sm2

package
v1.0.5013 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: Apache-2.0 Imports: 17 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// default Signer Opts
	DefaultSignerOpts = SignerOpts{
		Uid:  defaultUID,
		Hash: sm3.New,
	}

	// default Encrypter Opts
	DefaultEncrypterOpts = EncrypterOpts{
		Mode: C1C3C2,
		Hash: sm3.New,
	}
)

Functions

func CalculateHash added in v1.0.5009

func CalculateHash(pub *PublicKey, h hashFunc, msg, uid []byte) ([]byte, error)

Calculate Hash

func CalculateZA added in v1.0.2047

func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)

CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)

func CalculateZALegacy added in v1.0.2063

func CalculateZALegacy(pub *PublicKey, h hashFunc, uid []byte) ([]byte, error)

CalculateZALegacy ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)

func Compress

func Compress(pub *PublicKey) []byte

压缩公钥 Compress PublicKey struct

func Decrypt

func Decrypt(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析字节拼接格式的密文内容 Decrypt bytes marshal data

func DecryptASN1 added in v1.0.2042

func DecryptASN1(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析 asn.1 编码格式的密文内容 Decrypt asn.1 marshal data

func Encrypt

func Encrypt(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回字节拼接格式的密文内容 Encrypted and return bytes data

func EncryptASN1 added in v1.0.2042

func EncryptASN1(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回 asn.1 编码格式的密文内容 Encrypted and return asn.1 data

func EncryptASN1UsingK added in v1.0.5009

func EncryptASN1UsingK(k *big.Int, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypted use k and return asn.1 data

func EncryptUsingK added in v1.0.5009

func EncryptUsingK(k *big.Int, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypted use k and return bytes data

func KeyExchangeA

func KeyExchangeA(klen int, ida, idb []byte, priA *PrivateKey, pubB *PublicKey, rpri *PrivateKey, rpubB *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeA 协商第二部,用户A调用,返回共享密钥k

func KeyExchangeB

func KeyExchangeB(klen int, ida, idb []byte, priB *PrivateKey, pubA *PublicKey, rpri *PrivateKey, rpubA *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeB 协商第二部,用户B调用, 返回共享密钥k

func MarshalPrivateKey

func MarshalPrivateKey(key *PrivateKey) ([]byte, error)

func MarshalPublicKey

func MarshalPublicKey(key *PublicKey) ([]byte, error)

func MarshalSM2PrivateKey

func MarshalSM2PrivateKey(key *PrivateKey) ([]byte, error)

MarshalSM2PrivateKey converts an SM2 private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY". For a more flexible key format which is not SM2 specific, use MarshalPKCS8PrivateKey.

func MarshalSignatureASN1 added in v1.0.2047

func MarshalSignatureASN1(r, s *big.Int) ([]byte, error)

asn.1 编码

func MarshalSignatureBytes added in v1.0.3010

func MarshalSignatureBytes(curve elliptic.Curve, r, s *big.Int) ([]byte, error)

拼接编码

func P256 added in v1.0.2047

func P256() elliptic.Curve

sm2 p256

func PrivateKeyTo added in v1.0.3022

func PrivateKeyTo(key *PrivateKey) []byte

输出私钥明文 output PrivateKey data

func PublicKeyTo added in v1.0.3022

func PublicKeyTo(key *PublicKey) []byte

输出公钥明文 output PublicKey data

func Sign

func Sign(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 asn.1 编码数据 sign data and return asn.1 marshal data

func SignBytes added in v1.0.2053

func SignBytes(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 sign data and return Bytes marshal data

func SignBytesUsingK added in v1.0.5009

func SignBytesUsingK(k *big.Int, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

sign data use k and return Bytes marshal data

func SignLegacy added in v1.0.2063

func SignLegacy(random io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

sm2 sign legacy

func SignLegacyUsingK added in v1.0.5009

func SignLegacyUsingK(k *big.Int, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

