sm9

package
v1.0.2069 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 25, 2024 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EncTypeXOR int = 0
	EncTypeECB int = 1
	EncTypeCBC int = 2
	EncTypeOFB int = 4
	EncTypeCFB int = 8
)
View Source 
const (
	// hashmode used in h1: 0x01
	H1 hashMode = iota + 1
	// hashmode used in h2: 0x02
	H2
)
View Source 
const DefaultEncryptHid byte = 0x03

默认 HID

View Source 
const DefaultSignHid byte = 0x01

默认 HID

Variables

View Source 
var (
	ErrDecryption = errors.New("sm9: decryption error")

	ErrEmptyPlaintext = errors.New("sm9: empty plaintext")
)
View Source 
var DefaultEncrypt = SM4CBCEncrypt
View Source 
var DefaultHash = HmacSHA256Hash

默认 Hash

View Source 
var DefaultOpts = &Opts{
	Encrypt: DefaultEncrypt,
	Hash:    DefaultHash,
}
View Source 
var HmacSHA256Hash = NewHashHmac(sha256.New)

HmacSHA256

View Source 
var HmacSM3Hash = NewHashHmac(sm3.New)

HmacSM3

View Source 
var SHA256Hash = NewHashMac(sha256.New)

SHA256Hash

View Source 
var SM3Hash = NewHashMac(sm3.New)

SM3Hash

View Source 
var SM4CBCEncrypt = NewCBCEncrypt(sm4.NewCipher, sm4.BlockSize)

SM4CBCEncrypt option represents SM4 CBC mode

View Source 
var SM4CFBEncrypt = NewCFBEncrypt(sm4.NewCipher, sm4.BlockSize)

SM4CFBEncrypt option represents SM4 CFB mode

View Source 
var SM4ECBEncrypt = NewECBEncrypt(sm4.NewCipher, sm4.BlockSize)

SM4ECBEncrypt option represents SM4 ECB mode

View Source 
var SM4OFBEncrypt = NewOFBEncrypt(sm4.NewCipher, sm4.BlockSize)

SM4OFBEncrypt option represents SM4 OFB mode

View Source 
var XorEncrypt = NewXOREncrypt()

XorEncrypt default option represents XOR mode

Functions

func Decrypt added in v1.0.2040 

func Decrypt(priv *EncryptPrivateKey, uid, ciphertext []byte, opts *Opts) ([]byte, error)

Decrypt

func DecryptASN1 added in v1.0.2040 

func DecryptASN1(priv *EncryptPrivateKey, uid, ciphertext []byte, opts *Opts) ([]byte, error)

func Encrypt added in v1.0.2040 

func Encrypt(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte, opts *Opts) ([]byte, error)

Encrypt

func EncryptASN1 added in v1.0.2040 

func EncryptASN1(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte, opts *Opts) ([]byte, error)

func Equal added in v1.0.2040 

func Equal(b1, b2 []byte) bool

func MarshalPrivateKey added in v1.0.2040 

func MarshalPrivateKey(key any) ([]byte, error)

func MarshalPublicKey added in v1.0.2040 

func MarshalPublicKey(key any) ([]byte, error)

func ParsePrivateKey added in v1.0.2040 

func ParsePrivateKey(der []byte) (any, error)

func ParsePublicKey added in v1.0.2040 

func ParsePublicKey(der []byte) (key any, err error)

func Sign 

func Sign(rand io.Reader, pri *SignPrivateKey, msg []byte) (h *big.Int, s *sm9curve.G1, err error)

sm9 sign algorithm: A1:compute g = e(P1,Ppub); A2:choose random num r in [1,n-1]; A3:compute w = g^r; A4:compute h = H2(M||w,n); A5:compute l = (r-h) mod n, if l = 0 goto A2; A6:compute S = l·sk.

func SignASN1 added in v1.0.2040 

func SignASN1(rand io.Reader, priv *SignPrivateKey, hash []byte) ([]byte, error)

func ToEncryptMasterPrivateKey added in v1.0.2040 

func ToEncryptMasterPrivateKey(priv *EncryptMasterPrivateKey) []byte

输出加密私钥明文

func ToEncryptMasterPublicKey added in v1.0.2040 

func ToEncryptMasterPublicKey(pub *EncryptMasterPublicKey) []byte

输出加密主公钥明文

func ToEncryptPrivateKey added in v1.0.2040 

func ToEncryptPrivateKey(priv *EncryptPrivateKey) []byte

输出明文

func ToSignMasterPrivateKey added in v1.0.2040 

func ToSignMasterPrivateKey(priv *SignMasterPrivateKey) []byte

输出签名主私钥明文

func ToSignMasterPublicKey added in v1.0.2040 

func ToSignMasterPublicKey(pub *SignMasterPublicKey) []byte

输出签名主公钥明文

func ToSignPrivateKey added in v1.0.2040 

func ToSignPrivateKey(priv *SignPrivateKey) []byte

输出签名私钥明文

func UnwrapKey added in v1.0.2040 

func UnwrapKey(priv *EncryptPrivateKey, uid []byte, cipher *sm9curve.G1, kLen int) ([]byte, error)

UnwrapKey unwraps key from cipher, user id and aligned key length

func Verify 

func Verify(pub *SignMasterPublicKey, id []byte, hid byte, msg []byte, h *big.Int, s *sm9curve.G1) bool

sm9 verify algorithm(given h',S', message M' and user's id): B1:compute g = e(P1,Ppub); B2:compute t = g^h'; B3:compute h1 = H1(id||hid,n); B4:compute P = h1·P2+Ppub; B5:compute u = e(S',P); B6:compute w' = u·t; B7:compute h2 = H2(M'||w',n), check if h2 = h'.

func VerifyASN1 added in v1.0.2040 

func VerifyASN1(pub *SignMasterPublicKey, uid []byte, hid byte, hash, sig []byte) bool

func WrapKey added in v1.0.2040 

func WrapKey(random io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, kLen int) (key []byte, C1 *sm9curve.G1, err error)

Types

type CBCEncrypt added in v1.0.2040 

type CBCEncrypt struct {
	// contains filtered or unexported fields
}

func (*CBCEncrypt) Decrypt added in v1.0.2040 

func (this *CBCEncrypt) Decrypt(key, ciphertext []byte) ([]byte, error)

func (*CBCEncrypt) Encrypt added in v1.0.2040 

func (this *CBCEncrypt) Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.

func (*CBCEncrypt) KeySize added in v1.0.2040 

func (this *CBCEncrypt) KeySize() int

func (*CBCEncrypt) Type added in v1.0.2040 

func (this *CBCEncrypt) Type() int

type CFBEncrypt added in v1.0.2040 

type CFBEncrypt struct {
	// contains filtered or unexported fields
}

CFBEncrypt represents CFB (Cipher Feedback) mode.

func (*CFBEncrypt) Decrypt added in v1.0.2040 

func (this *CFBEncrypt) Decrypt(key, ciphertext []byte) ([]byte, error)

func (*CFBEncrypt) Encrypt added in v1.0.2040 

func (this *CFBEncrypt) Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.

func (*CFBEncrypt) KeySize added in v1.0.2040 

func (this *CFBEncrypt) KeySize() int

func (*CFBEncrypt) Type added in v1.0.2040 

func (this *CFBEncrypt) Type() int

type ECBEncrypt added in v1.0.2040 

type ECBEncrypt struct {
	// contains filtered or unexported fields
}

ECBEncrypt represents ECB (Electronic Code Book) mode.

func (*ECBEncrypt) Decrypt added in v1.0.2040 

func (this *ECBEncrypt) Decrypt(key, ciphertext []byte) ([]byte, error)

func (*ECBEncrypt) Encrypt added in v1.0.2040 

func (this *ECBEncrypt) Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

func (*ECBEncrypt) KeySize added in v1.0.2040 

func (this *ECBEncrypt) KeySize() int

func (*ECBEncrypt) Type added in v1.0.2040 

func (this *ECBEncrypt) Type() int

type EncryptMasterPrivateKey added in v1.0.2040 

type EncryptMasterPrivateKey struct {
	EncryptMasterPublicKey
	D *big.Int
}

func GenerateEncryptMasterKey added in v1.0.2040 

func GenerateEncryptMasterKey(rand io.Reader) (mk *EncryptMasterPrivateKey, err error)

generate matser's secret encrypt key.

func NewEncryptMasterPrivateKey added in v1.0.2040 

func NewEncryptMasterPrivateKey(bytes []byte) (priv *EncryptMasterPrivateKey, err error)

