mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 20:26:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

sm2: make opts fields private

Browse Source
This commit is contained in:
Sun Yimin 2023-03-22 17:29:16 +08:00 committed by GitHub
parent 6254f0a5cb
commit 1ed0dbb068
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
sm2/sm2.go
View File

@ -76,15 +76,15 @@ const (
// EncrypterOpts encryption options // EncrypterOpts encryption options
type EncrypterOpts struct { type EncrypterOpts struct {
CiphertextEncoding ciphertextEncoding ciphertextEncoding ciphertextEncoding
PointMarshalMode pointMarshalMode pointMarshalMode pointMarshalMode
CiphertextSplicingOrder ciphertextSplicingOrder ciphertextSplicingOrder ciphertextSplicingOrder
} }
// DecrypterOpts decryption options // DecrypterOpts decryption options
type DecrypterOpts struct { type DecrypterOpts struct {
CiphertextEncoding ciphertextEncoding ciphertextEncoding ciphertextEncoding
CipherTextSplicingOrder ciphertextSplicingOrder cipherTextSplicingOrder ciphertextSplicingOrder
} }
// NewPlainEncrypterOpts creates a SM2 non-ASN1 encrypter options. // NewPlainEncrypterOpts creates a SM2 non-ASN1 encrypter options.
@ -122,8 +122,8 @@ type Signer interface {
// SM2SignerOption implements crypto.SignerOpts interface. // SM2SignerOption implements crypto.SignerOpts interface.
// It is specific for SM2, used in private key's Sign method. // It is specific for SM2, used in private key's Sign method.
type SM2SignerOption struct { type SM2SignerOption struct {
UID []byte uid []byte
ForceGMSign bool forceGMSign bool
} }
// NewSM2SignerOption creates a SM2 specific signer option. // NewSM2SignerOption creates a SM2 specific signer option.
@ -131,11 +131,11 @@ type SM2SignerOption struct {
// uid - if forceGMSign is true, then you can pass uid, if no uid is provided, system will use default one. // uid - if forceGMSign is true, then you can pass uid, if no uid is provided, system will use default one.
func NewSM2SignerOption(forceGMSign bool, uid []byte) *SM2SignerOption { func NewSM2SignerOption(forceGMSign bool, uid []byte) *SM2SignerOption {
opt := &SM2SignerOption{ opt := &SM2SignerOption{
UID: uid, uid: uid,
ForceGMSign: forceGMSign, forceGMSign: forceGMSign,
} }
if forceGMSign && len(uid) == 0 { if forceGMSign && len(uid) == 0 {
opt.UID = defaultUID opt.uid = defaultUID
} }
return opt return opt
} }
@ -261,7 +261,7 @@ func encryptSM2EC(c *sm2Curve, pub *ecdsa.PublicKey, random io.Reader, msg []byt
md.Write(C2Bytes[len(C2Bytes)/2:]) md.Write(C2Bytes[len(C2Bytes)/2:])
c3 := md.Sum(nil) c3 := md.Sum(nil)
if opts.CiphertextEncoding == ENCODING_PLAIN { if opts.ciphertextEncoding == ENCODING_PLAIN {
return encodingCiphertext(opts, C1, c2, c3) return encodingCiphertext(opts, C1, c2, c3)
} }
return encodingCiphertextASN1(C1, c2, c3) return encodingCiphertextASN1(C1, c2, c3)
@ -270,14 +270,14 @@ func encryptSM2EC(c *sm2Curve, pub *ecdsa.PublicKey, random io.Reader, msg []byt
func encodingCiphertext(opts *EncrypterOpts, C1 *_sm2ec.SM2P256Point, c2, c3 []byte) ([]byte, error) { func encodingCiphertext(opts *EncrypterOpts, C1 *_sm2ec.SM2P256Point, c2, c3 []byte) ([]byte, error) {
var c1 []byte var c1 []byte
switch opts.PointMarshalMode { switch opts.pointMarshalMode {
case MarshalCompressed: case MarshalCompressed:
c1 = C1.BytesCompressed() c1 = C1.BytesCompressed()
default: default:
c1 = C1.Bytes() c1 = C1.Bytes()
} }
if opts.CiphertextSplicingOrder == C1C3C2 { if opts.ciphertextSplicingOrder == C1C3C2 {
// c1 || c3 || c2 // c1 || c3 || c2
return append(append(c1, c3...), c2...), nil return append(append(c1, c3...), c2...), nil
} }
@ -380,7 +380,7 @@ func parseCiphertext(c *sm2Curve, ciphertext []byte, opts *DecrypterOpts) (*_sm2
byteLen := (bitSize + 7) / 8 byteLen := (bitSize + 7) / 8
splicingOrder := C1C3C2 splicingOrder := C1C3C2
if opts != nil { if opts != nil {
splicingOrder = opts.CipherTextSplicingOrder splicingOrder = opts.cipherTextSplicingOrder
} }
b := ciphertext[0] b := ciphertext[0]
@ -496,8 +496,8 @@ func calculateSM2Hash(pub *ecdsa.PublicKey, data, uid []byte) ([]byte, error) {
// If the opts argument is instance of [*SM2SignerOption], and its ForceGMSign is true, // If the opts argument is instance of [*SM2SignerOption], and its ForceGMSign is true,
// then the hash will be treated as raw message. // then the hash will be treated as raw message.
func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte, opts crypto.SignerOpts) ([]byte, error) { func SignASN1(rand io.Reader, priv *PrivateKey, hash []byte, opts crypto.SignerOpts) ([]byte, error) {
if sm2Opts, ok := opts.(*SM2SignerOption); ok && sm2Opts.ForceGMSign { if sm2Opts, ok := opts.(*SM2SignerOption); ok && sm2Opts.forceGMSign {
newHash, err := calculateSM2Hash(&priv.PublicKey, hash, sm2Opts.UID) newHash, err := calculateSM2Hash(&priv.PublicKey, hash, sm2Opts.uid)
if err != nil { if err != nil {
return nil, err return nil, err
} }

14
sm2/sm2_legacy.go
View File

@ -254,7 +254,7 @@ func encryptLegacy(random io.Reader, pub *ecdsa.PublicKey, msg []byte, opts *Enc
//A2, calculate C1 = k * G //A2, calculate C1 = k * G
x1, y1 := curve.ScalarBaseMult(k.Bytes()) x1, y1 := curve.ScalarBaseMult(k.Bytes())
c1 := opts.PointMarshalMode.mashal(curve, x1, y1) c1 := opts.pointMarshalMode.mashal(curve, x1, y1)
//A4, calculate k * P (point of Public Key) //A4, calculate k * P (point of Public Key)
x2, y2 := curve.ScalarMult(pub.X, pub.Y, k.Bytes()) x2, y2 := curve.ScalarMult(pub.X, pub.Y, k.Bytes())
@ -275,8 +275,8 @@ func encryptLegacy(random io.Reader, pub *ecdsa.PublicKey, msg []byte, opts *Enc
//A7, C3 = hash(x2||M||y2) //A7, C3 = hash(x2||M||y2)
c3 := calculateC3(curve, x2, y2, msg) c3 := calculateC3(curve, x2, y2, msg)
if opts.CiphertextEncoding == ENCODING_PLAIN { if opts.ciphertextEncoding == ENCODING_PLAIN {
if opts.CiphertextSplicingOrder == C1C3C2 { if opts.ciphertextSplicingOrder == C1C3C2 {
// c1 || c3 || c2 // c1 || c3 || c2
return append(append(c1, c3...), c2...), nil return append(append(c1, c3...), c2...), nil
} }
@ -317,8 +317,8 @@ func ASN1Ciphertext2Plain(ciphertext []byte, opts *EncrypterOpts) ([]byte, error
return nil, err return nil, err
} }
curve := sm2ec.P256() curve := sm2ec.P256()
c1 := opts.PointMarshalMode.mashal(curve, x1, y1) c1 := opts.pointMarshalMode.mashal(curve, x1, y1)
if opts.CiphertextSplicingOrder == C1C3C2 { if opts.ciphertextSplicingOrder == C1C3C2 {
// c1 || c3 || c2 // c1 || c3 || c2
return append(append(c1, c3...), c2...), nil return append(append(c1, c3...), c2...), nil
} }
@ -426,10 +426,10 @@ func rawDecrypt(priv *PrivateKey, x1, y1 *big.Int, c2, c3 []byte) ([]byte, error
func decryptLegacy(priv *PrivateKey, ciphertext []byte, opts *DecrypterOpts) ([]byte, error) { func decryptLegacy(priv *PrivateKey, ciphertext []byte, opts *DecrypterOpts) ([]byte, error) {
splicingOrder := C1C3C2 splicingOrder := C1C3C2
if opts != nil { if opts != nil {
if opts.CiphertextEncoding == ENCODING_ASN1 { if opts.ciphertextEncoding == ENCODING_ASN1 {
return decryptASN1(priv, ciphertext) return decryptASN1(priv, ciphertext)
} }
splicingOrder = opts.CipherTextSplicingOrder splicingOrder = opts.cipherTextSplicingOrder
} }
if ciphertext[0] == 0x30 { if ciphertext[0] == 0x30 {
return decryptASN1(priv, ciphertext) return decryptASN1(priv, ciphertext)