From: Zhushuai Yin <yinzhushuai@huawei.com> In the software calculation of SM2, if there is no ID (noid), a default ID will be used. However, in the hardware calculation, the default ID is not used, and an empty value is directly passed, leading to a mismatch between the signature and authentication data, resulting in failure. It is necessary to modify the driver to use the default ID in the case of no ID (noid). Signed-off-by: Zhushuai Yin <yinzhushuai@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_sm2.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/uadk_prov_sm2.c b/src/uadk_prov_sm2.c index 5499250..9a71ed2 100644 --- a/src/uadk_prov_sm2.c +++ b/src/uadk_prov_sm2.c @@ -32,6 +32,8 @@ #define SM2_KEY_BYTES 32 #define SM2_GET_SIGNLEN 1 #define SM3_DIGEST_LENGTH 32 +#define SM2_DEFAULT_USERID "1234567812345678" +#define SM2_DEFAULT_USERID_LEN 16 static pthread_mutex_t sign_mutex = PTHREAD_MUTEX_INITIALIZER; static pthread_mutex_t asym_mutex = PTHREAD_MUTEX_INITIALIZER; @@ -1855,6 +1857,17 @@ static int sm2_sig_compute_z_digest(PROV_SM2_SIGN_CTX *psm2ctx) return UADK_P_FAIL; } + /* if id is not set, use default id */ + if (psm2ctx->id == NULL) { + /* psm2ctx id will be freed in uadk_signature_sm2_freectx, not here */ + psm2ctx->id = OPENSSL_memdup(SM2_DEFAULT_USERID, SM2_DEFAULT_USERID_LEN); + if (psm2ctx->id == NULL) { + fprintf(stderr, "failed to memdup psm2ctx id\n"); + goto free_z; + } + psm2ctx->id_len = SM2_DEFAULT_USERID_LEN; + } + /* get hashed prefix 'z' of tbs message */ ret = uadk_prov_sm2_compute_z_digest(z, smctx->sm2_md->md, psm2ctx->id, psm2ctx->id_len, psm2ctx->key); -- 2.43.0