sm2 sign legacy use k

func SignToRS added in v1.0.2053

func SignToRS(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)

sm2 sign with SignerOpts

func SignUsingK added in v1.0.5009

func SignUsingK(k *big.Int, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

sign data use k and return asn.1 marshal data

func SignUsingKToRS added in v1.0.5009

func SignUsingKToRS(k *big.Int, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)

sm2 sign use k with SignerOpts

func UnmarshalSignatureASN1 added in v1.0.2047

func UnmarshalSignatureASN1(sign []byte) (r, s *big.Int, err error)

func UnmarshalSignatureBytes added in v1.0.3010

func UnmarshalSignatureBytes(curve elliptic.Curve, sign []byte) (r, s *big.Int, err error)

func Verify

func Verify(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data

func VerifyBytes added in v1.0.2053

func VerifyBytes(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data

func VerifyLegacy added in v1.0.2063

func VerifyLegacy(pub *PublicKey, hash []byte, r, s *big.Int) bool

sm2 verify legacy

func VerifyWithRS added in v1.0.2053

func VerifyWithRS(pub *PublicKey, msg []byte, r, s *big.Int, opts crypto.SignerOpts) bool

sm2 verify with SignerOpts

Types

type Encoding added in v1.0.3007

type Encoding uint

数据编码方式 marshal data mode

const (
	EncodingASN1 Encoding = 1 + iota
	EncodingBytes
)

type EncrypterOpts

type EncrypterOpts struct {
	Mode     Mode
	Hash     hashFunc
	Encoding Encoding
}

加密设置 Encrypter Opts

func (EncrypterOpts) GetEncoding added in v1.0.3007

func (this EncrypterOpts) GetEncoding() Encoding

func (EncrypterOpts) GetHash added in v1.0.2052

func (this EncrypterOpts) GetHash() hashFunc

func (EncrypterOpts) GetMode added in v1.0.2052

func (this EncrypterOpts) GetMode() Mode

type KeyExchange added in v1.0.2052

type KeyExchange struct {
	// contains filtered or unexported fields
}

KeyExchange key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> Init -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> Repond -> transmission -> ConfirmInitiator

func NewKeyExchange added in v1.0.2052

func NewKeyExchange(priv *PrivateKey, peerPub *PublicKey, uid, peerUID []byte, keyLen int, genSignature bool) (ke *KeyExchange, err error)

NewKeyExchange create one new KeyExchange object

func (*KeyExchange) ConfirmInitiator added in v1.0.2052

func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)

ConfirmInitiator for responder's step B10

func (*KeyExchange) ConfirmResponder added in v1.0.2052

func (ke *KeyExchange) ConfirmResponder(rB *PublicKey, sB []byte) ([]byte, []byte, error)

ConfirmResponder for initiator's step A4-A10, returns keying data and optional signature.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

If the peer's signature is not empty, then it will also validate the peer's signature and return generated signature depends on KeyExchange.genSignature value.

func (*KeyExchange) Init added in v1.0.2052

func (ke *KeyExchange) Init(random io.Reader) (*PublicKey, error)

Init is for initiator's step A1-A3, returns generated Ephemeral Public Key which will be passed to Reponder.

func (*KeyExchange) Repond added in v1.0.2052

func (ke *KeyExchange) Repond(random io.Reader, rA *PublicKey) (*PublicKey, []byte, error)

Repond is for responder's step B1-B8, returns generated Ephemeral Public Key and optional signature depends on KeyExchange.genSignature value.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

func (*KeyExchange) Reset added in v1.0.2052

func (ke *KeyExchange) Reset()

Reset clear all internal state and Ephemeral private/public keys.

func (*KeyExchange) SetPeerParameters added in v1.0.2052

func (ke *KeyExchange) SetPeerParameters(peerPub *PublicKey, peerUID []byte) error

