sm-crypto-v2 1.5.0 → 1.5.1

package/CHANGELOG.md

@@ -2,6 +2,13 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.5.1](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.5.0...v1.5.1) (2023-06-28)
+
+
+### Bug Fixes
+
+* **sm2/kx:** align key exchange with standard ([b4fae83](https://github.com/Cubelrti/sm-crypto-v2/commit/b4fae831ae587821a9c1fe72617420134ae7f326))
+
 ## [1.5.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.4.0...v1.5.0) (2023-06-11)
 
 

package/README.md

@@ -16,7 +16,7 @@
 - ✔️ 通过全部历史单元测试，包括 SM2、SM3 和 SM4
 - 🎲 自动选择最优的安全随机数实现，避免使用 `Math.random()` 和 `Date.now()` 进行模拟
 - 📚 同时导出 ES Module 和 CommonJS 两种格式，可按需使用
-- 🔑 新增密钥交换 API（实验性）
+- 🔑 提供 SM2 密钥交换 API
 - 🎒 未压缩大小 34kb，压缩后 17kb
 
 ## 安装
@@ -167,7 +167,7 @@ let decryptData = sm4.decrypt(encryptData, key, {padding: 'none', output: 'array
 let decryptData = sm4.decrypt(encryptData, key, {mode: 'cbc', iv: 'fedcba98765432100123456789abcdef'}) // 解密，cbc 模式
 ```
 
-### 密钥交换(实验性)
+### 密钥交换
 
 ```js
 import { sm2 } from 'sm-crypto-v2'
@@ -177,10 +177,17 @@ const keyPairB = sm2.generateKeyPairHex() // B 的秘钥对
 const ephemeralKeypairA = sm2.generateKeyPairHex() // A 的临时秘钥对
 const ephemeralKeypairB = sm2.generateKeyPairHex() // B 的临时秘钥对
 
-// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，AB 的身份ID，长度
-const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 'alice@yahoo.com', 'bob@yahoo.com', 233)
-// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，AB 的身份ID，长度
-const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 'alice@yahoo.com', 'bob@yahoo.com', 233)
+// 无身份的密钥交换
+// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，长度，是否为接收方（默认为 false）
+const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 233)
+// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，长度，是否为接收方（默认为 false）
+const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 233, true)
+
+// 带身份的密钥交换
+// A 所需参数：A 的秘钥对，A 的临时秘钥对，B 的公钥，B 的临时秘钥公钥，长度，是否为接收方（默认为 false），A 的身份，B 的身份
+const sharedKeyFromA = sm2.calculateSharedKey(keyPairA, ephemeralKeypairA, keyPairB.publicKey, ephemeralKeypairB.publicKey, 233, false, 'alice@yahoo.com', 'bob@yahoo.com')
+// B 所需参数：B 的秘钥对，B 的临时秘钥对，A 的公钥，A 的临时秘钥公钥，长度，是否为接收方（默认为 false），B 的身份，A 的身份
+const sharedKeyFromB = sm2.calculateSharedKey(keyPairB, ephemeralKeypairB, keyPairA.publicKey, ephemeralKeypairA.publicKey, 233, true, 'bob@yahoo.com', 'alice@yahoo.com')
 
