I'll post the changelog between versions in the next version if needed. :)
v6:
- modify the comment about how to enable sm4 crypto feature
v5:
- drop the crypto-sm4 option in build system
v4
- refactor the error report info, change "sm4"->"libsm4"
On Fri, Dec 8, 2023 at 12:02 AM Philippe Mathieu-Daudé <phi...@linaro.org>
wrote:
> Hi Hyman,
>
> On 7/12/23 16:47, Hyman Huang wrote:
> > Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
> >
> > SM4 (GBT.32907-2016) is a cryptographic standard issued by the
> > Organization of State Commercial Administration of China (OSCCA)
> > as an authorized cryptographic algorithms for the use within China.
> >
> > Detect the SM4 cipher algorithms and enable the feature silently
> > if it is available.
> >
> > Signed-off-by: Hyman Huang <yong.hu...@smartx.com>
> > Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
> > ---
>
> What are the changes since v4/v5?
>
> > crypto/block-luks.c | 11 ++++++++
> > crypto/cipher-gcrypt.c.inc | 8 ++++++
> > crypto/cipher-nettle.c.inc | 49 +++++++++++++++++++++++++++++++++
> > crypto/cipher.c | 6 ++++
> > meson.build | 26 +++++++++++++++++
> > qapi/crypto.json | 5 +++-
> > tests/unit/test-crypto-cipher.c | 13 +++++++++
> > 7 files changed, 117 insertions(+), 1 deletion(-)
> >
> > diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> > index fb01ec38bb..f0813d69b4 100644
> > --- a/crypto/block-luks.c
> > +++ b/crypto/block-luks.c
> > @@ -95,12 +95,23 @@ qcrypto_block_luks_cipher_size_map_twofish[] = {
> > { 0, 0 },
> > };
> >
> > +#ifdef CONFIG_CRYPTO_SM4
> > +static const QCryptoBlockLUKSCipherSizeMap
> > +qcrypto_block_luks_cipher_size_map_sm4[] = {
> > + { 16, QCRYPTO_CIPHER_ALG_SM4},
> > + { 0, 0 },
> > +};
> > +#endif
> > +
> > static const QCryptoBlockLUKSCipherNameMap
> > qcrypto_block_luks_cipher_name_map[] = {
> > { "aes", qcrypto_block_luks_cipher_size_map_aes },
> > { "cast5", qcrypto_block_luks_cipher_size_map_cast5 },
> > { "serpent", qcrypto_block_luks_cipher_size_map_serpent },
> > { "twofish", qcrypto_block_luks_cipher_size_map_twofish },
> > +#ifdef CONFIG_CRYPTO_SM4
> > + { "sm4", qcrypto_block_luks_cipher_size_map_sm4},
> > +#endif
> > };
> >
> > QEMU_BUILD_BUG_ON(sizeof(struct QCryptoBlockLUKSKeySlot) != 48);
> > diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc
> > index a6a0117717..1377cbaf14 100644
> > --- a/crypto/cipher-gcrypt.c.inc
> > +++ b/crypto/cipher-gcrypt.c.inc
> > @@ -35,6 +35,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm
> alg,
> > case QCRYPTO_CIPHER_ALG_SERPENT_256:
> > case QCRYPTO_CIPHER_ALG_TWOFISH_128:
> > case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> > +#ifdef CONFIG_CRYPTO_SM4
> > + case QCRYPTO_CIPHER_ALG_SM4:
> > +#endif
> > break;
> > default:
> > return false;
> > @@ -219,6 +222,11 @@ static QCryptoCipher
> *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> > case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> > gcryalg = GCRY_CIPHER_TWOFISH;
> > break;
> > +#ifdef CONFIG_CRYPTO_SM4
> > + case QCRYPTO_CIPHER_ALG_SM4:
> > + gcryalg = GCRY_CIPHER_SM4;
> > + break;
> > +#endif
> > default:
> > error_setg(errp, "Unsupported cipher algorithm %s",
> > QCryptoCipherAlgorithm_str(alg));
> > diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc
> > index 24cc61f87b..42b39e18a2 100644
> > --- a/crypto/cipher-nettle.c.inc
> > +++ b/crypto/cipher-nettle.c.inc
> > @@ -33,6 +33,9 @@
> > #ifndef CONFIG_QEMU_PRIVATE_XTS
> > #include <nettle/xts.h>
> > #endif
> > +#ifdef CONFIG_CRYPTO_SM4
> > +#include <nettle/sm4.h>
> > +#endif
> >
> > static inline bool qcrypto_length_check(size_t len, size_t blocksize,
> > Error **errp)
> > @@ -426,6 +429,30 @@ DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish,
> > QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE,
> > twofish_encrypt_native, twofish_decrypt_native)
> >
> > +#ifdef CONFIG_CRYPTO_SM4
> > +typedef struct QCryptoNettleSm4 {
> > + QCryptoCipher base;
> > + struct sm4_ctx key[2];
> > +} QCryptoNettleSm4;
> > +
> > +static void sm4_encrypt_native(void *ctx, size_t length,
> > + uint8_t *dst, const uint8_t *src)
> > +{
> > + struct sm4_ctx *keys = ctx;
> > + sm4_crypt(&keys[0], length, dst, src);
> > +}
> > +
> > +static void sm4_decrypt_native(void *ctx, size_t length,
> > + uint8_t *dst, const uint8_t *src)
> > +{
> > + struct sm4_ctx *keys = ctx;
> > + sm4_crypt(&keys[1], length, dst, src);
> > +}
> > +
> > +DEFINE_ECB(qcrypto_nettle_sm4,
> > + QCryptoNettleSm4, SM4_BLOCK_SIZE,
> > + sm4_encrypt_native, sm4_decrypt_native)
> > +#endif
> >
> > bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> > QCryptoCipherMode mode)
> > @@ -443,6 +470,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm
> alg,
> > case QCRYPTO_CIPHER_ALG_TWOFISH_128:
> > case QCRYPTO_CIPHER_ALG_TWOFISH_192:
> > case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> > +#ifdef CONFIG_CRYPTO_SM4
> > + case QCRYPTO_CIPHER_ALG_SM4:
> > +#endif
> > break;
> > default:
> > return false;
> > @@ -701,6 +731,25 @@ static QCryptoCipher
> *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> >
> > return &ctx->base;
> > }
> > +#ifdef CONFIG_CRYPTO_SM4
> > + case QCRYPTO_CIPHER_ALG_SM4:
> > + {
> > + QCryptoNettleSm4 *ctx = g_new0(QCryptoNettleSm4, 1);
> > +
> > + switch (mode) {
> > + case QCRYPTO_CIPHER_MODE_ECB:
> > + ctx->base.driver = &qcrypto_nettle_sm4_driver_ecb;
> > + break;
> > + default:
> > + goto bad_cipher_mode;
> > + }
> > +
> > + sm4_set_encrypt_key(&ctx->key[0], key);
> > + sm4_set_decrypt_key(&ctx->key[1], key);
> > +
> > + return &ctx->base;
> > + }
> > +#endif
> >
> > default:
> > error_setg(errp, "Unsupported cipher algorithm %s",
> > diff --git a/crypto/cipher.c b/crypto/cipher.c
> > index 74b09a5b26..5f512768ea 100644
> > --- a/crypto/cipher.c
> > +++ b/crypto/cipher.c
> > @@ -38,6 +38,9 @@ static const size_t
> alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = {
> > [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
> > [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24,
> > [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32,
> > +#ifdef CONFIG_CRYPTO_SM4
> > + [QCRYPTO_CIPHER_ALG_SM4] = 16,
> > +#endif
> > };
> >
> > static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
> > @@ -53,6 +56,9 @@ static const size_t
> alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
> > [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
> > [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16,
> > [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16,
> > +#ifdef CONFIG_CRYPTO_SM4
> > + [QCRYPTO_CIPHER_ALG_SM4] = 16,
> > +#endif
> > };
> >
> > static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = {
> > diff --git a/meson.build b/meson.build
> > index d2c4c2adb3..52f2f85b5a 100644
> > --- a/meson.build
> > +++ b/meson.build
> > @@ -1480,6 +1480,7 @@ endif
> > gcrypt = not_found
> > nettle = not_found
> > hogweed = not_found
> > +crypto_sm4 = not_found
> > xts = 'none'
> >
> > if get_option('nettle').enabled() and get_option('gcrypt').enabled()
> > @@ -1505,6 +1506,17 @@ if not gnutls_crypto.found()
> > cc.find_library('gpg-error', required: true)],
