sm2

package
v1.0.2065 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 17 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// default Encrypter Opts
	DefaultEncrypterOpts = EncrypterOpts{
		Mode: C1C3C2,
		Hash: sm3.New,
	}

	// default Signer Opts
	DefaultSignerOpts = SignerOpts{
		Uid:  defaultUID,
		Hash: sm3.New,
	}
)

Functions

func CalculateZA added in v1.0.2047 

func CalculateZA(pub *PublicKey, uid []byte) ([]byte, error)

CalculateZA ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)

func CalculateZALegacy added in v1.0.2063 

func CalculateZALegacy(pub *PublicKey, h hashFunc, uid []byte) ([]byte, error)

CalculateZALegacy ZA = H256(ENTLA || IDA || a || b || xG || yG || xA || yA)

func Compress 

func Compress(pub *PublicKey) []byte

压缩公钥 Compress PublicKey struct

func Decrypt 

func Decrypt(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析字节拼接格式的密文内容 Decrypt bytes marshal data

func DecryptASN1 added in v1.0.2042 

func DecryptASN1(priv *PrivateKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 解密,解析 asn.1 编码格式的密文内容 Decrypt asn.1 marshal data

func Encrypt 

func Encrypt(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回字节拼接格式的密文内容 Encrypted and return bytes data

func EncryptASN1 added in v1.0.2042 

func EncryptASN1(random io.Reader, pub *PublicKey, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

sm2 加密,返回 asn.1 编码格式的密文内容 Encrypted and return asn.1 data

func KeyExchangeA 

func KeyExchangeA(klen int, ida, idb []byte, priA *PrivateKey, pubB *PublicKey, rpri *PrivateKey, rpubB *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeA 协商第二部,用户A调用,返回共享密钥k

func KeyExchangeB 

func KeyExchangeB(klen int, ida, idb []byte, priB *PrivateKey, pubA *PublicKey, rpri *PrivateKey, rpubA *PublicKey) (k, s1, s2 []byte, err error)

KeyExchangeB 协商第二部,用户B调用, 返回共享密钥k

func MarshalPrivateKey 

func MarshalPrivateKey(key *PrivateKey) ([]byte, error)

func MarshalPublicKey 

func MarshalPublicKey(key *PublicKey) ([]byte, error)

func MarshalSM2PrivateKey 

func MarshalSM2PrivateKey(key *PrivateKey) ([]byte, error)

MarshalSM2PrivateKey converts an SM2 private key to SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY". For a more flexible key format which is not SM2 specific, use MarshalPKCS8PrivateKey.

func MarshalSignatureASN1 added in v1.0.2047 

func MarshalSignatureASN1(r, s *big.Int) ([]byte, error)

func P256 added in v1.0.2047 

func P256() elliptic.Curve

sm2 p256

func Sign 

func Sign(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 asn.1 编码数据 sign data and return asn.1 marshal data

func SignBytes added in v1.0.2053 

func SignBytes(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 sign data and return Bytes marshal data

func SignLegacy added in v1.0.2063 

func SignLegacy(random io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

sm2 sign legacy

func SignToRS added in v1.0.2053 

func SignToRS(random io.Reader, priv *PrivateKey, msg []byte, opts crypto.SignerOpts) (r, s *big.Int, err error)

sm2 sign with SignerOpts

func ToPrivateKey 

func ToPrivateKey(key *PrivateKey) []byte

输出私钥明文 output PrivateKey data

func ToPublicKey 

func ToPublicKey(key *PublicKey) []byte

输出公钥明文 output PublicKey data

func UnmarshalSignatureASN1 added in v1.0.2047 

func UnmarshalSignatureASN1(sign []byte) (r, s *big.Int, err error)

func Verify 

func Verify(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data

func VerifyBytes added in v1.0.2053 

func VerifyBytes(pub *PublicKey, msg, sign []byte, opts crypto.SignerOpts) error

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data

func VerifyLegacy added in v1.0.2063 

func VerifyLegacy(pub *PublicKey, hash []byte, r, s *big.Int) error

sm2 verify legacy

func VerifyWithRS added in v1.0.2053 

func VerifyWithRS(pub *PublicKey, msg []byte, r, s *big.Int, opts crypto.SignerOpts) error

sm2 verify with SignerOpts

Types

type EncrypterOpts 

type EncrypterOpts struct {
	Mode Mode
	Hash hashFunc
}

加密设置 Encrypter Opts

func (EncrypterOpts) GetHash added in v1.0.2052 

func (this EncrypterOpts) GetHash() hashFunc

func (EncrypterOpts) GetMode added in v1.0.2052 

func (this EncrypterOpts) GetMode() Mode

type KeyExchange added in v1.0.2052 

type KeyExchange struct {
	// contains filtered or unexported fields
}

KeyExchange key exchange struct, include internal stat in whole key exchange flow. Initiator's flow will be: NewKeyExchange -> Init -> transmission -> ConfirmResponder Responder's flow will be: NewKeyExchange -> waiting ... -> Repond -> transmission -> ConfirmInitiator

func NewKeyExchange added in v1.0.2052 

func NewKeyExchange(priv *PrivateKey, peerPub *PublicKey, uid, peerUID []byte, keyLen int, genSignature bool) (ke *KeyExchange, err error)

