try to support pkcs8 encrypted key with sm support

emmansun · Apr 7, 2024 · 52ffa48 · 52ffa48
1 parent 7313087
commit 52ffa48
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 26 deletions.
diff --git a/src/cryptojs_sm3.js b/src/cryptojs_sm3.js
@@ -157,38 +157,41 @@ const SM3 = CAlgo.SM3 = Hasher.extend({
 })
 
 /**
-     * Shortcut function to the hasher's object interface.
-     *
-     * @param {WordArray|string} message The message to hash.
-     *
-     * @return {WordArray} The hash.
-     *
-     * @static
-     *
-     * @example
-     *
-     *     var hash = CryptoJS.SM3('message');
-     *     var hash = CryptoJS.SM3(wordArray);
-     */
+ * Shortcut function to the hasher's object interface.
+ *
+ * @param {WordArray|string} message The message to hash.
+ *
+ * @return {WordArray} The hash.
+ *
+ * @static
+ *
+ * @example
+ *
+ *     var hash = CryptoJS.SM3('message');
+ *     var hash = CryptoJS.SM3(wordArray);
+ */
 C.SM3 = Hasher._createHelper(SM3)
 
 /**
-     * Shortcut function to the HMAC's object interface.
-     *
-     * @param {WordArray|string} message The message to hash.
-     * @param {WordArray|string} key The secret key.
-     *
-     * @return {WordArray} The HMAC.
-     *
-     * @static
-     *
-     * @example
-     *
-     *     var hmac = CryptoJS.HmacSM3(message, key);
-     */
+ * Shortcut function to the HMAC's object interface.
+ *
+ * @param {WordArray|string} message The message to hash.
+ * @param {WordArray|string} key The secret key.
+ *
+ * @return {WordArray} The HMAC.
+ *
+ * @static
+ *
+ * @example
+ *
+ *     var hmac = CryptoJS.HmacSM3(message, key);
+ */
 C.HmacSM3 = Hasher._createHmacHelper(SM3)
 
 KJUR.crypto.Util.DEFAULTPROVIDER.sm3 = 'cryptojs'
 KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME.sm3 = SM3
 
+rs.asn1.x509.OID.name2oidList.sm3 = '1.2.156.10197.1.401.1'
+rs.asn1.x509.OID.name2oidList.hmacWithSM3 = '1.2.156.10197.1.401.2'
+
 module.exports = SM3
diff --git a/src/cryptojs_sm4.js b/src/cryptojs_sm4.js
@@ -328,10 +328,13 @@ KJUR.crypto.Cipher.decrypt = function (hex, keyObj, algName, param) {
     } else {
       throw new Error('unsupported algorithm: ' + algName)
     }
+    console.log(C.enc.Hex.stringify(wDec))
     return C.enc.Hex.stringify(wDec)
   } else {
     throw new Error('Cipher.decrypt: unsupported key or algorithm')
   }
 }
 
+rs.asn1.x509.OID.name2oidList['sm4-CBC'] = '1.2.156.10197.1.104.2'
+
 module.exports = SM4
diff --git a/src/sm2.js b/src/sm2.js
@@ -706,6 +706,48 @@ function plainEncrypterOptions () {
   return new EncrypterOptions(CIPHERTEXT_ENCODING_PLAIN)
 }
 
+const C = rs.CryptoJS
+rs.KEYUTIL.getDKFromPBES2Param = function (pPBES2, passcode) {
+  const pHasher = {
+    hmacWithSHA1: C.algo.SHA1,
+    hmacWithSHA224: C.algo.SHA224,
+    hmacWithSHA256: C.algo.SHA256,
+    hmacWithSHA384: C.algo.SHA384,
+    hmacWithSHA512: C.algo.SHA512,
+    hmacWithSM3: C.algo.SM3
+  }
+  const pKeySize = {
+    'des-EDE3-CBC': 192 / 32,
+    'aes128-CBC': 128 / 32,
+    'aes256-CBC': 256 / 32,
+    'sm4-CBC': 128 / 32
+  }
+
+  const hasher = pHasher[pPBES2.prf]
+  if (hasher === undefined) { throw new Error('unsupported prf') }
+
+  const keysize = pKeySize[pPBES2.encalg]
+  if (keysize === undefined) { throw new Error('unsupported encalg') }
+
+  const wSalt = C.enc.Hex.parse(pPBES2.salt)
+  const iter = pPBES2.iter
+  try {
+    const wKey = C.PBKDF2(passcode,
+      wSalt,
+      {
+        keySize: keysize,
+        iterations: iter,
+        hasher
+      })
+    const keyHex = C.enc.Hex.stringify(wKey)
+    console.log(pPBES2)
+    console.log(keyHex)
+    return keyHex
+  } catch (ex) {
+    throw new Error('PBKDF2 error: ' + ex + ' ' + JSON.stringify(pPBES2) + ' ' + passcode)
+  }
+}
+
 module.exports = {
   Signature,
   createSM2Signature,