[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6] crypto: Introduce SM4 symmetric cipher algorithm
|
From: |
Daniel P . Berrangé |
|
Subject: |
Re: [PATCH v6] crypto: Introduce SM4 symmetric cipher algorithm |
|
Date: |
Mon, 11 Mar 2024 10:14:58 +0000 |
|
User-agent: |
Mutt/2.2.12 (2023-09-09) |
On Mon, Mar 11, 2024 at 09:32:32AM +0000, Daniel P. Berrangé wrote:
> On Fri, Mar 08, 2024 at 09:30:52PM +0100, Thomas Huth wrote:
> > On 07/12/2023 16.47, Hyman Huang wrote:
> > > Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016).
> > >
> > > SM4 (GBT.32907-2016) is a cryptographic standard issued by the
> > > Organization of State Commercial Administration of China (OSCCA)
> > > as an authorized cryptographic algorithms for the use within China.
> > >
> > > Detect the SM4 cipher algorithms and enable the feature silently
> > > if it is available.
> > >
> > > Signed-off-by: Hyman Huang <yong.huang@smartx.com>
> > > Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> > > ---
> >
> > FYI, starting with this commit, tests/unit/test-crypto-cipher is now failing
> > on s390x hosts (i.e. big endian machines)... could be that there is maybe an
> > endianess issue somewhere in here...
>
> Or more worringly the issue could be in nettle's impl of SM4, as
> I'm not seeing an obvious place in this QEMU glue layer which
> could cause endianness mistakes.
This is not a s390x problem in fact, it happens on all arches.
For unknown reasons RHEL has disabled build of the SM4 cipher
algorithm in libgcrypt.
If building QEMU with nettle you won't see the problem, as the
nettle in RHEL is too old currently.
If building QEMU with gnutls you won't see the issue as gnutls
doesn't support SM4 cipher at all.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|