diff options
| author | Richard Levitte <levitte@openssl.org> | 2023-10-27 09:01:19 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-01-12 11:09:25 +0100 |
| commit | 4e06cc4dbe2a598819c48ccf3e343d7496ac2be7 (patch) | |
| tree | 93a0161712ba4c4dc206c3b6d22dd8cb2e2cf7b6 | |
| parent | 12726997e86dc8f19c011ab8cbd995c10b12547d (diff) | |
Fix the encoding of SM2 keys
OpenSSL's encoding of SM2 keys used the SM2 OID for the algorithm OID
where an AlgorithmIdentifier is encoded (for encoding into the structures
PrivateKeyInfo and SubjectPublicKeyInfo).
Such keys should be encoded as ECC keys.
Fixes #22184
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22529)
(cherry picked from commit 1d490694dfa790d8e47f8f2ea62ea1d9b1251179)
| -rw-r--r-- | CHANGES.md | 6 | ||||
| -rw-r--r-- | providers/implementations/encode_decode/encode_key2any.c | 10 |
2 files changed, 15 insertions, 1 deletions
diff --git a/CHANGES.md b/CHANGES.md index 0cdb480dcb..8be8124fd8 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -30,6 +30,12 @@ breaking changes, and mappings for the large list of deprecated functions. ### Changes between 3.0.12 and 3.0.13 [xx XXX xxxx] + * Restore the encoding of SM2 PrivateKeyInfo and SubjectPublicKeyInfo to + have the contained AlgorithmIdentifier.algorithm set to id-ecPublicKey + rather than SM2. + + *Richard Levitte* + * The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs saves the contents of vector registers in different order than they are restored. Thus the contents of some of these vector diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 0f4c62962d..6ca49a78e2 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -740,7 +740,15 @@ static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder) # define ec_pem_type "EC" # ifndef OPENSSL_NO_SM2 -# define sm2_evp_type EVP_PKEY_SM2 +/* + * Albeit SM2 is a slightly different algorithm than ECDSA, the key type + * encoding (in all places where an AlgorithmIdentifier is produced, such + * as PrivateKeyInfo and SubjectPublicKeyInfo) is the same as for ECC keys + * according to the example in GM/T 0015-2012, appendix D.2. + * This leaves the distinction of SM2 keys to the EC group (which is found + * in AlgorithmIdentified.params). + */ +# define sm2_evp_type ec_evp_type # define sm2_input_type "SM2" # define sm2_pem_type "SM2" # endif |