sm-crypto-v2 1.10.0 → 1.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/README.md +20 -1
- package/dist/index.d.mts +16 -8
- package/dist/index.d.ts +16 -8
- package/dist/index.js +92 -101
- package/dist/index.mjs +91 -101
- package/miniprogram_dist/index.d.ts +16 -8
- package/miniprogram_dist/index.js +417 -92
- package/package.json +5 -6
- package/tsup.config.miniprogram.ts +1 -1
@@ -444,6 +444,9 @@ var __publicField = function(obj, key, value) {
|
|
444
444
|
// src/index.ts
|
445
445
|
var src_exports = {};
|
446
446
|
__export(src_exports, {
|
447
|
+
kdf: function() {
|
448
|
+
return kdf;
|
449
|
+
},
|
447
450
|
sm2: function() {
|
448
451
|
return sm2_exports;
|
449
452
|
},
|
@@ -1227,7 +1230,7 @@ function nLength(n, nBitLength) {
|
|
1227
1230
|
};
|
1228
1231
|
}
|
1229
1232
|
function Field(ORDER, bitLen2) {
|
1230
|
-
var
|
1233
|
+
var isLE3 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false, redef = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : {};
|
1231
1234
|
if (ORDER <= _0n2) throw new Error("Expected Fp ORDER > 0, got ".concat(ORDER));
|
1232
1235
|
var _nLength = nLength(ORDER, bitLen2), BITS = _nLength.nBitLength, BYTES = _nLength.nByteLength;
|
1233
1236
|
if (BYTES > 2048) throw new Error("Field lengths over 2048 bytes are not supported");
|
@@ -1304,22 +1307,22 @@ function Field(ORDER, bitLen2) {
|
|
1304
1307
|
return c ? b : a;
|
1305
1308
|
},
|
1306
1309
|
toBytes: function(num) {
|
1307
|
-
return
|
1310
|
+
return isLE3 ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES);
|
1308
1311
|
},
|
1309
1312
|
fromBytes: function(bytes) {
|
1310
1313
|
if (bytes.length !== BYTES) throw new Error("Fp.fromBytes: expected ".concat(BYTES, ", got ").concat(bytes.length));
|
1311
|
-
return
|
1314
|
+
return isLE3 ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes);
|
1312
1315
|
}
|
1313
1316
|
});
|
1314
1317
|
return Object.freeze(f);
|
1315
1318
|
}
|
1316
1319
|
function hashToPrivateScalar(hash, groupOrder) {
|
1317
|
-
var
|
1320
|
+
var isLE3 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false;
|
1318
1321
|
hash = ensureBytes("privateHash", hash);
|
1319
1322
|
var hashLen = hash.length;
|
1320
1323
|
var minLen = nLength(groupOrder).nByteLength + 8;
|
1321
1324
|
if (minLen < 24 || hashLen < minLen || hashLen > 1024) throw new Error("hashToPrivateScalar: expected ".concat(minLen, "-1024 bytes of input, got ").concat(hashLen));
|
1322
|
-
var num =
|
1325
|
+
var num = isLE3 ? bytesToNumberLE(hash) : bytesToNumberBE(hash);
|
1323
1326
|
return mod(num, groupOrder - _1n2) + _1n2;
|
1324
1327
|
}
|
1325
1328
|
// node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/curve.js
|
@@ -1564,7 +1567,7 @@ function weierstrassPoints(opts) {
|
|
1564
1567
|
};
|
1565
1568
|
var CURVE = validatePointOpts(opts);
|
1566
1569
|
var Fp = CURVE.Fp;
|
1567
|
-
var
|
1570
|
+
var toBytes3 = CURVE.toBytes || function(c, point, isCompressed) {
|
1568
1571
|
var a = point.toAffine();
|
1569
1572
|
return concatBytes(Uint8Array.from([
|
1570
1573
|
4
|
@@ -1910,7 +1913,7 @@ function weierstrassPoints(opts) {
|
|
1910
1913
|
value: function toRawBytes() {
|
1911
1914
|
var isCompressed = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : true;
|
1912
1915
|
this.assertValidity();
|
1913
|
-
return
|
1916
|
+
return toBytes3(Point, this, isCompressed);
|
1914
1917
|
}
|
1915
1918
|
},
|
1916
1919
|
{
|
@@ -2542,16 +2545,16 @@ var BoolB = function(A, B, C) {
|
|
2542
2545
|
