[PATCH RFC 0/3] Support GM/T 0018-2012 cryptographic standard

[PATCH RFC 0/3] Support GM/T 0018-2012 cryptographic standard

[Hyman Huang]

This patchset introduce GM/T 0018-2012 as a crypto backend driver,
which is applied for block encryption. Currently, we support SM4
cipher algorithm only.

GM/T 0018-2012 is a cryptographic standard issued by the State
Cryptography Administration of China. Visit https://hbba.sacinfo.org.cn
search GM/T 0018-2012 for brief introduction.

The objective of the standard is to develop a uniform application
interface standard for the service-based cryptography device under
the public key cryptographic infrastructure application framework,
and to call the cryptography device through this interface to
provide basic cryptographic services for the uppler layer. For
more information about contents of the standard, download the
specificaiton from:
"https://github.com/guanzhi/GM-Standards/blob/master/GMT密码行标/
GMT 00018-2012 密码设备应用接口规范.pdf"

There are two benefits to doing this, at least.
 * Performance - using a cryptography device for block encryption
                 offers an opportunity to enhance the input/output
                 performance once the hardware is certified
 * Secrecy - hardware manufacturers may fortify cryptography
             equipment with security features, so increasing the
             secrecy of block encryption.

The precise way that vendors implement the standard APIs for data
encryption using the cryptographic device is uncoupled from the
GM/T 0018-2012 specification. Thus, if developers enable this
functionality with the following conditions met, we could accomplish
the general implementation:

1. rename the header file provided by vendor to gmt-0018-2012.h
   and copy it to the /usr/include directory.
2. rename the dynamic library provided by vendor to
   gmt_0018_2012.so and copy it to the /usr/lib64 or any directory
   that linker could find before compiling QEMU.
3. enable crypto_gmt option when compiling QEMU and make the feature
   availiable.

By offering a development package for GM/T 0018-2012, the above
provisions could be standardized; unfortunately, the hardware
manufacturer has not completed this task. So developers who don't
work with the vendor to obtain the cryptography device and related
library may not be able to test this functionality because the
standard implementation depends on the cryptography device supplied
by the hardware vendor. We are hesitant to contribute to this series
as a result.

After all, we uploaded this series with the intention of receiving
feedback, as the title suggests. We would welcome any suggestions
and feedback regarding this feature. 

Hyman Huang (3):
  crypto: Introduce GM/T 0018-2012 cryptographic driver
  meson.build: Support GM/T 0018-2012 cryptographic standard
  crypto: Allow GM/T 0018-2012 to support SM4 cipher algorithm

 MAINTAINERS                   |   3 +-
 crypto/block-luks.c           |   4 +-
 crypto/cipher-gmt.c           | 263 ++++++++++++++++++++++++++++++++++
 crypto/cipher.c               |   6 +-
 crypto/cipherpriv.h           |   6 +
 crypto/meson.build            |   3 +
 meson.build                   |  30 ++++
 meson_options.txt             |   2 +
 scripts/meson-buildoptions.sh |   3 +
 9 files changed, 315 insertions(+), 5 deletions(-)
 create mode 100644 crypto/cipher-gmt.c

-- 
2.39.3

[PATCH RFC 1/3] crypto: Introduce GM/T 0018-2012 cryptographic driver

[Hyman Huang]

GM/T 0018-2012 is a cryptographic standard issued by the State
Cryptography Administration of China. For more information about
the standard, visit https://hbba.sacinfo.org.cn.

The objective of the standard is to develop a uniform application
interface standard for the service-based cryptography device under
the public key cryptographic infrastructure application framework,
and to call the cryptography device through this interface to
provide basic cryptographic services for the uppler layer. For
more information about contents of the standard, download the
specificaiton from:
"https://github.com/guanzhi/GM-Standards/blob/master/GMT密码行标/
GMT%200018-2012%20密码设备应用接口规范.pdf"

This patch implement the basic functions of GM/T 0018-2012
standard. Currently, for block encryption, it support SM4 cipher
algorithm only.

