packages/libtpms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add SM3 and SM4 support

Browse Source
This commit is contained in:
fly2x 2023-11-02 22:41:43 +08:00
parent 32bf6ee7c9
commit f123a1794e
2 changed files with 835 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

830
0002-tpm2-add-SM3-and-SM4-support.patch Normal file
View File

@ -0,0 +1,830 @@
From 88d5468aaa577566eb5384d4e65f092adaf85afd Mon Sep 17 00:00:00 2001
From: fly2x <fly2x@hitls.org>
Date: Thu, 2 Nov 2023 08:17:38 +0800
Subject: [PATCH] tpm2 add SM3 and SM4 support
---
configure.ac | 14 +++
src/tpm2/AlgorithmTests.c | 1 +
src/tpm2/HashTestData.h | 6 +-
src/tpm2/Marshal.c | 11 +-
src/tpm2/Marshal_fp.h | 4 +
src/tpm2/NVMarshal.c | 156 ++++++++++++++++++++++--
src/tpm2/StateMarshal.c | 2 -
src/tpm2/SymmetricTest.h | 2 +-
src/tpm2/SymmetricTestData.h | 4 +-
src/tpm2/TpmProfile.h | 1 +
src/tpm2/Unmarshal_fp.h | 4 +
src/tpm2/Volatile.c | 2 -
src/tpm2/crypto/CryptSym.h | 4 +
src/tpm2/crypto/openssl/CryptCmac.c | 11 +-
src/tpm2/crypto/openssl/CryptSym.c | 18 +++
src/tpm2/crypto/openssl/Helpers.c | 101 ++++++++++++++-
src/tpm2/crypto/openssl/TpmToOsslHash.h | 25 ++--
src/tpm2/crypto/openssl/TpmToOsslSym.h | 33 ++---
src/tpm_tpm2_interface.c | 3 +
19 files changed, 351 insertions(+), 51 deletions(-)
diff --git a/configure.ac b/configure.ac
index d6a6c5e..f488467 100644
--- a/configure.ac
+++ b/configure.ac
@@ -106,6 +106,20 @@ AC_ARG_WITH([openssl],
]
)
+AC_ARG_WITH([openssl-SM],
+ AS_HELP_STRING([--with-openssl-SM], [libtpms supports SM3 and SM4, default not support]), [with_openssl_SM=yes], [with_openssl_SM=no]
+)
+
+AS_IF([test "x$with_openssl_SM" != "xno"], [
+ AC_DEFINE([ALG_SM3_256], [1], [1 denotes to support SM3, and 0 not support])
+ AC_DEFINE([ALG_SM4], [1], [1 denotes to support SM4, and 0 not support])
+])
+
+AS_IF([test "x$with_openssl_SM" = "xno"], [
+ AC_DEFINE([ALG_SM3_256], [0], [1 denotes to support SM3, and 0 not support])
+ AC_DEFINE([ALG_SM4], [0], [1 denotes to support SM4, and 0 not support])
+])
+
case "$cryptolib" in
freebl)
AM_CONDITIONAL(LIBTPMS_USE_FREEBL, true)
diff --git a/src/tpm2/AlgorithmTests.c b/src/tpm2/AlgorithmTests.c
index 08ee6b0..9cb2e29 100644
--- a/src/tpm2/AlgorithmTests.c
+++ b/src/tpm2/AlgorithmTests.c
@@ -846,6 +846,7 @@ TestAlgorithm(
// if SM4 is implemented, its test is like other block ciphers but there
// aren't any test vectors for it yet
// case TPM_ALG_SM4:
+ case TPM_ALG_SM4: /* libtpms added */
#endif
#if ALG_CAMELLIA
case TPM_ALG_CAMELLIA: // libtpms activated
diff --git a/src/tpm2/HashTestData.h b/src/tpm2/HashTestData.h
index ea0b0af..fe5d25d 100644
--- a/src/tpm2/HashTestData.h
+++ b/src/tpm2/HashTestData.h
@@ -130,7 +130,11 @@ TPM2B_SHA512 c_SHA512_digest = {{64, {
TPM2B_TYPE(EMPTY, 1);
#if ALG_SM3_256 == YES
-TPM2B_EMPTY c_SM3_256_digest = {{0, {0}}};
+TPM2B_TYPE(SM3_256, 32);
+TPM2B_SM3_256 c_SM3_256_digest = {{32, {
+ 0xbb,0x9e,0x23,0x79,0xfe,0xbb,0xf8,0xb0,0x1d,0x27,0x5f,0x30,0x71,0xbe,0xce,0x8a,
+ 0xb7,0x3f,0xee,0x6b,0xed,0xd7,0xee,0x45,0x4f,0x80,0xca,0x70,0x6c,0x09,0xb6,0x1a
+ }}};
#endif
#if ALG_SHA3_256 == YES
diff --git a/src/tpm2/Marshal.c b/src/tpm2/Marshal.c
index fe83b21..706acdc 100644
--- a/src/tpm2/Marshal.c
+++ b/src/tpm2/Marshal.c
@@ -1178,7 +1178,15 @@ TPMI_AES_KEY_BITS_Marshal(TPMI_AES_KEY_BITS *source, BYTE **buffer, INT32 *size)
