diff --git a/libtomcrypt_VS2008.vcproj b/libtomcrypt_VS2008.vcproj
index 8bc1c62c9..55d8f4d26 100644
--- a/libtomcrypt_VS2008.vcproj
+++ b/libtomcrypt_VS2008.vcproj
@@ -395,6 +395,10 @@
RelativePath="src\ciphers\skipjack.c"
>
+
+
diff --git a/makefile.mingw b/makefile.mingw
index 9d0a70f9d..a4e019f86 100644
--- a/makefile.mingw
+++ b/makefile.mingw
@@ -39,10 +39,10 @@ OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
-src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
-src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
-src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
-src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
+src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/sm4.o src/ciphers/twofish/twofish.o \
+src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o \
+src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o \
+src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
diff --git a/makefile.msvc b/makefile.msvc
index 6b2c10061..cffa817dc 100644
--- a/makefile.msvc
+++ b/makefile.msvc
@@ -32,10 +32,10 @@ OBJECTS=src/ciphers/aes/aes.obj src/ciphers/aes/aes_enc.obj src/ciphers/anubis.o
src/ciphers/camellia.obj src/ciphers/cast5.obj src/ciphers/des.obj src/ciphers/idea.obj src/ciphers/kasumi.obj \
src/ciphers/khazad.obj src/ciphers/kseed.obj src/ciphers/multi2.obj src/ciphers/noekeon.obj src/ciphers/rc2.obj \
src/ciphers/rc5.obj src/ciphers/rc6.obj src/ciphers/safer/safer.obj src/ciphers/safer/saferp.obj \
-src/ciphers/serpent.obj src/ciphers/skipjack.obj src/ciphers/twofish/twofish.obj src/ciphers/xtea.obj \
-src/encauth/ccm/ccm_add_aad.obj src/encauth/ccm/ccm_add_nonce.obj src/encauth/ccm/ccm_done.obj \
-src/encauth/ccm/ccm_init.obj src/encauth/ccm/ccm_memory.obj src/encauth/ccm/ccm_process.obj \
-src/encauth/ccm/ccm_reset.obj src/encauth/ccm/ccm_test.obj \
+src/ciphers/serpent.obj src/ciphers/skipjack.obj src/ciphers/sm4.obj src/ciphers/twofish/twofish.obj \
+src/ciphers/xtea.obj src/encauth/ccm/ccm_add_aad.obj src/encauth/ccm/ccm_add_nonce.obj \
+src/encauth/ccm/ccm_done.obj src/encauth/ccm/ccm_init.obj src/encauth/ccm/ccm_memory.obj \
+src/encauth/ccm/ccm_process.obj src/encauth/ccm/ccm_reset.obj src/encauth/ccm/ccm_test.obj \
src/encauth/chachapoly/chacha20poly1305_add_aad.obj src/encauth/chachapoly/chacha20poly1305_decrypt.obj \
src/encauth/chachapoly/chacha20poly1305_done.obj src/encauth/chachapoly/chacha20poly1305_encrypt.obj \
src/encauth/chachapoly/chacha20poly1305_init.obj src/encauth/chachapoly/chacha20poly1305_memory.obj \
diff --git a/makefile.unix b/makefile.unix
index 20f9a0d9b..701813c6f 100644
--- a/makefile.unix
+++ b/makefile.unix
@@ -49,10 +49,10 @@ OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
-src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
-src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
-src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
-src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
+src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/sm4.o src/ciphers/twofish/twofish.o \
+src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o \
+src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o \
+src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
diff --git a/makefile_include.mk b/makefile_include.mk
index 4bcec2206..e4a869e20 100644
--- a/makefile_include.mk
+++ b/makefile_include.mk
@@ -209,10 +209,10 @@ OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src
src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
-src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/twofish/twofish.o src/ciphers/xtea.o \
-src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o src/encauth/ccm/ccm_done.o \
-src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o src/encauth/ccm/ccm_process.o \
-src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
+src/ciphers/serpent.o src/ciphers/skipjack.o src/ciphers/sm4.o src/ciphers/twofish/twofish.o \
+src/ciphers/xtea.o src/encauth/ccm/ccm_add_aad.o src/encauth/ccm/ccm_add_nonce.o \
+src/encauth/ccm/ccm_done.o src/encauth/ccm/ccm_init.o src/encauth/ccm/ccm_memory.o \
+src/encauth/ccm/ccm_process.o src/encauth/ccm/ccm_reset.o src/encauth/ccm/ccm_test.o \
src/encauth/chachapoly/chacha20poly1305_add_aad.o src/encauth/chachapoly/chacha20poly1305_decrypt.o \
src/encauth/chachapoly/chacha20poly1305_done.o src/encauth/chachapoly/chacha20poly1305_encrypt.o \
src/encauth/chachapoly/chacha20poly1305_init.o src/encauth/chachapoly/chacha20poly1305_memory.o \
diff --git a/notes/ccm_tv.txt b/notes/ccm_tv.txt
index 001a779b0..989f0f667 100644
--- a/notes/ccm_tv.txt
+++ b/notes/ccm_tv.txt
@@ -142,6 +142,41 @@ CCM-twofish (16 byte key)
