| Message ID | 20200402123504.84628-1-tianjia.zhang@linux.alibaba.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm | expand |
On Thu, Apr 02, 2020 at 08:34:57PM +0800, Tianjia Zhang wrote: > Hello all, > > This new module implement the OSCCA certificate and SM2 public key > algorithm. It was published by State Encryption Management Bureau, China. > List of specifications for OSCCA certificate and SM2 elliptic curve > public key cryptography: > > * GM/T 0003.1-2012 > * GM/T 0003.2-2012 > * GM/T 0003.3-2012 > * GM/T 0003.4-2012 > * GM/T 0003.5-2012 > * GM/T 0015-2012 > * GM/T 0009-2012 > > IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 > oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml > scctc: http://www.gmbz.org.cn/main/bzlb.html > > These patchs add the OID object identifier defined by OSCCA. The > x509 certificate supports sm2-with-sm3 type certificate parsing > and verification. I don't have any objections to the crypto API bits, but obviously this is contingent on the x509 bits getting accepted since that's the only in-kernel user. So can I see some acks on that please? Thanks,
On 2020/4/16 14:01, Herbert Xu wrote: > On Thu, Apr 02, 2020 at 08:34:57PM +0800, Tianjia Zhang wrote: >> Hello all, >> >> This new module implement the OSCCA certificate and SM2 public key >> algorithm. It was published by State Encryption Management Bureau, China. >> List of specifications for OSCCA certificate and SM2 elliptic curve >> public key cryptography: >> >> * GM/T 0003.1-2012 >> * GM/T 0003.2-2012 >> * GM/T 0003.3-2012 >> * GM/T 0003.4-2012 >> * GM/T 0003.5-2012 >> * GM/T 0015-2012 >> * GM/T 0009-2012 >> >> IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 >> oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml >> scctc: http://www.gmbz.org.cn/main/bzlb.html >> >> These patchs add the OID object identifier defined by OSCCA. The >> x509 certificate supports sm2-with-sm3 type certificate parsing >> and verification. > > I don't have any objections to the crypto API bits, but obviously > this is contingent on the x509 bits getting accepted since that's > the only in-kernel user. So can I see some acks on that please? > > Thanks, > Thanks for Herbert's reply. At present, the latest mainline openssl can generate SM2-with-SM3 certificates. I also provide commands for generating certificates and a test certificate in PEM format. ``` bash #!/bin/bash if [ ! -f openssl.cnf ]; then cat > openssl.cnf << EOF [ req ] default_bits = 2048 distinguished_name = req_distinguished_name prompt = no string_mask = utf8only x509_extensions = v3_req [ req_distinguished_name ] O = Test OU = Test CN = Test key emailAddress = test@foo.com [ v3_req ] basicConstraints=critical,CA:FALSE keyUsage=digitalSignature subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always EOF fi openssl ecparam -genkey -name SM2 -text -out private.pem openssl req -new \ -key private.pem \ -out csr.pem \ -sm3 -sigopt "distid:1234567812345678" \ -subj "/C=CN/ST=GS/L=Gt/O=baba/OU=OS/CN=hello/emailAddress=hello@world.com" openssl ecparam -genkey -name SM2 -text -out ca.key openssl req -new \ -x509 -days 3650 \ -sm3 -sigopt "distid:1234567812345678" \ -key