From: Paul Yang Date: Thu, 6 Sep 2018 02:36:11 +0000 (+0800) Subject: Add missing SM2err and fix doc nits X-Git-Tag: OpenSSL_1_1_1~27 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f922dac87d859cc7419207301533fe89582ac3ea;p=oweals%2Fopenssl.git Add missing SM2err and fix doc nits Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7113) --- diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index c998e61616..2c8572ba64 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1080,6 +1080,7 @@ RSA_F_RSA_VERIFY:119:RSA_verify RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1 RSA_F_SETUP_TBUF:167:setup_tbuf +SM2_F_PKEY_SM2_COPY:115:pkey_sm2_copy SM2_F_PKEY_SM2_CTRL:109:pkey_sm2_ctrl SM2_F_PKEY_SM2_CTRL_STR:110:pkey_sm2_ctrl_str SM2_F_PKEY_SM2_DIGEST_CUSTOM:114:pkey_sm2_digest_custom diff --git a/crypto/include/internal/sm2err.h b/crypto/include/internal/sm2err.h index 62f2aa2a10..a4db1b73d7 100644 --- a/crypto/include/internal/sm2err.h +++ b/crypto/include/internal/sm2err.h @@ -23,6 +23,7 @@ int ERR_load_SM2_strings(void); /* * SM2 function codes. */ +# define SM2_F_PKEY_SM2_COPY 115 # define SM2_F_PKEY_SM2_CTRL 109 # define SM2_F_PKEY_SM2_CTRL_STR 110 # define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114 diff --git a/crypto/sm2/sm2_err.c b/crypto/sm2/sm2_err.c index c2a96c15d9..653c6797f8 100644 --- a/crypto/sm2/sm2_err.c +++ b/crypto/sm2/sm2_err.c @@ -14,6 +14,7 @@ #ifndef OPENSSL_NO_ERR static const ERR_STRING_DATA SM2_str_functs[] = { + {ERR_PACK(ERR_LIB_SM2, SM2_F_PKEY_SM2_COPY, 0), "pkey_sm2_copy"}, {ERR_PACK(ERR_LIB_SM2, SM2_F_PKEY_SM2_CTRL, 0), "pkey_sm2_ctrl"}, {ERR_PACK(ERR_LIB_SM2, SM2_F_PKEY_SM2_CTRL_STR, 0), "pkey_sm2_ctrl_str"}, {ERR_PACK(ERR_LIB_SM2, SM2_F_PKEY_SM2_DIGEST_CUSTOM, 0), diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c index 4b61e243aa..3e420658d2 100644 --- a/crypto/sm2/sm2_pmeth.c +++ b/crypto/sm2/sm2_pmeth.c @@ -72,6 +72,7 @@ static int pkey_sm2_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) if (sctx->id != NULL) { dctx->id = OPENSSL_malloc(sctx->id_len); if (dctx->id == NULL) { + SM2err(SM2_F_PKEY_SM2_COPY, ERR_R_MALLOC_FAILURE); pkey_sm2_cleanup(dst); return 0; } @@ -195,8 +196,10 @@ static int pkey_sm2_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) case EVP_PKEY_CTRL_SET1_ID: if (p1 > 0) { tmp_id = OPENSSL_malloc(p1); - if (tmp_id == NULL) + if (tmp_id == NULL) { + SM2err(SM2_F_PKEY_SM2_CTRL, ERR_R_MALLOC_FAILURE); return 0; + } memcpy(tmp_id, p2, p1); OPENSSL_free(smctx->id); smctx->id = tmp_id; diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod index 9b74e41d39..0fedd17ce6 100644 --- a/doc/man3/EVP_DigestInit.pod +++ b/doc/man3/EVP_DigestInit.pod @@ -187,7 +187,7 @@ B structure respectively. Assigns an B to B. This is usually used to provide a customzied B to L or L. The B passed to this function should be freed -by the caller. A null B pointer is also allowed to clear the B +by the caller. A NULL B pointer is also allowed to clear the B assigned to B. In such case, freeing the cleared B or not depends on how the B is created. diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index d70dbb9cf2..e1a107c06e 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -167,15 +167,15 @@ B value was only added to OpenSSL 1.1.0; previous versions should use 0 instead. The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() -are used to manipulate special identifier field for specific signature algorithm -such as SM2. The EVP_PKEY_set1_id() sets an ID pointed by B with the length -B to the library. The library maintains the memory management stuffs so -the caller can safely free the original memory pointed by B. The -EVP_PKEY_CTX_get1_id_len() returns the length of the ID set via a previous call -to EVP_PKEY_set1_id(). The length is usually used to allocate adequate memory for -further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() returns the -previously set ID value to caller into B, caller should allocate adequate -memory space to B before calling EVP_PKEY_CTX_get1_id(). +macros are used to manipulate the special identifier field for specific signature +algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by B with +the length B to the library. The library takes a copy of the id