8000 Add GMSSL support by Trisia · Pull Request #908 · bcgit/bc-java · GitHub
[go: up one dir, main page]
Skip to content

Add GMSSL support #908

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 25 commits into
base: master
Choose a base branch
from
Open

Add GMSSL support #908

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
42d67ad
Added SM4 block encryption algorithm
Trisia Mar 5, 2021
7eab95d
Added SM3 hash hmac alg support
Trisia Mar 5, 2021
087209a
Add the algorithm identifier related to ECC_SM4_SM3
Trisia Mar 5, 2021
2423ca5
Added GMSSL related algorithm identifier analysis to Spi
Trisia Mar 5, 2021
c42b9cb
fix CipherSuiteInfo prefix check logic error
Trisia Mar 5, 2021
5529e58
debug client hello message
Trisia Mar 9, 2021
3a2c0d4
add sm2 key exchange process
Trisia Mar 10, 2021
f01c27c
add gm client key exchange impl
Trisia Mar 10, 2021
0c7a246
fix big BigInteger need set flag to process byte array signum
Trisia Mar 11, 2021
a26181e
TlsBlockCipher support gmssl struct encrypt and decrypt.
Trisia Mar 11, 2021
99b4d74
Merge pull request #1 from bcgit/master
Trisia Mar 11, 2021
e1ad060
change test site.
Trisia Mar 11, 2021
79e8066
implement server side gmssl SM2_SM4_SM3 suite develop.
Trisia Mar 12, 2021
92ca36c
add server version limit, if server dont have version of protocol the…
Trisia Mar 15, 2021
5dfe15e
change mock GMSSL CLient/Server to SimpleGMSSL public access.
Trisia Mar 16, 2021
45a747f
Add GM Simple Socket Factory.
Trisia Mar 16, 2021
1373192
Manually resolve merge conflicts
Trisia Mar 16, 2021
56d3167
Merge branch 'master' of https://github.com/bcgit/bc-java into bcgit-…
Trisia Mar 16, 2021
cf634a0
Merge branch 'bcgit-master'
Trisia Mar 16, 2021
b90aab1
Fix apache HttpClient get session null throw error.
Trisia Mar 17, 2021
a608f56
remove author tag
Trisia Mar 21, 2021
2c7bdad
修复了Alert 40 错误
Trisia Oct 20, 2021
621e688
格式调整
Trisia Oct 20, 2021
abfb039
Completed the GMSSL session.
Trisia Oct 23, 2021
fb72a85
remove debug info and change certificate parer method.
Trisia Oct 23, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
remove debug info and change certificate parer method.
  • Loading branch information
@Trisia
Trisia committed Oct 23, 2021
commit fb72a85cf8eb432f9abe044207f1e29f83996ae2
25 changes: 17 additions & 8 deletions tls/src/main/java/org/bouncycastle/jsse/provider/gm/GMSession.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
package org.bouncycastle.jsse.provider.gm;

import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.tls.crypto.TlsCertificate;

Expand All @@ -10,10 +8,12 @@
import javax.net.ssl.SSLSessionContext;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.SocketException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
Expand All @@ -36,11 +36,22 @@ public class GMSession implements SSLSession

private SecurityParameterProvider secParamProvider;

private CertificateFactory cf;

public GMSession(GMSimpleSSLSocket scoket)
{
gmScoket = scoket;
contextValue = new HashMap<String, Object>();
renew(null);

try
{
cf = CertificateFactory.getInstance("X.509", new BouncyCastleProvider());
}
catch (java.security.cert.CertificateException e)
{
throw new RuntimeException(e);
}
}

public void renew(SecurityParameterProvider secParamProvider)
Expand Down Expand Up @@ -125,15 +136,13 @@ public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException
final org.bouncycastle.tls.Certificate peerCertificate =
secParamProvider.getSecurityParameters().getPeerCertificate();
final TlsCertificate[] list = peerCertificate.getCertificateList();
final JcaX509CertificateConverter converter = new JcaX509CertificateConverter()
.setProvider(new BouncyCastleProvider());
Certificate[] res = new Certificate[list.length];
for (int i = 0; i < list.length; i++)
{
try
{
final byte[] encoded = list[i].getEncoded();
res[i] = converter.getCertificate(new X509CertificateHolder(encoded));
res[i] = cf.generateCertificate(new ByteArrayInputStream(encoded));
}
catch (java.security.cert.CertificateException e)
{
Expand All @@ -153,18 +162,18 @@ public Certificate[] getLocalCertificates()
{
return new Certificate[0];
}

final org.bouncycastle.tls.Certificate localCertificate =
secParamProvider.getSecurityParameters().getLocalCertificate();
final TlsCertificate[] list = localCertificate.getCertificateList();
final JcaX509CertificateConverter converter = new JcaX509CertificateConverter()
.setProvider(new BouncyCastleProvider());
Certificate[] res = new Certificate[list.length];
for (int i = 0; i < list.length; i++)
{
try
{

final byte[] encoded = list[i].getEncoded();
res[i] = converter.getCertificate(new X509CertificateHolder(encoded));
res[i] = cf.generateCertificate(new ByteArrayInputStream(encoded));
}
catch (java.security.cert.CertificateException e)
{
Expand Down
4 changes: 2 additions & 2 deletions tls/src/main/java/org/bouncycastle/jsse/provider/gm/GMSimpleSSLClient.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,8 @@ public TlsAuthentication getAuthentication() throws IOException

public void notifyServerCertificate(TlsServerCertificate serverCertificate) throws IOException
{
System.out.println(">> TlsAuthentication on notifyServerCertificate");
System.out.println(serverCertificate.getCertificate());
// System.out.println(">> TlsAuthentication on notifyServerCertificate");
// System.out.println(serverCertificate.getCertificate());
}

public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException
Expand Down
0