From 2b19386ae79141377f0b3026a5705884da397b92 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Tue, 22 May 2018 23:49:45 -0400 Subject: Add OIDS for Camellia and SM4 in GCM and CBC modes Making them usable for private key encryption --- src/build-data/oids.txt | 18 +++++++++++++++--- src/lib/asn1/oid_maps.cpp | 18 +++++++++++++++++- src/lib/pubkey/pbes2/pbes2.cpp | 8 ++++++-- src/scripts/oids.py | 2 +- 4 files changed, 39 insertions(+), 7 deletions(-) diff --git a/src/build-data/oids.txt b/src/build-data/oids.txt index 314e4e44f..45fb80d58 100644 --- a/src/build-data/oids.txt +++ b/src/build-data/oids.txt @@ -46,9 +46,7 @@ 2.16.840.1.101.3.4.1.22 = AES-192/CBC 2.16.840.1.101.3.4.1.42 = AES-256/CBC 1.2.410.200004.1.4 = SEED/CBC -1.3.6.1.4.1.25258.3.1 = Serpent/CBC -1.3.6.1.4.1.25258.3.2 = Threefish-512/CBC -1.3.6.1.4.1.25258.3.3 = Twofish/CBC +1.2.156.10197.1.104.2 = SM4/CBC 2.16.840.1.101.3.4.1.6 = AES-128/GCM 2.16.840.1.101.3.4.1.26 = AES-192/GCM @@ -58,6 +56,20 @@ 2.16.840.1.101.3.4.1.27 = AES-192/CCM 2.16.840.1.101.3.4.1.47 = AES-256/CCM +1.2.392.200011.61.1.1.1.2 = Camellia-128/CBC +1.2.392.200011.61.1.1.1.3 = Camellia-192/CBC +1.2.392.200011.61.1.1.1.4 = Camellia-256/CBC + +0.3.4401.5.3.1.9.6 = Camellia-128/GCM +0.3.4401.5.3.1.9.26 = Camellia-192/GCM +0.3.4401.5.3.1.9.46 = Camellia-256/GCM + +1.2.156.10197.1.104.8 = SM4/GCM + +1.3.6.1.4.1.25258.3.1 = Serpent/CBC +1.3.6.1.4.1.25258.3.2 = Threefish-512/CBC +1.3.6.1.4.1.25258.3.3 = Twofish/CBC + 1.3.6.1.4.1.25258.3.101 = Serpent/GCM 1.3.6.1.4.1.25258.3.102 = Twofish/GCM diff --git a/src/lib/asn1/oid_maps.cpp b/src/lib/asn1/oid_maps.cpp index 7ba7dda70..6cc105b47 100644 --- a/src/lib/asn1/oid_maps.cpp +++ b/src/lib/asn1/oid_maps.cpp @@ -1,7 +1,7 @@ /* * OID maps * -* This file was automatically generated by ./src/scripts/oids.py on 2018-05-16 +* This file was automatically generated by ./src/scripts/oids.py on 2018-05-22 * * All manual edits to this file will be lost. Edit the script * then regenerate this source file. @@ -17,7 +17,12 @@ namespace Botan { std::unordered_map OIDS::load_oid2str_map() { return std::unordered_map{ + { "0.3.4401.5.3.1.9.26", "Camellia-192/GCM" }, + { "0.3.4401.5.3.1.9.46", "Camellia-256/GCM" }, + { "0.3.4401.5.3.1.9.6", "Camellia-128/GCM" }, { "1.0.14888.3.0.5", "ECKCDSA" }, + { "1.2.156.10197.1.104.2", "SM4/CBC" }, + { "1.2.156.10197.1.104.8", "SM4/GCM" }, { "1.2.156.10197.1.301", "sm2p256v1" }, { "1.2.156.10197.1.301.1", "SM2_Sig" }, { "1.2.156.10197.1.301.2", "SM2_Kex" }, @@ -25,6 +30,9 @@ std::unordered_map OIDS::load_oid2str_map() { "1.2.156.10197.1.401", "SM3" }, { "1.2.156.10197.1.504", "RSA/EMSA3(SM3)" }, { "1.2.250.1.223.101.256.1", "frp256v1" }, + { "1.2.392.200011.61.1.1.1.2", "Camellia-128/CBC" }, + { "1.2.392.200011.61.1.1.1.3", "Camellia-192/CBC" }, + { "1.2.392.200011.61.1.1.1.4", "Camellia-256/CBC" }, { "1.2.410.200004.1.100.4.3", "ECKCDSA/EMSA1(SHA-1)" }, { "1.2.410.200004.1.100.4.4", "ECKCDSA/EMSA1(SHA-224)" }, { "1.2.410.200004.1.100.4.5", "ECKCDSA/EMSA1(SHA-256)" }, @@ -237,6 +245,12 @@ std::unordered_map OIDS::load_str2oid_map() { "AES-256/GCM", OID({2,16,840,1,101,3,4,1,46}) }, { "AES-256/OCB", OID({1,3,6,1,4,1,25258,3,2,3}) }, { "CAST-128/CBC", OID({1,2,840,113533,7,66,10}) }, + { "Camellia-128/CBC", OID({1,2,392,200011,61,1,1,1,2}) }, + { "Camellia-128/GCM", OID({0,3,4401,5,3,1,9,6}) }, + { "Camellia-192/CBC", OID({1,2,392,200011,61,1,1,1,3}) }, + { "Camellia-192/GCM", OID({0,3,4401,5,3,1,9,26}) }, + { "Camellia-256/CBC", OID({1,2,392,200011,61,1,1,1,4}) }, + { "Camellia-256/GCM", OID({0,3,4401,5,3,1,9,46}) }, { "Compression.Zlib", OID({1,2,840,113549,1,9,16,3,8}) }, { "Curve25519", OID({1,3,101,110}) }, { "DES/CBC", OID({1,3,14,3,2,7}) }, @@ -352,6 +366,8 @@ std::unordered_map OIDS::load_str2oid_map() { "SM2_Kex", OID({1,2,156,10197,1,301,2}) }, { "SM2_Sig", OID({1,2,156,10197,1,301,1}) }, { "SM3", OID({1,2,156,10197,1,401}) }, + { "SM4/CBC", OID({1,2,156,10197,1,104,2}) }, + { "SM4/GCM", OID({1,2,156,10197,1,104,8}) }, { "Scrypt", OID({1,3,6,1,4,1,11591,4,11}) }, { "Serpent/CBC", OID({1,3,6,1,4,1,25258,3,1}) }, { "Serpent/GCM", OID({1,3,6,1,4,1,25258,3,101}) }, diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp index 384fb1e6a..cfac722d7 100644 --- a/src/lib/pubkey/pbes2/pbes2.cpp +++ b/src/lib/pubkey/pbes2/pbes2.cpp @@ -179,10 +179,14 @@ pbes2_encrypt_shared(const secure_vector& key_bits, { const std::vector cipher_spec = split_on(cipher, '/'); if(cipher_spec.size() != 2) - throw Decoding_Error("PBE-PKCS5 v2.0: Invalid cipher spec " + cipher); + throw Encoding_Error("PBE-PKCS5 v2.0: Invalid cipher spec " + cipher); if(cipher_spec[1] != "CBC" && cipher_spec[1] != "GCM") - throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher); + throw Encoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher); + + const OID cipher_oid = OIDS::lookup(cipher); + if(cipher_oid.empty()) + throw Encoding_Error("PBE-PKCS5 v2.0: No OID assigned for " + cipher); std::unique_ptr enc = Cipher_Mode::create(cipher, ENCRYPTION); diff --git a/src/scripts/oids.py b/src/scripts/oids.py index 8b9d8ba3e..5de224f79 100755 --- a/src/scripts/oids.py +++ b/src/scripts/oids.py @@ -262,7 +262,7 @@ def main(args = None): oid_lines = open('./src/build-data/oids.txt').readlines() - oid_re = re.compile("^([1-9][0-9.]+) = ([A-Za-z0-9_\./\(\), -]+)(?: = )?([0-9]+)?$") + oid_re = re.compile("^([0-9][0-9.]+) = ([A-Za-z0-9_\./\(\), -]+)(?: = )?([0-9]+)?$") hdr_re = re.compile("^\[([a-z0-9_]+)\]$") pad_re = re.compile("^([A-Za-z0-9_\., -]+)/([A-Za-z0-9_-]+)[A-Za-z0-9_\.\(\), -]*$") -- cgit v1.2.3