crypto: Introduce SM3 hash hmac pbkdf algorithm

Introduce the SM3 cryptographic hash algorithm (GB/T 32905-2016). SM3 (GB/T 32905-2016) is a cryptographic standard issued by the Organization of State Commercial Cryptography Administration (OSCCA) as an authorized cryptographic algorithm for use within China. Detect the SM3 cryptographic hash algorithm and enable the feature silently if it is available. Signed-off-by: cheliequan <cheliequan@inspur.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2025-08-05 00:33:55 -06:00 · 2024-10-30 08:51:46 +00:00 · 2024-10-30 08:51:46 +00:00 · d078da86d6
commit d078da86d6
parent 62eb377e0a
13 changed files with 135 additions and 1 deletions
--- a/crypto/pbkdf-nettle.c
+++ b/crypto/pbkdf-nettle.c
@ -34,6 +34,9 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgo hash)
    case QCRYPTO_HASH_ALGO_SHA384:
    case QCRYPTO_HASH_ALGO_SHA512:
    case QCRYPTO_HASH_ALGO_RIPEMD160:
+#ifdef CONFIG_CRYPTO_SM3
+    case QCRYPTO_HASH_ALGO_SM3:
+#endif
        return true;
    default:
        return false;
@ -55,6 +58,9 @@ int qcrypto_pbkdf2(QCryptoHashAlgo hash,
        struct hmac_sha384_ctx sha384;
        struct hmac_sha512_ctx sha512;
        struct hmac_ripemd160_ctx ripemd160;
+#ifdef CONFIG_CRYPTO_SM3
+        struct hmac_sm3_ctx sm3;
+#endif
    } ctx;

    if (iterations > UINT_MAX) {
@ -106,6 +112,13 @@ int qcrypto_pbkdf2(QCryptoHashAlgo hash,
        PBKDF2(&ctx.ripemd160, hmac_ripemd160_update, hmac_ripemd160_digest,
               RIPEMD160_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
        break;
+#ifdef CONFIG_CRYPTO_SM3
+    case QCRYPTO_HASH_ALGO_SM3:
+        hmac_sm3_set_key(&ctx.sm3, nkey, key);
+        PBKDF2(&ctx.sm3, hmac_sm3_update, hmac_sm3_digest,
+               SM3_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+#endif

    default:
        error_setg_errno(errp, ENOSYS,