Fix no-sm2 (1bf2cc23) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Configure

+1 −0

Original line number	Diff line number	Diff line
		@@ -382,6 +382,7 @@ my @disablables = (
		"seed",
		"shared",
		"siphash",
		"sm2",
		"sm3",
		"sm4",
		"sock",

crypto/ec/ec_pmeth.c

+24 −19

Original line number	Diff line number	Diff line
		@@ -205,11 +205,17 @@ static int pkey_ecies_encrypt(EVP_PKEY_CTX *ctx,
		unsigned char out, size_t outlen,
		const unsigned char *in, size_t inlen)
		{
		int ret, md_type;
		EC_PKEY_CTX *dctx = ctx->data;
		int ret;
		EC_KEY *ec = ctx->pkey->pkey.ec;
		const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));

		if (ec_nid == NID_sm2) {
		# if defined(OPENSSL_NO_SM2)
		ret = -1;
		# else
		int md_type;
		EC_PKEY_CTX *dctx = ctx->data;

		if (dctx->md)
		md_type = EVP_MD_type(dctx->md);
		else if (ec_nid == NID_sm2)
		@@ -217,12 +223,9 @@ static int pkey_ecies_encrypt(EVP_PKEY_CTX *ctx,
		else
		md_type = NID_sha256;

		if (ec_nid == NID_sm2) {
		# if defined(OPENSSL_NO_SM2)
		ret = -1;
		# else
		if (out == NULL) {
		*outlen = SM2_ciphertext_size(ec, EVP_get_digestbynid(md_type), inlen);
		*outlen = SM2_ciphertext_size(ec, EVP_get_digestbynid(md_type),
		inlen);
		ret = 1;
		}
		else {
		@@ -242,11 +245,17 @@ static int pkey_ecies_decrypt(EVP_PKEY_CTX *ctx,
		unsigned char out, size_t outlen,
		const unsigned char *in, size_t inlen)
		{
		int ret, md_type;
		EC_PKEY_CTX *dctx = ctx->data;
		int ret;
		EC_KEY *ec = ctx->pkey->pkey.ec;
		const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));

		if (ec_nid == NID_sm2) {
		# if defined(OPENSSL_NO_SM2)
		ret = -1;
		# else
		int md_type;
		EC_PKEY_CTX *dctx = ctx->data;

		if (dctx->md)
		md_type = EVP_MD_type(dctx->md);
		else if (ec_nid == NID_sm2)
		@@ -254,10 +263,6 @@ static int pkey_ecies_decrypt(EVP_PKEY_CTX *ctx,
		else
		md_type = NID_sha256;

		if (ec_nid == NID_sm2) {
		# if defined(OPENSSL_NO_SM2)
		ret = -1;
		# else
		if (out == NULL) {
		*outlen = SM2_plaintext_size(ec, EVP_get_digestbynid(md_type), inlen);
		ret = 1;

include/openssl/sm2.h

+6 −2

Original line number	Diff line number	Diff line
		@@ -11,6 +11,9 @@

		#ifndef HEADER_SM2_H
		# define HEADER_SM2_H
		# include <openssl/opensslconf.h>

		# ifndef OPENSSL_NO_SM2

		# include <openssl/ec.h>

		@@ -71,4 +74,5 @@ int SM2_decrypt(const EC_KEY *key,

		int ERR_load_SM2_strings(void);

		# endif /* OPENSSL_NO_SM2 */
		#endif

test/evp_test.c

+23 −0

Original line number	Diff line number	Diff line
		@@ -2413,6 +2413,23 @@ static char take_value(PAIR pp)
		return p;
		}

		static int key_disabled(EVP_PKEY *pkey)
		{
		#if defined(OPENSSL_NO_SM2) && !defined(OPENSSL_NO_EC)
		int type = EVP_PKEY_base_id(pkey);

		if (type == EVP_PKEY_EC) {
		EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
		int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));

		if (nid == NID_sm2)
		return 1;
		}
		#endif /* OPENSSL_NO_SM2 */

		return 0;
		}

		/*
		* Read and parse one test. Return 0 if failure, 1 if okay.
		*/
		@@ -2439,6 +2456,7 @@ top:
		if (strcmp(pp->key, "PrivateKey") == 0) {
		pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL);
		if (pkey == NULL && !key_unsupported()) {
		EVP_PKEY_free(pkey);
		TEST_info("Can't read private key %s", pp->value);
		TEST_openssl_errors();
		return 0;
		@@ -2447,6 +2465,7 @@ top:
		} else if (strcmp(pp->key, "PublicKey") == 0) {
		pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL);
		if (pkey == NULL && !key_unsupported()) {
		EVP_PKEY_free(pkey);
		TEST_info("Can't read public key %s", pp->value);
		TEST_openssl_errors();
		return 0;
		@@ -2497,6 +2516,10 @@ top:
		}
		OPENSSL_free(keybin);
		}
		if (pkey != NULL && key_disabled(pkey)) {
		EVP_PKEY_free(pkey);
		pkey = NULL;
		}

		/* If we have a key add to list */
		if (klist != NULL) {

util/libcrypto.num

+10 −10

Original line number	Diff line number	Diff line
		@@ -4514,13 +4514,13 @@ EVP_PKEY_new_CMAC_key 4455 1_1_1 EXIST::FUNCTION:
		EVP_PKEY_asn1_set_set_priv_key 4456 1_1_1 EXIST::FUNCTION:
		EVP_PKEY_asn1_set_set_pub_key 4457 1_1_1 EXIST::FUNCTION:
		RAND_DRBG_set_defaults 4458 1_1_1 EXIST::FUNCTION:
		SM2_decrypt 4459 1_1_1 EXIST::FUNCTION:
		SM2_do_sign 4460 1_1_1 EXIST::FUNCTION:
		SM2_compute_userid_digest 4461 1_1_1 EXIST::FUNCTION:
		SM2_encrypt 4462 1_1_1 EXIST::FUNCTION:
		SM2_ciphertext_size 4463 1_1_1 EXIST::FUNCTION:
		SM2_verify 4464 1_1_1 EXIST::FUNCTION:
		SM2_do_verify 4465 1_1_1 EXIST::FUNCTION:
		SM2_sign 4466 1_1_1 EXIST::FUNCTION:
		ERR_load_SM2_strings 4467 1_1_1 EXIST::FUNCTION:
		SM2_plaintext_size 4468 1_1_1 EXIST::FUNCTION:
		SM2_decrypt 4459 1_1_1 EXIST::FUNCTION:SM2
		SM2_do_sign 4460 1_1_1 EXIST::FUNCTION:SM2
		SM2_compute_userid_digest 4461 1_1_1 EXIST::FUNCTION:SM2
		SM2_encrypt 4462 1_1_1 EXIST::FUNCTION:SM2
		SM2_ciphertext_size 4463 1_1_1 EXIST::FUNCTION:SM2
		SM2_verify 4464 1_1_1 EXIST::FUNCTION:SM2
		SM2_do_verify 4465 1_1_1 EXIST::FUNCTION:SM2
		SM2_sign 4466 1_1_1 EXIST::FUNCTION:SM2
		ERR_load_SM2_strings 4467 1_1_1 EXIST::FUNCTION:SM2
		SM2_plaintext_size 4468 1_1_1 EXIST::FUNCTION:SM2