Fix the default digest algorthm of SM2

Currently SM2 shares the ameth with EC, so the current default digest algorithm returned is SHA256. This fixes the default digest algorithm of SM2 to SM3, which is the only valid digest algorithm for SM2 signature. Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8186) (cherry picked from commit e766f4a0531bffdab8ad2038279b755928d7a40a)

Fix the default digest algorthm of SM2
Currently SM2 shares the ameth with EC, so the current default digest algorithm returned is SHA256. This fixes the default digest algorithm of SM2 to SM3, which is the only valid digest algorithm for SM2 signature. Reviewed-by: N Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8186) (cherry picked from commit e766f4a0531bffdab8ad2038279b755928d7a40a)
9c6d536f · Paul Yang · e8dc6580 · 9c6d536f
隐藏空白更改
内联并排

Showing with 6 addition and 1 deletion

crypto/ec/ec_ameth.c crypto/ec/ec_ameth.c +6 -1

未找到文件。
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -504,7 +504,12 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 #endif

    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
+        if (EVP_PKEY_id(pkey) == EVP_PKEY_SM2) {
+            /* For SM2, the only valid digest-alg is SM3 */
+            *(int *)arg2 = NID_sm3;
+        } else {
+            *(int *)arg2 = NID_sha256;
+        }
        return 1;

    case ASN1_PKEY_CTRL_SET1_TLS_ENCPT: