TASSL icon indicating copy to clipboard operation
TASSL copied to clipboard

Published 20 hours ago verified publisher icon jntass

国密的nid定义和标准x25519的定义都是29,这个是否国密需要调整?

Open Whitlynn opened this issue 6 years ago • 3 comments

Whitlynn avatar Apr 19 '18 03:04 Whitlynn

参考杨洋整理的GB/T 33560-2017国密算法OID列表:

  • https://github.com/InfoHunter/misc/blob/master/GBT33560-2017-A1.md

This file contains the English translation of appendix 1 of GB/T 33560-2017 - the 'OIDs' defined for Chinese commercial crypto algorithms.

OID Definition
Generic OIDs ...
1.2 ISO member body
1.2.156 China
1.2.156.197 State Cryptography Administration of China, a.k.a OSCCA or SCA
1.2.156.10197 Chinese Cryptography Standardization Technology Committee (CCSTC)
1.2.156.10197.1 cryptography algorihtms
Block Cipher OIDs ...
1.2.156.10197.1.100 block cipher algorithm
1.2.156.10197.1.102 SM1 block cipher algorithm
1.2.156.10197.1.103 SMSF33 block cipher algorithm
1.2.156.10197.1.104 SM4 block cipher algorithm
Stream Cipher OIDs ...
1.2.156.10197.1.200 stream cipher algorithm
1.2.156.10197.1.201 ZUC stream cipher algorithm
Public Key Cryptography Algorithm OIDs ...
1.2.156.10197.1.300 public key cryptography algorithm
1.2.156.10197.1.301 SM2 elliptic curve public key algorithm
1.2.156.10197.1.301.1 SM2-1 signature algorithm
1.2.156.10197.1.301.2 SM2-2 key exchange protocol
1.2.156.10197.1.301.3 SM2-3 public key encryption algorithm
1.2.156.10197.1.302 SM9 idnetity-based public key algorithm
1.2.156.10197.1.302.1 SM9-1 signature algorithm
1.2.156.10197.1.302.2 SM9-2 key exchange protocol
1.2.156.10197.1.302.3 SM9-3 key encapsulation and public key encryption algorithm
Hash Algorithm OIDs ...
1.2.156.10197.1.400 hash algorithm
1.2.156.10197.1.401 SM3 hash algorithm
1.2.156.10197.1.401.1 SM3 hash algorithm, without key
1.2.156.10197.1.401.2 SM3 hash algorithm, with key
Combined Operation OIDs
1.2.156.10197.1.500 hash algorithm
1.2.156.10197.1.501 Sign with SM2+SM3
1.2.156.10197.1.502 Sign with SM9+SM3
1.2.156.10197.1.504 Sign with RSA+SM3
Seems the remaining OIDs have nothing to do with real algorithms, they define mostly the 'doc' or 'standard' paperworks, so skipped... ...

liuqun avatar Apr 27 '18 08:04 liuqun

不是OID,是NID,不过我已经咨询过了,目前国密支持的版本不支持x25519,也就是说两者不会同时使用,且国密已经被国际上承认,后续的官方标准会给国密分配固定的NID值,当前NID = 29标准是分配给x25519算法的

Whitlynn avatar May 04 '18 09:05 Whitlynn

@Whitlynn 建议参考 OpenSSL 1.1.1预览版pre5 中SM2算法 NID 的具体取值

liuqun avatar May 07 '18 05:05 liuqun