add gm algorithm support.

Signed-off-by: chench246 <[email protected]>

Author: chench246

include/tpm2-tss-engine.h

@@ -87,6 +87,8 @@ int
 tpm2tss_ecc_genkey(EC_KEY *key, TPMI_ECC_CURVE curve, const char *password,
                    TPM2_HANDLE parentHandle);
 
+int add_sm2_asn1_meths(void);
+
 TPM2_DATA *
 #if OPENSSL_VERSION_NUMBER < 0x10100000
 tpm2tss_ecc_getappdata(EC_KEY *key);

src/tpm2-tss-engine-common.c

@@ -214,6 +214,11 @@ tpm2tss_tpm2data_readtpm(uint32_t handle, TPM2_DATA **tpm2Datap)
     ESYS_TR keyHandle = ESYS_TR_NONE;
     ESYS_CONTEXT *esys_ctx = NULL;
     TPM2B_PUBLIC *outPublic;
+    TPMT_SYM_DEF sym = {.algorithm = TPM2_ALG_AES,
+                        .keyBits = {.aes = 128},
+                        .mode = {.aes = TPM2_ALG_CFB}
+    };
+    TPM2_ALG_ID hash_alg = TPM2_ALG_SHA256;
 
     tpm2Data = OPENSSL_malloc(sizeof(*tpm2Data));
     if (tpm2Data == NULL) {
@@ -247,15 +252,19 @@ tpm2tss_tpm2data_readtpm(uint32_t handle, TPM2_DATA **tpm2Datap)
         goto error;
     }
 
+    if (outPublic->publicArea.parameters.eccDetail.curveID == TPM2_ECC_SM2_P256) {
+        sym.algorithm = TPM2_ALG_SM4;
+        sym.keyBits.sm4 = 128;
+        sym.mode.sm4 = TPM2_ALG_CFB;
+
+        hash_alg = TPM2_ALG_SM3_256;
+    }
+
     /* If the persistent key has the NODA flag set, we check whether it does
        have an empty authValue. If NODA is not set, then we don't check because
        that would increment the DA lockout counter */
     if ((outPublic->publicArea.objectAttributes & TPMA_OBJECT_NODA) != 0) {
         ESYS_TR session;
-        TPMT_SYM_DEF sym = {.algorithm = TPM2_ALG_AES,
-                            .keyBits = {.aes = 128},
-                            .mode = {.aes = TPM2_ALG_CFB}
-        };
 
         /* Esys_StartAuthSession() and session handling use OpenSSL for random
            bytes and thus might end up inside this engine again. This becomes
@@ -271,7 +280,7 @@ tpm2tss_tpm2data_readtpm(uint32_t handle, TPM2_DATA **tpm2Datap)
            very cheap command. */
         r = Esys_StartAuthSession(esys_ctx, ESYS_TR_NONE, keyHandle,
                                   ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
-                                  NULL, TPM2_SE_HMAC, &sym, TPM2_ALG_SHA256,
+                                  NULL, TPM2_SE_HMAC, &sym, hash_alg,
                                   &session);
         /* Though this response code is sub-optimal, it's the only way to
            detect the bug in ESYS. */

src/tpm2-tss-engine-common.h

@@ -37,11 +37,23 @@
     && !defined(__STDC_NO_ATOMICS__)
 # include <stdatomic.h>
 # define TPM2_TSS_ENGINE_HAVE_C11_ATOMICS
+#endif
+
+#if defined(TPM2_TSS_ENGINE_HAVE_C11_ATOMICS)
 typedef _Atomic int T2TE_ATOMIC_INT;
 #else
 typedef int T2TE_ATOMIC_INT;
 #endif
 
+#if defined(TPM2_TSS_ENGINE_HAVE_C11_ATOMICS) && defined(ATOMIC_INT_LOCK_FREE) \
+    && (ATOMIC_INT_LOCK_FREE > 0)
+typedef _Atomic int CRYPTO_REF_COUNT;
+#elif defined(_MSC_VER) && _MSC_VER >= 1200
+typedef volatile int CRYPTO_REF_COUNT;
+#else
+typedef int CRYPTO_REF_COUNT;
+#endif
+
 #include <tpm2-tss-engine.h>
 #include <tss2/tss2_mu.h>
 #include <tss2/tss2_esys.h>
@@ -183,6 +195,44 @@ typedef struct {
     size_t sig_size;
 } TPM2_SIG_DATA;
 
