[openssl] master update

tomas at openssl.org tomas at openssl.org
Wed May 26 14:58:04 UTC 2021


The branch master has been updated
       via  022411112dd19420f0df51818322a216d914a0fb (commit)
      from  0e7e3b9b9d2d0a49097b4e224098036d3e6b8087 (commit)


- Log -----------------------------------------------------------------
commit 022411112dd19420f0df51818322a216d914a0fb
Author: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
Date:   Tue May 25 16:52:20 2021 +0800

    apps: Fix the mismatch of SM2 keys keymgmt
    
    The SM2 key has a separate keymgmt, which is independent of the
    EC. The key generated by the subcommand ecparam is wrong. Using
    'openssl ec -in sm2.key -noout -text' will also encounter some
    errors.
    
    When using the ecparam subcommand to generate the SM2 key, use
    the correct keymgmt to solve this problem.
    
    Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15454)

-----------------------------------------------------------------------

Summary of changes:
 apps/ecparam.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/apps/ecparam.c b/apps/ecparam.c
index c3dbd75365..12eed703de 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -228,7 +228,11 @@ int ecparam_main(int argc, char **argv)
                        OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT,
                        point_format, 0);
         *p = OSSL_PARAM_construct_end();
-        gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "ec", NULL);
+
+        if (strcasecmp(curve_name, "SM2") == 0)
+            gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "sm2", NULL);
+        else
+            gctx_params = EVP_PKEY_CTX_new_from_name(NULL, "ec", NULL);
         if (gctx_params == NULL
             || EVP_PKEY_keygen_init(gctx_params) <= 0
             || EVP_PKEY_CTX_set_params(gctx_params, params) <= 0


More information about the openssl-commits mailing list