mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 12:16:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

pkcs7: align pkix.AlgorithmIdentifier Null Parameters with others

Browse Source
This commit is contained in:
Sun Yimin 2024-10-30 08:57:45 +08:00 committed by GitHub
parent 559da498c9
commit 8e2f6c13de
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 21 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
pkcs/kdf_pbkdf2.go
View File

@ -74,35 +74,35 @@ func newPRFParamFromHash(h Hash) (pkix.AlgorithmIdentifier, error) {
case SHA1: case SHA1:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA1, Algorithm: oidHMACWithSHA1,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA224: case SHA224:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA224, Algorithm: oidHMACWithSHA224,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA256: case SHA256:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA256, Algorithm: oidHMACWithSHA256,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA384: case SHA384:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA384, Algorithm: oidHMACWithSHA384,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA512: case SHA512:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA512, Algorithm: oidHMACWithSHA512,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA512_224: case SHA512_224:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA512_224, Algorithm: oidHMACWithSHA512_224,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SHA512_256: case SHA512_256:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSHA512_256, Algorithm: oidHMACWithSHA512_256,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
case SM3: case SM3:
return pkix.AlgorithmIdentifier{ return pkix.AlgorithmIdentifier{
Algorithm: oidHMACWithSM3, Algorithm: oidHMACWithSM3,
Parameters: asn1.RawValue{Tag: asn1.TagNull}}, nil Parameters: asn1.NullRawValue}, nil
} }
return pkix.AlgorithmIdentifier{}, errors.New("pbes/pbkdf2: unsupported hash function") return pkix.AlgorithmIdentifier{}, errors.New("pbes/pbkdf2: unsupported hash function")

3
pkcs7/envelope.go
View File

@ -191,7 +191,8 @@ func (ed *EnvelopedData) AddRecipient(cert *smx509.Certificate, version int, enc
Version: version, Version: version,
IssuerAndSerialNumber: ias, IssuerAndSerialNumber: ias,
KeyEncryptionAlgorithm: pkix.AlgorithmIdentifier{ KeyEncryptionAlgorithm: pkix.AlgorithmIdentifier{
Algorithm: keyEncryptionAlgorithm, Algorithm: keyEncryptionAlgorithm,
Parameters: asn1.NullRawValue,
}, },
EncryptedKey: encrypted, EncryptedKey: encrypted,
} }

12
pkcs7/sign.go
View File

@ -161,7 +161,7 @@ func (sd *SignedData) AddSignerChain(ee *smx509.Certificate, pkey crypto.Private
ias.IssuerName = asn1.RawValue{FullBytes: parents[0].RawSubject} ias.IssuerName = asn1.RawValue{FullBytes: parents[0].RawSubject}
} }
sd.sd.DigestAlgorithmIdentifiers = append(sd.sd.DigestAlgorithmIdentifiers, sd.sd.DigestAlgorithmIdentifiers = append(sd.sd.DigestAlgorithmIdentifiers,
pkix.AlgorithmIdentifier{Algorithm: sd.digestOid}, pkix.AlgorithmIdentifier{Algorithm: sd.digestOid, Parameters: asn1.NullRawValue},
) )
hasher, err := getHashForOID(sd.digestOid) hasher, err := getHashForOID(sd.digestOid)
if err != nil { if err != nil {
@ -192,8 +192,8 @@ func (sd *SignedData) AddSignerChain(ee *smx509.Certificate, pkey crypto.Private
} }
signer := signerInfo{ signer := signerInfo{
AuthenticatedAttributes: finalAttrs, AuthenticatedAttributes: finalAttrs,
DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.digestOid}, DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.digestOid, Parameters: asn1.NullRawValue},
DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: encryptionOid}, DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: encryptionOid, Parameters: asn1.NullRawValue},
IssuerAndSerialNumber: ias, IssuerAndSerialNumber: ias,
EncryptedDigest: signature, EncryptedDigest: signature,
Version: 1, Version: 1,
@ -231,7 +231,7 @@ func newHash(hasher crypto.Hash, hashOid asn1.ObjectIdentifier) hash.Hash {
// applications. // applications.
func (sd *SignedData) SignWithoutAttr(ee *smx509.Certificate, pkey crypto.PrivateKey, config SignerInfoConfig) error { func (sd *SignedData) SignWithoutAttr(ee *smx509.Certificate, pkey crypto.PrivateKey, config SignerInfoConfig) error {
var signature []byte var signature []byte
sd.sd.DigestAlgorithmIdentifiers = append(sd.sd.DigestAlgorithmIdentifiers, pkix.AlgorithmIdentifier{Algorithm: sd.digestOid}) sd.sd.DigestAlgorithmIdentifiers = append(sd.sd.DigestAlgorithmIdentifiers, pkix.AlgorithmIdentifier{Algorithm: sd.digestOid, Parameters: asn1.NullRawValue})
hasher, err := getHashForOID(sd.digestOid) hasher, err := getHashForOID(sd.digestOid)
if err != nil { if err != nil {
return err return err
@ -265,8 +265,8 @@ func (sd *SignedData) SignWithoutAttr(ee *smx509.Certificate, pkey crypto.Privat
return err return err
} }
signer := signerInfo{ signer := signerInfo{
DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.digestOid}, DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.digestOid, Parameters: asn1.NullRawValue},
DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.encryptionOid}, DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: sd.encryptionOid, Parameters: asn1.NullRawValue},
IssuerAndSerialNumber: ias, IssuerAndSerialNumber: ias,
EncryptedDigest: signature, EncryptedDigest: signature,
Version: 1, Version: 1,