var BoolC = function(A, B, C) {
|
2543
2546
|
return A & B | ~A & C;
|
2544
2547
|
};
|
2545
|
-
function setBigUint64(view, byteOffset, value,
|
2546
|
-
if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value,
|
2548
|
+
function setBigUint64(view, byteOffset, value, isLE3) {
|
2549
|
+
if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value, isLE3);
|
2547
2550
|
var _32n = BigInt(32);
|
2548
2551
|
var _u32_max = BigInt(4294967295);
|
2549
2552
|
var wh = Number(value >> _32n & _u32_max);
|
2550
2553
|
var wl = Number(value & _u32_max);
|
2551
|
-
var h =
|
2552
|
-
var l =
|
2553
|
-
view.setUint32(byteOffset + h, wh,
|
2554
|
-
view.setUint32(byteOffset + l, wl,
|
2554
|
+
var h = isLE3 ? 4 : 0;
|
2555
|
+
var l = isLE3 ? 0 : 4;
|
2556
|
+
view.setUint32(byteOffset + h, wh, isLE3);
|
2557
|
+
view.setUint32(byteOffset + l, wl, isLE3);
|
2555
2558
|
}
|
2556
2559
|
function rotl(x2, n) {
|
2557
2560
|
var s = n & 31;
|
@@ -2566,14 +2569,14 @@ function P1(X) {
|
|
2566
2569
|
var SHA2 = /*#__PURE__*/ function(Hash) {
|
2567
2570
|
_inherits(SHA2, Hash);
|
2568
2571
|
var _super = _create_super(SHA2);
|
2569
|
-
function SHA2(blockLen, outputLen, padOffset,
|
2572
|
+
function SHA2(blockLen, outputLen, padOffset, isLE3) {
|
2570
2573
|
_class_call_check(this, SHA2);
|
2571
2574
|
var _this;
|
2572
2575
|
_this = _super.call(this);
|
2573
2576
|
_this.blockLen = blockLen;
|
2574
2577
|
_this.outputLen = outputLen;
|
2575
2578
|
_this.padOffset = padOffset;
|
2576
|
-
_this.isLE =
|
2579
|
+
_this.isLE = isLE3;
|
2577
2580
|
// For partial updates less than block size
|
2578
2581
|
__publicField(_assert_this_initialized(_this), "buffer");
|
2579
2582
|
__publicField(_assert_this_initialized(_this), "view");
|
@@ -2616,7 +2619,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
|
|
2616
2619
|
key: "digestInto",
|
2617
2620
|
value: function digestInto(out) {
|
2618
2621
|
this.finished = true;
|
2619
|
-
var _this = this, buffer = _this.buffer, view = _this.view, blockLen = _this.blockLen,
|
2622
|
+
var _this = this, buffer = _this.buffer, view = _this.view, blockLen = _this.blockLen, isLE3 = _this.isLE;
|
2620
2623
|
var pos = this.pos;
|
2621
2624
|
buffer[pos++] = 128;
|
2622
2625
|
this.buffer.subarray(pos).fill(0);
|
@@ -2625,7 +2628,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
|
|
2625
2628
|
pos = 0;
|
2626
2629
|
}
|
2627
2630
|
for(var i = pos; i < blockLen; i++)buffer[i] = 0;
|
2628
|
-
setBigUint64(view, blockLen - 8, BigInt(this.length * 8),
|
2631
|
+
setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE3);
|
2629
2632
|
this.process(view, 0);
|
2630
2633
|
var oview = createView(out);
|
2631
2634
|
var len = this.outputLen;
|
@@ -2633,7 +2636,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
|
|
2633
2636
|
var outLen = len / 4;
|
2634
2637
|
var state = this.get();
|
2635
2638
|
if (outLen > state.length) throw new Error("_sha2: outputLen bigger than state");
|
2636
|
-
for(var i1 = 0; i1 < outLen; i1++)oview.setUint32(4 * i1, state[i1],
|
2639
|
+
for(var i1 = 0; i1 < outLen; i1++)oview.setUint32(4 * i1, state[i1], isLE3);
|
2637
2640
|
}
|
2638
2641
|
},
|
2639
2642
|
{
|
@@ -2976,10 +2979,48 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
|
|
2976
2979
|
if (!point2) return false;
|
2977
2980
|
return point1.equals(point2);
|
2978
2981
|
}
|
2979
|
-
// src/
|
2980
|
-
|
2981
|
-
var
|
2982
|
-
|
2982
|
+
// src/sm3/index.ts
|
2983
|
+
function utf8ToArray(str) {
|
2984
|
+
var arr = [];
|
2985
|
+
for(var i = 0, len = str.length; i < len; i++){
|
2986
|
+
var point = str.codePointAt(i);
|
2987
|
+
if (point <= 127) {
|
2988
|
+
arr.push(point);
|
2989
|
+
} else if (point <= 2047) {
|
2990
|
+
arr.push(192 | point >>> 6);
|
2991
|
+
arr.push(128 | point & 63);
|
2992
|
+
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
2993
|
+
arr.push(224 | point >>> 12);
|
2994
|
+
arr.push(128 | point >>> 6 & 63);
|
2995
|
+
arr.push(128 | point & 63);
|
2996
|
+
} else if (point >= 65536 && point <= 1114111) {
|
2997
|
+
i++;
|
2998
|
+
arr.push(240 | point >>> 18 & 28);
|
2999
|
+
arr.push(128 | point >>> 12 & 63);
|
3000
|
+
arr.push(128 | point >>> 6 & 63);
|
3001
|
+
arr.push(128 | point & 63);
|
3002
|
+
} else {
|
3003
|
+
arr.push(point);
|
3004
|
+
throw new Error("input is not supported");
|
3005
|
+
}
|
3006
|
+
}
|
3007
|
+
return new Uint8Array(arr);
|
3008
|
+
}
|
3009
|
+
function sm32(input, options) {
|
3010
|
+
input = typeof input === "string" ? utf8ToArray(input) : input;
|
3011
|
+
if (options) {
|
3012
|
+
var mode = options.mode || "hmac";
|
3013
|
+
if (mode !== "hmac") throw new Error("invalid mode");
|
3014
|
+
var key = options.key;
|
3015
|
+
if (!key) throw new Error("invalid key");
|
3016
|
+
key = typeof key === "string" ? hexToArray(key) : key;
|
3017
|
+
return bytesToHex2(hmac(sm3, key, input));
|
3018
|
+
}
|
3019
|
+
return bytesToHex2(sm3(input));
|
3020
|
+
}
|
3021
|
+
// src/sm2/kdf.ts
|
3022
|
+
function kdf(z, keylen) {
|
3023
|
+
z = typeof z === "string" ? utf8ToArray(z) : z;
|
2983
3024
|
var msg = new Uint8Array(keylen);
|
2984
3025
|
var ct = 1;
|
2985
3026
|
var offset = 0;
|
@@ -3001,6 +3042,9 @@ function hkdf(z, keylen) {
|
|
3001
3042
|
}
|
3002
3043
|
return msg;
|
3003
3044
|
}
|
3045
|
+
// src/sm2/kx.ts
|
3046
|
+
var wPow2 = hexToNumber("80000000000000000000000000000000");
|
3047
|
+
var wPow2Sub1 = hexToNumber("7fffffffffffffffffffffffffffffff");
|
3004
3048
|
function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength) {
|
3005
3049
|
var isRecipient = arguments.length > 5 && arguments[5] !== void 0 ? arguments[5] : false, idA = arguments.length > 6 && arguments[6] !== void 0 ? arguments[6] : "1234567812345678", idB = arguments.length > 7 && arguments[7] !== void 0 ? arguments[7] : "1234567812345678";
|
3006
3050
|
var RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
|
@@ -3025,10 +3069,16 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
|
|
3025
3069
|
var U = RB.multiply(x2_).add(PB).multiply(tA);
|
3026
3070
|
var xU = hexToArray(leftPad(numberToHexUnpadded(U.x), 64));
|
3027
3071
|
var yU = hexToArray(leftPad(numberToHexUnpadded(U.y), 64));
|
3028
|
-
var KA =
|
3072
|
+
var KA = kdf(concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
|
3029
3073
|
return KA;
|
3030
3074
|
}
|
3031
3075
|
// src/sm2/index.ts
|
3076
|
+
function xorCipherStream(x2, y2, msg) {
|
3077
|
+
var stream = kdf(concatBytes(x2, y2), msg.length);
|
3078
|
+
for(var i = 0, len = msg.length; i < len; i++){
|
3079
|
+
msg[i] ^= stream[i] & 255;
|
3080
|
+
}
|
3081
|
+
}
|
3032
3082
|
var C1C2C3 = 0;
|
3033
3083
|
var EmptyArray = new Uint8Array();
|
3034
3084
|
function doEncrypt(msg, publicKey) {
|
@@ -3052,28 +3102,9 @@ function doEncrypt(msg, publicKey) {
|
|
3052
3102
|
}
|
3053
3103
|
return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
|
3054
3104
|
}
|
3055
|
-
function xorCipherStream(x2, y2, msg) {
|
3056
|
-
var ct = 1;
|
3057
|
-
