Closed randombit closed 5 years ago
4a6f656c
commented
6 years ago Thanks for the pull request - are you able to provide details regarding use cases for SM3 (specifically other applications or protocols that need it)? While we do not mind adding new algorithms, we tend to avoid bringing in new functionality unless there is a demonstrated need for it.
ronaldtse
commented
6 years ago We wrote to @bob-beck last year regarding contributing the SM algorithms to LibreSSL, and @4a6f656c were CC'ed too. Since he told us "diffs talk" here's what we promised.
The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and is widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI.
botovq
commented
6 years ago Apologies for the delay. I will look into this patch shortly. (CC @ronaldtse)
ronaldtse
commented
6 years ago @botovq thank you for the message! We actually have been holding off on the rest until we hear back, so feel free to let us know your thoughts; look forward to completing the contribution.
botovq
commented
5 years ago My apologies for the long silence and thank you for your patience. I can now announce that I will be able to merge a slightly modified version of this pull request. The timing is a bit tricky since we're approaching a new OpenBSD release, so it might take a few more weeks before it actually happens.
Same goes for the portable scaffold.
randombit
commented
5 years ago Sounds good let us know if there is anything we can do to help move things along.
ronaldtse
commented
5 years ago @botovq thanks for the update! As mentioned by @randombit we are happy to help with any issues on this PR. Feel free to let us know a good time for the next steps.
botovq
commented
5 years ago It is finally in. We will have a new release of libressl tomorrow that will include it (@busterb will take care of the -portable pull request).
Thanks for the pull request and the patience.
CC @ronaldtse
ronaldtse
commented
5 years ago @botovq thank you for letting us know! In this case can we take this as an OK to contribute the remaining SM4 and SM2 algorithms here?
CC @randombit
botovq
commented
5 years ago We will have to discuss this internally. The conditions for importing them will be the same as for SM3: it needs to be made clear that they are widely used and/or mandatory.
ronaldtse
commented
5 years ago @botovq indeed. Both SM4 (GB/T 32907, a 128-bit blockcipher) and SM2 (GB/T 32918, an EC cryptosystem) are in the same boat as SM3. Both are now included in ISO standards (SM4: ISO/IEC 18033-3, SM2: ISO/IEC 14888-3) since 2017.
The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and is widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI.
SM2 in particular is also mandated in the PBOK 3.0 standard, which is the mandatory standard for all contact/contactless cards within China.
botovq
commented
5 years ago @ronaldtse
Thanks for the reminder. As I said, I can't make promises but if the implementation is on par with SM3, please do send pull requests. I will look into them.
This adds the SM3 hash function from the Chinese standard GB/T 32905-2016.
I have only tested it with the portable scaffold on Linux (PR upcoming for that).
If it is better I can send this as a patch to the mailing list but it seemed easier to get initial comments on GH.
CC @ronaldtse