sm2

package

v0.0.4 Latest Latest Go to latest Published: Feb 1, 2023 License: Apache-2.0 Imports: 20 Imported by: 27

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hxx258456/ccgo

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
Variables
func ASN1Ciphertext2Plain(ciphertext []byte, opts *EncrypterOpts) ([]byte, error)
func AdjustCiphertextSplicingOrder(ciphertext []byte, from, to ciphertextSplicingOrder) ([]byte, error)
func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)
func ConvertSM2Priv2ECPriv(sm2Priv *PrivateKey) (*ecdsa.PrivateKey, error)
func Decrypt(priv *PrivateKey, data []byte, opts *DecrypterOpts) ([]byte, error)
func DecryptAsn1(priv *PrivateKey, ciphertext []byte) ([]byte, error)
func DecryptDefault(priv *PrivateKey, ciphertext []byte) ([]byte, error)
func Encrypt(pub *PublicKey, data []byte, random io.Reader, opts *EncrypterOpts) ([]byte, error)
func EncryptAsn1(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)
func EncryptDefault(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)
func GenTables()
func IsSM2PublicKey(publicKey interface{}) bool
func P256Sm2() elliptic.Curve
func PlainCiphertext2ASN1(ciphertext []byte, from ciphertextSplicingOrder) ([]byte, error)
func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)
func SignASN1WithOpts(rand io.Reader, priv *PrivateKey, hash []byte, opts crypto.SignerOpts) ([]byte, error)
func SignAfterZA(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
func SignWithZA(rand io.Reader, priv *PrivateKey, uid, msg []byte) (r, s *big.Int, err error)
func Sm2Sign(priv *PrivateKey, msg, uid []byte, random io.Reader) (r, s *big.Int, err error)
func Sm2Verify(pub *PublicKey, msg, uid []byte, r, s *big.Int) bool
func Verify(pub *PublicKey, msg []byte, r, s *big.Int) bool
func VerifyASN1(pub *PublicKey, msg, sig []byte) bool
func VerifyASN1WithoutZA(pub *PublicKey, hash, sig []byte) bool
func VerifyWithZA(pub *PublicKey, uid, msg []byte, r, s *big.Int) bool
func WriteSm2PrivToHex(key *PrivateKey) string
func WriteSm2PubToHex(key *PublicKey) string
type DecrypterOpts
- func NewPlainDecrypterOpts(splicingOrder ciphertextSplicingOrder) *DecrypterOpts
type EncrypterOpts
- func NewPlainEncrypterOpts(marhsalMode pointMarshalMode, splicingOrder ciphertextSplicingOrder) *EncrypterOpts
type PrivateKey
- func ConvertECPriv2SM2Priv(ecPriv *ecdsa.PrivateKey) (*PrivateKey, error)
- func GenerateKey(rand io.Reader) (*PrivateKey, error)
- func ReadSm2PrivFromHex(Dhex string) (*PrivateKey, error)
- func (priv *PrivateKey) Decrypt(rand io.Reader, msg []byte, opts *DecrypterOpts) (plaintext []byte, err error)
- func (priv *PrivateKey) DecryptAsn1(data []byte) ([]byte, error)
- func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool
- func (priv *PrivateKey) Public() crypto.PublicKey
- func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
- func (priv *PrivateKey) SignWithZA(rand io.Reader, uid, msg []byte) ([]byte, error)
type PublicKey
- func ReadSm2PubFromHex(Qhex string) (*PublicKey, error)
- func (pub *PublicKey) Encrypt(rand io.Reader, msg []byte, opts *EncrypterOpts) (ciphertext []byte, err error)
- func (pub *PublicKey) EncryptAsn1(data []byte, random io.Reader) ([]byte, error)
- func (pub *PublicKey) Equal(x crypto.PublicKey) bool
- func (pub *PublicKey) Verify(msg []byte, sig []byte) bool
type SM2SignerOption
- func DefaultSM2SignerOption() *SM2SignerOption
- func NewSM2SignerOption(forceZA bool, uid []byte) *SM2SignerOption
- func (*SM2SignerOption) HashFunc() crypto.Hash
type Signer

Constants ¶

View Source

const (
	// MarshalUncompressed C1不压缩序列化
	// MarshalUncompressed uncompressed mashal mode
	MarshalUncompressed pointMarshalMode = iota
	// MarshalCompressed C1压缩序列化
	// MarshalCompressed compressed mashal mode
	MarshalCompressed
	// MarshalMixed C1混合序列化
	// MarshalMixed mixed mashal mode
	MarshalMixed
)

