sm-crypto-v2 1.10.1 → 1.12.0

package/CHANGELOG.md

@@ -2,6 +2,20 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.12.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.11.0...v1.12.0) (2025-06-05)
+
+
+### Features
+
+* **utils:** ensure sm2 runs in environment don't have TextEncoder ([6b74b8d](https://github.com/Cubelrti/sm-crypto-v2/commit/6b74b8d4df3ead8e2c01587e3c13cdbbf9a27701))
+
+## [1.11.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.10.1...v1.11.0) (2025-04-28)
+
+
+### Features
+
+* **sm3, kx:** expose kdf in sm3, added test case for parity ([f0091ca](https://github.com/Cubelrti/sm-crypto-v2/commit/f0091ca4a58a3369a83f274023268dfe2bda2794))
+
 ### [1.10.1](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.10.0...v1.10.1) (2025-04-27)
 
 

package/README.md

@@ -150,13 +150,16 @@ let verifyResult4 = sm2.doVerifySignature(msg, sigValueHex4, precomputedPublicKe
 ## sm3
 
 ```js
-import { sm3 } from 'sm-crypto-v2'
+import { sm3, kdf } from 'sm-crypto-v2'
 let hashData = sm3('abc') // 杂凑
 
 // hmac
 hashData = sm3('abc', {
     key: 'daac25c1512fe50f79b0e4526b93f5c0e1460cef40b6dd44af13caec62e8c60e0d885f3c6d6fb51e530889e6fd4ac743a6d332e68a0f2a3923f42585dceb93e9', // 要求为 16 进制串或字节数组
 })
+
+// kdf，注意这是 GM/T 0003-2012 中的 SM3 KDF（密钥派生函数），不是 RFC5869 的 HKDF
+kdfData = kdf('abc', 32 /* 输出长度 */)
 ```
 
 ## sm4

package/dist/index.d.mts

@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
 /**
  * 转成字节数组
  */
-declare function hexToArray(hexStr: string): Uint8Array;
+declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
 /**
  * 验证公钥是否为椭圆曲线上的点
  */
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
 
 declare function initRNGPool(): Promise<void>;
 
-declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
 
-declare const EmptyArray: Uint8Array;
+declare const EmptyArray: Uint8Array<ArrayBuffer>;
 /**
  * 加密
  */
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
     hash?: boolean;
     userId?: string;
 }): boolean;
-declare function getZ(publicKey: string, userId?: string): Uint8Array;
+declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
 /**
  * sm3杂凑算法
  */
@@ -139,6 +139,14 @@ declare namespace index$1 {
   export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
 }
 
+/**
+ * SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
+ * @param z Input data (string or Uint8Array)
+ * @param keylen Desired key length in bytes
+ * @returns Derived key as Uint8Array
+ */
+declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
+
 declare function sm3(input: string | Uint8Array, options?: {
     key: Uint8Array | string;
     mode?: 'hmac' | 'mac';
@@ -153,9 +161,9 @@ interface SM4Options {
     outputTag?: boolean;
     tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
     output: Uint8Array;
-    tag?: Uint8Array | undefined;
+    tag?: Uint8Array;
 } | {
     output: string;
     tag: string | undefined;
@@ -194,4 +202,4 @@ declare namespace index {
   export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
-export { index$1 as sm2, sm3, index as sm4 };
+export { kdf, index$1 as sm2, sm3, index as sm4 };

package/dist/index.d.ts

@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
 /**
  * 转成字节数组
  */
-declare function hexToArray(hexStr: string): Uint8Array;
+declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
 /**
  * 验证公钥是否为椭圆曲线上的点
  */
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
 
 declare function initRNGPool(): Promise<void>;
 
-declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
 
-declare const EmptyArray: Uint8Array;
+declare const EmptyArray: Uint8Array<ArrayBuffer>;
 /**
  * 加密
  */
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
     hash?: boolean;
     userId?: string;
 }): boolean;
-declare function getZ(publicKey: string, userId?: string): Uint8Array;
+declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
 /**
  * sm3杂凑算法
  */
@@ -139,6 +139,14 @@ declare namespace index$1 {
   export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
 }
 
+/**
+ * SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
+ * @param z Input data (string or Uint8Array)
+ * @param keylen Desired key length in bytes
+ * @returns Derived key as Uint8Array
+ */
+declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
+
 declare function sm3(input: string | Uint8Array, options?: {
     key: Uint8Array | string;
     mode?: 'hmac' | 'mac';
@@ -153,9 +161,9 @@ interface SM4Options {
     outputTag?: boolean;
     tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
     output: Uint8Array;
-    tag?: Uint8Array | undefined;
+    tag?: Uint8Array;
 } | {
     output: string;
     tag: string | undefined;
@@ -194,4 +202,4 @@ declare namespace index {
   export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
-export { index$1 as sm2, sm3, index as sm4 };
+export { kdf, index$1 as sm2, sm3, index as sm4 };

package/dist/index.js

@@ -30,6 +30,7 @@ var __toCommonJS = (mod2) => __copyProps(__defProp({}, "__esModule", { value: tr
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  kdf: () => kdf,
   sm2: () => sm2_exports,
   sm3: () => sm32,
   sm4: () => sm4_exports
@@ -303,7 +304,10 @@ var createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLengt
 var isLE = new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68;
 if (!isLE)
   throw new Error("Non little-endian hardware is not supported");
-var hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, "0"));
+var hexes = Array.from(
+  { length: 256 },
+  (v, i) => i.toString(16).padStart(2, "0")
+);
 function bytesToHex(bytes) {
   if (!u8a(bytes))
     throw new Error("Uint8Array expected");
@@ -313,14 +317,44 @@ function bytesToHex(bytes) {
   }
   return hex;
 }
-function utf8ToBytes(str) {
-  if (typeof str !== "string")
-    throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
-  return new Uint8Array(new TextEncoder().encode(str));
+var te = typeof TextEncoder != "undefined" && /* @__PURE__ */ new TextEncoder();
+var slc = (v, s, e) => {
+  if (s == null || s < 0)
+    s = 0;
+  if (e == null || e > v.length)
+    e = v.length;
+  return new Uint8Array(v.subarray(s, e));
+};
+function strToU8(str) {
+  if (te)
+    return te.encode(str);
+  const l = str.length;
+  let ar = new Uint8Array(str.length + (str.length >> 1));
+  let ai = 0;
+  const w = (v) => {
+    ar[ai++] = v;
+  };
+  for (let i = 0; i < l; ++i) {
+    if (ai + 5 > ar.length) {
+      const n = new Uint8Array(ai + 8 + (l - i << 1));
+      n.set(ar);
+      ar = n;
+    }
+    let c = str.charCodeAt(i);
+    if (c < 128)
+      w(c);
+    else if (c < 2048)
+      w(192 | c >> 6), w(128 | c & 63);
+    else if (c > 55295 && c < 57344)
+      c = 65536 + (c & 1023 << 10) | str.charCodeAt(++i) & 1023, w(240 | c >> 18), w(128 | c >> 12 & 63), w(128 | c >> 6 & 63), w(128 | c & 63);
+    else
+      w(224 | c >> 12), w(128 | c >> 6 & 63), w(128 | c & 63);
+  }
+  return slc(ar, 0, ai);
 }
 function toBytes(data) {
   if (typeof data === "string")
-    data = utf8ToBytes(data);
+    data = strToU8(data);
   if (!u8a(data))
     throw new Error(`expected Uint8Array, got ${typeof data}`);
   return data;
@@ -636,7 +670,7 @@ function compressPublicKeyHex(s) {
   return prefix + xHex;
 }
 function utf8ToHex(input) {
-  const bytes = utils2.utf8ToBytes(input);
+  const bytes = strToU8(input);
   return utils2.bytesToHex(bytes);
 }
 function leftPad(input, num) {
@@ -703,13 +737,56 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
 }
 
 // src/sm2/index.ts
-var utils4 = __toESM(require("@noble/curves/abstract/utils"));
+var utils5 = __toESM(require("@noble/curves/abstract/utils"));
 
-// src/sm2/kx.ts
+// src/sm2/kdf.ts
 var utils3 = __toESM(require("@noble/curves/abstract/utils"));
-var wPow2 = utils3.hexToNumber("80000000000000000000000000000000");
-var wPow2Sub1 = utils3.hexToNumber("7fffffffffffffffffffffffffffffff");
-function hkdf(z, keylen) {
+
+// src/sm3/index.ts
+function utf8ToArray(str) {
+  const arr = [];
+  for (let i = 0, len = str.length; i < len; i++) {
+    const point = str.codePointAt(i);
+    if (point <= 127) {
+      arr.push(point);
+    } else if (point <= 2047) {
+      arr.push(192 | point >>> 6);
+      arr.push(128 | point & 63);
+    } else if (point <= 55295 || point >= 57344 && point <= 65535) {
+      arr.push(224 | point >>> 12);
+      arr.push(128 | point >>> 6 & 63);
+      arr.push(128 | point & 63);
+    } else if (point >= 65536 && point <= 1114111) {
+      i++;
+      arr.push(240 | point >>> 18 & 28);
+      arr.push(128 | point >>> 12 & 63);
+      arr.push(128 | point >>> 6 & 63);
+      arr.push(128 | point & 63);
+    } else {
+      arr.push(point);
+      throw new Error("input is not supported");
+    }
+  }
+  return new Uint8Array(arr);
+}
+function sm32(input, options) {
+  input = typeof input === "string" ? utf8ToArray(input) : input;
+  if (options) {
+    const mode = options.mode || "hmac";
+    if (mode !== "hmac")
+      throw new Error("invalid mode");
+    let key = options.key;
+    if (!key)
+      throw new Error("invalid key");
+    key = typeof key === "string" ? hexToArray(key) : key;
+    return bytesToHex(hmac(sm3, key, input));
+  }
+  return bytesToHex(sm3(input));
+}
+
+// src/sm2/kdf.ts
+function kdf(z, keylen) {
+  z = typeof z === "string" ? utf8ToArray(z) : z;
   let msg = new Uint8Array(keylen);
   let ct = 1;
   let offset = 0;
@@ -732,6 +809,11 @@ function hkdf(z, keylen) {
   }
   return msg;
 }
+
+// src/sm2/kx.ts
+var utils4 = __toESM(require("@noble/curves/abstract/utils"));
+var wPow2 = utils4.hexToNumber("80000000000000000000000000000000");
+var wPow2Sub1 = utils4.hexToNumber("7fffffffffffffffffffffffffffffff");
 function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
   const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
   const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
@@ -741,35 +823,41 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
   if (isRecipient) {
     [ZA, ZB] = [ZB, ZA];
   }
-  const rA = utils3.hexToNumber(ephemeralKeypairA.privateKey);
-  const dA = utils3.hexToNumber(keypairA.privateKey);
+  const rA = utils4.hexToNumber(ephemeralKeypairA.privateKey);
+  const dA = utils4.hexToNumber(keypairA.privateKey);
   const x1 = RA.x;
   const x1_ = wPow2 + (x1 & wPow2Sub1);
   const tA = field.add(dA, field.mulN(x1_, rA));
   const x2 = RB.x;
   const x2_ = field.add(wPow2, x2 & wPow2Sub1);
   const U = RB.multiply(x2_).add(PB).multiply(tA);
-  const xU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.x), 64));
-  const yU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.y), 64));
-  const KA = hkdf(utils3.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
+  const xU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.x), 64));
+  const yU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.y), 64));
+  const KA = kdf(utils4.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
   return KA;
 }
 