Signed-off-by: Hyman Huang <yong.huang@smartx.com>
---
 MAINTAINERS         |   3 +-
 crypto/cipher-gmt.c | 263 ++++++++++++++++++++++++++++++++++++++++++++
 crypto/cipher.c     |   2 +
 crypto/cipherpriv.h |   6 +
 4 files changed, 273 insertions(+), 1 deletion(-)
 create mode 100644 crypto/cipher-gmt.c

diff --git a/MAINTAINERS b/MAINTAINERS
index a24c2b51b6..822726e9da 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3418,10 +3418,11 @@ F: migration/dirtyrate.c
 F: migration/dirtyrate.h
 F: include/sysemu/dirtyrate.h
 
-Detached LUKS header
+Detached LUKS header and GM/T 0018-2012 cryptography
 M: Hyman Huang <yong.huang@smartx.com>
 S: Maintained
 F: tests/qemu-iotests/tests/luks-detached-header
+F: crypto/cipher-gmt.c
 
 D-Bus
 M: Marc-André Lureau <marcandre.lureau@redhat.com>
diff --git a/crypto/cipher-gmt.c b/crypto/cipher-gmt.c
new file mode 100644
index 0000000000..40e32c114f
--- /dev/null
+++ b/crypto/cipher-gmt.c
@@ -0,0 +1,263 @@
+/*
+ * QEMU GM/T 0018-2012 cryptographic standard support
+ *
+ * Copyright (c) 2024 SmartX Inc
+ *
+ * Authors:
+ *    Hyman Huang <yong.huang@smartx.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version.  See the COPYING file in the
+ * top-level directory.
+ */
+#include <gmt-0018-2012.h>
+
+#include "qemu/osdep.h"
+#include "qemu/thread.h"
+#include "qapi/error.h"
+#include "crypto/cipher.h"
+#include "cipherpriv.h"
+
+#include "qemu/error-report.h"
+
+typedef struct QCryptoGMT QCryptoGMT;
+
+struct QCryptoGMT {
+    QCryptoCipher base;
+
+    SGD_HANDLE session;
+    SGD_HANDLE key;
+    SGD_UINT32 alg;
+    unsigned char iv[16];  /* not used for SM4 algo currently */
+};
+
+typedef struct QCryptoGMTDeviceInfo QCryptoGMTDeviceInfo;
+
+struct QCryptoGMTDeviceInfo {
+    SGD_HANDLE device;
+    struct DeviceInfo_st info;
+    bool opened;
+    gint ref_count;
+};
+/*
+ * It is advised to use numerous sessions with one open device
+ * as opposed to single sessions with several devices.
+ */
+static QCryptoGMTDeviceInfo gmt_device;
+/* Protect the gmt_device */
+static QemuMutex gmt_device_mutex;
+
+static const struct QCryptoCipherDriver qcrypto_cipher_gmt_driver;
+
+static void gmt_device_lock(void)
+{
+    qemu_mutex_lock(&gmt_device_mutex);
+}
+
+static void gmt_device_unlock(void)
+{
+    qemu_mutex_unlock(&gmt_device_mutex);
+}
+
+static void
+__attribute__((__constructor__)) gmt_device_mutex_init(void)
+{
+    qemu_mutex_init(&gmt_device_mutex);
+}
+
+static void
+gmt_device_ref(void)
+{
+    g_assert(gmt_device.device != NULL);
+    g_atomic_int_inc(&gmt_device.ref_count);
+}
+
+static void
+gmt_device_unref(void)
+{
+    g_assert(gmt_device.device != NULL);
+    if (g_atomic_int_dec_and_test(&gmt_device.ref_count)) {
+        SDF_CloseDevice(gmt_device.device);
+        gmt_device.opened = false;
+        gmt_device.device = NULL;
+        memset(&gmt_device.info, 0, sizeof(struct DeviceInfo_st));
+    }
+}
+
+static bool
+qcrypto_gmt_cipher_supports(QCryptoCipherAlgorithm alg,
+                            QCryptoCipherMode mode)
+{
+    switch (alg) {
+    case QCRYPTO_CIPHER_ALG_SM4:
+        break;
+    default:
+        return false;
+    }
+
+    switch (mode) {
+    case QCRYPTO_CIPHER_MODE_ECB:
+        return true;
+    default:
+        return false;
+    }
+}
+
+QCryptoCipher *
+qcrypto_gmt_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+                           QCryptoCipherMode mode,
+                           const uint8_t *key,
+                           size_t nkey,
+                           Error **errp)
+{
+    QCryptoGMT *gmt;
+    int rv;
+
+    if (!qcrypto_gmt_cipher_supports(alg, mode)) {
+        return NULL;
+    }
+
+    gmt = g_new0(QCryptoGMT, 1);
+    if (!gmt) {
+        return NULL;
+    }
+
+    switch (alg) {
+    case QCRYPTO_CIPHER_ALG_SM4:
+        gmt->alg = SGD_SM4_ECB;
+        break;
+    default:
+        return NULL;
