SM2/SM3/SM4 support via OpenSSL EVP interface

[mattcaswell]

From your README:

If you do not disable SM{2,3,4} algorithms support either while building OpenSSL or in the simulator (see the Linux section below), the build may fail because of missing SM{2,3,4}.h headers, which is the result of an apparent bug/misconfiguration in the OpenSSL build tree/scrips. In this case you may also need to copy over the SM{2,3,4}.h headers from OpenSSL’s include/crypt folder.

I am a maintainer of OpenSSL and stumbled across this text while investigating an issue for one of our users.

The sm2/sm3/sm4 header files are considered internal to OpenSSL and are deliberately not installed (i.e. it is not a bug or misconfiguration as stated in the text above). Applications should not be using them directly. They may be modified at any time by any patch release of OpenSSL and internal structure sizes and members could be changed, as well as function signatures etc.

Applications wishing to use SM2/SM3/SM4 support should be using the "EVP" APIs instead of the functions declared in these internal headers.

If the TPM 2.0 reference implementation is relying on these header files remaining stable then it is liable to break at any point with a future release of OpenSSL.

[amarochk]

Hi Matt,

Thank you for your comment! We'll update the readme, and at some point the TPM reference implementation will be switched to using the EVP interface.

[bradlitterell]

Update title to reflect remaining work.