Re: SM2/3/4 algorithm based TLS connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 29/06/2021 10:29, Kevin Lengauer wrote:

Dear openssl-team and users
Is it possible with OpenSSL 1.1.1k to do a TLS handshake using key material and certificate based on SM2/SM3/SM4 assuming I somehow got my hands on such keys/certificates? 

I think it is only possible with OpenSSL 3.0 to create them.
After checking the web and the source code of the recent OpenSSL 1.1.1k version I doubt that this is possible and also did not find any corresponding cipher suites.
Is this assumption correct or is there a way to do a TLS1.2 or TLS1.3 handshake with the aforementioned algorithms?
You are correct, there are no suitable ciphersuites and it is not possible to add an SM2 based certificate to an SSL_CTX/SSL.
I am aware that the Chinese “GM/T 0024” protocol is not part of OpenSSL (yet) based on this github issue: https://github.com/openssl/openssl/issues/12473 <https://github.com/openssl/openssl/issues/12473> 

Correct.

Matt
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux