sm-crypto-v2 1.10.1 → 1.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/README.md +4 -1
- package/dist/index.d.mts +15 -7
- package/dist/index.d.ts +15 -7
- package/dist/index.js +90 -97
- package/dist/index.mjs +89 -97
- package/miniprogram_dist/index.d.ts +15 -7
- package/miniprogram_dist/index.js +56 -64
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
@@ -2,6 +2,13 @@
|
|
2
2
|
|
3
3
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
4
4
|
|
5
|
+
## [1.11.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.10.1...v1.11.0) (2025-04-28)
|
6
|
+
|
7
|
+
|
8
|
+
### Features
|
9
|
+
|
10
|
+
* **sm3, kx:** expose kdf in sm3, added test case for parity ([f0091ca](https://github.com/Cubelrti/sm-crypto-v2/commit/f0091ca4a58a3369a83f274023268dfe2bda2794))
|
11
|
+
|
5
12
|
### [1.10.1](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.10.0...v1.10.1) (2025-04-27)
|
6
13
|
|
7
14
|
|
package/README.md
CHANGED
@@ -150,13 +150,16 @@ let verifyResult4 = sm2.doVerifySignature(msg, sigValueHex4, precomputedPublicKe
|
|
150
150
|
## sm3
|
151
151
|
|
152
152
|
```js
|
153
|
-
import { sm3 } from 'sm-crypto-v2'
|
153
|
+
import { sm3, kdf } from 'sm-crypto-v2'
|
154
154
|
let hashData = sm3('abc') // 杂凑
|
155
155
|
|
156
156
|
// hmac
|
157
157
|
hashData = sm3('abc', {
|
158
158
|
key: 'daac25c1512fe50f79b0e4526b93f5c0e1460cef40b6dd44af13caec62e8c60e0d885f3c6d6fb51e530889e6fd4ac743a6d332e68a0f2a3923f42585dceb93e9', // 要求为 16 进制串或字节数组
|
159
159
|
})
|
160
|
+
|
161
|
+
// kdf,注意这是 GM/T 0003-2012 中的 SM3 KDF(密钥派生函数),不是 RFC5869 的 HKDF
|
162
|
+
kdfData = kdf('abc', 32 /* 输出长度 */)
|
160
163
|
```
|
161
164
|
|
162
165
|
## sm4
|
package/dist/index.d.mts
CHANGED
@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
|
|
31
31
|
/**
|
32
32
|
* 转成字节数组
|
33
33
|
*/
|
34
|
-
declare function hexToArray(hexStr: string): Uint8Array
|
34
|
+
declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
|
35
35
|
/**
|
36
36
|
* 验证公钥是否为椭圆曲线上的点
|
37
37
|
*/
|
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
|
|
43
43
|
|
44
44
|
declare function initRNGPool(): Promise<void>;
|
45
45
|
|
46
|
-
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array
|
46
|
+
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
|
47
47
|
|
48
|
-
declare const EmptyArray: Uint8Array
|
48
|
+
declare const EmptyArray: Uint8Array<ArrayBuffer>;
|
49
49
|
/**
|
50
50
|
* 加密
|
51
51
|
*/
|
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
|
|
85
85
|
hash?: boolean;
|
86
86
|
userId?: string;
|
87
87
|
}): boolean;
|
88
|
-
declare function getZ(publicKey: string, userId?: string): Uint8Array
|
88
|
+
declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
|
89
89
|
/**
|
90
90
|
* sm3杂凑算法
|
91
91
|
*/
|
@@ -139,6 +139,14 @@ declare namespace index$1 {
|
|
139
139
|
export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
|
140
140
|
}
|
141
141
|
|
142
|
+
/**
|
143
|
+
* SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
|
144
|
+
* @param z Input data (string or Uint8Array)
|
145
|
+
* @param keylen Desired key length in bytes
|
146
|
+
* @returns Derived key as Uint8Array
|
147
|
+
*/
|
148
|
+
declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
|
149
|
+
|
142
150
|
declare function sm3(input: string | Uint8Array, options?: {
|
143
151
|
key: Uint8Array | string;
|
144
152
|
mode?: 'hmac' | 'mac';
|
@@ -153,9 +161,9 @@ interface SM4Options {
|
|
153
161
|
outputTag?: boolean;
|
154
162
|
tag?: Uint8Array | string;
|
155
163
|
}
|
156
|
-
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
|
164
|
+
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
|
157
165
|
output: Uint8Array;
|
158
|
-
tag?: Uint8Array
|
166
|
+
tag?: Uint8Array;
|
159
167
|
} | {
|
160
168
|
output: string;
|
161
169
|
tag: string | undefined;
|
@@ -194,4 +202,4 @@ declare namespace index {
|
|
194
202
|
export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
|
195
203
|
}
|
196
204
|
|
197
|
-
export { index$1 as sm2, sm3, index as sm4 };
|
205
|
+
export { kdf, index$1 as sm2, sm3, index as sm4 };
|
package/dist/index.d.ts
CHANGED
@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
|
|
31
31
|
/**
|
32
32
|
* 转成字节数组
|
33
33
|
*/
|
34
|
-
declare function hexToArray(hexStr: string): Uint8Array
|
34
|
+
declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
|
35
35
|
/**
|
36
36
|
* 验证公钥是否为椭圆曲线上的点
|
37
37
|
*/
|
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
|
|
43
43
|
|
44
44
|
declare function initRNGPool(): Promise<void>;
|
45
45
|
|
46
|
-
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array
|
46
|
+
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
|
47
47
|
|
48
|
-
declare const EmptyArray: Uint8Array
|
48
|
+
declare const EmptyArray: Uint8Array<ArrayBuffer>;
|
49
49
|
/**
|
50
50
|
* 加密
|
51
51
|
*/
|
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
|
|
85
85
|
hash?: boolean;
|
86
86
|
userId?: string;
|
87
87
|
}): boolean;
|
88
|
-
declare function getZ(publicKey: string, userId?: string): Uint8Array
|
88
|
+
declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
|
89
89
|
/**
|
90
90
|
* sm3杂凑算法
|
91
91
|
*/
|
@@ -139,6 +139,14 @@ declare namespace index$1 {
|
|
139
139
|
export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
|
140
140
|
}
|
141
141
|
|
142
|
+
/**
|
143
|
+
* SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
|
144
|
+
* @param z Input data (string or Uint8Array)
|
145
|
+
* @param keylen Desired key length in bytes
|
146
|
+
* @returns Derived key as Uint8Array
|
147
|
+
*/
|
148
|
+
declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
|
149
|
+
|
142
150
|
declare function sm3(input: string | Uint8Array, options?: {
|
143
151
|
key: Uint8Array | string;
|
144
152
|
mode?: 'hmac' | 'mac';
|
@@ -153,9 +161,9 @@ interface SM4Options {
|
|
153
161
|
outputTag?: boolean;
|
154
162
|
tag?: Uint8Array | string;
|
155
163
|
}
|
156
|
-
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
|
164
|
+
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
|
157
165
|
output: Uint8Array;
|
158
|
-
tag?: Uint8Array
|
166
|
+
tag?: Uint8Array;
|
159
167
|
} | {
|
160
168
|
output: string;
|
161
169
|
tag: string | undefined;
|
@@ -194,4 +202,4 @@ declare namespace index {
|
|
194
202
|
export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
|
195
203
|
}
|
196
204
|
|
197
|
-
export { index$1 as sm2, sm3, index as sm4 };
|
205
|
+
export { kdf, index$1 as sm2, sm3, index as sm4 };
|
package/dist/index.js
CHANGED
@@ -30,6 +30,7 @@ var __toCommonJS = (mod2) => __copyProps(__defProp({}, "__esModule", { value: tr
|
|
30
30
|
// src/index.ts
|
31
31
|
var src_exports = {};
|
32
32
|
__export(src_exports, {
|
33
|
+
kdf: () => kdf,
|
33
34
|
sm2: () => sm2_exports,
|
34
35
|
sm3: () => sm32,
|
35
36
|
sm4: () => sm4_exports
|
@@ -703,13 +704,56 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
|
|
703
704
|
}
|
704
705
|
|
705
706
|
// src/sm2/index.ts
|
706
|
-
var
|
707
|
+
var utils5 = __toESM(require("@noble/curves/abstract/utils"));
|
707
708
|
|
708
|
-
// src/sm2/
|
709
|
+
// src/sm2/kdf.ts
|
709
710
|
var utils3 = __toESM(require("@noble/curves/abstract/utils"));
|
710
|
-
|
711
|
-
|
712
|
-
function
|
711
|
+
|
712
|
+
// src/sm3/index.ts
|
713
|
+
function utf8ToArray(str) {
|
714
|
+
const arr = [];
|
715
|
+
for (let i = 0, len = str.length; i < len; i++) {
|
716
|
+
const point = str.codePointAt(i);
|
717
|
+
if (point <= 127) {
|
718
|
+
arr.push(point);
|
719
|
+
} else if (point <= 2047) {
|
720
|
+
arr.push(192 | point >>> 6);
|
721
|
+
arr.push(128 | point & 63);
|
722
|
+
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
723
|
+
arr.push(224 | point >>> 12);
|
724
|
+
arr.push(128 | point >>> 6 & 63);
|
725
|
+
arr.push(128 | point & 63);
|
726
|
+
} else if (point >= 65536 && point <= 1114111) {
|
727
|
+
i++;
|
728
|
+
arr.push(240 | point >>> 18 & 28);
|
729
|
+
arr.push(128 | point >>> 12 & 63);
|
730
|
+
arr.push(128 | point >>> 6 & 63);
|
731
|
+
arr.push(128 | point & 63);
|
732
|
+
} else {
|
733
|
+
arr.push(point);
|
734
|
+
throw new Error("input is not supported");
|
735
|
+
}
|
736
|
+
}
|
737
|
+
return new Uint8Array(arr);
|
738
|
+
}
|
739
|
+
function sm32(input, options) {
|
740
|
+
input = typeof input === "string" ? utf8ToArray(input) : input;
|
741
|
+
if (options) {
|
742
|
+
const mode = options.mode || "hmac";
|
743
|
+
if (mode !== "hmac")
|
744
|
+
throw new Error("invalid mode");
|
745
|
+
let key = options.key;
|
746
|
+
if (!key)
|
747
|
+
throw new Error("invalid key");
|
748
|
+
key = typeof key === "string" ? hexToArray(key) : key;
|
749
|
+
return bytesToHex(hmac(sm3, key, input));
|
750
|
+
}
|
751
|
+
return bytesToHex(sm3(input));
|
752
|
+
}
|
753
|
+
|
754
|
+
// src/sm2/kdf.ts
|
755
|
+
function kdf(z, keylen) {
|
756
|
+
z = typeof z === "string" ? utf8ToArray(z) : z;
|
713
757
|
let msg = new Uint8Array(keylen);
|
714
758
|
let ct = 1;
|
715
759
|
let offset = 0;
|
@@ -732,6 +776,11 @@ function hkdf(z, keylen) {
|
|
732
776
|
}
|
733
777
|
return msg;
|
734
778
|
}
|
779
|
+
|
780
|
+
// src/sm2/kx.ts
|
781
|
+
var utils4 = __toESM(require("@noble/curves/abstract/utils"));
|
782
|
+
var wPow2 = utils4.hexToNumber("80000000000000000000000000000000");
|
783
|
+
var wPow2Sub1 = utils4.hexToNumber("7fffffffffffffffffffffffffffffff");
|
735
784
|
function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
|
736
785
|
const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
|
737
786
|
const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
|
@@ -741,35 +790,41 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
|
|
741
790
|
if (isRecipient) {
|
742
791
|
[ZA, ZB] = [ZB, ZA];
|
743
792
|
}
|
744
|
-
const rA =
|
745
|
-
const dA =
|
793
|
+
const rA = utils4.hexToNumber(ephemeralKeypairA.privateKey);
|
794
|
+
const dA = utils4.hexToNumber(keypairA.privateKey);
|
746
795
|
const x1 = RA.x;
|
747
796
|
const x1_ = wPow2 + (x1 & wPow2Sub1);
|
748
797
|
const tA = field.add(dA, field.mulN(x1_, rA));
|
749
798
|
const x2 = RB.x;
|
750
799
|
const x2_ = field.add(wPow2, x2 & wPow2Sub1);
|
751
800
|
const U = RB.multiply(x2_).add(PB).multiply(tA);
|
752
|
-
const xU = hexToArray(leftPad(
|
753
|
-
const yU = hexToArray(leftPad(
|
754
|
-
const KA =
|
801
|
+
const xU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.x), 64));
|
802
|
+
const yU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.y), 64));
|
803
|
+
const KA = kdf(utils4.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
|
755
804
|
return KA;
|
756
805
|
}
|
757
806
|
|
758
807
|
// src/sm2/index.ts
|
808
|
+
function xorCipherStream(x2, y2, msg) {
|
809
|
+
const stream = kdf(utils5.concatBytes(x2, y2), msg.length);
|
810
|
+
for (let i = 0, len = msg.length; i < len; i++) {
|
811
|
+
msg[i] ^= stream[i] & 255;
|
812
|
+
}
|
813
|
+
}
|
759
814
|
var C1C2C3 = 0;
|
760
815
|
var EmptyArray = new Uint8Array();
|
761
816
|
function doEncrypt(msg, publicKey, cipherMode = 1, options) {
|
762
817
|
const msgArr = typeof msg === "string" ? hexToArray(utf8ToHex(msg)) : Uint8Array.from(msg);
|
763
818
|
const publicKeyPoint = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
|
764
819
|
const keypair = generateKeyPairHex();
|
765
|
-
const k =
|
820
|
+
const k = utils5.hexToNumber(keypair.privateKey);
|
766
821
|
let c1 = keypair.publicKey;
|
767
822
|
if (c1.length > 128)
|
768
823
|
c1 = c1.substring(c1.length - 128);
|
769
824
|
const p = publicKeyPoint.multiply(k);
|
770
|
-
const x2 = hexToArray(leftPad(
|
771
|
-
const y2 = hexToArray(leftPad(
|
772
|
-
const c3 = bytesToHex(sm3(
|
825
|
+
const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
|
826
|
+
const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
|
827
|
+
const c3 = bytesToHex(sm3(utils5.concatBytes(x2, msgArr, y2)));
|
773
828
|
xorCipherStream(x2, y2, msgArr);
|
774
829
|
const c2 = bytesToHex(msgArr);
|
775
830
|
if (options?.asn1) {
|
@@ -779,30 +834,9 @@ function doEncrypt(msg, publicKey, cipherMode = 1, options) {
|
|
779
834
|
}
|
780
835
|
return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
|
781
836
|
}
|
782
|
-
function xorCipherStream(x2, y2, msg) {
|
783
|
-
let ct = 1;
|
784
|
-
let offset = 0;
|
785
|
-
let t = EmptyArray;
|
786
|
-
const ctShift = new Uint8Array(4);
|
787
|
-
const nextT = () => {
|
788
|
-
ctShift[0] = ct >> 24 & 255;
|
789
|
-
ctShift[1] = ct >> 16 & 255;
|
790
|
-
ctShift[2] = ct >> 8 & 255;
|
791
|
-
ctShift[3] = ct & 255;
|
792
|
-
t = sm3(utils4.concatBytes(x2, y2, ctShift));
|
793
|
-
ct++;
|
794
|
-
offset = 0;
|
795
|
-
};
|
796
|
-
nextT();
|
797
|
-
for (let i = 0, len = msg.length; i < len; i++) {
|
798
|
-
if (offset === t.length)
|
799
|
-
nextT();
|
800
|
-
msg[i] ^= t[offset++] & 255;
|
801
|
-
}
|
802
|
-
}
|
803
837
|
function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
|
804
838
|
const { output = "string", asn1 = false } = options || {};
|
805
|
-
const privateKeyInteger =
|
839
|
+
const privateKeyInteger = utils5.hexToNumber(privateKey);
|
806
840
|
let c1;
|
807
841
|
let c2;
|
808
842
|
let c3;
|
@@ -825,10 +859,10 @@ function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
|
|
825
859
|
}
|
826
860
|
const msg = hexToArray(c2);
|
827
861
|
const p = c1.multiply(privateKeyInteger);
|
828
|
-
const x2 = hexToArray(leftPad(
|
829
|
-
const y2 = hexToArray(leftPad(
|
862
|
+
const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
|
863
|
+
const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
|
830
864
|
xorCipherStream(x2, y2, msg);
|
831
|
-
const checkC3 = arrayToHex(Array.from(sm3(
|
865
|
+
const checkC3 = arrayToHex(Array.from(sm3(utils5.concatBytes(x2, msg, y2))));
|
832
866
|
if (checkC3 === c3.toLowerCase()) {
|
833
867
|
return output === "array" ? msg : arrayToUtf8(msg);
|
834
868
|
} else {
|
@@ -848,8 +882,8 @@ function doSignature(msg, privateKey, options = {}) {
|
|
848
882
|
publicKey = publicKey || getPublicKeyFromPrivateKey(privateKey);
|
849
883
|
hashHex = getHash(hashHex, publicKey, userId);
|
850
884
|
}
|
851
|
-
const dA =
|
852
|
-
const e =
|
885
|
+
const dA = utils5.hexToNumber(privateKey);
|
886
|
+
const e = utils5.hexToNumber(hashHex);
|
853
887
|
let k = null;
|
854
888
|
let r = null;
|
855
889
|
let s = null;
|
@@ -868,7 +902,7 @@ function doSignature(msg, privateKey, options = {}) {
|
|
868
902
|
} while (s === ZERO);
|
869
903
|
if (der)
|
870
904
|
return encodeDer(r, s);
|
871
|
-
return leftPad(
|
905
|
+
return leftPad(utils5.numberToHexUnpadded(r), 64) + leftPad(utils5.numberToHexUnpadded(s), 64);
|
872
906
|
}
|
873
907
|
function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
874
908
|
let hashHex;
|
@@ -890,11 +924,11 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
|
890
924
|
r = decodeDerObj.r;
|
891
925
|
s = decodeDerObj.s;
|
892
926
|
} else {
|
893
|
-
r =
|
894
|
-
s =
|
927
|
+
r = utils5.hexToNumber(signHex.substring(0, 64));
|
928
|
+
s = utils5.hexToNumber(signHex.substring(64));
|
895
929
|
}
|
896
930
|
const PA = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
|
897
|
-
const e =
|
931
|
+
const e = utils5.hexToNumber(hashHex);
|
898
932
|
const t = field.add(r, s);
|
899
933
|
if (t === ZERO)
|
900
934
|
return false;
|
@@ -904,10 +938,10 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
|
904
938
|
}
|
905
939
|
function getZ(publicKey, userId = "1234567812345678") {
|
906
940
|
userId = utf8ToHex(userId);
|
907
|
-
const a = leftPad(
|
908
|
-
const b = leftPad(
|
909
|
-
const gx = leftPad(
|
910
|
-
const gy = leftPad(
|
941
|
+
const a = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
|
942
|
+
const b = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
|
943
|
+
const gx = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
|
944
|
+
const gy = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
|
911
945
|
let px;
|
912
946
|
let py;
|
913
947
|
if (publicKey.length === 128) {
|
