sm9

package
v0.13.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 13, 2022 License: MIT Imports: 13 Imported by: 0

README

SM9 current supported functions:

1.Keys generation
2.Sign/Verify
3.Key Exchange
4.Wrap/Unwrap Key
5.Encryption/Decryption (XOR mode)

SM9 current performance:

SM9 Sign Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkSign-6   	    1344	    871597 ns/op	   35870 B/op	    1013 allocs/op

SM9 Verify Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkVerify-6   	     352	   3331673 ns/op	  237676 B/op	    6283 allocs/op

SM9 Encrypt(XOR) Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkEncrypt-6   	    1120	    971188 ns/op	   38125 B/op	    1036 allocs/op

SM9 Decrypt(XOR) Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkDecrypt-6   	     507	   2345492 ns/op	  202360 B/op	    5228 allocs/op

SM9 Generate User Sign Private Key Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkGenerateSignPrivKey-6   	    8078	    147638 ns/op	    3176 B/op	      47 allocs/op

SM9 Generate User Encrypt Private Key Benchmark

goos: windows
goarch: amd64
pkg: github.com/emmansun/gmsm/sm9
cpu: Intel(R) Core(TM) i5-9500 CPU @ 3.00GHz
BenchmarkGenerateEncryptPrivKey-6   	    3445	    326796 ns/op	    3433 B/op	      47 allocs/op

To further improve Verify()/Decrypt() performance, need to improve Pair() method performance.

Documentation

Overview

Package sm9 handle shangmi sm9 algorithm and its curves and pairing implementation

Index

Constants

View Source 
const (
	// hashmode used in h1: 0x01
	H1 hashMode = 1 + iota
	// hashmode used in h2: 0x02
	H2
)
View Source 
const (
	ENC_TYPE_XOR encryptType = 0
	ENC_TYPE_ECB encryptType = 1
	ENC_TYPE_CBC encryptType = 2
	ENC_TYPE_OFB encryptType = 4
	ENC_TYPE_CFB encryptType = 8
)

Variables

This section is empty.

Functions

func Decrypt 

func Decrypt(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error)

Decrypt decrypt chipher, ciphertext should be with format C1||C3||C2

func DecryptASN1 

func DecryptASN1(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error)

DecryptASN1 decrypt chipher, ciphertext should be with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.

func Encrypt 

func Encrypt(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte) ([]byte, error)

Encrypt encrypt plaintext, output ciphertext with format C1||C3||C2

func EncryptASN1 

func EncryptASN1(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, plaintext []byte) ([]byte, error)

EncryptASN1 encrypt plaintext and output ciphertext with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.

func Sign 

func Sign(rand io.Reader, priv *SignPrivateKey, hash []byte) (h *big.Int, s *bn256.G1, err error)

Sign signs a hash (which should be the result of hashing a larger message) using the user dsa key. It returns the signature as a pair of h and s.

func SignASN1 

func SignASN1(rand io.Reader, priv *SignPrivateKey, hash []byte) ([]byte, error)

SignASN1 signs a hash (which should be the result of hashing a larger message) using the private key, priv. It returns the ASN.1 encoded signature of type SM9Signature.

func UnmarshalSM9KeyPackage 

func UnmarshalSM9KeyPackage(der []byte) ([]byte, *bn256.G1, error)

UnmarshalSM9KeyPackage is an utility to unmarshal SM9KeyPackage

func UnwrapKey 

func UnwrapKey(priv *EncryptPrivateKey, uid []byte, cipher *bn256.G1, kLen int) ([]byte, error)

UnwrapKey unwrap key from cipher, user id and aligned key length

func Verify 

func Verify(pub *SignMasterPublicKey, uid []byte, hid byte, hash []byte, h *big.Int, s *bn256.G1) bool

Verify verifies the signature in h, s of hash using the master dsa public key and user id, uid and hid. Its return value records whether the signature is valid.

func VerifyASN1 

func VerifyASN1(pub *SignMasterPublicKey, uid []byte, hid byte, hash, sig []byte) bool

VerifyASN1 verifies the ASN.1 encoded signature of type SM9Signature, sig, of hash using the public key, pub. Its return value records whether the signature is valid.

func WrapKey 

func WrapKey(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, kLen int) (key []byte, cipher *bn256.G1, err error)

WrapKey generate and wrap key with reciever's uid and system hid

Types

type EncryptMasterPrivateKey 

type EncryptMasterPrivateKey struct {
	EncryptMasterPublicKey          // master public key
	D                      *big.Int // master private key
}

EncryptMasterPrivateKey master private key for encryption, generated by KGC

func GenerateEncryptMasterKey 

func GenerateEncryptMasterKey(rand io.Reader) (*EncryptMasterPrivateKey, error)

GenerateEncryptMasterKey generates a master public and private key pair for encryption usage.

func (*EncryptMasterPrivateKey) GenerateUserKey 

func (master *EncryptMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*EncryptPrivateKey, error)

GenerateUserKey generate an user key for encryption.

func (*EncryptMasterPrivateKey) MarshalASN1 

func (master *EncryptMasterPrivateKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal encrypt master private key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*EncryptMasterPrivateKey) Public 

func (master *EncryptMasterPrivateKey) Public() *EncryptMasterPublicKey

Public returns the public key corresponding to priv.

func (*EncryptMasterPrivateKey) UnmarshalASN1 

func (master *EncryptMasterPrivateKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to encrpt master private key

type EncryptMasterPublicKey 

type EncryptMasterPublicKey struct {
	MasterPublicKey *bn256.G1 // public key
	// contains filtered or unexported fields
}

EncryptMasterPublicKey master private key for encryption, generated by KGC

func (*EncryptMasterPublicKey) Encrypt 

func (pub *EncryptMasterPublicKey) Encrypt(rand io.Reader, uid []byte, hid byte, plaintext []byte) ([]byte, error)

Encrypt encrypt plaintext and output ciphertext with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.

func (*EncryptMasterPublicKey) GenerateUserPublicKey 

func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G1

GenerateUserPublicKey generate user encrypt public key

func (*EncryptMasterPublicKey) MarshalASN1 

func (pub *EncryptMasterPublicKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal encrypt master public key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*EncryptMasterPublicKey) MarshalCompressedASN1 

func (pub *EncryptMasterPublicKey) MarshalCompressedASN1() ([]byte, error)

MarshalCompressedASN1 marshal encrypt master public key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.

func (*EncryptMasterPublicKey) ScalarBaseMult 

func (pub *EncryptMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT

ScalarBaseMult compute basepoint^r with precomputed table. The base point = pair(<master public key>, Gen2)

func (*EncryptMasterPublicKey) UnmarshalASN1 

func (pub *EncryptMasterPublicKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to encrypt master public key

func (*EncryptMasterPublicKey) WrapKey 

func (pub *EncryptMasterPublicKey) WrapKey(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, []byte, error)

WrapKey wrap key and marshal the cipher as ASN1 format, SM9PublicKey1 definition.

func (*EncryptMasterPublicKey) WrapKeyASN1 

func (pub *EncryptMasterPublicKey) WrapKeyASN1(rand io.Reader, uid []byte, hid byte, kLen int) ([]byte, error)

WrapKeyASN1 wrap key and marshal the result of SM9KeyPackage as ASN1 format. according SM9 cryptographic algorithm application specification, SM9KeyPackage defnition.

type EncryptPrivateKey 

type EncryptPrivateKey struct {
	PrivateKey             *bn256.G2 // user private key
	EncryptMasterPublicKey           // master public key
}

EncryptPrivateKey user private key for encryption, generated by KGC

func (*EncryptPrivateKey) Decrypt 

func (priv *EncryptPrivateKey) Decrypt(uid, ciphertext []byte) ([]byte, error)

Decrypt decrypt chipher, ciphertext should be with ASN.1 format according SM9 cryptographic algorithm application specification, SM9Cipher definition.

func (*EncryptPrivateKey) MarshalASN1 

func (priv *EncryptPrivateKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal encrypt user private key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*EncryptPrivateKey) MarshalCompressedASN1 

func (priv *EncryptPrivateKey) MarshalCompressedASN1() ([]byte, error)

MarshalCompressedASN1 marshal encrypt user private key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.

func (*EncryptPrivateKey) MasterPublic 

func (priv *EncryptPrivateKey) MasterPublic() *EncryptMasterPublicKey

MasterPublic returns the master public key corresponding to priv.

func (*EncryptPrivateKey) SetMasterPublicKey 

func (priv *EncryptPrivateKey) SetMasterPublicKey(pub *EncryptMasterPublicKey)

SetMasterPublicKey bind the encrypt master public key to it.

func (*EncryptPrivateKey) UnmarshalASN1 

func (priv *EncryptPrivateKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to encrypt user private key Note, priv's EncryptMasterPublicKey should be handled separately.

func (*EncryptPrivateKey) UnwrapKey 

func (priv *EncryptPrivateKey) UnwrapKey(uid, cipherDer []byte, kLen int) ([]byte, error)

UnwrapKey unwrap key from cipherDer, user id and aligned key length. cipherDer is SM9PublicKey1 format according SM9 cryptographic algorithm application specification.

type KeyExchange 

type KeyExchange struct {
	// contains filtered or unexported fields
}

KeyExchange key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> InitKeyExchange -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> RepondKeyExchange -> transmission -> ConfirmInitiator

func NewKeyExchange 

func NewKeyExchange(priv *EncryptPrivateKey, uid, peerUID []byte, keyLen int, genSignature bool) *KeyExchange

NewKeyExchange create one new KeyExchange object

func (*KeyExchange) ConfirmInitiator 

func (ke *KeyExchange) ConfirmInitiator(s1 []byte) error

ConfirmInitiator for responder's step B8

func (*KeyExchange) ConfirmResponder 

func (ke *KeyExchange) ConfirmResponder(rB *bn256.G1, sB []byte) ([]byte, error)

