Add SM2 signature algorithm to default provider

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)

6 files changed, 128 insertions, 1 deletions

diff --git a/providers/common/der/SM2.asn1 b/providers/common/der/SM2.asn1
new file mode 100644
index 0000000000..f90e11f04a
--- /dev/null
+++ b/providers/common/der/SM2.asn1
@@ -0,0 +1,11 @@
+oscca  OBJECT IDENTIFIER ::= { iso(1) member-body(2) cn(156) 10197 }
+
+sm-scheme OBJECT IDENTIFIER ::= { oscca 1 }
+
+-- OID for SM2 signatures with SM3
+
+sm2-with-SM3 OBJECT IDENTIFIER ::= { sm-scheme 501 }
+
+-- Named Elliptic Curves of SM2
+
+curveSM2 OBJECT IDENTIFIER ::= { sm-scheme 301 }
diff --git a/providers/common/der/build.info b/providers/common/der/build.info
index 60c0d8e66c..ae5f1612ee 100644
--- a/providers/common/der/build.info
+++ b/providers/common/der/build.info
@@ -74,6 +74,19 @@ DEPEND[${DER_WRAP_GEN/.c/.o}]=$DER_WRAP_H
 GENERATE[$DER_WRAP_H]=der_wrap.h.in
 DEPEND[$DER_WRAP_H]=oids_to_c.pm
 
+#----- SM2
+$DER_SM2_H=../include/prov/der_sm2.h
+$DER_SM2_GEN=der_sm2_gen.c
+$DER_SM2_AUX=der_sm2_key.c der_sm2_sig.c
+
+GENERATE[$DER_SM2_GEN]=der_sm2_gen.c.in
+DEPEND[$DER_SM2_GEN]=oids_to_c.pm
+
+DEPEND[${DER_SM2_AUX/.c/.o}]=$DER_SM2_H $DER_EC_H
+DEPEND[${DER_SM2_GEN/.c/.o}]=$DER_SM2_H
+GENERATE[$DER_SM2_H]=der_sm2.h.in
+DEPEND[$DER_SM2_H]=oids_to_c.pm
+
 #----- Conclusion
 
 # TODO(3.0) $COMMON should go to libcommon.a, but this currently leads
@@ -84,7 +97,8 @@ $COMMON=\
         $DER_DSA_GEN $DER_DSA_AUX \
         $DER_EC_GEN $DER_EC_AUX \
         $DER_DIGESTS_GEN \
-        $DER_WRAP_GEN
+        $DER_WRAP_GEN \
+        $DER_SM2_GEN $DER_SM2_AUX
 
 IF[{- !$disabled{ec} -}]
   $COMMON = $COMMON $DER_ECX_GEN $DER_ECX_AUX
diff --git a/providers/common/der/der_sm2.h.in b/providers/common/der/der_sm2.h.in
new file mode 100644
index 0000000000..406ddf2b16
--- /dev/null
+++ b/providers/common/der/der_sm2.h.in
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/der.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/SM2.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_H });
+-}
+
+/* Subject Public Key Info */
+int DER_w_algorithmIdentifier_SM2(WPACKET *pkt, int cont, EC_KEY *ec);
+/* Signature */
+int DER_w_algorithmIdentifier_SM2_with_MD(WPACKET *pkt, int cont,
+                                          EC_KEY *ec, int mdnid);
diff --git a/providers/common/der/der_sm2_gen.c.in b/providers/common/der/der_sm2_gen.c.in
new file mode 100644
index 0000000000..fc3c4461df
--- /dev/null
+++ b/providers/common/der/der_sm2_gen.c.in
@@ -0,0 +1,17 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "prov/der_sm2.h"
+
+/* Well known OIDs precompiled */
+{-
+    $OUT = oids_to_c::process_leaves('providers/common/der/SM2.asn1',
+                                     { dir => $config{sourcedir},
+                                       filter => \&oids_to_c::filter_to_C });
+-}
diff --git a/providers/common/der/der_sm2_key.c b/providers/common/der/der_sm2_key.c
new file mode 100644
index 0000000000..daf2072c9e
--- /dev/null
+++ b/providers/common/der/der_sm2_key.c
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/obj_mac.h>
+#include "internal/packet.h"
+#include "prov/der_ec.h"
+#include "prov/der_sm2.h"
+
+int DER_w_algorithmIdentifier_SM2(WPACKET *pkt, int cont, EC_KEY *ec)
+{
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        /* It seems SM2 identifier is the same to id_ecPublidKey */
+        && DER_w_precompiled(pkt, -1, der_oid_id_ecPublicKey,
+                             sizeof(der_oid_id_ecPublicKey))
+        && DER_w_end_sequence(pkt, cont);
+}
diff --git a/providers/common/der/der_sm2_sig.c b/providers/common/der/der_sm2_sig.c
new file mode 100644
index 0000000000..a35755065e
--- /dev/null
+++ b/providers/common/der/der_sm2_sig.c
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/obj_mac.h>
+#include "internal/packet.h"
+#include "prov/der_sm2.h"
+
+/* Aliases so we can have a uniform MD_CASE */
+#define der_oid_id_sm2_with_sm3   der_oid_sm2_with_SM3
+
+#define MD_CASE(name)                                                   \
+    case NID_##name:                                                    \
+        precompiled = der_oid_id_sm2_with_##name;                     \
+        precompiled_sz = sizeof(der_oid_id_sm2_with_##name);          \
+        break;
+
+int DER_w_algorithmIdentifier_SM2_with_MD(WPACKET *pkt, int cont,
+                                          EC_KEY *ec, int mdnid)
+{
+    const unsigned char *precompiled = NULL;
+    size_t precompiled_sz = 0;
+
+    switch (mdnid) {
+        MD_CASE(sm3);
+    default:
+        return 0;
+    }
+
+    return DER_w_begin_sequence(pkt, cont)
+        /* No parameters (yet?) */
+        && DER_w_precompiled(pkt, -1, precompiled, precompiled_sz)
+        && DER_w_end_sequence(pkt, cont);
+}