sm-crypto-v2 1.9.3 → 1.10.1

package/CHANGELOG.md

@@ -2,6 +2,21 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.10.1](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.10.0...v1.10.1) (2025-04-27)
+
+
+### Bug Fixes
+
+* miniprogram build issue ([5e8ece4](https://github.com/Cubelrti/sm-crypto-v2/commit/5e8ece41dab69fc449675f9d46dfd25163538a78))
+* **sm2:** typing issue ([f368a72](https://github.com/Cubelrti/sm-crypto-v2/commit/f368a72cc354d0ec9601dda8cbd2590eb9e6c144))
+
+## [1.10.0](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.9.3...v1.10.0) (2025-04-14)
+
+
+### Features
+
+* **sm4:** support gcm mode for `sm4` ([2c6a0df](https://github.com/Cubelrti/sm-crypto-v2/commit/2c6a0df8d591d802fd4816c6b1824e20e0b23e31))
+
 ### [1.9.3](https://github.com/Cubelrti/sm-crypto-v2/compare/v1.9.2...v1.9.3) (2024-10-10)
 
 

package/README.md

@@ -19,6 +19,7 @@ For WebAssembly-supported platform, see [sm-crypto-wasm](https://github.com/Cube
 - 🎲 自动选择最优的安全随机数实现，避免使用 `Math.random()` 和 `Date.now()` 进行模拟
 - 📚 同时导出 ES Module 和 CommonJS 两种格式，可按需使用
 - 🔑 提供 SM2 密钥交换 API
+- 🔒 提供 SM4 GCM 模式加密解密能力
 - 🎒 未压缩大小 34kb，压缩后 17kb
 
 ## 安装
@@ -171,6 +172,14 @@ let encryptData = sm4.encrypt(msg, key) // 加密，默认输出 16 进制字符
 let encryptData = sm4.encrypt(msg, key, {padding: 'none'}) // 加密，不使用 padding
 let encryptData = sm4.encrypt(msg, key, {padding: 'none', output: 'array'}) // 加密，不使用 padding，输出为字节数组
 let encryptData = sm4.encrypt(msg, key, {mode: 'cbc', iv: 'fedcba98765432100123456789abcdef'}) // 加密，cbc 模式
+let encryptData = sm4.encrypt(msg, key, {
+    mode: 'gcm', // gcm 模式，必填 iv, 可选 aad
+    iv,
+    associatedData,
+    output: 'string',
+    outputTag: true, // 输出 aead tag，如果为 false 则不输出
+}) // 输出格式 { output: T; tag?: T; } T 为 string/Uint8Array
+
 ```
 
 ### 解密
@@ -184,6 +193,13 @@ let decryptData = sm4.decrypt(encryptData, key) // 解密，默认输出 utf8
 let decryptData = sm4.decrypt(encryptData, key, {padding: 'none'}) // 解密，不使用 padding
 let decryptData = sm4.decrypt(encryptData, key, {padding: 'none', output: 'array'}) // 解密，不使用 padding，输出为字节数组
 let decryptData = sm4.decrypt(encryptData, key, {mode: 'cbc', iv: 'fedcba98765432100123456789abcdef'}) // 解密，cbc 模式
+let decryptData = sm4.decrypt(encryptData, key, {
+    mode: 'gcm', // gcm 模式必填 iv tag, 可选 aad
+    iv,
+    associatedData,
+    tag: expectedAuthTag,
+    output: 'array'
+}) // 输出格式 string/Uint8Array
 ```
 
 ### 密钥交换

package/dist/index.d.mts

@@ -60,7 +60,7 @@ declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?:
     asn1?: boolean;
 }): Uint8Array;
 declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?: number, options?: {
-    output: 'string';
+    output?: 'string';
     asn1?: boolean;
 }): string;
 interface SignaturePoint {
@@ -146,30 +146,52 @@ declare function sm3(input: string | Uint8Array, options?: {
 
 interface SM4Options {
     padding?: 'pkcs#7' | 'pkcs#5' | 'none' | null;
-    mode?: 'cbc' | 'ecb';
+    mode?: 'cbc' | 'ecb' | 'gcm';
     iv?: Uint8Array | string;
     output?: 'string' | 'array';
+    associatedData?: Uint8Array | string;
+    outputTag?: boolean;
+    tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array;
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+    output: Uint8Array;
+    tag?: Uint8Array | undefined;
+} | {
+    output: string;
+    tag: string | undefined;
+};
+interface GCMResult<T = Uint8Array | string> {
+    output: T;
+    tag?: T;
+}
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output: 'array';
+} & SM4Options): GCMResult<Uint8Array>;
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output?: 'string';
+} & SM4Options): GCMResult<string>;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 
+type index_GCMResult<T = Uint8Array | string> = GCMResult<T>;
 type index_SM4Options = SM4Options;
 declare const index_decrypt: typeof decrypt;
 declare const index_encrypt: typeof encrypt;
 declare const index_sm4: typeof sm4;
 declare namespace index {
-  export { type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
+  export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
 export { index$1 as sm2, sm3, index as sm4 };

package/dist/index.d.ts

@@ -60,7 +60,7 @@ declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?:
     asn1?: boolean;
 }): Uint8Array;
 declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?: number, options?: {
-    output: 'string';
+    output?: 'string';
     asn1?: boolean;
 }): string;
 interface SignaturePoint {
@@ -146,30 +146,52 @@ declare function sm3(input: string | Uint8Array, options?: {
 
 interface SM4Options {
     padding?: 'pkcs#7' | 'pkcs#5' | 'none' | null;
-    mode?: 'cbc' | 'ecb';
+    mode?: 'cbc' | 'ecb' | 'gcm';
     iv?: Uint8Array | string;
     output?: 'string' | 'array';
+    associatedData?: Uint8Array | string;
+    outputTag?: boolean;
+    tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array;
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+    output: Uint8Array;
+    tag?: Uint8Array | undefined;
+} | {
+    output: string;
+    tag: string | undefined;
+};
+interface GCMResult<T = Uint8Array | string> {
+    output: T;
+    tag?: T;
+}
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output: 'array';
+} & SM4Options): GCMResult<Uint8Array>;
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output?: 'string';
+} & SM4Options): GCMResult<string>;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 
+type index_GCMResult<T = Uint8Array | string> = GCMResult<T>;
 type index_SM4Options = SM4Options;
 declare const index_decrypt: typeof decrypt;
 declare const index_encrypt: typeof encrypt;
 declare const index_sm4: typeof sm4;
 declare namespace index {
-  export { type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
+  export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
 export { index$1 as sm2, sm3, index as sm4 };

