> I'm tasked to implement certain cryptographic functions (chiefly > signature creation/validation) using the SM2 algorithm for a > communication testing application. My problem is that the standard which > I need to follow (which is, unfortunately, not a public standard) states > that the signature needs to be generated over H(data input) || H(some > ID) , so I cannot use the EVP-Method as I understand it from > https://www.openssl.org/docs/manmaster/man7/SM2.html (here, H is the SM3 > hash function). This would be possible to achieve by generating the > digest and then using the (albeit deprecated) function ECDSA_do_sign for > ECDSA but I don't know how to do it for SM2. It seems like you're trying to roll your own SM2 -- don't do that ;) > Is there any way to do this with openssl? Any help or pointer is very > much appreciated! I ... think it is possible directly with EVP and control strings. Step through openssl pkeyutl -inkey private.key -in /some/file -rawin -sign -pkeyopt sm2_id:foobar in a debugger and that should get you on the right path. BBB