+    }
+
+    gmt_device_lock();
+    if (!gmt_device.opened) {
+        rv = SDF_OpenDevice(&gmt_device.device);
+        if (rv != SDR_OK) {
+            info_report("Could not open encryption card device, disabling");
+            goto abort;
+        }
+        gmt_device.opened = true;
+    }
+
+    /*
+     * multi-sessions correspond to an opened device handle
+     */
+    rv = SDF_OpenSession(gmt_device.device, &gmt->session);
+    if (rv != SDR_OK) {
+        error_setg(errp, "Open session failed");
+        goto abort;
+    }
+
+    gmt_device_ref();
+
+    if (!(gmt_device.info.SymAlgAbility)) {
+        rv = SDF_GetDeviceInfo(gmt->session, &gmt_device.info);
+        if (rv != SDR_OK) {
+            error_setg(errp, "Get device info failed");
+            goto abort;
+        }
+    }
+    gmt_device_unlock();
+
+    if (!(gmt_device.info.SymAlgAbility & SGD_SM4_ECB & SGD_SYMM_ALG_MASK)) {
+        /* encryption card do not support SM4 cipher algorithm */
+        info_report("SM4 cipher algorithm is not supported, disabling");
+        return NULL;
+    }
+
+    rv = SDF_ImportKey(gmt->session, (SGD_UCHAR *)key,
+                       (SGD_UINT32)nkey, &gmt->key);
+    if (rv != SDR_OK) {
+        error_setg(errp, "Import key failed");
+        return NULL;
+    }
+
+    gmt->base.alg = alg;
+    gmt->base.mode = mode;
+    gmt->base.driver = &qcrypto_cipher_gmt_driver;
+    return &gmt->base;
+
+abort:
+    gmt_device_unlock();
+    return NULL;
+}
+
+static int
+qcrypto_gmt_cipher_setiv(QCryptoCipher *cipher,
+                         const uint8_t *iv,
+                         size_t niv, Error **errp)
+{
+    error_setg(errp, "Setting IV is not supported");
+    return -1;
+}
+
+static int
+qcrypto_gmt_cipher_op(QCryptoGMT *gmt,
+                      const void *in, void *out,
+                      size_t len, bool do_encrypt,
+                      Error **errp)
+{
+    unsigned int rlen;
+    int rv;
+
+    if (do_encrypt) {
+        rv = SDF_Encrypt(gmt->session, gmt->key, gmt->alg, gmt->iv,
+                         (SGD_UCHAR *)in, len, out, &rlen);
+    } else {
+        rv = SDF_Decrypt(gmt->session, gmt->key, gmt->alg, gmt->iv,
+                         (SGD_UCHAR *)in, len, out, &rlen);
+    }
+
+    if (rv != SDR_OK) {
+        error_setg(errp, "Crypto operation failed");
+        return -1;
+    }
+
+    return 0;
+}
+
+static void
+qcrypto_gmt_free(QCryptoGMT *gmt)
+{
+    g_assert(gmt != NULL);
+
+    SDF_DestroyKey(gmt->session, gmt->key);
+    SDF_CloseSession(gmt->session);
+
+    gmt_device_lock();
+    gmt_device_unref();
+    gmt_device_unlock();
+}
+
+static int
+qcrypto_gmt_cipher_encrypt(QCryptoCipher *cipher,
+                           const void *in, void *out,
+                           size_t len, Error **errp)
+{
+    QCryptoGMT *gmt = container_of(cipher, QCryptoGMT, base);
+    return qcrypto_gmt_cipher_op(gmt, in, out, len, true, errp);
+}
+
+static int
+qcrypto_gmt_cipher_decrypt(QCryptoCipher *cipher,
+                           const void *in, void *out,
+                           size_t len, Error **errp)
+{
+    QCryptoGMT *gmt = container_of(cipher, QCryptoGMT, base);
+    return qcrypto_gmt_cipher_op(gmt, in, out, len, false, errp);
+}
+
+static void qcrypto_gmt_comm_ctx_free(QCryptoCipher *cipher)
+{
+    QCryptoGMT *gmt = container_of(cipher, QCryptoGMT, base);
+    qcrypto_gmt_free(gmt);
+    g_free(gmt);
+}
+
+static const struct QCryptoCipherDriver qcrypto_cipher_gmt_driver = {
+    .cipher_encrypt = qcrypto_gmt_cipher_encrypt,
+    .cipher_decrypt = qcrypto_gmt_cipher_decrypt,
+    .cipher_setiv = qcrypto_gmt_cipher_setiv,
+    .cipher_free = qcrypto_gmt_comm_ctx_free,
+};
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 5f512768ea..785f231948 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -157,6 +157,8 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
 
 #ifdef CONFIG_AF_ALG
     cipher = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
+#elif defined CONFIG_GMT_0018_2012
+    cipher = qcrypto_gmt_cipher_ctx_new(alg, mode, key, nkey, NULL);
 #endif
 
     if (!cipher) {
diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h
index 396527857d..b8e542134c 100644
--- a/crypto/cipherpriv.h
+++ b/crypto/cipherpriv.h
@@ -46,7 +46,13 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
                              QCryptoCipherMode mode,
                              const uint8_t *key,
                              size_t nkey, Error **errp);
+#elif defined CONFIG_GMT_0018_2012
 
+extern QCryptoCipher *
+qcrypto_gmt_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+                           QCryptoCipherMode mode,
+                           const uint8_t *key,
+                           size_t nkey, Error **errp);
 #endif
 
 #endif
-- 
2.39.3

[PATCH RFC 2/3] meson.build: Support GM/T 0018-2012 cryptographic standard

[Hyman Huang]

GM/T 0018-2012 is a cryptographic standard issued by the State
Cryptography Administration of China.

The implement of the standard could support symmetric cipher
algorithm for block encryption. SM4 cipher algorithms could be
applied currently, so detect SM4 cipher algorithms via GM/T
0018-2012 API and enable the feature if crypto-gmt is given
explictly. This feature defaults to disabled.

Signed-off-by: Hyman Huang <yong.huang@smartx.com>
---
 crypto/meson.build            |  3 +++
 meson.build                   | 30 ++++++++++++++++++++++++++++++
 meson_options.txt             |  2 ++
 scripts/meson-buildoptions.sh |  3 +++
 4 files changed, 38 insertions(+)

diff --git a/crypto/meson.build b/crypto/meson.build
index c46f9c22a7..dd49d03780 100644
--- a/crypto/meson.build
+++ b/crypto/meson.build
@@ -46,6 +46,9 @@ endif
 if have_afalg
   crypto_ss.add(if_true: files('afalg.c', 'cipher-afalg.c', 'hash-afalg.c'))
 endif
+if gmt_0018_2012.found()
+  crypto_ss.add(gmt_0018_2012, files('cipher-gmt.c'))
+endif
 
 system_ss.add(when: gnutls, if_true: files('tls-cipher-suites.c'))
 
diff --git a/meson.build b/meson.build
index c1dc83e4c0..cd188582b5 100644
--- a/meson.build
+++ b/meson.build
@@ -1693,6 +1693,34 @@ if not gnutls_crypto.found()
   endif
 endif
 
