On Tue, Oct 29, 2024 at 08:06:39PM +0800, liequan che wrote:
> Introduce the SM3 cryptographic hash algorithm (GB/T 32905-2016).
>
> SM3 (GB/T 32905-2016) is a cryptographic standard issued by the
> Organization of State Commercial Cryptography Administration (OSCCA)
> as an authorized cryptographic algorithm for use within China.
>
> Detect the SM3 cryptographic hash algorithm and enable the feature silently
> if it is available.
>
> Signed-off-by: cheliequan <[email protected]>
> ---
> crypto/hash-gcrypt.c | 3 +++
> crypto/hash-nettle.c | 14 ++++++++++++
> crypto/hash.c | 3 +++
> crypto/hmac-gcrypt.c | 3 +++
> crypto/hmac-nettle.c | 11 ++++++++++
> crypto/pbkdf-gcrypt.c | 6 ++++++
> crypto/pbkdf-nettle.c | 13 ++++++++++++
> include/crypto/hash.h | 1 +
> meson.build | 39 ++++++++++++++++++++++++++++++++++
> qapi/crypto.json | 3 ++-
> tests/unit/test-crypto-hash.c | 16 ++++++++++++++
> tests/unit/test-crypto-hmac.c | 8 +++++++
> tests/unit/test-crypto-pbkdf.c | 16 ++++++++++++++
> 13 files changed, 135 insertions(+), 1 deletion(-)
>
> diff --git a/meson.build b/meson.build
> index 85594fd3f1..611c13d182 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1754,6 +1754,7 @@ gcrypt = not_found
> nettle = not_found
> hogweed = not_found
> crypto_sm4 = not_found
> +crypto_sm3 = not_found
> xts = 'none'
>
> if get_option('nettle').enabled() and get_option('gcrypt').enabled()
> @@ -1789,6 +1790,17 @@ if not gnutls_crypto.found()
> }''', dependencies: gcrypt)
> crypto_sm4 = not_found
> endif
> + crypto_sm3 = gcrypt
> + # SM3 ALG is available in libgcrypt >= 1.8
The gcrypt NEWS says SM3 was added in 1.9, not 1.8
> + if gcrypt.found() and not cc.links('''
> + #include <gcrypt.h>
> + int main(void) {
> + gcry_md_hd_t handler;
> + gcry_md_open(&handler, GCRY_MD_SM3, 0);
> + return 0;
> + }''', dependencies: gcrypt)
> + crypto_sm3 = not_found
> + endif
> endif
> if (not get_option('nettle').auto() or have_system) and not
> gcrypt.found()
> nettle = dependency('nettle', version: '>=3.4',
> @@ -1809,6 +1821,31 @@ if not gnutls_crypto.found()
> }''', dependencies: nettle)
> crypto_sm4 = not_found
> endif
> + crypto_sm3 = nettle
> + # SM3 ALG is available in nettle >= 3.4
The nettle NEWS says SM3 was added in 3.8, not 3.4
> + if nettle.found() and not cc.links('''
> + #include <nettle/sm3.h>
> + #include <nettle/hmac.h>
> + int main(void) {
> + struct sm3_ctx ctx;
> + struct hmac_sm3_ctx hmac_ctx;
> + unsigned char data[64] = {0};
> + unsigned char output[32];
> +
> + // SM3 hash function test
> + sm3_init(&ctx);
> + sm3_update(&ctx, 64, data);
> + sm3_digest(&ctx, 32, data);
> +
> + // HMAC-SM3 test
> + hmac_sm3_set_key(&hmac_ctx, 32, data);
> + hmac_sm3_update(&hmac_ctx, 64, data);
> + hmac_sm3_digest(&hmac_ctx, 32, output);
> +
> + return 0;
> + }''', dependencies: nettle)
> + crypto_sm3 = not_found
> + endif
> endif
> endif
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index 9431522768..3645a4649b 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -55,11 +55,12 @@
> # @sha512: SHA-512. (since 2.7)
> #
> # @ripemd160: RIPEMD-160. (since 2.7)
> +# @sm3: SM3. (since 8.2.0)
QEMU's current release is 9.1, so the next version this
can be added to is 9.2.0, not 8.2.0
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
