EVP: Expand the use of EVP_PKEY_CTX_md()

Setting a hash function was reserved for signature operations.
However, it turns out that SM2 uses a hash function for encryption and
decryption as well.
Therefore, EVP_PKEY_CTX_md() must be called with an expanded operation
type combination that includes EVP_PKEY_OP_TYPE_CRYPT when used in a
generic way.

For SM2, test/recipes/30-test_evp_data/evppkey_sm2.txt is expanded to
test decryption both with an implicit and an explicit digest.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12789)

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index bf8af22a472bb994c62401352c4cc142f791e3f2..94148850a0dd0b568396998766aced84d09c777f 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -1516,7 +1516,8 @@ static int evp_pkey_ctx_ctrl_str_int(EVP_PKEY_CTX *ctx,
             return -2;
         }
         if (strcmp(name, "digest") == 0)
-            ret = EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG,
+            ret = EVP_PKEY_CTX_md(ctx,
+                                  EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT,
                                   EVP_PKEY_CTRL_MD, value);
         else
             ret = ctx->pmeth->ctrl_str(ctx, name, value);

diff --git a/test/recipes/30-test_evp_data/evppkey_sm2.txt b/test/recipes/30-test_evp_data/evppkey_sm2.txt
index b5b36dea3db3277e4d857a192ca86e0d81e3c9ce..85a60b021f852fa32246a84ee8d4d8c9bfbacf67 100644 (file)
--- a/test/recipes/30-test_evp_data/evppkey_sm2.txt
+++ b/test/recipes/30-test_evp_data/evppkey_sm2.txt
@@ -40,6 +40,12 @@ Ctrl = digest:SHA512
 Input = 40AA1B203C9D8EE150B21C3C7CDA8261492E5420C5F2B9F7380700E094C303B48E62F319C1DA0E32EB40D113C5F1749CC61AEB499167890AB82F2CC9BB706971
 Output = 3046022100AE018933B9BA041784380069F2DDF609694DCD299FDBF23D09F4B711FBC103EC0221008440BB1A48C132DE4FB91BE9F43B958142FDD29FB9DABE01B17514023A2F638C
 
+Availablein = default
+Decrypt = SM2_key1
+Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197
+Output = "The floofy bunnies hop at midnight"
+
+# This is the same as above, but with explicit digest control
 Availablein = default
 Decrypt = SM2_key1
 Ctrl = digest:SM3