Documentation ¶
Overview ¶
Package sm9 implements ShangMi(SM) sm9 digital signature, encryption and key exchange algorithms.
Index ¶
- Constants
- Variables
- func Decrypt(priv *EncryptPrivateKey, uid, ciphertext []byte, opts EncrypterOpts) ([]byte, error)
- func DecryptASN1(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error)
- func Encrypt(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, ...) ([]byte, error)
- func EncryptASN1(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, ...) ([]byte, error)
- func Sign(rand io.Reader, priv *SignPrivateKey, hash []byte) (h *big.Int, s *bn256.G1, err error)
- func SignASN1(rand io.Reader, priv *SignPrivateKey, hash []byte) ([]byte, error)
- func UnmarshalSM9KeyPackage(der []byte) ([]byte, *bn256.G1, error)
- func UnwrapKey(priv *EncryptPrivateKey, uid []byte, cipher *bn256.G1, kLen int) ([]byte, error)
- func Verify(pub *SignMasterPublicKey, uid []byte, hid byte, hash []byte, h *big.Int, ...) bool
- func VerifyASN1(pub *SignMasterPublicKey, uid []byte, hid byte, hash, sig []byte) bool
- func WrapKey(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, kLen int) (key []byte, cipher *bn256.G1, err error)
- type CBCEncrypterOpts
- type CFBEncrypterOpts
- type ECBEncrypterOpts
- type EncryptMasterPrivateKey
- func (master *EncryptMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*EncryptPrivateKey, error)
- func (master *EncryptMasterPrivateKey) MarshalASN1() ([]byte, error)
- func (master *EncryptMasterPrivateKey) Public() *EncryptMasterPublicKey
- func (master *EncryptMasterPrivateKey) UnmarshalASN1(der []byte) error
- type EncryptMasterPublicKey
- func (pub *EncryptMasterPublicKey) Encrypt(rand io.Reader, uid []byte, hid byte, plaintext []byte, opts EncrypterOpts) ([]byte, error)
- func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G1
- func (pub *EncryptMasterPublicKey) MarshalASN1() ([]byte, error)
- func (pub *EncryptMasterPublicKey) MarshalCompressedASN1() ([]byte, error)
- func (pub *EncryptMasterPublicKey) ParseFromPEM(data []byte) error
- func (pub *EncryptMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, error)
- func (pub *EncryptMasterPublicKey) UnmarshalASN1(der []byte) error
- func (pub *EncryptMasterPublicKey) UnmarshalRaw(bytes []byte) error
- func (pub *EncryptMasterPublicKey) WrapKey(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, []byte, error)
- func (pub *EncryptMasterPublicKey) WrapKeyASN1(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, error)
- type EncryptPrivateKey
- func (priv *EncryptPrivateKey) Decrypt(uid, ciphertext []byte, opts EncrypterOpts) ([]byte, error)
- func (priv *EncryptPrivateKey) DecryptASN1(uid, ciphertext []byte) ([]byte, error)
- func (priv *EncryptPrivateKey) MarshalASN1() ([]byte, error)
- func (priv *EncryptPrivateKey) MarshalCompressedASN1() ([]byte, error)
- func (priv *EncryptPrivateKey) MasterPublic() *EncryptMasterPublicKey
- func (priv *EncryptPrivateKey) SetMasterPublicKey(pub *EncryptMasterPublicKey)
- func (priv *EncryptPrivateKey) UnmarshalASN1(der []byte) error
- func (priv *EncryptPrivateKey) UnmarshalRaw(bytes []byte) error
- func (priv *EncryptPrivateKey) UnwrapKey(uid, cipherDer []byte, kLen int) ([]byte, error)
- type EncrypterOpts
- func NewCBCEncrypterOpts(padding padding.Padding, newCipher newCipher, keySize int) EncrypterOpts
- func NewCFBEncrypterOpts(newCipher newCipher, keySize int) EncrypterOpts
- func NewECBEncrypterOpts(padding padding.Padding, newCipher newCipher, keySize int) EncrypterOpts
- func NewOFBEncrypterOpts(newCipher newCipher, keySize int) EncrypterOpts
- type KeyExchange
- func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)
- func (ke *KeyExchange) ConfirmResponder(rB *bn256.G1, sB []byte) ([]byte, []byte, error)
- func (ke *KeyExchange) Destroy()
- func (ke *KeyExchange) InitKeyExchange(rand io.Reader, hid byte) (*bn256.G1, error)
- func (ke *KeyExchange) RepondKeyExchange(rand io.Reader, hid byte, rA *bn256.G1) (*bn256.G1, []byte, error)