ConfirmResponder for initiator's step A5-A7

func (*KeyExchange) GetSharedKey 

func (ke *KeyExchange) GetSharedKey() []byte

GetSharedKey return key after key agreement

func (*KeyExchange) InitKeyExchange 

func (ke *KeyExchange) InitKeyExchange(rand io.Reader, hid byte) (*bn256.G1, error)

InitKeyExchange generate random with responder uid, for initiator's step A1-A4

func (*KeyExchange) RepondKeyExchange 

func (ke *KeyExchange) RepondKeyExchange(rand io.Reader, hid byte, rA *bn256.G1) (*bn256.G1, []byte, error)

RepondKeyExchange when responder receive rA, for responder's step B1-B7

type SignMasterPrivateKey 

type SignMasterPrivateKey struct {
	SignMasterPublicKey          // master public key
	D                   *big.Int // master private key
}

SignMasterPrivateKey master private key for sign, generated by KGC

func GenerateSignMasterKey 

func GenerateSignMasterKey(rand io.Reader) (*SignMasterPrivateKey, error)

GenerateSignMasterKey generates a master public and private key pair for DSA usage.

func (*SignMasterPrivateKey) GenerateUserKey 

func (master *SignMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*SignPrivateKey, error)

GenerateUserKey generate an user dsa key.

func (*SignMasterPrivateKey) MarshalASN1 

func (master *SignMasterPrivateKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal sign master private key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*SignMasterPrivateKey) Public 

func (master *SignMasterPrivateKey) Public() *SignMasterPublicKey

Public returns the public key corresponding to priv.

func (*SignMasterPrivateKey) UnmarshalASN1 

func (master *SignMasterPrivateKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to sign master private key

type SignMasterPublicKey 

type SignMasterPublicKey struct {
	MasterPublicKey *bn256.G2 // master public key
	// contains filtered or unexported fields
}

SignMasterPublicKey master public key for sign, generated by KGC

func (*SignMasterPublicKey) GenerateUserPublicKey 

func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G2

GenerateUserPublicKey generate user sign public key

func (*SignMasterPublicKey) MarshalASN1 

func (pub *SignMasterPublicKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal sign master public key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*SignMasterPublicKey) MarshalCompressedASN1 

func (pub *SignMasterPublicKey) MarshalCompressedASN1() ([]byte, error)

MarshalCompressedASN1 marshal sign master public key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.

func (*SignMasterPublicKey) ScalarBaseMult 

func (pub *SignMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT

ScalarBaseMult compute basepoint^r with precomputed table The base point = pair(Gen1, <master public key>)

func (*SignMasterPublicKey) UnmarshalASN1 

func (pub *SignMasterPublicKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to sign master public key

func (*SignMasterPublicKey) Verify 

func (pub *SignMasterPublicKey) Verify(uid []byte, hid byte, hash, sig []byte) bool

Verify verifies the ASN.1 encoded signature, sig, of hash using the public key, pub. Its return value records whether the signature is valid.

type SignPrivateKey 

type SignPrivateKey struct {
	PrivateKey          *bn256.G1 // user private key
	SignMasterPublicKey           // master public key
}

SignPrivateKey user private key for sign, generated by KGC

func (*SignPrivateKey) MarshalASN1 

func (priv *SignPrivateKey) MarshalASN1() ([]byte, error)

MarshalASN1 marshal sign user private key to asn.1 format data according SM9 cryptographic algorithm application specification

func (*SignPrivateKey) MarshalCompressedASN1 

func (priv *SignPrivateKey) MarshalCompressedASN1() ([]byte, error)

MarshalCompressedASN1 marshal sign user private key to asn.1 format data according SM9 cryptographic algorithm application specification, the curve point is in compressed form.

func (*SignPrivateKey) MasterPublic 

func (priv *SignPrivateKey) MasterPublic() *SignMasterPublicKey

MasterPublic returns the master public key corresponding to priv.

func (*SignPrivateKey) SetMasterPublicKey 

func (priv *SignPrivateKey) SetMasterPublicKey(pub *SignMasterPublicKey)

SetMasterPublicKey bind the sign master public key to it.

func (*SignPrivateKey) Sign 

func (priv *SignPrivateKey) Sign(rand io.Reader, hash []byte, opts crypto.SignerOpts) ([]byte, error)

Sign signs digest with user's DSA key, reading randomness from rand. The opts argument is not currently used but, in keeping with the crypto.Signer interface. The result is SM9Signature ASN.1 format.

func (*SignPrivateKey) UnmarshalASN1 

func (priv *SignPrivateKey) UnmarshalASN1(der []byte) error

UnmarshalASN1 unmarsal der data to sign user private key Note, priv's SignMasterPublicKey should be handled separately.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.