Skip to content

Commit

Permalink
TKSS-594: Enhance passing SM2SignatureParameterSpec to sm2sig_sm3
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnshajiang
johnshajiang committed Dec 13, 2023
1 parent 6da0295 commit 6c44974
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 46 deletions.
21 changes: 2 additions & 19 deletions kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/CertificateVerify.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -674,15 +674,8 @@ static final class T12CertificateVerifyMessage extends HandshakeMessage {
// opaque signature<0..2^16-1>;
this.signature = Record.getBytes16(m);
try {
// Set ID and public key for SM3withSM2.
SM2SignatureParameterSpec smSignParamSpec = null;
if (PKIXUtils.isSM3withSM2(signatureScheme.name)) {
smSignParamSpec = new SM2SignatureParameterSpec(
(ECPublicKey) x509Credentials.popPublicKey);
}

Signature signer = signatureScheme.getVerifier(
x509Credentials.popPublicKey, smSignParamSpec);
x509Credentials.popPublicKey);
signer.update(shc.handshakeHash.archived());
if (!signer.verify(signature)) {
throw shc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
Expand Down Expand Up @@ -1019,18 +1012,8 @@ static final class T13CertificateVerifyMessage extends HandshakeMessage {
}

try {
// Set ID and public key for SM3withSM2.
SM2SignatureParameterSpec smSignParamSpec = null;
X509Certificate popCert = x509Credentials.popCerts[0];
if (PKIXUtils.isSM3withSM2(popCert.getSigAlgName())) {
smSignParamSpec = new SM2SignatureParameterSpec(
Utilities.TLS13_SM_ID,
(ECPublicKey) x509Credentials.popPublicKey);
}

Signature signer = signatureScheme.getVerifier(
x509Credentials.popPublicKey, smSignParamSpec);

x509Credentials.popPublicKey, true);

signer.update(contentCovered);
if (!signer.verify(signature)) {
Expand Down
4 changes: 4 additions & 0 deletions kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/ProtocolVersion.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -365,6 +365,10 @@ boolean isTLS12() {
return this.id == TLS12.id;
}

boolean isTLS13() {
return this.id == TLS13.id;
}

/**
* Return true if this ProtocolVersion object is of (D)TLS 1.3 or
* newer version.
Expand Down
48 changes: 26 additions & 22 deletions kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/SignatureScheme.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@

import com.tencent.kona.crypto.CryptoInsts;
import com.tencent.kona.crypto.spec.SM2SignatureParameterSpec;
import com.tencent.kona.crypto.util.Constants;
import com.tencent.kona.sun.security.ssl.NamedGroup.NamedGroupSpec;
import com.tencent.kona.sun.security.ssl.X509Authentication.X509Possession;
import com.tencent.kona.sun.security.util.KeyUtil;
Expand Down Expand Up @@ -507,16 +506,6 @@ static Map.Entry<SignatureScheme, Signature> getSignerOfPreferableAlgorithm(
NamedGroup namedGroup = params != null
? NamedGroup.valueOf(params) : null;

// Just select sm2sig_sm3 for curveSM2.
if (namedGroup == NamedGroup.CURVESM2) {
SM2SignatureParameterSpec paramSpec = !version.useTLS13PlusSpec()
? new SM2SignatureParameterSpec((ECPublicKey) publicKey)
: new SM2SignatureParameterSpec(Utilities.TLS13_SM_ID,
(ECPublicKey) publicKey);
Signature signer = SignatureScheme.SM2SIG_SM3.getSigner(signingKey, paramSpec);
return new SimpleImmutableEntry<>(SignatureScheme.SM2SIG_SM3, signer);
}

String keyAlgorithm = signingKey.getAlgorithm();
int keySize;
// Only need to check RSA algorithm at present.
Expand All @@ -534,7 +523,8 @@ static Map.Entry<SignatureScheme, Signature> getSignerOfPreferableAlgorithm(
if ((ss.namedGroup != null) && (ss.namedGroup.spec ==
NamedGroupSpec.NAMED_GROUP_ECDHE)) {
if (namedGroup == ss.namedGroup) {
Signature signer = ss.getSigner(signingKey);
Signature signer = ss.getSigner(signingKey,
publicKey, version.isTLS13());
if (signer != null) {
return new SimpleImmutableEntry<>(ss, signer);
}
Expand Down Expand Up @@ -603,18 +593,25 @@ static String[] getAlgorithmNames(Collection<SignatureScheme> schemes) {
// is bubbled up. If the public key does not support this signature
// scheme, it normally means the TLS handshaking cannot continue and
// the connection should be terminated.
Signature getVerifier(PublicKey publicKey,
SM2SignatureParameterSpec smSignParamSpec)
Signature getVerifier(PublicKey publicKey, boolean isTLS13)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException {
if (!isAvailable) {
return null;
}