written += TPM_KEY_BITS_Marshal(source, buffer, size);
return written;
}
-
+#if ALG_SM4 // libtpms add
+UINT16
+TPMI_SM4_KEY_BITS_Marshal(TPMI_SM4_KEY_BITS *source, BYTE **buffer, INT32 *size)
+{
+ UINT16 written = 0;
+ written += TPM_KEY_BITS_Marshal(source, buffer, size);
+ return written;
+}
+#endif
UINT16 // libtpms added begin
TPMI_TDES_KEY_BITS_Marshal(TPMI_TDES_KEY_BITS *source, BYTE **buffer, INT32 *size)
{
@@ -1186,7 +1194,6 @@ TPMI_TDES_KEY_BITS_Marshal(TPMI_TDES_KEY_BITS *source, BYTE **buffer, INT32 *siz
written += TPM_KEY_BITS_Marshal(source, buffer, size);
return written;
}
-
#if ALG_CAMELLIA
UINT16
TPMI_CAMELLIA_KEY_BITS_Marshal(TPMI_CAMELLIA_KEY_BITS *source, BYTE **buffer, INT32 *size)
diff --git a/src/tpm2/Marshal_fp.h b/src/tpm2/Marshal_fp.h
index d52f497..e7562ef 100644
--- a/src/tpm2/Marshal_fp.h
+++ b/src/tpm2/Marshal_fp.h
@@ -238,6 +238,10 @@ extern "C" {
TPM2B_ATTEST_Marshal(TPM2B_ATTEST *source, BYTE **buffer, INT32 *size);
UINT16
TPMI_AES_KEY_BITS_Marshal(TPMI_AES_KEY_BITS *source, BYTE **buffer, INT32 *size);
+#if ALG_SM4 // libtpms added
+ UINT16
+ TPMI_SM4_KEY_BITS_Marshal(TPMI_SM4_KEY_BITS *source, BYTE **buffer, INT32 *size);
+#endif
UINT16 // libtpms added
TPMI_TDES_KEY_BITS_Marshal(TPMI_TDES_KEY_BITS *source, BYTE **buffer, INT32 *size);
UINT16
diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
index c7cd1e0..e2f83de 100644
--- a/src/tpm2/NVMarshal.c
+++ b/src/tpm2/NVMarshal.c
@@ -774,8 +774,8 @@ PCR_SAVE_Marshal(PCR_SAVE *data, BYTE **buffer, INT32 *size)
written += Array_Marshal((BYTE *)&data->Sm3_256, array_size,
buffer, size);
#endif
-#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512 || ALG_SM3_256
-#error SHA3 and SM3 are not supported
+#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512
+#error SHA3 is not supported
#endif
/* end marker */
@@ -879,8 +879,8 @@ PCR_SAVE_Unmarshal(PCR_SAVE *data, BYTE **buffer, INT32 *size,
t = (BYTE *)&data->Sm3_256;
break;
#endif
-#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512 || ALG_SM3_256
-#error SHA3 and SM3 are not supported
+#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512
+#error SHA3 is not supported
#endif
case TPM_ALG_NULL:
/* end marker */
@@ -990,8 +990,8 @@ PCR_Marshal(PCR *data, BYTE **buffer, INT32 *size)
written += Array_Marshal((BYTE *)&data->Sm3_256Pcr, array_size,
buffer, size);
#endif
-#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512 || ALG_SM3_256
-#error SHA3 and SM3 are not supported
+#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512
+#error SHA3 is not supported
#endif
/* end marker */
@@ -1061,8 +1061,8 @@ PCR_Unmarshal(PCR *data, BYTE **buffer, INT32 *size,
t = (BYTE *)&data->Sm3_256Pcr;
break;
#endif
-#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512 || ALG_SM3_256
-#error SHA3 and SM3 are not supported
+#if ALG_SHA3_256 || ALG_SHA3_384 || ALG_SHA3_512
+#error SHA3 is not supported
#endif
case TPM_ALG_NULL:
/* end marker */
@@ -2032,6 +2032,134 @@ skip_future_versions:
}
#endif
+#if ALG_SM3_256
+
+#define HASH_STATE_SM3_256_MAGIC 0x10854a09
+#define HASH_STATE_SM3_256_VERSION 2
+
+static UINT16
+tpmHashStateSM3_256_Marshal(tpmHashStateSM3_256_t *data, BYTE **buffer, INT32 *size,
+ UINT16 hashAlg)
+{
+ UINT16 written = 0;
+ UINT16 array_size;
+ SM3_CTX *sm3_ctx = NULL;
+ BLOCK_SKIP_INIT;
+
