{"id":19579739,"url":"https://github.com/wolfssl/wolfsm","last_synced_at":"2025-06-26T02:04:19.522Z","repository":{"id":180172812,"uuid":"598351985","full_name":"wolfSSL/wolfsm","owner":"wolfSSL","description":"wolfSSL SM cipher implementations","archived":false,"fork":false,"pushed_at":"2025-04-11T20:39:22.000Z","size":1616,"stargazers_count":17,"open_issues_count":0,"forks_count":9,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-04-27T08:36:30.511Z","etag":null,"topics":["cipher","cryptography","decryption","ecdh","embedded","encryption","hash","iot","security","shangmi","sm2","sm3","wolfcrypt"],"latest_commit_sha":null,"homepage":"https://www.wolfssl.com","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wolfSSL.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-02-06T23:32:15.000Z","updated_at":"2025-04-11T20:39:27.000Z","dependencies_parsed_at":"2024-05-14T00:34:41.518Z","dependency_job_id":"7f434a38-ca85-4476-bc4c-4357e93ad5a0","html_url":"https://github.com/wolfSSL/wolfsm","commit_stats":null,"previous_names":["wolfssl/wolfsm"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/wolfSSL/wolfsm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfsm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfsm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfsm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfsm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wolfSSL","download_url":"https://codeload.github.com/wolfSSL/wolfsm/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfsm/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261984651,"owners_count":23240303,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cipher","cryptography","decryption","ecdh","embedded","encryption","hash","iot","security","shangmi","sm2","sm3","wolfcrypt"],"created_at":"2024-11-11T07:18:50.725Z","updated_at":"2025-06-26T02:04:19.489Z","avatar_url":"https://github.com/wolfSSL.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# wolfSSL SM Algorithms\n\nThis repository contains the implementations of the Chinese Nation Standard's\ncryptographic algorithms known as ShangMi (SM).\n\nSupport includes:\n* SM3 - Hash Function\n* SM4 - Cipher\n* SM2 - ECDH key agreement and a signature scheme using the specified 256-bit elliptic curve.\n\nThe code must be installed into wolfSSL in order to be used.\n\nNote that the test and build configuration code is already in wolfSSL.\n\n## Get wolfsm from GitHub\n\nClone this repository from GitHub:\n\n```\ngit clone https://github.com/wolfssl/wolfsm.git\n```\n\n## Get wolfSSL from GitHub\n\nwolfSSL is needed to build and test the SM algorithm implementations.\nCheckout the wolfSSL repository from GitHub beside wolfsm:\n\n```\n\u003cinstall-dir\u003e\n├── wolfsm\n└── wolfssl\n```\n\n```\ncd .. # To directory containing wolfsm\ngit clone https://github.com/wolfssl/wolfssl.git\n```\n\n## Install SM code into wolfSSL\n\nTo install the SM code into wolfSSL, use the install script:\n\n```\ncd wolfsm\n./install.sh\n```\n\nThe following files will be placed in wolfssl/wolfssl/wolfcrypt:\n* sm2.h\n* sm3.h\n* sm4.h\n\nThe following files will be placed in wolfssl/wolfcrypt/src:\n* sm2.c\n* sp_sm2_arm32.c      (Assembly optimised SM2 for ARM 32-bit)\n* sp_sm2_arm64.c      (Assembly optimised SM2 for Aarch64)\n* sp_sm2_armthumb.c   (Assembly optimised SM2 for ARM Thumb)\n* sp_sm2_c32.c        (C only optimised SM2 for 32-bit CPUs)\n* sp_sm2_c64.c        (C only optimised SM2 for 64-bit CPUs)\n* sp_sm2_cortexm.c    (Assembly optimised SM2 for ARM Thumb2)\n* sp_sm2_x86_64_asm.S (Assembly optimised SM2 for Intel x64)\n* sp_sm2_x86_64.c     (C calling assembly optimised SM2 for Intel x64)\n* sm3.c\n* sm3_asm.S           (Assembly optimised SM2 for Intel x64)\n* sm4.c\n\n## Build wolfSSL\n\nOnce the files have been installed, you can build SM algorithms into wolfSSL.\n\nChoose which algorithms you require on the configure line:\n* --enable-sm3\n* --enable-sm4-ecb\n* --enable-sm4-cbc\n* --enable-sm4-ctr\n* --enable-sm4-gcm\n* --enable-sm4-ccm\n* --enable-sm2\n\nFor example, to include SM3, SM4-GCM and SM2:\n\n```\ncd ../wolfssl\n./autogen.sh\n./configure --enable-sm3 --enable-sm4-gcm --enable-sm2\nmake\nsudo make install\n```\n\n### Optimised SM2\n\nTo use optimised implementations of SM2 you can either use C only code or C code\nwith the faster assembly code.\n\nFor C code only: --enable-sp\nFor C and assembly code: --enable-sp --enable-sp-asm\n\nOptimised C code is available for 32 and 64 bit CPUs.