sm-crypto-v2 1.3.0 → 1.5.0

package/CHANGELOG.md

@@ -2,6 +2,22 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.5.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.4.0...v1.5.0) (2023-06-11)
+
+
+### Features
+
+* add benchmark ([81736dd](https://github.com/Cubelrti/sm-crypto-v2/commit/81736dd3acc05131a81fcbee61ffc247c4e2f21c))
+* add benchmark result ([a8a45b2](https://github.com/Cubelrti/sm-crypto-v2/commit/a8a45b2ce234ebcd8ebc4c245325a0866f3399e5))
+* **sm3:** optimize sm3 ([096bd95](https://github.com/Cubelrti/sm-crypto-v2/commit/096bd9568b451ac52a9a01bc1bdd711cfeb595c6))
+
+## [1.4.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.3.0...v1.4.0) (2023-06-09)
+
+
+### Features
+
+* **sm2:** add experimental key agreement ([cdd00b4](https://github.com/Cubelrti/sm-crypto-v2/commit/cdd00b4e42bb5072e1dcb6e0301b6a2f18f53614))
+
 ## [1.3.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.2.2...v1.3.0) (2023-06-07)
 
 

package/README.md

@@ -1,19 +1,23 @@
 # sm-crypto-v2
 
-[![npm version](https://badge.fury.io/js/sm-crypto-v2.svg)](https://badge.fury.io/js/sm-crypto-v2)
+[![npm version](https://badge.fury.io/js/sm-crypto-v2.svg)](https://www.npmjs.com/package/sm-crypto-v2)
 [![status](https://img.shields.io/github/actions/workflow/status/cubelrti/sm-crypto-v2/test.yml?branch=master)](https://github.com/cubelrti/sm-crypto-v2/actions)
 [![cov](https://cubelrti.github.io/sm-crypto-v2/badges/coverage.svg)](https://github.com/cubelrti/sm-crypto-v2/actions)
 
+国密算法 sm2、sm3 和 sm4 的 JavaScript 实现。
 
-国密算法 sm2、sm3 和 sm4 的 TypeScript 实现。参数支持 TypedArray，导出 esm/cjs。
+参数支持 TypedArray，导出 esm/cjs。
 
 ## 特性
 
-- SM2 底层改用 `noble-curves`，性能提升接近4倍，[noble-curves 文档](https://github.com/paulmillr/noble-curves)
-- 完整的类型支持
-- 移除原有 `jsbn` 依赖，改用原生 BigInt 支持
-- 通过所有之前的单元测试，包括 SM2、SM3 和 SM4
-- 自动使用最优的安全随机数实现，不使用 `random` 和 `Date.now` 模拟
+- ⚡ 基于 [`noble-curves` Abstract API](https://github.com/paulmillr/noble-curves#abstract-api) 重构 SM2，性能提升近4倍。详见 [noble-curves 文档](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/) 
+- 📘 使用 TypeScript 实现，提供全面的类型支持
+- 🔄 移除原有 `jsbn` 依赖，改用原生 BigInt
+- ✔️ 通过全部历史单元测试，包括 SM2、SM3 和 SM4
+- 🎲 自动选择最优的安全随机数实现，避免使用 `Math.random()` 和 `Date.now()` 进行模拟
+- 📚 同时导出 ES Module 和 CommonJS 两种格式，可按需使用
+- 🔑 新增密钥交换 API（实验性）
+- 🎒 未压缩大小 34kb，压缩后 17kb
 
 ## 安装
 
@@ -163,6 +167,24 @@ let decryptData = sm4.decrypt(encryptData, key, {padding: 'none', output: 'array
 let decryptData = sm4.decrypt(encryptData, key, {mode: 'cbc', iv: 'fedcba98765432100123456789abcdef'}) // 解密，cbc 模式
 ```
 
+### 密钥交换(实验性)
+
+```js
+import { sm2 } from 'sm-crypto-v2'
+
+const keyPairA = sm2.generateKeyPairHex() // A 的秘钥对
+const keyPairB = sm2.generateKeyPairHex() // B 的秘钥对
+const ephemeralKeypairA = sm2.generateKeyPairHex() // A 的临时秘钥对
+const ephemeralKeypairB = sm2.generateKeyPairHex() // B 的临时秘钥对
+
+// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，AB 的身份ID，长度
+const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 'alice@yahoo.com', 'bob@yahoo.com', 233)
+// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，AB 的身份ID，长度
+const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 'alice@yahoo.com', 'bob@yahoo.com', 233)
+
+// expect(sharedKeyFromA).toEqual(sharedKeyFromB) => true
+```
+
 ## 其他实现
 
 * 原 js 版本：[https://github.com/JuneAndGreen/sm-crypto](https://github.com/JuneAndGreen/sm-crypto)
@@ -172,27 +194,27 @@ let decryptData = sm4.decrypt(encryptData, key, {mode: 'cbc', iv: 'fedcba9876543
 
 ## 性能
 
-CPU: Apple M1 Pro
-
-```
-❯ npm run bench
-
-> benchmark@0.1.0 bench
-> node index.js
-
-Benchmarking
-
-=== sm-crypto ===
-sm2 generateKeyPair x 134 ops/sec @ 7ms/op ± 4.12% (min: 6ms, max: 21ms)
-sm2 encrypt x 71 ops/sec @ 14ms/op
-sm2 sign x 139 ops/sec @ 7ms/op
-sm2 verify x 70 ops/sec @ 14ms/op
-=== sm-crypto-v2 ===
-sm2 generateKeyPair x 2,835 ops/sec @ 352μs/op ± 6.34% (min: 286μs, max: 1ms)
-sm2 encrypt x 253 ops/sec @ 3ms/op ± 2.11% (min: 3ms, max: 24ms)
-sm2 sign x 3,186 ops/sec @ 313μs/op ± 1.26% (min: 277μs, max: 854μs)
-sm2 verify x 258 ops/sec @ 3ms/op
-```
+CPU: Apple M2
+
+| Operation          | sm-crypto    | sm-crypto-v2 | Difference (in times) |
+|--------------------|--------------|--------------|-----------------------|
+| sm2 generateKeyPair| 148 ops/sec  | 3,452 ops/sec| 23.3x                 |
+| sm2 encrypt        | 76 ops/sec   | 304 ops/sec  | 4x                    |
+| sm2 sign           | 150 ops/sec  | 3,829 ops/sec| 25.5x                 |
+| sm2 verify         | 76 ops/sec   | 306 ops/sec  | 4x                    |
+| sm3 hash           | 322 ops/sec  | 519 ops/sec  | 1.6x                  |
+| sm3 hmac           | 244 ops/sec  | 518 ops/sec  | 2.1x                  |
+| sm4 encrypt        | 102,009 ops/sec | 102,124 ops/sec | 1x               |
+| sm4 decrypt        | 143,430 ops/sec | 237,247 ops/sec | 1.7x             |
+
+内存：
+
+| Metric             | sm-crypto    | sm-crypto-v2 | Difference            |
+|--------------------|--------------|--------------|-----------------------|
+| RAM (rss)          | 57.9mb       | 57.7mb       | -0.2mb                |
+| RAM (heap)         | 16.6mb       | 16.6mb       | 0mb                   |
+| RAM (used)         | 10.4mb       | 10.5mb       | +0.1mb                |
+| RAM (end - start)  | 83.1mb       | 71.8mb       | -11.3mb               |
 
 ## 协议
 

package/benchmark/index.js

@@ -3,27 +3,27 @@ import * as sm from 'sm-crypto'
 import * as smV2 from 'sm-crypto-v2'
 
 const msg = 'Hello world~!'
-
+const longMsg = msg.repeat(10000)
 const keypair = smV2.sm2.generateKeyPairHex('12345678901234567890')
 
 run(async () => {
   await smV2.sm2.initRNGPool()
   const sig = smV2.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey})
 
-  const RAM = false
+  const RAM = !!process.env.RAM
+
+  const backend = process.env.V2 ? smV2 : sm;
   console.log();
   if (RAM) utils.logMem();
-  console.log('=== sm-crypto ===')
-  await mark('sm2 generateKeyPair', 100, () => sm.sm2.generateKeyPairHex())
-  await mark('sm2 encrypt', 500, () => sm.sm2.doEncrypt(msg, keypair.publicKey));