 // src/sm2/index.ts
+function xorCipherStream(x2, y2, msg) {
+  const stream = kdf(utils5.concatBytes(x2, y2), msg.length);
+  for (let i = 0, len = msg.length; i < len; i++) {
+    msg[i] ^= stream[i] & 255;
+  }
+}
 var C1C2C3 = 0;
 var EmptyArray = new Uint8Array();
 function doEncrypt(msg, publicKey, cipherMode = 1, options) {
   const msgArr = typeof msg === "string" ? hexToArray(utf8ToHex(msg)) : Uint8Array.from(msg);
   const publicKeyPoint = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
   const keypair = generateKeyPairHex();
-  const k = utils4.hexToNumber(keypair.privateKey);
+  const k = utils5.hexToNumber(keypair.privateKey);
   let c1 = keypair.publicKey;
   if (c1.length > 128)
     c1 = c1.substring(c1.length - 128);
   const p = publicKeyPoint.multiply(k);
-  const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
-  const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
-  const c3 = bytesToHex(sm3(utils4.concatBytes(x2, msgArr, y2)));
+  const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
+  const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
+  const c3 = bytesToHex(sm3(utils5.concatBytes(x2, msgArr, y2)));
   xorCipherStream(x2, y2, msgArr);
   const c2 = bytesToHex(msgArr);
   if (options?.asn1) {
@@ -779,30 +867,9 @@ function doEncrypt(msg, publicKey, cipherMode = 1, options) {
   }
   return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
 }
-function xorCipherStream(x2, y2, msg) {
-  let ct = 1;
-  let offset = 0;
-  let t = EmptyArray;
-  const ctShift = new Uint8Array(4);
-  const nextT = () => {
-    ctShift[0] = ct >> 24 & 255;
-    ctShift[1] = ct >> 16 & 255;
-    ctShift[2] = ct >> 8 & 255;
-    ctShift[3] = ct & 255;
-    t = sm3(utils4.concatBytes(x2, y2, ctShift));
-    ct++;
-    offset = 0;
-  };
-  nextT();
-  for (let i = 0, len = msg.length; i < len; i++) {
-    if (offset === t.length)
-      nextT();
-    msg[i] ^= t[offset++] & 255;
-  }
-}
 function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
   const { output = "string", asn1 = false } = options || {};
-  const privateKeyInteger = utils4.hexToNumber(privateKey);
+  const privateKeyInteger = utils5.hexToNumber(privateKey);
   let c1;
   let c2;
   let c3;
@@ -825,10 +892,10 @@ function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
   }
   const msg = hexToArray(c2);
   const p = c1.multiply(privateKeyInteger);
-  const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
-  const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
+  const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
+  const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
   xorCipherStream(x2, y2, msg);
-  const checkC3 = arrayToHex(Array.from(sm3(utils4.concatBytes(x2, msg, y2))));
+  const checkC3 = arrayToHex(Array.from(sm3(utils5.concatBytes(x2, msg, y2))));
   if (checkC3 === c3.toLowerCase()) {
     return output === "array" ? msg : arrayToUtf8(msg);
   } else {
@@ -848,8 +915,8 @@ function doSignature(msg, privateKey, options = {}) {
     publicKey = publicKey || getPublicKeyFromPrivateKey(privateKey);
     hashHex = getHash(hashHex, publicKey, userId);
   }
-  const dA = utils4.hexToNumber(privateKey);
-  const e = utils4.hexToNumber(hashHex);
+  const dA = utils5.hexToNumber(privateKey);
+  const e = utils5.hexToNumber(hashHex);
   let k = null;
   let r = null;
   let s = null;
@@ -868,7 +935,7 @@ function doSignature(msg, privateKey, options = {}) {
   } while (s === ZERO);
   if (der)
     return encodeDer(r, s);
-  return leftPad(utils4.numberToHexUnpadded(r), 64) + leftPad(utils4.numberToHexUnpadded(s), 64);
+  return leftPad(utils5.numberToHexUnpadded(r), 64) + leftPad(utils5.numberToHexUnpadded(s), 64);
 }
 function doVerifySignature(msg, signHex, publicKey, options = {}) {
   let hashHex;
@@ -890,11 +957,11 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
     r = decodeDerObj.r;
     s = decodeDerObj.s;
   } else {
-    r = utils4.hexToNumber(signHex.substring(0, 64));
-    s = utils4.hexToNumber(signHex.substring(64));
+    r = utils5.hexToNumber(signHex.substring(0, 64));
+    s = utils5.hexToNumber(signHex.substring(64));
   }
   const PA = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
-  const e = utils4.hexToNumber(hashHex);
+  const e = utils5.hexToNumber(hashHex);
   const t = field.add(r, s);
   if (t === ZERO)
     return false;
@@ -904,10 +971,10 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
 }
 function getZ(publicKey, userId = "1234567812345678") {
   userId = utf8ToHex(userId);
-  const a = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
-  const b = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
-  const gx = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
-  const gy = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
+  const a = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
+  const b = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
+  const gx = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
+  const gy = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
   let px;
   let py;
   if (publicKey.length === 128) {
@@ -915,17 +982,17 @@ function getZ(publicKey, userId = "1234567812345678") {
     py = publicKey.substring(64, 128);
   } else {
     const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
-    px = leftPad(utils4.numberToHexUnpadded(point.x), 64);
-    py = leftPad(utils4.numberToHexUnpadded(point.y), 64);
+    px = leftPad(utils5.numberToHexUnpadded(point.x), 64);
+    py = leftPad(utils5.numberToHexUnpadded(point.y), 64);
   }
   const data = hexToArray(userId + a + b + gx + gy + px + py);
   const entl = userId.length * 4;
-  const z = sm3(utils4.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
+  const z = sm3(utils5.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
   return z;
 }
 function getHash(hashHex, publicKey, userId = "1234567812345678") {
   const z = getZ(publicKey, userId);
-  return bytesToHex(sm3(utils4.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
+  return bytesToHex(sm3(utils5.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
 }
 function precomputePublicKey(publicKey, windowSize) {
   const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
@@ -933,13 +1000,13 @@ function precomputePublicKey(publicKey, windowSize) {
 }
 function getPublicKeyFromPrivateKey(privateKey) {
   const pubKey = sm2Curve.getPublicKey(privateKey, false);
-  const pubPad = leftPad(utils4.bytesToHex(pubKey), 64);
+  const pubPad = leftPad(utils5.bytesToHex(pubKey), 64);
   return pubPad;
 }
 function getPoint() {
   const keypair = generateKeyPairHex();
   const PA = sm2Curve.ProjectivePoint.fromHex(keypair.publicKey);
-  const k = utils4.hexToNumber(keypair.privateKey);
+  const k = utils5.hexToNumber(keypair.privateKey);
   return {
     ...keypair,
     k,
@@ -947,48 +1014,6 @@ function getPoint() {
   };
 }
 
-// src/sm3/index.ts
-function utf8ToArray(str) {
-  const arr = [];
-  for (let i = 0, len = str.length; i < len; i++) {
-    const point = str.codePointAt(i);
-    if (point <= 127) {
-      arr.push(point);
-    } else if (point <= 2047) {
-      arr.push(192 | point >>> 6);
-      arr.push(128 | point & 63);
-    } else if (point <= 55295 || point >= 57344 && point <= 65535) {
-      arr.push(224 | point >>> 12);
-      arr.push(128 | point >>> 6 & 63);
-      arr.push(128 | point & 63);
-    } else if (point >= 65536 && point <= 1114111) {
-      i++;
-      arr.push(240 | point >>> 18 & 28);
-      arr.push(128 | point >>> 12 & 63);
-      arr.push(128 | point >>> 6 & 63);
-      arr.push(128 | point & 63);
-    } else {
-      arr.push(point);
-      throw new Error("input is not supported");
-    }
-  }
-  return new Uint8Array(arr);
-}
-function sm32(input, options) {
-  input = typeof input === "string" ? utf8ToArray(input) : input;
-  if (options) {
-    const mode = options.mode || "hmac";
-    if (mode !== "hmac")
-      throw new Error("invalid mode");
-    let key = options.key;
-    if (!key)
-      throw new Error("invalid key");
-    key = typeof key === "string" ? hexToArray(key) : key;
-    return bytesToHex(hmac(sm3, key, input));
-  }
-  return bytesToHex(sm3(input));
-}
-
 // src/sm4/index.ts
 var sm4_exports = {};
 __export(sm4_exports, {
@@ -997,7 +1022,7 @@ __export(sm4_exports, {
   sm4: () => sm4
 });
 var import_polyval = require("@noble/ciphers/_polyval");
-var import_utils11 = require("@noble/ciphers/utils");
+var import_utils12 = require("@noble/ciphers/utils");
 var DECRYPT = 0;
 var ROUND = 32;
 var BLOCK = 16;
@@ -1409,8 +1434,8 @@ function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
       const g = import_polyval.ghash.create(h2);
       g.update(ivArray);
       const lenIv = new Uint8Array(16);
-      const view = (0, import_utils11.createView)(lenIv);
-      (0, import_utils11.setBigUint64)(view, 8, BigInt(ivArray.length * 8), false);
+      const view = (0, import_utils12.createView)(lenIv);
+      (0, import_utils12.setBigUint64)(view, 8, BigInt(ivArray.length * 8), false);
       g.update(lenIv);
       j02 = g.digest();
     }
@@ -1429,9 +1454,9 @@ function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
     }
     g.update(data);
     const lenBlock = new Uint8Array(16);
-    const view = (0, import_utils11.createView)(lenBlock);
-    (0, import_utils11.setBigUint64)(view, 0, BigInt(aadLength * 8), false);
-    (0, import_utils11.setBigUint64)(view, 8, BigInt(dataLength * 8), false);
+    const view = (0, import_utils12.createView)(lenBlock);
+    (0, import_utils12.setBigUint64)(view, 0, BigInt(aadLength * 8), false);
+    (0, import_utils12.setBigUint64)(view, 8, BigInt(dataLength * 8), false);
     g.update(lenBlock);
     return g.digest();
   }
@@ -1617,6 +1642,7 @@ function decrypt(inArray, key, options = {}) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  kdf,
   sm2,
   sm3,
   sm4

package/dist/index.mjs

@@ -271,7 +271,10 @@ var createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLengt
 var isLE = new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68;
 if (!isLE)
   throw new Error("Non little-endian hardware is not supported");
-var hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, "0"));
+var hexes = Array.from(
+  { length: 256 },
+  (v, i) => i.toString(16).padStart(2, "0")
+);
 function bytesToHex(bytes) {
   if (!u8a(bytes))
     throw new Error("Uint8Array expected");
@@ -281,14 +284,44 @@ function bytesToHex(bytes) {
   }
   return hex;
 }
-function utf8ToBytes(str) {
-  if (typeof str !== "string")
-    throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
-  return new Uint8Array(new TextEncoder().encode(str));
+var te = typeof TextEncoder != "undefined" && /* @__PURE__ */ new TextEncoder();
+var slc = (v, s, e) => {
+  if (s == null || s < 0)
+    s = 0;
+  if (e == null || e > v.length)
+    e = v.length;
+  return new Uint8Array(v.subarray(s, e));
+};
+function strToU8(str) {
+  if (te)
+    return te.encode(str);
+  const l = str.length;
+  let ar = new Uint8Array(str.length + (str.length >> 1));
+  let ai = 0;
+  const w = (v) => {
+    ar[ai++] = v;
+  };
+  for (let i = 0; i < l; ++i) {
+    if (ai + 5 > ar.length) {
+      const n = new Uint8Array(ai + 8 + (l - i << 1));
+      n.set(ar);
+      ar = n;
+    }
+    let c = str.charCodeAt(i);
+    if (c < 128)
+      w(c);
+    else if (c < 2048)
+      w(192 | c >> 6), w(128 | c & 63);
+    else if (c > 55295 && c < 57344)
+      c = 65536 + (c & 1023 << 10) | str.charCodeAt(++i) & 1023, w(240 | c >> 18), w(128 | c >> 12 & 63), w(128 | c >> 6 & 63), w(128 | c & 63);
+    else
+      w(224 | c >> 12), w(128 | c >> 6 & 63), w(128 | c & 63);
+  }
+  return slc(ar, 0, ai);
 }
 function toBytes(data) {
   if (typeof data === "string")
-    data = utf8ToBytes(data);
+    data = strToU8(data);
   if (!u8a(data))
     throw new Error(`expected Uint8Array, got ${typeof data}`);
   return data;
@@ -604,7 +637,7 @@ function compressPublicKeyHex(s) {
   return prefix + xHex;
 }
 function utf8ToHex(input) {
-  const bytes = utils2.utf8ToBytes(input);
+  const bytes = strToU8(input);
   return utils2.bytesToHex(bytes);
 }
 function leftPad(input, num) {
@@ -671,13 +704,56 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
 }
 
 // src/sm2/index.ts
-import * as utils4 from "@noble/curves/abstract/utils";
+import * as utils5 from "@noble/curves/abstract/utils";
 
-// src/sm2/kx.ts
+// src/sm2/kdf.ts
 import * as utils3 from "@noble/curves/abstract/utils";
-var wPow2 = utils3.hexToNumber("80000000000000000000000000000000");
-var wPow2Sub1 = utils3.hexToNumber("7fffffffffffffffffffffffffffffff");
-function hkdf(z, keylen) {
+
+// src/sm3/index.ts
+function utf8ToArray(str) {
+  const arr = [];
+  for (let i = 0, len = str.length; i < len; i++) {
+    const point = str.codePointAt(i);
+    if (point <= 127) {
+      arr.push(point);
+    } else if (point <= 2047) {
+      arr.push(192 | point >>> 6);
+      arr.push(128 | point & 63);
+    } else if (point <= 55295 || point >= 57344 && point <= 65535) {
+      arr.push(224 | point >>> 12);
+      arr.push(128 | point >>> 6 & 63);
+      arr.push(128 | point & 63);
+    } else if (point >= 65536 && point <= 1114111) {
+      i++;
+      arr.push(240 | point >>> 18 & 28);
+      arr.push(128 | point >>> 12 & 63);
+      arr.push(128 | point >>> 6 & 63);
+      arr.push(128 | point & 63);
+    } else {
+      arr.push(point);
+      throw new Error("input is not supported");
+    }
+  }
+  return new Uint8Array(arr);
+}
+function sm32(input, options) {
+  input = typeof input === "string" ? utf8ToArray(input) : input;
+  if (options) {
+    const mode = options.mode || "hmac";
+    if (mode !== "hmac")
+      throw new Error("invalid mode");
+    let key = options.key;
+    if (!key)
+      throw new Error("invalid key");
+    key = typeof key === "string" ? hexToArray(key) : key;
+    return bytesToHex(hmac(sm3, key, input));
+  }
+  return bytesToHex(sm3(input));
+}
+
+// src/sm2/kdf.ts
+function kdf(z, keylen) {
+  z = typeof z === "string" ? utf8ToArray(z) : z;
   let msg = new Uint8Array(keylen);
   let ct = 1;
   let offset = 0;
@@ -700,6 +776,11 @@ function hkdf(z, keylen) {
   }
   return msg;
 }
+
+// src/sm2/kx.ts
+import * as utils4 from "@noble/curves/abstract/utils";
+var wPow2 = utils4.hexToNumber("80000000000000000000000000000000");
+var wPow2Sub1 = utils4.hexToNumber("7fffffffffffffffffffffffffffffff");
 function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
   const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
   const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
@@ -709,35 +790,41 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
   if (isRecipient) {
     [ZA, ZB] = [ZB, ZA];
   }
-  const rA = utils3.hexToNumber(ephemeralKeypairA.privateKey);
-  const dA = utils3.hexToNumber(keypairA.privateKey);
+  const rA = utils4.hexToNumber(ephemeralKeypairA.privateKey);
+  const dA = utils4.hexToNumber(keypairA.privateKey);
   const x1 = RA.x;
   const x1_ = wPow2 + (x1 & wPow2Sub1);
   const tA = field.add(dA, field.mulN(x1_, rA));
   const x2 = RB.x;
   const x2_ = field.add(wPow2, x2 & wPow2Sub1);
   const U = RB.multiply(x2_).add(PB).multiply(tA);
-  const xU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.x), 64));
-  const yU = hexToArray(leftPad(utils3.numberToHexUnpadded(U.y), 64));
-  const KA = hkdf(utils3.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
+  const xU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.x), 64));
+  const yU = hexToArray(leftPad(utils4.numberToHexUnpadded(U.y), 64));
+  const KA = kdf(utils4.concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
   return KA;
 }
 
 // src/sm2/index.ts
+function xorCipherStream(x2, y2, msg) {
+  const stream = kdf(utils5.concatBytes(x2, y2), msg.length);
+  for (let i = 0, len = msg.length; i < len; i++) {
+    msg[i] ^= stream[i] & 255;
+  }
+}
 var C1C2C3 = 0;
 var EmptyArray = new Uint8Array();
 function doEncrypt(msg, publicKey, cipherMode = 1, options) {
   const msgArr = typeof msg === "string" ? hexToArray(utf8ToHex(msg)) : Uint8Array.from(msg);
   const publicKeyPoint = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
   const keypair = generateKeyPairHex();
-  const k = utils4.hexToNumber(keypair.privateKey);
+  const k = utils5.hexToNumber(keypair.privateKey);
   let c1 = keypair.publicKey;
   if (c1.length > 128)
     c1 = c1.substring(c1.length - 128);
   const p = publicKeyPoint.multiply(k);
-  const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
-  const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
-  const c3 = bytesToHex(sm3(utils4.concatBytes(x2, msgArr, y2)));
+  const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
+  const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
+  const c3 = bytesToHex(sm3(utils5.concatBytes(x2, msgArr, y2)));
   xorCipherStream(x2, y2, msgArr);
   const c2 = bytesToHex(msgArr);
   if (options?.asn1) {
@@ -747,30 +834,9 @@ function doEncrypt(msg, publicKey, cipherMode = 1, options) {
   }
   return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
 }
-function xorCipherStream(x2, y2, msg) {
-  let ct = 1;
-  let offset = 0;
-  let t = EmptyArray;
-  const ctShift = new Uint8Array(4);
-  const nextT = () => {
-    ctShift[0] = ct >> 24 & 255;
-    ctShift[1] = ct >> 16 & 255;
-    ctShift[2] = ct >> 8 & 255;
-    ctShift[3] = ct & 255;
-    t = sm3(utils4.concatBytes(x2, y2, ctShift));
-    ct++;
-    offset = 0;
-  };
-  nextT();
-  for (let i = 0, len = msg.length; i < len; i++) {
-    if (offset === t.length)
-      nextT();
-    msg[i] ^= t[offset++] & 255;
-  }
-}
 function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
   const { output = "string", asn1 = false } = options || {};
-  const privateKeyInteger = utils4.hexToNumber(privateKey);
+  const privateKeyInteger = utils5.hexToNumber(privateKey);
   let c1;
   let c2;
   let c3;
@@ -793,10 +859,10 @@ function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
   }
   const msg = hexToArray(c2);
   const p = c1.multiply(privateKeyInteger);
-  const x2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.x), 64));
-  const y2 = hexToArray(leftPad(utils4.numberToHexUnpadded(p.y), 64));
+  const x2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.x), 64));
+  const y2 = hexToArray(leftPad(utils5.numberToHexUnpadded(p.y), 64));
   xorCipherStream(x2, y2, msg);
-  const checkC3 = arrayToHex(Array.from(sm3(utils4.concatBytes(x2, msg, y2))));
+  const checkC3 = arrayToHex(Array.from(sm3(utils5.concatBytes(x2, msg, y2))));
   if (checkC3 === c3.toLowerCase()) {
     return output === "array" ? msg : arrayToUtf8(msg);
   } else {
@@ -816,8 +882,8 @@ function doSignature(msg, privateKey, options = {}) {
     publicKey = publicKey || getPublicKeyFromPrivateKey(privateKey);
     hashHex = getHash(hashHex, publicKey, userId);
   }
-  const dA = utils4.hexToNumber(privateKey);
-  const e = utils4.hexToNumber(hashHex);
+  const dA = utils5.hexToNumber(privateKey);
+  const e = utils5.hexToNumber(hashHex);
   let k = null;
   let r = null;
   let s = null;
@@ -836,7 +902,7 @@ function doSignature(msg, privateKey, options = {}) {
   } while (s === ZERO);
   if (der)
     return encodeDer(r, s);
-  return leftPad(utils4.numberToHexUnpadded(r), 64) + leftPad(utils4.numberToHexUnpadded(s), 64);
+  return leftPad(utils5.numberToHexUnpadded(r), 64) + leftPad(utils5.numberToHexUnpadded(s), 64);
 }
 function doVerifySignature(msg, signHex, publicKey, options = {}) {
   let hashHex;
@@ -858,11 +924,11 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
     r = decodeDerObj.r;
     s = decodeDerObj.s;
   } else {
-    r = utils4.hexToNumber(signHex.substring(0, 64));
-    s = utils4.hexToNumber(signHex.substring(64));
+    r = utils5.hexToNumber(signHex.substring(0, 64));
+    s = utils5.hexToNumber(signHex.substring(64));
   }
   const PA = typeof publicKey === "string" ? sm2Curve.ProjectivePoint.fromHex(publicKey) : publicKey;
-  const e = utils4.hexToNumber(hashHex);
+  const e = utils5.hexToNumber(hashHex);
   const t = field.add(r, s);
   if (t === ZERO)
     return false;
@@ -872,10 +938,10 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
 }
 function getZ(publicKey, userId = "1234567812345678") {
   userId = utf8ToHex(userId);
-  const a = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
-  const b = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
-  const gx = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
-  const gy = leftPad(utils4.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
+  const a = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
+  const b = leftPad(utils5.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
+  const gx = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.x), 64);
+  const gy = leftPad(utils5.numberToHexUnpadded(sm2Curve.ProjectivePoint.BASE.y), 64);
   let px;
   let py;
   if (publicKey.length === 128) {
@@ -883,17 +949,17 @@ function getZ(publicKey, userId = "1234567812345678") {
     py = publicKey.substring(64, 128);
   } else {
     const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
-    px = leftPad(utils4.numberToHexUnpadded(point.x), 64);
-    py = leftPad(utils4.numberToHexUnpadded(point.y), 64);
+    px = leftPad(utils5.numberToHexUnpadded(point.x), 64);
+    py = leftPad(utils5.numberToHexUnpadded(point.y), 64);
   }
   const data = hexToArray(userId + a + b + gx + gy + px + py);
   const entl = userId.length * 4;
-  const z = sm3(utils4.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
+  const z = sm3(utils5.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
   return z;
 }
 function getHash(hashHex, publicKey, userId = "1234567812345678") {
   const z = getZ(publicKey, userId);
-  return bytesToHex(sm3(utils4.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
+  return bytesToHex(sm3(utils5.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
 }
 function precomputePublicKey(publicKey, windowSize) {
   const point = sm2Curve.ProjectivePoint.fromHex(publicKey);
@@ -901,13 +967,13 @@ function precomputePublicKey(publicKey, windowSize) {
 }
 function getPublicKeyFromPrivateKey(privateKey) {
   const pubKey = sm2Curve.getPublicKey(privateKey, false);
-  const pubPad = leftPad(utils4.bytesToHex(pubKey), 64);
+  const pubPad = leftPad(utils5.bytesToHex(pubKey), 64);
   return pubPad;
 }
 function getPoint() {
   const keypair = generateKeyPairHex();
   const PA = sm2Curve.ProjectivePoint.fromHex(keypair.publicKey);
-  const k = utils4.hexToNumber(keypair.privateKey);
+  const k = utils5.hexToNumber(keypair.privateKey);
   return {
     ...keypair,
     k,
@@ -915,48 +981,6 @@ function getPoint() {
   };
 }
 
-// src/sm3/index.ts
-function utf8ToArray(str) {
-  const arr = [];
-  for (let i = 0, len = str.length; i < len; i++) {
-    const point = str.codePointAt(i);
-    if (point <= 127) {
-      arr.push(point);
-    } else if (point <= 2047) {
-      arr.push(192 | point >>> 6);
-      arr.push(128 | point & 63);
-    } else if (point <= 55295 || point >= 57344 && point <= 65535) {
-      arr.push(224 | point >>> 12);
-      arr.push(128 | point >>> 6 & 63);
-      arr.push(128 | point & 63);
-    } else if (point >= 65536 && point <= 1114111) {
-      i++;
-      arr.push(240 | point >>> 18 & 28);
-      arr.push(128 | point >>> 12 & 63);
-      arr.push(128 | point >>> 6 & 63);
-      arr.push(128 | point & 63);
-    } else {
-      arr.push(point);
-      throw new Error("input is not supported");
-    }
-  }
-  return new Uint8Array(arr);
-}
-function sm32(input, options) {
-  input = typeof input === "string" ? utf8ToArray(input) : input;
-  if (options) {
-    const mode = options.mode || "hmac";
-    if (mode !== "hmac")
-      throw new Error("invalid mode");
-    let key = options.key;
-    if (!key)
-      throw new Error("invalid key");
-    key = typeof key === "string" ? hexToArray(key) : key;
-    return bytesToHex(hmac(sm3, key, input));
-  }
-  return bytesToHex(sm3(input));
-}
-
 // src/sm4/index.ts
 var sm4_exports = {};
 __export(sm4_exports, {
@@ -1584,6 +1608,7 @@ function decrypt(inArray, key, options = {}) {
   return sm4(inArray, key, 0, options);
 }
 export {
+  kdf,
   sm2_exports as sm2,
   sm32 as sm3,
   sm4_exports as sm4

package/miniprogram_dist/index.d.ts

@@ -31,7 +31,7 @@ declare function arrayToUtf8(arr: Uint8Array): string;
 /**
  * 转成字节数组
  */
-declare function hexToArray(hexStr: string): Uint8Array;
+declare function hexToArray(hexStr: string): Uint8Array<ArrayBuffer>;
 /**
  * 验证公钥是否为椭圆曲线上的点
  */
@@ -43,9 +43,9 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
 
 declare function initRNGPool(): Promise<void>;
 
-declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array<ArrayBuffer>;
 
