repo-sync-2024-09-13T11:38:05+0800 (#381)

Jamie-Cui · Sep 13, 2024 · e9883e9 · e9883e9
1 parent 15ad722
commit e9883e9
Show file tree

Hide file tree

Showing 27 changed files with 714 additions and 426 deletions.
diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
@@ -172,11 +172,11 @@ def _com_github_openssl_openssl():
     maybe(
         http_archive,
         name = "com_github_openssl_openssl",
-        sha256 = "9a7a7355f3d4b73f43b5730ce80371f9d1f97844ffc8c4b01c723ba0625d6aad",
+        sha256 = "bedbb16955555f99b1a7b1ba90fc97879eb41025081be359ecd6a9fcbdf1c8d2",
         type = "tar.gz",
-        strip_prefix = "openssl-openssl-3.0.12",
+        strip_prefix = "openssl-openssl-3.3.2",
         urls = [
-            "https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.12.tar.gz",
+            "https://github.com/openssl/openssl/archive/refs/tags/openssl-3.3.2.tar.gz",
         ],
         build_file = "@yacl//bazel:openssl.BUILD",
     )

diff --git a/yacl/crypto/BUILD.bazel b/yacl/crypto/BUILD.bazel
@@ -50,7 +50,7 @@ yacl_cc_test(
     srcs = ["key_utils_test.cc"],
     deps = [
         ":key_utils",
-        "//yacl/crypto/pke:asymmetric_rsa_crypto",  # for test
+        "//yacl/crypto/pke:rsa_enc",  # for test
         "//yacl/crypto/sign:rsa_signing",  # for test
     ],
 )
diff --git a/yacl/crypto/ecc/openssl/openssl_group.cc b/yacl/crypto/ecc/openssl/openssl_group.cc
@@ -121,7 +121,7 @@ void OpensslGroup::DoubleInplace(EcPoint *p) const {
 
 EcPoint OpensslGroup::MulBase(const MPInt &scalar) const {
   auto res = MakeOpensslPoint();
-  auto s = Mp2Bn(scalar);
+  auto s = Mp2Bn(scalar.Mod(order_)); /* it's a must for sm2 */
   // EC_POINT_mul has random memory leaks, be careful.
   // See UT for demo code.
   // We tested openssl 3.1.0, it still leaks.
@@ -147,8 +147,8 @@ void OpensslGroup::MulInplace(EcPoint *point, const MPInt &scalar) const {
 EcPoint OpensslGroup::MulDoubleBase(const MPInt &s1, const MPInt &s2,
                                     const EcPoint &p2) const {
   auto res = MakeOpensslPoint();
-  auto bn1 = Mp2Bn(s1);
-  auto bn2 = Mp2Bn(s2);
+  auto bn1 = Mp2Bn(s1.Mod(order_)); /* it's a must for sm2 */
+  auto bn2 = Mp2Bn(s2.Mod(order_)); /* it's a must for sm2 */
   OSSL_RET_1(EC_POINT_mul(group_.get(), CastAny<EC_POINT>(res), bn1.get(),
                           CastAny<EC_POINT>(p2), bn2.get(), ctx_.get()));
   return res;
@@ -331,8 +331,7 @@ EcPoint OpensslGroup::HashToCurve(HashToCurveStrategy strategy,
     // hash value to BN
     YACL_ENFORCE(BN_bin2bn(buf.data(), buf.size(), bn.get()) != nullptr,
                  "Convert hash value to bignumber fail");
-    OSSL_RET_1(BN_nnmod(bn.get(), bn.get(), field_p_.get(), ctx_.get()),
-               "hash-to-curve: bn mod p fail");
+    OSSL_RET_1(BN_nnmod(bn.get(), bn.get(), field_p_.get(), ctx_.get()));
 