+if get_option('crypto_gmt').enabled() and get_option('crypto_afalg').enabled()
+  error('Only one of GM/T 0018-2012 & afalg can be enabled')
+endif
+
+gmt_0018_2012 = not_found
+if (not get_option('crypto_gmt').auto() or have_system)
+  gmt_0018_2012 = cc.find_library('gmt_0018_2012', has_headers: ['gmt-0018-2012.h'],
+                                  required: get_option('crypto_gmt'))
+  if gmt_0018_2012.found() and not cc.links('''
+    #include <stddef.h>
+    #include <gmt-0018-2012.h>
+    int main(void) {
+      unsigned char iv[16] = {0};
+      unsigned char plainData[16] = {0};
+      unsigned char cipherData[16] = {0};
+      unsigned int rlen;
+      SDF_Encrypt(NULL, NULL, SGD_SM4_ECB, iv, plainData, 16, cipherData, &rlen);
+      return 0;
+    }''', dependencies: gmt_0018_2012)
+    gmt_0018_2012 = not_found
+    if get_option('crypto_gmt').enabled()
+      error('could not link gmt_0018_2012')
+    else
+      warning('could not link gmt_0018_2012, disabling')
+    endif
+  endif
+endif
+
 capstone = not_found
 if not get_option('capstone').auto() or have_system or have_user
   capstone = dependency('capstone', version: '>=3.0.5',
@@ -2291,6 +2319,7 @@ config_host_data.set('CONFIG_GNUTLS_CRYPTO', gnutls_crypto.found())
 config_host_data.set('CONFIG_TASN1', tasn1.found())
 config_host_data.set('CONFIG_GCRYPT', gcrypt.found())
 config_host_data.set('CONFIG_NETTLE', nettle.found())
+config_host_data.set('CONFIG_GMT_0018_2012', gmt_0018_2012.found())
 config_host_data.set('CONFIG_CRYPTO_SM4', crypto_sm4.found())
 config_host_data.set('CONFIG_HOGWEED', hogweed.found())
 config_host_data.set('CONFIG_QEMU_PRIVATE_XTS', xts == 'private')
@@ -4333,6 +4362,7 @@ if nettle.found()
 endif
 summary_info += {'SM4 ALG support':   crypto_sm4}
 summary_info += {'AF_ALG support':    have_afalg}
+summary_info += {'GM/T 0018-2012 support': gmt_0018_2012.found()}
 summary_info += {'rng-none':          get_option('rng_none')}
 summary_info += {'Linux keyring':     have_keyring}
 summary_info += {'Linux keyutils':    keyutils}
diff --git a/meson_options.txt b/meson_options.txt
index 0a99a059ec..4f35d3d62d 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -174,6 +174,8 @@ option('gcrypt', type : 'feature', value : 'auto',
        description: 'libgcrypt cryptography support')
 option('crypto_afalg', type : 'feature', value : 'disabled',
        description: 'Linux AF_ALG crypto backend driver')
+option('crypto_gmt', type : 'feature', value : 'disabled',
+       description: 'GM/T 0018-2012 cryptographic standard driver')
 option('libdaxctl', type : 'feature', value : 'auto',
        description: 'libdaxctl support')
 option('libpmem', type : 'feature', value : 'auto',
diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh
index 680fa3f581..e116e7b9ed 100644
--- a/scripts/meson-buildoptions.sh
+++ b/scripts/meson-buildoptions.sh
@@ -106,6 +106,7 @@ meson_options_help() {
   printf "%s\n" '  colo-proxy      colo-proxy support'
   printf "%s\n" '  coreaudio       CoreAudio sound support'
   printf "%s\n" '  crypto-afalg    Linux AF_ALG crypto backend driver'
+  printf "%s\n" '  crypto-gmt      GM/T 0018-2012 crypto backend driver'
   printf "%s\n" '  curl            CURL block device driver'
   printf "%s\n" '  curses          curses UI'
   printf "%s\n" '  dbus-display    -display dbus support'
@@ -282,6 +283,8 @@ _meson_option_parse() {
     --disable-coroutine-pool) printf "%s" -Dcoroutine_pool=false ;;
     --enable-crypto-afalg) printf "%s" -Dcrypto_afalg=enabled ;;
     --disable-crypto-afalg) printf "%s" -Dcrypto_afalg=disabled ;;
+    --enable-crypto-gmt) printf "%s" -Dcrypto_gmt=enabled ;;
+    --disable-crypto-gmt) printf "%s" -Dcrypto_gmt=disabled ;;
     --enable-curl) printf "%s" -Dcurl=enabled ;;
     --disable-curl) printf "%s" -Dcurl=disabled ;;
     --enable-curses) printf "%s" -Dcurses=enabled ;;
-- 
2.39.3

[PATCH RFC 3/3] crypto: Allow GM/T 0018-2012 to support SM4 cipher algorithm

[Hyman Huang]

Since GM/T 0018-2012 was probed by SM4 cipher algorithm, allow
it to support SM4 cipher algorithm in block encryption.