 // expect(sharedKeyFromA).toEqual(sharedKeyFromB) => true
 ```

package/dist/index.d.ts

@@ -41,7 +41,7 @@ declare function comparePublicKeyHex(publicKey1: string, publicKey2: string): bo
 
 declare function initRNGPool(): Promise<void>;
 
-declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, idA: string | undefined, idB: string | undefined, sharedKeyLength: number): Uint8Array;
+declare function calculateSharedKey(keypairA: KeyPair, ephemeralKeypairA: KeyPair, publicKeyB: string, ephemeralPublicKeyB: string, sharedKeyLength: number, isRecipient?: boolean, idA?: string, idB?: string): Uint8Array;
 
 declare const EmptyArray: Uint8Array;
 /**
@@ -79,6 +79,7 @@ declare function doVerifySignature(msg: string | Uint8Array, signHex: string, pu
     hash?: boolean;
     userId?: string;
 }): boolean;
+declare function getZ(publicKey: string, userId?: string): Uint8Array;
 /**
  * sm3杂凑算法
  */
@@ -103,6 +104,7 @@ declare const index$1_doDecrypt: typeof doDecrypt;
 type index$1_SignaturePoint = SignaturePoint;
 declare const index$1_doSignature: typeof doSignature;
 declare const index$1_doVerifySignature: typeof doVerifySignature;
+declare const index$1_getZ: typeof getZ;
 declare const index$1_getHash: typeof getHash;
 declare const index$1_getPublicKeyFromPrivateKey: typeof getPublicKeyFromPrivateKey;
 declare const index$1_getPoint: typeof getPoint;
@@ -126,6 +128,7 @@ declare namespace index$1 {
     index$1_SignaturePoint as SignaturePoint,
     index$1_doSignature as doSignature,
     index$1_doVerifySignature as doVerifySignature,
+    index$1_getZ as getZ,
     index$1_getHash as getHash,
     index$1_getPublicKeyFromPrivateKey as getPublicKeyFromPrivateKey,
     index$1_getPoint as getPoint,

package/dist/index.js

@@ -49,6 +49,7 @@ __export(sm2_exports, {
   getHash: () => getHash,
   getPoint: () => getPoint,
   getPublicKeyFromPrivateKey: () => getPublicKeyFromPrivateKey,
+  getZ: () => getZ,
   hexToArray: () => hexToArray,
   initRNGPool: () => initRNGPool,
   leftPad: () => leftPad,
@@ -679,16 +680,19 @@ function hkdf(z, keylen) {
   }
   return msg;
 }
-function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, idA = "1234567812345678", idB = "1234567812345678", sharedKeyLength) {
+function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
   const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
   const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
   const PB = sm2Curve.ProjectivePoint.fromHex(publicKeyB);
-  const ZA = hexToArray(idA);
-  const ZB = hexToArray(idB);
+  let ZA = getZ(keypairA.publicKey, idA);
+  let ZB = getZ(publicKeyB, idB);
+  if (isRecipient) {
+    [ZA, ZB] = [ZB, ZA];
+  }
   const rA = utils3.hexToNumber(ephemeralKeypairA.privateKey);
   const dA = utils3.hexToNumber(keypairA.privateKey);
   const x1 = RA.x;
-  const x1_ = field.add(wPow2, x1 & wPow2Sub1);
+  const x1_ = wPow2 + (x1 & wPow2Sub1);
   const tA = field.add(dA, field.mulN(x1_, rA));
   const x2 = RB.x;
   const x2_ = field.add(wPow2, x2 & wPow2Sub1);
@@ -828,7 +832,7 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
   const R = field.add(e, x1y1.x);
   return r === R;
 }
-function getHash(hashHex, publicKey, userId = "1234567812345678") {
+function getZ(publicKey, userId = "1234567812345678") {
   userId = utf8ToHex(userId);
   const a = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
   const b = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
@@ -847,6 +851,10 @@ function getHash(hashHex, publicKey, userId = "1234567812345678") {
   const data = hexToArray(userId + a + b + gx + gy + px + py);
   const entl = userId.length * 4;