31: F401D2123619B81F54F307B783362CC40FB4FB2433CF51F5543A147BCD1FE5, ACBB670CB3722059B4B9FBEE67703E98
32: 839A9BFA1D3CA37924BC6648DED2291FC61736A3638906D9C5DA28A66AA684AC, CD07B83C8E0C3E6FB4115A149BDF6FDA
+CCM-sm4 (16 byte key)
+ 0: , 36D53BC3E931A547849F7D044ACE0515
+ 1: 20, A3BA832742F39726726E31214F3AB9BF
+ 2: DDC0, C15ABE31FF607650F339CB5E63A97FBE
+ 3: 6FC597, FE837BE1086B3F70D244CF67E640886C
+ 4: E4AC3116, A8A29A0AC35DB8F347B67C5EAAD3E772
+ 5: A9B973F1B1, 2F50CBFFE9DF5A007F1DA34A8F42A8EE
+ 6: 671CCFA6DD4A, D51EF373737C8BD63DE0A7BCB9151CE6
+ 7: 1FDA12291218A6, 50141736C07381D8B43E2D2668F847FF
+ 8: E66FCA3C128E740F, 82C60637BDAA758E41263F6C2A472217
+ 9: FF0DC1A0CEB5247FDD, D9EC4E431562B60BDFD03177D3393A2A
+ 10: 4AA2BDFC96E86AB74067, 455DD5AD667F96C8944CA41BD4908C98
+ 11: 69829106FBE50C0AD1450C, 3C7E0ABFD53B9A566DEECA52D1CD62D0
+ 12: 14CA613AF24332BB7075E157, 980D7448AF8E5B06AB1E859E7B2FA603
+ 13: 261469C5AF6984462E065610F1, 88F6979B2FA2A3D5BAFD56A357BC465B
+ 14: D722C6CA1EF774B987C9C48BF4D8, 9CF363BAC57CB4B8B561243946D75A44
+ 15: 2D59C60DBC6591618A9A76B9936CC6, 579DA38C8343F5421C5E2D4E03D6E86C
+ 16: 13AC412ECC5785D3BEC86487B6DCD716, 62F9DF049D535C864DD4A2D31F2D6478
+ 17: 061C5E6E631B16FB546B27CF6D376D63AD, D0F6B4A28B680EF4F2DC6D6DB9A075C2
+ 18: CFF2240F06D6199E826B519D8A03E6B55447, B7D80304CDF482EAACA3C4CDDABAEC3E
+ 19: 6F0B4B3F9DB4E6BE50A9E2EEBDE6BFE81B114E, D8ABA7DD0C850B1A8899D4EC284B9DB2
+ 20: C89A4FDA03834FE4033863089598B7AB41458596, 115C39617D1D26AF2431EDC04EE48F36
+ 21: 8D93CB3D310D9E083D0C61C1FD15E98A624C9F6F6B, 7BC62A2B8E2FBF395C8C75803144A194
+ 22: D92B001373C22CBA1B78FB90E654FB63C1697E26FF60, 2A10EB775FFB4E8CBABA708C336D0291
+ 23: 5CC754E1FE1E3D069A9D6EE61AE3DB0F32CA82482E1A67, 7D4AC478E97699E8E180A168813C03A7
+ 24: E24CCC93B8F6C47BA00460F204E73F3DA1A584061E216B1E, 4986203E3019B858E94BE400B70F6BD4
+ 25: 5E455CF2EB428D7B27A03FCECCAA49AD282C25AA9FC1831464, F40BC7C1A1587D9DBACBF59BE7C413BE
+ 26: AB9371A845F7DD51F978069D7977C3B39E3736EC4391B1DAE537, 29D045F4359852955563663FE6B6C80A
+ 27: B8A67C2DE4542FB8CF552266B571838A1503C39BB6886DB98483A8, B636B81AE3D412B24A4C663BE94C90E8
+ 28: 376A2A3F99CD0F02BF3FE6EBD5DFC7A4DD10E98ACA4B760A40BB350E, DC66C085CF7B724C6EBE627A49A26DB8
+ 29: EDB9DB282DEE24F1357D2097425C947D4DEE8555EE428DACACF04016A7, F6A4412F2953246D66ADEE7180451772
+ 30: 2D5949A842687889B15E9A367DBE592842B6360407A9315C47E924BD8BCC, 5056387B0B8E5B0843A68E6477A882A2
+ 31: E83A3CDBE51416E3045B928937DB5F44C22279677F73B6136A5472C07453BE, F29CD4880B85375C8AB428A6A9B51C71
+ 32: 3873166AC87B888C679DE7DBF9C3EC17245150321F45BF5666CBBECD108EBDE1, 6EA038784C6B1E7F66E7740A04393CF9
+
CCM-noekeon (16 byte key)
0: , AB924F56DFA05F4E8628C14111272E5C
1: 08, 8A76DCADA7CE53A0F4577E67B0B958D7
diff --git a/notes/cipher_tv.txt b/notes/cipher_tv.txt
index 34c0185e4..df3496d18 100644
--- a/notes/cipher_tv.txt
+++ b/notes/cipher_tv.txt
@@ -1539,6 +1539,60 @@ Key Size: 24 bytes
49: B8AC2CDFF7AC22C1
+Cipher: sm4
+Key Size: 16 bytes
+ 0: 8F78763EE06013E0B7622C428FD0528D
+ 1: 5E0842E918473FE01EF6CB46F3D9A898
+ 2: A5A8568531E5BB075EEF3A2BAC3D2280
+ 3: 3C6C1F35C42230AE7ACB4503261A3FCC
+ 4: 714B6E7A1DBAFADF65AB68AD6ACB14D8
+ 5: C26139494681B05164A69A9A4AB0006D
+ 6: 4526798759C412D836DD99FCCC98B8E4
+ 7: 84D4EE025FEE4943B29B28D3A387E0FB
+ 8: 7709BE3897FAB7925C1BC3B43D700D7B
+ 9: 84DF23C156674EE9673F8F2A7BBAFF30
+10: 4E301AFE87590D01996CEE78BA72C34D
+11: BEA5DE3EFDE04FF8AEC7CFEFCBB6CF0F
+12: 3778443468868DF0459A00101B05D2D2
+13: 3C6A235913B3A2DDB1E168664620F21A
+14: 325A985761CD7B0B1CEEE21911536959
+15: 0B5B467CA3EEE26247942C1FDE22FBBE
+16: F8A8E7DC773E1FF0405195D76E4439F2
+17: 827A2BFFAF23FBEDE87A85C859147520
+18: F9D07586783913EE3D9E51C01E811E57
+19: BBD82643D3D72FB4F386456421AB752B
+20: 12334FE869D290A540F3E53D02B540AA
+21: A518C3E509EA25E7AD1880158859298D
+22: D32C013B04A2CCDD70DAA58224702753
+23: C6DC68393042703BA07A1DEBF6EDCE2F
+24: DA3B6853232452691596B8A3763EAAA6
+25: DD7AA423F5A5B712A727F33880139E52
+26: 84A3AF0CA812C8DECED5823BA7F0F1B0
+27: 61A552BCDB0CB7E950340A1691202A41
+28: 3DD9F13B5863086666A8F9B7F1E4C103
+29: B1D1FE27DF20443711C54088E8FFC29C
+30: 8CC70503998EC42AA4CE5B7D9194B8B8
+31: 18E85C128D2D4A5CA90E9D3A590D0789
+32: C4206BCBD76E67C6DA73C3C603138FB4
+33: 350BB41380979C56152D05586FE9BDF5
+34: 980B929CB48C93BEF12E1A1252131A05
+35: 5FD08A04C4568BBA0FCFD688F577CC85
+36: DFA0325BA89F1FB02670BDB24C79A4A9
+37: FE7D8D6F3D042A372CDF6B31F6287A72
+38: 2283F56384E490B4682A8FCD8F32BC11
+39: E9F99BD39F851FBDD95C9880466CFA4F
+40: 2C909B8E58BB81DDA517F6661DF7AE32
+41: FC788CBDBF46C3615C3DC8103B1B4090
+42: 3B6FBD288158B7D7D554AFE2B02F3F07
+43: C713EFFE8246F812DCAFFA725A73C8E1
+44: 9B8327F08E2FF85E97523D2FB0D3C326
+45: 052717D2EC347D5B55BE1655D480ADC9
+46: E7A9B7F3DE3E4F2F0F0529B050B43F4F