-declare const EmptyArray: Uint8Array;
+declare const EmptyArray: Uint8Array<ArrayBuffer>;
 /**
  * 加密
  */
@@ -85,7 +85,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
     hash?: boolean;
     userId?: string;
 }): boolean;
-declare function getZ(publicKey: string, userId?: string): Uint8Array;
+declare function getZ(publicKey: string, userId?: string): Uint8Array<ArrayBufferLike>;
 /**
  * sm3杂凑算法
  */
@@ -139,6 +139,14 @@ declare namespace index$1 {
   export { index$1_EmptyArray as EmptyArray, type index$1_KeyPair as KeyPair, type index$1_SignaturePoint as SignaturePoint, index$1_arrayToHex as arrayToHex, index$1_arrayToUtf8 as arrayToUtf8, index$1_calculateSharedKey as calculateSharedKey, index$1_comparePublicKeyHex as comparePublicKeyHex, index$1_compressPublicKeyHex as compressPublicKeyHex, index$1_doDecrypt as doDecrypt, index$1_doEncrypt as doEncrypt, index$1_doSignature as doSignature, index$1_doVerifySignature as doVerifySignature, index$1_generateKeyPairHex as generateKeyPairHex, index$1_getHash as getHash, index$1_getPoint as getPoint, index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey, index$1_getZ as getZ, index$1_hexToArray as hexToArray, index$1_initRNGPool as initRNGPool, index$1_leftPad as leftPad, index$1_precomputePublicKey as precomputePublicKey, index$1_utf8ToHex as utf8ToHex, index$1_verifyPublicKey as verifyPublicKey };
 }
 
+/**
+ * SM3 Key derivation function used in SM2 encryption and key exchange, specified in GM/T 0003-2012
+ * @param z Input data (string or Uint8Array)
+ * @param keylen Desired key length in bytes
+ * @returns Derived key as Uint8Array
+ */
+declare function kdf(z: string | Uint8Array, keylen: number): Uint8Array<ArrayBuffer>;
+
 declare function sm3(input: string | Uint8Array, options?: {
     key: Uint8Array | string;
     mode?: 'hmac' | 'mac';
@@ -153,9 +161,9 @@ interface SM4Options {
     outputTag?: boolean;
     tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array<ArrayBufferLike> | {
     output: Uint8Array;
-    tag?: Uint8Array | undefined;
+    tag?: Uint8Array;
 } | {
     output: string;
     tag: string | undefined;
@@ -194,4 +202,4 @@ declare namespace index {
   export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
-export { index$1 as sm2, sm3, index as sm4 };
+export { kdf, index$1 as sm2, sm3, index as sm4 };

