The branch master has been updated
via 022411112dd19420f0df51818322a216d914a0fb (commit)
from 0e7e3b9b9d2d0a49097b4e224098036d3e6b8087 (commit)
- Log -----------------------------------------------------------------
commit 022411112dd19420f0df51818322a216d914a0fb
Author: Tianjia Zhang <tianjia.zh...@linux.alibaba.com>
Date: Tue May 25 16:52:20 2021 +0800
apps: Fix the mismatch of SM2 keys keymgmt
The SM2 key has a separate keymgmt, which is independent of the
EC. The key generated by the subcommand ecparam is wrong. Using
'openssl ec -in sm2.key -noout -text' will also encounter some
errors.
When using the ecparam subcommand to generate the SM2 key, use
the correct keymgmt to solve this problem.
Signed-off-by: Tianjia Zhang <tianjia.zh...@linux.alibaba.com>
Reviewed-by: Paul Dale <pa...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15454)
-----------------------------------------------------------------------
Summary of changes:
apps/ecparam.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/apps/ecparam.c b/apps/ecparam.c
index c3dbd75365..12eed703de 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -228,7 +228,11 @@ int ecparam_main(int argc, char **argv)
OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT,
point_format, 0);
*p = OSSL_PARAM_construct_end();
- gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "ec", NULL);
+
+ if (strcasecmp(curve_name, "SM2") == 0)
+ gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "sm2", NULL);
+ else
+ gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "ec", NULL);
if (gctx_params == NULL
|| EVP_PKEY_keygen_init(gctx_params) <= 0
|| EVP_PKEY_CTX_set_params(gctx_params, params) <= 0
