Add SM2 #105
Open
Add SM2 #105
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 30 commits
January 14, 2019 06:23
Checking Disabled flag. Introduce a RES flag to do so. ok krw@ deraadt@ eric@
CAVEATS pointing to the new CAVEATS section in setlocale(3). Make those in wprintf(3) and wscanf(3) more concise since duplicate information is a bad idea. Incompleteness of information originally pointed out by millert@. OK millert@
At the moment this is mechanical, with the functions renamed. This will be refactored for tls13. ok jsing@
as per RFC8446 section 4.2. Recognized extensions that appear in an incorrect message must abort the handshake. ok jsing@
The read callback returns a TLS13_IO_* value on EOF, failure, want pollin or want pollout, or a positive value indicating the number of bytes read. This will be used by upcoming TLSv1.3 handshake message and record processing code, both of which need the ability to read a fixed size header, before extending the buffer to the number of bytes specified in the header. ok beck@ tb@
When the TLS extension code was rewritten, TLS extensions could only exist
in ClientHello and ServerHello messages - as such, they were named in pairs
of *_clienthello_{needs,build} which would be called by the client and
*_clienthello_parse. Likewise for *_serverhello_{needs,build} which would
be called by a server and *_serverhello_parse, which would be called by a
client.
Enter TLSv1.3 - TLS extensions can now exist in one of seven messages,
with only certain types being allowed to appear in each, meaning the naming
scheme no longer works. Instead, rename them to indicate the caller rather
than the message type - this effectively means:
clienthello_needs -> client_needs
clienthello_build -> client_build
clienthello_parse -> server_parse
serverhello_needs -> server_needs
serverhello_build -> server_build
serverhello_parse -> client_parse
ok beck@ tb@
appear with which messages. ok jsing@
pbkdf2 with OpenSSL compatible flags ok jsing@
Update the handshake state tables and flag names according to the design decisions and naming conventions in the hackroom. Garbage collect some things that turn out not to belong here. ok jsing
clearly stating which arguments have to be avoided, and mention the header files defining the constants required for the checks. Feedback and OK guenther@, OK bluhm@.
* mention LC_COLLATE; * clarify that all these functions are infested, including the *_l() versions; * avoid ENVIRONMENT, these functions don't inspect it; * and point to the C library functions that change the locale. OK millert@
…sic regress ok jsing@
Reorder option descriptions so -iter and -pbkdf2 show up alphabetically. Add missing argument name for -iter. ok jmc@
This commit adds init/free, support for signing, setting and getting the method, engine support as well as extra data. from markus
This commit adds missing API for ECDH/ECDSA_verify. from markus
Pass const method to EC_KEY_METHOD_get_*() to get rid of an XXX. from markus
|
@botovq I updated with the commit. Will stop for now, however once you've got to back to this PR feel free to ping me once any other changes and/or fixes are required. |
|
Thank you! Will do.
|
|
Hi @botovq , a quick ping since it's now May, with summer looming. Any bandwidth in merging this? Thanks! |
|
@botovq quick check on whether we can move forward with the PR -- trying to tie up the loose ends! |
|
@ronaldtse: Apologies for the long silence. It's getting close to the
top of my to-do list. I will get back to you shortly (a week or two,
hopefully).
|
|
@botovq thanks for the excellent news -- we're on standby when you need us. |
busterb
pushed a commit
that referenced
this pull request
Aug 18, 2021
This adds the SM2 algorithm defined in the Chinese standards GB/T 32918.1-2016, GB/T 32918.2-2016, GB/T 32918.3-2016, GB/T 32918.4-2016 and GB/T 32918.5-2017. This is an ISC licensed implementation contributed by Ribose.inc, based on the same code that was contributed to OpenSSL by Jack Lloyd. The port to LibreSSL was done by Ronald Tse and Nickolay Olshevsky. Github PR #105 I made quite a few cleanup passes on this, but more is needed, some of which will happen in-tree before this is linked to the build. ok deraadt inoguchi (a long time ago), jsing
busterb
force-pushed
the
master
branch
3 times, most recently
from
388f2ae
to
a2210d0
Compare
botovq
force-pushed
the
master
branch
6 times, most recently
from
fc84c6d
to
384d7c0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds the SM2 algorithm defined in the Chinese standards GB/T 32918.1-2016, GB/T 32918.2-2016, GB/T 32918.3-2016, GB/T 32918.4-2016 and GB/T 32918.5-2017.
The code was ported from our original OpenSSL contribution (thanks @randombit!) with a number of changes to adapt to LibreSSL since the interface is rather different. The implementation was done by @ni4.
This is a contribution from Ribose Inc (@riboseinc).
P.S. It currently includes the code from #103 and will require a rebase.
cc: @bob-beck @botovq @dewyatt