   const z = sm3(utils4.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
+  return z;
+}
+function getHash(hashHex, publicKey, userId = "1234567812345678") {
+  const z = getZ(publicKey, userId);
   return bytesToHex(sm3(utils4.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
 }
 function getPublicKeyFromPrivateKey(privateKey) {

package/dist/index.mjs

@@ -21,6 +21,7 @@ __export(sm2_exports, {
   getHash: () => getHash,
   getPoint: () => getPoint,
   getPublicKeyFromPrivateKey: () => getPublicKeyFromPrivateKey,
+  getZ: () => getZ,
   hexToArray: () => hexToArray,
   initRNGPool: () => initRNGPool,
   leftPad: () => leftPad,
@@ -651,16 +652,19 @@ function hkdf(z, keylen) {
   }
   return msg;
 }
-function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, idA = "1234567812345678", idB = "1234567812345678", sharedKeyLength) {
+function calculateSharedKey(keypairA, ephemeralKeypairA, publicKeyB, ephemeralPublicKeyB, sharedKeyLength, isRecipient = false, idA = "1234567812345678", idB = "1234567812345678") {
   const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey);
   const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB);
   const PB = sm2Curve.ProjectivePoint.fromHex(publicKeyB);
-  const ZA = hexToArray(idA);
-  const ZB = hexToArray(idB);
+  let ZA = getZ(keypairA.publicKey, idA);
+  let ZB = getZ(publicKeyB, idB);
+  if (isRecipient) {
+    [ZA, ZB] = [ZB, ZA];
+  }
   const rA = utils3.hexToNumber(ephemeralKeypairA.privateKey);
   const dA = utils3.hexToNumber(keypairA.privateKey);
   const x1 = RA.x;
-  const x1_ = field.add(wPow2, x1 & wPow2Sub1);
+  const x1_ = wPow2 + (x1 & wPow2Sub1);
   const tA = field.add(dA, field.mulN(x1_, rA));
   const x2 = RB.x;
   const x2_ = field.add(wPow2, x2 & wPow2Sub1);
@@ -800,7 +804,7 @@ function doVerifySignature(msg, signHex, publicKey, options = {}) {
   const R = field.add(e, x1y1.x);
   return r === R;
 }
-function getHash(hashHex, publicKey, userId = "1234567812345678") {
+function getZ(publicKey, userId = "1234567812345678") {
   userId = utf8ToHex(userId);
   const a = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.a), 64);
   const b = leftPad(utils4.numberToHexUnpadded(sm2Curve.CURVE.b), 64);
@@ -819,6 +823,10 @@ function getHash(hashHex, publicKey, userId = "1234567812345678") {
   const data = hexToArray(userId + a + b + gx + gy + px + py);
   const entl = userId.length * 4;
   const z = sm3(utils4.concatBytes(new Uint8Array([entl >> 8 & 255, entl & 255]), data));
+  return z;
+}
+function getHash(hashHex, publicKey, userId = "1234567812345678") {
+  const z = getZ(publicKey, userId);
   return bytesToHex(sm3(utils4.concatBytes(z, typeof hashHex === "string" ? hexToArray(hashHex) : hashHex)));
 }
 function getPublicKeyFromPrivateKey(privateKey) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sm-crypto-v2",
-  "version": "1.5.0",
+  "version": "1.5.1",
   "description": "sm-crypto-v2",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/sm2/index.ts

@@ -209,10 +209,7 @@ export function doVerifySignature(msg: string | Uint8Array, signHex: string, pub
   return r === R
 }
 
-/**
- * sm3杂凑算法
- */
-export function getHash(hashHex: string | Uint8Array, publicKey: string, userId = '1234567812345678') {
+export function getZ(publicKey: string, userId = '1234567812345678') {
   // z = hash(entl || userId || a || b || gx || gy || px || py)
   userId = utf8ToHex(userId)
   const a = leftPad(utils.numberToHexUnpadded(sm2Curve.CURVE.a), 64)
@@ -241,6 +238,14 @@ export function getHash(hashHex: string | Uint8Array, publicKey: string, userId
 
   const z = sm3(utils.concatBytes(new Uint8Array([entl >> 8 & 0x00ff, entl & 0x00ff]), data))
 