+#define SM2_DEFAULT_USERID "1234567812345678"
+#define SM2_DEFAULT_USERID_LEN (sizeof(SM2_DEFAULT_USERID) - 1)
+
+#define MAX_KEYLEN 57
+
+typedef struct {
+    unsigned char pubkey[MAX_KEYLEN];
+    unsigned char *privkey;
+} ECX_KEY;
+
+struct evp_pkey_st {
+    int type;
+    int save_type;
+    CRYPTO_REF_COUNT references;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *engine;
+    ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
+    union {
+        void *ptr;
+# ifndef OPENSSL_NO_RSA
+        struct rsa_st *rsa;     /* RSA */
+# endif
+# ifndef OPENSSL_NO_DSA
+        struct dsa_st *dsa;     /* DSA */
+# endif
+# ifndef OPENSSL_NO_DH
+        struct dh_st *dh;       /* DH */
+# endif
+# ifndef OPENSSL_NO_EC
+        EC_KEY *ec;             /* ECC */
+        ECX_KEY *ecx;           /* X25519, X448, Ed25519, Ed448 */
+# endif
+    } pkey;
+    int save_parameters;
+    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+    CRYPTO_RWLOCK *lock;
+} /* EVP_PKEY */ ;
+
 int
 digest_update(EVP_MD_CTX *ctx, const void *data, size_t count);
 int

src/tpm2-tss-engine-digest-sign.c

@@ -79,6 +79,9 @@ digest_init(EVP_MD_CTX *ctx, TPM2_SIG_DATA *data)
     case NID_sha512:
         data->hash_alg = TPM2_ALG_SHA512;
         break;
+    case NID_sm3:
+        data->hash_alg = TPM2_ALG_SM3_256;
+        break;
     default:
         ERR(digest_init, TPM2TSS_R_UNKNOWN_ALG);
         return 0;

src/tpm2-tss-engine-ecc.c

@@ -34,6 +34,9 @@
 #include <openssl/engine.h>
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
 
 #include <tss2/tss2_mu.h>
 #include <tss2/tss2_esys.h>
@@ -54,6 +57,13 @@ EC_KEY_METHOD *ecc_methods = NULL;
 #ifdef HAVE_OPENSSL_DIGEST_SIGN
 static int (*ecdsa_pkey_orig_copy)(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
 static void (*ecdsa_pkey_orig_cleanup)(EVP_PKEY_CTX *ctx);
+static int (*sm2_digest_custom_default) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) = NULL;
+static int (*pkey_sm2_sign_default) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                         const unsigned char *tbs, size_t tbslen) = NULL;
+static int (*sm2_sign_init_default)(EVP_PKEY_CTX*) = NULL;
+static int (*sm2_ctrl_default)(EVP_PKEY_CTX*, int, int, void*) = NULL;
+static int (*sm2_ctrl_str_default)(EVP_PKEY_CTX*, const char*, const char*) = NULL;
+
 #endif /* HAVE_OPENSSL_DIGEST_SIGN */
 
 static TPM2B_DATA allOutsideInfo = {
@@ -238,7 +248,7 @@ ecdsa_sign(ESYS_CONTEXT *esys_ctx, ESYS_TR key_handle,
 	   TPM2_ALG_ID hash_alg)
 {
     TPMT_SIG_SCHEME inScheme = {
-      .scheme = TPM2_ALG_ECDSA,
+      .scheme = (hash_alg == TPM2_ALG_SM3_256) ? TPM2_ALG_SM2 : TPM2_ALG_ECDSA,
       .details.ecdsa.hashAlg = hash_alg,
     };
     BIGNUM *bns = NULL, *bnr = NULL;
@@ -360,8 +370,11 @@ ecdsa_ec_key_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
 	    dgst_len = SHA_DIGEST_LENGTH;
     } else if (dgst_len == SHA256_DIGEST_LENGTH ||
 	(curve_len <= SHA256_DIGEST_LENGTH && dgst_len > SHA256_DIGEST_LENGTH)) {
-	    hash_alg = TPM2_ALG_SHA256;
-	    dgst_len = SHA256_DIGEST_LENGTH;
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(eckey)) == NID_sm2)
+            hash_alg = TPM2_ALG_SM3_256;
+        else
+            hash_alg = TPM2_ALG_SHA256;
+        dgst_len = SHA256_DIGEST_LENGTH;
     } else if (dgst_len == SHA384_DIGEST_LENGTH ||
 	(curve_len <= SHA384_DIGEST_LENGTH && dgst_len > SHA384_DIGEST_LENGTH)) {
 	    hash_alg = TPM2_ALG_SHA384;
@@ -516,6 +529,9 @@ populate_ecc(EC_KEY *key)
     case TPM2_ECC_NIST_P384:
         nid = EC_curve_nist2nid("P-384");
         break;
+    case TPM2_ECC_SM2_P256:
+        nid = NID_sm2;
+        break;
     default:
         nid = -1;
     }
@@ -560,6 +576,55 @@ populate_ecc(EC_KEY *key)
     return 1;
 }
 
+/* add sm2 asn1 method copy from ecc asn1 */
+int add_sm2_asn1_meths(void)
+{
+    const EVP_PKEY_ASN1_METHOD *ec_ameth = NULL;
+    EVP_PKEY_ASN1_METHOD *sm2_ameth = NULL;
+
+    ec_ameth = EVP_PKEY_asn1_find(NULL, EVP_PKEY_EC);
+    if (!ec_ameth) {
+        DBG("find ec_asn1_method failed.\n");
+        return 0;
+    }
+
+    sm2_ameth = EVP_PKEY_asn1_new(EVP_PKEY_SM2, 0, "ec-wrap", "EC with SM2 alias");
+    if (!sm2_ameth) {
+        DBG("set new sm2_asn1_method failed.\n");
+        return 0;
+    }
+
+    EVP_PKEY_asn1_copy(sm2_ameth, ec_ameth);
+
+    if (!EVP_PKEY_asn1_add0(sm2_ameth)) {
+
+        EVP_PKEY_asn1_free(sm2_ameth);
+        return 0;
+    }
+
+    /* DBG("Created sm2_asn1_meths success.\n"); */
+
+    return 1;
+}
+
+void add_sm2_sm3_sig_alg_mapping(void)
+{
+    int nid_sm3    = OBJ_txt2nid("SM3");                  /* 1143 */
+    int nid_sm2    = EVP_PKEY_SM2;                        /* 1172 */
+    int nid_sm2sig = OBJ_txt2nid("sm2sign-with-sm3");
+
+    /* If it is NID_undef, then register the OID. */
+    if (nid_sm2sig == NID_undef) {
+        /* offical OID：1.2.156.10197.1.501 */
+        nid_sm2sig = OBJ_create("1.2.156.10197.1.501",
+                                "SM2Sign-with-SM3",
+                                "sm2sign-with-sm3");
+    }
+    if (nid_sm3 != NID_undef && nid_sm2 != NID_undef && nid_sm2sig != NID_undef) {
+        OBJ_add_sigid(nid_sm2sig, nid_sm3, nid_sm2);
+    }
+}
+
 /** Helper to load an ECC key from a tpm2Data
  *
  * This function creates a key object given a TPM2_DATA object. The resulting
@@ -600,10 +665,18 @@ tpm2tss_ecc_makekey(TPM2_DATA *tpm2Data)
         goto error;
     }
 
-    if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) {
-        ERR(tpm2tss_ecc_makekey, TPM2TSS_R_GENERAL_FAILURE);
-        EC_KEY_free(eckey);
-        goto error;
+    if (tpm2Data->pub.publicArea.parameters.eccDetail.curveID == TPM2_ECC_SM2_P256) {
+        if (!EVP_PKEY_assign(pkey, EVP_PKEY_SM2, (char *)(eckey))) {
+            ERR(tpm2tss_ecc_makekey, TPM2TSS_R_GENERAL_FAILURE);
+            EC_KEY_free(eckey);
+            goto error;
+        }
+    } else {
+        if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) {
+            ERR(tpm2tss_ecc_makekey, TPM2TSS_R_GENERAL_FAILURE);
+            EC_KEY_free(eckey);
+            goto error;
+        }
     }
 
     if (!tpm2tss_ecc_setappdata(eckey, tpm2Data)) {
@@ -796,6 +869,95 @@ tpm2tss_ecc_genkey(EC_KEY *key, TPMI_ECC_CURVE curve, const char *password,
     return (r == TSS2_RC_SUCCESS);
 }
 
