sm2-crypto 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b51258ccfa3e81ed0173f642cd16e1f96a1ba5944a6646dc68aa5850cd4d9039
+  data.tar.gz: d9e2bfb6afbd01095baf46c283e906bca986510d5988e4c67e55510cc8fd1c93
+SHA512:
+  metadata.gz: b030ea7c612717190baff608b974cdd74781ca7f15288602f0c8465f73be34d55abc28ce850329e09123e3f9c5d4020e8f6c4ecc903308878680ce929719a661
+  data.tar.gz: f8c0172e0e341570d0e672edebae78e4e552d7aca5441356b266480793b39b91fb428b433dee967a1e64e93dd2af766c56e6de32661330f9f64075b99f43711f

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2023-03-27
+
+- Initial release

data/Gemfile

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in sm2-crypto.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+gem "minitest", "~> 5.0"

data/Gemfile.lock

@@ -0,0 +1,22 @@
+PATH
+  remote: .
+  specs:
+    sm2-crypto (0.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    minitest (5.18.0)
+    rake (13.0.6)
+
+PLATFORMS
+  arm64-darwin-22
+  x86_64-linux
+
+DEPENDENCIES
+  minitest (~> 5.0)
+  rake (~> 13.0)
+  sm2-crypto!
+
+BUNDLED WITH
+   2.4.6

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 Seekr
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,59 @@
+# sm2-crypto
+
+sm2-crypto is an implementation of the SM2 encryption and decryption algorithm in pure Ruby based on the OpenSSL SM2 elliptic curve cryptography standard.
+
+## Installation
+OpenSSL has added support for SM2/SM3/SM4 encryption algorithms since version [1.1.1](https://www.openssl.org/news/openssl-1.1.1-notes.html). However, Ruby does not wrap the C interface related to SM2 encryption and decryption in OpenSSL. This library is not a wrapper for the C interface, but an implementation of the SM2 encryption and decryption algorithm in pure Ruby, based on the `OpenSSL::PKey::EC` interface.
+
+Before using, please make sure your Ruby's OpenSSL version is `1.1.1` or higher.
+
+Check the OpenSSL version in Ruby:
+
+```ruby
+irb(main):001:0> require "openssl"
+=> true
+irb(main):002:0> OpenSSL::OPENSSL_VERSION
+=> "OpenSSL 1.1.1k  25 Mar 2021"
+```
+
+Add this line to your Gemfile:
+
+```ruby
+gem "sm2-crypto"
+```
+
+Or install it yourself via command line:
+
+```shell
+$ gem install sm2-crypto
+```
+
+## Usage
+
+```ruby
+require 'sm2_crypto'
+
+# Generate key pair
+keypair = OpenSSL::PKey::EC.generate("SM2")
+private_key = keypair.private_key.to_s(2)
+public_key = keypair.public_key.to_bn.to_s(2)
+
+# Encrypt data
+message = "Hello, SM2 encryption!"
+encrypted_data = SM2Crypto.encrypt(public_key, message)
+puts "Encrypted message: #{encrypted_data}"
+
+# Decrypt data
+decrypted_message = SM2Crypto.decrypt(private_key, encrypted_data)
+puts "Decrypted message: #{decrypted_message}"
+```
+
+## Contributing
+
+Contributions to the project are welcome. Please fork the repository, create a feature branch, and submit a pull request. Be sure to add tests and update documentation as needed.
+
+For bug reports and feature requests, please open an issue on the [GitHub repository](https://github.com/numbcoder/sm2-crypto/issues).
+
+## License
+
+sm2-crypto is released under the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/test_*.rb"]
+end
+
+task default: :test

data/lib/sm2_crypto.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require "openssl"
+
+module SM2Crypto
+  module_function
+
+  # Key Derived Function
+  #
+  # @param key [String] key data
+  # @param klen [Integer] export key length
+  # @return [Array<Integer>] bytes array
+  def kdf(key, klen)
+    # hlen = 32 # 哈希函数 SM3 输出长度 32 字节
+    n = (klen.to_f / 32).ceil # n = klen/hlen 向上取整
+
+    (1..n).map do |ct|
+      OpenSSL::Digest.digest("SM3", key + [ct].pack("N"))
+    end.join.slice(0, klen).bytes
+  end
+
+  # Encrypt
+  #
+  # @param public_key [String] public key, format: binary string
+  # @param data [String] data
+  # @param cipher_mode [Integer] 0: C1C2C3, 1: C1C3C2, default: 1
+  # @return [String] encrypted data, format: binary string
+  def encrypt(public_key, data, cipher_mode: 1)
+    data = data.unpack1("a*") unless data.ascii_only?
+    public_key = "\x04#{public_key}" if public_key.size == 64 && public_key[0] != "\x04"
+
+    point = OpenSSL::PKey::EC::Point.new(OpenSSL::PKey::EC::Group.new("SM2"), OpenSSL::BN.new(public_key, 2))
+    random_key = OpenSSL::PKey::EC.generate("SM2")
+    k = random_key.private_key
+    c1 = random_key.public_key.to_bn.to_s(2)
+
+    p = point.mul(k)
+    p_bin_str = p.to_bn.to_s(2)
+    x2 = p_bin_str[1, 32]
+    y2 = p_bin_str[33, 32]
+
+    t = kdf(x2 + y2, data.bytesize)
+    t = kdf(x2 + y2, data.bytesize) while t[0, 8].uniq == [0] && t.uniq == [0]
+
+    c2 = data.each_byte.map.with_index { |b, i| b ^ t[i] }.pack("C*")
+
+    # c3 = hash(x2 || msg || y2)
+    c3 = OpenSSL::Digest.digest("SM3", x2 + data + y2)
+
+    cipher_mode == 0 ? c1 + c2 + c3 : c1 + c3 + c2
+  end
+
+  # Decrypt
+  #
+  # @param private_key [String] private key, format: binary string
+  # @param data [String] data to be decrypted, format: binary string
+  # @param cipher_mode [Integer] 0: C1C2C3, 1: C1C3C2, default: 1
+  # @return [String] encrypted data, format: binary string
+  def decrypt(private_key, data, cipher_mode: 1)
+    data = "\x04#{data}" if data[0] != "\x04"
+
+    c1 = data[0, 65]
+    c2_size = data.bytesize - 97
+    if cipher_mode == 0
+      c2 = data[65, c2_size]
+      c3 = data[65 + c2_size, 32]
+    else
+      c3 = data[65, 32]
+      c2 = data[97, c2_size]
+    end
+    point = OpenSSL::PKey::EC::Point.new(OpenSSL::PKey::EC::Group.new("SM2"), OpenSSL::BN.new(c1, 2))
+    pkey = OpenSSL::BN.new(private_key, 2)
+    p = point.mul(pkey)
+    p_bin_str = p.to_bn.to_s(2)
+    x2 = p_bin_str[1, 32]
+    y2 = p_bin_str[33, 32]
+
+    t = kdf(x2 + y2, c2_size)
+    raise ArgumentError, "KDF is 0" if t[0, 8].uniq == [0] && t.uniq == [0]
+
+    msg = c2.each_byte.map.with_index { |b, i| b ^ t[i] }.pack("C*")
+
+    digest = OpenSSL::Digest.digest("SM3", x2 + msg + y2)
+    raise ArgumentError, "Digest no match" if c3 != digest
+
+    msg
+  end
+end

data/sm2-crypto.gemspec

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+Gem::Specification.new do |spec|
+  spec.name = "sm2-crypto"
+  spec.version = "0.1"
+  spec.authors = ["Seekr"]
+  spec.email = ["wzhao23@gmail.com"]
+
+  spec.summary = "An SM2 cryptographic algorithm encryption and decryption library for Ruby"
+  spec.description = "sm2-crypto is an implementation of the SM2 encryption and decryption algorithm in pure Ruby based on the OpenSSL"
+  spec.homepage = "https://github.com/numbcoder/sm2-crypto"
+  spec.license = "MIT"
+  spec.required_ruby_version = ">= 2.7.0"
+
+  spec.metadata["rubygems_mfa_required"] = "true"
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = spec.homepage
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(__dir__) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|circleci)|appveyor)})
+    end
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "minitest", ">= 5.0"
+  spec.add_development_dependency "rake", ">= 13.0"
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification
+name: sm2-crypto
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Seekr
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2023-04-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13.0'
+description: sm2-crypto is an implementation of the SM2 encryption and decryption
+  algorithm in pure Ruby based on the OpenSSL
+email:
+- wzhao23@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/sm2_crypto.rb
+- sm2-crypto.gemspec
+homepage: https://github.com/numbcoder/sm2-crypto
+licenses:
+- MIT
+metadata:
+  rubygems_mfa_required: 'true'
+  homepage_uri: https://github.com/numbcoder/sm2-crypto
+  source_code_uri: https://github.com/numbcoder/sm2-crypto
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.7.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.6
+signing_key:
+specification_version: 4
+summary: An SM2 cryptographic algorithm encryption and decryption library for Ruby
+test_files: []