View Source

const (
	// C1C3C2 默认使用 C1C3C2
	C1C3C2 ciphertextSplicingOrder = iota
	C1C2C3
)

View Source

const (
	// ENCODING_PLAIN 平文，即不对C2C3做ASN1转码
	ENCODING_PLAIN ciphertextEncoding = iota
	// ENCODING_ASN1 ASN1，即对C2C3做ASN1转码
	ENCODING_ASN1
)

Variables ¶

View Source

var ASN1DecrypterOpts = &DecrypterOpts{ENCODING_ASN1, C1C3C2}

ASN1DecrypterOpts ASN1转码解密参数: C1C3C2, C3C2做ASN1转码

View Source

var ASN1EncrypterOpts = &EncrypterOpts{ENCODING_ASN1, MarshalUncompressed, C1C3C2}

ASN1EncrypterOpts ASN1转码加密参数: C1C3C2, C1不压缩, C3C2做ASN1转码

Functions ¶

func ASN1Ciphertext2Plain ¶

func ASN1Ciphertext2Plain(ciphertext []byte, opts *EncrypterOpts) ([]byte, error)

ASN1Ciphertext2Plain sm2加密结果去除ASN1转码 ASN1Ciphertext2Plain utility method to convert ASN.1 encoding ciphertext to plain encoding format

func AdjustCiphertextSplicingOrder ¶

func AdjustCiphertextSplicingOrder(ciphertext []byte, from, to ciphertextSplicingOrder) ([]byte, error)

AdjustCiphertextSplicingOrder 修改sm2加密结果的C2C3拼接顺序 AdjustCiphertextSplicingOrder utility method to change c2 c3 order

func CalculateZA ¶

func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)

CalculateZA ZA计算。

SM2签名与验签之前，先对签名内容做一次混入ZA的散列。
ZA的值是根据公钥与uid计算出来的。
CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA).
Compliance with GB/T 32918.2-2016 5.5

func ConvertSM2Priv2ECPriv ¶

func ConvertSM2Priv2ECPriv(sm2Priv *PrivateKey) (*ecdsa.PrivateKey, error)

func Decrypt ¶

func Decrypt(priv *PrivateKey, data []byte, opts *DecrypterOpts) ([]byte, error)

Decrypt sm2私钥解密

opts传nil代表C1C3C2模式

func DecryptAsn1 ¶

func DecryptAsn1(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptAsn1 sm2私钥解密, C1C3C2, C3C2做ASN1转码

func DecryptDefault ¶

func DecryptDefault(priv *PrivateKey, ciphertext []byte) ([]byte, error)

DecryptDefault sm2私钥解密, C1C3C2模式

func Encrypt ¶

func Encrypt(pub *PublicKey, data []byte, random io.Reader, opts *EncrypterOpts) ([]byte, error)

Encrypt sm2公钥加密

opts传nil代表默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func EncryptAsn1 ¶

func EncryptAsn1(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)

EncryptAsn1 sm2公钥加密

默认模式: C1C3C2, C1不压缩, C3C2做ASN1转码

func EncryptDefault ¶

func EncryptDefault(pub *PublicKey, data []byte, random io.Reader) ([]byte, error)

EncryptDefault sm2公钥加密

默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func GenTables ¶

func GenTables()

func IsSM2PublicKey ¶

func IsSM2PublicKey(publicKey interface{}) bool

IsSM2PublicKey check if given public key is a SM2 public key or not

func P256Sm2 ¶

func P256Sm2() elliptic.Curve

P256Sm2 获取sm2p256曲线 P256Sm2 init and return the singleton.

func PlainCiphertext2ASN1 ¶

func PlainCiphertext2ASN1(ciphertext []byte, from ciphertextSplicingOrder) ([]byte, error)

PlainCiphertext2ASN1 sm2加密结果改为ASN1转码 PlainCiphertext2ASN1 utility method to convert plain encoding ciphertext to ASN.1 encoding format

func Sign ¶

func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

Sign Sign使用私钥priv对签名摘要hash进行签名，并将签名转为asn1格式字节数组。

会对hash做ZA混合散列。

func SignASN1 ¶

func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte) ([]byte, error)

SignASN1 SignASN1使用私钥priv对签名摘要hash进行签名，并将签名转为asn1格式字节数组。

会对hash做ZA混合散列。

func SignASN1WithOpts ¶

func SignASN1WithOpts(rand io.Reader, priv *PrivateKey, hash []byte, opts crypto.SignerOpts) ([]byte, error)

SignASN1WithOpts SignASN1使用私钥priv对签名摘要hash进行签名，并将签名转为asn1格式字节数组。

是否对hash做ZA混合散列取决于opts类型是否*sm2.SM2SignerOption且opts.ForceGMSign为true。
如果opts传nil，则对hash做ZA混合散列。

func SignAfterZA ¶

func SignAfterZA(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

SignAfterZA sm2签名函数

1.内部不对签名内容hash进行混入ZA的散列处理。
2.内部会根据rand与hash使用aes生成一个后续签名生成随机数用的csprng，即本函数在签名时获取随机数时不是直接使用rand。

func SignWithZA ¶

func SignWithZA(rand io.Reader, priv *PrivateKey, uid, msg []byte) (r, s *big.Int, err error)

SignWithZA 对msg做ZA混合散列后再对得到的校验和进行签名。

混合散列使用sm3

SignWithZA follow sm2 dsa standards for hash part, compliance with GB/T 32918.2-2016.

func Sm2Sign ¶

func Sm2Sign(priv *PrivateKey, msg, uid []byte, random io.Reader) (r, s *big.Int, err error)

Sm2Sign Sm2Sign使用私钥priv对签名摘要hash进行签名，并将签名转为asn1格式字节数组。

会对hash做ZA混合散列。

func Sm2Verify ¶

func Sm2Verify(pub *PublicKey, msg, uid []byte, r, s *big.Int) bool

Sm2Verify sm2验签

对msg做ZA混合散列

func Verify ¶

func Verify(pub *PublicKey, msg []byte, r, s *big.Int) bool

Verify sm2验签

对msg做ZA混合散列

func VerifyASN1 ¶

func VerifyASN1(pub *PublicKey, msg, sig []byte) bool

VerifyASN1 VerifyASN1将asn1格式字节数组的签名转为(r,s)在调用sm2的验签函数。

对msg做ZA混合散列

func VerifyASN1WithoutZA ¶

func VerifyASN1WithoutZA(pub *PublicKey, hash, sig []byte) bool

VerifyASN1WithoutZA 将asn1格式字节数组的签名转为(r,s)，再做验签。不对hash再做ZA混合散列。

func VerifyWithZA ¶

func VerifyWithZA(pub *PublicKey, uid, msg []byte, r, s *big.Int) bool

VerifyWithZA 将对msg进行ZA混合散列后再进行验签。

func WriteSm2PrivToHex ¶ added in v0.0.4

func WriteSm2PrivToHex(key *PrivateKey) string

WriteSm2PrivToHex 将sm2私钥D转为hex字符串

@param key sm2私钥
@return string

func WriteSm2PubToHex ¶ added in v0.0.4

func WriteSm2PubToHex(key *PublicKey) string

WriteSm2PubToHex 将sm2公钥转为hex字符串

@param key sm2公钥
@return string

Types ¶

type DecrypterOpts ¶

type DecrypterOpts struct {
	// 转码规则
	CiphertextEncoding ciphertextEncoding
	// 拼接模式
	CipherTextSplicingOrder ciphertextSplicingOrder
}

DecrypterOpts 解密参数 DecrypterOpts decryption options

func NewPlainDecrypterOpts ¶

func NewPlainDecrypterOpts(splicingOrder ciphertextSplicingOrder) *DecrypterOpts

NewPlainDecrypterOpts 生成不做ASN1转码的sm2解密参数

type EncrypterOpts ¶

type EncrypterOpts struct {
	// C2C3转码规则
	CiphertextEncoding ciphertextEncoding
	// C1序列化模式
	PointMarshalMode pointMarshalMode
	// C1C2C3拼接模式
	CiphertextSplicingOrder ciphertextSplicingOrder
}

EncrypterOpts 加密参数 EncrypterOpts encryption options

func NewPlainEncrypterOpts ¶

func NewPlainEncrypterOpts(marhsalMode pointMarshalMode, splicingOrder ciphertextSplicingOrder) *EncrypterOpts

NewPlainEncrypterOpts 生成不做ASN1转码的sm2加密参数

type PrivateKey ¶

type PrivateKey struct {
	PublicKey          // 公钥
	D         *big.Int // 私钥，[1,n-1]区间的随机数
}

PrivateKey SM2私钥结构体

func ConvertECPriv2SM2Priv ¶

func ConvertECPriv2SM2Priv(ecPriv *ecdsa.PrivateKey) (*PrivateKey, error)

func GenerateKey ¶

func GenerateKey(rand io.Reader) (*PrivateKey, error)

