Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:26
erlang
2211-Add-support-for-sm3-hash-and-hmac.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 2211-Add-support-for-sm3-hash-and-hmac.patch of Package erlang
From 42f210959181f36dca09715f1d7d5f5d82e1ec79 Mon Sep 17 00:00:00 2001 From: zeyun chen <chenzeyun.zju@gmail.com> Date: Thu, 12 Jan 2023 10:52:13 +0800 Subject: [PATCH] Add support for sm3 hash and hmac --- lib/crypto/c_src/algorithms.c | 5 ++- lib/crypto/c_src/check_openssl.cocci | 1 + lib/crypto/c_src/digest.c | 8 ++++ lib/crypto/c_src/openssl_config.h | 4 ++ lib/crypto/doc/guides/algorithm_details.md | 1 + lib/crypto/src/crypto.erl | 11 ++++-- lib/crypto/test/crypto_SUITE.erl | 43 +++++++++++++++++++++- 7 files changed, 67 insertions(+), 6 deletions(-) diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c index c7e1fdea04..24bb006496 100644 --- a/lib/crypto/c_src/algorithms.c +++ b/lib/crypto/c_src/algorithms.c @@ -29,7 +29,7 @@ #ifdef HAS_3_0_API #else static unsigned int algo_hash_cnt, algo_hash_fips_cnt; -static ERL_NIF_TERM algo_hash[16]; /* increase when extending the list */ +static ERL_NIF_TERM algo_hash[17]; /* increase when extending the list */ void init_hash_types(ErlNifEnv* env); #endif @@ -130,6 +130,9 @@ void init_hash_types(ErlNifEnv* env) { #ifdef HAVE_SHAKE256 algo_hash[algo_hash_cnt++] = enif_make_atom(env, "shake256"); #endif +#ifdef HAVE_SM3 + algo_hash[algo_hash_cnt++] = enif_make_atom(env, "sm3"); +#endif #ifdef HAVE_BLAKE2 algo_hash[algo_hash_cnt++] = enif_make_atom(env, "blake2b"); algo_hash[algo_hash_cnt++] = enif_make_atom(env, "blake2s"); diff --git a/lib/crypto/c_src/check_openssl.cocci b/lib/crypto/c_src/check_openssl.cocci index 69259f7638..b1d9c869b6 100644 --- a/lib/crypto/c_src/check_openssl.cocci +++ b/lib/crypto/c_src/check_openssl.cocci @@ -88,6 +88,7 @@ // EVP_shake128 // EVP_shake256 // EVP_sha512 +// EVP_sm3 // OpenSSL_version // OpenSSL_version_num // PEM_read_PrivateKey diff --git a/lib/crypto/c_src/digest.c b/lib/crypto/c_src/digest.c index 775077cb8a..01b6cbe751 100644 --- a/lib/crypto/c_src/digest.c +++ b/lib/crypto/c_src/digest.c @@ -130,6 +130,14 @@ static struct digest_type_t digest_types[] = #endif }, + {"sm3", "SM3", 0, 0, +#ifdef HAVE_SM3 + {&EVP_sm3, NULL} +#else + {NULL,NULL} +#endif + }, + {"blake2b", "BLAKE2b512", 0, 0, #ifdef HAVE_BLAKE2 {&EVP_blake2b512,NULL} diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h index 8a924a13f9..afa84e7757 100644 --- a/lib/crypto/c_src/openssl_config.h +++ b/lib/crypto/c_src/openssl_config.h @@ -180,6 +180,10 @@ && !defined(OPENSSL_NO_SHA512) && defined(NID_sha512) # define HAVE_SHA512 #endif +#if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,1,1) \ + && !defined(OPENSSL_NO_SM3) && defined(NID_sm3) +# define HAVE_SM3 +#endif // SHA3: #if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,1,1) diff --git a/lib/crypto/doc/src/algorithm_details.xml b/lib/crypto/doc/src/algorithm_details.xml index 7081c25783..1a9e44712b 100644 --- a/lib/crypto/doc/src/algorithm_details.xml +++ b/lib/crypto/doc/src/algorithm_details.xml @@ -265,6 +265,7 @@ <row><cell>SHA1</cell><cell>sha</cell><cell></cell></row> <row><cell>SHA2</cell><cell>sha224, sha256, sha384, sha512</cell><cell></cell></row> <row><cell>SHA3</cell><cell>sha3_224, sha3_256, sha3_384, sha3_512, shake128, shake256</cell><cell>≥1.1.1</cell></row> + <row><cell>SM3</cell><cell>sm3</cell><cell></cell></row> <row><cell>MD4</cell><cell>md4</cell><cell></cell></row> <row><cell>MD5</cell><cell>md5</cell><cell></cell></row> <row><cell>RIPEMD</cell><cell>ripemd160</cell><cell></cell></row> diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 7081c25783..1a9e44712b 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -48,6 +48,10 @@ <item> <url href="https://blake2.net/">BLAKE2 — fast secure hashing</url> </item> + <tag>SM3</tag> + <item> + <url href="https://datatracker.ietf.org/doc/html/draft-sca-cfrg-sm3-02">The SM3 Hash Function (GM/T 0004-2012)</url> + </item> <tag>MD5</tag> <item> <url href="http://www.ietf.org/rfc/rfc1321.txt">The MD5 Message Digest Algorithm [RFC 1321]</url> diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 6ab0d9bd19..08132dfe75 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -531,7 +531,7 @@ stop() -> | {macs, Macs} | {curves, Curves} | {rsa_opts, RSAopts}, - Hashs :: [sha1() | sha2() | sha3() | sha3_xof() | blake2() | ripemd160 | compatibility_only_hash()], + Hashs :: [sha1() | sha2() | sha3() | sha3_xof() | blake2() | ripemd160 | sm3 | compatibility_only_hash()], Ciphers :: [cipher()], PKs :: [rsa | dss | ecdsa | dh | ecdh | eddh | ec_gf2m], Macs :: [hmac | cmac | poly1305], @@ -624,7 +624,7 @@ pbkdf2_hmac_nif(_, _, _, _, _) -> ?nif_stub. %%% %%%================================================================ --type hash_algorithm() :: sha1() | sha2() | sha3() | sha3_xof() | blake2() | ripemd160 | compatibility_only_hash() . +-type hash_algorithm() :: sha1() | sha2() | sha3() | sha3_xof() | blake2() | ripemd160 | sm3 | compatibility_only_hash() . -type hash_xof_algorithm() :: sha3_xof() . -spec hash_info(Type) -> Result @@ -684,7 +684,7 @@ hash_final_xof(Context, Length) -> %%% %%%================================================================ --type hmac_hash_algorithm() :: sha1() | sha2() | sha3() | compatibility_only_hash(). +-type hmac_hash_algorithm() :: sha1() | sha2() | sha3() | sm3 | compatibility_only_hash(). -type cmac_cipher_algorithm() :: aes_128_cbc | aes_192_cbc | aes_256_cbc | aes_cbc | blowfish_cbc diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index d9b3357999..18971a3b30 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -248,6 +248,7 @@ groups() -> {group, shake128}, {group, shake256}, {group, sha}, + {group, sm3}, {group, dh}, {group, ecdh}, @@ -313,6 +314,7 @@ groups() -> {group, sha256}, {group, sha384}, {group, sha512}, + {group, sm3}, {group, dh}, {group, ecdh}, @@ -374,6 +376,7 @@ groups() -> {sha3_512, [], [hash, hmac, hmac_update]}, {shake128, [], [hash_xof]}, {shake256, [], [hash_xof]}, + {sm3, [], [hash, hmac]}, {blake2b, [], [hash, hmac, hmac_update]}, {blake2s, [], [hash, hmac, hmac_update]}, {no_blake2b, [], [no_hash, no_hmac]}, @@ -1217,7 +1220,7 @@ use_all_ec_sign_verify(_Config) -> Msg = <<"hello world!">>, Sups = crypto:supports(), Curves = proplists:get_value(curves, Sups), - Hashs = proplists:get_value(hashs, Sups) -- [shake128, shake256], + Hashs = proplists:get_value(hashs, Sups) -- [shake128, shake256, sm3], ct:log("Lib: ~p~nFIPS: ~p~nCurves:~n~p~nHashs: ~p", [crypto:info_lib(), crypto:info_fips(), Curves, @@ -2182,6 +2185,9 @@ group_config(sha3_384 = Type, Config) -> group_config(sha3_512 = Type, Config) -> {Msgs,Digests} = sha3_test_vectors(Type), [{hash, {Type, Msgs, Digests}} | Config]; +group_config(sm3 = Type, Config) -> + {Msgs,Digests} = sm3_test_vectors(), + [{hash, {Type, Msgs, Digests}} | Config]; group_config(shake128 = Type, Config) -> {Msgs,Digests,Lengths} = sha3_shake128_test_vectors(Type), [{hash_xof, {Type, 128, Msgs, Digests, Lengths}} | Config]; @@ -2343,6 +2349,11 @@ do_configure_mac(hmac, Type, _Config) -> Data = rfc_4231_msgs() ++ [long_msg()], Hmac = rfc4231_hmac_sha512() ++ [long_hmac(sha512)], zip3_special(hmac, Type, Keys, Data, Hmac); + sm3 -> + Keys = sm3_keys(), + Data = sm3_msgs(), + Hmac = sm3_hmac(), + zip3_special(hmac, Type, Keys, Data, Hmac); sha3_224 -> hmac_sha3(Type); sha3_256 -> @@ -2696,6 +2707,13 @@ sha3_shake256_test_vectors(shake256) -> ] }. +sm3_test_vectors() -> + %% test vectors comes from Examples (A.1 A.2) of GM/T 0004-2012 + {[<<"abc">>, binary:copy(<<"abcd">>, 16)], + [hexstr2bin("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0"), + hexstr2bin("debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732") + ]}. + %%% http://www.wolfgang-ehrhardt.de/hmac-sha3-testvectors.html hmac_sha3(Type) -> @@ -3081,6 +3099,29 @@ rfc4231_hmac_sha512() -> "debd71f8867289865df5a32d20cdc944" "b6022cac3c4982b10d5eeb55c3e4de15" "134676fb6de0446065c97440fa8c6a58")]. + +%% HMAC-SM3 from GM/T 0042-2015 Appendix D.3 +%% https://github.com/openssl/openssl/pull/18714 +sm3_keys() -> + [hexstr2bin("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20"), + hexstr2bin("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425"), + binary:copy(<<16#0b>>, 32), + <<"Jefe">> + ]. + +sm3_msgs() -> + [<<"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq">>, + binary:copy(<<16#cd>>, 50), + <<"Hi There">>, + <<"what do ya want for nothing?">> + ]. + +sm3_hmac() -> + [hexstr2bin("ca05e144ed05d1857840d1f318a4a8669e559fc8391f414485bfdf7bb408963a"), + hexstr2bin("220bf579ded555393f0159f66c99877822a3ecf610d1552154b41d44b94db3ae"), + hexstr2bin("c0ba18c68b90c88bc07de794bfc7d2c8d19ec31ed8773bc2b390c9604e0be11e"), + hexstr2bin("2e87f1d16862e6d964b50a5200bf2b10b764faa9680a296a2405f24bec39f882") + ]. des_cbc(_) -> [{des_cbc, hexstr2bin("0123456789abcdef"), -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