var offset = 0;
|
3058
|
-
var t = EmptyArray;
|
3059
|
-
var ctShift = new Uint8Array(4);
|
3060
|
-
var nextT = function() {
|
3061
|
-
ctShift[0] = ct >> 24 & 255;
|
3062
|
-
ctShift[1] = ct >> 16 & 255;
|
3063
|
-
ctShift[2] = ct >> 8 & 255;
|
3064
|
-
ctShift[3] = ct & 255;
|
3065
|
-
t = sm3(concatBytes(x2, y2, ctShift));
|
3066
|
-
ct++;
|
3067
|
-
offset = 0;
|
3068
|
-
};
|
3069
|
-
nextT();
|
3070
|
-
for(var i = 0, len = msg.length; i < len; i++){
|
3071
|
-
if (offset === t.length) nextT();
|
3072
|
-
msg[i] ^= t[offset++] & 255;
|
3073
|
-
}
|
3074
|
-
}
|
3075
3105
|
function doDecrypt(encryptData, privateKey) {
|
3076
|
-
var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1,
|
3106
|
+
var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1, options = arguments.length > 3 ? arguments[3] : void 0;
|
3107
|
+
var _ref = options || {}, _ref_output = _ref.output, output = _ref_output === void 0 ? "string" : _ref_output, _ref_asn1 = _ref.asn1, asn1 = _ref_asn1 === void 0 ? false : _ref_asn1;
|
3077
3108
|
var privateKeyInteger = hexToNumber(privateKey);
|
3078
3109
|
var c1;
|
3079
3110
|
var c2;
|
@@ -3219,45 +3250,6 @@ function getPoint() {
|
|
3219
3250
|
x1: PA.x
|
3220
3251
|
});
|
3221
3252
|
}
|
3222
|
-
// src/sm3/index.ts
|
3223
|
-
function utf8ToArray(str) {
|
3224
|
-
var arr = [];
|
3225
|
-
for(var i = 0, len = str.length; i < len; i++){
|
3226
|
-
var point = str.codePointAt(i);
|
3227
|
-
if (point <= 127) {
|
3228
|
-
arr.push(point);
|
3229
|
-
} else if (point <= 2047) {
|
3230
|
-
arr.push(192 | point >>> 6);
|
3231
|
-
arr.push(128 | point & 63);
|
3232
|
-
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
3233
|
-
arr.push(224 | point >>> 12);
|
3234
|
-
arr.push(128 | point >>> 6 & 63);
|
3235
|
-
arr.push(128 | point & 63);
|
3236
|
-
} else if (point >= 65536 && point <= 1114111) {
|
3237
|
-
i++;
|
3238
|
-
arr.push(240 | point >>> 18 & 28);
|
3239
|
-
arr.push(128 | point >>> 12 & 63);
|
3240
|
-
arr.push(128 | point >>> 6 & 63);
|
3241
|
-
arr.push(128 | point & 63);
|
3242
|
-
} else {
|
3243
|
-
arr.push(point);
|
3244
|
-
throw new Error("input is not supported");
|
3245
|
-
}
|
3246
|
-
}
|
3247
|
-
return new Uint8Array(arr);
|
3248
|
-
}
|
3249
|
-
function sm32(input, options) {
|
3250
|
-
input = typeof input === "string" ? utf8ToArray(input) : input;
|
3251
|
-
if (options) {
|
3252
|
-
var mode = options.mode || "hmac";
|
3253
|
-
if (mode !== "hmac") throw new Error("invalid mode");
|
3254
|
-
var key = options.key;
|
3255
|
-
if (!key) throw new Error("invalid key");
|
3256
|
-
key = typeof key === "string" ? hexToArray(key) : key;
|
3257
|
-
return bytesToHex2(hmac(sm3, key, input));
|
3258
|
-
}
|
3259
|
-
return bytesToHex2(sm3(input));
|
3260
|
-
}
|
3261
3253
|
// src/sm4/index.ts
|
3262
3254
|
var sm4_exports = {};
|
3263
3255
|
__export(sm4_exports, {
|
@@ -3271,8 +3263,337 @@ __export(sm4_exports, {
|
|
3271
3263
|
return sm4;
|
3272
3264
|
}
|
3273
3265
|
});
|
3274
|
-
|
3275
|
-
|
3266
|
+
// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/_assert.js
|
3267
|
+
function isBytes(a) {
|
3268
|
+
return _instanceof(a, Uint8Array) || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
|
3269
|
+
}
|
3270
|
+
function abytes(b) {
|
3271
|
+
for(var _len = arguments.length, lengths = new Array(_len > 1 ? _len - 1 : 0), _key = 1; _key < _len; _key++){
|
3272
|
+
lengths[_key - 1] = arguments[_key];
|
3273
|
+
}
|
3274
|
+
if (!isBytes(b)) throw new Error("Uint8Array expected");
