diff --git a/doc/man7/SM2.pod b/doc/man7/SM2.pod new file mode 100644 index 0000000000000000000000000000000000000000..40dc317dcf44650b61217820030181b154d3386b --- /dev/null +++ b/doc/man7/SM2.pod @@ -0,0 +1,77 @@ +=pod + +=head1 NAME + +SM2 - Chinese SM2 signature and encryption algorithm support + +=head1 DESCRIPTION + +B algorithm is first defined by the Chinese national standard GM/T 0003-2012 +and is standardized by ISO as ISO/IEC 14888. B is actually an elliptic curve +based algorithm. Currnet implementation in OpenSSL supports both signature and +encryption schemes via EVP interface. + +When doing the B signature algorithm, it requires a distinguishing identifier +to form the message prefix which is hashed before the real message is hashed. + +=head1 NOTES + +B signature can be generated by using the 'DigestSign' series APIs, for instance, +EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). Ditto +for the verification process by calling the 'DigestVerify' series APIs. + +There are several special steps need to be done before computing an B signature. + +The B structure should be set to B by calling: + + EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); + +Then an ID should be set by calling: + + EVP_PKEY_CTX_set1_id(pctx, id, id_len); + +When calling the EVP_DeigestSignInit() or EVP_DigestVerifyInit() function, a +pre-allocated B should be assigned to the B. This is +done by calling: + + EVP_MD_CTX_set_pkey_ctx(mctx, pctx); + +And normally there is no need to pass a B parameter to EVP_DeigestSignInit() +or EVP_DigestVerifyInit() in such scenario. + +=head1 EXAMPLE + +This example demonstrates the calling sequence on how to use an B to +sign a message with SM2 signature algorithm and SM3 hash algorithm: + + #include + + /* obtain an EVP_PKEY from whatever methods... */ + EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); + mctx = EVP_MD_CTX_new(); + pctx = EVP_PKEY_CTX_new(pkey, NULL); + EVP_PKEY_CTX_set1_id(pctx, id, id_len); + EVP_MD_CTX_set_pkey_ctx(mctx, pctx);; + EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey); + EVP_DigestVerifyUpdate(mctx, msg, msg_len); + EVP_DigestVerifyFinal(mctx, sig, sig_len) + +=head1 SEE ALSO + +L, +L, +L, +L, +L, +L + +=head1 COPYRIGHT + +Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut