From fa6893008361d052afe98042ba421817a4d0a6ad Mon Sep 17 00:00:00 2001
From: Zhi Guan <guanzhi1980@gmail.com>
Date: Thu, 18 Jul 2019 16:02:54 +0800
Subject: [PATCH] Add SM4/SM3 PSK ciphersuite

---
 include/openssl/gmtls.h    |  3 +++
 include/openssl/opensslv.h |  4 ++--
 ssl/s3_lib.c               | 17 +++++++++++++++++
 ssl/t1_trce.c              |  3 +++
 4 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/include/openssl/gmtls.h b/include/openssl/gmtls.h
index bfb6b1f3..d3175740 100644
--- a/include/openssl/gmtls.h
+++ b/include/openssl/gmtls.h
@@ -120,6 +120,8 @@ extern "C" {
 # define GMTLS_CK_SM2_PSK_WITH_SMS4_GCM_SM3	0x0300F10C
 # define GMTLS_CK_SM2_PSK_WITH_SMS4_CCM_SM3	0x0300F10D
 
+# define GMTLS_CK_ECDHE_PSK_WITH_SMS4_CBC_SM3	0x0300F10E
+
 # define GMTLS_CK_PSK_WITH_SM1_CBC_SM3		0x0300F10E
 # define GMTLS_CK_PSK_WITH_SM1_GCM_SM3		0x0300F10F /* reserved */
 # define GMTLS_CK_PSK_WITH_SM1_CCM_SM3		0x0300F110 /* reserved */
@@ -187,6 +189,7 @@ extern "C" {
 # define GMTLS_TXT_RSA_PSK_WITH_NULL_SM3	"RSA-PSK-WITH-NULL-SM3"
 # define GMTLS_TXT_SM2_PSK_WITH_NULL_SM3	"SM2-PSK_WITH-NULL-SM3"
 # define GMTLS_TXT_ECDHE_PSK_WITH_NULL_SM3	"ECDHE-PSK-WITH-NULL-SM3"
+# define GMTLS_TXT_ECDHE_PSK_WITH_SMS4_CBC_SM3	"ECDHE-PSK-WITH-SMS4-CBC-SM3"
 
 /* PSK ciphersuits with SMS4 */
 # define GMTLS_TXT_PSK_WITH_SMS4_CBC_SM3	"PSK-WITH-SMS4-CBC-SM3"
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index abfac5e1..29c0a769 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -41,9 +41,9 @@ extern "C" {
  */
 # define OPENSSL_VERSION_NUMBER  0x1010004fL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "GmSSL 2.5.1 - OpenSSL 1.1.0d-fips  13 Jun 2019"
+#  define OPENSSL_VERSION_TEXT    "GmSSL 2.5.2 - OpenSSL 1.1.0d-fips  18 July 2019"
 # else
-#  define OPENSSL_VERSION_TEXT    "GmSSL 2.5.1 - OpenSSL 1.1.0d  13 Jun 2019"
+#  define OPENSSL_VERSION_TEXT    "GmSSL 2.5.2 - OpenSSL 1.1.0d  18 July 2019"
 # endif
 
 /*-
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 4b960ac6..7a0d47f7 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2026,6 +2026,23 @@ static SSL_CIPHER ssl3_ciphers[] = {
      256,
      256,
      },
+#ifndef OPENSSL_NO_GMTLS
+    {
+     1,
+     GMTLS_TXT_ECDHE_PSK_WITH_SMS4_CBC_SM3,
+     GMTLS_CK_ECDHE_PSK_WITH_SMS4_CBC_SM3,
+     SSL_kECDHEPSK,
+     SSL_aPSK,
+     SSL_SMS4,
+     SSL_SM3,
+     TLS1_VERSION, TLS1_2_VERSION,
+     DTLS1_BAD_VER, DTLS1_2_VERSION,
+     SSL_HIGH,
+     SSL_HANDSHAKE_MAC_SM3 | TLS1_PRF,
+     128,
+     128,
+     },
+#endif
     {
      1,
      TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index e6e65d69..b5e59205 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -516,6 +516,9 @@ static ssl_trace_tbl ssl_ciphers_tbl[] = {
     {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
     {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
 
+#ifndef OPENSSL_NO_GMTLS
+    {0xF10E, "GMTLS_ECDHE_PSK_WITH_SMS4_CBC_SM3"},
+#endif
 };
 
 /* Compression methods */