Projects
openEuler:24.03:SP1:Everything
gnupg2
Sign Up
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 5
View file
_service:tar_scm:gnupg2.spec
Changed
@@ -1,6 +1,6 @@ Name: gnupg2 Version: 2.4.3 -Release: 4 +Release: 5 Summary: Utility for secure communication and data storage License: GPLv3+ @@ -20,17 +20,18 @@ Patch10: backport-dirmngr-Enable-the-call-of-ks_ldap_help_variables-wh.patch Patch11: backport-gpg-Make-no-literal-work-again-for-c-and-store.patch Patch12: backport-gpg-Fix-minor-memory-leak-during-certain-smartcard-o.patch +Patch13: supports-sm2-algorithm-signature-and-uses-sm3-hash-algorithm.patch BuildRequires: gcc BuildRequires: zlib-devel, npth-devel, texinfo BuildRequires: libgpg-error-devel >= 1.46 -BuildRequires: libgcrypt-devel >= 1.9.4 +BuildRequires: libgcrypt-devel >= 1.10.2-3 BuildRequires: libksba-devel >= 1.6.3 BuildRequires: libassuan-devel >= 2.5.0 # compile dirmngr module, need gnutls -BuildRequires: gnutls-devel +BuildRequires: gnutls-devel gettext-devel -Requires: libgcrypt >= 1.9.4 +Requires: libgcrypt >= 1.10.2-3 Requires: libgpg-error >= 1.46 Recommends: pinentry @@ -59,6 +60,7 @@ %prep %autosetup -n gnupg-%{version} -p1 +autoreconf -f %global pcsclib %(basename $(ls -1 %{_libdir}/libpcsclite.so.? 2>/dev/null ) 2>/dev/null ) @@ -72,7 +74,8 @@ --enable-g13 \ --disable-ccid-driver \ --disable-tpm2d \ - --enable-large-secmem + --enable-large-secmem \ + --enable-sm2 %make_build @@ -121,6 +124,9 @@ %changelog +* Sat Oct 26 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2.4.3-5 +- Supports sm2 algorithm signature and uses sm3 hash algorithm. + * Mon Sep 30 2024 yixiangzhike <yixiangzhike007@163.com> - 2.4.3-4 - backport upstream patch to fix minor memory leak
View file
_service:tar_scm:supports-sm2-algorithm-signature-and-uses-sm3-hash-algorithm.patch
Added
@@ -0,0 +1,543 @@ +From 12689a050972bc6a07c0b8dfdd379c50087b614b Mon Sep 17 00:00:00 2001 +From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com> +Date: Sat, 26 Oct 2024 16:59:41 +0800 +Subject: PATCH Supports sm2 algorithm signature and uses sm3 hash algorithm. + +Co-authored-by: Huaxin Lu <luhuaxin1@huawei.com> +Signed-off-by: zhengxiaoxiao <zhengxiaoxiao2@huawei.com> +--- + agent/pksign.c | 25 +++++++- + common/Makefile.am | 3 + + common/openpgp-oid.c | 31 +++++++++ + common/openpgpdefs.h | 4 ++ + common/sm2.c | 149 +++++++++++++++++++++++++++++++++++++++++++ + common/sm2.h | 24 +++++++ + common/util.h | 3 + + configure.ac | 10 +++ + g10/keygen.c | 3 + + g10/misc.c | 13 +++- + g10/pkglue.c | 5 ++ + g10/sig-check.c | 12 ++++ + g10/sign.c | 16 ++++- + sm/gpgsm.c | 3 + + 14 files changed, 295 insertions(+), 6 deletions(-) + create mode 100644 common/sm2.c + create mode 100644 common/sm2.h + +diff --git a/agent/pksign.c b/agent/pksign.c +index a7b5c57..249bcd9 100644 +--- a/agent/pksign.c ++++ b/agent/pksign.c +@@ -28,7 +28,9 @@ + + #include "agent.h" + #include "../common/i18n.h" +- ++#ifdef GPG_USE_SM2 ++#include "../common/sm2.h" ++#endif + + static int + do_encode_md (const byte * md, size_t mdlen, int algo, gcry_sexp_t * r_hash, +@@ -209,7 +211,14 @@ do_encode_dsa (const byte *md, size_t mdlen, int pkalgo, gcry_sexp_t pkey, + mdlen = qbits/8; + + /* Create the S-expression. */ +- err = gcry_sexp_build (&hash, NULL, ++#ifdef GPG_USE_SM2 ++ if (pkey_is_sm2(pkey)) ++ err = gcry_sexp_build (&hash, NULL, ++ "(data (flags sm2) (hash %s %b))", ++ "sm3", (int)mdlen, md); ++ else ++#endif ++ err = gcry_sexp_build (&hash, NULL, + "(data (flags rfc6979) (hash %s %b))", + rfc6979_hash_algo_string (mdlen), + (int)mdlen, md); +@@ -494,6 +503,18 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, + { + /* No smartcard, but a private key (in S_SKEY). */ + ++#ifdef GPG_USE_SM2 ++ /* calculate sm2 digest */ ++ if (pkey_is_sm2(s_skey)) ++ { ++ if (!s_pkey) ++ agent_public_key_from_file (ctrl, ctrl->keygrip, &s_pkey); ++ ++ err = update_sm2_hash_value (data, datalen, s_pkey, data); ++ if (err) ++ goto leave; ++ } ++#endif + /* Put the hash into a sexp */ + if (algo == GCRY_PK_EDDSA) + err = do_encode_eddsa (gcry_pk_get_nbits (s_skey), data, datalen, +diff --git a/common/Makefile.am b/common/Makefile.am +index d5ab038..5e7ac35 100644 +--- a/common/Makefile.am ++++ b/common/Makefile.am +@@ -99,6 +99,9 @@ common_sources = \ + compliance.c compliance.h \ + pkscreening.c pkscreening.h + ++if GPG_USE_SM2 ++common_sources += sm2.c sm2.h ++endif + + if HAVE_W32_SYSTEM + common_sources += w32-reg.c w32-cmdline.c +diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c +index 4930549..767a4e5 100644 +--- a/common/openpgp-oid.c ++++ b/common/openpgp-oid.c +@@ -62,6 +62,9 @@ static struct { + { "brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", 512 }, + + { "secp256k1", "1.3.132.0.10", 256 }, ++#ifdef GPG_USE_SM2 ++ { "sm2p256v1", "1.2.156.10197.1.301", 256 }, ++#endif + + { NULL, NULL, 0} + }; +@@ -92,6 +95,10 @@ static const char oid_cv448 = { 0x03, 0x2b, 0x65, 0x6f }; + /* The OID for Ed448 in OpenPGP format. */ + static const char oid_ed448 = { 0x03, 0x2b, 0x65, 0x71 }; + ++#ifdef GPG_USE_SM2 ++/* The OID for SM2 in OpenPGP format. */ ++static const char oid_sm2 = { 0x08, 0x2a, 0x81, 0x1c, 0xcf, 0x55, 0x01, 0x82, 0x2d }; ++#endif + + /* A table to store keyalgo strings like "rsa2048 or "ed25519" so that + * we do not need to allocate them. This is currently a simple array +@@ -381,6 +388,15 @@ openpgp_oidbuf_is_cv448 (const void *buf, size_t len) + && !memcmp (buf, oid_cv448, DIM (oid_cv448))); + } + ++#ifdef GPG_USE_SM2 ++/* Return true if (BUF,LEN) represents the OID for SM2. */ ++static int ++openpgp_oidbuf_is_sm2 (const void *buf, size_t len) ++{ ++ return (buf && len == DIM (oid_sm2) ++ && !memcmp (buf, oid_sm2, DIM (oid_sm2))); ++} ++#endif + + /* Return true if the MPI A represents the OID for Curve25519. */ + int +@@ -426,6 +442,21 @@ openpgp_oid_is_cv448 (gcry_mpi_t a) + return openpgp_oidbuf_is_cv448 (buf, (nbits+7)/8); + } + ++#ifdef GPG_USE_SM2 ++/* Return true if the MPI A represents the OID for SM2. */ ++int ++openpgp_oid_is_sm2 (gcry_mpi_t a) ++{ ++ const unsigned char *buf; ++ unsigned int nbits; ++ ++ if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)) ++ return 0; ++ ++ buf = gcry_mpi_get_opaque (a, &nbits); ++ return openpgp_oidbuf_is_sm2 (buf, (nbits+7)/8); ++} ++#endif + + /* Map the Libgcrypt ECC curve NAME to an OID. If R_NBITS is not NULL + store the bit size of the curve there. Returns NULL for unknown +diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h +index 6257479..fd7e668 100644 +--- a/common/openpgpdefs.h ++++ b/common/openpgpdefs.h +@@ -184,6 +184,10 @@ typedef enum + DIGEST_ALGO_SHA384 = 9, + DIGEST_ALGO_SHA512 = 10, + DIGEST_ALGO_SHA224 = 11, ++#ifdef GPG_USE_SM2 ++ /* 100-110 Private or Experimental Use */ ++ DIGEST_ALGO_SM3 = 109, ++#endif + DIGEST_ALGO_PRIVATE10 = 110 + } + digest_algo_t; +diff --git a/common/sm2.c b/common/sm2.c +new file mode 100644 +index 0000000..2d34dbb +--- /dev/null ++++ b/common/sm2.c +@@ -0,0 +1,149 @@ ++/* openpgp-oids.c - OID helper for OpenPGP ++ * Copyright (C) 2024 Free Software Foundation, Inc. ++ * ++ * This file is part of GnuPG. ++ * ++ * This file is free software; you can redistribute it and/or modify ++ * it under the terms of either ++ * ++ * - the GNU Lesser General Public License as published by the Free ++ * Software Foundation; either version 3 of the License, or (at ++ * your option) any later version. ++ * ++ * or ++ * ++ * - the GNU General Public License as published by the Free ++ * Software Foundation; either version 2 of the License, or (at ++ * your option) any later version. ++ * ++ * or both in parallel, as here. ++ * ++ * This file is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ *
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="scm">git</param> <param name="url">git@gitee.com:src-openeuler/gnupg2.git</param> - <param name="revision">openEuler-24.03-LTS-Next</param> + <param name="revision">openEuler-24.03-LTS-SP1</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2