sm-crypto-v2 1.4.0 → 1.5.1

package/CHANGELOG.md

@@ -2,6 +2,22 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.5.1](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.5.0...v1.5.1) (2023-06-28)
+
+
+### Bug Fixes
+
+* **sm2/kx:** align key exchange with standard ([b4fae83](https://github.com/Cubelrti/sm-crypto-v2/commit/b4fae831ae587821a9c1fe72617420134ae7f326))
+
+## [1.5.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.4.0...v1.5.0) (2023-06-11)
+
+
+### Features
+
+* add benchmark ([81736dd](https://github.com/Cubelrti/sm-crypto-v2/commit/81736dd3acc05131a81fcbee61ffc247c4e2f21c))
+* add benchmark result ([a8a45b2](https://github.com/Cubelrti/sm-crypto-v2/commit/a8a45b2ce234ebcd8ebc4c245325a0866f3399e5))
+* **sm3:** optimize sm3 ([096bd95](https://github.com/Cubelrti/sm-crypto-v2/commit/096bd9568b451ac52a9a01bc1bdd711cfeb595c6))
+
 ## [1.4.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.3.0...v1.4.0) (2023-06-09)
 
 

package/README.md

@@ -4,7 +4,9 @@
 [![status](https://img.shields.io/github/actions/workflow/status/cubelrti/sm-crypto-v2/test.yml?branch=master)](https://github.com/cubelrti/sm-crypto-v2/actions)
 [![cov](https://cubelrti.github.io/sm-crypto-v2/badges/coverage.svg)](https://github.com/cubelrti/sm-crypto-v2/actions)
 
-国密算法 sm2、sm3 和 sm4 的 TypeScript 实现。参数支持 TypedArray，导出 esm/cjs。
+国密算法 sm2、sm3 和 sm4 的 JavaScript 实现。
+
+参数支持 TypedArray，导出 esm/cjs。
 
 ## 特性
 
@@ -12,8 +14,10 @@
 - 📘 使用 TypeScript 实现，提供全面的类型支持
 - 🔄 移除原有 `jsbn` 依赖，改用原生 BigInt
 - ✔️ 通过全部历史单元测试，包括 SM2、SM3 和 SM4
-- 🎲 自动选择最优的安全随机数实现，避免使用 `Math.random` 和 `Date.now` 进行模拟
+- 🎲 自动选择最优的安全随机数实现，避免使用 `Math.random()` 和 `Date.now()` 进行模拟
 - 📚 同时导出 ES Module 和 CommonJS 两种格式，可按需使用
+- 🔑 提供 SM2 密钥交换 API
+- 🎒 未压缩大小 34kb，压缩后 17kb
 
 ## 安装
 
@@ -163,7 +167,7 @@ let decryptData = sm4.decrypt(encryptData, key, {padding: 'none', output: 'array
 let decryptData = sm4.decrypt(encryptData, key, {mode: 'cbc', iv: 'fedcba98765432100123456789abcdef'}) // 解密，cbc 模式
 ```
 
-### 密钥交换(实验性)
+### 密钥交换
 
 ```js
 import { sm2 } from 'sm-crypto-v2'
@@ -173,10 +177,17 @@ const keyPairB = sm2.generateKeyPairHex() // B 的秘钥对
 const ephemeralKeypairA = sm2.generateKeyPairHex() // A 的临时秘钥对
 const ephemeralKeypairB = sm2.generateKeyPairHex() // B 的临时秘钥对
 
-// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，AB 的身份ID，长度
-const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, undefined, undefined, 233)
-// A 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，AB 的身份ID，长度
-const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, undefined, undefined, 233)
+// 无身份的密钥交换
+// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，长度，是否为接收方（默认为 false）
+const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 233)
+// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，长度，是否为接收方（默认为 false）
+const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 233, true)
+
+// 带身份的密钥交换
+// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，长度，是否为接收方（默认为 false），A 的身份，B 的身份
+const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 233, false, 'alice@yahoo.com', 'bob@yahoo.com')
+// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，长度，是否为接收方（默认为 false），B 的身份，A 的身份
+const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 233, true, 'bob@yahoo.com', 'alice@yahoo.com')
 
 // expect(sharedKeyFromA).toEqual(sharedKeyFromB) => true
 ```
@@ -190,27 +201,27 @@ const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPa
 
 ## 性能
 
-CPU: Apple M1 Pro
-
-```
-❯ npm run bench
-
-> benchmark@0.1.0 bench
-> node index.js
-
-Benchmarking
-
-=== sm-crypto ===
-sm2 generateKeyPair x 134 ops/sec @ 7ms/op ± 4.12% (min: 6ms, max: 21ms)
-sm2 encrypt x 71 ops/sec @ 14ms/op
-sm2 sign x 139 ops/sec @ 7ms/op
-sm2 verify x 70 ops/sec @ 14ms/op
-=== sm-crypto-v2 ===
-sm2 generateKeyPair x 2,835 ops/sec @ 352μs/op ± 6.34% (min: 286μs, max: 1ms)
-sm2 encrypt x 253 ops/sec @ 3ms/op ± 2.11% (min: 3ms, max: 24ms)
-sm2 sign x 3,186 ops/sec @ 313μs/op ± 1.26% (min: 277μs, max: 854μs)
-sm2 verify x 258 ops/sec @ 3ms/op
-```
+CPU: Apple M2
+
+| Operation          | sm-crypto    | sm-crypto-v2 | Difference (in times) |
+|--------------------|--------------|--------------|-----------------------|
+| sm2 generateKeyPair| 148 ops/sec  | 3,452 ops/sec| 23.3x                 |
+| sm2 encrypt        | 76 ops/sec   | 304 ops/sec  | 4x                    |
+| sm2 sign           | 150 ops/sec  | 3,829 ops/sec| 25.5x                 |
+| sm2 verify         | 76 ops/sec   | 306 ops/sec  | 4x                    |
+| sm3 hash           | 322 ops/sec  | 519 ops/sec  | 1.6x                  |
+| sm3 hmac           | 244 ops/sec  | 518 ops/sec  | 2.1x                  |
+| sm4 encrypt        | 102,009 ops/sec | 102,124 ops/sec | 1x               |
+| sm4 decrypt        | 143,430 ops/sec | 237,247 ops/sec | 1.7x             |
+
+内存：
+
+| Metric             | sm-crypto    | sm-crypto-v2 | Difference            |
+|--------------------|--------------|--------------|-----------------------|
+| RAM (rss)          | 57.9mb       | 57.7mb       | -0.2mb                |
+| RAM (heap)         | 16.6mb       | 16.6mb       | 0mb                   |
+| RAM (used)         | 10.4mb       | 10.5mb       | +0.1mb                |
+| RAM (end - start)  | 83.1mb       | 71.8mb       | -11.3mb               |
 
 ## 协议
 

package/dist/index.d.ts

@@ -38,12 +38,12 @@ declare function verifyPublicKey(publicKey: string): boolean;
  * 验证公钥是否等价，等价返回true
  */
 declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): boolean;
-declare function concatArray(...arrays: Uint8Array[]): Uint8Array;
 
 declare function initRNGPool(): Promise<void>;
 
-declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, idA: string | undefined, idB: string | undefined, sharedKeyLength: number): Uint8Array;
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
 
+declare const EmptyArray: Uint8Array;
 /**
  * 加密
  */
@@ -79,6 +79,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
     hash?: boolean;
     userId?: string;
 }): boolean;
+declare function getZ(publicKey: string, userId?: string): Uint8Array;
 /**
  * sm3杂凑算法
  */
@@ -97,74 +98,60 @@ declare function getPoint(): {
     publicKey: string;
 };
 
-declare const index$2_doEncrypt: typeof doEncrypt;
-declare const index$2_doDecrypt: typeof doDecrypt;
-type index$2_SignaturePoint = SignaturePoint;
-declare const index$2_doSignature: typeof doSignature;
-declare const index$2_doVerifySignature: typeof doVerifySignature;
-declare const index$2_getHash: typeof getHash;
-declare const index$2_getPublicKeyFromPrivateKey: typeof getPublicKeyFromPrivateKey;
-declare const index$2_getPoint: typeof getPoint;
-declare const index$2_initRNGPool: typeof initRNGPool;
-declare const index$2_calculateSharedKey: typeof calculateSharedKey;
-type index$2_KeyPair = KeyPair;
-declare const index$2_generateKeyPairHex: typeof generateKeyPairHex;
-declare const index$2_compressPublicKeyHex: typeof compressPublicKeyHex;
-declare const index$2_utf8ToHex: typeof utf8ToHex;
-declare const index$2_leftPad: typeof leftPad;
-declare const index$2_arrayToHex: typeof arrayToHex;
-declare const index$2_arrayToUtf8: typeof arrayToUtf8;
-declare const index$2_hexToArray: typeof hexToArray;
-declare const index$2_verifyPublicKey: typeof verifyPublicKey;
-declare const index$2_comparePublicKeyHex: typeof comparePublicKeyHex;