- type OFBEncrypterOpts
- type SignMasterPrivateKey
- type SignMasterPublicKey
- func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G2
- func (pub *SignMasterPublicKey) MarshalASN1() ([]byte, error)
- func (pub *SignMasterPublicKey) MarshalCompressedASN1() ([]byte, error)
- func (pub *SignMasterPublicKey) ParseFromPEM(data []byte) error
- func (pub *SignMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, error)
- func (pub *SignMasterPublicKey) UnmarshalASN1(der []byte) error
- func (pub *SignMasterPublicKey) UnmarshalRaw(bytes []byte) error
- func (pub *SignMasterPublicKey) Verify(uid []byte, hid byte, hash, sig []byte) bool
- type SignPrivateKey
- func (priv *SignPrivateKey) MarshalASN1() ([]byte, error)
- func (priv *SignPrivateKey) MarshalCompressedASN1() ([]byte, error)
- func (priv *SignPrivateKey) MasterPublic() *SignMasterPublicKey
- func (priv *SignPrivateKey) SetMasterPublicKey(pub *SignMasterPublicKey)
- func (priv *SignPrivateKey) Sign(rand io.Reader, hash []byte, opts crypto.SignerOpts) ([]byte, error)
- func (priv *SignPrivateKey) UnmarshalASN1(der []byte) error
- func (priv *SignPrivateKey) UnmarshalRaw(bytes []byte) error
- type XOREncrypterOpts
Examples ¶
Constants ¶
const ( // hashmode used in h1: 0x01 H1 hashMode = 1 + iota // hashmode used in h2: 0x02 H2 )
const ( ENC_TYPE_XOR encryptType = 0 ENC_TYPE_ECB encryptType = 1 ENC_TYPE_CBC encryptType = 2 ENC_TYPE_OFB encryptType = 4 ENC_TYPE_CFB encryptType = 8 )
Variables ¶
var DefaultEncrypterOpts = new(XOREncrypterOpts)
DefaultEncrypterOpts default option represents XOR mode
var ErrDecryption = errors.New("sm9: decryption error")
ErrDecryption represents a failure to decrypt a message. It is deliberately vague to avoid adaptive attacks.
var ErrEmptyPlaintext = errors.New("sm9: empty plaintext")
ErrEmptyPlaintext represents a failure to encrypt an empty message.
var SM4CBCEncrypterOpts = NewCBCEncrypterOpts(padding.NewPKCS7Padding(sm4.BlockSize), sm4.NewCipher, sm4.BlockSize)
SM4CBCEncrypterOpts option represents SM4 CBC mode
var SM4CFBEncrypterOpts = NewCFBEncrypterOpts(sm4.NewCipher, sm4.BlockSize)
SM4CFBEncrypterOpts option represents SM4 CFB mode
var SM4ECBEncrypterOpts = NewECBEncrypterOpts(padding.NewPKCS7Padding(sm4.BlockSize), sm4.NewCipher, sm4.BlockSize)
SM4ECBEncrypterOpts option represents SM4 ECB mode
var SM4OFBEncrypterOpts = NewOFBEncrypterOpts(sm4.NewCipher, sm4.BlockSize)
SM4OFBEncrypterOpts option represents SM4 OFB mode
Functions ¶
func Decrypt ¶ added in v0.13.0
func Decrypt(priv *EncryptPrivateKey, uid, ciphertext []byte, opts EncrypterOpts) ([]byte, error)
Decrypt decrypts chipher, the ciphertext should be with format C1||C3||C2
func DecryptASN1 ¶ added in v0.13.0
func DecryptASN1(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error)
DecryptASN1 decrypts chipher, the ciphertext should be with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.
func Encrypt ¶ added in v0.13.0
func Encrypt(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte, opts EncrypterOpts) ([]byte, error)
Encrypt encrypts plaintext, returns ciphertext with format C1||C3||C2.
func EncryptASN1 ¶ added in v0.13.0
func EncryptASN1(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte, opts EncrypterOpts) ([]byte, error)
EncryptASN1 encrypts plaintext and returns ciphertext with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.
func Sign ¶ added in v0.13.0
Sign signs a hash (which should be the result of hashing a larger message) using the user dsa key. It returns the signature as a pair of h and s. Please use SignASN1 instead.
The signature is randomized. Most applications should use crypto/rand.Reader as rand. Note that the returned signature does not depend deterministically on the bytes read from rand, and may change between calls and/or between versions.
func SignASN1 ¶ added in v0.13.0
SignASN1 signs a hash (which should be the result of hashing a larger message) using the private key, priv. It returns the ASN.1 encoded signature of type SM9Signature.
The signature is randomized. Most applications should use crypto/rand.Reader as rand. Note that the returned signature does not depend deterministically on the bytes read from rand, and may change between calls and/or between versions.
func UnmarshalSM9KeyPackage ¶ added in v0.13.0
UnmarshalSM9KeyPackage is an utility to unmarshal SM9KeyPackage
func Verify ¶ added in v0.13.0
func Verify(pub *SignMasterPublicKey, uid []byte, hid byte, hash []byte, h *big.Int, s *bn256.G1) bool
Verify verifies the signature in h, s of hash using the master dsa public key and user id, uid and hid. Its return value records whether the signature is valid. Please use VerifyASN1 instead.
func VerifyASN1 ¶ added in v0.13.0
func VerifyASN1(pub *SignMasterPublicKey, uid []byte, hid byte, hash, sig []byte) bool
VerifyASN1 verifies the ASN.1 encoded signature of type SM9Signature, sig, of hash using the public key, pub. Its return value records whether the signature is valid.
Example ¶
package main import ( "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // get master public key, can be from pem masterPubKey := new(sm9.SignMasterPublicKey) keyBytes, _ := hex.DecodeString("03818200049f64080b3084f733e48aff4b41b565011ce0711c5e392cfb0ab1b6791b94c40829dba116152d1f786ce843ed24a3b573414d2177386a92dd8f14d65696ea5e3269850938abea0112b57329f447e3a0cbad3e2fdb1a77f335e89e1408d0ef1c2541e00a53dda532da1a7ce027b7a46f741006e85f5cdff0730e75c05fb4e3216d") err := masterPubKey.UnmarshalASN1(keyBytes) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } hid := byte(0x01) uid := []byte("Alice") hash := []byte("Chinese IBS standard") sig, _ := hex.DecodeString("30660420b0d0c0bb1b57ea0d5b51cb5c96be850b8c2eef6b0fff5fcccb524b972574e6eb03420004901819575c9211c7b4e6e137794d23d0095608bcdad5c82dbff05777c5b49c763e4425acea2aaedf9e48d4784b4e4a5621cc3663fe0aae44dcbeac183fee9b0f") ok := sm9.VerifyASN1(masterPubKey, uid, hid, hash, sig) fmt.Printf("%v\n", ok) }
Output: true
func WrapKey ¶ added in v0.13.2
func WrapKey(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, kLen int) (key []byte, cipher *bn256.G1, err error)
WrapKey generates and wraps key with reciever's uid and system hid, returns generated key and cipher.
The rand parameter is used as a source of entropy to ensure that calls this function twice doesn't result in the same key. Most applications should use crypto/rand.Reader as random.
Types ¶
type CBCEncrypterOpts ¶ added in v0.15.7
type CBCEncrypterOpts struct {
// contains filtered or unexported fields
}
CBCEncrypterOpts represents CBC (Cipher block chaining) mode.
func (*CBCEncrypterOpts) Decrypt ¶ added in v0.15.7
func (opts *CBCEncrypterOpts) Decrypt(key, ciphertext []byte) ([]byte, error)
func (*CBCEncrypterOpts) Encrypt ¶ added in v0.15.7
Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.
func (*CBCEncrypterOpts) GetEncryptType ¶ added in v0.15.7
func (opts *CBCEncrypterOpts) GetEncryptType() encryptType
func (*CBCEncrypterOpts) GetKeySize ¶ added in v0.15.7
type CFBEncrypterOpts ¶ added in v0.15.7
type CFBEncrypterOpts struct {
// contains filtered or unexported fields
}
CFBEncrypterOpts represents CFB (Cipher Feedback) mode.
func (*CFBEncrypterOpts) Decrypt ¶ added in v0.15.7
func (opts *CFBEncrypterOpts) Decrypt(key, ciphertext []byte) ([]byte, error)
func (*CFBEncrypterOpts) Encrypt ¶ added in v0.15.7
Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.
func (*CFBEncrypterOpts) GetEncryptType ¶ added in v0.15.7
func (opts *CFBEncrypterOpts) GetEncryptType() encryptType
func (*CFBEncrypterOpts) GetKeySize ¶ added in v0.15.7
type ECBEncrypterOpts ¶ added in v0.15.7
type ECBEncrypterOpts struct {
// contains filtered or unexported fields
}
ECBEncrypterOpts represents ECB (Electronic Code Book) mode.
