diff --git a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java index adf2a4a6..e653dd56 100644 --- a/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java +++ b/kona-crypto/src/jmh/java/com/tencent/kona/crypto/perf/SM2SignatureConstantTimeTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2025, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,6 @@ import com.tencent.kona.crypto.spec.SM2SignatureParameterSpec; import com.tencent.kona.crypto.util.Constants; import com.tencent.kona.sun.security.ec.ECOperator; -import org.bouncycastle.asn1.gm.GMObjectIdentifiers; -import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.openjdk.jmh.annotations.Benchmark; import org.openjdk.jmh.annotations.BenchmarkMode; import org.openjdk.jmh.annotations.Fork; @@ -44,7 +42,6 @@ import java.math.BigInteger; import java.security.KeyPair; -import java.security.Security; import java.security.Signature; import java.security.interfaces.ECPublicKey; import java.util.concurrent.TimeUnit; @@ -76,7 +73,6 @@ public class SM2SignatureConstantTimeTest { static { TestUtils.addProviders(); - Security.addProvider(new BouncyCastleProvider()); } private static KeyPair keyPair(BigInteger priKeyValue) { @@ -89,7 +85,7 @@ private static KeyPair keyPair(BigInteger priKeyValue) { @State(Scope.Thread) public static class SignerHolder { - @Param({"KonaCrypto", "KonaCrypto-Native", "BC"}) + @Param({"KonaCrypto", "KonaCrypto-Native"}) String provider; @Param({"Small", "Mid", "Big"}) @@ -111,22 +107,21 @@ public void setup() throws Exception { case "Big": keyPair = KEY_PAIR_BIG; } - if ("KonaCrypto".equals(provider)) { - signer = Signature.getInstance("SM2", provider); - signer.setParameter(new SM2SignatureParameterSpec( - ID, (ECPublicKey) keyPair.getPublic())); - signer.initSign(keyPair.getPrivate()); - } else if ("BC".equals(provider)) { - signer = Signature.getInstance( - GMObjectIdentifiers.sm2sign_with_sm3.toString(), provider); - signer.setParameter(new org.bouncycastle.jcajce.spec.SM2ParameterSpec(ID)); - signer.initSign(keyPair.getPrivate()); - } + signer = Signature.getInstance("SM2", provider); + signer.setParameter(new SM2SignatureParameterSpec( + ID, (ECPublicKey) keyPair.getPublic())); + signer.initSign(keyPair.getPrivate()); + + data = data(dataType); + } + private static byte[] data(String dataType) { switch (dataType) { - case "Small": data = MESG_SMALL; break; - case "Mid": data = MESG_MID; break; - case "Big": data = MESG_BIG; + case "Small": return MESG_SMALL; + case "Mid": return MESG_MID; + case "Big": return MESG_BIG; + default: throw new IllegalArgumentException( + "Unsupported data type: " + dataType); } } } diff --git a/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/SM2Signature.java b/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/SM2Signature.java index 9f5b02a5..c6ff2a6e 100644 --- a/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/SM2Signature.java +++ b/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/SM2Signature.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2023, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2025, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify @@ -130,6 +130,10 @@ protected void engineInitVerify(PublicKey publicKey) @Override protected void engineSetParameter(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException { + privateKey = null; + publicKey = null; + id = null; + if (!(params instanceof SM2SignatureParameterSpec)) { throw new InvalidAlgorithmParameterException( "Only accept SM2SignatureParameterSpec"); diff --git a/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/nativeImpl/SM2Signature.java b/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/nativeImpl/SM2Signature.java index f84ecab2..577d5336 100644 --- a/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/nativeImpl/SM2Signature.java +++ b/kona-crypto/src/main/java/com/tencent/kona/crypto/provider/nativeImpl/SM2Signature.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022, 2024, THL A29 Limited, a Tencent company. All rights reserved. + * Copyright (C) 2022, 2025, THL A29 Limited, a Tencent company. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify @@ -63,6 +63,10 @@ public final class SM2Signature extends SignatureSpi { @Override protected void engineInitSign(PrivateKey privateKey, SecureRandom random) throws InvalidKeyException { + sm2 = null; + this.privateKey = null; + buffer.reset(); + if (!(privateKey instanceof ECPrivateKey)) { throw new InvalidKeyException("Only ECPrivateKey accepted!"); } @@ -87,6 +91,10 @@ protected void engineInitSign(PrivateKey privateKey) @Override protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException { + this.privateKey = null; + this.publicKey = null; + buffer.reset(); + if (!(publicKey instanceof ECPublicKey)) { throw new InvalidKeyException("Only ECPublicKey accepted!"); } @@ -97,6 +105,10 @@ protected void engineInitVerify(PublicKey publicKey) @Override protected void engineSetParameter(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException { + privateKey = null; + publicKey = null; + id = null; + if (!(params instanceof SM2SignatureParameterSpec)) { throw new InvalidAlgorithmParameterException( "Only accept SM2SignatureParameterSpec");