请问下，有没有支持sm2证书的c/s模型的简单demo，另外希望能够提供gmssl目前支持的国密算法套件列表

[bochs9]

目前公司产品需要进行国密支持测试，还在测试gmssl能否合入测试版本中，在测试阶段发现除了例子中的ECDHE-SM4-SM3可用之外，其他的都不能使用，提示为no shared cipher

测试证书如下，供参考 Certificate: Data: Version: 3 (0x2) Serial Number: c1:af:bc:00:61:93:d5:00 Signature Algorithm: sm2sign-with-sm3 Issuer: C = CN, ST = SH, L = Shanghai, O = aa, OU = SSL Group, CN = ECCDemoCA, emailAddress = ecc-ca@aa.com Validity Not Before: Apr 3 20:15:39 2014 GMT Not After : Dec 27 20:15:39 2016 GMT Subject: C = CN, ST = SH, L = aa, O =aa, OU = SSL Group, CN = ECCEncSite, emailAddress = ecc-site@aa.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:f5:c5:9c:e5:42:dd:db:3a:6b:2e:40:e7:f8:4c: df:00:87:60:81:69:c1:d9:eb:1d:42:be:31:0f:24: 69:7a:b0:17:15:11:51:75:de:8a:8d:07:a9:61:74: 40:a0:98:27:88:66:9e:92:35:e1:92:d2:46:67:cf: 0c:1f:00:23:ff ASN1 OID: sm2p256v1 X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sm2sign-with-sm3 30:46:02:21:00:e6:c3:73:bc:5f:25:49:22:93:10:dd:54:a2: f2:35:32:a3:ef:21:3d:d2:3e:9a:b6:8b:2a:91:3c:e7:e4:b9: 5f:02:21:00:9f:0e:ac:ed:60:77:db:c4:4c:78:d9:c1:7b:93: a6:13:99:8f:20:d9:06:8d:66:31:c9:fe:17:eb:cf:dd:8d:d1

[guanzhi]

目前1.3版只支持ECDHE-SM4-SM3/TLS-1.2。 由于GmSSL在SSL接口部分并未有什么改动，因此直接参考OpenSSL的例子即可，例如赵春平的《OpenSSL编程》。

[bochs9]

也就是说目前没有实现包含sm2的算法套件是吧

[tobiaswang]

@guanzhi 问个程序问题： 我希望从国密证书中获取sm2公钥 先用gmssl 命令行工具生成一个X509 DER格式的国密证书，然后写程序解析： X509 x509_cert = NULL; if ((bio = BIO_new_file(argv[4], "rb")) == NULL || (x509_cert = d2i_X509_bio(bio, NULL)) == NULL) { printf("ERROR: failed to read x509 certficate.\n"); goto EXIT; } EVP_PKEY pkey = X509_get_pubkey(x509_cert); EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(pkey); 但是 x509_cert 可以正常获取到，但是无法得到pkey， pkey 为NULL 是我用错了函数 还是这个是个bug？

[guanzhi]

你可以把证书文件和可编译的测试代码生成一个pull request 到 gmssl-v1 分支的 demo/gmssl 目录下。我来试一下

[github-actions[bot]]

Marked as stale issue. Will be closed later if no activity for a while.