Update to V_1.4

see ~/tassl_demo/README for more details.

Configurations/unix-Makefile.tmpl

@@ -477,6 +477,17 @@ install_tass:
 	sed -i '1i\INC_DIR=$(INSTALLTOP)/include' $(CRYPTO_MK_FILE).sh
 	sed -i '1i\LIB_DIR=$(INSTALLTOP)/lib'     $(CRYPTO_MK_FILE).sh
 	sed -i '1i\#!/bin/sh'                     $(CRYPTO_MK_FILE).sh
+
+	echo ${INSTALLTOP}/lib > ${INSTALLTOP}/bin/tassl.conf
+	cp ${INSTALLTOP}/bin/tassl.conf /etc/ld.so.conf.d
+	ldconfig 
+
+	echo  'cp ${INSTALLTOP}/bin/tassl.conf /etc/ld.so.conf.d' >${INSTALLTOP}/bin/tass_init.sh
+	echo 'ldconfig' >>${INSTALLTOP}/bin/tass_init.sh
+	chmod u+x ${INSTALLTOP}/bin/tass_init.sh
+
+	echo 'export LD_LIBRARY_PATH=${INSTALLTOP}/lib:$$LD_LIBRARY_PATH' >${INSTALLTOP}/bin/setting
+
 
 install_ssldirs:
 	@$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs

README

@@ -93,4 +93,4 @@
  cryptographic code.
 
 
- ./Configure  linux-x86_64 --prefix=/root/tasshsm_engine/tassl --shared 
+ ./Configure  linux-x86_64 --prefix=/root/tasscard_engine/tassl --shared 

apps/enc.c

@@ -70,7 +70,7 @@ const OPTIONS enc_options[] = {
     {"bufsize", OPT_BUFSIZE, 's', "Buffer size"},
     {"k", OPT_K, 's', "Passphrase"},
     {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
-    {"K", OPT_UPPER_K, 's', "Raw key, in hex"},
+    {"K", OPT_UPPER_K, 's', "Raw key, in hex.If use -engine tasscard_sm4,this is key index in decimal format"},
     {"S", OPT_UPPER_S, 's', "Salt, in hex"},
     {"iv", OPT_IV, 's', "IV in hex"},
     {"md", OPT_MD, 's', "Use specified digest to create a key from the passphrase"},
@@ -534,7 +534,7 @@ int enc_main(int argc, char **argv)
 
         BIO_get_cipher_ctx(benc, &ctx);
 
-        if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
+        if (!EVP_CipherInit_ex(ctx, cipher, e, NULL, NULL, enc)) {
             BIO_printf(bio_err, "Error setting cipher %s\n",
                        EVP_CIPHER_name(cipher));
             ERR_print_errors(bio_err);
@@ -655,7 +655,8 @@ static int set_hex(const char *in, unsigned char *out, int size)
         BIO_printf(bio_err, "hex string is too long, ignoring excess\n");
         n = i; /* ignore exceeding part */
     } else if (n < i) {
-        BIO_printf(bio_err, "hex string is too short, padding with zero bytes to length\n");
+        if(n != 2)
+            BIO_printf(bio_err, "hex string is too short, padding with zero bytes to length\n");
     }
 
     memset(out, 0, size);

apps/pkcs7.c

@@ -525,7 +525,7 @@ int pkcs7_main(int argc, char **argv)
         if(informat == FORMAT_BASE64_GM009_7_4){
             //in_len -= 15;      //jump the header of sequence:30820xxx 3009 06072A811CCF550168  oid:1-2-156-10197-1-104(SM4)
             if(atoi(in_sign_key_index)>=0 && atoi(in_sign_key_index) <=64){
-                printf("do nothing, use the card ENGINE_convert_private_key do all the parse!\n");
+                //printf("do nothing, use the card ENGINE_convert_private_key do all the parse!\n");
             }else{
                 memcpy(t_buf, in_buf+15, 2);        //3079
                 iSymLen = *(unsigned char *)(t_buf+1);      //the t_buf[1] bytes len, like 0x79.
@@ -546,7 +546,7 @@ int pkcs7_main(int argc, char **argv)
                 goto end;
             }
         }
-        if(atoi(in_sign_key_index)>=0 && atoi(in_sign_key_index) <=64){
+        if(in_sign_key_index && atoi(in_sign_key_index)>=0 && atoi(in_sign_key_index) <=64){
 
         }else{
             /* 11111-Parse the ciphered sm4 key by the sm2 sign private key */
@@ -627,7 +627,7 @@ int pkcs7_main(int argc, char **argv)
 
