Thanks a lot for your advice.
Just calling EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2) right after loading a key worked perfectly and I was able to reuse the code in pkeyutl since everything else was indeed almost identical to RSA!
Best regards,
Akira
On 10/25/2018 12:14 AM, Matt Caswell wrote:
On 24/10/2018 15:55, Akira Takahashi wrote:
Hi all,
Since the version 1.1.1 supports the SM2 public key cryptography suite I
am trying to test its ECIES (found in crypto/sm2/sm2_crypto.c) over
different standardized prime curves i.e. not just sm2p256v1.
Is there CLI or minimal code snippet to achieve it via the EVP interface?
The current man page of SM2 seems to only describe SM2 as a signature
algorithm, but not as a public key encryption.
You can use the EVP_PKEY_encrypt() function for this purpose.
A generic example (not SM2 specific) is on the EVP_PKEY_encrypt() man page:
https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_encrypt.html
Doing this for SM2 is essentially the same as shown in that example
except of course don't call the RSA specific
EVP_PKEY_CTX_set_rsa_padding() function.
Setting up of the EVP_PKEY itself to contain an SM2 key is the same as
for sign/verify, i.e. you need to call EVP_PKEY_set_alias_type(). There
is no need to set an id though. See:
https://www.openssl.org/docs/man1.1.1/man7/SM2.html
Hope that helps,
Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
