Commit 46b3ff73 authored by Herbert Xu's avatar Herbert Xu
Browse files

crypto: sm2 - Remove sm2 algorithm 



The SM2 algorithm has a single user in the kernel.  However, it's
never been integrated properly with that user: asymmetric_keys.

The crux of the issue is that the way it computes its digest with
sm3 does not fit into the architecture of asymmetric_keys.  As no
solution has been proposed, remove this algorithm.

It can be resubmitted when it is integrated properly into the
asymmetric_keys subsystem.

Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 4c6338f8

crypto/Kconfig

+0 −18
Original line number Diff line number Diff line
@@ -313,24 +313,6 @@ config CRYPTO_ECRDSA 
	  One of the Russian cryptographic standard algorithms (called GOST

	  algorithms). Only signature verification is implemented.



config CRYPTO_SM2

	tristate "SM2 (ShangMi 2)"

	select CRYPTO_SM3

	select CRYPTO_AKCIPHER

	select CRYPTO_MANAGER

	select MPILIB

	select ASN1

	help

	  SM2 (ShangMi 2) public key algorithm



	  Published by State Encryption Management Bureau, China,

	  as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012.



	  References:

	  https://datatracker.ietf.org/doc/draft-shen-sm2-ecdsa/

	  http://www.oscca.gov.cn/sca/xxgk/2010-12/17/content_1002386.shtml

	  http://www.gmbz.org.cn/main/bzlb.html



config CRYPTO_CURVE25519

	tristate "Curve25519"

	select CRYPTO_KPP

crypto/Makefile

+0 −8
Original line number Diff line number Diff line
@@ -50,14 +50,6 @@ rsa_generic-y += rsa_helper.o 
rsa_generic-y += rsa-pkcs1pad.o

obj-$(CONFIG_CRYPTO_RSA) += rsa_generic.o



$(obj)/sm2signature.asn1.o: $(obj)/sm2signature.asn1.c $(obj)/sm2signature.asn1.h

$(obj)/sm2.o: $(obj)/sm2signature.asn1.h



sm2_generic-y += sm2signature.asn1.o

sm2_generic-y += sm2.o



obj-$(CONFIG_CRYPTO_SM2) += sm2_generic.o



$(obj)/ecdsasignature.asn1.o: $(obj)/ecdsasignature.asn1.c $(obj)/ecdsasignature.asn1.h

$(obj)/ecdsa.o: $(obj)/ecdsasignature.asn1.h

ecdsa_generic-y += ecdsa.o

crypto/asymmetric_keys/pkcs7_parser.c

+0 −4
Original line number Diff line number Diff line
@@ -292,10 +292,6 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen, 
		ctx->sinfo->sig->pkey_algo = "ecdsa";

		ctx->sinfo->sig->encoding = "x962";

		break;

	case OID_SM2_with_SM3:

		ctx->sinfo->sig->pkey_algo = "sm2";

		ctx->sinfo->sig->encoding = "raw";

		break;

	case OID_gost2012PKey256:

	case OID_gost2012PKey512:

		ctx->sinfo->sig->pkey_algo = "ecrdsa";

crypto/asymmetric_keys/public_key.c

+0 −7
Original line number Diff line number Diff line
@@ -124,13 +124,6 @@ software_key_determine_akcipher(const struct public_key *pkey, 
		    strcmp(hash_algo, "sha3-384") != 0 &&

		    strcmp(hash_algo, "sha3-512") != 0)

			return -EINVAL;

	} else if (strcmp(pkey->pkey_algo, "sm2") == 0) {

		if (strcmp(encoding, "raw") != 0)

			return -EINVAL;

		if (!hash_algo)

			return -EINVAL;

		if (strcmp(hash_algo, "sm3") != 0)

			return -EINVAL;

	} else if (strcmp(pkey->pkey_algo, "ecrdsa") == 0) {

		if (strcmp(encoding, "raw") != 0)

			return -EINVAL;

crypto/asymmetric_keys/x509_cert_parser.c

+0 −16
Original line number Diff line number Diff line
@@ -257,10 +257,6 @@ int x509_note_sig_algo(void *context, size_t hdrlen, unsigned char tag, 
	case OID_gost2012Signature512:

		ctx->cert->sig->hash_algo = "streebog512";

		goto ecrdsa;



	case OID_SM2_with_SM3:

		ctx->cert->sig->hash_algo = "sm3";

		goto sm2;

	}



rsa_pkcs1:
@@ -273,11 +269,6 @@ int x509_note_sig_algo(void *context, size_t hdrlen, unsigned char tag, 
	ctx->cert->sig->encoding = "raw";

	ctx->sig_algo = ctx->last_oid;

	return 0;

sm2:

	ctx->cert->sig->pkey_algo = "sm2";

	ctx->cert->sig->encoding = "raw";

	ctx->sig_algo = ctx->last_oid;

	return 0;

ecdsa:

	ctx->cert->sig->pkey_algo = "ecdsa";

	ctx->cert->sig->encoding = "x962";
@@ -309,7 +300,6 @@ int x509_note_signature(void *context, size_t hdrlen, 


	if (strcmp(ctx->cert->sig->pkey_algo, "rsa") == 0 ||

	    strcmp(ctx->cert->sig->pkey_algo, "ecrdsa") == 0 ||

	    strcmp(ctx->cert->sig->pkey_algo, "sm2") == 0 ||

	    strcmp(ctx->cert->sig->pkey_algo, "ecdsa") == 0) {

		/* Discard the BIT STRING metadata */

		if (vlen < 1 || *(const u8 *)value != 0)
@@ -514,17 +504,11 @@ int x509_extract_key_data(void *context, size_t hdrlen, 
	case OID_gost2012PKey512:

		ctx->cert->pub->pkey_algo = "ecrdsa";

		break;

	case OID_sm2:

		ctx->cert->pub->pkey_algo = "sm2";

		break;

	case OID_id_ecPublicKey:

		if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)

			return -EBADMSG;



		switch (oid) {

		case OID_sm2:

			ctx->cert->pub->pkey_algo = "sm2";

			break;

		case OID_id_prime192v1:

			ctx->cert->pub->pkey_algo = "ecdsa-nist-p192";

			break;