+ sm3_ctx = EVP_MD_CTX_md_data(*data);
+ written = NV_HEADER_Marshal(buffer, size,
+ HASH_STATE_SM3_256_VERSION,
+ HASH_STATE_SM3_256_MAGIC, 1);
+ written += UINT32_Marshal(&sm3_ctx->A, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->B, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->C, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->D, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->E, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->F, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->G, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->H, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->Nl, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->Nh, buffer, size);
+ /* data must be written as array */
+ array_size = sizeof(sm3_ctx->data);
+ written += UINT16_Marshal(&array_size, buffer, size);
+ written += Array_Marshal((BYTE *)&sm3_ctx->data[0], array_size, buffer, size);
+ written += UINT32_Marshal(&sm3_ctx->num, buffer, size);
+ written += BLOCK_SKIP_WRITE_PUSH(TRUE, buffer, size);
+ /* future versions append below this line */
+
+ BLOCK_SKIP_WRITE_POP(size);
+
+ BLOCK_SKIP_WRITE_CHECK;
+
+ return written;
+}
+
+static UINT16
+tpmHashStateSM3_256_Unmarshal(tpmHashStateSM3_256_t *data, BYTE **buffer, INT32 *size,
+ UINT16 hashAlg)
+{
+ UINT16 rc = TPM_RC_SUCCESS;
+ UINT16 array_size;
+ NV_HEADER hdr;
+ SM3_CTX *sm3_ctx = NULL;
+
+ (*data) = EVP_MD_CTX_new();
+ if ((*data) == NULL) {
+ rc = TPM_RC_FAILURE;
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ EVP_DigestInit_ex(*data, EVP_sm3(), NULL);
+ sm3_ctx = EVP_MD_CTX_md_data(*data);
+ }
+
+ if (rc == TPM_RC_SUCCESS) {
+ rc = NV_HEADER_Unmarshal(&hdr, buffer, size,
+ HASH_STATE_SM3_256_VERSION,
+ HASH_STATE_SM3_256_MAGIC);
+ }
+
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->A, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->B, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->C, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->D, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->E, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->F, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->G, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->H, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->Nl, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->Nh, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT16_Unmarshal(&array_size, buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS &&
+ array_size != sizeof(sm3_ctx->data)) {
+ TPMLIB_LogTPM2Error("HASH_STATE_SM3_256: Bad array size for data; "
+ "expected %zu, got %u\n",
+ sizeof(sm3_ctx->data), array_size);
+ rc = TPM_RC_BAD_PARAMETER;
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = Array_Unmarshal((BYTE *)&sm3_ctx->data[0], array_size,
+ buffer, size);
+ }
+ if (rc == TPM_RC_SUCCESS) {
+ rc = UINT32_Unmarshal(&sm3_ctx->num, buffer, size);
+ }
+
+ /* version 2 starts having indicator for next versions that we can skip;
+ this allows us to downgrade state */
+ if (rc == TPM_RC_SUCCESS && hdr.version >= 2) {
+ BLOCK_SKIP_READ(skip_future_versions, FALSE, buffer, size,
+ "HASH_STATE_SM3_256", "version 3 or later");
+ /* future versions nest-append here */
+ }
+skip_future_versions:
+
+ return rc;
+}
+#endif
+
#define ANY_HASH_STATE_MAGIC 0x349d494b
#define ANY_HASH_STATE_VERSION 2