Signed-off-by: Hyman Huang <yong.huang@smartx.com>
---
 crypto/block-luks.c | 4 ++--
 crypto/cipher.c     | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 3ee928fb5a..f4101fd435 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -95,7 +95,7 @@ qcrypto_block_luks_cipher_size_map_twofish[] = {
     { 0, 0 },
 };
 
-#ifdef CONFIG_CRYPTO_SM4
+#if defined CONFIG_CRYPTO_SM4 || defined CONFIG_GMT_0018_2012
 static const QCryptoBlockLUKSCipherSizeMap
 qcrypto_block_luks_cipher_size_map_sm4[] = {
     { 16, QCRYPTO_CIPHER_ALG_SM4},
@@ -109,7 +109,7 @@ qcrypto_block_luks_cipher_name_map[] = {
     { "cast5", qcrypto_block_luks_cipher_size_map_cast5 },
     { "serpent", qcrypto_block_luks_cipher_size_map_serpent },
     { "twofish", qcrypto_block_luks_cipher_size_map_twofish },
-#ifdef CONFIG_CRYPTO_SM4
+#if defined CONFIG_CRYPTO_SM4 || defined CONFIG_GMT_0018_2012
     { "sm4", qcrypto_block_luks_cipher_size_map_sm4},
 #endif
 };
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 785f231948..5c2a620dcf 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -38,7 +38,7 @@ static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = {
     [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
     [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24,
     [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32,
-#ifdef CONFIG_CRYPTO_SM4
+#if defined CONFIG_CRYPTO_SM4 || defined CONFIG_GMT_0018_2012
     [QCRYPTO_CIPHER_ALG_SM4] = 16,
 #endif
 };
@@ -56,7 +56,7 @@ static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
     [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
     [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16,
     [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16,
-#ifdef CONFIG_CRYPTO_SM4
+#if defined CONFIG_CRYPTO_SM4 || defined CONFIG_GMT_0018_2012
     [QCRYPTO_CIPHER_ALG_SM4] = 16,
 #endif
 };
-- 
2.39.3

Re: [PATCH RFC 0/3] Support GM/T 0018-2012 cryptographic standard

[Daniel P. Berrangé]

On Sat, Feb 24, 2024 at 10:34:55PM +0800, Hyman Huang wrote:
> This patchset introduce GM/T 0018-2012 as a crypto backend driver,
> which is applied for block encryption. Currently, we support SM4
> cipher algorithm only.
> 
> GM/T 0018-2012 is a cryptographic standard issued by the State
> Cryptography Administration of China. Visit https://hbba.sacinfo.org.cn
> search GM/T 0018-2012 for brief introduction.
> 
> The objective of the standard is to develop a uniform application
> interface standard for the service-based cryptography device under
> the public key cryptographic infrastructure application framework,
> and to call the cryptography device through this interface to
> provide basic cryptographic services for the uppler layer. For
> more information about contents of the standard, download the
> specificaiton from:
> "https://github.com/guanzhi/GM-Standards/blob/master/GMT密码行标/
> GMT 00018-2012 密码设备应用接口规范.pdf"
> 
> There are two benefits to doing this, at least.
>  * Performance - using a cryptography device for block encryption
>                  offers an opportunity to enhance the input/output
>                  performance once the hardware is certified
>  * Secrecy - hardware manufacturers may fortify cryptography
>              equipment with security features, so increasing the
>              secrecy of block encryption.
> 
> The precise way that vendors implement the standard APIs for data
> encryption using the cryptographic device is uncoupled from the
> GM/T 0018-2012 specification. Thus, if developers enable this
> functionality with the following conditions met, we could accomplish
> the general implementation:
> 
> 1. rename the header file provided by vendor to gmt-0018-2012.h
>    and copy it to the /usr/include directory.
> 2. rename the dynamic library provided by vendor to
>    gmt_0018_2012.so and copy it to the /usr/lib64 or any directory
>    that linker could find before compiling QEMU.
> 3. enable crypto_gmt option when compiling QEMU and make the feature
>    availiable.
> 
> By offering a development package for GM/T 0018-2012, the above
> provisions could be standardized; unfortunately, the hardware
> manufacturer has not completed this task. So developers who don't
> work with the vendor to obtain the cryptography device and related
> library may not be able to test this functionality because the
> standard implementation depends on the cryptography device supplied
> by the hardware vendor. We are hesitant to contribute to this series
> as a result.

