Skip to content

Support Public Key Algorithms in Crypto Module #80

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

Support Public Key Algorithms in Crypto Module #80

wants to merge 19 commits into from

Conversation

@InfoHunter
Copy link
Member

@InfoHunter InfoHunter commented Oct 31, 2024

Algorithms may vary for different crypto adaptor:

  1. OpenSSL: RSA, ECDSA, EdDSA
  2. Tongsuo: RSA, ECDSA, EdDSA, SM2

@InfoHunter
Copy link
Member Author

InfoHunter commented Oct 31, 2024

Tongsuo will fail for sure since its adaptor is not implemented yet

@InfoHunter InfoHunter closed this Nov 1, 2024
@InfoHunter InfoHunter reopened this Nov 1, 2024
@InfoHunter InfoHunter changed the title WIP: Support Public Key Algorithms in Crypto Module Support Public Key Algorithms in Crypto Module Mar 3, 2025
wa5i
wa5i requested changes Mar 3, 2025
View reviewed changes
src/modules/crypto/crypto_adaptors/openssl_adaptor.rs Outdated
prime: Option<u8>,
size: Option<RSAKeySize>,
) -> Result<Self, RvError> {
return Ok(
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cargo clippy

src/modules/crypto/crypto_adaptors/openssl_adaptor.rs
let mut ctx = match PkeyCtx::new(&key) {
Ok(ctx) => ctx,
Err(_e) => return Err(RvError::ErrCryptoPKeyInternalError),
};
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let mut ctx = PkeyCtx::new(&key).map_err(|_| RvError::ErrCryptoPKeyInternalError)?;

src/modules/crypto/crypto_adaptors/openssl_adaptor.rs
let rsa = match Rsa::generate(bits) {
Ok(r) => r,
Err(_e) => return Err(RvError::ErrCryptoPKeyRSAKeyGenFailed),
};
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let rsa = Rsa::generate(bits).map_err(|_| RvError::ErrCryptoPKeyRSAKeyGenFailed)?;

src/modules/crypto/crypto_adaptors/openssl_adaptor.rs
let pkey = match PKey::from_rsa(rsa) {
Ok(r) => r,
Err(_e) => return Err(RvError::ErrCryptoPKeyRSAKeyGenFailed),
};
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let pkey = PKey::from_rsa(rsa).map_err(|_| RvError::ErrCryptoPKeyRSAKeyGenFailed)?;

src/modules/crypto/crypto_adaptors/tongsuo_adaptor.rs
match ctx.verify_init() {
Ok(_ret) => {},
Err(_e) => return Err(RvError::ErrCryptoPKeyVerifyInitFailed),
}
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as above

src/modules/crypto/crypto_adaptors/tongsuo_adaptor.rs
let valid = match ctx.verify(data, sig) {
Ok(ret) => ret,
Err(_e) => return Err(RvError::ErrCryptoPKeyVerifyFailed),
};
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as above

src/modules/crypto/mod.rs
#[cfg(feature = "crypto_adaptor_tongsuo")]
#[test]
fn test_sm2_keygen() {
assert_eq!(1, 1);
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Copy link
Member Author

@InfoHunter InfoHunter Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SM2 is not to be supported in this PR. rust-tongsuo should support SM2 first.

src/modules/crypto/mod.rs
#[cfg(feature = "crypto_adaptor_tongsuo")]
#[test]
fn test_sm2_sign_decrypt() {
assert_eq!(1, 1);
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

src/modules/crypto/mod.rs
#[cfg(feature = "crypto_adaptor_tongsuo")]
#[test]
fn test_sm2_encrypt_decrypt() {
assert_eq!(1, 1);
Copy link
Collaborator

@wa5i wa5i Mar 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

Copy link
Member Author

@InfoHunter InfoHunter Apr 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This not implemented in the underlying rust-tongsuo crate, so it's not implemented yet.

@CLAassistant
Copy link

CLAassistant commented Sep 10, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

Paul Yang seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wa5i wa5i wa5i requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@InfoHunter @CLAassistant @wa5i