@@ -2068,6 +2196,12 @@ ANY_HASH_STATE_Marshal(ANY_HASH_STATE *data, BYTE **buffer, INT32 *size,
written += tpmHashStateSHA512_Marshal(&data->Sha512, buffer, size,
ALG_SHA512_VALUE);
break;
+#endif
+#if ALG_SM3_256
+ case ALG_SM3_256_VALUE:
+ written += tpmHashStateSM3_256_Marshal(&data->Sm3_256, buffer, size,
+ ALG_SM3_256_VALUE);
+ break;
#endif
default:
break;
@@ -2118,6 +2252,12 @@ ANY_HASH_STATE_Unmarshal(ANY_HASH_STATE *data, BYTE **buffer, INT32 *size,
rc = tpmHashStateSHA512_Unmarshal(&data->Sha512, buffer, size,
ALG_SHA512_VALUE);
break;
+#endif
+#if ALG_SM3_256
+ case ALG_SM3_256_VALUE:
+ rc = tpmHashStateSM3_256_Unmarshal(&data->Sm3_256, buffer, size,
+ ALG_SM3_256_VALUE);
+ break;
#endif
}
diff --git a/src/tpm2/StateMarshal.c b/src/tpm2/StateMarshal.c
index fbb2662..3eabaf8 100644
--- a/src/tpm2/StateMarshal.c
+++ b/src/tpm2/StateMarshal.c
@@ -38,8 +38,6 @@
#include <stdlib.h>
-#include "config.h"
-
#include "StateMarshal.h"
#include "Volatile.h"
diff --git a/src/tpm2/SymmetricTest.h b/src/tpm2/SymmetricTest.h
index 058f50a..8083191 100644
--- a/src/tpm2/SymmetricTest.h
+++ b/src/tpm2/SymmetricTest.h
@@ -96,7 +96,7 @@ const SYMMETRIC_TEST_VECTOR c_symTestValues[NUM_SYMS + 1] = {
#if ALG_SM4 && SM4_128 // libtpms activated
{TPM_ALG_SM4, 128, key_SM4128, 16, sizeof(dataIn_SM4128), dataIn_SM4128,
{dataOut_SM4128_CTR, dataOut_SM4128_OFB, dataOut_SM4128_CBC,
- dataOut_SM4128_CFB, dataOut_AES128_ECB}},
+ dataOut_SM4128_CFB, dataOut_SM4128_ECB}},
#endif
// libtpms added begin
#if ALG_TDES && TDES_128
diff --git a/src/tpm2/SymmetricTestData.h b/src/tpm2/SymmetricTestData.h
index 77321fa..f8a8e7e 100644
--- a/src/tpm2/SymmetricTestData.h
+++ b/src/tpm2/SymmetricTestData.h
@@ -367,7 +367,7 @@ const BYTE dataOut_SM4128_ECB [] = {
0x2F, 0x1D, 0x30, 0x5A, 0x7F, 0xB1, 0x7D, 0xF9,
0x85, 0xF8, 0x1C, 0x84, 0x82, 0x19, 0x23, 0x04,
0x00, 0x2A, 0x8A, 0x4E, 0xFA, 0x86, 0x3C, 0xCA,
- 0xD0, 0x24, 0xAC, 0x03, 0x00, 0xBB, 0x40, 0xD2}
+ 0xD0, 0x24, 0xAC, 0x03, 0x00, 0xBB, 0x40, 0xD2};
const BYTE dataOut_SM4128_CBC [] = {
0x78, 0xEB, 0xB1, 0x1C, 0xC4, 0x0B, 0x0A, 0x48,
0x31, 0x2A, 0xAE, 0xB2, 0x04, 0x02, 0x44, 0xCB,
@@ -389,7 +389,7 @@ const BYTE dataOut_SM4128_OFB [] = {
echo "AAAAAAAABBBBBBBBCCCCCCCCDDDDDDDDEEEEEEEEFFFFFFFFAAAAAAAABBBBBBBB" | xxd -p -r > plain.txt
openssl enc -sm4-ctr -in plain.txt -iv "F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF" -out out.txt -K "0123456789ABCDEFFEDCBA9876543210"
*/
-const BYTE dataOut_SM4_CTR [] = {
+const BYTE dataOut_SM4128_CTR [] = {
0xF4, 0x88, 0x4C, 0x6D, 0x39, 0x7E, 0x0B, 0x06,
0x3D, 0xAC, 0xD9, 0x46, 0x1A, 0xA4, 0xA5, 0x6A,
0x60, 0xDD, 0xA7, 0x5F, 0x86, 0xBC, 0xFE, 0xA4,
diff --git a/src/tpm2/TpmProfile.h b/src/tpm2/TpmProfile.h
index 49aaad1..5dd3be2 100644
--- a/src/tpm2/TpmProfile.h
+++ b/src/tpm2/TpmProfile.h
@@ -65,6 +65,7 @@
// A.2 TpmProfile.h
#ifndef _TPM_PROFILE_H_
#define _TPM_PROFILE_H_
+#include "config.h" /* libtpms added */
// Table 2:4 - Defines for Logic Values
#undef TRUE
#define TRUE 1
diff --git a/src/tpm2/Unmarshal_fp.h b/src/tpm2/Unmarshal_fp.h
index e541347..9ffdf5e 100644
--- a/src/tpm2/Unmarshal_fp.h
+++ b/src/tpm2/Unmarshal_fp.h
@@ -295,6 +295,10 @@ extern "C" {
#endif /* libtpms added */
LIB_EXPORT TPM_RC
TPMI_AES_KEY_BITS_Unmarshal(TPMI_AES_KEY_BITS *target, BYTE **buffer, INT32 *size);
+#if ALG_SM4 /* libtpms added */
+ LIB_EXPORT TPM_RC
+ TPMI_SM4_KEY_BITS_Unmarshal(TPMI_SM4_KEY_BITS *target, BYTE **buffer, INT32 *size);
+#endif
LIB_EXPORT TPM_RC
TPMI_CAMELLIA_KEY_BITS_Unmarshal(TPMI_CAMELLIA_KEY_BITS *target, BYTE **buffer, INT32 *size);
LIB_EXPORT TPM_RC /* libtpms added */
diff --git a/src/tpm2/Volatile.c b/src/tpm2/Volatile.c
index ff15c7f..6ff6330 100644
--- a/src/tpm2/Volatile.c
+++ b/src/tpm2/Volatile.c
@@ -45,8 +45,6 @@
#endif
#include <string.h>
-#include "config.h"
-
#include "assert.h"
#include "NVMarshal.h"
#include "Volatile.h"
diff --git a/src/tpm2/crypto/CryptSym.h b/src/tpm2/crypto/CryptSym.h
index 66cfb97..6e7e5d3 100644
--- a/src/tpm2/crypto/CryptSym.h
+++ b/src/tpm2/crypto/CryptSym.h
@@ -124,6 +124,8 @@ typedef union tpmCryptKeySchedule_t {
# define DECRYPT(keySchedule, in, out) \
decrypt(SWIZZLE(keySchedule, in, out))
+#define FINAL(keySchedule) final((void *)(keySchedule)) // libtpms added
+
/* Note that the macros rely on encrypt as local values in the functions that use these
macros. Those parameters are set by the macro that set the key schedule to be used for the
call. */
@@ -132,11 +134,13 @@ typedef union tpmCryptKeySchedule_t {
case TPM_ALG_##ALG: \
TpmCryptSetEncryptKey##ALG(key, keySizeInBits, &keySchedule.alg); \
encrypt = (TpmCryptSetSymKeyCall_t)TpmCryptEncrypt##ALG; \
+ final = (TpmCryptSymFinal_t)TpmCryptFinal##ALG; /* libtpms added */ \
break;
#define DECRYPT_CASE(ALG, alg) \
case TPM_ALG_##ALG: \
TpmCryptSetDecryptKey##ALG(key, keySizeInBits, &keySchedule.alg); \
decrypt = (TpmCryptSetSymKeyCall_t)TpmCryptDecrypt##ALG; \
+ final = (TpmCryptSymFinal_t)TpmCryptFinal##ALG; /* libtpms added */ \
break;
#endif
diff --git a/src/tpm2/crypto/openssl/CryptCmac.c b/src/tpm2/crypto/openssl/CryptCmac.c
index 0461e78..2cc98d2 100644
--- a/src/tpm2/crypto/openssl/CryptCmac.c
+++ b/src/tpm2/crypto/openssl/CryptCmac.c
@@ -120,6 +120,7 @@ CryptCmacData(
UINT16 keySizeInBits = cmacState->keySizeBits;
tpmCryptKeySchedule_t keySchedule;
TpmCryptSetSymKeyCall_t encrypt;
+ TpmCryptSymFinal_t final; /* libtpms added */
//
memset(&keySchedule, 0, sizeof(keySchedule)); /* libtpms added: coverity */
// Set up the encryption values based on the algorithm
@@ -142,6 +143,10 @@ CryptCmacData(
cmacState->iv.t.buffer[cmacState->bcount] ^= *buffer++;
}
}
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
}
/* 10.2.6.3.3 CryptCmacEnd() */
@@ -162,6 +167,7 @@ CryptCmacEnd(
UINT16 keySizeInBits = cState->keySizeBits;
tpmCryptKeySchedule_t keySchedule;
TpmCryptSetSymKeyCall_t encrypt;
+ TpmCryptSymFinal_t final; /* libtpms added */
TPM2B_IV subkey = {{0, {0}}};
BOOL xorVal;
UINT16 i;
@@ -203,7 +209,10 @@ CryptCmacEnd(
ENCRYPT(&keySchedule, cState->iv.t.buffer, cState->iv.t.buffer);
i = (UINT16)MIN(cState->iv.t.size, outSize);
MemoryCopy(outBuffer, cState->iv.t.buffer, i);
-
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
return i;
}
diff --git a/src/tpm2/crypto/openssl/CryptSym.c b/src/tpm2/crypto/openssl/CryptSym.c
index c8a0497..3be1d3c 100644
--- a/src/tpm2/crypto/openssl/CryptSym.c
+++ b/src/tpm2/crypto/openssl/CryptSym.c
@@ -175,6 +175,7 @@ CryptSymmetricEncrypt(
tpmCryptKeySchedule_t keySchedule;
INT16 blockSize;
TpmCryptSetSymKeyCall_t encrypt;
+ TpmCryptSymFinal_t final; /* libtpms added */
BYTE *iv;
BYTE defaultIv[MAX_SYM_BLOCK_SIZE] = {0};
//
@@ -294,8 +295,16 @@ CryptSymmetricEncrypt(
break;
#endif
default:
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
return TPM_RC_FAILURE;
}
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
return TPM_RC_SUCCESS;
}
/* 10.2.20.5.1 CryptSymmetricDecrypt() */
@@ -326,6 +335,7 @@ CryptSymmetricDecrypt(
BYTE *iv;
TpmCryptSetSymKeyCall_t encrypt;
TpmCryptSetSymKeyCall_t decrypt;
+ TpmCryptSymFinal_t final; /* libtpms added */
BYTE defaultIv[MAX_SYM_BLOCK_SIZE] = {0};
memset(&keySchedule, 0, sizeof(keySchedule)); // libtpms added; coverity
@@ -466,8 +476,16 @@ CryptSymmetricDecrypt(
break;
#endif
default:
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
return TPM_RC_FAILURE;
}
+ /* libtpms added begin */
+ if (final)
+ FINAL(&keySchedule);
+ /* libtpms added end */
return TPM_RC_SUCCESS;
}
diff --git a/src/tpm2/crypto/openssl/Helpers.c b/src/tpm2/crypto/openssl/Helpers.c
index 896e37d..1711496 100644
--- a/src/tpm2/crypto/openssl/Helpers.c
+++ b/src/tpm2/crypto/openssl/Helpers.c
@@ -63,8 +63,6 @@
#include "Helpers_fp.h"
#include "TpmToOsslMath_fp.h"
-#include "config.h"
-
#include <openssl/evp.h>
#include <openssl/rsa.h>
@@ -358,11 +356,16 @@ static const struct hnames {
.name = "sha512",
.hashAlg = ALG_SHA512_VALUE,
}, {
+#endif
+#if ALG_SM3_256
+ .name = "sm3",
+ .hashAlg = ALG_SM3_256_VALUE,
+ }, {
#endif
.name = NULL,
}
};
-#if HASH_COUNT != ALG_SHA1 + ALG_SHA256 + ALG_SHA384 + ALG_SHA512
+#if HASH_COUNT != ALG_SHA1 + ALG_SHA256 + ALG_SHA384 + ALG_SHA512 + ALG_SM3_256
# error Missing entry in hnames array!
#endif
@@ -620,3 +623,95 @@ OpenSSLCryptRsaGenerateKey(
}
#endif // USE_OPENSSL_FUNCTIONS_RSA
+
+
+#if ALG_SM4
+static int SetSM4Key(const uint8_t *key, SM4_KEY *ks, int direction)
+{
+ int rc = 0;
+ UINT8 iv[MAX_SM4_BLOCK_SIZE_BYTES] = { 0 };
+ const EVP_CIPHER *sm4Cipher = EVP_sm4_ecb();
+
+ *ks = EVP_CIPHER_CTX_new();
+ if (*ks == NULL) {
+ return SM4_FAIL;
+ }
+ if (direction == SM4_ENCRYPT) {
+ rc = EVP_EncryptInit_ex(*ks, sm4Cipher, NULL, key, iv);
+ } else {
+ rc = EVP_DecryptInit_ex(*ks, sm4Cipher, NULL, key, iv);
+ }
+ if (rc != SM4_SUCCESS) {
+ return SM4_FAIL;
+ }
+ return SM4_SUCCESS;
+}
+
+int SM4_set_encrypt_key(const uint8_t *key, SM4_KEY *ks)
+{
+ return SetSM4Key(key, ks, SM4_ENCRYPT);
+}
+
+int SM4_set_decrypt_key(const uint8_t *key, SM4_KEY *ks)
+{
+ return SetSM4Key(key, ks, SM4_DECRYPT);
+}
+
+static void SM4EncryptDecrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks, int direction)
+{
+ int outLen = SM4_BLOCK_SIZES;
+ int rc = 0;
+
+ if (direction == SM4_ENCRYPT) {
+ rc = EVP_EncryptUpdate(*ks, out, &outLen, in, SM4_BLOCK_SIZES);
+ } else {
+ rc = EVP_DecryptUpdate(*ks, out, &outLen, in, SM4_BLOCK_SIZES);
+ }
+ pAssert(rc != SM4_SUCCESS || outLen != SM4_BLOCK_SIZES);
+}
+
+void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks)
+{
+ SM4EncryptDecrypt(in, out, ks, SM4_ENCRYPT);
+}
+
+void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks)
+{
+ SM4EncryptDecrypt(in, out, ks, SM4_DECRYPT);
+}
+
+void SM4_final(const SM4_KEY *ks)
+{
+ if (*ks != NULL) {
+ EVP_CIPHER_CTX_cleanup(*ks);
+ }
+}
+#endif
+#if ALG_SM3_256
+int sm3_init(SM3_TPM_CTX *c)
+{
+ *c = EVP_MD_CTX_new();
+ if (*c == NULL) {
+ return SM3_FAIL;
+ }
+ return EVP_DigestInit_ex(*c, EVP_sm3(), NULL);
+}
+
+int sm3_update(SM3_TPM_CTX *c, const void *data, size_t len)
+{