NewKeyExchange create one new KeyExchange object

func (*KeyExchange) ConfirmInitiator added in v1.0.2052 

func (ke *KeyExchange) ConfirmInitiator(s1 []byte) ([]byte, error)

ConfirmInitiator for responder's step B10

func (*KeyExchange) ConfirmResponder added in v1.0.2052 

func (ke *KeyExchange) ConfirmResponder(rB *PublicKey, sB []byte) ([]byte, []byte, error)

ConfirmResponder for initiator's step A4-A10, returns keying data and optional signature.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

If the peer's signature is not empty, then it will also validate the peer's signature and return generated signature depends on KeyExchange.genSignature value.

func (*KeyExchange) Init added in v1.0.2052 

func (ke *KeyExchange) Init(random io.Reader) (*PublicKey, error)

Init is for initiator's step A1-A3, returns generated Ephemeral Public Key which will be passed to Reponder.

func (*KeyExchange) Repond added in v1.0.2052 

func (ke *KeyExchange) Repond(random io.Reader, rA *PublicKey) (*PublicKey, []byte, error)

Repond is for responder's step B1-B8, returns generated Ephemeral Public Key and optional signature depends on KeyExchange.genSignature value.

It will check if there are peer's public key and validate the peer's Ephemeral Public Key.

func (*KeyExchange) Reset added in v1.0.2052 

func (ke *KeyExchange) Reset()

Reset clear all internal state and Ephemeral private/public keys.

func (*KeyExchange) SetPeerParameters added in v1.0.2052 

func (ke *KeyExchange) SetPeerParameters(peerPub *PublicKey, peerUID []byte) error

SetPeerParameters when need other param

type Mode 

type Mode uint

加密后数据编码模式 Encrypted data encoding mode 

const (
	C1C3C2 Mode = iota
	C1C2C3
)

type PrivateKey 

type PrivateKey struct {
	PublicKey
	D *big.Int
}

SM2 PrivateKey

func GenerateKey 

func GenerateKey(random io.Reader) (*PrivateKey, error)

生成私钥证书 generate PrivateKey

func NewPrivateKey 

func NewPrivateKey(d []byte) (*PrivateKey, error)

根据私钥明文初始化私钥 New a PrivateKey from privatekey data

func ParsePrivateKey 

func ParsePrivateKey(der []byte) (*PrivateKey, error)

func ParseSM2PrivateKey 

func ParseSM2PrivateKey(der []byte) (*PrivateKey, error)

ParseSM2PrivateKey parses an SM2 private key in SEC 1, ASN.1 DER form.

This kind of key is commonly encoded in PEM blocks of type "SM2 PRIVATE KEY".

func (*PrivateKey) Decrypt 

func (priv *PrivateKey) Decrypt(_ io.Reader, data []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)

crypto.Decrypter

func (*PrivateKey) DecryptASN1 added in v1.0.2042 

func (priv *PrivateKey) DecryptASN1(data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Decrypt with ASN1

func (*PrivateKey) Equal 

func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool

Equal reports whether priv and x have the same value.

func (*PrivateKey) Public 

func (priv *PrivateKey) Public() crypto.PublicKey

The SM2's private key contains the public key

func (*PrivateKey) Sign 

func (priv *PrivateKey) Sign(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 asn.1 编码数据 sign data and return asn.1 marshal data

func (*PrivateKey) SignBytes 

func (priv *PrivateKey) SignBytes(random io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error)

签名返回 Bytes 编码数据 sign data and return Bytes marshal data

type PublicKey 

type PublicKey struct {
	elliptic.Curve
	X, Y *big.Int
}

SM2 PublicKey

func Decompress 

func Decompress(data []byte) (*PublicKey, error)

解缩公钥 Decompress PublicKey data

func NewPublicKey 

func NewPublicKey(data []byte) (*PublicKey, error)

根据公钥明文初始化公钥 New a PublicKey from publicKey data

func ParsePublicKey 

func ParsePublicKey(der []byte) (*PublicKey, error)

func (*PublicKey) Encrypt 

func (pub *PublicKey) Encrypt(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with bytes

func (*PublicKey) EncryptASN1 added in v1.0.2042 

func (pub *PublicKey) EncryptASN1(random io.Reader, data []byte, opts crypto.DecrypterOpts) ([]byte, error)

Encrypt with ASN1

func (*PublicKey) Equal 

func (pub *PublicKey) Equal(x crypto.PublicKey) bool

Equal reports whether pub and x have the same value.

func (*PublicKey) Verify 

func (pub *PublicKey) Verify(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 ans1(r, s) Verify asn.1 marshal data

func (*PublicKey) VerifyBytes 

func (pub *PublicKey) VerifyBytes(msg, sign []byte, opts crypto.SignerOpts) bool

验证 asn.1 编码的数据 bytes(r + s) Verify Bytes marshal data

type SignerOpts 

type SignerOpts struct {
	Uid  []byte
	Hash hashFunc
}

签名设置 Signer Opts

func (SignerOpts) GetHash added in v1.0.2052 

func (this SignerOpts) GetHash() hashFunc

func (SignerOpts) GetUid added in v1.0.2052 

func (this SignerOpts) GetUid() []byte

func (SignerOpts) HashFunc 

func (this SignerOpts) HashFunc() crypto.Hash

Source Files

View all Source files

Directories

Path Synopsis
field

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.