     // check BN on the curve
     int ret = EC_POINT_set_compressed_coordinates(

diff --git a/yacl/crypto/envelope/BUILD.bazel b/yacl/crypto/envelope/BUILD.bazel
@@ -26,8 +26,8 @@ yacl_cc_library(
         "//yacl/crypto/block_cipher:symmetric_crypto",
         "//yacl/crypto/hash:ssl_hash",
         "//yacl/crypto/hmac:hmac_sm3",
-        "//yacl/crypto/pke:asymmetric_rsa_crypto",
-        "//yacl/crypto/pke:asymmetric_sm2_crypto",
+        "//yacl/crypto/pke:rsa_enc",
+        "//yacl/crypto/pke:sm2_enc",
         "//yacl/crypto/rand",
         "@com_google_absl//absl/strings",
         "@com_google_absl//absl/types:span",

diff --git a/yacl/crypto/envelope/digital_envelope.h b/yacl/crypto/envelope/digital_envelope.h
@@ -24,8 +24,8 @@
 #include "yacl/crypto/block_cipher/symmetric_crypto.h"
 #include "yacl/crypto/hash/ssl_hash.h"
 #include "yacl/crypto/hmac/hmac_sm3.h"
-#include "yacl/crypto/pke/asymmetric_rsa_crypto.h"
-#include "yacl/crypto/pke/asymmetric_sm2_crypto.h"
+#include "yacl/crypto/pke/rsa_enc.h"
+#include "yacl/crypto/pke/sm2_enc.h"
 #include "yacl/crypto/rand/rand.h"
 
 namespace yacl::crypto {

diff --git a/yacl/crypto/hash/ssl_hash.cc b/yacl/crypto/hash/ssl_hash.cc
@@ -37,7 +37,7 @@ SslHash& SslHash::Reset() {
   int res = 0;
   const auto md = openssl::FetchEvpMd(ToString(hash_algo_));
   res = EVP_DigestInit_ex(context_.get(), md.get(), nullptr);
-  OSSL_RET_1(res, "EVP_DigestInit_ex failed.");
+  OSSL_RET_1(res);
 
   return *this;
 }

diff --git a/yacl/crypto/key_utils.cc b/yacl/crypto/key_utils.cc
@@ -104,6 +104,11 @@ openssl::UniquePkey GenSm2KeyPair() {
   YACL_ENFORCE(ctx != nullptr);
   OSSL_RET_1(EVP_PKEY_keygen_init(ctx.get()));
 
+  // in openssl version > 3.0, you should set algorithm object id explicitly
+  // constexpr std::string_view kDefaultSm2Id = {"1234567812345678"};
+  // EVP_PKEY_CTX_set1_id(ctx.get(), kDefaultSm2Id.data(),
+  // kDefaultSm2Id.size());
+
   // generate keys
   OSSL_RET_1(EVP_PKEY_keygen(ctx.get(), &pkey));
   return openssl::UniquePkey(pkey);
@@ -146,8 +151,9 @@ openssl::UniquePkey LoadKeyFromBuf(ByteContainerView buf) {
       /* OSSL_LIB_CTX */ nullptr, /* probquery */ nullptr));
 
   YACL_ENFORCE(decoder != nullptr, "no decoder found");
-  OSSL_RET_1(OSSL_DECODER_from_bio(decoder.get(), bio.get()));
 
+  OSSL_RET_1(OSSL_DECODER_from_bio(decoder.get(), bio.get()));
+  // OSSL_RET_1(OSSL_DECODER_from_bio(decoder.get(), bio.get()));
   return openssl::UniquePkey(pkey);
 }
 
@@ -163,9 +169,8 @@ openssl::UniquePkey LoadKeyFromFile(const std::string& file_path) {
 Buffer ExportPublicKeyToPemBuf(
     /* public key */ const openssl::UniquePkey& pkey) {
   openssl::UniqueBio bio(BIO_new(BIO_s_mem()));  // create an empty bio
-  // export certificate to bio
-  OSSL_RET_1(PEM_write_bio_PUBKEY(bio.get(), pkey.get()),
-             "Failed PEM_export_bio_PUBKEY.");
+  // export public key to bio
+  OSSL_RET_1(PEM_write_bio_PUBKEY(bio.get(), pkey.get()));
   return BioToBuf(bio);
 }
 
@@ -180,10 +185,10 @@ Buffer ExportSecretKeyToPemBuf(
     /* secret key */ const openssl::UniquePkey& pkey) {
   openssl::UniqueBio bio(BIO_new(BIO_s_mem()));  // create an empty bio
 