解析加密主私钥明文

func (*EncryptMasterPrivateKey) Equal added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*EncryptMasterPrivateKey) GenerateUserKey added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) GenerateUserKey(id []byte, hid byte) (uk *EncryptPrivateKey, err error)

generate user's secret key.

func (*EncryptMasterPrivateKey) Marshal added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) Marshal() []byte

func (*EncryptMasterPrivateKey) Public added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*EncryptMasterPrivateKey) PublicKey added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) PublicKey() *EncryptMasterPublicKey

func (*EncryptMasterPrivateKey) Unmarshal added in v1.0.2040 

func (priv *EncryptMasterPrivateKey) Unmarshal(bytes []byte) (err error)

type EncryptMasterPublicKey added in v1.0.2040 

type EncryptMasterPublicKey struct {
	Mpk *sm9curve.G1
}

func NewEncryptMasterPublicKey added in v1.0.2040 

func NewEncryptMasterPublicKey(bytes []byte) (pub *EncryptMasterPublicKey, err error)

解析加密主公钥明文

func (*EncryptMasterPublicKey) Encrypt added in v1.0.2040 

func (pub *EncryptMasterPublicKey) Encrypt(rand io.Reader, uid []byte, hid byte, plaintext []byte, enc IEncrypt) ([]byte, error)

func (*EncryptMasterPublicKey) Equal added in v1.0.2040 

func (pub *EncryptMasterPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*EncryptMasterPublicKey) GenerateUserPublicKey added in v1.0.2040 

func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) (*sm9curve.G1, error)

func (*EncryptMasterPublicKey) Marshal added in v1.0.2040 

func (pub *EncryptMasterPublicKey) Marshal() []byte

func (*EncryptMasterPublicKey) MarshalCompress added in v1.0.2040 

func (pub *EncryptMasterPublicKey) MarshalCompress() []byte

func (*EncryptMasterPublicKey) Unmarshal added in v1.0.2040 

func (pub *EncryptMasterPublicKey) Unmarshal(bytes []byte) (err error)

func (*EncryptMasterPublicKey) UnmarshalCompress added in v1.0.2040 

func (pub *EncryptMasterPublicKey) UnmarshalCompress(bytes []byte) (err error)

type EncryptPrivateKey added in v1.0.2040 

type EncryptPrivateKey struct {
	Sk *sm9curve.G2
	EncryptMasterPublicKey
}

func GenerateEncryptUserKey added in v1.0.2040 

func GenerateEncryptUserKey(priv *EncryptMasterPrivateKey, id []byte, hid byte) (*EncryptPrivateKey, error)

generate user's secret encrypt key.

func NewEncryptPrivateKey added in v1.0.2040 

func NewEncryptPrivateKey(bytes []byte) (priv *EncryptPrivateKey, err error)

解析加密私钥明文

func (*EncryptPrivateKey) Decrypt added in v1.0.2040 

func (priv *EncryptPrivateKey) Decrypt(uid, msg []byte) (plaintext []byte, err error)

func (*EncryptPrivateKey) Equal added in v1.0.2040 

func (priv *EncryptPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*EncryptPrivateKey) Marshal added in v1.0.2040 

func (priv *EncryptPrivateKey) Marshal() []byte

func (*EncryptPrivateKey) Public added in v1.0.2040 

func (priv *EncryptPrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*EncryptPrivateKey) PublicKey added in v1.0.2040 

func (priv *EncryptPrivateKey) PublicKey() *EncryptMasterPublicKey

func (*EncryptPrivateKey) Unmarshal added in v1.0.2040 

func (priv *EncryptPrivateKey) Unmarshal(bytes []byte) (err error)

type HashHmac added in v1.0.2040 

type HashHmac struct {
	// contains filtered or unexported fields
}

func (*HashHmac) Mac added in v1.0.2041 

func (this *HashHmac) Mac(k, c []byte) []byte

func (*HashHmac) Size added in v1.0.2040 

func (this *HashHmac) Size() int

type HashMac added in v1.0.2040 

type HashMac struct {
	// contains filtered or unexported fields
}

func (*HashMac) Mac added in v1.0.2041 

func (this *HashMac) Mac(k, c []byte) []byte

func (*HashMac) Size added in v1.0.2040 

func (this *HashMac) Size() int

type IEncrypt added in v1.0.2040 

type IEncrypt interface {
	// Type
	Type() int

	// KeySize
	KeySize() int

	// Encrypt
	Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

	// Decrypt
	Decrypt(key, ciphertext []byte) ([]byte, error)
}

IEncrypt

func GetEncryptType added in v1.0.2040 

func GetEncryptType(encType int) IEncrypt

func NewCBCEncrypt added in v1.0.2040 

func NewCBCEncrypt(cipherFunc cipherFunc, keySize int) IEncrypt

func NewCFBEncrypt added in v1.0.2040 

func NewCFBEncrypt(cipherFunc cipherFunc, keySize int) IEncrypt

func NewECBEncrypt added in v1.0.2040 

func NewECBEncrypt(cipherFunc cipherFunc, keySize int) IEncrypt

func NewOFBEncrypt added in v1.0.2040 

func NewOFBEncrypt(cipherFunc cipherFunc, keySize int) IEncrypt

func NewXOREncrypt added in v1.0.2040 

func NewXOREncrypt() IEncrypt

type IHash added in v1.0.2040 

type IHash interface {
	// Size
	Size() int

	// Mac
	Mac(k, c []byte) []byte
}

IHash

func NewHashHmac added in v1.0.2040 

func NewHashHmac(h func() go_hash.Hash) IHash

func NewHashMac added in v1.0.2040 

func NewHashMac(h func() go_hash.Hash) IHash

type KeyExchange added in v1.0.2040 

type KeyExchange struct {
	// contains filtered or unexported fields
}

KeyExchange represents key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> InitKeyExchange -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> Repond -> transmission -> ConfirmInitiator

func NewKeyExchange added in v1.0.2040 

func NewKeyExchange(priv *EncryptPrivateKey, uid, peerUID []byte, keyLen int, genSignature bool) *KeyExchange

NewKeyExchange creates one new KeyExchange object

func (*KeyExchange) ConfirmInitiator added in v1.0.2040 

func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)

ConfirmInitiator for responder's step B8

func (*KeyExchange) ConfirmResponder added in v1.0.2040 

func (ke *KeyExchange) ConfirmResponder(rB *sm9curve.G1, sB []byte) ([]byte, []byte, error)

ConfirmResponder for initiator's step A5-A7

func (*KeyExchange) Init added in v1.0.2052 

func (ke *KeyExchange) Init(rand io.Reader, hid byte) (*sm9curve.G1, error)

Init generates random with responder uid, for initiator's step A1-A4

func (*KeyExchange) Repond added in v1.0.2052 

func (ke *KeyExchange) Repond(rand io.Reader, hid byte, rA *sm9curve.G1) (*sm9curve.G1, []byte, error)

Repond when responder receive rA, for responder's step B1-B7

func (*KeyExchange) Reset added in v1.0.2040 

func (ke *KeyExchange) Reset()

Reset clears all internal state and Ephemeral private/public keys

type OFBEncrypt added in v1.0.2040 

type OFBEncrypt struct {
	// contains filtered or unexported fields
}

OFBEncrypt represents OFB (Output Feedback) mode.

func (*OFBEncrypt) Decrypt added in v1.0.2040 

func (this *OFBEncrypt) Decrypt(key, ciphertext []byte) ([]byte, error)

func (*OFBEncrypt) Encrypt added in v1.0.2040 

func (this *OFBEncrypt) Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.

func (*OFBEncrypt) KeySize added in v1.0.2040 

func (this *OFBEncrypt) KeySize() int

func (*OFBEncrypt) Type added in v1.0.2040 

func (this *OFBEncrypt) Type() int

type Opts added in v1.0.2040 

type Opts struct {
	Encrypt IEncrypt
	Hash    IHash
}

type SignMasterPrivateKey added in v1.0.2040 

type SignMasterPrivateKey struct {
	SignMasterPublicKey
	D *big.Int
}

SignMasterPrivateKey contains a master secret key and a master public key.

func GenerateSignMasterKey added in v1.0.2040 

func GenerateSignMasterKey(rand io.Reader) (mk *SignMasterPrivateKey, err error)

generate master key for KGC(Key Generate Center).

func NewSignMasterPrivateKey added in v1.0.2040 

func NewSignMasterPrivateKey(bytes []byte) (priv *SignMasterPrivateKey, err error)

解析签名主私钥明文

func (*SignMasterPrivateKey) Equal added in v1.0.2040 

func (priv *SignMasterPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*SignMasterPrivateKey) GenerateUserKey added in v1.0.2040 

func (priv *SignMasterPrivateKey) GenerateUserKey(id []byte, hid byte) (uk *SignPrivateKey, err error)

generate user's secret key.

func (*SignMasterPrivateKey) Marshal added in v1.0.2040 

func (priv *SignMasterPrivateKey) Marshal() []byte

func (*SignMasterPrivateKey) Public added in v1.0.2040 

func (priv *SignMasterPrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*SignMasterPrivateKey) PublicKey added in v1.0.2040 

func (priv *SignMasterPrivateKey) PublicKey() *SignMasterPublicKey

func (*SignMasterPrivateKey) Unmarshal added in v1.0.2040 

func (priv *SignMasterPrivateKey) Unmarshal(bytes []byte) (err error)

type SignMasterPublicKey added in v1.0.2040 

type SignMasterPublicKey struct {
	Mpk *sm9curve.G2
}

G2Bytes = G2.Marshal()

func NewSignMasterPublicKey added in v1.0.2040 

func NewSignMasterPublicKey(bytes []byte) (pub *SignMasterPublicKey, err error)

解析签名主公钥明文

func (*SignMasterPublicKey) Equal added in v1.0.2040 

func (pub *SignMasterPublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*SignMasterPublicKey) GenerateUserPublicKey added in v1.0.2040 

func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) (*sm9curve.G2, error)

func (*SignMasterPublicKey) Marshal added in v1.0.2040 

func (pub *SignMasterPublicKey) Marshal() []byte

func (*SignMasterPublicKey) MarshalCompress added in v1.0.2040 

func (pub *SignMasterPublicKey) MarshalCompress() []byte

压缩明文

func (*SignMasterPublicKey) Unmarshal added in v1.0.2040 

func (pub *SignMasterPublicKey) Unmarshal(bytes []byte) (err error)

func (*SignMasterPublicKey) UnmarshalCompress added in v1.0.2040 

func (pub *SignMasterPublicKey) UnmarshalCompress(bytes []byte) (err error)

解压缩明文

func (*SignMasterPublicKey) Verify added in v1.0.2040 

func (pub *SignMasterPublicKey) Verify(uid []byte, hid byte, hash, sig []byte) bool

type SignPrivateKey added in v1.0.2040 

type SignPrivateKey struct {
	Sk *sm9curve.G1
	SignMasterPublicKey
}

SignPrivateKey contains a secret key. G1Bytes = G1.Marshal()

func GenerateSignUserKey added in v1.0.2040 

func GenerateSignUserKey(mk *SignMasterPrivateKey, id []byte, hid byte) (*SignPrivateKey, error)

generate user's secret key.

func NewSignPrivateKey added in v1.0.2040 

func NewSignPrivateKey(bytes []byte) (priv *SignPrivateKey, err error)

解析签名私钥明文

func (*SignPrivateKey) Equal added in v1.0.2040 

func (priv *SignPrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*SignPrivateKey) Marshal added in v1.0.2040 

func (priv *SignPrivateKey) Marshal() []byte

func (*SignPrivateKey) Public added in v1.0.2040 

func (priv *SignPrivateKey) Public() crypto.PublicKey

Public returns the public key corresponding to priv.

func (*SignPrivateKey) PublicKey added in v1.0.2040 

func (priv *SignPrivateKey) PublicKey() *SignMasterPublicKey

func (*SignPrivateKey) Sign added in v1.0.2040 

func (priv *SignPrivateKey) Sign(rand io.Reader, hash []byte) ([]byte, error)

Sign

func (*SignPrivateKey) Unmarshal added in v1.0.2040 

func (priv *SignPrivateKey) Unmarshal(bytes []byte) (err error)

type XOREncrypt added in v1.0.2040 

type XOREncrypt struct{}

XOREncrypt represents XOR mode.

func (*XOREncrypt) Decrypt added in v1.0.2040 

func (this *XOREncrypt) Decrypt(key, ciphertext []byte) ([]byte, error)

func (*XOREncrypt) Encrypt added in v1.0.2040 

func (this *XOREncrypt) Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error)

func (*XOREncrypt) KeySize added in v1.0.2040 

func (this *XOREncrypt) KeySize() int

func (*XOREncrypt) Type added in v1.0.2040 

func (this *XOREncrypt) Type() int

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.