From a62420d94a56c8add7e962bb5811fb597aa699d2 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Thu, 5 Feb 2026 14:00:21 +0330 Subject: [PATCH 1/3] Add ShangMi (SM2/SM3/SM4/SM9) algorithm families (#811) Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 68 ++++++++++++++++++++++++++++ schema/cryptography-defs.schema.json | 6 ++- 2 files changed, 73 insertions(+), 1 deletion(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 761c6672..0ca36a6b 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -827,6 +827,74 @@ } ] }, + { + "family": "SM2", + "standard": [ + { + "name": "RFC8998", + "url": "https://www.rfc-editor.org/rfc/rfc8998.html" + } + ], + "variant": [ + { + "pattern": "SM2[-{keyLength}]", + "primitive": "signature" + }, + { + "pattern": "SM2-ENC[-{keyLength}]", + "primitive": "pke" + }, + { + "pattern": "SM2-KEYEXCHANGE[-{keyLength}]", + "primitive": "key-agree" + } + ] + }, + { + "family": "SM3", + "standard": [ + { + "name": "RFC8998", + "url": "https://www.rfc-editor.org/rfc/rfc8998.html" + } + ], + "variant": [ + { + "pattern": "SM3", + "primitive": "hash" + } + ] + }, + { + "family": "SM4", + "standard": [ + { + "name": "ISO/IEC18033-3:2010/Amd1:2021", + "url": "https://www.iso.org/standard/81564.html" + } + ], + "variant": [ + { + "pattern": "SM4[-(ECB|CBC|CFB|OFB|CTR|XTS)][-{padding}][-{ivlen}]", + "primitive": "block-cipher" + } + ] + }, + { + "family": "SM9", + "standard": [ + { + "name": "RFC8998", + "url": "https://www.rfc-editor.org/rfc/rfc8998.html" + } + ], + "variant": [ + { + "pattern": "SM9", + "primitive": "other" + } + ] + }, { "family": "SEED", "standard": [ diff --git a/schema/cryptography-defs.schema.json b/schema/cryptography-defs.schema.json index 1f06fdff..288fc016 100644 --- a/schema/cryptography-defs.schema.json +++ b/schema/cryptography-defs.schema.json @@ -305,6 +305,10 @@ "SHA-2", "SHA-3", "SLH-DSA", + "SM2", + "SM3", + "SM4", + "SM9", "SNOW3G", "SP800-108", "Salsa20", @@ -573,4 +577,4 @@ ] } } -} \ No newline at end of file +} From fd763e5c30006d29a3925dabe42414bd23747ac3 Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Thu, 5 Feb 2026 23:56:26 +0330 Subject: [PATCH 2/3] Add ShangMi AEAD modes and refine SM9 variants Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 0ca36a6b..9b76d167 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -837,15 +837,15 @@ ], "variant": [ { - "pattern": "SM2[-{keyLength}]", + "pattern": "SM2-256", "primitive": "signature" }, { - "pattern": "SM2-ENC[-{keyLength}]", + "pattern": "SM2-(ENC|ENCRYPTION)-256", "primitive": "pke" }, { - "pattern": "SM2-KEYEXCHANGE[-{keyLength}]", + "pattern": "SM2-(KEX|KEYEXCHANGE|KEY-EXCHANGE)-256", "primitive": "key-agree" } ] @@ -877,6 +877,10 @@ { "pattern": "SM4[-(ECB|CBC|CFB|OFB|CTR|XTS)][-{padding}][-{ivlen}]", "primitive": "block-cipher" + }, + { + "pattern": "SM4-(GCM|CCM)[-{tagLength}][-{ivLength}]", + "primitive": "ae" } ] }, @@ -884,14 +888,26 @@ "family": "SM9", "standard": [ { - "name": "RFC8998", - "url": "https://www.rfc-editor.org/rfc/rfc8998.html" + "name": "GM/T0044.1-2016", + "url": "https://www.gmbz.org.cn/upload/2025-01-23/1737625691994053970.pdf" } ], "variant": [ { - "pattern": "SM9", - "primitive": "other" + "pattern": "SM9-(SIG|SIGNATURE)", + "primitive": "signature" + }, + { + "pattern": "SM9-(KEX|KEYEXCHANGE|KEY-EXCHANGE|KEYAGREE|KEYAGREEMENT|KEY-AGREE|KEY-AGREEMENT)", + "primitive": "key-agree" + }, + { + "pattern": "SM9-(KEM|KEYENCAPSULATION|KEY-ENCAPSULATION)", + "primitive": "kem" + }, + { + "pattern": "SM9-(ENC|ENCRYPTION|PKE|PUBLICKEY-ENCRYPTION|PUBLIC-KEY-ENCRYPTION)", + "primitive": "pke" } ] }, From f21fcb0836a4162a621b4547c7cd99e9d45f603b Mon Sep 17 00:00:00 2001 From: Mehrn0ush Date: Fri, 6 Feb 2026 14:17:14 +0330 Subject: [PATCH 3/3] Make SM2-256 suffix optional in registry patterns Signed-off-by: Mehrn0ush --- schema/cryptography-defs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/schema/cryptography-defs.json b/schema/cryptography-defs.json index 9b76d167..db0f2dfd 100644 --- a/schema/cryptography-defs.json +++ b/schema/cryptography-defs.json @@ -837,15 +837,15 @@ ], "variant": [ { - "pattern": "SM2-256", + "pattern": "SM2[-256]", "primitive": "signature" }, { - "pattern": "SM2-(ENC|ENCRYPTION)-256", + "pattern": "SM2-(ENC|ENCRYPTION)[-256]", "primitive": "pke" }, { - "pattern": "SM2-(KEX|KEYEXCHANGE|KEY-EXCHANGE)-256", + "pattern": "SM2-(KEX|KEYEXCHANGE|KEY-EXCHANGE|KEYAGREE|KEY-AGREE|KEYAGREEMENT|KEY-AGREEMENT)[-256]", "primitive": "key-agree" } ]