Add SM2 Z value computation support for more APIs

2026-05-06 16:36:16 +08:00 · 2018-01-25 23:57:39 +08:00
parent 32c343fc06
commit 342603d169
3 changed files with 44 additions and 0 deletions
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -21,6 +21,9 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/asn1_int.h"
 #include "internal/evp_int.h"

@@ -205,6 +208,15 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
        goto err;
    }

+#ifndef OPENSSL_NO_SM2
+    if (OBJ_obj2nid(algor1->algorithm) == NID_sm2sign_with_sm3) {
+        if (!EVP_PKEY_CTX_set_ec_scheme(EVP_MD_CTX_pkey_ctx(ctx), NID_sm_scheme)) {
+            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EC_LIB);
+            return 0;
+        }
+    }
+#endif
+
    if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
        || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
        outl = 0;
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -12,6 +12,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/evp_int.h"

 int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
@@ -51,6 +54,19 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
        goto err;
    if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)
        goto err;
+#ifndef OPENSSL_NO_SM2
+    if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(
+            EVP_PKEY_get0_EC_KEY(pkey))) == NID_sm2p256v1) {
+# ifdef CIPHER_DEBUG
+            fprintf(stderr, "%s() set sm scheme\n", __FUNCTION__);
+# endif
+            if (EVP_PKEY_CTX_set_ec_scheme(pkctx, NID_sm_scheme) <= 0) {
+                goto err;
+            }
+        }
+    }
+#endif
    if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
        goto err;
    *siglen = sltmp;
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -12,6 +12,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/evp_int.h"

 int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
@@ -48,6 +51,19 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
        goto err;
    if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)
        goto err;
+#ifndef OPENSSL_NO_SM2
+    if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(
+            EVP_PKEY_get0_EC_KEY(pkey))) == NID_sm2p256v1) {
+# ifdef CIPHER_DEBUG
+            fprintf(stderr, "%s() set sm scheme\n", __FUNCTION__);
+# endif
+            if (EVP_PKEY_CTX_set_ec_scheme(pkctx, NID_sm_scheme) <= 0) {
+                goto err;
+            }
+        }
+    }
+#endif
    i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
 err:
    EVP_PKEY_CTX_free(pkctx);