SM2/3/4 algorithm based TLS connections

Kevin Lengauer kevin.lengauer at adnovum.ch
Tue Jun 29 09:29:14 UTC 2021


Dear openssl-team and users

Is it possible with OpenSSL 1.1.1k to do a TLS handshake using key material and certificate based on SM2/SM3/SM4 assuming I somehow got my hands on such keys/certificates?
I think it is only possible with OpenSSL 3.0 to create them.

After checking the web and the source code of the recent OpenSSL 1.1.1k version I doubt that this is possible and also did not find any corresponding cipher suites.
Is this assumption correct or is there a way to do a TLS1.2 or TLS1.3 handshake with the aforementioned algorithms?
I am aware that the Chinese "GM/T 0024" protocol is not part of OpenSSL (yet) based on this github issue: https://github.com/openssl/openssl/issues/12473

Thanks for any responses and help.
Best regards
Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210629/edff431c/attachment.html>


More information about the openssl-users mailing list