package/dist/index.js

@@ -800,10 +800,8 @@ function xorCipherStream(x2, y2, msg) {
     msg[i] ^= t[offset++] & 255;
   }
 }
-function doDecrypt(encryptData, privateKey, cipherMode = 1, {
-  output = "string",
-  asn1 = false
-} = {}) {
+function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
+  const { output = "string", asn1 = false } = options || {};
   const privateKeyInteger = utils4.hexToNumber(privateKey);
   let c1;
   let c2;
@@ -998,6 +996,8 @@ __export(sm4_exports, {
   encrypt: () => encrypt,
   sm4: () => sm4
 });
+var import_polyval = require("@noble/ciphers/_polyval");
+var import_utils11 = require("@noble/ciphers/utils");
 var DECRYPT = 0;
 var ROUND = 32;
 var BLOCK = 16;
@@ -1385,14 +1385,148 @@ function sms4KeyExt(key, roundKey, cryptFlag) {
     }
   }
 }
+function incrementCounter(counter) {
+  for (let i = counter.length - 1; i >= 0; i--) {
+    counter[i]++;
+    if (counter[i] !== 0)
+      break;
+  }
+}
+function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
+  const tagLength = 16;
+  function deriveKeys() {
+    const roundKey2 = new Uint32Array(ROUND);
+    sms4KeyExt(key, roundKey2, 1);
+    const authKey = new Uint8Array(16).fill(0);
+    const h2 = new Uint8Array(16);
+    sms4Crypt(authKey, h2, roundKey2);
+    let j02;
+    if (ivArray.length === 12) {
+      j02 = new Uint8Array(16);
+      j02.set(ivArray, 0);
+      j02[15] = 1;
+    } else {
+      const g = import_polyval.ghash.create(h2);
+      g.update(ivArray);
+      const lenIv = new Uint8Array(16);
+      const view = (0, import_utils11.createView)(lenIv);
+      (0, import_utils11.setBigUint64)(view, 8, BigInt(ivArray.length * 8), false);
+      g.update(lenIv);
+      j02 = g.digest();
+    }
+    const counter2 = new Uint8Array(j02);
+    incrementCounter(counter2);
+    const tagMask2 = new Uint8Array(16);
+    sms4Crypt(j02, tagMask2, roundKey2);
+    return { roundKey: roundKey2, h: h2, j0: j02, counter: counter2, tagMask: tagMask2 };
+  }
+  function computeTag(h2, data) {
+    const aadLength = aadArray.length;
+    const dataLength = data.length;
+    const g = import_polyval.ghash.create(h2);
+    if (aadLength > 0) {
+      g.update(aadArray);
+    }
+    g.update(data);
+    const lenBlock = new Uint8Array(16);
+    const view = (0, import_utils11.createView)(lenBlock);
+    (0, import_utils11.setBigUint64)(view, 0, BigInt(aadLength * 8), false);
+    (0, import_utils11.setBigUint64)(view, 8, BigInt(dataLength * 8), false);
+    g.update(lenBlock);
+    return g.digest();
+  }
+  const { roundKey, h, j0, counter, tagMask } = deriveKeys();
+  if (cryptFlag === DECRYPT && tagArray) {
+    const calculatedTag = computeTag(h, inArray);
+    for (let i = 0; i < 16; i++) {
+      calculatedTag[i] ^= tagMask[i];
+    }
+    let tagMatch = 0;
+    for (let i = 0; i < 16; i++) {
+      tagMatch |= calculatedTag[i] ^ tagArray[i];
+    }
+    if (tagMatch !== 0) {
+      throw new Error("authentication tag mismatch");
+    }
+  }
+  const outArray = new Uint8Array(inArray.length);
+  let point = 0;
+  let restLen = inArray.length;
+  while (restLen >= BLOCK) {
+    const blockOut = new Uint8Array(BLOCK);
+    sms4Crypt(counter, blockOut, roundKey);
+    for (let i = 0; i < BLOCK && i < restLen; i++) {
+      outArray[point + i] = inArray[point + i] ^ blockOut[i];
+    }
+    incrementCounter(counter);
+    point += BLOCK;
+    restLen -= BLOCK;
+  }
+  if (restLen > 0) {
+    const blockOut = new Uint8Array(BLOCK);
+    sms4Crypt(counter, blockOut, roundKey);
+    for (let i = 0; i < restLen; i++) {
+      outArray[point + i] = inArray[point + i] ^ blockOut[i];
+    }
+  }
+  if (cryptFlag !== DECRYPT) {
+    const calculatedTag = computeTag(h, outArray);
+    for (let i = 0; i < 16; i++) {
+      calculatedTag[i] ^= tagMask[i];
+    }
+    return { output: outArray, tag: calculatedTag };
+  }
+  return { output: outArray };
+}
 var blockOutput = new Uint8Array(16);
 function sm4(inArray, key, cryptFlag, options = {}) {
   let {
     padding = "pkcs#7",
     mode,
     iv = new Uint8Array(16),
-    output
+    output,
+    associatedData,
+    outputTag,
+    tag
   } = options;
+  if (mode === "gcm") {
+    const keyArray = typeof key === "string" ? hexToArray(key) : Uint8Array.from(key);
+    const ivArray = typeof iv === "string" ? hexToArray(iv) : Uint8Array.from(iv);
+    const aadArray = associatedData ? typeof associatedData === "string" ? hexToArray(associatedData) : Uint8Array.from(associatedData) : new Uint8Array(0);
+    let inputArray;
+    if (typeof inArray === "string") {
+      if (cryptFlag !== DECRYPT) {
+        inputArray = utf8ToArray(inArray);
+      } else {
+        inputArray = hexToArray(inArray);
+      }
+    } else {
+      inputArray = Uint8Array.from(inArray);
+    }
+    const tagArray = tag ? typeof tag === "string" ? hexToArray(tag) : Uint8Array.from(tag) : void 0;
+    const result = sm4Gcm(inputArray, keyArray, ivArray, aadArray, cryptFlag, tagArray);
+    if (output === "array") {
+      if (outputTag && cryptFlag !== DECRYPT) {
+        return result;
+      }
+      return result.output;
+    } else {
+      if (outputTag && cryptFlag !== DECRYPT) {
+        return {
+          output: bytesToHex(result.output),
+          tag: result.tag ? bytesToHex(result.tag) : void 0
+        };
+      }
+      if (cryptFlag !== DECRYPT) {
+        return {
+          output: bytesToHex(result.output),
+          tag: result.tag ? bytesToHex(result.tag) : void 0
+        };
+      } else {
+        return arrayToUtf8(result.output);
+      }
+    }
+  }
   if (mode === "cbc") {
     if (typeof iv === "string")
       iv = hexToArray(iv);

package/dist/index.mjs

@@ -768,10 +768,8 @@ function xorCipherStream(x2, y2, msg) {
     msg[i] ^= t[offset++] & 255;
   }
 }
-function doDecrypt(encryptData, privateKey, cipherMode = 1, {
-  output = "string",
-  asn1 = false
-} = {}) {
+function doDecrypt(encryptData, privateKey, cipherMode = 1, options) {
+  const { output = "string", asn1 = false } = options || {};
   const privateKeyInteger = utils4.hexToNumber(privateKey);
   let c1;
   let c2;
@@ -966,6 +964,8 @@ __export(sm4_exports, {
   encrypt: () => encrypt,
   sm4: () => sm4
 });
+import { ghash } from "@noble/ciphers/_polyval";
+import { createView as createView2, setBigUint64 as setBigUint642 } from "@noble/ciphers/utils";
 var DECRYPT = 0;
 var ROUND = 32;
 var BLOCK = 16;
@@ -1353,14 +1353,148 @@ function sms4KeyExt(key, roundKey, cryptFlag) {
     }
   }
 }
+function incrementCounter(counter) {
+  for (let i = counter.length - 1; i >= 0; i--) {
+    counter[i]++;
+    if (counter[i] !== 0)
+      break;
+  }
+}
+function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
+  const tagLength = 16;
+  function deriveKeys() {
+    const roundKey2 = new Uint32Array(ROUND);
+    sms4KeyExt(key, roundKey2, 1);
+    const authKey = new Uint8Array(16).fill(0);
+    const h2 = new Uint8Array(16);
+    sms4Crypt(authKey, h2, roundKey2);
+    let j02;
+    if (ivArray.length === 12) {
+      j02 = new Uint8Array(16);
+      j02.set(ivArray, 0);
+      j02[15] = 1;
+    } else {
+      const g = ghash.create(h2);
+      g.update(ivArray);
+      const lenIv = new Uint8Array(16);
+      const view = createView2(lenIv);
+      setBigUint642(view, 8, BigInt(ivArray.length * 8), false);
+      g.update(lenIv);
+      j02 = g.digest();
+    }
+    const counter2 = new Uint8Array(j02);
+    incrementCounter(counter2);
+    const tagMask2 = new Uint8Array(16);
+    sms4Crypt(j02, tagMask2, roundKey2);
+    return { roundKey: roundKey2, h: h2, j0: j02, counter: counter2, tagMask: tagMask2 };
+  }
+  function computeTag(h2, data) {
+    const aadLength = aadArray.length;
+    const dataLength = data.length;
+    const g = ghash.create(h2);
+    if (aadLength > 0) {
+      g.update(aadArray);
+    }
+    g.update(data);
+    const lenBlock = new Uint8Array(16);
+    const view = createView2(lenBlock);
+    setBigUint642(view, 0, BigInt(aadLength * 8), false);
+    setBigUint642(view, 8, BigInt(dataLength * 8), false);
+    g.update(lenBlock);
+    return g.digest();
+  }
+  const { roundKey, h, j0, counter, tagMask } = deriveKeys();
+  if (cryptFlag === DECRYPT && tagArray) {
+    const calculatedTag = computeTag(h, inArray);
+    for (let i = 0; i < 16; i++) {
+      calculatedTag[i] ^= tagMask[i];
+    }
+    let tagMatch = 0;
+    for (let i = 0; i < 16; i++) {
+      tagMatch |= calculatedTag[i] ^ tagArray[i];
+    }
+    if (tagMatch !== 0) {
+      throw new Error("authentication tag mismatch");
+    }
+  }
+  const outArray = new Uint8Array(inArray.length);
+  let point = 0;
+  let restLen = inArray.length;
+  while (restLen >= BLOCK) {
+    const blockOut = new Uint8Array(BLOCK);
+    sms4Crypt(counter, blockOut, roundKey);
+    for (let i = 0; i < BLOCK && i < restLen; i++) {
+      outArray[point + i] = inArray[point + i] ^ blockOut[i];
+    }
+    incrementCounter(counter);
+    point += BLOCK;
+    restLen -= BLOCK;
+  }
+  if (restLen > 0) {
+    const blockOut = new Uint8Array(BLOCK);
+    sms4Crypt(counter, blockOut, roundKey);
+    for (let i = 0; i < restLen; i++) {
+      outArray[point + i] = inArray[point + i] ^ blockOut[i];
+    }
+  }
+  if (cryptFlag !== DECRYPT) {
+    const calculatedTag = computeTag(h, outArray);
+    for (let i = 0; i < 16; i++) {
+      calculatedTag[i] ^= tagMask[i];
+    }
+    return { output: outArray, tag: calculatedTag };
+  }
+  return { output: outArray };
+}
 var blockOutput = new Uint8Array(16);
 function sm4(inArray, key, cryptFlag, options = {}) {
   let {
     padding = "pkcs#7",
     mode,
     iv = new Uint8Array(16),
-    output
+    output,
+    associatedData,
+    outputTag,
+    tag
   } = options;
+  if (mode === "gcm") {
+    const keyArray = typeof key === "string" ? hexToArray(key) : Uint8Array.from(key);
+    const ivArray = typeof iv === "string" ? hexToArray(iv) : Uint8Array.from(iv);
+    const aadArray = associatedData ? typeof associatedData === "string" ? hexToArray(associatedData) : Uint8Array.from(associatedData) : new Uint8Array(0);
+    let inputArray;
+    if (typeof inArray === "string") {
+      if (cryptFlag !== DECRYPT) {
+        inputArray = utf8ToArray(inArray);
+      } else {
+        inputArray = hexToArray(inArray);
+      }
+    } else {
+      inputArray = Uint8Array.from(inArray);
+    }
+    const tagArray = tag ? typeof tag === "string" ? hexToArray(tag) : Uint8Array.from(tag) : void 0;
+    const result = sm4Gcm(inputArray, keyArray, ivArray, aadArray, cryptFlag, tagArray);
+    if (output === "array") {
+      if (outputTag && cryptFlag !== DECRYPT) {
+        return result;
+      }
+      return result.output;
+    } else {
+      if (outputTag && cryptFlag !== DECRYPT) {
+        return {
+          output: bytesToHex(result.output),
+          tag: result.tag ? bytesToHex(result.tag) : void 0
+        };
+      }
+      if (cryptFlag !== DECRYPT) {
+        return {
+          output: bytesToHex(result.output),
+          tag: result.tag ? bytesToHex(result.tag) : void 0
+        };
+      } else {
+        return arrayToUtf8(result.output);
+      }
+    }
+  }
   if (mode === "cbc") {
     if (typeof iv === "string")
       iv = hexToArray(iv);

package/miniprogram_dist/index.d.ts

@@ -60,7 +60,7 @@ declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?:
     asn1?: boolean;
 }): Uint8Array;
 declare function doDecrypt(encryptData: string, privateKey: string, cipherMode?: number, options?: {
-    output: 'string';
+    output?: 'string';
     asn1?: boolean;
 }): string;
 interface SignaturePoint {
@@ -146,30 +146,52 @@ declare function sm3(input: string | Uint8Array, options?: {
 
 interface SM4Options {
     padding?: 'pkcs#7' | 'pkcs#5' | 'none' | null;
-    mode?: 'cbc' | 'ecb';
+    mode?: 'cbc' | 'ecb' | 'gcm';
     iv?: Uint8Array | string;
     output?: 'string' | 'array';
+    associatedData?: Uint8Array | string;
+    outputTag?: boolean;
+    tag?: Uint8Array | string;
 }
-declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array;
+declare function sm4(inArray: Uint8Array | string, key: Uint8Array | string, cryptFlag: 0 | 1, options?: SM4Options): string | Uint8Array | {
+    output: Uint8Array;
+    tag?: Uint8Array | undefined;
+} | {
+    output: string;
+    tag: string | undefined;
+};
+interface GCMResult<T = Uint8Array | string> {
+    output: T;
+    tag?: T;
+}
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output: 'array';
+} & SM4Options): GCMResult<Uint8Array>;
+declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options: {
+    mode: 'gcm';
+    output?: 'string';
+} & SM4Options): GCMResult<string>;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function encrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
     output: 'array';
 } & SM4Options): Uint8Array;
 declare function decrypt(inArray: Uint8Array | string, key: Uint8Array | string, options?: {
-    output: 'string';
+    output?: 'string';
 } & SM4Options): string;
 
+type index_GCMResult<T = Uint8Array | string> = GCMResult<T>;
 type index_SM4Options = SM4Options;
 declare const index_decrypt: typeof decrypt;
 declare const index_encrypt: typeof encrypt;
 declare const index_sm4: typeof sm4;
 declare namespace index {
-  export { type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
+  export { type index_GCMResult as GCMResult, type index_SM4Options as SM4Options, index_decrypt as decrypt, index_encrypt as encrypt, index_sm4 as sm4 };
 }
 
 export { index$1 as sm2, sm3, index as sm4 };

package/miniprogram_dist/index.js

@@ -1227,7 +1227,7 @@ function nLength(n, nBitLength) {
     };
 }
 function Field(ORDER, bitLen2) {
-    var isLE2 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false, redef = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : {};
+    var isLE3 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false, redef = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : {};
     if (ORDER <= _0n2) throw new Error("Expected Fp ORDER > 0, got ".concat(ORDER));
     var _nLength = nLength(ORDER, bitLen2), BITS = _nLength.nBitLength, BYTES = _nLength.nByteLength;
     if (BYTES > 2048) throw new Error("Field lengths over 2048 bytes are not supported");
@@ -1304,22 +1304,22 @@ function Field(ORDER, bitLen2) {
             return c ? b : a;
         },
         toBytes: function(num) {
-            return isLE2 ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES);
+            return isLE3 ? numberToBytesLE(num, BYTES) : numberToBytesBE(num, BYTES);
         },
         fromBytes: function(bytes) {
             if (bytes.length !== BYTES) throw new Error("Fp.fromBytes: expected ".concat(BYTES, ", got ").concat(bytes.length));
-            return isLE2 ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes);
+            return isLE3 ? bytesToNumberLE(bytes) : bytesToNumberBE(bytes);
         }
     });
     return Object.freeze(f);
 }
 function hashToPrivateScalar(hash, groupOrder) {
-    var isLE2 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false;
+    var isLE3 = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : false;
     hash = ensureBytes("privateHash", hash);
     var hashLen = hash.length;
     var minLen = nLength(groupOrder).nByteLength + 8;
     if (minLen < 24 || hashLen < minLen || hashLen > 1024) throw new Error("hashToPrivateScalar: expected ".concat(minLen, "-1024 bytes of input, got ").concat(hashLen));
-    var num = isLE2 ? bytesToNumberLE(hash) : bytesToNumberBE(hash);
+    var num = isLE3 ? bytesToNumberLE(hash) : bytesToNumberBE(hash);
     return mod(num, groupOrder - _1n2) + _1n2;
 }
 // node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/curve.js
@@ -1564,7 +1564,7 @@ function weierstrassPoints(opts) {
     };
     var CURVE = validatePointOpts(opts);
     var Fp = CURVE.Fp;
-    var toBytes2 = CURVE.toBytes || function(c, point, isCompressed) {
+    var toBytes3 = CURVE.toBytes || function(c, point, isCompressed) {
         var a = point.toAffine();
         return concatBytes(Uint8Array.from([
             4
@@ -1910,7 +1910,7 @@ function weierstrassPoints(opts) {
                 value: function toRawBytes() {
                     var isCompressed = arguments.length > 0 && arguments[0] !== void 0 ? arguments[0] : true;
                     this.assertValidity();
-                    return toBytes2(Point, this, isCompressed);
+                    return toBytes3(Point, this, isCompressed);
                 }
             },
             {
@@ -2542,16 +2542,16 @@ var BoolB = function(A, B, C) {
 var BoolC = function(A, B, C) {
     return A & B | ~A & C;
 };
-function setBigUint64(view, byteOffset, value, isLE2) {
-    if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value, isLE2);
+function setBigUint64(view, byteOffset, value, isLE3) {
+    if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value, isLE3);
     var _32n = BigInt(32);
     var _u32_max = BigInt(4294967295);
     var wh = Number(value >> _32n & _u32_max);
     var wl = Number(value & _u32_max);
-    var h = isLE2 ? 4 : 0;
-    var l = isLE2 ? 0 : 4;
-    view.setUint32(byteOffset + h, wh, isLE2);
-    view.setUint32(byteOffset + l, wl, isLE2);
+    var h = isLE3 ? 4 : 0;
+    var l = isLE3 ? 0 : 4;
+    view.setUint32(byteOffset + h, wh, isLE3);
+    view.setUint32(byteOffset + l, wl, isLE3);
 }
 function rotl(x2, n) {
     var s = n & 31;
@@ -2566,14 +2566,14 @@ function P1(X) {
 var SHA2 = /*#__PURE__*/ function(Hash) {
     _inherits(SHA2, Hash);
     var _super = _create_super(SHA2);
-    function SHA2(blockLen, outputLen, padOffset, isLE2) {
+    function SHA2(blockLen, outputLen, padOffset, isLE3) {
         _class_call_check(this, SHA2);
         var _this;
         _this = _super.call(this);
         _this.blockLen = blockLen;
         _this.outputLen = outputLen;
         _this.padOffset = padOffset;
-        _this.isLE = isLE2;
+        _this.isLE = isLE3;
         // For partial updates less than block size
         __publicField(_assert_this_initialized(_this), "buffer");
         __publicField(_assert_this_initialized(_this), "view");
@@ -2616,7 +2616,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
             key: "digestInto",
             value: function digestInto(out) {
                 this.finished = true;
-                var _this = this, buffer = _this.buffer, view = _this.view, blockLen = _this.blockLen, isLE2 = _this.isLE;
+                var _this = this, buffer = _this.buffer, view = _this.view, blockLen = _this.blockLen, isLE3 = _this.isLE;
                 var pos = this.pos;
                 buffer[pos++] = 128;
                 this.buffer.subarray(pos).fill(0);
@@ -2625,7 +2625,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
                     pos = 0;
                 }
                 for(var i = pos; i < blockLen; i++)buffer[i] = 0;
-                setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE2);
+                setBigUint64(view, blockLen - 8, BigInt(this.length * 8), isLE3);
                 this.process(view, 0);
                 var oview = createView(out);
                 var len = this.outputLen;
@@ -2633,7 +2633,7 @@ var SHA2 = /*#__PURE__*/ function(Hash) {
                 var outLen = len / 4;
                 var state = this.get();
                 if (outLen > state.length) throw new Error("_sha2: outputLen bigger than state");
-                for(var i1 = 0; i1 < outLen; i1++)oview.setUint32(4 * i1, state[i1], isLE2);
+                for(var i1 = 0; i1 < outLen; i1++)oview.setUint32(4 * i1, state[i1], isLE3);
             }
         },
         {
@@ -3073,7 +3073,8 @@ function xorCipherStream(x2, y2, msg) {
     }
 }
 function doDecrypt(encryptData, privateKey) {
-    var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1, _ref = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : {}, _ref_output = _ref.output, output = _ref_output === void 0 ? "string" : _ref_output, _ref_asn1 = _ref.asn1, asn1 = _ref_asn1 === void 0 ? false : _ref_asn1;
+    var cipherMode = arguments.length > 2 && arguments[2] !== void 0 ? arguments[2] : 1, options = arguments.length > 3 ? arguments[3] : void 0;
+    var _ref = options || {}, _ref_output = _ref.output, output = _ref_output === void 0 ? "string" : _ref_output, _ref_asn1 = _ref.asn1, asn1 = _ref_asn1 === void 0 ? false : _ref_asn1;
     var privateKeyInteger = hexToNumber(privateKey);
     var c1;
     var c2;
@@ -3271,6 +3272,337 @@ __export(sm4_exports, {
         return sm4;
     }
 });
+// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/_assert.js
+function isBytes(a) {
+    return _instanceof(a, Uint8Array) || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
+}
+function abytes(b) {
+    for(var _len = arguments.length, lengths = new Array(_len > 1 ? _len - 1 : 0), _key = 1; _key < _len; _key++){
+        lengths[_key - 1] = arguments[_key];
+    }
+    if (!isBytes(b)) throw new Error("Uint8Array expected");
+    if (lengths.length > 0 && !lengths.includes(b.length)) throw new Error("Uint8Array expected of length " + lengths + ", got length=" + b.length);
+}
+function aexists(instance) {
+    var checkFinished = arguments.length > 1 && arguments[1] !== void 0 ? arguments[1] : true;
+    if (instance.destroyed) throw new Error("Hash instance has been destroyed");
+    if (checkFinished && instance.finished) throw new Error("Hash#digest() has already been called");
+}
+function aoutput(out, instance) {
+    abytes(out);
+    var min = instance.outputLen;
+    if (out.length < min) {
+        throw new Error("digestInto() expects output buffer of length at least " + min);
+    }
+}
+// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/utils.js
+var u32 = function(arr) {
+    return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4));
+};
+var createView2 = function(arr) {
+    return new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
+};
+var isLE2 = new Uint8Array(new Uint32Array([
+    287454020
+]).buffer)[0] === 68;
+if (!isLE2) throw new Error("Non little-endian hardware is not supported");
+function utf8ToBytes3(str) {
+    if (typeof str !== "string") throw new Error("string expected");
+    return new Uint8Array(new TextEncoder().encode(str));
+}
+function toBytes2(data) {
+    if (typeof data === "string") data = utf8ToBytes3(data);
+    else if (isBytes(data)) data = copyBytes(data);
+    else throw new Error("Uint8Array expected, got " + (typeof data === "undefined" ? "undefined" : _type_of(data)));
+    return data;
+}
+function setBigUint642(view, byteOffset, value, isLE3) {
+    if (typeof view.setBigUint64 === "function") return view.setBigUint64(byteOffset, value, isLE3);
+    var _32n = BigInt(32);
+    var _u32_max = BigInt(4294967295);
+    var wh = Number(value >> _32n & _u32_max);
+    var wl = Number(value & _u32_max);
+    var h = isLE3 ? 4 : 0;
+    var l = isLE3 ? 0 : 4;
+    view.setUint32(byteOffset + h, wh, isLE3);
+    view.setUint32(byteOffset + l, wl, isLE3);
+}
+function copyBytes(bytes) {
+    return Uint8Array.from(bytes);
+}
+function clean() {
+    for(var _len = arguments.length, arrays = new Array(_len), _key = 0; _key < _len; _key++){
+        arrays[_key] = arguments[_key];
+    }
+    for(var i = 0; i < arrays.length; i++){
+        arrays[i].fill(0);
+    }
+}
+// node_modules/.pnpm/@noble+ciphers@1.2.1/node_modules/@noble/ciphers/esm/_polyval.js
+var BLOCK_SIZE = 16;
+var ZEROS16 = /* @__PURE__ */ new Uint8Array(16);
+var ZEROS32 = u32(ZEROS16);
+var POLY = 225;
+var mul2 = function(s0, s1, s2, s3) {
+    var hiBit = s3 & 1;
+    return {
+        s3: s2 << 31 | s3 >>> 1,
+        s2: s1 << 31 | s2 >>> 1,
+        s1: s0 << 31 | s1 >>> 1,
+        s0: s0 >>> 1 ^ POLY << 24 & -(hiBit & 1)
+    };
+};
+var swapLE = function(n) {
+    return (n >>> 0 & 255) << 24 | (n >>> 8 & 255) << 16 | (n >>> 16 & 255) << 8 | n >>> 24 & 255 | 0;
+};
+function _toGHASHKey(k) {
+    k.reverse();
+    var hiBit = k[15] & 1;
+    var carry = 0;
+    for(var i = 0; i < k.length; i++){
+        var t = k[i];
+        k[i] = t >>> 1 | carry;
+        carry = (t & 1) << 7;
+    }
+    k[0] ^= -hiBit & 225;
+    return k;
+}
+var estimateWindow = function(bytes) {
+    if (bytes > 64 * 1024) return 8;
+    if (bytes > 1024) return 4;
+    return 2;
+};
+var GHASH = /*#__PURE__*/ function() {
+    function GHASH(key, expectedLength) {
+        _class_call_check(this, GHASH);
+        this.blockLen = BLOCK_SIZE;
+        this.outputLen = BLOCK_SIZE;
+        this.s0 = 0;
+        this.s1 = 0;
+        this.s2 = 0;
+        this.s3 = 0;
+        this.finished = false;
+        key = toBytes2(key);
+        abytes(key, 16);
+        var kView = createView2(key);
+        var k0 = kView.getUint32(0, false);
+        var k1 = kView.getUint32(4, false);
+        var k2 = kView.getUint32(8, false);
+        var k3 = kView.getUint32(12, false);
+        var doubles = [];
+        for(var i = 0; i < 128; i++){
+            doubles.push({
+                s0: swapLE(k0),
+                s1: swapLE(k1),
+                s2: swapLE(k2),
+                s3: swapLE(k3)
+            });
+            var ref;
+            ref = mul2(k0, k1, k2, k3), k0 = ref.s0, k1 = ref.s1, k2 = ref.s2, k3 = ref.s3, ref;
+        }
+        var W = estimateWindow(expectedLength || 1024);
+        if (![
+            1,
+            2,
+            4,
+            8
+        ].includes(W)) throw new Error("ghash: invalid window size, expected 2, 4 or 8");
+        this.W = W;
+        var bits = 128;
+        var windows = bits / W;
+        var windowSize = this.windowSize = Math.pow(2, W);
+        var items = [];
+        for(var w = 0; w < windows; w++){
+            for(var byte = 0; byte < windowSize; byte++){
+                var s0 = 0, s1 = 0, s2 = 0, s3 = 0;
+                for(var j = 0; j < W; j++){
+                    var bit = byte >>> W - j - 1 & 1;
+                    if (!bit) continue;
+                    var _doubles_ = doubles[W * w + j], d0 = _doubles_.s0, d1 = _doubles_.s1, d2 = _doubles_.s2, d3 = _doubles_.s3;
+                    s0 ^= d0, s1 ^= d1, s2 ^= d2, s3 ^= d3;
+                }
+                items.push({
+                    s0: s0,
+                    s1: s1,
+                    s2: s2,
+                    s3: s3
+                });
+            }
+        }
+        this.t = items;
+    }
+    _create_class(GHASH, [
+        {
+            key: "_updateBlock",
+            value: function _updateBlock(s0, s1, s2, s3) {
+                s0 ^= this.s0, s1 ^= this.s1, s2 ^= this.s2, s3 ^= this.s3;
+                var _this = this, W = _this.W, t = _this.t, windowSize = _this.windowSize;
+                var o0 = 0, o1 = 0, o2 = 0, o3 = 0;
+                var mask = (1 << W) - 1;
+                var w = 0;
+                for(var _i = 0, _iter = [
+                    s0,
+                    s1,
+                    s2,
+                    s3
+                ]; _i < _iter.length; _i++){
+                    var num = _iter[_i];
+                    for(var bytePos = 0; bytePos < 4; bytePos++){
+                        var byte = num >>> 8 * bytePos & 255;
+                        for(var bitPos = 8 / W - 1; bitPos >= 0; bitPos--){
+                            var bit = byte >>> W * bitPos & mask;
+                            var _t_ = t[w * windowSize + bit], e0 = _t_.s0, e1 = _t_.s1, e2 = _t_.s2, e3 = _t_.s3;
+                            o0 ^= e0, o1 ^= e1, o2 ^= e2, o3 ^= e3;
+                            w += 1;
+                        }
+                    }
+                }
+                this.s0 = o0;
+                this.s1 = o1;
+                this.s2 = o2;
+                this.s3 = o3;
+            }
+        },
+        {
+            key: "update",
+            value: function update(data) {
+                data = toBytes2(data);
+                aexists(this);
+                var b32 = u32(data);
+                var blocks = Math.floor(data.length / BLOCK_SIZE);
+                var left = data.length % BLOCK_SIZE;
+                for(var i = 0; i < blocks; i++){
+                    this._updateBlock(b32[i * 4 + 0], b32[i * 4 + 1], b32[i * 4 + 2], b32[i * 4 + 3]);
+                }
+                if (left) {
+                    ZEROS16.set(data.subarray(blocks * BLOCK_SIZE));
+                    this._updateBlock(ZEROS32[0], ZEROS32[1], ZEROS32[2], ZEROS32[3]);
+                    clean(ZEROS32);
+                }
+                return this;
+            }
+        },
+        {
+            key: "destroy",
+            value: function destroy() {
+                var t = this.t;
+                var _iteratorNormalCompletion = true, _didIteratorError = false, _iteratorError = undefined;
+                try {
+                    for(var _iterator = t[Symbol.iterator](), _step; !(_iteratorNormalCompletion = (_step = _iterator.next()).done); _iteratorNormalCompletion = true){
+                        var elm = _step.value;
+                        elm.s0 = 0, elm.s1 = 0, elm.s2 = 0, elm.s3 = 0;
+                    }
+                } catch (err) {
+                    _didIteratorError = true;
+                    _iteratorError = err;
+                } finally{
+                    try {
+                        if (!_iteratorNormalCompletion && _iterator.return != null) {
+                            _iterator.return();
+                        }
+                    } finally{
+                        if (_didIteratorError) {
+                            throw _iteratorError;
+                        }
+                    }
+                }
+            }
+        },
+        {
+            key: "digestInto",
+            value: function digestInto(out) {
+                aexists(this);
+                aoutput(out, this);
+                this.finished = true;
+                var _this = this, s0 = _this.s0, s1 = _this.s1, s2 = _this.s2, s3 = _this.s3;
+                var o32 = u32(out);
+                o32[0] = s0;
+                o32[1] = s1;
+                o32[2] = s2;
+                o32[3] = s3;
+                return out;
+            }
+        },
+        {
+            key: "digest",
+            value: function digest() {
+                var res = new Uint8Array(BLOCK_SIZE);
+                this.digestInto(res);
+                this.destroy();
+                return res;
+            }
+        }
+    ]);
+    return GHASH;
+}();
+var Polyval = /*#__PURE__*/ function(GHASH) {
+    _inherits(Polyval, GHASH);
+    var _super = _create_super(Polyval);
+    function Polyval(key, expectedLength) {
+        _class_call_check(this, Polyval);
+        key = toBytes2(key);
+        var ghKey = _toGHASHKey(copyBytes(key));
+        var _this = _super.call(this, ghKey, expectedLength);
+        clean(ghKey);
+        return _this;
+    }
+    _create_class(Polyval, [
+        {
+            key: "update",
+            value: function update(data) {
+                data = toBytes2(data);
+                aexists(this);
+                var b32 = u32(data);
+                var left = data.length % BLOCK_SIZE;
+                var blocks = Math.floor(data.length / BLOCK_SIZE);
+                for(var i = 0; i < blocks; i++){
+                    this._updateBlock(swapLE(b32[i * 4 + 3]), swapLE(b32[i * 4 + 2]), swapLE(b32[i * 4 + 1]), swapLE(b32[i * 4 + 0]));
+                }
+                if (left) {
+                    ZEROS16.set(data.subarray(blocks * BLOCK_SIZE));
+                    this._updateBlock(swapLE(ZEROS32[3]), swapLE(ZEROS32[2]), swapLE(ZEROS32[1]), swapLE(ZEROS32[0]));
+                    clean(ZEROS32);
+                }
+                return this;
+            }
+        },
+        {
+            key: "digestInto",
+            value: function digestInto(out) {
+                aexists(this);
+                aoutput(out, this);
+                this.finished = true;
+                var _this = this, s0 = _this.s0, s1 = _this.s1, s2 = _this.s2, s3 = _this.s3;
+                var o32 = u32(out);
+                o32[0] = s0;
+                o32[1] = s1;
+                o32[2] = s2;
+                o32[3] = s3;
+                return out.reverse();
+            }
+        }
+    ]);
+    return Polyval;
+}(GHASH);
+function wrapConstructorWithKey(hashCons) {
+    var hashC = function(msg, key) {
+        return hashCons(key, msg.length).update(toBytes2(msg)).digest();
+    };
+    var tmp2 = hashCons(new Uint8Array(16), 0);
+    hashC.outputLen = tmp2.outputLen;
+    hashC.blockLen = tmp2.blockLen;
+    hashC.create = function(key, expectedLength) {
+        return hashCons(key, expectedLength);
+    };
+    return hashC;
+}
+var ghash = wrapConstructorWithKey(function(key, expectedLength) {
+    return new GHASH(key, expectedLength);
+});
+var polyval = wrapConstructorWithKey(function(key, expectedLength) {
+    return new Polyval(key, expectedLength);
+});
+// src/sm4/index.ts
 var DECRYPT = 0;
 var ROUND = 32;
 var BLOCK = 16;
@@ -3662,10 +3994,151 @@ function sms4KeyExt(key, roundKey, cryptFlag) {
         }
     }
 }
+function incrementCounter(counter) {
+    for(var i = counter.length - 1; i >= 0; i--){
+        counter[i]++;
+        if (counter[i] !== 0) break;
+    }
+}
+function sm4Gcm(inArray, key, ivArray, aadArray, cryptFlag, tagArray) {
+    var deriveKeys = function deriveKeys() {
+        var roundKey2 = new Uint32Array(ROUND);
+        sms4KeyExt(key, roundKey2, 1);
+        var authKey = new Uint8Array(16).fill(0);
+        var h2 = new Uint8Array(16);
+        sms4Crypt(authKey, h2, roundKey2);
+        var j02;