func (*ECBEncrypterOpts) Decrypt ¶ added in v0.15.7
func (opts *ECBEncrypterOpts) Decrypt(key, ciphertext []byte) ([]byte, error)
func (*ECBEncrypterOpts) GetEncryptType ¶ added in v0.15.7
func (opts *ECBEncrypterOpts) GetEncryptType() encryptType
func (*ECBEncrypterOpts) GetKeySize ¶ added in v0.15.7
type EncryptMasterPrivateKey ¶ added in v0.13.0
type EncryptMasterPrivateKey struct { *EncryptMasterPublicKey // master public key D *big.Int // master private key }
EncryptMasterPrivateKey master private key for encryption, generated by KGC
func GenerateEncryptMasterKey ¶ added in v0.13.0
func GenerateEncryptMasterKey(rand io.Reader) (*EncryptMasterPrivateKey, error)
GenerateEncryptMasterKey generates a master public and private key pair for encryption usage.
func (*EncryptMasterPrivateKey) GenerateUserKey ¶ added in v0.13.0
func (master *EncryptMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*EncryptPrivateKey, error)
GenerateUserKey generate an user key for encryption.
func (*EncryptMasterPrivateKey) MarshalASN1 ¶ added in v0.13.0
func (master *EncryptMasterPrivateKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal encrypt master private key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*EncryptMasterPrivateKey) Public ¶ added in v0.13.0
func (master *EncryptMasterPrivateKey) Public() *EncryptMasterPublicKey
Public returns the public key corresponding to priv.
func (*EncryptMasterPrivateKey) UnmarshalASN1 ¶ added in v0.13.0
func (master *EncryptMasterPrivateKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to encrypt master private key
type EncryptMasterPublicKey ¶ added in v0.13.0
type EncryptMasterPublicKey struct { MasterPublicKey *bn256.G1 // public key // contains filtered or unexported fields }
EncryptMasterPublicKey master private key for encryption, generated by KGC
func (*EncryptMasterPublicKey) Encrypt ¶ added in v0.13.0
func (pub *EncryptMasterPublicKey) Encrypt(rand io.Reader, uid []byte, hid byte, plaintext []byte, opts EncrypterOpts) ([]byte, error)
Encrypt encrypts plaintext and returns ciphertext with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.
Example ¶
package main import ( "crypto/rand" "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // get master public key, can be from pem masterPubKey := new(sm9.EncryptMasterPublicKey) keyBytes, _ := hex.DecodeString("03420004787ed7b8a51f3ab84e0a66003f32da5c720b17eca7137d39abc66e3c80a892ff769de61791e5adc4b9ff85a31354900b202871279a8c49dc3f220f644c57a7b1") err := masterPubKey.UnmarshalASN1(keyBytes) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } hid := byte(0x03) uid := []byte("Bob") ciphertext, err := masterPubKey.Encrypt(rand.Reader, uid, hid, []byte("Chinese IBE standard"), sm9.DefaultEncrypterOpts) if err != nil { fmt.Fprintf(os.Stderr, "Error from Encrypt: %s\n", err) return } // Since Encrypt is a randomized function, result will be // different each time. fmt.Printf("%s\n", hex.EncodeToString(ciphertext)) }
Output:
func (*EncryptMasterPublicKey) GenerateUserPublicKey ¶ added in v0.13.0
func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G1
GenerateUserPublicKey generate user encrypt public key
func (*EncryptMasterPublicKey) MarshalASN1 ¶ added in v0.13.0
func (pub *EncryptMasterPublicKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal encrypt master public key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*EncryptMasterPublicKey) MarshalCompressedASN1 ¶ added in v0.13.7
func (pub *EncryptMasterPublicKey) MarshalCompressedASN1() ([]byte, error)
MarshalCompressedASN1 marshal encrypt master public key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.
func (*EncryptMasterPublicKey) ParseFromPEM ¶ added in v0.15.0
func (pub *EncryptMasterPublicKey) ParseFromPEM(data []byte) error
ParseFromPEM just for GMSSL, there are no Algorithm pkix.AlgorithmIdentifier
func (*EncryptMasterPublicKey) ScalarBaseMult ¶ added in v0.13.0
func (pub *EncryptMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, error)
ScalarBaseMult compute basepoint^r with precomputed table. The base point = pair(<master public key>, Gen2)
func (*EncryptMasterPublicKey) UnmarshalASN1 ¶ added in v0.13.0
func (pub *EncryptMasterPublicKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to encrypt master public key
func (*EncryptMasterPublicKey) UnmarshalRaw ¶ added in v0.15.0
func (pub *EncryptMasterPublicKey) UnmarshalRaw(bytes []byte) error
UnmarshalRaw unmarsal raw bytes data to encrypt master public key
func (*EncryptMasterPublicKey) WrapKey ¶ added in v0.13.2
func (pub *EncryptMasterPublicKey) WrapKey(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, []byte, error)
WrapKey wraps key and converts the cipher as ASN1 format, SM9PublicKey1 definition.
The rand parameter is used as a source of entropy to ensure that calls this function twice doesn't result in the same key. Most applications should use crypto/rand.Reader as random.
