wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix no-sm2

Browse source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5673)
This commit is contained in:
Matt Caswell 2018-03-19 16:17:58 +00:00
parent 1a54618ba6
commit 1bf2cc237e
5 changed files with 64 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Configure
View file

@ -382,6 +382,7 @@ my @disablables = (
"seed", "seed",
"shared", "shared",
"siphash", "siphash",
"sm2",
"sm3", "sm3",
"sm4", "sm4",
"sock", "sock",

43
crypto/ec/ec_pmeth.c
View file

@ -205,24 +205,27 @@ static int pkey_ecies_encrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen) const unsigned char *in, size_t inlen)
{ {
int ret, md_type; int ret;
EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec; EC_KEY *ec = ctx->pkey->pkey.ec;
const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
if (dctx->md)
md_type = EVP_MD_type(dctx->md);
else if (ec_nid == NID_sm2)
md_type = NID_sm3;
else
md_type = NID_sha256;
if (ec_nid == NID_sm2) { if (ec_nid == NID_sm2) {
# if defined(OPENSSL_NO_SM2) # if defined(OPENSSL_NO_SM2)
ret = -1; ret = -1;
# else # else
int md_type;
EC_PKEY_CTX *dctx = ctx->data;
if (dctx->md)
md_type = EVP_MD_type(dctx->md);
else if (ec_nid == NID_sm2)
md_type = NID_sm3;
else
md_type = NID_sha256;
if (out == NULL) { if (out == NULL) {
*outlen = SM2_ciphertext_size(ec, EVP_get_digestbynid(md_type), inlen); *outlen = SM2_ciphertext_size(ec, EVP_get_digestbynid(md_type),
inlen);
ret = 1; ret = 1;
} }
else { else {
@ -242,22 +245,24 @@ static int pkey_ecies_decrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen) const unsigned char *in, size_t inlen)
{ {
int ret, md_type; int ret;
EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec; EC_KEY *ec = ctx->pkey->pkey.ec;
const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
if (dctx->md)
md_type = EVP_MD_type(dctx->md);
else if (ec_nid == NID_sm2)
md_type = NID_sm3;
else
md_type = NID_sha256;
if (ec_nid == NID_sm2) { if (ec_nid == NID_sm2) {
# if defined(OPENSSL_NO_SM2) # if defined(OPENSSL_NO_SM2)
ret = -1; ret = -1;
# else # else
int md_type;
EC_PKEY_CTX *dctx = ctx->data;
if (dctx->md)
md_type = EVP_MD_type(dctx->md);
else if (ec_nid == NID_sm2)
md_type = NID_sm3;
else
md_type = NID_sha256;
if (out == NULL) { if (out == NULL) {
*outlen = SM2_plaintext_size(ec, EVP_get_digestbynid(md_type), inlen); *outlen = SM2_plaintext_size(ec, EVP_get_digestbynid(md_type), inlen);
ret = 1; ret = 1;

8
include/openssl/sm2.h
View file

@ -11,11 +11,14 @@
#ifndef HEADER_SM2_H #ifndef HEADER_SM2_H
# define HEADER_SM2_H # define HEADER_SM2_H
# include <openssl/opensslconf.h>
# include <openssl/ec.h> # ifndef OPENSSL_NO_SM2
# include <openssl/ec.h>
/* The default user id as specified in GM/T 0009-2012 */ /* The default user id as specified in GM/T 0009-2012 */
# define SM2_DEFAULT_USERID "1234567812345678" # define SM2_DEFAULT_USERID "1234567812345678"
int SM2_compute_userid_digest(uint8_t *out, int SM2_compute_userid_digest(uint8_t *out,
const EVP_MD *digest, const EVP_MD *digest,
@ -71,4 +74,5 @@ int SM2_decrypt(const EC_KEY *key,
int ERR_load_SM2_strings(void); int ERR_load_SM2_strings(void);
# endif /* OPENSSL_NO_SM2 */
#endif #endif

