sm-crypto-v2 1.10.0 → 1.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.mjs CHANGED
@@ -671,13 +671,56 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
671
671
  }
672
672
 
673
673
  // src/sm2/index.ts
674
- import * as utils4 from "@noble/curves/abstract/utils";
674
+ import * as utils5 from "@noble/curves/abstract/utils";
675
675
 
676
- // src/sm2/kx.ts
676
+ // src/sm2/kdf.ts
677
677
  import * as utils3 from "@noble/curves/abstract/utils";
678
- var wPow2 = utils3.hexToNumber("80000000000000000000000000000000");
679
- var wPow2Sub1 = utils3.hexToNumber("7fffffffffffffffffffffffffffffff");
680
- function hkdf(z, keylen) {
678
+
679
+ // src/sm3/index.ts
680
+ function utf8ToArray(str) {
681
+ const arr = [];
682
+ for (let i = 0, len = str.length; i < len; i++) {
683
+ const point = str.codePointAt(i);
684
+ if (point <= 127) {
685
+ arr.push(point);
686
+ } else if (point <= 2047) {
687
+ arr.push(192 | point >>> 6);
688
+ arr.push(128 | point & 63);
689
+ } else if (point <= 55295 || point >= 57344 && point <= 65535) {
690
+ arr.push(224 | point >>> 12);
691
+ arr.push(128 | point >>> 6 & 63);
692
+ arr.push(128 | point & 63);
693
+ } else if (point >= 65536 && point <= 1114111) {
694
+ i++;
695
+ arr.push(240 | point >>> 18 & 28);
696
+ arr.push(128 | point >>> 12 & 63);
697
+ arr.push(128 | point >>> 6 & 63);
698
+ arr.push(128 | point & 63);
699
+ } else {
700
+ arr.push(point);
701
+ throw new Error("input is not supported");
702
+ }
703
+ }
704
+ return new Uint8Array(arr);
705
+ }
706
+ function sm32(input, options) {
707
+ input = typeof input === "string" ? utf8ToArray(input) : input;
708
+ if (options) {
709
+ const mode = options.mode || "hmac";
710
+ if (mode !== "hmac")
711
+ throw new Error("invalid mode");
712
+ let key = options.key;
713
+ if (!key)
714
+ throw new Error("invalid key");
715
+ key = typeof key === "string" ? hexToArray(key) : key;
716
+ return bytesToHex(hmac(sm3, key, input));
717
+ }
718
+ return bytesToHex(sm3(input));
719
+ }
720
+
721
+ // src/sm2/kdf.ts
722
+ function kdf(z, keylen) {
723
+ z = typeof z === "string" ? utf8ToArray(z) : z;
681
724
  let msg = new Uint8Array(keylen);
682
725
  let ct = 1;
683
726
  let offset = 0;
@@ -700,6 +743,11 @@ function hkdf(z, keylen) {
700
743
  }
701
744
  return msg;
702
745
  }
746
+
747
+ // src/sm2/kx.ts
748
+ import * as utils4 from "@noble/curves/abstract/utils";
749
+ var wPow2 = utils4.hexToNumber("80000000000000000000000000000000");
750
+ var wPow2Sub1 = utils4.hexToNumber("7fffffffffffffffffffffffffffffff");
703
751
  function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
704
752
  const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
705
753
  const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
@@ -709,35 +757,41 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
709
757
  if (isRecipient) {
710
758
  [ZA, ZB] = [ZB, ZA];
711
759
  }
712
- const rA = utils3.hexToNumber(ephemeralKeypairA.privateKey);
713
- const dA = utils3.hexToNumber(keypairA.privateKey);
760
+ const rA = utils4.hexToNumber(ephemeralKeypairA.privateKey);
761
+ const dA = utils4.hexToNumber(keypairA.privateKey);
714
762
  const x1 = RA.x;
715
763
  const x1_ = wPow2 + (x1 & wPow2Sub1);
716
764
  const tA = field.add(dA, field.mulN(x1_, rA));
717
765
  const x2 = RB.x;
718
766
  const x2_ = field.add(wPow2, x2 & wPow2Sub1);
719
767
  const U = RB.multiply(x2_).add(PB).multiply(tA);
720
- const xU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.x), 64));
721
- const yU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.y), 64));
722
- const KA = hkdf(utils3.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
768
+ const xU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.x), 64));
769
+ const yU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.y), 64));
770
+ const KA = kdf(utils4.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
723
771
  return KA;
724
772
  }
725
773
 
