sm2

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 1, 2023 License: Apache-2.0 Imports: 20 Imported by: 27

Documentation

Index

Constants

View Source 
const (
	// MarshalUncompressed C1不压缩序列化
	// MarshalUncompressed uncompressed mashal mode
	MarshalUncompressed pointMarshalMode = iota
	// MarshalCompressed C1压缩序列化
	// MarshalCompressed compressed mashal mode
	MarshalCompressed
	// MarshalMixed C1混合序列化
	// MarshalMixed mixed mashal mode
	MarshalMixed
)
View Source 
const (
	// C1C3C2 默认使用 C1C3C2
	C1C3C2 ciphertextSplicingOrder = iota
	C1C2C3
)
View Source 
const (
	// ENCODING_PLAIN 平文,即不对C2C3做ASN1转码
	ENCODING_PLAIN ciphertextEncoding = iota
	// ENCODING_ASN1 ASN1,即对C2C3做ASN1转码
	ENCODING_ASN1
)

Variables

View Source 
var ASN1DecrypterOpts = &DecrypterOpts{ENCODING_ASN1, C1C3C2}

ASN1DecrypterOpts ASN1转码解密参数: C1C3C2, C3C2做ASN1转码

View Source 
var ASN1EncrypterOpts = &EncrypterOpts{ENCODING_ASN1, MarshalUncompressed, C1C3C2}

ASN1EncrypterOpts ASN1转码加密参数: C1C3C2, C1不压缩, C3C2做ASN1转码

Functions

func ASN1Ciphertext2Plain 

func ASN1Ciphertext2Plain(ciphertext []byte, opts *EncrypterOpts) ([]byte, error)

ASN1Ciphertext2Plain sm2加密结果去除ASN1转码 ASN1Ciphertext2Plain utility method to convert ASN.1 encoding ciphertext to plain encoding format

func AdjustCiphertextSplicingOrder 

func AdjustCiphertextSplicingOrder(ciphertext []byte, from, to ciphertextSplicingOrder) ([]byte, error)

AdjustCiphertextSplicingOrder 修改sm2加密结果的C2C3拼接顺序 AdjustCiphertextSplicingOrder utility method to change c2 c3 order

func CalculateZA 

func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)

CalculateZA ZA计算。 

SM2签名与验签之前,先对签名内容做一次混入ZA的散列。
ZA的值是根据公钥与uid计算出来的。
CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA).
Compliance with GB/T 32918.2-2016 5.5

func ConvertSM2Priv2ECPriv 

func ConvertSM2Priv2ECPriv(sm2Priv *PrivateKey) (*ecdsa.PrivateKey, error)

func Decrypt 

func Decrypt(priv *PrivateKey, data []byte, opts *DecrypterOpts) ([]byte, error)

Decrypt sm2私钥解密 

opts传nil代表C1C3C2模式

func DecryptAsn1 

func DecryptAsn1(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptAsn1 sm2私钥解密, C1C3C2, C3C2做ASN1转码

func DecryptDefault 

func DecryptDefault(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptDefault sm2私钥解密, C1C3C2模式

func Encrypt 

func Encrypt(pub *PublicKey, data []byte, random io.Reader, opts *EncrypterOpts) ([]byte, error)

Encrypt sm2公钥加密 

opts传nil代表默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func EncryptAsn1 

func EncryptAsn1(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)

EncryptAsn1 sm2公钥加密 

默认模式: C1C3C2, C1不压缩, C3C2做ASN1转码

func EncryptDefault 

func EncryptDefault(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)

EncryptDefault sm2公钥加密 

默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func GenTables 

func GenTables()

func IsSM2PublicKey 

func IsSM2PublicKey(publicKey interface{}) bool

IsSM2PublicKey check if given public key is a SM2 public key or not

func P256Sm2 

func P256Sm2() elliptic.Curve

P256Sm2 获取sm2p256曲线 P256Sm2 init and return the singleton.

func PlainCiphertext2ASN1 

func PlainCiphertext2ASN1(ciphertext []byte, from ciphertextSplicingOrder) ([]byte, error)

PlainCiphertext2ASN1 sm2加密结果改为ASN1转码 PlainCiphertext2ASN1 utility method to convert plain encoding ciphertext to ASN.1 encoding format

func Sign 

func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

Sign Sign使用私钥priv对签名摘要hash进行签名,并将签名转为asn1格式字节数组。 

会对hash做ZA混合散列。

func SignASN1 

func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)

