SM2 fix in 1.1.1l

Nicola Tuveri nic.tuv at
Fri Aug 27 13:04:24 UTC 2021

[CVE-2021-3711] ( only
applies to SM2 decryption, i.e., it is not related to the digital signature
or key exchange algorithms in the SM2 family.

In the 1.1.1 branch of OpenSSL, libssl does not support RFC 8998, but in
any case RFC 8998 only involves the digital signature and key exchange
algorithms of SM2, not the public key encryption algorithm for which the
security advisory has been released.

As such only applications programmatically using the SM2 public key
encryption algorithm (and decryption in particular) should be affected by
the mentioned security advisory.

Best regards,

Nicola Tuveri

On Fri, Aug 27, 2021, 15:40 Michael Wojcik <Michael.Wojcik at>

> I imagine I could figure this out by reading the source, but does the SM2
> fix (the high-severity issue for OpenSSL 1.1.1l) apply to TLS using SMx
> (RFC 8998), or just to applications that use SM2 directly via the EVP API?
> It wasn't clear from the announcement, unless I missed something.
> We'll be picking up 1.1.1l shortly, but I'd like to be able to clarify the
> situation for management and customers.
> --
> Michael Wojcik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list