diff mbox series

[v2,1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3

Message ID 20200217093649.97938-2-tianjia.zhang@linux.alibaba.com (mailing list archive)
State Not Applicable
Delegated to: Herbert Xu
Headers show
Series [v2,1/2] crypto: fix mismatched hash algorithm name sm3-256 to sm3 | expand

Commit Message

tianjia.zhang Feb. 17, 2020, 9:36 a.m. UTC
The name sm3-256 is defined in hash_algo_name in hash_info, but the
algorithm name implemented in sm3_generic.c is sm3, which will cause
the sm3-256 algorithm to be not found in some application scenarios of
the hash algorithm, and an ENOENT error will occur. For example,
IMA, keys, and other subsystems that reference hash_algo_name all use
the hash algorithm of sm3.

According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
SM3 always produces a 256-bit hash value and there are no plans for
other length development, so there is no ambiguity in the name of sm3.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 Documentation/security/keys/trusted-encrypted.rst | 2 +-
 crypto/hash_info.c                                | 4 ++--
 drivers/char/tpm/tpm2-cmd.c                       | 2 +-
 include/crypto/hash_info.h                        | 2 +-
 include/linux/tpm.h                               | 2 +-
 include/uapi/linux/hash_info.h                    | 2 +-
 security/keys/trusted-keys/trusted_tpm2.c         | 2 +-
 7 files changed, 8 insertions(+), 8 deletions(-)

Comments

Mimi Zohar Feb. 18, 2020, 1:33 a.m. UTC | #1
On Mon, 2020-02-17 at 17:36 +0800, Tianjia Zhang wrote:
> The name sm3-256 is defined in hash_algo_name in hash_info, but the
> algorithm name implemented in sm3_generic.c is sm3, which will cause
> the sm3-256 algorithm to be not found in some application scenarios of
> the hash algorithm, and an ENOENT error will occur. For example,
> IMA, keys, and other subsystems that reference hash_algo_name all use
> the hash algorithm of sm3.
> 
> According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
> SM3 always produces a 256-bit hash value and there are no plans for
> other length development, so there is no ambiguity in the name of sm3.
> 
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

The previous version of this patch set is queued in the next-
integrity-testing branch.  That version of this patch didn't
change TPM_ALG_SM3_256.  Unless the TPM standard was modified, the TPM
spec refers to it as TPM_ALG_SM3_256.  Has that changed?

Mimi
tianjia.zhang Feb. 18, 2020, 2:43 a.m. UTC | #2
On 2020/2/18 9:33, Mimi Zohar wrote:
> On Mon, 2020-02-17 at 17:36 +0800, Tianjia Zhang wrote:
>> The name sm3-256 is defined in hash_algo_name in hash_info, but the
>> algorithm name implemented in sm3_generic.c is sm3, which will cause
>> the sm3-256 algorithm to be not found in some application scenarios of
>> the hash algorithm, and an ENOENT error will occur. For example,
>> IMA, keys, and other subsystems that reference hash_algo_name all use
>> the hash algorithm of sm3.
>>
>> According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
>> SM3 always produces a 256-bit hash value and there are no plans for
>> other length development, so there is no ambiguity in the name of sm3.
>>
>> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
>> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> The previous version of this patch set is queued in the next-
> integrity-testing branch.  That version of this patch didn't
> change TPM_ALG_SM3_256.  Unless the TPM standard was modified, the TPM
> spec refers to it as TPM_ALG_SM3_256.  Has that changed?
> 
> Mimi
> 

The definition in the TPM specification is still TPM_ALG_SM3_256, please
ignore the modification to the TPM definition in this patch.

Thanks,
Tianjia
Mimi Zohar Feb. 18, 2020, 2:24 p.m. UTC | #3
On Tue, 2020-02-18 at 10:34 +0800, Tianjia Zhang wrote:
> On 2020/2/18 9:33, Mimi Zohar wrote:
> > On Mon, 2020-02-17 at 17:36 +0800, Tianjia Zhang wrote:
> >> The name sm3-256 is defined in hash_algo_name in hash_info, but the
> >> algorithm name implemented in sm3_generic.c is sm3, which will cause
> >> the sm3-256 algorithm to be not found in some application scenarios of
> >> the hash algorithm, and an ENOENT error will occur. For example,
> >> IMA, keys, and other subsystems that reference hash_algo_name all use
> >> the hash algorithm of sm3.
> >>
> >> According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
> >> SM3 always produces a 256-bit hash value and there are no plans for
> >> other length development, so there is no ambiguity in the name of sm3.
> >>
> >> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> >> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > The previous version of this patch set is queued in the next-
> > integrity-testing branch.  That version of this patch didn't
> > change TPM_ALG_SM3_256.  Unless the TPM standard was modified, the TPM
> > spec refers to it as TPM_ALG_SM3_256.  Has that changed?
> >
> > Mimi
> 
> The definition in the TPM specification is still TPM_ALG_SM3_256, please
> ignore the modification to the TPM definition in this patch.

