TLS, SM2: fix ecc key type

Set the curve explicitly if it is SM2. Set the key type to signature algorithm to handle SM2.
2025-07-30 02:37:28 +02:00 · 2024-05-01 17:56:49 +10:00
parent 840d1e9fac
commit 1ddc552828
1 changed files with 7 additions and 1 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -28007,6 +28007,12 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length)
                                     (ecc_key*)ssl->hsKey,
                                     ssl->buffers.key->length);
        }
+    #endif
+    #ifdef WOLFSSL_SM2
+        if ((ret == 0) && (ssl->buffers.keyType == sm2_sa_algo)) {
+            ret = wc_ecc_set_curve((ecc_key*)ssl->hsKey,
+                WOLFSSL_SM2_KEY_BITS / 8, ECC_SM2P256V1);
+        }
    #endif
        if (ret == 0) {
            WOLFSSL_MSG("Using ECC private key");
@ -34542,7 +34548,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                            {
                                word32 keySz;

-                                ssl->buffers.keyType = ecc_dsa_sa_algo;
+                                ssl->buffers.keyType = ssl->options.sigAlgo;
                                ret = DecodePrivateKey(ssl, &keySz);
                                if (ret != 0) {
                                    goto exit_sske;