diff --git a/README.md b/README.md index 19e48ae..5d02ed2 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Go语言商用密码软件,简称**GMSM**,一个安全、高性能、易于 - **ZUC** - 祖冲之序列密码算法实现。使用SIMD、AES指令以及无进位乘法指令,分别对**amd64**、**arm64**和**ppc64x**架构做了优化实现, 您也可以参考[ZUC实现及优化](https://github.com/emmansun/gmsm/wiki/Efficient-Software-Implementations-of-ZUC)和相关代码,以获得更多实现细节。ZUC包实现了基于祖冲之序列密码算法的机密性算法、128/256位完整性算法。 - **CBCMAC** - 符合《GB/T 15852.1-2020 采用分组密码的机制》的消息鉴别码。 -- **CFCA** - CFCA(中金)特定实现,目前实现的是SM2私钥、证书封装处理,对应SADK中的**PKCS12_SM2**。 +- **CFCA** - CFCA(中金)特定实现,目前实现的是SM2私钥、证书封装处理,对应SADK中的**PKCS12_SM2**;信封加密、签名;CSR生成及返回私钥解密、解析等功能。 - **CIPHER** - ECB/CCM/XTS/HCTR/BC/OFBNLF加密模式实现。XTS模式同时支持NIST规范和国标 **GB/T 17964-2021**。当前的XTS模式由于实现了BlockMode,其结构包含一个tweak数组,所以其**不支持并发使用**。**分组链接(BC)模式**和**带非线性函数的输出反馈(OFBNLF)模式**为分组密码算法的工作模式标准**GB/T 17964**的遗留模式,**带泛杂凑函数的计数器(HCTR)模式**是**GB/T 17964-2021**中的新增模式。分组链接(BC)模式和CBC模式类似;而带非线性函数的输出反馈(OFBNLF)模式的话,从软件实现的角度来看,基本没有性能优化的空间。 diff --git a/sm9/sm9.go b/sm9/sm9.go index e69a822..6fb2aa0 100644 --- a/sm9/sm9.go +++ b/sm9/sm9.go @@ -162,8 +162,7 @@ func SignASN1(rand io.Reader, priv *SignPrivateKey, hash []byte) ([]byte, error) } var buffer []byte - buffer = append(buffer, hash...) - buffer = append(buffer, w.Marshal()...) + buffer = append(append(buffer, hash...), w.Marshal()...) hNat = hashH2(buffer) r.Sub(hNat, orderNat) @@ -266,8 +265,7 @@ func VerifyASN1(pub *SignMasterPublicKey, uid []byte, hid byte, hash, sig []byte w := new(bn256.GT).Add(u, t) var buffer []byte - buffer = append(buffer, hash...) - buffer = append(buffer, w.Marshal()...) + buffer = append(append(buffer, hash...), w.Marshal()...) h2 := hashH2(buffer) return h2.Equal(hNat) == 1 diff --git a/sm9/sm9_key.go b/sm9/sm9_key.go index 1d8b7db..8719753 100644 --- a/sm9/sm9_key.go +++ b/sm9/sm9_key.go @@ -95,7 +95,7 @@ func (master *SignMasterPrivateKey) UnmarshalASN1(der []byte) error { !inner.ReadASN1Integer(d) { return errors.New("sm9: invalid sign master private key asn1 data") } - // Just parse it, did't validate it + // Just parse it, didn't validate it if !inner.Empty() && (!inner.ReadASN1BitStringAsBytes(&pubBytes) || !inner.Empty()) { return errors.New("sm9: invalid sign master public key asn1 data") } @@ -115,8 +115,7 @@ func (master *SignMasterPrivateKey) UnmarshalASN1(der []byte) error { // GenerateUserKey generate an user dsa key. func (master *SignMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*SignPrivateKey, error) { var id []byte - id = append(id, uid...) - id = append(id, hid) + id = append(append(id, uid...), hid) t1Nat := hashH1(id) @@ -174,8 +173,7 @@ func (pub *SignMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, error) // GenerateUserPublicKey generate user sign public key func (pub *SignMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G2 { var buffer []byte - buffer = append(buffer, uid...) - buffer = append(buffer, hid) + buffer = append(append(buffer, uid...), hid) h1 := hashH1(buffer) p, err := new(bn256.G2).ScalarBaseMult(h1.Bytes(orderNat)) if err != nil { @@ -371,8 +369,7 @@ func GenerateEncryptMasterKey(rand io.Reader) (*EncryptMasterPrivateKey, error) // GenerateUserKey generate an user key for encryption. func (master *EncryptMasterPrivateKey) GenerateUserKey(uid []byte, hid byte) (*EncryptPrivateKey, error) { var id []byte - id = append(id, uid...) - id = append(id, hid) + id = append(append(id, uid...), hid) t1Nat := hashH1(id) @@ -467,8 +464,7 @@ func (pub *EncryptMasterPublicKey) ScalarBaseMult(scalar []byte) (*bn256.GT, err // GenerateUserPublicKey generate user encrypt public key func (pub *EncryptMasterPublicKey) GenerateUserPublicKey(uid []byte, hid byte) *bn256.G1 { var buffer []byte - buffer = append(buffer, uid...) - buffer = append(buffer, hid) + buffer = append(append(buffer, uid...), hid) h1 := hashH1(buffer) p, err := new(bn256.G1).ScalarBaseMult(h1.Bytes(orderNat)) if err != nil {