Skip to content

Commit 09e2d79

Browse files
guanzhiguanzhi
authored
Merge pull request #970 from Trisia/master
[bug fix] 修复了ECC_SM4_SM3套件在秘钥交换过程中的错误
2 parents d4420f3 + 1d495ef commit 09e2d79

1 file changed

Lines changed: 24 additions & 20 deletions

File tree

ssl/statem/statem_gmtls.c

Lines changed: 24 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -492,10 +492,11 @@ static int gmtls_construct_ske_sm2dhe(SSL *s, unsigned char **p, int *l, int *al
492492
SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2DHE, ERR_R_EVP_LIB);
493493
goto end;
494494
}
495-
if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
496-
SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2DHE, ERR_R_EVP_LIB);
497-
goto end;
498-
}
495+
// if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
496+
// SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2DHE, ERR_R_EVP_LIB);
497+
// goto end;
498+
// }
499+
id = SM2_DEFAULT_ID;
499500
zlen = sizeof(z);
500501
if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen,
501502
EVP_PKEY_get0_EC_KEY(pkey))) {
@@ -626,11 +627,12 @@ static int gmtls_process_ske_sm2dhe(SSL *s, PACKET *pkt, int *al)
626627
}
627628

628629
/* prepare sm2 z value */
629-
if (!(id = X509_NAME_oneline(
630-
X509_get_subject_name(s->session->peer), NULL, 0))) {
631-
SSLerr(SSL_F_GMTLS_PROCESS_SKE_SM2DHE, ERR_R_EVP_LIB);
632-
goto end;
633-
}
630+
// if (!(id = X509_NAME_oneline(
631+
// X509_get_subject_name(s->session->peer), NULL, 0))) {
632+
// SSLerr(SSL_F_GMTLS_PROCESS_SKE_SM2DHE, ERR_R_EVP_LIB);
633+
// goto end;
634+
// }
635+
id = SM2_DEFAULT_ID;
634636
zlen = sizeof(z);
635637
if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen,
636638
EVP_PKEY_get0_EC_KEY(pkey))) {
@@ -696,7 +698,7 @@ static unsigned char *gmtls_new_cert_packet(X509 *x, int *l)
696698

697699
p = ret;
698700
l2n3(n, p);
699-
*l = n;
701+
*l = n+3;
700702

701703
end:
702704
return ret;
@@ -745,10 +747,11 @@ static int gmtls_construct_ske_sm2(SSL *s, unsigned char **p, int *l, int *al)
745747
SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2, ERR_R_EVP_LIB);
746748
goto end;
747749
}
748-
if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
749-
SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2, ERR_R_EVP_LIB);
750-
goto end;
751-
}
750+
// if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
751+
// SSLerr(SSL_F_GMTLS_CONSTRUCT_SKE_SM2, ERR_R_EVP_LIB);
752+
// goto end;
753+
// }
754+
id = SM2_DEFAULT_ID;
752755
zlen = sizeof(z);
753756
if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen,
754757
EVP_PKEY_get0_EC_KEY(pkey))) {
@@ -802,7 +805,7 @@ static int gmtls_construct_ske_sm2(SSL *s, unsigned char **p, int *l, int *al)
802805
end:
803806
OPENSSL_free(buf);
804807
EVP_MD_CTX_free(md_ctx);
805-
OPENSSL_free(id);
808+
// OPENSSL_free(id);
806809
return ret;
807810
}
808811

@@ -865,10 +868,11 @@ static int gmtls_process_ske_sm2(SSL *s, PACKET *pkt, int *al)
865868
}
866869

867870
/* prepare sm2 z value */
868-
if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
869-
SSLerr(SSL_F_GMTLS_PROCESS_SKE_SM2, ERR_R_EVP_LIB);
870-
goto end;
871-
}
871+
// if (!(id = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0))) {
872+
// SSLerr(SSL_F_GMTLS_PROCESS_SKE_SM2, ERR_R_EVP_LIB);
873+
// goto end;
874+
// }
875+
id = SM2_DEFAULT_ID;
872876
zlen = sizeof(z);
873877
if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen,
874878
EVP_PKEY_get0_EC_KEY(pkey))) {
@@ -903,7 +907,7 @@ static int gmtls_process_ske_sm2(SSL *s, PACKET *pkt, int *al)
903907
end:
904908
OPENSSL_free(buf);
905909
EVP_MD_CTX_free(md_ctx);
906-
OPENSSL_free(id);
910+
// OPENSSL_free(id);
907911
return ret;
908912
}
909913

0 commit comments

Comments
 (0)