Initial review

[dewyatt]

Here's some initial minor stuff.

Notes:

• I think the parameters in 9.1 for specifying the hash used for SM2DSA/SM2PKE aren't implemented in botan nor rnp yet, right?
• Not sure whether you want my postal address in there or want to keep the Ribose one, feel free to pop that commit out.
• We may want to test the forwarding email if that's ready.

I would like to take a closer look at some things.

[dewyatt]

Just to clarify, an SM2 pubkey is currently stored as:

(1 octet OID length)
(n octets OID)
(2 octet MPI length)
(n octets point MPI)

See here and here. What I see described in 9.1 sounds more like ECDH (here).

Anyways, I still want to look at section 10 more closely tomorrow. Nothing else really jumped out at me.

[ronaldtse]

Thanks @dewyatt , should have uploaded the latest compiled copy too which 9.1 has been updated. Could you look at Section 9.1 again?

The only change we should make to botan / rnp is to allow a stored SM2 to have a selectable hash function. SM2 defines its cipher text to concatenate with the calculated hash value from an approved hash function (e.g., SM3). Right now the hash function in SM2 is hardcoded to be SM3. I believe @randombit is going to do that.

The forwarding address is now ready!