@@ -915,17 +949,17 @@ function getZ(publicKey, userId = "1234567812345678") {
|
|
915
949
|
py = publicKey.substring(64, 128);
|
916
950
|
} else {
|
917
951
|
const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
|
918
|
-
px = leftPad(
|
919
|
-
py = leftPad(
|
952
|
+
px = leftPad(utils5.numberToHexUnpadded(point.x), 64);
|
953
|
+
py = leftPad(utils5.numberToHexUnpadded(point.y), 64);
|
920
954
|
}
|
921
955
|
const data = hexToArray(userId + a + b + gx + gy + px + py);
|
922
956
|
const entl = userId.length * 4;
|
923
|
-
const z = sm3(
|
957
|
+
const z = sm3(utils5.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
|
924
958
|
return z;
|
925
959
|
}
|
926
960
|
function getHash(hashHex, publicKey, userId = "1234567812345678") {
|
927
961
|
const z = getZ(publicKey, userId);
|
928
|
-
return bytesToHex(sm3(
|
962
|
+
return bytesToHex(sm3(utils5.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
|
929
963
|
}
|
930
964
|
function precomputePublicKey(publicKey, windowSize) {
|
931
965
|
const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
|
@@ -933,13 +967,13 @@ function precomputePublicKey(publicKey, windowSize) {
|
|
933
967
|
}
|
934
968
|
function getPublicKeyFromPrivateKey(privateKey) {
|
935
969
|
const pubKey = sm2Curve.getPublicKey(privateKey, false);
|
936
|
-
const pubPad = leftPad(
|
970
|
+
const pubPad = leftPad(utils5.bytesToHex(pubKey), 64);
|
937
971
|
return pubPad;
|
938
972
|
}
|
939
973
|
function getPoint() {
|
940
974
|
const keypair = generateKeyPairHex();
|
941
975
|
const PA = sm2Curve.ProjectivePoint.fromHex(keypair.publicKey);
|
942
|
-
const k =
|
976
|
+
const k = utils5.hexToNumber(keypair.privateKey);
|
943
977
|
return {
|
944
978
|
...keypair,
|
945
979
|
k,
|
@@ -947,48 +981,6 @@ function getPoint() {
|
|
947
981
|
};
|
948
982
|
}
|
949
983
|
|
950
|
-
// src/sm3/index.ts
|
951
|
-
function utf8ToArray(str) {
|
952
|
-
const arr = [];
|
953
|
-
for (let i = 0, len = str.length; i < len; i++) {
|
954
|
-
const point = str.codePointAt(i);
|
955
|
-
if (point <= 127) {
|
956
|
-
arr.push(point);
|
957
|
-
} else if (point <= 2047) {
|
958
|
-
arr.push(192 | point >>> 6);
|
959
|
-
arr.push(128 | point & 63);
|
960
|
-
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
961
|
-
arr.push(224 | point >>> 12);
|
962
|
-
arr.push(128 | point >>> 6 & 63);
|
963
|
-
arr.push(128 | point & 63);
|
964
|
-
} else if (point >= 65536 && point <= 1114111) {
|
965
|
-
i++;
|
966
|
-
arr.push(240 | point >>> 18 & 28);
|
967
|
-
arr.push(128 | point >>> 12 & 63);
|
968
|
-
arr.push(128 | point >>> 6 & 63);
|
969
|
-
arr.push(128 | point & 63);
|
970
|
-
} else {
|
971
|
-
arr.push(point);
|
972
|
-
throw new Error("input is not supported");
|
973
|
-
}
|
974
|
-
}
|
975
|
-
return new Uint8Array(arr);
|
976
|
-
}
|
977
|
-
function sm32(input, options) {
|
978
|
-
input = typeof input === "string" ? utf8ToArray(input) : input;
|
979
|
-
if (options) {
|
980
|
-
const mode = options.mode || "hmac";
|
981
|
-
if (mode !== "hmac")
|
982
|
-
throw new Error("invalid mode");
|
983
|
-
let key = options.key;
|
984
|
-
if (!key)
|
985
|
-
throw new Error("invalid key");
|
986
|
-
key = typeof key === "string" ? hexToArray(key) : key;
|
987
|
-
return bytesToHex(hmac(sm3, key, input));
|
988
|
-
}
|
989
|
-
return bytesToHex(sm3(input));
|
990
|
-
}
|
991
|
-
|
992
984
|
// src/sm4/index.ts
|
993
985
|
var sm4_exports = {};
|
994
986
|
__export(sm4_exports, {
|
@@ -1617,6 +1609,7 @@ function decrypt(inArray, key, options = {}) {
|
|
1617
1609
|
}
|
1618
1610
|
// Annotate the CommonJS export names for ESM import in node:
|
1619
1611
|
0 && (module.exports = {
|
1612
|
+
kdf,
|
1620
1613
|
sm2,
|
1621
1614
|
sm3,
|
1622
1615
|
sm4
|
package/dist/index.mjs
CHANGED
@@ -671,13 +671,56 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
|
|
671
671
|
}
|
672
672
|
|
673
673
|
// src/sm2/index.ts
|
674
|
-
import * as
|
674
|
+
import * as utils5 from "@noble/curves/abstract/utils";
|
675
675
|
|
676
|
-
// src/sm2/
|
676
|
+
// src/sm2/kdf.ts
|
677
677
|
import * as utils3 from "@noble/curves/abstract/utils";
|
678
|
-
|
679
|
-
|
680
|
-
function
|
678
|
+
|
679
|
+
// src/sm3/index.ts
|
680
|
+
function utf8ToArray(str) {
|
681
|
+
const arr = [];
|
682
|
+
for (let i = 0, len = str.length; i < len; i++) {
|
683
|
+
const point = str.codePointAt(i);
|
684
|
+
if (point <= 127) {
|
685
|
+
arr.push(point);
|
686
|
+
} else if (point <= 2047) {
|
687
|
+
arr.push(192 | point >>> 6);
|
688
|
+
arr.push(128 | point & 63);
|
689
|
+
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
690
|
+
arr.push(224 | point >>> 12);
|
691
|
+
arr.push(128 | point >>> 6 & 63);
|
692
|
+
arr.push(128 | point & 63);
|
693
|
+
} else if (point >= 65536 && point <= 1114111) {
|
694
|
+
i++;
|
695
|
+
arr.push(240 | point >>> 18 & 28);
|
696
|
+
arr.push(128 | point >>> 12 & 63);
|
697
|
+
arr.push(128 | point >>> 6 & 63);
|
698
|
+
arr.push(128 | point & 63);
|
699
|
+
} else {
|
700
|
+
arr.push(point);
|
701
|
+
throw new Error("input is not supported");
|
702
|
+
}
|
703
|
+
}
|
704
|
+
return new Uint8Array(arr);
|
705
|
+
}
|
706
|
+
function sm32(input, options) {
|
707
|
+
input = typeof input === "string" ? utf8ToArray(input) : input;
|
708
|
+
if (options) {
|
709
|
+
const mode = options.mode || "hmac";
|
710
|
+