+47: C287E5BD8F046696B61FAF7E930D3965
+48: 511ADA8934C2609AA5EFA93C57405D2C
+49: 7D6AD2BA497AB34E41643F5094C3713C
+
+
Cipher: cast5
Key Size: 5 bytes
0: 9B32EF7653DAB4E6
diff --git a/notes/eax_tv.txt b/notes/eax_tv.txt
index f1a583ccf..173579516 100644
--- a/notes/eax_tv.txt
+++ b/notes/eax_tv.txt
@@ -332,6 +332,41 @@ EAX-3des (24 byte key)
15: 9E8C73EADA105749B5D8D97392EDC3, 2E749EE66C1E6A16
16: 600FA4149AF252C87B828C780AEFF8BC, 33D7D11DCDC19936
+EAX-sm4 (16 byte key)
+ 0: , 650501697FAF3887F97E691AD57FD916
+ 1: 56, 34D9D25271FA43908A88585CCA65BB56
+ 2: 0F1A, F5E3D4115EB84F74A2AB8289E696F366
+ 3: A06D88, 4425EAA479E448A034B7B997A6BE84C2
+ 4: BC33483A, 51188AB6D581A1335CD5C2E554B7C68F
+ 5: 353583E113, 45071CBF115D70CF0E7852B87E836B65
+ 6: 3093D4065F4B, 73E28033374C6512E6A135ABA04A6870
+ 7: 349796DFD3F24C, 1A3E0016A50C0018BAA966F99A320A7E
+ 8: 9D7797A751E31590, 30FD2B87E834DF19FED8357CD26BC88B
+ 9: 2ABCB97055D2BE28D0, D69EF4E92C0C50A52E053DE99CA94501
+ 10: BA7B8CA8FB59F7A0263B, F9DC5935366E22AE8B455461E949ED4F
+ 11: D4ADCF3E64D0B2F251479B, 34CFFFC5A89D7CF8BD836421038C7A42
+ 12: 924FC873A8F53C16F37D54A1, 8FA7A0073CC0BED6D34709FE9A7EC600
+ 13: 99AEE0A92D0D6D783FEEE6ABA2, 24F753FFB17EF010E0AA0947FC52BAA4
+ 14: 00BFC12E5B7E14F0EDDFC42A1816, BAAD3E2BED1F6ECFF81D2184C69B3484
+ 15: 4E85F4056D13919731FDAD6E8E974F, F24C6A5E6EB02D4DDF27CB757D1A2423
+ 16: C0F667A42E6B5598398B431814A18273, EC9E34B8E933583E16510ACE9B4DF06B
+ 17: 0F7B8922D29E828148A46FEAC29729032C, 4934C5F94389495195984CFF758E87AB
+ 18: 4C67F1ECF5BE22F16F20A25C79ADBD01ABEB, B6DAE0A254994AE40DF0F29DFAF50364
+ 19: 084D26AD7889C945C2AF7E633D870CE79B4729, 402DEAFE37357D5D9DBAF56D3C5F5800
+ 20: 621482F573F2BF7D3C4E1294D22CA36AD5B8BA56, C42036C948E4158127F7921B0548EB38
+ 21: 807E26EC65A32C6431E16D02F1013F60DA8D6F8FEB, A9451DB25AA897C6E74A7AB0D0CF5E89
+ 22: ECDF3996A964655239C7B1FF36B27AB40233CE920F9F, 7B6E0355E5AC027E52D046A5A21CDE2D
+ 23: 89D9DFA557700E6CCA7825B7055C3A84F50FC1DB2C2140, 850F5596560D461751382E1A2FAAE21F
+ 24: 4B4F825B41D728CFD1E3AEC60ED227A858A2C020EB0D785C, 63B44E988DF17AF1A5999A6CFE4068EA
+ 25: 7D885DEFFC7CFA06C7FC710C6ED78976A40C6D7EA82AA0F7FB, 88B2E50E500C0883141712B2BABEF5A9
+ 26: 65CFF84444B5CCF480E5D3062BDCB4662C5C2B9933841D6F04E5, DAD13A3AD0D51F98356B6FC69C934BB0
+ 27: 95C852409422E090E049218F228DB32CC302BAB911E2C871A21BF4, CF4D1EAF2886CF74479E239AC6CD585D
+ 28: CBAA0B7052DEC9C8DA334EF910FAE656EAAAEFBA5D6C1D5687D78536, 13E40EFAE3336AC5B51415504A9640B5
+ 29: DD0D60752F4EBD70509B1DAC9868A73151FE6950083E3976DC264A7399, C9AE7328F68C537E6C0C6D7A8A3E0D9C
+ 30: 8FF315081B4E87A2753038905A3EC46879E28C6458809E97EEEC7D77EB22, 3C3E1B732EB711E51D4F1F80B38B9741
+ 31: 41CAD696C51CA2F938C3BA517177A22AD17211D4A38F43A81436308E08CC41, 5DAEBD5D3C58CF6CEE1D1EF9FC171DAD
+ 32: BDF417BCDF679E2C981023BBB53D408929A4052F1F04BD59DE618C588786EA90, 1DBC8FA9D1F645E424FC74147ABA4C2C
+
EAX-cast5 (8 byte key)
0: , 382FB8F7E9F69FDC
1: 99, 20DA959849B3F7AB
diff --git a/notes/gcm_tv.txt b/notes/gcm_tv.txt
index 93900af74..5098f82c6 100644
--- a/notes/gcm_tv.txt
+++ b/notes/gcm_tv.txt
@@ -138,6 +138,40 @@ GCM-twofish (16 byte key)
31: AF52E18DE8608C39FA886377899C66AAF8612513C21C7B815E248D9F75D775, 39F0F712265F44A442A7581D8F314D1B
32: 64F9AE4A9E6735D348343EA7ADD617F0687C2883637468BBFA3664F9194F1683, 947A02C9994DA490BFC9E036305B26EA
+GCM-sm4 (16 byte key)
+ 1: 35, FF70BBCF7CCB35AFE8B806BBDA8CF462
+ 2: 418F, 4CB59D26F6F41BA4413339DE202394D5
+ 3: F01644, B06F26255E3BF20393B697283619F4CB
+ 4: AE4871E8, 1E7D9A18D453B5992DDB52975B8B9BD3
+ 5: C280528391, CF1C65604E006F9B79EDF4B6B6EF5B05
+ 6: B2F0185A5F9A, 33981E9B9A58CEA9FCD1219868E4907E
+ 7: 441988562A65B4, 4E6610F9F18F7AECCE0745B8227FB139
+ 8: F70D70319A3B6652, 09BC4E06455D10358AFB36C01AFD0494
+ 9: CEE87EE6FF0078A9A6, 8333A61DDCB965BF4293E6911864CF66
+ 10: 2599C4CC2007F4032AB3, F2F0238D73262488B89F2C25ADFC999E
+ 11: D2EC717E6897299EDB42F6, 05603ECDE2E18AFA4470DF97F8EE4899
+ 12: F8FD6DA197A96D5B3B06287C, 4BA295D367B50E71FACD53214151A7B1
+ 13: 0C7BCD801EBF114EFFFEA84A66, 379C586351C9D2054FC458E0DB5F878F
+ 14: 9C4F1D1D7C98A042AA62A7A28E97, 1A932604F135BB21C2EC2E7D73AF0C3F
+ 15: F80C96AC05523E55881D716BD9E0A6, 5CEA5F26E90EA3588964E374942CEC54
+ 16: F2272532A01D7FE05A47EB04ED422938, 294B483BAEED79A8AC42072D20F9028B
+ 17: 58EB27B530CA20D5A85BA7CE06E9112D2B, FCF9EEA2C4EF185199A67C172DFFFCB1
+ 18: 46CB6F7EC77EAA26A78C2FC5184741F0CDC7, F9ABC0744B86DDA1DA92F317EF9269E4
+ 19: 442355822E3E451F3FA92567BB3FC6488648B6, F51A079916440068677971C70D24C196
+ 20: 5241BBF0112C1802697B8AE0B324853839734FE7, 15A71FFFB4156F88A5585BC5587E9101
+ 21: DE432C494F1CDDE5F5055AFE2DA309E200E6014482, 517FBDAD471B0DE9671B831E797521E9
+ 22: D84AD8B34414E955B8AF0EE292107DE71788B29BFD59, 44C464F41512C71AFFAFF37326A429DB
