diff --git a/CMakeLists.txt b/CMakeLists.txt index a51d9e3a..a862b5ab 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -424,6 +424,10 @@ endif() if (ENABLE_SECP256R1) message(STATUS "ENABLE_SECP256R1 is ON") + if (NOT ENABLE_SHA2) + message(STATUS "ENABLE_SECP256R1 requires ENABLE_SHA2; enabling ENABLE_SHA2") + set(ENABLE_SHA2 ON) + endif() add_definitions(-DENABLE_SECP256R1) list(APPEND src src/bn.c src/secp256r1.c src/secp256r1_key.c src/ecdsa.c src/ecdh.c) list(APPEND tools tools/p256keygen.c) @@ -588,6 +592,7 @@ endif() if (ENABLE_SM4_CBC_MAC) message(STATUS "ENABLE_SM4_CBC_MAC is ON") + add_definitions(-DENABLE_SM4_CBC_MAC) list(APPEND src src/sm4_cbc_mac.c) list(APPEND tools tools/sm4_cbc_mac.c) list(APPEND tests sm4_cbc_mac) @@ -610,6 +615,7 @@ endif() if (ENABLE_SKF) message(STATUS "ENABLE_SKF is ON") + add_definitions(-DENABLE_SKF) list(APPEND src src/skf/skf.c src/skf/skf_lib.c diff --git a/src/skf/skf.c b/src/skf/skf.c index f726fb68..46a82934 100755 --- a/src/skf/skf.c +++ b/src/skf/skf.c @@ -12,6 +12,7 @@ #include #include #include +#include #include #include "../sgd.h" #include "skf.h" @@ -62,7 +63,8 @@ static const uint8_t zeros[ECC_MAX_XCOORDINATE_BITS_LEN/8 - 32] = {0}; static int SKF_ECCPUBLICKEYBLOB_to_SM2_KEY(const ECCPUBLICKEYBLOB *blob, SM2_KEY *sm2_key) { - SM2_POINT point; + SM2_Z256_POINT point; + uint8_t buf[64]; if (blob->BitLen != 256) { error_print(); @@ -73,13 +75,14 @@ static int SKF_ECCPUBLICKEYBLOB_to_SM2_KEY(const ECCPUBLICKEYBLOB *blob, SM2_KEY error_print(); return -1; } - if (sm2_point_from_xy(&point, - blob->XCoordinate + ECC_MAX_XCOORDINATE_BITS_LEN/8 - 32, - blob->YCoordinate + ECC_MAX_YCOORDINATE_BITS_LEN/8 - 32) != 1 + memcpy(buf, blob->XCoordinate + ECC_MAX_XCOORDINATE_BITS_LEN/8 - 32, 32); + memcpy(buf + 32, blob->YCoordinate + ECC_MAX_YCOORDINATE_BITS_LEN/8 - 32, 32); + if (sm2_z256_point_from_bytes(&point, buf) != 1 || sm2_key_set_public_key(sm2_key, &point) != 1) { error_print(); return -1; } + gmssl_secure_clear(buf, sizeof(buf)); return SAR_OK; } diff --git a/tools/cmsdecrypt.c b/tools/cmsdecrypt.c index 50a6d599..0041cc2e 100644 --- a/tools/cmsdecrypt.c +++ b/tools/cmsdecrypt.c @@ -57,7 +57,7 @@ int cmsdecrypt_main(int argc, char **argv) return 1; } - while (argc > 1) { + while (argc > 0) { if (!strcmp(*argv, "-help")) { printf("usage: %s %s\n", prog, options); ret = 0; diff --git a/tools/cmsencrypt.c b/tools/cmsencrypt.c index 3a867932..c95d7247 100644 --- a/tools/cmsencrypt.c +++ b/tools/cmsencrypt.c @@ -83,6 +83,10 @@ int cmsencrypt_main(int argc, char **argv) fprintf(stderr, "usage: %s %s\n", prog, options); return 1; } + if (argc == 2 && !strcmp(argv[1], "-help")) { + printf("usage: %s %s\n", prog, options); + return 0; + } // prepare cert buffer length? if (get_files_size(argc, argv, "-rcptcert", &rcpt_certs_len) != 1) { diff --git a/tools/cmsparse.c b/tools/cmsparse.c index 204f5247..b007576b 100644 --- a/tools/cmsparse.c +++ b/tools/cmsparse.c @@ -37,7 +37,7 @@ int cmsparse_main(int argc, char **argv) fprintf(stderr, "usage: %s %s\n", prog, options); return 1; } - while (argc > 1) { + while (argc > 0) { if (!strcmp(*argv, "-help")) { printf("usage: %s %s\n", prog, options); ret = 0; diff --git a/tools/cmssign.c b/tools/cmssign.c index 9b79fedc..2103e466 100644 --- a/tools/cmssign.c +++ b/tools/cmssign.c @@ -51,7 +51,7 @@ int cmssign_main(int argc, char **argv) return 1; } - while (argc > 1) { + while (argc > 0) { if (!strcmp(*argv, "-help")) { printf("usage: %s %s\n", prog, options); ret = 0; diff --git a/tools/cmsverify.c b/tools/cmsverify.c index 71125112..27485a21 100644 --- a/tools/cmsverify.c +++ b/tools/cmsverify.c @@ -51,7 +51,7 @@ int cmsverify_main(int argc, char **argv) return 1; } - while (argc > 1) { + while (argc > 0) { if (!strcmp(*argv, "-help")) { printf("usage: %s %s\n", prog, options); ret = 0;