if (mode !== "hmac")
|
711
|
+
throw new Error("invalid mode");
|
712
|
+
let key = options.key;
|
713
|
+
if (!key)
|
714
|
+
throw new Error("invalid key");
|
715
|
+
key = typeof key === "string" ? hexToArray(key) : key;
|
716
|
+
return bytesToHex(hmac(sm3, key, input));
|
717
|
+
}
|
718
|
+
return bytesToHex(sm3(input));
|
719
|
+
}
|
720
|
+
|
721
|
+
// src/sm2/kdf.ts
|
722
|
+
function kdf(z, keylen) {
|
723
|
+
z = typeof z === "string" ? utf8ToArray(z) : z;
|
681
724
|
let msg = new Uint8Array(keylen);
|
682
725
|
let ct = 1;
|
683
726
|
let offset = 0;
|
@@ -700,6 +743,11 @@ function hkdf(z, keylen) {
|
|
700
743
|
}
|
701
744
|
return msg;
|
702
745
|
}
|
746
|
+
|
747
|
+
// src/sm2/kx.ts
|
748
|
+
import * as utils4 from "@noble/curves/abstract/utils";
|
749
|
+
var wPow2 = utils4.hexToNumber("80000000000000000000000000000000");
|
750
|
+
var wPow2Sub1 = utils4.hexToNumber("7fffffffffffffffffffffffffffffff");
|
703
751
|
function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
|
704
752
|
const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
|
705
753
|
const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
|
@@ -709,35 +757,41 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
|
|
709
757
|
if (isRecipient) {
|
710
758
|
[ZA, ZB] = [ZB, ZA];
|
711
759
|
}
|
712
|
-
const rA =
|
713
|
-
const dA =
|
760
|
+
const rA = utils4.hexToNumber(ephemeralKeypairA.privateKey);
|
761
|
+
const dA = utils4.hexToNumber(keypairA.privateKey);
|
714
762
|
const x1 = RA.x;
|
715
763
|
const x1_ = wPow2 + (x1 & wPow2Sub1);
|
716
764
|
const tA = field.add(dA, field.mulN(x1_, rA));
|
717
765
|
const x2 = RB.x;
|
718
766
|
const x2_ = field.add(wPow2, x2 & wPow2Sub1);
|
719
767
|
const U = RB.multiply(x2_).add(PB).multiply(tA);
|
720
|
-
const xU = hexToArray(leftPad(
|
721
|
-
const yU = hexToArray(leftPad(
|
722
|
-
const KA =
|
768
|
+
const xU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.x), 64));
|
769
|
+
const yU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.y), 64));
|
770
|
+
const KA = kdf(utils4.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
|
723
771
|
return KA;
|
724
772
|
}
|
725
773
|
|
726
774
|
// src/sm2/index.ts
|
775
|
+
function xorCipherStream(x2, y2, msg) {
|
776
|
+
const stream = kdf(utils5.concatBytes(x2, y2), msg.length);
|
777
|
+
for (let i = 0, len = msg.length; i < len; i++) {
|
778
|
+
msg[i] ^= stream[i] & 255;
|
779
|
+
}
|
780
|
+
}
|
727
781
|
var C1C2C3 = 0;
|
728
782
|
var EmptyArray = new Uint8Array();
|
729
783
|
function doEncrypt(msg, publicKey, cipherMode = 1, options) {
|
730
784
|
const msgArr = typeof msg === "string" ? hexToArray(utf8ToHex(msg)) : Uint8Array.from(msg);
|
731
785
|
const publicKeyPoint = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
|
732
786
|
const keypair = generateKeyPairHex();
|
733
|
-
const k =
|
787
|
+
const k = utils5.hexToNumber(keypair.privateKey);
|
734
788
|
let c1 = keypair.publicKey;
|
735
789
|
if (c1.length > 128)
|
736
790
|
c1 = c1.substring(c1.length - 128);
|
737
791
|
const p = publicKeyPoint.multiply(k);
|
738
|
-
const x2 = hexToArray(leftPad(
|
739
|
-
const y2 = hexToArray(leftPad(
|
740
|
-
const c3 = bytesToHex(sm3(
|
792
|
+
const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
|
793
|
+
const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
|
794
|
+
const c3 = bytesToHex(sm3(utils5.concatBytes(x2, msgArr, y2)));
|
741
795
|
xorCipherStream(x2, y2, msgArr);
|
742
796
|
const c2 = bytesToHex(msgArr);
|
743
797
|
if (options?.asn1) {
|
@@ -747,30 +801,9 @@ function doEncrypt(msg, publicKey, cipherMode = 1, options) {
|
|
747
801
|
}
|
748
802
|
return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
|
749
803
|
}
|
750
|
-
function xorCipherStream(x2, y2, msg) {
|
751
|
-
let ct = 1;
|
752
|
-
let offset = 0;
|
753
|
-
let t = EmptyArray;
|
754
|
-
const ctShift = new Uint8Array(4);
|
755
|
-
const nextT = () => {
|
756
|
-
ctShift[0] = ct >> 24 & 255;
|
757
|
-
ctShift[1] = ct >> 16 & 255;
|
758
|
-
ctShift[2] = ct >> 8 & 255;
|
759
|
-
ctShift[3] = ct & 255;
|
760
|
-
t = sm3(utils4.concatBytes(x2, y2, ctShift));
|
761
|
-
ct++;
|
762
|
-
offset = 0;
|
763
|
-
};
|
764
|
-
nextT();
|
765
|
-
for (let i = 0, len = msg.length; i < len; i++) {
|
766
|
-
if (offset === t.length)
|
767
|
-
nextT();
|
768
|
-
msg[i] ^= t[offset++] & 255;
|
769
|
-
}
|
770
|
-
}
|
771
804
|
function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
|
772
805
|
const { output = "string", asn1 = false } = options || {};
|
773
|
-
const privateKeyInteger =
|
806
|
+
const privateKeyInteger = utils5.hexToNumber(privateKey);
|
774
807
|
let c1;
|
775
808
|
let c2;
|
776
809
|
let c3;
|
@@ -793,10 +826,10 @@ function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
|
|
793
826
|
}
|
794
827
|
const msg = hexToArray(c2);
|
795
828
|
const p = c1.multiply(privateKeyInteger);
|
796
|
-
const x2 = hexToArray(leftPad(
|
797
|
-
const y2 = hexToArray(leftPad(
|
829
|
+
const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
|
830
|
+
const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
|
798
831
|
xorCipherStream(x2, y2, msg);
|
799
|
-
const checkC3 = arrayToHex(Array.from(sm3(
|
832
|
+
const checkC3 = arrayToHex(Array.from(sm3(utils5.concatBytes(x2, msg, y2))));
|
800
833
|
if (checkC3 === c3.toLowerCase()) {