> > version: gcrypt.version())
> > endif
> > + crypto_sm4 = gcrypt
> > + # SM4 ALG is available in libgcrypt >= 1.9
> > + if gcrypt.found() and not cc.links('''
> > + #include <gcrypt.h>
> > + int main(void) {
> > + gcry_cipher_hd_t handler;
> > + gcry_cipher_open(&handler, GCRY_CIPHER_SM4,
> GCRY_CIPHER_MODE_ECB, 0);
> > + return 0;
> > + }''', dependencies: gcrypt)
> > + crypto_sm4 = not_found
> > + endif
> > endif
> > if (not get_option('nettle').auto() or have_system) and not
> gcrypt.found()
> > nettle = dependency('nettle', version: '>=3.4',
> > @@ -1513,6 +1525,18 @@ if not gnutls_crypto.found()
> > if nettle.found() and not cc.has_header('nettle/xts.h',
> dependencies: nettle)
> > xts = 'private'
> > endif
> > + crypto_sm4 = nettle
> > + # SM4 ALG is available in nettle >= 3.9
> > + if nettle.found() and not cc.links('''
> > + #include <nettle/sm4.h>
> > + int main(void) {
> > + struct sm4_ctx ctx;
> > + unsigned char key[16] = {0};
> > + sm4_set_encrypt_key(&ctx, key);
> > + return 0;
> > + }''', dependencies: nettle)
> > + crypto_sm4 = not_found
> > + endif
> > endif
> > endif
> >
> > @@ -2199,6 +2223,7 @@ config_host_data.set('CONFIG_GNUTLS_CRYPTO',
> gnutls_crypto.found())
> > config_host_data.set('CONFIG_TASN1', tasn1.found())
> > config_host_data.set('CONFIG_GCRYPT', gcrypt.found())
> > config_host_data.set('CONFIG_NETTLE', nettle.found())
> > +config_host_data.set('CONFIG_CRYPTO_SM4', crypto_sm4.found())
> > config_host_data.set('CONFIG_HOGWEED', hogweed.found())
> > config_host_data.set('CONFIG_QEMU_PRIVATE_XTS', xts == 'private')
> > config_host_data.set('CONFIG_MALLOC_TRIM', has_malloc_trim)
> > @@ -4274,6 +4299,7 @@ summary_info += {'nettle': nettle}
> > if nettle.found()
> > summary_info += {' XTS': xts != 'private'}
> > endif
> > +summary_info += {'SM4 ALG support': crypto_sm4}
> > summary_info += {'AF_ALG support': have_afalg}
> > summary_info += {'rng-none': get_option('rng_none')}
> > summary_info += {'Linux keyring': have_keyring}
> > diff --git a/qapi/crypto.json b/qapi/crypto.json
> > index fd3d46ebd1..2f2aeff5fd 100644
> > --- a/qapi/crypto.json
> > +++ b/qapi/crypto.json
> > @@ -94,6 +94,8 @@
> > #
> > # @twofish-256: Twofish with 256 bit / 32 byte keys
> > #
> > +# @sm4: SM4 with 128 bit / 16 byte keys (since 9.0)
> > +#
> > # Since: 2.6
> > ##
> > { 'enum': 'QCryptoCipherAlgorithm',
> > @@ -102,7 +104,8 @@
> > 'des', '3des',
> > 'cast5-128',
> > 'serpent-128', 'serpent-192', 'serpent-256',
> > - 'twofish-128', 'twofish-192', 'twofish-256']}
> > + 'twofish-128', 'twofish-192', 'twofish-256',
> > + 'sm4']}
> >
> > ##
> > # @QCryptoCipherMode:
> > diff --git a/tests/unit/test-crypto-cipher.c
> b/tests/unit/test-crypto-cipher.c
> > index d9d9d078ff..11ab1a54fc 100644
> > --- a/tests/unit/test-crypto-cipher.c
> > +++ b/tests/unit/test-crypto-cipher.c
> > @@ -382,6 +382,19 @@ static QCryptoCipherTestData test_data[] = {
> > .plaintext = "90afe91bb288544f2c32dc239b2635e6",
> > .ciphertext = "6cb4561c40bf0a9705931cb6d408e7fa",
> > },
> > +#ifdef CONFIG_CRYPTO_SM4
> > + {
> > + /* SM4, GB/T 32907-2016, Appendix A.1 */
> > + .path = "/crypto/cipher/sm4",
> > + .alg = QCRYPTO_CIPHER_ALG_SM4,
> > + .mode = QCRYPTO_CIPHER_MODE_ECB,
> > + .key = "0123456789abcdeffedcba9876543210",
> > + .plaintext =
> > + "0123456789abcdeffedcba9876543210",
> > + .ciphertext =
> > + "681edf34d206965e86b3e94f536e4246",
> > + },
> > +#endif
> > {
> > /* #1 32 byte key, 32 byte PTX */
> > .path = "/crypto/cipher/aes-xts-128-1",
>
>
Thanks,
Yong
--
Best regards
