Add the support for sm2 keypairs import

Eno-CN · Eno-CN · commit 6278e284d926 · 2022-11-27T04:06:23.000+08:00
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -4304,36 +4304,31 @@ static bool php_openssl_pkey_init_legacy_ec(EC_KEY *eckey, zval *data, bool *is_
 		goto clean_exit;
 	}
 	
-	/* custom params not supported with SM2, SKIP */
-	if (!curve_name_zv ||
-		(Z_TYPE_P(curve_name_zv) == IS_STRING &&
-		OBJ_sn2nid(Z_STRVAL_P(curve_name_zv)) != OBJ_sn2nid("SM2"))){
 		OPENSSL_PKEY_SET_BN(data, d);
 		OPENSSL_PKEY_SET_BN(data, x);
 		OPENSSL_PKEY_SET_BN(data, y);
 
-		if (d) {
-			*is_private = true;
-			if (!EC_KEY_set_private_key(eckey, d)) {
-				goto clean_exit;
-			}
+	if (d) {
+		*is_private = true;
+		if (!EC_KEY_set_private_key(eckey, d)) {
+			goto clean_exit;
+		}
 
-			point_q = EC_POINT_new(group);
-			if (!point_q || !EC_POINT_mul(group, point_q, d, NULL, NULL, bctx)) {
-				goto clean_exit;
-			}
-		} else if (x && y) {
-			/* OpenSSL does not allow setting EC_PUB_X/EC_PUB_Y, so convert to encoded format. */
-			point_q = EC_POINT_new(group);
-			if (!point_q || !EC_POINT_set_affine_coordinates(group, point_q, x, y, bctx)) {
-				goto clean_exit;
-			}
+		point_q = EC_POINT_new(group);
+		if (!point_q || !EC_POINT_mul(group, point_q, d, NULL, NULL, bctx)) {
+			goto clean_exit;
+		}
+	} else if (x && y) {
+		/* OpenSSL does not allow setting EC_PUB_X/EC_PUB_Y, so convert to encoded format. */
+		point_q = EC_POINT_new(group);
+		if (!point_q || !EC_POINT_set_affine_coordinates(group, point_q, x, y, bctx)) {
+			goto clean_exit;
 		}
+	}
 
-		if (point_q != NULL) {
-			if (!EC_KEY_set_public_key(eckey, point_q)) {
-				goto clean_exit;
-			}
+	if (point_q != NULL) {
+		if (!EC_KEY_set_public_key(eckey, point_q)) {
+			goto clean_exit;
 		}
 	}
 
@@ -4373,7 +4368,7 @@ static EVP_PKEY *php_openssl_pkey_init_ec(zval *data, bool *is_private) {
 	EC_POINT *point_q = NULL;
 	unsigned char *point_q_buf = NULL;
 	EVP_PKEY *param_key = NULL, *pkey = NULL;
-	EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
+	EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
 	BN_CTX *bctx = BN_CTX_new();
 	OSSL_PARAM *params = NULL;
 	OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
@@ -4389,7 +4384,12 @@ static EVP_PKEY *php_openssl_pkey_init_ec(zval *data, bool *is_private) {
 			php_error_docref(NULL, E_WARNING, "Unknown curve name");
 			goto cleanup;
 		}
-
+#ifndef OPENSSL_NO_SM2
+		if (nid == NID_sm2) {
+			EVP_PKEY_CTX_free(ctx);
+			ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
+		}
+#endif
 		group = EC_GROUP_new_by_curve_name(nid);
 		if (!group) {
 			goto cleanup;
@@ -4456,40 +4456,42 @@ static EVP_PKEY *php_openssl_pkey_init_ec(zval *data, bool *is_private) {
 		} else {
 			EC_GROUP_set_generator(group, point_g, order, BN_value_one());
 		}
+#ifndef OPENSSL_NO_SM2
+		if (EC_GROUP_check_named_curve(group, 0, bctx) == NID_sm2) {
+			EVP_PKEY_CTX_free(ctx);
+			ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL);
+			OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, "SM2", 3);
+		}
+#endif
 	}
 
-	/* custom params not supported with SM2, SKIP */
-	if (!curve_name_zv ||
-		(Z_TYPE_P(curve_name_zv) == IS_STRING &&
-		OPENSSL_strcasecmp(Z_STRVAL_P(curve_name_zv), "SM2") != 0)){
-		OPENSSL_PKEY_SET_BN(data, d);
-		OPENSSL_PKEY_SET_BN(data, x);
-		OPENSSL_PKEY_SET_BN(data, y);
+	OPENSSL_PKEY_SET_BN(data, d);
+	OPENSSL_PKEY_SET_BN(data, x);
+	OPENSSL_PKEY_SET_BN(data, y);
 
-		if (d) {
-			OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, d);
+	if (d) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, d);
 
-			point_q = EC_POINT_new(group);
-			if (!point_q || !EC_POINT_mul(group, point_q, d, NULL, NULL, bctx)) {
-				goto cleanup;
-			}
-		} else if (x && y) {
-			/* OpenSSL does not allow setting EC_PUB_X/EC_PUB_Y, so convert to encoded format. */
-			point_q = EC_POINT_new(group);
-			if (!point_q || !EC_POINT_set_affine_coordinates(group, point_q, x, y, bctx)) {
-				goto cleanup;
-			}
+		point_q = EC_POINT_new(group);
+		if (!point_q || !EC_POINT_mul(group, point_q, d, NULL, NULL, bctx)) {
+			goto cleanup;
 		}
+	} else if (x && y) {
+		/* OpenSSL does not allow setting EC_PUB_X/EC_PUB_Y, so convert to encoded format. */
+		point_q = EC_POINT_new(group);
+		if (!point_q || !EC_POINT_set_affine_coordinates(group, point_q, x, y, bctx)) {
+			goto cleanup;
+		}
+	}
 
-		if (point_q) {
-			size_t point_q_buf_len =
-				EC_POINT_point2buf(group, point_q, POINT_CONVERSION_COMPRESSED, &point_q_buf, bctx);
-			if (!point_q_buf_len) {
-				goto cleanup;
-			}
-
-			OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, point_q_buf, point_q_buf_len);
+	if (point_q) {
+		size_t point_q_buf_len =
+			EC_POINT_point2buf(group, point_q, POINT_CONVERSION_COMPRESSED, &point_q_buf, bctx);
+		if (!point_q_buf_len) {
+			goto cleanup;
 		}
+
+		OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, point_q_buf, point_q_buf_len);
 	}
 
 	params = OSSL_PARAM_BLD_to_param(bld);
@@ -4504,7 +4506,7 @@ static EVP_PKEY *php_openssl_pkey_init_ec(zval *data, bool *is_private) {
 		}
 
 		ctx = EVP_PKEY_CTX_new(param_key, NULL);
-	} 
+	}
 	
 	if (EVP_PKEY_check(ctx) || EVP_PKEY_public_check_quick(ctx)) {
 		*is_private = d != NULL;
@@ -4884,7 +4886,13 @@ PHP_FUNCTION(openssl_pkey_get_details)
 	 */
 #if PHP_OPENSSL_API_VERSION >= 0x30000
 	zval ary;
-	switch (EVP_PKEY_base_id(pkey)) {
+	int id = EVP_PKEY_base_id(pkey);
+#ifdef HAVE_EVP_PKEY_EC
+	if (EVP_PKEY_is_a(pkey, "SM2")) {
+		id = EVP_PKEY_EC;
+	}
+#endif
+	switch (id) {
 		case EVP_PKEY_RSA:
 			ktype = OPENSSL_KEYTYPE_RSA;
 			array_init(&ary);