Example ¶
package main import ( "crypto/rand" "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // get master public key, can be from pem masterPubKey := new(sm9.EncryptMasterPublicKey) keyBytes, _ := hex.DecodeString("03420004787ed7b8a51f3ab84e0a66003f32da5c720b17eca7137d39abc66e3c80a892ff769de61791e5adc4b9ff85a31354900b202871279a8c49dc3f220f644c57a7b1") err := masterPubKey.UnmarshalASN1(keyBytes) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } hid := byte(0x03) uid := []byte("Bob") key, cipherDer, err := masterPubKey.WrapKey(rand.Reader, uid, hid, 32) if err != nil { fmt.Fprintf(os.Stderr, "Error from WrapKeyASN1: %s\n", err) return } // Since WrapKey is a randomized function, result will be // different each time. fmt.Printf("%s %s\n", hex.EncodeToString(key), hex.EncodeToString(cipherDer)) }
Output:
func (*EncryptMasterPublicKey) WrapKeyASN1 ¶ added in v0.13.2
func (pub *EncryptMasterPublicKey) WrapKeyASN1(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, error)
WrapKeyASN1 wraps key and converts the result of SM9KeyPackage as ASN1 format. according SM9 cryptographic algorithm application specification, SM9KeyPackage defnition.
The rand parameter is used as a source of entropy to ensure that calls this function twice doesn't result in the same key. Most applications should use crypto/rand.Reader as random.
type EncryptPrivateKey ¶ added in v0.13.0
type EncryptPrivateKey struct { PrivateKey *bn256.G2 // user private key *EncryptMasterPublicKey // master public key }
EncryptPrivateKey user private key for encryption, generated by KGC
func (*EncryptPrivateKey) Decrypt ¶ added in v0.13.2
func (priv *EncryptPrivateKey) Decrypt(uid, ciphertext []byte, opts EncrypterOpts) ([]byte, error)
Decrypt decrypts chipher, the ciphertext should be with format C1||C3||C2
Example ¶
package main import ( "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // real user encrypt private key should be from secret storage, e.g. password protected pkcs8 file kb, _ := hex.DecodeString("038182000494736acd2c8c8796cc4785e938301a139a059d3537b6414140b2d31eecf41683115bae85f5d8bc6c3dbd9e5342979acccf3c2f4f28420b1cb4f8c0b59a19b1587aa5e47570da7600cd760a0cf7beaf71c447f3844753fe74fa7ba92ca7d3b55f27538a62e7f7bfb51dce08704796d94c9d56734f119ea44732b50e31cdeb75c1") userKey := new(sm9.EncryptPrivateKey) err := userKey.UnmarshalASN1(kb) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } uid := []byte("Bob") cipherDer, _ := hex.DecodeString("307f020100034200042cb3e90b0977211597652f26ee4abbe275ccb18dd7f431876ab5d40cc2fc563d9417791c75bc8909336a4e6562450836cc863f51002e31ecf0c4aae8d98641070420638ca5bfb35d25cff7cbd684f3ed75f2d919da86a921a2e3e2e2f4cbcf583f240414b7e776811774722a8720752fb1355ce45dc3d0df") plaintext, err := userKey.DecryptASN1(uid, cipherDer) if err != nil { fmt.Fprintf(os.Stderr, "Error from Decrypt: %s\n", err) return } fmt.Printf("%s\n", plaintext) }
Output: Chinese IBE standard
func (*EncryptPrivateKey) DecryptASN1 ¶ added in v0.15.7
func (priv *EncryptPrivateKey) DecryptASN1(uid, ciphertext []byte) ([]byte, error)
DecryptASN1 decrypts chipher, the ciphertext should be with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.
func (*EncryptPrivateKey) MarshalASN1 ¶ added in v0.13.0
func (priv *EncryptPrivateKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal encrypt user private key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*EncryptPrivateKey) MarshalCompressedASN1 ¶ added in v0.13.7
func (priv *EncryptPrivateKey) MarshalCompressedASN1() ([]byte, error)
MarshalCompressedASN1 marshal encrypt user private key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.
func (*EncryptPrivateKey) MasterPublic ¶ added in v0.13.0
func (priv *EncryptPrivateKey) MasterPublic() *EncryptMasterPublicKey
MasterPublic returns the master public key corresponding to priv.
func (*EncryptPrivateKey) SetMasterPublicKey ¶ added in v0.13.0
func (priv *EncryptPrivateKey) SetMasterPublicKey(pub *EncryptMasterPublicKey)
SetMasterPublicKey bind the encrypt master public key to it.
func (*EncryptPrivateKey) UnmarshalASN1 ¶ added in v0.13.0
func (priv *EncryptPrivateKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to encrypt user private key Note, priv's EncryptMasterPublicKey should be handled separately.
func (*EncryptPrivateKey) UnmarshalRaw ¶ added in v0.15.0
func (priv *EncryptPrivateKey) UnmarshalRaw(bytes []byte) error
UnmarshalRaw unmarsal raw bytes data to encrypt user private key Note, priv's EncryptMasterPublicKey should be handled separately.
func (*EncryptPrivateKey) UnwrapKey ¶ added in v0.13.2
func (priv *EncryptPrivateKey) UnwrapKey(uid, cipherDer []byte, kLen int) ([]byte, error)
UnwrapKey unwraps key from cipherDer, user id and aligned key length. cipherDer is SM9PublicKey1 format according SM9 cryptographic algorithm application specification.
Example ¶
package main import ( "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // real user encrypt private key should be from secret storage, e.g. password protected pkcs8 file kb, _ := hex.DecodeString("038182000494736acd2c8c8796cc4785e938301a139a059d3537b6414140b2d31eecf41683115bae85f5d8bc6c3dbd9e5342979acccf3c2f4f28420b1cb4f8c0b59a19b1587aa5e47570da7600cd760a0cf7beaf71c447f3844753fe74fa7ba92ca7d3b55f27538a62e7f7bfb51dce08704796d94c9d56734f119ea44732b50e31cdeb75c1") userKey := new(sm9.EncryptPrivateKey) err := userKey.UnmarshalASN1(kb) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } cipherDer, _ := hex.DecodeString("0342000447689629d1fa57e8def447f42b75e28518a1b692891528ca596f7bcbf581c7cf429ed01b114ce157ed4eadd0b2ded9a7e475e347f67b6affa3a6cf654573f978") key, err := userKey.UnwrapKey([]byte("Bob"), cipherDer, 32) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnwrapKey: %s\n", err) return } fmt.Printf("%s\n", hex.EncodeToString(key)) }
Output: 270c42505bca90a8084064ea8af279364405a8195f30664082ead3d6991ed70f
type EncrypterOpts ¶ added in v0.15.7
type EncrypterOpts interface { // GetEncryptType returns the encrypt type/mode. GetEncryptType() encryptType // GetKeySize returns key size used by this encrypt mode. GetKeySize(plaintext []byte) int // Encrypt encrypts the plaintext with the key, returns ciphertext. Encrypt(rand io.Reader, key, plaintext []byte) ([]byte, error) // Decrypt decrypts the ciphertext with the key, returns plaintext. Decrypt(key, ciphertext []byte) ([]byte, error) }
EncrypterOpts is an interface implemented by detail encrypt/decrypt mode.
func NewCBCEncrypterOpts ¶ added in v0.15.7
func NewCBCEncrypterOpts(padding padding.Padding, newCipher newCipher, keySize int) EncrypterOpts
func NewCFBEncrypterOpts ¶ added in v0.15.7
func NewCFBEncrypterOpts(newCipher newCipher, keySize int) EncrypterOpts
func NewECBEncrypterOpts ¶ added in v0.15.7
func NewECBEncrypterOpts(padding padding.Padding, newCipher newCipher, keySize int) EncrypterOpts
func NewOFBEncrypterOpts ¶ added in v0.15.7
func NewOFBEncrypterOpts(newCipher newCipher, keySize int) EncrypterOpts
type KeyExchange ¶ added in v0.13.2
type KeyExchange struct {
// contains filtered or unexported fields
}
KeyExchange represents key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> InitKeyExchange -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> RepondKeyExchange -> transmission -> ConfirmInitiator
func NewKeyExchange ¶ added in v0.13.2
func NewKeyExchange(priv *EncryptPrivateKey, uid, peerUID []byte, keyLen int, genSignature bool) *KeyExchange
NewKeyExchange creates one new KeyExchange object
func (*KeyExchange) ConfirmInitiator ¶ added in v0.13.2
func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)
ConfirmInitiator for responder's step B8
func (*KeyExchange) ConfirmResponder ¶ added in v0.13.2
ConfirmResponder for initiator's step A5-A7
func (*KeyExchange) Destroy ¶ added in v0.14.0
func (ke *KeyExchange) Destroy()
Destroy clears all internal state and Ephemeral private/public keys
func (*KeyExchange) InitKeyExchange ¶ added in v0.13.2
InitKeyExchange generates random with responder uid, for initiator's step A1-A4
type OFBEncrypterOpts ¶ added in v0.15.7
type OFBEncrypterOpts struct {
// contains filtered or unexported fields
}
OFBEncrypterOpts represents OFB (Output Feedback) mode.