\n\nAssmembly code is available for the following platforms:\n* Intel x64\n* Aarch64\n* ARM 32-bit\n* ARM Thumb2\n* ARM Thumb\n\n## Testing Algorithms\n\nTo test that the SM ciphers are working use the following command:\n\n```\nmake test\n```\n\nTo benchmark the algorithms enabled:\n\n```\n./wolfcrypt/benchmark/benchmark\n```\n\nTo benchmark specific algorithms, add to the command line the option/s matching\nthe algorithm/s:\n* SM2: -sm2\n* SM3: -sm3\n* SM4: -sm4 or\n  * SM4-CBC: -sm4-cbc\n  * SM4-GCM: -sm4-gcm\n  * SM4-CCM: -sm4-ccm\n\n## Testing TLS\n\nSM ciphers are able to be used with TLSv1.2 and TLSv1.3.\n\nNote: SM2, SM3 and at least one SM4 cipher must be built in order for SM\nciphers suite to work. All algorithms must be SM.\n\nThe cipher suites added are:\n  - ECDHE-ECDSA-SM4-CBC-SM3 (TLSv1.2, --enable-sm2 --enable-sm3 --enable-sm4-cbc)\n  - ECDHE-ECDSA-SM4-GCM-SM3 (TLSv1.2, --enable-sm2 --enable-sm3 --enable-sm4-gcm)\n  - ECDHE-ECDSA-SM4-CCM-SM3 (TLSv1.2, --enable-sm2 --enable-sm3 --enable-sm4-ccm)\n  - TLS13-SM4-GCM-SM3 (TLSv1.3, --enable-sm2 --enable-sm3 --enable-sm4-gcm)\n  - TLS13-SM4-CCM-SM3 (TLSv1.3, --enable-sm2 --enable-sm3 --enable-sm4-ccm)\n\n### Example of using SM cipher suites with TLSv1.2\n\nAn example of testing TLSv1.2 with \"ECDHE-ECDSA-SM4-CBC-SM3\" cipher suite:\n\n```\n./examples/server/server -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \\\n    -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem \\\n    -A ./certs/sm2/client-sm2.pem -V \u0026\n./examples/client/client -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \\\n    -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem \\\n    -A ./certs/sm2/root-sm2.pem -C\n```\n\nThe output using the commands above will be:\n\n```\nSSL version is TLSv1.2\nSSL cipher suite is TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3\nSSL curve name is SM2P256V1\nSSL version is TLSv1.2\nSSL cipher suite is TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3\nSSL curve name is SM2P256V1\nClient message: hello wolfssl!\nI hear you fa shizzle!\n```\n\n### Example of using SM cipher suites with TLSv1.3\n\nAn example of testing TLSv1.3 with \"TLS13-SM4-GCM-SM3\" cipher suite:\n\n```\n./examples/server/server -v 4 -l TLS13-SM4-GCM-SM3 \\\n    -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem \\\n    -A ./certs/sm2/client-sm2.pem -V \u0026\n./examples/client/client -v 4 -l TLS13-SM4-GCM-SM3 \\\n    -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem \\\n    -A ./certs/sm2/root-sm2.pem -C\n```\n\nThe output using the commands above will be:\n\n```\nSSL version is TLSv1.3\nSSL cipher suite is TLS_SM4_GCM_SM3\nSSL curve name is SM2P256V1\nSSL version is TLSv1.3\nSSL cipher suite is TLS_SM4_GCM_SM3\nSSL curve name is SM2P256V1\nClient message: hello wolfssl!\nI hear you fa shizzle!\n```\n\n# Development\n\n## Regenerating assembly code\n\n### Get scripts repository\n\nThe scripts to generate the assembly code have a dependency on the scripts\nrepository.\n\nNote: You will need ruby installed to run the scripts.\n\nCheckout the scripts repository from GitHub beside wolfsm:\n\n```\n\u003cinstall-dir\u003e\n├── wolfsm\n├── wolfssl\n└── scripts\n```\n\n```\ncd .. # To directory containing wolfsm\ngit clone https://github.com/wolfssl/scripts.git\n```\n\n### Regenerate\n\nNow regenerate the assembly code using the gen-asm.sh script:\n\n```\ncd wolfsm\n./gen-asm.sh\n```\n\n## Checking against install\n\nYou can check whether the code is different from what is already installed:\n\n```\n./check.sh\n```\n\nA list of files that would be copied and there difference will be shown.\nThere are no difference if the line is:\n\n```\n    SAME\n```\n\n## Reinstall\n\nIf the wolfsm files are more up to date then those in wolfSSL, install all the files with:\n\n```\n./install.sh\n```\n\n## Modifying SM implementations in wolfSSL\n\nYou may have modified installed wolfsm files in place in wolfSSL.\n\nYou will have to manually copy back each file you have modified.\n\nSee \"Checking against install\" as to which files need to be copied.\n\n## Need Help?\n\nPlease reach out to support@wolfssl.com for technical support. If you're\ninterested in commercial licensing, FIPS operating environment additions,\nconsulting services, or other business engagements, please reach out to\nfacts@wolfssl.com.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfsm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwolfssl%2Fwolfsm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfsm/lists"}