+ return EVP_DigestUpdate(*c, data, len);
+}
+
+int sm3_final(unsigned char *md, SM3_TPM_CTX *c)
+{
+ uint32_t len = SM3_256_DIGEST_SIZE;
+ int ret = EVP_DigestFinal_ex(*c, md, &len);
+
+ if (ret != SM3_SUCCESS || len != SM3_256_DIGEST_SIZE) {
+ ret = SM3_FAIL;
+ }
+ EVP_MD_CTX_destroy(*c);
+ *c = NULL;
+ return SM3_SUCCESS;
+}
+#endif
diff --git a/src/tpm2/crypto/openssl/TpmToOsslHash.h b/src/tpm2/crypto/openssl/TpmToOsslHash.h
index 9fa6479..ac10326 100644
--- a/src/tpm2/crypto/openssl/TpmToOsslHash.h
+++ b/src/tpm2/crypto/openssl/TpmToOsslHash.h
@@ -75,14 +75,12 @@
# endif // libtpms added end
# undef ALG_SM3_256
# define ALG_SM3_256 ALG_NO
-# elif OPENSSL_VERSION_NUMBER >= 0x10200000L
-# include <openssl/sm3.h>
# else
-// OpenSSL 1.1.1 keeps smX.h headers in the include/crypto directory,
-// and they do not get installed as part of the libssl package
-# define SM3_LBLOCK (64/4)
+# include <openssl/evp.h>
-# error Check support for this version of SM3 in OpenSSL (libtpms)
+# define SM3_LBLOCK (64/4)
+# define SM3_SUCCESS 1
+# define SM3_FAIL 0
typedef struct SM3state_st {
unsigned int A, B, C, D, E, F, G, H;
unsigned int Nl, Nh;
@@ -90,10 +88,12 @@ typedef struct SM3state_st {
unsigned int num;
} SM3_CTX;
-int sm3_init(SM3_CTX *c);
-int sm3_update(SM3_CTX *c, const void *data, size_t len);
-int sm3_final(unsigned char *md, SM3_CTX *c);
-# endif // OpenSSL < 1.2
+typedef EVP_MD_CTX* SM3_TPM_CTX;
+
+int sm3_init(SM3_TPM_CTX *c);
+int sm3_update(SM3_TPM_CTX *c, const void *data, size_t len);
+int sm3_final(unsigned char *md, SM3_TPM_CTX *c);
+#endif
#endif // ALG_SM3_256
#include <openssl/ossl_typ.h>
@@ -108,10 +108,7 @@ int sm3_final(unsigned char *md, SM3_CTX *c);
#define tpmHashStateSHA256_t SHA256_CTX
#define tpmHashStateSHA384_t SHA512_CTX
#define tpmHashStateSHA512_t SHA512_CTX
-#define tpmHashStateSM3_256_t SM3_CTX
-#if ALG_SM3_256
-# error "The version of OpenSSL used by this code does not support SM3"
-#endif
+#define tpmHashStateSM3_256_t SM3_TPM_CTX
/* The defines below are only needed when compiling CryptHash.c or CryptSmac.c. This isolation
is primarily to avoid name space collision. However, if there is a real collision, it will
likely show up when the linker tries to put things together. */
diff --git a/src/tpm2/crypto/openssl/TpmToOsslSym.h b/src/tpm2/crypto/openssl/TpmToOsslSym.h
index 521204f..8c6fea2 100644
--- a/src/tpm2/crypto/openssl/TpmToOsslSym.h
+++ b/src/tpm2/crypto/openssl/TpmToOsslSym.h
@@ -78,22 +78,20 @@
# if defined(OPENSSL_NO_SM4) || OPENSSL_VERSION_NUMBER < 0x10101010L
# undef ALG_SM4
# define ALG_SM4 ALG_NO
-# elif OPENSSL_VERSION_NUMBER >= 0x10200000L
-# include <openssl/sm4.h>
# else
-// OpenSSL 1.1.1 keeps smX.h headers in the include/crypto directory,
-// and they do not get installed as part of the libssl package
-
-# define SM4_KEY_SCHEDULE 32
-
-typedef struct SM4_KEY_st {
- uint32_t rk[SM4_KEY_SCHEDULE];
-} SM4_KEY;
-
-int SM4_set_key(const uint8_t *key, SM4_KEY *ks);
+# include <openssl/evp.h>
+ typedef EVP_CIPHER_CTX* SM4_KEY;
+# define SM4_ENCRYPT 1
+# define SM4_DECRYPT 0
+# define SM4_SUCCESS 1
+# define SM4_FAIL 0
+
+int SM4_set_encrypt_key(const uint8_t *key, SM4_KEY *ks);
+int SM4_set_decrypt_key(const uint8_t *key, SM4_KEY *ks);
void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
-# endif // OpenSSL < 1.2
+void SM4_final(const SM4_KEY *ks);
