From 342603d169cb58ab64435f5a60ff695ce7a7f54f Mon Sep 17 00:00:00 2001
From: Zhi Guan <guan@pku.edu.cn>
Date: Thu, 25 Jan 2018 23:57:39 +0800
Subject: [PATCH] Add SM2 Z value computation support for more APIs

---
 crypto/asn1/a_sign.c  | 12 ++++++++++++
 crypto/evp/p_sign.c   | 16 ++++++++++++++++
 crypto/evp/p_verify.c | 16 ++++++++++++++++
 3 files changed, 44 insertions(+)

diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 7e21a5ec..200c1e6b 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -21,6 +21,9 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/buffer.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/asn1_int.h"
 #include "internal/evp_int.h"
 
@@ -205,6 +208,15 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
         goto err;
     }
 
+#ifndef OPENSSL_NO_SM2
+    if (OBJ_obj2nid(algor1->algorithm) == NID_sm2sign_with_sm3) {
+        if (!EVP_PKEY_CTX_set_ec_scheme(EVP_MD_CTX_pkey_ctx(ctx), NID_sm_scheme)) {
+            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EC_LIB);
+            return 0;
+        }
+    }
+#endif
+
     if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
         || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
         outl = 0;
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index 6cb442e4..5581b548 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -12,6 +12,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/evp_int.h"
 
 int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
@@ -51,6 +54,19 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
         goto err;
     if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)
         goto err;
+#ifndef OPENSSL_NO_SM2
+    if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(
+            EVP_PKEY_get0_EC_KEY(pkey))) == NID_sm2p256v1) {
+# ifdef CIPHER_DEBUG
+            fprintf(stderr, "%s() set sm scheme\n", __FUNCTION__);
+# endif
+            if (EVP_PKEY_CTX_set_ec_scheme(pkctx, NID_sm_scheme) <= 0) {
+                goto err;
+            }
+        }
+    }
+#endif
     if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
         goto err;
     *siglen = sltmp;
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 6e8c565d..cbf44278 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -12,6 +12,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifndef OPENSSL_NO_SM2
+# include <openssl/sm2.h>
+#endif
 #include "internal/evp_int.h"
 
 int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
@@ -48,6 +51,19 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
         goto err;
     if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)
         goto err;
+#ifndef OPENSSL_NO_SM2
+    if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
+        if (EC_GROUP_get_curve_name(EC_KEY_get0_group(
+            EVP_PKEY_get0_EC_KEY(pkey))) == NID_sm2p256v1) {
+# ifdef CIPHER_DEBUG
+            fprintf(stderr, "%s() set sm scheme\n", __FUNCTION__);
+# endif
+            if (EVP_PKEY_CTX_set_ec_scheme(pkctx, NID_sm_scheme) <= 0) {
+                goto err;
+            }
+        }
+    }
+#endif
     i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
  err:
     EVP_PKEY_CTX_free(pkctx);