sm2

package
v1.0.2054 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 14, 2024 License: Apache-2.0 Imports: 17 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// default Encrypter Opts
	DefaultEncrypterOpts = EncrypterOpts{
		Mode: C1C3C2,
		Hash: sm3.New,
	}

	// default Signer Opts
	DefaultSignerOpts = SignerOpts{
		Uid:  defaultUID,
		Hash: sm3.New,
	}
)

Functions

func CalculateZA added in v1.0.2047

func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)

CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)

func Compress

func Compress(pub *PublicKey) []byte

压缩公钥 Compress PublicKey struct

func Decrypt

func Decrypt(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析字节拼接格式的密文内容 Decrypt bytes marshal data

func DecryptASN1 added in v1.0.2042

func DecryptASN1(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析 asn.1 编码格式的密文内容 Decrypt asn.1 marshal data

func Encrypt

func Encrypt(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回字节拼接格式的密文内容 Encrypted and return bytes data

func EncryptASN1 added in v1.0.2042

func EncryptASN1(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回 asn.1 编码格式的密文内容 Encrypted and return asn.1 data

func KeyExchangeA

func KeyExchangeA(klen int, ida, idb []byte, priA *PrivateKey, pubB *PublicKey, rpri *PrivateKey, rpubB *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeA 协商第二部,用户A调用,返回共享密钥k

func KeyExchangeB

func KeyExchangeB(klen int, ida, idb []byte, priB *PrivateKey, pubA *PublicKey, rpri *PrivateKey, rpubA *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeB 协商第二部,用户B调用, 返回共享密钥k

func MarshalPrivateKey

func MarshalPrivateKey(key *PrivateKey) ([]byte, error)

func MarshalPublicKey

func MarshalPublicKey(key *PublicKey) ([]byte, error)

func MarshalSM2PrivateKey

func MarshalSM2PrivateKey(key *PrivateKey) ([]byte, error)

MarshalSM2PrivateKey converts an SM2 private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY". For a more flexible key format which is not SM2 specific, use MarshalPKCS8PrivateKey.

func MarshalSignatureASN1 added in v1.0.2047

func MarshalSignatureASN1(r, s *big.Int) ([]byte, error)

func P256 added in v1.0.2047

func P256() elliptic.Curve

sm2 p256

func Sign

func Sign(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 asn.1 编码数据 sign data and return asn.1 marshal data

func SignBytes added in v1.0.2053

func SignBytes(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 sign data and return Bytes marshal data

func SignToRS added in v1.0.2053

func SignToRS(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)

sm2 sign with SignerOpts

func ToPrivateKey

func ToPrivateKey(key *PrivateKey) []byte

输出私钥明文 output PrivateKey data

func ToPublicKey

func ToPublicKey(key *PublicKey) []byte

输出公钥明文 output PublicKey data

func UnmarshalSignatureASN1 added in v1.0.2047

func UnmarshalSignatureASN1(sign []byte) (r, s *big.Int, err error)

func Verify

func Verify(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data

func VerifyBytes added in v1.0.2053

func VerifyBytes(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data

func VerifyWithRS added in v1.0.2053

func VerifyWithRS(pub *PublicKey, msg []byte, r, s *big.Int, opts crypto.SignerOpts) error

sm2 verify with SignerOpts

Types

type EncrypterOpts

type EncrypterOpts struct {
	Mode Mode
	Hash hashFunc
}

加密设置 Encrypter Opts

func (EncrypterOpts) GetHash added in v1.0.2052

func (this EncrypterOpts) GetHash() hashFunc

func (EncrypterOpts) GetMode added in v1.0.2052

func (this EncrypterOpts) GetMode() Mode

type KeyExchange added in v1.0.2052

type KeyExchange struct {
	// contains filtered or unexported fields
}

KeyExchange key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> Init -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> Repond -> transmission -> ConfirmInitiator

func NewKeyExchange added in v1.0.2052

func NewKeyExchange(priv *PrivateKey, peerPub *PublicKey, uid, peerUID []byte, keyLen int, genSignature bool) (ke *KeyExchange, err error)

NewKeyExchange create one new KeyExchange object

func (*KeyExchange) ConfirmInitiator added in v1.0.2052

func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)

