From 52ffa48f8db4fcc64d1b02241fec2ee5232bb6b4 Mon Sep 17 00:00:00 2001 From: Sun Yimin Date: Sun, 7 Apr 2024 13:22:28 +0800 Subject: [PATCH] try to support pkcs8 encrypted key with sm support --- src/cryptojs_sm3.js | 55 ++++++++++++++++++++++++--------------------- src/cryptojs_sm4.js | 3 +++ src/sm2.js | 42 ++++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+), 26 deletions(-) diff --git a/src/cryptojs_sm3.js b/src/cryptojs_sm3.js index 9ecde19..875325d 100644 --- a/src/cryptojs_sm3.js +++ b/src/cryptojs_sm3.js @@ -157,38 +157,41 @@ const SM3 = CAlgo.SM3 = Hasher.extend({ }) /** - * Shortcut function to the hasher's object interface. - * - * @param {WordArray|string} message The message to hash. - * - * @return {WordArray} The hash. - * - * @static - * - * @example - * - * var hash = CryptoJS.SM3('message'); - * var hash = CryptoJS.SM3(wordArray); - */ + * Shortcut function to the hasher's object interface. + * + * @param {WordArray|string} message The message to hash. + * + * @return {WordArray} The hash. + * + * @static + * + * @example + * + * var hash = CryptoJS.SM3('message'); + * var hash = CryptoJS.SM3(wordArray); + */ C.SM3 = Hasher._createHelper(SM3) /** - * Shortcut function to the HMAC's object interface. - * - * @param {WordArray|string} message The message to hash. - * @param {WordArray|string} key The secret key. - * - * @return {WordArray} The HMAC. - * - * @static - * - * @example - * - * var hmac = CryptoJS.HmacSM3(message, key); - */ + * Shortcut function to the HMAC's object interface. + * + * @param {WordArray|string} message The message to hash. + * @param {WordArray|string} key The secret key. + * + * @return {WordArray} The HMAC. + * + * @static + * + * @example + * + * var hmac = CryptoJS.HmacSM3(message, key); + */ C.HmacSM3 = Hasher._createHmacHelper(SM3) KJUR.crypto.Util.DEFAULTPROVIDER.sm3 = 'cryptojs' KJUR.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME.sm3 = SM3 +rs.asn1.x509.OID.name2oidList.sm3 = '1.2.156.10197.1.401.1' +rs.asn1.x509.OID.name2oidList.hmacWithSM3 = '1.2.156.10197.1.401.2' + module.exports = SM3 diff --git a/src/cryptojs_sm4.js b/src/cryptojs_sm4.js index c3ce8c2..4aa1ef6 100644 --- a/src/cryptojs_sm4.js +++ b/src/cryptojs_sm4.js @@ -328,10 +328,13 @@ KJUR.crypto.Cipher.decrypt = function (hex, keyObj, algName, param) { } else { throw new Error('unsupported algorithm: ' + algName) } + console.log(C.enc.Hex.stringify(wDec)) return C.enc.Hex.stringify(wDec) } else { throw new Error('Cipher.decrypt: unsupported key or algorithm') } } +rs.asn1.x509.OID.name2oidList['sm4-CBC'] = '1.2.156.10197.1.104.2' + module.exports = SM4 diff --git a/src/sm2.js b/src/sm2.js index eb044e5..bfdfb3c 100644 --- a/src/sm2.js +++ b/src/sm2.js @@ -706,6 +706,48 @@ function plainEncrypterOptions () { return new EncrypterOptions(CIPHERTEXT_ENCODING_PLAIN) } +const C = rs.CryptoJS +rs.KEYUTIL.getDKFromPBES2Param = function (pPBES2, passcode) { + const pHasher = { + hmacWithSHA1: C.algo.SHA1, + hmacWithSHA224: C.algo.SHA224, + hmacWithSHA256: C.algo.SHA256, + hmacWithSHA384: C.algo.SHA384, + hmacWithSHA512: C.algo.SHA512, + hmacWithSM3: C.algo.SM3 + } + const pKeySize = { + 'des-EDE3-CBC': 192 / 32, + 'aes128-CBC': 128 / 32, + 'aes256-CBC': 256 / 32, + 'sm4-CBC': 128 / 32 + } + + const hasher = pHasher[pPBES2.prf] + if (hasher === undefined) { throw new Error('unsupported prf') } + + const keysize = pKeySize[pPBES2.encalg] + if (keysize === undefined) { throw new Error('unsupported encalg') } + + const wSalt = C.enc.Hex.parse(pPBES2.salt) + const iter = pPBES2.iter + try { + const wKey = C.PBKDF2(passcode, + wSalt, + { + keySize: keysize, + iterations: iter, + hasher + }) + const keyHex = C.enc.Hex.stringify(wKey) + console.log(pPBES2) + console.log(keyHex) + return keyHex + } catch (ex) { + throw new Error('PBKDF2 error: ' + ex + ' ' + JSON.stringify(pPBES2) + ' ' + passcode) + } +} + module.exports = { Signature, createSM2Signature,