X25519（Curve25519）椭圆曲线密钥生成

查询openssl当前版本支持的椭圆曲线类型（该列表虽并不包括x25519，实际上是支持的）

$ openssl ecparam -list_curves
  secp256k1 : SECG curve over a 256 bit prime field
  secp384r1 : NIST/SECG curve over a 384 bit prime field
  secp521r1 : NIST/SECG curve over a 521 bit prime field
  prime256v1: X9.62/SECG curve over a 256 bit prime field

生成Curve25519椭圆曲线密钥（该密钥专门用于ECDH密钥协商）

For X25519 and X448, it's treated as a distinct algorithm but not as one of the curves listed with ecparam -list_curves option. You can use the following command to generate an X25519 key:

openssl genpkey -algorithm X25519 -out xkey.pem

生成Ed25519椭圆曲线签名密钥（专用于数字签名）

备注：The ability to generate X25519 keys was added in OpenSSL 1.1.0. The ability to generate X448, ED25519 and ED448 keys was added in OpenSSL 1.1.1.

openssl genpkey -algorithm ED25519 -out xkey.pem

SM2椭圆数字签名/加解密密钥

The SM2 algorithm supports sign, verify, encrypt and decrypt operations. For the sign and verify operations, SM2 requires an ID string to be passed in.
Sign some data using an SM2(7) private key and a specific ID:

openssl pkeyutl -sign -in file -inkey sm2.key -out sig -rawin -digest sm3 -pkeyopt sm2_id:someid

Verify some data using an SM2(7) certificate and a specific ID:

openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig -rawin -digest sm3 -pkeyopt sm2_id:someid

参考资料:

• https://github.com/openssl/openssl/blob/master/doc/HOWTO/keys.txt
• https://www.openssl.org/docs/manmaster/man1/genpkey.html
• https://www.openssl.org/docs/manmaster/man1/ecparam.html
• https://www.openssl.org/docs/manmaster/man1/pkeyutl.html