Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: ShangMi(SM2, SM3, SM4, ...) crypto support in dotnet #111658

Closed
olaf-lange opened this issue Jan 21, 2025 · 3 comments
Closed

Question: ShangMi(SM2, SM3, SM4, ...) crypto support in dotnet #111658

olaf-lange opened this issue Jan 21, 2025 · 3 comments

Comments

@olaf-lange
Copy link

olaf-lange commented Jan 21, 2025

Hi,
are there any plans to support the ShangMi suite of algorithms, ciphers, curves etc. in dotnet?

there's an oss implementation https://github.com/GmSSL, which apparently supports C, Java, Python, Go and JS, just wondering, if there's a plan for dotnet to support those as well.

for reference:
https://datatracker.ietf.org/doc/html/rfc8998

@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label Jan 21, 2025
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@olaf-lange olaf-lange changed the title Question: ShangMi(SM2,SM3 & SM4, ...) crypto support in dotnet Question: ShangMi(SM2, SM3, SM4, ...) crypto support in dotnet Jan 21, 2025
@huoyaoyuan
Copy link
Member

By policy, .NET don't provide cryptographic algorithm itself and always depend on underlying OS to provide the implementations.

To get exported by .NET BCL, it requires somehow of popularity. Some algorithms implemented by OpenSSL but lacks in Windows are still not included. For example, Ed25519(#63174) has been requested for a long time, but still pending for more platforms to supported.

Specific to SM suites, the answer should be "very unlikely": it's only included in openssl, which isn't used on Windows. You can create a third-party implementation of the algorithm, but .NET won't provide a first-party one.

@bartonjs
Copy link
Member

You linked to SM4-in-TLS. .NET doesn't have an implementation of TLS, we depend on the underlying platforms. So, if macOS adds SM4 to their TLS stack we'll use it on macOS; etc.

But there are no plans at this time to add those algorithms into .NET itself

@dotnet-policy-service dotnet-policy-service bot removed the untriaged New issue has not been triaged by the area owner label Jan 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants