README
¶
GmSSL-Go
简介
GmSSL-Go 是GmSSL密码库 https://github.com/guanzhi/GmSSL 的Go语言封装,以cgo方式实现,通过Go类和函数提供了如下密码接口:
- 密码随机数生成器
- SM2加密和签名,SM2密钥生成、私钥口令加密保护、密钥PEM文件导入导出
- SM2数字证书的导入、解析和验证
- SM3哈希函数、HMAC-SM3消息认证码、基于SM3的PBKDF2密钥导出函数
- SM4分组加密,以及SM4的CBC、CTR、GCM三种加密模式
- SM9加密和签名,以及SM9密钥生成、密钥口令加密保护、密钥PEM文件导入导出
- ZUC序列密码加密
目前GmSSL-Go功能可以覆盖除SSL/TLS/TLCP之外的国密算法主要应用开发场景。
开发入门
首先创建一个新项目,并初始化模块
$ mkdir hello
$ cd hello
创建源文件hello.go
package main
import (
"fmt"
"gmssl"
)
func main() {
fmt.Println(gmssl.GetGmSSLLibraryVersion())
}
$ go mod init example.com/hello
go: creating new go.mod: module example.com/hello
在项目模块中安装GmSSL-Go
$ go get github.com/GmSSL/GmSSL-Go@latest
go: added github.com/GmSSL/GmSSL-Go v1.3.1
打开文件go.mod,内容如下
module example.com/hello
go 1.21.1
require github.com/GmSSL/GmSSL-Go v1.3.1 // indirect
在文件go.mod最后面添加一行
replace gmssl => github.com/GmSSL/GmSSL-Go v1.3.1
更新模块信息
$ go mod tidy
go: found gmssl in gmssl v0.0.0-00010101000000-000000000000
编译执行
$ go build
$ go run .
GmSSL 3.1.1 Dev
Documentation
¶
Overview ¶
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0
+build cgo
Index ¶
- Constants
- func GetGmSSLLibraryVersion() string
- func RandBytes(length int) ([]byte, error)
- func Sm3Pbkdf2(pass string, salt []byte, iter uint, keylen uint) ([]byte, error)
- type Sm2Certificate
- func (cert *Sm2Certificate) GetIssuer() ([]byte, map[string]string, error)
- func (cert *Sm2Certificate) GetSerialNumber() ([]byte, error)
- func (cert *Sm2Certificate) GetSubject() ([]byte, map[string]string, error)
- func (cert *Sm2Certificate) GetSubjectPublicKey() (*Sm2Key, error)
- func (cert *Sm2Certificate) GetValidity() (time.Time, time.Time, error)
- func (cert *Sm2Certificate) VerifyByCaCertificate(ca_cert *Sm2Certificate, sm2_id string) bool
- type Sm2Key
- func (sm2 *Sm2Key) ComputeZ(id string) ([]byte, error)
- func (sm2 *Sm2Key) Decrypt(in []byte) ([]byte, error)
- func (sm2 *Sm2Key) Encrypt(in []byte) ([]byte, error)
- func (sm2 *Sm2Key) ExportEncryptedPrivateKeyInfoPem(pass string, path string) error
- func (sm2 *Sm2Key) ExportPublicKeyInfoPem(path string) error
- func (sm2 *Sm2Key) Sign(dgst []byte) ([]byte, error)
- func (sm2 *Sm2Key) Verify(dgst []byte, signature []byte) bool
- type Sm2Signature
- type Sm3
- type Sm3Hmac
- type Sm4
- type Sm4Cbc
- type Sm4Ctr
- type Sm4Gcm
- type Sm9EncKey
- type Sm9EncMasterKey
- func (sm9 *Sm9EncMasterKey) Encrypt(in []byte, to string) ([]byte, error)
- func (sm9 *Sm9EncMasterKey) ExportEncryptedMasterKeyInfoPem(path string, pass string) error
- func (sm9 *Sm9EncMasterKey) ExportMasterPublicKeyPem(path string) error
- func (sm9 *Sm9EncMasterKey) ExtractKey(id string) (*Sm9EncKey, error)
- type Sm9SignKey
- type Sm9SignMasterKey
- type Sm9Signature
- type Zuc
Constants ¶
const ( Sm2DefaultId = "1234567812345678" Sm2MaxSignatureSize = 72 Sm2MinPlaintextSize = 1 Sm2MaxPlaintextSize = 255 Sm2MinCiphertextSize = 45 Sm2MaxCiphertextSize = 366 )
const ( Sm3DigestSize = 32 Sm3HmacMinKeySize = 16 Sm3HmacMaxKeySize = 64 Sm3HmacSize = 32 Sm3Pbkdf2MinIter = 10000 Sm3Pbkdf2MaxIter = 16777216 Sm3Pbkdf2MaxSaltSize = 64 Sm3Pbkdf2DefaultSaltSize = 8 Sm3Pbkdf2MaxKeySize = 256 )
const ( Sm4KeySize = 16 Sm4BlockSize = 16 Sm4CbcIvSize = 16 Sm4CtrIvSize = 16 Sm4GcmMinIvSize = 8 Sm4GcmMaxIvSize = 64 Sm4GcmDefaultIvSize = 64 Sm4GcmDefaultTagSize = 16 Sm4GcmMaxTagSize = 16 )
const ( Sm9MaxIdSize = 63 Sm9MaxPlaintextSize = 255 Sm9MaxCiphertextSize = 367 Sm9SignatureSize = 104 )
const (
GmSSLGoVersion = "1.3.1"
)
const ZucIvSize = 16
const ZucKeySize = 16
Variables ¶
This section is empty.
Functions ¶
func GetGmSSLLibraryVersion ¶
func GetGmSSLLibraryVersion() string
Types ¶
type Sm2Certificate ¶
type Sm2Certificate struct {
// contains filtered or unexported fields
}
func ImportSm2CertificatePem ¶
func ImportSm2CertificatePem(path string) (*Sm2Certificate, error)
func (*Sm2Certificate) GetIssuer ¶
func (cert *Sm2Certificate) GetIssuer() ([]byte, map[string]string, error)
func (*Sm2Certificate) GetSerialNumber ¶
func (cert *Sm2Certificate) GetSerialNumber() ([]byte, error)
func (*Sm2Certificate) GetSubject ¶
func (cert *Sm2Certificate) GetSubject() ([]byte, map[string]string, error)
func (*Sm2Certificate) GetSubjectPublicKey ¶
func (cert *Sm2Certificate) GetSubjectPublicKey() (*Sm2Key, error)
func (*Sm2Certificate) GetValidity ¶
func (*Sm2Certificate) VerifyByCaCertificate ¶
func (cert *Sm2Certificate) VerifyByCaCertificate(ca_cert *Sm2Certificate, sm2_id string) bool
type Sm2Key ¶
type Sm2Key struct {
// contains filtered or unexported fields
}
func GenerateSm2Key ¶
func (*Sm2Key) ExportEncryptedPrivateKeyInfoPem ¶
func (*Sm2Key) ExportPublicKeyInfoPem ¶
type Sm2Signature ¶
type Sm2Signature struct {
// contains filtered or unexported fields
}
func NewSm2Signature ¶
func NewSm2Signature(sm2 *Sm2Key, id string, sign bool) (*Sm2Signature, error)
func (*Sm2Signature) Sign ¶
func (sig *Sm2Signature) Sign() ([]byte, error)
func (*Sm2Signature) Update ¶
func (sig *Sm2Signature) Update(data []byte) error
func (*Sm2Signature) Verify ¶
func (sig *Sm2Signature) Verify(signature []byte) bool
type Sm3Hmac ¶
type Sm3Hmac struct {
// contains filtered or unexported fields
}
func NewSm3Hmac ¶
func (*Sm3Hmac) GenerateMac ¶
type Sm4Gcm ¶
type Sm4Gcm struct {
// contains filtered or unexported fields
}
type Sm9EncKey ¶
type Sm9EncKey struct {
// contains filtered or unexported fields
}
func (*Sm9EncKey) ExportEncryptedPrivateKeyInfoPem ¶
