GM/T 0018-2012 is a cryptographic standard issued by the State Cryptography Administration of China.
The implement of the standard could support symmetric cipher algorithm for block encryption. SM4 cipher algorithms could be applied currently, so detect SM4 cipher algorithms via GM/T 0018-2012 API and enable the feature if crypto-gmt is given explictly. This feature defaults to disabled. Signed-off-by: Hyman Huang <yong.hu...@smartx.com> --- crypto/meson.build | 3 +++ meson.build | 30 ++++++++++++++++++++++++++++++ meson_options.txt | 2 ++ scripts/meson-buildoptions.sh | 3 +++ 4 files changed, 38 insertions(+) diff --git a/crypto/meson.build b/crypto/meson.build index c46f9c22a7..dd49d03780 100644 --- a/crypto/meson.build +++ b/crypto/meson.build @@ -46,6 +46,9 @@ endif if have_afalg crypto_ss.add(if_true: files('afalg.c', 'cipher-afalg.c', 'hash-afalg.c')) endif +if gmt_0018_2012.found() + crypto_ss.add(gmt_0018_2012, files('cipher-gmt.c')) +endif system_ss.add(when: gnutls, if_true: files('tls-cipher-suites.c')) diff --git a/meson.build b/meson.build index c1dc83e4c0..cd188582b5 100644 --- a/meson.build +++ b/meson.build @@ -1693,6 +1693,34 @@ if not gnutls_crypto.found() endif endif +if get_option('crypto_gmt').enabled() and get_option('crypto_afalg').enabled() + error('Only one of GM/T 0018-2012 & afalg can be enabled') +endif + +gmt_0018_2012 = not_found +if (not get_option('crypto_gmt').auto() or have_system) + gmt_0018_2012 = cc.find_library('gmt_0018_2012', has_headers: ['gmt-0018-2012.h'], + required: get_option('crypto_gmt')) + if gmt_0018_2012.found() and not cc.links(''' + #include <stddef.h> + #include <gmt-0018-2012.h> + int main(void) { + unsigned char iv[16] = {0}; + unsigned char plainData[16] = {0}; + unsigned char cipherData[16] = {0}; + unsigned int rlen; + SDF_Encrypt(NULL, NULL, SGD_SM4_ECB, iv, plainData, 16, cipherData, &rlen); + return 0; + }''', dependencies: gmt_0018_2012) + gmt_0018_2012 = not_found + if get_option('crypto_gmt').enabled() + error('could not link gmt_0018_2012') + else + warning('could not link gmt_0018_2012, disabling') + endif + endif +endif + capstone = not_found if not get_option('capstone').auto() or have_system or have_user capstone = dependency('capstone', version: '>=3.0.5', @@ -2291,6 +2319,7 @@ config_host_data.set('CONFIG_GNUTLS_CRYPTO', gnutls_crypto.found()) config_host_data.set('CONFIG_TASN1', tasn1.found()) config_host_data.set('CONFIG_GCRYPT', gcrypt.found()) config_host_data.set('CONFIG_NETTLE', nettle.found()) +config_host_data.set('CONFIG_GMT_0018_2012', gmt_0018_2012.found()) config_host_data.set('CONFIG_CRYPTO_SM4', crypto_sm4.found()) config_host_data.set('CONFIG_HOGWEED', hogweed.found()) config_host_data.set('CONFIG_QEMU_PRIVATE_XTS', xts == 'private') @@ -4333,6 +4362,7 @@ if nettle.found() endif summary_info += {'SM4 ALG support': crypto_sm4} summary_info += {'AF_ALG support': have_afalg} +summary_info += {'GM/T 0018-2012 support': gmt_0018_2012.found()} summary_info += {'rng-none': get_option('rng_none')} summary_info += {'Linux keyring': have_keyring} summary_info += {'Linux keyutils': keyutils} diff --git a/meson_options.txt b/meson_options.txt index 0a99a059ec..4f35d3d62d 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -174,6 +174,8 @@ option('gcrypt', type : 'feature', value : 'auto', description: 'libgcrypt cryptography support') option('crypto_afalg', type : 'feature', value : 'disabled', description: 'Linux AF_ALG crypto backend driver') +option('crypto_gmt', type : 'feature', value : 'disabled', + description: 'GM/T 0018-2012 cryptographic standard driver') option('libdaxctl', type : 'feature', value : 'auto', description: 'libdaxctl support') option('libpmem', type : 'feature', value : 'auto', diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh index 680fa3f581..e116e7b9ed 100644 --- a/scripts/meson-buildoptions.sh +++ b/scripts/meson-buildoptions.sh @@ -106,6 +106,7 @@ meson_options_help() { printf "%s\n" ' colo-proxy colo-proxy support' printf "%s\n" ' coreaudio CoreAudio sound support' printf "%s\n" ' crypto-afalg Linux AF_ALG crypto backend driver' + printf "%s\n" ' crypto-gmt GM/T 0018-2012 crypto backend driver' printf "%s\n" ' curl CURL block device driver' printf "%s\n" ' curses curses UI' printf "%s\n" ' dbus-display -display dbus support' @@ -282,6 +283,8 @@ _meson_option_parse() { --disable-coroutine-pool) printf "%s" -Dcoroutine_pool=false ;; --enable-crypto-afalg) printf "%s" -Dcrypto_afalg=enabled ;; --disable-crypto-afalg) printf "%s" -Dcrypto_afalg=disabled ;; + --enable-crypto-gmt) printf "%s" -Dcrypto_gmt=enabled ;; + --disable-crypto-gmt) printf "%s" -Dcrypto_gmt=disabled ;; --enable-curl) printf "%s" -Dcurl=enabled ;; --disable-curl) printf "%s" -Dcurl=disabled ;; --enable-curses) printf "%s" -Dcurses=enabled ;; -- 2.39.3