-  await mark('sm2 sign', 500, () => sm.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey}));
-  await mark('sm2 verify', 500, () => sm.sm2.doVerifySignature(msg, sig, keypair.publicKey));
-  if (RAM) utils.logMem();
-  if (RAM) utils.logMem();
-  console.log('=== sm-crypto-v2 ===')
-  await mark('sm2 generateKeyPair', 100, () => smV2.sm2.generateKeyPairHex())
-  await mark('sm2 encrypt', 500, () => smV2.sm2.doEncrypt(msg, keypair.publicKey));
-  await mark('sm2 sign', 500, () => smV2.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey}));
-  await mark('sm2 verify', 500, () => smV2.sm2.doVerifySignature(msg, sig, keypair.publicKey));
+  console.log(`=== sm-crypto${process.env.V2 ? '-v2' : ''} ===`)
+  await mark('sm2 generateKeyPair', 100, () => backend.sm2.generateKeyPairHex())
+  await mark('sm2 encrypt', 500, () => backend.sm2.doEncrypt(msg, keypair.publicKey));
+  await mark('sm2 sign', 500, () => backend.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey}));
+  await mark('sm2 verify', 500, () => backend.sm2.doVerifySignature(msg, sig, keypair.publicKey));
+  await mark('sm3 hash', 1000, () => backend.default.sm3(longMsg))
+  await mark('sm3 hmac', 1000, () => backend.default.sm3(longMsg, { key: 'asdfgh' }))
+  await mark('sm4 encrypt', 1000, () => backend.default.sm4.encrypt('hello world! 我是 juneandgreen.', '0123456789abcdeffedcba9876543210'))
+  await mark('sm4 decrypt', 1000, () => backend.default.sm4.encrypt('681edf34d206965e86b3e94f536e4246002a8a4efa863ccad024ac0300bb40d2', '0123456789abcdeffedcba9876543210'))
+
   if (RAM) utils.logMem();
 });

package/benchmark/pnpm-lock.yaml

@@ -1,4 +1,8 @@
-lockfileVersion: '6.0'
+lockfileVersion: '6.1'
+
+settings:
+  autoInstallPeers: true
+  excludeLinksFromLockfile: false
 
 dependencies:
   micro-bmark:

package/dist/index.d.ts

@@ -1,10 +1,11 @@
+interface KeyPair {
+    privateKey: string;
+    publicKey: string;
+}
 /**
  * 生成密钥对：publicKey = privateKey * G
  */
-declare function generateKeyPairHex(str?: string): {
-    privateKey: string;
-    publicKey: string;
-};
+declare function generateKeyPairHex(str?: string): KeyPair;
 /**
  * 生成压缩公钥
  */
@@ -37,10 +38,12 @@ declare function verifyPublicKey(publicKey: string): boolean;
  * 验证公钥是否等价，等价返回true
  */
 declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): boolean;
-declare function concatArray(...arrays: Uint8Array[]): Uint8Array;
 
 declare function initRNGPool(): Promise<void>;
 
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, idA: string | undefined, idB: string | undefined, sharedKeyLength: number): Uint8Array;
+
+declare const EmptyArray: Uint8Array;
 /**
  * 加密
  */
@@ -94,70 +97,58 @@ declare function getPoint(): {
     publicKey: string;
 };
 
-declare const index$2_doEncrypt: typeof doEncrypt;
-declare const index$2_doDecrypt: typeof doDecrypt;
-type index$2_SignaturePoint = SignaturePoint;
-declare const index$2_doSignature: typeof doSignature;
-declare const index$2_doVerifySignature: typeof doVerifySignature;
-declare const index$2_getHash: typeof getHash;
-declare const index$2_getPublicKeyFromPrivateKey: typeof getPublicKeyFromPrivateKey;
-declare const index$2_getPoint: typeof getPoint;
-declare const index$2_initRNGPool: typeof initRNGPool;
-declare const index$2_generateKeyPairHex: typeof generateKeyPairHex;
-declare const index$2_compressPublicKeyHex: typeof compressPublicKeyHex;
-declare const index$2_utf8ToHex: typeof utf8ToHex;
-declare const index$2_leftPad: typeof leftPad;
-declare const index$2_arrayToHex: typeof arrayToHex;
-declare const index$2_arrayToUtf8: typeof arrayToUtf8;
-declare const index$2_hexToArray: typeof hexToArray;
-declare const index$2_verifyPublicKey: typeof verifyPublicKey;
-declare const index$2_comparePublicKeyHex: typeof comparePublicKeyHex;
-declare const index$2_concatArray: typeof concatArray;