Signature verifier = CryptoInsts.getSignature(algorithm);
if (smSignParamSpec != null) {
verifier.setParameter(smSignParamSpec);

// sm2sig_sm3 always needs SM2SignatureParameterSpec containing public key.
// And for TLS 1.3, the spec has to set "TLSv1.3+GM+Cipher+Suite" as ID.
if (this == SM2SIG_SM3) {
SM2SignatureParameterSpec paramSpec = isTLS13
? new SM2SignatureParameterSpec(Utilities.TLS13_SM_ID,
(ECPublicKey) publicKey)
: new SM2SignatureParameterSpec((ECPublicKey) publicKey);
verifier.setParameter(paramSpec);
}

SignatureUtil.initVerifyWithParam(verifier, publicKey,
(signAlgParams != null ? signAlgParams.parameterSpec : null));

Expand All @@ -624,24 +621,31 @@ Signature getVerifier(PublicKey publicKey,
Signature getVerifier(PublicKey publicKey)
throws InvalidAlgorithmParameterException,
NoSuchAlgorithmException, InvalidKeyException {
return getVerifier(publicKey, null);
return getVerifier(publicKey, false);
}

// This method is also used to choose preferable signature scheme for the
// specific private key. If the private key does not support the signature
// scheme, {@code null} is returned, and the caller may fail back to next
// available signature scheme.
Signature getSigner(PrivateKey privateKey,
SM2SignatureParameterSpec smSignParamSpec) {
Signature getSigner(PrivateKey privateKey, PublicKey publicKey, boolean isTLS13) {
if (!isAvailable) {
return null;
}

try {
Signature signer = CryptoInsts.getSignature(algorithm);
if (smSignParamSpec != null) {
signer.setParameter(smSignParamSpec);

// sm2sig_sm3 always needs SM2SignatureParameterSpec containing public key.
// And for TLS 1.3, the spec has to set "TLSv1.3+GM+Cipher+Suite" as ID.
if (this == SM2SIG_SM3) {
SM2SignatureParameterSpec paramSpec = isTLS13
? new SM2SignatureParameterSpec(Utilities.TLS13_SM_ID,
(ECPublicKey) publicKey)
: new SM2SignatureParameterSpec((ECPublicKey) publicKey);
signer.setParameter(paramSpec);
}

SignatureUtil.initSignWithParam(signer, privateKey,
(signAlgParams != null ?
signAlgParams.parameterSpec : null),
Expand All @@ -661,6 +665,6 @@ Signature getSigner(PrivateKey privateKey,
}

Signature getSigner(PrivateKey privateKey) {
return getSigner(privateKey, null);
return getSigner(privateKey, null, false);
}
}
8 changes: 3 additions & 5 deletions kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPCertificateVerify.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,8 @@ private static final class TLCPCertificateVerifyMessage
try {
Signature signer = SignatureScheme.SM2SIG_SM3.getSigner(
tlcpPossession.popSignPrivateKey,
new SM2SignatureParameterSpec(
(ECPublicKey) tlcpPossession.popSignPublicKey));
tlcpPossession.popSignPublicKey,
false);
signer.update(chc.handshakeHash.digest());
temporary = signer.sign();
} catch (SignatureException se) {
Expand Down Expand Up @@ -152,9 +152,7 @@ private static final class TLCPCertificateVerifyMessage

try {
Signature signer = SignatureScheme.SM2SIG_SM3.getVerifier(
tlcpCredentials.popSignPublicKey,
new SM2SignatureParameterSpec(
(ECPublicKey) tlcpCredentials.popSignPublicKey));
tlcpCredentials.popSignPublicKey);

signer.update(shc.handshakeHash.digest());
if (!signer.verify(signature)) {
Expand Down

0 comments on commit 6c44974

Please sign in to comment.