ca.key \ -out ca.crt \ -subj "/C=CN/ST=GS/L=Gt/O=baba/OU=OS/CN=ca/emailAddress=ca@world.com" openssl x509 -req -days 3650 \ -sm3 \ -sigopt "distid:1234567812345678" \ -vfyopt "distid:1234567812345678" \ -CA ca.crt -CAkey ca.key -CAcreateserial \ -extfile openssl.cnf -extensions v3_req \ -in csr.pem \ -out cert.pem openssl x509 -in ca.crt -outform DER -out ca.der openssl x509 -in cert.pem -outform DER -out cert.der ``` The following content is the CA certificate and the signed SM2-with-SM3 certificate generated by the above command, both in PEM format. -----BEGIN CERTIFICATE----- MIICLjCCAdWgAwIBAgIUEoozP6LzMYWh4gCpcWlzsUyfgsIwCgYIKoEcz1UBg3Uw bTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdTMQswCQYDVQQHDAJHdDENMAsGA1UE CgwEYmFiYTELMAkGA1UECwwCT1MxCzAJBgNVBAMMAmNhMRswGQYJKoZIhvcNAQkB FgxjYUB3b3JsZC5jb20wHhcNMjAwNDE1MTE1NDA3WhcNMzAwNDEzMTE1NDA3WjBt MQswCQYDVQQGEwJDTjELMAkGA1UECAwCR1MxCzAJBgNVBAcMAkd0MQ0wCwYDVQQK DARiYWJhMQswCQYDVQQLDAJPUzELMAkGA1UEAwwCY2ExGzAZBgkqhkiG9w0BCQEW DGNhQHdvcmxkLmNvbTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABMTGRiHezKm5 MiKHlyfa5Bv5jLxge/WRRG0nLNsZx1yf0XQTQBR/tFFjPGePEr7+Fa1CPgYpXExx i44coYMmQT6jUzBRMB0GA1UdDgQWBBSjd9GWIe98Ll9J0dquxgCktp9DrTAfBgNV HSMEGDAWgBSjd9GWIe98Ll9J0dquxgCktp9DrTAPBgNVHRMBAf8EBTADAQH/MAoG CCqBHM9VAYN1A0cAMEQCIAvLWIfGFq85u/vVMLc5H1D/DnrNS0VhSkQA4daRO4tc AiABbeWENcQZDZLWTuqG9P2KDPOoNqV/QV/+0XjMAVblhg== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIICPzCCAeWgAwIBAgIUIaawP5HQDi5kTruyhLudFfeQ7uwwCgYIKoEcz1UBg3Uw bTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdTMQswCQYDVQQHDAJHdDENMAsGA1UE CgwEYmFiYTELMAkGA1UECwwCT1MxCzAJBgNVBAMMAmNhMRswGQYJKoZIhvcNAQkB FgxjYUB3b3JsZC5jb20wHhcNMjAwNDE1MTE1NDA3WhcNMzAwNDEzMTE1NDA3WjBz MQswCQYDVQQGEwJDTjELMAkGA1UECAwCR1MxCzAJBgNVBAcMAkd0MQ0wCwYDVQQK DARiYWJhMQswCQYDVQQLDAJPUzEOMAwGA1UEAwwFaGVsbG8xHjAcBgkqhkiG9w0B CQEWD2hlbGxvQHdvcmxkLmNvbTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABI6g M2mRfj3srY7wRV4TPmhbjKtcxshQ35EA4CRzTTHyLsDVa+7amJPs2Daquc9jgu+n GgPtFrp0uIv55XA5pHCjXTBbMAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0G A1UdDgQWBBQ76UB0skz7y4ic5V/PIWFLZ5XoDDAfBgNVHSMEGDAWgBSjd9GWIe98 Ll9J0dquxgCktp9DrTAKBggqgRzPVQGDdQNIADBFAiEA25WAmaN7g7M26lwMad4H AeO8YNSBOcHKc8AfCdYSS88CIBJji4xRm+wXCR9qkXj4g8HVhaYpvwlMukk9EYxw 09gJ -----END CERTIFICATE----- The following is the certificate information of SM2-with-SM3, the following command output: `openssl x509 -in cert.pem -noout -text` Certificate: Data: Version: 3 (0x2) Serial Number: 21:a6:b0:3f:91:d0:0e:2e:64:4e:bb:b2:84:bb:9d:15:f7:90:ee:ec Signature Algorithm: SM2-with-SM3 Issuer: C = CN, ST = GS, L = Gt, O = baba, OU = OS, CN = ca, emailAddress = ca@world.com Validity Not Before: Apr 15 11:54:07 2020 GMT Not After : Apr 13 11:54:07 2030 GMT Subject: C = CN, ST = GS, L = Gt, O = baba, OU = OS, CN = hello, emailAddress = hello@world.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:8e:a0:33:69:91:7e:3d:ec:ad:8e:f0:45:5e:13: 3e:68:5b:8c:ab:5c:c6:c8:50:df:91:00:e0:24:73: 4d:31:f2:2e:c0:d5:6b:ee:da:98:93:ec:d8:36:aa: b9:cf:63:82:ef:a7:1a:03:ed:16:ba:74:b8:8b:f9: e5:70:39:a4:70 ASN1 OID: SM2 X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 Key Usage: Digital Signature X509v3 Subject Key Identifier: 3B:E9:40:74:B2:4C:FB:CB:88:9C:E5:5F:CF:21:61:4B:67:95:E8:0C X509v3 Authority Key Identifier: A3:77:D1:96:21:EF:7C:2E:5F:49:D1:DA:AE:C6:00:A4:B6:9F:43:AD Signature Algorithm: SM2-with-SM3 Signature Value: 30:45:02:21:00:db:95:80:99:a3:7b:83:b3:36:ea:5c:0c:69: de:07:01:e3:bc:60:d4:81:39:c1:ca:73:c0:1f:09:d6:12:4b: cf:02:20:12:63:8b:8c:51:9b:ec:17:09:1f:6a:91:78:f8:83: c1:d5:85:a6:29:bf:09:4c:ba:49:3d:11:8c:70:d3:d8:09 If additional information is needed, I can provide it. Thanks and best, Tianjia
On 2020/4/16 14:01, Herbert Xu wrote: > On Thu, Apr 02, 2020 at 08:34:57PM +0800, Tianjia Zhang wrote: >> Hello all, >> >> This new module implement the OSCCA certificate and SM2 public key >> algorithm. It was published by State Encryption Management Bureau, China. >> List of specifications for OSCCA certificate and SM2 elliptic curve >> public key cryptography: >> >> * GM/T 0003.1-2012 >> * GM/T 0003.2-2012 >> * GM/T 0003.3-2012 >> * GM/T 0003.4-2012 >> * GM/T 0003.5-2012 >> * GM/T 0015-2012 >> * GM/T 0009-2012 >> >> IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 >> oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml >> scctc: http://www.gmbz.org.cn/main/bzlb.html >> >> These patchs add the OID object identifier defined by OSCCA. The >> x509 certificate supports sm2-with-sm3 type certificate parsing >> and verification. > > I don't have any objections to the crypto API bits, but obviously > this is contingent on the x509 bits getting accepted since that's > the only in-kernel user. So can I see some acks on that please? > > Thanks, > Hi Herbert, Any opinion on this series patches? Do I need to provide additional information ? Thanks and best, Tianjia
On Fri, May 29, 2020 at 07:04:48PM +0800, Tianjia Zhang wrote: > > On 2020/4/16 14:01, Herbert Xu wrote: > > On Thu, Apr 02, 2020 at 08:34:57PM +0800, Tianjia Zhang wrote: > > > Hello all, > > > > > > This new module implement the OSCCA certificate and SM2 public key > > > algorithm. It was published by State Encryption Management Bureau, China. > > > List of specifications for OSCCA certificate and SM2 elliptic curve > > > public key cryptography: > > > > > > * GM/T 0003.1-2012 > > > * GM/T 0003.2-2012 > > > * GM/T 0003.3-2012 > > > * GM/T 0003.4-2012 > > > * GM/T 0003.5-2012 > > > * GM/T 0015-2012 > > > * GM/T 0009-2012 > > > > > > IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 > > > oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml > > > scctc: http://www.gmbz.org.cn/main/bzlb.html > > > > > > These patchs add the OID object identifier defined by OSCCA. The > > > x509 certificate supports sm2-with-sm3 type certificate parsing > > > and verification. > > > > I don't have any objections to the crypto API bits, but obviously > > this is contingent on the x509 bits getting accepted since that's > > the only in-kernel user. So can I see some acks on that please? > > Any opinion on this series patches? Do I need to provide additional > information ? As I said I need acks for the patches outside of the crypto API. Thanks,