package/miniprogram_dist/index.js

@@ -444,6 +444,9 @@ var __publicField = function(obj, key, value) {
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+    kdf: function() {
+        return kdf;
+    },
     sm2: function() {
         return sm2_exports;
     },
@@ -2496,12 +2499,36 @@ function bytesToHex2(bytes) {
     }
     return hex;
 }
-function utf8ToBytes2(str) {
-    if (typeof str !== "string") throw new Error("utf8ToBytes expected string, got ".concat(typeof str === "undefined" ? "undefined" : _type_of(str)));
-    return new Uint8Array(new TextEncoder().encode(str));
+var te = typeof TextEncoder != "undefined" && /* @__PURE__ */ new TextEncoder();
+var slc = function(v, s, e) {
+    if (s == null || s < 0) s = 0;
+    if (e == null || e > v.length) e = v.length;
+    return new Uint8Array(v.subarray(s, e));
+};
+function strToU8(str) {
+    if (te) return te.encode(str);
+    var l = str.length;
+    var ar = new Uint8Array(str.length + (str.length >> 1));
+    var ai = 0;
+    var w = function(v) {
+        ar[ai++] = v;
+    };
+    for(var i = 0; i < l; ++i){
+        if (ai + 5 > ar.length) {
+            var n = new Uint8Array(ai + 8 + (l - i << 1));
+            n.set(ar);
+            ar = n;
+        }
+        var c = str.charCodeAt(i);
+        if (c < 128) w(c);
+        else if (c < 2048) w(192 | c >> 6), w(128 | c & 63);
+        else if (c > 55295 && c < 57344) c = 65536 + (c & 1023 << 10) | str.charCodeAt(++i) & 1023, w(240 | c >> 18), w(128 | c >> 12 & 63), w(128 | c >> 6 & 63), w(128 | c & 63);
+        else w(224 | c >> 12), w(128 | c >> 6 & 63), w(128 | c & 63);
+    }
+    return slc(ar, 0, ai);
 }
 function toBytes(data) {
-    if (typeof data === "string") data = utf8ToBytes2(data);
+    if (typeof data === "string") data = strToU8(data);
     if (!u8a2(data)) throw new Error("expected Uint8Array, got ".concat(typeof data === "undefined" ? "undefined" : _type_of(data)));
     return data;
 }
@@ -2915,7 +2942,7 @@ function compressPublicKeyHex(s) {
     return prefix + xHex;
 }
 function utf8ToHex(input) {
-    var bytes = utf8ToBytes(input);
+    var bytes = strToU8(input);
     return bytesToHex(bytes);
 }
 function leftPad(input, num) {
@@ -2976,10 +3003,48 @@ function comparePublicKeyHex(publicKey1, publicKey2) {
     if (!point2) return false;
     return point1.equals(point2);
 }
-// src/sm2/kx.ts
-var wPow2 = hexToNumber("80000000000000000000000000000000");
-var wPow2Sub1 = hexToNumber("7fffffffffffffffffffffffffffffff");
-function hkdf(z, keylen) {
+// src/sm3/index.ts
+function utf8ToArray(str) {
+    var arr = [];
+    for(var i = 0, len = str.length; i < len; i++){
+        var point = str.codePointAt(i);
+        if (point <= 127) {
+            arr.push(point);
+        } else if (point <= 2047) {
+            arr.push(192 | point >>> 6);
+            arr.push(128 | point & 63);
+        } else if (point <= 55295 || point >= 57344 && point <= 65535) {
+            arr.push(224 | point >>> 12);
+            arr.push(128 | point >>> 6 & 63);
+            arr.push(128 | point & 63);
+        } else if (point >= 65536 && point <= 1114111) {
+            i++;
+            arr.push(240 | point >>> 18 & 28);
+            arr.push(128 | point >>> 12 & 63);
+            arr.push(128 | point >>> 6 & 63);
+            arr.push(128 | point & 63);
+        } else {
+            arr.push(point);
+            throw new Error("input is not supported");
+        }
+    }
+    return new Uint8Array(arr);
+}
+function sm32(input, options) {
+    input = typeof input === "string" ? utf8ToArray(input) : input;
+    if (options) {
+        var mode = options.mode || "hmac";
+        if (mode !== "hmac") throw new Error("invalid mode");
+        var key = options.key;
+        if (!key) throw new Error("invalid key");
+        key = typeof key === "string" ? hexToArray(key) : key;
+        return bytesToHex2(hmac(sm3, key, input));
+    }
+    return bytesToHex2(sm3(input));
+}
+// src/sm2/kdf.ts
+function kdf(z, keylen) {
+    z = typeof z === "string" ? utf8ToArray(z) : z;
     var msg = new Uint8Array(keylen);
     var ct = 1;
     var offset = 0;
@@ -3001,6 +3066,9 @@ function hkdf(z, keylen) {
     }
     return msg;
 }
+// src/sm2/kx.ts
+var wPow2 = hexToNumber("80000000000000000000000000000000");
+var wPow2Sub1 = hexToNumber("7fffffffffffffffffffffffffffffff");
 function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength) {
     var isRecipient = arguments.length > 5 && arguments[5] !== void 0 ? arguments[5] : false, idA = arguments.length > 6 && arguments[6] !== void 0 ? arguments[6] : "1234567812345678", idB = arguments.length > 7 && arguments[7] !== void 0 ? arguments[7] : "1234567812345678";
     var RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
@@ -3025,10 +3093,16 @@ function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPu
     var U = RB.multiply(x2_).add(PB).multiply(tA);
     var xU = hexToArray(leftPad(numberToHexUnpadded(U.x), 64));
     var yU = hexToArray(leftPad(numberToHexUnpadded(U.y), 64));
-    var KA = hkdf(concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
+    var KA = kdf(concatBytes(xU, yU, ZA, ZB), sharedKeyLength);
     return KA;
 }
 // src/sm2/index.ts
+function xorCipherStream(x2, y2, msg) {
+    var stream = kdf(concatBytes(x2, y2), msg.length);
+    for(var i = 0, len = msg.length; i < len; i++){
+        msg[i] ^= stream[i] & 255;
+    }
+}
 var C1C2C3 = 0;
 var EmptyArray = new Uint8Array();
 function doEncrypt(msg, publicKey) {
@@ -3052,26 +3126,6 @@ function doEncrypt(msg, publicKey) {
     }
     return cipherMode === C1C2C3 ? c1 + c2 + c3 : c1 + c3 + c2;
 }
-function xorCipherStream(x2, y2, msg) {
-    var ct = 1;
-    var offset = 0;
-    var t = EmptyArray;
-    var ctShift = new Uint8Array(4);
-    var nextT = function() {
-        ctShift[0] = ct >> 24 & 255;
-        ctShift[1] = ct >> 16 & 255;
-        ctShift[2] = ct >> 8 & 255;
-        ctShift[3] = ct & 255;
-        t = sm3(concatBytes(x2, y2, ctShift));
-        ct++;
-        offset = 0;
-    };
-    nextT();
-    for(var i = 0, len = msg.length; i < len; i++){
-        if (offset === t.length) nextT();
-        msg[i] ^= t[offset++] & 255;
-    }
-}
 function doDecrypt(encryptData, privateKey) {
     var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1, options = arguments.length > 3 ? arguments[3] : void 0;
     var _ref = options || {}, _ref_output = _ref.output, output = _ref_output === void 0 ? "string" : _ref_output, _ref_asn1 = _ref.asn1, asn1 = _ref_asn1 === void 0 ? false : _ref_asn1;
@@ -3220,45 +3274,6 @@ function getPoint() {
         x1: PA.x
     });
 }
-// src/sm3/index.ts
-function utf8ToArray(str) {
-    var arr = [];
-    for(var i = 0, len = str.length; i < len; i++){
-        var point = str.codePointAt(i);
-        if (point <= 127) {
-            arr.push(point);
-        } else if (point <= 2047) {
-            arr.push(192 | point >>> 6);
-            arr.push(128 | point & 63);
-        } else if (point <= 55295 || point >= 57344 && point <= 65535) {
-            arr.push(224 | point >>> 12);
-            arr.push(128 | point >>> 6 & 63);
-            arr.push(128 | point & 63);
-        } else if (point >= 65536 && point <= 1114111) {
-            i++;
-            arr.push(240 | point >>> 18 & 28);
-            arr.push(128 | point >>> 12 & 63);
-            arr.push(128 | point >>> 6 & 63);
-            arr.push(128 | point & 63);
-        } else {
-            arr.push(point);
-            throw new Error("input is not supported");
-        }
-    }
-    return new Uint8Array(arr);
-}
-function sm32(input, options) {
-    input = typeof input === "string" ? utf8ToArray(input) : input;
-    if (options) {
-        var mode = options.mode || "hmac";
-        if (mode !== "hmac") throw new Error("invalid mode");
-        var key = options.key;
-        if (!key) throw new Error("invalid key");
-        key = typeof key === "string" ? hexToArray(key) : key;
-        return bytesToHex2(hmac(sm3, key, input));
-    }
-    return bytesToHex2(sm3(input));
-}
 // src/sm4/index.ts
 var sm4_exports = {};
 __export(sm4_exports, {
@@ -3306,12 +3321,12 @@ var isLE2 = new Uint8Array(new Uint32Array([
     287454020
 ]).buffer)[0] === 68;
 if (!isLE2) throw new Error("Non little-endian hardware is not supported");
-function utf8ToBytes3(str) {
+function utf8ToBytes2(str) {
     if (typeof str !== "string") throw new Error("string expected");
     return new Uint8Array(new TextEncoder().encode(str));
 }
 function toBytes2(data) {
-    if (typeof data === "string") data = utf8ToBytes3(data);
+    if (typeof data === "string") data = utf8ToBytes2(data);
     else if (isBytes(data)) data = copyBytes(data);
     else throw new Error("Uint8Array expected, got " + (typeof data === "undefined" ? "undefined" : _type_of(data)));
     return data;
@@ -4227,6 +4242,7 @@ function decrypt(inArray, key) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+    kdf: kdf,
     sm2: sm2,
     sm3: sm3,
     sm4: sm4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sm-crypto-v2",
-  "version": "1.10.1",
+  "version": "1.12.0",
   "description": "sm-crypto-v2",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -58,7 +58,7 @@
     "prettier": "^2.6.2",
     "standard-version": "^9.5.0",
     "tsup": "^8.0.1",
-    "typescript": "^4.7.2",
+    "typescript": "^5.8.3",
     "vite": "^4.3.9",
     "vitest": "^0.31.0"
   }