|
3275
|
+
if (lengths.length > 0 && !lengths.includes(b.length)) throw new Error("Uint8Array expected of length " + lengths + ", got length=" + b.length);
|
3276
|
+
}
|
3277
|
+
function aexists(instance) {
|
3278
|
+
var checkFinished = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : true;
|
3279
|
+
if (instance.destroyed) throw new Error("Hash instance has been destroyed");
|
3280
|
+
if (checkFinished && instance.finished) throw new Error("Hash#digest() has already been called");
|
3281
|
+
}
|
3282
|
+
function aoutput(out, instance) {
|
3283
|
+
abytes(out);
|
3284
|
+
var min = instance.outputLen;
|
3285
|
+
if (out.length < min) {
|
3286
|
+
throw new Error("digestInto() expects output buffer of length at least " + min);
|
3287
|
+
}
|
3288
|
+
}
|
3289
|
+
// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/utils.js
|
3290
|
+
var u32 = function(arr) {
|
3291
|
+
return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4));
|
3292
|
+
};
|
3293
|
+
var createView2 = function(arr) {
|
3294
|
+
return new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
3295
|
+
};
|
3296
|
+
var isLE2 = new Uint8Array(new Uint32Array([
|
3297
|
+
287454020
|
3298
|
+
]).buffer)[0] === 68;
|
3299
|
+
if (!isLE2) throw new Error("Non little-endian hardware is not supported");
|
3300
|
+
function utf8ToBytes3(str) {
|
3301
|
+
if (typeof str !== "string") throw new Error("string expected");
|
3302
|
+
return new Uint8Array(new TextEncoder().encode(str));
|
3303
|
+
}
|
3304
|
+
function toBytes2(data) {
|
3305
|
+
if (typeof data === "string") data = utf8ToBytes3(data);
|
3306
|
+
else if (isBytes(data)) data = copyBytes(data);
|
3307
|
+
else throw new Error("Uint8Array expected, got " + (typeof data === "undefined" ? "undefined" : _type_of(data)));
|
3308
|
+
return data;
|
3309
|
+
}
|
3310
|
+
function setBigUint642(view, byteOffset, value, isLE3) {
|
3311
|
+
if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value, isLE3);
|
3312
|
+
var _32n = BigInt(32);
|
3313
|
+
var _u32_max = BigInt(4294967295);
|
3314
|
+
var wh = Number(value >> _32n & _u32_max);
|
3315
|
+
var wl = Number(value & _u32_max);
|
3316
|
+
var h = isLE3 ? 4 : 0;
|
3317
|
+
var l = isLE3 ? 0 : 4;
|
3318
|
+
view.setUint32(byteOffset + h, wh, isLE3);
|
3319
|
+
view.setUint32(byteOffset + l, wl, isLE3);
|
3320
|
+
}
|
3321
|
+
function copyBytes(bytes) {
|
3322
|
+
return Uint8Array.from(bytes);
|
3323
|
+
}
|
3324
|
+
function clean() {
|
3325
|
+
for(var _len = arguments.length, arrays = new Array(_len), _key = 0; _key < _len; _key++){
|
3326
|
+
arrays[_key] = arguments[_key];
|
3327
|
+
}
|
3328
|
+
for(var i = 0; i < arrays.length; i++){
|
3329
|
+
arrays[i].fill(0);
|
3330
|
+
}
|
3331
|
+
}
|
3332
|
+
// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/_polyval.js
|
3333
|
+
var BLOCK_SIZE = 16;
|
3334
|
+
var ZEROS16 = /* @__PURE__ */ new Uint8Array(16);
|
3335
|
+
var ZEROS32 = u32(ZEROS16);
|
3336
|
+
var POLY = 225;
|
3337
|
+
var mul2 = function(s0, s1, s2, s3) {
|
3338
|
+
var hiBit = s3 & 1;
|
3339
|
+
return {
|
3340
|
+
s3: s2 << 31 | s3 >>> 1,
|
3341
|
+
s2: s1 << 31 | s2 >>> 1,
|
3342
|
+
s1: s0 << 31 | s1 >>> 1,
|
3343
|
+
s0: s0 >>> 1 ^ POLY << 24 & -(hiBit & 1)
|
3344
|
+
};
|
3345
|
+
};
|
3346
|
+
var swapLE = function(n) {
|
3347
|
+
return (n >>> 0 & 255) << 24 | (n >>> 8 & 255) << 16 | (n >>> 16 & 255) << 8 | n >>> 24 & 255 | 0;
|
3348
|
+
};
|
3349
|
+
function _toGHASHKey(k) {
|
3350
|
+