726
774
  // src/sm2/index.ts
775
+ function xorCipherStream(x2, y2, msg) {
776
+ const stream = kdf(utils5.concatBytes(x2, y2), msg.length);
777
+ for (let i = 0, len = msg.length; i < len; i++) {
778
+ msg[i] ^= stream[i] & 255;
779
+ }
780
+ }
727
781
  var C1C2C3 = 0;
728
782
  var EmptyArray = new Uint8Array();
729
783
  function doEncrypt(msg, publicKey, cipherMode = 1, options) {
730
784
  const msgArr = typeof msg === "string" ? hexToArray(utf8ToHex(msg)) : Uint8Array.from(msg);
731
785
  const publicKeyPoint = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
732
786
  const keypair = generateKeyPairHex();
733
- const k = utils4.hexToNumber(keypair.privateKey);
787
+ const k = utils5.hexToNumber(keypair.privateKey);
734
788
  let c1 = keypair.publicKey;
735
789
  if (c1.length > 128)
736
790
  c1 = c1.substring(c1.length - 128);
737
791
  const p = publicKeyPoint.multiply(k);
738
- const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
739
- const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
740
- const c3 = bytesToHex(sm3(utils4.concatBytes(x2, msgArr, y2)));
792
+ const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
793
+ const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
794
+ const c3 = bytesToHex(sm3(utils5.concatBytes(x2, msgArr, y2)));
741
795
  xorCipherStream(x2, y2, msgArr);
742
796
  const c2 = bytesToHex(msgArr);
743
797
  if (options?.asn1) {
@@ -747,32 +801,9 @@ function doEncrypt(msg, publicKey, cipherMode = 1, options) {
747
801
  }
748
802
  return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
749
803
  }
750
- function xorCipherStream(x2, y2, msg) {
751
- let ct = 1;
752
- let offset = 0;
753
- let t = EmptyArray;
754
- const ctShift = new Uint8Array(4);
755
- const nextT = () => {
756
- ctShift[0] = ct >> 24 & 255;
757
- ctShift[1] = ct >> 16 & 255;
758
- ctShift[2] = ct >> 8 & 255;
759
- ctShift[3] = ct & 255;
760
- t = sm3(utils4.concatBytes(x2, y2, ctShift));
761
- ct++;
762
- offset = 0;
763
- };
764
- nextT();
765
- for (let i = 0, len = msg.length; i < len; i++) {
766
- if (offset === t.length)
767
- nextT();
768
- msg[i] ^= t[offset++] & 255;
769
- }
770
- }
771
- function doDecrypt(encryptData, privateKey, cipherMode = 1, {
772
- output = "string",
773
- asn1 = false
774
- } = {}) {
775
- const privateKeyInteger = utils4.hexToNumber(privateKey);
804
+ function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
805
+ const { output = "string", asn1 = false } = options || {};
806
+ const privateKeyInteger = utils5.hexToNumber(privateKey);
776
807
  let c1;
777
808
  let c2;
778
809
  let c3;
@@ -795,10 +826,10 @@ function doDecrypt(encryptData, privateKey, cipherMode = 1, {
795
826
  }
796
827
  const msg = hexToArray(c2);
797
828
  const p = c1.multiply(privateKeyInteger);
798
- const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
799
- const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
829
+ const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
830
+ const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
800
831
  xorCipherStream(x2, y2, msg);
801
- const checkC3 = arrayToHex(Array.from(sm3(utils4.concatBytes(x2, msg, y2))));
832
+ const checkC3 = arrayToHex(Array.from(sm3(utils5.concatBytes(x2, msg, y2))));
802
833
  if (checkC3 === c3.toLowerCase()) {
803
834
  return output === "array" ? msg : arrayToUtf8(msg);
804
835
  } else {
@@ -818,8 +849,8 @@ function doSignature(msg, privateKey, options = {}) {
818
849
  publicKey = publicKey || getPublicKeyFromPrivateKey(privateKey);
819
850
  hashHex = getHash(hashHex, publicKey, userId);
820
851
  }
821
- const dA = utils4.hexToNumber(privateKey);
822
- const e = utils4.hexToNumber(hashHex);
852
+ const dA = utils5.hexToNumber(privateKey);
853
+ const e = utils5.hexToNumber(hashHex);
823
854
  let k = null;
824
855
  let r = null;
825
856
  let s = null;
@@ -838,7 +869,7 @@ function doSignature(msg, privateKey, options = {}) {
838
869
  } while (s === ZERO);
839
870
  if (der)
840
871
  return encodeDer(r, s);
841
- return leftPad(utils4.numberToHexUnpadded(r), 64) + leftPad(utils4.numberToHexUnpadded(s), 64);
872
+ return leftPad(utils5.numberToHexUnpadded(r), 64) + leftPad(utils5.numberToHexUnpadded(s), 64);
842
873
  }
843
874
  function doVerifySignature(msg, signHex, publicKey, options = {}) {
844
875
  let hashHex;
@@ -860,11 +891,11 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
860
891
  r = decodeDerObj.r;
861
892
  s = decodeDerObj.s;
862
893
  } else {
863
- r = utils4.hexToNumber(signHex.substring(0, 64));
864
- s = utils4.hexToNumber(signHex.substring(64));
894
+ r = utils5.hexToNumber(signHex.substring(0, 64));
895
+ s = utils5.hexToNumber(signHex.substring(64));
865
896
  }
866
897
  const PA = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
867
- const e = utils4.hexToNumber(hashHex);
898
+ const e = utils5.hexToNumber(hashHex);
868
899
  const t = field.add(r, s);
869
900
  if (t === ZERO)
870
901
  return false;
@@ -874,10 +905,10 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
874
905
  }
875
906
  function getZ(publicKey, userId = "1234567812345678") {
876
907
  userId = utf8ToHex(userId);
877
- const a = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
878
- const b = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
879
- const gx = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
880
- const gy = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
908
+ const a = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
909
+ const b = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
910
+ const gx = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
911
+ const gy = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
881
912
  let px;
882
913
  let py;
883
914
  if (publicKey.length === 128) {
@@ -885,17 +916,17 @@ function getZ(publicKey, userId = "1234567812345678") {
885
916
  py = publicKey.substring(64, 128);
886
917
  } else {
887
918
  const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
888
- px = leftPad(utils4.numberToHexUnpadded(point.x), 64);
889
- py = leftPad(utils4.numberToHexUnpadded(point.y), 64);
919
+ px = leftPad(utils5.numberToHexUnpadded(point.x), 64);
920
+ py = leftPad(utils5.numberToHexUnpadded(point.y), 64);
890
921
  }
891
922
  const data = hexToArray(userId + a + b + gx + gy + px + py);
892
923
  const entl = userId.length * 4;
893
- const z = sm3(utils4.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
924
+ const z = sm3(utils5.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
894
925
  return z;
895
926
  }
896
927
  function getHash(hashHex, publicKey, userId = "1234567812345678") {
897
928
  const z = getZ(publicKey, userId);
898
- return bytesToHex(sm3(utils4.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
929
+ return bytesToHex(sm3(utils5.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
899
930
  }
900
931
  function precomputePublicKey(publicKey, windowSize) {
901
932
  const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
@@ -903,13 +934,13 @@ function precomputePublicKey(publicKey, windowSize) {
903
934
  }
904
935
  function getPublicKeyFromPrivateKey(privateKey) {
905
936
  const pubKey = sm2Curve.getPublicKey(privateKey, false);
906
- const pubPad = leftPad(utils4.bytesToHex(pubKey), 64);
937
+ const pubPad = leftPad(utils5.bytesToHex(pubKey), 64);
907
938
  return pubPad;
908
939
  }
909
940
  function getPoint() {
910
941
  const keypair = generateKeyPairHex();
911
942
  const PA = sm2Curve.ProjectivePoint.fromHex(keypair.publicKey);
912
- const k = utils4.hexToNumber(keypair.privateKey);
943
+ const k = utils5.hexToNumber(keypair.privateKey);
913
944
  return {
914
945
  ...keypair,
915
946
  k,
@@ -917,48 +948,6 @@ function getPoint() {
917
948
  };
918
949
  }
919
950
 
920
- // src/sm3/index.ts
921
- function utf8ToArray(str) {
922
- const arr = [];
923
- for (let i = 0, len = str.length; i < len; i++) {
924
- const point = str.codePointAt(i);
925
- if (point <= 127) {
926
- arr.push(point);
927
- } else if (point <= 2047) {
928
- arr.push(192 | point >>> 6);
929
- arr.push(128 | point & 63);
930
- } else if (point <= 55295 || point >= 57344 && point <= 65535) {
931
- arr.push(224 | point >>> 12);
932
- arr.push(128 | point >>> 6 & 63);
933
- arr.push(128 | point & 63);
934
- } else if (point >= 65536 && point <= 1114111) {
935
- i++;
936
- arr.push(240 | point >>> 18 & 28);
937
- arr.push(128 | point >>> 12 & 63);
938
- arr.push(128 | point >>> 6 & 63);
939
- arr.push(128 | point & 63);
940
- } else {
941
- arr.push(point);
942
- throw new Error("input is not supported");
943
- }
944
- }
945
- return new Uint8Array(arr);
946
- }
947
- function sm32(input, options) {
948
- input = typeof input === "string" ? utf8ToArray(input) : input;
949
- if (options) {
950
- const mode = options.mode || "hmac";
951
- if (mode !== "hmac")
952
- throw new Error("invalid mode");
953
- let key = options.key;
954
- if (!key)
955
- throw new Error("invalid key");
956
- key = typeof key === "string" ? hexToArray(key) : key;
957
- return bytesToHex(hmac(sm3, key, input));
958
- }
959
- return bytesToHex(sm3(input));
960
- }
961
-
962
951
  // src/sm4/index.ts
963
952
  var sm4_exports = {};
964
953
  __export(sm4_exports, {
@@ -1586,6 +1575,7 @@ function decrypt(inArray, key, options = {}) {
1586
1575
  return sm4(inArray, key, 0, options);
1587
1576
  }
1588
1577
  export {
1578
+ kdf,
1589
1579
  sm2_exports as sm2,
1590
1580
  sm32 as sm3,
1591
1581
  sm4_exports as sm4
@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
31
31
  /**
32
32
  * 转成字节数组
33
33
  */
34
- declare function hexToArray(hexStr: string): Uint8Array;
34
+ declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
35
35
  /**
36
36
  * 验证公钥是否为椭圆曲线上的点
37
37
  */
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
43
43
 
44
44
  declare function initRNGPool(): Promise<void>;
45
45
 
46
- declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
46
+ declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
47
47
 
48
- declare const EmptyArray: Uint8Array;
48
+ declare const EmptyArray: Uint8Array<ArrayBuffer>;
49
49
  /**
50
50
  * 加密
51
51
  */
@@ -60,7 +60,7 @@ declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?:
60
60
  asn1?: boolean;
61
61
  }): Uint8Array;
62
62
  declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?: number, options?: {
63
- output: 'string';
63
+ output?: 'string';
64
64
  asn1?: boolean;
65
65
  }): string;
66
66
  interface SignaturePoint {
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
85
85
  hash?: boolean;
86
86
  userId?: string;
87
87
  }): boolean;
88
- declare function getZ(publicKey: string, userId?: string): Uint8Array;
88
+ declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
89
89
  /**
90
90
  * sm3杂凑算法
91
91
  */
@@ -139,6 +139,14 @@ declare namespace index$1 {
139
139
  export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
140
140
  }
141
141
 
142
+ /**
143
+ * SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
144
+ * @param z Input data (string or Uint8Array)
145
+ * @param keylen Desired key length in bytes
146
+ * @returns Derived key as Uint8Array
147
+ */
148
+ declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
149
+
142
150
  declare function sm3(input: string | Uint8Array, options?: {
143
151
  key: Uint8Array | string;
144
152
  mode?: 'hmac' | 'mac';
@@ -153,9 +161,9 @@ interface SM4Options {
153
161
  outputTag?: boolean;
154
162
  tag?: Uint8Array | string;
155
163
  }
156
- declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
164
+ declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
157
165
  output: Uint8Array;
158
- tag?: Uint8Array | undefined;
166
+ tag?: Uint8Array;
159
167
  } | {
160
168
  output: string;
161
169
  tag: string | undefined;
@@ -194,4 +202,4 @@ declare namespace index {
194
202
  export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
195
203
  }
196
204
 
197
- export { index$1 as sm2, sm3, index as sm4 };
205
+ export { kdf, index$1 as sm2, sm3, index as sm4 };