+        if (ivArray.length === 12) {
+            j02 = new Uint8Array(16);
+            j02.set(ivArray, 0);
+            j02[15] = 1;
+        } else {
+            var g = ghash.create(h2);
+            g.update(ivArray);
+            var lenIv = new Uint8Array(16);
+            var view = createView2(lenIv);
+            setBigUint642(view, 8, BigInt(ivArray.length * 8), false);
+            g.update(lenIv);
+            j02 = g.digest();
+        }
+        var counter2 = new Uint8Array(j02);
+        incrementCounter(counter2);
+        var tagMask2 = new Uint8Array(16);
+        sms4Crypt(j02, tagMask2, roundKey2);
+        return {
+            roundKey: roundKey2,
+            h: h2,
+            j0: j02,
+            counter: counter2,
+            tagMask: tagMask2
+        };
+    };
+    var computeTag = function computeTag(h2, data) {
+        var aadLength = aadArray.length;
+        var dataLength = data.length;
+        var g = ghash.create(h2);
+        if (aadLength > 0) {
+            g.update(aadArray);
+        }
+        g.update(data);
+        var lenBlock = new Uint8Array(16);
+        var view = createView2(lenBlock);
+        setBigUint642(view, 0, BigInt(aadLength * 8), false);
+        setBigUint642(view, 8, BigInt(dataLength * 8), false);
+        g.update(lenBlock);
+        return g.digest();
+    };
+    var tagLength = 16;
+    var _deriveKeys = deriveKeys(), roundKey = _deriveKeys.roundKey, h = _deriveKeys.h, j0 = _deriveKeys.j0, counter = _deriveKeys.counter, tagMask = _deriveKeys.tagMask;
+    if (cryptFlag === DECRYPT && tagArray) {
+        var calculatedTag = computeTag(h, inArray);
+        for(var i = 0; i < 16; i++){
+            calculatedTag[i] ^= tagMask[i];
+        }
+        var tagMatch = 0;
+        for(var i1 = 0; i1 < 16; i1++){
+            tagMatch |= calculatedTag[i1] ^ tagArray[i1];
+        }
+        if (tagMatch !== 0) {
+            throw new Error("authentication tag mismatch");
+        }
+    }
+    var outArray = new Uint8Array(inArray.length);
+    var point = 0;
+    var restLen = inArray.length;
+    while(restLen >= BLOCK){
+        var blockOut = new Uint8Array(BLOCK);
+        sms4Crypt(counter, blockOut, roundKey);
+        for(var i2 = 0; i2 < BLOCK && i2 < restLen; i2++){
+            outArray[point + i2] = inArray[point + i2] ^ blockOut[i2];
+        }
+        incrementCounter(counter);
+        point += BLOCK;
+        restLen -= BLOCK;
+    }
+    if (restLen > 0) {
+        var blockOut1 = new Uint8Array(BLOCK);
+        sms4Crypt(counter, blockOut1, roundKey);
+        for(var i3 = 0; i3 < restLen; i3++){
+            outArray[point + i3] = inArray[point + i3] ^ blockOut1[i3];
+        }
+    }
+    if (cryptFlag !== DECRYPT) {
+        var calculatedTag1 = computeTag(h, outArray);
+        for(var i4 = 0; i4 < 16; i4++){
+            calculatedTag1[i4] ^= tagMask[i4];
+        }
+        return {
+            output: outArray,
+            tag: calculatedTag1
+        };
+    }
+    return {
+        output: outArray
+    };
+}
 var blockOutput = new Uint8Array(16);
 function sm4(inArray, key, cryptFlag) {
     var options = arguments.length > 3 && arguments[3] !== void 0 ? arguments[3] : {};
-    var _options_padding = options.padding, padding = _options_padding === void 0 ? "pkcs#7" : _options_padding, mode = options.mode, _options_iv = options.iv, iv = _options_iv === void 0 ? new Uint8Array(16) : _options_iv, output = options.output;
+    var _options_padding = options.padding, padding = _options_padding === void 0 ? "pkcs#7" : _options_padding, mode = options.mode, _options_iv = options.iv, iv = _options_iv === void 0 ? new Uint8Array(16) : _options_iv, output = options.output, associatedData = options.associatedData, outputTag = options.outputTag, tag = options.tag;
+    if (mode === "gcm") {
+        var keyArray = typeof key === "string" ? hexToArray(key) : Uint8Array.from(key);
+        var ivArray = typeof iv === "string" ? hexToArray(iv) : Uint8Array.from(iv);
+        var aadArray = associatedData ? typeof associatedData === "string" ? hexToArray(associatedData) : Uint8Array.from(associatedData) : new Uint8Array(0);
+        var inputArray;
+        if (typeof inArray === "string") {
+            if (cryptFlag !== DECRYPT) {
+                inputArray = utf8ToArray(inArray);
+            } else {
+                inputArray = hexToArray(inArray);
+            }
+        } else {
+            inputArray = Uint8Array.from(inArray);
+        }
+        var tagArray = tag ? typeof tag === "string" ? hexToArray(tag) : Uint8Array.from(tag) : void 0;
+        var result = sm4Gcm(inputArray, keyArray, ivArray, aadArray, cryptFlag, tagArray);
+        if (output === "array") {
+            if (outputTag && cryptFlag !== DECRYPT) {
+                return result;
+            }
+            return result.output;
+        } else {
+            if (outputTag && cryptFlag !== DECRYPT) {
+                return {
+                    output: bytesToHex2(result.output),
+                    tag: result.tag ? bytesToHex2(result.tag) : void 0
+                };
+            }
+            if (cryptFlag !== DECRYPT) {
+                return {
+                    output: bytesToHex2(result.output),
+                    tag: result.tag ? bytesToHex2(result.tag) : void 0
+                };
+            } else {
+                return arrayToUtf8(result.output);
+            }
+        }
+    }
     if (mode === "cbc") {
         if (typeof iv === "string") iv = hexToArray(iv);
         if (iv.length !== 128 / 8) {
@@ -3770,4 +4243,7 @@ function decrypt(inArray, key) {
 
 @noble/curves/esm/abstract/weierstrass.js:
   (*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) *)
+
+@noble/ciphers/esm/utils.js:
+  (*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) *)
 */ 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sm-crypto-v2",
-  "version": "1.9.3",
+  "version": "1.10.1",
   "description": "sm-crypto-v2",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -33,8 +33,12 @@
   "author": "june_01",
   "license": "MIT",
   "dependencies": {
+    "@noble/ciphers": "^1.2.1",
     "@noble/curves": "^1.1.0"
   },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/"
+  },
   "devDependencies": {
     "@swc-node/register": "^1.6.6",
     "@swc/core": "^1.3.62",

package/tsup.config.miniprogram.ts

@@ -10,7 +10,7 @@ export default defineConfig({
   minify: false,
   format: ['cjs'],
   target: 'es5',
-  noExternal: ['@noble/curves'],
+  noExternal: ['@noble/curves', '@noble/ciphers'],
   tsconfig: 'tsconfig.json',
   esbuildOptions(options) {
     options.define.__BUILD_TS__ = Date.now().toString();