mirror of
https://github.com/emmansun/gmsm.git
synced 2025-04-26 12:16:20 +08:00
misc: clean code
This commit is contained in:
parent
21859b7273
commit
818cbc3757
@ -35,33 +35,6 @@ func gcmSm4Data(productTable *[256]byte, data []byte, T *[16]byte)
|
||||
//go:noescape
|
||||
func gcmSm4Finish(productTable *[256]byte, tagMask, T *[16]byte, pLen, dLen uint64)
|
||||
|
||||
// gcmSm4InitInst is used for test
|
||||
func gcmSm4InitInst(productTable *[256]byte, rk []uint32) {
|
||||
if supportSM4 {
|
||||
gcmSm4Init(productTable, rk, INST_SM4)
|
||||
} else {
|
||||
gcmSm4Init(productTable, rk, INST_AES)
|
||||
}
|
||||
}
|
||||
|
||||
// gcmSm4EncInst is used for test
|
||||
func gcmSm4EncInst(productTable *[256]byte, dst, src []byte, ctr, T *[16]byte, rk []uint32) {
|
||||
if supportSM4 {
|
||||
gcmSm4niEnc(productTable, dst, src, ctr, T, rk)
|
||||
} else {
|
||||
gcmSm4Enc(productTable, dst, src, ctr, T, rk)
|
||||
}
|
||||
}
|
||||
|
||||
// gcmSm4DecInst is used for test
|
||||
func gcmSm4DecInst(productTable *[256]byte, dst, src []byte, ctr, T *[16]byte, rk []uint32) {
|
||||
if supportSM4 {
|
||||
gcmSm4niDec(productTable, dst, src, ctr, T, rk)
|
||||
} else {
|
||||
gcmSm4Dec(productTable, dst, src, ctr, T, rk)
|
||||
}
|
||||
}
|
||||
|
||||
type gcmAsm struct {
|
||||
gcm
|
||||
bytesProductTable [256]byte
|
||||
|
52
sm9/sm9.go
52
sm9/sm9.go
@ -3,7 +3,7 @@ package sm9
|
||||
|
||||
import (
|
||||
"crypto"
|
||||
goSubtle "crypto/subtle"
|
||||
"crypto/subtle"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"fmt"
|
||||
@ -87,27 +87,6 @@ func randFieldElement(rand io.Reader) (k *big.Int, err error) {
|
||||
return
|
||||
}
|
||||
|
||||
// Pair generate the basepoint once
|
||||
func (pub *SignMasterPublicKey) Pair() *bn256.GT {
|
||||
pub.pairOnce.Do(func() {
|
||||
pub.basePoint = bn256.Pair(bn256.Gen1, pub.MasterPublicKey)
|
||||
})
|
||||
return pub.basePoint
|
||||
}
|
||||
|
||||
func (pub *SignMasterPublicKey) generatorTable() *[32 * 2]bn256.GTFieldTable {
|
||||
pub.tableGenOnce.Do(func() {
|
||||
pub.table = bn256.GenerateGTFieldTable(pub.Pair())
|
||||
})
|
||||
return pub.table
|
||||
}
|
||||
|
||||
// ScalarBaseMult compute basepoint^r with precomputed table
|
||||
func (pub *SignMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT {
|
||||
tables := pub.generatorTable()
|
||||
return bn256.ScalarBaseMultGT(tables, r)
|
||||
}
|
||||
|
||||
// Sign signs a hash (which should be the result of hashing a larger message)
|
||||
// using the user dsa key. It returns the signature as a pair of h and s.
|
||||
func Sign(rand io.Reader, priv *SignPrivateKey, hash []byte) (h *big.Int, s *bn256.G1, err error) {
|
||||
@ -227,27 +206,6 @@ func (pub *SignMasterPublicKey) Verify(uid []byte, hid byte, hash, sig []byte) b
|
||||
return VerifyASN1(pub, uid, hid, hash, sig)
|
||||
}
|
||||
|
||||
// Pair generate the basepoint once
|
||||
func (pub *EncryptMasterPublicKey) Pair() *bn256.GT {
|
||||
pub.pairOnce.Do(func() {
|
||||
pub.basePoint = bn256.Pair(pub.MasterPublicKey, bn256.Gen2)
|
||||
})
|
||||
return pub.basePoint
|
||||
}
|
||||
|
||||
func (pub *EncryptMasterPublicKey) generatorTable() *[32 * 2]bn256.GTFieldTable {
|
||||
pub.tableGenOnce.Do(func() {
|
||||
pub.table = bn256.GenerateGTFieldTable(pub.Pair())
|
||||
})
|
||||
return pub.table
|
||||
}
|
||||
|
||||
// ScalarBaseMult compute basepoint^r with precomputed table
|
||||
func (pub *EncryptMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT {
|
||||
tables := pub.generatorTable()
|
||||
return bn256.ScalarBaseMultGT(tables, r)
|
||||
}
|
||||
|
||||
// WrapKey generate and wrap key with reciever's uid and system hid
|
||||
func WrapKey(rand io.Reader, pub *EncryptMasterPublicKey, uid []byte, hid byte, kLen int) (key []byte, cipher *bn256.G1, err error) {
|
||||
q := pub.GenerateUserPublicKey(uid, hid)
|
||||
@ -427,7 +385,7 @@ func Decrypt(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error) {
|
||||
hash.Write(key[len(c2):])
|
||||
c32 := hash.Sum(nil)
|
||||
|
||||
if goSubtle.ConstantTimeCompare(c3[:sm3.Size], c32) != 1 {
|
||||
if subtle.ConstantTimeCompare(c3[:sm3.Size], c32) != 1 {
|
||||
return nil, errors.New("sm9: invalid mac value")
|
||||
}
|
||||
|
||||
@ -479,7 +437,7 @@ func DecryptASN1(priv *EncryptPrivateKey, uid, ciphertext []byte) ([]byte, error
|
||||
hash.Write(key[len(c2Bytes):])
|
||||
c32 := hash.Sum(nil)
|
||||
|
||||
if goSubtle.ConstantTimeCompare(c3Bytes, c32) != 1 {
|
||||
if subtle.ConstantTimeCompare(c3Bytes, c32) != 1 {
|
||||
return nil, errors.New("sm9: invalid mac value")
|
||||
}
|
||||
xor.XorBytes(key, c2Bytes, key[:len(c2Bytes)])
|
||||
@ -639,7 +597,7 @@ func (ke *KeyExchange) ConfirmResponder(rB *bn256.G1, sB []byte) ([]byte, error)
|
||||
// step 6, verify signature
|
||||
if len(sB) > 0 {
|
||||
signature := ke.sign(false, 0x82)
|
||||
if goSubtle.ConstantTimeCompare(signature, sB) != 1 {
|
||||
if subtle.ConstantTimeCompare(signature, sB) != 1 {
|
||||
return nil, errors.New("sm9: verify responder's signature fail")
|
||||
}
|
||||
}
|
||||
@ -651,7 +609,7 @@ func (ke *KeyExchange) ConfirmResponder(rB *bn256.G1, sB []byte) ([]byte, error)
|
||||
// ConfirmInitiator for responder's step B8
|
||||
func (ke *KeyExchange) ConfirmInitiator(s1 []byte) error {
|
||||
buffer := ke.sign(true, 0x83)
|
||||
if goSubtle.ConstantTimeCompare(buffer, s1) != 1 {
|
||||
if subtle.ConstantTimeCompare(buffer, s1) != 1 {
|
||||
return errors.New("sm9: verify initiator's signature fail")
|
||||
}
|
||||
return nil
|
||||
|
@ -112,6 +112,28 @@ func (master *SignMasterPrivateKey) Public() *SignMasterPublicKey {
|
||||
return &master.SignMasterPublicKey
|
||||
}
|
||||
|
||||
// pair generate the basepoint once
|
||||
func (pub *SignMasterPublicKey) pair() *bn256.GT {
|
||||
pub.pairOnce.Do(func() {
|
||||
pub.basePoint = bn256.Pair(bn256.Gen1, pub.MasterPublicKey)
|
||||
})
|
||||
return pub.basePoint
|
||||
}
|
||||
|
||||
func (pub *SignMasterPublicKey) generatorTable() *[32 * 2]bn256.GTFieldTable {
|
||||
pub.tableGenOnce.Do(func() {
|
||||
pub.table = bn256.GenerateGTFieldTable(pub.pair())
|
||||
})
|
||||
return pub.table
|
||||
}
|
||||
|
||||
// ScalarBaseMult compute basepoint^r with precomputed table
|
||||
// The base point = pair(Gen1, <master public key>)
|
||||
func (pub *SignMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT {
|
||||
tables := pub.generatorTable()
|
||||
return bn256.ScalarBaseMultGT(tables, r)
|
||||
}
|
||||
|
||||
// GenerateUserPublicKey generate user sign public key
|
||||
func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G2 {
|
||||
var buffer []byte
|
||||
@ -280,6 +302,28 @@ func (master *EncryptMasterPrivateKey) UnmarshalASN1(der []byte) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// pair generate the basepoint once
|
||||
func (pub *EncryptMasterPublicKey) pair() *bn256.GT {
|
||||
pub.pairOnce.Do(func() {
|
||||
pub.basePoint = bn256.Pair(pub.MasterPublicKey, bn256.Gen2)
|
||||
})
|
||||
return pub.basePoint
|
||||
}
|
||||
|
||||
func (pub *EncryptMasterPublicKey) generatorTable() *[32 * 2]bn256.GTFieldTable {
|
||||
pub.tableGenOnce.Do(func() {
|
||||
pub.table = bn256.GenerateGTFieldTable(pub.pair())
|
||||
})
|
||||
return pub.table
|
||||
}
|
||||
|
||||
// ScalarBaseMult compute basepoint^r with precomputed table.
|
||||
// The base point = pair(<master public key>, Gen2)
|
||||
func (pub *EncryptMasterPublicKey) ScalarBaseMult(r *big.Int) *bn256.GT {
|
||||
tables := pub.generatorTable()
|
||||
return bn256.ScalarBaseMultGT(tables, r)
|
||||
}
|
||||
|
||||
// GenerateUserPublicKey generate user encrypt public key
|
||||
func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G1 {
|
||||
var buffer []byte
|
||||
|
@ -82,6 +82,7 @@ func (m *ZUC128Mac) BlockSize() int {
|
||||
return chunk
|
||||
}
|
||||
|
||||
// Reset resets the Hash to its initial state.
|
||||
func (m *ZUC128Mac) Reset() {
|
||||
m.t = 0
|
||||
m.nx = 0
|
||||
|
@ -73,6 +73,7 @@ func (m *ZUC256Mac) BlockSize() int {
|
||||
return chunk
|
||||
}
|
||||
|
||||
// Reset resets the Hash to its initial state.
|
||||
func (m *ZUC256Mac) Reset() {
|
||||
m.nx = 0
|
||||
m.len = 0
|
||||
|
Loading…
x
Reference in New Issue
Block a user