         /* 33333-write the enc key to outfile*/
         if(e){
-            if(atoi(in_enc_key_index)>=0 && atoi(in_enc_key_index) <=64){       //input the enc key index, import the enc key to tasscard 
+            if(in_enc_key_index && atoi(in_enc_key_index)>=0 && atoi(in_enc_key_index) <=64){       //input the enc key index, import the enc key to tasscard 
                 //use the in_buf[in_len] store the in_sign_key_index
                 in_buf[in_len] = atoi(in_sign_key_index);
                 ENGINE_convert_private_key(e, (const char *)in_buf, in_len, NULL, in_enc_key_index);

crypto/ec/ecdsa_sign.c

@@ -36,10 +36,13 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char
                *sig, unsigned int *siglen, EC_KEY *eckey)
 {
 #ifndef OPENSSL_NO_CNSM
-
-    if (EC_GROUP_get_curve_name(EC_KEY_get0_group(eckey)) == NID_sm2)
-        return  sm2_sign(dgst, dlen, sig, siglen, eckey);
-#endif	
+    if (EC_GROUP_get_curve_name(EC_KEY_get0_group(eckey)) == NID_sm2){
+        if ((EC_KEY_get_flags(eckey) & EC_FLAG_TASS_CUSTOM_SIGN) &&  eckey->meth->sign != NULL)
+            return eckey->meth->sign(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
+        else
+            return  sm2_sign(dgst, dlen, sig, siglen, eckey);
+    }
+#endif
         return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
 }
 

crypto/evp/cmeth_lib.c

@@ -58,6 +58,17 @@ int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size)
     return 1;
 }
 
+#ifndef OPENSSL_NO_CNSM
+int EVP_CIPHER_meth_set_keygen(EVP_CIPHER *cipher,
+                             int (*keygen) (EVP_CIPHER_CTX *ctx, 
+                                          const unsigned char *key,
+                                          const unsigned char *index))
+{
+    cipher->keygen = keygen;
+    return 1;
+}
+#endif
+
 int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
                              int (*init) (EVP_CIPHER_CTX *ctx,
                                           const unsigned char *key,

crypto/evp/evp_enc.c

@@ -48,6 +48,25 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
     OPENSSL_free(ctx);
 }
 
+#ifndef OPENSSL_NO_CNSM
+int EVP_CipherKeygen(EVP_CIPHER_CTX *ctx, ENGINE *impl, int nid, const unsigned char *key, const unsigned char *index)
+{
+    const EVP_CIPHER *ret;
+    if(impl){
+        ENGINE_CIPHERS_PTR fn = NULL;
+        fn = ENGINE_get_ciphers(impl);
+        if(fn){
+            fn(impl, &ret, NULL, nid);
+            if(ret)
+                return ret->keygen(ctx, key, index);
+        }else
+            return 1;
+    }
+    else
+        return 1;
+}
+#endif
+
 int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
                    const unsigned char *key, const unsigned char *iv, int enc)
 {

crypto/evp/m_sigver.c

@@ -85,7 +85,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 #ifndef OPENSSL_NO_CNSM
     if (ctx->pctx->pkey->type == EVP_PKEY_EC)
     {
-        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(ctx->pctx->pkey->pkey.ec)) == NID_sm2)
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(ctx->pctx->pkey->pkey.ec)) == NID_sm2 && !(EC_KEY_get_flags(ctx->pctx->pkey->pkey.ec) & EC_FLAG_TASS_NO_Z_SIGN))
         {
             /*Need Set SM2 Sign And Verify Extra Data: Add Message Z*/
             unsigned char ex_dgst[EVP_MAX_MD_SIZE];

crypto/include/internal/evp_int.h

@@ -154,6 +154,11 @@ struct evp_cipher_st {
     int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
     /* Application data */
     void *app_data;
+#ifndef OPENSSL_NO_CNSM
+    /* init key */
+    int (*keygen) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                 const unsigned char *index);
+#endif
 } /* EVP_CIPHER */ ;
 
 /* Macros to code block cipher wrappers */

include/openssl/ec.h

@@ -818,9 +818,11 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
 # define EC_FLAG_FIPS_CHECKED    0x2
 # define EC_FLAG_COFACTOR_ECDH   0x1000
 #ifndef OPENSSL_NO_CNSM
-# define EC_FLAG_TASSHSM_ENGINE            0x10000
-# define EC_FLAG_TASSHSMRSA_ENGINE      0x20000
-# define EC_FLAG_TASSCARD_ENGINE       0x1000000
+# define EC_FLAG_TASSHSM_ENGINE      0x10000
+# define EC_FLAG_TASSHSMRSA_ENGINE   0x20000
+# define EC_FLAG_TASS_CUSTOM_SIGN    0x100000
+# define EC_FLAG_TASS_NO_Z_SIGN      0x200000
+# define EC_FLAG_TASSCARD_ENGINE     0x1000000
 
