SM2 failed to generate public key from private key

[Mnogard]

Problem Description:

SM2 failed to generate public key from private key of 3.0 and 3.2.

command

1. generate sm2 private key file by OpenSSL commands of 3.0 and 3.2:

openssl ecparam -genkey -name SM2 -out sm2-private.key

2. failed to generate public key file with sm2 private key file

openssl ec -in sm2-private.key -pubout -out sm2-public.key

Preliminary analysis:

private key file

file generated by 1.1 as

-----BEGIN EC PARAMETERS-----
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
-----END EC PRIVATE KEY-----

file generated by 3.0 or 3.2 as

-----BEGIN SM2 PARAMETERS-----
-----END SM2 PARAMETERS-----
-----BEGIN SM2 PRIVATE KEY-----
-----END SM2 PRIVATE KEY-----

error in generating public key

read EC key
unable to enable public key encoding
4076A04EF87F0000:error:030000A3:digital envelope routines:EVP_PKEY_set_params:invalid key:crypto/evp/p_lib.c:2386:

analysis

Guess whether the high version is not compatible with the low version, or update the usage rules of related commands, because this group of commands is correct in version 1.1.

Tasks

Beta Give feedback

No tasks being tracked yet.

[t8m]

Would these commands work for you:

openssl genpkey -algorithm SM2 -out sm2-private.key
openssl pkey -in sm2-private.key -pubout -out sm2-public.key

[Mnogard]

Is the sm2 key generated in this way provided by you the same as that generated in version 1.1 in the way mentioned earlier? I checked that the key generated by this method you provided is missing the contents of the PARAMETERS field.

[t8m]

Yes, the encoding of the key is different. The parameters are defined by the SM2 OID in the encoding of the key.

[Mnogard]

How to get the SM2 key I need in the version 3.0 or above?

[Mnogard]

Is this problem a bug in the current version 3.0 and above?