Fix sm2utl bugs

guanzhi · guanzhi · commit d114bed3f82e · 2019-02-02T20:44:51.000+08:00
diff --git a/apps/sm2.c b/apps/sm2.c
@@ -69,6 +69,7 @@ NON_EMPTY_TRANSLATION_UNIT
 # include <openssl/pem.h>
 # include <openssl/sm2.h>
 # include <openssl/objects.h>
+# include "../crypto/ec/ec_lcl.h"
 # include "apps.h"
 
 static OPT_PAIR conv_forms[] = {
@@ -129,7 +130,7 @@ int sm2_main(int argc, char **argv)
     ENGINE *e = NULL;
     EC_KEY *eckey = NULL;
     const EC_GROUP *group;
-    const EVP_CIPHER *enc = NULL;
+    const EVP_CIPHER *enc = EVP_sms4_cbc();
     point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
     char *infile = NULL, *outfile = NULL, *prog;
     char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
@@ -292,6 +293,10 @@ int sm2_main(int argc, char **argv)
             unsigned char buf[256] = {0};
             unsigned char *key = NULL;
             long keylen;
+            if (!(eckey = EC_KEY_new_by_curve_name(NID_sm2p256v1))) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
             if (BIO_read(in, buf, sizeof(buf) - 1) <= 0) {
                 ERR_print_errors(bio_err);
                 OPENSSL_cleanse(buf, sizeof(buf));
@@ -304,16 +309,25 @@ int sm2_main(int argc, char **argv)
             }
             OPENSSL_cleanse(buf, sizeof(buf));
             if (keylen != 32) {
-                BIO_printf(bio_err, "invalid private key in hex format\n");
+                BIO_printf(bio_err, "Invalid private key in hex format\n");
+		BIO_printf(bio_err, "Key length is %ld, not 32 byte\n", keylen);
                 OPENSSL_cleanse(key, keylen);
                 goto end;
             }
-            if (!EC_KEY_oct2key(eckey, key, sizeof(key), NULL)) {
+            if (!EC_KEY_oct2priv(eckey, key, keylen)) {
                 ERR_print_errors(bio_err);
                 OPENSSL_cleanse(key, keylen);
                 goto end;
             }
             OPENSSL_cleanse(key, keylen);
+
+            if (eckey->group->meth->keygenpub == NULL
+                || eckey->group->meth->keygenpub(eckey) == 0) {
+                BIO_printf(bio_err, "Generate public key from private key failed\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+
         } else if (informat == FORMAT_ENGINE) {
             EVP_PKEY *pkey;
             if (pubin)
@@ -378,6 +392,24 @@ int sm2_main(int argc, char **argv)
         }
     }
 
+    if (genzid) {
+        unsigned char z[64];
+        size_t zlen = sizeof(z);
+        if (!id) {
+            id = SM2_DEFAULT_ID;
+            BIO_printf(bio_err, "use default identity '%s'\n", id);
+        }
+        if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen, eckey)) {
+            goto end;
+        }
+        BIO_printf(out, "id: %s\n", id);
+        BIO_puts(out, "Z:\n");
+	ASN1_buf_print(out, z, zlen, 4);
+
+
+        BIO_printf(out, "\n");
+    }
+
     if (noout) {
         ret = 0;
         goto end;
@@ -400,26 +432,12 @@ int sm2_main(int argc, char **argv)
             i = PEM_write_bio_EC_PUBKEY(out, eckey);
         else {
             assert(private);
+            //FIXME: use PKCS#8				
             i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
                                            NULL, 0, NULL, passout);
+
         }
     }
-    if (genzid) {
-        unsigned char z[64];
-        size_t zlen = sizeof(z);
-        if (!id) {
-            id = SM2_DEFAULT_ID;
-            BIO_printf(bio_err, "use default identity '%s'\n", id);
-        }
-        if (!SM2_compute_id_digest(EVP_sm3(), id, strlen(id), z, &zlen, eckey)) {
-            goto end;
-        }
-        BIO_printf(out, "Z = ");
-        for (i = 0; i < zlen; i++) {
-            BIO_printf(out, "%02X", z[i]);
-        }
-        BIO_printf(out, "\n");
-    }
 
     if (!i) {
         BIO_printf(bio_err, "unable to write private key\n");
diff --git a/apps/sm2utl.c b/apps/sm2utl.c
@@ -288,6 +288,17 @@ int sm2utl_main(int argc, char **argv)
 		goto end;
 	}
 
+	switch (op) {
+	case OP_DGST:
+	case OP_SIGN:
+	case OP_VERIFY:
+		if (!id) {
+			BIO_printf(bio_err, "Option '-id' required\n");
+			goto end;
+		}
+		break;
+	}
+
 	switch (op) {
 	case OP_DGST:
 		return sm2utl_sign(md, in, out, id, e, ec_key, 0);
@@ -330,7 +341,7 @@ static int sm2utl_sign(const EVP_MD *md, BIO *in, BIO *out, const char *id,
 		ERR_print_errors(bio_err);
 		goto end;
 	}
-	while ((len = BIO_read(in, buf, sizeof(buf))) <= 0) {
+	while ((len = BIO_read(in, buf, sizeof(buf))) > 0) {
 		if (!EVP_DigestUpdate(md_ctx, buf, len)) {
 			ERR_print_errors(bio_err);
 			goto end;
@@ -386,7 +397,7 @@ static int sm2utl_verify(const EVP_MD *md, BIO *in, BIO *out, BIO *sig,
 		ERR_print_errors(bio_err);
 		goto end;
 	}
-	while ((len = BIO_read(in, buf, sizeof(buf))) <= 0) {
+	while ((len = BIO_read(in, buf, sizeof(buf))) > 0) {
 		if (!EVP_DigestUpdate(md_ctx, buf, len)) {
 			ERR_print_errors(bio_err);
 			goto end;
@@ -420,6 +431,9 @@ static int sm2utl_encrypt(const EVP_MD *md, BIO *in, BIO *out, EC_KEY *ec_key)
 	int len;
 
 	if (!(len = bio_to_mem(&buf, SM2_MAX_PLAINTEXT_LENGTH, in))) {
+		ERR_print_errors(bio_err);
+		BIO_printf(bio_err, "Error reading plaintext\n");
+		goto end;
 	}
 	if (!(cval = SM2_do_encrypt(md, buf, len, ec_key))
 		|| i2d_SM2CiphertextValue_bio(out, cval) <= 0) {
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
@@ -250,6 +250,8 @@ int ec_key_simple_generate_key(EC_KEY *eckey)
 
 int ec_key_simple_generate_public_key(EC_KEY *eckey)
 {
+    if (eckey->pub_key == NULL)
+        eckey->pub_key = EC_POINT_new(eckey->group);
     return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL,
                         NULL, NULL);
 }
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
@@ -41,9 +41,9 @@ extern "C" {
  */
 # define OPENSSL_VERSION_NUMBER  0x1010004fL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "GmSSL 2.4.5 - OpenSSL 1.1.0d-fips  1 Feb 2019"
+#  define OPENSSL_VERSION_TEXT    "GmSSL 2.4.5 - OpenSSL 1.1.0d-fips  2 Feb 2019"
 # else
-#  define OPENSSL_VERSION_TEXT    "GmSSL 2.4.5 - OpenSSL 1.1.0d  1 Feb 2019"
+#  define OPENSSL_VERSION_TEXT    "GmSSL 2.4.5 - OpenSSL 1.1.0d  2 Feb 2019"
 # endif
 
 /*-
diff --git a/util/libcrypto.num b/util/libcrypto.num
diff --git a/util/libssl.num b/util/libssl.num

Original file line number	Diff line number	Diff line change
`@@ -250,6 +250,8 @@ int ec_key_simple_generate_key(EC_KEY *eckey)`
`250`	`250`
`251`	`251`	`int ec_key_simple_generate_public_key(EC_KEY *eckey)`
`252`	`252`	`{`
	`253`	`+ if (eckey->pub_key == NULL)`
	`254`	`+ eckey->pub_key = EC_POINT_new(eckey->group);`
`253`	`255`	`return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL,`
`254`	`256`	`NULL, NULL);`
`255`	`257`	`}`