lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200210031717.GA5198@sol.localdomain>
Date:   Sun, 9 Feb 2020 19:17:17 -0800
From:   Eric Biggers <ebiggers@...nel.org>
To:     Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
Cc:     herbert@...dor.apana.org.au, davem@...emloft.net,
        zohar@...ux.ibm.com, dmitry.kasatkin@...il.com, jmorris@...ei.org,
        serge@...lyn.com, linux-crypto@...r.kernel.org,
        linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] crypto: sm3 - add a new alias name sm3-256

On Fri, Feb 07, 2020 at 05:22:18PM +0800, Tianjia Zhang wrote:
> The name sm3-256 is defined in hash_algo_name in hash_info, but the
> algorithm name implemented in sm3_generic.c is sm3, which will cause
> the sm3-256 algorithm to be not found in some application scenarios of
> the hash algorithm, and an ENOENT error will occur. For example,
> IMA, keys, and other subsystems that reference hash_algo_name cannot use
> the hash algorithm of sm3. This patch adds an alias name sm3-256 to sm3,
> which can better solve the above problems.
> 
> Signed-off-by: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
> ---
>  crypto/sm3_generic.c | 21 +++++++++++++++++----
>  1 file changed, 17 insertions(+), 4 deletions(-)
> 
> diff --git a/crypto/sm3_generic.c b/crypto/sm3_generic.c
> index 3468975215ca..ded41031bd5f 100644
> --- a/crypto/sm3_generic.c
> +++ b/crypto/sm3_generic.c
> @@ -163,7 +163,7 @@ int crypto_sm3_finup(struct shash_desc *desc, const u8 *data,
>  }
>  EXPORT_SYMBOL(crypto_sm3_finup);
>  
> -static struct shash_alg sm3_alg = {
> +static struct shash_alg sm3_algs[2] = { {
>  	.digestsize	=	SM3_DIGEST_SIZE,
>  	.init		=	sm3_base_init,
>  	.update		=	crypto_sm3_update,
> @@ -176,16 +176,28 @@ static struct shash_alg sm3_alg = {
>  		.cra_blocksize	 =	SM3_BLOCK_SIZE,
>  		.cra_module	 =	THIS_MODULE,
>  	}
> -};
> +}, {
> +	.digestsize	=	SM3_DIGEST_SIZE,
> +	.init		=	sm3_base_init,
> +	.update		=	crypto_sm3_update,
> +	.final		=	sm3_final,
> +	.finup		=	crypto_sm3_finup,
> +	.descsize	=	sizeof(struct sm3_state),
> +	.base		=	{
> +		.cra_name	 =	"sm3-256",
> +		.cra_blocksize	 =	SM3_BLOCK_SIZE,
> +		.cra_module	 =	THIS_MODULE,
> +	}
> +} };

According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
SM3 always produces a 256-bit hash value.  E.g., it says:

	"SM3 produces an output hash value of 256 bits long"

and

	"SM3 is a hash function that generates a 256-bit hash value."

I don't see any mention of "SM3-256".

So why not just keep it as "sm3" and change hash_info.c instead?
Since the name there is currently wrong, no one can be using it yet.

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