added basic certificate creation using SM3withSM2.

core/src/main/java/org/bouncycastle/asn1/gm/GMNamedCurves.java

@@ -31,7 +31,7 @@ private static BigInteger fromHex(
     /*
      * SM2SysParams
      */
-    static X9ECParametersHolder SM2SysParams = new X9ECParametersHolder()
+    static X9ECParametersHolder sm2_P256 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
         {
@@ -66,7 +66,7 @@ static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHol
 
     static
     {
-        defineCurve("SM2SysParams", GMObjectIdentifiers.SM2_Elliptic_Curve_Cryptography, SM2SysParams);
+        defineCurve("SM2-P256", GMObjectIdentifiers.sm2_Elliptic_Curve_Cryptography, sm2_P256);
     }
 
     public static X9ECParameters getByName(

core/src/main/java/org/bouncycastle/asn1/gm/GMObjectIdentifiers.java

@@ -4,7 +4,7 @@
 
 public interface GMObjectIdentifiers
 {
-    ASN1ObjectIdentifier SM2_Elliptic_Curve_Cryptography  = new ASN1ObjectIdentifier("1.2.156.10197.1.301");
+    ASN1ObjectIdentifier sm2_Elliptic_Curve_Cryptography = new ASN1ObjectIdentifier("1.2.156.10197.1.301");
 
-    ASN1ObjectIdentifier SM2_Signing_with_SM3 = new ASN1ObjectIdentifier("1.2.156.10197.1.501");
+    ASN1ObjectIdentifier sm2_signing_with_SM3 = new ASN1ObjectIdentifier("1.2.156.10197.1.501");
 }

core/src/main/java/org/bouncycastle/crypto/signers/SM2Signer.java

@@ -51,12 +51,21 @@ public void init(boolean forSigning, CipherParameters param)
 
         if (forSigning)
         {
-            ParametersWithRandom rParam = (ParametersWithRandom)baseParam;
+            if (baseParam instanceof ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)baseParam;
 
-            ecKey = (ECKeyParameters)rParam.getParameters();
-            ecParams = ecKey.getParameters();
+                ecKey = (ECKeyParameters)rParam.getParameters();
+                ecParams = ecKey.getParameters();
+                kCalculator.init(ecParams.getN(), rParam.getRandom());
+            }
+            else
+            {
+                ecKey = (ECKeyParameters)baseParam;
+                ecParams = ecKey.getParameters();
+                kCalculator.init(ecParams.getN(), new SecureRandom());
+            }
             pubPoint = ecParams.getG().multiply(((ECPrivateKeyParameters)ecKey).getD()).normalize();
-            kCalculator.init(ecParams.getN(), rParam.getRandom());
         }
         else
         {

pkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java

@@ -13,6 +13,7 @@
 import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
 import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -95,7 +96,7 @@ public class DefaultSignatureAlgorithmIdentifierFinder
         algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
         algorithms.put("SHA3-512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA3_512);
         algorithms.put("SHA512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA512);
-
+        algorithms.put("SM3WITHSM2", GMObjectIdentifiers.sm2_signing_with_SM3);
         //
         // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
         // The parameters field SHALL be NULL for RSA based signature algorithms.
@@ -123,6 +124,11 @@ public class DefaultSignatureAlgorithmIdentifierFinder
         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA512);
         noParams.add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
 
+        //
+        // SM2
+        //
+        noParams.add(GMObjectIdentifiers.sm2_signing_with_SM3);
+
         //
         // PKCS 1.5 encrypted  algorithms
         //

pkix/src/test/java/org/bouncycastle/cert/test/CertTest.java

@@ -82,6 +82,7 @@
 import org.bouncycastle.jce.X509Principal;
 import org.bouncycastle.jce.interfaces.ECPointEncoder;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
 import org.bouncycastle.jce.spec.ECParameterSpec;
 import org.bouncycastle.jce.spec.ECPrivateKeySpec;
 import org.bouncycastle.jce.spec.ECPublicKeySpec;
@@ -1698,6 +1699,72 @@ public void checkCreation2()
         }
     }
 
+    /**
+     * we generate a self signed certificate for the sake of testing - DSA
+     */
+    public void checkSm3WithSm2Creation()
+        throws Exception
+    {
+        //
+        // set up the keys
+        //
+        PrivateKey privKey;
+        PublicKey pubKey;
+
+        try
+        {
+            KeyPairGenerator g = KeyPairGenerator.getInstance("EC", "BC");
+
+            g.initialize(new ECNamedCurveGenParameterSpec("SM2-P256"));
+
+            KeyPair p = g.generateKeyPair();
+
+            privKey = p.getPrivate();
+            pubKey = p.getPublic();
+        }
+        catch (Exception e)
+        {                               e.printStackTrace();
+            fail("error setting up keys - " + e.toString());
+            return;
+        }
+
+        //
+        // distinguished name table.
+        //
+        X500NameBuilder builder = createStdBuilder();
+
+        //
+        // extensions
+        //
+
+        //
+        // create the certificate - version 1
+        //
+
+        ContentSigner sigGen = new JcaContentSignerBuilder("SM3withSM2").setProvider(BC).build(privKey);
+        JcaX509v1CertificateBuilder certGen = new JcaX509v1CertificateBuilder(
+            builder.build(),
+            BigInteger.valueOf(1),
+            new Date(System.currentTimeMillis() - 50000),
+            new Date(System.currentTimeMillis() + 50000),
+            builder.build(),
+            pubKey);
+
+
+        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
+
+        cert.checkValidity(new Date());
+
+        cert.verify(pubKey);
+
+        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
+        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
+
+        cert = (X509Certificate)fact.generateCertificate(bIn);
+
+        // System.out.println(cert);
+    }
+
     private void checkComparison(byte[] encCert)
         throws NoSuchProviderException, CertificateException
     {
@@ -3158,6 +3225,8 @@ public void performTest()
 
         checkCreation6();
 
+        checkSm3WithSm2Creation();
+
         createECCert("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
         createECCert("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
         createECCert("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GM.java

@@ -31,7 +31,7 @@ public void configure(ConfigurableProvider provider)
 
             provider.addAlgorithm("Signature.SM3withSM2", PREFIX + "GMSignatureSpi$sm3WithSM2");
 
-            provider.addAlgorithm("Alg.Alias.Signature." + GMObjectIdentifiers.SM2_Signing_with_SM3, "SM3withSM2");
+            provider.addAlgorithm("Alg.Alias.Signature." + GMObjectIdentifiers.sm2_signing_with_SM3, "SM3withSM2");
         }
     }
 }

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java

@@ -346,6 +346,10 @@ private static ASN1ObjectIdentifier lookupOidByName(String name)
             {
                 oid = ANSSINamedCurves.getOID(name);
             }
+            if (oid == null)
+            {
+                oid = GMNamedCurves.getOID(name);
+            }
         }
 
         return oid;
@@ -421,6 +425,10 @@ public static X9ECParameters getNamedCurveByName(
             {
                 params = TeleTrusTNamedCurves.getByName(curveName);
             }
+            if (params == null)
+            {
+                params = GMNamedCurves.getByName(curveName);
+            }
         }
 
         return params;