so that +the caller can safely free the original memory pointed to by B. The +EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous +call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate +memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() +macro returns the previously set ID value to caller in B. The caller should +allocate adequate memory space for the B before calling EVP_PKEY_CTX_get1_id(). =head1 RETURN VALUES @@ -197,7 +197,7 @@ L =head1 HISTORY EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() -were added in 1.1.1, other functions were first added to OpenSSL 1.0.0. +macros were added in 1.1.1, other functions were first added to OpenSSL 1.0.0. =head1 COPYRIGHT diff --git a/doc/man3/EVP_PKEY_meth_new.pod b/doc/man3/EVP_PKEY_meth_new.pod index 171d4da744..db803fc2a2 100644 --- a/doc/man3/EVP_PKEY_meth_new.pod +++ b/doc/man3/EVP_PKEY_meth_new.pod @@ -348,8 +348,8 @@ The digest_custom() method is used to generate customized digest content before the real message is passed to functions like L or L. This is usually required by some public key signature algorithms like SM2 which requires a hashed prefix to the message to -be signed. The digest_custom() will be called by L and -L. +be signed. The digest_custom() function will be called by L +and L. =head2 Functions diff --git a/doc/man7/SM2.pod b/doc/man7/SM2.pod index 40dc317dcf..029dc736cb 100644 --- a/doc/man7/SM2.pod +++ b/doc/man7/SM2.pod @@ -6,23 +6,25 @@ SM2 - Chinese SM2 signature and encryption algorithm support =head1 DESCRIPTION -B algorithm is first defined by the Chinese national standard GM/T 0003-2012 -and is standardized by ISO as ISO/IEC 14888. B is actually an elliptic curve -based algorithm. Currnet implementation in OpenSSL supports both signature and -encryption schemes via EVP interface. +The B algorithm was first defined by the Chinese national standard GM/T +0003-2012 and was later standardized by ISO as ISO/IEC 14888. B is actually +an elliptic curve based algorithm. The current implementation in OpenSSL supports +both signature and encryption schemes via the EVP interface. When doing the B signature algorithm, it requires a distinguishing identifier to form the message prefix which is hashed before the real message is hashed. =head1 NOTES -B signature can be generated by using the 'DigestSign' series APIs, for instance, -EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). Ditto -for the verification process by calling the 'DigestVerify' series APIs. +B signatures can be generated by using the 'DigestSign' series of APIs, for +instance, EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). +Ditto for the verification process by calling the 'DigestVerify' series of APIs. -There are several special steps need to be done before computing an B signature. +There are several special steps that need to be done before computing an B +signature. -The B structure should be set to B by calling: +The B structure will default to using ECDSA for signatures when it is +created. It should be set to B by calling: EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); @@ -30,23 +32,23 @@ Then an ID should be set by calling: EVP_PKEY_CTX_set1_id(pctx, id, id_len); -When calling the EVP_DeigestSignInit() or EVP_DigestVerifyInit() function, a +When calling the EVP_DigestSignInit() or EVP_DigestVerifyInit() functions, a pre-allocated B should be assigned to the B. This is done by calling: EVP_MD_CTX_set_pkey_ctx(mctx, pctx); -And normally there is no need to pass a B parameter to EVP_DeigestSignInit() -or EVP_DigestVerifyInit() in such scenario. +And normally there is no need to pass a B parameter to EVP_DigestSignInit() +or EVP_DigestVerifyInit() in such a scenario. =head1 EXAMPLE -This example demonstrates the calling sequence on how to use an B to -sign a message with SM2 signature algorithm and SM3 hash algorithm: +This example demonstrates the calling sequence for using an B to verify +a message with the SM2 signature algorithm and the SM3 hash algorithm: #include - /* obtain an EVP_PKEY from whatever methods... */ + /* obtain an EVP_PKEY using whatever methods... */ EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); mctx = EVP_MD_CTX_new(); pctx = EVP_PKEY_CTX_new(pkey, NULL);