diff --git a/docs/sm2.md b/docs/sm2.md index d3e164b..a755e24 100644 --- a/docs/sm2.md +++ b/docs/sm2.md @@ -121,6 +121,16 @@ func ExampleNewPrivateKeyFromInt() { ``` 当然,你也可以使用ecdh包的方法```ecdh.P256().NewPrivateKey```来构造私钥,您要确保输入的字节数组是256位(32字节)的,如果不是,请先自行处理。 +### 关于《GM/T 0091-2020 基于口令的密钥派生规范》 +这个规范就是[RFC8018 PKCS#5](https://datatracker.ietf.org/doc/html/rfc8018) 国密定制版,其中PBES/PBKDF/PBMAC使用了不同的OID,但是这些OID似乎没有注册过。而且表A.1 中**id-hmacWithSM3**的OID为没有注册过的**1.2.156.10197.1.401.3.1**,和我们常用的**1.2.156.10197.1.401.2**不一致,也与该文档本身附录C不一致。不知道哪个产品遵从了这个行业规范。 + +| 对象标识符OID | 对象标识符定义 | +| :--- | :--- | +| 1.2.156.10197.6.1.4.1.5 | 基于口令的密钥派生规范 | +| 1.2.156.10197.6.1.4.1.5.1 | 基于口令的密钥派生函数 PBKDF (其实就是PBKDF2) | +| 1.2.156.10197.6.1.4.1.5.2 | 基于口令的加密方案PBES (其实就是PBES2) | +| 1.2.156.10197.6.1.4.1.5.3 | 基于口令的消息鉴别码PBMAC | + ## 数字签名算法 您可以直接使用sm2私钥的签名方法```Sign```: ```go diff --git a/pkcs/pkcs5_pbes1.go b/pkcs/pkcs5_pbes1.go index 65cd8d0..90db1c8 100644 --- a/pkcs/pkcs5_pbes1.go +++ b/pkcs/pkcs5_pbes1.go @@ -84,7 +84,7 @@ func (pbes1 *PBES1) Decrypt(password, ciphertext []byte) ([]byte, KDFParameters, } plaintext, err := cbcDecrypt(block, key[8:16], ciphertext) if err != nil { - return nil, nil, err + return nil, nil, ErrPBEDecryption } return plaintext, nil, nil } diff --git a/pkcs/pkcs5_pbes2.go b/pkcs/pkcs5_pbes2.go index efdd612..a2c452b 100644 --- a/pkcs/pkcs5_pbes2.go +++ b/pkcs/pkcs5_pbes2.go @@ -59,6 +59,10 @@ func (h Hash) New() hash.Hash { panic("pkcs5: requested hash function #" + strconv.Itoa(int(h)) + " is unavailable") } +var ( + ErrPBEDecryption = errors.New("pkcs: decryption error, please verify the password and try again") +) + // PBKDF2Opts contains algorithm identifiers and related parameters for PBKDF2 key derivation function. type PBES2Params struct { KeyDerivationFunc pkix.AlgorithmIdentifier @@ -149,7 +153,7 @@ func (pbes2Params *PBES2Params) Decrypt(password, ciphertext []byte) ([]byte, KD plaintext, err := cipher.Decrypt(symkey, &pbes2Params.EncryptionScheme.Parameters, ciphertext) if err != nil { - return nil, nil, err + return nil, nil, ErrPBEDecryption } return plaintext, kdfParams, nil } diff --git a/pkcs8/pkcs8.go b/pkcs8/pkcs8.go index c899358..cd5e93d 100644 --- a/pkcs8/pkcs8.go +++ b/pkcs8/pkcs8.go @@ -36,6 +36,11 @@ type encryptedPrivateKeyInfo struct { EncryptedData []byte } +var ( + ErrUnsupportedPBES = errors.New("pkcs8: only part of PBES1/PBES2 supported") + ErrUnexpectedKeyType = errors.New("pkcs8: unexpected key type") +) + // ParsePrivateKey parses a DER-encoded PKCS#8 private key. // Password can be nil. // This is equivalent to ParsePKCS8PrivateKey. @@ -69,14 +74,14 @@ func ParsePrivateKey(der []byte, password []byte) (any, pkcs.KDFParameters, erro pbes1 := &pkcs.PBES1{Algorithm: privKey.EncryptionAlgorithm} decryptedKey, kdfParams, err = pbes1.Decrypt(password, privKey.EncryptedData) default: - return nil, nil, errors.New("pkcs8: only part of PBES1/PBES2 supported") + return nil, nil, ErrUnsupportedPBES } if err != nil { return nil, nil, err } key, err := smx509.ParsePKCS8PrivateKey(decryptedKey) if err != nil { - return nil, nil, errors.New("pkcs8: incorrect password? failed to parse private key while ParsePKCS8PrivateKey: " + err.Error()) + return nil, nil, err } return key, kdfParams, nil } @@ -131,7 +136,7 @@ func ParsePKCS8PrivateKeyRSA(der []byte, v ...[]byte) (*rsa.PrivateKey, error) { } typedKey, ok := key.(*rsa.PrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type RSA") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -145,7 +150,7 @@ func ParsePKCS8PrivateKeyECDSA(der []byte, v ...[]byte) (*ecdsa.PrivateKey, erro } typedKey, ok := key.(*ecdsa.PrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type ECDSA") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -159,7 +164,7 @@ func ParsePKCS8PrivateKeySM2(der []byte, v ...[]byte) (*sm2.PrivateKey, error) { } typedKey, ok := key.(*sm2.PrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type SM2") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -173,7 +178,7 @@ func ParseSM9SignMasterPrivateKey(der []byte, v ...[]byte) (*sm9.SignMasterPriva } typedKey, ok := key.(*sm9.SignMasterPrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type SM9 sign master private key") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -187,7 +192,7 @@ func ParseSM9SignPrivateKey(der []byte, v ...[]byte) (*sm9.SignPrivateKey, error } typedKey, ok := key.(*sm9.SignPrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type SM9 sign user private key") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -201,7 +206,7 @@ func ParseSM9EncryptMasterPrivateKey(der []byte, v ...[]byte) (*sm9.EncryptMaste } typedKey, ok := key.(*sm9.EncryptMasterPrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type SM9 encrypt master private key") + return nil, ErrUnexpectedKeyType } return typedKey, nil } @@ -215,7 +220,7 @@ func ParseSM9EncryptPrivateKey(der []byte, v ...[]byte) (*sm9.EncryptPrivateKey, } typedKey, ok := key.(*sm9.EncryptPrivateKey) if !ok { - return nil, errors.New("pkcs8: key block is not of type SM9 encrypt user private key") + return nil, ErrUnexpectedKeyType } return typedKey, nil } diff --git a/pkcs8/pkcs8_test.go b/pkcs8/pkcs8_test.go index a82691a..758626c 100644 --- a/pkcs8/pkcs8_test.go +++ b/pkcs8/pkcs8_test.go @@ -784,7 +784,7 @@ func TestParseLegacyPBES1PrivateKey(t *testing.T) { } _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("wrong pwd")) - if err == nil { + if err != pkcs.ErrPBEDecryption { t.Errorf("should have failed") } }