review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
	Sun, 20 Sep 2020 16:21:02 +0000 (00:21 +0800)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Fri, 25 Sep 2020 07:48:55 +0000 (17:48 +1000)
commit	215525639631ade1d67e879fe2c3d7195daa9f59
tree	ad4213b7dc01f16c174f476db2c5899d8a49106d	tree \| snapshot
parent	254f84f559039b6d6f6e1035fd7645b42671ab48	commit \| diff

X.509: support OSCCA SM2-with-SM3 certificate verification

The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.

The method of generating Other User Information is defined as
ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also
specified in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02.

The x509 certificate supports SM2-with-SM3 type certificate
verification. Because certificate verification requires ZA
in addition to tbs data, ZA also depends on elliptic curve
parameters and public key data, so you need to access tbs in sig
and calculate ZA. Finally calculate the digest of the
signature and complete the verification work. The calculation
process of ZA is declared in specifications GM/T 0009-2012
and GM/T 0003.2-2012.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Tested-by: Xufeng Zhang <yunbo.xufeng@linux.alibaba.com>
Reviewed-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto/asymmetric_keys/Makefile		diff \| blob \| history
crypto/asymmetric_keys/public_key.c		diff \| blob \| history
crypto/asymmetric_keys/public_key_sm2.c	[new file with mode: 0644]	blob
crypto/asymmetric_keys/x509_public_key.c		diff \| blob \| history
include/crypto/public_key.h		diff \| blob \| history