23
test/evp_test.c
View file

@ -2413,6 +2413,23 @@ static char *take_value(PAIR *pp)
return p; return p;
} }
static int key_disabled(EVP_PKEY *pkey)
{
#if defined(OPENSSL_NO_SM2) && !defined(OPENSSL_NO_EC)
int type = EVP_PKEY_base_id(pkey);
if (type == EVP_PKEY_EC) {
EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
if (nid == NID_sm2)
return 1;
}
#endif /* OPENSSL_NO_SM2 */
return 0;
}
/* /*
* Read and parse one test. Return 0 if failure, 1 if okay. * Read and parse one test. Return 0 if failure, 1 if okay.
*/ */
@ -2439,6 +2456,7 @@ top:
if (strcmp(pp->key, "PrivateKey") == 0) { if (strcmp(pp->key, "PrivateKey") == 0) {
pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL); pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL);
if (pkey == NULL && !key_unsupported()) { if (pkey == NULL && !key_unsupported()) {
EVP_PKEY_free(pkey);
TEST_info("Can't read private key %s", pp->value); TEST_info("Can't read private key %s", pp->value);
TEST_openssl_errors(); TEST_openssl_errors();
return 0; return 0;
@ -2447,6 +2465,7 @@ top:
} else if (strcmp(pp->key, "PublicKey") == 0) { } else if (strcmp(pp->key, "PublicKey") == 0) {
pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL); pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL);
if (pkey == NULL && !key_unsupported()) { if (pkey == NULL && !key_unsupported()) {
EVP_PKEY_free(pkey);
TEST_info("Can't read public key %s", pp->value); TEST_info("Can't read public key %s", pp->value);
TEST_openssl_errors(); TEST_openssl_errors();
return 0; return 0;
@ -2497,6 +2516,10 @@ top:
} }
OPENSSL_free(keybin); OPENSSL_free(keybin);
} }
if (pkey != NULL && key_disabled(pkey)) {
EVP_PKEY_free(pkey);
pkey = NULL;
}
/* If we have a key add to list */ /* If we have a key add to list */
if (klist != NULL) { if (klist != NULL) {

20
util/libcrypto.num
View file

@ -4514,13 +4514,13 @@ EVP_PKEY_new_CMAC_key 4455 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_priv_key 4456 1_1_1 EXIST::FUNCTION: EVP_PKEY_asn1_set_set_priv_key 4456 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_pub_key 4457 1_1_1 EXIST::FUNCTION: EVP_PKEY_asn1_set_set_pub_key 4457 1_1_1 EXIST::FUNCTION:
RAND_DRBG_set_defaults 4458 1_1_1 EXIST::FUNCTION: RAND_DRBG_set_defaults 4458 1_1_1 EXIST::FUNCTION:
SM2_decrypt 4459 1_1_1 EXIST::FUNCTION: SM2_decrypt 4459 1_1_1 EXIST::FUNCTION:SM2
SM2_do_sign 4460 1_1_1 EXIST::FUNCTION: SM2_do_sign 4460 1_1_1 EXIST::FUNCTION:SM2
SM2_compute_userid_digest 4461 1_1_1 EXIST::FUNCTION: SM2_compute_userid_digest 4461 1_1_1 EXIST::FUNCTION:SM2
SM2_encrypt 4462 1_1_1 EXIST::FUNCTION: SM2_encrypt 4462 1_1_1 EXIST::FUNCTION:SM2
SM2_ciphertext_size 4463 1_1_1 EXIST::FUNCTION: SM2_ciphertext_size 4463 1_1_1 EXIST::FUNCTION:SM2
SM2_verify 4464 1_1_1 EXIST::FUNCTION: SM2_verify 4464 1_1_1 EXIST::FUNCTION:SM2
SM2_do_verify 4465 1_1_1 EXIST::FUNCTION: SM2_do_verify 4465 1_1_1 EXIST::FUNCTION:SM2
SM2_sign 4466 1_1_1 EXIST::FUNCTION: SM2_sign 4466 1_1_1 EXIST::FUNCTION:SM2
ERR_load_SM2_strings 4467 1_1_1 EXIST::FUNCTION: ERR_load_SM2_strings 4467 1_1_1 EXIST::FUNCTION:SM2
SM2_plaintext_size 4468 1_1_1 EXIST::FUNCTION: SM2_plaintext_size 4468 1_1_1 EXIST::FUNCTION:SM2