdsa_do_verify(&ctx->key, dgst, &ctx->sig)) < 0) { error_print(); @@ -384,4 +414,3 @@ int ecdsa_verify_finish(ECDSA_SIGN_CTX *ctx) } return ret; } - diff --git a/src/ocsp.c b/src/ocsp.c index ae994209..0f4e3669 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -1901,6 +1901,7 @@ int ocsp_sign_init(OCSP_SIGN_CTX *ctx, ctx->issuer_cert = issuer_cert; ctx->issuer_cert_len = issuer_cert_len; ctx->responder_id_type = OCSP_responder_id_by_name; + ctx->signature_algor = OID_sm2sign_with_sm3; ctx->produced_at = time(NULL); ctx->next_update = (time_t)-1; ctx->revocation_reason = -1; @@ -1926,6 +1927,16 @@ int ocsp_sign_set_responder_id_type(OCSP_SIGN_CTX *ctx, int responder_id_type) return 1; } +int ocsp_sign_set_signature_algor(OCSP_SIGN_CTX *ctx, int signature_algor) +{ + if (!ctx || !x509_signature_algor_name(signature_algor)) { + error_print(); + return -1; + } + ctx->signature_algor = signature_algor; + return 1; +} + int ocsp_sign_set_produced_at(OCSP_SIGN_CTX *ctx, time_t produced_at) { if (!ctx || produced_at == (time_t)-1) { @@ -2107,8 +2118,9 @@ int ocsp_sign(OCSP_SIGN_CTX *ctx, return -1; } - if (x509_key_get_sign_algor(sign_key, &sign_algor) != 1 - || x509_key_get_signature_size(sign_key, &signature_len) != 1) { + sign_algor = ctx->signature_algor; + if (x509_key_supports_sign_algor(sign_key, sign_algor) != 1 + || x509_key_get_signature_size(sign_key, sign_algor, &signature_len) != 1) { error_print(); return -1; } @@ -2116,7 +2128,7 @@ int ocsp_sign(OCSP_SIGN_CTX *ctx, signature_len = SM2_signature_typical_size; } - if (x509_sign_init(&sign_ctx, sign_key, sign_args, sign_args_len) != 1) { + if (x509_sign_init(&sign_ctx, sign_key, sign_algor, sign_args, sign_args_len) != 1) { error_print(); return -1; } @@ -2200,7 +2212,6 @@ static int ocsp_verify_signature(const uint8_t *response_data, size_t response_d { X509_KEY public_key; X509_SIGN_CTX verify_ctx; - int sign_algor; const void *sign_args = signer_id; size_t sign_args_len = signer_id_len; @@ -2212,12 +2223,11 @@ static int ocsp_verify_signature(const uint8_t *response_data, size_t response_d error_print(); return -1; } - if (x509_cert_get_subject_public_key(signer_cert, signer_cert_len, &public_key) != 1 - || x509_key_get_sign_algor(&public_key, &sign_algor) != 1) { + if (x509_cert_get_subject_public_key(signer_cert, signer_cert_len, &public_key) != 1) { error_print(); return -1; } - if (signature_algor != sign_algor) { + if (x509_key_supports_sign_algor(&public_key, signature_algor) != 1) { error_print(); return -1; } @@ -2225,7 +2235,7 @@ static int ocsp_verify_signature(const uint8_t *response_data, size_t response_d sign_args = SM2_DEFAULT_ID; sign_args_len = SM2_DEFAULT_ID_LENGTH; } - if (x509_verify_init(&verify_ctx, &public_key, sign_args, sign_args_len, + if (x509_verify_init(&verify_ctx, &public_key, signature_algor, sign_args, sign_args_len, signature, signature_len) != 1 || x509_verify_update(&verify_ctx, response_data, response_data_len) != 1 || x509_verify_finish(&verify_ctx) != 1) { diff --git a/src/sct.c b/src/sct.c index 190df334..bced5b7d 100644 --- a/src/sct.c +++ b/src/sct.c @@ -296,8 +296,7 @@ int signed_certificate_timestamp_verify(const uint8_t *sct, size_t sct_len, error_print(); return -1; } - if (x509_verify_init(&verify_ctx, key, NULL, 0, sig, siglen) != 1 - || verify_ctx.sign_algor != sig_alg_oid + if (x509_verify_init(&verify_ctx, key, sig_alg_oid, NULL, 0, sig, siglen) != 1 || x509_verify_update(&verify_ctx, signed_data, signed_data_len) != 1 || x509_verify_finish(&verify_ctx) != 1) { error_print(); @@ -389,8 +388,7 @@ int sct_list_verify(const uint8_t *sct_list, size_t sct_list_len, } if (x509_verify_init(&verify_ctx, &ct_logs[i].log_key, - NULL, 0, sig, siglen) == 1 - && verify_ctx.sign_algor == sig_alg_oid + sig_alg_oid, NULL, 0, sig, siglen) == 1 && x509_verify_update(&verify_ctx, signed_data, signed_data_len) == 1 && x509_verify_finish(&verify_ctx) == 1) { diff --git a/src/tlcp.c b/src/tlcp.c index 7ebbf341..228ee2e2 100644 --- a/src/tlcp.c +++ b/src/tlcp.c @@ -1196,6 +1196,7 @@ int tlcp_recv_client_hello(TLS_CONNECT *conn) switch (conn->cipher_suite) { case TLS_cipher_ecc_sm4_cbc_sm3: case TLS_cipher_ecc_sm4_gcm_sm3: + conn->sig_alg = TLS_sig_sm2sig_sm3; conn->signature_algorithms[0] = TLS_sig_sm2sig_sm3; break; case TLS_cipher_ecdhe_sm4_cbc_sm3: diff --git a/src/tls12.c b/src/tls12.c index 71b86a7d..653a0478 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -680,12 +680,24 @@ static int tls12_key_exchange_group_match_cipher_suite(int group, int cipher_sui } } - - - - - - +static int tls12_select_tlcp_signature_scheme(int cipher_suite, int *sig_alg) +{ + if (!sig_alg) { + error_print(); + return -1; + } + switch (cipher_suite) { + case TLS_cipher_ecc_sm4_cbc_sm3: + case TLS_cipher_ecc_sm4_gcm_sm3: + case TLS_cipher_ecdhe_sm4_cbc_sm3: + case TLS_cipher_ecdhe_sm4_gcm_sm3: + *sig_alg = TLS_sig_sm2sig_sm3; + return 1; + default: + error_print(); + return -1; + } +} static int tls12_select_common_cipher_suites(const uint8_t *client_ciphers, size_t client_ciphers_len, const int *server_ciphers, size_t server_ciphers_cnt, @@ -1125,6 +1137,12 @@ int tls_recv_server_hello(TLS_CONNECT *conn) return -1; } conn->cipher_suite = cipher_suite; + if (conn->protocol == TLS_protocol_tlcp + && tls12_select_tlcp_signature_scheme(conn->cipher_suite, &conn->sig_alg) != 1) { + error_print(); + tls_send_alert(conn, TLS_alert_handshake_failure); + return -1; + } if (tls_cipher_suite_get(conn->cipher_suite, &conn->cipher, &conn->digest) != 1) { error_print(); @@ -1452,7 +1470,8 @@ int tls_recv_server_key_exchange(TLS_CONNECT *conn) sign_argslen = SM2_DEFAULT_ID_LENGTH; } - if (x509_verify_init(&sign_ctx, &server_sign_key, sign_args, sign_argslen, sig, siglen) != 1 + if (x509_verify_init(&sign_ctx, &server_sign_key, tls_signature_scheme_algorithm_oid(sig_alg), + sign_args, sign_argslen, sig, siglen) != 1 || x509_verify_update(&sign_ctx, conn->client_random, 32) != 1 || x509_verify_update(&sign_ctx, conn->server_random, 32) != 1 || x509_verify_update(&sign_ctx, server_ecdh_params, server_ecdh_params_len) != 1 @@ -1784,15 +1803,21 @@ int tls_send_certificate_verify(TLS_CONNECT *conn) if (conn->recordlen == 0) { X509_KEY *sign_key = &conn->ctx->x509_keys[conn->cert_chain_idx - 1]; X509_SIGN_CTX sign_ctx; + int sign_algor = OID_undef; const uint8_t *signer_id = NULL; size_t signer_idlen = 0; + sign_algor = tls_signature_scheme_algorithm_oid(conn->sig_alg); + if (sign_algor == OID_undef) { + error_print(); + return -1; + } if (sign_key->algor == OID_ec_public_key && sign_key->algor_param == OID_sm2) { signer_id = (uint8_t *)SM2_DEFAULT_ID; signer_idlen = SM2_DEFAULT_ID_LENGTH; } - if (x509_sign_init(&sign_ctx, sign_key, signer_id, signer_idlen) != 1 + if (x509_sign_init(&sign_ctx, sign_key, sign_algor, signer_id, signer_idlen) != 1 || x509_sign_update(&sign_ctx, conn->transcript, conn->transcript_len) != 1 || x509_sign_finish(&sign_ctx, sig, &siglen) != 1) { gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); @@ -2322,6 +2347,12 @@ int tls_recv_client_hello(TLS_CONNECT *conn) tls_send_alert(conn, TLS_alert_handshake_failure); return -1; } + if (conn->protocol == TLS_protocol_tlcp + && tls12_select_tlcp_signature_scheme(conn->cipher_suite, &conn->sig_alg) != 1) { + error_print(); + tls_send_alert(conn, TLS_alert_handshake_failure); + return -1; + } if (tls_cipher_suite_get(conn->cipher_suite, &conn->cipher, &conn->digest) != 1) { error_print(); @@ -2492,6 +2523,7 @@ int tls_send_server_key_exchange(TLS_CONNECT *conn) X509_SIGN_CTX sign_ctx; const void *sign_args = NULL; size_t sign_argslen = 0; + int sign_algor = tls_signature_scheme_algorithm_oid(conn->sig_alg); uint8_t sig[X509_SIGNATURE_MAX_SIZE]; size_t siglen; @@ -2516,7 +2548,11 @@ int tls_send_server_key_exchange(TLS_CONNECT *conn) sign_args = SM2_DEFAULT_ID; sign_argslen = SM2_DEFAULT_ID_LENGTH; } - if (x509_sign_init(&sign_ctx, sign_key, sign_args, sign_argslen) != 1 + if (sign_algor == OID_undef) { + error_print(); + return -1; + } + if (x509_sign_init(&sign_ctx, sign_key, sign_algor, sign_args, sign_argslen) != 1 || x509_sign_update(&sign_ctx, conn->client_random, 32) != 1 || x509_sign_update(&sign_ctx, conn->server_random, 32) != 1 || x509_sign_update(&sign_ctx, server_ecdh_params, server_ecdh_params_len) != 1 @@ -2879,7 +2915,12 @@ int tls_recv_certificate_verify(TLS_CONNECT *conn) signer_id = (uint8_t *)SM2_DEFAULT_ID; signer_idlen = SM2_DEFAULT_ID_LENGTH; } - if (x509_verify_init(&sign_ctx, &client_sign_key, signer_id, signer_idlen, sig, siglen) != 1 + sig_alg = tls_signature_scheme_algorithm_oid(conn->protocol == TLS_protocol_tls12 ? sig_alg : conn->sig_alg); + if (sig_alg == OID_undef) { + error_print(); + return -1; + } + if (x509_verify_init(&sign_ctx, &client_sign_key, sig_alg, signer_id, signer_idlen, sig, siglen) != 1 || x509_verify_update(&sign_ctx, conn->transcript, conn->transcript_len) != 1 || x509_verify_finish(&sign_ctx) != 1) { error_print(); diff --git a/src/tls13.c b/src/tls13.c index ca4452a2..09fd013d 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1004,7 +1004,8 @@ int tls13_sign_certificate_verify(int tls_mode, int sig_alg, return -1; } - if (x509_sign_init(&sign_ctx, sign_key, signer_id, signer_id_len) != 1 + if (x509_sign_init(&sign_ctx, sign_key, tls_signature_scheme_algorithm_oid(sig_alg), + signer_id, signer_id_len) != 1 || x509_sign_update(&sign_ctx, prefix, 64) != 1 || x509_sign_update(&sign_ctx, context_str_and_zero, context_str_and_zero_len) != 1 || x509_sign_update(&sign_ctx, dgst, dgstlen) != 1 @@ -1104,7 +1105,8 @@ int tls13_verify_certificate_verify(int tls_mode, int sig_alg, format_bytes(stderr, 0, 4, "signature", sig, siglen); */ - if (x509_verify_init(&sign_ctx, public_key, signer_id, signer_id_len, sig, siglen) != 1 + if (x509_verify_init(&sign_ctx, public_key, tls_signature_scheme_algorithm_oid(sig_alg), + signer_id, signer_id_len, sig, siglen) != 1 || x509_verify_update(&sign_ctx, prefix, 64) != 1 || x509_verify_update(&sign_ctx, context_str_and_zero, context_str_and_zero_len) != 1 || x509_verify_update(&sign_ctx, dgst, dgstlen) != 1) { diff --git a/src/x509_cer.c b/src/x509_cer.c index c4a15daf..5790ea7c 100644 --- a/src/x509_cer.c +++ b/src/x509_cer.c @@ -1110,15 +1110,14 @@ int x509_cert_sign_to_der( { size_t len = 0; uint8_t *tbs = NULL; - int sig_alg; uint8_t sig[X509_SIGNATURE_MAX_SIZE]; size_t siglen; - if (x509_key_get_sign_algor(sign_key, &sig_alg) != 1) { + if (x509_key_supports_sign_algor(sign_key, signature_algor) != 1) { error_print(); return -1; } - if (x509_key_get_signature_size(sign_key, &siglen) != 1) { + if (x509_key_get_signature_size(sign_key, signature_algor, &siglen) != 1) { error_print(); return -1; } @@ -1138,7 +1137,7 @@ int x509_cert_sign_to_der( subject_unique_id, subject_unique_id_len, exts, exts_len, NULL, &len) != 1 - || x509_signature_algor_to_der(sig_alg, NULL, &len) != 1 + || x509_signature_algor_to_der(signature_algor, NULL, &len) != 1 || asn1_bit_octets_to_der(sig, siglen, NULL, &len) != 1 || asn1_sequence_header_to_der(len, out, outlen) != 1) { error_print(); @@ -1173,7 +1172,7 @@ int x509_cert_sign_to_der( sign_args = SM2_DEFAULT_ID; sign_argslen = SM2_DEFAULT_ID_LENGTH; } - if (x509_sign_init(&sign_ctx, sign_key, sign_args, sign_argslen) != 1) { + if (x509_sign_init(&sign_ctx, sign_key, signature_algor, sign_args, sign_argslen) != 1) { error_print(); return -1; } @@ -1192,7 +1191,7 @@ int x509_cert_sign_to_der( gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); } - if (x509_signature_algor_to_der(sig_alg, out, outlen) != 1 + if (x509_signature_algor_to_der(signature_algor, out, outlen) != 1 || asn1_bit_octets_to_der(sig, siglen, out, outlen) != 1) { error_print(); return -1; @@ -1236,22 +1235,16 @@ int x509_signed_verify(const uint8_t *a, size_t alen, int sig_alg; const uint8_t *sig; size_t siglen; - int key_sig_alg; void *sign_args = NULL; size_t sign_argslen = 0; X509_SIGN_CTX verify_ctx; - if (x509_key_get_sign_algor(key, &key_sig_alg) != 1) { - error_print(); - return -1; - } - if (x509_signed_from_der(&tbs, &tbslen, &sig_alg, &sig, &siglen, &a, &alen) != 1 || asn1_length_is_zero(alen) != 1) { error_print(); return -1; } - if (sig_alg != key_sig_alg) { + if (x509_key_supports_sign_algor(key, sig_alg) != 1) { error_print(); return -1; } @@ -1261,7 +1254,7 @@ int x509_signed_verify(const uint8_t *a, size_t alen, sign_args = (uint8_t *)signer_id; sign_argslen = signer_id_len; } - if (x509_verify_init(&verify_ctx, key, sign_args, sign_argslen, sig, siglen) != 1 + if (x509_verify_init(&verify_ctx, key, sig_alg, sign_args, sign_argslen, sig, siglen) != 1 || x509_verify_update(&verify_ctx, tbs, tbslen) != 1 || x509_verify_finish(&verify_ctx) != 1) { error_print(); diff --git a/src/x509_crl.c b/src/x509_crl.c index 5de83f6b..727509b9 100644 --- a/src/x509_crl.c +++ b/src/x509_crl.c @@ -1426,21 +1426,16 @@ int x509_crl_sign_to_der( X509_KEY *sign_key, const char *signer_id, size_t signer_id_len, uint8_t **out, size_t *outlen) { - int key_sig_alg; size_t len = 0; uint8_t *tbs = NULL; uint8_t sig[X509_SIGNATURE_MAX_SIZE]; size_t siglen; - if (x509_key_get_sign_algor(sign_key, &key_sig_alg) != 1) { + if (x509_key_supports_sign_algor(sign_key, sig_alg) != 1) { error_print(); return -1; } - if (sig_alg != key_sig_alg) { - error_print(); - return -1; - } - if (x509_key_get_signature_size(sign_key, &siglen) != 1) { + if (x509_key_get_signature_size(sign_key, sig_alg, &siglen) != 1) { error_print(); return -1; } @@ -1475,7 +1470,7 @@ int x509_crl_sign_to_der( sign_args = SM2_DEFAULT_ID; sign_argslen = SM2_DEFAULT_ID_LENGTH; } - if (x509_sign_init(&sign_ctx, sign_key, sign_args, sign_argslen) != 1) { + if (x509_sign_init(&sign_ctx, sign_key, sig_alg, sign_args, sign_argslen) != 1) { error_print(); return -1; } diff --git a/src/x509_key.c b/src/x509_key.c index 88c4a581..1272c90a 100644 --- a/src/x509_key.c +++ b/src/x509_key.c @@ -1636,9 +1636,9 @@ int x509_private_keys_from_file(X509_KEY *keys, size_t *keys_cnt, size_t max_cnt return 1; } -int x509_key_get_sign_algor(const X509_KEY *key, int *algor) +int x509_key_supports_sign_algor(const X509_KEY *key, int sign_algor) { - if (!key || !algor) { + if (!key) { error_print(); return -1; } @@ -1647,29 +1647,35 @@ int x509_key_get_sign_algor(const X509_KEY *key, int *algor) case OID_ec_public_key: switch (key->algor_param) { case OID_sm2: - *algor = OID_sm2sign_with_sm3; - break; + return sign_algor == OID_sm2sign_with_sm3 ? 1 : 0; #ifdef ENABLE_SECP256R1 case OID_secp256r1: - *algor = OID_ecdsa_with_sha256; - break; + switch (sign_algor) { + case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: + return 1; + default: + return 0; + } #endif default: error_print(); return -1; } - break; #ifdef ENABLE_SM9 case OID_sm9: - switch (key->algor_param) { - case OID_sm9sign: - *algor = OID_sm9sign; - break; - default: + if (key->algor_param != OID_sm9sign) { error_print(); return -1; } - break; + return sign_algor == OID_sm9sign ? 1 : 0; + case OID_sm9sign: + if (key->algor_param != OID_undef) { + error_print(); + return -1; + } + return sign_algor == OID_sm9sign ? 1 : 0; #endif #ifdef ENABLE_LMS case OID_lms_hashsig: @@ -1682,8 +1688,7 @@ int x509_key_get_sign_algor(const X509_KEY *key, int *algor) #ifdef ENABLE_SPHINCS case OID_sphincs_hashsig: #endif - *algor = key->algor; - break; + return sign_algor == key->algor ? 1 : 0; #ifdef ENABLE_KYBER case OID_kyber_kem: #endif @@ -1691,17 +1696,28 @@ int x509_key_get_sign_algor(const X509_KEY *key, int *algor) error_print(); return -1; } - return 1; } -int x509_key_get_signature_size(const X509_KEY *key, size_t *siglen) +int x509_key_get_signature_size(const X509_KEY *key, int sign_algor, size_t *siglen) { + int ret; + + if (!key || !siglen) { + error_print(); + return -1; + } + if ((ret = x509_key_supports_sign_algor(key, sign_algor)) != 1) { + if (ret < 0) error_print(); + return -1; + } + switch (key->algor) { case OID_ec_public_key: *siglen = SM2_signature_max_size; break; #ifdef ENABLE_SM9 case OID_sm9: + case OID_sm9sign: *siglen = SM9_SIGNATURE_SIZE; break; #endif @@ -1750,12 +1766,30 @@ int x509_key_get_signature_size(const X509_KEY *key, size_t *siglen) return 1; } -int x509_sign_init(X509_SIGN_CTX *ctx, X509_KEY *key, const void *args, size_t argslen) +static const DIGEST *x509_ecdsa_sign_algor_digest(int sign_algor) +{ + switch (sign_algor) { + case OID_ecdsa_with_sha256: + return DIGEST_sha256(); + case OID_ecdsa_with_sha384: + return DIGEST_sha384(); + case OID_ecdsa_with_sha512: + return DIGEST_sha512(); + default: + return NULL; + } +} + +int x509_sign_init(X509_SIGN_CTX *ctx, X509_KEY *key, int sign_algor, const void *args, size_t argslen) { if (!ctx || !key) { error_print(); return -1; } + if (x509_key_supports_sign_algor(key, sign_algor) != 1) { + error_print(); + return -1; + } switch (key->algor) { #ifdef ENABLE_SM9 case OID_sm9: @@ -1797,11 +1831,12 @@ int x509_sign_init(X509_SIGN_CTX *ctx, X509_KEY *key, const void *args, size_t a break; #ifdef ENABLE_SECP256R1 case OID_secp256r1: - if (ecdsa_sign_init(&ctx->u.ecdsa_sign_ctx, &key->u.secp256r1_key) != 1) { + if (ecdsa_sign_init(&ctx->u.ecdsa_sign_ctx, &key->u.secp256r1_key, + x509_ecdsa_sign_algor_digest(sign_algor)) != 1) { error_print(); return -1; } - ctx->sign_algor = OID_ecdsa_with_sha256; + ctx->sign_algor = sign_algor; break; #endif default: @@ -1890,6 +1925,8 @@ int x509_sign_set_signature_size(X509_SIGN_CTX *ctx, size_t siglen) case OID_sm2sign_with_sm3: #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: #endif switch (siglen) { case SM2_signature_compact_size: @@ -1925,6 +1962,8 @@ int x509_sign_update(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen) break; #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: if (ecdsa_sign_update(&ctx->u.ecdsa_sign_ctx, data, datalen) != 1) { error_print(); return -1; @@ -2002,6 +2041,8 @@ int x509_sign_finish(X509_SIGN_CTX *ctx, uint8_t *sig, size_t *siglen) break; #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: if (ctx->fixed_siglen) { if (ecdsa_sign_finish_fixlen(&ctx->u.ecdsa_sign_ctx, ctx->fixed_siglen, sig) != 1) { error_print(); @@ -2079,6 +2120,8 @@ int x509_sign(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen, uint8_t * case OID_sm2sign_with_sm3: #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: #endif #ifdef ENABLE_SM9 case OID_sm9sign: @@ -2123,13 +2166,17 @@ int x509_sign(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen, uint8_t * return 1; } -int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, const void *args, size_t argslen, +int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, int sign_algor, const void *args, size_t argslen, const uint8_t *sig, size_t siglen) { if (!ctx || !key || !sig || !siglen) { error_print(); return -1; } + if (x509_key_supports_sign_algor(key, sign_algor) != 1) { + error_print(); + return -1; + } switch (key->algor) { #ifdef ENABLE_SM9 case OID_sm9: @@ -2172,11 +2219,12 @@ int x509_verify_init(X509_SIGN_CTX *ctx, const X509_KEY *key, const void *args, break; #ifdef ENABLE_SECP256R1 case OID_secp256r1: - if (ecdsa_verify_init(&ctx->u.ecdsa_sign_ctx, &key->u.secp256r1_key, sig, siglen) != 1) { + if (ecdsa_verify_init(&ctx->u.ecdsa_sign_ctx, &key->u.secp256r1_key, + x509_ecdsa_sign_algor_digest(sign_algor), sig, siglen) != 1) { error_print(); return -1; } - ctx->sign_algor = OID_ecdsa_with_sha256; + ctx->sign_algor = sign_algor; break; #endif default: @@ -2261,6 +2309,8 @@ int x509_verify_update(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen) break; #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: if (ecdsa_verify_update(&ctx->u.ecdsa_sign_ctx, data, datalen) != 1) { error_print(); return -1; @@ -2331,6 +2381,8 @@ int x509_verify_finish(X509_SIGN_CTX *ctx) break; #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: if ((ret = ecdsa_verify_finish(&ctx->u.ecdsa_sign_ctx)) < 0) { error_print(); return -1; @@ -2404,6 +2456,8 @@ int x509_verify(X509_SIGN_CTX *ctx, const uint8_t *data, size_t datalen) case OID_sm2sign_with_sm3: #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: #endif #ifdef ENABLE_LMS case OID_lms_hashsig: @@ -2453,6 +2507,8 @@ void x509_sign_ctx_cleanup(X509_SIGN_CTX *ctx) break; #ifdef ENABLE_SECP256R1 case OID_ecdsa_with_sha256: + case OID_ecdsa_with_sha384: + case OID_ecdsa_with_sha512: gmssl_secure_clear(&ctx->u.ecdsa_sign_ctx, sizeof(ECDSA_SIGN_CTX)); break; #endif diff --git a/src/x509_req.c b/src/x509_req.c index ab4aa94e..0c182822 100644 --- a/src/x509_req.c +++ b/src/x509_req.c @@ -168,15 +168,14 @@ int x509_req_sign_to_der( { size_t len = 0; uint8_t *tbs = NULL; - int sig_alg; uint8_t sig[X509_SIGNATURE_MAX_SIZE]; size_t siglen; - if (x509_key_get_sign_algor(sign_key, &sig_alg) != 1) { + if (x509_key_supports_sign_algor(sign_key, signature_algor) != 1) { error_print(); return -1; } - if (x509_key_get_signature_size(sign_key, &siglen) != 1) { + if (x509_key_get_signature_size(sign_key, signature_algor, &siglen) != 1) { error_print(); return -1; } @@ -186,7 +185,7 @@ int x509_req_sign_to_der( if (x509_request_info_to_der(version, subject, subject_len, subject_public_key, attrs, attrs_len, NULL, &len) != 1 - || x509_signature_algor_to_der(sig_alg, NULL, &len) != 1 + || x509_signature_algor_to_der(signature_algor, NULL, &len) != 1 || asn1_bit_octets_to_der(sig, siglen, NULL, &len) != 1 || asn1_sequence_header_to_der(len, out, outlen) != 1) { error_print(); @@ -209,7 +208,7 @@ int x509_req_sign_to_der( sign_args = SM2_DEFAULT_ID; sign_argslen = SM2_DEFAULT_ID_LENGTH; } - if (x509_sign_init(&sign_ctx, sign_key, sign_args, sign_argslen) != 1) { + if (x509_sign_init(&sign_ctx, sign_key, signature_algor, sign_args, sign_argslen) != 1) { error_print(); return -1; } @@ -227,7 +226,7 @@ int x509_req_sign_to_der( } gmssl_secure_clear(&sign_ctx, sizeof(sign_ctx)); } - if (x509_signature_algor_to_der(sig_alg, out, outlen) != 1 + if (x509_signature_algor_to_der(signature_algor, out, outlen) != 1 || asn1_bit_octets_to_der(sig, siglen, out, outlen) != 1) { error_print(); return -1; diff --git a/src/x509_vrf.c b/src/x509_vrf.c index 8e46dd7e..a41ebc43 100644 --- a/src/x509_vrf.c +++ b/src/x509_vrf.c @@ -109,7 +109,6 @@ static int x509_signed_is_verified_by_key(const uint8_t *a, size_t alen, int sig_alg; const uint8_t *sig; size_t siglen; - int key_sig_alg; void *sign_args = NULL; size_t sign_argslen = 0; X509_SIGN_CTX verify_ctx; @@ -123,13 +122,7 @@ static int x509_signed_is_verified_by_key(const uint8_t *a, size_t alen, error_print(); return -1; } - - // FIXME: 改为 x509_key_support_algor - if (x509_key_get_sign_algor(key, &key_sig_alg) != 1) { - error_print(); - return -1; - } - if (sig_alg != key_sig_alg) { + if (x509_key_supports_sign_algor(key, sig_alg) != 1) { return 0; } @@ -139,7 +132,7 @@ static int x509_signed_is_verified_by_key(const uint8_t *a, size_t alen, sign_args = (uint8_t *)signer_id; sign_argslen = signer_id_len; } - if (x509_verify_init(&verify_ctx, key, sign_args, sign_argslen, sig, siglen) != 1 + if (x509_verify_init(&verify_ctx, key, sig_alg, sign_args, sign_argslen, sig, siglen) != 1 || x509_verify_update(&verify_ctx, tbs, tbslen) != 1 || x509_verify_finish(&verify_ctx) != 1) { return 0; diff --git a/tests/x509_keytest.c b/tests/x509_keytest.c index d7708b8c..06e97f6c 100644 --- a/tests/x509_keytest.c +++ b/tests/x509_keytest.c @@ -54,6 +54,40 @@ struct { X509_KEY x509_keys[sizeof(tests)/sizeof(tests[0])]; +static int test_sign_algor(const X509_KEY *key) +{ + switch (key->algor) { + case OID_ec_public_key: + switch (key->algor_param) { + case OID_sm2: + return OID_sm2sign_with_sm3; +#ifdef ENABLE_SECP256R1 + case OID_secp256r1: + return OID_ecdsa_with_sha256; +#endif + default: + return OID_undef; + } +#ifdef ENABLE_LMS + case OID_lms_hashsig: + case OID_hss_lms_hashsig: + return key->algor; +#endif +#ifdef ENABLE_XMSS + case OID_xmss_hashsig: + case OID_xmssmt_hashsig: + return key->algor; +#endif +#ifdef ENABLE_SPHINCS + case OID_sphincs_hashsig: + return key->algor; +#endif + default: + return OID_undef; + } +} + + static int test_x509_key_generate(void) { size_t i; @@ -425,7 +459,7 @@ static int test_x509_sign(void) continue; } //format_print(stderr, 0, 4, "%s\n", x509_public_key_algor_name(tests[i].algor)); - if (x509_sign_init(&sign_ctx, &x509_keys[i], args, argslen) != 1) { + if (x509_sign_init(&sign_ctx, &x509_keys[i], test_sign_algor(&x509_keys[i]), args, argslen) != 1) { error_print(); return -1; } @@ -434,7 +468,7 @@ static int test_x509_sign(void) return -1; } format_print(stderr, 0, 4, "%s: %zu\n", x509_public_key_algor_name(tests[i].algor), siglen); - if (x509_verify_init(&sign_ctx, &x509_keys[i], args, argslen, sig, siglen) != 1) { + if (x509_verify_init(&sign_ctx, &x509_keys[i], test_sign_algor(&x509_keys[i]), args, argslen, sig, siglen) != 1) { error_print(); return -1; } @@ -474,7 +508,7 @@ static int test_x509_sign_sm9(void) error_print(); return -1; } - if (x509_sign_init(&sign_ctx, &x509_key, NULL, 0) != 1) { + if (x509_sign_init(&sign_ctx, &x509_key, OID_sm9sign, NULL, 0) != 1) { error_print(); return -1; } @@ -491,7 +525,7 @@ static int test_x509_sign_sm9(void) error_print(); return -1; } - if (x509_verify_init(&sign_ctx, &x509_key, id, idlen, sig, siglen) != 1) { + if (x509_verify_init(&sign_ctx, &x509_key, OID_sm9sign, id, idlen, sig, siglen) != 1) { error_print(); return -1; } diff --git a/tools/certgen.c b/tools/certgen.c index 914885e9..b3dd236a 100644 --- a/tools/certgen.c +++ b/tools/certgen.c @@ -27,6 +27,7 @@ static const char *options = " -serial_len num" " -days num" " -key pem [-algor str] [-pass pass]" + " [-sig_alg str]" " [-sm2_id str | -sm2_id_hex hex]" " [-gen_authority_key_id]" " [-gen_subject_key_id]" @@ -48,6 +49,7 @@ static char *usage = " -key file Private key file in PEM format\n" " -algor str Public key algorithm\n" " -pass pass Password for decrypting private key file\n" +" -sig_alg str Signature algorithm OID name, default sm2sign-with-sm3\n" " -sm2_id str Signer's ID in SM2 signature algorithm\n" " -sm2_id_hex hex Signer's ID in hex format\n" " When `-sm2_id` or `-sm2_id_hex` is specified,\n" @@ -274,6 +276,13 @@ int certgen_main(int argc, char **argv) fprintf(stderr, "%s: invalid algor '%s'\n", prog, str); goto end; } + } else if (!strcmp(*argv, "-sig_alg")) { + if (--argc < 1) goto bad; + str = *(++argv); + if ((sign_algor = x509_signature_algor_from_name(str)) == OID_undef) { + fprintf(stderr, "%s: invalid sig_alg '%s'\n", prog, str); + goto end; + } } else if (!strcmp(*argv, "-pass")) { if (--argc < 1) goto bad; pass = *(++argv); @@ -409,10 +418,6 @@ bad: fprintf(stderr, "%s: load private key failed\n", prog); goto end; } - if (x509_key_get_sign_algor(&x509_key, &sign_algor) != 1) { - fprintf(stderr, "%s: inner error\n", prog); - goto end; - } if (!signer_id_len) { strcpy(signer_id, SM2_DEFAULT_ID); signer_id_len = strlen(SM2_DEFAULT_ID); diff --git a/tools/crlgen.c b/tools/crlgen.c index 9ccff245..5741d87f 100644 --- a/tools/crlgen.c +++ b/tools/crlgen.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -25,6 +26,7 @@ static const char *usage = " -in revoked_certs" " -cacert pem -key pem [-pass pass] [-sm2_id str | -sm2_id_hex hex]" + " [-sig_alg str]" " [-next_update time] " " [-gen_authority_key_id]" " [-crl_num num]" @@ -42,6 +44,7 @@ static const char *options = " -cacert pem The issuer certificate\n" " -key pem The issuer private key\n" " -pass pass Password for decrypting private key file\n" +" -sig_alg str Signature algorithm OID name, default sm2sign-with-sm3\n" " -sm2_id str Authority's ID in SM2 signature algorithm\n" " -sm2_id_hex hex Authority's ID in hex format\n" " When `-sm2_id` or `-sm2_id_hex` is specified,\n" @@ -81,7 +84,7 @@ int crlgen_main(int argc, char **argv) char signer_id[SM2_MAX_ID_LENGTH + 1] = {0}; size_t signer_id_len = 0; - int sign_algor = OID_undef; + int sign_algor = OID_sm2sign_with_sm3; const uint8_t *issuer; size_t issuer_len; @@ -141,6 +144,13 @@ int crlgen_main(int argc, char **argv) } else if (!strcmp(*argv, "-pass")) { if (--argc < 1) goto bad; pass = *(++argv); + } else if (!strcmp(*argv, "-sig_alg")) { + if (--argc < 1) goto bad; + str = *(++argv); + if ((sign_algor = x509_signature_algor_from_name(str)) == OID_undef) { + fprintf(stderr, "%s: invalid `-sig_alg` value '%s'\n", prog, str); + goto end; + } } else if (!strcmp(*argv, "-sm2_id")) { if (--argc < 1) goto bad; str = *(++argv); @@ -257,11 +267,6 @@ bad: fprintf(stderr, "%s: certificate and private key not match\n", prog); goto end; } - if (x509_key_get_sign_algor(&x509_key, &sign_algor) != 1) { - fprintf(stderr, "%s: inner error\n", prog); - goto end; - } - if (!signer_id_len) { strcpy(signer_id, SM2_DEFAULT_ID); signer_id_len = strlen(SM2_DEFAULT_ID); diff --git a/tools/ocspsign.c b/tools/ocspsign.c index 7f7a2fe8..2f33e777 100644 --- a/tools/ocspsign.c +++ b/tools/ocspsign.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -26,6 +27,7 @@ static const char *options = "-reqin der -cacert pem -signer pem -key pem [-pass pass]" " [-status good|revoked|unknown]" + " [-sig_alg str]" " [-revocation_time time] [-revocation_reason reason]" " [-this_update time] [-next_update time] [-produced_at time]" " [-resp_key_id]" @@ -42,6 +44,7 @@ static const char *help = " -key pem OCSPResponse signer private key\n" " -pass pass Password for decrypting private key file\n" " -status status Certificate status: good, revoked or unknown, default good\n" +" -sig_alg str Signature algorithm OID name, default sm2sign-with-sm3\n" " -revocation_time time Revocation time, required when status is revoked\n" " -revocation_reason str Revocation reason, optional when status is revoked\n" " -this_update time SingleResponse thisUpdate, default current time\n" @@ -190,6 +193,7 @@ int ocspsign_main(int argc, char **argv) size_t signer_id_len = 0; int cert_status = OCSP_cert_status_good; + int sign_algor = OID_sm2sign_with_sm3; time_t revocation_time = (time_t)-1; time_t this_update = time(NULL); time_t next_update = (time_t)-1; @@ -234,6 +238,13 @@ int ocspsign_main(int argc, char **argv) fprintf(stderr, "%s: invalid `-status` value\n", prog); goto end; } + } else if (!strcmp(*argv, "-sig_alg")) { + if (--argc < 1) goto bad; + str = *(++argv); + if ((sign_algor = x509_signature_algor_from_name(str)) == OID_undef) { + fprintf(stderr, "%s: invalid `-sig_alg` value '%s'\n", prog, str); + goto end; + } } else if (!strcmp(*argv, "-revocation_time")) { if (--argc < 1) goto bad; str = *(++argv); @@ -414,6 +425,10 @@ bad: fprintf(stderr, "%s: set OCSP responderID failure\n", prog); goto end; } + if (ocsp_sign_set_signature_algor(&ocsp_ctx, sign_algor) != 1) { + fprintf(stderr, "%s: set signature algorithm failure\n", prog); + goto end; + } if (produced_at != (time_t)-1 && ocsp_sign_set_produced_at(&ocsp_ctx, produced_at) != 1) { fprintf(stderr, "%s: set producedAt failure\n", prog); diff --git a/tools/reqgen.c b/tools/reqgen.c index 18a5717e..47c7fdab 100644 --- a/tools/reqgen.c +++ b/tools/reqgen.c @@ -24,6 +24,7 @@ static const char *options = "[-C str] [-ST str] [-L str] [-O str] [-OU str] -CN str" " -key file [-algor str] [-pass pass]" + " [-sig_alg str]" " [-sm2_id str | -sm2_id_hex hex]" " [-out pem]"; @@ -39,6 +40,7 @@ static char *usage = " * xmssmt-hashsig\n" " * shpincs-hashsig\n" " -pass pass Password for decrypting private key file\n" +" -sig_alg str Signature algorithm OID name, default sm2sign-with-sm3\n" " -sm2_id str Signer's ID in SM2 signature algorithm\n" " -sm2_id_hex hex Signer's ID in hex format\n" " When `-sm2_id` or `-sm2_id_hex` is specified,\n" @@ -91,6 +93,7 @@ int reqgen_main(int argc, char **argv) char *pass = NULL; X509_KEY x509_key; int algor = OID_ec_public_key; + int sign_algor = OID_sm2sign_with_sm3; char signer_id[SM2_MAX_ID_LENGTH + 1] = {0}; size_t signer_id_len = 0; @@ -151,6 +154,13 @@ int reqgen_main(int argc, char **argv) } else if (!strcmp(*argv, "-pass")) { if (--argc < 1) goto bad; pass = *(++argv); + } else if (!strcmp(*argv, "-sig_alg")) { + if (--argc < 1) goto bad; + str = *(++argv); + if ((sign_algor = x509_signature_algor_from_name(str)) == OID_undef) { + fprintf(stderr, "%s: invalid `-sig_alg` value '%s'\n", prog, str); + goto end; + } } else if (!strcmp(*argv, "-sm2_id")) { if (--argc < 1) goto bad; str = *(++argv); @@ -228,7 +238,7 @@ bad: name, namelen, &x509_key, attrs, attrs_len, - OID_sm2sign_with_sm3, + sign_algor, &x509_key, signer_id, signer_id_len, &p, &reqlen) != 1) { fprintf(stderr, "%s: inner error\n", prog); diff --git a/tools/reqsign.c b/tools/reqsign.c index 72494936..6c69f504 100644 --- a/tools/reqsign.c +++ b/tools/reqsign.c @@ -29,6 +29,7 @@ static const char *options = " [-serial_len num]" " -days num" " -cacert pem -key file [-pass pass]" + " [-sig_alg str]" " [-sm2_id str | -sm2_id_hex hex]" " [-gen_authority_key_id]" " [-gen_subject_key_id]" @@ -56,6 +57,7 @@ static char *usage = " -days num Validity peroid in days\n" " -cacert pem Issuer CA certificate\n" " -key pem Issuer private key file in PEM format\n" +" -sig_alg str Signature algorithm OID name, default sm2sign-with-sm3\n" " -sm2_id str Authority's ID in SM2 signature algorithm\n" " -sm2_id_hex hex Authority's ID in hex format\n" " When `-sm2_id` or `-sm2_id_hex` is specified,\n" @@ -180,7 +182,7 @@ int reqsign_main(int argc, char **argv) size_t signer_id_len = 0; // Algor - int sign_algor = OID_undef; + int sign_algor = OID_sm2sign_with_sm3; // Issuer from CA certificate const uint8_t *issuer; @@ -317,6 +319,13 @@ int reqsign_main(int argc, char **argv) } else if (!strcmp(*argv, "-pass")) { if (--argc < 1) goto bad; pass = *(++argv); + } else if (!strcmp(*argv, "-sig_alg")) { + if (--argc < 1) goto bad; + str = *(++argv); + if ((sign_algor = x509_signature_algor_from_name(str)) == OID_undef) { + fprintf(stderr, "%s: invalid `-sig_alg` value '%s'\n", prog, str); + goto end; + } } else if (!strcmp(*argv, "-sm2_id")) { if (--argc < 1) goto bad; str = *(++argv); @@ -473,10 +482,6 @@ bad: fprintf(stderr, "%s: private key and CA certificate not match\n", prog); goto end; } - if (x509_key_get_sign_algor(&x509_key, &sign_algor) != 1) { - error_print(); - goto end; - } if (!signer_id_len) { strcpy(signer_id, SM2_DEFAULT_ID); signer_id_len = strlen(SM2_DEFAULT_ID);