func (*OFBEncrypterOpts) Decrypt ¶ added in v0.15.7
func (opts *OFBEncrypterOpts) Decrypt(key, ciphertext []byte) ([]byte, error)
func (*OFBEncrypterOpts) Encrypt ¶ added in v0.15.7
Encrypt encrypts the plaintext with the key, includes generated IV at the beginning of the ciphertext.
func (*OFBEncrypterOpts) GetEncryptType ¶ added in v0.15.7
func (opts *OFBEncrypterOpts) GetEncryptType() encryptType
func (*OFBEncrypterOpts) GetKeySize ¶ added in v0.15.7
type SignMasterPrivateKey ¶ added in v0.13.0
type SignMasterPrivateKey struct { *SignMasterPublicKey // master public key D *big.Int // master private key }
SignMasterPrivateKey master private key for sign, generated by KGC
func GenerateSignMasterKey ¶ added in v0.13.0
func GenerateSignMasterKey(rand io.Reader) (*SignMasterPrivateKey, error)
GenerateSignMasterKey generates a master public and private key pair for DSA usage.
func (*SignMasterPrivateKey) GenerateUserKey ¶ added in v0.13.0
func (master *SignMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*SignPrivateKey, error)
GenerateUserKey generate an user dsa key.
func (*SignMasterPrivateKey) MarshalASN1 ¶ added in v0.13.0
func (master *SignMasterPrivateKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal sign master private key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*SignMasterPrivateKey) Public ¶ added in v0.13.0
func (master *SignMasterPrivateKey) Public() *SignMasterPublicKey
Public returns the public key corresponding to priv.
func (*SignMasterPrivateKey) UnmarshalASN1 ¶ added in v0.13.0
func (master *SignMasterPrivateKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to sign master private key
type SignMasterPublicKey ¶ added in v0.13.0
type SignMasterPublicKey struct { MasterPublicKey *bn256.G2 // master public key // contains filtered or unexported fields }
SignMasterPublicKey master public key for sign, generated by KGC
func (*SignMasterPublicKey) GenerateUserPublicKey ¶ added in v0.13.0
func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G2
GenerateUserPublicKey generate user sign public key
func (*SignMasterPublicKey) MarshalASN1 ¶ added in v0.13.0
func (pub *SignMasterPublicKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal sign master public key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*SignMasterPublicKey) MarshalCompressedASN1 ¶ added in v0.13.7
func (pub *SignMasterPublicKey) MarshalCompressedASN1() ([]byte, error)
MarshalCompressedASN1 marshal sign master public key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.
func (*SignMasterPublicKey) ParseFromPEM ¶ added in v0.15.0
func (pub *SignMasterPublicKey) ParseFromPEM(data []byte) error
ParseFromPEM just for GMSSL, there are no Algorithm pkix.AlgorithmIdentifier
func (*SignMasterPublicKey) ScalarBaseMult ¶ added in v0.13.0
func (pub *SignMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, error)
ScalarBaseMult compute basepoint^r with precomputed table The base point = pair(Gen1, <master public key>)
func (*SignMasterPublicKey) UnmarshalASN1 ¶ added in v0.13.0
func (pub *SignMasterPublicKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to sign master public key
func (*SignMasterPublicKey) UnmarshalRaw ¶ added in v0.15.0
func (pub *SignMasterPublicKey) UnmarshalRaw(bytes []byte) error
UnmarshalRaw unmarsal raw bytes data to sign master public key
func (*SignMasterPublicKey) Verify ¶ added in v0.13.0
func (pub *SignMasterPublicKey) Verify(uid []byte, hid byte, hash, sig []byte) bool
Verify verifies the ASN.1 encoded signature, sig, of hash using the public key, pub. Its return value records whether the signature is valid.
