strongswan编译报错:NID_sm2p256v1未定义
现象:
原因:
我用的是openssl.-1.1.1d,发现NID_sm2p256v1曲线改为了NID_sm2(gmssl用的是NID_sm2p256v1)。对比了一下参数,是相同的。个人猜测是国际只认可NID_sm2p256v1曲线,所以默认NID_sm2就为NID_sm2p256v1。
解决:
①升级openssl版本到:1.1.1w
https://github.com/openwrt/openwrt/tree/openwrt-22.03/package/libs/openssl
②将源码中的以下文件改成NID_sm2
./src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c:613: this->key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
./src/libstrongswan/plugins/openssl/openssl_ec_private_key.c:177: NID_sm2p256v1, data, signature);
./src/libstrongswan/plugins/openssl/openssl_ec_private_key.c:394: this->ec = EC_KEY_new_by_curve_name(NID_sm2p256v1);
./src/libstrongswan/plugins/openssl/openssl_ec_public_key.c:179: NID_sm2p256v1, data, signature);