ConfirmInitiator for responder's step B10

func (*KeyExchange) ConfirmResponder added in v1.0.2052

func (ke *KeyExchange) ConfirmResponder(rB *PublicKey, sB []byte) ([]byte, []byte, error)

ConfirmResponder for initiator's step A4-A10, returns keying data and optional signature.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

If the peer's signature is not empty, then it will also validate the peer's signature and return generated signature depends on KeyExchange.genSignature value.

func (*KeyExchange) Init added in v1.0.2052

func (ke *KeyExchange) Init(random io.Reader) (*PublicKey, error)

Init is for initiator's step A1-A3, returns generated Ephemeral Public Key which will be passed to Reponder.

func (*KeyExchange) Repond added in v1.0.2052

func (ke *KeyExchange) Repond(random io.Reader, rA *PublicKey) (*PublicKey, []byte, error)

Repond is for responder's step B1-B8, returns generated Ephemeral Public Key and optional signature depends on KeyExchange.genSignature value.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

func (*KeyExchange) Reset added in v1.0.2052

func (ke *KeyExchange) Reset()

Reset clear all internal state and Ephemeral private/public keys.

func (*KeyExchange) SetPeerParameters added in v1.0.2052

func (ke *KeyExchange) SetPeerParameters(peerPub *PublicKey, peerUID []byte) error

SetPeerParameters when need other param

type Mode

type Mode uint

加密后数据编码模式 Encrypted data encoding mode

const (
	C1C3C2 Mode = iota
	C1C2C3
)

type PrivateKey

type PrivateKey struct {
	PublicKey
	D *big.Int
}

SM2 PrivateKey

func GenerateKey

func GenerateKey(random io.Reader) (*PrivateKey, error)

生成私钥证书 generate PrivateKey

func NewPrivateKey

func NewPrivateKey(d []byte) (*PrivateKey, error)

根据私钥明文初始化私钥 New a PrivateKey from privatekey data

func ParsePrivateKey

func ParsePrivateKey(der []byte) (*PrivateKey, error)

func ParseSM2PrivateKey

func ParseSM2PrivateKey(der []byte) (*PrivateKey, error)

ParseSM2PrivateKey parses an SM2 private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY".

func (*PrivateKey) Decrypt

func (priv *PrivateKey) Decrypt(_ io.Reader, data []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)

crypto.Decrypter

func (*PrivateKey) DecryptASN1 added in v1.0.2042

func (priv *PrivateKey) DecryptASN1(data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Decrypt with ASN1

func (*PrivateKey) Equal

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*PrivateKey) Public

func (priv *PrivateKey) Public() crypto.PublicKey

The SM2's private key contains the public key

func (*PrivateKey) Sign

func (priv *PrivateKey) Sign(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 asn.1 编码数据 sign data and return asn.1 marshal data

func (*PrivateKey) SignBytes

func (priv *PrivateKey) SignBytes(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 sign data and return Bytes marshal data

type PublicKey

type PublicKey struct {
	elliptic.Curve
	X, Y *big.Int
}

SM2 PublicKey

func Decompress

func Decompress(data []byte) (*PublicKey, error)

解缩公钥 Decompress PublicKey data

func NewPublicKey

func NewPublicKey(data []byte) (*PublicKey, error)

根据公钥明文初始化公钥 New a PublicKey from publicKey data

func ParsePublicKey

func ParsePublicKey(der []byte) (*PublicKey, error)

func (*PublicKey) Encrypt

func (pub *PublicKey) Encrypt(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with bytes

func (*PublicKey) EncryptASN1 added in v1.0.2042

func (pub *PublicKey) EncryptASN1(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with ASN1

func (*PublicKey) Equal

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) Verify

func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data

func (*PublicKey) VerifyBytes

func (pub *PublicKey) VerifyBytes(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data

type SignerOpts

type SignerOpts struct {
	Uid  []byte
	Hash hashFunc
}

签名设置 Signer Opts

func (SignerOpts) GetHash added in v1.0.2052

func (this SignerOpts) GetHash() hashFunc

func (SignerOpts) GetUid added in v1.0.2052

func (this SignerOpts) GetUid() []byte

func (SignerOpts) HashFunc

func (this SignerOpts) HashFunc() crypto.Hash

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL