Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1684054ybb; Thu, 2 Apr 2020 05:36:17 -0700 (PDT) X-Google-Smtp-Source: APiQypIafnhHuvkPMp+/6y6aFTkPNsmw2KeEVl7+5Xywbz8yiZY5WmYenc/Krf86A1uN3IHPjUUn X-Received: by 2002:aca:3889:: with SMTP id f131mr1926603oia.154.1585830977532; Thu, 02 Apr 2020 05:36:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585830977; cv=none; d=google.com; s=arc-20160816; b=CeyMGgWHGsx4aSBhgK6KWG70xSHirerwGeIVPenkDr1CqaoBH7CsTEa5jlSIypCFCz vBy9AUW30pfziyc0UPYPr6ZwYaMU39O4jP1Lej4EiQzbzC7MTSw2C32yj+KL+w4VwbMq owt+B3oFyu6UxKhJ4iXWKYvnuVCOwlEyiV0Vutd2MKQhu/wUSgElae/Czczs9hnCnM11 Fmro8yYrVZ9c0dIz4i4mR6WwLJ02POPDwmWdnXAa8SnW3tHn0rf4snnZMkz624DucnWw TQl5JwrnuLqFq2gdoR/fSjC+YybYfGx5bfqEoqKzRDG/PmQvT8Uw6KRgzEkCZb14CbSz KV3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=jb6LDcBwiKTUen38tkEsTu+9ll1Yfx15+9QZ51EOR9Y=; b=V18iWkgXU5BJmPuRsr4POYsDj4I3v9IUkZARfLXqIwRzjdfUmSqIUxWJzi71xJBIsM 2cLEjucRMThiA6UmxT+2wUu1J6iT3NtFF+0MBTg3tRNLFYCucws8GiimW6CauUz9pGkC XmDRlTyEwukJFYJC52p9cFqzhooL1v7JEHXRxQwHFhqHrOukTZi6+e8hh6Bgl2LM/XjX LhtkitUSm25/BTVnB8wUQ5s33giZqfZzn0I6GiZIidFDO9ogPz6go4AkO3ez7t1Ca9NJ alwa2m7dG54jVDZ9Xnu1ovGC+y0y508nhpyN2RI9+oZhQ0RTIxtvSL4sicxKvqz+/h7O pCGw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k92si2387372otk.261.2020.04.02.05.36.05; Thu, 02 Apr 2020 05:36:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387849AbgDBMfg (ORCPT + 99 others); Thu, 2 Apr 2020 08:35:36 -0400 Received: from out30-56.freemail.mail.aliyun.com ([115.124.30.56]:41684 "EHLO out30-56.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387752AbgDBMfg (ORCPT ); Thu, 2 Apr 2020 08:35:36 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R131e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e07488;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=17;SR=0;TI=SMTPD_---0TuQbXI9_1585830904; Received: from localhost(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0TuQbXI9_1585830904) by smtp.aliyun-inc.com(127.0.0.1); Thu, 02 Apr 2020 20:35:04 +0800 From: Tianjia Zhang To: herbert@gondor.apana.org.au, davem@davemloft.net, ebiggers@kernel.org, ebiggers@google.com, pvanleeuwen@rambus.com, zohar@linux.ibm.com, gilad@benyossef.com, jarkko.sakkinen@linux.intel.com, dmitry.kasatkin@intel.com, nicstange@gmail.com, tadeusz.struk@intel.com, jmorris@namei.org, serge@hallyn.com, zhang.jia@linux.alibaba.com Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, tianjia.zhang@linux.alibaba.com Subject: [PATCH v2 0/7] crpyto: introduce OSCCA certificate and SM2 asymmetric algorithm Date: Thu, 2 Apr 2020 20:34:57 +0800 Message-Id: <20200402123504.84628-1-tianjia.zhang@linux.alibaba.com> X-Mailer: git-send-email 2.17.1 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hello all, This new module implement the OSCCA certificate and SM2 public key algorithm. It was published by State Encryption Management Bureau, China. List of specifications for OSCCA certificate and SM2 elliptic curve public key cryptography: * GM/T 0003.1-2012 * GM/T 0003.2-2012 * GM/T 0003.3-2012 * GM/T 0003.4-2012 * GM/T 0003.5-2012 * GM/T 0015-2012 * GM/T 0009-2012 IETF: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 oscca: http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml scctc: http://www.gmbz.org.cn/main/bzlb.html These patchs add the OID object identifier defined by OSCCA. The x509 certificate supports sm2-with-sm3 type certificate parsing and verification. The sm2 algorithm is based on libgcrypt's mpi implementation, and has made some additions to the kernel's original mpi library, and added the implementation of ec to better support elliptic curve-like algorithms. sm2 has good support in both openssl and gnupg projects, and sm3 and sm4 of the OSCCA algorithm family have also been implemented in the kernel. Among them, sm3 and sm4 have been well implemented in the kernel. This group of patches has newly introduced sm2. In order to implement sm2 more perfectly, I expanded the mpi library and introduced the ec implementation of the mpi library as the basic algorithm. Compared to the kernel's crypto/ecc.c, the implementation of mpi/ec.c is more complete and elegant, sm2 is implemented based on these algorithms. --- v2 changes: 1. simplify the sm2 algorithm and only retain the verify function 2. extract the sm2 certificate code into a separate file Tianjia Zhang (7): crypto: sm3 - export crypto_sm3_final function lib/mpi: Extend the MPI library lib/mpi: Introduce ec implementation to MPI library crypto: sm2 - introduce OSCCA SM2 asymmetric cipher algorithm crypto: testmgr - support test with different ciphertext per encryption X.509: support OSCCA certificate parse X.509: support OSCCA sm2-with-sm3 certificate verification crypto/Kconfig | 17 + crypto/Makefile | 8 + crypto/asymmetric_keys/Makefile | 1 + crypto/asymmetric_keys/public_key.c | 6 + crypto/asymmetric_keys/public_key_sm2.c | 59 + crypto/asymmetric_keys/x509_cert_parser.c | 14 +- crypto/asymmetric_keys/x509_public_key.c | 2 + crypto/sm2.c | 498 +++++++ crypto/sm2signature.asn1 | 4 + crypto/sm3_generic.c | 7 +- crypto/testmgr.c | 7 +- include/crypto/public_key.h | 14 + include/crypto/sm2.h | 25 + include/crypto/sm3.h | 2 + include/linux/mpi.h | 193 +++ include/linux/oid_registry.h | 6 + lib/mpi/Makefile | 6 + lib/mpi/ec.c | 1538 +++++++++++++++++++++ lib/mpi/mpi-add.c | 207 +++ lib/mpi/mpi-bit.c | 251 ++++ lib/mpi/mpi-cmp.c | 46 +- lib/mpi/mpi-div.c | 259 ++++ lib/mpi/mpi-internal.h | 53 + lib/mpi/mpi-inv.c | 143 ++ lib/mpi/mpi-mod.c | 155 +++ lib/mpi/mpi-mul.c | 166 +++ lib/mpi/mpicoder.c | 336 +++++ lib/mpi/mpih-div.c | 294 ++++ lib/mpi/mpih-mul.c | 25 + lib/mpi/mpiutil.c | 204 +++ 30 files changed, 4531 insertions(+), 15 deletions(-) create mode 100644 crypto/asymmetric_keys/public_key_sm2.c create mode 100644 crypto/sm2.c create mode 100644 crypto/sm2signature.asn1 create mode 100644 include/crypto/sm2.h create mode 100644 lib/mpi/ec.c create mode 100644 lib/mpi/mpi-add.c create mode 100644 lib/mpi/mpi-div.c create mode 100644 lib/mpi/mpi-inv.c create mode 100644 lib/mpi/mpi-mod.c create mode 100644 lib/mpi/mpi-mul.c -- 2.17.1