-  // export certificate to bio
-  OSSL_RET_1(PEM_write_bio_PrivateKey(bio.get(), pkey.get(), nullptr, nullptr,
-                                      0, nullptr, nullptr),
-             "Failed PEM_export_bio_PrivateKey.");
+  // export secret key to bio using PKCS#8 private key format, equivalent to
+  // PEM_write_bio_PKCS8PrivateKey()
+  OSSL_RET_1(PEM_write_bio_PKCS8PrivateKey(bio.get(), pkey.get(), nullptr,
+                                           nullptr, 0, nullptr, nullptr));
   return BioToBuf(bio);
 }
 
@@ -293,10 +298,8 @@ openssl::UniqueX509 MakeX509Cert(
     auto it = subjects.find(std::string(field));
     YACL_ENFORCE(it != subjects.end(), "Cannot find subject field {}.", field);
     OSSL_RET_1(X509_NAME_add_entry_by_txt(
-                   name, it->first.c_str(), MBSTRING_ASC,
-                   reinterpret_cast<const unsigned char*>(it->second.c_str()),
-                   -1, -1, 0),
-               "Set x509 name failed.");
+        name, it->first.c_str(), MBSTRING_ASC,
+        reinterpret_cast<const unsigned char*>(it->second.c_str()), -1, -1, 0));
   }
 
   /* issuer = subject since this cert is self-signed */

diff --git a/yacl/crypto/key_utils.h b/yacl/crypto/key_utils.h
@@ -27,6 +27,11 @@ namespace yacl::crypto {
 // Key Pair Generation
 // -------------------
 
+// NOTE In OpenSSL an EVP_PKEY structure containing a private key also contains
+// the public key components and parameters (if any). An OpenSSL private key is
+// equivalent to what some libraries call a "key pair". A private key can be
+// used in functions which require the use of a public key or parameters.
+
 // Generate RSA secret key and public key pair, the resulting key pair is stored
 // in a single UniquePkey object
 [[nodiscard]] openssl::UniquePkey GenRsaKeyPair(unsigned rsa_keylen = 2048);
@@ -49,11 +54,26 @@ namespace yacl::crypto {
 // -------------------
 
 // Load any (format/type/structure) key from buffer, and return a UniquePkey
-// object
+// object,
+//
+// NOTE it's okay to load only the secret-key part to the OpenSSL Pkey
+// structure, but some crypto algorithms (such as SM2) require to load both
+// secret key and public key to the pkey structure, in that case, you should
+// call LoadKeyFromBufs(buf1, buf2) instead.
 [[nodiscard]] openssl::UniquePkey LoadKeyFromBuf(ByteContainerView buf);
 
+// Load any (format/type/structure) key from buffer, and return a UniquePkey
+// object
+[[nodiscard]] openssl::UniquePkey LoadKeyFromBufs(ByteContainerView sk_buf,
+                                                  ByteContainerView pk_buf);
+
 // load any (format/type/structure) key from file, and return a UniquePkey
 // object
+//
+// NOTE it's okay to load only the secret-key part to the OpenSSL Pkey
+// structure, but some crypto algorithms (such as SM2) require to load both
+// secret key and public key to the pkey structure, in that case, you should
+// call LoadKeyFromFiles(path1, path2) instead.
 [[nodiscard]] openssl::UniquePkey LoadKeyFromFile(const std::string& file_path);
 
 // ------------------
@@ -65,6 +85,11 @@ namespace yacl::crypto {
   return LoadKeyFromBuf(buf);
 }
 
+[[nodiscard]] inline openssl::UniquePkey LoadPemKeys(ByteContainerView sk_buf,
+                                                     ByteContainerView pk_buf) {
+  return LoadKeyFromBufs(sk_buf, pk_buf);
+}
+
 // Function alias: load pem key from file
 [[nodiscard]] inline openssl::UniquePkey LoadPemKeyFromFile(
     const std::string& file_path) {
@@ -98,6 +123,11 @@ void ExportSecretKeyToPemBuf(
   return LoadKeyFromBuf(buf);
 }
 
+[[nodiscard]] inline openssl::UniquePkey LoadDerKeys(ByteContainerView sk_buf,
+                                                     ByteContainerView pk_buf) {
+  return LoadKeyFromBufs(sk_buf, pk_buf);
+}
+
 // Function alias: load der key from file
 [[nodiscard]] inline openssl::UniquePkey LoadDerKeyFromFile(
     const std::string& file_path) {

diff --git a/yacl/crypto/key_utils_test.cc b/yacl/crypto/key_utils_test.cc
@@ -16,7 +16,7 @@
 
 #include "gtest/gtest.h"
 
-#include "yacl/crypto/pke/asymmetric_rsa_crypto.h"
+#include "yacl/crypto/pke/rsa_enc.h"
 #include "yacl/crypto/sign/rsa_signing.h"
 
 namespace yacl::crypto {

diff --git a/yacl/crypto/openssl_wrappers.h b/yacl/crypto/openssl_wrappers.h
@@ -30,6 +30,7 @@
 #include "openssl/pem.h"
 #include "openssl/provider.h"
 #include "openssl/x509v3.h"
+#include "spdlog/spdlog.h"
 
 #include "yacl/base/byte_container_view.h"
 #include "yacl/utils/scope_guard.h"
@@ -125,6 +126,7 @@ inline std::string GetOSSLErr() {
 // Helpers for OpenSSL return values
 // ---------------------------------
 /* enforce return code == 1 */
-#define OSSL_RET_1(MP_ERR, ...) YACL_ENFORCE_EQ((MP_ERR), 1, __VA_ARGS__)
+#define OSSL_RET_1(MP_ERR) \
+  YACL_ENFORCE_EQ((MP_ERR), 1, ::yacl::crypto::openssl::GetOSSLErr())
 
 }  // namespace yacl::crypto::openssl
diff --git a/yacl/crypto/pke/BUILD.bazel b/yacl/crypto/pke/BUILD.bazel
@@ -17,49 +17,49 @@ load("//bazel:yacl.bzl", "yacl_cc_library", "yacl_cc_test")
 package(default_visibility = ["//visibility:public"])
 
 yacl_cc_library(
-    name = "asymmetric_crypto",
-    hdrs = ["asymmetric_crypto.h"],
+    name = "pke_interface",
+    hdrs = ["pke_interface.h"],
     deps = [
         "//yacl/base:byte_container_view",
     ],
 )
 
 yacl_cc_library(
-    name = "asymmetric_sm2_crypto",
-    srcs = ["asymmetric_sm2_crypto.cc"],
-    hdrs = ["asymmetric_sm2_crypto.h"],
+    name = "sm2_enc",
+    srcs = ["sm2_enc.cc"],
+    hdrs = ["sm2_enc.h"],
     deps = [
-        ":asymmetric_crypto",
+        ":pke_interface",
         "//yacl:secparam",
         "//yacl/base:exception",
         "//yacl/crypto:key_utils",
     ],
 )
 
 yacl_cc_test(
-    name = "asymmetric_sm2_crypto_test",
-    srcs = ["asymmetric_sm2_crypto_test.cc"],
+    name = "sm2_enc_test",
+    srcs = ["sm2_enc_test.cc"],
     deps = [
-        ":asymmetric_sm2_crypto",
+        ":sm2_enc",
     ],
 )
 
 yacl_cc_library(
-    name = "asymmetric_rsa_crypto",
-    srcs = ["asymmetric_rsa_crypto.cc"],
-    hdrs = ["asymmetric_rsa_crypto.h"],
+    name = "rsa_enc",
+    srcs = ["rsa_enc.cc"],
+    hdrs = ["rsa_enc.h"],
     deps = [
-        ":asymmetric_crypto",
+        ":pke_interface",
         "//yacl:secparam",
         "//yacl/base:exception",
         "//yacl/crypto:key_utils",
     ],
 )
 
 yacl_cc_test(
-    name = "asymmetric_rsa_crypto_test",
-    srcs = ["asymmetric_rsa_crypto_test.cc"],
+    name = "rsa_enc_test",
+    srcs = ["rsa_enc_test.cc"],
     deps = [
-        ":asymmetric_rsa_crypto",
+        ":rsa_enc",
     ],
 )
diff --git a/yacl/crypto/pke/asymmetric_crypto.h → yacl/crypto/pke/pke_interface.h b/yacl/crypto/pke/asymmetric_crypto.h → yacl/crypto/pke/pke_interface.h
@@ -20,19 +20,19 @@
 
 namespace yacl::crypto {
 
-enum class AsymCryptoSchema { UNKNOWN, RSA2048_OAEP, RSA3072_OAEP, SM2 };
+enum class PkeScheme { UNKNOWN, RSA2048_OAEP, RSA3072_OAEP, SM2 };
 