|
801
834
|
return output === "array" ? msg : arrayToUtf8(msg);
|
802
835
|
} else {
|
@@ -816,8 +849,8 @@ function doSignature(msg, privateKey, options = {}) {
|
|
816
849
|
publicKey = publicKey || getPublicKeyFromPrivateKey(privateKey);
|
817
850
|
hashHex = getHash(hashHex, publicKey, userId);
|
818
851
|
}
|
819
|
-
const dA =
|
820
|
-
const e =
|
852
|
+
const dA = utils5.hexToNumber(privateKey);
|
853
|
+
const e = utils5.hexToNumber(hashHex);
|
821
854
|
let k = null;
|
822
855
|
let r = null;
|
823
856
|
let s = null;
|
@@ -836,7 +869,7 @@ function doSignature(msg, privateKey, options = {}) {
|
|
836
869
|
} while (s === ZERO);
|
837
870
|
if (der)
|
838
871
|
return encodeDer(r, s);
|
839
|
-
return leftPad(
|
872
|
+
return leftPad(utils5.numberToHexUnpadded(r), 64) + leftPad(utils5.numberToHexUnpadded(s), 64);
|
840
873
|
}
|
841
874
|
function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
842
875
|
let hashHex;
|
@@ -858,11 +891,11 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
|
858
891
|
r = decodeDerObj.r;
|
859
892
|
s = decodeDerObj.s;
|
860
893
|
} else {
|
861
|
-
r =
|
862
|
-
s =
|
894
|
+
r = utils5.hexToNumber(signHex.substring(0, 64));
|
895
|
+
s = utils5.hexToNumber(signHex.substring(64));
|
863
896
|
}
|
864
897
|
const PA = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
|
865
|
-
const e =
|
898
|
+
const e = utils5.hexToNumber(hashHex);
|
866
899
|
const t = field.add(r, s);
|
867
900
|
if (t === ZERO)
|
868
901
|
return false;
|
@@ -872,10 +905,10 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
|
|
872
905
|
}
|
873
906
|
function getZ(publicKey, userId = "1234567812345678") {
|
874
907
|
userId = utf8ToHex(userId);
|
875
|
-
const a = leftPad(
|
876
|
-
const b = leftPad(
|
877
|
-
const gx = leftPad(
|
878
|
-
const gy = leftPad(
|
908
|
+
const a = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
|
909
|
+
const b = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
|
910
|
+
const gx = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
|
911
|
+
const gy = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
|
879
912
|
let px;
|
880
913
|
let py;
|
881
914
|
if (publicKey.length === 128) {
|
@@ -883,17 +916,17 @@ function getZ(publicKey, userId = "1234567812345678") {
|
|
883
916
|
py = publicKey.substring(64, 128);
|
884
917
|
} else {
|
885
918
|
const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
|
886
|
-
px = leftPad(
|
887
|
-
py = leftPad(
|
919
|
+
px = leftPad(utils5.numberToHexUnpadded(point.x), 64);
|
920
|
+
py = leftPad(utils5.numberToHexUnpadded(point.y), 64);
|
888
921
|
}
|
889
922
|
const data = hexToArray(userId + a + b + gx + gy + px + py);
|
890
923
|
const entl = userId.length * 4;
|
891
|
-
const z = sm3(
|
924
|
+
const z = sm3(utils5.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
|
892
925
|
return z;
|
893
926
|
}
|
894
927
|
function getHash(hashHex, publicKey, userId = "1234567812345678") {
|
895
928
|
const z = getZ(publicKey, userId);
|
896
|
-
return bytesToHex(sm3(
|
929
|
+
return bytesToHex(sm3(utils5.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
|
897
930
|
}
|
898
931
|
function precomputePublicKey(publicKey, windowSize) {
|
899
932
|
const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
|
@@ -901,13 +934,13 @@ function precomputePublicKey(publicKey, windowSize) {
|
|
901
934
|
}
|
902
935
|
function getPublicKeyFromPrivateKey(privateKey) {
|
903
936
|
const pubKey = sm2Curve.getPublicKey(privateKey, false);
|
904
|
-
const pubPad = leftPad(
|
937
|
+
const pubPad = leftPad(utils5.bytesToHex(pubKey), 64);
|
905
938
|
return pubPad;
|
906
939
|
}
|
907
940
|
function getPoint() {
|
908
941
|
const keypair = generateKeyPairHex();
|
909
942
|
const PA = sm2Curve.ProjectivePoint.fromHex(keypair.publicKey);
|
910
|
-
const k =
|
943
|
+
const k = utils5.hexToNumber(keypair.privateKey);
|
911
944
|
return {
|
912
945
|
...keypair,
|
913
946
|
k,
|
@@ -915,48 +948,6 @@ function getPoint() {
|
|
915
948
|
};
|
916
949
|
}
|
917
950
|
|
918
|
-
// src/sm3/index.ts
|
919
|
-
function utf8ToArray(str) {
|
920
|
-
const arr = [];
|
921
|
-
for (let i = 0, len = str.length; i < len; i++) {
|
922
|
-
const point = str.codePointAt(i);
|
923
|
-
if (point <= 127) {
|
924
|
-
arr.push(point);
|
925
|
-
} else if (point <= 2047) {
|
926
|
-
arr.push(192 | point >>> 6);
|
927
|
-
arr.push(128 | point & 63);
|
928
|
-
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
929
|
-
arr.push(224 | point >>> 12);
|
930
|
-
arr.push(128 | point >>> 6 & 63);
|
931
|
-
arr.push(128 | point & 63);
|
932
|
-
} else if (point >= 65536 && point <= 1114111) {
|
933
|
-
i++;
|
934
|
-
arr.push(240 | point >>> 18 & 28);
|
935
|
-
arr.push(128 | point >>> 12 & 63);
|
936
|
-
arr.push(128 | point >>> 6 & 63);
|
937
|
-
arr.push(128 | point & 63);
|
938
|
-
} else {
|
939
|
-
arr.push(point);
|
940
|
-
throw new Error("input is not supported");
|
941
|
-
}
|
942
|
-
}
|
943
|
-
return new Uint8Array(arr);
|
944
|
-
}
|
945
|
-
function sm32(input, options) {
|
946
|
-
input = typeof input === "string" ? utf8ToArray(input) : input;
|
947
|
-
if (options) {
|
948
|
-
const mode = options.mode || "hmac";
|
949
|
-
if (mode !== "hmac")
|
950
|
-
throw new Error("invalid mode");
|
951
|
-
let key = options.key;
|