+ 23: 0E21E74C073C639049EA361606D7C2C2DEF7EBD05FA233, 2169BFF97DD2D677D9512E1BAB6FD5C0
+ 24: 43E116D801E2EF765E9FEB07DD4DD33999796314064FC926, 90A32EDEE61181ED45B5736A31C7256D
+ 25: 506FD9ECAA69A9D608AE2E8D7DFA0E529E9249A57757A76BAB, D7E977F8CCDE9C2FA5FB52D38B9F326C
+ 26: 3D403A81FA1B1BA530E27D9864170BEF4241F373750F4891D117, 416580995A698D7F2B948F86DE09B9AE
+ 27: 1ACC9E429DBBBC790528F7156CFB81D7CD9C42950F97778D0A49F2, 0294F18AC56719B6F0B564D65DC3735D
+ 28: CBEE1B89C717D3DD688132EFC8C26E3A73D0F4371BE2011B33040631, 3D65AE78B1F7191BDCA08E1CA0040EB4
+ 29: CE869BFF3E7F73F41700ABCD63635277B7751838D43CC1EF94CC740A98, 118D7B0B39B7461BA4C465B2CB1E601F
+ 30: F795251BE1FC9D13087DF27051A5F765A95A052DD5BF3779B5110E333A23, CCBD865E6BA507DECD56A56178F2C934
+ 31: F6A93096ABAD485915A035C24341E1EFBB5B23AC7901E12FFFB5E9BEB23685, 07399EBB80C57C761CD355B6752EEE3B
+ 32: 195A9982F24E9310DAC69CCEB62B509E962B6EF55698B95AA2A7ED451B331249, D7472FFC15A99DE62CD2993AFADD9867
+
GCM-noekeon (16 byte key)
1: 05, E18F8A201F281A4F3F4FE6F43A001107
2: 55DF, BE4D95A0BC5966CC2E80FB544AD43B8B
diff --git a/notes/ocb3_tv.txt b/notes/ocb3_tv.txt
index c65a462c8..82b562e30 100644
--- a/notes/ocb3_tv.txt
+++ b/notes/ocb3_tv.txt
@@ -142,6 +142,41 @@ OCB3-twofish (16 byte key)
31: 8726247FAEB21D7F8927DC3E90267ECD744A8452C64B9EBE08D1A590BFA1F9, 8D75DAEC7E4438E7C701A392346EBBF6
32: 0DC0EE528456FEC203AFB12A55A4D3A901B9408958E5387EB42E75730D98B6A6, D7D682F57C1E1671BE459EE33BEA6B26
+OCB3-sm4 (16 byte key)
+ 0: , 5AE4874946EAB321286A5C30AA6B4B12
+ 1: FE, EAFB170A60CCAFC101780C51A35A77D7
+ 2: C914, 36606CD5546032064EBB2B2EFB962442
+ 3: 6CDDD3, D7DF2794D1169B1097701EC7EAC97ADC
+ 4: B9EF5F04, 6CEC2C898116792A42E3C823C1274A2A
+ 5: 77201EA353, 40B522CEDB325AC6684F6560C0282555
+ 6: 5A5A86063B5E, 9EAF522E35E9AC2D2AE6F50F707FE8A6
+ 7: B04D78AD924054, 4CA7F758F395154EBD95BF0BC8B28618
+ 8: C089204BEC680CFE, 4DF7DD68E7F468FD070CA876949BE593
+ 9: 4F368531FC342799C5, CAD9C6A6AB8DC5445C8D48BE005819D0
+ 10: EA61FEF7AEA9EEC392AF, 9FAA6F9A39CC88F9F4423534104E26E6
+ 11: 55A79A6EF7F1F75C42B172, 4C8D817200E7A9368866D5DC9619ACE1
+ 12: F0D1A7080D89189D052C7DC1, 7903ED2CCED2DA132DC480EDA4178650
+ 13: 7D55F3544210EBFD2BAC6BB18E, 903AAE3C64CD8993711BADACD2014BB9
+ 14: E8FB86041ABB30374C19B1FBC542, 03ED4A92F7CA8F280F6148E48D2483F4
+ 15: 5DAEBCDE1C64601175B5A6E446C9B9, 1240BA45F11091457D66FA5C58C08D6D
+ 16: 2A4F6718D7333C9415AE69CE5CEC431F, AF79781109795D4BBCBC3C55327C60C4
+ 17: 2FA374A6724EF7CADB0896A3BEBDD1661D, 0105D0D05BFB6E1D1990A20D9294FCD1
+ 18: 9FF356181B833CEA5A0903D3373A8C310B0D, 82AAF55237C5D3D587CA3188B6B57CBB
+ 19: 13CA7A42D6E55A7A03AA09BB77F234DA876A7A, 914B59E12935290A8D68D0F27762D745
+ 20: EB94DEC2EBAB6A8C2D1E412E4F3F337048B3B301, F43394E403FD4F7EE07CF59D4A6ECAF7
+ 21: 8BDDCE25D442F0BDAC4CD1F0FAAB6B0B6D049734AA, 6CAFB1D636A6112402477DE93B853AAE
+ 22: E2298B85A6A6E7271857851EA90E584743B7A0A029FB, 64105E77B6A8C5A4739A1393ADD6E37D
+ 23: ABB540427006B696F59666612E5D123A02CC3C0F908867, 35430C4394E6A7128FA4CD0AA66BBE9C
+ 24: 8B048DB31FDABF2746CF664ACE1B8B138937BCAD03612FBF, CFB7FD35560F1D0E3EC488B799471544
+ 25: 6936BCB5A10B52D27FD13D259D166C415689E1D7BB2F669EAE, FA4BFD853500C958DECF8D77A31A8F46
+ 26: 7C0415C2C28D6F9895755EF3E1214FCC96F3AF2C70DBF6948031, F6D370B244D7F5A6F301BCB5CED7DEDC
+ 27: 195B75E3D72FF9AA5492EBAC7638A8AD551EA9E6B541D9689A5465, 1D8A1BB3A38ECA89ADF8F3B48F34682F
+ 28: 70522F78E5DB3829D61540C641A6C2FCA75BEAD1BC7DC6C3D15C2E2A, DD5072319ED0E24E4D3EE931CB82B3BE
+ 29: FCB983E8F38EFF1931A01E7CEB5AAAF15AD969C84DA1BBCC39E4F45D68, ED463576EFD354B7FCBAC13EC8DC0708
+ 30: CD507929D9E5025781958420C66B1EA4F5397C2F467764591805AEB2A095, 6E0B6BEF6C38D4424926B6DE1B4C315E
+ 31: 782FD749F729A1546E3C105DA7AA2CC6541ABE4192443D3D400C4D6B88A78B, 207918EAC7F7B92C29D5DFB9C3779DA5
+ 32: 4E23AE32EF1C9877F43C0FC3C285B422387EA18BD30F7F8BCD1DE64B9BF7221F, FF6F490EA358433EC439AB1954C6D473
+
OCB3-noekeon (16 byte key)
0: , B23A40302652E204B694EA78AF5A8FCC
1: B1, 5245C8680A6F4520168B173A39661249
diff --git a/notes/ocb_tv.txt b/notes/ocb_tv.txt
index c2625d6c1..e080dfbdf 100644
--- a/notes/ocb_tv.txt
+++ b/notes/ocb_tv.txt
@@ -332,6 +332,41 @@ OCB-3des (24 byte key)
15: D6F9A6B2420174C499F9FE91178784, D3AAF969ED2F7215
16: 4F1CF285B8748C4F8F4D201C06B343CA, 203A2692C077F1B5
+OCB-sm4 (16 byte key)
+ 0: , 644D127C5F75F64F48808EEE68350817
+ 1: 6B, EE408CBD07CEC607EAA25CB0CF063DE4
+ 2: 74E6, FE58AB1D0A951F156D0B78597DE88981
+ 3: 049E45, 9674DCB58ED4981CFFCA8725B5BDCBD8
+ 4: 416F6FAC, AB0981B209CEB024447861D113FE74AE
+ 5: CC01AFD1B6, 9125092E4696FE0939A256C03A37FD8C
+ 6: 1B32E33A7BA2, 80714FA9C1EAE774CF9C754F5FE7374A
+ 7: 6F91118A6F5E0F, 7065639ADBE5265F0B61836950C39871
