diff options
| author | Jack Lloyd <jack.lloyd@ribose.com> | 2018-01-24 11:56:02 -0500 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-03-19 14:33:25 +0100 |
| commit | 3d328a445c2ad0eff2e9e843c384711be58a7c2f (patch) | |
| tree | 888d7dee8ebe744a5fd6a62a6b12c7b6b72bee83 /crypto/ec/ec_pmeth.c | |
| parent | df3a15512bd0f5ddd9f0dd74f0a058ee55b33904 (diff) | |
Add SM2 signature and ECIES schemes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4793)
Diffstat (limited to 'crypto/ec/ec_pmeth.c')
| -rw-r--r-- | crypto/ec/ec_pmeth.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 68ff2bbccf..82a4ffabf9 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -16,6 +16,10 @@ #include <openssl/evp.h> #include "internal/evp_int.h" +#if !defined(OPENSSL_NO_SM2) + #include <openssl/sm2.h> +#endif + /* EC pkey context structure */ typedef struct { @@ -102,6 +106,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, unsigned int sltmp; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; + const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); if (!sig) { *siglen = ECDSA_size(ec); @@ -116,7 +121,16 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, else type = NID_sha1; - ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec); + if (ec_nid == NID_sm2) { +#if defined(OPENSSL_NO_SM2) + ret = -1; +#else + ret = SM2_sign(type, tbs, tbslen, sig, &sltmp, ec); +#endif + } + else { + ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec); + } if (ret <= 0) return ret; @@ -131,13 +145,24 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx, int ret, type; EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; + const int ec_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); if (dctx->md) type = EVP_MD_type(dctx->md); else type = NID_sha1; - ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); + if (ec_nid == NID_sm2) { +#if defined(OPENSSL_NO_SM2) + ret = -1; +#else + ret = SM2_verify(type, tbs, tbslen, sig, siglen, ec); +#endif + } + else { + ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); + } + return ret; } @@ -318,7 +343,8 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && - EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { + EVP_MD_type((const EVP_MD *)p2) != NID_sha512 && + EVP_MD_type((const EVP_MD *)p2) != NID_sm3) { ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE); return 0; } |