 #endif
 

include/openssl/evp.h

@@ -189,6 +189,12 @@ void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
 int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
 int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
 int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+#ifndef OPENSSL_NO_CNSM
+int EVP_CIPHER_meth_set_keygen(EVP_CIPHER *cipher,
+                             int (*keygen) (EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *key,
+                                          const unsigned char *index));
+#endif
 int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
                              int (*init) (EVP_CIPHER_CTX *ctx,
                                           const unsigned char *key,
@@ -605,6 +611,10 @@ __owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
 /*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
                                    int *outl);
 
+#ifndef OPENSSL_NO_CNSM
+__owur int EVP_CipherKeygen(EVP_CIPHER_CTX *ctx, ENGINE *impl, int nid,
+                            const unsigned char *key, const unsigned char *index);
+#endif
 __owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
                           const unsigned char *key, const unsigned char *iv,
                           int enc);

include/openssl/opensslv.h

@@ -40,7 +40,7 @@ extern "C" {
  *  major minor fix final patch/beta)
  */
 # define OPENSSL_VERSION_NUMBER  0x1010102fL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1b Tassl 1.3  25 May 2020"
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1b Tassl 1.4  23 Aug 2020"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)

include/openssl/ssl.h

@@ -1602,7 +1602,6 @@ __owur int SSL_set_sm2_group_id_custom(uint16_t id);
 __owur int SSL_CTX_use_enc_certificate_file(SSL_CTX *ctx, const char *file,
                                         int type);
 __owur int SSL_CTX_use_enc_certificate(SSL_CTX *ctx, X509 *x);
-__owur int SSL_CTX_use_enc_certificate_chain_file(SSL_CTX *ctx, const char *file);
 #endif
 __owur int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file,
                                         int type);

ssl/s3_lib.c

@@ -5036,7 +5036,10 @@ int ssl_derive_SM2(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey,  int gensecret)
     }
 
     /*查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
-    for(i=0; i<sk_X509_num(s->session->peer_chain); i++){
+    //for(i=0; i<sk_X509_num(s->session->peer_chain); i++){
+
+    /*从链表最后开始，查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
+    for(i=sk_X509_num(s->session->peer_chain)-1; i>=0; i--){
         if((X509_get_extension_flags(sk_X509_value(s->session->peer_chain, i)) & EXFLAG_KUSAGE) && (X509_get_key_usage(sk_X509_value(s->session->peer_chain, i)) & X509v3_KU_DATA_ENCIPHERMENT))
             break;
     }

ssl/statem/statem_clnt.c

@@ -2220,7 +2220,8 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
                  SSL_R_LENGTH_TOO_SHORT);
         return 0;
     }
-    if(curve_id == 0)
+    //At present, because there is no definite explanation, when the protocol is CNTLS, the default 249 will be used as sm2 curve ID
+    if( s->version == SM1_1_VERSION && curve_id != 249)
 	    curve_id = 249;    //if none curve id ,set it to sm2 249 defined by tass
     /*
      * Check curve is named curve type and one of our preferences, if not
@@ -2347,9 +2348,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
             goto err;
         sm2_certs_len = 0;
 
-        /*查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
-        for(i=0; i<sk_X509_num(s->session->peer_chain); i++){
-
+        /*从链表最后开始，查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
+        for(i=sk_X509_num(s->session->peer_chain)-1; i>=0; i--){
             if((X509_get_extension_flags(sk_X509_value(s->session->peer_chain, i)) & EXFLAG_KUSAGE) && (X509_get_key_usage(sk_X509_value(s->session->peer_chain, i)) & X509v3_KU_DATA_ENCIPHERMENT))
                 break;
         }
@@ -3175,8 +3175,8 @@ static int tls_construct_cke_sm2ecc(SSL *s, WPACKET *pkt)
         return 0;
     }
 
-    /*查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
-    for(i=0; i<sk_X509_num(s->session->peer_chain); i++){
+    /*从链表最后开始，查找第一个数据加密功能的证书,作为加密证书使用，跟排列顺序无关*/
+    for(i=sk_X509_num(s->session->peer_chain)-1; i>=0; i--){
         if((X509_get_extension_flags(sk_X509_value(s->session->peer_chain, i)) & EXFLAG_KUSAGE) && (X509_get_key_usage(sk_X509_value(s->session->peer_chain, i)) & X509v3_KU_DATA_ENCIPHERMENT))
             break;
     }
@@ -3229,13 +3229,23 @@ static int tls_construct_cke_sm2ecc(SSL *s, WPACKET *pkt)
                  ERR_R_EVP_LIB);
         goto err;
     }
-
+
+   /*	
     if (!WPACKET_allocate_bytes(pkt, enclen, &encdata)
             || EVP_PKEY_encrypt(pctx, encdata, &enclen, pms, pmslen) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2ECC,
                  SSL_R_BAD_RSA_ENCRYPT);
         goto err;
+    }*/
+    if (!WPACKET_reserve_bytes(pkt, enclen, &encdata)
+            || EVP_PKEY_encrypt(pctx, encdata, &enclen, pms, pmslen) <= 0) {
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2ECC,
+                 SSL_R_BAD_RSA_ENCRYPT);
+        goto err;
     }
+    pkt->written += enclen;   //签名时分配的字节数为最大的022100，所以真正签名完成时要设置真实数值，因为有的服务端不认后面带00的加密密文
+    pkt->curr += enclen;
+
     EVP_PKEY_CTX_free(pctx);
     pctx = NULL;
 

