Re: [PATCH 0/4] Introduce OSCCA SM3 hash algorithm
Hi Niels, On 11/28/21 6:03 PM, Niels Möller wrote: Tianjia Zhang writes: You can refer to the ISO specification here: https://www.iso.org/standard/67116.html Or PDF version: https://github.com/alipay/tls13-sm-spec/blob/master/sm-en-pdfs/sm3/GBT.32905-2016.SM3-en.pdf I see that RFC 8998 refers to http://www.gmbz.org.cn/upload/2018-07-24/1532401392982079739.pdf, which looks like the same pdf file. I find it a bit odd that the document carries no information on author or organization. There is no author in the document, but the website www.gmbz.org.cn that publishes this standard is China’s Cryptography Standardization Technical Committee. Thank you very much for your reminder, Jia Zhang is not himself, but another colleague of our team, I will add copyright information in the next version The specification does not define the reference implementation of the algorithm. This series of patches mainly refers to the SM3 implementation in libgcrypt and gnulib. It looks like the gcrypt implementation is licensed under LGPLv2.1 or later (see https://github.com/gpg/libgcrypt/blob/master/cipher/sm3.c), so should be fine to copy into nettle (in contrast to gnulib code, which appears to be GPLv3, and would need explicit permission from copyright holder before relicensing). But if it is a derived work of libgcrypt, in the sense of copyright law, the copyright header needs to acknowledge that, ie, Copyright (C) 2017 Jia Zhang Copyright (C) 2021 Tianjia Zhang Or did you write both versions, with Jia being an alternate form of your name? Thanks for pointing it out, Jia Zhang is another colleague of our team, I will add copyright information in the next version. Best regards, Tianjia ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH 0/4] Introduce OSCCA SM3 hash algorithm
Tianjia Zhang writes: > You can refer to the ISO specification here: > https://www.iso.org/standard/67116.html > Or PDF version: > https://github.com/alipay/tls13-sm-spec/blob/master/sm-en-pdfs/sm3/GBT.32905-2016.SM3-en.pdf I see that RFC 8998 refers to http://www.gmbz.org.cn/upload/2018-07-24/1532401392982079739.pdf, which looks like the same pdf file. I find it a bit odd that the document carries no information on author or organization. > The specification does not define the reference implementation of the > algorithm. This series of patches mainly refers to the SM3 > implementation in libgcrypt and gnulib. It looks like the gcrypt implementation is licensed under LGPLv2.1 or later (see https://github.com/gpg/libgcrypt/blob/master/cipher/sm3.c), so should be fine to copy into nettle (in contrast to gnulib code, which appears to be GPLv3, and would need explicit permission from copyright holder before relicensing). But if it is a derived work of libgcrypt, in the sense of copyright law, the copyright header needs to acknowledge that, ie, Copyright (C) 2017 Jia Zhang Copyright (C) 2021 Tianjia Zhang Or did you write both versions, with Jia being an alternate form of your name? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH 0/4] Introduce OSCCA SM3 hash algorithm
Hi Niels, SM2/3/4 is a series of algorithms, which are all standards formulated by the China Cryptography Administration. They are widely used in China. At present, they are all ISO international standards. We will also consider supporting SM2 and SM4 algorithms in the future. On 11/26/21 12:04 AM, Niels Möller wrote: Tianjia Zhang writes: Add OSCCA SM3 secure hash generic hash algorithm, described in OSCCA GM/T 0004-2012 SM3. Thanks, I've had a first quick look, and it looks nice. I don't know much about this hash function, though. A few questions > * Is there some reasonably authoritative English reference for the algorithm? I checked wikipedia, and it only links to an old internet draft, https://tools.ietf.org/id/draft-oscca-cfrg-sm3-02.html You can refer to the ISO specification here: https://www.iso.org/standard/67116.html Or PDF version: https://github.com/alipay/tls13-sm-spec/blob/master/sm-en-pdfs/sm3/GBT.32905-2016.SM3-en.pdf * The name "sm3" is a bit short, would it make sense to add some family-prefix, maybe "oscca_sm3"? I do not recommend adding algorithm family prefixes. The algorithm names are already standardized, and the current mainstream implementations also use SM3 names, such as libgcrypt, openssl, linux kernel, coreutils, etc. * Do you have some examples of protocols or applications that specify the use of sm3? The SM2/3/4 algorithm can now be used in TLS 1.3 and other scenarios. It is also mandatory to use this type of algorithm in some areas in China. You can refer to: https://datatracker.ietf.org/doc/html/rfc8998 https://datatracker.ietf.org/doc/draft-chen-sm2-sm3-algorithms/ * The implementation, it's written from scratch, or is it based on some reference implementation? The specification does not define the reference implementation of the algorithm. This series of patches mainly refers to the SM3 implementation in libgcrypt and gnulib. Regards, /Niels I hope your question has been answered, thanks again. Best regards, Tianjia ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Re: [PATCH 0/4] Introduce OSCCA SM3 hash algorithm
Tianjia Zhang writes: > Add OSCCA SM3 secure hash generic hash algorithm, described > in OSCCA GM/T 0004-2012 SM3. Thanks, I've had a first quick look, and it looks nice. I don't know much about this hash function, though. A few questions: * Is there some reasonably authoritative English reference for the algorithm? I checked wikipedia, and it only links to an old internet draft, https://tools.ietf.org/id/draft-oscca-cfrg-sm3-02.html * The name "sm3" is a bit short, would it make sense to add some family-prefix, maybe "oscca_sm3"? * Do you have some examples of protocols or applications that specify the use of sm3? * The implementation, it's written from scratch, or is it based on some reference implementation? Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
[PATCH 0/4] Introduce OSCCA SM3 hash algorithm
Add OSCCA SM3 secure hash generic hash algorithm, described in OSCCA GM/T 0004-2012 SM3. Tianjia Zhang (4): Add OSCCA SM3 hash algorithm testsuite: add test for SM3 hash function hmac: add support for SM3 hash function nettle-benchmark: bench SM3 hashes Makefile.in | 7 +- examples/nettle-benchmark.c | 2 +- hmac-sm3-meta.c | 47 +++ hmac-sm3.c | 59 + hmac.h | 19 +++ nettle-meta-hashes.c| 1 + nettle-meta-macs.c | 1 + nettle-meta.h | 2 + sm3-meta.c | 41 ++ sm3.c | 250 sm3.h | 81 testsuite/.gitignore| 1 + testsuite/Makefile.in | 2 +- testsuite/hmac-test.c | 6 + testsuite/meta-hash-test.c | 3 +- testsuite/meta-mac-test.c | 1 + testsuite/sm3-test.c| 20 +++ 17 files changed, 537 insertions(+), 6 deletions(-) create mode 100644 hmac-sm3-meta.c create mode 100644 hmac-sm3.c create mode 100644 sm3-meta.c create mode 100644 sm3.c create mode 100644 sm3.h create mode 100644 testsuite/sm3-test.c -- 2.32.0 ___ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
