From: Thomas Huth <thuth@redhat.com>
To: "Hyman Huang" <yong.huang@smartx.com>,
qemu-devel@nongnu.org,
"Daniel P . Berrangé" <berrange@redhat.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Eric Blake" <eblake@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>
Subject: Re: [PATCH v6] crypto: Introduce SM4 symmetric cipher algorithm
Date: Fri, 8 Mar 2024 21:30:52 +0100 [thread overview]
Message-ID: <ac13ac70-9894-48b2-97a9-ddb7a8077ac7@redhat.com> (raw)
In-Reply-To: <95b77afe68b898c95d381c9aa039c16b54d2e525.1701963950.git.yong.huang@smartx.com>
On 07/12/2023 16.47, Hyman Huang wrote:
> Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
>
> SM4 (GBT.32907-2016) is a cryptographic standard issued by the
> Organization of State Commercial Administration of China (OSCCA)
> as an authorized cryptographic algorithms for the use within China.
>
> Detect the SM4 cipher algorithms and enable the feature silently
> if it is available.
>
> Signed-off-by: Hyman Huang <yong.huang@smartx.com>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> ---
FYI, starting with this commit, tests/unit/test-crypto-cipher is now failing
on s390x hosts (i.e. big endian machines)... could be that there is maybe an
endianess issue somewhere in here...
Thomas
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index fb01ec38bb..f0813d69b4 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -95,12 +95,23 @@ qcrypto_block_luks_cipher_size_map_twofish[] = {
> { 0, 0 },
> };
>
> +#ifdef CONFIG_CRYPTO_SM4
> +static const QCryptoBlockLUKSCipherSizeMap
> +qcrypto_block_luks_cipher_size_map_sm4[] = {
> + { 16, QCRYPTO_CIPHER_ALG_SM4},
> + { 0, 0 },
> +};
> +#endif
> +
> static const QCryptoBlockLUKSCipherNameMap
> qcrypto_block_luks_cipher_name_map[] = {
> { "aes", qcrypto_block_luks_cipher_size_map_aes },
> { "cast5", qcrypto_block_luks_cipher_size_map_cast5 },
> { "serpent", qcrypto_block_luks_cipher_size_map_serpent },
> { "twofish", qcrypto_block_luks_cipher_size_map_twofish },
> +#ifdef CONFIG_CRYPTO_SM4
> + { "sm4", qcrypto_block_luks_cipher_size_map_sm4},
> +#endif
> };
>
> QEMU_BUILD_BUG_ON(sizeof(struct QCryptoBlockLUKSKeySlot) != 48);
> diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc
> index a6a0117717..1377cbaf14 100644
> --- a/crypto/cipher-gcrypt.c.inc
> +++ b/crypto/cipher-gcrypt.c.inc
> @@ -35,6 +35,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_ALG_SERPENT_256:
> case QCRYPTO_CIPHER_ALG_TWOFISH_128:
> case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> +#ifdef CONFIG_CRYPTO_SM4
> + case QCRYPTO_CIPHER_ALG_SM4:
> +#endif
> break;
> default:
> return false;
> @@ -219,6 +222,11 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> gcryalg = GCRY_CIPHER_TWOFISH;
> break;
> +#ifdef CONFIG_CRYPTO_SM4
> + case QCRYPTO_CIPHER_ALG_SM4:
> + gcryalg = GCRY_CIPHER_SM4;
> + break;
> +#endif
> default:
> error_setg(errp, "Unsupported cipher algorithm %s",
> QCryptoCipherAlgorithm_str(alg));
> diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc
> index 24cc61f87b..42b39e18a2 100644
> --- a/crypto/cipher-nettle.c.inc
> +++ b/crypto/cipher-nettle.c.inc
> @@ -33,6 +33,9 @@
> #ifndef CONFIG_QEMU_PRIVATE_XTS
> #include <nettle/xts.h>
> #endif
> +#ifdef CONFIG_CRYPTO_SM4
> +#include <nettle/sm4.h>
> +#endif
>
> static inline bool qcrypto_length_check(size_t len, size_t blocksize,
> Error **errp)
> @@ -426,6 +429,30 @@ DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish,
> QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE,
> twofish_encrypt_native, twofish_decrypt_native)
>
> +#ifdef CONFIG_CRYPTO_SM4
> +typedef struct QCryptoNettleSm4 {
> + QCryptoCipher base;
> + struct sm4_ctx key[2];
> +} QCryptoNettleSm4;
> +
> +static void sm4_encrypt_native(void *ctx, size_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + struct sm4_ctx *keys = ctx;
> + sm4_crypt(&keys[0], length, dst, src);
> +}
> +
> +static void sm4_decrypt_native(void *ctx, size_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + struct sm4_ctx *keys = ctx;
> + sm4_crypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB(qcrypto_nettle_sm4,
> + QCryptoNettleSm4, SM4_BLOCK_SIZE,
> + sm4_encrypt_native, sm4_decrypt_native)
> +#endif
>
> bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode)
> @@ -443,6 +470,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_ALG_TWOFISH_128:
> case QCRYPTO_CIPHER_ALG_TWOFISH_192:
> case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> +#ifdef CONFIG_CRYPTO_SM4
> + case QCRYPTO_CIPHER_ALG_SM4:
> +#endif
> break;
> default:
> return false;
> @@ -701,6 +731,25 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
>
> return &ctx->base;
> }
> +#ifdef CONFIG_CRYPTO_SM4
> + case QCRYPTO_CIPHER_ALG_SM4:
> + {
> + QCryptoNettleSm4 *ctx = g_new0(QCryptoNettleSm4, 1);
> +
> + switch (mode) {
> + case QCRYPTO_CIPHER_MODE_ECB:
> + ctx->base.driver = &qcrypto_nettle_sm4_driver_ecb;
> + break;
> + default:
> + goto bad_cipher_mode;
> + }
> +
> + sm4_set_encrypt_key(&ctx->key[0], key);
> + sm4_set_decrypt_key(&ctx->key[1], key);
> +
> + return &ctx->base;
> + }
> +#endif
>
> default:
> error_setg(errp, "Unsupported cipher algorithm %s",
> diff --git a/crypto/cipher.c b/crypto/cipher.c
> index 74b09a5b26..5f512768ea 100644
> --- a/crypto/cipher.c
> +++ b/crypto/cipher.c
> @@ -38,6 +38,9 @@ static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = {
> [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
> [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24,
> [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32,
> +#ifdef CONFIG_CRYPTO_SM4
> + [QCRYPTO_CIPHER_ALG_SM4] = 16,
> +#endif
> };
>
> static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
> @@ -53,6 +56,9 @@ static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
> [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
> [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16,
> [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16,
> +#ifdef CONFIG_CRYPTO_SM4
> + [QCRYPTO_CIPHER_ALG_SM4] = 16,
> +#endif
> };
>
> static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = {
> diff --git a/meson.build b/meson.build
> index d2c4c2adb3..52f2f85b5a 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1480,6 +1480,7 @@ endif
> gcrypt = not_found
> nettle = not_found
> hogweed = not_found
> +crypto_sm4 = not_found
> xts = 'none'
>
> if get_option('nettle').enabled() and get_option('gcrypt').enabled()
> @@ -1505,6 +1506,17 @@ if not gnutls_crypto.found()
> cc.find_library('gpg-error', required: true)],
> version: gcrypt.version())
> endif
> + crypto_sm4 = gcrypt
> + # SM4 ALG is available in libgcrypt >= 1.9
> + if gcrypt.found() and not cc.links('''
> + #include <gcrypt.h>
> + int main(void) {
> + gcry_cipher_hd_t handler;
> + gcry_cipher_open(&handler, GCRY_CIPHER_SM4, GCRY_CIPHER_MODE_ECB, 0);
> + return 0;
> + }''', dependencies: gcrypt)
> + crypto_sm4 = not_found
> + endif
> endif
> if (not get_option('nettle').auto() or have_system) and not gcrypt.found()
> nettle = dependency('nettle', version: '>=3.4',
> @@ -1513,6 +1525,18 @@ if not gnutls_crypto.found()
> if nettle.found() and not cc.has_header('nettle/xts.h', dependencies: nettle)
> xts = 'private'
> endif
> + crypto_sm4 = nettle
> + # SM4 ALG is available in nettle >= 3.9
> + if nettle.found() and not cc.links('''
> + #include <nettle/sm4.h>
> + int main(void) {
> + struct sm4_ctx ctx;
> + unsigned char key[16] = {0};
> + sm4_set_encrypt_key(&ctx, key);
> + return 0;
> + }''', dependencies: nettle)
> + crypto_sm4 = not_found
> + endif
> endif
> endif
>
> @@ -2199,6 +2223,7 @@ config_host_data.set('CONFIG_GNUTLS_CRYPTO', gnutls_crypto.found())
> config_host_data.set('CONFIG_TASN1', tasn1.found())
> config_host_data.set('CONFIG_GCRYPT', gcrypt.found())
> config_host_data.set('CONFIG_NETTLE', nettle.found())
> +config_host_data.set('CONFIG_CRYPTO_SM4', crypto_sm4.found())
> config_host_data.set('CONFIG_HOGWEED', hogweed.found())
> config_host_data.set('CONFIG_QEMU_PRIVATE_XTS', xts == 'private')
> config_host_data.set('CONFIG_MALLOC_TRIM', has_malloc_trim)
> @@ -4274,6 +4299,7 @@ summary_info += {'nettle': nettle}
> if nettle.found()
> summary_info += {' XTS': xts != 'private'}
> endif
> +summary_info += {'SM4 ALG support': crypto_sm4}
> summary_info += {'AF_ALG support': have_afalg}
> summary_info += {'rng-none': get_option('rng_none')}
> summary_info += {'Linux keyring': have_keyring}
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index fd3d46ebd1..2f2aeff5fd 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -94,6 +94,8 @@
> #
> # @twofish-256: Twofish with 256 bit / 32 byte keys
> #
> +# @sm4: SM4 with 128 bit / 16 byte keys (since 9.0)
> +#
> # Since: 2.6
> ##
> { 'enum': 'QCryptoCipherAlgorithm',
> @@ -102,7 +104,8 @@
> 'des', '3des',
> 'cast5-128',
> 'serpent-128', 'serpent-192', 'serpent-256',
> - 'twofish-128', 'twofish-192', 'twofish-256']}
> + 'twofish-128', 'twofish-192', 'twofish-256',
> + 'sm4']}
>
> ##
> # @QCryptoCipherMode:
> diff --git a/tests/unit/test-crypto-cipher.c b/tests/unit/test-crypto-cipher.c
> index d9d9d078ff..11ab1a54fc 100644
> --- a/tests/unit/test-crypto-cipher.c
> +++ b/tests/unit/test-crypto-cipher.c
> @@ -382,6 +382,19 @@ static QCryptoCipherTestData test_data[] = {
> .plaintext = "90afe91bb288544f2c32dc239b2635e6",
> .ciphertext = "6cb4561c40bf0a9705931cb6d408e7fa",
> },
> +#ifdef CONFIG_CRYPTO_SM4
> + {
> + /* SM4, GB/T 32907-2016, Appendix A.1 */
> + .path = "/crypto/cipher/sm4",
> + .alg = QCRYPTO_CIPHER_ALG_SM4,
> + .mode = QCRYPTO_CIPHER_MODE_ECB,
> + .key = "0123456789abcdeffedcba9876543210",
> + .plaintext =
> + "0123456789abcdeffedcba9876543210",
> + .ciphertext =
> + "681edf34d206965e86b3e94f536e4246",
> + },
> +#endif
> {
> /* #1 32 byte key, 32 byte PTX */
> .path = "/crypto/cipher/aes-xts-128-1",
next prev parent reply other threads:[~2024-03-08 20:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-07 15:47 [PATCH v6] crypto: Introduce SM4 symmetric cipher algorithm Hyman Huang
2023-12-07 16:02 ` Philippe Mathieu-Daudé
2023-12-08 2:10 ` Yong Huang
2023-12-08 9:33 ` Daniel P. Berrangé
2024-03-08 20:30 ` Thomas Huth [this message]
2024-03-11 9:32 ` Daniel P. Berrangé
2024-03-11 10:14 ` Daniel P. Berrangé
2024-03-11 12:00 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ac13ac70-9894-48b2-97a9-ddb7a8077ac7@redhat.com \
--to=thuth@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=yong.huang@smartx.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).