search

intel / ipp-crypto

Apache License 2.0
314 stars 85 forks source link

Is there a sample of SM2 encryption and decryption? #59

Open xiaonan-INTC opened 11 months ago

xiaonan-INTC commented 11 months ago

dear ipp-crypto guys,

Does ipp-crypto have a sample code of SM2 encryption and decryption? Since it is different from RSA and its algorithm is too complicated...

ElenaTyuleneva commented 11 months ago

Hello @xiaonan-INTC !

Unfortunately, IPP Crypto doesn't have such a sample now. I can provide you here at least a brief pseudo-code showing this functionality usage, but I need one more detail from your side. Are you interested in ippsGFpECESEncrypt_SM2/ippsGFpECESDecrypt_SM2 API or in ippsGFpECEncryptSM2_Ext/ippsGFpECDecryptSM2_Ext?

FYI: ippsGFpECES_<Encrypt/Decrypt>_SM2 is implemented based in "IEEE Std 1363A-2004", _Ext API is implemented based on "GM/T 0003-2012".

xiaonan-INTC commented 11 months ago

Hello @xiaonan-INTC !

Unfortunately, IPP Crypto doesn't have such a sample now. I can provide you here at least a brief pseudo-code showing this functionality usage, but I need one more detail from your side. Are you interested in ippsGFpECESEncrypt_SM2/ippsGFpECESDecrypt_SM2 API or in ippsGFpECEncryptSM2_Ext/ippsGFpECDecryptSM2_Ext?

FYI: ippsGFpECES_<Encrypt/Decrypt>_SM2 is implemented based in "IEEE Std 1363A-2004", _Ext API is implemented based on "GM/T 0003-2012".

Thanks for the reply, ElenaTyuleneva,

In fact what I want to learn is, how to write a program realizing SM2 encryption and decryption,

  1. What APIs should I choose to use? ippsGFpECESEncrypt_SM2/ippsGFpECESDecrypt_SM2 APIs or ippsGFpECEncryptSM2_Ext/ippsGFpECDecryptSM2_Ext APIs? What are their differences?
  2. What is the concrete steps of SM2 encryption and decryption?
ElenaTyuleneva commented 11 months ago

What APIs should I choose to use? ippsGFpECESEncrypt_SM2/ippsGFpECESDecrypt_SM2 APIs or ippsGFpECEncryptSM2_Ext/ippsGFpECDecryptSM2_Ext APIs? What are their differences?

The choice of the API highly depends on your use case. The underlying algorithms for these APIs are different, so to do the right choice I highly recommend you get familiar with the standards, that I've provided above.

What is the concrete steps of SM2 encryption and decryption?

Here are the steps specified in IPP Crypto developer reference :

The standard operations of GFpEC functions are listed below:
1. Compute a shared secret Z of the private key U and a recipient public key W. 
2. Derive a shared secret key data K from the shared secret Z.
3. Encrypt or decrypt a message using the cipher agreed upon parties and the shared secret key data K.
4. Compute an authentication tag using the agreed authentication scheme and the secret key data K.
xiaonan-INTC commented 11 months ago

hi, @ElenaTyuleneva ,

I learned that ippsGFpECEncryptSM2_Ext()/ippsGFpECDecryptSM2_Ext() are in GM/T 0003.4-2012 SM2(CSTC)

But another standard NISSTC is the same as CSTC: https://gist.github.com/romen/d752b8d1897bc1a0009017511770de06.

But for ippsGFpECESEncrypt_SM2()/ippsGFpECESDecrypt_SM2() I didn't find they are in any standard...

So what are their differences?