9
pkcs7/sign_enveloped.go
View File

@ -217,7 +217,7 @@ func (saed *SignedAndEnvelopedData) AddSignerChain(ee *smx509.Certificate, pkey
ias.IssuerName = asn1.RawValue{FullBytes: parents[0].RawSubject} ias.IssuerName = asn1.RawValue{FullBytes: parents[0].RawSubject}
} }
saed.sed.DigestAlgorithmIdentifiers = append(saed.sed.DigestAlgorithmIdentifiers, saed.sed.DigestAlgorithmIdentifiers = append(saed.sed.DigestAlgorithmIdentifiers,
pkix.AlgorithmIdentifier{Algorithm: saed.digestOid}, pkix.AlgorithmIdentifier{Algorithm: saed.digestOid, Parameters: asn1.NullRawValue},
) )
hasher, err := getHashForOID(saed.digestOid) hasher, err := getHashForOID(saed.digestOid)
if err != nil { if err != nil {
@ -250,8 +250,8 @@ func (saed *SignedAndEnvelopedData) AddSignerChain(ee *smx509.Certificate, pkey
return err return err
} }
signer := signerInfo{ signer := signerInfo{
DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: saed.digestOid}, DigestAlgorithm: pkix.AlgorithmIdentifier{Algorithm: saed.digestOid, Parameters: asn1.NullRawValue},
DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: signatureOid}, DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{Algorithm: signatureOid, Parameters: asn1.NullRawValue},
IssuerAndSerialNumber: ias, IssuerAndSerialNumber: ias,
EncryptedDigest: signature, EncryptedDigest: signature,
Version: 1, Version: 1,
@ -287,7 +287,8 @@ func (saed *SignedAndEnvelopedData) AddRecipient(recipient *smx509.Certificate)
Version: 1, Version: 1,
IssuerAndSerialNumber: ias, IssuerAndSerialNumber: ias,
KeyEncryptionAlgorithm: pkix.AlgorithmIdentifier{ KeyEncryptionAlgorithm: pkix.AlgorithmIdentifier{
Algorithm: keyEncryptionAlgorithm, Algorithm: keyEncryptionAlgorithm,
Parameters: asn1.NullRawValue,
}, },
EncryptedKey: encryptedKey, EncryptedKey: encryptedKey,
} }

7
sm4/gcm_cipher_asm.go
View File

@ -162,13 +162,6 @@ func (g *gcm) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
return ret, nil return ret, nil
} }
// reverseBits reverses the order of the bits of 4-bit number in i.
func reverseBits(i int) int {
i = ((i << 2) & 0xc) | ((i >> 2) & 0x3)
i = ((i << 1) & 0xa) | ((i >> 1) & 0x5)
return i
}
// gcmAdd adds two elements of GF(2¹²⁸) and returns the sum. // gcmAdd adds two elements of GF(2¹²⁸) and returns the sum.
func gcmAdd(x, y *gcmFieldElement) gcmFieldElement { func gcmAdd(x, y *gcmFieldElement) gcmFieldElement {
// Addition in a characteristic 2 field is just XOR. // Addition in a characteristic 2 field is just XOR.