+ 8: C40E934B952D0108, A8D1ACC7CA93B14C2A187441C794D31E
+ 9: 06B7FF294A85CD8F8F, 3C433077C03E9B6A481B6A78565A865E
+ 10: 123093E41AAA91EEA2D1, 9EEF81BFAA0C7116C632DAE3D447BEC4
+ 11: 83288869EBB8D22772AA98, A52688653CC795A14D7CC5C4FB59EFD6
+ 12: FD8A2A59C3BA54DE090DFFAE, CA597A88711955563025FE6F6B6CB095
+ 13: DA0FD6F4B1A0A8084D92F543D3, 9F22A8F0B9EFF906DFE7438E0738FF4E
+ 14: 8D8090EFF0A44E96A4CB582A61E5, 11477309B525FA0B1A1B4B0F25DED574
+ 15: 95DF2F968380DAF60122B8FEA2614A, B25F1C94B4F963297EF31AD01819CAD6
+ 16: E63BB516DEF0A60F3503FC9578082588, 9E75B31F3A10D922A698610EDD224AC6
+ 17: 4141B7D60688A6B74659FA3F988749336C, 2A4A83E828CA79F3CBA7A417E4E9149F
+ 18: 68A58C0AAD6A8831231DD3537D5E6284FAD7, 4372DBFA17A102118A4750E719FCC9FF
+ 19: 6565EE0302F1AFE357E65B56980F04EB805228, 20E09947D4A4947CD24457589303BD69
+ 20: 0400E928A18B85498DB78CFAFC026CB07F3DD3A3, 9646E0737D7F75F109430336754DE155
+ 21: EC2A5AE19531D964B6C03C4ACE804909F3B0260DC6, 6DEE21A1B2A14FE5F8C13C3620F35EB4
+ 22: F32AEDAF0281234753F5D2903F1FEF505165D4543923, B8F486809ABD26E4CACF6C283CBFBAFA
+ 23: 482B2728C75FF1206E280FDDD082F2C93EE9C2C15A14E9, 70DA0D202F68BF7DCF126DFE2CC75CA9
+ 24: DB67772FC481A6D2F50ECCA59134984869C91436211A24A7, A7391E9F5698DF1BC984F127A874D8F6
+ 25: DF60A24E93101ED2F68D3CAAD966F51271603C8E611AB16C3F, A4C44700A6845A75B72C04C1395E9820
+ 26: E14DE8BC5A2A8417783267AB659DAC26A84A02B4EB5FA4BAAE7F, 1508521641C38536DAF3B2CE65BC060A
+ 27: 309D876E6CCB6C8FDF963D6143E2FC091DCF7FA75D002986502500, 323AE0DB790F786252F35547554990E2
+ 28: 7D8D3119EA42098509D0B1FB8FDB945E1C6C7AF4E1C9773F82A6D3DF, 8F97D69077AA1AD2BD7A8FBE6950E632
+ 29: 597A5B272750C5CCE0591CE40A4CE838F3C326A9BCAB160385D6D431C0, 2F9D9980E31419966C6F5DC8E6DA216D
+ 30: 676720E8BB37FAD3778C4289CA1442A4905F327798C7C3584FD9518F19CE, 60D96E4249518291C68EE01AEB5A5B05
+ 31: 609D0A3770F9BE06D7100E75FA0096F21FA498C28224A9406228534A43DEAD, C3148A9D60CD32EA378720262A3529EA
+ 32: 18BA4D72E61851F5878E07459A24BDFCB48C6A2AF719584CBE6A0B321078B967, 077031AE31FC5ED7B27ADABDBE699CDE
+
OCB-cast5 (8 byte key)
0: , 77E8002236021687
1: 52, D57DF1037B6A799D
diff --git a/notes/omac_tv.txt b/notes/omac_tv.txt
index 2abd0ed21..abcc740d6 100644
--- a/notes/omac_tv.txt
+++ b/notes/omac_tv.txt
@@ -332,6 +332,41 @@ OMAC-3des (24 byte key)
15: F8637AEEFF10F470
16: 0EA19531D42706EA
+OMAC-sm4 (16 byte key)
+ 0: 4DCF78C73B13A3B9494DE1152E66E9EF
+ 1: D969654F96D6A5888051528E4B417231
+ 2: E90E3429E81886D1C31C5B0076DD6967
+ 3: 0200C38838F6AC2547B57CAFB68197FE
+ 4: 7675C0168A1E04AAD697D52B74F354ED
+ 5: F3235CD0A674C4BE3DE00A59C59047B9
+ 6: BDD7ACCEC9155E657BDBC36DF69AD7E7
+ 7: DB9B8E833FED5FC7D5FFE00526DDD6AA
+ 8: 83DBBE2766B9BDB59146CB3CEA4A0AD7
+ 9: 95D3B45E49B41F5EF0D661DC62054A8B
+ 10: CF88F8DFAB57F5966ADBE703EB12A3F1
+ 11: 7BC575121B4F37E7A7BFD22F1B78685C
+ 12: 43DD61A4A29D22970F51DF0573A92670
+ 13: 305B1ADF8D5E5787CE7DAF41A1D383B9
+ 14: B9CB5438AC40D45B15D438A97CA56C3C
+ 15: EA698BFB6B673D2DB6A44CCF45B359A2
+ 16: 6C5F95BFAC3303A1EC872B01453AB9FB
+ 17: C5E8C622028131DDC11EA51AD38CB12A
+ 18: 0D306885AA1E6AC9B4A1F257AFF4F8A2
+ 19: FB942DA9F2BF3A42A48D4F3704F9E4D9
+ 20: 164E103E28C7BF2897212C45465E6BE4
+ 21: 29A8D843431D5383BEF4618186244A88
+ 22: E5198A53CA4D07C652A43F5F9F1284CE
+ 23: 7D7EE2E1992B09A10BFBE257E0965426
+ 24: DB01EACF33255EEC1B91124D20C00EA8
+ 25: 5BC1F4E148752FEB8FFA54638EA34E2A
+ 26: 908D641E82579034EF63BC715E8340BB
+ 27: D22784953DA497AEB56D795FC1576D48
+ 28: 2C5332E28F42758FBC3B35B430B54CFC
+ 29: EAA87F4C87BE3AD58927E556502D68FA
+ 30: 130EE9E3DE2AA6EBC5FC5CF0247D0FDA
+ 31: 8B08E2E6106B8454F2180AEAB5034D65
+ 32: ADF8EE93CC8DC3FC007EA2C361FA995A
+
OMAC-cast5 (8 byte key)
0: 7413DCDB9F0C3100
1: 423799EDF1472B79
diff --git a/notes/pmac_tv.txt b/notes/pmac_tv.txt
index 5db6c709f..9ee6dc026 100644
--- a/notes/pmac_tv.txt
+++ b/notes/pmac_tv.txt
@@ -332,6 +332,41 @@ PMAC-3des (24 byte key)
15: B13BFD07E7A202CB
16: 58A6931335B4B2C2
+PMAC-sm4 (16 byte key)
+ 0: 69265690FA00C7D1E2AD63F9C01C56CC
+ 1: E63B0AEECB1D62691A360E78ECAD7B73
+ 2: B8B95E753F7016CCCCB0BCC8536D2DE9
+ 3: 22F61907C271F6B779AFC0EEDE1E0AB3
+ 4: 8A31DAB6D0F493058328FFE0A6349CF1
+ 5: 6760AA80889EC043BD944A4F18FD2D0F
+ 6: F50F83052E6AF271787815E01DFB4E8A
+ 7: 4F552D36BC345805EC9FCFCE5E54153F
+ 8: AEF8016C64F27C79562C50C335AA3A10
+ 9: C306E855A485ECC4969F66218705CCEF
+ 10: 7FA21114DC4C11212AD1DEABB8BD8AD6
+ 11: 322BD6CE62C0608438C1715F5871308A
+ 12: 4F5A19156E62660043C12FFDE62D9755
+ 13: EA1D701763EA97753EF54C9AA45F8678
+ 14: 64CAFE7A3C93A469D3A37B3C86A75AF2
+ 15: C8E6F0C75A3829EDB9C3570DCA18126D
+ 16: 1140368A72A1EC6AF8A5449924A76AE1
+ 17: B8EAD770AF3070B3712040E35E297D45
+ 18: 3E862A7270F6EFBB54E56B38E226E349
+ 19: BC80B79D95E6B30F33A1FAC0311835BA
+ 20: 292696B550C240DCFEBA46CD94D6B368
