linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
To: herbert@gondor.apana.org.au, davem@davemloft.net,
	ebiggers@kernel.org, pvanleeuwen@rambus.com, zohar@linux.ibm.com
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 7/7] X.509: support OSCCA sm2-with-sm3 certificate verification
Date: Sun, 16 Feb 2020 16:59:28 +0800	[thread overview]
Message-ID: <20200216085928.108838-8-tianjia.zhang@linux.alibaba.com> (raw)
In-Reply-To: <20200216085928.108838-1-tianjia.zhang@linux.alibaba.com>

The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.

The method of generating Other User Information is defined as
ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also
specified in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02.

The x509 certificate supports sm2-with-sm3 type certificate
verification.  Because certificate verification requires ZA
in addition to tbs data, ZA also depends on elliptic curve
parameters and public key data, so you need to access tbs in sig
and calculate ZA. Finally calculate the digest of the
signature and complete the verification work. The calculation
process of ZA is declared in specifications GM/T 0009-2012
and GM/T 0003.2-2012.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 crypto/asymmetric_keys/public_key.c      | 61 ++++++++++++++++++++++++
 crypto/asymmetric_keys/x509_public_key.c |  2 +
 include/crypto/public_key.h              |  1 +
 3 files changed, 64 insertions(+)

diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index d7f43d4ea925..a51b09ee484d 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -17,6 +17,11 @@
 #include <keys/asymmetric-subtype.h>
 #include <crypto/public_key.h>
 #include <crypto/akcipher.h>
+#ifdef CONFIG_CRYPTO_SM2
+#include <crypto/sm3_base.h>
+#include <crypto/sm2.h>
+#include "x509_parser.h"
+#endif
 
 MODULE_DESCRIPTION("In-software asymmetric public-key subtype");
 MODULE_AUTHOR("Red Hat, Inc.");
@@ -245,6 +250,54 @@ static int software_key_eds_op(struct kernel_pkey_params *params,
 	return ret;
 }
 
+#ifdef CONFIG_CRYPTO_SM2
+static int cert_sig_digest_update(const struct public_key_signature *sig,
+				struct crypto_akcipher *tfm_pkey)
+{
+	struct x509_certificate *cert = sig->cert;
+	struct crypto_shash *tfm;
+	struct shash_desc *desc;
+	size_t desc_size;
+	unsigned char dgst[SM3_DIGEST_SIZE];
+	int ret;
+
+	if (!cert)
+		return -EINVAL;
+
+	ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID,
+					SM2_DEFAULT_USERID_LEN, dgst);
+	if (ret)
+		return ret;
+
+	tfm = crypto_alloc_shash(sig->hash_algo, 0, 0);
+	if (IS_ERR(tfm))
+		return PTR_ERR(tfm);
+
+	desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
+	desc = kzalloc(desc_size, GFP_KERNEL);
+	if (!desc)
+		goto error_free_tfm;
+
+	desc->tfm = tfm;
+
+	ret = crypto_shash_init(desc);
+	if (ret < 0)
+		goto error_free_desc;
+
+	ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE);
+	if (ret < 0)
+		goto error_free_desc;
+
+	ret = crypto_shash_finup(desc, cert->tbs, cert->tbs_size, sig->digest);
+
+error_free_desc:
+	kfree(desc);
+error_free_tfm:
+	crypto_free_shash(tfm);
+	return ret;
+}
+#endif
+
 /*
  * Verify a signature using a public key.
  */
@@ -298,6 +351,14 @@ int public_key_verify_signature(const struct public_key *pkey,
 	if (ret)
 		goto error_free_key;
 
+#ifdef CONFIG_CRYPTO_SM2
+	if (strcmp(sig->pkey_algo, "sm2") == 0) {
+		ret = cert_sig_digest_update(sig, tfm);
+		if (ret)
+			goto error_free_key;
+	}
+#endif
+
 	sg_init_table(src_sg, 2);
 	sg_set_buf(&src_sg[0], sig->s, sig->s_size);
 	sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index d964cc82b69c..feccec08b244 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -30,6 +30,8 @@ int x509_get_sig_params(struct x509_certificate *cert)
 
 	pr_devel("==>%s()\n", __func__);
 
+	sig->cert = cert;
+
 	if (!cert->pub->pkey_algo)
 		cert->unsupported_key = true;
 
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 0588ef3bc6ff..27775e617e38 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -44,6 +44,7 @@ struct public_key_signature {
 	const char *pkey_algo;
 	const char *hash_algo;
 	const char *encoding;
+	void *cert;		/* For certificate */
 };
 
 extern void public_key_signature_free(struct public_key_signature *sig);
-- 
2.17.1


  parent reply	other threads:[~2020-02-16  9:00 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-16  8:59 [PATCH] Introduce OSCCA certificate and SM2 asymmetric algorithm Tianjia Zhang
2020-02-16  8:59 ` [PATCH 1/7] lib/mpi: Extend the MPI library Tianjia Zhang
2020-02-16  8:59 ` [PATCH 2/7] lib/mpi: Introduce ec implementation to " Tianjia Zhang
2020-02-16  8:59 ` [PATCH 3/7] crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm Tianjia Zhang
2020-02-16  8:59 ` [PATCH 4/7] crypto: testmgr - support test with different ciphertext per encryption Tianjia Zhang
2020-02-16  8:59 ` [PATCH 5/7] crypto: testmgr - Add SM2 test vectors Tianjia Zhang
2020-02-16  8:59 ` [PATCH 6/7] X.509: support OSCCA certificate parse Tianjia Zhang
2020-02-16  8:59 ` Tianjia Zhang [this message]
2020-03-17  6:31   ` [PATCH 7/7] X.509: support OSCCA sm2-with-sm3 certificate verification Gilad Ben-Yossef
2020-03-17  6:50     ` Tianjia Zhang
2020-03-02  6:27 ` [PATCH] Introduce OSCCA certificate and SM2 asymmetric algorithm Tianjia Zhang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200216085928.108838-8-tianjia.zhang@linux.alibaba.com \
    --to=tianjia.zhang@linux.alibaba.com \
    --cc=davem@davemloft.net \
    --cc=ebiggers@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=pvanleeuwen@rambus.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).