type Sm9EncMasterKey ¶
type Sm9EncMasterKey struct {
// contains filtered or unexported fields
}
func GenerateSm9EncMasterKey ¶
func GenerateSm9EncMasterKey() (*Sm9EncMasterKey, error)
func ImportEncryptedSm9EncMasterKeyInfoPem ¶
func ImportEncryptedSm9EncMasterKeyInfoPem(path string, pass string) (*Sm9EncMasterKey, error)
func ImportSm9EncMasterPublicKeyPem ¶
func ImportSm9EncMasterPublicKeyPem(path string) (*Sm9EncMasterKey, error)
func (*Sm9EncMasterKey) Encrypt ¶
func (sm9 *Sm9EncMasterKey) Encrypt(in []byte, to string) ([]byte, error)
func (*Sm9EncMasterKey) ExportEncryptedMasterKeyInfoPem ¶
func (sm9 *Sm9EncMasterKey) ExportEncryptedMasterKeyInfoPem(path string, pass string) error
func (*Sm9EncMasterKey) ExportMasterPublicKeyPem ¶
func (sm9 *Sm9EncMasterKey) ExportMasterPublicKeyPem(path string) error
func (*Sm9EncMasterKey) ExtractKey ¶
func (sm9 *Sm9EncMasterKey) ExtractKey(id string) (*Sm9EncKey, error)
type Sm9SignKey ¶
type Sm9SignKey struct {
// contains filtered or unexported fields
}
func ImportEncryptedSm9SignPrivateKeyInfoPem ¶
func ImportEncryptedSm9SignPrivateKeyInfoPem(path string, pass string, id string) (*Sm9SignKey, error)
func (*Sm9SignKey) ExportEncryptedPrivateKeyInfoPem ¶
func (sm9 *Sm9SignKey) ExportEncryptedPrivateKeyInfoPem(path string, pass string) error
func (*Sm9SignKey) GetId ¶
func (sm9 *Sm9SignKey) GetId() string
type Sm9SignMasterKey ¶
type Sm9SignMasterKey struct {
// contains filtered or unexported fields
}
func GenerateSm9SignMasterKey ¶
func GenerateSm9SignMasterKey() (*Sm9SignMasterKey, error)
func ImportEncryptedSm9SignMasterKeyInfoPem ¶
func ImportEncryptedSm9SignMasterKeyInfoPem(path string, pass string) (*Sm9SignMasterKey, error)
func ImportSm9SignMasterPublicKeyPem ¶
func ImportSm9SignMasterPublicKeyPem(path string) (*Sm9SignMasterKey, error)
func (*Sm9SignMasterKey) ExportEncryptedMasterKeyInfoPem ¶
func (sm9 *Sm9SignMasterKey) ExportEncryptedMasterKeyInfoPem(path string, pass string) error
func (*Sm9SignMasterKey) ExportMasterPublicKeyPem ¶
func (sm9 *Sm9SignMasterKey) ExportMasterPublicKeyPem(path string) error
func (*Sm9SignMasterKey) ExtractKey ¶
func (sm9 *Sm9SignMasterKey) ExtractKey(id string) (*Sm9SignKey, error)
type Sm9Signature ¶
type Sm9Signature struct {
// contains filtered or unexported fields
}
func NewSm9Signature ¶
func NewSm9Signature(sign bool) (*Sm9Signature, error)
func (*Sm9Signature) Sign ¶
func (sig *Sm9Signature) Sign(sign_key *Sm9SignKey) ([]byte, error)
func (*Sm9Signature) Update ¶
func (sig *Sm9Signature) Update(data []byte) error
func (*Sm9Signature) Verify ¶
func (sig *Sm9Signature) Verify(signature []byte, master_public_key *Sm9SignMasterKey, signer_id string) bool
Source Files
Directories