gm-crypto

A pure JavaScript implementation of GM/T series(sm2,sm3,sm4) cryptographic algorithms compatible with Node.js and browsers, with type declaration files support.

• GM/T0003-2012《SM2 public key cryptographic algorithm based on elliptic curves》
• GM/T0004-2012《SM3 cryptographic hash algorithm》
• GM/T0002-2012《SM4 block cipher algorithm》(also aliased as SMS4)

Quick Start

Install

Using npm:

$ npm install gm-crypto

Using yarn:

$ yarn add gm-crypto

Basic Usage

SM2

Public Key Cryptographic Algorithm Based on Elliptic Curves.

const { SM2 } = require('gm-crypto')

const { publicKey, privateKey } = SM2.generateKeyPair()
const originalData = 'SM2 椭圆曲线公钥密码算法'

const encryptedData = SM2.encrypt(originalData, publicKey, {
  inputEncoding: 'utf8',
  outputEncoding: 'base64'
})

const decryptedData = SM2.decrypt(encryptedData, privateKey, {
  inputEncoding: 'base64',
  outputEncoding: 'utf8'
})

SM3

Cryptographic Hash Algorithm.

const { SM3 } = require('gm-crypto')

console.log(SM3.digest('abc'))
console.log(SM3.digest('YWJj', 'base64'))
console.log(SM3.digest('616263', 'hex', 'base64'))

SM4

Block Cipher Algorithm.

const { SM4 } = require('gm-crypto')

const key = '0123456789abcdeffedcba9876543210' // Any string of 32 hexadecimal digits
const originalData = 'SM4 国标对称加密'

/**
 * Block cipher modes:
 * - ECB: electronic codebook
 * - CBC: cipher block chaining
 */

let encryptedData, decryptedData

// ECB
encryptedData = SM4.encrypt(originalData, key, {
  inputEncoding: 'utf8',
  outputEncoding: 'base64'
})
decryptedData = SM4.decrypt(encryptedData, key, {
  inputEncoding: 'base64',
  outputEncoding: 'utf8'
})

// CBC
const iv = '0123456789abcdeffedcba9876543210' // Initialization vector(any string of 32 hexadecimal digits)
encryptedData = SM4.encrypt(originalData, key, {
  iv: iv,
  mode: SM4.constants.CBC,
  inputEncoding: 'utf8',
  outputEncoding: 'hex'
})
decryptedData = SM4.decrypt(encryptedData, key, {
  iv: iv,
  mode: SM4.constants.CBC,
  inputEncoding: 'hex',
  outputEncoding: 'utf8'
})

API

• SM2

- .generateKeyPair() ⇒ object - .encrypt(data, key, options ⇒ string | ArrayBuffer - .decrypt(data, key, options) ⇒ string | ArrayBuffer

• SM3

- .digest(data, inputEncoding, outputEncoding) ⇒ string | ArrayBuffer

• SM4

- .encrypt(data, key, options) ⇒ string | ArrayBuffer - .decrypt(data, key, options) ⇒ string | ArrayBuffer

SM2.generateKeyPair()

Generates a new asymmetric key pair.

SM2.encrypt(data, key, options)

Encrypt data.
| Param | Type | Default | Description | | ---------------------- | --------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | data | string\|ArrayBuffer\|Buffer | | Plain message | | key | string | | Public key generated by SM2.generateKeyPair() | | options | object | | Options | | options.mode | C1C3C2 \| C1C2C3 | C1C3C2 | Concatenation mode | | options.inputEncoding | string | "utf8" | The encoding of the plain data string,if data is not a string then inputEncoding is ignored. | | options.outputEncoding | string | | If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned. | | options.pc | boolean | false | Includes PC mark as first byte |

SM2.decrypt(data, key, options)

Decrypt data.
| Param | Type | Default | Description | | ---------------------- | --------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | data | string\|ArrayBuffer\|Buffer | | Ciphered data | | key | string | | Private key generated by SM2.generateKeyPair() | | options.mode | C1C3C2 \| C1C2C3 | C1C3C2 | Concatenation mode | | options.inputEncoding | string | | The encoding of the plain data string,if data is not a string then inputEncoding is ignored. | | options.outputEncoding | string | | If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned. | | options.pc | boolean | false | Includes PC mark as first byte |

SM3.digest(data, inputEncoding, outputEncoding)

Calculates the digest.
| Param | Type | Default | Description | | -------------- | --------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | data | string\|ArrayBuffer\|Buffer | | Data message | | inputEncoding | string | "utf8" | The encoding of the data string, if data is not a string then inputEncoding is ignored. | | outputEncoding | string | | If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned. |

SM4.encrypt(data, key, options)

Encrypt data.
| Param | Type | Default | Description | | ---------------------- | --------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | data | string\|ArrayBuffer\|Buffer | | Plain message | | key | string | | Cipher key(any string of 32 hexadecimal digits) | | options | object | | Options | | options.mode | ECB \| CBC | ECB | Block cipher mode | | options.iv | string | | Initialization vector(any string of 32 hexadecimal digits) | | options.inputEncoding | string | "utf8" | The encoding of the plain data string,if data is not a string then inputEncoding is ignored. | | options.outputEncoding | string | | If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned. |

SM4.decrypt(data, key, options)

Decrypt data.
| Param | Type | Default | Description | | ---------------------- | --------------------------------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | data | string\|ArrayBuffer\|Buffer | | Ciphered data | | key | string | | Cipher key(any string of 32 hexadecimal digits) | | options | object | | Options | | options.mode | ECB \| CBC | ECB | Block cipher mode | | options.iv | string | | Initialization vector(any string of 32 hexadecimal digits) | | options.inputEncoding | string | | The encoding of the plain data string,if data is not a string then inputEncoding is ignored. | | options.outputEncoding | string | | If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned. |