Fix the default digest algorthm of SM2
authorPaul Yang <yang.yang@baishancloud.com>
Mon, 25 Feb 2019 09:34:03 +0000 (17:34 +0800)
committerPaul Yang <yang.yang@baishancloud.com>
Wed, 27 Feb 2019 02:05:17 +0000 (10:05 +0800)
Currently SM2 shares the ameth with EC, so the current default digest
algorithm returned is SHA256. This fixes the default digest algorithm of
SM2 to SM3, which is the only valid digest algorithm for SM2 signature.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8186)

crypto/ec/ec_ameth.c

index 54d55ad..2beeb82 100644 (file)
@@ -504,7 +504,12 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 #endif
 
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
+        if (EVP_PKEY_id(pkey) == EVP_PKEY_SM2) {
+            /* For SM2, the only valid digest-alg is SM3 */
+            *(int *)arg2 = NID_sm3;
+        } else {
+            *(int *)arg2 = NID_sha256;
+        }
         return 1;
 
     case ASN1_PKEY_CTRL_SET1_TLS_ENCPT: