tpm2-tss icon indicating copy to clipboard operation
tpm2-tss copied to clipboard

Published 20 hours ago verified publisher icon tpm2-software

ESAPI ossl crypto libraries need to add support for SM algorithms.

Open idesai opened this issue 3 years ago • 6 comments

idesai avatar Aug 11 '21 17:08 idesai

What about FAPI when it does software verification with public keys?

williamcroberts avatar Aug 11 '21 19:08 williamcroberts

OpenSSL does support the SM algorithms. But it seems to be difficult to test the implementation with a simulator supporting these algorithms. I think the announced switching to the EVP interface in the TPM reference implementation was not implemented: https://github.com/microsoft/ms-tpm-20-ref/issues/50

JuergenReppSIT avatar Aug 18 '21 10:08 JuergenReppSIT

SWTPM has an OpenSSL backend. I think it's configured by default IIRC.

williamcroberts avatar Aug 18 '21 15:08 williamcroberts

@williamcroberts I tried to compile libtpms (./configure --with-openssl) with SM3 and SM4 activated but got errors. For "#if SM4_128" there are even syntax errors in the source code.

JuergenReppSIT avatar Aug 18 '21 19:08 JuergenReppSIT

@williamcroberts I tried to compile libtpms (./configure --with-openssl) with SM3 and SM4 activated but got errors. For "#if SM4_128" there are even syntax errors in the source code.

Libtpms already supports SM4. If you want to test SM3 and SM4 with libtpms, then this patch might be helpful. I tried to get tpm2-tss to support sm3 and sm4 as well, but I found that the current CI environment (freebsd-12-2) does not support SM3 and SM4, so the main test failed. you can see this PR #2174.

JerryDevis avatar Sep 13 '21 16:09 JerryDevis

@AndreasFuchsSIT I tried to get tpm2-tss to support sm3 and sm4 in #2174. Please help me review this PR for me. Thanks very much.

JerryDevis avatar Oct 18 '21 12:10 JerryDevis