Example ¶
package main import ( "encoding/hex" "fmt" "os" "github.com/emmansun/gmsm/sm9" ) func main() { // get master public key, can be from pem masterPubKey := new(sm9.SignMasterPublicKey) keyBytes, _ := hex.DecodeString("03818200049f64080b3084f733e48aff4b41b565011ce0711c5e392cfb0ab1b6791b94c40829dba116152d1f786ce843ed24a3b573414d2177386a92dd8f14d65696ea5e3269850938abea0112b57329f447e3a0cbad3e2fdb1a77f335e89e1408d0ef1c2541e00a53dda532da1a7ce027b7a46f741006e85f5cdff0730e75c05fb4e3216d") err := masterPubKey.UnmarshalASN1(keyBytes) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } hid := byte(0x01) uid := []byte("Alice") hash := []byte("Chinese IBS standard") sig, _ := hex.DecodeString("30660420b0d0c0bb1b57ea0d5b51cb5c96be850b8c2eef6b0fff5fcccb524b972574e6eb03420004901819575c9211c7b4e6e137794d23d0095608bcdad5c82dbff05777c5b49c763e4425acea2aaedf9e48d4784b4e4a5621cc3663fe0aae44dcbeac183fee9b0f") ok := masterPubKey.Verify(uid, hid, hash, sig) fmt.Printf("%v\n", ok) }
Output: true
type SignPrivateKey ¶ added in v0.13.0
type SignPrivateKey struct { PrivateKey *bn256.G1 // user private key *SignMasterPublicKey // master public key }
SignPrivateKey user private key for sign, generated by KGC
func (*SignPrivateKey) MarshalASN1 ¶ added in v0.13.0
func (priv *SignPrivateKey) MarshalASN1() ([]byte, error)
MarshalASN1 marshal sign user private key to asn.1 format data according SM9 cryptographic algorithm application specification
func (*SignPrivateKey) MarshalCompressedASN1 ¶ added in v0.13.7
func (priv *SignPrivateKey) MarshalCompressedASN1() ([]byte, error)
MarshalCompressedASN1 marshal sign user private key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.
func (*SignPrivateKey) MasterPublic ¶ added in v0.13.0
func (priv *SignPrivateKey) MasterPublic() *SignMasterPublicKey
MasterPublic returns the master public key corresponding to priv.
func (*SignPrivateKey) SetMasterPublicKey ¶ added in v0.13.0
func (priv *SignPrivateKey) SetMasterPublicKey(pub *SignMasterPublicKey)
SetMasterPublicKey bind the sign master public key to it.
func (*SignPrivateKey) Sign ¶ added in v0.13.0
func (priv *SignPrivateKey) Sign(rand io.Reader, hash []byte, opts crypto.SignerOpts) ([]byte, error)
Sign signs digest with user's DSA key, reading randomness from rand. The opts argument is not currently used but, in keeping with the crypto.Signer interface. The result is SM9Signature ASN.1 format.
The signature is randomized. Most applications should use crypto/rand.Reader as rand. Note that the returned signature does not depend deterministically on the bytes read from rand, and may change between calls and/or between versions.
Example ¶
package main import ( "crypto/rand" "encoding/hex" "fmt" "math/big" "os" "github.com/emmansun/gmsm/sm9" "golang.org/x/crypto/cryptobyte" ) func main() { // real user sign private key should be from secret storage, e.g. password protected pkcs8 file kb, _ := hex.DecodeString("0130E78459D78545CB54C587E02CF480CE0B66340F319F348A1D5B1F2DC5F4") var b cryptobyte.Builder b.AddASN1BigInt(new(big.Int).SetBytes(kb)) kb, _ = b.Bytes() masterkey := new(sm9.SignMasterPrivateKey) err := masterkey.UnmarshalASN1(kb) if err != nil { fmt.Fprintf(os.Stderr, "Error from UnmarshalASN1: %s\n", err) return } hid := byte(0x01) uid := []byte("Alice") userKey, err := masterkey.GenerateUserKey(uid, hid) if err != nil { fmt.Fprintf(os.Stderr, "Error from GenerateUserKey: %s\n", err) return } // sm9 sign hash := []byte("Chinese IBS standard") sig, err := userKey.Sign(rand.Reader, hash, nil) if err != nil { fmt.Fprintf(os.Stderr, "Error from Sign: %s\n", err) return } // Since sign is a randomized function, signature will be // different each time. fmt.Printf("%x\n", sig) }
Output:
func (*SignPrivateKey) UnmarshalASN1 ¶ added in v0.13.0
func (priv *SignPrivateKey) UnmarshalASN1(der []byte) error
UnmarshalASN1 unmarsal der data to sign user private key Note, priv's SignMasterPublicKey should be handled separately.
func (*SignPrivateKey) UnmarshalRaw ¶ added in v0.15.0
func (priv *SignPrivateKey) UnmarshalRaw(bytes []byte) error
UnmarshalRaw unmarsal raw bytes data to sign user private key Note, priv's SignMasterPublicKey should be handled separately.
type XOREncrypterOpts ¶ added in v0.15.7
type XOREncrypterOpts struct{}
XOREncrypterOpts represents XOR mode.
func (*XOREncrypterOpts) Decrypt ¶ added in v0.15.7
func (opts *XOREncrypterOpts) Decrypt(key, ciphertext []byte) ([]byte, error)
func (*XOREncrypterOpts) GetEncryptType ¶ added in v0.15.7
func (opts *XOREncrypterOpts) GetEncryptType() encryptType
func (*XOREncrypterOpts) GetKeySize ¶ added in v0.15.7
func (opts *XOREncrypterOpts) GetKeySize(plaintext []byte) int