Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: support RFC8998 SM3 #54087

Open
xuweiguo opened this issue Jul 27, 2022 · 5 comments
Open

crypto/tls: support RFC8998 SM3 #54087

xuweiguo opened this issue Jul 27, 2022 · 5 comments
Labels
NeedsDecision Feedback is required from experts, contributors, and/or the community before a change can be made. Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone

Comments

@xuweiguo
Copy link

xuweiguo commented Jul 27, 2022

can tls support RFC8998

include TLS_SM4_GCM_SM3

@mvdan mvdan changed the title can tls support RFC8998 crypto/tls: support RFC8998 Jul 27, 2022
@mvdan
Copy link
Member

mvdan commented Jul 27, 2022

cc @golang/security

@mvdan mvdan added the NeedsDecision Feedback is required from experts, contributors, and/or the community before a change can be made. label Jul 27, 2022
@neild neild added the Proposal-Crypto Proposal related to crypto packages or other security issues label Jul 27, 2022
@mengzhuo
Copy link
Contributor

mengzhuo commented Jul 28, 2022

FYI sm3 proposal and CL
#24898
https://go-review.googlesource.com/c/crypto/+/106615

@xuweiguo
Copy link
Author

xuweiguo commented Jul 28, 2022

can use it in tls.dial

@xuweiguo xuweiguo closed this as not planned Won't fix, can't repro, duplicate, stale Jul 28, 2022
@xuweiguo xuweiguo reopened this Jul 28, 2022
@mengzhuo
Copy link
Contributor

mengzhuo commented Jul 29, 2022

can use it in tls.dial

Not yet.
Here are some steps for RFC 8998 accpeted by Go:

  1. new package golang.org/x/crypto/sm4
  2. new package golang.org/x/crypto/sm3
  3. port them back into Go main project
  4. crypto/tls adding new cipher suites (CCM might be rejected)

@xuweiguo
Copy link
Author

xuweiguo commented Jul 29, 2022

use sm4/sm3 made by others to realize the above steps, but it failed
Babassl has been unable to connect

@seankhliao seankhliao changed the title crypto/tls: support RFC8998 crypto/tls: support RFC8998 SM3 Jul 29, 2022
@seankhliao seankhliao added this to the Unplanned milestone Aug 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsDecision Feedback is required from experts, contributors, and/or the community before a change can be made. Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
None yet
Development

No branches or pull requests

5 participants