952
|
-
if (!key)
|
953
|
-
throw new Error("invalid key");
|
954
|
-
key = typeof key === "string" ? hexToArray(key) : key;
|
955
|
-
return bytesToHex(hmac(sm3, key, input));
|
956
|
-
}
|
957
|
-
return bytesToHex(sm3(input));
|
958
|
-
}
|
959
|
-
|
960
951
|
// src/sm4/index.ts
|
961
952
|
var sm4_exports = {};
|
962
953
|
__export(sm4_exports, {
|
@@ -1584,6 +1575,7 @@ function decrypt(inArray, key, options = {}) {
|
|
1584
1575
|
return sm4(inArray, key, 0, options);
|
1585
1576
|
}
|
1586
1577
|
export {
|
1578
|
+
kdf,
|
1587
1579
|
sm2_exports as sm2,
|
1588
1580
|
sm32 as sm3,
|
1589
1581
|
sm4_exports as sm4
|
@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
|
|
31
31
|
/**
|
32
32
|
* 转成字节数组
|
33
33
|
*/
|
34
|
-
declare function hexToArray(hexStr: string): Uint8Array
|
34
|
+
declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
|
35
35
|
/**
|
36
36
|
* 验证公钥是否为椭圆曲线上的点
|
37
37
|
*/
|
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
|
|
43
43
|
|
44
44
|
declare function initRNGPool(): Promise<void>;
|
45
45
|
|
46
|
-
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array
|
46
|
+
declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
|
47
47
|
|
48
|
-
declare const EmptyArray: Uint8Array
|
48
|
+
declare const EmptyArray: Uint8Array<ArrayBuffer>;
|
49
49
|
/**
|
50
50
|
* 加密
|
51
51
|
*/
|
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
|
|
85
85
|
hash?: boolean;
|
86
86
|
userId?: string;
|
87
87
|
}): boolean;
|
88
|
-
declare function getZ(publicKey: string, userId?: string): Uint8Array
|
88
|
+
declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
|
89
89
|
/**
|
90
90
|
* sm3杂凑算法
|
91
91
|
*/
|
@@ -139,6 +139,14 @@ declare namespace index$1 {
|
|
139
139
|
export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
|
140
140
|
}
|
141
141
|
|
142
|
+
/**
|
143
|
+
* SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
|
144
|
+
* @param z Input data (string or Uint8Array)
|
145
|
+
* @param keylen Desired key length in bytes
|
146
|
+
* @returns Derived key as Uint8Array
|
147
|
+
*/
|
148
|
+
declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
|
149
|
+
|
142
150
|
declare function sm3(input: string | Uint8Array, options?: {
|
143
151
|
key: Uint8Array | string;
|
144
152
|
mode?: 'hmac' | 'mac';
|
@@ -153,9 +161,9 @@ interface SM4Options {
|
|
153
161
|
outputTag?: boolean;
|
154
162
|
tag?: Uint8Array | string;
|
155
163
|
}
|
156
|
-
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
|
164
|
+
declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
|
157
165
|
output: Uint8Array;
|
158
|
-
tag?: Uint8Array
|
166
|
+
tag?: Uint8Array;
|
159
167
|
} | {
|
160
168
|
output: string;
|
161
169
|
tag: string | undefined;
|
@@ -194,4 +202,4 @@ declare namespace index {
|
|
194
202
|
export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
|
195
203
|
}
|
196
204
|
|
197
|
-
export { index$1 as sm2, sm3, index as sm4 };
|
205
|
+
export { kdf, index$1 as sm2, sm3, index as sm4 };
|
@@ -444,6 +444,9 @@ var __publicField = function(obj, key, value) {
|
|
444
444
|
// src/index.ts
|
445
445
|
var src_exports = {};
|
446
446
|
__export(src_exports, {
|
447
|
+
kdf: function() {
|
448
|
+
return kdf;
|
449
|
+
},
|
447
450
|
sm2: function() {
|
448
451
|
return sm2_exports;
|
449
452
|
},
|
@@ -2976,10 +2979,48 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
|
|
2976
2979
|
if (!point2) return false;
|
2977
2980
|
return point1.equals(point2);
|
2978
2981
|
}
|
2979
|
-
// src/
|
2980
|
-
|
2981
|
-
var
|
2982
|
-
|
2982
|
+
// src/sm3/index.ts
|
2983
|
+
function utf8ToArray(str) {
|
2984
|
+
var arr = [];
|
2985
|
+
for(var i = 0, len = str.length; i < len; i++){
|
2986
|
+
var point = str.codePointAt(i);
|
2987
|
+
if (point <= 127) {
|
2988
|
+
arr.push(point);
|
2989
|
+
} else if (point <= 2047) {
|
2990
|
+
arr.push(192 | point >>> 6);
|
2991
|
+
arr.push(128 | point & 63);
|
2992
|
+
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
2993
|
+
arr.push(224 | point >>> 12);
|
2994
|
+
arr.push(128 | point >>> 6 & 63);
|
2995
|
+
arr.push(128 | point & 63);
|
2996
|
+
} else if (point >= 65536 && point <= 1114111) {
|
2997
|
+
i++;
|
2998
|
+
arr.push(240 | point >>> 18 & 28);
|
2999
|
+
arr.push(128 | point >>> 12 & 63);
|
3000
|
+
arr.push(128 | point >>> 6 & 63);
|
3001
|
+
arr.push(128 | point & 63);
|
3002
|
+
} else {
|
3003
|
+
arr.push(point);
|
3004
|
+
throw new Error("input is not supported");
|
3005
|
+
}
|
3006
|
+
}
|
3007
|
+
return new Uint8Array(arr);
|
3008
|
+
}
|
3009
|
+
function sm32(input, options) {
|
3010
|
+
input = typeof input === "string" ? utf8ToArray(input) : input;
|
3011
|
+
if (options) {
|
3012
|
+
var mode = options.mode || "hmac";
|
3013
|
+
if (mode !== "hmac") throw new Error("invalid mode");
|
3014
|
+
var key = options.key;
|
3015
|
+
if (!key) throw new Error("invalid key");
|
3016
|
+
key = typeof key === "string" ? hexToArray(key) : key;
|
3017
|
+
return bytesToHex2(hmac(sm3, key, input));
|
3018
|
+
}
|
3019
|
+
return bytesToHex2(sm3(input));
|
3020
|
+
}
|
3021
|
+
// src/sm2/kdf.ts
|
3022
|
+
function kdf(z, keylen) {
|
3023
|
+
z = typeof z === "string" ? utf8ToArray(z) : z;
|
2983
3024
|
var msg = new Uint8Array(keylen);
|
2984
3025
|
var ct = 1;
|
2985
3026
|
var offset = 0;
|
@@ -3001,6 +3042,9 @@ function hkdf(z, keylen) {
|
|
3001
3042
|
}
|
3002
3043
|
return msg;
|
3003
3044
|
}
|
3045
|
+
// src/sm2/kx.ts
|
3046
|
+
var wPow2 = hexToNumber("80000000000000000000000000000000");
|
3047
|
+
var wPow2Sub1 = hexToNumber("7fffffffffffffffffffffffffffffff");
|
3004
3048
|
function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength) {
|
3005
3049
|
var isRecipient = arguments.length > 5 && arguments[5] !== void 0 ? arguments[5] : false, idA = arguments.length > 6 && arguments[6] !== void 0 ? arguments[6] : "1234567812345678", idB = arguments.length > 7 && arguments[7] !== void 0 ? arguments[7] : "1234567812345678";
|
3006
3050
|
var RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
|
@@ -3025,10 +3069,16 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
|
|
3025
3069
|
var U = RB.multiply(x2_).add(PB).multiply(tA);
|
3026
3070
|
var xU = hexToArray(leftPad(numberToHexUnpadded(U.x), 64));
|
3027
3071
|
var yU = hexToArray(leftPad(numberToHexUnpadded(U.y), 64));
|
3028
|
-
var KA =
|
3072
|
+
var KA = kdf(concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
|
3029
3073
|
return KA;
|
3030
3074
|
}
|
3031
3075
|
// src/sm2/index.ts
|
3076
|
+
function xorCipherStream(x2, y2, msg) {
|
3077
|
+
var stream = kdf(concatBytes(x2, y2), msg.length);
|
3078
|
+
for(var i = 0, len = msg.length; i < len; i++){
|
3079
|
+
msg[i] ^= stream[i] & 255;
|
3080
|
+
}
|
3081
|
+
}
|
3032
3082
|
var C1C2C3 = 0;
|
3033
3083
|
var EmptyArray = new Uint8Array();
|
3034
3084
|
function doEncrypt(msg, publicKey) {
|
@@ -3052,26 +3102,6 @@ function doEncrypt(msg, publicKey) {
|
|
3052
3102
|
}
|
3053
3103
|
return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
|
3054
3104
|
}
|
3055
|
-
function xorCipherStream(x2, y2, msg) {
|
3056
|
-
var ct = 1;
|
3057
|
-
var offset = 0;
|
3058
|
-
var t = EmptyArray;
|
3059
|
-
var ctShift = new Uint8Array(4);
|
3060
|
-
var nextT = function() {
|
3061
|
-
ctShift[0] = ct >> 24 & 255;
|
3062
|
-
ctShift[1] = ct >> 16 & 255;
|
3063
|
-
ctShift[2] = ct >> 8 & 255;
|
3064
|
-
ctShift[3] = ct & 255;
|
3065
|
-
t = sm3(concatBytes(x2, y2, ctShift));
|
3066
|
-
ct++;
|
3067
|
-
offset = 0;
|
3068
|
-
};
|
3069
|
-
nextT();
|
3070
|
-
for(var i = 0, len = msg.length; i < len; i++){
|
3071
|
-
if (offset === t.length) nextT();
|
3072
|
-
msg[i] ^= t[offset++] & 255;
|
3073
|
-
}
|
3074
|
-
}
|
3075
3105
|
function doDecrypt(encryptData, privateKey) {
|
3076
3106
|
var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1, options = arguments.length > 3 ? arguments[3] : void 0;
|
3077
3107
|
var _ref = options || {}, _ref_output = _ref.output, output = _ref_output === void 0 ? "string" : _ref_output, _ref_asn1 = _ref.asn1, asn1 = _ref_asn1 === void 0 ? false : _ref_asn1;
|
@@ -3220,45 +3250,6 @@ function getPoint() {
|
|
3220
3250
|
x1: PA.x
|
3221
3251
|
});
|
3222
3252
|
}
|
3223
|
-
// src/sm3/index.ts
|
3224
|
-
function utf8ToArray(str) {
|
3225
|
-
var arr = [];
|
3226
|
-
for(var i = 0, len = str.length; i < len; i++){
|
3227
|
-
var point = str.codePointAt(i);
|
3228
|
-
if (point <= 127) {
|
3229
|
-
arr.push(point);
|
3230
|
-
} else if (point <= 2047) {
|
3231
|
-
arr.push(192 | point >>> 6);
|
3232
|
-
arr.push(128 | point & 63);
|
3233
|
-
} else if (point <= 55295 || point >= 57344 && point <= 65535) {
|
3234
|
-
arr.push(224 | point >>> 12);
|
3235
|
-
arr.push(128 | point >>> 6 & 63);
|
3236
|
-
arr.push(128 | point & 63);
|
3237
|
-
} else if (point >= 65536 && point <= 1114111) {
|
3238
|
-
i++;
|
3239
|
-
arr.push(240 | point >>> 18 & 28);
|
3240
|
-
arr.push(128 | point >>> 12 & 63);
|
3241
|
-
arr.push(128 | point >>> 6 & 63);
|
3242
|
-
arr.push(128 | point & 63);
|
3243
|
-
} else {
|
3244
|
-
arr.push(point);
|
3245
|
-
throw new Error("input is not supported");
|
3246
|
-
}
|
3247
|
-
}
|
3248
|
-
return new Uint8Array(arr);
|
3249
|
-
}
|
3250
|
-
function sm32(input, options) {
|
3251
|
-
input = typeof input === "string" ? utf8ToArray(input) : input;
|
3252
|
-
if (options) {
|
3253
|
-
var mode = options.mode || "hmac";
|
3254
|
-
if (mode !== "hmac") throw new Error("invalid mode");
|
3255
|
-
var key = options.key;
|
3256
|
-
if (!key) throw new Error("invalid key");
|
3257
|
-
key = typeof key === "string" ? hexToArray(key) : key;
|
3258
|
-
return bytesToHex2(hmac(sm3, key, input));
|
3259
|
-
}
|
3260
|
-
return bytesToHex2(sm3(input));
|
3261
|
-
}
|
3262
3253
|
// src/sm4/index.ts
|
3263
3254
|
var sm4_exports = {};
|
3264
3255
|
__export(sm4_exports, {
|
@@ -4227,6 +4218,7 @@ function decrypt(inArray, key) {
|
|
4227
4218
|
}
|
4228
4219
|
// Annotate the CommonJS export names for ESM import in node:
|
4229
4220
|
0 && (module.exports = {
|
4221
|
+
kdf: kdf,
|
4230
4222
|
sm2: sm2,
|
4231
4223
|
sm3: sm3,
|
4232
4224
|
sm4: sm4
|
package/package.json
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
{
|
2
2
|
"name": "sm-crypto-v2",
|
3
|
-
"version": "1.
|
3
|
+
"version": "1.11.0",
|
4
4
|
"description": "sm-crypto-v2",
|
5
5
|
"main": "dist/index.js",
|
6
6
|
"module": "dist/index.mjs",
|
@@ -58,7 +58,7 @@
|
|
58
58
|
"prettier": "^2.6.2",
|
59
59
|
"standard-version": "^9.5.0",
|
60
60
|
"tsup": "^8.0.1",
|
61
|
-
"typescript": "^
|
61
|
+
"typescript": "^5.8.3",
|
62
62
|
"vite": "^4.3.9",
|
63
63
|
"vitest": "^0.31.0"
|
64
64
|
}
|