-declare namespace index$2 {
+declare const index$1_EmptyArray: typeof EmptyArray;
+declare const index$1_doEncrypt: typeof doEncrypt;
+declare const index$1_doDecrypt: typeof doDecrypt;
+type index$1_SignaturePoint = SignaturePoint;
+declare const index$1_doSignature: typeof doSignature;
+declare const index$1_doVerifySignature: typeof doVerifySignature;
+declare const index$1_getHash: typeof getHash;
+declare const index$1_getPublicKeyFromPrivateKey: typeof getPublicKeyFromPrivateKey;
+declare const index$1_getPoint: typeof getPoint;
+declare const index$1_initRNGPool: typeof initRNGPool;
+declare const index$1_calculateSharedKey: typeof calculateSharedKey;
+type index$1_KeyPair = KeyPair;
+declare const index$1_generateKeyPairHex: typeof generateKeyPairHex;
+declare const index$1_compressPublicKeyHex: typeof compressPublicKeyHex;
+declare const index$1_utf8ToHex: typeof utf8ToHex;
+declare const index$1_leftPad: typeof leftPad;
+declare const index$1_arrayToHex: typeof arrayToHex;
+declare const index$1_arrayToUtf8: typeof arrayToUtf8;
+declare const index$1_hexToArray: typeof hexToArray;
+declare const index$1_verifyPublicKey: typeof verifyPublicKey;
+declare const index$1_comparePublicKeyHex: typeof comparePublicKeyHex;
+declare namespace index$1 {
   export {
-    index$2_doEncrypt as doEncrypt,
-    index$2_doDecrypt as doDecrypt,
-    index$2_SignaturePoint as SignaturePoint,
-    index$2_doSignature as doSignature,
-    index$2_doVerifySignature as doVerifySignature,
-    index$2_getHash as getHash,
-    index$2_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey,
-    index$2_getPoint as getPoint,
-    index$2_initRNGPool as initRNGPool,
-    index$2_generateKeyPairHex as generateKeyPairHex,
-    index$2_compressPublicKeyHex as compressPublicKeyHex,
-    index$2_utf8ToHex as utf8ToHex,
-    index$2_leftPad as leftPad,
-    index$2_arrayToHex as arrayToHex,
-    index$2_arrayToUtf8 as arrayToUtf8,
-    index$2_hexToArray as hexToArray,
-    index$2_verifyPublicKey as verifyPublicKey,
-    index$2_comparePublicKeyHex as comparePublicKeyHex,
-    index$2_concatArray as concatArray,
+    index$1_EmptyArray as EmptyArray,
+    index$1_doEncrypt as doEncrypt,
+    index$1_doDecrypt as doDecrypt,
+    index$1_SignaturePoint as SignaturePoint,
+    index$1_doSignature as doSignature,
+    index$1_doVerifySignature as doVerifySignature,
+    index$1_getHash as getHash,
+    index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey,
+    index$1_getPoint as getPoint,
+    index$1_initRNGPool as initRNGPool,
+    index$1_calculateSharedKey as calculateSharedKey,
+    index$1_KeyPair as KeyPair,
+    index$1_generateKeyPairHex as generateKeyPairHex,
+    index$1_compressPublicKeyHex as compressPublicKeyHex,
+    index$1_utf8ToHex as utf8ToHex,
+    index$1_leftPad as leftPad,
+    index$1_arrayToHex as arrayToHex,
+    index$1_arrayToUtf8 as arrayToUtf8,
+    index$1_hexToArray as hexToArray,
+    index$1_verifyPublicKey as verifyPublicKey,
+    index$1_comparePublicKeyHex as comparePublicKeyHex,
   };
 }
 
-/**
- * 补全16进制字符串
- */
-/**
- * utf8 串转字节数组
- */
-declare function utf8ToArray(str: string): Uint8Array;
 declare function sm3(input: string | Uint8Array, options?: {
     key: Uint8Array | string;
     mode?: 'hmac' | 'mac';
 }): string;
 
-declare const index$1_utf8ToArray: typeof utf8ToArray;
-declare const index$1_sm3: typeof sm3;
-declare namespace index$1 {
-  export {
-    index$1_utf8ToArray as utf8ToArray,
-    index$1_sm3 as sm3,
-  };
-}
-
 interface SM4Options {
     padding?: 'pkcs#7' | 'pkcs#5' | 'none' | null;
     mode?: 'cbc' | 'ecb';
@@ -191,4 +182,4 @@ declare namespace index {
   };
 }
 
-export { index$2 as sm2, index$1 as sm3, index as sm4 };
+export { index$1 as sm2, sm3, index as sm4 };