k.reverse();
|
3351
|
+
var hiBit = k[15] & 1;
|
3352
|
+
var carry = 0;
|
3353
|
+
for(var i = 0; i < k.length; i++){
|
3354
|
+
var t = k[i];
|
3355
|
+
k[i] = t >>> 1 | carry;
|
3356
|
+
carry = (t & 1) << 7;
|
3357
|
+
}
|
3358
|
+
k[0] ^= -hiBit & 225;
|
3359
|
+
return k;
|
3360
|
+
}
|
3361
|
+
var estimateWindow = function(bytes) {
|
3362
|
+
if (bytes > 64 * 1024) return 8;
|
3363
|
+
if (bytes > 1024) return 4;
|
3364
|
+
return 2;
|
3365
|
+
};
|
3366
|
+
var GHASH = /*#__PURE__*/ function() {
|
3367
|
+
function GHASH(key, expectedLength) {
|
3368
|
+
_class_call_check(this, GHASH);
|
3369
|
+
this.blockLen = BLOCK_SIZE;
|
3370
|
+
this.outputLen = BLOCK_SIZE;
|
3371
|
+
this.s0 = 0;
|
3372
|
+
this.s1 = 0;
|
3373
|
+
this.s2 = 0;
|
3374
|
+
this.s3 = 0;
|
3375
|
+
this.finished = false;
|
3376
|
+
key = toBytes2(key);
|
3377
|
+
abytes(key, 16);
|
3378
|
+
var kView = createView2(key);
|
3379
|
+
var k0 = kView.getUint32(0, false);
|
3380
|
+
var k1 = kView.getUint32(4, false);
|
3381
|
+
var k2 = kView.getUint32(8, false);
|
3382
|
+
var k3 = kView.getUint32(12, false);
|
3383
|
+
var doubles = [];
|
3384
|
+
for(var i = 0; i < 128; i++){
|
3385
|
+
doubles.push({
|
3386
|
+
s0: swapLE(k0),
|
3387
|
+
s1: swapLE(k1),
|
3388
|
+
s2: swapLE(k2),
|
3389
|
+
s3: swapLE(k3)
|
3390
|
+
});
|
3391
|
+
var ref;
|
3392
|
+
ref = mul2(k0, k1, k2, k3), k0 = ref.s0, k1 = ref.s1, k2 = ref.s2, k3 = ref.s3, ref;
|
3393
|
+
}
|
3394
|
+
var W = estimateWindow(expectedLength || 1024);
|
3395
|
+
if (![
|
3396
|
+
1,
|
3397
|
+
2,
|
3398
|
+
4,
|
3399
|
+
8
|
3400
|
+
].includes(W)) throw new Error("ghash: invalid window size, expected 2, 4 or 8");
|
3401
|
+
this.W = W;
|
3402
|
+
var bits = 128;
|
3403
|
+
var windows = bits / W;
|
3404
|
+
var windowSize = this.windowSize = Math.pow(2, W);
|
3405
|
+
var items = [];
|
3406
|
+
for(var w = 0; w < windows; w++){
|
3407
|
+
for(var byte = 0; byte < windowSize; byte++){
|
3408
|
+
var s0 = 0, s1 = 0, s2 = 0, s3 = 0;
|
3409
|
+
for(var j = 0; j < W; j++){
|
3410
|
+
var bit = byte >>> W - j - 1 & 1;
|
3411
|
+
if (!bit) continue;
|
3412
|
+
var _doubles_ = doubles[W * w + j], d0 = _doubles_.s0, d1 = _doubles_.s1, d2 = _doubles_.s2, d3 = _doubles_.s3;
|
3413
|
+
s0 ^= d0, s1 ^= d1, s2 ^= d2, s3 ^= d3;
|
3414
|
+
}
|
3415
|
+
items.push({
|
3416
|
+
s0: s0,
|
3417
|
+
s1: s1,
|
3418
|
+
s2: s2,
|
3419
|
+
s3: s3
|
3420
|
+
});
|
3421
|
+
}
|
3422
|
+
}
|
3423
|
+
this.t = items;
|
3424
|
+
}
|
3425
|
+
_create_class(GHASH, [
|
3426
|
+
{
|
3427
|
+
key: "_updateBlock",
|
3428
|
+
value: function _updateBlock(s0, s1, s2, s3) {
|
3429
|
+
s0 ^= this.s0, s1 ^= this.s1, s2 ^= this.s2, s3 ^= this.s3;
|
3430
|
+
var _this = this, W = _this.W, t = _this.t, windowSize = _this.windowSize;
|
3431
|
+
var o0 = 0, o1 = 0, o2 = 0, o3 = 0;
|
3432
|
+
var mask = (1 << W) - 1;
|
3433
|
+
var w = 0;
|
3434
|
+
for(var _i = 0, _iter = [
|
3435
|
+
s0,
|
3436
|
+
s1,
|
3437
|
+
s2,
|
3438
|
+
s3
|
3439
|
+
]; _i < _iter.length; _i++){
|
3440
|
+
var num = _iter[_i];
|
3441
|
+
for(var bytePos = 0; bytePos < 4; bytePos++){
|
3442
|
+
var byte = num >>> 8 * bytePos & 255;
|
3443
|
+
for(var bitPos = 8 / W - 1; bitPos >= 0; bitPos--){
|
3444
|
+
var bit = byte >>> W * bitPos & mask;
|
3445
|
+
var _t_ = t[w * windowSize + bit], e0 = _t_.s0, e1 = _t_.s1, e2 = _t_.s2, e3 = _t_.s3;
|
3446
|
+
o0 ^= e0, o1 ^= e1, o2 ^= e2, o3 ^= e3;
|
3447
|
+
w += 1;
|
3448
|
+
}
|
3449
|
+
}
|
3450
|
+
}
|
3451
|
+
this.s0 = o0;
|
3452
|
+
this.s1 = o1;
|
3453
|
+
this.s2 = o2;
|
3454
|
+
this.s3 = o3;
|
3455
|
+
}
|
3456
|
+
},
|
3457
|
+
{
|
3458
|
+
key: "update",
|
3459
|
+
value: function update(data) {
|
3460
|
+
data = toBytes2(data);
|
3461
|
+
aexists(this);
|
3462
|
+
var b32 = u32(data);
|
3463
|
+
var blocks = Math.floor(data.length / BLOCK_SIZE);
|
3464
|
+
var left = data.length % BLOCK_SIZE;
|
3465
|
+
for(var i = 0; i < blocks; i++){
|
3466
|
+
this._updateBlock(b32[i * 4 + 0], b32[i * 4 + 1], b32[i * 4 + 2], b32[i * 4 + 3]);
|
3467
|
+
}
|
3468
|
+
if (left) {
|
3469
|
+
ZEROS16.set(data.subarray(blocks * BLOCK_SIZE));
|
3470
|
+
this._updateBlock(ZEROS32[0], ZEROS32[1], ZEROS32[2], ZEROS32[3]);
|
3471
|
+
clean(ZEROS32);
|
3472
|
+
}
|
3473
|
+
return this;
|
3474
|
+
}
|
3475
|
+
},
|
3476
|
+
{
|
3477
|
+
key: "destroy",
|
3478
|
+
value: function destroy() {
|
3479
|
+
var t = this.t;
|
3480
|
+
var _iteratorNormalCompletion = true, _didIteratorError = false, _iteratorError = undefined;
|
3481
|
+
try {
|
3482
|
+
for(var _iterator = t[Symbol.iterator](), _step; !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = true){
|
3483
|
+
var elm = _step.value;
|
3484
|
+
elm.s0 = 0, elm.s1 = 0, elm.s2 = 0, elm.s3 = 0;
|
3485
|
+
}
|
3486
|
+
} catch (err) {
|
3487
|
+
_didIteratorError = true;
|
3488
|
+
_iteratorError = err;
|
3489
|
+
} finally{
|
3490
|
+
try {
|
3491
|
+
if (!_iteratorNormalCompletion && _iterator.return != null) {
|
3492
|
+
_iterator.return();
|
3493
|
+
}
|
3494
|
+
} finally{
|
3495
|
+
if (_didIteratorError) {
|
3496
|
+
throw _iteratorError;
|
3497
|
+
}
|
3498
|
+
}
|
3499
|
+
}
|
3500
|
+
}
|
3501
|
+
},
|
3502
|
+
{
|
3503
|
+
key: "digestInto",
|
3504
|
+
value: function digestInto(out) {
|
3505
|
+
aexists(this);
|
3506
|
+
aoutput(out, this);
|
3507
|
+
this.finished = true;
|
3508
|
+
var _this = this, s0 = _this.s0, s1 = _this.s1, s2 = _this.s2, s3 = _this.s3;
|
3509
|
+
var o32 = u32(out);
|
3510
|
+
o32[0] = s0;
|
3511
|
+
o32[1] = s1;
|
3512
|
+
o32[2] = s2;
|
3513
|
+
o32[3] = s3;
|
3514
|
+
return out;
|
3515
|
+
}
|
3516
|
+
},
|
3517
|
+
{
|
3518
|
+
key: "digest",
|
3519
|
+
value: function digest() {
|
3520
|
+
var res = new Uint8Array(BLOCK_SIZE);
|
3521
|
+
this.digestInto(res);
|
3522
|
+
this.destroy();
|
3523
|
+
return res;
|
3524
|
+
}
|
3525
|
+
}
|
3526
|
+
]);
|
3527
|
+
return GHASH;
|
3528
|
+
}();
|
3529
|
+
var Polyval = /*#__PURE__*/ function(GHASH) {
|
3530
|
+
_inherits(Polyval, GHASH);
|
3531
|
+
var _super = _create_super(Polyval);
|
3532
|
+
function Polyval(key, expectedLength) {
|
3533
|
+
_class_call_check(this, Polyval);
|
3534
|
+
key = toBytes2(key);
|
3535
|
+
var ghKey = _toGHASHKey(copyBytes(key));
|
3536
|
+
var _this = _super.call(this, ghKey, expectedLength);
|
3537
|
+
clean(ghKey);
|
3538
|
+
return _this;
|
3539
|
+
}
|
3540
|
+
_create_class(Polyval, [
|
3541
|
+
{
|
3542
|
+
key: "update",
|
3543
|
+
value: function update(data) {
|
3544
|
+
data = toBytes2(data);
|
3545
|
+
aexists(this);
|
3546
|
+
var b32 = u32(data);
|
3547
|
+
var left = data.length % BLOCK_SIZE;
|
3548
|
+
var blocks = Math.floor(data.length / BLOCK_SIZE);
|
3549
|
+
for(var i = 0; i < blocks; i++){
|
3550
|
+
this._updateBlock(swapLE(b32[i * 4 + 3]), swapLE(b32[i * 4 + 2]), swapLE(b32[i * 4 + 1]), swapLE(b32[i * 4 + 0]));
|
3551
|
+
}
|
3552
|
+
if (left) {
|
3553
|
+
ZEROS16.set(data.subarray(blocks * BLOCK_SIZE));
|
3554
|
+
this._updateBlock(swapLE(ZEROS32[3]), swapLE(ZEROS32[2]), swapLE(ZEROS32[1]), swapLE(ZEROS32[0]));
|
3555
|
+
clean(ZEROS32);
|
3556
|
+
}
|
3557
|
+
return this;
|
3558
|
+
}
|
3559
|
+
},
|
3560
|
+
{
|
3561
|
+
key: "digestInto",
|
3562
|
+
value: function digestInto(out) {
|
3563
|
+
aexists(this);
|
3564
|
+
aoutput(out, this);
|
3565
|
+
this.finished = true;
|
3566
|
+
var _this = this, s0 = _this.s0, s1 = _this.s1, s2 = _this.s2, s3 = _this.s3;
|
3567
|
+
var o32 = u32(out);
|
3568
|
+
o32[0] = s0;
|
3569
|
+
o32[1] = s1;
|
3570
|
+
o32[2] = s2;
|
3571
|
+
o32[3] = s3;
|
3572
|
+
return out.reverse();
|
3573
|
+
}
|
3574
|
+
}
|
3575
|
+
]);
|
3576
|
+
return Polyval;
|
3577
|
+
}(GHASH);
|
3578
|
+
function wrapConstructorWithKey(hashCons) {
|
3579
|
+
var hashC = function(msg, key) {
|
3580
|
+
return hashCons(key, msg.length).update(toBytes2(msg)).digest();
|
3581
|
+
};
|
3582
|
+
var tmp2 = hashCons(new Uint8Array(16), 0);
|
3583
|
+
hashC.outputLen = tmp2.outputLen;
|
3584
|
+
hashC.blockLen = tmp2.blockLen;
|
3585
|
+
hashC.create = function(key, expectedLength) {
|
3586
|
+
return hashCons(key, expectedLength);
|
3587
|
+
};
|
3588
|
+
return hashC;
|
3589
|
+
}
|
3590
|
+
var ghash = wrapConstructorWithKey(function(key, expectedLength) {
|
3591
|
+
return new GHASH(key, expectedLength);
|
3592
|
+
});
|
3593
|
+
var polyval = wrapConstructorWithKey(function(key, expectedLength) {
|
3594
|
+
return new Polyval(key, expectedLength);
|
3595
|
+
});
|
3596
|
+
// src/sm4/index.ts
|
3276
3597
|
var DECRYPT = 0;
|
3277
3598
|
var ROUND = 32;
|
3278
3599
|
var BLOCK = 16;
|
@@ -3683,11 +4004,11 @@ function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
|
|
3683
4004
|
j02.set(ivArray, 0);
|
3684
4005
|
j02[15] = 1;
|
3685
4006
|
} else {
|
3686
|
-
var g =
|
4007
|
+
var g = ghash.create(h2);
|
3687
4008
|
g.update(ivArray);
|
3688
4009
|
var lenIv = new Uint8Array(16);
|
3689
|
-
var view = (
|
3690
|
-
(
|
4010
|
+
var view = createView2(lenIv);
|
4011
|
+
setBigUint642(view, 8, BigInt(ivArray.length * 8), false);
|
3691
4012
|
g.update(lenIv);
|
3692
4013
|
j02 = g.digest();
|
3693
4014
|
}
|
@@ -3706,15 +4027,15 @@ function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
|
|
3706
4027
|
var computeTag = function computeTag(h2, data) {
|
3707
4028
|
var aadLength = aadArray.length;
|
3708
4029
|
var dataLength = data.length;
|
3709
|
-
var g =
|
4030
|
+
var g = ghash.create(h2);
|
3710
4031
|
if (aadLength > 0) {
|
3711
4032
|
g.update(aadArray);
|
3712
4033
|
}
|
3713
4034
|
g.update(data);
|
3714
4035
|
var lenBlock = new Uint8Array(16);
|
3715
|
-
var view = (
|
3716
|
-
(
|
3717
|
-
(
|
4036
|
+
var view = createView2(lenBlock);
|
4037
|
+
setBigUint642(view, 0, BigInt(aadLength * 8), false);
|
4038
|
+
setBigUint642(view, 8, BigInt(dataLength * 8), false);
|
3718
4039
|
g.update(lenBlock);
|
3719
4040
|
return g.digest();
|
3720
4041
|
};
|
@@ -3897,6 +4218,7 @@ function decrypt(inArray, key) {
|
|
3897
4218
|
}
|
3898
4219
|
// Annotate the CommonJS export names for ESM import in node:
|
3899
4220
|
0 && (module.exports = {
|
4221
|
+
kdf: kdf,
|
3900
4222
|
sm2: sm2,
|
3901
4223
|
sm3: sm3,
|
3902
4224
|
sm4: sm4
|
@@ -3913,4 +4235,7 @@ function decrypt(inArray, key) {
|
|
3913
4235
|
|
3914
4236
|
@noble/curves/esm/abstract/weierstrass.js:
|
3915
4237
|
(*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
|
4238
|
+
|
4239
|
+
@noble/ciphers/esm/utils.js:
|
4240
|
+
(*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) *)
|
3916
4241
|
*/
|