SetPeerParameters when need other param

type Mode

type Mode uint

加密后数据编码模式 Encrypted data encoding mode

const (
	C1C3C2 Mode = 1 + iota
	C1C2C3
)

type PrivateKey

type PrivateKey struct {
	PublicKey

	D *big.Int
}

SM2 PrivateKey

func GenerateKey

func GenerateKey(random io.Reader) (*PrivateKey, error)

生成私钥证书 generate PrivateKey

func NewPrivateKey

func NewPrivateKey(d []byte) (*PrivateKey, error)

根据私钥明文初始化私钥 New a PrivateKey from privatekey data

func ParsePrivateKey

func ParsePrivateKey(der []byte) (*PrivateKey, error)

func ParseSM2PrivateKey

func ParseSM2PrivateKey(der []byte) (*PrivateKey, error)

ParseSM2PrivateKey parses an SM2 private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY".

func (*PrivateKey) Decrypt

func (priv *PrivateKey) Decrypt(_ io.Reader, data []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)

crypto.Decrypter

func (*PrivateKey) DecryptASN1 added in v1.0.2042

func (priv *PrivateKey) DecryptASN1(data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Decrypt with ASN1

func (*PrivateKey) Equal

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*PrivateKey) Public

func (priv *PrivateKey) Public() crypto.PublicKey

The SM2's private key contains the public key

func (*PrivateKey) Sign

func (priv *PrivateKey) Sign(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

sign data and return asn.1 or bytes marshal data, default asn.1

func (*PrivateKey) SignBytes

func (priv *PrivateKey) SignBytes(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 bytes(r + s) sign data and return Bytes marshal data bytes(r + s)

func (*PrivateKey) SignBytesUsingK added in v1.0.5009

func (priv *PrivateKey) SignBytesUsingK(k *big.Int, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 bytes(r + s) sign data and return Bytes marshal data bytes(r + s)

func (*PrivateKey) SignUsingK added in v1.0.5009

func (priv *PrivateKey) SignUsingK(k *big.Int, msg []byte, opts crypto.SignerOpts) ([]byte, error)

sign data use k and return asn.1 or bytes marshal data, default asn.1

type PublicKey

type PublicKey struct {
	elliptic.Curve

	X, Y *big.Int
}

SM2 PublicKey

func Decompress

func Decompress(data []byte) (*PublicKey, error)

解缩公钥 Decompress PublicKey data

func NewPublicKey

func NewPublicKey(data []byte) (*PublicKey, error)

根据公钥明文初始化公钥 New a PublicKey from publicKey data

func ParsePublicKey

func ParsePublicKey(der []byte) (*PublicKey, error)

func (*PublicKey) Encrypt

func (pub *PublicKey) Encrypt(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt data

func (*PublicKey) EncryptASN1 added in v1.0.2042

func (pub *PublicKey) EncryptASN1(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with ASN1

func (*PublicKey) EncryptASN1UsingK added in v1.0.5009

func (pub *PublicKey) EncryptASN1UsingK(k *big.Int, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with ASN1

func (*PublicKey) EncryptUsingK added in v1.0.5009

func (pub *PublicKey) EncryptUsingK(k *big.Int, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt data use k

func (*PublicKey) Equal

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) Size added in v1.0.2069

func (pub *PublicKey) Size() int

Size returns the maximum length of the shared key the public key can produce.

func (*PublicKey) Verify

func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data ans1(r, s)

func (*PublicKey) VerifyBytes

func (pub *PublicKey) VerifyBytes(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data bytes(r + s)

type SignerOpts

type SignerOpts struct {
	Uid      []byte
	Hash     hashFunc
	Encoding Encoding
}

签名设置 Signer Opts

func (SignerOpts) GetEncoding added in v1.0.3007

func (this SignerOpts) GetEncoding() Encoding

func (SignerOpts) GetHash added in v1.0.2052

func (this SignerOpts) GetHash() hashFunc

func (SignerOpts) GetUid added in v1.0.2052

func (this SignerOpts) GetUid() []byte

func (SignerOpts) HashFunc

func (this SignerOpts) HashFunc() crypto.Hash

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL