From a4e6eea2fa924cb565e9288f29bd853b997d8e9f Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Fri, 1 Dec 2017 20:28:39 +0800 Subject: [PATCH] tls12 with sm2 cert --- apps/s_cb.c | 18 ++++++++++++++++-- crypto/ec/ec_curve.c | 3 ++- include/openssl/gmtls.h | 3 ++- ssl/statem/statem_clnt.c | 16 ++++++++++------ ssl/statem/statem_srvr.c | 4 ++-- ssl/t1_lib.c | 19 +++++++++++++++---- 6 files changed, 47 insertions(+), 16 deletions(-) diff --git a/apps/s_cb.c b/apps/s_cb.c index e37d2d58..63ad9989 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -188,9 +188,9 @@ static STRINT_PAIR cert_type_list[] = { {"RSA fixed ECDH", TLS_CT_RSA_FIXED_ECDH}, {"ECDSA fixed ECDH", TLS_CT_ECDSA_FIXED_ECDH}, {"GOST01 Sign", TLS_CT_GOST01_SIGN}, -#ifndef OPENSSL_NO_GMTLS {"SM2 sign", TLS_CT_SM2_SIGN}, -#endif + {"SM2 fixed key exchange", TLS_CT_SM2_FIXED_EXCH}, + {"SM2 encrypt", TLS_CT_SM2_ENC}, {NULL} }; @@ -250,6 +250,8 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) sstr = "DSA"; else if (sign_nid == EVP_PKEY_EC) sstr = "ECDSA"; + else if (sign_nid == NID_sm2sign) + sstr = "SM2"; if (sstr) BIO_printf(out, "%s+", sstr); else @@ -458,6 +460,7 @@ static STRINT_PAIR ssl_versions[] = { {"TLS 1.2", TLS1_2_VERSION}, {"DTLS 1.0", DTLS1_VERSION}, {"DTLS 1.0 (bad)", DTLS1_BAD_VER}, + {"GMTLS 1.1", GMTLS_VERSION}, {NULL} }; static STRINT_PAIR alert_types[] = { @@ -490,6 +493,14 @@ static STRINT_PAIR alert_types[] = { {" bad_certificate_status_response", 113}, {" bad_certificate_hash_value", 114}, {" unknown_psk_identity", 115}, +#ifndef OPENSSL_NO_GMTLS + {" unsupported_site2site", 200}, + {" no_area", 201}, + {" unsupported_areatype", 202}, + {" bad_ibcparam", 203}, + {" unsupported_ibcparam", 204}, + {"identity_need", 205}, +#endif {NULL} }; @@ -1307,6 +1318,9 @@ static int security_callback_debug(const SSL *s, const SSL_CTX *ctx, case TLSEXT_signature_ecdsa: sname = "ECDSA"; break; + case TLSEXT_signature_sm2sign: + sname = "SM2"; + break; } BIO_puts(sdb->out, OBJ_nid2sn(nid)); diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 5d778036..a304ae70 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3267,7 +3267,8 @@ static EC_NIST_NAME nist_curves[] = { {"P-224", NID_secp224r1}, {"P-256", NID_X9_62_prime256v1}, {"P-384", NID_secp384r1}, - {"P-521", NID_secp521r1} + {"P-521", NID_secp521r1}, + {"SM2", NID_sm2p256v1} }; const char *EC_curve_nid2nist(int nid) diff --git a/include/openssl/gmtls.h b/include/openssl/gmtls.h index 6aa2a2c8..75f22145 100644 --- a/include/openssl/gmtls.h +++ b/include/openssl/gmtls.h @@ -223,7 +223,8 @@ extern "C" { # define TLS_CT_SM2_SIGN 240 -# define TLS_CT_SM2_FIXED_ECDH 241 +# define TLS_CT_SM2_FIXED_EXCH 241 +# define TLS_CT_SM2_ENC 242 /* from GM/T 0024-2014 Table 1 */ diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 923f10c8..045aaa74 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1719,9 +1719,7 @@ MSG_PROCESS_RETURN tls_process_server_key_exchange(SSL *s, PACKET *pkt) } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { if (!tls_process_ske_dhe(s, pkt, &pkey, &al)) goto err; - } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK | - SSL_kSM2DHE | SSL_kSM2PSK - )) { + } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK | SSL_kSM2DHE | SSL_kSM2PSK)) { if (!tls_process_ske_ecdhe(s, pkt, &pkey, &al)) goto err; } else if (alg_k) { @@ -1768,18 +1766,24 @@ MSG_PROCESS_RETURN tls_process_server_key_exchange(SSL *s, PACKET *pkt) #ifdef SSL_DEBUG fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); #endif -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) +#ifndef OPENSSL_NO_RSA } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { +# if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_SHA) md = EVP_md5_sha1(); +# elif !defined(OPENSSL_NO_SM3) + md = EVP_sm3(); +# else + should_not_happen!! +# endif #endif -#ifndef OPENSSL_NO_GMTLS_METHOD +#ifndef OPENSSL_NO_GMTLS } else if (s->method->version == GMTLS_VERSION && s->s3->tmp.new_cipher->algorithm_mac & SSL_SM3) { md = EVP_sm3(); #endif #ifndef OPENSSL_NO_SHA } else { - md = EVP_sha1(); + md = EVP_sha1(); #endif } diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 77edc054..1bcbb569 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -106,7 +106,7 @@ #include #include #include -#ifndef OPENSSL_NO_GMTLS +#ifndef OPENSSL_NO_SM2 # include #endif @@ -2021,7 +2021,7 @@ int tls_construct_server_key_exchange(SSL *s) goto f_err; } -#ifndef OPENSSL_NO_GMTLS +#ifndef OPENSSL_NO_SM2 if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSM2) { unsigned char z[EVP_MAX_MD_SIZE]; size_t zlen = sizeof(z); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 5ab49b30..057e69e3 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3262,12 +3262,14 @@ static const tls12_lookup tls12_sig[] = { {EVP_PKEY_RSA, TLSEXT_signature_rsa}, {EVP_PKEY_DSA, TLSEXT_signature_dsa}, {EVP_PKEY_EC, TLSEXT_signature_ecdsa}, - {EVP_PKEY_EC, TLSEXT_signature_sm2sign}, + {NID_sm2sign, TLSEXT_signature_sm2sign}, + //{EVP_PKEY_EC, TLSEXT_signature_sm2sign}, {NID_id_GostR3410_2001, TLSEXT_signature_gostr34102001}, {NID_id_GostR3410_2012_256, TLSEXT_signature_gostr34102012_256}, {NID_id_GostR3410_2012_512, TLSEXT_signature_gostr34102012_512} }; +/* tls12_find_id() not find sm2sign */ static int tls12_find_id(int nid, const tls12_lookup *table, size_t tlen) { size_t i; @@ -3651,8 +3653,10 @@ int tls1_process_sigalgs(SSL *s) pmd[SSL_PKEY_ECC] = EVP_get_digestbynid(NID_sha1); #endif #ifndef OPENSSL_NO_SM2 - if (pmd[SSL_PKEY_SM2] == NULL) + if (pmd[SSL_PKEY_SM2] == NULL) { pmd[SSL_PKEY_SM2] = EVP_get_digestbynid(NID_sm3); + pmd[SSL_PKEY_SM2_ENC] = EVP_get_digestbynid(NID_sm3); + } #endif #ifndef OPENSSL_NO_GOST if (pmd[SSL_PKEY_GOST01] == NULL) @@ -3797,6 +3801,10 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client) for (i = 0, sptr = sigalgs; i < salglen; i += 2) { rhash = tls12_find_id(*psig_nids++, tls12_md, OSSL_NELEM(tls12_md)); rsign = tls12_find_id(*psig_nids++, tls12_sig, OSSL_NELEM(tls12_sig)); +#ifndef OPENSSL_NO_SM2 + if (rsign == TLSEXT_signature_ecdsa && rhash == TLSEXT_hash_sm3) + rsign = TLSEXT_signature_sm2sign; +#endif if (rhash == -1 || rsign == -1) goto err; @@ -3945,16 +3953,16 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, default_nid = NID_ecdsa_with_SHA1; break; -#ifndef OPENSSL_NO_SM2 case SSL_PKEY_SM2_ENC: rsign = TLSEXT_signature_sm2sign; default_nid = NID_sm2sign_with_sm3; break; + case SSL_PKEY_SM2: rsign = TLSEXT_signature_sm2sign; default_nid = NID_sm2sign_with_sm3; break; -#endif + case SSL_PKEY_GOST01: rsign = TLSEXT_signature_gostr34102001; default_nid = NID_id_GostR3411_94_with_GostR3410_2001; @@ -4047,6 +4055,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, break; case EVP_PKEY_EC: check_type = TLS_CT_ECDSA_SIGN; +//FIXME: do we need to do sth? break; } if (check_type) { @@ -4133,6 +4142,8 @@ void tls1_set_cert_validity(SSL *s) tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_256); tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST12_512); tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_SM2); + tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_SM2_ENC); + } /* User level utiity function to check a chain is suitable */