yaole/xgcl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d97f750eb13795c1154fc851a95d953445bbfab
xgcl/issue.md
T
yaole 8d97f750eb init: v1.0.0
2026-05-27 23:03:00 +08:00

145 lines
3.6 KiB
Markdown
Raw Blame History

# Issue 9 - Unsolved
Go标准库deprecated elliptic.Curve,因为标准库的elliptic.CurveParams使用的big.Int来实现曲线上的点乘操作,而big.Int一般不是密码学安全的。
GCL在amd和arm平台下,都是汇编覆盖了elliptic.CurveParams的点乘方法,因此不会用到elliptic.CurveParams的generic实现。
但是在龙芯平台上,会使用elliptic.CurveParams的Generic实现,因此不是密码学安全的。
Unsolved: 对曲线的generic实现,保证常数执行时间。
# Issue 8 - Unsolved
AMD CPU上sm2 签名验签失败
# Issue 7
sm/sm2/ec256/c256_asm_arm64.s
The `A Quick Guide to Go's Assembler` says that
`If NOSPLIT is not specified for the TEXT, the argument size must be provided.`
```go
// 未加-96,在func TestScalarBaseMult(t *testing.T)中会偶尔报错
// - TEXT ·c256PointAddAffineAsm(SB),0,$264
TEXT ·c256PointAddAffineAsm(SB),0,$264-96
```
# Issue 6
修复sm2/ec256/c256_asm_amd64.s下montReduceQW错误。在amd64平台下,会有很小的可能验签,解密等失败。
```go
#define montReduceQW(a0,a1,a2,a3,a4,a5, tmp0)\
\
ADDQ a0, a1 \
ADCQ $0, a2 \
ADCQ $0, a3 \
ADCQ a0, a4 \
ADCQ $0, a5 \
\
MOVQ a0, tmp0 \
SHLQ $32, a0 /* a0 used as a temp val */ \
SHRQ $32, tmp0 \
\
SUBQ a0, a1 \
SBBQ tmp0, a2 \
SBBQ a0, a3 \
SBBQ tmp0, a4 \
SBBQ $0, a5 /* may be not need? -- Issue 6: must keep it */\
XORQ a0,a0
```
let a[0:4] = [1,0,0,2,0]*0xffffffffffffffff = [0xffffffffffffffff,0,0,0xfffffffffffffffe,1,0]
Then a4 + a0 = 0, a5 = 1
# Issue 5
SM9签名,会改变传入的用户签名私钥。
错误位置:sm9/sign.go的sign函数,调用返回时会改变私钥ds值。
```go
func sign(msg []byte, ds *UserSignKey, pubs *MastSignPublicKey, rnd []byte) (*Signature, error) {
// ...
// 这里会改变ds!
//- s := ds.G1.ScalarMult(&ds.G1, r)
s := (&G1{}).ScalarMult(&ds.G1, r)
signature.H.Set(h)
signature.S.Set(s)
return signature, nil
}
```
# Issue 4
version <= v1.4.3的pbkdf的prf函数f实现错误。导致计算pbkd.PbkdfWithHmacSm3错误。
```go
func f(prfer prfer, salt_i []byte, count int) ([]byte, error) {
u, err := prfer.prf(salt_i)
if err != nil {
return nil, err
}
for i := 2; i <= count; i++ {
if out, err := prfer.prf(u); err != nil {
return nil, err
} else {
xor.XorBytes(u, u, out)
}
}
return u, nil
}
func f2(prfer prfer, salt_i []byte, count int) ([]byte, error) {
u, err := prfer.prf(salt_i)
if err != nil {
return nil, err
}
T := append([]byte(nil), u...)
for i := 2; i <= count; i++ {
if u, err = prfer.prf(u); err != nil {
return nil, err
} else {
xor.XorBytes(T, T, u)
}
}
return T, nil
}
```
# Issue 3
Identifier GM/T 0090中Version定义为 EXPLICITE VERSION DEFAULT V1,
这里EXPLICITE应该去掉。
```go
type Identifier struct {
// 标准中多了一个explicit
// Version int `asn1:"explicit,default:0"` 应为
Version int `asn1:"default:0"`
// ...
}
```
# Issue 2
Fuzz测试中,fuzz参数可能共享内容:
```go
f.Add([]byte{}, []byte{})
f.Fuzz(func(t *testing.T, id, msg []byte) {
//
}
```
id和msg可能共享同一内存,因此如果要对id和msg有改变的话,需要复制一份。
# Issue 1
sm9.Sign输入rnd非32字节时,内部重新生成。但内部rnd 赋值时多了`:`, 因此对rnd并没有重新生成。
```go
if rnd == nil || len(rnd) < byteSize {
rnd := make([]byte, byteSize)
grand.GenerateRandom(rnd)
}
```
改为
```go
if rnd == nil || len(rnd) < byteSize {
// -rnd := make([]byte, byteSize)
rnd = make([]byte, byteSize)
grand.GenerateRandom(rnd)
}
```
Reference in New Issue View Git Blame Copy Permalink