abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-16 05:16:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

Destroyed SM2推荐椭圆曲线域参数 (markdown)

Zhi Guan
2016-05-12 17:10:33 +02:00
parent 51eeaa0c00
commit 129dbce036
1 changed files with 0 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
SM2推荐椭圆曲线域参数.md

@@ -1,66 +0,0 @@
在椭圆曲线密码应用中,通信双方需要预先商定一组称为椭圆曲线域参数的系统参数。椭圆曲线域参数生成需要大量的计算,耗时较长,一旦生成之后可以长期、广泛地使用,因此通常由可信的机构经过反复生成不同的椭圆曲线域参数并挑选出安全性和性能俱佳的公布为标准(推荐参数),椭圆曲线密码库和应用则会以硬编码的方式内置这些参数。
SM2标准中给出了一个推荐的256比特的素数域椭圆曲线域参数GmSSL内置了这个椭圆曲线域参数命名为`sm2p256v1`。通过GmSSL命令行可以显示该域参数的详细内容如下
``` bash
$ gmssl ecparam -text -noout -name sm2p256v1 -param_enc explicit
Field Type: prime-field
Prime:
00:ff:ff:ff:fe:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:
ff:ff:ff
A:
00:ff:ff:ff:fe:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:
ff:ff:fc
B:
28:e9:fa:9e:9d:9f:5e:34:4d:5a:9e:4b:cf:65:09:
a7:f3:97:89:f5:15:ab:8f:92:dd:bc:bd:41:4d:94:
0e:93
Generator (uncompressed):
04:32:c4:ae:2c:1f:19:81:19:5f:99:04:46:6a:39:
c9:94:8f:e3:0b:bf:f2:66:0b:e1:71:5a:45:89:33:
4c:74:c7:bc:37:36:a2:f4:f6:77:9c:59:bd:ce:e3:
6b:69:21:53:d0:a9:87:7c:c6:2a:47:40:02:df:32:
e5:21:39:f0:a0
Order:
00:ff:ff:ff:fe:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
ff:ff:72:03:df:6b:21:c6:05:2b:53:bb:f4:09:39:
d5:41:23
Cofactor: 1 (0x1)
```
通过`ecparam`命令可以生成该域参数上的SM2公私钥对。注意SM2公私要钥对就是标准的椭圆曲线公私要钥对即可以用于SM2数字签名、密钥交换和公钥加密也可以用于ECDSA数字签名、ECDH密钥交换和ECIES公钥加密。生成密钥对的命令如下
``` bash
$ gmssl ecparam -genkey -name sm2p256v1 -out sm2key.pem
```
如果用户希望在其他支持椭圆曲线密码(但不支持SM2推荐域参数)的密码库或应用中使用这条曲线,可以通过`ecparam`命令将该域参数导出为标准的PEM格式文件并导入到目标应用中。
``` bash
$ gmssl ecparam -name sm2p256v1 -param_enc explicit -out sm2p256v1.pem
```
## 编程访问SM2推荐椭圆曲线参数
GmSSL内置的SM2推荐曲线可以通过NID `NID_sm2p256v1`或者字符串`"sm2p256v1"`索引,在编程时可以通过`NID_sm2p256v1`生成域参数`EC_GROUP`对象或者该曲线上的密钥对象`EC_KEY`。
```
#include <openssl/ec>
EC_GROUP *sm2p256v1 = EC_GROUP_new_by_curve_name(NID_sm2p256v1);
EC_KEY *sm2key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
```
## SM2测试椭圆曲线域参数
SM2标准文本中提供了四个测试用椭圆曲线域参数
* 192比特素数域椭圆曲线域参数sm2p192test)
* 256比特素数域椭圆曲线域参数sm2p256test)
* 193比特二进制域椭圆曲线域参数 (sm2b193test)
* 257比特二进制域椭圆曲线域参数 (sm2b257test)
`crypto/sm2/sm2test.c`中提供了这四个参数的定义及生成`EC_GROUP`对象的代码,应用如果希望使用上述四个参数,可以直接从`sm2test.c`测试文件中复制相应代码。