+  return z
+}
+
+/**
+ * sm3杂凑算法
+ */
+export function getHash(hashHex: string | Uint8Array, publicKey: string, userId = '1234567812345678') {
+  const z = getZ(publicKey, userId)
   // e = hash(z || msg)
   return bytesToHex(sm3(utils.concatBytes(z, typeof hashHex === 'string' ? hexToArray(hashHex) : hashHex)))
 }

package/src/sm2/kx.ts

@@ -2,7 +2,7 @@ import { field, sm2Curve } from './ec';
 import { KeyPair, hexToArray, leftPad } from './utils';
 import * as utils from '@noble/curves/abstract/utils';
 import { sm3 } from './sm3';
-import { EmptyArray } from '.';
+import { EmptyArray, getZ } from '.';
 
 
 // 用到的常数
@@ -39,28 +39,31 @@ function hkdf(z: Uint8Array, keylen: number) {
   return msg
 }
 
-
 export function calculateSharedKey(
   keypairA: KeyPair,
   ephemeralKeypairA: KeyPair,
   publicKeyB: string,
   ephemeralPublicKeyB: string,
+  sharedKeyLength: number,
+  isRecipient = false,
   idA: string = '1234567812345678',
   idB: string = '1234567812345678',
-  sharedKeyLength: number,
 ) {
   const RA = sm2Curve.ProjectivePoint.fromHex(ephemeralKeypairA.publicKey)
   const RB = sm2Curve.ProjectivePoint.fromHex(ephemeralPublicKeyB)
   // const PA = sm2Curve.ProjectivePoint.fromHex(keypairA.publicKey) // 用不到
   const PB = sm2Curve.ProjectivePoint.fromHex(publicKeyB)
-  const ZA = hexToArray(idA)
-  const ZB = hexToArray(idB)
+  let ZA = getZ(keypairA.publicKey, idA)
+  let ZB = getZ(publicKeyB, idB)
+  if (isRecipient) {
+    [ZA, ZB] = [ZB, ZA];
+  }
   const rA = utils.hexToNumber(ephemeralKeypairA.privateKey)
   const dA = utils.hexToNumber(keypairA.privateKey)
   // 1.先算 tA
   const x1 = RA.x
   // x1_ = 2^w + (x1 & (2^w - 1))
-  const x1_ = field.add(wPow2, (x1 & wPow2Sub1))
+  const x1_ = wPow2 + (x1 & wPow2Sub1)
   // tA = (dA + x1b * rA) mod n
   const tA = field.add(dA, field.mulN(x1_, rA))
 

package/.babelrc

@@ -1,3 +0,0 @@
-{
-    "presets": ["es2015"]
-}

package/.eslintrc.js

@@ -1,97 +0,0 @@
-module.exports = {
-  'extends': [
-    'airbnb-base',
-    'plugin:promise/recommended'
-  ],
-  'parserOptions': {
-    'ecmaVersion': 9,
-    'ecmaFeatures': {
-      'jsx': false
-    },
-    'sourceType': 'module'
-  },
-  'env': {
-    'es6': true,
-    'node': true,
-    'jest': true
-  },
-  'plugins': [
-    'import',
-    'node',
-    'promise'
-  ],
-  'rules': {
-    'arrow-parens': 'off',
-    'comma-dangle': [
-      'error',
-      'only-multiline'
-    ],
-    'complexity': ['error', 20],
-    'func-names': 'off',
-    'global-require': 'off',
-    'handle-callback-err': [
-      'error',
-      '^(err|error)$'
-    ],
-    'import/no-unresolved': [
-      'error',
-      {
-        'caseSensitive': true,
-        'commonjs': true,
-        'ignore': ['^[^.]']
-      }
-    ],
-    'import/prefer-default-export': 'off',
-    'linebreak-style': 'off',
-    'no-catch-shadow': 'error',
-    'no-continue': 'off',
-    'no-div-regex': 'warn',
-    'no-else-return': 'off',
-    'no-param-reassign': 'off',
-    'no-plusplus': 'off',
-    'no-shadow': 'off',
-    'no-multi-assign': 'off',
-    'no-underscore-dangle': 'off',
-    'node/no-deprecated-api': 'error',
-    'node/process-exit-as-throw': 'error',
-    'object-curly-spacing': [
-      'error',
-      'never'
-    ],
-    'operator-linebreak': [
-      'error',
-      'after',
-      {
-        'overrides': {
-          ':': 'before',
-          '?': 'before'
-        }
-      }
-    ],
-    'prefer-arrow-callback': 'off',
-    'prefer-destructuring': 'off',
-    'prefer-template': 'off',
-    'quote-props': [
-      1,
-      'as-needed',
-      {
-        'unnecessary': true
-      }
-    ],
-    'semi': [
-      'error',
-      'never'
-    ],
-    'max-len': 'off',
-    'no-bitwise': 'off',
-    'no-mixed-operators': 'off',
-  },
-  'globals': {
-    'window': true,
-    'document': true,
-    'App': true,
-    'Page': true,
-    'Component': true,
-    'Behavior': true
-  }
-}

package/.github/workflows/test.yml

@@ -1,17 +0,0 @@
-# .github/workflows/test.yml
-name: Test
-on: [push, pull_request, workflow_dispatch]
-jobs:
-  test:
-    runs-on: ubuntu-latest
-    steps:
-      # Your original steps
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
-      - name: Install
-        run: npm install
-      - name: Test and Coverage
-        run: npm run coverage  # or npm run coverage
-      # Add this
-      - name: Update Coverage Badge
-        uses: we-cli/coverage-badge-action@main

package/benchmark/index.js

@@ -1,29 +0,0 @@
-import { run, mark, utils } from 'micro-bmark';
-import * as sm from 'sm-crypto'
-import * as smV2 from 'sm-crypto-v2'
-
-const msg = 'Hello world~!'
-const longMsg = msg.repeat(10000)
-const keypair = smV2.sm2.generateKeyPairHex('12345678901234567890')
-
-run(async () => {
-  await smV2.sm2.initRNGPool()
-  const sig = smV2.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey})
-
-  const RAM = !!process.env.RAM
-
-  const backend = process.env.V2 ? smV2 : sm;
-  console.log();
-  if (RAM) utils.logMem();
-  console.log(`=== sm-crypto${process.env.V2 ? '-v2' : ''} ===`)
-  await mark('sm2 generateKeyPair', 100, () => backend.sm2.generateKeyPairHex())
-  await mark('sm2 encrypt', 500, () => backend.sm2.doEncrypt(msg, keypair.publicKey));
-  await mark('sm2 sign', 500, () => backend.sm2.doSignature(msg, keypair.privateKey, { publicKey: keypair.publicKey}));
-  await mark('sm2 verify', 500, () => backend.sm2.doVerifySignature(msg, sig, keypair.publicKey));
-  await mark('sm3 hash', 1000, () => backend.default.sm3(longMsg))
-  await mark('sm3 hmac', 1000, () => backend.default.sm3(longMsg, { key: 'asdfgh' }))
-  await mark('sm4 encrypt', 1000, () => backend.default.sm4.encrypt('hello world! 我是 juneandgreen.', '0123456789abcdeffedcba9876543210'))
-  await mark('sm4 decrypt', 1000, () => backend.default.sm4.encrypt('681edf34d206965e86b3e94f536e4246002a8a4efa863ccad024ac0300bb40d2', '0123456789abcdeffedcba9876543210'))
-
-  if (RAM) utils.logMem();
-});

package/benchmark/package.json

@@ -1,19 +0,0 @@
-{
-  "name": "benchmark",
-  "private": true,
-  "version": "0.1.0",
-  "description": "benchmarks",
-  "main": "index.js",
-  "type": "module",
-  "scripts": {
-    "bench": "node index.js"
-  },
-  "keywords": [],
-  "author": "",
-  "license": "MIT",
-  "dependencies": {
-    "micro-bmark": "^0.3.1",
-    "sm-crypto": "^0.3.12",
-    "sm-crypto-v2": "^1.2.2"
-  }
-}

package/benchmark/pnpm-lock.yaml

@@ -1,32 +0,0 @@
-lockfileVersion: '6.1'
-
-settings:
-  autoInstallPeers: true
-  excludeLinksFromLockfile: false
-
-dependencies:
-  micro-bmark:
-    specifier: ^0.3.1
-    version: 0.3.1
-  sm-crypto:
-    specifier: ^0.3.12
-    version: 0.3.12
-  sm-crypto-v2:
-    specifier: ^1.2.2
-    version: link:..
-
-packages:
-
-  /jsbn@1.1.0:
-    resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==}
-    dev: false
-
-  /micro-bmark@0.3.1:
-    resolution: {integrity: sha512-bNaKObD4yPAAPrpEqp5jO6LJ2sEFgLoFSmRjEY809mJ62+2AehI/K3+RlVpN3Oo92RHpgC2RQhj6b1Tb4dmo+w==}
-    dev: false
-
-  /sm-crypto@0.3.12:
-    resolution: {integrity: sha512-272PBzB4PYaBdeGa41TH9ZlMGLPVRmS36Gs4FjmHwXIdihQypAbhhFWZTaa/3de69q2KfMme1M5O2W5+spAdrg==}
-    dependencies:
-      jsbn: 1.1.0
-    dev: false