SignASN1 SignASN1使用私钥priv对签名摘要hash进行签名,并将签名转为asn1格式字节数组。 

会对hash做ZA混合散列。

func SignASN1WithOpts 

func SignASN1WithOpts(rand io.Reader, priv *PrivateKey, hash []byte, opts crypto.SignerOpts) ([]byte, error)

SignASN1WithOpts SignASN1使用私钥priv对签名摘要hash进行签名,并将签名转为asn1格式字节数组。 

是否对hash做ZA混合散列取决于opts类型是否*sm2.SM2SignerOption且opts.ForceGMSign为true。
如果opts传nil,则对hash做ZA混合散列。

func SignAfterZA 

func SignAfterZA(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

SignAfterZA sm2签名函数 

1.内部不对签名内容hash进行混入ZA的散列处理。
2.内部会根据rand与hash使用aes生成一个后续签名生成随机数用的csprng,即本函数在签名时获取随机数时不是直接使用rand。

func SignWithZA 

func SignWithZA(rand io.Reader, priv *PrivateKey, uid, msg []byte) (r, s *big.Int, err error)

SignWithZA 对msg做ZA混合散列后再对得到的校验和进行签名。 

混合散列使用sm3

SignWithZA follow sm2 dsa standards for hash part, compliance with GB/T 32918.2-2016.

func Sm2Sign 

func Sm2Sign(priv *PrivateKey, msg, uid []byte, random io.Reader) (r, s *big.Int, err error)

Sm2Sign Sm2Sign使用私钥priv对签名摘要hash进行签名,并将签名转为asn1格式字节数组。 

会对hash做ZA混合散列。

func Sm2Verify 

func Sm2Verify(pub *PublicKey, msg, uid []byte, r, s *big.Int) bool

Sm2Verify sm2验签 

对msg做ZA混合散列

func Verify 

func Verify(pub *PublicKey, msg []byte, r, s *big.Int) bool

Verify sm2验签 

对msg做ZA混合散列

func VerifyASN1 

func VerifyASN1(pub *PublicKey, msg, sig []byte) bool

VerifyASN1 VerifyASN1将asn1格式字节数组的签名转为(r,s)在调用sm2的验签函数。 

对msg做ZA混合散列

func VerifyASN1WithoutZA 

func VerifyASN1WithoutZA(pub *PublicKey, hash, sig []byte) bool

VerifyASN1WithoutZA 将asn1格式字节数组的签名转为(r,s),再做验签。 不对hash再做ZA混合散列。

func VerifyWithZA 

func VerifyWithZA(pub *PublicKey, uid, msg []byte, r, s *big.Int) bool

VerifyWithZA 将对msg进行ZA混合散列后再进行验签。

func WriteSm2PrivToHex added in v0.0.4 

func WriteSm2PrivToHex(key *PrivateKey) string

WriteSm2PrivToHex 将sm2私钥D转为hex字符串 

@param key sm2私钥
@return string

func WriteSm2PubToHex added in v0.0.4 

func WriteSm2PubToHex(key *PublicKey) string

WriteSm2PubToHex 将sm2公钥转为hex字符串 

@param key sm2公钥
@return string

Types

type DecrypterOpts 

type DecrypterOpts struct {
	// 转码规则
	CiphertextEncoding ciphertextEncoding
	// 拼接模式
	CipherTextSplicingOrder ciphertextSplicingOrder
}

DecrypterOpts 解密参数 DecrypterOpts decryption options

func NewPlainDecrypterOpts 

func NewPlainDecrypterOpts(splicingOrder ciphertextSplicingOrder) *DecrypterOpts

NewPlainDecrypterOpts 生成不做ASN1转码的sm2解密参数

type EncrypterOpts 

type EncrypterOpts struct {
	// C2C3转码规则
	CiphertextEncoding ciphertextEncoding
	// C1序列化模式
	PointMarshalMode pointMarshalMode
	// C1C2C3拼接模式
	CiphertextSplicingOrder ciphertextSplicingOrder
}

EncrypterOpts 加密参数 EncrypterOpts encryption options

func NewPlainEncrypterOpts 

func NewPlainEncrypterOpts(marhsalMode pointMarshalMode, splicingOrder ciphertextSplicingOrder) *EncrypterOpts

NewPlainEncrypterOpts 生成不做ASN1转码的sm2加密参数

type PrivateKey 

type PrivateKey struct {
	PublicKey          // 公钥
	D         *big.Int // 私钥,[1,n-1]区间的随机数
}