Hmm, yes, that is a pretty unpleasant approach.

IMHO there really needs to be a reference implementation that is
pure software. eg a gmt_0018_2012.so + header files that simply
uses an existing crypto library. That way applications can build
and test their support for this, without having to have access
to a specific piece of hardware. Hardware vendors should only
have to provide their library impl, not the headers.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [PATCH RFC 0/3] Support GM/T 0018-2012 cryptographic standard

[Yong Huang]

[-- Attachment #1: Type: text/plain, Size: 3710 bytes --]

On Thu, Feb 29, 2024 at 5:04 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> On Sat, Feb 24, 2024 at 10:34:55PM +0800, Hyman Huang wrote:
> > This patchset introduce GM/T 0018-2012 as a crypto backend driver,
> > which is applied for block encryption. Currently, we support SM4
> > cipher algorithm only.
> >
> > GM/T 0018-2012 is a cryptographic standard issued by the State
> > Cryptography Administration of China. Visit https://hbba.sacinfo.org.cn
> > search GM/T 0018-2012 for brief introduction.
> >
> > The objective of the standard is to develop a uniform application
> > interface standard for the service-based cryptography device under
> > the public key cryptographic infrastructure application framework,
> > and to call the cryptography device through this interface to
> > provide basic cryptographic services for the uppler layer. For
> > more information about contents of the standard, download the
> > specificaiton from:
> > "https://github.com/guanzhi/GM-Standards/blob/master/GMT密码行标/
> > GMT 00018-2012 密码设备应用接口规范.pdf"
> >
> > There are two benefits to doing this, at least.
> >  * Performance - using a cryptography device for block encryption
> >                  offers an opportunity to enhance the input/output
> >                  performance once the hardware is certified
> >  * Secrecy - hardware manufacturers may fortify cryptography
> >              equipment with security features, so increasing the
> >              secrecy of block encryption.
> >
> > The precise way that vendors implement the standard APIs for data
> > encryption using the cryptographic device is uncoupled from the
> > GM/T 0018-2012 specification. Thus, if developers enable this
> > functionality with the following conditions met, we could accomplish
> > the general implementation:
> >
> > 1. rename the header file provided by vendor to gmt-0018-2012.h
> >    and copy it to the /usr/include directory.
> > 2. rename the dynamic library provided by vendor to
> >    gmt_0018_2012.so and copy it to the /usr/lib64 or any directory
> >    that linker could find before compiling QEMU.
> > 3. enable crypto_gmt option when compiling QEMU and make the feature
> >    availiable.
> >
> > By offering a development package for GM/T 0018-2012, the above
> > provisions could be standardized; unfortunately, the hardware
> > manufacturer has not completed this task. So developers who don't
> > work with the vendor to obtain the cryptography device and related
> > library may not be able to test this functionality because the
> > standard implementation depends on the cryptography device supplied
> > by the hardware vendor. We are hesitant to contribute to this series
> > as a result.
>
> Hmm, yes, that is a pretty unpleasant approach.
>
> IMHO there really needs to be a reference implementation that is
> pure software. eg a gmt_0018_2012.so + header files that simply
>

Ok, this is a preferred choice but more work should be done for
the pure software implementation, we may try it in space time.

Thanks for the comments,

Yong


> uses an existing crypto library. That way applications can build
> and test their support for this, without having to have access
> to a specific piece of hardware. Hardware vendors should only
> have to provide their library impl, not the headers.


> With regards,
> Daniel
> --
> |: https://berrange.com      -o-
> https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-
> https://www.instagram.com/dberrange :|
>
>

-- 
Best regards

[-- Attachment #2: Type: text/html, Size: 6168 bytes --]