+/** Customize the pkey_sm2_sign interface
+ *
+ * Customize the pkey_sm2_sign interface. When there is a tpm key extension value, call the ecdsa_ec_key_sign interface to sign.
+ * @retval 1 on success
+ * @retval 0 on failure
+ */
+static int pkey_sm2_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                         const unsigned char *tbs, size_t tbslen)
+{
+    EC_KEY *ec = (EVP_PKEY_CTX_get0_pkey(ctx))->pkey.ec;
+    if (!ec)
+        return 0;
+
+    if (tpm2tss_ecc_getappdata(ec) == NULL) {
+        /* If this is not a TPM2 key, return directly. */
+        return 0;
+    }
+    else {
+        /* call tpm sig function */
+        const int sig_sz = ECDSA_size(ec);
+        if (sig_sz <= 0) {
+            return 0;
+        }
+        if (sig == NULL) {
+            *siglen = (size_t)sig_sz;
+            return 1;
+        }
+        if (*siglen < (size_t)sig_sz)
+            return 0;
+        ECDSA_SIG *sig_res = ecdsa_ec_key_sign(tbs, tbslen, NULL, NULL, ec);
+        int siglen_temp = i2d_ECDSA_SIG(sig_res, &sig);
+        ECDSA_SIG_free(sig_res);
+        if (siglen_temp < 0)
+            return 0;
+        *siglen = siglen_temp;
+    }
+
+    return 1;
+}
+
+static int sm2_ctrl_wrap(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    switch (type) {
+    case EVP_PKEY_CTRL_DIGESTINIT:
+        /* Ignore explicit digest selection.*/
+        return 1;
+    default:
+        return sm2_ctrl_default ? sm2_ctrl_default(ctx, type, p1, p2) : 1;
+    }
+}
+
+static int sm2_ctrl_str_wrap(EVP_PKEY_CTX *ctx, const char *type, const char *value)
+{
+    if (type) {
+        if (!strcmp(type, "digest") || !strcmp(type, "md")) {
+            /* Swallow "digest=sm3" coming from -sm3 to avoid unsupported ctrl; always return success. */
+            return 1;
+        }
+        if (!strcmp(type, "distid") || !strcmp(type, "sm2_id")) {
+            /* Let default ctrl_str handle ID parsing/storage. */
+            return sm2_ctrl_default ? sm2_ctrl_default(ctx, EVP_PKEY_CTRL_SET1_ID, (int)strlen(value), (void*)value) : 1;
+        }
+    }
+    return sm2_ctrl_str_default ? sm2_ctrl_str_default(ctx, type, value) : 1;
+}
+
+static int pkey_sm2_digest_custom_wrap(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
+    int ret;
+    int id_len = 0;
+    unsigned char id[] = SM2_DEFAULT_USERID;
+
+    ret = sm2_ctrl_default ? sm2_ctrl_default(ctx, EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(&id_len)) : 0;
+    if (ret != 1) {
+        DBG("Get id len failed.\n");
+        return 0;
+    }
+
+    if (id_len == 0) {
+        ret = sm2_ctrl_default ? sm2_ctrl_default(ctx, EVP_PKEY_CTRL_SET1_ID, (int)SM2_DEFAULT_USERID_LEN, (void *)id) : 0;
+        if (ret != 1) {
+            DBG("Set default id failed.\n");
+            return 0;
+        }
+    }
+
+    return sm2_digest_custom_default ? sm2_digest_custom_default(ctx, mctx) : 1;
+}
+
 /** Initialize the tpm2tss engine's ecc submodule
  *
  * Initialize the tpm2tss engine's submodule by setting function pointer.
@@ -869,6 +1031,28 @@ init_ecc(ENGINE *e)
     EVP_PKEY_meth_set_signctx(pkey_ecc_methods, NULL, ecdsa_signctx);
     EVP_PKEY_meth_set_digest_custom(pkey_ecc_methods, ecdsa_digest_custom);
     EVP_PKEY_meth_add0(pkey_ecc_methods);
+
+    /* add engine for sm2*/
+    const EVP_PKEY_METHOD *pkey_orig_sm2_methods = EVP_PKEY_meth_find(EVP_PKEY_SM2);
+    if (pkey_orig_sm2_methods == NULL) {
+        return 0;
+    }
+    EVP_PKEY_METHOD *pkey_sm2_methods = EVP_PKEY_meth_new(EVP_PKEY_SM2, 0);
+    if (pkey_sm2_methods == NULL)
+        return 0;
+    EVP_PKEY_meth_copy(pkey_sm2_methods, pkey_orig_sm2_methods);
+
+    EVP_PKEY_meth_get_digest_custom((EVP_PKEY_METHOD *)(uintptr_t)(pkey_orig_sm2_methods), &sm2_digest_custom_default);
+    EVP_PKEY_meth_get_sign(pkey_orig_sm2_methods, &sm2_sign_init_default, &pkey_sm2_sign_default);
+    EVP_PKEY_meth_get_ctrl(pkey_orig_sm2_methods, &sm2_ctrl_default, &sm2_ctrl_str_default);
+
+    EVP_PKEY_meth_set_digest_custom(pkey_sm2_methods, pkey_sm2_digest_custom_wrap);
+    EVP_PKEY_meth_set_sign(pkey_sm2_methods, sm2_sign_init_default, pkey_sm2_sign);
+    EVP_PKEY_meth_set_ctrl(pkey_sm2_methods, sm2_ctrl_wrap, sm2_ctrl_str_wrap);
+    EVP_PKEY_meth_add0(pkey_sm2_methods);
+
+    add_sm2_sm3_sig_alg_mapping();
+
 #endif /* HAVE_OPENSSL_DIGEST_SIGN */
 
     return 1;