ssl/statem/statem_srvr.c

@@ -2681,10 +2681,11 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
         /* Get NID of appropriate shared curve */
         curve_id = tls1_shared_group(s, -2);
         if (curve_id == 0) {
-            SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
+            curve_id = 249;     //modify by TASS Gujq for guomiju test, cause they use the 00 for sm2
+            /*SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                      SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
                      SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
-            goto err;
+            goto err;*/
         }
         s->s3->tmp.pkey = ssl_generate_pkey_group(s, curve_id);
         /* Generate a new key for this curve */

tassl_demo/README.txt

@@ -1,8 +1,16 @@
+20200823_V_1.4:
+1.修改查找加密证书逻辑：从证书链的最后一个开始查找,找到第一个带有数据加密功能的证书后，作为加密证书。
+2.修改client_key_exchange时，签名时分配的字节数为最大的022100，所以真正签名完成时要设置真实数值，因为有的服务端不认后面带00的加密密文。
+
 20200526_V_1.3:
 1:优化取加密证书的逻辑，在证书栈中查找第一个具有数据加密的用途的证书作为加密证书。
 2:屏蔽掉当国密版本为0x0101时，不要进行downgrade，防止ssl_fill_hello_random()随机数的最后8字节被填充为固定值。
 3:默认的sm2 curve_id为00， 如果用249则条件编译 -DSTD_CURVE_ID; 默认的sm2秘钥协商用ZB+ZA的顺序，如果需要颠倒，条件编译-DSTD_ZAZB.
 4.修改tls_construct_cke_sm2dh()中，使用签名私钥的引擎来产生临时秘钥对，如果不存在，则使用软算法产生。
+5.增加ECDSA_sign中当eckey存在sign方法，且设置了EC_FLAG_TASS_CUSTOM_SIGN标志后，调用eckey中的方法。
+6.增加支持SSL握手时进行裸签标志，EC_FLAG_TASS_NO_Z_SIGN,通过EC_KEY_set_flags()设置。
+7.openssl sm4-cbc支持通过-K 40指定使用tasscard_sm4引擎进行加解密通过40号索引的秘钥。
+8.增加card_engine 目录，提供调用卡的例子。
 
 20200328_V_1.2:
 1:调整变量声明位置，支持Windows下64位编译。

tassl_demo/card_engine/mk.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+LIB_DIR=/root/tasscard_engine/tassl/lib
+INC_DIR=/root/tasscard_engine/tassl/include
+PROGRAMES="sm2_evp_keygen sm2_evp_dec sm2_evp_enc_dec  sm2_evp_digest_sign_verify sm4_evp"
+
+if [ $1"X" == "cleanX" ]; then
+printf "cleaning the programe %s.....\n" $PROGRAMES
+	rm -rf ${PROGRAMES} 
+else
+printf "compiling the programe.....\n"
+gcc -ggdb3 -O0 -o sm2_evp_keygen sm2_evp_keygen.c -I${INC_DIR}  -L${LIB_DIR} -lssl -L${LIB_DIR} -lcrypto  -ldl -lpthread
+gcc -ggdb3 -O0 -o sm2_evp_dec sm2_evp_dec.c -I${INC_DIR}  -L${LIB_DIR} -lssl -L${LIB_DIR} -lcrypto  -ldl -lpthread
+gcc -ggdb3 -O0 -o sm2_evp_enc_dec sm2_evp_enc_dec.c -I${INC_DIR}  -L${LIB_DIR} -lssl -L${LIB_DIR} -lcrypto  -ldl -lpthread
+gcc -ggdb3 -O0 -o sm2_evp_digest_sign_verify sm2_evp_digest_sign_verify.c -I${INC_DIR}  -L${LIB_DIR} -lssl -L${LIB_DIR} -lcrypto  -ldl -lpthread
+gcc -ggdb3 -O0 -o sm4_evp sm4_evp.c -I${INC_DIR}  -L${LIB_DIR} -lssl -L${LIB_DIR} -lcrypto  -ldl -lpthread
+fi