-class AsymmetricEncryptor {
+class PkeEncryptor {
  public:
-  virtual ~AsymmetricEncryptor() = default;
-  virtual AsymCryptoSchema GetSchema() const = 0;
+  virtual ~PkeEncryptor() = default;
+  virtual PkeScheme GetScheme() const = 0;
   virtual std::vector<uint8_t> Encrypt(ByteContainerView plaintext) = 0;
 };
 
-class AsymmetricDecryptor {
+class PkeDecryptor {
  public:
-  virtual ~AsymmetricDecryptor() = default;
-  virtual AsymCryptoSchema GetSchema() const = 0;
+  virtual ~PkeDecryptor() = default;
+  virtual PkeScheme GetScheme() const = 0;
   virtual std::vector<uint8_t> Decrypt(ByteContainerView ciphertext) = 0;
 };
 

diff --git a/yacl/crypto/pke/asymmetric_rsa_crypto.cc → yacl/crypto/pke/rsa_enc.cc b/yacl/crypto/pke/asymmetric_rsa_crypto.cc → yacl/crypto/pke/rsa_enc.cc
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-#include "yacl/crypto/pke/asymmetric_rsa_crypto.h"
+#include "yacl/crypto/pke/rsa_enc.h"
 
 #include <vector>
 

diff --git a/yacl/crypto/pke/asymmetric_rsa_crypto.h → yacl/crypto/pke/rsa_enc.h b/yacl/crypto/pke/asymmetric_rsa_crypto.h → yacl/crypto/pke/rsa_enc.h
@@ -19,7 +19,7 @@
 #include <vector>
 
 #include "yacl/crypto/key_utils.h"
-#include "yacl/crypto/pke/asymmetric_crypto.h"
+#include "yacl/crypto/pke/pke_interface.h"
 #include "yacl/secparam.h"
 
 /* security parameter declaration */
@@ -28,32 +28,32 @@ YACL_MODULE_DECLARE("rsa_enc", SecParam::C::k128, SecParam::S::INF);
 namespace yacl::crypto {
 
 // RSA with OAEP
-class RsaEncryptor : public AsymmetricEncryptor {
+class RsaEncryptor : public PkeEncryptor {
  public:
   explicit RsaEncryptor(openssl::UniquePkey&& pk) : pk_(std::move(pk)) {}
   explicit RsaEncryptor(/* pem key */ ByteContainerView pk_buf)
       : pk_(LoadKeyFromBuf(pk_buf)) {}
 
-  AsymCryptoSchema GetSchema() const override { return schema_; }
+  PkeScheme GetScheme() const override { return scheme_; }
   std::vector<uint8_t> Encrypt(ByteContainerView plaintext) override;
 
  private:
   const openssl::UniquePkey pk_;
-  const AsymCryptoSchema schema_ = AsymCryptoSchema::RSA2048_OAEP;
+  const PkeScheme scheme_ = PkeScheme::RSA2048_OAEP;
 };
 
-class RsaDecryptor : public AsymmetricDecryptor {
+class RsaDecryptor : public PkeDecryptor {
  public:
   explicit RsaDecryptor(openssl::UniquePkey&& sk) : sk_(std::move(sk)) {}
   explicit RsaDecryptor(/* pem key */ ByteContainerView sk_buf)
       : sk_(LoadKeyFromBuf(sk_buf)) {}
 
-  AsymCryptoSchema GetSchema() const override { return schema_; }
+  PkeScheme GetScheme() const override { return scheme_; }
   std::vector<uint8_t> Decrypt(ByteContainerView ciphertext) override;
 
  private:
   const openssl::UniquePkey sk_;
-  const AsymCryptoSchema schema_ = AsymCryptoSchema::RSA2048_OAEP;
+  const PkeScheme scheme_ = PkeScheme::RSA2048_OAEP;
 };
 
 }  // namespace yacl::crypto