Hello all, This new module implement the OSCCA certificate and SM2 public key algorithm. It was published by State Encryption Management Bureau, China. List of specifications for OSCCA certificate and SM2 elliptic curve public key cryptography: * GM/T 0003.1-2012 * GM/T 0003.2-2012 * GM/T 0003.3-2012 * GM/T 0003.4-2012 * GM/T 0003.5-2012 * GM/T 0015-2012 * GM/T 0009-2012 IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml scctc: http://www.gmbz.org.cn/main/bzlb.html These patchs add the OID object identifier defined by OSCCA. The x509 certificate supports sm2-with-sm3 type certificate parsing and verification. The sm2 algorithm is based on libgcrypt's mpi implementation, and has made some additions to the kernel's original mpi library, and added the implementation of ec to better support elliptic curve-like algorithms. sm2 has good support in both openssl and gnupg projects, and sm3 and sm4 of the OSCCA algorithm family have also been implemented in the kernel. Among them, sm3 and sm4 have been well implemented in the kernel. This group of patches has newly introduced sm2. In order to implement sm2 more perfectly, I expanded the mpi library and introduced the ec implementation of the mpi library as the basic algorithm. Compared to the kernel's crypto/ecc.c, the implementation of mpi/ec.c is more complete and elegant, sm2 is implemented based on these algorithms. --- v2 changes: 1. simplify the sm2 algorithm and only retain the verify function 2. extract the sm2 certificate code into a separate file Tianjia Zhang (7): crypto: sm3 - export crypto_sm3_final function lib/mpi: Extend the MPI library lib/mpi: Introduce ec implementation to MPI library crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm crypto: testmgr - support test with different ciphertext per encryption X.509: support OSCCA certificate parse X.509: support OSCCA sm2-with-sm3 certificate verification crypto/Kconfig | 17 + crypto/Makefile | 8 + crypto/asymmetric_keys/Makefile | 1 + crypto/asymmetric_keys/public_key.c | 6 + crypto/asymmetric_keys/public_key_sm2.c | 59 + crypto/asymmetric_keys/x509_cert_parser.c | 14 +- crypto/asymmetric_keys/x509_public_key.c | 2 + crypto/sm2.c | 498 +++++++ crypto/sm2signature.asn1 | 4 + crypto/sm3_generic.c | 7 +- crypto/testmgr.c | 7 +- include/crypto/public_key.h | 14 + include/crypto/sm2.h | 25 + include/crypto/sm3.h | 2 + include/linux/mpi.h | 193 +++ include/linux/oid_registry.h | 6 + lib/mpi/Makefile | 6 + lib/mpi/ec.c | 1538 +++++++++++++++++++++ lib/mpi/mpi-add.c | 207 +++ lib/mpi/mpi-bit.c | 251 ++++ lib/mpi/mpi-cmp.c | 46 +- lib/mpi/mpi-div.c | 259 ++++ lib/mpi/mpi-internal.h | 53 + lib/mpi/mpi-inv.c | 143 ++ lib/mpi/mpi-mod.c | 155 +++ lib/mpi/mpi-mul.c | 166 +++ lib/mpi/mpicoder.c | 336 +++++ lib/mpi/mpih-div.c | 294 ++++ lib/mpi/mpih-mul.c | 25 + lib/mpi/mpiutil.c | 204 +++ 30 files changed, 4531 insertions(+), 15 deletions(-) create mode 100644 crypto/asymmetric_keys/public_key_sm2.c create mode 100644 crypto/sm2.c create mode 100644 crypto/sm2signature.asn1 create mode 100644 include/crypto/sm2.h create mode 100644 lib/mpi/ec.c create mode 100644 lib/mpi/mpi-add.c create mode 100644 lib/mpi/mpi-div.c create mode 100644 lib/mpi/mpi-inv.c create mode 100644 lib/mpi/mpi-mod.c create mode 100644 lib/mpi/mpi-mul.c