PROV: Add SM2 encoders and decoders, as well as support functionality

The EC KEYMGMT implementation handled SM2 as well, except what's
needed to support decoding: loading functions for both EC and SM2 that
checks for the presence or absence of the SM2 curve the same way as
the EC / SM2 import functions.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14028)

1 files changed, 37 insertions, 9 deletions

diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index d7ed92bd68..3a58d9e4dc 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -337,12 +337,25 @@ static int ec_match(const void *keydata1, const void *keydata2, int selection)
     return ok;
 }
 
+static int common_check_sm2(const EC_KEY *ec, int sm2_wanted)
+{
+    const EC_GROUP *ecg = NULL;
+
+    /*
+     * sm2_wanted: import the keys or domparams only on SM2 Curve
+     * !sm2_wanted: import the keys or domparams only not on SM2 Curve
+     */
+    if ((ecg = EC_KEY_get0_group(ec)) == NULL
+        || (sm2_wanted ^ (EC_GROUP_get_curve_name(ecg) == NID_sm2)))
+        return 0;
+    return 1;
+}
+
 static
 int common_import(void *keydata, int selection, const OSSL_PARAM params[],
-                  int sm2_curve)
+                  int sm2_wanted)
 {
     EC_KEY *ec = keydata;
-    const EC_GROUP *ecg = NULL;
     int ok = 1;
 
     if (!ossl_prov_is_running() || ec == NULL)
@@ -366,12 +379,7 @@ int common_import(void *keydata, int selection, const OSSL_PARAM params[],
 
     ok = ok && ec_group_fromdata(ec, params);
 
-    /*
-     * sm2_curve: import the keys or domparams only on SM2 Curve
-     * !sm2_curve: import the keys or domparams only not on SM2 Curve
-     */
-    if ((ecg = EC_KEY_get0_group(ec)) == NULL
-            || (sm2_curve ^ (EC_GROUP_get_curve_name(ecg) == NID_sm2)))
+    if (!common_check_sm2(ec, sm2_wanted))
         return 0;
 
     if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
@@ -1267,13 +1275,18 @@ static void ec_gen_cleanup(void *genctx)
     OPENSSL_free(gctx);
 }
 
-void *ec_load(const void *reference, size_t reference_sz)
+static void *common_load(const void *reference, size_t reference_sz,
+                         int sm2_wanted)
 {
     EC_KEY *ec = NULL;
 
     if (ossl_prov_is_running() && reference_sz == sizeof(ec)) {
         /* The contents of the reference is the address to our object */
         ec = *(EC_KEY **)reference;
+
+        if (!common_check_sm2(ec, sm2_wanted))
+            return NULL;
+
         /* We grabbed, so we detach it */
         *(EC_KEY **)reference = NULL;
         return ec;
@@ -1281,6 +1294,20 @@ void *ec_load(const void *reference, size_t reference_sz)
     return NULL;
 }
 
+static void *ec_load(const void *reference, size_t reference_sz)
+{
+    return common_load(reference, reference_sz, 0);
+}
+
+#ifndef FIPS_MODULE
+# ifndef OPENSSL_NO_SM2
+static void *sm2_load(const void *reference, size_t reference_sz)
+{
+    return common_load(reference, reference_sz, 1);
+}
+# endif
+#endif
+
 const OSSL_DISPATCH ossl_ec_keymgmt_functions[] = {
     { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))ec_newdata },
     { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))ec_gen_init },
@@ -1321,6 +1348,7 @@ const OSSL_DISPATCH ossl_sm2_keymgmt_functions[] = {
       (void (*)(void))ec_gen_settable_params },
     { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))sm2_gen },
     { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ec_gen_cleanup },
+    { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))sm2_load },
     { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ec_freedata },
     { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))sm2_get_params },
     { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))sm2_gettable_params },