GenerateKey 生成sm2的公私钥对 GenerateKey generates a public and private key pair.

func ReadSm2PrivFromHex ¶ added in v0.0.4

func ReadSm2PrivFromHex(Dhex string) (*PrivateKey, error)

ReadSm2PrivFromHex 将hex字符串转为sm2私钥

@param Dhex 16进制字符串，对应sm2.PrivateKey.D
@return *PrivateKey sm2私钥
@return error

func (*PrivateKey) Decrypt ¶

func (priv *PrivateKey) Decrypt(rand io.Reader, msg []byte, opts *DecrypterOpts) (plaintext []byte, err error)

Decrypt sm2私钥解密

opts传nil代表C1C3C2模式

func (*PrivateKey) DecryptAsn1 ¶

func (priv *PrivateKey) DecryptAsn1(data []byte) ([]byte, error)

DecryptAsn1 sm2私钥解密, C1C3C2, C1不压缩, C3C2做ASN1转码

func (*PrivateKey) Equal ¶

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

func (*PrivateKey) Public ¶

func (priv *PrivateKey) Public() crypto.PublicKey

Public The SM2's private key contains the public key

func (*PrivateKey) Sign ¶

func (priv *PrivateKey) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign 为sm2.PrivateKey实现Sign方法。

如果opts类型是*sm2.SM2SignerOption且opts.ForceGMSign为true，或opts传nil，

则将对digest进行ZA混合散列后再对其进行签名。

func (*PrivateKey) SignWithZA ¶

func (priv *PrivateKey) SignWithZA(rand io.Reader, uid, msg []byte) ([]byte, error)

SignWithZA 为sm2.PrivateKey实现SignWithZA方法。

该方法强制对msg做ZA混合散列

SignWithZA signs uid, msg with priv, reading randomness from rand. Compliance with GB/T 32918.2-2016. Deprecated: please use Sign method directly.

type PublicKey ¶

type PublicKey struct {
	elliptic.Curve          // 椭圆曲线
	X, Y           *big.Int // 公钥座标
}

PublicKey SM2公钥结构体

func ReadSm2PubFromHex ¶ added in v0.0.4

func ReadSm2PubFromHex(Qhex string) (*PublicKey, error)

ReadSm2PubFromHex 将hex字符串转为sm2公钥

@param Qhex sm2公钥座标x,y的字节数组拼接后的hex转码字符串
@return *PublicKey sm2公钥
@return error

func (*PublicKey) Encrypt ¶

func (pub *PublicKey) Encrypt(rand io.Reader, msg []byte, opts *EncrypterOpts) (ciphertext []byte, err error)

Encrypt sm2公钥加密

opts传nil代表默认模式: C1C3C2, C1不压缩, C3C2不做ASN1转码

func (*PublicKey) EncryptAsn1 ¶

func (pub *PublicKey) EncryptAsn1(data []byte, random io.Reader) ([]byte, error)

EncryptAsn1 sm2公钥加密, C1C3C2, C1不压缩, C3C2做ASN1转码

func (*PublicKey) Equal ¶

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

func (*PublicKey) Verify ¶

func (pub *PublicKey) Verify(msg []byte, sig []byte) bool

Verify sm2公钥验签

对msg做ZA混合散列

type SM2SignerOption ¶

type SM2SignerOption struct {
	// ZA计算用唯一标识符，只在ForceZA为true时使用。
	UID []byte
	// 是否强制使用国密签名标准，即对签名内容进行ZA混合散列后再签名。
	// 该值为true则代表进行ZA混合散列。
	ForceZA bool
}

SM2SignerOption sm2签名参数 SM2SignerOption implements crypto.SignerOpts interface. It is specific for SM2, used in private key's Sign method.

func DefaultSM2SignerOption ¶

func DefaultSM2SignerOption() *SM2SignerOption

DefaultSM2SignerOption 生成一个默认的sm2签名参数

func NewSM2SignerOption ¶

func NewSM2SignerOption(forceZA bool, uid []byte) *SM2SignerOption

NewSM2SignerOption 生成一个新的sm2签名参数

forceZA为true而uid为空时，使用defaultUID

func (*SM2SignerOption) HashFunc ¶

func (*SM2SignerOption) HashFunc() crypto.Hash

HashFunc 为sm2.SM2SignerOption实现crypto.SignerOpts接口

type Signer ¶

type Signer interface {
	SignWithZA(rand io.Reader, uid, msg []byte) ([]byte, error)
}

Signer SM2 special signer

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL