mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 20:26:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

x509: fix test cases, disable sm2withsm3 mixed with others #223

Browse Source
This commit is contained in:
Sun Yimin 2024-05-23 21:04:30 +08:00 committed by GitHub
parent 8787268d3d
commit 74754d50d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
smx509/x509.go
View File

@ -1295,7 +1295,7 @@ func signingParamsForKey(key crypto.Signer, sigAlgo SignatureAlgorithm) (Signatu
case elliptic.P521(): case elliptic.P521():
defaultAlgo = ECDSAWithSHA512 defaultAlgo = ECDSAWithSHA512
case sm2.P256(): case sm2.P256():
sigAlgo = SM2WithSM3 defaultAlgo = SM2WithSM3
default: default:
return 0, ai, errors.New("x509: unsupported elliptic curve") return 0, ai, errors.New("x509: unsupported elliptic curve")
} }
@ -1314,7 +1314,7 @@ func signingParamsForKey(key crypto.Signer, sigAlgo SignatureAlgorithm) (Signatu
for _, details := range signatureAlgorithmDetails { for _, details := range signatureAlgorithmDetails {
if details.algo == sigAlgo { if details.algo == sigAlgo {
if details.pubKeyAlgo != pubType { if details.pubKeyAlgo != pubType || (sigAlgo != defaultAlgo && defaultAlgo == SM2WithSM3) {
return 0, ai, errors.New("x509: requested SignatureAlgorithm does not match private key type") return 0, ai, errors.New("x509: requested SignatureAlgorithm does not match private key type")
} }
if details.hash == crypto.MD5 { if details.hash == crypto.MD5 {

6
smx509/x509_test.go
View File

@ -2208,6 +2208,10 @@ func TestMultipleURLsInCRLDP(t *testing.T) {
} }
func TestCreateRevocationList(t *testing.T) { func TestCreateRevocationList(t *testing.T) {
ec256Priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
t.Fatalf("Failed to generate ECDSA P256 key: %s", err)
}
sm2Priv, err := sm2.GenerateKey(rand.Reader) sm2Priv, err := sm2.GenerateKey(rand.Reader)
if err != nil { if err != nil {
t.Fatalf("Failed to generate SM2 key: %s", err) t.Fatalf("Failed to generate SM2 key: %s", err)
@ -2403,7 +2407,7 @@ func TestCreateRevocationList(t *testing.T) {
}, },
{ {
name: "valid, non-default signature algorithm", name: "valid, non-default signature algorithm",
key: sm2Priv, key: ec256Priv,
issuer: &x509.Certificate{ issuer: &x509.Certificate{
KeyUsage: KeyUsageCRLSign, KeyUsage: KeyUsageCRLSign,
Subject: pkix.Name{ Subject: pkix.Name{