+# endif
#endif // ALG_SM4
#if ALG_CAMELLIA
@@ -120,6 +118,7 @@ typedef void(*TpmCryptSetSymKeyCall_t)(
void *keySchedule
);
+typedef void(*TpmCryptSymFinal_t)(void *keySchedule); /* libtpms added */
#define SYM_ALIGNMENT 4 /* libtpms: keep old value */
/* B.2.2.3.3. Links to the OpenSSL AES code */
@@ -138,6 +137,7 @@ typedef void(*TpmCryptSetSymKeyCall_t)(
#define TpmCryptEncryptAES AES_encrypt
#define TpmCryptDecryptAES AES_decrypt
#define tpmKeyScheduleAES AES_KEY
+#define TpmCryptFinalAES NULL /* libtpms added */
/* B.2.2.3.4. Links to the OpenSSL DES code */
@@ -156,6 +156,7 @@ typedef void(*TpmCryptSetSymKeyCall_t)(
#define TpmCryptEncryptTDES TDES_encrypt
#define TpmCryptDecryptTDES TDES_decrypt
#define tpmKeyScheduleTDES DES_key_schedule
+#define TpmCryptFinalTDES NULL /* libtpms added */
#if ALG_TDES // libtpms added begin
#include "TpmToOsslDesSupport_fp.h"
@@ -165,14 +166,15 @@ typedef void(*TpmCryptSetSymKeyCall_t)(
/* Macros to set up the encryption/decryption key schedules */
#define TpmCryptSetEncryptKeySM4(key, keySizeInBits, schedule) \
- SM4_set_key((key), (tpmKeyScheduleSM4 *)(schedule))
+ SM4_set_encrypt_key((key), (tpmKeyScheduleSM4 *)(schedule)) /* libtpms changed */
#define TpmCryptSetDecryptKeySM4(key, keySizeInBits, schedule) \
- SM4_set_key((key), (tpmKeyScheduleSM4 *)(schedule))
+ SM4_set_decrypt_key((key), (tpmKeyScheduleSM4 *)(schedule)) /* libtpms changed */
/* Macros to alias encryption calls to specific algorithms. This should be used sparingly. */
#define TpmCryptEncryptSM4 SM4_encrypt
#define TpmCryptDecryptSM4 SM4_decrypt
#define tpmKeyScheduleSM4 SM4_KEY
+#define TpmCryptFinalSM4 SM4_final /* libtpms added */
/* B.2.2.3.6. Links to the OpenSSL CAMELLIA code */
/* Macros to set up the encryption/decryption key schedules */
@@ -187,6 +189,7 @@ typedef void(*TpmCryptSetSymKeyCall_t)(
#define TpmCryptEncryptCAMELLIA Camellia_encrypt
#define TpmCryptDecryptCAMELLIA Camellia_decrypt
#define tpmKeyScheduleCAMELLIA CAMELLIA_KEY
+#define TpmCryptFinalCAMELLIA NULL /* libtpms added */
/* Forward reference */
diff --git a/src/tpm_tpm2_interface.c b/src/tpm_tpm2_interface.c
index 8d8117e..757ff00 100644
--- a/src/tpm_tpm2_interface.c
+++ b/src/tpm_tpm2_interface.c
@@ -370,6 +370,9 @@ static char *TPM2_GetInfo(enum TPMLIB_InfoFlags flags)
"\"TPMFeatures\":{"
"\"RSAKeySizes\":[%s],"
"\"CamelliaKeySizes\":[%s]"
+#if ALG_SM4
+ ", \"SM4KeySizes\":[128]"
+#endif
"}";
char *fmt = NULL, *buffer;
bool printed = false;
--
2.39.3 (Apple Git-145)

6
libtpms.spec
View File

@ -2,7 +2,7 @@
%define name libtpms
%define version 0.9.5
%define release 3
%define release 4
# Valid crypto subsystems are 'freebl' and 'openssl'
%if "%{?crypto_subsystem}" == ""
@ -23,6 +23,7 @@ Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
Provides: libtpms-%{crypto_subsystem} = %{version}-%{release}
Patch0: 0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch
Patch1: 0002-tpm2-add-SM3-and-SM4-support.patch
%if "%{crypto_subsystem}" == "openssl"
BuildRequires: openssl-devel
@ -119,6 +120,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
%postun -p /sbin/ldconfig
%changelog
* Sat Nov 04 2023 fly2x <fly2x@hitls.org> - 0.9.5-4
- Add SM3 and SM4 support
* Tue Oct 10 2023 zhoujing <zhoujing106@huawei.com> - 0.9.5-3
- Add -Wno-self-assign for building with clang