From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Hyman Huang <yong.huang@smartx.com>
Cc: qemu-devel <qemu-devel@nongnu.org>,
Eric Blake <eblake@redhat.com>,
Markus Armbruster <armbru@redhat.com>
Subject: Re: [PATCH] crypto: Introduce SM4 symmetric cipher algorithm
Date: Mon, 27 Nov 2023 16:11:01 +0000 [thread overview]
Message-ID: <ZWS_lTYeKTLNfDrn@redhat.com> (raw)
In-Reply-To: <386ee33ff8f1dc4e8416b037e548ae36c983d054.1701100272.git.yong.huang@smartx.com>
On Mon, Nov 27, 2023 at 11:55:34PM +0800, Hyman Huang wrote:
> Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
>
> SM4 (GBT.32907-2016) is a cryptographic standard issued by the
> Organization of State Commercial Administration of China (OSCCA)
> as an authorized cryptographic algorithms for the use within China.
Just out of interest, what part of QEMU are you needing to use
SM4 with ? Is it for a LUKS block driver cipher ?
>
> Signed-off-by: Hyman Huang <yong.huang@smartx.com>
> ---
> crypto/block-luks.c | 7 ++++++
> crypto/cipher-gcrypt.c.inc | 4 ++++
Looking at the gcrypt code, SM4 is only supported in >= 1.9.0
QEMU min version is 1.8.0, so you'll need to modify meson.build
to check whether SM4 is supported and put conditionals in this
file
> crypto/cipher-nettle.c.inc | 42 +++++++++++++++++++++++++++++++++
Looking at the nettle code, SM4 is only supported in unreleased
versions thus far.
So again will need a meson.build check and conditionals.
> crypto/cipher.c | 2 ++
> qapi/crypto.json | 5 +++-
> tests/unit/test-crypto-cipher.c | 11 +++++++++
> 6 files changed, 70 insertions(+), 1 deletion(-)
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index fd3d46ebd1..95fa10bb6d 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -94,6 +94,8 @@
> #
> # @twofish-256: Twofish with 256 bit / 32 byte keys
> #
> +# @sm4: SM4 with 128 bit / 16 byte keys (since 8.2)
We're in feature freeze for 8.2, so mark this 9.0 as that'll be the
next available release this could be merged for.
> +#
> # Since: 2.6
> ##
> { 'enum': 'QCryptoCipherAlgorithm',
> @@ -102,7 +104,8 @@
> 'des', '3des',
> 'cast5-128',
> 'serpent-128', 'serpent-192', 'serpent-256',
> - 'twofish-128', 'twofish-192', 'twofish-256']}
> + 'twofish-128', 'twofish-192', 'twofish-256',
> + 'sm4']}
>
> ##
> # @QCryptoCipherMode:
> diff --git a/tests/unit/test-crypto-cipher.c b/tests/unit/test-crypto-cipher.c
> index d9d9d078ff..80a4984e43 100644
> --- a/tests/unit/test-crypto-cipher.c
> +++ b/tests/unit/test-crypto-cipher.c
> @@ -382,6 +382,17 @@ static QCryptoCipherTestData test_data[] = {
> .plaintext = "90afe91bb288544f2c32dc239b2635e6",
> .ciphertext = "6cb4561c40bf0a9705931cb6d408e7fa",
> },
> + {
> + /* SM4, GB/T 32907-2016, Appendix A.1 */
> + .path = "/crypto/cipher/sm4",
> + .alg = QCRYPTO_CIPHER_ALG_SM4,
> + .mode = QCRYPTO_CIPHER_MODE_ECB,
> + .key = "0123456789abcdeffedcba9876543210",
> + .plaintext =
> + "0123456789abcdeffedcba9876543210",
> + .ciphertext =
> + "681edf34d206965e86b3e94f536e4246",
> + },
> {
> /* #1 32 byte key, 32 byte PTX */
> .path = "/crypto/cipher/aes-xts-128-1",
> --
> 2.39.1
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2023-11-27 16:11 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-27 15:55 [PATCH] crypto: Introduce SM4 symmetric cipher algorithm Hyman Huang
2023-11-27 16:11 ` Daniel P. Berrangé [this message]
2023-11-27 16:38 ` Yong Huang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZWS_lTYeKTLNfDrn@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=eblake@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=yong.huang@smartx.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.