+ 21: 22C4BAA7FC406BCD7C67DDB1D4628185
+ 22: E500A8794059239A63169E62E7F13F9A
+ 23: A756B798A6DD9219D57A488AC32C8682
+ 24: 83A8F58D0FFB75A007CB99CAFFE650BC
+ 25: 99827ACA1F014860E687D0EA721657ED
+ 26: 6AF8CC23F2E4B9777BD171812BBA688F
+ 27: 0F31384898582A32808A66D8E986278F
+ 28: 8C36AD9C3CDA4DE1386CDFD6864C5DBC
+ 29: 0CC3D0BFCA51A052D807396B7160A33B
+ 30: 4E6A494B9C6CF7E4C540AB1CB84F5BE3
+ 31: B0FE54FBC1FDFC468419079DF58C74AC
+ 32: AD881C8EE04209E68E31B66458377848
+
PMAC-cast5 (8 byte key)
0: 0654F2F4BC1F7470
1: 3F725B162A1C8E6B
diff --git a/src/ciphers/sm4.c b/src/ciphers/sm4.c
new file mode 100644
index 000000000..089742407
--- /dev/null
+++ b/src/ciphers/sm4.c
@@ -0,0 +1,496 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/*
+ * @brief SM4 block cipher algorithm
+ * @date Oct 2018
+ * @author Chao Wei
+ *
+ * SM4 (formerly SMS4) is a block cipher used in the Chinese National
+ * Standard for Wireless LAN WAPI (Wired Authentication and Privacy
+ * Infrastructure).
+ * --from wikipedia:
+ * https://en.wikipedia.org/wiki/SM4_(cipher)
+ *
+ * This implimentation follows Chinese National Standard
+ * GM/T 0002-2012
+ */
+#include "tomcrypt_private.h"
+
+#ifdef LTC_SM4
+
+/*porting to libtomcrypt*/
+/*char always 8bits long*/
+typedef unsigned char sm4_u8_t;
+typedef ulong32 sm4_u32_t;
+/*#define sm4_printf(...) printf(__VA_ARGS__)*/
+#define sm4_printf(...) do{}while(0)
+#define sm4_memcpy XMEMCPY
+#define sm4_memcmp XMEMCMP
+
+/*#define SM4DBG*/
+
+/*
+ * S-box defined in section 6.2
+ * (1) Nonlinear transformation
+ */
+static const sm4_u8_t sbox_table[16][16] = {
+ {0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7,
+ 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05},
+ {0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3,
+ 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99},
+ {0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a,
+ 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62},
+ {0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95,
+ 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6},
+ {0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba,
+ 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8},
+ {0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b,
+ 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35},
+ {0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2,
+ 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87},
+ {0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52,
+ 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e},
+ {0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5,
+ 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1},
+ {0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55,
+ 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3},
+ {0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60,
+ 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f},
+ {0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f,
+ 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51},
+ {0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f,
+ 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8},
+ {0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd,
+ 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0},
+ {0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e,
+ 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84},
+ {0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20,
+ 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48},
+};
+
+/*
+ * left circular rotation by n bits
+ * defined in section 3 Symbols and Acronyms
+ */
+static sm4_u32_t rol(sm4_u32_t x,int n)
+{
+ return (x << n) | (x >> (32 - n));
+}
+
+/*
+ * S-box
+ * defined in section 2.6 S-box
+ */
+static sm4_u8_t sbox(sm4_u8_t a)
+{
+ return sbox_table[(a >> 4) & 0x0f][a & 0x0f];
+}
+
+/*
+ * target endian mode judement
+ */
+static int is_little_endian(void)
+{
+ unsigned int x = 0x01;
+ if (*(unsigned char *)&x == 0x01)
+ return 1;
+ return 0;
+}
+
+static sm4_u32_t byte2u32(sm4_u8_t x[4])
+{
+ if (is_little_endian())
+ return (x[0] << 24) | (x[1] << 16) | (x[2] << 8) | (x[3] << 0);
+ else
+ return (x[3] << 24) | (x[2] << 16) | (x[1] << 8) | (x[0] << 0);
+}
+
+static void u322byte(sm4_u8_t b[4], sm4_u32_t x)
+{
+ if (is_little_endian()) {
+ b[0] = (x >> 24) & 0xff;
+ b[1] = (x >> 16) & 0xff;
+ b[2] = (x >> 8) & 0xff;
+ b[3] = (x >> 0) & 0xff;
+ } else {
+ b[0] = (x >> 0) & 0xff;
+ b[1] = (x >> 8) & 0xff;
+ b[2] = (x >> 16) & 0xff;
+ b[3] = (x >> 24) & 0xff;
+ }
+}
+
+/*
+ * Nonlinear transformation t
+ * defined in section 6.2 (1) Nonelinear transformation t
+ *
+ * Here should be big endian.
+ * But we just convert a 32bit word byte by byte.