Ok.  Just confirming that I should ignore v2 of this patch set.
 Upstreaming the original version, as queued in next-integrity-
testing, is fine.

thanks,

Mimi
diff mbox series

Patch

diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
index 50ac8bcd6970..5b6fea88f335 100644
--- a/Documentation/security/keys/trusted-encrypted.rst
+++ b/Documentation/security/keys/trusted-encrypted.rst
@@ -66,7 +66,7 @@  Usage::
                      default 1 (resealing allowed)
        hash=         hash algorithm name as a string. For TPM 1.x the only
                      allowed value is sha1. For TPM 2.x the allowed values
-                     are sha1, sha256, sha384, sha512 and sm3-256.
+                     are sha1, sha256, sha384, sha512 and sm3.
        policydigest= digest for the authorization policy. must be calculated
                      with the same hash algorithm as specified by the 'hash='
                      option.
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index c754cb75dd1a..fe0119407219 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -26,7 +26,7 @@  const char *const hash_algo_name[HASH_ALGO__LAST] = {
 	[HASH_ALGO_TGR_128]	= "tgr128",
 	[HASH_ALGO_TGR_160]	= "tgr160",
 	[HASH_ALGO_TGR_192]	= "tgr192",
-	[HASH_ALGO_SM3_256]	= "sm3-256",
+	[HASH_ALGO_SM3]		= "sm3",
 	[HASH_ALGO_STREEBOG_256] = "streebog256",
 	[HASH_ALGO_STREEBOG_512] = "streebog512",
 };
@@ -50,7 +50,7 @@  const int hash_digest_size[HASH_ALGO__LAST] = {
 	[HASH_ALGO_TGR_128]	= TGR128_DIGEST_SIZE,
 	[HASH_ALGO_TGR_160]	= TGR160_DIGEST_SIZE,
 	[HASH_ALGO_TGR_192]	= TGR192_DIGEST_SIZE,
-	[HASH_ALGO_SM3_256]	= SM3256_DIGEST_SIZE,
+	[HASH_ALGO_SM3]		= SM3_DIGEST_SIZE,
 	[HASH_ALGO_STREEBOG_256] = STREEBOG256_DIGEST_SIZE,
 	[HASH_ALGO_STREEBOG_512] = STREEBOG512_DIGEST_SIZE,
 };
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 13696deceae8..44412538e47c 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -19,7 +19,7 @@  static struct tpm2_hash tpm2_hash_map[] = {
 	{HASH_ALGO_SHA256, TPM_ALG_SHA256},
 	{HASH_ALGO_SHA384, TPM_ALG_SHA384},
 	{HASH_ALGO_SHA512, TPM_ALG_SHA512},
-	{HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
+	{HASH_ALGO_SM3, TPM_ALG_SM3},
 };
 
 int tpm2_get_timeouts(struct tpm_chip *chip)
diff --git a/include/crypto/hash_info.h b/include/crypto/hash_info.h
index eb9d2e368969..07cd6e0b0fee 100644
--- a/include/crypto/hash_info.h
+++ b/include/crypto/hash_info.h
@@ -31,7 +31,7 @@ 
 #define TGR192_DIGEST_SIZE 24
 
 /* not defined in include/crypto/ */
-#define SM3256_DIGEST_SIZE 32
+#define SM3_DIGEST_SIZE 32
 
 extern const char *const hash_algo_name[HASH_ALGO__LAST];
 extern const int hash_digest_size[HASH_ALGO__LAST];
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index 03e9b184411b..042c3eb5f051 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -39,7 +39,7 @@  enum tpm_algorithms {
 	TPM_ALG_SHA384		= 0x000C,
 	TPM_ALG_SHA512		= 0x000D,
 	TPM_ALG_NULL		= 0x0010,
-	TPM_ALG_SM3_256		= 0x0012,
+	TPM_ALG_SM3		= 0x0012,
 };
 
 struct tpm_digest {
diff --git a/include/uapi/linux/hash_info.h b/include/uapi/linux/hash_info.h
index 74a8609fcb4d..1355525dd4aa 100644
--- a/include/uapi/linux/hash_info.h
+++ b/include/uapi/linux/hash_info.h
@@ -32,7 +32,7 @@  enum hash_algo {
 	HASH_ALGO_TGR_128,
 	HASH_ALGO_TGR_160,
 	HASH_ALGO_TGR_192,
-	HASH_ALGO_SM3_256,
+	HASH_ALGO_SM3,
 	HASH_ALGO_STREEBOG_256,
 	HASH_ALGO_STREEBOG_512,
 	HASH_ALGO__LAST
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 08ec7f48f01d..cbd5574a88c8 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -17,7 +17,7 @@  static struct tpm2_hash tpm2_hash_map[] = {
 	{HASH_ALGO_SHA256, TPM_ALG_SHA256},
 	{HASH_ALGO_SHA384, TPM_ALG_SHA384},
 	{HASH_ALGO_SHA512, TPM_ALG_SHA512},
-	{HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
+	{HASH_ALGO_SM3, TPM_ALG_SM3},
 };
 
 /**