-declare const index$2_concatArray: typeof concatArray;
-declare namespace index$2 {
+declare const index$1_EmptyArray: typeof EmptyArray;
+declare const index$1_doEncrypt: typeof doEncrypt;
+declare const index$1_doDecrypt: typeof doDecrypt;
+type index$1_SignaturePoint = SignaturePoint;
+declare const index$1_doSignature: typeof doSignature;
+declare const index$1_doVerifySignature: typeof doVerifySignature;
+declare const index$1_getZ: typeof getZ;
+declare const index$1_getHash: typeof getHash;
+declare const index$1_getPublicKeyFromPrivateKey: typeof getPublicKeyFromPrivateKey;
+declare const index$1_getPoint: typeof getPoint;
+declare const index$1_initRNGPool: typeof initRNGPool;
+declare const index$1_calculateSharedKey: typeof calculateSharedKey;
+type index$1_KeyPair = KeyPair;
+declare const index$1_generateKeyPairHex: typeof generateKeyPairHex;
+declare const index$1_compressPublicKeyHex: typeof compressPublicKeyHex;
+declare const index$1_utf8ToHex: typeof utf8ToHex;
+declare const index$1_leftPad: typeof leftPad;
+declare const index$1_arrayToHex: typeof arrayToHex;
+declare const index$1_arrayToUtf8: typeof arrayToUtf8;
+declare const index$1_hexToArray: typeof hexToArray;
+declare const index$1_verifyPublicKey: typeof verifyPublicKey;
+declare const index$1_comparePublicKeyHex: typeof comparePublicKeyHex;
+declare namespace index$1 {
   export {
-    index$2_doEncrypt as doEncrypt,
-    index$2_doDecrypt as doDecrypt,
-    index$2_SignaturePoint as SignaturePoint,
-    index$2_doSignature as doSignature,
-    index$2_doVerifySignature as doVerifySignature,
-    index$2_getHash as getHash,
-    index$2_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey,
-    index$2_getPoint as getPoint,
-    index$2_initRNGPool as initRNGPool,
-    index$2_calculateSharedKey as calculateSharedKey,
-    index$2_KeyPair as KeyPair,
-    index$2_generateKeyPairHex as generateKeyPairHex,
-    index$2_compressPublicKeyHex as compressPublicKeyHex,
-    index$2_utf8ToHex as utf8ToHex,
-    index$2_leftPad as leftPad,
-    index$2_arrayToHex as arrayToHex,
-    index$2_arrayToUtf8 as arrayToUtf8,
-    index$2_hexToArray as hexToArray,
-    index$2_verifyPublicKey as verifyPublicKey,
-    index$2_comparePublicKeyHex as comparePublicKeyHex,
-    index$2_concatArray as concatArray,
+    index$1_EmptyArray as EmptyArray,
+    index$1_doEncrypt as doEncrypt,
+    index$1_doDecrypt as doDecrypt,
+    index$1_SignaturePoint as SignaturePoint,
+    index$1_doSignature as doSignature,
+    index$1_doVerifySignature as doVerifySignature,
+    index$1_getZ as getZ,
+    index$1_getHash as getHash,
+    index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey,
+    index$1_getPoint as getPoint,
+    index$1_initRNGPool as initRNGPool,
+    index$1_calculateSharedKey as calculateSharedKey,
+    index$1_KeyPair as KeyPair,
+    index$1_generateKeyPairHex as generateKeyPairHex,
+    index$1_compressPublicKeyHex as compressPublicKeyHex,
+    index$1_utf8ToHex as utf8ToHex,
+    index$1_leftPad as leftPad,
+    index$1_arrayToHex as arrayToHex,
+    index$1_arrayToUtf8 as arrayToUtf8,
+    index$1_hexToArray as hexToArray,
+    index$1_verifyPublicKey as verifyPublicKey,
+    index$1_comparePublicKeyHex as comparePublicKeyHex,
   };
 }
 
-/**
- * 补全16进制字符串
- */
-/**
- * utf8 串转字节数组
- */
-declare function utf8ToArray(str: string): Uint8Array;
 declare function sm3(input: string | Uint8Array, options?: {
     key: Uint8Array | string;
     mode?: 'hmac' | 'mac';
 }): string;
 
-declare const index$1_utf8ToArray: typeof utf8ToArray;
-declare const index$1_sm3: typeof sm3;
-declare namespace index$1 {
-  export {
-    index$1_utf8ToArray as utf8ToArray,
-    index$1_sm3 as sm3,
-  };
-}
-
 interface SM4Options {
     padding?: 'pkcs#7' | 'pkcs#5' | 'none' | null;
     mode?: 'cbc' | 'ecb';
@@ -198,4 +185,4 @@ declare namespace index {
   };
 }
 
-export { index$2 as sm2, index$1 as sm3, index as sm4 };
+export { index$1 as sm2, sm3, index as sm4 };