+ * So it's OK if we don't convert the endian order
+ */
+static sm4_u32_t t(sm4_u32_t A)
+{
+#if 0
+ sm4_u8_t a[4];
+ sm4_u8_t b[4];
+
+ u322byte(a, A);
+ b[0] = sbox(a[0]);
+ b[1] = sbox(a[1]);
+ b[2] = sbox(a[2]);
+ b[3] = sbox(a[3]);
+ return byte2u32(b);
+#else
+ sm4_u8_t *a;
+ sm4_u8_t *b;
+ sm4_u32_t B;
+
+ a = (sm4_u8_t *)&A;
+ b = (sm4_u8_t *)&B;
+
+ b[0] = sbox(a[0]);
+ b[1] = sbox(a[1]);
+ b[2] = sbox(a[2]);
+ b[3] = sbox(a[3]);
+ return B;
+#endif
+}
+
+/*
+ * defined in section 6.2 (2) Linear transformation L
+ */
+static sm4_u32_t L(sm4_u32_t B)
+{
+ return B ^ rol(B, 2) ^ rol(B, 10) ^ rol(B, 18) ^ rol(B, 24);
+}
+
+/*
+ * defined in section 6.2 Permutation T
+ */
+static sm4_u32_t T(sm4_u32_t Z)
+{
+ return L(t(Z));
+}
+
+/*
+ * defined in section 7.3 (2) The system parameter FK
+ */
+static const sm4_u32_t FK[4] = {
+ 0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc
+};
+
+/*
+ * defined in section 7.3 (3) The fixed parameter CK
+ * The fixed parameter CK is used in the key expansion algorithm
+ */
+static const sm4_u32_t CK[32] =
+{
+ 0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
+ 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
+ 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
+ 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
+ 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
+ 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
+ 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
+ 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279,
+};
+
+/*
+ * defined in section 7.3 (1) L'
+ */
+static sm4_u32_t _L(sm4_u32_t B)
+{
+ return B ^ rol(B, 13) ^ rol(B, 23);
+}
+
+/*
+ * defined in section 7.3 (1) T'
+ */
+static sm4_u32_t _T(sm4_u32_t Z)
+{
+ return _L(t(Z));
+}
+
+/*
+ * defined in section 7.3 Key Expansion
+ */
+static void mk2rk(sm4_u32_t rk[32], sm4_u8_t mk[16])
+{
+ sm4_u32_t MK[4];
+ sm4_u32_t K[4+32];
+ int i;
+
+ for (i = 0; i < 4; ++i){
+ MK[i] = byte2u32(mk + i * 4);
+ K[i] = MK[i] ^ FK[i];
+ }
+ for (i = 0; i < 32; ++i)
+ K[i+4] = K[i] ^ _T(K[i+1] ^ K[i+2] ^ K[i+3] ^ CK[i]);
+ for (i = 0; i < 32; ++i)
+ rk[i] = K[i+4];
+}
+
+/*
+ * defined in section 6 Round Function F
+ */
+static sm4_u32_t F(sm4_u32_t X[4], sm4_u32_t rk)
+{
+ return X[0] ^ T(X[1] ^ X[2] ^ X[3] ^ rk);
+}
+
+/*
+ * defined in section 7.1 (2) The reverse transformation
+ */
+static void R(sm4_u32_t Y[4], sm4_u32_t X[32+4])
+{
+ Y[0] = X[35];
+ Y[1] = X[34];
+ Y[2] = X[33];
+ Y[3] = X[32];
+}
+
+/*
+ * defined in section 7.1 Encryption
+ */
+static void encrypt(sm4_u32_t Y[4], sm4_u32_t X[4+32], const sm4_u32_t rk[32])
+{
+ int i;
+
+#ifdef SM4DBG
+ sm4_printf("\n");
+#endif
+ for (i = 0; i < 32; ++i) {
+ X[i+4] = F(X+i, rk[i]);
+#ifdef SM4DBG
+ sm4_printf("rk[%02d] = %08X X[%02d] = %08x\n",
+ i, (unsigned int)(rk[i]), i+4, (unsigned int)(X[i+4]));
+#endif
+ }
+ R(Y, X);
+}
+
+#define test(x) \
+ do { \
+ sm4_printf("%-30s", (x)); \
+ fflush(stdout); \
+ } while (0)
+
+#define result(x) \
+ do { \
+ sm4_printf("%s\n", (x) == 0 ? "PASS" : "FAIL"); \
+ fflush(stdout); \
+ } while(0)
+
+
+void sm4_setkey(struct sm4_key *sm4, const unsigned char *key)
+{
+ int i;
+
+ mk2rk(sm4->ek,(void*)key);
+ /*swap key sequence when decrypt cipher*/
+ for (i = 0; i < 32; ++i)
+ sm4->dk[i] = sm4->ek[32 - 1 - i];
+}
+
+int sm4_setup(const unsigned char *key, int keylen,
+ int num_rounds, symmetric_key *skey)
+{
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(skey != NULL);
+ if (num_rounds != 0 && num_rounds != 32)
+ return CRYPT_INVALID_ROUNDS;
+ if (keylen != 16)
+ return CRYPT_INVALID_KEYSIZE;
+ sm4_setkey(&(skey->sm4), key);
+ return CRYPT_OK;
+}
+
+/*
+ * SM4 encryption.
+ */
+static void sm4_do(void *output, const void *input, const sm4_u32_t rk[32])
+{
+ sm4_u32_t Y[4];
+ sm4_u32_t X[32+4];
+ int i;
+
+ for (i = 0; i < 4; ++i)
+ X[i] = byte2u32((sm4_u8_t *)input + i * 4);
+
+ encrypt(Y, X, rk);
+ for (i = 0; i < 4; ++i)
+ u322byte((sm4_u8_t *)output + i * 4, Y[i]);
+}
+
+/*
+ * User interface
+ */
+static void sm4_encrypt(const void *input, void *output,
+ const sm4_u32_t key[32])
+{
+ sm4_do(output, input, key);
+}
+
+/*
+ * User interface
+ */
+static void sm4_decrypt(const void *input, void *output,
+ const sm4_u32_t key[32])
+{
+ sm4_do(output, input, key);
+}
+
+int sm4_ecb_encrypt(const unsigned char *pt, unsigned char *ct,
+ const symmetric_key *skey)
+{
+ LTC_ARGCHK(pt != NULL);
+ LTC_ARGCHK(ct != NULL);
+ LTC_ARGCHK(skey != NULL);
+ sm4_encrypt(pt, ct, skey->sm4.ek);
+ return CRYPT_OK;
+}
+int sm4_ecb_decrypt(const unsigned char *ct, unsigned char *pt,
+ const symmetric_key *skey)
+{
+ LTC_ARGCHK(pt != NULL);
+ LTC_ARGCHK(ct != NULL);
+ LTC_ARGCHK(skey != NULL);
+ sm4_decrypt(ct, pt, skey->sm4.dk);
+ return CRYPT_OK;
+}
+
+void sm4_done(symmetric_key *skey)
+{
+ LTC_UNUSED_PARAM(skey);
+}
+int sm4_keysize(int *keysize)
+{
+ LTC_ARGCHK(keysize != NULL);
+ if(*keysize < 16) {
+ return CRYPT_INVALID_KEYSIZE;
+ }
+ *keysize = 16;
+ return CRYPT_OK;
+}
+
+/*
+ int sm4_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+ int sm4_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
+ int sm4_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
+ int sm4_test(void);
+ void sm4_done(symmetric_key *skey);
+ int sm4_keysize(int *keysize);
+ */
+/*
