diff --git a/go.mod b/go.mod index 4e0e76e..e341693 100644 --- a/go.mod +++ b/go.mod @@ -4,5 +4,5 @@ go 1.16 require ( golang.org/x/crypto v0.3.0 - golang.org/x/sys v0.2.0 + golang.org/x/sys v0.3.0 ) diff --git a/go.sum b/go.sum index 2f77b42..8555388 100644 --- a/go.sum +++ b/go.sum @@ -2,6 +2,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A= +golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A= +golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -15,8 +17,10 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= +golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= @@ -28,7 +32,3 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A= -golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/sm2/sm2.go b/sm2/sm2.go index a7a7286..98ef4d5 100644 --- a/sm2/sm2.go +++ b/sm2/sm2.go @@ -194,6 +194,10 @@ func (priv *PrivateKey) Decrypt(rand io.Reader, msg []byte, opts crypto.Decrypte const maxRetryLimit = 100 +var ( + errCiphertextTooShort = errors.New("sm2: ciphertext too short") +) + // EncryptASN1 sm2 encrypt and output ASN.1 result, compliance with GB/T 32918.4-2016. func EncryptASN1(random io.Reader, pub *ecdsa.PublicKey, msg []byte) ([]byte, error) { return Encrypt(random, pub, msg, ASN1EncrypterOpts) @@ -203,7 +207,7 @@ func EncryptASN1(random io.Reader, pub *ecdsa.PublicKey, msg []byte) ([]byte, er func Encrypt(random io.Reader, pub *ecdsa.PublicKey, msg []byte, opts *EncrypterOpts) ([]byte, error) { //A3, requirement is to check if h*P is infinite point, h is 1 if pub.X.Sign() == 0 && pub.Y.Sign() == 0 { - return nil, errors.New("sm2: invalid public key") + return nil, errors.New("sm2: public key point is the infinity") } if len(msg) == 0 { return nil, nil @@ -316,7 +320,7 @@ func Decrypt(priv *PrivateKey, ciphertext []byte) ([]byte, error) { func decrypt(priv *PrivateKey, ciphertext []byte, opts *DecrypterOpts) ([]byte, error) { ciphertextLen := len(ciphertext) if ciphertextLen <= 1+(priv.Params().BitSize/8)+sm3.Size { - return nil, errors.New("sm2: invalid ciphertext length") + return nil, errCiphertextTooShort } switch priv.Curve.Params() { case P256().Params(): @@ -375,7 +379,7 @@ func parseCiphertext(c *sm2Curve, ciphertext []byte, opts *DecrypterOpts) (*_sm2 switch b { case uncompressed: if len(ciphertext) <= 1+2*byteLen+sm3.Size { - return nil, nil, nil, errors.New("sm2: invalid ciphertext length") + return nil, nil, nil, errCiphertextTooShort } C1, err := c.newPoint().SetBytes(ciphertext[:1+2*byteLen]) if err != nil { @@ -920,7 +924,7 @@ func (curve *sm2Curve) pointToAffine(p *_sm2ec.SM2P256Point) (x, y *big.Int, err out := p.Bytes() if len(out) == 1 && out[0] == 0 { // This is the encoding of the point at infinity. - return nil, nil, errors.New("ecdsa: public key point is the infinity") + return nil, nil, errors.New("sm2: public key point is the infinity") } byteLen := (curve.curve.Params().BitSize + 7) / 8 x = new(big.Int).SetBytes(out[1 : 1+byteLen]) diff --git a/sm2/sm2_legacy.go b/sm2/sm2_legacy.go index c540e5b..f1e4e83 100644 --- a/sm2/sm2_legacy.go +++ b/sm2/sm2_legacy.go @@ -334,7 +334,7 @@ func PlainCiphertext2ASN1(ciphertext []byte, from ciphertextSplicingOrder) ([]by curve := sm2ec.P256() ciphertextLen := len(ciphertext) if ciphertextLen <= 1+(curve.Params().BitSize/8)+sm3.Size { - return nil, errors.New("sm2: invalid ciphertext length") + return nil, errCiphertextTooShort } // get C1, and check C1 x1, y1, c3Start, err := bytes2Point(curve, ciphertext) @@ -362,7 +362,7 @@ func AdjustCiphertextSplicingOrder(ciphertext []byte, from, to ciphertextSplicin } ciphertextLen := len(ciphertext) if ciphertextLen <= 1+(curve.Params().BitSize/8)+sm3.Size { - return nil, errors.New("sm2: invalid ciphertext length") + return nil, errCiphertextTooShort } // get C1, and check C1