update ec

ec_kmeth and strict signature
2026-06-13 08:23:50 +08:00 · 2017-02-19 23:42:33 +08:00
parent 90a001b539
commit 046a5b2104
5 changed files with 112 additions and 15 deletions
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -24,7 +24,13 @@ static const EC_KEY_METHOD openssl_ec_key_method = {
    ossl_ecdsa_sign_setup,
    ossl_ecdsa_sign_sig,
    ossl_ecdsa_verify,
-    ossl_ecdsa_verify_sig
+    ossl_ecdsa_verify_sig,
+#ifndef OPENSSL_NO_SM2
+    ossl_ecies_encrypt,
+    ossl_ecies_do_encrypt,
+    ossl_ecies_decrypt,
+    ossl_ecies_do_decrypt,
+#endif
 };

 static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
@@ -315,3 +321,18 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
    if (pverify_sig != NULL)
        *pverify_sig = meth->verify_sig;
 }
+
+#ifndef OPENSSL_NO_SM2
+void EC_KEY_METHOD_get_encrypt(EC_KEY_METHOD *meth,
+                               int (**pencrypt)(int a),
+                               int (**pdo_encrypt)(int a))
+{
+    if (pencrypt != NULL)
+        *pencrypt = meth->encrypt;
+    if (pdo_encrypt != NULL)
+        *pdo_encrypt = meth->do_encrypt;
+}
+
+
+
+#endif
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -624,3 +624,14 @@ int X25519(uint8_t out_shared_key[32], const uint8_t private_key[32],
           const uint8_t peer_public_value[32]);
 void X25519_public_from_private(uint8_t out_public_value[32],
                                const uint8_t private_key[32]);
+
+#ifndef OPENSSL_NO_SM2
+int ossl_ecies_encrypt(int type, const unsigned char *in, size_t inlen,
+                       unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+ECIES_CIPHERTEXT_VALUE *ossl_ecies_do_encrypt(int type, const unsigned char *in,
+                                              size_t inlen, EC_KEY *ec_key);
+int ossl_ecies_decrypt(int type, const unsigned char *in, size_t inlen,
+                       unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+int ossl_ecies_do_decrypt(int type, const ECIES_CIPHERTEXT_VALUE *in,
+                      unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+#endif
--- a/crypto/ec/ecdsa_ossl.c
+++ b/crypto/ec/ecdsa_ossl.c
@@ -297,6 +297,19 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
    }
    while (1);

+#if 0
+    if (!BN_rshift1(tmp, order)) {
+        ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (BN_cmp(ret->s, tmp) <= 0) {
+        if (!BN_sub(ret->s, order, ret->s)) {
+            ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_BN_LIB);
+            goto err;
+        }
+    }
+#endif
+
    ok = 1;
 err:
    if (!ok) {
@@ -392,6 +405,18 @@ int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
        ret = 0;                /* signature is invalid */
        goto err;
    }
+#if 0
+    if (!BN_rshift1(m, order)) {
+        ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (BN_cmp(sig->r, m) <= 0) {
+        ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_BAD_SIGNATURE);
+        ret = 0;
+        goto err;
+    }
+#endif
+
    /* calculate tmp1 = inv(S) mod order */
    if (!BN_mod_inverse(u2, sig->s, order, ctx)) {
        ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_BN_LIB);