+ * libtomcrypt interface is used
+ */
+static int sm4_self_test_ltc(void)
+{
+ int result;
+ int ret;
+ int i;
+ int keysize;
+ symmetric_key skey;
+
+ sm4_u8_t output[16];
+ sm4_u8_t plaintext[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+ };
+ sm4_u8_t key[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10,
+ };
+ sm4_u8_t ciphertext[] = {
+ 0x68, 0x1E, 0xDF, 0x34, 0xD2, 0x06, 0x96, 0x5E,
+ 0x86, 0xB3, 0xE9, 0x4F, 0x53, 0x6E, 0x42, 0x46,
+ };
+ sm4_u8_t ciphertext_1000000t[] = {
+ 0x59, 0x52, 0x98, 0xC7, 0xC6, 0xFD, 0x27, 0x1F,
+ 0x04, 0x02, 0xF8, 0x04, 0xC3, 0x3D, 0x3F, 0x66,
+ };
+
+ result = 0;
+
+ sm4_printf("SM4 Self Test\n");
+
+ sm4_setup(key, sizeof(key), 32, &skey);
+
+ /*A.1 example 1*/
+ test("single encryption");
+ sm4_ecb_encrypt(plaintext, output, &skey);
+ ret = sm4_memcmp(output, ciphertext, 16);
+ result |= (!!ret) << 0;
+ result(ret);
+
+ test("single decryption");
+ sm4_ecb_decrypt(ciphertext, output, &skey);
+ ret = sm4_memcmp(output, plaintext, 16);
+ result |= (!!ret) << 1;
+ result(ret);
+
+ /*A.2 example 2*/
+ test("1000000 times encryption");
+ sm4_memcpy(output, plaintext, 16);
+ for (i = 0; i < 1000000; ++i)
+ sm4_ecb_encrypt(output, output, &skey);
+ ret = sm4_memcmp(output, ciphertext_1000000t, 16);
+ result |= (!!ret) << 2;
+ result(ret);
+
+ test("1000000 times decryption");
+ sm4_memcpy(output, ciphertext_1000000t, 16);
+ for (i = 0; i < 1000000; ++i)
+ sm4_ecb_decrypt(output, output, &skey);
+ ret = sm4_memcmp(output, plaintext, 16);
+ result |= (!!ret) << 3;
+ result(ret);
+
+ test("checking key size");
+ keysize = 128;
+ ret = sm4_keysize(&keysize) == CRYPT_OK ? 0 : 1;
+ ret |= keysize == 16 ? 0 : 1 << 1;
+ result |= (!!ret) << 4;
+ result(ret);
+
+ sm4_done(&skey);
+
+ return result == 0 ? CRYPT_OK : CRYPT_ERROR;
+}
+
+int sm4_test(void)
+{
+#ifndef LTC_TEST
+ return CRYPT_NOP;
+#else
+ return sm4_self_test_ltc();
+#endif
+}
+
+const struct ltc_cipher_descriptor sm4_desc = {
+ "sm4",
+ 127,
+ 16, 16, 16, 32,
+ &sm4_setup,
+ &sm4_ecb_encrypt,
+ &sm4_ecb_decrypt,
+ &sm4_test,
+ &sm4_done,
+ &sm4_keysize,
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+};
+
+#endif /*LTC_SM4*/
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
+
diff --git a/src/headers/tomcrypt_cipher.h b/src/headers/tomcrypt_cipher.h
index 90573b3f0..03e53df67 100644
--- a/src/headers/tomcrypt_cipher.h
+++ b/src/headers/tomcrypt_cipher.h
@@ -106,6 +106,12 @@ struct des3_key {
};
#endif
+#ifdef LTC_SM4
+struct sm4_key {
+ ulong32 ek[32], dk[32];
+};
+#endif
+
#ifdef LTC_CAST5
struct cast5_key {
ulong32 K[32], keylen;
@@ -176,6 +182,9 @@ typedef union Symmetric_key {
struct des_key des;
struct des3_key des3;
#endif
+#ifdef LTC_SM4
+ struct sm4_key sm4;
+#endif
#ifdef LTC_RC2
struct rc2_key rc2;
#endif
@@ -748,6 +757,16 @@ int des3_keysize(int *keysize);
extern const struct ltc_cipher_descriptor des_desc, des3_desc;
#endif
+#ifdef LTC_SM4
+int sm4_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int sm4_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
+int sm4_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
+int sm4_test(void);
+void sm4_done(symmetric_key *skey);
+int sm4_keysize(int *keysize);
+extern const struct ltc_cipher_descriptor sm4_desc;
+#endif
+
#ifdef LTC_CAST5
int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h
index aedf08bc3..a528ce950 100644
--- a/src/headers/tomcrypt_custom.h
+++ b/src/headers/tomcrypt_custom.h
@@ -81,6 +81,7 @@
#define LTC_RIJNDAEL
#define LTC_BLOWFISH
#define LTC_DES
+ #define LTC_SM4
#define LTC_CAST5
#define LTC_NO_MODES
@@ -194,6 +195,7 @@
/* #define LTC_TWOFISH_SMALL */
/* LTC_DES includes EDE triple-DES */
#define LTC_DES
+#define LTC_SM4
#define LTC_CAST5
#define LTC_NOEKEON
#define LTC_SKIPJACK
diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c
index b6b25c1e2..a73a5770e 100644
--- a/src/misc/crypt/crypt.c
+++ b/src/misc/crypt/crypt.c
@@ -91,6 +91,9 @@ const char *crypt_build_settings =
#if defined(LTC_DES)
" DES\n"
#endif
+#if defined(LTC_SM4)
+ " SM4\n"
+#endif
#if defined(LTC_CAST5)
" CAST5\n"
#endif
diff --git a/src/misc/crypt/crypt_register_all_ciphers.c b/src/misc/crypt/crypt_register_all_ciphers.c
index d2512e034..d0e39e3ff 100644
--- a/src/misc/crypt/crypt_register_all_ciphers.c
+++ b/src/misc/crypt/crypt_register_all_ciphers.c
@@ -65,6 +65,9 @@ int register_all_ciphers(void)
REGISTER_CIPHER(&des_desc);
REGISTER_CIPHER(&des3_desc);
#endif
+#ifdef LTC_SM4
+ REGISTER_CIPHER(&sm4_desc);
+#endif
#ifdef LTC_CAST5
REGISTER_CIPHER(&cast5_desc);
#endif
diff --git a/src/misc/crypt/crypt_sizes.c b/src/misc/crypt/crypt_sizes.c
index e34197ea8..0c34e668c 100644
--- a/src/misc/crypt/crypt_sizes.c
+++ b/src/misc/crypt/crypt_sizes.c
@@ -98,6 +98,9 @@ static const crypt_size _crypt_sizes[] = {
_SZ_STRINGIFY_S(des_key),
_SZ_STRINGIFY_S(des3_key),
#endif
+#ifdef LTC_SM4
+ _SZ_STRINGIFY_S(sm4_key),
+#endif
#ifdef LTC_IDEA
_SZ_STRINGIFY_S(idea_key),
#endif
diff --git a/tests/test.c b/tests/test.c
index 87414db5d..25935d0e7 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -153,6 +153,9 @@ static void _unregister_all(void)
unregister_cipher(&des_desc);
unregister_cipher(&des3_desc);
#endif
+#ifdef LTC_SM4
+ unregister_cipher(&sm4_desc);
+#endif
#ifdef LTC_CAST5
unregister_cipher(&cast5_desc);
#endif