[openssl-users] Using SM2 ECIES in 1.1.1
Matt Caswell
matt at openssl.org
Wed Oct 24 15:14:47 UTC 2018
On 24/10/2018 15:55, Akira Takahashi wrote:
> Hi all,
>
>
> Since the version 1.1.1 supports the SM2 public key cryptography suite I
> am trying to test its ECIES (found in crypto/sm2/sm2_crypto.c) over
> different standardized prime curves i.e. not just sm2p256v1.
>
> Is there CLI or minimal code snippet to achieve it via the EVP interface?
>
> The current man page of SM2 seems to only describe SM2 as a signature
> algorithm, but not as a public key encryption.
You can use the EVP_PKEY_encrypt() function for this purpose.
A generic example (not SM2 specific) is on the EVP_PKEY_encrypt() man page:
https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_encrypt.html
Doing this for SM2 is essentially the same as shown in that example
except of course don't call the RSA specific
EVP_PKEY_CTX_set_rsa_padding() function.
Setting up of the EVP_PKEY itself to contain an SM2 key is the same as
for sign/verify, i.e. you need to call EVP_PKEY_set_alias_type(). There
is no need to set an id though. See:
https://www.openssl.org/docs/man1.1.1/man7/SM2.html
Hope that helps,
Matt
More information about the openssl-users
mailing list