GM-Standards SM2/SM3/SM4/SM9/ZUC for Go
Packages
-
SM2 - This is a SM2 sm2p256v1 implementation whose performance is similar like golang native NIST P256 under amd64 and arm64, for implementation detail, please refer SM2实现细节. It supports ShangMi sm2 digital signature, public key encryption algorithm and also key exchange.
-
SM3 - This is also a SM3 implementation whose performance is similar like golang native SHA 256 with SIMD under amd64, for implementation detail, please refer SM3性能优化. It also provides A64 cryptographic instructions SM3 tested with QEMU.
-
SM4 - For SM4 implementation, SIMD & AES-NI are used under amd64 and arm64, for detail please refer SM4性能优化, it supports ECB/CBC/CFB/OFB/CTR/GCM/CCM/XTS modes. It also provides A64 cryptographic instructions SM4 tested with QEMU.
-
SM9 - For SM9 implementation, please reference SM9实现及优化
-
ZUC - For ZUC implementation, SIMD, AES-NI and CLMUL are used under amd64 and arm64, for detail please refer Efficient Software Implementations of ZUC
-
CFCA - some cfca specific implementations.
-
CIPHER - ECB/CCM/XTS cipher modes.
-
SMX509 - a fork of golang X509 that supports ShangMi.
-
PKCS7 - a fork of mozilla-services/pkcs7 that supports ShangMi.
-
PKCS8 - a fork of youmark/pkcs8 that supports ShangMi.
-
ECDH - a similar implementation of golang ECDH that supports SM2 ECDH & SM2MQV without usage of big.Int, a replacement of SM2 key exchange. For detail, pleaes refer is my code constant time?
-
DRBG - Random Number Generation Using Deterministic Random Bit Generators, for detail, please reference NIST Special Publication 800-90A and GM/T 0105-2021: CTR-DRBG using derivation function and HASH-DRBG. NIST related implementations are tested with part of NIST provided test vectors. It's NOT concurrent safe! You can also use randomness tool to check the generated random bits.
Some Related Projects
- TLCP - An implementation of GB/T 38636-2020 Information security technology Transport Layer Cryptography Protocol (TLCP).
- PKCS12 - pkcs12 supports ShangMi, a fork of SSLMate/go-pkcs12.
- MKSMCERT - A simple tool for making locally-trusted development ShangMi certificates, a fork of FiloSottile/mkcert.
Disclaimer
Please read disclaimer carefully!