Commit 4803717f authored by Paul Yang's avatar Paul Yang
Browse files

Support setting SM2 ID 



zero-length ID is allowed, but it's not allowed to skip the ID.

Fixes: #6534

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7113)
parent 00433bad

crypto/err/openssl.txt

+3 −0
Original line number Diff line number Diff line
@@ -1086,6 +1086,7 @@ SM2_F_PKEY_SM2_INIT:111:pkey_sm2_init 
SM2_F_PKEY_SM2_SIGN:112:pkey_sm2_sign

SM2_F_SM2_COMPUTE_MSG_HASH:100:sm2_compute_msg_hash

SM2_F_SM2_COMPUTE_USERID_DIGEST:101:sm2_compute_userid_digest

SM2_F_SM2_COMPUTE_Z_DIGEST:113:sm2_compute_z_digest

SM2_F_SM2_DECRYPT:102:sm2_decrypt

SM2_F_SM2_ENCRYPT:103:sm2_encrypt

SM2_F_SM2_PLAINTEXT_SIZE:104:sm2_plaintext_size
@@ -2554,6 +2555,8 @@ RSA_R_WRONG_SIGNATURE_LENGTH:119:wrong signature length 
SM2_R_ASN1_ERROR:100:asn1 error

SM2_R_BAD_SIGNATURE:101:bad signature

SM2_R_BUFFER_TOO_SMALL:107:buffer too small

SM2_R_DIST_ID_TOO_LARGE:110:dist id too large

SM2_R_ID_TOO_LARGE:111:id too large

SM2_R_INVALID_CURVE:108:invalid curve

SM2_R_INVALID_DIGEST:102:invalid digest

SM2_R_INVALID_DIGEST_TYPE:103:invalid digest type

crypto/evp/digest.c

+6 −3
Original line number Diff line number Diff line 
/*

 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -34,9 +34,9 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) 
    }

    /*

     * pctx should be freed by the user of EVP_MD_CTX

     * if EVP_MD_CTX_FLAG_NEGLECT_PCTX is set

     * if EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set

     */

    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_NEGLECT_PCTX))

    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))

        EVP_PKEY_CTX_free(ctx->pctx);

#ifndef OPENSSL_NO_ENGINE

    ENGINE_finish(ctx->engine);
@@ -229,6 +229,9 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) 
    EVP_MD_CTX_reset(out);

    memcpy(out, in, sizeof(*out));



    /* copied EVP_MD_CTX should free the copied EVP_PKEY_CTX */

    EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);



    /* Null these variables, since they are getting fixed up

     * properly below.  Anything else may cause a memleak and/or

     * double free if any of the memory allocations below fail

crypto/evp/evp_lib.c

+1 −1
Original line number Diff line number Diff line
@@ -464,7 +464,7 @@ void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) 
{

    ctx->pctx = pctx;

    /* make sure pctx is not freed when destroying EVP_MD_CTX */

    EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NEGLECT_PCTX);

    EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);

}



void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)

crypto/evp/m_sigver.c

+12 −13
Original line number Diff line number Diff line 
/*

 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -75,14 +75,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, 
        return 1;

    if (!EVP_DigestInit_ex(ctx, type, e))

        return 0;

    if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_DIGEST_CUSTOM) {

    /*

     * This indicates the current algorithm requires

     * special treatment before hashing the tbs-message.

     */

    if (ctx->pctx->pmeth->digest_custom)

        return ctx->pctx->pmeth->digest_custom(ctx->pctx, ctx);

    }



    return 1;

}
@@ -184,9 +183,9 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, 
    else

        vctx = 0;

    if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {

        if (vctx) {

        if (vctx)

            r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx);

        } else

        else

            r = EVP_DigestFinal_ex(ctx, md, &mdlen);

    } else {

        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
@@ -196,10 +195,10 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, 
            EVP_MD_CTX_free(tmp_ctx);

            return -1;

        }

        if (vctx) {

        if (vctx)

            r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx,

                                                sig, siglen, tmp_ctx);

        } else

        else

            r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);

        EVP_MD_CTX_free(tmp_ctx);

    }

crypto/evp/pmeth_lib.c

+6 −1
Original line number Diff line number Diff line
@@ -367,6 +367,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 
                      int cmd, int p1, void *p2)

{

    int ret;



    if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {

        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);

        return -2;
@@ -374,6 +375,10 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 
    if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))

        return -1;



    /* Skip the operation checks since this is called in a very early stage */

    if (ctx->pmeth->digest_custom != NULL)

        goto doit;



    if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {

        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);

        return -1;
@@ -384,13 +389,13 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 
        return -1;

    }



 doit:

    ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);



    if (ret == -2)

        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);



    return ret;



}



int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,