PrivateKey SM2私钥结构体

func ConvertECPriv2SM2Priv 

func ConvertECPriv2SM2Priv(ecPriv *ecdsa.PrivateKey) (*PrivateKey, error)

func GenerateKey 

func GenerateKey(rand io.Reader) (*PrivateKey, error)

GenerateKey 生成sm2的公私钥对 GenerateKey generates a public and private key pair.

func ReadSm2PrivFromHex added in v0.0.4 

func ReadSm2PrivFromHex(Dhex string) (*PrivateKey, error)

ReadSm2PrivFromHex 将hex字符串转为sm2私钥 

@param Dhex 16进制字符串,对应sm2.PrivateKey.D
@return *PrivateKey sm2私钥
@return error

func (*PrivateKey) Decrypt 

func (priv *PrivateKey) Decrypt(rand io.Reader, msg []byte, opts *DecrypterOpts) (plaintext []byte, err error)

Decrypt sm2私钥解密 

opts传nil代表C1C3C2模式

func (*PrivateKey) DecryptAsn1 

func (priv *PrivateKey) DecryptAsn1(data []byte) ([]byte, error)

DecryptAsn1 sm2私钥解密, C1C3C2, C1不压缩, C3C2做ASN1转码

func (*PrivateKey) Equal 

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

func (*PrivateKey) Public 

func (priv *PrivateKey) Public() crypto.PublicKey

Public The SM2's private key contains the public key

func (*PrivateKey) Sign 

func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign 为sm2.PrivateKey实现Sign方法。 

如果opts类型是*sm2.SM2SignerOption且opts.ForceGMSign为true,或opts传nil,

则将对digest进行ZA混合散列后再对其进行签名。

func (*PrivateKey) SignWithZA 

func (priv *PrivateKey) SignWithZA(rand io.Reader, uid, msg []byte) ([]byte, error)

SignWithZA 为sm2.PrivateKey实现SignWithZA方法。 

该方法强制对msg做ZA混合散列

SignWithZA signs uid, msg with priv, reading randomness from rand. Compliance with GB/T 32918.2-2016. Deprecated: please use Sign method directly.

type PublicKey 

type PublicKey struct {
	elliptic.Curve          // 椭圆曲线
	X, Y           *big.Int // 公钥座标
}

PublicKey SM2公钥结构体

func ReadSm2PubFromHex added in v0.0.4 

func ReadSm2PubFromHex(Qhex string) (*PublicKey, error)

ReadSm2PubFromHex 将hex字符串转为sm2公钥 

@param Qhex sm2公钥座标x,y的字节数组拼接后的hex转码字符串
@return *PublicKey sm2公钥
@return error

func (*PublicKey) Encrypt 

func (pub *PublicKey) Encrypt(rand io.Reader, msg []byte, opts *EncrypterOpts) (ciphertext []byte, err error)

Encrypt sm2公钥加密 

opts传nil代表默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func (*PublicKey) EncryptAsn1 

func (pub *PublicKey) EncryptAsn1(data []byte, random io.Reader) ([]byte, error)

EncryptAsn1 sm2公钥加密, C1C3C2, C1不压缩, C3C2做ASN1转码

func (*PublicKey) Equal 

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

func (*PublicKey) Verify 

func (pub *PublicKey) Verify(msg []byte, sig []byte) bool

Verify sm2公钥验签 

对msg做ZA混合散列

type SM2SignerOption 

type SM2SignerOption struct {
	// ZA计算用唯一标识符,只在ForceZA为true时使用。
	UID []byte
	// 是否强制使用国密签名标准,即对签名内容进行ZA混合散列后再签名。
	// 该值为true则代表进行ZA混合散列。
	ForceZA bool
}

SM2SignerOption sm2签名参数 SM2SignerOption implements crypto.SignerOpts interface. It is specific for SM2, used in private key's Sign method.

func DefaultSM2SignerOption 

func DefaultSM2SignerOption() *SM2SignerOption

DefaultSM2SignerOption 生成一个默认的sm2签名参数

func NewSM2SignerOption 

func NewSM2SignerOption(forceZA bool, uid []byte) *SM2SignerOption

NewSM2SignerOption 生成一个新的sm2签名参数 

forceZA为true而uid为空时,使用defaultUID

func (*SM2SignerOption) HashFunc 

func (*SM2SignerOption) HashFunc() crypto.Hash

HashFunc 为sm2.SM2SignerOption实现crypto.SignerOpts接口

type Signer 

type Signer interface {
	SignWithZA(rand io.Reader, uid, msg []byte) ([]byte, error)
}

Signer SM2 special signer

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.